summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/controllers/Config.class.php30
-rw-r--r--src/controllers/Users.class.php151
-rw-r--r--src/lib/DB.class.php164
-rw-r--r--src/models/Auth.class.php1
-rw-r--r--src/views/pages/users/index.html.php74
-rw-r--r--src/views/pages/users/new.html.php10
6 files changed, 295 insertions, 135 deletions
diff --git a/src/controllers/Config.class.php b/src/controllers/Config.class.php
new file mode 100644
index 0000000..37d1f09
--- /dev/null
+++ b/src/controllers/Config.class.php
@@ -0,0 +1,30 @@
+<?php
+require_once('Auth.class.php');
+
+Router::register('config', 'Config', 'index');
+
+class Config extends Controller {
+ public function index($routed, $remainder) {
+ $uid = Login::isLoggedIn();
+ if ($uid===false || !Auth::getObj($uid)->isAdmin()) {
+ $this->http401($routed, $remainder);
+ return;
+ }
+
+ $method = $_SERVER['REQUEST_METHOD'];
+ switch ($method) {
+ case 'PUT': $_POST = $_PUT;
+ case 'POST':
+ // We're PUTing an updated configuration.
+ $this->update();
+ break;
+ }
+ $this->show_index();
+ }
+ private function show_index() {
+
+ }
+ private function update() {
+
+ }
+}
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 170d25f..dbd5120 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -1,6 +1,7 @@
<?php
require_once('Login.class.php');
require_once('Auth.class.php');
+require_once('DB.class.php');
Router::register('users/new' , 'Users', 'new_user');
Router::register('users/index', 'Users', 'index_file');
@@ -71,8 +72,13 @@ class Users extends Controller {
exit();
}
if (!isset($vars['errors'])) $vars['errors'] = array();
- global $mm; $pm = $mm->pluginManager();
+
+ global $mm;
+ $pm = $mm->pluginManager();
+ $db = $mm->database();
+
$vars['antispam_html'] = $pm->callHook('antispam_html');
+ $vars['userlist'] = $db->getSysConf('anon_userlist');
$this->showView('users/new', $vars);
}
@@ -188,7 +194,7 @@ class Users extends Controller {
$this->showView('users/500');
} else {
Login::login($username, $password);
- $this->setConf($uid, 'email', $vars['email']);
+ DB::set('users', $uid, 'email', $vars['email']);
$this->showView('users/created',
array('username'=>$username));
}
@@ -272,50 +278,28 @@ class Users extends Controller {
*/
private function update_users() {
$attribs = $this->getIndexAttribs();
+ $form = new Form(null, null);
foreach ($attribs as $attrib) {
$key = $attrib['key'];
if (isset($_POST[$key]) && is_array($_POST[$key])) {
$old = $_POST['_old'][$key];
foreach ($_POST[$key] as $uid => $value) {
- $doit = true;
- $forked = false;
- $have_old = isset($old[$uid]);
- if ($have_old) {
- @$value_base = $old[$uid];
- $we_changed_it = $value_base != $value;
- if ($we_changed_it) {
- $user = Auth::getObj($uid);
- $value_fork = $this->getConf($user,$key);
- $value_fork = $value_fork['value'];
- if ($value_fork===false) $value_fork = 'false';
- if ($value_fork===true) $value_fork = 'true';
-
- $someone_else_changed_it = $value_fork != $value_base;
- if ($someone_else_changed_it) {
- if ($value == $value_fork) {
- // we might as well not have
- $we_changed_it = false;
- } else {
- $forked = true;
- }
- }
- }
- if (!$we_changed_it) {
- $doit = false;// nothing to do
- }
- }
- if ($doit) {
- $this->setConf($uid, $key, $value);
- }
- if ($forked) {
+ @$value_base = $old[$uid];
+ $set = DB::set('users', $uid, $key, $value, $value_base);
+ if (is_string($set)) {
echo "<pre>\n";
- echo "Error: Value changed elsewhere, and I don't have real handling for this yet.\n";
+ echo "Error: Value changed elsewhere, ".
+ "and I don't have real handling ".
