mirror of
https://github.com/e107inc/e107.git
synced 2025-07-24 16:31:48 +02:00
FIX #364 - Admin > users > edit: SEF issue when enabled
Admin > users > edit: SEF issue when enabled #364
This commit is contained in:
Luca Filosofi
@@ -3178,6 +3178,7 @@ class e107
|
||||
(!$isPluginDir && strpos($e107Path, $ADMIN_DIRECTORY) === 0 ) // Core admin directory
|
||||
|| ($isPluginDir && (strpos(e_PAGE,'_admin.php') !== false || strpos(e_PAGE,'admin_') === 0 || strpos($e107Path, 'admin/') !== FALSE)) // Plugin admin file or directory
|
||||
|| (varsettrue($eplug_admin) || defsettrue('ADMIN_AREA')) // Admin forced
|
||||
|| (preg_match('/^\/(.*?)\/user(settings\.php|\/edit)(\?|\/)(\d+)$/i', $_SERVER['REQUEST_URI']) && ADMIN)
|
||||
)
|
||||
{
|
||||
$inAdminDir = TRUE;
|
||||
@@ -3197,12 +3198,8 @@ class e107
|
||||
define('e_PLUGIN_DIR_ABS', '');
|
||||
}
|
||||
|
||||
// This should avoid further checks - NOTE: used in js_manager.php
|
||||
if(!defined('e_ADMIN_AREA'))
|
||||
{
|
||||
define('e_ADMIN_AREA', ($inAdminDir && !deftrue('USER_AREA'))); //Force USER_AREA added
|
||||
}
|
||||
|
||||
|
||||
define('e_ADMIN_AREA', $inAdminDir);
|
||||
define('ADMINDIR', $ADMIN_DIRECTORY);
|
||||
|
||||
define('SITEURLBASE', $this->HTTP_SCHEME.'://'.$_SERVER['HTTP_HOST']);
|
||||
|
||||
@@ -792,46 +792,46 @@ i.e-cat_users-32{ background-position: -555px 0; width: 32px; height: 32px; }
|
||||
//XXX DO NOT EDIT without first checking perms in user_handler.php !!!!
|
||||
|
||||
$array_functions = array(
|
||||
0 => array(e_ADMIN.'administrator.php', ADLAN_8, ADLAN_9, '3', 2, E_16_ADMIN, E_32_ADMIN),
|
||||
1 => array(e_ADMIN.'updateadmin.php', ADLAN_10, ADLAN_11, '', 2, E_16_ADPASS, E_32_ADPASS),
|
||||
2 => array(e_ADMIN.'banlist.php', ADLAN_34, ADLAN_35, '4', 2, E_16_BANLIST, E_32_BANLIST),
|
||||
4 => array(e_ADMIN.'cache.php', ADLAN_74, ADLAN_75, 'C', 1, E_16_CACHE, E_32_CACHE),
|
||||
5 => array(e_ADMIN.'cpage.php', ADLAN_42, ADLAN_43, '5|J', 3, E_16_CUST, E_32_CUST),
|
||||
6 => array(e_ADMIN.'db.php', ADLAN_44, ADLAN_45, '0', 4, E_16_DATAB, E_32_DATAB),
|
||||
0 => array(e_ADMIN_ABS.'administrator.php', ADLAN_8, ADLAN_9, '3', 2, E_16_ADMIN, E_32_ADMIN),
|
||||
1 => array(e_ADMIN_ABS.'updateadmin.php', ADLAN_10, ADLAN_11, '', 2, E_16_ADPASS, E_32_ADPASS),
|
||||
2 => array(e_ADMIN_ABS.'banlist.php', ADLAN_34, ADLAN_35, '4', 2, E_16_BANLIST, E_32_BANLIST),
|
||||
4 => array(e_ADMIN_ABS.'cache.php', ADLAN_74, ADLAN_75, 'C', 1, E_16_CACHE, E_32_CACHE),
|
||||
5 => array(e_ADMIN_ABS.'cpage.php', ADLAN_42, ADLAN_43, '5|J', 3, E_16_CUST, E_32_CUST),
|
||||
6 => array(e_ADMIN_ABS.'db.php', ADLAN_44, ADLAN_45, '0', 4, E_16_DATAB, E_32_DATAB),
|
||||
// 7 => array(e_ADMIN.'download.php', ADLAN_24, ADLAN_25, 'R', 3, E_16_DOWNL, E_32_DOWNL),
