diff --git a/classes/pref/users.php b/classes/pref/users.php index 89554ba6..a10404d0 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -17,9 +17,93 @@ class Pref_Users extends Handler_Protected { return array_search($method, $csrf_ignored) !== false; } - function userdetails() { + function edit() { + global $access_level_names; - $uid = sprintf("%d", $_REQUEST["id"]); + print '
+
'; + + print "
"; + + $id = (int) $this->dbh->escape_string($_REQUEST["id"]); + + print ""; + print ""; + print ""; + + $result = $this->dbh->query("SELECT * FROM ttrss_users WHERE id = '$id'"); + + $login = $this->dbh->fetch_result($result, 0, "login"); + $access_level = $this->dbh->fetch_result($result, 0, "access_level"); + $email = $this->dbh->fetch_result($result, 0, "email"); + + $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; + + print "
".__("User")."
"; + print "
"; + + if ($sel_disabled) { + print ""; + } + + print ""; + + print "
"; + + print "
".__("Authentication")."
"; + print "
"; + + print __('Access level: ') . " "; + + if (!$sel_disabled) { + print_select_hash("access_level", $access_level, $access_level_names, + "dojoType=\"dijit.form.Select\" $sel_disabled"); + } else { + print_select_hash("", $access_level, $access_level_names, + "dojoType=\"dijit.form.Select\" $sel_disabled"); + print ""; + } + + print "
"; + + print ""; + + print "
"; + + print "
".__("Options")."
"; + print "
"; + + print ""; + + print "
"; + + print ""; + + print "
"; + + print '
'; #tab + print "
"; + + print '
'; + print '
'; + + print "
+ +
"; + + return; + } + + function userdetails() { + $id = (int) $this->dbh->escape_string($_REQUEST["id"]); $result = $this->dbh->query("SELECT login, ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, @@ -28,7 +112,7 @@ class Pref_Users extends Handler_Protected { WHERE owner_uid = id) AS stored_articles, ".SUBSTRING_FOR_DATE."(created,1,16) AS created FROM ttrss_users - WHERE id = '$uid'"); + WHERE id = '$id'"); if ($this->dbh->num_rows($result) == 0) { print "

".__('User not found')."

"; @@ -49,7 +133,7 @@ class Pref_Users extends Handler_Protected { print "".__('Last logged in')."$last_login"; $result = $this->dbh->query("SELECT COUNT(id) as num_feeds FROM ttrss_feeds - WHERE owner_uid = '$uid'"); + WHERE owner_uid = '$id'"); $num_feeds = $this->dbh->fetch_result($result, 0, "num_feeds"); @@ -61,7 +145,7 @@ class Pref_Users extends Handler_Protected { print "

".__('Subscribed feeds')."

"; $result = $this->dbh->query("SELECT id,title,site_url FROM ttrss_feeds - WHERE owner_uid = '$uid' ORDER BY title"); + WHERE owner_uid = '$id' ORDER BY title"); print ""; - - print "
-
"; - - return; - } - - function edit() { - global $access_level_names; - - $id = $this->dbh->escape_string($_REQUEST["id"]); - print "
"; - - print ""; - print ""; - print ""; - - $result = $this->dbh->query("SELECT * FROM ttrss_users WHERE id = '$id'"); - - $login = $this->dbh->fetch_result($result, 0, "login"); - $access_level = $this->dbh->fetch_result($result, 0, "access_level"); - $email = $this->dbh->fetch_result($result, 0, "email"); - - $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; - - print "
".__("User")."
"; - print "
"; - - if ($sel_disabled) { - print ""; - } - - print ""; - - print "
"; - - print "
".__("Authentication")."
"; - print "
"; - - print __('Access level: ') . " "; - - if (!$sel_disabled) { - print_select_hash("access_level", $access_level, $access_level_names, - "dojoType=\"dijit.form.Select\" $sel_disabled"); - } else { - print_select_hash("", $access_level, $access_level_names, - "dojoType=\"dijit.form.Select\" $sel_disabled"); - print ""; - } - - print "
"; - - print ""; - - print "
"; - - print "
".__("Options")."
"; - print "
"; - - print ""; - - print "
"; - - print ""; - - print "
"; - - print "
- -
"; - - return; } function editSave() { @@ -338,8 +342,6 @@ class Pref_Users extends Handler_Protected { print ""; print " -