* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version GIT: $Id: Author: DrByte Mon Jul 16 15:05:32 2012 -0400 Modified in v1.5.1 $ */ require('includes/application_top.php'); // Check if session has timed out if (!isset($_SESSION['admin_id'])) zen_redirect(zen_href_link(FILENAME_LOGIN)); // make a note of the current user - they can't delete themselves (by accident) or change their own status $currentUser = $_SESSION['admin_id']; // determine whether an action has been requested if (isset($_POST['action']) && in_array($_POST['action'], array('insert','update','reset'))) { $action = $_POST['action']; } elseif (isset($_GET['action']) && in_array($_GET['action'], array('add','edit','password','delete', 'delete_confirm'))) { $action = $_GET['action']; } else { $action = ''; } // if needed, check that a valid user id has been passed if (($action == 'update' || $action == 'reset') && isset($_POST['user'])) { $user = $_POST['user']; } elseif (($action == 'edit' || $action == 'password' || $action == 'delete' || $action == 'delete_confirm') && $_GET['user']) { $user = $_GET['user']; } elseif(($action=='delete' || $action=='delete_confirm') && isset($_POST['user'])) { $user = $_POST['user']; } elseif (in_array($action, array('edit','password','delete','delete_confirm','update','reset'))) { $messageStack->add_session(ERROR_NO_USER_DEFINED, 'error'); zen_redirect(zen_href_link(FILENAME_USERS)); } // act upon any specific action specified switch ($action) { case 'add': // display unpopulated form for adding a new user $formAction = 'insert'; $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles()); break; case 'edit': // display populated form for editing existing user $formAction = 'update'; $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles()); break; case 'password': // display unpopulated form for resetting existing user's password $formAction = 'reset'; break; case 'delete_confirm': // remove existing user from database if (isset($_POST['user'])) { zen_delete_user($_POST['user']); } break; case 'insert': // insert new user into database. Post data is prep'd for db in the first function call $errors = zen_insert_user($_POST['name'],$_POST['email'], $_POST['password'], $_POST['confirm'], $_POST['profile']); if (sizeof($errors) > 0) { foreach ($errors as $error) { $messageStack->add($error, 'error'); } $action = 'add'; $formAction = 'insert'; $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles()); } else { $action = ''; $messageStack->add(SUCCESS_NEW_USER_ADDED, 'success'); } break; case 'update': // update existing user's details in database. Post data is prep'd for db in the first function call $errors = zen_update_user($_POST['name'],$_POST['email'], $_POST['id'], $_POST['profile']); if (sizeof($errors) > 0) { foreach ($errors as $error) { $messageStack->add($error, 'error'); } $action = 'edit'; $formAction = 'update'; $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles()); } else { $action = ''; $messageStack->add(SUCCESS_USER_DETAILS_UPDATED, 'success'); } break; case 'reset': // reset existing user's password in database. Post data is prep'd for db in the first function call $errors = zen_reset_password($_POST['user'], $_POST['password'], $_POST['confirm']); if (sizeof($errors) > 0) { foreach ($errors as $error) { $messageStack->add($error, 'error'); } $action = 'password'; $formAction = 'reset'; } else { $action = ''; $messageStack->add(SUCCESS_PASSWORD_UPDATED, 'success'); } break; default: // no action, simply drop through and display existing users } // we'll always display a list of the available users $userList = zen_get_users(); ?> >