poweradmin: inc/users.inc.php@61c49e66c9b0 (annotated)

71 e1b918eaf69a [feladat @ 118] peter parents: 67 diff changeset	1	<?php
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	2
47 ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	3	/* PowerAdmin, a friendly web-based admin tool for PowerDNS.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	4	* See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	5	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	6	* Copyright 2007, 2008 Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	7	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	8	* This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	9	* it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	10	* the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	11	* (at your option) any later version.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	12	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	13	* This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	16	* GNU General Public License for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	17	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	18	* You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	19	* along with this program. If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	20	*/
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	21
58 78558a77131e [feladat @ 105] rejo parents: 55 diff changeset	22	require_once("inc/toolkit.inc.php");
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	23
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	24
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	25	/*
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	26	* Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	27	* user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	28	* the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	29	* right, and "true" if the user has.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	30	*/
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	31
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	32	function verify_permission($permission) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	33
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	34	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	35
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	36	if ((!isset($_SESSION['userid'])) \|\| (!is_object($db))) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	37	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	38	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	39
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	40	// Set current user ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	41	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	42
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	43	// Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	44	$query = "SELECT perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	45	FROM users
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	46	WHERE id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	47	$templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	48
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	49	// Does this user have ueberuser rights?
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	50	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	51	FROM perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	52	WHERE templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	53	AND perm_id = '53'";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	54	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	55	if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	56	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	57	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	58
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	59	// Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	60	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	61	FROM perm_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	62	WHERE name = " . $db->quote($permission) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	63	$perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	64
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	65	// Check if the permission ID is assigned to the template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	66	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	67	FROM perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	68	WHERE templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	69	AND perm_id = " . $db->quote($perm_id) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	70	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	71	if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	72	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	73	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	74	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	75	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	76	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	77
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	78	function list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	79	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	80	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	81	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	82	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	83
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	84	$template_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	85	while ($template= $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	86	$tempate_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	87	"id" => $template['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	88	"name" => $template['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	89	"descr" => $template['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	90	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	91	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	92	return $tempate_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	93	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	94
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	95	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	96	* Retrieve all users.
58094faf794d [feladat @ 2] rejo parents: diff changeset	97	* Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2] rejo parents: diff changeset	98	* return values: an array with all users in it.
58094faf794d [feladat @ 2] rejo parents: diff changeset	99	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	100	function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2] rejo parents: diff changeset	101	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	102	global $db;
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	103	$add = '';
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	104	if(is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	105	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	106	//When a user id is given, it is excluded from the userlist returned.
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	107	$add = " WHERE users.id!=".$db->quote($id);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	108	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	109
58094faf794d [feladat @ 2] rejo parents: diff changeset	110	// Make a huge query.
58094faf794d [feladat @ 2] rejo parents: diff changeset	111	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2] rejo parents: diff changeset	112	users.username AS username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	113	users.fullname AS fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	114	users.email AS email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	115	users.description AS description,
58094faf794d [feladat @ 2] rejo parents: diff changeset	116	users.active AS active,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	117	users.perm_templ AS perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	118	count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2] rejo parents: diff changeset	119	LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2] rejo parents: diff changeset	120	GROUP BY
58094faf794d [feladat @ 2] rejo parents: diff changeset	121	users.id,
58094faf794d [feladat @ 2] rejo parents: diff changeset	122	users.username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	123	users.fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	124	users.email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	125	users.description,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	126	users.perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	127	users.active
58094faf794d [feladat @ 2] rejo parents: diff changeset	128	ORDER BY
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	129	users.fullname";
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	130
58094faf794d [feladat @ 2] rejo parents: diff changeset	131	// Execute the huge query.
74 43c31dc98305 [feladat @ 121] peter parents: 71 diff changeset	132	$db->setLimit($rowamount, $rowstart);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	133	$result = $db->query($sqlq);
58094faf794d [feladat @ 2] rejo parents: diff changeset	134	$ret = array();
58094faf794d [feladat @ 2] rejo parents: diff changeset	135	$retcount = 0;
58094faf794d [feladat @ 2] rejo parents: diff changeset	136	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2] rejo parents: diff changeset	137	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	138	$ret[] = array(
58094faf794d [feladat @ 2] rejo parents: diff changeset	139	"id" => $r["id"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	140	"username" => $r["username"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	141	"fullname" => $r["fullname"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	142	"email" => $r["email"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	143	"description" => $r["description"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	144	"level" => $r["level"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	145	"active" => $r["active"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	146	"numdomains" => $r["aantal"]
58094faf794d [feladat @ 2] rejo parents: diff changeset	147	);
58094faf794d [feladat @ 2] rejo parents: diff changeset	148	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	149	return $ret;
58094faf794d [feladat @ 2] rejo parents: diff changeset	150	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	151
58094faf794d [feladat @ 2] rejo parents: diff changeset	152
58094faf794d [feladat @ 2] rejo parents: diff changeset	153	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	154	* Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	155	* return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	156	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	157	function is_valid_user($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	158	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	159	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	160	if(is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	161	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	162	$result = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	163	if ($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	164	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	165	return true;
58094faf794d [feladat @ 2] rejo parents: diff changeset	166	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	167	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	168	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	169	return false;
58094faf794d [feladat @ 2] rejo parents: diff changeset	170	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	171	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	172	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	173
58094faf794d [feladat @ 2] rejo parents: diff changeset	174
58094faf794d [feladat @ 2] rejo parents: diff changeset	175	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	176	* Checks if a given username exists in the database.
