[Mapbender-commits] r6589 - in trunk/mapbender: http/classes
http/php lib
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Mon Jul 12 11:41:12 EDT 2010
Author: christoph
Date: 2010-07-12 15:41:12 +0000 (Mon, 12 Jul 2010)
New Revision: 6589
Added:
trunk/mapbender/lib/editUser.php
Modified:
trunk/mapbender/http/classes/class_user.php
trunk/mapbender/http/php/mod_editFilteredUser.php
trunk/mapbender/http/php/mod_editSelf.php
trunk/mapbender/http/php/mod_editUser.php
Log:
unified editSelf, editUser, editFilteredUser
user can no longer delete herself
added fields from other projects
uses class user, no sql in sources
Modified: trunk/mapbender/http/classes/class_user.php
===================================================================
--- trunk/mapbender/http/classes/class_user.php 2010-07-12 12:25:23 UTC (rev 6588)
+++ trunk/mapbender/http/classes/class_user.php 2010-07-12 15:41:12 UTC (rev 6589)
@@ -44,7 +44,7 @@
var $fax = "";
var $deliveryPoint ="";
var $city ="";
- var $postalCode;
+ var $postalCode = null;
var $country ="";
var $url ="";
var $realName = "";
@@ -52,9 +52,12 @@
var $houseNumber = "";
var $reference = "";
var $forAttentionOf = "";
- var $validFrom = "";
- var $validTo = "";
+ var $validFrom = null;
+ var $validTo = null;
var $passwordTicket = "";
+ var $firstName = "";
+ var $lastName = "";
+ var $academicTitle = "";
static $displayName = "User";
static $internalName = "user";
@@ -74,8 +77,7 @@
try{
$this->load();
}
- catch(Exception $E)
- {
+ catch(Exception $E) {
new mb_exception($E->getMessage());
}
}
@@ -94,32 +96,35 @@
*/
public function getFields() {
$result = array(
- "name" => $this->name,
- "password" => "*************",
- "owner" => $this->owner,
- "description" => $this->description,
- "loginCount" => $this->loginCount,
- "email" => $this->email,
- "phone" => $this->phone,
- "department" => $this->department,
- "resolution" => $this->resolution,
- "organization" => $this->organizatin,
- "position" => $this->position,
- "phone1" => $this->phone1,
- "fax" => $this->fax,
- "deliveryPoint" => $this->deliveryPoint,
- "city" => $this->city,
- "postalCode" => $this->postalCode,
- "country" => $this->country,
- "url" => $this->url,
- "realName" => $this->realName,
- "street" => $this->street,
- "housenumber" => $this->housenumber,
- "reference" => $this->reference,
- "forAttentionOf" => $this->forAttentionOf,
- "validFrom" => $this->validFrom,
- "validTo" => $this->validTo,
- "passwordTicket" => $this->passwordTicket
+ "name" => $this->name,
+ "password" => "*************",
+ "owner" => $this->owner,
+ "description" => $this->description,
+ "loginCount" => $this->loginCount,
+ "email" => $this->email,
+ "phone" => $this->phone,
+ "department" => $this->department,
+ "resolution" => $this->resolution,
+ "organization" => $this->organization,
+ "position" => $this->position,
+ "phone1" => $this->phone1,
+ "fax" => $this->fax,
+ "deliveryPoint" => $this->deliveryPoint,
+ "city" => $this->city,
+ "postalCode" => $this->postalCode,
+ "country" => $this->country,
+ "url" => $this->url,
+ "realName" => $this->realName,
+ "street" => $this->street,
+ "houseNumber" => $this->houseNumber,
+ "reference" => $this->reference,
+ "forAttentionOf" => $this->forAttentionOf,
+ "validFrom" => $this->validFrom,
+ "validTo" => $this->validTo,
+ "passwordTicket" => $this->passwordTicket,
+ "firstName" => $this->firstName,
+ "lastName" => $this->lastName,
+ "academicTitle" => $this->academicTitle
);
return $result;
}
@@ -144,7 +149,7 @@
return $groupArray;
}
- public function create() {
+ public function create() {
if($this->name == ""){ $e = new Exception("Can' t create user without name");}
$sql_user_create = "INSERT INTO mb_user (mb_user_name) VALUES ('". $this->name ."');";
@@ -177,12 +182,8 @@
throw new Exception("Could not set inital values of new user");
}
}
-
-
db_commit();
return true;
-
-
}
@@ -220,7 +221,9 @@
$this->validFrom = $changes->validFrom ? $changes->validFrom : $this->validFrom;
$this->validTo = $changes->validTo ? $changes->validTo : $this->validTo;
$this->passwordTicket = $changes->passwordTicket ? $changes->passwordTicket : $this->passwordTicket;
-
+ $this->firstName = $changes->firstName ? $changes->firstName : $this->firstName;
+ $this->lastName = $changes->lastName ? $changes->lastName : $this->lastName;
+ $this->academicTitle = $changes->academicTitle ? $changes->academicTitle : $this->academicTitle;
return true;
}
@@ -242,52 +245,65 @@
"mb_user_city = $13, ".
"mb_user_postal_code = $14, ".
"mb_user_country = $15, ".
- "mb_user_online_resource = $16 ".
- "mb_user_realname = $18 ".
- "mb_user_street = $19 ".
- "mb_user_housenumber = $20 ".
- "mb_user_reference =$21 ".
- "mb_user_for_attention_of = $22 ".
- "mb_user_valid_from = $23 ".
- "mb_user_valid_to = $24 ".
- "mb_user_password_ticket = $25 ".
- "WHERE mb_user_id = $17;";
+ "mb_user_online_resource = $16, ".
+ "mb_user_realname = $17, ".
+ "mb_user_street = $18, ".
+ "mb_user_housenumber = $19, ".
+ "mb_user_reference =$20, ".
+ "mb_user_for_attention_of = $21, ".
+ "mb_user_valid_from = $22, ".
+ "mb_user_valid_to = $23, ".
+ "mb_user_password_ticket = $24, ".
+ "mb_user_firstname = $25, " .
+ "mb_user_lastname = $26, " .
+ "mb_user_academictitle = $27 " .
