common_handleFormSubmissions($_REQUEST['input'], $_FILES['attachment']); $this->common_deflt(); } /* * Default action */ function common_deflt() { global $_SCROTT; /* Admin settings tab */ if ($_SCROTT['settSSL'] != "neither") { $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked"; $this->common_settingAdminSettSSLDisabled = "disabled"; } else $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked"; if (Setting::allowPublicSignup()) $this->common_settingAdminAllowPublicSignupChecked = "checked"; /* Admin all-users settings tab */ $userTbl = new User(); $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName(); } /* * Handle form submissions from common views */ function common_handleFormSubmissions($input, $attachment) { switch ($input['action']) { case "common-setting-user": $this->saveSettingUser($input, $attachment); break; case "common-setting-admin": $this->saveSettingAdmin($input); break; case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input, $attachment); break; } } /* * Save changes to user account settings */ function saveSettingUser($input, $attachment) { $form = new Form(); $form->field_bool("setPasswd"); $form->field_text("curPasswd", null, false); $form->field_text("newPasswd", null, false); $form->field_text("confPasswd", null, false); $form->field_text("alias", "", false); $form->field_text("email", "", false); $form->field_text("emailConfKey", null, false); if (!$form->populate($input)) { $this->logFormErrors($form); return; } $user = $this->getCurrentUser(); if (!$user) { $this->logError("Not logged in"); return; } if (isset($input['rmImage'])) { if ($user->rmHeadImage()) $this->logNotice("Image removed"); else $this->logError("Error removing user image"); return; } if ($form->setPasswd) { if ($user->validatePassword($form->curPasswd)) { if ($form->newPasswd == $form->confPasswd) { $user->setPassword($form->newPasswd); $this->logNotice("Password updated successfully"); } else $this->logWarning("Password not changed -- Passwords did not match"); } else $this->logWarning("Password not changed -- Current password was incorrect"); } $user->alias = $form->alias; if ($form->email != $user->email) $user->setEmail($form->email); else if ($form->emailConfKey != "") { if (!$user->confirmEmailKey($form->emailConfKey)) $this->logWarning("Email not confirmed -- Key was incorrect"); } $user->saveObj(); if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) $this->logNotice("Image uploaded"); else $this->logFormErrors($form); } /* * Save changes to admin settings */ function saveSettingAdmin($input) { $form = new Form(); $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL()); $form->field_bool("allowPublicSignup"); if (!$form->populate($input)) { $this->logFormErrors($form); return; } $user = $this->getCurrentUser(); if (!$user || $user->admin == 0) { $this->logError("Admin permissions required"); return; } Setting::settSSL($form->settSSL); Setting::allowPublicSignup($form->allowPublicSignup); } /* * Allow an admin to create a new user account */ function saveSettingAllusersAdduser($input) { $form = new Form(); $form->field_text("username"); $form->field_text("password", null, false); $form->field_text("cPassword", null, false); $form->field_bool("admin"); $form->field_text("alias", "", false); $form->field_text("email", "", false); if (!$form->populate($input)) { $this->logFormErrors($form); return; } $user = $this->getCurrentUser(); if (!$user || $user->admin == 0) { $this->logError("Admin permissions required"); return; } if ($form->password != $form->cPassword) { $this->logError("Passwords do not match"); return; } $user = new User(); if (!$user->createNewUser($form->username, $form->password)) { $this->logError("Username " . $form->username . " is not available"); return; } if ($form->admin) $user->admin = 1; $user->alias = $form->alias; $user->setEmail($form->email); $user->saveObj(); $this->logNotice("Created new user " . $form->username); } /* * Allow an admin to edit user accounts */ function saveSettingAllusersEdituser($input, $attachment) { $form = new Form(); $form->field_text("guid"); $form->field_bool("setPasswd"); $form->field_text("newPasswd", null, false); $form->field_text("confPasswd", null, false); $form->field_bool("admin"); $form->field_text("alias", "", false); $form->field_text("email", "", false); if (!$form->populate($input)) { $this->logFormErrors($form); return; } $user = $this->getCurrentUser(); if (!$user || $user->admin == 0) { $this->logError("Admin permissions required"); return; } $user = new User($form->guid); if ($user->type != "user") { $this->logError("Invalid user GUID"); return; } if (isset($input['rmImage'])) { if ($user->rmHeadImage()) $this->logNotice("Image removed"); else $this->logError("Error removing user image"); return; } if ($form->setPasswd) { if ($form->newPasswd == $form->confPasswd) { $user->setPassword($form->newPasswd); $this->logNotice("Password for " . $user->name . " updated successfully"); } else $this->logWarning("Password not changed -- Passwords did not match"); } $user->admin = $form->admin; $user->alias = $form->alias; if ($form->email != $user->email) $user->setEmail($form->email); $user->saveObj(); if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid)) $this->logNotice("Image uploaded"); else $this->logFormErrors($form); } } ?>