'
. 'hier kannst du den Eintrag ändern. Unter dem Punkt \'Gekommen\' '
. 'wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, '
. 'dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. '
. 'Wenn T-Shirt ein \'Ja\' enthält, bedeutet dies, dass der Engel '
. 'bereits sein T-Shirt erhalten hat.
' . "\n";
$html .= '
';
$html .= '';
$html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.'));
$html .= 'Hier kannst Du das Passwort dieses Engels neu setzen:';
$html .= '';
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1");
if (count($my_highest_group) > 0) {
$my_highest_group = $my_highest_group[0]['group_id'];
}
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1");
if (count($his_highest_group) > 0) {
$his_highest_group = $his_highest_group[0]['group_id'];
}
if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) {
$html .= 'Hier kannst Du die Benutzergruppen des Engels festlegen:';
$html .= '';
}
$html .= buttons([
button(user_delete_link($user_source), glyph('lock') . _('delete'), 'btn-danger')
]);
$html .= "";
} else {
switch ($_REQUEST['action']) {
case 'save_groups':
if ($user_id != $user['UID']) {
$my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`");
$his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`");
if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) {
$groups_source = sql_select("
SELECT *
FROM `Groups`
LEFT OUTER JOIN `UserGroups` ON (
`UserGroups`.`group_id` = `Groups`.`UID`
AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "'
)
WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "'
ORDER BY `Groups`.`Name`
");
$groups = [];
$grouplist = [];
foreach ($groups_source as $group) {
$groups[$group['UID']] = $group;
$grouplist[] = $group['UID'];
}
if (!is_array($_REQUEST['groups'])) {
$_REQUEST['groups'] = [];
}
sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'");
$user_groups_info = [];
foreach ($_REQUEST['groups'] as $group) {
if (in_array($group, $grouplist)) {
sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'");
$user_groups_info[] = $groups[$group]['Name'];
}
}
$user_source = User($user_id);
engelsystem_log(
'Set groups of ' . User_Nick_render($user_source) . ' to: ' . join(', ', $user_groups_info)
);
$html .= success('Benutzergruppen gespeichert.', true);
} else {
$html .= error('Du kannst keine Engel mit mehr Rechten bearbeiten.', true);
}
} else {
$html .= error('Du kannst Deine eigenen Rechte nicht bearbeiten.', true);
}
break;
case 'save':
$force_active = $user['force_active'];
$user_source = User($user_id);
if (in_array('admin_active', $privileges)) {
$force_active = $_REQUEST['force_active'];
}
$SQL = "UPDATE `User` SET
`Nick` = '" . sql_escape($_POST["eNick"]) . "',
`Name` = '" . sql_escape($_POST["eName"]) . "',
`Vorname` = '" . sql_escape($_POST["eVorname"]) . "',
`Telefon` = '" . sql_escape($_POST["eTelefon"]) . "',
`Handy` = '" . sql_escape($_POST["eHandy"]) . "',
`Alter` = '" . sql_escape($_POST["eAlter"]) . "',
`DECT` = '" . sql_escape($_POST["eDECT"]) . "',
" . ($user_source['email_by_human_allowed'] ? "`email` = '" . sql_escape($_POST["eemail"]) . "'," : "") . "
`jabber` = '" . sql_escape($_POST["ejabber"]) . "',
`Size` = '" . sql_escape($_POST["eSize"]) . "',
`Gekommen`= '" . sql_escape($_POST["eGekommen"]) . "',
`Aktiv`= '" . sql_escape($_POST["eAktiv"]) . "',
`force_active`= " . sql_escape($force_active) . ",
`Tshirt` = '" . sql_escape($_POST["eTshirt"]) . "',
`Hometown` = '" . sql_escape($_POST["Hometown"]) . "'
WHERE `UID` = '" . sql_escape($user_id) . "'
LIMIT 1";
sql_query($SQL);
engelsystem_log(
'Updated user: ' . $_POST['eNick'] . ', ' . $_POST['eSize']
. ', arrived: ' . $_POST['eGekommen']
. ', active: ' . $_POST['eAktiv']
. ', tshirt: ' . $_POST['eTshirt']
);
$html .= success('Änderung wurde gespeichert...' . '\n', true);
break;
case 'change_pw':
if ($_REQUEST['new_pw'] != '' && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
set_password($user_id, $_REQUEST['new_pw']);
$user_source = User($user_id);
engelsystem_log('Set new password for ' . User_Nick_render($user_source));
$html .= success('Passwort neu gesetzt.', true);
} else {
$html .= error('Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!', true);
}
break;
}
}
return page_with_title(_('Edit user'), [
$html
]);
}