Location: PHPKode > projects > CMS Admin > www/modules/manageusers.php
<?php
$module = new ManageUsers();
$mod = 'manageusers';

require_once dirname(__FILE__).'/../classes/user.php';
require_once dirname(__FILE__).'/../classes/course.php';
require_once dirname(__FILE__).'/../include/login.php';
require_once dirname(__FILE__).'/../layout/layout.php';

class ManageUsers
{
	private $course;
	private $user;

    function main(User $user, Permissions $perm, $course)
    {
		$this->course = $course;
		$this->user = $user;
	
		$c = new Course($course);

		if($user->userLevel <= $perm->permissions['modifyUsers'] && $c->isUserInCourse($user->userID, $course) ||
			$user->userLevel == ADMIN) {

        	Layout::header('Manage Users');
        	Layout::sidebar($user, $this->course);
        	echo '<div id="main">';
        	if(isset($_GET['action'])) {
            	switch($_GET['action']) {
                case 'add':
                    $this->addUser();
                    break;
                case 'modify':
                    $this->modifyUser();
                    break;
                case 'delete':
                    $this->deleteUser();
                    break;
                }
            } else if(isset($_GET['add'])) {
                $this->addUserForm();
            } else if(isset($_GET['user'])) {
                $this->modifyUserForm();
            } else {
                $this->menu();
            }
			echo "</div>\n";
        	Layout::footer();
        } else {
            echo 'insufficient privledges';
        }
    }

    public function addUserForm()
    {
        $this->printForm(new User(0), 'add');
    }

    public function modifyUserForm()
    {
        $u = new User($_GET['user']);

        echo '<div id="linklist" class="linklist"><h5><a href="manageusers.php?c='.$this->course.'&amp;action=delete&amp;user=' . $u->userID . '">Delete This User</a></h5></div>'."\n";
        $action = 'modify&amp;user=' . $u->userID;
        $this->printForm($u, $action);
    }

    public function addUser()
    {
        $a = new Users($this->course);

		echo '<div id="message" class="message">';

        if($a->RegisterUser($_POST['firstName'], $_POST['lastName'], $_POST['email'], 
                            '1', $_POST['userLevel'], $_POST['password'], $_POST['password2'])) {

            echo '<h5>User successfully added.</h5></div>';
            $this->menu();
       } else {
            echo "<ul>\n";
            foreach($a->error as $error)
                echo "<li>$error</li>\n";
            echo "</ul>\n";
            echo '</div>';

            $u = new User(0);
            $u->firstName = htmlspecialchars($_POST['firstName']);
            $u->lastName = htmlspecialchars($_POST['lastName']);
            $u->email = htmlspecialchars($_POST['email']);
            $u->userLevel = htmlspecialchars($_POST['userLevel']);
            $this->printForm($u, 'add');
        }

    }


    public function modifyUser()
    {
        $a = new Users();

		echo '<div id="message" class="message">';

        if($a->UpdateUser($_GET['user'], $_POST['firstName'], $_POST['lastName'], $_POST['email'], 
                            '1', $_POST['userLevel'], $_POST['password'], $_POST['password2'])) {

            echo '<h5>User successfully updated.</h5></div>';
            $this->menu();

        } else {

            echo "<ul>\n";
            foreach($a->error as $error)
                echo "<li>$error</li>\n";
            echo "</ul>\n";
            echo '</div>';

            $u = new User(0);
            $u->userID = $_GET['user'];
            $u->firstName = htmlspecialchars($_POST['firstName']);
            $u->lastName = htmlspecialchars($_POST['lastName']);
            $u->email = htmlspecialchars($_POST['email']);
            $u->userLevel = htmlspecialchars($_POST['userLevel']);
            $action = 'modify&amp;user='. $u->userID;

            $this->printForm($u, $action);
        }    
    }   


	public function deleteUser()
	{
        // more error checking would be good, but not critical since the delete would just silently fail
        $a = new Users();
		$a->DeleteUser($_GET['user']);
        echo '<div id="message" class="message"><h5>User successfully removed.</h5></div>';
        $this->menu();
	}


    public function menu()
    {
        $a = new Users($this->course);

        echo '<div id="linklist" class="linklist"><h5><a href="manageusers.php?c='.$this->course.'&amp;add">Add User</a></h5></div>';
        echo '<div id="linklist"  class="linklist">';
        echo '<h5>Students</h5>';
		echo '<ul>';

        $data = $a->ListUsers('LastName');

        for ($i=0; $i<$data->numRows(); ++$i)
        {
			$rowData = $data->fetchRow();
			$u = new User($rowData['UserID']);

			if($u->userLevel == STUDENT) {

                echo '<li><a href="manageusers.php?c='.$this->course.'&amp;user=' . $u->userID .'">';
                echo $u->firstName .' '. $u->lastName .' - '. $u->email .'</a></li>';
			}
        }

        $data = $a->ListUsers('LastName');

		echo <<< END
</ul>
<h5>TAs</h5>
<ul>

END;

        for ($i=0; $i<$data->numRows(); ++$i)
        {
			$rowData = $data->fetchRow();
			$u = new User($rowData['UserID']);

			if($u->userLevel == TA) {
                echo '<li><a href="manageusers.php?c='.$this->course.'&amp;user=' . $u->userID .'">';
                echo $u->firstName .' '. $u->lastName .' - '. $u->email .'</a></li>';
			}
        }

        $data = $a->ListUsers('LastName');
		
		echo '</ul>';

		if($this->user->userLevel <= ADMIN) {

		echo <<< END
<h5>Instructors</h5>
<ul>

END;

	        for ($i=0; $i<$data->numRows(); ++$i)
	        {
				$rowData = $data->fetchRow();
				$u = new User($rowData['UserID']);
	
				if($u->userLevel == INSTRUCTOR) {
	                echo '<li><a href="manageusers.php?c='.$this->course.'&amp;user=' . $u->userID .'">';
	                echo $u->firstName .' '. $u->lastName .' - '. $u->email .'</a></li>';
				}
	        }

	        $data = $a->ListUsers('LastName');

			echo <<< END
</ul>
<h5>Admins</h5>
<ul>

END;

        	for ($i=0; $i<$data->numRows(); ++$i)
        	{
				$rowData = $data->fetchRow();
				$u = new User($rowData['UserID']);

				if($u->userLevel == ADMIN) {
        	        echo '<li><a href="manageusers.php?c='.$this->course.'&amp;user=' . $u->userID .'">';
        	        echo $u->firstName .' '. $u->lastName .' - '. $u->email .'</a></li>';
				}
        	}

        	echo '</ul>';

		}
    }


    private function printForm(User $u, $action)
    {
        $title = ($action == 'add') ? 'Add User' : 'Modify User';
        
        $password = ($u->userID) ? '********' : '';
        $selected_1 = ($u->userLevel == 1) ? 'selected="selected"' : '';
        $selected_2 = ($u->userLevel == 2) ? 'selected="selected"' : '';
        $selected_3 = ($u->userLevel == 3) ? 'selected="selected"' : '';
        $selected_0 = ($u->userLevel == 0) ? 'selected="selected"' : '';

        echo <<< END
<div id="linklist" class="linklist"><h5>$title</h5>
<form method="post" action="manageusers.php?c=$this->course&amp;action=$action">
<ul>
<li><label>First Name</label><input type="text" name="firstName" value="$u->firstName"/></li>
<li><label>Last Name</label><input type="text" name="lastName" value="$u->lastName"/></li>
<li><label>Email Address</label><input type="text" name="email" value="$u->email"/></li>
<li><label>Password</label><input type="password" name="password" value="$password"/></li>
<li><label>Confirm Password</label><input type="password" name="password2" value="$password"/></li>
<li><label>Access Level</label><select name="userLevel">
    <option value="3" $selected_3>Student</option>
    <option value="2" $selected_2>TA</option>
    <option value="1" $selected_1>Instructor</option>
    <option value="0" $selected_0>Administrator</option>
</select></li>
<li><label>&nbsp;</label>   <input type="submit" value="$title" /></li>
</ul>
</form>
</div>
END;
    }


    private function emailValid($email)
    {
        $notvalid = PEAR::isError(Mail_RFC822::parseAddressList($email, ''));

        return ! $notvalid;
    }
}
?>
Return current item: CMS Admin