user admin page to support them as well as the menu items components.
Also made the menu bar a different colour - an ugly colour - need to
implement css properly really.
<?php
+// we call it 00aaa so it gets called first
$CALL_ME_FUNCTIONS["00aaa"] = "gwvp_AuthCallMe";
function gwvp_AuthCallMe()
{
+ global $LOGIN_TYPE;
session_start();
-
+
if(isset($_REQUEST["q"])) {
$query = $_REQUEST["q"];
if($query == "login") return "gwvp_AuthHandleLogin";
+ if($query == "logout") return "gwvp_AuthHandleLogout";
if($query == "register") return "gwvp_RegistrationCall";
- else return false;
+ }
+ $login = gwvp_isLoggedIn();
+
+ error_log("authcallme as $login");
+ if($login!== false) {
+ if(gwvp_IsUserAdmin(null, $login)) {
+ $LOGIN_TYPE = "admin";
+ } else {
+ $LOGIN_TYPE = "user";
+ }
+ } else {
+ $LOGIN_TYPE = "anon";
}
return false;
}
+// $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
+function gwvp_CheckAuthLevel($levels)
+{
+ global $LOGIN_TYPE;
+
+ $spl = explode(",", $levels);
+ foreach($spl as $levs) {
+ if($LOGIN_TYPE == $levs) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+function gwvp_AuthHandleLogout()
+{
+ global $BASE_URL;
+
+ unset($_SESSION["isloggedin"]);
+ unset($_SESSION["username"]);
+ unset($_SESSION["fullname"]);
+ unset($_SESSION["usertype"]);
+
+ gwvp_SendMessage("info", "Logged out");
+ header("Location: $BASE_URL");
+}
+
function gwvp_RegistrationCall()
{
if(gwvp_IsRegistrationEnabled()) {
function gwvp_AuthHandleLogin()
{
global $BASE_URL;
+
$user = "";
$pass = "";
if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
-
- // auth the user
- if($user == "user" && $pass == "pass") {
- $_SESSION["isloggedin"] = true;
- $_SESSION["username"] = "user";
- } else {
+
+ $details = gwvp_getUser($user);
+ if($details == false) {
gwvp_SendMessage("error", "Login Failed");
+ header("Location: $BASE_URL");
+ return false;
}
-
- header("Location: $BASE_URL");
+
+ if(sha1($pass)!=$details["password"]) {
+ gwvp_SendMessage("error", "Login Failed");
+ header("Location: $BASE_URL");
+ return false;
+ } else {
+ $_SESSION["isloggedin"] = true;
+ $_SESSION["username"] = "$user";
+ $_SESSION["fullname"] = $details["fullname"];
+ if(gwvp_IsUserAdmin($details["email"])) {
+ $_SESSION["usertype"] = "admin";
+ } else {
+ $_SESSION["usertype"] = "user";
+ }
+ gwvp_SendMessage("info", "Welcome, ".$details["fullname"]." you are logged in");
+ header("Location: $BASE_URL");
+ return true;
+ }
+
}
function gwvp_RegistrationPageBody()
{
?>
- <form method="post">
+<form method="post">
<table>
- <tr><td>Name</td><td><input name="name" type="text"></td><td>Your Full Name</td></tr>
- <tr><td>Email</td><td><input name="email" type="text"></td><td>Your Email Address</td></tr>
- <tr><td>User Name</td><td><input name="username" type="text"></td><td>The Name Used to Refer to you on the site</td></tr>
- <tr><td><input type="submit" name="register" value="Register"></td></tr>
+ <tr>
+ <td>Name</td>
+ <td><input name="name" type="text"></td>
+ <td>Your Full Name</td>
+ </tr>
+ <tr>
+ <td>Email</td>
+ <td><input name="email" type="text"></td>
+ <td>Your Email Address</td>
+ </tr>
+ <tr>
+ <td>User Name</td>
+ <td><input name="username" type="text"></td>
+ <td>The Name Used to Refer to you on the site</td>
+ </tr>
+ <tr>
+ <td><input type="submit" name="register" value="Register"></td>
+ </tr>
</table>
- </form>
+</form>
<?php
}
function gwvp_SingleLineLoginForm()
{
global $BASE_URL;
-
+
echo "<form method=\"post\" action=\"$BASE_URL/login\">Username <input type=\"text\" name=\"username\" class=\"login\">";
echo " Passowrd <input type=\"text\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";
if(gwvp_IsRegistrationEnabled()) echo "<a href=\"$BASE_URL/register\">Register</a></form>";
<?php
// setup the call me function for useradmin - matches on url of admin/users
-$CALL_ME_FUNCTIONS["config"] = "gwvp_ConfigCallMe";
-$MENU_ITEMS["40config"]["text"] = "Configuration";
-$MENU_ITEMS["40config"]["link"] = "$BASE_URL/admin/config";
+// crap, this wont work
+//if(isset($_SESSION["usertype"])) if($_SESSION["usertype"] == "admin") {
+ $CALL_ME_FUNCTIONS["config"] = "gwvp_ConfigCallMe";
+ $MENU_ITEMS["40config"]["text"] = "Configuration";
+ $MENU_ITEMS["40config"]["link"] = "$BASE_URL/admin/config";
+ $MENU_ITEMS["40config"]["userlevel"] = "admin";
+//}
function gwvp_ConfigCallMe()
<form method="post">
<table>
<tr><td>Allow User Registration</td><td><input type="checkbox" name="allowreg"></td></tr>
+<tr><td>Allow User Created Groups</td><td><input type="checkbox" name="allowusercreatedgroup"></td></tr>
</table>
</form>
*/
}
+function gwvp_getUser($username=null, $email=null, $id=null)
+{
+ $conn = gwvp_ConnectDB();
+
+ if($username != null) {
+ $res = $conn->query("select * from users where user_username='$username'");
+ } else if($email != null) {
+ $res = $conn->query("select * from users where user_email='$email'");
+ } else if($id != null) {
+ $res = $conn->query("select * from users where users_id='$id'");
+ } else return false;
+
+ $returns = false;
+ foreach($res as $u_res) {
+ $returns["id"] = $u_res["users_id"];
+ $returns["fullname"] = $u_res["user_full_name"];
+ $returns["password"] = $u_res["user_password"];
+ $returns["username"] = $u_res["user_username"];
+ $returns["email"] = $u_res["user_email"];
+ $returns["desc"] = $u_res["user_desc"];
+ $returns["status"] = $u_res["user_status"];
+ }
+
+ return $returns;
+
+}
+
function gwvp_getUsers()
{
$conn = gwvp_ConnectDB();
return $return;
}
-function gwvp_getUserId($useremail)
+function gwvp_getUserId($useremail=null, $username = null)
{
$conn = gwvp_ConnectDB();
- $sql = "select users_id from users where user_email='$useremail'";
+ if($useremail != null) {
+ $sql = "select users_id from users where user_email='$useremail'";
+ } else if($username != null) {
+ $sql = "select users_id from users where user_username='$username'";
+ } else return false;
$res = $conn->query($sql);
$return = false;
if($result == 1) return true;
}
-function gwvp_IsUserAdmin($email)
+function gwvp_IsUserAdmin($email=null, $username = null)
{
$conn = gwvp_ConnectDB();
- $id = gwvp_getUserId($email);
- $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'";
+
+ // TODO: clean this up, this should be a single query - idiot
+ if($email != null) {
+ $id = gwvp_getUserId($email);
+ $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'";
+ } else if($username != null) {
+ $id = gwvp_getUserId(null, $username);
+ $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'";
+ } else return false;
$res = $conn->query($sql);
$rn = 0;
function gwvp_DebugEnabled()
{
- global $BASE_URL;
+ global $BASE_URL, $LOGIN_TYPE;
echo "<pre>";
+ echo "USERTYPE: $LOGIN_TYPE\n";
echo "BASEURL: $BASE_URL\n";
echo "CUSTOM\n";
echo "\n\nserver\n";
global $db_name;
unlink("$db_name");
gwvp_dbCreateSQLiteStructure("$db_name");
+ //gwvp_createGroup($group_name, $is_admin, $owner_id)
+ //gwvp_createUser($email, $fullname, $password, $username, $desc, $status)
+ //gwvp_addGroupMember($email, $groupname)
+ gwvp_createUser("admin@localhost", "adminer", "password", "admin", "initial admin user", 0);
+ gwvp_createGroup("admingroup", 1, gwvp_getUserId("admin@localhost"));
+ gwvp_addGroupMember("admin@localhost", "admingroup");
+ gwvp_createUser("user@localhost", "userer", "password", "user", "initial pleb user", 0);
+ gwvp_createGroup("usergroup", 0, gwvp_getUserId("user@localhost"));
+ gwvp_addGroupMember("user@localhost", "usergroup");
gwvp_SendMessage("info", "blank db re-created");
header("Location: $BASE_URL/debug");
break;
function gwvp_UserAdminPageBody()
{
+ global $LOGIN_TYPE;
+
$groups = gwvp_getGroups();
$users = gwvp_getUsers();
- echo "<h2>User/Group Administration</h2>";
+ echo "<h2>Users and Groups</h2>";
echo "On this page you can manage users, groups, group membership and update your profile<br>";
echo "<table>";
- // Header part of table
- echo "<tr><td valign=\"top\"><h3>My Profile</h3></td><td><h3>My Groups</h3></td></tr>";
-
- echo "<tr>";
- // user profile bit
- echo "<td valign=\"top\">";
- echo "User profile bits go here";
- echo "</td>";
-
- // now the group bit for the user
- echo "<td valign=\"top\">";
- echo "User owned groups, and groups their a member of go here";
- echo "</td>";
- echo "</tr>";
+ echo "<tr><td colspan=\"2\"><hr></td></tr>";
- echo "<tr><td valign=\"top\"><h3>Users</h3></td><td><h3>Groups</h3></td></tr>";
-
- // create user bit
- echo "<tr><td valign=\"top\">";
-
- echo "Create User<br>";
- echo "<form method=\"post\">";
- echo "<table>";
- echo "<tr><td>EMail</td><td><input type=\"text\" name=\"email\"></td>";
- echo "<td>Full Name</td><td><input type=\"text\" name=\"fullname\"></td></tr>";
- echo "<tr><td>Password</td><td><input type=\"text\" name=\"pass1\"></td>";
- echo "<td>Password Confirm</td><td><input type=\"text\" name=\"pass2\"></td></tr>";
- echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td>";
- echo "<td>Description</td><td><input type=\"text\" name=\"desc\"></td></tr>";
- echo "<tr><td><input type=\"submit\" name=\"Create\" value=\"Create\" class=\"buttons\"></td></tr>";
- echo "</table>";
- echo "</form>";
-
- echo "</td><td valign=\"top\">";
+ // Header part of table
+ // user self-management bit
+ if($LOGIN_TYPE != "anon") {
+ echo "<tr><td valign=\"top\"><h3>My Profile</h3></td><td><h3>My Groups</h3></td></tr>";
+
+ echo "<tr>";
+ // user profile bit
+ echo "<td valign=\"top\">";
+ echo "User profile bits go here";
+ echo "</td>";
+
+ // now the group bit for the user
+ echo "<td valign=\"top\">";
+ echo "User owned groups, and groups their a member of go here";
+ echo "</td>";
+ echo "</tr>";
+
+ echo "<tr><td colspan=\"2\"><hr></td></tr>";
+ }
- // Create group
- echo "<form method=\"post\">";
- echo "<table>";
- echo "<tr><td>Group Name</td><td><input type=\"text\" name=\"groupname\"><td></tr>";
- echo "<tr><td>Admin Group?</td><td><input type=\"checkbox\" name=\"admingroup\" class=\"mycheckbox\"></td></tr>";
- echo "<tr><td>Owner</td><td><div><select class=\"myselect\" name=\"groupowner\">";
- foreach($users as $u_users) {
- $uid = $u_users["id"];
- $email = $u_users["email"];
- $username = $u_users["username"];
