From 5e06c10ef907249cabae7200cf9d8ca9cbf26e7c Mon Sep 17 00:00:00 2001
From: Awilum <awilum@msn.com>
Date: Wed, 15 Jan 2014 00:39:00 +0200
Subject: [PATCH] Users Plugin: Improvements

---
 plugins/box/users/users.admin.php             |  9 --
 plugins/box/users/users.plugin.php            |  8 +-
 plugins/box/users/views/backend/add.view.php  | 94 +++++++++----------
 plugins/box/users/views/backend/edit.view.php |  7 +-
 .../box/users/views/backend/index.view.php    |  2 +-
 5 files changed, 56 insertions(+), 64 deletions(-)

diff --git a/plugins/box/users/users.admin.php b/plugins/box/users/users.admin.php
index c72e7cc..7611422 100755
--- a/plugins/box/users/users.admin.php
+++ b/plugins/box/users/users.admin.php
@@ -1,14 +1,5 @@
 <?php
 
-// Check if is user is logged in then set variables for welcome button
-if (Session::exists('user_id')) {
-    $user_id = Session::get('user_id');
-    $user_login = Session::get('user_login');
-} else {
-    $user_id = '';
-    $user_login = '';
-}
-
 // Add plugin navigation link
 Navigation::add(__('Users', 'users'), 'system', 'users', 2);
 
diff --git a/plugins/box/users/users.plugin.php b/plugins/box/users/users.plugin.php
index 0006803..d05c406 100644
--- a/plugins/box/users/users.plugin.php
+++ b/plugins/box/users/users.plugin.php
@@ -21,8 +21,12 @@ Plugin::register( __FILE__,
                 'users',
                 'box');
 
-// Include Users Admin
-Plugin::Admin('users', 'box');
+if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin', 'editor'))) {
+
+    // Include Users Admin
+    Plugin::Admin('users', 'box');
+    
+}
 
 // Add Plugin Javascript
 Javascript::add('plugins/box/users/js/users.js', 'backend');
diff --git a/plugins/box/users/views/backend/add.view.php b/plugins/box/users/views/backend/add.view.php
index c73f128..7825b24 100644
--- a/plugins/box/users/views/backend/add.view.php
+++ b/plugins/box/users/views/backend/add.view.php
@@ -1,64 +1,62 @@
 <!-- Users_add -->
 <h2><?php echo __('New User Registration', 'users'); ?></h2>
 <?php
-
     echo (
         Html::br().
         Form::open().
         Form::hidden('csrf', Security::token())
-        );
-    ?>
+    );
+?>
  <div class="row">
     <div class="col-md-6">
-    <div class="form-group">
-    <?php
-        echo (
-            Form::label('login', __('Username', 'users')).
-            Form::input('login', null, array('class' => (isset($errors['users_this_user_alredy_exists']) || isset($errors['users_empty_login'])) ? 'form-control error-field' : 'form-control'))
-        );
+        <div class="form-group">
+        <?php
+            echo (
+                Form::label('login', __('Username', 'users')).
+                Form::input('login', null, array('class' => (isset($errors['users_this_user_alredy_exists']) || isset($errors['users_empty_login'])) ? 'form-control error-field' : 'form-control'))
+            );
 
-        if (isset($errors['users_this_user_alredy_exists'])) echo '<span class="error-message">'.$errors['users_this_user_alredy_exists'].'</span>';
-        if (isset($errors['users_empty_login'])) echo '<span class="error-message">'.$errors['users_empty_login'].'</span>';
-    ?>
-    </div>
+            if (isset($errors['users_this_user_alredy_exists'])) echo '<span class="error-message">'.$errors['users_this_user_alredy_exists'].'</span>';
+            if (isset($errors['users_empty_login'])) echo '<span class="error-message">'.$errors['users_empty_login'].'</span>';
+        ?>
+        </div>
 
-    <div class="form-group">
-    <?php 
-        echo (
-            Form::label('password', __('Password', 'users')).
-            Form::password('password', null, array('class' => (isset($errors['users_empty_password'])) ? 'form-control error-field' : 'form-control'))
-        );
-        if (isset($errors['users_empty_password'])) echo '<span class="error-message">'.$errors['users_empty_password'].'</span>';
-    ?>
-    </div>
+        <div class="form-group">
+        <?php 
+            echo (
+                Form::label('password', __('Password', 'users')).
+                Form::password('password', null, array('class' => (isset($errors['users_empty_password'])) ? 'form-control error-field' : 'form-control'))
+            );
+            if (isset($errors['users_empty_password'])) echo '<span class="error-message">'.$errors['users_empty_password'].'</span>';
+        ?>
+        </div>
 
-    <div class="form-group">
-    <?php
+        <div class="form-group">
+        <?php
 
