Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

check for team and user login 

svn path=/trunk/boinc/; revision=747
This commit is contained in:
David Anderson 2002-12-16 21:41:41 +00:00
parent c1d49830f9
commit 90f040383b
18 changed files with 99 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
html/user/edit_action.php
View File

@ -8,11 +8,8 @@
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
require_login($user);
if (!$user) {
print_login_form();
exit();
}
page_head("Updating User Account");
$my_email = $HTTP_POST_VARS["my_email"];
$my_name = $HTTP_POST_VARS["my_name"];

5
html/user/edit_user_info.php
View File

@ -6,15 +6,12 @@
db_init();
$authenticator = init_session();
$user = get_user_from_auth($authenticator);
require_login($user);
if ($user) {
$head = sprintf("Edit %s's User Information", $user->name);
page_head($head);
print_edit_user_info($user);
page_tail();
} else {
print_login_form();
}
?>

1
html/user/home.php
View File

@ -6,6 +6,7 @@
// show the home page of whoever's logged in
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
if ($user) {

2
html/user/index.php
View File

@ -71,7 +71,7 @@ To join this list, go to
<!--
<?php
include 'FILE_NAME';
include 'schedulers.txt';
?>
-->

6
html/user/prefs.php
View File

@ -7,12 +7,10 @@
db_init();
$user = get_user_from_auth($authenticator);
if ($user) {
require_login($user);
page_head("Preferences");
print_prefs_display($user);
page_tail();
} else {
print_login_form();
}
?>

6
html/user/show_hosts.php
View File

@ -7,11 +7,9 @@
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
if ($user) {
require_login($user);
page_head("Hosts stats");
show_hosts($user);
page_tail();
} else {
print_login_form();
}
?>

23
html/user/team.inc
View File

@ -93,4 +93,27 @@ function display_team_page($team) {
page_tail();
}
// requires that the team exist
function require_team($team) {
if (!$team) {
page_head("Error");
echo "Team does not exist.";
page_tail();
exit();
}
}
// requires that the user is logged in as the founder of
// the team trying to be edited
function require_founder_login($user, $team) {
require_login($user);
require_team($team);
if ($user->id != $team->userid) {
page_head("Permission denied");
echo "Only a team's founder may edit a team.";
page_tail();
exit();
}
}
?>

16
html/user/team_disband_action.php
View File

@ -13,15 +13,12 @@
$HTTP_POST_VARS["id"]
);
$result = mysql_query($query);
$team = mysql_fetch_object($result);
mysql_free_result($result);
if (!$team) {
page_head("Error");
echo "The team you tried to disband does not exist.";
} else if ($user->id != $team->userid) {
page_head("Permission denied");
echo "Only a team's founder may disband a team.";
} else {
if ($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
require_founder_login($user, $team);
$query_team_table = sprintf(
"delete from team where id = %d",
$team->id
@ -38,7 +35,6 @@
page_head("Error");
echo "Couldn't disband team - please try later.\n";
}
}
page_tail();

2
html/user/team_disband_form.php
View File

@ -5,6 +5,7 @@ require_once("team.inc");
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
$id = $HTTP_GET_VARS["id"];
$query = sprintf(
@ -16,6 +17,7 @@ $id = $HTTP_GET_VARS["id"];
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
require_founder_login($user, $team);
$team_name = $team->name;
$team_id = $team->id;
page_head("Disband $team_name");

37
html/user/team_edit_action.php
View File

@ -7,18 +7,26 @@
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
$id = $HTTP_POST_VARS["id"];
$query = sprintf(
"select * from team where id = %d",
$HTTP_POST_VARS["id"]
);
$query = "select * from team where id = $id";
$result = mysql_query($query);
$team = mysql_fetch_object($result);
mysql_free_result($result);
if ($user->id != $team->userid) {
page_head("Permission denied");
echo "Only a team's founder may edit a team.";
} else {
if ($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
require_founder_login($user, $team);
$team_url = ereg_replace("\"", "'", $HTTP_POST_VARS["url"]);
$pos = strpos($team_url, "http://");
if (!($pos === false)) { // note: three equal signs
$team_url = substr($team_url, 7);
}
$team_name = ereg_replace("\"", "'", $HTTP_POST_VARS["name"]);
$team_name_html = ereg_replace("\"", "'", $HTTP_POST_VARS["name_html"]);
$team_description = ereg_replace("\"", "'", $HTTP_POST_VARS["description"]);
$query_team_table = sprintf(
"update team set name = '%s',
name_html = '%s',
@ -26,10 +34,10 @@
description = '%s',
type = %d
where id = %d",
$HTTP_POST_VARS["name"],
$HTTP_POST_VARS["name_html"],
$HTTP_POST_VARS["url"],
$HTTP_POST_VARS["description"],
$team_name,
$team_name_html,
$new_url,
$team_description,
$HTTP_POST_VARS["type"],
$team->id
);
@ -43,7 +51,6 @@
page_head("Error");
echo "Couldn't edit team - please try later.\n";
}
}
page_tail();

