| [ Index ] |
PHP Cross Reference of osCMax 2.0.4 |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 $Id: admin_account.php 3 2006-05-27 04:59:07Z user $ 4 5 osCMax Power E-Commerce 6 http://oscdox.com 7 8 Copyright 2009 osCMax 9 10 Released under the GNU General Public License 11 */ 12 13 require ('includes/application_top.php'); 14 require(DIR_WS_LANGUAGES . $language . '/login.php'); 15 16 $current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES; 17 18 if ($HTTP_GET_VARS['action']) { 19 switch ($HTTP_GET_VARS['action']) { 20 case 'check_password': 21 $check_pass_query = tep_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $HTTP_POST_VARS['id_info'] . "'"); 22 $check_pass = tep_db_fetch_array($check_pass_query); 23 24 // Check that password is good 25 if (!tep_validate_password($HTTP_POST_VARS['password_confirmation'], $check_pass['confirm_password'])) { 26 tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password')); 27 } else { 28 //$confirm = 'confirm_account'; 29 tep_session_register('confirm_account'); 30 tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process')); 31 } 32 33 break; 34 case 'save_account': 35 $admin_id = tep_db_prepare_input($HTTP_POST_VARS['id_info']); 36 $admin_email_address = tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']); 37 $stored_email[] = 'NONE'; 38 $hiddenPassword = '-hidden-'; 39 40 $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . ""); 41 while ($check_email = tep_db_fetch_array($check_email_query)) { 42 $stored_email[] = $check_email['admin_email_address']; 43 } 44 45 if (in_array($HTTP_POST_VARS['admin_email_address'], $stored_email)) { 46 tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email')); 47 } else { 48 $sql_data_array = array('admin_username' => tep_db_prepare_input($HTTP_POST_VARS['admin_username']), 49 'admin_firstname' => tep_db_prepare_input($HTTP_POST_VARS['admin_firstname']), 50 'admin_lastname' => tep_db_prepare_input($HTTP_POST_VARS['admin_lastname']), 51 'admin_email_address' => tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']), 52 'admin_password' => tep_encrypt_password(tep_db_prepare_input($HTTP_POST_VARS['admin_password'])), 53 'admin_modified' => 'now()'); 54 55 tep_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\''); 56 57 tep_mail($HTTP_POST_VARS['admin_firstname'] . ' ' . $HTTP_POST_VARS['admin_lastname'], $HTTP_POST_VARS['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $HTTP_POST_VARS['admin_username'], HTTP_SERVER . DIR_WS_ADMIN, $HTTP_POST_VARS['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); 58 59 tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin_id)); 60 } 61 break; 62 } 63 } 64 65 ?> 66 <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> 67 <html <?php echo HTML_PARAMS; ?>> 68 <head> 69 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> 70 <title><?php echo TITLE; ?></title> 71 <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> 72 <script language="javascript" src="includes/general.js"></script> 73 <?php require ('includes/account_check.js.php'); ?> 74 </head> 75 <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();"> 76 <!-- header //--> 77 <?php require (DIR_WS_INCLUDES . 'header.php'); ?> 78 <!-- header_eof //--> 79 80 <!-- body //--> 81 <table border="0" width="100%" cellspacing="2" cellpadding="2"> 82 <tr> 83 <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft"> 84 <!-- left_navigation //--> 85 <?php require (DIR_WS_INCLUDES . 'column_left.php'); ?> 86 <!-- left_navigation_eof //--> 87 </table></td> 88 <!-- body_text //--> 89 <td width="100%" valign="top"> 90 <?php if ($HTTP_GET_VARS['action'] == 'edit_process') { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=save_account', 'post', 'enctype="multipart/form-data"'); } elseif ($HTTP_GET_VARS['action'] == 'check_account') { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=check_password', 'post', 'enctype="multipart/form-data"'); } else { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=check_account', 'post', 'enctype="multipart/form-data"'); } ?