poweradmin: inc/users.inc.php@5ac118d6556c (annotated)

71 e1b918eaf69a [feladat @ 118] peter parents: 67 diff changeset	1	<?php
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	2
119 f74e4f88b680 [feladat @ 222] rejo parents: 113 diff changeset	3	/* Poweradmin, a friendly web-based admin tool for PowerDNS.
47 ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	4	* See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	5	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	6	* Copyright 2007, 2008 Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	7	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	8	* This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	9	* it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	10	* the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	11	* (at your option) any later version.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	12	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	13	* This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	16	* GNU General Public License for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	17	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	18	* You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	19	* along with this program. If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	20	*/
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	21
58 78558a77131e [feladat @ 105] rejo parents: 55 diff changeset	22	require_once("inc/toolkit.inc.php");
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	23
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	24
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	25	/*
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	26	* Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	27	* user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	28	* the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	29	* right, and "true" if the user has.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	30	*/
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	31
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	32	function verify_permission($permission) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	33
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	34	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	35
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	36	if ((!isset($_SESSION['userid'])) \|\| (!is_object($db))) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	37	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	38	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	39
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	40	// Set current user ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	41	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	42
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	43	$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser', 'text');
113 e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	44	$ueberUserId = $db->queryOne($query);
e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	45
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	46	// Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	47	$query = "SELECT perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	48	FROM users
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	49	WHERE id = " . $db->quote($userid, 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	50	$templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	51
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	52	// Does this user have ueberuser rights?
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	53	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	54	FROM perm_templ_items
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	55	WHERE templ_id = " . $db->quote($templ_id, 'integer') . "
113 e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	56	AND perm_id = ".$ueberUserId;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	57	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	58	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	59	if ( $response->numRows() > 0 ) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	60	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	61	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	62
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	63	// Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	64	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	65	FROM perm_items
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	66	WHERE name = " . $db->quote($permission, 'text') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	67	$perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	68
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	69	// Check if the permission ID is assigned to the template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	70	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	71	FROM perm_templ_items
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	72	WHERE templ_id = " . $db->quote($templ_id, 'integer') . "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	73	AND perm_id = " . $db->quote($perm_id, 'integer') ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	74	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	75	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	76	if ( $response->numRows() > 0 ) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	77	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	78	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	79	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	80	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	81	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	82
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	83	function list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	84	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	85	$query = "SELECT * FROM perm_templ";
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	86	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	87	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	88
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	89	$template_list = array();
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	90	while ($template= $response->fetchRow()) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	91	$tempate_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	92	"id" => $template['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	93	"name" => $template['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	94	"descr" => $template['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	95	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	96	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	97	return $tempate_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	98	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	99
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	100	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	101	* Retrieve all users.
58094faf794d [feladat @ 2] rejo parents: diff changeset	102	* Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2] rejo parents: diff changeset	103	* return values: an array with all users in it.
58094faf794d [feladat @ 2] rejo parents: diff changeset	104	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	105	function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2] rejo parents: diff changeset	106	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	107	global $db;
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	108	$add = '';
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	109	if(is_numeric($id)) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	110	//When a user id is given, it is excluded from the userlist returned.
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	111	$add = " WHERE users.id!=".$db->quote($id, 'integer');
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	112	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	113
58094faf794d [feladat @ 2] rejo parents: diff changeset	114	// Make a huge query.
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	115	$query = "SELECT users.id AS id,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	116	users.username AS username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	117	users.fullname AS fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	118	users.email AS email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	119	users.description AS description,
58094faf794d [feladat @ 2] rejo parents: diff changeset	120	users.active AS active,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	121	users.perm_templ AS perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	122	count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2] rejo parents: diff changeset	123	LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2] rejo parents: diff changeset	124	GROUP BY
58094faf794d [feladat @ 2] rejo parents: diff changeset	125	users.id,
58094faf794d [feladat @ 2] rejo parents: diff changeset	126	users.username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	127	users.fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	128	users.email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	129	users.description,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	130	users.perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	131	users.active
58094faf794d [feladat @ 2] rejo parents: diff changeset	132	ORDER BY
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	133	users.fullname";
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	134
58094faf794d [feladat @ 2] rejo parents: diff changeset	135	// Execute the huge query.
