display_help();
exit(0);
default:
echo "ERROR: Invalid Argument: ($arg)\n\n";
display_help();
exit(1);
}
}
if ($displayGroups) {
displayGroups($quietMode);
exit(1);
}
if ($displayUsers) {
displayUsers($quietMode);
exit(1);
}
if ($displayTrees) {
displayTrees($quietMode);
exit(1);
}
if ($displayHosts) {
$hosts = getHosts();
displayHosts($hosts, $quietMode);
exit(1);
}
if ($displayGraphs) {
header("Location: http://{$host}{$uri}/{$extra}");
die;
} else {
/**
* Administrator is viewing page, so display all
* forms.
*/
$order_by = "last_activity";
$order_type = "DESC";
if (!empty($_REQUEST['order_by'])) {
$order_by = $_REQUEST['order_by'];
}
if (!empty($_REQUEST['order_type'])) {
$order_type = $_REQUEST['order_type'];
}
$user_table = displayUsers($order_by, $order_type);
$head_title = _("User administration") . " :: OpenHomeopath";
$skin = $session->skin;
include "skins/{$skin}/header.php";
?>
<h1>
<?php
echo _("User administration");
?>
</h1>
<br>
<?php
if ($form->num_errors > 0) {
echo "<p class='error_message'>!*** " . _("Error in the request, please correct") . "</p><br>\n";
}
if (isset($_GET["count"])) {
function displayUserMenu($config)
{
if (isset($_GET['ChangeBtn'])) {
if (isValidUser($config)) {
displayPassChange(false, false);
}
} else {
if (isset($_GET['AddUserBtn'])) {
if (isValidUser($config)) {
displayPassChange(true, true);
}
} else {
if (isset($_GET['EditUserBtn'])) {
if (isValidUser($config)) {
displayPassChange(true, false);
}
} else {
if (isset($_GET['DelUserBtn'])) {
if (isValidUser($config)) {
displayDelUser($config);
}
} else {
if (isset($_GET['DispUsers'])) {
displayUsers();
} else {
?>
<div align="center">
<h3>User Management Menu</h3>
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
&ChangeBtn=true">Change Your Password</a><br />
<?php
if ($config->adminLvl >= 50) {
?>
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
&AddUserBtn=true">Add Users</a><br />
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
&EditUserBtn=true">Change User Password or Admin Level</a><br />
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
&DelUserBtn=true">Remove User</a><br />
<a href="<?php
echo $_SERVER['REQUEST_URI'];
?>
&DispUsers=true">Display/Edit All Users</a><br />
<a href="?userVerify=true">Verify Users</a>
<?php
}
echo '</div>';
}
}
}
}
}
}
<?
if($form->num_errors > 0){
echo "<font size=\"4\" color=\"#ff0000\">"
."!*** Error with request, please fix</font><br><br>";
}
?>
<table align="left" border="0" cellspacing="5" cellpadding="5">
<tr><td>
<?
/**
* Display Users Table
*/
?>
<h3>Users Table Contents:</h3>
<?
displayUsers();
?>
</td></tr>
<tr>
<td>
<br>
<?
/**
* Update User Level
*/
?>
<h3>Update User Level</h3>
<? echo $form->error("upduser"); ?>
<table>
<form action="adminprocess.php" method="POST">
<tr><td>
array_push($user_errors, "Authority is not valid.");
}
//if no errors create a new User
if ($user_errors === '') {
$user = new User($input_firstname, $input_lastname, $input_email, $input_username, $hash_password, $input_authority);
var_dump($user);
insertUser($db_connection, $user);
} else {
array_push($user_errors, "ERROR-Failed to create user.");
}
// if (password_verify("weird", $hash_password)) {
// echo "correct";
// } else {
// echo "incorrect";
// }
displayUsers($db_connection);
print_r(array_values($user_errors));
function insertUser($dbConnection, $user)
{
try {
$stmt = $dbConnection->prepare('INSERT INTO users (first_name,last_name,username,password,email,authority,created_date)
VALUES (:first_name,:last_name,:username,:password,:email,:authority, :created_date)');
$stmt->execute((array) $user);
} catch (PDOException $e) {
error_log($e);
echo "ERROR - failed to create record.";
// echo 'ERROR: '.$e->getMessage(); THIS IS BAD PER JESSE. Do not display database error messages to the browser!!!!!
