settings/user-edit.php

   1 <?php
   2
   3 require_once "../inc/common.php";
   4 require_once "../inc/header.php";
   5 do_log($_POST);
   6
   7 $us = unreal_get_current_user();
   8 $id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
   9 $edit_user = new PanelUser(NULL, $id);
  10 $can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? true : false;
  11 $caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
  12 $can_edit = ($caneditpermissions) ? "" : "disabled";
  13 $postbutton = (isset($_POST['update_user'])) ? true : false;
  14 $permissions = (isset($_POST['permissions'])) ? $_POST['permissions'] : [];
  15 $edit_perms = (isset($edit_user->user_meta['permissions'])) ? unserialize($edit_user->user_meta['permissions']) : [];
  16
  17 /* Check if they can edit their permissions and if the permissions have indeed been changed */
  18 if ($postbutton && is_array($permissions) && $caneditpermissions
  19         && $permissions != $edit_perms)
  20 {
  21     foreach ($permissions as $p)
  22         if (!in_array($p, $edit_perms))
  23             $edit_user->add_permission($p);
  24
  25     foreach($edit_perms as $p)
  26         if (!in_array($p, $permissions))
  27             $edit_user->delete_permission($p);
  28
  29     Message::Success("Permissions for <strong>$edit_user->username</strong> have been updated");
  30 }
  31
  32 if ($postbutton && $can_edit_profile)
  33 {
  34     // Goes via core:
  35     $array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false;
  36     $array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false;
  37     $array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false;
  38     $array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false;
  39     $array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false;
  40     $array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false;
  41     // Goes via meta:
  42     $session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600;
  43
  44     if (!$array['update_pass'])
  45     {
  46         unset($array['update_pass']);
  47         unset($array['update_pass_conf']);
  48     }
  49     elseif ($array['update_pass'] == $array['update_pass_conf'])
  50     {
  51         $array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']);
  52         unset($array['update_pass']);
  53     }
  54     else
  55     {
  56         Message::Fail("Could not update password: Passwords did not match");
  57         unset($array['update_pass']);
  58         unset($array['update_pass_conf']);
  59     }
  60     $edit_user->update_core_info($array);
  61     $edit_user->add_meta("session_timeout", $session_timeout);
  62     $edit_user = new PanelUser($edit_user->username);
  63 }
  64 ?>
  65 <h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
  66 <br>
  67 <form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">
  68 <?php if ($can_edit_profile) { ?>
  69 <a class="btn btn-<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "danger" : "info"; ?>" data-toggle="collapse" href="#collapseExample" role="button" aria-expanded="false" aria-controls="collapseExample">
  70 <?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "Edit" : "View"; ?> Permissions
  71 </a>
  72 <div class="collapse" id="collapseExample">
  73     <br>
  74   <div class="card card-body">
  75     <h6>Here are all the things <?php echo $edit_user->username; ?> can do</h6>
  76     <?php generate_panel_user_permission_table($edit_user); ?>
  77   </div>
  78 </div>
  79 <?php } ?>
  80 <br><br>
  81 <div class="input-group mb-3">
  82     <div class="input-group-prepend">
  83         <span class="input-group-text" style="width: 175px;">@</span>
  84     </div><input disabled type="text" class="form-control" name="username" id="username" placeholder="<?php echo $edit_user->username; ?>">
  85 </div>
  86
  87 <div class="input-group mb-3">
  88     <div class="input-group-prepend">
  89         <span class="input-group-text" style="width: 175px;">First Name</span>
  90     </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="first_name" id="first_name" placeholder="<?php echo $edit_user->first_name; ?>">
  91 </div>
  92
  93
  94 <div class="input-group mb-3">
  95     <div class="input-group-prepend">
  96         <span class="input-group-text" style="width: 175px;">Last Name</span>
  97     </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="last_name" id="last_name" placeholder="<?php echo $edit_user->last_name; ?>">
  98 </div>
  99
 100
 101 <div class="input-group mb-3">
 102     <div class="input-group-prepend">
 103         <span class="input-group-text" style="width: 175px;">Bio</span>
 104     </div><textarea <?php echo $can_edit; ?> class="form-control" name="bio" id="username"><?php echo $edit_user->bio; ?></textarea>
 105 </div>
 106
 107
 108 <div class="input-group mb-3">
 109     <div class="input-group-prepend">
 110         <span class="input-group-text" style="width: 175px;">Email</span>
 111     </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
 112 </div>
 113
 114 <div class="input-group mb-3">
 115     <div class="input-group-prepend">
 116         <span class="input-group-text" style="width: 175px;">Session timeout</span>
 117     </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="session_timeout" id="session_timeout" autocomplete="off" value="<?php echo $edit_user->user_meta['session_timeout'] ?? 3600; ?>">
 118 </div>
 119
 120 <div class="input-group mb-3">
 121     <div class="input-group-prepend">
 122         <span class="input-group-text" style="width: 175px;">New Password</span>
 123     </div><input <?php echo $can_edit; ?> type="password" class="form-control" name="password" id="password" autocomplete="off">
 124 </div><div class="input-group mb-3">
 125     <div class="input-group-prepend">
 126         <span class="input-group-text" style="width: 175px;">Confirm Password</span>
 127     </div><input <?php echo $can_edit; ?> type="password" class="form-control" name="passwordconfirm" id="passwordconfirm" autocomplete="off">
 128 </div>
 129
 130 <br>
 131 <button type="submit" name="update_user" class="btn btn-primary">Save Changes</button><br>
 132 </form>
 133 <?php
 134 require_once "../inc/footer.php";