// form definition
// id name for the table is used for detection of submission and error messages
$form = new sfc\Form(SSP_Path(true), "tableNameForSql", "idNameforTable");
$form->tpl = $mainTemplate;
// main template to enclose the form, not required, form inserted into {content}
$form->tplf = "example1.tpl";
// display template for the form
$form->tda("miscTplData", "Some data for display on the form template, password is 'thingy'");
$form->fe("text", "firstElement", "First element, a text box");
$form->fep("required=true, dataType=text");
// element is required and is of data type text
$form->fe("password", "pasword", "enter a password");
$form->fep("required=true, dataType=password, load=false");
$form->addHidden("hiddenStuff", "Some hidden stuff", "text");
// hidden field
// check for submission
if ($form->processForm($_POST)) {
// check for error
if (!$form->error) {
// check password
if ($form->getField("pasword") != "thingy") {
$form->addError("Error in the form");
$form->setError("pasword", "Error in password");
echo $form->create(true);
} else {
echo "Submission succesful";
}
}
} else {
echo $form->create();
}
/**
* Start recovery of a users password
*/
public function startPasswordRecovery()
{
$form = new sfc\Form(SSP_Path(), "noTable", "startPasswordRecovery");
$form->tplf = "passwordrecover.tpl";
$form->tpl = $this->tpl(array("title" => "Password recovery"));
$form->errorAutoFormDisplay = false;
$form->tda("loginPath", $this->cfg->logonScript);
$form->fe("text", "email", "Enter your registered email");
$form->fep("required=true,width=30, dataType=email");
$form->fe("submit", "submit", "Recover Password");
$form->fep("elClass=SSPFormButton");
if ($form->processForm($_POST)) {
if (!$form->error) {
// check for the email
$fields = array("UserId", "UserEmail", "UserName", "UserPassword");
$where["UserEmail"] = SSP_encrypt(trim($form->getField("email")));
$row = $this->db->getf($this->cfg->userTable, $fields, $where, "SSP user admin: getting user info for password recovery");
if ($this->db->numRows()) {
// found the email
$rowMisc = $this->db->get($this->cfg->userMiscTable, array("UserId" => $row->UserId), "Getting user name for password recovery");
if ($this->cfg->passwordRecovery == 0 or $this->cfg->encryptPassword) {
// use user change of password method
// Generate user response token
$token = SSP_ResponseToken($row->UserId, $this->cfg->recoverTime);
// generate email
if ($this->cfg->loginType == 1) {
// Supply user name if used for login
$content["UserName"] = $row["UserName"];
}
$content["link"] = $this->cfg->newPassword;
$content['token'] = $token;
$content["adminEmail"] = $this->cfg->adminEmail;
$email = new Email($this->cfg);
$email->noReplyEmail($content, "emailpasswordrecovery0.tpl", $row->UserEmail, $rowMisc->FirstName . " " . $rowMisc->FamilyName);
} else {
// email all info to the user
// generate email
if ($this->cfg->loginType == 1) {
// Supply user name if used for login
$content["UserName"] = $row["UserName"];
}
$content["UserPassword"] = $row["UserPassword"];
$content["adminEmail"] = $this->cfg->adminEmail;
$email = new Email($this->cfg);
$email->noReplyEmail($content, "emailpasswordrecovery1.tpl", $row->UserEmail, $rowMisc->FirstName . " " . $rowMisc->FamilyName);
}
$form->tda("sent");
$result = $form->create();
} else {
// email not found
$form->tda("error");
$result = $form->create();
}
} else {
$result = $form->create(true);
}
} else {
// display form
$result = $form->create();
}
return $result;
}
/**
* creates a template for admin page displays
* @param array $contentMain the pages content
* @param string $tpl alternative template name
* @param bool $createMenu create the main menu
* @param bool $suppressLangSelect - suppress the language selection dropdown
* @return Template main template
*/
function tpl($contentMain, $tpl = "", $createMenu = true, $suppressLangSelect = false)
{
// default to the main template if not other template not supplied
if ($tpl != "") {
$template = $tpl;
} else {
$template = $this->template;
}
// if the content suppied is just a string use it as the page title
if (is_string($contentMain)) {
$temp = $contentMain;
$contentMain = array();
$contentMain["title"] = $temp;
}
