function listUser() { global $DB; global $MySelf; global $IGB; global $TIMEMARK; global $IGB_VISUAL; // Are we allowed to peek into peoples files? if (!$MySelf->canSeeUsers()) { makeNotice("You are not allowed to do this!", "error", "forbidden"); } // Is the supplied ID truly numeric? if (!is_numeric($_GET[id])) { makeNotice("Why would you do such a thing? Are you evil at heart? Lets assume its a \"mistake\" for now..", "warning", "*cough*", "index.php?action=editusers", "I'm sorry..."); } else { $id = (int) $_GET[id]; } // Query the database. $users = $DB->query("select * from users where id='{$id}' AND deleted='0' limit 1"); // Build the tables. while ($row = $users->fetchRow()) { $table = new table(2, true); $table->addHeader(">> Managing user " . ucfirst($row[username])); $username = ucfirst($row[username]); $table->addRow(); $table->addCol("ID:"); $table->addCol(str_pad("{$row['id']}", 5, "0", STR_RIGHT_PAD)); $table->addRow(); $table->addCol("Username:"******"<input type=\"text\" name=\"username\" value=\"" . $uname_temp . "\">"; $confi_temp = "<input type=\"checkbox\" name=\"username_check\" value=\"true\">"; $table->addCol($field_temp . " (changing username tick here also: " . $confi_temp . ")"); } else { $table->addCol(ucfirst($row[username])); } $table->addRow(); $table->addCol("eMail:"); $table->addCol("<input type=\"text\" size=\"40\" name=\"email\" value=\"" . ($row[email] == "" ? 'no email supplied' : $row[email]) . "\">"); $table->addRow(); $table->addCol("Password:"******"<input type=\"password\" size=\"40\" name=\"password\">"); // Ranks System $RanksDS = $DB->query("SELECT * FROM ranks ORDER BY rankOrder ASC"); $rankCount = $RanksDS->numRows(); if ($rankCount >= 1) { // We have at least 1 rank. while ($rank = $RanksDS->fetchRow()) { if ($rank[rankid] == $row[rank]) { // The current rank is selected. $rank_pdm .= "<option SELECTED value=\"{$rank['rankid']}\">{$rank['name']}</option>"; } else { // The others of course, are not. $rank_pdm .= "<option value=\"{$rank['rankid']}\">{$rank['name']}</option>"; } } $rankColumn = "<select name=\"rank\">" . $rank_pdm . "</select>"; } else { // No rank has been set yet. $rankColumn = "There are no ranks. Go create some!"; } $table->addRow(); $table->addCol("Rank:"); $table->addCol($rankColumn); $table->addRow(); $table->addCol("Last login:"******"{$row['lastlogin']}" < 10) { $table->addCol("never"); } else { $table->addCol(date("d.m.y H:i:s", $row[lastlogin])); } $table->addRow(); $table->addCol("Credits:"); $table->addCol(number_format(getCredits($row[id]), 2) . " ISK"); // Is the account confirmed? if ("{$row['confirmed']}" == "0") { $table->addRow(); $table->addCol("Account confirmed:"); $table->addCol("This account has <b>not</b> been confirmed yet."); $table->addRow(); $table->addCol("Confirm account:"); $table->addCol("<input type=\"checkbox\" name=\"confirm\" value=\"true\"> Tick box to confirm account. <br><br>This is a one-way action only. Once an account" . " has been confirmed you can not unconfirm it. Tho you can block or delete it." . " Be careful not to confirm an account by accident - you could allow a non-authorized third party to access your MiningBuddy!"); $table->addRow(); $table->addCol("Account confirmed:"); // Give a red light if user has not even verified himself. if ("{$row['emailvalid']}" == "0") { $table->addCol("<b>WARNING!</b><br> The User has not yet verified this email yet! If you choose to enable" . " this account at this time, be very sure that you know the person requesting the account!", array("bgcolor" => "#662222")); } else { $table->addCol("<br><br><b>The user validated the email address.