aboutsummaryrefslogtreecommitdiffhomepage
path: root/inc
diff options
context:
space:
mode:
authortcit <tcit@tcit.fr>2014-04-23 10:29:53 +0200
committertcit <tcit@tcit.fr>2014-04-23 10:29:53 +0200
commit4d99bae893eb47505f8ff6976917ef3af363ff5b (patch)
tree79542323f751ce4562867b421a05aa6715c7efc8 /inc
parent847f57686e3e129b63c40bd2b49404b74ec85b27 (diff)
downloadwallabag-4d99bae893eb47505f8ff6976917ef3af363ff5b.tar.gz
wallabag-4d99bae893eb47505f8ff6976917ef3af363ff5b.tar.zst
wallabag-4d99bae893eb47505f8ff6976917ef3af363ff5b.zip
Fixed Multi-user system
Diffstat (limited to 'inc')
-rwxr-xr-xinc/poche/Database.class.php39
-rwxr-xr-xinc/poche/Poche.class.php54
2 files changed, 92 insertions, 1 deletions
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 036c9d1b..ba2d1d94 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -229,12 +229,49 @@ class Database {
229 return FALSE; 229 return FALSE;
230 } 230 }
231 } 231 }
232
233 public function listUsers($username=null) {
234 $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
235 $query = $this->executeQuery($sql, ( $username ? array($username) : array()));
236 list($count) = $query->fetch();
237 return $count;
238 }
239
240 public function getUserPassword($userID) {
241 $sql = "SELECT * FROM users WHERE id=?";
242 $query = $this->executeQuery($sql, array($userID));
243 $password = $query->fetchAll();
244 return isset($password[0]['password']) ? $password[0]['password'] : null;
245 }
246
247 public function deleteUserConfig($userID) {
248 $sql_action = 'DELETE from users_config WHERE user_id=?';
249 $params_action = array($userID);
250 $query = $this->executeQuery($sql_action, $params_action);
251 return $query;
252 }
253
254 public function deleteTagsEntriesAndEntries($userID) {
255 $entries = $this->retrieveAll($userID);
256 foreach($entries as $entryid) {
257 $tags = $this->retrieveTagsByEntry($entryid);
258 foreach($tags as $tag) {
259 $this->removeTagForEntry($entryid,$tags);
260 }
261 $this->deleteById($entryid,$userID);
262 }
263 }
264
265 public function deleteUser($userID) {
266 $sql_action = 'DELETE from users WHERE id=?';
267 $params_action = array($userID);
268 $query = $this->executeQuery($sql_action, $params_action);
269 }
232 270
233 public function updateContentAndTitle($id, $title, $body, $user_id) { 271 public function updateContentAndTitle($id, $title, $body, $user_id) {
234 $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; 272 $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';
235 $params_action = array($body, $title, $id, $user_id); 273 $params_action = array($body, $title, $id, $user_id);
236 $query = $this->executeQuery($sql_action, $params_action); 274 $query = $this->executeQuery($sql_action, $params_action);
237
238 return $query; 275 return $query;
239 } 276 }
240 277
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 811895dc..aa313c25 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -241,6 +241,58 @@ class Poche
241 $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); 241 $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
242 $this->tpl->addFilter($filter); 242 $this->tpl->addFilter($filter);
243 } 243 }
244
245 public function createNewUser() {
246 if (isset($_GET['newuser'])){
247 if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){
248 $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING);
249 if (!$this->store->userExists($newusername)){
250 if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) {
251 Tools::logm('The new user '.$newusername.' has been installed');
252 $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername));
253 Tools::redirect();
254 }
255 else {
256 Tools::logm('error during adding new user');
257 Tools::redirect();
258 }
259 }
260 else {
261 $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername));
262 Tools::logm('An user with the name '.$newusername.' already exists !');
263 Tools::redirect();
264 }
265 }
266 }
267 }
268
269 public function deleteUser(){
270 if (isset($_GET['deluser'])){
271 if ($this->store->listUsers() > 1) {
272 if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
273 $username = $this->user->getUsername();
274 $this->store->deleteUserConfig($this->user->getId());
275 Tools::logm('The configuration for user '. $username .' has been deleted !');
276 $this->store->deleteTagsEntriesAndEntries($this->user->getId());
277 Tools::logm('The entries for user '. $username .' has been deleted !');
278 $this->store->deleteUser($this->user->getId());
279 Tools::logm('User '. $username .' has been completely deleted !');
280 Session::logout();
281 Tools::logm('logout');
282 Tools::redirect();
283 $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername));
284 }
285 else {
286 Tools::logm('Bad password !');
287 $this->messages->add('e', _('Error : The password is wrong !'));
288 }
289 }
290 else {
291 Tools::logm('Only user !');
292 $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
293 }
294 }
295 }
244 296
245 private function install() 297 private function install()
246 { 298 {
@@ -520,6 +572,7 @@ class Poche
520 $languages = $this->getInstalledLanguages(); 572 $languages = $this->getInstalledLanguages();
521 $token = $this->user->getConfigValue('token'); 573 $token = $this->user->getConfigValue('token');
522 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; 574 $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false;
575 $only_user = ($this->store->listUsers() > 1) ? false : true;
523 $tpl_vars = array( 576 $tpl_vars = array(
524 'themes' => $themes, 577 'themes' => $themes,
525 'languages' => $languages, 578 'languages' => $languages,
@@ -532,6 +585,7 @@ class Poche
532 'token' => $token, 585 'token' => $token,
533 'user_id' => $this->user->getId(), 586 'user_id' => $this->user->getId(),
534 'http_auth' => $http_auth, 587 'http_auth' => $http_auth,
588 'only_user' => $only_user
535 ); 589 );
536 Tools::logm('config view'); 590 Tools::logm('config view');
537 break; 591 break;