tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 16:55:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

#9527 Fixed new user

Browse Source
This commit is contained in:
Daniel Maya 2022-09-20 17:40:20 +02:00
parent 9ae4c7ca67
commit d46174adb8
2 changed files with 72 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pandora_console/godmode/users/user_list.php
View File

@ -265,6 +265,7 @@ $delete_user = (bool) get_parameter('user_del', false);
if ($delete_user === true) {
// Delete user.
$id_user = get_parameter('delete_user', 0);
if ($id_user !== 0) {
if (users_is_admin($id_user) === true && users_is_admin() === false) {
db_pandora_audit(
AUDIT_LOG_ACL_VIOLATION,
@ -331,6 +332,9 @@ if ($delete_user === true) {
} else {
ui_print_error_message(__('There was a problem deleting the user'));
}
} else {
ui_print_error_message(__('ID user cannot be empty'));
}
} else if (isset($_GET['profile_del'])) {
// Delete profile.
$id_profile = (int) get_parameter_post('delete_profile');
@ -586,6 +590,10 @@ $rowPair = true;
$iterator = 0;
$cont = 0;
foreach ($info as $user_id => $user_info) {
if (empty($user_id) === true) {
continue;
}
// User profiles.
if ($user_is_admin || $user_id == $config['id_user'] || isset($group_um[0])) {
$user_profiles = db_get_all_rows_field_filter(

21
pandora_console/include/functions_api.php
View File

@ -9535,14 +9535,16 @@ function api_set_new_user($id, $thrash2, $other, $thrash3)
{
global $config;
// if (defined ('METACONSOLE')) {
// return;
// }
if (!check_acl($config['id_user'], 0, 'UM')) {
returnError('forbidden', 'string');
return;
}
if (empty($id) === true) {
returnError('Id cannot be empty.');
return;
}
$headers = getallheaders();
if (isset($headers['idk']) === false
&& is_management_allowed($headers['idk']) === false
@ -9566,6 +9568,11 @@ function api_set_new_user($id, $thrash2, $other, $thrash3)
$values['section'] = $other['data'][11];
$values['session_time'] = $other['data'][12];
if (empty($password) === true) {
returnError('Password cannot be empty.');
return;
}
if (!create_user($id, $password, $values)) {
returnError('The user could not created');
} else {
@ -11784,14 +11791,16 @@ function api_set_delete_user($id, $thrash1, $thrash2, $thrash3)
{
global $config;
// if (defined ('METACONSOLE')) {
// return;
// }
if (!check_acl($config['id_user'], 0, 'UM')) {
returnError('forbidden', 'string');
return;
}
if (empty($id) === true) {
returnError('Id cannot be empty.');
return;
}
$headers = getallheaders();
if (isset($headers['idk']) === false
&& is_management_allowed($headers['idk']) === false