https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r714: OKAY, this is the last of the TABLE_PREFIX bugs
[bugdar.git] / admin / user.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Bugdar [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 require_once('./global.php');
14
15 if (!can_perform('canadminusers'))
16 {
17 admin_login();
18 }
19
20 // ###################################################################
21
22 if (empty($_REQUEST['do']))
23 {
24 $_REQUEST['do'] = 'modify';
25 }
26
27 // ###################################################################
28
29 if ($_REQUEST['do'] == 'kill')
30 {
31 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
32 if (!$user)
33 {
34 $admin->error($lang->getlex('error_invalid_id'));
35 }
36
37 if ($user['userid'] == $bugsys->userinfo['userid'])
38 {
39 $admin->error($lang->string('You cannot delete your own account!'));
40 }
41
42 if ($user['usergroupid'] == 6)
43 {
44 $count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "user WHERE usergroupid = 6 AND userid <> $user[userid]");
45 if ($count['count'] < 1)
46 {
47 $admin->error($lang->string('At least one other administrator needs to be present before you can delete this user'));
48 }
49 }
50
51 $db->query("DELETE FROM " . TABLE_PREFIX . "user WHERE userid = $user[userid]");
52 $db->query("DELETE FROM " . TABLE_PREFIX . "favourite WHERE userid = $user[userid]");
53 $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $user[userid]");
54
55 $admin->redirect('user.php');
56 }
57
58 // ###################################################################
59
60 if ($_REQUEST['do'] == 'delete')
61 {
62 $admin->page_confirm($lang->string('Are you sure you want to delete this user?'), 'user.php?do=kill&amp;userid=' . intval($bugsys->in['userid']));
63 }
64
65 // ###################################################################
66
67 if ($_POST['do'] == 'insert')
68 {
69 $salt = $funct->rand(15);
70
71 $db->query("
72 INSERT INTO " . TABLE_PREFIX . "user
73 (email, displayname, password, salt, authkey, showemail, showcolours, languageid, usergroupid, timezone)
74 VALUES
75 ('" . $bugsys->in['email'] . "',
76 '" . $bugsys->in['displayname'] . "',
77 '" . md5(md5($bugsys->in['password']) . md5($salt)) . "',
78 '$salt',
79 '" . $funct->rand() . "',
80 " . intval($bugsys->in['showemail']) . ",
81 " . intval($bugsys->in['showcolours']) . ",
82 " . intval($bugsys->in['languageid']) . ",
83 " . intval($bugsys->in['usergroupid']) . ",
84 " . intval($bugsys->in['timezone']) . "
85 )"
86 );
87
88 build_assignedto();
89
90 $admin->redirect('user.php?do=edit&userid=' . $db->insert_id());
91 }
92
93 // ###################################################################
94
95 if ($_POST['do'] == 'update')
96 {
97 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
98 if (!$user)
99 {
100 $admin->error($lang->getlex('error_invalid_id'));
101 }
102
103 $db->query("
104 UPDATE " . TABLE_PREFIX . "user
105 SET displayname = '" . $bugsys->in['displayname'] . "',
106 email = '" . $bugsys->in['email'] . "',
107 showcolours = " . intval($bugsys->in['showcolours']) . ",
108 usergroupid = " . intval($bugsys->in['usergroupid']) . ",
109 languageid = " . intval($bugsys->in['languageid']) . ",
110 timezone = " . intval($bugsys->in['timezone']) . ($bugsys->in['password'] ? ",
111 password = '" . md5(md5($bugsys->in['password']) . md5($user['salt'])) . "'" : '') . "
112 WHERE userid = $user[userid]"
113 );
114
115 build_assignedto();
116
117 $admin->redirect('user.php?do=edit&userid=' . $user['userid']);
118 }
119
120 // ###################################################################
121
122 if ($_REQUEST['do'] == 'edit' OR $_REQUEST['do'] == 'add')
123 {
124 $add = ($_REQUEST['do'] == 'add');
125 $edit = (!$add);
126
127 if ($edit)
128 {
129 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userid']));
130 if (!$user)
131 {
132 $admin->error($lang->getlex('error_invalid_id'));
133 }
134 }
135
136 $admin->page_start(($add ? $lang->string('Add User') : $lang->string('Edit User')), 2, 'user_manage');
137
138 $admin->form_start('user.php', ($add ? 'insert' : 'update'));
139
140 if ($edit)
141 {
142 $admin->form_hidden_field('userid', $user['userid']);
