Revision 1804
Added by Dietmar about 12 years ago
| users.php | ||
|---|---|---|
| 13 | 13 |
* @filesource $HeadURL$ |
| 14 | 14 |
* @lastmodified $Date$ |
| 15 | 15 |
* |
| 16 |
*/ |
|
| 16 |
*/
|
|
| 17 | 17 |
|
| 18 | 18 |
// Include config file and admin class file |
| 19 |
require('../../config.php');
|
|
| 20 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 21 | 19 |
|
| 20 |
$config_file = realpath('../../config.php');
|
|
| 21 |
if(file_exists($config_file) && !defined('WB_URL'))
|
|
| 22 |
{
|
|
| 23 |
require_once($config_file); |
|
| 24 |
} |
|
| 25 |
|
|
| 26 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); }
|
|
| 27 |
|
|
| 22 | 28 |
$action = 'cancel'; |
| 23 | 29 |
// Set parameter 'action' as alternative to javascript mechanism |
| 24 | 30 |
$action = (isset($_POST['modify']) ? 'modify' : $action ); |
| 25 | 31 |
$action = (isset($_POST['delete']) ? 'delete' : $action ); |
| 32 |
$action = (isset($_POST['delete_outdated']) ? 'delete_outdated' : $action ); |
|
| 26 | 33 |
|
| 27 | 34 |
switch ($action): |
| 28 | 35 |
case 'modify' : |
| ... | ... | |
| 51 | 58 |
$template->set_block('main_block', 'show_modify_loginname_block', 'show_modify_loginname');
|
| 52 | 59 |
$template->set_block('main_block', 'show_add_loginname_block', 'show_add_loginname');
|
| 53 | 60 |
$template->set_var( array( |
| 54 |
'ACTION_URL' => ADMIN_URL.'/users/save.php', |
|
| 55 |
'SUBMIT_TITLE' => $TEXT['SAVE'], |
|
| 56 |
'USER_ID' => $user['user_id'], |
|
| 57 |
'USERNAME' => $user['username'], |
|
| 58 |
'DISPLAY_NAME' => $user['display_name'], |
|
| 59 |
'EMAIL' => $user['email'], |
|
| 60 |
'ADMIN_URL' => ADMIN_URL, |
|
| 61 |
'WB_URL' => WB_URL, |
|
| 62 |
'THEME_URL' => THEME_URL |
|
| 63 |
) |
|
| 64 |
); |
|
| 61 |
'ACTION_URL' => ADMIN_URL.'/users/save.php', |
|
| 62 |
'SUBMIT_TITLE' => $TEXT['SAVE'], |
|
| 63 |
'USER_ID' => $user['user_id'], |
|
| 64 |
'DISPLAY_EXTRA' => '', |
|
| 65 |
'DISPLAY_HOME_FOLDERS' => '', |
|
| 66 |
'USERNAME' => $user['username'], |
|
| 67 |
'DISPLAY_NAME' => $user['display_name'], |
|
| 68 |
'EMAIL' => $user['email'], |
|
| 69 |
'ADMIN_URL' => ADMIN_URL, |
|
| 70 |
'WB_URL' => WB_URL, |
|
| 71 |
'THEME_URL' => THEME_URL |
|
| 72 |
) |
|
| 73 |
); |
|
| 65 | 74 |
|
| 66 | 75 |
$template->set_var('FTAN', $admin->getFTAN());
|
| 67 | 76 |
if($user['active'] == 1) {
|
| 77 |
$template->set_var('DISABLED_CHECKED', '');
|
|
| 68 | 78 |
$template->set_var('ACTIVE_CHECKED', ' checked="checked"');
|
| 69 | 79 |
} else {
|
| 80 |
$template->set_var('ACTIVE_CHECKED', '');
|
|
| 70 | 81 |
$template->set_var('DISABLED_CHECKED', ' checked="checked"');
|
| 71 | 82 |
} |
| 72 | 83 |
// Add groups to list |
| ... | ... | |
| 184 | 195 |
case 'delete' : |
| 185 | 196 |
// Print header |
| 186 | 197 |
$admin = new admin('Access', 'users_delete');
|
| 198 |
|
|
| 187 | 199 |
$user_id = intval($admin->checkIDKEY('user_id', 0, $_SERVER['REQUEST_METHOD']));
|
| 188 | 200 |
// Check if user id is a valid number and doesnt equal 1 |
| 201 |
|
|
| 189 | 202 |
if($user_id == 0){
|
| 190 | 203 |
$admin->print_error($MESSAGE['GENERIC_FORGOT_OPTIONS'] ); |
| 191 | 204 |
} |
| ... | ... | |
| 211 | 224 |
// Print admin footer |
| 212 | 225 |
$admin->print_footer(); |
| 213 | 226 |
break; |
| 227 |
case 'delete_outdated' : |
|
| 228 |
$admin = new admin('Access', 'users_delete');
|
|
| 229 |
|
|
| 230 |
$user_id = intval($admin->checkIDKEY('user_id_activation_id', 0, $_SERVER['REQUEST_METHOD']));
|
|
| 231 |
// Check if user id is a valid number and doesnt equal 1 |
|
| 232 |
if($user_id == 0){
|
|
| 233 |
$admin->print_error($MESSAGE['GENERIC_FORGOT_OPTIONS'] ); |
|
| 234 |
} |
|
| 235 |
if( ($user_id < 2 ) ) |
|
| 236 |
{
|
|
| 237 |
// if($admin_header) { $admin->print_header(); }
|
|
| 238 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
| 239 |
} |
|
| 240 |
$database->query("DELETE FROM `".TABLE_PREFIX."users` WHERE `user_id` = ".$user_id);
|
|
| 241 |
if($database->is_error()) {
|
|
| 242 |
$admin->print_error($database->get_error()); |
|
| 243 |
} else {
|
|
| 244 |
$admin->print_success($MESSAGE['USERS_DELETED']); |
|
| 245 |
} |
|
| 246 |
// Print admin footer |
|
| 247 |
$admin->print_footer(); |
|
| 248 |
|
|
| 249 |
|
|
| 250 |
break; |
|
| 214 | 251 |
default: |
| 215 | 252 |
break; |
| 216 | 253 |
endswitch; |
Also available in: Unified diff
! add delete Outdated Confirmations in backend
! show waiting Activations if exists in user management
! security fixes in admin/preferences/
! update form modul, change text "unknown#" to "Guest"
in view_submission and emailheader email_fromname