ZenCart_Documentation  1.5.0
http://www.collinsharper.com
C:/xampp/htdocs/zen-cart/admin/admin_account.php
Go to the documentation of this file.
00001 <?php
00010 require('includes/application_top.php');
00011 if (file_exists(DIR_WS_LANGUAGES . $_SESSION['language'] . '/' . 'users.php')) {
00012   include(DIR_WS_LANGUAGES . $_SESSION['language'] . '/' . 'users.php');
00013 }
00014 
00015 // Check if session has timed out
00016 if (!isset($_SESSION['admin_id'])) zen_redirect(zen_href_link(FILENAME_LOGIN));
00017 $user = $_SESSION['admin_id'];
00018 
00019 // determine whether an action has been requested
00020 if (isset($_POST['action']) && in_array($_POST['action'], array('update','reset'))) {
00021   $action = $_POST['action'];
00022 } elseif (isset($_GET['action']) && in_array($_GET['action'], array('edit','password'))) {
00023   $action = $_GET['action'];
00024 } else {
00025   $action = '';
00026 }
00027 // validate form input as not expired and not spoofed
00028 if ($action != '' && isset($_POST['action']) && $_POST['action'] != '' && $_POST['securityToken'] != $_SESSION['securityToken']) {
00029   $messageStack->add_session(ERROR_TOKEN_EXPIRED_PLEASE_RESUBMIT, 'error');
00030   zen_redirect(zen_href_link(FILENAME_ADMIN_ACCOUNT));
00031 }
00032 
00033 // act upon any specific action specified
00034 switch ($action) {
00035   case 'edit': // display populated form for editing existing user
00036     $formAction = 'update';
00037     $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles());
00038     break;
00039   case 'password': // display unpopulated form for resetting existing user's password
00040     $formAction = 'reset';
00041     break;
00042   case 'update': // update existing user's details in database. Post data is prep'd for db in the first function call
00043     $errors = zen_update_user(FALSE, $_POST['email'], $_POST['id'], $_POST['profile']);
00044     if (sizeof($errors) > 0)
00045     {
00046       foreach ($errors as $error)
00047       {
00048         $messageStack->add($error, 'error');
00049       }
00050       $action = 'edit';
00051       $formAction = 'update';
00052       $profilesList = array_merge(array(array('id'=>0,'text'=>'Choose Profile')), zen_get_profiles());
00053     } else
00054     {
00055       $action = '';
00056       $messageStack->add(SUCCESS_USER_DETAILS_UPDATED, 'success');
00057     }
00058     break;
00059   case 'reset': // reset existing user's password in database. Post data is prep'd for db in the first function call
00060     $errors = zen_reset_password($_POST['user'], $_POST['password'], $_POST['confirm']);
00061     if (sizeof($errors) > 0)
00062     {
00063       foreach ($errors as $error)
00064     {
00065       $messageStack->add($error, 'error');
00066     }
00067     $action = 'password';
00068     $formAction = 'reset';
00069     } else
00070     {
00071       $action = '';
00072       $messageStack->add(SUCCESS_PASSWORD_UPDATED, 'success');
00073     }
00074     break;
00075   default: // no action, simply drop through and display existing users
00076 }
00077 
00078 // get this user's details
00079 $userList = zen_get_users($_SESSION['admin_id']);
00080 $userDetails = $userList[0];
00081 
00082 
00083 ?>
00084 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
00085 <html <?php echo HTML_PARAMS; ?>>
00086 <head>
00087 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
00088 <title><?php echo TITLE; ?></title>
00089 <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
00090 <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
00091 <link rel="stylesheet" type="text/css" href="includes/admin_access.css" />
00092 <script language="javascript" src="includes/menu.js"></script>
