X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=blobdiff_plain;f=web%2Fusermgmt.php;h=307372c94f66839b466dc3b828ebc88edcc31394;hp=413e173d850e69ba06c8b00c72bdf0509a54162a;hb=8740bf85c70c984fdd5342ef4446cced16fb4e5e;hpb=d30248bea653c6a0d4f784810dda00b660368941

diff --git a/web/usermgmt.php b/web/usermgmt.php
index 413e173..307372c 100644
--- a/web/usermgmt.php
+++ b/web/usermgmt.php
@@ -35,7 +35,7 @@ d\'ora in poi potrai utilizzare l\' utente \'%s\' e la password \'%s\'.
 Benvenuto e buone partite, mop.',
                                            'en' => 'EN ptext [%s] [%s]'),
                       'nu_phtml' => array( 'it' => 'Ciao, sono l\' amministratore del sito di Brisk.<br><br>
-La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine, per accedere al  sito d\'ora in poi potrai usare l\' utente \'%s\' e la password \'%s\'.<br>
+La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine.<br><br>Per accedere al  sito d\'ora in poi potrai usare l\' utente \'%s\' e la password \'%s\'.<br><br>
 Benvenuto e buone partite, mop.<br>',
                                            'en' => 'EN phtml [%s] [%s]')
                       );
@@ -47,6 +47,7 @@ require_once($G_base."Obj/brisk.phh");
 require_once($G_base."Obj/user.phh");
 require_once($G_base."Obj/auth.phh");
 require_once($G_base."Obj/mail.phh");
+require_once($G_base."Obj/dbase_base.phh");
 require_once($G_base."Obj/dbase_${G_dbasetype}.phh");
 require_once($G_base."briskin5/Obj/briskin5.phh");
 require_once($G_base."briskin5/Obj/placing.phh");
@@ -93,10 +94,24 @@ function check_auth()
     return ($ret);
 }
 
+$s_style = "
+<style>
+     table.the_tab {
+            border-collapse: collapse;
+            margin: 8px;
+            }
+
+     table.the_tab td {
+            border: 1px solid black;
+            padding: 8px;
+            }
+</style>";
+
 function main() {
-    GLOBAL $G_dbpfx, $G_lang, $G_alarm_passwd, $G_domain, $G_webbase;
+    GLOBAL $s_style, $G_dbpfx, $G_lang, $G_alarm_passwd, $G_domain, $G_webbase;
     GLOBAL $mlang_umgmt, $mlang_indwr, $f_mailusers, $sess, $_POST, $_SERVER;
 
+
     $curtime = time();
     $status = "";
 
@@ -105,6 +120,11 @@ function main() {
         exit;
     }
 
+    $nocheck = FALSE;
+    if (isset($_GET['f_nocheck'])) {
+        $nocheck = TRUE;
+    }
+
     if (isset($_GET['do']) && $_GET['do'] == 'newuser') {
         if (isset($_POST['f_accept'])) {
             $action = "accept";
@@ -137,7 +157,7 @@ function main() {
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
          AND usr.disa_reas = %d AND usr.code = %d;",
                                $G_dbpfx, $G_dbpfx,
                                USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
@@ -159,9 +179,9 @@ SELECT usr.*, guar.login AS guar_login
                     $is_trans = TRUE;
 
 
-                    if (($bdb->user_update_flag_ty($usr_obj->code,
-                                                   USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_ADDED,
-                                                   USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_MAILED)) == FALSE) {
+                    if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
+                                                   TRUE, USER_DIS_REA_NU_ADDED,
+                                                   TRUE, USER_DIS_REA_NU_MAILED)) == FALSE) {
                         echo "fail 2<br>";
                         break;
                     }
@@ -175,10 +195,18 @@ SELECT usr.*, guar.login AS guar_login
                     $confirm_page = sprintf("http://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
                                             $G_domain, $G_webbase, $mail_code, $hash);
                     $subj = $mlang_indwr['nu_msubj'][$G_lang];
-                    $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
-                                        $usr_obj->guar_login, $usr_obj->login, $confirm_page);
-                    $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang],
-                                        $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                    if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
+                        $body_txt = sprintf($mlang_indwr['ap_mtext'][$G_lang],
+                                            $cli_name, $confirm_page);
+                        $body_htm = sprintf($mlang_indwr['ap_mhtml'][$G_lang],
+                                            $cli_name, $confirm_page);
+                    }
+                    else {
+                        $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
+                                            $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                        $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang],
+                                            $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                    }
 
                     $mail_item = new MailDBItem($mail_code, $usr_obj->code, MAIL_TYP_CHECK,
                                                 $curtime, $subj, $body_txt, $body_htm, $hash);
@@ -205,7 +233,8 @@ SELECT usr.*, guar.login AS guar_login
                     break;
                 }
             }
-        }
+        } // else if ($action == "accept") {
+
 
         do {
             if (($bdb = BriskDB::create()) == FALSE) {
@@ -218,8 +247,8 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
-         AND usr.disa_reas = %d;",
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
                                $G_dbpfx, $G_dbpfx,
                                USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                USER_DIS_REA_NU_ADDED);
@@ -228,20 +257,28 @@ SELECT usr.*, guar.login AS guar_login
                 break;
             }
             $usr_n = pg_numrows($usr_pg);
-            $tab_lines = "";
+            $tab_lines = "<tr><th></th><th>User</th><th>Guar</th><th>Date</th></tr>";
             for ($i = 0 ; $i < $usr_n ; $i++) {
                 $usr_obj = pg_fetch_object($usr_pg, $i);
 
-                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" CHECKED></td><td>%s</td><td></td></tr>\n",
-                                      $usr_obj->code, eschtml($usr_obj->login), eschtml($usr_obj->guar_login));
+                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
+                                      $usr_obj->code, ($nocheck ? "" : "CHECKED"),
+                                      eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
             }
+
+
             ?>
 <html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Brisk: new imported users management.</title>
+     <?php echo "$s_style"; ?>
+</head>
 <body>
 <h2> New imported users management.</h2>
      <?php if ($status != "") { echo "$status"; } ?>
 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
-<table>
+<table class="the_tab">
 <?php
      echo $tab_lines;
 ?>
@@ -251,6 +288,124 @@ SELECT usr.*, guar.login AS guar_login
 </form>
 </body>
 </html>
+<?php
+           exit;
+        } while(FALSE);
+        printf("Some error occurred during newuser visualization\n");
+        exit;
+    }
+
+    if (isset($_GET['do']) && $_GET['do'] == 'mailed') {
+        if (isset($_POST['f_resend'])) {
+            $action = "resend";
+        }
+        else if (isset($_POST['f_delete'])) {
+            $action = "delete";
+        }
+        else {
+            $action = "show";
+        }
+
+        if ($action == "resend") {
+            foreach($_POST as $key => $value) {
+                if (substr($key, 0, 9) != "f_newuser")
+                    continue;
+
+                $id = (int)substr($key, 9);
+                if ($id <= 0)
+                    continue;
+
+                $res = FALSE;
+                do {
+                    if (($bdb = BriskDB::create()) == FALSE) {
+                        $status .= "1<br>";
+                        break;
+                    }
+                    // retrieve list added users
+                    $mai_sql = sprintf("
+SELECT mail.*, usr.email AS email
+     FROM %susers AS usr
+     JOIN %smails AS mail ON mail.ucode = usr.code
+     WHERE mail.ucode = %d AND mail.type = %d",
+                                       $G_dbpfx, $G_dbpfx, $id, MAIL_TYP_CHECK);
+                    if (($mai_pg = pg_query($bdb->dbconn->db(), $mai_sql)) == FALSE) {
+                        log_crit("retrieve mail failed");
+                        $status .= "2<br>";
+                        break;
+                    }
+                    $mai_n = pg_numrows($mai_pg);
+                    if ($mai_n != 1) {
+                        $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
+                                          $id, $mai_n);
+                        break;
+                    }
+                    $mai_obj = pg_fetch_object($mai_pg, 0);
+                    $mail = MailDBItem::MailDBItemFromRecord($mai_obj);
+
+                    if (brisk_mail($mai_obj->email, $mail->subj, $mail->body_txt, $mail->body_htm) == FALSE) {
+                        // mail error
+                        $status .= sprintf("Send mail filed for user id %d<br>\n", $id);
+                        break;
+                    }
+                    $res = TRUE;
+                } while(FALSE);
+                if ($res == FALSE) {
+                    $status .= sprintf("Error occurred during resend action<br>");
+                    break;
+                }
+            } // foreach
+        }
+
+        do {
+            if (($bdb = BriskDB::create()) == FALSE) {
+                log_crit("stat-day: database connection failed");
+                break;
+            }
+
+            // retrieve list added users
+            $usr_sql = sprintf("
+SELECT usr.*, guar.login AS guar_login
+     FROM %susers AS usr
+     JOIN %susers AS guar ON guar.code = usr.guar_code
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
+                               $G_dbpfx, $G_dbpfx,
+                               USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
+                               USER_DIS_REA_NU_MAILED);
+            if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
+                log_crit("stat-day: select from tournaments failed");
+                break;
+            }
+            $usr_n = pg_numrows($usr_pg);
+            $tab_lines = "<tr><th></th><th>User</th><th>Guar</th><th>Date</th></tr>";
+            for ($i = 0 ; $i < $usr_n ; $i++) {
+                $usr_obj = pg_fetch_object($usr_pg, $i);
+
+                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
+                                      $usr_obj->code, ($nocheck ? "" : "CHECKED"),
+                                      eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
+            }
+            ?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Brisk: new mailed users management.</title>
+     <?php echo "$s_style"; ?>
+</head>
+<body>
+<h2> New mailed users management.</h2>
+     <?php if ($status != "") { echo "$status"; } ?>
+<form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
+<table class="the_tab">
+<?php
+     echo $tab_lines;
+?>
+</table>
+<input type="submit" name="f_resend" value="Mailed Resend">
+<input type="submit" name="f_delete" value="Mailed Delete">
+</form>
+</body>
+</html>
 <?php
            exit;
         } while(FALSE);
@@ -288,10 +443,10 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
          AND usr.disa_reas = %d AND usr.code = %d;",
                                    $G_dbpfx, $G_dbpfx,
-                                   USER_FLAG_TY_ALL, USER_FLAG_TY_DISABLE,
+                                   USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                    USER_DIS_REA_NU_TOBECHK, $id);
                 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
                     log_crit("stat-day: select from tournaments failed");
@@ -308,9 +463,9 @@ SELECT usr.*, guar.login AS guar_login
                     break;
                 }
 
