[Summary view] [Print] [Text view]

   1  <?php /* $Id: do_user_aed.php 170 2008-05-22 17:54:44Z pedroix $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/admin/do_user_aed.php $ */
   2  if (!defined('W2P_BASE_DIR')) {
   3      die('You should not access this file directly.');
   4  }
   5  
   6  require_once ($AppUI->getSystemClass('libmail'));
   7  include $AppUI->getModuleClass('contacts');
   8  $del = isset($_REQUEST['del']) ? w2PgetParam($_REQUEST, 'del', false) : false;
   9  $contact_id = isset($_POST['contact_id']) ? w2PgetParam($_POST, 'contact_id', 0) : 0;
  10  $user_id = isset($_REQUEST['user_id']) ? w2PgetParam($_REQUEST, 'user_id', 0) : 0;
  11  $isNewUser = !(w2PgetParam($_REQUEST, 'user_id', 0));
  12  
  13  $perms = &$AppUI->acl();
  14  if ($del) {
  15      if (!$perms->checkModule('admin', 'delete')) {
  16          $AppUI->redirect('m=public&a=access_denied');
  17      }
  18      if (!$perms->checkModule('users', 'delete')) {
  19          $AppUI->redirect('m=public&a=access_denied');
  20      }
  21  } elseif ($isNewUser) {
  22      if (!$perms->checkModule('admin', 'add')) {
  23          $AppUI->redirect('m=public&a=access_denied');
  24      }
  25      if (!$perms->checkModule('users', 'add')) {
  26          $AppUI->redirect('m=public&a=access_denied');
  27      }
  28  } else {
  29      if ($user_id != $AppUI->user_id) {
  30          if (!$perms->checkModule('admin', 'edit')) {
  31              $AppUI->redirect('m=public&a=access_denied');
  32          }
  33          if (!$perms->checkModule('users', 'edit')) {
  34              $AppUI->redirect('m=public&a=access_denied');
  35          }
  36      }
  37  }
  38  
  39  $obj = new CUser();
  40  $contact = new CContact();
  41  if ($contact_id) {
  42      $contact->load($contact_id);
  43  }
  44  
  45  if (!$obj->bind($_POST)) {
  46      $AppUI->setMsg($obj->getError(), UI_MSG_ERROR);
  47      $AppUI->redirect();
  48  }
  49  if (!$contact->bind($_POST)) {
  50      $AppUI->setMsg($contact->getError(), UI_MSG_ERROR);
  51      $AppUI->redirect();
  52  }
  53  $obj->user_username = strtolower($obj->user_username);
  54  
  55  // prepare (and translate) the module name ready for the suffix
  56  $AppUI->setMsg('User');
  57  
  58  // !User's contact information not deleted - left for history.
  59  if ($del) {
  60      if (($msg = $obj->delete())) {
  61          $AppUI->setMsg($msg, UI_MSG_ERROR);
  62          $AppUI->redirect();
  63      } else {
  64          $AppUI->setMsg('deleted', UI_MSG_ALERT, true);
  65          $AppUI->redirect();
  66      }
  67      return;
  68  }
  69  if ($isNewUser) {
  70      // check if a user with the param Username already exists
  71      $userEx = false;
  72  
  73  	function userExistence($userName) {
  74          global $obj, $userEx;
  75          if ($userName == $obj->user_username) {
  76              $userEx = true;
  77          }
  78      }
  79  
  80      //pull a list of existing usernames
  81      $q = new DBQuery;
  82      $q->addTable('users', 'u');
  83      $q->addQuery('user_username');
  84      $users = $q->loadList();
  85  
  86      // Iterate the above userNameExistenceCheck for each user
  87      foreach ($users as $usrs) {
  88          $usrLst = array_map('userExistence', $usrs);
  89      }
  90      // If userName already exists quit with error and do nothing
  91      if ($userEx == true) {
  92          $AppUI->setMsg('already exists. Try another username.', UI_MSG_ERROR, true);
  93          $AppUI->redirect();
  94      }
  95  
  96      $contact->contact_owner = $AppUI->user_id;
  97  }
  98  
  99  if (($msg = $contact->store())) {
 100      $AppUI->setMsg($msg, UI_MSG_ERROR);
 101  } else {
 102      $obj->user_contact = $contact->contact_id;
 103      if (($msg = $obj->store())) {
 104          $AppUI->setMsg($msg, UI_MSG_ERROR);
 105      } else {
 106          if ($isNewUser && w2PgetParam($_REQUEST, 'send_user_mail', 0)) {
 107              notifyNewUserCredentials($contact->contact_email, $contact->contact_first_name, $obj->user_username, $_POST['user_password']);
 108          }
 109          if (isset($_REQUEST['user_role']) && $_REQUEST['user_role']) {
 110              $perms = &$AppUI->acl();
 111              if ($perms->insertUserRole($_REQUEST['user_role'], $obj->user_id)) {
 112                  $AppUI->setMsg('', UI_MSG_ALERT, true);
 113              } else {
 114                  $AppUI->setMsg('failed to add role', UI_MSG_ERROR);
 115              }
 116          }
 117          $AppUI->setMsg($isNewUser ? 'added' : 'updated', UI_MSG_OK, true);
 118      }
 119      ($isNewUser) ? $AppUI->redirect('m=admin&a=viewuser&user_id=' . $obj->user_id . '&tab=2') : $AppUI->redirect();
 120  }
 121  ?>