search

gWorldz / get-simple-cms

Automatically exported from code.google.com/p/get-simple-cms
GNU General Public License v3.0
0 stars 0 forks source link

Integrated user management #296

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
GetSimple needs integrated user management.

The current Multi User v1.4 plugin 
[http://get-simple.info/extend/plugin/multi-user/133/] is good, but it caused 
some issues on my installation. I have stripped it to be user management only 
plugin.

Here is the code that I have mangled, and the plugin author Mikeh revised 
(Thank you Mikeh!:) / I am not a coder.)

CODE:

*********************

<?php
    /*
    Plugin Name: Multi User
    Description: Adds Multi-User Management Section'
    Version: 1.4
    Author: Mike Henken
    Author URI: [url]http://michaelhenken.com/[/url]
    */
    // get correct id for plugin
    $thisfile = basename(__FILE__, ".php");
    // register plugin
    register_plugin($thisfile, // ID of plugin, should be filename minus php
    'Multi User',
    '1.4',
    'Mike Henken', // Author of plugin
    '[url]http://www.michaelhenken.com/[/url]', // Author URL
    'Adds Multi-User Management - Edit all options for current users and manage permissions.', // Plugin Description
    'settings', // Page type of plugin
    'mm_admin' // Function that displays content
    );
    // activate hooks //
    //Add Sidebar Item In Settings Page
    add_action('settings-sidebar', 'createSideMenu', array($thisfile, 'User Management'));
    //Make the multiuser_perm() function run before each admin page loads
    add_action('settings-user', 'mm_gs_settings_pg');
class MultiUser 
{
    public function __construct()
    {
        $old_add_file = GSPLUGINPATH.'user-managment-add.php';
        if(file_exists($old_add_file))
        {
            $success = unlink($old_add_file);
            if($success)
            {
                print "<div class=\"updated\" style=\"display: block;\">$old_add_file Has Been Successfully Deleted.<br/>This file was deleted because it is no longer needed for this plugin.</div>";
            }
            else
            {
                print "<div class=\"updated\" style=\"display: block;\"><span style=\"color:red;font-weight:bold;\">ERROR!!</span> - Unable To Delete $old_add_file<br/>You could delete $old_add_file if you would like. <br/>It is no longer needed for this plugin.</div>";
            }
        }
    }
    public function mmUserFile($get_Data, $data_Type = "")
    {
        if(get_cookie('GS_ADMIN_USERNAME') != "")
        {
            $current_user = get_cookie('GS_ADMIN_USERNAME');
            $dir = GSUSERSPATH . $current_user . ".xml";
            $user_file = simplexml_load_file($dir) or die("Unable to load XML file!");

            if($data_Type == "")
            {
                $return_user_data = $user_file->PERMISSIONS->$get_Data;
                return $return_user_data;
            }
            elseif($data_Type != "") 
            {
                $return_user_data = $user_file->$get_Data;
                return $return_user_data;
            }
        }
    }

    public function mmDeleteUser()
    {
        $deletename = $_GET['deletefile'];
        $thedelete = GSUSERSPATH . $deletename . '.xml';
        $success = unlink($thedelete);
        if($success)
        {
            print "<div class=\"updated\" style=\"display: block;\">$deletename Has Been Successfully Deleted</div>";
        }
        else
        {
            print "<div class=\"updated\" style=\"display: block;\"><span style=\"color:red;font-weight:bold;\">ERROR!!</span> - Unable To Delete File, Please Check Error Log Or Turn On Debug Mode</div>";
        }
        $this->mmManageUsersForm();
    }    

    public function mmProcessEditUser()
    {
        // check if new password was provided
        if (isset($_POST['userpassword'])) 
        {
            $pwd1 = $_POST['userpassword'];
            if ($pwd1 != '') 
            {
                $NPASSWD = passhash($pwd1);
            }
            else 
            {
                $NPASSWD = $_POST['nano']; 
            }
        }
        // GRAB DATA FROM FORM FORM
        $NUSR = $_POST['usernamec'];
        $usrfile = $_POST['usernamec'] . '.xml';
//        $NLANDING = $_POST['Landing'];
/*        if($NLANDING == "pages.php") 
        {
            $NLANDING == "";
        }*/
        if (isset($_POST['usernamec'])) 
        {
            // Edit user xml file - This coding was mostly taken from the 'settings.php' page..
            $xml = new SimpleXMLElement('<item></item>');
            $xml->addChild('USR', $NUSR);
            $xml->addChild('PWD', $NPASSWD);
            $xml->addChild('EMAIL', $_POST['useremail']);
            $xml->addChild('HTMLEDITOR', $_POST['usereditor']);
            $xml->addChild('TIMEZONE', $_POST['ntimezone']);
            $xml->addChild('LANG', $_POST['userlng']);
            if (!XMLsave($xml, GSUSERSPATH . $usrfile)) 
            {
                $error = "Did Not Save File - ERROR!";
                echo $error;
            }

