diff --git a/admin/admin.php b/admin/admin.php
index 83fe0b9fb6a..25616a8285d 100644
--- a/admin/admin.php
+++ b/admin/admin.php
@@ -217,7 +217,10 @@
."\t\t
\n";
//."\t\t\t\n";
-echo showadminmenu();
+if(isset($_SESSION['loginID']))
+ {
+ echo showadminmenu();
+ }
if (isset($accesssummary)) {echo $accesssummary;} // added by Dennis
diff --git a/admin/html.php b/admin/html.php
index e0101fa1457..f6234a804ba 100644
--- a/admin/html.php
+++ b/admin/html.php
@@ -95,9 +95,7 @@
else $listsurveys=" No Surveys in this Installation " ;
}
-
-
-if ($action == "checksettings" || $action == "changelang")
+if ($action == "checksettings" || ($action == "changelang" && isset($_SESSION['loginID'])))
{
//GET NUMBER OF SURVEYS
$query = "SELECT sid FROM ".db_table_name('surveys');
@@ -428,6 +426,13 @@
. "onmouseout=\"hideTooltip()\""
. "onmouseover=\"showTooltip(event,'". _("Export this Survey")."');return false\">" .
" " ;
+
+ // ***********************
+ $actsurquery = "SELECT edit_survey_property FROM {$dbprefix}surveys_rights WHERE sid=$surveyid AND uid = ".$_SESSION['loginID']; //Getting rights for this survey
+ //$actsurresult = $connect->Execute($actsurquery) or die($connect->ErrorMsg());
+ $actsurresult = &db_execute_assoc($actsurquery);
+ $actsurrows = $actsurresult->FetchRow();
+
if($actsurrows['edit_survey_property'])
{
$surveysummary .= "\t\t\t\t\t \n"
@@ -1071,9 +1076,7 @@
-
-
- ";
+ ";
}
else
{
@@ -1094,10 +1097,27 @@
"._("Forgot Your Password?")." \n
-
-
- ";
+ ";
+
}
+ // Current language
+ $loginsummary .= "\t\n"
+ . "\t\t$setfont\n"
+ . "\t\t\t"._("Current Language").": \n"
+ . "\t\t $setfont\n"
+ . "\t\t\t\n";
+ foreach (getlanguagedata() as $langkey=>$languagekind)
+ {
+ $loginsummary .= "\t\t\t\t\n";
+ }
+ $loginsummary .= "\t\t\t \n"
+ . "\t\t\t \n"
+ . "\t\t \n"
+ . "\t \n"
+ . ""
+ . "";
}
// logout user
@@ -1182,11 +1202,10 @@
foreach ($_SESSION['userlist'] as $usr)
{
- if ($usr['uid'] == $_POST['uid'])
+ if ($usr['uid'] == $_POST['uid']) // ist nicht der fall bei neuen *******
{
-
$usersummary .="\t\t \n\t\n"
- ."\t " // added by Dennis
+ ."\t "
.""
+ ." "
+ ." "
+ ." "
+ ." "
+ ." ";
+ }
+
+ $usersummary .= "\t\t\t"
+ ." "
+ ." "
+ ." "
+ ." "
+ ." ";
+
+ $usersummary .= "\t\t\n"
+ . "\t\n";
}
if($_SESSION['USER_RIGHT_CREATE_USER'])
{
@@ -1930,24 +1936,26 @@
$result = db_execute_assoc($query);
if($result->RecordCount() > 0)
{
- if($_POST['uid'] != _("Please Choose...")){
+ if($_POST['uid'] > 0){
$isrquery = "INSERT INTO {$dbprefix}surveys_rights VALUES($surveyid,". $_POST['uid'].",0,0,0,0,0,0)";
$isrresult = $connect->Execute($isrquery);
- if(mysql_affected_rows() < 0)
+ if($isrresult)
{
- // Username already exists.
- $addsummary .= ""._("Failed to add User.")." \n" . " " . _("Username already exists.")." \n";
+ $addsummary .= " "._("User added.")." \n";
}
else
{
- $addsummary .= " "._("User added.")." \n";
- }
+ // Username already exists.
