diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/clients-overview.php | 2 | ||||
| -rw-r--r-- | include/settings.php | 170 | ||||
| -rw-r--r-- | include/users-new.php | 42 |
3 files changed, 188 insertions, 26 deletions
diff --git a/include/clients-overview.php b/include/clients-overview.php index 7ce45a6..fc2c3a0 100644 --- a/include/clients-overview.php +++ b/include/clients-overview.php @@ -70,7 +70,7 @@ require_once('./login.php'); <div class="form-group"> <label>Name:</label> <input - type="text" name="name" class="form-control" placeholder="Title" + type="text" name="name" class="form-control" placeholder="Name" data-bv-notempty="true" data-bv-notempty-message="You have to provide a name"/> </div> <button type="submit" class="btn btn-default">Go</button> diff --git a/include/settings.php b/include/settings.php index 7dfbbc3..896152c 100644 --- a/include/settings.php +++ b/include/settings.php @@ -35,43 +35,163 @@ require('./header.php'); <!-- /.col-lg-12 --> </div> + <?php + if (isset($_GET['delete_user']) && $_user->isAdmin()) { + try { + $user = new user($_pdo, $_GET['delete_user']); + if ($user->delete()) { + echo "<div class='alert alert-success alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> has been removed.</div>"; + } else { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> could not be removed.</div>"; + } + } catch (PDOException $e) { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with username <i>{$user->getUsername()}</i> could not be removed due to a PDO error.</div>"; + } catch (Exception $e) { + echo "<div class='alert alert-danger alert-dismissable'><button type='button' class='close fa fa-times' data-dismiss='alert' aria-hidden='true'></button>The user with id {$_GET['delete_user']} could not be found.</div>"; + } + } + ?> + <div class="row"> <div class="col-md-4"> <div class="panel panel-default"> <div class="panel-heading">Password</div> - <div class="panel-body"> - <?php - if (isset($_POST['password_update'])) { - if ($_POST['password_update'] != $_POST['password_update2']) { - echo '<div class="alert alert-danger">The passwords don\'t match.</div>'; - } else if (!$_user->verifyPassword($_POST['password_current'])) { - echo '<div class="alert alert-danger">The current password was incorrect.</div>'; - } else { - try { - $_user->setPassword($_POST['password_update']); - echo '<div class="alert alert-success">Password successfully changed.</div>'; - } catch (PDOException $e) { - echo '<div class="alert alert-danger">An unknown error occurred.</div>'; - } + <div class="panel-body"> + <?php + if (isset($_POST['password_update'])) { + if ($_POST['password_update'] != $_POST['password_update2']) { + echo '<div class="alert alert-danger">The passwords don\'t match.</div>'; + } else if (!$_user->verifyPassword($_POST['password_current'])) { + echo '<div class="alert alert-danger">The current password was incorrect.</div>'; + } else { + try { + $_user->setPassword($_POST['password_update']); + echo '<div class="alert alert-success">Password successfully changed.</div>'; + } catch (PDOException $e) { + echo '<div class="alert alert-danger">An unknown error occurred.</div>'; } } - ?> - <form action="" method="post"> - <div class="form-group"> - <input class="form-control" type="password" name="password_current" placeholder="Current password"/> - </div> - <div class="form-group"> - <input class="form-control" type="password" name="password_update" placeholder="New password"/> - </div> + } + ?> + <form action="" method="post"> + <div class="form-group"> + <input class="form-control" type="password" name="password_current" id="password-current" placeholder="Current password"/> + </div> + <div class="form-group"> + <input class="form-control" type="password" name="password_update" placeholder="New password"/> + </div> + <div class="form-group"> + <input class="form-control" type="password" name="password_update2" placeholder="New password (verification)"/> + </div> + <input class="btn btn-primary" type="submit" value="Change password"/> + </form> + </div> + </div> + </div> + + <div class="col-md-4"> + <div class="panel panel-default"> + <div class="panel-heading">Users</div> + <div class="panel-body table-responsive"> + <table class="table table-bordered table-striped mixitup dataTable" id="overview-clients"> + <thead> + <tr> + <th class="mixitup-sort sorting" data-sort="mixerOrderId:desc">#</th> + <th class="mixitup-sort sorting" data-sort="mixerOrderUsername:desc">Username</th> + <?php if ($_user->isAdmin()) echo '<th>Tools</th>'; ?