5 * Copyright (C) 2014 Matteo Nastasi
6 * mailto: nastasi@alternativeoutput.it
7 * matteo.nastasi@milug.org
8 * web: http://www.alternativeoutput.it
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABLILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details. You should have received a
19 * copy of the GNU General Public License along with this program; if
20 * not, write to the Free Software Foundation, Inc, 59 Temple Place -
21 * Suite 330, Boston, MA 02111-1307, USA.
25 foreach (array("HTTP_HOST", "DOCUMENT_ROOT") as $i) {
26 if (isset($_SERVER[$i])) {
31 foreach (array("pazz") as $i) {
32 if (isset($_POST[$i])) {
37 foreach (array("sess") as $i) {
38 if (isset($_COOKIE[$i])) {
43 foreach (array("sess") as $i) {
44 if (isset($_COOKIE[$i])) {
51 $mlang_umgmt = array( 'nu_psubj' => array( 'it' => 'Brisk: credenziali di accesso.',
52 'en' => 'Brisk: credentials.'),
53 'nu_ptext' => array( 'it' =>
54 'Ciao, sono l\' amministratore del sito di Brisk.
56 La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine, per accedere al sito
57 d\'ora in poi potrai utilizzare l\' utente \'%s\' e la password \'%s\'.
59 Benvenuto e buone partite, mop.',
60 'en' => 'EN ptext [%s] [%s]'),
61 'nu_phtml' => array( 'it' => 'Ciao, sono l\' amministratore del sito di Brisk.<br><br>
62 La verifica del tuo indirizzo di posta elettronica e del tuo nickname è andata a buon fine.<br><br>Per accedere al sito d\'ora in poi potrai usare l\' utente \'%s\' e la password \'%s\'.<br><br>
63 Benvenuto e buone partite, mop.<br>',
64 'en' => 'EN phtml [%s] [%s]')
68 ini_set("max_execution_time", "240");
70 require_once($G_base."Obj/brisk.phh");
71 require_once($G_base."Obj/user.phh");
72 require_once($G_base."Obj/auth.phh");
73 require_once($G_base."Obj/mail.phh");
74 require_once($G_base."Obj/dbase_base.phh");
75 require_once($G_base."Obj/dbase_${G_dbasetype}.phh");
76 require_once($G_base."briskin5/Obj/briskin5.phh");
77 require_once($G_base."briskin5/Obj/placing.phh");
78 require_once($G_base."spush/brisk-spush.phh");
79 require_once($G_base."index_wr.php");
83 GLOBAL $G_alarm_passwd, $sess, $_POST, $_SERVER;
87 if (array_key_exists("HTTP_X_REAL_IP", $_SERVER)) {
88 $ip = $_SERVER["HTTP_X_REAL_IP"];
91 $ip = $_SERVER["REMOTE_ADDR"];
94 $private = md5($G_alarm_passwd.$ip.$sess);
95 $cmd = array ("cmd" => "userauth", "sess" => $sess, "private" => $private, "the_end" => "true");
96 $cmd_ser = cmd_serialize($cmd);
97 $cmd_len = mb_strlen($cmd_ser, "ASCII");
100 if (($socket = stream_socket_client('unix://'.USOCK_PATH_PFX.'_admin.sock')) == FALSE)
103 if (($rwr = fwrite($socket, $cmd_ser, $cmd_len)) == FALSE
108 if (($buf = fread($socket, 4096)) == FALSE)
110 $res = cmd_deserialize($buf);
112 if (!isset($res['val']) || $res['val'] != 200)
117 if ($socket != FALSE)
121 echo "STP: $stp<br>";
129 border-collapse: collapse;
134 border: 1px solid black;
140 GLOBAL $s_style, $G_dbpfx, $G_lang, $G_alarm_passwd, $G_proto, $G_domain, $G_webbase;
141 GLOBAL $mlang_umgmt, $mlang_indwr, $f_mailusers, $sess, $_POST, $_SERVER;
147 if (check_auth() == FALSE) {
148 echo "Authentication failed";
153 if (isset($_GET['f_nocheck'])) {
157 if (isset($_GET['do']) && $_GET['do'] == 'newuser') {
158 if (isset($_POST['f_accept'])) {
161 else if (isset($_POST['f_delete'])) {
168 if ($action == "accept") {
169 foreach($_POST as $key => $value) {
170 if (substr($key, 0, 9) != "f_newuser")
173 $id = (int)substr($key, 9);
177 // check existence of username or email
181 if (($bdb = BriskDB::create()) == FALSE)
184 // retrieve list added users
186 SELECT usr.*, guar.login AS guar_login
188 JOIN %susers AS guar ON guar.code = usr.guar_code
189 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
