Changeset 3699:77a12236e993 for admin/user.php
- Timestamp:
- 02/14/18 10:14:33 (6 years ago)
- Branch:
- default
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
admin/user.php
r3649 r3699 11 11 # -- END LICENSE BLOCK ----------------------------------------- 12 12 13 require dirname(__FILE__) .'/../inc/admin/prepend.php';13 require dirname(__FILE__) . '/../inc/admin/prepend.php'; 14 14 15 15 dcPage::checkSuper(); … … 17 17 $page_title = __('New user'); 18 18 19 $user_id = '';20 $user_super = '';21 $user_pwd = '';22 $user_change_pwd = '';23 $user_name = '';24 $user_firstname = '';19 $user_id = ''; 20 $user_super = ''; 21 $user_pwd = ''; 22 $user_change_pwd = ''; 23 $user_name = ''; 24 $user_firstname = ''; 25 25 $user_displayname = ''; 26 $user_email = '';27 $user_url = '';28 $user_lang = $core->auth->getInfo('user_lang');29 $user_tz = $core->auth->getInfo('user_tz');26 $user_email = ''; 27 $user_url = ''; 28 $user_lang = $core->auth->getInfo('user_lang'); 29 $user_tz = $core->auth->getInfo('user_tz'); 30 30 $user_post_status = ''; 31 31 … … 41 41 42 42 # Get user if we have an ID 43 if (!empty($_REQUEST['id'])) 44 { 45 try { 46 $rs = $core->getUser($_REQUEST['id']); 47 48 $user_id = $rs->user_id; 49 $user_super = $rs->user_super; 50 $user_pwd = $rs->user_pwd; 51 $user_change_pwd = $rs->user_change_pwd; 52 $user_name = $rs->user_name; 53 $user_firstname = $rs->user_firstname; 54 $user_displayname = $rs->user_displayname; 55 $user_email = $rs->user_email; 56 $user_url = $rs->user_url; 57 $user_lang = $rs->user_lang; 58 $user_tz = $rs->user_tz; 59 $user_post_status = $rs->user_post_status; 60 61 $user_options = array_merge($user_options,$rs->options()); 62 63 $page_title = $user_id; 64 } catch (Exception $e) { 65 $core->error->add($e->getMessage()); 66 } 43 if (!empty($_REQUEST['id'])) { 44 try { 45 $rs = $core->getUser($_REQUEST['id']); 46 47 $user_id = $rs->user_id; 48 $user_super = $rs->user_super; 49 $user_pwd = $rs->user_pwd; 50 $user_change_pwd = $rs->user_change_pwd; 51 $user_name = $rs->user_name; 52 $user_firstname = $rs->user_firstname; 53 $user_displayname = $rs->user_displayname; 54 $user_email = $rs->user_email; 55 $user_url = $rs->user_url; 56 $user_lang = $rs->user_lang; 57 $user_tz = $rs->user_tz; 58 $user_post_status = $rs->user_post_status; 59 60 $user_options = array_merge($user_options, $rs->options()); 61 62 $page_title = $user_id; 63 } catch (Exception $e) { 64 $core->error->add($e->getMessage()); 65 } 67 66 } 68 67 69 68 # Add or update user 70 if (isset($_POST['user_name'])) 71 { 72 try 73 { 74 if (empty($_POST['your_pwd']) || !$core->auth->checkPassword($_POST['your_pwd'])) { 75 throw new Exception(__('Password verification failed')); 76 } 77 78 $cur = $core->con->openCursor($core->prefix.'user'); 79 80 $cur->user_id = $_POST['user_id']; 81 $cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0; 82 $cur->user_name = $user_name = html::escapeHTML($_POST['user_name']); 83 $cur->user_firstname = $user_firstname = html::escapeHTML($_POST['user_firstname']); 84 $cur->user_displayname = $user_displayname = html::escapeHTML($_POST['user_displayname']); 85 $cur->user_email = $user_email = html::escapeHTML($_POST['user_email']); 86 $cur->user_url = $user_url = html::escapeHTML($_POST['user_url']); 87 $cur->user_lang = $user_lang = html::escapeHTML($_POST['user_lang']); 88 $cur->user_tz = $user_tz = html::escapeHTML($_POST['user_tz']); 89 $cur->user_post_status = $user_post_status = html::escapeHTML($_POST['user_post_status']); 90 91 