summaryrefslogtreecommitdiffstats
path: root/todo/common.mod.php
diff options
context:
space:
mode:
authorMalf Furious <m@lfurio.us>2018-10-27 18:28:22 -0400
committerMalf Furious <m@lfurio.us>2018-10-27 18:28:22 -0400
commit0421aa1b60f4fe6bf140888159c58059c1013588 (patch)
treec3285276f6c53b6789e2f6dc82cb3b0fd17b38a4 /todo/common.mod.php
parent495157341d60522084dcc9f6219877b6ba497312 (diff)
parent6512655aee73d3d295daa4de0e4ef25c08cfec9e (diff)
downloadscrott-0421aa1b60f4fe6bf140888159c58059c1013588.tar.gz
scrott-0421aa1b60f4fe6bf140888159c58059c1013588.zip
Merge branch 'rel/v0.1'v0.1
Diffstat (limited to 'todo/common.mod.php')
-rw-r--r--todo/common.mod.php384
1 files changed, 384 insertions, 0 deletions
diff --git a/todo/common.mod.php b/todo/common.mod.php
new file mode 100644
index 0000000..0d740ef
--- /dev/null
+++ b/todo/common.mod.php
@@ -0,0 +1,384 @@
+<?php
+
+ /*
+ * Default action
+ */
+ function common_deflt()
+ {
+ global $_SCROTT;
+
+ /* Admin settings tab */
+ if ($_SCROTT['settSSL'] != "neither")
+ {
+ $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked";
+ $this->common_settingAdminSettSSLDisabled = "disabled";
+ }
+ else
+ $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked";
+
+ if (Setting::allowPublicSignup())
+ $this->common_settingAdminAllowPublicSignupChecked = "checked";
+
+ /* Admin all-users settings tab */
+ $userTbl = new User();
+ $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName();
+
+ /* Setting modal - what tabs to display? */
+ if (isset($this->obj))
+ {
+ if ($this->obj->type == "group")
+ {
+ $this->group = new Group($this->obj->guid);
+ $this->common_settingShowTab['group'] = true;
+ }
+ }
+ }
+
+ /*
+ * Save changes to user group settings
+ */
+ function saveSettingGroup($input, $attachment)
+ {
+ $form = new Form();
+ $form->field_text("guid");
+ $form->field_text("name");
+ $form->field_bool("perm0");
+ $form->field_bool("perm1");
+ $form->field_bool("perm2");
+ $form->field_bool("perm3");
+ $form->field_bool("perm4");
+ $form->field_bool("perm5");
+ $form->field_bool("perm6");
+ $form->field_bool("perm7");
+ $form->field_bool("perm8");
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+ $group = new Group($form->guid);
+
+ if (!$user || $group->type != "group" || !$group->canModify($user))
+ {
+ $this->logError("You do not have permission to modify this group");
+ return;
+ }
+
+ if (isset($input['rmImage']))
+ {
+ if ($group->rmHeadImage())
+ $this->logNotice("Image removed");
+ else
+ $this->logError("Error removing group image");
+
+ return;
+ }
+
+ $group->name = $form->name;
+
+ if ($group->canModifyPermissions($user))
+ {
+ $perms = 0;
+
+ if ($form->perm0)
+ $perms |= 0x100;
+ if ($form->perm1)
+ $perms |= 0x080;
+ if ($form->perm2)
+ $perms |= 0x040;
+ if ($form->perm3)
+ $perms |= 0x020;
+ if ($form->perm4)
+ $perms |= 0x010;
+ if ($form->perm5)
+ $perms |= 0x008;
+ if ($form->perm6)
+ $perms |= 0x004;
+ if ($form->perm7)
+ $perms |= 0x002;
+ if ($form->perm8)
+ $perms |= 0x001;
+
+ $group->perms = $perms;
+ }
+
+ $group->saveObj();
+
+ if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $group->guid))
+ $this->logNotice("Image uploaded");
+ else
+ $this->logFormErrors($form);
+ }
+
+ /*
+ * Save changes to user account settings
+ */
+ function saveSettingUser($input, $attachment)
+ {
+ $form = new Form();
+ $form->field_bool("setPasswd");
+ $form->field_text("curPasswd", null, false);
+ $form->field_text("newPasswd", null, false);
+ $form->field_text("confPasswd", null, false);
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+ $form->field_text("emailConfKey", null, false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user)
+ {
+ $this->logError("Not logged in");
+ return;
+ }
+
+ if (isset($input['rmImage']))
+ {
+ if ($user->rmHeadImage())
+ $this->logNotice("Image removed");
+ else
+ $this->logError("Error removing user image");