143 }
144
145 $admin->table_start();
146
147 $admin->table_head(($add ? $lang->string('Add User') : sprintf($lang->string('Edit User (userid: %1$s)'), $user['userid'])));
148
149 $admin->row_input($lang->string('Display Name'), 'displayname', $user['displayname']);
150 $admin->row_input($lang->string('Email'), 'email', $user['email']);
151 $admin->row_input(($add ? $lang->string('Password') : $lang->string('Password (Leave blank for no change)')), 'password');
152
153 foreach ($bugsys->datastore['usergroup'] AS $group)
154 {
155 $admin->list_item($group['title'], $group['usergroupid'], ($user['usergroupid'] == $group['usergroupid']));
156 }
157 $admin->row_list($lang->string('Usergroup'), 'usergroupid');
158
159 $admin->row_yesno($lang->string('Show Email Publicly'), 'showemail', $user['showemail']);
160 $admin->row_yesno($lang->string('Show Status Colours on Bug Listings'), 'showcolours', $user['showcolours']);
161
162 foreach ($bugsys->datastore['language'] AS $language)
163 {
164 $admin->list_item($language['title'], $language['languageid'], ($user['languageid'] == $language['languageid']));
165 }
166 $admin->row_list($lang->string('Language'), 'languageid');
167
168 foreach ($datef->fetch_timezone_list() AS $value => $string)
169 {
170 $admin->list_item($string, $value, ($user['timezone'] == $value));
171 }
172 $admin->row_list($lang->string('Timezone'), 'timezone');
173
174 $admin->row_submit(($edit ? '<a href="user.php?do=delete&amp;userid=' . $user['userid'] . '">[' . $lang->string('Delete') . ']</a>' : ''), ':save:', ':reset:', 4);
175
176 $admin->table_end();
177 $admin->form_end();
178
179 $admin->page_end();
180 }
181
182 // ###################################################################
183
184 if ($_REQUEST['do'] == 'search')
185 {
186 $fail = false;
187
188 if (is_numeric($bugsys->in['userdata']))
189 {
190 if ($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = " . intval($bugsys->in['userdata'])))
191 {
192 header('Location: user.php?do=edit&userid=' . intval($bugsys->in['userdata']));
193 }
194 else
195 {
196 $fail = true;
197 }
198 }
199 else
200 {
201 $bugsys->in['userdata'] = str_replace('%', '\%', $bugsys->in['userdata']);
202 $results = $db->query("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . $bugsys->in['userdata'] . "%' OR displayname LIKE '%" . $bugsys->in['userdata'] . "%'");
203
204 if ($db->num_rows($results) < 1)
205 {
206 $fail = true;
207 }
208 else
209 {
210 $admin->page_start($lang->string('Search Results'));
211
212 $admin->table_start();
213 $admin->table_head($lang->string('Search Results'), 4);
214 $admin->table_column_head(array($lang->string('Display Name'), $lang->string('Email'), $lang->string('User ID'), $lang->string('Actions')));
215
216 while ($row = $db->fetch_array($results))
217 {
218 $admin->row_multi_item(array(
219 $row['displayname'] => 'l',
220 $row['email'] => 'c',
221 $row['userid'] => 'c',
222 '<a href="user.php?do=edit&amp;userid=' . $row['userid'] . '">[' . $lang->string('Edit') . ']</a>' => 'c'
223 ));
224 }
225
226 $admin->table_end();
227
228 $admin->page_end();
229 }
230 }
231
232 if ($fail)
233 {
234 $admin->error($lang->string('Sorry, we could not find any users that matched your criteria.'));
235 }
236 }
237
238 // ###################################################################
239
240 if ($_REQUEST['do'] == 'modify')
241 {
242 $admin->page_start($lang->string('User Search'));
243
244 $admin->form_start('user.php', 'search');
245 $admin->table_start(true, '45%');
246
247 $admin->table_head($lang->string('User Search'), 2, 'user_manage');
248 $admin->row_input($lang->string('Name/Email/ID'), 'userdata');
249
250 $admin->row_submit('', ':save:', '');
251
252 $admin->table_end();
253 $admin->form_end();
254
255 $admin->page_end();
256 }
257
258 /*=====================================================================*\
259 || ###################################################################
260 || # $HeadURL$
261 || # $Id$
262 || ###################################################################
263 \*=====================================================================*/
264 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.