Context Navigation

source: branches/1.4/profile.php @ 23111

Last change on this file since 23111 was 746, checked in by plg, 20 years ago
bug fixed : status name is displayed as its localized name
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 15.5 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-03-12 10:28:44 +0000 (Sat, 12 Mar 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 746 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// customize appearance of the site for a user
29	// +-----------------------------------------------------------------------+
30	// \| initialization \|
31	// +-----------------------------------------------------------------------+
32	$userdata = array();
33	if (defined('IN_ADMIN') and isset($_POST['submituser']))
34	{
35	$userdata = getuserdata($_POST['username']);
36	}
37	else if (defined('IN_ADMIN') and IN_ADMIN and isset($_GET['user_id']))
38	{
39	$userdata = getuserdata(intval($_GET['user_id']));
40	}
41	elseif (defined('IN_ADMIN') and isset($_POST['submit']))
42	{
43	$userdata = getuserdata(intval($_POST['userid']));
44	}
45	elseif (!defined('IN_ADMIN') or !IN_ADMIN)
46	{
47	define('PHPWG_ROOT_PATH','./');
48	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
49	check_login_authorization(false);
50	$userdata = $user;
51	}
52	//------------------------------------------------------ update & customization
53	$infos = array('nb_image_line', 'nb_line_page', 'language',
54	'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
55	'recent_period', 'template', 'mail_address');
56
57	$errors = array();
58	if (isset($_POST['submit']))
59	{
60	$int_pattern = '/^\d+$/';
61
62	if ($_POST['maxwidth'] != ''
63	and (!preg_match($int_pattern, $_POST['maxwidth'])
64	or $_POST['maxwidth'] < 50))
65	{
66	array_push($errors, $lang['maxwidth_error']);
67	}
68	if ($_POST['maxheight']
69	and (!preg_match($int_pattern, $_POST['maxheight'])
70	or $_POST['maxheight'] < 50))
71	{
72	array_push($errors, $lang['maxheight_error']);
73	}
74	// periods must be integer values, they represents number of days
75	if (!preg_match($int_pattern, $_POST['recent_period'])
76	or $_POST['recent_period'] <= 0)
77	{
78	array_push($errors, $lang['periods_error']);
79	}
80
81	// if mail_address has changed
82	if (!isset($userdata['mail_address']))
83	{
84	$userdata['mail_address'] = '';
85	}
86
87	if ($_POST['mail_address'] != @$userdata['mail_address'])
88	{
89	if ($user['status'] == 'admin')
90	{
91	$mail_error = validate_mail_address($_POST['mail_address']);
92	if (!empty($mail_error))
93	{
94	array_push($errors, $mail_error);
95	}
96	}
97	else if (!empty($_POST['password']))
98	{
99	array_push($errors, $lang['reg_err_pass']);
100	}
101	else
102	{
103	// retrieving the encrypted password of the login submitted
104	$query = '
105	SELECT password
106	FROM '.USERS_TABLE.'
107	WHERE id = \''.$userdata['id'].'\'
108	;';
109	$row = mysql_fetch_array(pwg_query($query));
110	if ($row['password'] == md5($_POST['password']))
111	{
112	$mail_error = validate_mail_address($_POST['mail_address']);
113	if (!empty($mail_error))
114	{
115	array_push($errors, $mail_error);
116	}
117	}
118	else
119	{
120	array_push($errors, $lang['reg_err_pass']);
121	}
122	}
123	}
124
125	// password must be the same as its confirmation
126	if (!empty($_POST['use_new_pwd'])
127	and $_POST['use_new_pwd'] != $_POST['passwordConf'])
128	{
129	array_push($errors, $lang['reg_err_pass']);
130	}
131
132	// We check if we are in the admin level
133	if (isset($_POST['user_delete']))
134	{
135	if ($_POST['userid'] > 2) // gallery founder + guest
136	{
137	delete_user($_POST['userid']);
138	}
139	else
140	{
141	array_push($errors, $lang['user_err_modify']);
142	}
143	}
144
145	// We check if we are in the admin level
146	if (isset($_POST['status']) and $_POST['status'] <> $userdata['status'])
147	{
148	if ($_POST['userid'] > 2) // gallery founder + guest
149	{
150	array_push($infos, 'status');
151	}
152	else
153	{
154	array_push($errors, $lang['user_err_modify']);
155	}
156	}
157
158	if (count($errors) == 0)
159	{
160	$query = '
