svj/website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Code-Formatierungen und Anpassungen an neue Editoren

Browse Source
This commit is contained in:
Christian Steinle
2016-09-12 22:24:04 +00:00
parent 5ca973cb00
commit 73c64c5f65
46 changed files with 5167 additions and 5374 deletions
Download Patch File Download Diff File Expand all files Collapse all files

278
.actions/usermanagement_actions.php
View File

@@ -1,151 +1,149 @@
<?php
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'disableUser' )
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'disableUser')
{
$db->query('UPDATE ' . TBL_USER . ' SET userActive = "N" , userActiveUser = "' . $_SESSION['sess_userId'] . '" , userActiveTS = NOW( ) WHERE userId = "' . $_POST['userId'] . '" LIMIT 1;');
fnc_writeLog('00000011', array(fnc_getUsernameById($_POST['userId'])), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die();
}
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'enableUser')
{
$db->query('UPDATE ' . TBL_USER . ' SET userActive = "Y" WHERE userId = "' . $_POST['userId'] . '" LIMIT 1;');
fnc_writeLog('00000012', array(fnc_getUsernameById($_POST['userId'])), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die();
}
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'deleteUser')
{
$db->query('UPDATE ' . TBL_USER . ' SET userDelete = "Y" , userDeleteUser = "' . $_SESSION['sess_userId'] . '" , userDeleteTS = NOW( ) WHERE userId = "' . $_POST['userId'] . '" LIMIT 1;');
fnc_writeLog('00000014', array(fnc_getUsernameById($_POST['userId'])), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die();
}
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'resetPW')
{
$status = fnc_sendEmailToUser('00000015', $_POST['userId'], $_SESSION['sess_userId']);
if ($status === 'OK')
{
$db->query('UPDATE ' . TBL_USER . ' SET userPasswordCrypt = "' . $_POST['userPasswordOrgCrypt'] . '" WHERE userId = "' . $_POST['userId'] . '" LIMIT 1;');
fnc_writeLog('00000015', array(fnc_getUsernameById($_POST['userId'])), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die();
}
else
{
$arrError[] = 'mail_001';
}
die();
}
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'createUser')
{
if (!isset ($_POST['user_portalRightsType']))
{
$_POST['user_portalRightsType'] = 'DEF';
}
$userPortalRights = ($_POST['user_portalRightsType'] === 'ALL' || !isset ($_POST['user_portalRights']))
? ''
: implode(';', $_POST['user_portalRights']);
if (!fnc_validateEmailAddress($_POST['userEmail']))
{
$arrError[] = 'mail_002';
}
if (!fnc_checkUniqueEmailAddress($_POST['userEmail']))
{
$arrError[] = 'mail_003';
}
if (isset ($arrError) && !empty ($arrError))
{
$_GET['siteId'] = $_POST['siteId'];
$_GET['todoId'] = $_POST['todoId'];
}
else
{
$userName = fnc_generateUniqueUsername($_POST['userLastname'], $_POST['userFirstname']);
$passWord = fnc_generatePW();
$crypt = md5($passWord);
$insert = $db->query('INSERT INTO ' . TBL_USER . ' ( userUsername , userEmail , userPhone , userPasswordCrypt , userPasswordOrgCrypt , userPasswordOrg , userFirstname , userLastname , userCreateUser , userActive , userDelete , userPortalRightsType , userPortalRights ) VALUES ( "' . $userName . '" , "' . $_POST['userEmail'] . '" , "' . $_POST['userPhone'] . '" , "' . $crypt . '" , "' . $crypt . '" , "' . $passWord . '" , "' . $_POST['userFirstname'] . '" , "' . $_POST['userLastname'] . '" , "' . $_SESSION['sess_userId'] . '" , "Y" , "N" , "' . $_POST['user_portalRightsType'] . '" , "' . $userPortalRights . '" );');
$userId = $db->insert_id;
foreach ($vC['portal']['website']['prefix'] as $website)
{
$db -> query ( 'UPDATE ' . TBL_USER . ' SET userActive = "N" , userActiveUser = "' . $_SESSION[ 'sess_userId' ] . '" , userActiveTS = NOW( ) WHERE userId = "' . $_POST[ 'userId' ] . '" LIMIT 1;' );
fnc_writeLog ( '00000011' , array ( fnc_getUsernameById ( $_POST[ 'userId' ] ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die( );
if (!isset ($_POST['user' . $website . 'RightsType']))
{
$_POST['user' . $website . 'RightsType'] = 'DEF';
}
$userWebsiteRights = ($_POST['user_' . $website . 'RightsType'] === 'ALL' || !isset ($_POST['user_' . $website . 'Rights']))
? ''
: implode(';', $_POST['user' . $website . 'Rights']);
$db->query('INSERT INTO ' . TBL_RIGHTS . ' SET userId = "' . $userId . '" , rightsPrefix = "' . $website . '" , rightsType = "' . $_POST['user_' . $website . 'RightsType'] . '" , rights = "' . $userWebsiteRights . '";');
}
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'enableUser' )
{
$db -> query ( 'UPDATE ' . TBL_USER . ' SET userActive = "Y" WHERE userId = "' . $_POST[ 'userId' ] . '" LIMIT 1;' );
fnc_writeLog ( '00000012' , array ( fnc_getUsernameById ( $_POST[ 'userId' ] ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die( );
}
fnc_sendEmailToUser('00000010', $userId, $_SESSION['sess_userId']);
fnc_writeLog('00000010', array(fnc_getUsernameById($userId)), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die ();
}
}
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'deleteUser' )
{
$db -> query ( 'UPDATE ' . TBL_USER . ' SET userDelete = "Y" , userDeleteUser = "' . $_SESSION[ 'sess_userId' ] . '" , userDeleteTS = NOW( ) WHERE userId = "' . $_POST[ 'userId' ] . '" LIMIT 1;' );
fnc_writeLog ( '00000014' , array ( fnc_getUsernameById ( $_POST[ 'userId' ] ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die( );
}
if (isset ($_POST['formAction']) && $_POST['formAction'] === 'editUser')
{
if (!isset ($_POST['user_portalRightsType']))
{
$_POST['user_portalRightsType'] = 'DEF';
}
$userPortalRights = ($_POST['user_portalRightsType'] === 'ALL' || !isset ($_POST['user_portalRights']))
? ''
: implode(';', $_POST['user_portalRights']);
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'resetPW' )
if (!fnc_validateEmailAddress($_POST['userEmail']))
{
$arrError[] = 'mail_002';
}
if (!fnc_checkUniqueEmailAddress($_POST['userEmail'], $_POST['userId']))
{
$arrError[] = 'mail_003';
}
if (isset ($arrError) && !empty ($arrError))
{
$_GET['siteId'] = $_POST['siteId'];
$_GET['todoId'] = $_POST['todoId'];
$_GET['userId'] = $_POST['userId'];
}
else
{
$db->query('UPDATE ' . TBL_USER . ' SET userLastname = "' . $_POST['userLastname'] . '" , userFirstname = "' . $_POST['userFirstname'] . '" , userEmail = "' . $_POST['userEmail'] . '" , userPhone = "' . $_POST['userPhone'] . '" , userPortalRightsType = "' . $_POST['user_portalRightsType'] . '" , userPortalRights = "' . $userPortalRights . '" WHERE userId = "' . $_POST['userId'] . '" LIMIT 1;');
foreach ($vC['portal']['website']['prefix'] as $website)
{
$status = fnc_sendEmailToUser ( '00000015' , $_POST[ 'userId' ] , $_SESSION[ 'sess_userId' ] );
if ( $status === 'OK' )
{
$db -> query ( 'UPDATE ' . TBL_USER . ' SET userPasswordCrypt = "' . $_POST[ 'userPasswordOrgCrypt' ] . '" WHERE userId = "' . $_POST[ 'userId' ] . '" LIMIT 1;' );
fnc_writeLog ( '00000015' , array ( fnc_getUsernameById ( $_POST[ 'userId' ] ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die( );
}
if (!isset ($_POST['user_' . $website . 'RightsType']))
{
$_POST['user_' . $website . 'RightsType'] = 'DEF';
}
$userWebsiteRights = ($_POST['user_' . $website . 'RightsType'] === 'ALL' || !isset ($_POST['user_' . $website . 'Rights']))
? ''
: implode(';', $_POST['user_' . $website . 'Rights']);
$rights = $db->query('SELECT * FROM ' . TBL_RIGHTS . ' WHERE userId = "' . $_POST['userId'] . '" AND rightsPrefix = "' . $website . '";');
if ($rights->num_rows === 0)
{
$db->query('INSERT INTO ' . TBL_RIGHTS . ' SET userId = "' . $_POST['userId'] . '" , rightsPrefix = "' . $website . '" , rightsType = "' . $_POST['user' . $website . 'RightsType'] . '" , rights = "' . $userWebsiteRights . '";');
}
else
{
$arrError[ ] = 'mail_001';
}
die( );
}
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'createUser' )
{
if ( ! isset ( $_POST[ 'user_portalRightsType' ] ) )
{
$_POST[ 'user_portalRightsType' ] = 'DEF';
}
$userPortalRights = ( $_POST[ 'user_portalRightsType' ] === 'ALL' || ! isset ( $_POST[ 'user_portalRights' ] ) )
? ''
: implode ( ';' , $_POST[ 'user_portalRights' ] );
if ( ! fnc_validateEmailAddress ( $_POST[ 'userEmail' ] ) )
{
$arrError[ ] = 'mail_002';
}
if ( ! fnc_checkUniqueEmailAddress ( $_POST[ 'userEmail' ] ) )
{
$arrError[ ] = 'mail_003';
}
if ( isset ( $arrError ) && ! empty ( $arrError ) )
{
$_GET[ 'siteId' ] = $_POST[ 'siteId' ];
$_GET[ 'todoId' ] = $_POST[ 'todoId' ];
}
else
{
$userName = fnc_generateUniqueUsername ( $_POST[ 'userLastname' ] , $_POST[ 'userFirstname' ] );
$passWord = fnc_generatePW ( );
$crypt = md5 ( $passWord );
$insert = $db -> query ( 'INSERT INTO ' . TBL_USER . ' ( userUsername , userEmail , userPhone , userPasswordCrypt , userPasswordOrgCrypt , userPasswordOrg , userFirstname , userLastname , userCreateUser , userActive , userDelete , userPortalRightsType , userPortalRights ) VALUES ( "' . $userName . '" , "' . $_POST[ 'userEmail' ] . '" , "' . $_POST[ 'userPhone' ] . '" , "' . $crypt . '" , "' . $crypt . '" , "' . $passWord . '" , "' . $_POST[ 'userFirstname' ] . '" , "' . $_POST[ 'userLastname' ] . '" , "' . $_SESSION[ 'sess_userId' ] . '" , "Y" , "N" , "' . $_POST[ 'user_portalRightsType' ] . '" , "' . $userPortalRights . '" );' );
$userId = $db -> insert_id;
foreach ( $vC[ 'portal' ][ 'website' ][ 'prefix' ] as $website )
{
if ( ! isset ( $_POST[ 'user' . $website . 'RightsType' ] ) )
{
$_POST[ 'user' . $website . 'RightsType' ] = 'DEF';
}
$userWebsiteRights = ( $_POST[ 'user_' . $website . 'RightsType' ] === 'ALL' || ! isset ( $_POST[ 'user_' . $website . 'Rights' ] ) )
? ''
: implode ( ';' , $_POST[ 'user' . $website . 'Rights' ] );
$db -> query ( 'INSERT INTO ' . TBL_RIGHTS . ' SET userId = "' . $userId . '" , rightsPrefix = "' . $website . '" , rightsType = "' . $_POST[ 'user_' . $website . 'RightsType' ] . '" , rights = "' . $userWebsiteRights . '";' );
}
fnc_sendEmailToUser ( '00000010' , $userId , $_SESSION[ 'sess_userId' ] );
fnc_writeLog ( '00000010' , array ( fnc_getUsernameById ( $userId ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die ( );
}
}
if ( isset ( $_POST[ 'formAction' ] ) && $_POST[ 'formAction' ] === 'editUser' )
{
if ( ! isset ( $_POST[ 'user_portalRightsType' ] ) )
{
$_POST[ 'user_portalRightsType' ] = 'DEF';
}
$userPortalRights = ( $_POST[ 'user_portalRightsType' ] === 'ALL' || ! isset ( $_POST[ 'user_portalRights' ] ) )
? ''
: implode ( ';' , $_POST[ 'user_portalRights' ] );
if ( ! fnc_validateEmailAddress ( $_POST[ 'userEmail' ] ) )
{
$arrError[ ] = 'mail_002';
}
if ( ! fnc_checkUniqueEmailAddress ( $_POST[ 'userEmail' ] , $_POST[ 'userId' ] ) )
{
$arrError[ ] = 'mail_003';
}
if ( isset ( $arrError ) && ! empty ( $arrError ) )
{
$_GET[ 'siteId' ] = $_POST[ 'siteId' ];
$_GET[ 'todoId' ] = $_POST[ 'todoId' ];
$_GET[ 'userId' ] = $_POST[ 'userId' ];
}
else
{
$db -> query ( 'UPDATE ' . TBL_USER . ' SET userLastname = "' . $_POST[ 'userLastname' ] . '" , userFirstname = "' . $_POST[ 'userFirstname' ] . '" , userEmail = "' . $_POST[ 'userEmail' ] . '" , userPhone = "' . $_POST[ 'userPhone' ] . '" , userPortalRightsType = "' . $_POST[ 'user_portalRightsType' ] . '" , userPortalRights = "' . $userPortalRights . '" WHERE userId = "' . $_POST[ 'userId' ] . '" LIMIT 1;' );
foreach ( $vC[ 'portal' ][ 'website' ][ 'prefix' ] as $website )
{
if ( ! isset ( $_POST[ 'user_' . $website . 'RightsType' ] ) )
{
$_POST[ 'user_' . $website . 'RightsType' ] = 'DEF';
}
$userWebsiteRights = ( $_POST[ 'user_' . $website . 'RightsType' ] === 'ALL' || ! isset ( $_POST[ 'user_' . $website . 'Rights' ] ) )
? ''
: implode ( ';' , $_POST[ 'user_' . $website . 'Rights' ] );
$rights = $db -> query ( 'SELECT * FROM ' . TBL_RIGHTS . ' WHERE userId = "' . $_POST[ 'userId' ] . '" AND rightsPrefix = "' . $website . '";' );
if ( $rights -> num_rows === 0 )
{
$db -> query ( 'INSERT INTO ' . TBL_RIGHTS . ' SET userId = "' . $_POST[ 'userId' ] . '" , rightsPrefix = "' . $website . '" , rightsType = "' . $_POST[ 'user' . $website . 'RightsType' ] . '" , rights = "' . $userWebsiteRights . '";' );
}
else
{
$db -> query ( 'UPDATE ' . TBL_RIGHTS . ' SET rightsType = "' . $_POST[ 'user_' . $website . 'RightsType' ] . '" , rights = "' . $userWebsiteRights . '" WHERE userId = "' . $_POST[ 'userId' ] . '" AND rightsPrefix = "' . $website . '";' );
}
}
fnc_writeLog ( '00000013' , array ( fnc_getUsernameById ( $_POST[ 'userId' ] ) ) , $_SESSION[ 'sess_userId' ] );
header( 'Location:index.php?siteId=' . $_POST[ 'siteId' ] );
die ( );
}
{
$db->query('UPDATE ' . TBL_RIGHTS . ' SET rightsType = "' . $_POST['user_' . $website . 'RightsType'] . '" , rights = "' . $userWebsiteRights . '" WHERE userId = "' . $_POST['userId'] . '" AND rightsPrefix = "' . $website . '";');
}
}
?>
fnc_writeLog('00000013', array(fnc_getUsernameById($_POST['userId'])), $_SESSION['sess_userId']);
header('Location:index.php?siteId=' . $_POST['siteId']);
die ();
}
}