public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     $baseURL = getcwd();
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Forms posted
     if (!empty($_POST)) {
         if (!empty($_POST['delete']) || !empty($_POST['newPermission'])) {
             //Delete permission levels
             if (!empty($_POST['delete'])) {
                 $deletions = $_POST['delete'];
                 if ($deletion_count = deletePermission($deletions)) {
                     $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
                 }
             }
             //Create new permission level
             if (!empty($_POST['newPermission'])) {
                 $permission = trim($_POST['newPermission']);
                 //Validate request
                 if (permissionNameExists($permission)) {
                     $errors[] = lang("PERMISSION_NAME_IN_USE", array($permission));
                 } elseif (minMaxRange(1, 50, $permission)) {
                     $errors[] = lang("PERMISSION_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (createPermission($permission)) {
                         $successes[] = lang("PERMISSION_CREATION_SUCCESSFUL", array($permission));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
         } else {
             $errors[] = lang("NO_PERMISSION_SELECTED");
         }
     }
     $permissionData = fetchAllPermissions();
     //Retrieve list of all permission levels
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminPermissions' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<table class='admin'>\r\n<tr>\r\n<th>Delete</th><th>Permission Name</th>\r\n</tr>";
     //List each permission level
     foreach ($permissionData as $v1) {
         echo "\r\n\t<tr>\r\n\t<td><input type='checkbox' name='delete[" . $v1['id'] . "]' id='delete[" . $v1['id'] . "]' value='" . $v1['id'] . "'></td>\r\n\t<td><a href='" . str_replace('index.php/', '', site_url('admin_permission')) . "?id=" . $v1['id'] . "'>" . $v1['name'] . "</a></td>\r\n\t</tr>";
     }
     echo "\r\n</table>\r\n<p>\r\n<label>Permission Name:</label>\r\n<input type='text' name='newPermission' />\r\n</p>                                \r\n<input type='submit' name='Submit' value='Submit' />\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }
//Forms posted
if (!empty($_POST)) {
    //Delete permission levels
    if (!empty($_POST['delete'])) {
        $deletions = $_POST['delete'];
        if ($deletion_count = deletePermission($deletions)) {
            $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
        }
    }
    //Create new permission level
    if (!empty($_POST['newPermission'])) {
        $permission = trim($_POST['newPermission']);
        //Validate request
        if (permissionNameExists($permission)) {
            $errors[] = lang("PERMISSION_NAME_IN_USE", array($permission));
        } elseif (minMaxRange(1, 50, $permission)) {
            $errors[] = lang("PERMISSION_CHAR_LIMIT", array(1, 50));
        } else {
            if (createPermission($permission)) {
                $successes[] = lang("PERMISSION_CREATION_SUCCESSFUL", array($permission));
            } else {
                $errors[] = lang("SQL_ERROR");
            }
        }
    }
}
$permissionData = fetchAllPermissions();
//Retrieve list of all permission levels
require_once "models/header.php";
?>
     if (minMaxRange(1, 150, $language)) {
         $errors[] = lang("CONFIG_LANGUAGE_CHAR_LIMIT", array(1, 150));
     } elseif (!file_exists($newLanguage)) {
         $errors[] = lang("CONFIG_LANGUAGE_INVALID", array($newLanguage));
     } else {
         if (count($errors) == 0) {
             $cfgId[] = 6;
             $cfgValue[6] = $newLanguage;
             $language = $newLanguage;
         }
     }
 }
 //Validate new template selection
 if ($newSettings[7] != $template) {
     $newTemplate = $newSettings[7];
     if (minMaxRange(1, 150, $template)) {
         $errors[] = lang("CONFIG_TEMPLATE_CHAR_LIMIT", array(1, 150));
     } elseif (!file_exists($newTemplate)) {
         $errors[] = lang("CONFIG_TEMPLATE_INVALID", array($newTemplate));
     } else {
         if (count($errors) == 0) {
             $cfgId[] = 7;
             $cfgValue[7] = $newTemplate;
             $template = $newTemplate;
         }
     }
 }
 //Update configuration table with new settings
 if (count($errors) == 0 and count($cfgId) > 0) {
     updateConfig($cfgId, $cfgValue);
     $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL");
Beispiel #4
0
 if ($captcha != $_SESSION['captcha']) {
     $errors[] = lang("CAPTCHA_FAIL");
 }
 if (minMaxRange(5, 25, $username)) {
     $errors[] = lang("ACCOUNT_USER_CHAR_LIMIT", array(5, 25));
 }
 if (!ctype_alnum($username)) {
     $errors[] = lang("ACCOUNT_USER_INVALID_CHARACTERS");
 }
 if (minMaxRange(5, 25, $displayname)) {
     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
 }
 if (!ctype_alnum($displayname)) {
     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
 }
 if (minMaxRange(8, 50, $password) && minMaxRange(8, 50, $confirm_pass)) {
     $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT", array(8, 50));
 } else {
     if ($password != $confirm_pass) {
         $errors[] = lang("ACCOUNT_PASS_MISMATCH");
     }
 }
 if (!isValidEmail($email)) {
     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
 }
 //End data validation
 if (count($errors) == 0) {
     //Construct a user object
     $user = new User($username, $displayname, $password, $email);
     //Checking this flag tells us whether there were any errors such as possible data duplication occured
