function listUser()
{
global $DB;
global $MySelf;
global $IGB;
global $TIMEMARK;
global $IGB_VISUAL;
// Are we allowed to peek into peoples files?
if (!$MySelf->canSeeUsers()) {
makeNotice("You are not allowed to do this!", "error", "forbidden");
}
// Is the supplied ID truly numeric?
if (!is_numeric($_GET[id])) {
makeNotice("Why would you do such a thing? Are you evil at heart? Lets assume its a \"mistake\" for now..", "warning", "*cough*", "index.php?action=editusers", "I'm sorry...");
} else {
$id = (int) $_GET[id];
}
// Query the database.
$users = $DB->query("select * from users where id='{$id}' AND deleted='0' limit 1");
// Build the tables.
while ($row = $users->fetchRow()) {
$table = new table(2, true);
$table->addHeader(">> Managing user " . ucfirst($row[username]));
$username = ucfirst($row[username]);
$table->addRow();
$table->addCol("ID:");
$table->addCol(str_pad("{$row['id']}", 5, "0", STR_RIGHT_PAD));
$table->addRow();
$table->addCol("Username:"******"<input type=\"text\" name=\"username\" value=\"" . $uname_temp . "\">";
$confi_temp = "<input type=\"checkbox\" name=\"username_check\" value=\"true\">";
$table->addCol($field_temp . " (changing username tick here also: " . $confi_temp . ")");
} else {
$table->addCol(ucfirst($row[username]));
}
$table->addRow();
$table->addCol("eMail:");
$table->addCol("<input type=\"text\" size=\"40\" name=\"email\" value=\"" . ($row[email] == "" ? 'no email supplied' : $row[email]) . "\">");
$table->addRow();
$table->addCol("Password:"******"<input type=\"password\" size=\"40\" name=\"password\">");
// Ranks System
$RanksDS = $DB->query("SELECT * FROM ranks ORDER BY rankOrder ASC");
$rankCount = $RanksDS->numRows();
if ($rankCount >= 1) {
// We have at least 1 rank.
while ($rank = $RanksDS->fetchRow()) {
if ($rank[rankid] == $row[rank]) {
// The current rank is selected.
$rank_pdm .= "<option SELECTED value=\"{$rank['rankid']}\">{$rank['name']}</option>";
} else {
// The others of course, are not.
$rank_pdm .= "<option value=\"{$rank['rankid']}\">{$rank['name']}</option>";
}
}
$rankColumn = "<select name=\"rank\">" . $rank_pdm . "</select>";
} else {
// No rank has been set yet.
$rankColumn = "There are no ranks. Go create some!";
}
$table->addRow();
$table->addCol("Rank:");
$table->addCol($rankColumn);
$table->addRow();
$table->addCol("Last login:"******"{$row['lastlogin']}" < 10) {
$table->addCol("never");
} else {
$table->addCol(date("d.m.y H:i:s", $row[lastlogin]));
}
$table->addRow();
$table->addCol("Credits:");
$table->addCol(number_format(getCredits($row[id]), 2) . " ISK");
// Is the account confirmed?
if ("{$row['confirmed']}" == "0") {
$table->addRow();
$table->addCol("Account confirmed:");
$table->addCol("This account has <b>not</b> been confirmed yet.");
$table->addRow();
$table->addCol("Confirm account:");
$table->addCol("<input type=\"checkbox\" name=\"confirm\" value=\"true\"> Tick box to confirm account. <br><br>This is a one-way action only. Once an account" . " has been confirmed you can not unconfirm it. Tho you can block or delete it." . " Be careful not to confirm an account by accident - you could allow a non-authorized third party to access your MiningBuddy!");
$table->addRow();
$table->addCol("Account confirmed:");
// Give a red light if user has not even verified himself.
if ("{$row['emailvalid']}" == "0") {
$table->addCol("<b>WARNING!</b><br> The User has not yet verified this email yet! If you choose to enable" . " this account at this time, be very sure that you know the person requesting the account!", array("bgcolor" => "#662222"));
} else {
$table->addCol("<br><br><b>The user validated the email address.</b><br>");
}
} else {
$table->addRow();
$table->addCol("This account has been confirmed.");
if ("{$row['emailvalid']}" == "0") {
$table->addCol("<font color=\"#ff0000\">WARNING!</b></font><br> The User has not verified this email but the account has been confirmed!");
// Add a "confirm email" checkbox.
