echo ' 已选 ';
}
#echo(" onchange=\"location.href='edituser/user_id=' + this.options[this.selectedIndex].value + '/';\" ");
echo ">" . escape_html($user_entry['username']) . "</option>";
}
echo '</select>
</li>
</ul>';
if ($vars['user_id']) {
// Load the user's information
$user_data = dbFetchRow("SELECT * FROM users WHERE user_id = ?", array($vars['user_id']));
// Become the selected user. Dirty.
// FIXME this functionality is currently BROKEN. Commented out the link until we handle this better.
// echo("<li><a href='edituser/action=becomeuser/user_id=".$vars['user_id']."/'>成为用户</a></li>");
// Delete the selected user.
if (auth_usermanagement() && $vars['user_id'] !== $_SESSION['user_id']) {
echo '<ul class="nav pull-right">';
echo '<li><a href="' . generate_url(array('page' => 'edituser', 'action' => 'deleteuser', 'user_id' => $vars['user_id'])) . '"><i class="oicon-cross-button"></i> 删除用户</a></li>';
echo '</ul>';
}
}
?>
</div>
</div>
</div>
</form>
<?php
if ($vars['user_id']) {
if ($vars['action'] == "deleteuser") {
</form>
</div>
<div class="col-md-3">
</div>
</div>
<?php
} elseif ($stage == "4") {
$proceed = 1;
?>
<div class="row">
<div class="col-md-3">
</div>
<div class="col-md-6">
<?php
require 'includes/authenticate.inc.php';
if (auth_usermanagement()) {
if (!user_exists($add_user)) {
if (adduser($add_user, $add_pass, '10', $add_email)) {
echo "<div class='alert alert-success'>User has been added successfully</div>";
$proceed = 0;
} else {
echo "<div class='alert alert-danger'>User hasn't been added, please try again</div>";
}
} else {
echo "<div class='alert alert-danger'>User {$add_user} already exists!</div>";
}
} else {
echo "<div class='alert alert-danger'>Auth module isn't loaded</div>";
}
?>
<form class="form-horizontal" role="form" method="post">
// Check for allowed by CIDR range
if (!$auth_allow_cidr) {
$_SESSION['auth_message'] = 'Remote IP not allowed in CIDR ranges';
session_logout(FALSE, 'Remote IP not allowed in CIDR ranges');
header('Location: ' . $config['base_url']);
exit;
}
// Auth from COOKIEs
if ($_SESSION['cookie_auth']) {
$_SESSION['authenticated'] = TRUE;
$auth_success = TRUE;
dbUpdate(array('expire' => $cookie_expire), 'users_ckeys', '`user_ckey_id` = ?', array($_SESSION['user_ckey_id']));
unset($_SESSION['user_ckey_id'], $_SESSION['cookie_auth']);
}
// Auth from ...
if (!$_SESSION['authenticated'] && (authenticate($_SESSION['username'], $auth_password) || auth_usermanagement() && auth_user_level($_SESSION['origusername']) >= 10)) {
// If we get here, it means the password for the user was correct (authenticate() called)
// Store encrypted password
session_encrypt_password($auth_password, $user_unique_id);
// If userlevel == 0 - user disabled and can not log in
if (auth_user_level($_SESSION['username']) < 1) {
$_SESSION['auth_message'] = 'User login disabled';
session_logout(FALSE, 'User disabled');
header('Location: ' . $config['base_url']);
exit;
}
$_SESSION['authenticated'] = TRUE;
$auth_success = TRUE;
dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'result' => 'Logged In'), 'authlog');
// Generate keys for cookie auth
if (isset($_POST['remember']) && $mcrypt_exists) {
