// $option_credit = "<tr><td>" . _('Credit') . "</td><td><input type=text maxlength=14 name=up_credit value=\"$credit\"></td></tr>";
if ($is_parent) {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete subuser ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_del" . $url_uname . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list');
} else {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete user ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=user_mgmnt&op=user_del" . $url_uname . "&view=" . $view . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=user_mgmnt&op=user_list&view=' . $view);
}
} else {
$form_title = _('User configuration');
// fixme anton - now disabled since plugin/feature/credit exists
// $option_credit = "<tr><td>" . _('Credit') . "</td><td>$credit</td></tr>";
}
// get access control list
$c_option_acl = array_flip(acl_getall());
$option_acl = _input('text', '', acl_getname($acl_id), array('readonly'));
if (auth_isadmin()) {
$option_acl = _select('up_acl_id', $c_option_acl, $acl_id);
}
if ($user_edited['status'] == 4) {
$parent_id = user_getparentbyuid($user_edited['uid']);
if ($parent_id == $user_config['uid']) {
$c_option_acl = array_flip(acl_getallbyuid($user_config['uid']));
$option_acl = _select('up_acl_id', $c_option_acl, $acl_id);
}
}
// additional user's config available on registry
$data = registry_search($c_uid, 'core', 'user_config');
// credit unicodes messages as single message
$option_enable_credit_unicode = _options(array(_('yes') => 1, _('no') => 0), $data['core']['user_config']['enable_credit_unicode']);
if (auth_isadmin()) {
* (at your option) any later version.
*
* playSMS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
$id = $_REQUEST['id'];
$acl_name = acl_getname($id);
switch (_OP_) {
case "user_list":
$search_var = array(_('Registered') => 'register_datetime', _('Username') => 'username', _('Name') => 'name', _('Mobile') => 'mobile');
$search = themes_search($search_var, '');
$conditions = array('flag_deleted' => 0, 'acl_id' => $id);
$keywords = $search['dba_keywords'];
$count = dba_count(_DB_PREF_ . '_tblUser', $conditions, $keywords);
$nav = themes_nav($count, "index.php?app=main&inc=core_acl&route=view&op=user_list&id=" . $id);
$extras = array('ORDER BY' => 'register_datetime DESC, username', 'LIMIT' => $nav['limit'], 'OFFSET' => $nav['offset']);
$list = dba_search(_DB_PREF_ . '_tblUser', '*', $conditions, $keywords, $extras);
$content .= _dialog() . "\n\t\t\t<h2>" . _('Manage ACL') . "</h2>\n\t\t\t<h3>" . _('View report') . "</h3>\n\n\t\t\t<table class=playsms-table cellpadding=1 cellspacing=2 border=0>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _('ACL ID') . "</td>\n\t\t\t\t\t<td>" . $id . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('ACL name') . "</td>\n\t\t\t\t\t<td>" . $acl_name . "</td>\n\t\t\t\t</tr>\n\t\t\t</table>\t\t\t\n\t\t\t<h4>" . _('List of accounts') . "</h4>\n\t\t\t<p>" . $search['form'] . "</p>\n\t\t\t<div class=table-responsive>\n\t\t\t<table class=playsms-table-list>\n\t\t\t<thead><tr>\n\t\t\t\t<th width='20%'>" . _('Registered') . "</th>\n\t\t\t\t<th width='20%'>" . _('Username') . "</th>\n\t\t\t\t<th width='20%'>" . _('Name') . "</th>\n\t\t\t\t<th width='20%'>" . _('Mobile') . "</th>\n\t\t\t\t<th width='20%'>" . _('Credit') . "</th>\n\t\t\t</tr></thead>\n\t\t\t<tbody>";
$j = $nav['top'];
for ($i = 0; $i < count($list); $i++) {
$action = "";
if ($list[$i]['uid'] != '1' || $list[$i]['uid'] != $user_config['uid']) {
/**
* Check if visitor has certain ACL
*
* @param string $acl
* Access Control List
* @return boolean TRUE if valid and visitor has certain ACL
*/
function auth_isacl($acl)
{
if (auth_isvalid()) {
if (auth_isadmin()) {
return TRUE;
} else {
$user_acl_id = user_getfieldbyuid($_SESSION['uid'], 'acl_id');
$user_acl_name = acl_getname($user_acl_id);
if ($acl && $user_acl_name && strtoupper($acl) == strtoupper($user_acl_name)) {
return TRUE;
}
}
}
return FALSE;
}
function acl_setbyuid($acl_id, $uid)
{
$ret = FALSE;
if ((int) $uid && ($acl_name = acl_getname($acl_id))) {
if (dba_update(_DB_PREF_ . '_tblUser', array('acl_id' => $acl_id), array('flag_deleted' => 0, 'uid' => $uid))) {
return TRUE;
}
}
return $ret;
}
