<%pre> #include #include #include #include #include #include "common.h" <%config> dburl; <%session scope="global"> std::string userName; bool isAdmin; <%args> int id; <{ if (userName.size() == 0) { reply.setHeader("Location", "index"); return HTTP_MOVED_TEMPORARILY; } if (!isAdmin) { reply.setHeader("Location", "index"); return HTTP_MOVED_TEMPORARILY; } }> <&header title="User Administration"> <{ if (id == -1) reply.out() << "

New User

\n"; else reply.out() << "

Modify User

\n"; reply.out() << ""; reply.sout() << "<< back to user list"; reply.out() << "

"; tntdb::Connection conn = tntdb::connect(dburl); std::string submit = qparam.param("submit"); if (submit == "1") { std::string form_username = trim(qparam.param("username")); std::string form_realname = trim(qparam.param("realname")); bool form_enabled = qparam.param("enabled") == "on"; bool form_useradmin= qparam.param("useradmin") == "on"; std::string form_password = trim(qparam.param("password")); if (id == -1) { tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)"); st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password); st.setBool("v4", form_enabled).setBool("v5", form_useradmin); st.execute(); reply.setHeader("Location", "adm_user_list"); return HTTP_MOVED_TEMPORARILY; } else { tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5"); st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id); st.execute(); if (form_password.size() > 0) { st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2"); st.setString("v1", form_password).setInt("v2", id); st.execute(); } reply.out() << "User updated
\n"; } } std::string username; std::string realname; bool enabled = true; bool useradmin = false; bool showForm = true; if (id != -1) { std::stringstream query; query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id; tntdb::Result res = conn.select(query.str()); if (res.size() > 0) { username = res[0].getString(0); realname = res[0].getString(1); enabled = res[0].getBool(2); useradmin = res[0].getBool(3); } else { reply.out() << "

Invalid user ID !

\n"; showForm = false; } } if (showForm) { }>
Username:
Realname:
Enabled: >
Useradmin: >
Password:
Re-type password:
 
<{ if (id != -1) { }>
<{ } //fi (id != -1) } //fi (showForm) }> <&footer>