10440ff15Schris<?php 254cc7aa4SAndreas Gohr 38553d24dSAndreas Gohruse dokuwiki\Extension\AdminPlugin; 451ee2399SGerrit Uitslaguse dokuwiki\Extension\AuthPlugin; 554cc7aa4SAndreas Gohruse dokuwiki\Utf8\Clean; 60440ff15Schris/* 70440ff15Schris * User Manager 80440ff15Schris * 90440ff15Schris * Dokuwiki Admin Plugin 100440ff15Schris * 110440ff15Schris * This version of the user manager has been modified to only work with 120440ff15Schris * objectified version of auth system 130440ff15Schris * 140440ff15Schris * @author neolao <neolao@neolao.com> 150440ff15Schris * @author Chris Smith <chris@jalakai.co.uk> 160440ff15Schris */ 170440ff15Schris/** 180440ff15Schris * All DokuWiki plugins to extend the admin function 190440ff15Schris * need to inherit from this class 200440ff15Schris */ 218553d24dSAndreas Gohrclass admin_plugin_usermanager extends AdminPlugin 223a97d936SAndreas Gohr{ 23bf9be0e3SAndreas Gohr protected const IMAGE_DIR = DOKU_BASE.'lib/plugins/usermanager/images/'; 240440ff15Schris 2554cc7aa4SAndreas Gohr protected $auth; // auth object 263a97d936SAndreas Gohr protected $users_total = 0; // number of registered users 2754cc7aa4SAndreas Gohr protected $filter = []; // user selection filter(s) 283a97d936SAndreas Gohr protected $start = 0; // index of first user to be displayed 293a97d936SAndreas Gohr protected $last = 0; // index of the last user to be displayed 303a97d936SAndreas Gohr protected $pagesize = 20; // number of users to list on one page 313a97d936SAndreas Gohr protected $edit_user = ''; // set to user selected for editing 3254cc7aa4SAndreas Gohr protected $edit_userdata = []; 333a97d936SAndreas Gohr protected $disabled = ''; // if disabled set to explanatory string 3454cc7aa4SAndreas Gohr protected $import_failures = []; 353a97d936SAndreas Gohr protected $lastdisabled = false; // set to true if last user is unknown and last button is hence buggy 360440ff15Schris 370440ff15Schris /** 380440ff15Schris * Constructor 390440ff15Schris */ 403a97d936SAndreas Gohr public function __construct() 413a97d936SAndreas Gohr { 4251ee2399SGerrit Uitslag /** @var AuthPlugin $auth */ 430440ff15Schris global $auth; 440440ff15Schris 450440ff15Schris $this->setupLocale(); 4651d94d49Schris 4751d94d49Schris if (!isset($auth)) { 483a97d936SAndreas Gohr $this->disabled = $this->lang['noauth']; 4982fd59b6SAndreas Gohr } elseif (!$auth->canDo('getUsers')) { 503a97d936SAndreas Gohr $this->disabled = $this->lang['nosupport']; 5151d94d49Schris } else { 5251d94d49Schris // we're good to go 533a97d936SAndreas Gohr $this->auth = & $auth; 5451d94d49Schris } 55ae1afd2fSChristopher Smith 56ae1afd2fSChristopher Smith // attempt to retrieve any import failures from the session 570e80bb5eSChristopher Smith if (!empty($_SESSION['import_failures'])) { 583a97d936SAndreas Gohr $this->import_failures = $_SESSION['import_failures']; 59ae1afd2fSChristopher Smith } 600440ff15Schris } 610440ff15Schris 620440ff15Schris /** 63c5a7c0c6SGerrit Uitslag * Return prompt for admin menu 64253d4b48SGerrit Uitslag * 65253d4b48SGerrit Uitslag * @param string $language 66253d4b48SGerrit Uitslag * @return string 670440ff15Schris */ 683a97d936SAndreas Gohr public function getMenuText($language) 693a97d936SAndreas Gohr { 700440ff15Schris 713a97d936SAndreas Gohr if (!is_null($this->auth)) 720440ff15Schris return parent::getMenuText($language); 730440ff15Schris 743a97d936SAndreas Gohr return $this->getLang('menu').' '.$this->disabled; 750440ff15Schris } 760440ff15Schris 770440ff15Schris /** 780440ff15Schris * return sort order for position in admin menu 79253d4b48SGerrit Uitslag * 80253d4b48SGerrit Uitslag * @return int 810440ff15Schris */ 823a97d936SAndreas Gohr public function getMenuSort() 833a97d936SAndreas Gohr { 840440ff15Schris return 2; 850440ff15Schris } 860440ff15Schris 870440ff15Schris /** 8867a31a83SMichael Große * @return int current start value for pageination 8967a31a83SMichael Große */ 903a97d936SAndreas Gohr public function getStart() 913a97d936SAndreas Gohr { 923a97d936SAndreas Gohr return $this->start; 9367a31a83SMichael Große } 9467a31a83SMichael Große 9567a31a83SMichael Große /** 9667a31a83SMichael Große * @return int number of users per page 9767a31a83SMichael Große */ 983a97d936SAndreas Gohr public function getPagesize() 993a97d936SAndreas Gohr { 1003a97d936SAndreas Gohr return $this->pagesize; 10167a31a83SMichael Große } 10267a31a83SMichael Große 10367a31a83SMichael Große /** 104462e9e37SMichael Große * @param boolean $lastdisabled 105462e9e37SMichael Große */ 1063a97d936SAndreas Gohr public function setLastdisabled($lastdisabled) 1073a97d936SAndreas Gohr { 1083a97d936SAndreas Gohr $this->lastdisabled = $lastdisabled; 109462e9e37SMichael Große } 110462e9e37SMichael Große 111462e9e37SMichael Große /** 112c5a7c0c6SGerrit Uitslag * Handle user request 113253d4b48SGerrit Uitslag * 114253d4b48SGerrit Uitslag * @return bool 1150440ff15Schris */ 1163a97d936SAndreas Gohr public function handle() 1173a97d936SAndreas Gohr { 11800d58927SMichael Hamann global $INPUT; 1193a97d936SAndreas Gohr if (is_null($this->auth)) return false; 1200440ff15Schris 1210440ff15Schris // extract the command and any specific parameters 1220440ff15Schris // submit button name is of the form - fn[cmd][param(s)] 12300d58927SMichael Hamann $fn = $INPUT->param('fn'); 1240440ff15Schris 1250440ff15Schris if (is_array($fn)) { 1260440ff15Schris $cmd = key($fn); 1270440ff15Schris $param = is_array($fn[$cmd]) ? key($fn[$cmd]) : null; 1280440ff15Schris } else { 1290440ff15Schris $cmd = $fn; 1300440ff15Schris $param = null; 1310440ff15Schris } 1320440ff15Schris 1330440ff15Schris if ($cmd != "search") { 1343a97d936SAndreas Gohr $this->start = $INPUT->int('start', 0); 1353a97d936SAndreas Gohr $this->filter = $this->retrieveFilter(); 1360440ff15Schris } 1370440ff15Schris 1380440ff15Schris switch ($cmd) { 1393a97d936SAndreas Gohr case "add": 1403a97d936SAndreas Gohr $this->addUser(); 1410440ff15Schris break; 1423a97d936SAndreas Gohr case "delete": 1433a97d936SAndreas Gohr $this->deleteUser(); 1443a97d936SAndreas Gohr break; 1453a97d936SAndreas Gohr case "modify": 1463a97d936SAndreas Gohr $this->modifyUser(); 1473a97d936SAndreas Gohr break; 1483a97d936SAndreas Gohr case "edit": 1493a97d936SAndreas Gohr $this->editUser($param); 1503a97d936SAndreas Gohr break; 1513a97d936SAndreas Gohr case "search": 1523a97d936SAndreas Gohr $this->setFilter($param); 1533a97d936SAndreas Gohr $this->start = 0; 1543a97d936SAndreas Gohr break; 1553a97d936SAndreas Gohr case "export": 1563a97d936SAndreas Gohr $this->exportCSV(); 1573a97d936SAndreas Gohr break; 1583a97d936SAndreas Gohr case "import": 1593a97d936SAndreas Gohr $this->importCSV(); 1603a97d936SAndreas Gohr break; 1613a97d936SAndreas Gohr case "importfails": 1623a97d936SAndreas Gohr $this->downloadImportFailures(); 1633a97d936SAndreas Gohr break; 1640440ff15Schris } 1650440ff15Schris 1663a97d936SAndreas Gohr $this->users_total = $this->auth->canDo('getUserCount') ? $this->auth->getUserCount($this->filter) : -1; 1670440ff15Schris 1680440ff15Schris // page handling 1690440ff15Schris switch ($cmd) { 1703a97d936SAndreas Gohr case 'start': 1713a97d936SAndreas Gohr $this->start = 0; 1723a97d936SAndreas Gohr break; 1733a97d936SAndreas Gohr case 'prev': 1743a97d936SAndreas Gohr $this->start -= $this->pagesize; 1753a97d936SAndreas Gohr break; 1763a97d936SAndreas Gohr case 'next': 1773a97d936SAndreas Gohr $this->start += $this->pagesize; 1783a97d936SAndreas Gohr break; 1793a97d936SAndreas Gohr case 'last': 1803a97d936SAndreas Gohr $this->start = $this->users_total; 1813a97d936SAndreas Gohr break; 1820440ff15Schris } 1833a97d936SAndreas Gohr $this->validatePagination(); 184c5a7c0c6SGerrit Uitslag return true; 1850440ff15Schris } 1860440ff15Schris 1870440ff15Schris /** 188c5a7c0c6SGerrit Uitslag * Output appropriate html 189253d4b48SGerrit Uitslag * 190253d4b48SGerrit Uitslag * @return bool 1910440ff15Schris */ 1923a97d936SAndreas Gohr public function html() 1933a97d936SAndreas Gohr { 1940440ff15Schris global $ID; 1950440ff15Schris 1963a97d936SAndreas Gohr if (is_null($this->auth)) { 1970440ff15Schris print $this->lang['badauth']; 1980440ff15Schris return false; 1990440ff15Schris } 2000440ff15Schris 2013a97d936SAndreas Gohr $user_list = $this->auth->retrieveUsers($this->start, $this->pagesize, $this->filter); 2020440ff15Schris 2033a97d936SAndreas Gohr $page_buttons = $this->pagination(); 2043a97d936SAndreas Gohr $delete_disable = $this->auth->canDo('delUser') ? '' : 'disabled="disabled"'; 2050440ff15Schris 2063a97d936SAndreas Gohr $editable = $this->auth->canDo('UserMod'); 2073a97d936SAndreas Gohr $export_label = empty($this->filter) ? $this->lang['export_all'] : $this->lang['export_filtered']; 2086154103cSmatthiasgrimm 2090440ff15Schris print $this->locale_xhtml('intro'); 2100440ff15Schris print $this->locale_xhtml('list'); 2110440ff15Schris 21258dde80dSAnika Henke ptln("<div id=\"user__manager\">"); 21358dde80dSAnika Henke ptln("<div class=\"level2\">"); 2140440ff15Schris 2153a97d936SAndreas Gohr if ($this->users_total > 0) { 21664159a61SAndreas Gohr ptln( 21764159a61SAndreas Gohr "<p>" . sprintf( 21864159a61SAndreas Gohr $this->lang['summary'], 2193a97d936SAndreas Gohr $this->start + 1, 2203a97d936SAndreas Gohr $this->last, 2213a97d936SAndreas Gohr $this->users_total, 2223a97d936SAndreas Gohr $this->auth->getUserCount() 22364159a61SAndreas Gohr ) . "</p>" 22464159a61SAndreas Gohr ); 2250440ff15Schris } else { 2263a97d936SAndreas Gohr if ($this->users_total < 0) { 227a102b175SGerrit Uitslag $allUserTotal = 0; 228a102b175SGerrit Uitslag } else { 2293a97d936SAndreas Gohr $allUserTotal = $this->auth->getUserCount(); 230a102b175SGerrit Uitslag } 231a102b175SGerrit Uitslag ptln("<p>".sprintf($this->lang['nonefound'], $allUserTotal)."</p>"); 2320440ff15Schris } 2330440ff15Schris ptln("<form action=\"".wl($ID)."\" method=\"post\">"); 234634d7150SAndreas Gohr formSecurityToken(); 235c7b28ffdSAnika Henke ptln(" <div class=\"table\">"); 2360440ff15Schris ptln(" <table class=\"inline\">"); 2370440ff15Schris ptln(" <thead>"); 2380440ff15Schris ptln(" <tr>"); 23964159a61SAndreas Gohr ptln(" <th> </th> 24064159a61SAndreas Gohr <th>".$this->lang["user_id"]."</th> 24164159a61SAndreas Gohr <th>".$this->lang["user_name"]."</th> 24264159a61SAndreas Gohr <th>".$this->lang["user_mail"]."</th> 24364159a61SAndreas Gohr <th>".$this->lang["user_groups"]."</th>"); 2440440ff15Schris ptln(" </tr>"); 2450440ff15Schris 2460440ff15Schris ptln(" <tr>"); 24764159a61SAndreas Gohr ptln(" <td class=\"rightalign\"><input type=\"image\" src=\"". 2483a97d936SAndreas Gohr self::IMAGE_DIR."search.png\" name=\"fn[search][new]\" title=\"". 24964159a61SAndreas Gohr $this->lang['search_prompt']."\" alt=\"".$this->lang['search']."\" class=\"button\" /></td>"); 25064159a61SAndreas Gohr ptln(" <td><input type=\"text\" name=\"userid\" class=\"edit\" value=\"". 2513a97d936SAndreas Gohr $this->htmlFilter('user')."\" /></td>"); 25264159a61SAndreas Gohr ptln(" <td><input type=\"text\" name=\"username\" class=\"edit\" value=\"". 2533a97d936SAndreas Gohr $this->htmlFilter('name')."\" /></td>"); 25464159a61SAndreas Gohr ptln(" <td><input type=\"text\" name=\"usermail\" class=\"edit\" value=\"". 2553a97d936SAndreas Gohr $this->htmlFilter('mail')."\" /></td>"); 25664159a61SAndreas Gohr ptln(" <td><input type=\"text\" name=\"usergroups\" class=\"edit\" value=\"". 2573a97d936SAndreas Gohr $this->htmlFilter('grps')."\" /></td>"); 2580440ff15Schris ptln(" </tr>"); 2590440ff15Schris ptln(" </thead>"); 2600440ff15Schris 2613a97d936SAndreas Gohr if ($this->users_total) { 2620440ff15Schris ptln(" <tbody>"); 2630440ff15Schris foreach ($user_list as $user => $userinfo) { 2640440ff15Schris extract($userinfo); 265c5a7c0c6SGerrit Uitslag /** 266c5a7c0c6SGerrit Uitslag * @var string $name 267c5a7c0c6SGerrit Uitslag * @var string $pass 268c5a7c0c6SGerrit Uitslag * @var string $mail 269c5a7c0c6SGerrit Uitslag * @var array $grps 270c5a7c0c6SGerrit Uitslag */ 27154cc7aa4SAndreas Gohr $groups = implode(', ', $grps); 272a2c0246eSAnika Henke ptln(" <tr class=\"user_info\">"); 27364159a61SAndreas Gohr ptln(" <td class=\"centeralign\"><input type=\"checkbox\" name=\"delete[".hsc($user). 27464159a61SAndreas Gohr "]\" ".$delete_disable." /></td>"); 2752365d73dSAnika Henke if ($editable) { 27654cc7aa4SAndreas Gohr ptln(" <td><a href=\"".wl($ID, ['fn[edit]['.$user.']' => 1, 27777d19185SAndreas Gohr 'do' => 'admin', 27877d19185SAndreas Gohr 'page' => 'usermanager', 27954cc7aa4SAndreas Gohr 'sectok' => getSecurityToken()]). 28077d19185SAndreas Gohr "\" title=\"".$this->lang['edit_prompt']."\">".hsc($user)."</a></td>"); 2812365d73dSAnika Henke } else { 2822365d73dSAnika Henke ptln(" <td>".hsc($user)."</td>"); 2832365d73dSAnika Henke } 2842365d73dSAnika Henke ptln(" <td>".hsc($name)."</td><td>".hsc($mail)."</td><td>".hsc($groups)."</td>"); 2850440ff15Schris ptln(" </tr>"); 2860440ff15Schris } 2870440ff15Schris ptln(" </tbody>"); 2880440ff15Schris } 2890440ff15Schris 2900440ff15Schris ptln(" <tbody>"); 2912365d73dSAnika Henke ptln(" <tr><td colspan=\"5\" class=\"centeralign\">"); 292a2c0246eSAnika Henke ptln(" <span class=\"medialeft\">"); 29364159a61SAndreas Gohr ptln(" <button type=\"submit\" name=\"fn[delete]\" id=\"usrmgr__del\" ".$delete_disable.">". 29464159a61SAndreas Gohr $this->lang['delete_selected']."</button>"); 29576c49356SMike Wilmes ptln(" </span>"); 29676c49356SMike Wilmes ptln(" <span class=\"mediaright\">"); 29764159a61SAndreas Gohr ptln(" <button type=\"submit\" name=\"fn[start]\" ".$page_buttons['start'].">". 29864159a61SAndreas Gohr $this->lang['start']."</button>"); 29964159a61SAndreas Gohr ptln(" <button type=\"submit\" name=\"fn[prev]\" ".$page_buttons['prev'].">". 30064159a61SAndreas Gohr $this->lang['prev']."</button>"); 30164159a61SAndreas Gohr ptln(" <button type=\"submit\" name=\"fn[next]\" ".$page_buttons['next'].">". 30264159a61SAndreas Gohr $this->lang['next']."</button>"); 30364159a61SAndreas Gohr ptln(" <button type=\"submit\" name=\"fn[last]\" ".$page_buttons['last'].">". 30464159a61SAndreas Gohr $this->lang['last']."</button>"); 30576c49356SMike Wilmes ptln(" </span>"); 3063a97d936SAndreas Gohr if (!empty($this->filter)) { 307ae614416SAnika Henke ptln(" <button type=\"submit\" name=\"fn[search][clear]\">".$this->lang['clear']."</button>"); 3085c967d3dSChristopher Smith } 309ae614416SAnika Henke ptln(" <button type=\"submit\" name=\"fn[export]\">".$export_label."