58094faf794d [feladat @ 2] rejo parents: diff changeset	177	* return values: true if exists, false if not.
58094faf794d [feladat @ 2] rejo parents: diff changeset	178	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	179	function user_exists($user)
58094faf794d [feladat @ 2] rejo parents: diff changeset	180	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	181	global $db;
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	182	$result = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	183	if ($result->numRows() == 0)
58094faf794d [feladat @ 2] rejo parents: diff changeset	184	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	185	return false;
58094faf794d [feladat @ 2] rejo parents: diff changeset	186	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	187	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	188	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	189	return true;
58094faf794d [feladat @ 2] rejo parents: diff changeset	190	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	191	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	192	{
4 55ed92aa7cf5 [feladat @ 5] rejo parents: 1 diff changeset	193	error(ERR_UNKNOWN);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	194	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	195	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	196
58094faf794d [feladat @ 2] rejo parents: diff changeset	197
58094faf794d [feladat @ 2] rejo parents: diff changeset	198
58094faf794d [feladat @ 2] rejo parents: diff changeset	199	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	200	* Delete a user from the system
58094faf794d [feladat @ 2] rejo parents: diff changeset	201	* return values: true if user doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	202	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	203	function delete_user($uid,$zones)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	204	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	205	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	206
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	207	if (($uid != $_SESSION['userid'] && !verify_permission(user_edit_others)) \|\| ($uid == $_SESSION['userid'] && !verify_permission(user_edit_own))) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	208	error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	209	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	210	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	211
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	212	if (is_array($zones)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	213	foreach ($zones as $zone) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	214	if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	215	delete_domain($zone['zid']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	216	} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	217	add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	218	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	219	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	220	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	221
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	222	$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	223	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	224	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	225
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	226	$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	227	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	228	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	229	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	230	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	231	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	232
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	233	function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	234
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	235	global $db;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	236	if (!(verify_permission(user_edit_templ_perm))) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	237	error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	238	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	239	$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	240	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	241	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	242
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	243	if($result->numRows() > 0) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	244	error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	245	return false;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	246	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	247	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	248	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	249	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	250
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	251	$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	252	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	253	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	254
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	255	return true;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	256	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	257	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	258	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	259
58094faf794d [feladat @ 2] rejo parents: diff changeset	260	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	261	* Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2] rejo parents: diff changeset	262	* return values: true if succesful
58094faf794d [feladat @ 2] rejo parents: diff changeset	263	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	264	function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	265	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	266	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	267
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	268	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	269	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	270
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	271	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") \|\| ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	272
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	273	if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	274	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	275	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	276	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	277
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	278	if ($active != 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	279	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	280	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	281
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	282	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	283	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	284	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	285	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	286	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	287	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	288	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	289	// username already exists.
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	290
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	291	$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	292	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	293	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	294
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	295	$usercheck = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	296	$usercheck = $result->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	297
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	298	if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	299
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	300	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	301	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	302	// sure it doesn't already exist.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	303
83 90fbb34b3d97 [feladat @ 183] rejo parents: 82 diff changeset	304	$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	305	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	306	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	307
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	308	if($result->numRows() > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	309	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	310	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	311	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	312	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	313
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	314	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	315	// another user that goes by the wanted username. So, go ahead!
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	316
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	317	$query = "UPDATE users SET
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	318	username = " . $db->quote($user) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	319	fullname = " . $db->quote($fullname) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	320	email = " . $db->quote($email) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	321	perm_templ = " . $db->quote($perm_templ) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	322	description = " . $db->quote($description) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	323	active = " . $db->quote($active) ;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	324
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	325	if($password != "") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	326	$query .= ", password = " . $db->quote(md5($password)) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	327	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	328
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	329	$query .= " WHERE id = " . $db->quote($id) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	330
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	331	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	332	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	333
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	334	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	335	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	336	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	337	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	338	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	339	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	340
58094faf794d [feladat @ 2] rejo parents: diff changeset	341	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	342	* Change the pass of the user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	343	* The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2] rejo parents: diff changeset	344	* return values: none.
