inc/users.inc.php
author peter
Sat, 29 Mar 2008 18:01:53 +0000 (2008-03-29)
changeset 109 34b2d49f52c6
parent 89 61c49e66c9b0
child 113 e7a448dba024
permissions -rwxr-xr-x
[feladat @ 209] Modified some of the INSERT queries to make them compatible with pgSQL
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
71
e1b918eaf69a [feladat @ 118]
peter
parents: 67
diff changeset
     1
<?php
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
47
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     3
/*  PowerAdmin, a friendly web-based admin tool for PowerDNS.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     4
 *  See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     5
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     6
 *  Copyright 2007, 2008  Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     7
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     8
 *  This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     9
 *  it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    10
 *  the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    11
 *  (at your option) any later version.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    12
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    13
 *  This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    14
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    15
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    16
 *  GNU General Public License for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    17
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    18
 *  You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    19
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    20
 */
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
58
78558a77131e [feladat @ 105]
rejo
parents: 55
diff changeset
    22
require_once("inc/toolkit.inc.php");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    24
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    25
/* 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    26
 *  Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    27
 *  user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    28
 *  the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    29
 *  right, and "true" if the user has. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    30
 */
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    31
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    32
function verify_permission($permission) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    33
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    34
        global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    35
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    36
	if ((!isset($_SESSION['userid'])) || (!is_object($db))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    37
		return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    38
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    39
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    40
        // Set current user ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    41
        $userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    42
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    43
        // Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    44
        $query = "SELECT perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    45
			FROM users 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    46
			WHERE id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    47
        $templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    48
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    49
        // Does this user have ueberuser rights?
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    50
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    51
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    52
			WHERE templ_id = " . $db->quote($templ_id) . " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    53
			AND perm_id = '53'";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    54
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    55
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    56
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    57
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    58
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    59
        // Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    60
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    61
			FROM perm_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    62
			WHERE name = " . $db->quote($permission) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    63
        $perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    64
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    65
        // Check if the permission ID is assigned to the template ID. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    66
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    67
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    68
			WHERE templ_id = " . $db->quote($templ_id) . " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    69
			AND perm_id = " . $db->quote($perm_id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    70
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    71
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    72
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    73
        } else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    74
                return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    75
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    76
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    77
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    78
function list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    79
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    80
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    81
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    82
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    83
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    84
	$template_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    85
	while ($template= $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    86
		$tempate_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    87
			"id"	=>	$template['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    88
			"name"	=>	$template['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    89
			"descr"	=>	$template['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    90
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    91
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    92
	return $tempate_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    93
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    94
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    95
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    96
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    97
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    99
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
 	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   103
	$add = '';
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
 	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
 	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
                 //When a user id is given, it is excluded from the userlist returned.
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   107
                 $add = " WHERE users.id!=".$db->quote($id);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
	// Make a huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   115
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
		users.active AS active,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   117
		users.perm_templ AS perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   120
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   121
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			users.description,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   126
			users.perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
		ORDER BY
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   129
			users.fullname";
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   130
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
	// Execute the huge query.
74
43c31dc98305 [feladat @ 121]
peter
parents: 71
diff changeset
   132
	$db->setLimit($rowamount, $rowstart);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   133
	$result = $db->query($sqlq);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   135
	$retcount = 0;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   136
	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   137
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   138
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   141
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
		 "level"                 =>              $r["level"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   152
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   162
		$result = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   163
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   164
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   165
			return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   166
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   168
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   182
	$result = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   183
	if ($result->numRows() == 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   184
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   185
                 return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   186
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   188
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   189
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
        else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
        {
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
   193
        	error(ERR_UNKNOWN);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   196
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   199
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   203
function delete_user($uid,$zones)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   204
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   205
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   206
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   207
	if (($uid != $_SESSION['userid'] && !verify_permission(user_edit_others)) || ($uid == $_SESSION['userid'] && !verify_permission(user_edit_own))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   208
		 error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   209
		 return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   210
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   211
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   212
		if (is_array($zones)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   213
			foreach ($zones as $zone) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   214
				if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   215
					delete_domain($zone['zid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   216
				} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   217
					add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   218
				}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   219
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   220
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   221
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   222
		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   223
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   224
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   225
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   226
		$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   227
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   228
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   229
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   230
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   231
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   232
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   233
function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   234
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   235
	global $db;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   236
	if (!(verify_permission(user_edit_templ_perm))) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   237
		error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   238
	} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   239
		$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   240
		$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   241
		if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   242
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   243
		if($result->numRows() > 0) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   244
			error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   245
			return false;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   246
		} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   247
			$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   248
			$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   249
			if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   250
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   251
			$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   252
			$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   253
			if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   254
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   255
			return true;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   256
		}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   257
	}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   258
}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   259
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   260
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   261
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   262
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   263
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   264
function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   265
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   266
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   267
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   268
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   269
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   270
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   271
	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") || ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   272
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   273
		if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   274
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   275
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   276
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   277
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   278
		if ($active != 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   279
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   280
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   281
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   282
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   283
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   284
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   285
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   286
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   287
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   288
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   289
		// username already exists.
