Beispiel #1
0
 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
 * License for the specific language governing rights and limitations
 * under the License.
 */
if (!defined('IS_VALID_PHPMYFAQ_ADMIN')) {
    header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
    exit;
}
$ajax_action = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
$user_id = PMF_Filter::filterInput(INPUT_GET, 'user_id', FILTER_VALIDATE_INT);
$usersearch = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRING);
if ($permission['adduser'] || $permission['edituser'] || $permission['deluser']) {
    $user = new PMF_User();
    if ('get_user_list' == $ajax_action) {
        foreach ($user->searchUsers($usersearch) as $single_user) {
            print $single_user['login'] . '|' . $single_user['user_id'] . "\n";
        }
    }
    $user->getUserById($user_id);
    // Return the user data
    if ('get_user_data' == $ajax_action) {
        $userdata = array();
        $userdata = $user->userdata->get('*');
        $userdata['status'] = $user->getStatus();
        print json_encode(array_map('utf8_encode', $userdata));
    }
    // Return the user rights
    if ('get_user_rights' == $ajax_action) {
        print json_encode($user->perm->getUserRights($user_id));
    }
}
Beispiel #2
0
$responseWrapper->addCommonHeaders();
if ($user->perm->checkRight($user->getUserId(), 'adduser') || $user->perm->checkRight($user->getUserId(), 'edituser') || $user->perm->checkRight($user->getUserId(), 'deluser')) {
    $user = new PMF_User($faqConfig);
    switch ($ajaxAction) {
        case 'get_user_list':
            $users = [];
            foreach ($user->searchUsers($usersearch) as $singleUser) {
                $users[] = array('user_id' => $singleUser['user_id'], 'name' => $singleUser['login']);
            }
            $response->setData($users);
            break;
        case 'get_user_data':
            $user->getUserById($userId);
            $userdata = [];
            $userdata = $user->userdata->get('*');
            $userdata['status'] = $user->getStatus();
            $userdata['login'] = $user->getLogin();
            $response->setData($userdata);
            break;
        case 'get_user_rights':
            $user->getUserById($userId);
            $response->setData($user->perm->getUserRights($userId));
            break;
        case 'activate_user':
            $user->getUserById($userId);
            $user->setStatus('active');
            echo json_encode($user->getStatus());
            break;
        case 'delete_user':
            $user->getUserById($userId);
            if ($user->getStatus() == 'protected' || $userId == 1) {
Beispiel #3
0
            $message .= '<script type="text/javascript">updateUser(' . $userId . ');</script>';
        }
    }
}
// delete user confirmation
if ($userAction == 'delete_confirm') {
    $message = '';
    $user = new PMF_User();
    $userId = PMF_Filter::filterInput(INPUT_POST, 'user_list_select', FILTER_VALIDATE_INT, 0);
    if ($userId == 0) {
        $message .= '<p class="error">' . $errorMessages['delUser_noId'] . '</p>';
        $userAction = $defaultUserAction;
    } else {
        $user->getUserById($userId);
        // account is protected
        if ($user->getStatus() == 'protected' || $userId == 1) {
            $userAction = $defaultUserAction;
            $message .= '<p class="error">' . $errorMessages['delUser_protectedAccount'] . '</p>';
        } else {
            ?>

<h2><?php 
            print $text['header'];
            ?>
</h2>
<div id="user_confirmDelete">
    <fieldset>
        <legend><?php 
            print $text['delUser'];
            ?>
</legend>
Beispiel #4
0
         $templateVars['displayPagination'] = true;
         $templateVars['pagination'] = $pagination->render();
     }
     $counter = $displayedCounter = 0;
     foreach ($allUsers as $userId) {
         $user->getUserById($userId);
         if ($displayedCounter >= $perPage) {
             continue;
         }
         $counter++;
         if ($counter <= $firstPage) {
             continue;
         }
         $displayedCounter++;
         $icon = '';
         switch ($user->getStatus()) {
             case 'active':
                 $icon = 'icon-ok';
                 break;
             case 'blocked':
                 $icon = 'icon-lock';
                 break;
             case 'protected':
                 $icon = 'icon-ok-sign';
                 break;
         }
         $templateVars['users'][] = array('id' => $user->getUserId(), 'displayName' => $user->getUserData('display_name'), 'editUrl' => '?action=user&amp;user_id=' . $user->getUserData('user_id'), 'email' => $user->getUserData('email'), 'icon' => $icon, 'loginName' => $user->getLogin(), 'showDeleteButton' => $user->getStatus() !== 'protected', 'status' => $user->getStatus());
     }
     $twig->loadTemplate('user/listallusers.twig')->display($templateVars);
     unset($templateVars, $allUsers, $numUsers, $page, $perPage, $numPages, $lastPage, $firstPage, $baseUrl, $options, $pagination, $counter, $displayedCounter, $icon);
