poweradmin: inc/users.inc.php@cb06e3e29ed8 (annotated)

71 e1b918eaf69a [feladat @ 118] peter parents: 67 diff changeset	1	<?php
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	2
119 f74e4f88b680 [feladat @ 222] rejo parents: 113 diff changeset	3	/* Poweradmin, a friendly web-based admin tool for PowerDNS.
47 ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	4	* See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	5	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	6	* Copyright 2007, 2008 Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	7	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	8	* This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	9	* it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	10	* the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	11	* (at your option) any later version.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	12	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	13	* This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	16	* GNU General Public License for more details.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	17	*
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	18	* You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	19	* along with this program. If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94] rejo parents: 36 diff changeset	20	*/
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	21
58 78558a77131e [feladat @ 105] rejo parents: 55 diff changeset	22	require_once("inc/toolkit.inc.php");
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	23
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	24
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	25	/*
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	26	* Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	27	* user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	28	* the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	29	* right, and "true" if the user has.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	30	*/
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	31
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	32	function verify_permission($permission) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	33
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	34	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	35
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	36	if ((!isset($_SESSION['userid'])) \|\| (!is_object($db))) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	37	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	38	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	39
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	40	// Set current user ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	41	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	42
113 e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	43	$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser');
e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	44	$ueberUserId = $db->queryOne($query);
e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	45
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	46	// Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	47	$query = "SELECT perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	48	FROM users
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	49	WHERE id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	50	$templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	51
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	52	// Does this user have ueberuser rights?
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	53	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	54	FROM perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	55	WHERE templ_id = " . $db->quote($templ_id) . "
113 e7a448dba024 [feladat @ 213] peter parents: 109 diff changeset	56	AND perm_id = ".$ueberUserId;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	57	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	58	if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	59	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	60	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	61
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	62	// Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	63	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	64	FROM perm_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	65	WHERE name = " . $db->quote($permission) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	66	$perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	67
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	68	// Check if the permission ID is assigned to the template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	69	$query = "SELECT id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	70	FROM perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	71	WHERE templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	72	AND perm_id = " . $db->quote($perm_id) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	73	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	74	if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	75	return 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	76	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	77	return 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	78	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	79	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	80
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	81	function list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	82	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	83	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	84	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	85	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	86
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	87	$template_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	88	while ($template= $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	89	$tempate_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	90	"id" => $template['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	91	"name" => $template['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	92	"descr" => $template['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	93	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	94	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	95	return $tempate_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	96	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	97
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	98	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	99	* Retrieve all users.
58094faf794d [feladat @ 2] rejo parents: diff changeset	100	* Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2] rejo parents: diff changeset	101	* return values: an array with all users in it.
58094faf794d [feladat @ 2] rejo parents: diff changeset	102	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	103	function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2] rejo parents: diff changeset	104	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	105	global $db;
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	106	$add = '';
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	107	if(is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	108	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	109	//When a user id is given, it is excluded from the userlist returned.
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	110	$add = " WHERE users.id!=".$db->quote($id);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	111	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	112
58094faf794d [feladat @ 2] rejo parents: diff changeset	113	// Make a huge query.
58094faf794d [feladat @ 2] rejo parents: diff changeset	114	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2] rejo parents: diff changeset	115	users.username AS username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	116	users.fullname AS fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	117	users.email AS email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	118	users.description AS description,
58094faf794d [feladat @ 2] rejo parents: diff changeset	119	users.active AS active,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	120	users.perm_templ AS perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	121	count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2] rejo parents: diff changeset	122	LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2] rejo parents: diff changeset	123	GROUP BY
58094faf794d [feladat @ 2] rejo parents: diff changeset	124	users.id,
58094faf794d [feladat @ 2] rejo parents: diff changeset	125	users.username,
58094faf794d [feladat @ 2] rejo parents: diff changeset	126	users.fullname,
58094faf794d [feladat @ 2] rejo parents: diff changeset	127	users.email,
58094faf794d [feladat @ 2] rejo parents: diff changeset	128	users.description,
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	129	users.perm_templ,
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	130	users.active
58094faf794d [feladat @ 2] rejo parents: diff changeset	131	ORDER BY
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	132	users.fullname";
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	133
58094faf794d [feladat @ 2] rejo parents: diff changeset	134	// Execute the huge query.
74 43c31dc98305 [feladat @ 121] peter parents: 71 diff changeset	135	$db->setLimit($rowamount, $rowstart);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	136	$result = $db->query($sqlq);
58094faf794d [feladat @ 2] rejo parents: diff changeset	137	$ret = array();
58094faf794d [feladat @ 2] rejo parents: diff changeset	138	$retcount = 0;
58094faf794d [feladat @ 2] rejo parents: diff changeset	139	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2] rejo parents: diff changeset	140	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	141	$ret[] = array(
58094faf794d [feladat @ 2] rejo parents: diff changeset	142	"id" => $r["id"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	143	"username" => $r["username"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	144	"fullname" => $r["fullname"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	145	"email" => $r["email"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	146	"description" => $r["description"],
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	147	// "level" => $r["level"],
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	148	"active" => $r["active"],
58094faf794d [feladat @ 2] rejo parents: diff changeset	149	"numdomains" => $r["aantal"]
58094faf794d [feladat @ 2] rejo parents: diff changeset	150	);
58094faf794d [feladat @ 2] rejo parents: diff changeset	151	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	152	return $ret;
58094faf794d [feladat @ 2] rejo parents: diff changeset	153	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	154
58094faf794d [feladat @ 2] rejo parents: diff changeset	155
58094faf794d [feladat @ 2] rejo parents: diff changeset	156	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	157	* Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	158	* return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	159	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	160	function is_valid_user($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	161	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	162	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	163	if(is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	164	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	165	$result = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	166	if ($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	167	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	168	return true;
58094faf794d [feladat @ 2] rejo parents: diff changeset	169	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	170	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	171	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	172	return false;
58094faf794d [feladat @ 2] rejo parents: diff changeset	173	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	174	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	175	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	176
58094faf794d [feladat @ 2] rejo parents: diff changeset	177
58094faf794d [feladat @ 2] rejo parents: diff changeset	178	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	179	* Checks if a given username exists in the database.
58094faf794d [feladat @ 2] rejo parents: diff changeset	180	* return values: true if exists, false if not.
58094faf794d [feladat @ 2] rejo parents: diff changeset	181	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	182	function user_exists($user)
58094faf794d [feladat @ 2] rejo parents: diff changeset	183	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	184	global $db;
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	185	$result = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	186	if ($result->numRows() == 0)
58094faf794d [feladat @ 2] rejo parents: diff changeset	187	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	188	return false;
58094faf794d [feladat @ 2] rejo parents: diff changeset	189	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	190	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	191	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	192	return true;
58094faf794d [feladat @ 2] rejo parents: diff changeset	193	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	194	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	195	{
4 55ed92aa7cf5 [feladat @ 5] rejo parents: 1 diff changeset	196	error(ERR_UNKNOWN);
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	197	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	198	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	199
58094faf794d [feladat @ 2] rejo parents: diff changeset	200
58094faf794d [feladat @ 2] rejo parents: diff changeset	201
58094faf794d [feladat @ 2] rejo parents: diff changeset	202	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	203	* Delete a user from the system
58094faf794d [feladat @ 2] rejo parents: diff changeset	204	* return values: true if user doesnt exist.
58094faf794d [feladat @ 2] rejo parents: diff changeset	205	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	206	function delete_user($uid,$zones)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	207	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	208	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	209
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	210	if (($uid != $_SESSION['userid'] && !verify_permission('user_edit_others')) \|\| ($uid == $_SESSION['userid'] && !verify_permission('user_edit_own'))) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	211	error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	212	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	213	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	214
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	215	if (is_array($zones)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	216	foreach ($zones as $zone) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	217	if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	218	delete_domain($zone['zid']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	219	} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	220	add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	221	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	222	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	223	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	224
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	225	$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	226	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	227	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	228
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	229	$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	230	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	231	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	232	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	233	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	234	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	235
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	236	function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	237
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	238	global $db;
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	239	if (!(verify_permission('user_edit_templ_perm'))) {
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	240	error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	241	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	242	$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	243	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	244	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	245
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	246	if($result->numRows() > 0) {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	247	error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	248	return false;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	249	} else {
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	250	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	251	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	252	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	253
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	254	$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	255	$result = $db->query($query);
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	256	if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	257
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	258	return true;
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	259	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	260	}
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	261	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	262
58094faf794d [feladat @ 2] rejo parents: diff changeset	263	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	264	* Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2] rejo parents: diff changeset	265	* return values: true if succesful
58094faf794d [feladat @ 2] rejo parents: diff changeset	266	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	267	function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	268	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	269	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	270
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	271	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	272	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	273
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	274	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") \|\| ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	275
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	276	if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	277	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	278	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	279	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	280
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	281	if ($active != 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	282	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	283	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	284
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	285	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	286	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	287	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	288	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	289	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	290	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	291	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	292	// username already exists.