+ "for this yet.\n";
echo "UID: $uid\n";
echo "Name: ".$user->getName()."\n";
echo "Key: $key\n";
- echo "Value: Original : "; var_dump($value_base);
- echo "Value: Other edit: "; var_dump($value_fork);
- echo "Value: This edit : "; var_dump($value);
+ echo "Value: Original : ";
+ var_dump($value_base);
+ echo "Value: Other edit: ";
+ var_dump($value_fork);
+ echo "Value: This edit : ";
+ var_dump($value);
echo "</pre>";
}
}
@@ -330,7 +314,8 @@ class Users extends Controller {
global $mm; $db = $mm->database();
$logged_in_user = Auth::getObj(Login::isLoggedIn());
- if (!$logged_in_user->isUser()) {
+ $anon_userlist = $db->getSysConf('anon_userlist')=='true';
+ if (!$anon_userlist && !$logged_in_user->isUser()) {
$this->http401($routed, $remainder);
exit();
}
@@ -340,89 +325,39 @@ class Users extends Controller {
$vars['users'] = array();
$uids = $db->listUsers();
foreach ($uids as $uid) {
- $user = Auth::getObj($uid);
$vars['users'][$uid] = array();
foreach ($vars['attribs'] as $attrib) {
$key = $attrib['key'];
- $props = $this->getConf($user, $key);
+ $props = DB::get('users', $uid, $key);
$vars['users'][$uid][$key] = $props;
}
}
$this->showView('users/index', $vars);
}
- private function getConf($user, $key) {
- $logged_in_user = Auth::getObj(Login::isLoggedIn());
- $uid = $user->getUID();
- $post_key = $key."[$uid]";
- @$value = $_POST[$post_key];
- $editable = $user->canEdit();
-
- switch ($key) {
- case 'auth_name':
- $value = $user->getName();
- break;
- case 'auth_user':
- $editable = $editable && $logged_in_user->isAdmin();
- $value = $user->isUser();
- break;
- case 'auth_admin':
- $editable = $editable && $logged_in_user->isAdmin();
- $value = $user->isAdmin();
- break;
- case 'auth_delete':
- $editable = $editable && $logged_in_user->isAdmin();
- $value = false;
- break;
- default:
- $value = $user->getConf($key);
- if ($value===false) $value='';
- break;
- }
-
- return array('value'=>$value,
- 'post_key'=>$post_key,
- 'editable'=>$editable);
- }
- private function setConf($uid, $key, $value) {
- // So, this rocks because we don't have to check permissions,
- // the User object does that.
- $user = Auth::getObj($uid);
-
- switch ($key) {
- case 'auth_name':
- $user->setName($value);
- break;
- case 'auth_user':
- $user->setUser($value=='true');
- break;
- case 'auth_admin':
- $user->setAdmin($value=='true');
- break;
- case 'auth_delete':
- if ($value=='true') $user->delete();
- default:
- $user->setConf($key, $value);
- break;
- }
- }
-
- function attrib($key, $name) {
- return array('key'=>$key, 'name'=>$name);
+ function attrib($key, $name, $type='string') {
+ return array('key'=>$key, 'name'=>$name, 'type'=>$type);
}
private function getIndexAttribs() {
+ $user = Auth::getObj(Login::isLoggedIn());
+
$attribs = array();
- $attribs[] = $this->attrib('auth_user', 'Active');
- if (Auth::getObj(Login::isLoggedIn())->isAdmin()) {
- $attribs[] = $this->attrib('auth_admin', 'Admin');
- $attribs[] = $this->attrib('auth_delete', 'Delete');
+ if ($user->isUser()) {
+ $attribs[] = $this->attrib('auth_uid', 'UID');
+ $attribs[] = $this->attrib('auth_user', 'Active', 'bool');
+ if ($user->isAdmin()) {
+ $attribs[] = $this->attrib('auth_admin', 'Admin', 'bool');
+ $attribs[] = $this->attrib('auth_delete', 'Delete', 'bool');
+ }
+ $attribs[] = $this->attrib('lastname','Last');
+ $attribs[] = $this->attrib('firstname','First');
+ $attribs[] = $this->attrib('hsclass','Class of');
+ $attribs[] = $this->attrib('phone','Phone number');
+ $attribs[] = $this->attrib('email','Email');
+ } else {
+ $attribs[] = $this->attrib('auth_uid', 'UID');
+ $attribs[] = $this->attrib('auth_name', 'Username');
}
- $attribs[] = $this->attrib('lastname','Last');
- $attribs[] = $this->attrib('firstname','First');
- $attribs[] = $this->attrib('hsclass','Class of');
- $attribs[] = $this->attrib('phone','Phone number');
- $attribs[] = $this->attrib('email','Email');
- $attribs[] = $this->attrib('auth_name', 'Username');
