function editUser()
{
global $lang;
$page_lang = scandir('inc/lang/' . $_SESSION['language']);
foreach ($page_lang as $file) {
if ($file != '.' && $file != '..') {
$parts = explode(".", $file);
$page = $parts[0];
if ($page == 'user') {
$page_file = $file;
}
}
}
include_once 'inc/lang/' . $_SESSION['language'] . '/' . $page_file;
if ($_SESSION['access']->users > 1) {
$results = array();
$results['formAction'] = "editUser";
if (isset($_POST['saveChanges'])) {
// User has posted the user edit form: save the user changes
if (!($user = User::getById((int) $_GET['editId']))) {
header("Location: index.php?action=listUser&error=userNotFound");
return;
}
if (!empty($_POST['newPassword'])) {
$_POST['password'] = md5($_POST['newPassword']);
}
unset($_POST['newPassword']);
unset($_POST['newPassConfirm']);
$user = new User();
$user->storeFormValues($_POST);
$user->update();
header("Location: index.php?action=listUser&success=userChangesSaved");
} elseif (isset($_POST['cancel'])) {
// User has cancelled their edits: return to the user list
header("Location: index.php?action=listUser");
} else {
// User has not submitted the user edit form: display the user edit form
$results['user'] = User::getById((int) $_GET['userId']);
require "inc/layout/editUser.php";
}
} else {
require "inc/layout/noAccess.php";
}
}
function newUser()
{
$results = array();
$results['pageTitle'] = "Новый пользователь";
$results['formAction'] = "newUser";
$results['formActionParams'] = array();
if (isset($_POST['saveChanges'])) {
// Пользователь заполнил форму ввода: сохраняем нового пользователя.
$user = new User();
$user->storeFormValues($_POST);
$password = isset($_POST['password']) ? $_POST['password'] : null;
if (empty($password)) {
// Пароль обязателен.
Notification::setError('emptyPassword');
$results['user'] = $user;
require TEMPLATE_PATH . "/editUser.php";
return;
}
$user->insert($password);
Notification::setStatus('changesSaved');
Route::redirectTo('users');
} elseif (isset($_POST['cancel'])) {
// Пользователь отменил правку. Возвращаемся в список пользователей.
Route::redirectTo('users');
} else {
// Пользователь ещё не отправил форму. Показываем форму.
$results['user'] = new User();
require TEMPLATE_PATH . "/editUser.php";
}
}
function createUser()
{
/*this is an addition after the base release. Man, I should've figured out github earlier.
At any rate, I realized that I needed to create user accounts for the (currently existing) mailing list and the (as of yet nonexistent) comment system. That's next */
$results = array();
$results['pageTitle'] = "Create Account | The Blag";
if (isset($_POST['submit'])) {
//button press here
$user = new User();
//check User.php for deets, but this is a class where I store all the stuff for users. especally mail stuff. actually thats kinda in config, but whatever.
$user->storeFormValues($_POST);
//shameless duplication of function names. I guess I'm just a horrible person.
$user->createUser();
if ($_SESSION['error'] != "00000") {
/*this was interesting, and actually deeper than it looks. So 00000 is actually the SQL database "error" number that means "no error," whereas literally anything else means "error."
I was running into a potential problem with user account specificity in the emails, so i set the email field to unique in the SQL, but I need a way to check if that was violated other than someone telling me "my account wasn't made"
I forget the actual error number, but this is a catch-all that indicates a problem with SQL insertion. */
$results['errorMessage'] = "There was a problem creating your account. Is that email already in use?";
//catch-all error message with my best guess as to the problem
require TEMPLATE_PATH . "/createUser.php";
} else {
$accountMade = true;
//this is checked in some PHP embedded in the HTML of the site.
require TEMPLATE_PATH . "/loginForm.php";
}
} else {
//if there is no button press.
require TEMPLATE_PATH . "/createUser.php";
}
}
function editUser()
{
$user = new User();
$user->storeFormValues($_POST);
$user->editUser();
}
// enable the user profile
if ($action == 'enableUser') {
$user = new User();
$user->storeFormValues($_GET);
$user->status();
}
// disable the user profile
if ($action == 'disableUser') {
$user = new User();
$user->storeFormValues($_GET);
$user->status();
}
// delete the user profile
if ($action == 'deleteUser') {
$user = new User();
$user->storeFormValues($_GET);
$user->delete();
}
// enable the group
if ($action == 'enableGroup') {
$user = new Group();
$user->storeFormValues($_GET);
$user->status();
}
// disable the group
if ($action == 'disableGroup') {
$user = new Group();
$user->storeFormValues($_GET);
$user->status();
}
// delete the group
