source: admin/user.php @ 1620:542c321dc040

Visit:

Revision 1620:542c321dc040, 11.7 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
Merge 2.5 into default

Rev	Line
[175]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[1179]	6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
[175]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12
	13	require dirname(__FILE__).'/../inc/admin/prepend.php';
	14
	15	dcPage::checkSuper();
	16
[1305]	17	$page_title = __('New user');
[175]	18
	19	$user_id = '';
	20	$user_super = '';
	21	$user_pwd = '';
	22	$user_change_pwd = '';
	23	$user_name = '';
	24	$user_firstname = '';
	25	$user_displayname = '';
	26	$user_email = '';
	27	$user_url = '';
	28	$user_lang = $core->auth->getInfo('user_lang');
	29	$user_tz = $core->auth->getInfo('user_tz');
	30	$user_post_status = '';
	31
	32	$user_options = $core->userDefaults();
	33
	34	foreach ($core->getFormaters() as $v) {
	35	$formaters_combo[$v] = $v;
	36	}
	37
	38	foreach ($core->blog->getAllPostStatus() as $k => $v) {
	39	$status_combo[$v] = $k;
	40	}
	41
	42	# Language codes
	43	$langs = l10n::getISOcodes(1,1);
	44	foreach ($langs as $k => $v) {
	45	$lang_avail = $v == 'en' \|\| is_dir(DC_L10N_ROOT.'/'.$v);
	46	$lang_combo[] = new formSelectOption($k,$v,$lang_avail ? 'avail10n' : '');
	47	}
	48
	49	# Get user if we have an ID
	50	if (!empty($_REQUEST['id']))
	51	{
	52	try {
	53	$rs = $core->getUser($_REQUEST['id']);
	54
	55	$user_id = $rs->user_id;
	56	$user_super = $rs->user_super;
	57	$user_pwd = $rs->user_pwd;
	58	$user_change_pwd = $rs->user_change_pwd;
	59	$user_name = $rs->user_name;
	60	$user_firstname = $rs->user_firstname;
	61	$user_displayname = $rs->user_displayname;
	62	$user_email = $rs->user_email;
	63	$user_url = $rs->user_url;
	64	$user_lang = $rs->user_lang;
	65	$user_tz = $rs->user_tz;
	66	$user_post_status = $rs->user_post_status;
	67
	68	$user_options = array_merge($user_options,$rs->options());
	69
	70	$page_title = $user_id;
	71	} catch (Exception $e) {
	72	$core->error->add($e->getMessage());
	73	}
	74	}
	75
	76	# Add or update user
	77	if (isset($_POST['user_name']))
	78	{
	79	try
	80	{
	81	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
	82	throw new Exception(__('Password verification failed'));
	83	}
	84
	85	$cur = $core->con->openCursor($core->prefix.'user');
	86
	87	$cur->user_id = $_POST['user_id'];
	88	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
	89	$cur->user_name = $user_name = $_POST['user_name'];
	90	$cur->user_firstname = $user_firstname = $_POST['user_firstname'];
	91	$cur->user_displayname = $user_displayname = $_POST['user_displayname'];
	92	$cur->user_email = $user_email = $_POST['user_email'];
	93	$cur->user_url = $user_url = $_POST['user_url'];
	94	$cur->user_lang = $user_lang = $_POST['user_lang'];
	95	$cur->user_tz = $user_tz = $_POST['user_tz'];
	96	$cur->user_post_status = $user_post_status = $_POST['user_post_status'];
	97
[313]	98	if ($cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {
	99	// force super_user to true if current user
	100	$cur->user_super = $user_super = true;
	101	}
[175]	102	if ($core->auth->allowPassChange()) {
	103	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
	104	}
	105
	106	if (!empty($_POST['new_pwd'])) {
	107	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
	108	throw new Exception(__("Passwords don't match"));
	109	} else {
	110	$cur->user_pwd = $_POST['new_pwd'];
