API tools faq
paste
Advertisement
pbowers

UserSpice - admin_users.php - fix delete error message

pbowers
Sep 4th, 2016
374
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 8.82 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. UserSpice 4
  4. An Open Source PHP User Management System
  5. by the UserSpice Team at http://UserSpice.com
  6.  
  7. This program is free software: you can redistribute it and/or modify
  8. it under the terms of the GNU General Public License as published by
  9. the Free Software Foundation, either version 3 of the License, or
  10. (at your option) any later version.
  11.  
  12. This program is distributed in the hope that it will be useful,
  13. but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15. GNU General Public License for more details.
  16.  
  17. You should have received a copy of the GNU General Public License
  18. along with this program.  If not, see <http://www.gnu.org/licenses/>.
  19. */
  20. ?>
  21. <?php require_once 'init.php'; ?>
  22. <?php require_once $abs_us_root.$us_url_root.'users/includes/header.php'; ?>
  23. <?php require_once $abs_us_root.$us_url_root.'users/includes/navigation.php'; ?>
  24.  
  25. <?php if (!securePage($_SERVER['PHP_SELF'])){die();} ?>
  26. <?php
  27. //PHP Goes Here!
  28. $errors = $successes = [];
  29. $form_valid=TRUE;
  30. $permOpsQ = $db->query("SELECT * FROM permissions");
  31. $permOps = $permOpsQ->results();
  32. // dnd($permOps);
  33.  
  34. //Forms posted
  35. if (!empty($_POST)) {
  36.   //Delete User Checkboxes
  37.   if (!empty($_POST['delete'])){
  38.     $deletions = $_POST['delete'];
  39.     if ($deletion_count = deleteUsers($deletions)){
  40.       $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count));
  41.     }
  42.     else {
  43.       $errors[] = lang("SQL_ERROR");
  44.     }
  45.   }
  46.   //Manually Add User
  47.   if(!empty($_POST['addUser'])) {
  48.     $join_date = date("Y-m-d H:i:s");
  49.     $username = Input::get('username');
  50.     $fname = Input::get('fname');
  51.     $lname = Input::get('lname');
  52.     $email = Input::get('email');
  53.     $perm = Input::get('perm');
  54.     $token = $_POST['csrf'];
  55.  
  56.     if(!Token::check($token)){
  57.       die('Token doesn\'t match!');
  58.     }
  59.  
  60.     $form_valid=FALSE; // assume the worst
  61.     $validation = new Validate();
  62.     $validation->check($_POST,array(
  63.       'username' => array(
  64.       'display' => 'Username',
  65.       'required' => true,
  66.       'min' => 5,
  67.       'max' => 35,
  68.       'unique' => 'users',
  69.       ),
  70.       'fname' => array(
  71.       'display' => 'First Name',
  72.       'required' => true,
  73.       'min' => 2,
  74.       'max' => 35,
  75.       ),
  76.       'lname' => array(
  77.       'display' => 'Last Name',
  78.       'required' => true,
  79.       'min' => 2,
  80.       'max' => 35,
  81.       ),
  82.       'email' => array(
  83.       'display' => 'Email',
  84.       'required' => true,
  85.       'valid_email' => true,
  86.       'unique' => 'users',
  87.       ),
  88.       'password' => array(
  89.       'display' => 'Password',
  90.       'required' => true,
  91.       'min' => 6,
  92.       'max' => 25,
  93.       ),
  94.       'confirm' => array(
  95.       'display' => 'Confirm Password',
  96.       'required' => true,
  97.       'matches' => 'password',
  98.       ),
  99.     ));
  100.     if($validation->passed()) {
  101.         $form_valid=TRUE;
  102.       try {
  103.         // echo "Trying to create user";
  104.         $fields=array(
  105.           'username' => Input::get('username'),
  106.           'fname' => Input::get('fname'),
  107.           'lname' => Input::get('lname'),
  108.           'email' => Input::get('email'),
  109.           'password' =>
  110.           password_hash(Input::get('password'), PASSWORD_BCRYPT, array('cost' => 12)),
  111.           'permissions' => 1,
  112.           'account_owner' => 1,
  113.           'stripe_cust_id' => '',
  114.           'join_date' => $join_date,
  115.           'company' => Input::get('company'),
  116.           'email_verified' => 1,
  117.           'active' => 1,
  118.           'vericode' => 111111,
  119.         );
  120.         $db->insert('users',$fields);
  121.         $theNewId=$db->lastId();
  122.         // bold($theNewId);
  123.         $addNewPermission = array('user_id' => $theNewId, 'permission_id' => $perm);
  124.         $db->insert('user_permission_matches',$addNewPermission);
  125.  
  126.         $successes[] = lang("ACCOUNT_USER_ADDED");
  127.  
  128.       } catch (Exception $e) {
  129.         die($e->getMessage());
  130.       }
  131.  
  132.     }
  133.   }
  134. }
  135.  
  136. $userData = fetchAllUsers(); //Fetch information for all users
  137.  
  138.  
  139. ?>
  140. <div id="page-wrapper">
  141.  
  142.   <div class="container">
  143.  
  144.     <!-- Page Heading -->
  145.     <div class="row">
  146.  
  147.         <div class="col-xs-12 col-md-6">
  148.         <h1>Manage Users</h1>
  149.       </div>
  150.  
  151.       <div class="col-xs-12 col-md-6">
  152.             <form class="">
  153.                 <label for="system-search">Search:</label>
  154.                 <div class="input-group">
  155.                     <input class="form-control" id="system-search" name="q" placeholder="Search Users..." type="text">
  156.                     <span class="input-group-btn">
  157.                         <button type="submit" class="btn btn-default"><i class="fa fa-times"></i></button>
  158.                     </span>
  159.                 </div>
  160.             </form>
  161.           </div>
  162.  
  163.         </div>
  164.  
  165.  
  166.                  <div class="row">
  167.              <div class="col-md-12">
  168.           <?php echo resultBlock($errors,$successes);
  169.                 ?>
  170.  
  171.                              <hr />
  172.                <div class="row">
  173.                <div class="col-xs-12">
  174.                <?php
  175.                if (!$form_valid && Input::exists()){
  176.                 echo display_errors($validation->errors());
  177.                }
  178.                ?>
  179.  
  180.                <form class="form-signup" action="admin_users.php" method="POST" id="payment-form">
  181.  
  182.                 <div class="well well-sm">
  183.                 <h3 class="form-signin-heading"> Manually Add a New
  184.                 <select name="perm">
  185.                   <?php
  186.  
  187.                   foreach ($permOps as $permOp){
  188.                     echo "<option value='$permOp->id'>$permOp->name</option>";
  189.                   }
  190.                   ?>
  191.                   </select>
  192.                   </h3>
  193.  
  194.                 <div class="form-group">
  195.                   <div class="col-xs-2">
  196.                     <input  class="form-control" type="text" name="username" id="username" placeholder="Username" value="<?php if (!$form_valid && !empty($_POST)){ echo $username;} ?>" required autofocus>
  197. </div>
  198.                   <div class="col-xs-2">
  199.                     <input type="text" class="form-control" id="fname" name="fname" placeholder="First Name" value="<?php if (!$form_valid && !empty($_POST)){ echo $fname;} ?>" required>
  200. </div>
  201.                   <div class="col-xs-2">
  202.                     <input type="text" class="form-control" id="lname" name="lname" placeholder="Last Name" value="<?php if (!$form_valid && !empty($_POST)){ echo $lname;} ?>" required>
  203. </div>
  204.                   <div class="col-xs-2">
  205.                     <input  class="form-control" type="text" name="email" id="email" placeholder="Email Address" value="<?php if (!$form_valid && !empty($_POST)){ echo $email;} ?>" required >
  206. </div>
  207.                   <div class="col-xs-2">
  208.                     <input  class="form-control" type="password" name="password" id="password" placeholder="Password" required aria-describedby="passwordhelp">
  209. </div>
  210.                   <div class="col-xs-2">
  211.                     <input  type="password" id="confirm" name="confirm" class="form-control" placeholder="Confirm Password" required >
  212. </div>
  213.                 </div>
  214.  
  215.                 <br /><br />
  216.                 <input type="hidden" value="<?=Token::generate();?>" name="csrf">
  217.                 <input class='btn btn-primary' type='submit' name='addUser' value='Manually Add User' />
  218.               </div>
  219.                </form>
  220.                </div>
  221.                </div>
  222.         <div class="row">
  223.         <div class="col-xs-12">
  224.                  <div class="alluinfo">&nbsp;</div>
  225.                 <form name="adminUsers" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
  226.                  <div class="allutable table-responsive">
  227.                     <table class='table table-hover table-list-search'>
  228.                     <thead>
  229.                     <tr>
  230.                         <th>Delete</th><th>Username</th><th>Email</th><th>First Name</th><th>Last Name</th><th>Join Date</th><th>Last Sign In</th><th>Logins</th>
  231.                      </tr>
  232.                     </thead>
  233.                  <tbody>
  234.                     <?php
  235.                     //Cycle through users
  236.                     foreach ($userData as $v1) {
  237.                             ?>
  238.                     <tr>
  239.                     <td><div class="form-group"><input type="checkbox" name="delete[<?=$v1->id?>]" value="<?=$v1->id?>" /></div></td>
  240.                     <td><a href='admin_user.php?id=<?=$v1->id?>'><?=$v1->username?></a></td>
  241.                     <td><?=$v1->email?></td>
  242.                     <td><?=$v1->fname?></td>
  243.                     <td><?=$v1->lname?></td>
  244.                     <td><?=$v1->join_date?></td>
  245.                     <td><?=$v1->last_login?></td>
  246.                     <td><?=$v1->logins?></td>
  247.                     </tr>
  248.                             <?php } ?>
  249.  
  250.                   </tbody>
  251.                 </table>
  252.                 </div>
  253.  
  254.  
  255.                 <input class='btn btn-danger' type='submit' name='Submit' value='Delete' /><br><br>
  256.                 </form>
  257.  
  258.           </div>
  259.         </div>
  260.  
  261.  
  262.   </div>
  263. </div>
  264.  
  265.  
  266.     <!-- End of main content section -->
  267.  
  268. <?php require_once $abs_us_root.$us_url_root.'users/includes/page_footer.php'; // the final html footer copyright row + the external js calls ?>
  269.  
  270.     <!-- Place any per-page javascript here -->
  271. <script src="js/search.js" charset="utf-8"></script>
  272.  
  273. <?php require_once $abs_us_root.$us_url_root.'users/includes/html_footer.php'; // currently just the closing /body and /html ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!