[ Index ]

PHP Cross Reference of osCMax 2.0.4

title

Body

[close]

/admin/ -> admin_account.php (source)

   1  <?php
   2  /*

   3  $Id: admin_account.php 3 2006-05-27 04:59:07Z user $

   4  

   5    osCMax Power E-Commerce

   6    http://oscdox.com

   7  

   8    Copyright 2009 osCMax

   9  

  10    Released under the GNU General Public License

  11  */
  12  
  13    require ('includes/application_top.php');
  14    require(DIR_WS_LANGUAGES . $language . '/login.php');
  15  
  16    $current_boxes = DIR_FS_ADMIN . DIR_WS_BOXES;
  17  
  18    if ($HTTP_GET_VARS['action']) {
  19      switch ($HTTP_GET_VARS['action']) {
  20        case 'check_password':
  21          $check_pass_query = tep_db_query("select admin_password as confirm_password from " . TABLE_ADMIN . " where admin_id = '" . $HTTP_POST_VARS['id_info'] . "'");
  22          $check_pass = tep_db_fetch_array($check_pass_query);
  23  
  24          // Check that password is good

  25          if (!tep_validate_password($HTTP_POST_VARS['password_confirmation'], $check_pass['confirm_password'])) {
  26            tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password'));
  27          } else {
  28            //$confirm = 'confirm_account';

