Changeset 21 for trunk/services/admins.php
- Timestamp:
- Nov 17, 2005 7:37:40 AM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/services/admins.php
r20 r21 196 196 } 197 197 198 // If the username was changed during edit, verify.199 198 if (getFormData('user_type') == 'root' && 'root' != $auth->getVal('user_type')) { 200 199 $fv->addError('user_type', sprintf(_("You do not have clearance to create a user with root privileges."), null)); … … 267 266 if (!$frm = mysql_fetch_assoc($qid)) { 268 267 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 269 App::raiseMsg(sprintf(_("The requested record %s could not be found "), $id), MSG_ERR, __FILE__, __LINE__);268 App::raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__); 270 269 App::dieBoomerangURL(); 271 270 } … … 312 311 if ($lock->isLocked() && !$lock->isMine()) { 313 312 $lock->dieErrorPage(); 313 } 314 315 // Break the cache because we are changing the list data. 316 SessionCache::breakCache($_SERVER['PHP_SELF']); 317 318 // Get the information for this object. 319 $qid = DB::query(" 320 SELECT username, user_type from admin_tbl 321 WHERE admin_id = '" . addslashes($id) . "' 322 "); 323 if (! list($name, $user_type) = mysql_fetch_row($qid)) { 324 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 325 App::raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__); 326 App::dieBoomerangURL(); 327 } 328 329 // Get the information for this object. 330 $qid = DB::query("SELECT COUNT(*) from admin_tbl"); 331 list($num_admins) = mysql_fetch_row($qid); 332 if ('root' == $user_type && 'root' != $auth->getVal('user_type')) { 333 // Only root users can delete root users! 334 App::raiseMsg(_("You do not have clearance to delete a root administrator."), MSG_NOTICE, __FILE__, __LINE__); 335 } else if ($num_admins <= 1) { 336 // There must always be at least one admnistrator! 337 App::raiseMsg(_("You cannot delete the only administrator in the database. There must be at least one to log in and create other users."), MSG_NOTICE, __FILE__, __LINE__); 338 } else if ($auth->getVal('user_id') == $id) { 339 // Do not delete yourself! 340 App::raiseMsg(_("You cannot delete yourself."), MSG_NOTICE, __FILE__, __LINE__); 314 341 } else { 315 // Break the cache because we are changing the list data. 316 SessionCache::breakCache($_SERVER['PHP_SELF']); 317 318 // Get the information for this object. 319 $qid = DB::query(" 320 SELECT username, user_type from admin_tbl 321 WHERE admin_id = '" . addslashes($id) . "' 322 "); 323 if (! list($name, $user_type) = mysql_fetch_row($qid)) { 324 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 325 App::raiseMsg(sprintf(_("The requested record %s could not be found"), $id), MSG_ERR, __FILE__, __LINE__); 326 App::dieBoomerangURL(); 327 } 328 329 // Get the information for this object. 330 $qid = DB::query("SELECT COUNT(*) from admin_tbl"); 331 list($num_admins) = mysql_fetch_row($qid); 332 if ('root' == $user_type && 'root' != $auth->getVal('user_type')) { 333 // Only root users can delete root users! 334 App::raiseMsg(_("You do not have clearance to delete a root administrator."), MSG_NOTICE, __FILE__, __LINE__); 335 } else if ($num_admins <= 1) { 336 // There must always be at least one admnistrator! 337 App::raiseMsg(_("You cannot delete the only administrator in the database. There must be at least one to log in and create other users."), MSG_NOTICE, __FILE__, __LINE__); 338 } else if ($auth->getVal('user_id') == $id) { 339 // Do not delete yourself! 340 App::raiseMsg(_("You cannot delete yourself."), MSG_NOTICE, __FILE__, __LINE__); 341 } else { 342 // Delete the record. 343 DB::query("DELETE FROM admin_tbl WHERE admin_id = '" . addslashes($id) . "'"); 344 App::raiseMsg(sprintf(_("The admin <strong>%s</strong> has been deleted."), $name), MSG_SUCCESS, __FILE__, __LINE__); 345 } 346 347 // Unlock record. 348 $lock->remove(); 349 } 342 // Delete the record. 343 DB::query("DELETE FROM admin_tbl WHERE admin_id = '" . addslashes($id) . "'"); 344 App::raiseMsg(sprintf(_("The admin <strong>%s</strong> has been deleted."), $name), MSG_SUCCESS, __FILE__, __LINE__); 345 } 346 347 // Unlock record. 348 $lock->remove(); 350 349 } 351 350 … … 399 398 if ($lock->isLocked() && !$lock->isMine()) { 400 399 $lock->dieErrorPage(); 401 } else {402 // Break the cache because we are changing the list data. 403 SessionCache::breakCache($_SERVER['PHP_SELF']);404 405 // If the userpass is left blank or with the filler **** characters, we don't want to update it.406 if (!empty($frm['userpass']) && !preg_match('/[\*]{4,}/', $frm['userpass'])) {407 // Set user password.408 $auth->setPassword($frm['admin_id'], $frm['userpass']);409 }410 411 // Update record data.412 DB::query("413 UPDATE admin_tbl SET414 username = '" . addslashes($frm['username']) . "',415 first_name = '" . addslashes($frm['first_name']) . "',416 last_name = '" . addslashes($frm['last_name']) . "',417 email = '" . addslashes($frm['email']) . "',418 user_type = '" . addslashes($frm['user_type']) . "',419 modified_by_user_id = '" . addslashes($auth->getVal('user_id')) . "',420 modified_datetime = NOW()421 WHERE admin_id = '" . addslashes($frm['admin_id']) . "'422 ");423 424 // Create version. 425 $version = RecordVersion::getInstance($GLOBALS['auth']);426 $version->create('admin_tbl', 'admin_id', $frm['admin_id'], $frm['username']);427 428 App::raiseMsg(sprintf(_("The Admin <strong>%s</strong> has been updated."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 429 430 // Unlock record. 431 $lock->remove();432 }400 } 401 402 // Break the cache because we are changing the list data. 403 SessionCache::breakCache($_SERVER['PHP_SELF']); 404 405 // If the userpass is left blank or with the filler **** characters, we don't want to update it. 406 if (!empty($frm['userpass']) && !preg_match('/[\*]{4,}/', $frm['userpass'])) { 407 // Set user password. 408 $auth->setPassword($frm['admin_id'], $frm['userpass']); 409 } 410 411 // Update record data. 412 DB::query(" 413 UPDATE admin_tbl SET 414 username = '" . addslashes($frm['username']) . "', 415 first_name = '" . addslashes($frm['first_name']) . "', 416 last_name = '" . addslashes($frm['last_name']) . "', 417 email = '" . addslashes($frm['email']) . "', 418 user_type = '" . addslashes($frm['user_type']) . "', 419 modified_by_user_id = '" . addslashes($auth->getVal('user_id')) . "', 420 modified_datetime = NOW() 421 WHERE admin_id = '" . addslashes($frm['admin_id']) . "' 422 "); 423 424 // Create version. 425 $version = RecordVersion::getInstance($GLOBALS['auth']); 426 $version->create('admin_tbl', 'admin_id', $frm['admin_id'], $frm['username']); 427 428 App::raiseMsg(sprintf(_("The Admin <strong>%s</strong> has been updated."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 429 430 // Unlock record. 431 $lock->remove(); 433 432 } 434 433
Note: See TracChangeset
for help on using the changeset viewer.