r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Bug fixes on users

This commit is contained in:
dignajar 2015-09-29 22:59:02 -03:00
parent 02f4d97554
commit 2c797f0465
2 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
admin/controllers/edit-user.php
View File

@ -48,6 +48,11 @@ function deleteUser($args, $deleteContent=false)
return false; return false;
} }
// The editors cannot delete users.
if($Login->role()!=='admin') {
return false;
}
if($deleteContent) { if($deleteContent) {
$dbPosts->deletePostsByUser($args['username']); $dbPosts->deletePostsByUser($args['username']);
} }

24
admin/views/edit-user.php
View File

@ -6,7 +6,7 @@
<li><a href="#email"><?php $Language->p('Email') ?></a></li> <li><a href="#email"><?php $Language->p('Email') ?></a></li>
<li><a href="#password"><?php $Language->p('Password') ?></a></li> <li><a href="#password"><?php $Language->p('Password') ?></a></li>
<?php if($_user['username']!=='admin') { ?> <?php if($_user['username']=='admin') { ?>
<li><a href="#delete"><?php $Language->p('Delete') ?></a></li> <li><a href="#delete"><?php $Language->p('Delete') ?></a></li>
<?php } ?> <?php } ?>
</ul> </ul>
@ -18,9 +18,7 @@
<div id="profile"> <div id="profile">
<form method="post" action="" class="forms"> <form method="post" action="" class="forms">
<input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>"> <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
<input type="hidden" name="edit-user" value="true">
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>"> <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
<label> <label>
@ -50,7 +48,7 @@
<?php } ?> <?php } ?>
<input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="user-profile"> <input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="edit-user">
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a> <a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
</form> </form>
</div> </div>
@ -61,7 +59,7 @@
<div id="email"> <div id="email">
<form method="post" action="" class="forms"> <form method="post" action="" class="forms">
<input type="hidden" name="edit-user" value="true"> <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>"> <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
<label> <label>
@ -70,7 +68,7 @@
<div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div> <div class="forms-desc"><?php $Language->p('email-will-not-be-publicly-displayed') ?></div>
</label> </label>
<input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="user-email"> <input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="edit-user">
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a> <a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
</form> </form>
</div> </div>
@ -81,7 +79,7 @@
<div id="password"> <div id="password">
<form method="post" action="" class="forms"> <form method="post" action="" class="forms">
<input type="hidden" name="change-password" value="true"> <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>"> <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
<label> <label>
@ -94,7 +92,7 @@
<input type="password" name="confirm-password" class="width-50"> <input type="password" name="confirm-password" class="width-50">
</label> </label>
<input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="user-password"> <input type="submit" class="btn btn-blue" value="<?php $Language->p('Save') ?>" name="change-password">
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a> <a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>
</form> </form>
</div> </div>
@ -102,20 +100,20 @@
<!-- ===================================== --> <!-- ===================================== -->
<!-- Delete --> <!-- Delete -->
<!-- ===================================== --> <!-- ===================================== -->
<?php if($_user['username']!=='admin') { ?> <?php if($_user['username']=='admin') { ?>
<div id="delete"> <div id="delete">
<form method="post" action="" class="forms"> <form method="post" action="" class="forms">
<input type="hidden" name="delete-user-all" value="true"> <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>"> <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
<p><input type="submit" class="btn btn-blue" value="<?php $Language->p('Delete the user and all its posts') ?>"></p> <p><input type="submit" name="delete-user-all" class="btn btn-blue" value="<?php $Language->p('Delete the user and all its posts') ?>"></p>
</form> </form>
<form method="post" action="" class="forms"> <form method="post" action="" class="forms">
<input type="hidden" name="delete-user-associate" value="true"> <input type="hidden" id="jstoken" name="token" value="<?php $Security->printToken() ?>">
<input type="hidden" name="username" value="<?php echo $_user['username'] ?>"> <input type="hidden" name="username" value="<?php echo $_user['username'] ?>">
<p><input type="submit" class="btn btn-blue" value="<?php $Language->p('Delete the user and associate its posts to admin user') ?>"></p> <p><input type="submit" name="delete-user-associate" class="btn btn-blue" value="<?php $Language->p('Delete the user and associate its posts to admin user') ?>"></p>
</form> </form>
<a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a> <a href="<?php echo HTML_PATH_ADMIN_ROOT.'users' ?>" class="btn"><?php $Language->p('Cancel') ?></a>