Beispiel #1
0
#
# Igoan is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation in the version 2 of the License.
#
# Igoan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Igoan; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
require_once 'igoan/User.class';
$me = user_get_by_id($_SESSION['id']);
if (!$me) {
    append_error_exit('User ID inexistent.');
}
if (!$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
?>
<h1>Gestion des users</h1>

<p>
Voici la liste complète des utilisateurs.
</p>

<?php 
$users = user_get_all();
Beispiel #2
0
if (!$me) {
    append_error_exit('User ID inexistent.');
}
if (!$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
?>
<h1>Gestion des projets</h1>

<p>
Voici la liste complète des projets.
</p>

<?php 
$projs = project_get_all();
if (!count($projs)) {
    echo '<p><em>Il n\'y a pas de projet dans la base actuellement.</em></p>';
} else {
    echo '<table><tr><th>id_prj</th><th>name_prj</th><th>shortname</th><th>homepage</th><th>date_prj</th><th>description</th></tr>';
    foreach ($projs as $id_prj) {
        $prj = project_get_by_id($id_prj);
        echo '<tr><td>' . $id_prj . '</td><td>' . $prj->get_name_prj() . '</td><td>' . $prj->get_shortname() . '</td><td>' . $prj->get_url_prj() . '</td><td>' . $prj->get_date_prj() . '</td><td>' . $prj->get_desc_prj() . '</td></tr>';
        $admins = $prj->list_admins();
        echo "poof";
        foreach ($admins as $id_adm) {
            $adm = user_get_by_id($id_adm);
            echo '<tr><th>Admin</th><td colspan="5">' . $adm->get_name_user() . '</td></tr>';
        }
    }
    echo '</table>';
}
Beispiel #3
0
function user_get_by_login($login)
{
    $result = sql_do('SELECT id_user FROM users WHERE login=\'' . str($login) . '\'');
    if ($result->numRows() != 1) {
        return 0;
    }
    $row = $result->fetchRow();
    return user_get_by_id($row[0]);
}
Beispiel #4
0
    if ($chpasswd_val) {
        global $passwd, $passwd_confirm;
        if ($passwd != $passwd_confirm) {
            add_info('Ошибка подтверждеия пароля. Пароль не был обновлен.');
        } else {
            $arr['password'] = '******' . addslashes(user_password_hash(user_login(), stripslashes($passwd))) . '")';
        }
    }
    if (count($arr) > 0) {
        db_update('user', $arr, '`id`=' . user_id());
        if (isset($arr['password'])) {
            user_authorize(user_login(), stripslashes($passwd));
        }
    }
}
$u = user_get_by_id(user_id());
$f = new CVCForm();
$f->Init('', 'action=.?action\\=save' . ($redirect != '' ? '&redirect=' . prepare_arg($redirect) . ';backlink=' . prepare_arg($redirect) : '') . ';method=POST;add_check_func=check;');
$f->AppendLabelField('Имя пользователя', '', $u['name']);
$f->AppendLabelField('Логин', '', $u['login']);
if ($u['email'] != '') {
    $f->AppendCustomField(array('src' => '<table class="clear" width="100%"><tr><td width="30%">E-Mail</td><td><input id="email" name="email" type="text" class="txt block" value="' . htmlspecialchars($u['email']) . '"></td></tr></table>' . '<button class="block" type="button" onclick="check_frm_email ();" style="margin-top: 4px;">Проверить</button>' . '<div id="email_check_res" style="display: none;"></div>'));
}
$f->AppendCustomField(array('title' => '<input type="checkbox" class="cb pointer" value="1" onclick="fchpasswd (this);" id="chpasswd" name="chpasswd_val"><span class="pointer" onclick="var e=getElementById (\'chpasswd\'); e.checked=!e.checked; fchpasswd (e);">Сменить пароль</span>', 'src' => '<div id="passwd_block" class="invisible">' . '<table class="clear" width="100%"><tr><td width="85">Новый пароль</td><td style="padding-bottom: 2px;"><input type="password" class="txt block" id="passwd" name="passwd" onkeyup="check_passwd ();" onchange="check_passwd ();"></td></tr>' . '<tr><td>Подтверждение</td><td style="padding-top: 2px;"><input type="password" class="txt block" id="passwd_confirm" name="passwd_confirm" onkeyup="check_passwd ();" onchange="check_passwd ();"></td></tr>' . '</table><div id="passwd_msg"></div></div>'));
?>

<script language="JavaScript" type="text/JavaScript">
  var chp=false;

  function check_passwd () {
    var passwd  = getElementById ('passwd').value;
Beispiel #5
0
 * Copyright (c) 2008-2009 Sergey I. Sharybin <*****@*****.**>
 *
 * This program can be distributed under the terms of the GNU GPL.
 * See the file COPYING.
 */
if ($PHP_SELF != '') {
    print 'HACKERS?';
    die;
}
global $id, $page;
formo('title=Редактирование пользователя;');
$glist = security_groups();
$max_login_len = opt_get('max_user_login_len');
$max_name_len = opt_get('max_user_name_len');
$max_passwd_len = opt_get('max_user_passwd_len');
$user = user_get_by_id($id);
?>
<script language="JavaScript" type="text/javascript">
  var gDesc = new Array ();
<?php 
foreach ($glist as $k => $g) {
    ?>
  gDesc[<?php 
    echo $g['access'];
    ?>
]='<?php 
    echo addslashes($g['desc']);
    ?>
';
<?php 
}
Beispiel #6
0
$list = $request->list_authors();
if ($list) {
    foreach ($list as $author_id) {
        $author = user_get_by_id($author_id);
        if ($author) {
            $d_authors .= ', <a href="/user/view.php?id=' . $author->get_id_user() . '">' . $author->get_name_user() . '</a>';
        }
    }
    $d_authors = '<dl><dt> Author(s): </dt><dd>' . substr($d_authors, 2) . '.</dd></dl>';
}
// ADMINS LIST (project admins + maintainers)
$d_admins = '';
$list = $my_branch->list_admins();
if ($list) {
    foreach ($list as $tmpid) {
        $tmp = user_get_by_id($tmpid);
        if ($tmp) {
            $d_admins .= ', <a href="/user/view.php?id=' . $tmp->get_id_user() . '">' . $tmp->get_name_user() . '</a>';
        }
    }
    $d_admins = '<dl><dt> Admin(s): </dt><dd>' . substr($d_admins, 2) . '.</dd></dl>';
}
// PLATFORMS
$d_pfs = '';
$list = $request->list_platforms();
if ($list) {
    foreach ($list as $pf_id) {
        $pf = platform_get_by_id($pf_id);
        if ($pf) {
            $d_pfs .= ', ' . $pf->get_name_pf();
        }
Beispiel #7
0
 function user_update($id, $name, $email, $access, $groups = array(), $passwd = '')
 {
     if (!user_check_fields(CORRECT_LOGIN, $name, $passwd, $email, false, $id)) {
         return false;
     }
     $info = user_get_by_id($id);
     $name = htmlspecialchars(addslashes($name));
     $email = addslashes($email);
     $update = array('name' => "\"{$name}\"", 'email' => "\"{$email}\"", 'access' => "access");
     if ($passwd != '') {
         $update['password'] = '******' . addslashes(user_password_hash($info['login'], $passwd)) . '")';
     }
     db_update('user', $update, "`id`={$id}");
     user_delete_from_unset_groups($id, $groups);
     user_add_to_groups($id, $groups);
     return true;
 }
function login_box()
{
    $me = user_get_by_id($_SESSION['id']);
    ?>
	<div class="stuff">
	<div class="login"><?php 
    if ($me) {
        ?>
		<h4> Logged as <?php 
        echo $me->get_login();
        ?>
 </h4>
	<div class="loggued">
		<p>
			<a href="<?php 
        echo REMOTE_PATH;
        ?>
/user/view.php" title="Go to my personal page">My personal page</a><br />
			<a href="<?php 
        echo REMOTE_PATH;
        ?>
/user/edit.php" title="Edit my own informations">Edit my infos</a><br />
			<!-- <a href="<?php 
        echo REMOTE_PATH;
        ?>
/user/logout.php?referer=<?php 
        echo htmlentities(urlencode($_SERVER['REQUEST_URI']));
        ?>
" title="Logout">Logout</a><br /> -->
			<a href="<?php 
        echo REMOTE_PATH;
        ?>
/user/logout.php" title="Logout">Logout</a><br />
		</p><?php 
        $projects_id = $me->list_projects();
        if ($projects_id) {
            $my_projects = '<h5> My projects: </h5><ul>';
            foreach ($projects_id as $id_prj) {
