[irc/unrealircd/unrealircd-webpanel.git] / settings / user-edit.php

<?php

require_once "../inc/common.php";
require_once "../inc/header.php";
do_log($_POST);

$us = unreal_get_current_user();
$id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
$edit_user = new PanelUser(NULL, $id);
$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? true : false;
$caneditprofile = ($can_edit_profile) ? "" : "disabled";
$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
$can_edit = ($caneditpermissions) ? "" : "disabled";
$postbutton = (isset($_POST['update_user'])) ? true : false;
$roles_list = get_panel_user_roles_list();

if ($postbutton && isset($_POST['user_role']) && $caneditpermissions)
{
    if ($_POST['user_role'] != $edit_user->user_meta['role'])
    {
        $edit_user->add_meta("role", $_POST['user_role']);
        $edit_user->delete_meta("permissions");
        Message::Success("Updated the role of $edit_user->username");
    }
}

if ($postbutton && $can_edit_profile)
{
    // Goes via core:
    $array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false;
    $array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false;
    $array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false;
    $array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false;
    $array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false;
    $array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false;
    // Goes via meta:
    $session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600;

    if (!$array['update_pass'])
    {
        unset($array['update_pass']);
        unset($array['update_pass_conf']);
    }
    elseif ($array['update_pass'] == $array['update_pass_conf'])
    {
        $array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
        $edit_user->delete_meta("hibp");
        $edit_user->HIBP(sha1($array['update_pass']));
        unset($array['update_pass']);
    }
    else
    {
        Message::Fail("Could not update password: Passwords did not match");
        unset($array['update_pass']);
        unset($array['update_pass_conf']);
    }
    $edit_user->update_core_info($array);
    $edit_user->add_meta("session_timeout", $session_timeout);
    $edit_user = new PanelUser($edit_user->username);
}
?>
<h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
<br>
<form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Username</span>
    </div><input disabled type="text" class="form-control" name="username" id="username" placeholder="<?php echo $edit_user->username; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Role</span>
    </div><select name="user_role" <?php echo $can_edit; ?> class="custom-select" id="user_role">
                <?php
                    foreach($roles_list as $s => $l)
                    {
                        $selected = ($s == $edit_user->user_meta['role']) ? "selected=\"selected\"" : "";
                        echo "<option value=\"$s\" $selected>$s</option>";
                    }
                ?>
            </select>
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">First Name</span>
    </div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="first_name" id="first_name" placeholder="<?php echo $edit_user->first_name; ?>">
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Last Name</span>
    </div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="last_name" id="last_name" placeholder="<?php echo $edit_user->last_name; ?>">
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Bio</span>
    </div><textarea <?php echo $caneditprofile; ?> class="form-control" name="bio" id="username"><?php echo $edit_user->bio; ?></textarea>
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Email</span>
    </div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Session timeout</span>
    </div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="session_timeout" id="session_timeout" autocomplete="off" value="<?php echo $edit_user->user_meta['session_timeout'] ?? 3600; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">New Password</span>
    </div><input <?php echo $caneditprofile; ?> type="password" class="form-control" name="password" id="password" autocomplete="off">
</div><div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Confirm Password</span>
    </div><input <?php echo $caneditprofile; ?> type="password" class="form-control" name="passwordconfirm" id="passwordconfirm" autocomplete="off">
</div>

