tntnet/dynamic/adm_user_edit.ecpp

<%pre>
#include <tntdb/connect.h>
#include <tntdb/connection.h>
#include <tntdb/result.h>
#include <tntdb/row.h>

#include <sstream>

#include "common.h"
</%pre>

<%config>
dburl;
</%config>

<%session scope="global">
std::string userName;
bool isAdmin;
</%session>

<%args>
int id;
</%args>

<{
if (userName.size() == 0)
{
        reply.setHeader("Location", "index");
        return HTTP_MOVED_TEMPORARILY;
}
if (!isAdmin)
{
    reply.setHeader("Location", "index");
    return HTTP_MOVED_TEMPORARILY;
}
}>


<&header title="User Administration">
</&header>


<{

if (id == -1)
        reply.out() << "<h2>New User</h2>\n";
else
        reply.out() << "<h2>Modify User</h2>\n";

reply.out() << "<a href='adm_user_list'>";
reply.sout() << "<< back to user list";
reply.out() << "</a><br>";

tntdb::Connection conn = tntdb::connect(dburl); 


std::string submit = qparam.param("submit");
if (submit == "1")
{
        std::string form_username = trim(qparam.param("username"));
        std::string form_realname = trim(qparam.param("realname"));
        bool form_enabled = qparam.param("enabled") == "on";
        bool form_useradmin= qparam.param("useradmin") == "on";
        std::string form_password = trim(qparam.param("password"));


        if (id == -1)
        {
                tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)");
                st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password);
                st.setBool("v4", form_enabled).setBool("v5", form_useradmin);
                st.execute();


                reply.setHeader("Location", "adm_user_list");
                return HTTP_MOVED_TEMPORARILY;
        }
        else
        {
                tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5");
                st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id);
                st.execute();

                if (form_password.size() > 0)
                {
                        st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2");
                        st.setString("v1", form_password).setInt("v2", id);
                        st.execute();
                }

                reply.out() << "<i>User updated</i><br>\n";
        }

}


std::string username;
std::string realname;
bool enabled = true;
bool useradmin = false;

bool showForm = true;

if (id != -1)
{
        std::stringstream query;
        query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id;
        tntdb::Result res = conn.select(query.str());

        if (res.size() > 0)
        {
                username = res[0].getString(0);
                realname = res[0].getString(1);
                enabled = res[0].getBool(2);
                useradmin = res[0].getBool(3);
        }

        else
        {
                reply.out() << "<p><i>Invalid user ID !</i></p>\n";
                showForm = false;
        }
}

if (showForm)
{
}>

<script type="text/javascript" language="JavaScript" src="/md5.js"></script>
<script type="text/javascript">
function trim(stringToTrim) 
{
        return stringToTrim.replace(/^\s+|\s+$/g,"");
}

function validateForm()
{
        document.userform.username.value = trim(document.userform.username.value);
        document.userform.password.value = trim(document.userform.password.value);

        if (document.userform.username.value == "")
        {
                alert('Username may not be blank');
                document.userform.username.focus();
                return false;
        }

        if (document.userform.id.value == "-1" && document.userform.password.value == "")   
        {               
                alert('You must enter a password when creating a new user');
                document.userform.password.focus();
                return false;
        }

        if (document.userform.password.value != "" && document.userform.password.value != document.userform.password2.value)
        {
                alert('You must enter the exact same password twice');
                document.userform.password.focus();
                return false;
        }

        if (document.userform.password.value != "")
        {
                document.userform.password.value = hex_md5(document.userform.password.value);
                document.userform.password2.value = "";
        }

        return true;
}

</script>

<form method="post" action="adm_user_edit" name="userform" onsubmit="return validateForm();">
<table border="0">
<tr>
  <td>Username: </td>
  <td><input type="text" name="username" size="40" value="<$ username $>"></td>
</tr>
<tr>
  <td>Realname: </td>
  <td><input type="text" name="realname" size="40" value="<$ realname $>"></td>
</tr>
</tr>
  <td>Enabled:</td>
  <td><input type="checkbox" name="enabled" <$ enabled ? "checked" : "" $>></td>
</tr>
<tr>
  <td>Useradmin:</td>  
  <td><input type="checkbox" name="useradmin" <$ useradmin ? "checked" : ""$>></td>
</tr>
<tr>
  <td>Password:</td>
  <td><input type="password" name="password" size="40"></td>
</tr>
<tr>
  <td>Re-type password:</td>
  <td><input type="password" name="password2" size="40"></td>
</tr>
<tr>
  <td>&nbsp;</td>
  <td><input type="submit"><input type="reset"></td>
</tr>
</table>
<input type="hidden" name="id" value="<$ id $>">
<input type="hidden" name="submit" value="1">
</form>

<br>
<form method="post" action="adm_user_delete">
<input type="hidden" name="id" value="<$ id $>">
<input type="submit" value="Delete">
</form>