$table->addRow();
$table->addCol("Mark users email as valid:");
$table->addCol("<input type=\"checkbox\" name=\"SetEmailValid\" value=\"true\">");
} else {
$table->addCol("The user validated the supplied email address.");
}
}
/*
* API Goodness
*/
$api = new api($row[id], true);
$apit = new table(2, true);
$apit->addHeader(">> Api information for " . ucfirst($row[username]));
$apit->addRow();
$apit->addCol("API Key in database:");
if ($api->getApiID() && $api->getApiKey()) {
$apit->addCol(yesno(1, true));
$apit->addRow();
$apit->addCol("API valid:");
$apit->addCol(yesno($api->valid(), true));
if ($api->valid()) {
$apit->addRow();
$apit->addCol("Character ID:");
$apit->addCol($api->getCharacterID());
$apit->addRow();
$apit->addCol("Validated on:");
$apit->addCol(date("d.m.Y H:i:s", $api->validatedOn()));
}
$apit->addRow();
$apit->addCol("Remove API key from database:");
$apit->addCol("[<a href=\"index.php?action=delapi&id={$id}\">delete api key</a>]");
} else {
$apit->addCol(yesno(0));
}
// Permissions matrix
$perms = array("canLogin" => "log in", "canJoinRun" => "join mining Ops", "canCreateRun" => "create new mining Ops", "canCloseRun" => "close mining Ops", "canDeleteRun" => "delete mining Ops", "canAddHaul" => "haul from/to mining Ops", "canSeeEvents" => "view scheduled events", "canDeleteEvents" => "can delete events", "canEditEvents" => "add and delete scheduled events", "canChangePwd" => "change his own password", "canChangeEmail" => "change his own email", "canChangeOre" => "manage ore prices and enable/disable them.", "canAddUser" => "add new accounts", "canSeeUsers" => "see other accounts", "canDeleteUser" => "delete other accounts.", "canEditRank" => "edit other peoples ranks.", "canManageUser" => "grant and take permissions.", "isOfficial" => "create official mining runs (with payout).", "isAdmin" => "edit site settings.", "isLottoOfficial" => "administrate the lottery", "canPlayLotto" => "play Lotto!", "isAccountant" => "edit other users credits.", "optIn" => "User has opt-in to eMails.");
// Create a seperate permissions table.
$perm_table = new table(2, true);
$perm_table->addHeader(">> " . ucfirst($row[username]) . " has permission to... ");
$perm_keys = array_keys($perms);
$LoR = 1;
foreach ($perm_keys as $key) {
if ($LoR) {
$perm_table->addRow();
}
if ($row[$key]) {
$perm_table->addCol("<input type=\"checkbox\" name=\"{$key}\" checked> " . $perms[$key]);
} else {
$perm_table->addCol("<input type=\"checkbox\" name=\"{$key}\"> " . $perms[$key]);
}
$LoR = 1 - $LoR;
}
if (!$LoR) {
$perm_table->addCol();
}
// Delete User
$perm_table->addRow();
$perm_table->addCol("<hr>", array("colspan" => 2));
$perm_table->addRow();
$perm_table->addCol("Delete user:"******"<input type=\"checkbox\" name=\"delete\" value=\"true\"> Tick box to delete the user permanently.");
$perm_table->addRow();
$perm_table->addCol("<hr>", array("colspan" => 2));
// Commit changes button.
$perm_table->addHeaderCentered("<input type=\"submit\" name=\"send\" value=\"Commit changes\">", array("colspan" => 2, "align" => "center"));
}
$form .= "<form action=\"index.php\" method=\"POST\">";
$form .= "<input type=\"hidden\" name=\"id\" value=\"" . $_GET[id] . "\">";
$form .= "<input type=\"hidden\" name=\"check\" value=\"true\">";
$form .= "<input type=\"hidden\" name=\"action\" value=\"edituser\">";
// Show all logins.
