|
144 | 144 | break; |
145 | 145 |
|
146 | 146 | // Save user |
147 | | - case 'users_save': |
148 | | - global $xoopsConfig, $xoopsModule, $xoopsUser; |
| 147 | + // Save user |
| 148 | +case 'users_save': |
| 149 | + global $xoopsConfig, $xoopsModule, $xoopsUser; |
149 | 150 |
|
150 | | - if (Request::hasVar('uid')) { |
151 | | - //Update user |
152 | | - if (!$GLOBALS['xoopsSecurity']->check()) { |
153 | | - redirect_header('admin.php?fct=users', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
| 151 | + if (Request::hasVar('uid')) { |
| 152 | + // --- Update user --- |
| 153 | + if (!$GLOBALS['xoopsSecurity']->check()) { |
| 154 | + redirect_header('admin.php?fct=users', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
| 155 | + break; |
| 156 | + } |
| 157 | + |
| 158 | + $edituser = $member_handler->getUser($uid); |
| 159 | + if (!$edituser) { |
| 160 | + xoops_error(_AM_SYSTEM_USERS_NO_SUCH_USER); |
| 161 | + break; |
| 162 | + } |
| 163 | + |
| 164 | + // --- Validation --- |
| 165 | + if (($edituser->getVar('uname', 'n') != Request::getString('uname')) && |
| 166 | + $member_handler->getUserCount(new Criteria('uname', $xoopsDB->escape(Request::getString('uname')))) > 0) { |
| 167 | + xoops_error(sprintf(_AM_SYSTEM_USERS_PSEUDO_ERROR, htmlspecialchars(Request::getString('uname'), ENT_QUOTES | ENT_HTML5))); |
| 168 | + break; |
| 169 | + } |
| 170 | + |
| 171 | + if ($edituser->getVar('email', 'n') != Request::getEmail('email') && |
| 172 | + $member_handler->getUserCount(new Criteria('email', $xoopsDB->escape(Request::getEmail('email')))) > 0) { |
| 173 | + xoops_error(sprintf(_AM_SYSTEM_USERS_MAIL_ERROR, htmlspecialchars(Request::getEmail('email'), ENT_QUOTES | ENT_HTML5))); |
| 174 | + break; |
| 175 | + } |
| 176 | + |
| 177 | + if ('' !== Request::getString('pass2') && |
| 178 | + Request::getString('password') != Request::getString('pass2')) { |
| 179 | + xoops_error(_AM_SYSTEM_USERS_STNPDNM); |
| 180 | + break; |
| 181 | + } |
| 182 | + // --- End Validation --- |
| 183 | + |
| 184 | + // Apply changes |
| 185 | + $edituser->setVar('name', Request::getString('name')); |
| 186 | + $edituser->setVar('uname', Request::getString('uname')); |
| 187 | + $edituser->setVar('email', Request::getEmail('email')); |
| 188 | + $edituser->setVar('url', formatURL(Request::getUrl('url'))); |
| 189 | + $edituser->setVar('user_icq', Request::getString('user_icq')); |
| 190 | + $edituser->setVar('user_from', Request::getString('user_from')); |
| 191 | + $edituser->setVar('user_sig', Request::getString('user_sig')); |
| 192 | + $edituser->setVar('user_viewemail', (int)(Request::getInt('user_viewemail', 0) == 1)); |
| 193 | + $edituser->setVar('user_aim', Request::getString('user_aim')); |
| 194 | + $edituser->setVar('user_yim', Request::getString('user_yim')); |
| 195 | + $edituser->setVar('user_msnm', Request::getString('user_msnm')); |
| 196 | + $edituser->setVar('attachsig', (int)(Request::getInt('attachsig', 0) == 1)); |
| 197 | + $edituser->setVar('timezone_offset', Request::getString('timezone_offset')); |
| 198 | + $edituser->setVar('uorder', Request::getString('uorder')); |
| 199 | + $edituser->setVar('umode', Request::getString('umode')); |
| 200 | + // RMV-NOTIFY |
| 201 | + $edituser->setVar('notify_method', Request::getString('notify_method')); |
| 202 | + $edituser->setVar('notify_mode', Request::getString('notify_mode')); |
| 203 | + $edituser->setVar('bio', Request::getString('bio')); |
| 204 | + $edituser->setVar('rank', Request::getString('rank')); |
| 205 | + $edituser->setVar('user_occ', Request::getString('user_occ')); |
| 206 | + $edituser->setVar('user_intrest', Request::getString('user_intrest')); |
| 207 | + $edituser->setVar('user_mailok', Request::getInt('user_mailok', 0)); |
| 208 | + |
| 209 | + if ('' !== Request::getString('pass2')) { |
| 210 | + $edituser->setVar('pass', password_hash(Request::getString('password'), PASSWORD_DEFAULT)); |
| 211 | + } |
| 212 | + |
| 213 | + if (!$member_handler->insertUser($edituser)) { |
| 214 | + xoops_error($edituser->getHtmlErrors()); |
| 215 | + break; |
| 216 | + } |
| 217 | + |
| 218 | + // Groups |
| 219 | + $groups = Request::getArray('groups', []); |
| 220 | + if (!empty($groups)) { |
| 221 | + $oldgroups = $edituser->getGroups(); |
| 222 | + // Prevent removing yourself from webmasters |
| 223 | + if ($edituser->getVar('uid') == $xoopsUser->getVar('uid') |
| 224 | + && in_array(XOOPS_GROUP_ADMIN, $oldgroups) |
| 225 | + && !in_array(XOOPS_GROUP_ADMIN, $groups)) { |
| 226 | + $groups[] = XOOPS_GROUP_ADMIN; |
| 227 | + $_REQUEST['groups'] = $groups; |
154 | 228 | } |
155 | | - // RMV-NOTIFY |
156 | | - $user_avatar = $theme = ''; |
157 | | - if (!Request::hasVar('attachsig')) { |
158 | | - $attachsig = 0; |
| 229 | + /** @var XoopsMemberHandler $member_handler */ |
| 230 | + $member_handler = xoops_getHandler('member'); |
| 231 | + foreach ($oldgroups as $groupid) { |
| 232 | + $member_handler->removeUsersFromGroup($groupid, [$edituser->getVar('uid')]); |
159 | 233 | } |
160 | | - if (!Request::hasVar('user_viewemail')) { |
161 | | - $user_viewemail = 0; |
| 234 | + foreach ($groups as $groupid) { |
| 235 | + $member_handler->addUserToGroup($groupid, $edituser->getVar('uid')); |
162 | 236 | } |
| 237 | + } |
163 | 238 |
|
164 | | - $edituser = $member_handler->getUser($uid); |
165 | | - if (($edituser->getVar('uname', 'n') != Request::getString('uname')) && ($member_handler->getUserCount(new Criteria('uname', $xoopsDB->escape(Request::getString('uname'))))) > 0) { |
166 | | - xoops_cp_header(); |
167 | | - xoops_error(sprintf(_AM_SYSTEM_USERS_PSEUDO_ERROR, htmlspecialchars(Request::getString('uname'), ENT_QUOTES | ENT_HTML5))); |
168 | | - xoops_cp_footer(); |
169 | | - } elseif ($edituser->getVar('email', 'n') != Request::getEmail('email') && $member_handler->getUserCount(new Criteria('email', $xoopsDB->escape(Request::getEmail('email')))) > 0) { |
170 | | - xoops_cp_header(); |
171 | | - xoops_error(sprintf(_AM_SYSTEM_USERS_MAIL_ERROR, htmlspecialchars(Request::getEmail('email'), ENT_QUOTES | ENT_HTML5))); |
172 | | - xoops_cp_footer(); |
173 | | - } else { |
174 | | - $edituser->setVar('name', Request::getString('name')); |
175 | | - $edituser->setVar('uname', Request::getString('uname')); |
176 | | - $edituser->setVar('email', Request::getEmail('email')); |
177 | | - $url = formatURL(Request::getUrl('url')); |
178 | | - $edituser->setVar('url', $url); |
179 | | - $edituser->setVar('user_icq', Request::getString('user_icq')); |
180 | | - $edituser->setVar('user_from', Request::getString('user_from')); |
181 | | - $edituser->setVar('user_sig', Request::getString('user_sig')); |
182 | | - $user_viewemail = (int)(Request::getInt('user_viewemail', 0) == 1); |
183 | | - $edituser->setVar('user_viewemail', $user_viewemail); |
184 | | - $edituser->setVar('user_aim', Request::getString('user_aim')); |
185 | | - $edituser->setVar('user_yim', Request::getString('user_yim')); |
186 | | - $edituser->setVar('user_msnm', Request::getString('user_msnm')); |
187 | | - $attachsig = (int)(Request::getInt('attachsig', 0) == 1); |
188 | | - $edituser->setVar('attachsig', $attachsig); |
189 | | - $edituser->setVar('timezone_offset', Request::getString('timezone_offset')); |
190 | | - $edituser->setVar('uorder', Request::getString('uorder')); |
191 | | - $edituser->setVar('umode', Request::getString('umode')); |
192 | | - // RMV-NOTIFY |
193 | | - $edituser->setVar('notify_method', Request::getString('notify_method')); |
194 | | - $edituser->setVar('notify_mode', Request::getString('notify_mode')); |