190 AND usr.disa_reas = %d AND usr.code = %d;",
192 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
193 USER_DIS_REA_NU_ADDED, $id);
194 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
195 log_crit("stat-day: select from tournaments failed");
198 $usr_n = pg_numrows($usr_pg);
200 $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
205 $usr_obj = pg_fetch_object($usr_pg, 0);
207 $bdb->transaction('BEGIN');
211 if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
212 TRUE, USER_DIS_REA_NU_ADDED,
213 TRUE, USER_DIS_REA_NU_MAILED)) == FALSE) {
218 if (($mail_code = $bdb->mail_reserve_code()) == FALSE) {
219 fprintf(STDERR, "ERROR: mail reserve code FAILED\n");
222 $hash = md5($curtime . $G_alarm_passwd . $usr_obj->login . $usr_obj->email);
224 $confirm_page = sprintf("%s://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
225 $G_proto, $G_domain, $G_webbase, $mail_code, $hash);
226 $subj = $mlang_indwr['nu_msubj'][$G_lang];
227 if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
228 $body_txt = sprintf($mlang_indwr['ap_mtext'][$G_lang],
229 $usr_obj->login, $confirm_page);
230 $body_htm = sprintf($mlang_indwr['ap_mhtml'][$G_lang],
231 $usr_obj->login, $confirm_page);
234 $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
235 $usr_obj->guar_login, $usr_obj->login, $confirm_page);
236 $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang],
237 $usr_obj->guar_login, $usr_obj->login, $confirm_page);
240 $mail_item = new MailDBItem($mail_code, $usr_obj->code, MAIL_TYP_CHECK,
241 $curtime, $subj, $body_txt, $body_htm, $hash);
243 if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
245 fprintf(STDERR, "ERROR: mail send FAILED\n");
249 if ($mail_item->store($bdb) == FALSE) {
251 fprintf(STDERR, "ERROR: store mail FAILED\n");
254 $status .= sprintf("status change for %s: SUCCESS<br>", $usr_obj->login);
255 $bdb->transaction('COMMIT');
259 $status .= sprintf("Error occurred during accept action<br>");
261 $bdb->transaction('ROLLBACK');
265 } // else if ($action == "accept") {
266 else if ($action == "delete") {
267 foreach($_POST as $key => $value) {
268 if (substr($key, 0, 9) != "f_newuser")
271 $id = (int)substr($key, 9);
275 // check existence of username or email
279 if (($bdb = BriskDB::create()) == FALSE)
282 // retrieve list added users
284 SELECT usr.*, guar.login AS guar_login
286 JOIN %susers AS guar ON guar.code = usr.guar_code
287 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
288 AND usr.disa_reas = %d AND usr.code = %d;",
290 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
291 USER_DIS_REA_NU_ADDED, $id);
292 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
293 log_crit("stat-day: select from tournaments failed");
296 $usr_n = pg_numrows($usr_pg);
298 $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
303 $usr_obj = pg_fetch_object($usr_pg, 0);
305 $bdb->transaction('BEGIN');
308 // retrieve list added users
311 WHERE (type & (CAST (X'%x' as integer))) = (CAST (X'%x' as integer))
312 AND disa_reas = %d AND code = %d;",
313 $G_dbpfx, USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
314 USER_DIS_REA_NU_ADDED, $id);
315 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
316 log_crit(sprintf("Delete of user %d failed", $id));
320 $status .= sprintf("User %s removed: SUCCESS<br>", $usr_obj->login);
321 $bdb->transaction('COMMIT');
325 $status .= sprintf("Error occurred during delete action<br>");
327 $bdb->transaction('ROLLBACK');
331 } // else if ($action == "accept") {
336 if (($bdb = BriskDB::create()) == FALSE) {
337 log_crit("stat-day: database connection failed");
341 // retrieve list added users
343 SELECT usr.*, guar.login AS guar_login
345 JOIN %susers AS guar ON guar.code = usr.guar_code
346 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
347 AND usr.disa_reas = %d ORDER BY usr.lintm;",
349 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
350 USER_DIS_REA_NU_ADDED);
351 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
352 log_crit("stat-day: select from tournaments failed");
355 $usr_n = pg_numrows($usr_pg);
356 $tab_lines = "<tr><th></th><th>User</th><th>Guar</th><th>Date</th></tr>";
357 for ($i = 0 ; $i < $usr_n ; $i++) {
358 $usr_obj = pg_fetch_object($usr_pg, $i);
360 $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
361 $usr_obj->code, ($nocheck ? "" : "CHECKED"),
362 eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
369 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
370 <title>Brisk: new imported users management.</title>
371 <?php echo "$s_style"; ?>
374 <h2> New imported users management.</h2>
375 <?php if ($status != "") { echo "$status"; } ?>
376 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
377 <table class="the_tab">
382 <input type="submit" name="f_accept" value="Newuser Accept">
383 <input type="submit" name="f_delete" value="Newuser Delete">
390 printf("Some error occurred during newuser visualization\n");
394 if (isset($_GET['do']) && $_GET['do'] == 'mailed') {
395 if (isset($_POST['f_resend'])) {
398 else if (isset($_POST['f_delete'])) {
405 if ($action == "resend") {
406 foreach($_POST as $key => $value) {
407 if (substr($key, 0, 9) != "f_newuser")
410 $id = (int)substr($key, 9);
416 if (($bdb = BriskDB::create()) == FALSE) {
420 // retrieve list added users
422 SELECT mail.*, usr.email AS email
424 JOIN %smails AS mail ON mail.ucode = usr.code
425 WHERE mail.ucode = %d AND mail.type = %d",
426 $G_dbpfx, $G_dbpfx, $id, MAIL_TYP_CHECK);
427 if (($mai_pg = pg_query($bdb->dbconn->db(), $mai_sql)) == FALSE) {
428 log_crit("retrieve mail failed");
432 $mai_n = pg_numrows($mai_pg);
434 $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
438 $mai_obj = pg_fetch_object($mai_pg, 0);
439 $mail = MailDBItem::MailDBItemFromRecord($mai_obj);
441 if (brisk_mail($mai_obj->email, $mail->subj, $mail->body_txt, $mail->body_htm) == FALSE) {
443 $status .= sprintf("Send mail filed for user id %d<br>\n", $id);
449 $status .= sprintf("Error occurred during resend action<br>");
456 if (($bdb = BriskDB::create()) == FALSE) {
457 log_crit("stat-day: database connection failed");
461 // retrieve list added users
463 SELECT usr.*, guar.login AS guar_login
465 JOIN %susers AS guar ON guar.code = usr.guar_code
466 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
467 AND usr.disa_reas = %d ORDER BY usr.lintm;",
469 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
470 USER_DIS_REA_NU_MAILED);
471 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
472 log_crit("stat-day: select from tournaments failed");
475 $usr_n = pg_numrows($usr_pg);
476 $tab_lines = "<tr><th></th><th>User</th><th>Guar</th><th>Date</th></tr>";
477 for ($i = 0 ; $i < $usr_n ; $i++) {
478 $usr_obj = pg_fetch_object($usr_pg, $i);
480 $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
481 $usr_obj->code, ($nocheck ? "" : "CHECKED"),
482 eschtml($usr_obj->login), eschtml($usr_obj->guar_login), $usr_obj->lintm);
487 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
488 <title>Brisk: new mailed users management.</title>
489 <?php echo "$s_style"; ?>
492 <h2> New mailed users management.</h2>
493 <?php if ($status != "") { echo "$status"; } ?>
494 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
495 <table class="the_tab">
500 <input type="submit" name="f_resend" value="Mailed Resend">
501 <input type="submit" name="f_delete" value="Mailed Delete">
508 printf("Some error occurred during newuser visualization\n");
511 else { // if ($_GET['do'] ...
512 if (isset($_POST['f_accept'])) {
515 else if (isset($_POST['f_delete'])) {
522 if ($action == "accept") {
523 if (($bdb = BriskDB::create()) == FALSE) {
524 log_crit("stat-day: database connection failed");
528 foreach($_POST as $key => $value) {
529 if (substr($key, 0, 9) != "f_newuser")
532 $id = (int)substr($key, 9);
537 // retrieve list of active tournaments
539 SELECT usr.*, guar.login AS guar_login
541 JOIN %susers AS guar ON guar.code = usr.guar_code
542 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
543 AND usr.disa_reas = %d AND usr.code = %d;",
545 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
546 USER_DIS_REA_NU_TOBECHK, $id);
547 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
548 log_crit("stat-day: select from tournaments failed");
551 $usr_obj = pg_fetch_object($usr_pg, 0);
553 printf("KEY: %s: %s %s<br>\n", $id, $value, $usr_obj->login);
555 $passwd = passwd_gen();
557 if (($bdb->user_update_passwd($usr_obj->code, $passwd)) == FALSE) {
562 if (($bdb->user_update_flag_ty($usr_obj->code, USER_FLAG_TY_DISABLE,
563 TRUE, USER_DIS_REA_NU_TOBECHK,
564 FALSE, USER_DIS_REA_NONE)) == FALSE) {
569 $bdb->user_update_login_time($usr_obj->code, 0);
572 $subj = $mlang_umgmt['nu_psubj'][$G_lang];
573 $body_txt = sprintf($mlang_umgmt['nu_ptext'][$G_lang],
574 $usr_obj->login, $passwd);
575 $body_htm = sprintf($mlang_umgmt['nu_phtml'][$G_lang],
576 $usr_obj->login, $passwd);
578 log_step(sprintf("[%s], [%s], [%s], [%s]\n", $usr_obj->email, $subj, $body_txt, $body_htm));
581 if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
583 fprintf(STDERR, "ERROR: mail send FAILED\n");
589 else if ($action == "delete") {
590 foreach($_POST as $key => $value) {
591 if (substr($key, 0, 9) != "f_newuser")
594 $id = (int)substr($key, 9);
598 // check existence of username or email
602 if (($bdb = BriskDB::create()) == FALSE)
605 // retrieve list added users
607 SELECT usr.*, guar.login AS guar_login
609 JOIN %susers AS guar ON guar.code = usr.guar_code
610 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
611 AND usr.disa_reas = %d AND usr.code = %d;",
613 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
614 USER_DIS_REA_NU_TOBECHK, $id);
617 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
618 log_crit("stat-day: select from tournaments failed");
621 $usr_n = pg_numrows($usr_pg);
623 $status .= sprintf("Inconsistency for code %d, returned %d records, skipped.<br>",
628 $usr_obj = pg_fetch_object($usr_pg, 0);
630 $bdb->transaction('BEGIN');
633 $del_sql = sprintf("DELETE FROM %susers WHERE code = %d;",
634 $G_dbpfx, $usr_obj->code);
636 if (($del_pg = pg_query($bdb->dbconn->db(), $del_sql)) == FALSE) {
637 log_crit(sprintf("Delete user %d failed", $usr_obj->code));
641 // FIXME: add to index_wr.php strings
642 $subj = "Brisk: nickname rifiutato";
643 // the same for both cases:
644 // if (($usr_obj->type & USER_FLAG_TY_APPR) == USER_FLAG_TY_APPR) {
645 $body_txt = sprintf('Ciao, sono l\' amministratore del sito di Brisk.
647 Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
648 non ha superato la fase di verifica manuale; il motivo può essere
649 la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
650 o troppo aggressivo o ci sono troppe cifre consecutive o qualcosa del genere.
652 La procedura di registrazione va ripetuta.
654 Saluti e buone partite, mop.', $usr_obj->login);
656 $body_htm = sprintf('Ciao, sono l\' amministratore del sito di Brisk.<br><br>
657 Ti volevo segnalare che il nickname \'%s\' con cui ti volevi registrare
658 non ha superato la fase di verifica manuale; il motivo può essere
659 la sua illeggibilità per gli altri utenti o il contenuto poco ortodosso
660 o troppo aggressivo o ci sono troppe cifre consecutive o qualcosa del genere.<br><br>
661 La procedura di registrazione va ripetuta.<br><br>
662 Saluti e buone partite, mop.', $usr_obj->login);
665 /* $body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang], */
666 /* $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
667 /* $body_htm = sprintf($mlang_indwr['nu_mhtml'][$G_lang], */
668 /* $usr_obj->guar_login, $usr_obj->login, $confirm_page); */
671 if (brisk_mail($usr_obj->email, $subj, $body_txt, $body_htm) == FALSE) {
673 fprintf(STDERR, "ERROR: mail send FAILED\n");
676 $status .= sprintf("user delete for %s: SUCCESS<br>", $usr_obj->login);
677 $bdb->transaction('COMMIT');
681 $status .= sprintf("Error occurred during accept action<br>");
683 $bdb->transaction('ROLLBACK');
686 printf("Registration %s for login %s deleted<br>\n", $usr_obj->code, $usr_obj->login);
691 if (($bdb = BriskDB::create()) == FALSE) {
692 log_crit("stat-day: database connection failed");
696 // retrieve list of active tournaments
698 SELECT usr.*, guar.login AS guar_login
700 JOIN %susers AS guar ON guar.code = usr.guar_code
701 WHERE usr.type & (CAST (X'%x' as integer)) = (CAST (X'%x' as integer))
702 AND usr.disa_reas = %d ORDER BY usr.lintm;",
704 USER_FLAG_TY_DISABLE, USER_FLAG_TY_DISABLE,
705 USER_DIS_REA_NU_TOBECHK);
706 if (($usr_pg = pg_query($bdb->dbconn->db(), $usr_sql)) == FALSE) {
707 log_crit("stat-day: select from tournaments failed");
711 $usr_n = pg_numrows($usr_pg);
712 $tab_lines = "<tr><th></th><th>User</th><th>EMail</th><th>Guar</th><th>Apprendice</th><th>Date</th></tr>";
713 for ($i = 0 ; $i < $usr_n ; $i++) {
714 $usr_obj = pg_fetch_object($usr_pg, $i);
716 $tab_lines .= sprintf("<tr><td><input name=\"f_newuser%d\" type=\"checkbox\" %s></td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
717 $usr_obj->code, ($nocheck ? "" : "CHECKED"),
718 eschtml($usr_obj->login), eschtml($usr_obj->email), eschtml($usr_obj->guar_login),
719 ($usr_obj->type & USER_FLAG_TY_APPR ? "Yes" : "No"),
725 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
726 <title>Brisk: email verified user management.</title>
727 <?php echo "$s_style"; ?>
730 <h2> E-mail verified user management.</h2>
731 <?php if ($status != "") { echo "$status"; } ?>
732 <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" method="POST">
733 <table class="the_tab">
738 <input type="submit" name="f_accept" value="Accept">
739 <input type="submit" name="f_delete" value="Delete">
745 } // else of if ($action ...
746 } // else of if ($do ...