summaryrefslogtreecommitdiff
path: root/src/controllers/Users.class.php
diff options
context:
space:
mode:
authorLuke Shumaker <LukeShu@sbcglobal.net>2012-01-07 08:21:00 -0800
committerLuke Shumaker <LukeShu@sbcglobal.net>2012-01-07 10:22:21 -0800
commit83e460cdc3fc09867a3adb48c3d0894579dd3050 (patch)
tree0771bd935b30971bf2c244b6f158ed7496b644e5 /src/controllers/Users.class.php
parent3d64793a1ee45857856be1cd71c3a0a040a3e869 (diff)
Refactor to separate the framework from the app; drop message stuff, this app is just user management. Add a json view for individual users
Diffstat (limited to 'src/controllers/Users.class.php')
-rw-r--r--src/controllers/Users.class.php371
1 files changed, 0 insertions, 371 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
deleted file mode 100644
index 9978ef8..0000000
--- a/src/controllers/Users.class.php
+++ /dev/null
@@ -1,371 +0,0 @@
-<?php
-require_once('Login.class.php');
-require_once('Auth.class.php');
-require_once('DB.class.php');
-require_once('PluginManager.class.php');
-require_once('Database.class.php');
-
-Router::register('users/new' , 'Users', 'new_user');
-Router::register('users/index', 'Users', 'index_file');
-Router::register('users' , 'Users', 'index_dir');
-Router::register('users/*' , 'Users', 'individual');
-
-class Users extends Controller {
- // Index Views ///////////////////////////////////////////////
-
- public function index($routed, $remainder) {
- return $this->index_dir($routed, $remainder);
- }
-
- /**
- * Handle POSTing a new user, or GETing the index.
- */
- public function index_dir($routed, $remainder) {
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'POST':
- // We're POSTing a new user.
- if ($this->registrationOpen()) {
- $this->create_user();
- } else {
- $this->showView('users/new-locked', array());
- exit();
- }
- break;
- case 'HEAD': // fall-through to GET
- case 'GET':
- // We're GETing the index.
- $this->show_index($routed, $remainder);
- break;
- }
- }
-
- /**
- * Handle PUTing an updated user index, or GETing the index.
- */
- public function index_file($routed, $remainder) {
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing an updated user index.
- $this->update_users();
- break;
- }
- $this->show_index($routed, $remainder);
- }
-
- // Other Views ///////////////////////////////////////////////
-
- /**
- * Handle GETing the new user form.
- *
- * I would have named this `new', but that's a keyword.
- */
- public function new_user($routed, $vars) {
- // since there will never be a remainder to `users/new', we can
- // use that parameter to pass in some data.
- if (Login::isLoggedIn()) {
- $this->showView('users/new-logged-in', array());
- exit();
- }
- if (!$this->registrationOpen()) {
- $this->showView('users/new-locked', array());
- exit();
- }
- if (!isset($vars['errors'])) $vars['errors'] = array();
-
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $vars['antispam_html'] = $pm->callHook('antispam_html');
- $vars['userlist'] = $db->getSysConf('anon_userlist');
- $this->showView('users/new', $vars);
- }
-
- public function individual($routed, $remainder) {
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $username = implode('/', $remainder);
- if ($username == 'all') {
- $uids = $db->listUsers();
- } else {
- $uids = array($db->getUID($username));
- }
-
- $vars = array();
-
- if (count($uids)<2) {
- $user = Auth::getInstance($uid);
-
- if ($user->isGroup()) $uid = false; // ignore groups.
-
- if ($uid===false) {
- $this->http404($routed, $remainder);
- exit();
- }
- if (!$user->canRead()) {
- $this->http401($routed, $remainder);
- exit();
- }
-
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT': $_POST = $_PUT;
- case 'POST':
- // We're PUTing updated user info.
