source: admin/user.php @ 3730:5c45a5df9a59

Visit:

Revision 3730:5c45a5df9a59, 14.4 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)
Code formatting (PSR-2)

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__) . '/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$page_title = __('New user');
18
19	$user_id = '';
20	$user_super = '';
21	$user_pwd = '';
22	$user_change_pwd = '';
23	$user_name = '';
24	$user_firstname = '';
25	$user_displayname = '';
26	$user_email = '';
27	$user_url = '';
28	$user_lang = $core->auth->getInfo('user_lang');
29	$user_tz = $core->auth->getInfo('user_tz');
30	$user_post_status = '';
31
32	$user_options = $core->userDefaults();
33
34	# Formaters combo
35	$formaters_combo = dcAdminCombos::getFormatersCombo();
36
37	$status_combo = dcAdminCombos::getPostStatusesCombo();
38
39	# Language codes
40	$lang_combo = dcAdminCombos::getAdminLangsCombo();
41
42	# Get user if we have an ID
43	if (!empty($_REQUEST['id'])) {
44	try {
45	$rs = $core->getUser($_REQUEST['id']);
46
47	$user_id = $rs->user_id;
48	$user_super = $rs->user_super;
49	$user_pwd = $rs->user_pwd;
50	$user_change_pwd = $rs->user_change_pwd;
51	$user_name = $rs->user_name;
52	$user_firstname = $rs->user_firstname;
53	$user_displayname = $rs->user_displayname;
54	$user_email = $rs->user_email;
55	$user_url = $rs->user_url;
56	$user_lang = $rs->user_lang;
57	$user_tz = $rs->user_tz;
58	$user_post_status = $rs->user_post_status;
59
60	$user_options = array_merge($user_options, $rs->options());
61
62	$page_title = $user_id;
63	} catch (Exception $e) {
64	$core->error->add($e->getMessage());
65	}
66	}
67
68	# Add or update user
69	if (isset($_POST['user_name'])) {
70	try
71	{
72	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($_POST['your_pwd'])) {
73	throw new Exception(__('Password verification failed'));
74	}
75
76	$cur = $core->con->openCursor($core->prefix . 'user');
77
78	$cur->user_id = $_POST['user_id'];
79	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
80	$cur->user_name = $user_name = html::escapeHTML($_POST['user_name']);
81	$cur->user_firstname = $user_firstname = html::escapeHTML($_POST['user_firstname']);
82	$cur->user_displayname = $user_displayname = html::escapeHTML($_POST['user_displayname']);
83	$cur->user_email = $user_email = html::escapeHTML($_POST['user_email']);
84	$cur->user_url = $user_url = html::escapeHTML($_POST['user_url']);
85	$cur->user_lang = $user_lang = html::escapeHTML($_POST['user_lang']);
86	$cur->user_tz = $user_tz = html::escapeHTML($_POST['user_tz']);
87	$cur->user_post_status = $user_post_status = html::escapeHTML($_POST['user_post_status']);
88
89	if ($user_id && $cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {
90	// force super_user to true if current user
91	$cur->user_super = $user_super = true;
92	}
93	if ($core->auth->allowPassChange()) {
94	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
95	}
96
97	if (!empty($_POST['new_pwd'])) {
98	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
99	throw new Exception(__("Passwords don't match"));
100	} else {
101	$cur->user_pwd = $_POST['new_pwd'];
102	}
103	}
104
105	$user_options['post_format'] = html::escapeHTML($_POST['user_post_format']);
106	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
107
108	if ($user_options['edit_size'] < 1) {
109	$user_options['edit_size'] = 10;
110	}
111
112	$cur->user_options = new ArrayObject($user_options);
113
114	# Udate user
115	if ($user_id) {
116	# --BEHAVIOR-- adminBeforeUserUpdate
117	$core->callBehavior('adminBeforeUserUpdate', $cur, $user_id);
118
119	$new_id = $core->updUser($user_id, $cur);
120
121	# --BEHAVIOR-- adminAfterUserUpdate
122	$core->callBehavior('adminAfterUserUpdate', $cur, $new_id);
123
124	if ($user_id == $core->auth->userID() &&
125	$user_id != $new_id) {
126	$core->session->destroy();
127	}
128
129	dcPage::addSuccessNotice(__('User has been successfully updated.'));
130	$core->adminurl->redirect("admin.user", array('id' => $new_id));
131	}
132	# Add user
133	else {
134	if ($core->getUsers(array('user_id' => $cur->user_id), true)->f(0) > 0) {
135	throw new Exception(sprintf(__('User "%s" already exists.'), html::escapeHTML($cur->user_id)));
136	}
137
138	# --BEHAVIOR-- adminBeforeUserCreate
139	$core->callBehavior('adminBeforeUserCreate', $cur);
140
141	$new_id = $core->addUser($cur);
142
143	# --BEHAVIOR-- adminAfterUserCreate
144	$core->callBehavior('adminAfterUserCreate', $cur, $new_id);
145
146	dcPage::addSuccessNotice(__('User has been successfully created.'));
147	if (!empty($_POST['saveplus'])) {
148	$core->adminurl->redirect("admin.user");
149	} else {
150	$core->adminurl->redirect("admin.user", array('id' => $new_id));
151	}
152	}
153	} catch (Exception $e) {
154	$core->error->add($e->getMessage());
155	}
156	}
157
158	/* DISPLAY
159	-------------------------------------------------------- */
160	dcPage::open($page_title,
161	dcPage::jsConfirmClose('user-form') .
162	dcPage::jsLoad('js/jquery/jquery.pwstrength.js') .
163	'<script type="text/javascript">' . "\n" .
164	"\$(function() {\n" .
165	" \$('#new_pwd').pwstrength({texts: ['" .
166	sprintf(__('Password strength: %s'), __('very weak')) . "', '" .
167	sprintf(__('Password strength: %s'), __('weak')) . "', '" .
168	sprintf(__('Password strength: %s'), __('mediocre')) . "', '" .
169	sprintf(__('Password strength: %s'), __('strong')) . "', '" .
170	sprintf(__('Password strength: %s'), __('very strong')) . "']});\n" .
171	"});\n" .
172	"</script>\n" .
173
174	# --BEHAVIOR-- adminUserHeaders
175	$core->callBehavior('adminUserHeaders'),
176
177	dcPage::breadcrumb(
178	array(
179	__('System') => '',
180	__('Users') => $core->adminurl->get("admin.users"),
181	$page_title => ''
182	))
183	);
184
185	if (!empty($_GET['upd'])) {
186	dcPage::success(__('User has been successfully updated.'));
187	}
188
189	if (!empty($_GET['add'])) {
190	dcPage::success(__('User has been successfully created.'));
191	}
192
193	echo
194	'<form action="' . $core->adminurl->get("admin.user") . '" method="post" id="user-form">' .
195	'<div class="two-cols">' .
196
197	'<div class="col">' .
198	'<h3>' . __('User profile') . '</h3>' .
199
200	'<p><label for="user_id" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('User ID:') . '</label> ' .
201	form::field('user_id', 20, 255, array(
202	'default' => html::escapeHTML($user_id),
203	'extra_html' => 'required placeholder="' . __('Login') . '"',
204	'autocomplete' => 'username'
205	)) .
206	'</p>' .
207	'<p class="form-note info">' . __('At least 2 characters using letters, numbers or symbols.') . '</p>';
208
209	if ($user_id == $core->auth->userID()) {
210	echo
211	'<p class="warning">' . __('Warning:') . ' ' .
212	__('If you change your username, you will have to log in again.') . '</p>';
213	}
214
215	echo
216	'<div class="pw-table">' .
217	'<p class="pw-cell">' .
218	'<label for="new_pwd" ' . ($user_id != '' ? '' : 'class="required"') . '>' .
