inc/users.inc.php
author peter
Fri, 26 Sep 2008 10:02:33 +0000
changeset 194 df674d004508
parent 192 3d18290ac993
child 195 5ac118d6556c
permissions -rw-r--r--
[feladat @ 307] Minor bug fix: bg.shiny@gmail.com reported that cyrillic characters where not supported. Applied the patch which was supplied. This closes #93.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
71
e1b918eaf69a [feladat @ 118]
peter
parents: 67
diff changeset
     1
<?php
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
119
f74e4f88b680 [feladat @ 222]
rejo
parents: 113
diff changeset
     3
/*  Poweradmin, a friendly web-based admin tool for PowerDNS.
47
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     4
 *  See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     5
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     6
 *  Copyright 2007, 2008  Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     7
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     8
 *  This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     9
 *  it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    10
 *  the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    11
 *  (at your option) any later version.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    12
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    13
 *  This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    14
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    15
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    16
 *  GNU General Public License for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    17
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    18
 *  You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    19
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    20
 */
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
58
78558a77131e [feladat @ 105]
rejo
parents: 55
diff changeset
    22
require_once("inc/toolkit.inc.php");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    24
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    25
/* 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    26
 *  Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    27
 *  user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    28
 *  the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    29
 *  right, and "true" if the user has. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    30
 */
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    31
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    32
function verify_permission($permission) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    33
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    34
        global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    35
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    36
	if ((!isset($_SESSION['userid'])) || (!is_object($db))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    37
		return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    38
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    39
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    40
        // Set current user ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    41
        $userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    42
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    43
		$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser', 'text');
113
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    44
		$ueberUserId = $db->queryOne($query);
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    45
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    46
        // Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    47
        $query = "SELECT perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    48
			FROM users 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    49
			WHERE id = " . $db->quote($userid, 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    50
        $templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    51
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    52
        // Does this user have ueberuser rights?
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    53
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    54
			FROM perm_templ_items 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    55
			WHERE templ_id = " . $db->quote($templ_id, 'integer') . " 
113
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    56
			AND perm_id = ".$ueberUserId;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    57
        $response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    58
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    59
        if ( $response->numRows() > 0 ) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    60
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    61
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    62
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    63
        // Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    64
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    65
			FROM perm_items 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    66
			WHERE name = " . $db->quote($permission, 'text') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    67
        $perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    68
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    69
        // Check if the permission ID is assigned to the template ID. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    70
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    71
			FROM perm_templ_items 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    72
			WHERE templ_id = " . $db->quote($templ_id, 'integer') . " 
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
    73
			AND perm_id = " . $db->quote($perm_id, 'integer') ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    74
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    75
        $response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
    76
        if ( $response->numRows() > 0 ) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    77
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    78
        } else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    79
                return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    80
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    81
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    83
function list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    84
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    85
	$query = "SELECT * FROM perm_templ";
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
    86
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    87
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    88
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    89
	$template_list = array();
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
    90
	while ($template= $response->fetchRow()) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    91
		$tempate_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    92
			"id"	=>	$template['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    93
			"name"	=>	$template['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    94
			"descr"	=>	$template['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    95
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    96
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    97
	return $tempate_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    98
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    99
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   103
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   106
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   107
 	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   108
	$add = '';
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   109
 	if(is_numeric($id)) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   110
                 //When a user id is given, it is excluded from the userlist returned.
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   111
                 $add = " WHERE users.id!=".$db->quote($id, 'integer');
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
	// Make a huge query.
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   115
	$query = "SELECT users.id AS id,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   117
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   120
		users.active AS active,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   121
		users.perm_templ AS perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   126
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   129
			users.description,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   130
			users.perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   132
		ORDER BY
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   133
			users.fullname";
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   135
	// Execute the huge query.
