Context Navigation

source: trunk/profile.php @ 709

Last change on this file since 709 was 709, checked in by plg, 19 years ago
new features : multipages users list. The list can be ordered by id (same effect than registration date) or by username. On each line, you can access properties and permissions for the user
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 15.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2005-01-19 23:36:43 +0000 (Wed, 19 Jan 2005) $
10	// \| last modifier : $Author: plg $
11	// \| revision : $Revision: 709 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// customize appearance of the site for a user
29	// +-----------------------------------------------------------------------+
30	// \| initialization \|
31	// +-----------------------------------------------------------------------+
32	$userdata = array();
33	if (defined('IN_ADMIN') and isset($_POST['submituser']))
34	{
35	$userdata = getuserdata($_POST['username']);
36	}
37	else if (defined('IN_ADMIN') and IN_ADMIN and isset($_GET['user_id']))
38	{
39	$userdata = getuserdata(intval($_GET['user_id']));
40	}
41	elseif (defined('IN_ADMIN') and isset($_POST['submit']))
42	{
43	$userdata = getuserdata(intval($_POST['userid']));
44	}
45	elseif (!defined('IN_ADMIN') or !IN_ADMIN)
46	{
47	define('PHPWG_ROOT_PATH','./');
48	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
49	check_login_authorization(false);
50	$userdata = $user;
51	}
52	//------------------------------------------------------ update & customization
53	$infos = array('nb_image_line', 'nb_line_page', 'language',
54	'maxwidth', 'maxheight', 'expand', 'show_nb_comments',
55	'recent_period', 'template', 'mail_address');
56
57	$errors = array();
58	if (isset($_POST['submit']))
59	{
60	$int_pattern = '/^\d+$/';
61
62	if ($_POST['maxwidth'] != ''
63	and (!preg_match($int_pattern, $_POST['maxwidth'])
64	or $_POST['maxwidth'] < 50))
65	{
66	array_push($errors, $lang['maxwidth_error']);
67	}
68	if ($_POST['maxheight']
69	and (!preg_match($int_pattern, $_POST['maxheight'])
70	or $_POST['maxheight'] < 50))
71	{
72	array_push($errors, $lang['maxheight_error']);
73	}
74	// periods must be integer values, they represents number of days
75	if (!preg_match($int_pattern, $_POST['recent_period'])
76	or $_POST['recent_period'] <= 0)
77	{
78	array_push($errors, $lang['periods_error']);
79	}
80
81	// if mail_address has changed
82	if (!isset($userdata['mail_address']))
83	{
84	$userdata['mail_address'] = '';
85	}
86
87	if ($_POST['mail_address'] != @$userdata['mail_address'])
88	{
89	if ($user['status'] == 'admin')
90	{
91	$mail_error = validate_mail_address($_POST['mail_address']);
92	if (!empty($mail_error))
93	{
94	array_push($errors, $mail_error);
95	}
96	}
97	else if (!empty($_POST['password']))
98	{
99	array_push($errors, $lang['reg_err_pass']);
100	}
101	else
102	{
103	// retrieving the encrypted password of the login submitted
104	$query = '
105	SELECT password
106	FROM '.USERS_TABLE.'
107	WHERE id = \''.$userdata['id'].'\'
108	;';
109	$row = mysql_fetch_array(pwg_query($query));
110	if ($row['password'] == md5($_POST['password']))
111	{
112	$mail_error = validate_mail_address($_POST['mail_address']);
113	if (!empty($mail_error))
114	{
115	array_push($errors, $mail_error);
116	}
117	}
118	else
119	{
120	array_push($errors, $lang['reg_err_pass']);
121	}
122	}
123	}
124
125	// password must be the same as its confirmation
126	if (!empty($_POST['use_new_pwd'])
127	and $_POST['use_new_pwd'] != $_POST['passwordConf'])
128	{
129	array_push($errors, $lang['reg_err_pass']);
130	}
131
132	// We check if we are in the admin level
133	if (isset($_POST['user_delete']))
134	{
135	if ($_POST['userid'] > 2) // gallery founder + guest
136	{
137	delete_user($_POST['userid']);
138	}
139	else
140	{
141	array_push($errors, $lang['user_err_modify']);
142	}
143	}
144
145	// We check if we are in the admin level
146	if (isset($_POST['status']) and $_POST['status'] <> $userdata['status'])
147	{
148	if ($_POST['userid'] > 2) // gallery founder + guest
149	{
150	array_push($infos, 'status');
151	}
152	else
153	{
154	array_push($errors, $lang['user_err_modify']);
155	}
156	}
157
158	if (count($errors) == 0)
159	{
160	$query = '
