| [ Index ] |
|
Code source de Serendipity 1.2 |
1 <?php # $Id: personal.inc.php 1861 2007-08-21 15:54:13Z garvinhicking $ 2 # Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team) 3 # All rights reserved. See LICENSE file for licensing details 4 5 if (IN_serendipity !== true) { 6 die ("Don't hack!"); 7 } 8 9 if (!serendipity_checkPermission('personalConfiguration')) { 10 return; 11 } 12 13 $from = array(); 14 15 if ($serendipity['GET']['adminAction'] == 'save' && serendipity_checkFormToken()) { 16 $config = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE); 17 if ( (!serendipity_checkPermission('adminUsersEditUserlevel') || !serendipity_checkPermission('adminUsersMaintainOthers') ) 18 && (int)$_POST['userlevel'] > $serendipity['serendipityUserlevel']) { 19 echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>'; 20 } elseif (empty($_POST['username'])) { 21 echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_USERNAME_ERROR . '</div>'; 22 } elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && md5($_POST['check_password']) != $_SESSION['serendipityPassword']) { 23 echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_PASSWORD_ERROR . '</div>'; 24 } else { 25 $valid_groups = serendipity_getGroups($serendipity['authorid'], true); 26 27 foreach($config as $category) { 28 foreach ($category['items'] as $item) { 29 if (in_array('groups', $item['flags'])) { 30 if (serendipity_checkPermission('adminUsersMaintainOthers')) { 31 32 // Void, no fixing neccessarry 33 34 } elseif (serendipity_checkPermission('adminUsersMaintainSame')) { 35 if (!is_array($_POST[$item['var']])) { 36 continue; 37 } 38 // Check that no user may assign groups he's not allowed to. 39 foreach($_POST[$item['var']] AS $groupkey => $groupval) { 40 if (in_array($groupval, $valid_groups)) { 41 continue; 42 } elseif ($groupval == 2 && in_array(3, $valid_groups)) { 43 // Admin is allowed to assign users to chief editors 44 continue; 45 } elseif ($groupval == 1 && in_array(2, $valid_groups)) { 46 // Chief is allowed to assign users to editors 47 continue; 48 } 49 50 unset($_POST[$item['var']][$groupkey]); 51 } 52 53 } else { 54 continue; 55 } 56 /* 57 if (count($_POST[$item['var']]) < 1) { 58 echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . WARNING_NO_GROUPS_SELECTED . '</div>'; 59 } else { 60 serendipity_updateGroups($_POST[$item['var']], $serendipity['authorid'], false); 61 } 62 */ 63 continue; 64 } 65 66 // Moved to group administration: 67 if ($item['var'] == 'userlevel') continue; 68 if ($item['view'] == 'dangerous') continue; 69 70 if (serendipity_checkConfigItemFlags($item, 'local')) { 71 serendipity_set_user_var($item['var'], $_POST[$item['var']], $serendipity['authorid'], true); 72 } 73 74 if (serendipity_checkConfigItemFlags($item, 'configuration')) { 75 serendipity_set_config_var($item['var'], $_POST[$item['var']], $serendipity['authorid']); 76 } 77 } 78 79 $pl_data = array( 80 'id' => $serendipity['POST']['authorid'], 81 'authorid' => $serendipity['POST']['authorid'], 82 'username' => $_POST['username'], 83 'realname' => $_POST['realname'], 84 'email' => $_POST['email'] 85 ); 86 serendipity_updatePermalink($pl_data, 'author'); 87 serendipity_plugin_api::hook_event('backend_users_edit', $pl_data); 88 } 89 if ($serendipity['authorid'] === $_SESSION['serendipityAuthorid']) { 90 if (is_null($serendipity['detected_lang'])) { 91 $_SESSION['serendipityLanguage'] = $serendipity['lang']; 92 } 93 } 94 $from = $_POST; 95 ?> 96 <div class="serendipityAdminMsgSuccess"><img width="22px" height="22px" style="border: 0px; padding-right: 4px; vertical-align: middle" src="<?php echo serendipity_getTemplateFile('admin/img/admin_msg_success.png'); ?>" alt="" /><?php echo sprintf(MODIFIED_USER, $_POST['realname']) ?></div> 97 <?php } 98 } ?> 99 100 <form action="?serendipity[adminModule]=personal&serendipity[adminAction]=save" method="post"> 101 <?php 102 echo serendipity_setFormToken(); 103 $template = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE); 104 $user = serendipity_fetchUsers($serendipity['authorid']); 105 $from = $user[0]; 106 $from['groups'] = serendipity_getGroups($serendipity['authorid']); 107 unset($from['password']); 108 serendipity_printConfigTemplate($template, $from, true, false); 109 ?> 110 <div align="right"><input class="serendipityPrettyButton input_button" type="submit" name="SAVE" value="<?php echo SAVE; ?>" /></div> 111 </form> 112 113 <?php 114 115 $add = array('internal' => true); 116 serendipity_plugin_api::hook_event('backend_sidebar_entries_event_display_profiles', $from, $add); 117 /* vim: set sts=4 ts=4 expandtab : */
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sat Nov 24 09:00:37 2007 | par Balluche grâce à PHPXref 0.7 |
|
|