iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

begin cleanup of user edit

This commit is contained in:
Philip Häusler 2014-12-27 21:55:24 +01:00
parent 247d9b65c1
commit 16ce2eb969
2 changed files with 175 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
includes/controller/users_controller.php
View File

@ -27,6 +27,10 @@ function users_controller() {
} }
} }
function users_link() {
return page_link_to('users');
}
function user_link($user) { function user_link($user) {
return page_link_to('users') . '&action=view&user_id=' . $user['UID']; return page_link_to('users') . '&action=view&user_id=' . $user['UID'];
} }

23
includes/pages/admin_user.php
View File

@ -9,9 +9,19 @@ function admin_user() {
$html = ''; $html = '';
if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_REQUEST['id'])) > 0) { if (! isset($_REQUEST['id']))
redirect(users_link());
$id = $_REQUEST['id']; $id = $_REQUEST['id'];
if (! isset($_REQUEST['action'])) { if (! isset($_REQUEST['action'])) {
$user_source = User($id);
if ($user_source === false)
engelsystem_error('Unable to load user.');
if ($user_source == null) {
error(_('This user does not exist.'));
redirect(users_link());
}
$html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n"; $html .= "Hallo,<br />" . "hier kannst du den Eintrag &auml;ndern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n";
$html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n"; $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$id\" method=\"post\">\n";
@ -19,7 +29,6 @@ function admin_user() {
$html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n"; $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n";
$SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'"; $SQL = "SELECT * FROM `User` WHERE `UID`='" . sql_escape($id) . "'";
$Erg = sql_query($SQL);
list($user_source) = sql_select($SQL); list($user_source) = sql_select($SQL);
$html .= "<tr><td>\n"; $html .= "<tr><td>\n";
@ -84,9 +93,6 @@ function admin_user() {
$html .= "<hr />"; $html .= "<hr />";
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>';
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1"); $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid` LIMIT 1");
if (count($my_highest_group) > 0) if (count($my_highest_group) > 0)
$my_highest_group = $my_highest_group[0]['group_id']; $my_highest_group = $my_highest_group[0]['group_id'];
@ -96,6 +102,9 @@ function admin_user() {
$his_highest_group = $his_highest_group[0]['group_id']; $his_highest_group = $his_highest_group[0]['group_id'];
if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $id . "\" method=\"post\">\n";
$html .= '<table>';
$groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`"); $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group) . " ORDER BY `Groups`.`Name`");
foreach ($groups as $group) foreach ($groups as $group)
$html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>'; $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>';
@ -203,10 +212,6 @@ function admin_user() {
break; break;
} }
} }
} else {
msg();
redirect(page_link_to('users'));
}
return page_with_title(_('Edit user'), array( return page_with_title(_('Edit user'), array(
$html $html