Location: PHPKode > projects > PHP Authentication using Uma > uma/admin/index.php
<?
//$Id: index.php,v 1.2 2002/10/07 06:06:10 rampart Exp $
/**
 *
 * Uma Example Page
 *
 * Copyright (C) 2002  Vance Consulting LLC
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * is library is distributed in the hope that it will be useful,
 * t WITHOUT ANY WARRANTY; without even the implied warranty of
 * RCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * http://www.vanceconsulting.net/
 * hide@address.com
 *
 * Uma SourceForge Site: http://rampart.sourceforge.net/
 *
 * Description:
 * Example page protected by Uma.
 * The important things to note:
 *	- You have to be able include Uma.inc.php, DataObject,class.php,
 * 	 config.php and authenticator.php must be in your include_path.
 *	 How you accomplish that is up to you. Make note that config.php
 * 	 is going to contain your db password, so you might want to put
 * 	 that outside of the web server's document directory structure.
 *
 *	TODO
 *	Better handling of passwords when the come from a form and we have to
 * 	check whether a password matches a confirmation password and how to handle
 * 	when user data is submitted and not updated the password to being blank.
 * 	I poor example of how to do such things is displayed below. It's very ugly
 * 	and needs to more elegantly designed.
 *
*/
ini_set('include_path', @current(file('mepath.php'))); // you don't have to set your include_path like this, I do it because I thought it was idea at one time. Now I am not so sure.
require("Uma.inc.php");	
require("Utils.class.php");
require("authenticator.php");
session_start();
define('GUEST_ID', 1);
$operation = $_POST['op'];
if (!$operation) $operation = $_GET['op'];
if (!$operation) $operation = 'addservice';
$gotSelected = FALSE;
$u = $_SESSION['rampartUser'];

$content = "welcome";
$title = "Uma - PHP User Management System";

switch ($operation) {
 case "deleteuser":
     if ($_GET['id']) {
	 $du = new User($_GET['id']);
	 $du->clearPermissions();
	 $du->delete();
     }
     header("location:index.php");
     exit;
     break;
 case "addservice":
     $service = new Service();
     $services = $service->getAll();
     $content = 'addservice';
     break;
 case "editservice":
     $service = new Service($_GET['id']);
     $content = 'editservice';
     break;
 case "commitservice":
     if ($_POST['id']) {
	 $newservice = new Service($_POST['id']);
     } else {
	 $newservice = new Service();
     }
     $newservice->set('name', $_POST['sname']);
     $newservice->set('description', $_POST['sdesc']);
     $newservice->save();
     header("location:index.php?op=addservice");
     exit;
     break;
 case "deleteservice":
     if ($_GET['id']) {
	 $su = new Service($_GET['id']);
	 $su->delete(TRUE);
     }
     header("location:index.php");
     exit;
     break;
 case "adduser":
     $s = new Service();
     $services = $s->getAll();
     $p = new Passphrase();
     $passphrases = $p->getAll();
     $su = new User();
     $title = "Add User";
     $msg = "You have to enter at least the username and password. Everything else is optional.";
     $content = "adduser";
     break;
 case "edituser":
     $p = new Passphrase();
     $passphrases = $p->getAll();
     $service = new Service();
     $services = $service->getAll();
     $title = "Update User";
     $content = "adduser";
     $msg = '<font color="#000000"><b>If the password is left blank, the user\'s password is left unchanged.</b></font>';
     if ($_GET['msg']) $msg = $_GET['msg']."<br><br>$msg";
	
     $su = new User($_GET['id']);
     $userServiceIDS = @array_keys($su->getServices()); // we use this in the form so we can check the services the user already is associated.
     if ($_GET['id'] && $su->get('id') == $_GET['id']) {
	 $title = "Update User";
     } else {
	 $content = "welcome";
	 $title = "Uma - PHP User Management System";
     }
     $content = 'adduser';
     break;
 case "commituser":
     $p = new Passphrase();
     $passphrases = $p->getAll();
     if ($_POST['formData']['id']) {
	    $su = new User($_POST['formData']['id']);
	    if ($_POST['form_password'] && ($_POST['form_password'] == $_POST['form_password_conf'])) {
		$_POST['formData']['password'] = $_POST['form_password'];                        	
	    } else {
		$_POST['password'] = $su->get('password');
		if ($_POST['form_password'] != $_POST['form_password_conf']) {
		    $msg = "<br><br>- Password NOT saved because the confirmation password did not match the password. If you still feel that changing this password is a good idea, try again.";
		}
	    }
	    
	    $su->setAll($_POST['formData']);
	} else {
	    $su = new User($_POST['formData']);
	    if ($_POST['form_password'] != $_POST['form_password_conf']) {
		$msg = "<br><br>- Password NOT change because the confirmation password did not match the password. If you still feel that changing this password is a good idea, try again.";
	    } else {
		$su->set('password', $_POST['form_password']);
	    }
	}
	
	$su->clearPermissions();
	
	if (is_array($_POST['uservice'])) {
	    foreach ($_POST['uservice'] as $id=>$value) {
		if ($value == $id) {
		    $su->addService($id, $_POST['userviceperm'][$id]);
		}
	    }
	}

	$su->save();
	header("location:index.php");
	exit;
     break;
}

$users = $u->getAll(BY_USERNAME);
require('index.html.php');
?>
Return current item: PHP Authentication using Uma