Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Delete account now works; user accounts now see only the functionalit…

…y they SHOULD see
  • Loading branch information...
commit c8a472596d3646d9c2605398d6fca99b0eb361d4 1 parent cb7d5c3
Benjamin Keen authored
1  index.php
View
@@ -35,5 +35,6 @@
$pageParams["cssIncludes"] = $cssIncludes;
$pageParams["codeMirrorIncludes"] = ExportTypePluginHelper::getExportTypeCodeMirrorModes($exportTypes);
$pageParams["defaultExportType"] = Core::getDefaultExportType();
+$pageParams["accountType"] = Core::$user->getAccountType();
Templates::displayPage("resources/templates/index.tpl", $pageParams);
1  library.php
View
@@ -17,6 +17,7 @@
require_once(dirname(__FILE__) . "/resources/classes/Database.class.php");
require_once(dirname(__FILE__) . "/resources/classes/DataTypePlugin.abstract.class.php");
require_once(dirname(__FILE__) . "/resources/classes/DataTypePluginHelper.class.php");
+require_once(dirname(__FILE__) . "/resources/classes/Emails.class.php");
require_once(dirname(__FILE__) . "/resources/classes/ErrorCodes.class.php");
require_once(dirname(__FILE__) . "/resources/classes/ExportTypePlugin.abstract.class.php");
require_once(dirname(__FILE__) . "/resources/classes/ExportTypePluginHelper.class.php");
27 resources/classes/Account.class.php
View
@@ -126,8 +126,15 @@ public static function resetPassword($email) {
$randPassword = Utils::generateRandomAlphanumericStr("CXCXCX");
// now attempt to send the email. If it works, update the database
- if (mail($email, "Reset Password", "Your password has been reset. You may use the following password to log in: $randPassword\n\nPlease change it once you've logged in.")) {
- $encryptionSalt = Core::getEncryptionSalt();
+
+ $response = Email::sendEmail(array(
+ "recipient" => $email,
+ "subject" => "Reset Password",
+ "content" => "Your password has been reset. You may use the following password to log in: $randPassword\n\nPlease change it once you've logged in."
+ ));
+
+ if ($response) {
+ $encryptionSalt = Core::getEncryptionSalt();
$encryptedPassword = crypt($randPassword, $encryptionSalt);
$response = Core::$db->query("
UPDATE {$prefix}user_accounts
@@ -374,12 +381,26 @@ public static function createAccount($accountInfo) {
public function deleteAccount($accountID) {
if ($this->accountType != "admin") {
return array(
- "false" => false,
+ "success" => false,
"errorCode" => ErrorCodes::NON_ADMIN
);
+ } else if (!is_numeric($accountID)) {
+ return array(
+ "success" => false,
+ "errorCode" => ErrorCodes::INVALID_PARAMS,
+ "errorMsg" => "the Account ID is not valid."
+ );
}
+
+ $accountID = mysql_real_escape_string($accountID);
+ $prefix = Core::getDbTablePrefix();
+ Core::$db->query("DELETE FROM {$prefix}user_accounts WHERE account_id = $accountID");
+ Core::$db->query("DELETE FROM {$prefix}configurations WHERE account_id = $accountID");
+
+ return array("success" => true);
}
+
public function getUsers() {
if ($this->accountType != "admin") {
return array(
4 resources/classes/AjaxRequest.class.php
View
@@ -245,7 +245,7 @@ public function __construct($action, $post = array()) {
$this->response["errorCode"] = ErrorCodes::NON_ADMIN;
} else {
$accountID = $post["accountID"];
- $response = Account::deleteAccount($accountID);
+ $response = Core::$user->deleteAccount($accountID);
$this->response["success"] = true;
}
break;
@@ -298,7 +298,7 @@ public function __construct($action, $post = array()) {
$this->response["content"] = $response["message"];
break;
- // for single
+ // for single
case "logout":
Core::init();
if (!Core::checkIsLoggedIn()) {
15 resources/classes/Emails.class.php
View
@@ -0,0 +1,15 @@
+<?php
+
+
+/**
+ * Nothing much here yet - but it's here so we can expand on it cleanly later on.
+ * @package Emails
+ * @author Ben Keen <ben.keen@gmail.com>
+ */
+class Emails {
+
+ public static function sendEmail($info) {
+ return mail($info["recipient"], $info["subject"], $info["content"]);
+ }
+
+}
1  resources/classes/ErrorCodes.class.php
View
@@ -11,6 +11,7 @@ class ErrorCodes {
const NOT_LOGGED_IN = 1;
const NON_ADMIN = 2;
const FAILED_SQL_STATEMENT = 3;
+ const INVALID_PARAMS = 4;
// const SETTINGSFILEEXISTS = 2;
// const MISSINGFIELDS = 3;
44 resources/scripts/accountManager.js
View
@@ -39,7 +39,6 @@ define([
};
var _onClickCreateAccount = function() {
-
// check all fields have been entered
var firstNameField = $("#gdManageAccount_firstName");
var firstNameFieldVal = $.trim(firstNameField.val());
@@ -80,7 +79,7 @@ define([
}
if (!hasErrors) {
- _modalSpinner[""].play();
+ _modalSpinners[_manageAccountModalID].play();
var data = {
action: "createAccount",
firstName: firstNameFieldVal,
@@ -96,7 +95,7 @@ define([
data: data,
dataType: "json",
success: function(response) {
- _modalSpinner.pause();
+ _modalSpinners[_manageAccountModalID].pause();
if (response.success) {
// get a fresh list of accounts from the server, and add a callback so that
@@ -104,19 +103,50 @@ define([
_getAccountsList({
onComplete: function() {
$("#" + _manageAccountModalID).dialog("close");
- _modalSpinner.pause();
+ _modalSpinners[_manageAccountModalID].pause();
}
});
}
},
error: function(response) {
- _modalSpinner.pause();
+ _modalSpinners[_manageAccountModalID].pause();
console.log("error response: ", response);
}
});
}
};
+ var _onConfirmDeleteAccount = function(accountID) {
+ _modalSpinners[_deleteAccountModalID].play();
+ $.ajax({
+ url: "ajax.php",
+ type: "POST",
+ data: {
+ action: "deleteAccount",
+ accountID: accountID
+ },
+ dataType: "json",
+ success: function(response) {
+ if (response.success) {
+
+ // get a fresh list of accounts from the server, and add a callback so that
+ // we close the modal when it's complete`
+ _getAccountsList({
+ onComplete: function() {
+ $("#" + _deleteAccountModalID).dialog("close");
+ _modalSpinners[_deleteAccountModalID].pause();
+ }
+ });
+ } else {
+ // TODO
+ }
+ },
+ error: function(response) {
+ _modalSpinners[_deleteAccountModalID].pause();
+ console.log("error response: ", response);
+ }
+ });
+ };
var _openEditAccountDialog = function(e) {
e.preventDefault();
@@ -177,7 +207,7 @@ define([
buttons: [
{
text: L.yes,
- click: _onClickCreateAccount
+ click: function() { _onConfirmDeleteAccount(accountID); }
},
{
text: L.no,
@@ -301,7 +331,7 @@ define([
return;
}
- var dialogBottomRow = $('#' + settings.modalEl).closest(".ui-dialog").find(".ui-dialog-buttonpane");
+ var dialogBottomRow = $('#' + settings.modalID).closest(".ui-dialog").find(".ui-dialog-buttonpane");
dialogBottomRow.prepend('<span class="modalSpinner"></span>');
var spinnerSpan = dialogBottomRow.children("span")[0];
_modalSpinners[settings.modalID] = Spinners.create(spinnerSpan, {
12 resources/templates/index.tpl
View
@@ -37,8 +37,12 @@
<span id="gdProcessingIcon"></span>
<ul>
<li id="gdMainTab1" class="gdSelected">{$L.generate}</li>
- {if $settings.userAccountSetup == "multiple"}<li id="gdMainTab2">{$L.accounts}</li>{/if}
+ {if $settings.userAccountSetup == "multiple" && $accountType == "admin"}
+ <li id="gdMainTab2">{$L.accounts}</li>
+ {/if}
+ {if $settings.userAccountSetup == "anonymous" || $accountType == "admin"}
<li id="gdMainTab3">{$L.settings}</li>
+ {/if}
<li id="gdMainTab4">{$L.about}</li>
</ul>
</nav>
@@ -47,7 +51,11 @@
<div id="gdContent">
<ul class="gdMainTabContent">
<li id="gdMainTab1Content">{include file="generate.tab1.tpl"}</li>
- {if $settings.userAccountSetup == "multiple"}<li id="gdMainTab2Content" style="display:none">{include file="generate.tab2.tpl"}</li>{/if}
+
+ {if $settings.userAccountSetup == "multiple" && $accountType == "admin"}
+ <li id="gdMainTab2Content" style="display:none">{include file="generate.tab2.tpl"}</li>
+ {/if}
+
<li id="gdMainTab3Content" style="display:none">{include file="generate.tab3.tpl"}</li>
<li id="gdMainTab4Content" style="display:none">{include file="generate.tab4.tpl"}</li>
</ul>
Please sign in to comment.
Something went wrong with that request. Please try again.