     if (!$user->status) {
Beispiel #5
0
     //Validate title
     if (minMaxRange(1, 50, $title)) {
         $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
     } else {
         if (updateTitle($userId, $title)) {
             $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
         } else {
             $errors[] = lang("SQL_ERROR");
         }
     }
 }
 //Update password
 if (isset($_POST['password'])) {
     $password = trim($_POST['password']);
     //Validate password
     if (minMaxRange(1, 50, $password)) {
         $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT", array(1, 50));
     } else {
         if (changePassword($userId, $password)) {
             $successes[] = lang("ACCOUNT_PASS_UPDATED", array($displayname, $password));
         } else {
             $errors[] = lang("SQL_ERROR");
         }
     }
 }
 //Remove permission level
 if (!empty($_POST['removePermission'])) {
     $remove = $_POST['removePermission'];
     if ($deletion_count = removePermission($remove, $userId)) {
         $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
     } else {
Beispiel #6
0
 //Delete selected account
 if (!empty($_POST['delete'])) {
     $deletions = $_POST['delete'];
     if ($deletion_count = deleteUsers($deletions)) {
         $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
     } else {
         $errors[] = lang("SQL_ERROR");
     }
 } else {
     //Update display name
     if ($userdetails['display_name'] != $_POST['display']) {
         $displayname = trim($_POST['display']);
         //Validate display name
         if (displayNameExists($displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
         } elseif (minMaxRange(5, 70, $displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 70));
         } elseif (!ctype_alpha(str_replace($characters, '', $displayname))) {
             $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
         } else {
             if (updateDisplayName($userId, $displayname)) {
                 $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         }
     } else {
         $displayname = $userdetails['display_name'];
     }
     //Activate account
     if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
Beispiel #7
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     $baseURL = getcwd();
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Prevent the user visiting the logged in page if he is not logged in
     if (!isUserLoggedIn()) {
         header("Location: " . str_replace('index.php/', '', site_url('login')));
         die;
     }
     if (!empty($_POST)) {
         $errors = array();
         $successes = array();
         $password = $_POST["password"];
         $password_new = $_POST["passwordc"];
         $password_confirm = $_POST["passwordcheck"];
         $errors = array();
         $email = $_POST["email"];
         //Perform some validation
         //Feel free to edit / change as required
         //Confirm the hashes match before updating a users password
         $entered_pass = generateHash($password, $loggedInUser->hash_pw);
         if (trim($password) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD");
         } else {
             if ($entered_pass != $loggedInUser->hash_pw) {
                 //No match
                 $errors[] = lang("ACCOUNT_PASSWORD_INVALID");
             }
         }
         if ($email != $loggedInUser->email) {
             if (trim($email) == "") {
                 $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");
             } else {
                 if (!isValidEmail($email)) {
                     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
                 } else {
                     if (emailExists($email)) {
                         $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                     }
                 }
             }
             //End data validation
             if (count($errors) == 0) {
                 $loggedInUser->updateEmail($email);
                 $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
             }
         }
         if ($password_new != "" or $password_confirm != "") {
             if (trim($password_new) == "") {
                 $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD");
             } else {
                 if (trim($password_confirm) == "") {
                     $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD");
                 } else {
                     if (minMaxRange(8, 50, $password_new)) {
                         $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH", array(8, 50));
                     } else {
                         if ($password_new != $password_confirm) {
                             $errors[] = lang("ACCOUNT_PASS_MISMATCH");
                         }
                     }
                 }
             }
             //End data validation
             if (count($errors) == 0) {
                 //Also prevent updating if someone attempts to update with the same password
                 $entered_pass_new = generateHash($password_new, $loggedInUser->hash_pw);
                 if ($entered_pass_new == $loggedInUser->hash_pw) {
                     //Don't update, this fool is trying to update with the same password ¬¬
                     $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE");
                 } else {
                     //This function will create the new hash and update the hash_pw property.
