inc/users.inc.php
author rejo
Mon, 31 Mar 2008 06:43:38 +0000 (2008-03-31)
changeset 119 f74e4f88b680
parent 113 e7a448dba024
child 126 cb06e3e29ed8
permissions -rwxr-xr-x
[feladat @ 222] Changed case of Poweradmin's name (a is now lowercase).
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
71
e1b918eaf69a [feladat @ 118]
peter
parents: 67
diff changeset
     1
<?php
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
     2
119
f74e4f88b680 [feladat @ 222]
rejo
parents: 113
diff changeset
     3
/*  Poweradmin, a friendly web-based admin tool for PowerDNS.
47
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     4
 *  See <https://rejo.zenger.nl/poweradmin> for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     5
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     6
 *  Copyright 2007, 2008  Rejo Zenger <rejo@zenger.nl>
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     7
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     8
 *  This program is free software: you can redistribute it and/or modify
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
     9
 *  it under the terms of the GNU General Public License as published by
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    10
 *  the Free Software Foundation, either version 3 of the License, or
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    11
 *  (at your option) any later version.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    12
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    13
 *  This program is distributed in the hope that it will be useful,
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    14
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    15
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    16
 *  GNU General Public License for more details.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    17
 *
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    18
 *  You should have received a copy of the GNU General Public License
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    19
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
ae140472d97c [feladat @ 94]
rejo
parents: 36
diff changeset
    20
 */
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    21
58
78558a77131e [feladat @ 105]
rejo
parents: 55
diff changeset
    22
require_once("inc/toolkit.inc.php");
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    23
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    24
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    25
/* 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    26
 *  Function to see if user has right to do something. It will check if
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    27
 *  user has "ueberuser" bit set. If it isn't, it will check if the user has
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    28
 *  the specific permission. It returns "false" if the user doesn't have the
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    29
 *  right, and "true" if the user has. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    30
 */
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    31
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    32
function verify_permission($permission) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    33
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    34
        global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    35
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    36
	if ((!isset($_SESSION['userid'])) || (!is_object($db))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    37
		return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    38
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    39
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    40
        // Set current user ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    41
        $userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    42
113
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    43
		$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser');
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    44
		$ueberUserId = $db->queryOne($query);
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    45
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    46
        // Find the template ID that this user has been assigned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    47
        $query = "SELECT perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    48
			FROM users 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    49
			WHERE id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    50
        $templ_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    51
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    52
        // Does this user have ueberuser rights?
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    53
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    54
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    55
			WHERE templ_id = " . $db->quote($templ_id) . " 
113
e7a448dba024 [feladat @ 213]
peter
parents: 109
diff changeset
    56
			AND perm_id = ".$ueberUserId;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    57
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    58
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    59
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    60
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    61
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    62
        // Find the permission ID for the requested permission.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    63
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    64
			FROM perm_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    65
			WHERE name = " . $db->quote($permission) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    66
        $perm_id = $db->queryOne($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    67
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    68
        // Check if the permission ID is assigned to the template ID. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    69
        $query = "SELECT id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    70
			FROM perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    71
			WHERE templ_id = " . $db->quote($templ_id) . " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    72
			AND perm_id = " . $db->quote($perm_id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    73
        $result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    74
        if ( $result->numRows() > 0 ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    75
                return 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    76
        } else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    77
                return 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    78
        }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    79
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    80
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    81
function list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    82
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    83
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    84
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    85
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    86
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    87
	$template_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    88
	while ($template= $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    89
		$tempate_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    90
			"id"	=>	$template['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    91
			"name"	=>	$template['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    92
			"descr"	=>	$template['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    93
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    94
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    95
	return $tempate_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    96
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
    97
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    98
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
    99
 * Retrieve all users.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   100
 * Its to show_users therefore the odd name. Has to be changed.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   101
 * return values: an array with all users in it.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   102
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   103
function show_users($id='',$rowstart=0,$rowamount=9999999)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   104
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   105
 	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   106
	$add = '';
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   107
 	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   108
 	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   109
                 //When a user id is given, it is excluded from the userlist returned.
