]> git.wh0rd.org Git - tt-rss.git/commitdiff
add Pref_Users class
authorAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 13 Dec 2011 10:00:36 +0000 (14:00 +0400)
committerAndrew Dolgov <fox@madoka.volgo-balt.ru>
Tue, 13 Dec 2011 10:02:37 +0000 (14:02 +0400)
backend.php
classes/pref_users.php [new file with mode: 0644]
js/prefs.js
modules/pref-users.php [deleted file]

index 5511668cf5ce6c776fe007bcff058e74df276a68..9dd4c6f55d33e59e4981abf72fe8f72ef6cf43ad 100644 (file)
                        module_pref_filters($link);
                break; // pref-filters
 
-               case "pref_users":
-                       require_once "modules/pref-users.php";
-                       module_pref_users($link);
-               break; // prefs-users
-
                case "pref_instances":
                        require_once "modules/pref-instances.php";
                        module_pref_instances($link);
diff --git a/classes/pref_users.php b/classes/pref_users.php
new file mode 100644 (file)
index 0000000..5f762b5
--- /dev/null
@@ -0,0 +1,483 @@
+<?php
+class Pref_Users extends Handler {
+
+               function before() {
+                       if (parent::before()) {
+                               if ($_SESSION["access_level"] < 10) {
+                                       print __("Your access level is insufficient to open this tab.");
+                                       return false;
+                               }
+                               return true;
+                       }
+                       return false;
+               }
+
+               function userdetails() {
+
+                       header("Content-Type: text/xml");
+                       print "<dlg>";
+
+                       $uid = sprintf("%d", $_REQUEST["id"]);
+
+                       print "<title>".__('User details')."</title>";
+
+                       print "<content><![CDATA[";
+
+                       $result = db_query($this->link, "SELECT login,
+                               ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login,
+                               access_level,
+                               (SELECT COUNT(int_id) FROM ttrss_user_entries
+                                       WHERE owner_uid = id) AS stored_articles,
+                               ".SUBSTRING_FOR_DATE."(created,1,16) AS created
+                               FROM ttrss_users
+                               WHERE id = '$uid'");
+
+                       if (db_num_rows($result) == 0) {
+                               print "<h1>".__('User not found')."</h1>";
+                               return;
+                       }
+
+                       // print "<h1>User Details</h1>";
+
+                       $login = db_fetch_result($result, 0, "login");
+
+                       print "<table width='100%'>";
+
+                       $last_login = make_local_datetime($this->link,
+                               db_fetch_result($result, 0, "last_login"), true);
+
+                       $created = make_local_datetime($this->link,
+                               db_fetch_result($result, 0, "created"), true);
+
+                       $access_level = db_fetch_result($result, 0, "access_level");
+                       $stored_articles = db_fetch_result($result, 0, "stored_articles");
+
+                       print "<tr><td>".__('Registered')."</td><td>$created</td></tr>";
+                       print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>";
+
+                       $result = db_query($this->link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
+                               WHERE owner_uid = '$uid'");
+
+                       $num_feeds = db_fetch_result($result, 0, "num_feeds");
+
+                       print "<tr><td>".__('Subscribed feeds count')."</td><td>$num_feeds</td></tr>";
+
+                       print "</table>";
+
+                       print "<h1>".__('Subscribed feeds')."</h1>";
+
+                       $result = db_query($this->link, "SELECT id,title,site_url FROM ttrss_feeds
+                               WHERE owner_uid = '$uid' ORDER BY title");
+
+                       print "<ul class=\"userFeedList\">";
+
+                       $row_class = "odd";
+
+                       while ($line = db_fetch_assoc($result)) {
+
+                               $icon_file = ICONS_URL."/".$line["id"].".ico";
+
+                               if (file_exists($icon_file) && filesize($icon_file) > 0) {
+                                       $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
+                               } else {
+                                       $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
+                               }
+
+                               print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
+
+                               $row_class = $row_class == "even" ? "odd" : "even";
+
+                       }
+
+                       if (db_num_rows($result) < $num_feeds) {
+                               // FIXME - add link to show ALL subscribed feeds here somewhere
+                               print "<li><img
+                                       class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
+                       }
+
+                       print "</ul>";
+
+                       print "<div align='center'>
+                               <button onclick=\"closeInfoBox()\">".__("Close this window").
+                               "</button></div>";
+
+                       print "]]></content></dlg>";
+
+                       return;
+               }
+
+               function edit() {
+                       global $access_level_names;
+
+                       header("Content-Type: text/xml");
+
+                       $id = db_escape_string($_REQUEST["id"]);
+
+                       print "<dlg id=\"$method\">";
+                       print "<title>".__('User Editor')."</title>";
+                       print "<content><![CDATA[";
+
+                       print "<form id=\"user_edit_form\" onsubmit='return false'>";
+
+                       print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
+                       print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
+                       print "<input type=\"hidden\" name=\"method\" value=\"editSave\">";
+
+                       $result = db_query($this->link, "SELECT * FROM ttrss_users WHERE id = '$id'");
+
+                       $login = db_fetch_result($result, 0, "login");
+                       $access_level = db_fetch_result($result, 0, "access_level");
+                       $email = db_fetch_result($result, 0, "email");
+
+                       $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
+
+                       print "<div class=\"dlgSec\">".__("User")."</div>";
+                       print "<div class=\"dlgSecCont\">";
+
+                       if ($sel_disabled) {
+                               print "<input type=\"hidden\" name=\"login\" value=\"$login\">";
+                               print "<input size=\"30\" style=\"font-size : 16px\"
+                                       onkeypress=\"return filterCR(event, userEditSave)\" $sel_disabled
+                                       value=\"$login\">";
+                       } else {
+                               print "<input size=\"30\" style=\"font-size : 16px\"
+                                       onkeypress=\"return filterCR(event, userEditSave)\" $sel_disabled
+                                       name=\"login\" value=\"$login\">";
+                       }
+
+                       print "</div>";
+
+                       print "<div class=\"dlgSec\">".__("Authentication")."</div>";
+                       print "<div class=\"dlgSecCont\">";
+
+                       print __('Access level: ') . " ";
+
+                       if (!$sel_disabled) {
+                               print_select_hash("access_level", $access_level, $access_level_names,
+                                       $sel_disabled);
+                       } else {
+                               print_select_hash("", $access_level, $access_level_names,
+                                       $sel_disabled);
+                               print "<input type=\"hidden\" name=\"access_level\" value=\"$access_level\">";
+                       }
+
+                       print "<br/>";
+
+                       print __('Change password to') .
+                               " <input size=\"20\" onkeypress=\"return filterCR(event, userEditSave)\"
+                               name=\"password\">";
+
+                       print "</div>";
+
+                       print "<div class=\"dlgSec\">".__("Options")."</div>";
+                       print "<div class=\"dlgSecCont\">";
+
+                       print __('E-mail: ').
+                               " <input size=\"30\" name=\"email\" onkeypress=\"return filterCR(event, userEditSave)\"
+                               value=\"$email\">";
+
+                       print "</div>";
+
+                       print "</table>";
+
+                       print "</form>";
+
+                       print "<div class=\"dlgButtons\">
+                               <button onclick=\"return userEditSave()\">".
+                                       __('Save')."</button>
+                               <button onclick=\"return userEditCancel()\">".
+                                       __('Cancel')."</button></div>";
+
+                       print "]]></content></dlg>";
+
+                       return;
+               }
+
+               function editSave() {
+                       $login = db_escape_string(trim($_REQUEST["login"]));
+                       $uid = db_escape_string($_REQUEST["id"]);
+                       $access_level = (int) $_REQUEST["access_level"];
+                       $email = db_escape_string(trim($_REQUEST["email"]));
+                       $password = db_escape_string(trim($_REQUEST["password"]));
+
+                       if ($password) {
+                               $pwd_hash = encrypt_password($password, $login);
+                               $pass_query_part = "pwd_hash = '$pwd_hash', ";
+                       } else {
+                               $pass_query_part = "";
+                       }
+
+                       db_query($this->link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
+                               access_level = '$access_level', email = '$email' WHERE id = '$uid'");
+
+               }
+
+               function remove() {
+                       $ids = split(",", db_escape_string($_REQUEST["ids"]));
+
+                       foreach ($ids as $id) {
+                               if ($id != $_SESSION["uid"] && $id != 1) {
+                                       db_query($this->link, "DELETE FROM ttrss_tags WHERE owner_uid = '$id'");
+                                       db_query($this->link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'");
+                                       db_query($this->link, "DELETE FROM ttrss_users WHERE id = '$id'");
+                               }
+                       }
+               }
+
+               function add() {
+
+                       $login = db_escape_string(trim($_REQUEST["login"]));
+                       $tmp_user_pwd = make_password(8);
+                       $pwd_hash = encrypt_password($tmp_user_pwd, $login);
+
+                       $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE
+                               login = '$login'");
+
+                       if (db_num_rows($result) == 0) {
+
+                               db_query($this->link, "INSERT INTO ttrss_users
+                                       (login,pwd_hash,access_level,last_login,created)
+                                       VALUES ('$login', '$pwd_hash', 0, null, NOW())");
+
+
+                               $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE
+                                       login = '$login' AND pwd_hash = '$pwd_hash'");
+
+                               if (db_num_rows($result) == 1) {
+
+                                       $new_uid = db_fetch_result($result, 0, "id");
+
+                                       print format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>",
+                                               $login, $tmp_user_pwd));
+
+                                       initialize_user($this->link, $new_uid);
+
+                               } else {
+
+                                       print format_warning(T_sprintf("Could not create user <b>%s</b>", $login));
+
+                               }
+                       } else {
+                               print format_warning(T_sprintf("User <b>%s</b> already exists.", $login));
+                       }
+               }
+
+               function resetPass() {
+
+                       $uid = db_escape_string($_REQUEST["id"]);
+
+                       $result = db_query($this->link, "SELECT login,email
+                               FROM ttrss_users WHERE id = '$uid'");
+
+                       $login = db_fetch_result($result, 0, "login");
+                       $email = db_fetch_result($result, 0, "email");
+                       $tmp_user_pwd = make_password(8);
+                       $pwd_hash = encrypt_password($tmp_user_pwd, $login);
+
+                       db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
+                               WHERE id = '$uid'");
+
+                       print T_sprintf("Changed password of user <b>%s</b>
+                                to <b>%s</b>", $login, $tmp_user_pwd);
+
+                       require_once 'lib/phpmailer/class.phpmailer.php';
+
+                       if ($email) {
+                               print " ";
+                               print T_sprintf("Notifying <b>%s</b>.", $email);
+
+                               require_once "lib/MiniTemplator.class.php";
+
+                               $tpl = new MiniTemplator;
+
+                               $tpl->readTemplateFromFile("templates/resetpass_template.txt");
+
+                               $tpl->setVariable('LOGIN', $login);
+                               $tpl->setVariable('NEWPASS', $tmp_user_pwd);
+
+                               $tpl->addBlock('message');
+
+                               $message = "";
+
+                               $tpl->generateOutputToString($message);
+
+                               $mail = new PHPMailer();
+
+                               $mail->PluginDir = "lib/phpmailer/";
+                               $mail->SetLanguage("en", "lib/phpmailer/language/");
+
+                               $mail->CharSet = "UTF-8";
+
+                               $mail->From = DIGEST_FROM_ADDRESS;
+                               $mail->FromName = DIGEST_FROM_NAME;
+                               $mail->AddAddress($email, $login);
+
+                               if (DIGEST_SMTP_HOST) {
+                                       $mail->Host = DIGEST_SMTP_HOST;
+                                       $mail->Mailer = "smtp";
+                                       $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
+                                       $mail->Username = DIGEST_SMTP_LOGIN;
+                                       $mail->Password = DIGEST_SMTP_PASSWORD;
+                               }
+
+                               $mail->IsHTML(false);
+                               $mail->Subject = __("[tt-rss] Password change notification");
+                               $mail->Body = $message;
+
+                               $rc = $mail->Send();
+
+                               if (!$rc) print_error($mail->ErrorInfo);
