PageRenderTime 47ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/manager/actions/mutate_user.dynamic.php

http://modx-ja.googlecode.com/
PHP | 850 lines | 790 code | 43 blank | 17 comment | 109 complexity | d225369eba6a0ed0d87ee2764f07761c MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, LGPL-2.1, BSD-3-Clause
  1. <?php
  2. if (IN_MANAGER_MODE != "true") die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the MODx Content Manager instead of accessing this file directly.");
  3. switch((int) $_REQUEST['a']) {
  4. case 12:
  5. if (!$modx->hasPermission('edit_user')) {
  6. $e->setError(3);
  7. $e->dumpError();
  8. }
  9. break;
  10. case 11:
  11. if (!$modx->hasPermission('new_user')) {
  12. $e->setError(3);
  13. $e->dumpError();
  14. }
  15. break;
  16. default:
  17. $e->setError(3);
  18. $e->dumpError();
  19. }
  20. $user = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
  21. // check to see the snippet editor isn't locked
  22. $sql = "SELECT internalKey, username FROM $dbase.`" . $table_prefix . "active_users` WHERE $dbase.`" . $table_prefix . "active_users`.action=12 AND $dbase.`" . $table_prefix . "active_users`.id=$user";
  23. $rs = mysql_query($sql);
  24. $limit = mysql_num_rows($rs);
  25. if ($limit > 1) {
  26. for ($i = 0; $i < $limit; $i++) {
  27. $lock = mysql_fetch_assoc($rs);
  28. if ($lock['internalKey'] != $modx->getLoginUserID()) {
  29. $msg = sprintf($_lang["lock_msg"], $lock['username'], "user");
  30. $e->setError(5, $msg);
  31. $e->dumpError();
  32. }
  33. }
  34. }
  35. // end check for lock
  36. if ($_REQUEST['a'] == '12') {
  37. // get user attribute
  38. $sql = "SELECT * FROM $dbase.`" . $table_prefix . "user_attributes` WHERE $dbase.`" . $table_prefix . "user_attributes`.internalKey = " . $user . ";";
  39. $rs = mysql_query($sql);
  40. $limit = mysql_num_rows($rs);
  41. if ($limit > 1) {
  42. echo "More than one user returned!<p>";
  43. exit;
  44. }
  45. if ($limit < 1) {
  46. echo "No user returned!<p>";
  47. exit;
  48. }
  49. $userdata = mysql_fetch_assoc($rs);
  50. // get user settings
  51. $sql = "SELECT us.* FROM $dbase.`" . $table_prefix . "user_settings` us WHERE us.user = " . $user . ";";
  52. $rs = mysql_query($sql);
  53. $usersettings = array ();
  54. while ($row = mysql_fetch_assoc($rs))
  55. $usersettings[$row['setting_name']] = $row['setting_value'];
  56. // manually extract so that user display settings are not overwritten
  57. foreach ($usersettings as $k => $v) {
  58. if ($k != 'manager_language' && $k!='manager_theme') {
  59. ${$k} = $v;
  60. }
  61. }
  62. // get user name
  63. $sql = "SELECT * FROM $dbase.`" . $table_prefix . "manager_users` WHERE $dbase.`" . $table_prefix . "manager_users`.id = " . $user . ";";
  64. $rs = mysql_query($sql);
  65. $limit = mysql_num_rows($rs);
  66. if ($limit > 1) {
  67. echo "More than one user returned while getting username!<p>";
  68. exit;
  69. }
  70. if ($limit < 1) {
  71. echo "No user returned while getting username!<p>";
  72. exit;
  73. }
  74. $usernamedata = mysql_fetch_assoc($rs);
  75. $_SESSION['itemname'] = $usernamedata['username'];
  76. } else {
  77. $userdata = array ();
  78. $usersettings = array ();
  79. $usernamedata = array ();
  80. $_SESSION['itemname'] = "New user";
  81. }
  82. // restore saved form
  83. $formRestored = false;
  84. if ($modx->manager->hasFormValues()) {
  85. $modx->manager->loadFormValues();
  86. // restore post values
  87. $userdata = array_merge($userdata, $_POST);
  88. $userdata['dob'] = ConvertDate($userdata['dob']);
  89. $usernamedata['username'] = $userdata['newusername'];
  90. $usernamedata['oldusername'] = $_POST['oldusername'];
  91. $usersettings = array_merge($usersettings, $userdata);
  92. $usersettings['allowed_days'] = is_array($_POST['allowed_days']) ? implode(",", $_POST['allowed_days']) : "";
  93. extract($usersettings, EXTR_OVERWRITE);
  94. }
  95. // converts date format dd-mm-yyyy to php date
  96. function ConvertDate($date) {
  97. global $modx;
  98. if ($date == "") { return "0"; }
  99. else { return $modx->toTimeStamp($date); }
  100. }
  101. // include the country list language file
  102. $_country_lang = array();
  103. include_once "lang/country/english_country.inc.php";
  104. if($manager_language!="english" && file_exists($modx->config['base_path']."manager/includes/lang/country/".$manager_language."_country.inc.php")){
  105. include_once "lang/country/".$manager_language."_country.inc.php";
  106. }
  107. $displayStyle = ($_SESSION['browser'] !== 'ie') ? 'table-row' : 'block';
  108. ?>
  109. <script type="text/javascript" src="media/calendar/datepicker.js"></script>
  110. <script type="text/javascript">
  111. window.addEvent('domready', function() {
  112. var dpOffset = <?php echo $modx->config['datepicker_offset']; ?>;
  113. var dpformat = "<?php echo $modx->config['datetime_format']; ?>";
  114. new DatePicker($('dob'), {'yearOffset': -90,'yearRange':1,'format':dpformat});
  115. if ($('blockeduntil')) {
  116. new DatePicker($('blockeduntil'), {'yearOffset': dpOffset,'format':dpformat + ' hh:mm:00'});
  117. new DatePicker($('blockedafter'), {'yearOffset': dpOffset,'format':dpformat + ' hh:mm:00'});
  118. }
  119. });
