inc/users.inc.php
author rejo
Wed, 26 Mar 2008 07:40:14 +0000
changeset 83 90fbb34b3d97
parent 82 c255196bc447
child 85 1687c1b107fa
permissions -rwxr-xr-x
[feladat @ 183] Bugfix. When changing the username of an existing user, an sql error was shown due to bad quoting of a variable.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
71
e1b918eaf69a [feladat @ 118]
peter
parents: 67
diff changeset
     1
<?php
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
47
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     3
/*  PowerAdmin, a friendly web-based admin tool for PowerDNS.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     4
 *  See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     5
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     6
 *  Copyright 2007, 2008  Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     7
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     8
 *  This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     9
 *  it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    10
 *  the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    11
 *  (at your option) any later version.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    12
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    13
 *  This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    14
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    15
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    16
 *  GNU General Public License for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    17
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    18
 *  You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    19
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    20
 */
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
58
78558a77131e [feladat @ 105]
rejo
parents: 55
diff changeset
    22
require_once("inc/toolkit.inc.php");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    24
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    25
/* 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    26
 *  Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    27
 *  user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    28
 *  the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    29
 *  right, and "true" if the user has. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    30
 */
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    31
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    32
function verify_permission($permission) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    33
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    34
        global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    35
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    36
	if ((!isset($_SESSION['userid'])) || (!is_object($db))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    37
		return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    38
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    39
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    40
        // Set current user ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    41
        $userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    42
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    43
        // Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    44
        $query = "SELECT perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    45
			FROM users 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    46
			WHERE id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    47
        $templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    48
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    49
        // Does this user have ueberuser rights?
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    50
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    51
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    52
			WHERE templ_id = " . $db->quote($templ_id) . " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    53
			AND perm_id = '53'";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    54
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    55
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    56
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    57
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    58
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    59
        // Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    60
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    61
			FROM perm_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    62
			WHERE name = " . $db->quote($permission) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    63
        $perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    64
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    65
        // Check if the permission ID is assigned to the template ID. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    66
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    67
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    68
			WHERE templ_id = " . $db->quote($templ_id) . " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    69
			AND perm_id = " . $db->quote($perm_id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    70
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    71
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    72
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    73
        } else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    74
                return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    75
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    76
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    77
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    78
function list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    79
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    80
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    81
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    82
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    83
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    84
	$template_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    85
	while ($template= $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    86
		$tempate_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    87
			"id"	=>	$template['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    88
			"name"	=>	$template['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    89
			"descr"	=>	$template['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    90
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    91
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    92
	return $tempate_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    93
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    94
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    95
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    96
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    97
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    99
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
 	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   103
	$add = '';
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
 	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
 	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
                 //When a user id is given, it is excluded from the userlist returned.
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   107
                 $add = " WHERE users.id!=".$db->quote($id);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
	// Make a huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   115
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
		users.active AS active,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   117
		users.perm_templ AS perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   120
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   121
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			users.description,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   126
			users.perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
		ORDER BY
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   129
			users.fullname";
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   130
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
	// Execute the huge query.
74
43c31dc98305 [feladat @ 121]
peter
parents: 71
diff changeset
   132
	$db->setLimit($rowamount, $rowstart);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   133
	$result = $db->query($sqlq);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   135
	$retcount = 0;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   136
	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   137
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   138
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   141
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
		 "level"                 =>              $r["level"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   152
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   162
		$result = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   163
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   164
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   165
			return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   166
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   168
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   182
	$result = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   183
	if ($result->numRows() == 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   184
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   185
                 return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   186
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   188
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   189
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
        else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
        {
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
   193
        	error(ERR_UNKNOWN);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   196
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   199
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   203
function delete_user($uid,$zones)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   204
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   205
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   206
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   207
	if (($uid != $_SESSION['userid'] && !verify_permission(user_edit_others)) || ($uid == $_SESSION['userid'] && !verify_permission(user_edit_own))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   208
		 error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   209
		 return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   210
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   211
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   212
		if (is_array($zones)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   213
			foreach ($zones as $zone) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   214
				if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   215
					delete_domain($zone['zid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   216
				} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   217
					add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   218
				}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   219
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   220
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   221
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   222
		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   223
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   224
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   225
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   226
		$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   227
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   228
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   229
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   230
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   231
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   232
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   233
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   234
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   235
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   236
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   237
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   238
function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   239
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   240
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   241
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   242
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   243
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   244
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   245
	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") || ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   246
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   247
		if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   248
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   249
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   250
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   251
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   252
		if ($active != 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   253
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   254
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   255
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   256
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   257
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   258
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   259
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   260
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   261
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   262
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   263
		// username already exists.
