From 725af06a89e5a7014dfdc9081222f313a58a6bb6 Mon Sep 17 00:00:00 2001 From: Nik Okuntseff Date: Fri, 9 Nov 2018 19:24:35 +0000 Subject: [PATCH] Some refactoring and cleanup in ttRegistrator class. --- WEB-INF/lib/ttRegistrator.class.php | 21 ++++++++++++++------- WEB-INF/templates/footer.tpl | 2 +- admin_group_add.php | 5 ++--- 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/WEB-INF/lib/ttRegistrator.class.php b/WEB-INF/lib/ttRegistrator.class.php index c206881d..8e755837 100644 --- a/WEB-INF/lib/ttRegistrator.class.php +++ b/WEB-INF/lib/ttRegistrator.class.php @@ -35,7 +35,12 @@ class ttRegistrator { var $group_name = null; // Group name. var $currency = null; // Currency. var $lang = null; // Language. + var $created_by_id = null; // User, who uses the instance. + // Currently, there are 2 possibilities: + // 1) Self-registration, or null here. + // 2) Registration by admin with a user_id. var $group_id = null; // Group id, set after we create a group. + var $org_id = null; // Organization id, the same as group_id (top group in org). var $role_id = null; // Role id for top managers. var $user_id = null; // User id after registration. var $err = null; // Error object, passed to us as reference. @@ -52,6 +57,7 @@ class ttRegistrator { $this->currency = $fields['currency']; $this->lang = $fields['lang']; if (!$this->lang) $this->lang = 'en'; + $this->created_by_id = (int) $fields['created_by_id']; $this->err = $err; // Validate passed in parameters. @@ -87,7 +93,7 @@ class ttRegistrator { global $user; // Protection from too many recent bot registrations from user IP. - if (!$user->can('administer_site')) { // No problems for site admin. + if (!$this->created_by_id) { // No problems for logged in user (site admin). if ($this->registeredRecently()) { $this->err->add($i18n->get('error.access_denied')); return false; @@ -103,6 +109,7 @@ class ttRegistrator { // Create a new group. $this->group_id = $this->createGroup(); + $this->org_id = $this->group_id; if (!$this->group_id) { $this->err->add($i18n->get('error.db')); return false; @@ -121,8 +128,8 @@ class ttRegistrator { return false; } - // Set created_by appropriately (admin or self). - $created_by = $user->can('administer_site') ? $user->id : $this->user_id; + // Set created_by appropriately. + $created_by = $this->created_by_id ? $this->created_by_id : $this->user_id; if (!$this->setCreatedBy($created_by)) return false; @@ -164,7 +171,7 @@ class ttRegistrator { $email = $mdb2->quote($this->email); $created = 'now()'; $created_ip = $mdb2->quote($_SERVER['REMOTE_ADDR']); - $values = "values($login, $password, $name, $this->group_id, $this->group_id, $this->role_id, $email, $created, $created_ip)"; + $values = "values($login, $password, $name, $this->group_id, $this->org_id, $this->role_id, $email, $created, $created_ip)"; $sql = 'insert into tt_users (login, password, name, group_id, org_id, role_id, email, created, created_ip) '.$values; $affected = $mdb2->exec($sql); @@ -176,14 +183,14 @@ class ttRegistrator { } // The setCreatedBy sets created_by field for both group and user to passed in user_id. - function setCreatedBy($user_id) { + private function setCreatedBy($user_id) { if ($this->err->yes()) return false; // There are errors, do not proceed. global $i18n; $mdb2 = getConnection(); // Update group. - $sql = "update tt_groups set created_by = $user_id where id = $this->group_id"; + $sql = "update tt_groups set created_by = $user_id where id = $this->group_id and org_id = $this->org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) { $this->err->add($i18n->get('error.db')); @@ -191,7 +198,7 @@ class ttRegistrator { } // Update top manager. - $sql = "update tt_users set created_by = $user_id where id = $this->user_id and group_id = $this->group_id"; + $sql = "update tt_users set created_by = $user_id where id = $this->user_id and group_id = $this->group_id and org_id = $this->org_id"; $affected = $mdb2->exec($sql); if (is_a($affected, 'PEAR_Error')) { $this->err->add($i18n->get('error.db')); diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl index 67fbea43..fd5880c7 100644 --- a/WEB-INF/templates/footer.tpl +++ b/WEB-INF/templates/footer.tpl @@ -12,7 +12,7 @@
-
 Anuko Time Tracker 1.18.12.4397 | Copyright © Anuko | +  Anuko Time Tracker 1.18.12.4398 | Copyright © Anuko | {$i18n.footer.credits} | {$i18n.footer.license} | {$i18n.footer.improve} diff --git a/admin_group_add.php b/admin_group_add.php index 71dde8a0..e40be98e 100644 --- a/admin_group_add.php +++ b/admin_group_add.php @@ -100,14 +100,13 @@ if ($request->isPost()) { 'email' => $cl_manager_email, 'group_name' => $cl_group_name, 'currency' => CURRENCY_DEFAULT, - 'lang' => $cl_lang); + 'lang' => $cl_lang, + 'created_by_id' => $user->id); // Create an instance of ttRegistrator class. import('ttRegistrator'); $registrator = new ttRegistrator($fields, $err); $registrator->register(); - // $registrator->setCreatedBy($user->id); // Override created_by to admin account. - // TODO: redo ttRegistrator class by passing in created_by_id in $fields to keep code straightforward. if ($err->no()) { header('Location: admin_groups.php'); exit(); -- 2.20.1