74
43c31dc98305 [feladat @ 121]
peter
parents: 71
diff changeset
   136
	$db->setLimit($rowamount, $rowstart);
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   137
	$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   138
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
	$retcount = 0;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   141
	while ($r = $response->fetchRow()) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   152
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   162
	global $db;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   163
	if(is_numeric($id)) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   164
		$response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id, 'integer'));
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   165
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   166
		if ($response->numRows() == 1) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
			return true;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   168
		} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
	global $db;
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   182
	$response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user, 'text'));
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   183
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   184
	if ($response->numRows() == 0) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   185
                 return false;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   186
	} elseif ($response->numRows() == 1) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
        	return true;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   188
	} else {
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
   189
        	error(ERR_UNKNOWN);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   193
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   196
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   199
function delete_user($uid,$zones)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   203
	if (($uid != $_SESSION['userid'] && !verify_permission('user_edit_others')) || ($uid == $_SESSION['userid'] && !verify_permission('user_edit_own'))) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   204
		 error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   205
		 return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   206
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   207
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   208
		if (is_array($zones)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   209
			foreach ($zones as $zone) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   210
				if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   211
					delete_domain($zone['zid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   212
				} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   213
					add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   214
				}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   215
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   216
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   217
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   218
		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid, 'integer') ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   219
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   220
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   221
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   222
		$query = "DELETE FROM users WHERE id = " . $db->quote($uid, 'integer') ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   223
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   224
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   225
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   226
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   227
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   228
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   229
function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   230
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   231
	global $db;
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   232
	if (!(verify_permission('user_edit_templ_perm'))) {
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   233
		error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   234
	} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   235
		$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   236
		$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   237
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   238
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   239
		if($response->numRows() > 0) {
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   240
			error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   241
			return false;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   242
		} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   243
			$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   244
			$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   245
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   246
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   247
			$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   248
			$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   249
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   250
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   251
			return true;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   252
		}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   253
	}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   254
}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   255
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   256
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   257
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   258
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   259
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   260
function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   261
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   262
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   263
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   264
	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   265
	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   266
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   267
	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") || ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   268
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   269
		if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   270
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   271
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   272
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   273
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   274
		if ($active != 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   275
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   276
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   277
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   278
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   279
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   280
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   281
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   282
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   283
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   284
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   285
		// username already exists.
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   286
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   287
		$query = "SELECT username FROM users WHERE id = " . $db->quote($id, 'integer');
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   288
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   289
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   290
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   291
		$usercheck = array();
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   292
		$usercheck = $response->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   293
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   294
		if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   295
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   296
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   297
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   298
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   299
			
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   300
			$query = "SELECT id FROM users WHERE username = " . $db->quote($user, 'integer');
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   301
			$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   302
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   303
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   304
			if($response->numRows() > 0) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   305
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   306
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   307
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   308
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   309
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   310
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   311
		// another user that goes by the wanted username. So, go ahead!
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   312
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   313
		$query = "UPDATE users SET
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   314
				username = " . $db->quote($user, 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   315
				fullname = " . $db->quote($fullname, 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   316
				email = " . $db->quote($email, 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   317
				perm_templ = " . $db->quote($perm_templ, 'integer') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   318
				description = " . $db->quote($description, 'text') . ", 
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   319
				active = " . $db->quote($active, 'integer') ;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   320
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   321
		if($password != "") {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   322
			$query .= ", password = " . $db->quote(md5($password), 'text') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   323
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   324
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   325
		$query .= " WHERE id = " . $db->quote($id, 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   326
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   327
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   328
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   329
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   330
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   331
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   332
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   333
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   334
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   335
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   336
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   337
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   338
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   339
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   340
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   341
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   342
function change_user_pass($details) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   344
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   345
	if ($details['newpass'] != $details['newpass2']) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   346
		error(ERR_USER_MATCH_NEW_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   347
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   348
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   349
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   350
	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"], 'text');
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   351
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   352
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   353
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   354
	$rinfo = $response->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   355
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   356
	if(md5($details['currentpass']) == $rinfo['password']) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   357
		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass']), 'text') . " WHERE id = " . $db->quote($rinfo['id'], 'integer') ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   358
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   359
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   360
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   361
		logout( _('Password has been changed, please login.')); 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   362
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   363
		error(ERR_USER_WRONG_CURRENT_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   364
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   365
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   366
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   367
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   368
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   369
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   370
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   371
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   372
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   373
function get_fullname_from_userid($id) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   374
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   375
	if (is_numeric($id)) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   376
		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   377
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   378
		$r = $response->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   379
		return $r["fullname"];
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   380
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   381
		error(ERR_INV_ARG);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   382
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   383
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   384
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   385
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   386
