Fix changing user permissions. usernames with _ in them would be split into multiple users

This page is utterly broken and deserves a rewrite.
delimiting fields with "_" is a bad idea.
But i'm too lazy to be bothered. Don't call me when the db breaks
This commit is contained in:
Peder Bergebakken Sundt 2018-08-06 23:30:27 +02:00
parent f5c088fdc1
commit cb3949f6e8
2 changed files with 26 additions and 17 deletions

View File

@ -48,19 +48,18 @@ $users = $userManager->getAllUserData();
<form action="./update.php" method="post"> <form action="./update.php" method="post">
<table class="userlist"> <table class="userlist">
<tr><th>Brukernavn</th><th>Brukergrupper</th></tr> <tr>
<th>Brukernavn</th>
<th>Brukergrupper</th>
</tr>
<?php <?php
$users_value = ''; $users_to_update = array();
foreach($users as $i => $data){ foreach($users as $i => $data){
$uname = $data['name']; $uname = $data['name'];
$groupFlag = $userManager->getUsergroups($uname); $groupFlag = $userManager->getUsergroups($uname);
if(!$users_value){ array_push($users_to_update, $uname);
$users_value = $uname;
}else{
$users_value = $users_value . '_' . $uname;
}
?> ?>
<tr> <tr>
@ -74,7 +73,10 @@ $users = $userManager->getAllUserData();
<?php <?php
} }
echo '<input type="hidden" name="users" value="' . $users_value . '" />'; foreach($users_to_update as $uname) {
echo '<input type="hidden" name="user_to_update" value="' . $uname . '" />';
}
?> ?>
<tr class="newuserrow"> <tr class="newuserrow">

View File

@ -26,8 +26,13 @@ if(isset($_POST['newuser'])){
unset($_POST['newuser']); unset($_POST['newuser']);
} }
$updatingUsers = explode('_', $_POST['users']); //$updatingUsers = explode('_', $_POST['users']);
unset($_POST['users']); $updatingUsers = array();
foreach ($_POST as $key => $value) { if ($key === "user_to_update") {
array_push($updatingUsers, $value);
}
}
unset($_POST['user_to_update']);
// 2d array of usernames and their corresponding group flags // 2d array of usernames and their corresponding group flags
$userFlags = []; $userFlags = [];
@ -37,19 +42,21 @@ if($newUser){
foreach($_POST as $namegroup => $info){ foreach($_POST as $namegroup => $info){
$data = explode('_', $namegroup); $data = explode('_', $namegroup);
if($data[0] == 'newuser'){ $group = array_pop($data);
$uname = implode("_", $data);
if($uname == 'newuser'){
if(!$newUser){ if(!$newUser){
continue; continue;
} }
$data[0] = $newUser; $uname = $newUser;
} }
if(!isset($userFlags[$data[0]])){ if(!isset($userFlags[$uname])){
$userFlags[$data[0]] = 0; $userFlags[$uname] = 0;
} }
$userFlags[$data[0]] = ($userFlags[$data[0]] | $userManager->usergroups[$data[1]]); $userFlags[$uname] = ($userFlags[$uname] | $userManager->usergroups[$group]);
} }
foreach($updatingUsers as $uname) { foreach($updatingUsers as $uname) {