</b><br>"); } } else { $table->addRow(); $table->addCol("This account has been confirmed."); if ("{$row['emailvalid']}" == "0") { $table->addCol("<font color=\"#ff0000\">WARNING!</b></font><br> The User has not verified this email but the account has been confirmed!"); // Add a "confirm email" checkbox. $table->addRow(); $table->addCol("Mark users email as valid:"); $table->addCol("<input type=\"checkbox\" name=\"SetEmailValid\" value=\"true\">"); } else { $table->addCol("The user validated the supplied email address."); } } /* * API Goodness */ $api = new api($row[id], true); $apit = new table(2, true); $apit->addHeader(">> Api information for " . ucfirst($row[username])); $apit->addRow(); $apit->addCol("API Key in database:"); if ($api->getApiID() && $api->getApiKey()) { $apit->addCol(yesno(1, true)); $apit->addRow(); $apit->addCol("API valid:"); $apit->addCol(yesno($api->valid(), true)); if ($api->valid()) { $apit->addRow(); $apit->addCol("Character ID:"); $apit->addCol($api->getCharacterID()); $apit->addRow(); $apit->addCol("Validated on:"); $apit->addCol(date("d.m.Y H:i:s", $api->validatedOn())); } $apit->addRow(); $apit->addCol("Remove API key from database:"); $apit->addCol("[<a href=\"index.php?action=delapi&id={$id}\">delete api key</a>]"); } else { $apit->addCol(yesno(0)); } // Permissions matrix $perms = array("canLogin" => "log in", "canJoinRun" => "join mining Ops", "canCreateRun" => "create new mining Ops", "canCloseRun" => "close mining Ops", "canDeleteRun" => "delete mining Ops", "canAddHaul" => "haul from/to mining Ops", "canSeeEvents" => "view scheduled events", "canDeleteEvents" => "can delete events", "canEditEvents" => "add and delete scheduled events", "canChangePwd" => "change his own password", "canChangeEmail" => "change his own email", "canChangeOre" => "manage ore prices and enable/disable them.", "canAddUser" => "add new accounts", "canSeeUsers" => "see other accounts", "canDeleteUser" => "delete other accounts.", "canEditRank" => "edit other peoples ranks.", "canManageUser" => "grant and take permissions.", "isOfficial" => "create official mining runs (with payout).", "isAdmin" => "edit site settings.", "isLottoOfficial" => "administrate the lottery", "canPlayLotto" => "play Lotto!", "isAccountant" => "edit other users credits.", "optIn" => "User has opt-in to eMails."); // Create a seperate permissions table. $perm_table = new table(2, true); $perm_table->addHeader(">> " . ucfirst($row[username]) . " has permission to... "); $perm_keys = array_keys($perms); $LoR = 1; foreach ($perm_keys as $key) { if ($LoR) { $perm_table->addRow(); } if ($row[$key]) { $perm_table->addCol("<input type=\"checkbox\" name=\"{$key}\" checked> " . $perms[$key]); } else { $perm_table->addCol("<input type=\"checkbox\" name=\"{$key}\"> " . $perms[$key]); } $LoR = 1 - $LoR; } if (!$LoR) { $perm_table->addCol(); } // Delete User $perm_table->addRow(); $perm_table->addCol("<hr>", array("colspan" => 2)); $perm_table->addRow(); $perm_table->addCol("Delete user:"******"<input type=\"checkbox\" name=\"delete\" value=\"true\"> Tick box to delete the user permanently."); $perm_table->addRow(); $perm_table->addCol("<hr>", array("colspan" => 2)); // Commit changes button. $perm_table->addHeaderCentered("<input type=\"submit\" name=\"send\" value=\"Commit changes\">", array("colspan" => 2, "align" => "center")); } $form .= "<form action=\"index.php\" method=\"POST\">"; $form .= "<input type=\"hidden\" name=\"id\" value=\"" . $_GET[id] . "\">"; $form .= "<input type=\"hidden\" name=\"check\" value=\"true\">"; $form .