0ct0pu5/pdnsmanager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Added edit-user.php, no permissions yet

Browse source
This commit is contained in:
Lukas Metzger 2016-01-24 17:58:04 +01:00
parent 54c00cbe8b
commit 386480890b
3 changed files with 310 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

84
api/edit-user.php Normal file
View file

@ -0,0 +1,84 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "addUser") {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
$db->autocommit(false);
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (?,?,?)");
$stmt->bind_param("sss", $input->name, $passwordHash, $input->type);
$stmt->execute();
$stmt->close();
$stmt = $db->prepare("SELECT LAST_INSERT_ID()");
$stmt->execute();
$stmt->bind_result($newUserId);
$stmt->fetch();
$stmt->close();
$db->commit();
$retval = Array();
$retval['newId'] = $newUserId;
}
if(isset($input->action) && $input->action == "getUserData") {
$stmt = $db->prepare("SELECT name,type FROM user WHERE id=?");
$stmt->bind_param("i", $input->id);
$stmt->execute();
$stmt->bind_result($userName, $userType);
$stmt->fetch();
$stmt->close();
$retval = Array();
$retval['name'] = $userName;
$retval['type'] = $userType;
}
if(isset($input->action) && $input->action == "saveUserChanges") {
if(isset($input->password)) {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE user SET name=?,password=?,type=? WHERE id=?");
$stmt->bind_param("sssi", $input->name, $passwordHash, $input->type, $input->id);
$stmt->execute();
$stmt->close();
} else {
$stmt = $db->prepare("UPDATE user SET name=?,type=? WHERE id=?");
$stmt->bind_param("ssi", $input->name, $input->type, $input->id);
$stmt->execute();
$stmt->close();
}
}
if(isset($retval)) {
echo json_encode($retval);
} else {
echo "{}";
}

91
edit-user.php Normal file
View file

@ -0,0 +1,91 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<?php
require_once 'lib/session.php';
?>
<html>
<head>
<title>PDNS Manager - Domains</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/edit-user.js"></script>
</head>
<body>
<nav class="navbar navbar-inverse navbar-static-top">
<div class="container">
<div class="navbar-brand">
PDNS Manager
</div>
<ul class="nav navbar-nav">
<li><a href="domains.php">Domains</a></li>
<?php if($_SESSION['type'] == "admin") echo '<li><a href="users.php">Users</a></li>'; ?>
<li><a href="logout.php">Logout</a></li>
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="heading">Change user</h2>
</row>
<row>
<div class="col-md-3">
<form>
<div class="form-group">
<label for="user-name" class="control-label">Name</label>
<input type="text" class="form-control" id="user-name" placeholder="Username" autocomplete="off" data-regex="^[A-Za-z0-9\._-]+$" tabindex="1">
</div>
<div class="form-group">
<label for="user-password" class="control-label">Password</label>
<input type="password" class="form-control" id="user-password" placeholder="(Unchanged)" autocomplete="off" tabindex="2">
</div>
<div class="form-group">
<label for="user-password2" class="control-label">Password repeated</label>
<input type="password" class="form-control" id="user-password2" placeholder="(Unchanged)" autocomplete="off" tabindex="3">
</div>
<div class="form-group">
<label for="user-type" class="control-label">Type</label>
<select id="user-type" class="form-control" tabindex="4">
<option value="user">User</option>
<option value="admin">Admin</option>
</select>
</div>
<button id="user-button-add" class="btn btn-primary" tabindex="5">Change</button>
</form>
</div>
</row>
</div>
</body>
</html>

135
js/edit-user.js Normal file
View file

@ -0,0 +1,135 @@
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#user-button-add').click(function(evt){
evt.preventDefault();
if(location.hash.substring(1) == "new") {
addUser();
} else {
saveUserChanges();
}
});
$('form input#user-name').bind("paste keyup change", regexValidate);
$('#user-password').unbind().bind("paste keyup change", function() {
$('#user-password').parent().removeClass("has-error");
});
$('#user-password2').unbind().bind("paste keyup change", function() {
if($('#user-password').val() != $('#user-password2').val()) {
$('#user-password2').parent().addClass("has-error");
} else {
$('#user-password2').parent().removeClass("has-error");
}
});
$('#user-type').select2({
minimumResultsForSearch: Infinity
});
//Prepare for new user
if(location.hash.substring(1) == "new") {
$('#heading').text("Add user");
$('#user-button-add').text("Add");
$('#user-password').attr("placeholder", "Password");
$('#user-password2').attr("placeholder", "Password repeated");
} else {
getUserData();
}
});
function regexValidate() {
var regex = new RegExp($(this).attr('data-regex'));
if(!regex.test($(this).val())) {
$(this).parent().addClass("has-error");
} else {
$(this).parent().removeClass("has-error");
}
}
function addUser() {
$('form input').change();
if($('#user-password').val().length <= 0) {
$('#user-password').parent().addClass("has-error");
$('#user-password2').parent().addClass("has-error");
}
if($('#user-name').parent().hasClass("has-error")) {
return;
}
if($('#user-password2').parent().hasClass("has-error")) {
return;
}
var data = {
name: $('#user-name').val(),
password: $('#user-password').val(),
type: $('#user-type').val(),
action: "addUser"
};
$.post(
"api/edit-user.php",
JSON.stringify(data),
function(data) {
location.assign("edit-user.php#" + data.newId);
location.reload();
},
"json"
);
}
function getUserData() {
var data = {
id: location.hash.substring(1),
action: "getUserData"
};
$.post(
"api/edit-user.php",
JSON.stringify(data),
function(data) {
$('#user-name').val(data.name);
$('#user-type').val(data.type).change();
},
"json"
);
}
function saveUserChanges() {
var data = {
id: location.hash.substring(1),
name: $('#user-name').val(),
type: $('#user-type').val(),
action: "saveUserChanges"
};
if($('#user-password').val().length > 0) {
data.password = $('#user-password').val();
}
$.post(
"api/edit-user.php",
JSON.stringify(data),
null,
"json"
);
}