3 # Copyright (C) 2008 Jason Woofenden
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License as published by
7 # the Free Software Foundation, either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU Affero General Public License for more details.
15 # You should have received a copy of the GNU Affero General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 define('PEOPLE_DB_FIELDS', 'username,password,name,privs,balance');
22 require_once('code/wfpl/template.php');
23 require_once('code/wfpl/format.php');
24 require_once('code/wfpl/messages.php');
25 require_once('code/wfpl/email.php');
26 require_once('code/db_connect.php');
28 function people_get_fields() {
29 $username = format_oneline($_REQUEST['username']);
30 $password = format_oneline($_REQUEST['password']);
31 $name = format_oneline($_REQUEST['name']);
32 $privs = format_int($_REQUEST['privs']);
33 $balance = format_decimal($_REQUEST['balance']);
35 people_tem_sets($username, $password, $name, $privs, $balance);
37 return array($username, $password, $name, $privs, $balance);
40 function people_tem_sets($username, $password, $name, $privs, $balance) {
41 tem_set('username', $username);
42 tem_set('password', $password);
43 tem_set('name', $name);
44 tem_set('privs', $privs);
45 tem_set('balance', $balance);
48 # You may pass a "where clause" for the db query.
49 function people_display_listing($where = 'order by username limit 100') {
50 $rows = db_get_rows('people', 'id,username', $where);
51 if($rows == false || count($rows) == 0) {
52 tem_show('empty_listing');
57 foreach($rows as $row) {
58 list($id, $username) = $row;
63 tem_set('username', $username);
64 tem_show('listing_row');
66 tem_show('populated_listing');
71 function people_main() {
72 if(!logged_in_as_contractor()) {
73 $GLOBALS['url'] = this_url();
74 message('You must be logged in as an administrator to access that function');
78 $ret = _people_main();
82 tem_show('main_body');
85 function _people_main() {
86 $edit_id = format_int($_REQUEST['people_edit_id']);
87 unset($_REQUEST['people_edit_id']);
89 # add hidden field for database id of row we're editing
90 tem_set('people_edit_id', $edit_id);
94 $delete_id = format_int($_REQUEST['people_delete_id']);
95 unset($_REQUEST['people_delete_id']);
97 db_delete('people', 'where id=%i', $delete_id);
98 message('Entry deleted.');
100 return './people.html';
104 if(!isset($_REQUEST['people_new']) && !isset($_REQUEST['username'])) {
105 people_display_listing();
112 if(isset($_REQUEST['username'])) {
113 list($username, $password, $name, $privs, $balance) = people_get_fields();
115 if("you're happy with the POSTed values") {
116 if(strlen($password) == 35 && substr($password, 32, 1) == ':') {
117 $password_hash = $password; # so we can edit a record, and leave the password be
119 $password_hash = encrypt_password($password);
123 db_update('people', PEOPLE_DB_FIELDS, $username, $password_hash, $name, $privs, $balance, 'where id=%i', $edit_id);
124 message('Entry updated.');
126 db_insert('people', PEOPLE_DB_FIELDS, $username, $password_hash, $name, $privs, $balance);
127 message('Entry saved.');
129 if($error !== true) {
133 # otherwise, we display the form again. people_get_fields() has
134 # already put the posted values back into the template engine, so they will
135 # show up in the form fields. You should add some message asking people to
136 # fix their entry in whatever way you require.
138 # we've recieved an edit id, but no data. So we grab the values to be edited from the database
139 list($username, $password, $name, $privs, $balance) = db_get_row('people', PEOPLE_DB_FIELDS, 'where id=%i', $edit_id);
140 people_tem_sets($username, $password, $name, $privs, $balance);
142 # form not submitted, you can set default values like so:
143 #tem_set('username', 'Yes');
146 # this has to be later in the file because it requres that username be set already
148 tem_show('edit_msg');