From 62dc3d09ec2703764869f5e76e5bc82b351938a2 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Thu, 22 Mar 2018 14:45:15 +0000 Subject: [PATCH] Refactored admin_team_edit.php to use ttAdmin class. --- WEB-INF/lib/ttAdmin.class.php | 87 ++++++++++++++++++++++++++++++++++- WEB-INF/templates/footer.tpl | 2 +- admin_team_edit.php | 47 +++++++------------ 3 files changed, 104 insertions(+), 32 deletions(-) diff --git a/WEB-INF/lib/ttAdmin.class.php b/WEB-INF/lib/ttAdmin.class.php index b6b081e9..e054547d 100644 --- a/WEB-INF/lib/ttAdmin.class.php +++ b/WEB-INF/lib/ttAdmin.class.php @@ -26,11 +26,17 @@ // | https://www.anuko.com/time_tracker/credits.htm // +----------------------------------------------------------------------+ +import('ttUser'); + // ttAdmin class is used to perform admin tasks. class ttAdmin { + var $err = null; // Error object, passed to us as reference. + // We use it to communicate errors to caller. + // Constructor. - function __construct() { + function __construct(&$err = null) { + $this->err = $err; } // getSubgroups rerurns an array of subgroups for a group. @@ -176,4 +182,83 @@ class ttAdmin { return true; } + + // validateTeamInfo validates team information entered by user. + function validateTeamInfo($fields) { + global $i18n; + global $auth; + + $result = true; + + if (!ttValidString($fields['group_name'], true)) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name')); + $result = false; + } + if (!ttValidString($fields['user_name'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name')); + $result = false; + } + if (!ttValidString($fields['new_login'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login')); + $result = false; + } + + // If we change login, it must be unique. + if ($fields['new_login'] != $fields['old_login']) { + if (ttUserHelper::getUserByLogin($fields['new_login'])) { + $this->err->add($i18n->getKey('error.user_exists')); + $result = false; + } + } + + if (!$auth->isPasswordExternal() && ($fields['password1'] || $fields['password2'])) { + if (!ttValidString($fields['password1'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); + $result = false; + } + if (!ttValidString($fields['password2'])) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); + $result = false; + } + if ($fields['password1'] !== $fields['password2']) { + $this->err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); + $result = false; + } + } + if (!ttValidEmail($fields['email'], true)) { + $this->err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); + $result = false; + } + + return $result; + } + + // updateTeam validates user input and updates the team with new information. + function updateTeam($team_id, $fields) { + if (!$this->validateTeamInfo($fields)) return false; // Can't continue as user input is invalid. + + $mdb2 = getConnection(); + + // Update group name if it changed. + if ($fields['old_group_name'] != $fields['new_group_name']) { + $name = $mdb2->quote($fields['new_group_name']); + $sql = "update tt_teams set name = $name where id = $team_id"; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) return false; + } + + // Update group manager. + $user_id = $fields['user_id']; + $login_part = 'login = '.$mdb2->quote($fields['new_login']); + if ($fields['password1']) + $password_part = ', password = md5('.$mdb2->quote($fields['password1']).')'; + $name_part = ', name = '.$mdb2->quote($fields['user_name']); + $email_part = ', email = '.$mdb2->quote($fields['email']); + + $sql = 'update tt_users set '.$login_part.$password_part.$name_part.$email_part.'where id = '.$user_id; + $affected = $mdb2->exec($sql); + if (is_a($affected, 'PEAR_Error')) return false; + + return true; + } } diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index e0a4919d..0bbfc034 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.17.65.4131 | Copyright © Anuko | +  Anuko Time Tracker 1.17.65.4132 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_team_edit.php b/admin_team_edit.php index 61828e16..42884585 100644 --- a/admin_team_edit.php +++ b/admin_team_edit.php @@ -74,37 +74,24 @@ $form->addInput(array('type'=>'submit','name'=>'btn_cancel','value'=>$i18n->getK if ($request->isPost()) { if ($request->getParameter('btn_save')) { - // Validate user input. - if (!ttValidString($cl_team_name, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.team_name')); - if (!ttValidString($cl_manager_name)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_name')); - if (!ttValidString($cl_manager_login)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.manager_login')); - if (!$auth->isPasswordExternal() && ($cl_password1 || $cl_password2)) { - if (!ttValidString($cl_password1)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.password')); - if (!ttValidString($cl_password2)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.confirm_password')); - if ($cl_password1 !== $cl_password2) - $err->add($i18n->getKey('error.not_equal'), $i18n->getKey('label.password'), $i18n->getKey('label.confirm_password')); - } - if (!ttValidEmail($cl_manager_email, true)) $err->add($i18n->getKey('error.field'), $i18n->getKey('label.email')); - - // New login must be unique. - if ($cl_manager_login != $team_details['manager_login']) - if (ttUserHelper::getUserByLogin($cl_manager_login)) $err->add($i18n->getKey('error.user_exists')); + // Create fields array for ttAdmin instance. + $fields = array( + 'old_group_name' => $team_details['team_name'], + 'new_group_name' => $cl_team_name, + 'user_id' => $team_details['manager_id'], + 'user_name' => $cl_manager_name, + 'old_login' => $team_details['manager_login'], + 'new_login' => $cl_manager_login, + 'password1' => $cl_password1, + 'password2' => $cl_password2, + 'email' => $cl_manager_email); - if ($err->no()) { - $update_result = ttTeamHelper::update($team_id, array('name'=>$cl_team_name)); - if ($update_result) { - $update_result = ttUserHelper::update($team_details['manager_id'], array( - 'name' => $cl_manager_name, - 'login' => $cl_manager_login, - 'password' => $cl_password1, - 'email' => $cl_manager_email, - 'status' => ACTIVE)); - } - if ($update_result) { - header('Location: admin_teams.php'); - exit(); - } else - $err->add($i18n->getKey('error.db')); + import('ttAdmin'); + $admin = new ttAdmin($err); + $result = $admin->updateTeam($team_id, $fields); + if ($result) { + header('Location: admin_teams.php'); + exit(); } } -- 2.20.1