public static function menu()
{
if (Privileges::access(__METHOD__) !== true || !G::isLoggedIn()) {
return '';
}
$html = Tag::hTag('b') . 'Database Menu' . Tag::_hTag('b') . Tag::form(['method' => 'get']) . Response::factory()->action(__CLASS__ . '->index()')->toHidden(false) . Lists::select('tblName', self::TABLES_SQL, ['size' => '10', 'onClick' => 'submit();']) . Tag::_form();
return $html;
}
public static function menu()
{
if (Privileges::access(__METHOD__) !== true || !G::isLoggedIn()) {
return '';
}
$resp = new Response();
$html = Tag::hTag('b') . 'Super Admin Menu' . Tag::_hTag('b') . Tag::ul(['id' => 'menuList']);
foreach (self::getMenu() as $title => $action) {
$html .= Tag::li() . Tag::hRef('?' . $resp->action($action)->toUrl(), $title) . Tag::_li();
}
$html .= Tag::_ul();
return $html;
}
private static function checkPriviliages($action)
{
if (!Cfg::get('check_priviliages', false)) {
return $action;
}
if (($loginAction = Privileges::access($action)) === false) {
return false;
}
if (is_string($loginAction) && isset($_SERVER["REQUEST_URI"])) {
Request::set(self::SAVE_URL, $_SERVER["REQUEST_URI"]);
$action = $loginAction;
}
return $action;
}
public function signUp()
{
$checkIdSql = 'SELECT COUNT(*) FROM tblUser WHERE fldUser=?';
if (Request::get('_CAP') != Request::get('fldCaptcha')) {
$msg = 'Invalid Security Code ' . $this->newRegistration();
} else {
if (DB::oneValue(DB::DEF, $checkIdSql, Request::get('fldEmail')) != 0) {
$msg = 'A user with email: ' . Request::get('fldEmail') . ' currently exists on this system<br/>' . 'Either choose a new email address or request a new password.' . $this->newRegistration();
} else {
// Generate a password for the user
$pw = Password::passGen(10, Password::MEDIUM);
// Add the User to the Database
$now = time();
if (DB::driver() == DB::MYSQL) {
$sql = <<<SQL
INSERT INTO tblUser
(fldUserID,fldUser,fldFirstName,fldLastName,fldPassword,fldDomain,fldCreated, fldLevel)
VALUES ( ?, ?, ?, ?, PASSWORD(?),?, {$now}, ? )
SQL;
} else {
$sql = <<<SQL
INSERT INTO tblUser
(fldUserID,fldUser,fldFirstName,fldLastName,fldPassword,fldDomain,fldCreated, fldLevel)
VALUES ( ?, ?, ?, ?, ?, ?, {$now}, ? )
SQL;
$pw = hash('md5', $pw);
}
$params = [DBMaintenance::dbNextNumber(DB::DEF, 'tblUser'), Request::get('fldEmail'), Request::get('fldFirstName'), Request::get('fldLastName'), $pw, Cfg::get('server'), Privileges::getSecurityLevel('USER')];
DB::exec(DB::DEF, $sql, $params);
$boss = Cfg::get('boss');
$desc = Cfg::get('desc');
$body = '<h3>New User: <b>%s %s</b><br>Email: <b>%s</b></h3><br>Has joined %s';
// create the email message to notify about a new user
Mailer::envelope()->format(Mailer::HTML_TEXT)->from(Request::get('fldEmail'))->to($boss)->subject('New user has joined ' . $desc)->body(sprintf($body, Request::get('fldFirstName'), Request::get('fldLastName'), Request::get('fldEmail'), $desc))->send();
$body = <<<TXT
Thanks for signing up for %s
Here are your login details
Username: %s
Password: %s
Regards
%s
TXT;
// create the email message to notify the new user of his/her login details
Mailer::envelope()->from($boss)->to(Request::get('fldEmail'))->subject('Welcome to ' . $desc)->body(sprintf($body, $desc, Request::get('fldEmail'), $pw, $desc))->send();
// Let the user know that the registration was succesful
$msg = 'Congratulations you have been signed up for ' . $desc . '<br>' . 'Soon you will receive a confirmation email that will contain' . 'your login details.';
}
}
return Widget::popupWrapper($msg, -1);
}
protected function getDisplayName()
{
$name = G::get('fldFirstName') . ' ' . G::get('fldLastName');
if (G::isLoggedIn() && G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
$uName = Tag::hRef('superadmin.php', $name, ['class' => 'admin']);
} else {
$uName = Tag::e($name);
}
return $uName;
}
public function editAccount()
{
$resp = new Response();
$uid = G::get('fldUserID');
$html = '';
$props = [];
$jsUrl = Cfg::get('js_url');
$jQuery = <<<JS
\$().ready(function() {
\$('a.facebox').facebox({closeImage: '{$jsUrl}/images/closelabel.png',
loadingImage: '{$jsUrl}/images/loading.gif'
});
});
JS;
