***************************************************************************
** MODULE INFORMATION *
***********************
-** FILE NAME : user.php
+** FILE NAME : users.php
** SYSTEM NAME : Gnucomo - Gnu Computer Monitoring
-** VERSION NUMBER : $Revision: 1.2 $
+** VERSION NUMBER : $Revision: 1.3 $
**
** DESCRIPTION : User Administration page.
** Input parameters: action (POST) : empty, 'Create'
********************************
** ORIGINAL AUTHOR : Arjen Baart - arjen@andromeda.nl
** CREATION DATE : Dec 04, 2002
-** LAST UPDATE : Feb 08, 2003
+** LAST UPDATE : Feb 14, 2003
** MODIFICATIONS :
**************************************************************************/
/*****************************
$Log: users.php,v $
- Revision 1.2 2003-02-13 09:01:29 arjen
+ Revision 1.3 2003-02-21 08:44:19 arjen
+ Add a new user and make him/her a member of a group.
+ Change of passwords added.
+
+ Revision 1.2 2003/02/13 09:01:29 arjen
All web interface pages use the page class.
******************************/
-// RCSID = "$Id: users.php,v 1.2 2003-02-13 09:01:29 arjen Exp $";
+// RCSID = "$Id: users.php,v 1.3 2003-02-21 08:44:19 arjen Exp $";
ini_set('include_path', '.:./classes:../phpclasses');
return confirm(message);
}
+function CheckPW(f)
+{
+ if (f.passwd.value == "")
+ {
+ alert("You must supply a password");
+ return false;
+ }
+ if (f.passwd.value != f.pwverify.value)
+ {
+ alert("Passwords don't match");
+ return false;
+ }
+ return true;
+}
</script>
<?php
if (isset($_POST['action']) && $_POST['action'] == 'Create' && !empty($_POST['username']))
{
- pg_exec($this->database, "CREATE USER " . $_POST['username'] . " PASSWORD '"
- . $_POST['passwd'] . "'");
- pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
+ $query = "CREATE USER " . $_POST['username'] . " PASSWORD '"
+ . $_POST['passwd'] . "' IN GROUP " . $_POST['group'];
+ if (pg_exec($this->database, $query) == FALSE)
+ {
+ echo "You can not create a new user.<br>";
+ }
+ else
+ {
+ pg_exec($this->database, "INSERT INTO usr (username, security_level) VALUES ('"
. $_POST['username'] . "','" . $_POST['seclevel'] . "')");
+ }
}
if (isset($_POST['action']) && $_POST['action'] == 'Remove' && !empty($_POST['username']))
pg_exec($this->database, "DROP USER " . $_POST['username']);
}
- $res = pg_exec($this->database, "SELECT username, security_level FROM usr");
+ if (isset($_POST['action']) && $_POST['action'] == 'Change Password')
+ {
+ pg_exec($this->database, "ALTER USER " . $_SESSION['username'] .
+ " PASSWORD '" . $_POST['passwd'] . "'");
+ }
+
+ $res = pg_exec($this->database, "SELECT username, security_level FROM usr ORDER BY username");
echo "<table>";
$usr = 0;
<form action='users.php' method='post' onSubmit='return CheckCreate(this)'>
User name: <input name='username' type='text'>
+Group: <select name='group'>
+<option value='view'>View</option>
+<option value='ops'>Operator</option>
+<option value='admin'>Admin</option>
+</select>
Security level: <select name='seclevel'>
<option value='1'>1</option>
<option value='2'>2</option>
</form>
</p>
+<h2>Change your password:</h2>
+<form action='users.php' method='post' onSubmit='return CheckPW(this)'>
+New Password: <input type='password' name='passwd'>
+Verify password: <input type='password' name='pwverify'>
+<br>
+<input type='submit' name='action' value='Change Password'>
+</form>
<?php
}
}