From f72b9a7658cea71ee1edf4ae678a2c8043d9e5bf Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Tue, 4 Oct 2011 22:19:45 -0400
Subject: Begin work on safely allowing concurrent edits on data, giving better
 form interface.

---
 src/controllers/Users.class.php | 71 +++++++++++++++--------------------------
 1 file changed, 26 insertions(+), 45 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a5d23fc..b8c9244 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -251,50 +251,31 @@ class Users extends Controller {
 	 */
 	private function update_users() {
 		$attribs = $this->getIndexAttribs();
+		$form = new Form(null, null);
 		foreach ($attribs as $attrib) {
 			$key = $attrib['key'];
 			if (isset($_POST[$key]) && is_array($_POST[$key])) {
 				$old = $_POST['_old'][$key];
 				foreach ($_POST[$key] as $uid => $value) {
-					$doit = true;
-					$forked = false;
-					$have_old = isset($old[$uid]);
-					if ($have_old) {
-						@$value_base = $old[$uid];
-						$we_changed_it = $value_base != $value;
-						if ($we_changed_it) {
-							$user = Auth::getObj($uid);
-							$value_fork = $this->getConf($user,$key);
-							$value_fork = $value_fork['value'];
-							if ($value_fork===false) $value_fork = 'false';
-							if ($value_fork===true)  $value_fork = 'true';
-							
-							$someone_else_changed_it = $value_fork != $value_base;
-							if ($someone_else_changed_it) {
-								if ($value == $value_fork) {
-									// we might as well not have
-									$we_changed_it = false;
-								} else {
-									$forked = true;
-								}
-							}
-						}
-						if (!$we_changed_it) {
-							$doit = false;// nothing to do
-						}
-					}
-					if ($doit) {
-						$this->setConf($uid, $key, $value);
-					}
-					if ($forked) {
+					// FIXME
+					$form->setter = create_function('$k,$v', "return Users::setConf($uid, \$k, \$v)");
+					$form->getter = create_function('$k'   , "return Users::getConf($uid, \$k)");
+					@$value_old = $_POST[$key];
+					$set = $form->updateValue($value, $value_old);
+					if (is_string($set)) {
 						echo "<pre>\n";
-						echo "Error: Value changed elsewhere, and I don't have real handling for this yet.\n";
+						echo "Error: Value changed elsewhere, ".
+							"and I don't have real handling ".
+							"for this yet.\n";
 						echo "UID: $uid\n";
 						echo "Name: ".$user->getName()."\n";
 						echo "Key: $key\n";
-						echo "Value: Original  : "; var_dump($value_base);
-						echo "Value: Other edit: "; var_dump($value_fork);
-						echo "Value: This edit : "; var_dump($value);
+						echo "Value: Original  : ";
+						var_dump($value_base);
+						echo "Value: Other edit: ";
+						var_dump($value_fork);
+						echo "Value: This edit : ";
+						var_dump($value);
 						echo "</pre>";
 					}
 				}
@@ -319,20 +300,20 @@ class Users extends Controller {
 		$vars['users'] = array();
 		$uids = $db->listUsers();
 		foreach ($uids as $uid) {
-			$user = Auth::getObj($uid);
 			$vars['users'][$uid] = array();
 			foreach ($vars['attribs'] as $attrib) {
 				$key = $attrib['key'];
-				$props = $this->getConf($user, $key);
+				$props = $this->getConf($uid, $key);
 				$vars['users'][$uid][$key] = $props;
 			}
 		}
 		$this->showView('users/index', $vars);
 	}
 	
