# # # add_file "www/administrator.js" # content [6c90694cc02ec84ca391741656b00c9f4ef6692d] # # add_file "www/userlist.php" # content [1b75d989cf421d3d1a6c89b9bc1b92ac83703554] # # patch "install" # from [51c70817928b277ef2135f1725bcafdc514ca3c9] # to [590996a3a02a088b78ef1cec25925a51ff8d0dbc] # # patch "schema.sql" # from [7ac9ff4513b78347c54178c96cae5d09604716e5] # to [6185e01fe4e92e7aa710623b32adc8492fe416a4] # # patch "www/common.php" # from [0edc904e86c5b864aea3765104987ef069fd618f] # to [07f4b2e45766914b338455534b81237e17158ba1] # # patch "www/index.php" # from [9c415a134ece496a7a2015c8fb3e2e6e7f9d58a9] # to [19260ebd2eaa4f8d38c0f5ababadbad31c6dd1af] # # patch "www/login.php" # from [53f3fcfe78d47e975b16cc3237465f91688225fe] # to [14aef06b5d11e08fadc7ee1ca05365c1c728b55d] # # patch "www/proj-ctrl.php" # from [4174270cbc77848dd88cd09efec5f3f010c46ea3] # to [28df80702237dfa4a1038834c9df4ab296e3f6e2] # # patch "www/sidebar.php" # from [d486ed8f0caaf5606ca6de2157d8392677239e5b] # to [1b09b8489aa37f03a65aa07bce2d630c7f408c18] # # patch "www/user.php" # from [8a88e97360ed641441ac944fbbb831fca160ec65] # to [8b0cc7a2a80ae3c4cd5e58ae3604cb69dbc0ecb7] # ============================================================ --- www/administrator.js 6c90694cc02ec84ca391741656b00c9f4ef6692d +++ www/administrator.js 6c90694cc02ec84ca391741656b00c9f4ef6692d @@ -0,0 +1,55 @@ + +rmproj = function (name) { + status("Deleting project '"+name+"'..."); + if (!confirm("Are you sure you want to delete "+name+"?")) { + status("Delete canceled."); + return; + } + var args = {'project':name,'action':'delete_project'}; + call_server("proj-ctrl.php", args, "rmproj", function (data) { + removeElement("projdiv_"+name); + clearstatus(); + }); +} + +rmuser = function(name) { + status("Deleting user "+name+"..."); + if (!confirm("Are you sure you want to delete "+name+"?")) { + status("Delete canceled."); + return; + } + var args = {'who':name,'action':'delete_user'}; + call_server("user-ctrl.php", args, "rmuser", function (data) { + removeElement("userli_"+name); + clearstatus(); + }); +} + +op = function(name) { + status("Setting admin flag for "+name+"..."); + var args = {'who':name,'action':'op'}; + call_server("user-ctrl.php", args, "op", function (data) { + clearstatus(); + }); +} + +deop = function(name) { + status("Removing admin flag from "+name+"..."); + var args = {'who':name,'action':'deop'}; + call_server("user-ctrl.php", args, "deop", function (data) { + clearstatus(); + }); +} + +chuserpass = function(name) { + status("Resetting password for "+name+"..."); + var newpass = prompt('Enter a new password for ' + name, ''); + if (newpass == '') { + clearstatus(); + return; + } + var args = {'who':name,'new_password':newpass,'action':'chuserpass'}; + call_server("user-ctrl.php", args, "chuserpass", function (data) { + clearstatus(); + }); +} ============================================================ --- www/userlist.php 1b75d989cf421d3d1a6c89b9bc1b92ac83703554 +++ www/userlist.php 1b75d989cf421d3d1a6c89b9bc1b92ac83703554 @@ -0,0 +1,66 @@ + + + + + +Project List + + + + + + + + + + + + + +
+
+ +%s\n", + $what, $who, $text); +} +function display_user($username, $admin) { + global $administrator; + printf("
  • \n", $username); + printf("%s\n", $username, $username); + if ($admin) { + print "| Site Administrator\n"; + } + if ($administrator) { + adminlink('chuserpass', $username, '[Reset password]'); + if ($admin) + adminlink('deop', $username, '[de-op]'); + else + adminlink('op', $username, '[op]'); + adminlink('rmuser', $username, '[Delete]'); + } + printf("
    • \n"); +} + +$query= "SELECT username, admin FROM users ORDER BY admin DESC"; +$result = $db->Execute($query); +if ($result) { + print "\n"; +} else + print "ERROR<\n"; +$db->Close(); +?> + +
    +
    + + ============================================================ --- install 51c70817928b277ef2135f1725bcafdc514ca3c9 +++ install 590996a3a02a088b78ef1cec25925a51ff8d0dbc @@ -82,6 +82,7 @@ # The main directory migh just have gotten destroyed, let's recreate it mkdir -p $WWWDIR/ (cd www; tar -cf - .) | (cd $WWWDIR; tar -xf -) + chmod -R a+r $WWWDIR/ echo "Copied www/... to $WWWDIR/..." rm -f $WWWDIR/MochiKit ============================================================ --- schema.sql 7ac9ff4513b78347c54178c96cae5d09604716e5 +++ schema.sql 6185e01fe4e92e7aa710623b32adc8492fe416a4 @@ -1,6 +1,7 @@ CREATE TABLE users ( username varchar(80), - password varchar(80), + password char(40), + admin smallint, primary key (username) ); CREATE TABLE projects ( name varchar(80), ============================================================ --- www/common.php 0edc904e86c5b864aea3765104987ef069fd618f +++ www/common.php 07f4b2e45766914b338455534b81237e17158ba1 @@ -93,13 +93,17 @@ include_once($adodb_path); $validuser = false; +$administrator = false; $db = &ADONewConnection( $dbstring ); -$result = $db->Execute("SELECT password FROM users WHERE username=?", array($username)); +$result = $db->Execute("SELECT password, admin FROM users WHERE username=?", array($username)); if ($result) { $rows = $result->RecordCount(); if ($rows == 1) { if ($result->fields[0] == $shapass) { $validuser = true; + if ($result->fields[1] == 1) { + $administrator = true; + } } } } ============================================================ --- www/index.php 9c415a134ece496a7a2015c8fb3e2e6e7f9d58a9 +++ www/index.php 19260ebd2eaa4f8d38c0f5ababadbad31c6dd1af @@ -8,6 +8,9 @@ + + + @@ -19,9 +22,13 @@ \n"); + printf("
    \n", $row[$pos_project]); + if ($administrator) { + printf('[Delete]', $row[$pos_project]); + } printf("%s | \n", $row[$pos_project]); printf("Project info page | \n", $row[$pos_project]); if ($maintainer_p) { ============================================================ --- www/login.php 53f3fcfe78d47e975b16cc3237465f91688225fe +++ www/login.php 14aef06b5d11e08fadc7ee1ca05365c1c728b55d @@ -31,7 +31,8 @@
    \n"; } else if ($result->RecordCount() == 0) { - $query = "INSERT INTO users (username, password) VALUES ('%s', '%s')"; + $query = "INSERT INTO users (username, password, admin) VALUES ('%s', '%s', 0)"; $ires = $db->Execute("INSERT INTO users (username, password) VALUES(?,?)", array($username, $shapass)); if (!$ires) { ============================================================ --- www/proj-ctrl.php 4174270cbc77848dd88cd09efec5f3f010c46ea3 +++ www/proj-ctrl.php 28df80702237dfa4a1038834c9df4ab296e3f6e2 @@ -168,6 +168,20 @@ $db->CommitTrans(); } else print $json->encode(array("error" => "username or password incorrect.")); +} else if ($action == "delete_project") { + if (!preg_match('/^[a-zA-Z0-9-]*$/D', $project)) { + print $json->encode(array("error" => "That is not a valid project name.")); + } else if (!$administrator) { + print $json->encode(array("error" => "You are not permitted to do that.")); + } else { + $db->Execute("DELETE FROM projects WHERE name=?", array($project)); + $db->Execute("DELETE FROM permissions WHERE project=?", array($project)); + $db->Execute("DELETE FROM resources WHERE project=?", array($project)); + $projdir = $project_dir . '/'. $project; + $projwww = $www_dir . '/projects/'. $project; + exec("rm -rf '$projdir' '$projwww'"); + print $json->encode(array("ok" => sprintf("'%s' deleted.", $project))); + } } else print $json->encode(array("error" => sprintf("'%s' not implemented.", $action))); $db->Close(); ============================================================ --- www/sidebar.php d486ed8f0caaf5606ca6de2157d8392677239e5b +++ www/sidebar.php 1b09b8489aa37f03a65aa07bce2d630c7f408c18 @@ -32,7 +32,8 @@ } ?>
    -Project index
    +Project index
    +User list
    - +
    Change password:

    - +