/trunk/admin/users/users.php - Annotate - WB 2.11.0 - Tracking

2

Manuela

<?php

2

/**

3

4

 * @category        admin

5

 * @package         users

6

 * @author          WebsiteBaker Project

7

 * @copyright       Ryan Djurovich

8

 * @copyright       WebsiteBaker Org. e.V.

9

 * @link            http://websitebaker.org/

10

 * @license         http://www.gnu.org/licenses/gpl.html

11

 * @platform        WebsiteBaker 2.8.3

12

 * @requirements    PHP 5.3.6 and higher

13

 * @version         $Id$

14

 * @filesource      $HeadURL$

15

 * @lastmodified    $Date$

16

17

*/

18

19

 // Include config file and admin class file

20

if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }

21

if ( !class_exists('admin', false) ) { require(WB_PATH.'/framework/class.admin.php'); }

22

23

$action = 'cancel';

24

// Set parameter 'action' as alternative to javascript mechanism

25

$action = (isset($_POST['modify']) ? 'modify' : $action );

26

$action = (isset($_POST['delete']) ? 'delete' : $action );

27

28

$oTrans = Translate::getInstance();

29

$oTrans->enableAddon(ADMIN_DIRECTORY.'\\users');

30

/*

31

print '<pre  class="mod-pre rounded">function <span>'.__FUNCTION__.'( '.''.' );</span>  filename: <span>'.basename(__FILE__).'</span>  line: '.__LINE__.' -> <br />';

32

print_r( $oTrans ); print '</pre>'; flush (); //  ob_flush();;sleep(10); die();

33

*/

34

35

switch ($action):

36

    case 'modify' :

37

            // Print header

38

            $admin = new admin('Access', 'users_modify');

39

            $user_id = intval($admin->checkIDKEY('user_id', 0, $_SERVER['REQUEST_METHOD']));

40

            // Check if user id is a valid number and doesnt equal 1

41

            if($user_id == 0){

42

            $admin->print_error($oTrans->MESSAGE_GENERIC_FORGOT_OPTIONS );

43

44

            if( ($user_id < 2 ) )

45

46

                // if($admin_header) { $admin->print_header(); }

47

                $admin->print_error($oTrans->MESSAGE_GENERIC_SECURITY_ACCESS, ADMIN_URL );

48

49

            // Get existing values

50

51

            $sql  = 'SELECT * FROM `'.TABLE_PREFIX.'users` ' ;

52

            $sql .= 'WHERE user_id != 1 ';

53

            $sql .=   'AND user_id = '.$user_id.' ';

54

55

            $results = $database->query($sql);

56

57

            $user = $results->fetchRow(MYSQLI_ASSOC);

58

            // Setup template object, parse vars to it, then parse it

59

            // Create new template object

60

            $template = new Template(dirname($admin->correct_theme_source('users_form.htt')), 'remove');

61

            // $template->debug = true;

62

            $template->set_file('page', 'users_form.htt');

63

            $template->set_block('page', 'main_block', 'main');

64

            $template->set_block('main_block', 'user_add_block', 'user_add');

65

66

            $template->set_var(array(

67

                                'ACTION_URL' => ADMIN_URL.'/users/save.php',

68

                                'SUBMIT_TITLE' => $oTrans->TEXT_SAVE,

69

                                'USER_ID' => $user['user_id'],

70

                                'USERNAME' => $user['username'],

71

                                'DISPLAY_NAME' => $user['display_name'],

72

                                'EMAIL' => $user['email'],

73

                                'ADMIN_URL' => ADMIN_URL,

74

                                'WB_URL' => WB_URL,

75

                                'THEME_URL' => THEME_URL

76

77

);

78

79

            $template->set_var('FTAN', $admin->getFTAN());

80

            $template->set_var('READONLY', 'readonly="readonly"' );

81

            if($user['active'] == 1) {

82

                $template->set_var('ACTIVE_CHECKED', ' checked="checked"');

83

            } else {

84

                $template->set_var('DISABLED_CHECKED', ' checked="checked"');

85

86

            // Add groups to list

87

            $template->set_block('main_block', 'group_list_block', 'group_list');

88

            $sql  = 'SELECT `group_id`, `name` FROM `'.TABLE_PREFIX.'groups` '

89

                  . 'WHERE `group_id` != 1 '

90

                  . 'ORDER BY `name`';

91

            $results = $database->query($sql);

92

            if ($database->query($sql))

93

94

                $template->set_var('ID', '');

95

                $template->set_var('NAME', $oTrans->TEXT_PLEASE_SELECT.'...');

96

                $template->set_var('SELECTED', '');

97

                $template->parse('group_list', 'group_list_block', true);

98

                while($group = $results->fetchRow(MYSQLI_ASSOC))

99

100

                    $template->set_var('ID', $group['group_id']);

101

                    $template->set_var('NAME', $group['name']);

102

                    $template->set_var('SELECTED', '');

103

                    if ($admin->is_group_match($group['group_id'], $user['groups_id']))

104

105

                        $template->set_var('SELECTED', ' selected="selected"');

106

107

                    $template->parse('group_list', 'group_list_block', true);

            // Only allow the user to add a user to the Administrators group if they belong to it

112

            if ($admin->ami_group_member('1'))

113

114

                $template->set_var('ID', '1');

115

                $users_groups = $admin->get_groups_name();

116

                $template->set_var('NAME', $users_groups[1]);

117

                if ($admin->is_group_match('1', $user['groups_id']))

118

119

                    $template->set_var('SELECTED', ' selected="selected"');

120

                } else {

121

                    $template->set_var('SELECTED', '');

122

123

                $template->parse('group_list', 'group_list_block', true);

124

            } else {

125

                if($results->numRows() == 0)

126

127

                    $template->set_var('ID', '');

128

                    $template->set_var('NAME', $oTrans->TEXT_NONE_FOUND);

129

                    $template->set_var('SELECTED', ' selected="selected"');

130

                    $template->parse('group_list', 'group_list_block', true);

            // Generate username field name

135

            $username_fieldname = 'username_';

136

            $salt = "abchefghjkmnpqrstuvwxyz0123456789";

137

            srand((double)microtime()*1000000);

138

            $i = 0;

139

            while ($i <= 7) {

140

                $num = rand() % 33;

141

                $tmp = substr($salt, $num, 1);

142

                $username_fieldname = $username_fieldname . $tmp;

143

                $i++;

144

145

146

            // Work-out if home folder should be shown

147

            if(!HOME_FOLDERS) {

148

                $template->set_var('DISPLAY_HOME_FOLDERS', 'display:none;');

149

150

151

            // Include the WB functions file

152

            require_once(WB_PATH.'/framework/functions.php');

153

154

            // Add media folders to home folder list

155

            $template->set_block('main_block', 'folder_list_block', 'folder_list');

156

            foreach(directory_list(WB_PATH.MEDIA_DIRECTORY) AS $name)

157

158

                $template->set_var('NAME', str_replace(WB_PATH, '', $name));

159

                $template->set_var('FOLDER', str_replace(WB_PATH.MEDIA_DIRECTORY, '', $name));

160

                if($user['home_folder'] == str_replace(WB_PATH.MEDIA_DIRECTORY, '', $name)) {

161

                    $template->set_var('SELECTED', ' selected="selected"');

162

                } else {

163

                    $template->set_var('SELECTED', ' ');

164

165

                $template->parse('folder_list', 'folder_list_block', true);

166

167

168

            // Insert language text and messages

169

            $template->set_var(array(

170

                                'TEXT_RESET' => $oTrans->TEXT_RESET,

171

                                'TEXT_CANCEL' => $oTrans->TEXT_CANCEL,

172

                                'TEXT_ACTIVE' => $oTrans->TEXT_ACTIVE,

173

                                'TEXT_DISABLED' => $oTrans->TEXT_DISABLED,

174

                                'TEXT_PLEASE_SELECT' => $oTrans->TEXT_PLEASE_SELECT,

175

                                'TEXT_USERNAME' => $oTrans->TEXT_USERNAME,

176

                                'TEXT_PASSWORD' => $oTrans->TEXT_PASSWORD,

177

                                'TEXT_RETYPE_PASSWORD' => $oTrans->TEXT_RETYPE_PASSWORD,

178

                                'TEXT_DISPLAY_NAME' => $oTrans->TEXT_DISPLAY_NAME,

179

                                'TEXT_EMAIL' => $oTrans->TEXT_EMAIL,

180

                                'TEXT_GROUP' => $oTrans->TEXT_GROUP,

181

                                'TEXT_NONE' => $oTrans->TEXT_NONE,

182

                                'TEXT_HOME_FOLDER' => $oTrans->TEXT_HOME_FOLDER,

183

                                'USERNAME_FIELDNAME' => $username_fieldname,

184

                                'CHANGING_PASSWORD' => $oTrans->MESSAGE_USERS_CHANGING_PASSWORD,

185

                                'HEADING_MODIFY_USER' => $oTrans->HEADING_MODIFY_USER,

186

                                'CANCEL_LINK' => ADMIN_URL.'/users/index.php',

187

188

);

189

190

            $template->set_block( 'user_add_block', '');

191

            // Parse template object

192

            $template->parse('main', 'main_block', false);

193

            $template->pparse('output', 'page');

194

            // Print admin footer

195

            $admin->print_footer();

196

            break;

197

        case 'delete' :

198

            // Print header

199

            $admin = new admin('Access', 'users_delete');

200

            $user_id = intval($admin->checkIDKEY('user_id', 0, $_SERVER['REQUEST_METHOD']));

201

            // Check if user id is a valid number and doesnt equal 1

202

            if($user_id == 0){

203

            $admin->print_error($oTrans->MESSAGE_GENERIC_FORGOT_OPTIONS );

204

205

            if( ($user_id < 2 ) )

206

207

                // if($admin_header) { $admin->print_header(); }

208

                $admin->print_error($oTrans->MESSAGE_GENERIC_SECURITY_ACCESS, ADMIN_URL  );

209

210

            $sql  = 'SELECT `active` FROM `'.TABLE_PREFIX.'users` ';

211

            $sql .= 'WHERE `user_id` = '.$user_id.'';

212

            if( ($iDeleteUser = $database->get_one($sql)) == 1 ) {

213

                $sMessage = $oTrans->MESSAGE_USERS_DEACTIVATED;

214

                // Delete the user

215

                $database->query("UPDATE `".TABLE_PREFIX."users` SET `active` = 0 WHERE `user_id` = '".$user_id."' ");

216

            } else {

217

                $sMessage = $oTrans->MESSAGE_USERS_DELETED;

218

                $database->query("DELETE FROM `".TABLE_PREFIX."users` WHERE `user_id` = ".$user_id);

219

220

221

            if($database->is_error()) {

222

                $admin->print_error($database->get_error());

223

            } else {

224

                $admin->print_success($sMessage);

225

226

            // Print admin footer

227

            $admin->print_footer();

228

            break;

229

    default:

230

            break;

231

endswitch;

Project

General

Profile

WB 2.11.0

Project

General

Profile

WB 2.11.0

wb-2_10_x/trunk/admin/users/users.php @ 19