+ "WHERE mb_user_id = $28;";
+ $v = array(
+ $this->name,
+ is_numeric($this->owner) ? intval($this->owner) : null,
+ $this->description !== "" ? $this->description : null,
+ $this->email !== "" ? $this->email : null,
+ $this->phone !== "" ? $this->phone : null,
+ $this->department !== "" ? $this->department : null,
+ is_numeric($this->resolution) ? intval($this->resolution) : null,
+ $this->organization !== "" ? $this->organization : null,
+ $this->position !== "" ? $this->position : null,
+ $this->phone1 !== "" ? $this->phone1 : null,
+ $this->fax !== "" ? $this->fax : null,
+ $this->deliveryPoint !== "" ? $this->deliveryPoint : null,
+ $this->city !== "" ? $this->city : null,
+ is_numeric($this->postalCode) ? intval($this->postalCode) : null,
+ $this->country !== "" ? $this->country : null,
+ $this->url !== "" ? $this->url : null,
+ $this->realName !== "" ? $this->realName : null,
+ $this->street !== "" ? $this->street : null,
+ $this->houseNumber !== "" ? $this->houseNumber : null,
+ $this->reference !== "" ? $this->reference : null,
+ $this->forAttentionOf !== "" ? $this->forAttentionOf : null,
+ $this->validFrom,
+ $this->validTo,
+ $this->passwordTicket !== "" ? $this->passwordTicket : null,
+ $this->firstName,
+ $this->lastName,
+ $this->academicTitle,
+ is_numeric($this->id) ? intval($this->id) : null,
+ );
- $v = array($this->name,
- $this->owner,
- $this->description,
- $this->email,
- $this->phone,
- $this->department,
- $this->resolution,
- $this->organization,
- $this->position,
- $this->phone1,
- $this->facsimile,
- $this->deliveryPoint,
- $this->city,
- $this->postalCode,
- $this->country,
- $this->url,
- $this->id,
- $this->realName,
- $this->street,
- $this->housenumber,
- $this->reference,
- $this->forAttentionOf,
- $this->validFrom,
- $this->validTo,
- $this->passwordTicket);
+ $t = array(
+ "s", "i", "s", "s", "s",
+ "s", "i", "s", "s", "s",
+ "s", "s", "s", "i", "s",
+ "s", "s", "s", "s", "s",
+ "s", "s", "s", "s", "s",
+ "s", "s", "i"
+ );
- $t = array("s", "i", "s", "s", "s", "s", "i", "s", "s", "s", "s", "s", "s", "i", "s", "s", "i", "s", "s", "s", "s", "s", "s", "s", "s");
-
- $update_result = db_prep_query($sql_update,$v,$t);
- if(!$update_result)
- {
- throw new Exception("Database error updating User");
- }
-
+ $update_result = db_prep_query($sql_update,$v,$t);
+ if(!$update_result) {
+ throw new Exception("Database error updating User");
+ return false;
+ }
return true;
}
@@ -298,9 +314,8 @@
$t = array("i");
$result = db_prep_query($sql_user_remove,$v,$t);
- if($result == false)
- {
- $e = new mb_exception("Database error deleting userr");
+ if($result == false) {
+ $e = new mb_exception("Database error deleting user");
}
return true;
}
@@ -320,23 +335,26 @@
$this->phone = $row['mb_user_phone'];
$this->department = $row['mb_user_department'];
$this->resolution = $row['mb_user_resolution'];
- $this->organization = $row['mb_user_organizationName'];
+ $this->organization = $row['mb_user_organisation_name'];
$this->position = $row['mb_user_position_name'];
$this->phone1 = $row['mb_user_phone1'];
$this->fax = $row['mb_user_facsimile'];
$this->deliveryPoint = $row['mb_user_delivery_point'];
- $this->city = $row['mb_user_user_city'];
+ $this->city = $row['mb_user_city'];
$this->postalCode = $row['mb_user_postal_code'];
$this->country = $row['mb_user_country'];
$this->url = $row['mb_user_online_resource'];
$this->realName = $row['mb_user_realname'];
$this->street = $row['mb_user_street'];
- $this->housenumber = $row['mb_user_housenumber'];
+ $this->houseNumber = $row['mb_user_housenumber'];
$this->reference = $row['mb_user_reference'];
$this->forAttentionOf = $row['mb_user_for_attention_of'];
$this->validFrom = $row['mb_user_valid_from'];
$this->validTo = $row['mb_user_valid_to'];
$this->passwordTicket = $row['mb_user_password_ticket'];
+ $this->firstName = $row["mb_user_firstname"];
+ $this->lastName = $row["mb_user_lastname"];
+ $this->academicTitle = $row["mb_user_academictitle"];
}
else {
throw new Exception("no such User");
@@ -379,8 +397,7 @@
$t = array('s','i','s');
$update_result = db_prep_query($sql,$v,$t);
- if(!$update_result)
- {
+ if (!$update_result) {
throw new Exception("Database error updating user password");
}
return true;
@@ -399,7 +416,9 @@
if(!$res){
$e= new mb_exception(1);
throw new Exception("Error setting new user password ticket");
+ return false;
}
+ $this->passwordTicket = $passwordTicket;
return true;
}
@@ -418,36 +437,55 @@
if(!$admin->sendEmail("", "", $userMail, $this->name, utf8_decode("Your Mapbender account"), utf8_decode($userMessage), $error_msg)) {
return "Registry data could not be send. Please check mail address.";
}
- else {
- return "Registry data has been sent successfully.";
- }
+ return "Registry data has been sent successfully.";
}
/*
* @return Array of Users
* @param $filter UNUSED! string that must be contained in the username
*/
- public static function getList($filter) {
- //FIXME: optimize
- $name = $filter->name ? $filter->name : "%";
-
- $users = Array();
- $sql_userlist = "SELECT mb_user_id FROM mb_user WHERE mb_user_name LIKE $1 ORDER BY mb_user_name";
- $res_users = db_prep_query($sql_userlist, array($name), array("s"));
+ public static function getList($filter) {
+ //FIXME: optimize
+ $name = $filter->name ? $filter->name : null;
+ $owner = $filter->owner && is_numeric($filter->owner) ? intval($filter->owner) : null;
+
+ $users = Array();
+ $sql_userlist = "SELECT mb_user_id FROM mb_user";
+
+ $andConditions = array();
+ $v = array();
+ $t = array();
- while($row = db_fetch_array($res_users))
- {
+ if (!is_null($name)) {
+ $v[]= $name;
+ $t[]= "s";
+ $andConditions[]= "mb_user_name LIKE $" . count($v);
+ }
+
+ if (!is_null($owner)) {
+ $v[]= $owner;
+ $t[]= "i";
+ $andConditions[]= "mb_user_owner = $" . count($v);
+ }
+
+ if (count($andConditions) > 0) {
+ $sql_userlist .= " WHERE " . implode("AND", $andConditions);
+ }
+
+ $sql_userlist .= " ORDER BY mb_user_name";
+
+ $res_users = db_prep_query($sql_userlist, $v, $t);
+
+ while($row = db_fetch_array($res_users)) {
try{
$users[] = new User($row['mb_user_id']);
}
- catch(Exception $E)
- {
+ catch(Exception $E) {
continue;
//FIXME: should catch some errors here
}
}
return $users;
-
}
/*
Modified: trunk/mapbender/http/php/mod_editFilteredUser.php
===================================================================
--- trunk/mapbender/http/php/mod_editFilteredUser.php 2010-07-12 12:25:23 UTC (rev 6588)
+++ trunk/mapbender/http/php/mod_editFilteredUser.php 2010-07-12 15:41:12 UTC (rev 6589)
@@ -23,424 +23,6 @@
require_once(dirname(__FILE__)."/../php/mb_validatePermission.php");
require_once(dirname(__FILE__)."/../classes/class_user.php");
$myUser = true;
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<?php
-echo '<meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'">';
-?>
-<title>Edit Filtered User</title>
-<?php
-include '../include/dyn_css.php';
-$myPW = "**********";
-echo "<script language='JavaScript'>var myPW = '".$myPW."';</script>";
-?>
-<script type="text/javascript">
-<?php
- include '../include/dyn_js.php';
- include '../include/dyn_php.php';
-
- $myPW = "**********";
- echo "var myPW = '".$myPW."';";
- if(!$withPasswordInsertion) {
- $withPasswordInsertion = "true";
- }
- echo "var withPasswordInsertion = '" . $withPasswordInsertion . "';";
-?>
-</script>
-<script type='text/javascript' src="../extensions/jquery.js"></script>
-<script language="JavaScript">
-function sendRegisterData() {
- if (document.form1.email.value == '') {
- alert("Data could not be sent. No mail address given for this user.");
- return false;
- }
- var parameters = {
- command : "sendMailToUser",
