aboutsummaryrefslogtreecommitdiffstats
path: root/admin/user_modify.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/user_modify.php100
1 files changed, 83 insertions, 17 deletions
diff --git a/admin/user_modify.php b/admin/user_modify.php
index fad131d81..6e14589c3 100644
--- a/admin/user_modify.php
+++ b/admin/user_modify.php
@@ -18,11 +18,16 @@ include_once( './include/isadmin.inc.php' );
//----------------------------------------------------- template initialization
$sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_modify.vtp' );
$error = array();
-$tpl = array( 'user_err_modify', 'user_err_unknown' );
-templatize_array( $tpl, 'lang' );
+$tpl = array( 'adduser_info_message', 'adduser_info_back', 'adduser_fill_form',
+ 'login', 'new', 'password', 'mail_address', 'adduser_status',
+ 'submit', 'adduser_info_password_updated' );
+templatize_array( $tpl, 'lang', $sub );
//--------------------------------------------------------- form criteria check
+$error = array();
$display_form = true;
+// retrieving information in the database about the user identified by its
+// id in $_GET['user_id']
$query = 'select';
$query.= ' username,status,mail_address';
$query.= ' from '.$prefixeTable.'users';
@@ -30,34 +35,95 @@ $query.= ' where id = '.$_GET['user_id'];
$query.= ';';
$row = mysql_fetch_array( mysql_query( $query ) );
-$username = $row['username'];
-$status = $row['status'];
-$mail_address = $row['mail_address'];
-
-if ( $username == 'guest'
- or ( $username == $conf['webmaster']
+// user is not modifiable if :
+// 1. the selected user is the user "guest"
+// 2. the selected user is the webmaster and the user making the modification
+// is not the webmaster
+if ( $row['username'] == 'guest'
+ or ( $row['username'] == $conf['webmaster']
and $user['username'] != $conf['webmaster'] ) )
{
- $vtp->addSession( $sub, 'err_modify' );
- $vtp->closeSession( $sub, 'err_modify' );
+ array_push( $error, $lang['user_err_modify'] );
$display_form = false;
}
-if ( $username == '' )
+// if the user was not found in the database, no modification possible
+if ( $row['username'] == '' )
{
- $vtp->addSession( $sub, 'err_unknown' );
- $vtp->closeSession( $sub, 'err_unknown' );
+ array_push( $error, $lang['user_err_unknown'] );
$display_form = false;
}
-if ( $display_form and isset( $_POST['submit'] ) )
+if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
{
+ // shall we use a new password and overwrite the old one ?
$use_new_password = false;
if ( $_POST['use_new_pwd'] == 1)
{
$use_new_password = true;
}
- $error = update_user(
- $_GET['user_id'], $_POST['mail_address'], $_POST['status'],
- $use_new_password, $POST['password'] );
+ $error = array_merge( $error, update_user(
+ $_GET['user_id'], $_POST['mail_address'],
+ $_POST['status'], $use_new_password,
+ $_POST['password'] ) );
+}
+//-------------------------------------------------------------- errors display
+if ( sizeof( $error ) != 0 )
+{
+ $vtp->addSession( $sub, 'errors' );
+ for ( $i = 0; $i < sizeof( $error ); $i++ )
+ {
+ $vtp->addSession( $sub, 'li' );
+ $vtp->setVar( $sub, 'li.li', $error[$i] );
+ $vtp->closeSession( $sub, 'li' );
+ }
+ $vtp->closeSession( $sub, 'errors' );
+}
+//---------------------------------------------------------------- confirmation
+if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) )
+{
+ $vtp->addSession( $sub, 'confirmation' );
+ $vtp->setVar( $sub, 'confirmation.username', $row['username'] );
+ $url = add_session_id( './admin.php?page=user_list' );
+ $vtp->setVar( $sub, 'confirmation.url', $url );
+ $vtp->closeSession( $sub, 'confirmation' );
+ if ( $use_new_pwd )
+ {
+ $vtp->addSession( $sub, 'password_updated' );
+ $vtp->closeSession( $sub, 'password_updated' );
+ }
+ $display_form = false;
+}
+//------------------------------------------------------------------------ form
+if ( $display_form )
+{
+ $vtp->addSession( $sub, 'form' );
+ $action = './admin.php?page=user_modify&amp;user_id='.$_GET['user_id'];
+ $vtp->setVar( $sub, 'form.form_action', add_session_id( $action ) );
+ $vtp->setVar( $sub, 'form.user:username', $row['username'] );
+ $vtp->setVar( $sub, 'form.user:password', $_POST['password'] );
+ $vtp->setVar( $sub, 'form.user:mail_address', $_POST['mail_address'] );
+
+ if ( !isset( $_POST['status'] ) )
+ {
+ $_POST['status'] = 'guest';
+ }
+ $option = get_enums( $prefixeTable.'users', 'status' );
+ for ( $i = 0; $i < sizeof( $option ); $i++ )
+ {
+ $vtp->addSession( $sub, 'status_option' );
+ $vtp->setVar( $sub, 'status_option.value', $option[$i] );
+ $vtp->setVar( $sub, 'status_option.option',
+ $lang['adduser_status_'.$option[$i]] );
+ if( $option[$i] == $_POST['status'] )
+ {
+ $vtp->setVar( $sub, 'status_option.selected', ' selected="selected"' );
+ }
+ $vtp->closeSession( $sub, 'status_option' );
+ }
+ $url = add_session_id( './admin.php?page=user_list' );
+ $vtp->setVar( $sub, 'form.url_back', $url );
+ $vtp->closeSession( $sub, 'form' );
}
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
?> \ No newline at end of file