<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
case 'add':
addUser();
break;
case 'modify':
modifyUser();
break;
case 'delete':
deleteUser();
break;
default:
// if action is not defined or unknown
// move to main user page
header('Location: index.php');
}
function addUser()
{
$userName = $_POST['txtUserName'];
$password = $_POST['txtPassword'];
/*
// the password must be at least 6 characters long and is
// a mix of alphabet & numbers
if(strlen($password) < 6 || !preg_match('/[a-z]/i', $password) ||
!preg_match('/[0-9]/', $password)) {
//bad password
}
}
}
}
CloseTable();
include "footer.php";
break;
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
case "modifyUser":
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
//modifyUser($chng_uid);
modifyUser($chng_uid, $viewmode, $sortorder, $start);
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
break;
case "updateUser":
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
//updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason);
updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason, $viewmode, $sortorder, $start);
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
break;
case "delUser":
include "header.php";
GraphicAdmin();
OpenTable();
$op = 'mod_users';
include_once XOOPS_ROOT_PATH . "/modules/system/admin/users/users.php";
if (isset($HTTP_POST_VARS)) {
foreach ($HTTP_POST_VARS as $k => $v) {
${$k} = $v;
}
}
if (isset($HTTP_GET_VARS['op'])) {
$op = trim($HTTP_GET_VARS['op']);
if (isset($HTTP_GET_VARS['uid'])) {
$uid = intval($HTTP_GET_VARS['uid']);
}
}
switch ($op) {
case "modifyUser":
modifyUser($uid);
break;
case "updateUser":
// RMV-NOTIFY
updateUser($uid, $uname, $name, $url, $email, $user_icq, $user_aim, $user_yim, $user_msnm, $user_from, $user_occ, $user_intrest, $user_viewemail, $user_avatar, $user_sig, $attachsig, $theme, $pass, $pass2, $rank, $bio, $uorder, $umode, $notify_method, $notify_mode, $timezone_offset, $user_mailok);
break;
case "delUser":
xoops_cp_header();
$member_handler =& xoops_gethandler('member');
$userdata =& $member_handler->getUser($uid);
xoops_confirm(array('fct' => 'users', 'op' => 'delUserConf', 'del_uid' => $userdata->getVar('uid')), 'admin.php', sprintf(_AM_AYSYWTDU, $userdata->getVar('uname')));
xoops_cp_footer();
break;
case "delete_many":
xoops_cp_header();
$count = count($memberslist_id);
sql_query("UPDATE " . $NPDS_Prefix . "users_extend SET C1='{$C1}', C2='{$C2}', C3='{$C3}', C4='{$C4}', C5='{$C5}', C6='{$C6}', C7='{$C7}', C8='{$C8}', M1='{$M1}', M2='{$M2}', T1='{$T1}', T2='{$T2}', B1='{$B1}' WHERE uid='{$chng_uid}'");
global $aid;
Ecr_Log("security", "UpdateUser({$chng_uid}, {$chng_uname}) by AID : {$aid}", "");
global $referer;
if ($referer != "memberslist.php") {
Header("Location: admin.php?op=mod_users");
} else {
Header("Location: memberslist.php");
}
}
switch ($op) {
case 'extractUserCSV':
extractUserCSV();
break;
case "modifyUser":
modifyUser($chng_uid);
break;
case 'updateUser':
if ($add_group) {
$add_group = implode(',', $add_group);
}
updateUser($chng_uid, $add_uname, $add_name, $add_url, $add_email, $add_femail, $add_user_from, $add_user_occ, $add_user_intrest, $add_user_viewemail, $add_avatar, $add_user_sig, $add_bio, $add_pass, $add_pass2, $add_level, $add_open_user, $add_group, $add_send_email, $add_is_visible, $add_mns, $C1, $C2, $C3, $C4, $C5, $C6, $C7, $C8, $M1, $M2, $T1, $T2, $B1, $raz_avatar, $chng_rank, $user_lnl);
break;
case 'delUser':
global $hlpfile;
include "header.php";
GraphicAdmin($hlpfile);
opentable();
echo "<p align=\"center\"><b>" . adm_translate("Supprimer un utilisateur") . "</b> : ";
echo "<span class=\"rouge\">" . adm_translate("Etes-vous sûr de vouloir effacer") . " " . adm_translate("Utilisateur") . " {$chng_uid} ? </span><br /><br />";
echo "[ <a href=\"admin.php?op=delUserConf&del_uid={$chng_uid}&referer=" . basename($referer) . "\" class=\"rouge\">" . adm_translate("Oui") . "</a> | ";
CreateUser($nom, $prenom, $date, $pseudo, $mdp, $email, $description, $classe);
header("Location: users.php");
}
if (isset($_REQUEST['modifLink'])) {
header("Location: index.php?=" . $_GET['id']);
}
if (isset($_REQUEST['modifButton'])) {
$id = filter_input(INPUT_POST, 'id');
$nom = filter_input(INPUT_POST, 'nom');
$prenom = filter_input(INPUT_POST, 'prenom');
$date = filter_input(INPUT_POST, 'date');
$pseudo = filter_input(INPUT_POST, 'pseudo');
$mdp = filter_input(INPUT_POST, 'mdp');
$email = filter_input(INPUT_POST, 'email');
$description = filter_input(INPUT_POST, 'description');
modifyUser($id, $nom, $prenom, $date, $pseudo, $mdp, $email, $description);
header("Location: users.php");
}
if (isset($_REQUEST['envoyersport'])) {
$flag = FALSE;
