diff options
Diffstat (limited to 'src/views/pages/users')
| -rw-r--r-- | src/views/pages/users/401.html.php | 15 | ||||
| -rw-r--r-- | src/views/pages/users/404.html.php | 10 | ||||
| -rw-r--r-- | src/views/pages/users/500.html.php | 13 | ||||
| -rw-r--r-- | src/views/pages/users/created.html.php | 16 | ||||
| -rw-r--r-- | src/views/pages/users/include.php | 60 | ||||
| -rw-r--r-- | src/views/pages/users/index.csv.php | 27 | ||||
| -rw-r--r-- | src/views/pages/users/index.html.php | 65 | ||||
| -rw-r--r-- | src/views/pages/users/index.php | 116 | ||||
| -rw-r--r-- | src/views/pages/users/individual.html.php | 105 | ||||
| -rw-r--r-- | src/views/pages/users/individual.php | 89 | ||||
| -rw-r--r-- | src/views/pages/users/new.html.php | 37 |
11 files changed, 553 insertions, 0 deletions
diff --git a/src/views/pages/users/401.html.php b/src/views/pages/users/401.html.php new file mode 100644 index 0000000..0a5a1ce --- /dev/null +++ b/src/views/pages/users/401.html.php @@ -0,0 +1,15 @@ +<?php global $VARS; +$t = $VARS['template']; + +$t->status('401 Unauthorized'); +$t->header('Unauthorized'); +$t->tag('h1', array(), "401: Unauthorized"); +if ($VARS['uid']===false) { + // Not logged in + $t->paragraph('You need to be logged in to view user-data.'); +} else { + // Logged in, so the account must not activated + $t->paragraph('Your account needs to be activated by an administrator '. + 'to view user-data.'); +} +$t->footer(); diff --git a/src/views/pages/users/404.html.php b/src/views/pages/users/404.html.php new file mode 100644 index 0000000..00f9dca --- /dev/null +++ b/src/views/pages/users/404.html.php @@ -0,0 +1,10 @@ +<?php global $VARS; +$t = $VARS['template']; +$username = $VARS['username']; + +$t->status('404 Not Found'); +$t->header('User Not Found'); +$t->tag('h1',array(),"404: Not Found"); +$t->paragraph('No user with the name <q>'. + htmlentities($username).'</q> exists.'); +$t->footer(); diff --git a/src/views/pages/users/500.html.php b/src/views/pages/users/500.html.php new file mode 100644 index 0000000..27038a4 --- /dev/null +++ b/src/views/pages/users/500.html.php @@ -0,0 +1,13 @@ +<?php global $VARS, $mm; +$t = $VARS['template']; + +$t->status('500 Internal Server Error'); +$t->header('Unknown error'); +$t->paragraph("An unknown error was encountered when creating ". + "the user. The username appears to be free, and ". + "the passwords match, so I'm assuming that the ". + "error is on our end. Sorry."); +$t->paragraph("Here's a dump of the SQL error stack, it may ". + "help us find the issue:"); +$t->tag('pre', array(), htmlentities($mm->mysql_error())); +$t->footer(); diff --git a/src/views/pages/users/created.html.php b/src/views/pages/users/created.html.php new file mode 100644 index 0000000..72aa26e --- /dev/null +++ b/src/views/pages/users/created.html.php @@ -0,0 +1,16 @@ +<?php global $VARS; +$t = $VARS['template']; +$username = $VARS['username']; + +$t->status('201 Created'); +header('Location: '.$t->url("users/$username")); +$t->header('User created'); +$t->paragraph("You can go ahead and fill out more of your ". + "user information, (click the @username link at ". + "the top) but will need to wait for an ". + "administrator to approve your account before ". + "you can really use the site. Actually, ". + "filling your info out might help approval, so ". + "that the administrator can more easily see who ". + "you are."); +$t->footer(); diff --git a/src/views/pages/users/include.php b/src/views/pages/users/include.php new file mode 100644 index 0000000..6e8c90b --- /dev/null +++ b/src/views/pages/users/include.php @@ -0,0 +1,60 @@ +<?php global $mm; + +require_once('User.class.php'); + +/** + * This will take care of possibly updating and displaying a value in the + * 'users' table. + */ +function inputText($user, $name, $label, $hint='') { + if ($user->canEdit()) { + if (isset($_POST["user_$name"])) { + $user->setConf($name, $_POST["user_$name"]); + } + } + + $current_setting = $user->getConf($name); + + global $mm; + $t = $mm->template(); + $t->inputText("user_$name", $label, $hint, $current_setting, + !