= "<input type=\"hidden\" name=\"action\" value=\"edituser\">"; // Show all logins. $logins = getLogins($id); // Show failed logins. $failed_logins = showFailedLogins("15", idToUsername($id)); /* * Transactions. */ if ($MySelf->isAccountant()) { $acc = new table(2, true); $acc->addHeader(">> Create transaction to user " . ucfirst(idToUsername($id))); $acc->addRow(); $acc->addCol("Credit to:"); $acc->addCol($username); $acc->addRow(); $acc->addCol("Authorization by:"); $acc->addCol(ucfirst($MySelf->getUsername())); $acc->addRow(); $acc->addCol("Time of Transaction:"); $acc->addCol(date("r", $TIMEMARK)); $acc->addRow(); $acc->addCol("Withdrawal or deposit:"); $pdm = "<select name=\"wod\">"; $pdm .= "<option value=\"0\">Deposit (give money)</option>"; $pdm .= "<option SELECTED value=\"1\">Withdrawal (take money)</option>"; $pdm .= "</select>"; $acc->addCol($pdm); $acc->addRow(); $acc->addCol("Amount:"); $acc->addCol("<input size=\"8\" type=\"text\" name=\"amount\"> ISK"); $acc->addRow(); $acc->addCol("Reason:"); $pdm = "<select name=\"reason1\">"; $pdm .= "<option>requested payout</option>"; $pdm .= "<option SELECTED>normal payout</option>"; $pdm .= "<option>payout of loan</option>"; $pdm .= "<option>manual deposit</option>"; $pdm .= "<option>cash recived</option>"; $pdm .= "</select>"; $acc->addCol($pdm . " -or- <input type=\"text\" name=\"reason2\">"); $acc->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Authorize transaction\">"); $transBox = "<form action=\"index.php\" method=\"POST\">"; $transBox .= $acc->flush(); $transBox .= "<input type=\"hidden\" name=\"id\" value=\"" . $_GET[id] . "\">"; $transBox .= "<input type=\"hidden\" name=\"check\" value=\"true\">"; $transBox .= "<input type=\"hidden\" name=\"action\" value=\"transaction\">"; $transBox .= "</form>"; } $page = "<h2>Managing user details</h2>" . $form . $table->flush() . "<br>" . $apit->flush() . "<br>" . $perm_table->flush() . "</form>" . $transBox; $transactions = getTransactions($id); if ($transactions) { $page .= $transactions; } // Add login table if we have more than 0 logins. if ($logins) { if ($transactions) { $page .= "<br>"; } $page .= $logins; } $page .= $failed_logins; // Return the page. return $page; }
function makePreferences() { // I kid you not. All needed. global $PREFS; global $VERSION; global $SITENAME; global $TIMEMARK; global $DB; global $MySelf; /* * Cantimer Settings */ $cantimer_table = new table(2, true); $cantimer_table->addHeader(">> Preferences for Cantimer"); // Can see my own cans. $cantimer_table->addRow(); if ($PREFS->getPref("CanMyCans")) { $cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanMyCans\" value=\"true\">"); } else { $cantimer_table->addCol("<input type=\"checkbox\" name=\"CanMyCans\" value=\"true\">"); } $cantimer_table->addCol("Tick box to see your own cans."); // Can see the add cans form. $cantimer_table->addRow(); if ($PREFS->getPref("CanAddCans")) { $cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanAddCans\" value=\"true\">"); } else { $cantimer_table->addCol("<input type=\"checkbox\" name=\"CanAddCans\" value=\"true\">"); } $cantimer_table->addCol("Tick the add can form."); // Can See cans beloning to same run. $cantimer_table->addRow(); if ($PREFS->getPref("CanRunCans")) { $cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanRunCans\" value=\"true\">"); } else { $cantimer_table->addCol("<input type=\"checkbox\" name=\"CanRunCans\" value=\"true\">"); } $cantimer_table->addCol("Tick to see cans beloning to your MiningOp."); // Can see all cans. $cantimer_table->addRow(); if ($PREFS->getPref("CanAllCans")) { $cantimer_table->addCol("<input type=\"checkbox\" CHECKED name=\"CanAllCans\" value=\"true\">"); } else { $cantimer_table->addCol("<input type=\"checkbox\" name=\"CanAllCans\" value=\"true\">"); } $cantimer_table->addCol("Tick if you want to see all cans."); $cantimer_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update Can Timer settings\">"); /* * Opt In/Out of emails Setting */ $opt_table = new table(2, true); $opt_table->addHeader(">> Your eMail settings"); $opt_table->addRow(); if ($MySelf->optInState()) { $opt_table->addCol("<input type=\"checkbox\" CHECKED name=\"optIn\" value=\"true\">"); } else { $opt_table->addCol("<input type=\"checkbox\" name=\"optIn\" value=\"true\">"); } $opt_table->addCol("Tick this to recive eMails from MiningBuddy. You will get eMails that will inform you about new events entered into the system, Mining Run reciepts and the occasional CEO email."); $opt_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update your eMail preferences\">"); /* * Show/hide inofficial runs */ $sir_table = new table(2, true); $sir_table->addHeader(">> Show/Hide inofficial runs"); $sir_table->addRow(); if ($PREFS->getPref("sirstate")) { $sir_table->addCol("<input type=\"checkbox\" CHECKED name=\"sir\" value=\"true\">"); } else { $sir_table->addCol("<input type=\"checkbox\" name=\"sir\" value=\"true\">"); } $sir_table->addCol("Tick the box to show non-official mining operations. Your own inofficial mining runs are still shown, however."); $sir_table->addHeaderCentered("<input type=\"submit\" name=\"submit\" value=\"Update your settings\">"); /* * Update eMail address. */ if ($MySelf->canChangeEmail()) { $email_table = new table(2, true); $email_table->addHeader(">> Update your eMail address"); $email_table->addRow("#060622"); $email_table->addCol("Your email is needed to send password hints and event news.", array("colspan" => 2)); // Query the oracle. $email_table->addRow(); $email = $DB->getCol("select email from users where username = '******' AND deleted='0' limit 1"); $email_table->addCol("Current eMail:"); $email_table->addCol("<input type=\"text\" readonly value=\"" . $email[0] . "\">"); $email_table->addRow(); $email_table->addCol("New eMail:"); $email_table->addCol("<input type=\"text\" name=\"email\" maxlength=\"100\">"); $email_table->addHeaderCentered("<input type=\"submit\" name=\"change\" value=\"Update your eMail\">"); } /* * Change password. */ if ($MySelf->canChangePwd()) { $password_table = new table(2, true); $password_table->addHeader(">> Change your password"); $password_table->addRow("#060622"); $password_table->addCol("Its always a good idea to change your password frequently. Your password is " . "stored in an encrypted form; no one will ever be able to read it.", array("colspan" => "2")); $password_table->addRow(); $password_table->addCol("Changing password for:"); $password_table->addCol(ucfirst($MySelf->getUsername())); $password_table->addRow(); $password_table->addCol("Your current password:"******"<input type=\"password\" name=\"password\" maxlength=\"20\">"); $password_table->addRow(); $password_table->addCol("Set a new password:"******"<input type=\"password\" name=\"password1\" maxlength=\"20\">"); $password_table->addRow(); $password_table->addCol("Verify your new password:"******"<input type=\"password\" name=\"password2\" maxlength=\"20\">"); $password_table->addHeaderCentered("<input type=\"submit\" name=\"change\" value=\"Update your password\">"); } // Assemble the html. $page = "<h2>Your Preferences</h2>"; $page .= "<form action=\"index.php\" method=\"POST\">"; $page .= $cantimer_table->flush(); $page .= "<input type=\"hidden\" name=\"action\" value=\"changecanpage\">"; $page .= "<input type=\"hidden\" name=\"check\" value=\"check\"></form>"; $page .= "<form action=\"index.php\" method=\"POST\">"; $page .= $opt_table->flush(); $page .= "<input type=\"hidden\" name=\"check\" value=\"check\">"; $page .