mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity

#14 User administration rewrite (set user class, quick add user not functional, work in progress);

Browse Source 
retrieve() DB method update (work in progress);
This commit is contained in:
SecretR 2012-12-08 21:09:58 +02:00
parent 7b898e4d6d
commit 72905055e7
8 changed files with 1294 additions and 990 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
e107_admin/auth.php
View File

@ -45,7 +45,7 @@ if (ADMIN)
if(e107::getUser()->getSessionDataAs()) if(e107::getUser()->getSessionDataAs())
{ // TODO - lan { // TODO - lan
$asuser = e107::getSystemUser(e107::getUser()->getSessionDataAs(), false); $asuser = e107::getSystemUser(e107::getUser()->getSessionDataAs(), false);
e107::getMessage()->addInfo('Successfully logged in as '.($asuser && $asuser->getValue('name') ? $asuser->getValue('name') : 'unknown'). ' <a href="'.e_ADMIN_ABS.'users.php?logoutas">[logout]</a>'); e107::getMessage()->addInfo('Successfully logged in as '.($asuser->getId() ? $asuser->getName().' ('.$asuser->getValue('email').')' : 'unknown'). ' <a href="'.e_ADMIN_ABS.'users.php?mode=main&amp;action=logoutas">[logout]</a>');
} }
// NEW, legacy 3rd party code fix, header called inside the footer o.O // NEW, legacy 3rd party code fix, header called inside the footer o.O
if(deftrue('e_ADMIN_UI')) if(deftrue('e_ADMIN_UI'))

2104
e107_admin/users.php
View File

File diff suppressed because it is too large Load Diff

14
e107_handlers/admin_ui.php
View File

@ -138,7 +138,7 @@ class e_admin_request
$this->_id = intval($this->_request_qry[$this->_id_key]); $this->_id = intval($this->_request_qry[$this->_id_key]);
} }
$this->_posted_qry = $_POST; //raw? $this->_posted_qry =& $_POST; //raw?
return $this; return $this;
} }
@ -183,10 +183,12 @@ class e_admin_request
if(null === $value) if(null === $value)
{ {
unset($this->_request_qry[$key]); unset($this->_request_qry[$key]);
unset($_GET[$key]);
return $this; return $this;
} }
$this->_request_qry[$key] = $value; $this->_request_qry[$key] = $value;
$_GET[$key] = $value;
return $this; return $this;
} }
@ -410,9 +412,10 @@ class e_admin_request
* @param string|array $merge_with [optional] override request values * @param string|array $merge_with [optional] override request values
* @param boolean $encode if true &amp; separator will be used, all values will be http encoded, default true * @param boolean $encode if true &amp; separator will be used, all values will be http encoded, default true
* @param string|array $exclude_from_query numeric array/comma separated list of vars to be excluded from current query, true - don't use current query at all * @param string|array $exclude_from_query numeric array/comma separated list of vars to be excluded from current query, true - don't use current query at all
* @param boolean $keepSpecial don't exclude special vars as 'mode' and 'action'
* @return string url encoded query string * @return string url encoded query string
*/ */
public function buildQueryString($merge_with = array(), $encode = true, $exclude_from_query = '') public function buildQueryString($merge_with = array(), $encode = true, $exclude_from_query = '', $keepSpecial = true)
{ {
$ret = $this->getQuery(); $ret = $this->getQuery();
@ -430,7 +433,7 @@ class e_admin_request
{ {
foreach ($exclude_from_query as $var) foreach ($exclude_from_query as $var)
{ {
unset($ret[$var]); if($keepSpecial && $var != $this->_action_key && $var != $this->_mode_key) unset($ret[$var]);
} }
} }
@ -3853,9 +3856,8 @@ class e_admin_ui extends e_admin_controller_ui
$this->setPosted(array()); $this->setPosted(array());
return; // always break on cancel! return; // always break on cancel!
} }
// TODO - investigate - strange post vale of delete triggers, switched to key
// for quick fix $id = intval(key($posted));
$id = intval(key($posted));//intval(array_shift($posted));
if($this->deleteConfirmScreen && !$this->getPosted('etrigger_delete_confirm')) if($this->deleteConfirmScreen && !$this->getPosted('etrigger_delete_confirm'))
{ {
// forward data to delete confirm screen // forward data to delete confirm screen

2
e107_handlers/e107_class.php
View File

@ -1387,7 +1387,7 @@ class e107
/** /**
* Retrieve User Perms (admin perms) handler singleton object * Retrieve User Perms (admin perms) handler singleton object
* @return comment * @return e_userperms
*/ */
public static function getUserPerms() public static function getUserPerms()
{ {

70
e107_handlers/mysql_class.php
View File

@ -341,25 +341,37 @@ class e_db_mysql
* // Get single row set, $multi and indexField are ignored * // Get single row set, $multi and indexField are ignored
* $array = e107::getDb()->retrieve('user', 'user_email, user_name', 'user_id=1'); * $array = e107::getDb()->retrieve('user', 'user_email, user_name', 'user_id=1');
* *
* // Fetch all, don't append WHERE to the query, index by user_id * // Fetch all, don't append WHERE to the query, index by user_id, noWhere auto detected (string starts with upper case ORDER)
* $array = e107::getDb()->retrieve('user', 'user_id, user_email, user_name', 'ORDER BY user_email LIMIT 0,20', true, true, 'user_id'); * $array = e107::getDb()->retrieve('user', 'user_id, user_email, user_name', 'ORDER BY user_email LIMIT 0,20', true, 'user_id');
* *
* // Same as above but retrieve() is only used to fetch, not useable for single return value * // Same as above but retrieve() is only used to fetch, not useable for single return value
* if(e107::getDb()->select('user', 'user_id, user_email, user_name', 'ORDER BY user_email LIMIT 0,20', true)) * if(e107::getDb()->select('user', 'user_id, user_email, user_name', 'ORDER BY user_email LIMIT 0,20', true))
* { * {
* $array = e107::getDb()->retrieve(false, '', '', false, true, 'user_id'); * $array = e107::getDb()->retrieve(null, null, null, true, 'user_id');
* } * }
* *
* // Using whole query example, in this case default mode is 'single'
* $array = e107::getDb()->retrieve('SELECT
* p.*, u.user_email, u.user_name FROM `#user` AS u
* LEFT JOIN `#myplug_table` AS p ON p.myplug_table=u.user_id
* ORDER BY u.user_email LIMIT 0,20'
* );
*
* // Using whole query example, multi mode - $fields argument mapped to $multi
* $array = e107::getDb()->retrieve('SELECT u.user_email, u.user_name FROM `#user` AS U ORDER BY user_email LIMIT 0,20', true);
*
* // Using whole query example, multi mode with index field
* $array = e107::getDb()->retrieve('SELECT u.user_email, u.user_name FROM `#user` AS U ORDER BY user_email LIMIT 0,20', null, null, true, 'user_id');
* </code> * </code>
* *
* @param string $table if empty, enter fetch only mode * @param string $table if empty, enter fetch only mode
* @param string $fields comma separated list of fields or * or single field name (get one) * @param string $fields comma separated list of fields or * or single field name (get one); if $fields is of type boolean and $where is not found, $fields overrides $multi
* @param string $where WHERE/ORDER/LIMIT etc clause, empty to disable * @param string $where WHERE/ORDER/LIMIT etc clause, empty to disable
* @param boolean $noWhere if true $where doesn't contain any WHERE clause (e.g. ORDER/LIMIT only), don't prepare WHERE
* @param boolean $multi if true, fetch all (multi mode) * @param boolean $multi if true, fetch all (multi mode)
* @param string $indexField field name to be used for indexing when in multi mode * @param string $indexField field name to be used for indexing when in multi mode
* @param boolean $debug
*/ */
public function retrieve($table, $fields = '*', $where=null, $noWhere = false, $multi = false, $indexField = null) public function retrieve($table, $fields = null, $where=null, $multi = false, $indexField = null, $debug = false)
{ {
// fetch mode // fetch mode
if(empty($table)) if(empty($table))
@ -377,20 +389,47 @@ class e_db_mysql
// detect mode // detect mode
$mode = 'one'; $mode = 'one';
if('*' !== $fields && strpos($fields, ',') === false) if($table && !$where && is_bool($fields))
{
// table is the query, fields used for multi
if($fields) $mode = 'multi';
else $mode = 'single';
$fields = null;
}
elseif($fields && '*' !== $fields && strpos($fields, ',') === false && $where)
{ {
$mode = 'single'; $mode = 'single';
} }
elseif($multi) if($multi)
{ {
$mode = 'multi'; $mode = 'multi';
} }
// detect query type
$select = true;
$noWhere = false;
if(!$fields && !$where)
{
// gen()
$select = false;
if($mode == 'one') $mode = 'single';
}
// auto detect noWhere - if where string starts with upper case LATIN word
elseif(!$where || preg_match('/^[A-Z]+\S.*$/', trim($where)))
{
// FIXME - move auto detect to select()?
$noWhere = true;
}
// execute & fetch // execute & fetch
switch ($mode) switch ($mode)
{ {
case 'single': case 'single':
if(!$this->select($table, $fields, $where, $noWhere)) if($select && !$this->select($table, $fields, $where, $noWhere, $debug))
{
return null;
}
elseif(!$select && $this->gen($table, $debug))
{ {
return null; return null;
} }
@ -398,7 +437,11 @@ class e_db_mysql
break; break;
case 'one': case 'one':
if(!$this->select($table, $fields, $where, $noWhere)) if($select && !$this->select($table, $fields, $where, $noWhere, $debug))
{
return array();
}
elseif(!$select && $this->gen($table, $debug))
{ {
return array(); return array();
} }
@ -406,9 +449,12 @@ class e_db_mysql
break; break;
case 'multi': case 'multi':
if(!$this->select($table, $fields, $where, $noWhere)) if($select && !$this->select($table, $fields, $where, $noWhere, $debug))
{
return array();
}
elseif(!$select && $this->gen($table, $debug))
{ {
var_dump($this->getLastQuery());
return array(); return array();
} }
$ret = array(); $ret = array();

