From: Nik Okuntseff Date: Fri, 23 Mar 2018 11:56:01 +0000 (+0000) Subject: Refactored admin_options.php to use ttAdmin instance. X-Git-Tag: timetracker_1.19-1~970 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=7ca15b5853146dd809f2ad3f5b2e1d9dab4f8dd4;p=timetracker.git Refactored admin_options.php to use ttAdmin instance. --- diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php index 87fe00bc..6008dcab 100644 --- a/WEB-INF/lib/ttAdmin.class.php +++ b/WEB-INF/lib/ttAdmin.class.php @@ -31,8 +31,8 @@ import('ttUser'); // ttAdmin class is used to perform admin tasks. class ttAdmin { - var $err = null; // Error object, passed to us as reference. - // We use it to communicate errors to caller. + var $err = null; // Error object, passed to us as reference. + // We use it to communicate errors to caller. // Constructor. function __construct(&$err = null) { @@ -65,22 +65,19 @@ class ttAdmin { // Mark user binds as deleted. $sql = "update tt_user_project_binds set status = NULL where user_id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; // Mark favorite reports as deleted. $sql = "update tt_fav_reports set status = NULL where user_id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; // Mark user as deleted. global $user; $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); $sql = "update tt_users set status = NULL $modified_part where id = $user_id"; $affected = $mdb2->exec($sql); - if (is_a($affected, 'PEAR_Error')) - return false; + if (is_a($affected, 'PEAR_Error')) return false; return true; } @@ -104,6 +101,7 @@ class ttAdmin { $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) return false; } + return true; } @@ -264,8 +262,74 @@ class ttAdmin { return true; } + // validateUserInfo validates account information entered by user. + function validateUserInfo($fields) { + global $i18n; + global $user; + global $auth; + + $result = true; + + if (!ttValidString($fields['name'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name')); + $result = false; + } + if (!ttValidString($fields['login'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); + $result = false; + } + // If we change login, it must be unique. + if ($fields['login'] != $user->login) { + if (ttUserHelper::getUserByLogin($fields['login'])) { + $this->err->add($i18n->getKey('error.user_exists')); + $result = false; + } + } + if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) { + if (!ttValidString($fields['password1'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); + $result = false; + } + if (!ttValidString($fields['password2'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); + $result = false; + } + if ($fields['password1'] !== $fields['password2']) { + $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); + $result = false; + } + } + if (!ttValidEmail($fields['email'], true)) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); + $result = false; + } + + return $result; + } + // updateSelf validates user input and updates admin account with new information. function updateSelf($fields) { - return false; // Not yet implemeneted. + if (!$this->validateUserInfo($fields)) return false; // Can't continue as user input is invalid. + + global $user; + global $i18n; + $mdb2 = getConnection(); + + // Update self. + $user_id = $user->id; + $login_part = 'login = '.$mdb2->quote($fields['login']); + if ($fields['password1']) + $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; + $name_part = ', name = '.$mdb2->quote($fields['name']); + $email_part = ', email = '.$mdb2->quote($fields['email']); + $modified_part = ', modified = now(), modified_ip = '.$mdb2->quote($_SERVER['REMOTE_ADDR']).', modified_by = '.$mdb2->quote($user->id); + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.$modified_part.'where id = '.$user_id; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) { + $this->err->add($i18n->getKey('error.db')); + return false; + } + + return true; } } diff --git a/WEB-INF/lib/ttRegistrator.class.php b/WEB-INF/lib/ttRegistrator.class.php index 3ac6166d..71f49e69 100644 --- a/WEB-INF/lib/ttRegistrator.class.php +++ b/WEB-INF/lib/ttRegistrator.class.php @@ -81,7 +81,7 @@ class ttRegistrator { // The register function registers a user in Time Tracker. function register() { - if ($this->err->yes()) return; // There are errors, do not proceed. + if ($this->err->yes()) return false; // There are errors, do not proceed. global $i18n; @@ -89,30 +89,33 @@ class ttRegistrator { if (ttUserHelper::getUserByLogin($this->login)) { // User login already exists. $this->err->add($i18n->getKey('error.user_exists')); - return; + return false; } // Create a new group. $this->group_id = $this->createGroup(); if (!$this->group_id) { $this->err->add($i18n->getKey('error.db')); - return; + return false; } import('ttRoleHelper'); if (!ttRoleHelper::createPredefinedRoles($this->group_id, $this->lang)) { $err->add($i18n->getKey('error.db')); - return; + return false; } $this->role_id = ttRoleHelper::getTopManagerRoleID(); $this->user_id = $this->createUser(); if (!$this->user_id) { $err->add($i18n->getKey('error.db')); - return; + return false; } - $this->setCreatedBy($this->user_id); + if (!$this->setCreatedBy($this->user_id)) + return false; + + return true; } // The createGroup function creates a group in Time Tracker as part diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 4dc0027e..efe88efd 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.66.4139 | Copyright © Anuko | +  Anuko Time Tracker 1.17.66.4140 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_options.php b/admin_options.php index e728c830..14cb3f54 100644 --- a/admin_options.php +++ b/admin_options.php @@ -61,9 +61,6 @@ $form->addInput(array('type'=>'text','maxlength'=>'100','name'=>'email','value'= $form->addInput(array('type'=>'submit','name'=>'btn_submit','value'=>$i18n->getKey('button.submit'))); if ($request->isPost()) { -/* - * This is work in progress... refactoring to replace the block below. - // Create fields array for ttAdmin instance. $fields = array( 'name' => $cl_name, @@ -72,42 +69,12 @@ if ($request->isPost()) { 'password2' => $cl_password2, 'email' => $cl_email); - import('ttAdmin'); - $admin = new ttAdmin($err); - $result = $admin->updateSelf($fields); - if ($result) { - header('Location: admin_teams.php'); - exit(); - } - */ - - // Validate user input. - if (!ttValidString($cl_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.person_name')); - if (!ttValidString($cl_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.login')); - // New login must be unique. - if ($cl_login != $user->login && ttUserHelper::getUserByLogin($cl_login)) - $err->add($i18n->getKey('error.user_exists')); - if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) { - if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); - if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); - if ($cl_password1 !== $cl_password2) - $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); - } - if (!ttValidEmail($cl_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); - // Finished validating user input. - - if ($err->no()) { - if (ttUserHelper::update($user->id, array( - 'name' => $cl_name, - 'login' => $cl_login, - 'password' => $cl_password1, - 'email' => $cl_email, - 'status' => ACTIVE))) { - header('Location: admin_teams.php'); - exit(); - } else { - $err->add($i18n->getKey('error.db')); - } + import('ttAdmin'); + $admin = new ttAdmin($err); + $result = $admin->updateSelf($fields); + if ($result) { + header('Location: admin_teams.php'); + exit(); } } // isPost