inc/users.inc.php
author rejo
Fri, 07 Dec 2007 23:52:08 +0000
changeset 43 2d7b36d12274
parent 36 4ec5ab29f634
child 47 ae140472d97c
permissions -rwxr-xr-x
[feladat @ 90] Fixing #1 ("password of user is shown in plain text when edited by admin").
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     1
<?
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     3
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     4
// | PowerAdmin                                                         |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     5
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     6
// | Copyright (c) 1997-2002 The PowerAdmin Team                        |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     7
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     8
// | This source file is subject to the license carried by the overal   |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     9
// | program PowerAdmin as found on http://poweradmin.sf.net            |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    10
// | The PowerAdmin program falls under the QPL License:                |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    11
// | http://www.trolltech.com/developer/licensing/qpl.html              |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    12
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    13
// | Authors: Roeland Nieuwenhuis <trancer <AT> trancer <DOT> nl>       |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    14
// |          Sjeemz <sjeemz <AT> sjeemz <DOT> nl>                      |
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    15
// +--------------------------------------------------------------------+
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    16
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    17
// Filename: users.inc.php
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    18
// Startdate: 26-10-2002
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    19
// Description: all user modifications etc. are done here
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    20
//
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
// $Id: users.inc.php,v 1.8 2003/01/01 22:33:47 azurazu Exp $
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    22
//
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
    24
// Added next line to enable i18n on following definitions. Don't know 
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
    25
// if this is the best (or at least a proper) location for this. /RZ.
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
    26
require_once("inc/i18n.inc.php");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    27
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    28
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    29
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    30
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    31
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    32
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    33
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    34
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    35
 	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    36
 	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    37
 	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    38
                 //When a user id is given, it is excluded from the userlist returned.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    39
                 $add = " WHERE users.id!=$id";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    40
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    41
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    42
	// Make a huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    43
	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    44
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    45
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    46
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    47
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    48
		users.level AS level,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    49
		users.active AS active,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    50
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    51
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    52
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    53
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    54
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    55
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    56
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    57
			users.description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    58
			users.level,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    59
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    60
		ORDER BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    61
			users.fullname
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    62
	 	LIMIT $rowstart,$rowamount";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    63
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    64
	// Execute the huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    65
	$result = $db->query($sqlq);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    66
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    67
	$retcount = 0;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    68
	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    69
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    70
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    71
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    72
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    73
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    74
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    75
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    76
		 "level"                 =>              $r["level"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    77
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    78
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    79
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    80
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    81
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    82
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    83
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    84
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    85
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    86
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    87
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    88
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    89
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    90
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    91
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    92
	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    93
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    94
		$result = $db->query("SELECT id FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    95
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    96
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    97
			return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    99
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   103
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   107
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
 * Gives a textdescribed value of the given levelid
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
 * return values: the text associated with the level
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
function leveldescription($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
	switch($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   115
		case 1:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
			global $NAME_LEVEL_1;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   117
			return $NAME_LEVEL_1;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		case 5:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   120
			global $NAME_LEVEL_5;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   121
			return $NAME_LEVEL_5;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
		case 10:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
			global $NAME_LEVEL_10;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			return $NAME_LEVEL_10;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   126
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
		default:
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
			return "Unknown";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   129
			break;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   130
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   132
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   133
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   135
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   136
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   137
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   138
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   141
	$result = $db->query("SELECT id FROM users WHERE username='$user'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
	if ($result->numRows() == 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
                 return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
        else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
        {
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
   152
        	error(ERR_UNKNOWN);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
 * Get all user info for the given user in an array.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
 * return values: the database style array with the information about the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
function get_user_info($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   162
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   163
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   164
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   165
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   166
		$result = $db->query("SELECT id, username, fullname, email, description, level, active from users where id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   168
		return $r;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
		error(sprintf(ERR_INV_ARGC,"get_user_info", "you gave illegal arguments: $id"));
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
function delete_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   182
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   183
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   184
	if (!level(10))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   185
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   186
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   188
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   189
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
        	$db->query("DELETE FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
        	$db->query("DELETE FROM zones WHERE owner=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   193
        	// No need to check the affected rows. If the affected rows would be 0,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
        	// the user isnt in the dbase, just as we want.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
        }
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   196
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
		error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   199
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   203
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   204
 * Adds a user to the system.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   205
 * return values: true if succesfully added.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   206
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   207
function add_user($user, $password, $fullname, $email, $level, $description, $active)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   208
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   209
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   210
	if (!level(10))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   211
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   212
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   213
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   214
	if (!user_exists($user))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   215
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   216
		// Might have to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   217
		// TODO probably.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   218
		$description = mysql_escape_string($description);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   219
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   220
		// Clean up the fullname
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   221
