Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Major changes to access manager. Means modifying nearly every file

to add some access permissions. This needs to be finished, but there
is a good start.

Added a customer manager.

Removed the shipping SQL/Minivend database, no longer necessary.
  • Loading branch information...
commit d628b6e3d945ce2e4ef0f03e0095f686d55450bc 1 parent 1b39630
@perusionmike perusionmike authored
Showing with 2,425 additions and 506 deletions.
  1. +56 −4 MANIFEST
  2. +1 −6 dist/barry/catalog.cfg
  3. +1 −1  dist/barry/config/leftside
  4. +2 −1  dist/barry/etc/log_transaction
  5. +0 −7 dist/barry/etc/profiles.login
  6. 0  dist/barry/logs/.empty
  7. +0 −15 dist/barry/mysql/shipping.mysql
  8. +1 −1  dist/barry/mysql/transactions.mysql
  9. +0 −16 dist/barry/pgsql/shipping.pgsql
  10. +6 −0 dist/barry/products/access.asc
  11. +0 −4 dist/barry/products/minimate.asc
  12. +59 −38 dist/barry/products/mv_metadata.asc
  13. +0 −17 dist/barry/products/shipping.txt
  14. +1 −1  dist/barry/products/userdb.txt
  15. +1 −1  dist/barry/products/variable.txt
  16. +6 −4 dist/basic/products/minimate.asc
  17. +3 −0  dist/catalog_after.cfg
  18. +1 −1  dist/catalog_before.cfg
  19. +79 −18 dist/lib/UI/Primitive.pm
  20. +149 −0 dist/lib/UI/pages/admin/access.html
  21. +377 −0 dist/lib/UI/pages/admin/access_permissions.html
  22. +16 −6 dist/lib/UI/pages/admin/advanced.html
  23. +16 −4 dist/lib/UI/pages/admin/affiliates.html
  24. +254 −0 dist/lib/UI/pages/admin/customer.html
  25. +116 −0 dist/lib/UI/pages/admin/customer_change_pass.html
  26. +279 −0 dist/lib/UI/pages/admin/customer_view.html
  27. +1 −0  dist/lib/UI/pages/admin/dbdownload.html
  28. +1 −1  dist/lib/UI/pages/admin/export_table.html
  29. +1 −1  dist/lib/UI/pages/admin/flex_editor.html
  30. +28 −4 dist/lib/UI/pages/admin/flex_select.html
  31. +1 −1  dist/lib/UI/pages/admin/format_meta.html
  32. +1 −1  dist/lib/UI/pages/admin/genreport.html
  33. +6 −0 dist/lib/UI/pages/admin/genstats.html
  34. +74 −66 dist/lib/UI/pages/admin/group.html
  35. +102 −0 dist/lib/UI/pages/admin/group_edit.html
  36. +2 −2 dist/lib/UI/pages/admin/import_table.html
  37. +8 −1 dist/lib/UI/pages/admin/index.html
  38. +42 −30 dist/lib/UI/pages/admin/item.html
  39. +0 −11 dist/lib/UI/pages/admin/login.html
  40. +0 −10 dist/lib/UI/pages/admin/logout.html
  41. +30 −9 dist/lib/UI/pages/admin/order.html
  42. +56 −12 dist/lib/UI/pages/admin/order_view.html
  43. +42 −3 dist/lib/UI/pages/admin/quicklinks.html
  44. +7 −7 dist/lib/UI/pages/admin/reports/order/ByAffiliate.html
  45. +5 −4 dist/lib/UI/pages/admin/reports/order/Detail.html
  46. +7 −7 dist/lib/UI/pages/admin/reports/order/Monthly.html
  47. +1 −1  dist/lib/UI/pages/admin/reports/traffic/ByAffiliate.html
  48. +10 −10 dist/lib/UI/pages/admin/ship_data.html
  49. +7 −7 dist/lib/UI/pages/admin/ship_edit.html
  50. +5 −5 dist/lib/UI/pages/admin/special/key_violation.html
  51. +1 −1  dist/lib/UI/pages/admin/trafficstats.html
  52. +178 −0 dist/lib/UI/pages/admin/user_change_pass.html
  53. +138 −0 dist/lib/UI/pages/admin/user_edit.html
  54. +19 −0 dist/lib/UI/profiles/login
  55. +1 −0  dist/lib/UI/ui.cfg
  56. +49 −22 dist/lib/UI/usertag/if_mm
  57. +5 −2 dist/lib/UI/usertag/list_databases
  58. +18 −7 dist/lib/UI/vars/UI_STD_DBEDIT_TABLE
  59. +29 −8 dist/lib/UI/vars/UI_STD_HEAD
  60. +0 −7 dist/mvmall/etc/profiles.login
  61. +6 −4 dist/mvmall/products/minimate.asc
  62. +1 −3 dist/simple/catalog.cfg
  63. +2 −1  dist/simple/etc/log_transaction
  64. +0 −7 dist/simple/etc/profiles.login
  65. 0  dist/simple/logs/.empty
  66. +0 −15 dist/simple/mysql/shipping.mysql
  67. +1 −1  dist/simple/mysql/transactions.mysql
  68. +0 −16 dist/simple/pgsql/shipping.pgsql
  69. +6 −0 dist/simple/products/access.asc
  70. +0 −4 dist/simple/products/minimate.asc
  71. +58 −38 dist/simple/products/mv_metadata.asc
  72. +0 −17 dist/simple/products/shipping.txt
  73. +1 −1  dist/simple/products/userdb.txt
  74. +1 −1  dist/simple/products/variable.txt
  75. +12 −2 lib/Vend/Config.pm
  76. +3 −3 lib/Vend/DbSearch.pm
  77. +11 −2 lib/Vend/Interpolate.pm
  78. +24 −6 lib/Vend/UserDB.pm
View
60 MANIFEST
@@ -1,3 +1,4 @@
+2
LICENSE
MANIFEST
MANIFEST.SKIP
@@ -153,6 +154,7 @@ dist/barry/images/wtb.ssk.gif
dist/barry/images/xtr.cassette.jpg
dist/barry/images/xtrcrank.jpg
dist/barry/images/zinn.gif
+dist/barry/logs/.empty
dist/barry/mysql/affiliate.mysql
dist/barry/mysql/area.mysql
dist/barry/mysql/cat.mysql
@@ -231,6 +233,7 @@ dist/barry/products/GroundComm.csv
dist/barry/products/GroundRes.csv
dist/barry/products/NextDayAir.csv
dist/barry/products/NextDayAirSaver.csv
+dist/barry/products/access.asc
dist/barry/products/affiliate.txt
dist/barry/products/area.txt
dist/barry/products/banner.txt
@@ -238,7 +241,6 @@ dist/barry/products/cat.txt
dist/barry/products/country.txt
dist/barry/products/inventory.txt
dist/barry/products/locale.txt
-dist/barry/products/minimate.asc
dist/barry/products/mv_metadata.asc
dist/barry/products/orderline.txt
dist/barry/products/pricing.txt
@@ -373,6 +375,7 @@ dist/basic/tmp/.empty
dist/basic/upload/.empty
dist/build/makecat.redhat
dist/build/makedirs.redhat
+dist/catalog_after.cfg
dist/catalog_before.cfg
dist/compat/body
dist/compat/buttonbar
@@ -387,10 +390,15 @@ dist/lib/UI/locales/fr_FR.cfg
dist/lib/UI/locales/it_IT.cfg
dist/lib/UI/locales/pt_BR.cfg
dist/lib/UI/locales/ru_RU.cfg
+dist/lib/UI/pages/admin/access.html
+dist/lib/UI/pages/admin/access_permissions.html
dist/lib/UI/pages/admin/advanced.html
dist/lib/UI/pages/admin/affiliates.html
dist/lib/UI/pages/admin/button_builder.html
dist/lib/UI/pages/admin/config.html
+dist/lib/UI/pages/admin/customer.html
+dist/lib/UI/pages/admin/customer_change_pass.html
+dist/lib/UI/pages/admin/customer_view.html
dist/lib/UI/pages/admin/dbdownload.html
dist/lib/UI/pages/admin/env_vars.html
dist/lib/UI/pages/admin/error.html
@@ -406,12 +414,15 @@ dist/lib/UI/pages/admin/genstats.html
dist/lib/UI/pages/admin/gentable.html
dist/lib/UI/pages/admin/genxport.html
dist/lib/UI/pages/admin/group.html
+dist/lib/UI/pages/admin/group_edit.html
dist/lib/UI/pages/admin/header
dist/lib/UI/pages/admin/import_table.html
dist/lib/UI/pages/admin/index.html
dist/lib/UI/pages/admin/item.html
dist/lib/UI/pages/admin/item_edit.html
dist/lib/UI/pages/admin/layout.html
+dist/lib/UI/pages/admin/layout_create.html
+dist/lib/UI/pages/admin/layout_subcat.html
dist/lib/UI/pages/admin/layoutdownload.html
dist/lib/UI/pages/admin/layoutupload.html
dist/lib/UI/pages/admin/login.html
@@ -432,15 +443,24 @@ dist/lib/UI/pages/admin/report_save.html
dist/lib/UI/pages/admin/reports/order/ByAffiliate.html
dist/lib/UI/pages/admin/reports/order/Detail.html
dist/lib/UI/pages/admin/reports/order/Monthly.html
+dist/lib/UI/pages/admin/reports/traffic/ByAffiliate.html
dist/lib/UI/pages/admin/search_builder.html
+dist/lib/UI/pages/admin/search_builder_results.html
dist/lib/UI/pages/admin/ship.html
+dist/lib/UI/pages/admin/ship_data.html
dist/lib/UI/pages/admin/ship_edit.html
dist/lib/UI/pages/admin/ship_range.html
dist/lib/UI/pages/admin/special/key_violation.html
dist/lib/UI/pages/admin/spread.html
dist/lib/UI/pages/admin/table_editor.html
dist/lib/UI/pages/admin/tax.html
+dist/lib/UI/pages/admin/trafficstats.html
+dist/lib/UI/pages/admin/user_change_pass.html
+dist/lib/UI/pages/admin/user_edit.html
+dist/lib/UI/profiles/login
+dist/lib/UI/profiles/order_button_build
dist/lib/UI/ui.cfg
+dist/lib/UI/usertag/available_ups_internal
dist/lib/UI/usertag/available_www_shipping
dist/lib/UI/usertag/backup-database
dist/lib/UI/usertag/base_url
@@ -469,6 +489,7 @@ dist/lib/UI/usertag/list_pages
dist/lib/UI/usertag/mm_value
dist/lib/UI/usertag/newer
dist/lib/UI/usertag/quick_table
+dist/lib/UI/usertag/randit
dist/lib/UI/usertag/read_serial
dist/lib/UI/usertag/read_shipping
dist/lib/UI/usertag/rotate_database
@@ -492,7 +513,6 @@ dist/lib/UI/vars/UI_STD_DBEDIT_HEAD
dist/lib/UI/vars/UI_STD_DBEDIT_TABLE
dist/lib/UI/vars/UI_STD_FOOTER
dist/lib/UI/vars/UI_STD_HEAD
-dist/lib/UI/vars/UI_STD_HEADER
dist/locale.error
dist/minivend.cfg.dist
dist/simple/backup/.empty
@@ -613,6 +633,7 @@ dist/simple/images/yellow1/go.png
dist/simple/images/yellow1/logo.png
dist/simple/images/yellow1/menu.png
dist/simple/images/yellow1/submit.png
+dist/simple/logs/.empty
dist/simple/mysql/affiliate.mysql
dist/simple/mysql/area.mysql
dist/simple/mysql/cat.mysql
@@ -699,6 +720,7 @@ dist/simple/products/GroundComm.csv
dist/simple/products/GroundRes.csv
dist/simple/products/NextDayAir.csv
dist/simple/products/NextDayAirSaver.csv
+dist/simple/products/access.asc
dist/simple/products/affiliate.txt
dist/simple/products/area.txt
dist/simple/products/banner.txt
@@ -706,7 +728,6 @@ dist/simple/products/cat.txt
dist/simple/products/country.txt
dist/simple/products/inventory.txt
dist/simple/products/locale.txt
-dist/simple/products/minimate.asc
dist/simple/products/mv_metadata.asc
dist/simple/products/orderline.txt
dist/simple/products/pricing.txt
@@ -760,12 +781,15 @@ dist/usertag/reconfig_time
dist/usertag/reconfig_wait
dist/usertag/summary
dist/usertag/title_bar
+dist/usertag/ups_query
+dist/usertag/usertrack
dist/usertag/var
dist/usertag/xml_generator
eg/check
eg/checkstat.sh
eg/compact
eg/globalsub/signio
+eg/grant.sql
eg/ifdef
eg/make_gnumeric.sh
extra/Business/UPS.pm
@@ -812,12 +836,40 @@ lib/Vend/Table/LDAP.pm
lib/Vend/Tagref.pm
lib/Vend/Tags.pm
lib/Vend/TextSearch.pm
+lib/Vend/Track.pm
lib/Vend/UserDB.pm
lib/Vend/Util.pm
+minivend-4.5.1/dist/barry/html/index.html
+minivend-4.5.1/dist/barry/images/dirk_anim_blue_trn.gif
+minivend-4.5.1/dist/barry/images/standard_images/topfade.gif
+minivend-4.5.1/dist/barry/pages/browse1.html
+minivend-4.5.1/dist/barry/products/GroundComm.csv
+minivend-4.5.1/dist/barry/special_pages/cc_not_valid.html
+minivend-4.5.1/dist/barry/special_pages/confirmation.html
+minivend-4.5.1/dist/basic/catalog.cfg
+minivend-4.5.1/dist/basic/images/loose_hair.jpg
+minivend-4.5.1/dist/build/makecat.redhat
+minivend-4.5.1/dist/lib/UI/pages/admin/matrix_edit.html
+minivend-4.5.1/dist/lib/UI/pages/admin/orderstats.html
+minivend-4.5.1/dist/lib/UI/pages/admin/reports/order/Monthly.html
+minivend-4.5.1/dist/lib/UI/usertag/e
+minivend-4.5.1/dist/simple/etc/report
+minivend-4.5.1/dist/simple/html/.empty
+minivend-4.5.1/dist/simple/images/items/00-0011a.png
+minivend-4.5.1/dist/simple/images/items/21-221.jpg
+minivend-4.5.1/dist/simple/images/items/magnificat.jpg
+minivend-4.5.1/dist/simple/images/items/pol2.jpg
+minivend-4.5.1/dist/simple/pages/feedback.html
+minivend-4.5.1/dist/simple/pages/nothing.html
+minivend-4.5.1/dist/simple/pages/reconfig/do_upload.html
+minivend-4.5.1/dist/simple/products/access.asc
+minivend-4.5.1/dist/src/mvctl.c
+minivend-4.5.1/eg/checkstat.sh
+minivend-4.5.1/extra/File/CounterFile.pm
+minivend-4.5.1/lib/Vend/Parse.pm
pod/mvdocs.pod
pod/mvfaq.pod
pod/mvrpm.pod
-pod/mvtags.pod
scripts/compile_link.PL
scripts/config_prog.PL
scripts/configdump.PL
View
7 dist/barry/catalog.cfg
@@ -169,8 +169,6 @@ Database pricing KEY sku
Database pricing NUMERIC q2
Database products HOT 1
Database products INDEX category:c
-Database shipping shipping.txt TAB
-Database shipping AUTO_NUMBER 1
Database orderline orderline.txt TAB
Database transactions transactions.txt TAB
Database userdb userdb.txt TAB
@@ -211,10 +209,7 @@ Message Using PostgreSQL, DSN=__SQLDSN__.
#endif
# We are always keeping these in DBM, can be in SQL if you wish
-Variable MINIMATE_META mv_metadata
-Variable MINIMATE_TABLE minimate
-Variable MM_BASE tally
-Database minimate minimate.asc TAB
+Database access access.asc TAB
Database mv_metadata mv_metadata.asc TAB
Database variable variable.txt TAB
Database banner banner.txt TAB
View
2  dist/barry/config/leftside
@@ -148,7 +148,7 @@ Customer Services
</font>
</td>
</tr>
-[if type=data term="minimate::username::[data session username]"]
+[if type=data term="access::username::[data session username]"]
<tr>
<td align="left" COLSPAN=2>
<font size=-1>
View
3  dist/barry/etc/log_transaction
@@ -1,6 +1,6 @@
#### begin [value mv_order_number] #####
[seti transaction_record]
-[tag flag write]transactions orderline userdb[/tag]
+[tag flag write]transactions orderline userdb inventory[/tag]
[if !session logged_in]
[set auto_create]1[/set]
[if type=explicit compare=|
@@ -88,6 +88,7 @@ affiliate: [data session source]
campaign: [value campaign]
status: pending
[/import]
+Inventory now: [data table=inventory col=quantity key="[item-code]" increment=1 value="-[item-quantity]"]
[/item-list][/try]
[catch] There was an error adding to the transaction log. [/catch]
[if scratch auto_create]
View
7 dist/barry/etc/profiles.login
@@ -14,13 +14,6 @@ __NAME__ Login
[if type=explicit compare="[userdb login]"]
mv_nextpage=[either][cgi mv_successpage][or][cgi mv_nextpage][/either]
-[perl minimate]
- $Session->{mm_username} = tag_data( '__MINIMATE_TABLE__',
- 'username',
- $Session->{username},
- );
- return;
-[/perl]
[else]
mv_nextpage=[either][cgi mv_failpage][or][cgi mv_nextpage][/either]
[/else]
View
0  dist/barry/logs/.empty
No changes.
View
15 dist/barry/mysql/shipping.mysql
@@ -1,15 +0,0 @@
-Database shipping shipping.txt __SQLDSN__
-#ifdef SQLUSER
-Database shipping USER __SQLUSER__
-#endif
-#ifdef SQLPASS
-Database shipping PASS __SQLPASS__
-#endif
-Database shipping COLUMN_DEF "code=char(18) NOT NULL PRIMARY KEY"
-Database shipping COLUMN_DEF "description=VARCHAR(64)"
-Database shipping COLUMN_DEF "criteria=VARCHAR(128)"
-Database shipping COLUMN_DEF "min=CHAR(7)"
-Database shipping COLUMN_DEF "max=CHAR(9)"
-Database shipping COLUMN_DEF "formula=VARCHAR(128)"
-Database shipping COLUMN_DEF "query=TEXT"
-Database shipping COLUMN_DEF "opt=TEXT"
View
2  dist/barry/mysql/transactions.mysql
@@ -49,5 +49,5 @@ Database transactions COLUMN_DEF "update_date=timestamp"
Database transactions COLUMN_DEF "status=VARCHAR(32)"
Database transactions COLUMN_DEF "parent=CHAR(9)"
Database transactions COLUMN_DEF "archived=CHAR(1)"
-Database transactions COLUMN_DEF "deleted=CHAR(1)"
+Database transactions COLUMN_DEF "deleted=CHAR(1) DEFAULT ''"
Database transactions COLUMN_DEF "complete=CHAR(1)"
View
16 dist/barry/pgsql/shipping.pgsql
@@ -1,16 +0,0 @@
-Database shipping shipping.txt __SQLDSN__
-#ifdef SQLUSER
-Database shipping USER __SQLUSER__
-#endif
-#ifdef SQLPASS
-Database shipping PASS __SQLPASS__
-#endif
-Database shipping COLUMN_DEF "code=VARCHAR(18) NOT NULL PRIMARY KEY"
-Database shipping COLUMN_DEF "description=VARCHAR(64)"
-Database shipping COLUMN_DEF "criteria=VARCHAR(128)"
-Database shipping COLUMN_DEF "min=VARCHAR(7)"
-Database shipping COLUMN_DEF "max=VARCHAR(9)"
-Database shipping COLUMN_DEF "formula=VARCHAR(128)"
-Database shipping COLUMN_DEF "query=TEXT"
-Database shipping COLUMN_DEF "opt=TEXT"
-Database shipping ChopBlanks 1
View
6 dist/barry/products/access.asc
@@ -0,0 +1,6 @@
+username password name last_login super yes_tables no_tables upload acl export edit pages files config reconfig groups meta no_functions yes_functions table_control
+__MVC_SUPERUSER__ ceJq5Qwc3ApHQ Super User 1
+test sSPI6dOz/ciLg Papa Bear 962090612 0 2ndDayAir=vi Ground=vi NextDayAir=vix affiliate=vix area=vix country=vix inventory=vix locale=veix orderline=veix pricing=veix products=veix shipping=veix transactions=veix userdb=ex variable=ex mv_metadata access inventory pricing products cat pricing products inventory orderline pricing products ind* news* about* privacy* error.log etc/* 0 1 :orders products item=lvecd group=lv group=lv order=lvecau dbdownload laydownload orderstats userdb=lvep {'pricing' => {'no_fields' => "price_group",},'products' => {'no_keys' => "00-342",'no_fields' => "weight nontaxable",'yes_keys' => "00-0011 00-0011a 00-342 00-343 00-404",'yes_fields' => "sku artist title description comment price",},}
+shipping ceJq5Qwc3ApHQ Shipping User 962075741 0 orderline transactions orderline transactions NONE etc/tracking.asc orders/* 0 0 :orders orderline transactions order=d access=vl group=vl {'transactions' => {'yes_fields' => "code status",},'orderline' => {'yes_fields' => "code status",},}
+:backup Backup
+:orders * Order admin 0 orderline transactions userdb userdb transactions orderline orderline transactions userdb order=d
View
4 dist/barry/products/minimate.asc
@@ -1,4 +0,0 @@
-username super yes_tables no_tables upload acl export edit pages files config reconfig meta no_functions yes_functions table_control
-test 0 2ndDayAir Ground NextDayAir locale minimate mv_metadata inventory pricing products cat pricing products inventory orderline pricing products ind* news* about* privacy* error.log etc/* 0 1 products files change_db spreadsheet display_configure entities error config home search report {'pricing' => {'no_fields' => "price_group",},'products' => {'no_keys' => "00-342",'no_fields' => "weight nontaxable",'yes_keys' => "00-0011 00-0011a 00-342 00-343 00-404",'yes_fields' => "sku artist title description comment price",},}
-shipping 0 orderline transactions orderline transactions NONE etc/tracking.asc orders/* 0 0 orderline transactions pages add_field journal_update display_configure entities error config home sql none {'transactions' => {'yes_fields' => "code status",},'orderline' => {'yes_fields' => "code status",},}
-__MVC_SUPERUSER__ 1 products 0 1
View
97 dist/barry/products/mv_metadata.asc
@@ -1,40 +1,61 @@
code type width height field db name outboard options attribute label help lookup filter help_url pre_filter lookup_exclude
-affiliate::affiliate text 12 Affiliate ID word
-affiliate::name text 50 Affiliate Name
-affiliate::timeout text 8 Timeout delay (in seconds, 0 to disable)
-affiliate::url text 70 URL Default URL to redirect to
-inventory::stock_message select In stock, Ships in 3-5 days, Ships in 4-6 weeks, Special order
-minimate::super select 0=No, 1=Yes
-mv_metadata::code text 20 Table::Column Table::column to be operated on
-mv_metadata::db combo tables nullselect
-mv_metadata::filter multiple 5 filesafe=Safe for file name,
- uc=Upper case,
- nullselect=First non-null (combo box),
- null_to_space=Translate null to space,
- null_to_comma=Translate null to comma,
- lc=Lower case,
- digits_dot=Decimal number (not negative),
- backslash=Remove backslashes,
- namecase=Name case,
+affiliate::timeout text 8 Timeout delay (in seconds, 0 to disable)
+mv_metadata::lookup text 20
+mv_metadata::width text 4 digits
+products::title text 30 Title namecase
+userdb::city text 40 City
+userdb::b_lname text 40 Billing Last Name
+userdb::b_address1 text 40 Billing Address
+mv_metadata::code text 20 Table::Column Table::column to be operated on
+transactions::status combo pending=Pending, shipped=Shipped, backorder=Back ordered, credit=Waiting for credit check, canceled=Canceled nullselect
+userdb::b_state text 10 Billing State
+products::color textarea 50 5
+userdb::b_zip text 10 Billing Postcode
+products::artist text 30 Artist
+variable::Variable::PO_ACCEPTED select 0=No, 1=Yes
+products::price text 12 Product Price digits_dot
+affiliate::name text 50 Affiliate Name
+products::name text 60 Short Description
+products::description textarea 70 4 Description
+userdb::b_address2 text 40
+userdb::lname text 30 Last Name
+variable::Variable::COD_ACCEPTED select 0=No, 1=Yes
+pricing::price_group combo pricing Discount group price_group nullselect
+products::comment textarea 70 4 Long Description
+products::size textarea 50 5
+userdb::address1 text 40 Address
+userdb::b_fname text 40 Billing First Name
+userdb::country text 10 Country
+affiliate::affiliate text 12 Affiliate ID word
+products::image imagedir
+products::nontaxable select =Yes, 1=No Taxable?
+userdb::fname text 30 First name
+inventory::stock_message select In stock, Ships in 3-5 days, Ships in 4-6 weeks, Special order
+variable::Variable::MYSQL select 0=No, 1=Yes
+variable::Variable::CHECK_ACCEPTED select 0=No, 1=Yes
+mv_metadata::height text 4 digits
+mv_metadata::db combo tables nullselect
+userdb text lname,fname
+userdb::email text 40 Email Address
+shipping text description
+pricing text 2
+mv_metadata::type select select=Select box, text=Text entry*,textarea=Textarea,combo=Combo Select, radio=Radio box, radio_nbsp=Radio (nbsp), checkbox=Check box, check_nbsp=Checkbox (nbsp), hidden_ text=Hidden (show text), multiple=Multiple Select, imagedir=Image listing, date=Date selector Widget type filesafe
+affiliate::url text 70 URL Default URL to redirect to
+products::featured select =none, front=Front page, cart=Basket page, receipt=Receipt
+products::sku SKU/Item code
+products text description
+products::related multiple 5 sku products Related items</B><BR><FONT SIZE=1>(space separated SKUs)
+userdb::phone_night text 30 Home Phone
+userdb::username text 16 Username no_white
+userdb::phone_day text 30 Daytime Phone
+mv_metadata::filter multiple 5 filesafe=Safe for file name,
+ uc=Upper case,
+ nullselect=First non-null (combo box),
+ null_to_space=Translate null to space,
+ null_to_comma=Translate null to comma,
+ lc=Lower case,
+ digits_dot=Decimal number (not negative),
+ backslash=Remove backslashes,
namecase=Name case,
- digits=Digits only,
- word=Word chars only (A-z0-9_),
- unix=DOS to UNIX,
- dos=UNIX to DOS,
- mac=UNIX to MAC,
- gate=Only allow if scratch set,
- no_white=No whitespace,
- strip=Strip leading/trailing whitespace,
- sql=Escape single quotes (SQL),
- text2html=Simple text to HTML,
- urlencode=URL encode (%20, etc),
- pagefile=Safe for Minivend page name,
- entities=HTML entities (&amp; -> &amp;amp;), date_change=MM/DD/YYYY to YYYYMMDD null_to_space
-mv_metadata::height text 4 digits
-mv_metadata::help textarea 70 4
-mv_metadata::lookup text 20
-mv_metadata::type select select=Select box, text=Text entry*,textarea=Textarea,combo=Combo Select, radio=Radio box, radio_nbsp=Radio (nbsp), checkbox=Check box, check_nbsp=Checkbox (nbsp), hidden_ text=Hidden (show text), multiple=Multiple Select, imagedir=Image listing, date=Date selector Widget type filesafe
-mv_metadata::width text 4 digits
-pricing::price_group combo pricing Discount group price_group nullselect
-pricing text 2
-products::artist text 30 Artist
+ name=Turn LAST,FIRST into FIRST LAST,
+ digits=Digits only,
View
17 dist/barry/products/shipping.txt
@@ -1,17 +0,0 @@
-code mode description criteria min max formula opt
-1 air Int'l Air A weight 0 0 e Nothing to ship!
-2 air Int'l Air A weight 0 100 f 8 + @@TOTAL@@ * 2.50 CA
-3 air Int'l Air A weight 100 999999 e @@TOTAL@@ lbs too heavy. Charter a boat.
-4 air Int'l Air B weight 0 100 f 10 + @@TOTAL@@ * 3.50 MX
-5 air Int'l Air C weight 0 100 f 12 + @@TOTAL@@ * 4.5 AG AI AN AW BM BS BZ CR DM DO GD GP GT HT JM KY MQ MS PA PM TC XC XP XQ XR
-6 air Int'l Air D weight 0 100 f 14 + @@TOTAL@@ * 5.5 AD AT BB BO CH CO DE FJ GM GN GW GY HN KI LI LU NI PL SR SV TO TT TV UY VE VU XM XO XY
-7 air Int'l Air E weight 0 100 f 16 + @@TOTAL@@ * 6.5 AL BJ CY CZ DK EC EI ES FO GF GI GR HK HU IL IS IT JO KR LB MA MK ML MT NG NL NR PT SH SI SK Sb TN TR TW UK XA XB XG XL XS XT XV
-8 air Int'l Air F weight 0 100 f 18 + @@TOTAL@@ * 7.5 AE AF AM AO AR AU AZ BD BE BF BG BH BI BN BR BT BW BY CF CG CL CM CN CV DJ DZ EE EG ER ET FI FR GA GE GH GL GQ ID IN IR JP KE KM KW KZ LA LK LS LT LY MG MR MU MV MW MZ NA NC NE NO NP NZ OM PG PH PK PY RE RW SA SC SD SE SG SL SN ST SZ TD TG TH TZ UA UG XD XE XF XI XU XW XX YE ZA ZM ZR ZW
-9 surf Int'l Surface A weight 0 0 e Nothing to ship!
-10 surf Int'l Surface A weight 0 100 f 6 + @@TOTAL@@ * 2 CA
-11 surf Int'l Surface A weight 100 999999 e @@TOTAL@@ lbs too heavy. Charter a boat.
-12 surf Int'l Surface B weight 0 100 f 8 + @@TOTAL@@ * 3 MX
-13 surf Int'l Surface C weight 0 100 f 10 + @@TOTAL@@ * 4 AD AT BB BO CH CO DE FJ GM GN GW GY HN KI LI LU NI PL SR SV TO TT TV UY VE VU XM XO XY
-14 surf Int'l Surface D weight 0 100 f 12 + @@TOTAL@@ * 5 AG AI AN AW BM BS BZ CR DM DO GD GP GT HT JM KY MQ MS PA PM TC XC XP XQ XR
-15 surf Int'l Surface E weight 0 100 f 14 + @@TOTAL@@ * 6 AL BJ CY CZ DK EC EI ES FO GF GI GR HK HU IL IS IT JO KR LB MA MK ML MT NG NL NR PT SH SI SK Sb TN TR TW UK XA XB XG XL XS XT XV
-16 surf Int'l Surface F weight 0 100 f 16 + @@TOTAL@@ * 7 AE AF AM AO AR AU AZ BD BE BF BG BH BI BN BR BT BW BY CF CG CL CM CN CV DJ DZ EE EG ER ET FI FR GA GE GH GL GQ ID IN IR JP KE KM KW KZ LA LK LS LT LY MG MR MU MV MW MZ NA NC NE NO NP NZ OM PG PH PK PY RE RW SA SC SD SE SG SL SN ST SZ TD TG TH TZ UA UG XD XE XF XI XU XW XX YE ZA ZM ZR ZW
View
2  dist/barry/products/userdb.txt
@@ -1,4 +1,4 @@
-username password acl mod_time s_nickname company fname lname address1 address2 address3 city state zip country phone_day mv_shipmode b_nickname b_fname b_lname b_address1 b_address2 b_address3 b_city b_state b_zip b_country b_phone mv_credit_card_type mv_credit_card_exp_month mv_credit_card_exp_year mv_credit_card_info p_nickname email fax phone_night fax_order address_book accounts preferences carts owner file_acl db_acl order_numbers email_copy mail_list project_id account_id order_dest credit_limit
+username password acl mod_time s_nickname company fname lname address1 address2 address3 city state zip country phone_day mv_shipmode b_nickname b_fname b_lname b_address1 b_address2 b_address3 b_city b_state b_zip b_country b_phone mv_credit_card_type mv_credit_card_exp_month mv_credit_card_exp_year mv_credit_card_info p_nickname email fax phone_night fax_order address_book accounts preferences carts owner file_acl db_acl order_numbers email_copy mail_list project_id account_id order_dest credit_limit inactive
__MVC_SUPERUSER__ __MVC_SUPASSWD__ current Super User
shipping pass current Shipping User
test test current Papa Bear Little Cottage The Forest IL 61821 US 513.555.5555 GNDCOM Little Cottage The Forest IL 61821 visa 3 02 papabear@minivend.com 0 {'dad' => {'city' => 'The Forest','state' => 'IL','fname' => 'Papa','lname' => 'Bear','mv_shipmode' => 'upsg','zip' => ' 61821','country' => 'US','address1' => 'TESTING','phone_day' => '217.555.5555'},'mom' => {'city' => 'The Forest','state' => 'IL','fname' => 'Mama','lname' => 'Bear','mv_shipmode' => 'upsb','zip' => '61821','country' => 'US','address1' => 'Little Cottage','phone_day' => '217.555.5555'},'baby' => {'fname' => 'Baby','lname' => 'Bear','state' => 'OH','zip' => '45056','country' => 'US','address1' => 'Cold Cruel World','phone_day' => '513.555.5555','city' => 'Big City','mv_shipmode' => 'upsr'}} 1
View
2  dist/barry/products/variable.txt
@@ -45,7 +45,7 @@ UI_C_VLINK #000000
UI_LEFT_WIDTH 150
UI_OVERALL_WIDTH 600
UI_RIGHT_WIDTH 450
-UI_TRAFFIC_STATS logs/usertrack
+UI_TRAFFIC_STATS __MVC_CATROOT__/logs/usertrack
UPS_ORIGIN __MVC_UPSORIGIN__
UPS_COUNTRY_FIELD country
UPS_POSTCODE_FIELD zip
View
10 dist/basic/products/minimate.asc
@@ -1,4 +1,6 @@
-username super yes_tables no_tables upload acl export edit pages files config reconfig meta no_functions yes_functions table_control
-test 0 2ndDayAir Ground NextDayAir locale minimate mv_metadata inventory pricing products cat pricing products inventory orderline pricing products ind* news* about* privacy* error.log etc/* 0 1 products files change_db spreadsheet display_configure entities error config home search report {'pricing' => {'no_fields' => "price_group",},'products' => {'no_keys' => "00-342",'no_fields' => "weight nontaxable",'yes_keys' => "00-0011 00-0011a 00-342 00-343 00-404",'yes_fields' => "sku artist title description comment price",},}
-shipping 0 orderline transactions orderline transactions NONE etc/tracking.asc orders/* 0 0 orderline transactions pages add_field journal_update display_configure entities error config home sql none {'transactions' => {'yes_fields' => "code status",},'orderline' => {'yes_fields' => "code status",},}
-__MVC_SUPERUSER__ 1 products 0 1
+username password name last_login super yes_tables no_tables upload acl export edit pages files config reconfig groups meta no_functions yes_functions table_control
+__MVC_SUPERUSER__ ceJq5Qwc3ApHQ Super User 1
+test sSPI6dOz/ciLg Papa Bear 962090612 0 2ndDayAir=vi Ground=vi NextDayAir=vix affiliate=vix area=vix country=vix inventory=vix locale=veix orderline=veix pricing=veix products=veix shipping=veix transactions=veix userdb=ex variable=ex mv_metadata access inventory pricing products cat pricing products inventory orderline pricing products ind* news* about* privacy* error.log etc/* 0 1 :orders products item=lvecd group=lv group=lv order=lvecau dbdownload laydownload orderstats userdb=lvep {'pricing' => {'no_fields' => "price_group",},'products' => {'no_keys' => "00-342",'no_fields' => "weight nontaxable",'yes_keys' => "00-0011 00-0011a 00-342 00-343 00-404",'yes_fields' => "sku artist title description comment price",},}
+shipping ceJq5Qwc3ApHQ Shipping User 962075741 0 orderline transactions orderline transactions NONE etc/tracking.asc orders/* 0 0 :orders orderline transactions order=d access=vl group=vl {'transactions' => {'yes_fields' => "code status",},'orderline' => {'yes_fields' => "code status",},}
+:backup Backup
+:orders * Order admin 0 orderline transactions userdb userdb transactions orderline orderline transactions userdb order=d
View
3  dist/catalog_after.cfg
@@ -0,0 +1,3 @@
+UserDB ui database access
+UserDB ui crypt 1
+UserDB ui time_field last_login
View
2  dist/catalog_before.cfg
@@ -7,7 +7,7 @@ Variable UI_BASE @@UI_BASE@@
Variable UI_BASE admin
#endif
-Variable UI_ACCESS_TABLE minimate
+Variable UI_ACCESS_TABLE access
Variable UI_META_TABLE mv_metadata
Variable UI_OVERALL_WIDTH 600
Variable UI_LEFT_WIDTH 150
View
97 dist/lib/UI/Primitive.pm
@@ -23,7 +23,7 @@ my($order, $label, %terms) = @_;
package UI::Primitive;
-$VERSION = substr(q$Revision: 1.10 $, 10);
+$VERSION = substr(q$Revision: 1.11 $, 10);
$DEBUG = 0;
use vars qw!
@@ -63,40 +63,54 @@ sub is_super {
#::logDebug("called is_super");
return 0 if ! $Vend::Session->{logged_in};
#::logDebug("is_super: logged in");
- return 0 if ! $Vend::Session->{username};
+ return 0 if ! $Vend::username;
+ return 0 if $Vend::Cfg->{AdminUserDB} and ! $Vend::admin;
#::logDebug("is_super: have username");
- my $db = Vend::Data::database_exists_ref($Vend::Cfg->{Variable}{UI_ACCESS_TABLE} || 'access');
+ my $db = Vend::Data::database_exists_ref(
+ $Vend::Cfg->{Variable}{UI_ACCESS_TABLE} || 'access'
+ );
return 0 if ! $db;
#::logDebug("is_super: access db exists");
$db = $db->ref();
- my $result = $db->field($Vend::Session->{username}, 'super');
+ my $result = $db->field($Vend::username, 'super');
#::logDebug("is_super: result=$result");
return $result;
}
+sub is_logged {
+#::logDebug("is_logged check");
+ return 0 if ! $Vend::Session->{logged_in};
+#::logDebug("is_logged logged_in=ok");
+ return 0 unless $Vend::admin or ! $Vend::Cfg->{AdminUserDB};
+#::logDebug("is_logged admin=ok");
+ return 1;
+}
sub ui_acl_enabled {
+ my $try = shift;
my $table;
$Global::SuperUserFunction = \&is_super;
my $default = defined $Global::Variable->{UI_ACL}
? (! $Global::Variable->{UI_ACL})
: 1;
- $table = $::Variable->{UI_ACCESS_TABLE} || 'minimate';
+ $table = $::Variable->{UI_ACCESS_TABLE} || 'access';
$Vend::WriteDatabase{$table} = 1;
my $db = Vend::Data::database_exists_ref($table);
return $default unless $db;
$db = $db->ref() unless $Vend::Interpolate::Db{$table};
- my $uid = $Vend::Session->{username} || $CGI::remote_user;
+ my $uid = $try || $Vend::username || $CGI::remote_user;
+#::logDebug("ACL enabled try uid=$uid");
if(! $uid or ! $db->record_exists($uid) ) {
return 0;
}
- $Vend::Session->{ui_username} = $uid;
+#::logDebug("ACL enabled record exists uid=$uid");
my $ref = $db->row_hash($uid)
or die "Bad database record for $uid.";
#::logDebug("ACL enabled, table_control=$ref->{table_control}");
if($ref->{table_control}) {
$ref->{table_control_ref} = $ui_safe->reval($ref->{table_control});
}
+ return $ref if $try;
$Vend::UI_entry = $ref;
}
@@ -105,12 +119,12 @@ sub get_ui_table_acl {
$table = $::Values->{mv_data_table} unless $table;
#::logDebug("Call get_ui_table_acl: " . Vend::Util::uneval_it(\@_));
my $acl_top;
- if($user and $user ne $Vend::Session->{ui_username}) {
+ if($user and $user ne $Vend::username) {
if ($Vend::UI_acl{$user}) {
$acl_top = $Vend::UI_acl{$user};
}
else {
- my $ui_table = $::Variable->{UI_ACCESS_TABLE} || 'minimate';
+ my $ui_table = $::Variable->{UI_ACCESS_TABLE} || 'access';
my $acl_txt = Vend::Interpolate::tag_data($ui_table, 'table_control', $user);
return undef unless $acl_txt;
$acl_top = $ui_safe->reval($acl_txt);
@@ -137,7 +151,7 @@ sub ui_acl_grep {
my %ok;
@ok{@entries} = @entries;
if($val = $acl->{owner_field} and $name eq 'keys') {
- my $u = $Vend::Session->{ui_username};
+ my $u = $Vend::username;
my $t = $acl->{table}
or do{
::logError("no table name with owner_field.");
@@ -178,16 +192,42 @@ sub ui_acl_atom {
return $status;
}
+sub ui_extended_acl {
+ my ($item, $string) = @_;
+ $string = " $string ";
+#::logDebug("extended acl string='$string'");
+ my ($name, $sub) = split /=/, $item, 2;
+#::logDebug("extended acl: name=$name sub=$sub");
+#::logDebug("extended acl trying /[\s,]!${name}\[,\s]/");
+ return 0 if $string =~ /[\s,]!$name(?:[,\s])/;
+#::logDebug("extended acl passed /[\s,]!${name}\[,\s]/");
+#::logDebug("extended acl trying /[\s,]${name}\[,\s]/");
+ return 1 if $string =~ /[\s,]$name(?:[,\s])/;
+#::logDebug("extended acl passed /[\s,]${name}\[,\s]/");
+ my (@subs) = split //, $sub;
+ for(@subs) {
+#::logDebug("extended acl trying /[\s,]!$name=[^,\s]*$sub/");
+ return 0 if $string =~ /[\s,]!$name=[^,\s]*$sub/;
+#::logDebug("extended acl passed /[\s,]!$name=[^,\s]*$sub/");
+#::logDebug("extended acl trying /[\s,]$name=[^,\s]*$sub/");
+ return 0 unless $string =~ /[\s,]$name=[^,\s]*$sub/;
+#::logDebug("extended acl passed /[\s,]$name=[^,\s]*$sub/");
+ }
+ return 1;
+}
+
sub ui_check_acl {
my ($item, $string) = @_;
+#::logDebug("checking item=$item");
+ return ui_extended_acl(@_) if $item =~ /=/;
$string = " $string ";
- return 0 if $string =~ /[\s,]!$item[,\s]/;
- return 1 if $string =~ /[\s,]$item[,\s]/;
+ return 0 if $string =~ /[\s,]!$item[=,\s]/;
+ return 1 if $string =~ /[\s,]$item[=,\s]/;
return '';
}
sub ui_acl_global {
- my $record = ui_acl_enabled('write');
+ my $record = ui_acl_enabled();
# First we see if we have ACL enforcement enabled
# If you don't, then people can do anything!
unless (ref $record) {
@@ -198,31 +238,51 @@ sub ui_acl_global {
my $Tag = new Vend::Tags;
$CGI->{mv_todo} = $CGI->{mv_doit}
if ! $CGI->{mv_todo};
+ if( $Tag->if_mm('super')) {
+ $::Scratch->{mv_data_enable} = 1;
+ return;
+ }
+
if( $CGI->{mv_todo} eq 'set' ) {
undef $::Scratch->{mv_data_enable};
my $mml_enable = $Tag->if_mm('functions', 'mml');
my $html_enable = ! $Tag->if_mm('functions', 'no_html');
my $target = $CGI->{mv_data_table};
$Vend::WriteDatabase{$target} = 1;
+ my $db = Vend::Data::database_exists_ref($target);
+ if(! $db) {
+ $::Scratch->{ui_failure} = "Table $target doesn't exist";
+ return;
+ }
+
my $keyname = $CGI->{mv_data_key};
- my @codes = grep /\S/, split /\0/, $CGI->{$keyname};
- my @fields = grep /\S/, split /[,\s\0]+/, $CGI->{mv_data_fields};
- if ($CGI->{mv_auto_export} and $Tag->if_mm('!export', undef, { table => $target }, 1) ) {
+ if ($CGI->{mv_auto_export}
+ and $Tag->if_mm('!tables', undef, { table => "$target=x" }, 1) ) {
$::Scratch->{ui_failure} = "Unauthorized to export table $target";
$CGI->{mv_todo} = 'return';
return;
}
- if ($Tag->if_mm('!edit', undef, { table => $target }, 1) ) {
+ if ($Tag->if_mm('!tables', undef, { table => "$target=e" }, 1) ) {
$::Scratch->{ui_failure} = "Unauthorized to edit table $target";
$CGI->{mv_todo} = 'return';
return;
}
+
+ my @codes = grep /\S/, split /\0/, $CGI->{$keyname};
for(@codes) {
+ unless( $db->record_exists($_) ) {
+ next if $Tag->if_mm('tables', undef, { table => "$target=c" }, 1);
+ $::Scratch->{ui_failure} = "Unauthorized to insert to table $target";
+ $CGI->{mv_todo} = 'return';
+ return;
+ }
next if $Tag->if_mm('keys', $_, { table => $target }, 1);
$CGI->{mv_todo} = 'return';
$::Scratch->{ui_failure} = errmsg("Unauthorized for key %s", $_);
return;
}
+
+ my @fields = grep /\S/, split /[,\s\0]+/, $CGI->{mv_data_fields};
for(@fields) {
$CGI->{$_} =~ s/\[/&#91;/g unless $mml_enable;
$CGI->{$_} =~ s/\</&lt;/g unless $html_enable;
@@ -231,6 +291,7 @@ sub ui_acl_global {
$::Scratch->{ui_failure} = errmsg("Unauthorized for key %s", $_);
return;
}
+
$::Scratch->{mv_data_enable} = 1;
}
elsif ($CGI->{mv_todo} eq 'deliver') {
@@ -613,7 +674,7 @@ sub meta_display {
$sub = \&CORE::length;
}
}
- $sub = \&CORE::length if ! $sub;
+ $sub = sub { length(@_) } if ! $sub;
$record->{passed} = join ",", grep $sub->($_),
map
{ $_->[0] =~ s/,/&#44;/g; $_->[0]}
View
149 dist/lib/UI/pages/admin/access.html
@@ -0,0 +1,149 @@
+[set page_title]Admin User Manager[/set]
+[set page_perm]access=l[/set]
+[set help_name]access.main[/set]
+[set icon_name]admin/icon_config.gif[/set]
+
+@@UI_STD_HEAD@@
+[if scratch ui_message]
+<P>
+<BLOCKQUOTE>
+ [scratch ui_message][set ui_message][/set]
+</BLOCKQUOTE>
+<P>
+&nbsp;
+[/if]
+
+<form action="[area ui]" method=POST>
+<INPUT TYPE=hidden NAME=mv_todo VALUE=back>
+<INPUT TYPE=hidden NAME=mv_nextpage VALUE="__UI_BASE__/user_edit">
+<INPUT TYPE=hidden NAME=ui_hide_key VALUE="1">
+
+<table cellpadding=3 cellspacing=0>
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+[if-mm advanced access=c]
+[set Create new user]
+mv_nextpage=__UI_BASE__/user_edit
+user_id=NEW
+ui_hide_key=0
+[/set]
+[else]
+[set Create new user] [/set]
+[/else]
+[/if-mm]
+
+[if-mm advanced access=e]
+[set Change password]
+mv_nextpage=__UI_BASE__/user_change_pass
+ui_hide_key=0
+[/set]
+[else]
+[set Change password] [/set]
+[/else]
+[/if-mm]
+
+[if-mm advanced perm=v]
+[set Show permissions]
+mv_nextpage=__UI_BASE__/access_permissions
+ui_return_to=@@MV_PAGE@@
+[/set]
+[else]
+[set Show permissions] [/set]
+[/else]
+[/if-mm]
+
+
+[set Delete user]
+mv_nextpage=@@MV_PAGE@@
+[flag type=write table="__UI_ACCESS_TABLE__"]
+[if-mm advanced access=d]
+[perl table="__UI_ACCESS_TABLE__"]
+ my $db = $Db{__UI_ACCESS_TABLE__};
+ if(! $db) {
+ $Scratch->{ui_message} = "Bad access table __UI_ACCESS_TABLE__";
+ return;
+ }
+ unless ( $db->delete_record($CGI->{user_id}) ) {
+ $Scratch->{ui_message} =
+ "Failed to delete user $CGI->{user_id} from table __UI_ACCESS_TABLE__";
+ return;
+ }
+ $Scratch->{ui_message} =
+ "Deleted user $CGI->{user_id} from table __UI_ACCESS_TABLE__";
+ return;
+[/perl]
+[else]
+[set ui_message]Not authorized to delete users.[/set]
+[/else]
+[/if-mm]
+[/set]
+
+[if-mm advanced access=c]
+<tr>
+<td colspan=2 bgcolor="__UI_C_INTBLOCK__">
+<input type="submit" name="mv_click" value="Create new user">
+</td>
+</tr>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+[/if-mm]
+
+<tr>
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_LEFT_WIDTH__>
+[if-mm advanced access=e]
+ <input type="submit" value="Edit user"><br>
+[/if-mm]
+[if-mm advanced perm=v]
+<input type="submit" name="mv_click" value="Show permissions"><p>
+[/if-mm]
+[if-mm advanced access=e]
+<input type="submit" name="mv_click" value="Change password"><p>
+[/if-mm]
+[if-mm advanced access=d]
+<input type="submit" name="mv_click" value="Delete user"
+ onClick="return confirm('Are you sure you want to delete this user?')">
+[/if-mm]
+</td>
+
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_RIGHT_WIDTH__>
+<select name="user_id" size=10>
+[loop search="
+ fi=access
+ st=db
+ co=yes
+ sf=username
+ se=:
+ bs=yes
+ ne=1
+ tf=name
+ "]
+ <option value="[loop-code]">[loop-code] -- [loop-data access name][if-loop-data access super]*[/if-loop-data]
+[/loop]
+</select>&nbsp;<B>* superuser</B>
+</td>
+</tr>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+</table>
+
+<p>
+
+[set Back]
+mv_todo=back
+mv_nextpage=index
+[/set]
+
+<input type=submit name="mv_click" value="Back">
+
+</form>
+
+@@UI_STD_FOOTER@@
+
+<!-- page: @@MV_PAGE@@ -->
View
377 dist/lib/UI/pages/admin/access_permissions.html
@@ -0,0 +1,377 @@
+[if !cgi user_id]
+ [calc] $CGI->{user_id} = $Values->{user_id}; return;[/calc]
+[/if]
+[if !cgi user_id]
+[bounce page="__UI_BASE__/access"]
+[/if]
+
+[calc]
+ $CGI->{mv_data_table} = $Values->{mv_data_table} = '__UI_ACCESS_TABLE__';
+ return;
+[/calc]
+
+[seti page_title]Edit Permissions: [cgi user_id][/seti]
+[set page_perm]access=v[/set]
+[set help_name]access.main[/set]
+[set icon_name]admin/icon_config.gif[/set]
+
+[set process_perm]
+[perl]
+ my @filters = grep /^ui_filter:/, keys %$CGI;
+ foreach my $key (@filters) {
+ my $val = delete $CGI->{$key};
+ $key =~ s/ui_filter://;
+ next unless $val;
+ next unless defined $CGI->{$key};
+ $CGI->{$key} = $Tag->filter($val, $CGI->{$key}, $key);
+ $CGI->{$key} = s/=$//;
+ }
+
+ $CGI->{yes_functions} =~ s/\0//g;
+ $CGI->{yes_functions} =~ s/,/ /g;
+ $CGI->{yes_functions} =~ s/\w+=(?:\s+|$)//g;
+
+ $CGI->{yes_tables} =~ s/\0//g;
+ $CGI->{yes_tables} =~ s/,/ /g;
+ $CGI->{yes_tables} =~ s/\w+=(?:\s+|$)//g;
+ $CGI->{yes_tables} =~ s/(\w+)=vecdix(\s+|$)/$1$2/g;
+
+ $CGI->{no_tables} =~ s/\0/ /g;
+
+ $CGI->{mv_todo} = 'set';
+ $CGI->{mv_nextpage} = '@@MV_PAGE@@';# unless $CGI->{mv_nextpage};
+ return;
+[/perl]
+[/set]
+
+@@UI_STD_HEAD@@
+[if scratch ui_message]
+<P>
+<BLOCKQUOTE>
+ [scratch ui_message][set ui_message][/set]
+</BLOCKQUOTE>
+<P>
+&nbsp;
+[/if]
+
+
+<!-- ----- BEGIN REAL STUFF ----- -->
+
+[if scratch ui_failure]
+ <FONT COLOR=RED>Failed: [scratch ui_failure][set ui_failure][/set]</FONT><BR>
+[/if]
+
+<FORM METHOD=POST ACTION="[area ui]">
+<INPUT TYPE=hidden NAME=mv_doit VALUE="set">
+<INPUT TYPE=hidden NAME=mv_click VALUE="process_perm">
+<INPUT TYPE=hidden NAME=mv_nextpage VALUE="[cgi ui_return_to]">
+<INPUT TYPE=hidden NAME=user_id VALUE="[cgi user_id]">
+<INPUT TYPE=hidden NAME=username VALUE="[cgi user_id]">
+<INPUT TYPE=hidden NAME=mv_data_table VALUE="[value mv_data_table]">
+<INPUT TYPE=hidden NAME=mv_data_key VALUE="username">
+<INPUT TYPE=hidden NAME=mv_update_empty VALUE="1">
+<INPUT TYPE=hidden NAME=mv_data_fields VALUE="username yes_functions no_tables yes_tables">
+<INPUT TYPE=hidden NAME="mv_data_function" VALUE="update">
+
+
+<table cellpadding=3 cellspacing=0 width=100%>
+
+<tr>
+<td colspan=6 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>&nbsp;</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>View list</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>View detail</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Create</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Edit</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Delete</td>
+</tr>
+
+[seti tables][list-databases][/seti]
+[perl tables="__UI_META_TABLE__ __UI_ACCESS_TABLE__"]
+
+ my @permissions = (
+ item => 'Item editor',
+ page => 'Page editor',
+ cat => 'Category editor',
+ tax => 'Tax editor',
+ shipping => 'Shipping editor',
+ payment => 'Payment editor',
+ affiliate => 'Affiliates editor',
+ itemtype => 'Item type editor',
+ pagetype => 'Page type editor',
+ grouptype => 'Group type editor',
+ matrix => 'Matrix editor',
+ knar => 'Knar editor',
+ access => 'Access User editor',
+ group => 'Access Group editor',
+ perm => 'Permission editor',
+ layout => 'Layout editor',
+ );
+ my %extra = qw/userdb 1 order 1/;
+ my $current = tag_data('__UI_ACCESS_TABLE__', 'yes_functions', $CGI->{user_id});
+ my $out = '';
+ my @ary = grep /\S/, split /[\s,\0]+/, $current;
+ my @some = qw/l v e c d/;
+ my @more = qw/a u p/;
+ my @all = (@some, @more);
+ my %all;
+ @all{@some, @more} = (@some, @more);
+ $permref = {};
+ foreach $one (@ary) {
+ $one =~ s/=(.*)//;
+ my $sub = $1 || undef;
+ my $ref = $permref->{$one} = {};
+ my @set;
+ if ($sub) {
+ @set = grep $all{$_}, split //, $sub;
+ }
+ else {
+ @set = $extra{$one} ? @all : @some;
+ }
+ for(@set) {
+ $ref->{$_} = ' CHECKED';
+ }
+ }
+
+ my $string = $Tag->uneval( {ref=>$permref} );
+#DEBUG
+# $out .= <<EOF;
+#<tr>
+#<td colspan=6 bgcolor=__UI_C_INTBLOCK__ valign=top>
+#$string
+#</td>
+#EOF
+
+ my $perm;
+ my $title;
+ while( $perm = shift @permissions) {
+ $title = shift @permissions;
+ my $ref = $permref->{$perm} || {};
+ $out .= <<EOF;
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<b>$title</b>
+<input type=hidden value="$perm=" name="yes_functions">
+</td>
+EOF
+ for(@some) {
+ $out .= <<EOF;
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<INPUT type=checkbox value=$_ name="yes_functions"$ref->{$_}>
+</td>
+EOF
+ }
+ $out =~ s!(<.td>\s*)$!<input type=hidden value="," name="yes_functions">$1</tr>!;
+ }
+ my $ref = $permref->{order};
+ $out .= <<EOF;
+<tr>
+<td colspan=6 bgcolor=__UI_C_TOPBLOCKBAR__><img src="admin/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+</table>
+
+<br>
+
+<table cellpadding=3 cellspacing=0 width=100%>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<b>Order manager:</b>
+<INPUT type=hidden value="order=" name="yes_functions">
+<li><INPUT type=checkbox value=l name="yes_functions"$ref->{l}> View list
+<li><input type=checkbox value=v name="yes_functions"$ref->{v}> View single
+<li><input type=checkbox value=d name="yes_functions"$ref->{d}> Delete
+<li><input type=checkbox value=e name="yes_functions"$ref->{e}> Edit
+<li><input type=checkbox value=c name="yes_functions"$ref->{c}> Input new
+<li><input type=checkbox value=a name="yes_functions"$ref->{a}> Archive
+<li><input type=checkbox value=u name="yes_functions"$ref->{u}> Un-archive
+<INPUT type=hidden value="," name="yes_functions">
+<p>
+</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top ROWSPAN=2>
+EOF
+ @permissions = (
+ orderstats => 'Order statistics utility',
+ trafficstats => 'Traffic statistics utility',
+ env_vars => 'Environment variables utility',
+ stats => 'Stats menu',
+ techadmin => 'Techncal Admin menu',
+ sitedesign => 'Site Design menu',
+ config => 'Apply changes',
+ dbupload => 'Database importer',
+ dbdownload => 'Database exporter',
+ layupload => 'Layout importer',
+ laydownload => 'Layout exporter',
+ gensql => 'Direct SQL utility',
+ );
+ while($perm = shift @permissions ) {
+ $title = shift @permissions;
+ my $on = defined $permref->{$perm} ? ' CHECKED' : '';
+ $out .= <<EOF;
+<li><INPUT type=checkbox value="$perm," name="yes_functions"$on> <b>$title</b>
+EOF
+ }
+ $ref = $permref->{userdb};
+ $out .= <<EOF;
+<p>
+</td>
+</tr>
+
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<b>User manager:</b>
+<INPUT type=hidden value="userdb=" name="yes_functions">
+<li><INPUT type=checkbox value=l name="yes_functions"$ref->{l}> View list
+<li><input type=checkbox value=v name="yes_functions"$ref->{v}> View single
+<li><input type=checkbox value=d name="yes_functions"$ref->{d}> Delete
+<li><input type=checkbox value=e name="yes_functions"$ref->{e}> Edit
+<li><input type=checkbox value=c name="yes_functions"$ref->{c}> Input new
+<li><input type=checkbox value=p name="yes_functions"$ref->{p}> Mail password
+<INPUT type=hidden value="," name="yes_functions">
+<p>
+</td>
+</tr>
+EOF
+ return $out;
+[/perl]
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+</table>
+
+<p>
+
+<table cellpadding=3 cellspacing=0 width=100%>
+
+<tr>
+<td colspan=8 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+<tr>
+<td colspan=8 bgcolor=__UI_C_INTBLOCK__ ALIGN=center><B>Table Permissions</B></td>
+</tr>
+
+<tr>
+<td colspan=8 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>&nbsp;</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>HIDE</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>View</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Edit</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Create</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Delete</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Import</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>Export</td>
+</tr>
+
+
+[perl]
+
+ my $current = tag_data('__UI_ACCESS_TABLE__', 'yes_tables', $CGI->{user_id})
+ || $Scratch->{tables};
+ $current =~ s/\s+/ /g;
+ my $no = tag_data('__UI_ACCESS_TABLE__', 'no_tables', $CGI->{user_id});
+ $no =~ s/\s+/ /g;
+ #Log("no = $no");
+ my (@no) = split /\s+/, $no;
+ my %no;
+ for(@no) { $no{$_} = ' CHECKED' }
+
+ my $out = '';
+ my @ary = split /[\s,\0]+/, $current;
+
+ #Log("ary = " . join ",", @ary);
+ #Log("no = " . join ",", @no);
+ my (@all) = qw/v e c d i x/;
+ my %all;
+ @all{@all} = @all;
+ my $permref = {};
+
+ my $one;
+
+ foreach $one (@ary) {
+ $one =~ s/=(.*)//;
+ my $sub = $1 || undef;
+ next if $no{$one};
+ my $ref = $permref->{$one} = {};
+ my @set;
+ if ($sub) {
+ @set = grep $all{$_}, split //, $sub;
+ }
+ else {
+ @set = (@all);
+ }
+ for(@set) {
+ $ref->{$_} = ' CHECKED';
+ }
+ }
+
+ #my $string = "all=@all ". $Tag->uneval( { ref=> $permref } );
+
+ my @tables = split /\s+/, $Scratch->{tables};
+
+ for(@tables) {
+ push @permissions, $_, tag_data('__UI_META_TABLE__', 'label', $_) || $_;
+ }
+
+ my $perm;
+ my $title;
+ while( $perm = shift @permissions) {
+ $title = shift @permissions;
+ my $ref = $permref->{$perm} || {};
+ $out .= <<EOF;
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<b>$title</b>
+<input type=hidden value="$perm=" name="yes_tables">
+</td>
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<INPUT type=checkbox value="$perm" name="no_tables"$no{$perm}>
+</td>
+EOF
+ for(@all) {
+ $out .= <<EOF;
+<td bgcolor=__UI_C_INTBLOCK__ valign=top>
+<INPUT type=checkbox value=$_ name="yes_tables"$ref->{$_}>
+</td>
+EOF
+ }
+ $out =~ s!(<.td>\s*)$!<input type=hidden value="," name="yes_tables">$1</tr>!;
+ }
+ #$Scratch->{string} = $string;
+ return $out;
+ [/perl]
+
+<tr>
+<td colspan=8 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=600 height=1></td>
+</tr>
+
+</table>
+
+<input type=submit value="Ok">
+
+[set Cancel]
+mv_todo=back
+mv_nextpage=[either][value-extended name=ui_return_to index=0][or]__UI_BASE__/access[/either]
+mv_data_table=[cgi mv_data_table]
+[/set]
+
+<input type=submit name="mv_click" value="Cancel">
+<BR>
+
+</form>
+@@UI_STD_FOOTER@@
+
+<!-- page: @@MV_PAGE@@ -->
View
22 dist/lib/UI/pages/admin/advanced.html
@@ -17,50 +17,55 @@
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
-<a href="[area __UI_BASE__/matrix]">Matrix editor</a><br>
-</font>
-</td></tr>
-
-<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
-<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/type]">Type editor</a><br>
</font>
</td></tr>
+[if-mm advanced export]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/genxport]">Import / export</a><p>
</font>
</td></tr>
+[/if-mm]
+[if-mm advanced access]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/access]">Access manager</a><br>
</font>
</td></tr>
+[/if-mm]
<tr><td align=left bgcolor=__UI_C_INTBLOCKBAR__><img src="images/cleardot.gif" width=1 height=1></td></tr>
+[if-mm advanced env_vars]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/env_vars]">Environment variables</a><br>
</font>
</td></tr>
+[/if-mm]
+[if-mm advanced gentable]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/gentable]">Direct Table Edit</a>
</font>
</td></tr>
+[/if-mm]
+[if-mm advanced gensql]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/gensql]">Direct SQL Utility</a>
</font>
</td></tr>
+[/if-mm]
<tr><td align=left bgcolor=__UI_C_INTBLOCKBAR__><img src="images/cleardot.gif" width=1 height=1></td></tr>
+[if-mm advanced knar]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area href=__UI_BASE__/flex_select
@@ -71,20 +76,25 @@
']">Knar editor</a><br>
</font>
</td></tr>
+[/if-mm]
+[comment]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/config]">Technical settings</a>
</font>
</td></tr>
+[/comment]
<tr><td align=left bgcolor=__UI_C_INTBLOCKBAR__><img src="images/cleardot.gif" width=1 height=1></td></tr>
+[comment]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
<a href="[area __UI_BASE__/prefs]">Change preferences</a><br>
</font>
</td></tr>
+[/comment]
<tr><td align=left bgcolor=__UI_C_INTBLOCK__>
<font size="+1" face="arial,helvetica,sans-serif">
View
20 dist/lib/UI/pages/admin/affiliates.html
@@ -43,7 +43,7 @@
<INPUT TYPE=hidden NAME=page_title VALUE="Edit Affiliate">
<INPUT TYPE=hidden NAME=ui_return_to VALUE="@@MV_PAGE@@">
<INPUT TYPE=hidden NAME=help_name VALUE="affiliate.edit">
-<INPUT TYPE=hidden NAME=ui_data_fields VALUE="[either][cgi mv_data_fields][or][db-columns table="[cgi mv_data_table]"][/either]">
+<INPUT TYPE=hidden NAME=mv_data_fields VALUE="[either][cgi ui_data_fields][or][db-columns table="[cgi mv_data_table]"][/either]">
<INPUT TYPE=hidden NAME=ui_break_before VALUE="[cgi ui_break_before]">
<p>
@@ -84,7 +84,7 @@
unless ($db = $Db{$CGI->{mv_data_table}}) {
$Scratch->{ui_error} = "bad data table $CGI->{mv_data_table}";
}
- Log("trying to delete $CGI->{item_id}");
+ #Log("trying to delete $CGI->{item_id}");
$db->delete_record($CGI->{item_id})
or $Scratch->{ui_error} = "Failed to delete $CGI->{item_id}";
return;
@@ -99,12 +99,24 @@
[/if]
[/set]
-[set Show Statistics]
+[set Show Orders]
mv_todo=return
affiliate=[cgi item_id]
mv_nextpage=__UI_BASE__/reports/order/ByAffiliate
[/set]
-<input type=submit name="mv_click" value="Show Statistics"><br>
+
+[set Show Traffic]
+mv_todo=return
+affiliate=[cgi item_id]
+[tag time]
+ui_begin_date=%Y%m
+ui_end_date=%Y%mz
+ui_by_day=1
+[/tag]
+mv_nextpage=__UI_BASE__/reports/traffic/ByAffiliate
+[/set]
+<input type=submit name="mv_click" value="Show Orders"><br>
+<input type=submit name="mv_click" value="Show Traffic"><br>
<input type="submit" name="mv_click" value="Delete affiliate"
onClick="return confirm('Are you sure you want to delete this item?')">
View
254 dist/lib/UI/pages/admin/customer.html
@@ -0,0 +1,254 @@
+[if cgi showactive]
+[value name=showinactive set=""]
+[/if]
+
+[value name=mv_data_table set=userdb hide=1]
+[if-mm !tables]
+[set ui_error]
+ Not authorized for customer administration. Contact administrator?
+[/set]
+[bounce page="__UI_BASE__/error"]
+[/if-mm]
+
+[set page_perm]userdb[/set]
+
+[tag flag write]userdb[/tag]
+[perl tables=userdb]
+ delete $Scratch->{ui_location};
+ $Config->{NoSearch} = '';
+ my $db = $Db{userdb};
+ if(! $db) {
+ $Scratch->{error_message} = "<FONT CLASS=error>Error: no userdb database.</FONT><BR>";
+ $Scratch->{ui_location} = "__UI_BASE__/error";
+ return;
+ }
+
+ my ($value, $action_col);
+ if($CGI->{activate}) {
+ $value = 0;
+ $action_col = 'inactive';
+ }
+ elsif($CGI->{deactivate}) {
+ $value = 1;
+ $action_col = 'inactive';
+ }
+ elsif($CGI->{deletecustomer}) {
+ $value = 1;
+ $action_col = 'deleted';
+ }
+ elsif($CGI->{viewcustomer} and ! $CGI->{viewnext}) {
+ #Log("viewcustomer and !viewnext");
+ $CGI->{customer} =~ s/^\0+//;
+ $CGI->{customer} =~ s/\0+$//;
+ $Scratch->{ui_location} = $Tag->area('__UI_BASE__/customer_view', $CGI->{customer});
+ }
+ elsif($CGI->{xload}) {
+ $Scratch->{ui_location} = $Tag->area('__UI_BASE__/dbdownload');
+ }
+ else {
+ $CGI->{customer} =~ s/^\0+//;
+ $CGI->{customer} =~ s/\0.*//s;
+ $Scratch->{start_at} = "sm=$CGI->{customer}";
+ }
+
+ if($action_col) {
+ for(grep $_, @{$CGI_array->{customer}}) {
+ $db->set_field($_, $action_col, $value);
+ }
+ }
+ if(@errors) {
+ my $plural = @errors > 1 ? 's' : '';
+ return "<FONT CLASS=error>Error$plural:<UL><LI>" .
+ join ("<LI>", @errors) .
+ "</UL></FONT><BR>";
+ }
+ if($CGI->{viewnext}) {
+ #Log("viewnext");
+ $Scratch->{message} = "Wanted to view next.";
+ my $custnum = $CGI->{customer};
+ $custnum =~ s/[\0,\s].*//;
+ return if ! $custnum;
+ $custnum++;
+ CHECKNEXT: {
+ if (! $db->record_exists($custnum) ) {
+ undef $custnum;
+ last CHECKNEXT;
+ }
+ if ($db->field($custnum, 'deleted') ) {
+ $custnum++;
+ next CHECKNEXT;
+ }
+ if ($Values->{showinactive} and ! $db->field($custnum, 'active') ) {
+ undef $custnum;
+ last CHECKNEXT;
+ }
+ else {
+ last CHECKNEXT;
+ }
+ }
+ if ($custnum) {
+ $Scratch->{message} = "Wanted to view customer.";
+ $Scratch->{ui_location} = $Tag->area(
+ {
+ href => '__UI_BASE__/customer_view',
+ form => "customer=$custnum",
+ }
+ );
+ }
+ else {
+ $Scratch->{message} = "[L]No next customer.[/L]";
+ }
+ }
+ return;
+[/perl]
+
+
+[if scratch ui_location]
+[calc]Log ("ui_location=$Scratch->{ui_location}"); [/calc]
+[bounce href=`delete $Scratch->{ui_location}`]
+[/if]
+
+[set icon_name]admin/icon_orders.gif[/set]
+[seti page_title]
+ [if value showinactive]
+ Customers: Inactive customers
+ [set help_name]customer.active[/set]
+ [else]
+ Customers: Active customers
+ [set help_name]customer.active[/set]
+ [/else]
+ [/if]
+[/seti]
+[update values]
+
+@@UI_STD_HEAD@@
+
+
+[if scratch message]
+<BLOCKQUOTE>
+[scratch message]
+</BLOCKQUOTE>
+[set message][/set]
+[/if]
+</font>
+
+<!-- ----- BEGIN REAL STUFF ----- -->
+
+<!-- ----- Show the active/inactive buttons ----- -->
+
+<form action="[area __UI_BASE__/customer]" method=POST>
+<INPUT TYPE=hidden NAME=mv_action VALUE=return>
+
+<input type=hidden name=inactive value="false">
+
+<p>
+&nbsp;
+<table cellpadding=3 cellspacing=0>
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="admin/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+[if value showinactive]
+<tr>
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_OVERALL_WIDTH__ colspan=2>
+<input type=submit name="showactive" value="Show active customers">
+[set active_sense]=[/set]
+</td>
+</tr>
+[else]
+[value name=showinactive set=""]
+<tr>
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_OVERALL_WIDTH__ colspan=2>
+<input type=submit name="showinactive" value="Show inactive customers">
+[set active_sense]!=[/set]
+</td>
+</tr>
+[/else]
+[/if]
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_INTBLOCKBAR__><img src="admin/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+<!-- ----- Show the operation buttons ----- -->
+
+<tr>
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_LEFT_WIDTH__>
+
+<input type=submit name="viewcustomer" value="View customer"><br>
+
+[if value showinactive]
+[if-mm advanced userdb=u]
+<input type=submit name="activate" value="Activate customer">
+[/if-mm]
+[else]
+[if-mm advanced userdb=a]
+<input type=submit name="deactivate" value="Deactivate customer">
+[/if-mm]
+[/else]
+[/if]
+
+<br>
+<br>
+
+[if-mm advanced userdb=d]
+<input type=submit name="deletecustomer" value="Delete customer"
+ onClick="return confirm('Are you sure you want to delete this customer?')">
+[/if-mm]
+
+<br>
+
+[comment]
+<input type=submit name="xload" value="Export customers">
+[/comment]
+[set Start list here]
+[calc]
+ $CGI->{customer} =~ s/^\0+//s;
+ $CGI->{customer} =~ s/\0.*//s;
+ $Scratch->{start_at} = "sm=$CGI->{customer}";
+ return;
+[/calc]
+mv_nextpage=@@MV_PAGE@@
+[/set]
+</td>
+<td bgcolor="__UI_C_INTBLOCK__" width=__UI_RIGHT_WIDTH__>
+<SMALL>Specific customer <INPUT TYPE=text NAME=customer VALUE=""> <INPUT TYPE=submit NAME=mv_click VALUE="Start list here"></SMALL>
+<!-- ----- Show the customer list box ----- -->
+
+[loop more=1 search="
+ fi=userdb
+ ml=100
+ md=1
+ st=db
+ co=yes
+ sf=inactive
+ se=1
+ op=[scratch active_sense]
+ tf=lname
+ [scratch start_at][set start_at][/set]
+ rf=username,lname,fname
+"]
+<pre>
+<select name=customer size=10 MULTIPLE>
+[list]<OPTION VALUE="[loop-code]">[loop-code] [loop-param lname] [loop-param fname]</OPTION>
+[/list]
+</select>
+</pre>
+[more-list]<BR>Customers [matches] of [value mv_search_match_count]: [more][/more-list]
+[/loop]
+</td></tr>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="admin/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+</table>
+
+<p>
+
+</form>
+
+
+<!-- ----- END REAL STUFF ----- -->
+
+@@UI_STD_FOOTER@@
+<!-- page: @@MV_PAGE@@ -->
View
116 dist/lib/UI/pages/admin/customer_change_pass.html
@@ -0,0 +1,116 @@
+[seti page_title]Change customer password: [cgi user_id][/seti]
+[seti page_banner]Change customer password: <B>[cgi user_id]</B>[/seti]
+[set page_perm]userdb=e[/set]
+[set help_name]access.main[/set]
+[set icon_name]admin/icon_config.gif[/set]
+[set no_old_needed][/set]
+@@UI_STD_HEAD@@
+
+[if session failure]
+<P>
+&nbsp;
+<BLOCKQUOTE>
+<FONT COLOR=RED>[L]Failure:[/L]</FONT> [data session failure][data base=session field=failure value=""]
+</BLOCKQUOTE>
+<P>
+&nbsp;
+[/if]
+
+[if scratch ui_message]
+<P>
+<BLOCKQUOTE>
+ [scratch ui_message][set ui_message][/set]
+</BLOCKQUOTE>
+<P>
+&nbsp;
+[/if]
+
+[loop list="[cgi user_id]"]
+
+[set check_match]
+[calc]
+ if ($CGI->{password} eq $CGI->{verify}) {
+ return 'mv_todo=set';
+ }
+ $Session->{failure} = "Password and verify do not match.";
+ return "mv_todo=back\nmv_nextpage=@@MV_PAGE@@";
+[/calc]
+[/set]
+
+<form action="[area ui]" method="post">
+<INPUT TYPE=hidden NAME=mv_todo VALUE=back>
+<INPUT TYPE=hidden NAME=mv_nextpage VALUE=__UI_BASE__/customer_view>
+<INPUT TYPE=hidden NAME=mv_arg VALUE="[loop-code]">
+<INPUT TYPE=hidden NAME=mv_data_table VALUE="userdb">
+<INPUT TYPE=hidden NAME=mv_data_key VALUE="username">
+<INPUT TYPE=hidden NAME=mv_click VALUE="check_match">
+<INPUT TYPE=hidden NAME=mv_data_fields VALUE="username password">
+
+<table cellpadding=3 cellspacing=0 width=100%>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ align=right>
+<small>User name</small>
+</td>
+<td bgcolor=__UI_C_INTBLOCK__>
+ <input type=hidden name=mv_data_function value="update">
+ <input type=hidden name=username value="[loop-code]">[loop-code]
+</td>
+</tr>
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+<tr>
+<td bgcolor=__UI_C_INTBLOCK__ align=right>
+<small>New password</small>
+</td>
+<td bgcolor=__UI_C_INTBLOCK__>
+<INPUT TYPE=password NAME=password VALUE="" SIZE=10>
+</td>
+</tr>
+
+<td bgcolor=__UI_C_INTBLOCK__ align=right>
+<small>Verify password</small>
+</td>
+<td bgcolor=__UI_C_INTBLOCK__>
+<INPUT TYPE=password SIZE=10 NAME=verify VALUE="">
+</td>
+</tr>
+
+
+<tr>
+<td colspan=2 bgcolor=__UI_C_TOPBLOCKBAR__><img src="images/cleardot.gif" width=__UI_OVERALL_WIDTH__ height=1></td>
+</tr>
+
+</table>
+
+<p>
+
+[set Ok]
+[/if-mm]
+[/set]
+[if-mm advanced userdb=e]
+ [set Ok]
+ mv_todo=set
+ [/set]
+ <input type=submit name="mv_click" value="Ok">
+ <input type=submit value="Cancel">
+[else]
+ [set Back]
+ mv_todo=back
+ [/set]
+ <input type=submit value="Back">
+[/else]
+[/if-mm]
+
+</form>
+[/loop]
+
+@@UI_STD_FOOTER@@
+
+<!-- page: @@MV_PAGE@@ -->
View
279 dist/lib/UI/pages/admin/customer_view.html
@@ -0,0 +1,279 @@
+[set page_title]Customer manager: View customer[/set]
+[set page_banner]View customer[/set]
+[set help_name]customer.view[/set]
+[set icon_name]admin/icon_orders.gif[/set]
+@@UI_STD_HEAD@@
+[calc]
+ delete $Scratch->{ui_bounce};
+ #Log("got here, customer=$CGI->{customer}, arg=$CGI->{mv_arg}");
+ return if $CGI->{customer};
+ $CGI->{customer} = $CGI->{mv_arg}
+ or $Scratch->{ui_bounce} = '__UI_BASE__/customer';
+ return;
+[/calc]
+[if scratch ui_bounce]
+ [bounce page="[scratch ui_bounce]"]
+[/if]
+
+<!-- ----- BEGIN REAL STUFF ----- -->
+[update values]
+[loop list="[value-extended customer]"]
+
+<p>
+&nbsp;
+<table width=100% cellpadding=3 cellspacing=0>
+<tr>
+<td colspan=6 bgcolor=__UI_C_TOPBLOCKBAR__><img src="admin/cleardot.gif" height=1></td>
+</tr>
+
+<tr>
+<td colspan=6 align=left bgcolor=__UI_C_INTBLOCK__>
+<b>Customer Username: [loop-code]</b>
+</td>
+</tr>
+
+<tr>
+<td colspan=6 align=left bgcolor=__UI_C_INTBLOCK__>
+<b>Customer:
+<A HREF="[area
+ href=__UI_BASE__/flex_editor
+ form=|
+ ui_return_to=__UI_BASE__/customer_view
+ ui_return_to=mv_arg=[cgi customer]
+ ui_data_fields=username company fname lname address1 address2 city state zip country email phone_day phone_night
+ page_title=Customer: [loop-data userdb fname] [loop-data userdb lname]
+ item_id=[loop-data userdb username]
+ mv_data_table=userdb
+ |
+ ]"><u>[loop-data userdb fname] [loop-data userdb lname]</u></A>
+ </b>
+</td>
+</tr>
+
+<tr>
+<td colspan=2 valign=top>
+
+<!-- ----- Customer information ----- -->
+
+<table>
+<tr><td align=right>
+<font size=2><b> Company: </b></font>
+</td><td><font size=2>[loop-data userdb company]</font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Home phone: </b></font>
+</td><td><font size=2>[loop-data userdb phone_night]</font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Work phone: </b></font>
+</td><td><font size=2>[loop-data userdb phone_day]</font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Email: </b></font>
+</td><td><font size=2> <a href="mailto:[loop-data userdb email]"><U>[loop-data userdb email]</U></a></font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Payment type: </b></font>
+</td><td><font size=2>[loop-data userdb payment_method]</a></font></tr>
+
+<tr><td align=right>
+<font size=2><b> Field 1: </b></font>
+</td><td><font size=2> </font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Field 2: </b></font>
+</td><td><font size=2> </font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Field 3: </b></font>
+</td><td><font size=2> </font></td></tr>
+
+<tr><td align=right>
+<font size=2><b> Field 4: </b></font>
+</td><td><font size=2> </font></td></tr>
+
+</table>
+
+</td><td valign=top colspan=4>
+[set bill_address]
+[loop-data userdb b_fname] [loop-data userdb b_lname]<br>
+[loop-data userdb b_address1]<br>
+[if-loop-data userdb b_address2]
+[loop-data userdb b_address2]<br>
+[/if-loop-data]
+[loop-data userdb b_city], [loop-data userdb b_state] [loop-data userdb b_zip]<br>
+[/set]
+
+[set ship_address]
+[loop-data userdb fname] [loop-data userdb lname]<br>
+[loop-data userdb address1]<br>
+[if-loop-data userdb address2]
+[loop-data userdb address2]<br>
+[/if-loop-data]
+[loop-data userdb city], [loop-data userdb state] [loop-data userdb zip]<br>
+[/set]
+
+<font size=2>
+<p>
+[if-loop-data userdb username]
+<A HREF="[area
+ href=__UI_BASE__/flex_editor
+ form=|
+ ui_return_to=__UI_BASE__/customer_view
+ ui_return_to=customer=[cgi customer]
+ ui_hide_key=1
+ ui_data_fields=username company b_fname b_lname b_address1 b_address2 b_city b_state b_zip b_country b_email b_phone_day b_phone_night
+ page_title=Customer: [loop-data userdb fname] [loop-data userdb lname]
+ item_id=[loop-data userdb username]
+ mv_data_table=userdb
+ |
+ ]"><b><u>Bill To</u>:</b></A>
+[else]
+ <b>Bill To:</b>
+[/else]
+[/if-loop-data]
+<blockquote>
+[if-loop-data userdb b_address1]
+[scratch bill_address]
+[else]
+[scratch ship_address]
+[/else]
+[/if-loop-data]
+</blockquote>
+
+<A HREF="[area
+ href=__UI_BASE__/flex_editor
+ form=|
+ ui_return_to=__UI_BASE__/customer_view
+ ui_return_to=mv_arg=[cgi customer]
+ ui_hide_key=1
+ ui_data_fields=username company fname lname address1 address2 city state zip country email phone_day phone_night
+ page_title=Customer: [loop-data userdb fname] [loop-data userdb lname]
+ item_id=[loop-data userdb username]
+ mv_data_table=userdb
+ |
+ ]"><b><u>Ship To</u>:</b></A>
+<br>
+<blockquote>
+[scratch ship_address]
+</blockquote>
+</font>
+
+[set bill_address][/set]
+[set ship_address][/set]
+</td></tr>
+
+<tr>
+<td colspan=6 align=left bgcolor=__UI_C_INTBLOCK__>
+<pre> </pre>
+</td>
+</tr>
+
+<tr>
+<td>
+ Order number
+</td>
+<td>
+ Order date
+</td>
+<td>
+ Tax
+</td>
+<td>
+ Shipping
+</td>
+<td>
+ Total cost
+</td>
+<td>
+ Status
+</td>
+</tr>
+[query list=1
+ table=transactions
+ sql="select
+ order_number, order_date, salestax, shipping, total_cost, status
+ FROM transactions
+ WHERE username = '[loop-code]'
+ ORDER BY order_date
+ "
+ ]
+<tr>
+<td>
+ <A HREF="[area __UI_BASE__/order_view [sql-code]]"><U>[sql-code]</U></A>
+</td>
+<td align=right>
+ [sql-pos 1]
+</td>
+<td align=right>
+ [sql-pos 2]
+</td>
+<td align=right>
+ [sql-pos 3]
+</td>
+<td align=right>
+ [sql-pos 4]
+</td>
+<td>
+<A HREF="[area
+ href=__UI_BASE__/flex_editor
+ form="
+ item_id=[sql-code]
+ mv_data_table=transactions
+ page_title=Change status of order [sql-code]
+ ui_return_to=__UI_BASE__/customer_view
+ ui_return_to=mv_arg=[loop-code]
+ ui_data_fields=code order_date status
+ ui_hide_key=1
+ "]"><U>[sql-pos 5]</U></A>
+</td>
+</tr>
+[more-list]<TR><TD COLSPAN=6 ALIGN=CENTER>[more]</TD></TR> [/more-list]
+[/query]
+<tr>
+<td>
+<tr>
+<td colspan=6 bgcolor=__UI_C_TOPBLOCKBAR__><img src="admin/cleardot.gif" height=1></td>
+</tr>
+
+</table>
+<SMALL>
+<form action="[area __UI_BASE__/customer]" method=post>
+<input type=hidden name=mv_action value=back>
+<input type=hidden name=customer value="[loop-data userdb username]">
+<input type=hidden name=viewnext value=1>
+[set Change password]
+user_id=[loop-code]
+mv_nextpage=__UI_BASE__/customer_change_pass
+[/set]
+[set Return]
+viewnext=
+viewcustomer=
+[/set]
+<input type=submit name=mv_click value="Return">
+<input type=submit name="viewcustomer" value="View next customer">
+
+[if-mm advanced userdb=e]
+[if-loop-data userdb inactive]
+<input type=submit name="activate" value="Activate customer">
+[else]
+<input type=submit name="deactivate" value="Deactivate customer"
+ onClick="return confirm('Are you sure you want to deactivate this customer?')">
+[/else]
+[/if-loop-data]
+<input type=submit name="mv_click" value="Change password">
+[/if-mm]
+
+[if-mm advanced userdb=d]
+<input type=submit name="deletecustomer" value="Delete customer"
+ onClick="return confirm('Are you sure you want to delete this customer?')">
+[/if-mm]
+
+</form>
+</SMALL>
+
+[/loop]
+<!-- ----- END REAL STUFF ----- -->
+
+@@UI_STD_FOOTER@@
+<!-- page: @@MV_PAGE@@ -->
View
1  dist/lib/UI/pages/admin/dbdownload.html
@@ -1,6 +1,7 @@
[set page_title]Database export[/set]
[set help_name]dbdownload.main[/set]
[set icon_name]admin/icon_config.gif[/set]
+[set page_perm]dbdownload[/set]
[set exported_tables][/set]
[if cgi ui_do_export]
<!-- exporting
View
2  dist/lib/UI/pages/admin/export_table.html
@@ -19,7 +19,7 @@
my @tables = grep /\S/, split /\s+/, $Scratch->{tables};
my $out;
for(@tables) {
- Log("table $_");
+ #Log("table $_");
unless (ref $Db{$_}) {
Log("bad table $_");
next;
View
2  dist/lib/UI/pages/admin/flex_editor.html
@@ -5,7 +5,7 @@
Table Edit: [cgi mv_data_table]
[/either]
[/seti]
-[set table_perm]1[/set]
+[seti table_perm][cgi mv_data_table]=v[/seti]
[seti help_name][either][cgi help_name][or]gensql.main[/either][/seti]
[seti icon_name][either][cgi icon_name][or]admin/icon_config.gif[/either][/seti]
[flag type=write table="[cgi mv_data_table]"]
View
32 dist/lib/UI/pages/admin/flex_select.html
@@ -42,9 +42,34 @@
[bounce page="__UI_BASE__/error"]
[/if-mm]
+[calc]
+ my $out = '';
+ my $page;
+ delete $Scratch->{ui_location};
+ return unless $CGI->{ui_return_to};
+ ($page, @env) = split /\0/, $CGI->{ui_return_to};
+ $Scratch->{ui_location} = $Tag->area({
+ href => $page,
+ form => join "\n", @env,
+ });
+ return;
+[/calc]
+[if scratch ui_location]
+[bounce href=`delete $Scratch->{ui_location}`]
+[/if]
+
@@UI_STD_HEAD@@
[update values]
<!-- ----- BEGIN REAL STUFF ----- -->
+
+[if scratch ui_failure]
+<P>
+<BLOCKQUOTE>
+<FONT COLOR="__CONTRAST__">[scratch ui_failure][set ui_failure][/set]</FONT>
+</BLOCKQUOTE>
+<P>
+&nbsp;
+[/if]
<form action="[area __UI_BASE__/flex_editor]" method="GET">
<INPUT TYPE=hidden NAME=mv_action VALUE=return>
<INPUT TYPE=hidden NAME=mv_nextpage VALUE="__UI_BASE__/flex_editor">
@@ -55,7 +80,7 @@
<INPUT TYPE=hidden NAME=icon_name VALUE="[cgi icon_name]">
<INPUT TYPE=hidden NAME=help_name VALUE="[cgi help_name]">
<INPUT TYPE=hidden NAME=page_banner VALUE="[cgi page_banner]">
-<INPUT TYPE=hidden NAME=ui_data_fields VALUE="[either][cgi mv_data_fields][or][db-columns table="[cgi mv_data_table]"][/either]">
+<INPUT TYPE=hidden NAME=ui_data_fields VALUE="[either][cgi ui_data_fields][or][db-columns table="[cgi mv_data_table]"][/either]">
<INPUT TYPE=hidden NAME=ui_break_before VALUE="[cgi ui_break_before]">
<p>
@@ -87,8 +112,8 @@
[flag type=write table="[cgi mv_data_table]"]
[set ui_error][/set]
- [if-mm function="!tables" table="[cgi mv_data_table]"]
- [seti ui_error]Not authorized for table '[cgi mv_data_table]'.[/seti]
+ [if-mm function="!tables" table="[cgi mv_data_table]=d"]
+ [seti ui_error]Not authorized to delete from table '[cgi mv_data_table]'.[/seti]
[/if-mm]
[if !scratch ui_error]
@@ -96,7 +121,6 @@
unless ($db = $Db{$CGI->{mv_data_table}}) {
$Scratch->{ui_error} = "bad data table $CGI->{mv_data_table}";
}
- Log("trying to delete $CGI->{item_id}");
$db->delete_record($CGI->{item_id})
or $Scratch->{ui_error} = "Failed to delete $CGI->{item_id}";
return;
View
2  dist/lib/UI/pages/admin/format_meta.html
@@ -86,7 +86,7 @@
[/set]