allerta-vvf
/
allerta-vvf
mirror of https://github.com/allerta-vvf/allerta-vvf
1
0
Fork 0
Code Issues Releases Wiki Activity

Initial support for user management

This commit is contained in:
Matteo Gheza 2020-06-17 22:08:59 +02:00
parent 0167266fa9
commit 8086ff564f
5 changed files with 440 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/core.php
View File

@ -286,7 +286,7 @@ class user{
public function __construct($database, $tools){
$this->database = $database;
$this->tools = $tools;
$this->auth = new \Delight\Auth\Auth($database->connection, $tools->get_ip(), DB_PREFIX."_");
$this->auth = new \Delight\Auth\Auth($database->connection, $tools->get_ip(), DB_PREFIX."_", false);
define("LOGIN", "OK");
}
@ -424,6 +424,12 @@ class user{
die('Not logged in');
}
}
public function add_utente($mail, $nome, $username, $password, $birthday, $capo, $autista, $hidden, $disabled, $inseritoda){
$this->auth->registerWithUniqueUsername($mail, $password, $username);
$sql = "INSERT INTO `%PREFIX%_profiles` (`hidden`, `disabled`, `name`, `caposquadra`, `autista`) VALUES (:hidden, :disabled, :nome, :caposquadra, :autista)";
$this->database->exec($sql, false, [":hidden" => $hidden, ":disabled" => $disabled, ":nome" => $nome, ":caposquadra" => $capo, ":autista" => $autista]);
}
}
function init_class(){

70
server/modifica_utente.php Normal file
View File

@ -0,0 +1,70 @@
<?php
require_once 'ui.php';
if($tools->validate_form_data('$post-mod', true, "add")) {
if($tools->validate_form_data(['$post-mail', '$post-nome', '$post-username', '$post-password', '$post-birthday', '$post-token'])) {
if($_POST["token"] == $_SESSION['token']){
bdump("aggiungo utente");
bdump($_POST);
$capo = isset($_POST["capo"]) ? 1 : 0;
$autista = isset($_POST["autista"]) ? 1 : 0;
$hidden = isset($_POST["visible"]) ? 0 : 1;
$disabled = isset($_POST["enabled"]) ? 0 : 1;
$user->add_utente($_POST["mail"], $_POST["nome"], $_POST["username"], $_POST["password"], $_POST["birthday"], $capo, $autista, $hidden, $disabled, $user->name());
$tools->redirect("interventi.php");
} else {
$tools->redirect("nonfareilfurbo.php");
}
}
/*} elseif($tools->validate_form_data('$post-mod', true, "modifica")) {
if($tools->validate_form_data(['$post-id', '$post-data', '$post-codice', '$post-uscita', '$post-rientro', '$post-capo', '$post-luogo', '$post-note', '$post-tipo', '$post-token'])) {
if($_POST["token"] == $_SESSION['token']){
bdump($_POST);
bdump("modifico intervento");
$database->change_intervento($_POST["id"], $_POST["data"], $_POST["codice"], $_POST["uscita"], $_POST["rientro"], $_POST["capo"], $tools->extract_unique($_POST["autisti"]), $tools->extract_unique($_POST["personale"]), $_POST["luogo"], $_POST["note"], $_POST["tipo"], $tools->extract_unique([$_POST["capo"],$_POST["autisti"],$_POST["personale"]]), $user->name());
$tools->redirect("interventi.php");
} else {
$tools->redirect("nonfareilfurbo.php");
}
}
} elseif($tools->validate_form_data('$post-mod', true, "elimina")) {
bdump("rimuovo intervento");
if($tools->validate_form_data(['$post-id', '$post-incrementa', '$post-token'])) {
if($_POST["token"] == $_SESSION['token']){
bdump("rimuovo intervento");
$database->remove_intervento($_POST["id"], $_POST["incrementa"]);
$tools->redirect("interventi.php");
} else {
$tools->redirect("nonfareilfurbo.php");
}
}
*/} else {
if(!isset($_GET["_tracy_bar"])){
$length = 32;
unset($_SESSION['token']);
bdump("codice");
$_SESSION['token'] = substr(base_convert(sha1(uniqid(mt_rand())), 16, 36), 0, $length) . "-bfwp64GGbdm";
// 1 hour = 60 seconds * 60 minutes = 3600
$_SESSION['token-expire'] = time() + 3600;
}
$modalità = (isset($_GET["add"])) ? "add" : ((isset($_GET["modifica"])) ? "modifica" : ((isset($_GET["elimina"])) ? "elimina" : "add"));
bdump($modalità, "modalità");
$id = "";
if(isset($_GET["id"])){
$id = $_GET["id"];
bdump($database->exists("profiles", $id));
$values = $database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE `id` = :id", true, [":id" => $id])[0]; // Pesco le tipologie della table
bdump($values);
} else {
$values = [];
}
if($modalità=="modifica" || $modalità=="elimina"){
if(empty($id)){
$tools->redirect("nonfareilfurbo.php");
} elseif (!$database->exists("profiles", $id)){
$tools->redirect("nonfareilfurbo.php");
}
}
loadtemplate('modifica_utente.html', ['id' => $id, 'token' => $_SESSION['token'], 'modalità' => $modalità, 'values' => $values, 'titolo' => ucfirst($modalità) . ' utente']);
bdump($_SESSION['token'], "token");
}
?>