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   387
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   388
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   389
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   390
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   391
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   392
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   393
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   394
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   395
	{
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   396
		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   397
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   398
		if ($response->numRows() == 1)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   399
		{
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   400
			$r = $response->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   401
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   402
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   403
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   404
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   405
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   406
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   407
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   408
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   409
}
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   410
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   411
/**
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   412
 * get_owners_from_domainid
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   413
 *
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   414
 * @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   415
 * @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   416
 * @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   417
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   418
function get_fullnames_owners_from_domainid($id) {
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   419
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   420
	global $db;
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   421
	if (is_numeric($id)) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   422
		$response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id, 'integer')." AND zones.owner=users.id ORDER by fullname");
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   423
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   424
		if ($response->numRows() == 0) {
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   425
			return "";
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   426
		} else {
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   427
			$names = array();
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   428
			while ($r = $response->fetchRow()) {
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   429
				$names[] = $r['fullname'];
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   430
			}
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   431
			return implode(', ', $names);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   432
		}
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   433
	}
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   434
	error(ERR_INV_ARG);
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   435
}
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   436
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   437
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   438
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   439
function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   440
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   441
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   442
	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   443
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   444
	if (is_numeric($zoneid)) {
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   445
		$response = $db->query("SELECT zones.id 
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   446
				FROM zones 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   447
				WHERE zones.owner = " . $db->quote($userid, 'integer') . "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   448
				AND zones.domain_id = ". $db->quote($zoneid, 'integer')) ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   449
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   450
		if ($response->numRows() == 0) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   451
			return "0";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   452
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   453
			return "1";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   454
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   455
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   456
	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   457
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   458
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   459
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   460
function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   461
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   462
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   463
	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   464
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   465
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   466
	if (v_num($specific)) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   467
		$sql_add = "AND users.id = " . $db->quote($specific, 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   468
	} else {
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   469
		if (verify_permission('user_view_others')) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   470
			$sql_add = "";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   471
		} else {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   472
			$sql_add = "AND users.id = " . $db->quote($userid, 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   473
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   474
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   475
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   476
	$query = "SELECT users.id AS uid, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   477
			username, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   478
			fullname, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   479
			email, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   480
			description AS descr,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   481
			active,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   482
			perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   483
			perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   484
			perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   485
			FROM users, perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   486
			WHERE users.perm_templ = perm_templ.id " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   487
			. $sql_add . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   488
			ORDER BY username";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   489
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   490
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   491
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   492
	
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   493
	while ($user = $response->fetchRow()) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   494
		$userlist[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   495
			"uid"		=>	$user['uid'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   496
			"username"	=>	$user['username'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   497
			"fullname"	=>	$user['fullname'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   498
			"email"		=>	$user['email'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   499
			"descr"		=>	$user['descr'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   500
			"active"	=>	$user['active'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   501
			"tpl_id"	=>	$user['tpl_id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   502
			"tpl_name"	=>	$user['tpl_name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   503
			"tpl_descr"	=>	$user['tpl_descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   504
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   505
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   506
	return $userlist;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   507
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   508
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   509
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   510
// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   511
// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   512
// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   513
// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   514
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   515
function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   516
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   517
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   518
	if ($templ_id > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   519
		$limit = ", perm_templ_items 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   520
			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id, 'integer') . "
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   521
			AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   522
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   523
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   524
	$query = "SELECT perm_items.id AS id, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   525
			perm_items.name AS name, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   526
			perm_items.descr AS descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   527
			FROM perm_items" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   528
			. $limit . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   529
			ORDER BY descr";
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   530
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   531
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   532
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   533
	$permission_list = array();
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   534
	while ($permission = $response->fetchRow()) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   535
		if ($return_name_only == false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   536
			$permission_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   537
				"id"	=>	$permission['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   538
				"name"	=>	$permission['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   539
				"descr"	=>	$permission['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   540
				);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   541
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   542
			$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   543
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   544
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   545
	return $permission_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   546
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   547
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   548
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   549
// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   550
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   551
function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   552
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   553
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   554
	$query = "SELECT *
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   555
			FROM perm_templ
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   556
			WHERE perm_templ.id = " . $db->quote($templ_id, 'integer');
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   557
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   558
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   559
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   560
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   561
	$details = $response->fetchRow(); 
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   562
	return $details;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   563
}	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   564
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   565
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   566
// Get a list of all available permission templates.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   567
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   568
function get_list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   569
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   570
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   571
	$query = "SELECT * FROM perm_templ";
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   572
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   573
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   574
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   575
	$perm_templ_list = array();
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   576
	while ($perm_templ = $response->fetchRow()) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   577
		$perm_templ_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   578
			"id"	=>	$perm_templ['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   579
			"name"	=>	$perm_templ['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   580
			"descr"	=>	$perm_templ['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   581
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   582
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   583
	return $perm_templ_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   584
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   585
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   586
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   587
// Add a permission template.
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   588
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   589
function add_perm_templ($details) {
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   590
	global $db;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   591
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   592
	// Fix permission template name and description first. 
