<?php
/**************************************************************************
+** (c) Copyright 2003, Andromeda Technology & Automation
** This is free software; you can redistribute it and/or modify it under the
** terms of the GNU General Public License, see the file COPYING.
-***************************************************************************/
-
-/*
- *
- * User Administration page.
- * Input parameters: action (POST) : empty, 'Create'
- * username (POST) : name of the user to create or remove
- */
+***************************************************************************
+** MODULE INFORMATION *
+***********************
+** FILE NAME : users.php
+** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
+** VERSION NUMBER : $Revision: 1.3 $
+**
+** DESCRIPTION : User Administration page.
+** Input parameters: action (POST) : empty, 'Create'
+** username (POST) : name of the user to create or remove
+**
+** EXPORTED OBJECTS :
+** LOCAL OBJECTS :
+** MODULES USED :
+***************************************************************************
+** ADMINISTRATIVE INFORMATION *
+********************************
+** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
+** CREATION DATE : Dec 04, 2002
+** LAST UPDATE : Feb 14, 2003
+** MODIFICATIONS :
+**************************************************************************/
+
+/*****************************
+ $Log: users.php,v $
+ Revision 1.3 2003-02-21 08:44:19 arjen
+ Add a new user and make him/her a member of a group.
+ Change of passwords added.
+
+ Revision 1.2 2003/02/13 09:01:29 arjen
+ All web interface pages use the page class.
+
+******************************/
+
+// RCSID = "$Id: users.php,v 1.3 2003-02-21 08:44:19 arjen Exp $";
+
+ini_set('include_path', '.:./classes:../phpclasses');
+
+require_once('page.class.php');
+
+function clientscripts()
+{
-session_start();
-require_once('classes/gnucomo_config.php');
?>
-
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<link rel='stylesheet' href='gnucomo.css' type='text/css'>
-<title>GNUCoMo login</title>
-
<script language='JavaScript'>
function CheckCreate(f)
{
return confirm(message);
}
+function CheckPW(f)
+{
+ if (f.passwd.value == "")
+ {
+ alert("You must supply a password");
+ return false;
+ }
+ if (f.passwd.value != f.pwverify.value)
+ {
+ alert("Passwords don't match");
+ return false;
+ }
+ return true;
+}
</script>
-</head>
-<body>
<?php
-if (empty($_SESSION['username']))
-{
- echo "Please log in first.";
}
-else
-{
- echo "<h1>User Administration</h1><hr>";
-
- $config = new gnucomo_config;
- $config->read("gnucomo");
-
- // Connect to the database
- $conn = pg_connect($config->Database($_SESSION['username'], $_SESSION['password']));
+class user_page extends page
+{
+ function Body()
+ {
+ echo "<h1>User Administration</h1><hr>";
if (isset($_POST['action']) && $_POST['action'] == 'Create' && !empty($_POST['username']))
{
- pg_exec($conn, "CREATE USER " . $_POST['username'] . " PASSWORD '"
- . $_POST['passwd'] . "'");
- pg_exec($conn, "INSERT INTO usr (username, security_level) VALUES ('"
+ $query = "CREATE USER " . $_POST['username'] . " PASSWORD '"
+ . $_POST['passwd'] . "' IN GROUP " . $_POST['group'];
+ if (pg_exec($this->database, $query) == FALSE)
+ {
+ echo "You can not create a new user.<br>";
+ }
+ else
+ {
+ pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
. $_POST['username'] . "','" . $_POST['seclevel'] . "')");
+ }
}
if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
{
- pg_exec($conn, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'");
- pg_exec($conn, "DROP USER " . $_POST['username']);
+ pg_exec($this->database, "DELETE FROM usr WHERE username='" . $_POST['username'] . "'");
+ pg_exec($this->database, "DROP USER " . $_POST['username']);
+ }
+
+ if (isset($_POST['action']) && $_POST['action'] == 'Change Password')
+ {
+ pg_exec($this->database, "ALTER USER " . $_SESSION['username'] .
+ " PASSWORD '" . $_POST['passwd'] . "'");
}
- $res = pg_exec($conn, "SELECT username, security_level FROM usr");
+ $res = pg_exec($this->database, "SELECT username, security_level FROM usr ORDER BY username");
echo "<table>";
$usr = 0;
}
echo "</table>";
-}
?>
<h2>Create new user:</h2>
<form action='users.php' method='post' onSubmit='return CheckCreate(this)'>
User name: <input name='username' type='text'>
+Group: <select name='group'>
+<option value='view'>View</option>
+<option value='ops'>Operator</option>
+<option value='admin'>Admin</option>
+</select>
Security level: <select name='seclevel'>
<option value='1'>1</option>
<option value='2'>2</option>
<input type='submit' name='action' value='Create'>
</form>
</p>
-</body>
-</html>
+
+<h2>Change your password:</h2>
+<form action='users.php' method='post' onSubmit='return CheckPW(this)'>
+New Password: <input type='password' name='passwd'>
+Verify password: <input type='password' name='pwverify'>
+<br>
+<input type='submit' name='action' value='Change Password'>
+</form>
+<?php
+ }
+}
+
+$page = new user_page("Gnucomo User Administration");
+
+$page->Showpage();
+
+?>