/**
  * this function shows the email-form
  */
 function _mailForm($MailFromName, $MailFrom, $Message, $Check = false)
 {
     $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), $this->_SqlConnection);
     $formMaker->AddForm('contact_formular', '#', $this->_Translation->GetTranslation('send'), $this->_Translation->GetTranslation('contact'), 'post');
     $formMaker->AddHiddenInput('contact_formular', 'page', GetPostOrGet('page'));
     $formMaker->AddHiddenInput('contact_formular', 'action', 'send');
     $formMaker->AddInput('contact_formular', 'contact_mail_from_name', 'text', $this->_Translation->GetTranslation('name'), $this->_Translation->GetTranslation('please_enter_your_name_here') . ' ' . $this->_Translation->GetTranslation('(required)'), $MailFromName);
     //Anti-Spam functionality (try to catch bots with a hidden field no (human) user would be able to see it) ;-)
     $formMaker->AddInput('contact_formular', 'contact_important_name', 'antispam', 'Important Name', 'This is a very important thing!', '');
     if ($Check) {
         $formMaker->AddCheck('contact_formular', 'contact_mail_from_name', 'empty', $this->_Translation->GetTranslation('the_name_must_be_indicated'));
     }
     $formMaker->AddInput('contact_formular', 'contact_mail_from', 'text', $this->_Translation->GetTranslation('email'), $this->_Translation->GetTranslation('please_enter_your_email_here') . ' ' . $this->_Translation->GetTranslation('(required)'), $MailFrom);
     if ($Check) {
         $formMaker->AddCheck('contact_formular', 'contact_mail_from', 'empty', $this->_Translation->GetTranslation('the_email_must_be_indicated'));
     }
     if ($Check && $MailFrom != '') {
         $formMaker->AddCheck('contact_formular', 'contact_mail_from', 'not_email', $this->_Translation->GetTranslation('this_is_an_invalid_email_address'));
     }
     $formMaker->AddInput('contact_formular', 'contact_message', 'textarea', $this->_Translation->GetTranslation('message'), $this->_Translation->GetTranslation('please_enter_here_the_message_you_want_to_send') . ' ' . $this->_Translation->GetTranslation('(required)'), $Message);
     if ($Check) {
         $formMaker->AddCheck('contact_formular', 'contact_message', 'empty', $this->_Translation->GetTranslation('please_enter_your_message'));
     }
     if ($formMaker->CheckInputs('contact_formular', true) && $Check) {
         return '';
     }
     $template = "\r\n\t\t\t\t</p>" . $formMaker->GenerateMultiFormTemplate(&$this->_ComaLate, $Check) . '<p>';
     return $template;
 }
    /**
     * Removes all users from a group after asking for confirmation
     * 
     * @access private
     * @return string A template for the confirmation formular
     */
    function _RemoveAllUsers()
    {
        // Get external parameters
        $GroupID = GetPostOrGet('group_id');
        $Confirmation = GetPostOrGet('confirmation');
        if ($GroupID != 0 && $Confirmation == 1) {
            // we got a group... check wether it got any users and if remove all of them
            $sql = 'SELECT *
						FROM ' . DB_PREFIX . "group_users\n\t\t\t\t\t\tWHERE group_id='{$GroupID}'";
            $result = $this->_SqlConnection->SqlQuery($sql);
            if (mysql_fetch_object($result)) {
                // The group got some users... remove them!
                mysql_free_result($result);
                $sql = 'DELETE
							FROM ' . DB_PREFIX . "group_users\n\t\t\t\t\t\t\tWHERE group_id='{$GroupID}'";
                $this->_SqlConnection->SqlQuery($sql);
                $template = "\r\n\t\t\t\t" . $this->_ViewGroup($GroupID);
                return $template;
            } else {
                // Nothing to do... there are no users in the group...