> 91 <table border="0" width="100%" cellspacing="0" cellpadding="2"> 92 <tr> 93 <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> 94 <tr> 95 <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> 96 <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> 97 </tr> 98 </table></td> 99 </tr> 100 <tr> 101 <td><table border="0" width="100%" cellspacing="0" cellpadding="0" align="center"> 102 <tr> 103 <td valign="top"> 104 <?php 105 $my_account_query = tep_db_query ("select a.admin_id, a.admin_firstname, a.admin_lastname, a.admin_username, a.admin_email_address, a.admin_created, a.admin_modified, a.admin_logdate, a.admin_lognum, g.admin_groups_name from " . TABLE_ADMIN . " a, " . TABLE_ADMIN_GROUPS . " g where a.admin_id= " . $login_id . " and g.admin_groups_id= " . $login_groups_id . ""); 106 $myAccount = tep_db_fetch_array($my_account_query); 107 ?> 108 <table border="0" width="100%" cellspacing="0" cellpadding="2" align="center"> 109 <tr class="dataTableHeadingRow"> 110 <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_ACCOUNT; ?> 111 </td> 112 </tr> 113 <tr class="dataTableRow"> 114 <td> 115 <table border="0" cellspacing="0" cellpadding="3"> 116 <?php 117 if ( ($HTTP_GET_VARS['action'] == 'edit_process') && (tep_session_is_registered('confirm_account')) ) { 118 ?> 119 <tr> 120 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_USERNAME; ?> </nobr></td> 121 <td class="dataTableContent"><?php echo tep_draw_input_field('admin_username', $myAccount['admin_username']); ?></td> 122 </tr> 123 <tr> 124 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_FIRSTNAME; ?> </nobr></td> 125 <td class="dataTableContent"><?php echo tep_draw_input_field('admin_firstname', $myAccount['admin_firstname']); ?></td> 126 </tr> 127 <tr> 128 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LASTNAME; ?> </nobr></td> 129 <td class="dataTableContent"><?php echo tep_draw_input_field('admin_lastname', $myAccount['admin_lastname']); ?></td> 130 </tr> 131 <tr> 132 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_EMAIL; ?> </nobr></td> 133 <td class="dataTableContent"><?php if ($HTTP_GET_VARS['error']) { echo tep_draw_input_field('admin_email_address', $myAccount['admin_email_address']) . ' <nobr>' . TEXT_INFO_ERROR . '</nobr>'; } else { echo tep_draw_input_field('admin_email_address', $myAccount['admin_email_address']); } ?></td> 134 </tr> 135 <tr> 136 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD; ?> </nobr></td> 137 <td class="dataTableContent"><?php echo tep_draw_password_field('admin_password'); ?></td> 138 </tr> 139 <tr> 140 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD_CONFIRM; ?> </nobr></td> 141 <td class="dataTableContent"><?php echo tep_draw_password_field('admin_password_confirm'); ?></td> 142 </tr> 143 <?php 144 } else { 145 if (tep_session_is_registered('confirm_account')) { 146 tep_session_unregister('confirm_account'); 147 } 148 ?> 149 <tr> 150 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_USERNAME; ?> </nobr></td> 151 <td class="dataTableContent"><?php echo $myAccount['admin_username'] . ' ' . $myAccount['admin_username']; ?></td> 152 </tr> 153 <tr> 154 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_FULLNAME; ?> </nobr></td> 155 <td class="dataTableContent"><?php echo $myAccount['admin_firstname'] . ' ' . $myAccount['admin_lastname']; ?></td> 156 </tr> 157 <tr> 158 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_EMAIL; ?> </nobr></td> 159 <td class="dataTableContent"><?php echo $myAccount['admin_email_address']; ?></td> 160 </tr> 161 <tr> 162 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD; ?> </nobr></td> 163 <td class="dataTableContent"><?php echo TEXT_INFO_PASSWORD_HIDDEN; ?></td> 164 </tr> 165 <tr class="dataTableRowSelected"> 166 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_GROUP; ?