summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLuke Shumaker <LukeShu@sbcglobal.net>2011-09-04 21:13:47 -0400
committerLuke Shumaker <LukeShu@sbcglobal.net>2011-09-04 21:13:47 -0400
commitad4a7ff9159c2c64cea98d7189f46fa7d6174fc2 (patch)
tree508f971f1dbc6c6f01207426c675542b55e0333e /src
parentf3b3ea69fb46e45bf3598aa7a6bcf62aa80e4703 (diff)
Screw it, I'm tired of trying to break this into individual commits
Diffstat (limited to 'src')
-rw-r--r--src/controllers/Groups.class.php11
-rw-r--r--src/controllers/Main.class.php9
-rw-r--r--src/controllers/Messages.class.php100
-rw-r--r--src/controllers/NewMessage.class.php37
-rw-r--r--src/controllers/Plugins.class.php19
-rw-r--r--src/controllers/Users.class.php54
-rw-r--r--src/lib/Auth.class.php5
-rw-r--r--src/lib/Database.class.php396
-rw-r--r--src/lib/Login.class.php31
-rw-r--r--src/lib/MessageHandler.class.php10
-rw-r--r--src/lib/MessageManager.class.php471
-rw-r--r--src/plugins/InformationPlugin.class.php25
-rw-r--r--src/plugins/SenderGVSMS.class.php4
-rw-r--r--src/plugins/SenderIdentica.class.php4
-rw-r--r--src/views/pages/auth.php65
-rw-r--r--src/views/pages/auth/login.php63
-rw-r--r--src/views/pages/groups.php41
-rw-r--r--src/views/pages/groups/401.html.php15
-rw-r--r--src/views/pages/index.html.php8
-rw-r--r--src/views/pages/index.php7
-rw-r--r--src/views/pages/messages.php222
-rw-r--r--src/views/pages/messages/401.html.php15
-rw-r--r--src/views/pages/messages/frame.html.php57
-rw-r--r--src/views/pages/messages/index.html.php25
-rw-r--r--src/views/pages/plugins/401.html.php9
-rw-r--r--src/views/pages/plugins/index.html.php5
-rw-r--r--src/views/pages/users.php44
-rw-r--r--src/views/pages/users/include.php60
-rw-r--r--src/views/pages/users/index.csv.php4
-rw-r--r--src/views/pages/users/index.html.php4
-rw-r--r--src/views/pages/users/index.php116
-rw-r--r--src/views/pages/users/individual.html.php38
-rw-r--r--src/views/pages/users/individual.php89
33 files changed, 898 insertions, 1165 deletions
diff --git a/src/controllers/Groups.class.php b/src/controllers/Groups.class.php
new file mode 100644
index 0000000..9d99d99
--- /dev/null
+++ b/src/controllers/Groups.class.php
@@ -0,0 +1,11 @@
+<?php
+
+Router::register('groups/new' , 'Groups', 'new_group');
+Router::register('groups/index', 'Groups', 'index_file');
+Router::register('groups' , 'Groups', 'index_dir');
+Router::register('groups/*' , 'Groups', 'individual');
+
+class Groups extends Controller {
+ public static $illegal_names = array('', 'new', 'index');
+ // TODO
+}
diff --git a/src/controllers/Main.class.php b/src/controllers/Main.class.php
new file mode 100644
index 0000000..7651b62
--- /dev/null
+++ b/src/controllers/Main.class.php
@@ -0,0 +1,9 @@
+<?php
+
+Router::register('index', 'Main', 'index');
+
+class Main extends Controller {
+ public function index($routed, $remainder) {
+ $this->showView('index');
+ }
+}
diff --git a/src/controllers/Messages.class.php b/src/controllers/Messages.class.php
new file mode 100644
index 0000000..86403ae
--- /dev/null
+++ b/src/controllers/Messages.class.php
@@ -0,0 +1,100 @@
+<?php
+
+Router::register('messages', 'Messages', 'index');
+Router::register('messages/index', 'Messages', 'index');
+Router::register('messages/*', 'Messages', 'message');
+
+class Messages extends Controller {
+ public static $msgdir;
+
+ public function __construct() {
+ require_once('MimeMailParser.class.php');
+ $this->msgdir = BASEPATH.'/msg';
+ }
+
+ public function index($routed, $remainder) {
+ $parser = new MimeMailParser();
+ $messages = array();
+ $dh = opendir($this->msgdir);
+ while (($file = readdir($dh)) !== false) {
+ $path = $this->msgdir."/$file";
+ if (is_file($path)) {
+ $parser->setPath($path);
+
+ $date_string = $parser->getHeader('date');
+ $date = strtotime($date_string);
+ if (!isset($messages[$date])) {
+ $messages[$date] = array();
+ }
+ $messages[$date][] =
+ array('id'=>$file,
+ 'subject'=>$parser->getHeader('subject'),
+ 'from'=>$parser->getHeader('from'));
+ }
+ }
+ closedir($dh);
+
+ $this->showView('messages/index', array('messages' => $messages));
+ exit();
+ }
+
+ public function message($routed, $remainder) {
+ global $mm;
+ $uid = $mm->isLoggedIn();
+ if ($uid===false || !$mm->getAuthObj($uid)->isUser()) {
+ $this->http401($routed, $remainder);
+ return;
+ }
+
+ $msg_id = $remainder[0];// We can trust the router that this is set
+ $msg_file = $this->msgdir."/$msg_id";
+ if (!is_file($msg_file)) {
+ $this->http404($routed, $remainder);
+ return;
+ }
+
+ @$part = $remainder[1];
+ @$subpart = $remainder[2];
+ $parser = new MimeMailParser();
+ $parser->setPath($msg_file);
+
+ switch ($part) {
+ case '':
+ $this->showView('messages/frame',
+ array('msg_id'=>$msg_id,
+ 'parser'=>$parser,
+ 'msgdir'=>$this->msgdir,
+ ));
+ break;
+ case 'body':
+ require_once('Mime.class.php');
+ header('Content-type: '.Mime::ext2mime(PAGE_EXT));
+ $map = array('html'=>'html',
+ 'txt' =>'text');
+ echo $parser->getMessageBody($map[PAGE_EXT]);
+ break;
+ case 'attachment':
+ $attachment_id = $subpart;
+ $attachments = $parser->getAttachments();
+ $attachment = $attachments[$attachment_id];
+
+ $type = $attachment->getContentType();
+ $filename = $attachment->getFilename();
+
+ header('Content-Type: '.$type);
+ header('Content-Disposition: attachment; filename='.$filename );
+ while($bytes = $attachment->read()) {
+ echo $bytes;
+ }
+ break;
+ default:
+ array_push($routed, array_shift($remainder));
+ $this->http404($routed, $remainder);
+ }
+ }
+
+ public function http401($routed, $remainder) {
+ global $mm;
+ $this->showView('messages/401', array('uid'=>$mm->isLoggedIn()));
+ }
+} \ No newline at end of file
diff --git a/src/controllers/NewMessage.class.php b/src/controllers/NewMessage.class.php
new file mode 100644
index 0000000..e778385
--- /dev/null
+++ b/src/controllers/NewMessage.class.php
@@ -0,0 +1,37 @@
+<?php
+ /*
+class NewMessage extends Controller {
+$cmdline = isset($argv[0]); // called from the command line
+@$method = $_SERVER['REQUEST_METHOD']; // What HTTP method was used
+if ( ($method=='PUT') || ($method=='POST') || $cmdline ) {
+ // We're going to be uploading a new message.
+
+ // so uniqid isn't 'secure', it doesn't need to be, it's to prevent
+ // random collisions.
