Changeset 19 for trunk/services/admins.php
- Timestamp:
- Nov 14, 2005 6:22:44 AM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/services/admins.php
r18 r19 21 21 22 22 /****************************************************************************** 23 * CO DE CONFIG23 * CONFIG 24 24 *****************************************************************************/ 25 25 … … 31 31 32 32 // Instantiate a sorting object with the default sort and order. Add SQL for each column. 33 $so = new SortOrder('admin_id', 'DESC'); 34 $so->setColumn('admin_id', 'admin_id ASC', 'admin_id DESC'); 35 $so->setColumn('username', 'username ASC', 'username DESC'); 36 $so->setColumn('userpass', 'userpass ASC', 'userpass DESC'); 37 $so->setColumn('first_name', 'first_name ASC', 'first_name DESC'); 38 $so->setColumn('last_name', 'last_name ASC', 'last_name DESC'); 39 $so->setColumn('phone', 'phone ASC', 'phone DESC'); 40 $so->setColumn('email', 'email ASC', 'email DESC'); 41 $so->setColumn('priv', 'priv ASC', 'priv DESC'); 42 $so->setColumn('seconds_online', 'seconds_online ASC', 'seconds_online DESC'); 43 $so->setColumn('added_datetime', 'added_datetime ASC', 'added_datetime DESC'); 44 $so->setColumn('last_login_datetime', 'last_login_datetime ASC', 'last_login_datetime DESC'); 45 $so->setColumn('last_access_datetime', 'last_access_datetime ASC', 'last_access_datetime DESC'); 46 $so->setColumn('last_login_ip', 'last_login_ip ASC', 'last_login_ip DESC'); 33 $so = new SortOrder('admin_tbl.admin_id', 'DESC'); 34 $so->setColumn('admin_tbl.admin_id', 'admin_tbl.admin_id ASC', 'admin_tbl.admin_id DESC'); 35 $so->setColumn('admin_tbl.username', 'admin_tbl.username ASC', 'admin_tbl.username DESC'); 36 $so->setColumn('admin_tbl.userpass', 'admin_tbl.userpass ASC', 'admin_tbl.userpass DESC'); 37 $so->setColumn('admin_tbl.first_name', 'admin_tbl.first_name ASC', 'admin_tbl.first_name DESC'); 38 $so->setColumn('admin_tbl.last_name', 'admin_tbl.last_name ASC', 'admin_tbl.last_name DESC'); 39 $so->setColumn('admin_tbl.email', 'admin_tbl.email ASC', 'admin_tbl.email DESC'); 40 $so->setColumn('admin_tbl.user_type', 'admin_tbl.user_type ASC', 'admin_tbl.user_type DESC'); 41 $so->setColumn('admin_tbl.seconds_online', 'admin_tbl.seconds_online ASC', 'admin_tbl.seconds_online DESC'); 42 $so->setColumn('admin_tbl.last_login_datetime', 'admin_tbl.last_login_datetime ASC', 'admin_tbl.last_login_datetime DESC'); 43 $so->setColumn('admin_tbl.last_access_datetime', 'admin_tbl.last_access_datetime ASC', 'admin_tbl.last_access_datetime DESC'); 44 $so->setColumn('admin_tbl.last_login_ip', 'admin_tbl.last_login_ip ASC', 'admin_tbl.last_login_ip DESC'); 45 $so->setColumn('admin_tbl.added_by_user_id', 'admin_tbl.added_by_user_id ASC', 'admin_tbl.added_by_user_id DESC'); 46 $so->setColumn('admin_tbl.modified_by_user_id', 'admin_tbl.modified_by_user_id ASC', 'admin_tbl.modified_by_user_id DESC'); 47 $so->setColumn('admin_tbl.added_datetime', 'admin_tbl.added_datetime ASC', 'admin_tbl.added_datetime DESC'); 48 $so->setColumn('admin_tbl.modified_datetime', 'admin_tbl.modified_datetime ASC', 'admin_tbl.modified_datetime DESC'); 47 49 48 50 // Instantiate page numbers. Total items are set and calculation is done in the getRecordList function. … … 192 194 193 195 // If the username was changed during edit, verify. 