Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Fixes for Db authentication user management
  • Loading branch information
torinfo committed Sep 2, 2014
1 parent d5991f8 commit ebc6f34
Show file tree
Hide file tree
Showing 7 changed files with 267 additions and 22 deletions.
4 changes: 2 additions & 2 deletions library/Xerte/Authentication/Db.js
Expand Up @@ -62,8 +62,8 @@ function changepassword_authDb_user() {

authdb_ajax_send_prepare(url);

var passwd = document.getElementById('authDb_changepassword').value;
var encodedpasswd = encodeURIComponent(document.getElementById('authDb_changepassword').value);
var passwd = document.getElementById('authDb_password').value;
var encodedpasswd = encodeURIComponent(passwd);
xmlHttp.send('username=' + encodeURIComponent(document.getElementById('authDb_list_user').value) + '&password=' + encodeURIComponent(document.getElementById('authDb_password').value));

}
Expand Down
25 changes: 5 additions & 20 deletions library/Xerte/Authentication/Db.php
Expand Up @@ -44,40 +44,25 @@ public function getSurname()
public function check()
{
global $xerte_toolkits_site;
if (!function_exists('mysql_query')) {
$this->addError("MySQL not available?");
return false;
}
_debug("Calling check");
// check for existence of the 'user' db table?
$x = db_query("SHOW CREATE TABLE {$xerte_toolkits_site->database_table_prefix}user");
if (empty($x)) {
// Create the user table
$x = db_query("create table {$xerte_toolkits_site->database_table_prefix}user ( `iduser` INT NOT NULL AUTO_INCREMENT, `username` VARCHAR(45) NULL , `password` VARCHAR(45) NULL , `firstname` VARCHAR(45) NULL , `surname` VARCHAR(45) NULL , `email` VARCHAR(45) NULL, PRIMARY KEY (`iduser`) )");
if (empty($x))
{
_debug("Failed: Does the user table exist?");
$this->addError("Does the user table exist?");
return false;
}
else
return true;
}
else
{
$row = mysql_fetch_array($x);
if(strpos($row[1], "email") === false)
{

// Add column email
$x = db_query("ALTER TABLE {$xerte_toolkits_site->database_table_prefix}user ADD COLUMN `email` VARCHAR(45) NULL AFTER `surname`");
if (empty($x))
{
$this->addError("Could not add email column to the user table.");
return false;
}
else
return true;
_debug("Succeeded!");
return true;
}
}
_debug("Succeeded!");
return true;
}

Expand Down
63 changes: 63 additions & 0 deletions library/Xerte/Authentication/adduser.php
@@ -0,0 +1,63 @@
<?php
/**
* Created by JetBrains PhpStorm.
* User: tom
* Date: 23-3-13
* Time: 11:25
* To change this template use File | Settings | File Templates.
*/

require_once(dirname(__FILE__) . "/../../../../config.php");

_load_language_file("/library/Xerte/Authentication/Db/adduser.inc");

require(dirname(__FILE__) . "/../../../../website_code/php/user_library.php");

if(is_user_admin()){

global $authmech, $xerte_toolkits_site;

if (!isset($authmech))
{
$authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
}

// Easy checks first
$mesg = "";
if (!isset($_POST['username']) || strlen($_POST['username']) == 0)
{
$mesg .= "<li>" . AUTH_DB_ADDUSER_INVALIDUSERNAME . "</li>";
}
if (!isset($_POST['firstname']) || strlen($_POST['firstname']) == 0)
{
$mesg .= "<li>" . AUTH_DB_ADDUSER_INVALIDFIRSTNAME . "</li>";
}
if (!isset($_POST['surname']) || strlen($_POST['surname']) == 0)
{
$mesg .= "<li>" . AUTH_DB_ADDUSER_INVALIDSURNAME . "</li>";
}
if (!isset($_POST['password']) || strlen($_POST['password']) == 0)
{
$mesg .= "<li>" . AUTH_DB_ADDUSER_INVALIDPASSWORD . "</li>";
}
else if (isset($_POST['password']) && strlen(urldecode($_POST['password'])) < 5)
{
$mesg .= "<li>" . AUTH_DB_ADDUSER_PASSWORDTOOSHORT . "</li>";
}
if (strlen($mesg) == 0)
{
$mesg = $authmech->addUser(urldecode($_POST['username']), urldecode($_POST['firstname']), urldecode($_POST['surname']), urldecode($_POST['password']), urldecode($_POST['email']));
}
if (strlen($mesg) > 0)
{
$finalmesg = "<p>" . AUTH_DB_ADDUSER_FAILED . "</p>";
$finalmesg .= "<p><font color = \"red\"><ul>" . $mesg . "</ul></font></p>";
}
else
{
$finalmesg = "<p><font color = \"green\">" . AUTH_DB_ADDUSER_SUCCEEDED . "</font></p>";
}
$authmech->getUserList(true, $finalmesg);
}

?>
56 changes: 56 additions & 0 deletions library/Xerte/Authentication/changepassword.php
@@ -0,0 +1,56 @@
<?php
/**
* Created by JetBrains PhpStorm.
* User: tom
* Date: 23-3-13
* Time: 11:25
* To change this template use File | Settings | File Templates.
*/

require_once(dirname(__FILE__) . "/../../../../config.php");

_load_language_file("/library/Xerte/Authentication/Db/changepassword.inc");

require(dirname(__FILE__) . "/../../../../website_code/php/user_library.php");

if(is_user_admin()){

global $authmech, $xerte_toolkits_site;

if (!isset($authmech))
{
$authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
}

// Easy checks first
$mesg = "";
if (!isset($_POST['username']) || strlen($_POST['username']) == 0)
{
$mesg .= "<li>" . AUTH_DB_CHANGEPASSWORD_INVALIDUSERNAME . "</li>";
}
if (!isset($_POST['password']) || strlen($_POST['password']) == 0)
{
$mesg .= "<li>" . AUTH_DB_CHANGEPASSWORD_INVALIDPASSWORD . "</li>";
}
else if (isset($_POST['password']) && strlen(urldecode($_POST['password'])) < 5)
{
$mesg .= "<li>" . AUTH_DB_CHANGEPASSWORD_PASSWORDTOOSHORT . "</li>";
}

if (strlen($mesg) == 0)
{
$mesg = $authmech->changePassword(urldecode($_POST['username']), urldecode($_POST['password']));
}
if (strlen($mesg) > 0)
{
$finalmesg = "<p>" . AUTH_DB_CHANGEPASSWORD_FAILED . "</p>";
$finalmesg .= "<p><font color = \"red\"><ul>" . $mesg . "</ul></font></p>";
}
else
{
$finalmesg = "<p><font color = \"green\">" . AUTH_DB_CHANGEPASSWORD_SUCCEEDED . "</font></p>";
}
$authmech->getUserList(true, $finalmesg);
}

?>
47 changes: 47 additions & 0 deletions library/Xerte/Authentication/deluser.php
@@ -0,0 +1,47 @@
<?php
/**
* Created by JetBrains PhpStorm.
* User: tom
* Date: 23-3-13
* Time: 11:25
* To change this template use File | Settings | File Templates.
*/

require_once(dirname(__FILE__) . "/../../../../config.php");

_load_language_file("/library/Xerte/Authentication/Db/deluser.inc");

require(dirname(__FILE__) . "/../../../../website_code/php/user_library.php");

if(is_user_admin()){

global $authmech, $xerte_toolkits_site;

if (!isset($authmech))
{
$authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
}

// Easy checks first
$mesg = "";
if (!isset($_POST['username']) || strlen($_POST['username']) == 0)
{
$mesg .= "<li>" . AUTH_DB_DELUSER_INVALIDUSERNAME . "</li>";
}
if (strlen($mesg) == 0)
{
$mesg = $authmech->delUser(urldecode($_POST['username']));
}
if (strlen($mesg) > 0)
{
$finalmesg = "<p>" . AUTH_DB_DELUSER_FAILED . "</p>";
$finalmesg .= "<p><font color = \"red\"><ul>" . $mesg . "</ul></font></p>";
}
else
{
$finalmesg = "<p><font color = \"green\">" . AUTH_DB_DELUSER_SUCCEEDED . "</font></p>";
}
$authmech->getUserList(true, $finalmesg);
}

?>
57 changes: 57 additions & 0 deletions library/Xerte/Authentication/moduser.php
@@ -0,0 +1,57 @@
<?php
/**
* Created by JetBrains PhpStorm.
* User: tom
* Date: 23-3-13
* Time: 11:25
* To change this template use File | Settings | File Templates.
*/

require_once(dirname(__FILE__) . "/../../../../config.php");

_load_language_file("/library/Xerte/Authentication/Db/moduser.inc");

require(dirname(__FILE__) . "/../../../../website_code/php/user_library.php");

if(is_user_admin()){

global $authmech, $xerte_toolkits_site;

if (!isset($authmech))
{
$authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
}

// Easy checks first
$mesg = "";
$warn = "";
if (isset($_POST['usernamefield']) && strlen($_POST['usernamefield']) > 0 && $_POST['usernamefield'] != $_POST['username'])
{
$warn .= "<li>" . AUTH_DB_MODUSER_USERNAMEIGNORED . "</li>";
}
if (isset($_POST['password']) && strlen(urldecode($_POST['password'])) != 0 && strlen(urldecode($_POST['password'])) < 5 )
{
$mesg .= "<li>" . AUTH_DB_MODUSER_PASSWORDTOOSHORT . "</li>";
}
if (strlen($mesg) == 0)
{
$mesg .= $authmech->modUser(urldecode($_POST['username']), urldecode($_POST['firstname']), urldecode($_POST['surname']), urldecode($_POST['password']), urldecode($_POST['email']));
}
if (strlen($mesg) > 0)
{
$finalmesg = "<p>" . AUTH_DB_MODUSER_FAILED . "</p>";
$finalmesg .= "<p><font color = \"red\"><ul>" . $warn . $mesg . "</ul></font></p>";
}
else
{
$finalmesg = "";
if (strlen($warn) > 0)
{
$finalmesg = "<p><font color = \"green\"><ul>" . $warn . "</ul></font></p>";
}
$finalmesg .= "<p><font color = \"green\">" . AUTH_DB_MODUSER_SUCCEEDED . "</font></p>";
}
$authmech->getUserList(true, $finalmesg);
}

?>
37 changes: 37 additions & 0 deletions library/Xerte/Authentication/seluser.php
@@ -0,0 +1,37 @@
<?php
/**
* Created by JetBrains PhpStorm.
* User: tom
* Date: 23-3-13
* Time: 11:25
* To change this template use File | Settings | File Templates.
*/

require_once(dirname(__FILE__) . "/../../../../config.php");

_load_language_file("/library/Xerte/Authentication/Db/adduser.inc");

require(dirname(__FILE__) . "/../../../../website_code/php/user_library.php");

if(is_user_admin()){

global $authmech, $xerte_toolkits_site;

if (!isset($authmech))
{
$authmech = Xerte_Authentication_Factory::create($xerte_toolkits_site->authentication_method);
}

// Easy checks first
$mesg = "";
if (!isset($_POST['username']) || strlen($_POST['username']) == 0)
{
$authmech->getUserList(false, "");
}
else
{
$authmech->changeUserSelection($_POST['username']);
}
}

?>

0 comments on commit ebc6f34

Please sign in to comment.