'', 'email' => '', 'user' => '', 'signature' => '', 'isadmin' => 1, 'categories' => array('1'), 'features' => array('can_view_tickets','can_reply_tickets','can_change_cat','can_assign_self','can_view_unassigned','can_view_online'), 'signature' => '', 'cleanpass' => '', ); /* A list of all categories */ $hesk_settings['categories'] = array(); $res = hesk_dbQuery('SELECT `id`,`name` FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'categories` ORDER BY `cat_order` ASC'); while ($row=hesk_dbFetchAssoc($res)) { if ( hesk_okCategory($row['id'], 0) ) { $hesk_settings['categories'][$row['id']] = $row['name']; } } /* Non-admin users may not create users with more permissions than they have */ if ( ! $_SESSION['isadmin']) { /* Can't create admin users */ $_POST['isadmin'] = 0; /* Can only add features he/she has access to */ $hesk_settings['features'] = array_intersect( explode(',', $_SESSION['heskprivileges']) , $hesk_settings['features']); /* Can user modify auto-assign setting? */ if ($hesk_settings['autoassign'] && ( ! hesk_checkPermission('can_assign_self', 0) || ! hesk_checkPermission('can_assign_others', 0) ) ) { $hesk_settings['autoassign'] = 0; } } /* Use any set values, default otherwise */ foreach ($default_userdata as $k => $v) { if ( ! isset($_SESSION['userdata'][$k]) ) { $_SESSION['userdata'][$k] = $v; } } $_SESSION['userdata'] = hesk_stripArray($_SESSION['userdata']); /* What should we do? */ if ( $action = hesk_REQUEST('a') ) { if ($action == 'reset_form') { $_SESSION['edit_userdata'] = TRUE; header('Location: ./manage_users.php'); } elseif ($action == 'edit') {edit_user();} elseif ( defined('HESK_DEMO') ) {hesk_process_messages($hesklang['ddemo'], 'manage_users.php', 'NOTICE');} elseif ($action == 'new') {new_user();} elseif ($action == 'save') {update_user();} elseif ($action == 'remove') {remove();} elseif ($action == 'autoassign') {toggle_autoassign();} else {hesk_error($hesklang['invalid_action']);} } else { /* If one came from the Edit page make sure we reset user values */ if (isset($_SESSION['save_userdata'])) { $_SESSION['userdata'] = $default_userdata; unset($_SESSION['save_userdata']); } if (isset($_SESSION['edit_userdata'])) { $_SESSION['userdata'] = $default_userdata; unset($_SESSION['edit_userdata']); } /* Print header */ require_once(HESK_PATH . 'inc/headerAdmin.inc.php'); /* Print main manage users page */ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php'); ?>
*
$catname) { echo '
'; } ?>
'; } ?>

$myuser['name'], 'user' => $myuser['user'], 'email' => $myuser['email']); continue; } if ( isset($_SESSION['seluser']) && $myuser['id'] == $_SESSION['seluser']) { $color = 'admin_green'; unset($_SESSION['seluser']); } else { $color = $i ? 'admin_white' : 'admin_gray'; } $tmp = $i ? 'White' : 'Blue'; $style = 'class="option'.$tmp.'OFF" onmouseover="this.className=\'option'.$tmp.'ON\'" onmouseout="this.className=\'option'.$tmp.'OFF\'"'; $i = $i ? 0 : 1; /* User online? */ if ($hesk_settings['online']) { if (isset($hesk_settings['users_online'][$myuser['id']])) { $myuser['name'] = ' ' . $myuser['name']; } else { $myuser['name'] = ' ' . $myuser['name']; } } /* To edit yourself go to "Profile" page, not here. */ if ($myuser['id'] == $_SESSION['id']) { $edit_code = ''; } else { $edit_code = ''; } if ($myuser['isadmin']) { $myuser['isadmin'] = ''.$hesklang['yes'].''; } else { $myuser['isadmin'] = ''.$hesklang['no'].''; } /* Deleting user with ID 1 (default administrator) is not allowed */ if ($myuser['id'] == 1) { $remove_code = ' '; } else { $remove_code = ' '; } /* Is auto assign enabled? */ if ($hesk_settings['autoassign']) { if ($myuser['autoassign']) { $autoassign_code = ''; } else { $autoassign_code = ''; } } else { $autoassign_code = ''; } echo << EOC; if ($hesk_settings['rating']) { $alt = $myuser['rating'] ? sprintf($hesklang['rated'], sprintf("%01.1f", $myuser['rating']), ($myuser['ratingneg']+$myuser['ratingpos'])) : $hesklang['not_rated']; echo ''; } echo <<$autoassign_code $edit_code $remove_code EOC; } // End while ?>
  
