diff -u -r -N karmapools.orig/admin/create.account.php karmapools/admin/create.account.php --- karmapools.orig/admin/create.account.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/create.account.php 2004-09-15 12:31:07.239056352 -0500 @@ -0,0 +1,101 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } + +$title = DEFAULT_SITE_TITLE . "::Admin Menu::Create User Account"; +$cols = 2; +$cmo = $cols - 1; +$bodyargs = 'onLoad="document.create_account.username.focus();"'; +$tmppass = generatePassword(); +$ip = $_SERVER['REMOTE_ADDR']; +$admin = $POOLSESS['userid']; +$ua = "Admin Menu::Create User Account ($admin)"; +$save_img = INCPREFIX . "images/save32.png"; +pageHeader(true,$title,$bodyargs); +?> + + diff -u -r -N karmapools.orig/admin/delete.account.php karmapools/admin/delete.account.php --- karmapools.orig/admin/delete.account.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/delete.account.php 2004-09-15 15:02:41.667493080 -0500 @@ -0,0 +1,54 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } + +if (!is_array($user_ar)) { die("TODO: write error message"); } +$title = DEFAULT_SITE_TITLE . "::Admin Menu::Delete User Account"; +$cols = 2; +$cmo = $cols - 1; +$del_img = INCPREFIX . "images/trash32.png"; +$close = ""; +$close .= "Close Window"; +pageHeader(true,$title); + +$user_name = $user_ar['info']['user_name']; +$pool_count = count($user_ar['pools']); +$entry_count = $user_ar['info']['total_entries']; + +if ($pool_count == 1 ) { $count = "pool"; } else { $count = "pools"; } +if ($entry_count == 1) { $entry = "entry"; } else { $entry = "entries"; } +?> + + diff -u -r -N karmapools.orig/admin/includes/admin.app.functions.php karmapools/admin/includes/admin.app.functions.php --- karmapools.orig/admin/includes/admin.app.functions.php 2004-09-14 09:54:25.000000000 -0500 +++ karmapools/admin/includes/admin.app.functions.php 2004-09-15 15:56:15.490917656 -0500 @@ -156,6 +156,284 @@ /***************************************************************************** * *****************************************************************************/ +function createSystemAccount() { + +if (!defined('SYSTEM_ACCOUNT')) { return false; } + +$tmp_ar = array('useraudit'=>0, + 'userlevel'=>"user", + 'userip'=>'127.0.0.1', + 'useragent'=>'Created by system', + 'username'=>SYSTEM_ACCOUNT, + 'userpass'=>generatePassword(), + 'confirm'=>true); + +return createUserAccount(false,$tmp_ar); + +} + +/***************************************************************************** + * + *****************************************************************************/ +function createUserAccount($echo=true,$pvars='') { + +$ca_url = "./?a=" . ADD_USER_QS; +$try_again = "Try Again"; + +isset($pvars['useraudit']) ? $au = $pvars['useraudit'] : $au = ''; +isset($pvars['userlevel']) ? $ul = $pvars['userlevel'] : $ul = ''; +isset($pvars['userip']) ? $ip = $pvars['userip'] : $ip = ''; +isset($pvars['useragent']) ? $ua = $pvars['useragent'] : $ua = ''; +isset($pvars['username']) ? $un = $pvars['username'] : $un = ''; +isset($pvars['userpass']) ? $pw = $pvars['userpass'] : $pw = ''; +isset($pvars['useremail']) ? $em = $pvars['useremail'] : $em = ''; + +$html = ''; +if ($ip == '') { $html .= "IP Address not specified
\n"; } +if ($ua == '') { $html .= "User Agent not specified
\n"; } +if ($ua == '') { $html .= "User Agent not specified
\n"; } +if ($un == '') { $html .= "Userid not specified
\n"; } +if ($pw == '') { $html .= "Password not specified
\n"; } + +if (userExists($un)) { $html .= "Userid already exists
"; } +if (strlen(addslashes($username)) > USERID_MAX_LEN) { + $html .= "Userid too long
"; + } +if ($em !== '' and emailExists($em)) { + $html .= "Duplicate email address
"; + } +switch("$ul") { + case "user": + break; + case "admin": + break; + default: + $html .= "User Access Level not specified
\n"; + break; + } +if ($html !== '') { + $msg = "