$logins = getLogins($id);
// Show failed logins.
$failed_logins = showFailedLogins("15", idToUsername($id));
/*
* Transactions.
*/
if ($MySelf->isAccountant()) {
$acc = new table(2, true);
$acc->addHeader(">> Create transaction to user " . ucfirst(idToUsername($id)));
$acc->addRow();
$acc->addCol("Credit to:");
$acc->addCol($username);
$acc->addRow();
$acc->addCol("Authorization by:");
$acc->addCol(ucfirst($MySelf->getUsername()));
$acc->addRow();
$acc->addCol("Time of Transaction:");
$acc->addCol(date("r", $TIMEMARK));
$acc->addRow();
$acc->addCol("Withdrawal or deposit:");
$pdm = "<select name=\"wod\">";
$pdm .= "<option value=\"0\">Deposit (give money)</option>";
$pdm .= "<option SELECTED value=\"1\">Withdrawal (take money)</option>";
$pdm .= "</select>";
$acc->addCol($pdm);
$acc->addRow();
$acc->addCol("Amount:");
$acc->addCol("<input size=\"8\" type=\"text\" name=\"amount\"> ISK");
$acc->addRow();
$acc->addCol("Reason:");
$pdm = "<select name=\"reason1\">";
$pdm .= "<option>requested payout</option>";
$pdm .= "<option SELECTED>normal payout</option>";
$pdm .= "<option>payout of loan</option>";
$pdm .= "<option>manual deposit</option>";
$pdm .= "<option>cash recived</option>";
$pdm .= "</select>";
$acc->addCol($pdm . " -or- <input type=\"text\" name=\"reason2\">");
$acc->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Authorize transaction\">");
$transBox = "<form action=\"index.php\" method=\"POST\">";
$transBox .= $acc->flush();
$transBox .= "<input type=\"hidden\" name=\"id\" value=\"" . $_GET[id] . "\">";
$transBox .= "<input type=\"hidden\" name=\"check\" value=\"true\">";
$transBox .= "<input type=\"hidden\" name=\"action\" value=\"transaction\">";
$transBox .= "</form>";
}
$page = "<h2>Managing user details</h2>" . $form . $table->flush() . "<br>" . $apit->flush() . "<br>" . $perm_table->flush() . "</form>" . $transBox;
$transactions = getTransactions($id);
if ($transactions) {
$page .= $transactions;
}
// Add login table if we have more than 0 logins.
if ($logins) {
if ($transactions) {
$page .= "<br>";
}
$page .= $logins;
}
$page .= $failed_logins;
// Return the page.
return $page;
}
function makePreferences()
{
// I kid you not. All needed.
global $PREFS;
global $VERSION;
global $SITENAME;
global $TIMEMARK;
global $DB;
global $MySelf;
/*
* Cantimer Settings
*/
$cantimer_table = new table(2, true);
$cantimer_table->addHeader(">> Preferences for Cantimer");
// Can see my own cans.
$cantimer_table->addRow();
if ($PREFS->getPref("CanMyCans")) {
$cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanMyCans\" value=\"true\">");
} else {
$cantimer_table->addCol("<input type=\"checkbox\" name=\"CanMyCans\" value=\"true\">");
}
$cantimer_table->addCol("Tick box to see your own cans.");
// Can see the add cans form.
$cantimer_table->addRow();
if ($PREFS->getPref("CanAddCans")) {
$cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanAddCans\" value=\"true\">");
} else {
$cantimer_table->addCol("<input type=\"checkbox\" name=\"CanAddCans\" value=\"true\">");
}
$cantimer_table->addCol("Tick the add can form.");
// Can See cans beloning to same run.
$cantimer_table->addRow();
if ($PREFS->getPref("CanRunCans")) {
$cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanRunCans\" value=\"true\">");
} else {
$cantimer_table->addCol("<input type=\"checkbox\" name=\"CanRunCans\" value=\"true\">");
}
$cantimer_table->addCol("Tick to see cans beloning to your MiningOp.");
// Can see all cans.