                     $loggedInUser->updatePassword($password_new);
                     $successes[] = lang("ACCOUNT_PASSWORD_UPDATED");
                 }
             }
         }
         if (count($errors) == 0 and count($successes) == 0) {
             $errors[] = lang("NOTHING_TO_UPDATE");
         }
     }
     $this->load->view('user_settings');
 }
Beispiel #8
0
         $errors[] = lang("ACCOUNT_INVALID_EMAIL");
     } elseif (emailExists($email)) {
         $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
     } else {
         if (updateEmail($userId, $email)) {
             $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
         } else {
             $errors[] = lang("SQL_ERROR");
         }
     }
 }
 //Update title
 if ($userdetails['title'] != $_POST['title']) {
     $title = trim($_POST['title']);
     //Validate title
     if (minMaxRange(1, 50, $title)) {
         $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
     } else {
         if (updateTitle($userId, $title)) {
             $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
         } else {
             $errors[] = lang("SQL_ERROR");
         }
     }
 }
 //Remove permission level
 if (!empty($_POST['removePermission'])) {
     $remove = $_POST['removePermission'];
     if ($deletion_count = removePermission($remove, $userId)) {
         $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
     } else {
Beispiel #9
0
     if (minMaxRange(1, 150, $language)) {
         $errors[] = lang("CONFIG_LANGUAGE_CHAR_LIMIT", array(1, 150));
     } elseif (!file_exists($newLanguage)) {
         $errors[] = lang("CONFIG_LANGUAGE_INVALID", array($newLanguage));
     } else {
         if (count($errors) == 0) {
             $cfgId[] = 6;
             $cfgValue[6] = $newLanguage;
             $website->language = $newLanguage;
         }
     }
 }
 //Validate new template selection
 if ($newSettings[7] != $template) {
     $newTemplate = $newSettings[7];
     if (minMaxRange(1, 150, $website->template)) {
         $errors[] = lang("CONFIG_TEMPLATE_CHAR_LIMIT", array(1, 150));
     } elseif (!file_exists($newTemplate)) {
         $errors[] = lang("CONFIG_TEMPLATE_INVALID", array($newTemplate));
     } else {
         if (count($errors) == 0) {
             $cfgId[] = 7;
             $cfgValue[7] = $newTemplate;
             $website->template = $newTemplate;
         }
     }
 }
 //Update configuration table with new settings
 if (count($errors) == 0 and count($cfgId) > 0) {
     updateConfig($cfgId, $cfgValue);
     $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL");
/**
 * Update group based on new details
 * @param int $group_id the id of the group to edit.
 * @param string $name the new name of the group
 * @param int $is_default 0 if the group is not a default group for new users, 1 if it is, 2 if it is also the primary default group for new users
 * @param int $home_page_id the id of the home page for users who have this group as their primary group
 * @return boolean true for success, false if failed
 */
function updateGroup($group_id, $name, $is_default, $home_page_id)
{
    // This block automatically checks this action against the permissions database before running.
    if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
        addAlert("danger", "Sorry, you do not have permission to access this resource.");
        return false;
    }
    //Check if selected group exists
    if (!groupIdExists($group_id)) {
        addAlert("danger", "I'm sorry, the group id you specified is invalid!");
        return false;
    }
    $groupDetails = fetchGroupDetails($group_id);
    //Fetch information specific to group
    //Update group name, if different from previous and not already taken
    $name = trim($name);
    if (strtolower($name) != strtolower($groupDetails['name'])) {
        if (groupNameExists($name)) {
            addAlert("danger", lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($name)));
            return false;
        } elseif (minMaxRange(1, 50, $name)) {
            addAlert("danger", lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50)));
            return false;
        }
    }
    if (dbUpdateGroup($group_id, $name, $is_default, $home_page_id)) {
        addAlert("success", lang("GROUP_UPDATE", array($name)));
        return true;
    } else {
        return false;
    }
}
Beispiel #11
0
 $errors = array();
 while ($row = $db->sql_fetchrow($users)) {
     $deleteID = "delete" . $row['User_ID'];
     $delete = $_POST[$deleteID] ? "Yes" : "No";
     $usernameID = "username" . $row['User_ID'];
     $newusername = $_POST[$usernameID];
     $emailID = "email" . $row['User_ID'];
     $newemail = $_POST[$emailID];
     $groupID = "group_id" . $row['User_ID'];
     $newgroup = $_POST[$groupID];
     if ($delete == "Yes") {
         $sql = "DELETE from " . $db_table_prefix . "Users WHERE User_ID = '" . $row['User_ID'] . "'";
         $db->sql_query($sql);
     } else {
         if ($newusername != $row['Username']) {
             if (minMaxRange(5, 25, $newusername)) {
                 $errors[] = "Unable to update " . $row['Username'] . "'s username because selected name is not between 5 and 25 characters.";
             } elseif (usernameExists($newusername)) {
                 $errors[] = "Unable to change " . $row['Username'] . "'s name because selected username is already in use.";
             } else {
                 $sql = "UPDATE " . $db_table_prefix . "Users SET Username = '******', Username_clean = '" . sanitize($newusername) . "' WHERE User_ID='" . $row['User_ID'] . "'";
                 $db->sql_query($sql);
             }
         }
         if ($row['Email'] != $newemail) {
             if (trim($newemail) == "") {
                 $errors[] = "Unable to update " . $row['Username'] . "'s email because no address was entered.";
             } else {
                 if (!isValidEmail($newemail)) {
                     $errors[] = "Unable to update " . $row['Username'] . "'s email because address is invalid.";
                 } else {
Beispiel #12
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $permissionId = $_GET['id'];
     //Check if selected permission level exists
     if (!permissionIdExists($permissionId)) {
         header("Location: " . site_url('admin_permissions'));
         die;
     }
     $permissionDetails = fetchPermissionDetails($permissionId);
     //Fetch information specific to permission level
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected permission level
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deletePermission($deletions)) {
                 $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
                 header("Location: " . site_url('admin_permissions'));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update permission level name
             if ($permissionDetails[0]['name'] != $_POST['name']) {
                 $permission = trim($_POST['name']);
                 //Validate new name
                 if (permissionNameExists($permission)) {
                     $errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission));
                 } elseif (minMaxRange(1, 50, $permission)) {
                     $errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updatePermissionName($permissionId, $permission)) {
                         $successes[] = lang("PERMISSION_NAME_UPDATE", array($permission));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove access to pages
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($permissionId, $remove)) {
                     $successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Add access to pages
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($permissionId, $add)) {
                     $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Remove access to pages
             if (!empty($_POST['removePage'])) {
                 $remove = $_POST['removePage'];
                 if ($deletion_count = removePage($remove, $permissionId)) {
                     $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Add access to pages
             if (!empty($_POST['addPage'])) {
                 $add = $_POST['addPage'];
                 if ($addition_count = addPage($add, $permissionId)) {
                     $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $permissionDetails = fetchPermissionDetails($permissionId);
         }
     }
     $pagePermissions = fetchPermissionPages($permissionId);
     //Retrieve list of accessible pages
