diff options
Diffstat (limited to 'admin/users.php')
| -rw-r--r-- | admin/users.php | 181 |
1 files changed, 181 insertions, 0 deletions
diff --git a/admin/users.php b/admin/users.php new file mode 100644 index 00000000..350d1289 --- /dev/null +++ b/admin/users.php @@ -0,0 +1,181 @@ +<?php + +/* + + Copyright (c) 2001 - 2005 Ampache.org + All rights reserved. + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ + +/*! + @header Users Admin Page + Handles User management functions + +*/ + +require_once ("../modules/init.php"); + +if (!$user->has_access(100)) { + access_denied(); +} + + +$action = scrub_in($_REQUEST['action']); + + +show_template('header'); + +show_menu_items('Admin'); +show_admin_menu('Users'); +show_clear(); + +$user_id = scrub_in($_REQUEST['user']); +$temp_user = new User($user_id); + +switch ($action) { + case 'edit': + if (conf('demo_mode')) { break; } + show_user_form($temp_user->id, + $temp_user->username, + $temp_user->fullname, + $temp_user->email, + $temp_user->access, + 'edit_user', + ''); + break; + + case 'update_user': + if (conf('demo_mode')) { break; } + + /* Clean up the variables */ + $username = scrub_in($_REQUEST['new_username']); + $fullname = scrub_in($_REQUEST['new_fullname']); + $email = scrub_in($_REQUEST['new_email']); + $access = scrub_in($_REQUEST['user_access']); + $pass1 = scrub_in($_REQUEST['new_password_1']); + $pass2 = scrub_in($_REQUEST['new_password_2']); + + /* Setup the temp user */ + $thisuser = new User($username); + + /* Verify Input */ + if (empty($username)) { + $GLOBALS['error']->add_error('username',_("Error Username Required")); + } + if ($pass1 !== $pass2 AND !empty($pass1)) { + $GLOBALS['error']->add_error('password',_("Error Passwords don't match")); + } + + /* If we've got an error then break! */ + if ($GLOBALS['error']->error_state) { + show_user_form($temp_user->id, + $thisuser->username, + $thisuser->fullname, + $thisuser->email, + $thisuser->access, + 'edit_user', + ''); + break; + } // if we've had an oops! + + if ($access != $thisuser->access) { + $thisuser->update_access($access); + } + if ($email != $thisuser->email) { + $thisuser->update_email($email); + } + if ($username != $thisuser->username) { + $thisuser->update_username($username); + } + if ($fullname != $user->fullname) { + $thisuser->update_fullname($fullname); + } + if ($pass1 == $pass2 && strlen($pass1)) { + $thisuser->update_password($pass1); + } + show_confirmation("User Updated", $thisuser->username . "'s information has been updated","admin/users.php"); + break; + case 'add_user': + if (conf('demo_mode')) { break; } + $username = scrub_in($_REQUEST['new_username']); + $fullname = scrub_in($_REQUEST['new_fullname']); + $email = scrub_in($_REQUEST['new_email']); + $access = scrub_in($_REQUEST['user_access']); + $pass1 = scrub_in($_REQUEST['new_password_1']); + $pass2 = scrub_in($_REQUEST['new_password_2']); + if (($pass1 !== $pass2)) { + $GLOBALS['error']->add_error('password',_("Error Passwords don't match")); + } + if (empty($username)) { + $GLOBALS['error']->add_error('username',_("Error Username Required")); + } + if (!$user->create($username, $fullname, $email, $pass1, $access)) { + $GLOBALS['error']->add_error('general',"Error: Insert Failed"); + } + /* If we end up with an error */ + if ($GLOBALS['error']->error_state) { + show_user_form('','$username','$fullname','$email','$access','new_user',''); + break; + } + show_confirmation("New User Added",$username . " has been created with an access level of " . $access,"admin/users.php"); + break; + case 'delete': + if (conf('demo_mode')) { break; } + show_confirm_action(_("Are you sure you want to permanently delete") . " $temp_user->fullname ($temp_user->username) ?", + "admin/users.php", + "action=confirm_delete&user=$temp_user->username"); + break; + + case 'confirm_delete': + if (conf('demo_mode')) { break; } + if ($_REQUEST['confirm'] == _("No")) { show_manage_users(); break; } + if ($temp_user->delete()) { + show_confirmation(_("User Deleted"), "$temp_user->username has been Deleted","admin/users.php"); + } + else { + show_confirmation(_("Delete Error"), _("Unable to delete last Admin User"),"admin/users.php"); + } + break; + case 'show_add_user': + if (conf('demo_mode')) { break; } + show_user_form('','','','','','new_user',''); + break; + + case 'update': + case 'disabled': + if (conf('demo_mode')) { break; } + $level = scrub_in($_REQUEST['level']); + $thisuser = new User($_REQUEST['user']); + if ($_SESSION['userdata']['access'] == 'admin') { + $thisuser->update_access($level); + } + show_manage_users(); + break; + + default: + show_manage_users(); + +} + +echo "<br /><br />"; +show_admin_menu('Users'); +show_menu_items('Admin'); + +?> + +</body> +</html> |