search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Ajustado mailer.php de acuerdo a las necesidades del proyecto.
[CLab.git] / contenido / adminprocess.php
blob96fdecd12859439de6eccb3773170e4902282e71
1 <?php
2 require_once("../include/sesion.php");
3 /* Make sure administrator is accessing page */
4 if($session->isAdmin()){
5
6 /* Admin submitted update user level form */
7 if(isset($_POST['subupdlevel'])){
8 procUpdateLevel();
9 }
10 /* Admin submitted delete user form */
11 else if(isset($_POST['subdeluser'])){
12 procDeleteUser();
13 }
14 /* Admin submitted delete inactive users form */
15 else if(isset($_POST['subdelinact'])){
16 procDeleteInactive();
17 }
18 /* Admin submitted ban user form */
19 else if(isset($_POST['subbanuser'])){
20 procBanUser();
21 }
22 /* Admin submitted delete banned user form */
23 else if(isset($_POST['subdelbanned'])){
24 procDeleteBannedUser();
25 }
26
27 } else {
28
29 return;
30
31 }
32
33 /**
34 * procUpdateLevel - If the submitted username is correct,
35 * their user level is updated according to the admin's
36 * request.
37 */
38 function procUpdateLevel(){
39 global $session, $database, $form;
40 /* Username error checking */
41 $subuser = checkUsername("upduser");
42
43 /* Errors exist, have user correct them */
44 if($form->num_errors > 0){
45 $_SESSION['value_array'] = $_POST;
46 $_SESSION['error_array'] = $form->getErrorArray();
47 header("Location: ../?accion=admin");
48 }
49 /* Update user level */
50 else{
51 $database->updateUserField($subuser, "userlevel", (int)$_POST['updlevel']);
52 header("Location: ../?accion=admin");
53 }
54 }
55
56 /**
57 * procDeleteUser - If the submitted username is correct,
58 * the user is deleted from the database.
59 */
60 function procDeleteUser(){
61 global $session, $database, $form;
62 /* Username error checking */
63 $subuser = checkUsername("deluser");
64
65 /* Errors exist, have user correct them */
66 if($form->num_errors > 0){
67 $_SESSION['value_array'] = $_POST;
68 $_SESSION['error_array'] = $form->getErrorArray();
69 header("Location: ../?accion=admin");
70 }
71 /* Delete user from database */
72 else{
73 $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
74 $database->query($q);
75 header("Location: ../?accion=admin");
76 }
77 }
78
79 /**
80 * procDeleteInactive - All inactive users are deleted from
81 * the database, not including administrators. Inactivity
82 * is defined by the number of days specified that have
83 * gone by that the user has not logged in.
84 */
85 function procDeleteInactive(){
86 global $session, $database;
87 $inact_time = $session->time - $_POST['inactdays']*24*60*60;
88 $q = "DELETE FROM ".TBL_USERS." WHERE timestamp < $inact_time "
89 ."AND userlevel != ".ADMIN_LEVEL;
90 $database->query($q);
91 header("Location: ../?accion=admin");
92 }
93
94 /**
95 * procBanUser - If the submitted username is correct,
96 * the user is banned from the member system, which entails
97 * removing the username from the users table and adding
98 * it to the banned users table.
99 */
100 function procBanUser(){
101 global $session, $database, $form;
102 /* Username error checking */
103 $subuser = checkUsername("banuser");
104
105 /* Errors exist, have user correct them */
106 if($form->num_errors > 0){
107 $_SESSION['value_array'] = $_POST;
108 $_SESSION['error_array'] = $form->getErrorArray();
109 header("Location: ../?accion=admin");
110 }
111 /* Ban user from member system */
112 else{
113 $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
114 $database->query($q);
115
116 $q = "INSERT INTO ".TBL_BANNED_USERS." VALUES ('$subuser', $session->time)";
117 $database->query($q);
118 header("Location: ../?accion=admin");
119 }
120 }
121
122 /**
123 * procDeleteBannedUser - If the submitted username is correct,
124 * the user is deleted from the banned users table, which
125 * enables someone to register with that username again.
126 */
127 function procDeleteBannedUser(){
128 global $session, $database, $form;
129 /* Username error checking */
130 $subuser = checkUsername("delbanuser", true);
131
132 /* Errors exist, have user correct them */
133 if($form->num_errors > 0){
134 $_SESSION['value_array'] = $_POST;
135 $_SESSION['error_array'] = $form->getErrorArray();
136 header("Location: ../?accion=admin");
137 }
138 /* Delete user from database */
139 else{
140 $q = "DELETE FROM ".TBL_BANNED_USERS." WHERE username = '$subuser'";
141 $database->query($q);
142 header("Location: ../?accion=admin");
143 }
144 }
145
146 /**
147 * checkUsername - Helper function for the above processing,
148 * it makes sure the submitted username is valid, if not,
149 * it adds the appropritate error to the form.
150 */
151 function checkUsername($uname, $ban=false){
152 global $database, $form;
153 /* Username error checking */
154 $subuser = $_POST[$uname];
155 $field = $uname; //Use field name for username
156 if(!$subuser || strlen($subuser = trim($subuser)) == 0){
157 $form->setError($field, "* Username not entered<br>");
158 }
159 else{
160 /* Make sure username is in database */
161 $subuser = stripslashes($subuser);
162 if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
163 !eregi("^([0-9a-z])+$", $subuser) ||
164 (!$ban && !$database->usernameTaken($subuser))){
165 $form->setError($field, "* Username does not exist<br>");
166 }
167 }
168 return $subuser;
169 }
170
171 ?>
Control de Laboratorio