|
|
@@ -35,7 +35,7 @@
|
|
|
$text = $language->get();
|
|
|
|
|
|
//get user uuid
|
|
|
- if ((is_uuid($_REQUEST["id"]) && permission_exists('user_edit')) || (is_uuid($_REQUEST["id"]) && $_REQUEST["id"] == $_SESSION['user_uuid'])) {
|
|
|
+ if ((is_uuid($_REQUEST["id"]) && permission_exists('user_edit')) || (is_uuid($_REQUEST["id"]) && $_REQUEST["id"] == $_SESSION['user_uuid'])) {
|
|
|
$user_uuid = $_REQUEST["id"];
|
|
|
$action = 'edit';
|
|
|
}
|
|
|
@@ -98,7 +98,7 @@
|
|
|
|
|
|
//redirect the user
|
|
|
message::add($text['message-update']);
|
|
|
- header("Location: user_edit.php?id=".$user_uuid);
|
|
|
+ header("Location: user_edit.php?id=".urlencode($user_uuid));
|
|
|
exit;
|
|
|
}
|
|
|
|
|
|
@@ -144,10 +144,8 @@
|
|
|
if ($username == '') {
|
|
|
message::add($text['message-required'].$text['label-username'], 'negative', 7500);
|
|
|
}
|
|
|
- if (
|
|
|
- (permission_exists('user_edit') && $action == 'edit' && $username != $username_old && $username != '') ||
|
|
|
- (permission_exists('user_add') && $action == 'add' && $username != '')
|
|
|
- ) {
|
|
|
+ if ((permission_exists('user_edit') && $action == 'edit' && $username != $username_old && $username != '') ||
|
|
|
+ (permission_exists('user_add') && $action == 'add' && $username != '')) {
|
|
|
$sql = "select count(*) from v_users where username = :username ";
|
|
|
if ($_SESSION["users"]["unique"]["text"] != "global") {
|
|
|
$sql .= "and domain_uuid = :domain_uuid ";
|
|
|
@@ -206,7 +204,6 @@
|
|
|
|
|
|
//return if error
|
|
|
if (message::count() != 0) {
|
|
|
- $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user'] = $_POST;
|
|
|
header("Location: user_edit.php".(permission_exists('user_edit') && $action != 'add' ? "?id=".urlencode($user_uuid) : null));
|
|
|
exit;
|
|
|
}
|
|
|
@@ -541,84 +538,59 @@
|
|
|
else {
|
|
|
message::add($text['message-add'],'positive');
|
|
|
}
|
|
|
- header("Location: user_edit.php?id=".$user_uuid);
|
|
|
+ header("Location: user_edit.php?id=".urldecode($user_uuid));
|
|
|
exit;
|
|
|
}
|
|
|
|
|
|
-//populate the form with values from session variable
|
|
|
- if (is_array($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) && sizeof($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) != 0) {
|
|
|
- $domain_uuid = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["domain_uuid"];
|
|
|
- $username = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["username"];
|
|
|
- $password = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["password"];
|
|
|
- $password_confirm = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["password_confirm"];
|
|
|
- $api_key = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["api_key"];
|
|
|
- $user_enabled = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["user_enabled"];
|
|
|
- $contact_uuid = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["contact_uuid"];
|
|
|
- $user_status = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["user_status"];
|
|
|
- $password_confirm = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['password_confirm'];
|
|
|
- $user_settings['domain']['language']['code'] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_language'];
|
|
|
- $user_settings['domain']['time_zone']['name'] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_time_zone'];
|
|
|
- $user_email = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_email'];
|
|
|
- $contact_name_given = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_given'];
|
|
|
- $contact_name_family = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_family'];
|
|
|
- $contact_organization = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_organization'];
|
|
|
- $group_uuid_name = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['group_uuid_name'];
|
|
|
- $user_settings["message"]["key"]["text"] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['message_key'];
|
|
|
-
|
|
|
- $unsaved = true;
|
|
|
- unset($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']);
|
|
|
- }
|
|
|
- else {
|
|
|
- //populate the form with values from db
|
|
|
- if ($action == 'edit') {
|
|
|
- $sql = "select * from v_users where user_uuid = :user_uuid ";
|
|
|
- if (!permission_exists('user_all')) {
|
|
|
- $sql .= "and domain_uuid = :domain_uuid ";
|
|
|
- $parameters['domain_uuid'] = $domain_uuid;
|
|
|
- }
|
|
|
- $parameters['user_uuid'] = $user_uuid;
|
|
|
- $database = new database;
|
|
|
- $row = $database->select($sql, $parameters, 'row');
|
|
|
- if (is_array($row) && sizeof($row) > 0) {
|
|
|
- $domain_uuid = $row["domain_uuid"];
|
|
|
- $user_uuid = $row["user_uuid"];
|
|
|
- $username = $row["username"];
|
|
|
- $user_email = $row["user_email"];
|
|
|
- $api_key = $row["api_key"];
|
|
|
- $user_enabled = $row["user_enabled"];
|
|
|
- $contact_uuid = $row["contact_uuid"];
|
|
|
- $user_status = $row["user_status"];
|
|
|
- }
|
|
|
- else {
|
|
|
- message::add($text['message-invalid_user'], 'negative', 7500);
|
|
|
- header("Location: user_edit.php?id=".$_SESSION['user_uuid']);
|
|
|
- exit;
|
|
|
- }
|
|
|
- unset($sql, $parameters, $row);
|
|
|
+//populate the form with values from db
|
|
|
+ if ($action == 'edit') {
|
|
|
+ $sql = "select * from v_users where user_uuid = :user_uuid ";
|
|
|
+ if (!permission_exists('user_all')) {
|
|
|
+ $sql .= "and domain_uuid = :domain_uuid ";
|
|
|
+ $parameters['domain_uuid'] = $domain_uuid;
|
|
|
+ }
|
|
|
+ $parameters['user_uuid'] = $user_uuid;
|
|
|
+ $database = new database;
|
|
|
+ $row = $database->select($sql, $parameters, 'row');
|
|
|
+ if (is_array($row) && sizeof($row) > 0) {
|
|
|
+ $domain_uuid = $row["domain_uuid"];
|
|
|
+ $user_uuid = $row["user_uuid"];
|
|
|
+ $username = $row["username"];
|
|
|
+ $user_email = $row["user_email"];
|
|
|
+ $api_key = $row["api_key"];
|
|
|
+ $user_enabled = $row["user_enabled"];
|
|
|
+ $contact_uuid = $row["contact_uuid"];
|
|
|
+ $user_status = $row["user_status"];
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ message::add($text['message-invalid_user'], 'negative', 7500);
|
|
|
+ header("Location: user_edit.php?id=".$_SESSION['user_uuid']);
|
|
|
+ exit;
|
|
|
+ }
|
|
|
+ unset($sql, $parameters, $row);
|
|
|
|
|
|
- //get user settings
|
|
|
- $sql = "select * from v_user_settings ";
|
|
|
- $sql .= "where user_uuid = :user_uuid ";
|
|
|
- $sql .= "and user_setting_enabled = 'true' ";
|
|
|
- $parameters['user_uuid'] = $user_uuid;
|
|
|
- $database = new database;
|
|
|
- $result = $database->select($sql, $parameters, 'all');
|
|
|
- if (is_array($result)) {
|
|
|
- foreach($result as $row) {
|
|
|
- $name = $row['user_setting_name'];
|
|
|
- $category = $row['user_setting_category'];
|
|
|
- $subcategory = $row['user_setting_subcategory'];
|
|
|
- if (strlen($subcategory) == 0) {
|
|
|
- //$$category[$name] = $row['domain_setting_value'];
|
|
|
- $user_settings[$category][$name] = $row['user_setting_value'];
|
|
|
- }
|
|
|
- else {
|
|
|
- $user_settings[$category][$subcategory][$name] = $row['user_setting_value'];
|
|
|
- }
|
|
|
+ //get user settings
|
|
|
+ $sql = "select * from v_user_settings ";
|
|
|
+ $sql .= "where user_uuid = :user_uuid ";
|
|
|
+ $sql .= "and user_setting_enabled = 'true' ";
|
|
|
+ $parameters['user_uuid'] = $user_uuid;
|
|
|
+ $database = new database;
|
|
|
+ $result = $database->select($sql, $parameters, 'all');
|
|
|
+ if (is_array($result)) {
|
|
|
+ foreach($result as $row) {
|
|
|
+ $name = $row['user_setting_name'];
|
|
|
+ $category = $row['user_setting_category'];
|
|
|
+ $subcategory = $row['user_setting_subcategory'];
|
|
|
+ if (strlen($subcategory) == 0) {
|
|
|
+ //$$category[$name] = $row['domain_setting_value'];
|
|
|
+ $user_settings[$category][$name] = $row['user_setting_value'];
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ $user_settings[$category][$subcategory][$name] = $row['user_setting_value'];
|
|
|
}
|
|
|
}
|
|
|
- unset($sql, $parameters, $result, $row);
|
|
|
}
|
|
|
+ unset($sql, $parameters, $result, $row);
|
|
|
}
|
|
|
|
|
|
//include the header
|
|
|
@@ -1063,4 +1035,4 @@
|
|
|
//include the footer
|
|
|
require_once "resources/footer.php";
|
|
|
|
|
|
-?>
|
|
|
+?>
|
FusionPBX