<?php\r
/***************************************************************************\r
-Copyright (C) 2007 - 2008 SemanticScuttle project (fork from Scuttle)\r
-http://sourceforge.net/projects/semanticscuttle/\r\r
+ Copyright (C) 2007 - 2008 SemanticScuttle project (fork from Scuttle)\r
+ http://sourceforge.net/projects/semanticscuttle/\r\r
\r
-This program is free software; you can redistribute it and/or modify\r
-it under the terms of the GNU General Public License as published by\r
-the Free Software Foundation; either version 2 of the License, or\r
-(at your option) any later version.\r
+ This program is free software; you can redistribute it and/or modify\r
+ it under the terms of the GNU General Public License as published by\r
+ the Free Software Foundation; either version 2 of the License, or\r
+ (at your option) any later version.\r
\r
-This program is distributed in the hope that it will be useful,\r
-but WITHOUT ANY WARRANTY; without even the implied warranty of\r
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
-GNU General Public License for more details.\r
-You should have received a copy of the GNU General Public License\r
-along with this program; if not, write to the Free Software\r
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r
-***************************************************************************/\r
+ This program is distributed in the hope that it will be useful,\r
+ but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
+ GNU General Public License for more details.\r
+ You should have received a copy of the GNU General Public License\r
+ along with this program; if not, write to the Free Software\r
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\r
+ ***************************************************************************/\r
\r
require_once('header.inc.php');\r
$bookmark2tagservice = & ServiceFactory :: getServiceInstance('Bookmark2Tagservice');\r
$bookmarkservice = & ServiceFactory :: getServiceInstance('BookmarkService');
$tag2tagservice = & ServiceFactory :: getServiceInstance('Tag2TagService');\r
-$templateservice = & ServiceFactory :: getServiceInstance('TemplateService');\r
+$templateservice = & ServiceFactory :: getServiceInstance('TemplateService');
+
+/* Managing current logged user */
+$currentUser = $userservice->getCurrentObjectUser();\r
\r
// Header variables\r
$tplVars['subtitle'] = T_('Manage users');\r
$tplVars['sidebar_blocks'] = array('users' );\r
\r
if ( !$userservice->isLoggedOn() ) {\r
- header('Location: '. createURL('login', ''));\r
- exit();\r
-}\r
+ header('Location: '. createURL('login', ''));\r
+ exit();\r
+}
\r
-//$currentUser = $userservice->getCurrentUser();\r
-//$currentUserID = $userservice->getCurrentUserId();\r
-//$currentUsername = $currentUser[$userservice->getFieldName('username')];\r
-$currentObjectUser = $userservice->getCurrentObjectUser();
-\r
-if ( !$currentObjectUser->isAdmin() ) {\r
- header('Location: '. createURL('bookmarks', $currentObjectUser->getUsername()));\r
- exit();\r
+if ( !$currentUser->isAdmin() ) {\r
+ header('Location: '. createURL('bookmarks', $currentUser->getUsername()));\r
+ exit();\r
}\r
\r
@list($url, $action, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;\r
+
\r
-if ( $action ) {\r
+if ( $action
+&& strpos($_SERVER['HTTP_REFERER'], ROOT.'/admin.php') == 0 // Prevent CSRF attacks
+) {\r
switch ( $action ) {\r
case 'delete':\r
if ( $user && ($userinfo = $userservice->getUserByUsername($user)) ) {\r
$tplVars['users'] =& $users;\r
\r
$templateservice->loadTemplate($templatename, $tplVars);\r
-?>\r
+?>
projects / semanticscuttle.git / commitdiff