Business
/
ManagePanel
2
0
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Flag users as disabled/deleted if they can't actually be deleted

Browse Source
master
Skylar Ittner 7 years ago
parent e607c120c4
commit 207be7114a
6 changed files with 108 additions and 50 deletions
Show Stats Download Patch File Download Diff File

8
action.php
Unescape Escape View File

@ -52,7 +52,8 @@ switch ($VARS['action']) {
'realname' => $VARS['name'], 'realname' => $VARS['name'],
'username' => $VARS['username'], 'username' => $VARS['username'],
'email' => $VARS['email'], 'email' => $VARS['email'],
'acctstatus' => $VARS['status'] 'acctstatus' => $VARS['status'],
'deleted' => 0
]; ];
if (!is_empty($VARS['pass'])) { if (!is_empty($VARS['pass'])) {
@ -78,6 +79,11 @@ switch ($VARS['action']) {
} }
$olddata = $database->select('accounts', '*', ['uid' => $VARS['id']])[0]; $olddata = $database->select('accounts', '*', ['uid' => $VARS['id']])[0];
$database->delete('accounts', ['uid' => $VARS['id']]); $database->delete('accounts', ['uid' => $VARS['id']]);
if (!is_null($database->error()[1])) {
// If we can't delete the account (because it's referenced elsewhere),
// we will flag it as deleted and set the status to LOCKED_OR_DISABLED.
$database->update('accounts', ['acctstatus' => 2, 'deleted' => 1], ['uid' => $VARS['id']]);
}
insertAuthLog(16, $_SESSION['uid'], $olddata['username'] . ", " . $olddata['realname'] . ", " . $olddata['email'] . ", " . $olddata['acctstatus']); insertAuthLog(16, $_SESSION['uid'], $olddata['username'] . ", " . $olddata['realname'] . ", " . $olddata['email'] . ", " . $olddata['acctstatus']);
returnToSender("user_deleted"); returnToSender("user_deleted");
case "rmtotp": case "rmtotp":

4
lang/en_us.php
Unescape Escape View File

@ -85,5 +85,7 @@ define("STRINGS", [
"remove 2fa" => "Reset 2FA", "remove 2fa" => "Reset 2FA",
"action performed by" => "Action performed by {user}", "action performed by" => "Action performed by {user}",
"2fa removed" => "2-factor authentication removed.", "2fa removed" => "2-factor authentication removed.",
"2fa" => "2FA" "2fa" => "2FA",
"show deleted" => "Show deleted",
"editing deleted account" => "You are editing an account marked as deleted. The account will be undeleted if you press Save."
]); ]);

50
lib/getusertable.php
Unescape Escape View File

@ -6,11 +6,20 @@ dieifnotloggedin();
header("Content-Type: application/json"); header("Content-Type: application/json");
$show_deleted = false;
if ($VARS['show_deleted'] == 1) {
$show_deleted = true;
}
$out = []; $out = [];
$out['draw'] = intval($VARS['draw']); $out['draw'] = intval($VARS['draw']);
$out['recordsTotal'] = $database->count('accounts'); if ($show_deleted) {
$out['recordsTotal'] = $database->count('accounts');
} else {
$out['recordsTotal'] = $database->count('accounts', ['deleted' => 0]);
}
$filter = false; $filter = false;
// sort // sort
@ -43,19 +52,37 @@ switch ($VARS['order'][0]['column']) {
// search // search
if (!is_empty($VARS['search']['value'])) { if (!is_empty($VARS['search']['value'])) {
$filter = true; $filter = true;
$wherenolimit = [ if ($show_deleted) {
"OR" => [ $wherenolimit = [
"username[~]" => $VARS['search']['value'], "OR" => [
"realname[~]" => $VARS['search']['value'], "username[~]" => $VARS['search']['value'],
"email[~]" => $VARS['search']['value'], "realname[~]" => $VARS['search']['value'],
"statuscode[~]" => $VARS['search']['value'], "email[~]" => $VARS['search']['value'],
"typecode[~]" => $VARS['search']['value'] "statuscode[~]" => $VARS['search']['value'],
] "typecode[~]" => $VARS['search']['value']
]; ]
];
} else {
$wherenolimit = [
"AND" => [
"OR" => [
"username[~]" => $VARS['search']['value'],
"realname[~]" => $VARS['search']['value'],
"email[~]" => $VARS['search']['value'],
"statuscode[~]" => $VARS['search']['value'],
"typecode[~]" => $VARS['search']['value']
],
"deleted" => 0
]
];
}
$where = $wherenolimit; $where = $wherenolimit;
$where["LIMIT"] = [$VARS['start'], $VARS['length']]; $where["LIMIT"] = [$VARS['start'], $VARS['length']];
} else { } else {
$where = ["LIMIT" => [$VARS['start'], $VARS['length']]]; $where = ["LIMIT" => [$VARS['start'], $VARS['length']]];
if (!$show_deleted) {
$where["deleted"] = 0;
}
} }
if (!is_null($order)) { if (!is_null($order)) {
$where["ORDER"] = $order; $where["ORDER"] = $order;
@ -74,7 +101,8 @@ $users = $database->select('accounts', [
'acctstatus', 'acctstatus',
'statuscode', 'statuscode',
'accttype', 'accttype',
'typecode' 'typecode',
'deleted'
], $where); ], $where);

