function module_pref_prefs($link) { global $access_level_names; $subop = $_REQUEST["subop"]; $prefs_blacklist = array("HIDE_FEEDLIST", "SYNC_COUNTERS", "ENABLE_LABELS", "ENABLE_SEARCH_TOOLBAR", "HIDE_READ_FEEDS"); $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", "BLACKLISTED_TAGS", "ENABLE_FEED_ICONS", "ENABLE_API_ACCESS", "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL", "MARK_UNREAD_ON_UPDATE"); if (FORCE_ARTICLE_PURGE != 0) { array_push($prefs_blacklist, "PURGE_OLD_DAYS"); array_push($prefs_blacklist, "PURGE_UNREAD_ARTICLES"); } if ($subop == "change-password") { $old_pw = $_POST["OLD_PASSWORD"]; $new_pw = $_POST["NEW_PASSWORD"]; $con_pw = $_POST["CONFIRM_PASSWORD"]; if ($old_pw == "") { print "ERROR: " . __("Old password cannot be blank."); return; } if ($new_pw == "") { print "ERROR: " . __("New password cannot be blank."); return; } if ($new_pw != $con_pw) { print "ERROR: " . __("Entered passwords do not match."); return; } $old_pw_hash1 = encrypt_password($_POST["OLD_PASSWORD"]); $old_pw_hash2 = encrypt_password($_POST["OLD_PASSWORD"], $_SESSION["name"]); $new_pw_hash = encrypt_password($_POST["NEW_PASSWORD"], $_SESSION["name"]); $active_uid = $_SESSION["uid"]; if ($old_pw && $new_pw) { $login = db_escape_string($_SERVER['PHP_AUTH_USER']); $result = db_query($link, "SELECT id FROM ttrss_users WHERE \n\t\t\t\t\tid = '{$active_uid}' AND (pwd_hash = '{$old_pw_hash1}' OR \n\t\t\t\t\t\tpwd_hash = '{$old_pw_hash2}')"); if (db_num_rows($result) == 1) { db_query($link, "UPDATE ttrss_users SET pwd_hash = '{$new_pw_hash}' \n\t\t\t\t\t\tWHERE id = '{$active_uid}'"); $_SESSION["pwd_hash"] = $new_pw_hash; print __("Password has been changed."); } else { print "ERROR: " . __('Old password is incorrect.'); } } return; } else { if ($subop == "save-config") { # $_SESSION["prefs_op_result"] = "save-config"; $_SESSION["prefs_cache"] = false; // print_r($_POST); $orig_theme = get_pref($link, "_THEME_ID"); foreach (array_keys($_POST) as $pref_name) { $pref_name = db_escape_string($pref_name); $value = db_escape_string($_POST[$pref_name]); set_pref($link, $pref_name, $value); } if ($orig_theme != get_pref($link, "_THEME_ID")) { print "PREFS_THEME_CHANGED"; } else { print __("The configuration was saved."); } return; } else { if ($subop == "getHelp") { $pref_name = db_escape_string($_REQUEST["pn"]); $result = db_query($link, "SELECT help_text FROM ttrss_prefs\n\t\t\t\tWHERE pref_name = '{$pref_name}'"); if (db_num_rows($result) > 0) { $help_text = db_fetch_result($result, 0, "help_text"); print $help_text; } else { printf(__("Unknown option: %s"), $pref_name); } } else { if ($subop == "change-email") { $email = db_escape_string($_POST["email"]); $active_uid = $_SESSION["uid"]; db_query($link, "UPDATE ttrss_users SET email = '{$email}' \n\t\t\t\tWHERE id = '{$active_uid}'"); print __("E-mail has been changed."); return; } else { if ($subop == "reset-config") { $_SESSION["prefs_op_result"] = "reset-to-defaults"; if ($_SESSION["profile"]) { $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { $profile_qpart = "profile IS NULL"; } db_query($link, "DELETE FROM ttrss_user_prefs \n\t\t\t\tWHERE {$profile_qpart} AND owner_uid = " . $_SESSION["uid"]); initialize_user_prefs($link, $_SESSION["uid"], $_SESSION["profile"]); print "PREFS_THEME_CHANGED"; // print __("The configuration was reset to defaults."); return; } else { set_pref($link, "_PREFS_ACTIVE_TAB", "genConfig"); if ($_SESSION["profile"]) { print_notice("Some preferences are only available in default profile."); } if (!SINGLE_USER_MODE) { $result = db_query($link, "SELECT id FROM ttrss_users\n\t\t\t\t\tWHERE id = " . $_SESSION["uid"] . " AND pwd_hash \n\t\t\t\t\t= 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); if (db_num_rows($result) != 0) { print format_warning(__("Your password is at default value, \n\t\t\t\t\t\tplease change it."), "default_pass_warning"); } /* if ($_SESSION["pwd_change_result"] == "failed") { print format_warning("Could not change the password."); } if ($_SESSION["pwd_change_result"] == "ok") { print format_notice("Password was changed."); } $_SESSION["pwd_change_result"] = ""; */ /* if ($_SESSION["prefs_op_result"] == "reset-to-defaults") { print format_notice(__("The configuration was reset to defaults.")); } */ # if ($_SESSION["prefs_op_result"] == "save-config") { # print format_notice(__("The configuration was saved.")); # } $_SESSION["prefs_op_result"] = ""; print "<form onsubmit='return false' id='change_email_form'>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td colspan='3'><h3>" . __("Personal data") . "</h3></tr></td>"; $result = db_query($link, "SELECT email,access_level FROM ttrss_users\n\t\t\t\t\tWHERE id = " . $_SESSION["uid"]); $email = db_fetch_result($result, 0, "email"); print "<tr><td width=\"40%\">" . __('E-mail') . "</td>"; print "<td class=\"prefValue\"><input class=\"editbox\" name=\"email\" \n\t\t\t\t\tonfocus=\"javascript:disableHotkeys();\" \n\t\t\t\t\tonblur=\"javascript:enableHotkeys();\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, changeUserEmail)\"\n\t\t\t\t\tvalue=\"{$email}\"></td></tr>"; if (!SINGLE_USER_MODE) { $access_level = db_fetch_result($result, 0, "access_level"); print "<tr><td width=\"40%\">" . __('Access level') . "</td>"; print "<td>" . $access_level_names[$access_level] . "</td></tr>"; } print "</table>"; print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; print "<input type=\"hidden\" name=\"subop\" value=\"change-email\">"; print "</form>"; print "<p><button onclick=\"return changeUserEmail()\">" . __("Change e-mail") . "</button>"; print "<form onsubmit=\"return false\" \n\t\t\t\t\tname=\"change_pass_form\" id=\"change_pass_form\">"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td colspan='3'><h3>" . __("Authentication") . "</h3></tr></td>"; print "<tr><td width=\"40%\">" . __("Old password") . "</td>"; print "<td class=\"prefValue\"><input class=\"editbox\" type=\"password\"\n\t\t\t\t\tonfocus=\"javascript:disableHotkeys();\" \n\t\t\t\t\tonblur=\"javascript:enableHotkeys();\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, changeUserPassword)\"\n\t\t\t\t\tname=\"OLD_PASSWORD\"></td></tr>"; print "<tr><td width=\"40%\">" . __("New password") . "</td>"; print "<td class=\"prefValue\"><input class=\"editbox\" type=\"password\"\n\t\t\t\t\tonfocus=\"javascript:disableHotkeys();\" \n\t\t\t\t\tonblur=\"javascript:enableHotkeys();\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, changeUserPassword)\"\n\t\t\t\t\tname=\"NEW_PASSWORD\"></td></tr>"; print "<tr><td width=\"40%\">" . __("Confirm password") . "</td>"; print "<td class=\"prefValue\"><input class=\"editbox\" type=\"password\"\n\t\t\t\t\tonfocus=\"javascript:disableHotkeys();\" \n\t\t\t\t\tonblur=\"javascript:enableHotkeys();\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, changeUserPassword)\"\n\t\t\t\t\tname=\"CONFIRM_PASSWORD\"></td></tr>"; print "</table>"; print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; print "<input type=\"hidden\" name=\"subop\" value=\"change-password\">"; print "</form>"; print "<p><button\tonclick=\"return changeUserPassword()\">" . __("Change password") . "</button>"; } if ($_SESSION["profile"]) { initialize_user_prefs($link, $_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { initialize_user_prefs($link, $_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } $result = db_query($link, "SELECT \n\t\t\t\tttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,\n\t\t\t\tsection_name,def_value,section_id\n\t\t\t\tFROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs\n\t\t\t\tWHERE type_id = ttrss_prefs_types.id AND \n\t\t\t\t\t{$profile_qpart} AND\n\t\t\t\t\tsection_id = ttrss_prefs_sections.id AND\n\t\t\t\t\tttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND\n\t\t\t\t\tshort_desc != '' AND\n\t\t\t\t\towner_uid = " . $_SESSION["uid"] . "\n\t\t\t\tORDER BY section_id,short_desc"); print "<form onsubmit='return false' action=\"backend.php\" \n\t\t\t\tmethod=\"POST\" id=\"pref_prefs_form\">"; $lnum = 0; $active_section = ""; while ($line = db_fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; } if ($_SESSION["profile"] && in_array($line["pref_name"], $profile_blacklist)) { continue; } if ($active_section != $line["section_name"]) { if ($active_section != "") { print "</table>"; } print "<p><table width=\"100%\" class=\"prefPrefsList\">"; $active_section = $line["section_name"]; print "<tr><td colspan=\"3\"><h3>" . __($active_section) . "</h3></td></tr>"; if ($line["section_id"] == 2) { print "<tr><td width=\"40%\">" . __("Select theme") . "</td>"; $user_theme = get_pref($link, "_THEME_ID"); $themes = get_all_themes(); print "<td><select name=\"_THEME_ID\">"; print "<option value=''>" . __('Default') . "</option>"; print "<option disabled>--------</option>"; foreach ($themes as $t) { $base = $t['base']; $name = $t['name']; if ($base == $user_theme) { $selected = "selected=\"1\""; } else { $selected = ""; } print "<option {$selected} value='{$base}'>{$name}</option>"; } print "</select></td></tr>"; } // print "<tr class=\"title\"> // <td width=\"25%\">Option</td><td>Value</td></tr>"; $lnum = 0; } // $class = ($lnum % 2) ? "even" : "odd"; print "<tr>"; $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $value = $line["value"]; $def_value = $line["def_value"]; $help_text = $line["help_text"]; print "<td width=\"40%\" class=\"prefName\" id=\"{$pref_name}\">" . __($line["short_desc"]); if ($help_text) { print "<div class=\"prefHelp\">" . __($help_text) . "</div>"; } print "</td>"; print "<td class=\"prefValue\">"; if ($pref_name == "DEFAULT_UPDATE_INTERVAL") { global $update_intervals_nodefault; print_select_hash($pref_name, $value, $update_intervals_nodefault); } else { if ($type_name == "bool") { // print_select($pref_name, $value, array("true", "false")); if ($value == "true") { $value = __("Yes"); } else { $value = __("No"); } print_radio($pref_name, $value, __("Yes"), array(__("Yes"), __("No"))); } else { print "<input class=\"editbox\"\n\t\t\t\t\t\tonfocus=\"javascript:disableHotkeys();\" \n\t\t\t\t\t\tonblur=\"javascript:enableHotkeys();\" \n\t\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; } } print "</td>"; print "</tr>"; $lnum++; } print "</table>"; print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">"; print "<p><button onclick=\"return validatePrefsSave()\">" . __('Save configuration') . "</button> "; print "<button onclick=\"return editProfiles()\">" . __('Manage profiles') . "</button> "; print "<button onclick=\"return validatePrefsReset()\">" . __('Reset to defaults') . "</button></p>"; print "</form>"; } } } } } }
function print_warning($msg) { return print format_warning($msg); }
function add() { $login = $this->dbh->escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE\n\t\t\t\tlogin = '******'"); if ($this->dbh->num_rows($result) == 0) { $this->dbh->query("INSERT INTO ttrss_users\n\t\t\t\t\t(login,pwd_hash,access_level,last_login,created, salt)\n\t\t\t\t\tVALUES ('{$login}', '{$pwd_hash}', 0, null, NOW(), '{$salt}')"); $result = $this->dbh->query("SELECT id FROM ttrss_users WHERE\n\t\t\t\t\tlogin = '******' AND pwd_hash = '{$pwd_hash}'"); if ($this->dbh->num_rows($result) == 1) { $new_uid = $this->dbh->fetch_result($result, 0, "id"); print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", $login, $tmp_user_pwd)); initialize_user($new_uid); } else { print format_warning(T_sprintf("Could not create user <b>%s</b>", $login)); } } else { print format_warning(T_sprintf("User <b>%s</b> already exists.", $login)); } }
function index() { global $access_level_names; $prefs_blacklist = array("STRIP_UNSAFE_TAGS", "REVERSE_HEADLINES", "SORT_HEADLINES_BY_FEED_DATE", "DEFAULT_ARTICLE_LIMIT", "FEEDS_SORT_BY_UNREAD"); /* "FEEDS_SORT_BY_UNREAD", "HIDE_READ_FEEDS", "REVERSE_HEADLINES" */ $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", "BLACKLISTED_TAGS", "ENABLE_API_ACCESS", "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL", "USER_TIMEZONE", "SORT_HEADLINES_BY_FEED_DATE", "SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME"); $_SESSION["prefs_op_result"] = ""; print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"" . __('Personal data / Authentication') . "\">"; print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\tevt.preventDefault();\n\t\tif (this.validate()) {\n\t\t\tnotify_progress('Saving data...', true);\n\n\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\tnotify_callback2(transport);\n\t\t\t} });\n\n\t\t}\n\t\t</script>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<h2>" . __("Personal data") . "</h2>"; $result = $this->dbh->query("SELECT email,full_name,otp_enabled,\n\t\t\taccess_level FROM ttrss_users\n\t\t\tWHERE id = " . $_SESSION["uid"]); $email = htmlspecialchars($this->dbh->fetch_result($result, 0, "email")); $full_name = htmlspecialchars($this->dbh->fetch_result($result, 0, "full_name")); $otp_enabled = sql_bool_to_bool($this->dbh->fetch_result($result, 0, "otp_enabled")); print "<tr><td width=\"40%\">" . __('Full name') . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"\n\t\t\tvalue=\"{$full_name}\"></td></tr>"; print "<tr><td width=\"40%\">" . __('E-mail') . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"{$email}\"></td></tr>"; if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) { $access_level = $this->dbh->fetch_result($result, 0, "access_level"); print "<tr><td width=\"40%\">" . __('Access level') . "</td>"; print "<td>" . $access_level_names[$access_level] . "</td></tr>"; } print "</table>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Save data") . "</button>"; print "</form>"; if ($_SESSION["auth_module"]) { $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); } else { $authenticator = false; } if ($authenticator && method_exists($authenticator, "change_password")) { print "<h2>" . __("Password") . "</h2>"; $result = $this->dbh->query("SELECT id FROM ttrss_users\n\t\t\t\tWHERE id = " . $_SESSION["uid"] . " AND pwd_hash\n\t\t\t\t= 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); if ($this->dbh->num_rows($result) != 0) { print format_warning(__("Your password is at default value, please change it."), "default_pass_warning"); } print "<form dojoType=\"dijit.form.Form\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\t\tevt.preventDefault();\n\t\t\tif (this.validate()) {\n\t\t\t\tnotify_progress('Changing password...', true);\n\n\t\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\t\tnotify('');\n\t\t\t\t\t\tif (transport.responseText.indexOf('ERROR: ') == 0) {\n\t\t\t\t\t\t\tnotify_error(transport.responseText.replace('ERROR: ', ''));\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tnotify_info(transport.responseText);\n\t\t\t\t\t\t\tvar warn = \$('default_pass_warning');\n\t\t\t\t\t\t\tif (warn) Element.hide(warn);\n\t\t\t\t\t\t}\n\t\t\t\t}});\n\t\t\t\tthis.reset();\n\t\t\t}\n\t\t\t</script>"; if ($otp_enabled) { print_notice(__("Changing your current password will disable OTP.")); } print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td width=\"40%\">" . __("Old password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"old_password\"></td></tr>"; print "<tr><td width=\"40%\">" . __("New password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\"\n\t\t\t\tname=\"new_password\"></td></tr>"; print "<tr><td width=\"40%\">" . __("Confirm password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"confirm_password\"></td></tr>"; print "</table>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changepassword\">"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Change password") . "</button>"; print "</form>"; if ($_SESSION["auth_module"] == "auth_internal") { print "<h2>" . __("One time passwords / Authenticator") . "</h2>"; if ($otp_enabled) { print_notice(__("One time passwords are currently enabled. Enter your current password below to disable.")); print "<form dojoType=\"dijit.form.Form\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\t\t\tevt.preventDefault();\n\t\t\t\tif (this.validate()) {\n\t\t\t\t\tnotify_progress('Disabling OTP', true);\n\n\t\t\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\t\t\tnotify('');\n\t\t\t\t\t\t\tif (transport.responseText.indexOf('ERROR: ') == 0) {\n\t\t\t\t\t\t\t\tnotify_error(transport.responseText.replace('ERROR: ', ''));\n\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t\t\t}\n\t\t\t\t\t}});\n\t\t\t\t\tthis.reset();\n\t\t\t\t}\n\t\t\t\t</script>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td width=\"40%\">" . __("Enter your password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\"\n\t\t\t\t\tname=\"password\"></td></tr>"; print "</table>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"otpdisable\">"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Disable OTP") . "</button>"; print "</form>"; } else { if (function_exists("imagecreatefromstring")) { print_warning(__("You will need a compatible Authenticator to use this. Changing your password would automatically disable OTP.")); print "<p>" . __("Scan the following code by the Authenticator application:") . "</p>"; $csrf_token = $_SESSION["csrf_token"]; print "<img src=\"backend.php?op=pref-prefs&method=otpqrcode&csrf_token={$csrf_token}\">"; print "<form dojoType=\"dijit.form.Form\" id=\"changeOtpForm\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"otpenable\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\t\t\t\tevt.preventDefault();\n\t\t\t\t\tif (this.validate()) {\n\t\t\t\t\t\tnotify_progress('Saving data...', true);\n\n\t\t\t\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\t\t\t\tnotify('');\n\t\t\t\t\t\t\t\tif (transport.responseText.indexOf('ERROR:') == 0) {\n\t\t\t\t\t\t\t\t\tnotify_error(transport.responseText.replace('ERROR:', ''));\n\t\t\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t} });\n\n\t\t\t\t\t}\n\t\t\t\t\t</script>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td width=\"40%\">" . __("Enter your password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\"\n\t\t\t\t\t\tname=\"password\"></td></tr>"; print "<tr><td width=\"40%\">" . __("Enter the generated one time password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" autocomplete=\"off\"\n\t\t\t\t\t\trequired=\"1\"\n\t\t\t\t\t\tname=\"otp\"></td></tr>"; print "<tr><td colspan=\"2\">"; print "</td></tr><tr><td colspan=\"2\">"; print "</td></tr>"; print "</table>"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Enable OTP") . "</button>"; print "</form>"; } else { print_notice(__("PHP GD functions are required for OTP support.")); } } } } PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsAuth"); print "</div>"; #pane print "<div dojoType=\"dijit.layout.AccordionPane\" selected=\"true\" title=\"" . __('Preferences') . "\">"; print "<form dojoType=\"dijit.form.Form\" id=\"changeSettingsForm\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt, quit\">\n\t\tif (evt) evt.preventDefault();\n\t\tif (this.validate()) {\n\t\t\tconsole.log(dojo.objectToQuery(this.getValues()));\n\n\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\tvar msg = transport.responseText;\n\t\t\t\t\tif (quit) {\n\t\t\t\t\t\tgotoMain();\n\t\t\t\t\t} else {\n\t\t\t\t\t\tif (msg == 'PREFS_NEED_RELOAD') {\n\t\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tnotify_info(msg);\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t} });\n\t\t}\n\t\t</script>"; print '<div dojoType="dijit.layout.BorderContainer" gutters="false">'; print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">'; if ($_SESSION["profile"]) { print_notice(__("Some preferences are only available in default profile.")); } if ($_SESSION["profile"]) { initialize_user_prefs($_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { initialize_user_prefs($_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } /* if ($_SESSION["prefs_show_advanced"]) $access_query = "true"; else $access_query = "(access_level = 0 AND section_id != 3)"; */ $access_query = 'true'; $result = $this->dbh->query("SELECT DISTINCT\n\t\t\tttrss_user_prefs.pref_name,value,type_name,\n\t\t\tttrss_prefs_sections.order_id,\n\t\t\tdef_value,section_id\n\t\t\tFROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs\n\t\t\tWHERE type_id = ttrss_prefs_types.id AND\n\t\t\t\t{$profile_qpart} AND\n\t\t\t\tsection_id = ttrss_prefs_sections.id AND\n\t\t\t\tttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND\n\t\t\t\t{$access_query} AND\n\t\t\t\towner_uid = " . $_SESSION["uid"] . "\n\t\t\tORDER BY ttrss_prefs_sections.order_id,pref_name"); $lnum = 0; $active_section = ""; $listed_boolean_prefs = array(); while ($line = $this->dbh->fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; } $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $section_name = $this->getSectionName($line["section_id"]); $value = $line["value"]; $short_desc = $this->getShortDesc($pref_name); $help_text = $this->getHelpText($pref_name); if (!$short_desc) { continue; } if ($_SESSION["profile"] && in_array($line["pref_name"], $profile_blacklist)) { continue; } if ($active_section != $line["section_id"]) { if ($active_section != "") { print "</table>"; } print "<table width=\"100%\" class=\"prefPrefsList\">"; $active_section = $line["section_id"]; print "<tr><td colspan=\"3\"><h3>" . $section_name . "</h3></td></tr>"; $lnum = 0; } print "<tr>"; print "<td width=\"40%\" class=\"prefName\" id=\"{$pref_name}\">"; print "<label for='CB_{$pref_name}'>"; print $short_desc; print "</label>"; if ($help_text) { print "<div class=\"prefHelp\">" . __($help_text) . "</div>"; } print "</td>"; print "<td class=\"prefValue\">"; if ($pref_name == "USER_LANGUAGE") { print_select_hash($pref_name, $value, get_translations(), "style='width : 220px; margin : 0px' dojoType='dijit.form.Select'"); } else { if ($pref_name == "USER_TIMEZONE") { $timezones = explode("\n", file_get_contents("lib/timezones.txt")); print_select($pref_name, $value, $timezones, 'dojoType="dijit.form.FilteringSelect"'); } else { if ($pref_name == "USER_STYLESHEET") { print "<button dojoType=\"dijit.form.Button\"\n\t\t\t\t\tonclick=\"customizeCSS()\">" . __('Customize') . "</button>"; } else { if ($pref_name == "USER_CSS_THEME") { $themes = array_map("basename", glob("themes/*.css")); print_select($pref_name, $value, $themes, 'dojoType="dijit.form.Select"'); } else { if ($pref_name == "DEFAULT_UPDATE_INTERVAL") { global $update_intervals_nodefault; print_select_hash($pref_name, $value, $update_intervals_nodefault, 'dojoType="dijit.form.Select"'); } else { if ($type_name == "bool") { array_push($listed_boolean_prefs, $pref_name); $checked = $value == "true" ? "checked=\"checked\"" : ""; if ($pref_name == "PURGE_UNREAD_ARTICLES" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $checked = "checked=\"checked\""; } else { $disabled = ""; } print "<input type='checkbox' name='{$pref_name}' {$checked} {$disabled}\n\t\t\t\t\tdojoType='dijit.form.CheckBox' id='CB_{$pref_name}' value='1'>"; } else { if (array_search($pref_name, array('FRESH_ARTICLE_MAX_AGE', 'PURGE_OLD_DAYS', 'LONG_DATE_FORMAT', 'SHORT_DATE_FORMAT')) !== false) { $regexp = $type_name == 'integer' ? 'regexp="^\\d*$"' : ''; if ($pref_name == "PURGE_OLD_DAYS" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $value = FORCE_ARTICLE_PURGE; } else { $disabled = ""; } print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\trequired=\"1\" {$regexp} {$disabled}\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; } else { if ($pref_name == "SSL_CERT_SERIAL") { print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\tid=\"SSL_CERT_SERIAL\" readonly=\"1\"\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; $cert_serial = htmlspecialchars(get_ssl_certificate_id()); $has_serial = $cert_serial ? "false" : "true"; print " <button dojoType=\"dijit.form.Button\" disabled=\"{$has_serial}\"\n\t\t\t\t\tonclick=\"insertSSLserial('{$cert_serial}')\">" . __('Register') . "</button>"; print " <button dojoType=\"dijit.form.Button\"\n\t\t\t\t\tonclick=\"insertSSLserial('')\">" . __('Clear') . "</button>"; } else { if ($pref_name == 'DIGEST_PREFERRED_TIME') { print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\tid=\"{$pref_name}\" regexp=\"[012]?\\d:\\d\\d\" placeHolder=\"12:00\"\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\"><div class=\"insensitive\">" . T_sprintf("Current server time: %s (UTC)", date("H:i")) . "</div>"; } else { $regexp = $type_name == 'integer' ? 'regexp="^\\d*$"' : ''; print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\t{$regexp}\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; } } } } } } } } } print "</td>"; print "</tr>"; $lnum++; } print "</table>"; $listed_boolean_prefs = htmlspecialchars(join(",", $listed_boolean_prefs)); print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"boolean_prefs\" value=\"{$listed_boolean_prefs}\">"; PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsInside"); print '</div>'; # inside pane print '<div dojoType="dijit.layout.ContentPane" region="bottom">'; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"saveconfig\">"; print "<div dojoType=\"dijit.form.ComboButton\" type=\"submit\">\n\t\t\t<span>" . __('Save configuration') . "</span>\n\t\t\t<div dojoType=\"dijit.DropDownMenu\">\n\t\t\t\t<div dojoType=\"dijit.MenuItem\"\n\t\t\t\t\tonclick=\"dijit.byId('changeSettingsForm').onSubmit(null, true)\">" . __("Save and exit preferences") . "</div>\n\t\t\t</div>\n\t\t\t</div>"; print "<button dojoType=\"dijit.form.Button\" onclick=\"return editProfiles()\">" . __('Manage profiles') . "</button> "; print "<button dojoType=\"dijit.form.Button\" onclick=\"return validatePrefsReset()\">" . __('Reset to defaults') . "</button>"; print " "; /* $checked = $_SESSION["prefs_show_advanced"] ? "checked='1'" : ""; print "<input onclick='toggleAdvancedPrefs()' id='prefs_show_advanced' dojoType=\"dijit.form.CheckBox\" $checked type=\"checkbox\"></input> <label for='prefs_show_advanced'>" . __("Show additional preferences") . "</label>"; */ PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "hook_prefs_tab_section", "prefPrefsPrefsOutside"); print "</form>"; print '</div>'; # inner pane print '</div>'; # border container print "</div>"; #pane print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"" . __('Plugins') . "\">"; print "<p>" . __("You will need to reload Tiny Tiny RSS for plugin changes to take effect.") . "</p>"; print_notice(__("Download more plugins at tt-rss.org <a class=\"visibleLink\" target=\"_blank\" href=\"http://tt-rss.org/forum/viewforum.php?f=22\">forums</a> or <a target=\"_blank\" class=\"visibleLink\" href=\"http://tt-rss.org/wiki/Plugins\">wiki</a>.")); print "<form dojoType=\"dijit.form.Form\" id=\"changePluginsForm\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\tevt.preventDefault();\n\t\tif (this.validate()) {\n\t\t\tnotify_progress('Saving data...', true);\n\n\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\tnotify('');\n\t\t\t\t\tif (confirm(__('Selected plugins have been enabled. Reload?'))) {\n\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t}\n\t\t\t} });\n\n\t\t}\n\t\t</script>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"setplugins\">"; print "<table width='100%' class='prefPluginsList'>"; print "<tr><td colspan='4'><h3>" . __("System plugins") . "</h3></td></tr>"; print "<tr class=\"title\">\n\t\t\t\t<td width=\"5%\"> </td>\n\t\t\t\t<td width='10%'>" . __('Plugin') . "</td>\n\t\t\t\t<td width=''>" . __('Description') . "</td>\n\t\t\t\t<td width='5%'>" . __('Version') . "</td>\n\t\t\t\t<td width='10%'>" . __('Author') . "</td></tr>"; $system_enabled = array_map("trim", explode(",", PLUGINS)); $user_enabled = array_map("trim", explode(",", get_pref("_ENABLED_PLUGINS"))); $tmppluginhost = new PluginHost(); $tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]); $tmppluginhost->load_data(true); foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); if ($about[3] && strpos($name, "example") === FALSE) { if (in_array($name, $system_enabled)) { $checked = "checked='1'"; } else { $checked = ""; } print "<tr>"; print "<td align='center'><input disabled='1'\n\t\t\t\t\t\tdojoType=\"dijit.form.CheckBox\" {$checked}\n\t\t\t\t\t\ttype=\"checkbox\"></td>"; $plugin_icon = $checked ? "plugin.png" : "plugin_disabled.png"; print "<td><label><img src='images/{$plugin_icon}' alt=''> {$name}</label></td>"; print "<td>" . htmlspecialchars($about[1]); if (@$about[4]) { print " — <a target=\"_blank\" class=\"visibleLink\"\n\t\t\t\t\t\thref=\"" . htmlspecialchars($about[4]) . "\">" . __("more info") . "</a>"; } print "</td>"; print "<td>" . htmlspecialchars(sprintf("%.2f", $about[0])) . "</td>"; print "<td>" . htmlspecialchars($about[2]) . "</td>"; if (count($tmppluginhost->get_all($plugin)) > 0) { if (in_array($name, $system_enabled)) { print "<td><a href='#' onclick=\"clearPluginData('{$name}')\"\n\t\t\t\t\t\t\tclass='visibleLink'>" . __("Clear data") . "</a></td>"; } } print "</tr>"; } } print "<tr><td colspan='4'><h3>" . __("User plugins") . "</h3></td></tr>"; print "<tr class=\"title\">\n\t\t\t\t<td width=\"5%\"> </td>\n\t\t\t\t<td width='10%'>" . __('Plugin') . "</td>\n\t\t\t\t<td width=''>" . __('Description') . "</td>\n\t\t\t\t<td width='5%'>" . __('Version') . "</td>\n\t\t\t\t<td width='10%'>" . __('Author') . "</td></tr>"; foreach ($tmppluginhost->get_plugins() as $name => $plugin) { $about = $plugin->about(); if (!$about[3] && strpos($name, "example") === FALSE) { if (in_array($name, $system_enabled)) { $checked = "checked='1'"; $disabled = "disabled='1'"; $rowclass = ''; } else { if (in_array($name, $user_enabled)) { $checked = "checked='1'"; $disabled = ""; $rowclass = "Selected"; } else { $checked = ""; $disabled = ""; $rowclass = ''; } } print "<tr class='{$rowclass}'>"; $plugin_icon = $checked ? "plugin.png" : "plugin_disabled.png"; print "<td align='center'><input id='FPCHK-{$name}' name='plugins[]' value='{$name}' onclick='toggleSelectRow2(this);'\n\t\t\t\t\tdojoType=\"dijit.form.CheckBox\" {$checked} {$disabled}\n\t\t\t\t\ttype=\"checkbox\"></td>"; print "<td><label for='FPCHK-{$name}'><img src='images/{$plugin_icon}' alt=''> {$name}</label></td>"; print "<td><label for='FPCHK-{$name}'>" . htmlspecialchars($about[1]) . "</label>"; if (@$about[4]) { print " — <a target=\"_blank\" class=\"visibleLink\"\n\t\t\t\t\t\thref=\"" . htmlspecialchars($about[4]) . "\">" . __("more info") . "</a>"; } print "</td>"; print "<td>" . htmlspecialchars(sprintf("%.2f", $about[0])) . "</td>"; print "<td>" . htmlspecialchars($about[2]) . "</td>"; if (count($tmppluginhost->get_all($plugin)) > 0) { if (in_array($name, $system_enabled) || in_array($name, $user_enabled)) { print "<td><a href='#' onclick=\"clearPluginData('{$name}')\" class='visibleLink'>" . __("Clear data") . "</a></td>"; } } print "</tr>"; } } print "</table>"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Enable selected plugins") . "</button></p>"; print "</form>"; print "</div>"; #pane PluginHost::getInstance()->run_hooks(PluginHost::HOOK_PREFS_TAB, "hook_prefs_tab", "prefPrefs"); print "</div>"; #container }
function index() { global $access_level_names; $prefs_blacklist = array("HIDE_READ_FEEDS", "FEEDS_SORT_BY_UNREAD", "STRIP_UNSAFE_TAGS"); $profile_blacklist = array("ALLOW_DUPLICATE_POSTS", "PURGE_OLD_DAYS", "PURGE_UNREAD_ARTICLES", "DIGEST_ENABLE", "DIGEST_CATCHUP", "BLACKLISTED_TAGS", "ENABLE_API_ACCESS", "UPDATE_POST_ON_CHECKSUM_CHANGE", "DEFAULT_UPDATE_INTERVAL", "USER_TIMEZONE", "SORT_HEADLINES_BY_FEED_DATE", "SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME"); $_SESSION["prefs_op_result"] = ""; print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">"; print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"" . __('Personal data / Authentication') . "\">"; print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\tevt.preventDefault();\n\t\tif (this.validate()) {\n\t\t\tnotify_progress('Saving data...', true);\n\n\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\tnotify_callback2(transport);\n\t\t\t} });\n\n\t\t}\n\t\t</script>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; $result = db_query($this->link, "SELECT email,full_name,\n\t\t\taccess_level FROM ttrss_users\n\t\t\tWHERE id = " . $_SESSION["uid"]); $email = htmlspecialchars(db_fetch_result($result, 0, "email")); $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name")); print "<tr><td width=\"40%\">" . __('Full name') . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"\n\t\t\tvalue=\"{$full_name}\"></td></tr>"; print "<tr><td width=\"40%\">" . __('E-mail') . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"{$email}\"></td></tr>"; if (!SINGLE_USER_MODE && !(ALLOW_REMOTE_USER_AUTH && AUTO_LOGIN)) { $access_level = db_fetch_result($result, 0, "access_level"); print "<tr><td width=\"40%\">" . __('Access level') . "</td>"; print "<td>" . $access_level_names[$access_level] . "</td></tr>"; } print "</table>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Save data") . "</button>"; print "</form>"; if (!SINGLE_USER_MODE && !(ALLOW_REMOTE_USER_AUTH && AUTO_LOGIN)) { $result = db_query($this->link, "SELECT id FROM ttrss_users\n\t\t\t\tWHERE id = " . $_SESSION["uid"] . " AND pwd_hash\n\t\t\t\t= 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); if (db_num_rows($result) != 0) { print format_warning(__("Your password is at default value, please change it."), "default_pass_warning"); } print "<form dojoType=\"dijit.form.Form\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\t\tevt.preventDefault();\n\t\t\tif (this.validate()) {\n\t\t\t\tnotify_progress('Changing password...', true);\n\n\t\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\t\tnotify('');\n\t\t\t\t\t\tif (transport.responseText.indexOf('ERROR: ') == 0) {\n\t\t\t\t\t\t\tnotify_error(transport.responseText.replace('ERROR: ', ''));\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tnotify_info(transport.responseText);\n\t\t\t\t\t\t\tvar warn = \$('default_pass_warning');\n\t\t\t\t\t\t\tif (warn) Element.hide(warn);\n\t\t\t\t\t\t}\n\t\t\t\t}});\n\t\t\t\tthis.reset();\n\t\t\t}\n\t\t\t</script>"; print "<table width=\"100%\" class=\"prefPrefsList\">"; print "<tr><td width=\"40%\">" . __("Old password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"old_password\"></td></tr>"; print "<tr><td width=\"40%\">" . __("New password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\"\n\t\t\t\tname=\"new_password\"></td></tr>"; print "<tr><td width=\"40%\">" . __("Confirm password") . "</td>"; print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" type=\"password\" required=\"1\" name=\"confirm_password\"></td></tr>"; print "</table>"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changepassword\">"; print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">" . __("Change