</button>"); 3105164d9c9SAnika Henke ptln(" <input type=\"hidden\" name=\"do\" value=\"admin\" />"); 3115164d9c9SAnika Henke ptln(" <input type=\"hidden\" name=\"page\" value=\"usermanager\" />"); 312daf4ca4eSAnika Henke 3133a97d936SAndreas Gohr $this->htmlFilterSettings(2); 314daf4ca4eSAnika Henke 3150440ff15Schris ptln(" </td></tr>"); 3160440ff15Schris ptln(" </tbody>"); 3170440ff15Schris ptln(" </table>"); 318c7b28ffdSAnika Henke ptln(" </div>"); 3190440ff15Schris 3200440ff15Schris ptln("</form>"); 3210440ff15Schris ptln("</div>"); 3220440ff15Schris 3233a97d936SAndreas Gohr $style = $this->edit_user ? " class=\"edit_user\"" : ""; 3240440ff15Schris 3253a97d936SAndreas Gohr if ($this->auth->canDo('addUser')) { 3260440ff15Schris ptln("<div".$style.">"); 3270440ff15Schris print $this->locale_xhtml('add'); 3280440ff15Schris ptln(" <div class=\"level2\">"); 3290440ff15Schris 33054cc7aa4SAndreas Gohr $this->htmlUserForm('add', null, [], 4); 3310440ff15Schris 3320440ff15Schris ptln(" </div>"); 3330440ff15Schris ptln("</div>"); 3340440ff15Schris } 3350440ff15Schris 3363a97d936SAndreas Gohr if ($this->edit_user && $this->auth->canDo('UserMod')) { 337c632fc69SAndreas Gohr ptln("<div".$style." id=\"scroll__here\">"); 3380440ff15Schris print $this->locale_xhtml('edit'); 3390440ff15Schris ptln(" <div class=\"level2\">"); 3400440ff15Schris 3413a97d936SAndreas Gohr $this->htmlUserForm('modify', $this->edit_user, $this->edit_userdata, 4); 3420440ff15Schris 3430440ff15Schris ptln(" </div>"); 3440440ff15Schris ptln("</div>"); 3450440ff15Schris } 346ae1afd2fSChristopher Smith 3473a97d936SAndreas Gohr if ($this->auth->canDo('addUser')) { 3483a97d936SAndreas Gohr $this->htmlImportForm(); 349ae1afd2fSChristopher Smith } 35058dde80dSAnika Henke ptln("</div>"); 351c5a7c0c6SGerrit Uitslag return true; 3520440ff15Schris } 3530440ff15Schris 35482fd59b6SAndreas Gohr /** 35564cdf779SAndreas Gohr * User Manager is only available if the auth backend supports it 35664cdf779SAndreas Gohr * 35764cdf779SAndreas Gohr * @inheritdoc 35864cdf779SAndreas Gohr * @return bool 35964cdf779SAndreas Gohr */ 36064cdf779SAndreas Gohr public function isAccessibleByCurrentUser() 36164cdf779SAndreas Gohr { 36251ee2399SGerrit Uitslag /** @var AuthPlugin $auth */ 36364cdf779SAndreas Gohr global $auth; 36464cdf779SAndreas Gohr if (!$auth || !$auth->canDo('getUsers')) { 36564cdf779SAndreas Gohr return false; 36664cdf779SAndreas Gohr } 36764cdf779SAndreas Gohr 36864cdf779SAndreas Gohr return parent::isAccessibleByCurrentUser(); 36964cdf779SAndreas Gohr } 37064cdf779SAndreas Gohr 37164cdf779SAndreas Gohr 37264cdf779SAndreas Gohr /** 373c5a7c0c6SGerrit Uitslag * Display form to add or modify a user 374c5a7c0c6SGerrit Uitslag * 375c5a7c0c6SGerrit Uitslag * @param string $cmd 'add' or 'modify' 376c5a7c0c6SGerrit Uitslag * @param string $user id of user 377c5a7c0c6SGerrit Uitslag * @param array $userdata array with name, mail, pass and grps 378c5a7c0c6SGerrit Uitslag * @param int $indent 37982fd59b6SAndreas Gohr */ 38054cc7aa4SAndreas Gohr protected function htmlUserForm($cmd, $user = '', $userdata = [], $indent = 0) 3813a97d936SAndreas Gohr { 382a6858c6aSchris global $conf; 383bb4866bdSchris global $ID; 384be9008d3SChristopher Smith global $lang; 38554cc7aa4SAndreas Gohr $name = ''; 38654cc7aa4SAndreas Gohr $mail = ''; 38754cc7aa4SAndreas Gohr $groups = ''; 38854cc7aa4SAndreas Gohr $notes = []; 3890440ff15Schris 3900440ff15Schris if ($user) { 39178c7c8c9Schris extract($userdata); 39254cc7aa4SAndreas Gohr if (!empty($grps)) $groups = implode(',', $grps); 393a6858c6aSchris } else { 394a6858c6aSchris $notes[] = sprintf($this->lang['note_group'], $conf['defaultgroup']); 3950440ff15Schris } 3960440ff15Schris 3970440ff15Schris ptln("<form action=\"".wl($ID)."\" method=\"post\">", $indent); 398634d7150SAndreas Gohr formSecurityToken(); 399c7b28ffdSAnika Henke ptln(" <div class=\"table\">", $indent); 4000440ff15Schris ptln(" <table class=\"inline\">", $indent); 4010440ff15Schris ptln(" <thead>", $indent); 4020440ff15Schris ptln(" <tr><th>".$this->lang["field"]."</th><th>".$this->lang["value"]."</th></tr>", $indent); 4030440ff15Schris ptln(" </thead>", $indent); 4040440ff15Schris ptln(" <tbody>", $indent); 40526fb387bSchris 4063a97d936SAndreas Gohr $this->htmlInputField( 40764159a61SAndreas Gohr $cmd . "_userid", 40864159a61SAndreas Gohr "userid", 40964159a61SAndreas Gohr $this->lang["user_id"], 41064159a61SAndreas Gohr $user, 4113a97d936SAndreas Gohr $this->auth->canDo("modLogin"), 41264159a61SAndreas Gohr true, 41364159a61SAndreas Gohr $indent + 6 41464159a61SAndreas Gohr ); 4153a97d936SAndreas Gohr $this->htmlInputField( 41664159a61SAndreas Gohr $cmd . "_userpass", 41764159a61SAndreas Gohr "userpass", 41864159a61SAndreas Gohr $this->lang["user_pass"], 41964159a61SAndreas Gohr "", 4203a97d936SAndreas Gohr $this->auth->canDo("modPass"), 42164159a61SAndreas Gohr false, 42264159a61SAndreas Gohr $indent + 6 42364159a61SAndreas Gohr ); 4243a97d936SAndreas Gohr $this->htmlInputField( 42564159a61SAndreas Gohr $cmd . "_userpass2", 42664159a61SAndreas Gohr "userpass2", 42764159a61SAndreas Gohr $lang["passchk"], 42864159a61SAndreas Gohr "", 4293a97d936SAndreas Gohr $this->auth->canDo("modPass"), 43064159a61SAndreas Gohr false, 43164159a61SAndreas Gohr $indent + 6 43264159a61SAndreas Gohr ); 4333a97d936SAndreas Gohr $this->htmlInputField( 43464159a61SAndreas Gohr $cmd . "_username", 43564159a61SAndreas Gohr "username", 43664159a61SAndreas Gohr $this->lang["user_name"], 43764159a61SAndreas Gohr $name, 4383a97d936SAndreas Gohr $this->auth->canDo("modName"), 43964159a61SAndreas Gohr true, 44064159a61SAndreas Gohr $indent + 6 44164159a61SAndreas Gohr ); 4423a97d936SAndreas Gohr $this->htmlInputField( 44364159a61SAndreas Gohr $cmd . "_usermail", 44464159a61SAndreas Gohr "usermail", 44564159a61SAndreas Gohr $this->lang["user_mail"], 44664159a61SAndreas Gohr $mail, 4473a97d936SAndreas Gohr $this->auth->canDo("modMail"), 44864159a61SAndreas Gohr true, 44964159a61SAndreas Gohr $indent + 6 45064159a61SAndreas Gohr ); 4513a97d936SAndreas Gohr $this->htmlInputField( 45264159a61SAndreas Gohr $cmd . "_usergroups", 45364159a61SAndreas Gohr "usergroups", 45464159a61SAndreas Gohr $this->lang["user_groups"], 45564159a61SAndreas Gohr $groups, 4563a97d936SAndreas Gohr $this->auth->canDo("modGroups"), 45764159a61SAndreas Gohr false, 45864159a61SAndreas Gohr $indent + 6 45964159a61SAndreas Gohr ); 46026fb387bSchris 4613a97d936SAndreas Gohr if ($this->auth->canDo("modPass")) { 462ee9498f5SChristopher Smith if ($cmd == 'add') { 463c3f4fb63SGina Haeussge $notes[] = $this->lang['note_pass']; 464ee9498f5SChristopher Smith } 465a6858c6aSchris if ($user) { 466a6858c6aSchris $notes[] = $this->lang['note_notify']; 467a6858c6aSchris } 468a6858c6aSchris 46964159a61SAndreas Gohr ptln("<tr><td><label for=\"".$cmd."_usernotify\" >". 47064159a61SAndreas Gohr $this->lang["user_notify"].": </label></td> 47164159a61SAndreas Gohr <td><input type=\"checkbox\" id=\"".$cmd."_usernotify\" name=\"usernotify\" value=\"1\" /> 47264159a61SAndreas Gohr </td></tr>", $indent); 473a6858c6aSchris } 474a6858c6aSchris 4750440ff15Schris ptln(" </tbody>", $indent); 4760440ff15Schris ptln(" <tbody>", $indent); 4770440ff15Schris ptln(" <tr>", $indent); 4780440ff15Schris ptln(" <td colspan=\"2\">", $indent); 4790440ff15Schris ptln(" <input type=\"hidden\" name=\"do\" value=\"admin\" />", $indent); 4800440ff15Schris ptln(" <input type=\"hidden\" name=\"page\" value=\"usermanager\" />", $indent); 4810440ff15Schris 4820440ff15Schris // save current $user, we need this to access details if the name is changed 4830440ff15Schris if ($user) 484f23f9594SAndreas Gohr ptln(" <input type=\"hidden\" name=\"userid_old\" value=\"".hsc($user)."\" />", $indent); 4850440ff15Schris 4863a97d936SAndreas Gohr $this->htmlFilterSettings($indent+10); 4870440ff15Schris 488ae614416SAnika Henke ptln(" <button type=\"submit\" name=\"fn[".$cmd."]\">".$this->lang[$cmd]."</button>", $indent); 4890440ff15Schris ptln(" </td>", $indent); 4900440ff15Schris ptln(" </tr>", $indent); 4910440ff15Schris ptln(" </tbody>", $indent); 4920440ff15Schris ptln(" </table>", $indent); 49345c19902SChristopher Smith 49445c19902SChristopher Smith if ($notes) { 49545c19902SChristopher Smith ptln(" <ul class=\"notes\">"); 49645c19902SChristopher Smith foreach ($notes as $note) { 497ae614416SAnika Henke ptln(" <li><span class=\"li\">".$note."</li>", $indent); 49845c19902SChristopher Smith } 49945c19902SChristopher Smith ptln(" </ul>"); 50045c19902SChristopher Smith } 501c7b28ffdSAnika Henke ptln(" </div>", $indent); 5020440ff15Schris ptln("</form>", $indent); 5030440ff15Schris } 5040440ff15Schris 505c5a7c0c6SGerrit Uitslag /** 506c5a7c0c6SGerrit Uitslag * Prints a inputfield 507c5a7c0c6SGerrit Uitslag * 508c5a7c0c6SGerrit Uitslag * @param string $id 509c5a7c0c6SGerrit Uitslag * @param string $name 510c5a7c0c6SGerrit Uitslag * @param string $label 511c5a7c0c6SGerrit Uitslag * @param string $value 512c5a7c0c6SGerrit Uitslag * @param bool $cando whether auth backend is capable to do this action 5139b82d43fSAndreas Gohr * @param bool $required is this field required? 514c5a7c0c6SGerrit Uitslag * @param int $indent 515c5a7c0c6SGerrit Uitslag */ 5163a97d936SAndreas Gohr protected function htmlInputField($id, $name, $label, $value, $cando, $required, $indent = 0) 5173a97d936SAndreas Gohr { 5187de12fceSAndreas Gohr $class = $cando ? '' : ' class="disabled"'; 5197de12fceSAndreas Gohr echo str_pad('', $indent); 5207de12fceSAndreas Gohr 521359e9417SChristopher Smith if ($name == 'userpass' || $name == 'userpass2') { 522d796a891SAndreas Gohr $fieldtype = 'password'; 523d796a891SAndreas Gohr $autocomp = 'autocomplete="off"'; 5247b3674bdSChristopher Smith } elseif ($name == 'usermail') { 5257b3674bdSChristopher Smith $fieldtype = 'email'; 5267b3674bdSChristopher Smith $autocomp = ''; 527d796a891SAndreas Gohr } else { 528d796a891SAndreas Gohr $fieldtype = 'text'; 529d796a891SAndreas Gohr $autocomp = ''; 530d796a891SAndreas Gohr } 531f23f9594SAndreas Gohr $value = hsc($value); 532d796a891SAndreas Gohr 5337de12fceSAndreas Gohr echo "<tr $class>"; 5347de12fceSAndreas Gohr echo "<td><label for=\"$id\" >$label: </label></td>"; 5357de12fceSAndreas Gohr echo "<td>"; 5367de12fceSAndreas Gohr if ($cando) { 5379b82d43fSAndreas Gohr $req = ''; 5389b82d43fSAndreas Gohr if ($required) $req = 'required="required"'; 53964159a61SAndreas Gohr echo "<input type=\"$fieldtype\" id=\"$id\" name=\"$name\" 54064159a61SAndreas Gohr value=\"$value\" class=\"edit\" $autocomp $req />"; 5417de12fceSAndreas Gohr } else { 5427de12fceSAndreas Gohr echo "<input type=\"hidden\" name=\"$name\" value=\"$value\" />"; 54364159a61SAndreas Gohr echo "<input type=\"$fieldtype\" id=\"$id\" name=\"$name\" 54464159a61SAndreas Gohr value=\"$value\" class=\"edit disabled\" disabled=\"disabled\" />"; 5457de12fceSAndreas Gohr } 5467de12fceSAndreas Gohr echo "</td>"; 5477de12fceSAndreas Gohr echo "</tr>"; 54826fb387bSchris } 54926fb387bSchris 550c5a7c0c6SGerrit Uitslag /** 551c5a7c0c6SGerrit Uitslag * Returns htmlescaped filter value 552c5a7c0c6SGerrit Uitslag * 553c5a7c0c6SGerrit Uitslag * @param string $key name of search field 554c5a7c0c6SGerrit Uitslag * @return string html escaped value 555c5a7c0c6SGerrit Uitslag */ 5563a97d936SAndreas Gohr protected function htmlFilter($key) 5573a97d936SAndreas Gohr { 5583a97d936SAndreas Gohr if (empty($this->filter)) return ''; 5593a97d936SAndreas Gohr return (isset($this->filter[$key]) ? hsc($this->filter[$key]) : ''); 5600440ff15Schris } 5610440ff15Schris 562c5a7c0c6SGerrit Uitslag /** 563c5a7c0c6SGerrit Uitslag * Print hidden inputs with the current filter values 564c5a7c0c6SGerrit Uitslag * 565c5a7c0c6SGerrit Uitslag * @param int $indent 566c5a7c0c6SGerrit Uitslag */ 5673a97d936SAndreas Gohr protected function htmlFilterSettings($indent = 0) 5683a97d936SAndreas Gohr { 5690440ff15Schris 5703a97d936SAndreas Gohr ptln("<input type=\"hidden\" name=\"start\" value=\"".$this->start."\" />", $indent); 5710440ff15Schris 5723a97d936SAndreas Gohr foreach ($this->filter as $key => $filter) { 5730440ff15Schris ptln("<input type=\"hidden\" name=\"filter[".$key."]\" value=\"".hsc($filter)."\" />", $indent); 5740440ff15Schris } 5750440ff15Schris } 5760440ff15Schris 577c5a7c0c6SGerrit Uitslag /** 578c5a7c0c6SGerrit Uitslag * Print import form and summary of previous import 579c5a7c0c6SGerrit Uitslag * 580c5a7c0c6SGerrit Uitslag * @param int $indent 581c5a7c0c6SGerrit Uitslag */ 5823a97d936SAndreas Gohr protected function htmlImportForm($indent = 0) 5833a97d936SAndreas Gohr { 584ae1afd2fSChristopher Smith global $ID; 585ae1afd2fSChristopher Smith 58654cc7aa4SAndreas Gohr $failure_download_link = wl($ID, ['do'=>'admin', 'page'=>'usermanager', 'fn[importfails]'=>1]); 587ae1afd2fSChristopher Smith 588ae1afd2fSChristopher Smith ptln('<div class="level2 import_users">', $indent); 589ae1afd2fSChristopher Smith print $this->locale_xhtml('import'); 590ae1afd2fSChristopher Smith ptln(' <form action="'.wl($ID).'" method="post" enctype="multipart/form-data">', $indent); 591ae1afd2fSChristopher Smith formSecurityToken(); 592b59cff8bSGerrit Uitslag ptln(' <label>'.$this->lang['import_userlistcsv'].'<input type="file" name="import" /></label>', $indent); 593ae614416SAnika Henke ptln(' <button type="submit" name="fn[import]">'.$this->lang['import'].'</button>', $indent); 594ae1afd2fSChristopher Smith ptln(' <input type="hidden" name="do" value="admin" />', $indent); 595ae1afd2fSChristopher Smith ptln(' <input type="hidden" name="page" value="usermanager" />', $indent); 596ae1afd2fSChristopher Smith 5973a97d936SAndreas Gohr $this->htmlFilterSettings($indent+4); 598ae1afd2fSChristopher Smith ptln(' </form>', $indent); 599ae1afd2fSChristopher Smith ptln('</div>'); 600ae1afd2fSChristopher Smith 601ae1afd2fSChristopher Smith // list failures from the previous import 6023a97d936SAndreas Gohr if ($this->import_failures) { 6033a97d936SAndreas Gohr $digits = strlen(count($this->import_failures)); 604ae1afd2fSChristopher Smith ptln('<div class="level3 import_failures">', $indent); 605b59cff8bSGerrit Uitslag ptln(' <h3>'.$this->lang['import_header'].'</h3>'); 606ae1afd2fSChristopher Smith ptln(' <table class="import_failures">', $indent); 607ae1afd2fSChristopher Smith ptln(' <thead>', $indent); 608ae1afd2fSChristopher Smith ptln(' <tr>', $indent); 609ae1afd2fSChristopher Smith ptln(' <th class="line">'.$this->lang['line'].'</th>', $indent); 610ae1afd2fSChristopher Smith ptln(' <th class="error">'.$this->lang['error'].'</th>', $indent); 611ae1afd2fSChristopher Smith ptln(' <th class="userid">'.