 }
Beispiel #5
0
 // update user data
 if ($userAction == 'update_data') {
     $message = '';
     $userAction = $defaultUserAction;
     $userId = PMF_Filter::filterInput(INPUT_POST, 'user_id', FILTER_VALIDATE_INT, 0);
     if ($userId == 0) {
         $message .= '<p class="error">' . $errorMessages['updateUser_noId'] . '</p>';
     } else {
         $userData = array();
         $userData['display_name'] = PMF_Filter::filterInput(INPUT_POST, 'display_name', FILTER_SANITIZE_STRING, '');
         $userData['email'] = PMF_Filter::filterInput(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL, '');
         $userData['last_modified'] = PMF_Filter::filterInput(INPUT_POST, 'last_modified', FILTER_SANITIZE_STRING, '');
         $userStatus = PMF_Filter::filterInput(INPUT_POST, 'user_status', FILTER_SANITIZE_STRING, $defaultUserStatus);
         $user = new PMF_User();
         $user->getUserById($userId);
         $stats = $user->getStatus();
         // set new password an send email if user is switched to active
         if ($stats == 'blocked' && $userStatus == 'active') {
             $consonants = array("b", "c", "d", "f", "g", "h", "j", "k", "l", "m", "n", "p", "r", "s", "t", "v", "w", "x", "y", "z");
             $vowels = array("a", "e", "i", "o", "u");
             $newPassword = '';
             srand((double) microtime() * 1000000);
             for ($i = 1; $i <= 4; $i++) {
                 $newPassword .= $consonants[rand(0, 19)];
                 $newPassword .= $vowels[rand(0, 4)];
             }
             $user->changePassword($newPassword);
             $mail = new PMF_Mail();
             $mail->addTo($userData['email']);
             $mail->subject = '[%sitename%] Username / activation';
             $mail->message = sprintf("\nUsername: %s\nLoginname: %s\nNew Password: %s\n\n", $userData['display_name'], $user->getLogin(), $newPassword);
Beispiel #6
0
$ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
$userId = PMF_Filter::filterInput(INPUT_GET, 'user_id', FILTER_VALIDATE_INT);
$usersearch = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRING);
if ($permission['adduser'] || $permission['edituser'] || $permission['deluser']) {
    $user = new PMF_User();
    switch ($ajaxAction) {
        case 'get_user_list':
            foreach ($user->searchUsers($usersearch) as $singleUser) {
                print $singleUser['login'] . '|' . $singleUser['user_id'] . "\n";
            }
            break;
        case 'get_user_data':
            $user->getUserById($userId);
            $userdata = array();
            $userdata = $user->userdata->get('*');
            $userdata['status'] = $user->getStatus();
            $userdata['login'] = $user->getLogin();
            print json_encode($userdata);
            break;
        case 'get_user_rights':
            $user->getUserById($userId);
            print json_encode($user->perm->getUserRights($userId));
            break;
        case 'delete_user':
            $user->getUserById($userId);
            if ($user->getStatus() == 'protected' || $userId == 1) {
                $message = '<p class="error">' . $PMF_LANG['ad_user_error_protectedAccount'] . '</p>';
            } else {
                if (!$user->deleteUser()) {
                    $message = $PMF_LANG['ad_user_error_delete'];
                } else {
Beispiel #7
0
        <tbody>
            <?php 
        foreach ($user->getAllUsers() as $userId) {
            $user->getUserById($userId);
            ?>

            <tr class="row_user_id_<?php 
            print $user->getUserData('user_id');
            ?>
">
                <td><?php 
            print $user->getUserData('user_id');
            ?>
</td>
                <td><?php 
            print $user->getStatus();
            ?>
</td>
                <td><?php 
            print $user->getUserData('display_name');
            ?>
</td>
                <td><?php 
            print $user->getLogin();
            ?>
</td>
                <td>
                    <a href="mailto:<?php 
            print $user->getUserData('email');
            ?>
">
            $counter++;
            if ($counter <= $firstPage) {
                continue;
            }
            $displayedCounter++;
            ?>
            <tr class="row_user_id_<?php 
            print $user->getUserId();
            ?>
">
                <td><?php 
            print $user->getUserId();
            ?>
</td>
                <td><i class="<?php 
            switch ($user->getStatus()) {
                case 'active':
                    echo "icon-ok";
                    break;
                case 'blocked':
                    echo 'icon-lock';
                    break;
                case 'protected':
                    echo 'icon-ok-sign';
                    break;
            }
            ?>
"></i></td>
                <td><?php 
            print $user->getUserData('display_name');
            ?>