	111	}
	112	}
	113
	114	$user_options['post_format'] = $_POST['user_post_format'];
	115	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
	116
	117	if ($user_options['edit_size'] < 1) {
	118	$user_options['edit_size'] = 10;
	119	}
	120
	121	$cur->user_options = new ArrayObject($user_options);
	122
	123	# Udate user
	124	if ($user_id)
	125	{
	126	# --BEHAVIOR-- adminBeforeUserUpdate
	127	$core->callBehavior('adminBeforeUserUpdate',$cur,$user_id);
	128
	129	$new_id = $core->updUser($user_id,$cur);
	130
	131	# --BEHAVIOR-- adminAfterUserUpdate
	132	$core->callBehavior('adminAfterUserUpdate',$cur,$new_id);
	133
	134	if ($user_id == $core->auth->userID() &&
	135	$user_id != $new_id) {
	136	$core->session->destroy();
	137	}
	138
	139	http::redirect('user.php?id='.$new_id.'&upd=1');
	140	}
	141	# Add user
	142	else
	143	{
	144	if ($core->getUsers(array('user_id' => $cur->user_id),true)->f(0) > 0) {
	145	throw new Exception(sprintf(__('User "%s" already exists.'),html::escapeHTML($cur->user_id)));
	146	}
	147
	148	# --BEHAVIOR-- adminBeforeUserCreate
	149	$core->callBehavior('adminBeforeUserCreate',$cur);
	150
	151	$new_id = $core->addUser($cur);
	152
	153	# --BEHAVIOR-- adminAfterUserCreate
	154	$core->callBehavior('adminAfterUserCreate',$cur,$new_id);
	155
[547]	156	if (!empty($_POST['saveplus'])) {
	157	http::redirect('user.php?add=1');
	158	} else {
	159	http::redirect('user.php?id='.$new_id.'&add=1');
	160	}
[175]	161	}
	162	}
	163	catch (Exception $e)
	164	{
	165	$core->error->add($e->getMessage());
	166	}
	167	}
	168
	169
	170	/* DISPLAY
	171	-------------------------------------------------------- */
	172	dcPage::open($page_title,
	173	dcPage::jsConfirmClose('user-form').
[1583]	174	dcPage::jsLoad('js/jquery/jquery.pwstrength.js').
	175	'<script type="text/javascript">'."\n".
	176	"//<![CDATA[\n".
	177	"\$(function() {\n".
	178	" \$('#new_pwd').pwstrength({texts: ['".
	179	sprintf(__('Password strength: %s'),__('very weak'))."', '".
	180	sprintf(__('Password strength: %s'),__('weak'))."', '".
	181	sprintf(__('Password strength: %s'),__('mediocre'))."', '".
	182	sprintf(__('Password strength: %s'),__('strong'))."', '".
	183	sprintf(__('Password strength: %s'),__('very strong'))."']});\n".
	184	"});\n".
	185	"\n//]]>\n".
	186	"</script>\n".
[175]	187
	188	# --BEHAVIOR-- adminUserHeaders
[1358]	189	$core->callBehavior('adminUserHeaders'),
	190
	191	dcPage::breadcrumb(
	192	array(
	193	__('System') => '',
	194	__('Users') => 'users.php',
	195	'<span class="page-title">'.$page_title.'</span>' => ''
	196	))
[175]	197	);
	198
	199	if (!empty($_GET['upd'])) {
[1554]	200	dcPage::success(__('User has been successfully updated.'));
[175]	201	}
	202
	203	if (!empty($_GET['add'])) {
[1553]	204	dcPage::success(__('User has been successfully created.'));
[175]	205	}
	206
[1609]	207	echo
	208	'<form action="user.php" method="post" id="user-form" class="fieldset">'.
	209	'<div class="two-cols">'.
	210
	211	'<div class="col">'.
	212	'<h3>'.__('User profile').'</h3>'.
	213
	214	'<p><label for="user_id" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('User ID:').'</label> '.
	215	form::field('user_id',20,255,html::escapeHTML($user_id)).
	216	'</p>'.
	217	'<p class="form-note">'.__('At least 2 characters using letters, numbers or symbols.').'</p>';
[175]	218
	219	if ($user_id == $core->auth->userID()) {
	220	echo
	221	'<p class="warning">'.__('Warning:').' '.
