diff options
Diffstat (limited to 'admin/user_modify.php')
-rw-r--r-- | admin/user_modify.php | 97 |
1 files changed, 86 insertions, 11 deletions
diff --git a/admin/user_modify.php b/admin/user_modify.php index 4989c31e2..792eef16b 100644 --- a/admin/user_modify.php +++ b/admin/user_modify.php @@ -20,7 +20,8 @@ $sub = $vtp->Open( '../template/'.$user['template'].'/admin/user_modify.vtp' ); $error = array(); $tpl = array( 'adduser_info_message', 'adduser_info_back', 'adduser_fill_form', 'login', 'new', 'password', 'mail_address', 'adduser_status', - 'submit', 'adduser_info_password_updated' ); + 'submit', 'adduser_info_password_updated','menu_groups', + 'dissociate','adduser_associate' ); templatize_array( $tpl, 'lang', $sub ); //--------------------------------------------------------- form criteria check $error = array(); @@ -34,7 +35,9 @@ $query.= ' from '.PREFIX_TABLE.'users'; $query.= ' where id = '.$_GET['user_id']; $query.= ';'; $row = mysql_fetch_array( mysql_query( $query ) ); - +$page['username'] = $row['username']; +$page['status'] = $row['status']; +$page['mail_address'] = $row['mail_address']; // user is not modifiable if : // 1. the selected user is the user "guest" // 2. the selected user is the webmaster and the user making the modification @@ -66,6 +69,34 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) $_POST['status'], $use_new_password, $_POST['password'] ) ); } +// association with groups management +if ( isset( $_POST['submit'] ) ) +{ + // deletion of checked groups + $query = 'SELECT id,name'; + $query.= ' FROM '.PREFIX_TABLE.'groups'; + $query.= ' ORDER BY id ASC'; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + $dissociate = 'dissociate-'.$row['id']; + if ( $_POST[$dissociate] == 1 ) + { + $query = 'DELETE FROM '.PREFIX_TABLE.'user_group'; + $query.= ' WHERE user_id = '.$_GET['user_id']; + $query.= ' AND group_id ='.$row['id']; + $query.= ';'; + mysql_query( $query ); + } + } + // create a new association between the user and a group + $query = 'INSERT INTO '.PREFIX_TABLE.'user_group'; + $query.= ' (user_id,group_id) VALUES'; + $query.= ' ('.$_GET['user_id'].','.$_POST['associate'].')'; + $query.= ';'; + mysql_query( $query ); +} //-------------------------------------------------------------- errors display if ( sizeof( $error ) != 0 ) { @@ -82,7 +113,7 @@ if ( sizeof( $error ) != 0 ) if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) { $vtp->addSession( $sub, 'confirmation' ); - $vtp->setVar( $sub, 'confirmation.username', $row['username'] ); + $vtp->setVar( $sub, 'confirmation.username', $page['username'] ); $url = add_session_id( './admin.php?page=user_list' ); $vtp->setVar( $sub, 'confirmation.url', $url ); $vtp->closeSession( $sub, 'confirmation' ); @@ -91,7 +122,6 @@ if ( sizeof( $error ) == 0 and isset( $_POST['submit'] ) ) $vtp->addSession( $sub, 'password_updated' ); $vtp->closeSession( $sub, 'password_updated' ); } - $display_form = false; } //------------------------------------------------------------------------ form if ( $display_form ) @@ -99,13 +129,15 @@ if ( $display_form ) $vtp->addSession( $sub, 'form' ); $action = './admin.php?page=user_modify&user_id='.$_GET['user_id']; $vtp->setVar( $sub, 'form.form_action', add_session_id( $action ) ); - $vtp->setVar( $sub, 'form.user:username', $row['username'] ); - $vtp->setVar( $sub, 'form.user:password', $_POST['password'] ); - $vtp->setVar( $sub, 'form.user:mail_address', $_POST['mail_address'] ); - - if ( !isset( $_POST['status'] ) ) + $vtp->setVar( $sub, 'form.user:username', $page['username'] ); + if ( isset( $_POST['mail_address'] ) ) + { + $page['mail_address'] = $_POST['mail_address']; + } + $vtp->setVar( $sub, 'form.user:mail_address', $page['mail_address'] ); + if ( isset( $_POST['status'] ) ) { - $_POST['status'] = 'guest'; + $page['status'] = $_POST['status']; } $option = get_enums( PREFIX_TABLE.'users', 'status' ); for ( $i = 0; $i < sizeof( $option ); $i++ ) @@ -114,12 +146,55 @@ if ( $display_form ) $vtp->setVar( $sub, 'status_option.value', $option[$i] ); $vtp->setVar( $sub, 'status_option.option', $lang['adduser_status_'.$option[$i]] ); - if( $option[$i] == $_POST['status'] ) + if( $option[$i] == $page['status'] ) { $vtp->setVar( $sub, 'status_option.selected', ' selected="selected"' ); } $vtp->closeSession( $sub, 'status_option' ); } + // groups linked with this user + $query = 'SELECT id,name'; + $query.= ' FROM '.PREFIX_TABLE.'user_group, '.PREFIX_TABLE.'groups'; + $query.= ' WHERE group_id = id'; + $query.= ' AND user_id = '.$_GET['user_id']; + $query.= ';'; + $result = mysql_query( $query ); + $user_groups = array(); + if ( mysql_num_rows( $result ) > 0 ) + { + $vtp->addSession( $sub, 'groups' ); + while ( $row = mysql_fetch_array( $result ) ) + { + $vtp->addSession( $sub, 'group' ); + $vtp->setVar( $sub, 'group.name', $row['name'] ); + $vtp->setVar( $sub, 'group.dissociate_id', $row['id'] ); + $vtp->closeSession( $sub, 'group' ); + array_push( $user_groups, $row['id'] ); + } + $vtp->closeSession( $sub, 'groups' ); + } + // empty group not to take into account + $vtp->addSession( $sub, 'associate_group' ); + $vtp->setVar( $sub, 'associate_group.value', 'undef' ); + $vtp->setVar( $sub, 'associate_group.option', '' ); + $vtp->closeSession( $sub, 'associate_group' ); + // groups not linked yet to the user + $query = 'SELECT id,name'; + $query.= ' FROM '.PREFIX_TABLE.'groups'; + $query.= ' ORDER BY id ASC'; + $query.= ';'; + $result = mysql_query( $query ); + while ( $row = mysql_fetch_array( $result ) ) + { + if ( !in_array( $row['id'], $user_groups ) ) + { + $vtp->addSession( $sub, 'associate_group' ); + $vtp->setVar( $sub, 'associate_group.value', $row['id'] ); + $vtp->setVar( $sub, 'associate_group.option', $row['name'] ); + $vtp->closeSession( $sub, 'associate_group' ); + } + } + $url = add_session_id( './admin.php?page=user_list' ); $vtp->setVar( $sub, 'form.url_back', $url ); $vtp->closeSession( $sub, 'form' ); |