Update user_edit.php
This commit is contained in:
FusionPBX
GitHub
parent
7430ae1ec4
commit
386194a23f
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
The Initial Developer of the Original Code is
|
||||
Mark J Crane <markjcrane@fusionpbx.com>
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2018
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2019
|
||||
the Initial Developer. All Rights Reserved.
|
||||
|
||||
Contributor(s):
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
//get user uuid
|
||||
if ((is_uuid($_REQUEST["id"]) && permission_exists('user_edit')) ||
|
||||
(is_uuid($_REQUEST["id"]) && $_REQUEST["id"] == $_SESSION['user_uuid'])) {
|
||||
$user_uuid = check_str($_REQUEST["id"]);
|
||||
$user_uuid = $_REQUEST["id"];
|
||||
$action = 'edit';
|
||||
}
|
||||
elseif (permission_exists('user_add') && !isset($_REQUEST["id"])) {
|
||||
|
|
@ -52,14 +52,12 @@
|
|||
|
||||
//get total user count from the database, check limit, if defined
|
||||
if (permission_exists('user_add') && $action == 'add' && $_SESSION['limit']['users']['numeric'] != '') {
|
||||
$sql = "select count(user_uuid) as num_rows from v_users where domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
$total_users = $row['num_rows'];
|
||||
}
|
||||
unset($prep_statement, $row);
|
||||
$sql = "select count(user_uuid) as num_rows from v_users where domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$database = new database;
|
||||
$total_users = $database->execute($sql, $parameters, 'column');
|
||||
unset($parameters);
|
||||
|
||||
if ($total_users >= $_SESSION['limit']['users']['numeric']) {
|
||||
message::add($text['message-maximum_users'].' '.$_SESSION['limit']['users']['numeric'], 'negative');
|
||||
header('Location: users.php');
|
||||
|
|
@ -85,9 +83,13 @@
|
|||
//delete the group from the users
|
||||
if (is_uuid($group_uuid) && is_uuid($user_uuid)) {
|
||||
$sql = "delete from v_user_groups ";
|
||||
$sql .= "where group_uuid = '".$group_uuid."' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$db->exec(check_sql($sql));
|
||||
$sql .= "where group_uuid = :group_uuid ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['group_uuid'] = $group_uuid;
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
unset($parameters);
|
||||
}
|
||||
//redirect the user
|
||||
message::add($text['message-update']);
|
||||
|
|
@ -110,29 +112,29 @@
|
|||
//get the HTTP values and set as variables
|
||||
if (permission_exists('user_edit') && $action == 'edit') {
|
||||
$user_uuid = $_REQUEST["id"];
|
||||
$username_old = check_str($_POST["username_old"]);
|
||||
$username_old = $_POST["username_old"];
|
||||
}
|
||||
$domain_uuid = check_str($_POST["domain_uuid"]);
|
||||
$username = check_str($_POST["username"]);
|
||||
$password = check_str($_POST["password"]);
|
||||
$password_confirm = check_str($_POST["password_confirm"]);
|
||||
$user_status = check_str($_POST["user_status"]);
|
||||
$user_language = check_str($_POST["user_language"]);
|
||||
$user_time_zone = check_str($_POST["user_time_zone"]);
|
||||
$domain_uuid = $_POST["domain_uuid"];
|
||||
$username = $_POST["username"];
|
||||
$password = $_POST["password"];
|
||||
$password_confirm = $_POST["password_confirm"];
|
||||
$user_status = $_POST["user_status"];
|
||||
$user_language = $_POST["user_language"];
|
||||
$user_time_zone = $_POST["user_time_zone"];
|
||||
if (permission_exists('user_edit') && $action == 'edit') {
|
||||
$contact_uuid = check_str($_POST["contact_uuid"]);
|
||||
$contact_uuid = $_POST["contact_uuid"];
|
||||
}
|
||||
else if (permission_exists('user_add') && $action == 'add') {
|
||||
$user_email = check_str($_POST["user_email"]);
|
||||
$contact_organization = check_str($_POST["contact_organization"]);
|
||||
$contact_name_given = check_str($_POST["contact_name_given"]);
|
||||
$contact_name_family = check_str($_POST["contact_name_family"]);
|
||||
$user_email = $_POST["user_email"];
|
||||
$contact_organization = $_POST["contact_organization"];
|
||||
$contact_name_given = $_POST["contact_name_given"];
|
||||
$contact_name_family = $_POST["contact_name_family"];
|
||||
}
|
||||
$group_uuid_name = check_str($_POST["group_uuid_name"]);
|
||||
$user_enabled = check_str($_POST["user_enabled"]);
|
||||
$api_key = check_str($_POST["api_key"]);
|
||||
$group_uuid_name = $_POST["group_uuid_name"];
|
||||
$user_enabled = $_POST["user_enabled"];
|
||||
$api_key = $_POST["api_key"];
|
||||
if (permission_exists('message_view')) {
|
||||
$message_key = check_str($_POST["message_key"]);
|
||||
$message_key = $_POST["message_key"];
|
||||
}
|
||||
|
||||
//check required values
|
||||
|
|
@ -141,17 +143,16 @@
|
|||
}
|
||||
if (permission_exists('user_edit') && $action == 'edit') {
|
||||
if ($username != $username_old && $username != '') {
|
||||
$sql = "select count(*) as num_rows from v_users where username = '".$username."'";
|
||||
if ($_SESSION["user"]["unique"]["text"] != "global"){
|
||||
$sql .= " and domain_uuid = '".$domain_uuid."'";
|
||||
$sql = "select count(*) as num_rows from v_users where username = :username ";
|
||||
if ($_SESSION["user"]["unique"]["text"] != "global") {
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
if (0 < $row['num_rows']) {
|
||||
message::add($text['message-username_exists'], 'negative', 7500);
|
||||
}
|
||||
$parameters['username'] = $username;
|
||||
$database = new database;
|
||||
$num_rows = $database->select($sql, $parameters, 'column');
|
||||
if ($num_rows > 0) {
|
||||
message::add($text['message-username_exists'], 'negative', 7500);
|
||||
}
|
||||
unset($sql);
|
||||
}
|
||||
|
|
@ -213,136 +214,136 @@
|
|||
$sql = "select user_setting_uuid, user_setting_value from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'language' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
if ($row['user_setting_uuid'] == '' && $user_language != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'language';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'code';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_language;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if ($row['user_setting_uuid'] == '' && $user_language != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'language';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'code';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_language;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $user_language == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'language' ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql);
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $user_language == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'language' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
}
|
||||
else {
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'language';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'code';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_language;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'language';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'code';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_language;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
unset($sql, $prep_statement, $row);
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//check to see if user time zone is set
|
||||
$sql = "select user_setting_uuid, user_setting_value from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'time_zone' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
if ($row['user_setting_uuid'] == '' && $user_time_zone != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'time_zone';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'name';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_time_zone;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if ($row['user_setting_uuid'] == '' && $user_time_zone != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'time_zone';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'name';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_time_zone;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $user_time_zone == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'time_zone' ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $user_time_zone == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'domain' ";
|
||||
$sql .= "and user_setting_subcategory = 'time_zone' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
}
|
||||
else {
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'time_zone';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'name';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_time_zone;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'domain';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'time_zone';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'name';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $user_time_zone;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//check to see if message key is set
|
||||
if (permission_exists('message_view')) {
|
||||
$sql = "select user_setting_uuid, user_setting_value from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'message' ";
|
||||
$sql .= "and user_setting_subcategory = 'key' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