  120. function changestate(element) {
  121. documentDirty=true;
  122. currval = eval(element).value;
  123. if(currval==1) {
  124. eval(element).value=0;
  125. } else {
  126. eval(element).value=1;
  127. }
  128. }
  129. function changePasswordState(element) {
  130. currval = eval(element).value;
  131. if(currval==1) {
  132. document.getElementById("passwordBlock").style.display="block";
  133. } else {
  134. document.getElementById("passwordBlock").style.display="none";
  135. }
  136. }
  137. function changeblockstate(element, checkelement) {
  138. currval = eval(element).value;
  139. if(currval==1) {
  140. if(confirm("<?php echo $_lang['confirm_unblock']; ?>")==true){
  141. document.userform.blocked.value=0;
  142. document.userform.blockeduntil.value="";
  143. document.userform.blockedafter.value="";
  144. document.userform.failedlogincount.value=0;
  145. blocked.innerHTML="<b><?php echo $_lang['unblock_message']; ?></b>";
  146. blocked.className="TD";
  147. eval(element).value=0;
  148. } else {
  149. eval(checkelement).checked=true;
  150. }
  151. } else {
  152. if(confirm("<?php echo $_lang['confirm_block']; ?>")==true){
  153. document.userform.blocked.value=1;
  154. blocked.innerHTML="<b><?php echo $_lang['block_message']; ?></b>";
  155. blocked.className="warning";
  156. eval(element).value=1;
  157. } else {
  158. eval(checkelement).checked=false;
  159. }
  160. }
  161. }
  162. function resetFailed() {
  163. document.userform.failedlogincount.value=0;
  164. document.getElementById("failed").innerHTML="0";
  165. }
  166. function deleteuser() {
  167. <?php if($_GET['id']==$modx->getLoginUserID()) { ?>
  168. alert("<?php echo $_lang['alert_delete_self']; ?>");
  169. <?php } else { ?>
  170. if(confirm("<?php echo $_lang['confirm_delete_user']; ?>")==true) {
  171. document.location.href="index.php?id=" + document.userform.id.value + "&a=33";
  172. }
  173. <?php } ?>
  174. }
  175. // change name
  176. function changeName(){
  177. if(confirm("<?php echo $_lang['confirm_name_change']; ?>")==true) {
  178. var e1 = document.getElementById("showname");
  179. var e2 = document.getElementById("editname");
  180. e1.style.display = "none";
  181. e2.style.display = "<?php echo $displayStyle; ?>";
  182. }
  183. };
  184. // showHide - used by custom settings
  185. function showHide(what, onoff){
  186. var all = document.getElementsByTagName( "*" );
  187. var l = all.length;
  188. var buttonRe = what;
  189. var id, el, stylevar;
  190. if(onoff==1) {
  191. stylevar = "<?php echo $displayStyle; ?>";
  192. } else {
  193. stylevar = "none";
  194. }
  195. for ( var i = 0; i < l; i++ ) {
  196. el = all[i]
  197. id = el.id;
  198. if ( id == "" ) continue;
  199. if (buttonRe.test(id)) {
  200. el.style.display = stylevar;
  201. }
  202. }
  203. };
  204. </script>
  205. <form action="index.php?a=32" method="post" name="userform" enctype="multipart/form-data">
  206. <?php
  207. // invoke OnUserFormPrerender event
  208. $evtOut = $modx->invokeEvent("OnUserFormPrerender", array (
  209. "id" => $user
  210. ));
  211. if (is_array($evtOut))
  212. echo implode("", $evtOut);
  213. ?>
  214. <input type="hidden" name="mode" value="<?php echo $_GET['a'] ?>">
  215. <input type="hidden" name="id" value="<?php echo $_GET['id'] ?>">
  216. <input type="hidden" name="blockedmode" value="<?php echo ($userdata['blocked']==1 || ($userdata['blockeduntil']>time() && $userdata['blockeduntil']!=0)|| ($userdata['blockedafter']<time() && $userdata['blockedafter']!=0) || $userdata['failedlogins']>3) ? "1":"0" ?>" />
  217. <h1><?php echo $_lang['user_title']; ?></h1>
  218. <div id="actions">
  219. <ul class="actionButtons">
  220. <li id="Button1">
  221. <a href="#" onclick="documentDirty=false; document.userform.save.click();">
  222. <img src="<?php echo $_style["icons_save"]?>" /> <?php echo $_lang['save']?>
  223. </a>
  224. <span class="and"> + </span>
  225. <select id="stay" name="stay">
  226. <option id="stay1" value="1" <?php echo $_REQUEST['stay']=='1' ? ' selected=""' : ''?> ><?php echo $_lang['stay_new']?></option>
  227. <option id="stay2" value="2" <?php echo $_REQUEST['stay']=='2' ? ' selected="selected"' : ''?> ><?php echo $_lang['stay']?></option>
  228. <option id="stay3" value="" <?php echo $_REQUEST['stay']=='' ? ' selected=""' : ''?> ><?php echo $_lang['close']?></option>
  229. </select>
  230. </li>
  231. <?php
  232. if ($_REQUEST['a'] == '12') { ?>
  233. <li id="Button3" class="disabled"><a href="#" onclick="deleteuser();"><img src="<?php echo $_style["icons_delete_document"]?>" /> <?php echo $_lang['delete']?></a></li>
  234. <?php } else { ?>
  235. <li id="Button3"><a href="#" onclick="deleteuser();"><img src="<?php echo $_style["icons_delete_document"]?>" /> <?php echo $_lang['delete']?></a></li>
  236. <?php } ?>
  237. <li id="Button5"><a href="#" onclick="documentDirty=false;document.location.href='index.php?a=75';"><img src="<?php echo $_style["icons_cancel"]?>" /> <?php echo $_lang['cancel']?></a></li>
  238. </ul>
  239. </div>
  240. <!-- Tab Start -->
  241. <div class="sectionBody">
  242. <link type="text/css" rel="stylesheet" href="media/style/<?php echo $manager_theme ? "$manager_theme/":""; ?>style.css<?php echo "?$theme_refresher";?>" />