+ $tmpfile = "$BASE/tmp/".uniqid(getmypid().'.');
+ $infile = ($cmdline?'php://stdin':'php://input');
+ $out = fopen($tmpfile, "w");
+ $in = fopen($infile, "r");
+ while ($data = fread($in, 1024))
+ fwrite($out, $data);
+ fclose($out);
+ fclose($in);
+ //apache_request_headers()
+ require_once('MimeMailParser.class.php');
+ $parser = new MimeMailParser();
+ $parser->setPath($tmpfile);
+ $id = preg_replace('/<(.*)>/', '$1',
+ $parser->getHeader('message-id'));
+ $id = str_replace('/', '', $id); // for security reasons
+ $msg_file = "$BASE/msg/$id";
+ rename($tmpfile, $msg_file);
+
+ if (!$cmdline) {
+ $m->status('201 Created');
+ header("Location: ".$m->baseUrl().'messages/'.$id);
+ }
+ exit();
+}
+
+}
+ */ \ No newline at end of file
diff --git a/src/controllers/Plugins.class.php b/src/controllers/Plugins.class.php
new file mode 100644
index 0000000..597cd19
--- /dev/null
+++ b/src/controllers/Plugins.class.php
@@ -0,0 +1,19 @@
+<?php
+
+Router::register('plugins', 'Plugins');
+
+class Plugins extends Controller {
+ public function index($routed, $remainder) {
+ global $mm;
+ $uid = $mm->isLoggedIn();
+ if ($uid===false || !$m->getAuthObj($uid)->isAdim()) {
+ $this->http401($routed, $remainder);
+ return;
+ }
+ // TODO
+ }
+
+ public function http401($routed, $remainder) {
+ $this->showView('plugins/401');
+ }
+}
diff --git a/src/controllers/Users.class.php b/src/controllers/Users.class.php
index 617c57a..9781ab0 100644
--- a/src/controllers/Users.class.php
+++ b/src/controllers/Users.class.php
@@ -84,8 +84,14 @@ class Users extends Controller {
}
break;
}
+
+ $config_options = array();
+ $mm->pluginManager()->callHook('userConfig', &$config_options);
+
+ $vars['config_options'] = $config_options;
$vars['user'] = $user;
$vars['groups'] = $mm->listGroupNames();
+ require_once('ContactMethod.class.php');
$this->showView('users/individual', $vars);
}
}
@@ -179,10 +185,20 @@ class Users extends Controller {
}
// Change information //////////////////////////////////////////
+ global $mm;
+ $config_options = array();
+ $mm->pluginManager()->callHook('userConfig', &$config_options);
+
+ foreach ($config_options as $group=>$options) {
+ foreach ($options as $option) {
+ $this->confText($user, $option[0]);
+ }
+ }
+ /*
$this->confText($user, 'firstname');
$this->confText($user, 'lastname');
$this->confText($user, 'hsclass');
-
+ */
// Change contact info /////////////////////////////////////////
global $CONTACT_METHODS;
foreach ($CONTACT_METHODS as $method) {
@@ -213,7 +229,15 @@ class Users extends Controller {
* This will parse POST (really, PUT) data to update multiple users.
*/
private function update_users() {
- // TODO
+ $attribs = $this->getIndexAttribs();
+ foreach ($attribs as $attrib) {
+ $key = $attrib['key'];
+ if (isset($_POST[$key]) && is_array($_POST[$key])) {
+ foreach ($_POST[$key] as $uid => $value) {
+ $this->setConf($uid, $key, $value);
+ }
+ }
+ }
}
/**
@@ -264,8 +288,9 @@ class Users extends Controller {
$editable = $editable && $logged_in_user->isAdmin();
$value = $user->isAdmin();
break;
- default:
+ default:
$value = $user->getConf($key);
+ if ($value===false) $value='';
break;
}
@@ -273,6 +298,27 @@ class Users extends Controller {
'post_key'=>$post_key,
'editable'=>$editable);
}
+ private function setConf($uid, $key, $value) {
+ // So, this rocks because we don't have to check permissions,
+ // the User object does that.
+ global $mm;
+ $user = $mm->getAuthObj($uid);
+
+ switch ($key) {
+ case 'auth_name':
+ $user->setName($value);
+ break;
+ case 'auth_user':
+ $user->setUser($value=='true');
+ break;
+ case 'auth_admin':
+ $user->setAdmin($value=='true');
+ break;
+ default:
+ $user->setConf($key, $value);
+ break;
+ }
+ }
function attrib($key, $name) {
return array('key'=>$key, 'name'=>$name);
@@ -286,6 +332,6 @@ class Users extends Controller {
$this->attrib('email','Email'),
$this->attrib('auth_name', 'Username'),
);
- return $attrib;
+ return $attribs;
}
}
diff --git a/src/lib/Auth.class.php b/src/lib/Auth.class.php
index 4c2a9c6..e49ebf7 100644
--- a/src/lib/Auth.class.php
+++ b/src/lib/Auth.class.php
@@ -26,6 +26,11 @@ class Auth {
return $type;
}
protected function setType($type) {
+ $logged_in_uid = $this->mm->isLoggedIn();
+ $logged_in_obj = $this->mm->getAuthObj($logged_in_uid);
+ $is_admin = $logged_in_obj->isAdmin();
+ if (!$is_admin) return false;
+
return $this->mm->setStatus($this->uid, $type);
}
public function isUser() {
diff --git a/src/lib/Database.class.php b/src/lib/Database.class.php
new file mode 100644
index 0000000..03c227f
--- /dev/null
+++ b/src/lib/Database.class.php
@@ -0,0 +1,396 @@
+<?php
+
+class Database {
+ private $conf;
+ private $mysql;
+ private $db_prefix;
+
+ public function __construct($conf_file) {
+ $this->conf = $conf_file;
+ }
+
+ // Low-Level SQL functions /////////////////////////////////////////////
+
+ private function mysql() {
+ if (!isset($this->mysql)) {
+ $this->mysql_init();
+ }
+ return $this->mysql;
+ }
+ private function mysql_init() {
+ global $db_config;
+ require($this->conf);
+ $this->mysql = mysql_connect($db_config['host'],
+ $db_config['user'],
+ $db_config['password']);
+ mysql_set_charset($db_config['charset'], $this->mysql);
+ mysql_select_db($db_config['name'], $this->mysql);
+ $this->db_prefix = $db_config['prefix'];
+ unset($db_config);
+ }
+ private function mysql_table($table_name) {
+ $mysql = $this->mysql();
+ $prefix = $this->db_prefix;
+ return $prefix.mysql_real_escape_string($table_name, $mysql);
+ }
+ private function mysql_escape($string) {
+ $mysql = $this->mysql();
+ return mysql_real_escape_string($string, $mysql);
+ }
+ private function mysql_query($query) {
+ $mysql = $this->mysql();
+ return mysql_query($query, $mysql);
+ }
+ public function mysql_error() {
+ $mysql = $this->mysql();
+ return mysql_error($mysql);
+ }
+
+ // High-Level SQL functions ////////////////////////////////////////////
+
+ // The 'auth' table
+
+ public function getUID($username) {
+ $t = $this->mysql_table('auth');
+ $v = $this->mysql_escape($username);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE name='$v' ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['uid'])) {
+ return (int)$user['uid'];
+ } else {
+ return false;
+ }
+ }
+ public function getUsername($uid) {
+ if (!is_int($uid)) return false;
+ $t = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['name'])) {
+ return $user['name'];
+ } else {
+ return false;
+ }
+ }
+ public function setUsername($uid, $username) {
+ if (!is_int($uid)) return false;
+ if ($this->getUID($username) !== false) {
+ return false;
+ }
+ $table = $this->mysql_table('auth');
+ $name = $this->mysql_escape($username);
+ $query =
+ "UPDATE $table \n".
+ "SET name='$name' \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function getPasswordHash($uid) {
+ if (!is_int($uid)) return false;
+
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $table \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['hash'])) {
+ return $user['hash'];
+ } else {
+ return false;
+ }
+ }
+ public function setPassword($uid, $password) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+
+ $hasher = $this->hasher();
+ @$hash = $hasher->HashPassword($password);
+ $query =
+ "UPDATE $table \n".
+ "SET hash='$hash' \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function addUser($username, $password) {
+ $user_exits = $this->getUID($username);
+ if ($user_exists) {
+ return false;
+ }
+
+ $table = $this->mysql_table('auth');
+ $user = $this->mysql_escape($username);
+ $hasher = $this->hasher();
+ @$hash = $hasher->HashPassword($password);
+ $status = 0;
+ $query =
+ "INSERT INTO $table ( name, hash , status) \n".
+ "VALUES ('$user', '$hash', $status) ;";
+ $this->mysql_query($query);
+ $uid = $this->getUID($username);
+ return $uid;
+ }
+ public function getStatus($uid) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT * \n".
+ "FROM $table \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['status'])) {
+ return (int)$user['status'];
+ } else {
+ return false;
+ }
+ }
+ public function setStatus($uid, $status) {
+ if (!is_int($uid)) return false;
+ $table = $this->mysql_table('auth');
+ $s = $this->mysql_escape($status);
+ $query =
+ "UPDATE $table * \n".
+ "SET status=$s \n".
+ "WHERE uid=$uid ;";
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function countUsers() {
+ $table = $this->mysql_table('auth');
+ $query = "SELECT COUNT(*) FROM $table;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ $count = $row[0];
+ return $count;
+ }
+ public function listGroups() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE status=3 ;";
+ $q = $this->mysql_query($query);
+ $groups = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $groups[] = (int)$row[0];
+ }
+ return $groups;
+ }
+ public function listGroupNames() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT name \n".
+ "FROM $table \n".
+ "WHERE status=3 ;";
+ $q = $this->mysql_query($query);
+ $groups = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $groups[] = $row[0].'';
+ }
+ return $groups;
+ }
+ public function listUsers() {
+ $table = $this->mysql_table('auth');
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE status < 3 ;";
+ $q = $this->mysql_query($query);
+ $users = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $users[] = (int)$row[0];
+ }
+ return $users;
+ }
+
+ // The 'users' table
+
+ public function findUser($setting, $value) {
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $v = $this->mysql_escape($value);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k = '$k' \n".
+ "AND UPPER(v)=UPPER('$v') ;";
+ $q = $this->mysql_query($query);
+ $user = mysql_fetch_array($q);
+ if (isset($user['uid'])) {
+ return $user['uid'];
+ } else {
+ return false;
+ }
+ }
+ public function getUserConf($uid, $setting) {
+ if (!is_int($uid)) return false;
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' \n".