$myuser[name] $myuser[email] $myuser[user] $myuser[isadmin]'.$alt.' 
'.$hesklang['online'].'     '.$hesklang['offline']; }?>

 

*
$catname) { echo '
'; } ?>
'; } ?>

' . $hesklang['enter_real_name'] . ''; $myuser['email'] = hesk_validateEmail( hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer .= '
  • ' . $hesklang['enter_valid_email'] . '
    • '; $myuser['user'] = hesk_input( hesk_POST('user') ) or $hesk_error_buffer .= '
  • ' . $hesklang['enter_username'] . '
    • '; $myuser['isadmin'] = empty($_POST['isadmin']) ? 0 : 1; $myuser['signature'] = hesk_input( hesk_POST('signature') ); $myuser['autoassign'] = hesk_POST('autoassign') == 'Y' ? 1 : 0; /* If it's not admin at least one category and fature is required */ $myuser['categories'] = array(); $myuser['features'] = array(); if ($myuser['isadmin']==0) { if (empty($_POST['categories']) || ! is_array($_POST['categories']) ) { $hesk_error_buffer .= '
  • ' . $hesklang['asign_one_cat'] . '
    • '; } else { foreach ($_POST['categories'] as $tmp) { if (is_array($tmp)) { continue; } if ($tmp = intval($tmp)) { $myuser['categories'][] = $tmp; } } } if (empty($_POST['features']) || ! is_array($_POST['features']) ) { $hesk_error_buffer .= '
  • ' . $hesklang['asign_one_feat'] . '
    • '; } else { foreach ($_POST['features'] as $tmp) { if (in_array($tmp,$hesk_settings['features'])) { $myuser['features'][] = $tmp; } } } } if (strlen($myuser['signature'])>255) { $hesk_error_buffer .= '
  • ' . $hesklang['signature_long'] . '
    • '; } /* Password */ $myuser['cleanpass'] = ''; $newpass = hesk_input( hesk_POST('newpass') ); $passlen = strlen($newpass); if ($pass_required || $passlen > 0) { /* At least 5 chars? */ if ($passlen < 5) { $hesk_error_buffer .= '
  • ' . $hesklang['password_not_valid'] . '
    • '; } /* Check password confirmation */ else { $newpass2 = hesk_input( hesk_POST('newpass2') ); if ($newpass != $newpass2) { $hesk_error_buffer .= '
  • ' . $hesklang['passwords_not_same'] . '
    • '; } else { $myuser['pass'] = hesk_Pass2Hash($newpass); $myuser['cleanpass'] = $newpass; } } } /* Save entered info in session so we don't loose it in case of errors */ $_SESSION['userdata'] = $myuser; /* Any errors */ if (strlen($hesk_error_buffer)) { $hesk_error_buffer = $hesklang['rfm'].'

    '; hesk_process_messages($hesk_error_buffer,$redirect_to); } return $myuser; } // End hesk_validateUserInfo() function remove() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $myuser = intval( hesk_GET('id' ) ) or hesk_error($hesklang['no_valid_id']); /* You can't delete the default user */ if ($myuser == 1) { hesk_process_messages($hesklang['cant_del_admin'],'./manage_users.php'); } /* You can't delete your own account (the one you are logged in) */ if ($myuser == $_SESSION['id']) { hesk_process_messages($hesklang['cant_del_own'],'./manage_users.php'); } /* Un-assign all tickets for this user */ $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."tickets` SET `owner`=0 WHERE `owner`='".intval($myuser)."'"); /* Delete user info */ $res = hesk_dbQuery("DELETE FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."users` WHERE `id`='".intval($myuser)."'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'].': '.$hesklang['user_not_found'],'./manage_users.php'); } hesk_process_messages($hesklang['sel_user_removed'],'./manage_users.php','SUCCESS'); } // End remove() function toggle_autoassign() { global $hesk_settings, $hesklang; /* A security check */ hesk_token_check(); $myuser = intval( hesk_GET('id' ) ) or hesk_error($hesklang['no_valid_id']); $_SESSION['seluser'] = $myuser; if ( intval( hesk_GET('s') ) ) { $autoassign = 1; $tmp = $hesklang['uaaon']; } else { $autoassign = 0; $tmp = $hesklang['uaaoff']; } /* Update auto-assign settings */ $res = hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."users` SET `autoassign`='{$autoassign}' WHERE `id`='".intval($myuser)."'"); if (hesk_dbAffectedRows() != 1) { hesk_process_messages($hesklang['int_error'].': '.$hesklang['user_not_found'],'./manage_users.php'); } hesk_process_messages($tmp,'./manage_users.php','SUCCESS'); } // End toggle_autoassign() ?>