                $template = "\r\n\t\t\t\t" . $this->_ViewGroup($GroupID);
                return $template;
            }
        } elseif ($GroupID != 0) {
            // Get some information about the group
            $sql = 'SELECT group_name
						FROM ' . DB_PREFIX . "groups\n\t\t\t\t\t\tWHERE group_id={$GroupID}";
            $result = $this->_SqlConnection->SqlQuery($sql);
            $group = mysql_fetch_object($result);
            $group = $group->group_name;
            mysql_free_result($result);
            // Generate a formular to find a new user for the group
            $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), $this->_SqlConnection);
            $formMaker->AddForm('remove_all_users', 'admin.php', $this->_Translation->GetTranslation('remove'), $this->_Translation->GetTranslation('remove_all_users'), 'post');
            $formMaker->AddHiddenInput('remove_all_users', 'page', 'groups');
            $formMaker->AddHiddenInput('remove_all_users', 'action', 'remove_all_users');
            $formMaker->AddHiddenInput('remove_all_users', 'group_id', $GroupID);
            $formMaker->AddInput('remove_all_users', 'confirmation', 'select', $this->_Translation->GetTranslation('remove_users'), sprintf($this->_Translation->GetTranslation('do_you_really_want_to_remove_all_users_from_the_group_%group%?'), $group));
            $formMaker->AddSelectEntry('remove_all_users', 'confirmation', true, 0, $this->_Translation->GetTranslation('no'));
            $formMaker->AddSelectEntry('remove_all_users', 'confirmation', false, 1, $this->_Translation->GetTranslation('yes'));
            // Generate the template to correct the inputs
            $template = "\r\n\t\t\t\t" . $formMaker->GenerateSingleFormTemplate($this->_ComaLate, false);
            return $template;
        } else {
            // Set the user back to the homepage
            $template = "\r\n\t\t\t\t" . $this->_HomePage();
            return $template;
        }
    }
Ejemplo n.º 3
0
 /**
  * Saves a new 'version' of a Menu by it's ID 
  * @access private
  * @return void
  */
 function _CheckMenu()
 {
     // Get external parameters
     $MenuID = GetPostOrGet('menu_id');
     $MenuTitle = GetPostOrGet('menu_title');
     $MenuName = GetPostOrGet('menu_name');
     // Check external parameter
     if (is_numeric($MenuID)) {
         // Get the data of the menu from the database
         $sql = "SELECT *\n\t\t \t\t\t\tFROM " . DB_PREFIX . "menu\n\t\t \t\t\t\tWHERE menu_id='{$MenuID}'";
         $menuResult = $this->_SqlConnection->SqlQuery($sql);
         $menu = mysql_fetch_object($menuResult);
         // Initialize the formmaker class
         $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), &$this->_SqlConnection);
         $formMaker->AddForm('check_menu', 'admin.php', $this->_Translation->GetTranslation('save'), $this->_Translation->GetTranslation('new_menu'), 'post');
         // Add hiddeninputs to place the backcome of the menu
         $formMaker->AddHiddenInput('check_menu', 'page', 'menueditor');
         $formMaker->AddHiddenInput('check_menu', 'action', 'check_menu');
         $formMaker->AddHiddenInput('check_menu', 'menu_id', $MenuID);
         // Add the inputs to the formmaker
         $formMaker->AddInput('check_menu', 'menu_title', 'text', $this->_Translation->GetTranslation('menu_title'), $this->_Translation->GetTranslation('type_here_the_title_of_the_menu'), $MenuTitle);
         $formMaker->AddCheck('check_menu', 'menu_title', 'empty', $this->_Translation->GetTranslation('you_have_to_define_a_menu_title'));
         $formMaker->AddInput('check_menu', 'menu_name', 'text', $this->_Translation->GetTranslation('menu_name'), $this->_Translation->GetTranslation('type_here_the_name_of_the_menu'), $MenuName);
