summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/user/controllers/admin_users.php20
-rw-r--r--modules/user/controllers/users.php19
-rw-r--r--modules/user/helpers/user.php40
-rw-r--r--modules/user/helpers/user_installer.php4
-rw-r--r--modules/user/models/user.php2
-rw-r--r--modules/user/views/admin_users.html.php12
6 files changed, 56 insertions, 41 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 7325455c..4ec96a1a 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -23,4 +23,24 @@ class Admin_Users_Controller extends Controller {
$view->users = ORM::factory("user")->find_all();
return $view;
}
+
+ public function edit($id) {
+ $view = new View("admin_users_edit.html");
+ $user = ORM::factory("user", $id);
+ if (!$user->loaded) {
+ kohana::show_404();
+ }
+
+ $form = user::get_edit_form($user, "admin/users/edit/$id");
+ if (request::method() =="post" && $form->validate()) {
+ $user->name = $form->edit_user->uname->value;
+ $user->full_name = $form->edit_user->full_name->value;
+ $user->password = $form->edit_user->password->value;
+ $user->email = $form->edit_user->email->value;
+ $user->save();
+ url::redirect("admin/users/edit/$id");
+ }
+
+ return $form;
+ }
}
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index f6b77d0d..b287f685 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -46,16 +46,19 @@ class Users_Controller extends REST_Controller {
* @see Rest_Controller::_update($resource)
*/
public function _update($user) {
+ if ($user->guest || $user->id != user::active()->id) {
+ access::forbidden();
+ }
+
$form = user::get_edit_form($user);
if ($form->validate()) {
- foreach ($form->as_array() as $key => $value) {
- $user->$key = $value;
- }
+ $user->full_name = $form->edit_user->full_name->value;
+ $user->password = $form->edit_user->password->value;
+ $user->email = $form->edit_user->email->value;
$user->save();
if ($continue = $this->input->get("continue")) {
url::redirect($continue);
}
- return;
}
print $form;
}
@@ -72,7 +75,13 @@ class Users_Controller extends REST_Controller {
* @see Rest_Controller::form($resource)
*/
public function _form_edit($user) {
- print user::get_edit_form($user);
+ if ($user->guest || user::active()->id != $user->id) {
+ access::forbidden();
+ }
+
+ print user::get_edit_form(
+ $user,
+ "users/{$user->id}?_method=put&continue=" . $this->input->get("continue"));
}
/**
diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index daf95f02..387e0e3e 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -24,33 +24,13 @@
* Note: by design, this class does not do any permission checking.
*/
class user_Core {
- /**
- * Return the form for creating / modifying users.
- */
- public static function get_edit_form($user) {
- $form = new Forge(
- url::site("users/{$user->id}?_method=put"), "", "post", array("id" => "gUserForm"));
- $group = $form->group(_("User Info"));
-
- $group->input("name")
- ->label(_("Name"))
- ->id("gName")
- ->value($user->name);
-
- $group->input("display_name")
- ->label(_("Display Name"))
- ->id("gDisplayName")
- ->value($user->display_name);
-
- $group->password("password")
- ->label(_("Password"))
- ->id("gPassword");
-
- $group->input("email")
- ->label(_("Email"))
- ->id("gEmail")
- ->value($user->email);
-
+ public static function get_edit_form($user, $action) {
+ $form = new Forge($action, "", "post", array("id" => "gUserForm"));
+ $group = $form->group("edit_user")->label(_("Edit User"));
+ $group->input("uname")->label(_("Name"))->id("gName")->value($user->name);
+ $group->input("full_name")->label(_("Full Name"))->id("gFullName")->value($user->full_name);
+ $group->password("password")->label(_("Password"))->id("gPassword");
+ $group->input("email")->label(_("Email"))->id("gEmail")->value($user->email);
$group->submit(_("Modify"));
$form->add_rules_from($user);
return $form;
@@ -129,18 +109,18 @@ class user_Core {
* Create a new user.
*
* @param string $name
- * @param string $display_name
+ * @param string $full_name
* @param string $password
* @return User_Model
*/
- public static function create($name, $display_name, $password) {
+ public static function create($name, $full_name, $password) {
$user = ORM::factory("user")->where("name", $name)->find();
if ($user->loaded) {
throw new Exception("@todo USER_ALREADY_EXISTS $name");
}
$user->name = $name;
- $user->display_name = $display_name;
+ $user->full_name = $full_name;
$user->password = $password;
// Everybody group
diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php
index 739a8815..e19abc11 100644
--- a/modules/user/helpers/user_installer.php
+++ b/modules/user/helpers/user_installer.php
@@ -26,7 +26,7 @@ class user_installer {
$db->query("CREATE TABLE IF NOT EXISTS `users` (
`id` int(9) NOT NULL auto_increment,
`name` varchar(32) NOT NULL,
- `display_name` varchar(255) NOT NULL,
+ `full_name` varchar(255) NOT NULL,
`password` varchar(128) NOT NULL,
`login_count` int(10) unsigned NOT NULL DEFAULT 0,
`last_login` int(10) unsigned NOT NULL DEFAULT 0,
@@ -34,7 +34,7 @@ class user_installer {
`admin` BOOLEAN default 0,
`guest` BOOLEAN default 0,
PRIMARY KEY (`id`),
- UNIQUE KEY(`display_name`))
+ UNIQUE KEY(`name`))
ENGINE=InnoDB DEFAULT CHARSET=utf8;");
$db->query("CREATE TABLE IF NOT EXISTS `groups` (
diff --git a/modules/user/models/user.php b/modules/user/models/user.php
index 82834930..118c1669 100644
--- a/modules/user/models/user.php
+++ b/modules/user/models/user.php
@@ -22,7 +22,7 @@ class User_Model extends ORM {
var $rules = array(
"name" => "required|length[4,32]",
- "display_name" => "length[0,255]",
+ "full_name" => "length[0,255]",
"email" => "valid_email|length[4,255]",
"password" => "required|length[5,40]");
diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php
index 5e43fae9..fc6c98bf 100644
--- a/modules/user/views/admin_users.html.php
+++ b/modules/user/views/admin_users.html.php
@@ -5,9 +5,15 @@
<div class="gBlockContent">
<p>These are the users in your system</p>
<table>
- <? foreach ($users as $i => $user): ?>
- <tr><td><?= $user->name ?></td></tr>
- <? endforeach ?>
+ <? foreach ($users as $i => $user): ?>
+ <tr>
+ <td>
+ <a href="<?= url::site("admin/users/edit/$user->id") ?>">
+ <?= $user->name ?>
+ </a>
+ </td>
+ </tr>
+ <? endforeach ?>
</table>
</div>
</div>
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 14:17:34 +0000