58094faf794d [feladat @ 2] rejo parents: diff changeset	345	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	346	function change_user_pass($details) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	347	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	348
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	349	if ($details['newpass'] != $details['newpass2']) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	350	error(ERR_USER_MATCH_NEW_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	351	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	352	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	353
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	354	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	355	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	356	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	357
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	358	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	359
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	360	if(md5($details['currentpass']) == $rinfo['password']) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	361	$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	362	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	363	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	364
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	365	logout( _('Password has been changed, please login.'));
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	366	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	367	error(ERR_USER_WRONG_CURRENT_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	368	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	369	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	370	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	371
58094faf794d [feladat @ 2] rejo parents: diff changeset	372
58094faf794d [feladat @ 2] rejo parents: diff changeset	373	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	374	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	375	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	376	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	377	function get_fullname_from_userid($id) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	378	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	379	if (is_numeric($id)) {
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	380	$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	381	$r = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	382	return $r["fullname"];
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	383	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	384	error(ERR_INV_ARG);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	385	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	386	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	387	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	388
58094faf794d [feladat @ 2] rejo parents: diff changeset	389
58094faf794d [feladat @ 2] rejo parents: diff changeset	390	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	391	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	392	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	393	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	394	function get_owner_from_id($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	395	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	396	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	397	if (is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	398	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	399	$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	400	if ($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	401	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	402	$r = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	403	return $r["fullname"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	404	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	405	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	406	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	407	error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2] rejo parents: diff changeset	408	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	409	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	410	error(ERR_INV_ARG);
58094faf794d [feladat @ 2] rejo parents: diff changeset	411	}
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	412
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	413	/**
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	414	* get_owners_from_domainid
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	415	*
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	416	* @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	417	* @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	418	* @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	419	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	420	function get_fullnames_owners_from_domainid($id) {
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	421
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	422	global $db;
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	423	if (is_numeric($id))
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	424	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	425	$result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	426	if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	427	{
36 4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	428	return "";
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	429	}
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	430	else
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	431	{
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	432	$names = array();
36 4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	433	while ($r = $result->fetchRow())
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	434	{
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	435	$names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	436	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	437	return implode(', ', $names);
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	438	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	439	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	440	error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	441	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	442
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	443
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	444
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	445	function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	446	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	447
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	448	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	449
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	450	if (is_numeric($zoneid)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	451	$result = $db->query("SELECT zones.id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	452	FROM zones
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	453	WHERE zones.owner = " . $db->quote($userid) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	454	AND zones.domain_id = ". $db->quote($zoneid)) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	455	if ($result->numRows() == 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	456	return "0";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	457	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	458	return "1";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	459	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	460	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	461	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	462	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	463
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	464
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	465	function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	466
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	467	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	468	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	469
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	470
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	471	if (v_num($specific)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	472	$sql_add = "AND users.id = " . $db->quote($specific) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	473	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	474	if (verify_permission(user_view_others)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	475	$sql_add = "";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	476	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	477	$sql_add = "AND users.id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	478	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	479	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	480
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	481	$query = "SELECT users.id AS uid,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	482	username,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	483	fullname,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	484	email,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	485	description AS descr,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	486	active,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	487	perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	488	perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	489	perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	490	FROM users, perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	491	WHERE users.perm_templ = perm_templ.id "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	492	. $sql_add . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	493	ORDER BY username";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	494
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	495	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	496	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	497
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	498	while ($user = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	499	$userlist[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	500	"uid" => $user['uid'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	501	"username" => $user['username'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	502	"fullname" => $user['fullname'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	503	"email" => $user['email'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	504	"descr" => $user['descr'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	505	"active" => $user['active'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	506	"tpl_id" => $user['tpl_id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	507	"tpl_name" => $user['tpl_name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	508	"tpl_descr" => $user['tpl_descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	509	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	510	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	511	return $userlist;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	512	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	513
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	514
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	515	// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	516	// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	517	// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	518	// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	519
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	520	function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	521	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	522
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	523	if ($templ_id > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	524	$limit = ", perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	525	WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	526	AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	527	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	528
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	529	$query = "SELECT perm_items.id AS id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	530	perm_items.name AS name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	531	perm_items.descr AS descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	532	FROM perm_items"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	533	. $limit . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	534	ORDER BY descr";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	535	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	536	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	537
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	538	$permission_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	539	while ($permission = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	540	if ($return_name_only == false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	541	$permission_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	542	"id" => $permission['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	543	"name" => $permission['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	544	"descr" => $permission['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	545	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	546	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	547	$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	548	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	549	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	550	return $permission_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	551	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	552
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	553
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	554	// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	555
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	556	function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	557	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	558
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	559	$query = "SELECT *
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	560	FROM perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	561	WHERE perm_templ.id = " . $db->quote($templ_id);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	562
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	563	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	564	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	565
