<?php /** * @author Jaco Ruit */ require '../startOrongo.php'; startOrongo(); if (isset($_POST['username']) && isset($_POST['password']) && !isset($_SESSION['orongo-id']) && !isset($_SESSION['orongo-session-id'])) { $username = Security::escape($_POST['username']); $password = Security::hash($_POST['password']); if (User::usernameExists($username)) { $userID = User::getUserID($username); $goodLogin = User::isGoodPassword($userID, $password); if ($goodLogin) { if (!User::userIsActivated($userID)) { header("Location: ../orongo-login.php?msg=7"); exit; } else { $_SESSION['orongo-id'] = $userID; $_SESSION['orongo-session-id'] = Session::createSession($userID); header("Location: ../orongo-admin/"); exit; } } else { header("Location: ../orongo-login.php?msg=0"); exit; } } else { header("Location: ../orongo-login.php?msg=0"); exit; }
header("Location: " . orongoURL("orongo-admin/edit.php?user." . $id)); exit; } try { $user = new User($id); } catch (Exception $e) { if ($e->getCode() == USER_NOT_EXIST) { header("Location: " . orongoURL("orongo-admin/manage.php?msg=0&obj=users")); exit; } else { header("Location: " . orongoURL("orongo-admin/index.php?msg=2")); exit; } } if (getUser()->getRank() < RANK_ADMIN) { if (!User::isGoodPassword($user->getID(), Security::hash($_POST['password']))) { header("Location: " . orongoURL("orongo-admin/view.php?msg=0&obj=user&id=" . $user->getID())); exit; } } if (isset($_POST['new_name']) && !empty($_POST['new_name']) && getUser()->getRank() == RANK_ADMIN) { $user->setName(trim($_POST['new_name'])); } if (!empty($_POST['new_password'])) { User::setPassword($user->getID(), Security::hash($_POST['new_password'])); } if (!empty($_POST['new_email'])) { $user->setEmail(trim($_POST['new_email'])); } if (isset($_POST['new_rank']) && !empty($_POST['new_rank']) && getUser()->getRank() == RANK_ADMIN) { $ranks = array(RANK_USER, RANK_WRITER, RANK_ADMIN);