267
server/templates/modifica_utente.html Normal file
View File

@ -0,0 +1,267 @@
<!DOCTYPE html>
<html>
<head>
<link href="favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/pikaday/1.6.1/css/pikaday.min.css" integrity="sha256-QeBQ7yamXxr4+oYQSRzluL3bLLul8ZpZO4Q/AmI+rvM=" crossorigin="anonymous" />
<script src="https://cdnjs.cloudflare.com/ajax/libs/pikaday/1.6.1/pikaday.min.js" integrity="sha256-nzvGziG948yQHPWFJCynD1AmNPBwYWY2nVZYaDCpq4E=" crossorigin="anonymous"></script>
<script src="https://code.jquery.com/jquery-3.5.0.min.js" integrity="sha256-xNzN2a4ltkB44Mc/Jz3pT4iU1cmeR0FkXs4pru/JxaQ=" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/pikaday@1.7.0/plugins/pikaday.jquery.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment.min.js" integrity="sha256-CutOzxCRucUsn6C6TcEYsauvvYilEniTXldPa6/wu0k=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/locale/it.js" integrity="sha256-D8y560ZGsKY1LoAajKkQCG7y0Vkye361MH4yFv2K5kk=" crossorigin="anonymous"></script>
<link href="https://gitcdn.github.io/bootstrap-toggle/2.2.2/css/bootstrap-toggle.min.css" rel="stylesheet">
<script src="https://gitcdn.github.io/bootstrap-toggle/2.2.2/js/bootstrap-toggle.min.js"></script>
<style>
/* https://stackoverflow.com/a/44280071 */
.checkbox label:after {
content: '';
display: table;
clear: both;
}
.checkbox .cr {
position: relative;
border: 1px solid #a9a9a9;
border-radius: .25em;
width: 1.3em;
height: 1.3em;
float: left;
margin-right: .5em;
}
.checkbox .cr .cr-icon {
position: absolute;
font-size: .8em;
line-height: 0;
top: 50%;
left: 15%;
}
.checkbox label input[type="checkbox"] {
display: none;
}
.checkbox label input[type="checkbox"]+.cr>.cr-icon {
opacity: 0;
}
.checkbox label input[type="checkbox"]:checked+.cr>.cr-icon {
opacity: 1;
}
.checkbox label input[type="checkbox"]:disabled+.cr {
opacity: .5;
}
</style>
<style>
.switch {
position: relative;
display: inline-block;
width: 60px;
height: 34px;
}
.switch input {display:none;}
.slider {
position: absolute;
cursor: pointer;
top: 0;
left: 0;
right: 0;
bottom: 0;
background-color: #ccc;
-webkit-transition: .4s;
transition: .4s;
}
.slider:before {
position: absolute;
content: "";
height: 26px;
width: 26px;
left: 4px;
bottom: 4px;
background-color: white;
-webkit-transition: .4s;
transition: .4s;
}
input:checked + .slider {
background-color: #2196F3;
}
input:focus + .slider {
box-shadow: 0 0 1px #2196F3;
}
input:checked + .slider:before {
-webkit-transform: translateX(26px);
-ms-transform: translateX(26px);
transform: translateX(26px);
}
/* Rounded sliders */
.slider.round {
border-radius: 34px;
}
.slider.round:before {
border-radius: 50%;
}
</style>
<script>
$(document).ready(function(){
function zeroes(number, length) {
var my_string = '' + number;
while (my_string.length < length) {
my_string = '0' + my_string;
}
return my_string;
}
// activate datepickers for all elements with a class of `datepicker`
$('.datepicker').pikaday({
i18n: {
months: ['Gennaio', 'Febbraio', 'Marzo', 'Aprile', 'Maggio', 'Giugno', 'Luglio', 'Agosto', 'Settembre', 'Ottobre', 'Novembre', 'Dicembre'],
weekdays: ['Domenica', 'Lunedì', 'Martedì', 'Mercoledì', 'Giovedì', 'Venerdì', 'Sabato'],
weekdaysShort: ['Dom', 'Lun', 'Mar', 'Mer', 'Gio', 'Ven', 'Sab'],
today: 'oggi',
clear: 'cancella',
},
firstDay: 1 ,
toString(date, format) {
// you should do formatting based on the passed format,
// but we will just return 'D/M/YYYY' for simplicity
var day = zeroes(date.getDate(), 2);
var month = zeroes(date.getMonth() + 1, 2);
var year = date.getFullYear();
var dat = year + '-' + month + '-' + day;
return dat;
}});
// chain a few methods for the first datepicker, jQuery style!
//$('.datepicker').eq(0).pikaday('show');
});
</script>
</head>
<style>
form {
border: 3px solid #f1f1f1;
}
input[type=text], input[type=password], input[type=email] {
width: 100%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
box-sizing: border-box;
}
button {
background-color: #4CAF50;
color: white;
padding: 14px 20px;
margin: 8px 0;
border: none;
cursor: pointer;
width: 100%;
}
button:hover {
opacity: 0.8;
}
.container {
padding: 16px;
}
span.psw {
float: right;
padding-top: 16px;
}
/* Change styles for span and cancel button on extra small screens */
@media screen and (max-width: 300px) {
span.psw {
display: block;
float: none;
}
.cancelbtn {
width: 100%;
}
}
textarea {
width: 100%;
height: 150px;
padding: 12px 20px;
box-sizing: border-box;
border: 2px solid #ccc;
border-radius: 4px;
background-color: #f8f8f8;
resize: none;
}
</style>
<body>
{% if modalità == "add" %}
<form method="post">
<div class="container">
<label><b>E-mail</b></label>
<input id="mail" type="text" name="mail" placeholder="utente@providermail.estensione" required>
<br>
<br>
<label><b>Nome</b></label>
<input id="nome" type="text" name="nome" placeholder="Nome Cognome" required>
<br>
<br>
<label><b>Username</b></label>
<input id="username" type="text" name="username" placeholder="nome.cognome" required>
<br>
<br>
<label><b>Password</b></label>
<input id="password" type="text" name="password" required>
<br>
<br>
<label><b>Data di nascita</b></label>
<input autocomplete="off" class="datepicker" name="birthday" placeholder="DD/MM/YYY" type="text">
<br>
<br>
<label><b>Caposquadra</b></label><br>
<input type="checkbox" name="capo" data-toggle="toggle">
<br>
<br>
<label><b>Autista</b></label><br>
<input type="checkbox" name="autista" data-toggle="toggle">
<br>
<br>
<label><b>Visible</b></label><br>
<input type="checkbox" name="visible" checked data-toggle="toggle">
<br>
<br>
<label><b>Enabled</b></label><br>
<input type="checkbox" name="enabled" checked data-toggle="toggle">
<br>
<br>
<input id="modalità" type="hidden" value="add" name="mod"></input>
<input id="token" type="hidden" value="{{ token }}" name="token"></input>
<button type="submit">invia</button>
</div>
</form>
<script>
$('form').submit(function () {
if(!$('#token').val().endsWith("dJN299u49")){
$('#token').val($('#token').val() + "");
}
return true;
});
</script>
{% endif %}
{% if modalità == "modifica" %}
{% endif %}
{% if modalità == "elimina" %}
{% endif %}
</body>
</html>