-	private function getConf($user, $key) {
+	public static function getConf($uid, $key) {
+		$user = Auth::getObj($uid);
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		$uid = $user->getUID();
+
 		$post_key = $key."[$uid]";
 		@$value = $_POST[$post_key];
 		$editable = $user->canEdit();
@@ -363,25 +344,25 @@ class Users extends Controller {
 		             'post_key'=>$post_key,
 		             'editable'=>$editable);
 	}
-	private function setConf($uid, $key, $value) {
+	public static function setConf($uid, $key, $value) {
 		// So, this rocks because we don't have to check permissions,
 		// the User object does that.
 		$user = Auth::getObj($uid);
 		
 		switch ($key) {
 		case 'auth_name':
-			$user->setName($value);
+			return $user->setName($value);
 			break;
 		case 'auth_user':
-			$user->setUser($value=='true');
+			return $user->setUser($value=='true');
 			break;
 		case 'auth_admin':
-			$user->setAdmin($value=='true');
+			return $user->setAdmin($value=='true');
 			break;
 		case 'auth_delete':
-			if ($value=='true') $user->delete();
+			if ($value=='true') return $user->delete();
 		default: 
-			$user->setConf($key, $value);
+			return $user->setConf($key, $value);
 			break;
 		}
 	}
-- 
cgit v1.2.3-54-g00ecf


From 2a71bacfc5536279bbc5e238fb6a07c03e85d12d Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Wed, 5 Oct 2011 00:18:51 -0400
Subject: Edit individual.html to allow showing multiple users at once. Add a
 hack to the Users.class controller to show all users for the "all" username. 
 Mark "all" as forbiddent in the Auth.class model.

---
 src/controllers/Users.class.php           | 54 +++++++++++++++++++------------
 src/models/Auth.class.php                 |  6 ++--
 src/views/pages/users/individual.html.php | 12 +++++--
 3 files changed, 46 insertions(+), 26 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 27efbcd..170d25f 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -77,26 +77,34 @@ class Users extends Controller {
 	}
 	
 	public function individual($routed, $remainder) {
-		$username = implode('/', $remainder);
-		
 		global $mm; // also used for pluginmanager
 		$db = $mm->database();
-		$uid = $db->getUID($username);
-		$user = Auth::getObj($uid);
-		
-		if ($user->isGroup()) $uid = false; // ignore groups.
-		
-		if ($uid===false) {
-			$this->http404($routed, $remainder);
+		$pm = $mm->pluginManager();
+
+		$username = implode('/', $remainder);
+		if ($username == 'all') {
+			$uids = $db->listUsers();
 		} else {
+			$uids = array($db->getUID($username));
+		}
+
+		$vars = array();
+		
+		if (count($uids)<2) {
+			$user = Auth::getObj($uid);
+			
+			if ($user->isGroup()) $uid = false; // ignore groups.
+			
+			if ($uid===false) {
+				$this->http404($routed, $remainder);
+				exit();
+			}
 			if (!$user->canRead()) {
 				$this->http401($routed, $remainder);
 				exit();
 			}
 			
-			$vars = array();
 			$method = $_SERVER['REQUEST_METHOD'];
-			
 			switch ($method) {
 			case 'PUT': $_POST = $_PUT;
 			case 'POST':
@@ -106,19 +114,23 @@ class Users extends Controller {
 				}
 				break;
 			}
-			
-			$config_options = array();
-			$mm->pluginManager()->callHook('userConfig', &$config_options);
-			
-			$vars['config_options'] = $config_options;
-			$vars['user'] = $user;
-			$vars['groups'] = $db->listGroupNames();
-			require_once('ContactMethod.class.php');
-			$this->showView('users/individual', $vars);
 		}
+		
+		$config_options = array();
+		$pm->callHook('userConfig', &$config_options);
+
+		$vars['users'] = array();
+		foreach ($uids as $uid) {
+			$vars['users'][] = Auth::getObj($uid);
+		}
+		$vars['username'] = $username;
+		$vars['config_options'] = $config_options;
+		$vars['groups'] = $db->listGroupNames();
+		require_once('ContactMethod.class.php');
+		$this->showView('users/individual', $vars);
 	}
 	