- userId : document.form1.selected_user.options[document.form1.selected_user.selectedIndex].value
- };
- $.post("../php/mod_sendUserMail.php", parameters, function (json, status) {
- if(status == 'success') {
- alert(json);
- }
- });
-}
-
-function callPick(obj){
- dTarget = obj;
- var dp = window.open('../tools/datepicker/datepicker.php?m=Jan_Feb_März_April_Mai_Juni_Juli_Aug_Sept_Okt_Nov_Dez&d=Mo_Di_Mi_Do_Fr_Sa_So&t=heute','dp','left=200,top=200,width=230,height=210,toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0');
- dp.focus();
- return false;
-}
-
-function validate(val){
- var ok = validateInput();
- if(ok == 'true'){
- var permission = false;
- if(val == 'save'){
- permission = confirm("Save changes?");
- }
- if(val == 'update'){
- permission = confirm("Save changes?");
- }
- if(val == 'delete'){
- permission = confirm("Delete User?");
- }
- if(val == 'new_pw_ticket'){
- permission = confirm("Set new password ticket for this user?");
- }
- if(permission === true){
- if(withPasswordInsertion == 'true'){
- if(document.forms[0].password.value == myPW){
- document.forms[0].password.value = '';
- }
- }
- document.forms[0].action.value = val;
- document.forms[0].submit();
- }
- }
-}
-function validateInput(){
- var str_alert = "Input incorrect !";
- if(document.forms[0].name.value === ''){
- alert(str_alert);
- document.forms[0].name.focus();
- return 'false';
- }
- if(withPasswordInsertion == 'true') {
- if(document.forms[0].password.value === '') {
- alert(str_alert);
- document.forms[0].password.focus();
- return 'false';
- }
- if((document.forms[0].password.value != myPW || document.forms[0].v_password.value !== '' )&& document.forms[0].password.value != document.forms[0].v_password.value){
- alert("Password verification failed. You have to enter the same password twice!");
- document.forms[0].password.value = myPW;
- document.forms[0].password.focus();
- return 'false';
- }
- }
- if(document.forms[0].resolution.value === '') {
- document.forms[0].resolution.value = 72;
- return 'true';
- }
- if(document.forms[0].login_count.value === '') {
- document.forms[0].login_count.value = 0;
- return 'true';
- }
- return 'true';
-}
-/**
- * filter the Userlist by str
- */
-function filterUser(list, all, str){
- str=str.toLowerCase();
- var selection=[];
- var i,j,selected;
- for(i=0;i<list.options.length;i++){
- if (list.options[i].selected) {
- selection[selection.length] = list.options[i].value;
- }
- }
-
- list.options.length = 1;
- for(i=0; i<all.length; i++){
- if (all[i].name.toLowerCase().indexOf(str) == -1) {
- continue;
- }
- selected=false;
- for(j=0;j<selection.length;j++){
- if(selection[j]==all[i].id){
- selected=true;
- break;
- }
- }
- var newOption = new Option(all[i].name, all[i].id,false,selected);
- newOption.setAttribute("title", all[i].email);
- list.options[list.options.length] = newOption;
- }
-}
-</script>
-
-</head>
-<body>
-<?php
-#delete
-if($action == 'delete'){
- $sql = "DELETE FROM mb_user WHERE mb_user_id = $1";
- $v = array($selected_user);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- $selected_user = 'new';
-}
-
-#save
-if($action == 'save'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 ";
- $v = array($name);
- $t = array('s');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- $sql = "Insert INTO mb_user (mb_user_name, mb_user_password, mb_user_owner, mb_user_description, ";
- $sql .= "mb_user_email, mb_user_phone, mb_user_department, mb_user_resolution, mb_user_password_ticket) VALUES ";
- $sql.= "($1,$2,$3,$4,$5,$6,$7,$8,$9)";
- if($withPasswordInsertion == 'true') {
- $tmpPW = md5($password);
- $passwordTicket = "";
- }
- else {
- $tmpPW = md5(microtime());
- $passwordTicket = substr(md5(uniqid(rand())),0,30);
- }
-
- $v = array($name,$tmpPW,$owner_id,$description,$email,$phone,$department,$resolution,$passwordTicket);
- $t = array('s','s','i','s','s','s','s','i','s');
- $res = db_prep_query($sql,$v,$t);
- $selected_user = db_insert_id($res,"mb_user","mb_user_id");
- }
-}
-
-#update
-if($action == 'update'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 AND mb_user_id <> $2";
- $v = array($name,$selected_user);
- $t = array('s','i');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- $sql = "UPDATE mb_user SET mb_user_name = $1";
- $sql.=", mb_user_description = $2";
- $sql.=", mb_user_login_count = $3";
- $sql.=", mb_user_email = $4";
- $sql.=", mb_user_phone = $5";
- $sql.=", mb_user_department = $6";
- $sql.=", mb_user_resolution = $7";
- $sql.=" where mb_user_id = $8";
- $v = array($name,$description,$login_count,$email,$phone,$department,$resolution,$selected_user);
- $t = array('s','s','i','s','s','s','i','i');
- $res = db_prep_query($sql,$v,$t);
- if($password != ''){
- $sql = "UPDATE mb_user SET mb_user_password = $1 WHERE mb_user_name = $2";
- $v = array(md5($password), $name);
- $t = array('s','s');
- $res = db_prep_query($sql,$v,$t);
- if($password && $res){
- echo "<script language='JavaScript'>alert('Password has been updated successfully!');</script>";
- }
- }
- }
-}
-
-if($action == 'new_pw_ticket'){
- $user = new user();
- $user->id = $selected_user;
- $user->setNewUserPasswordTicket();
-}
-
-if (!isset($name) || $selected_user == 'new'){
- $name = "";
- $password = "";
- $owner_id = Mapbender::session()->get("mb_user_id");
- $owner_name = Mapbender::session()->get("mb_user_name");
- $description = "";
- $login_count = 0;
- $email = "";
- $phone = "";
- $department = "";
- $resolution = 72;
-}
-
-
-/*HTML*****************************************************************************************************/
-
-echo "<form name='form1' action='" . $self ."' method='post'>";
-echo "<table border='0'>";
-#User
-echo "<tr>";
- echo "<td>";
- echo "User: ";
- echo "</td>";
-echo "<td>";
- echo "<input type='text' value='' onkeyup='filterUser(document.getElementById(\"selecteduser\"),user,this.value);'/>";
- echo "<br /><select id='selecteduser' name='selected_user' onchange='submit()'>";
- echo "<option value='new'>NEW...</option>";
- $sql = "SELECT mb_user_name,mb_user_id,mb_user_email FROM mb_user ";
- $v = array();
- $t = array();
- if (isset($myUser)) {
- $sql .= "WHERE mb_user_owner = $1";
- array_push($v, Mapbender::session()->get("mb_user_id"));
- array_push($t, "i");
- }
- $sql .= " ORDER BY mb_user_name ";
- $res = db_prep_query($sql, $v, $t);
- $count=0;
- while($row = db_fetch_array($res)){
- echo "<option value='".$row["mb_user_id"]."' title='".$row["mb_user_email"]."'";
- if($selected_user && $selected_user == $row["mb_user_id"]){
- echo "selected";
- }
- echo ">".$row["mb_user_name"]."</option>";
- $user_id[$count] = $row["mb_user_id"];
- $user_name[$count] = $row["mb_user_name"];
- $user_email[$count] = $row["mb_user_email"];
- $count++;
- }
- $cnt_user=$count;
- echo "</select>";
- echo "</td>";
-echo "</tr>";
-
-
-if(isset($selected_user) && $selected_user != 0){
- $sql = "SELECT * FROM mb_user WHERE mb_user_id = $1 ORDER BY mb_user_name ";
- $v = array($selected_user);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_array($res)){
- $name = $row["mb_user_name"];
- $password = $row["mb_user_password"];
- $owner_id = $row["mb_user_owner"];
- $description = $row["mb_user_description"];
- $login_count = $row["mb_user_login_count"];
- $email = $row["mb_user_email"];
- $phone = $row["mb_user_phone"];
- $department = $row["mb_user_department"];
- $resolution = $row["mb_user_resolution"];
- }
- $sql = "SELECT mb_user_name FROM mb_user WHERE mb_user_id = $1";
- $v = array($owner_id);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_array($res)){
- $owner_name = $row["mb_user_name"];
- }
-}
-#name
-echo "<tr>";
- echo "<td>Name:</td>";
- echo "<td>";
