forked from science-ation/science-ation
333 lines
10 KiB
PHP
333 lines
10 KiB
PHP
<?
|
|
/*
|
|
This file is part of the 'Science Fair In A Box' project
|
|
SFIAB Website: http://www.sfiab.ca
|
|
|
|
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
|
|
Copyright (C) 2005 James Grant <james@lightbox.org>
|
|
Copyright (C) 2007 David Grant <dave@lightbox.org>
|
|
|
|
This program is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU General Public
|
|
License as published by the Free Software Foundation, version 2.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; see the file COPYING. If not, write to
|
|
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
|
|
Boston, MA 02111-1307, USA.
|
|
*/
|
|
?>
|
|
<?
|
|
require_once("common.inc.php");
|
|
require_once("user.inc.php");
|
|
require_once("committee.inc.php");
|
|
|
|
if(!isset($_SESSION['users_type'])) {
|
|
/* No type set, invalid session */
|
|
echo "ERROR: session is invalid";
|
|
exit;
|
|
}
|
|
|
|
$user_personal_fields = array(
|
|
'firstname' => array('name' => 'First Name'),
|
|
'lastname' => array('name' => 'Last Name'),
|
|
'email' => array('name' => 'Email Address'),
|
|
'username' => array('name' => 'Username'),
|
|
'password' => array('name' => 'Password'),
|
|
'address' => array('name' => 'Address 1'),
|
|
'address2' => array('name' => 'Address 2'),
|
|
'city' => array('name' => 'City'),
|
|
'province' => array('name' => 'Province'),
|
|
'organization' => array('name' => 'Organization'),
|
|
'phonehome' => array('name' => 'Phone (Home)',
|
|
'regexp' => '^[1-9][0-9]{2}-[1-9][0-9]{2}-[0-9]{4}( x[0-9]{1,5})?$',
|
|
'format' => '\'NNN-NNN-NNNN\' or \'NNN-NNN-NNNN xEXT\'',),
|
|
'phonecell' => array('name' => 'Phone (Cell)',
|
|
'regexp' => '^[1-9][0-9]{2}-[1-9][0-9]{2}-[0-9]{4}$',
|
|
'format' => '\'NNN-NNN-NNNN\'',),
|
|
'phonework' => array('name' => 'Phone (Work)',
|
|
'regexp' => '^[1-9][0-9]{2}-[1-9][0-9]{2}-[0-9]{4}( x[0-9]{1,5})?$',
|
|
'format' => '\'NNN-NNN-NNNN\' or \'NNN-NNN-NNNN xEXT\'',),
|
|
'fax' => array('name' => 'Fax',
|
|
'regexp' => '^[1-9][0-9]{2}-[1-9][0-9]{2}-[0-9]{4}$',
|
|
'format' => '\'NNN-NNN-NNNN\'',),
|
|
'postalcode' => array('name' => 'Postal Code',
|
|
'regexp' => '^(([A-Z][0-9][A-Z] [0-9][A-Z][0-9])|([0-9]{5}))$',
|
|
'format' => '\'ANA NAN\' or \'NNNNN\'',),
|
|
|
|
);
|
|
|
|
|
|
|
|
/* See if there is an edit request */
|
|
$eid = intval($_GET['edit']);
|
|
|
|
if($eid != 0) {
|
|
/* There is an edit request, the user must be:
|
|
* - on the committee
|
|
* - with admin access */
|
|
user_auth_required('committee', 'admin');
|
|
$u = user_load($eid, true);
|
|
|
|
} else {
|
|
/* Else, force them to edit themselves */
|
|
$eid = false;
|
|
$u = user_load($_SESSION['users_id'], true);
|
|
}
|
|
|
|
|
|
/* Load the fields the user can edit, and theones that are required */
|
|
$fields = array();
|
|
$required = array();
|
|
$errorfields = array();
|
|
foreach($u['types'] as $t) {
|
|
$fields = array_merge($fields,
|
|
user_personal_fields($t));
|
|
$required = array_merge($required,
|
|
user_personal_required_fields($t));
|
|
}
|
|
|
|
if(committee_auth_has_access('super')) {
|
|
/* If the editer is super, let them see/edit/save the user/pass */
|
|
$fields[] = 'username';
|
|
$fields[] = 'password';
|
|
}
|
|
|
|
if($_POST['action']=="save")
|
|
{
|
|
$save = true;
|
|
/* Set values */
|
|
foreach($fields as $f) {
|
|
$u[$f] = stripslashes($_POST[$f]);
|
|
}
|
|
|
|
foreach($u as $f=>$v) {
|
|
if($v == '') continue;
|
|
|
|
/* See if this field has a validate */
|
|
if(isset($user_personal_fields[$f]['regexp'])) {
|
|
/* Match the regex */
|
|