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	566	$details = $result->fetchRow();
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	567	return $details;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	568	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	569
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	570
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	571	// Get a list of all available permission templates.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	572
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	573	function get_list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	574	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	575
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	576	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	577	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	578	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	579
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	580	$perm_templ_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	581	while ($perm_templ = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	582	$perm_templ_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	583	"id" => $perm_templ['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	584	"name" => $perm_templ['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	585	"descr" => $perm_templ['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	586	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	587	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	588	return $perm_templ_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	589	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	590
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	591
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	592	// Add a permission template.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	593
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	594	function add_perm_templ($details) {
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	595	global $db;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	596
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	597	// Fix permission template name and description first.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	598
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	599	$query = "INSERT INTO perm_templ
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	600	VALUES (
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	601	'', "
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	602	. $db->quote($details['templ_name']) . ", "
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	603	. $db->quote($details['templ_descr']) . ")";
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	604
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	605	$result = $db->query($query);
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	606	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	607
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	608	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	609
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	610	foreach ($details['perm_id'] AS $perm_id) {
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	611	$r_insert_values[] = "(''," . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")";
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	612	}
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	613	$query = "INSERT INTO perm_templ_items VALUES " . implode(',', $r_insert_values) ;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	614	$result = $db->query($query);
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	615	if (pear::iserror($response)) { error($response->getmessage()); return false; }
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	616
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	617	return true;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	618	}
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	619
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	620	// Update all details of a permission template.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	621
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	622	function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	623	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	624
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	625	// Fix permission template name and description first.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	626
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	627	$query = "UPDATE perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	628	SET name = " . $db->quote($details['templ_name']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	629	descr = " . $db->quote($details['templ_descr']) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	630	WHERE id = " . $db->quote($details['templ_id']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	631
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	632	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	633	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	634
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	635	// Now, update list of permissions assigned to this template. We could do
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	636	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	637	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	638	// apply the difference between these two lists to the database. That sounds
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	639	// like to much work. Just delete all the permissions currently assigned to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	640	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	641
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	642	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	643	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	644	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	645
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	646	foreach ($details['perm_id'] AS $perm_id) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	647	$r_insert_values[] = "(''," . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	648	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	649	$query = "INSERT INTO perm_templ_items VALUES " . implode(',', $r_insert_values) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	650	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	651	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	652
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	653	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	654	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	655
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	656	function update_user_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	657
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	658	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	659
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	660	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	661	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	662
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	663	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") \|\|
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	664	($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	665
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	666	if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	667	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	668	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	669	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	670
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	671	if (!isset($details['active']) \|\| $details['active'] != "on" ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	672	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	673	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	674	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	675	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	676
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	677	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	678	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	679	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	680	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	681	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	682	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	683	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	684	// username already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	685	$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	686	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	687	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	688
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	689	$usercheck = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	690	$usercheck = $result->fetchRow();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	691
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	692	if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	693	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	694	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	695	// sure it doesn't already exist.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	696	$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	697	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	698	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	699
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	700	if($result->numRows() > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	701	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	702	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	703	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	704	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	705
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	706	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	707	// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	708
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	709	$query = "UPDATE users SET
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	710	username = " . $db->quote($details['username']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	711	fullname = " . $db->quote($details['fullname']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	712	email = " . $db->quote($details['email']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	713	perm_templ = " . $db->quote($details['templ_id']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	714	description = " . $db->quote($details['descr']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	715	active = " . $db->quote($active) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	716
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	717	// TODO Check if function works if password is set too.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	718	if($details['password'] != "") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	719	$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	720	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	721
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	722	$query .= " WHERE id = " . $db->quote($details['uid']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	723
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	724	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	725	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	726
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	727	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	728	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	729	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	730	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	731	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	732	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	733
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	734	// Add a new user
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	735
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	736	function add_new_user($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	737	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	738
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	739	if (!verify_permission(user_add_new)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	740	error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	741
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	742	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	743	error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	744
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	745	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	746	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	747
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	748	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	749	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	750	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	751	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	752	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	753
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	754	$query = "INSERT INTO users VALUES ( "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	755	. "'', "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	756	. $db->quote($details['username']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	757	. $db->quote(md5($details['password'])) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	758	. $db->quote($details['fullname']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	759	. $db->quote($details['email']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	760	. $db->quote($details['descr']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	761	. $db->quote($details['perm_templ']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	762	. $db->quote($active)
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	763	. ")";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	764
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	765	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	766	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	767
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	768	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	769	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	770
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	771
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	772
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	773	?>

author	rejo
	Wed, 26 Mar 2008 14:02:59 +0000
changeset 89	61c49e66c9b0
parent 85	1687c1b107fa
child 109	34b2d49f52c6
permissions	-rwxr-xr-x