         $formMaker->AddCheck('check_menu', 'menu_name', 'empty', $this->_Translation->GetTranslation('you_have_to_define_a_menu_name'));
         if ($menu->menu_name != $MenuName) {
             $formMaker->AddCheck('check_menu', 'menu_name', 'already_assigned', $this->_Translation->GetTranslation('this_menu_name_is_already_assigned'), '', 'menu', 'menu_name');
         }
         if ($formMaker->CheckInputs('check_menu', true)) {
             // Add menu to the database
             $sql = "UPDATE " . DB_PREFIX . "menu\n\t \t\t\t\t\tSET menu_name='{$MenuName}', menu_title='{$MenuTitle}'\n\t \t\t\t\t\tWHERE menu_id='{$MenuID}'";
             $this->_SqlConnection->SqlQuery($sql);
             // Set user to the HomePage of the usermanager
             $template = "\r\n\t\t\t\t" . $this->_HomePage();
             return $template;
         } else {
             // Generate to edit the errors
             $template = "\r\n\t\t\t\t" . $formMaker->GenerateMultiFormTemplate(&$this->_ComaLate, true);
             return $template;
         }
     }
 }
 /**
  * @return string
  * @access private
  */
 function _ShowPreferences()
 {
     // If there are no settings load return
     if (count($this->_Preferences->Settings) <= 0) {
         return '';
     }
     // Initialize the formMaker class
     $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), $this->_SqlConnection);
     // Add necessary inputs
     $formMaker->AddForm('settings');
     $formMaker->AddHiddenInput('settings', 'page', 'preferences');
     $formMaker->AddHiddenInput('settings', 'action', 'save');
     // Go through each preferences group
     foreach ($this->_Preferences->Settings as $settingsGroup => $settings) {
         // Add a new form to the formmaker
         $formMaker->AddForm("settings_group_{$settingsGroup}", '', $this->_Translation->GetTranslation('save'), $settingsGroup);
         // Display all pereferences of the actual group
         foreach ($settings as $setting) {
             // Load the current config and if it isn't available use the default
             $setting['value'] = $this->_Config->Get($setting['name'], $setting['default']);
             // Make it possible to define simple options lists
             if (substr($setting['datatype'], 0, 6) == 'array(') {
                 $setting['data'] = explode(',', substr($setting['datatype'], 6, -1));
                 $setting['datatype'] = 'array';
             }
             switch ($setting['datatype']) {
                 // 'simple options list'
                 case 'array':
                     $formMaker->AddInput("settings_group_{$settingsGroup}", "setting_{$setting['name']}", 'select', $setting['display'], $setting['description']);
                     // Add the possible values
                     foreach ($setting['data'] as $option) {
                         $formMaker->AddSelectEntry("settings_group_{$settingsGroup}", "setting_{$setting['name']}", $option == $setting['value'] ? true : false, $option, $option);
                     }
                     break;
                     // The pages-tree
                 // The pages-tree
                 case 'page_select':
                     $pageStructure = new Pagestructure($this->_SqlConnection, $this->_User, $this->_ComaLib);
                     $pageStructure->LoadParentIDs();
                     $formMaker->AddInput("settings_group_{$settingsGroup}", "setting_{$setting['name']}", 'select', $setting['display'], $setting['description']);
                     $formMaker->AddSelectEntrysCode("settings_group_{$settingsGroup}", "setting_{$setting['name']}", $pageStructure->PageStructurePulldown(0, 0, '', -1, $setting['default']));