-                if (($bdb->user_update_flag_ty($usr_obj->code,
-                                               USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_TOBECHK,
-                                               USER_FLAG_TY_NORM, USER_DIS_REA_NONE)) == FALSE) {
+                if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
+                                               TRUE, USER_DIS_REA_NU_TOBECHK,
+                                               FALSE, USER_DIS_REA_NONE)) == FALSE) {
                     echo "fail 2<br>";
                     break;
                 }
@@ -324,6 +479,9 @@ SELECT usr.*, guar.login AS guar_login
                 $body_htm = sprintf($mlang_umgmt['nu_phtml'][$G_lang],
                                     $usr_obj->login, $passwd);
 
+                log_step(sprintf("[%s], [%s], [%s], [%s]\n", $usr_obj->email, $subj, $body_txt, $body_htm));
+
+
                 if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
                     // mail error
                     fprintf(STDERR, "ERROR: mail send FAILED\n");
@@ -332,6 +490,108 @@ SELECT usr.*, guar.login AS guar_login
             }
             exit;
         }
+
+
+        else if ($action == "delete") {
+            foreach($_POST as $key => $value) {
+                if (substr($key, 0, 9) != "f_newuser")
+                    continue;
+
+                $id = (int)substr($key, 9);
+                if ($id <= 0)
+                    continue;
+
+                // check existence of username or email
+                $is_trans = FALSE;
+                $res = FALSE;
+                do {
+                    if (($bdb = BriskDB::create()) == FALSE)
+                        break;
+
+                    // retrieve list added users
+                    $usr_sql = sprintf("
+SELECT usr.*, guar.login AS guar_login
+     FROM %susers AS usr
+     JOIN %susers AS guar ON guar.code = usr.guar_code
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d AND usr.code = %d;",
+                               $G_dbpfx, $G_dbpfx,
+                                       USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
+                                       USER_DIS_REA_NU_TOBECHK, $id);
+
+
+                    if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
+                        log_crit("stat-day: select from tournaments failed");
+                        break;
+                    }
+                    $usr_n = pg_numrows($usr_pg);
+                    if ($usr_n != 1) {
+                        $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
+                                          $id, $usr_n);
+                        break;
+                    }
+
+                    $usr_obj = pg_fetch_object($usr_pg, 0);
+
+                    $bdb->transaction('BEGIN');
+                    $is_trans = TRUE;
+
+                    $del_sql = sprintf("DELETE FROM %susers WHERE code = %d;",
+                                       $G_dbpfx, $usr_obj->code);
+
+                    if (($del_pg = pg_query($bdb->dbconn->db(), $del_sql)) == FALSE) {
+                        log_crit("stat-day: select from tournaments failed");
+                        break;
+                    }
+
+                    // FIXME: add to index_wr.php strings
+                    $subj = "Brisk: nickname rifiutato";
+                    // the same for both cases:
+                    //  if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
+                        $body_txt = sprintf('Ciao, sono l\' amministratore del sito di Brisk.
+
+Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
+non ha superato la fase di verifica manuale; il motivo può essere
+la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
+o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere.
+
+La procedura di registrazione va ripetuta.
+
+Saluti e buone partite, mop.', $usr_obj->login);
+
