From e39e4b8b84f6f8662af51b3b57c333dff0e3945b Mon Sep 17 00:00:00 2001 From: Paul J R Date: Thu, 20 Sep 2012 06:41:01 +1000 Subject: [PATCH] added user registration confirmation, email "from" setting, lots of other little registration components added user delete from admin page --- gwvpmini/gwvpmini.php | 1 + gwvpmini/gwvpmini_admin.php | 171 ++++++++++++++++++++++++++++++++++++- gwvpmini/gwvpmini_auth.php | 7 +- gwvpmini/gwvpmini_db.php | 39 ++++++++- gwvpmini/gwvpmini_gitrepo.php | 2 +- gwvpmini/gwvpmini_register.php | 183 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 393 insertions(+), 10 deletions(-) create mode 100644 gwvpmini/gwvpmini_register.php diff --git a/gwvpmini/gwvpmini.php b/gwvpmini/gwvpmini.php index 8c510b6..42538f1 100644 --- a/gwvpmini/gwvpmini.php +++ b/gwvpmini/gwvpmini.php @@ -8,6 +8,7 @@ require_once("gwvpmini_gitrepo.php"); require_once("gwvpmini_search.php"); require_once("gwvpmini_gitbackend.php"); require_once("gwvpmini_view.php"); +require_once("gwvpmini_register.php"); require_once("gwvpmini_user.php"); if(gwvpmini_isLoggedIn()) if(gwvpmini_isUserAdmin()) { require_once("gwvpmini_admin.php"); diff --git a/gwvpmini/gwvpmini_admin.php b/gwvpmini/gwvpmini_admin.php index e289d45..7078542 100644 --- a/gwvpmini/gwvpmini_admin.php +++ b/gwvpmini/gwvpmini_admin.php @@ -6,6 +6,8 @@ if(gwvpmini_isLoggedIn()) if(gwvpmini_isUserAdmin()) { $CALL_ME_FUNCTIONS["admin"] = "gwvpmini_AdminCallMe"; } + + function gwvpmini_AdminCallMe() { @@ -18,7 +20,22 @@ function gwvpmini_AdminCallMe() if(isset($qspl[1])) { if($qspl[1] == "user") { return "gwvpmini_AdminUserCreate"; + } + if($qspl[1] == "changereg") { + return "gwvpmini_ChangeRegistration"; + } + if($qspl[1] == "changeconfirm") { + return "gwvpmini_ChangeRegConfig"; + } + if($qspl[1] == "changefromemail") { + return "gwvpmini_ChangeFromAddress"; + } + if($qspl[1] == "removeuser") { + return "gwvpmini_RemoveUserPage"; } + if($qspl[1] == "confremoveuser") { + return "gwvpmini_ConfRemoveUser"; + } } else { error_log("i got here, where next?"); return "gwvpmini_AdminMainPage"; @@ -31,6 +48,12 @@ function gwvpmini_AdminCallMe() return false; } +function gwvpmini_RemoveUserPage() +{ + gwvpmini_goMainPage("gwvpmini_RemoveUserPageBody"); + +} + function gwvpmini_AdminMainPage() { gwvpmini_goMainPage("gwvpmini_AdminMainPageBody"); @@ -39,20 +62,56 @@ function gwvpmini_AdminMainPage() function gwvpmini_AdminMainPageBody() { global $BASE_URL; + global $can_register, $reg_reqs_confirm, $confirm_from_address; + + if($can_register) { + $register = "Registration Enabled (Disable)"; + } else { + $register = "Registration Disabled (Enable)"; + } + if($reg_reqs_confirm) { + $regconfirm = "Registration Requires Confirmation (Disable)"; + } else { + $regconfirm = "Registration Doesnt Require Confirmation (Enable)"; + } $totalusers = gwvpmini_GetNUsers(); echo "
"; echo "

