<?php
/**
* ****************************************************************************************
* Copyright (c) 2014 Christopher W.
* Olsen <cwolsen@ubixtechnologies.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without modification, are
* permitted provided that the following conditions are met:
*
* Redistributions of source code must retain the above copyright notice, this list of
* conditions, the following disclaimer and the list of authors. Redistributions in binary
* form must reproduce the above copyright notice, this list of conditions, the following
* disclaimer and the list of authors in the documentation and/or other materials provided
* with the distribution. Neither the name of the uBix Cube Project nor the names of its
* contributors may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
* THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
* OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $Id: users.php 948 2017-09-08 13:46:51Z reddawg $
*
* ***************************************************************************************
*/
/* Main include info */
ini_set ( 'include_path', $_SERVER ['DOCUMENT_ROOT'] . "/include/" );
include ("config.php");
/* Assign the page title */
$ubF->tpl->assign ( "PAGE_TITLE", "My Account - Usersn" );
/* Main defines */
$ubF->tpl->define ( array (
"index" => "user/wrapper/default.html"
) );
$ubF->tpl->define ( array (
"menu" => "user/account/menu.html"
) );
$ubF->tpl->define ( array (
"body" => "user/account/users.html"
) );
$ubF->session->Validate ( 'U_A_', 0 );
$form_data = $ubF->data;
/* Initialize Message */
$message = "";
$acls = array (
'U_A_' => 0,
'U_B_' => 0,
'U_C_' => 0,
'U_P_' => 0,
'U_V_' => 0,
'U_D_' => 0
);
if ( isset ( $form_data ['up'] ) && $ubF->session->account_type <= 5 ) {
if ( isset ( $form_data ['acl'] ) ) {
foreach ( $form_data ['acl'] as $key => $val ) {
$query = "SELECT master_acl FROM users WHERE uid = $key";
$result = $ubF->DB['main']->query ( $query );
$row = $result->fetch_row ();
$master_acl = json_decode ( $row [0] );
foreach ( array_merge ( $acls, $val ) as $acl_code => $acl_val )
$master_acl->{$acl_code} [0] = $acl_val;
$result->free ();
foreach ( $master_acl as $acl_code => $acl_val )
if ( $acl_val [0] == 1 )
$session_acl .= $acl_code . ",";
$query = "UPDATE users SET session_acl = '" . $session_acl . "', master_acl = '" . json_encode ( $master_acl ) . "'";
if ( strlen ( $form_data ['acl'] [$key] ['first_name'] ) >= 1 )
$query .= ", first_name = '" . $form_data ['acl'] [$key] ['first_name'] . "'";
if ( strlen ( $form_data ['acl'] [$key] ['last_name'] ) >= 1 )
$query .= ", last_name = '" . $form_data ['acl'] [$key] ['last_name'] . "'";
$query .= " WHERE uid = " . $key;
$ubF->DB['main']->query ( $query );
$message = "<h2>Successfully Updated Sub Accounts!</h2>";
}
}
}
else if ( isset ( $form_data ['up'] ) )
$message = "<h2>You're not authorized to update sub accounts!</h2>";
if ( isset ( $form_data ['del'] ) ) {
$query = "DELETE FROM users WHERE uid = " . $form_data ['del'] . " AND account_number = '" . $ubF->session->account_number . "'";
$ubF->DB['main']->query ( $query );
$messages = "<h2>Account Successfully Deleted!</h2>";
}
if ( $ubF->session->account_type <= 5 )
$query = "SELECT uid, email, first_name, last_name, master_acl, account_type FROM users WHERE account_number = '" . $ubF->session->account_number . "' ORDER BY email";
else
$query = "SELECT uid, email, first_name, last_name, master_acl, '10' as account_type FROM users WHERE email = '" . $ubF->session->email . "'";
$result = $ubF->DB['main']->query ( $query );
$rows = "";
while ( $qData = $result->fetch_assoc () ) {
$acl_jd = json_decode ( $qData ['master_acl'] );
$uid = $qData ['uid'];
$acl = "";
foreach ( $acls as $acl_code => $val ) {
if ( $acl_jd->{$acl_code} [0] == 1 )
$acl .= "<input type=\"checkbox\" name=\"data[acl][$uid][$acl_code]\" value=\"1\" checked>" . $acl_jd->{$acl_code} [1] . "<br />\n";
else
$acl .= "<input type=\"checkbox\" name=\"data[acl][$uid][$acl_code]\" value=\"1\">" . $acl_jd->{$acl_code} [1] . "<br />\n";
}
if ( $qData ['account_type'] > 5 )
$delete = "<a href=\"/account/users.php?data[del]=" . $qData ['uid'] . "\" onclick=\"return confirm('Do you really want to delete " . $qData ['email'] . "');\">Delete</a>";
else
$delete = "";
$rows .= "<tr><td>" . $qData ['email'] . "</td>";
$rows .= "<td><input type=\"text\" name=\"data[$uid][first_name]\" value=\"" . $qData ['first_name'] . "\" style=\"width:100px;\"></td>";
$rows .= "<td><input type=\"text\" name=\"data[$uid][last_name]\" value=\"" . $qData ['last_name'] . "\" style=\"width:100px;\"></td>";
$rows .= "<td style=\"text-align:left;\">" . $acl . "</td><td>$delete</td></tr>\n";
}
$result->free ();
$ubF->tpl->assign ( "ROWS", $rows );
$ubF->tpl->assign ( "MESSAGE", $message );
/* Parse and print */
$ubF->tpl->parse ( "MENU", array (
"menu"
) );
$ubF->tpl->parse ( "BODY", array (
"body"
) );
$ubF->tpl->parse ( "INDEX", array (
"index"
) );
$ubF->tpl->FastPrint ( "INDEX" );
?>
