pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4bd3dad3deea8de3aab10f9ef8d1aa318857e64f
assetmgt/user.php
“VeLiTi” 4bd3dad3de CIM67 - Update Block users
2024-04-16 14:54:31 +02:00

293 lines
11 KiB
PHP
Raw Blame History

<?php
defined(page_security_key) or exit;
$page = 'user';
//Check if allowed
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
header('location: index.php');
exit;
}
//PAGE Security
$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
// Default input product values
$user = [
'id' => '',
'username' => '',
'email' => '',
'partnerhierarchy' => '',
'view' => 3,
'service' => 0,
'settings' => '',
'userkey' => 1,
'created' => '',
'lastlogin' => '',
'language' => 'US',
'login_count' => 0
];
$user_ID = $_GET['id'] ?? '';
if ($user_ID !=''){
$url = 'index.php?page=users&id='.$user_ID.'';
} else {
$url = 'index.php?page=users';
}
if (isset($_GET['id'])) {
// ID param exists, edit an existing product
//CALL TO API
$api_url = '/v1/users/id='.$user_ID;
$responses = ioServer($api_url,'');
//Decode Payload
if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = null;}
$user = json_decode(json_encode($responses[0]), true);
if ($update_allowed === 1){
if (isset($_POST['submit'])) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=2');
exit;
}
}
}
if ($update_allowed === 1){
if (isset($_POST['reset'])) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=2');
exit;
}
}
}
if ($delete_allowed === 1){
if (isset($_POST['delete'])) {
//GET ALL POST DATA
$data = json_encode($_POST , JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
// Redirect and delete product
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=3');
exit;
}
}
}
} else {
// Create a new product
if (isset($_POST['submit']) && $create_allowed === 1) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
$responses = decode_payload($responses);
if ($responses === 'NOK'){
header('Location: index.php?page=user&success_msg=0');
} elseif ($responses == 1){
header('Location: index.php?page=user&success_msg=0');
}
else {
header('Location: index.php?page=users&success_msg=1');
exit;
}
}
}
//EMPTY VIEW
$view = '';
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 0) {
$success_msg = $error_msg_0;
}
}
template_header('User', 'user', 'manage');
if (isset($success_msg)){
$view .= ' <div class="msg error">
<i class="fas fa-check-circle"></i>
<p>'.$success_msg.'</p>
<i class="fas fa-times"></i>
</div>';
}
$view .='
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.$user_h2.'</h2>
<a href="index.php?page=users" class="btn alt mar-right-2">'.$button_cancel.'</a>
';
if ($delete_allowed === 1){
$view .= '<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm(\'Are you sure you want to delete this user?\')">';
}
if ($update_allowed === 1){
$view .= '<input type="submit" name="submit" value="Save" class="btn">';
}
$view .= '</div>';
$view .= '<div class="tabs">
<a href="#" class="active">'.$tab1 .'</a>
<a href="#">'.$tab2.'</a>
<a href="#">'.$tab3.'</a>
</div>
';
//Define Service and User enabled
$view .= '<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="userkey">Active</label>
<select id="userkey" name="userkey">
<option value="1" '.(($user['userkey']==1 || $user['userkey'] !='' )?' selected':'').'>'.$enabled .'</option>
<option value="0" '.(($user['userkey']==0 || $user['userkey'] =='' )?' selected':'').'>'.$disabled .'</option>
</select>
<label for="username">'.$User_username.'</label>
<input id="name" type="email" name="username" placeholder="'.$User_username.'" value="'.$user['username'].'" required">
<label for="username">'.$User_email.'</label>
<input id="name" type="email" name="email" placeholder="'.$User_email.'" value="'.$user['email'].'" required">
<label for="view">'.$User_permission.'</label>
<select id="view" name="view" required>
<option value="3" '.($user['view']==3?' selected':'').'>'.$permission3.'</option>
<option value="2" '.($user['view']==2?' selected':'').'>'.$permission2.'</option>
<option value="1" '.($user['view']==1?' selected':'').'>'.$permission1.'</option>
';
//ADD PERMISSION SET BASED ON USER PERMISSION ADMIN OR ADMIN+
if ($_SESSION['permission'] == 3){
$view .= ' <option value="4" '.($user['view']==4?' selected':'').'>'.$permission4.'</option>';
}
if ($_SESSION['permission'] == 4){
$view .= ' <option value="4" '.($user['view']==4?' selected':'').'>'.$permission4.'</option>
