<script type='application/javascript' src='../../js/extern/jquery.min.js'></script>
<script type='application/javascript' src='../../js/extern/bootstrap.js'></script>
<script type='application/javascript' src='../../js/extern/underscore-min.js'></script>
<script type='application/javascript' src='../../js/extern/backbone-min.js'></script>
</head>
<body>
<?php
/* Setup and session verification */
require_once 'dbimport/Importer.php';
chdir('..');
require_once 'common.php';
require_once '../query/cacheProvider.php';
session_validate() or Config::error('403 Forbidden');
session_mayEdit() or Config::error('403 Forbidden');
//Parsing client data, and using Importer:
$uId = $dbConnection->escape_string(session_getUid());
$merge = false;
$fs = array();
$uploads = $_FILES['upload'];
if (count($uploads['name']) === 1 && $uploads['name'][0] === '') {
Config::error('No file given.');
echo '<h1>You need to select a file first.</h1>';
} else {
while (count($uploads['name']) > 0) {
array_push($fs, array('name' => array_pop($uploads['name']), 'path' => array_pop($uploads['tmp_name'])));
}
CacheProvider::cleanCache('../');
$log = Importer::processFiles($fs, $uId, $merge);
echo '<ul><li>' . implode($log, '</li><li>') . '</li></ul>';
$tables = implode(',', Importer::findTables($fs));
$href = "../translate.php?tId=1&action=compareOriginal&tables={$tables}";
if (isset($_POST['mayEdit'])) {
$mayE = $dbConnection->escape_string($_POST['mayEdit']);
if ($mayE != '1') {
$mayE = '0';
}
$q = "UPDATE Edit_Users SET AccessEdit= {$mayE} WHERE UserId = {$userid}";
$dbConnection->query($q);
echo "Updated edit access.\n";
}
break;
/* Parameters: userid */
/* Parameters: userid */
case 'delete':
$userid = $dbConnection->escape_string($_POST['userid']);
/* Checking that the user won't delete itself: */
if ($userid == session_getUid()) {
Config::error("You cannot delete yourself, sorry.");
}
/* Deleting the user: */
$q = "DELETE FROM Edit_Users WHERE UserId = {$userid}";
$dbConnection->query($q);
echo "Deleted user: {$userid}";
break;
case 'export':
$export = array();
$q = 'SELECT UserId, Login, Hash, AccessEdit, AccessTranslate FROM Edit_Users';
$set = $dbConnection->query($q);
while ($row = $set->fetch_assoc()) {
array_push($export, $row);
}
header("Pragma: public");
<?php
}
break;
case 'updatePassword':
if (session_validate()) {
$newP = $_POST['new'];
$confirm = $_POST['confirm'];
if ($newP !== $confirm) {
Config::error("New password doesn't match confirmation.");
}
$hash = password_hash($_POST['new'], PASSWORD_BCRYPT);
if (!$hash) {
//Fallback to md5
$hash = md5($_POST['new']);
}
$uid = session_getUid();
$q = "UPDATE Edit_Users SET Hash = '{$hash}' WHERE UserId = {$uid}";
$dbConnection->query($q);
session_destroy();
header('LOCATION: index.php');
} else {
Config::error('Invalid session!');
}
break;
case 'meanings':
require_once 'meanings.php';
break;
default:
if (session_validate()) {
if (session_mayEdit()) {
header('LOCATION: userAccount.php');