function __construct($user, $display, $pass, $email, $colist, $contact)
{
//Used for display only
$this->displayname = $display;
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
$this->colist_agent = $colist;
$this->contact_person = $contact;
if (usernameExists($this->username)) {
$this->username_taken = true;
} else {
if (displayNameExists($this->displayname)) {
$this->displayname_taken = true;
} else {
if (emailExists($this->clean_email)) {
$this->email_taken = true;
} else {
//No problems have been found.
$this->status = true;
}
}
}
}
function __construct($user, $display, $pass, $email, $country, $state, $city, $address, $zip, $phone)
{
//Used for display only
$this->displayname = $display;
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
$this->user_country = sanitize($country);
$this->user_state = sanitize($state);
$this->user_city = sanitize($city);
$this->user_address = sanitize($address);
$this->user_zip = sanitize($zip);
$this->user_phone = sanitize($phone);
if (usernameExists($this->username)) {
$this->username_taken = true;
} else {
if (displayNameExists($this->displayname)) {
$this->displayname_taken = true;
} else {
if (emailExists($this->clean_email)) {
$this->email_taken = true;
} else {
//No problems have been found.
$this->status = true;
}
}
}
}
function __construct($user, $display, $pass, $email, $pin, $location, $about)
{
//Used for display only
$this->displayname = $display;
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
$this->clean_pin = trim($pin);
$this->location = trim($location);
$this->about = trim($about);
if (usernameExists($this->username)) {
$this->username_taken = true;
} else {
if (displayNameExists($this->displayname)) {
$this->displayname_taken = true;
} else {
if (emailExists($this->clean_email)) {
$this->email_taken = true;
} else {
//No problems have been found.
$this->status = true;
}
}
}
}
//Forms posted
if (!empty($_POST)) {
//Delete selected account
if (!empty($_POST['delete'])) {
$deletions = $_POST['delete'];
if ($deletion_count = deleteUsers($deletions)) {
$successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
} else {
//Update display name
if ($userdetails['display_name'] != $_POST['display']) {
$displayname = trim($_POST['display']);
//Validate display name
if (displayNameExists($displayname)) {
$errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
} elseif (minMaxRange(5, 25, $displayname)) {
$errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
} elseif (!ctype_alnum($displayname)) {
$errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
} else {
if (updateDisplayName($userId, $displayname)) {
$successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
} else {
$errors[] = lang("SQL_ERROR");
}
}
} else {
$displayname = $userdetails['display_name'];
}
/**
* Update user's display_name based on $user_id and new $display_name.
* @param int $user_id the id of the user to update.
* @param string $display_name the validated $_POST['display_name']
* @return boolean true on success false on failure
*/
function updateUserDisplayName($user_id, $display_name)
{
// This block automatically checks this action against the permissions database before running.
if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
addAlert("danger", "Sorry, you do not have permission to access this resource.");
return false;
}
//Validate display name
if (displayNameExists($display_name)) {
addAlert("danger", lang("ACCOUNT_DISPLAYNAME_IN_USE", array($display_name)));
return false;
} elseif (minMaxRange(1, 50, $display_name)) {
addAlert("danger", lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(1, 50)));
return false;
}
if (updateUserField($user_id, 'display_name', $display_name)) {
addAlert("success", lang("ACCOUNT_DISPLAYNAME_UPDATED", array($display_name)));
return true;
} else {
return false;
}
}
public function index()
{
/*
UserCake (Via CupCake) Version: 2.0.2
http://usercake.com
*/
global $baseURL;
require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
if (!securePage($_SERVER['PHP_SELF'])) {
die;
}
$userId = $_GET['id'];
//Check if selected user exists
if (!userIdExists($userId)) {
header("Location: " . str_replace('index.php/', '', site_url('admin_users')));
die;
}
$userdetails = fetchUserDetails(NULL, NULL, $userId);
//Fetch user details
//Forms posted
if (!empty($_POST)) {
//Delete selected account
if (!empty($_POST['delete'])) {
$deletions = $_POST['delete'];
if ($deletion_count = deleteUsers($deletions)) {
$successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
} else {
//Update display name
if ($userdetails['display_name'] != $_POST['display']) {
$displayname = trim($_POST['display']);
//Validate display name
if (displayNameExists($displayname)) {
$errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
} elseif (minMaxRange(5, 25, $displayname)) {
$errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
} elseif (!ctype_alnum($displayname)) {
$errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
} else {
if (updateDisplayName($userId, $displayname)) {
$successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
} else {
$errors[] = lang("SQL_ERROR");
}
}
} else {
$displayname = $userdetails['display_name'];
}
//Activate account
if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
if (setUserActive($userdetails['activation_token'])) {
$successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Update email
if ($userdetails['email'] != $_POST['email']) {
$email = trim($_POST["email"]);
//Validate email
if (!isValidEmail($email)) {
$errors[] = lang("ACCOUNT_INVALID_EMAIL");
} elseif (emailExists($email)) {
$errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
} else {
if (updateEmail($userId, $email)) {
$successes[] = lang("ACCOUNT_EMAIL_UPDATED");
} else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Update title
if ($userdetails['title'] != $_POST['title']) {
$title = trim($_POST['title']);
//Validate title
if (minMaxRange(1, 50, $title)) {
$errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
} else {
if (updateTitle($userId, $title)) {
$successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
} else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Remove permission level
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePermission($remove, $userId)) {
$successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPermission($add, $userId)) {
$successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$userdetails = fetchUserDetails(NULL, NULL, $userId);
}
}
$userPermission = fetchUserPermissions($userId);
$permissionData = fetchAllPermissions();
require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>";
include "{$baseURL}/application/third_party/user_cake/left-nav.php";
echo "\r\n</div>\r\n<div id='main'>";
echo resultBlock($errors, $successes);
echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
//Display activation link, if account inactive
if ($userdetails['active'] == '1') {
echo "Yes";
} else {
echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
}
echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
//Last sign in, interpretation
if ($userdetails['last_sign_in_stamp'] == '0') {
echo "Never";
} else {
echo date("j M, Y", $userdetails['last_sign_in_stamp']);
}
echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:";
//List of permission levels user is apart of
foreach ($permissionData as $v1) {
if (isset($userPermission[$v1['id']])) {
echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
//List of permission levels user is not apart of
echo "</p><p>Add Permission:";
foreach ($permissionData as $v1) {
if (!isset($userPermission[$v1['id']])) {
echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
}