|
||||
8 => array(e_ADMIN.'emoticon.php', ADLAN_58, ADLAN_59, 'F', 1, E_16_EMOTE, E_32_EMOTE),
|
||||
8 => array(e_ADMIN_ABS.'emoticon.php', ADLAN_58, ADLAN_59, 'F', 1, E_16_EMOTE, E_32_EMOTE),
|
||||
// 9 => array(e_ADMIN.'filemanager.php', ADLAN_30, ADLAN_31, '6', 5, E_16_FILE, E_32_FILE), // replaced by media-manager
|
||||
10 => array(e_ADMIN.'frontpage.php', ADLAN_60, ADLAN_61, 'G', 1, E_16_FRONT, E_32_FRONT),
|
||||
11 => array(e_ADMIN.'image.php', LAN_MEDIAMANAGER, LAN_MEDIAMANAGER, 'A', 5, E_16_IMAGES, E_32_IMAGES),
|
||||
12 => array(e_ADMIN.'links.php', ADLAN_138, ADLAN_139, 'I', 1, E_16_LINKS, E_32_LINKS),
|
||||
13 => array(e_ADMIN.'wmessage.php', ADLAN_28, ADLAN_29, 'M', 3, E_16_WELCOME, E_32_WELCOME),
|
||||
14 => array(e_ADMIN.'ugflag.php', ADLAN_40, ADLAN_41, '9', 4, E_16_MAINTAIN, E_32_MAINTAIN),
|
||||
15 => array(e_ADMIN.'menus.php', ADLAN_6, ADLAN_7, '2', 5, E_16_MENUS, E_32_MENUS),
|
||||
16 => array(e_ADMIN.'meta.php', ADLAN_66, ADLAN_67, 'T', 1, E_16_META, E_32_META),
|
||||
17 => array(e_ADMIN.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7', 3, E_16_NEWS, E_32_NEWS),
|
||||
18 => array(e_ADMIN.'phpinfo.php', ADLAN_68, ADLAN_69, '0', 20, E_16_PHP, E_32_PHP),
|
||||
19 => array(e_ADMIN.'prefs.php', ADLAN_4, ADLAN_5, '1', 1, E_16_PREFS, E_32_PREFS),
|
||||
20 => array(e_ADMIN.'search.php', ADLAN_142, ADLAN_143, 'X', 1, E_16_SEARCH, E_32_SEARCH),
|
||||
21 => array(e_ADMIN.'admin_log.php', ADLAN_155, ADLAN_156, 'S', 4, E_16_ADMINLOG, E_32_ADMINLOG),
|
||||
22 => array(e_ADMIN.'theme.php', ADLAN_140, ADLAN_141, '1', 5, E_16_THEMEMANAGER, E_32_THEMEMANAGER),
|
||||
23 => array(e_ADMIN.'upload.php', ADLAN_72, ADLAN_73, 'V', 3, E_16_UPLOADS, E_32_UPLOADS),
|
||||
24 => array(e_ADMIN.'users.php', ADLAN_36, ADLAN_37, '4|U0|U1|U2|U3', 2, E_16_USER, E_32_USER),
|
||||
25 => array(e_ADMIN.'userclass2.php', ADLAN_38, ADLAN_39, '4', 2, E_16_USERCLASS, E_32_USERCLASS),
|
||||
26 => array(e_ADMIN.'language.php', ADLAN_132, ADLAN_133, 'L', 1, E_16_LANGUAGE, E_32_LANGUAGE),
|
||||
27 => array(e_ADMIN.'mailout.php', ADLAN_136, ADLAN_137, 'W', 2, E_16_MAIL, E_32_MAIL),
|
||||
28 => array(e_ADMIN.'users_extended.php', ADLAN_78, ADLAN_79, '4', 2, E_16_USER_EXTENDED, E_32_USER_EXTENDED),
|
||||
29 => array(e_ADMIN.'fileinspector.php', ADLAN_147, ADLAN_148, 'Y', 4, E_16_INSPECT, E_32_INSPECT),
|
||||
30 => array(e_ADMIN.'notify.php', ADLAN_149, ADLAN_150, 'O', 4, E_16_NOTIFY, E_32_NOTIFY),
|
||||
31 => array(e_ADMIN.'cron.php', ADLAN_157, ADLAN_158, 'U', 4, E_16_CRON, E_32_CRON),
|
||||
10 => array(e_ADMIN_ABS.'frontpage.php', ADLAN_60, ADLAN_61, 'G', 1, E_16_FRONT, E_32_FRONT),
|
||||
11 => array(e_ADMIN_ABS.'image.php', LAN_MEDIAMANAGER, LAN_MEDIAMANAGER, 'A', 5, E_16_IMAGES, E_32_IMAGES),
