exit; } /******************************************************************************/ $user_id = tfb_getRequestVar('user_id'); $org_user_id = tfb_getRequestVar('org_user_id'); $pass1 = tfb_getRequestVar('pass1'); $userType = tfb_getRequestVar('userType'); $hideOffline = tfb_getRequestVar('hideOffline'); $user_id = strtolower($user_id); if (!(IsUser($user_id) && $user_id != $org_user_id)) { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline); AuditAction($cfg["constants"]["admin"], $cfg['_EDITUSER'] . ": " . $user_id); @header("location: admin.php"); exit; } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.updateUser.tmpl"); // set vars $tmpl->setvar('user_id', $user_id); $tmpl->setvar('org_user_id', $org_user_id); // $tmpl->setvar('_TRYDIFFERENTUSERID', $cfg['_TRYDIFFERENTUSERID']); $tmpl->setvar('_HASBEENUSED', $cfg['_HASBEENUSED']); $tmpl->setvar('_RETURNTOEDIT', $cfg['_RETURNTOEDIT']); // tmplSetTitleBar("Administration - Update User");
function updateUser($user_id, $org_user_id, $pass1, $userType, $hideOffline) { global $cfg; $user_id = strtolower($user_id); if (IsUser($user_id) && $user_id != $org_user_id) { DisplayHead(_ADMINISTRATION); // Admin Menu displayMenu(); echo "<br><div align=\"center\">" . _TRYDIFFERENTUSERID . "<br><strong>" . $user_id . "</strong> " . _HASBEENUSED . "<br><br><br>"; echo "[<a href=\"admin.php?op=editUser&user_id=" . $org_user_id . "\">" . _RETURNTOEDIT . " " . $org_user_id . "</a>]</div><br><br><br>"; DisplayFoot(true, true); } else { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline); AuditAction($cfg["constants"]["admin"], _EDITUSER . ": " . $user_id); header("location: admin.php"); } }
$pass1 = tfb_getRequestVar('pass1'); $pass2 = tfb_getRequestVar('pass2'); $userType = tfb_getRequestVar('userType'); $hideOffline = tfb_getRequestVar('hideOffline'); $user_id = strtolower($user_id); $email_address = strtolower($email_address); // check password $passwordCheck = $pass1 != '' && $pass2 != '' ? checkPassword($pass1, $pass2) : true; // update user if (!empty($user_id) && ($passwordCheck === true && IsUser($user_id) || $user_id == $org_user_id && IsUser($org_user_id))) { // Admin is changing id or password through edit screen if (($user_id == $cfg["user"] || $cfg["user"] == $org_user_id) && $pass1 != "") { // this will expire the user $_SESSION['user'] = md5($cfg["pagetitle"]); } updateThisUser($user_id, $org_user_id, $pass1, $userType, $hideOffline, $email_address); AuditAction($cfg["constants"]["admin"], $cfg['_EDITUSER'] . ": " . $user_id); @header("location: admin.php?op=editUser&user_id=" . urlencode($user_id)); exit; } else { AuditAction($cfg["constants"]["error"], $cfg['_EDITUSER'] . ": uname to edit " . $user_id); } // init template-instance tmplInitializeInstance($cfg["theme"], "page.admin.updateUser.tmpl"); // set vars $tmpl->setvar('user_id', $user_id); $tmpl->setvar('org_user_id', $org_user_id); $tmpl->setvar('email_address', $email_address); // error $tmpl->setvar('_ERROR', $cfg['_ERROR']); // error-vars