Changeset 676 for trunk/services

Timestamp:

May 3, 2019 2:43:15 AM (5 years ago)

Author:

anonymous

Message:

Update admins.php. Fix $safe_http_host

Location:

trunk/services

Files:

• admins.php (modified) (17 diffs)
• templates/admin_form.ihtml (modified) (1 diff)

trunk/services/admins.php

@@ -79 +79 @@
 $page = new PageNumbers();
 $page->setPerPage(getFormData('per_page'), 50);
-$page->setPageNumber(getFormData('page_number'));
+$page->setPageNumber(getFormData('page_number', (getFormData('sort') ? 1 : null)));
 
 // Query parameters to retain only locally.
 $locally_carried_queries = array(
     'search_query',
+    'break_list_cache' => $app->validBoomerangURL('accounts'),
 );
 
@@ -129 +130 @@
 
 case 'insert' :
-    if (getFormdata('cancel', false)) {
+    if (getFormdata('btn_cancel', false)) {
         if ($app->validBoomerangURL('admins')) {
             // Display boomerang page.
@@ -145 +146 @@
     } else {
         $admin_id = insertRecord(getFormData());
-        if (getFormdata('repeat', false)) {
+        if (getFormdata('btn_repeat', false)) {
             // Display function again.
             $app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries);
@@ -158 +159 @@
 
 case 'update' :
-    if (getFormdata('reset', false)) {
+    if (getFormdata('btn_reset', false)) {
         $app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__);
         $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&admin_id=' . getFormData('admin_id'), $locally_carried_queries);
     }
-    if (getFormdata('cancel', false)) {
+    if (getFormdata('btn_cancel', false)) {
         // Remove lock
         $lock->select($auth->getParam('db_table'), $auth->getParam('db_primary_key'), getFormData('admin_id'));
@@ -181 +182 @@
     } else {
         updateRecord(getFormData());
-        if (getFormdata('repeat', false)) {
+        if (getFormdata('btn_repeat', false)) {
             // Display edit function with next available ID.
             $qid = $db->query("SELECT " . $auth->getParam('db_primary_key') . " FROM " . $auth->getParam('db_table') . " WHERE " . $auth->getParam('db_primary_key') . " > '" . $db->escapeString(getFormData('admin_id')) . "' ORDER BY " . $auth->getParam('db_primary_key') . " ASC LIMIT 1");
@@ -208 +209 @@
  *****************************************************************************/
 
+$nav->set('body_id', 'admins');
+
 include 'header.ihtml';
 $app->carryQuery($locally_carried_queries);
@@ -230 +233 @@
     }
 
-    $fv->numericRange('admin_id', 0, 32767, _("<strong>Admin id</strong> must be a valid number between 0 and 32767."));
+    $fv->numericRange('admin_id', 0, 32767, _("<strong>Admin ID</strong> must be a valid number between 0 and 32767."));
 
     $fv->isEmpty('username', _("<strong>Username</strong> cannot be blank."));
     $fv->stringLength('username', 0, 255, _("<strong>Username</strong> must contain less than 256 characters."));
 
-    $fv->isEmpty('userpass', _("<strong>Passwords</strong> cannot be blank."));
-    $fv->stringLength('userpass', 8, 36, _("<strong>Passwords</strong> must be between 8 and 36 characters long."));
+    if ('insert' == getFormData('op')) {
+        $fv->isEmpty('userpass', _("<strong>Password</strong> cannot be blank."));
+    }
+    if ('update' == getFormData('op') && strlen(getFormData('userpass')) > 0) {
+        $fv->stringLength('userpass', 8, 100, _("<strong>Password</strong> must be between 8 and 100 characters long."));
+    }
 
