| 4 |
rodolico |
1 |
<!DOCTYPE html>
|
|
|
2 |
<?php
|
|
|
3 |
include_once( '../UsersDataSourceMySQLi.class.php' );
|
|
|
4 |
include_once( '../Users.class.php' );
|
|
|
5 |
session_start();
|
|
|
6 |
//session_destroy(); die;
|
|
|
7 |
|
|
|
8 |
/*
|
|
|
9 |
* this is an example of adding additional fields to a user record
|
|
|
10 |
* In this case, we have added a MySQL text field named where_clause
|
|
|
11 |
* to the database. It will be displayed as a textarea in the input
|
|
|
12 |
* forms.
|
|
|
13 |
* While the "For Users Class" is needed only for the new User call
|
|
|
14 |
* and the For Data Source is only used for the new usersDataSource
|
|
|
15 |
* call, it is completely acceptable to pass all the data to both
|
|
|
16 |
* since they will ignore any array entries they don't know how to
|
|
|
17 |
* handle.
|
|
|
18 |
*/
|
|
|
19 |
$customFields = array(
|
|
|
20 |
'tables' => array(
|
|
|
21 |
'users' => array(
|
|
|
22 |
'fields' => array(
|
|
|
23 |
'where_clause' => array(
|
|
|
24 |
// For Users class
|
|
|
25 |
// this will be the display label on the form
|
|
|
26 |
'label' => 'Limit via SQL where clause',
|
|
|
27 |
// the input type to use for data entry
|
|
|
28 |
'html type' => 'textarea',
|
|
|
29 |
// you can only edit this if an admin and changing someone
|
|
|
30 |
// else' record
|
|
|
31 |
'restrict' => true,
|
|
|
32 |
// will be displayed on a hover in HTML5 (ie, title=)
|
|
|
33 |
'instructions' => 'This will be added to every SQL query to limit access, or 1=1 for everything',
|
|
|
34 |
// this is entered in an empty box, ie placeholder=
|
|
|
35 |
'hint' => 'Enter an SQL where clause',
|
|
|
36 |
// for Data Source
|
|
|
37 |
'dbColumn' => 'where_clause',
|
|
|
38 |
// actual mySQL column type
|
|
|
39 |
'type' => 'text',
|
|
|
40 |
// set it to not null if we build the table ourselves
|
|
|
41 |
'required' => false
|
|
|
42 |
)
|
|
|
43 |
)
|
|
|
44 |
)
|
|
|
45 |
)
|
|
|
46 |
);
|
|
|
47 |
|
|
|
48 |
|
|
|
49 |
$connection = new usersDataSource(
|
|
|
50 |
null,
|
|
|
51 |
$customFields,
|
|
|
52 |
array( 'username' => 'test', 'password' => 'test', 'database' => 'test' )
|
|
|
53 |
);
|
|
|
54 |
// ensure we always have a (possibly invalid) instance of user
|
|
|
55 |
if ( ! isset( $_SESSION['user'] ) ) {
|
|
|
56 |
//print "Creating session users<br />";
|
|
|
57 |
$_SESSION['user'] = new Users( $customFields );
|
|
|
58 |
}
|
|
|
59 |
if ( isset( $_REQUEST['logout'] ) )
|
|
|
60 |
$_SESSION['user']->logout();
|
|
|
61 |
|
|
|
62 |
$url = htmlentities($_SERVER["PHP_SELF"]);
|
|
|
63 |
|
|
|
64 |
?>
|
|
|
65 |
<html>
|
|
|
66 |
<head>
|
|
|
67 |
<meta charset="utf-8">
|
|
|
68 |
<title>Login</title>
|
|
|
69 |
<link href='users.css' rel='stylesheet' type='text/css'>
|
|
|
70 |
</head>
|
|
|
71 |
<body>
|
|
|
72 |
<?php
|
|
|
73 |
//print '<pre>' . print_r( $_SESSION, true ) . "</pre>\n";
|
|
|
74 |
//print '<pre>' . print_r( $_REQUEST, true ) . "</pre>\n";
|
|
|
75 |
?>
|
|
|
76 |
<div class="login">
|
|
|
77 |
<?php
|
|
|
78 |
if ( isset( $_SESSION['user'] ) )
|
|
|
79 |
print $_SESSION['user']->HTML($connection);
|
|
|
80 |
?>
|
|
|
81 |
</div>
|
|
|
82 |
<div class='menu'>
|
|
|
83 |
<ul>
|
|
|
84 |
<?php
|
|
|
85 |
if ( isset( $_SESSION['user'] ) && $_SESSION['user']->name() ) {
|
|
|
86 |
print "<p>Logged in as " . $_SESSION['user']->name() . '</p>';
|
|
|
87 |
print "<li><a href='$url?doAdmin=1'>Change Password</a></li>\n";
|
|
|
88 |
print "<li><a href='$url?logout=1'>Log Out</a></li>";
|
|
|
89 |
}
|
|
|
90 |
?>
|
|
|
91 |
</ul>
|
|
|
92 |
</div>
|
|
|
93 |
<div class='content'>
|
|
|
94 |
<?php
|
|
|
95 |
if ( isset( $_REQUEST['doAdmin'] ) ) {
|
|
|
96 |
print $_SESSION['user']->admin($connection);
|
| 7 |
rodolico |
97 |
print $_SESSION['user']->errors();
|
|
|
98 |
$_SESSION['user']->clearErrors();
|
| 4 |
rodolico |
99 |
}
|
|
|
100 |
?>
|
|
|
101 |
</div>
|
|
|
102 |
|
|
|
103 |
</body>
|
|
|
104 |
</html>
|