/
action.php
98 lines (88 loc) · 1.95 KB
/
action.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
$msg = '';
//Check for config.php
if (!defined(APP_NAME)){
require_once('inc/bootstrap.php');
}
//A $user class is available to us via index.php
//But just in case it isn't...
if (!$user) {
$user = new user();
}
if(isset($_GET['action'])){
$action = $_GET['action'];
} else {
$msg = returnError("No action specified.");
}
if (!$user->isLoggedIn()){
switch($action) {
default:
$msg = returnError("Action not found: $action");
break;
case 'register':
$msg = $user->register($_POST['username'],
$_POST['email'],
$_POST['password'],
$_POST['password2']);
break;
case 'login':
$msg = $user->login($_POST['username'],$_POST['password']);
break;
}
} else {
if ('register' == $action){
die("You are already registered");
}
switch ($action) {
default:
$msg = returnError("Action not found: $action");
break;
case 'logout':
$msg = $user->logout();
break;
case 'viewUserList':
if($user->isAdmin()){
$include = 'admin/userList';
} else {
$msg = returnError("Access denied");
}
break;
case 'activateUser':
if($user->isAdmin()){
$msg = $user->activateUser($_GET['user']);
$include = 'admin/userList';
} else {
$msg = returnError("Access denied");
}
$changeURL = TRUE;
break;
case 'deactivateUser':
if($user->isAdmin()){
$msg = $user->deactivateUser($_GET['user']);
$include = 'admin/userList';
} else {
$msg = returnError("Access denied");
}
$changeURL = TRUE;
break;
case 'viewLogs':
if($user->isAdmin()){
$include = 'admin/viewLogs';
} else {
$msg = returnError("Access denied");
}
break;
case 'viewUser':
$include = 'viewUser';
break;
}
}
$msg = str_replace('}{','},{',"[$msg]");
if (RETURN_JSON) {
echo $msg;
} else {
$alert = '';
foreach (json_decode($msg, TRUE) as $message){
$alert.= alert($message);
}
}