initial commit.

Partway through a rewrite. I have some old files I didn't want to entirely delete.
author: Luke Shumaker <LukeShu@sbcglobal.net> 2011-08-01 01:22:36 -0400
committer: Luke Shumaker <LukeShu@sbcglobal.net> 2011-08-01 01:22:36 -0400
commit: 09dfe32eb6b538225686fd6ed0220240010bc574 (patch)
tree: 29c1afc5e79519ba8689a3d5d170c312d3cf5033 /src/views/pages/users
11 files changed, 553 insertions, 0 deletions
diff --git a/src/views/pages/users/401.html.php b/src/views/pages/users/401.html.php
new file mode 100644
index 0000000..0a5a1ce
--- /dev/null
+++ b/src/views/pages/users/401.html.php
@@ -0,0 +1,15 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->status('401 Unauthorized');
+$t->header('Unauthorized');
+$t->tag('h1', array(), "401: Unauthorized");
+if ($VARS['uid']===false) {
+	// Not logged in
+	$t->paragraph('You need to be logged in to view user-data.');
+} else {
+	// Logged in, so the account must not activated
+	$t->paragraph('Your account needs to be activated by an administrator '.
+	              'to view user-data.');
+}
+$t->footer();
diff --git a/src/views/pages/users/404.html.php b/src/views/pages/users/404.html.php
new file mode 100644
index 0000000..00f9dca
--- /dev/null
+++ b/src/views/pages/users/404.html.php
@@ -0,0 +1,10 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$username = $VARS['username'];
+
+$t->status('404 Not Found');
+$t->header('User Not Found');
+$t->tag('h1',array(),"404: Not Found");
+$t->paragraph('No user with the name <q>'.
+              htmlentities($username).'</q> exists.');
+$t->footer();
diff --git a/src/views/pages/users/500.html.php b/src/views/pages/users/500.html.php
new file mode 100644
index 0000000..27038a4
--- /dev/null
+++ b/src/views/pages/users/500.html.php
@@ -0,0 +1,13 @@
+<?php global $VARS, $mm;
+$t = $VARS['template'];
+
+$t->status('500 Internal Server Error');
+$t->header('Unknown error');
+$t->paragraph("An unknown error was encountered when creating ".
+              "the user. The username appears to be free, and ".
+              "the passwords match, so I'm assuming that the ".
+              "error is on our end. Sorry.");
+$t->paragraph("Here's a dump of the SQL error stack, it may ".
+              "help us find the issue:");
+$t->tag('pre', array(), htmlentities($mm->mysql_error()));
+$t->footer();
diff --git a/src/views/pages/users/created.html.php b/src/views/pages/users/created.html.php
new file mode 100644
index 0000000..72aa26e
--- /dev/null
+++ b/src/views/pages/users/created.html.php
@@ -0,0 +1,16 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$username = $VARS['username'];
+
+$t->status('201 Created');
+header('Location: '.$t->url("users/$username"));
+$t->header('User created');
+$t->paragraph("You can go ahead and fill out more of your ".
+              "user information, (click the @username link at ".
+              "the top) but will need to wait for an ".
+              "administrator to approve your account before ".
+              "you can really use the site.  Actually, ".
+              "filling your info out might help approval, so ".
+              "that the administrator can more easily see who ".
+              "you are.");
+$t->footer();
diff --git a/src/views/pages/users/include.php b/src/views/pages/users/include.php
new file mode 100644
index 0000000..6e8c90b
--- /dev/null
+++ b/src/views/pages/users/include.php
@@ -0,0 +1,60 @@
+<?php global $mm;
+
+require_once('User.class.php');
+
+/**
+ * This will take care of possibly updating and displaying a value in the
+ * 'users' table.