<br>
<button type="submit" name="update_user" class="btn btn-primary">Save Changes</button><br>
</form>
<?php
require_once "../inc/footer.php";
Commit	Line	Data
fdc0088f VP	1	<?php
fdc0088f VP	2
c06c1713 BM	3	require_once "../inc/common.php";
c06c1713 BM	4	require_once "../inc/header.php";
688348a0	5	do_log($_POST);
2d62c85d VP	6
	7	$us = unreal_get_current_user();
	8	$id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
	9	$edit_user = new PanelUser(NULL, $id);
78977ce3	10	$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) \|\| $edit_user->id == $us->id) ? true : false;
6f0e7ce4	11	$caneditprofile = ($can_edit_profile) ? "" : "disabled";
78977ce3 VP	12	$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
78977ce3 VP	13	$can_edit = ($caneditpermissions) ? "" : "disabled";
688348a0	14	$postbutton = (isset($_POST['update_user'])) ? true : false;
6f0e7ce4	15	$roles_list = get_panel_user_roles_list();
78977ce3	16
6f0e7ce4	17	if ($postbutton && isset($_POST['user_role']) && $caneditpermissions)
f5173b9c	18	{
6f0e7ce4 VP	19	if ($_POST['user_role'] != $edit_user->user_meta['role'])
	20	{
	21	$edit_user->add_meta("role", $_POST['user_role']);
b5b6c2ce	22	$edit_user->delete_meta("permissions");
6f0e7ce4 VP	23	Message::Success("Updated the role of $edit_user->username");
6f0e7ce4 VP	24	}
688348a0	25	}
2d62c85d	26
688348a0 VP	27	if ($postbutton && $can_edit_profile)
688348a0 VP	28	{
d3e3ec08	29	// Goes via core:
688348a0 VP	30	$array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false;
	31	$array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false;
	32	$array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false;
	33	$array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false;
	34	$array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false;
	35	$array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false;
d3e3ec08 BM	36	// Goes via meta:
d3e3ec08 BM	37	$session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600;
8a73256b VP	38
	39	if (!$array['update_pass'])
	40	{
	41	unset($array['update_pass']);
	42	unset($array['update_pass_conf']);
	43	}
	44	elseif ($array['update_pass'] == $array['update_pass_conf'])
688348a0	45	{
6b08fcb9	46	$array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
579020f8 VP	47	$edit_user->delete_meta("hibp");
579020f8 VP	48	$edit_user->HIBP(sha1($array['update_pass']));
9f9d16d5	49	unset($array['update_pass']);
688348a0 VP	50	}
	51	else
	52	{
	53	Message::Fail("Could not update password: Passwords did not match");
9f9d16d5 VP	54	unset($array['update_pass']);
9f9d16d5 VP	55	unset($array['update_pass_conf']);
688348a0 VP	56	}
688348a0 VP	57	$edit_user->update_core_info($array);
d3e3ec08	58	$edit_user->add_meta("session_timeout", $session_timeout);
688348a0 VP	59	$edit_user = new PanelUser($edit_user->username);
688348a0 VP	60	}
2d62c85d VP	61	?>
2d62c85d VP	62	<h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
78977ce3	63	<br>
2d62c85d	64	<form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">
6f0e7ce4	65
2d62c85d VP	66	<div class="input-group mb-3">
2d62c85d VP	67	<div class="input-group-prepend">
6f0e7ce4	68	<span class="input-group-text" style="width: 175px;">Username</span>
2d62c85d VP	69	</div><input disabled type="text" class="form-control" name="username" id="username" placeholder="<?php echo $edit_user->username; ?>">
	70	</div>
	71
6f0e7ce4 VP	72	<div class="input-group mb-3">
	73	<div class="input-group-prepend">
	74	<span class="input-group-text" style="width: 175px;">Role</span>
	75	</div><select name="user_role" <?php echo $can_edit; ?> class="custom-select" id="user_role">
	76	<?php
	77	foreach($roles_list as $s => $l)
	78	{
	79	$selected = ($s == $edit_user->user_meta['role']) ? "selected=\"selected\"" : "";
	80	echo "<option value=\"$s\" $selected>$s</option>";
	81	}
	82	?>
	83	</select>
	84	</div>
	85
	86
	87
2d62c85d VP	88	<div class="input-group mb-3">
2d62c85d VP	89	<div class="input-group-prepend">
d3e3ec08	90	<span class="input-group-text" style="width: 175px;">First Name</span>
6f0e7ce4	91	</div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="first_name" id="first_name" placeholder="<?php echo $edit_user->first_name; ?>">
2d62c85d VP	92	</div>
	93
	94
	95	<div class="input-group mb-3">
	96	<div class="input-group-prepend">
d3e3ec08	97	<span class="input-group-text" style="width: 175px;">Last Name</span>
6f0e7ce4	98	</div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="last_name" id="last_name" placeholder="<?php echo $edit_user->last_name; ?>">
2d62c85d VP	99	</div>
	100
	101
	102	<div class="input-group mb-3">
	103	<div class="input-group-prepend">
d3e3ec08	104	<span class="input-group-text" style="width: 175px;">Bio</span>
6f0e7ce4	105	</div><textarea <?php echo $caneditprofile; ?> class="form-control" name="bio" id="username"><?php echo $edit_user->bio; ?></textarea>
2d62c85d VP	106	</div>
	107
	108
	109	<div class="input-group mb-3">
	110	<div class="input-group-prepend">
d3e3ec08	111	<span class="input-group-text" style="width: 175px;">Email</span>
6f0e7ce4	112	</div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
2d62c85d VP	113	</div>
	114
	115	<div class="input-group mb-3">
	116	<div class="input-group-prepend">
d3e3ec08	117	<span class="input-group-text" style="width: 175px;">Session timeout</span>
6f0e7ce4	118	</div><input <?php echo $caneditprofile; ?> type="text" class="form-control" name="session_timeout" id="session_timeout" autocomplete="off" value="<?php echo $edit_user->user_meta['session_timeout'] ?? 3600; ?>">
d3e3ec08 BM	119	</div>
	120
	121	<div class="input-group mb-3">
	122	<div class="input-group-prepend">
	123	<span class="input-group-text" style="width: 175px;">New Password</span>
6f0e7ce4	124	</div><input <?php echo $caneditprofile; ?> type="password" class="form-control" name="password" id="password" autocomplete="off">
2405dc8e VP	125	</div><div class="input-group mb-3">
2405dc8e VP	126	<div class="input-group-prepend">
d3e3ec08	127	<span class="input-group-text" style="width: 175px;">Confirm Password</span>
6f0e7ce4	128	</div><input <?php echo $caneditprofile; ?> type="password" class="form-control" name="passwordconfirm" id="passwordconfirm" autocomplete="off">
2d62c85d VP	129	</div>
	130
	131	<br>
2405dc8e	132	<button type="submit" name="update_user" class="btn btn-primary">Save Changes</button><br>
685677bd VP	133	</form>
685677bd VP	134	<?php
c06c1713	135	require_once "../inc/footer.php";