User manager improves
This commit is contained in:
parent
a58b33974d
commit
6326ed8c2a
@ -18,30 +18,44 @@ function addUser($args)
|
||||
global $dbUsers;
|
||||
global $Language;
|
||||
|
||||
// Check if the username already exist in db.
|
||||
if( Text::isEmpty($args['username']) )
|
||||
// Check empty username
|
||||
if( Text::isEmpty($args['new_username']) )
|
||||
{
|
||||
Alert::set($Language->g('username-field-is-empty'));
|
||||
Alert::set($Language->g('username-field-is-empty'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
|
||||
if( $dbUsers->userExists($args['username']) )
|
||||
// Check already exist username
|
||||
if( $dbUsers->userExists($args['new_username']) )
|
||||
{
|
||||
Alert::set($Language->g('username-already-exists'));
|
||||
Alert::set($Language->g('username-already-exists'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Validate password.
|
||||
if( ($args['password'] != $args['confirm-password'] ) || Text::isEmpty($args['password']) )
|
||||
// Password length
|
||||
if( strlen($args['new_password']) < 6 )
|
||||
{
|
||||
Alert::set($Language->g('The password and confirmation password do not match'));
|
||||
Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Add the user.
|
||||
if( $dbUsers->add($args) )
|
||||
// Check new password and confirm password are equal
|
||||
if( $args['new_password'] != $args['confirm_password'] )
|
||||
{
|
||||
Alert::set($Language->g('user-has-been-added-successfully'));
|
||||
Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Filter form fields
|
||||
$tmp = array();
|
||||
$tmp['username'] = $args['new_username'];
|
||||
$tmp['password'] = $args['new_password'];
|
||||
$tmp['role'] = $args['role'];
|
||||
|
||||
// Add the user to the database
|
||||
if( $dbUsers->add($tmp) )
|
||||
{
|
||||
Alert::set($Language->g('user-has-been-added-successfully'), ALERT_STATUS_OK);
|
||||
return true;
|
||||
}
|
||||
else
|
||||
|
@ -17,26 +17,6 @@ function editUser($args)
|
||||
}
|
||||
}
|
||||
|
||||
function setPassword($username, $new_password, $confirm_password)
|
||||
{
|
||||
global $dbUsers;
|
||||
global $Language;
|
||||
|
||||
if( ($new_password===$confirm_password) && !Text::isEmpty($new_password) )
|
||||
{
|
||||
if( $dbUsers->setPassword($username, $new_password) ) {
|
||||
Alert::set($Language->g('The changes have been saved'));
|
||||
}
|
||||
else {
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');
|
||||
}
|
||||
}
|
||||
else {
|
||||
Alert::set($Language->g('The password and confirmation password do not match'));
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function deleteUser($args, $deleteContent=false)
|
||||
{
|
||||
global $dbUsers;
|
||||
@ -92,10 +72,6 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
elseif(isset($_POST['delete-user-associate'])) {
|
||||
deleteUser($_POST, false);
|
||||
}
|
||||
elseif( !empty($_POST['new-password']) && !empty($_POST['confirm-password']) ) {
|
||||
setPassword($_POST['username'], $_POST['new-password'], $_POST['confirm-password']);
|
||||
editUser($_POST);
|
||||
}
|
||||
else {
|
||||
editUser($_POST);
|
||||
}
|
||||
|
73
admin/controllers/user-password.php
Normal file
73
admin/controllers/user-password.php
Normal file
@ -0,0 +1,73 @@
|
||||
<?php defined('BLUDIT') or die('Bludit CMS.');
|
||||
|
||||
// ============================================================================
|
||||
// Functions
|
||||
// ============================================================================
|
||||
|
||||
function setPassword($username, $new_password, $confirm_password)
|
||||
{
|
||||
global $dbUsers;
|
||||
global $Language;
|
||||
|
||||
// Password length
|
||||
if( strlen($new_password) < 6 )
|
||||
{
|
||||
Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
|
||||
if($new_password===$confirm_password)
|
||||
{
|
||||
if( $dbUsers->setPassword($username, $new_password) ) {
|
||||
Alert::set($Language->g('The changes have been saved'), ALERT_STATUS_OK);
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
else {
|
||||
Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Main before POST
|
||||
// ============================================================================
|
||||
|
||||
// ============================================================================
|
||||
// POST Method
|
||||
// ============================================================================
|
||||
|
||||
if( $_SERVER['REQUEST_METHOD'] == 'POST' )
|
||||
{
|
||||
// Prevent editors to administrate other users.
|
||||
if($Login->role()!=='admin')
|
||||
{
|
||||
$_POST['username'] = $Login->username();
|
||||
unset($_POST['role']);
|
||||
}
|
||||
|
||||
if( setPassword($_POST['username'], $_POST['new_password'], $_POST['confirm_password']) ) {
|
||||
Redirect::page('admin', 'users');
|
||||
}
|
||||
}
|
||||
|
||||
// ============================================================================
|
||||
// Main after POST
|
||||
// ============================================================================
|
||||
|
||||
if($Login->role()!=='admin') {
|
||||
$layout['parameters'] = $Login->username();
|
||||
}
|
||||
|
||||
$_user = $dbUsers->getDb($layout['parameters']);
|
||||
|
||||
// If the user doesn't exist, redirect to the users list.
|
||||
if($_user===false) {
|
||||
Redirect::page('admin', 'users');
|
||||
}
|
||||
|
||||
$_user['username'] = $layout['parameters'];
|
@ -99,9 +99,14 @@ button.delete-button:hover {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
#jscontent {
|
||||
height: 400px;
|
||||
}
|
||||
|
||||
/* ----------- ALERT ----------- */
|
||||
|
||||
#alert {
|
||||
display: none;
|
||||
background: rgba(48, 102, 187, 0.91);
|
||||
color: #ffffff;
|
||||
padding: 24px;
|
||||
position: fixed;
|
||||
@ -110,8 +115,12 @@ button.delete-button:hover {
|
||||
z-index: 100;
|
||||
}
|
||||
|
||||
#jscontent {
|
||||
height: 400px;
|
||||
.alert-ok {
|
||||
background: rgba(48, 102, 187, 0.91);
|
||||
}
|
||||
|
||||
.alert-fail {
|
||||
background: rgba(187, 48, 48, 0.91);
|
||||
}
|
||||
|
||||
/* ----------- LOGIN FORM ----------- */
|
||||
|
@ -48,7 +48,7 @@ $(document).ready(function() {
|
||||
});
|
||||
</script>
|
||||
|
||||
<div id="alert">
|
||||
<div id="alert" class="<?php echo (Alert::status()==ALERT_STATUS_OK)?'alert-ok':'alert-fail'; ?>">
|
||||
<?php Alert::p() ?>
|
||||
</div>
|
||||
|
||||
|
@ -30,6 +30,7 @@ class HTML {
|
||||
$type = isset($args['type']) ? $args['type'] : 'text';
|
||||
$class = empty($args['class']) ? '' : 'class="'.$args['class'].'"';
|
||||
$placeholder = empty($args['placeholder']) ? '' : 'placeholder="'.$args['placeholder'].'"';
|
||||
$disabled = empty($args['disabled']) ? '' : 'disabled';
|
||||
|
||||
$html = '<div class="uk-form-row">';
|
||||
|
||||
@ -39,7 +40,7 @@ class HTML {
|
||||
|
||||
$html .= '<div class="uk-form-controls">';
|
||||
|
||||
$html .= '<input id="'.$id.'" name="'.$args['name'].'" type="'.$type.'" '.$class.' '.$placeholder.' value="'.$args['value'].'">';
|
||||
$html .= '<input id="'.$id.'" name="'.$args['name'].'" type="'.$type.'" '.$class.' '.$placeholder.' autocomplete="off" '.$disabled.' value="'.$args['value'].'">';
|
||||
|
||||
if(!empty($args['tip'])) {
|
||||
$html .= '<p class="uk-form-help-block">'.$args['tip'].'</p>';
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
HTML::title(array('title'=>$L->g('Add a new user'), 'icon'=>'user-plus'));
|
||||
|
||||
HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
HTML::formOpen(array('id'=>'add-user-form', 'class'=>'uk-form-horizontal'));
|
||||
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
@ -11,15 +11,15 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
));
|
||||
|
||||
HTML::formInputText(array(
|
||||
'name'=>'username',
|
||||
'name'=>'new_username',
|
||||
'label'=>$L->g('Username'),
|
||||
'value'=>(isset($_POST['username'])?$_POST['username']:''),
|
||||
'value'=>(isset($_POST['new_username'])?$_POST['new_username']:''),
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'password',
|
||||
'name'=>'new_password',
|
||||
'label'=>$L->g('Password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
@ -27,7 +27,7 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'confirm-password',
|
||||
'name'=>'confirm_password',
|
||||
'label'=>$L->g('Confirm Password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
|
@ -1,8 +1,8 @@
|
||||
<?php
|
||||
|
||||
HTML::title(array('title'=>$L->g('Edit user').' :: '.$_user['username'], 'icon'=>'user'));
|
||||
HTML::title(array('title'=>$L->g('Edit user'), 'icon'=>'user'));
|
||||
|
||||
HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal'));
|
||||
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
@ -18,6 +18,15 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
|
||||
HTML::legend(array('value'=>$L->g('Profile')));
|
||||
|
||||
HTML::formInputText(array(
|
||||
'name'=>'usernameDisable',
|
||||
'label'=>$L->g('Username'),
|
||||
'value'=>$_user['username'],
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'disabled'=>true,
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
HTML::formInputText(array(
|
||||
'name'=>'firstName',
|
||||
'label'=>$L->g('First name'),
|
||||
@ -34,6 +43,13 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
echo '<div class="uk-form-row">
|
||||
<label class="uk-form-label">Password</label>
|
||||
<div class="uk-form-controls">
|
||||
<a href="'.HTML_PATH_ADMIN_ROOT.'user-password/'.$_user['username'].'">'.$L->g('Change password').'</a>
|
||||
</div>
|
||||
</div>';
|
||||
|
||||
if($Login->role()==='admin') {
|
||||
|
||||
HTML::formSelect(array(
|
||||
@ -54,24 +70,6 @@ if($Login->role()==='admin') {
|
||||
'tip'=>$L->g('email-will-not-be-publicly-displayed')
|
||||
));
|
||||
|
||||
HTML::legend(array('value'=>$L->g('Change password')));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'new-password',
|
||||
'label'=>$L->g('New password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'confirm-password',
|
||||
'label'=>$L->g('Confirm Password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
echo '<div class="uk-form-row">
|
||||
<div class="uk-form-controls">
|
||||
<button type="submit" class="uk-button uk-button-primary">'.$L->g('Save').'</button>
|
||||
|
@ -44,7 +44,7 @@ echo '<div class="uk-width-large-3-10">';
|
||||
// Tabs, general and advanced mode
|
||||
echo '<ul class="uk-tab" data-uk-tab="{connect:\'#tab-options\'}">';
|
||||
echo '<li><a href="">'.$L->g('General').'</a></li>';
|
||||
echo '<li><a href="">Images</a></li>';
|
||||
echo '<li><a href="">'.$L->g('Images').'</a></li>';
|
||||
echo '<li><a href="">'.$L->g('Advanced').'</a></li>';
|
||||
echo '</ul>';
|
||||
|
||||
|
55
admin/views/user-password.php
Normal file
55
admin/views/user-password.php
Normal file
@ -0,0 +1,55 @@
|
||||
<?php
|
||||
|
||||
HTML::title(array('title'=>$L->g('Change password'), 'icon'=>'key'));
|
||||
|
||||
HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal'));
|
||||
|
||||
// Security token
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'tokenCSRF',
|
||||
'value'=>$Security->getToken()
|
||||
));
|
||||
|
||||
// Hidden field username
|
||||
HTML::formInputHidden(array(
|
||||
'name'=>'username',
|
||||
'value'=>$_user['username']
|
||||
));
|
||||
|
||||
HTML::legend(array('value'=>$L->g('New password')));
|
||||
|
||||
HTML::formInputText(array(
|
||||
'name'=>'usernameDisable',
|
||||
'label'=>$L->g('Username'),
|
||||
'value'=>$_user['username'],
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'disabled'=>true,
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'new_password',
|
||||
'label'=>$L->g('New password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
HTML::formInputPassword(array(
|
||||
'name'=>'confirm_password',
|
||||
'label'=>$L->g('Confirm password'),
|
||||
'value'=>'',
|
||||
'class'=>'uk-width-1-2 uk-form-medium',
|
||||
'tip'=>''
|
||||
));
|
||||
|
||||
echo '<div class="uk-form-row">
|
||||
<div class="uk-form-controls">
|
||||
<button type="submit" class="uk-button uk-button-primary">'.$L->g('Save').'</button>
|
||||
<a href="'.HTML_PATH_ADMIN_ROOT.'edit-user/'.$_user['username'].'" class="uk-button">'.$L->g('Cancel').'</a>
|
||||
</div>
|
||||
</div>';
|
||||
|
||||
HTML::formClose();
|
||||
|
||||
?>
|
@ -48,6 +48,12 @@ if(!defined('JSON_PRETTY_PRINT')) {
|
||||
define('JSON_PRETTY_PRINT', 128);
|
||||
}
|
||||
|
||||
// Alert status ok
|
||||
define('ALERT_STATUS_OK', 0);
|
||||
|
||||
// Alert status fail
|
||||
define('ALERT_STATUS_FAIL', 1);
|
||||
|
||||
// Salt length
|
||||
define('SALT_LENGTH', 8);
|
||||
|
||||
|
@ -2,21 +2,25 @@
|
||||
|
||||
class Alert {
|
||||
|
||||
// new
|
||||
public static function set($value, $key='alert')
|
||||
// Status, 0 = OK, 1 = Fail
|
||||
public static function set($value, $status=ALERT_STATUS_OK, $key='alert')
|
||||
{
|
||||
Session::set('defined', true);
|
||||
|
||||
Session::set('alertStatus', $status);
|
||||
Session::set($key, $value);
|
||||
}
|
||||
|
||||
public static function get($key='alert')
|
||||
{
|
||||
Session::set('defined', false);
|
||||
|
||||
return Session::get($key);
|
||||
}
|
||||
|
||||
public static function status()
|
||||
{
|
||||
return Session::get('alertStatus');
|
||||
}
|
||||
|
||||
public static function p($key='alert')
|
||||
{
|
||||
echo self::get($key);
|
||||
|
Loading…
Reference in New Issue
Block a user