219	($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') .
220	($user_id != '' ? __('New password:') : __('Password:')) . '</label>' .
221	form::password('new_pwd', 20, 255,
222	array(
223	'extra_html' => 'data-indicator="pwindicator"' .
224	($user_id != '' ? '' : ' required placeholder="' . __('Password') . '"'),
225	'autocomplete' => 'new-password')
226	) .
227	'</p>' .
228	'<div id="pwindicator">' .
229	' <div class="bar"></div>' .
230	' <p class="label no-margin"></p>' .
231	'</div>' .
232	'</div>' .
233	'<p class="form-note info">' . __('Password must contain at least 6 characters.') . '</p>' .
234
235	'<p><label for="new_pwd_c" ' . ($user_id != '' ? '' : 'class="required"') . '>' .
236	($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') . __('Confirm password:') . '</label> ' .
237	form::password('new_pwd_c', 20, 255,
238	array(
239	'extra_html' => ($user_id != '' ? '' : 'required placeholder="' . __('Password') . '"'),
240	'autocomplete' => 'new-password')) .
241	'</p>';
242
243	if ($core->auth->allowPassChange()) {
244	echo
245	'<p><label for="user_change_pwd" class="classic">' .
246	form::checkbox('user_change_pwd', '1', $user_change_pwd) . ' ' .
247	__('Password change required to connect') . '</label></p>';
248	}
249
250	$super_disabled = $user_super && $user_id == $core->auth->userID();
251
252	echo
253	'<p><label for="user_super" class="classic">' .
254	form::checkbox(($super_disabled ? 'user_super_off' : 'user_super'), '1',
255	array(
256	'checked' => $user_super,
257	'disabled' => $super_disabled
258	)) .
259	' ' . __('Super administrator') . '</label></p>' .
260	($super_disabled ? form::hidden(array('user_super'), $user_super) : '') .
261
262	'<p><label for="user_name">' . __('Last Name:') . '</label> ' .
263	form::field('user_name', 20, 255, array(
264	'default' => html::escapeHTML($user_name),
265	'autocomplete' => 'family-name'
266	)) .
267	'</p>' .
268
269	'<p><label for="user_firstname">' . __('First Name:') . '</label> ' .
270	form::field('user_firstname', 20, 255, array(
271	'default' => html::escapeHTML($user_firstname),
272	'autocomplete' => 'given-name'
273	)) .
274	'</p>' .
275
276	'<p><label for="user_displayname">' . __('Display name:') . '</label> ' .
277	form::field('user_displayname', 20, 255, array(
278	'default' => html::escapeHTML($user_displayname),
279	'autocomplete' => 'nickname'
280	)) .
281	'</p>' .
282
283	'<p><label for="user_email">' . __('Email:') . '</label> ' .
284	form::email('user_email', array(
285	'default' => html::escapeHTML($user_email),
286	'autocomplete' => 'email'
287	)) .
288	'</p>' .
289	'<p class="form-note">' . __('Mandatory for password recovering procedure.') . '</p>' .
290
291	'<p><label for="user_url">' . __('URL:') . '</label> ' .
292	form::url('user_url', array(
293	'size' => 30,
294	'default' => html::escapeHTML($user_url),
295	'autocomplete' => 'url'
296	)) .
297	'</p>' .
298	'</div>' .
299
300	'<div class="col">' .
301	'<h3>' . __('Options') . '</h3>' .
302	'<h4>' . __('Interface') . '</h4>' .
303	'<p><label for="user_lang">' . __('Language:') . '</label> ' .
304	form::combo('user_lang', $lang_combo, $user_lang, 'l10n') .
305	'</p>' .
306
307	'<p><label for="user_tz">' . __('Timezone:') . '</label> ' .
308	form::combo('user_tz', dt::getZones(true, true), $user_tz) .
309	'</p>' .
310
311	'<h4>' . __('Edition') . '</h4>' .