            // Redirect after script is completed... I will make the script submit via ajax later
            else 
            {
              print '<div class="updated" style="display: block;">Your changes have been saved.</div>';
            }
            $this->mmManageUsersForm();
        }
    }
    public function mmAddUser()
    {
        //Set User File, Username, And Password From Submission
        $usrfile = strtolower($_POST['usernamec']);
        $usrfile    = $usrfile . '.xml';
        $NUSR = strtolower($_POST['usernamec']);
        $pwd1       = $_POST['userpassword'];
        $NPASSWD = passhash($pwd1);
        // create user xml file - This coding was mostly taken from the 'settings.php' page..
        createBak($usrfile, GSUSERSPATH, GSBACKUSERSPATH);
        if (file_exists(GSUSERSPATH . _id($NUSR).'.xml.reset')) { unlink(GSUSERSPATH . _id($NUSR).'.xml.reset'); }
        $xml = new SimpleXMLElement('<item></item>');
        $xml->addChild('USR', $NUSR);
        $xml->addChild('PWD', $NPASSWD);
        $xml->addChild('EMAIL', $_POST['useremail']);
        $xml->addChild('HTMLEDITOR', $_POST['usereditor']);
        $xml->addChild('TIMEZONE', $_POST['ntimezone']);
        $xml->addChild('LANG', $_POST['userlng']);
        if (! XMLsave($xml, GSUSERSPATH . $usrfile) ) {
        $error = i18n_r('CHMOD_ERROR');
        }
        // Redirect after script is completed... I will make the script submit via ajax later
            else 
            {
                print '<div class="updated" style="display: block;">'.$NUSR.' Has Been Created.</div>';
            }
        //Show Manage Form
        $this->mmManageUsersForm();
    }

    public function mmManageUsersForm()
    {
        # get all available language files
      $lang_handle = opendir(GSLANGPATH) or die("Unable to open ". GSLANGPATH);
      while ($lfile = readdir($lang_handle)) {
          if( is_file(GSLANGPATH . $lfile) && $lfile != "." && $lfile != ".." )    {
              $lang_array[] = basename($lfile, ".php");
          }
      }
      if (count($lang_array) != 0) {
          sort($lang_array);
          $count = '0'; $sel = ''; $langs = '';
          foreach ($lang_array as $larray){
              $langs .= '<option value="'.$larray.'" >'.$larray.'</option>';
              $count++;
          }
      }
     //Get Available Timezones
      ob_start(); include ("../admin/inc/timezone_options.txt");$Timezone_Include = ob_get_contents();ob_end_clean();
        //Styles For Form
    ?>
        <style>
            .text {
                width:160px !important;
            }
            .user_tr_header {
                border:0px;border-bottom:0px;border-bottom-width:0px;
            }
            .user_tr {
                border:0px;border-bottom:0px;border-bottom-width:0px;background:#F7F7F7;
            }
            .user_tr td{
                border:0px;border-bottom:0px;border-bottom-width:0px;background:#F7F7F7;
            }
            .user_sub_tr {
                border:0px;border-bottom:0px !important; border-bottom-width:0px !important;border-top:0px;border-top-width:0px !important;display:none
            }
            .user_sub_tr h3{
                font-size:14px; padding:0px;margin:0px;
            }
            .user_sub_tr td{
                border:0px;border-bottom:0px !important;border-bottom-width:0px !important;padding-top:6px !important; border-top: 0px !important;
            }
            .hiduser {
                display:none;
            }
            .user_sub_tr select{
                width:160px;
            }
            .perm label {
                clear:left
            }
            .perm_div {
                width:70px;height:40px;float:left;margin-left:4px;
            }
            .leftsec {
                width:180px;float:left;
            }
            .rightsec {
                width:180px;
            }
            .perm_select {
                width:220px;float:left;
            }
            .perm_div_2 {
                width:auto;float:left;padding-top:6px;
            }
            .acurser {
                cursor:pointer;text-decoration:underline;color:#D94136;position:absolute;margin-left:0px;
            }
            .hcurser {
                cursor:pointer;text-decoration:underline;color:#D94136;
            }
            .edit-pointer {
                cursor:pointer;
            }
        </style>

