source: admin/user.php @ 907:da55072f8b87

Visit:

Revision 907:da55072f8b87, 10.2 KB checked in by franck <carnet.franck.paul@…>, 13 years ago (diff)
Add timestamp on information message, fixes #1189

Rev	Line
[175]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[270]	6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
[175]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12
	13	require dirname(__FILE__).'/../inc/admin/prepend.php';
	14
	15	dcPage::checkSuper();
	16
	17	$page_title = __('new user');
	18
	19	$user_id = '';
	20	$user_super = '';
	21	$user_pwd = '';
	22	$user_change_pwd = '';
	23	$user_name = '';
	24	$user_firstname = '';
	25	$user_displayname = '';
	26	$user_email = '';
	27	$user_url = '';
	28	$user_lang = $core->auth->getInfo('user_lang');
	29	$user_tz = $core->auth->getInfo('user_tz');
	30	$user_post_status = '';
	31
	32	$user_options = $core->userDefaults();
	33
	34	foreach ($core->getFormaters() as $v) {
	35	$formaters_combo[$v] = $v;
	36	}
	37
	38	foreach ($core->blog->getAllPostStatus() as $k => $v) {
	39	$status_combo[$v] = $k;
	40	}
	41
	42	# Language codes
	43	$langs = l10n::getISOcodes(1,1);
	44	foreach ($langs as $k => $v) {
	45	$lang_avail = $v == 'en' \|\| is_dir(DC_L10N_ROOT.'/'.$v);
	46	$lang_combo[] = new formSelectOption($k,$v,$lang_avail ? 'avail10n' : '');
	47	}
	48
	49	# Get user if we have an ID
	50	if (!empty($_REQUEST['id']))
	51	{
	52	try {
	53	$rs = $core->getUser($_REQUEST['id']);
	54
	55	$user_id = $rs->user_id;
	56	$user_super = $rs->user_super;
	57	$user_pwd = $rs->user_pwd;
	58	$user_change_pwd = $rs->user_change_pwd;
	59	$user_name = $rs->user_name;
	60	$user_firstname = $rs->user_firstname;
	61	$user_displayname = $rs->user_displayname;
	62	$user_email = $rs->user_email;
	63	$user_url = $rs->user_url;
	64	$user_lang = $rs->user_lang;
	65	$user_tz = $rs->user_tz;
	66	$user_post_status = $rs->user_post_status;
	67
	68	$user_options = array_merge($user_options,$rs->options());
	69
	70	$page_title = $user_id;
	71	} catch (Exception $e) {
	72	$core->error->add($e->getMessage());
	73	}
	74	}
	75
	76	# Add or update user
	77	if (isset($_POST['user_name']))
	78	{
	79	try
	80	{
	81	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
	82	throw new Exception(__('Password verification failed'));
	83	}
	84
	85	$cur = $core->con->openCursor($core->prefix.'user');
	86
	87	$cur->user_id = $_POST['user_id'];
	88	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
	89	$cur->user_name = $user_name = $_POST['user_name'];
	90	$cur->user_firstname = $user_firstname = $_POST['user_firstname'];
	91	$cur->user_displayname = $user_displayname = $_POST['user_displayname'];
	92	$cur->user_email = $user_email = $_POST['user_email'];
	93	$cur->user_url = $user_url = $_POST['user_url'];
	94	$cur->user_lang = $user_lang = $_POST['user_lang'];
	95	$cur->user_tz = $user_tz = $_POST['user_tz'];
	96	$cur->user_post_status = $user_post_status = $_POST['user_post_status'];
	97
[313]	98	if ($cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {
	99	// force super_user to true if current user
	100	$cur->user_super = $user_super = true;
	101	}
[175]	102	if ($core->auth->allowPassChange()) {
	103	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
	104	}
	105
	106	if (!empty($_POST['new_pwd'])) {
	107	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
	108	throw new Exception(__("Passwords don't match"));
	109	} else {
	110	$cur->user_pwd = $_POST['new_pwd'];
	111	}
	112	}
	113
	114	$user_options['post_format'] = $_POST['user_post_format'];
	115	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
	116
	117	if ($user_options['edit_size'] < 1) {
	118	$user_options['edit_size'] = 10;
	119	}
	120
	121	$cur->user_options = new ArrayObject($user_options);
	122
	123	# Udate user
	124	if ($user_id)
	125	{
	126	# --BEHAVIOR-- adminBeforeUserUpdate
	127	$core->callBehavior('adminBeforeUserUpdate',$cur,$user_id);
	128
