Context Navigation

source: trunk/admin/user_modify.php @ 21

Last change on this file since 21 was 21, checked in by z0rglub, 21 years ago
* empty log message *
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 7.7 KB

Line
1	<?php
2	/***************************************************************************
3	* user_modify.php *
4	* ------------------- *
5	* application : PhpWebGallery 1.3 *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	***************************************************************************/
9
10	/***************************************************************************
11	* *
12	* This program is free software; you can redistribute it and/or modify *
13	* it under the terms of the GNU General Public License as published by *
14	* the Free Software Foundation; *
15	* *
16	***************************************************************************/
17	include_once( './include/isadmin.inc.php' );
18	//----------------------------------------------------- template initialization
19	$sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_modify.vtp' );
20	$error = array();
21	$tpl = array( 'adduser_info_message', 'adduser_info_back', 'adduser_fill_form',
22	'login', 'new', 'password', 'mail_address', 'adduser_status',
23	'submit', 'adduser_info_password_updated','menu_groups',
24	'dissociate','adduser_associate' );
25	templatize_array( $tpl, 'lang', $sub );
26	//--------------------------------------------------------- form criteria check
27	$error = array();
28	$display_form = true;
29
30	// retrieving information in the database about the user identified by its
31	// id in $_GET['user_id']
32	$query = 'select';
33	$query.= ' username,status,mail_address';
34	$query.= ' from '.PREFIX_TABLE.'users';
35	$query.= ' where id = '.$_GET['user_id'];
36	$query.= ';';
37	$row = mysql_fetch_array( mysql_query( $query ) );
38	$page['username'] = $row['username'];
39	$page['status'] = $row['status'];
40	$page['mail_address'] = $row['mail_address'];
41	// user is not modifiable if :
42	// 1. the selected user is the user "guest"
43	// 2. the selected user is the webmaster and the user making the modification
44	// is not the webmaster
45	if ( $row['username'] == 'guest'
46	or ( $row['username'] == $conf['webmaster']
47	and $user['username'] != $conf['webmaster'] ) )
48	{
49	array_push( $error, $lang['user_err_modify'] );
50	$display_form = false;
51	}
52	// if the user was not found in the database, no modification possible
53	if ( $row['username'] == '' )
54	{
55	array_push( $error, $lang['user_err_unknown'] );
56	$display_form = false;
57	}
58
59	if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
60	{
61	// shall we use a new password and overwrite the old one ?
62	$use_new_password = false;
63	if ( $_POST['use_new_pwd'] == 1)
64	{
65	$use_new_password = true;
66	}
67	$error = array_merge( $error, update_user(
68	$_GET['user_id'], $_POST['mail_address'],
69	$_POST['status'], $use_new_password,
70	$_POST['password'] ) );
71	}
72	// association with groups management
73	if ( isset( $_POST['submit'] ) )
74	{
75	// deletion of checked groups
76	$query = 'SELECT id,name';
77	$query.= ' FROM '.PREFIX_TABLE.'groups';
78	$query.= ' ORDER BY id ASC';
79	$query.= ';';
80	$result = mysql_query( $query );
81	while ( $row = mysql_fetch_array( $result ) )
82	{
83	$dissociate = 'dissociate-'.$row['id'];
84	if ( $_POST[$dissociate] == 1 )
85	{
86	$query = 'DELETE FROM '.PREFIX_TABLE.'user_group';
87	$query.= ' WHERE user_id = '.$_GET['user_id'];
88	$query.= ' AND group_id ='.$row['id'];
89	$query.= ';';
90	mysql_query( $query );
91	}
92	}
93	// create a new association between the user and a group
94	$query = 'INSERT INTO '.PREFIX_TABLE.'user_group';
95	$query.= ' (user_id,group_id) VALUES';
96	$query.= ' ('.$_GET['user_id'].','.$_POST['associate'].')';
97	$query.= ';';
98	mysql_query( $query );
99	}
100	//-------------------------------------------------------------- errors display
101	if ( sizeof( $error ) != 0 )
102	{
103	$vtp->addSession( $sub, 'errors' );
104	for ( $i = 0; $i < sizeof( $error ); $i++ )
105	{
106	$vtp->addSession( $sub, 'li' );
107	$vtp->setVar( $sub, 'li.li', $error[$i] );
108	$vtp->closeSession( $sub, 'li' );
109	}
110	$vtp->closeSession( $sub, 'errors' );
111	}
112	//---------------------------------------------------------------- confirmation
113	if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
114	{
115	$vtp->addSession( $sub, 'confirmation' );
116	$vtp->setVar( $sub, 'confirmation.username', $page['username'] );
117	$url = add_session_id( './admin.php?page=user_list' );
118	$vtp->setVar( $sub, 'confirmation.url', $url );
119	$vtp->closeSession( $sub, 'confirmation' );
120	if ( $use_new_pwd )
121	{
122	$vtp->addSession( $sub, 'password_updated' );
123	$vtp->closeSession( $sub, 'password_updated' );
124	}
125	}
126	//------------------------------------------------------------------------ form
127	if ( $display_form )
128	{
129	$vtp->addSession( $sub, 'form' );
130	$action = './admin.php?page=user_modify&user_id='.$_GET['user_id'];
131	$vtp->setVar( $sub, 'form.form_action', add_session_id( $action ) );
132	$vtp->setVar( $sub, 'form.user:username', $page['username'] );
133	if ( isset( $_POST['mail_address'] ) )
134	{
135	$page['mail_address'] = $_POST['mail_address'];
136	}
137	$vtp->setVar( $sub, 'form.user:mail_address', $page['mail_address'] );
138	if ( isset( $_POST['status'] ) )
139	{
140	$page['status'] = $_POST['status'];
141	}
142	$option = get_enums( PREFIX_TABLE.'users', 'status' );
143	for ( $i = 0; $i < sizeof( $option ); $i++ )
144	{
145	$vtp->addSession( $sub, 'status_option' );
146	$vtp->setVar( $sub, 'status_option.value', $option[$i] );
147	$vtp->setVar( $sub, 'status_option.option',
148	$lang['adduser_status_'.$option[$i]] );
149	if( $option[$i] == $page['status'] )
150	{
151	$vtp->setVar( $sub, 'status_option.selected', ' selected="selected"' );
152	}
153	$vtp->closeSession( $sub, 'status_option' );
154	}
155	// groups linked with this user
156	$query = 'SELECT id,name';
157	$query.= ' FROM '.PREFIX_TABLE.'user_group, '.PREFIX_TABLE.'groups';
158	$query.= ' WHERE group_id = id';
159	$query.= ' AND user_id = '.$_GET['user_id'];
160	$query.= ';';
161	$result = mysql_query( $query );
162	$user_groups = array();
163	if ( mysql_num_rows( $result ) > 0 )
164	{
165	$vtp->addSession( $sub, 'groups' );
166	while ( $row = mysql_fetch_array( $result ) )
167	{
168	$vtp->addSession( $sub, 'group' );
169	$vtp->setVar( $sub, 'group.name', $row['name'] );
170	$vtp->setVar( $sub, 'group.dissociate_id', $row['id'] );
171	$vtp->closeSession( $sub, 'group' );
172	array_push( $user_groups, $row['id'] );
173	}
174	$vtp->closeSession( $sub, 'groups' );
175	}
176	// empty group not to take into account
177	$vtp->addSession( $sub, 'associate_group' );
178	$vtp->setVar( $sub, 'associate_group.value', 'undef' );
179	$vtp->setVar( $sub, 'associate_group.option', '' );
180	$vtp->closeSession( $sub, 'associate_group' );
181	// groups not linked yet to the user
182	$query = 'SELECT id,name';
183	$query.= ' FROM '.PREFIX_TABLE.'groups';
184	$query.= ' ORDER BY id ASC';
185	$query.= ';';
186	$result = mysql_query( $query );
187	while ( $row = mysql_fetch_array( $result ) )
188	{
189	if ( !in_array( $row['id'], $user_groups ) )
190	{
191	$vtp->addSession( $sub, 'associate_group' );
192	$vtp->setVar( $sub, 'associate_group.value', $row['id'] );
193	$vtp->setVar( $sub, 'associate_group.option', $row['name'] );
194	$vtp->closeSession( $sub, 'associate_group' );
195	}
196	}
197
198	$url = add_session_id( './admin.php?page=user_list' );
199	$vtp->setVar( $sub, 'form.url_back', $url );
200	$vtp->closeSession( $sub, 'form' );
201	}
202	//----------------------------------------------------------- sending html code
203	$vtp->Parse( $handle , 'sub', $sub );
204	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: