$themedir) { $ALL_THEME_DIRS[]=$themedir; } $ALL_EDIT_OPTIONS=array( 'none' => /* I18N: Listbox entry; name of a role */ WT_I18N::translate('Visitor'), 'access'=> /* I18N: Listbox entry; name of a role */ WT_I18N::translate('Member'), 'edit' => /* I18N: Listbox entry; name of a role */ WT_I18N::translate('Editor'), 'accept'=> /* I18N: Listbox entry; name of a role */ WT_I18N::translate('Moderator'), 'admin' => /* I18N: Listbox entry; name of a role */ WT_I18N::translate('Manager') ); // Extract form actions (GET overrides POST if both set) $action =safe_POST('action', $ALL_ACTIONS); $usrlang =safe_POST('usrlang', array_keys(WT_I18N::installed_languages())); $username =safe_POST('username', WT_REGEX_USERNAME); $filter =safe_POST('filter' ); $ged =safe_POST('ged' ); $action =safe_GET('action', $ALL_ACTIONS, $action); $usrlang =safe_GET('usrlang', array_keys(WT_I18N::installed_languages()), $usrlang); $username =safe_GET('username', WT_REGEX_USERNAME, $username); $filter =safe_GET('filter', WT_REGEX_NOSCRIPT, $filter); $ged =safe_GET('ged', WT_REGEX_NOSCRIPT, $ged); // Extract form variables $oldusername =safe_POST('oldusername', WT_REGEX_USERNAME); $oldemailaddress =safe_POST('oldemailaddress', WT_REGEX_EMAIL); $realname =safe_POST('realname' ); $pass1 =safe_POST('pass1', WT_REGEX_PASSWORD); $pass2 =safe_POST('pass2', WT_REGEX_PASSWORD); $emailaddress =safe_POST('emailaddress', WT_REGEX_EMAIL); $user_theme =safe_POST('user_theme', $ALL_THEME_DIRS); $user_language =safe_POST('user_language', array_keys(WT_I18N::installed_languages()), WT_LOCALE); $new_contact_method =safe_POST('new_contact_method'); $new_default_tab =safe_POST('new_default_tab', array_keys(WT_Module::getActiveTabs()), get_gedcom_setting(WT_GED_ID, 'GEDCOM_DEFAULT_TAB')); $new_comment =safe_POST('new_comment', WT_REGEX_UNSAFE); $new_comment_exp =safe_POST('new_comment_exp' ); $new_auto_accept =safe_POST_bool('new_auto_accept'); $canadmin =safe_POST_bool('canadmin'); $visibleonline =safe_POST_bool('visibleonline'); $editaccount =safe_POST_bool('editaccount'); $verified =safe_POST_bool('verified'); $verified_by_admin =safe_POST_bool('verified_by_admin'); if (empty($ged)) { $ged=$GEDCOM; } // Load all available gedcoms $all_gedcoms = get_all_gedcoms(); //-- sorting by gedcom filename asort($all_gedcoms); switch ($action) { case 'deleteuser': // Delete a user - but don't delete ourselves! $user_id=get_user_id($username); if ($user_id!=WT_USER_ID) { delete_user($user_id); AddToLog("deleted user ->{$username}<-", 'auth'); } break; case 'loadrows': // Generate an AJAX/JSON response for datatables to load a block of rows $sSearch=safe_GET('sSearch'); if ($sSearch) { $WHERE= " WHERE". " user_name LIKE CONCAT('%', ?, '%') OR " . " real_name LIKE CONCAT('%', ?, '%') OR " . " email LIKE CONCAT('%', ?, '%')"; $ARGS=array($sSearch, $sSearch, $sSearch); } else { $WHERE=""; $ARGS=array(); } $iDisplayStart =(int)safe_GET('iDisplayStart'); $iDisplayLength=(int)safe_GET('iDisplayLength'); if ($iDisplayLength>0) { $LIMIT=" LIMIT " . $iDisplayStart . ',' . $iDisplayLength; } else { $LIMIT=""; } $iSortingCols=(int)safe_GET('iSortingCols'); if ($iSortingCols) { $ORDER_BY=' ORDER BY '; for ($i=0; $i<$iSortingCols; ++$i) { // Datatables numbers columns 0, 1, 2, ... // MySQL numbers columns 1, 2, 3, ... switch (safe_GET('sSortDir_'.