https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r897: Implementing the UserAPI in the admin section
[bugdar.git] / admin / user.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 require_once('./global.php');
23 require_once('./includes/api_user.php');
24
25 if (!can_perform('canadminusers'))
26 {
27 admin_login();
28 }
29
30 // ###################################################################
31
32 if (empty($_REQUEST['do']))
33 {
34 $_REQUEST['do'] = 'modify';
35 }
36
37 // ###################################################################
38
39 if ($_REQUEST['do'] == 'kill')
40 {
41 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->input_clean('userid', TYPE_UINT));
42 if (!$user)
43 {
44 $admin->error($lang->getlex('error_invalid_id'));
45 }
46
47 if ($user['userid'] == $bugsys->userinfo['userid'])
48 {
49 $admin->error($lang->string('You cannot delete your own account!'));
50 }
51
52 if ($user['usergroupid'] == 6)
53 {
54 $count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> $user[userid]");
55 if ($count['count'] < 1)
56 {
57 $admin->error($lang->string('At least one other administrator needs to be present before you can delete this user'));
58 }
59 }
60
61 $db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = $user[userid]");
62 $db->query("DELETE FROM " . TABLE_PREFIX . "favourite WHERE userid = $user[userid]");
63 $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $user[userid]");
64
65 $admin->redirect('user.php');
66 }
67
68 // ###################################################################
69
70 if ($_REQUEST['do'] == 'delete')
71 {
72 $admin->page_confirm($lang->string('Are you sure you want to delete this user?'), 'user.php?do=kill&amp;userid=' . $bugsys->input_clean('userid', TYPE_UINT));
73 }
74
75 // ###################################################################
76
77 if ($_POST['do'] == 'insert')
78 {
79 $user = new UserAPI($bugsys);
80 $user->set('dispayname', $bugsys->in['displayname']);
81 $user->set('email', $bugsys->in['email']);
82 $user->set('showemail', $bugsys->in['showemail']);
83 $user->set('showcolours', $bugsys->in['showcolours']);
84 $user->set('usergroupid', $bugsys->in['usergroupid']);
85 $user->set('languageid', $bugsys->in['languageid']);
86 $user->set('timezone', $bugsys->in['timezone']);
87 $user->set('password', $bugsys->in['password']);
88 $user->insert();
89
90 build_assignedto();
91
92 $admin->redirect('user.php?do=edit&userid=' . $db->insert_id());
93 }
94
95 // ###################################################################
96
97 if ($_POST['do'] == 'update')
98 {
99 $user = new UserAPI($bugsys);
100 $user->set('userid', $bugsys->in['userid']);
101 $user->set_condition();
102 $user->set('dispayname', $bugsys->in['displayname']);
103 $user->set('email', $bugsys->in['email']);
104 $user->set('showemail', $bugsys->in['showemail']);
105 $user->set('showcolours', $bugsys->in['showcolours']);
106 $user->set('usergroupid', $bugsys->in['usergroupid']);
107 $user->set('languageid', $bugsys->in['languageid']);
108 $user->set('timezone', $bugsys->in['timezone']);
109 $user->set('password', $bugsys->in['password']);
110 $user->update();
111
112 build_assignedto();
113
114 $admin->redirect('user.php?do=edit&userid=' . $user['userid']);
115 }
116
117 // ###################################################################
118
119 if ($_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'add')
120 {
121 $add = ($_REQUEST['do'] == 'add');
122 $edit = (!$add);
123
124 if ($edit)
125 {
126 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->input_clean('userid', TYPE_UINT));
127 if (!$user)
128 {
129 $admin->error($lang->getlex('error_invalid_id'));
130 }
131 }
132
133 $admin->page_start(($add ? $lang->string('Add User') : $lang->string('Edit User')), 2, 'user_manage');
134
135 $admin->form_start('user.php', ($add ? 'insert' : 'update'));
136
137 if ($edit)
138 {
139 $admin->form_hidden_field('userid', $user['userid']);
140 }
141
142 $admin->table_start();
143
144 $admin->table_head(($add ? $lang->string('Add User') : sprintf($lang->string('Edit User (userid: %1$s)'), $user['userid'])));
