Fixes in tokens controller and common controller.

Added a success/failure style option to _showMessageBox() Ported User Controller git-svn-id: file:///Users/Shitiz/Downloads/lssvn/source/limesurvey_ci@10513 b72ed6b6-b9f8-46b5-92b4-906544132732
LimeSurvey · Jul 14, 2011 · f434d83 · f434d83
1 parent 38bad0b
commit f434d83
Show file tree

Hide file tree

Showing 12 changed files with 1,261 additions and 5 deletions.
diff --git a/application/controllers/admin/tokens.php b/application/controllers/admin/tokens.php
@@ -61,7 +61,7 @@ function index($surveyid)
 		//include_once("login_check.php");
 		//include_once("database.php");
 
-		$js_admin_includes[]='scripts/tokens.js';
+		//$js_admin_includes[]='scripts/tokens.js';
 		self::_js_admin_includes(base_url()."scripts/admin/tokens.js");
 
 		$this->load->helper("surveytranslator");

diff --git a/application/controllers/admin/user.php b/application/controllers/admin/user.php
diff --git a/application/core/AdminController.php b/application/core/AdminController.php
@@ -365,10 +365,11 @@ function _GetSessionUserRights($loginID)
 	    }
 	}
 
-	function _showMessageBox($title,$message)
+	function _showMessageBox($title,$message,$class="header ui-widget-header")
 	{
 		$data['title']=$title;
 		$data['message']=$message;
+		$data['class']=$class;
 
 		//self::_getAdminHeader();
 		//self::_showadminmenu();

diff --git a/application/helpers/common_helper.php b/application/helpers/common_helper.php
@@ -3568,6 +3568,28 @@ function tokenReplace($line)
     return $line;
 }
 
+/**
+ * set the rights of a user and his children
+ * 
+ * @param int $uid the user id
+ * @param mixed $rights rights array
+ */
+function setuserrights($uid, $rights)
+{
+    $CI =& get_instance();
+    $uid=sanitize_int($uid);
+	$CI->load->helper("database");
+    $updates = "create_survey=".$rights['create_survey']
+    . ", create_user=".$rights['create_user']
+    . ", delete_user=".$rights['delete_user']
+    . ", superadmin=".$rights['superadmin']
+    . ", configurator=".$rights['configurator']
+    . ", manage_template=".$rights['manage_template']
+    . ", manage_label=".$rights['manage_label'];
+    $uquery = "UPDATE ".$CI->db->dbprefix('users')." SET ".$updates." WHERE uid = ".$uid;
+    return db_select_limit_assoc($uquery);     //Checked
+}
+
 /**
  * passthruReplace() takes a string and looks for {PASSTHRULABEL}, {PASSTHRUVALUE} and {PASSTHRU:myarg} variables
  *  which it then substitutes for passthru data sent in the initial URL and stored

diff --git a/application/models/users_model.php b/application/models/users_model.php
@@ -47,6 +47,21 @@ function deleteOTPwd($user)
 		$this->db->update('users',$data);
 	}
 
+	function insert($new_user, $new_pass,$new_full_name,$parent_user,$new_email)
+	{
+		$this->load->library('admin/sha256','sha256');
+		$data=array($new_user, $this->sha256->hashing($new_pass),$new_full_name,$parent_user,$new_email);
+		$uquery = "INSERT INTO ".$this->db->dbprefix("users")." (users_name, password,full_name,parent_id,lang,email,create_survey,create_user,delete_user,superadmin,configurator,manage_template,manage_label) 
+	                   VALUES (?, ?, ?, ?, 'auto', ?,0,0,0,0,0,0,0)";
+		return $this->db->query($uquery,$data);
+	}
+
+	function update($uid,$data)
+	{
+		$this->db->where(array("uid"=>$uid));
+		return $this->db->update('users',$data);
+	}
+
 	function updateLang($uid,$postloginlang)
 	{
 		$data = array(

diff --git a/application/views/admin/Super/adminmenu.php b/application/views/admin/Super/adminmenu.php
@@ -6,7 +6,7 @@
 			if($this->session->userdata('loginID'))
 	    	{ ?>
 	 			 --  <?php echo $clang->gT("Logged in as:");?><strong>
-		        <a href="#" onclick="window.open('<?php echo site_url("admin/personalsettings");?>', '_top')" title="<?php echo $clang->gTview("Edit your personal preferences");?>">
+		        <a href="#" onclick="window.open('<?php echo site_url("admin/user/personalsettings");?>', '_top')" title="<?php echo $clang->gTview("Edit your personal preferences");?>">
 		        <?php echo $this->session->userdata('user');?> <img src='<?php echo $this->config->item('imageurl');?>/profile_edit.png' name='ProfileEdit' alt='<?php echo $clang->gT("Edit your personal preferences");?>' /></a>
 		        </strong>
 	        <?php } ?>
@@ -25,7 +25,7 @@
 	    <img src='<?php echo $this->config->item('imageurl');?>/blank.gif' alt='' width='11' />
 	    <img src='<?php echo $this->config->item('imageurl');?>/seperator.gif' alt='' />
 
-	    <a href="#" onclick="window.open('<?php echo site_url("admin/editusers");?>', '_top')" title="<?php echo $clang->gTview("Create/Edit Users");?>" >
+	    <a href="#" onclick="window.open('<?php echo site_url("admin/user/editusers");?>', '_top')" title="<?php echo $clang->gTview("Create/Edit Users");?>" >
 	    <img src='<?php echo $this->config->item('imageurl');?>/security.png' name='AdminSecurity' alt='<?php echo $clang->gT("Create/Edit Users");?>' /></a>
 
 	    <a href="#" onclick="window.open('<?php echo site_url("admin/usergroups/view");?>', '_top')" title="<?php echo $clang->gTview("Create/Edit Groups");?>" >

diff --git a/application/views/admin/Super/messagebox.php b/application/views/admin/Super/messagebox.php
@@ -1,5 +1,5 @@
 <div class='messagebox ui-corner-all'>
-	<div class='header ui-widget-header'>
+	<div class='<?php echo $class;?>'>
 		<?php echo $title;?>	
 	</div>
 	<?php echo $message;?>

diff --git a/application/views/admin/User/editusers.php b/application/views/admin/User/editusers.php
@@ -0,0 +1,132 @@
+<div class='header ui-widget-header'><?php echo $clang->gT("User control");?></div><br />
+<table id='users' class='users' width='100%' border='0'>
+<thead>
+<tr>
+<th><?php echo $clang->gT("Action");?></th>
+
+<th width='20%'><?php echo $clang->gT("Username");?></th>
+<th width='20%'><?php echo $clang->gT("Email");?></th>
+<th width='20%'><?php echo $clang->gT("Full name");?></th>
+<?php if($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1) { ?>
+    <th width='5%'><?php echo $clang->gT("No of surveys");?></th>
+<?php } ?>
+<th width='15%'><?php echo $clang->gT("Created by");?></th>
+</tr></thead><tbody>
+<tr >
+<td align='center' style='padding:3px;'>
+<form method='post' action='<?php echo site_url("admin/user/modifyuser");?>'>
+<input type='image' src='<?php echo $imageurl;?>/token_edit.png' value='<?php echo $clang->gT("Edit user");?>' />
+<input type='hidden' name='action' value='modifyuser' />
+<input type='hidden' name='uid' value='<?php echo $usrhimself['uid'];?>' />
+</form>
+
+<?php if ($usrhimself['parent_id'] != 0 && $this->session->userdata('USER_RIGHT_DELETE_USER') == 1 ) { ?>
+    <form method='post' action='$scriptname?action=deluser'>
+    <input type='submit' value='<?php echo $clang->gT("Delete");?>' onclick='return confirm("<?php echo $clang->gT("Are you sure you want to delete this entry?","js");?>")' />
+    <input type='hidden' name='action' value='deluser' />
+    <input type='hidden' name='user' value='<?php echo $usrhimself['user'];?>' />
+    <input type='hidden' name='uid' value='<?php echo $usrhimself['uid'];?>' />
+    </form>
+<?php } ?>
+
+</td>
+
+<td align='center'><strong><?php echo $usrhimself['user'];?></strong></td>
+<td align='center'><strong><?php echo $usrhimself['email'];?></strong></td>
+<td align='center'><strong><?php echo $usrhimself['full_name'];?></strong></td>
+
+<?php if($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1) { ?>
+    <td align='center'><strong><?php echo $noofsurveys;?></strong></td>
+<?php } ?>
+
+<?php if(isset($usrhimself['parent_id']) && $usrhimself['parent_id']!=0) { ?>
+    <td align='center'><strong><?php echo $srow['users_name'];?></strong></td>
+<?php } else { ?>
+    <td align='center'><strong>---</strong></td>
+<?php } ?>
+</tr>
+
+<?php for($i=1; $i<=count($usr_arr); $i++) {
+	$usr = $usr_arr[$i]; ?>
+    <tr>
+
+    <td align='center' style='padding:3px;'>
+    <?php if ($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1 || $usr['uid'] == $_SESSION['loginID'] || ($this->session->userdata('USER_RIGHT_CREATE_USER') == 1 && $usr['parent_id'] == $this->session->userdata('loginID'))) { ?>
+        <form method='post' action='<?php echo site_url("admin/user/modifyuser");?>'>
+        <input type='image' src='<?php echo $imageurl;?>/token_edit.png' alt='<?php echo $clang->gT("Edit this user");?>' />
+        <input type='hidden' name='action' value='modifyuser' />
+        <input type='hidden' name='uid' value='<?php echo $usr['uid'];?>' />
+        </form>
+    <?php } ?>
+
+    <?php if ( (($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1 &&
+    $usr['uid'] != $this->session->userdata('loginID') ) ||
+    ($this->session->userdata('USER_RIGHT_CREATE_USER') == 1 &&
+    $usr['parent_id'] == $this->session->userdata('loginID'))) && $usr['uid']!=1) { ?>
+        <form method='post' action='<?php echo site_url("admin/user/setuserrights/");?>'>
+        <input type='image' src='<?php echo $imageurl;?>/security_16.png' alt='<?php echo $clang->gT("Set global permissions for this user");?>' />
+        <input type='hidden' name='action' value='setuserrights' />
+        <input type='hidden' name='user' value='<?php echo $usr['user'];?>' />
+        <input type='hidden' name='uid' value='<?php echo $usr['uid'];?>' />
+        </form>
+    <?php }
+    if ($this->session->userdata('loginID') == "1" && $usr['parent_id'] !=1 ) { ?>
+        <form method='post' action='<?php echo $scriptname;?>'>
+        <input type='submit' value='<?php echo $clang->gT("Take Ownership");?>' />
+        <input type='hidden' name='action' value='setasadminchild' />
+        <input type='hidden' name='user' value='<?php echo $usr['user'];?>' />
+        <input type='hidden' name='uid' value='<?php echo $usr['uid'];?>' />
+        </form>
+    <?php }
+    if (($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1 || $this->session->userdata('USER_RIGHT_MANAGE_TEMPLATE') == 1)  && $usr['uid']!=1) { ?>
+        <form method='post' action='<?php echo site_url("admin/user/setusertemplates/");?>'>
+        <input type='image' src='<?php echo $imageurl;?>/templatepermissions_small.png' alt='<?php echo $clang->gT("Set template permissions for this user");?>' />
+        <input type='hidden' name='action' value='setusertemplates' />
+        <input type='hidden' name='user' value='<?php echo $usr['user'];?>' />
+        <input type='hidden' name='uid' value='<?php echo $usr['uid'];?>' />
+        </form>
+    <?php }
+    if (($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1 || ($this->session->userdata('USER_RIGHT_DELETE_USER') == 1  && $usr['parent_id'] == $this->session->userdata('loginID')))&& $usr['uid']!=1) { ?>
+        <form method='post' action='<?php echo site_url("admin/user/deluser");?>'>
+        <input type='image' src='<?php echo $imageurl;?>/token_delete.png' alt='<?php echo $clang->gT("Delete this user");?>' onclick='return confirm("<?php echo $clang->gT("Are you sure you want to delete this entry?","js");?>")' />
+        <input type='hidden' name='action' value='deluser' />
+        <input type='hidden' name='user' value='<?php echo $usr['user'];?>' />
+        <input type='hidden' name='uid' value='<?php echo $usr['uid'];?>' />
+        </form>
+    <?php } ?>
+
+	</td>
+    <td align='center'><?php echo $usr['user'];?></td>
+    <td align='center'><a href='mailto:<?php echo $usr['email'];?>'><?php echo $usr['email'];?></a></td>
+    <td align='center'><?php echo $usr['full_name'];?></td>
+
+    <td align='center'><?php echo $noofsurveyslist[$i];?></td>
+
+    <?php $uquery = "SELECT users_name FROM ".$this->db->dbprefix('users')." WHERE uid=".$usr['parent_id'];
+    $uresult = db_execute_assoc($uquery); //Checked
+    $userlist = array();
+    $srow = $uresult->row_array();
+    $usr['parent'] = $srow['users_name']; ?>
+
+    <?php if (isset($usr['parent_id'])) { ?>
+        <td align='center'><?php echo $usr['parent'];?></td>
+    <?php } else { ?>
+        <td align='center'>-----</td>
+    <?php } ?>
+
+    </tr>
+    <?php $row++; 
+} ?>
+</tbody></table><br />
+
+<?php if($this->session->userdata('USER_RIGHT_SUPERADMIN') == 1 || $this->session->userdata('USER_RIGHT_CREATE_USER')) { ?>
+    <form action='<?php echo site_url("admin/user/adduser");?>' method='post'>
+    <table class='users'><tr class='oddrow'>
+    <th><?php echo $clang->gT("Add user:");?></th>
+    <td align='center' width='20%'><input type='text' name='new_user' /></td>
+    <td align='center' width='20%'><input type='text' name='new_email' /></td>
+    <td align='center' width='20%' ><input type='text' name='new_full_name' /></td><td width='8%'>&nbsp;</td>
+    <td align='center' width='15%'><input type='submit' value='<?php echo $clang->gT("Add User");?>' />
+    <input type='hidden' name='action' value='adduser' /></td>
+    </tr></table></form><br />
+<?php } ?>
diff --git a/application/views/admin/User/modifyuser.php b/application/views/admin/User/modifyuser.php
@@ -0,0 +1,26 @@
+<div class='header ui-widget-header'><?php echo $clang->gT("Editing user");?></div><br />
+<form action='<?php echo site_url("admin/user/moduser");?>' method='post'>
+<table class='edituser'><thead><tr>
+<th><?php echo $clang->gT("Username");?></th>
+<th><?php echo $clang->gT("Email");?></th>
+<th><?php echo $clang->gT("Full name");?></th>
+<th><?php echo $clang->gT("Password");?></th>
+</tr></thead>
+<tbody><tr>
+<?php foreach ($mur->result_array() as $mrw) {
+    $mrw = array_map('htmlspecialchars', $mrw); ?>
+    <td align='center'><strong><?php echo $mrw['users_name'];?></strong></td>
+    <td align='center'> <input type='text' size='30' name='email' value="<?php echo $mrw['email'];?>" /></td>
+    <td align='center'> <input type='text' size='30' name='full_name' value="<?php echo $mrw['full_name'];?>" />
+    <input type='hidden' name='user' value="<?php echo $mrw['users_name'];?>" />
+    <input type='hidden' name='uid' value="<?php echo $mrw['uid'];?>" /></td>
+    <td align='center'> <input type='password' name='pass' value="%%unchanged%%" /></td>
+<?php } ?>
+</tr>
+</tbody>
+</table>
+<p>
+<input type='submit' value='<?php echo $clang->gT("Save");?>' />
+<input type='hidden' name='action' value='moduser' />
+</p>
+</form>
diff --git a/application/views/admin/User/personalsettings.php b/application/views/admin/User/personalsettings.php
@@ -0,0 +1,89 @@
+<?php // prepare data for the htmleditormode preference
+$edmod1='';
+$edmod2='';
+$edmod3='';
+$edmod4='';
+switch ($this->session->userdata('htmleditormode'))
+{
+    case 'none':
+        $edmod2="selected='selected'";
+        break;
+    case 'inline':
+        $edmod3="selected='selected'";
+        break;
+    case 'popup':
+        $edmod4="selected='selected'";
+        break;
+    default:
+        $edmod1="selected='selected'";
+        break;
+} ?>
+
+<div class='formheader'>
+<strong><?php echo $clang->gT("Your personal settings");?></strong>
+</div>
+<div>
+<form action='<?php echo site_url("admin/user/personalsettings/");?>' id='personalsettings' method='post'>
+<ul>
+
+<li><label for='lang'><?php echo $clang->gT("Interface language");?>:</label>
+<select id='lang' name='lang'>
+<option value='auto'<?php if ($sSavedLanguage == 'auto') {echo " selected='selected'";} ?>>
+	<?php echo $clang->gT("(Autodetect)");?></option>
+<?php foreach (getlanguagedata(true) as $langkey=>$languagekind) { ?>
+    <option value='<?php echo $langkey;?>'<?php if ($langkey == $sSavedLanguage) {echo " selected='selected'";}?>>
+    	<?php echo $languagekind['nativedescription'];?> - <?php echo $languagekind['description'];?></option>
+<?php } ?>
+</select>
+</li>
+
+<li>
+<label for='htmleditormode'><?php echo $clang->gT("HTML editor mode");?>:</label>
+<select id='htmleditormode' name='htmleditormode'>
+<option value='default' <?php echo $edmod1;?>><?php echo $clang->gT("Default");?></option>
+<option value='inline' <?php echo $edmod3;?>><?php echo $clang->gT("Inline HTML editor");?></option>
+<option value='popup' <?php echo $edmod4;?>><?php echo $clang->gT("Popup HTML editor");?></option>
+<option value='none' <?php echo $edmod2;?>><?php echo $clang->gT("No HTML editor");?></option>
+</select>
+</li>
+
+<li>
+<label for='questionselectormode'><?php echo $clang->gT("Question selector mode");?>:</label>
+<select id='questionselectormode' name='questionselectormode'>
+<option value='default'><?php echo $clang->gT("Default");?></option>
+<option value='full'<?php if ($this->session->userdata('questionselectormode')=="full"){
+	echo "selected='selected'";}?>><?php echo $clang->gT("Full question selector");?></option>
+<option value='none'<?php if ($this->session->userdata('questionselectormode')=="none"){
+	echo "selected='selected'";}?>><?php echo $clang->gT("Simple question selector");?></option>
+</select>
+  </li>
+
+<li>
+<label for='templateeditormode'><?php echo $clang->gT("Template editor mode");?>:</label>
+<select id='templateeditormode' name='templateeditormode'>
+	<option value='default'><?php echo $clang->gT("Default");?></option>
+<option value='full'<?php if ($this->session->userdata('templateeditormode')=="full"){
+	echo "selected='selected'";};?>><?php echo $clang->gT("Full template editor");?></option>
+<option value='none'<?php if ($this->session->userdata('templateeditormode')=="none"){
+	echo "selected='selected'";}?>><?php echo $clang->gT("Simple template editor");?></option>
+</select>
+</li>
+
+<li>
+<label for='dateformat'><?php echo $clang->gT("Date format");?>:</label>
+<select name='dateformat' id='dateformat'>
+<?php foreach (getDateFormatData() as $index=>$dateformatdata)
+{
+    echo "<option value='{$index}'";
+    if ($index==$this->session->userdata('dateformat'))
+    {
+        echo "selected='selected'";
+    }
+
+    echo ">".$dateformatdata['dateformat'].'</option>';
+} ?>
+</select>
+</li>
+</ul>
+<p><input type='hidden' name='action' value='savepersonalsettings' /><input class='submit' type='submit' value='<?php echo $clang->gT("Save settings");
+?>' /></p></form></div>