- echo "<input type='text' size='30' name='name' value='".$name."'>";
- echo "</td>";
-echo "</tr>";
-
-if($withPasswordInsertion == 'true') {
- #password
- echo "<tr>";
- echo "<td>Password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='password' value='";
- if(isset($selected_user) && $selected_user != 'new'){
- echo $myPW;
- }
- echo "' >";
- echo "<input type='hidden' name='password_plain' value='".$password."'>";
- echo "</td>";
- echo "</tr>";
-
- #confirm password
- echo "<tr>";
- echo "<td>Confirm password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='v_password' value='";
- echo "'>";
- echo "</td>";
- echo "</tr>";
-}
-
-#owner
-echo "<tr>";
- echo "<td>Owner: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='owner_name' value='".$owner_name."' readonly>";
- echo "<input type='hidden' size='30' name='owner_id' value='".$owner_id."' readonly>";
- echo "</td>";
-echo "</tr>";
-
-#description
-echo "<tr>";
- echo "<td>Description: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='description' value='".$description."'>";
- echo "</td>";
-echo "</tr>";
-
-
-#login_count
-echo "<tr>";
- echo "<td>Login_count: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='login_count' value='".$login_count."'>";
- echo "</td>";
-echo "</tr>";
-
-#email
-echo "<tr>";
- echo "<td>Email: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='email' value='".$email."'>";
- echo "</td>";
-echo "</tr>";
-
-#phone
-echo "<tr>";
- echo "<td>Phone: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='phone' value='".$phone."'>";
- echo "</td>";
-echo "</tr>";
-
-#department
-echo "<tr>";
- echo "<td>Department: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='department' value='".$department."'>";
- echo "</td>";
-echo "</tr>";
-
-echo"</table>";
-
-#resolution
-#echo "<tr>";
-# echo "<td>Resolution: </td>";
-# echo "<td>";
- echo "<input type='hidden' size='30' name='resolution' value='".$resolution."'>";
-# echo "</td>";
-#echo "</tr>";
-
-if($selected_user == 'new' || !isset($selected_user)){
- echo "<input type='button' value='save' onclick='validate(\"save\")'>";
-}
-if(Mapbender::session()->get("mb_user_id") == $owner_id && $selected_user != 'new' && $selected_user != '' ){
- echo "<input type='button' value='save' onclick='validate(\"update\")'>";
- echo "<input type='button' value='delete' onclick='validate(\"delete\")'>";
- if($withPasswordInsertion != 'true') {
- echo "<input type='button' value='Send login data to user' onclick='sendRegisterData();'>";
- echo " <input type='button' value='New password ticket' onclick='validate(\"new_pw_ticket\");'>";
- }
-}
+include "../../lib/editUser.php";
?>
-<input type='hidden' name='action' value=''>
-</form>
-<script type="text/javascript">
-<!--
-var user=[];
-<?php
-for($i=0; $i<$cnt_user; $i++){
- echo "user[".($i)."]=[];\n";
- echo "user[".($i)."]['id']='" . $user_id[$i] . "';\n";
- echo "user[".($i)."]['name']='" . $user_name[$i] . "';\n";
- echo "user[".($i)."]['email']='" . $user_email[$i] . "';\n";
-}
-?>
-// -->
-</script>
-</body>
-</html>
\ No newline at end of file
Modified: trunk/mapbender/http/php/mod_editSelf.php
===================================================================
--- trunk/mapbender/http/php/mod_editSelf.php 2010-07-12 12:25:23 UTC (rev 6588)
+++ trunk/mapbender/http/php/mod_editSelf.php 2010-07-12 15:41:12 UTC (rev 6589)
@@ -19,323 +19,9 @@
import_request_variables("PG");
require_once(dirname(__FILE__)."/../php/mb_validateSession.php");
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<?php
-echo '<meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'">';
-?>
-<title>Edit User Settings</title>
-<style type="text/css">
- <!--
- body{
- font-family: Arial, Helvetica, sans-serif;
- font-size : 12px;
- color: #808080
- }
- .list_guis{
- font-family: Arial, Helvetica, sans-serif;
- font-size : 12px;
- color: #808080;
- }
- a:link{
- font-family: Arial, Helvetica, sans-serif;
- font-size : 12px;
- text-decoration : none;
- color: #808080;
- }
- a:visited {
- font-family: Arial, Helvetica, sans-serif;
- text-decoration : none;
- color: #808080;
- font-size : 12px;
- }
- a:active {
- font-family: Arial, Helvetica, sans-serif;
- text-decoration : none;
- color: #808080;
- font-size : 12px;
- }
- -->
-</style>
-<?php
-$myPW = "**********";
-echo "<script language='JavaScript'>var myPW = '".$myPW."';</script>";
-?>
-<script language="JavaScript">
-
-function validate(val){
- var ok = validateInput();
- if(ok == 'true'){
- var permission = false;
- if(val == 'save'){
- permission = confirm("Save changes?");
- }
- if(val == 'update'){
- permission = confirm("Save changes?");
- }
- if(val == 'delete'){
- permission = confirm("Delete User?");
- }
- if(permission == true){
- if(document.forms[0].passw.value == myPW){
- document.forms[0].passw.value = '';
- }
- document.forms[0].action.value = val;
- document.forms[0].submit();
- }
- }
-}
-function validateInput(){
- var str_alert = "Input incorrect !";
- if(document.forms[0].name.value == ''){
- alert(str_alert);
- document.forms[0].name.focus();
- return 'false';
- }
- if(document.forms[0].passw.value == ''){
- alert(str_alert);
- document.forms[0].passw.focus();
- return 'false';
- }
- if((document.forms[0].passw.value != myPW || document.forms[0].v_password.value != '' )&& document.forms[0].passw.value != document.forms[0].v_password.value){
- alert("Password verification failed. You have to enter the same password twice!");
- document.forms[0].passw.value = myPW;
- document.forms[0].passw.focus();
- return 'false';
- }
- if(document.forms[0].resolution.value == ''){
- document.forms[0].resolution.value = 72;
- return 'true';
- }
- if(document.forms[0].login_count.value == ''){
- document.forms[0].login_count.value = 0;
- return 'true';
- }
- return 'true';
-}
-
-</script>
-
-</head>
-<body>
-<?php
-#delete
-if($action == 'delete'){
- $sql = "DELETE FROM mb_user WHERE mb_user_id = $1 ";
- $v = array($selected_user);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- session_destroy();
- echo "You have deleted your account.<br><br>";
- die();
-
-}
-
-#save
-if($action == 'save'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 ";
- $v = array($name);
- $t = array('s');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- $sql = "Insert INTO mb_user (mb_user_name, mb_user_password,mb_user_owner, mb_user_description,";
- $sql .= " mb_user_email, mb_user_phone, mb_user_department, mb_user_resolution) VALUES ";
- $sql.= "($1, $2, $3, $4, $5, $6, $7, $8)";
- $v = array($name,md5($passw),$owner_id,$description,$email,$phone,$department,$resolution);
- $t = array('s','s','i','s','s','s','s','i');
- $res = db_prep_query($sql,$t,$v);
- $selected_user = db_insert_id();
- }
-}
-
-#update
-if($action == 'update'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 AND mb_user_id <> $2";
- $v = array($name,$selected_user);
- $t = array('s','i');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- if($passw == ""){
- $sql = "SELECT mb_user_password FROM mb_user WHERE mb_user_name = $1 AND mb_user_id = $2";
- $v = array($name,$selected_user);
- $t = array('s','i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_row($res)){
- $p = $row["mb_user_password"];
- }
- }
- else{
- $p = md5($passw);
- $password = true;
- }
- $sql = "UPDATE mb_user SET mb_user_name = $1";
- $sql .= ", mb_user_password = $2";
- $sql .=", mb_user_description = $3";
- $sql .=", mb_user_login_count = $4";
- $sql .=", mb_user_email = $5";
- $sql .=", mb_user_phone = $6";
- $sql .=", mb_user_department = $7";
- $sql .=", mb_user_resolution = $8";
- $sql .=" where mb_user_id = $9";
- $v = array($name,$p,$description,$login_count,$email,$phone,$department,$resolution,$selected_user);
