Location: PHPKode > projects > O - OpenSource GroupWare > osgw/admin/user_edit.php
<?php
/**************************************************************************
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   @Authors:	Ryan Thompson(hide@address.com)
***************************************************************************/
include("./data.php");
$service['add_header'] = TRUE;
include("../config.inc.php");

include($here. "/class.admin.php");
$admin = new admin;
echo $layout->page_header;
echo $layout->service_header($text['service_name'].' - '. $lang->msgs['manage_user_account'] . ' - '. $_GET['user'], $admin->nav_buttons());

if($_POST['update_account'])
{
	if(isset($_POST['drop_account']))
	{
		$user->drop_account($_GET['user']);

	} else {
		//Only way I can think to get disabled == NULL in db
		if(isset($_POST['disabled']))
		{

			$disabled = "disabled=".time();
		} else {
			$disabled = "disabled=NULL";
		}
		$sql = "UPDATE o_user_security SET $disabled WHERE user_id='{$_GET['user']}'";
		$db->query($sql);
		if(isset($_POST['failed_logins']))
		{
			$sql = "UPDATE o_user_security SET consecutive_fails='0' WHERE user_id='{$_GET['user']}'";
			$db->query($sql);
		}

		if($_POST['expire_type'] == 'date')
		{

			$password_expire = date('U', mktime(0,0,0,$_POST['expire_month'],$_POST['expire_day'],$_POST['expire_year']));
		} else {
			$password_expire = $_POST['expire_days'];
		}
		$sql = "UPDATE o_user_security SET password_expire='$password_expire', expire_type='$_POST[expire_type]' WHERE user_id='{$_GET['user']}'";
		$db->query($sql);
		
	}
	
}

if(isset($_POST['update_services']))
{

	foreach($_POST['access_rights'] AS $key => $value)
	{
		$security->update_access($_GET['user'], $key, $value);

	}

}
if(isset($_POST['add_groups']))
{
	$i = 0;
	while($i < count($_POST['available_groups']))
	{
	
		$user_id = $_GET['user'];
		$group_id = $_POST['available_groups'][$i];
		$time = time();
		$sql = "INSERT INTO o_group_access (group_id,user_id,permission, added) VALUES ('$group_id','$user_id','1','$time')";
		$db->query($sql);
		;
		$i++;
	}
	
} elseif(isset($_POST['remove_groups']))
{
	$i = 0;
	
	while($i < count($_POST['current_groups']))
	{
		
		$user_id = $_GET['u'];
		$group_id = $_POST['current_groups'][$i];
		$sql = "DELETE FROM o_group_access WHERE user_id='$user_id' AND group_id='$group_id'";
		$db->query($sql, __FILE__, __LINE__);
		
		
		$i++;
	}
}
$sql = "SELECT * FROM o_users, o_tracker, o_user_security 
	WHERE o_users.user_id=o_tracker.user_id 
	AND o_users.user_id=o_user_security.user_id 
	AND o_users.user_id='{$_GET['user']}'";
$db->query($sql, __FILE__, __LINE__);
$db->fetch_results();

$disabled_account = $db->record['disabled'];

	if($error->buffer)
	{
	
		echo $error->display();
	}
?>

<table cellpadding="1" cellspacing="0" border="0" align="center">
<tr>
	<td width="100" class="input_header">User ID:</td>
	<td width="200"><?php echo $db->record['user_id']?></td>
	<td class="input_header" width="150">Tracker:</td>
	<td width="150"><?php echo $O->create_link("/admin/tracker.php?user={$_GET['user']}","View User Tracking");?></td>
</tr>
<tr>
	<td width="150" class="input_header">Username:</td>
	<td width="200"><?php echo $db->record['username']?></td>
	<td width="150" class="input_header" >Active&nbsp;Since:</td>
	<td width="150"><?php echo date($date->short_date ." - ". $date->time, $db->record['date_created'])?></td>
</tr>
<tr>
	<td width="150" class="input_header">First Name:</td>
	<td width="200"><?php echo $db->record['firstname']?></td>
	<td width="150" class="input_header">Last Name:</td>
	<td width="150"><?php echo $db->record['lastname']?></td>
</tr>
<tr>
	<td width="150" class="input_header">Country:</td>
	<td width="200"><?php echo $db->record['country']?></td>
	<td width="150" class="input_header">Email:</td>
	<td width="150"><a href="mailto:<?php echo $db->record['email']?>"><?php echo $db->record['email']?></a></td>
</tr>
<tr>
	<td width="150" class="input_header">ICQ UIN:</td>
	<td width="200"><?php echo $db->record['icq']?></td>
	<td width="150" class="input_header">MSN:</td>
	<td width="150"><?php echo $db->record['msn']?></td>
</tr>
<tr>
	<td width="150" class="input_header">Yahoo:</td>
	<td width="200"><?php echo $db->record['yahoo']?></td>
	<td width="150" class="input_header">AIM:</td>
	<td width="150"><?php echo $db->record['aim']?></td>
</tr>
</table>
<!--END USER INFORMATION-->
<!--BEGIN ACCOUNT MANAGMENT-->
<table border="0" align="center">
<tr>
<td rowspan="2" width="25%" valign="top">
<form action="<?php echo $_SERVER['PHP_SELF']."?user={$_GET['user']}"?>" method="post">
<?php

	$db->query("SELECT service, rights FROM o_user_rights WHERE user_id='". $_GET['user'] ."'");
	while($db->fetch_results())
	{
		$rights[$db->record['service']] = $db->record['rights'];

	}
	$db->query("SELECT * FROM o_services");
	echo "<table border=\"0\" cellspacing=\"0\">\n";
	echo "<tr><td class=\"input_header\">Service</td><td class=\"input_header\">Access Rights</td>\n";
	echo "</tr>\n";

	while($db->fetch_results())
	{
		if($class == "list_light")
		{
			$class = "list_dark";
		} else {
			$class = "list_light";
		}
		include($O->dir ."/". $db->record['location']. "/data.php");
		echo "<tr>\n";
		echo "<td class=\"$class\">". $service['name'] ."</td>\n";
		$rights_levels = array(0=>"None", 1=>"User", 2=>"Manager", 3=>"Administrator");
		echo "<td class=\"$class\">";
		echo "<select name=\"access_rights[". $service[code] ."]\">\n";
		$t = 0;
		while($t < count($rights_levels))
		{
			echo "<option value=\"$t\"";

			if($rights[$service[code]] == $t)
			{
				echo " selected=\"selected\"";
			}
			echo ">$rights_levels[$t]</option>\n";
			$t++;
		}

		echo "</select>";
		echo "</td>\n";
		echo "</tr>\n";

	}
	echo "</table>\n";
?>
<input type="submit" name="update_services" value="Update Services" class="button1">
</td>

<td width="75%" align="right">

<table width="90%">
<tr>
	<td width="50%" class="input_header" nowrap>Update Settings:</td>

</tr>
<tr>
	<td class="dark_gray" width="50%" style="font-size: 10pt">
<?php echo $db->record['disabled'];?>
		<input type="checkbox" name="disabled" value="1"
		<?php
			if($disabled_account != 0)
			{

				echo " checked=\"checked\"";
			}
		?>

		> Disable <small>(You must reset the Consecutive Failed Logins counter or they'll be locked out again if enabling account)</small><br>
<?php
	$sql = "SELECT * FROM o_user_security WHERE user_id='{$_GET['user']}'";
	$db->query($sql);
	$db->fetch_results();

?>
		<input type="checkbox" name="drop_account" value="1"> Drop Account<br>
		<input type="checkbox" name="failed_logins" value="1"> Reset Consecutive Failed Logins<br>
		<?php

			if($db->record['expire_type'] == 'date')
			{
				$expire_type = 'date';
				$expire_day = date('j', $db->record['password_expire']);
				$expire_month = date('n', $db->record['password_expire']);
				$expire_year = date('Y', $db->record['password_expire']);
			} else {
				$expire_type = 'days';
				$expire_days = $db->record['password_expire'];
			}
			
