From f72b9a7658cea71ee1edf4ae678a2c8043d9e5bf Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Tue, 4 Oct 2011 22:19:45 -0400
Subject: Begin work on safely allowing concurrent edits on data, giving better
 form interface.

---
 src/controllers/Users.class.php | 71 +++++++++++++++--------------------------
 1 file changed, 26 insertions(+), 45 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a5d23fc..b8c9244 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -251,50 +251,31 @@ class Users extends Controller {
 	 */
 	private function update_users() {
 		$attribs = $this->getIndexAttribs();
+		$form = new Form(null, null);
 		foreach ($attribs as $attrib) {
 			$key = $attrib['key'];
 			if (isset($_POST[$key]) && is_array($_POST[$key])) {
 				$old = $_POST['_old'][$key];
 				foreach ($_POST[$key] as $uid => $value) {
-					$doit = true;
-					$forked = false;
-					$have_old = isset($old[$uid]);
-					if ($have_old) {
-						@$value_base = $old[$uid];
-						$we_changed_it = $value_base != $value;
-						if ($we_changed_it) {
-							$user = Auth::getObj($uid);
-							$value_fork = $this->getConf($user,$key);
-							$value_fork = $value_fork['value'];
-							if ($value_fork===false) $value_fork = 'false';
-							if ($value_fork===true)  $value_fork = 'true';
-							
-							$someone_else_changed_it = $value_fork != $value_base;
-							if ($someone_else_changed_it) {
-								if ($value == $value_fork) {
-									// we might as well not have
-									$we_changed_it = false;
-								} else {
-									$forked = true;
-								}
-							}
-						}
-						if (!$we_changed_it) {
-							$doit = false;// nothing to do
-						}
-					}
-					if ($doit) {
-						$this->setConf($uid, $key, $value);
-					}
-					if ($forked) {
+					// FIXME
+					$form->setter = create_function('$k,$v', "return Users::setConf($uid, \$k, \$v)");
+					$form->getter = create_function('$k'   , "return Users::getConf($uid, \$k)");
+					@$value_old = $_POST[$key];
+					$set = $form->updateValue($value, $value_old);
+					if (is_string($set)) {
 						echo "<pre>\n";
-						echo "Error: Value changed elsewhere, and I don't have real handling for this yet.\n";
+						echo "Error: Value changed elsewhere, ".
+							"and I don't have real handling ".
+							"for this yet.\n";
 						echo "UID: $uid\n";
 						echo "Name: ".$user->getName()."\n";
 						echo "Key: $key\n";
-						echo "Value: Original  : "; var_dump($value_base);
-						echo "Value: Other edit: "; var_dump($value_fork);
-						echo "Value: This edit : "; var_dump($value);
+						echo "Value: Original  : ";
+						var_dump($value_base);
+						echo "Value: Other edit: ";
+						var_dump($value_fork);
+						echo "Value: This edit : ";
+						var_dump($value);
 						echo "</pre>";
 					}
 				}
@@ -319,20 +300,20 @@ class Users extends Controller {
 		$vars['users'] = array();
 		$uids = $db->listUsers();
 		foreach ($uids as $uid) {
-			$user = Auth::getObj($uid);
 			$vars['users'][$uid] = array();
 			foreach ($vars['attribs'] as $attrib) {
 				$key = $attrib['key'];
-				$props = $this->getConf($user, $key);
+				$props = $this->getConf($uid, $key);
 				$vars['users'][$uid][$key] = $props;
 			}
 		}
 		$this->showView('users/index', $vars);
 	}
 	
-	private function getConf($user, $key) {
+	public static function getConf($uid, $key) {
+		$user = Auth::getObj($uid);
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		$uid = $user->getUID();
+
 		$post_key = $key."[$uid]";
 		@$value = $_POST[$post_key];
 		$editable = $user->canEdit();
@@ -363,25 +344,25 @@ class Users extends Controller {
 		             'post_key'=>$post_key,
 		             'editable'=>$editable);
 	}
-	private function setConf($uid, $key, $value) {
+	public static function setConf($uid, $key, $value) {
 		// So, this rocks because we don't have to check permissions,
 		// the User object does that.
 		$user = Auth::getObj($uid);
 		
 		switch ($key) {
 		case 'auth_name':
-			$user->setName($value);
+			return $user->setName($value);
 			break;
 		case 'auth_user':
-			$user->setUser($value=='true');
+			return $user->setUser($value=='true');
 			break;
 		case 'auth_admin':
-			$user->setAdmin($value=='true');
+			return $user->setAdmin($value=='true');
 			break;
 		case 'auth_delete':
-			if ($value=='true') $user->delete();
+			if ($value=='true') return $user->delete();
 		default: 
-			$user->setConf($key, $value);
+			return $user->setConf($key, $value);
 			break;
 		}
 	}
-- 
cgit v1.2.3


From 89c35c47f375d5b45e1e219327600b5bba5569f1 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 03:15:03 -0400
Subject: Begin adding a userlist visable to non-authenticated users.

