tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-26 03:09:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added support to add and remove users to groups, plus lots of error handling

Browse Source
This commit is contained in:
Andre Lorbach 2008-07-16 16:23:10 +02:00
parent 251b00ea30
commit d9396f9b50
7 changed files with 460 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

239
src/admin/groups.php
View File

@ -71,11 +71,143 @@ if ( isset($_GET['op']) )
$content['groupname'] = "";
$content['groupdescription'] = "";
}
else if ($_GET['op'] == "adduser" && isset($_GET['id']) )
{
//PreInit these values
$content['GROUPID'] = intval( DB_RemoveBadChars($_GET['id']) );
// Set Mode to add
$content['ISADDUSER'] = "true";
$content['GROUP_FORMACTION'] = "adduser";
$content['GROUP_SENDBUTTON'] = $content['LN_GROUP_ADDUSER'];
// --- Get Groupname
$sqlquery = "SELECT " .
DB_GROUPS . ".groupname " .
" FROM " . DB_GROUPS .
" WHERE " . DB_GROUPS . ".id = " . $content['GROUPID'];
$result = DB_Query($sqlquery);
$tmparray = DB_GetSingleRow($result, true);
if ( isset($tmparray) )
{
// Copy Groupname
$content['GROUPNAME'] = $tmparray['groupname'];
// --- Get Group Members
$sqlquery = "SELECT " .
DB_GROUPMEMBERS. ".userid " .
" FROM " . DB_GROUPMEMBERS .
" WHERE " . DB_GROUPMEMBERS . ".groupid = " . $content['GROUPID'];
$result = DB_Query($sqlquery);
$tmparray = DB_GetAllRows($result, true);
if ( count($tmparray) > 0 )
{
// Add UserID's to where clause!
foreach ($tmparray as $datarow)
{
if ( isset($whereclause) )
$whereclause .= ", " . $datarow['userid'];
else
$whereclause = " WHERE " . DB_USERS . ".id NOT IN (" . $datarow['userid'];
}
// Finish whereclause
$whereclause .= ") ";
}
else
$whereclause = "";
// ---
// --- Create LIST of Users which are available for selection
$sqlquery = "SELECT " .
DB_USERS. ".ID as userid, " .
DB_USERS. ".username " .
" FROM " . DB_USERS .
" LEFT OUTER JOIN (" . DB_GROUPMEMBERS .
") ON (" .
DB_GROUPMEMBERS . ".userid=" . DB_USERS . ".ID) " .
$whereclause .
" ORDER BY " . DB_USERS . ".username";
$result = DB_Query($sqlquery);
$content['SUBUSERS'] = DB_GetAllRows($result, true);
if ( count($content['SUBUSERS']) <= 0 )
{
// Disable FORM:
$content['ISADDUSER'] = false;
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERRORNOMOREUSERS'], $content['GROUPNAME'] );
}
}
else
{
// Disable FORM:
$content['ISADDUSER'] = false;
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERROR_IDNOTFOUND'], $content['GROUPID'] );
}
// ---
}
else if ($_GET['op'] == "removeuser" && isset($_GET['id']) )
{
//PreInit these values
$content['GROUPID'] = intval( DB_RemoveBadChars($_GET['id']) );
// Set Mode to add
$content['ISREMOVEUSER'] = "true";
$content['GROUP_FORMACTION'] = "removeuser";
$content['GROUP_SENDBUTTON'] = $content['LN_GROUP_USERDELETE'];
// --- Get Groupname
$sqlquery = "SELECT " .
DB_GROUPS . ".groupname " .
" FROM " . DB_GROUPS .
" WHERE " . DB_GROUPS . ".id = " . $content['GROUPID'];
$result = DB_Query($sqlquery);
$tmparray = DB_GetSingleRow($result, true);
if ( isset($tmparray) )
{
// Copy Groupname
$content['GROUPNAME'] = $tmparray['groupname'];
// --- Get Group Members
$sqlquery = "SELECT " .
DB_GROUPMEMBERS. ".userid, " .
DB_USERS. ".username " .
" FROM " . DB_GROUPMEMBERS .
" INNER JOIN (" . DB_USERS .
") ON (" .
DB_GROUPMEMBERS . ".userid=" . DB_USERS . ".ID) " .
" WHERE " . DB_GROUPMEMBERS . ".groupid = " . $content['GROUPID'];
$result = DB_Query($sqlquery);
$content['SUBRMUSERS'] = DB_GetAllRows($result, true);
if ( count($content['SUBRMUSERS']) <= 0 )
{
// Disable FORM:
$content['ISREMOVEUSER'] = false;
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERRORNOUSERSINGROUP'], $content['GROUPNAME'] );
}
}
else
{
// Disable FORM:
$content['ISREMOVEUSER'] = false;
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERROR_IDNOTFOUND'], $content['GROUPID'] );
}
}
else if ($_GET['op'] == "edit")
{
// Set Mode to edit
$content['ISEDITORNEWGROUP'] = "true";
$content['GROUP_FORMACTION'] = "edituser";
$content['GROUP_FORMACTION'] = "editgroup";
$content['GROUP_SENDBUTTON'] = $content['LN_GROUP_EDIT'];
if ( isset($_GET['id']) )
@ -154,14 +286,14 @@ if ( isset($_GET['op']) )
$content['ERROR_MSG'] = $content['LN_GROUP_ERROR_INVALIDGROUP'];
}
}
}
if ( isset($_POST['op']) )
{
if ( isset ($_POST['id']) ) { $content['GROUPID'] = DB_RemoveBadChars($_POST['id']); } else {$content['GROUPID'] = ""; }
if ( isset ($_POST['id']) ) { $content['GROUPID'] = intval( DB_RemoveBadChars($_POST['id']) ); } else {$content['GROUPID'] = ""; }
if ( isset ($_POST['groupname']) ) { $content['groupname'] = DB_RemoveBadChars($_POST['groupname']); } else {$content['groupname'] = ""; }
if ( isset ($_POST['groupdescription']) ) { $content['groupdescription'] = DB_RemoveBadChars($_POST['groupdescription']); } else {$content['groupdescription'] = ""; }
// Check mandotary values
if ( $content['groupname'] == "" )
{
@ -193,7 +325,7 @@ if ( isset($_GET['op']) )
RedirectResult( GetAndReplaceLangStr( $content['LN_GROUP_HASBEENADDED'], $content['groupname'] ) , "groups.php" );
}
}
else if ( $_POST['op'] == "edituser" )
else if ( $_POST['op'] == "editgroup" )
{
$result = DB_Query("SELECT ID FROM " . DB_GROUPS . " WHERE ID = " . $content['GROUPID']);
$myrow = DB_GetSingleRow($result, true);
@ -215,15 +347,84 @@ if ( isset($_GET['op']) )
RedirectResult( GetAndReplaceLangStr( $content['LN_GROUP_ERROR_HASBEENEDIT'], $content['groupname']) , "groups.php" );
}
}
else if ( $_POST['op'] == "adduser" )
{
if ( isset($_POST['userid']) )
{
// Copy UserID
$content['USERID'] = intval( DB_RemoveBadChars($_POST['userid']) );
$result = DB_Query("SELECT username FROM " . DB_USERS . " WHERE id = " . $content['USERID']);
$myrow = DB_GetSingleRow($result, true);
if ( isset($myrow['username']) )
{
// Add Groupmembership now!
$result = DB_Query("INSERT INTO " . DB_GROUPMEMBERS . " (groupid, userid, is_member)
VALUES ( " . $content['GROUPID'] . ",
" . $content['USERID'] . ",
1 )");
DB_FreeQuery($result);
// Do the final redirect
RedirectResult( GetAndReplaceLangStr( $content['LN_GROUP_USERHASBEENADDEDGROUP'], $myrow['username'], $content['groupname'] ) , "groups.php" );
}
else
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_USER_ERROR_IDNOTFOUND'], $content['USERID'] );
}
}
else
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = $content['LN_GROUP_ERROR_USERIDMISSING'];
}
}
else if ( $_POST['op'] == "removeuser" )
{
if ( isset($_POST['userid']) )
{
// Copy UserID
$content['USERID'] = intval( DB_RemoveBadChars($_POST['userid']) );
$result = DB_Query("SELECT username FROM " . DB_USERS . " WHERE id = " . $content['USERID']);
$myrow = DB_GetSingleRow($result, true);
if ( isset($myrow['username']) )
{
// remove user from group
$result = DB_Query( "DELETE FROM " . DB_GROUPMEMBERS . " WHERE userid = " . $content['USERID'] . " AND groupid = " . $content['GROUPID']);
if ($result == FALSE)
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_GROUP_ERROR_REMUSERFROMGROUP'], $myrow['username'], $content['groupname'] );
}
else
DB_FreeQuery($result);
// Do the final redirect
RedirectResult( GetAndReplaceLangStr( $content['LN_GROUP_USERHASBEENREMOVED'], $myrow['username'], $content['groupname'] ) , "groups.php" );
}
else
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = GetAndReplaceLangStr( $content['LN_USER_ERROR_IDNOTFOUND'], $content['USERID'] );
}
}
else
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = $content['LN_GROUP_ERROR_USERIDMISSING'];
}
}
}
}
if ( !isset($_POST['op']) && !isset($_GET['op']) )
{
// Default Mode = List Groups
$content['LISTGROUPS'] = "true";
// Read all Serverentries
// Read all Groupentries
$sqlquery = "SELECT ID, " .
" groupname, " .
" groupdescription " .
@ -243,6 +444,34 @@ else
else
$content['GROUPS'][$i]['cssclass'] = "line2";
// ---
// --- Read all Memberentries for this group
$sqlquery = "SELECT " .
DB_USERS. ".username, " .
DB_GROUPMEMBERS . ".userid, " .
DB_GROUPMEMBERS . ".groupid, " .
DB_GROUPMEMBERS . ".is_member " .
" FROM " . DB_GROUPMEMBERS .
" INNER JOIN (" . DB_USERS .
") ON (" .
DB_GROUPMEMBERS . ".userid=" . DB_USERS . ".ID) " .
" WHERE " . DB_GROUPMEMBERS . ".groupid = " . $content['GROUPS'][$i]['ID'] .
" ORDER BY " . DB_USERS . ".username";
$result = DB_Query($sqlquery);
$content['GROUPS'][$i]['USERS'] = DB_GetAllRows($result, true);
if ( count($content['GROUPS'][$i]['USERS']) > 0 )
{
// Enable Groupmembers
$content['GROUPS'][$i]['GROUPMEMBERS'] = true;
// Process Groups
$subUserCount = count($content['GROUPS'][$i]['USERS']);
for($j = 0; $j < $subUserCount; $j++)
$content['GROUPS'][$i]['USERS'][$j]['seperator'] = ", ";
$content['GROUPS'][$i]['USERS'][$subUserCount-1]['seperator'] = ""; // last one is empty
}
// ---
}
// ---
}

7
src/admin/users.php
View File

@ -168,7 +168,7 @@ if ( isset($_GET['op']) )
if ( !isset($_SESSION['SESSION_USERNAME']) )
{
$content['ISERROR'] = true;
$content['ERROR_MSG'] = $content['LN_USER_ERROR_WTFOMFGGG'];
$content['ERROR_MSG'] = $content['LN_USER_ERROR_INVALIDSESSIONS'];
}
else
{
@ -219,6 +219,7 @@ if ( isset($_GET['op']) )
$content['ERROR_MSG'] = $content['LN_USER_ERROR_INVALIDID'];
}
}
}
if ( isset($_POST['op']) )
{
@ -326,8 +327,8 @@ if ( isset($_GET['op']) )
}
}
}
}
else
if ( !isset($_POST['op']) && !isset($_GET['op']) )
{
// Default Mode = List Users
$content['LISTUSERS'] = "true";

BIN
src/images/icons/businessman_delete.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 872 B

9
src/include/functions_common.php
View File

@ -478,6 +478,7 @@ function InitFrontEndVariables()
$content['MENU_DOCUMENTVIEW'] = $content['BASEPATH'] . "images/icons/document_view.png";
$content['MENU_DATAEDIT'] = $content['BASEPATH'] . "images/icons/data_edit.png";
$content['MENU_ADDUSER'] = $content['BASEPATH'] . "images/icons/businessman_add.png";
$content['MENU_DELUSER'] = $content['BASEPATH'] . "images/icons/businessman_delete.png";
$content['MENU_ADD'] = $content['BASEPATH'] . "images/icons/add.png";
$content['MENU_EDIT'] = $content['BASEPATH'] . "images/icons/edit.png";
$content['MENU_DELETE'] = $content['BASEPATH'] . "images/icons/delete.png";
@ -509,13 +510,13 @@ function GetAndReplaceLangStr( $strlang, $param1 = "", $param2 = "", $param3 = "
{
$strfinal = str_replace ( "%1", $param1, $strlang );
if ( strlen($param2) > 0 )
$strfinal = str_replace ( "%1", $param2, $strfinal );
$strfinal = str_replace ( "%2", $param2, $strfinal );
if ( strlen($param3) > 0 )
$strfinal = str_replace ( "%1", $param3, $strfinal );
$strfinal = str_replace ( "%3", $param3, $strfinal );
if ( strlen($param4) > 0 )
$strfinal = str_replace ( "%1", $param4, $strfinal );
$strfinal = str_replace ( "%4", $param4, $strfinal );
if ( strlen($param5) > 0 )
$strfinal = str_replace ( "%1", $param5, $strfinal );
$strfinal = str_replace ( "%5", $param5, $strfinal );
// And return
return $strfinal;

15
src/lang/en/admin.php
View File

@ -52,7 +52,6 @@ $content['LN_USER_DELETE'] = "Delete User";
$content['LN_USER_PASSWORD1'] = "Password";
$content['LN_USER_PASSWORD2'] = "Confirm Password";
$content['LN_USER_ERROR_IDNOTFOUND'] = "Error, User with ID '%1' , was not found";
$content['LN_USER_ERROR_WTFOMFGGG'] = "Error, erm wtf you don't have a username omfg pls mowl?";
$content['LN_USER_ERROR_DONOTDELURSLF'] = "Error, you can not DELETE YOURSELF!";
$content['LN_USER_ERROR_DELUSER'] = "Deleting of the user with id '%1' failed!";
$content['LN_USER_ERROR_INVALIDID'] = "Error, invalid ID, User not found";
@ -66,9 +65,11 @@ $content['LN_USER_ISADMIN'] = "Is Admin?";
$content['LN_USER_ADDEDIT'] = "Add/Edit User";
$content['LN_USER_WARNREMOVEADMIN'] = "You are about to revoke your own administrative priviledges. Are you sure to remove your admin status?";
$content['LN_USER_WARNDELETEUSER'] = "Are you sure that you want to delete the User '%1'? All his personal settings will be deleted as well.";
$content['LN_USER_ERROR_INVALIDSESSIONS'] = "Invalid User Session.";
$content['LN_USER_'] = "";
// Group center
$content['LN_GROUP_CENTER'] = "Group Center";
$content['LN_GROUP_ID'] = "ID";
$content['LN_GROUP_NAME'] = "Groupname";
$content['LN_GROUP_DESCRIPTION'] = "Groupdescription";
@ -87,8 +88,16 @@ $content['LN_GROUP_ERROR_INVALIDGROUP'] = "Error, invalid ID, Group not found";
$content['LN_GROUP_WARNDELETEGROUP'] = "Are you sure that you want to delete the Group '%1'? All Groupsettings will be deleted as well.";
$content['LN_GROUP_ERROR_DELGROUP'] = "Deleting of the group with id '%1' failed!";
$content['LN_GROUP_ERROR_HASBEENDEL'] = "The Group '%1' has been successfully DELETED!";
$content['LN_GROUP_'] = "";
$content['LN_GROUP_'] = "";
$content['LN_GROUP_MEMBERS'] = "Groupmembers: ";
$content['LN_GROUP_ADDUSER'] = "Add User to Group";
$content['LN_GROUP_ERROR_USERIDMISSING'] = "The userid is missing.";
$content['LN_GROUP_USERHASBEENADDEDGROUP'] = "The User '%1' has been successfully added to group '%2'";
$content['LN_GROUP_ERRORNOMOREUSERS'] = "There are no more available users who can be added to the group '%1'";
$content['LN_GROUP_USER_ADD'] = "Add User to the group";
$content['LN_GROUP_USERDELETE'] = "Remove a User from the group";
$content['LN_GROUP_ERRORNOUSERSINGROUP'] = "There are no users to remove in this the group '%1'";
$content['LN_GROUP_ERROR_REMUSERFROMGROUP'] = "The user '%1' could not be removed from the group '%2'";
$content['LN_GROUP_USERHASBEENREMOVED'] = "The user '%1' has been successfully removed from the group '%2'";
$content['LN_GROUP_'] = "";
?>

90
src/templates/admin/admin_groups.html
View File

@ -1,17 +1,19 @@
<!-- INCLUDE include_header.html -->
<table width="100%" cellpadding="0" cellspacing="0" border="0" align="center" class="with_border">
<tr>
<td colspan="3" class="title" nowrap><B>{LN_GROUP_CENTER}</B></td>
</tr>
<tr>
<td align="center" class="line2">
<!-- IF ISERROR="true" -->
<br><br>
<center>
<h3><font color="red">{ERROR_MSG}</font></h3>
</center>
<!-- ENDIF ISERROR="true" -->
<table width="100%" cellpadding="0" cellspacing="0" border="0" align="center" class="with_border">
<tr>
<td colspan="3" class="title" nowrap><B>{LN_USER_CENTER}</B></td>
</tr>
<tr>
<td align="center" class="line2">
<br><br>
<!-- IF LISTGROUPS="true" -->
@ -33,11 +35,25 @@
<td align="center" class="{cssclass}"><a href="{BASEPATH}admin/groups.php?op=edit&id={ID}">{groupname}</a></td>
<td align="center" class="{cssclass}">{groupdescription}</td>
<td align="center" class="{cssclass}">
&nbsp;<a href="{BASEPATH}admin/groups.php?op=adduser&id={ID}"><img src="{MENU_ADDUSER}" width="16" title="{LN_USER_ADD}"></a>
&nbsp;<a href="{BASEPATH}admin/groups.php?op=adduser&id={ID}"><img src="{MENU_ADDUSER}" width="16" title="{LN_GROUP_USER_ADD}"></a>
&nbsp;<a href="{BASEPATH}admin/groups.php?op=removeuser&id={ID}"><img src="{MENU_DELUSER}" width="16" title="{LN_GROUP_USERDELETE}"></a>
&nbsp;<a href="{BASEPATH}admin/groups.php?op=edit&id={ID}"><img src="{MENU_EDIT}" width="16" title="{LN_GROUP_EDIT}"></a>
&nbsp;<a href="{BASEPATH}admin/groups.php?op=delete&id={ID}"><img src="{MENU_DELETE}" width="16" title="{LN_GROUP_DELETE}"></a>
</td>
</tr>
<!-- IF GROUPMEMBERS="true" -->
<tr>
<td align="center" colspan="2" class="cellmenu2">{LN_GROUP_MEMBERS}</td>
<td align="left" colspan="2" class="line0">
<!-- BEGIN USERS -->
<img src="{MENU_ADMINUSERS}" width="16">
<a href="{BASEPATH}admin/users.php?op=edit&id={userid}">{username}</a><b>{seperator}</b>
<!-- END USERS -->
</td>
</tr>
<!-- ENDIF GROUPMEMBERS="true" -->
<!-- END GROUPS -->
<tr>
<td align="center" colspan="4" class="line0"><b><a href="{BASEPATH}admin/groups.php?op=add"><img src="{MENU_ADD}" title="{LN_GROUP_ADD}">&nbsp;{LN_GROUP_ADD}</a></b></td>
@ -46,7 +62,7 @@
<!-- ENDIF LISTGROUPS="true" -->
<!-- IF ISEDITORNEWGROUP="true" -->
<form action="" method="post">
<form action="{BASEPATH}admin/groups.php" method="post">
<table border="0" cellpadding="1" cellspacing="1" bgcolor="#DDDDDD" width="600" class="with_border_alternate">
<tr>
<td align="center" class="cellmenu1" colspan="2"><b>{LN_GROUP_ADDEDIT}</b></td>
@ -69,6 +85,64 @@
</form>
<!-- ENDIF ISEDITORNEWGROUP="true" -->
<!-- IF ISADDUSER="true" -->
<form action="{BASEPATH}admin/groups.php" method="post">
<input type="hidden" name="id" value="{GROUPID}">
<input type="hidden" name="groupname" value="{GROUPNAME}">
<input type="hidden" name="op" value="adduser">
<table border="0" cellpadding="1" cellspacing="1" bgcolor="#DDDDDD" width="600" class="with_border_alternate">
<tr>
<td align="center" class="cellmenu1" colspan="2"><b>{LN_GROUP_ADDUSER}: '{GROUPNAME}'</b></td>
<tr>
<td align="left" class="cellmenu2" width="150" nowrap><b>{LN_USER_NAME}</b></td>
<td align="right" class="line0" width="100%">
<select name="userid" size="1" STYLE="width: 190px">
<!-- BEGIN SUBUSERS -->
<option value="{userid}">{username}</option>
<!-- END SUBUSERS -->
</select>
</td>
</tr>
<tr>
<td align="center" colspan="2">
<input type="submit" value="{GROUP_SENDBUTTON}">
<input type="hidden" name="op" value="{GROUP_FORMACTION}">
<input type="hidden" name="id" value="{GROUPID}">
</td>
</tr>
</table>
</form>
<!-- ENDIF ISADDUSER="true" -->
<!-- IF ISREMOVEUSER="true" -->
<form action="{BASEPATH}admin/groups.php" method="post">
<input type="hidden" name="id" value="{GROUPID}">
<input type="hidden" name="groupname" value="{GROUPNAME}">
<input type="hidden" name="op" value="removeuser">
<table border="0" cellpadding="1" cellspacing="1" bgcolor="#DDDDDD" width="600" class="with_border_alternate">
<tr>
<td align="center" class="cellmenu1" colspan="2"><b>{LN_GROUP_USERDELETE}: '{GROUPNAME}'</b></td>
<tr>
<td align="left" class="cellmenu2" width="150" nowrap><b>{LN_USER_NAME}</b></td>
<td align="right" class="line0" width="100%">
<select name="userid" size="1" STYLE="width: 190px">
<!-- BEGIN SUBRMUSERS -->
<option value="{userid}">{username}</option>
<!-- END SUBRMUSERS -->
</select>
</td>
</tr>
<tr>
<td align="center" colspan="2">
<input type="submit" value="{GROUP_SENDBUTTON}">
<input type="hidden" name="op" value="{GROUP_FORMACTION}">
<input type="hidden" name="id" value="{GROUPID}">
</td>
</tr>
</table>
</form>
<!-- ENDIF ISREMOVEUSER="true" -->
<br><br>
</td>

2
src/templates/admin/admin_users.html
View File

@ -40,7 +40,7 @@
<!-- ENDIF LISTUSERS="true" -->
<!-- IF ISEDITORNEWUSER="true" -->
<form action="" method="post">
<form action="{BASEPATH}admin/users.php" method="post">
<table border="0" cellpadding="1" cellspacing="1" bgcolor="#DDDDDD" width="600" class="with_border_alternate">
<tr>
<td align="center" class="cellmenu1" colspan="2"><b>{LN_USER_ADDEDIT}</b></td>