Overview

Packages

  • Admin
  • Archive
  • Common
  • DB
  • Express
  • Form
  • Layout
  • Mailer
  • None
  • OpenHomeoDB
  • PDF
    • MC
  • Process
  • Rep
  • RevRep
  • SaveReps
  • Search
  • Session
  • SymRem
  • TreeView
  • UserDB

Functions

  • displayBannedUsers
  • displayUsers
  • Overview
  • Package
  • Function
  • Tree 
  1: <?php
  2: /**
  3:  * useradmin.php
  4:  *
  5:  * This is the Admin Center page. Only administrators
  6:  * are allowed to view this page. This page displays the
  7:  * database table of users and banned users. Admins can
  8:  * choose to delete specific users, delete inactive users,
  9:  * ban users, update user levels, etc.
 10:  *
 11:  * PHP version 8
 12:  *
 13:  * LICENSE: This program is free software: you can redistribute it and/or modify
 14:  * it under the terms of the GNU Affero General Public License as
 15:  * published by the Free Software Foundation, either version 3 of the
 16:  * License, or (at your option) any later version.
 17:  * This program is distributed in the hope that it will be useful,
 18:  * but WITHOUT ANY WARRANTY; without even the implied warranty of
 19:  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 20:  * GNU Affero General Public License for more details.
 21:  * You should have received a copy of the GNU Affero General Public License
 22:  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 23:  *
 24:  * @category  Login
 25:  * @package   Admin
 26:  * @author    Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
 27:  * @author    Henri Schumacher <henri.hulski@gazeta.pl>
 28:  * @copyright 2007-2014 Henri Schumacher
 29:  * @license   http://www.gnu.org/licenses/agpl.html GNU Affero General Public License v3
 30:  * @version   1.0
 31:  * @link      https://research.openhomeo.info/download/OpenHomeopath_1.0.2.tar.gz
 32:  */
 33: 
 34: include_once ("include/classes/login/session.php");
 35: 
 36: /**
 37:  * displayUsers - Displays the users database table in
 38:  * a nicely formatted html table.
 39:  *
 40:  * @param string $order_by users table row by which the table should be ordered
 41:  * @param string $order_type order direction ('DESC'|'ASC')
 42:  * @return string users html table
 43:  * @access public
 44:  */
 45: function displayUsers($order_by = "last_activity", $order_type = "DESC") {
 46:     global $db;
 47:     $user_rows_ar = array(
 48:             "username" => _("Username"),
 49:             "userlevel" => _("Level"),
 50:             "email_registered" => _("Registered e-mail"),
 51:             "last_activity" => _("Last active"),
 52:             "registration" => _("Registered since")
 53:     );
 54:     $order = ($order_by === "userlevel") ? "$order_by $order_type, username" : "$order_by $order_type";
 55:     $select = implode(", ", array_keys($user_rows_ar));
 56:     $query = "SELECT $select FROM " . TBL_USERS . " WHERE username != 'pacha' ORDER BY $order";
 57:     $db->send_query($query);
 58:     $num_rows = $db->db_num_rows();
 59:     if ($num_rows == 0) {
 60:         $user_table = _("no users");
 61:         return $user_table;
 62:     }
 63: 
 64:     /* Display table contents */
 65:     $user_table = "<div class='scrollableUserContainer'>\n";
 66:     $user_table .= "  <div  class='scrollingUserArea'>\n";
 67:     $user_table .= "    <table class='user_table'>\n";
 68: 
 69:     /* Build the table heading */
 70:     $user_table .= "      <thead>\n";
 71:     $user_table .= "        <tr>\n";
 72:     foreach ($user_rows_ar as $row => $val) {
 73:         $row_class = ($row == "email_registered") ? "email" : $row;
 74:         $user_table .= "          <th class='$row_class'><div>";
 75:         $field_is_current_order_by = 0;
 76:         if ($order_by != $row) {  // the results are not ordered by this field at the moment
 77:             $link_class="order_link_2";
 78:             if ($row == "username" || $row == "email_registered") {
 79:                 $new_order_type = "ASC";
 80:             } else {
 81:                 $new_order_type = "DESC";
 82:             }
 83:         } else {
 84:             $field_is_current_order_by = 1;
 85:             $link_class="order_link_2_selected";
 86:             if ( $order_type == "DESC") {
 87:                 $new_order_type = "ASC";
 88:             } else {
 89:                 $new_order_type = "DESC";
 90:             }
 91:         }
 92:         $user_table .= "<a class='$link_class' href='useradmin.php?order_by=$row&amp;order_type=$new_order_type#user_table'>";
 93: 
 94:         if ($field_is_current_order_by === 1) {
 95:             if ($order_type === 'ASC') {
 96:                 $user_table .= '&uarr; ';
 97:             } else {
 98:                 $user_table .= '&darr; ';
 99:             }
100:         }
101:             
102:         $user_table .= "$val</a></div></th>\n";
103:     }
104:     $user_table .= "        </tr>\n";
105:     $user_table .= "      </thead>\n";
106: 
107:     /* Build the table body */
108:     $tr_results_class = 'tr_results_1';
109:     $td_controls_class = 'controls_1';
110:     $user_table .= "      <tbody>\n";
111:     while (list($username, $userlevel, $email_registered, $last_activity, $registration) = $db->db_fetch_row()) {
112:         if ($userlevel < 6) {
113:             $level = _("normal user");
114:         } elseif ($userlevel == 6) {
115:             $level = _("Editor");
116:         } elseif ($userlevel == 9) {
117:             $level = _("Administrator");
118:         }
119:         if ($tr_results_class === 'tr_results_1') {
120:             $td_controls_class = 'controls_2';
121:             $tr_results_class = 'tr_results_2';
122:         } else {
123:             $td_controls_class = 'controls_1';
124:             $tr_results_class = 'tr_results_1';
125:         }
126:         $user_table .= "  <tr class='$tr_results_class'>\n";
127:         $user_table .= "    <td class='$td_controls_class username'><div><a href='userinfo.php?user=$username' target='_blank'>$username</a></div></td>\n";
128:         $user_table .= "    <td class='$td_controls_class userlevel'><div>$level</div></td>\n";
129:         $user_table .= "    <td class='$td_controls_class email'><div>$email_registered</div></td>\n";
130:         $user_table .= "    <td class='$td_controls_class last_activity'><div>$last_activity</div></td>\n";
131:         $user_table .= "    <td class='$td_controls_class registration'><div>$registration</div></td>\n";
132:         $user_table .= "  </tr>\n";
133:     }
134:     $user_table .= "      </tbody>\n";
135:     $user_table .= "    </table><br>\n";
136:     $user_table .= "  </div>\n";
137:     $user_table .= "</div>\n";
138:     $db->free_result();
139:     return $user_table;
140: }
141: 
142: /**
143:  * displayBannedUsers - Displays the banned users
144:  * database table in a nicely formatted html table.
145:  *
146:  * @return string banned users html table
147:  * @access public
148:  */
149: function displayBannedUsers() {
150:     global $db;
151:     $query = "SELECT username, timestamp FROM " . TBL_BANNED_USERS . " ORDER BY username";
152:     $db->send_query($query);
153:     /* Error occurred, return given name by default */
154:     $num_rows = $db->db_num_rows();
155:     if ($num_rows == 0) {
156:         $banned_user_table = _("no banned users");
157:     } else {
158:         /* Display table contents */
159:         $banned_user_table = "<table style='text-align: left; border-spacing: 0; border-collapse: collapse; border: solid 1px;'>\n";
160:         $banned_user_table .= "<tr><td style='padding:3px'><b>" . _("Username") . "</b></td><td style='padding:3px'><b>" . _("Time Banned") . "</b></td></tr>\n";
161:         while(list($username, $timestamp) = $db->db_fetch_row()) {
162:             $banned_user_table .= "<tr><td style='padding:3px'>$username</td><td style='padding:3px'>$timestamp</td></tr>\n";
163:         }
164:         $banned_user_table .= "</table><br>\n";
165:         $db->free_result();
166:     }
167:     return $banned_user_table;
168: }
169: 
170: 
171: /**
172:  * User not an administrator, redirect to main page
173:  * automatically.
174:  */
175: if (!$session->isAdmin()) {
176:     $host  = $_SERVER['HTTP_HOST'];
177:     $uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
178:     $extra = "login.php";
179:     header("Content-Type: text/html;charset=utf-8"); 
180:     header("Location: http://$host$uri/$extra");
181:     die();
182: } else {
183: /**
184:  * Administrator is viewing page, so display all
185:  * forms.
186:  */
187:     $order_by = "last_activity";
188:     $order_type = "DESC";
189:     if (!empty($_REQUEST['order_by'])) {
190:         $order_by = $_REQUEST['order_by'];
191:     }
192:     if (!empty($_REQUEST['order_type'])) {
193:         $order_type = $_REQUEST['order_type'];
194:     }
195:     $user_table = displayUsers($order_by, $order_type);
196:     $head_title = _("User administration") . " :: OpenHomeopath";
197:     $skin = $session->skin;
198:     include("skins/$skin/header.php");
199: ?>
200: <h1>
201:   <?php echo _("User administration"); ?>
202: </h1>
203: <br>
204: <?php
205:     if ($form->num_errors > 0) {
206:         echo "<p class='error_message'>!*** " . _("Error in the request, please correct") . "</p><br>\n";
207:     }
208:     if (isset($_GET["count"])) {
209:         $count = $_GET["count"];
210:         printf("<p class='error_message'>!*** " . ngettext("%d record was deleted!", "%d records were deleted!", $count) . "</p><br>\n", $count);
211:     }
212: ?>
213: <nav class="content">
214:   <h2>
215:     <?php echo _("Contents"); ?>
216:   </h2>
217:   <ul>
218:     <li><a href="#user_table"><?php echo _("Users Table Contents"); ?></a></li>
219:     <li><a href="#user_level"><?php echo _("Change the userlevel"); ?></a></li>
220:     <li><a href="#delete_user"><?php echo _("Delete User"); ?></a></li>
221:     <li><a href="#delete_inactive"><?php echo _("Delete Inactive Users"); ?></a></li>
222:     <li><a href="#ban_user"><?php echo _("Ban User"); ?></a></li>
223:     <li><a href="#banned_user"><?php echo _("Banned Users Table"); ?></a></li>
224:     <li><a href="#repeal_ban"><?php echo _("Repeal the ban of a username"); ?></a></li>
225:     <li><a href="#delete_records"><?php echo _("Delete records of a user"); ?></a></li>
226:   </ul>
227: </nav>
228: <table class='usertable'>
229:   <tr>
230:     <td>
231: <?php
232: /**
233:  * Display Users Table
234:  */
235: ?>
236:       <a id="user_table"><br></a>
237:       <h3 style="text-align: center;"><?php echo _("Users Table Contents:"); ?></h3>
238:     </td>
239:   </tr>
240:   <tr>
241:     <td>
242: <?php
243:     echo $user_table;
244: ?>
245:     </td>
246:   </tr>
247:   <tr>
248:     <td>
249:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
250:     </td>
251:   </tr>
252:   <tr>
253:     <td><hr>
254:     </td>
255:   </tr>
256:   <tr>
257:     <td>
258: <?php
259: /**
260:  * Update User Level
261:  */
262: ?>
263:       <a id="user_level"></a>
264:       <h3><?php echo _("Change the userlevel"); ?></h3>
265:       <?php echo $form->error("upduser"); ?>
266:       <form action="include/classes/login/adminprocess.php" method="POST">
267:         <table>
268:           <tr>
269:             <td>
270:               <?php echo _("Username:"); ?><br>
271:               <input type="text" name="upduser" maxlength="30" value="<?php echo $form->value("upduser"); ?>">
272:             </td>
273:             <td>
274:               <?php echo _("State:"); ?><br>
275:               <select name="updlevel">
276:                 <option value="1"><?php echo _("Normal User"); ?></option>
277:                 <option value="6"><?php echo _("Editor"); ?></option>
278:                 <option value="9"><?php echo _("Administrator"); ?></option>
279:               </select>
280:             </td>
281:             <td>
282:               <br>
283:               <input type="hidden" name="subupdlevel" value="1">
284:               <input type="submit" value=" <?php echo _("Change userlevel"); ?> ">
285:             </td>
286:           </tr>
287:         </table>
288:       </form>
289:     </td>
290:   </tr>
291:   <tr>
292:     <td>
293:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
294:     </td>
295:   </tr>
296:   <tr>
297:     <td><hr>
298:     </td>
299:   </tr>
300:   <tr>
301:     <td>
302: <?php
303: /**
304:  * Delete User
305:  */
306: ?>
307:       <a id="delete_user"></a>
308:       <h3><?php echo _("Delete User"); ?></h3>
309:       <?php echo $form->error("deluser"); ?>
310:       <form action="include/classes/login/adminprocess.php" method="POST">
311:         <?php echo _("Username:"); ?><br>
312:         <input type="text" name="deluser" maxlength="30" value="<?php echo $form->value("deluser"); ?>">
313:         <input type="hidden" name="subdeluser" value="1">
314:         <input type="submit" value=" Benutzer löschen ">
315:       </form>
316:     </td>
317:   </tr>
318:   <tr>
319:     <td>
320:       <span class='error_message'><?php echo _("Warning!"); ?></span> &nbsp;<?php echo _("It will also delete all repertorizations from the deleted user."); ?><br>
321:       <?php echo _("If the user has made changes in the database, maintained them and the user will be banned, so that no one can register with the same username and change data."); ?><br>
322:       <?php echo _("The ban may be lifted by administrators."); ?>
323:     </td>
324:   </tr>
325:   <tr>
326:     <td>
327:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
328:     </td>
329:   </tr>
330:   <tr>
331:     <td><hr>
332:     </td>
333:   </tr>
334:   <tr>
335:     <td>
336: <?php
337: /**
338:  * Delete Inactive Users
339:  */
340: ?>
341:       <a id="delete_inactive"></a>
342:       <h3><?php echo _("Delete Inactive Users"); ?></h3>
343:       <p><?php echo _("This will delete all users (not administrators), who have not logged in to the site within a certain time period. You specify the days spent inactive."); ?></p>
344:       <form action="include/classes/login/adminprocess.php" method="POST">
345:         <table>
346:           <tr>
347:             <td>
348:               <?php echo _("Days:"); ?><br>
349:               <select name="inactdays">
350:                 <option value="30">30</option>
351:                 <option value="60">60</option>
352:                 <option value="90">90</option>
353:                 <option value="180">180</option>
354:                 <option value="365" selected="selected">365</option>
355:                 <option value="730">730</option>
356:               </select>
357:             </td>
358:             <td>
359:               <br>
360:               <input type="hidden" name="subdelinact" value="1">
361:               <input type="submit" value=" <?php echo _("Delete all inactive"); ?> ">
362:             </td>
363:           </table>
364:         </form>
365:     </td>
366:   </tr>
367:   <tr>
368:     <td>
369:       <span class='error_message'><?php echo _("Warning!"); ?></span> &nbsp;<?php echo _("It will also delete all repertorizations of the deleted users."); ?><br>
370:       <?php echo _("If the users hade made changes in the database, maintained them and the user will be banned, so that no one can register with the same username and change data."); ?><br>
371:       <?php echo _("The ban may be lifted by administrators."); ?>
372:     </td>
373:   </tr>
374:   <tr>
375:     <td>
376:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
377:     </td>
378:   </tr>
379:   <tr>
380:     <td><hr>
381:     </td>
382:   </tr>
383:   <tr>
384:     <td>
385: <?php
386: /**
387:  * Ban User
388:  */
389: ?>
390:       <a id="ban_user"></a>
391:       <h3><?php echo _("Ban User"); ?></h3>
392:       <?php echo $form->error("banuser"); ?>
393:       <form action="include/classes/login/adminprocess.php" method="POST">
394:         <?php echo _("Username:"); ?><br>
395:         <input type="text" name="banuser" maxlength="30" value="<?php echo $form->value("banuser"); ?>">
396:         <input type="hidden" name="subbanuser" value="1">
397:         <input type="submit" value=" <?php echo _("Ban User"); ?> ">
398:       </form>
399:     </td>
400:   </tr>
401:   <tr>
402:     <td>
403:       <span class='error_message'><?php echo _("Warning!"); ?></span> &nbsp;<?php echo _("It will also delete all repertorizations of the deleted user."); ?><br>
404:     </td>
405:   </tr>
406:   <tr>
407:     <td>
408:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
409:     </td>
410:   </tr>
411:   <tr>
412:     <td><hr>
413:     </td>
414:   </tr>
415:   <tr>
416:     <td>
417: <?php
418: /**
419:  * Display Banned Users Table
420:  */
421: ?>
422:       <a id="banned_user"></a>
423:       <h3><?php echo _("Banned Users Table Contents:"); ?></h3>
424:     </td>
425:   </tr>
426:   <tr>
427:     <td>
428: <?php
429:     echo displayBannedUsers();
430: ?>
431:     </td>
432:   </tr>
433:   <tr>
434:     <td>
435:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
436:     </td>
437:   </tr>
438:   <tr>
439:     <td><hr>
440:     </td>
441:   </tr>
442:   <tr>
443:     <td>
444: <?php
445: /**
446:  * Delete Banned User
447:  */
448: ?>
449:       <a id="repeal_ban"></a>
450:       <h3><?php echo _("Repeal the ban of a username"); ?></h3>
451:       <?php echo $form->error("delbanuser"); ?>
452:       <form action="include/classes/login/adminprocess.php" method="POST">
453:         Benutzername:<br>
454:         <input type="text" name="delbanuser" maxlength="30" value="<?php echo $form->value("delbanuser"); ?>">
455:         <input type="hidden" name="subdelbanned" value="1">
456:         <input type="submit" value=" <?php echo _("Repeal ban"); ?> ">
457:       </form>
458:     </td>
459:   </tr>
460:   <tr>
461:     <td>
462:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
463:     </td>
464:   </tr>
465:   <tr>
466:     <td><hr>
467:     </td>
468:   </tr>
469:   <tr>
470:     <td>
471: <?php
472: /**
473:  * Delete User Data
474:  */
475: ?>
476:       <a id="delete_records"></a>
477:       <h3><?php echo _("Delete records of a user"); ?></h3>
478:       <p><?php echo _("Here you can, for example with vandalism, delete the database entries for a user. In the tables <strong> Materia Medica </strong> and <strong> symptom-remedy-relations </strong> will delete all messages while the user in the tables <strong>symptoms</strong>, <strong>main rubrics</strong>, <strong>remedies</strong>, <strong>source</strong> and <strong>languages</strong> Only the entries to which no records of other users reference."); ?></p>
479:       <?php echo $form->error("deluserdata"); ?>
480:       <form action="include/classes/login/adminprocess.php" method="POST">
481:         <?php echo _("User, whose records should be deleted:"); ?><br>
482:         <input type="text" name="deluserdata" maxlength="30" value="<?php echo $form->value("deluserdata"); ?>">
483:         <input type="hidden" name="subdeluserdata" value="1">
484:         <input type="submit" value=" <?php echo _("Deleting Data"); ?> ">
485:       </form>
486:     </td>
487:   </tr>
488:   <tr>
489:     <td>
490:       <span class='error_message'><?php echo _("Warning!"); ?></span> &nbsp;<?php echo _("You cannot undo changes."); ?><br>
491:     </td>
492:   </tr>
493:   <tr>
494:     <td>
495:       <span class="rightFlow"><a href="#up" title="<?php echo _("To the top of the page"); ?>"><img src="<?php echo(ARROW_UP_ICON);?>" alt="<?php echo _("To the top of the page"); ?>"></a></span>
496:     </td>
497:   </tr>
498: </table>
499: <div class="clear"></div>
500: <?php
501:     include("skins/$skin/footer.php");
502: }
503: ?>
504:
OpenHomeopath PHP code documentation API documentation generated by ApiGen 2.8.0