function process_form()
{
$page = isset($_POST["page"]) ? $_POST["page"] : "";
$processed = true;
switch ($page) {
case FORM_LOGIN:
require 'inc/process/login.php';
sign_in();
break;
case FORM_CUSTOMER_NEW:
require 'inc/process/customer.php';
customer_add();
break;
case FORM_CUSTOMER_EDIT:
require 'inc/process/customer.php';
customer_edit();
break;
case FORM_PURCHASE_NEW:
require 'inc/process/purchase.php';
purchase_add();
break;
case FORM_PURCHASE_EDIT:
require 'inc/process/purchase.php';
purchase_edit();
break;
case "sell_new":
require 'inc/process/sell.php';
sell_add();
break;
case "sell_edit":
require 'inc/process/sell.php';
sell_edit();
break;
case "store_edit":
require 'inc/process/store.php';
store_edit();
break;
case "user_new":
require 'inc/process/user.php';
user_add();
break;
case "user_edit":
require 'inc/process/user.php';
user_edit();
break;
case FORM_LOT_NEW:
require 'inc/process/lot.php';
lot_add();
break;
default:
$processed = false;
}
return $processed;
}
}
$user_orders = get_user_order($_SESSION['auth']['customer_id']);
break;
case 'user_edit':
//редактирование своего профиля
if ($_SESSION['auth']) {
$user_area = get_user1($_SESSION['auth']['customer_id']);
}
//получаем данные этого пользователя
/* if($_POST['user_edit']){ //когда будет нажата кнопка сохранить
user_edit($_SESSION['auth']['customer_id']);
redirect();
}*/
if ($_POST) {
//когда будет нажата кнопка сохранить
if (user_edit($_SESSION['auth']['customer_id'])) {
redirect("?view=cabinet");
} else {
redirect();
}
}
break;
case 'user_order':
//заказы пользователя в профиле
$order_id = abs((int) $_GET['order_id']);
//проверка на значение что может ввести пользователь
if ($order_id) {
//id не равно 0
$user_order = show_order1($order_id);
//проверяем какой это заказ
if ($user_order[0]['status']) {
if (user_level(5)) {
echo ' <label for="level">Level:</label><select name="level" id="level">' . "\n";
for ($i = 1; $i < 6; $i++) {
echo " <option" . ($i == (int) $row[2] ? ' selected="selected"' : '') . ">{$i}</option>\n";
}
echo " </select><br />\n";
}
?>
<label for="oldpass">Old Password:</label><input type="password" name="oldpass" id="oldpass" /><br />
<label for="newpass">New Password:</label><input type="password" name="newpass" id="newpass" /><br />
<input type="submit" />
</form>
<?php
} else {
if (!isset($_POST['user']) && isset($_POST['nick'], $_POST['mail'], $_POST['oldpass'], $_POST['newpass'])) {
if (user_edit($_POST['nick'], $_POST['mail'], isset($_POST['level']) ? $_POST['level'] : null, $_POST['oldpass'], $_POST['newpass'])) {
echo "<p>User " . stripslashes($_POST['nick']) . " successfully updated</p>\n";
} else {
echo "<p>An error ocurred when tried to update the user. Are you sure that the fields contain correct values?</p>\n";
}
} else {
$query = @mysql_query("SELECT `user`, `level` FROM `amsn_users` ORDER BY `user` ASC");
if (!@mysql_num_rows($query)) {
echo "<p>There are no users to edit</p>\n";
return;
}
?>
<form action="<?php
echo htmlentities($_SERVER['REQUEST_URI']);
?>
" method="post">
user_edit();
include_once("include/bottom_footer.php");
break;
case 'graph_perms_edit':
include_once("include/top_header.php");
user_edit();
include_once("include/bottom_footer.php");
break;
case 'user_edit':
include_once("include/top_header.php");
user_edit();
include_once("include/bottom_footer.php");
break;
default:
include_once("include/top_header.php");
user();
include_once("include/bottom_footer.php");
break;
}
/* --------------------------
The Save Function
-------------------------- */
}
if (isset($_POST['birthday'])) {
$birthday = $_POST['birthday'];
}
if (isset($_POST['gender'])) {
$gender = $_POST['gender'];
}
if ($username != '') {
/*
* Gán giá trị cho mãng $data
*/
$data = array('group_id' => $group_id, 'username' => $username, 'password' => $password, 'fullname' => $fullname, 'email' => $email, 'gender' => $gender, 'birthday' => $birthday);
/*
* Thực hiện thêm mới thành viên