|
||||
12 => array(e_ADMIN_ABS.'links.php', ADLAN_138, ADLAN_139, 'I', 1, E_16_LINKS, E_32_LINKS),
|
||||
13 => array(e_ADMIN_ABS.'wmessage.php', ADLAN_28, ADLAN_29, 'M', 3, E_16_WELCOME, E_32_WELCOME),
|
||||
14 => array(e_ADMIN_ABS.'ugflag.php', ADLAN_40, ADLAN_41, '9', 4, E_16_MAINTAIN, E_32_MAINTAIN),
|
||||
15 => array(e_ADMIN_ABS.'menus.php', ADLAN_6, ADLAN_7, '2', 5, E_16_MENUS, E_32_MENUS),
|
||||
16 => array(e_ADMIN_ABS.'meta.php', ADLAN_66, ADLAN_67, 'T', 1, E_16_META, E_32_META),
|
||||
17 => array(e_ADMIN_ABS.'newspost.php', ADLAN_0, ADLAN_1, 'H|N|7', 3, E_16_NEWS, E_32_NEWS),
|
||||
18 => array(e_ADMIN_ABS.'phpinfo.php', ADLAN_68, ADLAN_69, '0', 20, E_16_PHP, E_32_PHP),
|
||||
19 => array(e_ADMIN_ABS.'prefs.php', ADLAN_4, ADLAN_5, '1', 1, E_16_PREFS, E_32_PREFS),
|
||||
20 => array(e_ADMIN_ABS.'search.php', ADLAN_142, ADLAN_143, 'X', 1, E_16_SEARCH, E_32_SEARCH),
|
||||
21 => array(e_ADMIN_ABS.'admin_log.php', ADLAN_155, ADLAN_156, 'S', 4, E_16_ADMINLOG, E_32_ADMINLOG),
|
||||
22 => array(e_ADMIN_ABS.'theme.php', ADLAN_140, ADLAN_141, '1', 5, E_16_THEMEMANAGER, E_32_THEMEMANAGER),
|
||||
23 => array(e_ADMIN_ABS.'upload.php', ADLAN_72, ADLAN_73, 'V', 3, E_16_UPLOADS, E_32_UPLOADS),
|
||||
24 => array(e_ADMIN_ABS.'users.php', ADLAN_36, ADLAN_37, '4|U0|U1|U2|U3', 2, E_16_USER, E_32_USER),
|
||||
25 => array(e_ADMIN_ABS.'userclass2.php', ADLAN_38, ADLAN_39, '4', 2, E_16_USERCLASS, E_32_USERCLASS),
|
||||
26 => array(e_ADMIN_ABS.'language.php', ADLAN_132, ADLAN_133, 'L', 1, E_16_LANGUAGE, E_32_LANGUAGE),
|
||||
27 => array(e_ADMIN_ABS.'mailout.php', ADLAN_136, ADLAN_137, 'W', 2, E_16_MAIL, E_32_MAIL),
|
||||
28 => array(e_ADMIN_ABS.'users_extended.php', ADLAN_78, ADLAN_79, '4', 2, E_16_USER_EXTENDED, E_32_USER_EXTENDED),
|
||||
29 => array(e_ADMIN_ABS.'fileinspector.php', ADLAN_147, ADLAN_148, 'Y', 4, E_16_INSPECT, E_32_INSPECT),
|
||||
30 => array(e_ADMIN_ABS.'notify.php', ADLAN_149, ADLAN_150, 'O', 4, E_16_NOTIFY, E_32_NOTIFY),
|
||||
31 => array(e_ADMIN_ABS.'cron.php', ADLAN_157, ADLAN_158, 'U', 4, E_16_CRON, E_32_CRON),
|
||||
|
||||
32 => array(e_ADMIN.'eurl.php', ADLAN_159, ADLAN_160, 'K', 1, E_16_EURL, E_32_EURL),
|
||||
33 => array(e_ADMIN.'plugin.php', ADLAN_98, ADLAN_99, 'Z', 5 , E_16_PLUGMANAGER, E_32_PLUGMANAGER),
|
||||
34 => array(e_ADMIN.'docs.php', ADLAN_12, ADLAN_13, '', 20, E_16_DOCS, E_32_DOCS),
|
||||
32 => array(e_ADMIN_ABS.'eurl.php', ADLAN_159, ADLAN_160, 'K', 1, E_16_EURL, E_32_EURL),
|
||||
33 => array(e_ADMIN_ABS.'plugin.php', ADLAN_98, ADLAN_99, 'Z', 5 , E_16_PLUGMANAGER, E_32_PLUGMANAGER),
|
||||
34 => array(e_ADMIN_ABS.'docs.php', ADLAN_12, ADLAN_13, '', 20, E_16_DOCS, E_32_DOCS),
|
||||
// TODO System Info.