return $attribs;
}
diff --git a/src/lib/DB.class.php b/src/lib/DB.class.php
new file mode 100644
index 0000000..5954726
--- /dev/null
+++ b/src/lib/DB.class.php
@@ -0,0 +1,164 @@
+<?php
+
+require_once('Auth.class.php');
+require_once('Login.class.php');
+
+class DB {
+ public static function set($table, $unit, $key, $value, $orig_value) {
+ $value_base = $orig_value;
+
+ $doit = true;
+ $forked = false;
+ $have_old = ($value_base!==null);
+ if ($have_old) {
+ $we_changed_it = $value_base != $value;
+ if ($we_changed_it) {
+ $value_fork = $this->getConfString($key);
+ $someone_else_changed_it =
+ $value_fork != $value_base;
+ if ($someone_else_changed_it) {
+ if ($value == $value_fork) {
+ // we might as well not have
+ $we_changed_it = false;
+ } else {
+ $forked = true;
+ }
+ }
+ }
+ if (!$we_changed_it) {
+ $doit = false;// nothing to do
+ }
+ }
+ if ($doit) {
+ return $this->setConf($key, $value);
+ }
+ if ($forked) {
+ return $value_fork;
+ }
+ }
+
+ public static function get($table, $unit, $key) {
+ switch ($table) {
+ case 'conf':
+ case 'plugins':
+ return self::admin_get($unit, $key);
+ break;
+ case 'users':
+ return self::user_get($unit, $key);
+ break;
+ default:
+ return false;
+ }
+ }
+ public static function raw_set($table, $unit, $key, $value) {
+ switch ($table) {
+ case 'conf':
+ case 'plugins':
+ return self::admin_get($unit, $key, $value);
+ break;
+ case 'users':
+ return self::user_set($unit, $key, $value);
+ break;
+ default:
+ return false;
+ }
+ }
+
+ private static function user_get($uid, $key) {
+ $user = Auth::getObj($uid);
+ $logged_in_user = Auth::getObj(Login::isLoggedIn());
+
+ $post_key = $key."[$uid]";
+ @$value = $_POST[$post_key];
+ $editable = $user->canEdit();
+
+ switch ($key) {
+ case 'auth_uid':
+ $value = $user->getUID();
+ $editable = false;
+ break;
+ case 'auth_name':
+ $value = $user->getName();
+ break;
+ case 'auth_user':
+ $editable = $editable && $logged_in_user->isAdmin();
+ $value = $user->isUser()?'true':'false';
+ break;
+ case 'auth_admin':
+ $editable = $editable && $logged_in_user->isAdmin();
+ $value = $user->isAdmin()?'true':'false';
+ break;
+ case 'auth_delete':
+ $editable = $editable && $logged_in_user->isAdmin();
+ $value = 'false';
+ break;
+ default:
+ $value = $user->getConf($key);
+ if ($value===false) $value='';
+ break;
+ }
+
+ return array('value'=>$value,
+ 'post_key'=>$post_key,
+ 'editable'=>$editable);
+ }
+ private static function user_set($uid, $key, $value) {
+ $user = Auth::getObj($uid);
+
+ switch ($key) {
+ case 'auth_uid':
+ return false;
+ break;
+ case 'auth_name':
+ return $user->setName($value);
+ break;
+ case 'auth_user':
+ return $user->setUser($value=='true');
+ break;
+ case 'auth_admin':
+ return $user->setAdmin($value=='true');
+ break;
+ case 'auth_delete':
+ if ($value=='true') return $user->delete();
+ default:
+ return $user->setConf($key, $value);
+ break;
+ }
+ }
+
+ private static function admin_get($plugin, $key) {
+ global $mm; $db = $mm->database();
+ $user = Auth::getObj(Login::isLoggedIn());
+ if ($user->isAdmin()) {
+ $editable = true;
+ switch ($plugin) {
+ case 'system':
+ $value = $db->getSysConf($key);
+ break;
+ default:
+ $value = $db->getPluginConf($plugin, $key);
+ break;
+ }
+ } else {
+ $editable = false;
+ $value = false;
+ }
+
+ return array('value'=>$value,
+ 'post_key'=>'to be implemented',// FIXME
+ 'editable'=>$editable);
+ }
+ private static function admin_set($plugin, $key, $value) {
+ global $mm; $db = $mm->database();
+ $user = Auth::getObj(Login::isLoggedIn());
+ if (!$user->isAdmin()) {
+ return false;
+ }
+ switch ($plugin) {
+ case 'system':
+ return $db->setSysConf($key, $value);
+ default:
+ return $db->setPluginConf($plugin, $key, $value);
+ }
+ }
+}
diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php
index b51aef9..031ee26 100644
--- a/src/models/Auth.class.php
+++ b/src/models/Auth.class.php
@@ -113,7 +113,6 @@ class Auth {
