Fix #22 - disable user button added
This commit is contained in:
Vojtěch Sajdl
parent
2f51eb4227
commit
5afda409c1
|
|
@ -13,7 +13,7 @@ Template::render_header(_("Lost password"));
|
|||
$user->change_password($_POST['token']);
|
||||
if (isset($message)){?>
|
||||
<p class="alert alert-danger"><?php echo $message?></p>
|
||||
<a href="<?php echo WEB_URL;?>/admin/?do=lost-password<?php echo "&id=".$_POST['id']."&token=".$_POST['token'];?>"><?php echo _("Go back");?> </a>
|
||||
<a href="<?php echo WEB_URL;?>/admin/?do=lost-password<?php echo "&id=".$_POST['id']."&token=".$_POST['token'];?>"><?php echo _("Go back");?> </a>
|
||||
<?php
|
||||
}
|
||||
else{?>
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ Template::render_header(_("New user"), true); ?>
|
|||
<h2>Add new user</h2>
|
||||
</div>
|
||||
|
||||
<form action="<?php echo WEB_URL;?>/admin/?do=new-user&new=user" method="POST" class="form-horizontal">
|
||||
<form action="<?php echo WEB_URL;?>/admin/?do=new-use&new=user" method="POST" class="form-horizontal">
|
||||
<?php if (isset($message))
|
||||
{?>
|
||||
<p class="alert alert-danger"><?php echo $message?></p>
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ if (isset($message)){
|
|||
<section>
|
||||
<h3 class="pull-left"><?php echo _("Services");?></h3>
|
||||
<?php if ($user->get_rank() <= 1){?>
|
||||
<form action="?do=settings&new=service" method="post">
|
||||
<form action="?do=settings&new=service" method="post">
|
||||
<div class="input-group pull-right new-service">
|
||||
<input class="form-control" name="service" placeholder="Name" type="text" value="<?php echo ((isset($_POST['service']))?htmlspecialchars($_POST['service']):''); ?>" maxlength="50" required>
|
||||
<span class="input-group-btn">
|
||||
|
|
@ -52,7 +52,7 @@ while($result = $query->fetch_assoc())
|
|||
echo "<td>".$result['name']."</td>";
|
||||
if ($user->get_rank()<=1)
|
||||
{
|
||||
echo '<td><a href="'.WEB_URL.'/admin/?do=settings&delete='.$result['id'].'" class="pull-right delete-service"><i class="fa fa-trash"></i></a></td>';
|
||||
echo '<td><a href="'.WEB_URL.'/admin/?do=settings&delete='.$result['id'].'" class="pull-right delete-service"><i class="fa fa-trash"></i></a></td>';
|
||||
}
|
||||
echo "</tr>";
|
||||
}?>
|
||||
|
|
@ -74,7 +74,7 @@ while($result = $query->fetch_assoc())
|
|||
{
|
||||
echo "<tr>";
|
||||
echo "<td>".$result['id']."</td>";
|
||||
echo "<td><a href='".WEB_URL."/admin/?do=user&id=".$result['id']."'>".$result['username']."</a></td>";
|
||||
echo "<td><a href='".WEB_URL."/admin/?do=user&id=".$result['id']."'>".$result['username']."</a></td>";
|
||||
echo "<td>".$result['name']."</td>";
|
||||
echo "<td>".$result['surname']."</td>";
|
||||
echo "<td><a href=\"mailto:".$result['email']."\">".$result['email']."</a></td>";
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ class Constellation
|
|||
{
|
||||
if ($offset)
|
||||
{
|
||||
echo '<noscript><div class="centered"><a href="'.WEB_URL.'/?offset='.($offset-$limit+1).'&timestamp='.$timestamp.'" class="btn btn-default">'._("Back").'</a></div></noscript>';
|
||||
echo '<noscript><div class="centered"><a href="'.WEB_URL.'/?offset='.($offset-$limit+1).'×tamp='.$timestamp.'" class="btn btn-default">'._("Back").'</a></div></noscript>';
|
||||
}
|
||||
echo "<h3>"._("Past incidents")."</h3>";
|
||||
}
|
||||
|
|
@ -59,7 +59,7 @@ class Constellation
|
|||
}
|
||||
if ($show)
|
||||
{
|
||||
echo '<div class="centered"><a href="'.WEB_URL.'/?offset='.($offset).'&timestamp='.$timestamp.'" id="loadmore" class="btn btn-default">'._("Load more").'</a></div>';
|
||||
echo '<div class="centered"><a href="'.WEB_URL.'/?offset='.($offset).'×tamp='.$timestamp.'" id="loadmore" class="btn btn-default">'._("Load more").'</a></div>';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ class User
