3 # Copyright (C) 2008 Jason Woofenden
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU Affero General Public License as published by
7 # the Free Software Foundation, either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU Affero General Public License for more details.
15 # You should have received a copy of the GNU Affero General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 define('PEOPLE_DB_FIELDS', 'username,password,name,privs,balance');
22 require_once('code/wfpl/template.php');
23 require_once('code/wfpl/format.php');
24 require_once('code/wfpl/messages.php');
25 require_once('code/wfpl/email.php');
26 require_once('code/db_connect.php');
28 function people_get_fields() {
29 $username = format_oneline($_REQUEST['username']);
30 $password = format_oneline($_REQUEST['password']);
31 $name = format_oneline($_REQUEST['name']);
32 $privs = format_int($_REQUEST['privs']);
33 $balance = format_decimal($_REQUEST['balance']);
35 people_tem_sets($username, $password, $name, $privs, $balance);
37 return array($username, $password, $name, $privs, $balance);
40 function people_tem_sets($username, $password, $name, $privs, $balance) {
41 tem_set('username', $username);
42 tem_set('password', $password);
43 tem_set('name', $name);
44 tem_set('privs', $privs);
45 tem_set('balance', $balance);
48 # You may pass a "where clause" for the db query.
49 function people_display_listing($where = 'order by name limit 100') {
50 $rows = db_get_rows('people', 'id,name,username', $where);
51 if($rows == false || count($rows) == 0) {
52 tem_show('empty_listing');
57 foreach($rows as $row) {
58 list($id, $name, $username) = $row;
63 tem_set('name', $name);
64 tem_set('username', $username);
65 tem_show('listing_row');
67 tem_show('populated_listing');
72 function people_main() {
73 if(!logged_in_as_contractor()) {
74 $GLOBALS['url'] = this_url();
75 message('You must be logged in as an administrator to access that function');
79 $ret = _people_main();
83 tem_show('main_body');
86 function _people_main() {
87 $edit_id = format_int($_REQUEST['people_edit_id']);
88 unset($_REQUEST['people_edit_id']);
90 # add hidden field for database id of row we're editing
91 tem_set('people_edit_id', $edit_id);
95 $delete_id = format_int($_REQUEST['people_delete_id']);
96 unset($_REQUEST['people_delete_id']);
98 db_delete('people', 'where id=%i', $delete_id);
99 message('Entry deleted.');
101 return './people.html';
105 if(!isset($_REQUEST['people_new']) && !isset($_REQUEST['username'])) {
106 people_display_listing();
113 if(isset($_REQUEST['username'])) {
114 list($username, $password, $name, $privs, $balance) = people_get_fields();
116 if("you're happy with the POSTed values") {
117 if(strlen($password) == 35 && substr($password, 32, 1) == ':') {
118 $password_hash = $password; # so we can edit a record, and leave the password be
120 $password_hash = encrypt_password($password);
124 db_update('people', PEOPLE_DB_FIELDS, $username, $password_hash, $name, $privs, $balance, 'where id=%i', $edit_id);
125 message('Entry updated.');
127 db_insert('people', PEOPLE_DB_FIELDS . ',tiny_agreement', $username, $password_hash, $name, $privs, $balance, 1000);
128 message('Entry saved.');
130 if($error !== true) {
134 # otherwise, we display the form again. people_get_fields() has
135 # already put the posted values back into the template engine, so they will
136 # show up in the form fields. You should add some message asking people to
137 # fix their entry in whatever way you require.
139 # we've recieved an edit id, but no data. So we grab the values to be edited from the database
140 list($username, $password, $name, $privs, $balance) = db_get_row('people', PEOPLE_DB_FIELDS, 'where id=%i', $edit_id);
141 people_tem_sets($username, $password, $name, $privs, $balance);
143 # form not submitted, you can set default values like so:
144 #tem_set('username', 'Yes');
147 # this has to be later in the file because it requres that username be set already
149 tem_show('edit_msg');