} else {
- print "<td><input disabled=\"true\" type=\"checkbox\"></td>";
+ print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
print "<td><input id=\"iedit_title\" value=\"$edit_title\"></td>";
print "<td><input id=\"iedit_link\" value=\"$edit_link\"></td>";
} else {
- print "<td><input disabled=\"true\" type=\"checkbox\"></td>";
+ print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
print "<td><input id=\"iedit_regexp\" value=\"".$line["reg_exp"].
"\"></td>";
} else {
- print "<td><input disabled=\"true\" type=\"checkbox\"></td>";
+ print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
print "<td><input id=\"iedit_expr\" value=\"".$line["sql_exp"].
"\"></td>";
}
+ if ($op == "pref-users") {
+
+ $subop = $_GET["subop"];
+
+ if ($subop == "editSave") {
+
+ if (!WEB_DEMO_MODE) {
+
+ $login = db_escape_string($_GET["l"]);
+ $uid = db_escape_string($_GET["id"]);
+ $access_level = sprintf("%d", $_GET["al"]);
+
+ db_query($link, "UPDATE ttrss_users SET login = '$login', access_level = '$access_level' WHERE id = '$uid'");
+
+ }
+ } else if ($subop == "remove") {
+
+ if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
+
+ $ids = split(",", $_GET["ids"]);
+
+ foreach ($ids as $id) {
+ db_query($link, "DELETE FROM ttrss_users WHERE id = '$id' AND id != " . $_SESSION["uid"]);
+
+ }
+ }
+ } else if ($subop == "add") {
+
+ if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
+
+ $login = db_escape_string($_GET["login"]);
+ $tmp_user_pwd = make_password(8);
+ $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
+
+ db_query($link, "INSERT INTO ttrss_users (login,pwd_hash,access_level)
+ VALUES ('$login', '$pwd_hash', 0)");
+
+
+ $result = db_query($link, "SELECT id FROM ttrss_users WHERE
+ login = '$login' AND pwd_hash = '$pwd_hash'");
+
+ if (db_num_rows($result) == 1) {
+
+ $new_uid = db_fetch_result($result, 0, "id");
+
+ print "<div class=\"notice\">Added user <b>".$_GET["login"].
+ "</b> with password <b>$tmp_user_pwd</b>.</div>";
+
+ initialize_user($link, $new_uid);
+
+ } else {
+
+ print "<div class=\"warning\">Error while adding user <b>".
+ $_GET["login"].".</b></div>";
+
+ }
+ }
+ } else if ($subop == "resetPass") {
+
+ if (!WEB_DEMO_MODE && $_SESSION["access_level"] >= 10) {
+
+ $uid = db_escape_string($_GET["id"]);
+
+ $result = db_query($link, "SELECT login FROM ttrss_users WHERE id = '$uid'");
+
+ $login = db_fetch_result($result, 0, "login");
+ $tmp_user_pwd = make_password(8);
+ $pwd_hash = 'SHA1:' . sha1($tmp_user_pwd);
+
+ db_query($link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash'
+ WHERE id = '$uid'");
+
+ print "<div class=\"notice\">Changed password of
+ user <b>$login</b> to <b>$tmp_user_pwd</b>.</div>";
+
+ }
+ }
+
+ print "<table class=\"prefAddFeed\"><tr>
+ <td><input id=\"uadd_box\"></td>";
+
+ print"<td colspan=\"4\" align=\"right\">
+ <a class=\"button\" href=\"javascript:addUser()\">Add user</a></td></tr>
+ </table>";
+
+ $result = db_query($link, "SELECT
+ id,login,access_level
+ FROM
+ ttrss_users
+ ORDER by login");
+
+ print "<p><table width=\"100%\" class=\"prefUserList\" id=\"prefUserList\">";
+
+ print "<tr class=\"title\">
+ <td width=\"5%\">Select</td><td width='40%'>Login
+ </td>
+ <td width='40%'>Access Level</td></tr>";
+
+ $lnum = 0;
+
+ while ($line = db_fetch_assoc($result)) {
+
+ $class = ($lnum % 2) ? "even" : "odd";
+
+ $uid = $line["id"];
+ $edit_uid = $_GET["id"];
+
+ if ($uid == $_SESSION["uid"] || ($subop == "edit" && $uid != $edit_uid)) {
+ $class .= "Grayed";
+ }
+
+ print "<tr class=\"$class\" id=\"UMRR-$uid\">";
+
+ $line["login"] = htmlspecialchars($line["login"]);
+
+ if ($uid == $_SESSION["uid"]) {
+
+ print "<td><input disabled=\"true\" type=\"checkbox\"
+ id=\"UMCHK-".$line["id"]."\"></td>";
+
+ print "<td>".$line["login"]."</td>";
+ print "<td>".$line["access_level"]."</td>";
+
+
+ } else if (!$edit_uid || $subop != "edit") {
+
+ print "<td><input onclick='toggleSelectRow(this);'
+ type=\"checkbox\" id=\"UMCHK-".$line["id"]."\"></td>";
+
+ print "<td><a href=\"javascript:editUser($uid);\">" .
+ $line["login"] . "</td>";
+
+ print "<td><a href=\"javascript:editUser($uid);\">" .
+ $line["access_level"] . "</td>";
+
+ } else if ($uid != $edit_uid) {
+
+ print "<td><input disabled=\"true\" type=\"checkbox\"
+ id=\"UMCHK-".$line["id"]."\"></td>";
+
+ print "<td>".$line["login"]."</td>";
+ print "<td>".$line["access_level"]."</td>";
+
+ } else {
+
+ print "<td><input disabled=\"true\" type=\"checkbox\" checked></td>";
+
+ print "<td><input id=\"iedit_ulogin\" value=\"".$line["login"].
+ "\"></td>";
+
+ print "<td><input id=\"iedit_ulevel\" value=\"".$line["access_level"].
+ "\"></td>";
+
+ }
+
+
+ print "</tr>";
+
+ ++$lnum;
+ }
+
+ print "</table>";
+
+ print "<p>";
+
+ if ($subop == "edit") {
+ print "Edit label:
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:userEditCancel()\" value=\"Cancel\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:userEditSave()\" value=\"Save\">";
+
+ } else {
+
+ print "
+ Selection:
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:resetSelectedUserPass()\" value=\"Reset password\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:editSelectedUser()\" value=\"Edit\">
+ <input type=\"submit\" class=\"button\"
+ onclick=\"javascript:removeSelectedUsers()\" value=\"Remove\">";
+ }
+ }
+
+
db_close($link);
?>
}
}
+ function make_password($length = 8) {
+
+ $password = "";
+ $possible = "0123456789bcdfghjkmnpqrstvwxyz";
+
+ $i = 0;
+
+ while ($i < $length) {
+ $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
+
+ if (!strstr($password, $char)) {
+ $password .= $char;
+ $i++;
+ }
+ }
+ return $password;
+ }
+
+ // this is called after user is created to initialize default feeds, labels
+ // or whatever else
+
+ // user preferences are checked on every login, not here
+
+ function initialize_user($link, $uid) {
+
+ db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description)
+ values ('$uid','unread = true', 'Unread articles')");
+
+ db_query($link, "insert into ttrss_labels (owner_uid,sql_exp,description)
+ values ('$uid','last_read is null and unread = false', 'Updated articles')");
+
+ db_query($link, "insert into ttrss_feeds (owner_uid,title,feed_url)
+ values ('$uid', 'Tiny Tiny RSS Dev. Feed',
+ 'http://bah.spb.su/darcsweb/darcsweb.cgi?r=tt-rss;a=rss')");
+
+ }
+
?>
if ($login && $password) {
if (authenticate_user($link, $login, $password)) {
+ initialize_user_prefs($link, $_SESSION["uid"]);
header("Location: tt-rss.php");
}
}
var active_feed = false;
var active_filter = false;
var active_label = false;
+var active_user = false;
var active_tab = false;
}
}
+function userlist_callback() {
+ var container = document.getElementById('prefContent');
+ if (xmlhttp.readyState == 4) {
+ container.innerHTML=xmlhttp.responseText;
+
+/* if (active_filter) {
+ var row = document.getElementById("ULRR-" + active_label);
+ if (row) {
+ if (!row.className.match("Selected")) {
+ row.className = row.className + "Selected";
+ }
+ }
+ var checkbox = document.getElementById("LICHK-" + active_label);
+
+ if (checkbox) {
+ checkbox.checked = true;
+ }
+ } */
+ p_notify("");
+ }
+}
+
function prefslist_callback() {
var container = document.getElementById('prefContent');
if (xmlhttp.readyState == 4) {
}
+function updateUsersList() {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+// document.getElementById("prefContent").innerHTML = "Loading feeds, please wait...";
+
+ p_notify("Loading, please wait...");
+
+ xmlhttp.open("GET", "backend.php?op=pref-users", true);
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+}
+
function toggleSelectRow(sender) {
var parent_row = sender.parentNode.parentNode;
}
+function addUser() {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+ var sqlexp = document.getElementById("uadd_box");
+
+ if (sqlexp.value.length == 0) {
+ notify("Missing user login.");
+ } else {
+ notify("Adding user...");
+
+ xmlhttp.open("GET", "backend.php?op=pref-users&subop=add&login=" +
+ param_escape(sqlexp.value), true);
+
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+ sqlexp.value = "";
+ }
+
+}
+
function editLabel(id) {
if (!xmlhttp_ready(xmlhttp)) {
}
+function editUser(id) {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+ active_user = id;
+
+ xmlhttp.open("GET", "backend.php?op=pref-users&subop=edit&id=" +
+ param_escape(id), true);
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+}
+
function editFilter(id) {
if (!xmlhttp_ready(xmlhttp)) {
return sel_rows;
