showuser.php3 1.42 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
<?php
include("defs.php3");
include("showstuff.php3");

#
# Standard Testbed Header
#
PAGEHEADER("Show User Information");

#
# Note the difference with which this page gets it arguments!
# I invoke it using GET arguments, so uid and pid are are defined
# without having to find them in URI (like most of the other pages
# find the uid).
#

#
# Only known and logged in users can do this.
#
LOGGEDINORDIE($uid);

$isadmin = ISADMIN($uid);

#
# Verify form arguments.
# 
if (!isset($target_uid) ||
    strcmp($target_uid, "") == 0) {
    USERERROR("You must provide a User ID.", 1);
}

#
# Check to make sure thats this is a valid UID.
#
$query_result = mysql_db_query($TBDBNAME,
	"SELECT * FROM users WHERE uid=\"$target_uid\"");
if (mysql_num_rows($query_result) == 0) {
38
  USERERROR("The user $target_uid is not a valid user", 1);
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67
}

#
# Verify that this uid is a member of one of the projects that the
# target_uid is in. 
#
if (!$isadmin) {
    $query_result = mysql_db_query($TBDBNAME,
	"select proj_memb.* from proj_memb ".
        "left join proj_memb as foo ".
        "on proj_memb.pid=foo.pid and proj_memb.uid='$target_uid' ".
        "where foo.uid='$uid'");
    if (mysql_num_rows($query_result) == 0) {
        USERERROR("You are not in the same Project as $target_uid.", 1);
    }
}

echo "<center>
      <h3>User Information</h3>
      </center>\n";
SHOWUSER($target_uid);

echo "</center>\n";

#
# Standard Testbed Footer
# 
PAGEFOOTER();
?>