oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WebGUI 0.9.0 release

Browse source
This commit is contained in:
JT Smith 2001-08-13 23:18:00 +00:00
commit c57a922892
51 changed files with 7351 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

268
lib/WebGUI/Operation/Account.pm Normal file
View file

@ -0,0 +1,268 @@
package WebGUI::Operation::Account;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Digest::MD5 qw(md5_base64);
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_createAccount &www_deactivateAccount &www_deactivateAccountConfirm &www_displayAccount &www_displayLogin &www_login &www_logout &www_recoverPassword &www_recoverPasswordFinish &www_saveAccount &www_updateAccount);
#-------------------------------------------------------------------
sub _hasBadPassword {
if ($_[0] ne $_[1] || $_[0] eq "") {
return 1;
} else {
return 0;
}
}
#-------------------------------------------------------------------
sub _hasBadUsername {
my ($otherUser);
($otherUser) = WebGUI::SQL->quickArray("select username from user where lcase(username)=lcase('$_[0]')",$session{dbh});
if ($otherUser ne "" || $_[0] eq "") {
return 1;
} else {
return 0;
}
}
#-------------------------------------------------------------------
sub _login {
my ($cookieInfo);
$cookieInfo = $_[0]."|".crypt($_[1],"yJ");
WebGUI::Session::end($cookieInfo); #clearing out old session info just in case something bad happened
if (WebGUI::Session::start($cookieInfo)) {
WebGUI::Session::setCookie("wgSession",$cookieInfo);
return "";
} else {
return "<b>Error:</b> Unable to initialize session vars because your session signature does not match your account information.<p>";
}
}
#-------------------------------------------------------------------
sub www_createAccount {
my ($output);
if ($session{user}{userId} != 1) {
$output .= www_displayAccount();
} else {
$output .= ' <h1>Create Account</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","saveAccount");
$output .= '<table>';
$output .= '<tr><td class="formDescription">Username</td><td>'.WebGUI::Form::text("username",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription">Password</td><td>'.WebGUI::Form::password("identifier1",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription">Password (confirm)</td><td>'.WebGUI::Form::password("identifier2",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Email Address</td><td>'.WebGUI::Form::text("email",20,255).'<span class="formSubtext"><br>This is only necessary if you wish to use features that require Email.</span></td></tr>';
$output .= '<tr><td class="formDescription" valign="top"><a href="http://www.icq.com">ICQ</a> UIN</td><td>'.WebGUI::Form::text("icq",20,30).'<span class="formSubtext"><br>This is only necessary if you wish to use features that require ICQ.</span></td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("create").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
$output .= '<div class="accountOptions"><ul><li><a href="'.$session{page}{url}.'?op=displayLogin">I already have an account.</a><li><a href="'.$session{page}{url}.'?op=recoverPassword">I forgot my password.</a></ul></div>';
}
return $output;
}
#-------------------------------------------------------------------
sub www_deactivateAccount {
my ($output);
if ($session{user}{userId} == 1) {
$output .= www_displayLogin();
} else {
$output .= '<h1>Please Confirm</h1>';
$output .= 'Are you certain you want to deactivate your account. If you proceed your account information will be lost permanently.<p>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=deactivateAccountConfirm">Yes, I\'m sure.</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.$session{page}{url}.'">No, I made a mistake.</a></div>';
}
return $output;
}
#-------------------------------------------------------------------
sub www_deactivateAccountConfirm {
if ($session{user}{userId} != 1) {
WebGUI::SQL->write("delete from user where userId=$session{user}{userId}",$session{dbh});
WebGUI::SQL->write("delete from groupings where userId=$session{user}{userId}",$session{dbh});
WebGUI::Session::end($session{var}{sessionId});
_login(1,"null");
}
return www_displayLogin();
}
#-------------------------------------------------------------------
sub www_displayAccount {
my ($output);
if ($session{user}{userId} != 1) {
$output .= ' <h1>Update Account Information</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","updateAccount");
$output .= '<table>';
$output .= '<tr><td class="formDescription">username</td><td>'.WebGUI::Form::text("username",20,30,$session{user}{username}).'</td></tr>';
$output .= '<tr><td class="formDescription">password</td><td>'.WebGUI::Form::password("identifier1",20,30,"password").'</td></tr>';
$output .= '<tr><td class="formDescription">password (confirm)</td><td>'.WebGUI::Form::password("identifier2",20,30,"password").'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">email address</td><td>'.WebGUI::Form::text("email",20,255,$session{user}{email}).'<span class="formSubtext"><br>This is only necessary if you wish to use features that require Email.</span></td></tr>';
$output .= '<tr><td class="formDescription" valign="top"><a href="http://www.icq.com">ICQ</a> UIN</td><td>'.WebGUI::Form::text("icq",20,30,$session{user}{icq}).'<span class="formSubtext"><br>This is only necessary if you wish to use features that require ICQ.</span></td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("update").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
$output .= '<div class="accountOptions"><ul>';
if (WebGUI::Privilege::isInGroup(3) || WebGUI::Privilege::isInGroup(4)) {
$output .= '<li><a href="'.$session{page}{url}.'?op=switchOnAdmin">Turn admin on.</a>';
}
$output .= '<li><a href="'.$session{page}{url}.'?op=logout">Logout.</a><li><a href="'.$session{page}{url}.'?op=deactivateAccount">Please deactivate my account permanently.</a></ul></div>';
} else {
$output .= 'You need to be logged in to view your account information.<p>';
$output .= www_displayLogin();
}
return $output;
}
#-------------------------------------------------------------------
sub www_displayLogin {
my ($output);
if ($session{var}{sessionId}) {
$output .= www_displayAccount();
} else {
$output .= ' <h1>Login</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","login");
$output .= '<table>';
$output .= '<tr><td class="formDescription">username</td><td>'.WebGUI::Form::text("username",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription">password</td><td>'.WebGUI::Form::password("identifier",20,30).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("login").'</td></tr>';
$output .= '</table>';
$output .= '</form>';
$output .= '<div class="accountOptions"><ul><li><a href="'.$session{page}{url}.'?op=createAccount">Create a new account.</a><li><a href="'.$session{page}{url}.'?op=recoverPassword">I forgot my password.</a></ul></div>';
}
return $output;
}
#-------------------------------------------------------------------
sub www_login {
my ($uid,$pass);
($uid,$pass) = WebGUI::SQL->quickArray("select userId,identifier from user where username=".quote($session{form}{username}),$session{dbh});
if (Digest::MD5::md5_base64($session{form}{identifier}) eq $pass && $session{form}{identifier} ne "") {
_login($uid,$pass);
return "";
} else {
return "<h1>Invalid Account</h1>The account information you supplied is invalid. Either the account does not exist or the username/password combination was incorrect.".www_displayLogin();
}
}
#-------------------------------------------------------------------
sub www_logout {
WebGUI::Session::end($session{var}{sessionId});
#_login(1,"null");
return "";
}
#-------------------------------------------------------------------
sub www_recoverPassword {
my ($output);
if ($session{var}{sessionId}) {
$output .= www_displayAccount();
} else {
$output .= ' <h1>Recover Password</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","recoverPasswordFinish");
$output .= '<table>';
$output .= '<tr><td class="formDescription">Email Address</td><td>'.WebGUI::Form::text("email",20,255).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("recover").'</td></tr>';
$output .= '</table>';
$output .= '</form>';
$output .= '<div class="accountOptions"><ul><li><a href="'.$session{page}{url}.'?op=createAccount">Create a new account.</a><li><a href="'.$session{page}{url}.'?op=displayLogin">Login.</a></ul></div>';
}
return $output;
}
#-------------------------------------------------------------------
sub www_recoverPasswordFinish {
my ($sth, $username, $encryptedPassword, $userId, $password, $flag, $message, $output);
$sth = WebGUI::SQL->read("select username, userId from user where email=".quote($session{form}{email}),$session{dbh});
while (($username,$userId) = $sth->array) {
foreach (0,1,2,3,4,5) {
$password .= chr(ord('A') + randint(32));
}
$encryptedPassword = Digest::MD5::md5_base64($password);
WebGUI::SQL->write("update user set identifier='$encryptedPassword' where userId='$userId'",$session{dbh});
$flag = 1;
$message = 'Someone (probably you) requested your account information be sent. Your password has been reset. The following information represents your new account information:\nUser: '.$username.'\nPass: '.$password.'\n';
WebGUI::Mail::send($session{form}{email},"Account Information",$message);
}
$sth->finish();
if ($flag) {
$output = '<ul><li>Your account information has been sent to your email address.</ul>';
$output .= www_displayLogin();
} else {
$output = '<ul><li>That email address is not in our databases.</ul>';
$output .= www_recoverPassword();
}
return $output;
}
#-------------------------------------------------------------------
sub www_saveAccount {
my ($output, $error, $uid, $encryptedPassword);
if (_hasBadUsername($session{form}{username})) {
$error = '<b>Error:</b> The account name <b>'.$session{form}{username}.'</b> is in use by another member of this site. Please try a different username, perhaps "'.$session{form}{username}.'too" or "'.$session{form}{username}.'01"<p>';
}
if (_hasBadPassword($session{form}{identifier1},$session{form}{identifier2})) {
$error .= '<b>Error:</b> Your passwords did not match. Please try again.<p>';
}
if ($error eq "") {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
$uid = getNextId("userId");
WebGUI::SQL->write("insert into user set userId=".getNextId("userId").", username=".quote($session{form}{username}).", identifier=".quote($encryptedPassword).", email=".quote($session{form}{email}).", icq=".quote($session{form}{icq}),$session{dbh});
WebGUI::SQL->write("insert into groupings set groupId=2,userId=$uid",$session{dbh});
_login($uid,$encryptedPassword);
$output .= 'Account created successfully!<p>';
$output .= www_displayAccount();
} else {
$output = $error;
$output = www_createAccount();
}
return $output;
}
#-------------------------------------------------------------------
sub www_updateAccount {
my ($output, $error, $encryptedPassword, $passwordStatement);
if ($session{var}{sessionId}) {
if (_hasBadUsername($session{form}{username})) {
$error = '<b>Error:</b> The account name <b>'.$session{form}{username}.'</b> is in use by another member of this site. Please try a different username, perhaps "'.$session{form}{username}.'too" or "'.$session{form}{username}.'01"<p>';
}
if ($session{form}{identifier1} ne "password" && _hasBadPassword($session{form}{identifier1},$session{form}{identifier2})) {
$error .= '<b>Error:</b> Your passwords did not match. Please try again.<p>';
} else {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
$passwordStatement = ', identifier='.quote($encryptedPassword);
}
if ($error eq "") {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
WebGUI::SQL->write("update user set username=".quote($session{form}{username}).$passwordStatement.", email=".quote($session{form}{email}).", icq=".quote($session{form}{icq})." where userId=".$session{user}{userId},$session{dbh});
if ($passwordStatement ne "") {
_login($session{user}{userId},$encryptedPassword);
}
$output .= 'Account updated successfully!<p>';
$output .= www_displayAccount();
} else {
$output = $error;
$output = www_createAccount();
}
} else {
$output .= www_displayLogin();
}
return $output;
}
1;

45
lib/WebGUI/Operation/Admin.pm Normal file
View file

@ -0,0 +1,45 @@
package WebGUI::Operation::Admin;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_switchOffAdmin &www_switchOnAdmin);
#-------------------------------------------------------------------
sub www_switchOffAdmin {
if ($session{var}{sessionId}) {
WebGUI::SQL->write("update session set adminOn=0 where sessionId='$session{var}{sessionId}'",$session{dbh});
WebGUI::Session::refreshSessionVars($session{var}{sessionId});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_switchOnAdmin {
if ($session{var}{sessionId}) {
WebGUI::SQL->write("update session set adminOn=1 where sessionId='$session{var}{sessionId}'",$session{dbh});
WebGUI::Session::refreshSessionVars($session{var}{sessionId});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
1;

156
lib/WebGUI/Operation/Group.pm Normal file
View file

@ -0,0 +1,156 @@
package WebGUI::Operation::Group;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_addGroup &www_addGroupSave &www_deleteGroup &www_deleteGroupConfirm &www_editGroup &www_editGroupSave &www_listGroups);
#-------------------------------------------------------------------
sub www_addGroup {
my ($output);
if (WebGUI::Privilege::isInGroup(3)) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=17"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Add Group</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","addGroupSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription" valign="top">Group Name</td><td>'.WebGUI::Form::text("groupName",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Description</td><td>'.WebGUI::Form::textArea("description",'').'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_addGroupSave {
my ($output);
if ($session{var}{sessionId}) {
WebGUI::SQL->write("insert into groups set groupId=".getNextId("groupId").", groupName=".quote($session{form}{groupName}).", description=".quote($session{form}{description}),$session{dbh});
$output = www_listGroups();
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_deleteGroup {
my ($output);
if (WebGUI::Privilege::isInGroup(3) && $session{form}{gid} > 25) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=15"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Please Confirm</h1>';
$output .= 'Are you certain you wish to delete this group? Beware that deleting a group is permanent and will remove all privileges associated with this group.<p>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=deleteGroupConfirm&gid='.$session{form}{gid}.'">Yes, I\'m sure.</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.$session{page}{url}.'?op=listGroups">No, I made a mistake. </a></div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_deleteGroupConfirm {
if (WebGUI::Privilege::isInGroup(3) && $session{form}{gid} > 25) {
WebGUI::SQL->write("delete from groups where groupId=$session{form}{gid}",$session{dbh});
WebGUI::SQL->write("delete from groupings where groupId=$session{form}{gid}",$session{dbh});
return www_listGroups();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_editGroup {
my ($output, $sth, %group, $user);
if (WebGUI::Privilege::isInGroup(3)) {
%group = WebGUI::SQL->quickHash("select * from groups where groupId=$session{form}{gid}",$session{dbh});
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=13"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Edit Group</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","editGroupSave");
$output .= WebGUI::Form::hidden("gid",$session{form}{gid});
$output .= '<table>';
$output .= '<tr><td class="formDescription" valign="top">Group Name</td><td>'.WebGUI::Form::text("groupName",20,30,$group{groupName}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Description</td><td>'.WebGUI::Form::textArea("description",$group{description}).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Users In Group</td><td valign="top">';
$sth = WebGUI::SQL->read("select user.username from user,groupings where groupings.groupId=$session{form}{gid} and groupings.userId=user.userId order by user.username",$session{dbh});
while (($user) = $sth->array) {
$output .= $user."<br>";
}
$sth->finish;
$output .= '<br></td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_editGroupSave {
if (WebGUI::Privilege::isInGroup(3)) {
WebGUI::SQL->write("update groups set groupName=".quote($session{form}{groupName}).", description=".quote($session{form}{description})." where groupId=".$session{form}{gid},$session{dbh});
return www_listGroups();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_listGroups {
my ($output, $sth, @data, $totalItems, $currentPage, $itemsPerPage);
if (WebGUI::Privilege::isInGroup(3)) {
$itemsPerPage = 50;
if ($session{form}{pageNumber} < 1) {
$currentPage = 1;
} else {
$currentPage = $session{form}{pageNumber};
}
($totalItems) = WebGUI::SQL->quickArray("select count(*) from groups where groupName<>'Reserved'",$session{dbh});
$output = '<a href="'.$session{page}{url}.'?op=viewHelp&hid=10"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Groups</h1>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=addGroup">Add a new group.</a></div>';
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
$sth = WebGUI::SQL->read("select groupId,groupName,description from groups where groupName<>'Reserved' order by groupName limit ".(($currentPage*$itemsPerPage)-$itemsPerPage).",".$itemsPerPage,$session{dbh});
while (@data = $sth->array) {
$output .= '<tr><td valign="top"><a href="'.$session{page}{url}.'?op=deleteGroup&gid='.$data[0].'"><img src="'.$session{setting}{lib}.'/delete.gif" border=0></a><a href="'.$session{page}{url}.'?op=editGroup&gid='.$data[0].'"><img src="'.$session{setting}{lib}.'/edit.gif" border=0></a></td>';
$output .= '<td valign="top">'.$data[1].'</td>';
$output .= '<td valign="top">'.$data[2].'</td></tr>';
}
$output .= '</table><div class="pagination">';
if ($currentPage > 1) {
$output .= '<a href="'.$session{page}{url}.'?op=listGroups&pageNumber='.($currentPage-1).'">&laquo;Previous Page</a>';
} else {
$output .= '&laquo;Previous Page';
}
$output .= ' &middot; ';
if ($currentPage < round($totalItems/$itemsPerPage)) {
$output .= '<a href="'.$session{page}{url}.'?op=listGroups&pageNumber='.($currentPage+1).'">Next Page&raquo;</a>';
} else {
$output .= 'Next Page&raquo;';
}
$output .= '</div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
1;

71
lib/WebGUI/Operation/Help.pm Normal file
View file

@ -0,0 +1,71 @@
package WebGUI::Operation::Help;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_viewHelp &www_viewHelpIndex);
#-------------------------------------------------------------------
sub www_viewHelp {
my ($output, %help, @data, $sth);
%help = WebGUI::SQL->quickHash("select * from help where helpId=$session{form}{hid}",$session{dbh});
$output = '<h1>Help: '.$help{action}.' '.$help{object}.'</h1>';
$help{body} =~ s/\n/\<br\>/g;
$output .= $help{body};
$output .= '<p><b>See Also:';
$sth = WebGUI::SQL->read("select helpId, action, object from help where object='$help{object}' and action<>'$help{action}' order by action",$session{dbh});
while (@data = $sth->array) {
$output .= ' <a href="'.$session{page}{url}.'?op=viewHelp&hid='.$data[0].'">'.$data[1].' '.$data[2].'</a>';
}
$sth->finish;
$sth = WebGUI::SQL->read("select helpId, action, object from help where helpId in ($help{seeAlso}) order by action",$session{dbh});
while (@data = $sth->array) {
$output .= ' <a href="'.$session{page}{url}.'?op=viewHelp&hid='.$data[0].'">'.$data[1].' '.$data[2].'</a>';
}
$sth->finish;
return $output;
}
#-------------------------------------------------------------------
sub www_viewHelpIndex {
my ($sth, @data, $output, $previous);
$output = '<h1>Help Index</h1>';
$output .= '<table width="100%"><tr><td valign="top"><b>Sorted By Action</b><p>';
$sth = WebGUI::SQL->read("select helpId, action, object from help order by action,object",$session{dbh});
while (@data = $sth->array) {
if ($data[1] ne $previous) {
$output .= '<p><b>'.$data[1].'</b><br>';
$previous = $data[1];
}
$output .= '<li><a href="'.$session{page}{url}.'?op=viewHelp&hid='.$data[0].'">'.$data[2].'</a><br>';
}
$sth->finish;
$output .= '</td><td valign="top"><b>Sorted By Object</b><p>';
$sth = WebGUI::SQL->read("select helpId, object, action from help order by object,action",$session{dbh});
while (@data = $sth->array) {
if ($data[1] ne $previous) {
$output .= '<p><b>'.$data[1].'</b><br>';
$previous = $data[1];
}
$output .= '<li><a href="'.$session{page}{url}.'?op=viewHelp&hid='.$data[0].'">'.$data[2].'</a><br>';
}
$sth->finish;
$output .= '</td></tr></table>';
return $output;
}
1;

190
lib/WebGUI/Operation/Page.pm Normal file
View file

@ -0,0 +1,190 @@
package WebGUI::Operation::Page;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_addPage &www_addPageSave &www_cutPage &www_deletePage &www_deletePageConfirm &www_editPage &www_editPageSave &www_pastePage);
#-------------------------------------------------------------------
sub _recursivelyChangePrivileges {
my ($sth, $pageId);
$sth = WebGUI::SQL->read("select pageId from page where parentId=$_[0]",$session{dbh});
while (($pageId) = $sth->array) {
WebGUI::SQL->write("update page set ownerId=$session{form}{ownerId}, ownerView=$session{form}{ownerView}, ownerEdit=$session{form}{ownerEdit}, groupId='$session{form}{groupId}', groupView=$session{form}{groupView}, groupEdit=$session{form}{groupEdit}, worldView=$session{form}{worldView}, worldEdit=$session{form}{worldEdit} where pageId=$pageId",$session{dbh});
_recursivelyChangePrivileges($pageId);
}
$sth->finish;
}
#-------------------------------------------------------------------
sub _recursivelyChangeStyle {
my ($sth, $pageId);
$sth = WebGUI::SQL->read("select pageId from page where parentId=$_[0]",$session{dbh});
while (($pageId) = $sth->array) {
WebGUI::SQL->write("update page set styleId=$session{form}{styleId} where pageId=$pageId",$session{dbh});
_recursivelyChangeStyle($pageId);
}
$sth->finish;
}
#-------------------------------------------------------------------
sub www_addPage {
my ($output);
if (WebGUI::Privilege::canEditPage()) {
$output = '<a href="'.$session{page}{url}.'?op=viewHelp&hid=1"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Add Page</h1><form method="post" action="'.$session{page}{url}.'">';
$output .= WebGUI::Form::hidden("op","addPageSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription">Title</td><td>'.WebGUI::Form::text("title",20,30,$session{form}{title}).'</td></tr>';
$output .= '<tr><td class="formDescription">Meta Tags</td><td>'.WebGUI::Form::textArea("metaTags",$session{form}{metaTags}).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("create").'</td></tr>';
$output .= '</table></form>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_addPageSave {
my (%parent, $urlizedTitle, $test);
if (WebGUI::Privilege::canEditPage()) {
%parent = WebGUI::SQL->quickHash("select * from page where pageId=$session{page}{pageId}",$session{dbh});
$urlizedTitle = urlizeTitle($session{form}{title});
while (($test) = WebGUI::SQL->quickArray("select urlizedTitle from page where urlizedTitle='$urlizedTitle'",$session{dbh})) {
$urlizedTitle .= 2;
}
WebGUI::SQL->write("insert into page set pageId=".getNextId("pageId").", parentId=$session{page}{pageId}, title=".quote($session{form}{title}).", styleId=$parent{styleId}, ownerId=$session{user}{userId}, ownerView=$parent{ownerView}, ownerEdit=$parent{ownerEdit}, groupId='$parent{groupId}', groupView=$parent{groupView}, groupEdit=$parent{groupEdit}, worldView=$parent{worldView}, worldEdit=$parent{worldEdit}, metaTags=".quote($session{form}{metaTags}).", urlizedTitle='$urlizedTitle'",$session{dbh});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_cutPage {
if (WebGUI::Privilege::canEditPage() && $session{page}{pageId}!=1) {
WebGUI::SQL->write("update page set parentId=2 where pageId=".$session{page}{pageId},$session{dbh});
WebGUI::Session::refreshPageInfo($session{page}{parentId});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_deletePage {
my ($output);
if (WebGUI::Privilege::canEditPage() && $session{page}{pageId}!=1) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=3"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Please Confirm</h1>';
$output .= 'Are you certain that you wish to delete this page, its content, and all items under it?<p>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=deletePageConfirm">Yes, I\'m sure.</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.$session{page}{url}.'">No, I made a mistake.</a></div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_deletePageConfirm {
if (WebGUI::Privilege::canEditPage() && $session{page}{pageId}!=1) {
WebGUI::SQL->write("update page set parentId=3 where pageId=".$session{page}{pageId},$session{dbh});
WebGUI::Session::refreshPageInfo($session{page}{parentId});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_editPage {
my ($output, %yesNo, %hash, @array);
tie %hash, "Tie::IxHash";
if (WebGUI::Privilege::canEditPage()) {
%yesNo = ("0"=>"No", "1"=>"Yes");
$output = '<a href="'.$session{page}{url}.'?op=viewHelp&hid=2"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Edit Page</h1><form method="post" action="'.$session{page}{url}.'">';
$output .= WebGUI::Form::hidden("op","editPageSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription">Title</td><td>'.WebGUI::Form::text("title",20,30,$session{page}{title}).'</td></tr>';
$output .= '<tr><td class="formDescription">Meta Tags</td><td>'.WebGUI::Form::textArea("metaTags",$session{page}{metaTags}).'</td></tr>';
%hash = WebGUI::SQL->buildHash("select styleId,name from style where name<>'Reserved' order by name",$session{dbh});
$array[0] = $session{page}{styleId};
$output .= '<tr><td class="formDescription">Style</td><td>'.WebGUI::Form::selectList("styleId",\%hash,\@array).' '.WebGUI::Form::checkbox("recurseStyle","yes").' <span class="formSubtext">Check to give this style to all sub-pages.</span></td></tr>';
$output .= '<tr><td class="formDescription">Page URL</td><td>'.WebGUI::Form::text("urlizedTitle",20,30,$session{page}{urlizedTitle}).'</td></tr>';
%hash = WebGUI::SQL->buildHash("select user.userId,user.username from user,groupings where groupings.groupId=4 and groupings.userId=user.userId order by user.username",$session{dbh});
$array[0] = $session{page}{ownerId};
$output .= '<tr><td class="formDescription">Owner</td><td>'.WebGUI::Form::selectList("ownerId",\%hash,\@array).' '.WebGUI::Form::checkbox("recursePrivs","yes").' <span class="formSubtext">Check to give these privileges to all sub-pages.</span></td></tr>';
$array[0] = $session{page}{ownerView};
$output .= '<tr><td class="formDescription">Owner can view?</td><td>'.WebGUI::Form::selectList("ownerView",\%yesNo,\@array).'</td></tr>';
$array[0] = $session{page}{ownerEdit};
$output .= '<tr><td class="formDescription">Owner can edit?</td><td>'.WebGUI::Form::selectList("ownerEdit",\%yesNo,\@array).'</td></tr>';
%hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where groupName<>'Reserved' order by groupName",$session{dbh});
$array[0] = $session{page}{groupId};
$output .= '<tr><td class="formDescription">Group</td><td>'.WebGUI::Form::selectList("groupId",\%hash,\@array).'</td></tr>';
$array[0] = $session{page}{groupView};
$output .= '<tr><td class="formDescription">Group can view?</td><td>'.WebGUI::Form::selectList("groupView",\%yesNo,\@array).'</td></tr>';
$array[0] = $session{page}{groupEdit};
$output .= '<tr><td class="formDescription">Group can edit?</td><td>'.WebGUI::Form::selectList("groupEdit",\%yesNo,\@array).'</td></tr>';
$array[0] = $session{page}{worldView};
$output .= '<tr><td class="formDescription">Anybody can view?</td><td>'.WebGUI::Form::selectList("worldView",\%yesNo,\@array).'</td></tr>';
$array[0] = $session{page}{worldEdit};
$output .= '<tr><td class="formDescription">Anybody can Edit?</td><td>'.WebGUI::Form::selectList("worldEdit",\%yesNo,\@array).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table></form>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_editPageSave {
my (%parent, $urlizedTitle, $test);
if (WebGUI::Privilege::canEditPage()) {
$urlizedTitle = urlizeTitle($session{form}{urlizedTitle});
while (($test) = WebGUI::SQL->quickArray("select urlizedTitle from page where urlizedTitle='$urlizedTitle' and pageId<>$session{page}{pageId}",$session{dbh})) {
$urlizedTitle .= 2;
}
WebGUI::SQL->write("update page set title=".quote($session{form}{title}).", styleId=$session{form}{styleId}, ownerId=$session{form}{ownerId}, ownerView=$session{form}{ownerView}, ownerEdit=$session{form}{ownerEdit}, groupId='$session{form}{groupId}', groupView=$session{form}{groupView}, groupEdit=$session{form}{groupEdit}, worldView=$session{form}{worldView}, worldEdit=$session{form}{worldEdit}, metaTags=".quote($session{form}{metaTags}).", urlizedTitle='$urlizedTitle' where pageId=$session{page}{pageId}",$session{dbh});
if ($session{form}{recurseStyle} eq "yes") {
_recursivelyChangeStyle($session{page}{pageId});
}
if ($session{form}{recursePrivs} eq "yes") {
_recursivelyChangePrivileges($session{page}{pageId});
}
WebGUI::Session::refreshPageInfo($session{page}{pageId});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_pastePage {
my ($output);
if (WebGUI::Privilege::canEditPage()) {
WebGUI::SQL->write("update page set parentId=$session{page}{pageId} where pageId=$session{form}{pageId}",$session{dbh});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
1;

68
lib/WebGUI/Operation/Settings.pm Normal file
View file

@ -0,0 +1,68 @@
package WebGUI::Operation::Settings;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_editSettings &www_editSettingsSave);
#-------------------------------------------------------------------
sub www_editSettings {
my ($output);
if (WebGUI::Privilege::isInGroup(3)) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=12"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Edit Settings</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","editSettingsSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription" valign="top">Path to WebGUI Extras</td><td>'.WebGUI::Form::text("lib",20,255,$session{setting}{lib}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Session Timeout</td><td>'.WebGUI::Form::text("sessionTimeout",20,11,$session{setting}{sessionTimeout}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Maximum Attachment Size</td><td>'.WebGUI::Form::text("maxAttachmentSize",20,11,$session{setting}{maxAttachmentSize}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Web Attachment Path</td><td>'.WebGUI::Form::text("attachmentDirectoryWeb",20,255,$session{setting}{attachmentDirectoryWeb}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Server Attachment Path</td><td>'.WebGUI::Form::text("attachmentDirectoryLocal",20,255,$session{setting}{attachmentDirectoryLocal}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">SMTP Server</td><td>'.WebGUI::Form::text("smtpServer",20,255,$session{setting}{smtpServer}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Company Name</td><td>'.WebGUI::Form::text("companyName",20,255,$session{setting}{companyName}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Company Email Address</td><td>'.WebGUI::Form::text("companyEmail",20,255,$session{setting}{companyEmail}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Company URL</td><td>'.WebGUI::Form::text("companyURL",20,255,$session{setting}{companyURL}).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
$output .= '<hr size=1>Build Version: '.$session{wg}{version}.'<br>Release Date: '.$session{wg}{date};
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_editSettingsSave {
if (WebGUI::Privilege::isInGroup(3)) {
WebGUI::SQL->write("update settings set value=".quote($session{form}{lib})." where name='lib'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{sessionTimeout})." where name='sessionTimeout'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{maxAttachmentSize})." where name='maxAttachmentSize'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{attachmentDirectoryWeb})." where name='attachmentDirectoryWeb'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{attachmentDirectoryLocal})." where name='attachmentDirectoryLocal'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{smtpServer})." where name='smtpServer'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{companyName})." where name='companyName'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{companyEmail})." where name='companyEmail'",$session{dbh});
WebGUI::SQL->write("update settings set value=".quote($session{form}{companyURL})." where name='companyURL'",$session{dbh});
return "";
} else {
return WebGUI::Privilege::insufficient();
}
}
1;

153
lib/WebGUI/Operation/Style.pm Normal file
View file

@ -0,0 +1,153 @@
package WebGUI::Operation::Style;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_addStyle &www_addStyleSave &www_deleteStyle &www_deleteStyleConfirm &www_editStyle &www_editStyleSave &www_listStyles);
#-------------------------------------------------------------------
sub www_addStyle {
my ($output);
if (WebGUI::Privilege::isInGroup(3)) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=16"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Add Style</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","addStyleSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription" valign="top">Style Name</td><td>'.WebGUI::Form::text("name",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Header</td><td>'.WebGUI::Form::textArea("header",'',50,10,1).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Footer</td><td>'.WebGUI::Form::textArea("footer",'',50,10,1).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Style Sheet</td><td>'.WebGUI::Form::textArea("styleSheet",'<style> </style>',50,10).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_addStyleSave {
my ($output);
if (WebGUI::Privilege::isInGroup(3)) {
WebGUI::SQL->write("insert into style set styleId=".getNextId("styleId")." name=".quote($session{form}{name}).", header=".quote($session{form}{header}).", footer=".quote($session{form}{footer}).", styleSheet=".quote($session{form}{styleSheet}),$session{dbh});
$output = www_listStyles();
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_deleteStyle {
my ($output);
if (WebGUI::Privilege::isInGroup(3) && $session{form}{sid} > 25) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=4"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Please Confirm</h1>';
$output .= 'Are you certain you wish to delete this style and migrate all pages using this style to the "Fail Safe" style?<p>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=deleteStyleConfirm&sid='.$session{form}{sid}.'">Yes, I\'m sure.</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.$session{page}{url}.'?op=listStyles">No, I made a mistake.</a></div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_deleteStyleConfirm {
if (WebGUI::Privilege::isInGroup(3) && $session{form}{sid} > 25) {
WebGUI::SQL->write("delete from style where styleId=".$session{form}{sid},$session{dbh});
WebGUI::SQL->write("update page set styleId=2 where styleId=".$session{form}{sid},$session{dbh});
return www_listStyles();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_editStyle {
my ($output, %style);
if (WebGUI::Privilege::isInGroup(3)) {
%style = WebGUI::SQL->quickHash("select * from style where styleId=$session{form}{sid}",$session{dbh});
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=11"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Edit Style</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","editStyleSave");
$output .= WebGUI::Form::hidden("sid",$session{form}{sid});
$output .= '<table>';
$output .= '<tr><td class="formDescription" valign="top">Style Name</td><td>'.WebGUI::Form::text("name",20,30,$style{name}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Header</td><td>'.WebGUI::Form::textArea("header",$style{header},50,10,1).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Footer</td><td>'.WebGUI::Form::textArea("footer",$style{footer},50,10,1).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Style Sheet</td><td>'.WebGUI::Form::textArea("styleSheet",$style{styleSheet},50,10).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_editStyleSave {
if (WebGUI::Privilege::isInGroup(3)) {
WebGUI::SQL->write("update style set name=".quote($session{form}{name}).", header=".quote($session{form}{header}).", footer=".quote($session{form}{footer}).", styleSheet=".quote($session{form}{styleSheet})." where styleId=".$session{form}{sid},$session{dbh});
return www_listStyles();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_listStyles {
my ($output, $sth, @data, $totalItems, $currentPage, $itemsPerPage);
if (WebGUI::Privilege::isInGroup(3)) {
$itemsPerPage = 50;
if ($session{form}{pageNumber} < 1) {
$currentPage = 1;
} else {
$currentPage = $session{form}{pageNumber};
}
($totalItems) = WebGUI::SQL->quickArray("select count(*) from style where name<>'Reserved'",$session{dbh});
$output = '<a href="'.$session{page}{url}.'?op=viewHelp&hid=9"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Styles</h1>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=addStyle">Add a new style.</a></div>';
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
$sth = WebGUI::SQL->read("select styleId,name from style where name<>'Reserved' order by name limit ".(($currentPage*$itemsPerPage)-$itemsPerPage).",".$itemsPerPage,$session{dbh});
while (@data = $sth->array) {
$output .= '<tr><td valign="top"><a href="'.$session{page}{url}.'?op=deleteStyle&sid='.$data[0].'"><img src="'.$session{setting}{lib}.'/delete.gif" border=0></a><a href="'.$session{page}{url}.'?op=editStyle&sid='.$data[0].'"><img src="'.$session{setting}{lib}.'/edit.gif" border=0></a></td>';
$output .= '<td valign="top">'.$data[1].'</td>';
}
$output .= '</table><div class="pagination">';
if ($currentPage > 1) {
$output .= '<a href="'.$session{page}{url}.'?op=listGroups&pageNumber='.($currentPage-1).'">&laquo;Previous Page</a>';
} else {
$output .= '&laquo;Previous Page';
}
$output .= ' &middot; ';
if ($currentPage < round($totalItems/$itemsPerPage)) {
$output .= '<a href="'.$session{page}{url}.'?op=listGroups&pageNumber='.($currentPage+1).'">Next Page&raquo;</a>';
} else {
$output .= 'Next Page&raquo;';
}
$output .= '</div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
1;

179
lib/WebGUI/Operation/User.pm Normal file
View file

@ -0,0 +1,179 @@
package WebGUI::Operation::User;
#-------------------------------------------------------------------
# WebGUI is Copyright 2001 Plain Black Software.
#-------------------------------------------------------------------
# Please read the legal notices (docs/legal.txt) and the license
# (docs/license.txt) that came with this distribution before using
# this software.
#-------------------------------------------------------------------
# http://www.plainblack.com info@plainblack.com
#-------------------------------------------------------------------
use Digest::MD5 qw(md5_base64);
use Exporter;
use strict;
use WebGUI::Form;
use WebGUI::Operation::Help;
use WebGUI::Operation::Page;
use WebGUI::Privilege;
use WebGUI::Session;
use WebGUI::SQL;
use WebGUI::Utility;
our @ISA = qw(Exporter);
our @EXPORT = qw(&www_addUser &www_addUserSave &www_deleteUser &www_deleteUserConfirm &www_editUser &www_editUserSave &www_listUsers);
#-------------------------------------------------------------------
sub www_addUser {
my ($output, %hash);
if (WebGUI::Privilege::isInGroup(3)) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=5"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Add User</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","addUserSave");
$output .= '<table>';
$output .= '<tr><td class="formDescription">Username</td><td>'.WebGUI::Form::text("username",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription">Password</td><td>'.WebGUI::Form::password("identifier",20,30).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">Email address</td><td>'.WebGUI::Form::text("email",20,255).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top"><a href="http://www.icq.com">ICQ</a> UIN</td><td>'.WebGUI::Form::text("icq",20,30).'</td></tr>';
%hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where groupName<>'Reserved' order by groupName",$session{dbh});
$output .= '<tr><td class="formDescription" valign="top">Groups</td><td>'.WebGUI::Form::selectList("groups",\%hash,'',5,1).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_addUserSave {
my ($output, @groups, $uid, $gid, $encryptedPassword, $passwordStatement);
if (WebGUI::Privilege::isInGroup(3)) {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
$passwordStatement = ', identifier='.quote($encryptedPassword);
$uid = getNextId("userId");
WebGUI::SQL->write("insert into user set userId=$uid, username=".quote($session{form}{username}).$passwordStatement.", email=".quote($session{form}{email}).", icq=".quote($session{form}{icq}),$session{dbh});
@groups = $session{cgi}->param('groups');
foreach $gid (@groups) {
WebGUI::SQL->write("insert into groupings set groupId=$gid, userId=$uid",$session{dbh});
}
$output = www_listUsers();
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_deleteUser {
my ($output);
if (WebGUI::Privilege::isInGroup(3) && $session{form}{uid} > 25) {
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=7"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Please Confirm</h1>';
$output .= 'Are you certain you want to delete this user? Be warned that all this user\'s information will be lost permanently if you choose to proceed.<p>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=deleteUserConfirm&uid='.$session{form}{uid}.'">Yes, I\'m sure.</a>';
$output .= '&nbsp;&nbsp;&nbsp;&nbsp;<a href="'.$session{page}{url}.'?op=listUsers">No, I made a mistake.</a></div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_deleteUserConfirm {
if (WebGUI::Privilege::isInGroup(3) && $session{form}{uid} > 25) {
WebGUI::SQL->write("delete from user where userId=$session{form}{uid}",$session{dbh});
WebGUI::SQL->write("delete from groupings where userId=$session{form}{uid}",$session{dbh});
return www_listUsers();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_editUser {
my ($output, %user, %hash, @array);
if (WebGUI::Privilege::isInGroup(3)) {
%user = WebGUI::SQL->quickHash("select * from user where userId=$session{form}{uid}",$session{dbh});
$output .= '<a href="'.$session{page}{url}.'?op=viewHelp&hid=6"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Edit User</h1> <form method="post" action="'.$session{page}{url}.'"> ';
$output .= WebGUI::Form::hidden("op","editUserSave");
$output .= WebGUI::Form::hidden("uid",$session{form}{uid});
$output .= '<table>';
$output .= '<tr><td class="formDescription">username</td><td>'.WebGUI::Form::text("username",20,30,$user{username}).'</td></tr>';
$output .= '<tr><td class="formDescription">password</td><td>'.WebGUI::Form::password("identifier",20,30,"password").'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top">email address</td><td>'.WebGUI::Form::text("email",20,255,$user{email}).'</td></tr>';
$output .= '<tr><td class="formDescription" valign="top"><a href="http://www.icq.com">ICQ</a> UIN</td><td>'.WebGUI::Form::text("icq",20,30,$user{icq}).'</td></tr>';
%hash = WebGUI::SQL->buildHash("select groupId,groupName from groups where groupName<>'Reserved' order by groupName",$session{dbh});
@array = WebGUI::SQL->buildArray("select groupId from groupings where userId=$session{form}{uid}",$session{dbh});
$output .= '<tr><td class="formDescription" valign="top">Groups</td><td>'.WebGUI::Form::selectList("groups",\%hash,\@array,5,1).'</td></tr>';
$output .= '<tr><td></td><td>'.WebGUI::Form::submit("save").'</td></tr>';
$output .= '</table>';
$output .= '</form> ';
} else {
$output = WebGUI::Privilege::insufficient();
}
return $output;
}
#-------------------------------------------------------------------
sub www_editUserSave {
my (@groups, $error, $gid, $encryptedPassword, $passwordStatement);
if (WebGUI::Privilege::isInGroup(3)) {
if ($session{form}{identifier} ne "password") {
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier});
$passwordStatement = ', identifier='.quote($encryptedPassword);
}
$encryptedPassword = Digest::MD5::md5_base64($session{form}{identifier1});
WebGUI::SQL->write("update user set username=".quote($session{form}{username}).$passwordStatement.", email=".quote($session{form}{email}).", icq=".quote($session{form}{icq})." where userId=".$session{form}{uid},$session{dbh});
WebGUI::SQL->write("delete from groupings where userId=$session{form}{uid}",$session{dbh});
@groups = $session{cgi}->param('groups');
foreach $gid (@groups) {
WebGUI::SQL->write("insert into groupings set groupId=$gid, userId=$session{form}{uid}",$session{dbh});
}
return www_listUsers();
} else {
return WebGUI::Privilege::insufficient();
}
}
#-------------------------------------------------------------------
sub www_listUsers {
my ($output, $sth, @data, $totalItems, $currentPage, $itemsPerPage);
if (WebGUI::Privilege::isInGroup(3)) {
$itemsPerPage = 50;
if ($session{form}{pageNumber} < 1) {
$currentPage = 1;
} else {
$currentPage = $session{form}{pageNumber};
}
($totalItems) = WebGUI::SQL->quickArray("select count(*) from user where username<>'Reserved'",$session{dbh});
$output = '<a href="'.$session{page}{url}.'?op=viewHelp&hid=8"><img src="'.$session{setting}{lib}.'/help.gif" border="0" align="right"></a><h1>Users</h1>';
$output .= '<div align="center"><a href="'.$session{page}{url}.'?op=addUser">Add a new user.</a></div>';
$output .= '<table border=1 cellpadding=5 cellspacing=0 align="center">';
$sth = WebGUI::SQL->read("select userId,username,email from user where username<>'Reserved' order by username limit ".(($currentPage*$itemsPerPage)-$itemsPerPage).",".$itemsPerPage,$session{dbh});
while (@data = $sth->array) {
$output .= '<tr><td><a href="'.$session{page}{url}.'?op=deleteUser&uid='.$data[0].'"><img src="'.$session{setting}{lib}.'/delete.gif" border=0></a><a href="'.$session{page}{url}.'?op=editUser&uid='.$data[0].'"><img src="'.$session{setting}{lib}.'/edit.gif" border=0></a></td>';
$output .= '<td><a href="'.$session{page}{url}.'?op=viewUserProfile&uid='.$data[0].'">'.$data[1].'</a></td>';
$output .= '<td><a href="mailto:'.$data[2].'">'.$data[2].'</a></td></tr>';
}
$output .= '</table><div class="pagination">';
if ($currentPage > 1) {
$output .= '<a href="'.$session{page}{url}.'?op=listUsers&pageNumber='.($currentPage-1).'">&laquo;Previous Page</a>';
} else {
$output .= '&laquo;Previous Page';
}
$output .= ' &middot; ';
if ($currentPage < round($totalItems/$itemsPerPage)) {
$output .= '<a href="'.$session{page}{url}.'?op=listUsers&pageNumber='.($currentPage+1).'">Next Page&raquo;</a>';
} else {
$output .= 'Next Page&raquo;';
}
$output .= '</div>';
return $output;
} else {
return WebGUI::Privilege::insufficient();
}
}
1;