194 if (getFormData(' priv') == 'root' && 'root' != $auth->getVal('priv')) {195 $fv->addError(' priv', sprintf(_("You do not have clearance to create a user with root privileges."), null));196 if (getFormData('user_type') == 'root' && 'root' != $auth->getVal('user_type')) { 197 $fv->addError('user_type', sprintf(_("You do not have clearance to create a user with root privileges."), null)); 196 198 } 197 199 … … 207 209 208 210 $fv->stringLength('last_name', 0, 255, _("<strong>Last name</strong> must contain less than 256 characters.")); 209 210 $fv->stringLength('phone', 0, 255, _("<strong>Phone</strong> must contain less than 256 characters.")); 211 $fv->validatePhone('phone'); 212 211 212 $fv->isEmpty('email', _("<strong>Email</strong> cannot be blank.")); 213 213 $fv->stringLength('email', 0, 255, _("<strong>Email</strong> must contain less than 256 characters.")); 214 214 $fv->validateEmail('email'); 215 215 216 $fv->stringLength('county', 0, 255, _("<strong>County</strong> has an invalid selection.")); 217 218 $fv->stringLength('priv', 0, 255, _("<strong>Priv</strong> has an invalid selection.")); 216 $fv->isEmpty('user_type', _("<strong>User type</strong> cannot be blank.")); 217 $fv->stringLength('user_type', 0, 255, _("<strong>User type</strong> has an invalid selection.")); 219 218 } 220 219 221 220 function &addRecordForm() 222 221 { 223 // set default values for the reset of the fields. 224 $frm['priv'] = 'admin'; 225 $frm['new_op'] = 'insert'; 226 $frm['submit_caption'] = _("Add admin"); 227 $frm['repeat_caption'] = _("Add & repeat"); 228 $frm['cancel_caption'] = _("Cancel"); 222 // Set default values for the reset of the fields. 223 $frm = array( 224 'admin_id' => '', 225 'username' => '', 226 'userpass' => '', 227 'first_name' => '', 228 'last_name' => '', 229 'email' => '', 230 'user_type' => '', 231 'seconds_online' => '0', 232 'last_login_datetime' => '0000-00-00 00:00:00', 233 'last_access_datetime' => '0000-00-00 00:00:00', 234 'last_login_ip' => '0.0.0.0', 235 'added_by_user_id' => '', 236 'modified_by_user_id' => '', 237 'added_datetime' => '0000-00-00 00:00:00', 238 'modified_datetime' => '0000-00-00 00:00:00', 239 'new_op' => 'insert', 240 'submit_buttons' => array( 241 'submit' => _("Add Admin"), 242 'repeat' => _("Add & repeat"), 243 'cancel' => _("Cancel"), 244 ), 245 ); 229 246 230 247 return $frm; … … 237 254 if ($lock->isLocked() && !$lock->isMine()) { 238 255 $lock->dieErrorPage(); 239 } else { 240 // Get the information for the form. 241 $qid = DB::query(" 242 SELECT * from admin_tbl 243 WHERE admin_id = '" . addslashes($id) . "' 244 "); 245 if (!$frm = mysql_fetch_assoc($qid)) { 246 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 247 App::raiseMsg(sprintf(_("The requested record %s could not be found"), $id), MSG_ERR, __FILE__, __LINE__); 248 App::dieBoomerangURL(); 249 } 250 251 // Lock this record. 252 $lock->set('admin_tbl', 'admin_id', $id, $frm['address']); 253 254 // Set misc values for the form. 255 $frm['old_username'] = $frm['username']; 256 $frm['userpass'] = '***************'; 257 $frm['new_op'] = 'update'; 258 $frm['submit_caption'] = _("Save changes"); 259 $frm['repeat_caption'] = _("Save & edit next"); 260 $frm['reset_caption'] = _("Reset"); 261 $frm['cancel_caption'] = _("Cancel"); 262 $frm['admin_id'] = $id; 263 264 return $frm; 265 } 256 } 257 258 // Get the information for the form. 259 $qid = DB::query(" 260 SELECT * 261 FROM admin_tbl 262 WHERE admin_id = '" . addslashes($id) . "' 263 "); 264 if (!$frm = mysql_fetch_assoc($qid)) { 265 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 266 App::raiseMsg(sprintf(_("The requested record %s could not be found"), $id), MSG_ERR, __FILE__, __LINE__); 267 App::dieBoomerangURL(); 268 } 269 270 // Lock this record. 