/**
boolean - TRUE or FALSE only
text - arbritrary text
textarea - arbritrary text
email - email address
number - enforce a numeric value
datemask - enforce a date mask.
usertype - Restrict to a single user type only.
usertype_array - Restrict to set of user types only.
value_select(option1,option2)
array - keys will be numeric and in sequence only.
*/
function get_group_block_input_field($config_group_item_r, $value)
{
// replace period with '$', so we can avoid PHP auto-replacing '.' with '_' and the
// confusion that will bring.
$config_group_item_r['group_id'] = str_replace('.', '$', $config_group_item_r['group_id']);
$fieldname = $config_group_item_r['group_id'] . '[' . $config_group_item_r['id'] . ']';
if ($config_group_item_r['keyid'] != '0') {
$fieldname .= '[' . $config_group_item_r['keyid'] . ']';
}
switch ($config_group_item_r['type']) {
case 'boolean':
return checkbox_field($fieldname, $config_group_item_r['prompt'], $value !== NULL && $value === TRUE, 'TRUE');
break;
case 'readonly':
return readonly_field($fieldname, htmlspecialchars($value));
break;
case 'text':
return text_field($fieldname, $config_group_item_r['prompt'], 50, 255, 'N', htmlspecialchars($value));
break;
case 'password':
return password_field($fieldname, $config_group_item_r['prompt'], 50, 255, 'N', htmlspecialchars($value));
break;
case 'textarea':
return textarea_field($fieldname, $config_group_item_r['prompt'], 50, 5, 255, 'N', htmlspecialchars($value));
break;
case 'email':
return email_field($fieldname, $config_group_item_r['prompt'], 50, 255, 'N', htmlspecialchars($value));
break;
case 'number':
return number_field($fieldname, $config_group_item_r['prompt'], 10, 50, 'N', htmlspecialchars($value));
break;
case 'datemask':
return text_field($fieldname, $config_group_item_r['prompt'], 50, 255, 'N', htmlspecialchars($value));
break;
case 'instance_attribute_type':
return custom_select($fieldname, fetch_instance_attribute_type_rs(), '%s_attribute_type% - %description%', 1, $value, 's_attribute_type');
break;
case 'language':
return custom_select($fieldname, fetch_language_rs(), '%language%', 1, $value, 'language', NULL, 'default_ind');
break;
case 'theme':
return custom_select($fieldname, get_user_theme_r(), '%value%', 1, $value);
break;
case 'export':
return custom_select($fieldname, array_merge(array(''), get_export_r()), '%value%', 1, $value);
break;
case 'value_select':
$value_options_r = explode(',', $config_group_item_r['subtype']);
return value_select($fieldname, $value_options_r, 1, $value);
break;
case 'array':
$buffer = '';
switch ($config_group_item_r['subtype']) {
case 'text':
case 'number':
$element_name = $config_group_item_r['group_id'] . "[" . $config_group_item_r['id'] . "][]";
$buffer .= "<select name=\"" . $element_name . "\" size=\"5\" MULTIPLE>\n";
if (is_array($value)) {
reset($value);
while (list($key, $val) = each($value)) {
$buffer .= "<option value=\"" . $val . "\" SELECTED>" . $val . "\n";
}
}
$buffer .= "</select>";
$buffer .= "<ul class=\"actionButtons\">";
