Esempio n. 1
0
<?php

include 'inc/init.php';
fRequest::overrideAction();
$action = fRequest::getValid('action', array('list', 'add', 'edit', 'settings', 'delete'));
if ($action != 'add') {
    fAuthorization::requireLoggedIn();
}
$user_id = fRequest::get('user_id', 'integer');
if ('edit' == $action) {
    try {
        $user = new User($user_id);
        if (fRequest::isPost()) {
            $user->populate();
            if ($GLOBALS['ALLOW_HTTP_AUTH'] && $user->getUserId() != 1) {
                $password = '******';
            } else {
                $password = fCryptography::hashPassword($user->getPassword());
                $user->setPassword($password);
            }
            fRequest::validateCSRFToken(fRequest::get('token'));
            $user->store();
            fMessaging::create('affected', User::makeUrl('list'), $user->getUsername());
            fMessaging::create('success', User::makeUrl('list'), 'The user ' . $user->getUsername() . ' was successfully updated');
            fURL::redirect(User::makeUrl('list'));
        }
    } catch (fNotFoundException $e) {
        fMessaging::create('error', User::makeUrl('list'), 'The user requested, ' . fHTML::encode($user_id) . ', could not be found');
        fURL::redirect(User::makeUrl('list'));
    } catch (fExpectedException $e) {
        fMessaging::create('error', fURL::get(), $e->getMessage());