} elseif (empty($_GET['edit']) || !$modulrights['edit']) {
$grid[1]->box($rc->get_create(), 'User erstellen');
} else {
$form = $rc->get_edit($_GET['edit']);
$edituser = db()->id_get('user_data', $_GET['edit']);
$tabs = new tabs();
$uri = MODUL_SELF . '&edit=' . $edituser['id'];
if ($modulrights['password']) {
$i++;
if (!empty($_POST['pass_new']) && $_POST['pass_new'] == $_POST['pass_rep']) {
$pass = session_iv::crypt($_POST['pass_new'], $salt = uniqid());
db()->id_update('user_data', array('pass_type' => 0, 'pass_hash' => $pass, 'pass_salt' => $salt), $_GET['edit']);
$msg = alert('Passwort geändert.', 'success');
}
$passform = new form_renderer($uri . '#tabs-' . $i . '-hash');
$passform->password('pass_new', 'Neues Passwort');
$passform->password('pass_rep', 'Passwort Wiederholung');
$tabs->add('Password', $msg . $passform);
}
if ($modulrights['rights']) {
$i++;
if (isset($_POST['type'])) {
$type = 4 * $_POST['type']['sysadmin'] + 2 * $_POST['type']['backend'] + $_POST['type']['frontend'];
db()->id_update('user_data', array('type' => $type), $_GET['edit']);
throw new redirect($uri . '#tabs-' . $i . '-hash');
}
$typeform = new form_renderer($uri . '#tabs-' . $i . '-hash');
$typeform->checkbox('type[frontend]', 'Frontend', $edituser['type'] & 1);
$typeform->checkbox('type[backend]', 'Backend', $edituser['type'] & 2);
$typeform->checkbox('type[sysadmin]', 'Sysadmin', $edituser['type'] & 4);
$tabs->add('Type', $typeform);
<?php
if (isset($_POST['login_name'])) {
if ($session->login($_POST['login_name'], $_POST['login_pass'], $_POST['relogin'], 1)) {
throw new redirect($_POST['ref'] && !strpos($_POST['ref'], 'logout') ? $_POST['ref'] : 'index.php');
} else {
echo '<div class="error">Userdaten ungültig</div>';
}
}
$form = new form_renderer(PAGE_SELF, 'Login');
$form->text('login_name', 'Username');
$form->password('login_pass', 'Passwort');
$form->checkbox('relogin', 'Eingeloggt bleiben');
$form->hidden('ref', $_SERVER['HTTP_REFERER']);
echo $form;
/**
* This method is evil and should only avoid copy & paste
*/
public function changePassword($action)
{
$result = array();
if (!empty($_POST['change_pass'])) {
if ($_POST['change_pass'] != $_POST['change_repeat']) {
$result['error'] = 'Passwort und Wiederholung stimmen nicht überein.';
} else {
$pass = self::crypt($_POST['change_pass'], $salt = uniqid());
db()->user_data->updateRow(array('pass_format' => 0, 'pass_hash' => $pass, 'pass_salt' => $salt), current_user());
$result['success'] = 'Passwort erfolgreich geändert.';
}
}
$result['form'] = $form = new form_renderer($action);
$form->password('change_pass', 'Neues Passwort');
$form->password('change_repeat', 'Wiederholung');
return $result;
}
printf($error, 'Passwort und Wiederholung stimmen nicht überein');
} elseif ($usecap && !recaptcha_check_answer($recaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"])->is_valid) {
printf($error, 'Captcha ist inkorrekt');
} elseif ($db->query("SELECT 1 FROM `user_blocked`\n\t\t\tWHERE '%s' LIKE CONCAT('%%', `pattern`,'%%')\n\t\t\tAND `type` = 'name'", $_POST['register_name'])->num_rows()) {
printf($error, 'Der Username ist unzulässig');
} elseif ($db->query("SELECT 1 FROM `user_blocked`\n\t\t\tWHERE '%s' LIKE CONCAT('%%', `pattern`,'%%')\n\t\t\tAND `type` = 'email'", $_POST['register_mail'])->num_rows()) {
printf($error, 'Die E-Mail ist unzulässig');
} elseif ($db->id_get('user_data', $_POST['register_mail'], 'email')) {
printf($error, 'Die angegebene E-Mail ist bereits vergeben');
} elseif ($db->id_get('user_data', $_POST['register_name'], 'name')) {
printf($error, 'Der angegebene Name ist bereits vergeben');
} else {
$db->insert('user_data', array('name' => $_POST['register_name'], 'email' => $_POST['register_mail'], 'pass_salt' => $salt = uniqid(), 'pass_hash' => session_iv::crypt($_POST['register_pass'], $salt), 'type' => 1));
// @TODO: Registration Mail
throw new redirect(PAGE_SELF . 'completed');
}
}
if (isset($_GET['completed'])) {
echo '<p>Registration erfolgreich und so...</p>';
} else {
$captcha = '<div class="control-group"><label class="control-label" for="form_field_3">Captcha</label>' . '<div class="controls">' . recaptcha_get_html($recaptcha_publickey) . '</div></div>';
$form = new form_renderer(PAGE_SELF);
$form->text('register_name', 'Username', $_POST['register_name']);
$form->password('register_pass', 'Passwort');
$form->password('register_repetition', 'Wiederholung');
$form->text('register_mail', 'E-Mail', $_POST['register_mail']);
if ($usecap) {
$form->append($captcha);
}
echo $form;
}
protected function create_form($type, $action, $edit, $back = NULL)
{
$form = new form_renderer($action, 'Speichern');
if ($back) {
$form->linkbutton('Zurück', $back);
}
foreach ($this->columns as $c) {
if ($c[$type]) {
switch ($c['type']) {
case 'password':
$form->password($c['name'], $c['caption'], $edit[$c['name']]);
break;
case 'radio':
$form->radio($c['name'], $c['caption'], $c['values'], $edit[$c['name']]);
break;
case 'hidden':
$form->hidden($c['name'], $edit[$c['name']]);
break;
case 'textarea':
$form->textarea($c['name'], $c['caption'], $edit[$c['name']]);
break;
case 'select':
$form->select($c['name'], $c['caption'], $c['values'], $edit[$c['name']]);
break;
case 'checkbox':
$form->checkbox($c['name'], $c['caption'], $edit[$c['name']]);
break;
case 'date':
$form->field(new form_field_date($c['name'], $c['caption'], $edit[$c['name']]));
break;
default:
$form->text($c['name'], $c['caption'], $edit[$c['name']]);
}
}
}
return $form;
}