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   110
                 $add = " WHERE users.id!=".$db->quote($id);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   111
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   112
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   113
	// Make a huge query.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   114
	$sqlq = "SELECT users.id AS id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   115
		users.username AS username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   116
		users.fullname AS fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   117
		users.email AS email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   118
		users.description AS description,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   119
		users.active AS active,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   120
		users.perm_templ AS perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   121
		count(zones.owner) AS aantal FROM users
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   122
		LEFT JOIN zones ON users.id=zones.owner$add
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   123
		GROUP BY
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   124
			users.id,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   125
			users.username,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   126
			users.fullname,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   127
			users.email,
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   128
			users.description,
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   129
			users.perm_templ,
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   130
			users.active
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   131
		ORDER BY
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   132
			users.fullname";
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   133
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   134
	// Execute the huge query.
74
43c31dc98305 [feladat @ 121]
peter
parents: 71
diff changeset
   135
	$db->setLimit($rowamount, $rowstart);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   136
	$result = $db->query($sqlq);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   137
	$ret = array();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   138
	$retcount = 0;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   139
	while ($r = $result->fetchRow())
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   140
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   141
		$ret[] = array(
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   142
		 "id"                    =>              $r["id"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   143
		 "username"              =>              $r["username"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   144
		 "fullname"              =>              $r["fullname"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   145
		 "email"                 =>              $r["email"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   146
		 "description"           =>              $r["description"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   147
		 "level"                 =>              $r["level"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   148
		 "active"                =>              $r["active"],
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   149
		 "numdomains"            =>              $r["aantal"]
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   150
		);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   151
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   152
	return $ret;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   153
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   154
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   155
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   156
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   157
 * Check if the given $userid is connected to a valid user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   158
 * return values: true if user exists, false if users doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   159
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   160
 function is_valid_user($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   161
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   162
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   163
	if(is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   164
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   165
		$result = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   166
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   167
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   168
			return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   169
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   170
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   171
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   172
			return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   173
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   174
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   175
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   176
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   177
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   178
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   179
 * Checks if a given username exists in the database.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   180
 * return values: true if exists, false if not.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   181
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   182
function user_exists($user)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   183
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   184
	global $db;
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   185
	$result = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   186
	if ($result->numRows() == 0)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   187
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   188
                 return false;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   189
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   190
	elseif($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   191
	{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   192
        	return true;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   193
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   194
        else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   195
        {
4
55ed92aa7cf5 [feladat @ 5]
rejo
parents: 1
diff changeset
   196
        	error(ERR_UNKNOWN);
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   197
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   198
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   199
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   200
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   201
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   202
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   203
 * Delete a user from the system
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   204
 * return values: true if user doesnt exist.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   205
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   206
function delete_user($uid,$zones)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   207
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   208
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   209
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   210
	if (($uid != $_SESSION['userid'] && !verify_permission(user_edit_others)) || ($uid == $_SESSION['userid'] && !verify_permission(user_edit_own))) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   211
		 error(ERR_PERM_DEL_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   212
		 return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   213
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   214
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   215
		if (is_array($zones)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   216
			foreach ($zones as $zone) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   217
				if ($zone['target'] == "delete") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   218
					delete_domain($zone['zid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   219
				} elseif ($zone['target'] == "new_owner") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   220
					add_owner_to_zone($zone['zid'], $zone['newowner']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   221
				}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   222
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   223
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   224
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   225
		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   226
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   227
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   228
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   229
		$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   230
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   231
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   232
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   233
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   234
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   235
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   236
function delete_perm_templ($ptid) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   237
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   238
	global $db;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   239
	if (!(verify_permission(user_edit_templ_perm))) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   240
		error(ERR_PERM_DEL_PERM_TEMPL);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   241
	} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   242
		$query = "SELECT id FROM users WHERE perm_templ = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   243
		$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   244
		if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   245
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   246
		if($result->numRows() > 0) {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   247
			error(ERR_PERM_TEMPL_ASSIGNED);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   248
			return false;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   249
		} else {
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   250
			$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   251
			$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   252
			if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   253
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   254
			$query = "DELETE FROM perm_templ WHERE id = " . $ptid;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   255
			$result = $db->query($query);
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   256
			if (PEAR::isError($result)) { error($response->getMessage()); return false; }
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   257
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   258
			return true;
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   259
		}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   260
	}
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   261
}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   262
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   263
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   264
 * Edit the information of an user.. sloppy implementation with too many queries.. (2) :)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   265
 * return values: true if succesful
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   266
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   267
function edit_user($id, $user, $fullname, $email, $perm_templ, $description, $active, $password)
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   268
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   269
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   270
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   271
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   272
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   273
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   274
	if (($id == $_SESSION["userid"] && $perm_edit_own == "1") || ($id != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   275
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   276
		if (!is_valid_email($email)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   277
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   278
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   279
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   280
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   281
		if ($active != 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   282
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   283
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   284
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   285
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   286
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   287
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   288
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   289
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   290
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   291
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   292
		// username already exists.
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   293
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   294
		$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   295
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   296
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   297
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   298
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   299
		$usercheck = $result->fetchRow();
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   300
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   301
		if ($usercheck['username'] != $user) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   302
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   303
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   304
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   305
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   306
			
83
90fbb34b3d97 [feladat @ 183]
rejo
parents: 82
diff changeset
   307
			$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   308
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   309
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   310
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   311
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   312
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   313
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   314
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   315
		}
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   316
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   317
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   318
		// another user that goes by the wanted username. So, go ahead!
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   319
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   320
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   321
				username = " . $db->quote($user) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   322
				fullname = " . $db->quote($fullname) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   323
				email = " . $db->quote($email) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   324
				perm_templ = " . $db->quote($perm_templ) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   325
				description = " . $db->quote($description) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   326
				active = " . $db->quote($active) ;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   327
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   328
		if($password != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   329
			$query .= ", password = " . $db->quote(md5($password)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   330
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   331
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   332
		$query .= " WHERE id = " . $db->quote($id) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   333
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   334
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   335
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   336
		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   337
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   338
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   339
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   340
	}
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   341
	return true;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   342
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   343
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   344
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   345
 * Change the pass of the user.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   346
 * The user is automatically logged out after the pass change.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   347
 * return values: none.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   348
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   349
function change_user_pass($details) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   350
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   351
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   352
	if ($details['newpass'] != $details['newpass2']) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   353
		error(ERR_USER_MATCH_NEW_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   354
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   355
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   356
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   357
	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   358
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   359
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   360
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   361
	$rinfo = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   362
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   363
	if(md5($details['currentpass']) == $rinfo['password']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   364
		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   365
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   366
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   367
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   368
		logout( _('Password has been changed, please login.')); 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   369
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   370
		error(ERR_USER_WRONG_CURRENT_PASS);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   371
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   372
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   373
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   374
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   375
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   376
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   377
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   378
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   379
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   380
function get_fullname_from_userid($id) {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   381
	global $db;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   382
	if (is_numeric($id)) {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   383
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   384
		$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   385
		return $r["fullname"];
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   386
	} else {
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   387
		error(ERR_INV_ARG);
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   388
		return false;
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   389
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   390
}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   391
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   392
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   393
/*
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   394
 * Get a fullname when you have a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   395
 * return values: gives the fullname from a userid.
