web/public_php/ams/inc/show_user.php

   1 <?php
   2 /**
   3 * This function is beign used to load info that's needed for the show_user page.
   4 * Users can only browse their own user page, while mods/admins can browse all user pages. The current settings of the user being browsed will be loaded, as also their created tickets
   5 * and this info will be returned so it can be used by the template.
   6 * @author Daan Janssens, mentored by Matthew Lagoe
   7 */
   8 function show_user(){
   9      //if logged in
  10     if(WebUsers::isLoggedIn()){
  11
  12         //Users can only browse their own user page, while mods/admins can browse all user pages
  13         if( !isset($_GET['id']) ||  Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id'] ){
  14
  15             if(isset($_GET['id'])){
  16                 $result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
  17             }else{
  18                 $result['target_id'] = $_SESSION['id'];
  19             }
  20             $webUser = new WebUsers($result['target_id']);
  21             $result['target_name'] = $webUser->getUsername();
  22             $result['mail'] = $webUser->getEmail();
  23             $info = $webUser->getInfo();
  24             $result['firstName'] = $info['FirstName'];
  25             $result['lastName'] = $info['LastName'];
  26             $result['country'] = $info['Country'];
  27             $result['gender'] = $info['Gender'];
  28
  29             $ticket_user = Ticket_User::constr_ExternId($result['target_id']);
  30             $result['userPermission'] = $ticket_user->getPermission();
  31             if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
  32                 $result['isAdmin'] = "TRUE";
  33             }
  34             $ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId());
  35
  36             $result['ticketlist'] = Gui_Elements::make_table($ticketlist, Array("getTId","getTimestamp","getTitle","getStatus","getStatusText","getStatusText","getCategoryName"), Array("tId","timestamp","title","status","statustext","statusText","category"));
  37             global $INGAME_WEBPATH;
  38             $result['ingame_webpath'] = $INGAME_WEBPATH;
  39             return $result;
  40
  41         }else{
  42             //ERROR: No access!
  43             $_SESSION['error_code'] = "403";
  44                 header("Cache-Control: max-age=1");
  45             header("Location: index.php?page=error");
  46             throw new SystemExit();
  47         }
  48     }else{
  49         //ERROR: not logged in!
  50                 header("Cache-Control: max-age=1");
  51         header("Location: index.php");
  52         throw new SystemExit();
  53     }
  54 }