161	UPDATE '.USERS_TABLE.'
162	SET ';
163	$is_first = true;
164	foreach ($infos as $i => $info)
165	{
166	if (!$is_first)
167	{
168	$query.= '
169	, ';
170	}
171	$is_first = false;
172
173	$query.= $info;
174	$query.= ' = ';
175	if ($_POST[$info] == '')
176	{
177	$query.= 'NULL';
178	}
179	else
180	{
181	$query.= "'".$_POST[$info]."'";
182	}
183	}
184	$query.= '
185	WHERE id = '.$_POST['userid'].'
186	;';
187	pwg_query($query);
188
189	if (!empty($_POST['use_new_pwd']))
190	{
191	$query = '
192	UPDATE '.USERS_TABLE.'
193	SET password = \''.md5($_POST['use_new_pwd']).'\'
194	WHERE id = '.$_POST['userid'].'
195	;';
196	pwg_query($query);
197	}
198
199	// redirection
200	if (!defined('IN_ADMIN') or !IN_ADMIN)
201	{
202	$url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
203	redirect(add_session_id($url));
204	}
205	else
206	{
207	redirect(add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile'));
208	}
209	}
210	}
211	else if (defined('IN_ADMIN') and IN_ADMIN and isset($_POST['submit_add']))
212	{
213	$errors = register_user($_POST['login'], $_POST['password'],
214	$_POST['password'], '');
215	}
216	// +-----------------------------------------------------------------------+
217	// \| page header and options \|
218	// +-----------------------------------------------------------------------+
219	$url_action = PHPWG_ROOT_PATH;
220	if (!defined('IN_ADMIN'))
221	{
222	$title= $lang['customize_page_title'];
223	include(PHPWG_ROOT_PATH.'include/page_header.php');
224	$url_action .='profile.php';
225	}
226	else
227	{
228	$url_action .='admin.php?page=profile';
229	}
230	//----------------------------------------------------- template initialization
231	$template->set_filenames(array('profile_body'=>'profile.tpl'));
232
233	if (defined('IN_ADMIN') and IN_ADMIN and empty($userdata))
234	{
235	$admin_profile = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile');
236
237	$template->assign_block_vars('add_user', array('F_ACTION'=>$admin_profile));
238	$template->assign_block_vars('select_user',array());
239
240	$conf['users_page'] = 20;
241	$start = isset($_GET['start']) ? $_GET['start'] : 0;
242
243	$query = '
244	SELECT COUNT(*) AS counter
245	FROM '.USERS_TABLE.'
246	WHERE id != 2
247	;';
248	list($counter) = mysql_fetch_row(pwg_query($query));
249	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
250	$navbar = create_navigation_bar($url,
251	$counter,
252	$start,
253	$conf['users_page'],
254	'');
255
256	$template->assign_vars(
257	array(
258	'L_SELECT_USERNAME'=>$lang['Select_username'],
259	'L_LOOKUP_USER'=>$lang['Look_up_user'],
260	'L_FIND_USERNAME'=>$lang['Find_username'],
261	'L_AUTH_USER'=>$lang['permuser_only_private'],
262	'L_GROUP_ADD_USER' => $lang['group_add_user'],
263	'L_SUBMIT'=>$lang['submit'],
264	'L_STATUS'=>$lang['user_status'],
265	'L_USERNAME' => $lang['login'],
266	'L_PASSWORD' => $lang['password'],
267	'L_EMAIL' => $lang['mail_address'],
268	'L_ORDER_BY' => $lang['order_by'],
269	'L_ACTIONS' => $lang['actions'],
270	'L_PERMISSIONS' => $lang['permissions'],
271	'L_USERS_LIST' => $lang['title_liste_users'],
