public function getUserTpl() { // Don't let a deity change their deity status // Don't let non-deities change status if (Current_User::isDeity() && !Current_User::isUser($this->id)) { if ($this->isDeity()) { $dvars['QUESTION'] = dgettext('users', 'Are you sure you want to remove deity status?'); $dvars['ADDRESS'] = PHPWS_Text::linkAddress('users', array('action' => 'admin', 'command' => 'mortalize_user', 'user_id' => $this->id), 1); $dvars['LINK'] = sprintf('<i class="fa fa-cloud" title="%s"></i>', dgettext('users', 'Deity')); $links[] = javascript('confirm', $dvars); } else { $dvars['QUESTION'] = dgettext('users', 'Are you sure you want to deify this user?'); $dvars['ADDRESS'] = PHPWS_Text::linkAddress('users', array('action' => 'admin', 'command' => 'deify_user', 'user_id' => $this->id), 1); $dvars['LINK'] = sprintf('<i class="fa fa-male" title="%s"></i>', dgettext('users', 'Mortal')); $links[] = javascript('confirm', $dvars); } } $linkVar['action'] = 'admin'; $linkVar['user_id'] = $this->id; if ($this->isActive()) { if (!$this->deity) { $linkVar['command'] = 'deactivateUser'; $template['ACTIVE'] = PHPWS_Text::secureLink(dgettext('users', 'Yes'), 'users', $linkVar, null, dgettext('users', 'Deactivate this user')); } else { $template['ACTIVE'] = dgettext('users', 'Yes'); } } else { if (!$this->deity) { $linkVar['command'] = 'activateUser'; $template['ACTIVE'] = PHPWS_Text::secureLink(dgettext('users', 'No'), 'users', $linkVar, null, dgettext('users', 'Activate this user')); } else { $template['ACTIVE'] = dgettext('users', 'No'); } } $logged = $this->getLastLogged('%Y/%m/%d %H:%M'); if (empty($logged)) { $template['LAST_LOGGED'] = dgettext('users', 'Never'); } else { $template['LAST_LOGGED'] = $logged; } $template['EMAIL'] = $this->getEmail(true, true); $jsvar['QUESTION'] = sprintf(dgettext('users', 'Are you certain you want to delete the user "%s" permanently?'), $this->getUsername()); $link = new PHPWS_Link(null, 'users', array('action' => 'admin', 'command' => 'deleteUser', 'user_id' => $this->id), true); $link->setSalted(); $jsvar['ADDRESS'] = $link->getAddress(); $jsvar['LINK'] = '<i class="fa fa-trash-o" title="' . dgettext('users', 'Delete user') . '"></i>'; $linkVar['command'] = 'editUser'; $links[] = PHPWS_Text::secureLink('<i class="fa fa-edit"></i>', 'users', $linkVar); $linkVar['command'] = 'setUserPermissions'; $links[] = PHPWS_Text::secureLink('<i class="fa fa-key" title="' . dgettext('users', 'Permissions') . '"></i>', 'users', $linkVar); if (!$this->isDeity() && $this->id != Current_User::getId()) { $links[] = Layout::getJavascript('confirm', $jsvar); } $template['ACTIONS'] = implode(' ', $links); if ($this->deity && !Current_User::isDeity()) { unset($template['ACTIONS']); } return $template; }
public static function main() { if (!Current_User::authorized('blog')) { Current_User::disallow(dgettext('blog', 'User attempted access to Blog administration.')); return; } $title = $content = NULL; $message = Blog_Admin::getForward(); $panel = Blog_Admin::cpanel(); $panel->enableSecure(); if (isset($_REQUEST['command'])) { $command = $_REQUEST['command']; } else { $command = $panel->getCurrentTab(); } if (isset($_REQUEST['blog_id'])) { $blog = new Blog((int) $_REQUEST['blog_id']); } else { $blog = new Blog(); } switch ($command) { case 'edit': $panel->setCurrentTab('list'); if (!Current_User::isUser($blog->author_id) && !Current_User::authorized('blog', 'edit_blog', $_REQUEST['blog_id'], 'entry')) { Current_User::disallow(dgettext('blog', 'User tried to edit a blog.')); return; } $title = dgettext('blog', 'Update Blog Entry'); $content = Blog_Form::edit($blog); break; case 'new': $title = dgettext('blog', 'New Blog Entry'); $content = Blog_Form::edit($blog); break; case 'delete': //Blog_Admin::resetCache(); $result = $blog->delete(); Blog_Admin::setForward(dgettext('blog', 'Blog entry deleted.'), 'list'); break; case 'list': $title = dgettext('blog', 'Blog Entries'); $content = Blog_Admin::entry_list(); break; case 'menu_submit_link': Menu::pinLink(dgettext('blog', 'Submit entry'), 'index.php?module=blog&action=user&action=submit'); PHPWS_Core::reroute('index.php?module=blog&action=admin&tab=settings&authkey=' . Current_User::getAuthKey()); break; case 'sticky': if (!Current_User::isUnrestricted('blog')) { Current_User::disallow(); } Blog_Admin::sticky($blog); PHPWS_Core::goBack(); break; case 'unsticky': if (!Current_User::isUnrestricted('blog')) { Current_User::disallow(); } Blog_Admin::unsticky($blog); PHPWS_Core::goBack(); break; case 'post_entry': $title = dgettext('blog', 'Blog Archive'); $panel->setCurrentTab('list'); $blog->post_entry(); $link_back = PHPWS_Text::linkAddress('blog', array('action' => 'admin', 'tab' => 'list'), TRUE); if ($blog->_error) { if (empty($blog->id)) { $panel->setCurrentTab('new'); } $content = Blog_Form::edit($blog); } else { if (!isset($_POST['blog_id']) && PHPWS_Core::isPosted()) { Blog_Admin::setForward(dgettext('blog', 'Entry saved successfully.'), 'list'); } $result = $blog->save(); //Blog_Admin::resetCache(); if (PHPWS_Error::isError($result)) { $message = dgettext('blog', 'An error occurred when trying to save your entry. Please check your logs.'); PHPWS_Error::log($result); Blog_Admin::setForward($message, 'list'); } if (!$blog->approved) { Blog_Admin::setForward(dgettext('blog', 'Your entry is being held for approval.'), 'list'); } else { PHPWS_Core::reroute($blog->getViewLink(true)); } } break; case 'reset_cache': Blog_Admin::resetCache(); PHPWS_Core::goBack(); break; case 'post_settings': if (!Current_User::authorized('blog', 'settings')) { Current_User::disallow(); return; } if (Current_User::isDeity() && isset($_POST['purge_confirm'])) { $title = dgettext('blog', 'Purge Blog Entries'); $content = Blog_Admin::confirmPurge($_POST['purge_date']); break; } Blog_Admin::postSettings(); $message = dgettext('blog', 'Blog settings saved.'); case 'settings': if (!Current_User::allow('blog', 'settings')) { Current_User::disallow(); return; } $panel->setCurrentTab('settings'); $title = dgettext('blog', 'Blog Settings'); $content = Blog_Form::settings(); break; case 'purge_entries': if (Current_User::authorized('blog') && Current_User::isDeity()) { Blog_Admin::purgeEntries($_GET['pd']); $message = dgettext('blog', 'Blog entries purged.'); } $content = Blog_Form::settings(); } Layout::add(PHPWS_ControlPanel::display($panel->display($content, $title, $message))); }