function getUserByUsername($username) { $user = fetchUserDetails($username); if ($user != null) { return getUserByID($user["id"]); return getUserByID($user["id"]); } }
} } if (trim($username) == "") { $errors[] = lang("ACCOUNT_SPECIFY_USERNAME"); } else { if (!usernameExists($username)) { $errors[] = lang("ACCOUNT_INVALID_USERNAME"); } } if (count($errors) == 0) { //Check that the username / email are associated to the same account if (!emailUsernameLinked($email, $username)) { $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID"); } else { //Check if the user has any outstanding lost password requests $userdetails = fetchUserDetails($username); if ($userdetails["lost_password_request"] == 1) { $errors[] = lang("FORGOTPASS_REQUEST_EXISTS"); } else { //Email the user asking to confirm this change password request //We can use the template builder here //We use the activation token again for the url key it gets regenerated everytime it's used. $mail = new userCakeMail(); $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activation_token"]; $deny_url = lang("DENY") . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activation_token"]; //Setup our custom hooks $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["user_name"])); if (!$mail->newTemplateMsg("lost-password-request.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Lost password request")) {
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; $baseURL = getcwd(); require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } //Forms posted if (!empty($_POST) && $emailActivation) { $email = $_POST["email"]; $username = $_POST["username"]; //Perform some validation //Feel free to edit / change as required if (trim($email) == "") { $errors[] = lang("ACCOUNT_SPECIFY_EMAIL"); } else { if (!isValidEmail($email) || !emailExists($email)) { $errors[] = lang("ACCOUNT_INVALID_EMAIL"); } } if (trim($username) == "") { $errors[] = lang("ACCOUNT_SPECIFY_USERNAME"); } else { if (!usernameExists($username)) { $errors[] = lang("ACCOUNT_INVALID_USERNAME"); } } if (count($errors) == 0) { //Check that the username / email are associated to the same account if (!emailUsernameLinked($email, $username)) { $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID"); } else { $userdetails = fetchUserDetails($username); //See if the user's account is activation if ($userdetails["active"] == 1) { $errors[] = lang("ACCOUNT_ALREADY_ACTIVE"); } else { if ($resend_activation_threshold == 0) { $hours_diff = 0; } else { $last_request = $userdetails["last_activation_request"]; $hours_diff = round((time() - $last_request) / (3600 * $resend_activation_threshold), 0); } if ($resend_activation_threshold != 0 && $hours_diff <= $resend_activation_threshold) { $errors[] = lang("ACCOUNT_LINK_ALREADY_SENT", array($resend_activation_threshold)); } else { //For security create a new activation url; $new_activation_token = generateActivationToken(); if (!updateLastActivationRequest($new_activation_token, $username, $email)) { $errors[] = lang("SQL_ERROR"); } else { $mail = new userCakeMail(); $activation_url = $websiteUrl . "activate-account.php?token=" . $new_activation_token; //Setup our custom hooks $hooks = array("searchStrs" => array("#ACTIVATION-URL", "#USERNAME#"), "subjectStrs" => array($activation_url, $userdetails["display_name"])); if (!$mail->newTemplateMsg("resend-activation.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Activate your " . $websiteName . " Account")) { $errors[] = lang("MAIL_ERROR"); } else { //Success, user details have been updated in the db now mail this information out. $successes[] = lang("ACCOUNT_NEW_ACTIVATION_SENT"); } } } } } } } } //Prevent the user visiting the logged in page if he/she is already logged in if (isUserLoggedIn()) { header("Location: " . str_replace('index.php/', '', site_url('account'))); die; } $this->load->view('resend_activation'); }