+ */
+function inputText($user, $name, $label, $hint='') {
+	if ($user->canEdit()) {
+		if (isset($_POST["user_$name"])) {
+			$user->setConf($name, $_POST["user_$name"]);
+		}
+	}
+	
+	$current_setting = $user->getConf($name);
+	
+	global $mm;
+	$t = $mm->template();
+	$t->inputText("user_$name", $label, $hint, $current_setting,
+	              !$user->canEdit());
+}
+
+function inputArray($user, $name, $arr) {
+	global $mm;
+	$t = $mm->template();
+	
+	if (isset($_POST[$name]) && is_array($_POST[$name])) {
+		$user->setConfArray($name, $_POST[$name]);
+	}
+	$defaults = $user->getConfArray($name);
+	
+	foreach ($arr as $value => $label) {
+		$t->inputBool($name, $value, $label,
+		              in_array($value, $defaults), !$user->canEdit());
+	}
+}
+
+function inputNewPassword($user, $name, $label) {
+	@$password1 = $_POST[$name          ];
+	@$password2 = $_POST[$name.'_verify'];
+	
+	// Check the verify box, not main box, so that we don't get tripped by
+	// browsers annoyingly autocompleting the password.
+	$is_set = ($password2 != '');
+	
+	global $mm;
+	$t = $mm->template();
+
+	if ($is_set) {
+		$matches = ( $password1 == $password2 );
+		if ($matches) {
+			$user->setPassword($password1);
+			$t->inputP('Password successfully updated.');
+		} else {
+			$t->inputP("Passwords don't match.", true);
+		}
+	}
+	$t->inputNewPassword($name, $label);
+}
diff --git a/src/views/pages/users/index.csv.php b/src/views/pages/users/index.csv.php
new file mode 100644
index 0000000..527e508
--- /dev/null
+++ b/src/views/pages/users/index.csv.php
@@ -0,0 +1,27 @@
+<?php global $VARS;
+$attribs = $VARS['template'];
+$users = $VARS['users'];
+
+function escape($value) {
+	if (is_bool($value)) {
+		return ($value?'true':'false');
+	} else {
+		$chars = "'" . '"' .  '\\' . ',';
+		return addcslashes($str, $chars);
+	}
+}
+
+$arr = array();
+foreach ($attribs as $attrib) {
+	$arr[] = escape($attrib['name']);
+}
+echo implode(',', $arr)."\n";
+
+foreach ($users as $user) {
+	$arr = array();
+	foreach ($attribs as $attrib) {
+		$props = $user[$attrib['key']];
+		$arr[] = escape($props['value']);
+	}
+	echo implode(',', $arr)."\n";
+}
diff --git a/src/views/pages/users/index.html.php b/src/views/pages/users/index.html.php
new file mode 100644
index 0000000..5f1ab02
--- /dev/null
+++ b/src/views/pages/users/index.html.php
@@ -0,0 +1,65 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$attribs = $VARS['template'];
+$users = $VARS['users'];
+
+$t->header('Users');
+
+$t->openTag('form', array('action'=>$t->url('users/index'),
+                          'method'=>'post'));
+
+$t->openTag('table');
+
+$t->openTag('tr');
+foreach ($attribs as $attrib) {
+	$t->tag('th', array(), $attrib['name']);
+}
+$t->tag('th');
+$t->closeTag('tr');
+
+foreach ($users as $user) {
+	$t->openTag('tr');
+	
+	foreach ($attribs as $attrib) {
+		$props = $user[$attrib['key']];
+		
+		$value    = $props['value'];
+		$editable = $props['editable'];
+		$post_key = $props['post_key'];
+		$bool = is_bool($value);
+		
+		$arr = array('name'=>$post_key);
+		if (!$editable) {
+			$arr['readonly'] = 'readonly';
+			if ($bool) $arr['disabled'] = $disabled;
+		}
+		if ($bool) {
+			if ($value==true) {
+				$arr['checked'] = 'checked';
+			}
+			$arr['value'] = 'true';
+			$arr['type'] = 'checkbox';
+		} else {
+			$arr['value'] = $value;
+			$arr['type'] = 'text';
+		}
+		
+		$t->openTag('td');
+		$t->tag('input', $arr);
+		$t->closeTag('td');
+	}
+	
+	$t->openTag('td');
+	$t->link($t->url('users/'.$user['auth_name']['value']), 'More');
+	$t->closeTag('td');
+	
+	$t->closeTag('tr');
+}
+
+$t->closeTag('table');
+
+$t->tag('input', array('type'=>'submit',
+                       'value'=>'Save/Update'));
+$t->closeTag('form');
+
+$t->footer();
diff --git a/src/views/pages/users/index.php b/src/views/pages/users/index.php
new file mode 100644
index 0000000..d801faf
--- /dev/null
+++ b/src/views/pages/users/index.php
@@ -0,0 +1,116 @@
+<?php global $mm;
+
+$logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
+if (!$logged_in_user->isUser()) {
+	include(VIEWPATH.'/pages/users/401.php');
+	exit();
+}
+
+function attrib($key, $name, $check=false) {