		?>
		<input type="radio" name="expire_type" value="date"
		<?php
			if($expire_type == 'date')
			{
				echo " checked=\"checked\"";
			}
		?>
		>Password Expiry (by Date):

		<select name="expire_day">
		<?php
			if($expire_type == 'date')
			{
				echo "<option value=\"$expire_day\">$expire_day</option>";
			}
			echo "<option value=\"---\">---</option>";
			$i = 1;
			while($i <= 31)
			{
				echo "<option value=\"$i\">$i</option>";
				$i++;
			}
		
		?>
		</select>
		
		<select name="expire_month">
		<?php
			if($expire_type == 'date')
			{
				echo "<option value=\"$expire_month\">$med_months[$expire_month]</option>";
			}
			echo "<option value=\"---\">---</option>";
			$i = 1;
			while($i <= count($med_months))
			{
				echo "<option value=\"$i\">". $med_months[$i] ."</option>";
				$i++;
			}
			
		?>
		</select>
		<select name="expire_year">
		<?php
			if($expire_type == 'date')
			{
				echo "<option value=\"$expire_year\">$expire_year</option>";
			}
			echo "<option value=\"--------\">--------</option>";
			$i = date('Y');
			while($i <= date('Y') + 15)
			{
				echo "<option value=\"$i\">$i</option>";
				$i++;
			}
			
		?>
		</select>
		<br>
		<input type="radio" name="expire_type" value="days"
		<?php
			if($expire_type == 'days')
			{
				echo " checked=\"checked\"";
				$expire_days = $db->record['password_expire'];
			}
		?>>Password Expiry (by Days):
		<input type="text" name="expire_days" size="4" value="<?php echo $expire_days?>">
		<p>
		<input type="submit" class="button1" name="update_account" value="Update Account">



</td>
</tr>
<tr>
<td>

		<table width="100%" cellpadding="1" cellspacing="0" border="0">
		<tr><td colspan="3" width="50%" class="input_header" nowrap>Manage Group Access:</td>
		</td>
		<tr>
		<td class="list_dark">Current Groups:</td>
		<td class="list_dark"></td>
		<td class="list_dark">Additional Groups:</td>
		</tr>
		<tr>
		<td>
		<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
		<select multiple size="6" name="current_groups[]">
			<?php
				$sql = "SELECT o_groups.group_name, o_group_access.group_id FROM o_group_access 
					LEFT JOIN o_groups ON o_group_access.group_id=o_groups.group_id 
					WHERE o_group_access.user_id='". $_GET['u'] ."'";
				$db->query($sql, __FILE__, __LINE__);
				
				$i = 0;
				while($db->fetch_results())
				{
					$curr_groups[$i] = $db->record['group_id'];
					echo "<option value=\"". $db->record['group_id'] ."\">". $db->record['group_name'] ."</option>";
					$i++;
				}
			
			?>
		
		</select>
		
		</td>
		<td>

		<input type="submit" class="button1" name="remove_groups" value="Remove Group&rarr;">
		<br>
		
		<input type="submit" class="button1" name="add_groups" value="&larr;Add Group">
		
		</td>
		<td>
		<select multiple size="6" name="available_groups[]">
		<?php
		
			$sql = "SELECT group_name, group_id FROM o_groups";
			
			$db->query($sql, __FILE__, __LINE__);
			
			while($db->fetch_results())
			{
				$j = 0;
				$flag = 0;

				while($j < count($curr_groups))
				{
					
					if($curr_groups[$j] == $db->record['group_id'])
					{
						echo $curr_groups[$t];
						$flag = 1;
						break;
					
					}

					$j++;
				}
				if($flag == 0)
				{

					echo "<option value=\"". $db->record['group_id'] ."\">". $db->record['group_name'] ."</option>";
				}
			}
			
		?>

		</select>
		</form>
		</td>
		</tr>
		</table>



</td>
</tr>
</table>

<form action="<?php echo $_SERVER['PHP_SELF']."?user=$_GET[u]"?>" method="post">
</td></tr>
</table>

</form>
<?php echo $layout->create_footer()?>
Return current item: O - OpenSource GroupWare