*/
if (user_edit($data, $user_id) !== false) {
$is_success = true;
}
} else {
$error_name = 'Bạn vui lòng nhập Tên tài khoản';
}
/*
$sql = "UPDATE user SET user_id = $user_id, groupd_id = $group_id, username = '******',
password = '******', fullname = '$fullname', email = '$email', birthday = '$birthday', gender = $gender
WHERE user_id = $user_id";
$result = mysql_query($sql);
*/
}
/*
- Lấy danh sách nhóm thành viên
*/
$fields[] = 'status';
}
if ($allow_edit_parent) {
_log('saving username:'******' parent_uid:' . $_POST['up_parent_uid'], 3, 'user_pref');
$fields[] = 'parent_uid';
}
for ($i = 0; $i < count($fields); $i++) {
if ($c_data = trim($_POST['up_' . $fields[$i]])) {
$up[$fields[$i]] = $c_data;
}
}
// subuser's parent uid, by default its uid=1
if ($_POST['up_parent_uid']) {
$up['parent_uid'] = (int) ($user_edited['status'] == 4 ? $_POST['up_parent_uid'] : $core_config['main']['default_parent']);
} else {
$up['parent_uid'] = (int) user_getparentbyuid(user_username2uid($c_username));
}
if ($up['password'] && $up['password'] != $_POST['up_password_conf']) {
$ret['error_string'] = _('Password does not match');
$continue = false;
}
if ($continue) {
$uid = user_username2uid($c_username);
$ret = user_edit($uid, $up);
}
$_SESSION['dialog']['info'][] = $ret['error_string'];
_log('saving username:'******' error_string:[' . $ret['error_string'] . ']', 2, 'user_pref');
header("Location: " . _u('index.php?app=main&inc=core_user&route=user_pref&op=user_pref' . $url_uname . '&view=' . $view));
exit;
break;
}
$f['u_nick'] = $row->u_nick;
$f['u_id'] = $row->u_id;
$f['u_email'] = $row->u_email;
$f['u_adminemail'] = $row->u_adminemail;
$f['u_url'] = $row->u_url;
$f['u_level'] = $row->u_level;
$f['u_farbe'] = $row->u_farbe;
$f['u_zeilen'] = $row->u_zeilen;
$f['u_backup'] = $row->u_backup;
$f['u_smilie'] = $row->u_smilie;
$f['u_systemmeldungen'] = $row->u_systemmeldungen;
$f['u_eintritt'] = $row->u_eintritt;
$f['u_austritt'] = $row->u_austritt;
$f['u_punkte_anzeigen'] = $row->u_punkte_anzeigen;
$f['u_signatur'] = $row->u_signatur;
$size = unserialize($row->u_frames);
user_edit($f, $admin, $u_level, $size);
mysql_free_result($result);
}
}
} else {
echo "<P ALIGN=CENTER>{$t['sonst1']}</P>\n";
}
// Fuß
if ($o_js) {
echo $f1 . "<P ALIGN=CENTER>[<A HREF=\"javascript:window.close();\">{$t['sonst2']}</A>]</P>" . $f2 . "\n";
}
?>
</BODY></HTML>
function route($action)
{
global $html_main_content, $title;
show_err();
switch ($action) {
case '':
main();
break;
case 'user_show':
$title = print_lg('Show all users', $_SESSION['lang']);
user_show();
break;
case 'user_info':
$title = print_lg('User info', $_SESSION['lang']);
user_info();
break;
case 'show_news':
show_news();
break;
case 'logout':
logout();
break;
case 'add_news':
$title = print_lg('Add news', $_SESSION['lang']);
add_news();
break;
case 'registration':
$title = print_lg('Registration', $_SESSION['lang']);
registration();
break;
case 'delete_news':
delete_news();
break;
case 'edit_news':
$title = print_lg('Edit news', $_SESSION['lang']);
edit_news();
break;
case 'pages':
main();
break;
case 'profileview':
$title = print_lg('You information', $_SESSION['lang']);
profileview();
break;
case 'delete_user':
delete_user();
break;
case 'user_delete':
user_delete();
break;
case 'user_edit':
$title = print_lg('Edit user', $_SESSION['lang']);
user_edit();
break;
case 'edit_language':
$title = print_lg('Edit language', $_SESSION['lang']);
edit_language();
break;
case 'delete_comments':
delete_comments();
break;
case 'delete_vote':
delete_vote();
break;
default:
$html_main_content .= print_lg('Page not found', $_SESSION['lang']);
break;
}
}
function webservices_account_pref($uid, $data = array())
{
if (!$data['name']) {
$data['name'] = user_getfieldbyuid($uid, 'name');
}
if (!$data['email']) {
$data['email'] = user_getfieldbyuid($uid, 'email');
}
$ret = user_edit($uid, $data);
if ($ret['status']) {
$json['status'] = 'OK';
$json['error'] = '0';
