current();
if (empty($me->is_admin)) {
header(sprintf('Location: %slogin.php', WWW_URL));
exit;
}
$user = null;
$edit = $create = $delete = false;
if (!empty($_GET['edit']) && ($user = $users->getById((int) $_GET['edit']))) {
$edit = true;
}
elseif (!empty($_GET['delete']) && ($user = $users->getById((int) $_GET['delete']))) {
$delete = true;
if ($user->id == $me->id) {
die('You cannot delete your own account.');
}
}
elseif (isset($_GET['create'])) {
$create = true;
}
if ($create && !empty($_POST['create']) && !empty($_POST['login']) && !empty($_POST['password'])) {
$users->create(trim($_POST['login']), trim($_POST['password']));
header('Location: ' . WWW_URL . 'users.php');
exit;
}
elseif ($edit && !empty($_POST['save']) && !empty($_POST['login'])) {
if (empty($_POST['is_admin']) && $user->id == $me->id) {
die("You cannot remove yourself from admins, ask another admin to do it.");
}
$users->edit($user->id, array_merge($_POST, ['is_admin' => !empty($_POST['is_admin'])]));
if ($user->id == $me->id) {
$_SESSION['user'] = $users->getById($me->id);
}
header('Location: ' . WWW_URL . 'users.php');
exit;
}
elseif ($delete && !empty($_POST['delete'])) {
$users->delete($user);
header('Location: ' . WWW_URL . 'users.php');
exit;
}
html_head('Manage users');
if ($create) {
echo <<
User | Quota | Admin | |
---|---|---|---|
%s | %s used out of %s |
%s | Edit Delete |