Project

General

Profile

« Previous | Next » 

Revision 1804

Added by Dietmar about 12 years ago

  1. fixed Illegal string offset 'time' in \framework\SecureForm.mtab.php
    ! add delete Outdated Confirmations in backend
    ! show waiting Activations if exists in user management
  2. fixed html validaton errors in user management
    ! security fixes in admin/preferences/
    ! update form modul, change text "unknown#" to "Guest"
    in view_submission and emailheader email_fromname

View differences:

index.php
13 13 
 * @filesource		$HeadURL$
14 14 
 * @lastmodified    $Date$
15 15 
 *
16 
*/
16 
 */
17 17 

  		




  18
  
  
    
require('../../config.php');


  		




  19
  
  
    
require_once(WB_PATH.'/framework/class.admin.php');


  		




  
  18
  
    
$config_file = realpath('../../config.php');


  		




  
  19
  
    
if(file_exists($config_file) && !defined('WB_URL'))


  		




  
  20
  
    
{


  		




  
  21
  
    
	require_once($config_file);


  		




  
  22
  
    
}


  		




  
  23
  
    

  		




  
  24
  
    
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }


  		




  
  25
  
    

  		




  20
  26
  
    
$admin = new admin('Access', 'users');


  		




  21
  27
  
    

  		




  22
  28
  
    
$iUserStatus = 1;


  		




  ......




  34
  40
  
    
$template->set_var('ADMIN_URL', ADMIN_URL);


  		




  35
  41
  
    
$template->set_var('FTAN', $admin->getFTAN());


  		




  36
  42
  
    
$template->set_var('USER_STATUS', $iUserStatus );


  		




  
  43
  
    
$template->set_var('DISPLAY_ADD', '');


  		




  
  44
  
    
$template->set_var('DISPLAY_MODIFY', '');


  		




  
  45
  
    
$template->set_var('DISABLED_CHECKED', '');


  		




  
  46
  
    
$template->set_var('HEADING_MODIFY_USER', '');


  		




  
  47
  
    
$template->set_var('DISPLAY_HOME_FOLDERS', '');


  		




  37
  48
  
    

  		




  38
  49
  
    
$UserStatusActive = 'url('.THEME_URL.'/images/user.png)';


  		




  39
  50
  
    
$UserStatusInactive = 'url('.THEME_URL.'/images/user_red.png)';


  		




  ......




  105
  116
  
    
);


  		




  106
  117
  
    
// Insert language text and messages


  		




  107
  118
  
    
$template->set_var(array(


  		




  
  119
  
    
		'DISPLAY_WAITING_ACTIVATION' => '',


  		




  108
  120
  
    
		'TEXT_MODIFY' => $TEXT['MODIFY'],


  		




  109
  121
  
    
		'TEXT_DELETE' => $TEXT['DELETE'],


  		




  110
  122
  
    
		'TEXT_MANAGE_GROUPS' => ( $admin->get_permission('groups') == true ) ? $TEXT['MANAGE_GROUPS'] : "**",


  		




  111
  123
  
    
		'CONFIRM_DELETE' => (($iUserStatus == 1) ? $TEXT['ARE_YOU_SURE'] : $MESSAGE['USERS_CONFIRM_DELETE'])


  		




  112
  124
  
    
		)


  		




  113
  125
  
    
);


  		




  
  126
  
    

  		




  
  127
  
    
$template->set_block('main_block', 'show_confirmed_activation_block', 'show_confirmed_activation');


  		




  
  128
  
    
if($admin->ami_group_member('1')) {


  		




  
  129
  
    
        $template->set_block('show_confirmed_activation_block', 'list_confirmed_activation_block', 'list_confirmed_activation');


  		




  
  130
  
    
    	$template->set_var('DISPLAY_WAITING_ACTIVATION', 'Users waiting for activation');


  		




  
  131
  
    
		$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'users` ';


  		




  
  132
  
    
		$sql .= 'WHERE `confirm_timeout` != 0 ';


  		




  
  133
  
    
        $sql .=   'AND `active` = 0 ';


  		




  
  134
  
    
        $sql .=   'AND `user_id` != 1 ';


  		




  
  135
  
    
        if( ($oRes = $database->query($sql)) ) {


  		




  
  136
  
    
        	$template->set_var('DISPLAY_DELETE', '');


  		




  
  137
  
    
//        	$template->set_var('NAME', 'User waiting for activation');


  		




  
  138
  
    
//        	$template->set_var('STATUS', '' );


  		




  
  139
  
    
        	// Loop through users


  		




  
  140
  
    
            if($nNumRows = $oRes->numRows()) {


  		




  
  141
  
    
            	while($aUser = $oRes->fetchRow(MYSQL_ASSOC)) {


  		




  
  142
  
    
            		$template->set_var('VALUE',$admin->getIDKEY($aUser['user_id']));


  		




  
  143
  
    
               		$template->set_var('STATUS', '') ;


  		




  
  144
  
    
            		$template->set_var('NAME', $aUser['display_name'].' ('.$aUser['username'].')');


  		




  
  145
  
    
            		$template->parse('list_confirmed_activation', 'list_confirmed_activation_block', true);


  		




  
  146
  
    
            	}


  		




  
  147
  
    
            	$template->parse('show_confirmed_activation', 'show_confirmed_activation_block',true);


  		




  
  148
  
    
            }


  		




  
  149
  
    
        } else { $nNumRows = 0; }


  		




  
  150
  
    

  		




  
  151
  
    
}


  		




  
  152
  
    

  		




  
  153
  
    
if ( $nNumRows == 0){


  		




  
  154
  
    
	$template->parse('show_confirmed_activation', '');


  		




  
  155
  
    
}


  		




  
  156
  
    

  		




  114
  157
  
    
if ( $admin->get_permission('groups') == true ) $template->parse("groups", "manage_groups_block", true);


  		




  115
  158
  
    
// Parse template object


  		




  116
  159
  
    
$template->parse('main', 'main_block', false);


  		




  ......




  126
  169
  
    
$template->set_block('main_block', 'show_add_loginname_block', 'show_add_loginname');


  		




  127
  170
  
    
$template->set_var('DISPLAY_EXTRA', 'display:none;');


  		




  128
  171
  
    
$template->set_var('ACTIVE_CHECKED', ' checked="checked"');


  		




  
  172
  
    

  		




  
  173
  
    
$template->set_var('DISPLAY_ADD', '');


  		




  
  174
  
    
$template->set_var('DISPLAY_MODIFY', '');


  		




  
  175
  
    
$template->set_var('DISABLED_CHECKED', '');


  		




  
  176
  
    
$template->set_var('HEADING_MODIFY_USER', '');


  		




  
  177
  
    
$template->set_var('DISPLAY_HOME_FOLDERS', '');


  		




  129
  178
  
    
$template->set_var('ACTION_URL', ADMIN_URL.'/users/add.php');


  		




  130
  179
  
    
$template->set_var('SUBMIT_TITLE', $TEXT['ADD']);


  		




  131
  180
  
    
$template->set_var('FTAN', $admin->getFTAN());


  		












Also available in:  Unified diff