has_access(100)) { access_denied(); exit(); } $action = scrub_in($_REQUEST['action']); show_template('header'); $user_id = scrub_in($_REQUEST['user']); $temp_user = new User($user_id); switch ($action) { case 'edit': if (conf('demo_mode')) { break; } $username = $temp_user->username; $fullname = $temp_user->fullname; $email = $temp_user->email; $access = $temp_user->access; $id = $temp_user->id; require_once(conf('prefix') . '/templates/show_edit_user.inc.php'); break; case 'update_user': if (conf('demo_mode')) { break; } /* Clean up the variables */ $username = scrub_in($_REQUEST['new_username']); $fullname = scrub_in($_REQUEST['new_fullname']); $email = scrub_in($_REQUEST['new_email']); $access = scrub_in($_REQUEST['user_access']); $pass1 = scrub_in($_REQUEST['new_password_1']); $pass2 = scrub_in($_REQUEST['new_password_2']); /* Setup the temp user */ $thisuser = new User($username); /* Verify Input */ if (empty($username)) { $GLOBALS['error']->add_error('username',_("Error Username Required")); } if ($pass1 !== $pass2 AND !empty($pass1)) { $GLOBALS['error']->add_error('password',_("Error Passwords don't match")); } /* If we've got an error then break! */ if ($GLOBALS['error']->error_state) { $username = $thisuser->username; $fullname = $thisuser->fullname; $email = $thisuser->email; $access = $thisuser->access; $type = 'edit_user'; require_once(conf('prefix') . '/templates/show_edit_user.inc.php'); break; } // if we've had an oops! if ($access != $thisuser->access) { $thisuser->update_access($access); } if ($email != $thisuser->email) { $thisuser->update_email($email); } if ($username != $thisuser->username) { $thisuser->update_username($username); } if ($fullname != $user->fullname) { $thisuser->update_fullname($fullname); } if ($pass1 == $pass2 && strlen($pass1)) { $thisuser->update_password($pass1); } show_confirmation("User Updated", $thisuser->username . "'s information has been updated","admin/users.php"); break; case 'add_user': if (conf('demo_mode')) { break; } $username = scrub_in($_REQUEST['new_username']); $fullname = scrub_in($_REQUEST['new_fullname']); $email = scrub_in($_REQUEST['new_email']); $access = scrub_in($_REQUEST['user_access']); $pass1 = scrub_in($_REQUEST['new_password_1']); $pass2 = scrub_in($_REQUEST['new_password_2']); if (($pass1 !== $pass2)) { $GLOBALS['error']->add_error('password',_("Error Passwords don't match")); } if (empty($username)) { $GLOBALS['error']->add_error('username',_("Error Username Required")); } /* make sure the username doesn't already exist */ if (!check_username($username)) { $GLOBALS['error']->add_error('username',_("Error Username already exists")); } if (!$GLOBALS['error']->error_state) { /* Attempt to create the user */ if (!$user->create($username, $fullname, $email, $pass1, $access)) { $GLOBALS['error']->add_error('general',"Error: Insert Failed"); } } // if no errors /* If we end up with an error */ if ($GLOBALS['error']->error_state) { $type = 'new_user'; require_once(conf('prefix') . '/templates/show_edit_user.inc.php'); break; } show_confirmation("New User Added",$username . " has been created with an access level of " . $access,"admin/users.php"); break; case 'delete': if (conf('demo_mode')) { break; } show_confirmation(_('Deletion Request'), _("Are you sure you want to permanently delete") . " $temp_user->fullname ($temp_user->username) ?", "admin/users.php?action=confirm_delete&user=$temp_user->id"); break; case 'confirm_delete': if (conf('demo_mode')) { break; } if ($_REQUEST['confirm'] == _("No")) { show_manage_users(); break; } if ($temp_user->delete()) { show_confirmation(_("User Deleted"), "$temp_user->username has been Deleted","admin/users.php"); } else { show_confirmation(_("Delete Error"), _("Unable to delete last Admin User"),"admin/users.php"); } break; /* Show IP History for the Specified User */ case 'show_ip_history': /* get the user and their history */ $temp_user = new User($_REQUEST['user_id']); if (!isset ($_REQUEST['all'])){ $history = $temp_user->get_ip_history('',1); } else { $history = $temp_user->get_ip_history('',''); } require (conf('prefix') . '/templates/show_ip_history.inc.php'); break; case 'show_add_user': if (conf('demo_mode')) { break; } $type = 'new_user'; require_once(conf('prefix') . '/templates/show_edit_user.inc.php'); break; case 'update': case 'disabled': if (conf('demo_mode')) { break; } $level = scrub_in($_REQUEST['level']); $thisuser = new User($_REQUEST['user']); if ($GLOBALS['user']->has_access(100)) { $thisuser->update_access($level); } show_manage_users(); break; default: show_manage_users(); break; } /* Show the footer */ show_footer(); ?>