$remove = $_POST['removePermission']; if ($deletion_count = removePermission($remove, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($add, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $userdetails = fetchUserDetails(NULL, NULL, $userId); } } $userPermission = fetchUserPermissions($userId); $permissionData = fetchAllPermissions(); require_once "models/header.php"; echo "\r\n<div class='container'>\r\n<h1>PerunioCMS</h1>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>"; //Display activation link, if account inactive if ($userdetails['active'] == '1') { echo "Yes"; } else { echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t"; } echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
if (count($errors) == 0) { //Check that the username / email are associated to the same account if (!emailUsernameLinked($email, $username)) { $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID"); } else { //Check if the user has any outstanding lost password requests $userdetails = fetchUserDetails($username); if ($userdetails["lost_password_request"] == 1) { $errors[] = lang("FORGOTPASS_REQUEST_EXISTS"); } else { $token = $userdetails["activation_token"]; $rand_pass = getUniqueCode(15); //Get unique code $secure_pass = generateHash($rand_pass); //Generate random hash $userdetails = fetchUserDetails(NULL, $token); //Fetchs user details $mail = new userCakeMail(); //Setup our custom hooks $hooks = array("searchStrs" => array("#GENERATED-PASS#", "#USERNAME#"), "subjectStrs" => array($rand_pass, $userdetails["display_name"])); if (!$mail->newTemplateMsg("your-lost-password.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Your new password")) { $errors[] = lang("MAIL_ERROR"); } else { if (!updatePasswordFromToken($secure_pass, $token)) { $errors[] = lang("SQL_ERROR"); } else { if (!flagLostPasswordRequest($userdetails["user_name"], 0)) { $errors[] = lang("SQL_ERROR");
</colgroup> <thead> <tr> <th>Title</th> <th class="hidden-xs">Description</th> <th>Person</th> <th>Start</th> <th>End</th> <th class="hidden-xs hidden-sm">Gear</th> </tr> </thead> <tbody> <?php foreach ($checkouts as $checkout) { $person = $checkout->getPerson(); $personDetails = fetchUserDetails(NULL, NULL, $person); $co_start = new DateTime($checkout->getStart()); $co_end = new DateTime($checkout->getEnd()); $now = new DateTime(); if ($co_end < $now) { echo "<tr class='text-muted'>"; } else { echo "<tr>"; } printf("<td><a href='checkout.php?co_id=%s'>%s</a></td>", $checkout->getID(), $checkout->getTitle()); printf("<td class='hidden-xs'>%s</td>", shortString($checkout->getDescription(), 100, true)); printf("<td>%s</td>", $personDetails['display_name']); printf("<td>%s</td>", $co_start->format('m-d g:iA')); printf("<td>%s</td>", $co_end->format('m-d g:iA')); printf("<td class='hidden-xs hidden-sm'>"); $i = 0;
function withdraw($userid, $currency, $amount, $address = NULL, $fiatcurrency = "USD") { global $handshake; global $dogeWalletServer; global $btcWalletServer; if ($address == NULL) { $userdetails = fetchUserDetails(NULL, NULL, $userid); $address = $userdetails[$currency . 'address']; } $params = $address . '@@@' . $amount . '@@@' . 'dogepos-' . $userid; $key = $params . $handshake; $key = sha1($key); if (strtoupper($currency) == "DOGE") { //generate api call $url = $dogeWalletServer . 'index.php?call=withdraw¶ms=' . $params . '&key=' . $key; //do conversion $fiat = get_doge_conversion($amount, $fiatcurrency, true); } else { if (strtoupper($currency) == "BTC") { $url = $btcWalletServer . 'index.php?call=withdraw¶ms=' . $params . '&key=' . $key; //do conversion $fiat = get_btc_conversion($amount, $fiatcurrency, true); } } echo "[fiat=" . $fiat . $fiatcurrency . " || amount=" . $amount . $currency; echo $url; //open connection $ch = curl_init(); //set the url, number of POST vars, POST data curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //execute post $result = curl_exec($ch); //print_r($result); if (strlen($result) > 20) { $logamount = 0 - $amount; $logfiat = 0 - $fiat; log_transaction($address, $logamount, $logfiat, $fiatcurrency, strtoupper($currency), $userid, $result); } //close connection curl_close($ch); //echo "result".