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	293
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	294	$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	295	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	296	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	297
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	298	$usercheck = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	299	$usercheck = $result->fetchRow();
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	300
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	301	if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	302
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	303	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	304	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	305	// sure it doesn't already exist.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	306
83 90fbb34b3d97 [feladat @ 183] rejo parents: 82 diff changeset	307	$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	308	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	309	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	310
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	311	if($result->numRows() > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	312	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	313	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	314	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	315	}
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	316
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	317	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	318	// another user that goes by the wanted username. So, go ahead!
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	319
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	320	$query = "UPDATE users SET
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	321	username = " . $db->quote($user) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	322	fullname = " . $db->quote($fullname) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	323	email = " . $db->quote($email) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	324	perm_templ = " . $db->quote($perm_templ) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	325	description = " . $db->quote($description) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	326	active = " . $db->quote($active) ;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	327
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	328	if($password != "") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	329	$query .= ", password = " . $db->quote(md5($password)) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	330	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	331
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	332	$query .= " WHERE id = " . $db->quote($id) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	333
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	334	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	335	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	336
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	337	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	338	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	339	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	340	}
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	341	return true;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	342	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	343
58094faf794d [feladat @ 2] rejo parents: diff changeset	344	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	345	* Change the pass of the user.
58094faf794d [feladat @ 2] rejo parents: diff changeset	346	* The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2] rejo parents: diff changeset	347	* return values: none.
58094faf794d [feladat @ 2] rejo parents: diff changeset	348	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	349	function change_user_pass($details) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	350	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	351
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	352	if ($details['newpass'] != $details['newpass2']) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	353	error(ERR_USER_MATCH_NEW_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	354	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	355	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	356
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	357	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	358	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	359	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	360
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	361	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	362
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	363	if(md5($details['currentpass']) == $rinfo['password']) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	364	$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	365	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	366	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	367
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	368	logout( _('Password has been changed, please login.'));
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	369	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	370	error(ERR_USER_WRONG_CURRENT_PASS);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	371	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	372	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	373	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	374
58094faf794d [feladat @ 2] rejo parents: diff changeset	375
58094faf794d [feladat @ 2] rejo parents: diff changeset	376	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	377	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	378	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	379	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	380	function get_fullname_from_userid($id) {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	381	global $db;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	382	if (is_numeric($id)) {
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	383	$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	384	$r = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	385	return $r["fullname"];
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	386	} else {
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	387	error(ERR_INV_ARG);
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	388	return false;
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	389	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	390	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	391
58094faf794d [feladat @ 2] rejo parents: diff changeset	392
58094faf794d [feladat @ 2] rejo parents: diff changeset	393	/*
58094faf794d [feladat @ 2] rejo parents: diff changeset	394	* Get a fullname when you have a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	395	* return values: gives the fullname from a userid.
58094faf794d [feladat @ 2] rejo parents: diff changeset	396	*/
58094faf794d [feladat @ 2] rejo parents: diff changeset	397	function get_owner_from_id($id)
58094faf794d [feladat @ 2] rejo parents: diff changeset	398	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	399	global $db;
58094faf794d [feladat @ 2] rejo parents: diff changeset	400	if (is_numeric($id))
58094faf794d [feladat @ 2] rejo parents: diff changeset	401	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	402	$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	403	if ($result->numRows() == 1)
58094faf794d [feladat @ 2] rejo parents: diff changeset	404	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	405	$r = $result->fetchRow();
58094faf794d [feladat @ 2] rejo parents: diff changeset	406	return $r["fullname"];
58094faf794d [feladat @ 2] rejo parents: diff changeset	407	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	408	else
58094faf794d [feladat @ 2] rejo parents: diff changeset	409	{
58094faf794d [feladat @ 2] rejo parents: diff changeset	410	error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2] rejo parents: diff changeset	411	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	412	}
58094faf794d [feladat @ 2] rejo parents: diff changeset	413	error(ERR_INV_ARG);
58094faf794d [feladat @ 2] rejo parents: diff changeset	414	}
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	415
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	416	/**
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	417	* get_owners_from_domainid
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	418	*
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	419	* @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	420	* @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	421	* @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	422	*/
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	423	function get_fullnames_owners_from_domainid($id) {
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	424
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	425	global $db;
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	426	if (is_numeric($id))
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	427	{
65 ce1c4d5e1576 [feladat @ 112] peter parents: 58 diff changeset	428	$result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	429	if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	430	{
36 4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	431	return "";
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	432	}
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	433	else
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	434	{
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	435	$names = array();
36 4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	436	while ($r = $result->fetchRow())
4ec5ab29f634 [feladat @ 83] rejo parents: 26 diff changeset	437	{
26 5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	438	$names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	439	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	440	return implode(', ', $names);
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	441	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	442	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	443	error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	444	}
5d63f1e71d6e [feladat @ 73] rejo parents: 8 diff changeset	445
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	446
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	447