$user->canEdit()); +} + +function inputArray($user, $name, $arr) { + global $mm; + $t = $mm->template(); + + if (isset($_POST[$name]) && is_array($_POST[$name])) { + $user->setConfArray($name, $_POST[$name]); + } + $defaults = $user->getConfArray($name); + + foreach ($arr as $value => $label) { + $t->inputBool($name, $value, $label, + in_array($value, $defaults), !$user->canEdit()); + } +} + +function inputNewPassword($user, $name, $label) { + @$password1 = $_POST[$name ]; + @$password2 = $_POST[$name.'_verify']; + + // Check the verify box, not main box, so that we don't get tripped by + // browsers annoyingly autocompleting the password. + $is_set = ($password2 != ''); + + global $mm; + $t = $mm->template(); + + if ($is_set) { + $matches = ( $password1 == $password2 ); + if ($matches) { + $user->setPassword($password1); + $t->inputP('Password successfully updated.'); + } else { + $t->inputP("Passwords don't match.", true); + } + } + $t->inputNewPassword($name, $label); +} diff --git a/src/views/pages/users/index.csv.php b/src/views/pages/users/index.csv.php new file mode 100644 index 0000000..527e508 --- /dev/null +++ b/src/views/pages/users/index.csv.php @@ -0,0 +1,27 @@ +<?php global $VARS; +$attribs = $VARS['template']; +$users = $VARS['users']; + +function escape($value) { + if (is_bool($value)) { + return ($value?'true':'false'); + } else { + $chars = "'" . '"' . '\\' . ','; + return addcslashes($str, $chars); + } +} + +$arr = array(); +foreach ($attribs as $attrib) { + $arr[] = escape($attrib['name']); +} +echo implode(',', $arr)."\n"; + +foreach ($users as $user) { + $arr = array(); + foreach ($attribs as $attrib) { + $props = $user[$attrib['key']]; + $arr[] = escape($props['value']); + } + echo implode(',', $arr)."\n"; +} diff --git a/src/views/pages/users/index.html.php b/src/views/pages/users/index.html.php new file mode 100644 index 0000000..5f1ab02 --- /dev/null +++ b/src/views/pages/users/index.html.php @@ -0,0 +1,65 @@ +<?php global $VARS; +$t = $VARS['template']; +$attribs = $VARS['template']; +$users = $VARS['users']; + +$t->header('Users'); + +$t->openTag('form', array('action'=>$t->url('users/index'), + 'method'=>'post')); + +$t->openTag('table'); + +$t->openTag('tr'); +foreach ($attribs as $attrib) { + $t->tag('th', array(), $attrib['name']); +} +$t->tag('th'); +$t->closeTag('tr'); + +foreach ($users as $user) { + $t->openTag('tr'); + + foreach ($attribs as $attrib) { + $props = $user[$attrib['key']]; + + $value = $props['value']; + $editable = $props['editable']; + $post_key = $props['post_key']; + $bool = is_bool($value); + + $arr = array('name'=>$post_key); + if (!$editable) { + $arr['readonly'] = 'readonly'; + if ($bool) $arr['disabled'] = $disabled; + } + if ($bool) { + if ($value==true) { + $arr['checked'] = 'checked'; + } + $arr['value'] = 'true'; + $arr['type'] = 'checkbox'; + } else { + $arr['value'] = $value; + $arr['type'] = 'text'; + } + + $t->openTag('td'); + $t->tag('input', $arr); + $t->closeTag('td'); + } + + $t->openTag('td'); + $t->link($t->url('users/'.