      <!-- Below is the 'Table Headers' For The user data -->
        <h3 class="floated">User Management</h3>
        <div class="edit-nav clearfix">
            <p>
                <a href="#" id="add-user">Add New User</a>
            </p>
        </div>

        <table class="user_table">
        <tr>
            <th>Username:</th>
            <th>Email:</th>
            <th>HTML Editor:</th>
            <th>Edit</th>
        </tr>
<?php
      // Open Users Directory And Put Filenames Into Array
      $dir = "./../data/users/*.xml";
      // Make Edit Form For Each User XML File Found
      foreach (glob($dir) as $file) {
          $xml = simplexml_load_file($file) or die("Unable to load XML file!");

      // PERMISSIONS CHECKBOXES - Checks XML File To Find Existing Permissions Settings //
        //Html Editor
        if ($xml->HTMLEDITOR == "") 
        {
            $htmledit = "No";
        } 
        else 
        {
            $htmledit = "Yes";
        }
        if ($htmledit == "No") 
        {
          $cchecked = "";
        } 
        elseif ($htmledit == "Yes") 
        {
          $cchecked = "checked";
        }
        //Below is the User Data
?>

        <script language="javascript">
            function decision(message, url){
                if(confirm(message)) location.href = url;
            }
        </script>

        <tr class="user_tr">
            <td>
                &nbsp;<?php echo $xml->USR; ?>
            </td>
            <td>
                &nbsp;<?php echo $xml->EMAIL; ?>
            </td>
            <td>
                &nbsp;<?php echo $htmledit; ?>
            </td>
            <!-- Edit Button (Expanded By Jquery Script) -->
            <td>
                <a style="" class="edit-pointer edit-user<?php echo $xml->USR; ?> acurser">Edit</a><a style="" class="hide-user<?php echo $xml->USR; ?> acurser hiduser">Hide</a>
            </td>
        </tr>
        <!-- Begin 'Edit User' Form -->
        <form method="post" action="load.php?id=user-managment">

        <!-- Edit Username -->
        <tr class="hide-div<?php echo $xml->USR; ?> user_sub_tr" style="">

            <td style=""></td>

            <!-- Edit Email -->
            <td style="">
                <input class="text" id="useremail" name="useremail" type="text" value="<?php echo $xml->EMAIL; ?>" />
            </td>
            <!-- HTML Editor Permissions -->
            <td  style="">
                <input name="usereditor" id="usereditor" type="checkbox" <?php echo $cchecked; ?> />
            </td>

        <!-- Change Password -->
        </tr>
        <tr class="hide-div<?php echo $xml->USR; ?> user_sub_tr" style="">
            <td style="">
                <label for="userpassword">Password:</label>
                <input autocomplete="off" class="text" id="userpassword" name="userpassword" type="password" value="" />
            </td>

            <!-- Change Language -->
            <td>
                <label for="userlng">Language:</label>
                <select name="userlng" id="userlng" class="text">
                    <option value="<?php echo $xml->LANG; ?>"selected="selected"><?php echo $xml->LANG; ?></option>
                    <?php echo $langs; ?>
                </select>
            </td>
            <!-- Change Timezone -->
            <td>
                <label for="ntimezone">Timezone:</label>
                <select class="text" id="ntimezone" name="ntimezone">
                    <option value="<?php echo $xml->TIMEZONE; ?>"  selected="selected"><?php echo $xml->TIMEZONE; ?></option>
                    <?php echo $Timezone_Include; ?>
                </select>
            </td>
        </tr>

            <div class="clear"></div>
            </td>
        </tr>
        <!-- Submit Form -->
        <tr class="hide-div<?php echo $xml->USR; ?> user_sub_tr perm" style="">
        <td>
            <input class="submit" type="submit" name="edit-user" value="Save Changes"/>
            &nbsp;&nbsp;&nbsp;<a class="hcurser" ONCLICK="decision('Are You Sure You Want To Delete <?php echo $xml->USR; ?>','load.php?id=user-managment&deletefile=<?php echo $xml->USR; ?>')">Delete User</a>
        </td>
        </tr>
        </div>
        <input type="hidden" name="nano" value="<?php echo $xml->PWD; ?>"/><input type="hidden" name="usernamec" value="<?php echo $xml->USR; ?>"/>
        </form>

<?php
}
echo "</table>";
echo '<script type="text/javascript">';
      //For Each User XML Filed, Print jQuery To Show/Hide The 'Edit User' And 'Add User' Sections
      foreach (glob($dir) as $file) {
          $xml = simplexml_load_file($file) or die("Unable to load XML file!");
          ?>

