Added edit-user.php, no permissions yet
This commit is contained in:
parent
54c00cbe8b
commit
386480890b
84
api/edit-user.php
Normal file
84
api/edit-user.php
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
require_once '../config/config-default.php';
|
||||||
|
require_once '../lib/database.php';
|
||||||
|
require_once '../lib/session.php';
|
||||||
|
|
||||||
|
$input = json_decode(file_get_contents('php://input'));
|
||||||
|
|
||||||
|
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
|
||||||
|
echo "Permission denied!";
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
|
if(isset($input->action) && $input->action == "addUser") {
|
||||||
|
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||||
|
|
||||||
|
$db->autocommit(false);
|
||||||
|
|
||||||
|
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (?,?,?)");
|
||||||
|
$stmt->bind_param("sss", $input->name, $passwordHash, $input->type);
|
||||||
|
$stmt->execute();
|
||||||
|
$stmt->close();
|
||||||
|
|
||||||
|
$stmt = $db->prepare("SELECT LAST_INSERT_ID()");
|
||||||
|
$stmt->execute();
|
||||||
|
$stmt->bind_result($newUserId);
|
||||||
|
$stmt->fetch();
|
||||||
|
$stmt->close();
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
|
|
||||||
|
$retval = Array();
|
||||||
|
$retval['newId'] = $newUserId;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(isset($input->action) && $input->action == "getUserData") {
|
||||||
|
$stmt = $db->prepare("SELECT name,type FROM user WHERE id=?");
|
||||||
|
$stmt->bind_param("i", $input->id);
|
||||||
|
$stmt->execute();
|
||||||
|
$stmt->bind_result($userName, $userType);
|
||||||
|
$stmt->fetch();
|
||||||
|
$stmt->close();
|
||||||
|
|
||||||
|
$retval = Array();
|
||||||
|
$retval['name'] = $userName;
|
||||||
|
$retval['type'] = $userType;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(isset($input->action) && $input->action == "saveUserChanges") {
|
||||||
|
if(isset($input->password)) {
|
||||||
|
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||||
|
$stmt = $db->prepare("UPDATE user SET name=?,password=?,type=? WHERE id=?");
|
||||||
|
$stmt->bind_param("sssi", $input->name, $passwordHash, $input->type, $input->id);
|
||||||
|
$stmt->execute();
|
||||||
|
$stmt->close();
|
||||||
|
} else {
|
||||||
|
$stmt = $db->prepare("UPDATE user SET name=?,type=? WHERE id=?");
|
||||||
|
$stmt->bind_param("ssi", $input->name, $input->type, $input->id);
|
||||||
|
$stmt->execute();
|
||||||
|
$stmt->close();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(isset($retval)) {
|
||||||
|
echo json_encode($retval);
|
||||||
|
} else {
|
||||||
|
echo "{}";
|
||||||
|
}
|
91
edit-user.php
Normal file
91
edit-user.php
Normal file
|
@ -0,0 +1,91 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<!--
|
||||||
|
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
-->
|
||||||
|
<?php
|
||||||
|
require_once 'lib/session.php';
|
||||||
|
?>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>PDNS Manager - Domains</title>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
|
||||||
|
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
|
||||||
|
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
|
||||||
|
<link href="include/select2/select2.min.css" rel="stylesheet">
|
||||||
|
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
|
||||||
|
<link href="include/custom.css" rel="stylesheet">
|
||||||
|
|
||||||
|
<script src="include/jquery.js"></script>
|
||||||
|
<script src="include/bootstrap/js/bootstrap.min.js"></script>
|
||||||
|
<script src="include/select2/select2.min.js"></script>
|
||||||
|
|
||||||
|
<script src="js/edit-user.js"></script>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<nav class="navbar navbar-inverse navbar-static-top">
|
||||||
|
<div class="container">
|
||||||
|
<div class="navbar-brand">
|
||||||
|
PDNS Manager
|
||||||
|
</div>
|
||||||
|
<ul class="nav navbar-nav">
|
||||||
|
<li><a href="domains.php">Domains</a></li>
|
||||||
|
<?php if($_SESSION['type'] == "admin") echo '<li><a href="users.php">Users</a></li>'; ?>
|
||||||
|
<li><a href="logout.php">Logout</a></li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</nav>
|
||||||
|
|
||||||
|
<div class="container">
|
||||||
|
|
||||||
|
<row>
|
||||||
|
<h2 id="heading">Change user</h2>
|
||||||
|
</row>
|
||||||
|
|
||||||
|
<row>
|
||||||
|
<div class="col-md-3">
|
||||||
|
<form>
|
||||||
|
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="user-name" class="control-label">Name</label>
|
||||||
|
<input type="text" class="form-control" id="user-name" placeholder="Username" autocomplete="off" data-regex="^[A-Za-z0-9\._-]+$" tabindex="1">
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="user-password" class="control-label">Password</label>
