claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add a user management panel for administrators

Browse Source
This commit is contained in:
Jonathan Ernst
2005-01-16 02:04:03 +00:00
committed by WineHQ
parent 93d3d6b748
commit f093a01229
4 changed files with 153 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
admin/adminUsers.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
/********************/
/* Users Management */
/********************/
include("path.php");
include(BASE."include/"."incl.php");
apidb_header("Admin Users Management");
if(!havepriv("admin"))
{
errorpage("Insufficient privileges.");
exit;
}
// we want to delete a user
if($_REQUEST['action'] == "delete" && is_numeric($_REQUEST['userId']))
{
$sEmail = lookupEmail($_REQUEST['userId']);
if($sEmail)
{
$_SESSION['current']->remove($sEmail);
}
}
// search form
echo html_frame_start("Users Management","400","",0)
?>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" METHOD="POST">
<table width="100%" border=0 cellpadding=0 cellspacing=0>
<tr>
<td class="color1">Pattern</td>
<td><input type="text" name="sSearch" value="<?php echo$_REQUEST['sSearch'];?>"/><br /><small>(leave blank to match all)</small></td>
</tr>
<tr>
<td class="color1">Show first</td>
<td>
<select name="iLimit">
<option value="100"<?php if($_REQUEST['iLimit']=="100")echo" SELECTED";?>>100 results</option>
<option value="200"<?php if($_REQUEST['iLimit']=="200")echo" SELECTED";?>>200 results</option>
<option value="500"<?php if($_REQUEST['iLimit']=="500")echo" SELECTED";?>>500 result</option>
</select>
</td>
</tr>
<tr>
<td class="color1">Order by</td>
<td>
<select NAME="sOrderBy">
<option value="email"<?php if($_REQUEST['sOrderBy']=="email")echo" SELECTED";?>>e-mail</option>
<option value="realname"<?php if($_REQUEST['sOrderBy']=="realname")echo" SELECTED";?>>real name</option>
<option value="created"<?php if($_REQUEST['sOrderBy']=="created")echo" SELECTED";?>>creation date</option>
</select>
</td>
</tr>
<tr>
<td colspan=2 class=color3 align=center><input type="SUBMIT" name="sSubmit" value="List Users" class="button"></td>
</tr>
</table>
</form>
<?php
echo html_frame_end();
// if the search form was submitted
if($_REQUEST['sSubmit'])
{
echo html_frame_start("Query Results","90%","",0);
echo "<table width='100%' border=0 cellpadding=3 cellspacing=0>\n\n";
echo "<tr class=color4>\n";
echo " <td>Real name</td>\n";
echo " <td>E-mail</td>\n";
echo " <td>Creation date</td>\n";
echo " <td>Last connected</td>\n";
echo " <td>&nbsp;</td>\n";
echo "</tr>\n\n";
if(is_numeric($_REQUEST['iLimit']) && in_array($_REQUEST['sOrderBy'],array("email","realname","created")))
{
$sSearch = addslashes($_REQUEST['sSearch']);
$sQuery = "SELECT * FROM user_list
WHERE realname LIKE '%".$sSearch."%' OR email LIKE '%".$sSearch."%'
ORDER BY ".$_REQUEST['sOrderBy']."
LIMIT ".$_REQUEST['iLimit'];
$hResult = query_appdb($sQuery);
$i=0;
while($hResult && $oRow = mysql_fetch_object($hResult))
{
$sAreYouSure = "Are you sure that you want to delete user ".addslashes($oRow->realname)." ?";
echo "<tr class=\"color".(($i++)%2)."\">\n";
echo " <td>".$oRow->realname."</td>\n";
echo " <td>".$oRow->email."</td>\n";
echo " <td>".$oRow->created."</td>\n";
echo " <td>".$oRow->stamp."</td>\n";
echo " <td>[<a onclick=\"if(!confirm('".$sAreYouSure."'))return false;\" \"href=\"".$_SERVER['PHP_SELF']."?action=delete&userId=".$oRow->userid."&sSearch=".$sSearch."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."&sSubmit=true\">delete</a>]&nbsp;[<a href=\"../preferences.php?userId=".$oRow->userid."&sSearch=".$sSearch."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."\">edit</a>]</td>\n";
echo "</tr>\n\n";
}
}
echo "</table>";
echo html_frame_end();
}
apidb_footer();
?>

4
include/sidebar_admin.php
View File

@@ -12,7 +12,6 @@ function global_admin_menu() {
$g->add("Add Vendor", BASE."admin/addVendor.php");
$g->addmisc("&nbsp;");
$g->add("List Users", BASE."admin/");
$g->add("View App Queue (".getQueuedAppCount().")", BASE."admin/adminAppQueue.php");
$g->add("View App Data Queue (".getQueuedAppDataCount().")", BASE."admin/adminAppDataQueue.php");
$g->add("View Maintainer Queue (".getQueuedMaintainerCount().")", BASE."admin/adminMaintainerQueue.php");
@@ -20,7 +19,8 @@ function global_admin_menu() {
$g->add("View Vendors (".getVendorCount().")", BASE."admin/adminVendors.php");
$g->addmisc("&nbsp;");
$g->add("Comment manager", BASE."admin/adminCommentView.php");
$g->add("Users Management", BASE."admin/adminUsers.php");
$g->add("Comments Management", BASE."admin/adminCommentView.php");
$g->done();
}

