From ea90fe3a8a0952838a454d3613952597b1e58959 Mon Sep 17 00:00:00 2001 From: "Matteo Nastasi (mop)" Date: Thu, 27 Mar 2014 08:12:50 +0100 Subject: [PATCH] usermgmt improved (not yet finished) --- web/Obj/dbase_pgsql.phh | 4 +-- web/Obj/mail.phh | 35 ++++++++++++++++++ web/index_wr.php | 14 ++++---- web/usermgmt.php | 78 ++++++++++++++++++++++++++++++----------- 4 files changed, 102 insertions(+), 29 deletions(-) create mode 100644 web/Obj/mail.phh diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh index 096ac12..6bdb294 100644 --- a/web/Obj/dbase_pgsql.phh +++ b/web/Obj/dbase_pgsql.phh @@ -164,8 +164,8 @@ class BriskDB VALUES ('%s', '%s', '%s', %d, %d, %d) RETURNING *;", $G_dbpfx, escsql(strtolower($login)), escsql($pass), escsql($email), $type, $disa_reas, $guar_code); - - if ( ! (($usr_pg = $this->query($usr_sql)) != FALSE && pg_affected_rows($usr_pg) == 1) ) { + + if (! (($usr_pg = $this->query($usr_sql)) != FALSE && pg_affected_rows($usr_pg) == 1) ) { return FALSE; } $usr_obj = pg_fetch_object($usr_pg, 0); diff --git a/web/Obj/mail.phh b/web/Obj/mail.phh new file mode 100644 index 0000000..9f6bfbf --- /dev/null +++ b/web/Obj/mail.phh @@ -0,0 +1,35 @@ + "utf-8", + "html_charset" => "utf-8", + "header_charset" => "utf-8", + "eol" => "\n" ); + +// references: @ +function brisk_mail($to, $subject, $text, $html, $refs) +{ + GLOBAL $brisk_mail_hp, $G_admin_mail; + + $hdrs = array( + 'From' => $G_admin_mail, + 'Subject' => $subject, + 'References' => $refs + ); + + $mime = new Mail_mime($brisk_mail_hp); + + $mime->setTXTBody($text); + $mime->setHTMLBody($html); + + $body = $mime->get(); + $hdrs = $mime->headers($hdrs); + + $mail = Mail::factory('mail'); + + $mail->send($to, $hdrs, $body); + + return TRUE; +} +?> \ No newline at end of file diff --git a/web/index_wr.php b/web/index_wr.php index f206b90..61bd7b6 100644 --- a/web/index_wr.php +++ b/web/index_wr.php @@ -74,21 +74,21 @@ $mlang_indwr = array( 'btn_backtotab' => array( 'it' => 'Torna ai tavoli.', 'Ciao, sono l\' amministratore del sito di Brisk. L\' utente \'%s\' ha garantito per te -con accesso \'%s\' e password \'%s\', -vai al link: %s/mailmgr.php?id=%s +con accesso \'%s\' e password \'%s\', +vai al link: %s/mailmgr.php?id=%s per confermare il tuo indirizzo di posta elettronica. Una volta verificato ti sarà possibile accedere al sito. Saluti e buone partite, mop.', - 'en' => 'EN mtext %s %s %s'), + 'en' => 'EN mtext %s %s %s'), 'nu_mhtml' => array( 'it' => 'Ciao, sono l\' amministratore del sito di Brisk.

L\' utente \'%s\' ha garantito per te
con accesso \'%s\' e password \'%s\'
clicca qui per confermare il tuo indirizzo di posta elettronica.

Una volta verificato ti sarà possibile accedere al sito.

Saluti e buone partite, mop.
', - 'en' => 'EN mhtml %s %s %s %s'), + 'en' => 'EN mhtml %s %s %s %s'), 'nu_gtext' => array( 'it' => 'Ciao %s, sono l\' amministratore del sito di Brisk. @@ -102,7 +102,7 @@ verrà sospeso anche il tuo accesso. Grazie dell\' impegno, mop.', 'en' => ''), - 'nu_ghtml' => array( 'it' => + 'nu_ghtml' => array( 'it' => 'Ciao %s, sono l\' amministratore del sito di Brisk.

Ti volevo avvisare che ho attivato i login di \'%s\' che hai garantito.

@@ -344,12 +344,12 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie) } // insert the new user disabled with reason NU_MAILED if (($usr_obj = $bdb->user_add($cli_name, $the_pass, $cli_email, - USER_FLAG_TY_DISABLE, + USER_FLAG_TY_DISABLE, USER_DIS_REA_NU_TOBECHK, $user->code)) == FALSE) { fprintf(STDERR, "user_add FAILED\n"); break; } - + $user->comm[$user->step % COMM_N] = "gst.st = ".($user->step+1)."; "; /* MLANG: "
Il nominativo è stato inoltrato all\'amministratore.

Nell\'arco di pochi giorni vi verrà

notificata l\'avvenuta registrazione." */ $user->comm[$user->step % COMM_N] .= show_notify($mlang_indwr['warrrepl'][$G_lang], 0, $mlang_indwr['btn_close'][$G_lang], 400, 150); diff --git a/web/usermgmt.php b/web/usermgmt.php index 79ba9b1..22256a7 100644 --- a/web/usermgmt.php +++ b/web/usermgmt.php @@ -50,33 +50,40 @@ function check_auth() $socket = FALSE; $ret = FALSE; $ip = $_SERVER["REMOTE_ADDR"]; - + $stp = 0; $private = md5($G_alarm_passwd.$ip.$sess); $cmd = array ("cmd" => "userauth", "sess" => $sess, "private" => $private, "the_end" => "true"); $cmd_ser = cmd_serialize($cmd); $cmd_len = mb_strlen($cmd_ser, "ASCII"); - + do { if (($socket = stream_socket_client("unix://".USOCK_PATH."2")) == FALSE) break; + $stp = 1; if (($rwr = fwrite($socket, $cmd_ser, $cmd_len)) == FALSE || $rwr != $cmd_len) break; fflush($socket); + $stp = 2; if (($buf = fread($socket, 4096)) == FALSE) break; $res = cmd_deserialize($buf); + $stp = 3; if (!isset($res['val']) || $res['val'] != 200) break; $ret = TRUE; + $stp = 4; } while (0); if ($socket != FALSE) fclose($socket); - + + if ($stp < 4) { + echo "STP: $stp
"; + } return ($ret); } -function main($action) { +function main() { GLOBAL $G_dbpfx, $G_alarm_passwd, $f_mailusers, $sess, $_POST, $_SERVER; if (check_auth() == FALSE) { @@ -84,21 +91,59 @@ function main($action) { exit; } - if (isset($f_mailusers)) { - $action = "listnew"; + if (isset($_POST['f_accept'])) { + $action = "accept"; } + else if (isset($_POST['f_delete'])) { + $action = "delete"; + } + + + if ($action == "accept") { + if (($bdb = BriskDB::create()) == FALSE) { + log_crit("stat-day: database connection failed"); + break; + } + + foreach($_POST as $key => $value) { + if (substr($key, 0, 9) != "f_newuser") + continue; + + $id = (int)substr($key, 9); + if ($id <= 0) + continue; + - if ($action == "listnew") { - echo "pippo"; + // retrieve list of active tournaments + $usr_sql = sprintf(" +SELECT usr.*, guar.login AS guar_login + FROM %susers AS usr + JOIN %susers AS guar ON guar.code = usr.guar_code + WHERE ( (usr.type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer)) ) + AND usr.disa_reas = %d AND usr.code = %d;", + $G_dbpfx, $G_dbpfx, + USER_FLAG_TY_ALL, USER_FLAG_TY_DISABLE, + USER_DIS_REA_NU_TOBECHK, $id); + if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) { + log_crit("stat-day: select from tournaments failed"); + break; + } + $usr_obj = pg_fetch_object($usr_pg, 0); + + printf("KEY: %s: %s %s
\n", $id, $value, $usr_obj->login); + // change state + // send mail + // populate + } + exit; } else { do { - if (($bdb = BriskDB::create()) == FALSE) { log_crit("stat-day: database connection failed"); break; } - + // retrieve list of active tournaments $usr_sql = sprintf(" SELECT usr.*, guar.login AS guar_login @@ -115,12 +160,8 @@ SELECT usr.*, guar.login AS guar_login } $usr_n = pg_numrows($usr_pg); - printf("Number of tournaments: %d\n", $usr_n); - $tab_lines = ""; - // loop on tournaments for ($i = 0 ; $i < $usr_n ; $i++) { - // log_crit("stat-day: LOOP i"); $usr_obj = pg_fetch_object($usr_pg, $i); $tab_lines .= sprintf("%s\n", @@ -135,21 +176,18 @@ SELECT usr.*, guar.login AS guar_login echo $tab_lines; ?> - + + \ No newline at end of file -- 2.17.1