mirror
/
adsb-receiver
kopia lustrzana https://github.com/jprochazka/adsb-receiver
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Account management page completed.

pull/113/head
Joe Prochazka 2016-03-02 20:55:39 -05:00
rodzic d967d3146c
commit aa5f30da1f
4 zmienionych plików z 274 dodań i 219 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

344
build/portal/html/admin/account.php
Wyświetl plik

@ -1,166 +1,178 @@
<?php
/////////////////////////////////////////////////////////////////////////////////////
// ADS-B RECEIVER PORTAL //
// =============================================================================== //
// Copyright and Licensing Information: //
// //
// The MIT License (MIT) //
// //
// Copyright (c) 2015-2016 Joseph A. Prochazka //
// //
// Permission is hereby granted, free of charge, to any person obtaining a copy //
// of this software and associated documentation files (the "Software"), to deal //
// in the Software without restriction, including without limitation the rights //
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell //
// copies of the Software, and to permit persons to whom the Software is //
// furnished to do so, subject to the following conditions: //
// //
// The above copyright notice and this permission notice shall be included in all //
// copies or substantial portions of the Software. //
// //
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR //
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, //
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE //
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER //
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, //
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE //
// SOFTWARE. //
/////////////////////////////////////////////////////////////////////////////////////
session_start();
$passwordIncorrect = FALSE;
$didNotMatch = FALSE;
// Load the require PHP classes.
require_once('../classes/common.class.php');
require_once('../classes/account.class.php');
require_once('../classes/settings.class.php');
$common = new common();
$account = new account();
$settings = new settings();
// Check if the user is logged in.
if (!$account->isAuthenticated()) {
// The user is not logged in so forward them to the login page.
header ("Location: login.php?origin=".urlencode('account.php'));
}
if ($common->postBack()) {
// Check that a name was supplied.
if (empty($_POST['name']))
$noName = TRUE;
// Check that a vailid email address was supplied.
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$invalidEmail = TRUE;
// Check the length of the password.
if (strlen($_POST['password1']) <= $settings::sec_length)
$tooShort = TRUE;
// Check that all password reset data was supplied.
if (!empty($_POST['password']) || !empty($_POST['password1']) || !empty($_POST['password2'])) {
// Process a password change request if the existing and new password were supplied.
if (!empty($_POST['password1']) && !empty($_POST['password1']) && !empty($_POST['password2'])) {
// Check that the user supplied a password matching the one currently stored in administrators.xml.
$authenticated = $account->authenticate($_SESSION['login'], $_POST['password'], FALSE, FALSE);
if (!$authenticated)
$passwordIncorrect = TRUE;
if ($_POST['password1'] != $_POST['password2'])
$notMatching = TRUE;
if ($authenticated && $_POST['password1'] == $_POST['password2']) {
// Change the password stored in administrators.xml related to this users login.
$account->changePassword($_SESSION['login'], $_POST['password1']);
// Since the password has changed we will log the user out to clear older session variables.
$account->logout();
}
}
} else {
// Only partial data was supplied to change the current password.
if (!empty($_POST['password']))
$noCurrent = TRUE;
if (!empty($_POST['password1']) || !empty($_POST['password2']))
$passwordMissing = TRUE;
}
// If validation passed make the requested changes to the administrator account data.
if (!$noName && !$invalidEmail && !$tooShort && !$passwordIncorrect && !$noCurrent && !$notMatching && !$passwordMissing) {
$account->changeName($_SESSION['login'], $_POST['name']);
$account->changeEmail($_SESSION['login'], $_POST['email']);
if (!empty($_POST['password1']) && !empty($_POST['password1']) && !empty($_POST['password2']))
$account->changePassword($_SESSION['login'], $_POST['password1']);
}
}
require_once('includes/header.inc.php');
/////////////////////
// BEGIN HTML BODY //
?>
<h1>Account Management</h1>
<hr />
<?php
if ($passwordIncorrect || $didNotMatch) {
?>
<div id="failure-alert" class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
<?php ($noName ? print "You must supply a name to associate with this account.<br />" : ''); ?>
<?php ($invalidEmail ? print "You must supply a valid email address to associate with this account.<br />" : ''); ?>
<?php ($passwordIncorrect || $noCurrent ? print "You did not supply the correct current password for this account.<br />" : ''); ?>
<?php ($tooShort ? print "Your password must be at least ".$settings::sec_length." characters long.<br />" : ''); ?>
<?php ($notMatching || $passwordMissing ? print "The password and password confirmation did not match or are missing.<br />" : ''); ?>
</div>
<?php
}
?>
<form id="change-password" method="post" action="account.php">
<div class="panel panel-default">
<div class="panel-heading">Account Settings</div>
<div class="panel-body">
<div class="form-group">
<input type="text" class="form-control" name="login" id="login" placeholder="Login" value="<?php echo $_SESSION['login']; ?>" disabled>
</div>
<div class="form-group">
<input type="text" class="form-control" name="name" id="name" placeholder="Name" value="<?php echo $account->getName($_SESSION['login']); ?>" required>
</div>
<div class="form-group">
<input type="email" class="form-control" name="email" id="email" placeholder="Email Address" value="<?php echo $account->getEmail($_SESSION['login']); ?>" required>
</div>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">Change Password</div>
<div class="panel-body">
<div class="form-group">
<input type="password" class="form-control" name="password" id="password" placeholder="Current Password" required>
</div>
<div class="form-group">
<input type="password" class="form-control" name="password1" id="password1" placeholder="New Password" required>
</div>
<div class="form-group">
<input type="password" class="form-control" name="password2" id="password2" placeholder="Confirm Password" required>
</div>
</div>
</div>
<input type="submit" class="btn btn-default" value="Submit">
</form>
<?php
// END HTML BODY //
///////////////////
require_once('includes/footer.inc.php');
?>
<?php
/////////////////////////////////////////////////////////////////////////////////////
// ADS-B RECEIVER PORTAL //
// =============================================================================== //
// Copyright and Licensing Information: //
// //
// The MIT License (MIT) //
// //
// Copyright (c) 2015-2016 Joseph A. Prochazka //
// //
// Permission is hereby granted, free of charge, to any person obtaining a copy //
// of this software and associated documentation files (the "Software"), to deal //
// in the Software without restriction, including without limitation the rights //
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell //
// copies of the Software, and to permit persons to whom the Software is //
// furnished to do so, subject to the following conditions: //
// //
// The above copyright notice and this permission notice shall be included in all //
// copies or substantial portions of the Software. //
// //
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR //
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, //
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE //
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER //
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, //
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE //
// SOFTWARE. //
/////////////////////////////////////////////////////////////////////////////////////
session_start();
$passwordIncorrect = FALSE;
$didNotMatch = FALSE;
// Load the require PHP classes.
require_once('../classes/common.class.php');
require_once('../classes/account.class.php');
require_once('../classes/settings.class.php');
$common = new common();
$account = new account();
$settings = new settings();
// Check if the user is logged in.
if (!$account->isAuthenticated()) {
// The user is not logged in so forward them to the login page.
header ("Location: login.php?origin=".urlencode('account.php'));