while ($flag == FALSE) {
if ($_REQUEST['sport1'] == $_REQUEST['sport2']) {
$flag = TRUE;
break;
}
if ($_REQUEST['sport1'] == $_REQUEST['sport3']) {
$flag = TRUE;
break;
}
if ($_REQUEST['sport1'] == $_REQUEST['sport4']) {
$flag = TRUE;
if ($mode == 'resetPassword') {
$user = $_POST['user'];
$pass = $_POST['password'];
$reppass = $_POST['password'];
resetPassword($user, $pass, $reppass);
} else {
if ($mode == 'save') {
$update = $_POST['update'];
$remove = $_POST['remove'];
if ($update) {
$updates = json_decode($update);
foreach ($updates as $tmpUser) {
$userId = $tmpUser->user_id;
$description = trim($tmpUser->name);
$local = $tmpUser->local;
$active = $tmpUser->active;
modifyUser($userId, $description, $local, $active);
}
}
if ($remove) {
$userIds = split(',', $remove);
foreach ($userIds as $userId) {
removeUser($userId);
}
}
print json_encode(array('success' => TRUE));
}
}
}
}
}
$username = $_GET['user'];
// no access to default user
if ($username == 'admin') {
redirectTo("index.php");
}
if (isset($_POST['submit'])) {
// form was submitted
$username = $_POST['user'];
$currentpassword = sha1($_POST['inputCurrentPassword']);
$user = findUser($_SESSION['loggedInUser']);
$passwordsMatch = $currentpassword == $user['password'] ? true : false;
if (!$passwordsMatch) {
$msg = "Your current password was entered incorrectly. " . $username . "'s password was not changed.";
} else {
$newpassword = sha1($_POST['inputPassword']);
modifyUser($username, $newpassword);
redirectTo("accounts_manage.php");
}
}
ob_flush();
include_once "templates/page_head.php";
?>
<div class="container">
<?php
include_once "templates/navigation.php";
?>
<content>
<form class="account-form form-signin" action="account_change_password.php" method="post">
<h2 class="form-signin-heading"> Change <?php
echo $username;
function user_admin_main($var)
{
switch ($var['op']) {
case "modifyUser":
modifyUser($var['chng_uid']);
break;
case "updateUser":
updateUser($var);
break;
case "delUser":
deleteUser($var['chng_uid']);
break;
case "delUserConf":
deleteUserConfirm($var['del_uid']);
break;
case "addUser":
addUser($var);
break;
case "getConfig":
user_admin_getConfig();
break;
case "setConfig":
user_admin_setConfig($var);
break;
case "getRegConfig":
user_admin_getRegConfig();
break;
case "setRegConfig":
user_admin_setRegConfig($var);
break;
case "getDynamic":
user_dynamic_data();
break;
case "add_property":
add_property();
break;
case "delete_property":
delete_property($var);
break;
case "delPropConf":
delete_property_confirm($var);
break;
case "deactivate_property":
deactivate_property($var);
break;
case "activate_property":
activate_property($var);
break;
case "increase_weight":
increase_weight($var);
break;
case "decrease_weight":
decrease_weight($var);
break;
default:
displayUsers();
break;
}
}
$html = "";
if ($tabUser != null) {
$html .= '<table style="border-collapse: collapse;border:1px solid black;">';
$html .= "<th>Nom</th><th>Prenom</th><th>Pseudo</th><th>Description</th><th>Email</th><th>Date de naissance</th>";
$html .= "<tr><td>" . $tabUser['nom'] . "</td>";
$html .= "<td>" . $tabUser['prenom'] . "</td>";
$html .= "<td>" . $tabUser['pseudo'] . "</td>";
$html .= "<td>" . $tabUser['description'] . "</td>";
$html .= "<td>" . $tabUser['email'] . "</td>";
$html .= "<td>" . $tabUser['dateNaissance'] . "</td></tr></table>";
}
return $html;
}
}
if (isset($_REQUEST['idUser']) && is_numeric($_REQUEST['idUser']) && testArg(['', '', '', '', '', '', ''])) {
if (modifyUser($_REQUEST['nom'], $_REQUEST['prenom'], $_REQUEST['pseudo'], $_REQUEST['pass'], $_REQUEST['description'], $_REQUEST['email'], $_REQUEST['date'], $_REQUEST['idUser'])) {
header('Location: AffichageNom.php');
exit;
} else {
echo "<p>Une erreur s'est produite</p>";
}
}
if (isset($_REQUEST['boutonEnvoyer']) && testArg(['', '', '', '', '', '', '', ''])) {
try {
insertUser($_REQUEST['nom'], $_REQUEST['prenom'], $_REQUEST['pseudo'], $_REQUEST['pass'], $_REQUEST['description'], $_REQUEST['email'], $_REQUEST['date'], $_REQUEST['classe']);
header('Location: AffichageNom.php');
exit;
} catch (Exception $e) {
echo $e->getMessage();
} catch (PDOException $e) {
echo $e->getMessage();
function processPut($data)
{
$vars = $data->getRequestVars();
$position = null;
$user = getUserSearch($vars["uuid"], $position);
if ($user != null) {
// solo realizamos acción si el usuario existe
$modif = array("lastaccess" => time(), "views" => array("mobile" => $vars["mobile"], "web" => $vars["web"]));
return modifyUser($position, $modif, array("lastaccess", "views"));
}
/*$exploded = explode ("/", $_SERVER['REQUEST_URI']);
return modifyUser($exploded[3], $data->getData()->username, $data->getData()->password);*/
}