}
}
function displayUsers($dbConnection)
{
//toLog("Operation:" . $op);
switch ($op) {
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
case "advancedUserManager":
advancedUserManager($viewmode, $sortorder, $start);
break;
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
case "mod_users":
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
// displayUsers();
displayUsers($menu);
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
break;
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
case "advancedUserMangerViewUser":
AdvancedUserMangerViewUser($username);
break;
case advacnedUserManagerDel:
global $user_prefix, $db, $prefix, $nukeurl, $sitename, $adminmail, $subscription_url, $admin_file;
global $admin_file, $bgcolor2, $db, $prefix;
global $user_module;
include "header.php";
<?php
if (strpos($_SERVER['REQUEST_URI'], basename(__FILE__)) !== false) {
header("Location: ../HomePage.php");
}
include 'global_functions.php';
include 'user.php';
include 'demographic.php';
@($q = htmlspecialchars(strip_tags($_POST['q'])));
@($r = htmlspecialchars(strip_tags($_POST['r'])));
@($s = htmlspecialchars(strip_tags($_POST['s'])));
@($t = htmlspecialchars(strip_tags($_POST['t'])));
switch ($q) {
case 'displayUsers':
displayUsers($r);
break;
case 'updateUser':
updateUser(intval($r), $s, $t);
break;
case 'deleteUser':
deleteUser(intval($r));
header('location: allusers.php?SHOW');
break;
default:
break;
}
function getFormPOST($option)
{
//return an array containing a user and a demographic with the post data
$d = new demographic();
$u = new user();
$y->setPass($lines[2]);
echo "<td>".$y->getPass()."</td>";
$y->setFirstName($lines[3]);
echo "<td>".$y->getFirstName()."</td>";
$y->setLastName($lines[4]);
echo "<td>".$y->getLastName()."</td>";
$y->setAilment($lines[5]);
echo "<td class='wrap'>".$y->getAilment()."</td>";
$y->setEthnicity($lines[6]);
echo "<td>".$y->getEthnicity()."</td>";
$y->setGender($lines[7]);
echo "<td>".$y->getGender()."</td>";
$y->setDOB($lines[8]);
echo "<td>".$y->getDOB()."</td>";
echo "</tr>";
}*/
displayUsers('SHOW');
} elseif ($q == 'EDIT') {
displayUsers('EDIT');
} else {
echo "<p>The site doesn't have any users yet...</p>";
}
//check if the file exists, if not, create it
} else {
}
require 'footer.php';
?>
</fieldset>
</fieldset>
</body>
</html>
function in_level()
{
global $generic;
if (!empty($_GET['lid'])) {
$lid = $_GET['lid'];
$page = !empty($_GET['page']) && $_GET['page'] > 0 ? (int) $_GET['page'] : 1;
$limit = 10;
$StartIndex = $limit * ($page - 1);
$sql = "SELECT * FROM login_users";
$stmt = $generic->query($sql);
$count = 0;
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if (array_intersect(array($lid), unserialize($row['user_level']))) {
$count++;
}
}
if ($count < 1) {
echo '<p>' . _('No users found!') . '</p>';
return false;
}
?>
<table class="table">
<thead>
<tr>
<th><?php
echo _('Username');
?>
</th>
<th><?php
echo _('Name');
?>
</th>
<th><?php
echo _('Email');
?>
</th>
<th><?php
echo _('Registered Date');
?>
</th>
<th><?php
echo _('Last Login');
?>
</th>
</tr>
</thead>
<tbody>
<?php
/* Print out each user of this level */
$params = array(':user_level' => "%:\"{$lid}\";%");
$sql = "SELECT * FROM login_users WHERE user_level LIKE :user_level ORDER BY timestamp DESC LIMIT {$StartIndex},{$limit}";
$stmt = $generic->query($sql, $params);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo displayUsers($row);
}
?>
</tbody>
</table>
<?php
echo pagination('login_users', 'ORDER BY timestamp DESC', "{$count}");
}
}
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
@endif
<!-- Simple form to take the number of requested random users --> <br />
<form method='POST' action='/user'>
<input type='hidden' name='_token' value='{{ csrf_token() }}'>
<fieldset>
<label>How many users?</label>
<br />
<input type='text' name='users' value="3">
<input type='submit' name='submit' value='Generate'>
</fieldset>
<fieldset>
<input type="checkbox" name="address" id="address" checked>
<label for="address">Address</label>
<input type="checkbox" name="blurb" id="blurb" checked>
<label for="blurb">Blurb</label>
</fieldset>
</form>
<?php
if (isset($_POST['submit'])) {
echo displayUsers($_POST['users']);
}
?>
@stop
function user_admin_main($var)
{
switch ($var['op']) {
case "modifyUser":
modifyUser($var['chng_uid']);
break;
case "updateUser":
updateUser($var);
break;
case "delUser":
deleteUser($var['chng_uid']);
break;
case "delUserConf":
deleteUserConfirm($var['del_uid']);
break;
case "addUser":
addUser($var);
break;
case "getConfig":
user_admin_getConfig();
break;
case "setConfig":
user_admin_setConfig($var);
break;
case "getRegConfig":
user_admin_getRegConfig();
break;
case "setRegConfig":
user_admin_setRegConfig($var);
break;
case "getDynamic":
user_dynamic_data();
break;
case "add_property":
add_property();
break;
case "delete_property":
delete_property($var);
break;
case "delPropConf":
delete_property_confirm($var);
break;
case "deactivate_property":
deactivate_property($var);
break;
case "activate_property":
activate_property($var);
break;
case "increase_weight":
increase_weight($var);
break;
case "decrease_weight":
decrease_weight($var);
break;
default:
displayUsers();
break;
}
}
