User details"; print "
"; $result = db_query($link, "SELECT login, ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, access_level, (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE owner_uid = id) AS stored_articles, ".SUBSTRING_FOR_DATE."(created,1,16) AS created FROM ttrss_users WHERE id = '$uid'"); if (db_num_rows($result) == 0) { print "

User not found

"; return; } // print "

User Details

"; $login = db_fetch_result($result, 0, "login"); // print "

$login

"; print ""; $last_login = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime(db_fetch_result($result, 0, "last_login"))); $created = date(get_pref($link, 'LONG_DATE_FORMAT'), strtotime(db_fetch_result($result, 0, "created"))); $access_level = db_fetch_result($result, 0, "access_level"); $stored_articles = db_fetch_result($result, 0, "stored_articles"); // print ""; // print ""; print ""; print ""; /* $result = db_query($link, "SELECT SUM(LENGTH(content)) AS db_size FROM ttrss_user_entries,ttrss_entries WHERE owner_uid = '$uid' AND ref_id = id"); $db_size = round(db_fetch_result($result, 0, "db_size") / 1024); print ""; */ $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds WHERE owner_uid = '$uid'"); $num_feeds = db_fetch_result($result, 0, "num_feeds"); print ""; print "
Username$login
Access level$access_level
".__('Registered')."$created
".__('Last logged in')."$last_login
".__('Stored articles'). "$stored_articles (${db_size}K)
".__('Subscribed feeds count')."$num_feeds
"; print "

".__('Subscribed feeds')."

"; $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds WHERE owner_uid = '$uid' ORDER BY title"); print ""; print "
"; print "
"; return; } if ($subop == "edit") { $id = db_escape_string($_GET["id"]); print "
".__('User Editor')."
"; print "
"; print "
"; print ""; print ""; print ""; $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'"); $login = db_fetch_result($result, 0, "login"); $access_level = db_fetch_result($result, 0, "access_level"); $email = db_fetch_result($result, 0, "email"); $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : ""; print "
".__("User")."
"; print "
"; if ($sel_disabled) { print ""; print ""; } else { print ""; } print "
"; print "
".__("Authentication")."
"; print "
"; print __('Access level: ') . " "; if (!$sel_disabled) { print_select_hash("access_level", $access_level, $access_level_names, $sel_disabled); } else { print_select_hash("", $access_level, $access_level_names, $sel_disabled); print ""; } print "
"; print __('Change password to') . " "; print "
"; print "
".__("Options")."
"; print "
"; print __('E-mail: '). " "; print "
"; print ""; print "
"; print "
"; print "
"; return; } if ($subop == "editSave") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $uid = db_escape_string($_GET["id"]); $access_level = (int) $_GET["access_level"]; $email = db_escape_string(trim($_GET["email"])); $password = db_escape_string(trim($_GET["password"])); if ($password) { $pwd_hash = encrypt_password($password, $login); $pass_query_part = "pwd_hash = '$pwd_hash', "; print_notice(T_sprintf('Changed password of user %s.', $login)); } else { $pass_query_part = ""; } db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login', access_level = '$access_level', email = '$email' WHERE id = '$uid'"); } } else if ($subop == "remove") { if ($_SESSION["access_level"] >= 10) { $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { if ($id != $_SESSION["uid"]) { db_query($link, "DELETE FROM ttrss_tags WHERE owner_uid = '$id'"); db_query($link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'"); db_query($link, "DELETE FROM ttrss_users WHERE id = '$id'"); } } } } else if ($subop == "add") { if ($_SESSION["access_level"] >= 10) { $login = db_escape_string(trim($_GET["login"])); $tmp_user_pwd = make_password(8); $pwd_hash = encrypt_password($tmp_user_pwd, $login); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login'"); if (db_num_rows($result) == 0) { db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level,last_login,created) VALUES ('$login', '$pwd_hash', 0, null, NOW())"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) == 1) { $new_uid = db_fetch_result($result, 0, "id"); print_notice(T_sprintf("Added user %s with password %s", $login, $tmp_user_pwd)); initialize_user($link, $new_uid); } else { print_warning(T_sprintf("Could not create user %s", $login)); } } else { print_warning(T_sprintf("User %s already exists.", $login)); } } } else if ($subop == "resetPass") { if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) { $uid = db_escape_string($_GET["id"]); $result = db_query($link, "SELECT login,email FROM ttrss_users WHERE id = '$uid'"); $login = db_fetch_result($result, 0, "login"); $email = db_fetch_result($result, 0, "email"); $tmp_user_pwd = make_password(8); $pwd_hash = encrypt_password($tmp_user_pwd, $login); db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' WHERE id = '$uid'"); print_notice(T_sprintf("Changed password of user %s to %s", $login, $tmp_user_pwd)); if ($email) { print_notice(T_sprintf("Notifying %s.", $email)); require_once "lib/MiniTemplator.class.php"; $tpl = new MiniTemplator; $tpl->readTemplateFromFile("templates/resetpass_template.txt"); $tpl->setVariable('LOGIN', $login); $tpl->setVariable('NEWPASS', $tmp_user_pwd); $tpl->addBlock('message'); $message = ""; $tpl->generateOutputToString($message); $mail = new PHPMailer(); $mail->PluginDir = "lib/phpmailer/"; $mail->SetLanguage("en", "lib/phpmailer/language/"); $mail->CharSet = "UTF-8"; $mail->From = DIGEST_FROM_ADDRESS; $mail->FromName = DIGEST_FROM_NAME; $mail->AddAddress($email, $login); if (DIGEST_SMTP_HOST) { $mail->Host = DIGEST_SMTP_HOST; $mail->Mailer = "smtp"; $mail->SMTPAuth = DIGEST_SMTP_LOGIN != ''; $mail->Username = DIGEST_SMTP_LOGIN; $mail->Password = DIGEST_SMTP_PASSWORD; } $mail->IsHTML(false); $mail->Subject = __("[tt-rss] Password change notification"); $mail->Body = $message; $rc = $mail->Send(); if (!$rc) print_error($mail->ErrorInfo); /* mail("$login <$email>", "Password reset notification", "Hi, $login.\n". "\n". "Your password for this TT-RSS installation was reset by". " an administrator.\n". "\n". "Your new password is $tmp_user_pwd, please remember". " it for later reference.\n". "\n". "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); */ } print ""; } } set_pref($link, "_PREFS_ACTIVE_TAB", "userConfig"); $user_search = db_escape_string($_GET["search"]); if (array_key_exists("search", $_GET)) { $_SESSION["prefs_user_search"] = $user_search; } else { $user_search = $_SESSION["prefs_user_search"]; } print "
"; $sort = db_escape_string($_GET["sort"]); if (!$sort || $sort == "undefined") { $sort = "login"; } print "
 "; print "
"; if ($user_search) { $user_search_query = "UPPER(login) LIKE UPPER('%$user_search%') AND"; } else { $user_search_query = ""; } $result = db_query($link, "SELECT id,login,access_level,email, ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login, ".SUBSTRING_FOR_DATE."(created,1,16) as created FROM ttrss_users WHERE $user_search_query id > 0 ORDER BY $sort"); if (db_num_rows($result) > 0) { // print "
PLACEHOLDER
"; print "

"; print ""; $lnum = 0; while ($line = db_fetch_assoc($result)) { $class = ($lnum % 2) ? "even" : "odd"; $uid = $line["id"]; $edit_uid = $_GET["id"]; if ($subop == "edit" && $uid != $edit_uid) { $class .= "Grayed"; $this_row_id = ""; } else { $this_row_id = "id=\"UMRR-$uid\""; } print ""; $line["login"] = htmlspecialchars($line["login"]); # $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), # strtotime($line["last_login"])); if (get_pref($link, 'HEADLINES_SMART_DATE')) { $line["last_login"] = smart_date_time(strtotime($line["last_login"])); $line["created"] = smart_date_time(strtotime($line["created"])); } else { $line["last_login"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), strtotime($line["last_login"])); $line["created"] = date(get_pref($link, 'SHORT_DATE_FORMAT'), strtotime($line["created"])); } print ""; $onclick = "onclick='editUser($uid)' title='".__('Click to edit')."'"; print ""; if (!$line["email"]) $line["email"] = " "; print ""; print ""; print ""; print ""; ++$lnum; } print "
".__('Select:')." ".__('All').", ".__('None')." "; print "
  ".__('Login')." ".__('Access Level')." ".__('Registered')." ".__('Last login')."
" . $line["login"] . "" . $access_level_names[$line["access_level"]] . "" . $line["created"] . "" . $line["last_login"] . "
"; print "

"; print " "; } else { print "

"; if (!$user_search) { print __('No users defined.'); } else { print __('No matching users found.'); } print "

"; } } ?>