[irc/unrealircd/unrealircd-webpanel.git] / settings / user-edit.php

<?php

require_once "../inc/common.php";
require_once "../inc/header.php";
do_log($_POST);

$us = unreal_get_current_user();
$id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
$edit_user = new PanelUser(NULL, $id);
$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? true : false;
$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
$can_edit = ($caneditpermissions) ? "" : "disabled";
$postbutton = (isset($_POST['update_user'])) ? true : false;
$permissions = (isset($_POST['permissions'])) ? $_POST['permissions'] : [];
$edit_perms = (isset($edit_user->user_meta['permissions'])) ? unserialize($edit_user->user_meta['permissions']) : [];

/* Check if they can edit their permissions and if the permissions have indeed been changed */
if ($postbutton && is_array($permissions) && $caneditpermissions
        && $permissions != $edit_perms)
{
    foreach ($permissions as $p)
        if (!in_array($p, $edit_perms))
            $edit_user->add_permission($p);

    foreach($edit_perms as $p)
        if (!in_array($p, $permissions))
            $edit_user->delete_permission($p);

    Message::Success("Permissions for <strong>$edit_user->username</strong> have been updated");
}

if ($postbutton && $can_edit_profile)
{
    // Goes via core:
    $array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false;
    $array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false;
    $array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false;
    $array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false;
    $array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false;
    $array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false;
    // Goes via meta:
    $session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600;

    if (!$array['update_pass'])
    {
        unset($array['update_pass']);
        unset($array['update_pass_conf']);
    }
    elseif ($array['update_pass'] == $array['update_pass_conf'])
    {
        $array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
        unset($array['update_pass']);
    }
    else
    {
        Message::Fail("Could not update password: Passwords did not match");
        unset($array['update_pass']);
        unset($array['update_pass_conf']);
    }
    $edit_user->update_core_info($array);
    $edit_user->add_meta("session_timeout", $session_timeout);
    $edit_user = new PanelUser($edit_user->username);
}
?>
<h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
<br>
<form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">
<?php if ($can_edit_profile) { ?>
<a class="btn btn-<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "danger" : "info"; ?>" data-toggle="collapse" href="#collapseExample" role="button" aria-expanded="false" aria-controls="collapseExample">
<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "Edit" : "View"; ?> Permissions
</a>
<div class="collapse" id="collapseExample">
    <br>
  <div class="card card-body">
    <h6>Here are all the things <?php echo $edit_user->username; ?> can do</h6>
    <?php generate_panel_user_permission_table($edit_user); ?>
  </div>
</div>
<?php } ?>
<br><br>
<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">@</span>
    </div><input disabled type="text" class="form-control" name="username" id="username" placeholder="<?php echo $edit_user->username; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">First Name</span>
    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="first_name" id="first_name" placeholder="<?php echo $edit_user->first_name; ?>">
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Last Name</span>
    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="last_name" id="last_name" placeholder="<?php echo $edit_user->last_name; ?>">
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Bio</span>
    </div><textarea <?php echo $can_edit; ?> class="form-control" name="bio" id="username"><?php echo $edit_user->bio; ?></textarea>
</div>


<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Email</span>
    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Session timeout</span>
    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="session_timeout" id="session_timeout" autocomplete="off" value="<?php echo $edit_user->user_meta['session_timeout'] ?? 3600; ?>">
</div>

<div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">New Password</span>
    </div><input <?php echo $can_edit; ?> type="password" class="form-control" name="password" id="password" autocomplete="off">
</div><div class="input-group mb-3">
    <div class="input-group-prepend">
        <span class="input-group-text" style="width: 175px;">Confirm Password</span>
    </div><input <?php echo $can_edit; ?> type="password" class="form-control" name="passwordconfirm" id="passwordconfirm" autocomplete="off">
</div>