> </nobr></td> 167 <td class="dataTableContent"><?php echo $myAccount['admin_groups_name']; ?></td> 168 </tr> 169 <tr> 170 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_CREATED; ?> </nobr></td> 171 <td class="dataTableContent"><?php echo $myAccount['admin_created']; ?></td> 172 </tr> 173 <tr> 174 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LOGNUM; ?> </nobr></td> 175 <td class="dataTableContent"><?php echo $myAccount['admin_lognum']; ?></td> 176 </tr> 177 <tr> 178 <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LOGDATE; ?> </nobr></td> 179 <td class="dataTableContent"><?php echo $myAccount['admin_logdate']; ?></td> 180 </tr> 181 <?php 182 } 183 ?> 184 </table> 185 </td> 186 </tr> 187 <tr> 188 <td><table width="100%" border="0" cellspacing="0" cellpadding="3"><tr><td class="smallText" valign="top"><?php echo TEXT_INFO_MODIFIED . $myAccount['admin_modified']; ?></td><td align="right"><?php if ($HTTP_GET_VARS['action'] == 'edit_process') { echo '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; if (tep_session_is_registered('confirm_account')) { echo tep_image_submit('button_save.gif', IMAGE_SAVE, 'onClick="validateForm();return document.returnValue"'); } } elseif ($HTTP_GET_VARS['action'] == 'check_account') { echo ' '; } else { echo tep_image_submit('button_edit.gif', IMAGE_EDIT); } ?></td><tr></table></td> 189 </tr> 190 </table> 191 192 193 </td> 194 <?php 195 $heading = array(); 196 $contents = array(); 197 switch ($HTTP_GET_VARS['action']) { 198 case 'edit_process': 199 $heading[] = array('text' => '<b> ' . TEXT_INFO_HEADING_DEFAULT . '</b>'); 200 201 $contents[] = array('text' => TEXT_INFO_INTRO_EDIT_PROCESS . tep_draw_hidden_field('id_info', $myAccount['admin_id'])); 202 //$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> ' . tep_image_submit('button_confirm.gif', IMAGE_CONFIRM, 'onClick="validateForm();return document.returnValue"') . '<br> '); 203 break; 204 case 'check_account': 205 $heading[] = array('text' => '<b> ' . TEXT_INFO_HEADING_CONFIRM_PASSWORD . '</b>'); 206 207 $contents[] = array('text' => ' ' . TEXT_INFO_INTRO_CONFIRM_PASSWORD . tep_draw_hidden_field('id_info', $myAccount['admin_id'])); 208 if ($HTTP_GET_VARS['error']) { 209 $contents[] = array('text' => ' ' . TEXT_INFO_INTRO_CONFIRM_PASSWORD_ERROR); 210 } 211 $contents[] = array('align' => 'center', 'text' => tep_draw_password_field('password_confirmation')); 212 $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> ' . tep_image_submit('button_confirm.gif', IMAGE_CONFIRM) . '<br> '); 213 break; 214 default: 215 $heading[] = array('text' => '<b> ' . TEXT_INFO_HEADING_DEFAULT . '</b>'); 216 217 $contents[] = array('text' => TEXT_INFO_INTRO_DEFAULT); 218 //$contents[] = array('align' => 'center', 'text' => tep_image_submit('button_edit.gif', IMAGE_EDIT) . '<br> '); 219 if ($myAccount['admin_email_address'] == 'admin@localhost') { 220 $contents[] = array('text' => sprintf(TEXT_INFO_INTRO_DEFAULT_FIRST, $myAccount['admin_username']) . '<br> '); 221 } elseif (($myAccount['admin_modified'] == '0000-00-00 00:00:00') || ($myAccount['admin_logdate'] <= 1) ) { 222 $contents[] = array('text' => sprintf(TEXT_INFO_INTRO_DEFAULT_FIRST_TIME, $myAccount['admin_username']) . '<br> '); 223 } 224 225 } 226 227 if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) { 228 echo ' <td width="25%" valign="top">' . "\n"; 229 230 $box = new box; 231 echo $box->infoBox($heading, $contents); 232 233 echo ' </td>' . "\n"; 234 } 235 ?> 236 </tr> 237 </table></td> 238 </tr> 239 </table></form></td> 240 <!-- body_text_eof //--> 241 </tr> 242 </table> 243 <!-- body_eof //--> 244 245 <!-- footer //--> 246 <?php require (DIR_WS_INCLUDES . 'footer.php'); ?> 247 <!-- footer_eof //--> 248 <br> 249 </body> 250 </html> 251 <?php require (DIR_WS_INCLUDES . 'application_bottom.php'); ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Jan 1 13:43:16 2010 | Cross-referenced by PHPXref 0.7 |