-	public function http404($routed, $rnemainder) {
+	public function http404($routed, $remainder) {
 		$username = implode('/', $remainder);
 		$this->showView('users/404',
 		                array('username'=>$username));
diff --git a/src/models/Auth.class.php b/src/models/Auth.class.php
index 25570bf..b51aef9 100644
--- a/src/models/Auth.class.php
+++ b/src/models/Auth.class.php
@@ -26,12 +26,12 @@ class Auth {
 		// Current rules:
 		// * Not in "$illegal_names"
 		// * Does not contain '.'
-		// * Less <256 characters
-		$illegal_names = array('', 'new', 'index');
+		// * Fewer than 256 characters
+		$illegal_names = array('', 'new', 'index', 'all');
 		return true
 			&& (!in_array($name, $illegal_names))
 			&& (strpos($name,'.')===false)
-			&& (strlen($name)<=256);
+			&& (strlen($name)<256);
 	}
 	
 	protected $db = null;
diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php
index c630515..39360b7 100644
--- a/src/views/pages/users/individual.html.php
+++ b/src/views/pages/users/individual.html.php
@@ -1,6 +1,7 @@
 <?php global $VARS, $CONTACT_METHODS;
 $t = $VARS['template'];
-$user = $VARS['user'];
+$users = $VARS['users'];
+$username = $VARS['username'];
 
 function inputText($user, $key, $label, $hint='') {
 	global $VARS; $t = $VARS['template'];
@@ -56,8 +57,14 @@ function inputField($user, $arr) {
 
 ////////////////////////////////////////////////////////////////////////////////
 
+if (count($users)>1) {
+	$t->header("Users: $username");
+} else {
+	$t->header("User: $username");
+}
+
+foreach($users as $user) {
 $username = $user->getName();
-$t->header("User: $username");
 
 $t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User <q>$username</q> (UID: ".$user->getUID().")");
 
@@ -136,4 +143,5 @@ if ($user->canEdit()) {
 	$t->tag('input', array('type'=>'submit', 'value'=>'Save'));
 }
 $t->closeTag('form');
+}
 $t->footer();
-- 
cgit v1.2.3-54-g00ecf


From e99a2ea7e361fdc5bab219bea6d9b967b5df486c Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 00:51:28 -0400
Subject: Add auth_uid as a parameter for forms in the Users controller.

---
 src/controllers/Users.class.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 170d25f..a4403e3 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -359,6 +359,10 @@ class Users extends Controller {
 		$editable = $user->canEdit();
 		
 		switch ($key) {
+		case 'auth_uid':
+			$value = $user->getUID();
+			$editable = false;
+			break;
 		case 'auth_name':
 			$value = $user->getName();
 			break;
@@ -390,6 +394,8 @@ class Users extends Controller {
 		$user = Auth::getObj($uid);
 		
 		switch ($key) {
+		case 'auth_uid':
+			break;
 		case 'auth_name':
 			$user->setName($value);
 			break;
-- 
cgit v1.2.3-54-g00ecf


From 89c35c47f375d5b45e1e219327600b5bba5569f1 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 03:15:03 -0400
Subject: Begin adding a userlist visable to non-authenticated users.

---
 src/controllers/Users.class.php | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a4403e3..f7dc604 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -417,18 +417,27 @@ class Users extends Controller {
 		return array('key'=>$key, 'name'=>$name);
 	}
 	private function getIndexAttribs() {
+		$user = Auth::getObj(Login::isLoggedIn());
+		
 		$attribs = array();
-		$attribs[] = $this->attrib('auth_user', 'Active');
-		if (Auth::getObj(Login::isLoggedIn())->isAdmin()) {
-			$attribs[] = $this->attrib('auth_admin', 'Admin');
-			$attribs[] = $this->attrib('auth_delete', 'Delete');
+		if ($user->isUser()) {
+			$attribs[] = $this->attrib('auth_uid', 'UID');
+			$attribs[] = $this->attrib('auth_user', 'Active');
+			if ($user->isAdmin()) {
+				$attribs[] = $this->attrib('auth_admin', 'Admin');
+				$attribs[] = $this->attrib('auth_delete', 'Delete');
+			}
+			$attribs[] = $this->attrib('lastname','Last');
+			$attribs[] = $this->attrib('firstname','First');
+			$attribs[] = $this->attrib('hsclass','Class of');
+			$attribs[] = $this->attrib('phone','Phone number');
+			$attribs[] = $this->attrib('email','Email');
+		} else {
+			$attribs[] = $this->attrib('auth_uid', 'UID');
+			$attribs[] = $this->attrib('lastname','Last');
+			$attribs[] = $this->attrib('firstname','First');
+			$attribs[] = $this->attrib('auth_name', 'Username');
 		}
-		$attribs[] = $this->attrib('lastname','Last');
-		$attribs[] = $this->attrib('firstname','First');
-		$attribs[] = $this->attrib('hsclass','Class of');
-		$attribs[] = $this->attrib('phone','Phone number');
-		$attribs[] = $this->attrib('email','Email');
-		$attribs[] = $this->attrib('auth_name', 'Username');
 		return $attribs;
 	}
 	
