function __default() { $this->form =& new JxHtmlForm(); $this->page->title = 'Login'; $container =& new JxHtmlFormContainer('Login'); $container->label = 'Login'; if (isset($_GET['email']) && !isset($_POST['login'])) { $_POST['login'] = $_GET['email']; } if (isset($_GET['password']) && !isset($_POST['password'])) { $_POST['password'] = $_GET['password']; } if (JX_LOGIN_TYPE == 'email') { $field =& new JxFieldEmail('login', $_POST['login']); $field->label = 'Email'; $field->required = true; $container->addComponent($field); } elseif (JX_LOGIN_TYPE == 'username') { $field =& new JxFieldString('login', $_POST['login']); $field->label = 'Username'; $field->required = true; $container->addComponent($field); } else { return new PEAR_Error('Invalid JX_LOGIN_TYPE: ' . JX_LOGIN_TYPE); } $field =& new JxFieldPassword('password', $_POST['password'], 15, 15); $field->label = '&Password'; $field->required = true; $container->addComponent($field); $field =& new JxFieldSubmit('button', 'Login!'); $container->addComponent($field); $this->form->addComponent($container); if (is_array($_POST) && count($_POST)) { $sql = "SELECT *\n FROM users\n WHERE " . JX_LOGIN_TYPE . "='" . $_POST['login'] . "'"; $result = $this->db->getRow($sql); if (!JxUser::isError($result)) { if ($result['password'] != $_POST['password']) { $this->form->throwError('password', 'Invalid password'); } } else { $this->form->throwError('login', 'Invalid login'); } } if (!$this->form->isValid()) { $this->setData('loginForm', $this->form->getForm()); } else { $data = $this->form->getData(); $session =& new JxSession(); if (!JxSession::isError($session)) { $session->create($data['login']); JxHttp::redirect(); } } }
function render() { $this->form =& new JxHtmlForm(); $this->form->method = "get"; $this->form->action = $_SERVER['SCRIPT_NAME'] . '/jax/' . 'eventHandler=admin/module=system/form=JxAdminAdmins'; $template =& new JxTemplate(JX_HOSTED_PATH . '/modules/system/tpl'); if (strlen($_GET['email'])) { $user =& new JxUser($_GET['email']); if (!JxUser::isError($user)) { $sql = "UPDATE users\n SET admin=1\n WHERE email='" . $_GET['email'] . "'"; $result = $this->db->query($sql); if (!DB::isError($result)) { $sql = "INSERT INTO groups_users\n SET groupID='" . JX_GRP_ADMIN . "',\n userID='" . $user->userID . "'"; $result = $this->db->query($sql); if (!DB::isError($result)) { $container =& new JxHtmlFormContainer('msg'); $container->label = 'Messages'; $field =& new JxFieldHtml('Admin permissions granted to ' . $user->email); $container->addComponent($field); $this->form->addComponent($container); $this->log->log($this->user->email . ' granted administrative ' . 'privileges to ' . $user->email); } } } } if ((int) $_GET['delete'] > 0) { $user =& new JxUser((int) $_GET['delete']); if (!JxUser::isError($user)) { $sql = "UPDATE users\n SET admin=0\n WHERE userID='" . $_GET['delete'] . "'"; $result = $this->db->query($sql); if (!DB::isError($result)) { $sql = "DELETE\n FROM groups_users\n WHERE groupID='" . JX_GRP_ADMIN . "' AND\n userID='" . $user->userID . "'"; $result = $this->db->query($sql); if (!DB::isError($result)) { $container =& new JxHtmlFormContainer('msg'); $container->label = 'Messages'; $field =& new JxFieldHtml('Admin permissions for ' . $user->email . ' have been revoked '); $container->addComponent($field); $this->form->addComponent($container); } } } } $sql = "SELECT *\n FROM users\n WHERE admin=1 AND userID != 1\n ORDER BY email"; $result = $this->db->query($sql); if (!DB::isError($result) && $result->numRows()) { $admins = array(); while ($row = $result->fetchRow()) { $admins[] = $row; } $template->assign('admins', $admins); } $container =& new JxHtmlFormContainer('admin'); $container->label = 'Site Administrators'; $field =& new JxFieldEmail('email', $_POST['email']); $field->label = 'Email Address'; $field->required = true; $container->addComponent($field); $field =& new JxFieldSubmit('button', 'Make an Administrator'); $container->addComponent($field); $this->form->addComponent($container); $template->assign('form', $this->form->getForm()); return $template->fetch('JxAdminAdmins.tpl'); }
function render() { if (strlen($_GET['email'])) { $user =& new JxUser($_GET['email']); if (!JxUser::isError($user)) { $groups = JxGroup::getGroups(); $form =& new JxHtmlForm(); $hbox =& new JxHbox('users'); if (is_array($_POST['groups']) && count($_POST['groups'])) { $sql = "DELETE \n FROM groups_users\n WHERE userID='" . $user->userID . "'"; $result = $this->db->query($sql); for ($i = 0; $i < count($_POST['groups']); ++$i) { $sql = "INSERT INTO groups_users\n SET groupID='" . $_POST['groups'][$i] . "',\n userID='" . $user->userID . "'"; $result = $this->db->query($sql); } $user =& new JxUser($_GET['email']); } if (isset($_POST['available']) && in_array($_POST['available'], array(0, 1))) { $sql = "UPDATE users\n SET available='" . $_POST['available'] . "'\n WHERE userID='" . $user->userID . "'"; $result = $this->db->query($sql); $user =& new JxUser($_GET['email']); } if (strlen($_POST['newpass'])) { $sql = "UPDATE users \n SET password='******'newpass'] . "'\n WHERE userID='" . $user->userID . "'"; $result = $this->db->query($sql); $_POST['newpass'] = ''; } $sql = "SELECT *\n FROM users_sessions\n WHERE userID='" . $user->userID . "'\n ORDER BY posted DESC\n LIMIT 10"; $result = $this->db->query($sql); if (!DB::isError($result) && $result->numRows()) { $session = '<table width="100%" cellspacing="0">' . "\n"; $session .= '<tr><td><b>Date</b></td><td><b>Time</b></td></tr>' . "\n"; while ($row = $result->fetchRow()) { $bg = ++$i % 2 == 0 ? '#cccccc' : '#ffffff'; $date = date("D M dS, Y", $row['posted']); $time = date("h:i:s A T", $row['posted']); $session .= ' <tr bgcolor=' . $bg . '> <td style="font-family: courier">' . $date . '</td> <td style="font-family: courier">' . $time . '</td> </tr> '; } $session .= '</table>' . "\n"; } $container =& new JxHtmlFormContainer('users'); $container->label = 'User Information'; $field =& new JxFieldStatic('email', $_GET['email']); $field->label = 'Email Address'; $field->required = true; $field->title = $_GET['email']; $container->addComponent($field); $field =& new JxFieldCheckbox('groups[]', $groups, $user->getGroups()); $field->label = 'Groups'; $field->required = true; $container->addComponent($field); $arr = array('0' => 'Disabled', '1' => 'Enabled'); $field =& new JxFieldSelect('available', $arr, $user->available); $field->label = 'Status'; $field->required = false; $container->addComponent($field); $field =& new JxFieldText('newpass', $_POST['newpass'], 15, 15); $field->label = 'New Password'; $field->required = false; $container->addComponent($field); $field =& new JxFieldSubmit('button', 'Update Account'); $container->addComponent($field); $hbox->addComponent($container); $container =& new JxHtmlFormContainer('sessions'); $container->label = 'Last 10 Logins'; $field =& new JxFieldHtml($session); $container->addComponent($field); $hbox->addComponent($container); $form->addComponent($hbox); $css = <<<EOT <style type="text/css"> td.JxHboxuserstd { width: 50%; } table.JxHboxusers { width: 100%; } </style> EOT; return $css . $form->getForm(); } else { return 'Invalid email address!'; } } else { $form =& new JxHtmlForm(); $container =& new JxHtmlFormContainer('usersearch'); $container->label = 'Search Users'; $field =& new JxFieldText('email', $_POST['email']); $field->label = 'Email contains'; $field->required = false; $container->addComponent($field); $groups = JxGroup::getGroups(); $field =& new JxFieldCheckbox('groups[]', $groups, $_POST['groups']); $field->label = 'Groups'; $field->required = false; $container->addComponent($field); $field =& new JxFieldSubmit('button', 'Search Users'); $container->addComponent($field); $form->addComponent($container); if (!$form->isValid()) { return $form->getForm(); } else { $data = $form->getData(); $sql = "SELECT U.*,S.posted AS last\n FROM users AS U, users_sessions AS S, groups_users AS G\n WHERE U.userID=S.userID AND \n U.userID=G.userID AND\n U.available = 1"; $where = array(); if (strlen($data['email'])) { $where[] = " AND U.email LIKE '%" . $data['email'] . "%'"; } if (isset($_POST['groups']) && count($_POST['groups'])) { $where[] = " AND G.groupID IN ('" . implode("','", $_POST['groups']) . "')"; } $sql .= implode("\n", $where); $sql .= "\nGROUP BY U.userID"; $result = $this->db->query($sql); if (!DB::isError($result) && $result->numRows()) { $ret = '<table width="100%" cellspacing="0">' . "\n"; $ret .= '<tr> <td><b>User ID</b></td> <td><b>Last Name</b></td> <td><b>First Name</b></td> <td><b>Email</b></td> <td><b>Created On</b></td> <td><b>Last Login</b></td> </tr>' . "\n"; while ($row = $result->fetchRow()) { $ret .= ' <tr> <td><a href="' . $_SERVER['REQUEST_URI'] . '/email=' . $row['email'] . '">' . $row['userID'] . '</td> <td>' . $row['lname'] . '</td> <td>' . $row['fname'] . '</td> <td><a href="mailto:' . $row['email'] . '">' . $row['email'] . '</a></td> <td>' . date("Y-m-d", $row['posted']) . '</td> <td>' . date("Y-m-d", $row['last']) . '</td> </tr>' . "\n"; } $ret .= '</table>'; } else { $ret = 'No users found matching that criteria'; } return $ret; } } }