96649f21ba18d07757afa9d98998f7a22c0d86a3
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

2) /*
3) This file belongs to the Webinterface of schokokeks.org Hosting
4) 
Bernd Wurst Copyright year update

Bernd Wurst authored 6 years ago

5) Written 2008-2018 by schokokeks.org Hosting, namely
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

6)   Bernd Wurst <bernd@schokokeks.org>
7)   Hanno Böck <hanno@schokokeks.org>
8) 
9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

12) http://creativecommons.org/publicdomain/zero/1.0/
13) 
14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15) */
16) 
Bernd Wurst changed subusers module to...

Bernd Wurst authored 12 years ago

17) require_role(ROLE_SYSTEMUSER);
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

18) require_once("inc/base.php");
19) require_once("inc/security.php");
20) require_once("inc/debug.php");
21) 
22) 
23) function list_subusers()
24) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

25)     $uid = (int) $_SESSION['userinfo']['uid'];
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

26)     $result = db_query("SELECT id, username, modules FROM system.subusers WHERE uid=?", [$uid]);
27)     $subusers = [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

28)     while ($item = $result->fetch()) {
29)         $item['modules'] = explode(',', $item['modules']);
30)         $subusers[] = $item;
31)     }
32)     DEBUG($subusers);
33)     return $subusers;
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

34) }
35) 
36) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

37) function load_subuser($id)
38) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

39)     $args = [":id" => $id, ":uid" => $_SESSION['userinfo']['uid']];
Hanno remove whitespace in empty...

Hanno authored 6 years ago

40) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

41)     $result = db_query("SELECT id, username, modules FROM system.subusers WHERE uid=:uid AND id=:id", $args);
42)     $item = $result->fetch();
43)     $item['modules'] = explode(',', $item['modules']);
44)     return $item;
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

45) }
46) 
47) 
48) function available_modules()
49) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

50)     $modules = [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

51)     $allmodules = get_modules_info();
52) 
53)     // Das su-Modul ist hierfuer unwichtig
54)     unset($allmodules['su']);
55) 
56)     foreach ($allmodules as $modname => $modinfo) {
57)         if (isset($modinfo['permission'])) {
58)             $modules[$modname] = $modinfo['permission'];
59)         }
60)     }
61)     return $modules;
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

62) }
63) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

64) function delete_subuser($id)
65) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

66)     $args = [":id" => $id, ":uid" => $_SESSION['userinfo']['uid']];
Hanno remove whitespace in empty...

Hanno authored 6 years ago

67) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

68)     db_query("DELETE FROM system.subusers WHERE id=:id AND uid=:uid", $args);
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

69) }
70) 
71) function empty_subuser()
72) {
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

73)     $subuser = ["id" => null,
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

74)                    "username" => $_SESSION['userinfo']['username'].'_',
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

75)                    "modules" => ['index'], ];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

76)     return $subuser;
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

77) }
78) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

79) function new_subuser($username, $requested_modules, $password)
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

80) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

81)     $username = filter_input_username($username);
82)     if (strpos($username, $_SESSION['userinfo']['username']) !== 0) {
83)         // Username nicht enthalten (FALSE) oder nicht am Anfang (>0)
84)         system_failure("Ungültiger Benutzername!");
85)     }
86) 
87)     if (!is_array($requested_modules)) {
88)         system_failure("Module nicht als array erhalten!");
89)     }
90)     DEBUG($requested_modules);
91)     $allmods = available_modules();
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

92)     $modules = [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

93)     foreach ($requested_modules as $mod) {
94)         if (isset($allmods[$mod])) {
95)             $modules[] = $mod;
96)         }
97)     }
98)     DEBUG($modules);
99)     if (count($modules) == 0) {
100)         system_failure("Es sind (nach der Filterung) keine Module mehr übrig!");
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

101)     }
Hanno remove whitespace in empty...

Hanno authored 6 years ago

102) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

103)     $result = strong_password($password);
104)     if ($result !== true) {
105)         system_failure("Unsicheres Passwort: ".$result);
106)     }
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

107) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

108)     $args = [":uid" => $_SESSION['userinfo']['uid'],
Bernd Wurst Modul subusers auf prepared...

Bernd Wurst authored 10 years ago

109)                 ":username" => $username,
110)                 ":password" => hash("sha256", $password),
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

111)                 ":modules" => implode(',', $modules), ];
Bernd Wurst Modul subusers auf prepared...

Bernd Wurst authored 10 years ago

112) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

113)     db_query("INSERT INTO system.subusers (uid, username, password, modules) VALUES (:uid, :username, :password, :modules)", $args);
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

114) }
115) 
116) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

117) function edit_subuser($id, $username, $requested_modules, $password)
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

118) {
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

119)     $uid = (int) $_SESSION['userinfo']['uid'];
120) 
121)     $id = (int) $id;
122)     $my_subusers = list_subusers();
123)     $valid = false;
124)     foreach ($my_subusers as $x) {
125)         if ($x['id'] == $id) {
126)             $valid = true;
127)         }
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

128)     }
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

129)     if (!$valid) {
130)         system_failure("Kann diesen Account nicht finden!");
131)     }
132) 
133)     $username = filter_input_username($username);
134)     if (strpos($username, $_SESSION['userinfo']['username']) !== 0) {
135)         // Username nicht enthalten (FALSE) oder nicht am Anfang (>0)
136)         system_failure("Ungültiger Benutzername!");
137)     }
138) 
139) 
140)     if (!is_array($requested_modules)) {
141)         system_failure("Module nicht als array erhalten!");
142)     }
143)     $allmods = available_modules();
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

144)     $modules = [];
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

145)     foreach ($requested_modules as $mod) {
146)         if (isset($allmods[$mod])) {
147)             $modules[] = $mod;
148)         }
149)     }
150)     if (count($modules) == 0) {
151)         system_failure("Es sind (nach der Filterung) keine Module mehr übrig!");
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

152)     }
Hanno remove whitespace in empty...

Hanno authored 6 years ago

153) 
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

154)     $args = [":uid" => $_SESSION['userinfo']['uid'],
Bernd Wurst Modul subusers auf prepared...

Bernd Wurst authored 10 years ago

155)                 ":id" => $id,
156)                 ":username" => $username,
Hanno Böck Codingstyle PSR12 + array s...

Hanno Böck authored 3 years ago

157)                 ":modules" => implode(',', $modules), ];
Bernd Wurst Modul subusers auf prepared...

Bernd Wurst authored 10 years ago

158) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

159)     $pwchange = '';
160)     if ($password) {
161)         $result = strong_password($password);
162)         if ($result !== true) {
163)             system_failure("Unsicheres Passwort: ".$result);
164)         }
165)         $args[':password'] = hash("sha256", $password);
166)         $pwchange = ", password=:password";
Bernd Wurst Subusers-Modul in einer ers...

Bernd Wurst authored 13 years ago

167)     }
168) 
169) 
Hanno Fix coding style with php-c...

Hanno authored 6 years ago

170)     db_query("UPDATE system.subusers SET username=:username, modules=:modules{$pwchange} WHERE id=:id AND uid=:uid", $args);