+ "AND uid=$uid ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setUserConf($uid, $setting, $value) {
+ if (!is_int($uid)) return false;
+ $isset = ($this->getUserConf($uid, $setting) !== false);
+ $t = $this->mysql_table('users');
+ $k = $this->mysql_escape($setting);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' \n".
+ "AND uid = $uid ;";
+ } else {
+ $query =
+ "INSERT INTO $t ( uid, k , v ) \n".
+ "VALUES ($uid, '$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+ public function getUsersInGroup($groupname) {
+ $table = $this->mysql_table('users');
+ $group = $this->mysql_escape($groupname);
+ $query =
+ "SELECT uid \n".
+ "FROM $table \n".
+ "WHERE k='groups' \n".
+ "AND v LIKE '%,$group,%' ;";
+ $q = $this->mysql_query($query);
+ $users = array();
+ while (($row = mysql_fetch_array($q)) !==false) {
+ $users[] = $row[0];
+ }
+ return $users;
+ }
+
+ // The 'plugins' table
+
+ public function getPluginConf($plugin, $key) {
+ $t = $this->mysql_table('plugins');
+ $p = $this->mysql_escape($plugin);
+ $k = $this->mysql_escape($key);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' \n".
+ "AND plugin='$p' ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setPluginConf($plugin, $key, $value) {
+ $isset = ($this->getPluginConf($plugin, $key) !== false);
+ $t = $this->mysql_table('plugins');
+ $p = $this->mysql_escape($plugin);
+ $k = $this->mysql_escape($key);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' \n".
+ "AND plugin = '$p' ;";
+ } else {
+ $query =
+ "INSERT INTO $t (plugin, k , v ) \n".
+ "VALUES ('$p' , '$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+
+ // The 'conf' table
+
+ public function getSysConf($key) {
+ $t = $this->mysql_table('conf');
+ $k = $this->mysql_escape($key);
+ $query =
+ "SELECT * \n".
+ "FROM $t \n".
+ "WHERE k='$k' ;";
+ $q = $this->mysql_query($query);
+ $row = mysql_fetch_array($q);
+ if (isset($row['v'])) {
+ return $row['v'];
+ } else {
+ return false;
+ }
+ }
+ public function setSysConf($key, $value) {
+ $isset = (getSysConf($key) !== false);
+ $t = $this->mysql_table('conf');
+ $k = $this->mysql_escape($key);
+ $v = $this->mysql_escape($value);
+ if ($isset) {
+ $query =
+ "UPDATE $t \n".
+ "SET v = '$v' \n".
+ "WHERE k = '$k' ;";
+ } else {
+ $query =
+ "INSERT INTO $t ( k , v ) \n".
+ "VALUES ('$k', '$v') ;";
+ }
+ $q = $this->mysql_query($query);
+ return ($q?true:false);
+ }
+
+ /**
+ * Strip out empty group names and duplicates, sort.
+ */
+ private static function sanitizeArray($in) {
+ $out = array();
+ foreach ($in as $item) {
+ if (($item !== '')&&(!in_array($item, $out))) {
+ $out[] = $item;
+ }
+ }
+ natsort($out);
+ return $out;
+ }
+ /**
+ * Translate an array into a value suitable to be stored into a
+ * key-value store in the database.
+ */
+ public static function arrayToValue($list) {
+ $out_list = $this->sanitizeArray($list);
+ return ','.implode(',', $out_list).',';
+ }
+ /**
+ * Translate a value from arrayToValue() back into an array.
+ */
+ public static function valueToArray($value) {
+ $raw_list = explode(',', $value);
+ $out_list = $this->sanitizeArray($raw_list);
+ return $out_list;
+ }
+
+} \ No newline at end of file
diff --git a/src/lib/Login.class.php b/src/lib/Login.class.php
new file mode 100644
index 0000000..26d11dd
--- /dev/null
+++ b/src/lib/Login.class.php
@@ -0,0 +1,31 @@
+<?php
+
+class Login {
+ public static function login($username, $password) {
+ global $mm;
+ $uid = $mm->database()->getUID($username);
+ if ($uid===false) {
+ // user does not exist
+ return 2;
+ }
+ $hash = $mm->database()->getPasswordHash($uid);
+ if ($mm->hasher()->CheckPassword($password, $hash)) {
+ // success
+ $_SESSION['uid'] = $uid;
+ return 0;
+ } else {
+ // wrong password
+ return 1;
+ }
+ }
+ public static function isLoggedIn() {
+ if ( isset($_SESSION['uid']) && ($_SESSION['uid']!='') ) {
+ return $_SESSION['uid'];
+ } else {
+ return false;
+ }
+ }
+ public static function logout() {
+ $_SESSION['uid'] = '';
+ }
+}
diff --git a/src/lib/MessageHandler.class.php b/src/lib/MessageHandler.class.php
index 2dce491..1fa9faf 100644
--- a/src/lib/MessageHandler.class.php
+++ b/src/lib/MessageHandler.class.php
@@ -1,11 +1,5 @@
<?php
-
-require_once('send/SenderGVSMS.class.php');
-require_once('send/SenderIdentica.class.php');
-
-set_include_path(get_include_path().PATH_SEPARATOR."$BASE/src/plugins");
-
class MessageHandler {
public function __constructor() {
@@ -28,7 +22,7 @@ class MessageHandler {
$value = (int)$value;
break;
}
- configSet($param, $value);
+ $obj->configSet($param, $value);
}
}
return $obj;
@@ -38,7 +32,7 @@ class MessageHandler {
$private_senders = array();
$broadcast_senders = array();
-
+
$plugin_list = $m->getSysConf('plugins');
$plugins = explode(',', $plugin_list);
foreach ($plugins as $plugin) {
diff --git a/src/lib/MessageManager.class.php b/src/lib/MessageManager.class.php
index 1302f8b..645643e 100644
--- a/src/lib/MessageManager.class.php
+++ b/src/lib/MessageManager.class.php
@@ -2,376 +2,41 @@
class MessageManager {
private $conf;
- private $mysql;
- private $db_prefix;
- private $pw_hasher;
- private $template;
- private $pluginManager;
private $base;
- private $users = array();
-
- // Low-Level SQL functions /////////////////////////////////////////////
-
- private function mysql() {
- if (!isset($this->mysql)) {
- $this->mysql_init();
- }
- return $this->mysql;
- }
- private function mysql_init() {
- global $db_config;
- require($this->conf);
- $this->mysql = mysql_connect($db_config['host'],
- $db_config['user'],
- $db_config['password']);
- mysql_set_charset($db_config['charset'], $this->mysql);
- mysql_select_db($db_config['name'], $this->mysql);
- $this->db_prefix = $db_config['prefix'];
- unset($db_config);
- }
- private function mysql_table($table_name) {
- $mysql = $this->mysql();
- $prefix = $this->db_prefix;
- return $prefix.mysql_real_escape_string($table_name, $mysql);
- }
- private function mysql_escape($string) {
- $mysql = $this->mysql();
- return mysql_real_escape_string($string, $mysql);
- }
- private function mysql_query($query) {
- $mysql = $this->mysql();
- return mysql_query($query, $mysql);
- }
- public function mysql_error() {
- $mysql = $this->mysql();
- return mysql_error($mysql);
- }
- // High-Level SQL functions ////////////////////////////////////////////
+ private $users = array();
- // The 'auth' table
+ private $database;
+ private $pw_hasher;
+ private $template;
+ private $pluginManager;
- public function getUID($username) {
- $t = $this->mysql_table('auth');
- $v = $this->mysql_escape($username);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE name='$v' ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['uid'])) {
- return (int)$user['uid'];
- } else {
- return false;
- }
- }
- public function getUsername($uid) {
- if (!is_int($uid)) return false;
- $t = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['name'])) {
- return $user['name'];
- } else {
- return false;
- }
- }
- public function setUsername($uid, $username) {
- if (!is_int($uid)) return false;
- if ($this->getUID($username) !== false) {
- return false;
+ public function __construct($conf_file) {
+ $this->conf = $conf_file;
+ if (!file_exists($this->conf)) {
+ $this->base = $_SERVER['REQUEST_URI'];
+ $t = $this->template();
+ $t->header('Message Manager');
+ $t->paragraph(
+ 'Awe shiz, dude, conf.php doesn\'t exist, you '.
+ 'need to go through the '.
+ '<a href="installer">installer</a>.');
+ $t->footer();
+ exit();
}
- $table = $this->mysql_table('auth');
- $name = $this->mysql_escape($username);
- $query =
- "UPDATE $table \n".
- "SET name='$name' \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
+ session_start();
}
- public function getPasswordHash($uid) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $table \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['hash'])) {
- return $user['hash'];
- } else {
- return false;
- }
- }
- public function setPassword($uid, $password) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
-
- $hasher = $this->hasher();
- @$hash = $hasher->HashPassword($password);
- $query =
- "UPDATE $table \n".