  29            tep_session_register('confirm_account');
  30            tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process'));
  31          }
  32  
  33          break;
  34        case 'save_account':
  35          $admin_id = tep_db_prepare_input($HTTP_POST_VARS['id_info']);
  36          $admin_email_address = tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']);
  37          $stored_email[] = 'NONE';
  38          $hiddenPassword = '-hidden-';
  39  
  40          $check_email_query = tep_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . "");
  41          while ($check_email = tep_db_fetch_array($check_email_query)) {
  42            $stored_email[] = $check_email['admin_email_address'];
  43          }
  44  
  45          if (in_array($HTTP_POST_VARS['admin_email_address'], $stored_email)) {
  46            tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email'));
  47          } else {
  48            $sql_data_array = array('admin_username' => tep_db_prepare_input($HTTP_POST_VARS['admin_username']),
  49                                    'admin_firstname' => tep_db_prepare_input($HTTP_POST_VARS['admin_firstname']),
  50                                    'admin_lastname' => tep_db_prepare_input($HTTP_POST_VARS['admin_lastname']),
  51                                    'admin_email_address' => tep_db_prepare_input($HTTP_POST_VARS['admin_email_address']),
  52                                    'admin_password' => tep_encrypt_password(tep_db_prepare_input($HTTP_POST_VARS['admin_password'])),
  53                                    'admin_modified' => 'now()');
  54  
  55            tep_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
  56  
  57            tep_mail($HTTP_POST_VARS['admin_firstname'] . ' ' . $HTTP_POST_VARS['admin_lastname'], $HTTP_POST_VARS['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $HTTP_POST_VARS['admin_username'], HTTP_SERVER . DIR_WS_ADMIN, $HTTP_POST_VARS['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
  58  
  59            tep_redirect(tep_href_link(FILENAME_ADMIN_ACCOUNT, 'page=' . $HTTP_GET_VARS['page'] . '&mID=' . $admin_id));
  60          }
  61          break;
  62      }
  63    }
  64  
  65  ?>
  66  <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  67  <html <?php echo HTML_PARAMS; ?>>
  68  <head>
  69  <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  70  <title><?php echo TITLE; ?></title>
  71  <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  72  <script language="javascript" src="includes/general.js"></script>
  73  <?php require ('includes/account_check.js.php'); ?>
  74  </head>
  75  <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();">
  76  <!-- header //-->
  77  <?php require (DIR_WS_INCLUDES . 'header.php'); ?>
  78  <!-- header_eof //-->
  79  
  80  <!-- body //-->
  81  <table border="0" width="100%" cellspacing="2" cellpadding="2">
  82    <tr>
  83      <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
  84  <!-- left_navigation //-->
  85  <?php require (DIR_WS_INCLUDES . 'column_left.php'); ?>
  86  <!-- left_navigation_eof //-->
  87      </table></td>
  88  <!-- body_text //-->
  89      <td width="100%" valign="top">
  90        <?php if ($HTTP_GET_VARS['action'] == 'edit_process') { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=save_account', 'post', 'enctype="multipart/form-data"'); } elseif ($HTTP_GET_VARS['action'] == 'check_account') { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=check_password', 'post', 'enctype="multipart/form-data"'); } else { echo tep_draw_form('account', FILENAME_ADMIN_ACCOUNT, 'action=check_account', 'post', 'enctype="multipart/form-data"'); } ?>
  91        <table border="0" width="100%" cellspacing="0" cellpadding="2">
  92        <tr>
  93          <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  94            <tr>
  95              <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  96              <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
  97            </tr>
  98          </table></td>
  99        </tr>
 100        <tr>
 101          <td><table border="0" width="100%" cellspacing="0" cellpadding="0" align="center">
 102            <tr>
 103              <td valign="top">
 104  <?php
 105    $my_account_query = tep_db_query ("select a.admin_id, a.admin_firstname, a.admin_lastname, a.admin_username, a.admin_email_address, a.admin_created, a.admin_modified, a.admin_logdate, a.admin_lognum, g.admin_groups_name from " . TABLE_ADMIN . " a, " . TABLE_ADMIN_GROUPS . " g where a.admin_id= " . $login_id . " and g.admin_groups_id= " . $login_groups_id . "");
 106    $myAccount = tep_db_fetch_array($my_account_query);
 107  ?>
 108              <table border="0" width="100%" cellspacing="0" cellpadding="2" align="center">
 109                <tr class="dataTableHeadingRow">
 110                  <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_ACCOUNT; ?>
 111                  </td>
 112                </tr>
 113                <tr class="dataTableRow">
 114                  <td>
 115                    <table border="0" cellspacing="0" cellpadding="3">
 116  <?php
 117      if ( ($HTTP_GET_VARS['action'] == 'edit_process') && (tep_session_is_registered('confirm_account')) ) {
 118  ?>
 119                      <tr>
 120                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_USERNAME; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 121                        <td class="dataTableContent"><?php echo tep_draw_input_field('admin_username', $myAccount['admin_username']); ?></td>
 122                      </tr>
 123                      <tr>
 124                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_FIRSTNAME; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 125                        <td class="dataTableContent"><?php echo tep_draw_input_field('admin_firstname', $myAccount['admin_firstname']); ?></td>
 126                      </tr>
 127                      <tr>
 128                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LASTNAME; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 129                        <td class="dataTableContent"><?php echo tep_draw_input_field('admin_lastname', $myAccount['admin_lastname']); ?></td>
 130                      </tr>
 131                      <tr>
 132                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_EMAIL; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 133                        <td class="dataTableContent"><?php if ($HTTP_GET_VARS['error']) { echo tep_draw_input_field('admin_email_address', $myAccount['admin_email_address']) . ' <nobr>' . TEXT_INFO_ERROR . '</nobr>'; } else { echo tep_draw_input_field('admin_email_address', $myAccount['admin_email_address']); } ?></td>
 134                      </tr>
 135                      <tr>
 136                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 137                        <td class="dataTableContent"><?php echo tep_draw_password_field('admin_password'); ?></td>
 138                      </tr>
 139                      <tr>
 140                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD_CONFIRM; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 141                        <td class="dataTableContent"><?php echo tep_draw_password_field('admin_password_confirm'); ?></td>
 142                      </tr>
 143  <?php
 144      } else {
 145      if (tep_session_is_registered('confirm_account')) {
 146        tep_session_unregister('confirm_account');
 147      }
 148  ?>
 149                      <tr>
 150                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_USERNAME; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 151                        <td class="dataTableContent"><?php echo $myAccount['admin_username'] . ' ' . $myAccount['admin_username']; ?></td>
 152                      </tr>
 153                      <tr>
 154                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_FULLNAME; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 155                        <td class="dataTableContent"><?php echo $myAccount['admin_firstname'] . ' ' . $myAccount['admin_lastname']; ?></td>
 156                      </tr>
 157                      <tr>
 158                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_EMAIL; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 159                        <td class="dataTableContent"><?php echo $myAccount['admin_email_address']; ?></td>
 160                      </tr>
 161                      <tr>
 162                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_PASSWORD; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 163                        <td class="dataTableContent"><?php echo TEXT_INFO_PASSWORD_HIDDEN; ?></td>
 164                      </tr>
 165                      <tr class="dataTableRowSelected">
 166                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_GROUP; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 167                        <td class="dataTableContent"><?php echo $myAccount['admin_groups_name']; ?></td>
 168                      </tr>
 169                      <tr>
 170                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_CREATED; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 171                        <td class="dataTableContent"><?php echo $myAccount['admin_created']; ?></td>
 172                      </tr>
 173                      <tr>
 174                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LOGNUM; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 175                        <td class="dataTableContent"><?php echo $myAccount['admin_lognum']; ?></td>
 176                      </tr>
 177                      <tr>
 178                        <td class="dataTableContent"><nobr><?php echo TEXT_INFO_LOGDATE; ?>&nbsp;&nbsp;&nbsp;</nobr></td>
 179                        <td class="dataTableContent"><?php echo $myAccount['admin_logdate']; ?></td>
 180                      </tr>
 181  <?php
 182    }
 183  ?>
 184                    </table>
 185                  </td>
 186                </tr>
 187                <tr>
 188                  <td><table width="100%" border="0" cellspacing="0" cellpadding="3"><tr><td class="smallText" valign="top"><?php echo TEXT_INFO_MODIFIED . $myAccount['admin_modified']; ?></td><td align="right"><?php if ($HTTP_GET_VARS['action'] == 'edit_process') { echo '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; if (tep_session_is_registered('confirm_account')) { echo tep_image_submit('button_save.gif', IMAGE_SAVE, 'onClick="validateForm();return document.returnValue"'); } } elseif ($HTTP_GET_VARS['action'] == 'check_account') { echo '&nbsp;'; } else { echo tep_image_submit('button_edit.gif', IMAGE_EDIT); } ?></td><tr></table></td>
 189                </tr>
 190              </table>
 191  
 192  
 193              </td>
 194  <?php
 195    $heading = array();
 196    $contents = array();
 197    switch ($HTTP_GET_VARS['action']) {
 198      case 'edit_process':
 199        $heading[] = array('text' => '<b>&nbsp;' . TEXT_INFO_HEADING_DEFAULT . '</b>');
 200  
 201        $contents[] = array('text' => TEXT_INFO_INTRO_EDIT_PROCESS . tep_draw_hidden_field('id_info', $myAccount['admin_id']));
 202        //$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> ' . tep_image_submit('button_confirm.gif', IMAGE_CONFIRM, 'onClick="validateForm();return document.returnValue"') . '<br>&nbsp');

