/** * We need to update the user groups */ private function UpdateUserGroups() { $db =& $this->db; // Get all the current users in the system $SQL = "SELECT UserID, groupID, UserName FROM `user`"; if (!($result = $db->query($SQL))) { reportError('20.php', "Error creating user groups" . $db->error()); } while ($row = $db->get_assoc_row($result)) { // For each display create a display group and link it to the display $ugid = 0; $userID = Kit::ValidateParam($row['UserID'], _INT); $groupID = Kit::ValidateParam($row['groupID'], _INT); $username = Kit::ValidateParam($row['UserName'], _STRING); $ug = new UserGroup($db); // For each one create a user specific group if (!($ugId = $ug->Add($username, 1))) { reportError('20.php', "Error creating user groups" . $db->error()); } // Link to the users own userspecific group and also to the one they were already on $ug->Link($ugId, $userID); $ug->Link($groupID, $userID); } }
function getGroupFromID($id, $returnID = false) { $db =& $this->db; $SQL = ""; $SQL .= "SELECT group.group, "; $SQL .= " group.groupID "; $SQL .= "FROM `user` "; $SQL .= " INNER JOIN lkusergroup "; $SQL .= " ON lkusergroup.UserID = user.UserID "; $SQL .= " INNER JOIN `group` "; $SQL .= " ON group.groupID = lkusergroup.GroupID "; $SQL .= sprintf("WHERE `user`.userid = %d ", $id); $SQL .= "AND `group`.IsUserSpecific = 1"; if (!($results = $db->query($SQL))) { trigger_error($db->error()); trigger_error("Error looking up user information (group)", E_USER_ERROR); } if ($db->num_rows($results) == 0) { // Every user should have a group? // Add one in! Kit::ClassLoader('usergroup'); $userGroupObject = new UserGroup($db); if (!($groupID = $userGroupObject->Add($this->getNameFromID($id), 1))) { // Error trigger_error(__('User does not have a group and we are unable to add one.'), E_USER_ERROR); } // Link the two $userGroupObject->Link($groupID, $id); if ($returnID) { return $groupID; } return 'Unknown'; } $row = $db->get_row($results); if ($returnID) { return $row[1]; } return $row[0]; }
/** * Adds a user * @param string $password * @param int $initialGroupId * @return bool */ public function add($password, $initialGroupId) { // Validation if ($this->userName == '' || strlen($this->userName) > 50) { return $this->SetError(__('User name must be between 1 and 50 characters.')); } if ($password == '') { return $this->SetError(__('Please enter a Password.')); } if ($this->homePage == '') { $this->homePage = "dashboard"; } // Test the password if (!$this->testPasswordAgainstPolicy($password)) { return false; } try { $dbh = PDOConnect::init(); // Check for duplicate user name $sth = $dbh->prepare('SELECT UserName FROM `user` WHERE UserName = :userName'); $sth->execute(array('userName' => $this->userName)); $results = $sth->fetchAll(); if (count($results) > 0) { $this->ThrowError(__('There is already a user with this name. Please choose another.')); } // Ready to enter the user into the database $password = md5($password); // Run the INSERT statement $SQL = 'INSERT INTO user (UserName, UserPassword, usertypeid, email, homepage) VALUES (:userName, :password, :userTypeId, :email, :homePage)'; $insertSth = $dbh->prepare($SQL); $insertSth->execute(array('userName' => $this->userName, 'password' => $password, 'userTypeId' => $this->userTypeId, 'email' => $this->email, 'homePage' => $this->homePage)); // Get the ID of the record we just inserted $this->userId = $dbh->lastInsertId(); // Add the user group $userGroupObject = new UserGroup(); $groupId = $userGroupObject->Add($this->userName, 1); // Link them $userGroupObject->Link($groupId, $this->userId); // Link the initial group $userGroupObject->Link($initialGroupId, $this->userId); return true; } catch (Exception $e) { Debug::Error($e->getMessage()); if (!$this->IsError()) { $this->SetError(1, __('Unknown Error')); } return false; } }
/** * Adds a group * @return */ function Add() { // Check the token if (!Kit::CheckToken()) { trigger_error('Token does not match', E_USER_ERROR); } $db =& $this->db; $response = new ResponseManager(); $group = Kit::GetParam('group', _POST, _STRING); $userGroupObject = new UserGroup($db); if (!$userGroupObject->Add($group, 0)) { trigger_error($userGroupObject->GetErrorMessage(), E_USER_ERROR); } $response->SetFormSubmitResponse(__('User Group Added'), false); $response->Respond(); }
/** * Adds a user * * @return unknown */ function AddUser() { // Check the token if (!Kit::CheckToken()) { trigger_error('Token does not match', E_USER_ERROR); } $db =& $this->db; $response = new ResponseManager(); $username = Kit::GetParam('username', _POST, _STRING); $password = Kit::GetParam('password', _POST, _STRING); $email = Kit::GetParam('email', _POST, _STRING); $usertypeid = Kit::GetParam('usertypeid', _POST, _INT); $homepage = Kit::GetParam('homepage', _POST, _STRING); $initialGroupId = Kit::GetParam('groupid', _POST, _INT); // Validation if ($username == "") { trigger_error("Please enter a User Name.", E_USER_ERROR); } if ($password == "") { trigger_error("Please enter a Password.", E_USER_ERROR); } if ($homepage == "") { $homepage = "dashboard"; } // Test the password Kit::ClassLoader('userdata'); $userData = new Userdata($db); if (!$userData->TestPasswordAgainstPolicy($password)) { trigger_error($userData->GetErrorMessage(), E_USER_ERROR); } // Check for duplicate user name $sqlcheck = " "; $sqlcheck .= sprintf("SELECT UserName FROM user WHERE UserName = '******'", $db->escape_string($username)); if (!($sqlcheckresult = $db->query($sqlcheck))) { trigger_error($db->error()); trigger_error("Cant get this user's name. Please try another.", E_USER_ERROR); } if ($db->num_rows($sqlcheckresult) != 0) { trigger_error("Could Not Complete, Duplicate User Name Exists", E_USER_ERROR); } // Ready to enter the user into the database $password = md5($password); // Run the INSERT statement $query = "INSERT INTO user (UserName, UserPassword, usertypeid, email, homepage)"; $query .= " VALUES ('{$username}', '{$password}', {$usertypeid}, '{$email}', '{$homepage}')"; if (!($id = $db->insert_query($query))) { trigger_error($db->error()); trigger_error("Error adding that user", E_USER_ERROR); } // Add the user group $userGroupObject = new UserGroup($db); if (!($groupID = $userGroupObject->Add($username, 1))) { // We really want to delete the new user... //TODO: Delete the new user // And then error trigger_error($userGroupObject->GetErrorMessage(), E_USER_ERROR); } $userGroupObject->Link($groupID, $id); // Link the initial group $userGroupObject->Link($initialGroupId, $id); $response->SetFormSubmitResponse('User Saved.'); $response->Respond(); }