From a53dfb3e504de62b010a4f545c7d5f190f25c08e Mon Sep 17 00:00:00 2001
From: Sylvain Berfini <sylvain.berfini@belledonne-communications.com>
Date: Tue, 20 Aug 2019 16:06:55 +0200
Subject: [PATCH] Added method to update account's user info

---
 src/objects/user_info.php |  4 ++-
 src/xmlrpc/user_info.php  | 62 +++++++++++++++++++++++++++++++++++++--
 src/xmlrpc/xmlrpc.php     |  3 ++
 3 files changed, 65 insertions(+), 4 deletions(-)

diff --git a/src/objects/user_info.php b/src/objects/user_info.php
index cb7952d..3d46364 100644
--- a/src/objects/user_info.php
+++ b/src/objects/user_info.php
@@ -134,7 +134,7 @@ class UserInfo {
     }
 
     function update() {
-        $query = "UPDATE " . USER_INFO_DB_TABLE . " SET firstname=:firstname, lastname=:lastname, subscribe=:subscribe";
+        $query = "UPDATE " . USER_INFO_DB_TABLE . " SET firstname=:firstname, lastname=:lastname, subscribe=:subscribe, gender=:gender";
 
         $query = $query . " WHERE id=:id";
 
@@ -144,11 +144,13 @@ class UserInfo {
         $this->id = htmlspecialchars(strip_tags($this->id));
         $this->firstname = htmlspecialchars(strip_tags($this->firstname));
         $this->lastname = htmlspecialchars(strip_tags($this->lastname));
+        $this->gender = htmlspecialchars(strip_tags($this->gender));
         $this->subscribe = htmlspecialchars(strip_tags($this->subscribe));
 
         $stmt->bindParam(":firstname", $this->firstname);
         $stmt->bindParam(":lastname", $this->lastname);
         $stmt->bindParam(":subscribe", $this->subscribe);
+        $stmt->bindParam(":gender", $this->gender);
         $stmt->bindParam(":id", $this->id);
 
         Logger::getInstance()->debug("Updating " . (string)$this);
diff --git a/src/xmlrpc/user_info.php b/src/xmlrpc/user_info.php
index afed5dc..380a633 100644
--- a/src/xmlrpc/user_info.php
+++ b/src/xmlrpc/user_info.php
@@ -63,7 +63,7 @@ function xmlrpc_get_email_account($method, $args) {
 
 	$user_info = new UserInfo($db);
 	$user_info->account_id = $account->id;
-	$user_info->GetOne();
+	$user_info->getOne();
 
 	$result = array(
         "id" => $account->id,
@@ -124,7 +124,7 @@ function xmlrpc_get_phone_account($method, $args) {
 
 	$user_info = new UserInfo($db);
 	$user_info->account_id = $account->id;
-	$user_info->GetOne();
+	$user_info->getOne();
 
 	$result = array(
         "id" => $account->id,
@@ -161,7 +161,7 @@ function xmlrpc_get_account_by_confirmation_key($method, $args) {
 
 	$user_info = new UserInfo($db);
 	$user_info->account_id = $account->id;
-	$user_info->GetOne();
+	$user_info->getOne();
 
 	$result = array(
         "id" => $account->id,
@@ -179,10 +179,66 @@ function xmlrpc_get_account_by_confirmation_key($method, $args) {
 	return $result;
 }
 
+// args = [username, ha1, firstname, lastname, gender, subscribe, [domain], [algo]]
+function xmlrpc_update_account_user_info($method, $args) {
+	$username = $args[0];
+	$ha1 = $args[1];
+	$firstname = $args[2];
+	$lastname = $args[3];
+	$gender = $args[4];
+	$subscribe = $args[5];
+	$domain = get_domain($args[6]);
+	$algo = get_algo($args[7]);
+
+	Logger::getInstance()->message("[XMLRPC] xmlrpc_update_account_user_info(" . $username . ", " . $domain . " : " . $firstname . ", " . $lastname . ", " . $gender . ", " . $subscribe . ")");
+
+	$database = new Database();
+	$db = $database->getConnection();
+
+	$account = new Account($db);
+	$account->username = $username;
+	$account->domain = $domain;
+
+	if (!$account->getOne()) {
+		return ACCOUNT_NOT_FOUND;
+	}
+	
+	$password = new Password($db);
+	$password->account_id = $account->id;
+	$password->algorithm = $algo;
+
+	if (!$password->getOne()) {
+		return PASSWORD_NOT_FOUND;
+	}
+
+	if (!password_match($ha1, $password->password)) {
+		return PASSWORD_DOESNT_MATCH;
+	}
+
+	$user_info = new UserInfo($db);
+	$user_info->account_id = $account->id;
+
+	$update = $user_info->getOne();
+
+	$user_info->firstname = $firstname;
+	$user_info->lastname = $lastname;
+	$user_info->gender = $gender;
+	$user_info->subscribe = $subscribe;
+
+	if ($update) {
+		$user_info->update();
+	} else {
+		$user_info->create();
+	}
+
+	return OK;
+}
+
 function xmlrpc_user_info_register_methods($server) {
 	xmlrpc_server_register_method($server, 'get_email_account', 'xmlrpc_get_email_account'); // args = [username, ha1, [domain], [algo]]
 	xmlrpc_server_register_method($server, 'get_phone_account', 'xmlrpc_get_phone_account'); // args = [tel, ha1, [domain], [algo]]
 	xmlrpc_server_register_method($server, 'get_account_by_confirmation_key', 'xmlrpc_get_account_by_confirmation_key'); // args = [confirmation_key, [algo]]
+	xmlrpc_server_register_method($server, 'update_account_user_info', 'xmlrpc_update_account_user_info'); // args = [username, ha1, firstname, lastname, gender, subscribe, [domain], [algo]]
 }
 
 ?>
\ No newline at end of file
diff --git a/src/xmlrpc/xmlrpc.php b/src/xmlrpc/xmlrpc.php
index 0105c24..14acac2 100644
--- a/src/xmlrpc/xmlrpc.php
+++ b/src/xmlrpc/xmlrpc.php
@@ -63,6 +63,9 @@ if (USE_DIGEST_AUTH) {
 		// compatibility
 		11 => 'create_account',
 		12 => 'create_account_with_useragent',
+
+		// user_info
+		13 => 'get_account_by_confirmation_key',
 	);
 
 	// Get authentication header if there is one