if (preg_match($email_regex, $contact_email)) {
$contact_email = trim($contact_email);
} else {
array_push($bad_fields, 'contact_email');
}
$contact_phone = request_param('contact_phone');
$contact_address = request_param('contact_address');
# TBD: additional links
$sprink = new Sprinkles();
# TBD: this is expensive; cheapen!
$active_username = $sprink->current_username();
if (!$active_username) {
redirect($sprink->authorize_url('admin.php', false));
exit(0);
}
$existing_admin_users = $sprink->get_users();
if (!$sprink->user_is_admin()) {
redirect('error.php');
exit(0);
}
sort($existing_admin_users);
$admin_users_str = request_param('admin_users_str');
$admin_users = preg_split('/,\\s*|\\s+/', $admin_users_str);
if (!member($active_username, $admin_users)) {
array_push($bad_fields, 'admin_users_str');
} else {
$admin_users = array_filter($admin_users);
$existing_admin_usernames = array();
foreach ($existing_admin_users as $u) {
array_push($existing_admin_usernames, $u['username']);
}
<?php
require_once "Sprinkles.php";
require_once 'admin-fields.php';
$sprink = new Sprinkles();
$user = $sprink->current_user();
$username = $sprink->current_username();
if (!$username) {
redirect($sprink->authorize_url('admin.php', false));
exit(0);
}
$admin_users = $sprink->get_users();
if (!$sprink->user_is_admin()) {
$sprink->add_std_hash_elems($smarty);
$smarty->display('not-admin.t');
}
$company_hcard = $sprink->company_hcard();
$company_name = $company_hcard["fn"];
# TBD: fetch the site_settings row just once per request.
$sql = "select background_color, contact_email, contact_phone, " . "contact_address, logo_link, map_url, faq_type from site_settings";
$result = mysql_query($sql);
if (!$result) {
die("Failed to fetch site settings from database (" . mysql_error() . ").");
}
$settings = mysql_fetch_assoc($result);
$smarty->assign('admin_users', $admin_users);
foreach ($fields as $i => $field) {
if (request_param($field)) {
$settings[$field] = request_param($field);
}
}