$buffer .= "<li><input type=\"button\" class=\"button\" value=\"Edit\" onClick=\"updateSelectedOption(this.form['" . $element_name . "'], '" . $config_group_item_r['prompt'] . "', '" . $config_group_item_r['subtype'] . "');\"></li>";
$buffer .= "<li><input type=\"button\" class=\"button\" value=\"Add\" onClick=\"addSelectOption(this.form['" . $element_name . "'], '" . $config_group_item_r['prompt'] . "', '" . $config_group_item_r['subtype'] . "');\"></li>";
$buffer .= "<li><input type=\"button\" class=\"button\" value=\"Delete\" onClick=\"removeSelectedOption(this.form['" . $element_name . "']);\"></li>";
$buffer .= "</ul>";
break;
}
return $buffer;
}
//else
return '>>> ERROR <<<';
}
/**
* @param $op is 'edit' or 'new'
*/
function get_user_input_form($user_r, $HTTP_VARS)
{
global $PHP_SELF;
$buffer .= "<form action=\"{$PHP_SELF}\" method=\"POST\">";
$buffer .= "<table class=\"userInputForm\">";
if (is_not_empty_array($user_r)) {
$buffer .= get_input_field("user_id", NULL, get_opendb_lang_var('userid'), "readonly", "", $user_r['user_id'], TRUE);
} else {
$buffer .= get_input_field("user_id", NULL, get_opendb_lang_var('userid'), "filtered(20,20,a-zA-Z0-9_.)", "Y", $HTTP_VARS['user_id'], TRUE);
}
if (is_not_empty_array($user_r) && !is_user_granted_permission(PERM_ADMIN_USER_PROFILE)) {
$role_r = fetch_role_r($user_r['user_role']);
$buffer .= get_input_field("user_role", NULL, get_opendb_lang_var('user_role'), "readonly", "", $role_r['description'], TRUE);
} else {
$buffer .= format_field(get_opendb_lang_var('user_role'), custom_select('user_role', fetch_user_role_rs($HTTP_VARS['op'] == 'signup' ? EXCLUDE_SIGNUP_UNAVAILABLE_USER : INCLUDE_SIGNUP_UNAVAILABLE_USER), "%description%", '1', ifempty($user_r['user_role'], $HTTP_VARS['user_role']), 'role_name'));
}
$buffer .= get_input_field("fullname", NULL, get_opendb_lang_var('fullname'), "text(30,100)", "Y", ifempty($HTTP_VARS['fullname'], $user_r['fullname']), TRUE);
$buffer .= get_input_field("email_addr", NULL, get_opendb_lang_var('email'), "email(30,100)", "Y", ifempty($HTTP_VARS['email_addr'], $user_r['email_addr']), TRUE);
if (get_opendb_config_var('user_admin', 'user_themes_support') !== FALSE) {
$uid_theme = ifempty($HTTP_VARS['uid_theme'], $user_r['theme']);
$buffer .= format_field(get_opendb_lang_var('user_theme'), custom_select("uid_theme", get_user_theme_r(), "%value%", 1, is_exists_theme($uid_theme) ? $uid_theme : get_opendb_config_var('site', 'theme')));
// If theme no longer exists, then set to default!
}
if (get_opendb_config_var('user_admin', 'user_language_support') !== FALSE) {
// Do not bother with language input field if only one language pack available.
if (fetch_language_cnt() > 1) {
$uid_language = ifempty($HTTP_VARS['uid_language'], $user_r['language']);
$buffer .= format_field(get_opendb_lang_var('user_language'), custom_select('uid_language', fetch_language_rs(), "%language%", 1, is_exists_language($uid_language) ? $uid_language : get_opendb_config_var('site', 'language'), 'language', NULL, 'default_ind'));
// If language no longer exists, then set to default!
}
}
$buffer .= "</table>";
// Now do the addresses
if (is_not_empty_array($user_r)) {
$addr_results = fetch_user_address_type_rs($user_r['user_id'], TRUE);
} else {
$addr_results = fetch_address_type_rs(TRUE);
}
if ($addr_results) {
while ($address_type_r = db_fetch_assoc($addr_results)) {
$v_address_type = strtolower($address_type_r['s_address_type']);
if (is_not_empty_array($user_r)) {
$attr_results = fetch_address_type_attribute_type_rs($address_type_r['s_address_type'], 'update', TRUE);
} else {
$attr_results = fetch_address_type_attribute_type_rs($address_type_r['s_address_type'], 'update', TRUE);
}
if ($attr_results) {
$buffer .= '<h3>' . $address_type_r['description'] . '</h3>';
$buffer .= "<ul class=\"addressIndicators\">";
$buffer .= '<li><input type="checkbox" class="checkbox" name="' . $v_address_type . '[public_address_ind]" value="Y"' . (ifempty($address_type_r['public_address_ind'], $HTTP_VARS[$v_address_type]['public_address_ind']) == 'Y' ? ' CHECKED' : '') . '">' . get_opendb_lang_var('public_address_indicator') . '</li>';
$buffer .= '<li><input type="checkbox" class="checkbox" name="' . $v_address_type . '[borrow_address_ind]" value="Y"' . (ifempty($address_type_r['borrow_address_ind'], $HTTP_VARS[$v_address_type]['borrow_address_ind']) == 'Y' ? ' CHECKED' : '') . '">' . get_opendb_lang_var('borrow_address_indicator') . '</li>';
$buffer .= "</ul>";
$buffer .= "<table class=\"addressInputForm\">";
while ($addr_attribute_type_r = db_fetch_assoc($attr_results)) {
$fieldname = get_field_name($addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
$value = NULL;
if ($address_type_r['sequence_number'] !== NULL) {
if (is_lookup_attribute_type($addr_attribute_type_r['s_attribute_type'])) {
$value = fetch_user_address_lookup_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
} else {
$value = fetch_user_address_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
}
$value = ifempty(filter_item_input_field($addr_attribute_type_r, $HTTP_VARS[$v_address_type][$fieldname]), $value);
} else {
$value = filter_item_input_field($addr_attribute_type_r, $HTTP_VARS[$v_address_type][$fieldname]);
}
// If this is an edit operation - the value must be NOT NULL
// for some widgets to work properly.
if ($address_type_r['sequence_number'] !== NULL && $value === NULL) {
$value = '';
}
$buffer .= get_item_input_field($v_address_type . '[' . $fieldname . ']', $addr_attribute_type_r, NULL, $value);
}
//while
db_free_result($attr_results);
$buffer .= "</table>";
}
//if($attr_results)
}
//while
db_free_result($addr_results);
}
//if($addr_results)
$buffer .= format_help_block(array('img' => 'compulsory.gif', 'text' => get_opendb_lang_var('compulsory_field'), id => 'compulsory'));
if ($HTTP_VARS['op'] == 'new_user') {
$buffer .= "<h3>" . get_opendb_lang_var('password') . "</h3>";
if (get_opendb_config_var('user_admin', 'user_passwd_change_allowed') !== FALSE || is_user_granted_permission(PERM_ADMIN_CHANGE_PASSWORD)) {
$buffer .= "<table class=\"changePasswordForm\">";
if (is_valid_opendb_mailer()) {
$compulsory_ind = 'N';
} else {
$compulsory_ind = 'Y';
}
$buffer .= get_input_field("pwd", NULL, get_opendb_lang_var('new_passwd'), "password(30,40)", $compulsory_ind, "", TRUE);
$buffer .= get_input_field("confirmpwd", NULL, get_opendb_lang_var('confirm_passwd'), "password(30,40)", $compulsory_ind, "", TRUE, NULL, get_opendb_config_var('widgets', 'enable_javascript_validation') !== FALSE ? "if( (this.form.pwd.value.length!=0 || this.form.confirmpwd.value.length!=0) && this.form.pwd.value!=this.form.confirmpwd.value){alert('" . get_opendb_lang_var('passwds_do_not_match') . "'); this.focus(); return false;}" : "");
$buffer .= "\n</table>";
if ($compulsory_ind == 'N') {
$buffer .= format_help_block(get_opendb_lang_var('new_passwd_will_be_autogenerated_if_not_specified'));
}
}
}
if ($HTTP_VARS['op'] == 'signup' && get_opendb_config_var('login.signup', 'disable_captcha') !== TRUE) {
$buffer .= render_secret_image_form_field();
