2007-11-16 06:30:42 +00:00
< ?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website : http :// www . sfiab . ca
Copyright ( C ) 2005 Sci - Tech Ontario Inc < info @ scitechontario . org >
Copyright ( C ) 2005 James Grant < james @ lightbox . org >
Copyright ( C ) 2007 David Grant < dave @ lightbox . org >
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation , version 2.
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; see the file COPYING . If not , write to
the Free Software Foundation , Inc . , 59 Temple Place - Suite 330 ,
Boston , MA 02111 - 1307 , USA .
*/
?>
< ?
require_once ( " common.inc.php " );
require_once ( " user.inc.php " );
2007-11-17 21:59:59 +00:00
require_once ( " committee.inc.php " );
2007-11-16 06:30:42 +00:00
if ( ! isset ( $_SESSION [ 'users_type' ])) {
/* No type set, invalid session */
echo " ERROR: session is invalid " ;
exit ;
}
2007-11-17 21:59:59 +00:00
/* See if there is an edit request */
$eid = intval ( $_GET [ 'edit' ]);
if ( $eid != 0 ) {
/* There is an edit request , the user must be :
* - on the committee
* - with admin access */
user_auth_required ( 'committee' , 'admin' );
$u = user_load ( $eid , true );
} else {
/* Else, force them to edit themselves */
$eid = false ;
$u = user_load ( $_SESSION [ 'users_id' ], true );
}
2007-11-16 06:30:42 +00:00
/* Load the fields the user can edit, and theones that are required */
$fields = array ();
$required = array ();
foreach ( $u [ 'types' ] as $t ) {
2007-11-26 02:28:45 +00:00
$fields = array_merge ( $fields ,
2007-11-16 06:30:42 +00:00
user_personal_fields ( $t ));
2007-11-26 02:28:45 +00:00
$required = array_merge ( $required ,
2007-11-16 06:30:42 +00:00
user_personal_required_fields ( $t ));
}
2007-11-17 21:59:59 +00:00
if ( committee_auth_has_access ( 'super' )) {
2007-11-26 02:28:45 +00:00
/* If the editer is super, let them see/edit/save the user/pass */
$fields [] = 'username' ;
2007-11-17 21:59:59 +00:00
$fields [] = 'password' ;
}
2007-11-16 06:30:42 +00:00
if ( $_POST [ 'action' ] == " save " )
{
/* Set values */
foreach ( $fields as $f ) {
$u [ $f ] = mysql_escape_string ( stripslashes ( $_POST [ $f ]));
}
2007-11-17 21:59:59 +00:00
if ( in_array ( 'committee' , $u [ 'types' ])) {
/* Trying to save a committee member eh ? Well , we established above
* that we ' re allowed to be here , so go ahead and save it */
$u [ 'displayemail' ] = ( $_POST [ 'displayemail' ] == 'yes' ) ? 'yes' : 'no' ;
$u [ 'emailprivate' ] = mysql_escape_string ( stripslashes ( $_POST [ 'emailprivate' ]));
if ( committee_auth_has_access ( 'super' )) {
/* But only superusers can save these ones */
$u [ 'access_admin' ] = ( $_POST [ 'access_admin' ] == 'yes' ) ? 'yes' : 'no' ;
$u [ 'access_config' ] = ( $_POST [ 'access_config' ] == 'yes' ) ? 'yes' : 'no' ;
$u [ 'access_super' ] = ( $_POST [ 'access_super' ] == 'yes' ) ? 'yes' : 'no' ;
}
}
/* Check for an email collision */
$em = mysql_escape_string ( stripslashes ( $_POST [ 'email' ]));
2007-11-19 06:45:25 +00:00
$q = mysql_query ( " SELECT id FROM users WHERE email=' $em ' AND id!=' { $u [ 'id' ] } ' " );
2007-11-17 21:59:59 +00:00
if ( mysql_num_rows ( $q ) > 0 ) {
$notice = 'email_exists' ;
} else {
user_save ( $u );
if ( $_SESSION [ 'last_page' ] == 'committee_management' ) {
header ( " location: { $config [ 'SFIABDIRECTORY' ] } /admin/committees.php " );
exit ;
}
$notice = 'success' ;
}
2007-11-16 06:30:42 +00:00
}
2007-11-17 21:59:59 +00:00
//send the header
if ( $eid == false ) {
$type = $_SESSION [ 'users_type' ];
send_header ( " { $user_what [ $type ] } - Personal Information " ,
array ( " { $user_what [ $type ] } Registration " => " { $type } _main.php " )
);
} else {
if ( $_SESSION [ 'last_page' ] == 'committee_management' ) {
send_header ( " Personal Information for { $u [ 'firstname' ] } { $u [ 'lastname' ] } " ,
array ( 'Committee Main' => 'committee_main.php' ,
'Administration' => 'admin/index.php' ,
'Committee Management' => 'admin/committees.php' )
);
} else {
send_header ( " Personal Information for { $u [ 'firstname' ] } { $u [ 'lastname' ] } " ,
array ( " Committee Main " => " committee_main.php " )
);
}
}
switch ( $notice ) {
case 'success' :
echo notice ( i18n ( " %1 %2 successfully updated " , array ( $_POST [ 'firstname' ], $_POST [ 'lastname' ])));
break ;
case 'email_exists' :
2007-11-19 21:52:56 +00:00
echo error ( i18n ( " That email address is in use by another user " ));
2007-11-17 21:59:59 +00:00
break ;
}
2007-11-16 06:30:42 +00:00
2007-11-17 21:59:59 +00:00
if ( $eid == false ) {
//output the current status
$newstatus = user_personal_info_status ( $u );
if ( $newstatus != 'complete' )
echo error ( i18n ( " Personal Information Incomplete " ));
else
echo happy ( i18n ( " Personal Information Complete " ));
2007-11-16 06:30:42 +00:00
}
2007-11-17 21:59:59 +00:00
if ( count ( $u [ 'types' ]) > 1 ) {
$roles = '' ;
foreach ( $u [ 'types' ] as $t ) {
$roles .= (( $roles == '' ) ? '' : ', ' ) . i18n ( $user_what [ $t ]);
}
echo notice ( i18n ( 'This user has multiple roles, the fields shown below are a combination of every role. Some may not apply to some roles. This user has the following roles:' ) . ' ' . $roles );
2007-11-16 06:30:42 +00:00
}
function item ( $user , $text , $fname )
{
global $fields , $required ;
if ( in_array ( $fname , $fields )) {
2007-11-26 02:28:45 +00:00
echo '<td>' . i18n ( $text ) . ': </td>' ;
2007-11-16 06:30:42 +00:00
echo " <td><input onchange= \" fieldChanged() \" type= \" text \" name= \" $fname\ " value = \ " { $user [ $fname ] } \" /> " ;
if ( in_array ( $fname , $required )) echo REQUIREDFIELD ;
echo '</td>' ;
} else {
echo '<td></td><td></td>' ;
}
}
2007-11-17 21:59:59 +00:00
$eidstr = '' ;
if ( $eid != false ) {
$eidstr = " ?edit= $eid " ;
}
echo " <form name= \" personalform \" method= \" post \" action= \" user_personal.php $eidstr\ " > \n " ;
2007-11-16 06:30:42 +00:00
echo " <input type= \" hidden \" name= \" action \" value= \" save \" /> \n " ;
echo " <table> \n " ;
echo " <tr> \n " ;
item ( $u , " First Name " , 'firstname' );
item ( $u , " Last Name " , 'lastname' );
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " Email Address " , 'email' );
2007-11-26 02:28:45 +00:00
echo '<td></td><td></td>' ;
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " Username " , 'username' );
2007-11-17 21:59:59 +00:00
