X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttAdmin.class.php;h=fbcabd476547fc68bbcbed42e77638f577b761e8;hb=3c5c333f6d7a4a3f54fb711547dbd48403912c3a;hp=d6b9696a1c4e4dd8e73136004157e156847dbb40;hpb=afb1ca7aaa68c5b34da82ed58b7e06df1c1525ab;p=timetracker.git diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php index d6b9696a..fbcabd47 100644 --- a/WEB-INF/lib/ttAdmin.class.php +++ b/WEB-INF/lib/ttAdmin.class.php @@ -31,8 +31,8 @@ import('ttUser'); // ttAdmin class is used to perform admin tasks. class ttAdmin { - var $err = null; // Error object, passed to us as reference. - // We use it to communicate errors to caller. + var $err = null; // Error object, passed to us as reference. + // We use it to communicate errors to caller. // Constructor. function __construct(&$err = null) { @@ -65,22 +65,19 @@ class ttAdmin { // Mark user binds as deleted. $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; // Mark favorite reports as deleted. $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; // Mark user as deleted. global $user; $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); $sql = "update tt_users set status = NULL $modified_part where id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; return true; } @@ -104,6 +101,7 @@ class ttAdmin { $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; } + return true; } @@ -113,7 +111,7 @@ class ttAdmin { // Keep the logic simple by returning false on first error. // Obtain subgroups and call self recursively on them. - $subgroups = $this->getSubgroups(); + $subgroups = $this->getSubgroups($group_id); foreach($subgroups as $subgroup) { if (!$this->markGroupDeleted($subgroup['id'])) return false; @@ -183,59 +181,59 @@ class ttAdmin { return true; } - // validateTeamInfo validates team information entered by user. - function validateTeamInfo($fields) { + // validateGroupInfo validates group information entered by user. + function validateGroupInfo($fields) { global $i18n; global $auth; $result = true; if (!ttValidString($fields['group_name'], true)) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.team_name')); $result = false; } if (!ttValidString($fields['user_name'])) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.manager_name')); $result = false; } if (!ttValidString($fields['new_login'])) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.manager_login')); $result = false; } // If we change login, it must be unique. if ($fields['new_login'] != $fields['old_login']) { if (ttUserHelper::getUserByLogin($fields['new_login'])) { - $this->err->add($i18n->getKey('error.user_exists')); + $this->err->add($i18n->get('error.user_exists')); $result = false; } } if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) { if (!ttValidString($fields['password1'])) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.password')); $result = false; } if (!ttValidString($fields['password2'])) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.confirm_password')); $result = false; } if ($fields['password1'] !== $fields['password2']) { - $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); + $this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password')); $result = false; } } if (!ttValidEmail($fields['email'], true)) { - $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); + $this->err->add($i18n->get('error.field'), $i18n->get('label.email')); $result = false; } return $result; } - // updateTeam validates user input and updates the team with new information. - function updateTeam($team_id, $fields) { - if (!$this->validateTeamInfo($fields)) return false; // Can't continue as user input is invalid. + // updateGroup validates user input and updates the group with new information. + function updateGroup($team_id, $fields) { + if (!$this->validateGroupInfo($fields)) return false; // Can't continue as user input is invalid. global $user; $mdb2 = getConnection(); @@ -264,24 +262,71 @@ class ttAdmin { return true; } - // setCreatedByAdmin sets created_by field for both group and its top manager to admin account. - function setCreatedByAdmin($team_id, $user_id) { + // validateUserInfo validates account information entered by user. + function validateUserInfo($fields) { + global $i18n; global $user; - $mdb2 = getConnection(); + global $auth; - // Update created_by for group. - $sql = "update tt_teams set created_by = $user->id where id = $team_id"; - $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) { - $this->err->add($i18n->getKey('error.db')); - return false; + $result = true; + + if (!ttValidString($fields['name'])) { + $this->err->add($i18n->get('error.field'), $i18n->get('label.person_name')); + $result = false; + } + if (!ttValidString($fields['login'])) { + $this->err->add($i18n->get('error.field'), $i18n->get('label.login')); + $result = false; + } + // If we change login, it must be unique. + if ($fields['login'] != $user->login) { + if (ttUserHelper::getUserByLogin($fields['login'])) { + $this->err->add($i18n->get('error.user_exists')); + $result = false; + } } + if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) { + if (!ttValidString($fields['password1'])) { + $this->err->add($i18n->get('error.field'), $i18n->get('label.password')); + $result = false; + } + if (!ttValidString($fields['password2'])) { + $this->err->add($i18n->get('error.field'), $i18n->get('label.confirm_password')); + $result = false; + } + if ($fields['password1'] !== $fields['password2']) { + $this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password')); + $result = false; + } + } + if (!ttValidEmail($fields['email'], true)) { + $this->err->add($i18n->get('error.field'), $i18n->get('label.email')); + $result = false; + } + + return $result; + } + + // updateSelf validates user input and updates admin account with new information. + function updateSelf($fields) { + if (!$this->validateUserInfo($fields)) return false; // Can't continue as user input is invalid. + + global $user; + global $i18n; + $mdb2 = getConnection(); - // Update created_by for top manager. - $sql = "update tt_users set created_by = $user->id where id = $user_id"; + // Update self. + $user_id = $user->id; + $login_part = 'login = '.$mdb2->quote($fields['login']); + if ($fields['password1']) + $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; + $name_part = ', name = '.$mdb2->quote($fields['name']); + $email_part = ', email = '.$mdb2->quote($fields['email']); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) { - $this->err->add($i18n->getKey('error.db')); + $this->err->add($i18n->get('error.db')); return false; }