}
if (get_opendb_config_var('widgets', 'enable_javascript_validation') !== FALSE) {
$onclick_event = "if(!checkForm(this.form)){return false;}else{this.form.submit();}";
} else {
$onclick_event = "this.form.submit();";
}
if (is_not_empty_array($user_r)) {
$buffer .= "\n<input type=\"hidden\" name=\"op\" value=\"update\">";
if ($HTTP_VARS['user_id'] != get_opendb_session_var('user_id')) {
$buffer .= "\n<input type=\"button\" class=\"button\" onclick=\"this.form.op.value='update'; {$onclick_event}\" value=\"" . get_opendb_lang_var('update_user') . "\">";
if (is_user_not_activated($HTTP_VARS['user_id'])) {
$buffer .= "\n<input type=\"button\" class=\"button\" onclick=\"this.form.op.value='delete'; this.form.submit();\" value=\"" . get_opendb_lang_var('delete_user') . "\">";
} else {
if (is_user_active($HTTP_VARS['user_id'])) {
$buffer .= "\n<input type=\"button\" class=\"button\" onclick=\"this.form.op.value='deactivate'; this.form.submit();\" value=\"" . get_opendb_lang_var('deactivate_user') . "\">";
}
}
if (!is_user_active($HTTP_VARS['user_id'])) {
$buffer .= "\n<input type=\"button\" class=\"button\" onclick=\"this.form.op.value='activate'; this.form.submit();\" value=\"" . get_opendb_lang_var('activate_user') . "\">";
}
} else {
$buffer .= "\n<input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"" . get_opendb_lang_var('update_details') . "\">";
}
} else {
if ($HTTP_VARS['op'] != 'signup') {
if (is_valid_opendb_mailer()) {
if ($HTTP_VARS['op'] == 'new_user') {
if ($HTTP_VARS['email_user'] == 'Y') {
$checked = "CHECKED";
} else {
$checked = "";
}
} else {
$checked = "CHECKED";
}
$buffer .= "<p><input type=\"checkbox\" class=\"checkbox\" id=\"email_user\" name=\"email_user\" value=\"Y\" {$checked}>" . get_opendb_lang_var('send_welcome_email') . "</p>";
}
$buffer .= "\n<input type=\"hidden\" name=\"op\" value=\"insert\">" . "\n<input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"" . get_opendb_lang_var('add_user') . "\">";
} else {
$buffer .= "\n<input type=\"hidden\" name=\"op\" value=\"signup\">" . "<input type=\"hidden\" name=\"op2\" value=\"send_info\">" . "<input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"" . get_opendb_lang_var('submit') . "\">";
}
}
$buffer .= "\n</form>";
return $buffer;
}
echo "<div class=\"error\">" . get_opendb_lang_var('operation_not_available') . "</div>";
}
} else {
if ($HTTP_VARS['op'] == 'edit-langvars') {
if (is_exists_language($HTTP_VARS['language'])) {
build_langvar_page($HTTP_VARS['language']);
} else {
echo "<div class=\"error\">" . get_opendb_lang_var('operation_not_available') . "</div>";
}
} else {
if ($HTTP_VARS['op'] == '') {
if (is_not_empty_array($errors)) {
echo format_error_block($errors);
}
// list languages and options
$results = fetch_language_rs();
if ($results) {
echo "<table><tr class=\"navbar\">\n\t\t\t<th>Language</th>\n\t\t\t<th>Description</th>\n\t\t\t<th colspan=2></th>\n\t\t\t</tr>";
while ($language_r = db_fetch_assoc($results)) {
echo "<tr>\n\t\t\t\t<td class=\"data\">" . $language_r['language'] . "</td>\n\t\t\t\t<td class=\"data\">" . $language_r['description'] . "</td>\n\t\t\t\t<td class=\"data\"><a href=\"{$PHP_SELF}?type={$ADMIN_TYPE}&op=edit-langvars&language={$language_r['language']}\">Language Vars</a>";
// there should be no concept of system table lang vars for the default language, as it should
// always fall back to the system tables themselves.
if (!is_default_language($language_r['language'])) {
echo " / <a href=\"{$PHP_SELF}?type={$ADMIN_TYPE}&op=edit-tables&language={$language_r['language']}\">System Table Vars</a>" . " / <a href=\"{$PHP_SELF}?type={$ADMIN_TYPE}&op=delete&language={$language_r['language']}\">Delete</a>";
}
echo "</td>\n\t\t\t\t<td class=\"data\"><a href=\"{$PHP_SELF}?type={$ADMIN_TYPE}&op=sql&language={$language_r['language']}&mode=job\">SQL</a></td>\n\t\t\t\t</tr>";
}
echo "</table>";
db_free_result($results);
}
function is_not_exists_language($language)