* @package BcWe core * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ */ If (!defined("IN_BCWE_ADMIN")) { die("Dieses Script kann nicht ausserhalb des Frameworks laufen!"); } $addnav["right"]=FALSE; $session->page_begin("edituser", True); class editusers_panel extends admin_module{ function output(){ global $plugin,$session,$config,$db,$panel,$admin,$module,$root,$firephp,$lang; if(isset($_GET["edituser"]) && $_GET["edituser"]!=""){ if(isset($_POST["send"]) && !empty($_POST["name"]) && !empty($_POST["uid"])){ $pwd=""; if($_POST['role']==2 && $session->userdata['role']!=2){ $panel->admin_message($lang->_('ERROR'),$lang->_('CANTASSIGNHIGHERRIGHT'),True,"editusers",3); } $_POST['key']=$session->generate_key(50); $salt = $session->generate_Key(6); if($_POST["password"]!=""){ $pwd=", `password`='".hash("sha256",$salt.$db->escape($_POST["password"]))."', `loginkey`='".$_POST['key']."',`salt` = '".$salt."'"; } $plugin->run_hook('admin_user_before_update',array('data'=>$_POST,'user_fid'=>$session->userdata['fuid'])); $db->query("UPDATE `" . $config["prefix"] . "users` SET `username`='".$db->escape($_POST["name"])."',`realname`='".$db->escape($_POST["realname"])."',`email`='".$db->escape($_POST["email"])."',`from`='".$db->escape($_POST["from"])."',`gender`='".$db->escape($_POST["gender"])."',`bio`='".$db->escape($_POST["bio"])."',`homepage`='".$db->escape($_POST["homepage"])."',`role`='".$db->escape($_POST["role"])."',`active`='".$db->escape($_POST["active"])."',".$pwd." WHERE `uid`='".intval($_POST["uid"])."'"); $_POST['user_fid']=$session->userdata['fuid']; $plugin->run_hook('admin_user_after_update',array('data'=>$_POST)); $panel->admin_message($lang->_('SUCCESS'),$lang->_('DATASAVED'),True,"editusers",3); }else{ $panel->title=$lang->_('EDITUSER'); $panel->form(array("action"=>$config["path"]."/admin/index.php?panel=editusers&edituser=".$_GET["edituser"])); $result=$db->query("SELECT * FROM `" . $config["prefix"] . "users` WHERE uid='".intval($_GET["edituser"])."'"); $data = $db->fetch_array($result); $panel->content.="

".$lang->_('USERNAME').":

"; $panel->field(array("name"=>"name","typ"=>"text","value"=>$data["username"])); $panel->content.="

".$lang->_('REALNAME').":

"; $panel->field(array("name"=>"realname","typ"=>"text","value"=>$data["realname"])); $panel->content.="

".$lang->_('MAIL').":

"; $panel->field(array("name"=>"email","value"=>$data["email"],"typ"=>"text")); $panel->content.="

".$lang->_('PASSWORD').":

"; $panel->field(array("name"=>"password","value"=>"","typ"=>"password")); $panel->content.="

".$lang->_('LOCATION').":

"; $panel->field(array("name"=>"from","value"=>$data["from"],"typ"=>"text")); $panel->content.="

".$lang->_('GENDER').":

"; $panel->select(array($lang->_('DIV')=>"u", $lang->_('FEMALE')=>"f",$lang->_('MALE')=>"m"),$data["gender"],"gender"); $panel->content.="

".$lang->_('HOMEPAGE').":

"; $panel->field(array("name"=>"homepage","value"=>$data["homepage"],"typ"=>"text")); $panel->content.="

".$lang->_('BANREASON').":

"; $panel->textarea(array("name"=>"bio","value"=>$data["bio"],"typ"=>"text")); $panel->content.="
"; $panel->content.="

".$lang->_('ROLE').":

"; $result=$db->query("SELECT `id`,`role_name` FROM `" . $config["prefix"] . "role`"); while($rdata = $db->fetch_array($result)){ $dd[$rdata["role_name"]]=$rdata["id"]; } $panel->select($dd,$data["role"],"role"); $panel->content.="
"; $panel->content.="

".$lang->_('STATUS').":

"; $panel->select(array($lang->_('ACTIVE')=>1,$lang->_('INACTIVE')=>0,$lang->_('BANNED')=>2),$data["active"],"active"); $panel->content.="
"; $panel->field(array("name"=>"send","typ"=>"hidden","value"=>"1")); $panel->field(array("name"=>"uid","typ"=>"hidden","value"=>$data["uid"])); $panel->content.="
"; $panel->submit(); $panel->formClose(); $panel->parse_page(); } }elseif(isset($_GET["action"]) && $_GET["action"]=="delete" && isset($_GET["user"])){ $result=$db->query("SELECT * FROM `" . $config["prefix"] . "users` WHERE `uid`='".intval($_GET["user"])."'"); $data = $db->fetch_array($result); $plugin->run_hook('admin_user_before_delete',array('data'=>$data)); $db->query("DELETE FROM `" . $config["prefix"] . "users` WHERE `uid`='".intval($_GET["user"])."'"); $plugin->run_hook('admin_user_after_delete',array('data'=>$data)); $panel->admin_message($lang->_('USERDELETED'),$lang->_('USERDELETEDSUCCESS'),True,"editusers",3); }else{ $left=""; $right=""; $asmodule=""; $mainmodule=""; $result=$db->query("SELECT * FROM `" . $config["prefix"] . "users` u LEFT JOIN `" . $config["prefix"] . "role` r ON r.id=u.role ORDER BY u.`uid`"); while ($row = $db->fetch_array($result)){ $user[]=$row; } $panel->title=$lang->_('USERS'); $panel->content.=""; if(!empty($user)){ foreach($user as $u){ if($u['active']==1){ $u['activetext']=$lang->_('ACTIVE'); $u['activestyle']=''; }elseif($u['active']==2){ $u['activetext']=$lang->_('BANNED'); $u['activestyle']='style="text-decoration:line-through;"'; }else{ $u['activetext']=$lang->_('INACTIVE'); $u['activestyle']='style="font-style:italic;"'; } $panel->content.=""; if($u["uid"]==$session->userdata["uid"]){ $panel->content.=""; }else{ $panel->content.=""; } } }else{ $panel->content.=""; } $panel->content.="

".$lang->_('ID')."	".$lang->_('USERNAME')."	".$lang->_('REALNAME')."	".$lang->_('ROLE')."	".$lang->_('STATUS')."	".$lang->_('ACTION')."
".$u["uid"]."	".$u["username"]."	".$u["realname"]."	".$u["role_name"]."	".$u['activetext']."	_('BADIDEA')."')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&action=delete&user=".$u["uid"]."\">
_('DELETEUSER'),$u["username"])."')\" href=\"".$config["path"]."/admin/index.php?panel=editusers&action=delete&user=".$u["uid"]."\">
".$lang->_('NOUSERS')."

"; } } function meta() { global $module,$config,$db,$panel,$userinfo,$admin,$root; $meta=' '; return $meta; } } ?>