- $fullname = $u_users["fullname"];
- echo "<option value=\"$uid\">$username, $fullname ($email)</option>";
+ // admin only bit
+ if($LOGIN_TYPE == "admin") {
+ echo "<tr><td valign=\"top\"><h3>Create User</h3></td><td><h3>Create Group</h3></td></tr>";
+
+ // create user bit
+ echo "<tr><td valign=\"top\">";
+
+ echo "<form method=\"post\">";
+ echo "<table>";
+ echo "<tr><td>EMail</td><td><input type=\"text\" name=\"email\"></td>";
+ echo "<td>Full Name</td><td><input type=\"text\" name=\"fullname\"></td></tr>";
+ echo "<tr><td>Password</td><td><input type=\"text\" name=\"pass1\"></td>";
+ echo "<td>Password Confirm</td><td><input type=\"text\" name=\"pass2\"></td></tr>";
+ echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td>";
+ echo "<td>Description</td><td><input type=\"text\" name=\"desc\"></td></tr>";
+ echo "<tr><td><input type=\"submit\" name=\"Create\" value=\"Create\" class=\"buttons\"></td></tr>";
+ echo "</table>";
+ echo "</form>";
+
+ echo "</td><td valign=\"top\">";
+
+ // Create group
+ echo "<form method=\"post\">";
+ echo "<table>";
+ echo "<tr><td>Group Name</td><td><input type=\"text\" name=\"groupname\"><td></tr>";
+ echo "<tr><td>Admin Group?</td><td><input type=\"checkbox\" name=\"admingroup\" class=\"mycheckbox\"></td></tr>";
+ echo "<tr><td>Owner</td><td><div><select class=\"myselect\" name=\"groupowner\">";
+ foreach($users as $u_users) {
+ $uid = $u_users["id"];
+ $email = $u_users["email"];
+ $username = $u_users["username"];
+ $fullname = $u_users["fullname"];
+ echo "<option value=\"$uid\">$username, $fullname ($email)</option>";
+ }
+ echo "</select></div></td></tr>";
+
+
+
+ echo "<tr><td><input type=\"submit\" name=\"Create\" value=\"Create\" class=\"buttons\"></td></tr>";
+ echo "</table>";
+ echo "</form>";
+
+
+ echo "</td></tr>";
+ echo "<tr><td colspan=\"2\"><hr></td></tr>";
}
- echo "</select></div></td></tr>";
- echo "<tr><td><input type=\"submit\" name=\"Create\" value=\"Create\" class=\"buttons\"></td></tr>";
- echo "</table>";
- echo "</form>";
- echo "</td></tr>";
+ // TODO: whats seen here will depend GREATLY on setting in config - need to fix this later
// user list
+ echo "<tr><td valign=\"top\"><h3>Users</h3></td><td><h3>Groups</h3></td></tr>";
+
echo "<tr><td>";
echo "<table border=\"1\">";
- echo "<tr><th>EMail</th><th>Username</th><th>Full Name</th><th>In Groups</th><th>Owns Groups</th><th>Description</th><th>Admin?</th><th>Status</th></tr>";
+ switch($LOGIN_TYPE) {
+ case "anon":
+ echo "<tr><th>Username</th><th>Groups</th><th>Description</th></tr>";
+ break;
+ case "admin":
+ echo "<tr><th>EMail</th><th>Username</th><th>Full Name</th><th>Groups</th><th>Description</th><th>Admin?</th><th>Status</th><th>Modify</th></tr>";
+ break;
+ case "user":
+ echo "<tr><th>Username</th><th>Groups</th><th>Description</th></tr>";
+ break;
+ }
+
/*
* $returns[$rn]["id"] = $u_res["users_id"];
$returns[$rn]["fullname"] = $u_res["user_full_name"];
$globaladmin = "No";
}
+
+ // TODO: sort out group prints here
$ingroups = gwvp_getGroupsForUser($email);
- $ugroups = "";
- foreach($ingroups as $grname) {
- $ugroups .= "$grname<br>";
- }
- trim($ugroups);
$ownedgroups = gwvp_getGroupsOwnedByUser($email);
- $ogroups = "";
+ $ugroups = "";
if($ownedgroups == false) $ogroups = "-";
else {
foreach($ownedgroups as $gr_u) {
- $ogroups .= "$gr_u ";
+ $ugroups .= "<font color=\"#3333ff\">$gr_u</font><br>";
+ }
+ }
+ trim($ugroups);
+
+
+ foreach($ingroups as $grname) {
+ $isownedgroup = false;
+ foreach($ownedgroups as $gr_u) {
+ if($grname == $gr_u) $isownedgroup = true;
}
+ if(!$isownedgroup) $ugroups .= "$grname<br>";
}
+ trim($ugroups);
+
+ switch($LOGIN_TYPE) {
+ case "anon":
+ echo "<tr><td>$username</td><td>$ugroups</td><td>$desc</td></tr>";
+ break;
+ case "admin":
+ echo "<tr><td>$email</td><td>$username</td><td>$fullname</td><td>$ugroups</td><td>$desc</td><td>$globaladmin</td><td>$status</td></tr>";
+ break;
+ case "user":
+ echo "<tr><td>$username</td><td>$ugroups</td><td>$desc</td></tr>";
+ break;
+ }
+
- echo "<tr><td>$email</td><td>$username</td><td>$fullname</td><td>$ugroups</td><td>$ogroups</td><td>$desc</td><td>$globaladmin</td><td>$status</td></tr>";
}
echo "</table>";
// group part of table
echo "<table border=\"1\">";
- echo "<tr><th>Group Name</th><th>Owner</th><th>Global Admin Group?</th></tr>";
+
+ switch($LOGIN_TYPE) {
+ case "anon":
+ echo "<tr><th>Group Name</th><th>Owner</th></tr>";
+ break;
+ case "admin":
+ echo "<tr><th>Group Name</th><th>Owner</th><th>Admin Group?</th></tr>";
+ break;
+ case "user":
+ echo "<tr><th>Group Name</th><th>Owner</th><th>Admin Group?</th></tr>";
+ break;
+ }
+
foreach($groups as $u_groups) {
/*
* $returns[$rn]["id"] = $u_res["groups_id"];
$owner = gwvp_getUserEmail($u_groups["ownerid"]);
if($u_groups["admin"]) $gadmin = "Yes";
else $gadmin = "No";
- echo "<tr><td>$gname</td><td>$owner</td><td>$gadmin</td></tr>";
+
+ switch($LOGIN_TYPE) {
+ case "anon":
+ echo "<tr><td>$gname</td><td>$owner</td></tr>";
+ break;
+ case "admin":
+ echo "<tr><td>$gname</td><td>$owner</td><td>$gadmin</td></tr>";
+ break;
+ case "user":
+ echo "<tr><td>$gname</td><td>$owner</td><td>$gadmin</td></tr>";
+ break;
+ }
+
+
}
echo "</table>";
echo "</td></tr></table>";
echo "</td></tr>";
}
- echo "<tr width=\"100%\"><td>";
+ echo "<tr width=\"100%\" bgcolor=\"#fff0f0\"><td>";
gwvp_MenuBuilder();
echo "</td><td align=\"right\">";
gwvp_LoginBuilder();
ksort($MENU_ITEMS);
- echo "<table border=\"1\"><tr><td>Menu</td>";
+ echo "<table border=\"1\"><tr><td><b><i>Menu</i></b></td>";
foreach($MENU_ITEMS as $key => $val) {
$link = $val["link"];
$text = $val["text"];
- echo "<td><a href=\"$link\">$text</a></td>";
+ if(isset($val["userlevel"])) {
+ if(gwvp_CheckAuthLevel($val["userlevel"])) {
+ echo "<td><a href=\"$link\">$text</a></td>";
+ }
+
+ } else {
+ echo "<td><a href=\"$link\">$text</a></td>";
+ }
}
echo "</tr></table>";
if($login === false) {
gwvp_SingleLineLoginForm();
} else {
- echo "Hello, ".gwvp_GetFullName($login);
+ echo "Hello, ".gwvp_GetFullName($login)." <a href=\"$BASE_URL/logout\">logout</a>";
}
}
<?php
// the config file, this is as exciting as it gets really
-$repo_base = "/tmp/gwvp-repos/";
-$lib_base = "../gwvplib/";
-$data_directory = "../data";
+$repo_base = "/some/path/to/a/location/where/repos/are/stored";
+$lib_base = "../gwvplib/"; // generally this will be correct
+$data_directory = "/some/path/to/a/location/where/the/data/the/website/uses/can/be/stored";
$db_type = "sqlite"; // could be mysql or pgsql - but not yet
$db_name = "$data_directory/gwvp.db"; // just a file for sqlite, for anything else is a pdo url without driver, i.e. host=localhost;dbname=whatever;user=asdf;password=asdf
+$db_host = "";
$db_username = "";
$db_password = "";
projects / gwvp.git / commitdiff