diff options
-rw-r--r-- | src/controllers/Users.class.php | 73 | ||||
-rw-r--r-- | src/lib/DB.class.php | 131 |
2 files changed, 136 insertions, 68 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php index a4403e3..54e4675 100644 --- a/src/controllers/Users.class.php +++ b/src/controllers/Users.class.php @@ -1,6 +1,7 @@ <?php require_once('Login.class.php'); require_once('Auth.class.php'); +require_once('DB.class.php'); Router::register('users/new' , 'Users', 'new_user'); Router::register('users/index', 'Users', 'index_file'); @@ -188,7 +189,7 @@ class Users extends Controller { $this->showView('users/500'); } else { Login::login($username, $password); - $this->setConf($uid, 'email', $vars['email']); + DB::set('users', $uid, 'email', $vars['email']); $this->showView('users/created', array('username'=>$username)); } @@ -284,8 +285,7 @@ class Users extends Controller { @$value_base = $old[$uid]; $we_changed_it = $value_base != $value; if ($we_changed_it) { - $user = Auth::getObj($uid); - $value_fork = $this->getConf($user,$key); + $value_fork = DB::get('users', $uid, $key); $value_fork = $value_fork['value']; if ($value_fork===false) $value_fork = 'false'; if ($value_fork===true) $value_fork = 'true'; @@ -305,7 +305,7 @@ class Users extends Controller { } } if ($doit) { - $this->setConf($uid, $key, $value); + DB::set('users', $uid, $key, $value); } if ($forked) { echo "<pre>\n"; @@ -340,79 +340,16 @@ class Users extends Controller { $vars['users'] = array(); $uids = $db->listUsers(); foreach ($uids as $uid) { - $user = Auth::getObj($uid); $vars['users'][$uid] = array(); foreach ($vars['attribs'] as $attrib) { $key = $attrib['key']; - $props = $this->getConf($user, $key); + $props = DB::get('users', $uid, $key); $vars['users'][$uid][$key] = $props; } } $this->showView('users/index', $vars); } - - private function getConf($user, $key) { - $logged_in_user = Auth::getObj(Login::isLoggedIn()); - $uid = $user->getUID(); - $post_key = $key."[$uid]"; - @$value = $_POST[$post_key]; - $editable = $user->canEdit(); - - switch ($key) { - case 'auth_uid': - $value = $user->getUID(); - $editable = false; - break; - case 'auth_name': - $value = $user->getName(); - break; - case 'auth_user': - $editable = $editable && $logged_in_user->isAdmin(); - $value = $user->isUser(); - break; - case 'auth_admin': - $editable = $editable && $logged_in_user->isAdmin(); - $value = $user->isAdmin(); - break; - case 'auth_delete': - $editable = $editable && $logged_in_user->isAdmin(); - $value = false; - break; - default: - $value = $user->getConf($key); - if ($value===false) $value=''; - break; - } - return array('value'=>$value, - 'post_key'=>$post_key, - 'editable'=>$editable); - } - private function setConf($uid, $key, $value) { - // So, this rocks because we don't have to check permissions, - // the User object does that. - $user = Auth::getObj($uid); - - switch ($key) { - case 'auth_uid': - break; - case 'auth_name': - $user->setName($value); - break; - case 'auth_user': - $user->setUser($value=='true'); - break; - case 'auth_admin': - $user->setAdmin($value=='true'); - break; - case 'auth_delete': - if ($value=='true') $user->delete(); - default: - $user->setConf($key, $value); - break; - } - } - function attrib($key, $name) { return array('key'=>$key, 'name'=>$name); } diff --git a/src/lib/DB.class.php b/src/lib/DB.class.php new file mode 100644 index 0000000..9f14161 --- /dev/null +++ b/src/lib/DB.class.php @@ -0,0 +1,131 @@ +<?php + +require_once('Auth.class.php'); +require_once('Login.class.php'); + +class DB { + public static function get($table, $unit, $key) { + switch ($table) { + case 'conf': + case 'plugins': + return self::admin_get($unit, $key); + break; + case 'users': + return self::user_get($unit, $key); + break; + default: + return false; + } + } + public static function set($table, $unit, $key, $value) { + switch ($table) { + case 'conf': + case 'plugins': + return self::admin_get($unit, $key, $value); + break; + case 'users': + return self::user_set($unit, $key, $value); + break; + default: + return false; + } + } + + private static function user_get($uid, $key) { + $user = Auth::getObj($uid); + $logged_in_user = Auth::getObj(Login::isLoggedIn()); + + $post_key = $key."[$uid]"; + @$value = $_POST[$post_key]; + $editable = $user->canEdit(); + + switch ($key) { + case 'auth_uid': + $value = $user->getUID(); + $editable = false; + break; + case 'auth_name': + $value = $user->getName(); + break; + case 'auth_user': + $editable = $editable && $logged_in_user->isAdmin(); + $value = $user->isUser(); + break; + case 'auth_admin': + $editable = $editable && $logged_in_user->isAdmin(); + $value = $user->isAdmin(); + break; + case 'auth_delete': + $editable = $editable && $logged_in_user->isAdmin(); + $value = false; + break; + default: + $value = $user->getConf($key); + if ($value===false) $value=''; + break; + } + + return array('value'=>$value, + 'post_key'=>$post_key, + 'editable'=>$editable); + } + private static function user_set($uid, $key, $value) { + $user = Auth::getObj($uid); + + switch ($key) { + case 'auth_uid': + return false; + break; + case 'auth_name': + return $user->setName($value); + break; + case 'auth_user': + return $user->setUser($value=='true'); + break; + case 'auth_admin': + return $user->setAdmin($value=='true'); + break; + case 'auth_delete': + if ($value=='true') return $user->delete(); + default: + return $user->setConf($key, $value); + break; + } + } + + private static function admin_get($plugin, $key) { + global $mm; $db = $mm->database(); + $user = Auth::getObj(Login::isLoggedIn()); + if ($user->isAdmin()) { + $editable = true; + switch ($plugin) { + case 'system': + $value = $db->getSysConf($key); + break; + default: + $value = $db->getPluginConf($plugin, $key); + break; + } + } else { + $editable = false; + $value = false; + } + + return array('value'=>$value, + 'post_key'=>'to be implemented',// FIXME + 'editable'=>$editable); + } + private static function admin_set($plugin, $key, $value) { + global $mm; $db = $mm->database(); + $user = Auth::getObj(Login::isLoggedIn()); + if (!$user->isAdmin()) { + return false; + } + switch ($plugin) { + case 'system': + return $db->setSysConf($key, $value); + default: + return $db->setPluginConf($plugin, $key, $value); + } + } +}
\ No newline at end of file |