74 43c31dc98305 [feladat @ 121] peter parents: 71 diff changeset	136	$db->setLimit($rowamount, $rowstart);
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	137	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	138	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	139	$ret = array();
58094faf794d [feladat @ 2] rejo parents: diff changeset	140	$retcount = 0;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	141	while ($r = $response->fetchRow()) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	142	$ret[] = array(
58094faf794d [feladat @ 2] rejo parents: diff changeset	143	"id" => $r["id"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	144	"username" => $r["username"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	145	"fullname" => $r["fullname"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	146	"email" => $r["email"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	147	"description" => $r["description"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	148	"active" => $r["active"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	149	"numdomains" => $r["aantal"]
58094faf794d [feladat @ 2] rejo parents: diff changeset	150	);
58094faf794d [feladat @ 2] rejo parents: diff changeset	151	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	152	return $ret;
58094faf794d [feladat @ 2] rejo parents: diff changeset	153	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	154
58094faf794d [feladat @ 2] rejo parents: diff changeset	155
58094faf794d [feladat @ 2] rejo parents: diff changeset	156	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	157	* Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	158	* return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	159	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	160	function is_valid_user($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	161	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	162	global $db;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	163	if(is_numeric($id)) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	164	$response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id, 'integer'));
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	165	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	166	if ($response->numRows() == 1) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	167	return true;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	168	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	169	return false;
58094faf794d [feladat @ 2] rejo parents: diff changeset	170	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	171	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	172	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	173
58094faf794d [feladat @ 2] rejo parents: diff changeset	174
58094faf794d [feladat @ 2] rejo parents: diff changeset	175	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	176	* Checks if a given username exists in the database.
58094faf794d [feladat @ 2] rejo parents: diff changeset	177	* return values: true if exists, false if not.
58094faf794d [feladat @ 2] rejo parents: diff changeset	178	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	179	function user_exists($user)
58094faf794d [feladat @ 2] rejo parents: diff changeset	180	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	181	global $db;
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	182	$response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user, 'text'));
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	183	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	184	if ($response->numRows() == 0) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	185	return false;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	186	} elseif ($response->numRows() == 1) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	187	return true;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	188	} else {
4 55ed92aa7cf5 [feladat @ 5] rejo parents: 1 diff changeset	189	error(ERR_UNKNOWN);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	190	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	191	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	192
58094faf794d [feladat @ 2] rejo parents: diff changeset	193
58094faf794d [feladat @ 2] rejo parents: diff changeset	194
58094faf794d [feladat @ 2] rejo parents: diff changeset	195	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	196	* Delete a user from the system
58094faf794d [feladat @ 2] rejo parents: diff changeset	197	* return values: true if user doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	198	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	199	function delete_user($uid,$zones)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	200	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	201	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	202
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	203	if (($uid != $_SESSION['userid'] && !verify_permission('user_edit_others')) \|\| ($uid == $_SESSION['userid'] && !verify_permission('user_edit_own'))) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	204	error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	205	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	206	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	207
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	208	if (is_array($zones)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	209	foreach ($zones as $zone) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	210	if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	211	delete_domain($zone['zid']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	212	} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	213	add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	214	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	215	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	216	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	217
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	218	$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid, 'integer') ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	219	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	220	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	221
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	222	$query = "DELETE FROM users WHERE id = " . $db->quote($uid, 'integer') ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	223	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	224	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	225	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	226	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	227	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	228
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	229	function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	230
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	231	global $db;
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	232	if (!(verify_permission('user_edit_templ_perm'))) {
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	233	error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	234	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	235	$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	236	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	237	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	238
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	239	if($response->numRows() > 0) {
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	240	error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	241	return false;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	242	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	243	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	244	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	245	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	246
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	247	$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	248	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	249	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	250
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	251	return true;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	252	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	253	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	254	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	255
58094faf794d [feladat @ 2] rejo parents: diff changeset	256	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	257	* Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2] rejo parents: diff changeset	258	* return values: true if succesful
58094faf794d [feladat @ 2] rejo parents: diff changeset	259	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	260	function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	261	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	262	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	263
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	264	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	265	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	266
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	267	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") \|\| ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	268
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	269	if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	270	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	271	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	272	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	273
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	274	if ($active != 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	275	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	276	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	277
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	278	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	279	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	280	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	281	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	282	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	283	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	284	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	285	// username already exists.
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	286
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	287	$query = "SELECT username FROM users WHERE id = " . $db->quote($id, 'integer');
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	288	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	289	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	290
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	291	$usercheck = array();
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	292	$usercheck = $response->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	293
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	294	if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	295
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	296	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	297	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	298	// sure it doesn't already exist.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	299
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	300	$query = "SELECT id FROM users WHERE username = " . $db->quote($user, 'integer');
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	301	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	302	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	303
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	304	if($response->numRows() > 0) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	305	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	306	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	307	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	308	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	309
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	310	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	311	// another user that goes by the wanted username. So, go ahead!
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	312
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	313	$query = "UPDATE users SET
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	314	username = " . $db->quote($user, 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	315	fullname = " . $db->quote($fullname, 'text') . ",
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	316	email = " . $db->quote($email, 'text') . ",";
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	317	if (verify_permission('user_edit_templ_perm')) {
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	318	$query .= "perm_templ = " . $db->quote($perm_templ, 'integer') . ",";
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	319	}
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	320	$query .= "description = " . $db->quote($description, 'text') . ",
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	321	active = " . $db->quote($active, 'integer') ;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	322
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	323	if($password != "") {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	324	$query .= ", password = " . $db->quote(md5($password), 'text') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	325	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	326
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	327	$query .= " WHERE id = " . $db->quote($id, 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	328
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	329	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	330	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	331
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	332	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	333	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	334	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	335	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	336	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	337	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	338
58094faf794d [feladat @ 2] rejo parents: diff changeset	339	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	340	* Change the pass of the user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	341	* The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2] rejo parents: diff changeset	342	* return values: none.
58094faf794d [feladat @ 2] rejo parents: diff changeset	343	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	344	function change_user_pass($details) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	345	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	346
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	347	if ($details['newpass'] != $details['newpass2']) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	348	error(ERR_USER_MATCH_NEW_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	349	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	350	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	351
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	352	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"], 'text');
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	353	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	354	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	355
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	356	$rinfo = $response->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	357
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	358	if(md5($details['currentpass']) == $rinfo['password']) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	359	$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass']), 'text') . " WHERE id = " . $db->quote($rinfo['id'], 'integer') ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	360	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	361	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	362
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	363	logout( _('Password has been changed, please login.'));
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	364	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	365	error(ERR_USER_WRONG_CURRENT_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	366	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	367	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	368	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	369
58094faf794d [feladat @ 2] rejo parents: diff changeset	370
58094faf794d [feladat @ 2] rejo parents: diff changeset	371	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	372	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	373	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	374	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	375	function get_fullname_from_userid($id) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	376	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	377	if (is_numeric($id)) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	378	$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	379	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	380	$r = $response->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	381	return $r["fullname"];
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	382	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	383	error(ERR_INV_ARG);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	384	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	385	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	386	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	387
58094faf794d [feladat @ 2] rejo parents: diff changeset	388
58094faf794d [feladat @ 2] rejo parents: diff changeset	389	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	390	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	391	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	392	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	393	function get_owner_from_id($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	394	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	395	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	396	if (is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	397	{
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	398	$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	399	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	400	if ($response->numRows() == 1)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	401	{
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	402	$r = $response->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	403	return $r["fullname"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	404	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	405	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	406	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	407	error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2] rejo parents: diff changeset	408	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	409	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	410	error(ERR_INV_ARG);
58094faf794d [feladat @ 2] rejo parents: diff changeset	411	}
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	412
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	413	/**
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	414	* get_owners_from_domainid
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	415	*
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	416	* @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	417	* @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	418	* @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	419	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	420	function get_fullnames_owners_from_domainid($id) {
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	421
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	422	global $db;
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	423	if (is_numeric($id)) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	424	$response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id, 'integer')." AND zones.owner=users.id ORDER by fullname");
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	425	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	426	if ($response->numRows() == 0) {
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	427	return "";
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	428	} else {
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	429	$names = array();
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	430	while ($r = $response->fetchRow()) {
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	431	$names[] = $r['fullname'];
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	432	}
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	433	return implode(', ', $names);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	434	}
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	435	}
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	436	error(ERR_INV_ARG);
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	437	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	438
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	439
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	440
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	441	function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	442	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	443
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	444	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	445
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	446	if (is_numeric($zoneid)) {
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	447	$response = $db->query("SELECT zones.id
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	448	FROM zones
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	449	WHERE zones.owner = " . $db->quote($userid, 'integer') . "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	450	AND zones.domain_id = ". $db->quote($zoneid, 'integer')) ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	451	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	452	if ($response->numRows() == 0) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	453	return "0";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	454	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	455	return "1";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	456	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	457	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	458	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	459	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	460
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	461
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	462	function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	463
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	464	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	465	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	466
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	467
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	468	if (v_num($specific)) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	469	$sql_add = "AND users.id = " . $db->quote($specific, 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	470	} else {
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	471	if (verify_permission('user_view_others')) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	472	$sql_add = "";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	473	} else {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	474	$sql_add = "AND users.id = " . $db->quote($userid, 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	475	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	476	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	477