$userSql = DB::driver() == DB::MYSQL ? self::USER_SQL_MYSQL : self::USER_SQL_SQLITE;
if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
$uid = Request::get('fldUserID', G::get('fldUserID'));
$props['where'] = ['fldUserID' => G::get('fldUserID')];
$html .= Tag::form() . $resp->action(sprintf('%s->%s()', __CLASS__, __FUNCTION__))->toHidden() . Tag::table() . Tag::tr() . Tag::th() . 'User to edit' . Tag::_th() . Tag::td() . Lists::select('fldUserID', $userSql, ['onChange' => 'submit()', 'default' => $uid]) . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form();
}
$formName = 'Admin_editAccount';
$valid = Validator::factory($formName)->addEqual('fldPassword', 'fldPassword_CHK', 'Your passwords do not match')->addLength('fldPassword', 'Password must be at least 6 characters', 6, null, true)->addExists('fldFirstName', 'You must enter your first name')->addExists('fldLastName', 'You must enter your last name');
$row = DB::oneRow(DB::DEF, 'SELECT * FROM tblUser WHERE fldUserID=?', $uid);
$html .= '<h2>Edit User Account</h2>' . $valid->toHtml() . Tag::form(['name' => $formName, 'onSubmit' => $valid->onSubmit()]) . $resp->action(sprintf('%s->%sSave()', __CLASS__, __FUNCTION__))->set('fldUserID', $uid)->toHidden() . Tag::table();
$html .= Tag::tr() . Tag::td() . Tag::table() . Tag::tr() . Tag::td() . 'User Name/Email' . Tag::_td() . Tag::td() . Tag::text('fldUser', $row['fldUser']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Old Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_OLD') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Confirm Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_CHK') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Title' . Tag::_td() . Tag::td() . Tag::text('fldSalutation', $row['fldSalutation']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'First Name' . Tag::_td() . Tag::td() . Tag::text('fldFirstName', $row['fldFirstName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Last Name' . Tag::_td() . Tag::td() . Tag::text('fldLastName', $row['fldLastName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Time Zone' . Tag::_td() . Tag::td() . Lists::select('fldTimeZone', self::TZ_SQL, ['default' => $row['fldTimeZone']]) . Tag::_td() . Tag::_tr();
if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
$html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Lists::select('fldLevel', self::LEVEL_SQL, ['default' => $row['fldLevel']]) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . Tag::text('fldFails', $row['fldFails']) . Tag::_td() . Tag::_tr();
} else {
$html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Privileges::getSecurityLevel($row['fldLevel']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . $row['fldFails'] . Tag::_td() . Tag::_tr();
}
$html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::submit('Save') . Tag::_td() . Tag::_tr();
if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
$html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->newUser()')->toUrl(), 'Create New User', ['class' => 'facebox']) . Tag::_td() . Tag::_tr();
}
$html .= Tag::_table() . Tag::_td() . Tag::td(['valign' => 'top', 'align' => 'center']) . Tag::table() . Tag::tr() . Tag::td(['valign' => 'top', 'align' => 'center']) . Gravatar::icon($row['fldUser'], 128) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . Tag::linkButton(Gravatar::getURL(), 'Change Picture', ['target' => '_blank', 'title' => 'your gravatar is associated with your email address ' . $row['fldUser'] . ' (up to 24 hrs to change)']) . Tag::_td() . Tag::_tr();
if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN')) && $uid != G::get('fldUserID')) {
$name = $row['fldFirstName'] . ' ' . $row['fldLastName'];
$html .= Tag::tr() . Tag::td() . Tag::linkButton('?' . $resp->action(__CLASS__ . '->loginAs()')->set('fldUser', $row['fldUser'])->toUrl(), 'Login as this User', ['title' => "Login as this user ({$name})"]) . Tag::_td() . Tag::_tr();
}
$html .= Tag::_table() . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form();
return JS::library(JS::JQUERY) . JS::libraryWithDependancies(JS::FACEBOX) . JS::javaScript($jQuery) . $html;
}