-- 
cgit v1.2.3-54-g00ecf


From 0fd0403876aacecfde74fca0641530875f09200f Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 03:25:12 -0400
Subject: Move Users->[gs]etConf into a new DB.class.php, add in some wrappers
 for equivalent stuff with plugin and system config.

---
 src/controllers/Users.class.php |  73 ++--------------------
 src/lib/DB.class.php            | 131 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 136 insertions(+), 68 deletions(-)
 create mode 100644 src/lib/DB.class.php

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index a4403e3..54e4675 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -1,6 +1,7 @@
 <?php
 require_once('Login.class.php');
 require_once('Auth.class.php');
+require_once('DB.class.php');
 
 Router::register('users/new'  , 'Users', 'new_user');
 Router::register('users/index', 'Users', 'index_file');
@@ -188,7 +189,7 @@ class Users extends Controller {
 				$this->showView('users/500');
 			} else {
 				Login::login($username, $password);
-				$this->setConf($uid, 'email', $vars['email']);
+				DB::set('users', $uid, 'email', $vars['email']);
 				$this->showView('users/created',
 				                array('username'=>$username));
 			}
@@ -284,8 +285,7 @@ class Users extends Controller {
 						@$value_base = $old[$uid];
 						$we_changed_it = $value_base != $value;
 						if ($we_changed_it) {
-							$user = Auth::getObj($uid);
-							$value_fork = $this->getConf($user,$key);
+							$value_fork = DB::get('users', $uid, $key);
 							$value_fork = $value_fork['value'];
 							if ($value_fork===false) $value_fork = 'false';
 							if ($value_fork===true)  $value_fork = 'true';
@@ -305,7 +305,7 @@ class Users extends Controller {
 						}
 					}
 					if ($doit) {
-						$this->setConf($uid, $key, $value);
+						DB::set('users', $uid, $key, $value);
 					}
 					if ($forked) {
 						echo "<pre>\n";
@@ -340,79 +340,16 @@ class Users extends Controller {
 		$vars['users'] = array();
 		$uids = $db->listUsers();
 		foreach ($uids as $uid) {
-			$user = Auth::getObj($uid);
 			$vars['users'][$uid] = array();
 			foreach ($vars['attribs'] as $attrib) {
 				$key = $attrib['key'];
-				$props = $this->getConf($user, $key);
+				$props = DB::get('users', $uid, $key);
 				$vars['users'][$uid][$key] = $props;
 			}
 		}
 		$this->showView('users/index', $vars);
 	}
-	
-	private function getConf($user, $key) {
-		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		$uid = $user->getUID();
-		$post_key = $key."[$uid]";
-		@$value = $_POST[$post_key];
-		$editable = $user->canEdit();
-		
-		switch ($key) {
-		case 'auth_uid':
-			$value = $user->getUID();
-			$editable = false;
-			break;
-		case 'auth_name':
-			$value = $user->getName();
-			break;
-		case 'auth_user':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = $user->isUser();
-			break;
-		case 'auth_admin':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = $user->isAdmin();
-			break;
-		case 'auth_delete':
-			$editable = $editable && $logged_in_user->isAdmin();
-			$value = false;
-			break;
-		default:
-			$value = $user->getConf($key);
-			if ($value===false) $value='';
-			break;
-		}
 		
-		return array('value'=>$value,
-		             'post_key'=>$post_key,
-		             'editable'=>$editable);
-	}
-	private function setConf($uid, $key, $value) {
-		// So, this rocks because we don't have to check permissions,
-		// the User object does that.
-		$user = Auth::getObj($uid);
-		
-		switch ($key) {
-		case 'auth_uid':
-			break;
-		case 'auth_name':
-			$user->setName($value);
-			break;
-		case 'auth_user':
-			$user->setUser($value=='true');
-			break;
-		case 'auth_admin':
-			$user->setAdmin($value=='true');
-			break;
-		case 'auth_delete':
-			if ($value=='true') $user->delete();
-		default: 
-			$user->setConf($key, $value);
-			break;
-		}
-	}
-	
 	function attrib($key, $name) {
 		return array('key'=>$key, 'name'=>$name);
 	}
diff --git a/src/lib/DB.class.php b/src/lib/DB.class.php
new file mode 100644
index 0000000..9f14161
--- /dev/null
+++ b/src/lib/DB.class.php
@@ -0,0 +1,131 @@
+<?php
+
+require_once('Auth.class.php');
+require_once('Login.class.php');
+
+class DB {
+	public static function get($table, $unit, $key) {
+		switch ($table) {
+		case 'conf':
+		case 'plugins':
+			return self::admin_get($unit, $key);
+			break;
+		case 'users':
+			return self::user_get($unit, $key);
+			break;
+		default:
+			return false;
+		}
+	}
+	public static function set($table, $unit, $key, $value) {
+		switch ($table) {
+		case 'conf':
+		case 'plugins':
+			return self::admin_get($unit, $key, $value);
+			break;
+		case 'users':
+			return self::user_set($unit, $key, $value);
+			break;
+		default:
+			return false;
+		}
+	}
+	
+	private static function user_get($uid, $key) {
+		$user = Auth::getObj($uid);
+		$logged_in_user = Auth::getObj(Login::isLoggedIn());
+		
+		$post_key = $key."[$uid]";
+		@$value = $_POST[$post_key];
+		$editable = $user->canEdit();
+		
+		switch ($key) {
+		case 'auth_uid':
+			$value = $user->getUID();
+			$editable = false;
+			break;
+		case 'auth_name':
+			$value = $user->getName();
+			break;
+		case 'auth_user':
+			$editable = $editable && $logged_in_user->isAdmin();
+			$value = $user->isUser();
+			break;
+		case 'auth_admin':
+			$editable = $editable && $logged_in_user->isAdmin();
+			$value = $user->isAdmin();
+			break;
+		case 'auth_delete':
+			$editable = $editable && $logged_in_user->isAdmin();
+			$value = false;
+			break;
+		default:
+			$value = $user->getConf($key);
+			if ($value===false) $value='';
+			break;
+		}
+		
+		return array('value'=>$value,
+		             'post_key'=>$post_key,
+		             'editable'=>$editable);
+	}
+	private static function user_set($uid, $key, $value) {
+		$user = Auth::getObj($uid);
+		
+		switch ($key) {
+		case 'auth_uid':
+			return false;
+			break;
+		case 'auth_name':
+			return $user->setName($value);
+			break;
+		case 'auth_user':
+			return $user->setUser($value=='true');
+			break;
+		case 'auth_admin':
+			return $user->setAdmin($value=='true');
+			break;
+		case 'auth_delete':
+			if ($value=='true') return $user->delete();
+		default: 
+			return $user->setConf($key, $value);
+			break;
+		}
+	}
+	
+	private static function admin_get($plugin, $key) {
+		global $mm; $db = $mm->database();
+		$user = Auth::getObj(Login::isLoggedIn());
+		if ($user->isAdmin()) {
+			$editable = true;
+			switch ($plugin) {
+			case 'system':
+				$value = $db->getSysConf($key);
+				break;
+			default:
+				$value =  $db->getPluginConf($plugin, $key);
+				break;
+			}
+		} else {
+			$editable = false;
+			$value = false;
+		}
+		
+		return array('value'=>$value,
+		             'post_key'=>'to be implemented',// FIXME
+		             'editable'=>$editable);
+	}
+	private static function admin_set($plugin, $key, $value) {
+		global $mm; $db = $mm->database();
+		$user = Auth::getObj(Login::isLoggedIn());
+		if (!$user->isAdmin()) {
+			return false;
+		}
+		switch ($plugin) {
+		case 'system':
+			return $db->setSysConf($key, $value);
+		default:
+			return $db->setPluginConf($plugin, $key, $value);
+		}
+	}
+}
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf


From 7e91c2872778407172fa42208be1aa7e466b97e3 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 14:17:09 -0400
Subject: Don't show full name to anon users, comment out security check for
 index.

---
 src/controllers/Users.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index f7dc604..c69701f 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -329,11 +329,13 @@ class Users extends Controller {
 	private function show_index($routed, $remainder) {
 		global $mm; $db = $mm->database();
 		
+		/*
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
 		if (!$logged_in_user->isUser()) {
 			$this->http401($routed, $remainder);
 			exit();
 		}
+		*/
 		
 		$vars = array();
 		$vars['attribs'] = $this->getIndexAttribs();
@@ -434,8 +436,6 @@ class Users extends Controller {
 			$attribs[] = $this->attrib('email','Email');
 		} else {
 			$attribs[] = $this->attrib('auth_uid', 'UID');
-			$attribs[] = $this->attrib('lastname','Last');
-			$attribs[] = $this->attrib('firstname','First');
 			$attribs[] = $this->attrib('auth_name', 'Username');
 		}
 		return $attribs;
-- 
cgit v1.2.3-54-g00ecf


From 01003f1761631394360697530d3418c1acaf1cd9 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 14:57:49 -0400
Subject: Add the system config option 'anon_userlist' to control if an
 anonymous userlist is visible or not.

---
 src/controllers/Users.class.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 24bb8aa..ac6b06a 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -308,13 +308,12 @@ class Users extends Controller {
 	private function show_index($routed, $remainder) {
 		global $mm; $db = $mm->database();
 		
-		/*
 		$logged_in_user = Auth::getObj(Login::isLoggedIn());
-		if (!$logged_in_user->isUser()) {
+		$anon_userlist = $db->getSysConf('anon_userlist')=='true';
+		if (!$anon_userlist && !$logged_in_user->isUser()) {
 			$this->http401($routed, $remainder);
 			exit();
 		}
-		*/
 		
 		$vars = array();
 		$vars['attribs'] = $this->getIndexAttribs();
-- 
cgit v1.2.3-54-g00ecf


From 2e769649abf4f9b3712287e24eb42c5a93a8035e Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 9 Oct 2011 15:41:59 -0400
Subject: Link to the userlist from the user registration page, if
 anon_userlist is enabled.

---
 src/controllers/Users.class.php    |  7 ++++++-
 src/views/pages/users/new.html.php | 10 ++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

(limited to 'src/controllers/Users.class.php')

diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index ac6b06a..dbd5120 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -72,8 +72,13 @@ class Users extends Controller {
 			exit();
 		}
 		if (!isset($vars['errors'])) $vars['errors'] = array();
-		global $mm; $pm = $mm->pluginManager();
+		
+		global $mm;
+		$pm = $mm->pluginManager();
+		$db = $mm->database();
+		
 		$vars['antispam_html'] = $pm->callHook('antispam_html');
+		$vars['userlist'] = $db->getSysConf('anon_userlist');
 		$this->showView('users/new', $vars);
 	}
 	
diff --git a/src/views/pages/users/new.html.php b/src/views/pages/users/new.html.php
index 8b6bdf8..9df376f 100644
--- a/src/views/pages/users/new.html.php
+++ b/src/views/pages/users/new.html.php
@@ -7,6 +7,16 @@ $t->openTag('form', array('method'=>'post',
                           'action'=>$t->url('users')));
 
 $t->openFieldset("New User: Step 1");
+
+if ($VARS['userlist']) {
+	$t->inputP("If you may have already created a username, please, ".
+	           "<em>please</em> check the ".
+	           $t->link($t->url('users/'), 'user-list', true).
+	           " to find your old username, instead of creating a new ".
+	           "user. If you don't like the name, you can log in and ".
+	           "change it.");
+}
+
 if (in_array('illegal name', $VARS['errors'])) {
 	$t->inputP("That is a forbidden username.", true);
 }
-- 
cgit v1.2.3-54-g00ecf