// build the page title from the supplied segments
if (count($this->pageTitleSegments)) {
if ($this->session->isTranslate()) {
foreach ($this->pageTitleSegments as $key => $titlePart) {
$this->pageTitleSegments[$key] = $this->session->t($titlePart);
}
}
$contentMain["title"] = $this->session->t($this->cfg->siteName) . $this->pageTitleSeperator . implode($this->pageTitleSeperator, $this->pageTitleSegments);
} else {
$contentMain["title"] = $this->session->t($this->cfg->siteName);
}
// add paths to various useful areas
$contentMain["pathSite"] = $this->cfg->pathSite;
$contentMain["pathAdmin"] = $this->cfg->adminDir;
// create the language selection
if ($this->cfg->translate and !$suppressLangSelect) {
$formTemplate = array('<form action="{formAction}" method="post" id="languageSelectionform">', '{languageDropdown}', '{formHidden}', '</form>');
$form = new sfc\Form(SSP_Path(true), 'notable', 'languageSelect');
$form->translateDisable = true;
$form->checkToken = false;
$form->errorAutoFormDisplay = false;
$form->formSubmitVar = 'languageSelectionformToken';
$form->tplf = new Template("", $formTemplate);
$languages = $this->session->getLanguages();
$dropdownInformation = array();
foreach ($languages as $lang => $languageInfo) {
$dropdownInformation[$lang] = array('text' => $languageInfo['description'], 'dir' => $languageInfo['dir'], 'class' => 'lang_' . $lang, 'style' => 'background-image: url(/sspadmin/images/flag_' . $lang . '.png);');
}
$form->fe('select', 'languageDropdown', '', $dropdownInformation);
$form->fep('deflt = ' . Protect::$tranlator->getLanguage());
$form->setParam('script', 'onChange="this.form.submit()"');
if ($form->processForm($_POST)) {
if (!$form->error) {
$this->session->lang = $form->getField('languageDropdown');
session_write_close();
//echo 'code '. $_SESSION['SSP_currentLanguageCode'];
SSP_Divert(SSP_Path(true));
}
}
$contentMain['languageSelectForm'] = $form->create();
}
if ($createMenu) {
// generate main menu
// highlight a main menu item
if (isset($contentMain["mainSection"])) {
$section = $contentMain["mainSection"];
} else {
$section = "";
}
$url = $_SERVER['REQUEST_URI'];
$menu = new MenuGen();
$menu->add($this->cfg->adminDir . 'useradmin/info/' . $this->session->userId, $this->session->t("User Details"), strpos($url, "useradmin") !== false);
$menu->add($this->cfg->adminDir . 'adminusercreation', $this->session->t("New User"), strpos($url, "adminusercreation") !== false);
$menu->add($this->cfg->userLister, $this->session->t("List Users"), $url === "/sspadmin/" or $url === '/sspadmin/filterChange' or $url === '/sspadmin/filterNormal' or $url === '/sspadmin/filterAdminPending');
$menu->add($this->cfg->siteRoot, $this->session->t("Home"));
$menu->add($this->cfg->logoffScript, $this->session->t("Log off"));
$contentMain["mainMenu"] = $menu->cMenu();
} else {
$contentMain["mainMenu"] = "";
}
if (!isset($contentMain["menu"])) {
$contentMain["menu"] = "";
}
if ($this->cfg->enableSetup === true) {
$contentMain['showDisableSetupText'] = true;
}
$tpl = new Template($contentMain, $template, false);
return $tpl;
}
/**
* Edit Miscellaneous data
* @param bool $creating - creating a new user
* @param bool $reDisplay - re-display after update
* @return string/bool - edit screen or true on save and not re-display
*/
public function userMisc($creating = false, $reDisplay = false)
{
// Form elements
$form = new sfc\Form(SSP_Path(), $this->cfg->userMiscTable, "userMisc");
$form->errorAutoFormDisplay = false;
$mainContent = array();
if ($creating) {
$mainContent["title"] = "Miscellaneous information";
} else {
$mainContent["title"] = "Edit info";
}
$form->tpl = $this->tpl($mainContent, $creating);
if ($this->subTpl != "") {
$form->tplf = $this->subTpl;
} else {
$form->tplf = "changemisc.tpl";
}
$form->fe('text', "Title", "Title (Mr/Mrs/Mz/Dr/Prof.)");
$form->fep("width=10");
$form->fe('text', "FirstName", "First Name");
$form->fep("width=30,required=true");
$form->fe('text', "Initials", "Initials");
$form->fep("width=5");
$form->fe('text', "FamilyName", "Family Name", 30);
$form->fep("width=30,required=true");
$form->fe('textarea', "Address", "Address");
$form->fep("width=30,lines=5");
$form->fe('text', "TownCity", "Town or City");
$form->fep("width=20");
$form->fe('text', "PostCode", "Post Code");
$form->fep("width=10, maxLength=10, maxChar=10");
$form->fe('text', "County", "County");
$form->fep("width=30");
if ($creating) {
$form->fe("submit", "submit", "Next");
} else {
$form->fe("submit", "submit", "Save");
}
$return = '';
if ($form->processForm($_POST)) {
if (!$form->error) {
// update database
$query = $form->querySave(true);
$where = array("UserId" => $this->id);
$this->db->update($this->cfg->userMiscTable, $form->saveFields, $where, "SSP user admin: Saving misc member data");
if ($reDisplay) {
$form->tda("saved");
$return = $form->create(true);
} else {
$return = true;
}
} else {
$return = $form->create(true);
}
} else {
$query = $form->querySelect();
$where = array("UserId" => $this->id);
$dataUpdate = $this->db->get($this->cfg->userMiscTable, $where, "SSP user admin: Getting User Misc data for update");
$form->data = get_object_vars($dataUpdate);
$return = $form->create(true);
}
return $return;
}
/**
* Display the filter form to change the list
* @return string - html to be displayed
*/
public function displayFilterForm()
{
// display form to update filter values
$form = new sfc\Form($this->cfg->userLister . '/filterChange', "noTable", "sspFilter");
$form->tda("tpl", $this->tpl(array("title" => "Modify search criteria")));
$form->tda("tplf", "userListerSearchForm.tpl");
$form->templateRoutine = "\\w34u\\ssp\\UserLister::formFilterCreate";
$form->tda("fields", $this->filter->filterFields);
$form->fe("radio", "filterOr", "Select using", array(0 => "All", 1 => "Any"));
$form->fep("dataType=int, deflt=" . $this->filter->filterOr);
foreach ($this->filter->filterFields as $key => $value) {
$form->fe("select", "filterField" . $key, "Search", $this->cfg->fieldsFilterList);
$form->fep("deflt={$value}");
$form->fe("text", "filterValue" . $key, "for");
$form->fep("dataType=gen, deflt=" . $this->filter->filterValues[$key]);
}
$form->fe("submit", "addField", "Add Search field");
$form->fe("select", "limit", "Results per page", $this->cfg->limits);
$form->fep("dataType=int, deflt=" . $this->filter->limit);
$accessList = array_merge(array("all" => "All Types"), $this->cfg->userAccessTypeDropdown);
$form->fe("select", "userAccess", "Member Access", $accessList);
$form->fep("dataType=password, deflt=" . $this->filter->userAccess);
$form->fe("check", "filterOnFlags", "Filter using flags", array(0, 1));
$form->fep("dataType=bin, deflt=" . $this->filter->filterOnFlags);
$flagFilterOptions = array(0 => " false", 1 => " true", 2 => " ignore");
$form->fe("radio", "userDisabled", "Users who have been disabled", $flagFilterOptions);
$form->fep("dataType=int, deflt=" . $this->filter->userDisabled);
$form->fe("radio", "userPending", "User who are waiting for external OK", $flagFilterOptions);
$form->fep("dataType=int, deflt=" . $this->filter->userPending);
$form->fe("radio", "userAdminPending", "User Admin Pending", $flagFilterOptions);
$form->fep("dataType=int, deflt=" . $this->filter->userAdminPending);
$form->fe("radio", "creationFinished", "User Properly created", $flagFilterOptions);
$form->fep("dataType=int, deflt=" . $this->filter->creationFinished);
$form->fe("radio", "userWaiting", "Waiting for user to respond to email", $flagFilterOptions);
$form->fep("dataType=int, deflt=" . $this->filter->userWaiting);
$form->fe("submit", "submit", "Search Now");
$form->fe("submit", "newSearch", "Reset Search Criteria");
if ($form->processForm($_POST)) {
if (!$form->error) {
$this->filter->filterOr = $form->getField("filterOr");
foreach ($this->filter->filterFields as $key => $value) {
$this->filter->filterFields[$key] = $form->getField("filterField" . $key);
}
$this->filter->limit = $form->getField("limit");
if (array_key_exists("addField", $form->data)) {
// add a new search field
$this->filter->addField();
SSP_Divert($this->cfg->userLister);
} elseif (array_key_exists("newSearch", $form->data)) {
// clears the form and search parameters
$this->filter->newSearch();
SSP_Divert($this->cfg->userLister);
} else {
// show list with new search
$this->filter->update($form->data, true);
SSP_Divert($this->cfg->userLister);
}
} else {
return $form->create(true);
}
} else {
return $form->create();
}
}
