public function __construct()
{
parent::__construct('formDeleteUser', 'Delete user?');
requirePriv('USER_DELETE');
$this->addElement(Element::factory('hidden', 'uid', null, $_REQUEST['formDeleteUser-uid']));
$this->addElement(Element::factory('html', 'msg', null, 'Sure?'));
$this->addButtons(Form::BTN_SUBMIT);
}
<?php
require_once 'includes/widgets/header.php';
requirePriv('GROUPLIST');
$sql = 'SELECT g.id, g.title FROM groups g';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->execute();
$listGroups = $stmt->fetchAll();
$tpl->assign('listGroups', $listGroups);
$tpl->display('listGroups.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
requirePriv('USERLIST');
$id = fromRequestRequireInt('id');
$sql = 'SELECT u.id, u.username, u.usernameSteam, g.title AS groupTitle, u.email, u.lastLogin, u.registered, o.id AS organizerId, o.title AS organizerTitle FROM users u JOIN groups g ON u.group = g.id LEFT JOIN organizers o ON u.organization = o.id WHERE u.id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
if ($stmt->numRows() == 0) {
throw new Exception('user not found');
}
$user = $stmt->fetchRow();
define('TITLE', 'User: '******'username']);
require_once 'includes/widgets/header.php';
echo '<h2>User: '******'username'] . '</h2>';
echo 'Steam username: '******'usernameSteam']) ? '???' : $user['usernameSteam']) . '<br />';
echo 'Primary group: ' . $user['groupTitle'] . '<br />';
echo 'Last login: '******'lastLogin'] . '<br />';
echo 'Registered: ' . issetor($user['registered']) . '<br />';
echo 'Email: ' . issetor($user['email']) . '<br />';
if (!empty($user['organizerId'])) {
echo 'Organizer: <a href = "viewOrganizer.php?id=' . $user['organizerId'] . '">' . $user['organizerTitle'] . '</a>';
}
if (Session::getUser()->hasPriv('USER_EMAIL_LOG')) {
$sql = 'SELECT l.id, l.sent, l.subject FROM email_log l WHERE l.emailAddress = :emailAddress ORDER BY l.sent DESC LIMIT 10';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':emailAddress', $user['email']);
$stmt->execute();
$tpl->assign('loggedEmails', $stmt->fetchAll());
$tpl->display('viewUser.tpl');
<?php
require_once 'includes/widgets/header.php';
require_once 'jwrCommonsPhp/Exceptions.php';
switch ($_REQUEST['action']) {
case 'toggleEvent':
requirePriv('TOGGLE_EVENT_PUBLISHED');
$sql = 'UPDATE events SET published = !published WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $_REQUEST['id']);
$stmt->execute();
$sql = 'SELECT u.id, u.username, u.email, e.id AS eventId, e.title AS eventTitle FROM users u JOIN organizers o ON u.organization = o.id JOIN events e ON e.organizer = o.id AND e.id = :eventId';
$stmt = $db->prepare($sql);
$stmt->bindValue(':eventId', $_REQUEST['id']);
$stmt->execute();
foreach ($stmt->fetchAll() as $orgieUser) {
$tpl->assign('user', $orgieUser);
$content = $tpl->fetch('email.eventToggled.tpl');
sendEmail($orgieUser['email'], $content, 'Event has been published or unpublished.');
}
redirect('viewEvent.php?id=' . $_REQUEST['id'], 'Event toggled. Email sent to organizers.');
break;
case 'cloneEvent':
$event = fetchEvent(fromRequestRequireInt('id'));
if ($event == null) {
throw new Exception('event not found');
}
if (!Session::getUser()->hasPriv('EVENT_CLONE')) {
if ($event['organizerId'] != Session::getUser()->getData('organization')) {
throw new PermissionsException('You cannot clone that event, because you are not the organizer.');
}
