X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2FttAdmin.class.php;h=fbcabd476547fc68bbcbed42e77638f577b761e8;hb=5f64df1308fd641565631e6e38d282432f5e6250;hp=e054547d1eb4a0ce96f8eccb9c52695aafdc6a94;hpb=62dc3d09ec2703764869f5e76e5bc82b351938a2;p=timetracker.git

diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php
index e054547d..fbcabd47 100644
--- a/WEB-INF/lib/ttAdmin.class.php
+++ b/WEB-INF/lib/ttAdmin.class.php
@@ -31,8 +31,8 @@ import('ttUser');
 // ttAdmin class is used to perform admin tasks.
 class ttAdmin {
 
-  var $err = null;        // Error object, passed to us as reference.
-                          // We use it to communicate errors to caller.
+  var $err = null; // Error object, passed to us as reference.
+                   // We use it to communicate errors to caller.
 
   // Constructor.
   function __construct(&$err = null) {
@@ -65,22 +65,19 @@ class ttAdmin {
     // Mark user binds as deleted.
     $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id";
     $affected = $mdb2->exec($sql);
-    if (is_a($affected, 'PEAR_Error'))
-      return false;
+    if (is_a($affected, 'PEAR_Error')) return false;
 
     // Mark favorite reports as deleted.
     $sql = "update tt_fav_reports set status = NULL where user_id = $user_id";
     $affected = $mdb2->exec($sql);
-    if (is_a($affected, 'PEAR_Error'))
-      return false;
+    if (is_a($affected, 'PEAR_Error')) return false;
 
     // Mark user as deleted.
     global $user;
     $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
     $sql = "update tt_users set status = NULL $modified_part where id = $user_id";
     $affected = $mdb2->exec($sql);
-    if (is_a($affected, 'PEAR_Error'))
-      return false;
+    if (is_a($affected, 'PEAR_Error')) return false;
 
     return true;
   }
@@ -104,6 +101,7 @@ class ttAdmin {
       $affected = $mdb2->exec($sql);
       if (is_a($affected, 'PEAR_Error')) return false;
     }
+
     return true;
   }
 
@@ -113,7 +111,7 @@ class ttAdmin {
     // Keep the logic simple by returning false on first error.
 
     // Obtain subgroups and call self recursively on them.
-    $subgroups = $this->getSubgroups();
+    $subgroups = $this->getSubgroups($group_id);
     foreach($subgroups as $subgroup) {
       if (!$this->markGroupDeleted($subgroup['id']))
         return false;
@@ -183,66 +181,68 @@ class ttAdmin {
     return true;
   }
 
-  // validateTeamInfo validates team information entered by user.
-  function validateTeamInfo($fields) {
+  // validateGroupInfo validates group information entered by user.
+  function validateGroupInfo($fields) {
     global $i18n;
     global $auth;
 
     $result = true;
 
     if (!ttValidString($fields['group_name'], true)) {
-      $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name'));
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.team_name'));
       $result = false;
     }
     if (!ttValidString($fields['user_name'])) {
-      $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name'));
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.manager_name'));
       $result = false;
     }
     if (!ttValidString($fields['new_login'])) {
-      $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login'));
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.manager_login'));
       $result = false;
     }
 
     // If we change login, it must be unique.
     if ($fields['new_login'] != $fields['old_login']) {
       if (ttUserHelper::getUserByLogin($fields['new_login'])) {
-        $this->err->add($i18n->getKey('error.user_exists'));
+        $this->err->add($i18n->get('error.user_exists'));
         $result = false;
       }
     }
 
     if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) {
       if (!ttValidString($fields['password1'])) {
-        $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password'));
+        $this->err->add($i18n->get('error.field'), $i18n->get('label.password'));
         $result = false;
       }
       if (!ttValidString($fields['password2'])) {
-        $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password'));
+        $this->err->add($i18n->get('error.field'), $i18n->get('label.confirm_password'));
         $result = false;
       }
       if ($fields['password1'] !== $fields['password2']) {
-        $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password'));
+        $this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
         $result = false;
       }
     }
     if (!ttValidEmail($fields['email'], true)) {
-      $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email'));
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.email'));
       $result = false;
     }
 
     return $result;
   }
 
-  // updateTeam validates user input and updates the team with new information.
-  function updateTeam($team_id, $fields) {
-    if (!$this->validateTeamInfo($fields)) return false; // Can't continue as user input is invalid.
+  // updateGroup validates user input and updates the group with new information.
+  function updateGroup($team_id, $fields) {
+    if (!$this->validateGroupInfo($fields)) return false; // Can't continue as user input is invalid.
 
+    global $user;
     $mdb2 = getConnection();
 
     // Update group name if it changed.
     if ($fields['old_group_name'] != $fields['new_group_name']) {
-      $name = $mdb2->quote($fields['new_group_name']);
-      $sql = "update tt_teams set name = $name where id = $team_id";
+      $name_part = 'name = '.$mdb2->quote($fields['new_group_name']);
+      $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
+      $sql = 'update tt_teams set '.$name_part.$modified_part.' where id = '.$team_id;
       $affected = $mdb2->exec($sql);
       if (is_a($affected, 'PEAR_Error')) return false;
     }
@@ -254,11 +254,82 @@ class ttAdmin {
       $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')';
     $name_part = ', name = '.$mdb2->quote($fields['user_name']);
     $email_part = ', email = '.$mdb2->quote($fields['email']);
-
-    $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.'where id = '.$user_id;
+    $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
+    $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id;
     $affected = $mdb2->exec($sql);
     if (is_a($affected, 'PEAR_Error')) return false;
 
     return true;
   }
+
+  // validateUserInfo validates account information entered by user.
+  function validateUserInfo($fields) {
+    global $i18n;
+    global $user;
+    global $auth;
+
+    $result = true;
+
+    if (!ttValidString($fields['name'])) {
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.person_name'));
+      $result = false;
+    }
+    if (!ttValidString($fields['login'])) {
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.login'));
+      $result = false;
+    }
+    // If we change login, it must be unique.
+    if ($fields['login'] != $user->login) {
+      if (ttUserHelper::getUserByLogin($fields['login'])) {
+        $this->err->add($i18n->get('error.user_exists'));
+        $result = false;
+      }
+    }
+    if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) {
+      if (!ttValidString($fields['password1'])) {
+        $this->err->add($i18n->get('error.field'), $i18n->get('label.password'));
+        $result = false;
+      }
+      if (!ttValidString($fields['password2'])) {
+        $this->err->add($i18n->get('error.field'), $i18n->get('label.confirm_password'));
+        $result = false;
+      }
+      if ($fields['password1'] !== $fields['password2']) {
+        $this->err->add($i18n->get('error.not_equal'), $i18n->get('label.password'), $i18n->get('label.confirm_password'));
+        $result = false;
+      }
+    }
+    if (!ttValidEmail($fields['email'], true)) {
+      $this->err->add($i18n->get('error.field'), $i18n->get('label.email'));
+      $result = false;
+    }
+
+    return $result;
+  }
+
+  // updateSelf validates user input and updates admin account with new information.
+  function updateSelf($fields) {
+    if (!$this->validateUserInfo($fields)) return false; // Can't continue as user input is invalid.
+
+    global $user;
+    global $i18n;
+    $mdb2 = getConnection();
+
+    // Update self.
+    $user_id = $user->id;
+    $login_part = 'login = '.$mdb2->quote($fields['login']);
+    if ($fields['password1'])
+      $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')';
+    $name_part = ', name = '.$mdb2->quote($fields['name']);
+    $email_part = ', email = '.$mdb2->quote($fields['email']);
+    $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id);
+    $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id;
+    $affected = $mdb2->exec($sql);
+    if (is_a($affected, 'PEAR_Error')) {
+      $this->err->add($i18n->get('error.db'));
+      return false;
+    }
+
+    return true;
+  }
 }