                     break;
                     // 'bool'-options-list
                 // 'bool'-options-list
                 case 'bool':
                     $formMaker->AddInput("settings_group_{$settingsGroup}", "setting_{$setting['name']}", 'select', $setting['display'], $setting['description']);
                     $formMaker->AddSelectEntry("settings_group_{$settingsGroup}", "setting_{$setting['name']}", $setting['value'] == 1 ? true : false, '1', $this->_Translation->GetTranslation('yes'));
                     $formMaker->AddSelectEntry("settings_group_{$settingsGroup}", "setting_{$setting['name']}", $setting['value'] == 0 ? true : false, '0', $this->_Translation->GetTranslation('no'));
                     break;
                     // Every thing else
                 // Every thing else
                 default:
                     $formMaker->AddInput("settings_group_{$settingsGroup}", "setting_{$setting['name']}", 'text', $setting['display'], $setting['description'], $setting['value']);
                     break;
             }
         }
     }
     $formMaker->SetComaLateReplacement(&$this->_ComaLate, false);
     // Generate the template
     $template = "\r\n\t\t\t\t<form action=\"admin.php\" method=\"post\"><FORM_MAKER:loop>\n\t\t\t\t\t{fieldset_start}\n\t\t\t\t\t\t<hidden_inputs:loop><input type=\"hidden\" name=\"{name}\" value=\"{value}\" />\r\n\t\t\t\t\t\t</hidden_inputs>\n\t\t\t\t\t\t{fieldset_legend}\n\t\t\t\t\t\t<inputs:loop>\n\t\t\t\t\t\t\t<div class=\"row\">\n\t\t\t\t\t\t\t\t<label for=\"{name}\">\n\t\t\t\t\t\t\t\t\t<strong>{translation}:</strong>\n\t\t\t\t\t\t\t\t\t<errorinformation:loop><span class=\"error\">{errortext}</span>\n\t\t\t\t\t\t\t\t\t</errorinformation>\n\t\t\t\t\t\t\t\t\t<span class=\"info\">{information}</span>\n\t\t\t\t\t\t\t\t</label>\n\t\t\t\t\t\t\t\t{start_input} name=\"{name}\" id=\"{name}\" {end_input}\n\t\t\t\t\t\t\t</div>\n\t\t\t\t\t\t</inputs>\n\t\t\t\t\t\t{submit_button}\n\t\t\t\t\t{fieldset_end}\n\t\t\t\t</FORM_MAKER>\n\t\t\t\t</form>";
     return $template;
 }
 /**
  * Checks the inputs of the user and saves them to the database if they are correct
  * @access private
  * @return string The template for the correctionspage
  */
 function _CheckProfile()
 {
     // Get external parameters
     $UserID = GetPostOrGet('user_id');
     // Check wether the actual logged in user is the same that should be edited
     if ($UserID == $this->_User->ID) {
         // Get the values of the editfields
         $UserShowname = GetPostOrGet('user_showname');
         $UserName = GetPostOrGet('user_name');
         $UserEmail = GetPostOrGet('user_email');
         $UserPassword = GetPostOrGet('user_password');
         $UserPasswordRepetition = GetPostOrGet('user_password_repetition');
         $UserPreferredLanguage = GetPostOrGet('user_preferred_language');
         // Get the missing data of the user
         $sql = "SELECT user_email\n\t\t\t\t\t\tFROM " . DB_PREFIX . "users\n\t\t\t\t\t\tWHERE user_id='{$this->_User->ID}'";
         $userResult = $this->_SqlConnection->SqlQuery($sql);
         $user = mysql_fetch_object($userResult);
         mysql_free_result($userResult);
         // Initialize the formmaker class
         $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), $this->_SqlConnection);
         $formMaker->AddForm('edit_user', 'special.php', $this->_Translation->GetTranslation('save'), $this->_Translation->GetTranslation('user'), 'post');
         $formMaker->AddHiddenInput('edit_user', 'page', 'userinterface');
         $formMaker->AddHiddenInput('edit_user', 'action', 'check_profile');
         $formMaker->AddHiddenInput('edit_user', 'user_id', $UserID);
         $formMaker->AddInput('edit_user', 'user_showname', 'text', $this->_Translation->GetTranslation('name'), $this->_Translation->GetTranslation('the_name_that_is_displayed_if_the_user_writes_a_news_for_example'), $UserShowname);
         $formMaker->AddCheck('edit_user', 'user_showname', 'empty', $this->_Translation->GetTranslation('the_nickname_must_be_indicated'));
         if ($this->_User->Showname != $UserShowname) {
             $formMaker->AddCheck('edit_user', 'user_showname', 'already_assigned', $this->_Translation->GetTranslation('the_name_is_already_assigned'), '', 'users', 'user_showname');
         }
         $formMaker->AddInput('edit_user', 'user_name', 'text', $this->_Translation->GetTranslation('loginname'), $this->_Translation->GetTranslation('with_this_nick_the_user_can_login_so_he_must_not_fill_in_his_long_name'), $UserName);
         $formMaker->AddCheck('edit_user', 'user_name', 'empty', $this->_Translation->GetTranslation('the_nickname_must_be_indicated'));
         if ($this->_User->Name != $UserName) {
             $formMaker->AddCheck('edit_user', 'user_name', 'already_assigned', $this->_Translation->GetTranslation('the_nickname_is_already_assigned'), '', 'users', 'user_name');
         }
         $formMaker->AddInput('edit_user', 'user_email', 'text', $this->_Translation->GetTranslation('email'), $this->_Translation->GetTranslation('using_the_email_address_the_user_is_contacted_by_the_system'), $UserEmail);
         $formMaker->AddCheck('edit_user', 'user_email', 'empty', $this->_Translation->GetTranslation('the_email_address_must_be_indicated'));
         $formMaker->AddCheck('edit_user', 'user_email', 'not_email', $this->_Translation->GetTranslation('this_is_not_a_valid_email_address'));
         if ($user->user_email != $UserEmail) {
             $formMaker->AddCheck('edit_user', 'user_email', 'already_assigned', $this->_Translation->GetTranslation('the_email_is_already_assigned_to_another_user'), '', 'users', 'user_email');
         }
         $formMaker->AddInput('edit_user', 'user_password', 'password', $this->_Translation->GetTranslation('password'), $this->_Translation->GetTranslation('with_this_password_the_user_can_login_to_restricted_areas'), !empty($UserPassword) ? $UserPassword : '');
         $formMaker->AddInput('edit_user', 'user_password_repetition', 'password', $this->_Translation->GetTranslation('password_repetition'), $this->_Translation->GetTranslation('it_is_guaranteed_by_a_repetition_that_the_user_did_not_mistype_during_the_input'), !empty($UserPasswordRepetition) ? $UserPasswordRepetition : '');
         if (!empty($UserPassword) || !empty($UserPasswordRepetition)) {
             $formMaker->AddCheck('edit_user', 'user_password', 'empty', $this->_Translation->GetTranslation('the_password_field_must_not_be_empty'));
             $formMaker->AddCheck('edit_user', 'user_password', 'not_same_password_value_as', $this->_Translation->GetTranslation('the_password_and_its_repetition_are_unequal'), 'user_password_repetition');
             $formMaker->AddCheck('edit_user', 'user_password_repetition', 'empty', $this->_Translation->GetTranslation('the_password_field_must_not_be_empty'));
         }
         $formMaker->AddInput('edit_user', 'user_preferred_language', 'select', $this->_Translation->GetTranslation('preferred_language'), $this->_Translation->GetTranslation('this_is_your_preferred_language_of_the_installed_ones'));
         // Get all languages installed in the system
         $languageFolder = dir(__ROOT__ . "/lang/");
         while ($file = $languageFolder->read()) {
             // check if the found file is really a language file
             if ($file != "." && $file != ".." && strpos($file, 'lang_') === 0 && substr($file, -4) == '.php') {
                 // extract the pure language name
                 $file = str_replace('lang_', '', $file);
                 $file = str_replace('.php', '', $file);
                 // Check wether the language is the actual one of the user
                 if ($UserPreferredLanguage == $file) {
                     $selected = true;
                 } else {
                     $selected = false;
                 }
                 // Add the found language to the formmaker class
                 $formMaker->AddSelectEntry('edit_user', 'user_preferred_language', $selected, $file, $this->_Translation->GetTranslation($file));
             }
         }
         // Get custom fields
         $sql = "SELECT value.custom_fields_values_value, field.custom_fields_information, field.custom_fields_name, field.custom_fields_title, field.custom_fields_type, field.custom_fields_required\n\t\t\t\t\tFROM (" . DB_PREFIX . "custom_fields field\n\t\t\t\t\tLEFT JOIN " . DB_PREFIX . "custom_fields_values value\n\t\t\t\t\tON field.custom_fields_id = value.custom_fields_values_fieldid)\n\t\t\t\t\tWHERE value.custom_fields_values_userid='{$this->_User->ID}'\n\t\t\t\t\tOR value.custom_fields_values_userid IS NULL";
         $customFieldsDataResult = $this->_SqlConnection->SqlQuery($sql);
         while ($customFieldsData = mysql_fetch_object($customFieldsDataResult)) {
             // Get external value for that field
             ${$customFieldsData->custom_fields_name} = GetPostOrGet($customFieldsData->custom_fields_name);
             // Add input to the formmaker class
             $formMaker->AddInput('edit_user', $customFieldsData->custom_fields_name, 'text', $customFieldsData->custom_fields_title, $customFieldsData->custom_fields_information . ($customFieldsData->custom_fields_required == 1 ? ' ' . $this->_Translation->GetTranslation('(required)') : ''), ${$customFieldsData->custom_fields_name});
             // Get the type of the field
             switch ($customFieldsData->custom_fields_type) {
                 case 'EMail':
                     $type = 'not_email';
                     $text = $this->_Translation->GetTranslation('this_is_not_a_valid_email_address');
                     break;
                 case 'ICQ':
                     $type = 'not_icq';
                     $text = $this->_Translation->GetTranslation('this_is_not_a_valid_icq_number');
                     break;
                 default:
                     $type = '';
                     $text = '';
                     break;
             }
             // Add necessary checks
             if ($customFieldsData->custom_fields_required == 1) {
                 // Check wether the field has any value
                 $formMaker->AddCheck('edit_user', $customFieldsData->custom_fields_name, 'empty', sprintf($this->_Translation->GetTranslation('you_have_to_give_a_value_for_the_field_%field%!'), $customFieldsData->custom_fields_title));
                 // Check wether the field has the necessary value
                 if (!empty($type) && !empty($text)) {
                     $formMaker->AddCheck('edit_user', $customFieldsData->custom_fields_name, $type, $text);
                 }
             } else {
                 if (!empty(${$customFieldsData->custom_fields_name})) {
                     $formMaker->AddCheck('edit_user', $customFieldsData->custom_fields_name, $type, $text);
                 }
             }
         }
         if ($formMaker->CheckInputs('edit_user', true)) {
             $user_password = !empty($UserPassword) ? ", user_password='******'" : '';
             // Update the user in the database
