function __construct($user, $display, $pass, $email, $colist, $contact)
 {
     //Used for display only
     $this->displayname = $display;
     //Sanitize
     $this->clean_email = sanitize($email);
     $this->clean_password = trim($pass);
     $this->username = sanitize($user);
     $this->colist_agent = $colist;
     $this->contact_person = $contact;
     if (usernameExists($this->username)) {
         $this->username_taken = true;
     } else {
         if (displayNameExists($this->displayname)) {
             $this->displayname_taken = true;
         } else {
             if (emailExists($this->clean_email)) {
                 $this->email_taken = true;
             } else {
                 //No problems have been found.
                 $this->status = true;
             }
         }
     }
 }
Beispiel #2
0
 function __construct($user, $display, $pass, $email, $country, $state, $city, $address, $zip, $phone)
 {
     //Used for display only
     $this->displayname = $display;
     //Sanitize
     $this->clean_email = sanitize($email);
     $this->clean_password = trim($pass);
     $this->username = sanitize($user);
     $this->user_country = sanitize($country);
     $this->user_state = sanitize($state);
     $this->user_city = sanitize($city);
     $this->user_address = sanitize($address);
     $this->user_zip = sanitize($zip);
     $this->user_phone = sanitize($phone);
     if (usernameExists($this->username)) {
         $this->username_taken = true;
     } else {
         if (displayNameExists($this->displayname)) {
             $this->displayname_taken = true;
         } else {
             if (emailExists($this->clean_email)) {
                 $this->email_taken = true;
             } else {
                 //No problems have been found.
                 $this->status = true;
             }
         }
     }
 }
Beispiel #3
0
 function __construct($user, $display, $pass, $email, $pin, $location, $about)
 {
     //Used for display only
     $this->displayname = $display;
     //Sanitize
     $this->clean_email = sanitize($email);
     $this->clean_password = trim($pass);
     $this->username = sanitize($user);
     $this->clean_pin = trim($pin);
     $this->location = trim($location);
     $this->about = trim($about);
     if (usernameExists($this->username)) {
         $this->username_taken = true;
     } else {
         if (displayNameExists($this->displayname)) {
             $this->displayname_taken = true;
         } else {
             if (emailExists($this->clean_email)) {
                 $this->email_taken = true;
             } else {
                 //No problems have been found.
                 $this->status = true;
             }
         }
     }
 }
Beispiel #4
0
//Forms posted
if (!empty($_POST)) {
    //Delete selected account
    if (!empty($_POST['delete'])) {
        $deletions = $_POST['delete'];
        if ($deletion_count = deleteUsers($deletions)) {
            $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
        } else {
            $errors[] = lang("SQL_ERROR");
        }
    } else {
        //Update display name
        if ($userdetails['display_name'] != $_POST['display']) {
            $displayname = trim($_POST['display']);
            //Validate display name
            if (displayNameExists($displayname)) {
                $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
            } elseif (minMaxRange(5, 25, $displayname)) {
                $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
            } elseif (!ctype_alnum($displayname)) {
                $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
            } else {
                if (updateDisplayName($userId, $displayname)) {
                    $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
                } else {
                    $errors[] = lang("SQL_ERROR");
                }
            }
        } else {
            $displayname = $userdetails['display_name'];
        }
/**
 * Update user's display_name based on $user_id and new $display_name.
 * @param int $user_id the id of the user to update.
 * @param string $display_name the validated $_POST['display_name']
 * @return boolean true on success false on failure
 */
function updateUserDisplayName($user_id, $display_name)
{
    // This block automatically checks this action against the permissions database before running.
    if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
        addAlert("danger", "Sorry, you do not have permission to access this resource.");
        return false;
    }
    //Validate display name
    if (displayNameExists($display_name)) {
        addAlert("danger", lang("ACCOUNT_DISPLAYNAME_IN_USE", array($display_name)));
        return false;
    } elseif (minMaxRange(1, 50, $display_name)) {
        addAlert("danger", lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(1, 50)));
        return false;
    }
    if (updateUserField($user_id, 'display_name', $display_name)) {
        addAlert("success", lang("ACCOUNT_DISPLAYNAME_UPDATED", array($display_name)));
        return true;
    } else {
        return false;
    }
}
Beispiel #6
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $userId = $_GET['id'];
     //Check if selected user exists
     if (!userIdExists($userId)) {
         header("Location: " . str_replace('index.php/', '', site_url('admin_users')));
         die;
     }
     $userdetails = fetchUserDetails(NULL, NULL, $userId);
     //Fetch user details
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected account
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deleteUsers($deletions)) {
                 $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update display name
             if ($userdetails['display_name'] != $_POST['display']) {
                 $displayname = trim($_POST['display']);
                 //Validate display name
                 if (displayNameExists($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
                 } elseif (minMaxRange(5, 25, $displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
                 } elseif (!ctype_alnum($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
                 } else {
                     if (updateDisplayName($userId, $displayname)) {
                         $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             } else {
                 $displayname = $userdetails['display_name'];
             }
             //Activate account
             if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
                 if (setUserActive($userdetails['activation_token'])) {
                     $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Update email
             if ($userdetails['email'] != $_POST['email']) {
                 $email = trim($_POST["email"]);
                 //Validate email
                 if (!isValidEmail($email)) {
                     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
                 } elseif (emailExists($email)) {
                     $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                 } else {
                     if (updateEmail($userId, $email)) {
                         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Update title
             if ($userdetails['title'] != $_POST['title']) {
                 $title = trim($_POST['title']);
                 //Validate title
                 if (minMaxRange(1, 50, $title)) {
                     $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updateTitle($userId, $title)) {
                         $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove permission level
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($remove, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($add, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $userdetails = fetchUserDetails(NULL, NULL, $userId);
         }
     }
     $userPermission = fetchUserPermissions($userId);
     $permissionData = fetchAllPermissions();
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
     //Display activation link, if account inactive
     if ($userdetails['active'] == '1') {
         echo "Yes";
     } else {
         echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
     //Last sign in, interpretation
     if ($userdetails['last_sign_in_stamp'] == '0') {
         echo "Never";
     } else {
         echo date("j M, Y", $userdetails['last_sign_in_stamp']);
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:";
     //List of permission levels user is apart of
     foreach ($permissionData as $v1) {
         if (isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     //List of permission levels user is not apart of
     echo "</p><p>Add Permission:";
     foreach ($permissionData as $v1) {
         if (!isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }