function form_actions()
{
global $user_actions, $auth_realms;
/* ================= input validation ================= */
input_validate_input_regex(get_request_var_post('drp_action'), "^([a-zA-Z0-9_]+)\$");
/* ==================================================== */
/* if we are to save this form, instead of display it */
if (isset($_POST["selected_items"])) {
if (get_request_var_post("drp_action") != "2") {
$selected_items = sanitize_unserialize_selected_items($_POST['selected_items']);
}
if ($selected_items != false) {
if (get_request_var_post("drp_action") == "1") {
/* delete */
for ($i = 0; $i < count($selected_items); $i++) {
user_remove($selected_items[$i]);
api_plugin_hook_function('user_remove', $selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "2") {
/* copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post("selected_items"));
input_validate_input_number(get_request_var_post("new_realm"));
/* ==================================================== */
$new_username = get_request_var_post("new_username");
$new_realm = get_request_var_post("new_realm", 0);
$template_user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("selected_items"));
$overwrite = array("full_name" => get_request_var_post("new_fullname"));
if (strlen($new_username)) {
if (sizeof(db_fetch_assoc("SELECT username FROM user_auth WHERE username = '******' AND realm = " . $new_realm))) {
raise_message(19);
} else {
if (user_copy($template_user["username"], $new_username, $template_user["realm"], $new_realm, false, $overwrite) === false) {
raise_message(2);
} else {
raise_message(1);
}
}
}
}
if (get_request_var_post("drp_action") == "3") {
/* enable */
for ($i = 0; $i < count($selected_items); $i++) {
user_enable($selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "4") {
/* disable */
for ($i = 0; $i < count($selected_items); $i++) {
user_disable($selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "5") {
/* batch copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post("template_user"));
/* ==================================================== */
$copy_error = false;
$template = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("template_user"));
for ($i = 0; $i < count($selected_items); $i++) {
$user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . $selected_items[$i]);
if (isset($user) && isset($template)) {
if (user_copy($template["username"], $user["username"], $template["realm"], $user["realm"], true) === false) {
$copy_error = true;
}
}
}
if ($copy_error) {
raise_message(2);
} else {
raise_message(1);
}
}
}
header("Location: user_admin.php");
exit;
}
/* loop through each of the users and process them */
$user_list = "";
$user_array = array();
$i = 0;
while (list($var, $val) = each($_POST)) {
if (preg_match("/^chk_([0-9]+)\$/", $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post("drp_action") != "2") {
$user_list .= "<li>" . htmlspecialchars(db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $matches[1])) . "</li>";
}
$user_array[$i] = $matches[1];
$i++;
}
}
/* Check for deleting of Graph Export User */
if (get_request_var_post("drp_action") == "1" && isset($user_array) && sizeof($user_array)) {
/* delete */
$exportuser = read_config_option('export_user_id');
if (in_array($exportuser, $user_array)) {
raise_message(22);
header("Location: user_admin.php");
exit;
}
}
include_once "./include/top_header.php";
html_start_box("<strong>" . $user_actions[get_request_var_post("drp_action")] . "</strong>", "60%", "", "3", "center", "");
print "<form action='user_admin.php' method='post'>\n";
if (isset($user_array) && sizeof($user_array)) {
if (get_request_var_post("drp_action") == "1" && sizeof($user_array)) {
/* delete */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\", the selected User(s) will be deleted.</p>\n\t\t\t\t\t\t<p><ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Delete User(s)'>";
}
$user_id = "";
if (get_request_var_post("drp_action") == "2" && sizeof($user_array)) {
/* copy */
$user_id = $user_array[0];
$user_realm = db_fetch_cell("SELECT realm FROM user_auth WHERE id = " . $user_id);
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tWhen you click \"Continue\" the selected User will be copied to the new User below<br><br>\n\t\t\t\t\t</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tTemplate Username: <i>" . db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $user_id) . "</i>\n\t\t\t\t\t</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\tNew Username: "******"new_username", "", "", 25);
print "\t\t\t\t</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tNew Full Name: ";
print form_text_box("new_fullname", "", "", 35);
print "\t\t\t\t</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tNew Realm: \n";
print form_dropdown("new_realm", $auth_realms, "", "", $user_realm, "", 0);
print "\t\t\t\t</td>\n\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Copy User'>";
}
if (get_request_var_post("drp_action") == "3" && sizeof($user_array)) {
/* enable */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\" the selected User(s) will be enabled.</p>\n\t\t\t\t\t\t<p><ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Enable User(s)'>";
}
if (get_request_var_post("drp_action") == "4" && sizeof($user_array)) {
/* disable */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\" the selected User(s) will be disabled.</p>\n\t\t\t\t\t\t<p><ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Disable User(s)'>";
}
if (get_request_var_post("drp_action") == "5" && sizeof($user_array)) {
/* batch copy */
$usernames = db_fetch_assoc("SELECT id,username FROM user_auth WHERE realm = 0 ORDER BY username");
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea' class='odd'>When you click \"Continue\" you will overwrite selected the User(s) settings with the selected template User settings and permissions? Original user Full Name, Password, Realm and Enable status will be retained, all other fields will be overwritten from Template User.<br><br></td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tTemplate User: \n";
print form_dropdown("template_user", $usernames, "username", "id", "", "", 0);
print "\t\t</td>\n\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>User(s) to update:\n\t\t\t\t\t\t<ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Reset User(s) Settings'>";
}
} else {
print "<tr><td class='odd'><span class='textError'>You must select at least one user.</span></td></tr>\n";
$save_html = "<input type='button' value='Return' onClick='window.history.back()'>";
}
print " <tr>\n\t\t\t<td align='right' bgcolor='#eaeaea'>\n\t\t\t\t<input type='hidden' name='action' value='actions'>";
if (get_request_var_post("drp_action") == "2") {
/* copy */
print "\t\t\t\t<input type='hidden' name='selected_items' value='" . $user_id . "'>\n";
} else {
print "\t\t\t\t<input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'>\n";
}
print "\t\t\t\t<input type='hidden' name='drp_action' value='" . get_request_var_post("drp_action") . "'>\n\t\t\t\t{$save_html}\n\t\t\t</td>\n\t\t</tr>\n\t\t";
html_end_box();
include_once "./include/bottom_footer.php";
}
function form_actions() {
global $colors, $user_actions, $auth_realms;
/* if we are to save this form, instead of display it */
if (isset($_POST["selected_items"])) {
if (get_request_var_post("drp_action") != "2") {
$selected_items = unserialize(stripslashes(get_request_var_post("selected_items")));
}
if (get_request_var_post("drp_action") == "1") { /* delete */
for ($i=0;($i<count($selected_items));$i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_remove($selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "2") { /* copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post("selected_items"));
input_validate_input_number(get_request_var_post("new_realm"));
/* ==================================================== */
$new_username = get_request_var_post("new_username");
$new_realm = get_request_var_post("new_realm", 0);
$template_user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("selected_items"));
$overwrite = array( "full_name" => get_request_var_post("new_fullname") );
if (strlen($new_username)) {
if (sizeof(db_fetch_assoc("SELECT username FROM user_auth WHERE username = '******' AND realm = " . $new_realm))) {
raise_message(19);
} else {
if (user_copy($template_user["username"], $new_username, $template_user["realm"], $new_realm, false, $overwrite) === false) {
raise_message(2);
} else {
raise_message(1);
}
}
}
}
if (get_request_var_post("drp_action") == "3") { /* enable */
for ($i=0;($i<count($selected_items));$i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_enable($selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "4") { /* disable */
for ($i=0;($i<count($selected_items));$i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_disable($selected_items[$i]);
}
}
if (get_request_var_post("drp_action") == "5") { /* batch copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post("template_user"));
/* ==================================================== */
$copy_error = false;
$template = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . get_request_var_post("template_user"));
for ($i=0;($i<count($selected_items));$i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
$user = db_fetch_row("SELECT username, realm FROM user_auth WHERE id = " . $selected_items[$i]);
if ((isset($user)) && (isset($template))) {
if (user_copy($template["username"], $user["username"], $template["realm"], $user["realm"], true) === false) {
$copy_error = true;
}
}
}
if ($copy_error) {
raise_message(2);
} else {
raise_message(1);
}
}
header("Location: user_admin.php");
exit;
}
/* loop through each of the users and process them */
$user_list = "";
$user_array = array();
$i = 0;
while (list($var,$val) = each($_POST)) {
if (ereg("^chk_([0-9]+)$", $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post("drp_action") != "2") {
$user_list .= "<li>" . db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $matches[1]) . "<br>";
}
$user_array[$i] = $matches[1];
}
$i++;
}
include_once("./include/top_header.php");
html_start_box("<strong>" . $user_actions[get_request_var_post("drp_action")] . "</strong>", "60%", $colors["header_panel"], "3", "center", "");
print "<form action='user_admin.php' method='post'>\n";
if ((get_request_var_post("drp_action") == "1") && (sizeof($user_array))) { /* delete */
print "
<tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>Are you sure you want to delete the following users?</p>
<p>$user_list</p>
</td>
</tr>\n";
}
$user_id = "";
if ((get_request_var_post("drp_action") == "2") && (sizeof($user_array))) { /* copy */
$user_id = $user_array[0];
$user_realm = db_fetch_cell("SELECT realm FROM user_auth WHERE id = " . $user_id);
print "
<tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
Would you like to copy this user?<br><br>
</td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
Template Username: <i>" . db_fetch_cell("SELECT username FROM user_auth WHERE id=" . $user_id) . "</i>
</td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
New Username: "******"new_username", "", "", 25);
print " </td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
New Full Name: ";
print form_text_box("new_fullname", "", "", 35);
print " </td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
New Realm: \n";
print form_dropdown("new_realm", $auth_realms, "", "", $user_realm, "", 0);
print " </td>
</tr>\n";
}
if ((get_request_var_post("drp_action") == "3") && (sizeof($user_array))) { /* enable */
print "
<tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>Are you sure you want to enable the following users?</p>
<p>$user_list</p>
</td>
</tr>\n";
}
if ((get_request_var_post("drp_action") == "4") && (sizeof($user_array))) { /* disable */
print "
<tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>Are you sure you want to disable the following users?</p>
<p>$user_list</p>
</td>
</tr>\n";
}
if ((get_request_var_post("drp_action") == "5") && (sizeof($user_array))) { /* batch copy */
$usernames = db_fetch_assoc("SELECT id,username FROM user_auth WHERE realm = 0 ORDER BY username");
print "
<tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>Are you sure you want to overwrite the selected users with the selected template users settings and permissions? Original user Full Name, Password, Realm and Enable status will be retained, all other fields will be overwritten from template user.<br><br></td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
Template User: \n";
print form_dropdown("template_user", $usernames, "username", "id", "", "", 0);
print " </td>
</tr><tr>
<td class='textArea' bgcolor='#" . $colors["form_alternate1"] . "'>
<p>Users to update:
$user_list</p>
</td>
</tr>\n";
}
if (sizeof($user_array) == 0) {
print "<tr><td bgcolor='#" . $colors["form_alternate1"]. "'><span class='textError'>You must select at least one user.</span></td></tr>\n";
$save_html = "<a href='user_admin.php'><img src='images/button_cancel.gif' alt='Cancel' align='absmiddle' border='0'></a>";
}else{
$save_html = "<a href='user_admin.php'><img src='images/button_no.gif' alt='Cancel' align='absmiddle' border='0'></a> <input type='image' src='images/button_yes.gif' alt='Save' align='absmiddle'>";
}
print " <tr>
<td align='right' bgcolor='#eaeaea'>
<input type='hidden' name='action' value='actions'>";
if (get_request_var_post("drp_action") == "2") { /* copy */
print " <input type='hidden' name='selected_items' value='" . $user_id . "'>\n";
}else{
print " <input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'>\n";
}
print " <input type='hidden' name='drp_action' value='" . get_request_var_post("drp_action") . "'>
$save_html
</td>
</tr>
";
html_end_box();
include_once("./include/bottom_footer.php");
}
function form_actions()
{
global $user_actions, $auth_realms;
/* if we are to save this form, instead of display it */
if (isset($_POST['associate_host'])) {
while (list($var, $val) = each($_POST)) {
if (ereg('^chk_([0-9]+)$', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') == '1') {
db_execute_prepared('REPLACE INTO user_auth_perms (user_id, item_id, type) VALUES (?, ?, 3)', array(get_request_var_post('id'), $matches[1]));
} else {
db_execute_prepared('DELETE FROM user_auth_perms WHERE user_id = ? AND item_id = ? AND type = 3', array(get_request_var_post('id'), $matches[1]));
}
}
}
header('Location: user_admin.php?action=user_edit&tab=permsd&id=' . get_request_var_post('id'));
exit;
} elseif (isset($_POST['associate_graph'])) {
while (list($var, $val) = each($_POST)) {
if (ereg('^chk_([0-9]+)$', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') == '1') {