	222	__('If you change your username, you will have to log in again.').'</p>';
	223	}
	224
	225	echo
	226	'<form action="user.php" method="post" id="user-form">'.
	227	'<fieldset><legend>'.__('User information').'</legend>'.
	228	'<div class="two-cols">'.
	229	'<div class="col">'.
	230	'<p><label for="user_id" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Username:').' '.
[454]	231	form::field('user_id',20,255,html::escapeHTML($user_id)).
[175]	232	'</label></p>'.
	233	'<p class="form-note">'.__('At least 2 characters using letters, numbers or symbols.').'</p>'.
	234
[1583]	235	'<div class="pw-table">'.
	236	'<p class="pw-cell">'.
	237	'<label for="new_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
	238	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').
	239	($user_id != '' ? __('New password:') : __('Password:')).'</label>'.
	240	form::password('new_pwd',20,255,'','','',false,' data-indicator="pwindicator" ').
	241	'</p>'.
	242	'<div id="pwindicator">'.
	243	' <div class="bar"></div>'.
	244	' <p class="label no-margin"></p>'.
	245	'</div>'.
	246	'</div>'.
[181]	247	'<p class="form-note">'.__('Password must contain at least 6 characters.').'</p>'.
[175]	248
[177]	249	'<p><label for="new_pwd_c" '.($user_id != '' ? '' : 'class="required"').'>'.
[1399]	250	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Confirm password:').'</label> '.
[454]	251	form::password('new_pwd_c',20,255).
[1609]	252	'</p>';
[175]	253
	254	if ($core->auth->allowPassChange()) {
	255	echo
	256	'<p><label for="user_change_pwd" class="classic">'.
[454]	257	form::checkbox('user_change_pwd','1',$user_change_pwd).' '.
[175]	258	__('Password change required to connect').'</label></p>';
	259	}
	260
[313]	261	$super_disabled = $user_super && $user_id == $core->auth->userID();
[175]	262	echo
[454]	263	'<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'','',$super_disabled).' '.
[175]	264	__('Super administrator').'</label></p>'.
[1179]	265
[1399]	266	'<p><label for="user_name">'.__('Last Name:').'</label> '.
[1179]	267	form::field('user_name',20,255,html::escapeHTML($user_name)).
[1399]	268	'</p>'.
[1179]	269
[1399]	270	'<p><label for="user_firstname">'.__('First Name:').'</label> '.
[1179]	271	form::field('user_firstname',20,255,html::escapeHTML($user_firstname)).
[1474]	272	'</p>'.
[1179]	273
[1474]	274	'<p><label for="user_displayname">'.__('Display name:').'</label> '.
[1179]	275	form::field('user_displayname',20,255,html::escapeHTML($user_displayname)).
[1399]	276	'</p>'.
[1179]	277
[1399]	278	'<p><label for="user_email">'.__('Email:').'</label> '.
[1179]	279	form::field('user_email',20,255,html::escapeHTML($user_email)).
[1399]	280	'</p>'.
[1179]	281	'<p class="form-note">'.__('Mandatory for password recovering procedure.').'</p>'.
[1609]	282
	283	'<p><label for="user_url">'.__('URL:').'</label> '.
	284	form::field('user_url',30,255,html::escapeHTML($user_url)).
	285	'</p>'.
[175]	286	'</div>'.
[1179]	287
	288	'<div class="col">'.
[1609]	289	'<h3>'.__('Options').'</h3>'.
	290	'<h4>'.__('Interface').'</h4>'.
	291	'<p><label for="user_lang">'.__('Language:').'</label> '.
	292	form::combo('user_lang',$lang_combo,$user_lang,'l10n').
[1399]	293	'</p>'.
[1609]	294
	295	'<p><label for="user_tz">'.__('Timezone:').'</label> '.
	296	form::combo('user_tz',dt::getZones(true,true),$user_tz).
	297	'</p>'.
	298
	299	'<h4>'.__('Edition').'</h4>'.
[1399]	300	'<p><label for="user_post_format">'.__('Preferred format:').'</label> '.
