mt-admin
RSS
Configure the new TinyMCE to have almost the same buttons as the old one.
Configure the new TinyMCE to have almost the same buttons as the old one.
darkmorford - - Load All Authors

File last commit:

dc98d7eb2bb1
3cf3f8fd35f8
Show More
user-edit.php
179 lines | 5.6 KiB | text/x-php | XmlPhpLexer
/ user-edit.php
History | Annotation | Raw |Copy content
<?php
require_once('include/admin.inc.php');
auth_redirect(); // Require logged in user to access this page.
if( isset($_POST['edit']) ) {
if( $_POST['edit'] === 'NEW' ) {
$username = sanitize_username( $_POST['user_login'] );
if( $username != $_POST['user_login'] || strlen($_POST['user_login']) < 1 )
mtdie( 'The specified username is not valid. Must be composed of a-z _ - @ .', 'Invalid Username' );
copy(RANTIMG.'default', RANTIMG.$username.'.png');
$mtdb->query( 'INSERT INTO contributor (name, default_image) VALUES ("' . mysqli_real_escape_string($mtdb->link, $username) . '", "'.$username.'.png")' );
$user = get_userdatabylogin( $username );
$userid = $user->id;
$info.='<p>User Account Created</p>';
adminlog("User '".$username."' created.", MTS_USER, MTA_ADD);
$user_old = $user;
} else {
$userid = (int) $_POST['edit'];
$user_old = $user = get_userdatabyid( $userid );
}
$user->nameplate = $_POST['nickname'];
$user->default_image = $user_old->default_image;
$user->default_link = $_POST['rant-link'];
$user->email = $_POST['email'];
if( !empty($_POST['password_new1']) && !empty($_POST['password_new2']) ) {
if( $_POST['password_new1'] !== $_POST['password_new2'] ) {
$error.='<p>New passwords do not match.</p>';
} else {
/* password change */
if( ! $mtdb->getOne( 'SELECT id FROM contributor WHERE id = "' . (int)$user->id . '" AND (password = SHA1("' . mysqli_real_escape_string($mtdb->link, $_POST['password_old']) . '") OR password = "")' )) {
$error.='<p>Specified password is incorrect.</p>';
} else {
/* Password match */
$user->password = $_POST['password_new1'];
change_password( $user );
$info.='<p>Password successfully changed.</p>';
}
}
}
function handle_upload( &$user ) {
global $info,$error;
if( !$_FILES['rant_image'] ) return;
if( '' == $_FILES['rant_image']['name'] ) return;
if( UPLOAD_ERR_NO_FILE == $_FILES['rant_image']['error'] ) return;
if( 0 == $_FILES['rant_image']['size'] ) return;
$info.='<p>Tried to upload an image.</p>';
// Uploading new rant image
$imagedata = getimagesize($_FILES['rant_image']['tmp_name']);
if( 300 !== $imagedata[0] ) {
$error.='<p>Image wrong width: '.$imagedata[0].'</p>';
return;
}
if( 245 !== $imagedata[1]) {
$error.='<p>Image wrong height: '.$imagedata[1].'</p>';
return;
}
switch( $_FILES['rant_image']['type'] ) {
case 'image/jpeg':
case 'image/jpg': $ext = 'jpg'; break;
case 'image/gif': $ext = 'gif'; break;
case 'image/png': $ext = 'png'; break;
case 'image/bmp': $ext = 'bmp'; break;
case 'image/tiff': $ext = 'tiff'; break;
default:
$error.='<p>Unknown image extension. Upload refused.</p>';
return;
}
$destination_path = $user->name.'.'.$ext;
if( !is_uploaded_file( $_FILES['rant_image']['tmp_name'] )) {
$error.='<p>Something went wrong while retrieving the uploaded image.</p>';
return;
}
if( move_uploaded_file($_FILES['rant_image']['tmp_name'], RANTIMG.$destination_path) ) { // TODO: SITE_PATH_ABS .'/'. SITE_RANT ?
// great
$user->default_image = $destination_path;
$info.='<p>New rant image uploaded.</p>';
} else {
$error.='<p>Something went wrong while storing the uploaded image.</p>';
adminlog("File system error while uploading rant image.", MTS_USER, MTA_MODIFY, E_WARNING);
}
}
handle_upload( $user );
save_userdata( $user );
$info.='<p>Changes to user profile information were saved successfully.</p>';
adminlog("Profile updated for user ".$user->name.".", MTS_USER, MTA_UPDATE);
} else {
$userid = (int) $_GET['edit'];
$user = get_userdatabyid( $userid );
}
if( !$user ) $error.='<p>The specified user does not exist.</p>';
adminhead('Edit User Profile');
adminmenu('users.php');
if( $user ) {
?>
<form enctype="multipart/form-data" name="profile" id="your-profile" action="user-edit.php" method="post">
<input type="hidden" name="edit" value="<?php echo $userid; ?>" />
<h2>Editing "<?php echo htmlentities($user->name); ?>"</h2>
<p>Modify details for this contributer.</p>
<fieldset>
<legend>Name</legend>
<p><label>Username:<br />
<input type="text" name="user_login" value="<?php echo htmlentities($user->name); ?>" disabled="disabled" /></label></p>
<p><label>Nickname:<br />
<input type="text" name="nickname" value="<?php echo htmlentities($user->nameplate); ?>" /></label></p>
<p><label>Email:<br />
<input type="text" name="email" value="<?php echo htmlentities($user->email); ?>" /></label></p>
</fieldset>
<fieldset>
<legend>Rant Defaults</legend>
<p><label>Link<br />
<input type="text" name="rant-link" value="<?php echo htmlentities($user->default_link); ?>" /></label></p>
<p><label>Upload New Image<br />
<input type="hidden" name="MAX_FILE_SIZE" value="10000000" />
<input name="rant_image" type="file" /></label></p>
<?php
$rantimage_filename = SITE_RANT.'/' . $user->default_image;
if( !file_exists( SITE_PATH_ABS.'/' . $rantimage_filename )) {
echo '<p>There is currently no default rant image for this contributor.</p>';
} else {
echo '<p><img src="' . SITE_HOST . '/' . SITE_PATH . '/' . $rantimage_filename . '" width="150" /></p>';
}
?>
</fieldset>
<fieldset>
<legend>Change Password</legend>
<p><label>Old Password</br/>
<input type="password" name="password_old" value="" /></label></p>
<p><label>New Password</br/>
<input type="password" name="password_new1" value="" /></label></p>
<p><label>Confirm New Password</br/>
<input type="password" name="password_new2" value="" /></label></p>
</fieldset>
<br clear="all" />
<p class="submit"><input type="submit" value="Update Profile &raquo;" name="submit" /></p>
</form>
</div>
<?php
}
adminfooter();
?>