<?php
/*
UserSpice 4
An Open Source PHP User Management System
by the UserSpice Team at http://UserSpice.com
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
?>
<?php require_once 'init.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
<?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
<?php if (!securePage($_SERVER['PHP_SELF'])){die();} ?>
<?php
//PHP Goes Here!
$errors = $successes = [];
$query = $db->query("SELECT * FROM email");
$results = $query->first();
$act = $results->email_act;
$form_valid=TRUE;
$permOpsQ = $db->query("SELECT * FROM permissions");
$permOps = $permOpsQ->results();
// dnd($permOps);
//Forms posted
if (!empty($_POST)) {
//Delete User Checkboxes
if (!empty($_POST['delete'])){
$deletions = $_POST['delete'];
if ($deletion_count = deleteUsersNew($deletions)){
$successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
}
else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Forms posted
if (!empty($_POST)) {
//Manually Add User
if(!empty($_POST['addUser'])) {
$join_date = date("Y-m-d H:i:s");
$fname = Input::get('fname');
$lname = Input::get('lname');
$email = Input::get('email');
if($settings->auto_assign_un==1) {
$preusername = $fname[0];
$preusername .= $lname;
$preQ = $db->query("SELECT username FROM users WHERE username = ?",array($preusername));
$preQCount = $preQ->count();
if($preQCount == 0)
{
$username = strtolower($preusername);
}
else
{
$preusername2 = $fname;
$preusername2 .= $lname[0];
$preQ2 = $db->query("SELECT username FROM users WHERE username = ?",array($preusername2));
$preQCount2 = $preQ2->count();
if($preQCount2 == 0)
{
$username = strtolower($preusername2);
}
else
{
$username = $email;
}
} }
if($settings->auto_assign_un==0) $username = Input::get('username');
$token = $_POST['csrf'];
if(!Token::check($token)){
die('Token doesn\'t match!');
}
$form_valid=FALSE; // assume the worst
$validation = new Validate();
$validation->check($_POST,array(
'fname' => array(
'display' => 'First Name',
'required' => true,
'min' => 2,
'max' => 35,
),
'lname' => array(
'display' => 'Last Name',
'required' => true,
'min' => 2,
'max' => 35,
),
'email' => array(
'display' => 'Email',
'required' => true,
'valid_email' => true,
'unique' => 'users',
),
'password' => array(
'display' => 'Password',
'required' => true,
'min' => 6,
'max' => 25,
),
'confirm' => array(
'display' => 'Confirm Password',
'required' => true,
'matches' => 'password',
),
));
if($validation->passed()) {
$form_valid=TRUE;
try {
// echo "Trying to create user";
$fields=array(
'username' => $username,
'fname' => Input::get('fname'),
'lname' => Input::get('lname'),
'email' => Input::get('email'),
'password' =>
password_hash(Input::get('password'), PASSWORD_BCRYPT, array('cost' => 12)),
'permissions' => 1,
'account_owner' => 1,
'stripe_cust_id' => '',
'join_date' => $join_date,
'company' => Input::get('company'),
'email_verified' => 1,
'active' => 1,
'vericode' => rand(100000,999999),
'force_pr' => $settings->force_pr,
);
$db->insert('users',$fields);
$theNewId=$db->lastId();
// bold($theNewId);
$perm = Input::get('perm');
$addNewPermission = array('user_id' => $theNewId, 'permission_id' => 1);
$db->insert('user_permission_matches',$addNewPermission);
$db->insert('profiles',['user_id'=>$theNewId, 'bio'=>'']);
if(isset($_POST['sendEmail'])) {
$userDetails = fetchUserDetails(NULL, NULL, $theNewId);
$params = array(
'username' => $username,
'password' => Input::get('password'),
'sitename' => $settings->site_name,
'force_pr' => $settings->force_pr,
'fname' => Input::get('fname'),
'email' => rawurlencode($userDetails->email),
'vericode' => $userDetails->vericode,
);
$to = rawurlencode($email);
$subject = 'Welcome to '.$settings->site_name;
$body = email_body('_email_adminUser.php',$params);
email($to,$subject,$body);
}
Redirect::to('admin_user.php?id='.$theNewId);
} catch (Exception $e) {
die($e->getMessage());
}
}
}
}
$userData = fetchAllUsers(); //Fetch information for all users
?>
<div id="page-wrapper">
<div class="container">
<!-- Page Heading -->
<div class="row">
