2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
13 require_once('./global.php');
15 if (!can_perform('canadminusers'))
20 // ###################################################################
22 if (empty($_REQUEST['do']))
24 $_REQUEST['do'] = 'modify';
27 // ###################################################################
29 if ($_REQUEST['do'] == 'kill')
31 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX
. "user WHERE userid = " . intval($bugsys->in
['userid']));
34 $admin->error($lang->getlex('error_invalid_id'));
37 if ($user['userid'] == $bugsys->userinfo
['userid'])
39 $admin->error($lang->string('You cannot delete your own account!'));
42 if ($user['usergroupid'] == 6)
44 $count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX
. "user WHERE usergroupid = 6 AND userid <> $user[userid]");
45 if ($count['count'] < 1)
47 $admin->error($lang->string('At least one other administrator needs to be present before you can delete this user'));
51 $db->query("DELETE FROM user WHERE userid = $user[userid]");
52 $db->query("DELETE FROM favourite WHERE userid = $user[userid]");
53 $db->query("DELETE FROM useractivation WHERE userid = $user[userid]");
55 $admin->redirect('user.php');
58 // ###################################################################
60 if ($_REQUEST['do'] == 'delete')
62 $admin->page_confirm($lang->string('Are you sure you want to delete this user?'), 'user.php?do=kill&userid=' . intval($bugsys->in
['userid']));
65 // ###################################################################
67 if ($_POST['do'] == 'insert')
69 $salt = $funct->rand(15);
72 INSERT INTO " . TABLE_PREFIX
. "user
73 (email, displayname, password, salt, authkey, showemail, showcolours, languageid, usergroupid, timezone)
75 ('" . $bugsys->in
['email'] . "',
76 '" . $bugsys->in
['displayname'] . "',
77 '" . md5(md5($bugsys->in
['password']) . md5($salt)) . "',
79 '" . $funct->rand() . "',
80 " . intval($bugsys->in
['showemail']) . ",
81 " . intval($bugsys->in
['showcolours']) . ",
82 " . intval($bugsys->in
['languageid']) . ",
83 " . intval($bugsys->in
['usergroupid']) . ",
84 " . intval($bugsys->in
['timezone']) . "
88 $admin->redirect('user.php?do=edit&userid=' . $db->insert_id());
91 // ###################################################################
93 if ($_POST['do'] == 'update')
95 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX
. "user WHERE userid = " . intval($bugsys->in
['userid']));
98 $admin->error($lang->getlex('error_invalid_id'));
102 UPDATE " . TABLE_PREFIX
. "user
103 SET displayname = '" . $bugsys->in
['displayname'] . "',
104 email = '" . $bugsys->in
['email'] . "',
105 showcolours = " . intval($bugsys->in
['showcolours']) . ",
106 usergroupid = " . intval($bugsys->in
['usergroupid']) . ",
107 languageid = " . intval($bugsys->in
['languageid']) . ",
108 timezone = " . intval($bugsys->in
['timezone']) . ($bugsys->in
['password'] ?
",
109 password = '" . md5(md5($bugsys->in
['password']) . md5($user['salt'])) . "'" : '') . "
110 WHERE userid = $user[userid]"
113 $admin->redirect('user.php?do=edit&userid=' . $user['userid']);
116 // ###################################################################
118 if ($_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'add')
120 $add = ($_REQUEST['do'] == 'add');
125 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX
. "user WHERE userid = " . intval($bugsys->in
['userid']));
128 $admin->error($lang->getlex('error_invalid_id'));
132 $admin->page_start(($add ?
$lang->string('Add User') : $lang->string('Edit User')));
134 $admin->form_start('user.php', ($add ?
'insert' : 'update'));
138 $admin->form_hidden_field('userid', $user['userid']);
141 $admin->table_start();
143 $admin->table_head(($add ?
$lang->string('Add User') : sprintf($lang->string('Edit User (userid: %1$s)'), $user['userid'])));
145 $admin->row_input($lang->string('Display Name'), 'displayname', $user['displayname']);
146 $admin->row_input($lang->string('Email'), 'email', $user['email']);
147 $admin->row_input(($add ?
$lang->string('Password') : $lang->string('Password (Leave blank for no change)')), 'password');
149 foreach ($bugsys->datastore
['usergroup'] AS $group)
151 $admin->list_item($group['title'], $group['usergroupid'], ($user['usergroupid'] == $group['usergroupid']));
153 $admin->row_list($lang->string('Usergroup'), 'usergroupid');
155 $admin->row_yesno($lang->string('Show Email Publicly'), 'showemail', $user['showemail']);
156 $admin->row_yesno($lang->string('Show Status Colours on Bug Listings'), 'showcolours', $user['showcolours']);
158 foreach ($bugsys->datastore
['language'] AS $language)
160 $admin->list_item($language['title'], $language['languageid'], ($user['languageid'] == $language['languageid']));
162 $admin->row_list($lang->string('Language'), 'languageid');
164 foreach ($datef->fetch_timezone_list() AS $value => $string)
166 $admin->list_item($string, $value, ($user['timezone'] == $value));
168 $admin->row_list($lang->string('Timezone'), 'timezone');
170 $admin->row_submit(($edit ?
'<a href="user.php?do=delete&userid=' . $user['userid'] . '">[' . $lang->string('Delete') . ']</a>' : ''), ':save:', ':reset:', 4);
178 // ###################################################################
180 if ($_REQUEST['do'] == 'search')
184 if (is_numeric($bugsys->in
['userdata']))
186 if ($db->query_first("SELECT * FROM " . TABLE_PREFIX
. "user WHERE userid = " . intval($bugsys->in
['userdata'])))
188 header('Location: user.php?do=edit&userid=' . intval($bugsys->in
['userdata']));
197 $bugsys->in
['userdata'] = str_replace('%', '\%', $bugsys->in
['userdata']);
198 $results = $db->query("SELECT * FROM " . TABLE_PREFIX
. "user WHERE email LIKE '%" . $bugsys->in
['userdata'] . "%' OR displayname LIKE '%" . $bugsys->in
['userdata'] . "%'");
200 if ($db->num_rows($results) < 1)
206 $admin->page_start($lang->string('Search Results'));
208 $admin->table_start();
209 $admin->table_head($lang->string('Search Results'), 4);
210 $admin->table_column_head(array($lang->string('Display Name'), $lang->string('Email'), $lang->string('User ID'), $lang->string('Actions')));
212 while ($row = $db->fetch_array($results))
214 $admin->row_multi_item(array(
215 $row['displayname'] => 'l',
216 $row['email'] => 'c',
217 $row['userid'] => 'c',
218 '<a href="user.php?do=edit&userid=' . $row['userid'] . '">[' . $lang->string('Edit') . ']</a>' => 'c'
230 $admin->error($lang->string('Sorry, we could not find any users that matched your criteria.'));
234 // ###################################################################
236 if ($_REQUEST['do'] == 'modify')
238 $admin->page_start($lang->string('User Search'));
240 $admin->form_start('user.php', 'search');
241 $admin->table_start(true
, '45%');
243 $admin->table_head($lang->string('User Search'));
244 $admin->row_input($lang->string('Display Name/Email/User ID'), 'userdata');
246 $admin->row_submit('', ':save:', '');
254 /*=====================================================================*\
255 || ###################################################################
258 || ###################################################################
259 \*=====================================================================*/