diff options
Diffstat (limited to 'modules/admin.php')
| -rw-r--r-- | modules/admin.php | 304 |
1 files changed, 304 insertions, 0 deletions
diff --git a/modules/admin.php b/modules/admin.php new file mode 100644 index 00000000..6eb9da04 --- /dev/null +++ b/modules/admin.php @@ -0,0 +1,304 @@ +<?php +/* + + This contains all of the subroutines for handling any + administration function such as prefereneces, etc. + +*/ + +/* + * show_access_list + * + * Used in the access.inc template for getting information about + * remote servers that have access to use this Ampache server's + * catalog. + */ +function show_access_list () { + $dbh = dbh(); + + $sql = "SELECT * FROM access_list"; + $db_result = mysql_query($sql, $dbh); + + if ( mysql_num_rows($db_result) ) { + while ($host = mysql_fetch_object($db_result) ) { + + $ip = int2ip($host->ip); + + print("\t<tr><td bgcolor=\"" . conf('secondary_color') . "\">$host->name</td>". + "<td bgcolor=\"" . conf('secondary_color') . "\">$ip</td>". + "<td bgcolor=\"" . conf('secondary_color') . "\"><a href=\"" . conf('web_path') . "/access.php?action=delete_host&id=$host->id\">Delete</td></tr>\n"); + } + } + else { + print("\t<tr><td bgcolor=\"" . conf('secondary_color') . "\"colspan=\"3\">You don't have any hosts in your access list.</td></tr>\n"); + } +} // show_access_list() + + +/* + * show_manage_users + * + */ + +function show_manage_users () { + + echo "<table class=\"text-box\">\n<tr><td>\n"; + echo "<span class=\"header2\">" . _("Manage Users") . "</span><br />\n"; + echo "<p>Use the following tools to manage the users that access your site.</p>\n"; + echo "<ul>\n\t<li><a href=\"".conf('web_path') . "/admin/users.php?action=show_add_user\">" . _("Add a new user") . "</a></li\n</dl>\n"; + echo "</td></tr></table>"; + + show_users(); +} // show_manage_users() + + +/*! + @function show_user_form + @discussion shows the user form +*/ +function show_user_form ($id, $username, $fullname, $email, $access, $type, $error) { + + require(conf('prefix').'/templates/userform.inc'); + +} // show_user_form() + + +/* + * show_change_password + * + */ + +function show_change_password ($username) { + + $user = get_user($username); + + print("<form name=\"change_password\" method=\"post\" action=\"user.php\">"); + + print("<p style=\"font-size: 10px; font-weight: bold;\">Changing User Password</p>\n"); + + print("<table width=\"90%\">"); + + print("<tr>\n"); + print("<td>Enter password:</td>"); + print("<td><input type=password name=new_password_1 size=30 value=\"\"></td>"); + print("</tr>\n"); + + print("<tr>\n"); + print("<td>Enter password again:</td>"); + print("<td><input type=password name=new_password_2 size=30 value=\"\"></td>"); + print("</tr>\n"); + + print("</table>\n"); + print("<input type=submit name=\"action\" value=\"Change Password\">"); + print("</form>"); +} // show_change_password + +/* + * show_update_user_info + * + */ + +function show_update_user_info ($username) { + + $user = get_user($username); + + $user->offset_limit = abs($user->offset_limit); + + print("<form name=\"change_password\" method=\"post\" action=\"user.php\">"); + + print("<p style=\"font-size: 10px; font-weight: bold;\">Changing User Information for $user->fullname</p>\n"); + + print("<table width=\"90%\">"); + + print("<tr>\n"); + print("<td>Fullname:</td>"); + print("<td><input type=text name=new_fullname size=30 value=\"$user->fullname\"></td>"); + print("</tr>\n"); + + print("<tr>\n"); + print("<td>Email:</td>"); + print("<td><input type=text name=new_email size=30 value=\"$user->email\"></td>"); + print("</tr>\n"); + + print("<tr>\n"); + print("<td>View Limit:</td>"); + print("<td><input type=text name=new_offset size=5 value=\"$user->offset_limit\"></td>"); + print("</tr>\n"); + + print("</table>\n"); + print("<input type=submit name=\"action\" value=\"Update Profile\">"); + print("</form>"); +} // show_update_user_info() + +/* + * show_delete_stats + * + */ + +function show_delete_stats($username) { + print("<form name=\"clear_statistics\" method=\"post\" action=\"user.php\">"); + print("<br>"); + + if ( $username == 'all') { + print("<p style=\"font-size: 10px; font-weight: bold;\">Delete Your Personal Statistics</p>\n"); + } + else { + print("<p style=\"font-size: 10px; font-weight: bold;\">Delete Your Personal Statistics</p>\n"); + } + + print("<input type=submit name=\"action\" value=\"Clear Stats\">"); + print("</form>"); +} // show_delete_stats() + + +/* + * clear_catalog_stats() + * + * Use this to clear the stats for the entire Ampache server. + * + */ + +function clear_catalog_stats() { + $dbh = dbh(); + $sql = "DELETE FROM object_count"; + $result = mysql_query($sql, $dbh); + $sql = "UPDATE song SET played = 'false'"; + $result = mysql_query($sql, $dbh); +} // clear_catalog_stats + + +/* + * check_user_form + * + */ + +function check_user_form ($username, $fullname, $email, $pass1, $pass2, $type) { + global $dbh; + + $sql = "SELECT * FROM user WHERE username='$username'"; + $db_result = mysql_query($sql, $dbh); + + if ( mysql_num_rows($db_result) ) { + return "That username is already taken, please choose another."; + } + + if ( $type == 'new_user' ) { + if ( empty($username) ) { + return "Please fill in a username."; + } + elseif ( ($pass1 != $pass2) || (empty($pass1) || empty($pass2)) ) { + return "Sorry, your passwords do no match."; + } + } + elseif ( empty($fullname) ) { + return "Please fill in a full name."; + } + elseif ( empty($email) ) { + return "Please fill in an email address."; + } + elseif ( ($pass1 != $pass2) || (empty($pass1) || empty($pass2)) ) { + if ( $type == 'new_user' ) { + return "Sorry, your passwords do no match."; + } + } + + return false; +} // check_user_form() + +/* + * get_user + * + */ +function get_user_byid ($id) { + + + $sql = "SELECT * FROM user WHERE id='$id'"; + $db_result = mysql_query($sql, dbh()); + return (mysql_fetch_object($db_result)); +} // get_user_byid() + +function get_user ($username) { + + + $sql = "SELECT * FROM user WHERE username='$username'"; + $db_result = mysql_query($sql, dbh()); + + return (mysql_fetch_object($db_result)); +} // get_user() + +/* + * delete_user + * + */ + +function delete_user ($username) { + + // delete from the user table + $sql = "DELETE FROM user WHERE username='$username'"; + $db_result = mysql_query($sql, dbh()); + + // also delete playlists for user + $sql = "DELETE FROM playlist WHERE owner='$username'"; + $db_result = mysql_query($sql, dbh()); + + delete_user_stats('all'); + +} // delete_user() + +/* + * update_user + * + */ + +function update_user ($username, $fullname, $email, $access) +{ + $dbh = libglue_param(libglue_param('dbh_name')); + if(!$username || !$fullname || !$email || !$access) return 0; + $sql = "UPDATE user ". + "SET fullname='$fullname',". + "email='$email',". + "access='$access'". + "WHERE username='$username'"; + $db_result = mysql_query($sql, $dbh); + if($db_result) return 1; + else return 0; +} // update_user() + +/* + * update_user_info + * + * this for use by 'user' to update limited amounts of info + * + */ + +function update_user_info ($username, $fullname, $email,$offset) { + + $dbh = libglue_param(libglue_param('dbh_name')); + + $sql = "UPDATE user SET fullname='$fullname', email='$email', offset_limit='$offset' WHERE username='$username'"; + $db_result = mysql_query($sql, $dbh); + + // Update current session (so the views are updated) + $_SESSION['offset_limit'] = $offset; + + return ($db_result)?1:0; + +} // update_user_info() + + +/* + * set_user_password + * + */ + +function set_user_password ($username, $password1, $password2) { + + $dbh = libglue_param(libglue_param('dbh_name')); + if($password1 !== $password2) return 0; + + $sql = "UPDATE user SET password=PASSWORD('$password1') WHERE username='$username' LIMIT 1"; + $db_result = mysql_query($sql, $dbh); + return ($db_result)?1:0; +} // set_user_password() + +?> |