User management for the world wide web

dbsetup.php

<HTML>
<HEAD><TITLE>GenieGate setup</TITLE></HEAD>
<BODY>
<P>
This is the database setup procedure, it will install the tables
and data required for proper operation.
</P>
<P>
Your <I>geniegate.ini</I> file must have the required [database] section
completed before running this script. 
</P>
<P>
If you forgot your root password, the only way to retrieve it is 
by searching mysql's <I>ua_users</I> table. 
</P>
<P>
Your root username is <I>root</I>, the default password is <I>geniegate</I>
this should be changed as soon as possible.
</P>
<P>
If all went well, you can access your <A HREF="index.php">Admin control panel</A>
at this time.
</P>
<?php

//http://pong.tunestar.net/sandbox/GenieGate/web/admin/index.php?DO_LOOKUP_UID=1&UID=root

class GenieGate_SetupDruid {

  var $CMAP = array( ua_users => create_ua_users,
             ua_members => create_ua_members,
             ua_psect => create_ua_psect,
             ua_prnam => create_ua_prnam,
             ua_prop  => create_ua_prop,
             ua_group => create_ua_group
             );

  // Properties that the user could (in theory) alter.
  var $PUB_PROP = array(
            tel  => "Telephone Number",
            postalCode => "Postal code",
            state => "State/Province",
            country => "Country",
            fname  => "First Name",
            lname  => "Last Name",
            fax  => "FAX number",
            city => "City",
            street => "Street",
            pob => "P.O. Box number",
            dob   => "Date of birth",
            homePage => "Home Page URL",
            title  => "Job Title/Position",
            organization => "Company or organization",
            wphone => "Work Phone"              
            );

  // Properties for admin.
  var $PRIV_PROP = array(comments => "Comments");

  var $ERR = array();

  function GenieGate_SetupDruid() {}

  function run($conf){ 
    $dbc = $conf[database];
    $dbh = mysql_connect($dbc[HOST],$dbc[USER],$dbc[PASS]);
    if(! $dbh){
      die(mysql_errno() . " " .  mysql_error());        
    }    
    if(! mysql_select_db($dbc[DATABASE],$dbh)){
      die(mysql_errno() . " " .  mysql_error());
    }
    $this->check($conf,$dbh);
  }

  function check($conf,$dbh){
    $tables = array();
    $inf = $conf[database];
    $dbname = $inf[DATABASE];
    echo "<H1>Using database: [$dbname]</H1>";
    $ctr = $this->check_tables($dbname,$dbh);
    echo "<P>";
    $this->install_prop($dbh);
    echo "<P>";
    echo "<H2>Checking user account for root</H2>";
    $this->check_admin($dbh);
  }

  // Add an error.
  function error($message){ array_push($this->ERR,$message); }

  function check_admin($dbh){
      $stats = $this->checkRoot($dbh);
      echo "<UL>";
      // Setup admin group.
      if(! $stats[ua_group]){
          echo "<LI>Creating admin group ";
          $sql = "INSERT INTO ua_group (gid,name,signup) VALUES('admin','User can access control panel, use wisely!','N')";
          mysql_query($sql,$dbh) or die(mysql_error());
      }else{
          // Doesn't hurt to make sure this is always set to 'N'.
          echo "<LI>Making admin group unavailable to user signup. ";
          mysql_query("UPDATE ua_group SET signup='N' WHERE gid='admin'") or die(mysql_error());
      }
      // setup root user.
      if(! $stats[ua_users]){
?>
<P>
<H2>Creating root user (password: [geniegate] remember to change this!)</H2>
<STRONG>It is extremely important to write this
password down.</STRONG> You cannot simply re-run this script to
obtain the root password. (this is for security reasons) 
</P>
<P>
It should also be noted that your root password needs to be changed as
soon as possible. You can do this in the admin panel, simply type 'root'
in the search box provided on the main screen. Until it is changed 
other people will be able to access your system.
</P>

<?php
          $sql = "INSERT INTO ua_users (id,email,uid,created,confirm,name,password) ";
          $sql .= "VALUES('1','','root',CURRENT_DATE,'Y','Root User (do not delete)','geniegate')";
          mysql_query($sql,$dbh) or die(mysql_error());
      }else{
          echo "<LI>User root already exists, not changing";
      }
      // Make root a member of admin.
      if(! $stats[ua_members]){
          echo "<LI>Making root a member of admin";
          $sql = "INSERT INTO ua_members (gid,uid) VALUES('admin','root')";
          mysql_query($sql,$dbh) or die(mysql_error());      
      }else{
          echo "<LI>Root is already a member of admin, not changing";
      }
      echo "</UL>";
  }
  
  // Check to see if the root user is setup OK. (exists, group admin exists, and root is a member.
  function checkRoot($dbh){
      $stat = array();
      $sql = "SELECT uid FROM ua_users WHERE uid='root'";
      $rs = mysql_query($sql,$dbh);
      if($rs){
          $row = mysql_fetch_row($rs);
          if($row[0] == 'root'){
              $stat[ua_users] = TRUE;
          }
      }
      $sql = "SELECT gid FROM ua_group WHERE gid='admin'";
      $rs = mysql_query($sql,$dbh);
      if($rs){
          $row = mysql_fetch_row($rs);
          if($row[0] == 'admin'){
              $stat[ua_group] = TRUE;
          }
      }
      $sql = "SELECT uid,gid FROM ua_members WHERE uid='root' AND gid='admin'";
      $rs = mysql_query($sql,$dbh);
      if($rs){
          $row = mysql_fetch_row($rs);
          if($row[0] == 'root'){
              $stat[ua_members] = $row[1] == 'admin';
          }
      }
      return($stat);
  }

  function check_tables($dbname,$dbh){    
    $res = mysql_list_tables($dbname,$dbh);    
    $ctr = 0;
    while($row = mysql_fetch_row($res)){
      $tn = $row[0];
      $tables[$tn] = TRUE;
    }
    echo "<DL><DT>Checking Tables</DT><DD>\n";
    foreach($this->CMAP as $tbl => $meth){
      if(! $tables[$tbl]){
    echo "<LI>Create: $tbl .. ";
    if($this->$meth($dbh)){
      echo "Success!\n";
      ++$ctr;
    }else{
      $er = mysql_error();
      $this->error("Couldn't create $tbl " . $er);
      echo "<B>Failure:</B> " . htmlentities($er) . "\n";
    }
      }else{
    echo "<LI>Table [$tbl] exists, not creating.\n";
      }
    }
    echo "</DD></DL>\n";
    return($ctr);
  }
  function create_ua_group($dbh){
    $sql = "CREATE TABLE ua_group (
                   gid CHAR(12) UNIQUE NOT NULL,
                   name   VARCHAR(80),
                   signup ENUM('Y','N'),
                   PRIMARY KEY(gid) 
                   )";
    return(mysql_query($sql,$dbh));
  }
  function create_ua_users($dbh){
    $sql = "CREATE TABLE ua_users (
                  id    MEDIUMINT,
                  uid   CHAR(12) UNIQUE NOT NULL,
                  created DATE NOT NULL,
                  confirm ENUM('U','Y') DEFAULT 'U',
                  email   VARCHAR(60),
                  name    VARCHAR(80),  
                  password VARCHAR(24),
                  INDEX(email,id),
                  PRIMARY KEY(uid)
                  )";
    return(mysql_query($sql,$dbh));
  }
  function create_ua_members($dbh) {
    $sql = "CREATE TABLE ua_members (
                 gid CHAR(12),
                 uid CHAR(12)
                 )";
    return(mysql_query($sql,$dbh));
  }
  function create_ua_psect($dbh) {
    $sql =  "CREATE TABLE ua_psect (
         sid MEDIUMINT AUTO_INCREMENT,
         name VARCHAR(80),
         skey VARCHAR(80) UNIQUE NOT NULL,
         PRIMARY KEY(sid))";
    return(mysql_query($sql,$dbh));
  }
  function create_ua_prnam($dbh){
    $sql = "CREATE TABLE ua_prnam (
          prid MEDIUMINT AUTO_INCREMENT,
          sid  MEDIUMINT NOT NULL,
          pkey VARCHAR(80),
          diz VARCHAR(255),
          PRIMARY KEY(prid))";
    return(mysql_query($sql,$dbh));
  }
  function create_ua_prop($dbh){
    $sql = "CREATE TABLE ua_prop (
           prid     MEDIUMINT NOT NULL,
           uid  CHAR(12) NOT NULL,  
           val     VARCHAR(255),
           INDEX(prid,uid)
              )";
    return(mysql_query($sql,$dbh));
  }

  // Defines the properties and sections.
  function install_prop($dbh){
    require_once("GenieGate/Properties.php");
    $pm = new GenieGate_Properties($dbh);       
    $this->defineSection($pm,"genie.form.Public","Properties users are allowed to set");
    $this->defineSection($pm,"genie.form.Private","Internal properties, users cannot view/alter.");

    echo "<TABLE COLS=\"2\" WIDTH=\"80%\" ALIGN=\"CENTER\" >";    
    echo "<TR><TH COLSPAN=\"2\">Properties that users are allowed to set</TH></TR>";
    echo "<TR><TH>Property</TH><TH>Name</TH></TR>";
    foreach($this->PUB_PROP as $pkey => $name){
      echo "<TR><TD WIDTH=\"15%\">[$pkey]</TD><TD>$name</TD></TR>";
      $pm->createProperty("genie.form.Public",$pkey,$name);
    }
    echo "<P></TABLE>";
    echo "<TABLE COLS=\"2\" WIDTH=\"80%\" ALIGN=\"CENTER\" >";    
    echo "<TR><TH COLSPAN=\"2\">Properties that users are not allowed to set</TH></TR>";
    echo "<TR><TH>Property</TH><TH>Name</TH></TR>";
    foreach($this->PRIV_PROP as $pkey => $name){
      echo "<TR><TD WIDTH=\"15%\">[$pkey]</TD><TD>$name</TD></TR>";
      $pm->createProperty("genie.form.Private",$pkey,$name);
    }
    echo "</TABLE>";
  }
  // Define a section, if not exist.
  function defineSection($pm,$skey,$sname){   
    if($pm->getSectionId($skey)){
      return;
    }
    $pm->createSection($skey,$sname);
  }

}

?>
</BODY>
</HTML>

---

Documentation generated by DoxyGen