<?php
-
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
$page_security=15;
$path_to_root="..";
include_once($path_to_root . "/includes/session.inc");
include_once($path_to_root . "/admin/db/users_db.inc");
-if (isset($_GET['selected_id']))
-{
- $selected_id = $_GET['selected_id'];
-}
-elseif (isset($_POST['selected_id']))
-{
- $selected_id = $_POST['selected_id'];
-}
-
-//-------------------------------------------------------------------------------------------------
-
-if (isset($_GET['AddedID']))
-{
- display_notification_centered(_("A new user has been added."));
-}
-
-if (isset($_GET['UpdatedID']))
-{
- display_notification_centered(_("The selected user has been updated."));
-}
-
-if (isset($_GET['DeletedID']))
-{
- display_notification_centered(_("User has been deleted."));
-}
-
+simple_page_mode(true);
//-------------------------------------------------------------------------------------------------
function can_process()
if (strlen($_POST['user_id']) < 4)
{
display_error( _("The user login entered must be at least 4 characters long."));
+ set_focus('user_id');
return false;
}
if (strlen($_POST['password']) < 4)
{
display_error( _("The password entered must be at least 4 characters long."));
+ set_focus('password');
return false;
}
if (strstr($_POST['password'], $_POST['user_id']) != false)
{
display_error( _("The password cannot contain the user login."));
+ set_focus('password');
return false;
}
}
//-------------------------------------------------------------------------------------------------
-if (isset($_POST['ADD_ITEM']) || isset($_POST['UPDATE_ITEM']))
+if ($Mode=='ADD_ITEM' || $Mode=='UPDATE_ITEM')
{
if (can_process())
{
- if (isset($selected_id))
+ if ($selected_id != -1)
{
- update_user($_POST['user_id'], $_POST['real_name'], $_POST['phone'],
- $_POST['email'], $_POST['Access'], $_POST['language']);
+ update_user($selected_id, $_POST['user_id'], $_POST['real_name'], $_POST['phone'],
+ $_POST['email'], $_POST['Access'], $_POST['language'],
+ $_POST['profile'], check_value('rep_popup'), $_POST['pos']);
if ($_POST['password'] != "")
- update_user_password($_POST['user_id'], md5($_POST['password']));
+ update_user_password($selected_id, $_POST['user_id'], md5($_POST['password']));
- unset($selected_id);
- meta_forward($_SERVER['PHP_SELF'], "UpdatedID=1");
+ display_notification_centered(_("The selected user has been updated."));
}
else
{
add_user($_POST['user_id'], $_POST['real_name'], md5($_POST['password']),
- $_POST['phone'], $_POST['email'], $_POST['Access'], $_POST['language']);
-
- unset($selected_id);
- meta_forward($_SERVER['PHP_SELF'], "AddedID=1");
+ $_POST['phone'], $_POST['email'], $_POST['Access'], $_POST['language'],
+ $_POST['profile'], check_value('rep_popup'), $_POST['pos']);
+ $id = db_insert_id();
+ // use current user display preferences as start point for new user
+ update_user_display_prefs($id, user_price_dec(), user_qty_dec(), user_exrate_dec(),
+ user_percent_dec(), user_show_gl_info(), user_show_codes(),
+ user_date_format(), user_date_sep(), user_tho_sep(),
+ user_dec_sep(), user_theme(), user_pagesize(), user_hints(),
+ $_POST['profile'], check_value('rep_popup'), user_query_size(),
+ user_graphic_links(), $_POST['language']);
+
+ display_notification_centered(_("A new user has been added."));
}
+ $Mode = 'RESET';
}
}
//-------------------------------------------------------------------------------------------------
-if (isset($_GET['delete']))
+if ($Mode == 'Delete')
{
delete_user($selected_id);
- unset($selected_id);
-
- meta_forward($_SERVER['PHP_SELF'], "DeletedID=1");
+ display_notification_centered(_("User has been deleted."));
+ $Mode = 'RESET';
}
//-------------------------------------------------------------------------------------------------
+if ($Mode == 'RESET')
+{
+ $selected_id = -1;
+ $sav = get_post('show_inactive');
+ unset($_POST); // clean all input fields
+ $_POST['show_inactive'] = $sav;
+}
-$result = get_users();
-
+$result = get_users(check_value('show_inactive'));
+start_form();
start_table($table_style);
-if ($_SESSION["wa_current_user"]->access == 2)
+//if ($_SESSION["wa_current_user"]->access == 2)
$th = array(_("User login"), _("Full Name"), _("Phone"),