- if ($user->canEdit()) {
- $vars = $this->update_user($user);
- }
- break;
- }
- }
-
- $config_options = array();
- $pm->callHook('userConfig', &$config_options);
-
- $vars['users'] = array();
- foreach ($uids as $uid) {
- $vars['users'][] = Auth::getInstance($uid);
- }
- $vars['username'] = $username;
- $vars['config_options'] = $config_options;
- $vars['groups'] = $db->listGroupNames();
- require_once('ContactMethod.class.php');
- $this->showView('users/individual', $vars);
- }
-
- public function http404($routed, $remainder) {
- $username = implode('/', $remainder);
- $this->showView('users/404',
- array('username'=>$username));
- }
-
- public function http401($routed, $remainder) {
- $this->showView('users/401', array('uid'=>Login::isLoggedIn()));
- }
-
- // Other Functions ///////////////////////////////////////////
-
- /**
- * This will parse POST data to create a new user.
- * If successfull it will show a message saying so.
- * If not successfull, it will re-show the new-user form with errors
- * explained.
- */
- private function create_user() {
- $db = Database::getInstance();
- $pm = PluginManager::getInstance();
-
- $vars = array();
- @$vars['username' ] = $_POST['auth_name'];
- @$vars['password1'] = $_POST['auth_password' ];
- @$vars['password2'] = $_POST['auth_password_verify'];
- @$vars['email'] = $_POST['user_email'];
-
- $vars['errors'] = array();
- if ($db->getUID($vars['username'])!==false)
- $vars['errors'][] = 'user exists';
- if (!Auth::isNameLegal($vars['username']))
- $vars['errors'][] = 'illegal name';
- $matches = ($vars['password1'] == $vars['password2']);
- if (!$matches) {
- $vars['errors'][] = 'pw mixmatch';
- }
- if ($matches && $vars['password2'] == '') {
- $vars['errors'][] = 'no pw';
- }
- if ($vars['email'] == '') {
- $vars['errors'][] = 'no email';
- }
- foreach ($pm->callHook('antispam_verify') as $plugin=>$valid) {
- if (!$valid) $vars['errors'][] = 'plugin_'.$plugin;
- }
-
- if (count($vars['errors']) > 0) {
- $this->new_user($routed, $vars);
- } else {
- $username = $vars['username'];
- $password = $vars['password1'];
- $uid = $db->addUser($username, $password);
- if ($uid===false) {
- $this->showView('users/500');
- } else {
- Login::login($username, $password);
- DB::set('users', $uid, 'email', $vars['email']);
- $this->showView('users/created',
- array('username'=>$username));
- }
- }
- }
-
- /**
- * This will parse POST (really, PUT) data to update a single user
- */
- private function update_user($user) {
- $vars = array();
-
- $username = $user->getName();
- // Change the username /////////////////////////////////////////
- if (isset($_POST['auth_name'])) {
- $new_name = $_POST['auth_name'];
- if ($new_name != $username) {
- $changed_name = $user->setName($new_name);
- $username = $user->getName();
- $vars['changed name'] = $changed_name;
- }
- }
-
- // Change the password /////////////////////////////////////////
- @$password1 = $_POST['auth_password' ];
- @$password2 = $_POST['auth_password'.'_verify'];
-
- // Check the verify box, not main box, so that we don't get
- // tripped by browsers annoyingly autocompleting the password.