= "<input type=\"hidden\" name=\"action\" value=\"optIn\"></form>"; $page .= "<form action=\"index.php\" method=\"POST\">"; $page .= $sir_table->flush(); $page .= "<input type=\"hidden\" name=\"check\" value=\"check\">"; $page .= "<input type=\"hidden\" name=\"action\" value=\"sirchange\"></form>"; if ($MySelf->canChangeEmail()) { $page .= "<form action=\"index.php\" method=\"post\">"; $page .= $email_table->flush(); $page .= "<input type=\"hidden\" name=\"action\" value=\"changeemail\">"; $page .= "<input type=\"hidden\" name=\"check\" value=\"check\">"; $page .= "</form>"; } if ($MySelf->canChangePwd()) { $page .= "<form action=\"index.php\" method=\"post\">"; $page .= $password_table->flush(); $page .= "<input type=\"hidden\" name=\"action\" value=\"changepw\">"; $page .= "<input type=\"hidden\" name=\"check\" value=\"check\">"; $page .= "<input type=\"hidden\" name=\"username\" value=\"%%USERNAME%%\">"; $page .= "</form>"; } // Api Keys // Load possible current keys. $api = new api($MySelf->getID()); $api_key = $api->getApiKey(); $api_id = $api->getApiID(); if (!$api->valid()) { $api->authorizeApi(); } // Do the api table. $api_table = new table(2, true); $api_table->addHeader(">> Api key management"); $api_table->addRow(); $api_table->addCol("Here you can supply your limited-access API-Key. Its used for quick-login for now.", array("colspan" => 2)); if ($api_id && $api->valid()) { $s1 = "<input type =\"hidden\" name=\"apiID\" value=\"{$api_id}\">{$api_id}"; } else { $s1 = "<input type=\"text\" name=\"apiID\" value=\"{$api_id}\">"; $doApiLink = true; } if ($api_key && $api->valid()) { $s2 = "<input type =\"hidden\" name=\"apiKey\" value=\"{$api_key}\">{$api_key}"; } else { $s2 = "<input type=\"text\" size=\"80\" name=\"apiKey\" value=\"{$api_key}\">"; $doApiLink = true; } $api_table->addRow(); $api_table->addCol("API ID:"); $api_table->addCol($s1); $api_table->addRow(); $api_table->addCol("Verification Code:"); $api_table->addCol($s2); // Add the API link to eve online. global $IGB; global $IGB_VISUAL; if ($doApiLink && (!$IGB || $IGB && $IGB_VISUAL)) { $api_table->addRow(); $api_table->addCol("Get your API key here:"); $api_table->addCol("<a href=\"http://support.eveonline.com/api/default.asp\">http://support.eveonline.com/api/default.asp</a>"); } if ($api_key) { $api_table->addRow(); $api_table->addCol("API Key validated:"); if (!$api->valid()) { $hint = " (If your key is not validated, hit update API key button.)"; } $api_table->addCol(yesno($api->valid(), yes) . $hint); if ($api->valid()) { $api_table->addRow(); $api_table->addCol("Validated on:"); $api_table->addCol(date("d.m.Y H:i:s", $api->validatedOn())); $api_table->addRow(); $api_table->addCol("Next verification at:"); $api_table->addCol(date("d.m.Y H:i:s", $api->nextValidation())); $api_table->addRow(); $api_table->addCol("API keys are valid for:"); $days = getConfig("api_keys_valid"); if ($days <= 1) { $days = "1 day."; } else { $days = $days . " days."; } $api_table->addCol($days); $api_table->addRow(); $api_table->addCol("Character ID:"); $api_table->addCol($api->getCharacterID()); } $api_table->addRow(); $api_table->addCol("Remove Key:"); $api_table->addCol("<input type=\"checkbox\" name=\"deleteKey\" value=\"true\"> Tick box to remove the API key from the Database."); } $api_table->addHeaderCentered("<input type=\"submit\" name=\"update_api\" value=\"Update API Key\">"); $api_form .= "<form action=\"index.php\" method=\"POST\">"; $api_form .= $api_table->flush(); $api_form .= "<input type=\"hidden\" name=\"action\" value=\"update_api\">"; $api_form .= "<input type=\"hidden\" name=\"check\" value=\"check\"></form>"; $page .= $api_form; // We are done here. return $page; }