git.ucc.asn.au / matches / MCTX3420.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
segment the admin gui
[matches/MCTX3420.git] / testing / MCTXWeb / public_html / users / original / admin_user.php
1 <?php\r
2 /*\r
3 UserCake Version: 2.0.2\r
4 http://usercake.com\r
5 */\r
6 \r
7 require_once("models/config.php");\r
8 if (!securePage($_SERVER['PHP_SELF'])){die();}\r
9 $userId = $_GET['id'];\r
10 \r
11 //Check if selected user exists\r
12 if(!userIdExists($userId)){\r
13         header("Location: admin_users.php"); die();\r
14 }\r
15 \r
16 $userdetails = fetchUserDetails(NULL, NULL, $userId); //Fetch user details\r
17 \r
18 //Forms posted\r
19 if(!empty($_POST))\r
20 {       \r
21         //Delete selected account\r
22         if(!empty($_POST['delete'])){\r
23                 $deletions = $_POST['delete'];\r
24                 if ($deletion_count = deleteUsers($deletions)) {\r
25                         $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));\r
26                 }\r
27                 else {\r
28                         $errors[] = lang("SQL_ERROR");\r
29                 }\r
30         }\r
31         else\r
32         {\r
33                 //Update display name\r
34                 if ($userdetails['display_name'] != $_POST['display']){\r
35                         $displayname = trim($_POST['display']);\r
36                         \r
37                         //Validate display name\r
38                         if(displayNameExists($displayname))\r
39                         {\r
40                                 $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE",array($displayname));\r
41                         }\r
42                         elseif(minMaxRange(5,25,$displayname))\r
43                         {\r
44                                 $errors[] = lang("ACCOUNT_DISPLAY_CHAR_LIMIT",array(5,25));\r
45                         }\r
46                         elseif(!ctype_alnum($displayname)){\r
47                                 $errors[] = lang("ACCOUNT_DISPLAY_INVALID_CHARACTERS");\r
48                         }\r
49                         else {\r
50                                 if (updateDisplayName($userId, $displayname)){\r
51                                         $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED", array($displayname));\r
52                                 }\r
53                                 else {\r
54                                         $errors[] = lang("SQL_ERROR");\r
55                                 }\r
56                         }\r
57                         \r
58                 }\r
59                 else {\r
60                         $displayname = $userdetails['display_name'];\r
61                 }\r
62                 \r
63                 //Activate account\r
64                 if(isset($_POST['activate']) && $_POST['activate'] == "activate"){\r
65                         if (setUserActive($userdetails['activation_token'])){\r
66                                 $successes[] = lang("ACCOUNT_MANUALLY_ACTIVATED", array($displayname));\r
67                         }\r
68                         else {\r
69                                 $errors[] = lang("SQL_ERROR");\r
70                         }\r
71                 }\r
72                 \r
73                 //Update email\r
74                 if ($userdetails['email'] != $_POST['email']){\r
75                         $email = trim($_POST["email"]);\r
76                         \r
77                         //Validate email\r
78                         if(!isValidEmail($email))\r
79                         {\r
80                                 $errors[] = lang("ACCOUNT_INVALID_EMAIL");\r
81                         }\r
82                         elseif(emailExists($email))\r
83                         {\r
84                                 $errors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email));\r
85                         }\r
86                         else {\r
87                                 if (updateEmail($userId, $email)){\r
88                                         $successes[] = lang("ACCOUNT_EMAIL_UPDATED");\r
89                                 }\r
90                                 else {\r
91                                         $errors[] = lang("SQL_ERROR");\r
92                                 }\r
93                         }\r
94                 }\r
95                 \r
96                 //Update title\r
97                 if ($userdetails['title'] != $_POST['title']){\r
98                         $title = trim($_POST['title']);\r
99                         \r
100                         //Validate title\r
101                         if(minMaxRange(1,50,$title))\r
102                         {\r
103                                 $errors[] = lang("ACCOUNT_TITLE_CHAR_LIMIT",array(1,50));\r
104                         }\r
105                         else {\r
106                                 if (updateTitle($userId, $title)){\r
107                                         $successes[] = lang("ACCOUNT_TITLE_UPDATED", array ($displayname, $title));\r
