* @license http://www.contenido.org/license/LIZENZ.txt * @link http://www.4fb.de * @link http://www.contenido.org * @since file available since contenido release <= 4.6 * * {@internal * created 2003-04-30 * modified 2008-06-27, Frederic Schneider, add security fix * * $Id$: * }} * */ if(!defined('CON_FRAMEWORK')) { die('Illegal call'); } $idclient = 2; $idlang = 2; die; $sql = 'SELECT * FROM '.$cfg["tab"]["rights"].' WHERE idlang = 2 AND idclient = 2 AND user_id = \"'.Contenido_Security::escapeDB($userid, $db).'\"'; echo $sql; $db->query($sql); while ($db->next_record()) { echo $db->f(0)."
"; } if ( !isset($useridas) ) { } else { if ($action == "user_edit") { if (strlen($password) > 0) { if (strcmp($password, $passwordagain) == 0) { $sql = 'UPDATE '.$cfg["tab"]["phplib_auth_user_md5"].' SET password="'.md5($password).'" WHERE user_id = "'.Contenido_Security::escapeDB($userid, $db).'"'; $db->query($sql); } else { $error = "Passwords don't match"; } } $sql = 'UPDATE '.$cfg["tab"]["phplib_auth_user_md5"].' SET realname="'.Contenido_Security::escapeDB($realname, $db).'", email="'.Contenido_Security::escapeDB($email, $db).'", telephone="'.Contenido_Security::escapeDB($telephone, $db).'", address_street="'.Contenido_Security::escapeDB($address_street, $db).'", address_city="'.Contenido_Security::escapeDB($address_city, $db).'", address_country="'.Contenido_Security::escapeDB($address_country, $db).'", wysi="'.Contenido_Security::toInteger($wysi).'" WHERE user_id = "'.Contenido_Security::escapeDB($userid, $db).'"'; $db->query($sql); } $tpl->reset(); $sql = "SELECT username, password, realname, email, telephone, address_street, address_city, address_country, wysi FROM ".$cfg["tab"]["phplib_auth_user_md5"]." WHERE user_id = '".Contenido_Security::escapeDB($userid, $db)."'"; $db->query($sql); $form = '

'.$sess->hidden_session().' '; $db->next_record(); $tpl->set('s', 'USERNAME', $db->f("username")); $tpl->set('s', 'EDITSTRING', "Benutzer editieren:"); $tpl->set('s', 'FORM', $form); $tpl->set('s', 'BORDERCOLOR', $cfg["color"]["table_border"]); $tpl->set('s', 'BGCOLOR', $cfg["color"]["table_light"]); $tpl->set('s', 'SUBMITTEXT', "�nderungen übernehmen"); if ($error) { echo $error; } $tpl->set('d', 'CATNAME', "Name"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_dark"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "realname", $db->f("realname"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Neues Passwort"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_light"]); $tpl->set('d', 'CATFIELD', formGenerateField ("password", "password", "", 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Neues Passwort (Best�tigung)"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_dark"]); $tpl->set('d', 'CATFIELD', formGenerateField ("password", "passwordagain", "", 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "E-Mail"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_light"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "email", $db->f("email"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Telefon"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_dark"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "telephone", $db->f("telephone"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Strasse"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_light"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "address_street", $db->f("address_street"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Stadt"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_dark"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "address_city", $db->f("address_city"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "Land"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_light"]); $tpl->set('d', 'CATFIELD', formGenerateField ("text", "address_country", $db->f("address_country"), 40, 255)); $tpl->next(); $tpl->set('d', 'CATNAME', "WYSIWYG-Editor"); $tpl->set('d', 'BGCOLOR', $cfg["color"]["table_dark"]); $tpl->set('d', 'CATFIELD', formGenerateCheckbox("wysi", "1", $db->f("wysi"))); $tpl->next(); # Generate template $tpl->generate($cfg['path']['templates'] . $cfg['templates']['rights_details']); } ?>