+	return array('key'=>$key, 'name'=>$name, 'checkbox'=>$check);
+}
+
+function getSetConf($user, $key) {
+	global $mm;
+	$logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
+	$uid = $user->getUID();
+	$post_key = $key."[$uid]";
+	@$value = $_POST[$post_key];
+	$editable = $user->canEdit();
+	$edit = isset($_POST[$post_key]);
+	
+	switch ($key) {
+	case 'auth_name':
+		if ($editable && $edit) $user->setName($value);
+		$value = $user->getName();
+		break;
+	case 'auth_user':
+		$editable = $editable && $logged_in_user->isAdmin();
+		if ($editable && $edit) $user->setUser($value=='true');
+		$value = $user->isUser();
+		break;
+	case 'auth_admin':
+		$editable = $editable && $logged_in_user->isAdmin();
+		if ($editable && $edit) $user->setAdmin($value=='true');
+		$value = $user->isAdmin();
+		break;
+	default: 
+		if ($editable && $edit) $user->setConf($key, $value);
+		$value = $user->getConf($key);
+		break;
+	}
+	
+	return array(
+	             'value'=>$value,
+	             'post_key'=>$post_key,
+	             'editable'=>$editable);
+}
+
+$attribs = array(attrib('auth_user', 'Active', true),
+                 attrib('lastname','Last'),
+                 attrib('firstname','First'),
+                 attrib('hsclass','Class of'),
+                 attrib('phone','Phone number'),
+                 attrib('email','Email'),
+                 attrib('auth_name', 'Username'),
+                 );
+
+////////////////////////////////////////////////////////////////////////////////
+
+$t = $mm->template();
+$mm->header('Users');
+
+$t->openTag('form', array('action'=>$mm->baseUrl().'users',
+                          'method'=>'post'));
+
+$t->openTag('table');
+
+$t->openTag('tr');
+foreach ($attribs as $attrib) {
+	$t->tag('th', array(), $attrib['name']);
+}
+$t->tag('th');
+$t->closeTag('tr');
+
+$uids = $mm->listUsers();
+foreach ($uids as $uid) {
+	$user = $mm->getAuthObj($uid);
+	$t->openTag('tr');
+	
+	foreach ($attribs as $attrib) {
+		$props = getSetConf($user, $attrib['key']);
+		
+		$arr = array('name'=>$props['post_key']);
+		if (!$props['editable']) {
+			$arr['readonly'] = 'readonly';
+			if ($attrib['checkbox']) $arr['disabled'] = $disabled;
+		}
+		if ($attrib['checkbox']) {
+			if ($props['value'])
+				$arr['checked'] = 'checked';
+			$arr['value'] = 'true';
+			$arr['type'] = 'checkbox';
+		} else {
+			$arr['value'] = $props['value'];
+			$arr['type'] = 'text';
+		}
+		
+		$t->openTag('td');
+		$t->tag('input', $arr);
+		$t->closeTag('td');
+	}
+	
+	$t->openTag('td');
+	$t->link($mm->baseUrl().'users/'.$user->getName(), 'More');
+	$t->closeTag('td');
+	
+	$t->closeTag('tr');
+}
+
+$t->closeTag('table');
+
+$t->tag('input', array('type'=>'submit',
+                       'value'=>'Save/Update'));
+$t->closeTag('form');
+
+$mm->footer();
+\ No newline at end of file
diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php
new file mode 100644
index 0000000..4d6e4fc
--- /dev/null
+++ b/src/views/pages/users/individual.html.php
@@ -0,0 +1,105 @@
+<?php global $VARS, $CONTACT_METHODS;
+$t = $VARS['template'];
+$user = $VARS['user'];
+
+function inputText($user, $key, $label, $hint='') {
+	global $VARS; $t = $VARS['template'];
+	$current_setting = $user->getConf($key);
+	$t->inputText("user_$key", $label, $hint, $current_setting,
+	              !$user->canEdit());
+}
+
+function inputArray($user, $key, $arr) {
+	global $VARS; $t = $VARS['template'];
+	$defaults = $user->getConfArray($key);
+	
+	foreach ($arr as $value => $label) {
+		$t->inputBool($name, $value, $label,
+		              in_array($value, $defaults), !$user->canEdit());
+	}
+}
+
+
+////////////////////////////////////////////////////////////////////////////////
+
+$t->header("Users: $username");
+
+$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)");
+
+if ($user->canEdit()) {
+	$t->openTag('form', array('method'=>'post',
+	                          'action'=>$t->url("users/$username")));
+} else {
+	$t->openTag('form');
+}
+
+$t->openFieldset("Login / Authentication");
+// Username ////////////////////////////////////////////////////////////////////
+if (isset($VARS['changed name']) && !$VARS['changed_name']) {
+	$t->inputP("Error setting username to ".
