echo $twig->render("new_user.html.twig", array("user" => array('name' => $username), "promo" => $promo_list, "droit" => $droit_list));
if (isset($_REQUEST['submit'])) {
if (isset($_REQUEST['nom']) && isset($_REQUEST['prenom']) && isset($_REQUEST['email']) && isset($_REQUEST['droit'])) {
$db = Database::getInstance();
$prenom = $_REQUEST['prenom'];
$nom = $_REQUEST['nom'];
$email = $_REQUEST['email'];
$droit = $_REQUEST['droit'];
if ($_REQUEST['password'] != '') {
$password = password_hash($_REQUEST['password'], PASSWORD_DEFAULT);
} else {
$rand = $user->generer_mot_de_passe();
$password = password_hash($rand, PASSWORD_DEFAULT);
$subject = "LinCS2i - vos identifiants";
$message = "Bonjour " . $prenom . ", Voici votre mot de passe : " . $rand . "";
$mail->sendmail($email, $subject, $message);
}
if ($droit == 1 || $droit == 2) {
$user->new_user($password, $prenom, $nom, $droit);
$id = $db->lastInsertId();
$mail->addMail($email, $id);
echo '';
} else {
$promoid = $_REQUEST['promo'];
$user->new_user($password, $prenom, $nom, $droit);
$id = $db->lastInsertId();
$mail->addMail($email, $id);
$promo->add_user_promo($id, $promoid);
}
}
}
public function action_user()
{
$formdata = array();
if (isset($_GET['id'])) {
$user = new User($_GET['id'], FALSE, FALSE, 'default', FALSE);
if (!$user->logged_in()) {
$this->redirect();
}
}
$this->list_available_data_fields();
if (!empty($_POST) && isset($_POST['username']) && isset($_POST['password'])) {
$post = new Validation($_POST);
$post->filter('trim');
$post->filter('strtolower', 'username');
$post->rule('Valid::not_empty', 'username');
if (isset($user)) {
if ($_POST['username'] != $user->get_username()) {
$post->rule('User::username_available', 'username');
}
} else {
$post->rule('User::username_available', 'username');
}
if (!isset($user)) {
$post->rule('Valid::not_empty', 'password');
}
if (isset($_POST['do_add_field'])) {
// Add another user data field and save no data, but repopulate the form fields
if (!isset($_SESSION['detail_fields'])) {
$_SESSION['detail_fields'] = array();
}
$_SESSION['detail_fields'][] = $_POST['add_field'];
// Reconstruct the form data to repopulate the form
$formdata = array();
$counter = 0;
$post_values = $post->as_array();
foreach ($post_values as $field => $data) {
if (substr($field, 0, 8) == 'fieldid_') {
foreach ($data as $data_piece) {
$counter++;
$formdata['field_' . substr($field, 8) . '_' . $counter] = trim($data_piece);
}
} elseif ($field == 'username') {
$formdata[$field] = $post_values[$field];
}
}
} else {
// Check for form errors
if ($post->validate()) {
// No form errors, add the user!
$post_values = $post->as_array();
// Erase the empty data fields
foreach ($post_values as $key => $value) {
if (substr($key, 0, 8) == 'fieldid_' && is_array($value)) {
foreach ($value as $nr => $value_piece) {
if ($value_piece == '') {
unset($post_values[$key][$nr]);
}
}
}
}
// Organize the field data and set the session fields
$fields = $_SESSION['detail_fields'] = array();
foreach ($post_values as $key => $value) {
if (substr($key, 0, 6) == 'field_') {
list($foobar, $field_id, $field_nr) = explode('_', $key);
$fields[User::get_data_field_name($field_id)][] = $value;
}
}
if (!isset($_GET['id'])) {
// Actually add the user
User::new_user($post_values['username'], $post_values['password'], $fields);
$this->add_message('User ' . $post_values['username'] . ' added');
} elseif (isset($user)) {
$user->set_user_data(array_merge($fields, array('username' => $post_values['username'], 'password' => $post_values['password'])), TRUE);
$this->add_message('User data saved');
}
} else {
// Form errors detected!
$this->add_error('Fix errors and try again');
$this->add_form_errors($post->errors());
$formdata = array();
$counter = 0;
$post_values = $post->as_array();
foreach ($post_values as $field => $data) {
if (substr($field, 0, 8) == 'fieldid_') {
foreach ($data as $data_piece) {
$counter++;
$formdata['field_' . substr($field, 8) . '_' . $counter] = trim($data_piece);
}
} elseif ($field == 'username') {
$formdata[$field] = $post_values[$field];
}
}
}
}
}
if (isset($user)) {
$formdata = array('username' => $user->get_username());
$counter = 0;
foreach ($user->get_user_data() as $field => $data) {
foreach ($data as $data_piece) {
$counter++;
$formdata['field_' . User::get_data_field_id($field) . '_' . $counter] = $data_piece;
}
}
}
if (!empty($_SESSION['detail_fields'])) {
foreach ($_SESSION['detail_fields'] as $field_id) {
$counter = 1;
while (isset($formdata['field_' . $field_id . '_' . $counter])) {
$counter++;
}
$formdata['field_' . $field_id . '_' . $counter] = '';
}
}
$this->set_formdata($formdata);
}
$user = $_POST['user'];
switch ($_POST['what']) {
case 'update_notify':
$notify = isset($_POST['notify']) ? true : false;
if (!User::set_notify($user, $notify)) {
$f3->error(500);
}
break;
case 'reset_password':
User::reset_password($user);
break;
case 'update_rights':
User::set_rights($user, $_POST['rights']);
break;
case 'new_user':
User::new_user($user, $_POST['rights']);
break;
default:
echo "Error";
}
$f3->reroute("/admin/users");
});
$f3->route('GET /p/@key', function ($f3) {
$key = $f3->get('PARAMS.key');
$user = User::find_pwreset($key);
if (!$user) {
$f3->error(404);
}
$f3->set('email', $user);
echo Template::instance()->render('password.html');
});
/**
* Create the first user, who also becomes an administrator.
*
* @return void
* @author Johnny Karhinen, http://fullkorn.nu, johnny@fullkorn.nu
*/
protected function insert_initial_data()
{
$this->new_field('role');
User::new_user('admin', 'admin', array('role' => 'admin'));
}
<?php
if (Login::getLoginSession()) {
//echo "pase por login true main.php<br>";
//exit;
echo "\n <ul style=\"margin:19px 0 18px 0;\" class=\"nav nav-tabs test2\">\n <li class=\"active\"><a data-toggle=\"tab\" href=\"#exportacion\">Exportación de datos de sondas</a></li>\n <li><a data-toggle=\"tab\" href=\"#detenidas\">Informe de detenidas</a></li>\n </ul>";
Login::logged(Login::getIsAdmin());
if (Login::getIsAdmin()) {
echo "<div class=\"tab-content\">\n <div id=\"exportacion\" class=\"tab-pane fade in active\">";
// solo admin puede crear un nuevo usuario
User::new_user();
}
// es usuario admin y presento todos los informes ordenados por fecha
User::users_list(Login::getIsAdmin());
echo " <br><br><br>\n </div>\n <div id=\"detenidas\" class=\"tab-pane fade\">";
// listado de archivos csv
//listado_csvs();
// todos los informes
Reports::reports_list();
echo " </div>";
Page::footer();
echo "</div>";
//
if (isset($_POST['comprobar'])) {
// vuelvo a mostrar el div
?>
<script LANGUAGE="JavaScript">
mostrar_ocultar('nuevo_usuario');
</script>
<?php
}