---
 src/controllers/Users.class.php | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a4403e3..f7dc604 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -417,18 +417,27 @@ class Users extends Controller {
 		return array('key'=>$key, 'name'=>$name);
 	}
 	private function getIndexAttribs() {
+		$user = Auth::getObj(Login::isLoggedIn());
+		
 		$attribs = array();
-		$attribs[] = $this->attrib('auth_user', 'Active');
-		if (Auth::getObj(Login::isLoggedIn())->isAdmin()) {
-			$attribs[] = $this->attrib('auth_admin', 'Admin');
-			$attribs[] = $this->attrib('auth_delete', 'Delete');
+		if ($user->isUser()) {
+			$attribs[] = $this->attrib('auth_uid', 'UID');
+			$attribs[] = $this->attrib('auth_user', 'Active');
+			if ($user->isAdmin()) {
+				$attribs[] = $this->attrib('auth_admin', 'Admin');
+				$attribs[] = $this->attrib('auth_delete', 'Delete');
+			}
+			$attribs[] = $this->attrib('lastname','Last');
+			$attribs[] = $this->attrib('firstname','First');
+			$attribs[] = $this->attrib('hsclass','Class of');
+			$attribs[] = $this->attrib('phone','Phone number');
+			$attribs[] = $this->attrib('email','Email');
+		} else {
+			$attribs[] = $this->attrib('auth_uid', 'UID');
+			$attribs[] = $this->attrib('lastname','Last');
+			$attribs[] = $this->attrib('firstname','First');
+			$attribs[] = $this->attrib('auth_name', 'Username');
 		}
-		$attribs[] = $this->attrib('lastname','Last');
-		$attribs[] = $this->attrib('firstname','First');
-		$attribs[] = $this->attrib('hsclass','Class of');
-		$attribs[] = $this->attrib('phone','Phone number');
-		$attribs[] = $this->attrib('email','Email');
-		$attribs[] = $this->attrib('auth_name', 'Username');
 		return $attribs;
 	}
 	
-- 
cgit v1.2.3


From 7e91c2872778407172fa42208be1aa7e466b97e3 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 14:17:09 -0400
Subject: Don't show full name to anon users, comment out security check for
 index.

---
 src/controllers/Users.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index f7dc604..c69701f 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -329,11 +329,13 @@ class Users extends Controller {
 	private function show_index($routed, $remainder) {
 		global $mm; $db = $mm->database();
 		
+		/*
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
 		if (!$logged_in_user->isUser()) {
 			$this->http401($routed, $remainder);
 			exit();
 		}
+		*/
 		
 		$vars = array();
 		$vars['attribs'] = $this->getIndexAttribs();
@@ -434,8 +436,6 @@ class Users extends Controller {
 			$attribs[] = $this->attrib('email','Email');
 		} else {
 			$attribs[] = $this->attrib('auth_uid', 'UID');
-			$attribs[] = $this->attrib('lastname','Last');
-			$attribs[] = $this->attrib('firstname','First');
 			$attribs[] = $this->attrib('auth_name', 'Username');
 		}
 		return $attribs;
-- 
cgit v1.2.3


From 01003f1761631394360697530d3418c1acaf1cd9 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 14:57:49 -0400
Subject: Add the system config option 'anon_userlist' to control if an
 anonymous userlist is visible or not.

---
 src/controllers/Users.class.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 24bb8aa..ac6b06a 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -308,13 +308,12 @@ class Users extends Controller {
 	private function show_index($routed, $remainder) {
 		global $mm; $db = $mm->database();
 		
-		/*
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		if (!$logged_in_user->isUser()) {
+		$anon_userlist = $db->getSysConf('anon_userlist')=='true';
+		if (!$anon_userlist && !$logged_in_user->isUser()) {
 			$this->http401($routed, $remainder);
 			exit();
 		}
-		*/
 		
 		$vars = array();
 		$vars['attribs'] = $this->getIndexAttribs();
-- 
cgit v1.2.3


From 2e769649abf4f9b3712287e24eb42c5a93a8035e Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 15:41:59 -0400
Subject: Link to the userlist from the user registration page, if
 anon_userlist is enabled.

---
 src/controllers/Users.class.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index ac6b06a..dbd5120 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -72,8 +72,13 @@ class Users extends Controller {
 			exit();
 		}
 		if (!isset($vars['errors'])) $vars['errors'] = array();
-		global $mm; $pm = $mm->pluginManager();
+		
+		global $mm;
+		$pm = $mm->pluginManager();
+		$db = $mm->database();
+		
 		$vars['antispam_html'] = $pm->callHook('antispam_html');
+		$vars['userlist'] = $db->getSysConf('anon_userlist');
 		$this->showView('users/new', $vars);
 	}
 	
-- 
cgit v1.2.3