3 /**************************************************************************
4 ** This is free software; you can redistribute it and/or modify it under the
5 ** terms of the GNU General Public License, see the file COPYING.
6 ***************************************************************************/
10 * User Administration page.
11 * Input parameters: action (POST) : empty, 'Create'
12 * username (POST) : name of the user to create or remove
16 require_once('classes/gnucomo_config.php');
19 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
22 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
23 <link rel='stylesheet' href='gnucomo.css' type='text/css'>
24 <title>GNUCoMo login</title>
26 <script language='JavaScript'>
27 function CheckCreate(f)
29 if (f.username.value == "")
31 alert("You must supply a username");
34 if (f.passwd.value == "")
36 alert("You must supply a password");
39 if (f.passwd.value != f.pwverify.value)
41 alert("Passwords don't match");
47 function CheckRemove(f)
49 var message = "Are you sure you want to remove user ";
50 message += f.username.value;
53 return confirm(message);
61 if (empty($_SESSION['username']))
63 echo "Please log in first.";
67 echo "<h1>User Administration</h1><hr>";
69 $config = new gnucomo_config;
71 $config->read("gnucomo");
73 // Connect to the database
74 $conn = pg_connect($config->Database($_SESSION['username'], $_SESSION['password']));
77 if (isset($_POST['action']) && $_POST['action'] == 'Create' && !empty($_POST['username']))
79 pg_exec($conn, "CREATE USER " . $_POST['username'] . " PASSWORD '"
80 . $_POST['passwd'] . "'");
81 pg_exec($conn, "INSERT INTO usr (username, security_level) VALUES ('"
82 . $_POST['username'] . "','" . $_POST['seclevel'] . "')");
85 if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
87 pg_exec($conn, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'");
88 pg_exec($conn, "DROP USER " . $_POST['username']);
91 $res = pg_exec($conn, "SELECT username, security_level FROM usr");
95 while ($usr < pg_numrows($res))
97 $u = pg_fetch_object($res, $usr);
99 <tr><td align='center'><img src='user.png'><br>
100 <b><?php echo $u->username ?></b>
102 Sec. Level <?php echo $u->security_level ?>
104 <?php if ($_SESSION['username'] != $u->username)
107 <form action='users.php' method='post' onSubmit='return CheckRemove(this)'>
108 <input type='hidden' name='username' value='<?php echo $u->username ?>'>
109 <input type='submit' name='action' value='Remove'>
123 <h2>Create new user:</h2>
126 <form action='users.php' method='post' onSubmit='return CheckCreate(this)'>
127 User name: <input name='username' type='text'>
128 Security level: <select name='seclevel'>
129 <option value='1'>1</option>
130 <option value='2'>2</option>
131 <option value='3'>3</option>
132 <option value='4'>4</option>
133 <option value='5'>5</option>
136 Password: <input type='password' name='passwd'>
137 Verify password: <input type='password' name='pwverify'>
139 <input type='submit' name='action' value='Create'>