195 | | - $edituser->setVar('bio', Request::getString('bio')); |
196 | | - $edituser->setVar('rank', Request::getString('rank')); |
197 | | - $edituser->setVar('user_occ', Request::getString('user_occ')); |
198 | | - $edituser->setVar('user_intrest', Request::getString('user_intrest')); |
199 | | - $edituser->setVar('user_mailok', Request::getString('user_mailok')); |
200 | | - if ('' !== Request::getString('pass2')) { |
201 | | - if (Request::getString('password') != Request::getString('pass2')) { |
202 | | - xoops_cp_header(); |
203 | | - echo ' |
204 | | - <strong>' . _AM_SYSTEM_USERS_STNPDNM . '</strong>'; |
205 | | - xoops_cp_footer(); |
206 | | - exit(); |
207 | | - } |
208 | | - $edituser->setVar('pass', password_hash(Request::getString('password'), PASSWORD_DEFAULT)); |
209 | | - } |
210 | | - if (!$member_handler->insertUser($edituser)) { |
211 | | - xoops_cp_header(); |
212 | | - echo $edituser->getHtmlErrors(); |
213 | | - xoops_cp_footer(); |
214 | | - } else { |
215 | | - $groups = Request::getArray('groups', []); |
216 | | - if (!empty($groups)) { |
217 | | - global $xoopsUser; |
218 | | - $oldgroups = $edituser->getGroups(); |
219 | | - //If the edited user is the current user and the current user WAS in the webmaster's group and is NOT in the new groups array |
220 | | - if ($edituser->getVar('uid') == $xoopsUser->getVar('uid') && in_array(XOOPS_GROUP_ADMIN, $oldgroups) && !in_array(XOOPS_GROUP_ADMIN, $groups)) { |
221 | | - //Add the webmaster's group to the groups array to prevent accidentally removing oneself from the webmaster's group |
222 | | - $groups[] = XOOPS_GROUP_ADMIN; |
223 | | - $_REQUEST['groups'] = $groups; // Update the global variable |
224 | | - } |
225 | | - /** @var XoopsMemberHandler $member_handler */ |
226 | | - $member_handler = xoops_getHandler('member'); |
227 | | - foreach ($oldgroups as $groupid) { |
228 | | - $member_handler->removeUsersFromGroup($groupid, [$edituser->getVar('uid')]); |
229 | | - } |
230 | | - foreach ($groups as $groupid) { |
231 | | - $member_handler->addUserToGroup($groupid, $edituser->getVar('uid')); |
232 | | - } |
233 | | - } |
234 | | - redirect_header('admin.php?fct=users', 1, _AM_SYSTEM_DBUPDATED); |
235 | | - } |
236 | | - } |
237 | | - exit(); |
238 | | - } else { |
239 | | - //Add user |
240 | | - if (!$GLOBALS['xoopsSecurity']->check()) { |
241 | | - redirect_header('admin.php?fct=users', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
242 | | - } |
243 | | - if (!Request::getString('uname') || !Request::getString('email') || !Request::getString('password')) { |
244 | | - $adduser_errormsg = _AM_SYSTEM_USERS_YMCACF; |
245 | | - } else { |
246 | | - /** @var XoopsMemberHandler $member_handler */ |
247 | | - $member_handler = xoops_getHandler('member'); |
248 | | - // make sure the username doesnt exist yet |
249 | | - if ($member_handler->getUserCount(new Criteria('uname', $xoopsDB->escape(Request::getString('uname')))) > 0) { |
250 | | - $adduser_errormsg = 'User name ' . htmlspecialchars(Request::getString('uname'), ENT_QUOTES | ENT_HTML5) . ' already exists'; |
251 | | - } else { |
252 | | - $newuser = $member_handler->createUser(); |
253 | | - $user_viewemail = Request::getInt('user_viewemail', 0); |
254 | | - $newuser->setVar('user_viewemail', $user_viewemail); |
255 | | - $attachsig = Request::getInt('attachsig', 0); |
256 | | - $newuser->setVar('attachsig', $attachsig); |
257 | | - $newuser->setVar('name', Request::getString('name')); |
258 | | - $newuser->setVar('uname', Request::getString('uname')); |
259 | | - $newuser->setVar('email', Request::getEmail('email')); |
260 | | - $newuser->setVar('url', formatURL(Request::getUrl('url'))); |
261 | | - $newuser->setVar('user_avatar', 'avatars/blank.gif'); |