  243. <script type="text/javascript" src="media/script/tabpane.js"></script>
  244. <div class="tab-pane" id="userPane">
  245. <script type="text/javascript">
  246. tpUser = new WebFXTabPane(document.getElementById( "userPane" ), <?php echo (($modx->config['remember_last_tab'] == 2) || ($_GET['stay'] == 2 )) ? 'true' : 'false'; ?> );
  247. </script>
  248. <div class="tab-page" id="tabGeneral">
  249. <h2 class="tab"><?php echo $_lang["settings_general"] ?></h2>
  250. <script type="text/javascript">tpUser.addTabPage( document.getElementById( "tabGeneral" ) );</script>
  251. <table border="0" cellspacing="0" cellpadding="3">
  252. <tr>
  253. <td colspan="3">
  254. <span id="blocked" class="warning"><?php if($userdata['blocked']==1 || ($userdata['blockeduntil']>time() && $userdata['blockeduntil']!=0) || $userdata['failedlogins']>3) { ?><b><?php echo $_lang['user_is_blocked']; ?></b><?php } ?></span><br />
  255. </td>
  256. </tr>
  257. <?php if(!empty($userdata['id'])) { ?>
  258. <tr id="showname" style="display: <?php echo ($_GET['a']=='12' && (!isset($usernamedata['oldusername'])||$usernamedata['oldusername']==$usernamedata['username'])) ? $displayStyle : 'none';?> ">
  259. <td colspan="3">
  260. <img src="<?php echo $_style['icons_user'] ?>" alt="." />&nbsp;<b><?php echo !empty($usernamedata['oldusername']) ? $usernamedata['oldusername']:$usernamedata['username']; ?></b> - <span class="comment"><a href="#" onclick="changeName();return false;"><?php echo $_lang["change_name"]; ?></a></span>
  261. <input type="hidden" name="oldusername" value="<?php echo htmlspecialchars(!empty($usernamedata['oldusername']) ? $usernamedata['oldusername']:$usernamedata['username']); ?>" />
  262. <hr />
  263. </td>
  264. </tr>
  265. <?php } ?>
  266. <tr id="editname" style="display:<?php echo $_GET['a']=='11'||(isset($usernamedata['oldusername']) && $usernamedata['oldusername']!=$usernamedata['username']) ? $displayStyle : 'none' ; ?>">
  267. <td><?php echo $_lang['username']; ?>:</td>
  268. <td>&nbsp;</td>
  269. <td><input type="text" name="newusername" class="inputBox" value="<?php echo htmlspecialchars($usernamedata['username']); ?>" onchange='documentDirty=true;' maxlength="100" /></td>
  270. </tr>
  271. <tr>
  272. <td valign="top"><?php echo $_GET['a']=='11' ? $_lang['password'].":" : $_lang['change_password_new'].":" ; ?></td>
  273. <td>&nbsp;</td>
  274. <td><input name="newpasswordcheck" type="checkbox" onclick="changestate(document.userform.newpassword);changePasswordState(document.userform.newpassword);"<?php echo $_REQUEST['a']=="11" ? " checked disabled": "" ; ?>><input type="hidden" name="newpassword" value="<?php echo $_REQUEST['a']=="11" ? 1 : 0 ; ?>" onchange="documentDirty=true;" /><br />
  275. <span style="display:<?php echo $_REQUEST['a']=="11" ? "block": "none" ; ?>" id="passwordBlock">
  276. <fieldset style="width:300px">
  277. <legend><b><?php echo $_lang['password_gen_method']; ?></b></legend>
  278. <input type=radio name="passwordgenmethod" value="g" <?php echo $_POST['passwordgenmethod']=="spec" ? "" : 'checked="checked"'; ?> /><?php echo $_lang['password_gen_gen']; ?><br />
  279. <input type=radio name="passwordgenmethod" value="spec" <?php echo $_POST['passwordgenmethod']=="spec" ? 'checked="checked"' : ""; ?>><?php echo $_lang['password_gen_specify']; ?> <br />
  280. <div style="padding-left:20px">
  281. <label for="specifiedpassword" style="width:120px"><?php echo $_lang['change_password_new']; ?>:</label>
  282. <input type="password" name="specifiedpassword" onchange="documentdirty=true;" onkeypress="document.userform.passwordgenmethod[1].checked=true;" size="20" /><br />
  283. <label for="confirmpassword" style="width:120px"><?php echo $_lang['change_password_confirm']; ?>:</label>
  284. <input type="password" name="confirmpassword" onchange="documentdirty=true;" onkeypress="document.userform.passwordgenmethod[1].checked=true;" size="20" /><br />
  285. <small><span class="warning" style="font-weight:normal"><?php echo $_lang['password_gen_length']; ?></span></small>
  286. </div>
  287. </fieldset>
  288. <br />
  289. <fieldset style="width:300px">
  290. <legend><b><?php echo $_lang['password_method']; ?></b></legend>
  291. <input type=radio name="passwordnotifymethod" value="e" <?php echo $_POST['passwordnotifymethod']=="e" ? 'checked="checked"' : ""; ?> /><?php echo $_lang['password_method_email']; ?><br />
  292. <input type=radio name="passwordnotifymethod" value="s" <?php echo $_POST['passwordnotifymethod']=="e" ? "" : 'checked="checked"'; ?> /><?php echo $_lang['password_method_screen']; ?>
  293. </fieldset>
  294. </span>
  295. </td>
  296. </tr>
  297. <tr>
  298. <td><?php echo $_lang['user_full_name']; ?>:</td>
  299. <td>&nbsp;</td>
  300. <td><input type="text" name="fullname" class="inputBox" value="<?php echo htmlspecialchars($userdata['fullname']); ?>" onchange="documentDirty=true;" /></td>
  301. </tr>
  302. <tr>
  303. <td><?php echo $_lang['user_email']; ?>:</td>
  304. <td>&nbsp;</td>
  305. <td>
  306. <input type="text" name="email" class="inputBox" value="<?php echo htmlspecialchars($userdata['email']); ?>" onchange="documentDirty=true;" />
  307. <input type="hidden" name="oldemail" value="<?php echo htmlspecialchars(!empty($userdata['oldemail']) ? $userdata['oldemail']:$userdata['email']); ?>" />
  308. </td>
  309. </tr>
  310. <tr>
  311. <td><?php echo $_lang['user_role']; ?>:</td>
  312. <td>&nbsp;</td>
  313. <td>
  314. <?php
  315. $notAdmin = ($_SESSION['mgrRole'] == 1) ? "" : "WHERE id != 1";
  316. $sql = "select name, id from $dbase.`" . $table_prefix . "user_roles` $notAdmin";
  317. $rs = mysql_query($sql);
  318. ?>
  319. <select name="role" class="inputBox" onchange='documentDirty=true;' style="width:300px">
  320. <?php
  321. while ($row = mysql_fetch_assoc($rs)) {
  322. if ($_REQUEST['a']=='11') {
  323. $selectedtext = $row['id'] == '1' ? ' selected="selected"' : '';
  324. } else {
  325. $selectedtext = $row['id'] == $userdata['role'] ? ' selected="selected"' : '';
  326. }
  327. ?>
  328. <option value="<?php echo $row['id']; ?>"<?php echo $selectedtext; ?>><?php echo $row['name']; ?></option>
  329. <?php
  330. }
  331. ?>
  332. </select>
  333. </td>
  334. </tr>
  335. <tr>
  336. <td><?php echo $_lang['user_phone']; ?>:</td>
  337. <td>&nbsp;</td>
  338. <td><input type="text" name="phone" class="inputBox" value="<?php echo htmlspecialchars($userdata['phone']); ?>" onchange="documentDirty=true;" /></td>
  339. </tr>
  340. <tr>
  341. <td><?php echo $_lang['user_mobile']; ?>:</td>
  342. <td>&nbsp;</td>
  343. <td><input type="text" name="mobilephone" class="inputBox" value="<?php echo htmlspecialchars($userdata['mobilephone']); ?>" onchange="documentDirty=true;" /></td>
  344. </tr>
  345. <tr>
  346. <td><?php echo $_lang['user_fax']; ?>:</td>
  347. <td>&nbsp;</td>
  348. <td><input type="text" name="fax" class="inputBox" value="<?php echo htmlspecialchars($userdata['fax']); ?>" onchange="documentDirty=true;" /></td>
  349. </tr>
  350. <tr>
  351. <td><?php echo $_lang['user_state']; ?>:</td>
  352. <td>&nbsp;</td>
  353. <td><input type="text" name="state" class="inputBox" value="<?php echo htmlspecialchars($userdata['state']); ?>" onchange="documentDirty=true;" /></td>
  354. </tr>
  355. <tr>
  356. <td><?php echo $_lang['user_zip']; ?>:</td>
  357. <td>&nbsp;</td>
  358. <td><input type="text" name="zip" class="inputBox" value="<?php echo htmlspecialchars($userdata['zip']); ?>" onchange="documentDirty=true;" /></td>
  359. </tr>
  360. <tr>
  361. <td><?php echo $_lang['user_country']; ?>:</td>
  362. <td>&nbsp;</td>
  363. <td>
  364. <select size="1" name="country" onchange="documentDirty=true;">
  365. <?php $chosenCountry = isset($_POST['country']) ? $_POST['country'] : $userdata['country']; ?>
  366. <option value="" <?php (!isset($chosenCountry) ? ' selected' : '') ?> >&nbsp;</option>
  367. <?php
  368. foreach ($_country_lang as $key => $country) {
  369. echo "<option value=\"$key\"".(isset($chosenCountry) && $chosenCountry == $key ? ' selected' : '') .">$country</option>";
  370. }
  371. ?>
  372. </select>
  373. </td>
  374. </tr>
  375. <tr>
  376. <td><?php echo $_lang['user_dob']; ?>:</td>
  377. <td>&nbsp;</td>
  378. <td>
  379. <input type="text" id="dob" name="dob" class="DatePicker" value="<?php echo ($userdata['dob'] ? $modx->toDateFormat($userdata['dob'],'dateOnly'):""); ?>" onblur='documentDirty=true;'>
  380. <a onclick="document.userform.dob.value=''; return true;" onmouseover="window.status='<?php echo $_lang['remove_date']; ?>'; return true;" onmouseout="window.status=''; return true;" style="cursor:pointer; cursor:hand"><img align="absmiddle" src="media/style/<?php echo $manager_theme ? "$manager_theme/":""; ?>images/icons/cal_nodate.gif" width="16" height="16" border="0" alt="<?php echo $_lang['remove_date']; ?>"></a>
  381. </td>
  382. </tr>
  383. <tr>
  384. <td><?php echo $_lang['user_gender']; ?>:</td>
  385. <td>&nbsp;</td>
  386. <td><select name="gender" onchange="documentDirty=true;">
  387. <option value=""></option>
  388. <option value="1" <?php echo ($userdata['gender']=='1')? "selected='selected'":""; ?>><?php echo $_lang['user_male']; ?></option>
  389. <option value="2" <?php echo ($userdata['gender']=='2')? "selected='selected'":""; ?>><?php echo $_lang['user_female']; ?></option>
  390. </select>
  391. </td>
  392. </tr>
  393. <tr>
  394. <td valign="top"><?php echo $_lang['comment']; ?>:</td>
  395. <td>&nbsp;</td>
  396. <td>
  397. <textarea type="text" name="comment" class="inputBox" rows="5" onchange="documentDirty=true;"><?php echo htmlspecialchars($userdata['comment']); ?></textarea>
  398. </td>
  399. </tr>
  400. <?php if($_GET['a']=='12') { ?>
  401. <tr>
  402. <td><?php echo $_lang['user_logincount']; ?>:</td>
  403. <td>&nbsp;</td>
  404. <td><?php echo $userdata['logincount'] ?></td>
  405. </tr>
  406. <?php
  407. if(!empty($userdata['lastlogin']))
  408. {
  409. $lastlogin = $modx->toDateFormat($userdata['lastlogin']+$server_offset_time);
  410. }
  411. else $lastlogin = '-';
  412. ?>
  413. <tr>
  414. <td><?php echo $_lang['user_prevlogin']; ?>:</td>
  415. <td>&nbsp;</td>
  416. <td><?php echo $lastlogin ?></td>
  417. </tr>
  418. <tr>
  419. <td><?php echo $_lang['user_failedlogincount']; ?>:</td>
  420. <td>&nbsp;<input type="hidden" name="failedlogincount" onchange='documentDirty=true;' value="<?php echo $userdata['failedlogincount']; ?>"></td>
