source: admin/user.php @ 181:3780e380ea69

Visit:

Revision 181:3780e380ea69, 9.3 KB checked in by Franck <carnet.franck.paul@…>, 14 years ago (diff)
Mise en place note à propos du mot de passe

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2010 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$page_title = __('new user');
18
19	$user_id = '';
20	$user_super = '';
21	$user_pwd = '';
22	$user_change_pwd = '';
23	$user_name = '';
24	$user_firstname = '';
25	$user_displayname = '';
26	$user_email = '';
27	$user_url = '';
28	$user_lang = $core->auth->getInfo('user_lang');
29	$user_tz = $core->auth->getInfo('user_tz');
30	$user_post_status = '';
31
32	$user_options = $core->userDefaults();
33
34	foreach ($core->getFormaters() as $v) {
35	$formaters_combo[$v] = $v;
36	}
37
38	foreach ($core->blog->getAllPostStatus() as $k => $v) {
39	$status_combo[$v] = $k;
40	}
41
42	# Language codes
43	$langs = l10n::getISOcodes(1,1);
44	foreach ($langs as $k => $v) {
45	$lang_avail = $v == 'en' \|\| is_dir(DC_L10N_ROOT.'/'.$v);
46	$lang_combo[] = new formSelectOption($k,$v,$lang_avail ? 'avail10n' : '');
47	}
48
49	# Get user if we have an ID
50	if (!empty($_REQUEST['id']))
51	{
52	try {
53	$rs = $core->getUser($_REQUEST['id']);
54
55	$user_id = $rs->user_id;
56	$user_super = $rs->user_super;
57	$user_pwd = $rs->user_pwd;
58	$user_change_pwd = $rs->user_change_pwd;
59	$user_name = $rs->user_name;
60	$user_firstname = $rs->user_firstname;
61	$user_displayname = $rs->user_displayname;
62	$user_email = $rs->user_email;
63	$user_url = $rs->user_url;
64	$user_lang = $rs->user_lang;
65	$user_tz = $rs->user_tz;
66	$user_post_status = $rs->user_post_status;
67
68	$user_options = array_merge($user_options,$rs->options());
69
70	$page_title = $user_id;
71	} catch (Exception $e) {
72	$core->error->add($e->getMessage());
73	}
74	}
75
76	# Add or update user
77	if (isset($_POST['user_name']))
78	{
79	try
80	{
81	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
82	throw new Exception(__('Password verification failed'));
83	}
84
85	$cur = $core->con->openCursor($core->prefix.'user');
86
87	$cur->user_id = $_POST['user_id'];
88	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
89	$cur->user_name = $user_name = $_POST['user_name'];
90	$cur->user_firstname = $user_firstname = $_POST['user_firstname'];
91	$cur->user_displayname = $user_displayname = $_POST['user_displayname'];
92	$cur->user_email = $user_email = $_POST['user_email'];
93	$cur->user_url = $user_url = $_POST['user_url'];
94	$cur->user_lang = $user_lang = $_POST['user_lang'];
95	$cur->user_tz = $user_tz = $_POST['user_tz'];
96	$cur->user_post_status = $user_post_status = $_POST['user_post_status'];
97
98	if ($core->auth->allowPassChange()) {
99	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
100	}
101
102	if (!empty($_POST['new_pwd'])) {
103	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
104	throw new Exception(__("Passwords don't match"));
105	} else {
106	$cur->user_pwd = $_POST['new_pwd'];
107	}
108	}
109
110	$user_options['post_format'] = $_POST['user_post_format'];
111	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
112
113	if ($user_options['edit_size'] < 1) {
114	$user_options['edit_size'] = 10;
115	}
116
117	$cur->user_options = new ArrayObject($user_options);
118
119	# Udate user
120	if ($user_id)
121	{
122	# --BEHAVIOR-- adminBeforeUserUpdate
123	$core->callBehavior('adminBeforeUserUpdate',$cur,$user_id);
124
125	$new_id = $core->updUser($user_id,$cur);
126
127	# --BEHAVIOR-- adminAfterUserUpdate
128	$core->callBehavior('adminAfterUserUpdate',$cur,$new_id);
129
130	if ($user_id == $core->auth->userID() &&
131	$user_id != $new_id) {
132	$core->session->destroy();
133	}
134
135	http::redirect('user.php?id='.$new_id.'&upd=1');
136	}
137	# Add user
138	else
139	{
140	if ($core->getUsers(array('user_id' => $cur->user_id),true)->f(0) > 0) {
141	throw new Exception(sprintf(__('User "%s" already exists.'),html::escapeHTML($cur->user_id)));
142	}
143
144	# --BEHAVIOR-- adminBeforeUserCreate
145	$core->callBehavior('adminBeforeUserCreate',$cur);
146
147	$new_id = $core->addUser($cur);
148
149	# --BEHAVIOR-- adminAfterUserCreate
150	$core->callBehavior('adminAfterUserCreate',$cur,$new_id);
151
152	http::redirect('user.php?id='.$new_id.'&add=1');
153	}
154	}
155	catch (Exception $e)
156	{
157	$core->error->add($e->getMessage());
158	}
159	}
160
161
162	/* DISPLAY
163	-------------------------------------------------------- */
164	dcPage::open($page_title,
165	dcPage::jsConfirmClose('user-form').
166
167	# --BEHAVIOR-- adminUserHeaders
168	$core->callBehavior('adminUserHeaders')
169	);
170
171	if (!empty($_GET['upd'])) {
172	echo '<p class="message">'.__('User has been successfully updated.').'</p>';
173	}
174
175	if (!empty($_GET['add'])) {
176	echo '<p class="message">'.__('User has been successfully created.').'</p>';
177	}
178
179	echo '<h2><a href="users.php">'.__('Users').'</a> &rsaquo; '.$page_title.'</h2>';
180
181	if ($user_id == $core->auth->userID()) {