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   264
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   265
		$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   266
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   267
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   268
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   269
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   270
		$usercheck = $result->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   271
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   272
		if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   273
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   274
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   275
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   276
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   277
			
83
90fbb34b3d97 [feladat @ 183]
rejo
parents: 82
diff changeset
   278
			$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   279
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   280
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   281
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   282
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   283
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   284
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   285
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   286
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   287
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   288
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   289
		// another user that goes by the wanted username. So, go ahead!
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   290
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   291
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   292
				username = " . $db->quote($user) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   293
				fullname = " . $db->quote($fullname) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   294
				email = " . $db->quote($email) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   295
				perm_templ = " . $db->quote($perm_templ) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   296
				description = " . $db->quote($description) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   297
				active = " . $db->quote($active) ;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   298
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   299
		if($password != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   300
			$query .= ", password = " . $db->quote(md5($password)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   301
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   302
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   303
		$query .= " WHERE id = " . $db->quote($id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   304
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   305
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   306
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   307
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   308
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   309
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   310
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   311
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   312
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   313
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   314
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   315
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   316
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   317
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   318
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   319
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   320
function change_user_pass($details) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   321
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   322
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   323
	if ($details['newpass'] != $details['newpass2']) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   324
		error(ERR_USER_MATCH_NEW_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   325
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   326
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   327
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   328
	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   329
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   330
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   331
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   332
	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   333
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   334
	if(md5($details['currentpass']) == $rinfo['password']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   335
		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   336
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   337
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   338
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   339
		logout( _('Password has been changed, please login.')); 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   340
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   341
		error(ERR_USER_WRONG_CURRENT_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   342
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   344
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   345
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   346
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   347
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   348
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   349
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   350
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   351
function get_fullname_from_userid($id) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   352
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   353
	if (is_numeric($id)) {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   354
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   355
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   356
		return $r["fullname"];
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   357
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   358
		error(ERR_INV_ARG);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   359
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   360
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   361
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   362
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   363
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   364
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   365
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   366
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   367
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   368
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   369
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   370
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   371
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   372
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   373
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   374
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   375
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   376
			$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   377
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   378
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   379
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   380
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   381
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   382
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   383
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   384
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   385
}
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   386
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   387
/**
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   388
 * get_owners_from_domainid
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   389
 *
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   390
 * @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   391
 * @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   392
 * @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   393
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   394
function get_fullnames_owners_from_domainid($id) {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   395
      
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   396
      global $db;
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   397
      if (is_numeric($id))
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   398
      {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   399
              $result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   400
              if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   401
              {
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   402
		      return "";
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   403
              } 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   404
	      else 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   405
	      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   406
                      $names = array();
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   407
                      while ($r = $result->fetchRow()) 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   408
		      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   409
                              $names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   410
                      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   411
                      return implode(', ', $names);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   412
              }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   413
      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   414
      error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   415
}
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   416
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   417
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   418
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   419
function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   420
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   421
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   422
	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   423
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   424
	if (is_numeric($zoneid)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   425
		$result = $db->query("SELECT zones.id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   426
				FROM zones 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   427
				WHERE zones.owner = " . $db->quote($userid) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   428
				AND zones.domain_id = ". $db->quote($zoneid)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   429
		if ($result->numRows() == 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   430
			return "0";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   431
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   432
			return "1";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   433
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   434
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   435
	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   436
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   437
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   438
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   439
function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   440
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   441
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   442
	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   443
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   444
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   445
	if (v_num($specific)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   446
		$sql_add = "AND users.id = " . $db->quote($specific) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   447
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   448
		if (verify_permission(user_view_others)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   449
			$sql_add = "";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   450
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   451
			$sql_add = "AND users.id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   452
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   453
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   454
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   455
	$query = "SELECT users.id AS uid, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   456
			username, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   457
			fullname, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   458
			email, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   459
			description AS descr,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   460
			active,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   461
			perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   462
			perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   463
			perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   464
			FROM users, perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   465
			WHERE users.perm_templ = perm_templ.id " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   466
			. $sql_add . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   467
			ORDER BY username";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   468
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   469
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   470
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   471
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   472
	while ($user = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   473
		$userlist[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   474
			"uid"		=>	$user['uid'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   475
			"username"	=>	$user['username'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   476
			"fullname"	=>	$user['fullname'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   477
			"email"		=>	$user['email'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   478
			"descr"		=>	$user['descr'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   479
			"active"	=>	$user['active'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   480
			"tpl_id"	=>	$user['tpl_id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   481
			"tpl_name"	=>	$user['tpl_name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   482
			"tpl_descr"	=>	$user['tpl_descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   483
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   484
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   485
	return $userlist;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   486
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   487
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   488
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   489
// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   490
// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   491
// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   492
// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   493
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   494
function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   495
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   496