  421. <td><span id='failed'><?php echo $userdata['failedlogincount'] ?></span>&nbsp;&nbsp;&nbsp;[<a href="javascript:resetFailed()"><?php echo $_lang['reset_failedlogins']; ?></a>]</td>
  422. </tr>
  423. <tr>
  424. <td><?php echo $_lang['user_block']; ?>:</td>
  425. <td>&nbsp;</td>
  426. <td><input name="blockedcheck" type="checkbox" onclick="changeblockstate(document.userform.blocked, document.userform.blockedcheck);"<?php echo ($userdata['blocked']==1||($userdata['blockeduntil']>time() && $userdata['blockeduntil']!=0)) ? " checked": "" ; ?>><input type="hidden" name="blocked" value="<?php echo ($userdata['blocked']==1||($userdata['blockeduntil']>time() && $userdata['blockeduntil']!=0))?1:0; ?>"></td>
  427. </tr>
  428. <tr>
  429. <td><?php echo $_lang['user_blockeduntil']; ?>:</td>
  430. <td>&nbsp;</td>
  431. <td>
  432. <input type="text" id="blockeduntil" name="blockeduntil" class="DatePicker" value="<?php echo ($userdata['blockeduntil'] ? $modx->toDateFormat($userdata['blockeduntil']):""); ?>" onblur='documentDirty=true;' readonly="readonly">
  433. <a onclick="document.userform.blockeduntil.value=''; return true;" onmouseover="window.status='<?php echo $_lang['remove_date']; ?>'; return true;" onmouseout="window.status=''; return true;" style="cursor:pointer; cursor:hand"><img align="absmiddle" src="media/style/<?php echo $manager_theme ? "$manager_theme/":""; ?>images/icons/cal_nodate.gif" width="16" height="16" border="0" alt="<?php echo $_lang['remove_date']; ?>" /></a>
  434. </td>
  435. </tr>
  436. <tr>
  437. <td><?php echo $_lang['user_blockedafter']; ?>:</td>
  438. <td>&nbsp;</td>
  439. <td>
  440. <input type="text" id="blockedafter" name="blockedafter" class="DatePicker" value="<?php echo ($userdata['blockedafter'] ? $modx->toDateFormat($userdata['blockedafter']):""); ?>" onblur='documentDirty=true;' readonly="readonly">
  441. <a onclick="document.userform.blockedafter.value=''; return true;" onmouseover="window.status='<?php echo $_lang['remove_date']; ?>'; return true;" onmouseout="window.status=''; return true;" style="cursor:pointer; cursor:hand"><img align="absmiddle" src="media/style/<?php echo $manager_theme ? "$manager_theme/":""; ?>images/icons/cal_nodate.gif" width="16" height="16" border="0" alt="<?php echo $_lang['remove_date']; ?>" /></a>
  442. </td>
  443. </tr>
  444. <?php
  445. }
  446. ?>
  447. </table>
  448. <?php if($_GET['id']==$modx->getLoginUserID()) { ?><p><?php echo $_lang['user_edit_self_msg']; ?></p><?php } ?>
  449. </div>
  450. <!-- Settings -->
  451. <div class="tab-page" id="tabSettings">
  452. <h2 class="tab"><?php echo $_lang["settings_users"] ?></h2>
  453. <script type="text/javascript">tpUser.addTabPage( document.getElementById( "tabSettings" ) );</script>
  454. <table border="0" cellspacing="0" cellpadding="3">
  455. <tr>
  456. <td class='warning'><?php echo $_lang["language_title"] ?></td>
  457. <td> <select name="manager_language" size="1" class="inputBox" onchange="documentDirty=true">
  458. <option value=""><?php echo $_lang["user_use_config"]; ?></option>
  459. <?php
  460. $activelang = !empty($usersettings['manager_language']) ? $usersettings['manager_language'] : '';
  461. $dir = dir("includes/lang");
  462. while ($file = $dir->read()) {
  463. if (strpos($file, ".inc.php") > 0) {
  464. $endpos = strpos($file, ".");
  465. $languagename = trim(substr($file, 0, $endpos));
  466. $selectedtext = $languagename == $activelang ? "selected='selected'" : "";
  467. ?>
  468. <option value="<?php echo $languagename; ?>" <?php echo $selectedtext; ?>><?php echo ucwords(str_replace("_", " ", $languagename)); ?></option>
  469. <?php
  470. }
  471. }
  472. $dir->close();
  473. ?>
  474. </select>
  475. </td>
  476. </tr>
  477. <tr>
  478. <td width="200">&nbsp;</td>
  479. <td class='comment'><?php echo $_lang["language_message"] ?></td>
  480. </tr>
  481. <tr>
  482. <td colspan="2"><div class='split'></div></td>
  483. </tr>
  484. <tr>
  485. <td class="warning"><b><?php echo $_lang["mgr_login_start"] ?></b></td>
  486. <td ><input onchange="documentDirty=true;" type='text' maxlength='50' style="width: 100px;" name="manager_login_startup" value="<?php echo isset($_POST['manager_login_startup']) ? $_POST['manager_login_startup'] : $usersettings['manager_login_startup']; ?>"></td>
  487. </tr>
  488. <tr>
  489. <td width="200">&nbsp;</td>
  490. <td class='comment'><?php echo $_lang["mgr_login_start_message"] ?></td>
  491. </tr>
  492. <tr>
  493. <td colspan="2"><div class='split'></div></td>
  494. </tr>
  495. <tr>
  496. <td class="warning"valign="top"><b><?php echo $_lang["allow_mgr_access"] ?></b></td>
  497. <td>
  498. <input onchange="documentDirty=true;" type="radio" name="allow_manager_access" value="1" <?php echo !isset($usersettings['allow_manager_access'])||$usersettings['allow_manager_access']==1 ? 'checked="checked"':'' ; ?> /> <?php echo $_lang['yes']; ?> <br />
  499. <input onchange="documentDirty=true;" type="radio" name="allow_manager_access" value="0" <?php echo isset($usersettings['allow_manager_access']) && $usersettings['allow_manager_access']==0 ? 'checked="checked"':'' ; ?> /> <?php echo $_lang['no']; ?>
  500. </td>
  501. </tr>
  502. <tr>
  503. <td width="200">&nbsp;</td>