182	echo
183	'<p class="warning">'.__('Warning:').' '.
184	__('If you change your username, you will have to log in again.').'</p>';
185	}
186
187	echo
188	'<form action="user.php" method="post" id="user-form">'.
189	'<fieldset><legend>'.__('User information').'</legend>'.
190	'<div class="two-cols">'.
191	'<div class="col">'.
192	'<p><label for="user_id" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Username:').' '.
193	form::field('user_id',20,255,html::escapeHTML($user_id),'',2).
194	'</label></p>'.
195	'<p class="form-note">'.__('At least 2 characters using letters, numbers or symbols.').'</p>'.
196
197	'<p><label for="new_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
198	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').
199	($user_id != '' ? __('New password:') : __('Password:')).' '.
200	form::password('new_pwd',20,255,'','',3).
201	'</label></p>'.
202	'<p class="form-note">'.__('Password must contain at least 6 characters.').'</p>'.
203
204	'<p><label for="new_pwd_c" '.($user_id != '' ? '' : 'class="required"').'>'.
205	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Confirm password:').' '.
206	form::password('new_pwd_c',20,255,'','',4).
207	'</label></p>'.
208
209	'<p><label for="user_name">'.__('Last Name:').' '.
210	form::field('user_name',20,255,html::escapeHTML($user_name),'',5).
211	'</label></p>'.
212
213	'<p><label for="user_firstname">'.__('First Name:').' '.
214	form::field('user_firstname',20,255,html::escapeHTML($user_firstname),'',6).
215	'</label></p>'.
216
217	'<p><label for="user_displayname">'.__('Display name:').' '.
218	form::field('user_displayname',20,255,html::escapeHTML($user_displayname),'',7).
219	'</label></p>'.
220
221	'<p><label for="user_email">'.__('Email:').' '.
222	form::field('user_email',20,255,html::escapeHTML($user_email),'',8).
223	'</label></p>'.
224	'</div>'.
225
226	'<div class="col">'.
227	'<p><label for="user_url">'.__('URL:').' '.
228	form::field('user_url',30,255,html::escapeHTML($user_url),'',9).
229	'</label></p>'.
230	'<p><label for="user_post_format">'.__('Preferred format:').' '.
231	form::combo('user_post_format',$formaters_combo,$user_options['post_format'],'',10).
232	'</label></p>'.
233
234	'<p><label for="user_post_status">'.__('Default entry status:').' '.
235	form::combo('user_post_status',$status_combo,$user_post_status,'',11).
236	'</label></p>'.
237
238	'<p><label>'.__('Entry edit field height:').' '.
239	form::field('user_edit_size',5,4,(integer) $user_options['edit_size'],'',12).
240	'</label></p>'.
241
242	'<p><label for="user_edit_size">'.__('User language:').' '.
243	form::combo('user_lang',$lang_combo,$user_lang,'l10n',13).
244	'</label></p>'.
245
246	'<p><label for="user_tz">'.__('User timezone:').' '.
247	form::combo('user_tz',dt::getZones(true,true),$user_tz,'',14).
248	'</label></p>';
249
250	if ($core->auth->allowPassChange()) {
251	echo
252	'<p><label for="user_change_pwd" class="classic">'.
253	form::checkbox('user_change_pwd','1',$user_change_pwd,'',15).' '.
254	__('Password change required to connect').'</label></p>';
255	}
256
257	echo
258	'<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'',16).' '.
259	__('Super administrator').'</label></p>'.
260	'</div>'.
261	'</div>'.
262	'</fieldset>';
263
264	# --BEHAVIOR-- adminUserForm
265	$core->callBehavior('adminUserForm',isset($rs) ? $rs : null);
266
267	echo
268	'<fieldset>'.
269	'<p><label for="your_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
270	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Your password:').
271	form::password('your_pwd',20,255,'','',17).'</label></p>'.
272	'</fieldset>'.
273	'<p class="clear"><input type="submit" accesskey="s" value="'.__('Save').'" tabindex="16" />'.
274	($user_id != '' ? form::hidden('id',$user_id) : '').
275	$core->formNonce().
276	'</p>'.
277
278	'</form>';
279
280	if ($user_id)
281	{
282	echo '<fieldset class="clear"><legend>'.__('Permissions').'</legend>';
283
284	$permissions = $core->getUserPermissions($user_id);
285	$perm_types = $core->auth->getPermissionsTypes();
286
287	if (count($permissions) == 0)
288	{
289	echo '<p>'.__('No permissions.').'</p>';
290	}
291	else
292	{
293	foreach ($permissions as $k => $v)
294	{
295	if (count($v['p']) > 0)
296	{
297	echo '<h4><a href="blog.php?id='.html::escapeHTML($k).'">'.
298	html::escapeHTML($v['name']).'</a> ('.html::escapeHTML($k).') - '.
299	'<a href="permissions.php?blog_id[]='.$k.'&user_id[]='.$user_id.'">'
300	.__('change permissions').'</a></h4>';
301
302	echo '<ul>';
303	foreach ($v['p'] as $p => $V) {
304	if (isset($perm_types[$p])) {
305	echo '<li>'.__($perm_types[$p]).'</li>';
306	}
307	}
308	echo '</ul>';
309	}
310	}
311	}
312
313	echo
314	'<p><a href="permissions_blog.php?user_id[]='.$user_id.'">'.
315	__('Add new permissions').'</a></p>'.
316	'</fieldset>';
317	}
318
319	dcPage::helpBlock('core_user');
320	dcPage::close();
321	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 181:3780e380ea69

Download in other formats:

Sites map