145
146 $admin->row_input($lang->string('Display Name'), 'displayname', $user['displayname']);
147 $admin->row_input($lang->string('Email'), 'email', $user['email']);
148 $admin->row_input(($add ? $lang->string('Password') : $lang->string('Password (Leave blank for no change)')), 'password');
149
150 foreach ($bugsys->datastore['usergroup'] AS $group)
151 {
152 $admin->list_item($group['title'], $group['usergroupid'], ($user['usergroupid'] == $group['usergroupid']));
153 }
154 $admin->row_list($lang->string('Usergroup'), 'usergroupid');
155
156 $admin->row_yesno($lang->string('Show Email Publicly'), 'showemail', $user['showemail']);
157 $admin->row_yesno($lang->string('Show Status Colours on Bug Listings'), 'showcolours', $user['showcolours']);
158
159 foreach ($bugsys->datastore['language'] AS $language)
160 {
161 $admin->list_item($language['title'], $language['languageid'], ($user['languageid'] == $language['languageid']));
162 }
163 $admin->row_list($lang->string('Language'), 'languageid');
164
165 foreach ($datef->fetch_timezone_list() AS $value => $string)
166 {
167 $admin->list_item($string, $value, ($user['timezone'] == $value));
168 }
169 $admin->row_list($lang->string('Timezone'), 'timezone');
170
171 $admin->row_submit(($edit ? '<a href="user.php?do=delete&amp;userid=' . $user['userid'] . '">[' . $lang->string('Delete') . ']</a>' : ''), ':save:', ':reset:', 4);
172
173 $admin->table_end();
174 $admin->form_end();
175
176 $admin->page_end();
177 }
178
179 // ###################################################################
180
181 if ($_REQUEST['do'] == 'search')
182 {
183 $fail = false;
184
185 if (is_numeric($bugsys->in['userdata']))
186 {
187 $bugsys->input_clean('userdata', TYPE_UINT);
188 if ($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . $bugsys->in['userdata']))
189 {
190 header('Location: user.php?do=edit&userid=' . $bugsys->in['userdata']);
191 }
192 else
193 {
194 $fail = true;
195 }
196 }
197 else
198 {
199 $bugsys->in['userdata'] = str_replace('%', '\%', $bugsys->in['userdata']);
200 $results = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . $bugsys->input_escape('userdata') . "%' OR displayname LIKE '%" . $bugsys->input_escape('userdata') . "%'");
201
202 if ($db->num_rows($results) < 1)
203 {
204 $fail = true;
205 }
206 else
207 {
208 $admin->page_start($lang->string('Search Results'));
209
210 $admin->table_start();
211 $admin->table_head($lang->string('Search Results'), 4);
212 $admin->table_column_head(array($lang->string('Display Name'), $lang->string('Email'), $lang->string('User ID'), $lang->string('Actions')));
213
214 while ($row = $db->fetch_array($results))
215 {
216 $admin->row_multi_item(array(
217 $row['displayname'] => 'l',
218 $row['email'] => 'c',
219 $row['userid'] => 'c',
220 '<a href="user.php?do=edit&amp;userid=' . $row['userid'] . '">[' . $lang->string('Edit') . ']</a>' => 'c'
221 ));
222 }
223
224 $admin->table_end();
225
226 $admin->page_end();
227 }
228 }
229
230 if ($fail)
231 {
232 $admin->error($lang->string('Sorry, we could not find any users that matched your criteria.'));
233 }
234 }
235
236 // ###################################################################
237
238 if ($_REQUEST['do'] == 'modify')
239 {
240 $admin->page_start($lang->string('User Search'));
241
242 $admin->form_start('user.php', 'search');
243 $admin->table_start(true, '45%');
244
245 $admin->table_head($lang->string('User Search'), 2, 'user_manage');
246 $admin->row_input($lang->string('Name/Email/ID'), 'userdata');
247
248 $admin->row_submit('', ':save:', '');
249
250 $admin->table_end();
251 $admin->form_end();
252
253 $admin->page_end();
254 }
255
256 /*=====================================================================*\
257 || ###################################################################
258 || # $HeadURL$
259 || # $Id$
260 || ###################################################################
261 \*=====================================================================*/
262 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.