$user['auth_name']['value']), 'More'); + $t->closeTag('td'); + + $t->closeTag('tr'); +} + +$t->closeTag('table'); + +$t->tag('input', array('type'=>'submit', + 'value'=>'Save/Update')); +$t->closeTag('form'); + +$t->footer(); diff --git a/src/views/pages/users/index.php b/src/views/pages/users/index.php new file mode 100644 index 0000000..d801faf --- /dev/null +++ b/src/views/pages/users/index.php @@ -0,0 +1,116 @@ +<?php global $mm; + +$logged_in_user = $mm->getAuthObj($mm->isLoggedIn()); +if (!$logged_in_user->isUser()) { + include(VIEWPATH.'/pages/users/401.php'); + exit(); +} + +function attrib($key, $name, $check=false) { + return array('key'=>$key, 'name'=>$name, 'checkbox'=>$check); +} + +function getSetConf($user, $key) { + global $mm; + $logged_in_user = $mm->getAuthObj($mm->isLoggedIn()); + $uid = $user->getUID(); + $post_key = $key."[$uid]"; + @$value = $_POST[$post_key]; + $editable = $user->canEdit(); + $edit = isset($_POST[$post_key]); + + switch ($key) { + case 'auth_name': + if ($editable && $edit) $user->setName($value); + $value = $user->getName(); + break; + case 'auth_user': + $editable = $editable && $logged_in_user->isAdmin(); + if ($editable && $edit) $user->setUser($value=='true'); + $value = $user->isUser(); + break; + case 'auth_admin': + $editable = $editable && $logged_in_user->isAdmin(); + if ($editable && $edit) $user->setAdmin($value=='true'); + $value = $user->isAdmin(); + break; + default: + if ($editable && $edit) $user->setConf($key, $value); + $value = $user->getConf($key); + break; + } + + return array( + 'value'=>$value, + 'post_key'=>$post_key, + 'editable'=>$editable); +} + +$attribs = array(attrib('auth_user', 'Active', true), + attrib('lastname','Last'), + attrib('firstname','First'), + attrib('hsclass','Class of'), + attrib('phone','Phone number'), + attrib('email','Email'), + attrib('auth_name', 'Username'), + ); + +//////////////////////////////////////////////////////////////////////////////// + +$t = $mm->template(); +$mm->header('Users'); + +$t->openTag('form', array('action'=>$mm->baseUrl().'users', + 'method'=>'post')); + +$t->openTag('table'); + +$t->openTag('tr'); +foreach ($attribs as $attrib) { + $t->tag('th', array(), $attrib['name']); +} +$t->tag('th'); +$t->closeTag('tr'); + +$uids = $mm->listUsers(); +foreach ($uids as $uid) { + $user = $mm->getAuthObj($uid); + $t->openTag('tr'); + + foreach ($attribs as $attrib) { + $props = getSetConf($user, $attrib['key']); + + $arr = array('name'=>$props['post_key']); + if (!$props['editable']) { + $arr['readonly'] = 'readonly'; + if ($attrib['checkbox']) $arr['disabled'] = $disabled; + } + if ($attrib['checkbox']) { + if ($props['value']) + $arr['checked'] = 'checked'; + $arr['value'] = 'true'; + $arr['type'] = 'checkbox'; + } else { + $arr['value'] = $props['value']; + $arr['type'] = 'text'; + } + + $t->openTag('td'); + $t->tag('input', $arr); + $t->closeTag('td'); + } + + $t->openTag('td'); + $t->link($mm->baseUrl().'users/'.$user->getName(), 'More'); + $t->closeTag('td'); + + $t->closeTag('tr'); +} + +$t->closeTag('table'); + +$t->tag('input', array('type'=>'submit', + 'value'=>'Save/Update')); +$t->closeTag('form'); + +$mm->footer();
