If not, see . */ /* * user.cli.php * * @author Quinn Comendant * @version 1.0 * @since 02 May 2019 14:21:12 */ /******************************************************************** * CONFIG ********************************************************************/ // Find a _config.inc.php file and load it. $_config_file = false; $rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator('.')); $rii->setMaxDepth(1); foreach ($rii as $filename => $file) { if (mb_strpos($filename, '/_config.inc.php') !== false && preg_match('/^\$auth = new Auth/m', file_get_contents($filename)) && preg_match('/^\$(db|pdo) =/m', file_get_contents($filename))) { $_config_file = $filename; echo "Loading $_config_file\n"; break; } } if (!$_config_file) { echo "Error: could not find a satisfactory _config.inc.php in current directory or subdirectories.\n"; exit(1); } define('_CLI', true); require_once $_config_file; /******************************************************************** * MAIN ********************************************************************/ if (isset($CFG) && is_object($CFG)) { echo "user.cli.php is not compatible with codebase v1.\n"; exit(1); } if (!isset($db) || !($db instanceof \DB)) { echo "This project doesn't have a \$db object.\n"; exit(1); } if (!isset($auth) || !($auth instanceof \Auth_SQL)) { echo "This project doesn't have an \$auth object.\n"; exit(1); } if (!$auth->getParam('db_table') || !$auth->getParam('db_primary_key') || !$auth->getParam('db_username_column')) { echo "This project's \$auth object does not have the required db_* parameters.\n"; exit(1); } // COMMAND $command = User_CLI::getArg(1, 'command'); switch ($command) { case 'help': User_CLI::usage(); exit(1); case 'list': $users = User_CLI::getList(); $positions = "%-3s %-15s %-30s %-11s %-15s\n"; printf($positions, 'ID', 'USERNAME', 'EMAIL', 'LAST_ACCESS', 'LAST_IP' ); foreach ($users as $u) { printf($positions, $u[$auth->getParam('db_primary_key')], $u['username'], $u['email'], date($app->getParam('date_format'), strtotime($u['last_access_datetime'])), $u['last_login_ip'] ); } break; case 'create': $username = User_CLI::getArg(2, 'username'); $password = User_CLI::getArg(3, 'password', $auth->generatePassword()); $email = User_CLI::getArg(4, 'email', ''); $user_id = $auth->getUserID($username); if (false !== $auth->getUserID($username)) { printf("User `%s` already exists. Use `update` instead.\n", $username); exit(1); } $user_id = User_CLI::create($username, $password, $email); printf("Created user `%s` with password `%s` (user_id %s).\n", $username, $password, $user_id); break; case 'update': $username = User_CLI::getArg(2, 'username'); $password = User_CLI::getArg(3, 'password', $auth->generatePassword()); if (!$user_id = $auth->getUserID($username)) { printf("User `%s` not found. Use `create` first.\n", $username); exit(1); } $auth->setPassword($user_id, $password); printf("Updated user `%s` with password `%s` (user_id %s).\n", $username, $password, $user_id); break; case 'remove': $username = User_CLI::getArg(2, 'username'); if (!$user_id = $auth->getUserID($username)) { printf("User `%s` not found.\n", $username); exit(1); } User_CLI::remove($username); printf("Removed user `%s` (user_id %s).\n", $username, $user_id); break; default: printf("Unknown command: %s\n", $command); break; } // End of script. exit(0); /******************************************************************** * FUNCTIONS ********************************************************************/ /* * Static methods for this script only. */ class User_CLI { public static function getArg($pos, $name, $default=null) { if (isset($_SERVER['argv'][$pos]) && $_SERVER['argv'][$pos] != '') { return $_SERVER['argv'][$pos]; } if (null === $default) { printf("Required argument %s is missing. Lost? Try `%s help`.\n", strtoupper($name), basename($_SERVER['argv'][0])); exit(1); } return $default; } public static function getList() { global $auth, $db; $qid = $db->query(" SELECT * FROM `" . $auth->getParam('db_table') . "` LIMIT 1000 "); $results = array(); while ($row = mysql_fetch_assoc($qid)) { $results[] = $row; } return $results; } public static function create($username, $password, $email) { global $auth, $db; $qid = $db->query("DESCRIBE " . $auth->getParam('db_table')); $cols = array(); while ($row = mysql_fetch_row($qid)) { $cols[] = $row[0]; } $addtl_cols = array(); $addtl_vals = array(); if (in_array('account_id', $cols)) { $addtl_cols[] = ", account_id"; $addtl_vals[] = ", '1'"; } if (in_array('email', $cols) && '' != $email) { $addtl_cols[] = ", email"; $addtl_vals[] = sprintf(", '%s'", $db->escapeString($email)); } $db->query(" INSERT INTO `" . $auth->getParam('db_table') . "` ( `" . $auth->getParam('db_primary_key') . "`, " . $auth->getParam('db_username_column') . join("\n", $addtl_cols) . " ) VALUES ( NULL, '" . $db->escapeString($username) . "'" . join("\n", $addtl_vals) . " ) "); $user_id = mysql_insert_id($db->getDBH()); $auth->setPassword($user_id, $password); return $user_id; } public static function remove($username) { global $auth, $db; $qid = $db->query(" DELETE FROM `" . $auth->getParam('db_table') . "` WHERE `" . $auth->getParam('db_username_column') . "` = '" . $db->escapeString($username) . "' "); } public static function usage() { ?> Manage codebase (Auth_SQL) user accounts. Usage: COMMAND […] COMMANDS help Display this help list List all users. create USERNAME [PASSWORD] [EMAIL] Create a user USERNAME authenticated by PASSWORD. update USERNAME [PASSWORD] Update the password for user USERNAME to PASSWORD. If PASSWORD is not given, a random password will be generated and printed to the screen. This script must be run in a common site directory configured with a DB auth file, e.g., `lib/db_auth.json`, readable by the user executing this script.