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   290
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   291
		$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   292
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   293
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   294
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   295
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   296
		$usercheck = $result->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   297
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   298
		if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   299
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   300
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   301
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   302
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   303
			
83
90fbb34b3d97 [feladat @ 183]
rejo
parents: 82
diff changeset
   304
			$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   305
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   306
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   307
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   308
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   309
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   310
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   311
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   312
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   313
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   314
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   315
		// another user that goes by the wanted username. So, go ahead!
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   316
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   317
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   318
				username = " . $db->quote($user) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   319
				fullname = " . $db->quote($fullname) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   320
				email = " . $db->quote($email) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   321
				perm_templ = " . $db->quote($perm_templ) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   322
				description = " . $db->quote($description) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   323
				active = " . $db->quote($active) ;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   324
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   325
		if($password != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   326
			$query .= ", password = " . $db->quote(md5($password)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   327
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   328
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   329
		$query .= " WHERE id = " . $db->quote($id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   330
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   331
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   332
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   333
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   334
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   335
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   336
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   337
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   338
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   339
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   340
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   341
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   342
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   344
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   345
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   346
function change_user_pass($details) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   347
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   348
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   349
	if ($details['newpass'] != $details['newpass2']) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   350
		error(ERR_USER_MATCH_NEW_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   351
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   352
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   353
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   354
	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   355
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   356
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   357
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   358
	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   359
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   360
	if(md5($details['currentpass']) == $rinfo['password']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   361
		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   362
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   363
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   364
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   365
		logout( _('Password has been changed, please login.')); 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   366
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   367
		error(ERR_USER_WRONG_CURRENT_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   368
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   369
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   370
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   371
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   372
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   373
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   374
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   375
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   376
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   377
function get_fullname_from_userid($id) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   378
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   379
	if (is_numeric($id)) {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   380
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   381
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   382
		return $r["fullname"];
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   383
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   384
		error(ERR_INV_ARG);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   385
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   386
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   387
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   388
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   389
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   390
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   391
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   392
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   393
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   394
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   395
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   396
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   397
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   398
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   399
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   400
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   401
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   402
			$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   403
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   404
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   405
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   406
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   407
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   408
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   409
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   410
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   411
}
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   412
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   413
/**
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   414
 * get_owners_from_domainid
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   415
 *
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   416
 * @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   417
 * @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   418
 * @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   419
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   420
function get_fullnames_owners_from_domainid($id) {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   421
      
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   422
      global $db;
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   423
      if (is_numeric($id))
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   424
      {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   425
              $result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   426
              if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   427
              {
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   428
		      return "";
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   429
              } 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   430
	      else 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   431
	      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   432
                      $names = array();
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   433
                      while ($r = $result->fetchRow()) 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   434
		      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   435
                              $names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   436
                      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   437
                      return implode(', ', $names);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   438
              }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   439
      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   440
      error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   441
}
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   442
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   443
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   444
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   445
function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   446
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   447
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   448
	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   449
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   450
	if (is_numeric($zoneid)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   451
		$result = $db->query("SELECT zones.id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   452
				FROM zones 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   453
				WHERE zones.owner = " . $db->quote($userid) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   454
				AND zones.domain_id = ". $db->quote($zoneid)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   455
		if ($result->numRows() == 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   456
			return "0";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   457
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   458
			return "1";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   459
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   460
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   461
	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   462
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   463
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   464
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   465
function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   466
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   467
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   468
	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   469
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   470
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   471
	if (v_num($specific)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   472
		$sql_add = "AND users.id = " . $db->quote($specific) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   473
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   474
		if (verify_permission(user_view_others)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   475
			$sql_add = "";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   476
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   477
			$sql_add = "AND users.id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   478
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   479
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   480
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   481
	$query = "SELECT users.id AS uid, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   482
			username, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   483
			fullname, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   484
			email, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   485
			description AS descr,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   486
			active,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   487
			perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   488
			perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   489
			perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   490
			FROM users, perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   491
			WHERE users.perm_templ = perm_templ.id " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   492
			. $sql_add . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   493
			ORDER BY username";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   494
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   495
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   496
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   497
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   498
	while ($user = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   499
		$userlist[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   500
			"uid"		=>	$user['uid'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   501
			"username"	=>	$user['username'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   502
			"fullname"	=>	$user['fullname'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   503
			"email"		=>	$user['email'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   504
			"descr"		=>	$user['descr'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   505
			"active"	=>	$user['active'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   506
			"tpl_id"	=>	$user['tpl_id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   507
			"tpl_name"	=>	$user['tpl_name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   508
			"tpl_descr"	=>	$user['tpl_descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   509
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   510
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   511
	return $userlist;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   512
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   513
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   514
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   515
// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   516
// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   517
// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   518
// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   519
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   520
function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   521
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   522
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   523
	if ($templ_id > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   524
		$limit = ", perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   525
			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   526
			AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   527
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   528
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   529
	$query = "SELECT perm_items.id AS id, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   530
			perm_items.name AS name, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   531
			perm_items.descr AS descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   532
			FROM perm_items" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   533
			. $limit . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   534
			ORDER BY descr";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   535
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   536
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   537
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   538
	$permission_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   539
	while ($permission = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   540
		if ($return_name_only == false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   541
			$permission_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   542
				"id"	=>	$permission['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   543
				"name"	=>	$permission['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   544
				"descr"	=>	$permission['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   545
				);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   546
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   547
			$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   548
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   549
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   550
	return $permission_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   551
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   552
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   553
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   554
// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   555
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   556
function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   557
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   558
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   559
	$query = "SELECT *
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   560
			FROM perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   561
			WHERE perm_templ.id = " . $db->quote($templ_id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   562
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   563
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   564
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   565
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   566
	$details = $result->fetchRow(); 
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   567
	return $details;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   568
}	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   569
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   570
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   571
// Get a list of all available permission templates.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   572
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   573
function get_list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   574
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   575
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   576
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   577
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   578
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   579
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   580
	$perm_templ_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   581
	while ($perm_templ = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   582
		$perm_templ_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   583
			"id"	=>	$perm_templ['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   584
			"name"	=>	$perm_templ['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   585
			"descr"	=>	$perm_templ['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   586
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   587
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   588
	return $perm_templ_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   589
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   590
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   591
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   592
// Add a permission template.
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   593
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   594
function add_perm_templ($details) {
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   595
	global $db;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   596
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   597
	// Fix permission template name and description first. 
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   598
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   599
	$query = "INSERT INTO perm_templ (name, descr)
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   600
			VALUES (" 
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   601
				. $db->quote($details['templ_name']) . ", " 
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   602
				. $db->quote($details['templ_descr']) . ")";
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   603
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   604
	$result = $db->query($query);
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   605
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   606
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   607
	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   608
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   609
	foreach ($details['perm_id'] AS $perm_id) {
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   610
		$r_insert_values[] = "(" . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")";
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   611
	}
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   612
	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   613
	$result = $db->query($query);
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   614
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   615
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   616
	return true;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   617
}
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   618
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   619
// Update all details of a permission template.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   620
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   621
function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   622
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   623
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   624
	// Fix permission template name and description first. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   625
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   626
	$query = "UPDATE perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   627
			SET name = " . $db->quote($details['templ_name']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   628
			descr = " . $db->quote($details['templ_descr']) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   629
			WHERE id = " . $db->quote($details['templ_id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   630
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   631
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   632
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   633
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   634
	// Now, update list of permissions assigned to this template. We could do 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   635
	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   636
	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   637
	// apply the difference between these two lists to the database. That sounds 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   638
	// like to much work. Just delete all the permissions currently assigned to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   639
	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   640
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   641
	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   642
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   643
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   644
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   645
	foreach ($details['perm_id'] AS $perm_id) {
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   646
		$r_insert_values[] = "(" . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   647
	}
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   648
	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   649
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   650
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   651
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   652
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   653
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   654
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   655
function update_user_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   656
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   657
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   658
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   659
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   660
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   661
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   662
	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") || 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   663
			($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   664
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   665
		if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   666
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   667
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   668
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   669
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   670
		if (!isset($details['active']) || $details['active'] != "on" ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   671
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   672
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   673
			$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   674
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   675
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   676
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   677
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   678
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   679
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   680
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   681
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   682
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   683
		// username already exists.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   684
		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   685
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   686
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   687
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   688
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   689
		$usercheck = $result->fetchRow();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   690
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   691
		if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   692
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   693
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   694
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   695
			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   696
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   697
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   698
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   699
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   700
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   701
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   702
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   703
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   704
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   705
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   706
		// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   707
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   708
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   709
				username = " . $db->quote($details['username']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   710
				fullname = " . $db->quote($details['fullname']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   711
				email = " . $db->quote($details['email']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   712
				perm_templ = " . $db->quote($details['templ_id']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   713
				description = " . $db->quote($details['descr']) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   714
				active = " . $db->quote($active) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   715
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   716
		// TODO Check if function works if password is set too.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   717
		if($details['password'] != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   718
			$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   719
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   720
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   721
		$query .= " WHERE id = " . $db->quote($details['uid']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   722
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   723
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   724
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   725
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   726
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   727
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   728
		return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   729
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   730
	return true;		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   731
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   732
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   733
// Add a new user
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   734
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   735
function add_new_user($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   736
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   737
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   738
	if (!verify_permission(user_add_new)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   739
		error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   740
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   741
	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   742
		error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   743
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   744
	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   745
		error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   746
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   747
	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   748
		$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   749
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   750
		$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   751
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   752
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   753
	$query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES ("
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   754
			. $db->quote($details['username']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   755
			. $db->quote(md5($details['password'])) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   756
			. $db->quote($details['fullname']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   757
			. $db->quote($details['email']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   758
			. $db->quote($details['descr']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   759
			. $db->quote($details['perm_templ']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   760
			. $db->quote($active) 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   761
			. ")";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   762
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   763
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   764
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   765
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   766
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   767
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   768
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   769
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   770
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   771
?>