$result = $db->Execute("select admin_id from " . TABLE_USERS . " where admin_name = '" . db_prepare_input($_POST['admin_name']) . "'"); if ($result->RecordCount() > 0) { $error = $messageStack->add(ENTRY_DUP_USER_NEW_ERROR, 'error'); } } if (!$error) { if ($admin_id) { db_perform(TABLE_USERS, $sql_data_array, 'update', 'admin_id = ' . (int) $admin_id); gen_add_audit_log(sprintf(GEN_LOG_USER, TEXT_UPDATE), db_prepare_input($_POST['admin_name'])); } else { db_perform(TABLE_USERS, $sql_data_array); $admin_id = db_insert_id(); gen_add_audit_log(sprintf(GEN_LOG_USER, TEXT_ADD), db_prepare_input($_POST['admin_name'])); } if ($admin_id == $_SESSION['admin_id']) { $_SESSION['admin_security'] = gen_parse_permissions($admin_security); } // update if user is current user } elseif ($error) { $_REQUEST['action'] = 'edit'; } $uInfo = new objectInfo($_POST); $uInfo->admin_security = $admin_security; break; case 'copy': validate_security($security_level, 3); $admin_id = db_prepare_input($_GET['cID']); $new_name = db_prepare_input($_GET['name']); // check for duplicate user names $result = $db->Execute("select admin_name from " . TABLE_USERS . " where admin_name = '" . $new_name . "'"); if ($result->Recordcount() > 0) {
echo TEXT_FILL_ALL_LEVELS . ' ' . html_pull_down_menu('fill_all', $fill_all_values, '-1', 'onchange="submitToDo(\'fill_all\')"'); ?> </div> <div id="accesstabs"> <ul> <?php foreach ($mainmenu as $key => $value) { if ($value['text'] == TEXT_HOME || $value['text'] == TEXT_LOGOUT) { continue; } echo add_tab_list('tab_' . $key, $value['text']) . chr(10); } ?> </ul> <?php $settings = gen_parse_permissions($uInfo->admin_security); $column_break = true; foreach ($mainmenu as $key => $menu_heading) { if ($menu_heading['text'] == TEXT_HOME || $menu_heading['text'] == TEXT_LOGOUT) { continue; } echo '<div id="tab_' . $key . '">' . chr(10); echo '<table class="ui-widget" style="border-collapse:collapse;margin-left:auto;margin-right:auto;">' . chr(10); echo '<thead class="ui-widget-header">' . chr(10); echo '<tr>' . chr(10); echo '<th width="50%"> </th>' . chr(10); echo '<th width="10%" nowrap="nowrap">' . TEXT_FULL . '</th>' . chr(10); echo '<th width="10%" nowrap="nowrap">' . TEXT_EDIT . '</th>' . chr(10); echo '<th width="10%" nowrap="nowrap">' . TEXT_ADD . '</th>' . chr(10); echo '<th width="10%" nowrap="nowrap">' . TEXT_READ_ONLY . '</th>' . chr(10); echo '<th width="10%" nowrap="nowrap">' . TEXT_NONE . '</th>' . chr(10);
$pass_message = ERROR_WRONG_LOGIN; } if (!pw_validate_password($admin_pass, $result->fields['admin_pass'])) { $error = true; $pass_message = ERROR_WRONG_LOGIN; } if (!$error) { $_SESSION['admin_id'] = $result->fields['admin_id']; $_SESSION['admin_prefs'] = unserialize($result->fields['admin_prefs']); $_SESSION['company'] = $admin_company; $_SESSION['language'] = $admin_language; $_SESSION['theme'] = $admin_theme; $_SESSION['account_id'] = $result->fields['account_id']; $dept = $db->Execute("select dept_rep_id from " . TABLE_CONTACTS . " where id = " . $result->fields['account_id']); $_SESSION['department'] = $dept->fields['dept_rep_id']; $_SESSION['admin_security'] = gen_parse_permissions($result->fields['admin_security']); // set some cookies for the next visit to remember the company, language, and theme $cookie_exp = 2592000 + time(); // one month setcookie('pb_company', $admin_company, $cookie_exp); setcookie('pb_language', $admin_language, $cookie_exp); setcookie('pb_theme', $admin_theme, $cookie_exp); // check for software updates if (CFG_AUTO_UPDATE_CHECK) { if (web_connected($silent = false)) { $line = @file(NEW_VERSION_CHECKUP_URL); $latest_version = trim($line[0]); // Determine the Program patch level include DIR_FS_ADMIN . 'includes/version.php'; $installed_version = PROJECT_VERSION_MAJOR . '.' . PROJECT_VERSION_MINOR; if ($latest_version > $installed_version) {