echo ' 已选 '; } #echo(" onchange=\"location.href='edituser/user_id=' + this.options[this.selectedIndex].value + '/';\" "); echo ">" . escape_html($user_entry['username']) . "</option>"; } echo '</select> </li> </ul>'; if ($vars['user_id']) { // Load the user's information $user_data = dbFetchRow("SELECT * FROM users WHERE user_id = ?", array($vars['user_id'])); // Become the selected user. Dirty. // FIXME this functionality is currently BROKEN. Commented out the link until we handle this better. // echo("<li><a href='edituser/action=becomeuser/user_id=".$vars['user_id']."/'>成为用户</a></li>"); // Delete the selected user. if (auth_usermanagement() && $vars['user_id'] !== $_SESSION['user_id']) { echo '<ul class="nav pull-right">'; echo '<li><a href="' . generate_url(array('page' => 'edituser', 'action' => 'deleteuser', 'user_id' => $vars['user_id'])) . '"><i class="oicon-cross-button"></i> 删除用户</a></li>'; echo '</ul>'; } } ?> </div> </div> </div> </form> <?php if ($vars['user_id']) { if ($vars['action'] == "deleteuser") {
</form> </div> <div class="col-md-3"> </div> </div> <?php } elseif ($stage == "4") { $proceed = 1; ?> <div class="row"> <div class="col-md-3"> </div> <div class="col-md-6"> <?php require 'includes/authenticate.inc.php'; if (auth_usermanagement()) { if (!user_exists($add_user)) { if (adduser($add_user, $add_pass, '10', $add_email)) { echo "<div class='alert alert-success'>User has been added successfully</div>"; $proceed = 0; } else { echo "<div class='alert alert-danger'>User hasn't been added, please try again</div>"; } } else { echo "<div class='alert alert-danger'>User {$add_user} already exists!</div>"; } } else { echo "<div class='alert alert-danger'>Auth module isn't loaded</div>"; } ?> <form class="form-horizontal" role="form" method="post">
// Check for allowed by CIDR range if (!$auth_allow_cidr) { $_SESSION['auth_message'] = 'Remote IP not allowed in CIDR ranges'; session_logout(FALSE, 'Remote IP not allowed in CIDR ranges'); header('Location: ' . $config['base_url']); exit; } // Auth from COOKIEs if ($_SESSION['cookie_auth']) { $_SESSION['authenticated'] = TRUE; $auth_success = TRUE; dbUpdate(array('expire' => $cookie_expire), 'users_ckeys', '`user_ckey_id` = ?', array($_SESSION['user_ckey_id'])); unset($_SESSION['user_ckey_id'], $_SESSION['cookie_auth']); } // Auth from ... if (!$_SESSION['authenticated'] && (authenticate($_SESSION['username'], $auth_password) || auth_usermanagement() && auth_user_level($_SESSION['origusername']) >= 10)) { // If we get here, it means the password for the user was correct (authenticate() called) // Store encrypted password session_encrypt_password($auth_password, $user_unique_id); // If userlevel == 0 - user disabled and can not log in if (auth_user_level($_SESSION['username']) < 1) { $_SESSION['auth_message'] = 'User login disabled'; session_logout(FALSE, 'User disabled'); header('Location: ' . $config['base_url']); exit; } $_SESSION['authenticated'] = TRUE; $auth_success = TRUE; dbInsert(array('user' => $_SESSION['username'], 'address' => $_SERVER['REMOTE_ADDR'], 'user_agent' => $_SERVER['HTTP_USER_AGENT'], 'result' => 'Logged In'), 'authlog'); // Generate keys for cookie auth if (isset($_POST['remember']) && $mcrypt_exists) {