From 84912ddb2e9e695980ac42c599ceda8362455790 Mon Sep 17 00:00:00 2001 From: eric Date: Wed, 23 Jun 2004 00:28:13 +0000 Subject: account adding/editing is working --- web/lib/acctfuncs.inc | 104 +++++++++++++++++++++++++++++++------------------- 1 file changed, 65 insertions(+), 39 deletions(-) (limited to 'web/lib') diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc index 9579381..97b84ba 100644 --- a/web/lib/acctfuncs.inc +++ b/web/lib/acctfuncs.inc @@ -3,9 +3,9 @@ include_once("acctfuncs_po.inc"); # Display the standard Account form, pass in default values if any # -function display_account_form($SID,$A,$U="",$T="",$S="", - $E="",$P="",$C="",$R="",$L="",$I="",$N="") { - # SID: the session id cookie value (if any) +function display_account_form($UTYPE,$A,$U="",$T="",$S="", + $E="",$P="",$C="",$R="",$L="",$I="",$N="",$UID=0) { + # UTYPE: what user type the form is being displayed for # A: what "form" name to use # U: value to display for username # T: value to display for account type @@ -17,41 +17,43 @@ function display_account_form($SID,$A,$U="",$T="",$S="", # L: value to display for Language preference # I: value to display for IRC nick # N: new package notify value + # UID: Users.ID value in case form is used for editing global $SUPPORTED_LANGS; print "
\n"; print "\n"; + if ($UID) { + print "\n"; + } print "
\n"; print "\n"; print "\n"; - # figure out what account type the visitor is - # - if ($SID) { - $atype = account_from_sid($SID); - } else { - $atype = ""; - } - print ""; print ""; print ""; print "\n"; - if ($atype == "Trusted User" || $atype == "Developer") { + if ($UTYPE == "Trusted User" || $UTYPE == "Developer") { # only TUs or Devs can promote/demote/suspend a user # print ""; print ""; print ""; print "\n"; @@ -76,14 +78,20 @@ function display_account_form($SID,$A,$U="",$T="",$S="", print ""; print ""; print ""; - print "\n"; + print " name='P' value='".$P."'>"; + if ($TYPE == "new") { + print " (".__("required").")"; + } + print "\n"; print ""; print ""; print ""; - print "\n"; + print " name='C' value='".$C."'>"; + if ($TYPE == "new") { + print " (".__("required").")"; + } + print "\n"; print ""; print ""; @@ -124,7 +132,7 @@ function display_account_form($SID,$A,$U="",$T="",$S="", print ""; print ""; print ""; print ""; - print ""; print "\n"; @@ -363,8 +385,9 @@ function search_accounts_form() { # search results page # -function search_results_page($O=0,$SB="",$U="",$T="", +function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="", $S="",$E="",$R="",$I="") { + # UTYPE: what account type the user belongs to # O: what row offset we're at # SB: how to sort the results # U: value to display for username @@ -422,9 +445,6 @@ function search_results_page($O=0,$SB="",$U="",$T="", case 't': $q.= "ORDER BY AccountTypeID, Username "; break; - case 'e': - $q.= "ORDER BY Email, AccountTypeID "; - break; case 'r': $q.= "ORDER BY RealName, AccountTypeID "; break; @@ -500,9 +520,15 @@ function search_results_page($O=0,$SB="",$U="",$T="", : print __("Never"); print ""; print ""; + if ($UTYPE == "Trusted User" && $row["AccountType"] == "Developer") { + # TUs can't edit devs + # + print " "; + } else { + $edit_url = "/account.php?Action=DisplayAccount&ID=".$row["ID"]; + print ""; + print "Edit"; + } print "\n"; $i++; } -- cgit v1.2.3-54-g00ecf
 
".__("Username").": (".__("required").")
".__("Account Type").":
".__("Password").": (".__("required").")
".__("Re-type password").": (".__("required").")
".__("Real Name").":
 "; - if ($A == "ModifyAccount") { + if ($A == "UpdateAccount") { print "   "; } else { print "   "; @@ -142,9 +150,9 @@ function display_account_form($SID,$A,$U="",$T="",$S="", # process form input from a new/edit account form # -function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", +function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="", $P="",$C="",$R="",$L="",$I="",$N="",$UID=0) { - # SID: the session id from the cookie + # UTYPE: The user's account type # TYPE: either "edit" or "new" # A: what parent "form" name to use # U: value to display for username @@ -162,8 +170,6 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", # error check and process request for a new/modified account # global $SUPPORTED_LANGS; - dbug("=> process_account_form"); - dbug(" A=$A,U=$U,T=$T,S=$S,E=$E,P=$P,C=$C,R=$R,L=$L,I=$I,N=$N"); $dbh = db_connect(); $error = ""; @@ -187,6 +193,9 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", if (!$error && !valid_email($E)) { $error = __("The email address is invalid."); } + if ($UTYPE == "Trusted User" && $T == 3) { + $error = __("A Trusted User cannot assign Developer status."); + } if (!$error && !array_key_exists($L, $SUPPORTED_LANGS)) { $error = __("Language is not currently supported."); } @@ -196,6 +205,9 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", # $q = "SELECT COUNT(*) AS CNT FROM Users "; $q.= "WHERE Username = '".mysql_escape_string($U)."'"; + if ($TYPE == "edit") { + $q.= " AND ID != ".intval($UID); + } $result = db_query($q, $dbh); if ($result) { $row = mysql_fetch_array($result); @@ -211,6 +223,9 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", # $q = "SELECT COUNT(*) AS CNT FROM Users "; $q.= "WHERE Email = '".mysql_escape_string($E)."'"; + if ($TYPE == "edit") { + $q.= " AND ID != ".intval($UID); + } $result = db_query($q, $dbh); if ($result) { $row = mysql_fetch_array($result); @@ -222,7 +237,7 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", } if ($error) { print "".$error."
\n"; - display_account_form($SID, $A, $U, $T, $S, $E, "", "", + display_account_form($UTYPE, $A, $U, $T, $S, $E, "", "", $R, $L, $I, $N, $UID); } else { if ($TYPE == "new") { @@ -259,11 +274,19 @@ function process_account_form($SID,$TYPE,$A,$U="",$T="",$S="",$E="", # no errors, go ahead and modify the user account # $q = "UPDATE Users SET "; - $q.= "AccountTypeID = ".intval($T); - $q.= ", Suspended = ".intval($S); - $q.= ", Username = '".mysql_escape_string($U)."'"; + $q.= "Username = '".mysql_escape_string($U)."'"; + if ($T) { + $q.= ", AccountTypeID = ".intval($T); + } + if ($S) { + $q.= ", Suspended = 1"; + } else { + $q.= ", Suspended = 0"; + } $q.= ", Email = '".mysql_escape_string($E)."'"; - $q.= ", Passwd = '".mysql_escape_string($P)."'"; + if ($P) { + $q.= ", Passwd = '".mysql_escape_string($P)."'"; + } $q.= ", RealName = '".mysql_escape_string($R)."'"; $q.= ", LangPreference = '".mysql_escape_string($L)."'"; $q.= ", IRCNick = '".mysql_escape_string($I)."'"; @@ -340,7 +363,6 @@ function search_accounts_form() { print "
 "; + print " 
    "; print "   "; print "
"; - $edit_url = "/account.php?Action=DisplayAccount&ID=".$row["ID"]; - print ""; - print "Edit