$json['info'] = $ret['error_string'];
} else {
$json['status'] = 'ERR';
$json['error'] = '616';
$json['info'] = $ret['error_string'];
}
return $json;
}
$value = user_delete($_POST["user_id"]);
break;
case "contact_delete":
$value = contact_delete($_POST["contact_id"]);
break;
case "message_distro_delete":
$value = message_distro_delete($_POST["user_id_target"], $_POST["msg_id"]);
break;
default:
$value = array("action" => "default", "method" => "POST");
}
} else {
if (isset($_PUT["action"])) {
switch ($_PUT["action"]) {
case "user_edit":
$value = user_edit($_PUT["user_id"], $_PUT["disp_nme"], $_PUT["email_addr"], $_PUT["user_pw"]);
break;
case "user_disable":
$value = user_disable($_PUT["user_id"]);
break;
}
} else {
if (isset($_GET["action"])) {
switch ($_GET["action"]) {
case "user_info":
$value = user_info($_GET["user_id"]);
break;
case "user_info_email":
$value = user_info_email($_GET["email_addr"]);
break;
case "contact_all":
xoops_cp_header();
subscribers_adminMenu(0, _MI_SUBSCRIBERS_ADMENU_USER);
echo user_index($start);
xoops_cp_footer();
break;
case 'add':
user_add($id);
break;
case 'edit':
xoops_cp_header();
subscribers_adminMenu(0, _MI_SUBSCRIBERS_ADMENU_USER);
echo user_form($id);
xoops_cp_footer();
break;
case 'editok':
user_edit($id);
break;
case 'del':
user_confirmdel($id, $redir);
break;
case 'delok':
user_del($id, $redir);
break;
}
function user_index($start = 0)
{
global $xoopsTpl, $xoopsUser, $xoopsConfig, $limit;
$myts =& MyTextSanitizer::getInstance();
include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';
$this_handler =& xoops_getModuleHandler('user', 'subscribers');
$module_handler =& xoops_getHandler('module');
<?php
require_once 'includes/db.inc.php';
include 'includes/user.inc.php';
include 'includes/category.inc.php';
include 'includes/product.inc.php';
$out = "";
if (!empty($_SESSION["user_session"])) {
$userID = $_SESSION["user_session"];
$out = '<div class="right bottom-aligned-text"><a href="logout.php?logout=true">Déconnexion</a></div>';
$out .= '<div class="right"><h1>Bonjour <a href="profile.php">' . user_edit($db_connexion, $userID)['user_name'] . "</a></h1></div><br>";
if (isset($_SESSION["cart"])) {
$cart = $_SESSION["cart"];
foreach ($cart as $c) {
$produit = edit_product($c['id'], $db_connexion);
$out .= '<div>nom du produit ' . $produit["nom"] . ' : , qty :' . $c["qty"] . '
<a href="panier.php?action=delete&id=' . $c['id'] . '" ><span class="glyphicon glyphicon-remove"></span></a>
<br/><a href="">Voir mon panier</a>
</div>';
}
}
} else {
if (!isset($_SESSION["user_session"])) {
$out = '<form action="login.php" method="post" class="navbar-form navbar-right">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
<input type="text" class="form-control" name="txt_uname_email" placeholder="Pseudo ou e-mail" size="15" required />
</div>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
<input type="password" class="form-control" name="txt_password" placeholder="Mot de passe" size="15" required />
function listingUsers($db_connexion, $action = '')
{
$query = "SELECT * FROM `users` order by `id_user` ASC";
$statment = $db_connexion->query($query);
$resultats = $statment->fetchall();
if (empty($action)) {
$output = "";
$entete = array("Pseudo", "Email", "Nom", "Prénom", "Adresse", "Code Postal", "Date de création", "Date de dernière modif", "Actions");
$output .= "<table class='table table-striped table-hover table-bordered'>\r\n <thead>\r\n <tr>";
// boucle foreach pour créer des TH pour chaque valeur du tableau $entete
foreach ($entete as $key => $value) {
$output .= "<th>{$value}</th>";
}
$output .= "</tr></thead><tbody>";
foreach ($resultats as $resultat) {
$output .= "<tr>";
$output .= "<td>" . $resultat["user_name"] . "</td>";
$output .= "<td>" . $resultat["user_email"] . "</td>";
$output .= "<td>" . $resultat["user_firstname"] . "</td>";
$output .= "<td>" . $resultat["user_lastname"] . "</td>";