Users - $totalusers

"; + echo "$register
$regconfirm
"; + echo "
"; + echo "Address emails are sent from
"; + echo "
"; + echo ""; - echo ""; + echo ""; foreach(gwvpmini_GetUsers() as $key => $val) { $id = $key; $un = $val["username"]; $em = $val["email"]; $fn = $val["fullname"]; $ds = $val["desc"]; + $st_t = $val["status"]; + $st_l = $val["level"]; + + $level = "WTF"; + if($st_l == 0) $level = "User"; + if($st_l == 1) $level = "Admin"; + + $status = ""; + if($st_t[0] == "1") { + $status = ", disabled"; + } + if($st_t[0] == "2") { + $vl = explode(":", $st_t); + error_log("VL: ".print_r($vl, true)); + $status = " Awaiting Confirmation (Confirm)"; + } + + $st = "$level$status"; + $unlval = "$un"; - echo ""; + echo ""; } @@ -62,8 +121,8 @@ function gwvpmini_AdminMainPageBody() echo ""; echo "
UsernameEmail AddressFull NameDescriptionControl
UsernameEmail AddressFull NameDescriptionStatusControl
$unlval$em$fn$dsRemove Disable
$unlval$em$fn$ds$stRemove Disable
"; echo ""; - echo ""; - echo ""; + echo ""; + echo ""; echo ""; echo ""; echo ""; @@ -127,4 +186,108 @@ function gwvpmini_AdminUserCreate() return; } + + +function gwvpmini_ChangeRegistration() +{ + global $can_register, $BASE_URL; + + if($can_register) { + gwvpmini_setConfigVal("canregister", "0"); + gwvpmini_SendMessage("info", "Registration disabled"); + } else { + gwvpmini_setConfigVal("canregister", "1"); + gwvpmini_SendMessage("info", "Registration enabled"); + } + + header("Location: $BASE_URL/admin"); +} + + +function gwvpmini_ChangeRegConfig() +{ + global $reg_reqs_confirm, $BASE_URL; + + if($reg_reqs_confirm) { + gwvpmini_setConfigVal("registerrequiresconfirm", "0"); + gwvpmini_SendMessage("info", "Registration Confirmation disabled"); + } else { + gwvpmini_setConfigVal("registerrequiresconfirm", "1"); + gwvpmini_SendMessage("info", "Registration Confirmation enabled"); + } + + header("Location: $BASE_URL/admin"); +} + +function gwvpmini_ChangeFromAddress() +{ + global $BASE_URL; + + $newfrom = $_REQUEST["fromemail"]; + + gwvpmini_setConfigVal("eamilfromaddress", "$newfrom"); + gwvpmini_SendMessage("info", "Email from address updated to \"$newfrom\""); + + header("Location: $BASE_URL/admin"); + +} + +function gwvpmini_RemoveUserPageBody() +{ + global $BASE_URL; + + $uid = -1; + if(isset($_REQUEST["q"])) { + $query = $_REQUEST["q"]; + $qspl = explode("/", $query); + if(isset($qspl[2])) { + $uid = $qspl[2]; + } + } + + if($uid != -1) { + $details = gwvpmini_GetUsers($uid, 1); + $username = $details[$uid]["username"]; + $fullname = $details[$uid]["fullname"]; + $email = $details[$uid]["email"]; + $desc = $details[$uid]["desc"]; + + error_log("user dets:".print_r($details, true)); + + echo "

Remove User?

"; + echo "Are you sure you wish to remove the user, $username ($uid) - $fullname - $email - $desc?
"; + echo "YesNo
"; + } else { + echo "

How?

"; + echo "You got here in a weird way or the uid of the user you were trying to delete is invalid
"; + echo "Go Back"; + } + +} + +function gwvpmini_ConfRemoveUser() +{ + global $BASE_URL; + + $uid = -1; + if(isset($_REQUEST["q"])) { + $query = $_REQUEST["q"]; + $qspl = explode("/", $query); + if(isset($qspl[2])) { + $uid = $qspl[2]; + } + } + + if($uid > 0) { + $details = gwvpmini_getUser(null, null, $uid); + $uname = $details["username"]; + gwvpmini_RemoveUser($uid); + gwvpmini_SendMessage("info", "User $uname ($uid) has been removed"); + } else { + gwvpmini_SendMessage("info", "Problem deleteing user with uid $uid"); + } + + header("Location: $BASE_URL/admin"); +} + ?> \ No newline at end of file diff --git a/gwvpmini/gwvpmini_auth.php b/gwvpmini/gwvpmini_auth.php index be5e410..f54bd13 100644 --- a/gwvpmini/gwvpmini_auth.php +++ b/gwvpmini/gwvpmini_auth.php @@ -70,15 +70,16 @@ function gwvpmini_SingleLineLoginForm() global $BASE_URL; echo "Username "; - echo " Passowrd "; + echo " Passowrd "; if(gwvpmini_IsRegistrationEnabled()) echo "Register"; - else echo "
"; + else echo ""; } function gwvpmini_IsRegistrationEnabled() { - return true; + global $can_register; + return $can_register; } function gwvpmini_isLoggedIn() diff --git a/gwvpmini/gwvpmini_db.php b/gwvpmini/gwvpmini_db.php index cf3e0fd..5ce6b9a 100644 --- a/gwvpmini/gwvpmini_db.php +++ b/gwvpmini/gwvpmini_db.php @@ -53,6 +53,17 @@ function gwvpmini_getUser($username=null, $email=null, $id=null) return $returns; +} + +function gwvpmini_RemoveUser($uid) +{ + $conn = gwvpmini_ConnectDB(); + + if($uid < 0) return; + + $sql = "delete from users where user_id='$uid'"; + + return $conn->query($sql); } function gwvpmini_ConnectDB() @@ -86,6 +97,27 @@ function gwvpmini_ConnectDB() return $DB_CONNECTION; } +function gwvpmini_UpdateStatusFromConfirm($confirmhash) +{ + $conn = gwvpmini_ConnectDB(); + + $sql = "select count(*) from users where user_status='2:$confirmhash'"; + + $res = $conn->query($sql); + + if(!$res) return false; + + foreach($res as $row) { + $retval = $row[0]; + } + + if($retval > 0) { + $sql = "update users set user_status='0' where user_status='2:$confirmhash'"; + return $conn->query($sql); + } else return false; +} + + function gwvpmini_AddUser($username, $password, $fullname, $email, $desc, $level, $status) { @@ -330,7 +362,10 @@ function gwvpmini_setConfigVal($confname, $confval) */ gwvpmini_eraseConfigVal($confname); - $conn = gwvpmini_ConnectDB(); + $conn = gwvpmini_ConnectDB(); + + $sql = "delete from config where config_name='$confname'"; + $conn->query($sql); $sql = "insert into config values('$confname', '$confval')"; @@ -447,7 +482,7 @@ function gwvpmini_GetUsers($startat = 0, $num = 10) */ - $sql = "select * from users where user_id>'$startat' order by user_id asc limit $num"; + $sql = "select * from users where user_id>='$startat' order by user_id asc limit $num"; $res = $conn->query($sql); diff --git a/gwvpmini/gwvpmini_gitrepo.php b/gwvpmini/gwvpmini_gitrepo.php index 8ad5725..a120da4 100644 --- a/gwvpmini/gwvpmini_gitrepo.php +++ b/gwvpmini/gwvpmini_gitrepo.php @@ -53,8 +53,8 @@ function gwvpmini_RepoMainPageBody() { global $BASE_URL; - gwvpmini_GitCreateRepoForm(); if(gwvpmini_isLoggedIn()) { + gwvpmini_GitCreateRepoForm(); $repos = gwvpmini_GetOwnedRepos($_SESSION["username"]); if(!$repos) { echo "You currently own no repos
"; diff --git a/gwvpmini/gwvpmini_register.php b/gwvpmini/gwvpmini_register.php new file mode 100644 index 0000000..4fdd90e --- /dev/null +++ b/gwvpmini/gwvpmini_register.php @@ -0,0 +1,183 @@ +Registration"; + echo "Complete the following form for registration
"; + if($reg_reqs_confirm) { + echo "Email address will be confirmed after this form is completed, so make sure its available and viewable
"; + } + echo ""; + echo "
Username
Password
Confirm Password
Password
Confirm Password
Full Name
Description
Email
"; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo ""; + echo "
Name to go by (full name/nickname/etc)
Username (desired username for login)
Password
Confirm Password
Description of yourself
Email
Confirm Email
"; + echo ""; + +} + +function gwvpmini_RegisterUser() +{ + global $can_register, $BASE_URL, $reg_reqs_confirm; + + $reg_succeeded = true; + $failed_error = "oops"; + + $uname = $_REQUEST["username"]; + $fname = $_REQUEST["fullname"]; + $pass1 = $_REQUEST["password"]; + $pass2 = $_REQUEST["confpassword"]; + $email1 = $_REQUEST["email"]; + $email2 = $_REQUEST["confemail"]; + $desc = $_REQUEST["desc"]; + + if($pass1 != $pass2) { + $failed_error = "Password and confirmation password differ (hit back to try again)"; + $reg_succeeded = false; + } + + if($email1 != $email2) { + $failed_error = "email and confirmation email differ (hit back to try again)"; + $reg_succeeded = false; + } + + if(gwvpmini_GetUserId($uname) !== false) { + $failed_error = "Username already in use (hit back and try a new one)"; + $reg_succeeded = false; + } + + if(!$reg_succeeded) { + gwvpmini_SendMessage("error", $failed_error); + } else { + //function gwvpmini_AddUser($username, $password, $fullname, $email, $desc, $level, $status) + if($reg_reqs_confirm) { + $hash = gwvpmini_GenerateHash(); + $s = "2:$hash"; + gwvpmini_SendMessage("info", "An email has been sent to the registered email address with details to continue the registration process $hash"); + } else { + gwvpmini_SendMessage("info", "Congratulations, you are now registered, login to continue"); + $s = 0; + } + + gwvpmini_AddUser($uname, $pass1, $fname, $email1, $desc, 0, $s); + + } + + header("Location: $BASE_URL"); +} + +function gwvpmini_GenerateHash() +{ + $hashlen = 64; + $hashchars = "abcdefghijlkmnopqrstuvwxyz01234567890"; + + $hash = ""; + for($i=0; $i<$hashlen; $i++) { + $hash .= $hashchars[rand(0,strlen($hashchars)-1)]; + } + + return $hash; +} + +function gwvpmini_ConfirmRegistration() +{ + global $can_register, $BASE_URL, $reg_reqs_confirm; + + $hash = ""; + if(isset($_REQUEST["q"])) { + $query = $_REQUEST["q"]; + $qspl = explode("/", $query); + if(isset($qspl[2])) { + $hash = $qspl[2]; + } + } + + if($hash == "") { + gwvpmini_SendMessage("error", "Confirmation failed, Confirm the url you used and try again"); + } else if(gwvpmini_UpdateStatusFromConfirm($hash)) { + gwvpmini_SendMessage("info", "Confirmation succeeded, you may now login with your username and password"); + } else { + gwvpmini_SendMessage("error", "Confirmation failed, Confirm the url you used and try again"); + } + + header("Location: $BASE_URL"); +} + +?> \ No newline at end of file -- 1.7.0.4