216 lines
6.8 KiB
PHP
216 lines
6.8 KiB
PHP
<?PHP
|
|
/**
|
|
* This script lists all users and offers the option to add new ones.
|
|
*
|
|
* @author Joshua Ramon Enslin <joshua@jrenslin.de>
|
|
*/
|
|
|
|
/*
|
|
* Require files and ensure environment.
|
|
*/
|
|
|
|
require_once __DIR__ . "/inc/functions.php";
|
|
|
|
ensureEnvironment(); // Ensure existence of system files.
|
|
$translations = loadLanguage($settings['defaultLang']); // Load translations.
|
|
ensureBackendEnv(); // Ensure session is started etc.
|
|
$pages = loadPages(); // Load overview of pages.
|
|
|
|
if (!$_SESSION['admin']) {
|
|
echo printErrorPage($settings, $translations['accessDenied']); return;
|
|
}
|
|
|
|
/*
|
|
* Load data.
|
|
*/
|
|
|
|
// Check for vars.
|
|
loadHttpToGlobals(["task", "username", "realName", "email", "password", "passwordVerify", "admin"]);
|
|
|
|
if (!isset($users)) {
|
|
$users = json_decode(file_get_contents(__DIR__ . "/../data/users.json"), true);
|
|
}
|
|
|
|
/**
|
|
* Adding new users.
|
|
*/
|
|
if (isset($task) and $task == "insert") {
|
|
|
|
$redirectURL = "./users.php?" . write_common_vars(["username", "realName", "email", "admin"]) . "#addUser";
|
|
|
|
if (!isset($admin)) $admin = false;
|
|
|
|
// Ensure all required values are set.
|
|
foreach (["username", "realName", "email", "password", "passwordVerify"] as $var) {
|
|
if (isset($$var)) continue;
|
|
|
|
$_SESSION["editHistory"] = ["changesAborted", $translations['requiredValueMissing']];
|
|
header('Location: ' . $redirectURL);
|
|
return;
|
|
}
|
|
|
|
// Check if the passwords match.
|
|
if ($password != $passwordVerify) {
|
|
$_SESSION["editHistory"] = ["changesAborted", $translations['passwordsDoNotMatch']];
|
|
header('Location: ' . $redirectURL);
|
|
return;
|
|
}
|
|
|
|
// Check if passwords is too short.
|
|
if (strlen($password) < 8) {
|
|
$_SESSION["editHistory"] = ["changesAborted", $translations['passwordTooShort']];
|
|
header('Location: ' . $redirectURL);
|
|
return;
|
|
}
|
|
|
|
// Options for hashing.
|
|
$newUser = array(
|
|
|
|
"username" => $username,
|
|
"realName" => $realName,
|
|
"email" => $email,
|
|
"password" => password_hash("$password", PASSWORD_BCRYPT, ['cost' => 12]),
|
|
"admin" => $admin,
|
|
"created" => date("Y-m-d H:i:s"),
|
|
|
|
);
|
|
|
|
$users[$username] = $newUser;
|
|
|
|
// Store the users array.
|
|
file_put_contents(__DIR__ . "/../data/users.json", json_encode($users), LOCK_EX);
|
|
|
|
$_SESSION["editHistory"] = ["changesStored", $translations['userAdded'] . " $username"];
|
|
header('Location: ./users.php#addUser');
|
|
return;
|
|
|
|
}
|
|
|
|
/*
|
|
* Output
|
|
*/
|
|
|
|
echo printBackendHead($settings, $translations['start'], $translations['start'], $settings['logo']);
|
|
echo printBackendHeader($translations['usersOverview'], $translations['helpUsers']);
|
|
|
|
echo '
|
|
<div id="mainWrapper">
|
|
';
|
|
|
|
echo printBackendNav($translations);
|
|
|
|
echo '
|
|
<main>
|
|
|
|
<p>
|
|
<a href="#listUsers" class="buttonLike">' . $translations['listUsers'] . '</a>
|
|
<a href="#addUser" class="buttonLike">' . $translations['addUser'] . '</a>
|
|
</p>
|
|
|
|
<section id="listUsers">
|
|
|
|
<form action="" method="POST">
|
|
<table class="obj_cha_maintable">
|
|
|
|
<tr>
|
|
<th><label for="username">' . $translations['username'] . '</label></th>
|
|
<td><input type="text" id="username" name="username" placeholder="' . $translations['username']. '"';
|
|
if (isset($username)) echo " value='$username'";
|
|
echo ' required /></td>
|
|
<td>' . generateHelpToolTip("helpUsername", $translations['username'], $translations['helpUsername']) . '</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th><label for="realName">' . $translations['realName'] . '</label></th>
|
|
<td><input type="text" id="realName" name="realName" placeholder="' . $translations['realName']. '"';
|
|
if (isset($realName)) echo " value='$realName'";
|
|
echo ' required /></td>
|
|
<td>' . generateHelpToolTip("helpRealName", $translations['realName'], $translations['helpRealName']) . '</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th><label for="userEmail">' . $translations['email'] . '</label></th>
|
|
<td><input type="email" id="userEmail" name="email" placeholder="' . $translations['email']. '"';
|
|
if (isset($email)) echo " value='$email'";
|
|
echo ' required /></td>
|
|
<td>' . generateHelpToolTip("helpEmail", $translations['email'], $translations['helpEmail']) . '</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th><label for="password">' . $translations['password'] . '</label></th>
|
|
<td><input type="password" id="password" name="password" placeholder="' . $translations['password']. '" required /></td>
|
|
<td>' . generateHelpToolTip("helpPassword", $translations['password'], $translations['helpPassword']) . '</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th><label for="passwordVerify">' . $translations['passwordVerify'] . '</label></th>
|
|
<td><input type="password" id="passwordVerify" name="passwordVerify" placeholder="' . $translations['passwordVerify']. '" required /></td>
|
|
<td></td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th><label for="admin">' . $translations['admin'] . '</label></th>
|
|
<td>
|
|
<label class="switch">
|
|
<input name="admin" id="admin" type="checkbox"'; if (isset($admin) and $admin) echo ' checked'; echo '>
|
|
<span class="slider round"></span>
|
|
</label>
|
|
</td>
|
|
<td>' . generateHelpToolTip("helpAdmin", $translations['admin'], $translations['helpAdmin']) . '</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<th></th>
|
|
<td><button type="submit">' . $translations['submit'] . '</button></td>
|
|
<td>
|
|
' . printHiddenInputs(['task' => 'insert'], 16) . '
|
|
</td>
|
|
</tr>
|
|
|
|
</table>
|
|
</form>
|
|
|
|
</section>
|
|
|
|
<section>
|
|
|
|
<table class="overviewtable">
|
|
<thead>
|
|
<tr>
|
|
<th>' . $translations['username'] . '</th>
|
|
<th>' . $translations['realName'] . '</th>
|
|
<th>' . $translations['email'] . '</th>
|
|
<th>' . $translations['admin'] . '</th>
|
|
<th>' . $translations['options'] . '</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
';
|
|
|
|
foreach ($users as $user) {
|
|
|
|
echo '
|
|
<tr>
|
|
<td><a href="user.php?t=' . urlencode($user['username']) . '">' . $user['username'] . '</a></td>
|
|
<td>' . $user['realName'] . '</td>
|
|
<td>' . $user['email'] . '</td>
|
|
<td>' . $user['admin'] . '</td>
|
|
<td></td>
|
|
</tr>
|
|
';
|
|
|
|
}
|
|
|
|
echo '
|
|
</tbody>
|
|
</table>
|
|
|
|
</section>
|
|
|
|
</main>
|
|
</div>';
|
|
|
|
echo printBackendEnd();
|
|
|
|
?>
|