source: admin/user.php @ 1719:b8c48f380463

Visit:

Revision 1719:b8c48f380463, 11.1 KB checked in by Dsls, 11 years ago (diff)
Added dcAdminCombos utility class, lots of combos available from everywhere now. Closes #1599

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$page_title = __('New user');
18
19	$user_id = '';
20	$user_super = '';
21	$user_pwd = '';
22	$user_change_pwd = '';
23	$user_name = '';
24	$user_firstname = '';
25	$user_displayname = '';
26	$user_email = '';
27	$user_url = '';
28	$user_lang = $core->auth->getInfo('user_lang');
29	$user_tz = $core->auth->getInfo('user_tz');
30	$user_post_status = '';
31
32	$user_options = $core->userDefaults();
33
34	# Formaters combo
35	$formaters_combo = dcAdminCombos::getFormatersCombo();
36
37	$status_combo = dcAdminCombos::getPostStatusesCombo();
38
39	# Language codes
40	$lang_combo = dcAdminCombos::getAdminLangsCombo();
41
42	# Get user if we have an ID
43	if (!empty($_REQUEST['id']))
44	{
45	try {
46	$rs = $core->getUser($_REQUEST['id']);
47
48	$user_id = $rs->user_id;
49	$user_super = $rs->user_super;
50	$user_pwd = $rs->user_pwd;
51	$user_change_pwd = $rs->user_change_pwd;
52	$user_name = $rs->user_name;
53	$user_firstname = $rs->user_firstname;
54	$user_displayname = $rs->user_displayname;
55	$user_email = $rs->user_email;
56	$user_url = $rs->user_url;
57	$user_lang = $rs->user_lang;
58	$user_tz = $rs->user_tz;
59	$user_post_status = $rs->user_post_status;
60
61	$user_options = array_merge($user_options,$rs->options());
62
63	$page_title = $user_id;
64	} catch (Exception $e) {
65	$core->error->add($e->getMessage());
66	}
67	}
68
69	# Add or update user
70	if (isset($_POST['user_name']))
71	{
72	try
73	{
74	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
75	throw new Exception(__('Password verification failed'));
76	}
77
78	$cur = $core->con->openCursor($core->prefix.'user');
79
80	$cur->user_id = $_POST['user_id'];
81	$cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0;
82	$cur->user_name = $user_name = $_POST['user_name'];
83	$cur->user_firstname = $user_firstname = $_POST['user_firstname'];
84	$cur->user_displayname = $user_displayname = $_POST['user_displayname'];
85	$cur->user_email = $user_email = $_POST['user_email'];
86	$cur->user_url = $user_url = $_POST['user_url'];
87	$cur->user_lang = $user_lang = $_POST['user_lang'];
88	$cur->user_tz = $user_tz = $_POST['user_tz'];
89	$cur->user_post_status = $user_post_status = $_POST['user_post_status'];
90
91	if ($cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) {
92	// force super_user to true if current user
93	$cur->user_super = $user_super = true;
94	}
95	if ($core->auth->allowPassChange()) {
96	$cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0;
97	}
98
99	if (!empty($_POST['new_pwd'])) {
100	if ($_POST['new_pwd'] != $_POST['new_pwd_c']) {
101	throw new Exception(__("Passwords don't match"));
102	} else {
103	$cur->user_pwd = $_POST['new_pwd'];
104	}
105	}
106
107	$user_options['post_format'] = $_POST['user_post_format'];
108	$user_options['edit_size'] = (integer) $_POST['user_edit_size'];
109
110	if ($user_options['edit_size'] < 1) {
111	$user_options['edit_size'] = 10;
112	}
113
114	$cur->user_options = new ArrayObject($user_options);
115
116	# Udate user
117	if ($user_id)
118	{
119	# --BEHAVIOR-- adminBeforeUserUpdate
120	$core->callBehavior('adminBeforeUserUpdate',$cur,$user_id);
121
122	$new_id = $core->updUser($user_id,$cur);
123
124	# --BEHAVIOR-- adminAfterUserUpdate
125	$core->callBehavior('adminAfterUserUpdate',$cur,$new_id);
126
127	if ($user_id == $core->auth->userID() &&
128	$user_id != $new_id) {
129	$core->session->destroy();
130	}
131
132	http::redirect('user.php?id='.$new_id.'&upd=1');
133	}
134	# Add user
135	else
136	{
137	if ($core->getUsers(array('user_id' => $cur->user_id),true)->f(0) > 0) {
138	throw new Exception(sprintf(__('User "%s" already exists.'),html::escapeHTML($cur->user_id)));
139	}
140
141	# --BEHAVIOR-- adminBeforeUserCreate
