summaryrefslogtreecommitdiffstats
path: root/app/model/common.mod.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/model/common.mod.php')
-rw-r--r--app/model/common.mod.php233
1 files changed, 233 insertions, 0 deletions
diff --git a/app/model/common.mod.php b/app/model/common.mod.php
index d4270d8..b1aa0a0 100644
--- a/app/model/common.mod.php
+++ b/app/model/common.mod.php
@@ -1,9 +1,242 @@
<?php
require_once "model/master.mod.php";
+require_once "class/form.class.php";
+require_once "class/setting.class.php";
+require_once "class/user.class.php";
class CommonModel extends MasterModel
{
+ /*
+ * Default action
+ */
+ function common_deflt()
+ {
+ global $_SCROTT;
+
+ /* Admin settings tab */
+ if ($_SCROTT['settSSL'] != "neither")
+ {
+ $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked";
+ $this->common_settingAdminSettSSLDisabled = "disabled";
+ }
+ else
+ $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked";
+
+ if (Setting::allowPublicSignup())
+ $this->common_settingAdminAllowPublicSignupChecked = "checked";
+
+ /* Admin all-users settings tab */
+ $userTbl = new User();
+ $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName();
+ }
+
+ /*
+ * Handle form submissions from common views
+ */
+ function common_handleFormSubmissions($input)
+ {
+ switch ($input['action'])
+ {
+ case "common-setting-user": $this->saveSettingUser($input); break;
+ case "common-setting-admin": $this->saveSettingAdmin($input); break;
+ case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break;
+ case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input); break;
+ }
+ }
+
+ /*
+ * Save changes to user account settings
+ */
+ function saveSettingUser($input)
+ {
+ $form = new Form();
+ $form->field_bool("setPasswd");
+ $form->field_text("curPasswd", null, false);
+ $form->field_text("newPasswd", null, false);
+ $form->field_text("confPasswd", null, false);
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+ $form->field_text("emailConfKey", null, false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user)
+ {
+ $this->logError("Not logged in");
+ return;
+ }
+
+ if ($form->setPasswd)
+ {
+ if ($user->validatePassword($form->curPasswd))
+ {
+ if ($form->newPasswd == $form->confPasswd)
+ {
+ $user->setPassword($form->newPasswd);
+ $this->logNotice("Password updated successfully");
+ }
+ else
+ $this->logWarning("Password not changed -- Passwords did not match");
+ }
+
+ else
+ $this->logWarning("Password not changed -- Current password was incorrect");
+ }
+
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ else if ($form->emailConfKey != "")
+ {
+ if (!$user->confirmEmailKey($form->emailConfKey))
+ $this->logWarning("Email not confirmed -- Key was incorrect");
+ }
+
+ $user->saveObj();
+ }
+
+ /*
+ * Save changes to admin settings
+ */
+ function saveSettingAdmin($input)
+ {
+ $form = new Form();
+ $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL());
+ $form->field_bool("allowPublicSignup");
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ Setting::settSSL($form->settSSL);
+ Setting::allowPublicSignup($form->allowPublicSignup);
+ }
+
+ /*
+ * Allow an admin to create a new user account
+ */
+ function saveSettingAllusersAdduser($input)
+ {
+ $form = new Form();
+ $form->field_text("username");
+ $form->field_text("password", null, false);
+ $form->field_text("cPassword", null, false);
+ $form->field_bool("admin");
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ if ($form->password != $form->cPassword)
+ {
+ $this->logError("Passwords do not match");
+ return;
+ }
+
+ $user = new User();
+
+ if (!$user->createNewUser($form->username, $form->password))
+ {
+ $this->logError("Username " . $form->username . " is not available");
+ return;
+ }
+
+ if ($form->admin)
+ $user->admin = 1;
+
+ $user->alias = $form->alias;
+ $user->setEmail($form->email);
+ $user->saveObj();
+
+ $this->logNotice("Created new user " . $form->username);
+ }
+
+ /*
+ * Allow an admin to edit user accounts
+ */
+ function saveSettingAllusersEdituser($input)
+ {
+ $form = new Form();
+ $form->field_text("guid");
+ $form->field_bool("setPasswd");
+ $form->field_text("newPasswd", null, false);
+ $form->field_text("confPasswd", null, false);
+ $form->field_bool("admin");
+ $form->field_text("alias", "", false);
+ $form->field_text("email", "", false);
+
+ if (!$form->populate($input))
+ {
+ $this->logFormErrors($form);
+ return;
+ }
+
+ $user = $this->getCurrentUser();
+
+ if (!$user || $user->admin == 0)
+ {
+ $this->logError("Admin permissions required");
+ return;
+ }
+
+ $user = new User($form->guid);
+
+ if ($user->type != "user")
+ {
+ $this->logError("Invalid user GUID");
+ return;
+ }
+
+ if ($form->setPasswd)
+ {
+ if ($form->newPasswd == $form->confPasswd)
+ {
+ $user->setPassword($form->newPasswd);
+ $this->logNotice("Password for " . $user->name . " updated successfully");
+ }
+ else
+ $this->logWarning("Password not changed -- Passwords did not match");
+ }
+
+ $user->admin = $form->admin;
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ $user->saveObj();
+ }
}
?>