This commit is contained in:
genuineparts 2025-06-20 20:13:51 +02:00
parent aa052ee9dc
commit 114e22bbab
10 changed files with 115 additions and 99 deletions

View file

@ -1,7 +1,7 @@
<?php
/**
* Project: astat - simple site engine
* File: /admin/editusers.apnl.php
* Project: BeCast WebEngine - simple site engine
* File: /admin/editusers.apnl.php
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@ -17,10 +17,10 @@
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* @link http://www.astat.org SVN: $URL$
* @copyright 2009 becast.at
* @link http://www.becast.at
* @copyright 2009-2025 becast.at
* @author Bernhard Jaud <bernhard at becast dot at>
* @package astat core
* @package BcWe core
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
*/
@ -39,14 +39,15 @@ class editusers_panel extends admin_module{
if(isset($_POST["send"]) && !empty($_POST["name"]) && !empty($_POST["uid"])){
$pwd="";
if($_POST['role']==2 && $session->userdata['role']!=2){
$panel->admin_message("Error","You cannot assign a role higher then yours!",True,"editusers",3);
$panel->admin_message($lang->_('ERROR'),$lang->_('CANTASSIGNHIGHERRIGHT'),True,"editusers",3);
}
$_POST['key']=$session->generate_key(50);
$salt = $session->generate_Key(6);
if($_POST["password"]!=""){
$pwd=", `password`='".hash("sha256",$db->escape($_POST["password"]))."', `loginkey`='".$_POST['key']."'";
$pwd=", `password`='".hash("sha256",$salt.$db->escape($_POST["password"]))."', `loginkey`='".$_POST['key']."',`salt` = '".$salt."'";
}
$plugin->run_hook('admin_user_before_update',array('data'=>$_POST,'key'=>$key,'user_fid'=>$session->userdata['fuid']));
$db->query("UPDATE `" . $config["prefix"] . "users` SET `username`='".$db->escape($_POST["name"])."',`realname`='".$db->escape($_POST["realname"])."',`email`='".$db->escape($_POST["email"])."',`from`='".$db->escape($_POST["from"])."',`gender`='".$db->escape($_POST["gender"])."',`bio`='".$db->escape($_POST["bio"])."',`homepage`='".$db->escape($_POST["homepage"])."',`icq`='".$db->escape($_POST["icq"])."',`aim`='".$db->escape($_POST["aim"])."',`skype`='".$db->escape($_POST["skype"])."',`role`='".$db->escape($_POST["role"])."',`active`='".$db->escape($_POST["active"])."',`char_suspended`='".$db->escape($_POST["char_suspended"])."'".$pwd." WHERE `uid`='".intval($_POST["uid"])."'");
$db->query("UPDATE `" . $config["prefix"] . "users` SET `username`='".$db->escape($_POST["name"])."',`realname`='".$db->escape($_POST["realname"])."',`email`='".$db->escape($_POST["email"])."',`from`='".$db->escape($_POST["from"])."',`gender`='".$db->escape($_POST["gender"])."',`bio`='".$db->escape($_POST["bio"])."',`homepage`='".$db->escape($_POST["homepage"])."',`role`='".$db->escape($_POST["role"])."',`active`='".$db->escape($_POST["active"])."',".$pwd." WHERE `uid`='".intval($_POST["uid"])."'");
$_POST['user_fid']=$session->userdata['fuid'];
$plugin->run_hook('admin_user_after_update',array('data'=>$_POST));
$panel->admin_message($lang->_('SUCCESS'),$lang->_('DATASAVED'),True,"editusers",3);
@ -66,15 +67,9 @@ class editusers_panel extends admin_module{
$panel->content.="<h3>".$lang->_('LOCATION').":</h3>";
$panel->field(array("name"=>"from","value"=>$data["from"],"typ"=>"text"));
$panel->content.="<h3>".$lang->_('GENDER').":</h3>";
$panel->select(array($lang->_('N/A')=>"u", $lang->_('FEMALE')=>"f",$lang->_('MALE')=>"m"),$data["gender"],"gender");
$panel->select(array($lang->_('DIV')=>"u", $lang->_('FEMALE')=>"f",$lang->_('MALE')=>"m"),$data["gender"],"gender");
$panel->content.="<h3>".$lang->_('HOMEPAGE').":</h3>";
$panel->field(array("name"=>"homepage","value"=>$data["homepage"],"typ"=>"text"));
$panel->content.="<h3>".$lang->_('ICQ').":</h3>";
$panel->field(array("name"=>"icq","value"=>$data["icq"],"typ"=>"text"));
$panel->content.="<h3>".$lang->_('AIM').":</h3>";
$panel->field(array("name"=>"aim","value"=>$data["aim"],"typ"=>"text"));
$panel->content.="<h3>".$lang->_('SKYPE').":</h3>";
$panel->field(array("name"=>"skype","value"=>$data["skype"],"typ"=>"text"));
$panel->content.="<h3>".$lang->_('BANREASON').":</h3>";
$panel->textarea(array("name"=>"bio","value"=>$data["bio"],"typ"=>"text"));
$panel->content.="<br />";
@ -87,9 +82,7 @@ class editusers_panel extends admin_module{
$panel->content.="<br />";
$panel->content.="<h3>".$lang->_('STATUS').":</h3>";
$panel->select(array($lang->_('ACTIVE')=>1,$lang->_('INACTIVE')=>0,$lang->_('BANNED')=>2),$data["active"],"active");
$panel->content.="<br />";
$panel->content.="<h3>Char Creation supended?</h3>";
$panel->select(array($lang->_('YES')=>1,$lang->_('NO')=>0),$data["char_suspended"],"char_suspended");
$panel->content.="<br />";
$panel->field(array("name"=>"send","typ"=>"hidden","value"=>"1"));
$panel->field(array("name"=>"uid","typ"=>"hidden","value"=>$data["uid"]));
$panel->content.="<br />";
@ -103,7 +96,7 @@ class editusers_panel extends admin_module{
$plugin->run_hook('admin_user_before_delete',array('data'=>$data));
$db->query("DELETE FROM `" . $config["prefix"] . "users` WHERE `uid`='".intval($_GET["user"])."'");
$plugin->run_hook('admin_user_after_delete',array('data'=>$data));
$panel->admin_message("User gel&ouml;scht!","Der User wurde erfolgreich gel&ouml;scht.",True,"editusers",3);
$panel->admin_message($lang->_('USERDELETED'),$lang->_('USERDELETEDSUCCESS'),True,"editusers",3);
}else{
$left="";
@ -118,9 +111,9 @@ class editusers_panel extends admin_module{
$panel->content.="<table id=\"users\" width=\"90%\" cellspacing=\"2\">
<thead>
<tr>
<th align=\"center\">".$lang->_('ID')."</th>
<th align=\"center\">".$lang->_('USERNAME')."</th>
<th align=\"center\">".$lang->_('REALNAME')."</th>
<th align=\"center\">".$lang->_('ID')."</th>
<th align=\"center\">".$lang->_('USERNAME')."</th>
<th align=\"center\">".$lang->_('REALNAME')."</th>
<th align=\"center\">".$lang->_('ROLE')."</th>
<th align=\"center\">".$lang->_('STATUS')."</th>
<th align=\"center\">".$lang->_('ACTION')."</th>
@ -129,28 +122,31 @@ class editusers_panel extends admin_module{
foreach($user as $u){
if($u['active']==1){
$u['activetext']=$lang->_('ACTIVE');
$u['activestyle']='';
}elseif($u['active']==2){
$u['activetext']=$lang->_('BANNED');
$u['activestyle']='style="text-decoration:line-through;"';
}else{
$u['activetext']=$lang->_('INACTIVE');
$u['activestyle']='style="font-style:italic;"';
}
$panel->content.="<tr>
$panel->content.="<tr ".$u['activestyle'].">
<td align=\"center\">".$u["uid"]."</td>
<td align=\"center\">".$u["username"]."</td>
<td align=\"center\">".$u["realname"]."</td>
<td align=\"center\">".$u["role_name"]."</td>
<td align=\"center\">".$u['activetext']."</td>";
if($u["uid"]==$session->userdata["uid"]){
$panel->content.="<td align=\"center\"><a onclick=\"return confirmLink(this,'Das bist du selbst. Und das ist in 99% aller Fälle eine sehr dumme Idee. Wirklich sicher? Du wirst dann sofort ausgeloggt!')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;action=delete&amp;user=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/delete.png\" /></a> <a href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;edituser=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/wrench.png\" /></a></td>
$panel->content.="<td align=\"center\"><a onclick=\"return confirmLink(this,'".$lang->_('BADIDEA')."')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;action=delete&amp;user=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/delete.png\" /></a> <a href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;edituser=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/wrench.png\" /></a></td>
</tr>";
}else{
$panel->content.="<td align=\"center\"><a onclick=\"return confirmLink(this, 'Willst du wirklich den User ".$u["username"]." l&ouml;schen? Alle Daten diese Users werden gel&ouml;scht!')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;action=delete&amp;user=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/delete.png\" /></a> <a href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;edituser=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/wrench.png\" /></a></td>
$panel->content.="<td align=\"center\"><a onclick=\"return confirmLink(this, '".sprintf($lang->_('DELETEUSER'),$u["username"])."')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;action=delete&amp;user=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/delete.png\" /></a> <a href=\"".$config["path"]."/admin/index.php?panel=editusers&amp;edituser=".$u["uid"]."\"><img src=\"".$config["path"]."/admin/images/icons/wrench.png\" /></a></td>
</tr>";
}
}
}else{
$panel->content.="<tr>
<td align=\"center\" colspan=\"5\">Keine User verf&uuml;gbar.</td>
<td align=\"center\" colspan=\"5\">".$lang->_('NOUSERS')."</td>
</tr>";
}
$panel->content.="</tbody></table><br />";
@ -164,19 +160,6 @@ class editusers_panel extends admin_module{
<script src="'.$config["path"].'/js/datatables/js/jquery.dataTables.min.js" type="text/javascript">
</script>
<link type="text/css" rel="stylesheet" media="screen" href="'.$config["path"].'/js/datatables/css/jquery.dataTables.css" />
<script type="text/javascript">
function deleteItem(item) {
if(confirmLink(this, "Willst du wirklich dieses Modul deinstallieren? Alle Daten diese Moduls werden gel&ouml;scht!")==true){
name="id_"+item;
Effect.SwitchOff(name);
new Ajax.Request(\'index.php?panel=navigation\' , {
method: "post",
parameters: {delete:name}});
}
return false;
}
</script>
<style type="text/css">
.loadlayer {
position: absolute;