<?php
require '../../vendor/autoload.php';
require '../tools.php';
use PermissionsManager\PermissionsManager;
use PermissionsManager\Models\Users;
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$users = $pm->getUsers()->getAllUsers();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="index.css" type="text/css">
<script src="../jquery-1.11.3.min.js"></script>
<script src="index.js"></script>
<title>Users</title>
</head>
<body>
<p><a href="<?php
echo BASE_URL;
?>
/">Home</a></p>
<div id="messages"></div>
<div id="users">
<h2>Users</h2>
<div id="menubar">
<a href="add.php" id="add">Add</a>
<?php
if (count($users) > 0) {
?>
<?php
require '../../vendor/autoload.php';
require '../tools.php';
use PermissionsManager\PermissionsManager;
use PermissionsManager\Models\Users;
if (!isset($_GET['id'])) {
die('User id to edit is missing from request URL.');
}
$user_id_to_edit = $_GET['id'];
if (!hasOnlyDigits($user_id_to_edit)) {
die('Wrong User id format, only digits are allowed.');
}
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$user_to_edit = $pm->getUsers()->getUserById($user_id_to_edit);
if (count($user_to_edit) < 1) {
die('No User exists having the requested id.');
}
$method = isset($_SERVER['REQUEST_METHOD']) ? mb_strtolower($_SERVER['REQUEST_METHOD']) : '';
$errors = [];
$is_post = false;
if ($method == 'post') {
$is_post = true;
$first_name = isset($_POST['user_first_name']) && $_POST['user_first_name'] != '' ? $_POST['user_first_name'] : NULL;
$last_name = isset($_POST['user_last_name']) && $_POST['user_last_name'] != '' ? $_POST['user_last_name'] : NULL;
$username = isset($_POST['user_username']) ? $_POST['user_username'] : '';
$password = isset($_POST['user_password']) ? $_POST['user_password'] : '';
$email_address = isset($_POST['user_email_address']) ? $_POST['user_email_address'] : '';
$status = isset($_POST['user_status']) ? $_POST['user_status'] : '';
if (strlen($username) < 1 || strlen($username) > 128) {
$errors[] = 'Username length must be 1..128.';
<?php
$method = isset($_SERVER['REQUEST_METHOD']) ? mb_strtolower($_SERVER['REQUEST_METHOD']) : '';
if ($method !== 'post') {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: Request method is not supported.']]);
die;
}
if (!isset($_POST['usersToDelete'])) {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: No Users to delete']]);
die;
}
if (!is_array($_POST['usersToDelete'])) {
header('Content-Type: application/json');
echo json_encode(['messages' => ['Error: No Users to delete.']]);
die;
}
require '../../vendor/autoload.php';
require '../tools.php';
use PermissionsManager\PermissionsManager;
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$u = $pm->getUsers();
foreach ($_POST['usersToDelete'] as $user_id) {
$u->deleteUserById($user_id);
}
header('Content-Type: application/json');
echo json_encode(['redirect' => BASE_URL . '/users/']);
}
if (strlen($password) < 1 || strlen($password) > 512) {
$errors[] = 'Password length must be 1..512.';
}
if (strlen($email_address) < 1 || strlen($email_address) > 128) {
$errors[] = 'Email address length must be 1..128.';
}
if (filter_var($email_address, FILTER_VALIDATE_EMAIL) == FALSE) {
$errors[] = 'Email address is not valid.';
}
if ($status !== 'active' && $status !== 'inactive') {
$errors[] = 'You must select status.';
}
if (count($errors) < 1) {
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$re = $pm->getUsers()->addUser(['first_name' => $first_name, 'last_name' => $last_name, 'username' => $username, 'email_address' => $email_address, 'password' => md5($password), 'status' => $status == 'active' ? Users::USER_STATUS_ACTIVE : Users::USER_STATUS_INACTIVE]);
if ($re < 1) {
if ($re === Users::USERNAME_ALREADY_EXISTS) {
$errors[] = 'Username exists, please choose another one.';
} else {
if ($re === Users::EMAILADDRESS_ALREADY_EXISTS) {
$errors[] = 'Email address exists, please choose another one.';
} else {
$errors[] = 'Unknown error, please contact administrator.';
}
}
} else {
redirect(BASE_URL . '/users/');
}
}
}
echo BASE_URL;
?>
/http_requests/">Http Requests</a>
</p>
<hr>
<?php
$pm = new PermissionsManager(include '../src/PermissionsManager/config.php');
echo "<pre>";
echo "GROUPS:" . "<br>\n";
print_r($pm->getUserGroups(1));
echo "<br>\n";
echo "HTTP REQUESTS:" . "<br>\n";
$user_http_requests = $pm->getUserHttpRequests(1);
print_r($user_http_requests);
echo "<br>\n";
echo "MENUS:" . "<br>\n";
print_r($pm->getUserMenus(1));
echo "<br>\n";
$test_requests = [0 => ['get', '/contact'], 1 => ['get', '/'], 2 => ['get', '/login'], 3 => ['post', '/login'], 4 => ['post', '/'], 5 => ['delete', '/contact'], 6 => ['get', '/logout'], 7 => ['put', '/user']];
foreach ($test_requests as $req) {
echo "Request method: {$req['0']}<br>\n";
echo "Request value: {$req['1']}<br>\n";
echo 'Results: ' . ($pm->userCanAccessHttpRequest($user_http_requests, $req[0], $req[1]) ? 'TRUE' : 'FALSE') . "<br>\n";
echo "-------------------------------------<br>\n";
}
echo "</pre>" . "<br>\n";
echo $pm->getUsers()->addUser(['username' => 'john1', 'email_address' => '*****@*****.**', 'password' => md5('1234')]);
?>
</body>
</html>
<?php
use PermissionsManager\PermissionsManager;
use PermissionsManager\Models\Users;
require '../../vendor/autoload.php';
require '../tools.php';
if (!isset($_GET['id'])) {
die('User id is missing from request URL.');
}
$user_id_to_edit_for_relations = $_GET['id'];
if (!hasOnlyDigits($user_id_to_edit_for_relations)) {
die('Wrong User id format, only digits are allowed.');
}
$pm = new PermissionsManager(include '../../src/PermissionsManager/config.php');
$user_to_edit_for_relations = $pm->getUsers()->getUserById($user_id_to_edit_for_relations);
if (count($user_to_edit_for_relations) < 1) {
die('No User exists having the requested id.');
}
$assigned_groups = $pm->getUsers()->getAssignedGroups($user_to_edit_for_relations['id']);
$method = isset($_SERVER['REQUEST_METHOD']) ? mb_strtolower($_SERVER['REQUEST_METHOD']) : '';
$errors = [];
$is_post = false;
if ($method == 'post') {
$is_post = true;
if (!isset($_POST['groups'])) {
$errors[] = 'No groups to assign, in post request.';
}
try {
$groups_to_assign = json_decode($_POST['groups']);
} catch (Exception $exc) {
$errors[] = 'Invalid groups format.';