     $permissionUsers = fetchPermissionUsers($permissionId);
     //Retrieve list of users with membership
     $userData = fetchAllUsers();
     //Fetch all users
     $pageData = fetchAllPages();
     //Fetch all pages
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminPermission' action='" . $_SERVER['PHP_SELF'] . "?id=" . $permissionId . "' method='post'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Permission Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $permissionDetails[0]['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n<input type='text' name='name' value='" . $permissionDetails[0]['name'] . "' />\r\n</p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $permissionDetails[0]['id'] . "]' id='delete[" . $permissionDetails[0]['id'] . "]' value='" . $permissionDetails[0]['id'] . "'>\r\n</p>\r\n</div></td><td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Members:";
     //List users with permission level
     foreach ($userData as $v1) {
         if (isset($permissionUsers[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
         }
     }
     echo "\r\n</p><p>Add Members:";
     //List users without permission level
     foreach ($userData as $v1) {
         if (!isset($permissionUsers[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nPublic Access:";
     //List public pages
     foreach ($pageData as $v1) {
         if ($v1['private'] != 1) {
             echo "<br>" . $v1['page'];
         }
     }
     echo "\r\n</p>\r\n<p>\r\nRemove Access:";
     //List pages accessible to permission level
     foreach ($pageData as $v1) {
         if (isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
             echo "<br><input type='checkbox' name='removePage[" . $v1['id'] . "]' id='removePage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
         }
     }
     echo "\r\n</p><p>Add Access:";
     //List pages inaccessible to permission level
     foreach ($pageData as $v1) {
         if (!isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
             echo "<br><input type='checkbox' name='addPage[" . $v1['id'] . "]' id='addPage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     $baseURL = getcwd();
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Forms posted
     if (!empty($_POST)) {
         $cfgId = array();
         $newSettings = $_POST['settings'];
         //Validate new site name
         if ($newSettings[1] != $websiteName) {
             $newWebsiteName = $newSettings[1];
             if (minMaxRange(1, 150, $newWebsiteName)) {
                 $errors[] = lang("CONFIG_NAME_CHAR_LIMIT", array(1, 150));
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 1;
                     $cfgValue[1] = $newWebsiteName;
                     $websiteName = $newWebsiteName;
                 }
             }
         }
         //Validate new URL
         if ($newSettings[2] != $websiteUrl) {
             $newWebsiteUrl = $newSettings[2];
             if (minMaxRange(1, 150, $newWebsiteUrl)) {
                 $errors[] = lang("CONFIG_URL_CHAR_LIMIT", array(1, 150));
             } else {
                 if (substr($newWebsiteUrl, -1) != "/") {
                     $errors[] = lang("CONFIG_INVALID_URL_END");
                 } else {
                     if (count($errors) == 0) {
                         $cfgId[] = 2;
                         $cfgValue[2] = $newWebsiteUrl;
                         $websiteUrl = $newWebsiteUrl;
                     }
                 }
             }
         }
         //Validate new site email address
         if ($newSettings[3] != $emailAddress) {
             $newEmail = $newSettings[3];
             if (minMaxRange(1, 150, $newEmail)) {
                 $errors[] = lang("CONFIG_EMAIL_CHAR_LIMIT", array(1, 150));
             } elseif (!isValidEmail($newEmail)) {
                 $errors[] = lang("CONFIG_EMAIL_INVALID");
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 3;
                     $cfgValue[3] = $newEmail;
                     $emailAddress = $newEmail;
                 }
             }
         }
         //Validate email activation selection
         if ($newSettings[4] != $emailActivation) {
             $newActivation = $newSettings[4];
             if ($newActivation != "true" and $newActivation != "false") {
                 $errors[] = lang("CONFIG_ACTIVATION_TRUE_FALSE");
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 4;
                     $cfgValue[4] = $newActivation;
                     $emailActivation = $newActivation;
                 }
             }
         }
         //Validate new email activation resend threshold
         if ($newSettings[5] != $resend_activation_threshold) {
             $newResend_activation_threshold = $newSettings[5];
             if ($newResend_activation_threshold > 72 or $newResend_activation_threshold < 0) {
                 $errors[] = lang("CONFIG_ACTIVATION_RESEND_RANGE", array(0, 72));
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 5;
                     $cfgValue[5] = $newResend_activation_threshold;
                     $resend_activation_threshold = $newResend_activation_threshold;
                 }
             }
         }
         //Validate new language selection
         if ($newSettings[6] != $language) {