|
|||
$stmt->bind_param("i", $this->id);
|
||||
$stmt->execute();
|
||||
$stmt->close();
|
||||
header("Location: ".WEB_URL."/admin/?do=user&id=".$id);
|
||||
header("Location: ".WEB_URL."/admin/?do=user&id=".$id);
|
||||
}else{
|
||||
$message = _("You don't have the permission to do that!");
|
||||
}
|
||||
|
|
@ -317,14 +317,14 @@ class User
|
|||
<div class="col-md-2 col-md-offset-2"><strong><?php echo _("Username");?></strong></div>
|
||||
<div class="col-md-6"><?php echo $this->username." "; if ($this->id!=$_SESSION['user'] && $user->get_rank()<=1 && ($user->get_rank()<$this->rank))
|
||||
{
|
||||
echo "<a href='".WEB_URL."/admin/?do=user&id=".$this->id."&what=toggle'>";
|
||||
echo "<a href='".WEB_URL."/admin/?do=user&id=".$this->id."&what=toggle'>";
|
||||
echo "<i class='fa fa-".($this->active?"check success":"times danger")."'></i></a>";
|
||||
}else{
|
||||
echo "<i class='fa fa-".($this->active?"check success":"times danger")."'></i>";
|
||||
}?></div>
|
||||
</div>
|
||||
|
||||
<form action="<?php echo WEB_URL;?>/admin/?do=user&id=<?php echo $this->id; ?>" method="POST">
|
||||
<form action="<?php echo WEB_URL;?>/admin/?do=user&id=<?php echo $this->id; ?>" method="POST">
|
||||
<div class="row">
|
||||
<div class="col-md-2 col-md-offset-2"><strong><?php echo _("Role");?></strong></div>
|
||||
<div class="col-md-6"><?php if ($user->get_rank() == 0 && $this->id != $_SESSION['user']){?> <div class="input-group"><select class="form-control" name="permission"><?php foreach ($permissions as $key => $value) {
|
||||
|
|
@ -379,7 +379,21 @@ class User
|
|||
</div>
|
||||
<?php
|
||||
}
|
||||
|
||||
if ($this->id!=$_SESSION['user'] && $user->get_rank()<=1 && ($user->get_rank()<$this->rank))
|
||||
{?>
|
||||
<div class="row">
|
||||
<div class="col-md-2 col-md-offset-2"></div>
|
||||
<div class="col-md-6">
|
||||
<?php
|
||||
if ($this->active){
|
||||
echo '<a href="'.WEB_URL.'/admin/?do=user&id='.$this->id.'&what=toggle" class="btn btn-danger">'._("Deactivate user")."</a>";
|
||||
}else{
|
||||
echo '<a href="'.WEB_URL.'/admin/?do=user&id='.$this->id.'&what=toggle" class="btn btn-success">'._("Activate user")."</a>";
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
</div>
|
||||
<?php }
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -484,7 +498,7 @@ class User
|
|||
|
||||
$token = Token::add($id, 'passwd', $time);
|
||||
|
||||
$link = WEB_URL."/admin/?do=lost-password&id=$id&token=$token";
|
||||
$link = WEB_URL."/admin/?do=lost-password&id=$id&token=$token";
|
||||
$to = $email;
|
||||
$user = new User($id);
|
||||
$subject = _('Reset password') . ' - '.NAME;
|
||||
|
|
@ -510,7 +524,7 @@ class User
|
|||
$token = Token::add($id, 'email;$email', $time);
|
||||
|
||||
|
||||
$link = WEB_URL."/admin/?do=change-email&id=$id&token=$token";
|
||||
$link = WEB_URL."/admin/?do=change-email&id=$id&token=$token";
|
||||
$to = $email;
|
||||
$subject = _('Email change').' - '.NAME;
|
||||
$msg = sprintf(_( "Hi %s!<br>Below you will find link to change your email. The link is valid for 24hrs. If you didn't request this, feel free to ignore it. <br><br><a href=\"%s\">CHANGE EMAIL</a><br><br>If the link doesn't work, copy & paste it into your browser: <br>%s"), $user->get_name(), $link, $link);
|
||||
|
|
@ -588,7 +602,7 @@ class User
|
|||
$stmt = $mysqli->prepare("UPDATE users SET permission=? WHERE id=?");
|
||||
$stmt->bind_param("si", $permission, $id);
|
||||
$stmt->execute();
|
||||
header("Location: ".WEB_URL."/admin/?do=user&id=".$id);
|
||||
header("Location: ".WEB_URL."/admin/?do=user&id=".$id);
|
||||
}
|
||||
else{
|
||||
$message = _("You don't have permission to do that!");
|
||||
|
|
|
|||
Loading…
Reference in New Issue