             $sql = "UPDATE " . DB_PREFIX . "users\n\t\t\t\t\t\t\tSET user_showname='{$UserShowname}',\n\t\t\t\t\t\t\t\tuser_name='{$UserName}',\n\t\t\t\t\t\t\t\tuser_preferred_language='{$UserPreferredLanguage}',\n\t\t\t\t\t\t\t\tuser_email='{$UserEmail}'{$user_password}\n\t\t\t\t\t\t\tWHERE user_id={$UserID}";
             $this->_SqlConnection->SqlQuery($sql);
             // Get custom fields
             $sql = "SELECT value.custom_fields_values_value, field.custom_fields_name, value.custom_fields_values_id, field.custom_fields_id, value.custom_fields_values_userid\n\t\t\t\t\t\tFROM (" . DB_PREFIX . "custom_fields field\n\t\t\t\t\t\tLEFT JOIN " . DB_PREFIX . "custom_fields_values value\n\t\t\t\t\t\tON field.custom_fields_id = value.custom_fields_values_fieldid)\n\t\t\t\t\t\tWHERE value.custom_fields_values_userid='{$this->_User->ID}'\n\t\t\t\t\t\tOR value.custom_fields_values_userid IS NULL";
             $customFieldsDataResult = $this->_SqlConnection->SqlQuery($sql);
             while ($customFieldsData = mysql_fetch_object($customFieldsDataResult)) {
                 // Get external value for that field
                 ${$customFieldsData->custom_fields_name} = GetPostOrGet($customFieldsData->custom_fields_name);
                 if ($customFieldsData->custom_fields_values_userid != '') {
                     // Update existing entry
                     $sql = "UPDATE " . DB_PREFIX . "custom_fields_values\n\t\t\t\t\t\t\t\t\tSET custom_fields_values_value='" . ${$customFieldsData->custom_fields_name} . "'\n\t\t\t\t\t\t\t\t\tWHERE custom_fields_values_id='{$customFieldsData->custom_fields_values_id}'";
                     $this->_SqlConnection->SqlQuery($sql);
                 } else {
                     // Insert a new entry into the database
                     $sql = "INSERT INTO " . DB_PREFIX . "custom_fields_values\n\t\t\t\t\t\t\t\t\t(custom_fields_values_userid, custom_fields_values_fieldid, custom_fields_values_value)\n\t\t\t\t\t\t\t\t\tVALUES ('{$this->_User->ID}', '{$customFieldsData->custom_fields_id}', '" . ${$customFieldsData->custom_fields_name} . "')";
                     $this->_SqlConnection->SqlQuery($sql);
                 }
             }
             // Set user back to userinterface
             header('Location: special.php?page=userinterface&lang=' . $UserPreferredLanguage);
             die;
         } else {
             // Generate the template
             $template = "\r\n\t\t\t\t" . $formMaker->GenerateMultiFormTemplate(&$this->_ComaLate, true);
             return $template;
         }
     } else {
         if ($this->_User->IsAdmin) {
             header('Location: admin.php?page=users&action=edit_user&user_id=' . $UserID);
         } else {
             return $this->_Translation->GetTranslation('you_have_no_right_to_edit_the_profile_of_another_user');
         }
     }
 }
Ejemplo n.º 6
0
 /**
  * Checks the administrator inputs
  * @access private
  * @param string $Language The actual language
  * @return void Returns the add administrator page or sets the user back to the database settings
  */
 function _CheckAdministrator($Language)
 {
     // Get external parameters
     $Style = GetPostOrGet('style');
     $Confirmation = GetPostOrGet('confirmation');
     $AdminShowName = GetPostOrGet('admin_showname');
     $AdminName = GetPostOrGet('admin_name');
     $AdminPassword = GetPostOrGet('admin_password');
     $AdminPassword2 = GetPostOrGet('admin_password2');
     // Give config variables their default value to prevent PHP Eclipse from warning about a missing variable
     $d_server = 'localhost';
     $d_pre = 'comacms_';
     $d_user = '******';
     $d_pw = '';
     $d_base = 'comacms';
     // Is the database realy Initialized or tries someone to skip the databasesettings?