|
||||
// 35 => array('#TODO', 'System Info', 'System Information', '', 20, '', ''),
|
||||
36 => array(e_ADMIN.'credits.php', LAN_CREDITS, LAN_CREDITS, '', 20, E_16_E107, E_32_E107),
|
||||
36 => array(e_ADMIN_ABS.'credits.php', LAN_CREDITS, LAN_CREDITS, '', 20, E_16_E107, E_32_E107),
|
||||
// 37 => array(e_ADMIN.'custom_field.php', ADLAN_161, ADLAN_162, 'U', 4, E_16_CUSTOMFIELD, E_32_CUSTOMFIELD),
|
||||
38 => array(e_ADMIN.'comment.php', LAN_COMMENTMAN, LAN_COMMENTMAN, 'B', 5, E_16_COMMENT, E_32_COMMENT)
|
||||
38 => array(e_ADMIN_ABS.'comment.php', LAN_COMMENTMAN, LAN_COMMENTMAN, 'B', 5, E_16_COMMENT, E_32_COMMENT)
|
||||
);
|
||||
|
||||
if($mode == 'legacy')
|
||||
@@ -983,8 +983,8 @@ i.e-cat_users-32{ background-position: -555px 0; width: 32px; height: 32px; }
|
||||
if (varset($eplug_conffile))
|
||||
{
|
||||
$eplug_name = $tp->toHTML($eplug_name,FALSE,"defs, emotes_off");
|
||||
$plugin_icon = $eplug_icon_small ? "<img class='icon S16' src='".e_PLUGIN.$eplug_icon_small."' alt='' />" : E_16_PLUGIN;
|
||||
$plugin_icon_32 = $eplug_icon ? "<img class='icon S32' src='".e_PLUGIN.$eplug_icon."' alt='' />" : E_32_PLUGIN;
|
||||
$plugin_icon = $eplug_icon_small ? "<img class='icon S16' src='".e_PLUGIN_ABS.$eplug_icon_small."' alt='' />" : E_16_PLUGIN;
|
||||
$plugin_icon_32 = $eplug_icon ? "<img class='icon S32' src='".e_PLUGIN_ABS.$eplug_icon."' alt='' />" : E_32_PLUGIN;
|
||||
$plugin_array['p-'.$plugin_path] = array(
|
||||
'key' => 'p-'.$plugin_path,
|
||||
'link' => e_PLUGIN.$plugin_path."/".$eplug_conffile,
|
||||
|
||||
323
usersettings.php
323
usersettings.php
@@ -21,11 +21,71 @@ Admin log events:
|
||||
USET_01 - admin changed user data
|
||||
*/
|
||||
|
||||
if(is_numeric($_SERVER["QUERY_STRING"]))
|
||||
if(preg_match('/^\/(.*?)\/(usersettings\.php|user\/edit)(\?|\/)(\d+)$/i', $_SERVER['REQUEST_URI'], $_usersettings_matches))
|
||||
{
|
||||
$eplug_admin = TRUE;
|
||||
}
|
||||
|
||||
require_once ('class2.php');
|
||||
|
||||
|
||||
class usersetting_admin extends e_admin_dispatcher
|
||||
{
|
||||
|
||||
protected $modes = array(
|
||||
'main' => array(
|
||||
'controller' => 'usersettings_admin_ui',
|
||||
'path' => null,
|
||||
'ui' => null,
|
||||
'uipath' => null,
|
||||
//'perm' => '0',
|
||||
)
|
||||
);
|
||||
|
||||
|
||||
protected $adminMenu = array(
|
||||
'main/list' => array('caption'=> LAN_MANAGE, 'perm' => '0', 'url' => '{e_ADMIN}users.php'),
|
||||
'main/add' => array('caption'=> LAN_USER_QUICKADD, 'perm' => '4|U0|U1', 'url' => '{e_ADMIN}users.php'),
|
||||
'main/prefs' => array('caption'=> LAN_OPTIONS, 'perm' => '4|U2', 'url' => '{e_ADMIN}users.php'),
|
||||
'main/ranks' => array('caption'=> LAN_USER_RANKS, 'perm' => '4|U3', 'url' => '{e_ADMIN}users.php')
|
||||
);
|
||||
|
||||
protected $adminMenuAliases = array(
|
||||
'main/edit' => 'main/list',
|
||||
'main/admin' => 'main/list',
|
||||
'main/userclass'=> 'main/list',
|
||||
'main/test' => 'main/list',
|
||||
);
|
||||
|
||||
|
||||
|
||||
protected $menuTitle = 'users';
|
||||
|
||||
|
||||
