* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: Zen4All Thu Nov 15 22:35:14 2018 +0100 Modified in v1.5.6 $
*/
require('includes/application_top.php');
// Check if session has timed out
if (!isset($_SESSION['admin_id'])) {
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
}
// make a note of the current user - they can't delete themselves (by accident) or change their own status
$currentUser = $_SESSION['admin_id'];
// determine whether an action has been requested
if (isset($_POST['action']) && in_array($_POST['action'], array('insert', 'update', 'reset'))) {
$action = $_POST['action'];
} elseif (isset($_GET['action']) && in_array($_GET['action'], array('add', 'edit', 'password', 'delete', 'delete_confirm'))) {
$action = $_GET['action'];
} else {
$action = '';
}
// if needed, check that a valid user id has been passed
if (($action == 'update' || $action == 'reset') && isset($_POST['user'])) {
$user = $_POST['user'];
} elseif (($action == 'edit' || $action == 'password' || $action == 'delete' || $action == 'delete_confirm') && $_GET['user']) {
$user = $_GET['user'];
} elseif (($action == 'delete' || $action == 'delete_confirm') && isset($_POST['user'])) {
$user = $_POST['user'];
} elseif (in_array($action, array('edit', 'password', 'delete', 'delete_confirm', 'update', 'reset'))) {
$messageStack->add_session(ERROR_NO_USER_DEFINED, 'error');
zen_redirect(zen_href_link(FILENAME_USERS));
}
// act upon any specific action specified
switch ($action) {
case 'add': // display unpopulated form for adding a new user
$formAction = 'insert';
$profilesList = array_merge(array(array('id' => 0, 'text' => TEXT_CHOOSE_PROFILE)), zen_get_profiles());
break;
case 'edit': // display populated form for editing existing user
$formAction = 'update';
$profilesList = array_merge(array(array('id' => 0, 'text' => TEXT_CHOOSE_PROFILE)), zen_get_profiles());
break;
case 'password': // display unpopulated form for resetting existing user's password
$formAction = 'reset';
break;
case 'delete_confirm': // remove existing user from database
if (isset($_POST['user'])) {
zen_delete_user($_POST['user']);
}
break;
case 'insert': // insert new user into database. Post data is prep'd for db in the first function call
$errors = zen_insert_user($_POST['name'], $_POST['email'], $_POST['password'], $_POST['confirm'], $_POST['profile']);
if (sizeof($errors) > 0) {
foreach ($errors as $error) {
$messageStack->add($error, 'error');
}
$action = 'add';
$formAction = 'insert';
$profilesList = array_merge(array(array('id' => 0, 'text' => TEXT_CHOOSE_PROFILE)), zen_get_profiles());
} else {
$action = '';
$messageStack->add(SUCCESS_NEW_USER_ADDED, 'success');
}
break;
case 'update': // update existing user's details in database. Post data is prep'd for db in the first function call
$errors = zen_update_user($_POST['name'], $_POST['email'], $_POST['id'], $_POST['profile']);
if (sizeof($errors) > 0) {
foreach ($errors as $error) {
$messageStack->add($error, 'error');
}
$action = 'edit';
$formAction = 'update';
$profilesList = array_merge(array(array('id' => 0, 'text' => TEXT_CHOOSE_PROFILE)), zen_get_profiles());
} else {
$action = '';
$messageStack->add(SUCCESS_USER_DETAILS_UPDATED, 'success');
}
break;
case 'reset': // reset existing user's password in database. Post data is prep'd for db in the first function call
$errors = zen_reset_password($_POST['user'], $_POST['password'], $_POST['confirm']);
if (sizeof($errors) > 0) {
foreach ($errors as $error) {
$messageStack->add($error, 'error');
}
$action = 'password';
$formAction = 'reset';
} else {
$action = '';
$messageStack->add(SUCCESS_PASSWORD_UPDATED, 'success');
}
break;
default: // no action, simply drop through and display existing users
}
// we'll always display a list of the available users
$userList = zen_get_users();
$userList = array_values(array_filter($userList, function($u) {return (int)$u['id'] !== 1;}));
?>
>
<?php echo TITLE; ?>