summaryrefslogtreecommitdiffstats
path: root/web/html/account.php
diff options
context:
space:
mode:
Diffstat (limited to 'web/html/account.php')
-rw-r--r--web/html/account.php57
1 files changed, 16 insertions, 41 deletions
diff --git a/web/html/account.php b/web/html/account.php
index 5a0ef50d..b0906d91 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -12,9 +12,8 @@ html_header(__('Accounts'));
# Main page processing here
#
-echo "<div class=\"pgbox\">\n";
-echo " <div class=\"pgboxtitle\"><span class=\"f3\">".__("Accounts")."</span></div>\n";
-echo " <div class=\"pgboxbody\">\n";
+echo "<div class=\"box\">\n";
+echo " <h2>".__("Accounts")."</h2>\n";
$action = in_request("Action");
@@ -33,7 +32,8 @@ if (isset($_COOKIE["AURSID"])) {
#
search_results_page($atype, in_request("O"), in_request("SB"),
in_request("U"), in_request("T"), in_request("S"),
- in_request("E"), in_request("R"), in_request("I"));
+ in_request("E"), in_request("R"), in_request("I"),
+ in_request("K"));
} else {
# a non-privileged user is trying to access the search page
@@ -44,17 +44,10 @@ if (isset($_COOKIE["AURSID"])) {
} elseif ($action == "DisplayAccount") {
# the user has clicked 'edit', display the account details in a form
#
- $q = "SELECT Users.*, AccountTypes.AccountType ";
- $q.= "FROM Users, AccountTypes ";
- $q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
- $q.= "AND Users.ID = ".intval(in_request("ID"));
- $result = db_query($q, $dbh);
- if (!mysql_num_rows($result)) {
+ $row = account_details(in_request("ID"), in_request("U"));
+ if (empty($row)) {
print __("Could not retrieve information for the specified user.");
-
} else {
- $row = mysql_fetch_assoc($result);
-
# double check to make sure logged in user can edit this account
#
if ($atype == "User" || ($atype == "Trusted User" && $row["AccountType"] == "Developer")) {
@@ -64,27 +57,20 @@ if (isset($_COOKIE["AURSID"])) {
display_account_form($atype, "UpdateAccount", $row["Username"],
$row["AccountType"], $row["Suspended"], $row["Email"],
"", "", $row["RealName"], $row["LangPreference"],
- $row["IRCNick"], $row["ID"]);
+ $row["IRCNick"], $row["PGPKey"], $row["ID"]);
}
}
} elseif ($action == "AccountInfo") {
# no editing, just looking up user info
#
- $q = "SELECT Users.*, AccountTypes.AccountType ";
- $q.= "FROM Users, AccountTypes ";
- $q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
- $q.= "AND Users.ID = ".intval(in_request("ID"));
- $result = db_query($q, $dbh);
- if (!mysql_num_rows($result)) {
+ $row = account_details(in_request("ID"), in_request("U"));
+ if (empty($row)) {
print __("Could not retrieve information for the specified user.");
} else {
- $row = mysql_fetch_assoc($result);
- display_account_info($row["Username"],
- $row["AccountType"], $row["Email"], $row["RealName"],
- $row["IRCNick"]);
+ include("account_details.php");
}
-
+
} elseif ($action == "UpdateAccount") {
# user is submitting their modifications to an existing account
#
@@ -93,10 +79,8 @@ if (isset($_COOKIE["AURSID"])) {
in_request("U"), in_request("T"), in_request("S"),
in_request("E"), in_request("P"), in_request("C"),
in_request("R"), in_request("L"), in_request("I"),
- in_request("ID"));
+ in_request("K"), in_request("ID"));
}
-
-
} else {
if ($atype == "Trusted User" || $atype == "Developer") {
# display the search page if they're a TU/dev
@@ -108,18 +92,10 @@ if (isset($_COOKIE["AURSID"])) {
# A normal user, give them the ability to edit
# their own account
#
- $q = "SELECT Users.*, AccountTypes.AccountType ";
- $q.= "FROM Users, AccountTypes, Sessions ";
- $q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
- $q.= "AND Users.ID = Sessions.UsersID ";
- $q.= "AND Sessions.SessionID = '";
- $q.= db_escape_string($_COOKIE["AURSID"])."'";
- $result = db_query($q, $dbh);
- if (!mysql_num_rows($result)) {
+ $row = own_account_details($_COOKIE["AURSID"]);
+ if (empty($row)) {
print __("Could not retrieve information for the specified user.");
-
} else {
- $row = mysql_fetch_assoc($result);
# don't need to check if they have permissions, this is a
# normal user editing themselves.
#
@@ -129,7 +105,7 @@ if (isset($_COOKIE["AURSID"])) {
display_account_form($atype, "UpdateAccount", $row["Username"],
$row["AccountType"], $row["Suspended"], $row["Email"],
"", "", $row["RealName"], $row["LangPreference"],
- $row["IRCNick"], $row["ID"]);
+ $row["IRCNick"], $row["PGPKey"], $row["ID"]);
}
}
}
@@ -145,7 +121,7 @@ if (isset($_COOKIE["AURSID"])) {
process_account_form("","new", "NewAccount",
in_request("U"), 1, 0, in_request("E"),
in_request("P"), in_request("C"), in_request("R"),
- in_request("L"), in_request("I"));
+ in_request("L"), in_request("I"), in_request("K"));
} else {
# display the account request form
@@ -155,7 +131,6 @@ if (isset($_COOKIE["AURSID"])) {
}
}
-echo " </div>";
echo "</div>";
html_footer(AUR_VERSION);