From b7c0df8be3a5e13053ca739b7f32394f23ea66f0 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 8 Oct 2005 16:05:34 +0000 Subject: [PATCH] r507: User manager in the admin CP --- admin/global.php | 1 + admin/user.php | 257 +++++++++++++++++++++++++++++++++++++++++++++++ docs/todo.txt | 1 - 3 files changed, 258 insertions(+), 1 deletion(-) create mode 100644 admin/user.php diff --git a/admin/global.php b/admin/global.php index e97aad3..687f9b8 100755 --- a/admin/global.php +++ b/admin/global.php @@ -40,6 +40,7 @@ $globalnav = array( ), $lang->string('User Management') => array( + $lang->string('Users') => 'user.php', $lang->string('Usergroups') => 'usergroup.php' ) ); diff --git a/admin/user.php b/admin/user.php new file mode 100644 index 0000000..d1f28ad --- /dev/null +++ b/admin/user.php @@ -0,0 +1,257 @@ +query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid'])); + if (!$user) + { + $admin->error($lang->getlex('error_invalid_id')); + } + + if ($user['userid'] == $bugsys->userinfo['userid']) + { + $admin->error($lang->string('You cannot delete your own account!')); + } + + if ($user['usergroupid'] == 6) + { + $count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> $user[userid]"); + if ($count['count'] < 1) + { + $admin->error($lang->string('At least one other administrator needs to be present before you can delete this user')); + } + } + + $db->query("DELETE FROM user WHERE userid = $user[userid]"); + $db->query("DELETE FROM favourite WHERE userid = $user[userid]"); + $db->query("DELETE FROM useractivation WHERE userid = $user[userid]"); + + $admin->redirect('user.php'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + $admin->page_confirm($lang->string('Are you sure you want to delete this user?'), 'user.php?do=kill&userid=' . intval($bugsys->in['userid'])); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + $salt = $funct->rand(15); + + $db->query(" + INSERT INTO " . TABLE_PREFIX . "user + (email, displayname, password, salt, authkey, showemail, languageid, usergroupid, timezone) + VALUES + ('" . $bugsys->in['email'] . "', + '" . $bugsys->in['displayname'] . "', + '" . md5(md5($bugsys->in['password']) . md5($salt)) . "', + '$salt', + '" . $funct->rand() . "', + " . intval($bugsys->in['showemail']) . ", + " . intval($bugsys->in['languageid']) . ", + " . intval($bugsys->in['usergroupid']) . ", + " . intval($bugsys->in['timezone']) . " + )" + ); + + $admin->redirect('user.php?do=edit&userid=' . $db->insert_id()); +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid'])); + if (!$user) + { + $admin->error($lang->getlex('error_invalid_id')); + } + + $db->query(" + UPDATE " . TABLE_PREFIX . "user + SET displayname = '" . $bugsys->in['displayname'] . "', + email = '" . $bugsys->in['email'] . "', + usergroupid = " . intval($bugsys->in['usergroupid']) . ", + languageid = " . intval($bugsys->in['languageid']) . ", + timezone = " . intval($bugsys->in['timezone']) . ($bugsys->in['password'] ? ", + password = '" . md5(md5($bugsys->in['password']) . md5($user['salt'])) . "'" : '') . " + WHERE userid = $user[userid]" + ); + + $admin->redirect('user.php?do=edit&userid=' . $user['userid']); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'add') +{ + $add = ($_REQUEST['do'] == 'add'); + $edit = (!$add); + + if ($edit) + { + $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid'])); + if (!$user) + { + $admin->error($lang->getlex('error_invalid_id')); + } + } + + $admin->page_start(($add ? $lang->string('Add User') : $lang->string('Edit User'))); + + $admin->form_start('user.php', ($add ? 'insert' : 'update')); + + if ($edit) + { + $admin->form_hidden_field('userid', $user['userid']); + } + + $admin->table_start(); + + $admin->table_head(($add ? $lang->string('Add User') : sprintf($lang->string('Edit User (userid: %1$s)'), $user['userid']))); + + $admin->row_input($lang->string('Display Name'), 'displayname', $user['displayname']); + $admin->row_input($lang->string('Email'), 'email', $user['email']); + $admin->row_input(($add ? $lang->string('Password') : $lang->string('Password (Leave blank for no change)')), 'password'); + + foreach ($bugsys->datastore['usergroup'] AS $group) + { + $admin->list_item($group['title'], $group['usergroupid'], ($user['usergroupid'] == $group['usergroupid'])); + } + $admin->row_list($lang->string('Usergroup'), 'usergroupid'); + + $admin->row_yesno($lang->string('Show Email Publicly'), 'showemail', $user['showemail']); + + foreach ($bugsys->datastore['language'] AS $language) + { + $admin->list_item($language['title'], $language['languageid'], ($user['languageid'] == $language['languageid'])); + } + $admin->row_list($lang->string('Language'), 'languageid'); + + foreach ($datef->fetch_timezone_list() AS $value => $string) + { + $admin->list_item($string, $value, ($user['timezone'] == $value)); + } + $admin->row_list($lang->string('Timezone'), 'timezone'); + + $admin->row_submit(($edit ? '[' . $lang->string('Delete') . ']' : ''), ':save:', ':reset:', 4); + + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'search') +{ + $fail = false; + + if (is_numeric($bugsys->in['userdata'])) + { + if ($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userdata']))) + { + header('Location: user.php?do=edit&userid=' . intval($bugsys->in['userdata'])); + } + else + { + $fail = true; + } + } + else + { + $bugsys->in['userdata'] = str_replace('%', '\%', $bugsys->in['userdata']); + $results = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . $bugsys->in['userdata'] . "%' OR displayname LIKE '%" . $bugsys->in['userdata'] . "%'"); + + if ($db->num_rows($results) < 1) + { + $fail = true; + } + else + { + $admin->page_start($lang->string('Search Results')); + + $admin->table_start(); + $admin->table_head($lang->string('Search Results'), 4); + $admin->table_column_head(array($lang->string('Display Name'), $lang->string('Email'), $lang->string('User ID'), $lang->string('Actions'))); + + while ($row = $db->fetch_array($results)) + { + $admin->row_multi_item(array( + $row['displayname'] => 'l', + $row['email'] => 'c', + $row['userid'] => 'c', + '[' . $lang->string('Edit') . ']' => 'c' + )); + } + + $admin->table_end(); + + $admin->page_end(); + } + } + + if ($fail) + { + $admin->error($lang->string('Sorry, we could not find any users that matched your criteria.')); + } +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start($lang->string('User Search')); + + $admin->form_start('user.php', 'search'); + $admin->table_start(true, '45%'); + + $admin->table_head($lang->string('User Search')); + $admin->row_input($lang->string('Display Name/Email/User ID'), 'userdata'); + + $admin->row_submit('', ':save:', ''); + + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/docs/todo.txt b/docs/todo.txt index 9311e23..e6e0b8f 100755 --- a/docs/todo.txt +++ b/docs/todo.txt @@ -8,7 +8,6 @@ BUGTRACK 1.0 - Add per-product-usergroup permission settings - Ability to disable status colouring on listing pages - User options/controls page -- User manager in Admin CP ############################################################################### BUGTRACK 1.1 -- 2.43.5