262 | | - $newuser->setVar('user_regdate', time()); |
263 | | - $newuser->setVar('user_icq', Request::getString('user_icq')); |
264 | | - $newuser->setVar('user_from', Request::getString('user_from')); |
265 | | - $newuser->setVar('user_sig', Request::getString('user_sig')); |
266 | | - $newuser->setVar('user_aim', Request::getString('user_aim')); |
267 | | - $newuser->setVar('user_yim', Request::getString('user_yim')); |
268 | | - $newuser->setVar('user_msnm', Request::getString('user_msnm')); |
269 | | - if ('' !== Request::getString('pass2')) { |
270 | | - if (Request::getString('password') != Request::getString('pass2')) { |
271 | | - xoops_cp_header(); |
272 | | - echo '<strong>' . _AM_SYSTEM_USERS_STNPDNM . '</strong>'; |
273 | | - xoops_cp_footer(); |
274 | | - exit(); |
275 | | - } |
276 | | - $newuser->setVar('pass', password_hash(Request::getString('password'), PASSWORD_DEFAULT)); |
277 | | - } |
278 | | - $newuser->setVar('timezone_offset', Request::getString('timezone_offset')); |
279 | | - $newuser->setVar('uorder', Request::getString('uorder')); |
280 | | - $newuser->setVar('umode', Request::getString('umode')); |
281 | | - // RMV-NOTIFY |
282 | | - $newuser->setVar('notify_method', Request::getString('notify_method')); |
283 | | - $newuser->setVar('notify_mode', Request::getString('notify_mode')); |
284 | | - $newuser->setVar('bio', Request::getString('bio')); |
285 | | - $newuser->setVar('rank', Request::getString('rank')); |
286 | | - $newuser->setVar('level', 1); |
287 | | - $newuser->setVar('user_occ', Request::getString('user_occ')); |
288 | | - $newuser->setVar('user_intrest', Request::getString('user_intrest')); |
289 | | - $newuser->setVar('user_mailok', Request::getString('user_mailok')); |
290 | | - if (!$member_handler->insertUser($newuser)) { |
291 | | - $adduser_errormsg = _AM_SYSTEM_USERS_CNRNU; |
292 | | - } else { |
293 | | - $groups_failed = []; |
294 | | - $groups = Request::getArray('groups', []); |
295 | | - if (!empty($groups)) { |
296 | | - foreach ($groups as $group) { |
297 | | - $group = (int) $group; |
298 | | - if (!$member_handler->addUserToGroup($group, $newuser->getVar('uid'))) { |
299 | | - $groups_failed[] = $group; |
300 | | - } |
301 | | - } |
302 | | - } |
303 | | - if (!empty($groups_failed)) { |
304 | | - $group_names = $member_handler->getGroupList(new Criteria('groupid', '(' . implode(', ', $groups_failed) . ')', 'IN')); |
305 | | - $adduser_errormsg = sprintf(_AM_SYSTEM_USERS_CNRNU2, implode(', ', $group_names)); |
306 | | - } else { |
307 | | - xoops_load('XoopsUserUtility'); |
308 | | - XoopsUserUtility::sendWelcome($newuser); |
309 | | - redirect_header('admin.php?fct=users', 1, _AM_SYSTEM_DBUPDATED); |
310 | | - } |
311 | | - } |
| 239 | + redirect_header('admin.php?fct=users', 1, _AM_SYSTEM_DBUPDATED); |
| 240 | + break; |
| 241 | + |
| 242 | + } else { |
| 243 | + // --- Add user --- |
| 244 | + if (!$GLOBALS['xoopsSecurity']->check()) { |
| 245 | + redirect_header('admin.php?fct=users', 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
| 246 | + break; |
| 247 | + } |
| 248 | + |
| 249 | + if (!Request::getString('uname') || !Request::getString('email') || !Request::getString('password')) { |
| 250 | + xoops_error(_AM_SYSTEM_USERS_YMCACF); |
| 251 | + break; |
| 252 | + } |
| 253 | + |
| 254 | + /** @var XoopsMemberHandler $member_handler */ |
| 255 | + $member_handler = xoops_getHandler('member'); |
| 256 | + |
| 257 | + // Unique username |
| 258 | + if ($member_handler->getUserCount(new Criteria('uname', $xoopsDB->escape(Request::getString('uname')))) > 0) { |
| 259 | + xoops_error('User name ' . htmlspecialchars(Request::getString('uname'), ENT_QUOTES | ENT_HTML5) . ' already exists'); |
| 260 | + break; |
| 261 | + } |
| 262 | + |