272
273	'NAVBAR'=>$navbar,
274	'F_SEARCH_USER_ACTION' => $admin_profile,
275	'F_ORDER_ACTION' => $admin_profile,
276	'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
277	));
278
279	$order_by_items = array('id' => $lang['registration_date'],
280	'username' => $lang['login']);
281	foreach ($order_by_items as $item => $label)
282	{
283	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
284	'selected="selected"' : '';
285	$template->assign_block_vars(
286	'select_user.order_by',
287	array(
288	'VALUE' => $item,
289	'CONTENT' => $label,
290	'SELECTED' => $selected
291	));
292	}
293
294	$direction_items = array('asc' => $lang['ascending'],
295	'desc' => $lang['descending']);
296	foreach ($direction_items as $item => $label)
297	{
298	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
299	'selected="selected"' : '';
300	$template->assign_block_vars(
301	'select_user.direction',
302	array(
303	'VALUE' => $item,
304	'CONTENT' => $label,
305	'SELECTED' => $selected
306	));
307	}
308
309	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
310	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
311
312	$users = array();
313	$user_ids = array();
314	$groups_content = array();
315
316	$order_by = 'id';
317	if (isset($_GET['order_by'])
318	and in_array($_GET['order_by'], array_keys($order_by_items)))
319	{
320	$order_by = $_GET['order_by'];
321	}
322
323	$direction = 'ASC';
324	if (isset($_GET['direction'])
325	and in_array($_GET['direction'], array_keys($direction_items)))
326	{
327	$direction = strtoupper($_GET['direction']);
328	}
329
330	$query = '
331	SELECT id, username, mail_address, status
332	FROM '.USERS_TABLE.'
333	WHERE id != 2
334	ORDER BY '.$order_by.' '.$direction.'
335	LIMIT '.$start.', '.$conf['users_page'].'
336	;';
337	$result = pwg_query($query);
338	while ($row = mysql_fetch_array($result))
339	{
340	array_push($users, $row);
341	array_push($user_ids, $row['id']);
342	$user_groups[$row['id']] = array();
343	}
344
345	$query = '
346	SELECT user_id, group_id, name
347	FROM '.USER_GROUP_TABLE.' INNER JOIN '.GROUPS_TABLE.' ON group_id = id
348	WHERE user_id IN ('.implode(',', $user_ids).')
349	;';
350	$result = pwg_query($query);
351	while ($row = mysql_fetch_array($result))
352	{
353	$groups_content[$row['group_id']] = $row['name'];
354	array_push($user_groups[$row['user_id']], $row['group_id']);
355	}
356
357	foreach ($users as $item)
358	{
359	$groups = preg_replace('/(\d+)/e',
360	"\$groups_content['$1']",
361	implode(', ', $user_groups[$item['id']]));
362
363	$template->assign_block_vars(
364	'select_user.user',
365	array(
366	'U_MOD'=>add_session_id($profile_url.$item['id']),
367	'U_PERM'=>add_session_id($perm_url.$item['id']),
368	'USERNAME'=>$item['username'],
369	'STATUS'=>$lang['user_status_'.$item['status']],
370	'EMAIL'=>isset($item['mail_address']) ? $item['mail_address'] : '',
371	'GROUPS'=>$groups
372	));
373	}
374	}
375	else
376	{
377	$expand =
378	($userdata['expand']=='true')?
379	'EXPAND_TREE_YES':'EXPAND_TREE_NO';
380
381	$nb_comments =
382	($userdata['show_nb_comments']=='true')?
383	'NB_COMMENTS_YES':'NB_COMMENTS_NO';
384
385	$template->assign_block_vars('modify',array());
386	$template->assign_vars(
387	array(
388	'USERNAME'=>$userdata['username'],
389	'USERID'=>$userdata['id'],
390	'EMAIL'=>@$userdata['mail_address'],
391	'LANG_SELECT'=>language_select($userdata['language'], 'language'),
392	'NB_IMAGE_LINE'=>$userdata['nb_image_line'],
393	'NB_ROW_PAGE'=>$userdata['nb_line_page'],
394	'STYLE_SELECT'=>style_select($userdata['template'], 'template'),
395	'RECENT_PERIOD'=>$userdata['recent_period'],
396	'MAXWIDTH'=>@$userdata['maxwidth'],
397	'MAXHEIGHT'=>@$userdata['maxheight'],
398
399	$expand=>'checked="checked"',
400	$nb_comments=>'checked="checked"',
401
402	'L_TITLE' => $lang['customize_title'],
403	'L_REGISTRATION_INFO' => $lang['register_title'],
404	'L_PREFERENCES' => $lang['preferences'],
405	'L_USERNAME' => $lang['login'],
406	'L_EMAIL' => $lang['mail_address'],
407	'L_CURRENT_PASSWORD' => $lang['password'],
408	'L_CURRENT_PASSWORD_HINT' => $lang['password_hint'],
409	'L_NEW_PASSWORD' => $lang['new_password'],
410	'L_NEW_PASSWORD_HINT' => $lang['new_password_hint'],
411	'L_CONFIRM_PASSWORD' => $lang['reg_confirm'],
412	'L_CONFIRM_PASSWORD_HINT' => $lang['confirm_password_hint'],
413	'L_LANG_SELECT'=>$lang['language'],
414	'L_NB_IMAGE_LINE'=>$lang['nb_image_per_row'],
415	'L_NB_ROW_PAGE'=>$lang['nb_row_per_page'],
416	'L_STYLE_SELECT'=>$lang['theme'],
417	'L_RECENT_PERIOD'=>$lang['recent_period'],
418	'L_EXPAND_TREE'=>$lang['auto_expand'],
419	'L_NB_COMMENTS'=>$lang['show_nb_comments'],
420	'L_MAXWIDTH'=>$lang['maxwidth'],
421	'L_MAXHEIGHT'=>$lang['maxheight'],
422	'L_YES'=>$lang['yes'],
423	'L_NO'=>$lang['no'],
424	'L_SUBMIT'=>$lang['submit'],
425	'L_RESET'=>$lang['reset'],
426	'L_RETURN' => $lang['home'],
427	'L_RETURN_HINT' => $lang['home_hint'],
428
429	'F_ACTION'=>add_session_id($url_action),
430	));
431
432	if (!defined('IN_ADMIN') or !IN_ADMIN)
433	{
434	$url_return = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
435	$template->assign_vars(array('U_RETURN' => add_session_id($url_return)));
436	}
437	//------------------------------------------------------------- user management
438	if (defined('IN_ADMIN') and IN_ADMIN)
439	{
440	$status_select = '<select name="status">';
441	$status_select .='<option value = "guest" ';
442	if ($userdata['status'] == 'guest')
443	{
444	$status_select .= 'selected="selected"';
445	}
446	$status_select .='>'.$lang['user_status_guest'] .'</option>';
447	$status_select .='<option value = "admin" ';
448	if ($userdata['status'] == 'admin')
449	{
450	$status_select .= 'selected="selected"';
451	}
452	$status_select .='>'.$lang['user_status_admin'] .'</option>';
453	$status_select .='</select>';
454	$template->assign_block_vars(
455	'modify.admin',
456	array(
457	'L_ADMIN_USER'=>$lang['user_management'],
458	'L_STATUS'=>$lang['user_status'],
459	'L_DELETE'=>$lang['user_delete'],
460	'L_DELETE_HINT'=>$lang['user_delete_hint'],
461	'STATUS'=>$status_select
462	));
463	}
464	}
465	// +-----------------------------------------------------------------------+
466	// \| errors display \|
467	// +-----------------------------------------------------------------------+
468	if (count($errors) != 0)
469	{
470	$template->assign_block_vars('errors',array());
471	foreach ($errors as $error)
472	{
473	$template->assign_block_vars('errors.error', array('ERROR'=>$error));
474	}
475	}
476	// +-----------------------------------------------------------------------+
477	// \| html code display \|
478	// +-----------------------------------------------------------------------+
479	if (defined('IN_ADMIN') and IN_ADMIN)
480	{
481	$template->assign_var_from_handle('ADMIN_CONTENT', 'profile_body');
482	}
483	else
484	{
485	$template->assign_block_vars('modify.profile',array());
486	$template->parse('profile_body');
487	include(PHPWG_ROOT_PATH.'include/page_tail.php');
488	}
489	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: