From 390fcde42ca2d047cab98455069b07870128537a Mon Sep 17 00:00:00 2001 From: Nate Date: Fri, 8 Mar 2019 14:17:59 -0700 Subject: [PATCH] User: Fix response message on update. On update error, retain changed form values and indicate as unsaved. Hide Enabled field if editing own User. --- core/users/app_languages.php | 40 +++++++ core/users/user_edit.php | 226 ++++++++++++++++++++--------------- 2 files changed, 169 insertions(+), 97 deletions(-) diff --git a/core/users/app_languages.php b/core/users/app_languages.php index 06272de3de..2cf2075df9 100644 --- a/core/users/app_languages.php +++ b/core/users/app_languages.php @@ -401,6 +401,46 @@ $text['message-cannot_delete_own_account']['ru-ru'] = "Вы не можете у $text['message-cannot_delete_own_account']['sv-se'] = "Du kan inte ta bort ditt egna användarkonto. Logga in som en annan användare och försök igen."; $text['message-cannot_delete_own_account']['uk-ua'] = "Ви не можете видалити власний обліковий запис. Будь ласка, увійдіть під іншим користувачем, потім повторіть спробу."; +$text['message-invalid_user']['en-us'] = "Invalid User"; +$text['message-invalid_user']['ar-eg'] = ""; +$text['message-invalid_user']['de-at'] = ""; //copied from de-de +$text['message-invalid_user']['de-ch'] = ""; //copied from de-de +$text['message-invalid_user']['de-de'] = ""; +$text['message-invalid_user']['es-cl'] = ""; +$text['message-invalid_user']['es-mx'] = ""; //copied from es-cl +$text['message-invalid_user']['fr-ca'] = ""; //copied from fr-fr +$text['message-invalid_user']['fr-fr'] = ""; +$text['message-invalid_user']['he-il'] = ""; +$text['message-invalid_user']['it-it'] = ""; +$text['message-invalid_user']['nl-nl'] = ""; +$text['message-invalid_user']['pl-pl'] = ""; +$text['message-invalid_user']['pt-br'] = ""; //copied from pt-pt +$text['message-invalid_user']['pt-pt'] = ""; +$text['message-invalid_user']['ro-ro'] = ""; +$text['message-invalid_user']['ru-ru'] = ""; +$text['message-invalid_user']['sv-se'] = ""; +$text['message-invalid_user']['uk-ua'] = ""; + +$text['message-unsaved_changes']['en-us'] = "Unsaved Changes"; +$text['message-unsaved_changes']['ar-eg'] = ""; +$text['message-unsaved_changes']['de-at'] = ""; //copied from de-de +$text['message-unsaved_changes']['de-ch'] = ""; //copied from de-de +$text['message-unsaved_changes']['de-de'] = ""; +$text['message-unsaved_changes']['es-cl'] = ""; +$text['message-unsaved_changes']['es-mx'] = ""; //copied from es-cl +$text['message-unsaved_changes']['fr-ca'] = ""; //copied from fr-fr +$text['message-unsaved_changes']['fr-fr'] = ""; +$text['message-unsaved_changes']['he-il'] = ""; +$text['message-unsaved_changes']['it-it'] = ""; +$text['message-unsaved_changes']['nl-nl'] = ""; +$text['message-unsaved_changes']['pl-pl'] = ""; +$text['message-unsaved_changes']['pt-br'] = ""; //copied from pt-pt +$text['message-unsaved_changes']['pt-pt'] = ""; +$text['message-unsaved_changes']['ro-ro'] = ""; +$text['message-unsaved_changes']['ru-ru'] = ""; +$text['message-unsaved_changes']['sv-se'] = ""; +$text['message-unsaved_changes']['uk-ua'] = ""; + $text['label-web_fonts']['en-us'] = "Web Fonts"; $text['label-web_fonts']['ar-eg'] = "الخطوط على شبكة الإنترنت"; $text['label-web_fonts']['de-at'] = "Web Fonts"; //copied from de-de diff --git a/core/users/user_edit.php b/core/users/user_edit.php index 3d05670c86..2ea4dccb6c 100644 --- a/core/users/user_edit.php +++ b/core/users/user_edit.php @@ -136,9 +136,8 @@ $required['special'] = ($_SESSION['user']['password_special']['boolean'] == 'true') ? true : false; //check required values - $msg = ''; if ($username == '') { - $msg .= $text['message-required'].$text['label-username']."
