require_once(__DIR__.'/'.'inc/wfpl/format.php');
$GLOBALS['admin_users_field_to_caption'] = array(
- 'name' => 'Name',
- 'role' => 'Role',
- 'username' => 'Username',
- 'password' => 'Password',
- 'last_login' => 'Last Login',
- 'last_active' => 'Last Active'
+ 'name' => 'Name',
+ 'role' => 'Role',
+ 'username' => 'Username',
+ 'password' => 'Password',
+ 'last_login' => 'Last Login',
+ 'last_active' => 'Last Active'
);
function admin_users_get_fields() {
- $data = array();
+ $data = array();
- $data['role'] = format_options(_REQUEST_cut('role'), 'role');
- $data['name'] = format_oneline(trim(_REQUEST_cut('name')));
- $data['username'] = format_auth_username(trim(_REQUEST_cut('username')));
- $data['pass1'] = format_oneline(trim(_REQUEST_cut('pass1')));
- $data['pass2'] = format_oneline(trim(_REQUEST_cut('pass2')));
+ $data['role'] = format_options(_REQUEST_cut('role'), 'role');
+ $data['name'] = format_oneline(trim(_REQUEST_cut('name')));
+ $data['username'] = format_auth_username(trim(_REQUEST_cut('username')));
+ $data['pass1'] = format_oneline(trim(_REQUEST_cut('pass1')));
+ $data['pass2'] = format_oneline(trim(_REQUEST_cut('pass2')));
- return $data;
+ return $data;
}
function admin_users_main() {
- session_auth_must('admin_users');
+ session_auth_must('admin_users');
- $id = _REQUEST_cut('edit_id');
- if ($id) {
- return admin_users_main_form($id);
- }
+ $id = _REQUEST_cut('edit_id');
+ if ($id) {
+ return admin_users_main_form($id);
+ }
- $id = _REQUEST_cut('admin_users_delete_id');
- if ($id) {
- return admin_users_main_delete($id);
- }
+ $id = _REQUEST_cut('admin_users_delete_id');
+ if ($id) {
+ return admin_users_main_delete($id);
+ }
- if (_REQUEST_cut('new')) {
- return admin_users_main_form();
- }
+ if (_REQUEST_cut('new')) {
+ return admin_users_main_form();
+ }
- if (_REQUEST_cut('list')) {
- return admin_users_main_listing();
- }
+ if (_REQUEST_cut('list')) {
+ return admin_users_main_listing();
+ }
- if (_REQUEST_cut('download_csv')) {
- return admin_users_csv_download();
- }
+ if (_REQUEST_cut('download_csv')) {
+ return admin_users_csv_download();
+ }
- if (isset($_POST['name'])) {
- return admin_users_main_form();
- }
+ if (isset($_POST['name'])) {
+ return admin_users_main_form();
+ }
- # default action:
- return admin_users_main_listing();
+ # default action:
+ return admin_users_main_listing();
}
function admin_users_main_delete($id) {
- db_delete('users', 'where id=%i', $id);
- message('Account deleted.');
- return './admin_users';
+ db_delete('users', 'where id=%i', $id);
+ message('Account deleted.');
+ return './admin_users';
}
function admin_users_csv_download() {
- require_once(__DIR__.'/'.'inc/wfpl/csv.php');
- $rows = db_get_rows('users', 'id,'.ADMIN_USERS_DB_FIELDS, 'order by id');
- $fields = explode(',', 'id,'.ADMIN_USERS_DB_FIELDS);
- $header = array();
- foreach ($fields as $field) {
- if (isset($GLOBALS['admin_users_field_to_caption'][$field])) {
- $header[] = $GLOBALS['admin_users_field_to_caption'][$field];
- } else {
- $header[] = $field;
- }
- }
- array_unshift($rows, $header);
- array2d_to_csv_download($rows, 'admin_users.csv');
+ require_once(__DIR__.'/'.'inc/wfpl/csv.php');
+ $rows = db_get_rows('users', 'id,'.ADMIN_USERS_DB_FIELDS, 'order by id');
+ $fields = explode(',', 'id,'.ADMIN_USERS_DB_FIELDS);
+ $header = array();
+ foreach ($fields as $field) {
+ if (isset($GLOBALS['admin_users_field_to_caption'][$field])) {
+ $header[] = $GLOBALS['admin_users_field_to_caption'][$field];
+ } else {
+ $header[] = $field;
+ }
+ }
+ array_unshift($rows, $header);
+ array2d_to_csv_download($rows, 'admin_users.csv');
}
function admin_users_main_listing() {
- $data = array();
- $desc = '';
- $sort = _REQUEST_cut('sort');
- if ($sort && substr($sort, 0, 1) === '-') {
- $sort = substr($sort, 1);
- $desc = ' DESC ';
- } else {
- $data["sorting-by-$sort"] = '-';
- }
- $legal_sorts = explode(',', ADMIN_USERS_DB_FIELDS);
- if (!$sort || !in_array($sort, $legal_sorts)) {
- $sort = 'role, name';
- }
-
- $data['rows'] = db_get_assocs('users', 'id,role,name,username,last_login,last_active', "order by $sort $desc limit 1000");
- tem_set('listings', $data);
- render_timestamps();
+ $data = array();
+ $desc = '';
+ $sort = _REQUEST_cut('sort');
+ if ($sort && substr($sort, 0, 1) === '-') {
+ $sort = substr($sort, 1);
+ $desc = ' DESC ';
+ } else {
+ $data["sorting-by-$sort"] = '-';
+ }
+ $legal_sorts = explode(',', ADMIN_USERS_DB_FIELDS);
+ if (!$sort || !in_array($sort, $legal_sorts)) {
+ $sort = 'role, name';
+ }
+
+ $data['rows'] = db_get_assocs('users', 'id,role,name,username,last_login,last_active', "order by $sort $desc limit 1000");
+ tem_set('listings', $data);
+ render_timestamps();
}
function admin_users_suggested_password() {
- $character_set = "ABCDEFHJKLMNPQRTUWXY34789"; # removed all similar-looking characters
- $code = " ";
+ $character_set = "ABCDEFHJKLMNPQRTUWXY34789"; # removed all similar-looking characters
+ $code = " ";
- # PHP 4.2.0 and up seed the random number generator for you.
