From 865ecc87963dc3b26e66296616eef2a1cc41ac3f Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 25 Oct 2023 12:55:09 +0300 Subject: move to psr-4 autoloader --- classes/Pref_Users.php | 294 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 294 insertions(+) create mode 100644 classes/Pref_Users.php (limited to 'classes/Pref_Users.php') diff --git a/classes/Pref_Users.php b/classes/Pref_Users.php new file mode 100644 index 000000000..78291592d --- /dev/null +++ b/classes/Pref_Users.php @@ -0,0 +1,294 @@ +select_expr("id,login,access_level,email,full_name,otp_enabled") + ->find_one((int)$_REQUEST["id"]) + ->as_array(); + + global $access_level_names; + + if ($user) { + print json_encode([ + "user" => $user, + "access_level_names" => $access_level_names + ]); + } + } + + function userdetails(): void { + $id = (int) clean($_REQUEST["id"]); + + $sth = $this->pdo->prepare("SELECT login, + ".SUBSTRING_FOR_DATE."(last_login,1,16) AS last_login, + access_level, + (SELECT COUNT(int_id) FROM ttrss_user_entries + WHERE owner_uid = id) AS stored_articles, + ".SUBSTRING_FOR_DATE."(created,1,16) AS created + FROM ttrss_users + WHERE id = ?"); + $sth->execute([$id]); + + if ($row = $sth->fetch()) { + + $last_login = TimeHelper::make_local_datetime( + $row["last_login"], true); + + $created = TimeHelper::make_local_datetime( + $row["created"], true); + + $stored_articles = $row["stored_articles"]; + + $sth = $this->pdo->prepare("SELECT COUNT(id) as num_feeds FROM ttrss_feeds + WHERE owner_uid = ?"); + $sth->execute([$id]); + $row = $sth->fetch(); + + $num_feeds = $row["num_feeds"]; + + ?> + +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+ + +
+ + pdo->prepare("SELECT id,title,site_url FROM ttrss_feeds + WHERE owner_uid = ? ORDER BY title"); + $sth->execute([$id]); + ?> + + + + find_one($id); + + if ($user) { + $login = clean($_REQUEST["login"]); + + if ($id == 1) $login = "admin"; + if (!$login) return; + + $user->login = mb_strtolower($login); + $user->access_level = (int) clean($_REQUEST["access_level"]); + $user->email = clean($_REQUEST["email"]); + $user->otp_enabled = checkbox_to_sql_bool($_REQUEST["otp_enabled"] ?? ""); + + // force new OTP secret when next enabled + if (Config::get_schema_version() >= 143 && !$user->otp_enabled) { + $user->otp_secret = null; + } + + $user->save(); + } + + if ($password) { + UserHelper::reset_password($id, false, $password); + } + } + + function remove(): void { + $ids = explode(",", clean($_REQUEST["ids"])); + + foreach ($ids as $id) { + if ($id != $_SESSION["uid"] && $id != 1) { + $sth = $this->pdo->prepare("DELETE FROM ttrss_tags WHERE owner_uid = ?"); + $sth->execute([$id]); + + $sth = $this->pdo->prepare("DELETE FROM ttrss_feeds WHERE owner_uid = ?"); + $sth->execute([$id]); + + $sth = $this->pdo->prepare("DELETE FROM ttrss_users WHERE id = ?"); + $sth->execute([$id]); + } + } + } + + function add(): void { + $login = clean($_REQUEST["login"]); + + if (!$login) return; // no blank usernames + + if (!UserHelper::find_user_by_login($login)) { + + $new_password = make_password(); + + $user = ORM::for_table('ttrss_users')->create(); + + $user->salt = UserHelper::get_salt(); + $user->login = mb_strtolower($login); + $user->pwd_hash = UserHelper::hash_password($new_password, $user->salt); + $user->access_level = 0; + $user->created = Db::NOW(); + $user->save(); + + if (!is_null(UserHelper::find_user_by_login($login))) { + print T_sprintf("Added user %s with password %s", + $login, $new_password); + } else { + print T_sprintf("Could not create user %s", $login); + } + } else { + print T_sprintf("User %s already exists.", $login); + } + } + + function resetPass(): void { + UserHelper::reset_password(clean($_REQUEST["id"])); + } + + function index(): void { + + global $access_level_names; + + $user_search = clean($_REQUEST["search"] ?? ""); + + if (array_key_exists("search", $_REQUEST)) { + $_SESSION["prefs_user_search"] = $user_search; + } else { + $user_search = ($_SESSION["prefs_user_search"] ?? ""); + } + + $sort = clean($_REQUEST["sort"] ?? ""); + + if (!$sort || $sort == "undefined") { + $sort = "login"; + } + + if (!in_array($sort, ["login", "access_level", "created", "num_feeds", "created", "last_login"])) + $sort = "login"; + + if ($sort != "login") $sort = "$sort DESC"; + ?> + +
+
+
+ +
+ + +
+ +
+ +
+
+
+
+
+ + + + + + + + run_hooks(PluginHost::HOOK_PREFS_TAB_SECTION, "prefUsersToolbar") ?> + +
+
+
+ + + + + + + + + + + + + table_alias('u') + ->left_outer_join("ttrss_feeds", ["owner_uid", "=", "u.id"], 'f') + ->select_expr('u.*,COUNT(f.id) AS num_feeds') + ->where_like("login", $user_search ? "%$user_search%" : "%") + ->order_by_expr($sort) + ->group_by_expr('u.id') + ->find_many(); + + foreach ($users as $user) { ?> + + + + + + + + + + + +
+ + + person + +
+
+ run_hooks(PluginHost::HOOK_PREFS_TAB, "prefUsers") ?> +
+