Location: PHPKode > scripts > Wysiwygit > wysiwygit/admin.php
<?php
// Admin tasks - add/delete users, set passwords, admin privileges. 

error_reporting(E_ALL);

include "globals.php";

// Security check.
session_start();
if (! isset($_SESSION['wysiwygit_admin'])) {
   $errmsg = "You are not logged in as an administrative user.";
} else {
   $errmsg = '';

   // If updating, create new user file.  Check that not a duplicate user
   // (in case page reloaded).
   if (isset($_REQUEST['username'])) {
      $username = $_REQUEST['username'];

      $userfile = "users/$username.txt";
      if (! file_exists($userfile)) {
         $admin = isset($_REQUEST['admin']);
         $password = $_REQUEST['password'];
         $encrypted_password = crypt($password);
         $info = array(
            "username" => $username,
            "password" => $encrypted_password,
            "admin" => $admin
         );
         $line = json_encode($info) . "\n";
         if ($debug[2]) {
            my_error_log("[admin.php] userfile: $userfile");
            my_error_log("[admin.php] line: $line");
         }
         file_put_contents($userfile, $line);
      }
   }

   // Read users' files.
   $userfiles = glob('users/*.txt');
   foreach ($userfiles as $userfile) {

      $lines = file($userfile);

      // Read info line into arrays over users.
      foreach ($lines as $line) {

         // Skip comments and blank lines.
         $line = trim($line);
         if ($line{0} == '#' || $line == '') {
            continue;
         }
         $info = json_decode($line);
         $usernames[] = $info->username;
         if (isset($info->admin)) {
            $admins[] = $info->admin;
         } else {
            $admins[] = '';
         }
         break;
      }
   }

   // Sort.
   array_multisort($usernames, $admins);
}


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
   <title>
      Admin
   </title>
   <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js">
   </script>
   <script src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js">
   </script>

   <link rel="stylesheet" href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css" type="text/css" media="all" />

   <link rel="stylesheet" type="text/css" href="wysiwygit.css" />

   <script type="text/javascript">
      //<![CDATA[

      $(document).ready(function() {
         $('#adduser_dialog').dialog({
            autoOpen:   false,
            height:     400,
            width:      400,
            modal:      true,
            buttons:    {
               "Add user": addUser,
               "Cancel":   function() { $(this).dialog('close'); }
            }
         });
         $('#reset_password_dialog').dialog({
            autoOpen:   false,
            height:     400,
            width:      400,
            modal:      true,
            buttons:    {
               "Reset password": resetPassword,
               "Cancel":   function() { $(this).dialog('close'); }
            }
         });
      });

      // Transfer user names to javascript.
      var usernames = new Array();
      <?php 
      foreach ($usernames as $username) {
         $username = preg_replace("/'/", "\\'", $username);
         print "usernames.push('$username');\n";
      }
      ?>


      var addUser = function() {
         var errmsg = '';

         // Validate form, submit (this page).
         // Check user not already there.
         var username = $('#username').val();
         username = username.replace(/\s/, '');
         if ($.inArray(username, usernames) != -1) {
            errmsg += 'User name ' + username + ' is already being used.\n';
         }

         var password = $('#password').val();
         password = password.replace(/\s/, '');
         if (password.length < 4) {
            errmsg += 'Password must have at least four characters.\n';
         }
         var confirm_password = $('#confirm_password').val();
         if (password != confirm_password) {
            errmsg += 'Password and confirm password do not match';
         }
         if (errmsg) {
            alert(errmsg);
         } else {
            $('#adduser_form').submit();
         }
      }


      function deleteUser(aElm, i) {
         var tr = $(aElm).parent();

         // Closure to pass tr to callback.
         var onDeleteUser = function(returnData) {
            if (returnData) {
               alert(returnData);
            } else {
               tr.remove();

               // Also delete from local array.
               usernames[i] = '';
            }
         }

         var data = 'username=' + usernames[i];
         $.ajax({
               type:       'POST',
               url:        'delete_user.php',
               data:       data,
               success:    onDeleteUser,
               dataType:   'json'
         });
      }


      function changeAdmin(checkboxElm, i) {
         var admin = checkboxElm.checked ? 1 : 0;
         var data = 'username=' + usernames[i] + '&admin=' + admin;
         $.ajax({
               type:       'POST',
               url:        'change_admin.php',
               data:       data,
               success:    onChangeAdmin,
               dataType:   'json'
         });
      }


      function onChangeAdmin(returnData) {
         $('#reset_password_dialog').dialog('close');
         feedback(returnData);
      }


      var resetPasswordUsername;

      function resetPasswordDialog(i) {
         resetPasswordUsername = usernames[i];
         $('#reset_password_dialog').dialog('option', 'title', 'Reset password for ' + resetPasswordUsername);
         $('#reset_password_dialog').dialog('open');
      }


      function resetPassword() {
         var errmsg = '';

         var password = $('#reset_password').val();
         password = password.replace(/\s/, '');
         if (password.length < 4) {
            errmsg += 'Password must have at least four characters.\n';
         }
         var confirm_password = $('#reset_confirm_password').val();
         if (password != confirm_password) {
            errmsg += 'Password and confirm password do not match';
         }
         if (errmsg) {
            alert(errmsg);
         } else {
            var data = 'username=' + resetPasswordUsername 
                       + '&password=' + password;
            $.ajax({
                  type:       'POST',
                  url:        'reset_password.php',
                  data:       data,
                  success:    onResetPassword,
                  dataType:   'json'
            });
         }
      }


      function onResetPassword(returnData) {
         $('#reset_password_dialog').dialog('close');
         feedback(returnData);
      }


      function feedback(msg) {
         $('#feedback').html(msg).css({background: 'yellow'});
         $('#feedback').animate({backgroundColor: '#ffffff'}, 7000);
      }


