]> jfr.im git - irc/unrealircd/unrealircd-webpanel.git/blobdiff - settings/user-edit.php
projects / irc / unrealircd / unrealircd-webpanel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update class-paneluser.php
[irc/unrealircd/unrealircd-webpanel.git] / settings / user-edit.php
diff --git a/settings/user-edit.php b/settings/user-edit.php
index 1567ea90d89d5832cf860126997ce3d51f26ac99..469461d0bfbf9e7dee4b4679fca45ced158e0500 100644 (file)
--- a/settings/user-edit.php
+++ b/settings/user-edit.php
@@ -2,18 +2,38 @@
 
 require_once "../common.php";
 require_once "../header.php";
-do_log($_POST, $_GET, $_FILES);
+
 
 $us = unreal_get_current_user();
 $id = (isset($_GET['id'])) ? $_GET['id'] : $us->id;
 $edit_user = new PanelUser(NULL, $id);
-$can_edit = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? "" : "disabled";
+$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? true : false;
+$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false;
+$can_edit = ($caneditpermissions) ? "" : "disabled";
+
+$permissions = (isset($_POST['permissions'])) ? $_POST['permissions'] : false;
+$edit_perms = (isset($edit_user->user_meta['permissions'])) ? unserialize($edit_user->user_meta['permissions']) : [];
+
+/* Check if they can edit their permissions and if the permissions have indeed been changed */
+if (is_array($permissions) && $caneditpermissions
+        && $permissions != $edit_perms)
+{
+    foreach ($permissions as $p)
+        if (!in_array($p, $edit_perms))
+            $edit_user->add_permission($p);
+
+    foreach($edit_perms as $p)
+        if (!in_array($p, $permissions))
+            $edit_user->delete_permission($p);
+}
+
 
 ?>
 <h4>Edit User: "<?php echo $edit_user->username; ?>"</h4>
-<br><br>
+<br>
 <form method="post" action="user-edit.php?id=<?php echo $edit_user->id; ?>" autocomplete="off" enctype="multipart/form-data">
-<a class="btn btn-<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "danger" : "primary"; ?>" data-toggle="collapse" href="#collapseExample" role="button" aria-expanded="false" aria-controls="collapseExample">
+<?php if ($can_edit_profile) { ?>
+<a class="btn btn-<?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "danger" : "info"; ?>" data-toggle="collapse" href="#collapseExample" role="button" aria-expanded="false" aria-controls="collapseExample">
 <?php echo (user_can($us, PERMISSION_MANAGE_USERS)) ? "Edit" : "View"; ?> Permissions
 </a>
 <div class="collapse" id="collapseExample">
@@ -23,6 +43,7 @@ $can_edit = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id
     <?php generate_panel_user_permission_table($edit_user); ?>
   </div>
 </div>
+<?php } ?>
 <br><br>
 <div class="input-group mb-3">
     <div class="input-group-prepend">
@@ -54,7 +75,7 @@ $can_edit = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id
 <div class="input-group mb-3">
     <div class="input-group-prepend">
         <span class="input-group-text" style="width: 100px;">Email</span>
-    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="email" id="email" autocomplete="off">
+    </div><input <?php echo $can_edit; ?> type="text" class="form-control" name="email" id="email" autocomplete="off" value="<?php echo $edit_user->email; ?>">
 </div>
 
 <div class="input-group mb-3">
Unnamed repository; edit this file 'description' to name the repository.