Context Navigation

source: trunk/admin/user_modify.php @ 188

Last change on this file since 188 was 188, checked in by z0rglub, 21 years ago
if we try to modify the webmaster, we have to set the status to "admin"
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 8.2 KB

Line
1	<?php
2	/***************************************************************************
3	* user_modify.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: user_modify.php 188 2003-10-09 19:39:30Z z0rglub $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	include_once( './include/isadmin.inc.php' );
20	//----------------------------------------------------- template initialization
21	$sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_modify.vtp' );
22	$error = array();
23	$tpl = array( 'adduser_info_message', 'adduser_info_back', 'adduser_fill_form',
24	'login', 'new', 'password', 'mail_address', 'adduser_status',
25	'submit', 'adduser_info_password_updated','menu_groups',
26	'dissociate','adduser_associate' );
27	templatize_array( $tpl, 'lang', $sub );
28	//--------------------------------------------------------- form criteria check
29	$error = array();
30	$display_form = true;
31
32	// retrieving information in the database about the user identified by its
33	// id in $_GET['user_id']
34	$query = 'select';
35	$query.= ' username,status,mail_address';
36	$query.= ' from '.PREFIX_TABLE.'users';
37	$query.= ' where id = '.$_GET['user_id'];
38	$query.= ';';
39	$row = mysql_fetch_array( mysql_query( $query ) );
40	$page['username'] = $row['username'];
41	$page['status'] = $row['status'];
42	$page['mail_address'] = $row['mail_address'];
43	// user is not modifiable if :
44	// 1. the selected user is the user "guest"
45	// 2. the selected user is the webmaster and the user making the modification
46	// is not the webmaster
47	if ( $row['username'] == 'guest'
48	or ( $row['username'] == $conf['webmaster']
49	and $user['username'] != $conf['webmaster'] ) )
50	{
51	array_push( $error, $lang['user_err_modify'] );
52	$display_form = false;
53	}
54	// if the user was not found in the database, no modification possible
55	if ( $row['username'] == '' )
56	{
57	array_push( $error, $lang['user_err_unknown'] );
58	$display_form = false;
59	}
60
61	if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
62	{
63	// shall we use a new password and overwrite the old one ?
64	$use_new_password = false;
65	if ( $_POST['use_new_pwd'] == 1)
66	{
67	$use_new_password = true;
68	}
69	// if we try to update the webmaster infos, we have to set the status to
70	// 'admin'
71	if ( $row['username'] == $conf['webmaster'] )
72	$_POST['status'] = 'admin';
73
74	$error = array_merge( $error, update_user(
75	$_GET['user_id'], $_POST['mail_address'],
76	$_POST['status'], $use_new_password,
77	$_POST['password'] ) );
78	}
79	// association with groups management
80	if ( isset( $_POST['submit'] ) )
81	{
82	// deletion of checked groups
83	$query = 'SELECT id,name';
84	$query.= ' FROM '.PREFIX_TABLE.'groups';
85	$query.= ' ORDER BY id ASC';
86	$query.= ';';
87	$result = mysql_query( $query );
88	while ( $row = mysql_fetch_array( $result ) )
89	{
90	$dissociate = 'dissociate-'.$row['id'];
91	if ( $_POST[$dissociate] == 1 )
92	{
93	$query = 'DELETE FROM '.PREFIX_TABLE.'user_group';
94	$query.= ' WHERE user_id = '.$_GET['user_id'];
95	$query.= ' AND group_id ='.$row['id'];
96	$query.= ';';
97	mysql_query( $query );
98	}
99	}
100	// create a new association between the user and a group
101	$query = 'INSERT INTO '.PREFIX_TABLE.'user_group';
102	$query.= ' (user_id,group_id) VALUES';
103	$query.= ' ('.$_GET['user_id'].','.$_POST['associate'].')';
104	$query.= ';';
105	mysql_query( $query );
106	}
107	//-------------------------------------------------------------- errors display
108	if ( sizeof( $error ) != 0 )
109	{
110	$vtp->addSession( $sub, 'errors' );
111	for ( $i = 0; $i < sizeof( $error ); $i++ )
112	{
113	$vtp->addSession( $sub, 'li' );
114	$vtp->setVar( $sub, 'li.li', $error[$i] );
115	$vtp->closeSession( $sub, 'li' );
116	}
117	$vtp->closeSession( $sub, 'errors' );
118	}
119	//---------------------------------------------------------------- confirmation
120	if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
121	{
122	$vtp->addSession( $sub, 'confirmation' );
123	$vtp->setVar( $sub, 'confirmation.username', $page['username'] );
124	$url = add_session_id( './admin.php?page=user_list' );
125	$vtp->setVar( $sub, 'confirmation.url', $url );
126	$vtp->closeSession( $sub, 'confirmation' );
127	if ( $use_new_pwd )
128	{
129	$vtp->addSession( $sub, 'password_updated' );
130	$vtp->closeSession( $sub, 'password_updated' );
131	}
132	}
133	//------------------------------------------------------------------------ form
134	if ( $display_form )
135	{
136	$vtp->addSession( $sub, 'form' );
137	$action = './admin.php?page=user_modify&user_id='.$_GET['user_id'];
138	$vtp->setVar( $sub, 'form.form_action', add_session_id( $action ) );
139	$vtp->setVar( $sub, 'form.user:username', $page['username'] );
140	if ( isset( $_POST['mail_address'] ) )
141	{
142	$page['mail_address'] = $_POST['mail_address'];
143	}
144	$vtp->setVar( $sub, 'form.user:mail_address', $page['mail_address'] );
145	// change status only if the user is not the webmaster
146	if ( $page['username'] != $conf['webmaster'] )
147	{
148	$vtp->addSession( $sub, 'status' );
149	if ( isset( $_POST['status'] ) )
150	{
151	$page['status'] = $_POST['status'];
152	}
153	$option = get_enums( PREFIX_TABLE.'users', 'status' );
154	for ( $i = 0; $i < sizeof( $option ); $i++ )
155	{
156	$vtp->addSession( $sub, 'status_option' );
157	$vtp->setVar( $sub, 'status_option.value', $option[$i] );
158	$vtp->setVar( $sub, 'status_option.option',
159	$lang['adduser_status_'.$option[$i]] );
160	if( $option[$i] == $page['status'] )
161	{
162	$vtp->setVar( $sub, 'status_option.selected', ' selected="selected"' );
163	}
164	$vtp->closeSession( $sub, 'status_option' );
165	}
166	$vtp->closeSession( $sub, 'status' );
167	}
168	// groups linked with this user
169	$query = 'SELECT id,name';
170	$query.= ' FROM '.PREFIX_TABLE.'user_group, '.PREFIX_TABLE.'groups';
171	$query.= ' WHERE group_id = id';
172	$query.= ' AND user_id = '.$_GET['user_id'];
173	$query.= ';';
174	$result = mysql_query( $query );
175	$user_groups = array();
176	if ( mysql_num_rows( $result ) > 0 )
177	{
178	$vtp->addSession( $sub, 'groups' );
179	while ( $row = mysql_fetch_array( $result ) )
180	{
181	$vtp->addSession( $sub, 'group' );
182	$vtp->setVar( $sub, 'group.name', $row['name'] );
183	$vtp->setVar( $sub, 'group.dissociate_id', $row['id'] );
184	$vtp->closeSession( $sub, 'group' );
185	array_push( $user_groups, $row['id'] );
186	}
187	$vtp->closeSession( $sub, 'groups' );
188	}
189	// empty group not to take into account
190	$vtp->addSession( $sub, 'associate_group' );
191	$vtp->setVar( $sub, 'associate_group.value', 'undef' );
192	$vtp->setVar( $sub, 'associate_group.option', '' );
193	$vtp->closeSession( $sub, 'associate_group' );
194	// groups not linked yet to the user
195	$query = 'SELECT id,name';
196	$query.= ' FROM '.PREFIX_TABLE.'groups';
197	$query.= ' ORDER BY id ASC';
198	$query.= ';';
199	$result = mysql_query( $query );
200	while ( $row = mysql_fetch_array( $result ) )
201	{
202	if ( !in_array( $row['id'], $user_groups ) )
203	{
204	$vtp->addSession( $sub, 'associate_group' );
205	$vtp->setVar( $sub, 'associate_group.value', $row['id'] );
206	$vtp->setVar( $sub, 'associate_group.option', $row['name'] );
207	$vtp->closeSession( $sub, 'associate_group' );
208	}
209	}
210
211	$url = add_session_id( './admin.php?page=user_list' );
212	$vtp->setVar( $sub, 'form.url_back', $url );
213	$vtp->closeSession( $sub, 'form' );
214	}
215	//----------------------------------------------------------- sending html code
216	$vtp->Parse( $handle , 'sub', $sub );
217	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: