summaryrefslogtreecommitdiff
path: root/src/controllers/Users.class.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/controllers/Users.class.php')
-rw-r--r--src/controllers/Users.class.php82
1 files changed, 45 insertions, 37 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 9781ab0..9674907 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -1,4 +1,6 @@
<?php
+require_once('Login.class.php');
+require_once('Auth.class.php');
Router::register('users/new' , 'Users', 'new_user');
Router::register('users/index', 'Users', 'index_file');
@@ -7,18 +9,9 @@ Router::register('users/*' , 'Users', 'individual');
class Users extends Controller {
public static $illegal_names = array('', 'new', 'index');
-
- /**
- * Handle GETing the new user form.
- *
- * I would have named this `new', but that's a keyword.
- */
- public function new_user($routed, $vars) {
- // since there will never be a remainder to `users/new', we can
- // use that parameter to pass in some data.
- $this->showView('users/new', $vars);
- }
-
+
+ // Index Views ///////////////////////////////////////////////
+
public function index($routed, $remainder) {
return $this->index_dir($routed, $remainder);
}
@@ -56,18 +49,32 @@ class Users extends Controller {
$this->show_index($routed, $remainder);
}
+ // Other Views ///////////////////////////////////////////////
+ /**
+ * Handle GETing the new user form.
+ *
+ * I would have named this `new', but that's a keyword.
+ */
+ public function new_user($routed, $vars) {
+ // since there will never be a remainder to `users/new', we can
+ // use that parameter to pass in some data.
+ $this->showView('users/new', $vars);
+ }
+
public function individual($routed, $remainder) {
$username = implode('/', $remainder);
- global $mm;
- $uid = $mm->getUID($username);
- if ($mm->getStatus($uid)===3) $uid = false; // ignore groups.
+ global $mm; // also used for pluginmanager
+ $db = $mm->database();
+ $uid = $db->getUID($username);
+ $user = Auth::getObj($uid);
+
+ if ($user->isGroup()) $uid = false; // ignore groups.
if ($uid===false) {
$this->http404($routed, $remainder);
} else {
- $user = $mm->getAuthObj($uid);
if (!$user->canRead()) {
$this->http401($routed, $remainder);
exit();
@@ -75,6 +82,7 @@ class Users extends Controller {
$vars = array();
$method = $_SERVER['REQUEST_METHOD'];
+
switch ($method) {
case 'PUT': $_POST = $_PUT;
case 'POST':
@@ -82,31 +90,32 @@ class Users extends Controller {
if ($user->canEdit()) {
$vars = $this->update_user($user);
}
- break;
+ break;
}
-
+
$config_options = array();
$mm->pluginManager()->callHook('userConfig', &$config_options);
$vars['config_options'] = $config_options;
$vars['user'] = $user;
- $vars['groups'] = $mm->listGroupNames();
+ $vars['groups'] = $db->listGroupNames();
require_once('ContactMethod.class.php');
$this->showView('users/individual', $vars);
}
}
- public function http404($routed, $remainder) {
+ public function http404($routed, $rnemainder) {
$username = implode('/', $remainder);
$this->showView('users/404',
array('username'=>$username));
}
-
+
public function http401($routed, $remainder) {
- global $mm;
- $this->showView('users/401', array('uid'=>$mm->isLoggedIn()));
+ $this->showView('users/401', array('uid'=>Login::isLoggedIn()));
}
-
+
+ // Other Functions ///////////////////////////////////////////
+
/**
* This will parse POST data to create a new user.
* If successfull it will show a message saying so.
@@ -119,9 +128,10 @@ class Users extends Controller {
@$vars['password1'] = $_POST['auth_password' ];
@$vars['password2'] = $_POST['auth_password_verify'];
- global $mm;
+ global $mm; $db = $mm->database();
+
$vars['errors'] = array();
- if ($mm->getUID($vars['username'])!==false)
+ if ($db->getUID($vars['username'])!==false)
$vars['errors'][] = 'user exists';
if (in_array($vars['username'], $this->illegal_names))
$vars['errors'] = 'illegal name';
@@ -136,11 +146,11 @@ class Users extends Controller {
} else {
$username = $vars['username'];
$passowrd = $vars['password1'];
- $uid = $mm->addUser($username, $password);
+ $uid = $db->addUser($username, $password);
if ($uid===false) {
$this->showView('users/500');
} else {
- $mm->login($username, $password);
+ Login::login($username, $password);
$this->showView('users/created',
array('username'=>$username));
}
@@ -185,8 +195,8 @@ class Users extends Controller {
}
// Change information //////////////////////////////////////////
- global $mm;
$config_options = array();
+ global $mm;
$mm->pluginManager()->callHook('userConfig', &$config_options);
foreach ($config_options as $group=>$options) {
@@ -244,9 +254,9 @@ class Users extends Controller {
* This will show the user index.
*/
private function show_index($routed, $remainder) {
- global $mm;
+ global $mm; $db = $mm->database();
- $logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
+ $logged_in_user = Auth::getObj(Login::isLoggedIn());
if (!$logged_in_user->isUser()) {
$this->http401($routed, $remainder);
exit();
@@ -255,9 +265,9 @@ class Users extends Controller {
$vars = array();
$vars['attribs'] = $this->getIndexAttribs();
$vars['users'] = array();
- $uids = $mm->listUsers();
+ $uids = $db->listUsers();
foreach ($uids as $uid) {
- $user = $mm->getAuthObj($uid);
+ $user = Auth::getObj($uid);
$vars['users'][$uid] = array();
foreach ($vars['attribs'] as $attrib) {
$key = $attrib['key'];
@@ -269,8 +279,7 @@ class Users extends Controller {
}
private function getConf($user, $key) {
- global $mm;
- $logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
+ $logged_in_user = Auth::getObj(Login::isLoggedIn());
$uid = $user->getUID();
$post_key = $key."[$uid]";
@$value = $_POST[$post_key];
@@ -301,8 +310,7 @@ class Users extends Controller {
private function setConf($uid, $key, $value) {
// So, this rocks because we don't have to check permissions,
// the User object does that.
- global $mm;
- $user = $mm->getAuthObj($uid);
+ $user = Auth::getObj($uid);
switch ($key) {
case 'auth_name':