_("E-mail"), _("Last Visit"), _("Access Level"), "", "");
-else
- $th = array(_("User login"), _("Full Name"), _("Phone"),
- _("E-mail"), _("Last Visit"), _("Access Level"), "");
+//else
+// $th = array(_("User login"), _("Full Name"), _("Phone"),
+// _("E-mail"), _("Last Visit"), _("Access Level"), "");
+
+inactive_control_column($th);
table_header($th);
$k = 0; //row colour counter
$last_visit_date = sql2date($myrow["last_visit_date"]);
/*The security_headings array is defined in config.php */
+ $not_me = strcasecmp($myrow["user_id"], $_SESSION["wa_current_user"]->username) &&
+ $_SESSION["wa_current_user"]->access == 2;
label_cell($myrow["user_id"]);
label_cell($myrow["real_name"]);
label_cell($myrow["phone"]);
- label_cell($myrow["email"]);
+ email_cell($myrow["email"]);
label_cell($last_visit_date, "nowrap");
label_cell($security_headings[$myrow["full_access"]]);
- edit_link_cell("selected_id=".$myrow["user_id"]);
- if (strcasecmp($myrow["user_id"], $_SESSION["wa_current_user"]->username) &&
- $_SESSION["wa_current_user"]->access == 2)
- delete_link_cell("selected_id=".$myrow["user_id"]."&delete=1");
+
+ if ($not_me)
+ inactive_control_cell($myrow["id"], $myrow["inactive"], 'users', 'id');
+ elseif (check_value('show_inactive'))
+ label_cell('');
+
+ edit_button_cell("Edit".$myrow["id"], _("Edit"));
+ if ($not_me)
+ delete_button_cell("Delete".$myrow["id"], _("Delete"));
+ else
+ label_cell('');
end_row();
} //END WHILE LIST LOOP
-end_table();
-
+inactive_control_row($th);
+end_table(1);
//-------------------------------------------------------------------------------------------------
-
-hyperlink_no_params($_SERVER['PHP_SELF'], _("New User"));
-
-start_form();
-
start_table($table_style2);
-if (isset($selected_id))
-{
- //editing an existing User
-
- $myrow = get_user($selected_id);
-
- $_POST['user_id'] = $myrow["user_id"];
- $_POST['real_name'] = $myrow["real_name"];
- $_POST['phone'] = $myrow["phone"];
- $_POST['email'] = $myrow["email"];
- $_POST['Access'] = $myrow["full_access"];
- $_POST['language'] = $myrow["language"];
+$_POST['email'] = "";
+if ($selected_id != -1)
+{
+ if ($Mode == 'Edit') {
+ //editing an existing User
+ $myrow = get_user($selected_id);
+
+ $_POST['id'] = $myrow["id"];
+ $_POST['user_id'] = $myrow["user_id"];
+ $_POST['real_name'] = $myrow["real_name"];
+ $_POST['phone'] = $myrow["phone"];
+ $_POST['email'] = $myrow["email"];
+ $_POST['Access'] = $myrow["full_access"];
+ $_POST['language'] = $myrow["language"];
+ $_POST['profile'] = $myrow["print_profile"];
+ $_POST['rep_popup'] = $myrow["rep_popup"];
+ $_POST['pos'] = $myrow["pos"];
+ }
hidden('selected_id', $selected_id);
- hidden('user_id', $_POST['user_id']);
+ hidden('user_id');
start_row();
label_row(_("User login:"), $_POST['user_id']);
-
}
else
{ //end of if $selected_id only do the else when a new record is being entered
text_row(_("User Login:"), "user_id", null, 22, 20);
+ $_POST['language'] = user_language();
+ $_POST['profile'] = user_print_profile();
+ $_POST['rep_popup'] = user_rep_popup();
+ $_POST['pos'] = user_pos();
}
$_POST['password'] = "";
start_row();
label_cell("<input type='password' name='password' size=22 maxlength=20 value='" . $_POST['password'] . "'>");
end_row();
-if (isset($selected_id))
+if ($selected_id != -1)
{
table_section_title(_("Enter a new password to change, leave empty to keep current."));
}
text_row_ex(_("Telephone No.:"), 'phone', 30);
-text_row_ex(_("Email Address:"), 'email', 50);
+email_row_ex(_("Email Address:"), 'email', 50);
-security_headings_list_row(_("Access Level:"), "Access", null);
+security_headings_list_row(_("Access Level:"), 'Access', null);
languages_list_row(_("Language:"), 'language', null);
+pos_list_row(_("User's POS"). ':', 'pos', null);
+
+print_profiles_list_row(_("Printing profile"). ':', 'profile', null,
+ _('Browser printing support'));
+
+check_row(_("Use popup window for reports:"), 'rep_popup', $_POST['rep_popup'],
+ false, _('Set this option to on if your browser directly supports pdf files'));
+
end_table(1);
-submit_add_or_update_center(!isset($selected_id));
+submit_add_or_update_center($selected_id == -1, '', 'both');
end_form();
end_page();