<?php
/*
* ITMS ValleyData source file version 1.0 May 11, 2001
*
* Allows you to add, edit, and delete users
*
*
* Internet Task Management System: An online system used for recording information about and assigning tasks and processes.
* Copyright (C) 2001 ValleyData Programming Group
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* See file named "gpl.txt" included with source code or
* visit http://www.gnu.org/copyleft/gpl.txt on the internet.
*/
$title="User Management";
include("header.php");
include("adminonly.php");
if($ADD_USER == "true") // If we are adding a user...
{
$newusername = trim(make_clean($newusername));
$newpassword = make_clean($newpassword);
$newisadmin = ($newisadmin == "on" ? "1" : "0");
if(!isset($newusername) || $newusername == "") // Check whether a user name was entered
{
message_box("Please Enter a User Name", "error");
}
else if($newpassword == $newconfirm_password) // Confirm passwords match
{
db_open();
db_use();
$query = "SELECT * FROM users WHERE name like '$newusername'";
if(db_fetch_row(db_query($query))) // Check for duplicate user name
{
message_box("User name already exists!", "error");
error_out("Couldn't add user with duplicate name: " . $newusername, "LOG_INFO");
}
else
{
$query = "INSERT INTO users (name, isadmin, email) VALUES ('$newusername', '$newisadmin', '$user_email')";
if(db_query($query)) // Add the user to the database
{
if($ENABLE_LDAP == "true")
ldap_add_user($newusername, $newpassword);
else
db_add_user($newusername, $newpassword);
$query = "SELECT uid FROM users WHERE name LIKE '$newusername'";
$result = db_query($query); // Get new user's ID
$row = db_fetch_row($result);
$user_num = $row["uid"];
foreach($HTTP_POST_VARS as $comboname => $value) // For each group that is checked...
{
if(substr($comboname, 0, 2) == "cb")
{
$group_num = substr($comboname, 2);
$query = "INSERT into user_groups (gid, uid) VALUES ('$group_num', '$user_num')";
db_query($query); // Add the user to the group
}
}
}
else
{
error_out("Could not add user to: users table", "LOG_INFO");
}
}//end else not duplicate
}//end if($newpassword == $newconfirm_password)
else
{
message_box("Your passwords didn't match, try again!", "error");
}
}
print("<IMG SRC=\"images/user_mgt.jpg\" WIDTH=\"400\" HEIGHT=\"41\" BORDER=\"0\" ALT=\"User Management\">");
?>
<table border="0">
<tr class="table-header">
<td>
<form METHOD=POST action="user_mgt.php">
<table>
<tr>
<td colspan="3">Create User:</td>
</tr>
<tr>
<td>Username:</td>
<td><INPUT TYPE="text" NAME="newusername" size="15"></td>
</tr>
<tr>
<td>Password:</td>
<td><INPUT TYPE="password" NAME="newpassword" size="15"></td>
</tr>
<tr>
<td>Confirm Password:</td>
<td><INPUT TYPE="password" NAME="newconfirm_password" size="15"></td>
</tr>
<tr>
<td>User's Email Address:</td>
<td><INPUT TYPE="text" NAME="user_email" size="15"></td>
</tr>
</table>
<table>
<?php
$col_num = 0;
$groups = get_all_groups();
foreach($groups as $group) // Display all groups
{
$col_num++;
if($col_num == 1)
print("<tr>\n");
print("<td>\n");
print("<INPUT TYPE=\"checkbox\" NAME=\"cb" . $group["gid"] . "\"> " .
$group["groupname"]);
print("</td>\n");
if($col_num == 2)
{
print("</tr>\n");
$col_num = 0;
}
}
?>
</table>
<table>
<tr>
<td colspan="3">Administrator:<INPUT TYPE="checkbox" NAME="newisadmin"></td>
</tr>
<tr>
<td colspan="3"><INPUT TYPE="hidden" NAME="ADD_USER" VALUE="true">
<INPUT TYPE="submit" value="Add User">
<INPUT TYPE="button" value="Cancel" onClick="location='index.php'">
</td>
</tr>
</table>
</form>
</td>
</tr>
<tr>
<td>
<hr>
</td>
</tr>
<tr class="table-header">
<td>
<form METHOD=POST action="user_edit.php">
<table>
<tr>
<td>Edit User:</td>
</tr>
<tr>
<td>Username:</td>
<td><SELECT NAME="edit_user">
<?php
$user_array = get_all_users();
if($user_array)
foreach ($user_array as $usr) // Put all the users in the select box
{
print("<option value=\"" . $usr["uid"] . "\">" . $usr["name"] . "</option>\n");
}
?>
</SELECT></td>
</tr>
<tr>
<td colspan="2"><INPUT TYPE="submit" value="Edit User">
<INPUT TYPE="button" value="Cancel" onClick="location='index.php'"></td>
</tr>
</table>
</form>
</td>
</tr>
<tr>
<td>
<hr>
</td>
</tr>
<tr class="table-header">
<td>
<form METHOD=POST action="user_delete.php">
<table>
<tr>
<td>Delete User:</td>
</tr>
<tr>
<td>Username:</td>
<td colspan="2">
<SELECT NAME="delete_user">
<?php
$user_array = get_all_other_users($uid);
if($user_array)
foreach ($user_array as $usr) // For each user other than yourself, add the user to the list
{
print("<option value=\"" . $usr["uid"] . "\">" . $usr["name"] . "</option>\n");
}
?>
</SELECT>
</td>
</tr>
<tr>
<td colspan="2">
<INPUT TYPE="submit" value="Delete User">
<INPUT TYPE="button" value="Cancel" onClick="location='index.php'">
</td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php include("footer.php"); ?>