}
// Set updated variable to FALSE.
$updated = FALSE;
if ($common->postBack()) {
// Check that a name was supplied.
$nameSupplied = FALSE;
if (!empty($_POST['name']))
$nameSupplied = TRUE;
// Check that a vailid email address was supplied.
$validEmail = FALSE;
if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
$validEmail = TRUE;
// If the current password was supplied process a password change.
$passwordChanged = FALSE;
if (!empty($_POST['password'])) {
// Check the length of the password.
$tooShort = TRUE;
if (isset($_POST['password1']) && strlen($_POST['password1']) >= $settings::sec_length)
$tooShort = FALSE;
// Check that the supplied new passwords match.
$notMatching = TRUE;
if ($_POST['password1'] == $_POST['password2'])
$notMatching = FALSE;
// Check that the supplied current password matches that which is stored.
$authenticated = $account->authenticate($_SESSION['login'], $_POST['password'], FALSE, FALSE);
// If everything associated with passwords is validated change the password.
if (!$tooShort && !$notMatching && $authenticated) {
// Change the password stored in administrators.xml related to this users login.
$account->changePassword($_SESSION['login'], $_POST['password1']);
$passwordChanged = TRUE;
}
}
// If validation passed make the requested changes to the administrator account data.
if ($nameSupplied && $validEmail) {
$account->changeName($_SESSION['login'], $_POST['name']);
$account->changeEmail($_SESSION['login'], $_POST['email']);
$updated = TRUE;
}
// Since the password has changed we will log the user out to clear older session variables.
if ($passwordChanged) {
$account->logout();
}
}
require_once('includes/header.inc.php');
/////////////////////
// BEGIN HTML BODY //
// Display the updated message if settings were updated.
if ($updated) {
?>
<div id="settings-saved" class="alert alert-success fade in" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
Changes to your account have been saved.
</div>
<?php
}
?>
<h1>Account Management</h1>
<hr />
<?php
if ($passwordIncorrect || $didNotMatch) {
?>
<div id="failure-alert" class="alert alert-danger" role="alert">
<button type="button" class="close" data-dismiss="alert" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
<?php ($noName ? print "You must supply a name to associate with this account.<br />" : ''); ?>
<?php ($invalidEmail ? print "You must supply a valid email address to associate with this account.<br />" : ''); ?>
<?php ($passwordIncorrect || $noCurrent ? print "You did not supply the correct current password for this account.<br />" : ''); ?>
<?php ($tooShort ? print "Your password must be at least ".$settings::sec_length." characters long.<br />" : ''); ?>
<?php ($notMatching || $passwordMissing ? print "The password and password confirmation did not match or are missing.<br />" : ''); ?>
</div>
<?php
}
?>
<form id="account-form" method="post" action="account.php">
<div class="panel panel-default">
<div class="panel-heading">Account Settings</div>
<div class="panel-body">
<div class="form-group">
<input type="text" class="form-control" name="login" id="login" placeholder="Login" value="<?php echo $_SESSION['login']; ?>" disabled>
</div>
<div class="form-group">
<input type="text" class="form-control" name="name" id="name" placeholder="Name" value="<?php echo $account->getName($_SESSION['login']); ?>" required>
</div>
<div class="form-group">
<input type="email" class="form-control" name="email" id="email" placeholder="Email Address" value="<?php echo $account->getEmail($_SESSION['login']); ?>" required>
</div>
</div>
</div>
<div class="panel panel-default">
<div class="panel-heading">Change Password</div>
<div class="panel-body">
<div class="form-group">
<input type="password" class="form-control" name="password" id="password" placeholder="Current Password">
</div>
<div class="form-group">
<input type="password" class="form-control" name="password1" id="password1" placeholder="New Password" required>
</div>
<div class="form-group">
<input type="password" class="form-control" name="password2" id="password2" placeholder="Confirm Password" required>
</div>
</div>
</div>
<input type="submit" class="btn btn-default" value="Submit">
</form>
<?php
// END HTML BODY //
///////////////////
require_once('includes/footer.inc.php');
?>

30
build/portal/html/admin/assets/js/account.js 100644
Wyświetl plik

@ -0,0 +1,30 @@
$(document).ready(function () {
$("#password1").prop('disabled', true);
$("#password2").prop('disabled', true);
// Enable/disable password fields if content is contained in the current password textbox.
$("#password").keyup(function () {
if ($("#password").val().length > 0) {
$("#password1").prop('disabled', false);
$("#password2").prop('disabled', false);
} else {
$("#password1").val("");
$("#password2").val("");
$("#password1").prop('disabled', true);
$("#password2").prop('disabled', true);
}
});
// Form validation.
var form = $("#install-form");
form.validate().settings.ignore = ":disabled";
form.validate({
errorPlacement: function errorPlacement(error, element) { element.before(error); },
rules: {
password1: {
minlength: 6,
equalTo: "#password2"
}
}
});
});

108
build/portal/html/admin/includes/header.inc.php
Wyświetl plik

@ -1,53 +1,57 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>ADS-B Receiver Administration</title>
<meta http-equiv="cache-control" content="no-cache" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/admin/assets/css/bootstrap.min.css">
<link rel="stylesheet" href="/admin/assets/css/bootstrap-theme.min.css">
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<link rel="stylesheet" href="/admin/assets/css/jquery.steps.css">
<?php } ?>
<link rel="stylesheet" href="/admin/assets/css/admin.css">
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<link rel="stylesheet" href="/admin/assets/css/install.css">
<?php } ?>
<script src="/admin/assets/js/jquery-2.2.1.min.js"></script>
<script src="/admin/assets/js/bootstrap.min.js"></script>
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<script src="/admin/assets/js/jquery.steps.min.js"></script>
<script src="/admin/assets/js/js.cookie-2.1.0.min.js"></script>
<script src="/admin/assets/js/jquery.validate.min.js"></script>
<script src="/admin/assets/js/install.js"></script>
<?php } ?>
<?php if (basename($_SERVER['PHP_SELF']) == "index.php") { ?>
<script src="/admin/assets/js/index.js"></script>
<?php } ?>
</head>
<body>
<div id="wrapper">
<nav class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/admin">ADS-B Receiver Administration</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li id="logout-link"><a href="/admin">Settings</a></li>
<li id="logout-link"><a href="/admin/blog">Blog</a></li>
<li id="logout-link"><a href="/admin/account.php">Account</a></li>
<li id="logout-link"><a href="/admin/logout.php">Logout</a></li>
<li id="logout-link"><a href="/" target="_blank">Portal Home</a></li>
</ul>
</div>
</div>
</nav>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>ADS-B Receiver Administration</title>
<meta http-equiv="cache-control" content="no-cache" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="/admin/assets/css/bootstrap.min.css">
<link rel="stylesheet" href="/admin/assets/css/bootstrap-theme.min.css">
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<link rel="stylesheet" href="/admin/assets/css/jquery.steps.css">
<?php } ?>
<link rel="stylesheet" href="/admin/assets/css/admin.css">
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<link rel="stylesheet" href="/admin/assets/css/install.css">
<?php } ?>
<script src="/admin/assets/js/jquery-2.2.1.min.js"></script>
<script src="/admin/assets/js/bootstrap.min.js"></script>
<?php if (basename($_SERVER['PHP_SELF']) == "install.php") { ?>
<script src="/admin/assets/js/jquery.steps.min.js"></script>
<script src="/admin/assets/js/js.cookie-2.1.0.min.js"></script>
<script src="/admin/assets/js/jquery.validate.min.js"></script>
<script src="/admin/assets/js/install.js"></script>
<?php } ?>
<?php if (basename($_SERVER['PHP_SELF']) == "index.php") { ?>
<script src="/admin/assets/js/index.js"></script>
<?php } ?>
<?php if (basename($_SERVER['PHP_SELF']) == "account.php") { ?>
<script src="/admin/assets/js/jquery.validate.min.js"></script>
<script src="/admin/assets/js/account.js"></script>
<?php } ?>
</head>
<body>
<div id="wrapper">
<nav class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="/admin">ADS-B Receiver Administration</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li id="logout-link"><a href="/admin">Settings</a></li>
<li id="logout-link"><a href="/admin/blog">Blog</a></li>
<li id="logout-link"><a href="/admin/account.php">Account</a></li>
<li id="logout-link"><a href="/admin/logout.php">Logout</a></li>
<li id="logout-link"><a href="/" target="_blank">Portal Home</a></li>
</ul>
</div>
</div>
</nav>
<div class="container">

11
build/portal/html/classes/account.class.php
Wyświetl plik

@ -127,6 +127,7 @@
///////////////////////////////////////
function addAdministrator($name, $email, $login, $password) {
require_once($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."classes".DIRECTORY_SEPARATOR."settings.class.php");
$settings = new settings();
if ($settings::db_driver == "xml") {
@ -218,7 +219,9 @@
// Change the name associated to an existing administrator in the file administrators.xml.
function changeName($login, $name) {
require_once($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."classes".DIRECTORY_SEPARATOR."settings.class.php");
$settings = new settings();
if ($settings::db_driver == "xml") {
// XML
$administrators = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."data".DIRECTORY_SEPARATOR."administrators.xml") or die("Error: Cannot create administrators object");
@ -242,7 +245,10 @@
// Change the name associated to an existing administrator in the file administrators.xml.
function changeEmail($login, $email) {
if ($settings::db_driver == "xml") {
require_once($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."classes".DIRECTORY_SEPARATOR."settings.class.php");
$settings = new settings();
if ($settings::db_driver == 'xml') {
// XML
$administrators = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."data".DIRECTORY_SEPARATOR."administrators.xml") or die("Error: Cannot create administrators object");
foreach ($administrators->xpath("administrator[login='".$login."']") as $administrator) {
@ -265,6 +271,9 @@
// Change a password stored for an existing administrator in the file administrators.xml.
function changePassword($login, $password) {
require_once($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."classes".DIRECTORY_SEPARATOR."settings.class.php");
$settings = new settings();
if ($settings::db_driver == "xml") {
// XML
$administrators = simplexml_load_file($_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."data".DIRECTORY_SEPARATOR."administrators.xml") or die("Error: Cannot create administrators object");