LILiK
/
lilik-users
5
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
253 KiB
Tree: 68cf9bbbb8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '68cf9bbbb8'
${ noResults }
lilik-users/user.php

132 lines
3.1 KiB
Raw Normal View History

first commit
11 years ago
 
  1. <?
  2. session_start();
  3. $response=array();
  4. if (isset($_POST['username'])) {
  5. 	$_SESSION['username']=$_POST['username'];
  6. 	$_SESSION['password']=$_POST['password'];
  7. }
  8. 

  9. if (!isset($_SESSION['username'])) {
  10. 	$response['error']='Credenziali non valide';
  11. 	echo json_encode($response);
  12. 	exit;
  13. }
  14. if (isset($_GET['logout'])){
  15. 	session_destroy();
  16. 	$response['info']='Logout effettuato';
  17. 	$response['loggedin']=False;
  18. 	echo json_encode($response);
  19. 	exit;
  20. }
  21. include 'config.php';
  22. include 'lilikuser.php';
  23. 

  24. $u=new LilikUser($_SESSION['username']);
  25. 

  26. #bind ldap or exit

  27. $loggedin=$u->check_password($_SESSION['password']);
  28. $response['loggedin']=$loggedin;
  29. if (!$loggedin){
  30. 	$response['error']='Credenziali non valide';
  31. 	echo json_encode($response);
  32. 	exit;
  33. }
  34. 

  35. $admin=$u->is_admin();
  36. $response['admin']=$admin;
  37. $user=$_SESSION['username'];
  38. if (isset($_GET['user']) and $_GET['user']!=$_SESSION['username']){
  39. 	if ($admin){
  40. 		$user=$_GET['user'];
  41. 	}else{
  42. 		$response['error']='Permessi non sufficienti per visualizzare l\'utente';
  43. 		echo json_encode($response);
  44. 		exit;
  45. 	}
  46. }
  47. 

  48. if (isset($_POST['new_user'])){
  49. 	if($admin){
  50. 		$u3=new LilikUser($user);
  51. 		$u3->create($_POST['new_name'],$_POST['new_surname'],$_POST['new_passwd']);
  52. 		$response['success']='Utente creato <a href="/users/'.$user.'/">vai alla pagina</a>';
  53. 		echo json_encode($response);
  54. 		exit;
  55. 	}else{
  56. 		$response['error']='Permessi non sufficienti per creare l\'utente';
  57. 	}
  58. }
  59. 

  60. $u2=new LilikUser($user);
  61. if (!$u2->exist()){
  62. 	$response['error']='Utente inesistente';
  63. 	$response['exist']=false;
  64. 	echo json_encode($response);
  65. 	exit;
  66. }
  67. $response['avaible_services']=$u2->get_services();
  68. 

  69. if (isset($_POST['new_password'])) {
  70. 	if(!$admin and !$u2->check_password($_POST['old_password'])){
  71. 		$response['error']='Password errata';
  72. 	}else{
  73. 		if ($_POST['new_password']==$_POST['new_password2'] and $_POST['new_password']!=''){
  74. 			$u2->set_attr('userPassword', $_POST['new_password']);
  75. 			$response['edit']=True;
  76. 			if ($user==$_SESSION['username']){
  77. 				$_SESSION['password']=$_POST['new_password'];
  78. 			}
  79. 		}else{
  80. 			$response['error']='La password non coincide';
  81. 		}
  82. 	}
  83. }
  84. 

  85. if (isset($_POST['services'])) {
  86. 	if($admin){
  87. 		$response['edit']=True;
  88. 		$actual=$u2->get_enabled_services();
  89. 		$to_disable=array_diff($actual, $_POST['services']);
  90. 		$to_enable=array_diff($_POST['services'], $actual);
  91. 		foreach (["enable"=>$to_enable, "disable"=>$to_disable] as $function=>$services){
  92. 			foreach ($services as $service){
  93. 				try {
  94. 					$u2->$function($service);
  95. 				} catch (Exception $e) {
  96. 					if ($e->getMessage()=="Service not found"){
  97. 						$response['error']="Servizio sconosciuto: $service";
  98. 					}else{
  99. 						throw $e;
  100. 					}
  101. 				}
  102. 			}
  103. 		}
  104. 	}else{
  105. 		$response['error']='Permessi non sufficienti';
  106. 	}
  107. }
  108. 

  109. 

  110. if (isset($_POST['cn'])) {
  111. 	if($admin){
  112. 		$response['edit']=True;
  113. 		if ($u2->get_attr('cn')!=$_POST['cn']){
  114. 			$u2->set_attr('cn', $_POST['cn']);
  115. 			
  116. 		}
  117. 	}else{
  118. 		$response['error']='Permessi non sufficienti';
  119. 	}
  120. }
  121. 

  122. if ($response['edit']==True and !isset($response['error'])){
  123. 	$response['success']='Salvataggio effettuato';
  124. }
  125. 

  126. $response['services']=$u2->get_enabled_services();
  127. $response['username']=$user;
  128. $response['cn']=$u2->get_attr('cn');
  129. 

  130. echo json_encode($response);
  131. 

  132. ?>