Location: PHPKode > projects > Svn-access-manager > svn_access_manager/workOnUser.php
<?php

/*
    SVN Access Manager - a subversion access rights management tool
    Copyright (C) 2008 Thomas Krieger <hide@address.com>

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/
 
if ( file_exists ( realpath ( "./config/config.inc.php" ) ) ) {
	require( "./config/config.inc.php" );
} elseif( file_exists ( realpath ( "../config/config.inc.php" ) ) ) {
	require( "../config/config.inc.php" );
} elseif( file_exists( "/etc/svn-access-manager/config.inc.php" ) ) {
	require( "/etc/svn-access-manager/config.inc.php" );
} else {
	die( "can't load config.inc.php. Check your installation!\n'" );
}

$installBase					= isset( $CONF['install_base'] ) ? $CONF['install_base'] : "";

require ("$installBase/include/variables.inc.php");
#require ("./config/config.inc.php");
require ("$installBase/include/functions.inc.php");
require ("$installBase/include/output.inc.php");
require ("$installBase/include/db-functions-adodb.inc.php");



function getRights( $dbh ){

	global $CONF;
	
	$schema										= db_determine_schema();
    
	$lang										= check_language();
	$tRightsAvailable							= array();
	$query										= "SELECT id, right_name, allowed_action, description_$lang AS description " .
												  "  FROM ".$schema."rights " .
												  " WHERE (deleted = '00000000000000') " .
												  " ORDER BY id ASC";
	$result										= db_query( $query, $dbh );
	
	while( $row = db_assoc( $result['result'] ) ) {
		
		$tRightsAvailable[]						= $row;
		
	}		

	return $tRightsAvailable;
}		

function getRightsGranted( $user_id, $dbh ) {
	
	global $CONF;
	
	$schema										= db_determine_schema();
    
	$tRightsGranted								= array();
	$query										= "SELECT right_id, allowed " .
												  "  FROM ".$schema."users_rights " .
												  " WHERE (user_id = $user_id) " .
												  "   AND (deleted = '00000000000000')";
	$result										= db_query( $query, $dbh );
	
	while( $row = db_assoc( $result['result'] ) ) {
		
		$tRightsGranted[ $row['right_id'] ]		= $row['allowed'];
	}
	
	return $tRightsGranted;
}		


initialize_i18n();

$SESSID_USERNAME 							= check_session ();
check_password_expired();
$dbh 										= db_connect ();
$preferences								= db_get_preferences($SESSID_USERNAME, $dbh );
$CONF['user_sort_fields']					= $preferences['user_sort_fields'];
$CONF['user_sort_order']					= $preferences['user_sort_order'];
$CONF['page_size']							= $preferences['page_size'];
$rightAllowed								= db_check_acl( $SESSID_USERNAME, "User admin", $dbh );
$_SESSION['svn_sessid']['helptopic']		= "workonuser";

if( $rightAllowed == "none" ) {
	
	db_disconnect( $dbh );
	header( "Location: nopermission.php" );
	exit;
	
}		  

if ($_SERVER['REQUEST_METHOD'] == "GET") {

	$tReadonly								= "";
	$tTask									= db_escape_string( $_GET['task'] );
	if( isset( $_GET['id'] ) ) {

		$tId								= db_escape_string( $_GET['id'] );
		
	} else {

		$tId								= "";

	}

	if( ($rightAllowed == "add") and ($tTask != "new") ) {
	
		db_disconnect( $dbh );
		header( "Location: nopermission.php" );
		exit;
	
	}		
	
	$_SESSION['svn_sessid']['task']			= strtolower( $tTask );
	$_SESSION['svn_sessid']['userid']		= $tId;
	$tRightsAvailable						= getRights( $dbh );
	
	$schema									= db_determine_schema();
	
	if( $_SESSION['svn_sessid']['task'] == "new" ) {
   		
   		$tUserid								= "";
		$tName									= "";
		$tGivenname								= "";
		$tEmail									= "";
		$tPasswordExpires						= 1;
		$tLocked								= 0;
		$tAdministrator							= "n";
		$tUserRight								= "read";
		$tRightsGranted							= array();
			
   	} elseif( $_SESSION['svn_sessid']['task'] == "change" ) {
   			
   		$tReadonly								= "readonly";
   		$query									= "SELECT * " .
   												  "  FROM ".$schema."svnusers " .
   												  " WHERE id = $tId";
		$result									= db_query( $query, $dbh );
		if( $result['rows'] == 1 ) {
			
			$row								= db_assoc( $result['result'] );
			$tUserid							= $row['userid'];
			$tName								= $row['name'];
			$tGivenname							= $row['givenname'];
			$tEmail								= $row['emailaddress'];
			$tPasswordExpires					= $row['passwordexpires'];
			$tLocked							= $row['locked'];
			$tAdministrator						= $row['admin'];
			$tUserRight							= $row['user_mode'];
			$tRightsGranted						= getRightsGranted( $row['id'], $dbh );
			
		} else {
		
			$tMessage							= sprintf( _( "Invalid userid %s requested!" ), $id );	
			
		}
		
	} else {
   			
   			$tMessage						= sprintf( _( "Invalid task %s, anyone tampered arround with?" ), $_SESSION['svn_sessid']['task'] );
   			
   	}
   		
		
	
	$header									= "users";
	$subheader								= "users";
	$menu									= "users";
	$template								= "workOnUser.tpl";
	
   	include ("$installBase/templates/framework.tpl");

}

if ($_SERVER['REQUEST_METHOD'] == "POST") {
   
   	$tUserid								= db_escape_string( $_POST['fUserid'] );
   	$tName									= db_escape_string( $_POST['fName'] );
   	$tGivenname								= db_escape_string( $_POST['fGivenname'] );
   	$tPassword								= db_escape_string( $_POST['fPassword'] );
   	$tPassword2								= db_escape_string( $_POST['fPassword2'] );
   	$tEmail									= db_escape_string( $_POST['fEmail'] );
   	$tPasswordExpires						= db_escape_string( $_POST['fPasswordExpires'] );
   	$tLocked								= db_escape_string( $_POST['fLocked'] );
   	$tAdministrator							= db_escape_string( $_POST['fAdministrator'] );
   	$tUserRight								= db_escape_string( $_POST['fUserRight'] );
   	$tRightsAvailable						= getRights( $dbh );
   	
   	if( isset( $_POST['fSubmit'] ) ) {
		$button								= db_escape_string( $_POST['fSubmit'] );
	} elseif( isset( $_POST['fSubmit_ok_x'] ) ) {
		$button								= _("Submit");
	} elseif( isset( $_POST['fSubmit_back_x'] ) ) {
		$button								= _("Back" );
	} elseif( isset( $_POST['fSubmit_ok'] ) ) {
		$button								= _("Submit");
	} elseif( isset( $_POST['fSubmit_back'] ) ) {
		$button								= _("Back" );
	} else {
		$button								= "undef";
	}
	
	$schema									= db_determine_schema();
   	
   	if( $button == _("Back" ) ) {
   	
   		db_disconnect( $dbh );	
   		header( "Location: list_users.php" );
   		exit;
   		
   	} elseif( $button == _( "Submit" ) ) {
   		
   		if( $_SESSION['svn_sessid']['task'] == "new" ) {
   			
   			$error							= 0;
   			
   			if( $tUserid == "" ) {
   				
   				$tMessage					= _( "Userid is missing, please fill in!" );
   				$error						= 1;
   				
   			} elseif( $tName == "" ) {
   				
   				$tMessage					= _( "Name missing, please fill in!" );
   				$error						= 1;
   			
   			} elseif( ($tPassword == "") and ($tPassword2 == "") ) {
   				
				$tMessage					= _( "A new user needs a password!" );
				$error						= 1;
				 
   			} elseif( ($tPassword != "") or ($tPassword2 != "") ) {
   				
				if( $tPassword != $tPassword2 ) {
					
					$tMessage				= _( "Passwords do not match!" );
					$error					= 1;
					
				} else {
					
					$retval					= checkPasswordPolicy( $tPassword, $tAdministrator );
					if( $retval == 0 ) {
						
						$tMessage			= _( "Password does not match the password policy!" );
						$error				= 1;
						
					}
					
				}
				
   			}
   			
   			if( $tEmail == "" ) {
   				
   				$tMessage					= _( "Email address is missing, please fill in!" );
   				$error						= 1;
   				
   			} elseif( ! check_email( $tEmail ) ) {
   				
   				$tMessage					= sprintf( _( "%s is not a valid email address!" ), $tEmail );
   				$error						= 1;
   				
   			} else {

   				$query						= "SELECT * " .
   											  "  FROM ".$schema."svnusers " .
   											  " WHERE (userid = '$tUserid') " .
   											  "   AND (deleted = '00000000000000')";
   				$result						= db_query( $query, $dbh );
   				
   				if( $result['rows'] > 0 ) {
   					
   					$tMessage				= sprintf( _( "The user with the userid %s exists already" ), $tUserid );
   					$error					= 1;
   					
   				} 
   			}
  			   			
   			if( $error == 0 ) {
   				
   				$pwcrypt					= db_escape_string( pacrypt( $tPassword ), $dbh );
   				$dbnow						= db_now();
   				$query 						= "INSERT INTO ".$schema."svnusers (userid, name, givenname, password, passwordexpires, locked, emailaddress, admin, created, created_user, password_modified, user_mode) " .
   						                      "     VALUES ('$tUserid', '$tName', '$tGivenname', '$pwcrypt', '$tPasswordExpires', '$tLocked', '$tEmail', '$tAdministrator','$dbnow', '".$_SESSION['svn_sessid']['username']."', '20000101000000', '$tUserRight')";
   				
   				db_ta( 'BEGIN', $dbh );
   				db_log( $_SESSION['svn_sessid']['username'], "added user $tUserid, $tName, $tGivenname", $dbh ); 
   				
   				$result						= db_query( $query, $dbh );
   				if( $result['rows'] == 1 ) {
   					
   					$lastid					= db_get_last_insert_id( 'svnusers', 'id', $dbh );
   					
   					foreach( $tRightsAvailable as $right ) {
   					
   						$right_id			= $right['id'];
   						$field				= "fId".$right_id;
   						$value				= isset( $_POST[$field] ) ? db_escape_string( $_POST[$field] ) : "";
   						
   						if( $value != "" ) {
   							$query			= "SELECT * " .
   									 		  "  FROM ".$schema."users_rights " .
   									 		  " WHERE (right_id = $right_id) " .
   									 		  "   AND (user_id = $lastid) " .
   									 		  "   AND (deleted = '00000000000000')";
   							$result			= db_query( $query, $dbh );
   							
   							if( $result['rows'] > 0 ) {
   								
   								$dbnow			= db_now();
   								$query			= "UPDATE ".$schema."users_rights " .
   												  "   SET modified = '$dbnow', " .
   												  "       modified_user = '".$_SESSION['svn_sessid']['username']."'," .
   												  "       allowed = '$value' " .
   												  " WHERE (user_id = $lastid) " .
   											  	"   AND (right_id = $right_id)";
   							
   							} else{
   							
   								$dbnow			= db_now();
   								$query			= "INSERT INTO ".$schema."users_rights (right_id, user_id, allowed, created, created_user) " .
   												  "     VALUES ($right_id, $lastid, '$value', '$dbnow', '".$_SESSION['svn_sessid']['username']."')";
   							
   							}
   							
   							$result				= db_query( $query, $dbh );
   							
   							if( $result['rows'] == 0 ) {
   								
   								$tMessage	= _("Error during database write of user rights" );
   								$error		= 1;
   								
   							}
   						}
   					}
   					
   					$tRightsGranted			= getRightsGranted( $lastid, $dbh );
   					
   				} else {
   					
   					$error					= 1;
   					$tMessaage				= _( "Error during database insert of user data" );
   					
   				}
   					
   				if( $error != 0 ) {
   					
   					db_ta( 'ROLLBACK', $dbh );
   					
   				} else {
   					
   					db_ta( 'COMMIT', $dbh );
   					
   					$tMessage				= _( "User successfully inserted" );
   					
   				}
   			}
   			
   		} elseif( $_SESSION['svn_sessid']['task'] == "change" ) {
   			
   			$error							= 0;
   			$tReadonly						= "readonly";
   			
   			if( $tUserid == "" ) {
   				
   				$tMessage					= _( "Userid is missing, please fill in!" );
   				$error						= 1;
   				
   			} elseif( $tName == "" ) {
   				
   				$tMessage					= _( "Name missing, please fill in!" );
   				$error						= 1;
   			
   			} elseif( ($tPassword != "") or ($tPassword2 != "") ) {
   				
				if( $tPassword != $tPassword2 ) {
					
					$tMessage				= _( "Passwords do not match!" );
					$error					= 1;
					
				} else {
					
					$retval					= checkPasswordPolicy( $tPassword );
					if( $retval == 0 ) {
						
						$tMessage			= _( "Password does not match the password policy!" );
						$error				= 1;
						
					}
					
				}
				
   			}
   			
   			if( $tEmail == "" ) {
   				
   				$tMessage					= _( "Emailaddress is missing, please fill in!" );
   				$error						= 1;
   				
   			} elseif( ! check_email( $tEmail ) ) {
   				
   				$tMessage					= sprintf( _( "%s is not a valid email address!" ), $tEmail );
   				$error						= 1;
   				
   			} else {

   				$query						= "SELECT * " .
   											  "  FROM ".$schema."svnusers " .
   											  "  WHERE (userid = '$tUserid') " .
   											  "    AND (deleted = '00000000000000')";
   				$result						= db_query( $query, $dbh );
   				
   				if( $result['rows'] == 0 ) {
   					
   					$tMessage				= sprintf( _( "The user %s does not exist" ), $tUserid );
   					$error					= 1;
   					
   				}
   			}
  			   			
   			if( $error == 0 ) {
   				
   				$pwcrypt					= db_escape_string( pacrypt( $tPassword ), $dbh );
   				$dbnow						= db_now();
   				$query						=  "UPDATE ".$schema."svnusers " .
   											   "   SET name 			= '$tName', " .
   											   "       givenname 		= '$tGivenname', " .
   											   "       emailaddress 	= '$tEmail', " .
   											   "       passwordexpires 	= '$tPasswordExpires', " .
   											   "       locked 			= '$tLocked', " .
   											   "       admin 			= '$tAdministrator', " .
   											   "       user_mode 	    = '$tUserRight', " .
   											   "       modified 		= '$dbnow', " .
   											   "       modified_user 	= '".$_SESSION['svn_sessid']['username']."'";
   				
   				if( $tPassword != "" ) {
   				
   					$query					.= ", password = '$pwcrypt'";
   						
   				}
   				
   				$query						.= " WHERE (id = ".$_SESSION['svn_sessid']['userid'].")";
   				
   				db_ta( 'BEGIN', $dbh );
   				db_log( $_SESSION['svn_sessid']['username'], "updated user $tUserid", $dbh );
   				
   				$result						= db_query( $query, $dbh );
   				
   				if ( $result['rows'] == 1 ) {
   					
   					foreach( $tRightsAvailable as $right ) {
   					
   						$right_id			= $right['id'];
   						$field				= "fId".$right_id;
   						$value				= isset( $_POST[$field] ) ? db_escape_string( $_POST[$field] ) : "";
   						
   						if( $value != "" ) {
   							$query			= "SELECT * " .
   									 		  "  FROM ".$schema."users_rights " .
   									 		  " WHERE (right_id = $right_id) " .
   									 		  "   AND (user_id = ".$_SESSION['svn_sessid']['userid'].") " .
   									 		  "   AND (deleted = '00000000000000')";
   							$result			= db_query( $query, $dbh );
   							
   							if( $result['rows'] > 0 ) {
   								
   								$dbnow			= db_now();
   								$query			= "UPDATE ".$schema."users_rights " .
   												  "   SET modified = '$dbnow', " .
   												  "       modified_user = '".$_SESSION['svn_sessid']['username']."'," .
   												  "       allowed = '$value' " .
   												  " WHERE (user_id = ".$_SESSION['svn_sessid']['userid'].") " .
   											  	"   AND (right_id = $right_id)";

   							
   							} else {
   							
   								$dbnow			= db_now();
   								$query			= "INSERT INTO ".$schema."users_rights (right_id, user_id, allowed, created, created_user) " .
   												  "     VALUES ($right_id, ".$_SESSION['svn_sessid']['userid'].", '$value', '$dbnow', '".$_SESSION['svn_sessid']['username']."')";
   							
   							}
   							
   							$result				= db_query( $query, $dbh );
   							
   							if( $result['rows'] == 0 ) {
   								
   								$tMessage	= _("Error during database write of user rights" );
   								$error		= 1;
   								
   							}
   						}
   					}
   					
   					$tRightsGranted			= getRightsGranted( $_SESSION['svn_sessid']['userid'], $dbh );
   						
   				} else {
   					
   					$tMessage 				= _( "User not modified due to database error" );
   					$error					= 1;
   				}
   				
   				if( $error == 0 ) {
   					
   					db_ta( 'COMMIT', $dbh );
   					
   					$tMessage				= _( "User successfully modified" );
   					
   				} else {
   					
   					db_ta( 'ROLLBACK', $dbh );
   					
   				}
   			}
   			
   		} else {
   			
   			$tMessage						= sprintf( _( "Invalid task %s, anyone tampered arround with?" ), $_SESSION['svn_sessid']['task'] );
   			
   		}
   		
   	} else {
   		
   		$tMessage							= sprintf( _( "Invalid button %s, anyone tampered arround with?" ), $button );
   		
   	}
   	
   	$header									= "users";
	$subheader								= "users";
	$menu									= "users";
	$template								= "workOnUser.tpl";
	
   	include ("$installBase/templates/framework.tpl");
   
}

db_disconnect ( $dbh );
?>
Return current item: Svn-access-manager