1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
<?php
namespace Wcms;
class Controlleruser extends Controller
{
public function __construct($router) {
parent::__construct($router);
}
public function desktop()
{
if($this->user->iseditor()) {
$getuser = $this->usermanager->get($this->user);
if($this->user->isadmin()) {
$userlist = $this->usermanager->getlister();
$this->showtemplate('user', ['userlist' => $userlist, 'getuser' => $getuser, 'now' => $this->now->format('Y-m-d')]);
} else {
$this->showtemplate('user', ['getuser' => $getuser]);
}
} else {
$this->routedirect('home');
}
}
public function pref()
{
if($this->user->iseditor()) {
$user = $this->usermanager->get($this->user);
$user->hydrate($_POST);
$this->usermanager->add($user);
$this->routedirect('user');
} else {
$this->routedirect('home');
}
}
public function add()
{
if(isset($_POST['id'])) {
$user = new User($_POST);
if(empty($user->id()) || $this->usermanager->get($user)) {
$this->routedirectget('user', ['error' => 'wrong_id']);
} elseif(empty($user->password()) || $this->usermanager->passwordexist($user->password()) || !$user->validpassword()) {
$this->routedirectget('user', ['error' => 'change_password']);
} else {
if($user->passwordhashed()) {
$user->hashpassword();
}
$this->usermanager->add($user);
$this->routedirect('user');
}
}
}
public function update()
{
if($this->user->isadmin() && isset($_POST['action'])) {
switch ($_POST['action']) {
case 'delete':
$user = new User($_POST);
$user = $this->usermanager->get($user);
if($user !== false) {
if($user->id() === $this->user->id()) {
$this->showtemplate('userconfirmdelete', ['userdelete' => $user, 'candelete' => false]);
} else {
$this->showtemplate('userconfirmdelete', ['userdelete' => $user, 'candelete' => true]);
}
} else {
$this->routedirect('user');
}
break;
case 'confirmdelete':
$user = new User($_POST);
$this->usermanager->delete($user);
$this->routedirect('user');
break;
case 'update':
$user = $this->usermanager->get($_POST['id']);
$userupdate = clone $user;
$userupdate->hydrate($_POST);
if(empty($userupdate->id())) {
$this->routedirectget('user', ['error' => 'wrong_id']);
} elseif (!empty($_POST['password']) && (empty($userupdate->password()) || $this->usermanager->passwordexist($userupdate->password()) || !$userupdate->validpassword())) {
$this->routedirectget('user', ['error' => 'password_unvalid']);
} elseif (empty($userupdate->level())) {
$this->routedirectget('user', ['error' => 'wrong_level']);
} elseif ($user->level() === 10 && $userupdate->level() !== 10 && $this->user->id() === $user->id()) {
$this->routedirectget('user', ['error' => 'cant_edit_yourself']);
} else {
if($userupdate->password() !== $user->password() && $user->passwordhashed()) {
$userupdate->setpasswordhashed(false);
}
if($userupdate->passwordhashed() && !$user->passwordhashed()) {
$userupdate->hashpassword();
}
$this->usermanager->add($userupdate);
$this->routedirect('user');
}
}
} else {
$this->routedirect('home');
}
}
}
?>
|