password") . "</button>"; print "</form>"; } print "</div>"; #pane print "<div dojoType=\"dijit.layout.AccordionPane\" selected=\"true\" title=\"" . __('Preferences') . "\">"; print "<form dojoType=\"dijit.form.Form\" id=\"changeSettingsForm\">"; print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">\n\t\tevt.preventDefault();\n\t\tif (this.validate()) {\n\t\t\tconsole.log(dojo.objectToQuery(this.getValues()));\n\n\t\t\tnew Ajax.Request('backend.php', {\n\t\t\t\tparameters: dojo.objectToQuery(this.getValues()),\n\t\t\t\tonComplete: function(transport) {\n\t\t\t\t\tvar msg = transport.responseText;\n\t\t\t\t\tif (msg.match('PREFS_THEME_CHANGED')) {\n\t\t\t\t\t\twindow.location.reload();\n\t\t\t\t\t} else {\n\t\t\t\t\t\tnotify_info(msg);\n\t\t\t\t\t}\n\t\t\t} });\n\t\t}\n\t\t</script>"; print '<div dojoType="dijit.layout.BorderContainer" gutters="false">'; print '<div dojoType="dijit.layout.ContentPane" region="center" style="overflow-y : auto">'; if ($_SESSION["profile"]) { print_notice("Some preferences are only available in default profile."); } if ($_SESSION["profile"]) { initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { initialize_user_prefs($this->link, $_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } $result = db_query($this->link, "SELECT DISTINCT\n\t\t\tttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,\n\t\t\tsection_name,def_value,section_id\n\t\t\tFROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs\n\t\t\tWHERE type_id = ttrss_prefs_types.id AND\n\t\t\t\t{$profile_qpart} AND\n\t\t\t\tsection_id = ttrss_prefs_sections.id AND\n\t\t\t\tttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND\n\t\t\t\tshort_desc != '' AND\n\t\t\t\towner_uid = " . $_SESSION["uid"] . "\n\t\t\tORDER BY section_id,short_desc"); $lnum = 0; $active_section = ""; while ($line = db_fetch_assoc($result)) { if (in_array($line["pref_name"], $prefs_blacklist)) { continue; } if ($_SESSION["profile"] && in_array($line["pref_name"], $profile_blacklist)) { continue; } if ($active_section != $line["section_name"]) { if ($active_section != "") { print "</table>"; } print "<table width=\"100%\" class=\"prefPrefsList\">"; $active_section = $line["section_name"]; print "<tr><td colspan=\"3\"><h3>" . __($active_section) . "</h3></td></tr>"; if ($line["section_id"] == 2) { print "<tr><td width=\"40%\">" . __("Select theme") . "</td>"; $user_theme = get_pref($this->link, "_THEME_ID"); $themes = get_all_themes(); print "<td><select name=\"_THEME_ID\" dojoType=\"dijit.form.Select\">"; print "<option value='Default'>" . __('Default') . "</option>"; print "<option value='----------------' disabled=\"1\">--------</option>"; foreach ($themes as $t) { $base = $t['base']; $name = $t['name']; if ($base == $user_theme) { $selected = "selected=\"1\""; } else { $selected = ""; } print "<option {$selected} value='{$base}'>{$name}</option>"; } print "</select></td></tr>"; } $lnum = 0; } print "<tr>"; $type_name = $line["type_name"]; $pref_name = $line["pref_name"]; $value = $line["value"]; $def_value = $line["def_value"]; $help_text = $line["help_text"]; print "<td width=\"40%\" class=\"prefName\" id=\"{$pref_name}\">" . __($line["short_desc"]); if ($help_text) { print "<div class=\"prefHelp\">" . __($help_text) . "</div>"; } print "</td>"; print "<td class=\"prefValue\">"; if ($pref_name == "USER_TIMEZONE") { $timezones = explode("\n", file_get_contents("lib/timezones.txt")); print_select($pref_name, $value, $timezones, 'dojoType="dijit.form.FilteringSelect"'); } else { if ($pref_name == "USER_STYLESHEET") { print "<button dojoType=\"dijit.form.Button\"\n\t\t\t\t\tonclick=\"customizeCSS()\">" . __('Customize') . "</button>"; } else { if ($pref_name == "DEFAULT_ARTICLE_LIMIT") { $limits = array(15, 30, 45, 60); print_select($pref_name, $value, $limits, 'dojoType="dijit.form.Select"'); } else { if ($pref_name == "DEFAULT_UPDATE_INTERVAL") { global $update_intervals_nodefault; print_select_hash($pref_name, $value, $update_intervals_nodefault, 'dojoType="dijit.form.Select"'); } else { if ($type_name == "bool") { if ($value == "true") { $value = __("Yes"); } else { $value = __("No"); } if ($pref_name == "PURGE_UNREAD_ARTICLES" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $value = __("Yes"); } else { $disabled = ""; } print_radio($pref_name, $value, __("Yes"), array(__("Yes"), __("No")), $disabled); } else { if (array_search($pref_name, array('FRESH_ARTICLE_MAX_AGE', 'DEFAULT_ARTICLE_LIMIT', 'PURGE_OLD_DAYS', 'LONG_DATE_FORMAT', 'SHORT_DATE_FORMAT')) !== false) { $regexp = $type_name == 'integer' ? 'regexp="^\\d*$"' : ''; if ($pref_name == "PURGE_OLD_DAYS" && FORCE_ARTICLE_PURGE != 0) { $disabled = "disabled=\"1\""; $value = FORCE_ARTICLE_PURGE; } else { $disabled = ""; } print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\trequired=\"1\" {$regexp} {$disabled}\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; } else { if ($pref_name == "SSL_CERT_SERIAL") { print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\tid=\"SSL_CERT_SERIAL\" readonly=\"1\"\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; $cert_serial = htmlspecialchars(get_ssl_certificate_id()); $has_serial = $cert_serial ? "false" : "true"; print " <button dojoType=\"dijit.form.Button\" disabled=\"{$has_serial}\"\n\t\t\t\t\tonclick=\"insertSSLserial('{$cert_serial}')\">" . __('Register') . "</button>"; print " <button dojoType=\"dijit.form.Button\"\n\t\t\t\t\tonclick=\"insertSSLserial('')\">" . __('Clear') . "</button>"; } else { if ($pref_name == 'DIGEST_PREFERRED_TIME') { print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\tid=\"{$pref_name}\" regexp=\"[012]?\\d:\\d\\d\" placeHolder=\"12:00\"\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\"><div class=\"insensitive\">" . T_sprintf("Current server time: %s (UTC)", date("H:i")) . "</div>"; } else { $regexp = $type_name == 'integer' ? 'regexp="^\\d*$"' : ''; print "<input dojoType=\"dijit.form.ValidationTextBox\"\n\t\t\t\t\t{$regexp}\n\t\t\t\t\tname=\"{$pref_name}\" value=\"{$value}\">"; } } } } } } } } print "</td>"; print "</tr>"; $lnum++; } print "</table>"; print '</div>'; # inside pane print '<div dojoType="dijit.layout.ContentPane" region="bottom">'; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">"; print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"saveconfig\">"; print "<button dojoType=\"dijit.form.Button\" type=\"submit\">" . __('Save configuration') . "</button> "; print "<button dojoType=\"dijit.form.Button\" onclick=\"return editProfiles()\">" . __('Manage profiles') . "</button> "; print "<button dojoType=\"dijit.form.Button\" onclick=\"return validatePrefsReset()\">" . __('Reset to defaults') . "</button>"; print '</div>'; # inner pane print '</div>'; # border container print "</form>"; print "</div>"; #pane print "</div>"; #container }