17
pages/edituser.php
Unescape Escape View File

@ -12,7 +12,8 @@ $userdata = [
'email' => '', 'email' => '',
'authsecret' => '', 'authsecret' => '',
'acctstatus' => '', 'acctstatus' => '',
'typecode' => 'LOCAL' 'typecode' => 'LOCAL',
'deleted' => 0
]; ];
$editing = false; $editing = false;
@ -27,7 +28,8 @@ if (!is_empty($VARS['id'])) {
'email', 'email',
'authsecret', 'authsecret',
'acctstatus', 'acctstatus',
'typecode' 'typecode',
'deleted'
], [ ], [
'uid' => $VARS['id'] 'uid' => $VARS['id']
])[0]; ])[0];
@ -70,6 +72,13 @@ if ($userdata['typecode'] != "LOCAL") {
</div> </div>
<?php <?php
} }
if ($userdata['deleted'] == 1) {
?>
<div class="alert alert-info">
<?php lang("editing deleted account"); ?>
</div>
<?php
}
?> ?>
<div class="form-group"> <div class="form-group">
<label for="name"><i class="fa fa-user"></i> <?php lang("name"); ?></label> <label for="name"><i class="fa fa-user"></i> <?php lang("name"); ?></label>
@ -80,7 +89,7 @@ if ($userdata['typecode'] != "LOCAL") {
<div class="col-xs-12 col-md-6"> <div class="col-xs-12 col-md-6">
<div class="form-group"> <div class="form-group">
<label for="username"><i class="fa fa-id-badge"></i> <?php lang("username"); ?></label> <label for="username"><i class="fa fa-id-badge"></i> <?php lang("username"); ?></label>
<input type="text" <?php if (!$localacct) echo "disabled"; ?> class="form-control" name="username" id="username" placeholder="<?php lang("placeholder username"); ?>" required="required" value="<?php echo htmlspecialchars($userdata['username']); ?>" /> <input type="text" <?php if (!$localacct) echo "readonly=\"readonly\""; ?> class="form-control" name="username" id="username" placeholder="<?php lang("placeholder username"); ?>" required="required" value="<?php echo htmlspecialchars($userdata['username']); ?>" />
</div> </div>
</div> </div>
<div class="col-xs-12 col-md-6"> <div class="col-xs-12 col-md-6">
@ -95,7 +104,7 @@ if ($userdata['typecode'] != "LOCAL") {
<div class="col-xs-12 col-md-6"> <div class="col-xs-12 col-md-6">
<div class="form-group"> <div class="form-group">
<label for="pass"><i class="fa fa-lock"></i> <?php lang("new password"); ?></label> <label for="pass"><i class="fa fa-lock"></i> <?php lang("new password"); ?></label>
<input type="text" <?php if (!$localacct) echo "disabled"; ?> autocomplete="new-password" class="form-control" name="pass" id="pass" placeholder="<?php lang("placeholder password"); ?>" /> <input type="text" <?php if (!$localacct) echo "readonly=\"readonly\""; ?> autocomplete="new-password" class="form-control" name="pass" id="pass" placeholder="<?php lang("placeholder password"); ?>" />
</div> </div>
</div> </div>