public function runObservers($run_header = true)
|
||||
{
|
||||
// Catch useraction
|
||||
if (isset($_POST['updatesettings']))
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
return parent::runObservers($run_header);
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
class usersettings_admin_ui extends e_admin_ui
|
||||
{
|
||||
public function EditPage()
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);
|
||||
|
||||
define("US_DEBUG",FALSE);
|
||||
@@ -46,9 +106,9 @@ if ((!ADMIN || !getperms("4")) && e_QUERY && e_QUERY != "update" )
|
||||
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_user.php'); // Generic user-related language defines
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_usersettings.php');
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
require_once (e_HANDLER.'ren_help.php');
|
||||
require_once (e_HANDLER.'user_extended_class.php');
|
||||
// require_once (e_HANDLER.'user_handler.php');
|
||||
@@ -85,11 +145,11 @@ else
|
||||
|
||||
|
||||
e107::js('footer-inline',"
|
||||
function addtext_us(sc)
|
||||
{
|
||||
document.getElementById('dataform').image.value = sc;
|
||||
}
|
||||
");
|
||||
function addtext_us(sc)
|
||||
{
|
||||
document.getElementById('dataform').image.value = sc;
|
||||
}
|
||||
");
|
||||
|
||||
|
||||
|
||||
@@ -107,19 +167,33 @@ $savePassword = '';
|
||||
$inp = USERID; // Initially assume that user is modifying their own data.
|
||||
$_uid = false; // FALSE if user modifying their own data; otherwise ID of data being modified
|
||||
$adminEdit = FALSE; // FALSE if editing own data. TRUE if admin edit
|
||||
|
||||
if(is_numeric(e_QUERY))
|
||||
{ // Trying to edit specific user record
|
||||
if (ADMIN)
|
||||
{ // Admin edit of specific record
|
||||
$inp = (int)e_QUERY;
|
||||
$_uid = $inp;
|
||||
$info = get_user_data($inp);
|
||||
{ // Admin edit of specific record
|
||||
/*
|
||||
$_usersettings_matches = Array
|
||||
(
|
||||
[0] => /e107/usersettings.php?# OR /e107/edit/user/#
|
||||
[1] => e107
|
||||
[2] => usersettings.php OR edit/user
|
||||
[3] => ? OR /
|
||||
[4] => #
|
||||
)
|
||||
*/
|
||||
$inp = intval(e_QUERY);
|
||||
|
||||
$usersettings_form_action = strstr('?', $_usersettings_matches[3]) ? e_SELF.'?'.e_QUERY : e_SELF;
|
||||
|
||||
$_uid = $inp;
|
||||
$info = get_user_data($inp);
|
||||
//Only site admin is able to change setting for other admins
|
||||
if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || ADMINPERMS !== '0')) || ((!defined('ADMINPERMS') || ADMINPERMS !== '0') && !getperms('4')))
|
||||
{
|
||||
header('location:'.e_BASE.'index.php');
|
||||
exit();
|
||||
}
|
||||
if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || ADMINPERMS !== '0')) || ((!defined('ADMINPERMS') || ADMINPERMS !== '0') && !getperms('4')))
|
||||
{
|
||||
header('location:'.e_BASE.'index.php');
|
||||
exit();
|
||||
}
|
||||
$adminEdit = TRUE; // Flag to indicate admin edit
|
||||
}
|
||||
else
|
||||
@@ -135,26 +209,26 @@ if($adminEdit) // try to stay in Admin when admin is editing.
|
||||
$mes = e107::getMessage();
|
||||
$ADMIN_USERSETTINGS_EDIT = $mes->render(). "
|
||||
<table class='table adminform'>
|
||||
<colgroup span='2'>
|
||||
<col class='col-label' />
|
||||
<col class='col-control' />
|
||||
</colgroup>
|
||||
<colgroup span='2'>
|
||||
<col class='col-label' />
|
||||
<col class='col-control' />
|
||||
</colgroup>
|
||||
|
||||
{USERNAME}
|
||||
{LOGINNAME}
|
||||
|
||||
<tr>
|
||||
<td>".LAN_USER_60.req(!$pref['disable_emailcheck'])."</td>
|
||||
<td>
|
||||
{EMAIL}
|
||||
</td>
|
||||
<td>".LAN_USER_60.req(!$pref['disable_emailcheck'])."</td>
|
||||
<td>
|
||||
{EMAIL}
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>".LAN_USER_63.req($pref['signup_option_realname'])."</td>
|
||||
<td>
|
||||
{REALNAME}
|
||||
</td>
|
||||
<td>".LAN_USER_63.req($pref['signup_option_realname'])."</td>
|
||||
<td>
|
||||
{REALNAME}
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
{CUSTOMTITLE}
|
||||
@@ -165,41 +239,43 @@ if($adminEdit) // try to stay in Admin when admin is editing.
|
||||
|
||||
|
||||
<tr>
|
||||
<td>".LAN_USER_83."</td>
|
||||
<td><span class='defaulttext'>
|
||||
{HIDEEMAIL=radio}
|
||||
</span>
|
||||
<td>".LAN_USER_83."</td>
|
||||
<td><span class='defaulttext'>
|
||||
{HIDEEMAIL=radio}
|
||||
</span>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td>".LAN_USER_07.req($pref['signup_option_image'])."</td>
|
||||
<td>
|
||||
{AVATAR_REMOTE}
|
||||
{AVATAR_REMOTE}
|
||||
</td>
|
||||
</tr>
|
||||
</tr>
|
||||
|
||||
{AVATAR_UPLOAD}
|
||||
{PHOTO_UPLOAD}
|
||||
{AVATAR_UPLOAD}
|
||||
{PHOTO_UPLOAD}
|
||||
|
||||
{USERCLASSES}
|
||||
{USEREXTENDED_ALL}
|
||||
{USERCLASSES}
|
||||
{USEREXTENDED_ALL}
|
||||
|
||||
|
||||
{SIGNATURE=cols=58&rows=4}
|
||||
{SIGNATURE_HELP}
|
||||
</tr>
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
|
||||
{SIGNATURE=cols=58&rows=4}
|
||||
{SIGNATURE_HELP}
|
||||
</tr>
|
||||
</table>
|
||||
<div class='buttons-bar center'>
|
||||
".e107::getForm()->admin_button('updatesettings',LAN_UPDATE,'update')."
