Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (isset($_SESSION['userid'])) {
- $UserToEdit = $UserManager->getuser($_SESSION['userid']);
- if ($UserToEdit->getGroup() == 1) {
- switch ($_GET['acpp']) {
- case '':
- header("Location: index.php?page=acp&acpp=1");
- break;
- //If admin page 1 is selected
- case 1:
- $acpnav1 = 'class="profilecur"';
- include 'view/admincp/acpindex.php';
- break;
- case 2:
- $allACPUsers = $UserManager->getAllUsers(TRUE);
- $acpnav2 = 'class="profilecur"';
- switch ($_REQUEST['acpform']) {
- //If there is no post value coming form a form
- case'':
- include 'view/admincp/users/acpmanageusers.php';
- break;
- //If we're coming from form1
- case 1:
- $acpnav2 = 'class="profilecur"';
- switch ($_REQUEST['submit']) {
- //If we want to add a new user
- case 'New':
- //If we are saving form data
- if ($_REQUEST['save'] == 'Save') {
- if ($_POST['username'] == '') {
- $message = '<p class="red">Error - You Must Type A Username</p>';
- include 'view/admincp/users/newuser.php';
- }
- elseif ($_POST['password'] == '') {
- $message = '<p class="red">Error - You Must Set A Password</p>';
- include 'view/admincp/users/newuser.php';
- }
- elseif ($_POST['email'] == '') {
- $message = '<p class="red">Error - You Must Set An Email Address</p>';
- include 'view/admincp/users/newuser.php';
- }
- else {
- $message = '<p class="green">User created successfully!</p>';
- $NewUser = new User();
- $NewUser->setUsername($_POST['username']);
- $NewUser->setGroup($_POST['group']);
- $NewUser->setPassword(hash('sha512', $_POST['password']));
- $NewUser->setEmail($_POST['email']);
- $NewUser->setLastlogin(date("Y-m-d"));
- $UserManager->newUser($NewUser);
- include 'view/admincp/users/acpmanageusers.php';
- }
- }
- //If we are just viewing the add screen
- else {
- $randomTempPass = substr(md5(rand()), 0, 5);
- include 'view/admincp/users/newuser.php';
- }
- break;
- //If we want to edit an existing user
- case 'Edit':
- //If we are posting the form back to save the users details
- if ($_REQUEST['save'] == 'Save') {
- //Grab a new user object and populate it with that users info
- $UserToEdit = $UserManager->getUser($_POST['userid']);
- //---------+---------+---------+---------+---------+---------+
- //Modify the user object with the form data
- $UserToEdit->setUsername($_POST['username']);
- $UserToEdit->setPassword(hash('sha512', $_POST['password']));
- $UserToEdit->setBanned($_POST['banned']);
- $UserToEdit->setWebsite($_POST['website']);
- $UserToEdit->setEmail($_POST['email']);
- $UserToEdit->setAvatar($_POST['avatarurl']);
- $UserToEdit->setBiography($_POST['biography']);
- $UserToEdit->setForumSignature($_POST['forumsignature']);
- $UserToEdit->setGroup($_POST['group']);
- //--------+---------+---------+---------+---------+---------+
- if ($UserToEdit->getPassword() == hash('sha512', NULL)) {
- $UserWithNoPassword = $UserManager->getUser($_POST['userid']);
- $UserToEdit->setPassword($UserWithNoPassword->getPassword());
- }
- //Save the user object to database
- $UserManager->setUser($UserToEdit);
- //Create a new user object to overwrite the existing one with the new data straight from the database
- $UserToEdit = $UserManager->getUser($_POST['userid']);
- $Group = $GroupManager->getGroup($UserToEdit->getGroup());
- $message = '<p class="green">' . $UserToEdit->getUsername() . '\'s profile was updated successfully</p>';
- include './view/admincp/users/edituser.php';
- }
- //If we are just displaying the users details to edit them
- else {
- if (!isset($_REQUEST['userid'])) {
- $message = '<p class="red">Error - you must select a user to edit, please try again.</p>';
- include './view/admincp/users/acpmanageusers.php';
- }
- else {
- $UserToEdit = $UserManager->getUser($_REQUEST['userid']);
- $Group = $GroupManager->getGroup($UserToEdit->getGroup());
- include './view/admincp/users/edituser.php';
- }
- }
- break;
- //If we want to just delete a user
- case 'Delete':
- $UserToDelete = $UserManager->getUser($_POST['userid']);
- //If we say that /yes/ we really do want to delete a user
- if ($_POST['delete'] == 'Yes') {
- //Delete the user
- $UserManager->deleteUser($_POST['userid']);
- echo $_POST['userid'];
- //Display a nice confrimation message
- $message = '<p class="green">The user was successfully deleted.</p>';
- //Include the userlist
- $allACPUsers = $UserManager->getAllUsers();
- include './view/admincp/users/acpmanageusers.php';
- }
- //If we change our mind about deleting the user
- elseif ($_POST['delete'] == 'No') {
- //Lets include the user list
- include './view/admincp/users/acpmanageusers.php';
- }
- //If we're just showing the user delete page
- else {
- if (isset($_REQUEST['userid'])) {
- include './view/admincp/users/deleteuser.php';
- }
- else {
- $message = '<p class="red">You Must Select A User To Delete</p>';
- include './view/admincp/users/acpmanageusers.php';
- }
- }
- break;
- }
- break;
- default:
- include './view/error/404.php';
- break;
- }
- break;
- case 3:
- switch($_REQUEST['submit']){
- case'New':
- break;
- case'Edit':
- break;
- case'Delete':
- break;
- }
- $AllACPBlogPosts = $BlogManager->getAllBlogPostsForACP();
- $acpnav3 = 'class="profilecur"';
- include './view/admincp/blog/acpmanageblogposts.php';
- break;
- default:
- include'view/error/404.php';
- break;
- }
- }
- else {
- include 'view/error/permissiondenied.php';
- }
- }
- else {
- include 'view/error/permissiondenied.php';
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement