diff options
Diffstat (limited to 'app/model')
| -rw-r--r-- | app/model/common.mod.php | 233 | ||||
| -rw-r--r-- | app/model/dashboard.mod.php | 15 |
2 files changed, 248 insertions, 0 deletions
diff --git a/app/model/common.mod.php b/app/model/common.mod.php index d4270d8..b1aa0a0 100644 --- a/app/model/common.mod.php +++ b/app/model/common.mod.php @@ -1,9 +1,242 @@ <?php require_once "model/master.mod.php"; +require_once "class/form.class.php"; +require_once "class/setting.class.php"; +require_once "class/user.class.php"; class CommonModel extends MasterModel { + /* + * Default action + */ + function common_deflt() + { + global $_SCROTT; + + /* Admin settings tab */ + if ($_SCROTT['settSSL'] != "neither") + { + $this->common_settingAdminSettSSLChecked[$_SCROTT['settSSL']] = "checked"; + $this->common_settingAdminSettSSLDisabled = "disabled"; + } + else + $this->common_settingAdminSettSSLChecked[Setting::settSSL()] = "checked"; + + if (Setting::allowPublicSignup()) + $this->common_settingAdminAllowPublicSignupChecked = "checked"; + + /* Admin all-users settings tab */ + $userTbl = new User(); + $this->common_settingAllUsers = $userTbl->getAllUsers_orderByAdminByName(); + } + + /* + * Handle form submissions from common views + */ + function common_handleFormSubmissions($input) + { + switch ($input['action']) + { + case "common-setting-user": $this->saveSettingUser($input); break; + case "common-setting-admin": $this->saveSettingAdmin($input); break; + case "common-setting-allusers-adduser": $this->saveSettingAllusersAdduser($input); break; + case "common-setting-allusers-edituser": $this->saveSettingAllusersEdituser($input); break; + } + } + + /* + * Save changes to user account settings + */ + function saveSettingUser($input) + { + $form = new Form(); + $form->field_bool("setPasswd"); + $form->field_text("curPasswd", null, false); + $form->field_text("newPasswd", null, false); + $form->field_text("confPasswd", null, false); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + $form->field_text("emailConfKey", null, false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user) + { + $this->logError("Not logged in"); + return; + } + + if ($form->setPasswd) + { + if ($user->validatePassword($form->curPasswd)) + { + if ($form->newPasswd == $form->confPasswd) + { + $user->setPassword($form->newPasswd); + $this->logNotice("Password updated successfully"); + } + else + $this->logWarning("Password not changed -- Passwords did not match"); + } + + else + $this->logWarning("Password not changed -- Current password was incorrect"); + } + + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + else if ($form->emailConfKey != "") + { + if (!$user->confirmEmailKey($form->emailConfKey)) + $this->logWarning("Email not confirmed -- Key was incorrect"); + } + + $user->saveObj(); + } + + /* + * Save changes to admin settings + */ + function saveSettingAdmin($input) + { + $form = new Form(); + $form->field_enum("settSSL", array("force", "neither", "forbid"), Setting::settSSL()); + $form->field_bool("allowPublicSignup"); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + Setting::settSSL($form->settSSL); + Setting::allowPublicSignup($form->allowPublicSignup); + } + + /* + * Allow an admin to create a new user account + */ + function saveSettingAllusersAdduser($input) + { + $form = new Form(); + $form->field_text("username"); + $form->field_text("password", null, false); + $form->field_text("cPassword", null, false); + $form->field_bool("admin"); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + if ($form->password != $form->cPassword) + { + $this->logError("Passwords do not match"); + return; + } + + $user = new User(); + + if (!$user->createNewUser($form->username, $form->password)) + { + $this->logError("Username " . $form->username . " is not available"); + return; + } + + if ($form->admin) + $user->admin = 1; + + $user->alias = $form->alias; + $user->setEmail($form->email); + $user->saveObj(); + + $this->logNotice("Created new user " . $form->username); + } + + /* + * Allow an admin to edit user accounts + */ + function saveSettingAllusersEdituser($input) + { + $form = new Form(); + $form->field_text("guid"); + $form->field_bool("setPasswd"); + $form->field_text("newPasswd", null, false); + $form->field_text("confPasswd", null, false); + $form->field_bool("admin"); + $form->field_text("alias", "", false); + $form->field_text("email", "", false); + + if (!$form->populate($input)) + { + $this->logFormErrors($form); + return; + } + + $user = $this->getCurrentUser(); + + if (!$user || $user->admin == 0) + { + $this->logError("Admin permissions required"); + return; + } + + $user = new User($form->guid); + + if ($user->type != "user") + { + $this->logError("Invalid user GUID"); + return; + } + + if ($form->setPasswd) + { + if ($form->newPasswd == $form->confPasswd) + { + $user->setPassword($form->newPasswd); + $this->logNotice("Password for " . $user->name . " updated successfully"); + } + else + $this->logWarning("Password not changed -- Passwords did not match"); + } + + $user->admin = $form->admin; + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + $user->saveObj(); + } } ?> diff --git a/app/model/dashboard.mod.php b/app/model/dashboard.mod.php new file mode 100644 index 0000000..845a56a --- /dev/null +++ b/app/model/dashboard.mod.php @@ -0,0 +1,15 @@ +<?php + +require_once "model/common.mod.php"; + +class DashboardModel extends CommonModel +{ + /* + * Default action + */ + function deflt() + { + } +} + +?> |