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	448	function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	449	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	450
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	451	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	452
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	453	if (is_numeric($zoneid)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	454	$result = $db->query("SELECT zones.id
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	455	FROM zones
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	456	WHERE zones.owner = " . $db->quote($userid) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	457	AND zones.domain_id = ". $db->quote($zoneid)) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	458	if ($result->numRows() == 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	459	return "0";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	460	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	461	return "1";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	462	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	463	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	464	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	465	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	466
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	467
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	468	function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	469
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	470	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	471	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	472
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	473
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	474	if (v_num($specific)) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	475	$sql_add = "AND users.id = " . $db->quote($specific) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	476	} else {
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	477	if (verify_permission('user_view_others')) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	478	$sql_add = "";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	479	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	480	$sql_add = "AND users.id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	481	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	482	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	483
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	484	$query = "SELECT users.id AS uid,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	485	username,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	486	fullname,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	487	email,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	488	description AS descr,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	489	active,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	490	perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	491	perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	492	perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	493	FROM users, perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	494	WHERE users.perm_templ = perm_templ.id "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	495	. $sql_add . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	496	ORDER BY username";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	497
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	498	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	499	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	500
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	501	while ($user = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	502	$userlist[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	503	"uid" => $user['uid'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	504	"username" => $user['username'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	505	"fullname" => $user['fullname'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	506	"email" => $user['email'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	507	"descr" => $user['descr'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	508	"active" => $user['active'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	509	"tpl_id" => $user['tpl_id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	510	"tpl_name" => $user['tpl_name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	511	"tpl_descr" => $user['tpl_descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	512	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	513	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	514	return $userlist;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	515	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	516
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	517
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	518	// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	519	// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	520	// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	521	// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	522
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	523	function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	524	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	525
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	526	if ($templ_id > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	527	$limit = ", perm_templ_items
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	528	WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	529	AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	530	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	531
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	532	$query = "SELECT perm_items.id AS id,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	533	perm_items.name AS name,
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	534	perm_items.descr AS descr
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	535	FROM perm_items"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	536	. $limit . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	537	ORDER BY descr";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	538	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	539	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	540
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	541	$permission_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	542	while ($permission = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	543	if ($return_name_only == false) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	544	$permission_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	545	"id" => $permission['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	546	"name" => $permission['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	547	"descr" => $permission['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	548	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	549	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	550	$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	551	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	552	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	553	return $permission_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	554	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	555
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	556
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	557	// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	558
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	559	function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	560	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	561
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	562	$query = "SELECT *
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	563	FROM perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	564	WHERE perm_templ.id = " . $db->quote($templ_id);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	565
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	566	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	567	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	568
89 61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	569	$details = $result->fetchRow();
61c49e66c9b0 [feladat @ 189] rejo parents: 85 diff changeset	570	return $details;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	571	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	572
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	573
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	574	// Get a list of all available permission templates.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	575
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	576	function get_list_permission_templates() {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	577	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	578
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	579	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	580	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	581	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	582
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	583	$perm_templ_list = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	584	while ($perm_templ = $result->fetchRow()) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	585	$perm_templ_list[] = array(
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	586	"id" => $perm_templ['id'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	587	"name" => $perm_templ['name'],
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	588	"descr" => $perm_templ['descr']
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	589	);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	590	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	591	return $perm_templ_list;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	592	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	593
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	594
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	595	// Add a permission template.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	596
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	597	function add_perm_templ($details) {
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	598	global $db;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	599
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	600	// Fix permission template name and description first.