\ No newline at end of file diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php new file mode 100644 index 0000000..4d6e4fc --- /dev/null +++ b/src/views/pages/users/individual.html.php @@ -0,0 +1,105 @@ +<?php global $VARS, $CONTACT_METHODS; +$t = $VARS['template']; +$user = $VARS['user']; + +function inputText($user, $key, $label, $hint='') { + global $VARS; $t = $VARS['template']; + $current_setting = $user->getConf($key); + $t->inputText("user_$key", $label, $hint, $current_setting, + !$user->canEdit()); +} + +function inputArray($user, $key, $arr) { + global $VARS; $t = $VARS['template']; + $defaults = $user->getConfArray($key); + + foreach ($arr as $value => $label) { + $t->inputBool($name, $value, $label, + in_array($value, $defaults), !$user->canEdit()); + } +} + + +//////////////////////////////////////////////////////////////////////////////// + +$t->header("Users: $username"); + +$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)"); + +if ($user->canEdit()) { + $t->openTag('form', array('method'=>'post', + 'action'=>$t->url("users/$username"))); +} else { + $t->openTag('form'); +} + +$t->openFieldset("Login / Authentication"); +// Username //////////////////////////////////////////////////////////////////// +if (isset($VARS['changed name']) && !$VARS['changed_name']) { + $t->inputP("Error setting username to ". + "<q>$new_name</q>. This is probably because". + " a user with that name already exists.", + true); +} +$t->inputText('auth_name','Username', + "This is the name you use to log in, but it is also a ". + "short name that is used in various places, think of it ". + "as a sort of <q>Twitter name</q>.", + $user->getName(), !$user->canEdit()); +// Password //////////////////////////////////////////////////////////////////// +if (@$VARS['pw_updated']===true) { + $t->inputP('Password successfully updated.'); +} +if (@$VARS['pw mixmatch']===true) { + $t->inputP("Passwords don't match.", true); +} +if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password'); +//////////////////////////////////////////////////////////////////////////////// +$t->closeFieldset(); + +$t->openFieldset("Information"); +inputText($user, 'firstname','First Name',''); +inputText($user, 'lastname','Last Name',''); +inputText($user, 'hsclass','Highschool Class of', + 'Please put the full year (ex: 2012)'); +$t->closeFieldset(); + + +$t->openFieldset("Contact"); +// TODO: I should make this a setting for admins to set. +$hints = array('email'=> + "Right now you can only have one email address, ". + "but I'm working on making it so you can have ". + "multiple.", + 'phone'=> + "A home phone number isn't much use here because it is ". + "used to text-message you (if you enable it), and ". + "contact you at competition." + ); +$use_arr = array(); +foreach ($CONTACT_METHODS as $method) { + inputText($user, + $method->addr_slug, + ucwords($method->addr_word), + $hints[$method->addr_slug]); + $use_arr[$method->verb_slug] = ucwords($method->verb_word); +} + +$t->inputP("When I recieve a message, notify me using the following methods:"); +inputArray($user, 'use', $use_arr); +$t->closeFieldSet(); + + +$t->openFieldSet('Groups'); +$group_arr = array(); +foreach ($VARS['groups'] as $group_name) { + $group_arr[$group_name] = ucwords($group_name); +} +inputArray($user, 'groups', $group_arr); +$t->closeFieldset(); + +if ($user->canEdit()) { + $t->tag('input', array('type'=>'submit', 'value'=>'Save')); +} +$t->closeTag('form'); +$t->footer(); diff --git a/src/views/pages/users/individual.php b/src/views/pages/users/individual.php new file mode 100644 index 0000000..2483e6b --- /dev/null +++ b/src/views/pages/users/individual.php @@ -0,0 +1,89 @@ +<?php global $mm, $uid; +// Honestly, the functions in this include should be in this file, but that +// would make this file too messy. +require_once(VIEWPATH.'/pages/users/include.php'); + +$user = $mm->getAuthObj($uid); + +if (!$user->canRead()) { + include(VIEWPATH.'