if ($row['user_setting_uuid'] == '' && $message_key != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'message';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'key';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'text';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $message_key;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if ($row['user_setting_uuid'] == '' && $message_key != '') {
|
||||
//add user setting to array for insert
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = uuid();
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'message';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'key';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'text';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $message_key;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $message_key == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'message' ";
|
||||
$sql .= "and user_setting_subcategory = 'key' ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql);
|
||||
}
|
||||
else {
|
||||
if ($row['user_setting_value'] == '' || $message_key == '') {
|
||||
$sql = "delete from v_user_settings ";
|
||||
$sql .= "where user_setting_category = 'message' ";
|
||||
$sql .= "and user_setting_subcategory = 'key' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
}
|
||||
else {
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'message';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'key';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'text';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $message_key;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['user_uuid'] = $user_uuid;
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$array['user_settings'][$i]['user_setting_category'] = 'message';
|
||||
$array['user_settings'][$i]['user_setting_subcategory'] = 'key';
|
||||
$array['user_settings'][$i]['user_setting_name'] = 'text';
|
||||
$array['user_settings'][$i]['user_setting_value'] = $message_key;
|
||||
$array['user_settings'][$i]['user_setting_enabled'] = 'true';
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -370,43 +371,46 @@
|
|||
if ((permission_exists('user_add') || permission_exists('user_edit')) && permission_exists('user_domain')) {
|
||||
//adjust group user records
|
||||
$sql = "select user_group_uuid from v_user_groups ";
|
||||
$sql .= "where user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
||||
$sql .= "where user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result)) {
|
||||
foreach ($result as $row) {
|
||||
//add group user to array for update
|
||||
$array['user_groups'][$n]['user_group_uuid'] = $row['user_group_uuid'];
|
||||
$array['user_groups'][$n]['domain_uuid'] = $domain_uuid;
|
||||
$n++;
|
||||
$array['user_groups'][$n]['user_group_uuid'] = $row['user_group_uuid'];
|
||||
$array['user_groups'][$n]['domain_uuid'] = $domain_uuid;
|
||||
$n++;
|
||||
}
|
||||
}
|
||||
unset($sql, $prep_statement, $result, $row);
|
||||
unset($sql, $parameters);
|
||||
//adjust user setting records
|
||||
$sql = "select user_setting_uuid from v_user_settings ";
|
||||
$sql .= "where user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
|
||||
$sql .= "where user_uuid = :user_uuid ";
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters);
|
||||
if (is_array($result)) {
|
||||
foreach ($result as $row) {
|
||||
//add user setting to array for update
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$i++;
|
||||
$array['user_settings'][$i]['user_setting_uuid'] = $row['user_setting_uuid'];
|
||||
$array['user_settings'][$i]['domain_uuid'] = $domain_uuid;
|
||||
$i++;
|
||||
}
|
||||
}
|
||||
unset($sql, $prep_statement, $result, $row);
|
||||
unset($sql, $parameters);
|
||||
//unassign any foreign domain groups
|
||||
$sql = "delete from v_user_groups where ";
|
||||
$sql .= "domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$sql = "delete from v_user_groups ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$sql .= "and group_uuid not in (";
|
||||
$sql .= " select group_uuid from v_groups where domain_uuid = '".$domain_uuid."' or domain_uuid is null ";
|
||||
$sql .= " select group_uuid from v_groups where domain_uuid = :domain_uuid or domain_uuid is null ";
|
||||
$sql .= ") ";
|
||||
$db->exec(check_sql($sql));
|
||||
unset($sql);
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$database->execute($sql, $parameters);
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
|
||||
//add contact to array for insert
|
||||
|
|
@ -476,25 +480,23 @@
|
|||
if ($action == 'edit' && permission_exists('user_edit') && file_exists($_SERVER["PROJECT_ROOT"]."/app/call_centers/app_config.php")) {
|
||||
//get the call center agent uuid
|
||||
$sql = "select call_center_agent_uuid from v_call_center_agents ";
|
||||
$sql .= "where domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= "and user_uuid = '".$user_uuid."' ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
