+<?php
+
+# This form requires wfpl. See: http://jasonwoof.org/wfpl
+
+# This form was initially auto-generated. If you would like to alter the
+# parameters and generate a new one try this URL:
+#
+# http://jasonwoof.com/metaform/?form_name=people&opt_email=No&opt_db=Yes&opt_listing=Yes&opt_http_pass=No&fields=username+textbox%0D%0Apassword+textbox%0D%0Aname+textbox%0D%0Aprivs+int%0D%0Abalance+decimal&edit=yes
+
+
+# SETUP
+
+# To save results to a database, you'll need to create the people table
+# (the file people.sql should help with this), and create the file
+# 'code/db_connect.php' which calls db_connect() see:
+# code/wfpl/examples/db_connect.php
+#
+# if you rename any of the database fields, you'll need to update this:
+
+define('PEOPLE_DB_FIELDS', 'username,password,name,privs,balance');
+
+
+require_once('code/wfpl/template.php');
+require_once('code/wfpl/format.php');
+require_once('code/wfpl/messages.php');
+require_once('code/wfpl/email.php');
+require_once('code/db_connect.php');
+
+function people_get_fields() {
+ $username = format_oneline($_REQUEST['username']);
+ $password = format_oneline($_REQUEST['password']);
+ $name = format_oneline($_REQUEST['name']);
+ $privs = format_int($_REQUEST['privs']);
+ $balance = format_decimal($_REQUEST['balance']);
+
+ people_tem_sets($username, $password, $name, $privs, $balance);
+
+ return array($username, $password, $name, $privs, $balance);
+}
+
+function people_tem_sets($username, $password, $name, $privs, $balance) {
+ tem_set('username', $username);
+ tem_set('password', $password);
+ tem_set('name', $name);
+ tem_set('privs', $privs);
+ tem_set('balance', $balance);
+}
+
+# You may pass a "where clause" for the db query.
+function people_display_listing($where = 'order by username limit 100') {
+ $rows = db_get_rows('people', 'id,username', $where);
+ if($rows == false || count($rows) == 0) {
+ tem_show('empty_listing');
+ tem_show('listings');
+ return false;
+ }
+
+ foreach($rows as $row) {
+ list($id, $username) = $row;
+ tem_set('id', $id);
+ if($username == '') {
+ $username = '--';
+ }
+ tem_set('username', $username);
+ tem_show('listing_row');
+ }
+ tem_show('populated_listing');
+ tem_show('listings');
+ return true;
+}
+
+function people_main() {
+ if(logged_in() != 1) { # FIXME get more sophisticated than first person in database is admin
+ $GLOBALS['url'] = this_url();
+ message('You must be logged in as an administrator to access that function');
+ return 'login';
+ }
+
+ $ret = _people_main();
+ if($ret) {
+ return $ret;
+ }
+ tem_show('main_body');
+}
+
+function _people_main() {
+ $edit_id = format_int($_REQUEST['people_edit_id']);
+ unset($_REQUEST['people_edit_id']);
+ if($edit_id) {
+ # add hidden field for database id of row we're editing
+ tem_set('people_edit_id', $edit_id);
+ tem_show('editing');
+ }
+
+ $delete_id = format_int($_REQUEST['people_delete_id']);
+ unset($_REQUEST['people_delete_id']);
+ if($delete_id) {
+ db_delete('people', 'where id=%i', $delete_id);
+ message('Entry deleted.');
+
+ return './people.html';
+ }
+
+ if(!$edit_id) {
+ if(!isset($_REQUEST['people_new']) && !isset($_REQUEST['username'])) {
+ people_display_listing();
+ return;
+ }
+
+ tem_show('new_msg');
+ }
+
+ if(isset($_REQUEST['username'])) {
+ list($username, $password, $name, $privs, $balance) = people_get_fields();
+
+ if("you're happy with the POSTed values") {
+ if(strlen($password) == 35 && substr($password, 32, 1) == ':') {
+ $password_hash = $password; # so we can edit a record, and leave the password be
+ } else {
+ $password_hash = encrypt_password($password);
+ }
+
+ if($edit_id) {
+ db_update('people', PEOPLE_DB_FIELDS, $username, $password_hash, $name, $privs, $balance, 'where id=%i', $edit_id);
+ message('Entry updated.');
+ } else {
+ db_insert('people', PEOPLE_DB_FIELDS, $username, $password_hash, $name, $privs, $balance);
+ message('Entry saved.');
+ }
+ if($error !== true) {
+ return './people';
+ }
+ }
+ # otherwise, we display the form again. people_get_fields() has
+ # already put the posted values back into the template engine, so they will
+ # show up in the form fields. You should add some message asking people to
+ # fix their entry in whatever way you require.
+ } elseif($edit_id) {
+ # we've recieved an edit id, but no data. So we grab the values to be edited from the database
+ list($username, $password, $name, $privs, $balance) = db_get_row('people', PEOPLE_DB_FIELDS, 'where id=%i', $edit_id);
+ people_tem_sets($username, $password, $name, $privs, $balance);
+ } else {
+ # form not submitted, you can set default values like so:
+ #tem_set('username', 'Yes');
+ }
+
+ # this has to be later in the file because it requres that username be set already
+ if($edit_id) {
+ tem_show('edit_msg');
+ }
+
+ tem_show('form');
+}
+
+?>