|
||||
</div>
|
||||
|
||||
";
|
||||
|
||||
|
||||
$USERSETTINGS_EDIT = $ADMIN_USERSETTINGS_EDIT;
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/admin/lan_admin.php");
|
||||
require_once (e_ADMIN."auth.php");
|
||||
</div>
|
||||
|
||||
";
|
||||
|
||||
|
||||
$USERSETTINGS_EDIT = $ADMIN_USERSETTINGS_EDIT;
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/admin/lan_admin.php");
|
||||
new usersetting_admin();
|
||||
require_once (e_ADMIN."auth.php");
|
||||
//e107::getAdminUI()->runPage();
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -312,8 +388,8 @@ if (isset($_POST['updatesettings']))
|
||||
// See if user just wants to delete existing photo
|
||||
if (isset($_POST['user_delete_photo']))
|
||||
{
|
||||
$photo_to_delete = $udata['user_sess'];
|
||||
$changedUserData['user_sess'] = '';
|
||||
$photo_to_delete = $udata['user_sess'];
|
||||
$changedUserData['user_sess'] = '';
|
||||
}
|
||||
|
||||
|
||||
@@ -343,10 +419,10 @@ if (isset($_POST['updatesettings']))
|
||||
unset($changedUserData['user_class']); // We always recalculate this
|
||||
if (FALSE === $adminEdit)
|
||||
{ // Make sure admin can't edit another's user classes
|
||||
if (!is_object($e_userclass))
|
||||
{
|
||||
$e_userclass = new user_class;
|
||||
}
|
||||
if (!is_object($e_userclass))
|
||||
{
|
||||
$e_userclass = new user_class;
|
||||
}
|
||||
$ucList = $e_userclass->get_editable_classes(USERCLASS_LIST,TRUE); // List of classes which this user can edit
|
||||
if (count($ucList))
|
||||
{
|
||||
@@ -403,19 +479,19 @@ elseif (isset($_POST['SaveValidatedInfo']))
|
||||
$new_data = base64_decode($_POST['updated_data']);
|
||||
if (md5($new_data) != $_POST['updated_key'])
|
||||
{ // Should only happen if someone's fooling around
|
||||
echo 'Mismatch on validation key<br />';
|
||||
exit();
|
||||
}
|
||||
echo 'Mismatch on validation key<br />';
|
||||
exit();
|
||||
}
|
||||
|
||||
if (isset($_POST['updated_extended']))
|
||||
{
|
||||
$new_extended = base64_decode($_POST['updated_extended']);
|
||||
if (md5($new_extended) != $_POST['extended_key'])
|
||||
if (isset($_POST['updated_extended']))
|
||||
{
|
||||
$new_extended = base64_decode($_POST['updated_extended']);
|
||||
if (md5($new_extended) != $_POST['extended_key'])
|
||||
{ // Should only happen if someone's fooling around
|
||||
echo 'Mismatch on validity key<br />';
|
||||
exit();
|
||||
}
|
||||
}
|
||||
echo 'Mismatch on validity key<br />';
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
if ($userMethods->CheckPassword($_POST['currentpassword'], $udata['user_loginname'], $udata['user_password']) === false) // Use old data to validate
|
||||
|
||||
@@ -427,7 +503,7 @@ elseif (isset($_POST['SaveValidatedInfo']))
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
exit();
|
||||
}
|
||||
@@ -735,39 +811,39 @@ if ($promptPassword)
|
||||
$extended_key = md5($updated_extended);
|
||||
$updated_extended = base64_encode($updated_extended);
|
||||
$text = "<form method='post' action='".e_SELF.(e_QUERY ? "?".e_QUERY : '')."'>
|
||||
<table><tr><td style='text-align:center'>";
|
||||
foreach ($_POST as $k => $v)
|
||||
{
|
||||
if (is_array($v))
|
||||
<table><tr><td style='text-align:center'>";
|
||||
foreach ($_POST as $k => $v)
|
||||
{
|
||||
foreach ($v as $sk => $sv)
|
||||
if (is_array($v))
|
||||
{
|
||||
$text .= "<input type='hidden' name='{$k}[{$sk}]' value='{$sv}' />\n";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$text .= "<input type='hidden' name='{$k}' value='{$v}' />\n";
|
||||
}
|
||||
}
|
||||
$text .= LAN_USET_21."</td></tr><tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='password' name='currentpassword' value='' size='30' />";
|
||||
$text .= "<input type='hidden' name='updated_data' value='{$updated_data}' /><input type='hidden' name='updated_key' value='{$validation_key}' />
|
||||
<input type='hidden' name='updated_extended' value='{$updated_extended}' /><input type='hidden' name='extended_key' value='{$extended_key}' />
|
||||
</td></tr>
|
||||
<tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='submit' name='SaveValidatedInfo' value='".LAN_ENTER."' /></td></tr>