\n"; + message::add($text['message-required'].$text['label-username'], 'negative', 7500); } if (permission_exists('user_edit') && $action == 'edit') { if ($username != $username_old && $username != '') { @@ -151,60 +150,64 @@ $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if (0 < $row['num_rows']) { - $msg .= $text['message-username_exists']."
\n"; + message::add($text['message-username_exists'], 'negative', 7500); } } unset($sql); } } if ($password != '' && $password != $password_confirm) { - $msg .= $text['message-password_mismatch']."
\n"; + message::add($text['message-password_mismatch'], 'negative', 7500); } if (permission_exists('user_add') && $action == 'add') { if ($password == '') { - $msg .= $text['message-password_blank']."
\n"; + message::add($text['message-password_blank'], 'negative', 7500); } if ($user_email == '') { - $msg .= $text['message-required'].$text['label-email']."
\n"; + message::add($text['message-required'].$text['label-email'], 'negative', 7500); } if ($group_uuid_name == '') { - $msg .= $text['message-required'].$text['label-group']."
\n"; + message::add($text['message-required'].$text['label-group'], 'negative', 7500); } } if (strlen($password) > 0) { if (is_numeric($required['length']) && $required['length'] != 0) { if (strlen($password) < $required['length']) { - $msg .= $text['message-required'].$text['label-characters']."
\n"; + message::add($text['message-required'].$text['label-characters'], 'negative', 7500); } } if ($required['number']) { if (!preg_match('/(?=.*[\d])/', $password)) { - $msg .= $text['message-required'].$text['label-numbers']."
\n"; + message::add($text['message-required'].$text['label-numbers'], 'negative', 7500); } } if ($required['lowercase']) { if (!preg_match('/(?=.*[a-z])/', $password)) { - $msg .= $text['message-required'].$text['label-lowercase_letters']."
\n"; + message::add($text['message-required'].$text['label-lowercase_letters'], 'negative', 7500); } } if ($required['uppercase']) { if (!preg_match('/(?=.*[A-Z])/', $password)) { - $msg .= $text['message-required'].$text['label-uppercase_letters']."
\n"; + message::add($text['message-required'].$text['label-uppercase_letters'], 'negative', 7500); } } if ($required['special']) { if (!preg_match('/(?=.*[\W])/', $password)) { - $msg .= $text['message-required'].$text['label-special_characters']."
