  |
61 | 61 | | |
| |
62 | 62 | | $error = false; |
| |
63 | 63 | | |
 |
64 | | - | $osC_Database->startTransaction(); |
| |
65 | | - | |
| |
| 64 | + | $Qcheck = $osC_Database->query('select id from :table_administrators where user_name = :user_name'); |
|
66 | 65 | | if (isset($_GET['aID']) && is_numeric($_GET['aID'])) { |
|
67 | | - | $Qadmin = $osC_Database->query('update :table_administrators set user_name = :user_name where id = :id'); |
| |
68 | | - | $Qadmin->bindInt(':id', $_GET['aID']); |
| |
69 | | - | } else { |
| |
70 | | - | $Qadmin = $osC_Database->query('insert into :table_administrators (user_name) values (:user_name)'); |
| |
| 66 | + | $Qcheck->appendQuery('and id != :id limit 1'); |
| |
| 67 | + | $Qcheck->bindInt(':id', $_GET['aID']); |
|
71 | 68 | | } |
|
72 | | - | $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
73 | | - | $Qadmin->bindValue(':user_name', $_POST['user_name']); |
| |
74 | | - | $Qadmin->execute(); |
| |
| 69 | + | $Qcheck->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
| 70 | + | $Qcheck->bindValue(':user_name', $_POST['user_name']); |
| |
| 71 | + | $Qcheck->execute(); |
|
75 | 72 | | |
|
76 | | - | if ( !$osC_Database->isError() ) { |
| |
77 | | - | $id = (isset($_GET['aID']) && is_numeric($_GET['aID']) ? $_GET['aID'] : $osC_Database->nextID()); |
| |
| 73 | + | if ($Qcheck->numberOfRows() < 1) { |
| |
| 74 | + | $osC_Database->startTransaction(); |
|
78 | 75 | | |
|
79 | | - | if ( !empty($_POST['user_password']) ) { |
| |
80 | | - | $Qadmin = $osC_Database->query('update :table_administrators set user_password = :user_password where id = :id'); |
| |
81 | | - | $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
82 | | - | $Qadmin->bindValue(':user_password', osc_encrypt_string(trim($_POST['user_password']))); |
| |
83 | | - | $Qadmin->bindInt(':id', $id); |
| |
84 | | - | $Qadmin->execute(); |
| |
| 76 | + | if (isset($_GET['aID']) && is_numeric($_GET['aID'])) { |
| |
| 77 | + | $Qadmin = $osC_Database->query('update :table_administrators set user_name = :user_name where id = :id'); |
| |
| 78 | + | $Qadmin->bindInt(':id', $_GET['aID']); |
| |
| 79 | + | } else { |
| |
| 80 | + | $Qadmin = $osC_Database->query('insert into :table_administrators (user_name) values (:user_name)'); |
| |
| 81 | + | } |
| |
| 82 | + | $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
| 83 | + | $Qadmin->bindValue(':user_name', $_POST['user_name']); |
| |
| 84 | + | $Qadmin->execute(); |
|
85 | 85 | | |
|
86 | | - | if ( $osC_Database->isError() ) { |
| |
87 | | - | $error = true; |
| |
| 86 | + | if ( !$osC_Database->isError() ) { |
| |
| 87 | + | $id = (isset($_GET['aID']) && is_numeric($_GET['aID']) ? $_GET['aID'] : $osC_Database->nextID()); |
| |
| 88 | + | |
| |
| 89 | + | if ( !empty($_POST['user_password']) ) { |
| |
| 90 | + | $Qadmin = $osC_Database->query('update :table_administrators set user_password = :user_password where id = :id'); |
| |
| 91 | + | $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
| 92 | + | $Qadmin->bindValue(':user_password', osc_encrypt_string(trim($_POST['user_password']))); |
| |
| 93 | + | $Qadmin->bindInt(':id', $id); |
| |
| 94 | + | $Qadmin->execute(); |
| |
| 95 | + | |
| |
| 96 | + | if ( $osC_Database->isError() ) { |
| |
| 97 | + | $error = true; |
| |
| 98 | + | } |
|
88 | 99 | | } |
|
| 100 | + | } else { |
| |
| 101 | + | $error = true; |
|
89 | 102 | | } |
|
90 | | - | } else { |
| |
91 | | - | $error = true; |
| |
92 | | - | } |
|
93 | 103 | | |
|
94 | | - | if ( $error === false ) { |
| |
95 | | - | $modules_array = array(); |
| |
| 104 | + | if ( $error === false ) { |
| |
| 105 | + | $modules_array = array(); |
|
96 | 106 | | |
|
97 | | - | if ( isset($_POST['modules']) ) { |
| |
98 | | - | if ( in_array( '*', $_POST['modules'] ) ) { |
| |
99 | | - | $_POST['modules'] = array('*'); |
| |
100 | | - | } |
| |
| 107 | + | if ( isset($_POST['modules']) ) { |
| |
| 108 | + | if ( in_array( '*', $_POST['modules'] ) ) { |
| |
| 109 | + | $_POST['modules'] = array('*'); |
| |
| 110 | + | } |
|
101 | 111 | | |
|
102 | | - | foreach ($_POST['modules'] as $module) { |
| |
103 | | - | $modules_array[] = '\'' . $module . '\''; |
| |
| 112 | + | foreach ($_POST['modules'] as $module) { |
| |
| 113 | + | $modules_array[] = '\'' . $module . '\''; |
|
104 | 114 | | |
|
105 | | - | $Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1'); |
| |
106 | | - | $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
107 | | - | $Qcheck->bindInt(':administrators_id', $id); |
| |
108 | | - | $Qcheck->bindValue(':module', $module); |
| |
109 | | - | $Qcheck->execute(); |
| |
| 115 | + | $Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1'); |
| |
| 116 | + | $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 117 | + | $Qcheck->bindInt(':administrators_id', $id); |
| |
| 118 | + | $Qcheck->bindValue(':module', $module); |
| |
| 119 | + | $Qcheck->execute(); |
|
110 | 120 | | |
|
111 | | - | if ( $Qcheck->numberOfRows() < 1 ) { |
| |
112 | | - | $Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)'); |
| |
113 | | - | $Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
114 | | - | $Qinsert->bindInt(':administrators_id', $id); |
| |
115 | | - | $Qinsert->bindValue(':module', $module); |
| |
116 | | - | $Qinsert->execute(); |
| |
| 121 | + | if ( $Qcheck->numberOfRows() < 1 ) { |
| |
| 122 | + | $Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)'); |
| |
| 123 | + | $Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 124 | + | $Qinsert->bindInt(':administrators_id', $id); |
| |
| 125 | + | $Qinsert->bindValue(':module', $module); |
| |
| 126 | + | $Qinsert->execute(); |
|
117 | 127 | | |
|
118 | | - | if ( $osC_Database->isError() ) { |
| |
119 | | - | $error = true; |
| |
120 | | - | break; |
| |
| 128 | + | if ( $osC_Database->isError() ) { |
| |
| 129 | + | $error = true; |
| |
| 130 | + | break; |
| |
| 131 | + | } |
|
121 | 132 | | } |
| |
122 | 133 | | } |
| |
123 | 134 | | } |
| |
124 | 135 | | } |
|
125 | | - | } |
|
126 | 136 | | |
|
127 | | - | if ( $error === false ) { |
| |
128 | | - | $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id'); |
| |
| 137 | + | if ( $error === false ) { |
| |
| 138 | + | $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id'); |
|
129 | 139 | | |
|
130 | | - | if ( !empty($modules_array) ) { |
| |
131 | | - | $Qdel->appendQuery('and module not in (:module)'); |
| |
132 | | - | $Qdel->bindRaw(':module', implode(',', $modules_array)); |
| |
133 | | - | } |
| |
| 140 | + | if ( !empty($modules_array) ) { |
| |
| 141 | + | $Qdel->appendQuery('and module not in (:module)'); |
| |
| 142 | + | $Qdel->bindRaw(':module', implode(',', $modules_array)); |
| |
| 143 | + | } |
|
134 | 144 | | |
|
135 | | - | $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
136 | | - | $Qdel->bindInt(':administrators_id', $id); |
| |
137 | | - | $Qdel->execute(); |
| |
| 145 | + | $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 146 | + | $Qdel->bindInt(':administrators_id', $id); |
| |
| 147 | + | $Qdel->execute(); |
|
138 | 148 | | |
|
139 | | - | if ( $osC_Database->isError() ) { |
| |
140 | | - | $error = true; |
| |
141 | | - | } else { |
| |
142 | | - | if ($id == $_SESSION['admin']['id']) { |
| |
143 | | - | $_SESSION['admin']['access'] = osC_Access::getUserLevels($id); |
| |
| 149 | + | if ( $osC_Database->isError() ) { |
| |
| 150 | + | $error = true; |
| |
| 151 | + | } else { |
| |
| 152 | + | if ($id == $_SESSION['admin']['id']) { |
| |
| 153 | + | $_SESSION['admin']['access'] = osC_Access::getUserLevels($id); |
| |
| 154 | + | } |
|
144 | 155 | | } |
| |
145 | 156 | | } |
|
146 | | - | } |
|
147 | 157 | | |
|
148 | | - | if ( $error === false ) { |
| |
149 | | - | $osC_Database->commitTransaction(); |
| |
| 158 | + | if ( $error === false ) { |
| |
| 159 | + | $osC_Database->commitTransaction(); |
|
150 | 160 | | |
|
151 | | - | $osC_MessageStack->add_session($this->_module, SUCCESS_DB_ROWS_UPDATED, 'success'); |
| |
| 161 | + | $osC_MessageStack->add_session($this->_module, SUCCESS_DB_ROWS_UPDATED, 'success'); |
| |
| 162 | + | } else { |
| |
| 163 | + | $osC_Database->rollbackTransaction(); |
| |
| 164 | + | |
| |
| 165 | + | $osC_MessageStack->add_session($this->_module, ERROR_DB_ROWS_NOT_UPDATED, 'error'); |
| |
| 166 | + | } |
| |
| 167 | + | |
| |
| 168 | + | osc_redirect(osc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&page=' . $_GET['page'] . (isset($id) ? '&aID=' . $id : ''))); |
|
152 | 169 | | } else { |
|
153 | | - | $osC_Database->rollbackTransaction(); |
| |
| 170 | + | $osC_MessageStack->add($this->_module, ERROR_ADMINISTRATORS_USERNAME_EXISTS, 'error'); |
|
154 | 171 | | |
|
155 | | - | $osC_MessageStack->add_session($this->_module, ERROR_DB_ROWS_NOT_UPDATED, 'error'); |
| |
| 172 | + | if (isset($_GET['aID']) && is_numeric($_GET['aID'])) { |
| |
| 173 | + | $_GET['action'] = 'aEdit'; |
| |
| 174 | + | } else { |
| |
| 175 | + | $_GET['action'] = 'aNew'; |
| |
| 176 | + | } |
|
156 | 177 | | } |
|
157 | | - | |
| |
158 | | - | osc_redirect(osc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&page=' . $_GET['page'] . (isset($id) ? '&aID=' . $id : ''))); |
|
159 | 178 | | } |
| |
160 | 179 | | |
| |
161 | 180 | | function _delete() { |