1 | <?php |
---|
2 | /*************************************************************************** |
---|
3 | * user_list.php * |
---|
4 | * ------------------- * |
---|
5 | * application : PhpWebGallery 1.3 <http://phpwebgallery.net> * |
---|
6 | * author : Pierrick LE GALL <pierrick@z0rglub.com> * |
---|
7 | * * |
---|
8 | * $Id: user_list.php 328 2004-01-29 21:18:53Z z0rglub $ |
---|
9 | * * |
---|
10 | ***************************************************************************/ |
---|
11 | |
---|
12 | /*************************************************************************** |
---|
13 | * * |
---|
14 | * This program is free software; you can redistribute it and/or modify * |
---|
15 | * it under the terms of the GNU General Public License as published by * |
---|
16 | * the Free Software Foundation; * |
---|
17 | * * |
---|
18 | ***************************************************************************/ |
---|
19 | include_once( './include/isadmin.inc.php' ); |
---|
20 | //----------------------------------------------------- template initialization |
---|
21 | $sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_list.vtp' ); |
---|
22 | $tpl = array( 'listuser_confirm','listuser_modify_hint','listuser_modify', |
---|
23 | 'listuser_permission','listuser_permission_hint', |
---|
24 | 'listuser_delete_hint','listuser_delete','yes','no', |
---|
25 | 'listuser_button_all','listuser_button_invert', |
---|
26 | 'listuser_button_create_address','title_add','login','password', |
---|
27 | 'add','errors_title' ); |
---|
28 | templatize_array( $tpl, 'lang', $sub ); |
---|
29 | $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); |
---|
30 | //------------------------------------------------------------------ add a user |
---|
31 | $errors = array(); |
---|
32 | if ( isset( $_POST['submit_add_user'] ) ) |
---|
33 | { |
---|
34 | $errors = register_user( |
---|
35 | $_POST['username'], $_POST['password'], $_POST['password'], '', 'guest' ); |
---|
36 | } |
---|
37 | //-------------------------------------------------------------- errors display |
---|
38 | if ( sizeof( $errors ) != 0 ) |
---|
39 | { |
---|
40 | $vtp->addSession( $sub, 'errors' ); |
---|
41 | foreach ( $errors as $error ) { |
---|
42 | $vtp->addSession( $sub, 'li' ); |
---|
43 | $vtp->setVar( $sub, 'li.li', $error ); |
---|
44 | $vtp->closeSession( $sub, 'li' ); |
---|
45 | } |
---|
46 | $vtp->closeSession( $sub, 'errors' ); |
---|
47 | } |
---|
48 | else if ( isset( $_POST['submit_add_user'] ) ) |
---|
49 | { |
---|
50 | $_POST = array(); |
---|
51 | } |
---|
52 | //--------------------------------------------------------------- delete a user |
---|
53 | if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) ) |
---|
54 | { |
---|
55 | $query = 'SELECT username'; |
---|
56 | $query.= ' FROM '.PREFIX_TABLE.'users'; |
---|
57 | $query.= ' WHERE id = '.$_GET['delete']; |
---|
58 | $query.= ';'; |
---|
59 | $row = mysql_fetch_array( mysql_query( $query ) ); |
---|
60 | // confirm user deletion ? |
---|
61 | if ( !isset( $_GET['confirm'] ) ) |
---|
62 | { |
---|
63 | $vtp->addSession( $sub, 'deletion' ); |
---|
64 | $vtp->setVar( $sub, 'deletion.login', $row['username'] ); |
---|
65 | $yes_url = './admin.php?page=user_list&delete='.$_GET['delete']; |
---|
66 | $yes_url.= '&confirm=1'; |
---|
67 | $vtp->setVar( $sub, 'deletion.yes_url', add_session_id( $yes_url ) ); |
---|
68 | $no_url = './admin.php?page=user_list'; |
---|
69 | $vtp->setVar( $sub, 'deletion.no_url', add_session_id( $no_url ) ); |
---|
70 | $vtp->closeSession( $sub, 'deletion' ); |
---|
71 | } |
---|
72 | // user deletion confirmed |
---|
73 | else |
---|
74 | { |
---|
75 | $vtp->addSession( $sub, 'confirmation' ); |
---|
76 | if ( $row['username'] != 'guest' |
---|
77 | and $row['username'] != $conf['webmaster'] ) |
---|
78 | { |
---|
79 | $query = 'SELECT COUNT(*) AS nb_result'; |
---|
80 | $query.= ' FROM '.PREFIX_TABLE.'users'; |
---|
81 | $query.= ' WHERE id = '.$_GET['delete']; |
---|
82 | $query.= ';'; |
---|
83 | $row2 = mysql_fetch_array( mysql_query( $query ) ); |
---|
84 | if ( $row2['nb_result'] > 0 ) |
---|
85 | { |
---|
86 | delete_user( $_GET['delete'] ); |
---|
87 | $vtp->setVar( $sub, 'confirmation.class', 'info' ); |
---|
88 | $info = '"'.$row['username'].'" '.$lang['listuser_info_deletion']; |
---|
89 | $vtp->setVar( $sub, 'confirmation.info', $info ); |
---|
90 | } |
---|
91 | else |
---|
92 | { |
---|
93 | $vtp->setVar( $sub, 'confirmation.class', 'erreur' ); |
---|
94 | $vtp->setVar( $sub, 'confirmation.info', $lang['user_err_unknown'] ); |
---|
95 | } |
---|
96 | } |
---|
97 | else |
---|
98 | { |
---|
99 | $vtp->setVar( $sub, 'confirmation.class', 'erreur' ); |
---|
100 | $vtp->setVar( $sub, 'confirmation.info', $lang['user_err_modify'] ); |
---|
101 | } |
---|
102 | $vtp->closeSession( $sub, 'confirmation' ); |
---|
103 | } |
---|
104 | } |
---|
105 | //------------------------------------------------------------------ users list |
---|
106 | else |
---|
107 | { |
---|
108 | // add a user |
---|
109 | $vtp->addSession( $sub, 'add_user' ); |
---|
110 | $action = './admin.php?'.$_SERVER['QUERY_STRING']; |
---|
111 | $vtp->setVar( $sub, 'add_user.form_action', $action ); |
---|
112 | if (isset( $_POST['username'])) |
---|
113 | $vtp->setVar( $sub, 'add_user.f_username', $_POST['username'] ); |
---|
114 | $vtp->closeSession( $sub, 'add_user' ); |
---|
115 | |
---|
116 | $vtp->addSession( $sub, 'users' ); |
---|
117 | |
---|
118 | $action = './admin.php?'.$_SERVER['QUERY_STRING']; |
---|
119 | if ( !isset( $_GET['mail'] ) ) |
---|
120 | { |
---|
121 | $action.= '&mail=true'; |
---|
122 | } |
---|
123 | $vtp->setVar( $sub, 'users.form_action', $action ); |
---|
124 | |
---|
125 | $query = 'SELECT id,username,status,mail_address'; |
---|
126 | $query.= ' FROM '.PREFIX_TABLE.'users'; |
---|
127 | $query.= ' ORDER BY status ASC, username ASC'; |
---|
128 | $query.= ';'; |
---|
129 | $result = mysql_query( $query ); |
---|
130 | |
---|
131 | $current_status = ''; |
---|
132 | while ( $row = mysql_fetch_array( $result ) ) |
---|
133 | { |
---|
134 | // display the line indicating the status of the next users |
---|
135 | if ( $row['status'] != $current_status ) |
---|
136 | { |
---|
137 | if ( $current_status != '' ) |
---|
138 | { |
---|
139 | $vtp->closeSession( $sub, 'category' ); |
---|
140 | } |
---|
141 | $vtp->addSession( $sub, 'category' ); |
---|
142 | $title = $lang['listuser_user_group'].' '; |
---|
143 | switch ( $row['status'] ) |
---|
144 | { |
---|
145 | case 'admin' : $title.= $lang['adduser_status_admin']; break; |
---|
146 | case 'guest' : $title.= $lang['adduser_status_guest']; break; |
---|
147 | } |
---|
148 | $vtp->setVar( $sub, 'category.title', $title ); |
---|
149 | $current_status = $row['status']; |
---|
150 | } |
---|
151 | $vtp->addSession( $sub, 'user' ); |
---|
152 | // checkbox for mail management if the user has a mail address |
---|
153 | if ( isset( $row['mail_address'] ) and $row['username'] != 'guest' ) |
---|
154 | { |
---|
155 | $vtp->addSession( $sub, 'checkbox' ); |
---|
156 | $vtp->setVar( $sub, 'checkbox.name', 'mail-'.$row['id'] ); |
---|
157 | $vtp->closeSession( $sub, 'checkbox' ); |
---|
158 | } |
---|
159 | // use a special color for the login of the user ? |
---|
160 | if ( $row['username'] == $conf['webmaster'] ) |
---|
161 | { |
---|
162 | $vtp->setVar( $sub, 'user.color', 'red' ); |
---|
163 | } |
---|
164 | if ( $row['username'] == 'guest' ) |
---|
165 | { |
---|
166 | $vtp->setVar( $sub, 'user.color', 'green' ); |
---|
167 | $vtp->setVar( $sub, 'user.login', $lang['guest'] ); |
---|
168 | } |
---|
169 | else |
---|
170 | { |
---|
171 | $vtp->setVar( $sub, 'user.login', $row['username'] ); |
---|
172 | } |
---|
173 | // modify or not modify ? |
---|
174 | if ( $row['username'] == 'guest' |
---|
175 | or ( $row['username'] == $conf['webmaster'] |
---|
176 | and $user['username'] != $conf['webmaster'] ) ) |
---|
177 | { |
---|
178 | $vtp->addSession( $sub, 'not_modify' ); |
---|
179 | $vtp->closeSession( $sub, 'not_modify' ); |
---|
180 | } |
---|
181 | else |
---|
182 | { |
---|
183 | $vtp->addSession( $sub, 'modify' ); |
---|
184 | $url = './admin.php?page=user_modify&user_id='; |
---|
185 | $url.= $row['id']; |
---|
186 | $vtp->setVar( $sub, 'modify.url', add_session_id( $url ) ); |
---|
187 | $vtp->setVar( $sub, 'modify.login', $row['username'] ); |
---|
188 | $vtp->closeSession( $sub, 'modify' ); |
---|
189 | } |
---|
190 | // manage permission or not ? |
---|
191 | if ( $row['username'] == $conf['webmaster'] |
---|
192 | and $user['username'] != $conf['webmaster'] ) |
---|
193 | { |
---|
194 | $vtp->addSession( $sub, 'not_permission' ); |
---|
195 | $vtp->closeSession( $sub, 'not_permission' ); |
---|
196 | } |
---|
197 | else |
---|
198 | { |
---|
199 | $vtp->addSession( $sub, 'permission' ); |
---|
200 | $url = './admin.php?page=user_perm&user_id='.$row['id']; |
---|
201 | $vtp->setVar( $sub, 'permission.url', add_session_id( $url ) ); |
---|
202 | $vtp->setVar( $sub, 'permission.login', $row['username'] ); |
---|
203 | $vtp->closeSession( $sub, 'permission' ); |
---|
204 | } |
---|
205 | // is the user deletable or not ? |
---|
206 | if ( $row['username'] == 'guest' |
---|
207 | or $row['username'] == $conf['webmaster'] ) |
---|
208 | { |
---|
209 | $vtp->addSession( $sub, 'not_delete' ); |
---|
210 | $vtp->closeSession( $sub, 'not_delete' ); |
---|
211 | } |
---|
212 | else |
---|
213 | { |
---|
214 | $vtp->addSession( $sub, 'delete' ); |
---|
215 | $url = './admin.php?page=user_list&delete='.$row['id']; |
---|
216 | $vtp->setVar( $sub, 'delete.url', add_session_id( $url ) ); |
---|
217 | $vtp->setVar( $sub, 'delete.login', $row['username'] ); |
---|
218 | $vtp->closeSession( $sub, 'delete' ); |
---|
219 | } |
---|
220 | $vtp->closeSession( $sub, 'user' ); |
---|
221 | } |
---|
222 | $vtp->closeSession( $sub, 'category' ); |
---|
223 | // mail management : creation of the mail address if asked by administrator |
---|
224 | if ( isset( $_POST['submit_generate_mail'] ) and isset( $_GET['mail'] ) ) |
---|
225 | { |
---|
226 | $mails = array(); |
---|
227 | $query = 'SELECT id,mail_address'; |
---|
228 | $query.= ' FROM '.PREFIX_TABLE.'users'; |
---|
229 | $query.= ';'; |
---|
230 | $result = mysql_query( $query ); |
---|
231 | while ( $row = mysql_fetch_array( $result ) ) |
---|
232 | { |
---|
233 | if ( isset( $_POST['mail-'.$row['id']] ) ) |
---|
234 | array_push( $mails, $row['mail_address'] ); |
---|
235 | } |
---|
236 | $mail_destination = ''; |
---|
237 | foreach ( $mails as $i => $mail_address ) { |
---|
238 | if ( $i > 0 ) $mail_destination.= ','; |
---|
239 | $mail_destination.= $mail_address; |
---|
240 | } |
---|
241 | if ( sizeof( $mails ) > 0 ) |
---|
242 | { |
---|
243 | $vtp->addSession( $sub, 'mail_link' ); |
---|
244 | $vtp->setVar( $sub, 'mail_link.mailto', $mail_destination ); |
---|
245 | $vtp->setVar( $sub, 'mail_link.mail_address_start', |
---|
246 | substr( $mail_destination, 0, 50 ) ); |
---|
247 | $vtp->closeSession( $sub, 'mail_link' ); |
---|
248 | } |
---|
249 | } |
---|
250 | $vtp->closeSession( $sub, 'users' ); |
---|
251 | } |
---|
252 | //----------------------------------------------------------- sending html code |
---|
253 | $vtp->Parse( $handle , 'sub', $sub ); |
---|
254 | ?> |
---|