tntnet/dynamic/adm_user_edit.ecpp

<%pre>
#include <tntdb/connect.h>
#include <tntdb/connection.h>
#include <tntdb/result.h>
#include <tntdb/row.h>

#include <sstream>

#include "common.h"
</%pre>

<%config>
dburl;
</%config>

<%session scope="global">
std::string userName;
bool isAdmin;
</%session>

<%args>
int id;
</%args>

<{
if (userName.size() == 0)
{
        reply.setHeader("Location", "index");
        return HTTP_MOVED_TEMPORARILY;
}
if (!isAdmin)
{
    reply.setHeader("Location", "index");
    return HTTP_MOVED_TEMPORARILY;
}
}>


<&header title="User Administration">
</&header>


<{

if (id == -1)
        reply.out() << "<h2>New User</h2>\n";
else
        reply.out() << "<h2>Modify User</h2>\n";

reply.out() << "<a href='adm_user_list'>";
reply.sout() << "<< back to user list";
reply.out() << "</a><br><br>";

tntdb::Connection conn = tntdb::connect(dburl); 


std::string submit = qparam.param("submit");
if (submit == "1")
{
        std::string form_username = trim(qparam.param("username"));
        std::string form_realname = trim(qparam.param("realname"));
        bool form_enabled = qparam.param("enabled") == "on";
        bool form_useradmin= qparam.param("useradmin") == "on";
        std::string form_password = trim(qparam.param("password"));


        if (id == -1)
        {
                tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)");
                st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password);
                st.setBool("v4", form_enabled).setBool("v5", form_useradmin);
                st.execute();


                reply.setHeader("Location", "adm_user_list");
                return HTTP_MOVED_TEMPORARILY;
        }
        else
        {
                tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5");
                st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id);
                st.execute();

                if (form_password.size() > 0)
                {
                        st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2");
                        st.setString("v1", form_password).setInt("v2", id);
                        st.execute();
                }

                reply.out() << "<i>User updated</i><br>\n";
        }

}


std::string username;
std::string realname;
bool enabled = true;
bool useradmin = false;

bool showForm = true;

if (id != -1)
{
        std::stringstream query;
        query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id;
        tntdb::Result res = conn.select(query.str());

        if (res.size() > 0)
        {
                username = res[0].getString(0);
                realname = res[0].getString(1);
                enabled = res[0].getBool(2);
                useradmin = res[0].getBool(3);
        }

        else
        {
                reply.out() << "<p><i>Invalid user ID !</i></p>\n";
                showForm = false;
        }
}

if (showForm)
{
}>

<script type="text/javascript" language="JavaScript" src="/md5.js"></script>
<script type="text/javascript" language="JavaScript" src="/trim.js"></script>
<script type="text/javascript">

function validateForm()
{
        document.userform.username.value = trim(document.userform.username.value);
        document.userform.password.value = trim(document.userform.password.value);
        document.userform.password2.value = trim(document.userform.password2.value);

        if (document.userform.username.value == "")
        {
                alert('Username may not be blank');
                document.userform.username.focus();
                return false;
        }

        if (document.userform.id.value == "-1" && document.userform.password.value == "")   
        {               
                alert('You must enter a password when creating a new user');
                document.userform.password.focus();
                return false;
        }

        if (document.userform.password.value != "" && document.userform.password.value != document.userform.password2.value)
        {
                alert('You must enter the exact same password twice');
                document.userform.password.focus();
                return false;
        }

        if (document.userform.password.value != "")
        {
                document.userform.password.value = hex_md5(document.userform.password.value);
                document.userform.password2.value = "";
        }