-        echo (
-            Form::label('email', __('Email', 'users')).
-            Form::input('email', null, array('class' => (isset($errors['users_this_email_alredy_exists']) || isset($errors['users_empty_email'])) ? 'form-control error-field' : 'form-control'))
-        );
+            echo (
+                Form::label('email', __('Email', 'users')).
+                Form::input('email', null, array('class' => (isset($errors['users_this_email_alredy_exists']) || isset($errors['users_empty_email'])) ? 'form-control error-field' : 'form-control'))
+            );
 
-        if (isset($errors['users_this_email_alredy_exists'])) echo '<span class="error-message">'.$errors['users_this_email_alredy_exists'].'</span>';
-        if (isset($errors['users_empty_email'])) echo '<span class="error-message">'.$errors['users_empty_email'].'</span>';
-    ?>
-    </div>
-    <div class="form-group">
-    <?php
-        echo (
-            Form::label('role', __('Role', 'users')).
-            Form::select('role', array('admin' => __('Admin', 'users'), 'editor' => __('Editor', 'users'), 'user' => __('User', 'users')), null, array('class' => 'form-control'))
-        );
-    ?>
-    </div>
-    <?php
-        echo (
-            Form::submit('register', __('Register', 'users'), array('class' => 'btn btn-primary')).Html::nbsp(2).
-            Html::anchor(__('Cancel', 'users'), 'index.php?id=users', array('title' => __('Cancel', 'users'), 'class' => 'btn btn-default')).
-            Form::close()
-        );
-    ?>
-    </div>
+            if (isset($errors['users_this_email_alredy_exists'])) echo '<span class="error-message">'.$errors['users_this_email_alredy_exists'].'</span>';
+            if (isset($errors['users_empty_email'])) echo '<span class="error-message">'.$errors['users_empty_email'].'</span>';
+        ?>
+        </div>
+        <div class="form-group">
+        <?php
+            echo (
+                Form::label('role', __('Role', 'users')).
+                Form::select('role', array('admin' => __('Admin', 'users'), 'editor' => __('Editor', 'users'), 'user' => __('User', 'users')), null, array('class' => 'form-control'))
+            );
+        ?>
+        </div>
+        <?php
+            echo (
+                Form::submit('register', __('Register', 'users'), array('class' => 'btn btn-primary')).Html::nbsp(2).
+                Html::anchor(__('Cancel', 'users'), 'index.php?id=users', array('title' => __('Cancel', 'users'), 'class' => 'btn btn-default')).
+                Form::close()
+            );
+        ?>
     </div>
 </div>
\ No newline at end of file
diff --git a/plugins/box/users/views/backend/edit.view.php b/plugins/box/users/views/backend/edit.view.php
index f27a340..205bfba 100644
--- a/plugins/box/users/views/backend/edit.view.php
+++ b/plugins/box/users/views/backend/edit.view.php
@@ -16,7 +16,7 @@
             Form::hidden('user_id', Request::get('user_id'))
         );
 
-        if (isset($_SESSION['user_role']) && in_array($_SESSION['user_role'], array('admin'))) {
+        if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
     ?>
         <div class="form-group">
     <?php
@@ -78,7 +78,7 @@
     ?>
         </div>
     <?php
-        if (isset($_SESSION['user_role']) && in_array($_SESSION['user_role'], array('admin'))) {
+        if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
     ?>
         <div class="form-group">
     <?php
@@ -88,7 +88,7 @@
         </div>
     <?php
         } else {
-            echo Form::hidden('role', $_SESSION['user_role']);
+            echo Form::hidden('role', Session::get('user_role'));
         }
 
         echo (
@@ -127,7 +127,6 @@
 
 </div>
 
-<div style="clear:both;"></div>
 
 <?php
     } else {
diff --git a/plugins/box/users/views/backend/index.view.php b/plugins/box/users/views/backend/index.view.php
index 1bc8838..b218b3b 100755
--- a/plugins/box/users/views/backend/index.view.php
+++ b/plugins/box/users/views/backend/index.view.php
@@ -47,7 +47,7 @@
             <div class="pull-right">
             <?php echo Html::anchor(__('Edit', 'users'), 'index.php?id=users&action=edit&user_id='.$user['id'], array('class' => 'btn btn-primary')); ?>
             <?php
-                if ((int)$user['id'] != (int)$_SESSION['user_id']) {
+                if ((int)$user['id'] != (int)Session::get('user_id')) {
                     echo Html::anchor(__('Delete', 'users'),
                        'index.php?id=users&action=delete&user_id='.$user['id'].'&token='.Security::token(),
                        array('class' => 'btn btn-danger', 'onclick' => "return confirmDelete('".__('Delete user: :user', 'users', array(':user' => Html::toText($user['login'])))."')"));