108                                 }\r
109                                 else {\r
110                                         $errors[] = lang("SQL_ERROR");\r
111                                 }\r
112                         }\r
113                 }\r
114                 \r
115                 //Remove permission level\r
116                 if(!empty($_POST['removePermission'])){\r
117                         $remove = $_POST['removePermission'];\r
118                         if ($deletion_count = removePermission($remove, $userId)){\r
119                                 $successes[] = lang("ACCOUNT_PERMISSION_REMOVED", array ($deletion_count));\r
120                         }\r
121                         else {\r
122                                 $errors[] = lang("SQL_ERROR");\r
123                         }\r
124                 }\r
125                 \r
126                 if(!empty($_POST['addPermission'])){\r
127                         $add = $_POST['addPermission'];\r
128                         if ($addition_count = addPermission($add, $userId)){\r
129                                 $successes[] = lang("ACCOUNT_PERMISSION_ADDED", array ($addition_count));\r
130                         }\r
131                         else {\r
132                                 $errors[] = lang("SQL_ERROR");\r
133                         }\r
134                 }\r
135                 \r
136                 $userdetails = fetchUserDetails(NULL, NULL, $userId);\r
137         }\r
138 }\r
139 \r
140 $userPermission = fetchUserPermissions($userId);\r
141 $permissionData = fetchAllPermissions();\r
142 \r
143 require_once("models/header.php");\r
144 \r
145 echo "\r
146 <body>\r
147 <div id='wrapper'>\r
148 <div id='top'><div id='logo'></div></div>\r
149 <div id='content'>\r
150 <h1>UserCake</h1>\r
151 <h2>Admin User</h2>\r
152 <div id='left-nav'>";\r
153 \r
154 include("left-nav.php");\r
155 \r
156 echo "\r
157 </div>\r
158 <div id='main'>";\r
159 \r
160 echo resultBlock($errors,$successes);\r
161 \r
162 echo "\r
163 <form name='adminUser' action='".$_SERVER['PHP_SELF']."?id=".$userId."' method='post'>\r
164 <table class='admin'><tr><td>\r
165 <h3>User Information</h3>\r
166 <div id='regbox'>\r
167 <p>\r
168 <label>ID:</label>\r
169 ".$userdetails['id']."\r
170 </p>\r
171 <p>\r
172 <label>Username:</label>\r
173 ".$userdetails['user_name']."\r
174 </p>\r
175 <p>\r
176 <label>Display Name:</label>\r
177 <input type='text' name='display' value='".$userdetails['display_name']."' />\r
178 </p>\r
179 <p>\r
180 <label>Email:</label>\r
181 <input type='text' name='email' value='".$userdetails['email']."' />\r
182 </p>\r
183 <p>\r
184 <label>Active:</label>";\r
185 \r
186 //Display activation link, if account inactive\r
187 if ($userdetails['active'] == '1'){\r
188         echo "Yes";     \r
189 }\r
190 else{\r
191         echo "No\r
192         </p>\r
193         <p>\r
194         <label>Activate:</label>\r
195         <input type='checkbox' name='activate' id='activate' value='activate'>\r
196         ";\r
197 }\r
198 \r
199 echo "\r
200 </p>\r
201 <p>\r
202 <label>Title:</label>\r
203 <input type='text' name='title' value='".$userdetails['title']."' />\r
204 </p>\r
205 <p>\r
206 <label>Sign Up:</label>\r
207 ".date("j M, Y", $userdetails['sign_up_stamp'])."\r
208 </p>\r
209 <p>\r
210 <label>Last Sign In:</label>";\r
211 \r
212 //Last sign in, interpretation\r
213 if ($userdetails['last_sign_in_stamp'] == '0'){\r
214         echo "Never";   \r
215 }\r
216 else {\r
217         echo date("j M, Y", $userdetails['last_sign_in_stamp']);\r
218 }\r
219 \r
220 echo "\r
221 </p>\r
222 <p>\r
223 <label>Delete:</label>\r
224 <input type='checkbox' name='delete[".$userdetails['id']."]' id='delete[".$userdetails['id']."]' value='".$userdetails['id']."'>\r
225 </p>\r
226 <p>\r
227 <label>&nbsp;</label>\r
228 <input type='submit' value='Update' class='submit' />\r
229 </p>\r
230 </div>\r
231 </td>\r
232 <td>\r
233 <h3>Permission Membership</h3>\r
234 <div id='regbox'>\r
235 <p>Remove Permission:";\r
236 \r
237 //List of permission levels user is apart of\r
238 foreach ($permissionData as $v1) {\r
239         if(isset($userPermission[$v1['id']])){\r
240                 echo "<br><input type='checkbox' name='removePermission[".$v1['id']."]' id='removePermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['name'];\r
241         }\r
242 }\r
243 \r
244 //List of permission levels user is not apart of\r
245 echo "</p><p>Add Permission:";\r
246 foreach ($permissionData as $v1) {\r
247         if(!isset($userPermission[$v1['id']])){\r
248                 echo "<br><input type='checkbox' name='addPermission[".$v1['id']."]' id='addPermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['name'];\r
249         }\r
250 }\r
251 \r
252 echo"\r
253 </p>\r
254 </div>\r
255 </td>\r
256 </tr>\r
257 </table>\r
258 </form>\r
259 </div>\r
260 <div id='bottom'></div>\r
261 </div>\r
262 </body>\r
263 </html>";\r
264 \r
265 ?>\r
Repository for MCTX3420 2013 Project, Team 4

UCC git Repository :: git.ucc.asn.au