if(!ereg($user_personal_fields[$f]['regexp'], $v)) {
|
|
/* Bad */
|
|
$save = false;
|
|
$errorfields[] = $f;
|
|
}
|
|
}
|
|
}
|
|
|
|
if(!array_key_exists('username', $u) || $u['username'] == '') {
|
|
$u['username'] = $u['email'];
|
|
}
|
|
|
|
if(in_array('committee', $u['types'])) {
|
|
/* Trying to save a committee member eh? Well, we established above
|
|
* that we're allowed to be here, so go ahead and save it */
|
|
$u['displayemail'] = ($_POST['displayemail'] == 'yes') ? 'yes' : 'no';
|
|
$u['emailprivate'] = mysql_escape_string(stripslashes($_POST['emailprivate']));
|
|
|
|
if(committee_auth_has_access('super')) {
|
|
/* But only superusers can save these ones */
|
|
$u['access_admin'] = ($_POST['access_admin'] == 'yes') ? 'yes' : 'no';
|
|
$u['access_config'] = ($_POST['access_config'] == 'yes') ? 'yes' : 'no';
|
|
$u['access_super'] = ($_POST['access_super'] == 'yes') ? 'yes' : 'no';
|
|
}
|
|
}
|
|
|
|
|
|
/* Check for an email collision */
|
|
$em = mysql_escape_string(stripslashes($_POST['email']));
|
|
$q=mysql_query("SELECT id FROM users WHERE email='$em' AND id!='{$u['id']}'");
|
|
if(mysql_num_rows($q) > 0) {
|
|
$notice = 'email_exists';
|
|
$save = false;
|
|
}
|
|
|
|
if($save == true) {
|
|
user_save($u);
|
|
if($_SESSION['last_page'] == 'committee_management') {
|
|
header("location: {$config['SFIABDIRECTORY']}/admin/committees.php");
|
|
exit;
|
|
}
|
|
$notice = 'success';
|
|
}
|
|
|
|
|
|
}
|
|
|
|
//send the header
|
|
if($eid == false) {
|
|
$type = $_SESSION['users_type'];
|
|
$m = ($type == 'committee') ? 'Committee' : $user_what[$type];
|
|
send_header("Personal Information",
|
|
array("$m Main" => "{$type}_main.php")
|
|
);
|
|
} else {
|
|
if($_SESSION['last_page'] == 'committee_management') {
|
|
send_header("Personal Information for {$u['firstname']} {$u['lastname']}",
|
|
array('Committee Main' => 'committee_main.php',
|
|
'Administration' => 'admin/index.php',
|
|
'Committee Management' => 'admin/committees.php')
|
|
);
|
|
} else {
|
|
send_header("Personal Information for {$u['firstname']} {$u['lastname']}",
|
|
array("Committee Main" => "committee_main.php")
|
|
);
|
|
}
|
|
}
|
|
|
|
switch($notice) {
|
|
case 'success':
|
|
echo notice(i18n("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname'])));
|
|
break;
|
|
case 'email_exists':
|
|
echo error(i18n("That email address is in use by another user"));
|
|
break;
|
|
}
|
|
|
|
foreach($errorfields as $f) {
|
|
echo error(i18n('\'%1\' must use the format: %2',
|
|
array(i18n($user_personal_fields[$f]['name']),
|
|
$user_personal_fields[$f]['format'])));
|
|
}
|
|
if(count($errorfields)) {
|
|
echo error(i18n('Information will not be saved until the above errors are corrected'));
|
|
} else if ($eid == false) {
|
|
//output the current status
|
|
$newstatus=user_personal_info_status($u);
|
|
if($newstatus!='complete')
|
|
echo error(i18n("Personal Information Incomplete"));
|
|
else
|
|
echo happy(i18n("Personal Information Complete"));
|
|
}
|
|
|
|
if(count($u['types']) > 1) {
|
|
$roles='';
|
|
foreach($u['types'] as $t) {
|
|
$roles.= (($roles=='')?'':', ').i18n($user_what[$t]);
|
|
}
|
|
echo notice(i18n('This user has multiple roles, the fields shown below are a combination of every role. Some may not apply to some roles. This user has the following roles:').' '.$roles);
|
|
}
|
|
|
|
function item($user, $fname, $subtext='')
|
|
{
|
|
global $fields, $required;
|
|
global $errorfields;
|
|
global $user_personal_fields;
|
|
|
|
if(in_array($fname, $fields)) {
|
|
$text = i18n($user_personal_fields[$fname]['name']);
|
|
if(in_array($fname, $errorfields)) $style = 'style="color:red;"';