+                        $body_htm = sprintf('Ciao, sono l\' amministratore del sito di Brisk.<br><br>
+Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
+non ha superato la fase di verifica manuale; il motivo può essere
+la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
+o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere.<br><br>
+La procedura di registrazione va ripetuta.<br><br>
+Saluti e buone partite, mop.', $usr_obj->login);
+                    /* } */
+                    /* else { */
+                    /*     $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang], */
+                    /*                         $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
+                    /*     $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang], */
+                    /*                         $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
+                    /* } */
+
+                    if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
+                        // mail error
+                        fprintf(STDERR, "ERROR: mail send FAILED\n");
+                        break;
+                    }
+                    $status .= sprintf("user delete for %s: SUCCESS<br>", $usr_obj->login);
+                    $bdb->transaction('COMMIT');
+                    $res = TRUE;
+                } while(FALSE);
+                if ($res == FALSE) {
+                    $status .= sprintf("Error occurred during accept action<br>");
+                    if ($is_trans)
+                        $bdb->transaction('ROLLBACK');
+                    break;
+                }
+                printf("Registration %s for login %s deleted<br>\n", $usr_obj->code, $usr_obj->login);
+            }
+        }
         else {
             do {
             if (($bdb = BriskDB::create()) == FALSE) {
@@ -344,10 +604,10 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
-         AND usr.disa_reas = %d;",
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
                                $G_dbpfx, $G_dbpfx,
-                               USER_FLAG_TY_ALL, USER_FLAG_TY_DISABLE,
+                               USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                USER_DIS_REA_NU_TOBECHK);
             if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
                 log_crit("stat-day: select from tournaments failed");
@@ -355,20 +615,28 @@ SELECT usr.*, guar.login AS guar_login
             }
 
             $usr_n = pg_numrows($usr_pg);
-            $tab_lines = "";
+            $tab_lines = "<tr><th></th><th>User</th><th>EMail</th><th>Guar</th><th>Apprendice</th><th>Date</th></tr>";
             for ($i = 0 ; $i < $usr_n ; $i++) {
                 $usr_obj = pg_fetch_object($usr_pg, $i);
 
-                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" CHECKED></td><td>%s</td><td></td></tr>\n",
-                                      $usr_obj->code, eschtml($usr_obj->login), eschtml($usr_obj->guar_login));
+                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
+                                      $usr_obj->code, ($nocheck ? "" : "CHECKED"),
+                                      eschtml($usr_obj->login), eschtml($usr_obj->email), eschtml($usr_obj->guar_login),
+                                      ($usr_obj->type & USER_FLAG_TY_APPR ? "Yes" : "No"),
+                                      $usr_obj->lintm);
             }
             ?>
 <html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Brisk: email verified user management.</title>
+     <?php echo "$s_style"; ?>
+</head>
      <body>
      <h2> E-mail verified user management.</h2>
      <?php if ($status != "") { echo "$status"; } ?>
      <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
-     <table>
+     <table class="the_tab">
      <?php
      echo $tab_lines;
             ?>
@@ -386,4 +654,4 @@ SELECT usr.*, guar.login AS guar_login
 
 main();
 
-?>
\ No newline at end of file
+?>