The account could not be created for the reasons listed "; + $msg .= "below:

"; + $msg .= $html; + $msg .= "

$try_again

"; + if ($echo) { echo $msg; return; } else { return $msg; } + } + +if ("$au" == "on") { $au = 1; } else { $au = 0; } +$un = addslashes($un); +$mpw = md5($pw); +$ip = addslashes($ip); +$ua = addslashes(substr($ua,0,UA_MAX_LEN)); +$em = addslashes($em); +$fl = "user_name,user_email,user_pass,user_ip,user_agent,user_level,"; +$fl .= "user_audit"; +$vl = "'$un','$em','$mpw','$ip','$ua','user',$au"; +$sql = "insert into " . DBN . ".pool_users($fl) values($vl)"; + +if (!db_query($sql)) { + $html = "Account creation failed due to sql failure. "; + $html .= "Try Again."; + if ($echo) { echo $html; return; } else { return $html; } + } + +$html = "

Account Created

Userid: $un
+Password: $mpw

+Close Window +

"; + +if ($echo) { die($html); } else { return $html; } + +} + +/***************************************************************************** + * + *****************************************************************************/ +function deleteUserAccount($echo=true,$pvars='') { + +global $POOLSESS; +$cuid = $POOLSESS['uid']; + +isset($pvars['uid']) ? $uid = $pvars['uid'] : $uid = ''; +isset($pvars['confirm']) ? $con = $pvars['confirm'] : $con = ''; + +$html = ''; +if ($uid == '') { $html .= "No Userid Specified.
\n"; } +if ($con == '') { $html .= "No Confirmation.
\n"; } +if (!uidExists($uid)) { $html .= "UID does not exist.
"; } +if ($uid == $cuid) { $html .= "Cannot delete your current login!
"; } + +$close = ""; +$close .= "Close Window"; +if ($html !== '') { + $msg = "

The account could not be removed for the reasons listed "; + $msg .= "below:

"; + $msg .= $html; + $msg .= "

$close

"; + if ($echo) { echo $msg; return; } else { return $msg; } + } + +// Assign the entries to the system account. +$sid = getSystemAccountId(); +if ($sid === false) { + $html = "

Failed: could not determine system account id.

"; + $html .= "

$close

"; + if ($echo) { echo $html; return; } else { return $html; } + } +if ($sid == $uid) { + $html = "

Failed: cannot delete the system account.

$close

"; + if ($echo) { echo $html; return; } else { return $html; } + } +// Reassign all entries to system account first. +$uid = addslashes($uid); +$sql = "update " . DBN . ".pool_data set user_id=$sid where user_id=$uid"; +if (!db_query($sql)) { + $html = "

Failed: could not reassign pool data entries.

"; + $html .= "

$close

"; + if ($echo) { echo $html; return; } else { return $html; } + } +// delete the user +$sql = "delete from " . DBN . ".pool_users where user_id=$uid limit 1"; +if (!db_query($sql) or !db_affected_rows() == 1) { + $html = "

Failed: could not delete the user for unknown reason.

"; + $html .= "

$close

"; + if ($echo) { echo $html; return; } else { return $html; } + } + +$html = "

The user account has been deleted and any existing pool entries "; +$html .= "have been assigned to the system account (" . SYSTEM_ACCOUNT; +$html .= ")

$close

"; + +if ($echo) { echo $html; } else { return $html; } + +} + +/***************************************************************************** + * + *****************************************************************************/ +function generatePassword($min=4,$max=5) { + +return generateRandomString(rand($min,$max)); + +} + +/******************************************************************************* + * + *******************************************************************************/ +function generateRandomString($size) { + +$s = ''; +while (strlen("$s") !== $size) { + $s = ''; + srand((double)microtime()*1000000); + $random_char = array('0','1','2','3','4','5','6','7','8','9','a','b','c','d', + 'e','f','g','h','i','j','k','l','m','n','o','p','q','r', + 's','t','u','v','w','x','y','z','A','B','C','D','E','F', + 'G','H','I','J','K','L','M','N','O','P','Q','R','S','T', + 'U','V','W','X','Y','Z','-','?','#','@'); + $MIN = 1; + $MAX = count($random_char); + for ($i=0; $i<$size; $i++) { + $s .= $random_char[rand($MIN,$MAX)]; + } + } +return "$s"; + +} + +/***************************************************************************** + * + *****************************************************************************/ +function getSystemAccountId() { +if (!userExists(SYSTEM_ACCOUNT)) { + if (!createSystemAccount()) { + return false; + } + } +return queryUserId(SYSTEM_ACCOUNT); +} + +/***************************************************************************** + * + *****************************************************************************/ +function queryUserId($user_name='') { + +if (!userExists($user_name)) { return false; } +$user_name = addslashes($user_name); + +$sql = "select user_id from " . DBN . ".pool_users "; +$sql .= "where user_name='$user_name' limit 1"; +if (!$qid = db_query($sql)) { return false; } +if (!db_num_rows($qid) == 1) { return false; } + +return db_result($qid,0,0); + +} + +/***************************************************************************** + * + *****************************************************************************/ +function queryUserInfo($user_id='') { + +if (!uidExists($user_id)) { return false; } +$user_id = addslashes($user_id); +$sql = "select * from " . DBN . ".pool_users where user_id=$user_id "; +$sql .= "limit 1"; +if (!$qid = db_query($sql)) { return false; } +$num = db_num_rows($qid); +if ($num == 1) { + $info_ar = db_fetch_array($qid); + } else { + return false; + } +if (!is_array($info_ar) or !count($info_ar) == 1) { return false; } +$sql = "select distinct(a.pool_id),b.pool_name "; +$sql .= "from " . DBN . ".pool_data as a, " . DBN . ".pool_ids as b "; +$sql .= "where a.user_id=$user_id and a.pool_id=b.pool_id "; +$sql .= "order by b.pool_name"; +if (!$qid = db_query($sql)) { echo mysql_error(); return false; } +$pools_ar = array(); +$num = db_num_rows($qid); +for($j=0; $j < $num; $j++) { + $pid = db_result($qid,$j,0); + $pn = stripslashes(db_result($qid,$j,1)); + $pools_ar[] = array('pid'=>$pid,'pool_name'=>"$pn"); + } +db_free_result($qid); +if (count($pools_ar) < 1) { + $info_ar['total_entries'] = 0; + return array('info'=>$info_ar,'pools'=>$pools_ar); + } + +$total_entries = 0; +for($j=0; $j < count($pools_ar); $j++) { + $tmp_ar = array(); + $pid = $pools_ar[$j]['pid']; + $sql = "select date_entered, date_guess, user_comment "; + $sql .= "from " . DBN . ".pool_data where pool_id=$pid and "; + $sql .= "user_id=$user_id order by date_entered"; + if (!$qid = db_query($sql)) { return false; } + $num = db_num_rows($qid); + if ($num > 0) { + for($k=0; $k < $num; $k++) { + $tmp_ar[] = db_fetch_array($qid); + } + } + $pools_ar[$j]['entries'] = $tmp_ar; + $total_entries += count($tmp_ar); + db_free_result($qid); + } + +$info_ar['total_entries'] = $total_entries; + +return array('info'=>$info_ar,'pools'=>$pools_ar); + +} + +/***************************************************************************** + * + *****************************************************************************/ function queryUsers($start='0',$order='un',$search='',$field='') { if (!is_numeric($start)) { return false; } diff -u -r -N karmapools.orig/admin/includes/admin.globals.php karmapools/admin/includes/admin.globals.php --- karmapools.orig/admin/includes/admin.globals.php 2004-09-14 14:30:52.000000000 -0500 +++ karmapools/admin/includes/admin.globals.php 2004-09-15 15:21:27.223382576 -0500 @@ -25,6 +25,7 @@ // misc defaults define(MAX_ROWS,20); +define(SYSTEM_ACCOUNT,"System"); // includes require_once('includes/admin.html.functions.php'); diff -u -r -N karmapools.orig/admin/includes/admin.html.functions.php karmapools/admin/includes/admin.html.functions.php --- karmapools.orig/admin/includes/admin.html.functions.php 2004-09-14 14:41:33.000000000 -0500 +++ karmapools/admin/includes/admin.html.functions.php 2004-09-15 13:16:31.196951808 -0500 @@ -77,17 +77,17 @@ $class = "row2"; $row1 = true; } - $view_user_qs = "./?a=" . VIEW_USER_QS . "&uid=$uid"; - $view_user_href = ""; - $view_user_href .= "$un"; - $edit_user_qs = "./?a=" . EDIT_USER_QS . "&uid=$uid"; - $edit_user_href = ""; - $edit_user_href .= "