$cantimer_table->addRow();
if ($PREFS->getPref("CanAllCans")) {
$cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanAllCans\" value=\"true\">");
} else {
$cantimer_table->addCol("<input type=\"checkbox\" name=\"CanAllCans\" value=\"true\">");
}
$cantimer_table->addCol("Tick if you want to see all cans.");
$cantimer_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update Can Timer settings\">");
/*
* Opt In/Out of emails Setting
*/
$opt_table = new table(2, true);
$opt_table->addHeader(">> Your eMail settings");
$opt_table->addRow();
if ($MySelf->optInState()) {
$opt_table->addCol("<input type=\"checkbox\" CHECKED name=\"optIn\" value=\"true\">");
} else {
$opt_table->addCol("<input type=\"checkbox\" name=\"optIn\" value=\"true\">");
}
$opt_table->addCol("Tick this to recive eMails from MiningBuddy. You will get eMails that will inform you about new events entered into the system, Mining Run reciepts and the occasional CEO email.");
$opt_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update your eMail preferences\">");
/*
* Show/hide inofficial runs
*/
$sir_table = new table(2, true);
$sir_table->addHeader(">> Show/Hide inofficial runs");
$sir_table->addRow();
if ($PREFS->getPref("sirstate")) {
$sir_table->addCol("<input type=\"checkbox\" CHECKED name=\"sir\" value=\"true\">");
} else {
$sir_table->addCol("<input type=\"checkbox\" name=\"sir\" value=\"true\">");
}
$sir_table->addCol("Tick the box to show non-official mining operations. Your own inofficial mining runs are still shown, however.");
$sir_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update your settings\">");
/*
* Update eMail address.
*/
if ($MySelf->canChangeEmail()) {
$email_table = new table(2, true);
$email_table->addHeader(">> Update your eMail address");
$email_table->addRow("#060622");
$email_table->addCol("Your email is needed to send password hints and event news.", array("colspan" => 2));
// Query the oracle.
$email_table->addRow();
$email = $DB->getCol("select email from users where username = '******' AND deleted='0' limit 1");
$email_table->addCol("Current eMail:");
$email_table->addCol("<input type=\"text\" readonly value=\"" . $email[0] . "\">");
$email_table->addRow();
$email_table->addCol("New eMail:");
$email_table->addCol("<input type=\"text\" name=\"email\" maxlength=\"100\">");
$email_table->addHeaderCentered("<input type=\"submit\" name=\"change\" value=\"Update your eMail\">");
}
/*
* Change password.
*/
if ($MySelf->canChangePwd()) {
$password_table = new table(2, true);
$password_table->addHeader(">> Change your password");
$password_table->addRow("#060622");
$password_table->addCol("Its always a good idea to change your password frequently. Your password is " . "stored in an encrypted form; no one will ever be able to read it.", array("colspan" => "2"));
$password_table->addRow();
$password_table->addCol("Changing password for:");
$password_table->addCol(ucfirst($MySelf->getUsername()));
$password_table->addRow();
$password_table->addCol("Your current password:"******"<input type=\"password\" name=\"password\" maxlength=\"20\">");
$password_table->addRow();
$password_table->addCol("Set a new password:"******"<input type=\"password\" name=\"password1\" maxlength=\"20\">");
$password_table->addRow();
$password_table->addCol("Verify your new password:"******"<input type=\"password\" name=\"password2\" maxlength=\"20\">");
$password_table->addHeaderCentered("<input type=\"submit\" name=\"change\" value=\"Update your password\">");
}
// Assemble the html.
