window.location.replace("/admin/users/");';
die();
} else {
if($_GET['p'] == 1){
// Avoid bug in pagination class
echo '';
die();
}
$p = $_GET['p'];
}
} else {
$p = 1;
}
$users = $queries->orderAll("users", "USERNAME", "ASC");
$groups = $queries->getAll("groups", array("id", "<>", 0));
// instantiate; set current page; set number of records
$pagination = new Pagination();
$pagination->setCurrent($p);
$pagination->setTotal(count($users));
$pagination->alwaysShowPagination();
// Get number of users we should display on the page
$paginate = PaginateArray($p);
$n = $paginate[0];
$f = $paginate[1];
if(count($users) > $f){
$d = $p * 10;
} else {
$d = count($users) - $n;
$d = $d + $n;
}
?>
New User
Synchronise with web store
Username |
Email |
Group |
Registered |
id === $users[$n]->group_id){
$user_group = $group->name;
break;
} else {
$i++;
}
}
?>
username); ?> |
email); ?> |
|
joined); ?> |
parse(); // Print pagination
} else if(isset($_GET["action"]) && $_GET['action'] !== 'validate'){
if($_GET["action"] === "new"){
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$validate = new Validate();
$to_validation = array(
'password' => array(
'required' => true,
'min' => 6,
'max' => 30
),
'password_again' => array(
'required' => true,
'matches' => 'password'
),
'email' => array(
'required' => true,
'min' => 4,
'max' => 50
),
'group' => array(
'required' => true
)
);
if($displaynames == "true"){
$to_validation['mcname'] = array(
'required' => true,
'isvalid' => true,
'min' => 4,
'max' => 20
);
$to_validation['username'] = array(
'required' => true,
'min' => 4,
'max' => 20,
'unique' => 'users'
);
$mcname = htmlspecialchars(Input::get('mcname'));
} else {
$to_validation['username'] = array(
'required' => true,
'isvalid' => true,
'min' => 4,
'max' => 20,
'unique' => 'users'
);
$mcname = htmlspecialchars(Input::get('username'));
}
$validation = $validate->check($_POST, $to_validation);
if($validation->passed()){
$user = new User();
$password = password_hash(Input::get('password'), PASSWORD_BCRYPT, array("cost" => 13));
// Get current unix time
$date = new DateTime();
$date = $date->getTimestamp();
try {
$user->create(array(
'username' => htmlspecialchars(Input::get('username')),
'mcname' => $mcname,
'password' => $password,
'pass_method' => 'default',
'joined' => $date,
'group_id' => Input::get('group'),
'email' => htmlspecialchars(Input::get('email')),
'active' => 1
));
echo '';
die();
} catch(Exception $e){
die($e->getMessage());
}
}
}
}
if(isset($validation)){
if(!$validation->passed()){
?>
errors() as $error) {
echo $error, '
';
}
?>
window.location.replace("/admin/users/");';
die();
} else {
// Valid, has the admin confirmed deletion?
if(isset($_GET["confirm"])){
// Delete the user
$queries->delete('users', array('id', '=', $_GET["uid"]));
Session::flash('adm-users', '
User deleted successfully.
');
echo '';
die();
} else {
// Confirm
$user = $queries->getWhere("users", array("id", "=", $_GET["uid"]));
if(count($user)){
?>
Are you sure you wish to delete the user username); ?>?
window.location.replace("/admin/users/");';
die();
}
}
}
}
} else if(isset($_GET["user"])){
if(isset($_GET['action']) && $_GET['action'] == 'validate'){
$user = $queries->getWhere("users", array("id", "=", $_GET["user"]));
if($user[0]->active == 0){
// activate user
$queries->update('users', $_GET['user'], array(
'active' => 1
));
echo '';
die();
} else {
// already active
echo '';
die();
}
} else {
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
if(Input::get('action') === "update"){
$validate = new Validate();
$validation = $validate->check($_POST, array(
'email' => array(
'required' => true,
'min' => 2,
'max' => 50
),
'group' => array(
'required' => true
),
'username' => array(
'required' => true,
'min' => 2,
'max' => 20
),
'MCUsername' => array(
'isvalid' => true
),
'UUID' => array(
'max' => 32
),
'signature' => array(
'max' => 256
),
'ip' => array(
'max' => 256
)
));
if($validation->passed()){
try {
$queries->update('users', $_GET["user"], array(
'username' => htmlspecialchars(Input::get('username')),
'email' => htmlspecialchars(Input::get('email')),
'group_id' => Input::get('group'),
'mcname' => htmlspecialchars(Input::get('MCUsername')),
'uuid' => htmlspecialchars(Input::get('UUID')),
'signature' => htmlspecialchars(Input::get('signature')),
'lastip' => Input::get('ip')
));
echo '';
die();
} catch(Exception $e) {
die($e->getMessage());
}
} else {
echo '
';
foreach($validation->errors() as $error) {
echo $error, '
';
}
echo '
';
}
} else if(Input::get('action') == "delete"){
try {
$queries->delete('users', array('id', '=' , $data[0]->id));
} catch(Exception $e) {
die($e->getMessage());
}
echo '';
die();
} else if(Input::get('action') == "avatar_disable"){
try {
$queries->update('users', $_GET["user"], array(
"has_avatar" => "0"
));
} catch(Exception $e) {
die($e->getMessage());
}
}
}
}
if(!is_numeric($_GET["user"])){
$user = $queries->getWhere("users", array("username", "=", $_GET["user"]));
} else {
$user = $queries->getWhere("users", array("id", "=", $_GET["user"]));
}
if(count($user)){
$token = Token::generate();
// Initialise HTML Purifier
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
$config->set('URI.DisableExternalResources', false);
$config->set('URI.DisableResources', false);
$config->set('HTML.Allowed', 'u,p,b,a,i,small,blockquote,span[style],span[class],p,strong,em,li,ul,ol,div[align],br,img');
$config->set('CSS.AllowedProperties', array('text-align', 'float', 'color','background-color', 'background', 'font-size', 'font-family', 'text-decoration', 'font-weight', 'font-style', 'font-size'));
$config->set('HTML.AllowedAttributes', 'href, src, height, width, alt, class, *.style');
$purifier = new HTMLPurifier($config);
$signature = $purifier->purify(htmlspecialchars_decode($user[0]->signature));
echo '
' . htmlspecialchars($user[0]->username) . '
';
?>
active == 0){ ?>
Validate User
getWhere('settings', array('name', '=', 'user_avatars'));
$avatar_enabled = $avatar_enabled[0]->value;
if($avatar_enabled === "true"){
?>
Other actions: