X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=blobdiff_plain;f=web%2Fusermgmt.php;h=307372c94f66839b466dc3b828ebc88edcc31394;hp=95a9c76cfe1f3b3c7cf09f58197eb2e7357d8d4a;hb=8740bf85c70c984fdd5342ef4446cced16fb4e5e;hpb=328de26963e512cc34c999baf67f449020a62bfd

diff --git a/web/usermgmt.php b/web/usermgmt.php
index 95a9c76..307372c 100644
--- a/web/usermgmt.php
+++ b/web/usermgmt.php
@@ -35,7 +35,7 @@ d\'ora in poi potrai utilizzare l\' utente \'%s\' e la password \'%s\'.
 Benvenuto e buone partite, mop.',
                                            'en' => 'EN ptext [%s] [%s]'),
                       'nu_phtml' => array( 'it' => 'Ciao, sono l\' amministratore del sito di Brisk.<br><br>
-La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine, per accedere al  sito d\'ora in poi potrai usare l\' utente \'%s\' e la password \'%s\'.<br>
+La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine.<br><br>Per accedere al  sito d\'ora in poi potrai usare l\' utente \'%s\' e la password \'%s\'.<br><br>
 Benvenuto e buone partite, mop.<br>',
                                            'en' => 'EN phtml [%s] [%s]')
                       );
@@ -94,10 +94,24 @@ function check_auth()
     return ($ret);
 }
 
+$s_style = "
+<style>
+     table.the_tab {
+            border-collapse: collapse;
+            margin: 8px;
+            }
+
+     table.the_tab td {
+            border: 1px solid black;
+            padding: 8px;
+            }
+</style>";
+
 function main() {
-    GLOBAL $G_dbpfx, $G_lang, $G_alarm_passwd, $G_domain, $G_webbase;
+    GLOBAL $s_style, $G_dbpfx, $G_lang, $G_alarm_passwd, $G_domain, $G_webbase;
     GLOBAL $mlang_umgmt, $mlang_indwr, $f_mailusers, $sess, $_POST, $_SERVER;
 
+
     $curtime = time();
     $status = "";
 
@@ -143,7 +157,7 @@ function main() {
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
          AND usr.disa_reas = %d AND usr.code = %d;",
                                $G_dbpfx, $G_dbpfx,
                                USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
@@ -165,9 +179,9 @@ SELECT usr.*, guar.login AS guar_login
                     $is_trans = TRUE;
 
 
-                    if (($bdb->user_update_flag_ty($usr_obj->code,
-                                                   USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_ADDED,
-                                                   USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_MAILED)) == FALSE) {
+                    if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
+                                                   TRUE, USER_DIS_REA_NU_ADDED,
+                                                   TRUE, USER_DIS_REA_NU_MAILED)) == FALSE) {
                         echo "fail 2<br>";
                         break;
                     }
@@ -181,10 +195,18 @@ SELECT usr.*, guar.login AS guar_login
                     $confirm_page = sprintf("http://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
                                             $G_domain, $G_webbase, $mail_code, $hash);
                     $subj = $mlang_indwr['nu_msubj'][$G_lang];
-                    $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
-                                        $usr_obj->guar_login, $usr_obj->login, $confirm_page);
-                    $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang],
-                                        $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                    if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
+                        $body_txt = sprintf($mlang_indwr['ap_mtext'][$G_lang],
+                                            $cli_name, $confirm_page);
+                        $body_htm = sprintf($mlang_indwr['ap_mhtml'][$G_lang],
+                                            $cli_name, $confirm_page);
+                    }
+                    else {
+                        $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
+                                            $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                        $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang],
+                                            $usr_obj->guar_login, $usr_obj->login, $confirm_page);
+                    }
 
                     $mail_item = new MailDBItem($mail_code, $usr_obj->code, MAIL_TYP_CHECK,
                                                 $curtime, $subj, $body_txt, $body_htm, $hash);
@@ -211,7 +233,8 @@ SELECT usr.*, guar.login AS guar_login
                     break;
                 }
             }
-        }
+        } // else if ($action == "accept") {
+
 
         do {
             if (($bdb = BriskDB::create()) == FALSE) {
@@ -224,9 +247,8 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
-         AND usr.disa_reas = %d
-     ORDER BY usr.lintm;",
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
                                $G_dbpfx, $G_dbpfx,
                                USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                USER_DIS_REA_NU_ADDED);
@@ -243,17 +265,20 @@ SELECT usr.*, guar.login AS guar_login
                                       $usr_obj->code, ($nocheck ? "" : "CHECKED"),
                                       eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
             }
+
+
             ?>
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <title>Brisk: new imported users management.</title>
+     <?php echo "$s_style"; ?>
 </head>
 <body>
 <h2> New imported users management.</h2>
      <?php if ($status != "") { echo "$status"; } ?>
 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
-<table>
+<table class="the_tab">
 <?php
      echo $tab_lines;
 ?>
@@ -342,9 +367,8 @@ SELECT mail.*, usr.email AS email
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
-         AND usr.disa_reas = %d
-     ORDER BY usr.lintm;",
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
                                $G_dbpfx, $G_dbpfx,
                                USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                USER_DIS_REA_NU_MAILED);
@@ -366,12 +390,13 @@ SELECT usr.*, guar.login AS guar_login
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <title>Brisk: new mailed users management.</title>
+     <?php echo "$s_style"; ?>
 </head>
 <body>
 <h2> New mailed users management.</h2>
      <?php if ($status != "") { echo "$status"; } ?>
 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
-<table>
+<table class="the_tab">
 <?php
      echo $tab_lines;
 ?>
@@ -418,10 +443,10 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
          AND usr.disa_reas = %d AND usr.code = %d;",
                                    $G_dbpfx, $G_dbpfx,
-                                   USER_FLAG_TY_ALL, USER_FLAG_TY_DISABLE,
+                                   USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                    USER_DIS_REA_NU_TOBECHK, $id);
                 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
                     log_crit("stat-day: select from tournaments failed");
@@ -438,9 +463,9 @@ SELECT usr.*, guar.login AS guar_login
                     break;
                 }
 
-                if (($bdb->user_update_flag_ty($usr_obj->code,
-                                               USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_TOBECHK,
-                                               USER_FLAG_TY_NORM, USER_DIS_REA_NONE)) == FALSE) {
+                if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
+                                               TRUE, USER_DIS_REA_NU_TOBECHK,
+                                               FALSE, USER_DIS_REA_NONE)) == FALSE) {
                     echo "fail 2<br>";
                     break;
                 }
@@ -454,6 +479,9 @@ SELECT usr.*, guar.login AS guar_login
                 $body_htm = sprintf($mlang_umgmt['nu_phtml'][$G_lang],
                                     $usr_obj->login, $passwd);
 
+                log_step(sprintf("[%s], [%s], [%s], [%s]\n", $usr_obj->email, $subj, $body_txt, $body_htm));
+
+
                 if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
                     // mail error
                     fprintf(STDERR, "ERROR: mail send FAILED\n");
@@ -462,6 +490,108 @@ SELECT usr.*, guar.login AS guar_login
             }
             exit;
         }
+
+
+        else if ($action == "delete") {
+            foreach($_POST as $key => $value) {
+                if (substr($key, 0, 9) != "f_newuser")
+                    continue;
+
+                $id = (int)substr($key, 9);
+                if ($id <= 0)
+                    continue;
+
+                // check existence of username or email
+                $is_trans = FALSE;
+                $res = FALSE;
+                do {
+                    if (($bdb = BriskDB::create()) == FALSE)
+                        break;
+
+                    // retrieve list added users
+                    $usr_sql = sprintf("
+SELECT usr.*, guar.login AS guar_login
+     FROM %susers AS usr
+     JOIN %susers AS guar ON guar.code = usr.guar_code
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d AND usr.code = %d;",
+                               $G_dbpfx, $G_dbpfx,
+                                       USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
+                                       USER_DIS_REA_NU_TOBECHK, $id);
+
+
+                    if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
+                        log_crit("stat-day: select from tournaments failed");
+                        break;
+                    }
+                    $usr_n = pg_numrows($usr_pg);
+                    if ($usr_n != 1) {
+                        $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
+                                          $id, $usr_n);
+                        break;
+                    }
+
+                    $usr_obj = pg_fetch_object($usr_pg, 0);
+
+                    $bdb->transaction('BEGIN');
+                    $is_trans = TRUE;
+
+                    $del_sql = sprintf("DELETE FROM %susers WHERE code = %d;",
+                                       $G_dbpfx, $usr_obj->code);
+
+                    if (($del_pg = pg_query($bdb->dbconn->db(), $del_sql)) == FALSE) {
+                        log_crit("stat-day: select from tournaments failed");
+                        break;
+                    }
+
+                    // FIXME: add to index_wr.php strings
+                    $subj = "Brisk: nickname rifiutato";
+                    // the same for both cases:
+                    //  if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
+                        $body_txt = sprintf('Ciao, sono l\' amministratore del sito di Brisk.
+
+Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
+non ha superato la fase di verifica manuale; il motivo può essere
+la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
+o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere.
+
+La procedura di registrazione va ripetuta.
+
+Saluti e buone partite, mop.', $usr_obj->login);
+
+                        $body_htm = sprintf('Ciao, sono l\' amministratore del sito di Brisk.<br><br>
+Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
+non ha superato la fase di verifica manuale; il motivo può essere
+la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
+o troppo aggressivo o o ci sono troppe cifre consecutive o qualcosa del genere.<br><br>
+La procedura di registrazione va ripetuta.<br><br>
+Saluti e buone partite, mop.', $usr_obj->login);
+                    /* } */
+                    /* else { */
+                    /*     $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang], */
+                    /*                         $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
+                    /*     $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang], */
+                    /*                         $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
+                    /* } */
+
+                    if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
+                        // mail error
+                        fprintf(STDERR, "ERROR: mail send FAILED\n");
+                        break;
+                    }
+                    $status .= sprintf("user delete for %s: SUCCESS<br>", $usr_obj->login);
+                    $bdb->transaction('COMMIT');
+                    $res = TRUE;
+                } while(FALSE);
+                if ($res == FALSE) {
+                    $status .= sprintf("Error occurred during accept action<br>");
+                    if ($is_trans)
+                        $bdb->transaction('ROLLBACK');
+                    break;
+                }
+                printf("Registration %s for login %s deleted<br>\n", $usr_obj->code, $usr_obj->login);
+            }
+        }
         else {
             do {
             if (($bdb = BriskDB::create()) == FALSE) {
@@ -474,11 +604,10 @@ SELECT usr.*, guar.login AS guar_login
 SELECT usr.*, guar.login AS guar_login
      FROM %susers AS usr
      JOIN %susers AS guar ON guar.code = usr.guar_code
-     WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) )
-         AND usr.disa_reas = %d
-     ORDER BY usr.lintm;",
+     WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
+         AND usr.disa_reas = %d ORDER BY usr.lintm;",
                                $G_dbpfx, $G_dbpfx,
-                               USER_FLAG_TY_ALL, USER_FLAG_TY_DISABLE,
+                               USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
                                USER_DIS_REA_NU_TOBECHK);
             if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
                 log_crit("stat-day: select from tournaments failed");
@@ -486,25 +615,28 @@ SELECT usr.*, guar.login AS guar_login
             }
 
             $usr_n = pg_numrows($usr_pg);
-            $tab_lines = "<tr><th></th><th>User</th><th>Guar</th><th>Date</th></tr>";
+            $tab_lines = "<tr><th></th><th>User</th><th>EMail</th><th>Guar</th><th>Apprendice</th><th>Date</th></tr>";
             for ($i = 0 ; $i < $usr_n ; $i++) {
                 $usr_obj = pg_fetch_object($usr_pg, $i);
 
-                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
+                $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
                                       $usr_obj->code, ($nocheck ? "" : "CHECKED"),
-                                      eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
+                                      eschtml($usr_obj->login), eschtml($usr_obj->email), eschtml($usr_obj->guar_login),
+                                      ($usr_obj->type & USER_FLAG_TY_APPR ? "Yes" : "No"),
+                                      $usr_obj->lintm);
             }
             ?>
 <html>
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <title>Brisk: email verified user management.</title>
+     <?php echo "$s_style"; ?>
 </head>
      <body>
      <h2> E-mail verified user management.</h2>
      <?php if ($status != "") { echo "$status"; } ?>
      <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
-     <table>
+     <table class="the_tab">
      <?php
      echo $tab_lines;
             ?>