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   396
 */
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   397
function get_owner_from_id($id)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   398
{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   399
	global $db;
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   400
	if (is_numeric($id))
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   401
	{
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   402
		$result = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   403
		if ($result->numRows() == 1)
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   404
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   405
			$r = $result->fetchRow();
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   406
			return $r["fullname"];
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   407
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   408
		else
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   409
		{
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   410
			error(ERR_USER_NOT_EXIST);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   411
		}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   412
	}
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   413
	error(ERR_INV_ARG);
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   414
}
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   415
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   416
/**
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   417
 * get_owners_from_domainid
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   418
 *
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   419
 * @todo also fetch the subowners
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   420
 * @param $id integer the id of the domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   421
 * @return String the list of owners for this domain
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   422
 */
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   423
function get_fullnames_owners_from_domainid($id) {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   424
      
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   425
      global $db;
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   426
      if (is_numeric($id))
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   427
      {
65
ce1c4d5e1576 [feladat @ 112]
peter
parents: 58
diff changeset
   428
              $result = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   429
              if ($result->numRows() == 0)
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   430
              {
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   431
		      return "";
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   432
              } 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   433
	      else 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   434
	      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   435
                      $names = array();
36
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   436
                      while ($r = $result->fetchRow()) 
4ec5ab29f634 [feladat @ 83]
rejo
parents: 26
diff changeset
   437
		      {
26
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   438
                              $names[] = $r['fullname'];
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   439
                      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   440
                      return implode(', ', $names);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   441
              }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   442
      }
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   443
      error(ERR_INV_ARG);
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   444
}
5d63f1e71d6e [feladat @ 73]
rejo
parents: 8
diff changeset
   445
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   446
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   447
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   448
function verify_user_is_owner_zoneid($zoneid) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   449
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   450
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   451
	$userid=$_SESSION["userid"];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   452
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   453
	if (is_numeric($zoneid)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   454
		$result = $db->query("SELECT zones.id 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   455
				FROM zones 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   456
				WHERE zones.owner = " . $db->quote($userid) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   457
				AND zones.domain_id = ". $db->quote($zoneid)) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   458
		if ($result->numRows() == 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   459
			return "0";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   460
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   461
			return "1";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   462
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   463
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   464
	error(ERR_INV_ARG);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   465
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   466
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   467
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   468
function get_user_detail_list($specific) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   469
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   470
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   471
	$userid=$_SESSION['userid'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   472
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   473
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   474
	if (v_num($specific)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   475
		$sql_add = "AND users.id = " . $db->quote($specific) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   476
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   477
		if (verify_permission(user_view_others)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   478
			$sql_add = "";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   479
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   480
			$sql_add = "AND users.id = " . $db->quote($userid) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   481
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   482
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   483
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   484
	$query = "SELECT users.id AS uid, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   485
			username, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   486
			fullname, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   487
			email, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   488
			description AS descr,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   489
			active,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   490
			perm_templ.id AS tpl_id,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   491
			perm_templ.name AS tpl_name,
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   492
			perm_templ.descr AS tpl_descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   493
			FROM users, perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   494
			WHERE users.perm_templ = perm_templ.id " 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   495
			. $sql_add . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   496
			ORDER BY username";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   497
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   498
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   499
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   500
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   501
	while ($user = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   502
		$userlist[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   503
			"uid"		=>	$user['uid'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   504
			"username"	=>	$user['username'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   505
			"fullname"	=>	$user['fullname'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   506
			"email"		=>	$user['email'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   507
			"descr"		=>	$user['descr'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   508
			"active"	=>	$user['active'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   509
			"tpl_id"	=>	$user['tpl_id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   510
			"tpl_name"	=>	$user['tpl_name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   511
			"tpl_descr"	=>	$user['tpl_descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   512
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   513
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   514
	return $userlist;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   515
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   516
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   517
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   518
// Get a list of permissions that are available. If first argument is "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   519
// should return all available permissions. If the first argument is > "0", it
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   520
// should return the permissions assigned to that particular template only. If
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   521
// second argument is true, only the permission names are returned.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   522
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   523
function get_permissions_by_template_id($templ_id=0,$return_name_only=false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   524
