karsten/scattport-web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of disposed.de:scattport

Browse Source
This commit is contained in:
Karsten Heiken
2011-08-10 20:22:10 +02:00
parent c6c0d6b0a3 c79f3eb47a
commit ec0f6ba902
13 changed files with 405 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
application/controllers/users.php
View File

@@ -13,6 +13,7 @@ class Users extends MY_Controller {
*/
public function __construct() {
parent::__construct();
$this->load->library('form_validation');
$this->load->model('user');
}
@@ -28,6 +29,139 @@ class Users extends MY_Controller {
* Allows admins to create a new user.
*/
public function create() {
$config = array(
array(
'field' => 'username',
'label' => 'lang:field_username',
'rules' => 'trim|required|min_length[4]|max_length[20]|unique[users.username]',
),
array(
'field' => 'password',
'label' => 'lang:field_password',
'rules' => 'required|min_length[6]|matches[password_confirm]',
),
array(
'field' => 'password_confirm',
'label' => 'lang:field_password_confirm',
),
array(
'field' => 'firstname',
'label' => 'lang:field_firstname',
'rules' => 'trim|required|max_length[50]',
),
array(
'field' => 'lastname',
'label' => 'lang:field_lastname',
'rules' => 'trim|required|max_length[50]',
),
array(
'field' => 'email',
'label' => 'lang:field_email',
'rules' => 'trim|required|valid_email',
),
array(
'field' => 'institution',
'label' => 'lang:field_institution',
'rules' => 'trim|max_length[100]',
),
array(
'field' => 'phone',
'label' => 'lang:field_phone',
'rules' => 'trim|regex_match[/^\+\d{2,4}\w\d{2,4}\w\d{3,10}+$/i]',
)
);
$this->form_validation->set_rules($config);
if ($this->form_validation->run() === true) {
$username = $this->input->post('username');
$data = array(
'firstname' => $this->input->post('firstname'),
'lastname' => $this->input->post('lastname'),
'institution' => $this->input->post('institution'),
'phone' => $this->input->post('phone')
);
if ($this->user->register($username, $this->input->post('password'), $this->input->post('email'), $data)) {
$this->messages->add("The user '" . $username . "' was created", 'success');
redirect('users', 201);
}
}
$this->load->view('admin/users/create');
}
/**
* Allows admins to edit the specified user.
*
* @param integer $id
*/
public function edit($id = '') {
$user = $this->user->getUserByID($id);
if (!isset($user) || !is_array($user)){
show_404();
}
$config = array(
array(
'field' => 'firstname',
'label' => 'lang:field_firstname',
'rules' => 'trim|required|max_length[50]',
),
array(
'field' => 'lastname',
'label' => 'lang:field_lastname',
'rules' => 'trim|required|max_length[50]',
),
array(
'field' => 'email',
'label' => 'lang:field_email',
'rules' => 'trim|required|valid_email',
),
array(
'field' => 'institution',
'label' => 'lang:field_institution',
'rules' => 'trim|max_length[100]',
),
array(
'field' => 'phone',
'label' => 'lang:field_phone',
//'rules' => 'trim|regex_match[/^\+\d{2,4}\w\d{2,4}\w\d{3,10}+$/i]',
)
);
$this->form_validation->set_rules($config);
if ($this->form_validation->run() === true) {
$data = array(
'email' => $this->input->post('email'),
'firstname' => $this->input->post('firstname'),
'lastname' => $this->input->post('lastname'),
'institution' => $this->input->post('institution'),
'phone' => $this->input->post('phone')
);
if ($this->user->update($user['id'], $data)) {
$this->messages->add("The user '" . $user['username'] . "' was updated", 'success');
redirect('users', 200);
}
}
$this->load->view('admin/users/edit', array('user' => $user));
}
/**
* Allows admins to delete the specified user.
*
* @param integer $id
*/
public function delete($id = '') {
if (!is_array($this->user->getUserByID())) {
show_404();
}
$this->user->delete($id);
$this->messages->add('The selected user was deleted', 'success');
redirect('users', 200);
}
}

12
application/hooks/global.php
View File

@@ -2,17 +2,17 @@
/*
* Copyright (c) 2011 Karsten Heiken <karsten@disposed.de>
*
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -33,9 +33,9 @@ function check_login() {
// whitelisted (publicly available) controllers
$public_controllers = array('auth');
$CI = & get_instance();
if (!$CI->access->loggedIn() && !in_array($CI->router->class, $public_controllers)) {
if (!$CI->input->is_ajax_request() && !$CI->access->loggedIn() && !in_array($CI->router->class, $public_controllers)) {
redirect('auth/login');
}
}

22
application/language/english/form_validation_lang.php
View File

@@ -1,6 +1,28 @@
<?php
$lang['unique'] = "A project with this name already exists.";
$lang['required'] = "The %s field is required.";
$lang['isset'] = "The %s field must have a value.";
$lang['valid_email'] = "The %s field must contain a valid email address.";
$lang['valid_emails'] = "The %s field must contain all valid email addresses.";
$lang['valid_url'] = "The %s field must contain a valid URL.";
$lang['valid_ip'] = "The %s field must contain a valid IP.";
$lang['min_length'] = "The %s field must be at least %s characters in length.";
$lang['max_length'] = "The %s field can not exceed %s characters in length.";
$lang['exact_length'] = "The %s field must be exactly %s characters in length.";
$lang['alpha'] = "The %s field may only contain alphabetical characters.";
$lang['alpha_numeric'] = "The %s field may only contain alpha-numeric characters.";
$lang['alpha_dash'] = "The %s field may only contain alpha-numeric characters, underscores, and dashes.";
$lang['numeric'] = "The %s field must contain only numbers.";
$lang['is_numeric'] = "The %s field must contain only numeric characters.";
$lang['integer'] = "The %s field must contain an integer.";
$lang['regex_match'] = "The %s field is not in the correct format.";
$lang['matches'] = "The %s field does not match the %s field.";
$lang['is_natural'] = "The %s field must contain only positive numbers.";
$lang['is_natural_no_zero'] = "The %s field must contain a number greater than zero.";
$lang['decimal'] = "The %s field must contain a decimal number.";
$lang['less_than'] = "The %s field must contain a number less than %s.";
$lang['greater_than'] = "The %s field must contain a number greater than %s.";
/* End of file projects_lang.php */
/* Location: ./application/language/english/form_validation_lang.php */

10
application/language/english/users_lang.php
View File

@@ -10,6 +10,16 @@ $lang['user_create'] = "Create new user";
$lang['user_delete'] = "Delete";
$lang['create_user'] = "Create a new user";
$lang['edit_user'] = "Edit user";
$lang['field_username'] = "Username";
$lang['field_password'] = "Password";
$lang['field_password_confirm'] = "Confirm password";
$lang['field_firstname'] = "First name";
$lang['field_lastname'] = "Last name";
$lang['field_email'] = "Email address";
$lang['field_institution'] = "Institution";
$lang['field_phone'] = "Phone number";
/* End of file users_lang.php */
/* Location: ./application/language/english/users_lang.php */

2
application/libraries/Access.php
View File

@@ -238,7 +238,7 @@ class Access {
* @return object
*/
public function getCurrentUser() {
return $this->ci->user->getUserByID($this->ci->session->userdata('user_id'))->row_array();
return $this->ci->user->getUserByID($this->ci->session->userdata('user_id'));
}
/**

3
application/libraries/MY_Form_validation.php
View File

@@ -12,6 +12,9 @@ class MY_Form_validation extends CI_Form_validation {
*/
public function __construct() {
parent::__construct();
// overwrite default error delimiters
$this->set_error_delimiters('<p class="error">', '</p>');
}
/**

129
application/libraries/MY_Session.php
View File

@@ -7,83 +7,92 @@
*/
class MY_Session extends CI_Session {
/**
* Calls the parent constructor.
*/
public function __construct() {
parent::__construct();
}
/**
* Calls the parent constructor.
*/
public function __construct() {
parent::__construct();
}
/**
* Generates a random and unique session ID.
*
* @return string
*/
private function generateHash() {
return sha1(uniqid(microtime() . $this->CI->input->ip_address(), true));
}
/**
* Generates a random and unique session ID.
*
* @return string
*/
private function generateHash() {
return sha1(uniqid(microtime() . $this->CI->input->ip_address(), true));
}
/**
* Creates a new session.
*/
public function sess_create() {
$this->userdata = array(
/**
* Creates a new session.
*
* @see CI_Session::sess_create()
*/
public function sess_create() {
$this->userdata = array(
'session_id' => $this->generateHash(),
'ip_address' => $this->CI->input->ip_address(),
'user_agent' => substr($this->CI->input->user_agent(), 0, 50),
'last_activity' => $this->now
);
);
// save data to the DB if needed
if ($this->sess_use_database === true) {
$this->CI->db->insert($this->sess_table_name, $this->userdata);
}
// save data to the DB if needed
if ($this->sess_use_database === true) {
$this->CI->db->insert($this->sess_table_name, $this->userdata);
}
// write the cookie
$this->_set_cookie();
}
// write the cookie
$this->_set_cookie();
}
/**
* Updates an existing session.
*/
public function sess_update() {
// skip the session update in case of an ajax call
if ($this->CI->input->is_ajax_request()) {
return;
}
/**
* Updates an existing session.
*
* @see CI_Session::sess_update()
*/
public function sess_update() {
// we only update the session every five minutes by default
if ($this->userdata['last_activity'] + $this->sess_time_to_update >= $this->now) {
return;
}
// we only update the session every five minutes by default
if ($this->userdata['last_activity'] + $this->sess_time_to_update >= $this->now) {
return;
}
$oldSessionID = $this->userdata['session_id'];
$newSessionID = $this->generateHash();
$oldSessionID = $this->userdata['session_id'];
$newSessionID = $this->generateHash();
$this->userdata['session_id'] = $newSessionID;
$this->userdata['last_activity'] = $this->now;
$this->userdata['session_id'] = $newSessionID;
$this->userdata['last_activity'] = $this->now;
$cookieData = null;
$cookieData = null;
// update the DB if needed
if ($this->sess_use_database === true) {
// set cookie explicitly to only have our session data
$cookieData = array();
foreach (array('session_id', 'user_id', 'ip_address', 'user_agent', 'last_activity') as $val) {
$cookieData[$val] = $this->userdata[$val];
}
// update the DB if needed
if ($this->sess_use_database === true) {
// set cookie explicitly to only have our session data
$cookieData = array();
foreach (array('session_id', 'user_id', 'ip_address', 'user_agent', 'last_activity') as $val) {
$cookieData[$val] = $this->userdata[$val];
}
$this->CI->db->update($this->sess_table_name, array('last_activity' => $this->now, 'user_id' => $this->userdata['user_id'], 'session_id' => $newSessionID), array('session_id' => $oldSessionID));
$this->CI->db->update($this->sess_table_name, array('last_activity' => $this->now, 'user_id' => $this->userdata['user_id'], 'session_id' => $newSessionID), array('session_id' => $oldSessionID));
// update users table if user is logged in
if (array_key_exists('user_id', $this->userdata) && $this->userdata['user_id'] > 0) {
$this->CI->db->update('users', array('last_activity' => $this->now), array('id' => $this->userdata['user_id']));
}
}
// update users table if user is logged in
if (array_key_exists('user_id', $this->userdata) && $this->userdata['user_id'] > 0) {
$this->CI->db->update('users', array('last_activity' => $this->now), array('id' => $this->userdata['user_id']));
}
}
// write the cookie
$this->_set_cookie($cookieData);
}
// write the cookie
$this->_set_cookie($cookieData);
}
/**
* Destroys an existing session.
*
* @see CI_Session::sess_destroy()
*/
public function sess_destroy() {
parent::sess_destroy();
$this->userdata = array();
}
}
/* End of file MY_Session.php */

59
application/libraries/Messages.php
View File

@@ -8,18 +8,22 @@
* See the enclosed file COPYING for license information (LGPL). If you
* did not receive this file, see http://www.fsf.org/copyleft/lgpl.html.
*
* @author Vijay Mahrra & Sheikh Ahmed <webmaster@designbyfail.com>
* @url http://www.designbyfail.com/
* @author Vijay Mahrra & Sheikh Ahmed <webmaster@designbyfail.com>
* @author Eike Foken <kontakt@eikefoken>
* @link http://www.designbyfail.com/
* @version 1.0
*/
class Messages {
class Messages
{
var $_ci;
var $_types = array('success', 'error', 'notice');
function Messages($params = array())
{
/**
* Constructor.
*
* @param array $params
*/
public function __construct($params = array()) {
$this->_ci =& get_instance();
$this->_ci->load->library('session');
// check if theres already messages, if not, initialise the messages array in the session
@@ -29,9 +33,10 @@ class Messages
}
}
// clear all messages
function clear()
{
/**
* Clears all messages
*/
public function clear() {
$messages = array();
foreach ($this->_types as $type) {
$messages[$type] = array();
@@ -39,9 +44,10 @@ class Messages
$this->_ci->session->set_userdata('messages', $messages);
}
// add a message, default type is message
function add($message, $type = 'message')
{
/**
* Adds a message (default type is 'notice').
*/
public function add($message, $type = 'notice') {
$messages = $this->_ci->session->userdata('messages');
// handle PEAR errors gracefully
if (is_a($message, 'PEAR_Error')) {
@@ -49,7 +55,7 @@ class Messages
$type = 'error';
} else if (!in_array($type, $this->_types)) {
// set the type to message if the user specified a type that's unknown
$type = 'message';
$type = 'notice';
}
// don't repeat messages!
if (!in_array($message, $messages[$type]) && is_string($message)) {
@@ -58,9 +64,13 @@ class Messages
$messages = $this->_ci->session->set_userdata('messages', $messages);
}
// return messages of given type or all types, return false if none
function sum($type = null)
{
/**
* Returns messages of given type or all types, return false if none.
*
* @param string $type
* @return boolean|integer
*/
public function sum($type = null) {
$messages = $this->_ci->session->userdata('messages');
if (!empty($type)) {
$i = count($messages[$type]);
@@ -70,12 +80,16 @@ class Messages
foreach ($this->_types as $type) {
$i += count($messages[$type]);
}
return $i;
return $i > 0 ? $i : false;
}
// return messages of given type or all types, return false if none, clearing stack
function get($type = null)
{
/**
* Returns messages of given type or all types, return false if none, clearing stack.
*
* @param string $type
* @return mixed
*/
public function get($type = null) {
$messages = $this->_ci->session->userdata('messages');
if (!empty($type)) {
if (count($messages[$type]) == 0) {
@@ -100,4 +114,7 @@ class Messages
$this->clear();
return $return;
}
}
}
/* End of file Messages.php */
/* Location: ./application/libraries/Messages.php */

52
application/models/user.php
View File

@@ -82,7 +82,7 @@ class User extends CI_Model {
* @return string
*/
private function salt() {
return substr(md5(uniqid(rand(), true)), 0, $this->saltLength);
return substr(sha1(uniqid(rand(), true)), 0, $this->saltLength);
}
/**
@@ -211,32 +211,37 @@ class User extends CI_Model {
}
/**
* register
* Registers a new user.
*
* @param string $username
* @param string $password
* @param string $email
* @param array $additionalData
* @param string $groupName
* @return boolean
*/
public function register($username, $password, $email, $additionalData = false, $groupName = false) {
public function register($username, $password, $email, $additionalData = array(), $groupName = '') {
if ($this->checkUsername($username)) {
$this->access->setError('account_creation_duplicate_username');
return false;
}
print_r($additionalData);
// if a groupID was passed, use it
if (isset($additional_data['group_id'])) {
$groupID = $additional_data['group_id'];
unset($additional_data['group_id']);
if (isset($additionalData['group_id'])) {
$groupID = $additionalData['group_id'];
unset($additionalData['group_id']);
} else { // otherwise get default groupID
$groupName = !$groupName ? 'users' : $groupName;
$groupName = ($groupName == '') ? 'users' : $groupName;
$groupID = $this->db->select('id')->where('name', $groupName)->get('groups')->row()->id;
}
// IP Address
$ipAddress = $this->input->ip_address();
$salt = $this->storeSalt ? $this->salt() : false;
$password = $this->hashPassword($password, $salt);
// Users table.
// users table
$data = array(
'id' => random_hash(16),
'username' => $username,
'password' => $password,
'email' => $email,
@@ -247,11 +252,11 @@ class User extends CI_Model {
if ($this->storeSalt) {
$data['salt'] = $salt;
}
print_r($data);
$this->db->insert('users', $data);
$id = $this->db->insert_id();
$this->db->insert('users', array_merge($data, $additionalData));
return $this->db->affected_rows() > 0 ? $id : false;
return $this->db->affected_rows() > 0 ? $data['id'] : false;
}
/**
@@ -340,20 +345,19 @@ class User extends CI_Model {
}
/**
* getUserByID
* Gets a user by ID.
*
* @return object
* @return array
*/
public function getUserByID($id = false) {
// if no ID was passed use the current users ID
if (empty($id)) {
$id = $this->session->userdata('user_id');
return false;
}
$this->db->where('users.id', $id);
$this->db->limit(1);
return $this->get();
return $this->get()->row_array();
}
/**
@@ -411,11 +415,11 @@ class User extends CI_Model {
* @return boolean
*/
public function update($id, $data) {
$user = $this->getUserByID($id)->row();
$user = $this->getUserByID($id);
$this->db->trans_begin();
if (array_key_exists('username', $data) && $this->checkUsername($data['username']) && $user->username !== $data['username']) {
if (array_key_exists('username', $data) && $this->checkUsername($data['username']) && $user['username'] !== $data['username']) {
$this->db->trans_rollback();
$this->access->setError('account_creation_duplicate_username');
return false;
@@ -423,7 +427,7 @@ class User extends CI_Model {
if (array_key_exists('username', $data) || array_key_exists('password', $data) || array_key_exists('email', $data)) {
if (array_key_exists('password', $data)) {
$data['password'] = $this->hashPassword($data['password'], $user->salt);
$data['password'] = $this->hashPassword($data['password'], $user['salt']);
}
$this->db->update('users', $data, array('id' => $id));
@@ -518,16 +522,16 @@ class User extends CI_Model {
return false;
}
$user = $this->getUserByID($id)->row();
$user = $this->getUserByID($id);
$salt = sha1($user->password);
$salt = sha1($user['password']);
$this->db->update('users', array('remember_code' => $salt), array('id' => $id));
if ($this->db->affected_rows() > -1) {
set_cookie(array(
'name' => 'username',
'value' => $user->username,
'value' => $user['username'],
'expire' => $this->config->item('user_expire', 'auth'),
));
set_cookie(array(

28
application/views/admin/users/create.php
View File

@@ -11,35 +11,43 @@
<h3>Required information</h3>
<ul>
<li>
<?=form_label("Username", 'username');?>
<?=form_label(lang('field_username'), 'username');?>
<div>
<input type="text" name="username" id="username" class="short text" value="<?=set_value('username');?>" />
<?=form_error('username')?>
</div>
<label class="note">Must be between 4 and 20 characters long</label>
</li>
<li>
<?=form_label("Password", 'password');?>
<?=form_label(lang('field_email'), 'email');?>
<div>
<input type="text" name="email" id="email" class="medium text" value="<?=set_value('email');?>" />
<?=form_error('email')?>
</div>
</li>
<li>
<?=form_label(lang('field_password'), 'password');?>
<div>
<input type="password" name="password" id="password" class="short text" />
<?=form_error('password')?>
</div>
</li>
<li>
<?=form_label("Confirm password", 'password2');?>
<?=form_label(lang('field_password_confirm'), 'password_confirm');?>
<div>
<input type="password" name="password_confirm" id="password_confirm" class="short text" />
<?=form_error('password_confirm')?>
</div>
</li>
<li>
<?=form_label("First name", 'firstname');?>
<?=form_label(lang('field_firstname'), 'firstname');?>
<div>
<input type="text" name="firstname" id="firstname" class="short text" value="<?=set_value('firstname');?>" />
<?=form_error('firstname')?>
</div>
</li>
<li>
<?=form_label("Last name", 'lastname');?>
<?=form_label(lang('field_lastname'), 'lastname');?>
<div>
<input type="text" name="lastname" id="lastname" class="short text" value="<?=set_value('lastname');?>" />
<?=form_error('lastname')?>
@@ -49,12 +57,20 @@
<h3>Optional information</h3>
<ul>
<li>
<?=form_label("Institution", 'institution');?>
<?=form_label(lang('field_institution'), 'institution');?>
<div>
<input type="text" name="institution" id="institution" class="medium text" value="<?=set_value('institution');?>" />
<?=form_error('institution')?>
</div>
</li>
<li>
<?=form_label(lang('field_phone'), 'phone');?>
<div>
<input type="text" name="phone" id="phone" class="short text" value="<?=set_value('phone');?>" />
<?=form_error('phone')?>
</div>
<label class="note">Example: +49 123 456789</label>
</li>
<li>
<?=form_label("Language", 'language');?>
<div>

67
application/views/admin/users/edit.php Normal file
View File

@@ -0,0 +1,67 @@
<?php $this->load->view('header');?>
<div id="content">
<div class="title">
<h2><?=lang('edit_user');?> '<?=$user['username'];?>'</h2>
</div>
<div class="box">
<form name="createUser" method="post" action="<?=site_url('users/edit/' . $user['id'])?>">
<h3>Required information</h3>
<ul>
<li>
<?=form_label(lang('field_email'), 'email');?>
<div>
<input type="text" name="email" id="email" class="medium text" value="<?=set_value('email', $user['email']);?>" />
<?=form_error('email')?>
</div>
</li>
<li>
<?=form_label(lang('field_firstname'), 'firstname');?>
<div>
<input type="text" name="firstname" id="firstname" class="short text" value="<?=set_value('firstname', $user['firstname']);?>" />
<?=form_error('firstname')?>
</div>
</li>
<li>
<?=form_label(lang('field_lastname'), 'lastname');?>
<div>
<input type="text" name="lastname" id="lastname" class="short text" value="<?=set_value('lastname', $user['lastname']);?>" />
<?=form_error('lastname')?>
</div>
</li>
</ul>
<h3>Optional information</h3>
<ul>
<li>
<?=form_label(lang('field_institution'), 'institution');?>
<div>
<input type="text" name="institution" id="institution" class="medium text" value="<?=set_value('institution', $user['institution']);?>" />
<?=form_error('institution')?>
</div>
</li>
<li>
<?=form_label(lang('field_phone'), 'phone');?>
<div>
<input type="text" name="phone" id="phone" class="short text" value="<?=set_value('phone', $user['phone']);?>" />
<?=form_error('phone')?>
</div>
<label class="note">Example: +49 123 456789</label>
</li>
<li>
<?=form_label("Language", 'language');?>
<div>
<?=form_dropdown('language', array('English'), null, 'id="language" class="drop"');?>
<?=form_error('language')?>
</div>
</li>
</ul>
<p>
<a class="button save" href="javascript:void(0);" onclick="$('form[name=createUser]').submit();">Speichern</a>
</p>
</form>
</div>
</div>
<?php $this->load->view('footer');?>