sven/ulogger-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add edit/delete user menus

Browse Source
This commit is contained in:
Bartek Fabiszewski 2017-04-12 20:16:39 +02:00
parent 6049832b03
commit 87d760e4a2
11 changed files with 202 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
css/main.css
View File

@ -263,6 +263,16 @@ button {
cursor: pointer;
}
.red-button {
color: white;
float: right;
background-color: red;
padding: .1em .4em;
border-radius: 10px;
-moz-border-radius: 10px;
-webkit-border-radius: 10px;
}
.dropdown {
display: none;
position: absolute;

21
helpers/position.php
View File

@ -101,6 +101,27 @@
return $positionId;
}
/**
* Delete all user's positions
*
* @param string $userId User id
* @return bool True if success, false otherwise
*/
public function deleteAll($userId) {
$ret = false;
if (!empty($userId)) {
$query = "DELETE FROM positions WHERE user_id = ?";
$stmt = self::$db->prepare($query);
$stmt->bind_param('i', $userId);
$stmt->execute();
if (!self::$db->error && !$stmt->errno) {
$ret = true;
}
$stmt->close();
}
return $ret;
}
/**
* Fill class properties with last position data from database
* (for given user if specified)

21
helpers/track.php
View File

@ -77,6 +77,27 @@
return $trackId;
}
/**
* Delete all user's tracks
*
* @param string $userId User id
* @return bool True if success, false otherwise
*/
public function deleteAll($userId) {
$ret = false;
if (!empty($userId)) {
$query = "DELETE FROM tracks WHERE user_id = ?";
$stmt = self::$db->prepare($query);
$stmt->bind_param('i', $userId);
$stmt->execute();
if (!self::$db->error && !$stmt->errno) {
$ret = true;
}
$stmt->close();
}
return $ret;
}
/**
* Get all tracks
*

34
helpers/user.php
View File

@ -18,6 +18,8 @@
*/
require_once(ROOT_DIR . "/helpers/config.php");
require_once(ROOT_DIR . "/helpers/db.php");
require_once(ROOT_DIR . "/helpers/track.php");
require_once(ROOT_DIR . "/helpers/position.php");
/**
* User handling routines
@ -73,6 +75,38 @@
return $userid;
}
/**
* Delete user
* This will also delete all user's positions and tracks
*
* @return bool True if success, false otherwise
*/
public function delete() {
$ret = false;
if ($this->isValid) {
// remove positions
$position = new uPosition();
if ($position->deleteAll($this->id) === false) {
return false;
}
// remove tracks
$track = new uTrack();
if ($track->deleteAll($this->id) === false) {
return false;
}
// remove user
$sql = "DELETE FROM users WHERE id = ?";
$stmt = self::$db->prepare($sql);
$stmt->bind_param('i', $this->id);
$stmt->execute();
if (!self::$db->error && !$stmt->errno) {
$ret = true;
}
$stmt->close();
}
return $ret;
}
/**
* Set user password
*

2
index.php
View File

@ -72,6 +72,7 @@
var init_latitude = '<?= $config::$init_latitude ?>';
var init_longitude = '<?= $config::$init_longitude ?>';
var lang = <?= json_encode($lang) ?>;
var auth = '<?= ($user->isValid) ? $user->login : "null" ?>';
</script>
<script type="text/javascript" src="js/main.js"></script>
@ -184,6 +185,7 @@
<div id="admin_menu">
<u><?= $lang["adminmenu"] ?></u><br>
<a href="javascript:void(0);" onclick="addUser()"><?= $lang["adduser"] ?></a><br>
<a href="javascript:void(0);" onclick="editUser()"><?= $lang["edituser"] ?></a><br>
</div>
<?php endif; ?>

60
js/admin.js
View File

@ -17,7 +17,7 @@
*/
function addUser() {
var form = '<form id="userForm" method="post" onsubmit="submitUser(); return false">';
var form = '<form id="userForm" method="post" onsubmit="submitUser(\'add\'); return false">';
form += '<label><b>' + lang['username'] + '</b></label><input type="text" placeholder="' + lang['usernameenter'] + '" name="login" required>';
form += '<label><b>' + lang['password'] + '</b></label><input type="password" placeholder="' + lang['passwordenter'] + '" name="pass" required>';
form += '<label><b>' + lang['passwordrepeat'] + '</b></label><input type="password" placeholder="' + lang['passwordenter'] + '" name="pass2" required>';
@ -26,12 +26,43 @@ function addUser() {
showModal(form);
}
function submitUser() {
function editUser() {
var userForm = document.getElementsByName('user')[0];
var userLogin = userForm.options[userForm.selectedIndex].text;
if (userLogin == auth) {
alert('Your can\'t edit your own user with this tool');
return;
}
var message = '<div style="float:left">You are editing user <b>' + userLogin + '</b></div>';
message += '<div class="red-button"><b><a href="javascript:void(0);" onclick="submitUser(\'delete\'); return false">Delete user</a></b></div>';
message += '<div style="clear: both; padding-bottom: 1em;"></div>';
var form = '<form id="userForm" method="post" onsubmit="submitUser(\'update\'); return false">';
form += '<input type="hidden" name="login" value="' + userLogin + '">';
form += '<label><b>' + lang['password'] + '</b></label><input type="password" placeholder="' + lang['passwordenter'] + '" name="pass" required>';
form += '<label><b>' + lang['passwordrepeat'] + '</b></label><input type="password" placeholder="' + lang['passwordenter'] + '" name="pass2" required>';
form += '<div class="buttons"><button type="button" onclick="removeModal()">' + lang['cancel'] + '</button><button type="submit">' + lang['submit'] + '</button></div>';
form += '</form>';
showModal(message + form);
}
function confirmedDelete(login) {
return confirm('Warning!\n\nYou are going to permanently delete user "' + login + '", together with all their routes and positions.\n\nAre you sure?');
}
function submitUser(action) {
var form = document.getElementById('userForm');
var login = form.elements['login'].value;
var pass = form.elements['pass'].value;
var pass2 = form.elements['pass2'].value;
if (!login || !pass || !pass2) {
if (!login) {
alert("All fields are required");
return;
}
var pass = null;
var pass2 = null;
if (action != 'delete') {
pass = form.elements['pass'].value;
pass2 = form.elements['pass2'].value;
if (!pass || !pass2) {
alert("All fields are required");
return;
}
@ -39,6 +70,11 @@ function submitUser() {
alert("Passwords don't match");
return;
}
} else {
if (!confirmedDelete(login)) {
return;
}
}
var xhr = getXHR();
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200) {
@ -48,7 +84,13 @@ function submitUser() {
var root = xml.getElementsByTagName('root');
if (root.length && getNode(root[0], 'error') == 0) {
removeModal();
alert("User successfully added");
alert("Action completed successfully");
if (action == 'delete') {
// select current user in users form
var f = document.getElementsByName('user')[0];
f.remove(f.selectedIndex);
selectUser(f);
}
return;
}
errorMsg = getNode(root[0], 'message');
@ -58,8 +100,10 @@ function submitUser() {
xhr = null;
}
}
xhr.open('POST', 'utils/adduser.php', true);
xhr.open('POST', 'utils/handleuser.php', true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.send('login=' + login + '&pass=' + pass);
var params = 'action=' + action + '&login=' + encodeURIComponent(login) + '&pass=' + encodeURIComponent(pass);
params = params.replace(/%20/g, '+');
xhr.send(params);
return;
}

6
js/main.js
View File

@ -244,17 +244,17 @@ Number.prototype.toHMS = function () {
s = ((s % 86400) % 3600) % 60;
return ((d > 0) ? (d + ' d ') : '') + (('00' + h).slice(-2)) + ':' + (('00' + m).slice(-2)) + ':' + (('00' + s).slice(-2)) + '';
}
};
// meters to km
Number.prototype.toKm = function() {
return Math.round(this / 10) / 100;
}
};
// m/s to km/h
Number.prototype.toKmH = function() {
return Math.round(this * 3600 / 10) / 100;
}
};
// negate value
function toggleLatest() {

4
js/pass.js
View File

@ -60,6 +60,8 @@ function submitPass() {
}
xhr.open('POST', 'utils/changepass.php', true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.send('oldpass=' + oldpass + '&pass=' + pass);
var params = 'oldpass=' + encodeURIComponent(oldpass) + '&pass=' + encodeURIComponent(pass);
params = params.replace(/%20/g, '+');
xhr.send(params);
return;
}

2
lang/en.php
View File

@ -66,5 +66,7 @@ $lang["newpasswordrepeat"] = "Repeat new password";
$lang["changepass"] = "Change password";
$lang["gps"] = "GPS";
$lang["network"] = "Network";
$lang["deluser"] = "Remove user";
$lang["edituser"] = "Edit user";
?>

2
lang/pl.php
View File

@ -64,5 +64,7 @@ $lang["newpasswordrepeat"] = "Powtórz nowe hasło";
$lang["changepass"] = "Zmień hasło";
$lang["gps"] = "GPS";
$lang["network"] = "Sieć";
$lang["deluser"] = "Usuń użytkownika";
$lang["edituser"] = "Edytuj użytkownika";
?>

40
utils/adduser.php → utils/handleuser.php
View File

@ -41,17 +41,49 @@
exit;
}
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : NULL;
$login = isset($_REQUEST['login']) ? trim($_REQUEST['login']) : NULL;
$hash = isset($_REQUEST['pass']) ? password_hash($_REQUEST['pass'], PASSWORD_DEFAULT) : NULL;
if ($user->isAdmin && !empty($login) && !empty($hash)) {
$newUser = new uUser($login);
if ($newUser->isValid) {
if (!$user->isAdmin || empty($action) || empty($login) || $user->login == $login) {
exitWithStatus(true, "Server error");
}
$aUser = new uUser($login);
switch ($action) {
case 'add':
if (empty($hash)) {
exitWithStatus(true, "Server error");
}
if ($aUser->isValid) {
exitWithStatus(true, $lang["userexists"]);
}
if ($newUser->add($login, $hash) === false) {
if ($aUser->add($login, $hash) === false) {
exitWithStatus(true, $mysqli->error);
}
break;
case 'update':
// update password
if (empty($hash)) {
exitWithStatus(true, "Server error");
}
if ($aUser->setPass($hash) === false) {
exitWithStatus(true, $mysqli->error);
}
break;
case 'delete':
if ($aUser->delete() === false) {
exitWithStatus(true, $mysqli->error);
}
break;
default:
exitWithStatus(true, "Server error");
break;
}
exitWithStatus(false);
?>