From 608e17c03974ecd0c54b01dadad994507dc2b23d Mon Sep 17 00:00:00 2001 From: "terry%mozilla.org" <> Date: Wed, 19 Jan 2000 02:33:28 +0000 Subject: Spruced up "editusers.cgi". Added an "editusers" group. --- editusers.cgi | 128 +++++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 95 insertions(+), 33 deletions(-) (limited to 'editusers.cgi') diff --git a/editusers.cgi b/editusers.cgi index 5b5d7e526..d4c3cfd16 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -73,9 +73,9 @@ sub CheckUser ($) # Displays the form to edit a user parameters # -sub EmitFormElements ($$$$) +sub EmitFormElements ($$$$$) { - my ($user, $password, $realname, $groupset) = @_; + my ($user, $password, $realname, $groupset, $emailnotification) = @_; print " Login name:\n"; print " \n"; @@ -88,16 +88,29 @@ sub EmitFormElements ($$$$) print " Password:\n"; print " \n"; + print "\n"; + print " Email notification:\n"; + print qq{\n"; - SendSQL("SELECT bit,name,description + SendSQL("SELECT bit,name,description,bit & $groupset != 0 FROM groups ORDER BY name"); while (MoreSQLData()) { - my($bit,$name,$description) = FetchSQLData(); + my ($bit,$name,$description,$checked) = FetchSQLData(); print "\n"; - $bit = $bit+0; # this strange construct coverts a string to a number print " ", ucfirst($name), ":\n"; - my $checked = ($groupset & $bit) ? "CHECKED" : ""; + $checked = ($checked) ? "CHECKED" : ""; print " $description\n"; } @@ -142,9 +155,9 @@ confirm_login(); print "Content-type: text/html\n\n"; -unless (UserInGroup("tweakparams")) { +unless (UserInGroup("editusers")) { PutHeader("Not allowed"); - print "Sorry, you aren't a member of the 'tweakparams' group.\n"; + print "Sorry, you aren't a member of the 'editusers' group.\n"; print "And so, you aren't allowed to add, modify or delete users.\n"; PutTrailer(); exit; @@ -158,25 +171,63 @@ unless (UserInGroup("tweakparams")) { my $user = trim($::FORM{user} || ''); my $action = trim($::FORM{action} || ''); my $localtrailer = "edit more users"; +my $candelete = Param('allowuserdeletion'); # -# action='' -> Show nice list of users +# action='' -> Ask for match string for users. # unless ($action) { + PutHeader("Select match string"); + print qq{ +
+ +List users with login name matching: + + +
+ +}; + PutTrailer(); + exit; +} + + +# +# action='list' -> Show nice list of matching users +# + +if ($action eq 'list') { PutHeader("Select user"); + my $query = "SELECT login_name,realname FROM profiles WHERE login_name "; + if ($::FORM{'matchtype'} eq 'substr') { + $query .= "like"; + $::FORM{'matchstr'} = '%' . $::FORM{'matchstr'} . '%'; + } elsif ($::FORM{'matchtype'} eq 'regexp') { + $query .= "regexp"; + } elsif ($::FORM{'matchtype'} eq 'notregexp') { + $query .= "not regexp"; + } else { + die "Unknown match type"; + } + $query .= SqlQuote($::FORM{'matchstr'}) . " ORDER BY login_name"; - SendSQL("SELECT login_name,realname - FROM profiles - ORDER BY login_name"); + SendSQL($query); my $count = 0; my $header = " -\n -"; +"; + if ($candelete) { + $header .= "\n"; + } + $header .= "\n"; print $header; while ( MoreSQLData() ) { $count++; @@ -188,15 +239,22 @@ unless ($action) { print "\n"; print " \n"; print " \n"; - print " \n"; + if ($candelete) { + print " \n"; + } print ""; } print "\n"; - print " \n"; - print " \n"; + my $span = $candelete ? 3 : 2; + print qq{ + +}; print "
Edit user ... Real nameAction
Action
$user$realnameDeleteDelete
Add a new userAdd + Add a new user +
\n"; + print "$count users found.\n"; - PutTrailer(); + PutTrailer($localtrailer); exit; } @@ -212,12 +270,10 @@ unless ($action) { if ($action eq 'add') { PutHeader("Add user"); - #print "This page lets you add a new product to bugzilla.\n"; - print "\n"; print "\n"; - EmitFormElements('', '', '', 0); + EmitFormElements('', '', '', 0, 'ExcludeSelfChanges'); print "
\n
\n"; print "\n"; @@ -269,11 +325,11 @@ if ($action eq 'new') { exit; } - my $bits = 0; + my $bits = "0"; foreach (keys %::FORM) { next unless /^bit_/; #print "$_=$::FORM{$_}
\n"; - $bits |= $::FORM{$_}; + $bits .= "+ $::FORM{$_}"; } @@ -306,9 +362,13 @@ if ($action eq 'new') { if ($action eq 'del') { PutHeader("Delete user"); + if (!$candelete) { + print "Sorry, deleting users isn't allowed."; + PutTrailer(); + } CheckUser($user); - # display some data about the product + # display some data about the user SendSQL("SELECT realname, groupset, emailnotification, login_name FROM profiles WHERE login_name=" . SqlQuote($user)); @@ -431,6 +491,10 @@ if ($action eq 'del') { if ($action eq 'delete') { PutHeader("Deleting user"); + if (!$candelete) { + print "Sorry, deleting users isn't allowed."; + PutTrailer(); + } CheckUser($user); SendSQL("SELECT userid @@ -469,7 +533,8 @@ if ($action eq 'edit') { print "\n"; print "\n"; - EmitFormElements($user, $password, $realname, $groupset); + EmitFormElements($user, $password, $realname, $groupset, + $emailnotification); print "
\n"; @@ -505,11 +570,11 @@ if ($action eq 'update') { my $emailnotificationold = trim($::FORM{emailnotificationold} || ''); my $groupsetold = trim($::FORM{groupsetold} || ''); - my $groupset = 0; + my $groupset = "0"; foreach (keys %::FORM) { next unless /^bit_/; #print "$_=$::FORM{$_}
\n"; - $groupset |= $::FORM{$_}; + $groupset .= "+ $::FORM{$_}"; } CheckUser($userold); @@ -524,20 +589,17 @@ if ($action eq 'update') { print "Updated permissions.\n"; } -=for me - if ($emailnotification ne $emailnotificationold) { SendSQL("UPDATE profiles - SET emailnotification=" . $emailnotification . " + SET emailnotification=" . SqlQuote($emailnotification) . " WHERE login_name=" . SqlQuote($userold)); print "Updated email notification.
\n"; } -=cut - if ($password ne $passwordold) { + my $q = SqlQuote($password); SendSQL("UPDATE profiles - SET password=" . SqlQuote($password) . " + SET password= $q, cryptpassword = ENCRYPT($q) WHERE login_name=" . SqlQuote($userold)); print "Updated password.
\n"; } -- cgit v1.2.3-24-g4f1b