| [ Index ] | PHP Cross Reference of Mambo 4.6.5 |
|
| [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @package Mambo 4 * @author Mambo Foundation Inc see README.php 5 * @copyright (C) 2000 - 2009 Mambo Foundation Inc. 6 * See COPYRIGHT.php for copyright notices and details. 7 * @license GNU/GPL Version 2, see LICENSE.php 8 * 9 * Redistributions of files must retain the above copyright notice. 10 * 11 * Mambo is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU General Public License 13 * as published by the Free Software Foundation; version 2 of the License. 14 */ 15 16 /** ensure this file is being included by a parent file */ 17 defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); 18 19 // Editor usertype check 20 //$is_editor = (strtolower($my->usertype) == 'author' || strtolower($my->usertype) == 'editor' || strtolower($my->usertype) == 'administrator' || strtolower($my->usertype) == 'super administrator' ); 21 $access = new stdClass(); 22 $access->canEdit = $acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'all' ); 23 $access->canEditOwn = $acl->acl_check( 'action', 'edit', 'users', $my->usertype, 'content', 'own' ); 24 25 require_once ( $mainframe->getPath( 'front_html' ) ); 26 $task = mosGetParam( $_REQUEST, 'task' ); 27 28 switch( $task ) { 29 case "saveUpload": 30 saveUpload( $mosConfig_dbprefix, $uid, $option, $userfile, $userfile_name, $type, $existingImage); 31 break; 32 33 case "UserDetails": 34 userEdit( $option, $my->id, T_('Update') ); 35 break; 36 37 case "saveUserEdit": 38 userSave( $option, $my->id ); 39 break; 40 41 case "CheckIn": 42 CheckIn( $my->id, $access, $option ); 43 break; 44 45 default: 46 HTML_user::frontpage(); 47 break; 48 } 49 50 function saveUpload($database, $_dbprefix, $uid, $option, $userfile, $userfile_name, $type, $existingImage) { 51 global $database; 52 53 if ($uid == 0) { 54 mosNotAuth(); 55 return; 56 } 57 58 $base_Dir = "images/stories/"; 59 $checksize=filesize($userfile); 60 if ($checksize > 50000) { 61 echo "<script> alert(\"".T_('You cannot upload files greater than 15kb in size.')."\"); window.history.go(-1); </script>\n"; 62 } else { 63 if (file_exists($base_Dir.$userfile_name)) { 64 $message = sprintf(T_('Image %s already exists. Please rename the file and try again.'),$userfile_name); 65 print "<script> alert('$message'); window.history.go(-1);</script>\n"; 66 } else { 67 if ((!strcasecmp(substr($userfile_name,-4),".gif")) || (!strcasecmp(substr($userfile_name,-4),".jpg"))) { 68 if (!move_uploaded_file($userfile, $base_Dir.$userfile_name)) 69 { 70 printf(T_('Failed to copy %s'), $userfile_name); 71 } else { 72 echo "<script>window.opener.focus;</script>"; 73 if ($type=="news") { 74 $op="UserNews"; 75 } elseif ($type=="articles") { 76 $op="UserArticle"; 77 } 78 79 if ($existingImage!="") { 80 if (file_exists($base_Dir.$existingImage)) { 81 //delete the exisiting file 82 unlink($base_Dir.$existingImage); 83 } 84 } 85 echo "<script>window.opener.document.adminForm.ImageName.value='$userfile_name';</script>"; 86 echo "<script>window.opener.document.adminForm.ImageName2.value='$userfile_name';</script>"; 87 echo "<script>window.opener.document.adminForm.imagelib.src=null;</script>"; 88 echo "<script>window.opener.document.adminForm.imagelib.src='images/stories/$userfile_name';</script>"; 89 echo "<script>window.close(); </script>"; 90 } 91 } else { 92 echo "<script> alert(\"".T_('You may only upload a gif or jpg image.')."\"); window.history.go(-1); </script>\n"; 93 } 94 } 95 } 96 } 97 98 function userEdit( $option, $uid, $submitvalue) { 99 global $database; 100 if ($uid == 0) { 101 mosNotAuth(); 102 return; 103 } 104 $row = new mosUser( $database ); 105 $row->load( $uid ); 106 $row->orig_password = $row->password; 107 HTML_user::userEdit( $row, $option, $submitvalue ); 108 } 109 110 function userSave( $option, $uid) { 111 global $database, $my; 112 113 if (!mosValidFormId($option,'edit',$my)) { 114 mosRedirect('index.php', T_('Failed form hash')); 115 } 116 117 $user_id = intval( mosGetParam( $_POST, 'id', 0 )); 118 119 // do some security checks 120 if ($uid == 0 || $user_id == 0 || $user_id <> $uid || ($my->id && ($my->id !== $user_id))) { 121 mosNotAuth(); 122 return; 123 } 124 $row = new mosUser( $database ); 125 $row->load( $user_id ); 126 $row->orig_password = $row->password; 127 128 // verify password when editing existing user 129 $required_pass = isset($_POST['requiredPass']) ? trim(mosGetParam($_POST, 'requiredPass', '')) : ''; 130 if (isset($_POST['requiredPass'])) unset ($_POST['requiredPass']); 131 if ($user_id) { 132 if (md5($required_pass) !== $row->password ) { 133 echo "<script> alert('".T_("Passwords do not match")."'); window.history.go(-1); </script>\n"; 134 echo T_("Passwords do not match"); 135 return; 136 } 137 } 138 139 if (!$row->bind( $_POST, "gid usertype" )) { 140 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 141 exit(); 142 } 143 mosMakeHtmlSafe($row); 144 145 if(isset($_POST["password"]) && $_POST["password"] != "") { 146 if(isset($_POST["verifyPass"]) && ($_POST["verifyPass"] == $_POST["password"])) { 147 $row->password = md5($_POST["password"]); 148 } else { 149 echo "<script> alert(\"".T_('Passwords do not match')."\"); window.history.go(-1); </script>\n"; 150 exit(); 151 } 152 } else { 153 // Restore 'original password' 154 $row->password = $row->orig_password; 155 } 156 if (!$row->check()) { 157 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 158 exit(); 159 } 160 161 unset($row->orig_password); // prevent DB error!! 162 163 if (!$row->store()) { 164 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 165 exit(); 166 } 167 168 $loginfo = new mosLoginDetails($row->username, $_POST['password']); 169 $mambothandler =& mosMambotHandler::getInstance(); 170 $mambothandler->loadBotGroup('authenticator'); 171 $mambothandler->trigger('userChange', array($loginfo)); 172 mosRedirect ("index.php?option=$option", T_('Your settings have been saved.')); 173 } 174 175 function CheckIn( $userid, $access, $option ){ 176 global $database; 177 global $mosConfig_db; 178 179 if (!($access->canEdit || $access->canEditOwn || $userid > 0)) { 180 mosNotAuth(); 181 return; 182 } 183 184 $lt = mysql_list_tables($mosConfig_db); 185 $k = 0; 186 echo "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\">"; 187 while (list($tn) = mysql_fetch_array($lt)) { 188 // only check in the mos_* tables 189 if (strpos( $tn, $database->_table_prefix ) !== 0) { 190 continue; 191 } 192 $lf = mysql_list_fields($mosConfig_db, "$tn"); 193 $nf = mysql_num_fields($lf); 194 195 $checked_out = false; 196 $editor = false; 197 198 for ($i = 0; $i < $nf; $i++) { 199 $fname = mysql_field_name($lf, $i); 200 if ( $fname == "checked_out") { 201 $checked_out = true; 202 } else if ( $fname == "editor") { 203 $editor = true; 204 } 205 } 206 207 if ($checked_out) { 208 if ($editor) { 209 $database->setQuery( "SELECT checked_out, editor FROM $tn WHERE checked_out > 0 AND checked_out=$userid" ); 210 } else { 211 $database->setQuery( "SELECT checked_out FROM $tn WHERE checked_out > 0 AND checked_out=$userid" ); 212 } 213 $res = $database->query(); 214 $num = $database->getNumRows( $res ); 215 216 if ($editor) { 217 $database->setQuery( "UPDATE $tn SET checked_out=0, checked_out_time='00:00:00', editor=NULL WHERE checked_out > 0" ); 218 } else { 219 $database->setQuery( "UPDATE $tn SET checked_out=0, checked_out_time='0000-00-00 00:00:00' WHERE checked_out > 0" ); 220 } 221 $res = $database->query(); 222 223 if ($res == 1) { 224 225 if ($num > 0) { 226 echo "\n<tr class=\"row$k\">"; 227 echo "\n <td width=\"250\">"; 228 echo T_('Checking table'); 229 echo " - $tn</td>"; 230 echo "\n <td>"; 231 printf(Tn_('Checked in %d item', 'Checked in %d items', $num), $num); 232 echo T_(); 233 echo "</td>"; 234 echo "\n</tr>"; 235 } 236 $k = 1 - $k; 237 } 238 } 239 } 240 ?> 241 <tr> 242 <td colspan="2"><strong><?php echo T_('All items checked out have now been checked in'); ?></strong></td> 243 </tr> 244 </table> 245 <?php 246 } 247 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Feb 5 00:05:01 2012 | Cross-referenced by PHPXref 0.7 |
| Mambo API: Mambo is Free software released under the GNU/General Public License, Version 2 |