$del = isset($_REQUEST['del']) ? $_REQUEST['del'] : FALSE; $obj = new CUser(); $contact = new CContact(); if (!$obj->bind($_POST)) { $AppUI->setMsg($obj->getError(), UI_MSG_ERROR); $AppUI->redirect(); } if (!$contact->bind($_POST)) { $AppUI->setMsg($contact->getError(), UI_MSG_ERROR); $AppUI->redirect(); } // prepare (and translate) the module name ready for the suffix $AppUI->setMsg('User'); // !User's contact information not deleted - left for history. if ($del) { if ($msg = $obj->delete()) { $AppUI->setMsg($msg, UI_MSG_ERROR); $AppUI->redirect(); } else { $AppUI->setMsg("deleted", UI_MSG_ALERT, true); $AppUI->redirect('', -1); } return; } $isNewUser = !$_REQUEST['user_id']; if ($isNewUser) { // check if a user with the param Username already exists $userEx = FALSE; function userExistence($userName) { global $obj, $userEx;
$AppUI->redirect('m=public&a=access_denied'); } } else { if ($user_id != $AppUI->user_id) { if (!canEdit('admin')) { $AppUI->redirect('m=public&a=access_denied'); } if (!canEdit('users')) { $AppUI->redirect('m=public&a=access_denied'); } } } $obj->user_username = strtolower($obj->user_username); // !User's contact information not deleted - left for history. if ($del) { $result = $obj->delete($AppUI); $message = $result ? 'User deleted' : $obj->getError(); $path = $result ? 'm=admin' : 'm=public&a=access_denied'; $status = $result ? UI_MSG_ALERT : UI_MSG_ERROR; $AppUI->setMsg($message, $status); $AppUI->redirect($path); } $contact->contact_owner = $contact->contact_owner ? $contact->contact_owner : $AppUI->user_id; $contactArray = $contact->getContactMethods(); $result = $contact->store($AppUI); if ($result) { $contact->setContactMethods($contactArray); $obj->user_contact = $contact->contact_id; if ($obj->store($AppUI)) { if ($isNewUser && w2PgetParam($_POST, 'send_user_mail', 0)) { notifyNewUserCredentials($contact->contact_email, $contact->contact_first_name, $obj->user_username, $_POST['user_password']);
} } show_messages($go_result, S_USERS_UNBLOCKED, S_CANNOT_UNBLOCK_USERS); } else { if ($_REQUEST['go'] == 'delete' && isset($_REQUEST['group_userid'])) { $go_result = false; $group_userid = get_request('group_userid', array()); $db_users = CUser::get(array('userids' => $group_userid, 'output' => API_OUTPUT_EXTEND)); $db_users = zbx_toHash($db_users, 'userid'); DBstart(); foreach ($group_userid as $ugnum => $userid) { if (!isset($db_users[$userid])) { continue; } $user_data = $db_users[$userid]; $go_result |= (bool) CUser::delete($user_data); if (!$go_result) { error(CUser::resetErrors()); } if ($go_result) { add_audit(AUDIT_ACTION_DELETE, AUDIT_RESOURCE_USER, 'User alias [' . $user_data['alias'] . '] name [' . $user_data['name'] . '] surname [' . $user_data['surname'] . ']'); } } $go_result = DBend($go_result); show_messages($go_result, S_USER_DELETED, S_CANNOT_DELETE_USER); } } } } } }
} elseif ($isNewUser) { if (!canAdd('users')) { $AppUI->redirect(ACCESS_DENIED); } } else { if ($user_id != $AppUI->user_id) { // @todo shouldn't this check for the specific user? if (!canEdit('users')) { $AppUI->redirect(ACCESS_DENIED); } } } $obj->user_username = strtolower($obj->user_username); // !User's contact information not deleted - left for history. if ($del) { $result = $obj->delete(); $message = $result ? 'User deleted' : $obj->getError(); $redirect = $result ? 'm=users' : ACCESS_DENIED; $status = $result ? UI_MSG_ALERT : UI_MSG_ERROR; $AppUI->setMsg($message, $status); $AppUI->redirect($redirect); } $contact->contact_owner = $contact->contact_owner ? $contact->contact_owner : $AppUI->user_id; $contactArray = $contact->getContactMethods(); $result = $contact->store(); if ($result) { $contact->setContactMethods($contactArray); $obj->user_contact = $contact->contact_id; if ($obj->store()) { if ($isNewUser && w2PgetParam($_POST, 'send_user_mail', 0)) { notifyNewUserCredentials($contact->contact_email, $contact->contact_first_name, $obj->user_username, $_POST['user_password']);
<?php /** * This is a Branax pagecontroller. * */ // Include the essential config-file which also creates the $branax variable with its defaults. include __DIR__ . '/config.php'; $content = new CUser($branax['database']); // Do it and store it all in variables in the Branax container. $branax['title'] = "Radera"; $branax['main'] = <<<EOD <h1>Radera innehåll</h1> {$content->delete()} EOD; // Finally, leave it all to the rendering phase of Branax. include BRANAX_THEME_PATH;