Function Descriptionmodify_screen Called by showScreento display the user modification interface.. modify_screenalso uses a User object called $userObj to get current user information an
Trang 1Function Description
modify_screen() Called by showScreen()to display the user modification
interface modify_screen()also uses a User object called
$userObj to get current user information and display it on the interface.
add_screen() Called by showScreen()to display the user add interface
checkPassword() Checks the user-entered password for length and confirmation
tests.
checkInput() Checks if the user has entered the username (EMAIL), user type
(TYPE), and password (PASSWORD) information correctly from user interfaces displayed in user management.
authorize() Determines if the user is authorized to run the application If the
user is not $ADMINISTRATIVE_USER, then the method returns FALSE Otherwise, it returns TRUE.
Listing 6-2 shows the user manager application called user_mngr.php.
Listing 6-2: user_mngr.php
<?php
require_once “user_mngr.conf”;
require_once $USER_CLASS;
class userManagerApp extends PHPApplication {
function run() {
global $USERMNGR_MNGR;
$cmd = $this->getRequestField(‘cmd’);
if (! $this->authorize()) {
$this->alert(‘UNAUTHORIZED_ACCESS’);
}
Continued
Trang 2Listing 6-2 (Continued)
// At this point user is authorized
$cmd = strtolower($cmd);
if (!strcmp($cmd, ‘add’)) {
$this->addDriver();
} else if (!strcmp($cmd, ‘modify’)) {
$this->modifyDriver();
} else if (!strcmp($cmd, ‘delete’)) {
$this->deleteUser();
} else {
global $USERMNGR_MENU_TEMPLATE;
print $this->showScreen($USERMNGR_MENU_TEMPLATE,
‘menu’,
$USERMNGR_MNGR);
} }
function modifyDriver() {
$step = $this->getRequestField(‘step’);
if ($step == 2) {
$this->modifyUser();
} else {
global $USERMNGR_USER_TEMPLATE, $USERMNGR_MNGR;
print $this->showScreen($USERMNGR_USER_TEMPLATE,
‘modify_screen’,
Trang 3function addDriver() {
$step = $this->getRequestField(‘step’);
if ($step == 2) {
$this->addUser();
} else {
global $USERMNGR_USER_TEMPLATE, $USERMNGR_MNGR;
print $this->showScreen($USERMNGR_USER_TEMPLATE,
‘add_screen’,
$USERMNGR_MNGR);
} }
function addUser() {
$username = $this->getRequestField(‘username’);
$password1 = $this->getRequestField(‘password1’);
$password2 = $this->getRequestField(‘password2’);
$user_type = $this->getRequestField(‘user_type’);
$active = $this->getRequestField(‘active’);
global $DEFAULT_DOMAIN,
$USERMNGR_MNGR;
$this->checkInput();
if (!strstr($username,’’)) {
$username = $username ‘’ $DEFAULT_DOMAIN;
}
$salt = chr(rand(64,90)) chr(rand(64,90));
$cryptPassword = crypt($password1, $salt);
Continued
Trang 4Listing 6-2 (Continued)
$hash = array(
‘EMAIL’ => strtolower($username),
‘PASSWORD’ => $cryptPassword,
‘TYPE’ => $user_type,
‘ACTIVE’ => $active );
$userObj = new User($this->dbi);
$status = $userObj->addUser($hash);
if ($status) {
$this->show_status($this->getMessage(‘USER_ADD_SUCCESSFUL’),
$USERMNGR_MNGR);
} else {
$this->show_status($this->getMessage(‘USER_ADD_FAILED’),
$USERMNGR_MNGR);
}
}
function modifyUser() {
$username = $this->getRequestField(‘username’);
$password1 = $this->getRequestField(‘password1’);
$password2 = $this->getRequestField(‘password2’);
$user_type = $this->getRequestField(‘user_type’);
$active = $this->getRequestField(‘active’);
$user_id = $this->getRequestField(‘user_id’);
global $USERMNGR_MNGR,
$ADMINISTRATIVE_USER,
$ROOT_USER,
$DUMMY_PASSWD;
$this->checkInput();
// If user is ROOT USER then she cannot be deactivated
if ( ! strcmp($username, $ROOT_USER))
Trang 5if (! $active ) {
$this->alert(‘INACTIVE_NOT_OK’);
return;
}
if ($user_type != $ADMINISTRATIVE_USER) {
$this->alert(‘OPERATION_NOT_ALLOWED’);
return;
}
}
$hash = array(
‘TYPE’ => $user_type,
‘ACTIVE’ => $active,
‘USER_ID’ => $user_id );
if (strcmp($password1, $DUMMY_PASSWD)) {
$salt = chr(rand(64,90)) chr(rand(64,90));
$cryptPassword = crypt($password1, $salt);
$hash[‘PASSWORD’] = $cryptPassword;
}
$userObj = new User($this->dbi, $user_id);
$userObj->getUserInfo();
$hash[‘EMAIL’] = (strcmp($username,
$userObj->getEMAIL())) ? strtolower($username) : null;
$status = $userObj->updateUser($hash);
Continued