 203        break;
 204      case 'check_account':
 205        $heading[] = array('text' => '<b>&nbsp;' . TEXT_INFO_HEADING_CONFIRM_PASSWORD . '</b>');
 206  
 207        $contents[] = array('text' => '&nbsp;' . TEXT_INFO_INTRO_CONFIRM_PASSWORD . tep_draw_hidden_field('id_info', $myAccount['admin_id']));
 208        if ($HTTP_GET_VARS['error']) {
 209          $contents[] = array('text' => '&nbsp;' . TEXT_INFO_INTRO_CONFIRM_PASSWORD_ERROR);
 210        }
 211        $contents[] = array('align' => 'center', 'text' => tep_draw_password_field('password_confirmation'));
 212        $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ADMIN_ACCOUNT) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> ' . tep_image_submit('button_confirm.gif', IMAGE_CONFIRM) . '<br>&nbsp');
 213        break;
 214      default:
 215        $heading[] = array('text' => '<b>&nbsp;' . TEXT_INFO_HEADING_DEFAULT . '</b>');
 216  
 217        $contents[] = array('text' => TEXT_INFO_INTRO_DEFAULT);
 218        //$contents[] = array('align' => 'center', 'text' => tep_image_submit('button_edit.gif', IMAGE_EDIT) . '<br>&nbsp');

 219        if ($myAccount['admin_email_address'] == '[email protected]') {
 220          $contents[] = array('text' => sprintf(TEXT_INFO_INTRO_DEFAULT_FIRST, $myAccount['admin_username']) . '<br>&nbsp');
 221        } elseif (($myAccount['admin_modified'] == '0000-00-00 00:00:00') || ($myAccount['admin_logdate'] <= 1) ) {
 222          $contents[] = array('text' => sprintf(TEXT_INFO_INTRO_DEFAULT_FIRST_TIME, $myAccount['admin_username']) . '<br>&nbsp');
 223        }
 224  
 225    }
 226  
 227    if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
 228      echo '            <td width="25%" valign="top">' . "\n";
 229  
 230      $box = new box;
 231      echo $box->infoBox($heading, $contents);
 232  
 233      echo '            </td>' . "\n";
 234    }
 235  ?>
 236            </tr>
 237          </table></td>
 238        </tr>
 239      </table></form></td>
 240  <!-- body_text_eof //-->
 241    </tr>
 242  </table>
 243  <!-- body_eof //-->
 244  
 245  <!-- footer //-->
 246  <?php require (DIR_WS_INCLUDES . 'footer.php'); ?>
 247  <!-- footer_eof //-->
 248  <br>
 249  </body>
 250  </html>
 251  <?php require (DIR_WS_INCLUDES . 'application_bottom.php'); ?>


Generated: Fri Jan 1 13:43:16 2010 Cross-referenced by PHPXref 0.7