Location: PHPKode > projects > chillyCMS > chillyCMS/admin/userform.include.php
<?php
//#################################################################################################
//	Userform helper functions
//#################################################################################################
//	chillyCMS - Content Management System
//	Copyright (C) 2008
//	Stefanie Wiegand <hide@address.com> & Johannes Cox <hide@address.com>
//	
//	This program is licensed under the GPL 3.0 license. For more information see LICENSE.txt.
//#################################################################################################
//	userform($id)
//#################################################################################################
defined('DOIT') or die('Restricted access');

//Userform/////////////////////////////////////////////////////////////////////////////////////////
function userform($id) {
	global $l_gen,$l_uform,$l_ugs,$l_cont,$myaction,$mysession,$is_admin,$action,$language,$page;
	//if user exists then get userdata from db
	if ($id!="") {
		$page->query("select * from system_users where uid=$id limit 1");
		$result = $page->db->getdata();
		$result = array_map("escape_html",$result);
		$db_user		= $result["user"];
		$db_name		= $result["name"];
		$db_email		= $result["email"];
		$db_gids		= $result["gids"];
		if ($db_gids=="") {
			if ($id==1) { $db_gids=array(1); }
			else { $db_gids=array(2); }
		}
		$db_gids		= explode(",",$db_gids);
		$db_active		= $result["active"];
		$db_lastlogin		= $result["lastlogin"];
		$db_logins		= $result["logins"];
		$db_language		= $result["language"];
		$db_getnewsletter	= $result["getnewsletter"];
	//else use standard data
	} else {
		$db_gids=array(2);
		$db_active=1;
		$db_getnewsletter=1;
	}
	//get all groups
	$page->query("select gid,name from system_groups order by name");
	$groups = $page->db->getdata_array();