     if ($Confirmation != 'yes') {
         header("Location: install.php?page=5&lang={$Language}&style={$Style}&confirmation=yes");
     }
     // Initialize the FormMaker class
     $formMaker = new FormMaker($this->_Translation->GetTranslation('todo'), $this->_SqlConnection);
     // Add a new form for the admin registration
     $formMaker->AddForm('admin_registration', 'install.php', $this->_Translation->GetTranslation('next'), $this->_Translation->GetTranslation('create_administrator'), 'post');
     // Add the hidden inputs
     $formMaker->AddHiddenInput('admin_registration', 'page', '8');
     $formMaker->AddHiddenInput('admin_registration', 'lang', $Language);
     $formMaker->AddHiddenInput('admin_registration', 'style', $Style);
     $formMaker->AddHiddenInput('admin_registration', 'confirmation', 'yes');
     // Add the inputs
     $formMaker->AddInput('admin_registration', 'admin_showname', 'text', $this->_Translation->GetTranslation('name'), $this->_Translation->GetTranslation('the_name_that_is_displayed_if_the_user_writes_a_news_for_example'), $AdminShowName);
     $formMaker->AddInput('admin_registration', 'admin_name', 'text', $this->_Translation->GetTranslation('loginname'), $this->_Translation->GetTranslation('with_this_nick_the_user_can_login_so_he_must_not_fill_in_his_long_name'), $AdminName);
     $formMaker->AddInput('admin_registration', 'admin_password', 'password', $this->_Translation->GetTranslation('password'), $this->_Translation->GetTranslation('with_this_password_the_user_can_login_to_restricted_areas'), $AdminPassword);
     $formMaker->AddInput('admin_registration', 'admin_password2', 'password', $this->_Translation->GetTranslation('password_repetition'), $this->_Translation->GetTranslation('it_is_guaranteed_by_a_repetition_that_the_user_did_not_mistype_during_the_input'), $AdminPassword2);
     // Add the checks for the formular
     $formMaker->AddCheck('admin_registration', 'admin_showname', 'empty', $this->_Translation->GetTranslation('the_name_must_be_indicated'));
     $formMaker->AddCheck('admin_registration', 'admin_name', 'empty', $this->_Translation->GetTranslation('the_nickname_must_be_indicated'));
     $formMaker->AddCheck('admin_registration', 'admin_password', 'empty', $this->_Translation->GetTranslation('the_password_field_must_not_be_empty'));
     $formMaker->AddCheck('admin_registration', 'admin_password', 'not_same_password_value_as', $this->_Translation->GetTranslation('the_password_and_its_repetition_are_unequal'), 'admin_password2');
     $formMaker->AddCheck('admin_registration', 'admin_password2', 'empty', $this->_Translation->GetTranslation('the_password_field_must_not_be_empty'));
     // Check the form and generate errorinformations
     $ok = $formMaker->CheckInputs('admin_registration', true);
     // If everything is ok
     if ($ok && $Confirmation == 'yes') {
         include __ROOT__ . '/config.php';
         $sql = "INSERT INTO {$d_pre}users (user_name, user_showname, user_password, user_registerdate, user_admin, user_activated)\n\t\t\t\t\t\tVALUES ('{$AdminName}', '{$AdminShowName}', '" . md5($AdminPassword) . "', '" . mktime() . "', 1, 1);\n\t\t\t\t\t\tINSERT INTO {$d_pre}config (config_name, config_value)\n\t\t\t\t\t\tVALUES ('install_date', '" . mktime() . "');\n\t\t\t\t\t\tINSERT INTO {$d_pre}config (config_name, config_value)\n\t\t\t\t\t\tVALUES ('style', '{$Style}');\n\t\t\t\t\t\tINSERT INTO {$d_pre}pages (page_lang, page_access, page_name, page_title, page_parent_id, page_creator, page_type, page_date, page_edit_comment)\n\t\t\t\t\t\tVALUES('{$Language}', 'public', 'home', '" . $this->_Translation->GetTranslation('homepage') . "', 0, 1, 'text', " . mktime() . ", 'Installed the Homepage');";
         $this->_SqlConnection = new Sql($d_user, $d_pw, $d_server);
         $this->_SqlConnection->Connect($d_base);
         $this->_SqlConnection->SqlExecMultiple($sql);
         $lastid = mysql_insert_id();
         $sql = "INSERT INTO {$d_pre}pages_text (page_id, text_page_text,text_page_html)\n\t\t\t\t\t\tVALUES ({$lastid}, '" . $this->_Translation->GetTranslation('welcome_to_this_homepage') . "', '" . $this->_Translation->GetTranslation('welcome_to_this_homepage') . "')";
         $this->_SqlConnection->SqlQuery($sql);
         // Lead on to the next page
         header("Location: install.php?page=9&lang={$Language}&style={$Style}");
         die;
     } else {
         // Generate template
         $template = "\r\n\t\t\t\t" . $formMaker->GenerateMultiFormTemplate(&$this->_ComaLate, true);
         return $template;
     }
 }