          $(".edit-user<?php echo $xml->USR; ?>").click(function () {
              $(".edit-user<?php echo $xml->USR; ?>").slideUp();         
              $(".hide-user<?php echo $xml->USR; ?>").slideDown();        
              $(".hide-div<?php echo $xml->USR; ?>").css('display','table-row');  
          });         
          $(".hide-user<?php echo $xml->USR; ?>").click(function () {         
              $(".edit-user<?php echo $xml->USR; ?>").slideDown();          
              $(".hide-user<?php echo $xml->USR; ?>").slideUp();         
              $(".hide-div<?php echo $xml->USR; ?>").css('display','none');         
          });
          $("hideagain").click(function () {         
              $(".edit-user<?php echo $xml->USR; ?>").slideUp();        
              $(".hide-div<?php echo $xml->USR; ?>").css('display','none');    
          });
          $("#add-user").click(function () {       
              $("#add-user").slideUp();       
              $(".hide-div").slideDown();          
          });
      <?php
      }
      echo "</script>";
                             // ADD USER FORM //
?>

<!-- Below is the html form to add a new user.. It is proccesed with 
'readxml.php' -->
      <div id="profile" class="hide-div section" style="display:none;margin-top:0px;">
      <form method="post" action="load.php?id=user-managment">
    <h3>Add New User</h3>
    <div class="leftsec">
      <p><label for="usernamec" >Username:</label><input class="text" id="usernamec" name="usernamec" type="text" value="" /></p>
    </div>
    <div class="rightsec">
      <p><label for="useremail" >Email :</label><input class="text" id="useremail" name="useremail" type="text" value="" /></p>
    </div>
    <div class="leftsec">
      <p><label for="ntimezone" >Timezone:</label>
      <select class="text" id="ntimezone" name="ntimezone">
      <option value="<?php echo $this->mmUserFile('TIMEZONE', true); ?>"  selected="selected"><?php echo $xml->TIMEZONE; ?></option>
          <?php echo $Timezone_Include; ?>
                                </select>
      </select>
      </p>
    </div>
    <div class="rightsec">
      <p><label for="userlng" >Language:</label>
      <select name="userlng" id="userlng" class="text">
            <option value="en_US"selected="selected">English (en_US)</option>
           <?php echo $langs ?>
      </select>
      </p>
    </div>
     <div class="leftsec">
      <p><label for="userpassword" >Password:</label><input autocomplete="off" class="text" id="userpassword" name="userpassword" type="password" value="" /></p>
    </div>
     <div class="leftsec">
       <p class="inline" style="padding-top:24px;"><input name="usereditor" id="usereditor" type="checkbox" value="1" checked="checked" /> &nbsp;<label for="usereditor" >Enable the HTML editor</label></p>
    </div>
      <div class="clear"></div>
    <p id="submit_line" >
      <span><input class="submit" type="submit" name="add-user" value="Add New User" /></span> 
      &nbsp;&nbsp;<?php i18n('OR'); ?>&nbsp;&nbsp; <a class="cancel" href="settings.php?cancel"><?php i18n('CANCEL'); ?></a>
    </p></form>
    </div>

    <?php
    }
}
    function mm_admin()
    {
        $mm_admin = new MultiUser;

        if(!isset($_POST['usernamec'])  && !isset($_GET['deletefile']) && !isset($_POST['add-user']) && !isset($_GET['download_id']))
        {
            $mm_admin->mmManageUsersForm();
        }

        if(isset($_POST['edit-user']))
        {
            $mm_admin->mmProcessEditUser();
        }

        if(isset($_GET['deletefile']))
        {
            $mm_admin->mmDeleteUser();
        }

        if(isset($_POST['add-user']))
        {
            $mm_admin->mmAddUser();
        }

    }

    function mm_gs_settings_pg()
    {
        $mm_settings = new MultiUser;
        $mm_settings->mmProcessSettings();
    }
?>

*********************

Original issue reported on code.google.com by borislav...@gmail.com on 6 Feb 2012 at 12:45

GoogleCodeExporter commented 9 years ago 
"GetSimple needs integrated user management." -> i agree, but not at this stage 
of development. GetSimple is fine where it stand now...

Original comment by ccagle8 on 6 Feb 2012 at 1:38

GoogleCodeExporter commented 9 years ago 
It is, I agree. GS is a wonderful creation, and that is why I have dumped my 
other CMS(es) for it. GS does have certain issues, some of which are very 
important if you would like to spread the system.

You can't expect to generate a strong following without covering simple and 
effective user management for companies and web developers to use. - Business 
users are the ones who will contribute the most, respecting the hard work you 
provided for the community.

Original comment by borislav...@gmail.com on 6 Feb 2012 at 2:31