<option value="5" '.($user['view']==5?' selected':'').'>'.$permission5.'</option>';
}
$view .= ' </select>
<label for="profile">'.$User_profile.'</label>
';
//Show profiles for AMIN
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$view .='<select id="settings" name="settings">
<option value="" '.($user['settings']== ''?' selected':'').'></option>
<option value="'.$setting1.'" '.($user['settings']== $setting1?' selected':'').'>'.$setting1.'</option>
<option value="'.$setting2.'" '.($user['settings']== $setting2?' selected':'').'>'.$setting2.'</option>
<option value="'.$setting3.'" '.($user['settings']== $setting3?' selected':'').'>'.$setting3.'</option>
<option value="'.$setting4.'" '.($user['settings']== $setting4?' selected':'').'>'.$setting4.'</option>
<option value="'.$setting5.'" '.($user['settings']== $setting5?' selected':'').'>'.$setting5.'</option>
<option value="'.$setting6.'" '.($user['settings']== $setting6?' selected':'').'>'.$setting6.'</option>
<option value="'.$setting7.'" '.($user['settings']== $setting7?' selected':'').'>'.$setting7.'</option>
<option value="'.$setting8.'" '.($user['settings']== $setting8?' selected':'').'>'.$setting8.'</option>
</select>
';
} else {
$view .=' <input id="name" type="text" name="" placeholder="settings" value="'.$user['settings'].'" readonly>
';
}
$view .=' <label for="service">'.$User_service.'</label>
<select id="service" name="service">
<option value="1" '.(($user['service']==1 || $user['service'] !='')?' selected':'').'>'.$enabled .'</option>
<option value="0" '.(($user['service']==0 || $user['service'] =='')?' selected':'').'>'.$disabled .'</option>
</select>
<label for="service">'.$User_language.'</label>
<select id="language" name="language">
<option value="" '.(($user['language'] =='')?' selected':'').'></option>
<option value="US" '.(($user['language']=='US')?' selected':'').'>US</option>
<option value="NL" '.(($user['language']=='NL')?' selected':'').'>NL</option>
</select>
<input type="hidden" name="id" value="'.$user_ID.'">
<input type="hidden" name="old_view" value="'.$user['view'].'">
';
if ($update_allowed === 1 && $user_ID !=''){
$view .= '<label for="service">'.$User_pw_reset .'</label>
<input type="submit" name="reset" value="Reset" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to reset this user password?\')">
';
}
$view .= '</div>
</div>';
//GET PARTNERDATA
$partner_data = json_decode($user['partnerhierarchy'])?? json_decode($_SESSION['partnerhierarchy']) ;
//BUID UP DROPDOWNS
$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner_data->salesid);
$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$partner_data->soldto);
$shipto_dropdown = listPartner('shipto',$_SESSION['permission'],$partner_data->shipto);
$location_dropdown = listPartner('location',$_SESSION['permission'],$partner_data->location);
//DISPLAY
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
';
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$view .= '<label for="status">'.$general_salesid.'</label>';
$view .= $salesid_dropdown;
$view .= '<label for="status">'.$general_soldto.'</label>';
$view .= $soldto_dropdown;
}
$view .= '<label for="status">'.$general_shipto.'</label>';
$view .= $shipto_dropdown;
$view .= '<label for="status">'.$general_location.'</label>';
$view .= $location_dropdown;
$view .= '
</div>
</div>';
//SUPERUSERS AND ADMINS CAN RESET BLOCKED USERS
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$login_count = '<input id="name" type="text" name="login_count" placeholder="'.$User_pw_login_count.'" value="'.$user['login_count'].'">';
} else {
$login_count = '<input id="name" type="text" name="" placeholder="'.$User_pw_login_count.'" value="'.$user['login_count'].'" readonly>';
}
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="">'.$general_created.'</label>
<input id="name" type="text" name="" placeholder="'.$general_created.'" value="'.$user['created'].'" readonly>
<label for="">'.$User_lastlogin.'</label>
<input id="name" type="text" name="" placeholder="'.$User_lastlogin.'" value="'.$user['lastlogin'].'" readonly>
<label for="">'.$User_pw_login_count.'</label>
'.$login_count.'
</div>
</div>';
$view .= '</form>';
//Output
echo $view;
template_footer()?>
Reference in New Issue View Git Blame Copy Permalink