diff options
-rw-r--r-- | app/model/common.mod.php | 63 |
1 files changed, 60 insertions, 3 deletions
diff --git a/app/model/common.mod.php b/app/model/common.mod.php index 1d5f036..b1aa0a0 100644 --- a/app/model/common.mod.php +++ b/app/model/common.mod.php @@ -38,9 +38,10 @@ class CommonModel extends MasterModel { switch ($input['action']) { - case "common-setting-user": $this->saveSettingUser($input); break; - case "common-setting-admin": $this->saveSettingAdmin($input); break; - case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; + case "common-setting-user": $this->saveSettingUser($input); break; + case "common-setting-admin": $this->saveSettingAdmin($input); break; + case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; + case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input); break; } } @@ -180,6 +181,62 @@ class CommonModel extends MasterModel $this->logNotice("Created new user " . $form->username); } + + /* + * Allow an admin to edit user accounts + */ + function saveSettingAllusersEdituser($input) + { + $form = new Form(); + $form->field_text("guid"); + $form->field_bool("setPasswd"); + $form->field_text("newPasswd", null, false); + $form->field_text("confPasswd", null, false); + $form->field_bool("admin"); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if ($form->setPasswd) + { + if ($form->newPasswd == $form->confPasswd) + { + $user->setPassword($form->newPasswd); + $this->logNotice("Password for " . $user->name . " updated successfully"); + } + else + $this->logWarning("Password not changed -- Passwords did not match"); + } + + $user->admin = $form->admin; + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + $user->saveObj(); + } } ?> |