|
||||
</table>
|
||||
</form>";
|
||||
$ns->tablerender(LAN_USET_39, $text);
|
||||
if(!$adminEdit)
|
||||
{
|
||||
require_once (FOOTERF);
|
||||
foreach ($v as $sk => $sv)
|
||||
{
|
||||
$text .= "<input type='hidden' name='{$k}[{$sk}]' value='{$sv}' />\n";
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
$text .= "<input type='hidden' name='{$k}' value='{$v}' />\n";
|
||||
}
|
||||
}
|
||||
$text .= LAN_USET_21."</td></tr><tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='password' name='currentpassword' value='' size='30' />";
|
||||
$text .= "<input type='hidden' name='updated_data' value='{$updated_data}' /><input type='hidden' name='updated_key' value='{$validation_key}' />
|
||||
<input type='hidden' name='updated_extended' value='{$updated_extended}' /><input type='hidden' name='extended_key' value='{$extended_key}' />
|
||||
</td></tr>
|
||||
<tr><td> </td></tr>
|
||||
<tr><td style='text-align:center'><input type='submit' name='SaveValidatedInfo' value='".LAN_ENTER."' /></td></tr>
|
||||
</table>
|
||||
</form>";
|
||||
$ns->tablerender(LAN_USET_39, $text);
|
||||
if(!$adminEdit)
|
||||
{
|
||||
require_once (FOOTERF);
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -798,10 +874,12 @@ if (vartrue($_POST))
|
||||
}
|
||||
}
|
||||
|
||||
require_once (e_HANDLER."form_handler.php");
|
||||
$rs = new form;
|
||||
//require_once (e_HANDLER."form_handler.php");
|
||||
//$rs = new form;
|
||||
|
||||
$text = (e_QUERY ? $rs->form_open("post", e_SELF."?".e_QUERY, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'") : $rs->form_open("post", e_SELF, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'"));
|
||||
$text = '<form method="post" action="'.$usersettings_form_action.'" id="dataform" class="form-horizontal" role="form" enctype="multipart/form-data">';
|
||||
|
||||
//$text = (is_numeric($_uid) ? $rs->form_open("post", e_SELF."?".e_QUERY, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'") : $rs->form_open("post", e_SELF, "dataform", "", " class='form-horizontal' role='form' enctype='multipart/form-data'"));
|
||||
|
||||
if (e_QUERY == "update")
|
||||
{
|
||||
@@ -815,8 +893,8 @@ $text .= $tp->parseTemplate($USERSETTINGS_EDIT, false, $usersettings_shortcodes)
|
||||
|
||||
|
||||
$text .= "<div><input type='hidden' name='_uid' value='{$uuid}' /></div>
|
||||
</form>
|
||||
";
|
||||
</form>
|
||||
";
|
||||
|
||||
$caption = (isset($USERSETTINGS_EDIT_CAPTION)) ? $USERSETTINGS_EDIT_CAPTION : LAN_USET_39; // 'Update User Settings'
|
||||
|
||||
@@ -828,7 +906,7 @@ if(!$adminEdit)
|
||||
}
|
||||
else
|
||||
{
|
||||
require_once(e_ADMIN."footer.php");
|
||||
require_once(e_ADMIN."footer.php");
|
||||
}
|
||||
|
||||
|
||||
@@ -867,33 +945,4 @@ function delete_file($fname, $dir = 'avatars/')
|
||||
return false;
|
||||
}
|
||||
|
||||
function usersettings_adminmenu()
|
||||
{
|
||||
include_lan(e_LANGUAGEDIR.e_LANGUAGE.'/admin/lan_admin.php');
|
||||
|
||||
if ($action == '')
|
||||
{
|
||||
$action = 'main';
|
||||
}
|
||||
// ##### Display options
|
||||
$var = array();
|
||||
$var ['main']['text'] = LAN_USER_LIST;
|
||||
$var ['main']['link'] = e_ADMIN.'users.php';
|
||||
$var ['main']['perm'] = '4';
|
||||
$var ['create']['text'] = LAN_USER_QUICKADD;
|
||||
$var ['create']['link'] = e_ADMIN.'users.php?create';
|
||||
$var ['create']['perm'] = '4|U1';
|
||||
$var ['prune']['text'] = LAN_USER_PRUNE;
|
||||
$var ['prune']['link'] = e_ADMIN.'users.php?prune';// Will be moved to "Schedule tasks"
|
||||
$var ['prune']['perm'] = '4';
|
||||
$var ['options']['text'] = LAN_OPTIONS;
|
||||
$var ['options']['link'] = e_ADMIN.'users.php?options';
|
||||
$var ['options']['perm'] = '4|U2';
|
||||
$var ['ranks']['text'] = LAN_USER_RANKS;
|
||||
$var ['ranks']['link'] = e_ADMIN.'users.php?ranks';
|
||||
$var ['ranks']['perm'] = '4|U3';
|
||||
// $var['mailing']['text']= USRLAN_121;
|
||||
// $var['mailing']['link']="mailout.php";
|
||||
show_admin_menu(LAN_USER_OPTIONS, $action,$var);
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user