|
|
echo "<td><span $style>$text</span>: ";
|
|
if($subtext != '') echo '<br /><span style="font-size: 0.5em;">'.i18n($subtext).'</span>';
|
|
echo '</td>';
|
|
echo "<td><input onchange=\"fieldChanged()\" type=\"text\" name=\"$fname\" value=\"{$user[$fname]}\" />";
|
|
if(in_array($fname, $required)) echo REQUIREDFIELD;
|
|
echo '</td>';
|
|
} else {
|
|
echo '<td></td><td></td>';
|
|
}
|
|
|
|
}
|
|
|
|
$eidstr = '';
|
|
if($eid != false) {
|
|
$eidstr="?edit=$eid";
|
|
}
|
|
echo "<form name=\"personalform\" method=\"post\" action=\"user_personal.php$eidstr\">\n";
|
|
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
|
|
echo "<table>\n";
|
|
|
|
echo "<tr>\n";
|
|
item($u, 'firstname');
|
|
item($u, 'lastname');
|
|
echo "</tr>\n";
|
|
echo "<tr>\n";
|
|
item($u, 'email');
|
|
echo '<td></td><td></td>';
|
|
echo "</tr>\n";
|
|
echo "<tr>\n";
|
|
item($u, 'username', '(if different from Email)');
|
|
item($u, 'password');
|
|
echo "</tr>\n";
|
|
echo "<tr>\n";
|
|
item($u, 'address');
|
|
item($u, 'city');
|
|
echo "</tr>\n";
|
|
echo "<tr>\n";
|
|
item($u, 'address2');
|
|
if(in_array('province', $fields)) {
|
|
echo '<td>'.i18n('Province').': </td>';
|
|
echo '<td>';
|
|
emit_province_selector("province",$u['province'],"onchange=\"fieldChanged()\"");
|
|
if(in_array('province', $required)) echo REQUIREDFIELD;
|
|
echo '</td>';
|
|
} else {
|
|
echo '<td></td><td></td>';
|
|
}
|
|
echo "</tr>\n";
|
|
echo "<tr>\n";
|
|
item($u, 'postalcode');
|
|
echo "<td></td><td></td>";
|
|
echo "</tr>\n";
|
|
echo "<tr>";
|
|
item($u, 'phonehome');
|
|
item($u, 'phonecell');
|
|
echo "</tr>\n";
|
|
|
|
echo "<tr>\n";
|
|
item($u, 'organization');
|
|
item($u, 'phonework');
|
|
echo "</tr>";
|
|
echo "<tr>\n";
|
|
item($u, 'fax');
|
|
echo '<td></td><td></td>';
|
|
echo "</tr>";
|
|
|
|
echo "<tr><td colspan=\"4\"><hr /></td></tr>";
|
|
|
|
echo "</table>";
|
|
|
|
/* Committee specific fields */
|
|
if(in_array('committee', $u['types'])) {
|
|
echo "<table>";
|
|
|
|
echo "<tr><td>".i18n("Email (Private)").":</td><td><input size=\"25\" type=\"text\" name=\"emailprivate\" value=\"{$u['emailprivate']}\" /></td></tr>\n";
|
|
echo "<tr><td>".i18n("Display Emails").":</td><td>";
|
|
if($u['displayemail']=="no") $checked="checked=\"checked\""; else $checked="";
|
|
echo "<input type=\"radio\" name=\"displayemail\" value=\"no\" $checked />".i18n("No");
|
|
echo " ";
|
|
if($u['displayemail']=="yes") $checked="checked=\"checked\""; else $checked="";
|
|
echo "<input type=\"radio\" name=\"displayemail\" value=\"yes\" $checked />".i18n("Yes");
|
|
|
|
if(committee_auth_has_access("super"))
|
|
{
|
|
/* If the user is a committee member, only print these fields
|
|
* if the editer has super access */
|
|
echo "<tr><td align=\"center\" colspan=\"2\"><hr /></td></tr>";
|
|
echo "<tr><td>".i18n("Access Controls").":</td><td>";
|
|
$ch = ($u['access_admin']=="yes") ? 'checked="checked"' : '';
|
|
echo "<input type=\"checkbox\" name=\"access_admin\" value=\"yes\" $ch /> ".i18n("Administration")."<br />";
|
|
$ch = ($u['access_config']=="yes") ? 'checked="checked"' : '';
|
|
echo "<input type=\"checkbox\" name=\"access_config\" value=\"yes\" $ch /> ".i18n("Configuration")."<br />";
|
|
$ch = ($u['access_super']=="yes") ? 'checked="checked"' : '';
|
|
echo "<input type=\"checkbox\" name=\"access_super\" value=\"yes\" $ch /> ".i18n("Superuser")."<br />";
|
|
echo "</td></tr>";
|
|
}
|
|
echo '</table>';
|
|
}
|
|
|
|
|
|
|
|
echo "<input type=\"submit\" value=\"".i18n("Save Personal Information")."\" />\n";
|
|
echo "</form>";
|
|
|
|
echo "<br />";
|
|
|
|
send_footer();
|
|
?>
|