|
||||
$call_center_agent_uuid = $row['call_center_agent_uuid'];
|
||||
}
|
||||
unset($sql, $prep_statement, $result);
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$call_center_agent_uuid = $database->select($sql, $parameters, 'column');
|
||||
unset($sql, $parameters);
|
||||
|
||||
//update the user_status
|
||||
if (isset($call_center_agent_uuid)) {
|
||||
if (isset($call_center_agent_uuid) && is_uuid($call_center_agent_uuid)) {
|
||||
$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
|
||||
$switch_cmd .= "callcenter_config agent set status ".$call_center_agent_uuid." '".$user_status."'";
|
||||
$switch_result = event_socket_request($fp, 'api '.$switch_cmd);
|
||||
}
|
||||
|
||||
//update the user state
|
||||
if (isset($call_center_agent_uuid)) {
|
||||
if (isset($call_center_agent_uuid) && is_uuid($call_center_agent_uuid)) {
|
||||
$cmd = "api callcenter_config agent set state ".$call_center_agent_uuid." Waiting";
|
||||
$response = event_socket_request($fp, $cmd);
|
||||
}
|
||||
|
|
@ -512,10 +514,7 @@
|
|||
}
|
||||
|
||||
//populate the form with values from session variable
|
||||
if (
|
||||
is_array($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) &&
|
||||
sizeof($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) != 0
|
||||
) {
|
||||
if (is_array($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) && sizeof($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) != 0) {
|
||||
$domain_uuid = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["domain_uuid"];
|
||||
$username = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["username"];
|
||||
$password = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["password"];
|
||||
|
|
@ -536,17 +535,17 @@
|
|||
$unsaved = true;
|
||||
unset($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']);
|
||||
}
|
||||
|
||||
//populate the form with values from db
|
||||
else {
|
||||
//populate the form with values from db
|
||||
if ($action == 'edit') {
|
||||
$sql = "select * from v_users where user_uuid = '".$user_uuid."' ";
|
||||
$sql = "select * from v_users where user_uuid = :user_uuid ";
|
||||
if (!permission_exists('user_all')) {
|
||||
$sql .= "and domain_uuid = '".$domain_uuid."' ";
|
||||
$sql .= "and domain_uuid = :domain_uuid ";
|
||||
$parameters['domain_uuid'] = $domain_uuid;
|
||||
}
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$row = $database->select($sql, $parameters, 'row');
|
||||
if (is_array($row) && sizeof($row) > 0) {
|
||||
$domain_uuid = $row["domain_uuid"];
|
||||
$user_uuid = $row["user_uuid"];
|
||||
|
|
@ -561,16 +560,16 @@
|
|||
header("Location: user_edit.php?id=".$_SESSION['user_uuid']);
|
||||
exit;
|
||||
}
|
||||
unset($sql, $prep_statement, $row);
|
||||
unset($sql, $parameters, $row);
|
||||
|
||||
//get user settings
|
||||
//get user settings
|
||||
$sql = "select * from v_user_settings ";
|
||||
$sql .= "where user_uuid = '".$user_uuid."' ";
|
||||
$sql .= "where user_uuid = :user_uuid ";
|
||||
$sql .= "and user_setting_enabled = 'true' ";
|
||||
$prep_statement = $db->prepare($sql);
|
||||
if ($prep_statement) {
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result)) {
|
||||
foreach($result as $row) {
|
||||
$name = $row['user_setting_name'];
|
||||
$category = $row['user_setting_category'];
|
||||
|
|
@ -584,6 +583,7 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -706,14 +706,14 @@
|
|||
echo " <select id='user_language' name='user_language' class='formfld' style=''>\n";
|
||||
echo " <option value=''></option>\n";
|
||||
//get all language codes from database
|
||||
$sql = "select * from v_languages order by language asc";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
foreach ($result as &$row) {
|
||||
$sql = "select * from v_languages order by language asc ";
|
||||
$parameters = null;
|
||||
$database = new database;
|
||||
$languages = $database->select($sql, $parameters, 'all');
|
||||
foreach ($languages as $row) {
|
||||
$language_codes[$row["code"]] = $row["language"];
|
||||
}
|
||||
unset($prep_statement, $result, $row);
|
||||
unset($languages);
|
||||
foreach ($_SESSION['app']['languages'] as $code) {
|
||||
$selected = ($code == $user_settings['domain']['language']['code']) ? "selected='selected'" : null;
|
||||
echo " <option value='".escape($code)."' ".escape($selected).">".escape($language_codes[$code])." [".escape($code)."]</option>\n";
|
||||
|
|
@ -793,16 +793,17 @@
|
|||
$sql .= "from ";
|
||||
$sql .= "v_contacts as c ";
|
||||
$sql .= "where ";
|
||||
$sql .= "c.domain_uuid = '".escape($domain_uuid)."' ";
|
||||
$sql .= "c.domain_uuid = :domain_uuid ";
|
||||
$sql .= "and not exists ( ";