             $newLanguage = $newSettings[6];
             if (minMaxRange(1, 150, $language)) {
                 $errors[] = lang("CONFIG_LANGUAGE_CHAR_LIMIT", array(1, 150));
             } elseif (!file_exists($baseURL . $newLanguage)) {
                 $errors[] = lang("CONFIG_LANGUAGE_INVALID", array($newLanguage));
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 6;
                     $cfgValue[6] = $newLanguage;
                     $language = $newLanguage;
                 }
             }
         }
         //Validate new template selection
         if ($newSettings[7] != $template) {
             $newTemplate = $newSettings[7];
             if (minMaxRange(1, 150, $template)) {
                 $errors[] = lang("CONFIG_TEMPLATE_CHAR_LIMIT", array(1, 150));
             } elseif (!file_exists($baseURL . $newTemplate)) {
                 $errors[] = lang("CONFIG_TEMPLATE_INVALID", array($newTemplate));
             } else {
                 if (count($errors) == 0) {
                     $cfgId[] = 7;
                     $cfgValue[7] = $newTemplate;
                     $template = $newTemplate;
                 }
             }
         }
         //Update configuration table with new settings
         if (count($errors) == 0 and count($cfgId) > 0) {
             updateConfig($cfgId, $cfgValue);
             $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL");
         }
     }
     $languages = getLanguageFiles();
     //Retrieve list of language files
     $templates = getTemplateFiles();
     //Retrieve list of template files
     $permissionData = fetchAllPermissions();
     //Retrieve list of all permission levels
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Configuration</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<div id='regbox'>\r\n<form name='adminConfiguration' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<p>\r\n<label>Website Name:</label>\r\n<input type='text' name='settings[" . $settings['website_name']['id'] . "]' value='" . $websiteName . "' />\r\n</p>\r\n<p>\r\n<label>Website URL:</label>\r\n<input type='text' name='settings[" . $settings['website_url']['id'] . "]' value='" . $websiteUrl . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='settings[" . $settings['email']['id'] . "]' value='" . $emailAddress . "' />\r\n</p>\r\n<p>\r\n<label>Activation Threshold:</label>\r\n<input type='text' name='settings[" . $settings['resend_activation_threshold']['id'] . "]' value='" . $resend_activation_threshold . "' />\r\n</p>\r\n<p>\r\n<label>Language:</label>\r\n<select name='settings[" . $settings['language']['id'] . "]'>";
     //Display language options
     foreach ($languages as $optLang) {
         if ($optLang == $language) {
             echo "<option value='" . $optLang . "' selected>{$optLang}</option>";
         } else {
             echo "<option value='" . $optLang . "'>{$optLang}</option>";
         }
     }
     echo "\r\n</select>\r\n</p>\r\n<p>\r\n<label>Email Activation:</label>\r\n<select name='settings[" . $settings['activation']['id'] . "]'>";
     //Display email activation options
     if ($emailActivation == "true") {
         echo "\r\n\t<option value='true' selected>True</option>\r\n\t<option value='false'>False</option>\r\n\t</select>";
     } else {
         echo "\r\n\t<option value='true'>True</option>\r\n\t<option value='false' selected>False</option>\r\n\t</select>";
     }
     echo "</p>\r\n<p>\r\n<label>Template:</label>\r\n<select name='settings[" . $settings['template']['id'] . "]'>";
     //Display template options
     foreach ($templates as $temp) {
         if ($temp == $template) {
             echo "<option value='" . $temp . "' selected>{$temp}</option>";
         } else {
             echo "<option value='" . $temp . "'>{$temp}</option>";
         }
     }
     echo "\r\n</select>\r\n</p>\r\n<input type='submit' name='Submit' value='Submit' />\r\n</form>\r\n</div>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }
Beispiel #14
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $userId = $_GET['id'];
     //Check if selected user exists
     if (!userIdExists($userId)) {
         header("Location: " . str_replace('index.php/', '', site_url('admin_users')));
         die;
     }
     $userdetails = fetchUserDetails(NULL, NULL, $userId);
     //Fetch user details
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected account
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deleteUsers($deletions)) {
                 $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update display name
             if ($userdetails['display_name'] != $_POST['display']) {
                 $displayname = trim($_POST['display']);
                 //Validate display name
                 if (displayNameExists($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
                 } elseif (minMaxRange(5, 25, $displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
                 } elseif (!ctype_alnum($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
                 } else {
                     if (updateDisplayName($userId, $displayname)) {
                         $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             } else {
                 $displayname = $userdetails['display_name'];
             }
