diff options
Diffstat (limited to 'src/controllers/Users.class.php')
-rw-r--r-- | src/controllers/Users.class.php | 82 |
1 files changed, 45 insertions, 37 deletions
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php index 9781ab0..9674907 100644 --- a/src/controllers/Users.class.php +++ b/src/controllers/Users.class.php @@ -1,4 +1,6 @@ <?php +require_once('Login.class.php'); +require_once('Auth.class.php'); Router::register('users/new' , 'Users', 'new_user'); Router::register('users/index', 'Users', 'index_file'); @@ -7,18 +9,9 @@ Router::register('users/*' , 'Users', 'individual'); class Users extends Controller { public static $illegal_names = array('', 'new', 'index'); - - /** - * Handle GETing the new user form. - * - * I would have named this `new', but that's a keyword. - */ - public function new_user($routed, $vars) { - // since there will never be a remainder to `users/new', we can - // use that parameter to pass in some data. - $this->showView('users/new', $vars); - } - + + // Index Views /////////////////////////////////////////////// + public function index($routed, $remainder) { return $this->index_dir($routed, $remainder); } @@ -56,18 +49,32 @@ class Users extends Controller { $this->show_index($routed, $remainder); } + // Other Views /////////////////////////////////////////////// + /** + * Handle GETing the new user form. + * + * I would have named this `new', but that's a keyword. + */ + public function new_user($routed, $vars) { + // since there will never be a remainder to `users/new', we can + // use that parameter to pass in some data. + $this->showView('users/new', $vars); + } + public function individual($routed, $remainder) { $username = implode('/', $remainder); - global $mm; - $uid = $mm->getUID($username); - if ($mm->getStatus($uid)===3) $uid = false; // ignore groups. + global $mm; // also used for pluginmanager + $db = $mm->database(); + $uid = $db->getUID($username); + $user = Auth::getObj($uid); + + if ($user->isGroup()) $uid = false; // ignore groups. if ($uid===false) { $this->http404($routed, $remainder); } else { - $user = $mm->getAuthObj($uid); if (!$user->canRead()) { $this->http401($routed, $remainder); exit(); @@ -75,6 +82,7 @@ class Users extends Controller { $vars = array(); $method = $_SERVER['REQUEST_METHOD']; + switch ($method) { case 'PUT': $_POST = $_PUT; case 'POST': @@ -82,31 +90,32 @@ class Users extends Controller { if ($user->canEdit()) { $vars = $this->update_user($user); } - break; + break; } - + $config_options = array(); $mm->pluginManager()->callHook('userConfig', &$config_options); $vars['config_options'] = $config_options; $vars['user'] = $user; - $vars['groups'] = $mm->listGroupNames(); + $vars['groups'] = $db->listGroupNames(); require_once('ContactMethod.class.php'); $this->showView('users/individual', $vars); } } - public function http404($routed, $remainder) { + public function http404($routed, $rnemainder) { $username = implode('/', $remainder); $this->showView('users/404', array('username'=>$username)); } - + public function http401($routed, $remainder) { - global $mm; - $this->showView('users/401', array('uid'=>$mm->isLoggedIn())); + $this->showView('users/401', array('uid'=>Login::isLoggedIn())); } - + + // Other Functions /////////////////////////////////////////// + /** * This will parse POST data to create a new user. * If successfull it will show a message saying so. @@ -119,9 +128,10 @@ class Users extends Controller { @$vars['password1'] = $_POST['auth_password' ]; @$vars['password2'] = $_POST['auth_password_verify']; - global $mm; + global $mm; $db = $mm->database(); + $vars['errors'] = array(); - if ($mm->getUID($vars['username'])!==false) + if ($db->getUID($vars['username'])!==false) $vars['errors'][] = 'user exists'; if (in_array($vars['username'], $this->illegal_names)) $vars['errors'] = 'illegal name'; @@ -136,11 +146,11 @@ class Users extends Controller { } else { $username = $vars['username']; $passowrd = $vars['password1']; - $uid = $mm->addUser($username, $password); + $uid = $db->addUser($username, $password); if ($uid===false) { $this->showView('users/500'); } else { - $mm->login($username, $password); + Login::login($username, $password); $this->showView('users/created', array('username'=>$username)); } @@ -185,8 +195,8 @@ class Users extends Controller { } // Change information ////////////////////////////////////////// - global $mm; $config_options = array(); + global $mm; $mm->pluginManager()->callHook('userConfig', &$config_options); foreach ($config_options as $group=>$options) { @@ -244,9 +254,9 @@ class Users extends Controller { * This will show the user index. */ private function show_index($routed, $remainder) { - global $mm; + global $mm; $db = $mm->database(); - $logged_in_user = $mm->getAuthObj($mm->isLoggedIn()); + $logged_in_user = Auth::getObj(Login::isLoggedIn()); if (!$logged_in_user->isUser()) { $this->http401($routed, $remainder); exit(); @@ -255,9 +265,9 @@ class Users extends Controller { $vars = array(); $vars['attribs'] = $this->getIndexAttribs(); $vars['users'] = array(); - $uids = $mm->listUsers(); + $uids = $db->listUsers(); foreach ($uids as $uid) { - $user = $mm->getAuthObj($uid); + $user = Auth::getObj($uid); $vars['users'][$uid] = array(); foreach ($vars['attribs'] as $attrib) { $key = $attrib['key']; @@ -269,8 +279,7 @@ class Users extends Controller { } private function getConf($user, $key) { - global $mm; - $logged_in_user = $mm->getAuthObj($mm->isLoggedIn()); + $logged_in_user = Auth::getObj(Login::isLoggedIn()); $uid = $user->getUID(); $post_key = $key."[$uid]"; @$value = $_POST[$post_key]; @@ -301,8 +310,7 @@ class Users extends Controller { private function setConf($uid, $key, $value) { // So, this rocks because we don't have to check permissions, // the User object does that. - global $mm; - $user = $mm->getAuthObj($uid); + $user = Auth::getObj($uid); switch ($key) { case 'auth_name': |