+
+ return;
+ }
+
+ if ($form->setPasswd)
+ {
+ if ($user->validatePassword($form->curPasswd))
+ {
+ if ($form->newPasswd == $form->confPasswd)
+ {
+ $user->setPassword($form->newPasswd);
+ $this->logNotice("Password updated successfully");
+ }
+ else
+ $this->logWarning("Password not changed -- Passwords did not match");
+ }
+
+ else
+ $this->logWarning("Password not changed -- Current password was incorrect");
+ }
+
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ else if ($form->emailConfKey != "")
+ {
+ if (!$user->confirmEmailKey($form->emailConfKey))
+ $this->logWarning("Email not confirmed -- Key was incorrect");
+ }
+
+ $user->saveObj();
+
+ if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid))
+ $this->logNotice("Image uploaded");
+ else
+ $this->logFormErrors($form);
+ }
+
+ /*
+ * Save changes to admin settings
+ */
+ function saveSettingAdmin($input)
+ {
+ $form = new Form();
+ $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL());
+ $form->field_bool("allowPublicSignup");
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ Setting::settSSL($form->settSSL);
+ Setting::allowPublicSignup($form->allowPublicSignup);
+ }
+
+ /*
+ * Allow an admin to create a new user account
+ */
+ function saveSettingAllusersAdduser($input)
+ {
+ $form = new Form();
+ $form->field_text("username");
+ $form->field_text("password", null, false);
+ $form->field_text("cPassword", null, false);
+ $form->field_bool("admin");
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ if ($form->password != $form->cPassword)
+ {
+ $this->logError("Passwords do not match");
+ return;
+ }
+
+ $user = new User();
+
+ if (!$user->createNewUser($form->username, $form->password))
+ {
+ $this->logError("Username " . $form->username . " is not available");
+ return;
+ }
+
+ if ($form->admin)
+ $user->admin = 1;
+
+ $user->alias = $form->alias;
+ $user->setEmail($form->email);
+ $user->saveObj();
+
+ $this->logNotice("Created new user " . $form->username);
+ }
+
+ /*
+ * Allow an admin to edit user accounts
+ */
+ function saveSettingAllusersEdituser($input, $attachment)
+ {
+ $form = new Form();
+ $form->field_text("guid");
+ $form->field_bool("setPasswd");
+ $form->field_text("newPasswd", null, false);
+ $form->field_text("confPasswd", null, false);
+ $form->field_bool("admin");
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ $user = new User($form->guid);
+
+ if ($user->type != "user")
+ {
+ $this->logError("Invalid user GUID");
+ return;
+ }
+
+ if (isset($input['rmImage']))
+ {
+ if ($user->rmHeadImage())
+ $this->logNotice("Image removed");
+ else
+ $this->logError("Error removing user image");
+
+ return;
+ }
+
+ if ($form->setPasswd)
+ {
+ if ($form->newPasswd == $form->confPasswd)
+ {
+ $user->setPassword($form->newPasswd);
+ $this->logNotice("Password for " . $user->name . " updated successfully");
+ }
+ else
+ $this->logWarning("Password not changed -- Passwords did not match");
+ }
+
+ $user->admin = $form->admin;
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ $user->saveObj();
+
+ if ($form->saveFile($attachment, $this->HEAD_IMG_MAX_SIZE, $this->HEAD_IMG_MIME, "assets/img/heads/" . $user->guid))
+ $this->logNotice("Image uploaded");
+ else
+ $this->logFormErrors($form);
+ }
+
+ /*
+ * Allow admin to remove user accounts
+ */
+ function saveSettingAllusersDeluser($input)
+ {
+ $form = new Form();
+ $form->field_text("guid");
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ $user = new User($form->guid);
+
+ if ($user->type != "user")
+ {
+ $this->logError("Invalid user GUID");
+ return;
+ }
+
+ if ($user->admin && $user->getNumAdmins() == 1)
+ {
+ $this->logError("Account not deleted - Cannot remove the last admin account");
+ return;
+ }
+
+ $user->delObj();
+
+ if (!$this->getCurrentUser())
+ {
+ /* did user delete their own account? */
+ $this->redirectTo($this->ar() . "/");
+ }
+ }
+
+?>