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   497
	if ($templ_id > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   498
		$limit = ", perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   499
			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   500
			AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   501
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   502
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   503
	$query = "SELECT perm_items.id AS id, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   504
			perm_items.name AS name, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   505
			perm_items.descr AS descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   506
			FROM perm_items" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   507
			. $limit . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   508
			ORDER BY descr";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   509
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   510
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   511
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   512
	$permission_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   513
	while ($permission = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   514
		if ($return_name_only == false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   515
			$permission_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   516
				"id"	=>	$permission['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   517
				"name"	=>	$permission['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   518
				"descr"	=>	$permission['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   519
				);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   520
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   521
			$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   522
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   523
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   524
	return $permission_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   525
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   526
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   527
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   528
// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   529
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   530
function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   531
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   532
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   533
	$query = "SELECT *
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   534
			FROM perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   535
			WHERE perm_templ.id = " . $db->quote($templ_id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   536
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   537
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   538
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   539
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   540
	while($details = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   541
		$detail_list[] = array (
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   542
			"name"	=>	$details['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   543
			"descr"	=>	$details['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   544
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   545
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   546
	return $detail_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   547
}	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   548
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   549
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   550
// Get a list of all available permission templates.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   551
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   552
function get_list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   553
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   554
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   555
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   556
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   557
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   558
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   559
	$perm_templ_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   560
	while ($perm_templ = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   561
		$perm_templ_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   562
			"id"	=>	$perm_templ['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   563
			"name"	=>	$perm_templ['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   564
			"descr"	=>	$perm_templ['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   565
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   566
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   567
	return $perm_templ_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   568
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   569
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   570
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   571
// Update all details of a permission template.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   572
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   573
function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   574
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   575
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   576
	// Fix permission template name and description first. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   577
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   578
	$query = "UPDATE perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   579
			SET name = " . $db->quote($details['templ_name']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   580
			descr = " . $db->quote($details['templ_descr']) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   581
			WHERE id = " . $db->quote($details['templ_id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   582
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   583
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   584
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   585
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   586
	// Now, update list of permissions assigned to this template. We could do 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   587
	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   588
	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   589
	// apply the difference between these two lists to the database. That sounds 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   590
	// like to much work. Just delete all the permissions currently assigned to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   591
	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   592
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   593
	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   594
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   595
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   596
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   597
	foreach ($details['perm_id'] AS $perm_id) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   598
		$r_insert_values[] = "(''," . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   599
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   600
	$query = "INSERT INTO perm_templ_items VALUES " . implode(',', $r_insert_values) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   601
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   602
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   603
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   604
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   605
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   606
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   607
function update_user_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   608
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   609
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   610
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   611
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   612
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   613
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   614
	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") || 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   615
			($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   616
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   617
		if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   618
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   619
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   620
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   621
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   622
		if (!isset($details['active']) || $details['active'] != "on" ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   623
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   624
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   625
			$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   626
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   627
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   628
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   629
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   630
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   631
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   632
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   633
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   634
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   635
		// username already exists.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   636
		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   637
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   638
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   639
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   640
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   641
		$usercheck = $result->fetchRow();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   642
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   643
		if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   644
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   645
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   646
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   647
			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   648
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   649
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   650
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   651
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   652
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   653
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   654
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   655
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   656
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   657
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   658
		// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   659
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   660
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   661
				username = " . $db->quote($details['username']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   662
				fullname = " . $db->quote($details['fullname']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   663
				email = " . $db->quote($details['email']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   664
				perm_templ = " . $db->quote($details['templ_id']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   665
				description = " . $db->quote($details['descr']) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   666
				active = " . $db->quote($active) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   667
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   668
		// TODO Check if function works if password is set too.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   669
		if($details['password'] != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   670
			$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   671
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   672
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   673
		$query .= " WHERE id = " . $db->quote($details['uid']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   674
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   675
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   676
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   677
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   678
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   679
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   680
		return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   681
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   682
	return true;		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   683
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   684
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   685
// Add a new user
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   686
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   687
function add_new_user($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   688
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   689
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   690
	if (!verify_permission(user_add_new)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   691
		error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   692
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   693
	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   694
		error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   695
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   696
	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   697
		error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   698
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   699
	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   700
		$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   701
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   702
		$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   703
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   704
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   705
	$query = "INSERT INTO users VALUES ( "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   706
			. "'', "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   707
			. $db->quote($details['username']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   708
			. $db->quote(md5($details['password'])) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   709
			. $db->quote($details['fullname']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   710
			. $db->quote($details['email']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   711
			. $db->quote($details['descr']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   712
			. $db->quote($details['perm_templ']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   713
			. $db->quote($active) 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   714
			. ")";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   715
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   716
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   717
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   718
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   719
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   720
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   721
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   722
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   723
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   724
?>