+ $addsummary .= ""._("Failed to add User.")." \n" . " " . _("Username already exists.")." \n";
+ }
+
+
$addsummary .= ""
." "
." "
- ." "
+ //." "
." "
." \n";
$addsummary .= ""._("Continue")." \n";
@@ -2006,7 +2014,8 @@
$resul2row = $result2->FetchRow();
$usersummary = "\n";
diff --git a/admin/install/create-mysql.sql b/admin/install/create-mysql.sql
index 6851f280f0c..43ca2514508 100644
--- a/admin/install/create-mysql.sql
+++ b/admin/install/create-mysql.sql
@@ -218,7 +218,7 @@ CREATE TABLE `prefix_surveys` (
CREATE TABLE `prefix_users` (
`uid` int(11) NOT NULL auto_increment PRIMARY KEY,
- `user` varchar(20) NOT NULL default '',
+ `user` varchar(20) NOT NULL UNIQUE default '',
`password` BLOB NOT NULL default '',
`parent_id` int(10) unsigned NOT NULL,
`lang` varchar(20),
diff --git a/admin/sessioncontrol.php b/admin/sessioncontrol.php
index 9bb652a76e6..da8a5b66dff 100644
--- a/admin/sessioncontrol.php
+++ b/admin/sessioncontrol.php
@@ -42,7 +42,7 @@
//LANGUAGE ISSUES
-if (returnglobal('action') == "changelang")
+if (returnglobal('action') == "changelang" && !$login) // no update when login (just read from db)
{
$_SESSION['adminlang']=returnglobal('lang');
// if user is logged in update language in database
@@ -75,18 +75,6 @@
$_SESSION['USER_RIGHT_PULL_UP_USER'] = $fields['pull_up_user'];
$_SESSION['USER_RIGHT_PUSH_DOWN_USER'] = $fields['push_down_user'];
$_SESSION['USER_RIGHT_CREATE_TEMPLATE'] = $fields['create_template'];
- }
- /*
- else
- {
- // nicht mehr nötig
- $accesssummary = ("Keine Benutzerrechte gefunden! Bitte kontaktieren Sie den Admin. ");
- killSession();
- checkfortables();
- }
- */
+ }
}
-
-//CHANGE LANGUAGE IF SESSION LANG DOESN'T MATCH DEFAULT LANG
-//if (isset($_SESSION['adminlang'])) {$defaultlang=$_SESSION['adminlang'];}
?>
diff --git a/admin/usercontrol.php b/admin/usercontrol.php
index 5174de40efe..6e999335813 100644
--- a/admin/usercontrol.php
+++ b/admin/usercontrol.php
@@ -112,7 +112,9 @@
$_SESSION['user'] = $fields['user'];
$_SESSION['adminlang'] = $fields['lang'];
- SetInterfaceLanguage($_SESSION['adminlang']);
+ $login = true;
+ include("sessioncontrol.php");
+ //SetInterfaceLanguage($_SESSION['adminlang']);
$loginsummary .= " " .str_replace("{NAME}", $_SESSION['user'], _("Welcome {NAME}")) . " ";
$loginsummary .= _("Login successful.");
@@ -157,20 +159,26 @@
}
elseif($valid_email)
{
- echo ($new_pass = createPassword());
+ echo "Generated Password for testing: ".$new_pass = createPassword();
$uquery = "INSERT INTO {$dbprefix}users VALUES (NULL, '$new_user', ENCODE('{$new_pass}', '{$codeString}'), {$_SESSION['loginID']}, '{$defaultlang}', '{$new_email}',0,0,0,0,0,0,0)";
- //echo($uquery);
$uresult = $connect->Execute($uquery);
- //echo($uresult); //TODO Is this working?I don't know if you so get the affacted rows
- if(mysql_affected_rows() < 0)
- //if(modify_database($uquery.";") < 0)//Has to be terminated by a semi-colon
+ if($uresult)
{
- $addsummary .= ""._("Failed to add User.")." \n" . " " . _("Username and/or email address already exists.")." \n";
- }
- else{
- // send Mail
+ $newqid = $connect->Insert_ID();
+ // add new user to userlist
+ $squery = "SELECT uid, user, DECODE(password, '{$codeString}'), parent_id, email, create_survey, configurator, create_user, delete_user, pull_up_user, push_down_user, create_template FROM {$dbprefix}users WHERE uid='{$newqid}'"; //added by Dennis
+ $sresult = db_execute_assoc($squery);
+ $srow = $sresult->FetchRow();
+
+ array_push($_SESSION['userlist'], array("user"=>$srow['user'], "uid"=>$srow['uid'], "email"=>$srow['email'],
+ "password"=>$srow["DECODE(password, '{$codeString}')"], "parent_id"=>$srow['parent_id'], "level"=>$level,
+ "create_survey"=>$srow['create_survey'], "configurator"=>$srow['configurator'], "create_user"=>$srow['create_user'],
+ "delete_user"=>$srow['delete_user'], "pull_up_user"=>$srow['pull_up_user'], "push_down_user"=>$srow['push_down_user'],
+ "create_template"=>$srow['create_template']));
+
+ // send Mail
$body = _("You were signed in. Your data:");
$body .= _("Username") . ": " . $new_user . " \n";
$body .= _("Password") . ": " . $new_pass . " \n";
@@ -191,9 +199,19 @@
$tmp = str_replace("{NAME}", "".$new_user." ", _("Email to {NAME} ({EMAIL}) failed."));
$addsummary .= " ".str_replace("{EMAIL}", $new_email, $tmp) . " ";
}
+
+ $addsummary .= " \t\t\t"
+ ." "
+ ." "
+ ." "
+ ." "
+ ." ";
}
- }
- $addsummary .= ""._("Continue")." \n";
+ else{
+ $addsummary .= ""._("Failed to add User.")." \n" . " " . _("Username and/or email address already exists.")." \n";
+ }
+ }
+ $addsummary .= ""._("Continue")." \n";
}
elseif ($action == "deluser" && ($_SESSION['USER_RIGHT_DELETE_USER'] || ($_POST['uid'] == $_SESSION['loginID'])))
diff --git a/common.php b/common.php
index 12803cdcbd0..72bc04ee71b 100644
--- a/common.php
+++ b/common.php
@@ -201,24 +201,11 @@ function showadminmenu()
$adminmenu .= "\t\t\t\t\t \n"
. "\t\t\t\t\t \n";
- // if not logged in show login icon
- if(!isset($_SESSION['loginID']))
- {
- $adminmenu .= "\t\t\t\t\t" .
- " ";
- }
- // show logout icon
- else
- {
- $adminmenu .= "\t\t\t\t\t" .
" ";
- }
+ ." title='' alt='"._("Logout")."' align='left'>";
// edit users
$adminmenu .= "\t\t\t\t\t"._("Please Choose...")."\n".$surveyselecter;}
+ if (!isset($svexist)) {$surveyselecter = "\t\t\t"._("Please Choose...")." \n".$surveyselecter;}
else {$surveyselecter = "\t\t\t"._("None")." \n".$surveyselecter;}
return $surveyselecter;
}
+
?>