source: admin/user.php @ 3874:ab8368569446

Visit:

Revision 3874:ab8368569446, 14.0 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)
short notation for array (array() → [])

Line
1	<?php
2	/**
3	* @package Dotclear
4	* @subpackage Backend
5	*
6	* @copyright Olivier Meunier & Association Dotclear
7	* @copyright GPL-2.0-only
8	*/
9
10	require dirname(__FILE__) . '/../inc/admin/prepend.php';
11
12	dcPage::checkSuper();
13
14	$page_title = __('New user');
15
16	$user_id = '';
17	$user_super = '';
18	$user_pwd = '';
19	$user_change_pwd = '';
20	$user_name = '';
21	$user_firstname = '';
22	$user_displayname = '';
23	$user_email = '';
24	$user_url = '';
25	$user_lang = $core->auth->getInfo('user_lang');
26	$user_tz = $core->auth->getInfo('user_tz');
27	$user_post_status = '';
28
29	$user_options = $core->userDefaults();
30
31	# Formaters combo
32	$formaters_combo = dcAdminCombos::getFormatersCombo();
33
34	$status_combo = dcAdminCombos::getPostStatusesCombo();
35
36	# Language codes
37	$lang_combo = dcAdminCombos::getAdminLangsCombo();
38
39	# Get user if we have an ID
40	if (!empty($_REQUEST['id'])) {
41	try {
42	$rs = $core->getUser($_REQUEST['id']);
43
44	$user_id = $rs->user_id;
45	$user_super = $rs->user_super;
46	$user_pwd = $rs->user_pwd;
47	$user_change_pwd = $rs->user_change_pwd;
48	$user_name = $rs->user_name;
49	$user_firstname = $rs->user_firstname;
50	$user_displayname = $rs->user_displayname;
51	$user_email = $rs->user_email;
52	$user_url = $rs->user_url;
53	$user_lang = $rs->user_lang;
54	$user_tz = $rs->user_tz;
55	$user_post_status = $rs->user_post_status;
56
57	$user_options = array_merge($user_options, $rs->options());
58
59	$page_title = $user_id;
60	} catch (Exception $e) {
61	$core->error->add($e->getMessage());
62	}
63	}
64
65	# Add or update user
66	if (isset($_POST['user_name'])) {
67	try
68	{
69	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($_POST['your_pwd'])) {
70	throw new Exception(__('Password verification failed'));
71	}
72
73	$cur = $core->con->openCursor($core->prefix . 'user');
74
75	$cur->user_id = $_POST['user_id'];
76	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
77	$cur->user_name = $user_name = html::escapeHTML($_POST['user_name']);
78	$cur->user_firstname = $user_firstname = html::escapeHTML($_POST['user_firstname']);
79	$cur->user_displayname = $user_displayname = html::escapeHTML($_POST['user_displayname']);
80	$cur->user_email = $user_email = html::escapeHTML($_POST['user_email']);
81	$cur->user_url = $user_url = html::escapeHTML($_POST['user_url']);
82	$cur->user_lang = $user_lang = html::escapeHTML($_POST['user_lang']);
83	$cur->user_tz = $user_tz = html::escapeHTML($_POST['user_tz']);
84	$cur->user_post_status = $user_post_status = html::escapeHTML($_POST['user_post_status']);
85
86	if ($user_id && $cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {
87	// force super_user to true if current user
88	$cur->user_super = $user_super = true;
89	}
90	if ($core->auth->allowPassChange()) {
91	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
92	}
93
94	if (!empty($_POST['new_pwd'])) {
95	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
96	throw new Exception(__("Passwords don't match"));
97	} else {
98	$cur->user_pwd = $_POST['new_pwd'];
99	}
100	}
101
102	$user_options['post_format'] = html::escapeHTML($_POST['user_post_format']);
103	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
104
105	if ($user_options['edit_size'] < 1) {
106	$user_options['edit_size'] = 10;
107	}
108
109	$cur->user_options = new ArrayObject($user_options);
110
111	# Udate user
112	if ($user_id) {
113	# --BEHAVIOR-- adminBeforeUserUpdate
114	$core->callBehavior('adminBeforeUserUpdate', $cur, $user_id);
115
116	$new_id = $core->updUser($user_id, $cur);
117
118	# --BEHAVIOR-- adminAfterUserUpdate
119	$core->callBehavior('adminAfterUserUpdate', $cur, $new_id);
120
121	if ($user_id == $core->auth->userID() &&
122	$user_id != $new_id) {
123	$core->session->destroy();
124	}
125
126	dcPage::addSuccessNotice(__('User has been successfully updated.'));
127	$core->adminurl->redirect("admin.user", ['id' => $new_id]);
128	}
129	# Add user
130	else {
131	if ($core->getUsers(['user_id' => $cur->user_id], true)->f(0) > 0) {
132	throw new Exception(sprintf(__('User "%s" already exists.'), html::escapeHTML($cur->user_id)));
133	}
134
135	# --BEHAVIOR-- adminBeforeUserCreate
136	$core->callBehavior('adminBeforeUserCreate', $cur);
137
138	$new_id = $core->addUser($cur);
139
140	# --BEHAVIOR-- adminAfterUserCreate
141	$core->callBehavior('adminAfterUserCreate', $cur, $new_id);
142
143	dcPage::addSuccessNotice(__('User has been successfully created.'));
144	if (!empty($_POST['saveplus'])) {
145	$core->adminurl->redirect("admin.user");
146	} else {
147	$core->adminurl->redirect("admin.user", ['id' => $new_id]);
148	}
149	}
150	} catch (Exception $e) {
151	$core->error->add($e->getMessage());
152	}
153	}
154
155	/* DISPLAY
156	-------------------------------------------------------- */
157	dcPage::open($page_title,
158	dcPage::jsConfirmClose('user-form') .
159	dcPage::jsLoad('js/jquery/jquery.pwstrength.js') .
160	'<script type="text/javascript">' . "\n" .
161	"\$(function() {\n" .
162	" \$('#new_pwd').pwstrength({texts: ['" .
163	sprintf(__('Password strength: %s'), __('very weak')) . "', '" .
164	sprintf(__('Password strength: %s'), __('weak')) . "', '" .
165	sprintf(__('Password strength: %s'), __('mediocre')) . "', '" .
166	sprintf(__('Password strength: %s'), __('strong')) . "', '" .
167	sprintf(__('Password strength: %s'), __('very strong')) . "']});\n" .
168	"});\n" .
169	"</script>\n" .
170
171	# --BEHAVIOR-- adminUserHeaders
172	$core->callBehavior('adminUserHeaders'),
173
174	dcPage::breadcrumb(
175	[
176	__('System') => '',
177	__('Users') => $core->adminurl->get("admin.users"),
178	$page_title => ''
179	])
180	);
181
182	if (!empty($_GET['upd'])) {
183	dcPage::success(__('User has been successfully updated.'));
184	}
185
186	if (!empty($_GET['add'])) {
187	dcPage::success(__('User has been successfully created.'));
188	}
189
190	echo
191	'<form action="' . $core->adminurl->get("admin.user") . '" method="post" id="user-form">' .
192	'<div class="two-cols">' .
193
194	'<div class="col">' .
195	'<h3>' . __('User profile') . '</h3>' .
196
197	'<p><label for="user_id" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('User ID:') . '</label> ' .
198	form::field('user_id', 20, 255, [
199	'default' => html::escapeHTML($user_id),
200	'extra_html' => 'required placeholder="' . __('Login') . '"',
201	'autocomplete' => 'username'
202	]) .
203	'</p>' .
204	'<p class="form-note info">' . __('At least 2 characters using letters, numbers or symbols.') . '</p>';
205
206	if ($user_id == $core->auth->userID()) {
207	echo
208	'<p class="warning">' . __('Warning:') . ' ' .
209	__('If you change your username, you will have to log in again.') . '</p>';
210	}
211
212	echo
213	'<div class="pw-table">' .
214	'<p class="pw-cell">' .
215	'<label for="new_pwd" ' . ($user_id != '' ? '' : 'class="required"') . '>' .
216	($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') .
217	($user_id != '' ? __('New password:') : __('Password:')) . '</label>' .
218	form::password('new_pwd', 20, 255,
219	[
220	'extra_html' => 'data-indicator="pwindicator"' .
221	($user_id != '' ? '' : ' required placeholder="' . __('Password') . '"'),
222	'autocomplete' => 'new-password']
223	) .
224	'</p>' .
225	'<div id="pwindicator">' .
226	' <div class="bar"></div>' .
227	' <p class="label no-margin"></p>' .
228	'</div>' .
229	'</div>' .
230	'<p class="form-note info">' . __('Password must contain at least 6 characters.') . '</p>' .
231
232	'<p><label for="new_pwd_c" ' . ($user_id != '' ? '' : 'class="required"') . '>' .
233	($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') . __('Confirm password:') . '</label> ' .
234	form::password('new_pwd_c', 20, 255,
235	[
236	'extra_html' => ($user_id != '' ? '' : 'required placeholder="' . __('Password') . '"'),
237	'autocomplete' => 'new-password']) .
238	'</p>';
239
240	if ($core->auth->allowPassChange()) {
241	echo
242	'<p><label for="user_change_pwd" class="classic">' .
243	form::checkbox('user_change_pwd', '1', $user_change_pwd) . ' ' .
244	__('Password change required to connect') . '</label></p>';
245	}
246
247	$super_disabled = $user_super && $user_id == $core->auth->userID();
248
249	echo
250	'<p><label for="user_super" class="classic">' .
251	form::checkbox(($super_disabled ? 'user_super_off' : 'user_super'), '1',
252	[
253	'checked' => $user_super,
254	'disabled' => $super_disabled
255	]) .
256	' ' . __('Super administrator') . '</label></p>' .
257	($super_disabled ? form::hidden(['user_super'], $user_super) : '') .
258
259	'<p><label for="user_name">' . __('Last Name:') . '</label> ' .
260	form::field('user_name', 20, 255, [
261	'default' => html::escapeHTML($user_name),
262	'autocomplete' => 'family-name'
263	]) .
264	'</p>' .
265
266	'<p><label for="user_firstname">' . __('First Name:') . '</label> ' .
267	form::field('user_firstname', 20, 255, [
268	'default' => html::escapeHTML($user_firstname),
269	'autocomplete' => 'given-name'
270	]) .
271	'</p>' .
272
273	'<p><label for="user_displayname">' . __('Display name:') . '</label> ' .
274	form::field('user_displayname', 20, 255, [
275	'default' => html::escapeHTML($user_displayname),
276	'autocomplete' => 'nickname'
277	]) .
278	'</p>' .
279
280	'<p><label for="user_email">' . __('Email:') . '</label> ' .
281	form::email('user_email', [
282	'default' => html::escapeHTML($user_email),
283	'autocomplete' => 'email'
284	]) .
285	'</p>' .
286	'<p class="form-note">' . __('Mandatory for password recovering procedure.') . '</p>' .
287
288	'<p><label for="user_url">' . __('URL:') . '</label> ' .
289	form::url('user_url', [
290	'size' => 30,
291	'default' => html::escapeHTML($user_url),
292	'autocomplete' => 'url'
293	]) .
294	'</p>' .
295	'</div>' .
296
297	'<div class="col">' .
298	'<h3>' . __('Options') . '</h3>' .
299	'<h4>' . __('Interface') . '</h4>' .
300	'<p><label for="user_lang">' . __('Language:') . '</label> ' .
301	form::combo('user_lang', $lang_combo, $user_lang, 'l10n') .
302	'</p>' .
303
304	'<p><label for="user_tz">' . __('Timezone:') . '</label> ' .
305	form::combo('user_tz', dt::getZones(true, true), $user_tz) .
306	'</p>' .
307
308	'<h4>' . __('Edition') . '</h4>' .
309	'<p><label for="user_post_format">' . __('Preferred format:') . '</label> ' .
310	form::combo('user_post_format', $formaters_combo, $user_options['post_format']) .
311	'</p>' .
312
313	'<p><label for="user_post_status">' . __('Default entry status:') . '</label> ' .
314	form::combo('user_post_status', $status_combo, $user_post_status) .
315	'</p>' .
316
317	'<p><label for="user_edit_size">' . __('Entry edit field height:') . '</label> ' .
318	form::number('user_edit_size', 10, 999, (integer) $user_options['edit_size']) .
319	'</p>';
320
321	# --BEHAVIOR-- adminUserForm
322	$core->callBehavior('adminUserForm', isset($rs) ? $rs : null);
323
324	echo
325	'</div>' .
326	'</div>';
327
328	echo
329	'<p class="clear vertical-separator"><label for="your_pwd" class="required">' .
330	'<abbr title="' . __('Required field') . '">*</abbr> ' . __('Your password:') . '</label>' .
331	form::password('your_pwd', 20, 255,
332	[
333	'extra_html' => 'required placeholder="' . __('Password') . '"',
334	'autocomplete' => 'current-password'
335	]
336	) . '</p>' .
337	'<p class="clear"><input type="submit" name="save" accesskey="s" value="' . __('Save') . '" />' .
338	($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="' . __('Save and create another') . '" />') .
339	($user_id != '' ? form::hidden('id', $user_id) : '') .
340	$core->formNonce() .
341	'</p>' .
342
343	'</form>';
344
345	if ($user_id) {
346	echo '<div class="clear fieldset">' .
347	'<h3>' . __('Permissions') . '</h3>';
348
349	if (!$user_super) {
350	echo
351	'<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post">' .
352	'<p><input type="submit" value="' . __('Add new permissions') . '" />' .
353	form::hidden(['redir'], $core->adminurl->get("admin.user", ['id' => $user_id])) .
354	form::hidden(['action'], 'blogs') .
355	form::hidden(['users[]'], $user_id) .
356	$core->formNonce() .
357	'</p>' .
358	'</form>';
359
360	$permissions = $core->getUserPermissions($user_id);
361	$perm_types = $core->auth->getPermissionsTypes();
362
363	if (count($permissions) == 0) {
364	echo '<p>' . __('No permissions so far.') . '</p>';
365	} else {
366	foreach ($permissions as $k => $v) {
367	if (count($v['p']) > 0) {
368	echo
369	'<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post" class="perm-block">' .
370	'<p class="blog-perm">' . __('Blog:') . ' <a href="' .
371	$core->adminurl->get("admin.blog", ['id' => html::escapeHTML($k)]) . '">' .
372	html::escapeHTML($v['name']) . '</a> (' . html::escapeHTML($k) . ')</p>';
373
374	echo '<ul class="ul-perm">';
375	foreach ($v['p'] as $p => $V) {
376	if (isset($perm_types[$p])) {
377	echo '<li>' . __($perm_types[$p]) . '</li>';
378	}
379	}
380	echo
381	'</ul>' .
382	'<p class="add-perm"><input type="submit" class="reset" value="' . __('Change permissions') . '" />' .
383	form::hidden(['redir'], $core->adminurl->get("admin.user", ['id' => $user_id])) .
384	form::hidden(['action'], 'perms') .
385	form::hidden(['users[]'], $user_id) .
386	form::hidden(['blogs[]'], $k) .
387	$core->formNonce() .
388	'</p>' .
389	'</form>';
390	}
391	}
392	}
393
394	} else {
395	echo '<p>' . sprintf(__('%s is super admin (all rights on all blogs).'), '<strong>' . $user_id . '</strong>') . '</p>';
396	}
397	echo '</div>';
398	}
399
400	dcPage::helpBlock('core_user');
401	dcPage::close();

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 3874:ab8368569446

Download in other formats:

Sites map