X-Git-Url: http://www.andromeda.nl/gitweb/?a=blobdiff_plain;f=src%2Fweb%2Fusers.php;h=3af9ea533ca3d8c386f39378669e6e4d23fd70cd;hb=e07d2e84999c45f899aa37513917f7fda7484a7b;hp=300c4fbc3688a584869aba4499facb2d65a87412;hpb=4ebb5b26a90443031290ac6c61d686a9496d8838;p=gnucomo.git
diff --git a/src/web/users.php b/src/web/users.php
index 300c4fb..3af9ea5 100644
--- a/src/web/users.php
+++ b/src/web/users.php
@@ -7,9 +7,9 @@
***************************************************************************
** MODULE INFORMATION *
***********************
-** FILE NAME : user.php
+** FILE NAME : users.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.2 $
+** VERSION NUMBER : $Revision: 1.3 $
**
** DESCRIPTION : User Administration page.
** Input parameters: action (POST) : empty, 'Create'
@@ -23,18 +23,22 @@
********************************
** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
** CREATION DATE : Dec 04, 2002
-** LAST UPDATE : Feb 08, 2003
+** LAST UPDATE : Feb 14, 2003
** MODIFICATIONS :
**************************************************************************/
/*****************************
$Log: users.php,v $
- Revision 1.2 2003-02-13 09:01:29 arjen
+ Revision 1.3 2003-02-21 08:44:19 arjen
+ Add a new user and make him/her a member of a group.
+ Change of passwords added.
+
+ Revision 1.2 2003/02/13 09:01:29 arjen
All web interface pages use the page class.
******************************/
-// RCSID = "$Id: users.php,v 1.2 2003-02-13 09:01:29 arjen Exp $";
+// RCSID = "$Id: users.php,v 1.3 2003-02-21 08:44:19 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
@@ -74,6 +78,20 @@ function CheckRemove(f)
return confirm(message);
}
+function CheckPW(f)
+{
+ if (f.passwd.value == "")
+ {
+ alert("You must supply a password");
+ return false;
+ }
+ if (f.passwd.value != f.pwverify.value)
+ {
+ alert("Passwords don't match");
+ return false;
+ }
+ return true;
+}
database, "CREATE USER " . $_POST['username'] . " PASSWORD '"
- . $_POST['passwd'] . "'");
- pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
+ $query = "CREATE USER " . $_POST['username'] . " PASSWORD '"
+ . $_POST['passwd'] . "' IN GROUP " . $_POST['group'];
+ if (pg_exec($this->database, $query) == FALSE)
+ {
+ echo "You can not create a new user.
";
+ }
+ else
+ {
+ pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
. $_POST['username'] . "','" . $_POST['seclevel'] . "')");
+ }
}
if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
@@ -100,7 +125,13 @@ class user_page extends page
pg_exec($this->database, "DROP USER " . $_POST['username']);
}
- $res = pg_exec($this->database, "SELECT username, security_level FROM usr");
+ if (isset($_POST['action']) && $_POST['action'] == 'Change Password')
+ {
+ pg_exec($this->database, "ALTER USER " . $_SESSION['username'] .
+ " PASSWORD '" . $_POST['passwd'] . "'");
+ }
+
+ $res = pg_exec($this->database, "SELECT username, security_level FROM usr ORDER BY username");
echo "