X-Git-Url: https://jfr.im/git/irc/unrealircd/unrealircd-webpanel.git/blobdiff_plain/2d62c85da90887f820807fde31bdc8c17051c447..7bcd30edb23fcc1872f0a6772ab91b3c9d8b4779:/settings/user-edit.php diff --git a/settings/user-edit.php b/settings/user-edit.php index 3f1aa29..4c77f6a 100644 --- a/settings/user-edit.php +++ b/settings/user-edit.php @@ -1,64 +1,135 @@ id; $edit_user = new PanelUser(NULL, $id); -$can_edit = (current_user_can(PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? "" : "disabled"; +$can_edit_profile = (user_can($us, PERMISSION_MANAGE_USERS) || $edit_user->id == $us->id) ? true : false; +$caneditprofile = ($can_edit_profile) ? "" : "disabled"; +$caneditpermissions = (user_can($us, PERMISSION_MANAGE_USERS)) ? true : false; +$can_edit = ($caneditpermissions) ? "" : "disabled"; +$postbutton = (isset($_POST['update_user'])) ? true : false; +$roles_list = get_panel_user_roles_list(); + +if ($postbutton && isset($_POST['user_role']) && $caneditpermissions) +{ + if ($_POST['user_role'] != $edit_user->user_meta['role']) + { + $edit_user->add_meta("role", $_POST['user_role']); + $edit_user->delete_meta("permissions"); + Message::Success("Updated the role of $edit_user->username"); + } +} +if ($postbutton && $can_edit_profile) +{ + // Goes via core: + $array['update_fname'] = (isset($_POST['first_name']) && strlen($_POST['first_name'])) ? $_POST['first_name'] : false; + $array['update_lname'] = (isset($_POST['last_name']) && strlen($_POST['last_name'])) ? $_POST['last_name'] : false; + $array['update_bio'] = (isset($_POST['bio']) && strlen($_POST['bio'])) ? $_POST['bio'] : false; + $array['update_email'] = (isset($_POST['email']) && strlen($_POST['email'])) ? $_POST['email'] : false; + $array['update_pass'] = (isset($_POST['password']) && strlen($_POST['password'])) ? $_POST['password'] : false; + $array['update_pass_conf'] = (isset($_POST['passwordconfirm']) && strlen($_POST['passwordconfirm'])) ? $_POST['passwordconfirm'] : false; + // Goes via meta: + $session_timeout = (isset($_POST['session_timeout']) && strlen($_POST['session_timeout'])) ? $_POST['session_timeout'] : 3600; + + if (!$array['update_pass']) + { + unset($array['update_pass']); + unset($array['update_pass_conf']); + } + elseif ($array['update_pass'] == $array['update_pass_conf']) + { + $array['update_pass_conf'] = PanelUser::password_hash($array['update_pass_conf']); + $edit_user->delete_meta("hibp"); + $edit_user->HIBP(sha1($array['update_pass'])); + unset($array['update_pass']); + } + else + { + Message::Fail("Could not update password: Passwords did not match"); + unset($array['update_pass']); + unset($array['update_pass_conf']); + } + $edit_user->update_core_info($array); + $edit_user->add_meta("session_timeout", $session_timeout); + $edit_user = new PanelUser($edit_user->username); +} ?>