From 23e9b5770322e13a838bec191cc7a11df91cd40c Mon Sep 17 00:00:00 2001 From: Quitta Date: Mon, 1 Jul 2013 18:28:37 +0200 Subject: [PATCH 1/2] Settings page layout set! --HG-- branch : quitta-gsoc-2013 --- .../ryzom_ams/ams_lib/autoload/users.php | 59 ++++++++++-- .../ryzom_ams/www/html/autoload/webusers.php | 27 ++++++ .../ryzom_ams/www/html/func/add_user.php | 2 +- .../www/html/func/change_password.php | 30 ++++++ .../server/ryzom_ams/www/html/func/login.php | 11 +-- .../ryzom_ams/www/html/index_charisma.php | 8 +- .../www/html/templates/layout_admin.tpl | 1 + .../www/html/templates/layout_user.tpl | 1 + .../ryzom_ams/www/html/templates/settings.tpl | 92 ++++++++++++------- 9 files changed, 177 insertions(+), 54 deletions(-) create mode 100644 code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php diff --git a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php index 69a04ed89..864c963bb 100644 --- a/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php +++ b/code/ryzom/tools/server/ryzom_ams/ams_lib/autoload/users.php @@ -9,10 +9,10 @@ class Users{ */ public function check_Register($values){ // check values - if ( isset( $values["Username"] ) and isset( $values["Password"] ) and isset( $values["Email"] ) ){ + if ( isset( $values["Username"] ) and isset( $values["Password"] ) and isset( $values["ConfirmPass"] ) and isset( $values["Email"] ) ){ $user = Users::checkUser( $values["Username"] ); $pass = Users::checkPassword( $values["Password"] ); - $cpass = Users::confirmPassword($pass); + $cpass = Users::confirmPassword($pass,$values["Password"],$values["ConfirmPass"]); $email = Users::checkEmail( $values["Email"] ); }else{ $user = ""; @@ -134,12 +134,13 @@ class Users{ * @takes $pass * @return string Info: Verify's $_POST["Password"] is the same as $_POST["ConfirmPass"] */ - private function confirmPassword($pass_result) + private function confirmPassword($pass_result,$pass,$confirmpass) { - if ( ( $_POST["Password"] ) != ( $_POST["ConfirmPass"] ) ){ - return "Passwords do not match."; - }else if ($_POST["ConfirmPass"]==""){ + if ($confirmpass==""){ return "You have to fill in the confirmation password."; + } + else if ( ( $pass ) != ( $confirmpass ) ){ + return "Passwords do not match."; }else if($pass_result != "success"){ return; }else{ @@ -288,7 +289,7 @@ class Users{ //make connection with and put into shard db global $cfg; $dbs = new DBLayer($cfg['db']['shard']); - $dbs->execute("INSERT INTO user (Login, Password, Email) VALUES (:name, :pass, :mail)",$values["params"]); + $dbs->execute("INSERT INTO user (Login, Password, Email) VALUES (:name, :pass, :mail)",$values); return "ok"; } catch (PDOException $e) { @@ -304,7 +305,49 @@ class Users{ } } - } + } + + + protected function checkLoginMatch($user,$pass){ + print('This is the base class!'); + } + + public function check_change_password($values){ + if ( isset( $values["user"] ) and isset( $values["CurrentPass"] ) and isset( $values["ConfirmNewPass"] ) and isset( $values["NewPass"] ) ){ + $match = $this->checkLoginMatch($values["user"],$values["CurrentPass"]); + $newpass = $this->checkPassword($values["NewPass"]); + $confpass = $this->confirmPassword($newpass,$values["NewPass"],$values["ConfirmNewPass"]); + }else{ + $match = ""; + $newpass = ""; + $confpass = ""; + } + if ( ( $match != "fail" ) and ( $newpass == "success" ) and ( $confpass == "success" ) ){ + return "success"; + }else{ + $pageElements = array( + 'match_error_message' => $match, + 'newpass_error_message' => $newpass, + 'confirmnewpass_error_message' => $confpass + ); + if ( $match != "fail" ){ + $pageElements['MATCH_ERROR'] = 'FALSE'; + }else{ + $pageElements['MATCH_ERROR'] = 'TRUE'; + } + if ( $newpass != "success" ){ + $pageElements['NEWPASSWORD_ERROR'] = 'TRUE'; + }else{ + $pageElements['NEWPASSWORD_ERROR'] = 'FALSE'; + } + if ( $confpass != "success" ){ + $pageElements['CNEWPASSWORD_ERROR'] = 'TRUE'; + }else{ + $pageElements['CNEWPASSWORD_ERROR'] = 'FALSE'; + } + return $pageElements; + } + } } diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php index 48b6a1f94..1e201508f 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/autoload/webusers.php @@ -26,4 +26,31 @@ class WebUsers extends Users{ $dbw = new DBLayer($cfg['db']['web']); return $dbw->execute("SELECT * FROM ams_user WHERE Email = :email",array('email' => $email))->rowCount(); } + + + /** + * Function checkUserPassMatch + * + * @takes $username,$password + * @return string Info: Returns true or false if a login match is found in the web db + */ + public function checkLoginMatch($username,$password){ + global $cfg; + + $dbw = new DBLayer($cfg['db']['web']); + $statement = $dbw->execute("SELECT * FROM ams_user WHERE Login=:user", array('user' => $username)); + $row = $statement->fetch(); + + $salt = substr($row['Password'],0,2); + $hashed_input_pass = crypt($password, $salt); + if($hashed_input_pass == $row['Password']){ + return $row; + }else{ + return "fail"; + } + + + + } + } \ No newline at end of file diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/add_user.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/add_user.php index 8fc6f311b..1f8d5ce22 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/add_user.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/add_user.php @@ -2,7 +2,7 @@ function add_user(){ - $params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'Email' => $_POST["Email"]); + $params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]); $webUser = new WebUsers; $result = $webUser->check_Register($params); diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php new file mode 100644 index 000000000..63a76a425 --- /dev/null +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/change_password.php @@ -0,0 +1,30 @@ + $_SESSION["user"], 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"]); + $result = $webUser->check_change_password($params); + if ($result == "success"){ + //edit stuff into db + }else{ + $result['prevCurrentPass'] = $_POST["CurrentPass"]; + $result['prevNewPass'] = $_POST["NewPass"]; + $result['prevConfirmNewPass'] = $_POST["ConfirmNewPass"]; + $result['permission'] = $_SESSION['permission']; + $result['no_visible_elements'] = 'FALSE'; + helpers :: loadtemplate( 'settings', $result); + exit; + } + + } + }catch (PDOException $e) { + //go to error page or something, because can't access website db + print_r($e); + exit; + } + +} + diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php index 055ea442a..4edd60fe5 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/func/login.php @@ -5,16 +5,11 @@ function login(){ global $cfg; try{ - $dbw = new DBLayer($cfg['db']['web']); - $statement = $dbw->execute("SELECT * FROM ams_user WHERE Login=:user", array('user' => $_POST['Username'])); - - $row = $statement->fetch(); - $salt = substr($row['Password'],0,2); - $hashed_input_pass = crypt($_POST["Password"], $salt); - if($hashed_input_pass == $row['Password']){ + $result = WebUsers::checkLoginMatch($_POST["Username"],$_POST["Password"]); + if( $result != "fail"){ //handle successful login $_SESSION['user'] = $_POST["Username"]; - $_SESSION['permission'] = $row['Permission']; + $_SESSION['permission'] = $result['Permission']; //go back to the index page. header( 'Location: index.php' ); exit; diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/index_charisma.php b/code/ryzom/tools/server/ryzom_ams/www/html/index_charisma.php index bd2246229..b4b943104 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/index_charisma.php +++ b/code/ryzom/tools/server/ryzom_ams/www/html/index_charisma.php @@ -77,17 +77,17 @@
-
+

Charisma a fully featued template

Its a fully featured, responsive template for your admin panel. Its optimized for tablet and mobile phones. Scan the QR code below to view it in your mobile device.

QR Code
-
+

Custom small text

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur bibendum ornare dolor.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur bibendum ornare dolor, quis ullamcorper ligula sodales at. Nulla tellus elit, varius non commodo eget, mattis vel eros. In sed ornare nulla. Donec consectetur, velit a pharetra ultricies, diam lorem lacinia risus, ac commodo orci erat eu massa. Sed sit amet nulla ipsum. Donec felis mauris, vulputate sed tempor at, aliquam a ligula. Pellentesque non pulvinar nisi.

diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_admin.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_admin.tpl index daa8906ad..b2c79ba00 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_admin.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_admin.tpl @@ -2,6 +2,7 @@ {block name=menu}
  • Dashboard
  • +
  • Settings
  • Liblist
  • diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_user.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_user.tpl index 4d305b323..460a9b10b 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_user.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/layout_user.tpl @@ -2,6 +2,7 @@ {block name=menu}
  • Dashboard
  • +
  • Settings
  • Demo Userlist
  • Logout
  • diff --git a/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl b/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl index 213620fe9..c3c425f71 100644 --- a/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl +++ b/code/ryzom/tools/server/ryzom_ams/www/html/templates/settings.tpl @@ -1,52 +1,51 @@ {block name=content} -
    -
    -
    -

    Settings

    -
    - - +
    +
    +
    +

    Change Password

    +
    + + +
    -
    -
    - - -
    -
    +
    +
    Change Password -
    +
    - -
    + + {if isset($MATCH_ERROR) and $MATCH_ERROR eq "TRUE"}The password is incorrect{/if} +
    -
    +
    - -
    + + {if isset($NEWPASSWORD_ERROR) and $NEWPASSWORD_ERROR eq "TRUE"}{$newpass_error_message}{/if} +
    -
    +
    - -
    + + {if isset($CNEWPASSWORD_ERROR) and $CNEWPASSWORD_ERROR eq "TRUE"}{$confirmnewpass_error_message}{/if} +
    @@ -59,8 +58,20 @@
    +
    +
    +
    + +
    +
    +

    Change Email

    +
    + +
    -
    +
    +
    +
    Change Email
    @@ -80,8 +91,20 @@
    +
    +
    +
    + +
    +
    +

    Change Info

    +
    + +
    -
    +
    +
    +
    Change Info @@ -105,10 +128,11 @@
    -
    +
    - {if isset($MATCH_ERROR) and $MATCH_ERROR eq "TRUE"}The password is incorrect{/if} -
    + {if !isset($isAdmin) or $isAdmin eq "FALSE"} +
    + +
    +
    + + + {if isset($MATCH_ERROR) and $MATCH_ERROR eq "TRUE"}The password is incorrect{/if} +
    +
    -
    - + {/if}
    @@ -50,7 +51,7 @@
    - +