16
html/user/team_edit_form.php
View File

@ -5,19 +5,21 @@ require_once("team.inc");
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
$id = $HTTP_GET_VARS["id"];
$query = "select * from team where id = $id";
$result = mysql_query($query);
if ($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
$team_name = $team->name;
require_founder_login($user, $team);
$team_name = ereg_replace("\"", "'", $team->name);
$team_id = $team->id;
$team_name_html = $team->name_html;
$team_url = $team->url;
$team_description = $team->description;
$team_name_html = ereg_replace("\"", "'", $team->name_html);
$team_url = ereg_replace("\"", "'", $team->url);
$team_description = ereg_replace("\"", "'", $team->description);
$team_type = $team->type;
page_head("Edit $team_name");
echo "<table width=780>
@ -27,12 +29,12 @@ db_init();
</td></tr></table>
<table><tr>
<td>Team name (plain-text version):<br><br>&nbsp;</td>
<td><input name=name size=50 value=$team_name>
<td><input name=name size=50 value=\"$team_name\">
<br><font size=2>This name will be print as-is
<br>and is the name you should use when searching for your team.
</td></tr></tr>
<td>Team name (HTML version):<br><br>&nbsp;</td>
<td><input name=name_html size=50 value='$team_name_html'>
<td><input name=name_html size=50 value=\"$team_name_html\">
<br><font size=2>This name will be printed as HTML source, so you may include any HTML
<br>code that you want. This will only be displayed in your team's page.
<br>If you don't know HTML, just leave this box blank.

14
html/user/team_email_list.php
View File

@ -16,15 +16,11 @@ $query = sprintf(
$result = mysql_query($query);
if ($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
if (!$team) {
page_head("Unable to display team members' email addresses");
echo ("We are unable to display the email addresses of the members of that team");
page_tail();
} else if ($user->id != $team->userid) {
page_head("Permission denied");
echo "Only a team's founder may view a team's email list.\n<br>\n";
} else {
require_founder_login($user, $team);
page_head("$team->name Email List");
echo "<p>";
echo "<table border=0 width=580>";
@ -45,7 +41,7 @@ if (!$team) {
}
}
echo "</table>";
}
page_tail();
?>

3
html/user/team_join_action.php
View File

@ -7,6 +7,7 @@
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
require_login($user);
$query = sprintf(
"select * from team where id = %d",
@ -55,7 +56,7 @@
echo "<h2>Added to team</h2>";
echo "You have been added to <a href=team_display.php?id=$team->id>$team_name</a>.<br>";
echo "If you were previously a part of a team you are no longer a member of it. ";
echo "You may only be part of one team at a time.";
echo "You may only be part of one team at a time.<p>";
} else {
page_head("Error");
echo "Couldn't join team - please try later.\n";

3
html/user/team_quit_action.php
View File

@ -7,7 +7,8 @@
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
require_login($user);
$query = sprintf(
"select * from team where id = %d",
$HTTP_POST_VARS["id"]

13
html/user/team_remove_inactive_action.php
View File

@ -13,12 +13,12 @@
$HTTP_POST_VARS["id"]
);
$result = mysql_query($query);
$team = mysql_fetch_object($result);
mysql_free_result($result);
if ($user->id != $team->userid) {
page_head("Permission denied");
echo "Only a team's founder may remove members from a team.";
} else {
if($result) {
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
require_founder_login($user, $team);
$nmembers = 0;
$unable_to_remove = FALSE;
$user_table_error = FALSE;
@ -73,7 +73,6 @@
page_head("Error");
echo "Couldn't remove users - please try later.\n";
}
}
page_tail();

2
html/user/team_remove_inactive_form.php
View File

@ -4,6 +4,7 @@ require_once("util.inc");
require_once("team.inc");
$authenticator = init_session();
db_init();
$user = get_user_from_auth($authenticator);
$id = $HTTP_GET_VARS["id"];
$query = sprintf(
@ -15,6 +16,7 @@ $id = $HTTP_GET_VARS["id"];
$team = mysql_fetch_object($result);
mysql_free_result($result);
}
require_founder_login($user, $team);
$team_name = $team->name;
$team_id = $team->id;
$nusers = $team->nusers;

4
html/user/top_teams.php
View File

@ -37,8 +37,8 @@ function show_team_row($team) {
$result2 = mysql_query($query);
$nmembers = mysql_result($result2, 0);
$total_credit = $total_credit_sum/$nmembers;
$expavg_credit = $expavg_credit_sum/$nmembers;
$total_credit = $total_credit_sum;
$expavg_credit = $expavg_credit_sum;
$query = "update team set nusers=$nmembers, total_credit=$total_credit, expavg_credit=$expavg_credit where id=$team->id";
$result2 = mysql_query($query);
}

12
html/user/util.inc
View File

@ -35,11 +35,19 @@ function send_auth_email($email_addr, $auth) {
function init_session() {
session_start();
if (!isset($_SESSION["authenticator"])) {
$_SESSION["authenticator"] = "";
$_SESSION["authenticator"] = $authenticator;
}
return $_SESSION["authenticator"];
}
// requires that the user be logged in
function require_login($user) {
if (!$user) {
print_login_form();
exit();
}
}
function get_user_from_auth($auth) {
if ($auth) return lookup_user_auth($auth);
return NULL;
@ -74,7 +82,7 @@ function page_head($title) {
function page_tail() {
echo "<a href=index.php>Return to main ".PROJECT." page</a><br>\n";
echo "<br><br><a href=index.php>Return to main ".PROJECT." page</a><br>\n";
// put your copyright notice etc. here