1 |
<%pre> |
2 |
#include <tntdb/connect.h> |
3 |
#include <tntdb/connection.h> |
4 |
#include <tntdb/result.h> |
5 |
#include <tntdb/row.h> |
6 |
|
7 |
#include <sstream> |
8 |
|
9 |
#include "common.h" |
10 |
</%pre> |
11 |
|
12 |
<%config> |
13 |
dburl; |
14 |
</%config> |
15 |
|
16 |
<%session scope="global"> |
17 |
std::string userName; |
18 |
bool isAdmin; |
19 |
</%session> |
20 |
|
21 |
<%args> |
22 |
int id; |
23 |
</%args> |
24 |
|
25 |
<{ |
26 |
if (userName.size() == 0) |
27 |
{ |
28 |
reply.setHeader("Location", "index"); |
29 |
return HTTP_MOVED_TEMPORARILY; |
30 |
} |
31 |
if (!isAdmin) |
32 |
{ |
33 |
reply.setHeader("Location", "index"); |
34 |
return HTTP_MOVED_TEMPORARILY; |
35 |
} |
36 |
}> |
37 |
|
38 |
|
39 |
<&header title="User Administration"> |
40 |
</&header> |
41 |
|
42 |
|
43 |
<{ |
44 |
|
45 |
if (id == -1) |
46 |
reply.out() << "<h2>New User</h2>\n"; |
47 |
else |
48 |
reply.out() << "<h2>Modify User</h2>\n"; |
49 |
|
50 |
reply.out() << "<a href='adm_user_list'>"; |
51 |
reply.sout() << "<< back to user list"; |
52 |
reply.out() << "</a><br><br>"; |
53 |
|
54 |
tntdb::Connection conn = tntdb::connect(dburl); |
55 |
|
56 |
|
57 |
std::string submit = qparam.param("submit"); |
58 |
if (submit == "1") |
59 |
{ |
60 |
std::string form_username = trim(qparam.param("username")); |
61 |
std::string form_realname = trim(qparam.param("realname")); |
62 |
bool form_enabled = qparam.param("enabled") == "on"; |
63 |
bool form_useradmin= qparam.param("useradmin") == "on"; |
64 |
std::string form_password = trim(qparam.param("password")); |
65 |
|
66 |
|
67 |
if (id == -1) |
68 |
{ |
69 |
tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)"); |
70 |
st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password); |
71 |
st.setBool("v4", form_enabled).setBool("v5", form_useradmin); |
72 |
st.execute(); |
73 |
|
74 |
|
75 |
reply.setHeader("Location", "adm_user_list"); |
76 |
return HTTP_MOVED_TEMPORARILY; |
77 |
} |
78 |
else |
79 |
{ |
80 |
tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5"); |
81 |
st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id); |
82 |
st.execute(); |
83 |
|
84 |
if (form_password.size() > 0) |
85 |
{ |
86 |
st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2"); |
87 |
st.setString("v1", form_password).setInt("v2", id); |
88 |
st.execute(); |
89 |
} |
90 |
|
91 |
reply.out() << "<i>User updated</i><br>\n"; |
92 |
} |
93 |
|
94 |
} |
95 |
|
96 |
|
97 |
std::string username; |
98 |
std::string realname; |
99 |
bool enabled = true; |
100 |
bool useradmin = false; |
101 |
|
102 |
bool showForm = true; |
103 |
|
104 |
if (id != -1) |
105 |
{ |
106 |
std::stringstream query; |
107 |
query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id; |
108 |
tntdb::Result res = conn.select(query.str()); |
109 |
|
110 |
if (res.size() > 0) |
111 |
{ |
112 |
username = res[0].getString(0); |
113 |
realname = res[0].getString(1); |
114 |
enabled = res[0].getBool(2); |
115 |
useradmin = res[0].getBool(3); |
116 |
} |
117 |
|
118 |
else |
119 |
{ |
120 |
reply.out() << "<p><i>Invalid user ID !</i></p>\n"; |
121 |
showForm = false; |
122 |
} |
123 |
} |
124 |
|
125 |
if (showForm) |
126 |
{ |
127 |
}> |
