diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-14 15:46:53 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-10-14 15:46:53 +0000 |
| commit | 4aeb685d3cba6c46642d2ba6105b706434fcee49 (patch) | |
| tree | da3a9fb6736dfb939f2f0bcd989d13e68bf9b4db /phpBB/admin/admin_userauth.php | |
| parent | e31466a42f03d25d7a9e650f6e0b88b1ff0bb6c3 (diff) | |
| download | forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.gz forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.bz2 forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.tar.xz forums-4aeb685d3cba6c46642d2ba6105b706434fcee49.zip | |
Various updates, cleanups and support for URI based sessions ... more to come at some point
git-svn-id: file:///svn/phpbb/trunk@1179 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin/admin_userauth.php')
| -rw-r--r-- | phpBB/admin/admin_userauth.php | 127 |
1 files changed, 60 insertions, 67 deletions
diff --git a/phpBB/admin/admin_userauth.php b/phpBB/admin/admin_userauth.php index f34676ec6a..91edebb6f0 100644 --- a/phpBB/admin/admin_userauth.php +++ b/phpBB/admin/admin_userauth.php @@ -28,30 +28,23 @@ if($setmodules == 1) return; } -$phpbb_root_path = "./../"; -include($phpbb_root_path . 'extension.inc'); -include($phpbb_root_path . 'common.'.$phpEx); - -// -// Start session management -// -$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -init_userprefs($userdata); // -// End session management +// Load default header // +$phpbb_root_dir = "./../"; +$no_page_header = TRUE; +require('pagestart.inc'); -// -// Is user logged in? If yes are they an admin? -// -if( !$userdata['session_logged_in'] ) + +if( isset($HTTP_POST_VARS[POST_USERS_URL]) || isset($HTTP_GET_VARS[POST_USERS_URL]) ) { - header("Location: ../login.$phpEx?forward_page=admin/"); + $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL]; } -else if( $userdata['user_level'] != ADMIN ) +else { - message_die(GENERAL_MESSAGE, $lang['Not_admin']); + $user_id = ""; } + // // Start program - define vars @@ -130,8 +123,8 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin) // if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) { - $user_id = $HTTP_POST_VARS[POST_USERS_URL]; - $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE; + $user_id = intval($HTTP_POST_VARS[POST_USERS_URL]); + $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : 0; // // This is where things become fun ... @@ -223,7 +216,6 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) } header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id")); - } else { @@ -583,58 +575,19 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL])) } } } -else if(empty($HTTP_GET_VARS[POST_USERS_URL])) +else if( isset($HTTP_POST_VARS['username']) || $user_id) { - // - // Default user selection box - // - // This should be altered on the final system - // - - $sql = "SELECT user_id, username - FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS; - $u_result = $db->sql_query($sql); - $user_list = $db->sql_fetchrowset($u_result); - $select_list = "<select name=\"" . POST_USERS_URL . "\">"; - for($i = 0; $i < count($user_list); $i++) + if( isset($HTTP_POST_VARS['username']) ) { - $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; + $this_userdata = get_userdata($HTTP_POST_VARS['username']); + $user_id = $this_userdata['user_id']; } - $select_list .= "</select>"; - - include('page_header_admin.'.$phpEx); - $template->set_filenames(array( - "body" => "admin/auth_select_body.tpl") - ); - - $template->assign_vars(array( - "L_AUTH_TITLE" => $lang['User'] . " " . $lang['Auth_Control'], - "L_AUTH_EXPLAIN" => $lang['User_auth_explain'], - "L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['User'], - "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'], - - "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), - "S_AUTH_SELECT" => $select_list) - ); - -} -else -{ // // Front end // - $user_id = $HTTP_GET_VARS[POST_USERS_URL]; - if( isset($HTTP_GET_VARS['adv']) ) - { - $adv = $HTTP_GET_VARS['adv']; - } - else - { - $adv = FALSE; - } + $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0; include('page_header_admin.'.$phpEx); @@ -948,8 +901,8 @@ else } } - $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv="); - $switch_mode .= ( empty($adv) ) ? "1" : "0"; + $adv_switch = ( empty($adv) ) ? 1 : 0; + $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=$adv_switch"); $switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode']; $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>'; @@ -972,11 +925,51 @@ else "U_SWITCH_MODE" => $u_switch_mode, "S_COLUMN_SPAN" => $s_column_span, - "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), + "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); } +else +{ + // + // Default user selection box + // + // This should be altered on the final system + // + + $sql = "SELECT user_id, username + FROM " . USERS_TABLE . " + WHERE user_id <> " . ANONYMOUS; + $u_result = $db->sql_query($sql); + $user_list = $db->sql_fetchrowset($u_result); + + $select_list = "<select name=\"" . POST_USERS_URL . "\">"; + for($i = 0; $i < count($user_list); $i++) + { + $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>"; + } + $select_list .= "</select>"; + + include('page_header_admin.'.$phpEx); + + $template->set_filenames(array( + "body" => "admin/user_select_body.tpl") + ); + + $template->assign_vars(array( + "L_USER_TITLE" => $lang['User'] . " " . $lang['Auth_Control'], + "L_USER_EXPLAIN" => $lang['User_auth_explain'], + "L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'], + "L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'], + "L_FIND_USERNAME" => $lang['Find_username'], + + "U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"), + + "S_USER_ACTION" => append_sid("admin_userauth.$phpEx")) + ); + +} $template->pparse("body"); |