+                       }
+
+                       print "</div>";
+               }
+
+               function index() {
+
+                       global $access_level_names;
+
+                       print "<div id=\"pref-user-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
+                       print "<div id=\"pref-user-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
+
+                       print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">";
+
+                       $user_search = db_escape_string($_REQUEST["search"]);
+
+                       if (array_key_exists("search", $_REQUEST)) {
+                               $_SESSION["prefs_user_search"] = $user_search;
+                       } else {
+                               $user_search = $_SESSION["prefs_user_search"];
+                       }
+
+                       print "<div style='float : right; padding-right : 4px;'>
+                               <input dojoType=\"dijit.form.TextBox\" id=\"user_search\" size=\"20\" type=\"search\"
+                                       value=\"$user_search\">
+                               <button dojoType=\"dijit.form.Button\" onclick=\"javascript:updateUsersList()\">".
+                                       __('Search')."</button>
+                               </div>";
+
+                       $sort = db_escape_string($_REQUEST["sort"]);
+
+                       if (!$sort || $sort == "undefined") {
+                               $sort = "login";
+                       }
+
+                       print "<div dojoType=\"dijit.form.DropDownButton\">".
+                                       "<span>" . __('Select')."</span>";
+                       print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
+                       print "<div onclick=\"selectTableRows('prefUserList', 'all')\"
+                               dojoType=\"dijit.MenuItem\">".__('All')."</div>";
+                       print "<div onclick=\"selectTableRows('prefUserList', 'none')\"
+                               dojoType=\"dijit.MenuItem\">".__('None')."</div>";
+                       print "</div></div>";
+
+                       print "<button dojoType=\"dijit.form.Button\" onclick=\"javascript:addUser()\">".__('Create user')."</button>";
+
+                       print "
+                               <button dojoType=\"dijit.form.Button\" onclick=\"javascript:selectedUserDetails()\">".
+                               __('Details')."</button dojoType=\"dijit.form.Button\">
+                               <button dojoType=\"dijit.form.Button\" onclick=\"javascript:editSelectedUser()\">".
+                               __('Edit')."</button dojoType=\"dijit.form.Button\">
+                               <button dojoType=\"dijit.form.Button\" onclick=\"javascript:removeSelectedUsers()\">".
+                               __('Remove')."</button dojoType=\"dijit.form.Button\">
+                               <button dojoType=\"dijit.form.Button\" onclick=\"javascript:resetSelectedUserPass()\">".
+                               __('Reset password')."</button dojoType=\"dijit.form.Button\">";
+
+                       print "</div>"; #toolbar
+                       print "</div>"; #pane
+                       print "<div id=\"pref-user-content\" dojoType=\"dijit.layout.ContentPane\" region=\"center\">";
+
+                       print "<div id=\"sticky-status-msg\"></div>";
+
+                       if ($user_search) {
+
+                               $user_search = split(" ", $user_search);
+                               $tokens = array();
+
+                               foreach ($user_search as $token) {
+                                       $token = trim($token);
+                                       array_push($tokens, "(UPPER(login) LIKE UPPER('%$token%'))");
+                               }
+
+                               $user_search_query = "(" . join($tokens, " AND ") . ") AND ";
+
+                       } else {
+                               $user_search_query = "";
+                       }
+
+                       $result = db_query($this->link, "SELECT
+                                       id,login,access_level,email,
+                                       ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login,
+                                       ".SUBSTRING_FOR_DATE."(created,1,16) as created
+                               FROM
+                                       ttrss_users
+                               WHERE
+                                       $user_search_query
+                                       id > 0
+                               ORDER BY $sort");
+
+                       if (db_num_rows($result) > 0) {
+
+                       print "<p><table width=\"100%\" cellspacing=\"0\"
+                               class=\"prefUserList\" id=\"prefUserList\">";
+
+                       print "<tr class=\"title\">
+                                               <td align='center' width=\"5%\">&nbsp;</td>
+                                               <td width=''><a href=\"#\" onclick=\"updateUsersList('login')\">".__('Login')."</a></td>
+                                               <td width='20%'><a href=\"#\" onclick=\"updateUsersList('access_level')\">".__('Access Level')."</a></td>
+                                               <td width='20%'><a href=\"#\" onclick=\"updateUsersList('created')\">".__('Registered')."</a></td>
+                                               <td width='20%'><a href=\"#\" onclick=\"updateUsersList('last_login')\">".__('Last login')."</a></td></tr>";
+
+                       $lnum = 0;
+
+                       while ($line = db_fetch_assoc($result)) {
+
+                               $class = ($lnum % 2) ? "even" : "odd";
+
+                               $uid = $line["id"];
+
+                               print "<tr class=\"$class\" id=\"UMRR-$uid\">";
+
+                               $line["login"] = htmlspecialchars($line["login"]);
+
+                               $line["created"] = make_local_datetime($this->link, $line["created"], false);
+                               $line["last_login"] = make_local_datetime($this->link, $line["last_login"], false);
+
+                               print "<td align='center'><input onclick='toggleSelectRow(this);'
+                                       type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
+
+                               $onclick = "onclick='editUser($uid, event)' title='".__('Click to edit')."'";
+
+                               print "<td $onclick>" . $line["login"] . "</td>";
+
+                               if (!$line["email"]) $line["email"] = "&nbsp;";
+
+                               print "<td $onclick>" . $access_level_names[$line["access_level"]] . "</td>";
+                               print "<td $onclick>" . $line["created"] . "</td>";
+                               print "<td $onclick>" . $line["last_login"] . "</td>";
+
+                               print "</tr>";
+
+                               ++$lnum;
+                       }
+
+                       print "</table>";
+
+                       } else {
+                               print "<p>";
+                               if (!$user_search) {
+                                       print_warning(__('No users defined.'));
+                               } else {
+                                       print_warning(__('No matching users found.'));
+                               }
+                               print "</p>";
+
+                       }
+
+                       print "</div>"; #pane
+                       print "</div>"; #container
+
+               }
+
+       }
+?>
index 4e1dadda255f220fc52174e93f8501e727f495da..896a787c6cc0a59be3912d83bc18adab780effc2 100644 (file)
@@ -5,33 +5,8 @@ var hotkey_prefix_pressed = false;
 