\n"; + message::add($text['message-required'].$text['label-special_characters'], 'negative', 7500); } } } - } -//save the data - if (strlen($msg) == 0 && count($_POST) > 0) { - //set initial array indexes - $i = $n = $x = $c = 0; + //return if error + if (message::count() != 0) { + $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user'] = $_POST; + header("Location: user_edit.php?id=".$user_uuid); + exit; + } + + //save the data + $i = $n = $x = $c = 0; //set initial array indexes //check to see if user language is set $sql = "select user_setting_uuid, user_setting_value from v_user_settings "; @@ -496,70 +499,101 @@ $response = event_socket_request($fp, $cmd); } } + + //response message + if ($action == 'edit') { + message::add($text['message-update'],'positive'); + } + else { + message::add($text['message-add'],'positive'); + } + header("Location: user_edit.php?id=".$user_uuid); + exit; } //pre-populate the form if ($action == 'edit') { - //get user data - $sql = "select * from v_users where user_uuid = '".$user_uuid."' "; - if (!permission_exists('user_all')) { - $sql .= "and domain_uuid = '".$domain_uuid."' "; - } - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $row = $prep_statement->fetch(PDO::FETCH_NAMED); - if (is_array($row) && sizeof($row) > 0) { - $domain_uuid = $row["domain_uuid"]; - $user_uuid = $row["user_uuid"]; - $username = $row["username"]; - $password = $row["password"]; - $api_key = $row["api_key"]; - $user_enabled = $row["user_enabled"]; - $contact_uuid = $row["contact_uuid"]; - $user_status = $row["user_status"]; - } - else { - header("Location: user_edit.php?id=".$_SESSION['user_uuid']); - exit; - } - unset($sql, $prep_statement, $row); - //get user settings - $sql = "select * from v_user_settings "; - $sql .= "where user_uuid = '".$user_uuid."' "; - $sql .= "and user_setting_enabled = 'true' "; - $prep_statement = $db->prepare($sql); - if ($prep_statement) { + //get values from session variable + if ( + is_array($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) && + sizeof($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']) != 0) + { + $domain_uuid = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["domain_uuid"]; + $username = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["username"]; + $api_key = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["api_key"]; + $user_enabled = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["user_enabled"]; + $contact_uuid = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["contact_uuid"]; + $user_status = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']["user_status"]; + $password_confirm = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['password_confirm']; + $user_settings['domain']['language']['code'] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_language']; + $user_settings['domain']['time_zone']['name'] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_time_zone']; + $user_email = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['user_email']; + $contact_name_given = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_given']; + $contact_name_family = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_name_family']; + $contact_organization = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['contact_organization']; + $user_settings["message"]["key"]["text"] = $_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']['message_key']; + + $unsaved = true; + unset($_SESSION['tmp'][$_SERVER['PHP_SELF']]['user']); + } + + //get values from db + else { + + //get user data + $sql = "select * from v_users where user_uuid = '".$user_uuid."' "; + if (!permission_exists('user_all')) { + $sql .= "and domain_uuid = '".$domain_uuid."' "; + } + $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - foreach($result as $row) { - $name = $row['user_setting_name']; - $category = $row['user_setting_category']; - $subcategory = $row['user_setting_subcategory']; - if (strlen($subcategory) == 0) { - //$$category[$name] = $row['domain_setting_value']; - $user_settings[$category][$name] = $row['user_setting_value']; - } - else { - $user_settings[$category][$subcategory][$name] = $row['user_setting_value']; + $row = $prep_statement->fetch(PDO::FETCH_NAMED); + if (is_array($row) && sizeof($row) > 0) { + $domain_uuid = $row["domain_uuid"]; + $user_uuid = $row["user_uuid"]; + $username = $row["username"]; + $password = $row["password"]; + $api_key = $row["api_key"]; + $user_enabled = $row["user_enabled"]; + $contact_uuid = $row["contact_uuid"]; + $user_status = $row["user_status"]; + } + else { + message::add($text['message-invalid_user'], 'negative', 7500); + header("Location: user_edit.php?id=".$_SESSION['user_uuid']); + exit; + } + unset($sql, $prep_statement, $row); + + //get user settings + $sql = "select * from v_user_settings "; + $sql .= "where user_uuid = '".$user_uuid."' "; + $sql .= "and user_setting_enabled = 'true' "; + $prep_statement = $db->prepare($sql); + if ($prep_statement) { + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + foreach($result as $row) { + $name = $row['user_setting_name']; + $category = $row['user_setting_category']; + $subcategory = $row['user_setting_subcategory']; + if (strlen($subcategory) == 0) { + //$$category[$name] = $row['domain_setting_value']; + $user_settings[$category][$name] = $row['user_setting_value']; + } + else { + $user_settings[$category][$subcategory][$name] = $row['user_setting_value']; + } } } - } + } } //include the header require_once "resources/header.php"; $document['title'] = $text['title-user_edit']; -//show the error message - if (isset($msg) && strlen($msg) > 0) { - echo "
\n"; - echo "
\n"; - echo $msg."
"; - echo "
\n"; - echo "
\n"; - } - //show the content echo "