161	UPDATE '.USERS_TABLE.'
162	SET ';
163	$is_first = true;
164	foreach ($infos as $i => $info)
165	{
166	if (!$is_first)
167	{
168	$query.= '
169	, ';
170	}
171	$is_first = false;
172
173	$query.= $info;
174	$query.= ' = ';
175	if ($_POST[$info] == '')
176	{
177	$query.= 'NULL';
178	}
179	else
180	{
181	$query.= "'".$_POST[$info]."'";
182	}
183	}
184	$query.= '
185	WHERE id = '.$_POST['userid'].'
186	;';
187	pwg_query($query);
188
189	if (!empty($_POST['use_new_pwd']))
190	{
191	$query = '
192	UPDATE '.USERS_TABLE.'
193	SET password = \''.md5($_POST['use_new_pwd']).'\'
194	WHERE id = '.$_POST['userid'].'
195	;';
196	pwg_query($query);
197	}
198
199	// redirection
200	if (!defined('IN_ADMIN') or !IN_ADMIN)
201	{
202	$url = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
203	redirect(add_session_id($url));
204	}
205	else
206	{
207	redirect(add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile'));
208	}
209	}
210	}
211	// +-----------------------------------------------------------------------+
212	// \| page header and options \|
213	// +-----------------------------------------------------------------------+
214	$url_action = PHPWG_ROOT_PATH;
215	if (!defined('IN_ADMIN'))
216	{
217	$title= $lang['customize_page_title'];
218	include(PHPWG_ROOT_PATH.'include/page_header.php');
219	$url_action .='profile.php';
220	}
221	else
222	{
223	$url_action .='admin.php?page=profile';
224	}
225	//----------------------------------------------------- template initialization
226	$template->set_filenames(array('profile_body'=>'profile.tpl'));
227
228	if (defined('IN_ADMIN') and IN_ADMIN and empty($userdata))
229	{
230	$template->assign_block_vars('select_user',array());
231
232	$admin_profile = add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile');
233
234	$conf['users_page'] = 20;
235	$start = isset($_GET['start']) ? $_GET['start'] : 0;
236
237	$query = '
238	SELECT COUNT(*) AS counter
239	FROM '.USERS_TABLE.'
240	WHERE id != 2
241	;';
242	list($counter) = mysql_fetch_row(pwg_query($query));
243	$url = PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start'));
244	$navbar = create_navigation_bar($url,
245	$counter,
246	$start,
247	$conf['users_page'],
248	'');
249
250	$template->assign_vars(
251	array(
252	'L_SELECT_USERNAME'=>$lang['Select_username'],
253	'L_LOOKUP_USER'=>$lang['Look_up_user'],
254	'L_FIND_USERNAME'=>$lang['Find_username'],
255	'L_AUTH_USER'=>$lang['permuser_only_private'],
256	'L_SUBMIT'=>$lang['submit'],
257	'L_STATUS'=>$lang['user_status'],
258	'L_USERNAME' => $lang['login'],
259	'L_EMAIL' => $lang['mail_address'],
260	'L_ORDER_BY' => $lang['order_by'],
261	'L_ACTIONS' => $lang['actions'],
262	'L_PERMISSIONS' => $lang['permissions'],
263	'L_USERS_LIST' => $lang['title_liste_users'],
264
265	'NAVBAR'=>$navbar,
266	'F_SEARCH_USER_ACTION' => $admin_profile,
267	'F_ORDER_ACTION' => $admin_profile,
268	'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
269	));
270
271	$order_by_items = array('id' => $lang['registration_date'],
272	'username' => $lang['login']);
273	foreach ($order_by_items as $item => $label)
274	{
275	$selected = (isset($_GET['order_by']) and $_GET['order_by'] == $item) ?