                $prj = project_get_by_id($id_prj);
                if (!$prj) {
                    continue;
                }
                $my_projects .= '<li><a href="' . REMOTE_PATH . '/project/view.php?id_prj=' . $prj->get_id_prj() . '">' . $prj->get_name_prj() . '</a><br />';
                $my_projects .= '</li>';
            }
            echo $my_projects . '</ul>';
        }
        ?>
<!--	<h5> My projects: </h5>
		<ul>
			<li> <a href="#">Arkhart</a><br />
			<ul>
			<li><a href="#">Add a branch</a></li>
			<li><a href="#">Add a release</a></li>
			</ul>
			</li>
			<li> <a href="#">Igoan</a><br />
			<ul>
			<li><a href="#">Add a release</a></li>
			</ul>
			</li>
		</ul> -->
		<p>
			<a href="<?php 
        echo REMOTE_PATH;
        ?>
/project/new_project.php" title="Register a new project">New project</a>
		</p>
	</div><?php 
    } else {
        ?>
	<h4> Login: </h4>
	<form action="<?php 
        echo REMOTE_PATH;
        ?>
/user/login.php">
	<div>
		<label for="username"> Username: </label><br />
		<input title="Your igoan user name." id="username" name="login" type="text" /><br />
		<label for="password"> Password: </label><br />
		<input title="Your igoan user password." id="password" name="passwd" type="password" /><br />
		<input type="submit" style="margin-top: 0.2em" name="submit" value="Submit !" />
		<input type="hidden" name="referer" value="<?php 
        echo $_SERVER['REQUEST_URI'];
        ?>
" />
	</div>
	</form>
	<h4><small><a href="<?php 
        echo REMOTE_PATH;
        ?>
/user/new.php">Register</a></small></h4>
<?php 
    }
    ?>
		</div>
	<br style="clear: both;" />
<?php 
}
Beispiel #9
0
            }
        }
    }
    // verif real name existant
    if (!isset($_GET['name']) or empty($_GET['name'])) {
        append_error('You must supply a real name.');
    }
    // verif email existant
    if (!isset($_GET['email']) or empty($_GET['email'])) {
        append_error('You must supply an email address.');
    }
    // si pas d'erreur,
    if (!errors()) {
        $newid = user_new($_GET['login'], $_GET['name'], $_GET['email']);
        if ($newid) {
            $new = user_get_by_id($newid);
            if ($new) {
                // envoi de l'email
                error_reporting(2047);
                mail($_GET['email'], '[igoan] Account registration confirmation', 'This email is a confirmation of your registration to Igoan,
the free directory project.

You have entered the following:
  Name: ' . $_GET['name'] . '
  Login name: ' . $_GET['login'] . '
  Email: ' . $_GET['email'] . '

Your automatically generated password is \'' . $new->get_passwd() . '\'.
You have to login with your newly created account on the Igoan website
(http://www.igoan.org/user/login.php) and change your password to
activate your account.
Beispiel #10
0
# You should have received a copy of the GNU General Public License
# along with Igoan; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
require_once 'igoan/User.class.php';
require_once 'igoan/Project.class.php';
require_once 'igoan/Branch.class.php';
require_once 'igoan/Release.class.php';
if (isset($_GET['id'])) {
    $requested = user_get_by_id($_GET['id']);
    if (!$requested) {
        append_error("Error: unknow user id ({$_GET['id']})");
    }
} else {
    if ($_SESSION['id']) {
        $requested = user_get_by_id($_SESSION['id']);
        if (!$requested) {
            append_error("Error: unknow user id ({$_SESSION['id']})");
        }
    } else {
        append_error('Error: no user id given');
    }
}
if (errors()) {
    flush_errors_exit();
}
// MISC
$d_misc = '';
$igoan_admin = '';
$valid_account = '';
if ($requested->is_global_admin()) {