Mantis 1.1.0rc3 : /manage_user

[Sommaire] [Imprimer]
   1  <?php
   2  # Mantis - a php based bugtracking system
   3  
   4  # Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
   5  # Copyright (C) 2002 - 2007  Mantis Team   - mantisbt-dev@lists.sourceforge.net
   6  
   7  # Mantis is free software: you can redistribute it and/or modify
   8  # it under the terms of the GNU General Public License as published by
   9  # the Free Software Foundation, either version 2 of the License, or
  10  # (at your option) any later version.
  11  #
  12  # Mantis is distributed in the hope that it will be useful,
  13  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  # GNU General Public License for more details.
  16  #
  17  # You should have received a copy of the GNU General Public License
  18  # along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
  19  
  20      # --------------------------------------------------------
  21      # $Id: manage_user_update.php,v 1.41.2.1 2007-10-13 22:33:58 giallu Exp $
  22      # --------------------------------------------------------
  23  
  24      require_once ( 'core.php' );
  25  
  26      $t_core_path = config_get( 'core_path' );
  27  
  28      require_once( $t_core_path.'email_api.php' );
  29  
  30      auth_reauthenticate();
  31  
  32      access_ensure_global_level( config_get( 'manage_user_threshold' ) );
  33  
  34      $f_protected    = gpc_get_bool( 'protected' );
  35      $f_enabled        = gpc_get_bool( 'enabled' );
  36      $f_email        = gpc_get_string( 'email', '' );
  37      $f_username        = gpc_get_string( 'username', '' );
  38      $f_realname        = gpc_get_string( 'realname', '' );
  39      $f_access_level    = gpc_get_int( 'access_level' );
  40      $f_user_id        = gpc_get_int( 'user_id' );
  41  
  42      $f_email    = trim( $f_email );
  43      $f_username    = trim( $f_username );
  44  
  45      $t_old_username = user_get_field( $f_user_id, 'username' );
  46  
  47      # check that the username is unique
  48      if ( 0 != strcasecmp( $t_old_username, $f_username )
  49          && false == user_is_name_unique( $f_username ) ) {
  50          trigger_error( ERROR_USER_NAME_NOT_UNIQUE, ERROR );
  51      }
  52  
  53      user_ensure_name_valid( $f_username );
  54      user_ensure_realname_valid( $f_realname );
  55      user_ensure_realname_unique( $f_username, $f_realname );
  56  
  57      $f_email = email_append_domain( $f_email );
  58      email_ensure_valid( $f_email );
  59      email_ensure_not_disposable( $f_email );
  60  
  61      $c_email        = db_prepare_string( $f_email );
  62      $c_username        = db_prepare_string( $f_username );
  63      $c_realname        = db_prepare_string( $f_realname );
  64      $c_protected    = db_prepare_bool( $f_protected );
  65      $c_enabled        = db_prepare_bool( $f_enabled );
  66      $c_user_id            = db_prepare_int( $f_user_id );
  67      $c_access_level    = db_prepare_int( $f_access_level );
  68  
  69      $t_user_table = config_get( 'mantis_user_table' );
  70  
  71      $t_old_protected = user_get_field( $f_user_id, 'protected' );
  72      
  73      # check that we are not downgrading the last administrator
  74      $t_old_access = user_get_field( $f_user_id, 'access_level' );
  75      if ( ( ADMINISTRATOR == $t_old_access ) && ( $t_old_access <> $f_access_level ) && ( 1 >= user_count_level( ADMINISTRATOR ) ) ) {
  76          trigger_error( ERROR_USER_CHANGE_LAST_ADMIN, ERROR );
  77      }       
  78  
  79      # Project specific access rights override global levels, hence, for users who are changed
  80      # to be administrators, we have to remove project specific rights.
  81          if ( ( $c_access_level >= ADMINISTRATOR ) && ( !user_is_administrator( $c_user_id ) ) ) {
  82          user_delete_project_specific_access_levels( $c_user_id );
  83      }
  84  
  85      # if the user is already protected and the admin is not removing the
  86      #  protected flag then don't update the access level and enabled flag.
  87      #  If the user was unprotected or the protected flag is being turned off
  88      #  then proceed with a full update.
  89      if ( $f_protected && $t_old_protected ) {
  90          $query = "UPDATE $t_user_table
  91                  SET username='$c_username', email='$c_email',
  92                      protected='$c_protected', realname='$c_realname'
  93                  WHERE id='$c_user_id'";
  94      } else {
  95          $query = "UPDATE $t_user_table
  96                  SET username='$c_username', email='$c_email',
  97                      access_level='$c_access_level', enabled='$c_enabled',
  98                      protected='$c_protected', realname='$c_realname'
  99                  WHERE id='$c_user_id'";
 100      }
 101  
 102      $result = db_query( $query );
 103      $t_redirect_url = 'manage_user_edit_page.php?user_id=' . $c_user_id;
 104  ?>
 105  <?php html_page_top1() ?>
 106  <?php
 107      if ( $result ) {
 108          html_meta_redirect( $t_redirect_url );
 109      }
 110  ?>
 111  <?php html_page_top2() ?>
 112  
 113  <br />
 114  <div align="center">
 115  <?php
 116      if ( $f_protected && $t_old_protected ) {                # PROTECTED
 117          echo lang_get( 'manage_user_protected_msg' ) . '<br />';
 118      } else if ( $result ) {                    # SUCCESS
 119          echo lang_get( 'operation_successful' ) . '<br />';
 120      } else {                                # FAILURE
 121          print_sql_error( $query );
 122      }
 123  
 124      print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) );
 125  ?>
 126  </div>
 127  
 128  <?php html_page_bottom1( __FILE__ ) ?>
Code source de Mantis 1.1.0rc3

/ -> manage_user_update.php (source)

Généré le : Thu Nov 29 09:42:17 2007	par Balluche grâce à PHPXref 0.7