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   525
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   526
	if ($templ_id > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   527
		$limit = ", perm_templ_items 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   528
			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   529
			AND perm_templ_items.perm_id = perm_items.id";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   530
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   531
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   532
	$query = "SELECT perm_items.id AS id, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   533
			perm_items.name AS name, 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   534
			perm_items.descr AS descr
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   535
			FROM perm_items" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   536
			. $limit . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   537
			ORDER BY descr";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   538
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   539
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   540
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   541
	$permission_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   542
	while ($permission = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   543
		if ($return_name_only == false) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   544
			$permission_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   545
				"id"	=>	$permission['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   546
				"name"	=>	$permission['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   547
				"descr"	=>	$permission['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   548
				);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   549
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   550
			$permission_list[] = $permission['name'];
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   551
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   552
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   553
	return $permission_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   554
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   555
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   556
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   557
// Get name and description of template based on template ID.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   558
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   559
function get_permission_template_details($templ_id) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   560
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   561
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   562
	$query = "SELECT *
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   563
			FROM perm_templ
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   564
			WHERE perm_templ.id = " . $db->quote($templ_id);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   565
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   566
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   567
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   568
89
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   569
	$details = $result->fetchRow(); 
61c49e66c9b0 [feladat @ 189]
rejo
parents: 85
diff changeset
   570
	return $details;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   571
}	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   572
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   573
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   574
// Get a list of all available permission templates.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   575
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   576
function get_list_permission_templates() {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   577
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   578
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   579
	$query = "SELECT * FROM perm_templ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   580
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   581
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   582
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   583
	$perm_templ_list = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   584
	while ($perm_templ = $result->fetchRow()) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   585
		$perm_templ_list[] = array(
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   586
			"id"	=>	$perm_templ['id'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   587
			"name"	=>	$perm_templ['name'],
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   588
			"descr"	=>	$perm_templ['descr']
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   589
			);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   590
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   591
	return $perm_templ_list;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   592
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   593
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   594
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   595
// Add a permission template.
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   596
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   597
function add_perm_templ($details) {
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   598
	global $db;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   599
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   600
	// Fix permission template name and description first. 
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   601
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   602
	$query = "INSERT INTO perm_templ (name, descr)
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   603
			VALUES (" 
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   604
				. $db->quote($details['templ_name']) . ", " 
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   605
				. $db->quote($details['templ_descr']) . ")";
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   606
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   607
	$result = $db->query($query);
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   608
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   609
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   610
	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   611
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   612
	foreach ($details['perm_id'] AS $perm_id) {
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   613
		$r_insert_values[] = "(" . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")";
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   614
	}
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   615
	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
85
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   616
	$result = $db->query($query);
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   617
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   618
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   619
	return true;
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   620
}
1687c1b107fa [feladat @ 185]
rejo
parents: 83
diff changeset
   621
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   622
// Update all details of a permission template.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   623
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   624
function update_perm_templ_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   625
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   626
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   627
	// Fix permission template name and description first. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   628
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   629
	$query = "UPDATE perm_templ 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   630
			SET name = " . $db->quote($details['templ_name']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   631
			descr = " . $db->quote($details['templ_descr']) . "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   632
			WHERE id = " . $db->quote($details['templ_id']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   633
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   634
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   635
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   636
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   637
	// Now, update list of permissions assigned to this template. We could do 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   638
	// this The Correct Way [tm] by comparing the list of permissions that are
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   639
	// currently assigned with a list of permissions that should be assigned and
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   640
	// apply the difference between these two lists to the database. That sounds 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   641
	// like to much work. Just delete all the permissions currently assigned to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   642
	// the template, than assign all the permessions the template should have.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   643
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   644
	$query = "DELETE FROM perm_templ_items WHERE templ_id = " . $details['templ_id'] ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   645
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   646
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   647
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   648
	foreach ($details['perm_id'] AS $perm_id) {
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   649
		$r_insert_values[] = "(" . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   650
	}
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   651