$page = "<h2>Your Preferences</h2>";
$page .= "<form action=\"index.php\" method=\"POST\">";
$page .= $cantimer_table->flush();
$page .= "<input type=\"hidden\" name=\"action\" value=\"changecanpage\">";
$page .= "<input type=\"hidden\" name=\"check\" value=\"check\"></form>";
$page .= "<form action=\"index.php\" method=\"POST\">";
$page .= $opt_table->flush();
$page .= "<input type=\"hidden\" name=\"check\" value=\"check\">";
$page .= "<input type=\"hidden\" name=\"action\" value=\"optIn\"></form>";
$page .= "<form action=\"index.php\" method=\"POST\">";
$page .= $sir_table->flush();
$page .= "<input type=\"hidden\" name=\"check\" value=\"check\">";
$page .= "<input type=\"hidden\" name=\"action\" value=\"sirchange\"></form>";
if ($MySelf->canChangeEmail()) {
$page .= "<form action=\"index.php\" method=\"post\">";
$page .= $email_table->flush();
$page .= "<input type=\"hidden\" name=\"action\" value=\"changeemail\">";
$page .= "<input type=\"hidden\" name=\"check\" value=\"check\">";
$page .= "</form>";
}
if ($MySelf->canChangePwd()) {
$page .= "<form action=\"index.php\" method=\"post\">";
$page .= $password_table->flush();
$page .= "<input type=\"hidden\" name=\"action\" value=\"changepw\">";
$page .= "<input type=\"hidden\" name=\"check\" value=\"check\">";
$page .= "<input type=\"hidden\" name=\"username\" value=\"%%USERNAME%%\">";
$page .= "</form>";
}
// Api Keys
// Load possible current keys.
$api = new api($MySelf->getID());
$api_key = $api->getApiKey();
$api_id = $api->getApiID();
if (!$api->valid()) {
$api->authorizeApi();
}
// Do the api table.
$api_table = new table(2, true);
$api_table->addHeader(">> Api key management");
$api_table->addRow();
$api_table->addCol("Here you can supply your limited-access API-Key. Its used for quick-login for now.", array("colspan" => 2));
if ($api_id && $api->valid()) {
$s1 = "<input type =\"hidden\" name=\"apiID\" value=\"{$api_id}\">{$api_id}";
} else {
$s1 = "<input type=\"text\" name=\"apiID\" value=\"{$api_id}\">";
$doApiLink = true;
}
if ($api_key && $api->valid()) {
$s2 = "<input type =\"hidden\" name=\"apiKey\" value=\"{$api_key}\">{$api_key}";
} else {
$s2 = "<input type=\"text\" size=\"80\" name=\"apiKey\" value=\"{$api_key}\">";
$doApiLink = true;
}
$api_table->addRow();
$api_table->addCol("API ID:");
$api_table->addCol($s1);
$api_table->addRow();
$api_table->addCol("Verification Code:");
$api_table->addCol($s2);
// Add the API link to eve online.
global $IGB;
global $IGB_VISUAL;
if ($doApiLink && (!$IGB || $IGB && $IGB_VISUAL)) {
$api_table->addRow();
$api_table->addCol("Get your API key here:");
$api_table->addCol("<a href=\"http://support.eveonline.com/api/default.asp\">http://support.eveonline.com/api/default.asp</a>");
}
if ($api_key) {
$api_table->addRow();
$api_table->addCol("API Key validated:");
if (!$api->valid()) {
$hint = " (If your key is not validated, hit update API key button.)";
}
$api_table->addCol(yesno($api->valid(), yes) . $hint);
if ($api->valid()) {
$api_table->addRow();
$api_table->addCol("Validated on:");
$api_table->addCol(date("d.m.Y H:i:s", $api->validatedOn()));
$api_table->addRow();
$api_table->addCol("Next verification at:");
$api_table->addCol(date("d.m.Y H:i:s", $api->nextValidation()));
$api_table->addRow();
$api_table->addCol("API keys are valid for:");
$days = getConfig("api_keys_valid");
if ($days <= 1) {
$days = "1 day.";
} else {
$days = $days . " days.";
}
$api_table->addCol($days);
$api_table->addRow();
$api_table->addCol("Character ID:");
$api_table->addCol($api->getCharacterID());
}
$api_table->addRow();
$api_table->addCol("Remove Key:");
$api_table->addCol("<input type=\"checkbox\" name=\"deleteKey\" value=\"true\"> Tick box to remove the API key from the Database.");
}
$api_table->addHeaderCentered("<input type=\"submit\" name=\"update_api\" value=\"Update API Key\">");
$api_form .= "<form action=\"index.php\" method=\"POST\">";
$api_form .= $api_table->flush();
$api_form .= "<input type=\"hidden\" name=\"action\" value=\"update_api\">";
$api_form .= "<input type=\"hidden\" name=\"check\" value=\"check\"></form>";
$page .= $api_form;
// We are done here.
return $page;
}
