3 /**************************************************************************
4 ** (c) Copyright 2003, Andromeda Technology & Automation
5 ** This is free software; you can redistribute it and/or modify it under the
6 ** terms of the GNU General Public License, see the file COPYING.
7 ***************************************************************************
8 ** MODULE INFORMATION *
9 ***********************
10 ** FILE NAME : users.php
11 ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
12 ** VERSION NUMBER : $Revision: 1.5 $
14 ** DESCRIPTION : User Administration page.
15 ** Input parameters: action (POST) : empty, 'Create'
16 ** username (POST) : name of the user to create or remove
21 ***************************************************************************
22 ** ADMINISTRATIVE INFORMATION *
23 ********************************
24 ** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
25 ** CREATION DATE : Dec 04, 2002
26 ** LAST UPDATE : Feb 14, 2003
28 **************************************************************************/
30 /*****************************
32 Revision 1.5 2007-11-21 14:38:06 arjen
33 The buttonbar at the top of each page is now a fixed 'div' element
34 instead of a framed page.
35 Contributed by Edwin Nadorp.
37 Revision 1.4 2004/01/10 20:03:02 arjen
38 *** empty log message ***
40 Revision 1.3 2003/02/21 08:44:19 arjen
41 Add a new user and make him/her a member of a group.
42 Change of passwords added.
44 Revision 1.2 2003/02/13 09:01:29 arjen
45 All web interface pages use the page class.
47 ******************************/
49 // RCSID = "$Id: users.php,v 1.5 2007-11-21 14:38:06 arjen Exp $";
51 ini_set('include_path', '.:./classes:../phpclasses');
53 require_once('page.class.php');
55 function clientscripts()
59 <script type='text/ecmascript'>
60 function CheckCreate(f)
62 if (f.username.value == "")
64 alert("You must supply a username");
67 if (f.passwd.value == "")
69 alert("You must supply a password");
72 if (f.passwd.value != f.pwverify.value)
74 alert("Passwords don't match");
80 function CheckRemove(f)
82 var message = "Are you sure you want to remove user ";
83 message += f.username.value;
86 return confirm(message);
91 if (f.passwd.value == "")
93 alert("You must supply a password");
96 if (f.passwd.value != f.pwverify.value)
98 alert("Passwords don't match");
108 class user_page extends page
114 if (isset($_POST['action']) && $_POST['action'] == 'Create' && !empty($_POST['username']))
116 $query = "CREATE USER " . $_POST['username'] . " PASSWORD '"
117 . $_POST['passwd'] . "' IN GROUP " . $_POST['group'];
118 if (pg_exec($this->database, $query) == FALSE &&
119 strstr(pg_errormessage($this->database), "already exists") == false)
121 echo "You can not create a new user: " . pg_errormessage($this->database) . ".<br>";
125 pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
126 . $_POST['username'] . "','" . $_POST['seclevel'] . "')");
130 if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
132 pg_exec($this->database, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'");
133 pg_exec($this->database, "DROP USER " . $_POST['username']);
136 if (isset($_POST['action']) && $_POST['action'] == 'Change Password')
138 pg_exec($this->database, "ALTER USER " . $_SESSION['username'] .
139 " PASSWORD '" . $_POST['passwd'] . "'");
142 if (isset($_GET['username']))
144 echo "<script type='text/ecmascript'>
145 document.getElementById('menu_title').innerHTML =
146 '<h1>Detailed information for user " . $_GET['username'] . "<\/h1>'</script><br>";
147 if (isset($_POST['action']) && $_POST['action'] == 'Save Changes')
149 $qry = "UPDATE usr SET display_name='" . $_POST['dspname'] . "'";
150 $qry .= ", email='" . $_POST['email'] . "'";
151 $qry .= ", security_level='" . $_POST['seclevel'] . "'";
152 $qry .= " WHERE username='" . $_GET['username'] . "'";
154 pg_exec($this->database, $qry);
156 $res = pg_exec($this->database, "SELECT * from usr
157 WHERE username='" . $_GET['username'] . "'");
158 $usr = pg_fetch_object($res, 0);
160 echo "<form action='users.php?username=" . $usr->username . "' method='POST'>";
163 echo "<tr><td>Display name</td><td><input name='dspname' type='text' value='";
164 echo $usr->display_name . "'></td></tr>";
165 echo "<tr><td>Email address</td><td><input name='email' type='text' value='";
166 echo $usr->email . "'></td></tr>";
168 echo "<tr><td>Security level</td><td><select name='seclevel'>";
169 for ($seclevel = 1; $seclevel < 6; $seclevel++)
171 echo "<option value='$seclevel'";
172 if ($seclevel == $usr->security_level)
176 echo ">$seclevel</option>\n";
178 echo "</select></td></tr>";
180 echo "<input type='submit' name='action' value='Save Changes'>";
185 echo "<script type='text/ecmascript'>document.getElementById('menu_title').innerHTML = '<h1>User Administration<\/h1>'</script><br>";
186 $res = pg_exec($this->database, "SELECT username, display_name, email, security_level
187 FROM usr ORDER BY username");
191 while ($usr < pg_numrows($res))
193 $u = pg_fetch_object($res, $usr);
195 <tr><td align='center'><a href='users.php?username=<?php echo $u->username ?>'><img src='user.png' alt='users'></a><br>
196 <b><?php echo $u->username ?></b>
198 <?php echo $u->display_name ?>
200 <?php echo $u->email ?>
202 Sec. Level <?php echo $u->security_level ?>
204 <?php if ($_SESSION['username'] != $u->username)
207 <form action='users.php' method='post' onSubmit='return CheckRemove(this)'>
208 <input type='hidden' name='username' value='<?php echo $u->username ?>'>
209 <input type='submit' name='action' value='Remove'>
222 <h2>Create new user:</h2>
224 <form action='users.php' method='post' onSubmit='return CheckCreate(this)'>
225 User name: <input name='username' type='text'>
226 Group: <select name='group'>
227 <option value='view'>View</option>
228 <option value='ops'>Operator</option>
229 <option value='admin'>Admin</option>
231 Security level: <select name='seclevel'>
232 <option value='1'>1</option>
233 <option value='2'>2</option>
234 <option value='3'>3</option>
235 <option value='4'>4</option>
236 <option value='5'>5</option>
239 Password: <input type='password' name='passwd'>
240 Verify password: <input type='password' name='pwverify'>
242 <input type='submit' name='action' value='Create'>
245 <h2>Change your password:</h2>
246 <form action='users.php' method='post' onSubmit='return CheckPW(this)'>
247 New Password: <input type='password' name='passwd'>
248 Verify password: <input type='password' name='pwverify'>
250 <input type='submit' name='action' value='Change Password'>
257 $page = new user_page("Gnucomo User Administration");