From 689975f262bb9885702bc1663d38be46557f9f11 Mon Sep 17 00:00:00 2001 From: halworsen Date: Sat, 11 Nov 2017 20:37:04 +0100 Subject: [PATCH] Admins can add new users to usergroup system new users meaning users who aren't in the usergroup system for the website yet. also spicier no access messages --- src/pvv/admin/usermanager.php | 13 +++---------- www/admin/aktiviteter/delete.php | 2 +- www/admin/aktiviteter/edit.php | 2 +- www/admin/aktiviteter/index.php | 2 +- www/admin/aktiviteter/update.php | 2 +- www/admin/brukere/index.php | 10 +++++++++- www/admin/brukere/update.php | 23 ++++++++++++++++------- www/admin/index.php | 2 +- www/admin/prosjekter/delete.php | 2 +- www/admin/prosjekter/edit.php | 2 +- www/admin/prosjekter/index.php | 2 +- www/admin/prosjekter/update.php | 2 +- 12 files changed, 37 insertions(+), 27 deletions(-) diff --git a/src/pvv/admin/usermanager.php b/src/pvv/admin/usermanager.php index b9f97f2..0daeb4e 100644 --- a/src/pvv/admin/usermanager.php +++ b/src/pvv/admin/usermanager.php @@ -16,7 +16,7 @@ class UserManager{ $this->pdo = $pdo; } - public function setupUser($uname, $groups){ + public function setupUser($uname, $groups=0){ $query = 'INSERT INTO users (uname, groups) VALUES (:uname, :groups)'; $statement = $this->pdo->prepare($query); $statement->bindParam(':uname', $uname, PDO::PARAM_STR); @@ -37,8 +37,6 @@ class UserManager{ if($userFlags){ $newFlags = ($group | $userFlags); $this->updateFlags($uname, $newFlags); - }else{ - $this->setupUser($uname, $group); } } @@ -56,8 +54,9 @@ class UserManager{ $statement = $this->pdo->prepare($query); $statement->bindParam(':uname', $uname, PDO::PARAM_STR); $statement->execute(); + $row = $statement->fetch(); - if($statement->fetch()){ + if($row){ $query = 'UPDATE users set groups=:groups WHERE uname=:uname'; $statement = $this->pdo->prepare($query); $statement->bindParam(':groups', $groups, PDO::PARAM_INT); @@ -70,9 +69,6 @@ class UserManager{ public function hasGroup($uname, $groupName){ $userFlags = $this->getUsergroups($uname); - if(!$userFlags){ - $this->setupUser($uname); - } return ($userFlags & $this->usergroups[$groupName]); } @@ -107,9 +103,6 @@ class UserManager{ $usersGroups = []; $userFlags = $this->getUsergroups($uname); - if(!$userFlags){ - $this->setupUser($uname); - } foreach($this->usergroups as $name => $flag){ if($userFlags & $flag){ diff --git a/www/admin/aktiviteter/delete.php b/www/admin/aktiviteter/delete.php index f56cf37..300360d 100644 --- a/www/admin/aktiviteter/delete.php +++ b/www/admin/aktiviteter/delete.php @@ -12,7 +12,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'aktiviteter')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/aktiviteter/edit.php b/www/admin/aktiviteter/edit.php index 807d6ad..948b74f 100644 --- a/www/admin/aktiviteter/edit.php +++ b/www/admin/aktiviteter/edit.php @@ -16,7 +16,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'aktiviteter')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/aktiviteter/index.php b/www/admin/aktiviteter/index.php index 4597876..141ad86 100644 --- a/www/admin/aktiviteter/index.php +++ b/www/admin/aktiviteter/index.php @@ -16,7 +16,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'aktiviteter')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/aktiviteter/update.php b/www/admin/aktiviteter/update.php index 1df3a11..750e3c3 100644 --- a/www/admin/aktiviteter/update.php +++ b/www/admin/aktiviteter/update.php @@ -14,7 +14,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'aktiviteter')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/brukere/index.php b/www/admin/brukere/index.php index 8584f02..741a48e 100644 --- a/www/admin/brukere/index.php +++ b/www/admin/brukere/index.php @@ -20,7 +20,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->isAdmin($uname)){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } @@ -63,9 +63,16 @@ $users = $userManager->getAllUserData(); BrukernavnBrukergrupper $data){ $uname = $data['name']; $groupFlag = $userManager->getUsergroups($uname); + + if(!$users_value){ + $users_value = $uname; + }else{ + $users_value = $users_value . '_' . $uname; + } ?> @@ -79,6 +86,7 @@ $users = $userManager->getAllUserData(); '; ?> diff --git a/www/admin/brukere/update.php b/www/admin/brukere/update.php index 3a41ea6..149f4af 100644 --- a/www/admin/brukere/update.php +++ b/www/admin/brukere/update.php @@ -16,23 +16,26 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->isAdmin($uname)){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } $newUser; if(isset($_POST['newuser'])){ - $newUser = $_POST['newuser']; + $newUser = $_POST['newuser']; + unset($_POST['newuser']); } +$updatingUsers = explode('_', $_POST['users']); +unset($_POST['users']); + // 2d array of usernames and their corresponding group flags $userFlags = []; -foreach($_POST as $namegroup => $check){ - // new user field, don't use that - if($namegroup == 'newuser'){ - continue; - } +if($newUser){ + $userFlags[$newUser] = 0; +} +foreach($_POST as $namegroup => $info){ $data = explode('_', $namegroup); if($data[0] == 'newuser'){ if(!$newUser){ @@ -49,6 +52,12 @@ foreach($_POST as $namegroup => $check){ $userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]); } +foreach($updatingUsers as $uname){ + if(!array_key_exists($uname, $userFlags)){ + $userFlags[$uname] = 0; + } +} + foreach($userFlags as $uname => $flag){ $userManager->setGroups($uname, $flag); } diff --git a/www/admin/index.php b/www/admin/index.php index a33af7f..c210b47 100644 --- a/www/admin/index.php +++ b/www/admin/index.php @@ -18,7 +18,7 @@ $projectGroup = $userManager->hasGroup($uname, 'prosjekt'); $activityGroup = $userManager->hasGroup($uname, 'aktiviteter'); if(!($isAdmin | $projectGroup | $activityGroup)){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } ?> diff --git a/www/admin/prosjekter/delete.php b/www/admin/prosjekter/delete.php index 543d558..40c60ab 100644 --- a/www/admin/prosjekter/delete.php +++ b/www/admin/prosjekter/delete.php @@ -12,7 +12,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'prosjekt')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/prosjekter/edit.php b/www/admin/prosjekter/edit.php index 4c4e80d..d3b7bfe 100644 --- a/www/admin/prosjekter/edit.php +++ b/www/admin/prosjekter/edit.php @@ -16,7 +16,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'prosjekt')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/prosjekter/index.php b/www/admin/prosjekter/index.php index c183937..5118db2 100644 --- a/www/admin/prosjekter/index.php +++ b/www/admin/prosjekter/index.php @@ -16,7 +16,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'prosjekt')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); } diff --git a/www/admin/prosjekter/update.php b/www/admin/prosjekter/update.php index 294bc65..24b7098 100644 --- a/www/admin/prosjekter/update.php +++ b/www/admin/prosjekter/update.php @@ -14,7 +14,7 @@ $attrs = $as->getAttributes(); $uname = $attrs['uid'][0]; if(!$userManager->hasGroup($uname, 'prosjekt')){ - echo 'Ingen tilgang'; + echo 'Her har du ikke lov\'t\'å\'værra!!!'; exit(); }