00001 <?php
00002 require_once("GenieGate/Controller.php");
00003 require_once("GenieGate/UserAccount.php");
00004 require_once("GenieGate/View/Php.php");
00005 require_once("GenieGate/Groups.php");
00006 require_once("GenieGate/Properties.php");
00007 require_once("GenieGate/Api/Login.php");
00008 require_once("GenieGate/utils.php");
00009 require_once("GenieGate/XMLImport.php");
00010 require_once("GenieGate/View/XMLExport.php");
00011 require_once("GenieGate/View/FlatFile.php");
00012 require_once("GenieGate/View/VCard.php");
00016 class GenieGate_Controller_Admin extends GenieGate_Controller {
00017
00022 var $APP_NAME = "Admin";
00023 var $PM;
00024 var $UA;
00025 var $GM;
00026 var $DISPATCH = array(DO_USER_MAIN => "do_user_main",
00027 DO_GENERAL_SEARCH => "do_general_search",
00028 DO_USER_SEARCH => "do_user_search",
00029 DO_LOOKUP_UID => "do_lookup_uid",
00030 DO_UPDATE_USER => "do_update_user",
00031 DO_UPDATE_GROUP => "do_update_group",
00032 DO_DELETE_GROUP => "do_delete_group",
00033 DO_SHOW_CREATE_SCREEN => "do_show_create_screen",
00034 DO_DELETE_USER => "do_delete_user",
00035 DO_EXPUNGE => "do_expunge",
00036 DO_GROUP_MAIN => "do_group_main",
00037 DO_SHOW_GROUP => "do_show_group",
00038 DO_CREATE_GROUP => "do_create_group",
00039 DO_CREATE_USER => "do_create_user",
00040 DO_SHOW_EDIT_PROP => "do_show_edit_prop",
00041 DO_ALTER_PROPERTY => "do_alter_property",
00042 DO_REMOVE_PROPERTY => "do_remove_property",
00043 DO_ADD_PROPERTY => "do_add_property",
00044 DO_LOGOUT => "do_logout",
00045 DO_EXPORT_MAIN => "do_export_main",
00046 DO_EXPORT => "do_export",
00047 DO_VCARD => "do_vcard",
00048 DO_IMPORT_XML => "do_import_xml",
00049 DO_PROPERTY_MAIN => "do_property_main");
00050
00056 function GenieGate_Controller_Admin(&$conf){
00057 parent::GenieGate_Controller($conf);
00058 $this->GM = new GenieGate_Groups($this->DBH);
00059 $this->UA = new GenieGate_UserAccount($this->DBH,$this->GM);
00060 $this->PM = new GenieGate_Properties($this->DBH);
00061 $this->gl = new GenieGate_Api_Login($this->DBH);
00062 $this->gl->setPromptView($this->getView("login"));
00063 $this->gl->USE_HTTP_AUTH=FALSE;
00064 $this->gl->login(array("admin"));
00065 $this->addPlugins();
00066 }
00067 function run($method=FALSE){
00068 $view = parent::run();
00069
00070 if(! $view){
00071 $view = $this->do_main();
00072 }
00073 return($view);
00074 }
00075 function addListener(&$listener){
00076 parent::addListener($listener);
00077 $this->UA->addListener(&$listener);
00078 $this->GM->addListener(&$listener);
00079 $this->PM->addListener(&$listener);
00080 }
00081
00085 function do_logout(){
00086 $this->gl->logout();
00087 return($this->getView("login"));
00088 }
00089
00093 function do_main(){
00094 $view = $this->getView("main");
00095 $view->param("STATS",$this->UA->getUserStats());
00096 return($view);
00097 }
00101 function do_general_search(){
00102 $kw = $_REQUEST[KEYWORDS];
00103 if(strlen($kw) == 0){
00104 return($this->do_main());
00105 }
00106 return($this->getView("search_result",
00107 array(SEARCH_USERS => $this->UA->scanUsers($kw))
00108 )
00109 );
00110 }
00114 function do_expunge(){
00115 $this->UA->expungeNonConfirmed();
00116 $view = $this->getView("message");
00117 $view->param("MESSAGE","User(s) removed");
00118 $view->param("NEXT","index.php?DO_USER_MAIN=1");
00119 return($view);
00120 }
00121
00125 function do_user_search(){
00126 $email = $_POST[EMAIL];
00127 $name = $_POST[NAME];
00128 $from = $_POST[DATE_FROM];
00129 $to = $_POST[DATE_TO];
00130 return($this->getView("search_result",
00131 array(SEARCH_USERS => $this->UA->searchUsers($email,$name,$from,$to)))
00132 );
00133 }
00137 function do_update_user(){
00138 $user[uid] = $_POST[uid];
00139 if(! $this->UA->lookupUid($user[uid])){
00140 $err = $this->getView("general_error");
00141 $err->param("ERRORS",array("User \"$user[uid]\" does not exist"));
00142 return($err);
00143 }
00144 $user[name] = $_POST[name];
00145 $user[email] = $_POST[email];
00146 $user[password] = $_POST[password];
00147 $groups = array();
00148 if(is_array($_POST[GIDS])){
00149 foreach($_POST[GIDS] as $l){
00150 $groups[$l] = 1;
00151 }
00152 }
00153
00154 if($user[uid] == "root"){
00155 $groups[admin] = 1;
00156 }
00157 $errors = $this->UA->checkNewUserFields($user,FALSE);
00158 if(count($errors)){
00159 $view = $this->getView("general_error");
00160 $view->param("ERRORS",$errors);
00161 return($view);
00162 }
00163 $this->UA->updateUserAccount($user[uid],$user);
00164 $this->GM->setMember($user[uid],array_keys($groups));
00165
00166 $this->storePropertySettings($user[uid]);
00167
00168 $view = $this->getView("message",array(MESSAGE => "User modification complete"));
00169 $view->param("NEXT","index.php?DO_USER_MAIN=1");
00170 return($view);
00171 }
00175 function do_user_main(){
00176 return($this->getView("user-main",array(STATS => $this->UA->getUserStats())));
00177 }
00181 function do_show_create_screen(){
00182 $errors = array();
00183 $uid = $_POST[UID];
00184 $ev = $this->getView("general_error");
00185 if(! $uid){
00186 array_push($errors,"Must supply a user ID");
00187 }
00188 $user = $this->UA->lookupUid($uid);
00189 if($user){
00190 array_push($errors,"User ID \"$uid\" already exists");
00191 $ev->param("ERRORS",$errors);
00192 return($ev);
00193 }
00194 if(strlen($uid) > 8){
00195 array_push($errors,"User ID must be under 8 characters");
00196 }
00197 if(preg_match("/\W/",$uid)){
00198 array_push($errors,"User ID must consist of only letters and numbers (no punctuation)");
00199 }
00200 if(count($errors)){
00201 $ev->param("ERRORS",$errors);
00202 return($ev);
00203 }
00204 $user[GROUPS] = $this->GM->getMemberGroups($user[uid]);
00205 $view = $this->getView("user-create");
00206 $view->param("UID",$uid);
00207 $all = $this->GM->getAllGroups();
00208 $view->param("GROUPS",$this->GM->getAllGroups());
00209 $view->param("PUBLIC_PROP_NAMES",$this->PM->getSectionProperties("genie.form.Public"));
00210 $view->param("INTERNAL_PROP_NAMES",$this->PM->getSectionProperties("genie.form.Private"));
00211 return($view);
00212 }
00217 function do_delete_user(){
00218 $confirm = $_REQUEST[CONFIRM];
00219 $errors = array();
00220 if($confirm != "Y"){
00221 array_push($errors,"Need to check the Confirm dialog box");
00222 }
00223 $uid = $_REQUEST[UID];
00224 if($uid == "root"){
00225 array_push($errors,"Can not remove root user");
00226 }
00227 if(count($errors)){
00228 $ev = $this->getView("general_error");
00229 $ev->param("ERRORS",$errors);
00230 return($ev);
00231 }
00232 $batch = array();
00233 $next = "index.php?DO_USER_MAIN=1";
00234 if(is_array($uid)){
00235 $next = "index.php";
00236
00237 foreach($uid as $i){
00238 if($i != "root"){
00239 $batch[$i] = TRUE;
00240 }
00241 }
00242 }else{
00243 $batch[$uid] = TRUE;
00244 }
00245
00246 foreach($batch as $u => $t){
00247 $this->GM->setMember($u,array());
00248 $this->UA->removeUser($u,"",FALSE);
00249 $this->PM->removeUser("genie.form.Public",$u);
00250 $this->PM->removeUser("genie.form.Private",$u);
00251 }
00252 $view = $this->getView("message");
00253 $view->param("MESSAGE","User(s) removed");
00254 $view->param("NEXT",$next);
00255 return($view);
00256 }
00260 function do_create_user(){
00261 $user[uid] = $_POST[uid];
00262 $user[name] = $_POST[name];
00263 $user[email] = $_POST[email];
00264 $user[password] = $_POST[password];
00265 $addg = $_POST[GIDS];
00266
00267 if(! $addg){
00268 $addg = array();
00269 }
00270 $groups = array();
00271 foreach($addg as $l){
00272 $groups[$l] = 1;
00273 }
00274 $mv = FALSE;
00275 $errors = $this->UA->createUserAccount($user,$mv);
00276 if(count($errors)){
00277 $view = $this->getView("general_error");
00278 $view->param("ERRORS",$errors);
00279 return($view);
00280 }
00281 $this->GM->setMember($user[uid],array_keys($groups));
00282
00283 $view = $this->getView("message");
00284 $view->param("MESSAGE","Created user \"$user[uid]\"");
00285 $view->param("NEXT","index.php?DO_USER_MAIN=1");
00286 $this->storePropertySettings($user[uid]);
00287 return($view);
00288 }
00289
00290
00291 function storePropertySettings($uid){
00292 $prop = array();
00293 $ip = $this->PM->getSection("genie.form.Private",$uid);
00294 $pp = $this->PM->getSection("genie.form.Public",$uid);
00295 foreach($_POST as $k => $v) {
00296 list($c,$n) = explode(":",$k,2);
00297 if($c == "PUBP"){
00298 if(strlen($v)){
00299 if($pp->isProperty($n)){
00300 $pp->setProperty($n,$v);
00301 }
00302 }
00303 }
00304 if($c == "INTP"){
00305 if(strlen($v)){
00306 if($ip->isProperty($n)){
00307 $ip->setProperty($n,$v);
00308 }
00309 }
00310 }
00311 }
00312 }
00313
00317 function do_lookup_uid(){
00318 $uid = $_GET[UID];
00319 if(! $uid){
00320 $uid = $_POST[UID];
00321 }
00322 if(! $uid){
00323 return($this->do_user_main());
00324 }
00325 $user = $this->UA->lookupUid($uid);
00326 if(! $user){
00327 return($this->getView("general_error",array(ERRORS => array("No such user: $uid"))));
00328 }
00329 $user[GROUPS] = $this->GM->getMemberGroups($user[uid]);
00330 $view = $this->getView("user-edit");
00331 $view->param("USER",$user);
00332 $view->param("GROUPS",$this->GM->getAllGroups());
00333
00334 $ip = $this->PM->getSection("genie.form.Public",$uid);
00335 $view->param("PUBP",&$ip);
00336 $pp = $this->PM->getSection("genie.form.Private",$uid);
00337 $view->param("INTP",&$pp);
00338
00339 return($view);
00340 }
00341
00342 function do_group_main(){
00343 $view = $this->getView("group-main");
00344 $view->param("GROUPS",$this->GM->getAllGroups());
00345 return($view);
00346 }
00350 function do_create_group(){
00351 $gid = $_POST[GID];
00352 if(! $gid){
00353 return($this->do_group_main());
00354 }
00355 $errors = array();
00356 if(preg_match("/\W/",$gid)){
00357 array_push($errors,"Group ID must consist of letters and numbers (no puctuation)");
00358 }
00359 $ginfo = $this->GM->getGroupName($gid);
00360 if($ginfo){
00361 array_push($errors,"Group ID [$gid] has already been taken");
00362 }
00363 if(count($errors)){
00364 $view = $this->getView("general_error");
00365 $view->param("ERRORS",$errors);
00366 return($view);
00367 }
00368 $view = $this->getView("message");
00369 $name = $_POST[NAME];
00370 $this->GM->setGroup($gid,$name,FALSE);
00371 $view->param("MESSAGE","Group [$gid] - [$name] created");
00372 $view->param("NEXT","index.php?DO_GROUP_MAIN=1");
00373 return($view);
00374 }
00378 function do_show_group(){
00379 $gid = $_REQUEST[GID];
00380 if(! strlen($gid)){
00381 return($this->do_group_main());
00382 }
00383 $view = $this->getView("group-edit");
00384 $members = $this->GM->getMembers($gid);
00385 $view->param("GROUP",$this->GM->getGroupName($gid));
00386 $view->param("MEMBERS", &$members );
00387 return($view);
00388 }
00392 function do_update_group(){
00393 $can_signup = $_POST[SELF_ADMIN] == "Y";
00394 $name = $_POST[NAME];
00395 $gid = $_POST[GID];
00396 if($gid == "admin"){
00397 $can_signup = FALSE;
00398 }
00399 $this->GM->setGroup($gid,$name,$can_signup);
00400 $view = $this->getView("message");
00401 $view->param("MESSAGE","Saved changes to $gid");
00402 $view->param("NEXT","index.php?DO_GROUP_MAIN=1");
00403 return($view);
00404 }
00408 function do_delete_group(){
00409 $confirm = $_REQUEST[CONFIRM];
00410 $errors = array();
00411 if($confirm != "Y"){
00412 array_push($errors,"Need to check the Confirm dialog box");
00413 }
00414 $gid = $_POST[GID];
00415 if($gid == "admin"){
00416 array_push($errors,"Can't delete this group.");
00417 }
00418 if(! $gid) {
00419 array_push($errors,"Invalid Group ID");
00420 }
00421 if(count($errors)){
00422 $ev = $this->getView("general_error");
00423 $ev->param("ERRORS",$errors);
00424 return($ev);
00425 }
00426 $view = $this->getView("message");
00427 $this->GM->removeGroup($gid);
00428 $view->param("MESSAGE","Removed $gid ");