$i)) { case 'asc': $ORDER_BY.=(1+(int)safe_GET('iSortCol_'.$i)).' ASC '; break; case 'desc': $ORDER_BY.=(1+(int)safe_GET('iSortCol_'.$i)).' DESC '; break; } if ($i<$iSortingCols-1) { $ORDER_BY.=','; } } } else { $ORDER_BY=''; } $sql= "SELECT SQL_CACHE SQL_CALC_FOUND_ROWS '', u.user_id, user_name, real_name, email, us1.setting_value, us2.setting_value, us2.setting_value, us3.setting_value, us3.setting_value, us4.setting_value, us5.setting_value". " FROM `##user` u". " LEFT JOIN `##user_setting` us1 ON (u.user_id=us1.user_id AND us1.setting_name='language')". " LEFT JOIN `##user_setting` us2 ON (u.user_id=us2.user_id AND us2.setting_name='reg_timestamp')". " LEFT JOIN `##user_setting` us3 ON (u.user_id=us3.user_id AND us3.setting_name='sessiontime')". " LEFT JOIN `##user_setting` us4 ON (u.user_id=us4.user_id AND us4.setting_name='verified')". " LEFT JOIN `##user_setting` us5 ON (u.user_id=us5.user_id AND us5.setting_name='verified_by_admin')". $WHERE. $ORDER_BY. $LIMIT; // This becomes a JSON list, not array, so need to fetch with numeric keys. $aaData=WT_DB::prepare($sql)->execute($ARGS)->fetchAll(PDO::FETCH_NUM); // Reformat various columns for display foreach ($aaData as &$aData) { // $aData[0] is a dummy column for the expand-details icon // $aData[1] is the user ID $aData[2]=edit_field_inline('user-user_name-'.$aData[1], $aData[2]); $aData[3]=edit_field_inline('user-real_name-'.$aData[1], $aData[3]); $aData[4]=edit_field_inline('user-email-'. $aData[1], $aData[4]); $aData[5]=edit_field_language_inline('user_setting-langugage-'.$aData[1], $aData[5]); // $aData[6] is the sortable registration timestamp $aData[7]=format_timestamp($aData[7]); if (date("U") - $aData[6] > 604800 && !$aData[10]) { $aData[7]=''.$aData[7].''; } // $aData[8] is the sortable last-login timestamp if ($aData[8]) { $aData[9]=format_timestamp($aData[8]).'
'.WT_I18N::time_ago(time() - $aData[8]); } else { $aData[9]=WT_I18N::translate('Never'); } $aData[10]=edit_field_yes_no_inline('user_setting-verified-'. $aData[1], $aData[10]); $aData[11]=edit_field_yes_no_inline('user_setting-verified_by_admin-'.$aData[1], $aData[11]); } // Total filtered/unfiltered rows $iTotalDisplayRecords=WT_DB::prepare("SELECT FOUND_ROWS()")->fetchOne(); $iTotalRecords=WT_DB::prepare("SELECT COUNT(*) FROM `##user`")->fetchOne(); header('Content-type: application/json'); echo json_encode(array( // See http://www.datatables.net/usage/server-side 'sEcho' =>(int)safe_GET('sEcho'), 'iTotalRecords' =>$iTotalRecords, 'iTotalDisplayRecords'=>$iTotalDisplayRecords, 'aaData' =>$aaData )); exit; case 'load1row': // Generate an AJAX response for datatables to load expanded row $user_id=(int)safe_GET('user_id'); header('Content-type: text/html; charset=UTF-8'); echo '
'; echo '
', WT_I18N::translate('Administrator'), '
'; echo '
', edit_field_yes_no_inline('user_setting-canadmin-'.$user_id, get_user_setting($user_id, 'canadmin')), '
'; echo '
', WT_I18N::translate('Preferred contact method'), '
'; echo '
', get_user_setting($user_id, 'canadmin'), '
'; echo '
TODO ...
'; echo '
... the rest of the settings
'; echo ''; exit; } // Save new user info to the database if ($action=='createuser' || $action=='edituser2') { if (($action=='createuser' || $action=='edituser2' && $username!=$oldusername) && get_user_id($username)) { print_header(WT_I18N::translate('User administration')); echo "", WT_I18N::translate('Duplicate user name. A user with that user name already exists. Please choose another user name.'), "
"; } elseif (($action=='createuser' || $action=='edituser2' && $emailaddress!=$oldemailaddress) && get_user_by_email($emailaddress)) { print_header(WT_I18N::translate('User administration')); echo "", WT_I18N::translate('Duplicate email address. A user with that email already exists.'), "
"; } else { if ($pass1!=$pass2) { print_header(WT_I18N::translate('User administration')); echo "", WT_I18N::translate('Passwords do not match.'), "
"; } else { // New user if ($action=='createuser') { if ($user_id=create_user($username, $realname, $emailaddress, crypt($pass1))) { set_user_setting($user_id, 'reg_timestamp', date('U')); set_user_setting($user_id, 'sessiontime', '0'); AddToLog("User ->{$username}<- created", 'auth'); } else { AddToLog("User ->{$username}<- was not created", 'auth'); $user_id=get_user_id($username); } } else { $user_id=get_user_id($oldusername); } // Change password if ($action=='edituser2' && !empty($pass1)) { set_user_password($user_id, crypt($pass1)); AddToLog("User ->{$oldusername}<- had password changed", 'auth'); } // Change username if ($action=='edituser2' && $username!=$oldusername) { rename_user($oldusername, $username); AddToLog("User ->{$oldusername}<- renamed to ->{$username}<-", 'auth'); } // Create/change settings that can be updated in the user's gedcom record? $email_changed=($emailaddress!=getUserEmail($user_id)); $newly_verified=($verified_by_admin && !get_user_setting($user_id, 'verified_by_admin')); // Create/change other settings setUserFullName ($user_id, $realname); setUserEmail ($user_id, $emailaddress); set_user_setting($user_id, 'theme', $user_theme); set_user_setting($user_id, 'language', $user_language); set_user_setting($user_id, 'contactmethod', $new_contact_method); set_user_setting($user_id, 'defaulttab', $new_default_tab); set_user_setting($user_id, 'comment', $new_comment); set_user_setting($user_id, 'comment_exp', $new_comment_exp); set_user_setting($user_id, 'auto_accept', $new_auto_accept); set_user_setting($user_id, 'canadmin', $canadmin); set_user_setting($user_id, 'visibleonline', $visibleonline); set_user_setting($user_id, 'editaccount', $editaccount); set_user_setting($user_id, 'verified', $verified); set_user_setting($user_id, 'verified_by_admin', $verified_by_admin); foreach ($all_gedcoms as $ged_id=>$ged_name) { set_user_gedcom_setting($user_id, $ged_id, 'gedcomid', safe_POST_xref('gedcomid'.$ged_id)); set_user_gedcom_setting($user_id, $ged_id, 'rootid', safe_POST_xref('rootid'.$ged_id)); set_user_gedcom_setting($user_id, $ged_id, 'canedit', safe_POST('canedit'.$ged_id, array_keys($ALL_EDIT_OPTIONS))); if (safe_POST_xref('gedcomid'.$ged_id)) { set_user_gedcom_setting($user_id, $ged_id, 'RELATIONSHIP_PATH_LENGTH', safe_POST_integer('RELATIONSHIP_PATH_LENGTH'.$ged_id, 0, 10, 0)); } else { // Do not allow a path length to be set if the individual ID is not set_user_gedcom_setting($user_id, $ged_id, 'RELATIONSHIP_PATH_LENGTH', null); } } // If we're verifying a new user, send them a message to let them know if ($newly_verified && $action=='edituser2') { WT_I18N::init($user_language); $message=array(); $message["to"]=$username; $headers="From: ".$WEBTREES_EMAIL; $message["from"]=WT_USER_NAME; $message["subject"]=WT_I18N::translate('Approval of account at %s', WT_SERVER_NAME.WT_SCRIPT_PATH); $message["body"]=WT_I18N::translate('The administrator at the webtrees site %s has approved your application for an account. You may now login by accessing the following link: %s', WT_SERVER_NAME.WT_SCRIPT_PATH, WT_SERVER_NAME.WT_SCRIPT_PATH); $message["created"]=""; $message["method"]="messaging2"; addMessage($message); // and send a copy to the admin /* $message=array(); $message["to"]=WT_USER_NAME; $headers="From: ".$WEBTREES_EMAIL; $message["from"]=$username; // fake the from address - so the admin can "reply" to it. $message["subject"]=WT_I18N::translate('Approval of account at %s', WT_SERVER_NAME.WT_SCRIPT_PATH)); $message["body"]=WT_I18N::translate('The administrator at the webtrees site %s has approved your application for an account. You may now login by accessing the following link: %s', WT_SERVER_NAME.WT_SCRIPT_PATH, WT_SERVER_NAME.WT_SCRIPT_PATH)); $message["created"]=""; $message["method"]="messaging2"; addMessage($message); */ } // Reload the form cleanly, to allow the user to verify their changes header('Location: '.WT_SERVER_NAME.WT_SCRIPT_PATH."admin_users.php?action=edituser&username=".rawurlencode($username)."&ged=".rawurlencode($ged)); exit; } } } else { print_header(WT_I18N::translate('User administration')); if (get_gedcom_count()==1) { //Removed becasue it doesn't work here for multiple GEDCOMs. Can be reinstated when fixed (https://bugs.launchpad.net/webtrees/+bug/613235) if ($ENABLE_AUTOCOMPLETE) require WT_ROOT.'js/autocomplete.js.htm'; } } // Print the form to edit a user if ($action=="edituser") { $user_id=get_user_id($username); init_calendar_popup(); ?>
'; echo two_state_checkbox('canadmin', get_user_setting($user_id, 'canadmin'), ($user_id==WT_USER_ID) ? 'disabled="disabled"' : ''); echo ''; ?>
 
/> />
/> />
/>
  
$ged_name) { echo '', '', //Pedigree root person '', // GEDCOM INDI Record ID '', '', //Relationship path '', ''; } ?>
', WT_I18N::translate('%s', get_gedcom_setting($ged_id, 'title')), ''; $varname='rootid'.$ged_id; echo '', print_findindi_link($varname, "", false, false, $ged_name); $GEDCOM=$ged_name; // library functions use global variable instead of parameter. $person=WT_Person::getInstance($pid); if ($person) { echo ''; } echo ''; $varname='gedcomid'.$ged_id; echo ''; print_findindi_link($varname, "", false, false, $ged_name); $GEDCOM=$ged_name; // library functions use global variable instead of parameter. $person=WT_Person::getInstance($pid); if ($person) { echo ' '; } echo ''; $varname='canedit'.$ged_id; echo '', ''; $varname = 'RELATIONSHIP_PATH_LENGTH'.$ged_id; echo '', '
';"/>
jQuery(document).ready(function(){ var oTable = jQuery('#list').dataTable( { "oLanguage": { "sLengthMenu": ''); ?>', "sZeroRecords": '', "sInfo": '', "sInfoEmpty": '', "sInfoFiltered": '', "sSearch": ':', "oPaginate": { "sFirst": '', "sLast": '', "sNext": '', "sPrevious": '' } }, "bProcessing" : true, "bServerSide" : true, "sAjaxSource" : "", "bJQueryUI": true, "bAutoWidth":false, "iDisplayLength": 10, "sPaginationType": "full_numbers", "aaSorting": [[2,'asc']], "aoColumns": [ /* details */ { bSortable:false, sClass:"icon-open" }, /* user-id */ { bVisible:false }, /* user_name */ null, /* real_name */ null, /* email */ null, /* language */ null, /* registered (sort) */ { bVisible:false }, /* registered */ { iDataSort:6 }, /* last_login (sort) */ { bVisible:false }, /* last_login */ { iDataSort:8 }, /* verified */ null, /* approved */ null ] }); /* When clicking on the +/- icon, we expand/collapse the details block */ jQuery('#list tbody td.icon-close').live('click', function () { var nTr=this.parentNode; jQuery(this).removeClass("icon-close"); oTable.fnClose(nTr); jQuery(this).addClass("icon-open"); }); jQuery('#list tbody td.icon-open').live('click', function () { var nTr=this.parentNode; jQuery(this).removeClass("icon-open"); var aData=oTable.fnGetData(nTr); jQuery.get(""+aData[1], function(data) { oTable.fnOpen(nTr, data, "details"); }); jQuery(this).addClass("icon-close"); }); }); ', '', '', '', WT_I18N::translate('Details'), '', ' user-id', '', WT_I18N::translate('User name'), '', '', WT_I18N::translate('Real name'), '', '', WT_I18N::translate('Email'), '', '', WT_I18N::translate('Language'), '', ' date_registered ', '', WT_I18N::translate('Date registered'), '', ' last_login ', '', WT_I18N::translate('Last logged in'), '', '', WT_I18N::translate('Verified'), '', '', WT_I18N::translate('Approved'), '', '', '', '', '', ''; print_footer(); exit; } // -- echo out the form to add a new user // NOTE: WORKING if ($action == "createform") { init_calendar_popup(); ?>
/>
/>
  
$ged_name) { echo '', '', //Pedigree root person '', // GEDCOM INDI Record ID '', '', //Relationship path '', ''; } ?>
', WT_I18N::translate('%s', get_gedcom_setting($ged_id, 'title')), ''; $varname='rootid'.$ged_id; echo '', print_findindi_link($varname, "", false, false, $ged_name), ''; $varname='gedcomid'.$ged_id; echo '' ,print_findindi_link($varname, "", false, false, $ged_name), ''; $varname='canedit'.$ged_id; echo '', ''; $varname = 'RELATIONSHIP_PATH_LENGTH'.$ged_id; echo '', '
"; echo ""; ?> $user_name) { $userName = getUserFullName($user_id); if ((int)get_user_setting($user_id, 'sessiontime') == "0") $datelogin = (int)get_user_setting($user_id, 'reg_timestamp'); else $datelogin = (int)get_user_setting($user_id, 'sessiontime'); if ((mktime(0, 0, 0, (int)date("m")-$month, (int)date("d"), (int)date("Y")) > $datelogin) && get_user_setting($user_id, 'verified') && get_user_setting($user_id, 'verified_by_admin')) { ?>$user_name) { if (((date("U") - (int)get_user_setting($user_id, 'reg_timestamp')) > 604800) && !get_user_setting($user_id, 'verified')) { $userName = getUserFullName($user_id); ?>$user_name) { if (!get_user_setting($user_id, 'verified_by_admin') && get_user_setting($user_id, 'verified')) { $userName = getUserFullName($user_id); ?>"; } ?>
", WT_I18N::translate('Number of months since the last login for a user\'s account to be considered inactive: '), "
", $userName, "

", WT_I18N::translate('User\'s account has been inactive too long: '); echo timestamp_to_gedcom_date($datelogin)->Display(false); $ucnt++; ?>
" value="1" />
" value="1" />
" value="1" />
"; echo WT_I18N::translate('Nothing found to cleanup'), "

0) { ?>  

$user_name) { $var = "del_".str_replace(array(".", "-", " "), array("_", "_", "_"), $user_name); if (safe_POST($var)=='1') { delete_user($user_id); AddToLog("deleted user ->{$user_name}<-", 'auth'); echo WT_I18N::translate('Deleted user: '); echo $user_name, "
"; } else { $tempArray = unserialize(get_user_setting($user_id, 'canedit')); if (is_array($tempArray)) { foreach ($tempArray as $gedid=>$data) { $var = "delg_".str_replace(array(".", "-", " "), "_", $gedid); if (safe_POST($var)=='1' && get_user_gedcom_setting($user_id, $gedid, 'canedit')) { set_user_gedcom_setting($user_id, $gedid, 'canedit', null); echo $gedid, ":  ", WT_I18N::translate('Unset GEDCOM rights for '), $user_name, "
"; } } } $tempArray = unserialize(get_user_setting($user_id, 'rootid')); if (is_array($tempArray)) { foreach ($tempArray as $gedid=>$data) { $var = "delg_".str_replace(array(".", "-", " "), "_", $gedid); if (safe_POST($var)=='1' && get_user_gedcom_setting($user_id, $gedid, 'rootid')) { set_user_gedcom_setting($user_id, $gedid, 'rootid', null); echo $gedid, ":  ", WT_I18N::translate('Unset root ID for '), $user_name, "
"; } } } $tempArray = unserialize(get_user_setting($user_id, 'gedcomid')); if (is_array($tempArray)) { foreach ($tempArray as $gedid=>$data) { $var = "delg_".str_replace(array(".", "-", " "), "_", $gedid); if (safe_POST($var)=='1' && get_user_gedcom_setting($user_id, $gedid, 'gedcomid')) { set_user_gedcom_setting($user_id, $gedid, 'gedcomid', null); echo $gedid, ":  ", WT_I18N::translate('Unset GEDCOM ID for '), $user_name, "
"; } } } } } } print_footer();