function edit()
{
global $mainframe, $option;
$db =& JFactory::getDBO();
$user =& JFactory::getUser();
$task = JRequest::getVar('task');
$cid = JRequest::getVar('cid', array(0), '', 'array');
$option = JRequest::getCmd('option');
$section = JRequest::getVar('section');
JArrayHelper::toInteger($cid, array(0));
// Prüfen ob User Berechtigung zum editieren hat //
$row =& JTable::getInstance('users', 'TableCLM');
$row->load($cid[0]);
$id = $row->jid;
$jid = $user->get('id');
$gid = $user->get('gid');
$sid = $row->sid;
// illegaler Einbruchversuch über URL !
// evtl. mitschneiden !?!
$saison =& JTable::getInstance('saisons', 'TableCLM');
$saison->load($sid);
if ($saison->archiv == "1" and CLM_usertype !== 'admin') {
JError::raiseWarning(500, JText::_('USERS_USER_BEAR'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg);
}
if ($cid[0] == "" and $task == 'edit') {
JError::raiseWarning(500, JText::_('USERS_FALSCH'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg);
}
$acl =& JFactory::getACL();
$objectID = $acl->get_object_id('users', $id, 'ARO');
$groups = $acl->get_object_groups($objectID, 'ARO');
$this_group = strtolower($acl->get_group_name($groups[0], 'ARO'));
// User 62 (1. Superadmin) kann von niemanden geändert werden
$user_publish = new JUser($id);
if ($user_publish->get('id') == 62 and $user->get('id') != 62) {
JError::raiseWarning(500, JText::_('USERS_USER_NO'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
// Es können keine Admin / Superadmin geändert werden von nicht-Superadmin-User
if ($user_publish->get('gid') > 23 and $gid < 25) {
JError::raiseWarning(500, JText::_('USERS_NO_JOMMLA_ADMIN'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
// User kann nur niedrigere CLM-Berechtigungen ändern
$sql = "SELECT usertype, user_clm, jid FROM #__clm_user WHERE jid =" . $jid;
$db->setQuery($sql);
$clmuser = $db->loadObjectList();
if ($clmuser[0]->user_clm <= $row->user_clm and $jid != $row->jid and $gid != 25) {
JError::raiseWarning(500, JText::_('USERS_BENUTZER'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg);
}
if ($task == 'edit') {
// do stuff for existing records
$row->checkout($user->get('id'));
} else {
// do stuff for new records
$row->published = 0;
$row->aktive = 0;
}
// Vereinefilter laden
require_once JPATH_COMPONENT . DS . 'controllers' . DS . 'filter_vereine.php';
$vereinlist = CLMFilterVerein::vereine_filter(0);
$filter_vid = $mainframe->getUserStateFromRequest("{$option}.filter_vid", 'filter_vid', 0, 'string');
if ($filter_vid != "0") {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $filter_vid);
} else {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $row->zps);
}
// Publishliste
$lists['published'] = JHTML::_('select.booleanlist', 'published', 'class="inputbox"', $row->published);
// Saisonliste
if ($task == "edit") {
$sql = 'SELECT id as sid, name FROM #__clm_saison WHERE id=' . $sid;
} else {
$sql = 'SELECT id as sid, name FROM #__clm_saison WHERE archiv =0';
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
if ($task != "edit") {
$saisonlist[] = JHTML::_('select.option', '0', JText::_('USERS_SAISON'), 'sid', 'name');
$saisonlist = array_merge($saisonlist, $db->loadObjectList());
} else {
$saisonlist = $db->loadObjectList();
}
$lists['saison'] = JHTML::_('select.genericlist', $saisonlist, 'sid', 'class="inputbox" size="1"', 'sid', 'name', $row->sid);
// Joomla Nutzer ohne CLM Account
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid " . " WHERE a.name IS NULL";
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$jid_list[] = JHTML::_('select.option', '0', JText::_('USERS_USER_AUSW'), 'id', 'name');
$jid_list = array_merge($jid_list, $db->loadObjectList());
$lists['jid'] = JHTML::_('select.genericlist', $jid_list, 'pid', 'class="inputbox" size="1"', 'id', 'name', $row->jid);
// Funktionsliste
// sich selbst bearbeiten
if ($row->jid == $jid) {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype WHERE user_clm < " . ($clmuser[0]->user_clm + 1);
} else {
// Admin
if ($clmuser[0]->usertype == 'admin') {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype ";
} else {
$sql = "SELECT user_clm as user_clm, name " . " FROM #__clm_usertype WHERE user_clm < " . $clmuser[0]->user_clm;
}
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$usertypelist[] = JHTML::_('select.option', '0', JText::_('USERS_TYP'), 'user_clm', 'name');
$usertypelist = array_merge($usertypelist, $db->loadObjectList());
$lists['user_clm'] = JHTML::_('select.genericlist', $usertypelist, 'user_clm', 'class="inputbox" size="1"', 'user_clm', 'name', $row->user_clm);
require_once JPATH_COMPONENT . DS . 'views' . DS . 'users.php';
CLMViewUsers::user($row, $lists, $option);
}
function edit()
{
$mainframe = JFactory::getApplication();
$db = JFactory::getDBO();
$user = JFactory::getUser();
$task = JRequest::getVar('task');
$cid = JRequest::getVar('cid', array(0), '', 'array');
$option = JRequest::getCmd('option');
$section = JRequest::getVar('section');
JArrayHelper::toInteger($cid, array(0));
// Prüfen ob User Berechtigung zum editieren hat //
$row = JTable::getInstance('users', 'TableCLM');
$row->load($cid[0]);
$id = $row->jid;
$jid = $user->get('id');
//$gid = key($user->get('groups')); // 6 = Manager ; 7 = Admin; 8 = Superadmin ; 2= registered
// mit key wird hier nur der erste Schluessel (nicht content, obwohl derzeit identisch!)
// geliefert, beim späteren Zurückschreiben fehlen dann alle weiteren Rechte.
// besser also folgende Version nutzen:
$gids = $user->get('groups');
$gid = 0;
foreach ($gids as $key => $value) {
$ivalue = intval($value);
if ($ivalue == 2 || $ivalue == 6 || $ivalue == 7 || $ivalue == 8) {
if ($ivalue > $gid) {
// Reihenfolge der Values von oben beachten !
$gid = $ivalue;
}
}
}
$sid = $row->sid;
$clmAccess = clm_core::$access;
$usertypestring = $clmAccess->usertypelist();
// usertypes, die der aktive user ändern darf
// illegaler Einbruchversuch über URL !
// evtl. mitschneiden !?!
$saison = JTable::getInstance('saisons', 'TableCLM');
$saison->load($sid);
if ($task != 'add' && $saison->published == "0" && $clmAccess->access('BE_user_general')) {
JError::raiseWarning(500, JText::_('USERS_USER_BEAR'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg, "message");
}
if ($cid[0] == "" and $task == 'edit') {
JError::raiseWarning(500, JText::_('USERS_FALSCH'));
$mainframe->redirect('index.php?option=' . $option . '§ion=' . $section, $msg, "message");
}
$user_publish = new JUser($id);
// Es können keine Admin / Superadmin geändert werden von nicht-Superadmin-User
// Fehler: get('gid') existiert nicht mehr
// also erst wie oben gid laden, dann mit neuer gid prüfen
//if ( $user_publish->get('gid') > 6 AND $gid < 8 )
$newgid = 0;
$newgids = $user_publish->get('groups');
foreach ($newgids as $key => $value) {
$ivalue = intval($value);
if ($ivalue == 2 || $ivalue == 6 || $ivalue == 7 || $ivalue == 8) {
if ($ivalue > $newgid) {
// Reihenfolge der Values von oben beachten !
$newgid = $ivalue;
}
}
}
if ($newgid > 6 and $gid < 8) {
JError::raiseWarning(500, JText::_('USERS_NO_JOMMLA_ADMIN'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg, "message");
}
if (!$clmAccess->compare($row->usertype)) {
JError::raiseWarning(500, JText::_('USERS_BENUTZER'));
$link = 'index.php?option=' . $option . '§ion=' . $section;
$mainframe->redirect($link, $msg, "message");
}
if ($task == 'edit') {
// do stuff for existing records
$row->checkout($user->get('id'));
} else {
// do stuff for new records
$row->published = 0;
$row->aktive = 0;
}
// Vereinefilter laden
$vereinlist = CLMFilterVerein::vereine_filter(0);
$filter_vid = $mainframe->getUserStateFromRequest("{$option}.filter_vid", 'filter_vid', 0, 'string');
if ($filter_vid != "0") {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $filter_vid);
} else {
$lists['verein'] = JHTML::_('select.genericlist', $vereinlist, 'zps', 'class="inputbox" size="1"', 'zps', 'name', $row->zps);
}
// Publishliste
$lists['published'] = JHTML::_('select.booleanlist', 'published', 'class="inputbox"', $row->published);
// Saisonliste
if ($task == "edit") {
$season_list[] = JHTML::_('select.option', $sid, clm_core::$db->saison->get($sid)->name, 'sid', 'name');
$lists['saison'] = JHTML::_('select.genericlist', $season_list, 'sid', 'class="inputbox" size="1"', 'sid', 'name', $row->sid);
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid AND a.sid IN ('" . $sid . "')" . " WHERE a.name IS NULL";
} else {
$season_list[] = JHTML::_('select.option', clm_core::$access->getSeason(), clm_core::$db->saison->get(clm_core::$access->getSeason())->name, 'sid', 'name');
$lists['saison'] = JHTML::_('select.genericlist', $season_list, 'sid', 'class="inputbox" size="1"', 'sid', 'name', clm_core::$access->getSeason());
$sql = " SELECT u.* FROM #__users as u " . " LEFT JOIN #__clm_user as a ON u.id = a.jid AND a.sid IN ('" . clm_core::$access->getSeason() . "')" . " WHERE a.name IS NULL";
}
$db->setQuery($sql);
if (!$db->query()) {
$this->setRedirect('index.php?option=' . $option . '§ion=' . $section);
return JError::raiseWarning(500, $db->getErrorMsg());
}
$jid_list[] = JHTML::_('select.option', '0', JText::_('USERS_USER_AUSW'), 'id', 'name');
$jid_list = array_merge($jid_list, $db->loadObjectList());
$lists['jid'] = JHTML::_('select.genericlist', $jid_list, 'pid', 'class="inputbox" size="1"', 'id', 'name', $row->jid);
// Funktionsliste
$sql = 'SELECT usertype, name FROM #__clm_usertype ';
$sql .= ' WHERE published = 1 ';
if ($usertypestring != "") {
$sql .= 'AND usertype OUT (' . $usertypestring . ' ) ';
}
$sql .= ' ORDER BY ordering ';
$db->setQuery($sql);
$usertypelist[] = JHTML::_('select.option', '', JText::_('USERS_TYP'), 'usertype', 'name');
$usertypelist = array_merge($usertypelist, $db->loadObjectList());
$lists['usertype'] = JHTML::_('select.genericlist', $usertypelist, 'usertype', 'class="inputbox" size="1"', 'usertype', 'name', $row->usertype);
require_once JPATH_COMPONENT . DS . 'views' . DS . 'users.php';
CLMViewUsers::user($row, $lists, $option);
}
public static function user(&$row, $lists, $option)
{
CLMViewUsers::setUserToolbar();
JRequest::setVar('hidemainmenu', 1);
JFilterOutput::objectHTMLSafe($row, ENT_QUOTES, 'extrainfo');
?>
<script language="javascript" type="text/javascript">
Joomla.submitbutton = function (pressbutton) {
var form = document.adminForm;
if (pressbutton == 'cancel') {
submitform( pressbutton );
return;
}
if (form.pid.value =="0") {
// do field validation
if (form.name.value == "") {
alert( "<?php
echo JText::_('USER_NAME_ANGEBEN', true);
?>
" );
} else if (form.username.value == "") {
alert( "<?php
echo JText::_('USER_USER_ANGEBEN', true);
?>
" );
} else if (form.email.value == "") {
alert( "<?php
echo JText::_('USER_MAIL_ANGEBEN', true);
?>
" );
} else if ( getSelectedValue('adminForm','usertype') == "" ) {
alert( "<?php
echo JText::_('USER_FUNKTION_AUSWAEHLEN', true);
?>
" );
} else if ( getSelectedValue('adminForm','zps') == 0 ) {
alert( "<?php
echo JText::_('USER_VEREIN_AUSWAEHLEN', true);
?>
" );
} else {
submitform( pressbutton );
}
} else {
// do field validation
if ( getSelectedValue('adminForm','usertype') == "" ) {
alert( "<?php
echo JText::_('USER_FUNKTION_AUSWAEHLEN', true);
?>
" );
} else if ( getSelectedValue('adminForm','zps') == 0 ) {
alert( "<?php
echo JText::_('USER_VEREIN_AUSWAEHLEN', true);
?>
" );
} else if ( getSelectedValue('adminForm','sid') == 0 ) {
alert( "<?php
echo JText::_('USER_SAISON_AUSWAEHLEN', true);
?>
" );
} else {
submitform( pressbutton );
}
}
}
</script>
<form action="index.php" method="post" name="adminForm" id="adminForm">
<div class="width-50 fltlft">
<fieldset class="adminform">
<legend><?php
echo JText::_('USER_DETAILS');
?>
</legend>
<table class="admintable">
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="name"><?php
echo JText::_('USER_NAME') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="name" id="name" size="30" maxlength="60" value="<?php
echo $row->name;
?>
" /><?php
echo JText::_('USER_EXAMPLE_NAME');
?>
</td>
</tr>
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="username"><?php
echo JText::_('USER') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="username" id="username" size="30" maxlength="60" value="<?php
echo $row->username;
?>
" /><?php
echo JText::_('USER_EXAMPLE_USERNAME');
?>
</td>
</tr>
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="name"><?php
echo JText::_('USER_MAIL') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="email" id="email" size="30" maxlength="60" value="<?php
echo $row->email;
?>
" /><?php
echo JText::_('USER_EXAMPLE_MAIL');
?>
</td>
</tr>
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="name"><?php
echo JText::_('USER_TELEFON') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="tel_fest" id="tel_fest" size="30" maxlength="60" value="<?php
echo $row->tel_fest;
?>
" /><?php
echo JText::_('USER_EXAMPLE_PHONE');
?>
</td>
</tr>
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="name"><?php
echo JText::_('USER_MOBILE') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="tel_mobil" id="tel_mobil" size="30" maxlength="60" value="<?php
echo $row->tel_mobil;
?>
" /><?php
echo JText::_('USER_EXAMPLE_MOBILE');
?>
</td>
</tr>
<tr>
<td class="key" nowrap="nowrap">
<label for="usertype"><?php
echo JText::_('USER_FUNCTION') . ' : ';
?>
</label>
</td>
<td>
<?php
echo $lists['usertype'];
?>
</td>
</tr>
<tr>
<td class="key" nowrap="nowrap"><label for="verein"><?php
echo JText::_('VEREIN') . ' : ';
?>
</label>
</td>
<td>
<?php
echo $lists['verein'];
?>
</td>
</tr>
<tr>
<td class="key" width="20%" nowrap="nowrap">
<label for="name"><?php
echo JText::_('USER_MGNR') . ' : ';
?>
</label>
</td>
<td>
<input class="inputbox" type="text" name="mglnr" id="mglnr" size="30" maxlength="6" value="<?php
echo $row->mglnr;
?>
" /><?php
echo JText::_('USER_EXAMPLE_MGNR');
?>
</td>
</tr>
<tr>
<td class="key" nowrap="nowrap"><label for="sid"><?php
echo JText::_('SAISON') . ' : ';
?>
</label>
</td>
<td>
<?php
echo $lists['saison'];
?>
</td>
</tr>
<tr>
<td class="key" nowrap="nowrap"><label for="published"><?php
echo JText::_('JPUBLISHED') . ' : ';
?>
</label>
</td>
<td><fieldset class="radio">
<?php
echo $lists['published'];
?>
</fieldset></td>
</tr>
<tr>
<!-- <td class="key" nowrap="nowrap"><label for="aktive"><?php
echo JText::_('USER_MAIL') . ' : ';
?>
</label>
</td>
<td>
<?php
//echo $lists['aktive'];
?>
</td>
</tr>
-->
</table>
</fieldset>
</div>
<div class="width-50 fltrt">
<fieldset class="adminform">
<legend><?php
echo JText::_('REMARKS');
?>
</legend>
<table class="adminlist">
<legend><?php
echo JText::_('REMARKS_PUBLIC');
?>
</legend>
<br>
<tr>
<td width="100%" valign="top">
<textarea class="inputbox" name="bemerkungen" id="bemerkungen" cols="40" rows="2" style="width:90%"><?php
echo str_replace('&', '&', $row->bemerkungen);
?>
</textarea>
</td>
</tr>
</table>
<table class="adminlist">
<tr><legend><?php
echo JText::_('REMARKS_INTERNAL');
?>
</legend>
<br>
<td width="100%" valign="top">
<textarea class="inputbox" name="bem_int" id="bem_int" cols="40" rows="2" style="width:90%"><?php
echo str_replace('&', '&', $row->bem_int);
?>
</textarea>
</td>
</tr>
</table>
</fieldset>
<?php
if (JRequest::getVar('task') == 'add') {
?>
<br>
<fieldset class="adminform">
<table class="adminlist">
<legend><?php
echo JText::_('USER_LINE01');
?>
</legend>
<?php
echo JText::_('USER_LINE02');
?>
<br><?php
echo JText::_('USER_LINE03');
?>
.
<br><br>
<tr>
<td width="100%" valign="top">
<?php
echo $lists['jid'];
?>
</td>
</tr>
</table>
</fieldset>
<?php
} else {
?>
<input type="hidden" name="pid" value="0" />
<?php
}
?>
</div>
<div class="clr"></div>
<input type="hidden" name="section" value="users" />
<input type="hidden" name="option" value="com_clm" />
<input type="hidden" name="id" value="<?php
echo $row->id;
?>
" />
<input type="hidden" name="jid" id="jid" value="<?php
echo $row->jid;
?>
" />
<input type="hidden" name="aktive" value="<?php
echo $row->aktive;
?>
" />
<input type="hidden" name="script_task" value="<?php
echo JRequest::getVar('task');
?>
" />
<input type="hidden" name="task" value="" />
<?php
echo JHtml::_('form.token');
?>
</form>
<?php
}