44
e107_handlers/user_handler.php
View File

@ -1410,20 +1410,13 @@ class e_userperms
$text .= "<div class='field-section'> $text .= $this->renderCheckAllButtons()."
".$frm->admin_button('check_all', 'jstarget:perms', 'action', LAN_CHECKALL)."
".$frm->admin_button('uncheck_all', 'jstarget:perms', 'action', LAN_UNCHECKALL)."
</div>
</td> </td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div class='buttons-bar center'> ".$this->renderSubmitButtons()."
<input type='hidden' name='a_id' value='{$a_id}' />
".$frm->admin_button('update_admin', ADMSLAN_52, 'update')."
".$frm->admin_button('go_back', ADMSLAN_70)."
</div>
</fieldset> </fieldset>
</form> </form>
"; ";
@ -1431,6 +1424,28 @@ class e_userperms
$ns->tablerender(ADMSLAN_52, $text); $ns->tablerender(ADMSLAN_52, $text);
} }
function renderCheckAllButtons()
{
$frm = e107::getForm();
return "
<div class='field-section'>
".$frm->admin_button('check_all', 'jstarget:perms', 'action', LAN_CHECKALL)."
".$frm->admin_button('uncheck_all', 'jstarget:perms', 'action', LAN_UNCHECKALL)."
</div>
";
}
function renderSubmitButtons()
{
$frm = e107::getForm();
return "
<div class='buttons-bar center'>
<input type='hidden' name='a_id' value='{$a_id}' />
".$frm->admin_button('update_admin', ADMSLAN_52, 'update')."
".$frm->admin_button('go_back', ADMSLAN_70)."
</div>
";
}
function renderPermTable($type,$a_perms='') function renderPermTable($type,$a_perms='')
{ {
@ -1479,8 +1494,8 @@ class e_userperms
exit(); exit();
} }
$sql->db_Select("user", "*", "user_id=".$modID); $sysuser = e107::getSystemUser($modID, false);
$row = $sql->db_Fetch(); $row = $sysuser->getData();
$a_name = $row['user_name']; $a_name = $row['user_name'];
$perm = ""; $perm = "";
@ -1498,9 +1513,10 @@ class e_userperms
{ {
$perm .= $value."."; $perm .= $value.".";
} }
} }
e107::getMessage()->addAuto($sql->db_Update("user", "user_perms='{$perm}' WHERE user_id='{$modID}' "), 'update', sprintf(ADMSLAN_2, $tp->toDB($_POST['ad_name'])), false, false); //$sql->db_Update("user", "user_perms='{$perm}' WHERE user_id='{$modID}' ")
e107::getMessage()->addAuto($sysuser->set('user_perms', $perm)->save(), 'update', sprintf(ADMSLAN_2, $tp->toDB($_POST['ad_name'])), false, false);
$logMsg = str_replace(array('--ID--', '--NAME--'),array($modID, $a_name),ADMSLAN_72).$perm; $logMsg = str_replace(array('--ID--', '--NAME--'),array($modID, $a_name),ADMSLAN_72).$perm;
$admin_log->log_event('ADMIN_01',$logMsg,E_LOG_INFORMATIVE,''); $admin_log->log_event('ADMIN_01',$logMsg,E_LOG_INFORMATIVE,'');
} }

2
e107_languages/English/admin/lan_users.php
View File

@ -166,7 +166,7 @@ define('USRLAN_160', 'Total --COUNT-- users of type --TYPE-- pruned');
define('USRLAN_161', 'User ID --UID-- name --NAME-- banned'); define('USRLAN_161', 'User ID --UID-- name --NAME-- banned');
define('USRLAN_162', 'User ID --UID-- name --NAME-- unbanned'); define('USRLAN_162', 'User ID --UID-- name --NAME-- unbanned');
define('USRLAN_163', 'User ID --UID-- deleted'); define('USRLAN_163', 'User ID --UID-- deleted');
define('USRLAN_164', 'User ID --UID-- name --NAME-- made admin'); define('USRLAN_164', 'User ID --UID-- name --NAME-- (--EMAIL--) made admin');
define('USRLAN_165', 'User ID --UID-- name --NAME-- admin status revoked'); define('USRLAN_165', 'User ID --UID-- name --NAME-- admin status revoked');
define('USRLAN_166', 'User ID --UID-- name --NAME-- approved'); define('USRLAN_166', 'User ID --UID-- name --NAME-- approved');
//FIX ME USERLAN_160 - USERLAN_166 need to be reworked avoid duplication. //FIX ME USERLAN_160 - USERLAN_166 need to be reworked avoid duplication.

46
e107_web/js/core/all.jquery.js
View File

@ -14,16 +14,46 @@ $(document).ready(function()
//check all //check all
$("#check-all").click(function(){ $("#check-all").click(function(event){
$(".field-spacer").each( function() { var val = $(this).val(), selector = '.field-spacer';
$(this).children(":checkbox").attr("checked",true); event.preventDefault();
}) // e.g. <button id="check-all" value="jstarget:perms"><span>Check All</span></button> - match all checkboxes with attribute 'name="perms[]"
if(val && val.match(/^jstarget\:/))
{
selector = 'input:checkbox[name^=' + val.split(':')[1] + ']';
$(selector).each( function() {
$(this).attr("checked",true);
});
return;
}
// checkboxes children of .field-spacer
else
{
$(selector).each( function() {
$(this).children(":checkbox").attr("checked",true);
})
}
}) })
$("#uncheck-all").click(function(){ $("#uncheck-all").click(function(event) {
$(".field-spacer").each( function() { var val = $(this).val(), selector = '.field-spacer';
$(this).children(":checkbox").attr("checked",false); event.preventDefault();
}) // e.g. <button id="uncheck-all" value="jstarget:perms"><span>Uncheck All</span></button> - match all checkboxes with attribute 'name="perms[]"
if(val && val.match(/^jstarget\:/))
{
selector = 'input:checkbox[name^=' + val.split(':')[1] + ']';
$(selector).each( function() {
$(this).attr("checked",false);
})
}
// checkboxes children of .field-spacer
else
{
$(".field-spacer").each( function() {
$(this).children(":checkbox").attr("checked",false);
});
}
}) })