312	'<p><label for="user_post_format">' . __('Preferred format:') . '</label> ' .
313	form::combo('user_post_format', $formaters_combo, $user_options['post_format']) .
314	'</p>' .
315
316	'<p><label for="user_post_status">' . __('Default entry status:') . '</label> ' .
317	form::combo('user_post_status', $status_combo, $user_post_status) .
318	'</p>' .
319
320	'<p><label for="user_edit_size">' . __('Entry edit field height:') . '</label> ' .
321	form::number('user_edit_size', 10, 999, (integer) $user_options['edit_size']) .
322	'</p>';
323
324	# --BEHAVIOR-- adminUserForm
325	$core->callBehavior('adminUserForm', isset($rs) ? $rs : null);
326
327	echo
328	'</div>' .
329	'</div>';
330
331	echo
332	'<p class="clear vertical-separator"><label for="your_pwd" class="required">' .
333	'<abbr title="' . __('Required field') . '">*</abbr> ' . __('Your password:') . '</label>' .
334	form::password('your_pwd', 20, 255,
335	array(
336	'extra_html' => 'required placeholder="' . __('Password') . '"',
337	'autocomplete' => 'current-password'
338	)
339	) . '</p>' .
340	'<p class="clear"><input type="submit" name="save" accesskey="s" value="' . __('Save') . '" />' .
341	($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="' . __('Save and create another') . '" />') .
342	($user_id != '' ? form::hidden('id', $user_id) : '') .
343	$core->formNonce() .
344	'</p>' .
345
346	'</form>';
347
348	if ($user_id) {
349	echo '<div class="clear fieldset">' .
350	'<h3>' . __('Permissions') . '</h3>';
351
352	if (!$user_super) {
353	echo
354	'<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post">' .
355	'<p><input type="submit" value="' . __('Add new permissions') . '" />' .
356	form::hidden(array('redir'), $core->adminurl->get("admin.user", array('id' => $user_id))) .
357	form::hidden(array('action'), 'blogs') .
358	form::hidden(array('users[]'), $user_id) .
359	$core->formNonce() .
360	'</p>' .
361	'</form>';
362
363	$permissions = $core->getUserPermissions($user_id);
364	$perm_types = $core->auth->getPermissionsTypes();
365
366	if (count($permissions) == 0) {
367	echo '<p>' . __('No permissions so far.') . '</p>';
368	} else {
369	foreach ($permissions as $k => $v) {
370	if (count($v['p']) > 0) {
371	echo
372	'<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post" class="perm-block">' .
373	'<p class="blog-perm">' . __('Blog:') . ' <a href="' .
374	$core->adminurl->get("admin.blog", array('id' => html::escapeHTML($k))) . '">' .
375	html::escapeHTML($v['name']) . '</a> (' . html::escapeHTML($k) . ')</p>';
376
377	echo '<ul class="ul-perm">';
378	foreach ($v['p'] as $p => $V) {
379	if (isset($perm_types[$p])) {
380	echo '<li>' . __($perm_types[$p]) . '</li>';
381	}
382	}
383	echo
384	'</ul>' .
385	'<p class="add-perm"><input type="submit" class="reset" value="' . __('Change permissions') . '" />' .
386	form::hidden(array('redir'), $core->adminurl->get("admin.user", array('id' => $user_id))) .
387	form::hidden(array('action'), 'perms') .
388	form::hidden(array('users[]'), $user_id) .
389	form::hidden(array('blogs[]'), $k) .
390	$core->formNonce() .
391	'</p>' .
392	'</form>';
393	}
394	}
395	}
396
397	} else {
398	echo '<p>' . sprintf(__('%s is super admin (all rights on all blogs).'), '<strong>' . $user_id . '</strong>') . '</p>';
399	}
400	echo '</div>';
401	}
402
403	dcPage::helpBlock('core_user');
404	dcPage::close();

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 3730:5c45a5df9a59

Download in other formats:

Sites map