From: paulr Date: Sun, 6 Nov 2011 14:54:06 +0000 (+1100) Subject: Added some form validation bits, with the ability to return posts back X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=5a23c888fac7fa841467950e23e123afa1352024;p=gwvp.git Added some form validation bits, with the ability to return posts back to whence they came Added an awesome star i made in gimp in 10 seconds to point out faulty form values. --- diff --git a/gwvplib/gwvpdatabase.php b/gwvplib/gwvpdatabase.php index 7338e68..172ffbb 100644 --- a/gwvplib/gwvpdatabase.php +++ b/gwvplib/gwvpdatabase.php @@ -19,7 +19,7 @@ function gwvp_dbCreateSQLiteStructure($dbloc) "user_username" TEXT, "user_email" TEXT, "user_desc" TEXT, - "user_status" INTEGER + "user_status" TEXT )'; $groupsql = ' @@ -79,6 +79,51 @@ function gwvp_dbCreateSQLiteStructure($dbloc) $DB_CONNECTION->query($groupmemsql); } +function gwvp_GetUserStatus($userid) +{ + $conn = gwvp_ConnectDB(); + + $sql = "select user_status from users where users_id='$userid'"; + + $res = $conn->query($sql); + + $return = null; + foreach($res as $val) { + $spl = explode(";", $val); + + $return["statusid"] = $spl[0]; + $return["extstatus"] = $spl[1]; + } + +} + +function gwvp_SetUserStatus($userid, $status, $extendedstatus=null) +{ + /* + * user statues + * 0 - all good + * 1 - locked + * 2 - password locked + * 3 - awaiting registration completion + * 4 - awaiting password reset + * where use status = 3,4 the key for unlock is set as the extended status + * i.e. if a user goes thru registration, when the validation email gets to + * them they'll have a key in their email (128 or 256 bit), thats what + * the extended status field is used for + */ + + $conn = gwvp_ConnectDB(); + + if($extendedstatus != null) { + $sql = "update users set user_status='$status;$extendedstatus' where users_id='$userid'"; + } else { + $sql = "update users set user_status='$status;0' where users_id='$userid'"; + } + + return $conn->query($sql); + +} + function gwvp_forceDisconnect() { @@ -426,7 +471,7 @@ function gwvp_getGroupId($groupname) return $return; } -function gwvp_getGroup($gid) +function gwvp_getGroup($gid = null, $gname = null) { /* * $groupsql = ' @@ -440,7 +485,11 @@ function gwvp_getGroup($gid) */ $conn = gwvp_ConnectDB(); - $sql = "select * from groups where groups_id='$gid'"; + if($gid != null) { + $sql = "select * from groups where groups_id='$gid'"; + } else if ($gname != null) { + $sql = "select * from groups where groups_name='$gname'"; + } else return false; $res = $conn->query($sql); $return = false; diff --git a/gwvplib/gwvpinputcheck.php b/gwvplib/gwvpinputcheck.php index 59de285..5b16154 100644 --- a/gwvplib/gwvpinputcheck.php +++ b/gwvplib/gwvpinputcheck.php @@ -9,4 +9,16 @@ function gwvp_checkEmail($email) else return true; } +// TODO: need to write this +function gwvp_stripDescription($desc) +{ + // this doesnt work yet + //$match = preg_replace("/^[a-zA-Z0-9\+]+@[a-zA-Z0-9\.]+$/", $email); + + //if($match != 1) return false; + //else return true; + + return $desc; +} + ?> \ No newline at end of file diff --git a/gwvplib/gwvpuseradmin.php b/gwvplib/gwvpuseradmin.php index 1d7e86d..19f4c71 100644 --- a/gwvplib/gwvpuseradmin.php +++ b/gwvplib/gwvpuseradmin.php @@ -56,6 +56,51 @@ function gwvp_AddUserPage() $username = $_REQUEST["username"]; $desc = $_REQUEST["desc"]; + // now for some validation + $sendback = false; + $message = ""; + if(!gwvp_checkEmail($email)) { + $sendback = true; + $message .= "EMail address invalid. "; + } + + // function gwvp_getUser($username=null, $email=null, $id=null) + if(gwvp_getUser(null, $email, null)!=null) { + $staremail = true; + $sendback = true; + $message .= "EMail address already registered. "; + } + + if(gwvp_getUser($username)!= null) { + $starusername = true; + $sendback = true; + $message .= "Username already exists. "; + } + + if($pass1 != $pass2) { + $starpass = true; + $sendback = true; + $message .= "Passwords dont match. "; + } + + // otherwise, its all good, proceed with user creation + if($sendback) { + $_SESSION["sendback_owner"] = "users"; + $sb["email"] = $email; + if($staremail) $sb["emailstar"] = true; + $sb["fullname"] = $fullname; + $sb["username"] = $username; + if($starusername) $sb["usernamestar"] = true; + $sb["desc"] = $desc; + if($starpass) $sb["passwordstar"] = true; + + $_SESSION["sendback"] = true; + $_SESSION["sendback_data"] = base64_encode(serialize($sb)); + gwvp_SendMessage("error", "$message"); + header("Location: $BASE_URL/admin/users"); + return; + } + // TODO: we need to do alot of checking here - that can come later if(gwvp_createUser($email, $fullname, $pass1, $username, $desc, 0)) { gwvp_SendMessage("info", "user $username, $fullname ($email) created"); @@ -89,11 +134,42 @@ function gwvp_AddGroupPage() */ global $BASE_URL; + /* + * $presetname = " value=\"".$data["groupname"]."\""; + $presetdesc = " value=\"".$data["groupdesc"]."\""; + $presetgroupadmin = " ".$data["admingroup"]."\""; + $presetowner = " value=\"".$data["groupowner"]."\""; + + */ + $gname = $_REQUEST["groupname"]; $isadmin = isset($_REQUEST["admingroup"]); $gdesc = $_REQUEST["groupdesc"]; $owner = $_REQUEST["groupowner"]; + //gwvp_getGroup($gid = null, $gname = null) + if($isadmin) error_log("admin true"); + else error_log("admin not true"); + + if(gwvp_getGroup(null, $gname)) { + $_SESSION["sendback_owner"] = "groups"; + $_SESSION["sendback"] = true; + + $data["groupname"] = $gname; + $data["groupdesc"] = $gdesc; + $data["groupowner"] = $owner; + if($isadmin) $data["admingroup"] = "checked"; + //else $data["admingroup"] = ""; + $data["groupnamestar"] = true; + + gwvp_SendMessage("error", "Group name in use"); + + $_SESSION["sendback_data"] = base64_encode(serialize($data)); + + header("Location: $BASE_URL/admin/users"); + return; + } + // gwvp_createGroup($group_name, $is_admin, $owner_id) gwvp_createGroup("$gname", $gdesc, $isadmin, $owner); // we also need to add the owner to the group @@ -309,6 +385,45 @@ function gwvp_UserAdminPageBody() // admin only bit if($LOGIN_TYPE == "admin") { + $data = null; + + $staremail = ""; + $starpass = ""; + $starusername = ""; + $presetemail = ""; + $presetfullname = ""; + $presetdesc = ""; + $presetusername = ""; + + if(isset($_SESSION["sendback_owner"])) { + if($_SESSION["sendback_owner"] == "users") { + /* + * $sb["email"] = $email; + if($staremail) $sb["emailstar"] = true; + $sb["fullname"] = $fullname; + $sb["username"] = $username; + if($starusername) $sb["usernamestar"] = true; + $sb["desc"] = $desc; + if($starpass) $sb["passwordstar"] = true; + + */ + $data = unserialize(base64_decode($_SESSION["sendback_data"])); + + $presetemail = " value=\"".$data["email"]."\""; + $presetfullname = " value=\"".$data["fullname"]."\""; + $presetusername = " value=\"".$data["username"]."\""; + $presetdesc = " value=\"".$data["desc"]."\""; + + if(isset($data["emailstar"])) $staremail = ""; + if(isset($data["usernamestar"])) $starusername = ""; + if(isset($data["passwordstar"])) $starpass = ""; + + unset($_SESSION["sendback"]); + unset($_SESSION["sendback_data"]); + unset($_SESSION["sendback_owner"]); + } + } + echo "