	129	$new_id = $core->updUser($user_id,$cur);
	130
	131	# --BEHAVIOR-- adminAfterUserUpdate
	132	$core->callBehavior('adminAfterUserUpdate',$cur,$new_id);
	133
	134	if ($user_id == $core->auth->userID() &&
	135	$user_id != $new_id) {
	136	$core->session->destroy();
	137	}
	138
	139	http::redirect('user.php?id='.$new_id.'&upd=1');
	140	}
	141	# Add user
	142	else
	143	{
	144	if ($core->getUsers(array('user_id' => $cur->user_id),true)->f(0) > 0) {
	145	throw new Exception(sprintf(__('User "%s" already exists.'),html::escapeHTML($cur->user_id)));
	146	}
	147
	148	# --BEHAVIOR-- adminBeforeUserCreate
	149	$core->callBehavior('adminBeforeUserCreate',$cur);
	150
	151	$new_id = $core->addUser($cur);
	152
	153	# --BEHAVIOR-- adminAfterUserCreate
	154	$core->callBehavior('adminAfterUserCreate',$cur,$new_id);
	155
[547]	156	if (!empty($_POST['saveplus'])) {
	157	http::redirect('user.php?add=1');
	158	} else {
	159	http::redirect('user.php?id='.$new_id.'&add=1');
	160	}
[175]	161	}
	162	}
	163	catch (Exception $e)
	164	{
	165	$core->error->add($e->getMessage());
	166	}
	167	}
	168
	169
	170	/* DISPLAY
	171	-------------------------------------------------------- */
	172	dcPage::open($page_title,
	173	dcPage::jsConfirmClose('user-form').
	174
	175	# --BEHAVIOR-- adminUserHeaders
	176	$core->callBehavior('adminUserHeaders')
	177	);
	178
	179	if (!empty($_GET['upd'])) {
[907]	180	dcPage::message(__('User has been successfully updated.'));
[175]	181	}
	182
	183	if (!empty($_GET['add'])) {
[907]	184	dcPage::message(__('User has been successfully created.'));
[175]	185	}
	186
[501]	187	echo '<h2><a href="users.php">'.__('Users').'</a> &rsaquo; <span class="page-title">'.$page_title.'</span></h2>';
[175]	188
	189	if ($user_id == $core->auth->userID()) {
	190	echo
	191	'<p class="warning">'.__('Warning:').' '.
	192	__('If you change your username, you will have to log in again.').'</p>';
	193	}
	194
	195	echo
	196	'<form action="user.php" method="post" id="user-form">'.
	197	'<fieldset><legend>'.__('User information').'</legend>'.
	198	'<div class="two-cols">'.
	199	'<div class="col">'.
	200	'<p><label for="user_id" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Username:').' '.
[454]	201	form::field('user_id',20,255,html::escapeHTML($user_id)).
[175]	202	'</label></p>'.
	203	'<p class="form-note">'.__('At least 2 characters using letters, numbers or symbols.').'</p>'.
	204
[177]	205	'<p><label for="new_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
	206	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').
[176]	207	($user_id != '' ? __('New password:') : __('Password:')).' '.
[454]	208	form::password('new_pwd',20,255).
[175]	209	'</label></p>'.
[181]	210	'<p class="form-note">'.__('Password must contain at least 6 characters.').'</p>'.
[175]	211
[177]	212	'<p><label for="new_pwd_c" '.($user_id != '' ? '' : 'class="required"').'>'.
	213	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Confirm password:').' '.
[454]	214	form::password('new_pwd_c',20,255).
[175]	215	'</label></p>'.
	216
	217	'<p><label for="user_name">'.__('Last Name:').' '.
[454]	218	form::field('user_name',20,255,html::escapeHTML($user_name)).
[175]	219	'</label></p>'.
	220
	221	'<p><label for="user_firstname">'.__('First Name:').' '.
[454]	222	form::field('user_firstname',20,255,html::escapeHTML($user_firstname)).
[175]	223	'</label></p>'.
	224
	225	'<p><label for="user_displayname">'.__('Display name:').' '.
[454]	226	form::field('user_displayname',20,255,html::escapeHTML($user_displayname)).
[175]	227	'</label></p>'.
	228
	229	'<p><label for="user_email">'.__('Email:').' '.
[454]	230	form::field('user_email',20,255,html::escapeHTML($user_email)).
[175]	231	'</label></p>'.
[479]	232	'<p class="form-note">'.__('Mandatory for password recovering procedure.').'</p>'.
[175]	233	'</div>'.
	234
	235	'<div class="col">'.
	236	'<p><label for="user_url">'.__('URL:').' '.