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	478	$query = "SELECT users.id AS uid,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	479	username,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	480	fullname,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	481	email,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	482	description AS descr,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	483	active,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	484	perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	485	perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	486	perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	487	FROM users, perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	488	WHERE users.perm_templ = perm_templ.id "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	489	. $sql_add . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	490	ORDER BY username";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	491
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	492	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	493	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	494
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	495	while ($user = $response->fetchRow()) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	496	$userlist[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	497	"uid" => $user['uid'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	498	"username" => $user['username'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	499	"fullname" => $user['fullname'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	500	"email" => $user['email'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	501	"descr" => $user['descr'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	502	"active" => $user['active'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	503	"tpl_id" => $user['tpl_id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	504	"tpl_name" => $user['tpl_name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	505	"tpl_descr" => $user['tpl_descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	506	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	507	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	508	return $userlist;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	509	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	510
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	511
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	512	// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	513	// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	514	// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	515	// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	516
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	517	function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	518	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	519
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	520	if ($templ_id > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	521	$limit = ", perm_templ_items
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	522	WHERE perm_templ_items.templ_id = " . $db->quote($templ_id, 'integer') . "
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	523	AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	524	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	525
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	526	$query = "SELECT perm_items.id AS id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	527	perm_items.name AS name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	528	perm_items.descr AS descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	529	FROM perm_items"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	530	. $limit . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	531	ORDER BY descr";
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	532	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	533	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	534
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	535	$permission_list = array();
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	536	while ($permission = $response->fetchRow()) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	537	if ($return_name_only == false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	538	$permission_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	539	"id" => $permission['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	540	"name" => $permission['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	541	"descr" => $permission['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	542	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	543	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	544	$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	545	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	546	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	547	return $permission_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	548	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	549
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	550
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	551	// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	552
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	553	function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	554	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	555
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	556	$query = "SELECT *
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	557	FROM perm_templ
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	558	WHERE perm_templ.id = " . $db->quote($templ_id, 'integer');
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	559
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	560	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	561	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	562
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	563	$details = $response->fetchRow();
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	564	return $details;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	565	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	566
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	567
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	568	// Get a list of all available permission templates.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	569
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	570	function get_list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	571	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	572
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	573	$query = "SELECT * FROM perm_templ";
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	574	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	575	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	576
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	577	$perm_templ_list = array();
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	578	while ($perm_templ = $response->fetchRow()) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	579	$perm_templ_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	580	"id" => $perm_templ['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	581	"name" => $perm_templ['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	582	"descr" => $perm_templ['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	583	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	584	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	585	return $perm_templ_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	586	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	587
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	588
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	589	// Add a permission template.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	590
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	591	function add_perm_templ($details) {
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	592	global $db;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	593
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	594	// Fix permission template name and description first.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	595
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	596	$query = "INSERT INTO perm_templ (name, descr)
34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	597	VALUES ("
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	598	. $db->quote($details['templ_name'], 'text') . ", "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	599	. $db->quote($details['templ_descr'], 'text') . ")";
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	600
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	601	$response = $db->query($query);
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	602	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	603
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	604	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	605
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	606	foreach ($details['perm_id'] AS $perm_id) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	607	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id, 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	608	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	609	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	610	}
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	611
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	612	return true;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	613	}
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	614
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	615	// Update all details of a permission template.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	616
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	617	function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	618	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	619
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	620	// Fix permission template name and description first.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	621
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	622	$query = "UPDATE perm_templ
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	623	SET name = " . $db->quote($details['templ_name'], 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	624	descr = " . $db->quote($details['templ_descr'], 'text') . "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	625	WHERE id = " . $db->quote($details['templ_id'], 'integer') ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	626	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	627	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	628
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	629	// Now, update list of permissions assigned to this template. We could do
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	630	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	631	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	632	// apply the difference between these two lists to the database. That sounds
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	633	// like too much work. Just delete all the permissions currently assigned to
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	634	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	635
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	636	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	637	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	638	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	639
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	640	foreach ($details['perm_id'] AS $perm_id) {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	641	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id'], 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	642	$response = $db->query($query);
7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	643	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	644	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	645
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	646	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	647	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	648
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	649	function update_user_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	650
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	651	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	652
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	653	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	654	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	655	verify_permission('templ_perm_edit') ? $perm_templ_perm_edit = "1" : $perm_templ_perm_edit = "0" ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	656
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	657	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") \|\|
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	658	($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	659
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	660	if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	661	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	662	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	663	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	664
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	665	if (!isset($details['active']) \|\| $details['active'] != "on" ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	666	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	667	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	668	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	669	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	670
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	671	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	672	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	673	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	674	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	675	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	676	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	677	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	678	// username already exists.
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	679	$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid'], 'integer');
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	680	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	681	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	682
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	683	$usercheck = array();
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	684	$usercheck = $response->fetchRow();
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	685
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	686	if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	687	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	688	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	689	// sure it doesn't already exist.
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	690	$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username'], 'text');
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	691	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	692	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	693
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	694	if($response->numRows() > 0) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	695	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	696	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	697	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	698	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	699
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	700	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	701	// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	702
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	703	$query = "UPDATE users SET
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	704	username = " . $db->quote($details['username'], 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	705	fullname = " . $db->quote($details['fullname'], 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	706	email = " . $db->quote($details['email'], 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	707	description = " . $db->quote($details['descr'], 'text') . ",
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	708	active = " . $db->quote($active, 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	709
183 aae57715199e [feladat @ 291] rejo parents: 126 diff changeset	710	// If the user is alllowed to change the permission template, set it.
aae57715199e [feladat @ 291] rejo parents: 126 diff changeset	711	if ($perm_templ_perm_edit == "1") {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	712	$query .= ", perm_templ = " . $db->quote($details['templ_id'], 'integer') ;
183 aae57715199e [feladat @ 291] rejo parents: 126 diff changeset	713
aae57715199e [feladat @ 291] rejo parents: 126 diff changeset	714	}
aae57715199e [feladat @ 291] rejo parents: 126 diff changeset	715
184 b60b88b1ae08 [feladat @ 292] rejo parents: 183 diff changeset	716	if(isset($details['password']) && $details['password'] != "") {
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	717	$query .= ", password = " . $db->quote(md5($details['password']), 'text');
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	718	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	719
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	720	$query .= " WHERE id = " . $db->quote($details['uid'], 'integer') ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	721
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	722	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	723	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	724
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	725	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	726	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	727	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	728	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	729	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	730	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	731
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	732	// Add a new user
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	733
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	734	function add_new_user($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	735	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	736
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	737	if (!verify_permission('user_add_new')) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	738	error(ERR_PERM_ADD_USER);
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	739	return false;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	740	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	741	error(ERR_USER_EXISTS);
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	742	return false;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	743	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	744	error(ERR_INV_EMAIL);
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	745	return false;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	746	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	747	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	748	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	749	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	750	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	751
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	752	$query = "INSERT INTO users (username, password, fullname, email, description,";
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	753	if (verify_permission('user_edit_templ_perm')) {
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	754	$query .= ' perm_templ,';
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	755	}
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	756	$query .= " active) VALUES ("
192 3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	757	. $db->quote($details['username'], 'text') . ", "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	758	. $db->quote(md5($details['password']), 'text') . ", "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	759	. $db->quote($details['fullname'], 'text') . ", "
3d18290ac993 [feladat @ 302] peter parents: 190 diff changeset	760	. $db->quote($details['email'], 'text') . ", "
195 5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	761	. $db->quote($details['descr'], 'text') . ", ";
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	762	if (verify_permission('user_edit_templ_perm')) {
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	763	$query .= $db->quote($details['perm_templ'], 'integer') . ", ";
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	764	}
5ac118d6556c [feladat @ 308] peter parents: 192 diff changeset	765	$query .= $db->quote($active, 'integer')
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	766	. ")";
190 7a683326ccec [feladat @ 299] rejo parents: 188 diff changeset	767	$response = $db->query($query);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	768	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	769
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	770	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	771	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	772
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	773
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	774
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	775	?>

author	peter
	Mon, 10 Nov 2008 21:07:14 +0000
changeset 195	5ac118d6556c
parent 192	3d18290ac993
permissions	-rw-r--r--