$output .= "<td>" . $resultat["user_adress"] . "</td>";
$output .= "<td>" . $resultat["user_zipcode"] . "</td>";
$output .= "<td>" . $resultat["last_login"] . "</td>";
$output .= "<td>" . $resultat["date_created"] . "</td>";
$output .= "<td>\r\n <ul>\r\n <li><a href='utilisateur.php?action=voir&id=" . $resultat["id_user"] . "'>Voir</a></li>\r\n <li><a href='utilisateur.php?action=modifier&id=" . $resultat["id_user"] . "'>Modifier</a></li>\r\n <li><a href='utilisateur.php?action=supprimer&id=" . $resultat["id_user"] . "'>Supprimer</a></li>\r\n </ul>\r\n </td>\r\n </tr>";
}
$output .= "</tbody>\r\n </table>";
} else {
$action = $_GET['action'];
if (isset($_GET["id"])) {
$userID = $_GET["id"];
switch ($action) {
case 'voir':
$output = "";
$user = user_edit($db_connexion, $userID);
$output .= file_exists("../upload/300x400_" . $user["user_pic"]) ? "<img src='../upload/300x400_" . $user["user_pic"] . "'><br/>" : "";
$output .= !empty($user["user_lastname"]) ? "Nom : " . $user["user_lastname"] . "<br/>" : "";
$output .= !empty($user["user_firstname"]) ? "Prénom : " . $user["user_firstname"] . "<br/>" : "";
$output .= "Pseudo : " . $user["user_name"] . "<br/>";
$output .= "Email : " . $user["user_email"] . "<br/>";
break;
case 'supprimer':
try {
$statement = $db_connexion->prepare("DELETE FROM users WHERE id_user=:id");
$statement->execute(array(":id" => $userID));
header("Location:utilisateur.php");
} catch (PDOException $e) {
echo $e->getMessage();
}
break;
case 'modifier':
$output = user_update($userID, $db_connexion);
$action = "?action=modifier&id=1&step=image";
$output .= user_image_upload($userID, $db_connexion, $action, false);
break;
}
}
}
return $output;
}
break;
case 'jelszokuld':
$tartalom = user_jelszokuld();
break;
case 'list':
if ($user->checkRole('user')) {
$tartalom = user_list();
} else {
addMessage('Nincs jogosultságod megnézni a felhasználók listáját.', 'warning');
$tartalom = array('title' => 'Felhasználók listája');
}
break;
case 'del':
$tartalom = user_del($_REQUEST['uid']);
break;
case 'delete':
if (is_numeric($_REQUEST['uid']) and $user->checkRole('user') and $user->uid != $_REQUEST['uid']) {
$user2delete = new User($_REQUEST['uid']);
$user2delete->delete();
$tartalom = user_list();
} else {
//TODO: elegánsabb hibakezelést!
addMessage('Hiányzó jogosultság miatt nem lehetséges a törlése!', danger);
$tartalom['content'] = '';
$tartalom['template'] = 'layout';
}
break;
default:
$tartalom = user_edit($user->uid);
break;
}
# fill in any project prefs which are left out
# i.e. unchecked checkboxes
foreach ($associated_projects as $key_project => $value_preferences) {
# look for project prefs not set in $project_pref
foreach ($project_preferences as $row_project_preference) {
if (!util_array_key_search($row_project_preference, $value_preferences)) {
$associated_projects[$key_project][$row_project_preference] = "N";
}
}
}
if (isset($_POST['add_to_projects'])) {
$add_to_projects = $_POST['add_to_projects'];
} else {
$add_to_projects = array();
}
user_edit(session_validate_form_get_field("username"), session_validate_form_get_field("password"), session_validate_form_get_field("first_name_required"), session_validate_form_get_field("last_name_required"), session_validate_form_get_field("email_required"), session_validate_form_get_field("phone"), $_POST['tempest_admin'], $_POST['default_project'], $associated_projects, $add_to_projects);
session_validate_form_reset();
# ---------------------------------------------------------------------
# $Log: user_edit_action.php,v $
# Revision 1.4 2008/08/04 06:54:58 peter_thal
# added sorting function to several tables
#
# Revision 1.3 2008/07/10 07:28:29 peter_thal
# security update:
# disabled writing spaces or apostrophe and others into login textfields
#
# Revision 1.2 2006/02/27 17:25:54 gth2
# added email functionality to bug tracker - gth
#
# Revision 1.1.1.1 2005/11/30 23:00:59 gth2
# importing initial version - gth