$result; return $result; /* part of pin check } */ }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } //Prevent the user visiting the logged in page if he/she is already logged in if (isUserLoggedIn()) { header("Location: " . str_replace('index.php/', '', site_url('account'))); die; } //Forms posted if (!empty($_POST)) { global $errors; $errors = array(); $username = sanitize(trim($_POST["username"])); $password = trim($_POST["password"]); //Perform some validation //Feel free to edit / change as required if ($username == "") { $errors[] = lang("ACCOUNT_SPECIFY_USERNAME"); } if ($password == "") { $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD"); } if (count($errors) == 0) { //A security note here, never tell the user which credential was incorrect if (!usernameExists($username)) { $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID"); } else { $userdetails = fetchUserDetails($username); //See if the user's account is activated if ($userdetails["active"] == 0) { $errors[] = lang("ACCOUNT_INACTIVE"); } else { //Hash the password and use the salt from the database to compare the password. $entered_pass = generateHash($password, $userdetails["password"]); if ($entered_pass != $userdetails["password"]) { //Again, we know the password is at fault here, but lets not give away the combination incase of someone bruteforcing $errors[] = lang("ACCOUNT_USER_OR_PASS_INVALID"); } else { //Passwords match! we're good to go' //Construct a new logged in user object //Transfer some db data to the session object $loggedInUser = new loggedInUser(); $loggedInUser->email = $userdetails["email"]; $loggedInUser->user_id = $userdetails["id"]; $loggedInUser->hash_pw = $userdetails["password"]; $loggedInUser->title = $userdetails["title"]; $loggedInUser->displayname = $userdetails["display_name"]; $loggedInUser->username = $userdetails["user_name"]; //Update last sign in $loggedInUser->updateLastSignIn(); $this->session->set_userdata('userCakeUser', $loggedInUser); // $_SESSION["userCakeUser"] = $loggedInUser; //Redirect to user account page header("Location: " . str_replace('index.php/', '', site_url('account'))); die; } } } } } $this->load->view('login'); }
//End data validation if (count($errors) == 0) { $loggedInUser->updateEmail($email); $successes[] = lang("ACCOUNT_EMAIL_UPDATED"); } } //Update Currency if ($currency != $loggedInUser->currency && count($errors) == 0) { $loggedInUser->updateCurrency($currency); $successes[] = "currency updated"; } //update withraw addresses if ($autodoge != $loggedInUser->autodoge || $autobtc != $loggedInUser->autobtc || $dogeaddress != $loggedInUser->dogeaddress || $btcaddress != $loggedInUser->btcaddress) { $check = "TRIGGERED"; //check pin $userdetails = fetchUserDetails(NULL, NULL, $loggedInUser->user_id); $entered_pin = generateHash($pin, $userdetails["pin"]); if ($entered_pin != $userdetails["pin"]) { $errors[] = "wrong pin!"; } //update doge address if ($dogeaddress != $loggedInUser->dogeaddress) { if (trim($dogeaddress) == "") { $errors[] = "error"; } //End data validation if (count($errors) == 0) { $loggedInUser->updateDogeaddress($dogeaddress); $successes[] = "address updated"; } }
public function printThread($user) { $stats = count($this->getChildren()) . " post(s) " . $this->getViews() . " view(s)"; $printLatestPost = "No posts."; $latestPost = $this->getLatestPost(); if ($latestPost->fields["User"] != null) { $latestPostUser = getUserByID($latestPost->fields["User"]); $printLatestPost = "Last Post By: <b>" . $latestPostUser->username . "</b><br />" . $latestPost->getDate(); } $thisOwner = "Annoymous"; if ($this->getFirstPost()->fields["User"] != null) { $userdetails = fetchUserDetails(null, null, $this->getFirstPost()->fields["User"]); $thisOwner = $userdetails["display_name"]; } return "\r\n <div class='thread_wrapper " . ($this->isUnread($user) ? "thread_unread" : ($this->fields["Sticky"] == "yes" ? "thread_sticky" : "thread_normal")) . "'>\r\n <div class='forum_element'>\r\n <div class='two_third thread_content'>\r\n <h3 class='element_title'><a href='{$_SERVER['PHP_SELF']}?p=t{$this->getID()}'>{$this->name}</a></h3>\r\n <div class='forum_element_info'>\r\n {$thisOwner}, {$this->getFirstPost()->getDate()}\r\n </div>\r\n </div>\r\n <div class='forum_element_info one_third column-last'>\r\n {$printLatestPost} <br/> {$stats}\r\n </div>\r\n <div class='clear'></div>\r\n </div>\r\n </div>\r\n <div class='hrline_silver' style='width: 95%'></div>"; }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; $baseURL = getcwd(); require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } //User has confirmed they want their password changed if (!empty($_GET["confirm"])) { $token = trim($_GET["confirm"]); if ($token == "" || !validateActivationToken($token, TRUE)) { $errors[] = lang("FORGOTPASS_INVALID_TOKEN"); } else { $rand_pass = getUniqueCode(15); //Get unique code $secure_pass = generateHash($rand_pass); //Generate random hash $userdetails = fetchUserDetails(NULL, $token); //Fetchs user details $mail = new userCakeMail(); //Setup our custom hooks $hooks = array("searchStrs" => array("#GENERATED-PASS#", "#USERNAME#"), "subjectStrs" => array($rand_pass, $userdetails["display_name"])); if (!