- $is_set = ($password2 != '');
-
- if ($is_set) {
- $matches = ( $password1 == $password2 );
- if ($matches) {
- $user->setPassword($password1);
- $vars['pw updated'] = true;
- } else {
- $vars['pw mixmatch'] = true;
- }
- }
-
- // Change information //////////////////////////////////////////
- $config_options = array();
- $pm = PluginManager::getInstance();
- $pm->callHook('userConfig', &$config_options);
-
- foreach ($config_options as $group=>$options) {
- foreach ($options as $option) {
- $this->confText($user, $option[0]);
- }
- }
-
- // Change contact info /////////////////////////////////////////
- global $CONTACT_METHODS;
- foreach ($CONTACT_METHODS as $method) {
- $this->confText($user, $method->addr_slug);
- }
- $this->confArray($user, 'use');
-
- // Change groups ///////////////////////////////////////////////
- $this->confArray($user, 'groups');
-
- return $vars;
- }
-
- private function confArray($user, $key) {
- if (isset($_POST[$key]) && is_array($_POST[$key])) {
- $user->setConfArray($key, $_POST[$key]);
- }
- }
-
- private function confText($user, $name) {
- if (isset($_POST["user_$name"])) {
- $user->setConf($name, $_POST["user_$name"]);
- }
- }
-
-
- /**
- * This will parse POST (really, PUT) data to update multiple users.
- */
- private function update_users() {
- $attribs = $this->getIndexAttribs();
- $form = new Form(null, null);
- foreach ($attribs as $attrib) {
- $key = $attrib['key'];
- if (isset($_POST[$key]) && is_array($_POST[$key])) {
- $old = $_POST['_old'][$key];
- foreach ($_POST[$key] as $uid => $value) {
- @$value_base = $old[$uid];
- $set = DB::set('users', $uid, $key, $value, $value_base);
- if (is_string($set)) {
- echo "<pre>\n";
- echo "Error: Value changed elsewhere, ".
- "and I don't have real handling ".
- "for this yet.\n";
- echo "UID: $uid\n";
- echo "Name: ".$user->getName()."\n";
- echo "Key: $key\n";
- echo "Value: Original : ";
- var_dump($value_base);
- echo "Value: Other edit: ";
- var_dump($value_fork);
- echo "Value: This edit : ";
- var_dump($value);
- echo "</pre>";
- }
- }
- }
- }
- }
-
- /**
- * This will show the user index.
- */
- private function show_index($routed, $remainder) {
- $db = Database::getInstance();
-
- $logged_in_user = Auth::getInstance(Login::isLoggedIn());
- $anon_userlist = $db->getSysConf('anon_userlist')=='true';
- if (!$anon_userlist && !$logged_in_user->isUser()) {
- $this->http401($routed, $remainder);
- exit();
- }
-
- $vars = array();
- $vars['attribs'] = $this->getIndexAttribs();
- $vars['users'] = array();
- $uids = $db->listUsers();
- foreach ($uids as $uid) {
- $vars['users'][$uid] = array();
- foreach ($vars['attribs'] as $attrib) {
- $key = $attrib['key'];
- $props = DB::get('users', $uid, $key);
- $vars['users'][$uid][$key] = $props;
- }
- }
- $this->showView('users/index', $vars);
- }
-
- function attrib($key, $name, $type='string') {
- return array('key'=>$key, 'name'=>$name, 'type'=>$type);
- }
- private function getIndexAttribs() {
- $user = Auth::getInstance(Login::isLoggedIn());
-
- $attribs = array();
- $attribs[] = $this->attrib('auth_uid', 'UID');
- if ($user->isUser()) {
- $attribs[] = $this->attrib('auth_user', 'Active', 'bool');
- if ($user->isAdmin()) {
- $attribs[] = $this->attrib('auth_admin', 'Admin', 'bool');
- $attribs[] = $this->attrib('auth_delete', 'Delete', 'bool');
- }
- $attribs[] = $this->attrib('lastname','Last');
- $attribs[] = $this->attrib('firstname','First');
- $attribs[] = $this->attrib('hsclass','Class of');
- $attribs[] = $this->attrib('phone','Phone number');
- $attribs[] = $this->attrib('email','Email');
- }
- $attribs[] = $this->attrib('auth_name', 'Username');
-
- return $attribs;
- }
-
- private function registrationOpen() {
- $db = Database::getInstance();
- $val = $db->getSysConf('registration_open');
- switch ($val) {
- case 'true': return true;
- case 'false': return false;
- default: return true;
- }
- }
-}