From 3dd9dc99f86e65eaf029f37329614dd2d06cea26 Mon Sep 17 00:00:00 2001 From: paulr Date: Thu, 3 Nov 2011 03:31:40 +1100 Subject: [PATCH] implemented authentication levels of anon,user,admin and setup the user admin page to support them as well as the menu items components. Also made the menu bar a different colour - an ugly colour - need to implement css properly really. --- gwvplib/gwvpauth.php | 107 ++++++++++++++++++++---- gwvplib/gwvpconfig.php | 11 ++- gwvplib/gwvpdatabase.php | 48 ++++++++++- gwvplib/gwvpdebug.php | 12 +++- gwvplib/gwvpuseradmin.php | 200 +++++++++++++++++++++++++++++++-------------- gwvplib/gwvpweb.php | 15 +++- www/config-dist.php | 7 +- 7 files changed, 305 insertions(+), 95 deletions(-) diff --git a/gwvplib/gwvpauth.php b/gwvplib/gwvpauth.php index 73107e5..09be32d 100644 --- a/gwvplib/gwvpauth.php +++ b/gwvplib/gwvpauth.php @@ -1,21 +1,63 @@ -
+ - - - - + + + + + + + + + + + + + + + + + +
NameYour Full Name
EmailYour Email Address
User NameThe Name Used to Refer to you on the site
NameYour Full Name
EmailYour Email Address
User NameThe Name Used to Refer to you on the site
-
+ Username "; echo " Passowrd "; if(gwvp_IsRegistrationEnabled()) echo "Register"; diff --git a/gwvplib/gwvpconfig.php b/gwvplib/gwvpconfig.php index 2c04eab..4ebfb42 100644 --- a/gwvplib/gwvpconfig.php +++ b/gwvplib/gwvpconfig.php @@ -1,10 +1,14 @@ +
Allow User Registration
Allow User Created Groups
diff --git a/gwvplib/gwvpdatabase.php b/gwvplib/gwvpdatabase.php index 267a6e0..56b5247 100644 --- a/gwvplib/gwvpdatabase.php +++ b/gwvplib/gwvpdatabase.php @@ -126,6 +126,33 @@ function gwvp_createUser($email, $fullname, $password, $username, $desc, $status */ } +function gwvp_getUser($username=null, $email=null, $id=null) +{ + $conn = gwvp_ConnectDB(); + + if($username != null) { + $res = $conn->query("select * from users where user_username='$username'"); + } else if($email != null) { + $res = $conn->query("select * from users where user_email='$email'"); + } else if($id != null) { + $res = $conn->query("select * from users where users_id='$id'"); + } else return false; + + $returns = false; + foreach($res as $u_res) { + $returns["id"] = $u_res["users_id"]; + $returns["fullname"] = $u_res["user_full_name"]; + $returns["password"] = $u_res["user_password"]; + $returns["username"] = $u_res["user_username"]; + $returns["email"] = $u_res["user_email"]; + $returns["desc"] = $u_res["user_desc"]; + $returns["status"] = $u_res["user_status"]; + } + + return $returns; + +} + function gwvp_getUsers() { $conn = gwvp_ConnectDB(); @@ -311,11 +338,15 @@ function gwvp_getGroupId($groupname) return $return; } -function gwvp_getUserId($useremail) +function gwvp_getUserId($useremail=null, $username = null) { $conn = gwvp_ConnectDB(); - $sql = "select users_id from users where user_email='$useremail'"; + if($useremail != null) { + $sql = "select users_id from users where user_email='$useremail'"; + } else if($username != null) { + $sql = "select users_id from users where user_username='$username'"; + } else return false; $res = $conn->query($sql); $return = false; @@ -388,12 +419,19 @@ function gwvp_IsGroupMember($email, $groupname) if($result == 1) return true; } -function gwvp_IsUserAdmin($email) +function gwvp_IsUserAdmin($email=null, $username = null) { $conn = gwvp_ConnectDB(); - $id = gwvp_getUserId($email); - $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'"; + + // TODO: clean this up, this should be a single query - idiot + if($email != null) { + $id = gwvp_getUserId($email); + $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'"; + } else if($username != null) { + $id = gwvp_getUserId(null, $username); + $sql = "select groupmember_groupid from group_membership where groupmember_userid='$id'"; + } else return false; $res = $conn->query($sql); $rn = 0; diff --git a/gwvplib/gwvpdebug.php b/gwvplib/gwvpdebug.php index 47e630f..3793e31 100644 --- a/gwvplib/gwvpdebug.php +++ b/gwvplib/gwvpdebug.php @@ -6,9 +6,10 @@ $MENU_ITEMS["999debug"]["link"] = "$BASE_URL/debug"; function gwvp_DebugEnabled() { - global $BASE_URL; + global $BASE_URL, $LOGIN_TYPE; echo "
";
+	echo "USERTYPE: $LOGIN_TYPE\n";
 	echo "BASEURL: $BASE_URL\n";
 	echo "CUSTOM\n";
 	echo "\n\nserver\n";
@@ -86,6 +87,15 @@ function gwvp_DebugCall()
 					global $db_name;
 					unlink("$db_name");
 					gwvp_dbCreateSQLiteStructure("$db_name");
+					//gwvp_createGroup($group_name, $is_admin, $owner_id)
+					//gwvp_createUser($email, $fullname, $password, $username, $desc, $status)
+					//gwvp_addGroupMember($email, $groupname)
+					gwvp_createUser("admin@localhost", "adminer", "password", "admin", "initial admin user", 0);
+					gwvp_createGroup("admingroup", 1, gwvp_getUserId("admin@localhost"));
+					gwvp_addGroupMember("admin@localhost", "admingroup");
+					gwvp_createUser("user@localhost", "userer", "password", "user", "initial pleb user", 0);
+					gwvp_createGroup("usergroup", 0, gwvp_getUserId("user@localhost"));
+					gwvp_addGroupMember("user@localhost", "usergroup");
 					gwvp_SendMessage("info", "blank db re-created");
 					header("Location: $BASE_URL/debug");
 					break;
diff --git a/gwvplib/gwvpuseradmin.php b/gwvplib/gwvpuseradmin.php
index e282fd0..5fe0442 100644
--- a/gwvplib/gwvpuseradmin.php
+++ b/gwvplib/gwvpuseradmin.php
@@ -26,74 +26,105 @@ function gwvp_UserAdminPage()
 