<div class="col-xs-12 col-md-6">
<h1>Manage Users</h1>
</div>
<div class="col-xs-12 col-md-6">
<form class="">
<label for="system-search">Search:</label>
<div class="input-group">
<input class="form-control" id="system-search" name="q" placeholder="Search Users..." type="text">
<span class="input-group-btn">
<button type="submit" class="btn btn-default"><i class="fa fa-times"></i></button>
</span>
</div>
</form>
</div>
</div>
<div class="row">
<div class="col-md-12">
<?php echo resultBlock($errors,$successes);
?>
<hr />
<a class="pull-right" href="#" data-toggle="modal" data-target="#adduser"><i class="glyphicon glyphicon-plus"></i> User</a>
<div class="row">
<div class="col-xs-12">
<div class="alluinfo"> </div>
<div class="allutable table-responsive">
<table class='table table-hover table-list-search'>
<thead>
<tr>
<th></th><th>Username</th><th>Name</th><th>Email</th><th>Last Sign In</th><?php if($act==1) {?><th>Verified</th><?php } ?>
</tr>
</thead>
<tbody>
<?php
//Cycle through users
foreach ($userData as $v1) {
?>
<tr>
<td><a style="text-decoration:none;" href='admin_user.php?id=<?=$v1->id?>'><?=$v1->id?></a></td>
<td><a style="text-decoration:none;" href='admin_user.php?id=<?=$v1->id?>'><?=$v1->username?> <?php if($v1->force_pr==1) {?><font color="red"><i class="glyphicon glyphicon-lock"></i></font><?php } ?></a></td>
<td><?=$v1->fname?> <?=$v1->lname?></td>
<td><?=$v1->email?></td>
<td><?php if($v1->last_login != 0) { echo $v1->last_login; } else {?> <i>Never</i> <?php }?></td>
<?php if($act==1) {?><td>
<?php if($v1->email_verified == 1){
echo "<i class='glyphicon glyphicon-ok'></i>";
} ?>
</td><?php } ?>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<div id="adduser" class="modal fade" role="dialog">
<div class="modal-dialog">
<!-- Modal content-->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">User Addition</h4>
</div>
<div class="modal-body">
<form class="form-signup" action="admin_users.php" method="POST" id="payment-form">
<div class="panel-body">
<?php if($settings->auto_assign_un==0) {?><label>Username: </label><input type="text" class="form-control" id="username" name="username" placeholder="Username" value="<?php if (!$form_valid && !empty($_POST)){ echo $username;} ?>" required><?php } ?>
<label>First Name: </label><input type="text" class="form-control" id="fname" name="fname" placeholder="First Name" value="<?php if (!$form_valid && !empty($_POST)){ echo $fname;} ?>" required>
<label>Last Name: </label><input type="text" class="form-control" id="lname" name="lname" placeholder="Last Name" value="<?php if (!$form_valid && !empty($_POST)){ echo $lname;} ?>" required>
<label>Email: </label><input class="form-control" type="text" name="email" id="email" placeholder="Email Address" value="<?php if (!$form_valid && !empty($_POST)){ echo $email;} ?>" required >
<label>Password: </label><input class="form-control" type="password" name="password" id="password" placeholder="Password" required aria-describedby="passwordhelp">
<label>Confirm Password: </label><input type="password" id="confirm" name="confirm" class="form-control" placeholder="Confirm Password" required >
<label><input type="checkbox" name="sendEmail" id="sendEmail" checked /> Send Email?</label>
<br />
</div>
<div class="modal-footer">
<div class="btn-group"> <input type="hidden" name="csrf" value="<?=Token::generate();?>" />
<input class='btn btn-primary' type='submit' name="addUser" value='Add User' class='submit' /></div>
</form>
<div class="btn-group"><button type="button" class="btn btn-default" data-dismiss="modal">Close</button></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- End of main content section -->
<?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
<!-- Place any per-page javascript here -->
<script src="js/jwerty.js"></script>
<script>
jwerty.key('esc', function () {
$('.modal').modal('hide');
});
</script>
<script src="/users/js/search.js" charset="utf-8"></script>
<?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?> Pasted: Sep 2, 2017, 7:48:51 pm
Views: 18