"; - $del_user_qs = "./?a=" . DELETE_USER_QS . "&uid=$uid"; - $del_user_href = ""; - $del_user_href .= "

"; + $view_qs = "./?a=" . VIEW_USER_QS . "&uid=$uid"; + $view_href = ""; + $view_href .= "$un"; + $edit_qs = "./?a=" . EDIT_USER_QS . "&uid=$uid"; + $edit_href = ""; + $edit_href .= "

"; + $del_qs = "./?a=" . DELETE_USER_QS . "&uid=$uid"; + $del_img = "

"; + $del_href = popupLink("$del_qs","$del_img"); if ($au > 0) { $flip_audit_qs = "./?a=" . FLIP_AUDIT_QS . "&audit=on"; $flip_audit_img = "

"; $flip_audit_href .= "$flip_audit_img"; $html .= " - $view_user_href + $view_href $ue $ip $ua $ul $flip_audit_href - $edit_user_href + $edit_href - $del_user_href + $del_href \n"; } @@ -125,12 +125,8 @@ function displayUserListHeader($echo=true,$order='',$search='',$field='') { $qs = ''; -if (isset($search) and !empty($search)) { - $qs .= "&q=" . $search; - } -if (isset($field) and !empty($field)) { - $qs .= "&f=" . $field; - } +if (isset($search) and !empty($search)) { $qs .= "&q=" . $search; } +if (isset($field) and !empty($field)) { $qs .= "&f=" . $field; } $text = ""; @@ -141,9 +137,10 @@ $o_audit = $text . "au\">Audit"; $add_qs = "./?a=" . ADD_USER_QS; -$add_img = INCPREFIX . "images/add16.png"; -$add_href = "

"; +$add_img = "

"; +$add_href = popupLink("$add_qs","$add_img"); +//$add_href = "

"; $html = " $o_userid @@ -239,6 +236,26 @@ /***************************************************************************** * *****************************************************************************/ +function selectAccessLevel($echo=true,$default='') { + +$tmp_ar = array("user","admin"); +$html = "\n"; + +if ($echo) { echo $html; } else { return $html; } + +} +/***************************************************************************** + * + *****************************************************************************/ function selectUserListField($echo=true,$default='') { $tmp_ar = array(); @@ -264,7 +281,6 @@ if ($echo) { echo $html; } else { return $html; } - } ?> diff -u -r -N karmapools.orig/admin/index.php karmapools/admin/index.php --- karmapools.orig/admin/index.php 2004-09-14 14:36:09.000000000 -0500 +++ karmapools/admin/index.php 2004-09-15 16:10:42.951043672 -0500 @@ -6,7 +6,6 @@ *****************************************************************************/ define(ADMINREQUEST,true); require_once("../includes/globals.php"); - /***************************************************************************** * direct traffic * *****************************************************************************/ @@ -18,7 +17,14 @@ switch ("$a") { // add user case ADD_USER_QS: - die("Ain't done yet!"); + if ($_POST['confirm']) { + $html = createUserAccount(false,$_POST); + $subtitle = "Account Creation Status"; + $bodyargs = "onLoad='opener.location.reload()'"; + die(displayMessage($html,$subtitle,$bodyargs)); + } else { + die(include("./create.account.php")); + } break; // create pool case CREATE_POOL_QS: @@ -32,7 +38,30 @@ break; // delete user case DELETE_USER_QS: - die("Ain't done yet!"); + isset($uid) ? $uid = $_REQUEST['uid'] : $uid = $_POST['uid']; + if (!is_numeric($uid) or !uidExists($uid)) { + $subtitle = "Account Removal Error"; + $html = "

Cannot remove non-existant Userid.

"; + $html .= "

docs/ChangeLog, + admin/create.account.php,admin/delete.account.php, + admin/includes/admin.app.functions.php,admin/includes/admin.globals.php, + admin/includes/admin.html.functions.php,admin/index.php,images/save32.png, + images/trash32.png,includes/html.functions.php,style.css,patch-0.0.5-01: + + Added create/delete user functionality to admin files. Added SYSTEM_ACCOUNT + define to use as an account deleted user entries are assigned to. Added + capability for body arguments to be passed to displayMessage() so that + onload() statements and such can be passed. Changed width of + displayMessage() to 100% since it is used primarily by popup windows. + Removed test-align: justify from tr.info in style.css because short messages + looked bad. Updated ChangeLog, bumped version to 0.0.6 to accommodate new + images. + *karmapools-0.0.4 (13 Sep 2004) 14 Sep 2004; Mike Green docs/ChangeLog, Files karmapools.orig/images/save32.png and karmapools/images/save32.png differ Files karmapools.orig/images/trash32.png and karmapools/images/trash32.png differ diff -u -r -N karmapools.orig/includes/html.functions.php karmapools/includes/html.functions.php --- karmapools.orig/includes/html.functions.php 2004-09-14 09:03:17.000000000 -0500 +++ karmapools/includes/html.functions.php 2004-09-15 16:08:24.088154040 -0500 @@ -9,7 +9,7 @@ /***************************************************************************** * *****************************************************************************/ -function displayMessage($message='',$subtitle='') { +function displayMessage($message='',$subtitle='',$bodyargs='') { if ($message == '') { $message = "Not sure what to tell you, 10-4 good buddy."; @@ -20,8 +20,8 @@ $title .= "::$subtitle"; } -$html = pageHeader(false,$title); -$html .= tableOpen(false,array('width'=>"500")); +$html = pageHeader(false,"$title","$bodyargs"); +$html .= tableOpen(false,array('width'=>"100%")); $html .= " $title @@ -37,7 +37,7 @@ \n"; -$html .= tableClose() . pageFooter(); +$html .= tableClose(false) . pageFooter(false); die($html); diff -u -r -N karmapools.orig/style.css karmapools/style.css --- karmapools.orig/style.css 2004-09-14 11:04:28.000000000 -0500 +++ karmapools/style.css 2004-09-15 13:01:59.507468752 -0500 @@ -31,7 +31,7 @@ tr.info { background-color:#000000; color:#ffffff; font-size: 11.5px; font-family: Verdana,Geneva,Arial,Helvetica,sans-serif; - font-weight:normal; text-align:justify; } + font-weight:normal; } tr.row1 { background-color:#d2d2d2; font-size:10pt; color:#000000; font-weight:normal; } tr.row2 { background-color:#a5a5a5; font-size:10pt;