db_execute_prepared('REPLACE INTO user_auth_perms (user_id, item_id, type) VALUES (?, ?, 1)', array(get_request_var_post('id'), $matches[1]));
} else {
db_execute_prepared('DELETE FROM user_auth_perms WHERE user_id = ? AND item_id = ? AND type = 1', array(get_request_var_post('id'), $matches[1]));
}
}
}
header('Location: user_admin.php?action=user_edit&tab=permsg&id=' . get_request_var_post('id'));
exit;
} elseif (isset($_POST['associate_template'])) {
while (list($var, $val) = each($_POST)) {
if (ereg('^chk_([0-9]+)$', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') == '1') {
db_execute_prepared('REPLACE INTO user_auth_perms (user_id, item_id, type) VALUES (?, ?, 4)', array(get_request_var_post('id'), $matches[1]));
} else {
db_execute_prepared('DELETE FROM user_auth_perms WHERE user_id = ? AND item_id = ? AND type = 4', array(get_request_var_post('id'), $matches[1]));
}
}
}
header('Location: user_admin.php?action=user_edit&tab=permste&id=' . get_request_var_post('id'));
exit;
} elseif (isset($_POST['associate_groups'])) {
while (list($var, $val) = each($_POST)) {
if (ereg('^chk_([0-9]+)$', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') == '1') {
db_execute_prepared('REPLACE INTO user_auth_group_members (user_id, group_id) VALUES (?, ?)', array(get_request_var_post('id'), $matches[1]));
} else {
db_execute_prepared('DELETE FROM user_auth_group_members WHERE user_id = ? AND group_id = ?', array(get_request_var_post('id'), $matches[1]));
}
}
}
header('Location: user_admin.php?action=user_edit&tab=permsgr&id=' . get_request_var_post('id'));
exit;
} elseif (isset($_POST['associate_tree'])) {
while (list($var, $val) = each($_POST)) {
if (ereg('^chk_([0-9]+)$', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') == '1') {
db_execute_prepared('REPLACE INTO user_auth_perms (user_id, item_id, type) VALUES (?, ?, 2)', array(get_request_var_post('id'), $matches[1]));
} else {
db_execute_prepared('DELETE FROM user_auth_perms WHERE user_id = ? AND item_id = ? AND type = 2', array(get_request_var_post('id'), $matches[1]));
}
}
}
header('Location: user_admin.php?action=user_edit&tab=permstr&id=' . get_request_var_post('id'));
exit;
} elseif (isset($_POST['selected_items'])) {
if (get_request_var_post('drp_action') != '2') {
$selected_items = unserialize(stripslashes(get_request_var_post('selected_items')));
}
if (get_request_var_post('drp_action') == '1') {
/* delete */
for ($i = 0; $i < count($selected_items); $i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_remove($selected_items[$i]);
api_plugin_hook_function('user_remove', $selected_items[$i]);
}
}
if (get_request_var_post('drp_action') == '2') {
/* copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post('selected_items'));
input_validate_input_number(get_request_var_post('new_realm'));
/* ==================================================== */
$new_username = get_request_var_post('new_username');
$new_realm = get_request_var_post('new_realm', 0);
$template_user = db_fetch_row_prepared('SELECT username, realm FROM user_auth WHERE id = ?', array(get_request_var_post('selected_items')));
$overwrite = array('full_name' => get_request_var_post('new_fullname'));
if (strlen($new_username)) {
if (sizeof(db_fetch_assoc_prepared('SELECT username FROM user_auth WHERE username = ? AND realm = ?', array($new_username, $new_realm)))) {
raise_message(19);
} else {
if (user_copy($template_user['username'], $new_username, $template_user['realm'], $new_realm, false, $overwrite) === false) {
raise_message(2);
} else {
raise_message(1);
}
}
}
}
if (get_request_var_post('drp_action') == '3') {
/* enable */
for ($i = 0; $i < count($selected_items); $i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_enable($selected_items[$i]);
}
}
if (get_request_var_post('drp_action') == '4') {
/* disable */
for ($i = 0; $i < count($selected_items); $i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
user_disable($selected_items[$i]);
}
}
if (get_request_var_post('drp_action') == '5') {
/* batch copy */
/* ================= input validation ================= */
input_validate_input_number(get_request_var_post('template_user'));
/* ==================================================== */
$copy_error = false;
$template = db_fetch_row_prepared('SELECT username, realm FROM user_auth WHERE id = ?', array(get_request_var_post('template_user')));
for ($i = 0; $i < count($selected_items); $i++) {
/* ================= input validation ================= */
input_validate_input_number($selected_items[$i]);
/* ==================================================== */
$user = db_fetch_row_prepared('SELECT username, realm FROM user_auth WHERE id = ?', array($selected_items[$i]));
if (isset($user) && isset($template)) {
if (user_copy($template['username'], $user['username'], $template['realm'], $user['realm'], true) === false) {
$copy_error = true;
}
}
}
if ($copy_error) {
raise_message(2);
} else {
raise_message(1);