00093 <script language="javascript" src="includes/general.js"></script>
00094 <script type="text/javascript">
00095   <!--
00096   function init()
00097   {
00098     cssjsmenu('navbar');
00099     if (document.getElementById)
00100     {
00101       var kill = document.getElementById('hoverJS');
00102       kill.disabled = true;
00103     }
00104   }
00105   // -->
00106 </script>
00107 </head>
00108 <body onload="init()">
00109 <!-- header //-->
00110 <?php require(DIR_WS_INCLUDES . 'header.php'); ?>
00111 <!-- header_eof //-->
00112 
00113 <!-- body //-->
00114 <div id="pageWrapper">
00115 
00116   <h1><?php echo HEADING_TITLE ?></h1>
00117 
00118 <form action="<?php echo zen_href_link(FILENAME_ADMIN_ACCOUNT) ?>" method="post">
00119 <?php if (isset($formAction)) echo zen_draw_hidden_field('action',$formAction) . zen_draw_hidden_field('securityToken', $_SESSION['securityToken']); ?>
00120 <?php if ($action == 'edit' || $action == 'password') echo zen_draw_hidden_field('user',$user) ?>
00121   <table cellspacing="0">
00122     <tr class="headingRow">
00123       <th class="name"><?php echo TEXT_NAME ?></th>
00124       <th class="email"><?php echo TEXT_EMAIL ?></th>
00125 <?php if ($action == 'password') { ?>
00126       <th class="password"><?php echo TEXT_ADMIN_NEW_PASSWORD ?></th>
00127       <th class="password"><?php echo TEXT_ADMIN_CONFIRM_PASSWORD ?></th>
00128 <?php } ?>
00129       <th class="actions">&nbsp;</th>
00130     </tr>
00131     <tr>
00132       <td class="name"><?php echo $userDetails['name'] ?><?php echo zen_draw_hidden_field('id', $userDetails['id']) . zen_draw_hidden_field('admin_name', $userDetails['name']); ?></td>
00133 <?php if ($action == 'edit' && $user == $userDetails['id']) { ?>
00134       <td class="email"><?php echo zen_draw_input_field('email', $userDetails['email'], 'class="field"', false, 'text', true) ?></td>
00135 <?php } else { ?>
00136       <td class="email"><?php echo $userDetails['email'] ?></td>
00137 <?php } ?>
00138 <?php if ($action == 'password' && $user == $userDetails['id']) { ?>
00139     <td class="password"><?php echo zen_draw_input_field('password', '', 'class="field"', false, 'password', true) ?></td>
00140     <td class="confirm"><?php echo zen_draw_input_field('confirm', '', 'class="field"', false, 'password', true) ?></td>
00141 <?php } elseif($action == 'add' || $action == 'password') { ?>
00142       <td class="password">&nbsp;</td>
00143       <td class="confirm">&nbsp;</td>
00144 <?php } ?>
00145 <?php if ($action == 'edit' || $action == 'password') { ?>
00146 <?php if ($user == $userDetails['id']) { ?>
00147       <td class="actions">
00148         <?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE) ?>
00149         <a href="<?php echo zen_href_link(FILENAME_ADMIN_ACCOUNT) ?>"><?php echo zen_image_button('button_cancel.gif', IMAGE_CANCEL) ?></a>
00150       </td>
00151 <?php } else { ?>
00152       <td class="actions">&nbsp;</td>
00153 <?php } ?>
00154 <?php } else { ?>
00155       <td class="actions">
00156         <a href="<?php echo zen_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit') ?>"><?php echo zen_image_button('button_edit.gif', IMAGE_EDIT) ?></a>
00157         <a href="<?php echo zen_href_link(FILENAME_ADMIN_ACCOUNT, 'action=password') ?>"><?php echo zen_image_button('button_reset_pwd.gif', IMAGE_RESET_PWD) ?></a>
00158       </td>
00159     </tr>
00160 <?php } ?>
00161   </table>
00162 </form>
00163 
00164 </div>
00165 <!-- body_eof //-->
00166 
00167 <!-- footer //-->
00168 <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
00169 <!-- footer_eof //-->
00170 <br>
00171 </body>
00172 </html>
00173 <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
 All Data Structures Namespaces Files Functions Variables Enumerations