> + </tr> + </thead> + <tbody> + <?php + $users = BusinessAdmin::getUsers($_pdo); + foreach ($users as $user) { + echo "<tr class='mix' + data-mixer-order-id='{$user->getId()}' + data-mixer-order-username='{$user->getUsername()}'> + <td class='col-min-width'>{$user->getId()}</td> + <td class='col-max-width'>{$user->getUsername()}</td>"; + if ($_user->isAdmin()) { + if ($user->getId() == $_user->getId()) { + echo "<td class='col-min-width'> + <a title='Change password' href='#' onclick='$(\"#password-current\").focus();' class='btn btn-warning btn-circle fa fa-key'></a> + </td>"; + } else { + echo "<td class='col-min-width'> + <a title='Delete' href='?delete_user={$user->getId()}' class='btn btn-danger btn-circle fa fa-times'></a> + </td>"; + } + } + echo "</tr>"; + } + ?> + </tbody> + </table> + </div> + </div> + </div> + + <?php if ($_user->isAdmin()) : ?> + <div class="col-md-4"> + <div class="panel panel-default"> + <div class="panel-heading">Create new</div> + <div class="panel-body"> + <form role="form" id="newUser" action='<?=constants::url_external?>users/new' method="post" class="bootstrapValidator ajaxify" + data-ajaxify-options='{"success":"newUserSuccess","error":"newUserError","beforeSubmit":"newUserBeforeSubmit","clearForm":true}'> + <div class="ajaxify-response alert alert-dismissable"><button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button><span class="ajaxify-response-text"></span></div> <div class="form-group"> - <input class="form-control" type="password" name="password_update2" placeholder="New password (verification)"/> + <label>Username:</label> + <input + type="text" name="username" class="form-control" placeholder="Username" + data-bv-notempty="true" data-bv-notempty-message="You have to provide a username"/> </div> - <input class="btn btn-primary" type="submit" value="Change password"/> + <button type="submit" class="btn btn-default">Go</button> </form> + <script type="text/javascript"> + // Callback for before the form is submitted + function newUserBeforeSubmit() { + $('#newUser input').prop('disabled', true); + $('#newUser .ajaxify-response').hide().removeClass('alert-success alert-danger').find('.ajaxify-response-text').html(''); + } + + // Callback for when the form is successfully submitted + function newUserSuccess(data) { + if (data.success == true) { + $('#newUser .ajaxify-response') + .addClass('alert-success') + .show() + .find('.ajaxify-response-text') + .html(data.message); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } else { + $('#newUser .ajaxify-response') + .addClass('alert-danger') + .show() + .find('.ajaxify-response-text') + .html(data.message); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } + } + + // Callback for when form submission encountered an error + function newUserError() { + $('#newUser .ajaxify-response') + .addClass('alert-danger') + .show() + .find('.ajaxify-response-text') + .html('An unknown error occurred. Please contact support.'); + + $('#newUser input, #newUser button').prop('disabled', false); + $('#newUser').data('bootstrapValidator').resetForm(); + } + </script> </div> </div> </div> - </div> + <?php endif; ?> </div> <!-- /.row --> </div> diff --git a/include/users-new.php b/include/users-new.php new file mode 100644 index 0000000..5d86a83 --- /dev/null +++ b/include/users-new.php @@ -0,0 +1,42 @@ +<?php +/** + * BusinessAdmin: administrative software for small companies + * Copyright (C) 2015 Camil Staps (ViviSoft) + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +define('REQUIRE_ADMIN', true); + +require_once('./conf.php'); +require_once('./login-ajax.php'); + +$response = new response(); + +try { + $pass = user::generateRandomPassword(); + $user = BusinessAdmin::createUser($_pdo, $_REQUEST['username'], $pass); + + if ($user === false) { + $response->success = false; + $response->message = "The user could not be created due to an error."; + } else { + $response->success = true; + $response->message = "User <i>'{$user->getUsername()}'</i> has been created with password <code>$pass</code>. <a class='alert-link' href='javascript:location.reload(true);'>Refresh the page</a>."; + } +} catch (PDOException $e) { + $response->success = false; + $response->message = "The user could not be created due to a PDO error ({$e->getMessage()})."; +} +echo $response->getJson(); |