$result = $db->Execute("select admin_id from " . TABLE_USERS . " where admin_name = '" . db_prepare_input($_POST['admin_name']) . "'");
if ($result->RecordCount() > 0) {
$error = $messageStack->add(ENTRY_DUP_USER_NEW_ERROR, 'error');
}
}
if (!$error) {
if ($admin_id) {
db_perform(TABLE_USERS, $sql_data_array, 'update', 'admin_id = ' . (int) $admin_id);
gen_add_audit_log(sprintf(GEN_LOG_USER, TEXT_UPDATE), db_prepare_input($_POST['admin_name']));
} else {
db_perform(TABLE_USERS, $sql_data_array);
$admin_id = db_insert_id();
gen_add_audit_log(sprintf(GEN_LOG_USER, TEXT_ADD), db_prepare_input($_POST['admin_name']));
}
if ($admin_id == $_SESSION['admin_id']) {
$_SESSION['admin_security'] = gen_parse_permissions($admin_security);
}
// update if user is current user
} elseif ($error) {
$_REQUEST['action'] = 'edit';
}
$uInfo = new objectInfo($_POST);
$uInfo->admin_security = $admin_security;
break;
case 'copy':
validate_security($security_level, 3);
$admin_id = db_prepare_input($_GET['cID']);
$new_name = db_prepare_input($_GET['name']);
// check for duplicate user names
$result = $db->Execute("select admin_name from " . TABLE_USERS . " where admin_name = '" . $new_name . "'");
if ($result->Recordcount() > 0) {
echo TEXT_FILL_ALL_LEVELS . ' ' . html_pull_down_menu('fill_all', $fill_all_values, '-1', 'onchange="submitToDo(\'fill_all\')"');
?>
</div>
<div id="accesstabs">
<ul>
<?php
foreach ($mainmenu as $key => $value) {
if ($value['text'] == TEXT_HOME || $value['text'] == TEXT_LOGOUT) {
continue;
}
echo add_tab_list('tab_' . $key, $value['text']) . chr(10);
}
?>
</ul>
<?php
$settings = gen_parse_permissions($uInfo->admin_security);
$column_break = true;
foreach ($mainmenu as $key => $menu_heading) {
if ($menu_heading['text'] == TEXT_HOME || $menu_heading['text'] == TEXT_LOGOUT) {
continue;
}
echo '<div id="tab_' . $key . '">' . chr(10);
echo '<table class="ui-widget" style="border-collapse:collapse;margin-left:auto;margin-right:auto;">' . chr(10);
echo '<thead class="ui-widget-header">' . chr(10);
echo '<tr>' . chr(10);
echo '<th width="50%"> </th>' . chr(10);
echo '<th width="10%" nowrap="nowrap">' . TEXT_FULL . '</th>' . chr(10);
echo '<th width="10%" nowrap="nowrap">' . TEXT_EDIT . '</th>' . chr(10);
echo '<th width="10%" nowrap="nowrap">' . TEXT_ADD . '</th>' . chr(10);
echo '<th width="10%" nowrap="nowrap">' . TEXT_READ_ONLY . '</th>' . chr(10);
echo '<th width="10%" nowrap="nowrap">' . TEXT_NONE . '</th>' . chr(10);
$pass_message = ERROR_WRONG_LOGIN;
}
if (!pw_validate_password($admin_pass, $result->fields['admin_pass'])) {
$error = true;
$pass_message = ERROR_WRONG_LOGIN;
}
if (!$error) {
$_SESSION['admin_id'] = $result->fields['admin_id'];
$_SESSION['admin_prefs'] = unserialize($result->fields['admin_prefs']);
$_SESSION['company'] = $admin_company;
$_SESSION['language'] = $admin_language;
$_SESSION['theme'] = $admin_theme;
$_SESSION['account_id'] = $result->fields['account_id'];
$dept = $db->Execute("select dept_rep_id from " . TABLE_CONTACTS . " where id = " . $result->fields['account_id']);
$_SESSION['department'] = $dept->fields['dept_rep_id'];
$_SESSION['admin_security'] = gen_parse_permissions($result->fields['admin_security']);
// set some cookies for the next visit to remember the company, language, and theme
$cookie_exp = 2592000 + time();
// one month
setcookie('pb_company', $admin_company, $cookie_exp);
setcookie('pb_language', $admin_language, $cookie_exp);
setcookie('pb_theme', $admin_theme, $cookie_exp);
// check for software updates
if (CFG_AUTO_UPDATE_CHECK) {
if (web_connected($silent = false)) {
$line = @file(NEW_VERSION_CHECKUP_URL);
$latest_version = trim($line[0]);
// Determine the Program patch level
include DIR_FS_ADMIN . 'includes/version.php';
$installed_version = PROJECT_VERSION_MAJOR . '.' . PROJECT_VERSION_MINOR;
if ($latest_version > $installed_version) {