 var seq = "";
 
-function instancelist_callback2(transport) {
-       try {
-               dijit.byId('instanceConfigTab').attr('content', transport.responseText);
-               selectTab("instanceConfig", true);
-               notify("");
-       } catch (e) {
-               exception_error("instancelist_callback2", e);
-       }
-}
-
-function filterlist_callback2(transport) {
-       dijit.byId('filterConfigTab').attr('content', transport.responseText);
-       notify("");
-}
-
-function userlist_callback2(transport) {
-       try {
-               dijit.byId('userConfigTab').attr('content', transport.responseText);
-
-               notify("");
-       } catch (e) {
-               exception_error("userlist_callback2", e);
-       }
-}
-
-function notify_callback2(transport) {
-       notify_info(transport.responseText);
+function notify_callback2(transport, sticky) {
+       notify_info(transport.responseText, sticky);
 }
 
 function updateFeedList(sort_key) {
@@ -53,14 +28,14 @@ function updateInstanceList(sort_key) {
        new Ajax.Request("backend.php", {
                parameters: "?op=pref-instances&sort=" + param_escape(sort_key),
                onComplete: function(transport) {
-                       instancelist_callback2(transport);
+                       dijit.byId('instanceConfigTab').attr('content', transport.responseText);
+                       selectTab("instanceConfig", true);
+                       notify("");
                } });
 }
 
 function updateUsersList(sort_key) {
-
        try {
-
                var user_search = $("user_search");
                var search = "";
                if (user_search) { search = user_search.value; }
@@ -72,7 +47,9 @@ function updateUsersList(sort_key) {
                new Ajax.Request("backend.php", {
                        parameters: query,
                        onComplete: function(transport) {
-                               userlist_callback2(transport);
+                               dijit.byId('userConfigTab').attr('content', transport.responseText);
+                               selectTab("userConfig", true)
+                               notify("");
                        } });
 
        } catch (e) {
@@ -103,7 +80,8 @@ function addUser() {
                new Ajax.Request("backend.php", {
                        parameters: query,
                        onComplete: function(transport) {
-                               userlist_callback2(transport);
+                               notify_callback2(transport);
+                               updateUsersList();
                        } });
 
        } catch (e) {
@@ -332,7 +310,7 @@ function removeSelectedUsers() {
                                new Ajax.Request("backend.php", {
                                        parameters: query,
                                        onComplete: function(transport) {
-                                               userlist_callback2(transport);
+                                               updateUsersList();
                                        } });
 
                        }
@@ -503,7 +481,7 @@ function userEditSave() {
                new Ajax.Request("backend.php", {
                        parameters: query,
                        onComplete: function(transport) {
-                               userlist_callback2(transport);
+                               updateUsersList();
                        } });
 