- $t = array('s','s','s','i','s','s','s','i','i');
- $res = db_prep_query($sql,$v,$t);
- if($password && $res){
- echo "<script language='JavaScript'>alert('Password has been updated successfully!');</script>";
- }
- }
-}
-if (!isset($name) || $selected_user == 'new'){
- $name = "";
- $password = "";
- $owner_id = Mapbender::session()->get("mb_user_id");
- $owner_name = Mapbender::session()->get("mb_user_name");
- $description = "";
- $login_count = 0;
- $email = "";
- $phone = "";
- $department = "";
- $resolution = 72;
-}
-
+require_once(dirname(__FILE__)."/../classes/class_user.php");
+$editSelf = true;
$selected_user = Mapbender::session()->get("mb_user_id");
-/*HTML*****************************************************************************************************/
-
-echo "<form name='form1' action='" . $self ."' method='post'>";
-echo "<input type='hidden' name='selected_user' value='" . Mapbender::session()->get("mb_user_id") . "'>";
-echo "<table border='0'>";
-
-if(isset($selected_user) && $selected_user != 0){
- $sql = "SELECT * FROM mb_user WHERE mb_user_id = $1";
- $v = array(Mapbender::session()->get("mb_user_id"));
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_array($res)){
- $name = $row["mb_user_name"];
- $password = $row["mb_user_password"];
- $owner_id = $row["mb_user_owner"];
- $description = $row["mb_user_description"];
- $login_count = $row["mb_user_login_count"];
- $email = $row["mb_user_email"];
- $phone = $row["mb_user_phone"];
- $department = $row["mb_user_department"];
- $resolution = $row["mb_user_resolution"];
- $owner_id = Mapbender::session()->get("mb_user_id");
- $edit = true;
- }
- else {
- $edit = false;
- echo "You're not allowed to change the settings!";
- }
-}
-
-if ($edit) {
-#name
-echo "<tr>";
- echo "<td>Name:</td>";
- echo "<td>";
- echo "<input type='text' size='30' name='name' value='".$name."'>";
- echo "</td>";
-echo "</tr>";
-
-#password
-echo "<tr>";
- echo "<td>Password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='passw' value='";
- if(isset($selected_user) && $selected_user != 'new'){
- echo $myPW;
- }
- echo "'>";
- echo "</td>";
-echo "</tr>";
-
-#confirm password
-echo "<tr>";
- echo "<td>Confirm password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='v_password' value='";
- echo "'>";
- echo "</td>";
-echo "</tr>";
-
-#owner
-echo "<tr>";
- echo "<td>Owner: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='owner_name' value='".$owner_name."' readonly>";
- echo "<input type='hidden' size='30' name='owner_id' value='".$owner_id."' readonly>";
- echo "</td>";
-echo "</tr>";
-
-#description
-echo "<tr>";
- echo "<td>Description: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='description' value='".$description."'>";
- echo "</td>";
-echo "</tr>";
-
-
-#login_count
-echo "<tr>";
- echo "<td>Login_count: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='login_count' value='".$login_count."'>";
- echo "</td>";
-echo "</tr>";
-
-#email
-echo "<tr>";
- echo "<td>Email: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='email' value='".$email."'>";
- echo "</td>";
-echo "</tr>";
-
-#phone
-echo "<tr>";
- echo "<td>Phone: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='phone' value='".$phone."'>";
- echo "</td>";
-echo "</tr>";
-
-#department
-echo "<tr>";
- echo "<td>Department: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='department' value='".$department."'>";
- echo "</td>";
-echo "</tr>";
-
-#resolution
-echo "<tr>";
- echo "<td>Resolution: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='resolution' value='".$resolution."'>";
- echo "</td>";
-echo "</tr>";
-echo"</table>";
-if($selected_user == 'new' || !isset($selected_user)){
- echo "<input type='button' value='save' onclick='validate(\"save\")'>";
-}
-if(Mapbender::session()->get("mb_user_id") == $owner_id && $selected_user != '' ){
- echo "<input type='button' value='save' onclick='validate(\"update\")'>";
- echo "<input type='button' value='delete' onclick='validate(\"delete\")'>";
-}
-}
-?>
-<input type='hidden' name='action' value=''>
-</form>
-</body>
-</html>
\ No newline at end of file
+include "../../lib/editUser.php";
+?>
\ No newline at end of file
Modified: trunk/mapbender/http/php/mod_editUser.php
===================================================================
--- trunk/mapbender/http/php/mod_editUser.php 2010-07-12 12:25:23 UTC (rev 6588)
+++ trunk/mapbender/http/php/mod_editUser.php 2010-07-12 15:41:12 UTC (rev 6589)
@@ -21,369 +21,7 @@
import_request_variables("PG");
$e_id="editUser";
require_once(dirname(__FILE__)."/../php/mb_validatePermission.php");
-?>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html>
-<head>
-<?php
-echo '<meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'">';
-?>
-<title>Edit Filtered User</title>
-<?php
-include '../include/dyn_css.php';
-$myPW = "**********";
-echo "<script language='JavaScript'>var myPW = '".$myPW."';</script>";
-?>
-<script language="JavaScript">
+require_once(dirname(__FILE__)."/../classes/class_user.php");
-function validate(val){
- var ok = validateInput();
- if(ok == 'true'){
- var permission = false;
- if(val == 'save'){
- permission = confirm("Save changes?");
- }
- if(val == 'update'){
- permission = confirm("Save changes?");
- }
- if(val == 'delete'){
- permission = confirm("Delete User?");
- }
- if(permission == true){
- if(document.forms[0].password.value == myPW){
- document.forms[0].password.value = '';
- }
- document.forms[0].action.value = val;
- document.forms[0].submit();
- }
- }
-}
-function validateInput(){
- var str_alert = "Input incorrect !";
- if(document.forms[0].name.value == ''){
- alert(str_alert);
- document.forms[0].name.focus();
- return 'false';
- }
- if(document.forms[0].password.value == ''){
- alert(str_alert);
- document.forms[0].password.focus();
- return 'false';
- }
- if((document.forms[0].password.value != myPW || document.forms[0].v_password.value != '' )&& document.forms[0].password.value != document.forms[0].v_password.value){
- alert("Password verification failed. You have to enter the same password twice!");
- document.forms[0].password.value = myPW;
- document.forms[0].password.focus();
- return 'false';
- }
- if(document.forms[0].resolution.value == ''){
- document.forms[0].resolution.value = 72;
- return 'true';
- }
- if(document.forms[0].login_count.value == ''){
- document.forms[0].login_count.value = 0;
- return 'true';
- }
- return 'true';
-}
-/**
- * filter the Userlist by str
- */
-function filterUser(list, all, str){
- str=str.toLowerCase();
- var selection=[];
- var i,j,selected;
- for(i=0;i<list.options.length;i++){
- if(list.options[i].selected)
- selection[selection.length]=list.options[i].value;
- }
-
- list.options.length = 1;
- for(i=0; i<all.length; i++){
- if(all[i]['name'].toLowerCase().indexOf(str)==-1)
- continue;
- selected=false;
- for(j=0;j<selection.length;j++){
- if(selection[j]==all[i]['id']){
- selected=true;
- break;
- }
- }
- var newOption = new Option(all[i]['name'],all[i]['id'],false,selected);
- newOption.setAttribute("title", all[i]['email']);
- list.options[list.options.length] = newOption;
- }
-}
-</script>
-
-</head>
-<body>
-<?php
-function setPassword($password){
- if($password != ""){
- if (SYS_DBTYPE=="mysql"){
- $pw = "password('".$password."')";
- }else{
- $pw = md5($password);
- }
- return $pw;
- }
- else{
- return false;
- }
-}
-#delete
-if($action == 'delete'){
- $sql = "DELETE FROM mb_user WHERE mb_user_id = $1";
- $v = array($selected_user);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- $selected_user = 'new';
-}
-
-#save
-if($action == 'save'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 ";
- $v = array($name);
- $t = array('s');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- $sql = "Insert INTO mb_user (mb_user_name, mb_user_password,mb_user_owner, mb_user_description, ";
- $sql .= "mb_user_email, mb_user_phone, mb_user_department, mb_user_resolution) VALUES ";
- $sql.= "($1,$2,$3,$4,$5,$6,$7,$8)";
- $v = array($name,setPassword($password),$owner_id,$description,$email,$phone,$department,$resolution);
- $t = array('s','s','i','s','s','s','s','i');
- $res = db_prep_query($sql,$v,$t);
- $selected_user = db_insert_id($res,"mb_user","mb_user_id");
- }
-}
-
-#update
-if($action == 'update'){
- $sql = "SELECT mb_user_id FROM mb_user WHERE mb_user_name = $1 AND mb_user_id <> $2";
- $v = array($name,$selected_user);
- $t = array('s','i');
- $res = db_prep_query($sql,$v,$t);
- if(db_fetch_row($res)){
- echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
- }
- else{
- $sql = "UPDATE mb_user SET mb_user_name = $1";
- $sql.=", mb_user_description = $2";
- $sql.=", mb_user_login_count = $3";
- $sql.=", mb_user_email = $4";
- $sql.=", mb_user_phone = $5";
- $sql.=", mb_user_department = $6";
- $sql.=", mb_user_resolution = $7";
- $sql.=" where mb_user_id = $8";
- $v = array($name,$description,$login_count,$email,$phone,$department,$resolution,$selected_user);
- $t = array('s','s','i','s','s','s','i','i');
- $res = db_prep_query($sql,$v,$t);
- if($password != ''){
- $sql = "UPDATE mb_user SET mb_user_password = $1 WHERE mb_user_name = $2 AND mb_user_id = $3";
- $v = array(setPassword($password), $name, $selected_user);
- $t = array('s','s','i');
- $res = db_prep_query($sql,$v,$t);
- if($password && $res){
- echo "<script language='JavaScript'>alert('Password has been updated successfully!');</script>";
- }
- }
- }
-}
-if (!isset($name) || $selected_user == 'new'){
- $name = "";
- $password = "";
- $owner_id = Mapbender::session()->get("mb_user_id");
- $owner_name = Mapbender::session()->get("mb_user_name");
- $description = "";
- $login_count = 0;
- $email = "";
- $phone = "";
- $department = "";
- $resolution = 72;
-}
-
-
-/*HTML*****************************************************************************************************/
-
-echo "<form name='form1' action='" . $self ."' method='post'>";
-echo "<table border='0'>";
-#User
-echo "<tr>";
- echo "<td>";
- echo "User: ";
- echo "</td>";
-echo "<td>";
- echo "<input type='text' value='' onkeyup='filterUser(document.getElementById(\"selecteduser\"),user,this.value);'/>";
- echo "<br /><select id='selecteduser' name='selected_user' onchange='submit()'>";
- echo "<option value='new'>NEW...</option>";
- $sql = "SELECT mb_user_name,mb_user_id,mb_user_email FROM mb_user ";
- $v = array();
- $t = array();
- if (isset($myUser)) {
- $sql .= "WHERE mb_user_owner = $1";
- array_push($v, Mapbender::session()->get("mb_user_id"));
- array_push($t, "i");
- }
- $sql .= " ORDER BY mb_user_name ";
- $res = db_prep_query($sql, $v, $t);
- $count=0;
- while($row = db_fetch_array($res)){
- echo "<option value='".$row["mb_user_id"]."' title='".$row["mb_user_email"]."'";
- if($selected_user && $selected_user == $row["mb_user_id"]){
- echo "selected";
- }
- echo ">".$row["mb_user_name"]."</option>";
- $user_id[$count] = $row["mb_user_id"];
- $user_name[$count] = $row["mb_user_name"];
- $user_email[$count] = $row["mb_user_email"];
- $count++;
- }
- $cnt_user=$count;
- echo "</select>";
- echo "</td>";
-echo "</tr>";
-
-
-if(isset($selected_user) && $selected_user != 0){
- $sql = "SELECT * FROM mb_user WHERE mb_user_id = $1 ORDER BY mb_user_name ";
- $v = array($selected_user);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_array($res)){
- $name = $row["mb_user_name"];
- $password = $row["mb_user_password"];
- $owner_id = $row["mb_user_owner"];
- $description = $row["mb_user_description"];
- $login_count = $row["mb_user_login_count"];
- $email = $row["mb_user_email"];
- $phone = $row["mb_user_phone"];
- $department = $row["mb_user_department"];
- $resolution = $row["mb_user_resolution"];
- }
- $sql = "SELECT mb_user_name FROM mb_user WHERE mb_user_id = $1";
- $v = array($owner_id);
- $t = array('i');
- $res = db_prep_query($sql,$v,$t);
- if($row = db_fetch_array($res)){
- $owner_name = $row["mb_user_name"];
- }
-}
-#name
-echo "<tr>";
- echo "<td>Name:</td>";
- echo "<td>";
- echo "<input type='text' size='30' name='name' value='".$name."'>";
- echo "</td>";
-echo "</tr>";
-
-#password
-echo "<tr>";
- echo "<td>Password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='password' value='";
- if(isset($selected_user) && $selected_user != 'new'){
- echo $myPW;
- }
- echo "' >";
- echo "</td>";
-echo "</tr>";
-
-#confirm password
-echo "<tr>";
- echo "<td>Confirm password: </td>";
- echo "<td>";
- echo "<input type='password' size='30' name='v_password' value='";
- echo "'>";
- echo "</td>";
-echo "</tr>";
-
-
-#owner
-echo "<tr>";
- echo "<td>Owner: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='owner_name' value='".$owner_name."' readonly>";
- echo "<input type='hidden' size='30' name='owner_id' value='".$owner_id."' readonly>";
- echo "</td>";
-echo "</tr>";
-
-#description
-echo "<tr>";
- echo "<td>Description: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='description' value='".$description."'>";
- echo "</td>";
-echo "</tr>";
-
-
-#login_count
-echo "<tr>";
- echo "<td>Login_count: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='login_count' value='".$login_count."'>";
- echo "</td>";
-echo "</tr>";
-
-#email
-echo "<tr>";
- echo "<td>Email: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='email' value='".$email."'>";
- echo "</td>";
-echo "</tr>";
-
-#phone
-echo "<tr>";
- echo "<td>Phone: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='phone' value='".$phone."'>";
- echo "</td>";
-echo "</tr>";
-
-#department
-echo "<tr>";
- echo "<td>Department: </td>";
- echo "<td>";
- echo "<input type='text' size='30' name='department' value='".$department."'>";
- echo "</td>";
-echo "</tr>";
-
-echo"</table>";
-
-#resolution
-#echo "<tr>";
-# echo "<td>Resolution: </td>";
-# echo "<td>";
- echo "<input type='hidden' size='30' name='resolution' value='".$resolution."'>";
-# echo "</td>";
-#echo "</tr>";
-
-if($selected_user == 'new' || !isset($selected_user)){
- echo "<input type='button' value='save' onclick='validate(\"save\")'>";
-}
-if(Mapbender::session()->get("mb_user_id") == $owner_id && $selected_user != 'new' && $selected_user != '' ){
- echo "<input type='button' value='save' onclick='validate(\"update\")'>";
- echo "<input type='button' value='delete' onclick='validate(\"delete\")'>";
-}
-?>
-<input type='hidden' name='action' value=''>
-</form>
-<script type="text/javascript">
-<!--
-var user=[];
-<?php
-for($i=0; $i<$cnt_user; $i++){
- echo "user[".($i)."]=[];\n";
- echo "user[".($i)."]['id']='" . $user_id[$i] . "';\n";
- echo "user[".($i)."]['name']='" . $user_name[$i] . "';\n";
- echo "user[".($i)."]['email']='" . $user_email[$i] . "';\n";
-}
-?>
-// -->
-</script>
-</body>
-</html>
+include "../../lib/editUser.php";
+?>
\ No newline at end of file
Added: trunk/mapbender/lib/editUser.php
===================================================================
--- trunk/mapbender/lib/editUser.php (rev 0)
+++ trunk/mapbender/lib/editUser.php 2010-07-12 15:41:12 UTC (rev 6589)
@@ -0,0 +1,605 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<?php
+echo '<meta http-equiv="Content-Type" content="text/html; charset='.CHARSET.'">';
+?>
+<title>Edit Filtered User</title>
+<?php
+include '../include/dyn_css.php';
+$myPW = "**********";
+echo "<script language='JavaScript'>var myPW = '".$myPW."';</script>";
+?>
+<script type="text/javascript">
+<?php
+ include '../include/dyn_js.php';
+ include '../include/dyn_php.php';
+
+ $myPW = "**********";
+ echo "var myPW = '".$myPW."';";
+ if(!$withPasswordInsertion) {
+ $withPasswordInsertion = "true";
+ }
+ echo "var withPasswordInsertion = '" . $withPasswordInsertion . "';";
+?>
+</script>
+<script type='text/javascript' src="../extensions/jquery.js"></script>
+<script type='text/javascript'>
+
+function sendRegisterData() {
+ if (document.form1.email.value == '') {
+ alert("Data could not be sent. No mail address given for this user.");
+ return false;
+ }
+ var parameters = {
+ command : "sendMailToUser",
+ userId : document.form1.selected_user.options[document.form1.selected_user.selectedIndex].value
+ };
+ $.post("../php/mod_sendUserMail.php", parameters, function (json, status) {
+ if(status == 'success') {
+ alert(json);
+ }
+ });
+}
+
+function callPick(obj){
+ dTarget = obj;
+ var dp = window.open('../tools/datepicker/datepicker.php?m=Jan_Feb_März_April_Mai_Juni_Juli_Aug_Sept_Okt_Nov_Dez&d=Mo_Di_Mi_Do_Fr_Sa_So&t=heute','dp','left=200,top=200,width=230,height=210,toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0');
+ dp.focus();
+ return false;
+}
+
+function validate(val){
+ var ok = validateInput();
+ if(ok == 'true'){
+ var permission = false;
+ if(val == 'save'){
+ permission = confirm("Save changes?");
+ }
+ if(val == 'update'){
+ permission = confirm("Save changes?");
+ }
+ if(val == 'delete'){
+ permission = confirm("Delete User?");
+ }
+ if(val == 'new_pw_ticket'){
+ permission = confirm("Set new password ticket for this user?");
+ }
+ if(permission === true){
+ if(withPasswordInsertion == 'true'){
+ if(document.forms[0].password.value == myPW){
+ document.forms[0].password.value = '';
+ }
+ }
+ document.forms[0].action.value = val;
+ document.forms[0].submit();
+ }
+ }
+}
+function validateInput(){
+ var str_alert = "Input incorrect !";
+ if(document.forms[0].name.value === ''){
+ alert(str_alert);
+ document.forms[0].name.focus();
+ return 'false';
+ }
+ if(withPasswordInsertion == 'true') {
+ if(document.forms[0].password.value === '') {
+ alert(str_alert);
+ document.forms[0].password.focus();
+ return 'false';
+ }
+ if((document.forms[0].password.value != myPW || document.forms[0].v_password.value !== '' )&& document.forms[0].password.value != document.forms[0].v_password.value){
+ alert("Password verification failed. You have to enter the same password twice!");
+ document.forms[0].password.value = myPW;
+ document.forms[0].password.focus();
+ return 'false';
+ }
+ }
+ if(document.forms[0].resolution.value === '') {
+ document.forms[0].resolution.value = 72;
+ return 'true';
+ }
+ if(document.forms[0].login_count.value === '') {
+ document.forms[0].login_count.value = 0;
+ return 'true';
+ }
+ return 'true';
+}
+/**
+ * filter the Userlist by str
+ */
+function filterUser(list, all, str){
+ str=str.toLowerCase();
+ var selection=[];
+ var i,j,selected;
+ for(i=0;i<list.options.length;i++){
+ if (list.options[i].selected) {
+ selection[selection.length] = list.options[i].value;
+ }
+ }
+
+ list.options.length = 1;
+ for(i=0; i<all.length; i++){
+ if (all[i].name.toLowerCase().indexOf(str) == -1) {
+ continue;
+ }
+ selected=false;
+ for(j=0;j<selection.length;j++){
+ if(selection[j]==all[i].id){
+ selected=true;
+ break;
+ }
+ }
+ var newOption = new Option(all[i].name, all[i].id,false,selected);
+ newOption.setAttribute("title", all[i].email);
+ list.options[list.options.length] = newOption;
+ }
+}
+</script>
+</head>
+<body>
+<?php
+#delete
+if ($action == 'delete' && (!isset($editSelf) || !$editSelf)) {
+ $user = new User(intval($selected_user));
+ $user->remove();
+ $selected_user = 'new';
+}
+
+#save
+if($action == 'save'){
+ $user = User::byName($name);
+
+ if (!is_null($user)) {
+ echo "<script language='JavaScript'>alert('"._mb("Username must be unique!")."');</script>";
+ }
+ else {
+ $user = new User(null);
+ $user->name = $name;
+ $user->owner = $owner_id;
+ $user->description = $description;
+ $user->email = $email;
+ $user->phone = $phone;
+ $user->organization = $organization;
+ $user->position = $position;
+ $user->department = $department;
+ $user->resolution = $resolution;
+ $user->firstName = $firstname;
+ $user->lastName = $lastname;
+ $user->academicTitle = $academic_title;
+ $user->fax = $facsimile;
+ $user->street = $street;
+ $user->houseNumber = $housenumber;
+ $user->deliveryPoint = $delivery_point;
+ $user->postalCode = $postal_code;
+ $user->city = $city;
+ $user->country = $country;
+
+ $user->create();
+ $user->setNewUserPasswordTicket();
+
+ if($withPasswordInsertion == 'true' && $password !== '' && $user->validUserPasswordTicket($user->passwordTicket)) {
+ $user->setPassword($password, $user->passwordTicket);
+ }
+
+// TODO: uuid() ????
+ }
+}
+
+#update
+if ($action == 'update') {
+ //check sercurity:
+ // has the user all permissions to do that
+ $user = User::byName($name);
+ if (!is_null($user) && intval($user->id) !== intval($selected_user)) {
+ echo "<script language='JavaScript'>alert('"._mb("Username must be unique!")."');</script>";
+ }
+ else{
+ $user = new User(intval($selected_user));
+ $user->name = $name;
+ $user->owner = $owner_id;
+ $user->description = $description;
+ $user->email = $email;
+ $user->phone = $phone;
+ $user->department = $department;
+ $user->organization = $organization;
+ $user->position = $position;
+ $user->resolution = $resolution;
+ $user->firstName = $firstname;
+ $user->lastName = $lastname;
+ $user->academicTitle = $academic_title;
+ $user->fax = $facsimile;
+ $user->street = $street;
+ $user->houseNumber = $housenumber;
+ $user->deliveryPoint = $delivery_point;
+ $user->postalCode = $postal_code;
+ $user->city = $city;
+ $user->country = $country;
+ $user->loginCount = $login_count;
+
+ $user->commit();
+
+ // TODO: uuid ???
+
+ $user->setNewUserPasswordTicket();
+
+ if($withPasswordInsertion == 'true' && $password !== '' && $user->validUserPasswordTicket($user->passwordTicket)) {
+ $user->setPassword($password, $user->passwordTicket);
+ echo "<script language='JavaScript'>alert('Password has been updated successfully!');</script>";
+ }
+ }
+}
+
+
+if($action == 'new_pw_ticket'){
+ $user = new user(intval($selected_user));
+ $user->setNewUserPasswordTicket();
+}
+
+if (!isset($name) || $selected_user == 'new'){
+ $name = "";
+ $password = "";
+ $owner_id = Mapbender::session()->get("mb_user_id");
+ $owner_name = Mapbender::session()->get("mb_user_name");
+ $description = "";
+ $login_count = 0;
+ $email = "";
+ $phone = "";
+ $department = "";
+ $organization = "";
+ $position = "";
+ $resolution = 72;
+ $firstname = "";
+ $lastname = "";
+ $academic_title = "";
+ $facsimile = "";
+ $street = "";
+ $housenumber = "";
+ $delivery_point = "";
+ $postal_code = "";
+ $city = "";
+ $country = "";
+}
+
+
+/*HTML*****************************************************************************************************/
+
+echo "<form name='form1' action='" . $self ."' method='post'>";
+echo "<table border='0'>";
+#User
+if ((!isset($editSelf) || !$editSelf)) {
+ echo "<tr>";
+ echo "<td>";
+ echo _mb("User").": ";
+ echo "</td>";
+ echo "<td>";
+ echo "<input type='text' value='' onkeyup='filterUser(document.getElementById(\"selecteduser\"),user,this.value);'/>";
+ echo "<br /><select id='selecteduser' name='selected_user' onchange='submit()'>";
+ echo "<option value='new'>"._mb("NEW")."...</option>";
+
+ $filter = new stdClass();
+ if (isset($myUser)) {
+ $filter->owner = Mapbender::session()->get("mb_user_id");
+ }
+ $userArray = User::getList($filter);
+ foreach ($userArray as $user) {
+ echo "<option value='".htmlentities($user->id, ENT_QUOTES, "UTF-8") .