271 $lock->set('admin_tbl', 'admin_id', $id, $frm['username']); 272 273 // Set misc values for the form. 274 $frm = array_merge(array( 275 'admin_id' => '', 276 'old_username' => $frm['username'], 277 'username' => '', 278 // 'userpass' => '****************', 279 'first_name' => '', 280 'last_name' => '', 281 'email' => '', 282 'user_type' => '', 283 'seconds_online' => '0', 284 'last_login_datetime' => '0000-00-00 00:00:00', 285 'last_access_datetime' => '0000-00-00 00:00:00', 286 'last_login_ip' => '0.0.0.0', 287 'added_by_user_id' => '', 288 'modified_by_user_id' => '', 289 'added_datetime' => '0000-00-00 00:00:00', 290 'modified_datetime' => '0000-00-00 00:00:00', 291 'new_op' => 'update', 292 'submit_buttons' => array( 293 'submit' => _("Save changes"), 294 'repeat' => _("Save & edit next"), 295 'reset' => _("Reset"), 296 'cancel' => _("Cancel"), 297 ), 298 ), $frm, array('userpass' => '****************')); 299 300 return $frm; 266 301 } 267 302 … … 280 315 // Get the information for this object. 281 316 $qid = DB::query(" 282 SELECT username, privfrom admin_tbl317 SELECT username, user_type from admin_tbl 283 318 WHERE admin_id = '" . addslashes($id) . "' 284 319 "); 285 if (! list($name, $ priv) = mysql_fetch_row($qid)) {320 if (! list($name, $user_type) = mysql_fetch_row($qid)) { 286 321 App::logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); 287 322 App::raiseMsg(sprintf(_("The requested record %s could not be found"), $id), MSG_ERR, __FILE__, __LINE__); … … 292 327 $qid = DB::query("SELECT COUNT(*) from admin_tbl"); 293 328 list($num_admins) = mysql_fetch_row($qid); 294 if ('root' == $ priv && 'root' != $auth->getVal('priv')) {329 if ('root' == $user_type && 'root' != $auth->getVal('user_type')) { 295 330 // Only root users can delete root users! 296 331 App::raiseMsg(_("You do not have clearance to delete a root administrator."), MSG_NOTICE, __FILE__, __LINE__); … … 325 360 first_name, 326 361 last_name, 327 phone,328 362 email, 329 priv, 363 user_type, 364 added_by_user_id, 330 365 added_datetime 331 366 ) VALUES ( … … 333 368 '" . addslashes($frm['first_name']) . "', 334 369 '" . addslashes($frm['last_name']) . "', 335 '" . addslashes($frm['phone']) . "',336 370 '" . addslashes($frm['email']) . "', 337 '" . addslashes($frm['priv']) . "', 371 '" . addslashes($frm['user_type']) . "', 372 '" . addslashes($auth->getVal('user_id')) . "', 338 373 NOW() 339 374 ) … … 344 379 $auth->setPassword($last_insert_id, $frm['userpass']); 345 380 346 App::raiseMsg(sprintf(_("The admin <strong>%s</strong> has been added."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 381 // Create version. 382 $version = new RecordVersion($GLOBALS['auth']); 383 $version->create('admin_tbl', 'admin_id', $last_insert_id, $frm['username']); 384 385 App::raiseMsg(sprintf(_("The Admin <strong>%s</strong> has been added."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 347 386 348 387 return $last_insert_id; … … 373 412 first_name = '" . addslashes($frm['first_name']) . "', 374 413 last_name = '" . addslashes($frm['last_name']) . "', 375 phone = '" . addslashes($frm['phone']) . "',376 414 email = '" . addslashes($frm['email']) . "', 377 priv = '" . addslashes($frm['priv']) . "' 415 user_type = '" . addslashes($frm['user_type']) . "', 416 modified_by_user_id = '" . addslashes($auth->getVal('user_id')) . "', 417 modified_datetime = NOW() 378 418 WHERE admin_id = '" . addslashes($frm['admin_id']) . "' 379 419 "); 380 420 381 App::raiseMsg(sprintf(_("The admin <strong>%s</strong> has been updated."