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   593
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   594
	$query = "INSERT INTO perm_templ (name, descr)
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   595
			VALUES (" 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   596
				. $db->quote($details['templ_name'], 'text') . ", " 
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   597
				. $db->quote($details['templ_descr'], 'text') . ")";
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   598
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   599
	$response = $db->query($query);
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   600
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   601
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   602
	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   603
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   604
	foreach ($details['perm_id'] AS $perm_id) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   605
		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id, 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   606
		$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   607
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   608
	}
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   609
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   610
	return true;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   611
}
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   612
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   613
// Update all details of a permission template.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   614
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   615
function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   616
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   617
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   618
	// Fix permission template name and description first. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   619
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   620
	$query = "UPDATE perm_templ 
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   621
			SET name = " . $db->quote($details['templ_name'], 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   622
			descr = " . $db->quote($details['templ_descr'], 'text') . "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   623
			WHERE id = " . $db->quote($details['templ_id'], 'integer') ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   624
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   625
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   626
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   627
	// Now, update list of permissions assigned to this template. We could do 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   628
	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   629
	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   630
	// apply the difference between these two lists to the database. That sounds 
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   631
	// like too much work. Just delete all the permissions currently assigned to 
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   632
	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   633
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   634
	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   635
	$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   636
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   637
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   638
	foreach ($details['perm_id'] AS $perm_id) {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   639
		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id'], 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   640
		$response = $db->query($query);
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   641
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   642
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   643
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   644
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   645
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   646
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   647
function update_user_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   648
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   649
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   650
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   651
	verify_permission('user_edit_own') ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   652
	verify_permission('user_edit_others') ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   653
	verify_permission('templ_perm_edit') ? $perm_templ_perm_edit = "1" : $perm_templ_perm_edit = "0" ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   654
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   655
	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") || 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   656
			($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   657
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   658
		if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   659
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   660
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   661
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   662
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   663
		if (!isset($details['active']) || $details['active'] != "on" ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   664
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   665
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   666
			$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   667
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   668
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   669
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   670
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   671
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   672
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   673
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   674
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   675
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   676
		// username already exists.
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   677
		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid'], 'integer');
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   678
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   679
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   680
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   681
		$usercheck = array();
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   682
		$usercheck = $response->fetchRow();
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   683
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   684
		if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   685
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   686
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   687
			// sure it doesn't already exist.
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   688
			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username'], 'text');
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   689
			$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   690
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   691
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   692
			if($response->numRows() > 0) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   693
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   694
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   695
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   696
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   697
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   698
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   699
		// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   700
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   701
		$query = "UPDATE users SET
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   702
				username = " . $db->quote($details['username'], 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   703
				fullname = " . $db->quote($details['fullname'], 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   704
				email = " . $db->quote($details['email'], 'text') . ",
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   705
				description = " . $db->quote($details['descr'], 'text') . ", 
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   706
				active = " . $db->quote($active, 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   707
183
aae57715199e [feladat @ 291]
rejo
parents: 126
diff changeset
   708
		// If the user is alllowed to change the permission template, set it.
aae57715199e [feladat @ 291]
rejo
parents: 126
diff changeset
   709
		if ($perm_templ_perm_edit == "1") {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   710
			$query .= ", perm_templ = " . $db->quote($details['templ_id'], 'integer') ;
183
aae57715199e [feladat @ 291]
rejo
parents: 126
diff changeset
   711
aae57715199e [feladat @ 291]
rejo
parents: 126
diff changeset
   712
		}
aae57715199e [feladat @ 291]
rejo
parents: 126
diff changeset
   713
184
b60b88b1ae08 [feladat @ 292]
rejo
parents: 183
diff changeset
   714
		if(isset($details['password']) && $details['password'] != "") {
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   715
			$query .= ", password = " . $db->quote(md5($details['password']), 'text');
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   716
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   717
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   718
		$query .= " WHERE id = " . $db->quote($details['uid'], 'integer') ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   719
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   720
		$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   721
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   722
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   723
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   724
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   725
		return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   726
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   727
	return true;		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   728
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   729
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   730
// Add a new user
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   731
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   732
function add_new_user($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   733
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   734
126
cb06e3e29ed8 [feladat @ 230]
peter
parents: 119
diff changeset
   735
	if (!verify_permission('user_add_new')) {
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   736
		error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   737
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   738
	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   739
		error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   740
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   741
	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   742
		error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   743
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   744
	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   745
		$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   746
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   747
		$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   748
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   749
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   750
	$query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES ("
192
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   751
			. $db->quote($details['username'], 'text') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   752
			. $db->quote(md5($details['password']), 'text') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   753
			. $db->quote($details['fullname'], 'text') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   754
			. $db->quote($details['email'], 'text') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   755
			. $db->quote($details['descr'], 'text') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   756
			. $db->quote($details['perm_templ'], 'integer') . ", "
3d18290ac993 [feladat @ 302]
peter
parents: 190
diff changeset
   757
			. $db->quote($active, 'integer') 
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   758
			. ")";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   759
190
7a683326ccec [feladat @ 299]
rejo
parents: 188
diff changeset
   760
	$response = $db->query($query);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   761
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   762
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   763
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   764
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   765
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   766
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   767
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   768
?>