|
||||
$sql .= " select ";
|
||||
$sql .= " contact_uuid ";
|
||||
$sql .= " from ";
|
||||
$sql .= " v_users as u ";
|
||||
$sql .= " where ";
|
||||
$sql .= " u.domain_uuid = '".escape($domain_uuid)."' ";
|
||||
$sql .= " u.domain_uuid = :domain_uuid ";
|
||||
if (is_uuid($contact_uuid)) { //don't exclude currently assigned contact
|
||||
$sql .= "and u.contact_uuid <> '".escape($contact_uuid)."' ";
|
||||
$sql .= "and u.contact_uuid <> :contact_uuid ";
|
||||
$parameters['contact_uuid'] = $contact_uuid;
|
||||
}
|
||||
$sql .= " and u.contact_uuid = c.contact_uuid ";
|
||||
$sql .= ") ";
|
||||
|
|
@ -811,13 +812,14 @@
|
|||
$sql .= "lower(c.contact_name_family) asc, ";
|
||||
$sql .= "lower(c.contact_name_given) asc, ";
|
||||
$sql .= "lower(c.contact_nickname) asc ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
unset ($prep_statement, $sql);
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$parameters['contact_uuid'] = $contact_uuid;
|
||||
$database = new database;
|
||||
$contacts = $database->select($sql, $parameters, 'all');
|
||||
unset($parameters);
|
||||
echo "<select name=\"contact_uuid\" id=\"contact_uuid\" class=\"formfld\">\n";
|
||||
echo "<option value=\"\"></option>\n";
|
||||
foreach($result as $row) {
|
||||
foreach($contacts as $row) {
|
||||
$contact_name = array();
|
||||
if ($row['contact_organization'] != '') { $contact_name[] = $row['contact_organization']; }
|
||||
if ($row['contact_name_family'] != '') { $contact_name[] = $row['contact_name_family']; }
|
||||
|
|
@ -825,7 +827,7 @@
|
|||
if ($row['contact_name_family'] == '' && $row['contact_name_family'] == '' && $row['contact_nickname'] != '') { $contact_name[] = $row['contact_nickname']; }
|
||||
echo "<option value='".escape($row['contact_uuid'])."' ".(($row['contact_uuid'] == $contact_uuid) ? "selected='selected'" : null).">".escape(implode(', ', $contact_name))."</option>\n";
|
||||
}
|
||||
unset($sql, $result, $row_count);
|
||||
unset($sql, $row_count);
|
||||
echo "</select>\n";
|
||||
echo "<br />\n";
|
||||
echo $text['description-contact']."\n";
|
||||
|
|
@ -875,14 +877,14 @@
|
|||
$sql .= "order by ";
|
||||
$sql .= " g.domain_uuid desc, ";
|
||||
$sql .= " g.group_name asc ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->bindParam(':domain_uuid', $domain_uuid);
|
||||
$prep_statement->bindParam(':user_uuid', $user_uuid);
|
||||
$prep_statement->execute();
|
||||
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
if (is_array($result)) {
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$parameters['user_uuid'] = $user_uuid;
|
||||
$database = new database;
|
||||
$user_groups = $database->select($sql, $parameters, 'all');
|
||||
unset($parameters);
|
||||
if (is_array($user_groups)) {
|
||||
echo "<table cellpadding='0' cellspacing='0' border='0'>\n";
|
||||
foreach($result as $field) {
|
||||
foreach($user_groups as $field) {
|
||||
if (strlen($field['group_name']) > 0) {
|
||||
echo "<tr>\n";
|
||||
echo " <td class='vtable' style='white-space: nowrap; padding-right: 30px;' nowrap='nowrap'>";
|
||||
|
|
@ -894,22 +896,25 @@
|
|||
echo " </td>\n";
|
||||
}
|
||||
echo "</tr>\n";
|
||||
$assigned_groups[] = $field['group_uuid'];
|
||||
if (is_uuid($field['group_uuid'])) {
|
||||
$assigned_groups[] = $field['group_uuid'];
|
||||
}
|
||||
}
|
||||
}
|
||||
echo "</table>\n";
|
||||
}
|
||||
unset($sql, $prep_statement, $result);
|
||||
unset($sql, $user_groups);
|
||||
|
||||
$sql = "select * from v_groups ";
|
||||
$sql .= "where (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
|
||||
$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
|
||||
if (sizeof($assigned_groups) > 0) {
|
||||
$sql .= "and group_uuid not in ('".implode("','",$assigned_groups)."') ";
|
||||
}
|
||||
$sql .= "order by domain_uuid desc, group_name asc ";
|
||||
$prep_statement = $db->prepare(check_sql($sql));
|
||||
$prep_statement->execute();
|
||||
$groups = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
||||
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
|
||||
$database = new database;
|
||||
$groups = $database->select($sql, $parameters, 'all');
|
||||
unset($parameters);
|
||||
if (is_array($groups)) {
|
||||
if (isset($assigned_groups)) { echo "<br />\n"; }
|
||||
echo "<select name='group_uuid_name' class='formfld' style='width: auto; margin-right: 3px;' ".($action == 'add' ? "required='required'" : null).">\n";
|
||||
|
|
@ -927,7 +932,7 @@
|
|||
echo "<input type='submit' class='btn' value=\"".$text['button-add']."\" >\n";
|
||||
}
|
||||
}
|
||||
unset($sql, $prep_statement, $groups);
|
||||
unset($sql, $groups);
|
||||
|
||||
echo " </td>";
|
||||
echo " </tr>";
|
||||
|
|
|
|||
Loading…
Reference in New Issue