%PDF-
%PDF-
Mini Shell
Mini Shell
<?php
require_once '../config/config.php';
$page = new Page('admin', true);
$page->assign('content', user());
$page->display('admin/page.tpl.html');
////////////////////////////////////////////////////////////////////////////////
function user()
{
$c = new Content;
$v = new Inputvalidator;
$db = Registry::get('db');
$table = 'user';
$uid = $_SESSION['admin']['user_id'];
$c->assign('uid', $uid);
if(isset($_GET['delete']) && $_GET['delete'] != '1') $db->delete($_GET['delete'], $table);
if(isset($_GET['edit']))
{
if($_GET['edit'] == '1' && $uid != 1)
{
header("Location: ".$_SERVER['PHP_SELF']);
die;
}
$c->assign('edit', $db->select($_GET['edit'], $table));
}
if(!empty($_POST['torol'])) $db->deleteMultiple($_POST['torol'], $table);
if($_POST && empty($_POST['torol']))
{
$rec = validate($_POST, $v, $db);
if($v->isError)
{
$c->assign('error', $v->printError());
$c->assign('edit', $rec);
$_GET['add'] = 1;
if(empty($_POST['funkcio']))
{
$_POST['funkcio'] = array();
}
$c->assign('jogok', array_keys($_POST['funkcio']));
}
else
{
if(empty($_POST['id']))
{
$rec['id'] = $db->GenID('_' . $table . '_id');
$db->insert($rec, $table);
}
else
{
$rec['id'] = $_POST['id'];
$db->update($rec, $table);
}
if(!isset($_POST['funkcio'])) $_POST['funkcio'] = array();
updateJog($rec['id'], $_POST['funkcio'], $db);
header("Location: ".$_SERVER['PHP_SELF']."?ok");
die;
}
}
if(!isset($_GET['add']))
{
userList($c, $db, $table);
}
else
{
if(isset($_GET['edit']))
{
$sql = "SELECT funkcio_id
FROM user_funkcio
WHERE user_id = ".$_GET['edit'];
$jogok = $db->GetCol($sql);
$c->assign('jogok', $jogok);
}
if($uid == 1)
{
$sql = "SELECT f.id, f.nev, f.hidden
FROM funkcio f
WHERE f.storno = 'f'
ORDER BY f.sorrend";
}
else
{
$sql = "SELECT f.id, f.nev, f.hidden
FROM funkcio f
LEFT JOIN user_funkcio uf ON uf.funkcio_id = f.id
WHERE f.storno = 'f'
AND uf.user_id = ".$uid."
ORDER BY f.sorrend";
}
$r = $db->Execute($sql);
$funkciok = $r->GetArray();
$c->assign('funkciok', $funkciok);
}
return $c->fetch('admin/user.tpl.html');
}
function userList($c, $db, $table)
{
$sql = "SELECT id, nev, login
FROM $table
WHERE storno = 'f'
ORDER BY nev";
$r = $db->Execute($sql);
$user = $r->GetArray();
$c->assign('user', $user);
$c->assign('table', $table);
}
function validate($rec, $v, $db)
{
$msg = array('Login nevet kötelező megadni!');
$rec['login'] = $v->v($rec['login'], 'required, stripHtml', $msg);
$sql = "SELECT id
FROM user
WHERE login = '".$rec['login']."'
AND storno = 'f'";
if(!empty($_POST['id']))
{
$sql .= " AND id != ".$_POST['id'];
}
$row = $db->GetRow($sql);
if(!empty($row['id']))
{
$v->addError('Ez a login név foglalt, válasszon másikat.');
}
if(!empty($_POST['pass']) && $_POST['pass'] != $_POST['pass2'])
{
$v->addError('A két jelszó nem egyezik.');
}
else if(empty($_POST['id']) && empty($_POST['pass']))
{
$v->addError('Jelszót kötelező megadni.');
}
else if(!empty($_POST['pass']))
{
$rec['pass'] = md5($_POST['pass']);
}
else
{
unset($rec['pass']);
unset($rec['pass2']);
}
return $rec;
}
function updateJog($user, $arr, $db)
{
$sql = "DELETE FROM user_funkcio
WHERE user_id = ".$user;
$db->query($sql);
if(!empty($arr))
{
$sql = "INSERT INTO user_funkcio(user_id, funkcio_id) VALUES ";
$i = 0;
$n = count($arr);
foreach($arr as $key => $val)
{
$sql .= "(".$user.", ".$key.")";
$sql .= ($i == $n - 1) ? ';' : ', ';
$i++;
}
$db->query($sql);
}
}
?>
Zerion Mini Shell 1.0