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 421 // Create version. 422 $version = new RecordVersion($GLOBALS['auth']); 423 $version->create('admin_tbl', 'admin_id', $frm['admin_id'], $frm['username']); 424 425 App::raiseMsg(sprintf(_("The Admin <strong>%s</strong> has been updated."), $frm['username']), MSG_SUCCESS, __FILE__, __LINE__); 382 426 383 427 // Unlock record. … … 391 435 global $so; 392 436 393 // Build search query if $qry is not empty. 394 $sql_delim = 'WHERE'; 395 $search_where_clause = ''; 396 $qry = getFormData('search_query'); 397 if (!empty($qry)) { 398 $qry_words = preg_split('/[^\w]/', $qry); 437 $where_clause = ''; 438 439 // Build search query if available. 440 if (getFormData('search_query', false)) { 441 $qry_words = preg_split('/[^\w]/', getFormData('search_query')); 399 442 for ($i=0; $i<sizeof($qry_words); $i++) { 400 $search_where_clause .= " 401 $sql_delim ( 402 username LIKE '%" . addslashes($qry_words[$i]) . "%' 403 OR first_name LIKE '%" . addslashes($qry_words[$i]) . "%' 404 OR last_name LIKE '%" . addslashes($qry_words[$i]) . "%' 405 OR phone LIKE '%" . addslashes($qry_words[$i]) . "%' 406 OR email LIKE '%" . addslashes($qry_words[$i]) . "%' 407 OR priv LIKE '%" . addslashes($qry_words[$i]) . "%' 443 $where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " 444 ( 445 admin_tbl.username LIKE '%" . addslashes($qry_words[$i]) . "%' 446 OR admin_tbl.first_name LIKE '%" . addslashes($qry_words[$i]) . "%' 447 OR admin_tbl.last_name LIKE '%" . addslashes($qry_words[$i]) . "%' 448 OR admin_tbl.email LIKE '%" . addslashes($qry_words[$i]) . "%' 408 449 ) 409 450 "; 410 $sql_delim = 'AND'; 411 } 412 } 413 414 $where_clause = ''; 451 } 452 } 453 415 454 if (getFormData('search_query', false)) { 416 455 // Search query. 417 456 $where_clause = $search_where_clause; 418 457 } 419 if (getFormData('filter_admin_ priv', false)) {458 if (getFormData('filter_admin_user_type', false)) { 420 459 // Limit by filter. 421 $where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " priv = '" . addslashes(getFormData('filter_admin_priv')) . "'";460 $where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " user_type = '" . addslashes(getFormData('filter_admin_user_type')) . "'"; 422 461 } 423 462 424 463 // Count the total number of records so we can do something about the page numbers. 425 $qid = DB::query("SELECT COUNT(*) FROM admin_tbl $where_clause"); 464 $qid = DB::query(" 465 SELECT COUNT(*) 466 FROM admin_tbl 467 $where_clause 468 "); 426 469 list($num_results) = mysql_fetch_row($qid); 427 470 … … 432 475 // Final SQL, with sort and page limiters. 433 476 $sql = " 434 SELECT * FROM admin_tbl 477 SELECT 478 admin_tbl.*, 479 a1.username AS added_admin_username, 480 a2.username AS modified_admin_username 481 FROM admin_tbl 482 LEFT JOIN admin_tbl a1 ON (admin_tbl.added_by_user_id = a1.admin_id) 483 LEFT JOIN admin_tbl a2 ON (admin_tbl.modified_by_user_id = a2.admin_id) 435 484 $where_clause 436 485 " . $so->getSortOrderSQL() . " … … 449 498 } 450 499 451 if (SessionCache::isCached($_SERVER['PHP_SELF']) && FALSE) { ///500 if (SessionCache::isCached($_SERVER['PHP_SELF']) && false) { 452 501 // Get the cached results. 453 502 $list = SessionCache::getCache($_SERVER['PHP_SELF']); … … 460 509 } 461 510 462 // Cache the results. 463 SessionCache::putCache($list, $_SERVER['PHP_SELF']); 511 if (isset($list) && !empty($list)) { 512 // Cache the results. 513 SessionCache::putCache($list, $_SERVER['PHP_SELF']); 514 } 464 515 } 465 516
Note: See TracChangeset
for help on using the changeset viewer.