142	$core->callBehavior('adminBeforeUserCreate',$cur);
143
144	$new_id = $core->addUser($cur);
145
146	# --BEHAVIOR-- adminAfterUserCreate
147	$core->callBehavior('adminAfterUserCreate',$cur,$new_id);
148
149	if (!empty($_POST['saveplus'])) {
150	http::redirect('user.php?add=1');
151	} else {
152	http::redirect('user.php?id='.$new_id.'&add=1');
153	}
154	}
155	}
156	catch (Exception $e)
157	{
158	$core->error->add($e->getMessage());
159	}
160	}
161
162
163	/* DISPLAY
164	-------------------------------------------------------- */
165	dcPage::open($page_title,
166	dcPage::jsConfirmClose('user-form').
167	dcPage::jsLoad('js/jquery/jquery.pwstrength.js').
168	'<script type="text/javascript">'."\n".
169	"//<![CDATA[\n".
170	"\$(function() {\n".
171	" \$('#new_pwd').pwstrength({texts: ['".
172	sprintf(__('Password strength: %s'),__('very weak'))."', '".
173	sprintf(__('Password strength: %s'),__('weak'))."', '".
174	sprintf(__('Password strength: %s'),__('mediocre'))."', '".
175	sprintf(__('Password strength: %s'),__('strong'))."', '".
176	sprintf(__('Password strength: %s'),__('very strong'))."']});\n".
177	"});\n".
178	"\n//]]>\n".
179	"</script>\n".
180
181	# --BEHAVIOR-- adminUserHeaders
182	$core->callBehavior('adminUserHeaders'),
183
184	dcPage::breadcrumb(
185	array(
186	__('System') => '',
187	__('Users') => 'users.php',
188	'<span class="page-title">'.$page_title.'</span>' => ''
189	))
190	);
191
192	if (!empty($_GET['upd'])) {
193	dcPage::success(__('User has been successfully updated.'));
194	}
195
196	if (!empty($_GET['add'])) {
197	dcPage::success(__('User has been successfully created.'));
198	}
199
200	echo
201	'<form action="user.php" method="post" id="user-form">'.
202	'<div class="two-cols">'.
203
204	'<div class="col">'.
205	'<h3>'.__('User profile').'</h3>'.
206
207	'<p><label for="user_id" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('User ID:').'</label> '.
208	form::field('user_id',20,255,html::escapeHTML($user_id)).
209	'</p>'.
210	'<p class="form-note">'.__('At least 2 characters using letters, numbers or symbols.').'</p>';
211
212	if ($user_id == $core->auth->userID()) {
213	echo
214	'<p class="warning">'.__('Warning:').' '.
215	__('If you change your username, you will have to log in again.').'</p>';
216	}
217
218	echo
219	'<div class="pw-table">'.
220	'<p class="pw-cell">'.
221	'<label for="new_pwd" '.($user_id != '' ? '' : 'class="required"').'>'.
222	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').
223	($user_id != '' ? __('New password:') : __('Password:')).'</label>'.
224	form::password('new_pwd',20,255,'','','',false,' data-indicator="pwindicator" ').
225	'</p>'.
226	'<div id="pwindicator">'.
227	' <div class="bar"></div>'.
228	' <p class="label no-margin"></p>'.
229	'</div>'.
230	'</div>'.
231	'<p class="form-note">'.__('Password must contain at least 6 characters.').'</p>'.
232
233	'<p><label for="new_pwd_c" '.($user_id != '' ? '' : 'class="required"').'>'.
234	($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Confirm password:').'</label> '.
235	form::password('new_pwd_c',20,255).
236	'</p>';
237
238	if ($core->auth->allowPassChange()) {
239	echo
240	'<p><label for="user_change_pwd" class="classic">'.
241	form::checkbox('user_change_pwd','1',$user_change_pwd).' '.
242	__('Password change required to connect').'</label></p>';
243	}
244
245	$super_disabled = $user_super && $user_id == $core->auth->userID();
246	echo
247	'<p><label for="user_super" class="classic">'.form::checkbox('user_super','1',$user_super,'','',$super_disabled).' '.
248	__('Super administrator').'</label></p>'.
249
250	'<p><label for="user_name">'.__('Last Name:').'</label> '.
251	form::field('user_name',20,255,html::escapeHTML($user_name)).
252	'</p>'.
253
254	'<p><label for="user_firstname">'.__('First Name:').'</label> '.
255	form::field('user_firstname',20,255,html::escapeHTML($user_firstname)).
256	'</p>'.
257
258	'<p><label for="user_displayname">'.__('Display name:').'</label> '.
259	form::field('user_displayname',20,255,html::escapeHTML($user_displayname)).
260	'</p>'.
261
262	'<p><label for="user_email">'.__('Email:').'</label> '.
263	form::field('user_email',20,255,html::escapeHTML($user_email)).
264	'</p>'.
265	'<p class="form-note">'.__('Mandatory for password recovering procedure.').'</p>'.
266
267	'<p><label for="user_url">'.__('URL:').'</label> '.
268	form::field('user_url',30,255,html::escapeHTML($user_url)).
269	'</p>'.
270	'</div>'.
271
272	'<div class="col">'.
273	'<h3>'.__('Options').'</h3>'.
274	'<h4>'.__('Interface').'</h4>'.
275	'<p><label for="user_lang">'.__('Language:').'</label> '.
276	form::combo('user_lang',$lang_combo,$user_lang,'l10n').
277	'</p>'.
278
279	'<p><label for="user_tz">'.__('Timezone:').'</label> '.
280	form::combo('user_tz',dt::getZones(true,true),$user_tz).
281	'</p>'.
282
283	'<h4>'.__('Edition').'</h4>'.
284	'<p><label for="user_post_format">'.__('Preferred format:').'</label> '.
285	form::combo('user_post_format',$formaters_combo,$user_options['post_format']).
286	'</p>'.
287
288	'<p><label for="user_post_status">'.__('Default entry status:').'</label> '.
289	form::combo('user_post_status',$status_combo,$user_post_status).
290	'</p>'.
291
292	'<p><label for="user_edit_size">'.__('Entry edit field height:').'</label> '.
293	form::field('user_edit_size',5,4,(integer) $user_options['edit_size']).
294	'</p>';
295
296	# --BEHAVIOR-- adminUserForm
297	$core->callBehavior('adminUserForm',isset($rs) ? $rs : null);
298
299	echo
300	'</div>'.
301	'</div>';
302
303
304	echo
305	'<p class="clear vertical-separator"><label for="your_pwd" class="required">'.
306	'<abbr title="'.__('Required field').'">*</abbr> '.__('Your password:').'</label>'.
307	form::password('your_pwd',20,255).'</p>'.
308	'<p class="clear"><input type="submit" name="save" accesskey="s" value="'.__('Save').'" />'.
309	($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="'.__('Save and create another').'" />').
310	($user_id != '' ? form::hidden('id',$user_id) : '').
311	$core->formNonce().
312	'</p>'.
313
314	'</form>';
315
316	if ($user_id)
317	{
318	echo '<div class="clear fieldset">'.
319	'<h3>'.__('Permissions').'</h3>';
320
321	if (!$user_super)
322	{
323	echo
324	'<form action="users_actions.php" method="post">'.
325	'<p><input type="submit" value="'.__('Add new permissions').'" />'.
326	form::hidden(array('redir'),'user.php?id='.$user_id).
327	form::hidden(array('action'),'blogs').
328	form::hidden(array('users[]'),$user_id).
329	$core->formNonce().
330	'</p>'.
331	'</form>';
332
333	$permissions = $core->getUserPermissions($user_id);
334	$perm_types = $core->auth->getPermissionsTypes();
335
336	if (count($permissions) == 0)
337	{
338	echo '<p>'.__('No permissions so far.').'</p>';
339	}
340	else
341	{
342	foreach ($permissions as $k => $v)
343	{
344	if (count($v['p']) > 0)
345	{
346	echo
347	'<form action="users_actions.php" method="post">'.
348	'<p class="blog-perm">'.__('Blog:').' <a href="blog.php?id='.html::escapeHTML($k).'">'.
349	html::escapeHTML($v['name']).'</a> ('.html::escapeHTML($k).')</p>';
350
351	echo '<ul class="ul-perm">';
352	foreach ($v['p'] as $p => $V) {
353	if (isset($perm_types[$p])) {
354	echo '<li>'.__($perm_types[$p]).'</li>';
355	}
356	}
357	echo
358	'</ul>'.
359	'<p class="add-perm"><input type="submit" class="reset" value="'.__('Change permissions').'" />'.
360	form::hidden(array('redir'),'user.php?id='.$user_id).
361	form::hidden(array('action'),'perms').
362	form::hidden(array('users[]'),$user_id).
363	form::hidden(array('blogs[]'),$k).
364	$core->formNonce().
365	'</p>'.
366	'</form>';
367	}
368	}
369	}
370
371	}
372	else {
373	echo '<p>'.sprintf(__('%s is super admin (all rights on all blogs).'),'<strong>'.$user_id.'</strong>').'</p>';
374	}
375	echo '</div>';
376	}
377
378	dcPage::helpBlock('core_user');
379	dcPage::close();
380	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/user.php @ 1719:b8c48f380463

Download in other formats:

Sites map