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	601
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	602	$query = "INSERT INTO perm_templ (name, descr)
34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	603	VALUES ("
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	604	. $db->quote($details['templ_name']) . ", "
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	605	. $db->quote($details['templ_descr']) . ")";
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	606
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	607	$result = $db->query($query);
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	608	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	609
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	610	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	611
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	612	foreach ($details['perm_id'] AS $perm_id) {
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	613	$r_insert_values[] = "(" . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")";
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	614	}
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	615	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
85 1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	616	$result = $db->query($query);
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	617	if (pear::iserror($response)) { error($response->getmessage()); return false; }
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	618
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	619	return true;
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	620	}
1687c1b107fa [feladat @ 185] rejo parents: 83 diff changeset	621
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	622	// Update all details of a permission template.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	623
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	624	function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	625	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	626
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	627	// Fix permission template name and description first.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	628
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	629	$query = "UPDATE perm_templ
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	630	SET name = " . $db->quote($details['templ_name']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	631	descr = " . $db->quote($details['templ_descr']) . "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	632	WHERE id = " . $db->quote($details['templ_id']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	633
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	634	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	635	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	636
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	637	// Now, update list of permissions assigned to this template. We could do
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	638	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	639	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	640	// apply the difference between these two lists to the database. That sounds
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	641	// like to much work. Just delete all the permissions currently assigned to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	642	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	643
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	644	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	645	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	646	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	647
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	648	foreach ($details['perm_id'] AS $perm_id) {
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	649	$r_insert_values[] = "(" . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	650	}
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	651	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	652	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	653	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	654
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	655	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	656	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	657
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	658	function update_user_details($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	659
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	660	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	661
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	662	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	663	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	664
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	665	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") \|\|
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	666	($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	667
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	668	if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	669	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	670	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	671	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	672
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	673	if (!isset($details['active']) \|\| $details['active'] != "on" ) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	674	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	675	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	676	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	677	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	678
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	679	// Before updating the database we need to check whether the user wants to
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	680	// change the username. If the user wants to change the username, we need
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	681	// to make sure it doesn't already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	682	//
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	683	// First find the current username of the user ID we want to change. If the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	684	// current username is not the same as the username that was given by the
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	685	// user, the username should apparantly changed. If so, check if the "new"
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	686	// username already exists.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	687	$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	688	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	689	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	690
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	691	$usercheck = array();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	692	$usercheck = $result->fetchRow();
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	693
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	694	if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	695	// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	696	// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	697	// sure it doesn't already exist.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	698	$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	699	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	700	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	701
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	702	if($result->numRows() > 0) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	703	error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	704	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	705	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	706	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	707
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	708	// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	709	// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	710
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	711	$query = "UPDATE users SET
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	712	username = " . $db->quote($details['username']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	713	fullname = " . $db->quote($details['fullname']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	714	email = " . $db->quote($details['email']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	715	perm_templ = " . $db->quote($details['templ_id']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	716	description = " . $db->quote($details['descr']) . ",
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	717	active = " . $db->quote($active) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	718
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	719	// TODO Check if function works if password is set too.
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	720	if($details['password'] != "") {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	721	$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	722	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	723
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	724	$query .= " WHERE id = " . $db->quote($details['uid']) ;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	725
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	726	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	727	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	728
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	729	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	730	error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	731	return false;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	732	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	733	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	734	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	735
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	736	// Add a new user
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	737
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	738	function add_new_user($details) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	739	global $db;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	740
126 cb06e3e29ed8 [feladat @ 230] peter parents: 119 diff changeset	741	if (!verify_permission('user_add_new')) {
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	742	error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	743
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	744	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	745	error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	746
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	747	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	748	error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	749
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	750	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	751	$active = 1;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	752	} else {
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	753	$active = 0;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	754	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	755
109 34b2d49f52c6 [feladat @ 209] peter parents: 89 diff changeset	756	$query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES ("
82 c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	757	. $db->quote($details['username']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	758	. $db->quote(md5($details['password'])) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	759	. $db->quote($details['fullname']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	760	. $db->quote($details['email']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	761	. $db->quote($details['descr']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	762	. $db->quote($details['perm_templ']) . ", "
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	763	. $db->quote($active)
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	764	. ")";
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	765
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	766	$result = $db->query($query);
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	767	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	768
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	769	return true;
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	770	}
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	771
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	772
c255196bc447 [feladat @ 182] rejo parents: 74 diff changeset	773
1 58094faf794d [feladat @ 2] rejo parents: diff changeset	774	?>

author	peter
	Thu, 03 Apr 2008 21:48:36 +0000
changeset 126	cb06e3e29ed8
parent 119	f74e4f88b680
child 183	aae57715199e
permissions	-rwxr-xr-x