+	           "<q>$new_name</q>. This is probably because".
+	           " a user with that name already exists.",
+	           true);
+}
+$t->inputText('auth_name','Username',
+              "This is the name you use to log in, but it is also a ".
+              "short name that is used in various places, think of it ".
+              "as a sort of <q>Twitter name</q>.",
+              $user->getName(), !$user->canEdit());
+// Password ////////////////////////////////////////////////////////////////////
+if (@$VARS['pw_updated']===true) {
+	$t->inputP('Password successfully updated.');
+}
+if (@$VARS['pw mixmatch']===true) {
+	$t->inputP("Passwords don't match.", true);
+}
+if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password');
+////////////////////////////////////////////////////////////////////////////////
+$t->closeFieldset();
+
+$t->openFieldset("Information");
+inputText($user, 'firstname','First Name','');
+inputText($user, 'lastname','Last Name','');
+inputText($user, 'hsclass','Highschool Class of',
+          'Please put the full year (ex: 2012)');
+$t->closeFieldset();
+
+
+$t->openFieldset("Contact");
+// TODO: I should make this a setting for admins to set.
+$hints = array('email'=>
+               "Right now you can only have one email address, ".
+               "but I'm working on making it so you can have ".
+               "multiple.",
+               'phone'=>
+               "A home phone number isn't much use here because it is ".
+               "used to text-message you (if you enable it), and ".
+               "contact you at competition."
+               );
+$use_arr = array();
+foreach ($CONTACT_METHODS as $method) {
+	inputText($user,
+	          $method->addr_slug,
+	          ucwords($method->addr_word),
+	          $hints[$method->addr_slug]);
+	$use_arr[$method->verb_slug] = ucwords($method->verb_word);
+}
+
+$t->inputP("When I recieve a message, notify me using the following methods:");
+inputArray($user, 'use', $use_arr);
+$t->closeFieldSet();
+
+
+$t->openFieldSet('Groups');
+$group_arr = array();
+foreach ($VARS['groups'] as $group_name) {
+	$group_arr[$group_name] = ucwords($group_name);
+}
+inputArray($user, 'groups', $group_arr);
+$t->closeFieldset();
+	
+if ($user->canEdit()) {
+	$t->tag('input', array('type'=>'submit', 'value'=>'Save'));
+}
+$t->closeTag('form');
+$t->footer();
diff --git a/src/views/pages/users/individual.php b/src/views/pages/users/individual.php
new file mode 100644
index 0000000..2483e6b
--- /dev/null
+++ b/src/views/pages/users/individual.php
@@ -0,0 +1,89 @@
+<?php global $mm, $uid;
+// Honestly, the functions in this include should be in this file, but that
+// would make this file too messy.
+require_once(VIEWPATH.'/pages/users/include.php');
+
+$user = $mm->getAuthObj($uid);
+
+if (!$user->canRead()) {
+	include(VIEWPATH.'/pages/users/401.php');
+	exit();
+}
+
+// Read/Change the username
+$username = $user->getName();
+if (isset($_POST['auth_name'])) {
+	$new_name = $_POST['auth_name'];
+	if ($new_name != $username) {
+		global $illegal_names;
+		if (!in_array($new_name, $illegal_names)) {
+			$changed_name = $user->setName($new_name);
+			$username = $user->getName();
+		}
+	}
+}
+
+////////////////////////////////////////////////////////////////////////////////
+
+$t = $mm->template();
+$mm->header("Users: $username");
+
+$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)");
+
+if ($user->canEdit()) {
+	$t->openTag('form', array('method'=>'post',
+	                          'action'=>$mm->baseUrl()."users/$username"));
+} else {
+	$t->openTag('form');
+}
+
+$t->openFieldset("Login / Authentication");
+if (isset($changed_name) && !$changed_name) {
+	$t->inputP("Error setting username to ".
+	           "<q>$new_name</q>. This is probably because".
+	           " a user with that name already exists.",
+	           true);
+}
+
+$t->inputText('auth_name','Username',
+              "This is the name you use to log in, but it is also a ".
+              "short name that is used in various places, think of it ".
+              "as a sort of <q>Twitter name</q>.",
+              $username,!$user->canEdit());
+if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password');
+$t->closeFieldset();
+
+$t->openFieldset("Information");
+inputText($user, 'firstname','First Name','');
+inputText($user, 'lastname','Last Name','');
+inputText($user, 'hsclass','Highschool Class of','Please put the full year (ex: 2012)');
+$t->closeFieldset();
+
+$t->openFieldset("Contact");
+inputText($user, 'email', 'Email',
+          "Right now you can only have one email address, ".
+          "but I'm working on making it so you can have ".
+          "multiple.");
+inputText($user, 'phone', 'Cell Number',
+          "A home phone number isn't much use here because it is ".
+          "used to text-message you (if you enable it), and ".
+          "contact you at competition.");
+$t->inputP("When I recieve a message, notify me using the following methods:");
+inputArray($user, 'use', array('email'=>'Email',
+                               'sms'=>'Text Message'));
+$t->closeFieldSet();
+
+$t->openFieldSet('Groups');
+$groups = $mm->listGroupNames();
+$group_arr = array();
+foreach ($groups as $group_name) {
+	$group_arr[$group_name] = ucwords($group_name);
+}
+inputArray($user, 'groups', $group_arr);
+$t->closeFieldset();
+	
+if ($user->canEdit()) {
+	$t->tag('input', array('type'=>'submit', 'value'=>'Save'));
+}
+$t->closeTag('form');
+$mm->footer();
diff --git a/src/views/pages/users/new.html.php b/src/views/pages/users/new.html.php
new file mode 100644
index 0000000..f2dacb5
--- /dev/null
+++ b/src/views/pages/users/new.html.php
@@ -0,0 +1,37 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->header('Create new user');
+
+$t->openTag('form', array('method'=>'post',
+                          'action'=>$t->url('users')));
+
+$t->openFieldset("New User: basic login");
+if (in_array('illegal name', $VARS['errors'])) {
+	$t->inputP("That is a forbidden username.", true);
+}
+if (in_array('user exists', $VARS['errors'])) {
+	$t->inputP("A user with that name already exists.");
+}
+$t->inputText('auth_name','Username',
+              "This is the name you use to log in, but it is also a ".
+              "short name that is used in various places, think of it ".
+              "as a sort of <q>Twitter name</q>.",'',$VARS['username']);
+
+@$password = $VARS['password1'];
+if ($in_array('pw mixmatch', $VARS['errors'])) {
+	$t->inputP("The passwords didn't match.", true);
+	$password = '';
+}
+if (in_array('no pw', $VARS['errors'])) {
+	$t->inputP("You must set a password.", true);
+	$password = '';
+}
+$t->inputNewPassword('auth_password','Password', $password);
+$t->closeFieldset();
+
+$t->tag('input', array('type'=>'submit', 'value'=>'Submit'));
+
+$t->closeTag('form');
+
+$t->footer();
author	Luke Shumaker <LukeShu@sbcglobal.net>	2011-08-01 01:22:36 -0400
committer	Luke Shumaker <LukeShu@sbcglobal.net>	2011-08-01 01:22:36 -0400
commit	09dfe32eb6b538225686fd6ed0220240010bc574 (patch)
tree	29c1afc5e79519ba8689a3d5d170c312d3cf5033 /src/views/pages/users