<{
}


}>

<&footer>
</&footer>
1	torben	101	<%pre>
2			#include <tntdb/connect.h>
3			#include <tntdb/connection.h>
4			#include <tntdb/result.h>
5			#include <tntdb/row.h>
6
7			#include <sstream>
8
9			#include "common.h"
10			</%pre>
11
12			<%config>
13			dburl;
14			</%config>
15
16			<%session scope="global">
17			std::string userName;
18			bool isAdmin;
19			</%session>
20
21			<%args>
22			int id;
23			</%args>
24
25			<{
26			if (userName.size() == 0)
27			{
28			reply.setHeader("Location", "index");
29			return HTTP_MOVED_TEMPORARILY;
30			}
31			if (!isAdmin)
32			{
33			reply.setHeader("Location", "index");
34			return HTTP_MOVED_TEMPORARILY;
35			}
36			}>
37
38
39			<&header title="User Administration">
40			</&header>
41
42
43			<{
44
45			if (id == -1)
46			reply.out() << "<h2>New User</h2>\n";
47			else
48			reply.out() << "<h2>Modify User</h2>\n";
49
50			reply.out() << "<a href='adm_user_list'>";
51			reply.sout() << "<< back to user list";
52			reply.out() << "</a><br>";
53
54			tntdb::Connection conn = tntdb::connect(dburl);
55
56
57			std::string submit = qparam.param("submit");
58			if (submit == "1")
59			{
60			std::string form_username = trim(qparam.param("username"));
61			std::string form_realname = trim(qparam.param("realname"));
62			bool form_enabled = qparam.param("enabled") == "on";
63			bool form_useradmin= qparam.param("useradmin") == "on";
64			std::string form_password = trim(qparam.param("password"));
65
66
67			if (id == -1)
68			{
69			tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)");
70			st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password);
71			st.setBool("v4", form_enabled).setBool("v5", form_useradmin);
72			st.execute();
73
74
75			reply.setHeader("Location", "adm_user_list");
76			return HTTP_MOVED_TEMPORARILY;
77			}
78			else
79			{
80			tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5");
81			st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id);
82			st.execute();
83
84			if (form_password.size() > 0)
85			{
86			st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2");
87			st.setString("v1", form_password).setInt("v2", id);
88			st.execute();
89			}
90
91			reply.out() << "<i>User updated</i><br>\n";
92			}
93
94			}
95
96
97			std::string username;
98			std::string realname;
99			bool enabled = true;
100			bool useradmin = false;
101
102			bool showForm = true;
103
104			if (id != -1)
105			{
106			std::stringstream query;
107			query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id;
108			tntdb::Result res = conn.select(query.str());
109
110			if (res.size() > 0)
111			{
112			username = res[0].getString(0);
113			realname = res[0].getString(1);
114			enabled = res[0].getBool(2);
115			useradmin = res[0].getBool(3);
116			}
117
118			else
119			{
120			reply.out() << "<p><i>Invalid user ID !</i></p>\n";
121			showForm = false;
122			}
123			}
124
125			if (showForm)
126			{
127			}>
128
129			<script type="text/javascript" language="JavaScript" src="/md5.js"></script>
130			<script type="text/javascript">
131			function trim(stringToTrim)
132			{
133			return stringToTrim.replace(/^\s+\|\s+$/g,"");
134			}
135
136			function validateForm()
137			{
138			document.userform.username.value = trim(document.userform.username.value);
139			document.userform.password.value = trim(document.userform.password.value);
140
141			if (document.userform.username.value == "")
142			{
143			alert('Username may not be blank');
144			document.userform.username.focus();
145			return false;
146			}
147
148			if (document.userform.id.value == "-1" && document.userform.password.value == "")
149			{
150			alert('You must enter a password when creating a new user');
151			document.userform.password.focus();
152			return false;
153			}
154
155			if (document.userform.password.value != "" && document.userform.password.value != document.userform.password2.value)
156			{
157			alert('You must enter the exact same password twice');
158			document.userform.password.focus();
159			return false;
160			}
161
162			if (document.userform.password.value != "")
163			{
164			document.userform.password.value = hex_md5(document.userform.password.value);
165			document.userform.password2.value = "";
166			}
167
168			return true;
169			}
170
171			</script>
172
173			<form method="post" action="adm_user_edit" name="userform" onsubmit="return validateForm();">
174			<table border="0">
175			<tr>
176			<td>Username: </td>
177			<td><input type="text" name="username" size="40" value="<$ username $>"></td>
178			</tr>
179			<tr>
180			<td>Realname: </td>
181			<td><input type="text" name="realname" size="40" value="<$ realname $>"></td>
182			</tr>
183			</tr>
184			<td>Enabled:</td>
185			<td><input type="checkbox" name="enabled" <$ enabled ? "checked" : "" $>></td>
186			</tr>
187			<tr>
188			<td>Useradmin:</td>
189			<td><input type="checkbox" name="useradmin" <$ useradmin ? "checked" : ""$>></td>
190			</tr>
191			<tr>
192			<td>Password:</td>
193			<td><input type="password" name="password" size="40"></td>
194			</tr>
195			<tr>
196			<td>Re-type password:</td>
197			<td><input type="password" name="password2" size="40"></td>
198			</tr>
199			<tr>
200			<td> </td>
201			<td><input type="submit"><input type="reset"></td>
202			</tr>
203			</table>
204			<input type="hidden" name="id" value="<$ id $>">
205			<input type="hidden" name="submit" value="1">
206			</form>
207
208			<br>
209			<form method="post" action="adm_user_delete">
210			<input type="hidden" name="id" value="<$ id $>">
211			<input type="submit" value="Delete">
212			</form>
213
214			<{
215			}
216
217
218			}>
219
220			<&footer>
221			</&footer>