| 263 | + // Password match (if confirm provided) |
| 264 | + if ('' !== Request::getString('pass2') && |
| 265 | + Request::getString('password') != Request::getString('pass2')) { |
| 266 | + xoops_error(_AM_SYSTEM_USERS_STNPDNM); |
| 267 | + break; |
| 268 | + } |
| 269 | + |
| 270 | + $newuser = $member_handler->createUser(); |
| 271 | + $newuser->setVar('user_viewemail', Request::getInt('user_viewemail', 0)); |
| 272 | + $newuser->setVar('attachsig', Request::getInt('attachsig', 0)); |
| 273 | + $newuser->setVar('name', Request::getString('name')); |
| 274 | + $newuser->setVar('uname', Request::getString('uname')); |
| 275 | + $newuser->setVar('email', Request::getEmail('email')); |
| 276 | + $newuser->setVar('url', formatURL(Request::getUrl('url'))); |
| 277 | + $newuser->setVar('user_avatar', 'avatars/blank.gif'); |
| 278 | + $newuser->setVar('user_regdate', time()); |
| 279 | + $newuser->setVar('user_icq', Request::getString('user_icq')); |
| 280 | + $newuser->setVar('user_from', Request::getString('user_from')); |
| 281 | + $newuser->setVar('user_sig', Request::getString('user_sig')); |
| 282 | + $newuser->setVar('user_aim', Request::getString('user_aim')); |
| 283 | + $newuser->setVar('user_yim', Request::getString('user_yim')); |
| 284 | + $newuser->setVar('user_msnm', Request::getString('user_msnm')); |
| 285 | + if ('' !== Request::getString('pass2')) { |
| 286 | + $newuser->setVar('pass', password_hash(Request::getString('password'), PASSWORD_DEFAULT)); |
| 287 | + } |
| 288 | + $newuser->setVar('timezone_offset', Request::getString('timezone_offset')); |
| 289 | + $newuser->setVar('uorder', Request::getString('uorder')); |
| 290 | + $newuser->setVar('umode', Request::getString('umode')); |
| 291 | + // RMV-NOTIFY |
| 292 | + $newuser->setVar('notify_method', Request::getString('notify_method')); |
| 293 | + $newuser->setVar('notify_mode', Request::getString('notify_mode')); |
| 294 | + $newuser->setVar('bio', Request::getString('bio')); |
| 295 | + $newuser->setVar('rank', Request::getString('rank')); |
| 296 | + $newuser->setVar('level', 1); |
| 297 | + $newuser->setVar('user_occ', Request::getString('user_occ')); |
| 298 | + $newuser->setVar('user_intrest', Request::getString('user_intrest')); |
| 299 | + $newuser->setVar('user_mailok', Request::getString('user_mailok')); |
| 300 | + |
| 301 | + if (!$member_handler->insertUser($newuser)) { |
| 302 | + xoops_error(_AM_SYSTEM_USERS_CNRNU); |
| 303 | + break; |
| 304 | + } |
| 305 | + |
| 306 | + $groups_failed = []; |
| 307 | + $groups = Request::getArray('groups', []); |
| 308 | + if (!empty($groups)) { |
| 309 | + foreach ($groups as $group) { |
| 310 | + $group = (int)$group; |
| 311 | + if (!$member_handler->addUserToGroup($group, $newuser->getVar('uid'))) { |
| 312 | + $groups_failed[] = $group; |
312 | 313 | } |
313 | 314 | } |
314 | | - xoops_error($adduser_errormsg); |
315 | 315 | } |
| 316 | + |
| 317 | + if (!empty($groups_failed)) { |
| 318 | + $group_names = $member_handler->getGroupList(new Criteria('groupid', '(' . implode(', ', $groups_failed) . ')', 'IN')); |
| 319 | + xoops_error(sprintf(_AM_SYSTEM_USERS_CNRNU2, implode(', ', $group_names))); |
| 320 | + break; |
| 321 | + } |
| 322 | + |
| 323 | + xoops_load('XoopsUserUtility'); |
| 324 | + XoopsUserUtility::sendWelcome($newuser); |
| 325 | + redirect_header('admin.php?fct=users', 1, _AM_SYSTEM_DBUPDATED); |
316 | 326 | break; |
| 327 | + } |
| 328 | + // end users_save |
| 329 | + |
317 | 330 |
|
318 | 331 | // Active member |
319 | 332 | case 'users_active': |
|
883 | 896 | $xoopsTpl->assign('form_token', $token); |
884 | 897 |
|
885 | 898 | // echo $requete_search; |
| 899 | + |
886 | 900 | if ($users_count > 0) { |
887 | 901 | //echo $requete_search; |
888 | 902 |
|
|
0 commit comments