public function __construct() { parent::__construct('formDeleteUser', 'Delete user?'); requirePriv('USER_DELETE'); $this->addElement(Element::factory('hidden', 'uid', null, $_REQUEST['formDeleteUser-uid'])); $this->addElement(Element::factory('html', 'msg', null, 'Sure?')); $this->addButtons(Form::BTN_SUBMIT); }
<?php require_once 'includes/widgets/header.php'; requirePriv('GROUPLIST'); $sql = 'SELECT g.id, g.title FROM groups g'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->execute(); $listGroups = $stmt->fetchAll(); $tpl->assign('listGroups', $listGroups); $tpl->display('listGroups.tpl'); require_once 'includes/widgets/footer.php';
<?php require_once 'includes/common.php'; requirePriv('USERLIST'); $id = fromRequestRequireInt('id'); $sql = 'SELECT u.id, u.username, u.usernameSteam, g.title AS groupTitle, u.email, u.lastLogin, u.registered, o.id AS organizerId, o.title AS organizerTitle FROM users u JOIN groups g ON u.group = g.id LEFT JOIN organizers o ON u.organization = o.id WHERE u.id = :id'; $stmt = $db->prepare($sql); $stmt->bindValue(':id', $id); $stmt->execute(); if ($stmt->numRows() == 0) { throw new Exception('user not found'); } $user = $stmt->fetchRow(); define('TITLE', 'User: '******'username']); require_once 'includes/widgets/header.php'; echo '<h2>User: '******'username'] . '</h2>'; echo 'Steam username: '******'usernameSteam']) ? '???' : $user['usernameSteam']) . '<br />'; echo 'Primary group: ' . $user['groupTitle'] . '<br />'; echo 'Last login: '******'lastLogin'] . '<br />'; echo 'Registered: ' . issetor($user['registered']) . '<br />'; echo 'Email: ' . issetor($user['email']) . '<br />'; if (!empty($user['organizerId'])) { echo 'Organizer: <a href = "viewOrganizer.php?id=' . $user['organizerId'] . '">' . $user['organizerTitle'] . '</a>'; } if (Session::getUser()->hasPriv('USER_EMAIL_LOG')) { $sql = 'SELECT l.id, l.sent, l.subject FROM email_log l WHERE l.emailAddress = :emailAddress ORDER BY l.sent DESC LIMIT 10'; $stmt = DatabaseFactory::getInstance()->prepare($sql); $stmt->bindValue(':emailAddress', $user['email']); $stmt->execute(); $tpl->assign('loggedEmails', $stmt->fetchAll()); $tpl->display('viewUser.tpl');
<?php require_once 'includes/widgets/header.php'; require_once 'jwrCommonsPhp/Exceptions.php'; switch ($_REQUEST['action']) { case 'toggleEvent': requirePriv('TOGGLE_EVENT_PUBLISHED'); $sql = 'UPDATE events SET published = !published WHERE id = :id'; $stmt = $db->prepare($sql); $stmt->bindValue(':id', $_REQUEST['id']); $stmt->execute(); $sql = 'SELECT u.id, u.username, u.email, e.id AS eventId, e.title AS eventTitle FROM users u JOIN organizers o ON u.organization = o.id JOIN events e ON e.organizer = o.id AND e.id = :eventId'; $stmt = $db->prepare($sql); $stmt->bindValue(':eventId', $_REQUEST['id']); $stmt->execute(); foreach ($stmt->fetchAll() as $orgieUser) { $tpl->assign('user', $orgieUser); $content = $tpl->fetch('email.eventToggled.tpl'); sendEmail($orgieUser['email'], $content, 'Event has been published or unpublished.'); } redirect('viewEvent.php?id=' . $_REQUEST['id'], 'Event toggled. Email sent to organizers.'); break; case 'cloneEvent': $event = fetchEvent(fromRequestRequireInt('id')); if ($event == null) { throw new Exception('event not found'); } if (!Session::getUser()->hasPriv('EVENT_CLONE')) { if ($event['organizerId'] != Session::getUser()->getData('organization')) { throw new PermissionsException('You cannot clone that event, because you are not the organizer.'); }