276	'selected="selected"' : '';
277	$template->assign_block_vars(
278	'select_user.order_by',
279	array(
280	'VALUE' => $item,
281	'CONTENT' => $label,
282	'SELECTED' => $selected
283	));
284	}
285
286	$direction_items = array('asc' => $lang['ascending'],
287	'desc' => $lang['descending']);
288	foreach ($direction_items as $item => $label)
289	{
290	$selected = (isset($_GET['direction']) and $_GET['direction'] == $item) ?
291	'selected="selected"' : '';
292	$template->assign_block_vars(
293	'select_user.direction',
294	array(
295	'VALUE' => $item,
296	'CONTENT' => $label,
297	'SELECTED' => $selected
298	));
299	}
300
301	$profile_url = PHPWG_ROOT_PATH.'admin.php?page=profile&user_id=';
302	$perm_url = PHPWG_ROOT_PATH.'admin.php?page=user_perm&user_id=';
303
304	$users = array();
305	$user_ids = array();
306	$groups_content = array();
307
308	$order_by = 'id';
309	if (isset($_GET['order_by'])
310	and in_array($_GET['order_by'], array_keys($order_by_items)))
311	{
312	$order_by = $_GET['order_by'];
313	}
314
315	$direction = 'ASC';
316	if (isset($_GET['direction'])
317	and in_array($_GET['direction'], array_keys($direction_items)))
318	{
319	$direction = strtoupper($_GET['direction']);
320	}
321
322	$query = '
323	SELECT id, username, mail_address, status
324	FROM '.USERS_TABLE.'
325	WHERE id != 2
326	ORDER BY '.$order_by.' '.$direction.'
327	LIMIT '.$start.', '.$conf['users_page'].'
328	;';
329	$result = pwg_query($query);
330	while ($row = mysql_fetch_array($result))
331	{
332	array_push($users, $row);
333	array_push($user_ids, $row['id']);
334	$user_groups[$row['id']] = array();
335	}
336
337	$query = '
338	SELECT user_id, group_id, name
339	FROM '.USER_GROUP_TABLE.' INNER JOIN '.GROUPS_TABLE.' ON group_id = id
340	WHERE user_id IN ('.implode(',', $user_ids).')
341	;';
342	$result = pwg_query($query);
343	while ($row = mysql_fetch_array($result))
344	{
345	$groups_content[$row['group_id']] = $row['name'];
346	array_push($user_groups[$row['user_id']], $row['group_id']);
347	}
348
349	foreach ($users as $item)
350	{
351	$groups = preg_replace('/(\d+)/e',
352	"\$groups_content['$1']",
353	implode(', ', $user_groups[$item['id']]));
354
355	$template->assign_block_vars(
356	'select_user.user',
357	array(
358	'U_MOD'=>add_session_id($profile_url.$item['id']),
359	'U_PERM'=>add_session_id($perm_url.$item['id']),
360	'USERNAME'=>$item['username'],
361	'STATUS'=>$item['status'],
362	'EMAIL'=>isset($item['mail_address']) ? $item['mail_address'] : '',
363	'GROUPS'=>$groups
364	));
365	}
366	}
367	else
368	{
369	$expand =
370	($userdata['expand']=='true')?
371	'EXPAND_TREE_YES':'EXPAND_TREE_NO';
372
373	$nb_comments =
374	($userdata['show_nb_comments']=='true')?