00429 $view->param("NEXT","index.php?DO_GROUP_MAIN=1");
00430 return($view);
00431 }
00432
00436 function do_property_main(){
00437 $view = $this->getView("prop-main");
00438
00439 $view->param("INTERNAL_PROP",$this->PM->getSectionProperties("genie.form.Private"));
00440 $view->param("PUBLIC_PROP",$this->PM->getSectionProperties("genie.form.Public"));
00441 return($view);
00442 }
00443
00444
00445 function do_vcard(){
00446 header("Content-Type: text/directory");
00447 $view = new GenieGate_View_VCard($_REQUEST[UID],$this->UA,$this->PM);
00448 return($view);
00449 }
00450
00454 function do_show_edit_prop(){
00455 $view = $this->getView("prop-edit");
00456 $sect = "genie.form." . $_GET[SECT];
00457 $prop = $_GET[PROP];
00458 $diz = $this->PM->getDescription($sect,$prop);
00459 $view->param("SECT",$_GET[SECT]);
00460 $view->param("DIZ",$this->PM->getDescription($sect));
00461 $view->param("LABEL",$diz);
00462 $view->param("PROP",$prop);
00463 return($view);
00464 }
00468 function do_alter_property(){
00469 $sect = "genie.form." . $_POST[SECT];
00470 $prop = $_POST[PROP];
00471 $label = $_POST[LABEL];
00472 $this->PM->changePropertyLabel($sect,$prop,$label);
00473 $view = $this->getView("message");
00474 $view->param("MESSAGE","Property $prop has been altered");
00475 $view->param("NEXT","index.php?DO_PROPERTY_MAIN=1");
00476 return($view);
00477 }
00478
00479 function do_remove_property(){
00480 $sect = "genie.form." . $_POST[SECT];
00481 $prop = $_POST[PROP];
00482 if($_POST[CONFIRM] != "Y"){
00483 $view = $this->getView("general_error");
00484 $view->param("ERRORS",array("Must click the Confirm checkbox"));
00485 return($view);
00486 }
00487 $this->PM->undefineProperty($sect,$prop);
00488 $view = $this->getView("message");
00489 $view->param("MESSAGE","Property $prop has been removed, from all members.");
00490 $view->param("NEXT","index.php?DO_PROPERTY_MAIN=1");
00491 return($view);
00492 }
00493
00494 function do_add_property(){
00495 $sect = "genie.form." . $_POST[SECT];
00496 $prop = $_POST[PROP];
00497 $label = $_POST[LABEL];
00498 $errors = array();
00499 if(preg_match("/[^\w\.]/",$prop)){
00500 array_push($errors,"Property names must be alphanumeric");
00501 }
00502 if($this->PM->getPropertyId($sect,$prop)){
00503 array_push($errors,"Property $prop already exists");
00504 }
00505 if(count($errors)){
00506 $view = $this->getView("general_error");
00507 $view->param("ERRORS",$errors);
00508 return($view);
00509 }
00510 $this->PM->createProperty($sect,$prop,$label);
00511 $view = $this->getView("message");
00512 $view->param("NEXT","index.php?DO_PROPERTY_MAIN=1");
00513 $view->param("MESSAGE","Property [$prop] created with label: \"$label\"");
00514 return($view);
00515 }
00516
00520 function do_export_main(){
00521 return($this->getView("export-main"));
00522 }
00523
00524 function do_export() {
00525 if($_GET[FORMAT] == "XML"){
00526 $xml = new GenieGate_XMLWriter(TRUE,TRUE);
00527 $view = new GenieGate_View_XMLExport($xml,$this->UA,$this->GM,$this->PM);
00528 return($view);
00529 }
00530 header("Content-Type: text/plain");
00531 $view = new GenieGate_View_FlatFile($this->DBH,$_GET[FORMAT]);
00532 return($view);
00533 }
00534
00535
00536 function do_import_xml(){
00537 $fn = $_FILES[XML][tmp_name];
00538 $eview = $this->getView("general_error");
00539 if(! is_uploaded_file($fn)){
00540 $eview->param("ERRORS",array("File was not uploaded properly"));
00541 return($eview);
00542 }
00543 if($_FILES[XML][error]){
00544 $eview->param("ERRORS",array("File was not uploaded properly"));
00545 return($eview);
00546 }
00547 $fh = fopen($fn,"r");
00548 $importer = new GenieGate_XMLImport($this->DBH,$this->UA,$this->GM,$this->PM);
00549 while($data = fread($fh,4096)){
00550 $importer->more($data);
00551 }
00552 $importer->finish();
00553 $view = $this->getView("import-complete");
00554 $view->param("IMPORTER",$importer);
00555 return($view);
00556 }
00557
00558
00559 }
00560 ?>
