Location: PHPKode > projects > Write2Left > Base/Users.php
<?php
/*
+------------------------------------------------------
| Write2Left
| (c) timdorr
| http://www.write2left.com
| hide@address.com
| See License.txt for license info
|------------------------------------------------------
| Script: Users.php
| Description:
|   Manages users and their permissions
| Created Jun-28-2003
+------------------------------------------------------
*/

/* Class: Users
 * Description:
 *   Driver for our user manager page
 */
class Users
{
	var $skin  = "";
	var $menu  = true;
	var $error = 0;
	
	function run()
	{
		global $W2L, $userinfo, $output, $db;
		
		// Do skin related stuff
		require( "./Skin/Users.php" );
		$this->skin = new Skin_Users();
		$output->page_title = "User Manager";
		$output->loc_add( "User Manager" );
		$output->add( $this->skin->body_top() );

		if( array_key_exists( 'M', $W2L->input ) )
		{
			if( $W2L->input['M'] == 'Add' )
				$this->error = $this->add_user();
			if( $W2L->input['M'] == 'Edit' )
				$this->edit_user( $W2L->input['user_id'] );
			if( $W2L->input['M'] == 'DoEdit' )
				$this->do_edit_user();
			if( $W2L->input['M'] == 'Delete' )
				$this->del_user( $W2L->input['user_id'] );
			if( $W2L->input['M'] == 'DoDelete' )
				$this->do_del_user( $W2L->input['user_id'] );
		}

		// Get the list of users and show it
		$db->query( "SELECT * FROM w2l_users" );
		$output->add( $this->skin->user_list_head() );
		while( $user = $db->fetch_array() )
		{
			$output->add( $this->skin->user_item( $user['user_id'], $user['name'] ) );
		}
		$output->add( $this->skin->user_list_foot() );
		
		// Handle form errors for the add user form
		if( $this->error != 0 )
		{
			if( $this->error == 1 )
				$output->add( $this->skin->error( "The passwords did not match" ) );
			if( $this->error == 2 )
				$output->add( $this->skin->error( "That username already exists" ) );
			
			// If we're coming back after an error, refill the form
			$W2L->input['name'] = array_key_exists( 'name', $W2L->input ) ? $W2L->input['name'] : '';
			$W2L->input['email'] = array_key_exists( 'email', $W2L->input ) ? $W2L->input['email'] : '';
		}
		else
		{
			$W2L->input['name'] = '';
			$W2L->input['email'] = '';
		}	
		
		$output->add( $this->skin->new_user_form( $W2L->input['name'], $W2L->input['email'] ) );
		
		$output->add( $this->skin->body_bottom() );
	}

	//================
	// Adds a user to the database
	//================
	function add_user()
	{
		global $W2L, $userinfo, $db, $output;
		
		// Let's play Match the Password!
		if( $W2L->input['pass'] != $W2L->input['verify'] )
		{
			return 1;
		}
		
		// Check for duplicate users
		$id = $db->query( "SELECT * FROM w2l_users WHERE name='{$W2L->input['name']}'" );
		if( $db->num_rows( $id ) != 0 )
		{
			return 2;
		}
		
		// MD5 encrypt the password
		$W2L->input['pass'] = md5( $W2L->input['pass'] );
		
		// Store the new user
		$db->query( "INSERT INTO w2l_users VALUES 
							( NULL,
							  '{$W2L->input['name']}', 
							  '{$W2L->input['pass']}', 
							  '{$W2L->input['email']}', 
							  '{$userinfo->name}', '0', '0', '0', '0', '0', '0' )" );
		
		$new_user_id = $db->insert_id();

		$id = $db->query( "SELECT * FROM w2l_logs" );
		while( $log = $db->fetch_array( $id ) )
		{
			$db->query( "INSERT INTO w2l_editors 
									( `user_id`, `log_id` )
								VALUES 
									( $new_user_id, $log[log_id] )" );
		}
		
		$output->add( '<div class="message">User added</div><br />' );
							  
	}
	
	//================
	// Shows the user editing form
	//================
	function edit_user( $user_id )
	{
		global $db, $output, $userinfo;
		
		$user = $db->query_fetch( "SELECT * FROM w2l_users 
											WHERE user_id = $user_id" );
		
		$output->add( $this->skin->edit_user_head( $user_id, $user['email'] ) );
		
		$id = $db->query( "SELECT log_id FROM w2l_editors
							  			 WHERE user_id = $userinfo->id 
							    	  	 AND can_editors = '1'" );
		
		while( list( $log_id ) = $db->fetch_array( $id ) )
		{
			$log = $db->query_fetch( "SELECT * FROM w2l_logs AS l 
													LEFT JOIN w2l_editors AS e 
														ON l.log_id = e.log_id 
											  		WHERE user_id = $user_id 
							    				 	AND l.log_id = $log_id" );
			
			$perms = array();
			foreach( $log as $key => $value )
			{
				if( $value == 1 )
					$perms[$key] = 'checked';
				else
					$perms[$key] = '';
			}
			if( count( $log ) == 0 )
			{
				$perms['can_access'] 	= '';
				$perms['can_post'] 		= '';
				$perms['can_edit'] 		= '';
				$perms['can_config'] 	= '';
				$perms['can_upload'] 	= '';
				$perms['can_template']	= '';
				$perms['can_notify']	= '';
				$perms['can_mail']		= '';
				$perms['can_moderate']	= '';
				$perms['can_editors']	= '';
			}
			
			$output->add( $this->skin->edit_user_log_row( $log['log_id'], 
														  $log['name'],
														  $perms ) );
		}
		
		$output->add( $this->skin->edit_user_foot() );
	}
	
	//================
	// Edits a user in the database
	//================
	function do_edit_user()
	{
		global $W2L, $db, $output;
		
		foreach( $W2L->input as $key => $log )
		{
			if( substr( $key, 0, 4 ) == 'log_' )
				$log_id = substr( $key, 4 );
			else
				continue;
				
			$log['can_access'] 		= array_key_exists( 'can_access', $log ) ? 1 : 0;
			$log['can_post'] 		= array_key_exists( 'can_post', $log ) ? 1 : 0;
			$log['can_edit'] 		= array_key_exists( 'can_edit', $log ) ? 1 : 0;
			$log['can_config'] 		= array_key_exists( 'can_config', $log ) ? 1 : 0;
			$log['can_upload'] 		= array_key_exists( 'can_upload', $log ) ? 1 : 0;
			$log['can_template']	= array_key_exists( 'can_template', $log ) ? 1 : 0;
			$log['can_notify']		= array_key_exists( 'can_notify', $log ) ? 1 : 0;
			$log['can_mail']		= array_key_exists( 'can_mail', $log ) ? 1 : 0;
			$log['can_moderate']	= array_key_exists( 'can_moderate', $log ) ? 1 : 0;
			$log['can_editors']		= array_key_exists( 'can_editors', $log ) ? 1 : 0;
							
			$db->query( "UPDATE w2l_editors SET can_access='{$log['can_access']}',
												can_post='{$log['can_post']}',
												can_edit='{$log['can_edit']}',
												can_config='{$log['can_config']}',
												can_upload='{$log['can_upload']}',
												can_template='{$log['can_template']}',
												can_notify='{$log['can_notify']}',
												can_mail='{$log['can_mail']}',
												can_moderate='{$log['can_moderate']}',
												can_editors='{$log['can_editors']}'
											WHERE user_id = {$W2L->input['id']}
											  AND log_id = $log_id" );
		}
		
		$output->add( '<div class="message">User edited</div><br />' );
	}
	
	//================
	// Prompts to delete a user from the database
	//================
	function del_user( $user_id )
	{
		global $db, $output;
		
		$user = $db->query_fetch( "SELECT name FROM w2l_users WHERE user_id = $user_id" );
		
		$output->add( $this->skin->del_confirm( $user['name'], $user_id ) );
	}
	
	//================
	// Removes the user from the database
	//================
	function do_del_user( $user_id )
	{
		global $db;
		
		$db->query( "DELETE FROM w2l_users WHERE user_id = $user_id" );
		$db->query( "DELETE FROM w2l_editors WHERE user_id = $user_id" );
	}
}

$driver = new Users();
?>
Return current item: Write2Left