375	'NB_COMMENTS_YES':'NB_COMMENTS_NO';
376
377	$template->assign_block_vars('modify',array());
378	$template->assign_vars(
379	array(
380	'USERNAME'=>$userdata['username'],
381	'USERID'=>$userdata['id'],
382	'EMAIL'=>@$userdata['mail_address'],
383	'LANG_SELECT'=>language_select($userdata['language'], 'language'),
384	'NB_IMAGE_LINE'=>$userdata['nb_image_line'],
385	'NB_ROW_PAGE'=>$userdata['nb_line_page'],
386	'STYLE_SELECT'=>style_select($userdata['template'], 'template'),
387	'RECENT_PERIOD'=>$userdata['recent_period'],
388	'MAXWIDTH'=>@$userdata['maxwidth'],
389	'MAXHEIGHT'=>@$userdata['maxheight'],
390
391	$expand=>'checked="checked"',
392	$nb_comments=>'checked="checked"',
393
394	'L_TITLE' => $lang['customize_title'],
395	'L_REGISTRATION_INFO' => $lang['register_title'],
396	'L_PREFERENCES' => $lang['preferences'],
397	'L_USERNAME' => $lang['login'],
398	'L_EMAIL' => $lang['mail_address'],
399	'L_CURRENT_PASSWORD' => $lang['password'],
400	'L_CURRENT_PASSWORD_HINT' => $lang['password_hint'],
401	'L_NEW_PASSWORD' => $lang['new_password'],
402	'L_NEW_PASSWORD_HINT' => $lang['new_password_hint'],
403	'L_CONFIRM_PASSWORD' => $lang['reg_confirm'],
404	'L_CONFIRM_PASSWORD_HINT' => $lang['confirm_password_hint'],
405	'L_LANG_SELECT'=>$lang['language'],
406	'L_NB_IMAGE_LINE'=>$lang['nb_image_per_row'],
407	'L_NB_ROW_PAGE'=>$lang['nb_row_per_page'],
408	'L_STYLE_SELECT'=>$lang['theme'],
409	'L_RECENT_PERIOD'=>$lang['recent_period'],
410	'L_EXPAND_TREE'=>$lang['auto_expand'],
411	'L_NB_COMMENTS'=>$lang['show_nb_comments'],
412	'L_MAXWIDTH'=>$lang['maxwidth'],
413	'L_MAXHEIGHT'=>$lang['maxheight'],
414	'L_YES'=>$lang['yes'],
415	'L_NO'=>$lang['no'],
416	'L_SUBMIT'=>$lang['submit'],
417	'L_RESET'=>$lang['reset'],
418	'L_RETURN' => $lang['home'],
419	'L_RETURN_HINT' => $lang['home_hint'],
420
421	'F_ACTION'=>add_session_id($url_action),
422	));
423
424	if (!defined('IN_ADMIN') or !IN_ADMIN)
425	{
426	$url_return = PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'];
427	$template->assign_vars(array('U_RETURN' => add_session_id($url_return)));
428	}
429	//-------------------------------------------------------------- errors display
430	if (count($errors) != 0)
431	{
432	$template->assign_block_vars('modify.errors',array());
433	foreach ($errors as $error)
434	{
435	$template->assign_block_vars('modify.errors.error',
436	array('ERROR'=>$error));
437	}
438	}
439	//------------------------------------------------------------- user management
440	if (defined('IN_ADMIN') and IN_ADMIN)
441	{
442	$status_select = '<select name="status">';
443	$status_select .='<option value = "guest" ';
444	if ($userdata['status'] == 'guest')
445	{
446	$status_select .= 'selected="selected"';
447	}
448	$status_select .='>'.$lang['user_status_guest'] .'</option>';
449	$status_select .='<option value = "admin" ';
450	if ($userdata['status'] == 'admin')
451	{
452	$status_select .= 'selected="selected"';
453	}
454	$status_select .='>'.$lang['user_status_admin'] .'</option>';
455	$status_select .='</select>';
456	$template->assign_block_vars(
457	'modify.admin',
458	array(
459	'L_ADMIN_USER'=>$lang['user_management'],
460	'L_STATUS'=>$lang['user_status'],
461	'L_DELETE'=>$lang['user_delete'],
462	'L_DELETE_HINT'=>$lang['user_delete_hint'],
463	'STATUS'=>$status_select
464	));
465	}
466	}
467	// +-----------------------------------------------------------------------+
468	// \| html code display \|
469	// +-----------------------------------------------------------------------+
470	if (defined('IN_ADMIN') and IN_ADMIN)
471	{
472	$template->assign_var_from_handle('ADMIN_CONTENT', 'profile_body');
473	}
474	else
475	{
476	$template->assign_block_vars('modify.profile',array());
477	$template->parse('profile_body');
478	include(PHPWG_ROOT_PATH.'include/page_tail.php');
479	}
480	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: