diff options
Diffstat (limited to 'inc/poche')
-rwxr-xr-x | inc/poche/Database.class.php | 41 | ||||
-rwxr-xr-x | inc/poche/Poche.class.php | 54 |
2 files changed, 94 insertions, 1 deletions
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 036c9d1b..141d7987 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php | |||
@@ -33,6 +33,8 @@ class Database { | |||
33 | $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB; | 33 | $db_path = 'pgsql:host=' . STORAGE_SERVER . ';dbname=' . STORAGE_DB; |
34 | $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD); | 34 | $this->handle = new PDO($db_path, STORAGE_USER, STORAGE_PASSWORD); |
35 | break; | 35 | break; |
36 | default: | ||
37 | die(STORAGE . ' is not a recognised database system !'); | ||
36 | } | 38 | } |
37 | 39 | ||
38 | $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | 40 | $this->handle->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
@@ -229,12 +231,49 @@ class Database { | |||
229 | return FALSE; | 231 | return FALSE; |
230 | } | 232 | } |
231 | } | 233 | } |
234 | |||
235 | public function listUsers($username=null) { | ||
236 | $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : ''); | ||
237 | $query = $this->executeQuery($sql, ( $username ? array($username) : array())); | ||
238 | list($count) = $query->fetch(); | ||
239 | return $count; | ||
240 | } | ||
241 | |||
242 | public function getUserPassword($userID) { | ||
243 | $sql = "SELECT * FROM users WHERE id=?"; | ||
244 | $query = $this->executeQuery($sql, array($userID)); | ||
245 | $password = $query->fetchAll(); | ||
246 | return isset($password[0]['password']) ? $password[0]['password'] : null; | ||
247 | } | ||
248 | |||
249 | public function deleteUserConfig($userID) { | ||
250 | $sql_action = 'DELETE from users_config WHERE user_id=?'; | ||
251 | $params_action = array($userID); | ||
252 | $query = $this->executeQuery($sql_action, $params_action); | ||
253 | return $query; | ||
254 | } | ||
255 | |||
256 | public function deleteTagsEntriesAndEntries($userID) { | ||
257 | $entries = $this->retrieveAll($userID); | ||
258 | foreach($entries as $entryid) { | ||
259 | $tags = $this->retrieveTagsByEntry($entryid); | ||
260 | foreach($tags as $tag) { | ||
261 | $this->removeTagForEntry($entryid,$tags); | ||
262 | } | ||
263 | $this->deleteById($entryid,$userID); | ||
264 | } | ||
265 | } | ||
266 | |||
267 | public function deleteUser($userID) { | ||
268 | $sql_action = 'DELETE from users WHERE id=?'; | ||
269 | $params_action = array($userID); | ||
270 | $query = $this->executeQuery($sql_action, $params_action); | ||
271 | } | ||
232 | 272 | ||
233 | public function updateContentAndTitle($id, $title, $body, $user_id) { | 273 | public function updateContentAndTitle($id, $title, $body, $user_id) { |
234 | $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; | 274 | $sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?'; |
235 | $params_action = array($body, $title, $id, $user_id); | 275 | $params_action = array($body, $title, $id, $user_id); |
236 | $query = $this->executeQuery($sql_action, $params_action); | 276 | $query = $this->executeQuery($sql_action, $params_action); |
237 | |||
238 | return $query; | 277 | return $query; |
239 | } | 278 | } |
240 | 279 | ||
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 66710ecb..7e3e6afe 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php | |||
@@ -241,6 +241,58 @@ class Poche | |||
241 | $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); | 241 | $filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime'); |
242 | $this->tpl->addFilter($filter); | 242 | $this->tpl->addFilter($filter); |
243 | } | 243 | } |
244 | |||
245 | public function createNewUser() { | ||
246 | if (isset($_GET['newuser'])){ | ||
247 | if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){ | ||
248 | $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING); | ||
249 | if (!$this->store->userExists($newusername)){ | ||
250 | if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) { | ||
251 | Tools::logm('The new user '.$newusername.' has been installed'); | ||
252 | $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to <a href="?logout">logout ?</a>'),$newusername)); | ||
253 | Tools::redirect(); | ||
254 | } | ||
255 | else { | ||
256 | Tools::logm('error during adding new user'); | ||
257 | Tools::redirect(); | ||
258 | } | ||
259 | } | ||
260 | else { | ||
261 | $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername)); | ||
262 | Tools::logm('An user with the name '.$newusername.' already exists !'); | ||
263 | Tools::redirect(); | ||
264 | } | ||
265 | } | ||
266 | } | ||
267 | } | ||
268 | |||
269 | public function deleteUser(){ | ||
270 | if (isset($_GET['deluser'])){ | ||
271 | if ($this->store->listUsers() > 1) { | ||
272 | if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) { | ||
273 | $username = $this->user->getUsername(); | ||
274 | $this->store->deleteUserConfig($this->user->getId()); | ||
275 | Tools::logm('The configuration for user '. $username .' has been deleted !'); | ||
276 | $this->store->deleteTagsEntriesAndEntries($this->user->getId()); | ||
277 | Tools::logm('The entries for user '. $username .' has been deleted !'); | ||
278 | $this->store->deleteUser($this->user->getId()); | ||
279 | Tools::logm('User '. $username .' has been completely deleted !'); | ||
280 | Session::logout(); | ||
281 | Tools::logm('logout'); | ||
282 | Tools::redirect(); | ||
283 | $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername)); | ||
284 | } | ||
285 | else { | ||
286 | Tools::logm('Bad password !'); | ||
287 | $this->messages->add('e', _('Error : The password is wrong !')); | ||
288 | } | ||
289 | } | ||
290 | else { | ||
291 | Tools::logm('Only user !'); | ||
292 | $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !')); | ||
293 | } | ||
294 | } | ||
295 | } | ||
244 | 296 | ||
245 | private function install() | 297 | private function install() |
246 | { | 298 | { |
@@ -532,6 +584,7 @@ class Poche | |||
532 | $languages = $this->getInstalledLanguages(); | 584 | $languages = $this->getInstalledLanguages(); |
533 | $token = $this->user->getConfigValue('token'); | 585 | $token = $this->user->getConfigValue('token'); |
534 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; | 586 | $http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false; |
587 | $only_user = ($this->store->listUsers() > 1) ? false : true; | ||
535 | $tpl_vars = array( | 588 | $tpl_vars = array( |
536 | 'themes' => $themes, | 589 | 'themes' => $themes, |
537 | 'languages' => $languages, | 590 | 'languages' => $languages, |
@@ -544,6 +597,7 @@ class Poche | |||
544 | 'token' => $token, | 597 | 'token' => $token, |
545 | 'user_id' => $this->user->getId(), | 598 | 'user_id' => $this->user->getId(), |
546 | 'http_auth' => $http_auth, | 599 | 'http_auth' => $http_auth, |
600 | 'only_user' => $only_user | ||
547 | ); | 601 | ); |
548 | Tools::logm('config view'); | 602 | Tools::logm('config view'); |
549 | break; | 603 | break; |