             //Activate account
             if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
                 if (setUserActive($userdetails['activation_token'])) {
                     $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Update email
             if ($userdetails['email'] != $_POST['email']) {
                 $email = trim($_POST["email"]);
                 //Validate email
                 if (!isValidEmail($email)) {
                     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
                 } elseif (emailExists($email)) {
                     $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                 } else {
                     if (updateEmail($userId, $email)) {
                         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Update title
             if ($userdetails['title'] != $_POST['title']) {
                 $title = trim($_POST['title']);
                 //Validate title
                 if (minMaxRange(1, 50, $title)) {
                     $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updateTitle($userId, $title)) {
                         $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove permission level
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($remove, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($add, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $userdetails = fetchUserDetails(NULL, NULL, $userId);
         }
     }
     $userPermission = fetchUserPermissions($userId);
     $permissionData = fetchAllPermissions();
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
     //Display activation link, if account inactive
     if ($userdetails['active'] == '1') {
         echo "Yes";
     } else {
         echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
     //Last sign in, interpretation
     if ($userdetails['last_sign_in_stamp'] == '0') {
         echo "Never";
     } else {
         echo date("j M, Y", $userdetails['last_sign_in_stamp']);
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:";
     //List of permission levels user is apart of
     foreach ($permissionData as $v1) {
         if (isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     //List of permission levels user is not apart of
     echo "</p><p>Add Permission:";
     foreach ($permissionData as $v1) {
         if (!isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }
 public function validate_password($value)
 {
     if (minMaxRange(4, 16, $value)) {
         $this->set_specific_error('password', lang("ACCOUNT_PASS_CHAR_LIMIT", array(4, 16)));
     }
 }
Beispiel #16
0
 if ($captcha != $_SESSION['captcha']) {
     $errors[] = lang("CAPTCHA_FAIL");
 }
 if (minMaxRange($user_min_len, $user_max_len, $username)) {
     $errors[] = lang("ACCOUNT_USER_CHAR_LIMIT", array($user_min_len, $user_max_len));
 }
 if (!ctype_alnum($username)) {
     $errors[] = lang("ACCOUNT_USER_INVALID_CHARACTERS");
 }
 if (minMaxRange($display_min_len, $display_max_len, $displayname)) {
     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array($display_min_len, $display_max_len));
 }
 if (!ctype_alnum($displayname)) {
     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
 }
 if (minMaxRange($pass_min_len, $pass_max_len, $password)) {
     $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT", array($pass_min_len, $pass_max_len));
 } else {
     if ($password != $confirm_pass) {
         $errors[] = lang("ACCOUNT_PASS_MISMATCH");
     }
 }
 if (!isValidEmail($email)) {
     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
 }
 //End data validation
 if (count($errors) == 0) {
     //Construct a user object
     $user = new User($username, $displayname, $password, $email);
     //Checking this flag tells us whether there were any errors such as possible data duplication occured
     if (!$user->status) {
         }
     }
     //End data validation
     if (count($errors) == 0) {
         $loggedInUser->updateEmail($email);
         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
     }
 }
 if ($password_new != "" or $password_confirm != "") {
     if (trim($password_new) == "") {
         $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD");
     } else {
         if (trim($password_confirm) == "") {
             $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD");
         } else {
             if (minMaxRange(8, 50, $password_new)) {
                 $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH", array(8, 50));
             } else {
                 if ($password_new != $password_confirm) {
                     $errors[] = lang("ACCOUNT_PASS_MISMATCH");
                 }
             }
         }
     }
     //End data validation
     if (count($errors) == 0) {
         //Also prevent updating if someone attempts to update with the same password
         $entered_pass_new = generateHash($password_new, $loggedInUser->hash_pw);
         if ($entered_pass_new == $loggedInUser->hash_pw) {
             //Don't update, this fool is trying to update with the same password ¬¬
             $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE");
Beispiel #18
0
         $errors[] = lang("ACCOUNT_PASS_MISMATCH");
     }
 }
 if (!isValidEmail($email)) {
     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
