X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;f=testing%2FMCTXWeb%2Fpublic_html%2Fusers%2Fadmin_upload_users.php;h=60b4c27236896efa8b1d658ee4e43614dc418641;hb=edaf54e732999e600f0c25121fb639725d69d26b;hp=53c71ce9ee8d8ac12f5fcc585d15eb7f6c44928e;hpb=3dfde391486e81a357e08a24ccb7903c8adfa5aa;p=matches%2FMCTX3420.git diff --git a/testing/MCTXWeb/public_html/users/admin_upload_users.php b/testing/MCTXWeb/public_html/users/admin_upload_users.php index 53c71ce..60b4c27 100644 --- a/testing/MCTXWeb/public_html/users/admin_upload_users.php +++ b/testing/MCTXWeb/public_html/users/admin_upload_users.php @@ -7,9 +7,7 @@ require_once("models/config.php"); if (!securePage($_SERVER['PHP_SELF'])){die();} -require_once("models/header.php"); - -$text_area="# Rows starting with '#' are ignored. Rows are of the form:\n# username, Full Name, email"; +$text_area="# Rows starting with '#' are ignored. Rows are of the form:\n# Username, Full Name, Email[, Title]"; $show_form = true; @@ -30,70 +28,116 @@ if (!empty($_POST)) } else if ($_POST['action'] === "Upload") // Upload users in the text area { - + + if ($_POST['upload_mode'] === "purge") + { + $to_delete = fetchAllUsersWithoutPerm("Administrator"); + if (count($to_delete) > 0) + { + if ($deletion_count = deleteUsers($to_delete)) { + $successes[] = lang("ACCOUNT_DELETIONS_SUCCESSFUL", array($deletion_count)); + } + else { + $errors[] = lang("SQL_ERROR"); + } + } + } + $text_area = $_POST['userUpload']; - // Iterate through each row $all_rows=preg_split("/((\r?\n)|(\r\n?))/", $_POST['userUpload']); - - - foreach ($all_rows as $row) { if (empty($row) or $row[0] === '#') continue; - $errors = array(); - - $fields = preg_split("/,/", $row); - - $user_name = trim($fields[0]); - $display_name = trim($fields[1]); - $email = trim($fields[2]); + $fields = preg_split("/,/", $row); + if(count($fields) < 3) + { + $errors[] = "Warning: Ignoring row not in correct format: ".htmlspecialchars($row); + continue; + } + + $username = trim($fields[0]); + $displayname = trim($fields[1]); + $email = trim($fields[2]); + $title = trim($fields[3]); + + if(!isValidEmail($email)) + { + $errors[] = "Enter a valid email for row: ".htmlspecialchars($row); + continue; + } + // generate the temporary password $password = generatePassword(); - - if(count($errors) == 0) - { - //Construct a user object - $user = new User($username,$displayname,$password,$email); - - //Checking this flag tells us whether there were any errors such as possible data duplication occured - if(!$user->status) - { - if($user->username_taken) $errors[] = lang("ACCOUNT_USERNAME_IN_USE",array($username)); - if($user->displayname_taken) $errors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE",array($displayname)); - if($user->email_taken) $errors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email)); - } - else - { - //Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required) - if(!$user->userCakeAddUser()) - { - if($user->mail_failure) $errors[] = lang("MAIL_ERROR"); - if($user->sql_failure) $errors[] = lang("SQL_ERROR"); - } - } + //Construct a user object + $user = new User($username,$displayname,$password,$email); + + //Checking this flag tells us whether there were any errors such as possible data duplication occured + if(!$user->status) + { + if($user->username_taken) $localerrors[] = lang("ACCOUNT_USERNAME_IN_USE",array($username)); + if($user->displayname_taken) $localerrors[] = lang("ACCOUNT_DISPLAYNAME_IN_USE",array($displayname)); + if($user->email_taken) $localerrors[] = lang("ACCOUNT_EMAIL_IN_USE",array($email)); } - if(count($errors) == 0) + else { - $successes[] = $user->success; + //Attempt to add the user to the database, carry out finishing tasks like emailing the user (if required) + $user->userCakeAddUser(); //This doesn't return anything itself + + if($user->mail_failure) $localerrors[] = lang("MAIL_ERROR"); + if($user->sql_failure) $localerrors[] = lang("SQL_ERROR"); + + if(strlen($title) >= 50) + { + $localerrors[] = "Warning: User".$username." added but failed to set title: ".lang("ACCOUNT_TITLE_CHAR_LIMIT",array(1,50)); + } + else if (count($localerrors) == 0 && strlen($title) > 0) + { + $user_id = fetchUserId($username); //So stupid, when you create a user, it doesn't return the user id + if (!updateTitle($user_id, $title)) + { + $localerrors[] = "Warning: User ".$username." added but failed to set title: ". lang("SQL_ERROR"); + } + } } - echo resultBlock($errors,$successes); - } + if(count($localerrors) == 0) + { + $users[] = [$username, $password]; //Push user onto array + //$successes[] = ($user->success); + } + else + { + $errors = array_merge($errors, $localerrors); + } - - - - + } + + if(count($users) > 0) + { + $successes[] = (count($users)." users created."); + $successes[] = ("The list of usernames and passwords follow. You must save this!"); + foreach($users as $user) + { + $successes[] = $user[0].",".$user[1]; + } + } } -} +} + +require_once("models/header.php"); +startPage(); + +echo notificationBlock($errors,$successes); + +echo '
Upload users
'; if ($show_form) { @@ -117,10 +161,13 @@ if ($show_form)

Enter or copy/paste user information below (resize the text area if necessary):

-

+

"; -} +} + +echo '
'; +finishPage(); ?>