      //]]>
   </script>

   <style type="text/css">
      body {
         font-size:           10pt;
         font-family:         Arial, Verdana, sans-serif;
      }

      #userlist td {
         font-size:           10pt;
         font-family:         Arial, Verdana, sans-serif;
         padding-left:        10px;
         padding-right:       10px;
         padding-top:         3px;
         padding-bottom:      3px;
      }

      label, input {
         display:             block;
      }
   </style>

</head>
<body>
   <div id="wysiwygit_control_header">
      <p style="margin-top: 4px;">
         &emsp;
         <b><span style="font-size: 140%; color: white;">Admin&nbsp;</span> 
         </b>
      </p>
      <div class="wysiwygit_button"
           style="position: absolute; top: 0px; right: 100px; 
                  background: none;">
         <a href="index.php" style="text-decoration: none;">
            <!-- IE8 needs the window.location method -->
            <button onclick="window.location.href = 'index.php'">
               Return to editor
            </button></a>
      </div>
   </div>
   <div id="main" style="margin-left: 20px;">
      <br />
      <?php
      if ($errmsg) {
         ?>
         <p style="text-align: center; font-weight: bold;">
            <?php print $errmsg ?>
         <p>
         <?php
      } else {
         ?>
         <div style="text-align: right;">
            <span id="feedback"></span>&nbsp;
         </div>
         <h2>
            Users
         </h2>
         <table id="userlist" cellspacing="0" border="1" style="border: 1px solid black;">
            <thead>
               <tr style="font-weight: bold;">
                  <td>
                     User name
                  </td>
                  <td>
                     Administrator?
                  </td>
                  <td>
                     Reset password
                  </td>
                  <td>
                     Delete user
                  </td>
               </tr>
            </thead>
            <tbody>
            <?php

            // Users.
            $n_users = count($usernames);
            for ($i=0; $i<$n_users; $i++) {
               $username = $usernames[$i];
               if ($admins[$i]) {
                  $admin = 'checked';
               } else {
                  $admin = '';
               }

               ?>
               <tr>
                  <td>
                     <?php print $username ?>
                  </td>
                  <td align="center">
                     <input type="checkbox" onchange="changeAdmin(this, <?php print $i ?>)" <?php print $admin ?> />
                  </td>
                  <td style="text-align: center;">
                     <a href="javascript: resetPasswordDialog(<?php print $i ?>)">
                        Reset</a>
                  </td>
                  <td style="text-align: center;" onclick="deleteUser(this, <?php print $i ?>)">
                     <a href="javascript: void(0)">
                        Delete</a>
                  </td>
               </tr>

               <?php
            }
            ?>
            </tbody>
         </table>
         <br />
         <br />
         <button onclick="$('#adduser_dialog').dialog('open');">
            Add new user
         </button>
         <div id="adduser_dialog" title="Add new user">
            <form id="adduser_form" action="<?php $_SERVER['PHP_SELF'] ?>" 
                  method="POST">
               <fieldset>
                  <table border="0">
                     <tr>
                        <td>
                           <label for="username">User name</label>
                        </td>
                        <td>
                           <input type="text" name="username" id="username" class="text ui-widget-content ui-corner-all" />
                        </td>
                     </tr>
                     <tr>
                        <td>
                           <label for="admin">Administrator</label>
                        </td>
                        <td>
                           <input type="checkbox" name="admin" id="admin" />
                        </td>
                     </tr>
                     <tr>
                        <td>
                           <label for="password">Password</label>
                        </td>
                        <td>
                           <input type="password" name="password" id="password" class="text ui-widget-content ui-corner-all" />
                        </td>
                     </tr>
                     <tr>
                        <td>
                           <label for="confirm_password">Confirm password</label>
                        </td>
                        <td>
                           <input type="password" name="confirm_password" id="confirm_password" class="text ui-widget-content ui-corner-all" />
                        </td>
                     </tr>
                  </table>
               </fieldset>
            </form>
         </div>
         <div id="reset_password_dialog" title="Reset password">
            <table border="0">
               <tr>
                  <td>
                     <label for="reset_password">New password</label>
                  </td>
                  <td>
                     <input type="password" name="reset_password" id="reset_password" class="text ui-widget-content ui-corner-all" />
                  </td>
               </tr>
               <tr>
                  <td>
                     <label for="reset_confirm_password">Confirm new password</label>
                  </td>
                  <td>
                     <input type="password" name="reset_confirm_password" id="reset_confirm_password" class="text ui-widget-content ui-corner-all" />
                  </td>
               </tr>
            </table>
         </div>
         <?php
      } // else of if ($errmsg)
      ?>
   </div> <!-- main -->

</body>
</html>
Return current item: Wysiwygit