Business/ManagePanel
2
0
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Flag users as disabled/deleted if they can't actually be deleted

Browse Source
This commit is contained in:
Skylar Ittner 2017-06-24 20:31:51 -06:00
parent e607c120c4
commit 207be7114a
6 changed files with 108 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
action.php
View File

@ -52,7 +52,8 @@ switch ($VARS['action']) {
'realname' => $VARS['name'],
'username' => $VARS['username'],
'email' => $VARS['email'],
'acctstatus' => $VARS['status']
'acctstatus' => $VARS['status'],
'deleted' => 0
];
if (!is_empty($VARS['pass'])) {
@ -78,6 +79,11 @@ switch ($VARS['action']) {
}
$olddata = $database->select('accounts', '*', ['uid' => $VARS['id']])[0];
$database->delete('accounts', ['uid' => $VARS['id']]);
if (!is_null($database->error()[1])) {
// If we can't delete the account (because it's referenced elsewhere),
// we will flag it as deleted and set the status to LOCKED_OR_DISABLED.
$database->update('accounts', ['acctstatus' => 2, 'deleted' => 1], ['uid' => $VARS['id']]);
}
insertAuthLog(16, $_SESSION['uid'], $olddata['username'] . ", " . $olddata['realname'] . ", " . $olddata['email'] . ", " . $olddata['acctstatus']);
returnToSender("user_deleted");
case "rmtotp":

4
lang/en_us.php
View File

@ -85,5 +85,7 @@ define("STRINGS", [
"remove 2fa" => "Reset 2FA",
"action performed by" => "Action performed by {user}",
"2fa removed" => "2-factor authentication removed.",
"2fa" => "2FA"
"2fa" => "2FA",
"show deleted" => "Show deleted",
"editing deleted account" => "You are editing an account marked as deleted. The account will be undeleted if you press Save."
]);

50
lib/getusertable.php
View File

@ -6,11 +6,20 @@ dieifnotloggedin();
header("Content-Type: application/json");
$show_deleted = false;
if ($VARS['show_deleted'] == 1) {
$show_deleted = true;
}
$out = [];
$out['draw'] = intval($VARS['draw']);
$out['recordsTotal'] = $database->count('accounts');
if ($show_deleted) {
$out['recordsTotal'] = $database->count('accounts');
} else {
$out['recordsTotal'] = $database->count('accounts', ['deleted' => 0]);
}
$filter = false;
// sort
@ -43,19 +52,37 @@ switch ($VARS['order'][0]['column']) {
// search
if (!is_empty($VARS['search']['value'])) {
$filter = true;
$wherenolimit = [
"OR" => [
"username[~]" => $VARS['search']['value'],
"realname[~]" => $VARS['search']['value'],
"email[~]" => $VARS['search']['value'],
"statuscode[~]" => $VARS['search']['value'],
"typecode[~]" => $VARS['search']['value']
]
];
if ($show_deleted) {
$wherenolimit = [
"OR" => [
"username[~]" => $VARS['search']['value'],
"realname[~]" => $VARS['search']['value'],
"email[~]" => $VARS['search']['value'],
"statuscode[~]" => $VARS['search']['value'],
"typecode[~]" => $VARS['search']['value']
]
];
} else {
$wherenolimit = [
"AND" => [
"OR" => [
"username[~]" => $VARS['search']['value'],
"realname[~]" => $VARS['search']['value'],
"email[~]" => $VARS['search']['value'],
"statuscode[~]" => $VARS['search']['value'],
"typecode[~]" => $VARS['search']['value']
],
"deleted" => 0
]
];
}
$where = $wherenolimit;
$where["LIMIT"] = [$VARS['start'], $VARS['length']];
} else {
$where = ["LIMIT" => [$VARS['start'], $VARS['length']]];
if (!$show_deleted) {
$where["deleted"] = 0;
}
}
if (!is_null($order)) {
$where["ORDER"] = $order;
@ -74,7 +101,8 @@ $users = $database->select('accounts', [
'acctstatus',
'statuscode',
'accttype',
'typecode'
'typecode',
'deleted'
], $where);