/pages/users/401.php'); + exit(); +} + +// Read/Change the username +$username = $user->getName(); +if (isset($_POST['auth_name'])) { + $new_name = $_POST['auth_name']; + if ($new_name != $username) { + global $illegal_names; + if (!in_array($new_name, $illegal_names)) { + $changed_name = $user->setName($new_name); + $username = $user->getName(); + } + } +} + +//////////////////////////////////////////////////////////////////////////////// + +$t = $mm->template(); +$mm->header("Users: $username"); + +$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)"); + +if ($user->canEdit()) { + $t->openTag('form', array('method'=>'post', + 'action'=>$mm->baseUrl()."users/$username")); +} else { + $t->openTag('form'); +} + +$t->openFieldset("Login / Authentication"); +if (isset($changed_name) && !$changed_name) { + $t->inputP("Error setting username to ". + "<q>$new_name</q>. This is probably because". + " a user with that name already exists.", + true); +} + +$t->inputText('auth_name','Username', + "This is the name you use to log in, but it is also a ". + "short name that is used in various places, think of it ". + "as a sort of <q>Twitter name</q>.", + $username,!$user->canEdit()); +if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password'); +$t->closeFieldset(); + +$t->openFieldset("Information"); +inputText($user, 'firstname','First Name',''); +inputText($user, 'lastname','Last Name',''); +inputText($user, 'hsclass','Highschool Class of','Please put the full year (ex: 2012)'); +$t->closeFieldset(); + +$t->openFieldset("Contact"); +inputText($user, 'email', 'Email', + "Right now you can only have one email address, ". + "but I'm working on making it so you can have ". + "multiple."); +inputText($user, 'phone', 'Cell Number', + "A home phone number isn't much use here because it is ". + "used to text-message you (if you enable it), and ". + "contact you at competition."); +$t->inputP("When I recieve a message, notify me using the following methods:"); +inputArray($user, 'use', array('email'=>'Email', + 'sms'=>'Text Message')); +$t->closeFieldSet(); + +$t->openFieldSet('Groups'); +$groups = $mm->listGroupNames(); +$group_arr = array(); +foreach ($groups as $group_name) { + $group_arr[$group_name] = ucwords($group_name); +} +inputArray($user, 'groups', $group_arr); +$t->closeFieldset(); + +if ($user->canEdit()) { + $t->tag('input', array('type'=>'submit', 'value'=>'Save')); +} +$t->closeTag('form'); +$mm->footer(); diff --git a/src/views/pages/users/new.html.php b/src/views/pages/users/new.html.php new file mode 100644 index 0000000..f2dacb5 --- /dev/null +++ b/src/views/pages/users/new.html.php @@ -0,0 +1,37 @@ +<?php global $VARS; +$t = $VARS['template']; + +$t->header('Create new user'); + +$t->openTag('form', array('method'=>'post', + 'action'=>$t->url('users'))); + +$t->openFieldset("New User: basic login"); +if (in_array('illegal name', $VARS['errors'])) { + $t->inputP("That is a forbidden username.", true); +} +if (in_array('user exists', $VARS['errors'])) { + $t->inputP("A user with that name already exists."); +} +$t->inputText('auth_name','Username', + "This is the name you use to log in, but it is also a ". + "short name that is used in various places, think of it ". + "as a sort of <q>Twitter name</q>.",'',$VARS['username']); + +@$password = $VARS['password1']; +if ($in_array('pw mixmatch', $VARS['errors'])) { + $t->inputP("The passwords didn't match.", true); + $password = ''; +} +if (in_array('no pw', $VARS['errors'])) { + $t->inputP("You must set a password.", true); + $password = ''; +} +$t->inputNewPassword('auth_password','Password', $password); +$t->closeFieldset(); + +$t->tag('input', array('type'=>'submit', 'value'=>'Submit')); + +$t->closeTag('form'); + +$t->footer(); |