	$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES " . implode(',', $r_insert_values) ;
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   652
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   653
	if (pear::iserror($response)) { error($response->getmessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   654
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   655
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   656
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   657
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   658
function update_user_details($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   659
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   660
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   661
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   662
	verify_permission(user_edit_own) ? $perm_edit_own = "1" : $perm_edit_own = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   663
	verify_permission(user_edit_others) ? $perm_edit_others = "1" : $perm_edit_others = "0" ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   664
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   665
	if (($details['uid'] == $_SESSION["userid"] && $perm_edit_own == "1") || 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   666
			($details['uid'] != $_SESSION["userid"] && $perm_edit_others == "1" )) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   667
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   668
		if (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   669
			error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   670
			return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   671
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   672
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   673
		if (!isset($details['active']) || $details['active'] != "on" ) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   674
			$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   675
		} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   676
			$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   677
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   678
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   679
		// Before updating the database we need to check whether the user wants to 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   680
		// change the username. If the user wants to change the username, we need 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   681
		// to make sure it doesn't already exists. 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   682
		//
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   683
		// First find the current username of the user ID we want to change. If the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   684
		// current username is not the same as the username that was given by the 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   685
		// user, the username should apparantly changed. If so, check if the "new" 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   686
		// username already exists.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   687
		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   688
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   689
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   690
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   691
		$usercheck = array();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   692
		$usercheck = $result->fetchRow();
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   693
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   694
		if ($usercheck['username'] != $details['username']) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   695
			// Username of user ID in the database is different from the name
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   696
			// we have been given. User wants a change of username. Now, make
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   697
			// sure it doesn't already exist.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   698
			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   699
			$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   700
			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   701
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   702
			if($result->numRows() > 0) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   703
				error(ERR_USER_EXIST);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   704
				return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   705
			}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   706
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   707
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   708
		// So, user doesn't want to change username or, if he wants, there is not
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   709
		// another user that goes by the wanted username. So, go ahead!
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   710
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   711
		$query = "UPDATE users SET
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   712
				username = " . $db->quote($details['username']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   713
				fullname = " . $db->quote($details['fullname']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   714
				email = " . $db->quote($details['email']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   715
				perm_templ = " . $db->quote($details['templ_id']) . ",
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   716
				description = " . $db->quote($details['descr']) . ", 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   717
				active = " . $db->quote($active) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   718
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   719
		// TODO Check if function works if password is set too.
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   720
		if($details['password'] != "") {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   721
			$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   722
		}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   723
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   724
		$query .= " WHERE id = " . $db->quote($details['uid']) ;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   725
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   726
		$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   727
		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   728
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   729
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   730
		error(ERR_PERM_EDIT_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   731
		return false;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   732
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   733
	return true;		
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   734
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   735
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   736
// Add a new user
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   737
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   738
function add_new_user($details) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   739
	global $db;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   740
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   741
	if (!verify_permission(user_add_new)) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   742
		error(ERR_PERM_ADD_USER);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   743
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   744
	} elseif (user_exists($details['username'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   745
		error(ERR_USER_EXISTS);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   746
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   747
	} elseif (!is_valid_email($details['email'])) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   748
		error(ERR_INV_EMAIL);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   749
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   750
	} elseif ($details['active'] == 1) {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   751
		$active = 1;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   752
	} else {
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   753
		$active = 0;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   754
	}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   755
109
34b2d49f52c6 [feladat @ 209]
peter
parents: 89
diff changeset
   756
	$query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES ("
82
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   757
			. $db->quote($details['username']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   758
			. $db->quote(md5($details['password'])) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   759
			. $db->quote($details['fullname']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   760
			. $db->quote($details['email']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   761
			. $db->quote($details['descr']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   762
			. $db->quote($details['perm_templ']) . ", "
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   763
			. $db->quote($active) 
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   764
			. ")";
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   765
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   766
	$result = $db->query($query);
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   767
	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   768
	
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   769
	return true;
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   770
}
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   771
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   772
			
c255196bc447 [feladat @ 182]
rejo
parents: 74
diff changeset
   773
1
58094faf794d [feladat @ 2]
rejo
parents:
diff changeset
   774
?>