3 /**************************************************************************
4 ** (c) Copyright 2003, Andromeda Technology & Automation
5 ** This is free software; you can redistribute it and/or modify it under the
6 ** terms of the GNU General Public License, see the file COPYING.
7 ***************************************************************************
8 ** MODULE INFORMATION *
9 ***********************
10 ** FILE NAME : users.php
11 ** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
12 ** VERSION NUMBER : $Revision: 1.4 $
14 ** DESCRIPTION : User Administration page.
15 ** Input parameters: action (POST) : empty, 'Create'
16 ** username (POST) : name of the user to create or remove
21 ***************************************************************************
22 ** ADMINISTRATIVE INFORMATION *
23 ********************************
24 ** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
25 ** CREATION DATE : Dec 04, 2002
26 ** LAST UPDATE : Feb 14, 2003
28 **************************************************************************/
30 /*****************************
32 Revision 1.4 2004-01-10 20:03:02 arjen
33 *** empty log message ***
35 Revision 1.3 2003/02/21 08:44:19 arjen
36 Add a new user and make him/her a member of a group.
37 Change of passwords added.
39 Revision 1.2 2003/02/13 09:01:29 arjen
40 All web interface pages use the page class.
42 ******************************/
44 // RCSID = "$Id: users.php,v 1.4 2004-01-10 20:03:02 arjen Exp $";
46 ini_set('include_path', '.:./classes:../phpclasses');
48 require_once('page.class.php');
50 function clientscripts()
54 <script language='JavaScript'>
55 function CheckCreate(f)
57 if (f.username.value == "")
59 alert("You must supply a username");
62 if (f.passwd.value == "")
64 alert("You must supply a password");
67 if (f.passwd.value != f.pwverify.value)
69 alert("Passwords don't match");
75 function CheckRemove(f)
77 var message = "Are you sure you want to remove user ";
78 message += f.username.value;
81 return confirm(message);
86 if (f.passwd.value == "")
88 alert("You must supply a password");
91 if (f.passwd.value != f.pwverify.value)
93 alert("Passwords don't match");
103 class user_page extends page
109 if (isset($_POST['action']) && $_POST['action'] == 'Create' && !empty($_POST['username']))
111 $query = "CREATE USER " . $_POST['username'] . " PASSWORD '"
112 . $_POST['passwd'] . "' IN GROUP " . $_POST['group'];
113 if (pg_exec($this->database, $query) == FALSE &&
114 strstr(pg_errormessage($this->database), "already exists") == false)
116 echo "You can not create a new user: " . pg_errormessage($this->database) . ".<br>";
120 pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
121 . $_POST['username'] . "','" . $_POST['seclevel'] . "')");
125 if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
127 pg_exec($this->database, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'");
128 pg_exec($this->database, "DROP USER " . $_POST['username']);
131 if (isset($_POST['action']) && $_POST['action'] == 'Change Password')
133 pg_exec($this->database, "ALTER USER " . $_SESSION['username'] .
134 " PASSWORD '" . $_POST['passwd'] . "'");
137 if (isset($_GET['username']))
139 echo "<h1>Detailed information for user " . $_GET['username'] . "</h1><br>\n";
141 if (isset($_POST['action']) && $_POST['action'] == 'Save Changes')
143 $qry = "UPDATE usr SET display_name='" . $_POST['dspname'] . "'";
144 $qry .= ", email='" . $_POST['email'] . "'";
145 $qry .= ", security_level='" . $_POST['seclevel'] . "'";
146 $qry .= " WHERE username='" . $_GET['username'] . "'";
148 pg_exec($this->database, $qry);
150 $res = pg_exec($this->database, "SELECT * from usr
151 WHERE username='" . $_GET['username'] . "'");
152 $usr = pg_fetch_object($res, 0);
154 echo "<form action='users.php?username=" . $usr->username . "' method='POST'>";
157 echo "<tr><td>Display name</td><td><input name='dspname' type='text' value='";
158 echo $usr->display_name . "'></td></tr>";
159 echo "<tr><td>Email address</td><td><input name='email' type='text' value='";
160 echo $usr->email . "'></td></tr>";
162 echo "<tr><td>Security level</td><td><select name='seclevel'>";
163 for ($seclevel = 1; $seclevel < 6; $seclevel++)
165 echo "<option value='$seclevel'";
166 if ($seclevel == $usr->security_level)
168 echo " selected='true'";
170 echo ">$seclevel</option>\n";
172 echo "</select></td></tr>";
174 echo "<input type='submit' name='action' value='Save Changes'>";
179 echo "<h1>User Administration</h1><hr>";
180 $res = pg_exec($this->database, "SELECT username, display_name, email, security_level
181 FROM usr ORDER BY username");
185 while ($usr < pg_numrows($res))
187 $u = pg_fetch_object($res, $usr);
189 <tr><td align='center'><a href='users.php?username=<?php echo $u->username ?>'><img src='user.png'></a><br>
190 <b><?php echo $u->username ?></b>
192 <?php echo $u->display_name ?>
194 <?php echo $u->email ?>
196 Sec. Level <?php echo $u->security_level ?>
198 <?php if ($_SESSION['username'] != $u->username)
201 <form action='users.php' method='post' onSubmit='return CheckRemove(this)'>
202 <input type='hidden' name='username' value='<?php echo $u->username ?>'>
203 <input type='submit' name='action' value='Remove'>
216 <h2>Create new user:</h2>
219 <form action='users.php' method='post' onSubmit='return CheckCreate(this)'>
220 User name: <input name='username' type='text'>
221 Group: <select name='group'>
222 <option value='view'>View</option>
223 <option value='ops'>Operator</option>
224 <option value='admin'>Admin</option>
226 Security level: <select name='seclevel'>
227 <option value='1'>1</option>
228 <option value='2'>2</option>
229 <option value='3'>3</option>
230 <option value='4'>4</option>
231 <option value='5'>5</option>
234 Password: <input type='password' name='passwd'>
235 Verify password: <input type='password' name='pwverify'>
237 <input type='submit' name='action' value='Create'>
241 <h2>Change your password:</h2>
242 <form action='users.php' method='post' onSubmit='return CheckPW(this)'>
243 New Password: <input type='password' name='passwd'>
244 Verify password: <input type='password' name='pwverify'>
246 <input type='submit' name='action' value='Change Password'>
253 $page = new user_page("Gnucomo User Administration");