|
||||||
|
<input type="password" class="form-control" id="user-password" placeholder="(Unchanged)" autocomplete="off" tabindex="2">
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="user-password2" class="control-label">Password repeated</label>
|
||||||
|
<input type="password" class="form-control" id="user-password2" placeholder="(Unchanged)" autocomplete="off" tabindex="3">
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="user-type" class="control-label">Type</label>
|
||||||
|
<select id="user-type" class="form-control" tabindex="4">
|
||||||
|
<option value="user">User</option>
|
||||||
|
<option value="admin">Admin</option>
|
||||||
|
</select>
|
||||||
|
</div>
|
||||||
|
<button id="user-button-add" class="btn btn-primary" tabindex="5">Change</button>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</row>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
|
135
js/edit-user.js
Normal file
135
js/edit-user.js
Normal file
|
@ -0,0 +1,135 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
|
||||||
|
$(document).ready(function() {
|
||||||
|
|
||||||
|
$('#user-button-add').click(function(evt){
|
||||||
|
evt.preventDefault();
|
||||||
|
|
||||||
|
if(location.hash.substring(1) == "new") {
|
||||||
|
addUser();
|
||||||
|
} else {
|
||||||
|
saveUserChanges();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
$('form input#user-name').bind("paste keyup change", regexValidate);
|
||||||
|
|
||||||
|
$('#user-password').unbind().bind("paste keyup change", function() {
|
||||||
|
$('#user-password').parent().removeClass("has-error");
|
||||||
|
});
|
||||||
|
|
||||||
|
$('#user-password2').unbind().bind("paste keyup change", function() {
|
||||||
|
if($('#user-password').val() != $('#user-password2').val()) {
|
||||||
|
$('#user-password2').parent().addClass("has-error");
|
||||||
|
} else {
|
||||||
|
$('#user-password2').parent().removeClass("has-error");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
$('#user-type').select2({
|
||||||
|
minimumResultsForSearch: Infinity
|
||||||
|
});
|
||||||
|
|
||||||
|
//Prepare for new user
|
||||||
|
if(location.hash.substring(1) == "new") {
|
||||||
|
$('#heading').text("Add user");
|
||||||
|
$('#user-button-add').text("Add");
|
||||||
|
$('#user-password').attr("placeholder", "Password");
|
||||||
|
$('#user-password2').attr("placeholder", "Password repeated");
|
||||||
|
} else {
|
||||||
|
getUserData();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
function regexValidate() {
|
||||||
|
var regex = new RegExp($(this).attr('data-regex'));
|
||||||
|
if(!regex.test($(this).val())) {
|
||||||
|
$(this).parent().addClass("has-error");
|
||||||
|
} else {
|
||||||
|
$(this).parent().removeClass("has-error");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function addUser() {
|
||||||
|
$('form input').change();
|
||||||
|
|
||||||
|
if($('#user-password').val().length <= 0) {
|
||||||
|
$('#user-password').parent().addClass("has-error");
|
||||||
|
$('#user-password2').parent().addClass("has-error");
|
||||||
|
}
|
||||||
|
|
||||||
|
if($('#user-name').parent().hasClass("has-error")) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if($('#user-password2').parent().hasClass("has-error")) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
var data = {
|
||||||
|
name: $('#user-name').val(),
|
||||||
|
password: $('#user-password').val(),
|
||||||
|
type: $('#user-type').val(),
|
||||||
|
action: "addUser"
|
||||||
|
};
|
||||||
|
|
||||||
|
$.post(
|
||||||
|
"api/edit-user.php",
|
||||||
|
JSON.stringify(data),
|
||||||
|
function(data) {
|
||||||
|
location.assign("edit-user.php#" + data.newId);
|
||||||
|
location.reload();
|
||||||
|
},
|
||||||
|
"json"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function getUserData() {
|
||||||
|
var data = {
|
||||||
|
id: location.hash.substring(1),
|
||||||
|
action: "getUserData"
|
||||||
|
};
|
||||||
|
|
||||||
|
$.post(
|
||||||
|
"api/edit-user.php",
|
||||||
|
JSON.stringify(data),
|
||||||
|
function(data) {
|
||||||
|
$('#user-name').val(data.name);
|
||||||
|
$('#user-type').val(data.type).change();
|
||||||
|
},
|
||||||
|
"json"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
function saveUserChanges() {
|
||||||
|
var data = {
|
||||||
|
id: location.hash.substring(1),
|
||||||
|
name: $('#user-name').val(),
|
||||||
|
type: $('#user-type').val(),
|
||||||
|
action: "saveUserChanges"
|
||||||
|
};
|
||||||
|
|
||||||
|
if($('#user-password').val().length > 0) {
|
||||||
|
data.password = $('#user-password').val();
|
||||||
|
}
|
||||||
|
|
||||||
|
$.post(
|
||||||
|
"api/edit-user.php",
|
||||||
|
JSON.stringify(data),
|
||||||
|
null,
|
||||||
|
"json"
|
||||||
|
);
|
||||||
|
}
|
Loading…
Reference in a new issue