128 |
|
129 |
<script type="text/javascript" language="JavaScript" src="/md5.js"></script> |
130 |
<script type="text/javascript"> |
131 |
function trim(stringToTrim) |
132 |
{ |
133 |
return stringToTrim.replace(/^\\s+|\\s+$/g,""); |
134 |
} |
135 |
|
136 |
function validateForm() |
137 |
{ |
138 |
document.userform.username.value = trim(document.userform.username.value); |
139 |
document.userform.password.value = trim(document.userform.password.value); |
140 |
document.userform.password2.value = trim(document.userform.password2.value); |
141 |
|
142 |
if (document.userform.username.value == "") |
143 |
{ |
144 |
alert('Username may not be blank'); |
145 |
document.userform.username.focus(); |
146 |
return false; |
147 |
} |
148 |
|
149 |
if (document.userform.id.value == "-1" && document.userform.password.value == "") |
150 |
{ |
151 |
alert('You must enter a password when creating a new user'); |
152 |
document.userform.password.focus(); |
153 |
return false; |
154 |
} |
155 |
|
156 |
if (document.userform.password.value != "" && document.userform.password.value != document.userform.password2.value) |
157 |
{ |
158 |
alert('You must enter the exact same password twice'); |
159 |
document.userform.password.focus(); |
160 |
return false; |
161 |
} |
162 |
|
163 |
if (document.userform.password.value != "") |
164 |
{ |
165 |
document.userform.password.value = hex_md5(document.userform.password.value); |
166 |
document.userform.password2.value = ""; |
167 |
} |
168 |
|
169 |
return true; |
170 |
} |
171 |
|
172 |
</script> |
173 |
|
174 |
<form method="post" action="adm_user_edit" name="userform" onsubmit="return validateForm();"> |
175 |
<table border="0"> |
176 |
<tr> |
177 |
<td>Username: </td> |
178 |
<td><input type="text" name="username" size="40" value="<$ username $>"></td> |
179 |
</tr> |
180 |
<tr> |
181 |
<td>Realname: </td> |
182 |
<td><input type="text" name="realname" size="40" value="<$ realname $>"></td> |
183 |
</tr> |
184 |
</tr> |
185 |
<td>Enabled:</td> |
186 |
<td><input type="checkbox" name="enabled" <$ enabled ? "checked" : "" $>></td> |
187 |
</tr> |
188 |
<tr> |
189 |
<td>Useradmin:</td> |
190 |
<td><input type="checkbox" name="useradmin" <$ useradmin ? "checked" : ""$>></td> |
191 |
</tr> |
192 |
<tr> |
193 |
<td>Password:</td> |
194 |
<td><input type="password" name="password" size="40"></td> |
195 |
</tr> |
196 |
<tr> |
197 |
<td>Re-type password:</td> |
198 |
<td><input type="password" name="password2" size="40"></td> |
199 |
</tr> |
200 |
<tr> |
201 |
<td> </td> |
202 |
<td><input type="submit"><input type="reset"></td> |
203 |
</tr> |
204 |
</table> |
205 |
<input type="hidden" name="id" value="<$ id $>"> |
206 |
<input type="hidden" name="submit" value="1"> |
207 |
</form> |
208 |
|
209 |
<{ |
210 |
if (id != -1) |
211 |
{ |
212 |
}> |
213 |
|
214 |
<br> |
215 |
<form method="post" action="adm_user_delete" onsubmit="return confirm('Are you sure','Delete user');"> |
216 |
<input type="hidden" name="id" value="<$ id $>"> |
217 |
<input type="submit" value="Delete this user"> |
218 |
</form> |
219 |
|
220 |
<{ |
221 |
} //fi (id != -1) |
222 |
} //fi (showForm) |
223 |
}> |
224 |
|
225 |
<&footer> |
226 |
</&footer> |