Changeset 631 for trunk/profile.php
- Timestamp:
- Dec 3, 2004, 5:30:12 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/profile.php
r630 r631 27 27 28 28 // customize appearance of the site for a user 29 //----------------------------------------------------------- include 30 define('PHPWG_ROOT_PATH','./'); 31 include_once( PHPWG_ROOT_PATH.'include/common.inc.php' ); 32 //-------------------------------------------------- access authorization check 33 check_login_authorization(); 34 if ( $user['is_the_guest'] ) 35 { 36 echo '<div style="text-align:center;">'.$lang['only_members'].'<br />'; 37 echo '<a href="./identification.php">'.$lang['ident_title'].'</a></div>'; 38 exit(); 29 // +-----------------------------------------------------------------------+ 30 // | initialization | 31 // +-----------------------------------------------------------------------+ 32 $userdata = array(); 33 if ( defined('IN_ADMIN') && isset( $_POST['submituser'] ) ) 34 { 35 $userdata = getuserdata($_POST['username']); 36 } 37 elseif (defined('IN_ADMIN') && isset( $_POST['submit'] )) 38 { 39 $userdata = getuserdata(intval($_POST['userid'])); 40 } 41 elseif (!defined('IN_ADMIN')) 42 { 43 define('PHPWG_ROOT_PATH','./'); 44 include_once(PHPWG_ROOT_PATH.'include/common.inc.php'); 45 check_login_authorization(false); 46 $userdata=$user; 39 47 } 40 48 //------------------------------------------------------ update & customization 41 49 $infos = array( 'nb_image_line', 'nb_line_page', 'language', 42 50 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', 43 'recent_period', 'template', 'mail_address' 51 'recent_period', 'template', 'mail_address'); 44 52 // mise à jour dans la base de données des valeurs 45 53 // des paramètres pour l'utilisateur courant … … 68 76 array_push( $errors, $lang['periods_error'] ); 69 77 } 70 71 if ( $_POST['mail_address']!= $user['mail_address']) 72 { 73 if (!empty($_POST['password'])) 74 array_push( $errors, $lang['reg_err_pass'] ); 75 else 76 { 77 // retrieving the encrypted password of the login submitted 78 79 if ( $_POST['mail_address']!= $userdata['mail_address']) 80 { 81 if ($user['status'] == 'admin') 82 { 83 $mail_error = validate_mail_address( $_POST['mail_address'] ); 84 if ( !empty($mail_error)) array_push( $errors, $mail_error ); 85 } 86 elseif (!empty($_POST['password'])) 87 array_push( $errors, $lang['reg_err_pass'] ); 88 else 89 { 90 // retrieving the encrypted password of the login submitted 78 91 $query = 'SELECT password FROM '.USERS_TABLE.' 79 WHERE username = \''.$user ['username'].'\';';92 WHERE username = \''.$userdata['username'].'\';'; 80 93 $row = mysql_fetch_array(pwg_query($query)); 81 94 if ($row['password'] == md5($_POST['password'])) … … 86 99 else 87 100 array_push( $errors, $lang['reg_err_pass'] ); 88 } 101 102 } 89 103 } 90 104 91 105 // password must be the same as its confirmation 92 if ( isset( $_POST['use_new_pwd'] )106 if ( !empty( $_POST['use_new_pwd'] ) 93 107 and $_POST['use_new_pwd'] != $_POST['passwordConf'] ) 94 108 array_push( $errors, $lang['reg_err_pass'] ); 95 109 110 // We check if we are in the admin level 111 if (isset ($_POST['user_delete'])) 112 { 113 if ($_POST['userid'] > 2) // gallery founder + guest 114 { 115 delete_user($_POST['userid']); 116 } 117 else 118 array_push( $errors, $lang['user_err_modify'] ); 119 } 120 121 // We check if we are in the admin level 122 if (isset ($_POST['status']) && $_POST['status'] <> $userdata['status']) 123 { 124 if ($_POST['userid'] > 2) // gallery founder + guest 125 { 126 array_push($infos, 'status'); 127 } 128 else 129 array_push( $errors, $lang['user_err_modify'] ); 130 } 131 96 132 if ( count( $errors ) == 0 ) 97 133 { … … 105 141 else $query.= "'".$_POST[$info]."'"; 106 142 } 107 $query.= ' WHERE id = '.$ user['id'];143 $query.= ' WHERE id = '.$_POST['userid']; 108 144 $query.= ';'; 109 145 pwg_query( $query ); 110 146 111 if ( isset( $_POST['use_new_pwd'] ) )147 if ( !empty( $_POST['use_new_pwd'] ) ) 112 148 { 113 149 $query = 'UPDATE '.USERS_TABLE; 114 150 $query.= " SET password = '".md5( $_POST['use_new_pwd'] )."'"; 115 $query.= ' WHERE id = '.$ user['id'];151 $query.= ' WHERE id = '.$_POST['userid']; 116 152 $query.= ';'; 117 153 pwg_query( $query ); 118 154 } 119 155 120 156 // redirection 121 redirect(add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])); 122 } 157 if (!defined('IN_ADMIN')) 158 { 159 redirect(add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])); 160 } 161 else 162 { 163 redirect(add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile')); 164 } 165 } 166 } 167 168 // +-----------------------------------------------------------------------+ 169 // | page header and options | 170 // +-----------------------------------------------------------------------+ 171 $url_action = PHPWG_ROOT_PATH; 172 if (!defined('IN_ADMIN')) 173 { 174 $title= $lang['customize_page_title']; 175 include(PHPWG_ROOT_PATH.'include/page_header.php'); 176 $url_action .