$this->lang['user_id'].'</th>', $indent); 612ae1afd2fSChristopher Smith ptln(' <th class="username">'.$this->lang['user_name'].'</th>', $indent); 613ae1afd2fSChristopher Smith ptln(' <th class="usermail">'.$this->lang['user_mail'].'</th>', $indent); 614ae1afd2fSChristopher Smith ptln(' <th class="usergroups">'.$this->lang['user_groups'].'</th>', $indent); 615ae1afd2fSChristopher Smith ptln(' </tr>', $indent); 616ae1afd2fSChristopher Smith ptln(' </thead>', $indent); 617ae1afd2fSChristopher Smith ptln(' <tbody>', $indent); 6183a97d936SAndreas Gohr foreach ($this->import_failures as $line => $failure) { 619ae1afd2fSChristopher Smith ptln(' <tr>', $indent); 620ae1afd2fSChristopher Smith ptln(' <td class="lineno"> '.sprintf('%0'.$digits.'d', $line).' </td>', $indent); 621ae1afd2fSChristopher Smith ptln(' <td class="error">' .$failure['error'].' </td>', $indent); 622ae1afd2fSChristopher Smith ptln(' <td class="field userid"> '.hsc($failure['user'][0]).' </td>', $indent); 623ae1afd2fSChristopher Smith ptln(' <td class="field username"> '.hsc($failure['user'][2]).' </td>', $indent); 624ae1afd2fSChristopher Smith ptln(' <td class="field usermail"> '.hsc($failure['user'][3]).' </td>', $indent); 625ae1afd2fSChristopher Smith ptln(' <td class="field usergroups"> '.hsc($failure['user'][4]).' </td>', $indent); 626ae1afd2fSChristopher Smith ptln(' </tr>', $indent); 627ae1afd2fSChristopher Smith } 628ae1afd2fSChristopher Smith ptln(' </tbody>', $indent); 629ae1afd2fSChristopher Smith ptln(' </table>', $indent); 630b59cff8bSGerrit Uitslag ptln(' <p><a href="'.$failure_download_link.'">'.$this->lang['import_downloadfailures'].'</a></p>'); 631ae1afd2fSChristopher Smith ptln('</div>'); 632ae1afd2fSChristopher Smith } 633ae1afd2fSChristopher Smith } 634ae1afd2fSChristopher Smith 635c5a7c0c6SGerrit Uitslag /** 636c5a7c0c6SGerrit Uitslag * Add an user to auth backend 637c5a7c0c6SGerrit Uitslag * 638c5a7c0c6SGerrit Uitslag * @return bool whether succesful 639c5a7c0c6SGerrit Uitslag */ 6403a97d936SAndreas Gohr protected function addUser() 6413a97d936SAndreas Gohr { 64200d58927SMichael Hamann global $INPUT; 643634d7150SAndreas Gohr if (!checkSecurityToken()) return false; 6443a97d936SAndreas Gohr if (!$this->auth->canDo('addUser')) return false; 6450440ff15Schris 64654cc7aa4SAndreas Gohr [$user, $pass, $name, $mail, $grps, $passconfirm] = $this->retrieveUser(); 6470440ff15Schris if (empty($user)) return false; 6486733c4d7SChris Smith 6493a97d936SAndreas Gohr if ($this->auth->canDo('modPass')) { 650c3f4fb63SGina Haeussge if (empty($pass)) { 65100d58927SMichael Hamann if ($INPUT->has('usernotify')) { 6528a285f7fSAndreas Gohr $pass = auth_pwgen($user); 653c3f4fb63SGina Haeussge } else { 65460b9901bSAndreas Gohr msg($this->lang['add_fail'], -1); 65509a5dcd6SMichael Große msg($this->lang['addUser_error_missing_pass'], -1); 65660b9901bSAndreas Gohr return false; 65760b9901bSAndreas Gohr } 65854cc7aa4SAndreas Gohr } elseif (!$this->verifyPassword($pass, $passconfirm)) { 65909a5dcd6SMichael Große msg($this->lang['add_fail'], -1); 66009a5dcd6SMichael Große msg($this->lang['addUser_error_pass_not_identical'], -1); 661359e9417SChristopher Smith return false; 662359e9417SChristopher Smith } 66354cc7aa4SAndreas Gohr } elseif (!empty($pass)) { 6646733c4d7SChris Smith msg($this->lang['add_fail'], -1); 66509a5dcd6SMichael Große msg($this->lang['addUser_error_modPass_disabled'], -1); 6666733c4d7SChris Smith return false; 6676733c4d7SChris Smith } 6686733c4d7SChris Smith 6693a97d936SAndreas Gohr if ($this->auth->canDo('modName')) { 6706733c4d7SChris Smith if (empty($name)) { 6716733c4d7SChris Smith msg($this->lang['add_fail'], -1); 67209a5dcd6SMichael Große msg($this->lang['addUser_error_name_missing'], -1); 6736733c4d7SChris Smith return false; 6746733c4d7SChris Smith } 67554cc7aa4SAndreas Gohr } elseif (!empty($name)) { 67609a5dcd6SMichael Große msg($this->lang['add_fail'], -1); 67709a5dcd6SMichael Große msg($this->lang['addUser_error_modName_disabled'], -1); 6786733c4d7SChris Smith return false; 6796733c4d7SChris Smith } 6806733c4d7SChris Smith 6813a97d936SAndreas Gohr if ($this->auth->canDo('modMail')) { 6826733c4d7SChris Smith if (empty($mail)) { 6836733c4d7SChris Smith msg($this->lang['add_fail'], -1); 68409a5dcd6SMichael Große msg($this->lang['addUser_error_mail_missing'], -1); 6856733c4d7SChris Smith return false; 6866733c4d7SChris Smith } 68754cc7aa4SAndreas Gohr } elseif (!empty($mail)) { 68809a5dcd6SMichael Große msg($this->lang['add_fail'], -1); 68909a5dcd6SMichael Große msg($this->lang['addUser_error_modMail_disabled'], -1); 6906733c4d7SChris Smith return false; 6916733c4d7SChris Smith } 6920440ff15Schris 69354cc7aa4SAndreas Gohr if ($ok = $this->auth->triggerUserMod('create', [$user, $pass, $name, $mail, $grps])) { 694a6858c6aSchris msg($this->lang['add_ok'], 