 }
 if (!ctype_alnum($country)) {
     $errors[] = lang("ACCOUNT_INVALID_COUNTRY");
 }
 if (!ctype_alnum($state)) {
     $errors[] = lang("ACCOUNT_INVALID_STATE");
 }
 if (minMaxRange(5, 30, $city)) {
     $errors[] = lang("ACCOUNT_INVALID_CITY");
 }
 if (minMaxRange(5, 30, $address)) {
     $errors[] = lang("ACCOUNT_INVALID_ADDRESS");
 }
 if (!ctype_digit($zip)) {
     $errors[] = lang("ACCOUNT_INVALID_ZIP");
 }
 if (!ctype_digit($phone)) {
     $errors[] = lang("ACCOUNT_INVALID_PHONE");
 }
 //End data validation
 if (count($errors) == 0) {
     //Construct a user object
     $user = new User($username, $displayname, $password, $email, $country, $state, $city, $address, $zip, $phone);
     //Checking this flag tells us whether there were any errors such as possible data duplication occured
     if (!$user->status) {
         if ($user->username_taken) {
Beispiel #19
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     //Prevent the user visiting the logged in page if he/she is already logged in
     if (isUserLoggedIn()) {
         header("Location: " . str_replace('index.php/', '', site_url('account')));
         die;
     }
     //Forms posted
     if (!empty($_POST)) {
         $errors = array();
         $email = trim($_POST["email"]);
         $username = trim($_POST["username"]);
         $displayname = trim($_POST["displayname"]);
         $password = trim($_POST["password"]);
         $confirm_pass = trim($_POST["passwordc"]);
         $captcha = md5($_POST["captcha"]);
         if (strtolower($captcha) != strtolower($this->session->userdata('security_code'))) {
             $errors[] = lang("CAPTCHA_FAIL");
         } else {
             $this->session->unset_userdata('security_code');
         }
         if (minMaxRange(5, 25, $username)) {
             $errors[] = lang("ACCOUNT_USER_CHAR_LIMIT", array(5, 25));
         }
         if (!ctype_alnum($username)) {
             $errors[] = lang("ACCOUNT_USER_INVALID_CHARACTERS");
         }
         if (minMaxRange(5, 25, $displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
         }
         if (!ctype_alnum($displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
         }
         if (minMaxRange(8, 50, $password) && minMaxRange(8, 50, $confirm_pass)) {
             $errors[] = lang("ACCOUNT_PASS_CHAR_LIMIT", array(8, 50));
         } else {
             if ($password != $confirm_pass) {
                 $errors[] = lang("ACCOUNT_PASS_MISMATCH");
             }
         }
         if (!isValidEmail($email)) {
             $errors[] = lang("ACCOUNT_INVALID_EMAIL");
         }
         //End data validation
         if (count($errors) == 0) {
             //Construct a user object
             $user = new User($username, $displayname, $password, $email);
             //Checking this flag tells us whether there were any errors such as possible data duplication occured
             if (!$user->status) {
                 if ($user->username_taken) {
                     $errors[] = lang("ACCOUNT_USERNAME_IN_USE", array($username));
                 }
                 if ($user->displayname_taken) {
                     $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
                 }
                 if ($user->email_taken) {
                     $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                 }
             } else {
                 //Attempt to add the user to the database, carry out finishing  tasks like emailing the user (if required)
                 if (!$user->userCakeAddUser()) {
                     if ($user->mail_failure) {
                         $errors[] = lang("MAIL_ERROR");
                     }
                     if ($user->sql_failure) {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
         }
         if (count($errors) == 0) {
             $successes[] = $user->success;
         }
     }
     $vals = array('img_path' => './captcha/', 'img_url' => str_replace("index.php", "", site_url()) . '/captcha/', 'img_width' => '150', 'img_height' => 30, 'expiration' => 7200);
     $cap = create_captcha($vals);
     $this->session->set_userdata("security_code", md5($cap['word']));
     $this->load->view('register', array("cap" => $cap));
 }
    if ($newSettings[9] != $message) {
        $newMessage = $newSettings[9];
        if (minMaxRange(1, 150, $newMessage)) {
            $errors[] = lang("CONFIG_NAME_CHAR_LIMIT", array(1, 150));
        } else {
            if (count($errors) == 0) {
                $cfgId[] = 9;
                $cfgValue[9] = $newMessage;
                $message = $newMessage;
            }
        }
    }
    //Validate new messageType
    if ($newSettings[10] != $messageType) {
        $newMessageType = $newSettings[10];
        if (minMaxRange(1, 150, $newMessageType)) {
            $errors[] = lang("CONFIG_NAME_CHAR_LIMIT", array(1, 150));
        } else {
            if (count($errors) == 0) {
                $cfgId[] = 10;
                $cfgValue[10] = $newMessageType;
                $messageType = $newMessageType;
            }
        }
    }
    //Update configuration table with new settings
    if (count($errors) == 0 and count($cfgId) > 0) {
        updateConfig($cfgId, $cfgValue);
        $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL");
    }
}