- # Lets hope that it seeds with something harder to guess than the clock.
- for($i = 0; $i < 10; ++$i) {
- $code{$i} = $character_set{mt_rand(0, 24)}; # inclusive
- }
+ # PHP 4.2.0 and up seed the random number generator for you.
+ # Lets hope that it seeds with something harder to guess than the clock.
+ for($i = 0; $i < 10; ++$i) {
+ $code{$i} = $character_set{mt_rand(0, 24)}; # inclusive
+ }
- return $code;
+ return $code;
}
function admin_users_main_form($id = false) {
- if ($id) {
- tem_set('id', $id);
- }
-
- pulldown('role', [
- ['admin', 'Site Administrator'],
- ['disabled', 'Account Disabled']
- ]);
-
- if (isset($_POST['name'])) {
- $data = admin_users_get_fields();
-
- if (strlen($data['username']) < 1) {
- message("Oop, Username is required");
- $data['username_bad'] = true;
- } elseif ($data['pass1'] !== $data['pass2']) {
- message("Oop, passwords didn't match. Please enter your desired password carefully (twice).");
- $data['password_bad'] = true;
- } else {
- # password hash is slow, so only do it if we're really doing a db write
- if (isset($data['pass1']) && strlen($data['pass1']) > 0) {
- # hash password for db storage
- if (!function_exists('password_hash')) {
- require_once(DOCROOT . 'inc/password_funcs_backported.php');
- }
- $data['password'] = password_hash($data['pass1'], PASSWORD_DEFAULT);
- }
- unset($data['pass1']);
- unset($data['pass2']);
- if ($id) {
- db_update_assoc('users', $data, 'where id=%i', $id);
- message('Account updated.');
- } else {
- db_insert_assoc('users', $data);
- message('Account saved.');
- }
- return './admin_users';
- }
- # else fall through to display the form again. Field values are in $data
- } elseif ($id) {
- # we've recieved an edit id, but no data. So we grab the values to be edited from the database
- $data = db_get_assoc('users', ADMIN_USERS_DB_FIELDS, 'where id=%i', $id);
- } else {
- # form not submitted, you can set default values like so:
- #$data = array('name' => 'Yes');
- $data = array();
- }
-
- tem_set('password_suggestions', [
- admin_users_suggested_password(),
- admin_users_suggested_password(),
- admin_users_suggested_password(),
- admin_users_suggested_password(),
- admin_users_suggested_password()
- ]);
- tem_set('form', $data);
+ if ($id) {
+ tem_set('id', $id);
+ }
+
+ pulldown('role', [
+ ['admin', 'Site Administrator'],
+ ['disabled', 'Account Disabled']
+ ]);
+
+ if (isset($_POST['name'])) {
+ $data = admin_users_get_fields();
+
+ if (strlen($data['username']) < 1) {
+ message("Oop, Username is required");
+ $data['username_bad'] = true;
+ } elseif ($data['pass1'] !== $data['pass2']) {
+ message("Oop, passwords didn't match. Please enter your desired password carefully (twice).");
+ $data['password_bad'] = true;
+ } else {
+ # password hash is slow, so only do it if we're really doing a db write
+ if (isset($data['pass1']) && strlen($data['pass1']) > 0) {
+ # hash password for db storage
+ if (!function_exists('password_hash')) {
+ require_once(__DIR__.'/'.'inc/password_funcs_backported.php');
+ }
+ $data['password'] = password_hash($data['pass1'], PASSWORD_DEFAULT);
+ }
+ unset($data['pass1']);
+ unset($data['pass2']);
+ if ($id) {
+ db_update_assoc('users', $data, 'where id=%i', $id);
+ message('Account updated.');
+ } else {
+ db_insert_assoc('users', $data);
+ message('Account saved.');
+ }
+ return './admin_users';
+ }
+ # else fall through to display the form again. Field values are in $data
+ } elseif ($id) {
+ # we've recieved an edit id, but no data. So we grab the values to be edited from the database
+ $data = db_get_assoc('users', ADMIN_USERS_DB_FIELDS, 'where id=%i', $id);
+ } else {
+ # form not submitted, you can set default values like so:
+ #$data = array('name' => 'Yes');
+ $data = array();
+ }
+
+ tem_set('password_suggestions', [
+ admin_users_suggested_password(),
+ admin_users_suggested_password(),
+ admin_users_suggested_password(),
+ admin_users_suggested_password(),
+ admin_users_suggested_password()
+ ]);
+ tem_set('form', $data);
}