if ($user_id && $cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) { 92 // force super_user to true if current user 93 $cur->user_super = $user_super = true; 94 } 95 if ($core->auth->allowPassChange()) { 96 $cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0; 97 } 98 99 if (!empty($_POST['new_pwd'])) { 100 if ($_POST['new_pwd'] != $_POST['new_pwd_c']) { 101 throw new Exception(__("Passwords don't match")); 102 } else { 103 $cur->user_pwd = $_POST['new_pwd']; 104 } 105 } 106 107 $user_options['post_format'] = html::escapeHTML($_POST['user_post_format']); 108 $user_options['edit_size'] = (integer) $_POST['user_edit_size']; 109 110 if ($user_options['edit_size'] < 1) { 111 $user_options['edit_size'] = 10; 112 } 113 114 $cur->user_options = new ArrayObject($user_options); 115 116 # Udate user 117 if ($user_id) 118 { 119 # --BEHAVIOR-- adminBeforeUserUpdate 120 $core->callBehavior('adminBeforeUserUpdate',$cur,$user_id); 121 122 $new_id = $core->updUser($user_id,$cur); 123 124 # --BEHAVIOR-- adminAfterUserUpdate 125 $core->callBehavior('adminAfterUserUpdate',$cur,$new_id); 126 127 if ($user_id == $core->auth->userID() && 128 $user_id != $new_id) { 129 $core->session->destroy(); 130 } 131 132 dcPage::addSuccessNotice(__('User has been successfully updated.')); 133 $core->adminurl->redirect("admin.user",array('id' => $new_id)); 134 } 135 # Add user 136 else 137 { 138 if ($core->getUsers(array('user_id' => $cur->user_id),true)->f(0) > 0) { 139 throw new Exception(sprintf(__('User "%s" already exists.'),html::escapeHTML($cur->user_id))); 140 } 141 142 # --BEHAVIOR-- adminBeforeUserCreate 143 $core->callBehavior('adminBeforeUserCreate',$cur); 144 145 $new_id = $core->addUser($cur); 146 147 # --BEHAVIOR-- adminAfterUserCreate 148 $core->callBehavior('adminAfterUserCreate',$cur,$new_id); 149 150 dcPage::addSuccessNotice(__('User has been successfully created.')); 151 if (!empty($_POST['saveplus'])) { 152 $core->adminurl->redirect("admin.user"); 153 } else { 154 $core->adminurl->redirect("admin.user",array('id' => $new_id)); 155 } 156 } 157 } 158 catch (Exception $e) 159 { 160 $core->error->add($e->getMessage()); 161 } 162 } 163 69 if (isset($_POST['user_name'])) { 70 try 71 { 72 if (empty($_POST['your_pwd']) || !$core->auth->checkPassword($_POST['your_pwd'])) { 73 throw new Exception(__('Password verification failed')); 74 } 75 76 $cur = $core->con->openCursor($core->prefix . 'user'); 77 78 $cur->user_id = $_POST['user_id']; 79 $cur->user_super = $user_super = !empty($_POST['user_super']) ? 1 : 0; 80 $cur->user_name = $user_name = html::escapeHTML($_POST['user_name']); 81 $cur->user_firstname = $user_firstname = html::escapeHTML($_POST['user_firstname']); 82 $cur->user_displayname = $user_displayname = html::escapeHTML($_POST['user_displayname']); 83 $cur->user_email = $user_email = html::escapeHTML($_POST['user_email']); 84 $cur->user_url = $user_url = html::escapeHTML($_POST['user_url']); 85 $cur->user_lang = $user_lang = html::escapeHTML($_POST['user_lang']); 86 $cur->user_tz = $user_tz = html::escapeHTML($_POST['user_tz']); 87 $cur->user_post_status = $user_post_status = html::escapeHTML($_POST['user_post_status']); 88 89 if ($user_id && $cur->user_id == $core->auth->userID() && $core->auth->isSuperAdmin()) { 90 // force super_user to true if current user 91 $cur->user_super = $user_super = true; 92 } 93 if ($core->auth->allowPassChange()) { 94 $cur->user_change_pwd = !empty($_POST['user_change_pwd']) ? 1 : 0; 95 } 96 97 if (!empty($_POST['new_pwd'])) { 98 if ($_POST['new_pwd'] != $_POST['new_pwd_c']) { 99 throw new Exception(__("Passwords don't match")); 100 } else { 101 $cur->user_pwd = $_POST['new_pwd']; 102 } 103 } 104 105 $user_options['post_format'] = html::escapeHTML($_POST['user_post_format']); 106 $user_options['edit_size'] = (integer) $_POST['user_edit_size']; 107 108 if ($user_options['edit_size'] < 1) { 109 $user_options['edit_size'] = 10; 110 } 111 112 $cur->user_options = new ArrayObject($user_options); 113 114 # Udate user 115 if ($user_id) { 116 # --BEHAVIOR-- adminBeforeUserUpdate 117 $core->callBehavior('adminBeforeUserUpdate', $cur, $user_id); 118 119 $new_id = $core->updUser($user_id, $cur); 120 121 # --BEHAVIOR-- adminAfterUserUpdate 122 $core->callBehavior('adminAfterUserUpdate', $cur, $new_id); 123 124 if ($user_id == $core->auth->userID() && 125 $user_id != $new_id) { 126 $core->session->destroy(); 127 } 128 129 dcPage::addSuccessNotice(__('User has been successfully updated.')); 130 $core->adminurl->redirect("admin.user", array('id' => $new_id)); 131 } 132 # Add user 133 else { 134 if ($core->getUsers(array('user_id' => $cur->user_id), true)->f(0) > 0) { 135 throw new Exception(sprintf(__('User "%s" already exists.'), html::escapeHTML($cur->user_id))); 136 } 137 138 # --BEHAVIOR-- adminBeforeUserCreate 139 $core->callBehavior('adminBeforeUserCreate', $cur); 140 141 $new_id = $core->addUser($cur); 142 143 # --BEHAVIOR-- adminAfterUserCreate 144 $core->callBehavior('adminAfterUserCreate', $cur, $new_id); 145 146 dcPage::addSuccessNotice(__('User has been successfully created.')); 147 if (!empty($_POST['saveplus'])) { 148 $core->adminurl->redirect("admin.user"); 149 } else { 150 $core->adminurl->redirect("admin.user", array('id' => $new_id)); 151 } 152 } 153 } catch (Exception $e) { 154 $core->error->add($e->getMessage()); 155 } 156 } 164 157 165 158 /* DISPLAY 166 159 -------------------------------------------------------- */ 167 160 dcPage::open($page_title, 168 dcPage::jsConfirmClose('user-form').169 dcPage::jsLoad('js/jquery/jquery.pwstrength.js').170 '<script type="text/javascript">'."\n".171 "\$(function() {\n".172 " \$('#new_pwd').pwstrength({texts: ['".173 sprintf(__('Password strength: %s'),__('very weak'))."', '".174 sprintf(__('Password strength: %s'),__('weak'))."', '".175 sprintf(__('Password strength: %s'),__('mediocre'))."', '".176 sprintf(__('Password strength: %s'),__('strong'))."', '".177 sprintf(__('Password strength: %s'),__('very strong'))."']});\n".178 "});\n".179 "</script>\n".180 181 182 183 184 185 186 187 __('Users')=> $core->adminurl->get("admin.users"),188 $page_title=> ''189 161 dcPage::jsConfirmClose('user-form') . 162 dcPage::jsLoad('js/jquery/jquery.pwstrength.js') . 163 '<script type="text/javascript">' . "\n" . 164 "\$(function() {\n" . 165 " \$('#new_pwd').pwstrength({texts: ['" . 166 sprintf(__('Password strength: %s'), __('very weak')) . "', '" . 167 sprintf(__('Password strength: %s'), __('weak')) . "', '" . 168 sprintf(__('Password strength: %s'), __('mediocre')) . "', '" . 169 sprintf(__('Password strength: %s'), __('strong')) . "', '" . 170 sprintf(__('Password strength: %s'), __('very strong')) . "']});\n" . 171 "});\n" . 172 "</script>\n" . 173 174 # --BEHAVIOR-- adminUserHeaders 175 $core->callBehavior('adminUserHeaders'), 176 177 dcPage::breadcrumb( 178 array( 179 __('System') => '', 180 __('Users') => $core->adminurl->get("admin.users"), 181 $page_title => '' 182 )) 190 183 ); 191 184 192 185 if (!empty($_GET['upd'])) { 193 186 dcPage::success(__('User has been successfully updated.')); 194 187 } 195 188 196 189 if (!empty($_GET['add'])) { 197 198 } 199 200 echo 201 '<form action="' .$core->adminurl->get("admin.user").'" method="post" id="user-form">'.202 '<div class="two-cols">' .203 204 '<div class="col">' .205 '<h3>' .__('User profile').'</h3>'.206 207 '<p><label for="user_id" class="required"><abbr title="' .__('Required field').'">*</abbr> '.__('User ID:').'</label> '.208 form::field('user_id', 20,255,html::escapeHTML($user_id),'','',false,'required placeholder="'.__('Login').'"').209 '</p>' .210 '<p class="form-note info">' .__('At least 2 characters using letters, numbers or symbols.').'</p>';190 dcPage::success(__('User has been successfully created.')); 191 } 192 193 echo 194 '<form action="' . $core->adminurl->get("admin.user") . '" method="post" id="user-form">' . 195 '<div class="two-cols">' . 196 197 '<div class="col">' . 198 '<h3>' . __('User profile') . '</h3>' . 199 200 '<p><label for="user_id" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('User ID:') . '</label> ' . 201 form::field('user_id', 20, 255, html::escapeHTML($user_id), '', '', false, 'required placeholder="' . __('Login') . '"') . 202 '</p>' . 203 '<p class="form-note info">' . __('At least 2 characters using letters, numbers or symbols.') . '</p>'; 211 204 212 205 if ($user_id == $core->auth->userID()) { 213 echo 214 '<p class="warning">'.__('Warning:').' '. 215 __('If you change your username, you will have to log in again.').'</p>'; 216 } 217 218 echo 219 '<div class="pw-table">'. 220 '<p class="pw-cell">'. 221 '<label for="new_pwd" '.($user_id != '' ? '' : 'class="required"').'>'. 222 ($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> '). 223 ($user_id != '' ? __('New password:') : __('Password:')).'</label>'. 224 form::password('new_pwd',20,255,'','','',false,' data-indicator="pwindicator" '. 225 ($user_id != '' ? '' : 'required placeholder="'.__('Password').'"')). 226 '</p>'. 227 '<div id="pwindicator">'. 228 ' <div class="bar"></div>'. 229 ' <p class="label no-margin"></p>'. 230 '</div>'. 231 '</div>'. 232 '<p class="form-note info">'.__('Password must contain at least 6 characters.').'</p>'. 233 234 '<p><label for="new_pwd_c" '.($user_id != '' ? '' : 'class="required"').'>'. 235 ($user_id != '' ? '' : '<abbr title="'.__('Required field').'">*</abbr> ').__('Confirm password:').'</label> '. 236 form::password('new_pwd_c',20,255,'','','',false,($user_id != '' ? '' : 'required placeholder="'.__('Password').'"')). 237 '</p>'; 206 echo 207 '<p class="warning">' . __('Warning:') . ' ' . 208 __('If you change your username, you will have to log in again.') . '</p>'; 209 } 210 211 echo 212 '<div class="pw-table">' . 213 '<p class="pw-cell">' . 214 '<label for="new_pwd" ' . ($user_id != '' ? '' : 'class="required"') . '>' . 215 ($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') . 216 ($user_id != '' ? __('New password:') : __('Password:')) . '</label>' . 217 form::password('new_pwd', 20, 255, 218 array( 219 'extra_html' => 'data-indicator="pwindicator"' . 220 ($user_id != '' ? '' : ' required placeholder="' . __('Password') . '"'), 221 'autocomplete' => 'new-password') 222 ) . 223 '</p>' . 224 '<div id="pwindicator">' . 225 ' <div class="bar"></div>' . 226 ' <p class="label no-margin"></p>' . 227 '</div>' . 228 '</div>' . 229 '<p class="form-note info">' . __('Password must contain at least 6 characters.') . '</p>' . 230 231 '<p><label for="new_pwd_c" ' . ($user_id != '' ? '' : 'class="required"') . '>' . 232 ($user_id != '' ? '' : '<abbr title="' . __('Required field') . '">*</abbr> ') . __('Confirm password:') . '</label> ' . 233 form::password('new_pwd_c', 20, 255, 234 array( 235 'extra_html' => ($user_id != '' ? '' : 'required placeholder="' . __('Password') . '"'), 236 'autocomplete' => 'new-password')) . 237 '</p>'; 238 238 239 239 if ($core->auth->allowPassChange()) { 240 241 '<p><label for="user_change_pwd" class="classic">'.242 form::checkbox('user_change_pwd','1',$user_change_pwd).' '.243 __('Password change required to connect').'</label></p>';240 echo 241 '<p><label for="user_change_pwd" class="classic">' . 242 form::checkbox('user_change_pwd', '1', $user_change_pwd) . ' ' . 243 __('Password change required to connect') . '</label></p>'; 244 244 } 245 245 … … 247 247 248 248 echo 249 '<p><label for="user_super" class="classic">' .250 form::checkbox(($super_disabled ? 'user_super_off' : 'user_super'), '1',$user_super,'','',$super_disabled).251 ' ' .__('Super administrator').'</label></p>'.252 ($super_disabled ? form::hidden(array('user_super'), $user_super) : '').253 254 '<p><label for="user_name">' .__('Last Name:').'</label> '.255 form::field('user_name', 20,255,html::escapeHTML($user_name)).256 '</p>' .257 258 '<p><label for="user_firstname">' .__('First Name:').'</label> '.259 form::field('user_firstname', 20,255,html::escapeHTML($user_firstname)).260 '</p>' .261 262 '<p><label for="user_displayname">' .__('Display name:').'</label> '.263 form::field('user_displayname', 20,255,html::escapeHTML($user_displayname)).264 '</p>' .265 266 '<p><label for="user_email">' .__('Email:').'</label> '.267 form::field('user_email', 20,255,html::escapeHTML($user_email)).268 '</p>' .269 '<p class="form-note">' .__('Mandatory for password recovering procedure.').'</p>'.270 271 '<p><label for="user_url">' .__('URL:').'</label> '.272 form::field('user_url', 30,255,html::escapeHTML($user_url)).273 '</p>' .274 '</div>' .275 276 '<div class="col">' .277 '<h3>' .__('Options').'</h3>'.278 '<h4>' .__('Interface').'</h4>'.279 '<p><label for="user_lang">' .__('Language:').'</label> '.280 form::combo('user_lang', $lang_combo,$user_lang,'l10n').281 '</p>' .282 283 '<p><label for="user_tz">' .__('Timezone:').'</label> '.284 form::combo('user_tz', dt::getZones(true,true),$user_tz).285 '</p>' .286 287 '<h4>' .__('Edition').'</h4>'.288 '<p><label for="user_post_format">' .__('Preferred format:').'</label> '.289 form::combo('user_post_format', $formaters_combo,$user_options['post_format']).290 '</p>' .291 292 '<p><label for="user_post_status">' .__('Default entry status:').'</label> '.293 form::combo('user_post_status', $status_combo,$user_post_status).294 '</p>' .295 296 '<p><label for="user_edit_size">' .__('Entry edit field height:').'</label> '.297 form::field('user_edit_size', 5,4,(integer) $user_options['edit_size']).298 '</p>';249 '<p><label for="user_super" class="classic">' . 250 form::checkbox(($super_disabled ? 'user_super_off' : 'user_super'), '1', $user_super, '', '', $super_disabled) . 251 ' ' . __('Super administrator') . '</label></p>' . 252 ($super_disabled ? form::hidden(array('user_super'), $user_super) : '') . 253 254 '<p><label for="user_name">' . __('Last Name:') . '</label> ' . 255 form::field('user_name', 20, 255, html::escapeHTML($user_name)) . 256 '</p>' . 257 258 '<p><label for="user_firstname">' . __('First Name:') . '</label> ' . 259 form::field('user_firstname', 20, 255, html::escapeHTML($user_firstname)) . 260 '</p>' . 261 262 '<p><label for="user_displayname">' . __('Display name:') . '</label> ' . 263 form::field('user_displayname', 20, 255, html::escapeHTML($user_displayname)) . 264 '</p>' . 265 266 '<p><label for="user_email">' . __('Email:') . '</label> ' . 267 form::field('user_email', 20, 255, html::escapeHTML($user_email)) . 268 '</p>' . 269 '<p class="form-note">' . __('Mandatory for password recovering procedure.') . '</p>' . 270 271 '<p><label for="user_url">' . __('URL:') . '</label> ' . 272 form::field('user_url', 30, 255, html::escapeHTML($user_url)) . 273 '</p>' . 274 '</div>' . 275 276 '<div class="col">' . 277 '<h3>' . __('Options') . '</h3>' . 278 '<h4>' . __('Interface') . '</h4>' . 279 '<p><label for="user_lang">' . __('Language:') . '</label> ' . 280 form::combo('user_lang', $lang_combo, $user_lang, 'l10n') . 281 '</p>' . 282 283 '<p><label for="user_tz">' . __('Timezone:') . '</label> ' . 284 form::combo('user_tz', dt::getZones(true, true), $user_tz) . 285 '</p>' . 286 287 '<h4>' . __('Edition') . '</h4>' . 288 '<p><label for="user_post_format">' . __('Preferred format:') . '</label> ' . 289 form::combo('user_post_format', $formaters_combo, $user_options['post_format']) . 290 '</p>' . 291 292 '<p><label for="user_post_status">' . __('Default entry status:') . '</label> ' . 293 form::combo('user_post_status', $status_combo, $user_post_status) . 294 '</p>' . 295 296 '<p><label for="user_edit_size">' . __('Entry edit field height:') . '</label> ' . 297 form::field('user_edit_size', 5, 4, (integer) $user_options['edit_size']) . 298 '</p>'; 299 299 300 300 # --BEHAVIOR-- adminUserForm 301 $core->callBehavior('adminUserForm',isset($rs) ? $rs : null); 302 303 echo 304 '</div>'. 305 '</div>'; 306 307 308 echo 309 '<p class="clear vertical-separator"><label for="your_pwd" class="required">'. 310 '<abbr title="'.__('Required field').'">*</abbr> '.__('Your password:').'</label>'. 311 form::password('your_pwd',20,255,'','','',false,'required placeholder="'.__('Password').'"').'</p>'. 312 '<p class="clear"><input type="submit" name="save" accesskey="s" value="'.__('Save').'" />'. 313 ($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="'.__('Save and create another').'" />'). 314 ($user_id != '' ? form::hidden('id',$user_id) : ''). 315 $core->formNonce(). 316 '</p>'. 317 318 '</form>'; 319 320 if ($user_id) 321 { 322 echo '<div class="clear fieldset">'. 323 '<h3>'.__('Permissions').'</h3>'; 324 325 if (!$user_super) 326 { 327 echo 328 '<form action="'.$core->adminurl->get("admin.user.actions").'" method="post">'. 329 '<p><input type="submit" value="'.__('Add new permissions').'" />'. 330 form::hidden(array('redir'),$core->adminurl->get("admin.user",array('id' => $user_id))). 331 form::hidden(array('action'),'blogs'). 332 form::hidden(array('users[]'),$user_id). 333 $core->formNonce(). 334 '</p>'. 335 '</form>'; 336 337 $permissions = $core->getUserPermissions($user_id); 338 $perm_types = $core->auth->getPermissionsTypes(); 339 340 if (count($permissions) == 0) 341 { 342 echo '<p>'.__('No permissions so far.').'</p>'; 343 } 344 else 345 { 346 foreach ($permissions as $k => $v) 347 { 348 if (count($v['p']) > 0) 349 { 350 echo 351 '<form action="'.$core->adminurl->get("admin.user.actions").'" method="post" class="perm-block">'. 352 '<p class="blog-perm">'.__('Blog:').' <a href="'. 353 $core->adminurl->get("admin.blog",array('id' => html::escapeHTML($k))).'">'. 354 html::escapeHTML($v['name']).'</a> ('.html::escapeHTML($k).')</p>'; 355 356 echo '<ul class="ul-perm">'; 357 foreach ($v['p'] as $p => $V) { 358 if (isset($perm_types[$p])) { 359 echo '<li>'.__($perm_types[$p]).'</li>'; 360 } 361 } 362 echo 363 '</ul>'. 364 '<p class="add-perm"><input type="submit" class="reset" value="'.__('Change permissions').'" />'. 365 form::hidden(array('redir'),$core->adminurl->get("admin.user",array('id' => $user_id))). 366 form::hidden(array('action'),'perms'). 367 form::hidden(array('users[]'),$user_id). 368 form::hidden(array('blogs[]'),$k). 369 $core->formNonce(). 370 '</p>'. 371 '</form>'; 372 } 373 } 374 } 375 376 } 377 else { 378 echo '<p>'.sprintf(__('%s is super admin (all rights on all blogs).'),'<strong>'.$user_id.'</strong>').'</p>'; 379 } 380 echo '</div>'; 301 $core->callBehavior('adminUserForm', isset($rs) ? $rs : null); 302 303 echo 304 '</div>' . 305 '</div>'; 306 307 echo 308 '<p class="clear vertical-separator"><label for="your_pwd" class="required">' . 309 '<abbr title="' . __('Required field') . '">*</abbr> ' . __('Your password:') . '</label>' . 310 form::password('your_pwd', 20, 255, 311 array( 312 'extra_html' => 'required placeholder="' . __('Password') . '"', 313 'autocomplete' => 'current-password' 314 ) 315 ) . '</p>' . 316 '<p class="clear"><input type="submit" name="save" accesskey="s" value="' . __('Save') . '" />' . 317 ($user_id != '' ? '' : ' <input type="submit" name="saveplus" value="' . __('Save and create another') . '" />') . 318 ($user_id != '' ? form::hidden('id', $user_id) : '') . 319 $core->formNonce() . 320 '</p>' . 321 322 '</form>'; 323 324 if ($user_id) { 325 echo '<div class="clear fieldset">' . 326 '<h3>' . __('Permissions') . '</h3>'; 327 328 if (!$user_super) { 329 echo 330 '<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post">' . 331 '<p><input type="submit" value="' . __('Add new permissions') . '" />' . 332 form::hidden(array('redir'), $core->adminurl->get("admin.user", array('id' => $user_id))) . 333 form::hidden(array('action'), 'blogs') . 334 form::hidden(array('users[]'), $user_id) . 335 $core->formNonce() . 336 '</p>' . 337 '</form>'; 338 339 $permissions = $core->getUserPermissions($user_id); 340 $perm_types = $core->auth->getPermissionsTypes(); 341 342 if (count($permissions) == 0) { 343 echo '<p>' . __('No permissions so far.') . '</p>'; 344 } else { 345 foreach ($permissions as $k => $v) { 346 if (count($v['p']) > 0) { 347 echo 348 '<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post" class="perm-block">' . 349 '<p class="blog-perm">' . __('Blog:') . ' <a href="' . 350 $core->adminurl->get("admin.blog", array('id' => html::escapeHTML($k))) . '">' . 351 html::escapeHTML($v['name']) . '</a> (' . html::escapeHTML($k) . ')</p>'; 352 353 echo '<ul class="ul-perm">'; 354 foreach ($v['p'] as $p => $V) { 355 if (isset($perm_types[$p])) { 356 echo '<li>' . __($perm_types[$p]) . '</li>'; 357 } 358 } 359 echo 360 '</ul>' . 361 '<p class="add-perm"><input type="submit" class="reset" value="' . __('Change permissions') . '" />' . 362 form::hidden(array('redir'), $core->adminurl->get("admin.user", array('id' => $user_id))) . 363 form::hidden(array('action'), 'perms') . 364 form::hidden(array('users[]'), $user_id) . 365 form::hidden(array('blogs[]'), $k) . 366 $core->formNonce() . 367 '</p>' . 368 '</form>'; 369 } 370 } 371 } 372 373 } else { 374 echo '<p>' . sprintf(__('%s is super admin (all rights on all blogs).'), '<strong>' . $user_id . '</strong>') . '</p>'; 375 } 376 echo '</div>'; 381 377 } 382 378
Note: See TracChangeset
for help on using the changeset viewer.