	$userform = "\t\t<div class='userform'>\n".
	"\t\t\t<h1>$myaction</h1><br />\n".
	"\t\t\t<form method='post' action='usersgroups.site.php'>\n".
	"\t\t\t\t<table cellspacing='0' class='usertable1'>\n".
	//UID
	"\t\t\t\t\t<tr><td class='left'>UID</td><td class='left'>$id</td></tr>\n".
	//nickname	
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_uname]</td><td class='left'>".
	"<input type='text' class=\"textinput\" name='user' value='$db_user'></input></td></tr>\n".
	//real name
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_name]</td><td class='left'>".
	"<input type='text' class=\"textinput\" name='name' value='$db_name'></input></td></tr>\n".
	//password
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_pw]</td><td class='left'>".
	"<input type='password' class=\"textinput\" name='pw'></input></td></tr>\n".
	//repeat password
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_pw2]</td><td class='left'>".
	"<input type='password' class=\"textinput\" name='pw2'></input></td></tr>\n";
	//old password for admins
	if (in_array(1,$db_gids)) {
		$userform .= "\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_pw3]</td><td class='left'>".
		"<input type='password' class=\"textinput\" name='pw3'></input></td></tr>\n";
	}
	//email
	$userform .= "\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_email]</td>".
	"<td class='left'><input type='text' class=\"textinput\" name='email' value='$db_email'></input></td></tr>\n".
	"\t\t\t\t</table>\n".
	"\t\t\t\t<fieldset class='userfieldset'>\n".
	"\t\t\t\t<table cellspacing='0' class='usertable2'>\n".
	//group
	"\t\t\t\t\t<tr><td class='left' width='30%'>$l_ugs[lbl_groups]</td><td width='60%' class='left'>\n";
	//if session-user is no admin only show group and save old gids as new gids (no change)
	if (!$is_admin or $id==1) {
		foreach ($groups as $group) {
			if (in_array($group["gid"],$db_gids)) {
				if ($group["gid"]==1) {
					$userform .= "<a class='admin' title='$l_cont[lbl_admins]'></a>";
					$standardgroup=1;
				} else {
					$userform .= "<a class='user' title='$l_cont[lbl_users]'></a>";
					$standardgroup=2;
					break;
				}
			}
		}
		$userform .= "\t\t\t\t\t<input type='hidden' name='gids[]' value='$standardgroup'></input>\n";
	//else enable group select
	} else {
		//admin
		if (in_array(1,$db_gids)) {
			$userform .= "\t\t\t\t\t\t<input type='radio' name='gids[]' class='middle floatinput' value='1' ".
			"checked='checked' /><a class='admin' title='$l_cont[lbl_admins]'></a>\n".
			"\t\t\t\t\t\t<input type='radio' name='gids[]' class='middle floatinput' value='2' />".
			"<a class='user' title='$l_cont[lbl_users]'></a>\n";
		//user
		} elseif (in_array(2,$db_gids)) {
			$userform .= "\t\t\t\t\t\t<input type='radio' name='gids[]' class='middle floatinput' value='1' />".
			"<a class='admin' title='$l_cont[lbl_admins]'></a>\n".
			"\t\t\t\t\t\t<input type='radio' name='gids[]' class='middle floatinput' value='2' checked='checked' />".
			"<a class='user' title='$l_cont[lbl_users]'></a>\n";
		}
	}
	$userform .= "\t\t\t\t\t</td></tr>\n";
	//if there are any special groups enable special access select
	if (sizeof($groups)>2) {
		$userform .= "\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_special]</td><td class='left'>\n";
		//"\t\t\t\t\t\t<select name='gids[]' multiple='multiple'>\n";
		foreach ($groups as $group) {
			$group=array_map("escape_html",$group);
			//only special groups
			if ($group["gid"]>2) {
				if (in_array($group["gid"],$db_gids)) {
     					$userform .= "\t\t\t\t\t\t\t<input type='checkbox' name='gids[]' ".
					"value='$group[gid]' checked='checked' class='middle' />".
					"<span class='middle'>$group[name]</span><br />\n";
				} else {
					$userform .= "\t\t\t\t\t\t\t<input type='checkbox' name='gids[]' ".
					"value='$group[gid]' class='middle' /><span class='middle'>".
					"$group[name]</span><br />\n";
				}
			}
		}
   		$userform .= "\t\t\t\t\t</td></tr>\n";
	}
	$userform .= "\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_status]</td><td class='left'>\n";
	//status
	//if admin only show status
	if ($id==1 or !in_array(1,$mysession->user->gids)) {
		if ($db_active==1) {
			$userform .= "<a class='imageactive floatleft' title='$l_uform[lbl_act]'></a>".
			"<input type='hidden' name='active' value='1'></input>\n";
		} else {
			$userform .= "<a class='imageactive floatleft' title='$l_uform[lbl_inact]'></a>".
			"<input type='hidden' name='active' value='0'></input>\n";
		}
	} else {
		if ($db_active==1) {
			$userform .= "\t\t\t\t\t\t<input type='radio' class='middle floatinput' name='active' checked='checked' ".
			"value='1' /><a class='imageactive statusimg' title='$l_uform[lbl_act]'></a>\n".
			"\t\t\t\t\t\t<input type='radio' class='middle floatinput' name='active' value='0'".
			" /><a class='imageinactive statusimg' title='$l_uform[lbl_inact]'></a>\n";
		} else {
			$userform .= "\t\t\t\t\t\t<input type='radio' class='middle floatinput' name='active' ".
			"value='1' /><a class='imageactive statusimg' title=='$l_uform[lbl_act]'></a>\n".
			"\t\t\t\t\t\t<input type='radio' class='middle floatinput' name='active' checked='checked' ".
			"value='0'/><a class='imageinactive statusimg' title='$l_uform[lbl_inact]'></a>\n";
		}
	}
	//language
	$userform .= "\t\t\t\t\t</td></tr>\n".
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_language]</td><td class='left'>";
	$languages = get_languages();
	$languages = array_map("escape_html",$languages);
	$userform .= "<select name='language'>";
	foreach ($languages as $lang) {
		if ($lang==$db_language) { $userform .= "<option selected='selected'>$lang</option>"; }
		elseif ($lang==$language && intval($id)==0) { $userform .= "<option selected='selected'>$lang</option>"; }
		else { $userform .= "<option>$lang</option>"; }
	}
	$userform .= "</select>";
	//get newsletter?
	$userform .= "\t\t\t\t\t</td></tr>\n".
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_getnl]</td>".
	"<td class='left'><input type='checkbox' class='middle' name='getnewsletter'";
	if ($db_getnewsletter) { $userform .= $checked = " checked='checked'"; } else { $checked = false; }
	$userform .= " value='1'$checked/>";
	//last login
	$userform .= "\t\t\t\t\t</td></tr>\n".
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_lastlog]</td><td class='left'>";
	if ($db_lastlogin=="0000-00-00 00:00:00") { $userform .= $l_uform["lbl_never"]; }
	else { $userform .= $db_lastlogin; }
	//total logins
	$userform .= "</td></tr>\n".
	"\t\t\t\t\t<tr><td class='left'>$l_uform[lbl_logins]</td><td class='left'>$db_logins</td></tr>\n".
	"\t\t\t\t</table>\n".
	"\t\t\t\t</fieldset>\n".
	"\t\t\t\t<div class='clr'></div>\n".
	//save button
	"\t\t\t\t<input type='hidden' name='myaction' value='$action'></input>\n".
	"\t\t\t\t<input type='hidden' name='action' value='updateuser'></input>\n".
	"\t\t\t\t<input type='hidden' name='id' value='$id'></input>\n".
	"\t\t\t\t<input class='button' type='submit' value='$l_gen[lbl_save]'></input>\n".
	"\t\t\t</form>\n".
	//reload button
	"\t\t\t<form method='post' action='userform.site.php'>\n".
	"\t\t\t\t<input class='button' type='submit' value='$l_gen[lbl_reload]'></input>\n".
	"\t\t\t\t<input type='hidden' name='action' value='$action'></input>\n".
	"\t\t\t\t<input type='hidden' name='id' value='$id'></input>\n".
	"\t\t\t</form>\n".
	//cancel button
	"\t\t\t<form action='usersgroups.site.php'>\n".
	"\t\t\t\t<input class='button' type='submit' value='$l_gen[lbl_cancel]'></input>\n".
	"\t\t\t</form>\n".
	"\t\t</div>\n";
	
	return $userform;
} ?>
Return current item: chillyCMS