r31k/bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

User manager improves

Browse Source
This commit is contained in:
dignajar 2015-11-06 21:23:50 -03:00
parent a58b33974d
commit 6326ed8c2a
12 changed files with 206 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
admin/controllers/add-user.php
View File

@ -18,30 +18,44 @@ function addUser($args)
global $dbUsers; global $dbUsers;
global $Language; global $Language;
// Check if the username already exist in db. // Check empty username
if( Text::isEmpty($args['username']) ) if( Text::isEmpty($args['new_username']) )
{ {
Alert::set($Language->g('username-field-is-empty')); Alert::set($Language->g('username-field-is-empty'), ALERT_STATUS_FAIL);
return false; return false;
} }
if( $dbUsers->userExists($args['username']) ) // Check already exist username
if( $dbUsers->userExists($args['new_username']) )
{ {
Alert::set($Language->g('username-already-exists')); Alert::set($Language->g('username-already-exists'), ALERT_STATUS_FAIL);
return false; return false;
} }
// Validate password. // Password length
if( ($args['password'] != $args['confirm-password'] ) || Text::isEmpty($args['password']) ) if( strlen($args['new_password']) < 6 )
{ {
Alert::set($Language->g('The password and confirmation password do not match')); Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
return false; return false;
} }
// Add the user. // Check new password and confirm password are equal
if( $dbUsers->add($args) ) if( $args['new_password'] != $args['confirm_password'] )
{ {
Alert::set($Language->g('user-has-been-added-successfully')); Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
return false;
}
// Filter form fields
$tmp = array();
$tmp['username'] = $args['new_username'];
$tmp['password'] = $args['new_password'];
$tmp['role'] = $args['role'];
// Add the user to the database
if( $dbUsers->add($tmp) )
{
Alert::set($Language->g('user-has-been-added-successfully'), ALERT_STATUS_OK);
return true; return true;
} }
else else

24
admin/controllers/edit-user.php
View File

@ -17,26 +17,6 @@ function editUser($args)
} }
} }
function setPassword($username, $new_password, $confirm_password)
{
global $dbUsers;
global $Language;
if( ($new_password===$confirm_password) && !Text::isEmpty($new_password) )
{
if( $dbUsers->setPassword($username, $new_password) ) {
Alert::set($Language->g('The changes have been saved'));
}
else {
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');
}
}
else {
Alert::set($Language->g('The password and confirmation password do not match'));
return false;
}
}
function deleteUser($args, $deleteContent=false) function deleteUser($args, $deleteContent=false)
{ {
global $dbUsers; global $dbUsers;
@ -92,10 +72,6 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' )
elseif(isset($_POST['delete-user-associate'])) { elseif(isset($_POST['delete-user-associate'])) {
deleteUser($_POST, false); deleteUser($_POST, false);
} }
elseif( !empty($_POST['new-password']) && !empty($_POST['confirm-password']) ) {
setPassword($_POST['username'], $_POST['new-password'], $_POST['confirm-password']);
editUser($_POST);
}
else { else {
editUser($_POST); editUser($_POST);
} }

73
admin/controllers/user-password.php Normal file
View File

@ -0,0 +1,73 @@
<?php defined('BLUDIT') or die('Bludit CMS.');
// ============================================================================
// Functions
// ============================================================================
function setPassword($username, $new_password, $confirm_password)
{
global $dbUsers;
global $Language;
// Password length
if( strlen($new_password) < 6 )
{
Alert::set($Language->g('Password must be at least 6 characters long'), ALERT_STATUS_FAIL);
return false;
}
if($new_password===$confirm_password)
{
if( $dbUsers->setPassword($username, $new_password) ) {
Alert::set($Language->g('The changes have been saved'), ALERT_STATUS_OK);
return true;
}
else {
Log::set(__METHOD__.LOG_SEP.'Error occurred when trying to change the user password.');
return false;
}
}
else {
Alert::set($Language->g('The password and confirmation password do not match'), ALERT_STATUS_FAIL);
return false;
}
}
// ============================================================================
// Main before POST
// ============================================================================
// ============================================================================
// POST Method
// ============================================================================
if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
// Prevent editors to administrate other users.
if($Login->role()!=='admin')
{
$_POST['username'] = $Login->username();
unset($_POST['role']);
}
if( setPassword($_POST['username'], $_POST['new_password'], $_POST['confirm_password']) ) {
Redirect::page('admin', 'users');
}
}
// ============================================================================
// Main after POST
// ============================================================================
if($Login->role()!=='admin') {
$layout['parameters'] = $Login->username();
}
$_user = $dbUsers->getDb($layout['parameters']);
// If the user doesn't exist, redirect to the users list.
if($_user===false) {
Redirect::page('admin', 'users');
}
$_user['username'] = $layout['parameters'];