        } catch (e) {
@@ -562,7 +540,7 @@ function resetSelectedUserPass() {
                        new Ajax.Request("backend.php", {
                                parameters: query,
                                onComplete: function(transport) {
-                                       userlist_callback2(transport);
+                                       notify_info(transport.responseText);
                                } });
 
                }
@@ -592,7 +570,7 @@ function selectedUserDetails() {
 
                var id = rows[0];
 
-               var query = "?op=pref-users&method=user-details&id=" + id;
+               var query = "?op=pref-users&method=userdetails&id=" + id;
 
                new Ajax.Request("backend.php", {
                        parameters: query,
@@ -816,7 +794,8 @@ function updateFilterList() {
        new Ajax.Request("backend.php", {
                parameters: "?op=pref-filters",
                onComplete: function(transport) {
-                       filterlist_callback2(transport);
+                       dijit.byId('filterConfigTab').attr('content', transport.responseText);
+                       notify("");
                } });
 }
 
diff --git a/modules/pref-users.php b/modules/pref-users.php
deleted file mode 100644 (file)
index 8f6ba10..0000000
+++ /dev/null
@@ -1,501 +0,0 @@
-<?php
-       function module_pref_users($link) {
-
-               global $access_level_names;
-
-               if (!SINGLE_USER_MODE && $_SESSION["access_level"] < 10) {
-                       print __("Your access level is insufficient to open this tab.");
-                       return;
-               }
-
-               $method = $_REQUEST["method"];
-
-               if ($method == "user-details") {
-
-                       header("Content-Type: text/xml");
-                       print "<dlg id=\"$method\">";
-
-                       $uid = sprintf("%d", $_REQUEST["id"]);
-
-                       print "<title>".__('User details')."</title>";
-
-                       print "<content><![CDATA[";
-
-                       $result = db_query($link, "SELECT login,
-                               ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login,
-                               access_level,
-                               (SELECT COUNT(int_id) FROM ttrss_user_entries
-                                       WHERE owner_uid = id) AS stored_articles,
-                               ".SUBSTRING_FOR_DATE."(created,1,16) AS created
-                               FROM ttrss_users
-                               WHERE id = '$uid'");
-
-                       if (db_num_rows($result) == 0) {
-                               print "<h1>".__('User not found')."</h1>";
-                               return;
-                       }
-
-                       // print "<h1>User Details</h1>";
-
-                       $login = db_fetch_result($result, 0, "login");
-
-                       print "<table width='100%'>";
-
-                       $last_login = make_local_datetime($link,
-                               db_fetch_result($result, 0, "last_login"), true);
-
-                       $created = make_local_datetime($link,
-                               db_fetch_result($result, 0, "created"), true);
-
-                       $access_level = db_fetch_result($result, 0, "access_level");
-                       $stored_articles = db_fetch_result($result, 0, "stored_articles");
-
-                       print "<tr><td>".__('Registered')."</td><td>$created</td></tr>";
-                       print "<tr><td>".__('Last logged in')."</td><td>$last_login</td></tr>";
-
-                       $result = db_query($link, "SELECT COUNT(id) as num_feeds FROM ttrss_feeds
-                               WHERE owner_uid = '$uid'");
-
-                       $num_feeds = db_fetch_result($result, 0, "num_feeds");
-
-                       print "<tr><td>".__('Subscribed feeds count')."</td><td>$num_feeds</td></tr>";
-
-                       print "</table>";
-
-                       print "<h1>".__('Subscribed feeds')."</h1>";
-
-                       $result = db_query($link, "SELECT id,title,site_url FROM ttrss_feeds
-                               WHERE owner_uid = '$uid' ORDER BY title");
-
-                       print "<ul class=\"userFeedList\">";
-
-                       $row_class = "odd";
-
-                       while ($line = db_fetch_assoc($result)) {
-
-                               $icon_file = ICONS_URL."/".$line["id"].".ico";
-
-                               if (file_exists($icon_file) && filesize($icon_file) > 0) {
-                                       $feed_icon = "<img class=\"tinyFeedIcon\" src=\"$icon_file\">";
-                               } else {
-                                       $feed_icon = "<img class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">";
-                               }
-
-                               print "<li class=\"$row_class\">$feed_icon&nbsp;<a href=\"".$line["site_url"]."\">".$line["title"]."</a></li>";
-
-                               $row_class = $row_class == "even" ? "odd" : "even";
-
-                       }
-
-                       if (db_num_rows($result) < $num_feeds) {
-                               // FIXME - add link to show ALL subscribed feeds here somewhere
-                               print "<li><img
-                                       class=\"tinyFeedIcon\" src=\"images/blank_icon.gif\">&nbsp;...</li>";
-                       }
-
-                       print "</ul>";
-
-                       print "<div align='center'>
-                               <button onclick=\"closeInfoBox()\">".__("Close this window").
-                               "</button></div>";
-
-                       print "]]></content></dlg>";
-
-                       return;
-               }
-
-               if ($method == "edit") {
-
-                       header("Content-Type: text/xml");
-
-                       $id = db_escape_string($_REQUEST["id"]);
-
-                       print "<dlg id=\"$method\">";
-                       print "<title>".__('User Editor')."</title>";
-                       print "<content><![CDATA[";
-
-                       print "<form id=\"user_edit_form\" onsubmit='return false'>";
-
-                       print "<input type=\"hidden\" name=\"id\" value=\"$id\">";
-                       print "<input type=\"hidden\" name=\"op\" value=\"pref-users\">";
-                       print "<input type=\"hidden\" name=\"method\" value=\"editSave\">";
-
-                       $result = db_query($link, "SELECT * FROM ttrss_users WHERE id = '$id'");
-
-                       $login = db_fetch_result($result, 0, "login");
-                       $access_level = db_fetch_result($result, 0, "access_level");
-                       $email = db_fetch_result($result, 0, "email");
-
-                       $sel_disabled = ($id == $_SESSION["uid"]) ? "disabled" : "";
-
-                       print "<div class=\"dlgSec\">".__("User")."</div>";
-                       print "<div class=\"dlgSecCont\">";
-
-                       if ($sel_disabled) {
-                               print "<input type=\"hidden\" name=\"login\" value=\"$login\">";
-                               print "<input size=\"30\" style=\"font-size : 16px\"
-                                       onkeypress=\"return filterCR(event, userEditSave)\" $sel_disabled
-                                       value=\"$login\">";
-                       } else {
-                               print "<input size=\"30\" style=\"font-size : 16px\"
-                                       onkeypress=\"return filterCR(event, userEditSave)\" $sel_disabled
-                                       name=\"login\" value=\"$login\">";
-                       }
-
-                       print "</div>";
-
-                       print "<div class=\"dlgSec\">".__("Authentication")."</div>";
-                       print "<div class=\"dlgSecCont\">";
-
-                       print __('Access level: ') . " ";
-
-                       if (!$sel_disabled) {
-                               print_select_hash("access_level", $access_level, $access_level_names,
-                                       $sel_disabled);
-                       } else {
-                               print_select_hash("", $access_level, $access_level_names,
-                                       $sel_disabled);
-                               print "<input type=\"hidden\" name=\"access_level\" value=\"$access_level\">";
-                       }
-
-                       print "<br/>";
-
-                       print __('Change password to') .
-                               " <input size=\"20\" onkeypress=\"return filterCR(event, userEditSave)\"
-                               name=\"password\">";
-
-                       print "</div>";
-
-                       print "<div class=\"dlgSec\">".__("Options")."</div>";
-                       print "<div class=\"dlgSecCont\">";
-
-                       print __('E-mail: ').
-                               " <input size=\"30\" name=\"email\" onkeypress=\"return filterCR(event, userEditSave)\"
-                               value=\"$email\">";
-
-                       print "</div>";
-
-                       print "</table>";
-
-                       print "</form>";
-
-                       print "<div class=\"dlgButtons\">
-                               <button onclick=\"return userEditSave()\">".
-                                       __('Save')."</button>
-                               <button onclick=\"return userEditCancel()\">".
-                                       __('Cancel')."</button></div>";
-
-                       print "]]></content></dlg>";
-
-                       return;
-               }
-
-               if ($method == "editSave") {
-
-                       if ($_SESSION["access_level"] >= 10) {
-
-                               $login = db_escape_string(trim($_REQUEST["login"]));
-                               $uid = db_escape_string($_REQUEST["id"]);
-                               $access_level = (int) $_REQUEST["access_level"];
-                               $email = db_escape_string(trim($_REQUEST["email"]));
-                               $password = db_escape_string(trim($_REQUEST["password"]));
-
-                               if ($password) {
-                                       $pwd_hash = encrypt_password($password, $login);
-                                       $pass_query_part = "pwd_hash = '$pwd_hash', ";
-                                       $status_msg = format_notice(T_sprintf('Changed password of user <b>%s</b>.', $login));
-                               } else {
-                                       $pass_query_part = "";
-                               }
-
-                               db_query($link, "UPDATE ttrss_users SET $pass_query_part login = '$login',
-                                       access_level = '$access_level', email = '$email' WHERE id = '$uid'");
-
-                       }
-               } else if ($method == "remove") {
-
-                       if ($_SESSION["access_level"] >= 10) {
-
-                               $ids = split(",", db_escape_string($_REQUEST["ids"]));
-
-                               foreach ($ids as $id) {
-                                       if ($id != $_SESSION["uid"] && $id != 1) {
-                                               db_query($link, "DELETE FROM ttrss_tags WHERE owner_uid = '$id'");
-                                               db_query($link, "DELETE FROM ttrss_feeds WHERE owner_uid = '$id'");
-                                               db_query($link, "DELETE FROM ttrss_users WHERE id = '$id'");
-                                       }
-                               }
-                       }
-               } else if ($method == "add") {
-
-                       if ($_SESSION["access_level"] >= 10) {
-
-                               $login = db_escape_string(trim($_REQUEST["login"]));
-                               $tmp_user_pwd = make_password(8);
-                               $pwd_hash = encrypt_password($tmp_user_pwd, $login);
-
-                               $result = db_query($link, "SELECT id FROM ttrss_users WHERE
-                                       login = '$login'");
-
-                               if (db_num_rows($result) == 0) {
-
-                                       db_query($link, "INSERT INTO ttrss_users
-                                               (login,pwd_hash,access_level,last_login,created)
-                                               VALUES ('$login', '$pwd_hash', 0, null, NOW())");
-
-
-                                       $result = db_query($link, "SELECT id FROM ttrss_users WHERE
-                                               login = '$login' AND pwd_hash = '$pwd_hash'");
-
-                                       if (db_num_rows($result) == 1) {
-
-                                               $new_uid = db_fetch_result($result, 0, "id");
-
-                                               $status_msg = format_notice(T_sprintf("Added user <b>%s</b> with password <b>%s</b>",
-                                                       $login, $tmp_user_pwd));
-
-                                               initialize_user($link, $new_uid);
-
-                                       } else {
-
-                                               $status_msg = format_warning(T_sprintf("Could not create user <b>%s</b>", $login));
-
-                                       }
-                               } else {
-                                       $status_msg = format_warning(T_sprintf("User <b>%s</b> already exists.", $login));
-                               }
-                       }
-               } else if ($method == "resetPass") {
-
-                       if ($_SESSION["access_level"] >= 10) {
-
-                               $uid = db_escape_string($_REQUEST["id"]);
-
-                               $result = db_query($link, "SELECT login,email
-                                       FROM ttrss_users WHERE id = '$uid'");
-
-                               $login = db_fetch_result($result, 0, "login");
-                               $email = db_fetch_result($result, 0, "email");
-                               $tmp_user_pwd = make_password(8);
-                               $pwd_hash = encrypt_password($tmp_user_pwd, $login);
-
-                               db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
-                                       WHERE id = '$uid'");
-
-                               $status_msg = format_notice(T_sprintf("Changed password of user <b>%s</b>
-                                        to <b>%s</b>", $login, $tmp_user_pwd));
-
-                               require_once 'lib/phpmailer/class.phpmailer.php';
-
-                               if ($email) {
-                                       $status_msg += format_notice(T_sprintf("Notifying <b>%s</b>.", $email));
-
-                                       require_once "lib/MiniTemplator.class.php";
-
-                                       $tpl = new MiniTemplator;
-
-                                       $tpl->readTemplateFromFile("templates/resetpass_template.txt");
-
-                                       $tpl->setVariable('LOGIN', $login);
-                                       $tpl->setVariable('NEWPASS', $tmp_user_pwd);
-
-                                       $tpl->addBlock('message');
-
-                                       $message = "";
-
-                                       $tpl->generateOutputToString($message);
-
-                                       $mail = new PHPMailer();
-
-                                       $mail->PluginDir = "lib/phpmailer/";
-                                       $mail->SetLanguage("en", "lib/phpmailer/language/");
-
-                                       $mail->CharSet = "UTF-8";
-
-                                       $mail->From = DIGEST_FROM_ADDRESS;
-                                       $mail->FromName = DIGEST_FROM_NAME;
-                                       $mail->AddAddress($email, $login);
-
-                                       if (DIGEST_SMTP_HOST) {
-                                               $mail->Host = DIGEST_SMTP_HOST;
-                                               $mail->Mailer = "smtp";
-                                               $mail->SMTPAuth = DIGEST_SMTP_LOGIN != '';
-                                               $mail->Username = DIGEST_SMTP_LOGIN;
-                                               $mail->Password = DIGEST_SMTP_PASSWORD;
-                                       }
-
-                                       $mail->IsHTML(false);
-                                       $mail->Subject = __("[tt-rss] Password change notification");
-                                       $mail->Body = $message;
-
-                                       $rc = $mail->Send();
-
-                                       if (!$rc) print_error($mail->ErrorInfo);
-
-/*                                     mail("$login <$email>", "Password reset notification",
-                                               "Hi, $login.\n".
-                                               "\n".
-                                               "Your password for this TT-RSS installation was reset by".
-                                                       " an administrator.\n".
-                                               "\n".
-                                               "Your new password is $tmp_user_pwd, please remember".
-                                                       " it for later reference.\n".
-                                               "\n".
-                                               "Sincerely, TT-RSS Mail Daemon.", "From: " . MAIL_FROM); */
-                               }
-
-                               print "</div>";
-
-                       }
-               }
-
-               print "<div id=\"pref-user-wrap\" dojoType=\"dijit.layout.BorderContainer\" gutters=\"false\">";
-               print "<div id=\"pref-user-header\" dojoType=\"dijit.layout.ContentPane\" region=\"top\">";
-
-               print "<div id=\"pref-user-toolbar\" dojoType=\"dijit.Toolbar\">";
-
-               $user_search = db_escape_string($_REQUEST["search"]);
-
-               if (array_key_exists("search", $_REQUEST)) {
-                       $_SESSION["prefs_user_search"] = $user_search;
-               } else {
-                       $user_search = $_SESSION["prefs_user_search"];
-               }
-
-               print "<div style='float : right; padding-right : 4px;'>
-                       <input dojoType=\"dijit.form.TextBox\" id=\"user_search\" size=\"20\" type=\"search\"
-                               value=\"$user_search\">
-                       <button dojoType=\"dijit.form.Button\" onclick=\"javascript:updateUsersList()\">".
-                               __('Search')."</button>
-                       </div>";
-
-               $sort = db_escape_string($_REQUEST["sort"]);
-
-               if (!$sort || $sort == "undefined") {
-                       $sort = "login";
-               }
-
-               print "<div dojoType=\"dijit.form.DropDownButton\">".
-                               "<span>" . __('Select')."</span>";
-               print "<div dojoType=\"dijit.Menu\" style=\"display: none;\">";
-               print "<div onclick=\"selectTableRows('prefUserList', 'all')\"
-                       dojoType=\"dijit.MenuItem\">".__('All')."</div>";
-               print "<div onclick=\"selectTableRows('prefUserList', 'none')\"
-                       dojoType=\"dijit.MenuItem\">".__('None')."</div>";
-               print "</div></div>";
-
-               print "<button dojoType=\"dijit.form.Button\" onclick=\"javascript:addUser()\">".__('Create user')."</button>";
-
-               print "
-                       <button dojoType=\"dijit.form.Button\" onclick=\"javascript:selectedUserDetails()\">".
-                       __('Details')."</button dojoType=\"dijit.form.Button\">
-                       <button dojoType=\"dijit.form.Button\" onclick=\"javascript:editSelectedUser()\">".
-                       __('Edit')."</button dojoType=\"dijit.form.Button\">
-                       <button dojoType=\"dijit.form.Button\" onclick=\"javascript:removeSelectedUsers()\">".
-                       __('Remove')."</button dojoType=\"dijit.form.Button\">
-                       <button dojoType=\"dijit.form.Button\" onclick=\"javascript:resetSelectedUserPass()\">".
-                       __('Reset password')."</button dojoType=\"dijit.form.Button\">";
-
-               print "</div>"; #toolbar
-               print "</div>"; #pane
-               print "<div id=\"pref-user-content\" dojoType=\"dijit.layout.ContentPane\" region=\"center\">";
-               print "<p>$status_msg";
-
-               if ($user_search) {
-
-                       $user_search = split(" ", $user_search);
-                       $tokens = array();
-
-                       foreach ($user_search as $token) {
-                               $token = trim($token);
-                               array_push($tokens, "(UPPER(login) LIKE UPPER('%$token%'))");
-                       }
-
-                       $user_search_query = "(" . join($tokens, " AND ") . ") AND ";
-
-               } else {
-                       $user_search_query = "";
-               }
-
-               $result = db_query($link, "SELECT
-                               id,login,access_level,email,
-                               ".SUBSTRING_FOR_DATE."(last_login,1,16) as last_login,
-                               ".SUBSTRING_FOR_DATE."(created,1,16) as created
-                       FROM
-                               ttrss_users
-                       WHERE
-                               $user_search_query
-                               id > 0
-                       ORDER BY $sort");
-
-               if (db_num_rows($result) > 0) {
-
-               print "<p><table width=\"100%\" cellspacing=\"0\"
-                       class=\"prefUserList\" id=\"prefUserList\">";
-
-               print "<tr class=\"title\">
-                                       <td align='center' width=\"5%\">&nbsp;</td>
-                                       <td width=''><a href=\"#\" onclick=\"updateUsersList('login')\">".__('Login')."</a></td>
-                                       <td width='20%'><a href=\"#\" onclick=\"updateUsersList('access_level')\">".__('Access Level')."</a></td>
-                                       <td width='20%'><a href=\"#\" onclick=\"updateUsersList('created')\">".__('Registered')."</a></td>
-                                       <td width='20%'><a href=\"#\" onclick=\"updateUsersList('last_login')\">".__('Last login')."</a></td></tr>";
-
-               $lnum = 0;
-
-               while ($line = db_fetch_assoc($result)) {
-
-                       $class = ($lnum % 2) ? "even" : "odd";
-
-                       $uid = $line["id"];
-                       $edit_uid = $_REQUEST["id"];
-
-                       if ($method == "edit" && $uid != $edit_uid) {
-                               $class .= " Grayed";
-                               $this_row_id = "";
-                       } else {
-                               $this_row_id = "id=\"UMRR-$uid\"";
-                       }
-
-                       print "<tr class=\"$class\" $this_row_id>";
-
-                       $line["login"] = htmlspecialchars($line["login"]);
-
-                       $line["created"] = make_local_datetime($link, $line["created"], false);
-                       $line["last_login"] = make_local_datetime($link, $line["last_login"], false);
-
-                       print "<td align='center'><input onclick='toggleSelectRow(this);'
-                               type=\"checkbox\" id=\"UMCHK-$uid\"></td>";
-
-                       $onclick = "onclick='editUser($uid, event)' title='".__('Click to edit')."'";
-
-                       print "<td $onclick>" . $line["login"] . "</td>";
-
-                       if (!$line["email"]) $line["email"] = "&nbsp;";
-
-                       print "<td $onclick>" . $access_level_names[$line["access_level"]] . "</td>";
-                       print "<td $onclick>" . $line["created"] . "</td>";
-                       print "<td $onclick>" . $line["last_login"] . "</td>";
-
-                       print "</tr>";
-
-                       ++$lnum;
-               }
-
-               print "</table>";
-
-               } else {
-                       print "<p>";
-                       if (!$user_search) {
-                               print_warning(__('No users defined.'));
-                       } else {
-                               print_warning(__('No matching users found.'));
-                       }
-                       print "</p>";
-
-               }
-
-               print "</div>"; #pane
-               print "</div>"; #container
-
-       }
-?>