     $fv->stringLength('first_name', 0, 255, _("<strong>First name</strong> must contain less than 256 characters."));
@@ -266 +273 @@
         'modified_datetime' => '',
         'new_op' => 'insert',
+        'user_type' => '',
         'submit_buttons' => array(
-            array('name' => 'submit', 'value' => _("Add Administrator"), 'class' => 'small button', 'accesskey' => 's'),
-            array('name' => 'repeat', 'value' => _("Add &amp; repeat"), 'class' => 'small button secondary', 'accesskey' => 'r'),
-            array('name' => 'cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'),
+            array('name' => 'btn_submit', 'value' => _("Add Administrator"), 'accesskey' => 's'),
+            array('name' => 'btn_repeat', 'class' => 'secondary', 'value' => _("Add &amp; repeat"), 'accesskey' => 'r'),
+            array('name' => 'btn_cancel', 'class' => 'secondary', 'value' => _("Cancel"), 'accesskey' => 'c'),
         ),
     );
@@ -298 +306 @@
     if (!$frm = mysql_fetch_assoc($qid)) {
         $app->logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__);
-        $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
+        $app->raiseMsg(sprintf(_("The requested user %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
         $app->dieBoomerangURL('admins', $locally_carried_queries);
     }
@@ -310 +318 @@
         'old_username' => $frm['username'],
         'username' => '',
-//         'userpass' => '****************',
+        'userpass' => '',
         'first_name' => '',
         'last_name' => '',
@@ -317 +325 @@
         'last_login_datetime' => '',
         'last_access_datetime' => '',
-        'last_login_ip' => '0.0.0.0',
+        'last_login_ip' => '',
         'added_by_user_id' => '',
         'modified_by_user_id' => '',
@@ -325 +333 @@
         'old_username' => $frm['username'],
         'submit_buttons' => array(
-            array('name' => 'submit', 'value' => _("Save changes"), 'class' => 'small button', 'accesskey' => 's'),
-            array('name' => 'repeat', 'value' => _("Save & edit next"), 'class' => 'small button secondary', 'accesskey' => 'e'),
-            array('name' => 'reset', 'value' => _("Reset"), 'class' => 'small button secondary', 'accesskey' => 'r'),
-            array('name' => 'cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'),
+            array('name' => 'btn_submit', 'value' => _("Save changes"), 'accesskey' => 's'),
+            array('name' => 'btn_repeat', 'class' => 'secondary', 'value' => _("Save & edit next"), 'accesskey' => 'e'),
+            array('name' => 'btn_reset', 'class' => 'secondary', 'value' => _("Reset"), 'accesskey' => 'r'),
+            array('name' => 'btn_cancel', 'class' => 'secondary', 'value' => _("Cancel"), 'accesskey' => 'c'),
         ),
-    ), $frm, array('userpass' => '•••••••••••••••'));
+    ), $frm);
 
     return $frm;
@@ -360 +368 @@
     if (! list($name) = mysql_fetch_row($qid)) {
         $app->logMsg('Could not find record with admin_id: ' . $id, LOG_WARNING, __FILE__, __LINE__);
-        $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
+        $app->raiseMsg(sprintf(_("The requested user %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__);
         $app->dieBoomerangURL('admins', $locally_carried_queries);
     }
@@ -368 +376 @@
     list($num_admins) = mysql_fetch_row($qid);
     if ($num_admins <= 1) {
-        // There must always be at least one admnistrator!
+        // There must always be at least one administrator!
         $app->raiseMsg(_("You cannot delete the only user in the database. There must be at least one to log in and create other users."), MSG_NOTICE, __FILE__, __LINE__);
     } else if ($auth->get('user_id') == $id) {
@@ -495 +503 @@
     }
 
+    if (getFormData('filter_user_type', false)) {
+        // Limit by filter.
+        $where_clause .= (empty($where_clause) ? 'WHERE' : 'AND') . " " . $auth->getParam('db_table') . ".user_type = '" . $db->escapeString(getFormData('filter_user_type')) . "'";
+    }
+
     // Count the total number of records so we can do something about the page numbers.
     $qid = $db->query("
@@ -522 +535 @@
     ";
 
-    // Use a cash hash to determine if the result-set has changed.
+    // Use a cache hash to determine if the result-set has changed.
     // A unique key for this query, with the total_items in case db records
     // were added since the last cache. This identifies a unique set of
@@ -536 +549 @@
     // First try to return from the cache.
     if ($cache->exists('list')) {
-        $list = $cache->get('list');
-        return $list;
+        return $cache->get('list');
     }
 
     // The list was not cached, so issue the real query.
     $qid = $db->query($sql);
+    $list = array();
     while ($row = mysql_fetch_assoc($qid)) {
         $list[] = $row;

trunk/services/templates/admin_form.ihtml

@@ -34 +34 @@
             <div class="medium-5 large-3 columns end">
                 <label for="userpass" class="<?php $fv->err('userpass'); ?>"><?php echo _("Password"); ?></label>
-                <input type="password" class="sc-small" size="50" name="userpass" value="<?php echo oTxt($frm['userpass']); ?>" />
+                <input type="password" class="sc-small" size="50" name="userpass" value="" />
+                <?php if ('add' != getFormData('op') && 'insert' != getFormData('op')) { ?>
+                    <div class="sc-help"><?php echo _("Leave blank unless setting a new password."); ?></div>
+                <?php } ?>
             </div>
         </div>