 function gwvp_UserAdminPageBody()
 {
+	global $LOGIN_TYPE;
+	
 	$groups = gwvp_getGroups();
 	$users = gwvp_getUsers();
 	
-	echo "

User/Group Administration

"; + echo "

Users and Groups

"; echo "On this page you can manage users, groups, group membership and update your profile
"; echo ""; - // Header part of table - echo ""; - - echo ""; - // user profile bit - echo ""; - - // now the group bit for the user - echo ""; - echo ""; + echo ""; - echo ""; - - // create user bit - echo ""; + + echo ""; + // user profile bit + echo ""; + + // now the group bit for the user + echo ""; + echo ""; + + echo ""; + } - // Create group - echo ""; - echo "

My Profile

My Groups

"; - echo "User profile bits go here"; - echo ""; - echo "User owned groups, and groups their a member of go here"; - echo "

Users

Groups

"; - - echo "Create User
"; - echo "
"; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo ""; - echo "
EMailFull Name
PasswordPassword Confirm
UsernameDescription
"; - echo "
"; - - echo "
"; + // Header part of table + // user self-management bit + if($LOGIN_TYPE != "anon") { + echo "

My Profile

My Groups

"; + echo "User profile bits go here"; + echo ""; + echo "User owned groups, and groups their a member of go here"; + echo "

"; - echo ""; - echo ""; - echo ""; + + // create user bit + echo ""; + echo ""; } - echo ""; - echo ""; - echo "
Group Name
Admin Group?
Owner

Create User

Create Group

"; + + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo "
EMailFull Name
PasswordPassword Confirm
UsernameDescription
"; + echo ""; + + echo "
"; + + // Create group + echo "
"; + echo ""; + echo ""; + echo ""; + echo ""; + + + + echo ""; + echo "
Group Name
Admin Group?
Owner
"; + echo "
"; + + + echo "

"; - echo ""; - echo ""; + // TODO: whats seen here will depend GREATLY on setting in config - need to fix this later // user list + echo "

Users

Groups

"; + echo ""; echo ""; - echo ""; + switch($LOGIN_TYPE) { + case "anon": + echo ""; + break; + case "admin": + echo ""; + break; + case "user": + echo ""; + break; + } + /* * $returns[$rn]["id"] = $u_res["users_id"]; $returns[$rn]["fullname"] = $u_res["user_full_name"]; @@ -116,23 +147,43 @@ function gwvp_UserAdminPageBody() $globaladmin = "No"; } + + // TODO: sort out group prints here $ingroups = gwvp_getGroupsForUser($email); - $ugroups = ""; - foreach($ingroups as $grname) { - $ugroups .= "$grname
"; - } - trim($ugroups); $ownedgroups = gwvp_getGroupsOwnedByUser($email); - $ogroups = ""; + $ugroups = ""; if($ownedgroups == false) $ogroups = "-"; else { foreach($ownedgroups as $gr_u) { - $ogroups .= "$gr_u "; + $ugroups .= "$gr_u
"; + } + } + trim($ugroups); + + + foreach($ingroups as $grname) { + $isownedgroup = false; + foreach($ownedgroups as $gr_u) { + if($grname == $gr_u) $isownedgroup = true; } + if(!$isownedgroup) $ugroups .= "$grname
"; } + trim($ugroups); + + switch($LOGIN_TYPE) { + case "anon": + echo ""; + break; + case "admin": + echo ""; + break; + case "user": + echo ""; + break; + } + - echo ""; } echo "
EMailUsernameFull NameIn GroupsOwns GroupsDescriptionAdmin?Status
UsernameGroupsDescription
EMailUsernameFull NameGroupsDescriptionAdmin?StatusModify
UsernameGroupsDescription
$username$ugroups$desc
$email$username$fullname$ugroups$desc$globaladmin$status
$username$ugroups$desc
$email$username$fullname$ugroups$ogroups$desc$globaladmin$status
"; @@ -141,7 +192,19 @@ function gwvp_UserAdminPageBody() // group part of table echo ""; - echo ""; + + switch($LOGIN_TYPE) { + case "anon": + echo ""; + break; + case "admin": + echo ""; + break; + case "user": + echo ""; + break; + } + foreach($groups as $u_groups) { /* * $returns[$rn]["id"] = $u_res["groups_id"]; @@ -156,7 +219,20 @@ function gwvp_UserAdminPageBody() $owner = gwvp_getUserEmail($u_groups["ownerid"]); if($u_groups["admin"]) $gadmin = "Yes"; else $gadmin = "No"; - echo ""; + + switch($LOGIN_TYPE) { + case "anon": + echo ""; + break; + case "admin": + echo ""; + break; + case "user": + echo ""; + break; + } + + } echo "
Group NameOwnerGlobal Admin Group?
Group NameOwner
Group NameOwnerAdmin Group?
Group NameOwnerAdmin Group?
$gname$owner$gadmin
$gname$owner
$gname$owner$gadmin
$gname$owner$gadmin
"; echo ""; diff --git a/gwvplib/gwvpweb.php b/gwvplib/gwvpweb.php index 01215ab..8607e07 100644 --- a/gwvplib/gwvpweb.php +++ b/gwvplib/gwvpweb.php @@ -94,7 +94,7 @@ function gwvp_goMainPage($bodyFunction = null) echo ""; } - echo ""; + echo ""; gwvp_MenuBuilder(); echo ""; gwvp_LoginBuilder(); @@ -151,11 +151,18 @@ function gwvp_MenuBuilder() ksort($MENU_ITEMS); - echo ""; + echo "
Menu
"; foreach($MENU_ITEMS as $key => $val) { $link = $val["link"]; $text = $val["text"]; - echo ""; + if(isset($val["userlevel"])) { + if(gwvp_CheckAuthLevel($val["userlevel"])) { + echo ""; + } + + } else { + echo ""; + } } echo "
Menu$text$text$text
"; @@ -169,7 +176,7 @@ function gwvp_LoginBuilder() if($login === false) { gwvp_SingleLineLoginForm(); } else { - echo "Hello, ".gwvp_GetFullName($login); + echo "Hello, ".gwvp_GetFullName($login)." logout"; } } diff --git a/www/config-dist.php b/www/config-dist.php index 51b9ddc..7a57d2a 100644 --- a/www/config-dist.php +++ b/www/config-dist.php @@ -1,11 +1,12 @@