        return true;
}

</script>

<form method="post" action="adm_user_edit" name="userform" onsubmit="return validateForm();">
<table border="0">
<tr>
  <td>Username: </td>
  <td><input type="text" name="username" size="40" value="<$ username $>"></td>
</tr>
<tr>
  <td>Realname: </td>
  <td><input type="text" name="realname" size="40" value="<$ realname $>"></td>
</tr>
</tr>
  <td>Enabled:</td>
  <td><input type="checkbox" name="enabled" <$ enabled ? "checked" : "" $>></td>
</tr>
<tr>
  <td>Useradmin:</td>  
  <td><input type="checkbox" name="useradmin" <$ useradmin ? "checked" : ""$>></td>
</tr>
<tr>
  <td>Password:</td>
  <td><input type="password" name="password" size="40"></td>
</tr>
<tr>
  <td>Re-type password:</td>
  <td><input type="password" name="password2" size="40"></td>
</tr>
<tr>
  <td>&nbsp;</td>
  <td><input type="submit"><input type="reset"></td>
</tr>
</table>
<input type="hidden" name="id" value="<$ id $>">
<input type="hidden" name="submit" value="1">
</form>

<{
if (id != -1)
{
}>

<br>
<br>
<form method="post" action="adm_user_delete" onsubmit="return confirm('Are you sure','Delete user');">
<input type="hidden" name="id" value="<$ id $>">
<input type="submit" value="Delete this user">
</form>

<{
} //fi (id != -1)
} //fi (showForm)
}>

<&footer>
</&footer>
1	<%pre>
2	#include <tntdb/connect.h>
3	#include <tntdb/connection.h>
4	#include <tntdb/result.h>
5	#include <tntdb/row.h>
6
7	#include <sstream>
8
9	#include "common.h"
10	</%pre>
11
12	<%config>
13	dburl;
14	</%config>
15
16	<%session scope="global">
17	std::string userName;
18	bool isAdmin;
19	</%session>
20
21	<%args>
22	int id;
23	</%args>
24
25	<{
26	if (userName.size() == 0)
27	{
28	reply.setHeader("Location", "index");
29	return HTTP_MOVED_TEMPORARILY;
30	}
31	if (!isAdmin)
32	{
33	reply.setHeader("Location", "index");
34	return HTTP_MOVED_TEMPORARILY;
35	}
36	}>
37
38
39	<&header title="User Administration">
40	</&header>
41
42
43	<{
44
45	if (id == -1)
46	reply.out() << "<h2>New User</h2>\n";
47	else
48	reply.out() << "<h2>Modify User</h2>\n";
49
50	reply.out() << "<a href='adm_user_list'>";
51	reply.sout() << "<< back to user list";
52	reply.out() << "</a><br><br>";
53
54	tntdb::Connection conn = tntdb::connect(dburl);
55
56
57	std::string submit = qparam.param("submit");
58	if (submit == "1")
59	{
60	std::string form_username = trim(qparam.param("username"));
61	std::string form_realname = trim(qparam.param("realname"));
62	bool form_enabled = qparam.param("enabled") == "on";
63	bool form_useradmin= qparam.param("useradmin") == "on";
64	std::string form_password = trim(qparam.param("password"));
65
66
67	if (id == -1)
68	{
69	tntdb::Statement st = conn.prepare("INSERT INTO users (username,realname,password,enabled,useradmin) values (:v1, :v2, :v3, :v4, :v5)");
70	st.setString("v1", form_username).setString("v2", form_realname).setString("v3",form_password);
71	st.setBool("v4", form_enabled).setBool("v5", form_useradmin);
72	st.execute();
73
74
75	reply.setHeader("Location", "adm_user_list");
76	return HTTP_MOVED_TEMPORARILY;
77	}
78	else
79	{
80	tntdb::Statement st = conn.prepare("UPDATE users SET username=:v1, realname=:v2, enabled=:v3, useradmin=:v4 WHERE id=:v5");
81	st.setString("v1", form_username).setString("v2", form_realname).setBool("v3", form_enabled).setBool("v4", form_useradmin).setInt("v5", id);
82	st.execute();
83
84	if (form_password.size() > 0)
85	{
86	st = conn.prepare("UPDATE users SET password=:v1 WHERE id=:v2");
87	st.setString("v1", form_password).setInt("v2", id);
88	st.execute();
89	}
90
91	reply.out() << "<i>User updated</i><br>\n";
92	}
93
94	}
95
96
97	std::string username;
98	std::string realname;
99	bool enabled = true;
100	bool useradmin = false;
101
102	bool showForm = true;
103
104	if (id != -1)
105	{
106	std::stringstream query;
107	query << "SELECT username,realname,enabled,useradmin FROM users WHERE id = " << id;
108	tntdb::Result res = conn.select(query.str());
109
110	if (res.size() > 0)
111	{
112	username = res[0].getString(0);
113	realname = res[0].getString(1);
114	enabled = res[0].getBool(2);
115	useradmin = res[0].getBool(3);
116	}
117
118	else
119	{
120	reply.out() << "<p><i>Invalid user ID !</i></p>\n";
121	showForm = false;
122	}
123	}
124
125	if (showForm)
126	{
127	}>
128
129	<script type="text/javascript" language="JavaScript" src="/md5.js"></script>
130	<script type="text/javascript" language="JavaScript" src="/trim.js"></script>
131	<script type="text/javascript">
132
133	function validateForm()
134	{
135	document.userform.username.value = trim(document.userform.username.value);
136	document.userform.password.value = trim(document.userform.password.value);
137	document.userform.password2.value = trim(document.userform.password2.value);
138
139	if (document.userform.username.value == "")
140	{
141	alert('Username may not be blank');
142	document.userform.username.focus();
143	return false;
144	}
145
146	if (document.userform.id.value == "-1" && document.userform.password.value == "")
147	{
148	alert('You must enter a password when creating a new user');
149	document.userform.password.focus();
150	return false;
151	}
152
153	if (document.userform.password.value != "" && document.userform.password.value != document.userform.password2.value)
154	{
155	alert('You must enter the exact same password twice');
156	document.userform.password.focus();
157	return false;
158	}
159
160	if (document.userform.password.value != "")
161	{
162	document.userform.password.value = hex_md5(document.userform.password.value);
163	document.userform.password2.value = "";
164	}
165
166	return true;
167	}
168
169	</script>
170
171	<form method="post" action="adm_user_edit" name="userform" onsubmit="return validateForm();">
172	<table border="0">
173	<tr>
174	<td>Username: </td>
175	<td><input type="text" name="username" size="40" value="<$ username $>"></td>
176	</tr>
177	<tr>
178	<td>Realname: </td>
179	<td><input type="text" name="realname" size="40" value="<$ realname $>"></td>
180	</tr>
181	</tr>
182	<td>Enabled:</td>
183	<td><input type="checkbox" name="enabled" <$ enabled ? "checked" : "" $>></td>
184	</tr>
185	<tr>
186	<td>Useradmin:</td>
187	<td><input type="checkbox" name="useradmin" <$ useradmin ? "checked" : ""$>></td>
188	</tr>
189	<tr>
190	<td>Password:</td>
191	<td><input type="password" name="password" size="40"></td>
192	</tr>
193	<tr>
194	<td>Re-type password:</td>
195	<td><input type="password" name="password2" size="40"></td>
196	</tr>
197	<tr>
198	<td> </td>
199	<td><input type="submit"><input type="reset"></td>
200	</tr>
201	</table>
202	<input type="hidden" name="id" value="<$ id $>">
203	<input type="hidden" name="submit" value="1">
204	</form>
205
206	<{
207	if (id != -1)
208	{
209	}>
210
211	<br>
212	<br>
213	<form method="post" action="adm_user_delete" onsubmit="return confirm('Are you sure','Delete user');">
214	<input type="hidden" name="id" value="<$ id $>">
215	<input type="submit" value="Delete this user">
216	</form>
217
218	<{
219	} //fi (id != -1)
220	} //fi (showForm)
221	}>
222
223	<&footer>
224	</&footer>