17
pages/edituser.php
View File

@ -12,7 +12,8 @@ $userdata = [
'email' => '',
'authsecret' => '',
'acctstatus' => '',
'typecode' => 'LOCAL'
'typecode' => 'LOCAL',
'deleted' => 0
];
$editing = false;
@ -27,7 +28,8 @@ if (!is_empty($VARS['id'])) {
'email',
'authsecret',
'acctstatus',
'typecode'
'typecode',
'deleted'
], [
'uid' => $VARS['id']
])[0];
@ -70,6 +72,13 @@ if ($userdata['typecode'] != "LOCAL") {
</div>
<?php
}
if ($userdata['deleted'] == 1) {
?>
<div class="alert alert-info">
<?php lang("editing deleted account"); ?>
</div>
<?php
}
?>
<div class="form-group">
<label for="name"><i class="fa fa-user"></i> <?php lang("name"); ?></label>
@ -80,7 +89,7 @@ if ($userdata['typecode'] != "LOCAL") {
<div class="col-xs-12 col-md-6">
<div class="form-group">
<label for="username"><i class="fa fa-id-badge"></i> <?php lang("username"); ?></label>
<input type="text" <?php if (!$localacct) echo "disabled"; ?> class="form-control" name="username" id="username" placeholder="<?php lang("placeholder username"); ?>" required="required" value="<?php echo htmlspecialchars($userdata['username']); ?>" />
<input type="text" <?php if (!$localacct) echo "readonly=\"readonly\""; ?> class="form-control" name="username" id="username" placeholder="<?php lang("placeholder username"); ?>" required="required" value="<?php echo htmlspecialchars($userdata['username']); ?>" />
</div>
</div>
<div class="col-xs-12 col-md-6">
@ -95,7 +104,7 @@ if ($userdata['typecode'] != "LOCAL") {
<div class="col-xs-12 col-md-6">
<div class="form-group">
<label for="pass"><i class="fa fa-lock"></i> <?php lang("new password"); ?></label>
<input type="text" <?php if (!$localacct) echo "disabled"; ?> autocomplete="new-password" class="form-control" name="pass" id="pass" placeholder="<?php lang("placeholder password"); ?>" />
<input type="text" <?php if (!$localacct) echo "readonly=\"readonly\""; ?> autocomplete="new-password" class="form-control" name="pass" id="pass" placeholder="<?php lang("placeholder password"); ?>" />
</div>
</div>

62
pages/users.php
View File

@ -21,34 +21,34 @@ redirectifnotloggedin();
</thead>
<tbody>
<?php
/*$users = $database->select('accounts', [
"[>]acctstatus" => ['acctstatus' => 'statusid'],
"[>]accttypes" => ['accttype' => 'typeid']
], [
'uid',
'username',
'realname',
'email',
'acctstatus',
'statuscode',
'accttype',
'typecode'
]);
foreach ($users as $u) {
?>
<tr>
<td></td>
<td>
<a class="btn btn-blue btn-xs" href="app.php?page=edituser&id=<?php echo $u['uid']; ?>"><i class="fa fa-pencil-square-o"></i> <?php lang("edit"); ?></a>
</td>
<td><?php echo $u['realname']; ?></td>
<td><?php echo $u['username']; ?></td>
<td><?php echo ($u['email'] == "NOEMAIL@EXAMPLE.COM" ? "" : $u['email']); ?></td>
<td><?php echo $u['statuscode']; ?></td>
<td><?php echo $u['typecode']; ?></td>
</tr>
<?php
}*/
/* $users = $database->select('accounts', [
"[>]acctstatus" => ['acctstatus' => 'statusid'],
"[>]accttypes" => ['accttype' => 'typeid']
], [
'uid',
'username',
'realname',
'email',
'acctstatus',
'statuscode',
'accttype',
'typecode'
]);
foreach ($users as $u) {
?>
<tr>
<td></td>
<td>
<a class="btn btn-blue btn-xs" href="app.php?page=edituser&id=<?php echo $u['uid']; ?>"><i class="fa fa-pencil-square-o"></i> <?php lang("edit"); ?></a>
</td>
<td><?php echo $u['realname']; ?></td>
<td><?php echo $u['username']; ?></td>
<td><?php echo ($u['email'] == "NOEMAIL@EXAMPLE.COM" ? "" : $u['email']); ?></td>
<td><?php echo $u['statuscode']; ?></td>
<td><?php echo $u['typecode']; ?></td>
</tr>
<?php
} */
?>
</tbody>
<tfoot>
@ -63,3 +63,9 @@ redirectifnotloggedin();
<th data-priority="4"><i class="fa fa-fw fa-server"></i> <?php lang('type'); ?></th>
</tfoot>
</table>
<script>
/* Give JavaScript access to the lang string
* it needs to inject the show deleted checkbox
*/
var lang_show_deleted = "<?php lang("show deleted") ?>";
</script>

13
static/js/users.js
View File

@ -1,4 +1,4 @@
$('#usertable').DataTable({
var usertable = $('#usertable').DataTable({
responsive: {
details: {
display: $.fn.dataTable.Responsive.display.modal({
@ -30,6 +30,11 @@ $('#usertable').DataTable({
serverSide: true,
ajax: {
url: "lib/getusertable.php",
data: function (d) {
if ($('#show_deleted_checkbox').is(':checked')) {
d.show_deleted = 1;
}
},
dataFilter: function (data) {
var json = jQuery.parseJSON(data);
json.data = [];
@ -37,8 +42,8 @@ $('#usertable').DataTable({
json.data.push([
"",
row.editbtn,
row.realname,
row.username,
(row.deleted == 1 ? "<del style=\"color: red;\">" : "") + row.realname + (row.deleted == 1 ? "</del>" : ""),
(row.deleted == 1 ? "<span style=\"color: red;\">" : "") + row.username + (row.deleted == 1 ? "</span>" : ""),
row.email,
(row['2fa'] == true ? "<i class='fa fa-check'></i>" : "<i class='fa fa-times'></i>"),
row.statuscode,
@ -49,3 +54,5 @@ $('#usertable').DataTable({
}
}
});
$('#usertable_filter').append("<div class=\"checkbox\" style=\"display: inline-block\"><label><input type=\"checkbox\" id=\"show_deleted_checkbox\" onclick=\"usertable.ajax.reload()\"> " + lang_show_deleted + "</label></div>");