15
admin/themes/default/css/default.css
View File

@ -99,9 +99,14 @@ button.delete-button:hover {
text-decoration: underline; text-decoration: underline;
} }
#jscontent {
height: 400px;
}
/* ----------- ALERT ----------- */
#alert { #alert {
display: none; display: none;
background: rgba(48, 102, 187, 0.91);
color: #ffffff; color: #ffffff;
padding: 24px; padding: 24px;
position: fixed; position: fixed;
@ -110,8 +115,12 @@ button.delete-button:hover {
z-index: 100; z-index: 100;
} }
#jscontent { .alert-ok {
height: 400px; background: rgba(48, 102, 187, 0.91);
}
.alert-fail {
background: rgba(187, 48, 48, 0.91);
} }
/* ----------- LOGIN FORM ----------- */ /* ----------- LOGIN FORM ----------- */

2
admin/themes/default/index.php
View File

@ -48,7 +48,7 @@ $(document).ready(function() {
}); });
</script> </script>
<div id="alert"> <div id="alert" class="<?php echo (Alert::status()==ALERT_STATUS_OK)?'alert-ok':'alert-fail'; ?>">
<?php Alert::p() ?> <?php Alert::p() ?>
</div> </div>

3
admin/themes/default/init.php
View File

@ -30,6 +30,7 @@ class HTML {
$type = isset($args['type']) ? $args['type'] : 'text'; $type = isset($args['type']) ? $args['type'] : 'text';
$class = empty($args['class']) ? '' : 'class="'.$args['class'].'"'; $class = empty($args['class']) ? '' : 'class="'.$args['class'].'"';
$placeholder = empty($args['placeholder']) ? '' : 'placeholder="'.$args['placeholder'].'"'; $placeholder = empty($args['placeholder']) ? '' : 'placeholder="'.$args['placeholder'].'"';
$disabled = empty($args['disabled']) ? '' : 'disabled';
$html = '<div class="uk-form-row">'; $html = '<div class="uk-form-row">';
@ -39,7 +40,7 @@ class HTML {
$html .= '<div class="uk-form-controls">'; $html .= '<div class="uk-form-controls">';
$html .= '<input id="'.$id.'" name="'.$args['name'].'" type="'.$type.'" '.$class.' '.$placeholder.' value="'.$args['value'].'">'; $html .= '<input id="'.$id.'" name="'.$args['name'].'" type="'.$type.'" '.$class.' '.$placeholder.' autocomplete="off" '.$disabled.' value="'.$args['value'].'">';
if(!empty($args['tip'])) { if(!empty($args['tip'])) {
$html .= '<p class="uk-form-help-block">'.$args['tip'].'</p>'; $html .= '<p class="uk-form-help-block">'.$args['tip'].'</p>';

10
admin/views/add-user.php
View File

@ -2,7 +2,7 @@
HTML::title(array('title'=>$L->g('Add a new user'), 'icon'=>'user-plus')); HTML::title(array('title'=>$L->g('Add a new user'), 'icon'=>'user-plus'));
HTML::formOpen(array('class'=>'uk-form-horizontal')); HTML::formOpen(array('id'=>'add-user-form', 'class'=>'uk-form-horizontal'));
// Security token // Security token
HTML::formInputHidden(array( HTML::formInputHidden(array(
@ -11,15 +11,15 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
)); ));
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'username', 'name'=>'new_username',
'label'=>$L->g('Username'), 'label'=>$L->g('Username'),
'value'=>(isset($_POST['username'])?$_POST['username']:''), 'value'=>(isset($_POST['new_username'])?$_POST['new_username']:''),
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>'' 'tip'=>''
)); ));
HTML::formInputPassword(array( HTML::formInputPassword(array(
'name'=>'password', 'name'=>'new_password',
'label'=>$L->g('Password'), 'label'=>$L->g('Password'),
'value'=>'', 'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',
@ -27,7 +27,7 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
)); ));
HTML::formInputPassword(array( HTML::formInputPassword(array(
'name'=>'confirm-password', 'name'=>'confirm_password',
'label'=>$L->g('Confirm Password'), 'label'=>$L->g('Confirm Password'),
'value'=>'', 'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium', 'class'=>'uk-width-1-2 uk-form-medium',

38
admin/views/edit-user.php
View File

@ -1,8 +1,8 @@
<?php <?php
HTML::title(array('title'=>$L->g('Edit user').' :: '.$_user['username'], 'icon'=>'user')); HTML::title(array('title'=>$L->g('Edit user'), 'icon'=>'user'));
HTML::formOpen(array('class'=>'uk-form-horizontal')); HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal'));
// Security token // Security token
HTML::formInputHidden(array( HTML::formInputHidden(array(
@ -18,6 +18,15 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
HTML::legend(array('value'=>$L->g('Profile'))); HTML::legend(array('value'=>$L->g('Profile')));
HTML::formInputText(array(
'name'=>'usernameDisable',
'label'=>$L->g('Username'),
'value'=>$_user['username'],
'class'=>'uk-width-1-2 uk-form-medium',
'disabled'=>true,
'tip'=>''
));
HTML::formInputText(array( HTML::formInputText(array(
'name'=>'firstName', 'name'=>'firstName',
'label'=>$L->g('First name'), 'label'=>$L->g('First name'),
@ -34,6 +43,13 @@ HTML::formOpen(array('class'=>'uk-form-horizontal'));
'tip'=>'' 'tip'=>''
)); ));
echo '<div class="uk-form-row">
<label class="uk-form-label">Password</label>
<div class="uk-form-controls">
<a href="'.HTML_PATH_ADMIN_ROOT.'user-password/'.$_user['username'].'">'.$L->g('Change password').'</a>
</div>
</div>';
if($Login->role()==='admin') { if($Login->role()==='admin') {
HTML::formSelect(array( HTML::formSelect(array(
@ -54,24 +70,6 @@ if($Login->role()==='admin') {
'tip'=>$L->g('email-will-not-be-publicly-displayed') 'tip'=>$L->g('email-will-not-be-publicly-displayed')
)); ));
HTML::legend(array('value'=>$L->g('Change password')));
HTML::formInputPassword(array(
'name'=>'new-password',
'label'=>$L->g('New password'),
'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>''
));
HTML::formInputPassword(array(
'name'=>'confirm-password',
'label'=>$L->g('Confirm Password'),
'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>''
));
echo '<div class="uk-form-row"> echo '<div class="uk-form-row">
<div class="uk-form-controls"> <div class="uk-form-controls">
<button type="submit" class="uk-button uk-button-primary">'.$L->g('Save').'</button> <button type="submit" class="uk-button uk-button-primary">'.$L->g('Save').'</button>

2
admin/views/new-post.php
View File

@ -44,7 +44,7 @@ echo '<div class="uk-width-large-3-10">';
// Tabs, general and advanced mode // Tabs, general and advanced mode
echo '<ul class="uk-tab" data-uk-tab="{connect:\'#tab-options\'}">'; echo '<ul class="uk-tab" data-uk-tab="{connect:\'#tab-options\'}">';
echo '<li><a href="">'.$L->g('General').'</a></li>'; echo '<li><a href="">'.$L->g('General').'</a></li>';
echo '<li><a href="">Images</a></li>'; echo '<li><a href="">'.$L->g('Images').'</a></li>';
echo '<li><a href="">'.$L->g('Advanced').'</a></li>'; echo '<li><a href="">'.$L->g('Advanced').'</a></li>';
echo '</ul>'; echo '</ul>';

55
admin/views/user-password.php Normal file
View File

@ -0,0 +1,55 @@
<?php
HTML::title(array('title'=>$L->g('Change password'), 'icon'=>'key'));
HTML::formOpen(array('id'=>'edit-user-profile-form','class'=>'uk-form-horizontal'));
// Security token
HTML::formInputHidden(array(
'name'=>'tokenCSRF',
'value'=>$Security->getToken()
));
// Hidden field username
HTML::formInputHidden(array(
'name'=>'username',
'value'=>$_user['username']
));
HTML::legend(array('value'=>$L->g('New password')));
HTML::formInputText(array(
'name'=>'usernameDisable',
'label'=>$L->g('Username'),
'value'=>$_user['username'],
'class'=>'uk-width-1-2 uk-form-medium',
'disabled'=>true,
'tip'=>''
));
HTML::formInputPassword(array(
'name'=>'new_password',
'label'=>$L->g('New password'),
'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>''
));
HTML::formInputPassword(array(
'name'=>'confirm_password',
'label'=>$L->g('Confirm password'),
'value'=>'',
'class'=>'uk-width-1-2 uk-form-medium',
'tip'=>''
));
echo '<div class="uk-form-row">
<div class="uk-form-controls">
<button type="submit" class="uk-button uk-button-primary">'.$L->g('Save').'</button>
<a href="'.HTML_PATH_ADMIN_ROOT.'edit-user/'.$_user['username'].'" class="uk-button">'.$L->g('Cancel').'</a>
</div>
</div>';
HTML::formClose();
?>

6
kernel/boot/init.php
View File

@ -48,6 +48,12 @@ if(!defined('JSON_PRETTY_PRINT')) {
define('JSON_PRETTY_PRINT', 128); define('JSON_PRETTY_PRINT', 128);
} }
// Alert status ok
define('ALERT_STATUS_OK', 0);
// Alert status fail
define('ALERT_STATUS_FAIL', 1);
// Salt length // Salt length
define('SALT_LENGTH', 8); define('SALT_LENGTH', 8);

12
kernel/helpers/alert.class.php
View File

@ -2,21 +2,25 @@
class Alert { class Alert {
// new // Status, 0 = OK, 1 = Fail
public static function set($value, $key='alert') public static function set($value, $status=ALERT_STATUS_OK, $key='alert')
{ {
Session::set('defined', true); Session::set('defined', true);
Session::set('alertStatus', $status);
Session::set($key, $value); Session::set($key, $value);
} }
public static function get($key='alert') public static function get($key='alert')
{ {
Session::set('defined', false); Session::set('defined', false);
return Session::get($key); return Session::get($key);
} }
public static function status()
{
return Session::get('alertStatus');
}
public static function p($key='alert') public static function p($key='alert')
{ {
echo self::get($key); echo self::get($key);