[454]	237	form::field('user_url',30,255,html::escapeHTML($user_url)).
[175]	238	'</label></p>'.
	239	'<p><label for="user_post_format">'.__('Preferred format:').' '.
[454]	240	form::combo('user_post_format',$formaters_combo,$user_options['post_format']).
[175]	241	'</label></p>'.
	242
	243	'<p><label for="user_post_status">'.__('Default entry status:').' '.
[454]	244	form::combo('user_post_status',$status_combo,$user_post_status).
[175]	245	'</label></p>'.
	246
[230]	247	'<p><label for="user_edit_size">'.__('Entry edit field height:').' '.
[454]	248	form::field('user_edit_size',5,4,(integer) $user_options['edit_size']).
[175]	249	'</label></p>'.
	250
[230]	251	'<p><label for="user_lang">'.__('User language:').' '.
[454]	252	form::combo('user_lang',$lang_combo,$user_lang,'l10n').
[175]	253	'</label></p>'.
	254
	255	'<p><label for="user_tz">'.__('User timezone:').' '.
[454]	256	form::combo('user_tz',dt::getZones(true,true),$user_tz).
[175]	257	'</label></p>';
	258
	259	if ($core->auth->allowPassChange()) {
	260	echo
	261	'<p><label for="user_change_pwd" class="classic">'.
[454]	262	form::checkbox('user_change_pwd','1',$user_change_pwd).' '.
[175]	263	__('Password change required to connect').'</label></p>';
	264	}
	265
[313]	266	$super_disabled = $user_super && $user_id == $core->auth->userID();
	267
[175]	268	echo
[454]	269	'<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'','',$super_disabled).' '.
[175]	270	__('Super administrator').'</label></p>'.
	271	'</div>'.
	272	'</div>'.
	273	'</fieldset>';
	274
	275	# --BEHAVIOR-- adminUserForm
	276	$core->callBehavior('adminUserForm',isset($rs) ? $rs : null);
	277
	278	echo
[177]	279	'<p><label for="your_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
	280	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Your password:').
[454]	281	form::password('your_pwd',20,255).'</label></p>'.
[547]	282	'<p class="clear"><input type="submit" name="save" accesskey="s" value="'.__('Save').'" />'.
	283	($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="'.__('Save and create another').'" />').
[175]	284	($user_id != '' ? form::hidden('id',$user_id) : '').
	285	$core->formNonce().
	286	'</p>'.
	287
	288	'</form>';
	289
	290	if ($user_id)
	291	{
[860]	292	echo '<div class="clear fieldset"><h3>'.__('Permissions').'</h3>'.
	293	'<form action="users_actions.php" method="post">'.
	294	'<p><input type="submit" value="'.__('Add new permissions').'" />'.
	295	form::hidden(array('redir'),'user.php?id='.$user_id).
	296	form::hidden(array('action'),'blogs').
	297	form::hidden(array('users[]'),$user_id).
	298	$core->formNonce().
	299	'</p>'.
	300	'</form>';
[175]	301
	302	$permissions = $core->getUserPermissions($user_id);
	303	$perm_types = $core->auth->getPermissionsTypes();
	304
	305	if (count($permissions) == 0)
	306	{
	307	echo '<p>'.__('No permissions.').'</p>';
	308	}
	309	else
	310	{
	311	foreach ($permissions as $k => $v)
	312	{
	313	if (count($v['p']) > 0)
	314	{
[860]	315	echo
	316	'<form action="users_actions.php" method="post">'.
	317	'<h4><a href="blog.php?id='.html::escapeHTML($k).'">'.
	318	html::escapeHTML($v['name']).'</a> ('.html::escapeHTML($k).')</h4>';
[175]	319
	320	echo '<ul>';
	321	foreach ($v['p'] as $p => $V) {
	322	if (isset($perm_types[$p])) {
	323	echo '<li>'.__($perm_types[$p]).'</li>';
	324	}
	325	}
[860]	326	echo '</ul>'.
	327	'<p><input type="submit" value="'.__('Change permissions').'" />'.
	328	form::hidden(array('redir'),'user.php?id='.$user_id).
	329	form::hidden(array('action'),'perms').
	330	form::hidden(array('users[]'),$user_id).
	331	form::hidden(array('blogs[]'),$k).
	332	$core->formNonce().
	333	'</p>'.
	334	'</form>';
[175]	335	}
	336	}
	337	}
	338
[860]	339	echo '</div>';
[175]	340	}
	341
	342	dcPage::helpBlock('core_user');
	343	dcPage::close();
[0]	344	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 907:da55072f8b87

Download in other formats:

Sites map