Create User

Create Group

"; // create user bit @@ -316,31 +431,68 @@ function gwvp_UserAdminPageBody() echo "
"; echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; echo ""; echo "
EMailFull Name
PasswordPassword Confirm
UsernameDescription
EMail$staremailFull Name
Password$starpassPassword Confirm$starpass
Username$starusernameDescription
"; echo "
"; echo ""; + $stargroupname = ""; + $presetname = ""; + $presetgroupadmin = ""; + $presetowner = -1; + + if(isset($_SESSION["sendback_owner"])) { + if($_SESSION["sendback_owner"] == "groups") { + /* + * $sb["email"] = $email; + if($staremail) $sb["emailstar"] = true; + $sb["fullname"] = $fullname; + $sb["username"] = $username; + if($starusername) $sb["usernamestar"] = true; + $sb["desc"] = $desc; + if($starpass) $sb["passwordstar"] = true; + + */ + $data = unserialize(base64_decode($_SESSION["sendback_data"])); + + $presetname = " value=\"".$data["groupname"]."\""; + $presetdesc = " value=\"".$data["groupdesc"]."\""; + $presetgroupadmin = " ".$data["admingroup"]; + $presetowner = $data["groupowner"]; + + if(isset($data["groupnamestar"])) $stargroupname = ""; + + unset($_SESSION["sendback"]); + unset($_SESSION["sendback_data"]); + unset($_SESSION["sendback_owner"]); + } + } + // Create group echo "
"; echo ""; - echo ""; - echo ""; - echo ""; + echo ""; + echo ""; + echo ""; echo ""; diff --git a/www/images/star.jpg b/www/images/star.jpg new file mode 100644 index 0000000..8bb9bcd Binary files /dev/null and b/www/images/star.jpg differ
Group Name
Group Description
Admin Group?
Group Name$stargroupname
Group Description
Admin Group?
Owner