Revision 2065
Added by Dietmar almost 11 years ago
- /admin/users bugfixes user deactivating and deleting
save.php | ||
---|---|---|
25 | 25 |
|
26 | 26 |
function save_user($admin, &$aActionRequest) |
27 | 27 |
{ |
28 |
global $TEXT, $MESSAGE; |
|
29 | 28 |
// Create a javascript back link |
30 | 29 |
// $js_back = ADMIN_URL.'/users/index.php'; |
31 | 30 |
unset($aActionRequest['save']); |
32 | 31 |
|
33 | 32 |
$aActionRequest['modify']= 'change'; |
34 | 33 |
$database = WbDatabase::getInstance(); |
34 |
$mLang = Translate::getInstance(); |
|
35 | 35 |
$bRetVal = 0; |
36 | 36 |
$iMinPassLength = 6; |
37 | 37 |
|
38 | 38 |
if( !$admin->checkFTAN() ) |
39 | 39 |
{ |
40 |
msgQueue::add($MESSAGE['GENERIC_SECURITY_ACCESS']);
|
|
40 |
msgQueue::add($mLang->MESSAGE_GENERIC_SECURITY_ACCESS);
|
|
41 | 41 |
return $bRetVal; |
42 | 42 |
} |
43 | 43 |
|
44 | 44 |
// Check if user id is a valid number and doesnt equal 1 |
45 | 45 |
if(!isset($aActionRequest['user_id']) OR !is_numeric($aActionRequest['user_id']) OR $aActionRequest['user_id'] == 1) { |
46 |
msgQueue::add('::'.$MESSAGE['GENERIC_NOT_UPGRADED']);
|
|
46 |
msgQueue::add('::'.$mLang->MESSAGE_GENERIC_NOT_UPGRADED);
|
|
47 | 47 |
return $bRetVal; |
48 | 48 |
} else { |
49 | 49 |
$user_id = intval($aActionRequest['user_id']); |
... | ... | |
52 | 52 |
if( ($user_id < 2 ) ) |
53 | 53 |
{ |
54 | 54 |
// if($admin_header) { $admin->print_header(); } |
55 |
msgQueue::add($MESSAGE['GENERIC_SECURITY_OFFENSE']);
|
|
55 |
msgQueue::add($mLang->MESSAGE_GENERIC_SECURITY_OFFENSE);
|
|
56 | 56 |
return $bRetVal; |
57 | 57 |
} |
58 | 58 |
// Get existing values |
... | ... | |
83 | 83 |
|
84 | 84 |
// Check values |
85 | 85 |
if($groups_id == "") { |
86 |
msgQueue::add($MESSAGE['USERS_NO_GROUP']);
|
|
86 |
msgQueue::add($mLang->MESSAGE_USERS_NO_GROUP);
|
|
87 | 87 |
} else { |
88 | 88 |
$aGroups_id = explode(',', $groups_id); |
89 | 89 |
//if user is in administrator-group, get this group else just get the first one |
... | ... | |
93 | 93 |
//$admin->is_group_match($admin->get_groups_id(), '1' ) |
94 | 94 |
if(!preg_match('/^[a-z]{1}[a-z0-9_-]{2,}$/i', $username)) |
95 | 95 |
{ |
96 |
msgQueue::add( $MESSAGE['USERS_NAME_INVALID_CHARS']);
|
|
96 |
msgQueue::add( $mLang->MESSAGE_USERS_NAME_INVALID_CHARS);
|
|
97 | 97 |
} |
98 | 98 |
|
99 | 99 |
if($password != "") { |
100 | 100 |
if(strlen($password) < $iMinPassLength ) { |
101 |
msgQueue::add($MESSAGE['USERS_PASSWORD_TOO_SHORT']); |
|
101 |
msgQueue::add($mLang->MESSAGE['USERS_PASSWORD_TOO_SHORT']);
|
|
102 | 102 |
} |
103 | 103 |
|
104 | 104 |
$pattern = '/[^'.$admin->password_chars.']/'; |
105 | 105 |
if (preg_match($pattern, $password)) { |
106 |
msgQueue::add($MESSAGE['PREFERENCES_INVALID_CHARS']);
|
|
106 |
msgQueue::add($mLang->MESSAGE_PREFERENCES_INVALID_CHARS);
|
|
107 | 107 |
} |
108 | 108 |
|
109 | 109 |
if(($password != $password2) ) { |
110 |
msgQueue::add($MESSAGE['USERS_PASSWORD_MISMATCH']);
|
|
110 |
msgQueue::add($mLang->MESSAGE_USERS_PASSWORD_MISMATCH);
|
|
111 | 111 |
} |
112 | 112 |
} |
113 | 113 |
// check that display_name is unique in whoole system (prevents from User-faking) |
114 | 114 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
115 | 115 |
$sql .= 'WHERE `user_id` <> '.(int)$user_id.' AND `display_name` LIKE "'.$display_name.'"'; |
116 | 116 |
if( $database->get_one($sql) > 0 ){ |
117 |
msgQueue::add($MESSAGE['USERS_USERNAME_TAKEN'].' ('.$TEXT['DISPLAY_NAME'].')');
|
|
118 |
msgQueue::add($MESSAGE['MEDIA_CANNOT_RENAME']);
|
|
117 |
msgQueue::add($mLang->MESSAGE_USERS_USERNAME_TAKEN.' ('.$mLang->TEXT_DISPLAY_NAME.')');
|
|
118 |
msgQueue::add($mLang->MESSAGE_MEDIA_CANNOT_RENAME);
|
|
119 | 119 |
} |
120 | 120 |
// |
121 | 121 |
if( ($admin->get_user_id() != '1' ) ) |
122 | 122 |
{ |
123 | 123 |
if(findStringInFileList($display_name, dirname(__FILE__).'/disallowedNames')) { |
124 |
msgQueue::add( $TEXT['ERROR'].' '.$TEXT['DISPLAY_NAME'].' ('.$display_name.')' );
|
|
124 |
msgQueue::add( $mLang->TEXT_ERROR.' '.$mLang->TEXT_DISPLAY_NAME.' ('.$display_name.')' );
|
|
125 | 125 |
} |
126 | 126 |
} |
127 | 127 |
|
... | ... | |
131 | 131 |
{ |
132 | 132 |
if($admin->validate_email($email) == false) |
133 | 133 |
{ |
134 |
msgQueue::add($MESSAGE['USERS_INVALID_EMAIL'].' ('.$email.')');
|
|
134 |
msgQueue::add($mLang->MESSAGE_USERS_INVALID_EMAIL.' ('.$email.')');
|
|
135 | 135 |
} |
136 | 136 |
} else { // e-mail must be present |
137 |
msgQueue::add($MESSAGE['SIGNUP_NO_EMAIL']);
|
|
137 |
msgQueue::add($mLang->MESSAGE_SIGNUP_NO_EMAIL);
|
|
138 | 138 |
} |
139 | 139 |
|
140 | 140 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '. |
... | ... | |
143 | 143 |
// Check if the email already exists |
144 | 144 |
if( ($iFoundUser = $database->get_one($sql)) != null ) { |
145 | 145 |
if($iFoundUser) { |
146 |
if(isset($MESSAGE['USERS_EMAIL_TAKEN']))
|
|
146 |
if(isset($mLang->MESSAGE_USERS_EMAIL_TAKEN))
|
|
147 | 147 |
{ |
148 |
msgQueue::add($MESSAGE['USERS_EMAIL_TAKEN'].' ('.$email.')');
|
|
148 |
msgQueue::add($mLang->MESSAGE_USERS_EMAIL_TAKEN.' ('.$email.')');
|
|
149 | 149 |
} else { |
150 |
msgQueue::add($MESSAGE['USERS_INVALID_EMAIL'].' ('.$email.')');
|
|
150 |
msgQueue::add($mLang->MESSAGE_USERS_INVALID_EMAIL.' ('.$email.')');
|
|
151 | 151 |
} |
152 | 152 |
} |
153 | 153 |
} |
... | ... | |
174 | 174 |
$sHomeFolder = WB_PATH.MEDIA_DIRECTORY.'/home/'.( media_filename($username) ); |
175 | 175 |
if ( sizeof(createFolderProtectFile( $sHomeFolder )) ) |
176 | 176 |
{ |
177 |
// msgQueue::add($MESSAGE['MEDIA_DIR_NOT_MADE']);
|
|
177 |
// msgQueue::add($mLang->MESSAGE_MEDIA_DIR_NOT_MADE);
|
|
178 | 178 |
} |
179 | 179 |
} |
180 | 180 |
|
... | ... | |
204 | 204 |
|
205 | 205 |
} |
206 | 206 |
if($database->query($sql)) { |
207 |
msgQueue::add($MESSAGE['USERS_SAVED'], true);
|
|
207 |
msgQueue::add($mLang->MESSAGE_USERS_SAVED, true);
|
|
208 | 208 |
$bRetVal = $user_id; |
209 | 209 |
} |
210 | 210 |
if($database->is_error()) { |
211 | 211 |
msgQueue::add( implode('<br />',explode(';',$database->get_error())) ); |
212 | 212 |
} |
213 | 213 |
} else { |
214 |
msgQueue::add($MESSAGE['GENERIC_NOT_UPGRADED']);
|
|
214 |
msgQueue::add($mLang->MESSAGE_GENERIC_NOT_UPGRADED);
|
|
215 | 215 |
} |
216 | 216 |
|
217 | 217 |
// return $admin->getIDKEY($user_id); |
Also available in: Unified diff