		$fullname = mysql_escape_string($fullname);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   222
		is_valid_email($email);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   223
8
47dd15d8bb8c [feladat @ 20]
rejo
parents: 4
diff changeset
   224
		$db->query("INSERT INTO users (username, password, fullname, email, description, level, active) VALUES ('$user', '" . md5($password) . "', '$fullname', '$email', '$description', '$level', '$active')");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   225
		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   226
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   227
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   228
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   229
		error(ERR_USER_EXISTS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   230
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   231
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   232
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   233
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   234
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   235
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   236
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   237
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   238
function edit_user($id, $user, $fullname, $email, $level, $description, $active, $password)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   239
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   240
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   241
	if(!level(10)) {
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   242
		error(ERR_LEVEL_10);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   243
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   244
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   245
  	// Might have to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   246
  	// TODO
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   247
	$description = mysql_escape_string($description);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   248
	$fullname = mysql_escape_string($fullname);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   249
	is_valid_email($email);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   250
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   251
	$sqlquery = "UPDATE users set username='$user', fullname='$fullname', email='$email', level=$level, description='$description', active=$active ";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   252
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   253
	if($password != "")
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   254
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   255
		$sqlquery .= ", password= '" . md5($password) . "' ";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   256
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   257
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   258
	$sqlquery .= "where id=$id" ;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   259
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   260
  	// Search the username that right now goes with this ID.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   261
	$result = $db->query("SELECT username from users where id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   262
	$r = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   263
	$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   264
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   265
  	// If the found username with this ID is the given username with the command.. execute.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   266
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   267
	if($r["username"] == $user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   268
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   269
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   270
  		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   271
  	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   272
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   273
  	// Its not.. so the user wants to change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   274
  	// Find if there is an id that has the wished username.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   275
  	$otheruser = $db->query("SELECT id from users where username='$user'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   276
  	if($otheruser->numRows() > 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   277
  	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   278
  		error(ERR_USER_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   279
  	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   280
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   281
  	// Its fine it seems.. :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   282
  	// Lets execute it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   283
  	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   284
  	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   285
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   286
		return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   287
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   288
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   289
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   290
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   291
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   292
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   293
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   294
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   295
function change_user_pass($currentpass, $newpass, $newpass2)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   296
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   297
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   298
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   299
	// Check if the passwords are equal.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   300
	if($newpass != $newpass2)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   301
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   302
		error(ERR_USER_MATCH_NEW_PASS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   303
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   304
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   305
	// Retrieve the users password.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   306
	$result = $db->query("SELECT password, id FROM users WHERE username='". $_SESSION["userlogin"]  ."'");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   307
	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   308
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   309
	// Check the current password versus the database password and execute the update.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   310
	if(md5($currentpass) == $rinfo["password"])
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   311
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   312
		$sqlquery = "update users set password='" . md5($newpass) . "' where id='" . $rinfo["id"] . "'";
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   313
		$db->query($sqlquery);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   314
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   315
		// Logout the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   316
		logout("Pass changed please re-login");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   317
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   318
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   319
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   320
		error(ERR_USER_WRONG_CURRENT_PASS);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   321
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   322
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   323
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   324
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   325
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   326
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   327
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   328
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   329
function get_fullname_from_userid($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   330
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   331
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   332
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   333
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   334
		$result = $db->query("SELECT fullname FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   335
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   336
		return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   337
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   338
	else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   339
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   340
		error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   341
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   342
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   344
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   345
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   346
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   347
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   348
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   349
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   350
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   351
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   352
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   353
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   354
		$result = $db->query("SELECT fullname FROM users WHERE id=$id");
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   355
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   356
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   357
			$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   358
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   359
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   360
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   361
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   362
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   363
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   364
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   365
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   366
}
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   367
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   368
/**
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   369
 * get_owners_from_domainid
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   370
 *
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   371
 * @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   372
 * @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   373
 * @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   374
 */
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   375
function get_owners_from_domainid($id) {
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   376
      
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   377
      global $db;
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   378
      if (is_numeric($id))
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   379
      {
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   380
              $result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=$id AND zones.owner=users.id ORDER by fullname");
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   381
              if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   382
              {
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   383
		      return "";
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   384
              } 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   385
	      else 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   386
	      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   387
                      $names = array();
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   388
                      while ($r = $result->fetchRow()) 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   389
		      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   390
                              $names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   391
                      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   392
                      return implode(', ', $names);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   393
              }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   394
      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   395
      error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   396
}
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   397
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   398
?>