function module_pref_users($link) { global $access_level_names; if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) { print __("Your access level is insufficient to open this tab."); return; } $subop = $_REQUEST["subop"]; if ($subop == "user-details") { header("Content-Type: text/xml"); print "<dlg id=\"{$subop}\">"; $uid = sprintf("%d", $_REQUEST["id"]); print "<title>" . __('User details') . "</title>"; print "<content><![CDATA["; $result = db_query($link, "SELECT login,\n\t\t\t\t" . SUBSTRING_FOR_DATE . "(last_login,1,16) AS last_login,\n\t\t\t\taccess_level,\n\t\t\t\t(SELECT COUNT(int_id) FROM ttrss_user_entries\n\t\t\t\t\tWHERE owner_uid = id) AS stored_articles,\n\t\t\t\t" . SUBSTRING_FOR_DATE . "(created,1,16) AS created\n\t\t\t\tFROM ttrss_users\n\t\t\t\tWHERE id = '{$uid}'"); if (db_num_rows($result) == 0) { print "<h1>" . __('User not found') . "</h1>"; return; } // print "<h1>User Details</h1>"; $login = db_fetch_result($result, 0, "login"); print "<table width='100%'>"; $last_login = make_local_datetime($link, db_fetch_result($result, 0, "last_login"), true); $created = make_local_datetime($link, db_fetch_result($result, 0, "created"), true); $access_level = db_fetch_result($result, 0, "access_level"); $stored_articles = db_fetch_result($result, 0, "stored_articles"); print "<tr><td>" . __('Registered') . "</td><td>{$created}</td></tr>"; print "<tr><td>" . __('Last logged in') . "</td><td>{$last_login}</td></tr>"; $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds\n\t\t\t\tWHERE owner_uid = '{$uid}'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); print "<tr><td>" . __('Subscribed feeds count') . "</td><td>{$num_feeds}</td></tr>"; print "</table>"; print "<h1>" . __('Subscribed feeds') . "</h1>"; $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds\n\t\t\t\tWHERE owner_uid = '{$uid}' ORDER BY title"); print "<ul class=\"userFeedList\">"; $row_class = "odd"; while ($line = db_fetch_assoc($result)) { $icon_file = ICONS_URL . "/" . $line["id"] . ".ico"; if (file_exists($icon_file) && filesize($icon_file) > 0) { $feed_icon = "<img class=\"tinyFeedIcon\" src=\"{$icon_file}\">"; } else { $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">"; } print "<li class=\"{$row_class}\">{$feed_icon} <a href=\"" . $line["site_url"] . "\">" . $line["title"] . "</a></li>"; $row_class = toggleEvenOdd($row_class); } if (db_num_rows($result) < $num_feeds) { // FIXME - add link to show ALL subscribed feeds here somewhere print "<li><img\n\t\t\t\t\tclass=\"tinyFeedIcon\" src=\"images/blank_icon.gif\"> ...</li>"; } print "</ul>"; print "<div align='center'>\n\t\t\t\t<button onclick=\"closeInfoBox()\">" . __("Close this window") . "</button></div>"; print "]]></content></dlg>"; return; } if ($subop == "edit") { header("Content-Type: text/xml"); $id = db_escape_string($_REQUEST["id"]); print "<dlg id=\"{$subop}\">"; print "<title>" . __('User Editor') . "</title>"; print "<content><![CDATA["; print "<form id=\"user_edit_form\" onsubmit='return false'>"; print "<input type=\"hidden\" name=\"id\" value=\"{$id}\">"; print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">"; print "<input type=\"hidden\" name=\"subop\" value=\"editSave\">"; $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '{$id}'"); $login = db_fetch_result($result, 0, "login"); $access_level = db_fetch_result($result, 0, "access_level"); $email = db_fetch_result($result, 0, "email"); $sel_disabled = $id == $_SESSION["uid"] ? "disabled" : ""; print "<div class=\"dlgSec\">" . __("User") . "</div>"; print "<div class=\"dlgSecCont\">"; if ($sel_disabled) { print "<input type=\"hidden\" name=\"login\" value=\"{$login}\">"; print "<input size=\"30\" style=\"font-size : 16px\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, userEditSave)\" {$sel_disabled}\n\t\t\t\t\tvalue=\"{$login}\">"; } else { print "<input size=\"30\" style=\"font-size : 16px\"\n\t\t\t\t\tonkeypress=\"return filterCR(event, userEditSave)\" {$sel_disabled}\n\t\t\t\t\tname=\"login\" value=\"{$login}\">"; } print "</div>"; print "<div class=\"dlgSec\">" . __("Authentication") . "</div>"; print "<div class=\"dlgSecCont\">"; print __('Access level: ') . " "; if (!$sel_disabled) { print_select_hash("access_level", $access_level, $access_level_names, $sel_disabled); } else { print_select_hash("", $access_level, $access_level_names, $sel_disabled); print "<input type=\"hidden\" name=\"access_level\" value=\"{$access_level}\">"; } print "<br/>"; print __('Change password to') . " <input size=\"20\" onkeypress=\"return filterCR(event, userEditSave)\"\n\t\t\t\tname=\"password\">"; print "</div>"; print "<div class=\"dlgSec\">" . __("Options") . "</div>"; print "<div class=\"dlgSecCont\">"; print __('E-mail: ') . " <input size=\"30\" name=\"email\" onkeypress=\"return filterCR(event, userEditSave)\"\n\t\t\t\tvalue=\"{$email}\">"; print "</div>"; print "</table>"; print "</form>"; print "<div class=\"dlgButtons\">\n\t\t\t\t<button onclick=\"return userEditSave()\">" . __('Save') . "</button>\n\t\t\t\t<button onclick=\"return userEditCancel()\">" . __('Cancel') . "</button></div>"; print "]]></content></dlg>"; return; } if ($subop == "editSave") { if ($_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_REQUEST["login"])); $uid = db_escape_string($_REQUEST["id"]); $access_level = (int) $_REQUEST["access_level"]; $email = db_escape_string(trim($_REQUEST["email"])); $password = db_escape_string(trim($_REQUEST["password"])); if ($password) { $pwd_hash = encrypt_password($password, $login); $pass_query_part = "pwd_hash = '{$pwd_hash}', "; $status_msg = format_notice(T_sprintf('Changed password of user <b>%s</b>.', $login)); } else { $pass_query_part = ""; } db_query($link, "UPDATE ttrss_users SET {$pass_query_part} login = '******',\n\t\t\t\t\taccess_level = '{$access_level}', email = '{$email}' WHERE id = '{$uid}'"); } } else { if ($subop == "remove") { if ($_SESSION["access_level"] >= 10) { $ids = split(",", db_escape_string($_REQUEST["ids"])); foreach ($ids as $id) { if ($id != $_SESSION["uid"] && $id != 1) { db_query($link, "DELETE FROM ttrss_tags WHERE owner_uid = '{$id}'"); db_query($link, "DELETE FROM ttrss_feeds WHERE owner_uid = '{$id}'"); db_query($link, "DELETE FROM ttrss_users WHERE id = '{$id}'"); } } } } else { if ($subop == "add") { if ($_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); $pwd_hash = encrypt_password($tmp_user_pwd, $login); $result = db_query($link, "SELECT id FROM ttrss_users WHERE\n\t\t\t\t\tlogin = '******'"); if (db_num_rows($result) == 0) { db_query($link, "INSERT INTO ttrss_users\n\t\t\t\t\t\t(login,pwd_hash,access_level,last_login,created)\n\t\t\t\t\t\tVALUES ('{$login}', '{$pwd_hash}', 0, null, NOW())"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE\n\t\t\t\t\t\tlogin = '******' AND pwd_hash = '{$pwd_hash}'"); if (db_num_rows($result) == 1) { $new_uid = db_fetch_result($result, 0, "id"); $status_msg = format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>", $login, $tmp_user_pwd)); initialize_user($link, $new_uid); } else { $status_msg = format_warning(T_sprintf("Could not create user <b>%s</b>", $login)); } } else { $status_msg = format_warning(T_sprintf("User <b>%s</b> already exists.", $login)); } } } else { if ($subop == "resetPass") { if ($_SESSION["access_level"] >= 10) { $uid = db_escape_string($_REQUEST["id"]); $result = db_query($link, "SELECT login,email\n\t\t\t\t\tFROM ttrss_users WHERE id = '{$uid}'"); $login = db_fetch_result($result, 0, "login"); $email = db_fetch_result($result, 0, "email"); $tmp_user_pwd = make_password(8); $pwd_hash = encrypt_password($tmp_user_pwd, $login); db_query($link, "UPDATE ttrss_users SET pwd_hash = '{$pwd_hash}'\n\t\t\t\t\tWHERE id = '{$uid}'"); $status_msg = format_notice(T_sprintf("Changed password of user <b>%s</b>\n\t\t\t\t\t to <b>%s</b>", $login, $tmp_user_pwd)); if ($email) { $status_msg += format_notice(T_sprintf("Notifying <b>%s</b>.", $email)); require_once "lib/MiniTemplator.class.php"; $tpl = new MiniTemplator(); $tpl->readTemplateFromFile("templates/resetpass_template.txt"); $tpl->setVariable('LOGIN', $login); $tpl->setVariable('NEWPASS', $tmp_user_pwd); $tpl->addBlock('message'); $message = ""; $tpl->generateOutputToString($message); $mail = new PHPMailer(); $mail->PluginDir = "lib/phpmailer/"; $mail->SetLanguage("en", "lib/phpmailer/language/"); $mail->CharSet = "UTF-8"; $mail->From = DIGEST_FROM_ADDRESS; $mail->FromName = DIGEST_FROM_NAME; $mail->AddAddress($email, $login); if (DIGEST_SMTP_HOST) { $mail->Host = DIGEST_SMTP_HOST; $mail->Mailer = "smtp"; $mail->SMTPAuth = DIGEST_SMTP_LOGIN != ''; $mail->Username = DIGEST_SMTP_LOGIN; $mail->Password = DIGEST_SMTP_PASSWORD; } $mail->IsHTML(false); $mail->Subject = __("[tt-rss] Password change notification"); $mail->Body = $message; $rc = $mail->Send(); if (!$rc) { print_error($mail->ErrorInfo); } /* mail("$login <$email>", "Password reset notification", "Hi, $login.\n". "\n". "Your password for this TT-RSS installation was reset by". " an administrator.\n". "\n". "Your new password is $tmp_user_pwd, please remember". " it for later reference.\n". "\n". "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); */ } print "</div>"; } } } } } print "<div id=\"pref-user-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">"; print "<div id=\"pref-user-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">"; print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">"; $user_search = db_escape_string($_REQUEST["search"]); if (array_key_exists("search", $_REQUEST)) { $_SESSION["prefs_user_search"] = $user_search; } else { $user_search = $_SESSION["prefs_user_search"]; } print "<div style='float : right; padding-right : 4px;'>\n\t\t\t<input dojoType=\"dijit.form.TextBox\" id=\"user_search\" size=\"20\" type=\"search\"\n\t\t\t\tvalue=\"{$user_search}\">\n\t\t\t<button dojoType=\"dijit.form.Button\" onclick=\"javascript:updateUsersList()\">" . __('Search') . "</button>\n\t\t\t</div>"; $sort = db_escape_string($_REQUEST["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; } print "<div dojoType=\"dijit.form.DropDownButton\">" . "<span>" . __('Select') . "</span>"; print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">"; print "<div onclick=\"selectTableRows('prefUserList', 'all')\"\n\t\t\tdojoType=\"dijit.MenuItem\">" . __('All') . "</div>"; print "<div onclick=\"selectTableRows('prefUserList', 'none')\"\n\t\t\tdojoType=\"dijit.MenuItem\">" . __('None') . "</div>"; print "</div></div>"; print "<button dojoType=\"dijit.form.Button\" onclick=\"javascript:addUser()\">" . __('Create user') . "</button>"; print "\n\t\t\t<button dojoType=\"dijit.form.Button\" onclick=\"javascript:selectedUserDetails()\">" . __('Details') . "</button dojoType=\"dijit.form.Button\">\n\t\t\t<button dojoType=\"dijit.form.Button\" onclick=\"javascript:editSelectedUser()\">" . __('Edit') . "</button dojoType=\"dijit.form.Button\">\n\t\t\t<button dojoType=\"dijit.form.Button\" onclick=\"javascript:removeSelectedUsers()\">" . __('Remove') . "</button dojoType=\"dijit.form.Button\">\n\t\t\t<button dojoType=\"dijit.form.Button\" onclick=\"javascript:resetSelectedUserPass()\">" . __('Reset password') . "</button dojoType=\"dijit.form.Button\">"; print "</div>"; #toolbar print "</div>"; #pane print "<div id=\"pref-user-content\" dojoType=\"dijit.layout.ContentPane\" region=\"center\">"; print "<p>{$status_msg}"; if ($user_search) { $user_search = split(" ", $user_search); $tokens = array(); foreach ($user_search as $token) { $token = trim($token); array_push($tokens, "(UPPER(login) LIKE UPPER('%{$token}%'))"); } $user_search_query = "(" . join($tokens, " AND ") . ") AND "; } else { $user_search_query = ""; } $result = db_query($link, "SELECT\n\t\t\t\tid,login,access_level,email,\n\t\t\t\t" . SUBSTRING_FOR_DATE . "(last_login,1,16) as last_login,\n\t\t\t\t" . SUBSTRING_FOR_DATE . "(created,1,16) as created\n\t\t\tFROM\n\t\t\t\tttrss_users\n\t\t\tWHERE\n\t\t\t\t{$user_search_query}\n\t\t\t\tid > 0\n\t\t\tORDER BY {$sort}"); if (db_num_rows($result) > 0) { print "<p><table width=\"100%\" cellspacing=\"0\"\n\t\t\tclass=\"prefUserList\" id=\"prefUserList\">"; print "<tr class=\"title\">\n\t\t\t\t\t<td align='center' width=\"5%\"> </td>\n\t\t\t\t\t<td width=''><a href=\"#\" onclick=\"updateUsersList('login')\">" . __('Login') . "</a></td>\n\t\t\t\t\t<td width='20%'><a href=\"#\" onclick=\"updateUsersList('access_level')\">" . __('Access Level') . "</a></td>\n\t\t\t\t\t<td width='20%'><a href=\"#\" onclick=\"updateUsersList('created')\">" . __('Registered') . "</a></td>\n\t\t\t\t\t<td width='20%'><a href=\"#\" onclick=\"updateUsersList('last_login')\">" . __('Last login') . "</a></td></tr>"; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = $lnum % 2 ? "even" : "odd"; $uid = $line["id"]; $edit_uid = $_REQUEST["id"]; if ($subop == "edit" && $uid != $edit_uid) { $class .= " Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"UMRR-{$uid}\""; } print "<tr class=\"{$class}\" {$this_row_id}>"; $line["login"] = htmlspecialchars($line["login"]); $line["created"] = make_local_datetime($link, $line["created"], false); $line["last_login"] = make_local_datetime($link, $line["last_login"], false); print "<td align='center'><input onclick='toggleSelectRow(this);'\n\t\t\t\ttype=\"checkbox\" id=\"UMCHK-{$uid}\"></td>"; $onclick = "onclick='editUser({$uid}, event)' title='" . __('Click to edit') . "'"; print "<td {$onclick}>" . $line["login"] . "</td>"; if (!$line["email"]) { $line["email"] = " "; } print "<td {$onclick}>" . $access_level_names[$line["access_level"]] . "</td>"; print "<td {$onclick}>" . $line["created"] . "</td>"; print "<td {$onclick}>" . $line["last_login"] . "</td>"; print "</tr>"; ++$lnum; } print "</table>"; } else { print "<p>"; if (!$user_search) { print_warning(__('No users defined.')); } else { print_warning(__('No matching users found.')); } print "</p>"; } print "</div>"; #pane print "</div>"; #container }