item ( $u , " Password " , 'password' );
2007-11-16 06:30:42 +00:00
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " Address 1 " , 'address' );
item ( $u , " Address 2 " , 'address2' );
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " City " , 'city' );
if ( in_array ( 'province' , $fields )) {
2007-11-26 02:28:45 +00:00
echo '<td>' . i18n ( 'Province' ) . ': </td>' ;
2007-11-16 06:30:42 +00:00
echo '<td>' ;
emit_province_selector ( " province " , $judgeinfo -> province , " onchange= \" fieldChanged() \" " );
if ( in_array ( 'province' , $required )) echo REQUIREDFIELD ;
echo '</td>' ;
} else {
echo '<td></td><td></td>' ;
}
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " Postal Code " , 'postalcode' );
echo " <td></td><td></td> " ;
echo " </tr> \n " ;
echo " <tr> " ;
item ( $u , " Phone (Home) " , 'phonehome' );
item ( $u , " Phone (Cell) " , 'phonecell' );
echo " </tr> \n " ;
echo " <tr> \n " ;
item ( $u , " Organization " , 'organization' );
item ( $u , " Phone (Work) " , 'phonework' );
echo " </tr> " ;
echo " <tr> \n " ;
item ( $u , " Fax " , 'fax' );
echo '<td></td><td></td>' ;
echo " </tr> " ;
echo " <tr><td colspan= \" 4 \" ><hr /></td></tr> " ;
echo " </table> " ;
2007-11-17 21:59:59 +00:00
/* Committee specific fields */
if ( in_array ( 'committee' , $u [ 'types' ])) {
2007-11-26 02:28:45 +00:00
echo " <table> " ;
2007-11-17 21:59:59 +00:00
echo " <tr><td> " . i18n ( " Email (Private) " ) . " :</td><td><input size= \" 25 \" type= \" text \" name= \" emailprivate \" value= \" { $u [ 'emailprivate' ] } \" /></td></tr> \n " ;
echo " <tr><td> " . i18n ( " Display Emails " ) . " :</td><td> " ;
if ( $u [ 'displayemail' ] == " no " ) $checked = " checked= \" checked \" " ; else $checked = " " ;
echo " <input type= \" radio \" name= \" displayemail \" value= \" no \" $checked /> " . i18n ( " No " );
echo " " ;
if ( $u [ 'displayemail' ] == " yes " ) $checked = " checked= \" checked \" " ; else $checked = " " ;
echo " <input type= \" radio \" name= \" displayemail \" value= \" yes \" $checked /> " . i18n ( " Yes " );
if ( committee_auth_has_access ( " super " ))
{
/* If the user is a committee member , only print these fields
* if the editer has super access */
echo " <tr><td align= \" center \" colspan= \" 2 \" ><hr /></td></tr> " ;
echo " <tr><td> " . i18n ( " Access Controls " ) . " :</td><td> " ;
$ch = ( $u [ 'access_admin' ] == " yes " ) ? 'checked="checked"' : '' ;
echo " <input type= \" checkbox \" name= \" access_admin \" value= \" yes \" $ch /> " . i18n ( " Administration " ) . " <br /> " ;
$ch = ( $u [ 'access_config' ] == " yes " ) ? 'checked="checked"' : '' ;
echo " <input type= \" checkbox \" name= \" access_config \" value= \" yes \" $ch /> " . i18n ( " Configuration " ) . " <br /> " ;
$ch = ( $u [ 'access_super' ] == " yes " ) ? 'checked="checked"' : '' ;
echo " <input type= \" checkbox \" name= \" access_super \" value= \" yes \" $ch /> " . i18n ( " Superuser " ) . " <br /> " ;
echo " </td></tr> " ;
}
echo '</table>' ;
}
2007-11-16 06:30:42 +00:00
echo " <input type= \" submit \" value= \" " . i18n ( " Save Personal Information " ) . " \" /> \n " ;
echo " </form> " ;
echo " <br /> " ;
send_footer ();
?>