Пример #1
0
     } else {
         $errors[] = lang("SQL_ERROR");
     }
 } else {
     //Update display name
     if ($userdetails['display_name'] != $_POST['display']) {
         $displayname = trim($_POST['display']);
         //Validate display name
         if (displayNameExists($displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
         } elseif (minMaxRange(5, 25, $displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
         } elseif (!ctype_alnum($displayname)) {
             $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
         } else {
             if (updateDisplayName($userId, $displayname)) {
                 $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         }
     } else {
         $displayname = $userdetails['display_name'];
     }
     //Activate account
     if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
         if (setUserActive($userdetails['activation_token'])) {
             $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
         } else {
             $errors[] = lang("SQL_ERROR");
         }
Пример #2
0
 public function index()
 {
     /*
     UserCake (Via CupCake) Version: 2.0.2
     http://usercake.com
     */
     global $baseURL;
     require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
     if (!securePage($_SERVER['PHP_SELF'])) {
         die;
     }
     $userId = $_GET['id'];
     //Check if selected user exists
     if (!userIdExists($userId)) {
         header("Location: " . str_replace('index.php/', '', site_url('admin_users')));
         die;
     }
     $userdetails = fetchUserDetails(NULL, NULL, $userId);
     //Fetch user details
     //Forms posted
     if (!empty($_POST)) {
         //Delete selected account
         if (!empty($_POST['delete'])) {
             $deletions = $_POST['delete'];
             if ($deletion_count = deleteUsers($deletions)) {
                 $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
             } else {
                 $errors[] = lang("SQL_ERROR");
             }
         } else {
             //Update display name
             if ($userdetails['display_name'] != $_POST['display']) {
                 $displayname = trim($_POST['display']);
                 //Validate display name
                 if (displayNameExists($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE", array($displayname));
                 } elseif (minMaxRange(5, 25, $displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT", array(5, 25));
                 } elseif (!ctype_alnum($displayname)) {
                     $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");
                 } else {
                     if (updateDisplayName($userId, $displayname)) {
                         $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             } else {
                 $displayname = $userdetails['display_name'];
             }
             //Activate account
             if (isset($_POST['activate']) && $_POST['activate'] == "activate") {
                 if (setUserActive($userdetails['activation_token'])) {
                     $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             //Update email
             if ($userdetails['email'] != $_POST['email']) {
                 $email = trim($_POST["email"]);
                 //Validate email
                 if (!isValidEmail($email)) {
                     $errors[] = lang("ACCOUNT_INVALID_EMAIL");
                 } elseif (emailExists($email)) {
                     $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));
                 } else {
                     if (updateEmail($userId, $email)) {
                         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Update title
             if ($userdetails['title'] != $_POST['title']) {
                 $title = trim($_POST['title']);
                 //Validate title
                 if (minMaxRange(1, 50, $title)) {
                     $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 50));
                 } else {
                     if (updateTitle($userId, $title)) {
                         $successes[] = lang("ACCOUNT_TITLE_UPDATED", array($displayname, $title));
                     } else {
                         $errors[] = lang("SQL_ERROR");
                     }
                 }
             }
             //Remove permission level
             if (!empty($_POST['removePermission'])) {
                 $remove = $_POST['removePermission'];
                 if ($deletion_count = removePermission($remove, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array($deletion_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             if (!empty($_POST['addPermission'])) {
                 $add = $_POST['addPermission'];
                 if ($addition_count = addPermission($add, $userId)) {
                     $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array($addition_count));
                 } else {
                     $errors[] = lang("SQL_ERROR");
                 }
             }
             $userdetails = fetchUserDetails(NULL, NULL, $userId);
         }
     }
     $userPermission = fetchUserPermissions($userId);
     $permissionData = fetchAllPermissions();
     require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
     echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin User</h2>\r\n<div id='left-nav'>";
     include "{$baseURL}/application/third_party/user_cake/left-nav.php";
     echo "\r\n</div>\r\n<div id='main'>";
     echo resultBlock($errors, $successes);
     echo "\r\n<form name='adminUser' action='" . $_SERVER['PHP_SELF'] . "?id=" . $userId . "' method='post'>\r\n<table class='admin'><tr><td>\r\n<h3>User Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $userdetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Username:</label>\r\n" . $userdetails['user_name'] . "\r\n</p>\r\n<p>\r\n<label>Display Name:</label>\r\n<input type='text' name='display' value='" . $userdetails['display_name'] . "' />\r\n</p>\r\n<p>\r\n<label>Email:</label>\r\n<input type='text' name='email' value='" . $userdetails['email'] . "' />\r\n</p>\r\n<p>\r\n<label>Active:</label>";
     //Display activation link, if account inactive
     if ($userdetails['active'] == '1') {
         echo "Yes";
     } else {
         echo "No\r\n\t</p>\r\n\t<p>\r\n\t<label>Activate:</label>\r\n\t<input type='checkbox' name='activate' id='activate' value='activate'>\r\n\t";
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Title:</label>\r\n<input type='text' name='title' value='" . $userdetails['title'] . "' />\r\n</p>\r\n<p>\r\n<label>Sign Up:</label>\r\n" . date("j M, Y", $userdetails['sign_up_stamp']) . "\r\n</p>\r\n<p>\r\n<label>Last Sign In:</label>";
     //Last sign in, interpretation
     if ($userdetails['last_sign_in_stamp'] == '0') {
         echo "Never";
     } else {
         echo date("j M, Y", $userdetails['last_sign_in_stamp']);
     }
     echo "\r\n</p>\r\n<p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $userdetails['id'] . "]' id='delete[" . $userdetails['id'] . "]' value='" . $userdetails['id'] . "'>\r\n</p>\r\n<p>\r\n<label>&nbsp;</label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>Remove Permission:";
     //List of permission levels user is apart of
     foreach ($permissionData as $v1) {
         if (isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     //List of permission levels user is not apart of
     echo "</p><p>Add Permission:";
     foreach ($permissionData as $v1) {
         if (!isset($userPermission[$v1['id']])) {
             echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
         }
     }
     echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
 }