- "SET hash='$hash' \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function addUser($username, $password) {
- $user_exits = $this->getUID($username);
- if ($user_exists) {
- return false;
- }
-
- $table = $this->mysql_table('auth');
- $user = $this->mysql_escape($username);
- $hasher = $this->hasher();
- @$hash = $hasher->HashPassword($password);
- $status = 0;
- $query =
- "INSERT INTO $table ( name, hash , status) \n".
- "VALUES ('$user', '$hash', $status) ;";
- $this->mysql_query($query);
- $uid = $this->getUID($username);
- return $uid;
- }
- public function getStatus($uid) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $query =
- "SELECT * \n".
- "FROM $table \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['status'])) {
- return (int)$user['status'];
- } else {
- return false;
- }
- }
- public function setStatus($uid, $status) {
- if (!is_int($uid)) return false;
- $table = $this->mysql_table('auth');
- $s = $this->mysql_escape($status);
- $query =
- "UPDATE $table * \n".
- "SET status=$s \n".
- "WHERE uid=$uid ;";
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function countUsers() {
- $table = $this->mysql_table('auth');
- $query = "SELECT COUNT(*) FROM $table;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- $count = $row[0];
- return $count;
- }
- public function listGroups() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE status=3 ;";
- $q = $this->mysql_query($query);
- $groups = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $groups[] = (int)$row[0];
- }
- return $groups;
- }
- public function listGroupNames() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT name \n".
- "FROM $table \n".
- "WHERE status=3 ;";
- $q = $this->mysql_query($query);
- $groups = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $groups[] = $row[0].'';
- }
- return $groups;
- }
- public function listUsers() {
- $table = $this->mysql_table('auth');
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE status < 3 ;";
- $q = $this->mysql_query($query);
- $users = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $users[] = (int)$row[0];
- }
- return $users;
- }
-
- // The 'users' table
-
- public function findUser($setting, $value) {
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $v = $this->mysql_escape($value);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k = '$k' \n".
- "AND UPPER(v)=UPPER('$v') ;";
- $q = $this->mysql_query($query);
- $user = mysql_fetch_array($q);
- if (isset($user['uid'])) {
- return $user['uid'];
- } else {
- return false;
- }
- }
- public function getUserConf($uid, $setting) {
- if (!is_int($uid)) return false;
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' \n".
- "AND uid=$uid ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setUserConf($uid, $setting, $value) {
- if (!is_int($uid)) return false;
- $isset = ($this->getUserConf($uid, $setting) !== false);
- $t = $this->mysql_table('users');
- $k = $this->mysql_escape($setting);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' \n".
- "AND uid = $uid ;";
- } else {
- $query =
- "INSERT INTO $t ( uid, k , v ) \n".
- "VALUES ($uid, '$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
- public function getUsersInGroup($groupname) {
- $table = $this->mysql_table('users');
- $group = $this->mysql_escape($groupname);
- $query =
- "SELECT uid \n".
- "FROM $table \n".
- "WHERE k='groups' \n".
- "AND v LIKE '%,$group,%' ;";
- $q = $this->mysql_query($query);
- $users = array();
- while (($row = mysql_fetch_array($q)) !==false) {
- $users[] = $row[0];
- }
- return $users;
- }
-
- // The 'plugins' table
-
- public function getPluginConf($plugin, $key) {
- $t = $this->mysql_table('plugins');
- $p = $this->mysql_escape($plugin);
- $k = $this->mysql_escape($key);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' \n".
- "AND plugin='$p' ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setPluginConf($plugin, $key, $value) {
- $isset = ($this->getPluginConf($plugin, $key) !== false);
- $t = $this->mysql_table('plugins');
- $p = $this->mysql_escape($plugin);
- $k = $this->mysql_escape($key);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' \n".
- "AND plugin = '$p' ;";
- } else {
- $query =
- "INSERT INTO $t (plugin, k , v ) \n".
- "VALUES ('$p' , '$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
-
- // The 'conf' table
-
- public function getSysConf($key) {
- $t = $this->mysql_table('conf');
- $k = $this->mysql_escape($key);
- $query =
- "SELECT * \n".
- "FROM $t \n".
- "WHERE k='$k' ;";
- $q = $this->mysql_query($query);
- $row = mysql_fetch_array($q);
- if (isset($row['v'])) {
- return $row['v'];
- } else {
- return false;
- }
- }
- public function setSysConf($key, $value) {
- $isset = (getSysConf($key) !== false);
- $t = $this->mysql_table('conf');
- $k = $this->mysql_escape($key);
- $v = $this->mysql_escape($value);
- if ($isset) {
- $query =
- "UPDATE $t \n".
- "SET v = '$v' \n".
- "WHERE k = '$k' ;";
- } else {
- $query =
- "INSERT INTO $t ( k , v ) \n".
- "VALUES ('$k', '$v') ;";
- }
- $q = $this->mysql_query($query);
- return ($q?true:false);
- }
+ // Load Things
- // If the remaining code has to deal with SQL, you're doing it wrong. //
-
- public function baseUrl() {
- if (!isset($this->base)) {
- $this->base = $this->getSysConf('baseurl');
+ public function database() {
+ if (!isset($this->database)) {
+ require_once('Database.class.php');
+ $this->database = new Database($this->conf);
}
- return $this->base;
+ return $this->database;
}
+
public function hasher() {
if (!isset($this->pw_hasher)) {
require_once('PasswordHash.class.php');
@@ -387,7 +52,7 @@ class MessageManager {
}
return $this->template;
}
-
+
public function pluginManager() {
if (!isset($this->pluginManager)) {
require_once('PluginManager.class.php');
@@ -395,35 +60,9 @@ class MessageManager {
}
return $this->pluginManager;
}
-
- public function login($username, $password) {
- $uid = $this->getUID($username);
- if ($uid===false) {
- // user does not exist
- return 2;
- }
- $hash = $this->getPasswordHash($uid);
- $hasher = $this->hasher();
- if ($hasher->CheckPassword($password, $hash)) {
- // success
- $_SESSION['uid'] = $uid;
- return 0;
- } else {
- // wrong password
- return 1;
- }
- }
- public function isLoggedIn() {
- if ( isset($_SESSION['uid']) && ($_SESSION['uid']!='') ) {
- return $_SESSION['uid'];
- } else {
- return false;
- }
- }
- public function logout() {
- $_SESSION['uid'] = '';
- }
-
+
+ // Utility functions
+
public function shortUrl($longUrl) {
$ch = curl_init('http://ur1.ca');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@@ -436,26 +75,17 @@ class MessageManager {
curl_close($ch);
return $shortUrl;
}
-
- public function __construct($conf_file) {
- $this->conf = $conf_file;
- if (!file_exists($this->conf)) {
- $this->base = $_SERVER['REQUEST_URI'];
- $t = $this->template();
- $t->header('Message Manager');
- $t->paragraph(
- 'Awe shiz, dude, conf.php doesn\'t exist, you '.
- 'need to go through the '.
- '<a href="installer">installer</a>.');
- $t->footer();
- exit();
+
+ public function baseUrl() {
+ if (!isset($this->base)) {
+ $this->base = $this->database()->getSysConf('baseurl');
}
- session_start();
+ return $this->base;
}
-
+
public function getAuthObj($uid) {
if (!isset($this->users[$uid])) {
- $is_group = ($this->getStatus($uid)===3);
+ $is_group = ($this->database()->getStatus($uid)===3);
if ($is_group) {
require_once('Group.class.php');
$this->users[$uid] = new Group($uid);
@@ -466,33 +96,4 @@ class MessageManager {
}
return $this->users[$uid];
}
- /**
- * Strip out empty group names and duplicates, sort.
- */
- private function sanitizeArray($in) {
- $out = array();
- foreach ($in as $item) {
- if (($item !== '')&&(!in_array($item, $out))) {
- $out[] = $item;
- }
- }
- natsort($out);
- return $out;
- }
- /**
- * Translate an array into a value suitable to be stored into a
- * key-value store in the database.
- */
- public function arrayToValue($list) {
- $out_list = $this->sanitizeArray($list);
- return ','.implode(',', $out_list).',';
- }
- /**
- * Translate a value from arrayToValue() back into an array.
- */
- public function valueToArray($value) {
- $raw_list = explode(',', $value);
- $out_list = $this->sanitizeArray($raw_list);
- return $out_list;
- }
}
diff --git a/src/plugins/InformationPlugin.class.php b/src/plugins/InformationPlugin.class.php
new file mode 100644
index 0000000..6a37370
--- /dev/null
+++ b/src/plugins/InformationPlugin.class.php
@@ -0,0 +1,25 @@
+<?php
+
+require_once('Plugin.class.php');
+
+class InformationPlugin extends Plugin {
+ public static function configList() { return array(); }
+ public function init() {}
+ public static function description() {
+ return "Get information about the user.";
+ }
+ public function userConfig(&$arr) {
+ $group = 'Information';
+ $this->addConfigGroup($arr, $group);
+ $arr[$group][] = array('firstname','First Name','text');
+ $arr[$group][] = array('lastname','Last Name','text');
+ $arr[$group][] = array('school','Home School','text');
+ $arr[$group][] = array('hsclass','Highschool Class of','text');
+
+ $group = 'Application-Resume-Things';
+ $this->addConfigGroup($arr, $group);
+ $arr[$group][] = array('why_team',
+ 'Why you want to be on the team',
+ 'textarea');
+ }
+}
diff --git a/src/plugins/SenderGVSMS.class.php b/src/plugins/SenderGVSMS.class.php
index 777586c..90f9e69 100644
--- a/src/plugins/SenderGVSMS.class.php
+++ b/src/plugins/SenderGVSMS.class.php
@@ -5,8 +5,8 @@ require_once('GoogleVoice.class.php');
class SenderGVSMS extends SenderPrivate {
protected $config = array('username'=>'',
- 'password'=>'',
- 'length'=>160);
+ 'password'=>'',
+ 'length'=>160);
private $obj;
public static function description() {
diff --git a/src/plugins/SenderIdentica.class.php b/src/plugins/SenderIdentica.class.php
index 4bb20c9..ac62dc3 100644
--- a/src/plugins/SenderIdentica.class.php
+++ b/src/plugins/SenderIdentica.class.php
@@ -5,8 +5,8 @@ require_once('Identica.class.php');
class SenderIdentica extends SenderBroadcast {
protected $config = array('username'=>'',
- 'password'=>'',
- 'length'=>140);
+ 'password'=>'',
+ 'length'=>140);
private $obj;
public static function description() {
diff --git a/src/views/pages/auth.php b/src/views/pages/auth.php
deleted file mode 100644
index 2132d67..0000000
--- a/src/views/pages/auth.php
+++ /dev/null
@@ -1,65 +0,0 @@
-<?php global $mm;
-/**
- * This is the view for the main login page.
- */
-
-// TODO: We should probably check to make sure PAGE is just 'auth' or
-// 'auth/', and not something like 'auth/foobar', for which we should
-// throw a 404.
-
-@$action = $_POST['action'];
-switch ($action) {
-case 'login': login(); break;
-case 'logout': logout(); break;
-case '': maybe_login(); break;
-default: badrequest(); break;
-}
-
-function maybe_login() {
- global $mm;
- $uid = $mm->isLoggedIn();
- if ($uid===false) {
- login();
- } else {
- $mm->header('Authentication');
- $t = $mm->template();
-
- $username = $mm->getUsername($uid);
-
- $t->openTag('div',array('class'=>'login'));
- $t->text("Logged in as ".htmlentities($username).'.');
- $t->logout_button('Logout');
- $t->closeTag('div');
-
- $mm->footer();
- }
-}
-
-function login() {
- include(VIEWPATH.'/pages/auth/login.php');
-}
-
-function logout() {
- global $mm;
- $t = $mm->template();
-
- $mm->logout();
-
- $mm->header('Authentication');
- $t->paragraph('Logged out');
- $mm->footer();
-}
-
-function badrequest() {
- global $mm;
- $mm->status('400 Bad Request');
- $t = $mm->template();
-
- $mm->header('Authentication');
- $t->paragraph('The recieved POST request was malformed/invalid. '.
- 'If you got here from a link, this is a bug; '.
- 'Let the admin know.'.
- 'If you got here from outside, then the API is being '.
- 'missused.');
- $mm->footer();
-}
diff --git a/src/views/pages/auth/login.php b/src/views/pages/auth/login.php
deleted file mode 100644
index 8a175eb..0000000
--- a/src/views/pages/auth/login.php
+++ /dev/null
@@ -1,63 +0,0 @@
-<?php global $mm;
-/**
- * This isn't a separate URL, but this is what the 'auth' view loads
- * when the user is attempting to log in.
- * Logically, I don't think it should be in a separate file, but I think the
- * general flow of things is easier to follow and edit and maintain.
- */
-$username = '';
-$password = '';
-
-$t = $mm->template();
-
-$login = -1;
-if ( isset($_POST['username']) && isset($_POST['password'])) {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $login = $mm->login($username, $password);
-}
-
-$mm->header('Authentication');
-
-$t->openTag('form',array('action'=>$mm->baseUrl().'auth','method'=>"post"));
-$t->openFieldset('Login');
-switch ($login) {
-case -1: break;
-case 0:
- $t->inputP('Successfully logged in as '.
- htmlentities($username).'.');
- if (isset($_POST['url'])) {
- $url = htmlentities($_POST['url']);
- $t->inputP($t->link($url,
- 'Return to the page you were on.',
- true));
- }
- $t->closeFieldset();
- $t->closeTag('form');
- return;
- break;
-case 1:
- $t->inputP("Password does not match username.",
- array('class'=>'error'));
- break;
-case 2:
- $t->inputP("Username <q>$username</q> does not exist.");
- $username = '';
- break;
-}
-$t->inputText( 'username', 'Username:', '', $username);
-$t->inputPassword('password', 'Password:', '', $password);
-$t->openTag('li');
-$t->tag('input', array('type'=>'submit', 'value'=>'Login'));
-$t->closeTag('li');
-$t->closeFieldset();
-$t->tag('input', array('type'=>'hidden',
- 'name'=>'action',
- 'value'=>'login'));
-if (isset($_POST['url'])) {
- $url = htmlentities($_POST['url']);
- $t->tag('input', array('type'=>'hidden',
- 'name'=>'url',
- 'value'=>$url));
-}
-$t->closeTag('form');
diff --git a/src/views/pages/groups.php b/src/views/pages/groups.php
deleted file mode 100644
index 03f625f..0000000
--- a/src/views/pages/groups.php
+++ /dev/null
@@ -1,41 +0,0 @@
-<?php global $mm;
-
-global $illegal_names;
-$illegal_names = array('', 'new');
-global $groupname, $uid;// We will use these to pass the groupname to sub-views.
-
-$page_parts = explode('/', PAGE);
-if (isset($page_parts[1])) {
- $username = $page_parts[1];
- if ($username == '') {
- unset($username);
- }
-}
-
-if (isset($username)) { // URI: "users/*"
- // We'll be handing this off to another view.
- if ($username === 'new') {
- include(VIEWPATH.'/pages/users/new.php');
- }
-
- $uid = $mm->getUID($username);
- if ($mm->getStatus($uid)===3) $uid = false; // ignore groups.
-
- if ($uid===false) {
- include(VIEWPATH.'/pages/users/404.php');
- } else {
- include(VIEWPATH.'/pages/users/individual.php');
- }
-} else { // URI: "users"
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT':
- case 'POST':
- // We're POSTing a new user
- include(VIEWPATH.'/pages/users/create.php');
- case 'HEAD': // fall-through to GET
- case 'GET':
- // We're GETing an existing user
- include(VIEWPATH.'/pages/users/index.php');
- }
-}
diff --git a/src/views/pages/groups/401.html.php b/src/views/pages/groups/401.html.php
new file mode 100644
index 0000000..23e3778
--- /dev/null
+++ b/src/views/pages/groups/401.html.php
@@ -0,0 +1,15 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->status('401 Unauthorized');
+$t->header('Unauthorized');
+$t->tag('h1', array(), "401: Unauthorized");
+if ($VARS['uid']===false) {
+ // Not logged in
+ $t->paragraph('You need to be logged in to view group-data.');
+} else {
+ // Logged in, so the account must not activated
+ $t->paragraph('Your account needs to be activated by an administrator '.
+ 'to group-data.');
+}
+$t->footer();
diff --git a/src/views/pages/index.html.php b/src/views/pages/index.html.php
new file mode 100644
index 0000000..cf31759
--- /dev/null
+++ b/src/views/pages/index.html.php
@@ -0,0 +1,8 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->header('Main Page');
+$t->tag('h1', array(), "Message Manager");
+$t->paragraph("This is the main index page.");
+$t->link($t->url('users'), 'List of all users');
+$t->footer();
diff --git a/src/views/pages/index.php b/src/views/pages/index.php
deleted file mode 100644
index ad68559..0000000
--- a/src/views/pages/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php global $mm;
-$t = $mm->template();
-
-$mm->header("Main Page");
-$t->paragraph("This is the main index page.");
-$t->link($mm->baseUrl().'users', 'List of all users');
-$mm->footer();
diff --git a/src/views/pages/messages.php b/src/views/pages/messages.php
deleted file mode 100644
index da57596..0000000
--- a/src/views/pages/messages.php
+++ /dev/null
@@ -1,222 +0,0 @@
-<?php
-// the first ~20 lines are so that this can be called from the command line,
-// with mail piped in. This allows us to hook it into a local mail handler.
-
-global $BASE, $m;
-
-$cmdline = isset($argv[0]); // called from the command line
-@$method = $_SERVER['REQUEST_METHOD']; // What HTTP method was used
-
-if (!isset($BASE)) {
- $pages = dirname(__FILE__);
- $src = dirname($pages);
- $BASE = dirname($src);
- set_include_path(get_include_path()
- .PATH_SEPARATOR. "$BASE/src/lib"
- .PATH_SEPARATOR. "$BASE/src/ext"
- );
-}
-
-if (!$cmdline) {
- require_once('MessageManager.class.php');
- $m = new MessageManager($BASE.'/conf.php');
-}
-
-$uid = $m->isLoggedIn();
-$auth = ($uid!==false) && ($m->getStatus($uid)>0);
-if (!$cmdline && !$auth) {
- $m->status('401 Unauthorized');
- $m->header('Unauthorized');
- $t = $m->template();
- $t->tag('h1',array(),"401: Unauthorized");
- $t->paragraph('You need to be logged in to view messages. :(');
- $m->footer();
- exit();
-}
-
-@$method = $_SERVER['REQUEST_METHOD'];
-if ( ($method=='PUT') || ($method=='POST') || $cmdline ) {
- // We're going to be uploading a new message.
-
- // so uniqid isn't 'secure', it doesn't need to be, it's to prevent
- // random collisions.
- $tmpfile = "$BASE/tmp/".uniqid(getmypid().'.');
- $infile = ($cmdline?'php://stdin':'php://input');
- $out = fopen($tmpfile, "w");
- $in = fopen($infile, "r");
- while ($data = fread($in, 1024))
- fwrite($out, $data);
- fclose($out);
- fclose($in);
- //apache_request_headers()
- require_once('MimeMailParser.class.php');
- $parser = new MimeMailParser();
- $parser->setPath($tmpfile);
- $id = preg_replace('/<(.*)>/', '$1',
- $parser->getHeader('message-id'));
- $id = str_replace('/', '', $id); // for security reasons
- $msg_file = "$BASE/msg/$id";
- rename($tmpfile, $msg_file);
-
- if (!$cmdline) {
- $m->status('201 Created');
- header("Location: ".$m->baseUrl().'messages/'.$id);
- }
- exit();
-}
-
-global $PAGE, $BASE;
-$page_parts = explode('/',$PAGE);
-@$msg = $page_parts[1];
-if ($msg == '') {
- $m->header('Message Index');
- $t = $m->template();
- $t->tag('h1',array(),"Message Index");
-
- require_once('MimeMailParser.class.php');
- $parser = new MimeMailParser();
- $messages = array();
- $dh = opendir("$BASE/msg");
- while (($file = readdir($dh)) !== false) {
- $path = "$BASE/msg/$file";
- if (is_file($path)) {
- $parser->setPath($path);
-
- $date_string = $parser->getHeader('date');
- $date = strtotime($date_string);
- if (!isset($messages[$date])) $messages[$date] = array();
- $messages[$date][] =
- array('id'=>$file,
- 'subject'=>$parser->getHeader('subject'));
- }
- }
- closedir($dh);
-
- $t->openTag('table');
- foreach ($messages as $date => $message_array) {
- foreach ($message_array as $message) {
- $url = $m->baseUrl().'messages/'.$message['id'];
- $subject = htmlentities($message['subject']);
- $date_str = date('Y-m-d H:i:s',$date);
- $t->row(array(
- $t->link($url, $subject, true),
- $t->link($url, $date_str, true)
- ));
- }
- }
- $t->closeTag('table');
-
- $m->footer();
- exit();
-}
-
-@$msg_file = "$BASE/msg/$msg";
-if (!is_file($msg_file)) {
- $m->status('404 Not Found');
- $m->header('Message not found | MessageManager');
- $t = $m->template();
- $t->tag('h1',array(),'404: Not Found');
- $t->paragraph('The message <q>'.htmlentities($msg).'</q> was not '.
- 'found in our database.');
- $m->footer();
- exit();
-}
-
-////////////////////////////////////////////////////////////////////////////////
-// In the interest of code reusability, most of the following code is //
-// independent of message manager. This section is stubs to bind into //
-// MessageManager. //
-$msg_file = $msg_file;
-$msg_id = $msg;
-@$part = $page_parts[2];
-@$subpart = $page_parts[3];
-function url($id, $part='',$subpart='') {
- global $m;
- return $m->baseUrl().'messages/'.$id.'/'.($part?"$part/$subpart":'');
-}
-// With the exception of one line (tagged with XXX), the following code is //
-// not specific to MessageManager. //
-// At some point I may contemplate making this use the template engine, but //
-// I like the idea of it being self-standing. //
-////////////////////////////////////////////////////////////////////////////////
-
-require_once('MimeMailParser.class.php');
-$parser = new MimeMailParser();
-$parser->setPath($msg_file);
-
-function messageLink($id) {
- if (is_array($id)) { $id = $id[1]; }
- return '&lt;<a href="'.url($id).'">'.$id.'</a>&gt;';
-}
-function parseMessageIDs($string) {
- $base = $_SERVER['REQUEST_URL'];
- $safe = htmlentities($string);
- $html = preg_replace_callback(
- '/&lt;([^>]*)&gt;/',
- 'messageLink',
- $safe);
- return $html;
-}
-
-function row($c1, $c2) {
- echo '<tr><td>'.$c1.'</td><td>'.$c2."</td></tr>\n";
-}
-switch ($part) {
-case '': // Show a frame for all the other parts
- $m->header('View Message | MessageManager');
- $t = $m->template();
- echo "<table>\n";
- row('To:' , htmlentities($parser->getHeader('to' )));
- row('From:' , htmlentities($parser->getHeader('from' )));
- row('Subject:' , htmlentities($parser->getHeader('subject' )));
- row('In-Reply-to:', parseMessageIDs($parser->getHeader('in-reply-to')));
- row('References:' , parseMessageIDs($parser->getHeader('references' )));
- echo "</table>\n";
- echo "<div class='message-body'>\n";
- if ($parser->getMessageBodyPart('html')!==false) {
- echo "<h2>HTML</h2>\n";
- echo '<iframe src="'.url($msg_id,'body','html').'" ></iframe>'."\n";
- }
- if ($parser->getMessageBodyPart('text')!==false) {
- echo "<h2>Plain Text</h2>\n";
- echo '<iframe src="'.url($msg_id,'body','text').'" ></iframe>'."\n";
- }
- echo "</div>\n";
- echo "<h2>Attachments</h2>\n";
- echo "<table>\n";
- $attachments = $parser->getAttachments();
- foreach ($attachments as $id => $attachment) {
- echo "<tr>";
- echo '<td>'.htmlentities($attachment->getContentType())."</td>";
- echo '<td><a href="'.url($msg_id,'attachment',$id).'">';
- echo htmlentities($attachment->getFilename());
- echo "</a></td>";
- echo "</tr>\n";
- }
- echo "</table>\n";
- $m->footer();// XXX: this is specific to MessageManager
- break;
-case 'body':
- $type = $subpart;
- switch ($type) {
- case 'text': header('Content-type: text/plain'); break;
- case 'html': header('Content-type: text/html' ); break;
- default:
- }
- echo $parser->getMessageBody($type);
- break;
-case 'attachment':
- $attachment_id = $subpart;
- $attachments = $parser->getAttachments();
- $attachment = $attachments[$attachment_id];
-
- $type = $attachment->getContentType();
- $filename = $attachment->getFilename();
-
- header('Content-Type: '.$type);
- header('Content-Disposition: attachment; filename='.$filename );
- while($bytes = $attachment->read()) {
- echo $bytes;
- }
- break;
-}
diff --git a/src/views/pages/messages/401.html.php b/src/views/pages/messages/401.html.php
new file mode 100644
index 0000000..0b24f80
--- /dev/null
+++ b/src/views/pages/messages/401.html.php
@@ -0,0 +1,15 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->status('401 Unauthorized');
+$t->header('Unauthorized');
+$t->tag('h1', array(), "401: Unauthorized");
+if ($VARS['uid']===false) {
+ // Not logged in
+ $t->paragraph('You need to be logged in to view messages.');
+} else {
+ // Logged in, so the account must not activated
+ $t->paragraph('Your account needs to be activated by an administrator '.
+ 'to view messages.');
+}
+$t->footer();
diff --git a/src/views/pages/messages/frame.html.php b/src/views/pages/messages/frame.html.php
new file mode 100644
index 0000000..e64bc2f
--- /dev/null
+++ b/src/views/pages/messages/frame.html.php
@@ -0,0 +1,57 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$msg_id = $VARS['msg_id'];
+$parser = $VARS['parser'];
+$msgdir = $VARS['msgdir'];
+
+function messageLink($id) {
+ if (is_array($id)) { $id = $id[1]; }
+ global $VARS; $t = $VARS['template']; $msgdir = $VARS['msgdir'];
+ $exists = is_file("$msgdir/$id");
+ $class =
+ $id = htmlentities($id);
+ return sprintf('&lt;<a href="%1$s"%2$s>%3$s</a>&gt;',
+ $t->url("messages/$id/"),
+ ($exists?'':' class="http404"'),
+ $id);
+}
+function parseMessageIDs($string) {
+ $base = $_SERVER['REQUEST_URL'];
+ $html = preg_replace_callback(
+ '/<([^>]*)>/',
+ 'messageLink',
+ $string);
+ return $html;
+}
+
+$t->header('View Message');
+$t->openTag('table');
+$t->row(array('To:' , htmlentities( $parser->getHeader('to' ))));
+$t->row(array('From:' , htmlentities( $parser->getHeader('from' ))));
+$t->row(array('Subject:' , htmlentities( $parser->getHeader('subject' ))));
+$t->row(array('In-Reply-to:', parseMessageIDs($parser->getHeader('in-reply-to'))));
+$t->row(array('References:' , parseMessageIDs($parser->getHeader('references' ))));
+$t->closeTag('table');
+
+$t->openTag('div', array('class'=>'message-body'));
+if ($parser->getMessageBodyPart('html')!==false) {
+ $t->tag('h2', array(), 'HTML');
+ $t->tag('iframe', array('src'=>$t->url("messages/$msg_id/body.html")), '');
+}
+if ($parser->getMessageBodyPart('text')!==false) {
+ $t->tag('h2', array(), 'Plain Text');
+ $t->tag('iframe', array('src'=>$t->url("messages/$msg_id/body.txt")), '');
+}
+$t->closeTag('div');
+$t->tag('h2', array(), 'Attachments');
+$t->openTag('table');
+$attachments = $parser->getAttachments();
+foreach ($attachments as $id => $attachment) {
+ $t->row(array(
+ htmlentities($attachment->getContentType()),
+ $t->link($t->url("$msg_id/attachment/$id"),
+ htmlentities($attachment->getFilename())),
+ ));
+}
+$t->closeTag('table');
+$t->footer();
diff --git a/src/views/pages/messages/index.html.php b/src/views/pages/messages/index.html.php
new file mode 100644
index 0000000..111b6c6
--- /dev/null
+++ b/src/views/pages/messages/index.html.php
@@ -0,0 +1,25 @@
+<?php global $VARS;
+$t = $VARS['template'];
+$messages = $VARS['messages'];
+
+$t->header('Message Index');
+$t->tag('h1', array(), "Message Index");
+
+$t->openTag('table');
+$t->row(array('From','Subject', 'Date'));
+foreach ($messages as $date => $message_array) {
+ foreach ($message_array as $message) {
+ $url = $t->url('messages/'.$message['id'].'/');
+ $subject = htmlentities($message['subject']);
+ $from = htmlentities($message['from']);
+ $date_str = str_replace(' ', '&nbsp;', date('Y-m-d H:i:s',$date));
+ $t->row(array(
+ $t->link($url, $from , true),
+ $t->link($url, $subject , true),
+ $t->link($url, $date_str, true),
+ ));
+ }
+}
+$t->closeTag('table');
+
+$t->footer();
diff --git a/src/views/pages/plugins/401.html.php b/src/views/pages/plugins/401.html.php
new file mode 100644
index 0000000..5b1b222
--- /dev/null
+++ b/src/views/pages/plugins/401.html.php
@@ -0,0 +1,9 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->status('401 Unauthorized');
+$t->header('Unauthorized');
+$t->tag('h1',array(),"401: Unauthorized");
+$t->paragraph('You need to be logged in as an admin to edit global plugin '.
+ 'settings.');
+$t->footer();
diff --git a/src/views/pages/plugins/index.html.php b/src/views/pages/plugins/index.html.php
new file mode 100644
index 0000000..0e14161
--- /dev/null
+++ b/src/views/pages/plugins/index.html.php
@@ -0,0 +1,5 @@
+<?php global $VARS;
+$t = $VARS['template'];
+
+$t->header('Administrator Plugin Management');
+$t->openTag('form',array('method'=>'post','action'=>$m->baseUrl().plugins));
diff --git a/src/views/pages/users.php b/src/views/pages/users.php
deleted file mode 100644
index 9c12ee7..0000000
--- a/src/views/pages/users.php
+++ /dev/null
@@ -1,44 +0,0 @@
-<?php global $mm;
-
-global $illegal_names;
-$illegal_names = array('', 'new');
-global $username, $uid;// We will use these to pass the username to sub-views.
-
-$page_parts = explode('/', PAGE);
-if (isset($page_parts[1])) {
- $username = $page_parts[1];
- if ($username == '') {
- unset($username);
- }
-}
-
-if (isset($username)) { // URI: "users/*"
- // We'll be handing this off to another view.
- if ($username === 'new') {
- include(VIEWPATH.'/pages/users/new.php');
- exit();
- }
-
- $uid = $mm->getUID($username);
- if ($mm->getStatus($uid)===3) $uid = false; // ignore groups.
-
- if ($uid===false) {
- include(VIEWPATH.'/pages/users/404.php');
- } else {
- include(VIEWPATH.'/pages/users/individual.php');
- }
-} else { // URI: "users"
- $method = $_SERVER['REQUEST_METHOD'];
- switch ($method) {
- case 'PUT':
- case 'POST':
- // We're POSTing a new user
- include(VIEWPATH.'/pages/users/create.php');
- break;
- case 'HEAD': // fall-through to GET
- case 'GET':
- // We're GETing an existing user
- include(VIEWPATH.'/pages/users/index.php');
- break;
- }
-}
diff --git a/src/views/pages/users/include.php b/src/views/pages/users/include.php
deleted file mode 100644
index 6e8c90b..0000000
--- a/src/views/pages/users/include.php
+++ /dev/null
@@ -1,60 +0,0 @@
-<?php global $mm;
-
-require_once('User.class.php');
-
-/**
- * This will take care of possibly updating and displaying a value in the
- * 'users' table.
- */
-function inputText($user, $name, $label, $hint='') {
- if ($user->canEdit()) {
- if (isset($_POST["user_$name"])) {
- $user->setConf($name, $_POST["user_$name"]);
- }
- }
-
- $current_setting = $user->getConf($name);
-
- global $mm;
- $t = $mm->template();
- $t->inputText("user_$name", $label, $hint, $current_setting,
- !$user->canEdit());
-}
-
-function inputArray($user, $name, $arr) {
- global $mm;
- $t = $mm->template();
-
- if (isset($_POST[$name]) && is_array($_POST[$name])) {
- $user->setConfArray($name, $_POST[$name]);
- }
- $defaults = $user->getConfArray($name);
-
- foreach ($arr as $value => $label) {
- $t->inputBool($name, $value, $label,
- in_array($value, $defaults), !$user->canEdit());
- }
-}
-
-function inputNewPassword($user, $name, $label) {
- @$password1 = $_POST[$name ];
- @$password2 = $_POST[$name.'_verify'];
-
- // Check the verify box, not main box, so that we don't get tripped by
- // browsers annoyingly autocompleting the password.
- $is_set = ($password2 != '');
-
- global $mm;
- $t = $mm->template();
-
- if ($is_set) {
- $matches = ( $password1 == $password2 );
- if ($matches) {
- $user->setPassword($password1);
- $t->inputP('Password successfully updated.');
- } else {
- $t->inputP("Passwords don't match.", true);
- }
- }
- $t->inputNewPassword($name, $label);
-}
diff --git a/src/views/pages/users/index.csv.php b/src/views/pages/users/index.csv.php
index 527e508..0a69cee 100644
--- a/src/views/pages/users/index.csv.php
+++ b/src/views/pages/users/index.csv.php
@@ -1,5 +1,5 @@
<?php global $VARS;
-$attribs = $VARS['template'];
+$attribs = $VARS['attribs'];
$users = $VARS['users'];
function escape($value) {
@@ -7,7 +7,7 @@ function escape($value) {
return ($value?'true':'false');
} else {
$chars = "'" . '"' . '\\' . ',';
- return addcslashes($str, $chars);
+ return addcslashes($value, $chars);
}
}
diff --git a/src/views/pages/users/index.html.php b/src/views/pages/users/index.html.php
index 5f1ab02..c268c87 100644
--- a/src/views/pages/users/index.html.php
+++ b/src/views/pages/users/index.html.php
@@ -1,10 +1,12 @@
<?php global $VARS;
$t = $VARS['template'];
-$attribs = $VARS['template'];
+$attribs = $VARS['attribs'];
$users = $VARS['users'];
$t->header('Users');
+$t->paragraph($t->link($t->url('users.csv'), "Download this as a spreadsheet."));
+
$t->openTag('form', array('action'=>$t->url('users/index'),
'method'=>'post'));
diff --git a/src/views/pages/users/index.php b/src/views/pages/users/index.php
deleted file mode 100644
index d801faf..0000000
--- a/src/views/pages/users/index.php
+++ /dev/null
@@ -1,116 +0,0 @@
-<?php global $mm;
-
-$logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
-if (!$logged_in_user->isUser()) {
- include(VIEWPATH.'/pages/users/401.php');
- exit();
-}
-
-function attrib($key, $name, $check=false) {
- return array('key'=>$key, 'name'=>$name, 'checkbox'=>$check);
-}
-
-function getSetConf($user, $key) {
- global $mm;
- $logged_in_user = $mm->getAuthObj($mm->isLoggedIn());
- $uid = $user->getUID();
- $post_key = $key."[$uid]";
- @$value = $_POST[$post_key];
- $editable = $user->canEdit();
- $edit = isset($_POST[$post_key]);
-
- switch ($key) {
- case 'auth_name':
- if ($editable && $edit) $user->setName($value);
- $value = $user->getName();
- break;
- case 'auth_user':
- $editable = $editable && $logged_in_user->isAdmin();
- if ($editable && $edit) $user->setUser($value=='true');
- $value = $user->isUser();
- break;
- case 'auth_admin':
- $editable = $editable && $logged_in_user->isAdmin();
- if ($editable && $edit) $user->setAdmin($value=='true');
- $value = $user->isAdmin();
- break;
- default:
- if ($editable && $edit) $user->setConf($key, $value);
- $value = $user->getConf($key);
- break;
- }
-
- return array(
- 'value'=>$value,
- 'post_key'=>$post_key,
- 'editable'=>$editable);
-}
-
-$attribs = array(attrib('auth_user', 'Active', true),
- attrib('lastname','Last'),
- attrib('firstname','First'),
- attrib('hsclass','Class of'),
- attrib('phone','Phone number'),
- attrib('email','Email'),
- attrib('auth_name', 'Username'),
- );
-
-////////////////////////////////////////////////////////////////////////////////
-
-$t = $mm->template();
-$mm->header('Users');
-
-$t->openTag('form', array('action'=>$mm->baseUrl().'users',
- 'method'=>'post'));
-
-$t->openTag('table');
-
-$t->openTag('tr');
-foreach ($attribs as $attrib) {
- $t->tag('th', array(), $attrib['name']);
-}
-$t->tag('th');
-$t->closeTag('tr');
-
-$uids = $mm->listUsers();
-foreach ($uids as $uid) {
- $user = $mm->getAuthObj($uid);
- $t->openTag('tr');
-
- foreach ($attribs as $attrib) {
- $props = getSetConf($user, $attrib['key']);
-
- $arr = array('name'=>$props['post_key']);
- if (!$props['editable']) {
- $arr['readonly'] = 'readonly';
- if ($attrib['checkbox']) $arr['disabled'] = $disabled;
- }
- if ($attrib['checkbox']) {
- if ($props['value'])
- $arr['checked'] = 'checked';
- $arr['value'] = 'true';
- $arr['type'] = 'checkbox';
- } else {
- $arr['value'] = $props['value'];
- $arr['type'] = 'text';
- }
-
- $t->openTag('td');
- $t->tag('input', $arr);
- $t->closeTag('td');
- }
-
- $t->openTag('td');
- $t->link($mm->baseUrl().'users/'.$user->getName(), 'More');
- $t->closeTag('td');
-
- $t->closeTag('tr');
-}
-
-$t->closeTag('table');
-
-$t->tag('input', array('type'=>'submit',
- 'value'=>'Save/Update'));
-$t->closeTag('form');
-
-$mm->footer(); \ No newline at end of file
diff --git a/src/views/pages/users/individual.html.php b/src/views/pages/users/individual.html.php
index 4d6e4fc..9e3048a 100644
--- a/src/views/pages/users/individual.html.php
+++ b/src/views/pages/users/individual.html.php
@@ -8,6 +8,12 @@ function inputText($user, $key, $label, $hint='') {
$t->inputText("user_$key", $label, $hint, $current_setting,
!$user->canEdit());
}
+function inputTextarea($user, $key, $label, $hint='') {
+ global $VARS; $t = $VARS['template'];
+ $current_setting = $user->getConf($key);
+ $t->inputTextarea("user_$key", $label, $hint, $current_setting,
+ !$user->canEdit());
+}
function inputArray($user, $key, $arr) {
global $VARS; $t = $VARS['template'];
@@ -19,12 +25,27 @@ function inputArray($user, $key, $arr) {
}
}
+function inputField($user, $arr) {
+ $fieldname = $arr[0];
+ $fieldlabel = $arr[1];
+ $fieldtype = $arr[2];
+
+ switch ($fieldtype) {
+ case 'text':
+ inputText($user, $fieldname, $fieldlabel, '');
+ break;
+ case 'textarea':
+ inputTextarea($user, $fieldname, $fieldlabel, '');
+ break;
+ }
+}
////////////////////////////////////////////////////////////////////////////////
+$username = $user->getName();
$t->header("Users: $username");
-$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)");
+$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User <q>$username</q> (UID: ".$user->getUID().")");
if ($user->canEdit()) {
$t->openTag('form', array('method'=>'post',
@@ -53,17 +74,26 @@ if (@$VARS['pw_updated']===true) {
if (@$VARS['pw mixmatch']===true) {
$t->inputP("Passwords don't match.", true);
}
-if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password');
+if ($user->canEdit()) $t->inputNewPassword('auth_password','Reset Password');
////////////////////////////////////////////////////////////////////////////////
$t->closeFieldset();
+/*
$t->openFieldset("Information");
inputText($user, 'firstname','First Name','');
inputText($user, 'lastname','Last Name','');
inputText($user, 'hsclass','Highschool Class of',
'Please put the full year (ex: 2012)');
$t->closeFieldset();
+*/
+foreach ($VARS['config_options'] as $groupname=>$options) {
+ $t->openFieldset($groupname);
+ foreach ($options as $option) {
+ inputField($user, $option);
+ }
+ $t->closeFieldset();
+}
$t->openFieldset("Contact");
// TODO: I should make this a setting for admins to set.
@@ -80,9 +110,9 @@ $use_arr = array();
foreach ($CONTACT_METHODS as $method) {
inputText($user,
$method->addr_slug,
- ucwords($method->addr_word),
+ ucwords($method->addr_text),
$hints[$method->addr_slug]);
- $use_arr[$method->verb_slug] = ucwords($method->verb_word);
+ $use_arr[$method->verb_slug] = ucwords($method->verb_text);
}
$t->inputP("When I recieve a message, notify me using the following methods:");
diff --git a/src/views/pages/users/individual.php b/src/views/pages/users/individual.php
deleted file mode 100644
index 2483e6b..0000000
--- a/src/views/pages/users/individual.php
+++ /dev/null
@@ -1,89 +0,0 @@
-<?php global $mm, $uid;
-// Honestly, the functions in this include should be in this file, but that
-// would make this file too messy.
-require_once(VIEWPATH.'/pages/users/include.php');
-
-$user = $mm->getAuthObj($uid);
-
-if (!$user->canRead()) {
- include(VIEWPATH.'/pages/users/401.php');
- exit();
-}
-
-// Read/Change the username
-$username = $user->getName();
-if (isset($_POST['auth_name'])) {
- $new_name = $_POST['auth_name'];
- if ($new_name != $username) {
- global $illegal_names;
- if (!in_array($new_name, $illegal_names)) {
- $changed_name = $user->setName($new_name);
- $username = $user->getName();
- }
- }
-}
-
-////////////////////////////////////////////////////////////////////////////////
-
-$t = $mm->template();
-$mm->header("Users: $username");
-
-$t->tag('h1', array(), ($user->canEdit()?'Edit':'View')." User (UID: $uid)");
-
-if ($user->canEdit()) {
- $t->openTag('form', array('method'=>'post',
- 'action'=>$mm->baseUrl()."users/$username"));
-} else {
- $t->openTag('form');
-}
-
-$t->openFieldset("Login / Authentication");
-if (isset($changed_name) && !$changed_name) {
- $t->inputP("Error setting username to ".
- "<q>$new_name</q>. This is probably because".
- " a user with that name already exists.",
- true);
-}
-
-$t->inputText('auth_name','Username',
- "This is the name you use to log in, but it is also a ".
- "short name that is used in various places, think of it ".
- "as a sort of <q>Twitter name</q>.",
- $username,!$user->canEdit());
-if ($user->canEdit()) inputNewPassword($user, 'auth_password','Reset Password');
-$t->closeFieldset();
-
-$t->openFieldset("Information");
-inputText($user, 'firstname','First Name','');
-inputText($user, 'lastname','Last Name','');
-inputText($user, 'hsclass','Highschool Class of','Please put the full year (ex: 2012)');
-$t->closeFieldset();
-
-$t->openFieldset("Contact");
-inputText($user, 'email', 'Email',
- "Right now you can only have one email address, ".
- "but I'm working on making it so you can have ".
- "multiple.");
-inputText($user, 'phone', 'Cell Number',
- "A home phone number isn't much use here because it is ".
- "used to text-message you (if you enable it), and ".
- "contact you at competition.");
-$t->inputP("When I recieve a message, notify me using the following methods:");
-inputArray($user, 'use', array('email'=>'Email',
- 'sms'=>'Text Message'));
-$t->closeFieldSet();
-
-$t->openFieldSet('Groups');
-$groups = $mm->listGroupNames();
-$group_arr = array();
-foreach ($groups as $group_name) {
- $group_arr[$group_name] = ucwords($group_name);
-}
-inputArray($user, 'groups', $group_arr);
-$t->closeFieldset();
-
-if ($user->canEdit()) {
- $t->tag('input', array('type'=>'submit', 'value'=>'Save'));
-}
-$t->closeTag('form');
-$mm->footer();