constArr))); if(!$manageUsers) { //Assign Smarty variables and load the admin template $smarty->assign('manageUsers',!$manageUsers); $smarty->display('user.tpl'); exit; } $error = ''; $notice = ''; if(isset($_REQUEST['password'])) { $pass = $_REQUEST['password']; if( $GLOBALS['fc_config']['encryptPass'] && (strlen($pass) != strlen(md5('password')))) $pass = md5($pass); } if(isset($_REQUEST['add'])) { if(!$_REQUEST['login']) { $error = 'login cannot be empty'; } else if(!$_REQUEST['password']) { $error = 'please enter password'; } else { $stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=? LIMIT 1"); $rs = $stmt->process($_REQUEST['login']); if(!$rs->hasNext()) { $stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}users (login, password, roles) VALUES (?, ?, ?)"); $_REQUEST['id'] = $stmt->process($_REQUEST['login'], $pass, $_REQUEST['roles']); $notice = 'user added'; } else { $error = 'user already exists'; } } } else if(isset($_REQUEST['set'])) { if(!$_REQUEST['login']) { $error = 'login cannot be empty'; } else if(!$_REQUEST['id']) { $error = 'wrong user id'; } else if(!$_REQUEST['password'] && $GLOBALS['fc_config']['encryptPass'] == 0) { $error = 'please enter a password'; } else { $stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=? AND id<>? LIMIT 1"); $rs = $stmt->process($_REQUEST['login'], $_REQUEST['id']); if(!$rs->hasNext()) { //$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET login=?, password=?, roles=? WHERE id=?"); if(trim($_REQUEST['password'])!="") { $updateSQL="UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET login=?, password=?, roles=? WHERE id=?"; $stmt = new Statement($updateSQL); $stmt->process($_REQUEST['login'], $pass, $_REQUEST['roles'], $_REQUEST['id']); } else { $updateSQL="UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET login=?, roles=? WHERE id=?"; $stmt = new Statement($updateSQL); $stmt->process($_REQUEST['login'], $_REQUEST['roles'], $_REQUEST['id']); } $notice = 'user updated'; } else { $error = 'user already exist'; } } } else if(isset($_REQUEST['del'])) { if(!$_REQUEST['id']) { $error = 'wrong user id'; } else { $stmt = new Statement("DELETE FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?"); $stmt->process($_REQUEST['id']); $notice = 'user removed'; $_REQUEST['id'] = null; } } $roles = array( ROLE_USER => 'user', ROLE_ADMIN => 'admin', ROLE_MODERATOR => 'moderator', ROLE_SPY => 'spy', ROLE_CUSTOMER => 'customer' ); if(isset($_REQUEST['id'])) { $stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?"); $rs = $stmt->process($_REQUEST['id']); if( is_object( $rs ) ) $_REQUEST = $rs->next(); if($GLOBALS['fc_config']['encryptPass'])$_REQUEST['password'] = ''; } else { $_REQUEST['id'] = 0; $_REQUEST['login'] = ''; $_REQUEST['password'] = ''; $_REQUEST['roles'] = ROLE_USER; } //Assign Smarty variables and load the admin template $smarty->assign('error',$error); $smarty->assign('notice',$notice); $smarty->assign('roles',$roles); $smarty->assign('_REQUEST',$_REQUEST); if ($GLOBALS['fc_config']['encryptPass'] <> 0 && $_REQUEST['id']) $smarty->assign('encryptPass', true); $smarty->display('user.tpl'); ?>