}
}
header('Location: user_admin.php');
exit;
}
/* loop through each of the users and process them */
$user_list = '';
$user_array = array();
$i = 0;
while (list($var, $val) = each($_POST)) {
if (preg_match('/^chk_([0-9]+)$/', $var, $matches)) {
/* ================= input validation ================= */
input_validate_input_number($matches[1]);
/* ==================================================== */
if (get_request_var_post('drp_action') != '2') {
$user_list .= '<li>' . db_fetch_cell_prepared('SELECT username FROM user_auth WHERE id = ?', array($matches[1])) . '</li>';
}
$user_array[$i] = $matches[1];
$i++;
}
}
/* Check for deleting of Graph Export User */
if (get_request_var_post('drp_action') == '1' && isset($user_array) && sizeof($user_array)) {
/* delete */
$exportuser = read_config_option('export_user_id');
if (in_array($exportuser, $user_array)) {
raise_message(22);
header('Location: user_admin.php');
exit;
}
}
top_header();
html_start_box('<strong>' . $user_actions[get_request_var_post('drp_action')] . '</strong>', '40%', '', '3', 'center', '');
print "<form action='user_admin.php' method='post'>\n";
if (isset($user_array) && sizeof($user_array)) {
if (get_request_var_post('drp_action') == '1' && sizeof($user_array)) {
/* delete */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\", the selected User(s) will be deleted.</p>\n\t\t\t\t\t\t<p><ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Delete User(s)'>";
}
$user_id = '';
if (get_request_var_post('drp_action') == '2' && sizeof($user_array)) {
/* copy */
$user_id = $user_array[0];
$user_realm = db_fetch_cell_prepared('SELECT realm FROM user_auth WHERE id = ?', array($user_id));
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tWhen you click \"Continue\" the selected User will be copied to the new User below<br><br>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tTemplate Username: <i>" . db_fetch_cell_prepared('SELECT username FROM user_auth WHERE id = ?', array($user_id)) . "</i>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\tUsername: "******"\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tFull Name: ";
print form_text_box('new_fullname', '', '', 35);
print "\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tRealm: \n";
print form_dropdown('new_realm', $auth_realms, '', '', $user_realm, '', 0);
print "\t\t\t\t</td>\n\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Copy User'>";
}
if (get_request_var_post('drp_action') == '3' && sizeof($user_array)) {
/* enable */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\" the selected User(s) will be enabled.</p>\n\t\t\t\t\t\t<ul>{$user_list}</ul>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Enable User(s)'>";
}
if (get_request_var_post('drp_action') == '4' && sizeof($user_array)) {
/* disable */
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>When you click \"Continue\" the selected User(s) will be disabled.</p>\n\t\t\t\t\t\t<ul>{$user_list}</ul>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Disable User(s)'>";
}
if (get_request_var_post('drp_action') == '5' && sizeof($user_array)) {
/* batch copy */
$usernames = db_fetch_assoc('SELECT id, username FROM user_auth WHERE realm = 0 ORDER BY username');
print "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='textArea'>When you click \"Continue\" you will overwrite selected the User(s) settings with the selected template User settings and permissions? Original user Full Name, Password, Realm and Enable status will be retained, all other fields will be overwritten from Template User.<br><br></td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\tTemplate User: \n";
print form_dropdown('template_user', $usernames, 'username', 'id', '', '', 0);
print "\t\t</td>\n\t\t\t\t</tr><tr>\n\t\t\t\t\t<td class='textArea'>\n\t\t\t\t\t\t<p>User(s) to update:\n\t\t\t\t\t\t<ul>{$user_list}</ul></p>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n";
$save_html = "<input type='button' value='Cancel' onClick='window.history.back()'> <input type='submit' value='Continue' title='Reset User(s) Settings'>";
}
} else {
print "<tr><td class='even'><span class='textError'>You must select at least one user.</span></td></tr>\n";
$save_html = "<input type='button' value='Return' onClick='window.history.back()'>";
}
print " <tr>\n\t\t\t<td align='right' class='saveRow'>\n\t\t\t\t<input type='hidden' name='action' value='actions'>";
if (get_request_var_post('drp_action') == '2') {
/* copy */
print "\t\t\t\t<input type='hidden' name='selected_items' value='" . $user_id . "'>\n";
} else {
print "\t\t\t\t<input type='hidden' name='selected_items' value='" . (isset($user_array) ? serialize($user_array) : '') . "'>\n";
}
print "\t\t\t\t<input type='hidden' name='drp_action' value='" . get_request_var_post('drp_action') . "'>\n\t\t\t\t{$save_html}\n\t\t\t</td>\n\t\t</tr>\n\t\t";
html_end_box();
bottom_footer();
}