92
server/templates/user_management.html Normal file
View File

@ -0,0 +1,92 @@
{% extends "base.html" %}
{% block content %}
<br>
<style>
#add {
outline: none;
cursor: pointer;
text-align: center;
text-decoration: none;
font: bold 12px Arial, Helvetica, sans-serif;
color: #fff;
padding: 10px 20px;
border: solid 1px #0076a3;
background: #0095cd;
}
#href {
outline: none;
cursor: pointer;
text-align: center;
text-decoration: none;
font: bold 12px Arial, Helvetica, sans-serif;
color: #fff;
padding: 10px 20px;
border: solid 1px #0076a3;
background: #0095cd;
}
</style>
<p style="text-align: center;">
<a id='add' href="modifica_utente.php?add">add utente</a>
</p>
<script defer>
function Attivo(id){
$.ajax({
url: "risorse/ajax/ajax_aggiornadispo.php",
method: "POST",
data: {
change_id: id,
dispo: 1
},
success: function(data) {
alert("Grazie, {{ user.name }}, hai dato la tua disponibilità in caso in allerta.");
location.reload();
}
});
}
function NonAttivo(id){
$.ajax({
url: "risorse/ajax/ajax_aggiornadispo.php",
method: "POST",
data: {
change_id: id,
dispo: 0
},
success: function(data) {
alert("Grazie {{ user.name }}, hai dato la tua disponibilità in caso in allerta.");
location.reload();
}
});
}
</script>
<br>
<br>
<img alt="VVF" src="./risorse/images/owner.png" width="150" style="display: block; margin-left: auto; margin-right: auto;">
<br>
<br>
<div id="lista"></div>
{% if user.full_viewer == false %}
<script>
$( "#lista" ).load("risorse/ajax/ajax_lista.php");
$(document).ready(function() {
setInterval(function() {
$( "#lista" ).load("risorse/ajax/ajax_lista.php");
}, 10000);
});
</script>
{% elseif user.full_viewer == true %}
<script>
$( "#lista" ).load("risorse/ajax/ajax_lista_admin.php");
$(document).ready(function() {
setInterval(function() {
$( "#lista" ).load("risorse/ajax/ajax_lista_admin.php");
}, 10000);
});
</script>
{% endif %}
<script defer type="text/javascript" src="risorse/js/cache.js"></script>
<br>
<br>
{% endblock %}

4
server/user_management.php Normal file
View File

@ -0,0 +1,4 @@
<?php
require_once 'ui.php';
loadtemplate('user_management.html', ['titolo' => 'Gestione Utenti']);
bdump($_SESSION);