public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ $baseURL = getcwd(); require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } //Forms posted if (!empty($_POST)) { if (!empty($_POST['delete']) || !empty($_POST['newPermission'])) { //Delete permission levels if (!empty($_POST['delete'])) { $deletions = $_POST['delete']; if ($deletion_count = deletePermission($deletions)) { $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count)); } } //Create new permission level if (!empty($_POST['newPermission'])) { $permission = trim($_POST['newPermission']); //Validate request if (permissionNameExists($permission)) { $errors[] = lang("PERMISSION_NAME_IN_USE", array($permission)); } elseif (minMaxRange(1, 50, $permission)) { $errors[] = lang("PERMISSION_CHAR_LIMIT", array(1, 50)); } else { if (createPermission($permission)) { $successes[] = lang("PERMISSION_CREATION_SUCCESSFUL", array($permission)); } else { $errors[] = lang("SQL_ERROR"); } } } } else { $errors[] = lang("NO_PERMISSION_SELECTED"); } } $permissionData = fetchAllPermissions(); //Retrieve list of all permission levels require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminPermissions' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<table class='admin'>\r\n<tr>\r\n<th>Delete</th><th>Permission Name</th>\r\n</tr>"; //List each permission level foreach ($permissionData as $v1) { echo "\r\n\t<tr>\r\n\t<td><input type='checkbox' name='delete[" . $v1['id'] . "]' id='delete[" . $v1['id'] . "]' value='" . $v1['id'] . "'></td>\r\n\t<td><a href='" . str_replace('index.php/', '', site_url('admin_permission')) . "?id=" . $v1['id'] . "'>" . $v1['name'] . "</a></td>\r\n\t</tr>"; } echo "\r\n</table>\r\n<p>\r\n<label>Permission Name:</label>\r\n<input type='text' name='newPermission' />\r\n</p> \r\n<input type='submit' name='Submit' value='Submit' />\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }
$errors[] = lang("SQL_ERROR"); } } if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($add, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $userdetails = fetchUserDetails(NULL, NULL, $userId); } } $userPermission = fetchUserPermissions($userId); $permissionData = fetchAllPermissions(); require_once "models/header.php"; echo "\r\n<div class='container'>\r\n<h1>PerunioCMS</h1>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>"; //Display activation link, if account inactive if ($userdetails['active'] == '1') { echo "Yes"; } else { echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t"; } echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>"; //Last sign in, interpretation if ($userdetails['last_sign_in_stamp'] == '0') { echo "Never"; } else {
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } $userId = $_GET['id']; //Check if selected user exists if (!userIdExists($userId)) { header("Location: " . str_replace('index.php/', '', site_url('admin_users'))); die; } $userdetails = fetchUserDetails(NULL, NULL, $userId); //Fetch user details //Forms posted if (!empty($_POST)) { //Delete selected account if (!empty($_POST['delete'])) { $deletions = $_POST['delete']; if ($deletion_count = deleteUsers($deletions)) { $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } else { //Update display name if ($userdetails['display_name'] != $_POST['display']) { $displayname = trim($_POST['display']); //Validate display name if (displayNameExists($displayname)) { $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname)); } elseif (minMaxRange(5, 25, $displayname)) { $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25)); } elseif (!ctype_alnum($displayname)) { $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS"); } else { if (updateDisplayName($userId, $displayname)) { $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname)); } else { $errors[] = lang("SQL_ERROR"); } } } else { $displayname = $userdetails['display_name']; } //Activate account if (isset($_POST['activate']) && $_POST['activate'] == "activate") { if (setUserActive($userdetails['activation_token'])) { $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname)); } else { $errors[] = lang("SQL_ERROR"); } } //Update email if ($userdetails['email'] != $_POST['email']) { $email = trim($_POST["email"]); //Validate email if (!isValidEmail($email)) { $errors[] = lang("ACCOUNT_INVALID_EMAIL"); } elseif (emailExists($email)) { $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email)); } else { if (updateEmail($userId, $email)) { $successes[] = lang("ACCOUNT_EMAIL_UPDATED"); } else { $errors[] = lang("SQL_ERROR"); } } } //Update title if ($userdetails['title'] != $_POST['title']) { $title = trim($_POST['title']); //Validate title if (minMaxRange(1, 50, $title)) { $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50)); } else { if (updateTitle($userId, $title)) { $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title)); } else { $errors[] = lang("SQL_ERROR"); } } } //Remove permission level if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePermission($remove, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($add, $userId)) { $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $userdetails = fetchUserDetails(NULL, NULL, $userId); } } $userPermission = fetchUserPermissions($userId); $permissionData = fetchAllPermissions(); require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>"; //Display activation link, if account inactive if ($userdetails['active'] == '1') { echo "Yes"; } else { echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t"; } echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>"; //Last sign in, interpretation if ($userdetails['last_sign_in_stamp'] == '0') { echo "Never"; } else { echo date("j M, Y", $userdetails['last_sign_in_stamp']); } echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:"; //List of permission levels user is apart of foreach ($permissionData as $v1) { if (isset($userPermission[$v1['id']])) { echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } //List of permission levels user is not apart of echo "</p><p>Add Permission:"; foreach ($permissionData as $v1) { if (!isset($userPermission[$v1['id']])) { echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; $baseURL = getcwd(); require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } //Forms posted if (!empty($_POST)) { $cfgId = array(); $newSettings = $_POST['settings']; //Validate new site name if ($newSettings[1] != $websiteName) { $newWebsiteName = $newSettings[1]; if (minMaxRange(1, 150, $newWebsiteName)) { $errors[] = lang("CONFIG_NAME_CHAR_LIMIT", array(1, 150)); } else { if (count($errors) == 0) { $cfgId[] = 1; $cfgValue[1] = $newWebsiteName; $websiteName = $newWebsiteName; } } } //Validate new URL if ($newSettings[2] != $websiteUrl) { $newWebsiteUrl = $newSettings[2]; if (minMaxRange(1, 150, $newWebsiteUrl)) { $errors[] = lang("CONFIG_URL_CHAR_LIMIT", array(1, 150)); } else { if (substr($newWebsiteUrl, -1) != "/") { $errors[] = lang("CONFIG_INVALID_URL_END"); } else { if (count($errors) == 0) { $cfgId[] = 2; $cfgValue[2] = $newWebsiteUrl; $websiteUrl = $newWebsiteUrl; } } } } //Validate new site email address if ($newSettings[3] != $emailAddress) { $newEmail = $newSettings[3]; if (minMaxRange(1, 150, $newEmail)) { $errors[] = lang("CONFIG_EMAIL_CHAR_LIMIT", array(1, 150)); } elseif (!isValidEmail($newEmail)) { $errors[] = lang("CONFIG_EMAIL_INVALID"); } else { if (count($errors) == 0) { $cfgId[] = 3; $cfgValue[3] = $newEmail; $emailAddress = $newEmail; } } } //Validate email activation selection if ($newSettings[4] != $emailActivation) { $newActivation = $newSettings[4]; if ($newActivation != "true" and $newActivation != "false") { $errors[] = lang("CONFIG_ACTIVATION_TRUE_FALSE"); } else { if (count($errors) == 0) { $cfgId[] = 4; $cfgValue[4] = $newActivation; $emailActivation = $newActivation; } } } //Validate new email activation resend threshold if ($newSettings[5] != $resend_activation_threshold) { $newResend_activation_threshold = $newSettings[5]; if ($newResend_activation_threshold > 72 or $newResend_activation_threshold < 0) { $errors[] = lang("CONFIG_ACTIVATION_RESEND_RANGE", array(0, 72)); } else { if (count($errors) == 0) { $cfgId[] = 5; $cfgValue[5] = $newResend_activation_threshold; $resend_activation_threshold = $newResend_activation_threshold; } } } //Validate new language selection if ($newSettings[6] != $language) { $newLanguage = $newSettings[6]; if (minMaxRange(1, 150, $language)) { $errors[] = lang("CONFIG_LANGUAGE_CHAR_LIMIT", array(1, 150)); } elseif (!file_exists($baseURL . $newLanguage)) { $errors[] = lang("CONFIG_LANGUAGE_INVALID", array($newLanguage)); } else { if (count($errors) == 0) { $cfgId[] = 6; $cfgValue[6] = $newLanguage; $language = $newLanguage; } } } //Validate new template selection if ($newSettings[7] != $template) { $newTemplate = $newSettings[7]; if (minMaxRange(1, 150, $template)) { $errors[] = lang("CONFIG_TEMPLATE_CHAR_LIMIT", array(1, 150)); } elseif (!file_exists($baseURL . $newTemplate)) { $errors[] = lang("CONFIG_TEMPLATE_INVALID", array($newTemplate)); } else { if (count($errors) == 0) { $cfgId[] = 7; $cfgValue[7] = $newTemplate; $template = $newTemplate; } } } //Update configuration table with new settings if (count($errors) == 0 and count($cfgId) > 0) { updateConfig($cfgId, $cfgValue); $successes[] = lang("CONFIG_UPDATE_SUCCESSFUL"); } } $languages = getLanguageFiles(); //Retrieve list of language files $templates = getTemplateFiles(); //Retrieve list of template files $permissionData = fetchAllPermissions(); //Retrieve list of all permission levels require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Configuration</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<div id='regbox'>\r\n<form name='adminConfiguration' action='" . $_SERVER['PHP_SELF'] . "' method='post'>\r\n<p>\r\n<label>Website Name:</label>\r\n<input type='text' name='settings[" . $settings['website_name']['id'] . "]' value='" . $websiteName . "' />\r\n</p>\r\n<p>\r\n<label>Website URL:</label>\r\n<input type='text' name='settings[" . $settings['website_url']['id'] . "]' value='" . $websiteUrl . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='settings[" . $settings['email']['id'] . "]' value='" . $emailAddress . "' />\r\n</p>\r\n<p>\r\n<label>Activation Threshold:</label>\r\n<input type='text' name='settings[" . $settings['resend_activation_threshold']['id'] . "]' value='" . $resend_activation_threshold . "' />\r\n</p>\r\n<p>\r\n<label>Language:</label>\r\n<select name='settings[" . $settings['language']['id'] . "]'>"; //Display language options foreach ($languages as $optLang) { if ($optLang == $language) { echo "<option value='" . $optLang . "' selected>{$optLang}</option>"; } else { echo "<option value='" . $optLang . "'>{$optLang}</option>"; } } echo "\r\n</select>\r\n</p>\r\n<p>\r\n<label>Email Activation:</label>\r\n<select name='settings[" . $settings['activation']['id'] . "]'>"; //Display email activation options if ($emailActivation == "true") { echo "\r\n\t<option value='true' selected>True</option>\r\n\t<option value='false'>False</option>\r\n\t</select>"; } else { echo "\r\n\t<option value='true'>True</option>\r\n\t<option value='false' selected>False</option>\r\n\t</select>"; } echo "</p>\r\n<p>\r\n<label>Template:</label>\r\n<select name='settings[" . $settings['template']['id'] . "]'>"; //Display template options foreach ($templates as $temp) { if ($temp == $template) { echo "<option value='" . $temp . "' selected>{$temp}</option>"; } else { echo "<option value='" . $temp . "'>{$temp}</option>"; } } echo "\r\n</select>\r\n</p>\r\n<input type='submit' name='Submit' value='Submit' />\r\n</form>\r\n</div>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } $pageId = $_GET['id']; //Check if selected pages exist if (!pageIdExists($pageId)) { header("Location: " . str_replace('index.php/', '', site_url('admin_pages'))); die; } $pageDetails = fetchPageDetails($pageId); //Fetch information specific to page //Forms posted if (!empty($_POST)) { $update = 0; if (!empty($_POST['private'])) { $private = $_POST['private']; } //Toggle private page setting if (isset($private) and $private == 'Yes') { if ($pageDetails['private'] == 0) { if (updatePrivate($pageId, 1)) { $successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private")); } else { $errors[] = lang("SQL_ERROR"); } } } elseif ($pageDetails['private'] == 1) { if (updatePrivate($pageId, 0)) { $successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public")); } else { $errors[] = lang("SQL_ERROR"); } } //Remove permission level(s) access to page if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePage($pageId, $remove)) { $successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add permission level(s) access to page if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPage($pageId, $add)) { $successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $pageDetails = fetchPageDetails($pageId); } $pagePermissions = fetchPagePermissions($pageId); $permissionData = fetchAllPermissions(); require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Page</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminPage' action='" . $_SERVER['PHP_SELF'] . "?id=" . $pageId . "' method='post'>\r\n<input type='hidden' name='process' value='1'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Page Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $pageDetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n" . $pageDetails['page'] . "\r\n</p>\r\n<p>\r\n<label>Private:</label>"; //Display private checkbox if ($pageDetails['private'] == 1) { echo "<input type='checkbox' name='private' id='private' value='Yes' checked>"; } else { echo "<input type='checkbox' name='private' id='private' value='Yes'>"; } echo "\r\n</p>\r\n</div></td><td>\r\n<h3>Page Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Access:"; //Display list of permission levels with access foreach ($permissionData as $v1) { if (isset($pagePermissions[$v1['id']])) { echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p><p>Add Access:"; //Display list of permission levels without access foreach ($permissionData as $v1) { if (!isset($pagePermissions[$v1['id']])) { echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }