root / nephthys_users.php
View | Annotate | Download (9.7 KB)
| 1 | <?php
|
|---|---|
| 2 | |
| 3 | /***************************************************************************
|
| 4 | * |
| 5 | * Nephthys - file sharing management |
| 6 | * Copyright (c) by Andreas Unterkircher, unki@netshadow.at |
| 7 | * |
| 8 | * This file is part of Nephthys. |
| 9 | * |
| 10 | * Nephthys is free software: you can redistribute it and/or modify |
| 11 | * it under the terms of the GNU General Public License as published by |
| 12 | * the Free Software Foundation, either version 3 of the License, or |
| 13 | * (at your option) any later version. |
| 14 | * |
| 15 | * Nephthys is distributed in the hope that it will be useful, |
| 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 18 | * GNU General Public License for more details. |
| 19 | * |
| 20 | * You should have received a copy of the GNU General Public License |
| 21 | * along with Nephthys. If not, see <http://www.gnu.org/licenses/>. |
| 22 | * |
| 23 | ***************************************************************************/ |
| 24 | |
| 25 | class NEPHTHYS_USERS {
|
| 26 | |
| 27 | private $db;
|
| 28 | private $parent;
|
| 29 | private $tmpl;
|
| 30 | |
| 31 | /**
|
| 32 | * NEPHTHYS_USERS constructor |
| 33 | * |
| 34 | * Initialize the NEPHTHYS_USERS class |
| 35 | */ |
| 36 | public function __construct() |
| 37 | {
|
| 38 | global $nephthys;
|
| 39 | $this->parent =& $nephthys;
|
| 40 | $this->db =& $nephthys->db;
|
| 41 | $this->tmpl =& $nephthys->tmpl;
|
| 42 | |
| 43 | } // __construct()
|
| 44 | |
| 45 | /* interface output */
|
| 46 | public function show() |
| 47 | {
|
| 48 | if(!$this->parent->is_logged_in() || $this->parent->check_privileges('user')) { |
| 49 | print $this->parent->_("##NOT_ALLOWED##"); |
| 50 | return 0; |
| 51 | } |
| 52 | |
| 53 | if(!isset($_GET['mode'])) |
| 54 | $_GET['mode'] = "show"; |
| 55 | if(!isset($_GET['idx']) || |
| 56 | (isset($_GET['idx']) && !is_numeric($_GET['idx']))) |
| 57 | $_GET['idx'] = 0; |
| 58 | |
| 59 | switch($_GET['mode']) { |
| 60 | default:
|
| 61 | case 'show': |
| 62 | return $this->showList(); |
| 63 | break;
|
| 64 | case 'new': |
| 65 | case 'edit': |
| 66 | return $this->showEdit($_GET['idx']); |
| 67 | break;
|
| 68 | } |
| 69 | |
| 70 | } // show()
|
| 71 | |
| 72 | private function showList() |
| 73 | {
|
| 74 | $this->avail_users = Array();
|
| 75 | $this->users = Array();
|
| 76 | |
| 77 | $cnt_users = 0;
|
| 78 | |
| 79 | $res_users = $this->db->db_query(" |
| 80 | SELECT |
| 81 | * |
| 82 | FROM |
| 83 | nephthys_users |
| 84 | ORDER BY |
| 85 | ". $_SESSION['sort_order']['users']['column'] ." ". $_SESSION['sort_order']['users']['order'] |
| 86 | ); |
| 87 | |
| 88 | while($user = $res_users->fetchrow()) {
|
| 89 | $this->avail_users[$cnt_users] = $user->user_idx;
|
| 90 | $this->users[$user->user_idx] = $user;
|
| 91 | $cnt_users++; |
| 92 | } |
| 93 | |
| 94 | $this->tmpl->register_block("user_list", array(&$this, "smarty_user_list")); |
| 95 | return $this->tmpl->fetch("users_list.tpl"); |
| 96 | |
| 97 | } // showList()
|
| 98 | |
| 99 | /**
|
| 100 | * display interface to create or edit users |
| 101 | */ |
| 102 | private function showEdit($idx) |
| 103 | {
|
| 104 | /* If authentication is enabled, check permissions */
|
| 105 | if(!$this->parent->is_logged_in() || $this->parent->check_privileges('user')) { |
| 106 | print $this->parent->_("##NOT_ALLOWED##"); |
| 107 | return 0; |
| 108 | } |
| 109 | |
| 110 | if($idx != 0) { |
| 111 | $user = $this->db->db_fetchSingleRow(" |
| 112 | SELECT * |
| 113 | FROM nephthys_users |
| 114 | WHERE |
| 115 | user_idx='". $idx ."' |
| 116 | ");
|
| 117 | |
| 118 | $this->tmpl->assign('user_idx', $idx); |
| 119 | $this->tmpl->assign('user_name', $user->user_name); |
| 120 | $this->tmpl->assign('user_full_name', $user->user_full_name); |
| 121 | $this->tmpl->assign('user_email', $user->user_email); |
| 122 | $this->tmpl->assign('user_priv', $user->user_priv); |
| 123 | $this->tmpl->assign('user_priv_expire', $user->user_priv_expire); |
| 124 | $this->tmpl->assign('user_deny_chpwd', $user->user_deny_chpwd); |
| 125 | $this->tmpl->assign('user_language', $user->user_language); |
| 126 | $this->tmpl->assign('user_active', $user->user_active); |
| 127 | $this->tmpl->assign('user_default_expire', $user->user_default_expire); |
| 128 | |
| 129 | } |
| 130 | else {
|
| 131 | $this->tmpl->assign('user_active', 'Y'); |
| 132 | } |
| 133 | |
| 134 | return $this->tmpl->fetch("users_edit.tpl"); |
| 135 | |
| 136 | } // showEdit()
|
| 137 | |
| 138 | /**
|
| 139 | * store user values |
| 140 | */ |
| 141 | public function store() |
| 142 | {
|
| 143 | if(!$this->parent->is_logged_in() || $this->parent->check_privileges('user')) { |
| 144 | return $this->parent->_("##NOT_ALLOWED##"); |
| 145 | } |
| 146 | |
| 147 | isset($_POST['user_new']) && $_POST['user_new'] == 1 ? $new = 1 : $new = NULL; |
| 148 | |
| 149 | if(!isset($_POST['user_name']) || $_POST['user_name'] == "") { |
| 150 | return $this->parent->_("##FAILURE_ENTER_USERNAME##"); |
| 151 | } |
| 152 | if(isset($new) && $this->parent->check_user_exists($_POST['user_name'])) { |
| 153 | return $this->parent->_("##FAILURE_USER_NOT_EXISTS##"); |
| 154 | } |
| 155 | if($_POST['user_pass1'] == "") { |
| 156 | return $this->parent->_("##FAILURE_EMPTY_PASSWORD##"); |
| 157 | } |
| 158 | if($_POST['user_pass1'] != $_POST['user_pass2']) { |
| 159 | return $this->parent->_("##FAILURE_PASSWORD_NOT_MATCH##"); |
| 160 | } |
| 161 | if(!isset($_POST['user_email']) || $_POST['user_email'] == "") { |
| 162 | return $this->parent->_("##FAILURE_ENTER_EMAIL##"); |
| 163 | } |
| 164 | if(!$this->parent->validate_email($_POST['user_email'])) { |
| 165 | return $this->parent->_("##FAILURE_ENTER_VALID_EMAIL##"); |
| 166 | } |
| 167 | |
| 168 | if(isset($new)) { |
| 169 | |
| 170 | $sth = $this->db->db_prepare(" |
| 171 | INSERT INTO nephthys_users ( |
| 172 | user_idx, user_name, user_full_name, user_pass, |
| 173 | user_email, user_priv, user_priv_expire, user_deny_chpwd, |
| 174 | user_language, user_active, user_default_expire |
| 175 | ) VALUES ( |
| 176 | NULL, ?, ?, ?, |
| 177 | ?, ?, ?, ?, ?, ?, ? |
| 178 | ) |
| 179 | ");
|
| 180 | |
| 181 | $this->db->db_execute($sth, array( |
| 182 | $_POST['user_name'],
|
| 183 | $_POST['user_full_name'],
|
| 184 | sha1($_POST['user_pass1']),
|
| 185 | $_POST['user_email'],
|
| 186 | $_POST['user_priv'],
|
| 187 | $_POST['user_priv_expire'],
|
| 188 | $_POST['user_deny_chpwd'],
|
| 189 | $_POST['user_language'],
|
| 190 | $_POST['user_active'],
|
| 191 | $_POST['user_default_expire'],
|
| 192 | )); |
| 193 | |
| 194 | } |
| 195 | else {
|
| 196 | |
| 197 | $sth = $this->db->db_prepare(" |
| 198 | UPDATE nephthys_users |
| 199 | SET |
| 200 | user_name=?, |
| 201 | user_full_name=?, |
| 202 | user_email=?, |
| 203 | user_priv=?, |
| 204 | user_priv_expire=?, |
| 205 | user_deny_chpwd=?, |
| 206 | user_language=?, |
| 207 | user_active=?, |
| 208 | user_default_expire=? |
| 209 | WHERE |
| 210 | user_idx=? |
| 211 | ");
|
| 212 | |
| 213 | $this->db->db_execute($sth, array( |
| 214 | $_POST['user_name'],
|
| 215 | $_POST['user_full_name'],
|
| 216 | $_POST['user_email'],
|
| 217 | $_POST['user_priv'],
|
| 218 | $_POST['user_priv_expire'],
|
| 219 | $_POST['user_deny_chpwd'],
|
| 220 | $_POST['user_language'],
|
| 221 | $_POST['user_active'],
|
| 222 | $_POST['user_default_expire'],
|
| 223 | $_POST['user_idx'],
|
| 224 | )); |
| 225 | |
| 226 | if($_POST['user_pass1'] != " nochangeMS ") { |
| 227 | |
| 228 | $sth = $this->db->db_prepare(" |
| 229 | UPDATE nephthys_users |
| 230 | SET |
| 231 | user_pass=? |
| 232 | WHERE |
| 233 | user_idx=? |
| 234 | ");
|
| 235 | |
| 236 | $this->db->db_execute($sth, array( |
| 237 | sha1($_POST['user_pass1']),
|
| 238 | $_POST['user_idx'],
|
| 239 | )); |
| 240 | |
| 241 | } |
| 242 | } |
| 243 | |
| 244 | return "ok"; |
| 245 | |
| 246 | } // store()
|
| 247 | |
| 248 | /**
|
| 249 | * delete user |
| 250 | */ |
| 251 | public function delete() |
| 252 | {
|
| 253 | if(!$this->parent->is_logged_in() || $this->parent->check_privileges('user')) { |
| 254 | return $this->parent->_("##NOT_ALLOWED##"); |
| 255 | } |
| 256 | |
| 257 | if(isset($_POST['idx']) && is_numeric($_POST['idx'])) { |
| 258 | $idx = $_POST['idx'];
|
| 259 | |
| 260 | $this->db->db_query(" |
| 261 | DELETE FROM nephthys_users |
| 262 | WHERE |
| 263 | user_idx='". $idx ."' |
| 264 | ");
|
| 265 | |
| 266 | return "ok"; |
| 267 | } |
| 268 | |
| 269 | return "unkown error"; |
| 270 | |
| 271 | } // delete()
|
| 272 | |
| 273 | /**
|
| 274 | * toggle user active/inactive |
| 275 | */ |
| 276 | public function toggleStatus() |
| 277 | {
|
| 278 | if(!$this->parent->is_logged_in() || $this->parent->check_privileges('user')) { |
| 279 | return $this->parent->_("##NOT_ALLOWED##"); |
| 280 | } |
| 281 | |
| 282 | if(isset($_POST['idx']) && is_numeric($_POST['idx'])) { |
| 283 | if($_POST['to'] == 1) |
| 284 | $new_status='Y';
|
| 285 | else
|
| 286 | $new_status='N';
|
| 287 | |
| 288 | $this->db->db_query(" |
| 289 | UPDATE nephthys_users |
| 290 | SET |
| 291 | user_active='". $new_status ."' |
| 292 | WHERE |
| 293 | user_idx='". $_POST['idx'] ."'"); |
| 294 | |
| 295 | return "ok"; |
| 296 | } |
| 297 | |
| 298 | return "unkown error"; |
| 299 | |
| 300 | } // toggleStatus()
|
| 301 | |
| 302 | /**
|
| 303 | * template function which will be called from the user listing template |
| 304 | */ |
| 305 | public function smarty_user_list($params, $content, &$smarty, &$repeat) |
| 306 | {
|
| 307 | $index = $this->tmpl->get_template_vars('smarty.IB.user_list.index'); |
| 308 | if(!$index) {
|
| 309 | $index = 0;
|
| 310 | } |
| 311 | |
| 312 | if($index < count($this->avail_users)) { |
| 313 | |
| 314 | $user_idx = $this->avail_users[$index];
|
| 315 | $user = $this->users[$user_idx];
|
| 316 | |
| 317 | $this->tmpl->assign('user_idx', $user_idx); |
| 318 | $this->tmpl->assign('user_name', $user->user_name); |
| 319 | $this->tmpl->assign('user_full_name', $user->user_full_name); |
| 320 | $this->tmpl->assign('user_priv', $this->parent->get_priv_name($user->user_priv)); |
| 321 | |
| 322 | if(!empty($user->user_last_login) && !is_null($user->user_last_login)) |
| 323 | $this->tmpl->assign('user_last_login', strftime("%c", $user->user_last_login)); |
| 324 | else
|
| 325 | $this->tmpl->assign('user_last_login', $this->parent->_("##NEVER##")); |
| 326 | $this->tmpl->assign('user_active', $user->user_active); |
| 327 | |
| 328 | $index++; |
| 329 | $this->tmpl->assign('smarty.IB.user_list.index', $index); |
| 330 | $repeat = true;
|
| 331 | } |
| 332 | else {
|
| 333 | $repeat = false;
|
| 334 | } |
| 335 | |
| 336 | return $content;
|
| 337 | |
| 338 | } // smarty_user_list()
|
| 339 | |
| 340 | } // class NEPHTHYS_USERS
|
| 341 | |
| 342 | // vim: set filetype=php expandtab softtabstop=3 tabstop=3 shiftwidth=3 autoindent smartindent:
|
| 343 | ?> |
| 344 |