$mail->newTemplateMsg("{$baseURL}/application/third_party/user_cake/mail-templates/your-lost-password.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Your new password")) { $errors[] = lang("MAIL_ERROR"); } else { if (!updatePasswordFromToken($secure_pass, $token)) { $errors[] = lang("SQL_ERROR"); } else { if (!flagLostPasswordRequest($userdetails["user_name"], 0)) { $errors[] = lang("SQL_ERROR"); } else { $successes[] = lang("FORGOTPASS_NEW_PASS_EMAIL"); } } } } } } //User has denied this request if (!empty($_GET["deny"])) { $token = trim($_GET["deny"]); if ($token == "" || !validateActivationToken($token, TRUE)) { $errors[] = lang("FORGOTPASS_INVALID_TOKEN"); } else { $userdetails = fetchUserDetails(NULL, $token); if (!flagLostPasswordRequest($userdetails["user_name"], 0)) { $errors[] = lang("SQL_ERROR"); } else { $successes[] = lang("FORGOTPASS_REQUEST_CANNED"); } } } //Forms posted if (!empty($_POST)) { $email = $_POST["email"]; $username = sanitize($_POST["username"]); //Perform some validation //Feel free to edit / change as required if (trim($email) == "") { $errors[] = lang("ACCOUNT_SPECIFY_EMAIL"); } else { if (!isValidEmail($email) || !emailExists($email)) { $errors[] = lang("ACCOUNT_INVALID_EMAIL"); } } if (trim($username) == "") { $errors[] = lang("ACCOUNT_SPECIFY_USERNAME"); } else { if (!usernameExists($username)) { $errors[] = lang("ACCOUNT_INVALID_USERNAME"); } } if (count($errors) == 0) { //Check that the username / email are associated to the same account if (!emailUsernameLinked($email, $username)) { $errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID"); } else { //Check if the user has any outstanding lost password requests $userdetails = fetchUserDetails($username); if ($userdetails["lost_password_request"] == 1) { $errors[] = lang("FORGOTPASS_REQUEST_EXISTS"); } else { //Email the user asking to confirm this change password request //We can use the template builder here //We use the activation token again for the url key it gets regenerated everytime it's used. $mail = new userCakeMail(); $confirm_url = lang("CONFIRM") . "\n" . $websiteUrl . "forgot-password.php?confirm=" . $userdetails["activation_token"]; $deny_url = lang("DENY") . "\n" . $websiteUrl . "forgot-password.php?deny=" . $userdetails["activation_token"]; //Setup our custom hooks $hooks = array("searchStrs" => array("#CONFIRM-URL#", "#DENY-URL#", "#USERNAME#"), "subjectStrs" => array($confirm_url, $deny_url, $userdetails["user_name"])); if (!$mail->newTemplateMsg("{$baseURL}/application/third_party/user_cake/mail-templates/lost-password-request.txt", $hooks)) { $errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR"); } else { if (!$mail->sendMail($userdetails["email"], "Lost password request")) { $errors[] = lang("MAIL_ERROR"); } else { //Update the DB to show this account has an outstanding request if (!flagLostPasswordRequest($userdetails["user_name"], 1)) { $errors[] = lang("SQL_ERROR"); } else { $successes[] = lang("FORGOTPASS_REQUEST_SUCCESS"); } } } } } } } $this->load->view('forgot_password'); }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } $userId = $_GET['id']; //Check if selected user exists if (!userIdExists($userId)) { header("Location: " . str_replace('index.php/', '', site_url('admin_users'))); die; } $userdetails = fetchUserDetails(NULL, NULL, $userId); //Fetch user details //Forms posted if (!empty($_POST)) { //Delete selected account if (!empty($_POST['delete'])) { $deletions = $_POST['delete']; if ($deletion_count = deleteUsers($deletions)) { $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } else { //Update display name if ($userdetails['display_name'] != $_POST['display']) { $displayname = trim($_POST['display']); //Validate display name if (displayNameExists($displayname)) { $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname)); } elseif (minMaxRange(5, 25, $displayname)) { $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25)); } elseif (!ctype_alnum($displayname)) { $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS"); } else { if (updateDisplayName($userId, $displayname)) { $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname)); } else { $errors[] = lang("SQL_ERROR"); } } } else { $displayname = $userdetails['display_name']; } //Activate account if (isset($_POST['activate']) && $_POST['activate'] == "activate") { if (setUserActive($userdetails['activation_token'])) { $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname)); } else { $errors[] = lang("SQL_ERROR"); } } //Update email if ($userdetails['email'] != $_POST['email']) { $email = trim($_POST["email"]); //Validate email if (!isValidEmail($email)) { $errors[] = lang("ACCOUNT_INVALID_EMAIL"); } elseif (emailExists($email)) { $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email)); } else { if (updateEmail($userId, $email)) { $successes[] = lang("ACCOUNT_EMAIL_UPDATED"); } else { $errors[] = lang("SQL_ERROR"); } } } //Update title if ($userdetails['title'] != $_POST['title']) { $title = trim($_POST['title']); //Validate title if (minMaxRange(1, 50, $title)) { $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50)); } else { if (updateTitle($userId, $title)) { $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title)); } else { $errors[] = lang("SQL_ERROR"); } } } //Remove permission level if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePermission($remove, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($add, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $userdetails = fetchUserDetails(NULL, NULL, $userId); } } $userPermission = fetchUserPermissions($userId); $permissionData = fetchAllPermissions(); require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>"; //Display activation link, if account inactive if ($userdetails['active'] == '1') { echo "Yes"; } else { echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t"; } echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>"; //Last sign in, interpretation if ($userdetails['last_sign_in_stamp'] == '0') { echo "Never"; } else { echo date("j M, Y", $userdetails['last_sign_in_stamp']); } echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:"; //List of permission levels user is apart of foreach ($permissionData as $v1) { if (isset($userPermission[$v1['id']])) { echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } //List of permission levels user is not apart of echo "</p><p>Add Permission:"; foreach ($permissionData as $v1) { if (!isset($userPermission[$v1['id']])) { echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }
$resp = recaptcha_check_answer($recaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $v->set_global_error(lang("CAPTCHA_ERROR")); } // If no validation errors present if (count($v->errors_global) + count($v->errors_specific) == 0) { $success = true; //Construct a user object $user = new User($_POST['username'], $_POST['password'], $_POST['email']); //Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required) if ($user->userCakeAddUser()) { if ($user->mail_failure) { array_push($warning_messages, lang("ACTIVATION_MAIL_NOT_SENT", array($_POST['username'], $_POST['email']))); } // Retrieve the User_ID from the database $userdetails = fetchUserDetails($user->clean_username); if (!empty($userdetails)) { $contact = new Contact(true, $userdetails['User_ID'], $_POST); $personal = new Personal(true, $userdetails['User_ID'], $_POST); $status = new Status(true, $userdetails['User_ID'], $_POST); if ($_POST['group_id'] == 1 || $_POST['group_id'] == 2) { $studies = new Studies_Undergr(true, $userdetails['User_ID'], $_POST); } $inserted = array(); $inserted['contact'] = $contact->insert(); $inserted['personal'] = $personal->insert(); $inserted['status'] = $status->insert(); if ($_POST['group_id'] == 1 || $_POST['group_id'] == 2) { $inserted['studies'] = $studies->insert(); } // TODO Failure handling here is non-existent