[1179]	301	form::combo('user_post_format',$formaters_combo,$user_options['post_format']).
[1399]	302	'</p>'.
[1179]	303
[1399]	304	'<p><label for="user_post_status">'.__('Default entry status:').'</label> '.
[1179]	305	form::combo('user_post_status',$status_combo,$user_post_status).
[1399]	306	'</p>'.
[1179]	307
[1399]	308	'<p><label for="user_edit_size">'.__('Entry edit field height:').'</label> '.
[1179]	309	form::field('user_edit_size',5,4,(integer) $user_options['edit_size']).
[1399]	310	'</p>';
[175]	311
	312	# --BEHAVIOR-- adminUserForm
	313	$core->callBehavior('adminUserForm',isset($rs) ? $rs : null);
	314
[1609]	315	echo
	316	'</div>'.
	317	'</div>';
	318
	319
[175]	320	echo
[1609]	321	'<p class="clear border-top"><label for="your_pwd" class="required">'.
	322	'<abbr title="'.__('Required field').'">*</abbr> '.__('Your password:').'</label>'.
[1399]	323	form::password('your_pwd',20,255).'</p>'.
[547]	324	'<p class="clear"><input type="submit" name="save" accesskey="s" value="'.__('Save').'" />'.
	325	($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="'.__('Save and create another').'" />').
[175]	326	($user_id != '' ? form::hidden('id',$user_id) : '').
	327	$core->formNonce().
	328	'</p>'.
	329
	330	'</form>';
	331
	332	if ($user_id)
	333	{
[1609]	334	echo '<div class="clear fieldset">'.
	335	'<h3>'.__('Permissions').'</h3>';
	336
	337	if (!$user_super)
[175]	338	{
[1609]	339	echo
	340	'<form action="users_actions.php" method="post">'.
	341	'<p><input type="submit" value="'.__('Add new permissions').'" />'.
	342	form::hidden(array('redir'),'user.php?id='.$user_id).
	343	form::hidden(array('action'),'blogs').
	344	form::hidden(array('users[]'),$user_id).
	345	$core->formNonce().
	346	'</p>'.
	347	'</form>';
	348
	349	$permissions = $core->getUserPermissions($user_id);
	350	$perm_types = $core->auth->getPermissionsTypes();
	351
	352	if (count($permissions) == 0)
[175]	353	{
[1609]	354	echo '<p>'.__('No permissions so far.').'</p>';
	355	}
	356	else
	357	{
	358	foreach ($permissions as $k => $v)
[175]	359	{
[1609]	360	if (count($v['p']) > 0)
	361	{
	362	echo
	363	'<form action="users_actions.php" method="post">'.
	364	'<p class="blog-perm">'.__('Blog:').' <a href="blog.php?id='.html::escapeHTML($k).'">'.
	365	html::escapeHTML($v['name']).'</a> ('.html::escapeHTML($k).')</p>';
	366
	367	echo '<ul class="ul-perm">';
	368	foreach ($v['p'] as $p => $V) {
	369	if (isset($perm_types[$p])) {
	370	echo '<li>'.__($perm_types[$p]).'</li>';
	371	}
[175]	372	}
[1609]	373	echo
	374	'</ul>'.
	375	'<p class="add-perm"><input type="submit" class="reset" value="'.__('Change permissions').'" />'.
	376	form::hidden(array('redir'),'user.php?id='.$user_id).
	377	form::hidden(array('action'),'perms').
	378	form::hidden(array('users[]'),$user_id).
	379	form::hidden(array('blogs[]'),$k).
	380	$core->formNonce().
	381	'</p>'.
	382	'</form>';
[175]	383	}
	384	}
[1609]	385	}
	386
	387	}
	388	else {
	389	echo '<p>'.sprintf(__('User %s is super admin.'),$user_id).'</p>';
	390	}
[860]	391	echo '</div>';
[175]	392	}
	393
	394	dcPage::helpBlock('core_user');
	395	dcPage::close();
[1620]	396	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 1620:542c321dc040

Download in other formats:

Sites map