+ "' title='".htmlentities($user->email, ENT_QUOTES, "UTF-8") .
+ "'";
+ if ($selected_user && intval($selected_user) === $user->id) {
+ echo "selected";
+ }
+ echo ">" . htmlentities($user->name, ENT_QUOTES, "UTF-8") . "</option>";
+ $user_id[] = $row["mb_user_id"];
+ $user_name[] = $row["mb_user_name"];
+ $user_email[] = $row["mb_user_email"];
+ }
+ $cnt_user = count($userArray);
+ echo "</select>";
+ echo "</td>";
+ echo "</tr>";
+}
+
+if(isset($selected_user) && $selected_user != 0){
+ $user = new User(intval($selected_user));
+ $data = $user->getFields();
+
+ if ($user->isValid()) {
+ $name = $data["name"];
+ $password = $data["password"];
+ $owner_id = $data["owner"];
+ $description = $data["description"];
+ $login_count = $data["loginCount"];
+ $email = $data["email"];
+ $phone = $data["phone"];
+ $department = $data["department"];
+ $organization = $data["organization"];
+ $position = $data["position"];
+ $resolution = $data["resolution"];
+// $uuid = $data["uuid"];
+ $firstname = $data["firstName"];
+ $lastname = $data["lastName"];
+ $academic_title = $data["academicTitle"];
+ $facsimile = $data["fax"];
+ $street = $data["street"];
+ $housenumber = $data["houseNumber"];
+ $delivery_point = $data["deliveryPoint"];
+ $postal_code = $data["postalCode"];
+ $city = $data["city"];
+ $country = $data["country"];
+
+ }
+}
+
+$owner = new User(intval($owner_id));
+if ($owner->isValid()) {
+ $owner_name = $owner->name;
+}
+
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+#username
+echo "<tr>";
+ echo "<td>"._mb("Username").":</td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='name' value='".htmlentities($name, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+echo "<tr>";
+ echo "<td>"._mb("Firstname").":</td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='firstname' value='".htmlentities($firstname, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+
+echo "<tr>";
+ echo "<td>"._mb("Lastname").":</td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='lastname' value='".htmlentities($lastname, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+echo "<tr>";
+ echo "<td>"._mb("Academic title").":</td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='academic_title' value='".htmlentities($academic_title, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+if($withPasswordInsertion == 'true') {
+ #password
+ echo "<tr>";
+ echo "<td>"._mb("Password").": </td>";
+ echo "<td>";
+ echo "<input type='password' size='30' name='password' value='";
+ if(isset($selected_user) && $selected_user != 'new'){
+ echo $myPW;
+ }
+ echo "' >";
+ echo "<input type='hidden' name='password_plain' value='".htmlentities($password, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+ echo "</tr>";
+
+ #confirm password
+ echo "<tr>";
+ echo "<td>"._mb("Confirm password").": </td>";
+ echo "<td>";
+ echo "<input type='password' size='30' name='v_password' value='";
+ echo "'>";
+ echo "</td>";
+ echo "</tr>";
+}
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+#description
+echo "<tr>";
+ echo "<td>"._mb("Description").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='description' value='".htmlentities($description, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#email
+echo "<tr>";
+ echo "<td>"._mb("Email").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='email' value='".htmlentities($email, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#phone
+echo "<tr>";
+ echo "<td>"._mb("Phone").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='phone' value='".htmlentities($phone, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#fax
+echo "<tr>";
+ echo "<td>"._mb("Facsimile").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='facsimile' value='".htmlentities($facsimile, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+#street
+echo "<tr>";
+ echo "<td>"._mb("Street").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='street' value='".htmlentities($street, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#houseno.
+echo "<tr>";
+ echo "<td>"._mb("Housenumber").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='housenumber' value='".htmlentities($housenumber, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#delivery_point
+echo "<tr>";
+ echo "<td>"._mb("Delivery Point").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='delivery_point' value='".htmlentities($delivery_point, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#postal_code
+echo "<tr>";
+ echo "<td>"._mb("Postal Code").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='postal_code' value='".htmlentities($postal_code, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#city
+echo "<tr>";
+ echo "<td>"._mb("City").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='city' value='".htmlentities($city, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#organization
+echo "<tr>";
+ echo "<td>"._mb("Organization").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='organization' value='".htmlentities($organization, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#department
+echo "<tr>";
+ echo "<td>"._mb("Department").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='department' value='".htmlentities($department, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#position
+echo "<tr>";
+ echo "<td>"._mb("Position").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='position' value='".htmlentities($position, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#country
+echo "<tr>";
+ echo "<td>"._mb("Country").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='country' value='".htmlentities($country, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+#owner
+echo "<tr>";
+ echo "<td>"._mb("Owner").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='owner_name' value='".htmlentities($owner_name, ENT_QUOTES, "UTF-8")."' readonly>";
+ echo "<input type='hidden' size='30' name='owner_id' value='".htmlentities($owner_id, ENT_QUOTES, "UTF-8")."' readonly>";
+ echo "</td>";
+echo "</tr>";
+
+/*
+#uuid
+echo "<tr>";
+ echo "<td>UUID: </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='mb_user_uuid' value='".htmlentities($uuid."' readonly>";
+ echo "</td>";
+echo "</tr>";
+*/
+
+#login_count
+echo "<tr>";
+ echo "<td>"._mb("Login_count").": </td>";
+ echo "<td>";
+ echo "<input type='text' size='30' name='login_count' value='".htmlentities($login_count, ENT_QUOTES, "UTF-8")."'>";
+ echo "</td>";
+echo "</tr>";
+
+#echo"</table>";
+
+#resolution
+#echo "<tr>";
+# echo "<td>Resolution: </td>";
+# echo "<td>";
+ echo "<input type='hidden' size='30' name='resolution' value='".htmlentities($resolution, ENT_QUOTES, "UTF-8")."'>";
+# echo "</td>";
+#echo "</tr>";
+
+
+# blank row
+echo "<tr>";
+ echo "<td colspan='2'> </td>";
+echo "</tr>";
+
+echo "<tr>";
+ echo "<td> </td>";
+ echo "<td>";
+ if($selected_user == 'new' || !isset($selected_user)){
+ echo "<input type='button' value='save' onclick='validate(\"save\")'>";
+ }
+ if(Mapbender::session()->get("mb_user_id") == $owner_id && $selected_user != 'new' && $selected_user != '' ){
+ echo "<input type='button' value='save' onclick='validate(\"update\")'>";
+ if ((!isset($editSelf) || !$editSelf) && intval(Mapbender::session()->get("mb_user_id")) !== intval($selected_user)) {
+ echo "<input type='button' value='delete' onclick='validate(\"delete\")'>";
+ }
+ if($withPasswordInsertion != 'true') {
+ echo "<input type='button' value='Send login data to user' onclick='sendRegisterData();'>";
+ echo " <input type='button' value='New password ticket' onclick='validate(\"new_pw_ticket\");'>";
+ }
+ }
+ echo "</td>";
+echo "</tr>";
+?>
+<input type='hidden' name='action' value=''>
+</table>
+</form>
+<script type="text/javascript">
+<!--
+var user=[];
+<?php
+for($i=0; $i<$cnt_user; $i++){
+ echo "user[".($i)."]=[];\n";
+ echo "user[".($i)."]['id']='" . $user_id[$i] . "';\n";
+ echo "user[".($i)."]['name']='" . $user_name[$i] . "';\n";
+ echo "user[".($i)."]['email']='" . $user_email[$i] . "';\n";
+}
+?>
+// -->
+</script>
+</body>
+</html>
\ No newline at end of file
More information about the Mapbender_commits
mailing list