// [user|group]name ////////////////////////////////////////////////////
public function getName() {
- if (!$this->canRead()) return false;
return $this->db->getUsername($this->uid);
}
public function setName($new_name) {
diff --git a/src/views/pages/users/index.html.php b/src/views/pages/users/index.html.php
index 366fb8a..dfeff15 100644
--- a/src/views/pages/users/index.html.php
+++ b/src/views/pages/users/index.html.php
@@ -2,26 +2,47 @@
$t = $VARS['template'];
$attribs = $VARS['attribs'];
$users = $VARS['users'];
+require_once('Login.class.php');
$t->header('Users');
-$t->paragraph($t->link($t->url('users.csv'), "Download this as a spreadsheet."));
+$t->paragraph($t->link($t->url('users.csv'), "Download this as a spreadsheet.", true));
$t->paragraph($t->link($t->url('users/all'), "See details for all users."));
$t->openTag('form', array('action'=>$t->url('users/index'),
'method'=>'post'));
-$t->tag('input', array('type'=>'submit',
- 'value'=>'Save/Update'));
+if (Login::isLoggedIn()) {
+ $t->tag('input', array('type'=>'submit',
+ 'value'=>'Save/Update'));
+}
-$t->openTag('table');
+$t->openTag('table', array('class'=>'sortable', 'id'=>'bar'));
-$t->openTag('tr');
-foreach ($attribs as $attrib) {
- $t->tag('th', array(), $attrib['name']);
+function table_head($attribs, $t) {
+ $t->openTag('tr');
+ foreach ($attribs as $attrib) {
+ switch ($attrib['type']) {
+ case 'bool': $class = 'small'; break;
+ default: $class = ''; break;
+ }
+ $t->tag('th', array('class'=>$class), $attrib['name']);
+ }
+ if (Login::isLoggedIn()) {
+ $t->tag('th', array(), '-');
+ }
+ $t->closeTag('tr');
}
-$t->tag('th');
-$t->closeTag('tr');
+
+$t->openTag('thead');
+table_head($attribs, $t);
+$t->closeTag('thead');
+
+$t->openTag('tfoot');
+table_head($attribs, $t);
+$t->closeTag('tfoot');
+
+$t->openTag('tbody');
foreach ($users as $user) {
$t->openTag('tr');
@@ -30,11 +51,15 @@ foreach ($users as $user) {
$t->openTag('td');
$props = $user[$attrib['key']];
-
- $value = $props['value'];
+
+ $bool = $attrib['type']=='bool';
+ if ($bool) {
+ $value = $props['value']=='true';
+ } else {
+ $value = $props['value'];
+ }
$editable = $props['editable'];
$post_key = $props['post_key'];
- $bool = is_bool($value);
$arr = array('name'=>$post_key);
if (!$editable) {
@@ -49,6 +74,7 @@ foreach ($users as $user) {
$arr['value'] = 'true';
$arr['type'] = 'checkbox';
} else {
+ $t->tag('span', array('class'=>'cell_width'), $value);
$arr['value'] = $value;
$arr['type'] = 'text';
}
@@ -60,24 +86,20 @@ foreach ($users as $user) {
$t->closeTag('td');
}
- $t->openTag('td');
- $t->link($t->url('users/'.$user['auth_name']['value']), 'More');
- $t->closeTag('td');
-
+ if (Login::isLoggedIn()) {
+ $t->openTag('td');
+ $t->link($t->url('users/'.$user['auth_name']['value']), 'More');
+ $t->closeTag('td');
+ }
$t->closeTag('tr');
}
-$t->openTag('tr');
-foreach ($attribs as $attrib) {
- $t->tag('th', array(), $attrib['name']);
-}
-$t->tag('th');
-$t->closeTag('tr');
-
+$t->closeTag('tbody');
$t->closeTag('table');
-$t->tag('input', array('type'=>'submit',
- 'value'=>'Save/Update'));
-$t->closeTag('form');
+if (Login::isLoggedIn()) {
+ $t->tag('input', array('type'=>'submit',
+ 'value'=>'Save/Update'));
+}
$t->footer();
diff --git a/src/views/pages/users/new.html.php b/src/views/pages/users/new.html.php
index 8b6bdf8..9df376f 100644
--- a/src/views/pages/users/new.html.php
+++ b/src/views/pages/users/new.html.php
@@ -7,6 +7,16 @@ $t->openTag('form', array('method'=>'post',
'action'=>$t->url('users')));
$t->openFieldset("New User: Step 1");
+
+if ($VARS['userlist']) {
+ $t->inputP("If you may have already created a username, please, ".
+ "<em>please</em> check the ".
+ $t->link($t->url('users/'), 'user-list', true).
+ " to find your old username, instead of creating a new ".
+ "user. If you don't like the name, you can log in and ".
+ "change it.");
+}
+
if (in_array('illegal name', $VARS['errors'])) {
$t->inputP("That is a forbidden username.", true);
}