From bad34a0b263a60f024102df21a5613f9b0e72cc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philip=20H=C3=A4usler?= Date: Fri, 3 Jun 2011 08:12:53 +0200 Subject: [PATCH] user management --- DB/db_rewrite.sql | 32 +++++++------ includes/pages/admin_user.php | 84 ++++++++++++++++++++++++++--------- 2 files changed, 82 insertions(+), 34 deletions(-) diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index 18a75dee..19a82c05 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 03. Juni 2011 um 05:44 +-- Erstellungszeit: 03. Juni 2011 um 06:12 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -71,24 +71,24 @@ CREATE TABLE IF NOT EXISTS `Counter` ( -- INSERT INTO `Counter` (`URL`, `Anz`) VALUES -('news', 192), -('login', 26), -('logout', 13), -('start', 26), +('news', 193), +('login', 28), +('logout', 14), +('start', 27), ('faq', 19), ('credits', 3), -('register', 8), +('register', 10), ('admin_rooms', 89), ('admin_angel_types', 71), -('user_settings', 131), +('user_settings', 134), ('user_messages', 113), -('admin_groups', 129), +('admin_groups', 130), ('user_questions', 55), ('admin_questions', 43), ('admin_faq', 55), ('admin_news', 33), ('news_comments', 151), -('admin_user', 157), +('admin_user', 196), ('user_meetings', 5); -- -------------------------------------------------------- @@ -1065,7 +1065,7 @@ CREATE TABLE IF NOT EXISTS `User` ( `Gekommen` tinyint(4) NOT NULL DEFAULT '0', `Aktiv` tinyint(4) NOT NULL DEFAULT '0', `Tshirt` tinyint(4) DEFAULT '0', - `color` tinyint(4) DEFAULT '6', + `color` tinyint(4) DEFAULT '10', `Sprache` char(2) DEFAULT 'EN', `Avatar` int(11) DEFAULT '0', `Menu` char(1) NOT NULL DEFAULT 'L', @@ -1076,14 +1076,15 @@ CREATE TABLE IF NOT EXISTS `User` ( `Hometown` varchar(255) NOT NULL DEFAULT '', PRIMARY KEY (`UID`,`Nick`), UNIQUE KEY `Nick` (`Nick`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=148 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=149 ; -- -- Daten für Tabelle `User` -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 0, 0, 10, 'DE', 115, 'L', 1307079838, '0000-00-00 00:00:00', '', '', ''); +(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '4297f44b13955235245b2497399d7a93', 1, 1, 0, 10, 'DE', 115, 'L', 1307081238, '0000-00-00 00:00:00', '', '', ''), +(148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307081543, '2011-06-03 07:55:24', 'AudioEngel', '', ''); -- -------------------------------------------------------- @@ -1173,7 +1174,7 @@ CREATE TABLE IF NOT EXISTS `UserGroups` ( `group_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `uid` (`uid`,`group_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=6 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; -- -- Daten für Tabelle `UserGroups` @@ -1183,7 +1184,10 @@ INSERT INTO `UserGroups` (`id`, `uid`, `group_id`) VALUES (1, 1, -2), (2, 1, -3), (3, 1, -5), -(4, 1, -4); +(4, 1, -4), +(8, 148, -2), +(9, 148, -3), +(10, 148, -4); -- -------------------------------------------------------- diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index 497f5fdb..630ca772 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -98,7 +98,6 @@ function admin_user() { $html .= "\n"; $html .= "\n
\n"; - $html .= "\n"; $html .= "\n"; $html .= ""; @@ -112,14 +111,31 @@ function admin_user() { "\n"; $html .= ""; - $html .= "\n"; $html .= "\n"; $html .= ""; $html .= "
"; + $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:
\n"; + $html .= ''; + + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($id != $user['UID'] && $my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + foreach ($groups as $group) + $html .= ''; + + $html .= '
' . $group['Name'] . '
'; + + $html .= "\n"; + $html .= "
"; + + $html .= "
"; + } + $html .= "
\n"; - $html .= "\n"; $html .= "\n"; $html .= "
"; @@ -127,6 +143,34 @@ function admin_user() { $html .= funktion_db_element_list_2row("Freeloader Shifts", "SELECT `Remove_Time`, `Length`, `Comment` FROM `ShiftFreeloader` WHERE UID=" . $_REQUEST['id']); } else { switch ($_REQUEST['action']) { + case 'save_groups' : + if ($id != $user['UID']) { + list ($my_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($user['UID']) . " ORDER BY `uid`"); + list ($his_highest_group) = sql_select("SELECT * FROM `UserGroups` WHERE `uid`=" . sql_escape($id) . " ORDER BY `uid`"); + + if ($my_highest_group <= $his_highest_group) { + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = " . sql_escape($id) . ") WHERE `Groups`.`UID` >= " . sql_escape($my_highest_group['group_id']) . " ORDER BY `Groups`.`Name`"); + $grouplist = array (); + foreach ($groups as $group) + $grouplist[] = $group['UID']; + + if (!is_array($_REQUEST['groups'])) + $_REQUEST['groups'] = array (); + + sql_query("DELETE FROM `UserGroups` WHERE `uid`=" . sql_escape($id)); + foreach ($_REQUEST['groups'] as $group) + if (in_array($group, $grouplist)) + sql_query("INSERT INTO `UserGroups` SET `uid`=" . + sql_escape($id) . ", `group_id`=" . sql_escape($group)); + $html .= success("Benutzergruppen gespeichert."); + } else { + $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten."); + } + } else { + $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten."); + } + break; + case 'delete' : if ($user['UID'] != $id) { sql_query("DELETE FROM `User` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); @@ -185,23 +229,23 @@ function admin_user() { $html .= "Anzahl Engel: $Zeilen

\n"; $html .= ' - - - - - - - - - - - - - '; +
- Nick - Vorname NameAlter - E-Mail - GrößeGekommenAktivT-ShirtRegistrierÄnd.
+ + + + + + + + + + + + '; $Gekommen = 0; $Active = 0; $Tshirt = 0;
+ Nick + Vorname NameAlter + E-Mail + GrößeGekommenAktivT-ShirtRegistrierÄnd.