| 16 |
rodolico |
1 |
<!DOCTYPE html>
|
|
|
2 |
<?php
|
|
|
3 |
include_once( '../UsersPermissionsDataSourceMySQLi.class.php' );
|
|
|
4 |
include_once( '../UsersPermissions.class.php' );
|
|
|
5 |
session_start();
|
|
|
6 |
//session_destroy(); die;
|
|
|
7 |
|
|
|
8 |
/*
|
|
|
9 |
* this is an example of adding additional fields to a user record
|
|
|
10 |
* In this case, we have added a MySQL text field named where_clause
|
|
|
11 |
* to the database. It will be displayed as a textarea in the input
|
|
|
12 |
* forms.
|
|
|
13 |
*
|
|
|
14 |
* The modifications needed are different for the User and the
|
|
|
15 |
* UsersDataSource classes, but the structure is the same. We can
|
|
|
16 |
* safely use the same array, which contains the modifications to
|
|
|
17 |
* both classes since each class will just ignore any fields it
|
|
|
18 |
* doesn't need in the code.
|
|
|
19 |
* However, the items for the Users class is indicated by the comment
|
|
|
20 |
* For Users Class, and the ones for teh Data Source are labeled that
|
|
|
21 |
* way also.
|
|
|
22 |
*
|
|
|
23 |
* Note that many items are optional. For example, if 'label' is
|
|
|
24 |
* not set, the field name (where_clause) will be used.
|
|
|
25 |
*/
|
|
|
26 |
$customFields = array(
|
|
|
27 |
'tables' => array(
|
|
|
28 |
'users' => array(
|
|
|
29 |
'fields' => array(
|
|
|
30 |
'where_clause' => array(
|
|
|
31 |
// For Users class
|
|
|
32 |
// this will be the display label on the form
|
|
|
33 |
'label' => 'Limit via SQL where clause',
|
|
|
34 |
// the input type to use for data entry
|
|
|
35 |
'html type' => 'textarea',
|
|
|
36 |
// you can only edit this if an admin and changing someone
|
|
|
37 |
// else' record
|
|
|
38 |
'restrict' => true,
|
|
|
39 |
// will be displayed on a hover in HTML5 (ie, title=)
|
|
|
40 |
'instructions' => 'This will be added to every SQL query to limit access, or 1=1 for everything',
|
|
|
41 |
// this is entered in an empty box, ie placeholder=
|
|
|
42 |
'hint' => 'Enter an SQL where clause',
|
|
|
43 |
// for Data Source
|
|
|
44 |
'dbColumn' => 'where_clause',
|
|
|
45 |
// actual mySQL column type
|
|
|
46 |
'type' => 'text',
|
|
|
47 |
// set it to not null if we build the table ourselves
|
|
|
48 |
'required' => false
|
|
|
49 |
)
|
|
|
50 |
)
|
|
|
51 |
)
|
|
|
52 |
)
|
|
|
53 |
);
|
|
|
54 |
|
|
|
55 |
/* we haven't made the connection already, so instead we pass the
|
|
|
56 |
* parameters needed in the third parameter here and let the
|
|
|
57 |
* usersDataSource class make its own connection
|
|
|
58 |
*
|
|
|
59 |
* we also want to pass the customFields in so it will do the merge
|
|
|
60 |
* immediately.
|
|
|
61 |
*/
|
|
|
62 |
$connection = new usersPermissionsDataSource(
|
|
|
63 |
null,
|
|
|
64 |
$customFields,
|
|
|
65 |
array( 'username' => 'test', 'password' => 'test', 'database' => 'test' )
|
|
|
66 |
);
|
|
|
67 |
// Pass the same custom fields to the Users class
|
|
|
68 |
if ( ! isset( $_SESSION['user'] ) ) {
|
|
|
69 |
$_SESSION['user'] = new UsersPermissions( $customFields );
|
|
|
70 |
}
|
|
|
71 |
// check if the user has request a log out.
|
|
|
72 |
if ( isset( $_REQUEST['logout'] ) )
|
|
|
73 |
$_SESSION['user']->logout();
|
|
|
74 |
|
|
|
75 |
$url = htmlentities($_SERVER["PHP_SELF"]);
|
|
|
76 |
|
|
|
77 |
?>
|
|
|
78 |
<html>
|
|
|
79 |
<head>
|
|
|
80 |
<meta charset="utf-8">
|
|
|
81 |
<title>Login</title>
|
|
|
82 |
<link href='users.css' rel='stylesheet' type='text/css'>
|
|
|
83 |
</head>
|
|
|
84 |
<body>
|
|
|
85 |
<div class="login">
|
|
|
86 |
<?php
|
|
|
87 |
// only used when we need to log in, empty otherwise
|
|
|
88 |
if ( isset( $_SESSION['user'] ) )
|
|
|
89 |
print $_SESSION['user']->HTML($connection);
|
|
|
90 |
?>
|
|
|
91 |
</div>
|
|
|
92 |
<div class='menu'>
|
|
|
93 |
<ul>
|
|
|
94 |
<?php
|
|
|
95 |
// build a little menu
|
|
|
96 |
if ( isset( $_SESSION['user'] ) && $_SESSION['user']->name() ) {
|
|
|
97 |
print "<p>Logged in as " . $_SESSION['user']->name() . '</p>';
|
|
|
98 |
print "<li><a href='$url?doAdmin=1'>Change Password</a></li>\n";
|
|
|
99 |
print "<li><a href='$url?logout=1'>Log Out</a></li>";
|
|
|
100 |
}
|
|
|
101 |
?>
|
|
|
102 |
</ul>
|
|
|
103 |
</div>
|
|
|
104 |
<div class='content'>
|
|
|
105 |
<?php
|
|
|
106 |
// this only displays something if doAdmin is set
|
|
|
107 |
if ( isset( $_REQUEST['doAdmin'] ) ) {
|
|
|
108 |
print $_SESSION['user']->admin($connection);
|
|
|
109 |
print $_SESSION['user']->errors();
|
|
|
110 |
$_SESSION['user']->clearErrors();
|
|
|
111 |
}
|
|
|
112 |
?>
|
|
|
113 |
</div>
|
|
|
114 |
|
|
|
115 |
</body>
|
|
|
116 |
</html>
|