<br>
<button type="submit" name="update_user" class="btn btn-primary">Save Changes</button><br>
</form>
<?php
require_once "../inc/footer.php";
Commit	Line	Data
fdc0088f VP	1	<?php
fdc0088f VP	2
c06c1713 BM	3	require_once "../inc/common.php";
c06c1713 BM	4	require_once "../inc/header.php";
688348a0	5	do_log($_POST);
2d62c85d VP	6
	7	$us = unreal_get_current_user();
	8	$id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
	9	$edit_user = new PanelUser(NULL, $id);
78977ce3 VP	10	$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) \|\| $edit_user->id == $us->id) ? true : false;
	11	$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
	12	$can_edit = ($caneditpermissions) ? "" : "disabled";
688348a0 VP	13	$postbutton = (isset($_POST['update_user'])) ? true : false;
688348a0 VP	14	$permissions = (isset($_POST['permissions'])) ? $_POST['permissions'] : [];
f5173b9c	15	$edit_perms = (isset($edit_user->user_meta['permissions'])) ? unserialize($edit_user->user_meta['permissions']) : [];
78977ce3	16
f5173b9c	17	/* Check if they can edit their permissions and if the permissions have indeed been changed */
688348a0	18	if ($postbutton && is_array($permissions) && $caneditpermissions
f5173b9c VP	19	&& $permissions != $edit_perms)
	20	{
	21	foreach ($permissions as $p)
	22	if (!in_array($p, $edit_perms))
	23	$edit_user->add_permission($p);
	24
	25	foreach($edit_perms as $p)
	26	if (!in_array($p, $permissions))
	27	$edit_user->delete_permission($p);
f5173b9c	28
688348a0 VP	29	Message::Success("Permissions for <strong>$edit_user->username</strong> have been updated");
688348a0 VP	30	}
2d62c85d	31
688348a0 VP	32	if ($postbutton && $can_edit_profile)
688348a0 VP	33	{
d3e3ec08	34	// Goes via core:
688348a0 VP	35	$array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false;
	36	$array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false;
	37	$array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false;
	38	$array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false;
	39	$array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false;
	40	$array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false;
d3e3ec08 BM	41	// Goes via meta:
d3e3ec08 BM	42	$session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600;
8a73256b VP	43
	44	if (!$array['update_pass'])
	45	{
	46	unset($array['update_pass']);
	47	unset($array['update_pass_conf']);
	48	}
	49	elseif ($array['update_pass'] == $array['update_pass_conf'])
688348a0	50	{
6b08fcb9	51	$array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
9f9d16d5	52	unset($array['update_pass']);
688348a0 VP	53	}
	54	else
	55	{
	56	Message::Fail("Could not update password: Passwords did not match");
9f9d16d5 VP	57	unset($array['update_pass']);
9f9d16d5 VP	58	unset($array['update_pass_conf']);
688348a0 VP	59	}
688348a0 VP	60	$edit_user->update_core_info($array);
d3e3ec08	61	$edit_user->add_meta("session_timeout", $session_timeout);
688348a0 VP	62	$edit_user = new PanelUser($edit_user->username);
688348a0 VP	63	}
2d62c85d VP	64	?>
2d62c85d VP	65	<h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
78977ce3	66	<br>
2d62c85d	67	<form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">
78977ce3 VP	68	<?php if ($can_edit_profile) { ?>
78977ce3 VP	69	<a class="btn btn-<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "danger" : "info"; ?>" data-toggle="collapse" href="#collapseExample" role="button" aria-expanded="false" aria-controls="collapseExample">
2405dc8e VP	70	<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "Edit" : "View"; ?> Permissions
	71	</a>
	72	<div class="collapse" id="collapseExample">
	73	<br>
	74	<div class="card card-body">
	75	<h6>Here are all the things <?php echo $edit_user->username; ?> can do</h6>
	76	<?php generate_panel_user_permission_table($edit_user); ?>
	77	</div>
	78	</div>
78977ce3	79	<?php } ?>
2405dc8e	80	<br><br>
2d62c85d VP	81	<div class="input-group mb-3">
2d62c85d VP	82	<div class="input-group-prepend">
d3e3ec08	83	<span class="input-group-text" style="width: 175px;">@</span>
2d62c85d VP	84	</div><input disabled type="text" class="form-control" name="username" id="username" placeholder="<?php echo $edit_user->username; ?>">
	85	</div>
	86
	87	<div class="input-group mb-3">
	88	<div class="input-group-prepend">
d3e3ec08	89	<span class="input-group-text" style="width: 175px;">First Name</span>
2d62c85d VP	90	</div><input <?php echo $can_edit; ?> type="text" class="form-control" name="first_name" id="first_name" placeholder="<?php echo $edit_user->first_name; ?>">
	91	</div>
	92
	93
	94	<div class="input-group mb-3">
	95	<div class="input-group-prepend">
d3e3ec08	96	<span class="input-group-text" style="width: 175px;">Last Name</span>
2d62c85d VP	97	</div><input <?php echo $can_edit; ?> type="text" class="form-control" name="last_name" id="last_name" placeholder="<?php echo $edit_user->last_name; ?>">
	98	</div>
	99
	100
	101	<div class="input-group mb-3">
	102	<div class="input-group-prepend">
d3e3ec08	103	<span class="input-group-text" style="width: 175px;">Bio</span>
2d62c85d VP	104	</div><textarea <?php echo $can_edit; ?> class="form-control" name="bio" id="username"><?php echo $edit_user->bio; ?></textarea>
	105	</div>
	106
	107
	108	<div class="input-group mb-3">
	109	<div class="input-group-prepend">
d3e3ec08	110	<span class="input-group-text" style="width: 175px;">Email</span>
f5173b9c	111	</div><input <?php echo $can_edit; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
2d62c85d VP	112	</div>
	113
	114	<div class="input-group mb-3">
	115	<div class="input-group-prepend">
d3e3ec08 BM	116	<span class="input-group-text" style="width: 175px;">Session timeout</span>
	117	</div><input <?php echo $can_edit; ?> type="text" class="form-control" name="session_timeout" id="session_timeout" autocomplete="off" value="<?php echo $edit_user->user_meta['session_timeout'] ?? 3600; ?>">
	118	</div>
	119
	120	<div class="input-group mb-3">
	121	<div class="input-group-prepend">
	122	<span class="input-group-text" style="width: 175px;">New Password</span>
2405dc8e VP	123	</div><input <?php echo $can_edit; ?> type="password" class="form-control" name="password" id="password" autocomplete="off">
	124	</div><div class="input-group mb-3">
	125	<div class="input-group-prepend">
d3e3ec08	126	<span class="input-group-text" style="width: 175px;">Confirm Password</span>
688348a0	127	</div><input <?php echo $can_edit; ?> type="password" class="form-control" name="passwordconfirm" id="passwordconfirm" autocomplete="off">
2d62c85d VP	128	</div>
	129
	130	<br>
2405dc8e	131	<button type="submit" name="update_user" class="btn btn-primary">Save Changes</button><br>
685677bd VP	132	</form>
685677bd VP	133	<?php
c06c1713	134	require_once "../inc/footer.php";