10
include/user.php
View File

@@ -165,17 +165,13 @@ class User {
* remove the current, or specified user from the database
* returns 0 on success and an error msg on failure
*/
function remove($sEmail = 0)
function remove($sEmail = "")
{
if($sEmail == 0)
if(!$sEmail)
$sEmail = $this->email;
$result = query_appdb("DELETE FROM user_list WHERE email = '$sEmail'");
$result = query_appdb("DELETE FROM user_list WHERE email = '".$sEmail."'");
if(!$result)
return "A database error occured";
if(mysql_affected_rows($result) == 0)
return "No such user.";
return 0;
}

64
preferences.php
View File

@@ -15,6 +15,20 @@ if(!loggedin())
exit;
}
// we come from the administration to edit an user
if(havepriv("admin") &&
is_numeric($_REQUEST['userId']) &&
is_numeric($_REQUEST['iLimit']) &&
in_array($_REQUEST['sOrderBy'],array("email","realname","created"))
)
{
$iUserId = $_REQUEST['userId'];
} else
{
$iUserId = $_SESSION['current']->userid;
}
function build_prefs_list()
{
$result = query_appdb("SELECT * FROM prefs_list ORDER BY id");
@@ -46,19 +60,18 @@ function build_prefs_list()
function show_user_fields()
{
$user = new User();
$ext_realname = $user->lookup_realname($_SESSION['current']->userid);
$ext_email = $user->lookup_email($_SESSION['current']->userid);
$CVSrelease = $user->lookup_CVSrelease($_SESSION['current']->userid);
include(BASE."include/"."form_edit.php");
global $iUserId;
$user = new User();
echo "<tr><td>&nbsp; Wine version </td><td>";
make_bugzilla_version_list("CVSrelease", $CVSrelease);
echo "</td></tr>";
$ext_realname = $user->lookup_realname($iUserId);
$ext_email = $user->lookup_email($iUserId);
$CVSrelease = $user->lookup_CVSrelease($iUserId);
include(BASE."include/"."form_edit.php");
echo "<tr><td>&nbsp; Wine version </td><td>";
make_bugzilla_version_list("CVSrelease", $CVSrelease);
echo "</td></tr>";
}
if($_POST)
@@ -80,10 +93,15 @@ if($_POST)
{
addmsg("The Passwords you entered did not match.", "red");
}
if ($user->update($_SESSION['current']->userid, $str_passwd, $_REQUEST['ext_realname'], $_REQUEST['ext_email'], $_REQUEST['CVSrelease']))
if ($user->update($iUserId, $str_passwd, $_REQUEST['ext_realname'], $_REQUEST['ext_email'], $_REQUEST['CVSrelease']))
{
addmsg("Preferences Updated", "green");
// we were managing an user, let's go back to the admin.
if($iUserId == $_REQUEST['userId'])
{
redirect(BASE."admin/adminUsersEdit.php?userId=".$iUserId."&sSearch=".$_REQUEST['sSearch']."&iLimit=".$_REQUEST['iLimit']."&sOrderBy=".$_REQUEST['sOrderBy']."&sSubmit=true");
}
}
else
{
@@ -93,16 +111,28 @@ if($_POST)
apidb_header("User Preferences");
echo "<form method=post action='preferences.php'>\n";
echo html_frame_start("Preferences for ".$_SESSION['current']->realname, "80%");
echo "<form method=\"post\" action=\"preferences.php\">\n";
// if we manage another user we give the parameters to go back to the admin
if($iUserId == $_REQUEST['userId'])
{
echo "<input type=\"hidden\" name=\"iLimit\" value=\"".$_REQUEST['iLimit']."\">\n";
echo "<input type=\"hidden\" name=\"sOrderBy\" value=\"".$_REQUEST['sOrderBy']."\">\n";
echo "<input type=\"hidden\" name=\"sSearch\" value=\"".addslashes($_REQUEST['sSearch'])."\">\n";
echo "<input type=\"hidden\" name=\"userId\" value=\"".$_REQUEST['userId']."\">\n";
}
echo html_frame_start("Preferences for ".lookupRealName($iUserId), "80%");
echo html_table_begin("width='100%' border=0 align=left cellspacing=0 class='box-body'");
show_user_fields();
build_prefs_list();
// if we don't manage another user
if($iUserId != $_REQUEST['userId']) build_prefs_list();
echo html_table_end();
echo html_frame_end();
echo "<br /> <div align=center> <input type=submit value='Update'> </div> <br />\n";
echo "<br /> <div align=center> <input type=\"submit\" value=\"Update\" /> </div> <br />\n";
echo "</form>\n";