='profile.php'; 177 } 178 else 179 { 180 $url_action .='admin.php?page=profile'; 123 181 } 124 182 //----------------------------------------------------- template initialization 125 $expand = ($user['expand']=='true')?'EXPAND_TREE_YES':'EXPAND_TREE_NO'; 126 $nb_comments = ($user['show_nb_comments']=='true')?'NB_COMMENTS_YES':'NB_COMMENTS_NO'; 127 128 $title = $lang['customize_page_title']; 129 include(PHPWG_ROOT_PATH.'include/page_header.php'); 130 131 $template->set_filenames(array('profile'=>'profile.tpl')); 132 183 184 $template->set_filenames(array('profile_body'=>'profile.tpl')); 185 if ( defined('IN_ADMIN') && empty($userdata)) 186 { 187 $template->assign_block_vars('select_user',array()); 188 $template->assign_vars(array( 189 'L_SELECT_USERNAME'=>$lang['Select_username'], 190 'L_LOOKUP_USER'=>$lang['Look_up_user'], 191 'L_FIND_USERNAME'=>$lang['Find_username'], 192 'L_AUTH_USER'=>$lang['permuser_only_private'], 193 'L_SUBMIT'=>$lang['submit'], 194 195 'F_SEARCH_USER_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile'), 196 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') 197 )); 198 } 199 else 200 { 201 $expand = ($userdata['expand']=='true')?'EXPAND_TREE_YES':'EXPAND_TREE_NO'; 202 $nb_comments = ($userdata['show_nb_comments']=='true')?'NB_COMMENTS_YES':'NB_COMMENTS_NO'; 203 204 $template->assign_block_vars('modify',array()); 133 205 $template->assign_vars(array( 134 'USERNAME'=>$user['username'], 135 'EMAIL'=>$user['mail_address'], 136 'LANG_SELECT'=>language_select($user['language'], 'language'), 137 'NB_IMAGE_LINE'=>$user['nb_image_line'], 138 'NB_ROW_PAGE'=>$user['nb_line_page'], 139 'STYLE_SELECT'=>style_select($user['template'], 'template'), 140 'RECENT_PERIOD'=>$user['recent_period'], 141 'MAXWIDTH'=>$user['maxwidth'], 142 'MAXHEIGHT'=>$user['maxheight'], 206 'USERNAME'=>$userdata['username'], 207 'USERID'=>$userdata['id'], 208 'EMAIL'=>$userdata['mail_address'], 209 'LANG_SELECT'=>language_select($userdata['language'], 'language'), 210 'NB_IMAGE_LINE'=>$userdata['nb_image_line'], 211 'NB_ROW_PAGE'=>$userdata['nb_line_page'], 212 'STYLE_SELECT'=>style_select($userdata['template'], 'template'), 213 'RECENT_PERIOD'=>$userdata['recent_period'], 214 'MAXWIDTH'=>$userdata['maxwidth'], 215 'MAXHEIGHT'=>$userdata['maxheight'], 143 216 144 217 $expand=>'checked="checked"', … … 171 244 'L_RETURN_HINT' => $lang['home_hint'], 172 245 173 'F_ACTION'=>add_session_id( PHPWG_ROOT_PATH.'profile.php'),246 'F_ACTION'=>add_session_id($url_action), 174 247 175 248 'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']) … … 179 252 if ( sizeof( $errors ) != 0 ) 180 253 { 181 $template->assign_block_vars(' errors',array());254 $template->assign_block_vars('modify.errors',array()); 182 255 for ( $i = 0; $i < sizeof( $errors ); $i++ ) 183 256 { 184 $template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i])); 185 } 186 } 187 //----------------------------------------------------------- html code display 188 $template->pparse('profile'); 189 include(PHPWG_ROOT_PATH.'include/page_tail.php'); 257 $template->assign_block_vars('modify.errors.error',array('ERROR'=>$errors[$i])); 258 } 259 } 260 //------------------------------------------------------------- user management 261 if (defined('IN_ADMIN')) 262 { 263 $status_select = '<select name="status">'; 264 $status_select .='<option value = "guest" '; 265 if ($userdata['status'] == 'guest') $status_select .= 'selected="selected"'; 266 $status_select .='>'.$lang['user_status_guest'] .'</option>'; 267 $status_select .='<option value = "admin" '; 268 if ($userdata['status'] == 'admin') $status_select .= 'selected="selected"'; 269 $status_select .='>'.$lang['user_status_admin'] .'</option>'; 270 $status_select .='</select>'; 271 $template->assign_block_vars('modify.admin',array( 272 'L_ADMIN_USER'=>$lang['user_management'], 273 'L_STATUS'=>$lang['user_status'], 274 'L_DELETE'=>$lang['user_delete'], 275 'L_DELETE_HINT'=>$lang['user_delete_hint'], 276 'STATUS'=>$status_select 277 )); 278 } 279 } 280 // +-----------------------------------------------------------------------+ 281 // | html code display | 282 // +-----------------------------------------------------------------------+ 283 if (defined('IN_ADMIN')) 284 { 285 $template->assign_var_from_handle('ADMIN_CONTENT', 'profile_body'); 286 } 287 else 288 { 289 $template->assign_block_vars('modify.profile',array()); 290 $template->pparse('profile_body'); 291 include(PHPWG_ROOT_PATH.'include/page_tail.php'); 292 } 190 293 ?>
Note: See TracChangeset
for help on using the changeset viewer.