}
+function getSelectedUsers() {
+
+ var content = document.getElementById("prefUserList");
+
+ var sel_rows = new Array();
+
+ for (i = 0; i < content.rows.length; i++) {
+ if (content.rows[i].className.match("Selected")) {
+ var row_id = content.rows[i].id.replace("UMRR-", "");
+ sel_rows.push(row_id);
+ }
+ }
+
+ return sel_rows;
+}
+
function getSelectedFilters() {
}
}
+function removeSelectedUsers() {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+ var sel_rows = getSelectedUsers();
+
+ if (sel_rows.length > 0) {
+
+ notify("Removing selected users...");
+
+ xmlhttp.open("GET", "backend.php?op=pref-users&subop=remove&ids="+
+ param_escape(sel_rows.toString()), true);
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+ } else {
+ notify("Please select some labels first.");
+ }
+}
+
function removeSelectedFilters() {
if (!xmlhttp_ready(xmlhttp)) {
}
+function userEditCancel() {
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+ active_user = false;
+
+ notify("Operation cancelled.");
+
+ xmlhttp.open("GET", "backend.php?op=pref-users", true);
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+}
function filterEditCancel() {
}
+function userEditSave() {
+
+ var user = active_user;
+
+ if (!xmlhttp_ready(xmlhttp)) {
+ printLockingError();
+ return
+ }
+
+ var login = document.getElementById("iedit_ulogin").value;
+ var level = document.getElementById("iedit_ulevel").value;
+
+ if (login.length == 0) {
+ notify("Login cannot be blank.");
+ return;
+ }
+
+ if (level.length == 0) {
+ notify("User level cannot be blank.");
+ return;
+ }
+
+ active_user = false;
+
+ xmlhttp.open("GET", "backend.php?op=pref-users&subop=editSave&id=" +
+ user + "&l=" + param_escape(login) + "&al=" + param_escape(level),
+ true);
+
+ xmlhttp.onreadystatechange=labellist_callback;
+ xmlhttp.send(null);
+
+}
+
+
function filterEditSave() {
var filter = active_filter;
}
+function editSelectedUser() {
+ var rows = getSelectedUsers();
+
+ if (rows.length == 0) {
+ notify("No users are selected.");
+ return;
+ }
+
+ if (rows.length > 1) {
+ notify("Please select one user.");
+ return;
+ }
+
+ editUser(rows[0]);
+}
+
+function resetSelectedUserPass() {
+ var rows = getSelectedUsers();
+
+ if (rows.length == 0) {
+ notify("No users are selected.");
+ return;
+ }
+
+ if (rows.length > 1) {
+ notify("Please select one user.");
+ return;
+ }
+
+ notify("Resetting password for selected user...");
+
+ var id = rows[0];
+
+ xmlhttp.open("GET", "backend.php?op=pref-users&subop=resetPass&id=" +
+ param_escape(id), true);
+ xmlhttp.onreadystatechange=userlist_callback;
+ xmlhttp.send(null);
+
+}
+
+
function editSelectedFilter() {
var rows = getSelectedFilters();
updateLabelList();
} else if (id == "genConfig") {
updatePrefsList();
+ } else if (id == "userConfig") {
+ updateUsersList();
}
var tab = document.getElementById(active_tab + "Tab");
$_SESSION["name"] = "admin";
}
-
- initialize_user_prefs($link, $_SESSION["uid"]);
- // FIXME this needs to be moved somewhere after user creation
-
?>
<html>
<head>
<? } ?>
<tr>
<td class="prefsTabs" align="left" valign="bottom">
- <input id="genConfigTab" class="prefsTab" type="submit" value="User Preferences"
+ <input id="genConfigTab" class="prefsTab" type="submit" value="Preferences"
onclick="selectTab('genConfig')">
<input id="feedConfigTab" class="prefsTab" type="submit" value="Feed Configuration"
onclick="selectTab('feedConfig')">
<input id="labelConfigTab" class="prefsTab" type="submit" value="Label Editor"
onclick="selectTab('labelConfig')">
<? } ?>
+ <? if ($_SESSION["access_level"] >= 10) { ?>
+ <input id="userConfigTab" class="prefsTab" type="submit" value="User Manager"
+ onclick="selectTab('userConfig')">
+ <? } ?>
</td>
<td class="prefsToolbar" valign="middle" align="right">
<input type="submit" onclick="gotoMain()" class="button" value="Return to main">
}
#iedit_title, #iedit_link, #iedit_regexp, #iedit_descr, #iedit_expr, #iedit_updintl,
-#iedit_purgintl {
+#iedit_purgintl, #iedit_ulogin, #iedit_ulevel {
width : 100%;
padding-left : 2px;
}
font-size : x-small;
}
+div.notice {
+ background : #ffffff;
+ border : 1px solid #c0c0c0;
+ padding : 5px;
+ margin : 5px;
+ font-size : x-small;
+}
+
ul.nomarks {
list-style-type : none;
margin : 0px;
$_SESSION["name"] = "admin";
}
- initialize_user_prefs($link, $_SESSION["uid"]);
- // FIXME this needs to be moved somewhere after user creation
-
?>
<html>
<head>