  504. <td class='comment'><?php echo $_lang["allow_mgr_access_message"] ?></td>
  505. </tr>
  506. <tr>
  507. <td colspan="2"><div class='split'></div></td>
  508. </tr>
  509. <tr>
  510. <td nowrap class="warning"valign="top"><b><?php echo $_lang["login_allowed_ip"] ?></b></td>
  511. <td ><input onchange="documentDirty=true;" type="text" maxlength='255' style="width: 300px;" name="allowed_ip" value="<?php echo $usersettings['allowed_ip']; ?>" /></td>
  512. </tr>
  513. <tr>
  514. <td width="200">&nbsp;</td>
  515. <td class='comment'><?php echo $_lang["login_allowed_ip_message"] ?></td>
  516. </tr>
  517. <tr>
  518. <td colspan="2"><div class='split'></div></td>
  519. </tr>
  520. <tr>
  521. <td nowrap class="warning"valign="top"><b><?php echo $_lang["login_allowed_days"] ?></b></td>
  522. <td>
  523. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="1" <?php echo strpos($usersettings['allowed_days'],'1')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['sunday']; ?><br />
  524. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="2" <?php echo strpos($usersettings['allowed_days'],'2')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['monday']; ?><br />
  525. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="3" <?php echo strpos($usersettings['allowed_days'],'3')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['tuesday']; ?><br />
  526. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="4" <?php echo strpos($usersettings['allowed_days'],'4')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['wednesday']; ?><br />
  527. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="5" <?php echo strpos($usersettings['allowed_days'],'5')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['thursday']; ?><br />
  528. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="6" <?php echo strpos($usersettings['allowed_days'],'6')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['friday']; ?><br />
  529. <input onchange="documentDirty=true;" type="checkbox" name="allowed_days[]" value="7" <?php echo strpos($usersettings['allowed_days'],'7')!==false ? "checked='checked'":""; ?> /> <?php echo $_lang['saturday']; ?><br />
  530. </td>
  531. </tr>
  532. <tr>
  533. <td width="200">&nbsp;</td>
  534. <td class='comment'><?php echo $_lang["login_allowed_days_message"] ?></td>
  535. </tr>
  536. <tr>
  537. <td colspan="2"><div class='split'></div></td>
  538. </tr>
  539. <tr>
  540. <td nowrap class="warning"><b><?php echo $_lang["manager_theme"]?></b></td>
  541. <td> <select name="manager_theme" size="1" class="inputBox" onchange="documentDirty=true;document.userform.theme_refresher.value = Date.parse(new Date())">
  542. <option value=""><?php echo $_lang["user_use_config"]; ?></option>
  543. <?php
  544. $dir = dir("media/style/");
  545. while ($file = $dir->read()) {
  546. if ($file != "." && $file != ".." && is_dir("media/style/$file") && substr($file,0,1) != '.') {
  547. $themename = $file;
  548. $attr = 'value="'.$themename.'" ';
  549. if (isset($usersettings['manager_theme']) && $themename == $usersettings['manager_theme'])
  550. $attr .= 'selected="selected" ';
  551. echo "\t\t<option ".rtrim($attr).'>'.ucwords(str_replace("_", " ", $themename))."</option>\n";
  552. }
  553. }
  554. $dir->close();
  555. ?>
  556. </select><input type="hidden" name="theme_refresher" value=""></td>
  557. </tr>
  558. <tr>
  559. <td width="200">&nbsp;</td>
  560. <td class='comment'><?php echo $_lang["manager_theme_message"]?></td>
  561. </tr>
  562. <tr>
  563. <td colspan="2"><div class='split'></div></td>
  564. </tr>
  565. <tr>
  566. <td nowrap class="warning"><b><?php echo $_lang["filemanager_path_title"]?></b></td>
  567. <td>
  568. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 300px;" name="filemanager_path" value="<?php echo htmlspecialchars(isset($usersettings['filemanager_path']) ? $usersettings['filemanager_path']:""); ?>">
  569. </td>
  570. </tr>
  571. <tr>
  572. <td width="200">&nbsp;</td>
  573. <td class='comment'><?php echo $_lang["filemanager_path_message"]?></td>
  574. </tr>
  575. <tr>
  576. <td colspan="2"><div class='split'></div></td>
  577. </tr>
  578. <tr>
  579. <td nowrap class="warning"><b><?php echo $_lang["uploadable_images_title"]?></b></td>
  580. <td>
  581. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 250px;" name="upload_images" value="<?php echo isset($usersettings['upload_images']) ? $usersettings['upload_images'] : "" ; ?>">
  582. &nbsp;&nbsp; <input onchange="documentDirty=true;" type="checkbox" name="default_upload_images" value="1" <?php echo isset($usersettings['upload_images']) ? '' : 'checked' ; ?> /> <?php echo $_lang["user_use_config"]; ?><br />
  583. </td>
  584. </tr>
  585. <tr>
  586. <td width="200">&nbsp;</td>
  587. <td class='comment'><?php echo $_lang["uploadable_images_message"].$_lang["user_upload_message"]?></td>
  588. </tr>
  589. <tr>
  590. <td colspan="2"><div class='split'></div></td>
  591. </tr>
  592. <tr>
  593. <td nowrap class="warning"><b><?php echo $_lang["uploadable_media_title"]?></b></td>
  594. <td>
  595. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 250px;" name="upload_media" value="<?php echo isset($usersettings['upload_media']) ? $usersettings['upload_media'] : "" ; ?>">
  596. &nbsp;&nbsp; <input onchange="documentDirty=true;" type="checkbox" name="default_upload_media" value="1" <?php echo isset($usersettings['upload_media']) ? '' : 'checked' ; ?> /> <?php echo $_lang["user_use_config"]; ?><br />
  597. </td>
  598. </tr>
  599. <tr>
  600. <td width="200">&nbsp;</td>
  601. <td class='comment'><?php echo $_lang["uploadable_media_message"].$_lang["user_upload_message"]?></td>
  602. </tr>
  603. <tr>
  604. <td colspan="2"><div class='split'></div></td>
  605. </tr>
  606. <tr>
  607. <td nowrap class="warning"><b><?php echo $_lang["uploadable_flash_title"]?></b></td>
  608. <td>
  609. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 250px;" name="upload_flash" value="<?php echo isset($usersettings['upload_flash']) ? $usersettings['upload_flash'] : "" ; ?>">
  610. &nbsp;&nbsp; <input onchange="documentDirty=true;" type="checkbox" name="default_upload_flash" value="1" <?php echo isset($usersettings['upload_flash']) ? '' : 'checked' ; ?> /> <?php echo $_lang["user_use_config"]; ?><br />
  611. </td>
  612. </tr>
  613. <tr>
  614. <td width="200">&nbsp;</td>
  615. <td class='comment'><?php echo $_lang["uploadable_flash_message"].$_lang["user_upload_message"]?></td>
  616. </tr>
  617. <tr>
  618. <td colspan="2"><div class='split'></div></td>
  619. </tr>
  620. <tr>
  621. <td nowrap class="warning"><b><?php echo $_lang["uploadable_files_title"]?></b></td>
  622. <td>
  623. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 250px;" name="upload_files" value="<?php echo isset($usersettings['upload_files']) ? $usersettings['upload_files'] : "" ; ?>">
  624. &nbsp;&nbsp; <input onchange="documentDirty=true;" type="checkbox" name="default_upload_files" value="1" <?php echo isset($usersettings['upload_files']) ? '' : 'checked' ; ?> /> <?php echo $_lang["user_use_config"]; ?><br />
  625. </td>
  626. </tr>
  627. <tr>
  628. <td width="200">&nbsp;</td>
  629. <td class='comment'><?php echo $_lang["uploadable_files_message"].$_lang["user_upload_message"]?></td>
  630. </tr>
  631. <tr>
  632. <td colspan="2"><div class='split'></div></td>
  633. </tr>
  634. <tr class='row2'>
  635. <td nowrap class="warning"><b><?php echo $_lang["upload_maxsize_title"]?></b></td>
  636. <td>
  637. <input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 300px;" name="upload_maxsize" value="<?php echo isset($usersettings['upload_maxsize']) ? $usersettings['upload_maxsize'] : "" ; ?>">
  638. </td>
  639. </tr>
  640. <tr class='row2'>
  641. <td width="200">&nbsp;</td>
  642. <td class='comment'><?php echo $_lang["upload_maxsize_message"]?></td>
  643. </tr>
  644. <tr>
  645. <td colspan="2"><div class='split'></div></td>
  646. </tr>
  647. <tr id='editorRow0' style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  648. <td nowrap class="warning"><b><?php echo $_lang["which_editor_title"]?></b></td>
  649. <td>
  650. <select name="which_editor" onchange="documentDirty=true;">
  651. <option value=""><?php echo $_lang["user_use_config"]; ?></option>
  652. <?php
  653. $edt = isset ($usersettings["which_editor"]) ? $usersettings["which_editor"] : '';
  654. // invoke OnRichTextEditorRegister event
  655. $evtOut = $modx->invokeEvent("OnRichTextEditorRegister");
  656. echo "<option value='none'" . ($edt == 'none' ? " selected='selected'" : "") . ">" . $_lang["none"] . "</option>\n";
  657. if (is_array($evtOut))
  658. for ($i = 0; $i < count($evtOut); $i++) {
  659. $editor = $evtOut[$i];
  660. echo "<option value='$editor'" . ($edt == $editor ? " selected='selected'" : "") . ">$editor</option>\n";
  661. }
  662. ?>
  663. </select>
  664. </td>
  665. </tr>
  666. <tr id='editorRow1' style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  667. <td width="200">&nbsp;</td>
  668. <td class='comment'><?php echo $_lang["which_editor_message"]?></td>
  669. </tr>
  670. <tr id='editorRow2' style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  671. <td colspan="2"><div class='split'></div></td>
  672. </tr>
  673. <tr id='editorRow14' class="row3" style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  674. <td nowrap class="warning"><b><?php echo $_lang["editor_css_path_title"]?></b></td>
  675. <td><input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 250px;" name="editor_css_path" value="<?php echo isset($usersettings["editor_css_path"]) ? $usersettings["editor_css_path"] : "" ; ?>" />
  676. </td>
  677. </tr>
  678. <tr id='editorRow15' class='row3' style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  679. <td width="200">&nbsp;</td>
  680. <td class='comment'><?php echo $_lang["editor_css_path_message"]?></td>
  681. </tr>
  682. <tr id='editorRow16' class="row3" style="display: <?php echo $use_editor==1 ? $displayStyle : 'none' ; ?>">
  683. <td colspan="2"><div class='split'></div></td>
  684. </tr>
  685. <tr id='rbRow1' class='row3' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  686. <td nowrap class="warning"><b><?php echo $_lang["rb_base_dir_title"]?></b></td>
  687. <td><input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 300px;" name="rb_base_dir" value="<?php echo isset($usersettings["rb_base_dir"]) ? $usersettings["rb_base_dir"]:""; ?>" />
  688. </td>
  689. </tr>
  690. <tr id='rbRow2' class='row3' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  691. <td width="200">&nbsp;</td>
  692. <td class='comment'><?php echo $_lang["rb_base_dir_message"]?></td>
  693. </tr>
  694. <tr id='rbRow3' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  695. <td colspan="2"><div class='split'></div></td>
  696. </tr>
  697. <tr id='rbRow4' class='row3' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  698. <td nowrap class="warning"><b><?php echo $_lang["rb_base_url_title"]?></b></td>
  699. <td><input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 300px;" name="rb_base_url" value="<?php echo isset($usersettings["rb_base_url"]) ? $usersettings["rb_base_url"]:""; ?>" />
  700. </td>
  701. </tr>
  702. <tr id='rbRow5' class='row3' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  703. <td width="200">&nbsp;</td>
  704. <td class='comment'><?php echo $_lang["rb_base_url_message"]?></td>
  705. </tr>
  706. <tr id='rbRow6' style="display: <?php echo $use_browser==1 ? $displayStyle : 'none' ; ?>">
  707. <td colspan="2"><div class='split'></div></td>
  708. </tr>
  709. <tr class='row1'>
  710. <td colspan="2">
  711. <?php
  712. // invoke OnInterfaceSettingsRender event
  713. $evtOut = $modx->invokeEvent("OnInterfaceSettingsRender");
  714. if (is_array($evtOut))
  715. echo implode("", $evtOut);
  716. ?>
  717. </td>
  718. </tr>
  719. </table>
  720. </div>
  721. <!-- Photo -->
  722. <div class="tab-page" id="tabPhoto">
  723. <h2 class="tab"><?php echo $_lang["settings_photo"] ?></h2>
  724. <script type="text/javascript">tpUser.addTabPage( document.getElementById( "tabPhoto" ) );</script>
  725. <script type="text/javascript">
  726. function OpenServerBrowser(url, width, height ) {
  727. var iLeft = (screen.width - width) / 2 ;
  728. var iTop = (screen.height - height) / 2 ;
  729. var sOptions = "toolbar=no,status=no,resizable=yes,dependent=yes" ;
  730. sOptions += ",width=" + width ;
  731. sOptions += ",height=" + height ;
  732. sOptions += ",left=" + iLeft ;
  733. sOptions += ",top=" + iTop ;
  734. var oWindow = window.open( url, "FCKBrowseWindow", sOptions ) ;
  735. }
  736. function BrowseServer() {
  737. var w = screen.width * 0.7;
  738. var h = screen.height * 0.7;
  739. OpenServerBrowser("<?php echo $base_url; ?>manager/media/browser/mcpuk/browser.html?Type=images&Connector=<?php echo $base_url; ?>manager/media/browser/mcpuk/connectors/php/connector.php&ServerPath=<?php echo $base_url; ?>", w, h);
  740. }
  741. function SetUrl(url, width, height, alt){
  742. document.userform.photo.value = url;
  743. document.images['iphoto'].src = "<?php echo $base_url; ?>" + url;
  744. }
  745. </script>
  746. <table border="0" cellspacing="0" cellpadding="3">
  747. <tr>
  748. <td nowrap class="warning"><b><?php echo $_lang["user_photo"] ?></b></td>
  749. <td><input onchange="documentDirty=true;" type='text' maxlength='255' style="width: 150px;" name="photo" value="<?php echo htmlspecialchars($userdata['photo']); ?>" /> <input type="button" value="<?php echo $_lang['insert']; ?>" onclick="BrowseServer();" /></td>
  750. </tr>
  751. <tr>
  752. <td width="200">&nbsp;</td>
  753. <td class='comment'><?php echo $_lang["user_photo_message"] ?></td>
  754. </tr>
  755. <tr>
  756. <td colspan="2"><div class='split'></div></td>
  757. </tr>
  758. <tr>
  759. <td colspan="2" align="center"><img name="iphoto" src="<?php echo !empty($userdata['photo']) ? MODX_SITE_URL.$userdata['photo'] : $_style['tx']; ?>" /></td>
  760. </tr>
  761. </table>
  762. </div>
  763. </div>
  764. </div>
  765. <?php
  766. if ($use_udperms == 1) {
  767. $groupsarray = array ();
  768. if ($_GET['a'] == '12') { // only do this bit if the user is being edited
  769. $sql = "SELECT * FROM $dbase.`" . $table_prefix . "member_groups` where member=" . $_GET['id'] . "";
  770. $rs = mysql_query($sql);
  771. $limit = mysql_num_rows($rs);
  772. for ($i = 0; $i < $limit; $i++) {
  773. $currentgroup = mysql_fetch_assoc($rs);
  774. $groupsarray[$i] = $currentgroup['user_group'];
  775. }
  776. }
  777. // retain selected doc groups between post
  778. if (is_array($_POST['user_groups'])) {
  779. foreach ($_POST['user_groups'] as $n => $v)
  780. $groupsarray[] = $v;
  781. }
  782. ?>
  783. <div class="sectionHeader"><?php echo $_lang['access_permissions']; ?></div><div class="sectionBody">
  784. <?php
  785. echo "<p>" . $_lang['access_permissions_user_message'] . "</p>";
  786. $sql = "SELECT name, id FROM $dbase.`" . $table_prefix . "membergroup_names` ORDER BY name";
  787. $rs = mysql_query($sql);
  788. $limit = mysql_num_rows($rs);
  789. for ($i = 0; $i < $limit; $i++) {
  790. $row = mysql_fetch_assoc($rs);
  791. echo "<input type='checkbox' name='user_groups[]' value='" . $row['id'] . "'" . (in_array($row['id'], $groupsarray) ? " checked='checked'" : "") . " />" . $row['name'] . "<br />";
  792. }
  793. ?>
  794. </div>
  795. <?php
  796. }
  797. ?>
  798. <input type="submit" name="save" style="display:none">
  799. <?php
  800. // invoke OnUserFormRender event
  801. $evtOut = $modx->invokeEvent("OnUserFormRender", array (
  802. "id" => $user
  803. ));
  804. if (is_array($evtOut))
  805. echo implode("", $evtOut);
  806. ?>
  807. </form>