64
pages/users.php
Unescape Escape View File

@ -21,34 +21,34 @@ redirectifnotloggedin();
</thead> </thead>
<tbody> <tbody>
<?php <?php
/*$users = $database->select('accounts', [ /* $users = $database->select('accounts', [
"[>]acctstatus" => ['acctstatus' => 'statusid'], "[>]acctstatus" => ['acctstatus' => 'statusid'],
"[>]accttypes" => ['accttype' => 'typeid'] "[>]accttypes" => ['accttype' => 'typeid']
], [ ], [
'uid', 'uid',
'username', 'username',
'realname', 'realname',
'email', 'email',
'acctstatus', 'acctstatus',
'statuscode', 'statuscode',
'accttype', 'accttype',
'typecode' 'typecode'
]); ]);
foreach ($users as $u) { foreach ($users as $u) {
?> ?>
<tr> <tr>
<td></td> <td></td>
<td> <td>
<a class="btn btn-blue btn-xs" href="app.php?page=edituser&id=<?php echo $u['uid']; ?>"><i class="fa fa-pencil-square-o"></i> <?php lang("edit"); ?></a> <a class="btn btn-blue btn-xs" href="app.php?page=edituser&id=<?php echo $u['uid']; ?>"><i class="fa fa-pencil-square-o"></i> <?php lang("edit"); ?></a>
</td> </td>
<td><?php echo $u['realname']; ?></td> <td><?php echo $u['realname']; ?></td>
<td><?php echo $u['username']; ?></td> <td><?php echo $u['username']; ?></td>
<td><?php echo ($u['email'] == "NOEMAIL@EXAMPLE.COM" ? "" : $u['email']); ?></td> <td><?php echo ($u['email'] == "NOEMAIL@EXAMPLE.COM" ? "" : $u['email']); ?></td>
<td><?php echo $u['statuscode']; ?></td> <td><?php echo $u['statuscode']; ?></td>
<td><?php echo $u['typecode']; ?></td> <td><?php echo $u['typecode']; ?></td>
</tr> </tr>
<?php <?php
}*/ } */
?> ?>
</tbody> </tbody>
<tfoot> <tfoot>
@ -62,4 +62,10 @@ redirectifnotloggedin();
<th data-priority="3"><i class="fa fa-fw fa-check-circle"></i> <?php lang('status'); ?></th> <th data-priority="3"><i class="fa fa-fw fa-check-circle"></i> <?php lang('status'); ?></th>
<th data-priority="4"><i class="fa fa-fw fa-server"></i> <?php lang('type'); ?></th> <th data-priority="4"><i class="fa fa-fw fa-server"></i> <?php lang('type'); ?></th>
</tfoot> </tfoot>
</table> </table>
<script>
/* Give JavaScript access to the lang string
* it needs to inject the show deleted checkbox
*/
var lang_show_deleted = "<?php lang("show deleted") ?>";
</script>

15
static/js/users.js
Unescape Escape View File

@ -1,4 +1,4 @@
$('#usertable').DataTable({ var usertable = $('#usertable').DataTable({
responsive: { responsive: {
details: { details: {
display: $.fn.dataTable.Responsive.display.modal({ display: $.fn.dataTable.Responsive.display.modal({
@ -30,6 +30,11 @@ $('#usertable').DataTable({
serverSide: true, serverSide: true,
ajax: { ajax: {
url: "lib/getusertable.php", url: "lib/getusertable.php",
data: function (d) {
if ($('#show_deleted_checkbox').is(':checked')) {
d.show_deleted = 1;
}
},
dataFilter: function (data) { dataFilter: function (data) {
var json = jQuery.parseJSON(data); var json = jQuery.parseJSON(data);
json.data = []; json.data = [];
@ -37,8 +42,8 @@ $('#usertable').DataTable({
json.data.push([ json.data.push([
"", "",
row.editbtn, row.editbtn,
row.realname, (row.deleted == 1 ? "<del style=\"color: red;\">" : "") + row.realname + (row.deleted == 1 ? "</del>" : ""),
row.username, (row.deleted == 1 ? "<span style=\"color: red;\">" : "") + row.username + (row.deleted == 1 ? "</span>" : ""),
row.email, row.email,
(row['2fa'] == true ? "<i class='fa fa-check'></i>" : "<i class='fa fa-times'></i>"), (row['2fa'] == true ? "<i class='fa fa-check'></i>" : "<i class='fa fa-times'></i>"),
row.statuscode, row.statuscode,
@ -48,4 +53,6 @@ $('#usertable').DataTable({
return JSON.stringify(json); return JSON.stringify(json);
} }
} }
}); });
$('#usertable_filter').append("<div class=\"checkbox\" style=\"display: inline-block\"><label><input type=\"checkbox\" id=\"show_deleted_checkbox\" onclick=\"usertable.ajax.reload()\"> " + lang_show_deleted + "</label></div>");
Write Preview
Loading…
Cancel
Save