1); 695a6858c6aSchris 69600d58927SMichael Hamann if ($INPUT->has('usernotify') && $pass) { 6973a97d936SAndreas Gohr $this->notifyUser($user, $pass); 698a6858c6aSchris } 699a6858c6aSchris } else { 70060b9901bSAndreas Gohr msg($this->lang['add_fail'], -1); 70109a5dcd6SMichael Große msg($this->lang['addUser_error_create_event_failed'], -1); 702a6858c6aSchris } 703a6858c6aSchris 704a6858c6aSchris return $ok; 7050440ff15Schris } 7060440ff15Schris 7070440ff15Schris /** 708c5a7c0c6SGerrit Uitslag * Delete user from auth backend 709c5a7c0c6SGerrit Uitslag * 710c5a7c0c6SGerrit Uitslag * @return bool whether succesful 7110440ff15Schris */ 7123a97d936SAndreas Gohr protected function deleteUser() 7133a97d936SAndreas Gohr { 71400d58927SMichael Hamann global $conf, $INPUT; 7159ec82636SAndreas Gohr 716634d7150SAndreas Gohr if (!checkSecurityToken()) return false; 7173a97d936SAndreas Gohr if (!$this->auth->canDo('delUser')) return false; 7180440ff15Schris 71900d58927SMichael Hamann $selected = $INPUT->arr('delete'); 72000d58927SMichael Hamann if (empty($selected)) return false; 7210440ff15Schris $selected = array_keys($selected); 7220440ff15Schris 723c9a8f912SMichael Klier if (in_array($_SERVER['REMOTE_USER'], $selected)) { 724c9a8f912SMichael Klier msg("You can't delete yourself!", -1); 725c9a8f912SMichael Klier return false; 726c9a8f912SMichael Klier } 727c9a8f912SMichael Klier 72854cc7aa4SAndreas Gohr $count = $this->auth->triggerUserMod('delete', [$selected]); 7290440ff15Schris if ($count == count($selected)) { 7300440ff15Schris $text = str_replace('%d', $count, $this->lang['delete_ok']); 7310440ff15Schris msg("$text.", 1); 7320440ff15Schris } else { 7330440ff15Schris $part1 = str_replace('%d', $count, $this->lang['delete_ok']); 7340440ff15Schris $part2 = str_replace('%d', (count($selected)-$count), $this->lang['delete_fail']); 7350440ff15Schris msg("$part1, $part2", -1); 7360440ff15Schris } 73778c7c8c9Schris 7389ec82636SAndreas Gohr // invalidate all sessions 7399ec82636SAndreas Gohr io_saveFile($conf['cachedir'].'/sessionpurge', time()); 7409ec82636SAndreas Gohr 74178c7c8c9Schris return true; 74278c7c8c9Schris } 74378c7c8c9Schris 74478c7c8c9Schris /** 74578c7c8c9Schris * Edit user (a user has been selected for editing) 746c5a7c0c6SGerrit Uitslag * 747c5a7c0c6SGerrit Uitslag * @param string $param id of the user 748c5a7c0c6SGerrit Uitslag * @return bool whether succesful 74978c7c8c9Schris */ 7503a97d936SAndreas Gohr protected function editUser($param) 7513a97d936SAndreas Gohr { 752634d7150SAndreas Gohr if (!checkSecurityToken()) return false; 7533a97d936SAndreas Gohr if (!$this->auth->canDo('UserMod')) return false; 7543a97d936SAndreas Gohr $user = $this->auth->cleanUser(preg_replace('/.*[:\/]/', '', $param)); 7553a97d936SAndreas Gohr $userdata = $this->auth->getUserData($user); 75678c7c8c9Schris 75778c7c8c9Schris // no user found? 75878c7c8c9Schris if (!$userdata) { 75978c7c8c9Schris msg($this->lang['edit_usermissing'], -1); 76078c7c8c9Schris return false; 76178c7c8c9Schris } 76278c7c8c9Schris 7633a97d936SAndreas Gohr $this->edit_user = $user; 7643a97d936SAndreas Gohr $this->edit_userdata = $userdata; 76578c7c8c9Schris 76678c7c8c9Schris return true; 7670440ff15Schris } 7680440ff15Schris 7690440ff15Schris /** 770c5a7c0c6SGerrit Uitslag * Modify user in the auth backend (modified user data has been recieved) 771c5a7c0c6SGerrit Uitslag * 772c5a7c0c6SGerrit Uitslag * @return bool whether succesful 7730440ff15Schris */ 7743a97d936SAndreas Gohr protected function modifyUser() 7753a97d936SAndreas Gohr { 77600d58927SMichael Hamann global $conf, $INPUT; 7779ec82636SAndreas Gohr 778634d7150SAndreas Gohr if (!checkSecurityToken()) return false; 7793a97d936SAndreas Gohr if (!$this->auth->canDo('UserMod')) return false; 7800440ff15Schris 78126fb387bSchris // get currently valid user data 7823a97d936SAndreas Gohr $olduser = $this->auth->cleanUser(preg_replace('/.*[:\/]/', '', $INPUT->str('userid_old'))); 7833a97d936SAndreas Gohr $oldinfo = $this->auth->getUserData($olduser); 784073766c6Smatthiasgrimm 78526fb387bSchris // get new user data subject to change 78654cc7aa4SAndreas Gohr [$newuser, $newpass, $newname, $newmail, $newgrps, $passconfirm] = $this->retrieveUser(); 787073766c6Smatthiasgrimm if (empty($newuser)) return false; 7880440ff15Schris 78954cc7aa4SAndreas Gohr $changes = []; 790073766c6Smatthiasgrimm if ($newuser != $olduser) { 7913a97d936SAndreas Gohr if (!$this->auth->canDo('modLogin')) { // sanity check, shouldn't be possible 79226fb387bSchris msg($this->lang['update_fail'], -1); 79326fb387bSchris return false; 79426fb387bSchris } 79526fb387bSchris 79626fb387bSchris // check if $newuser already exists 7973a97d936SAndreas Gohr if ($this->auth->getUserData($newuser)) { 798073766c6Smatthiasgrimm msg(sprintf($this->lang['update_exists'], $newuser), -1); 799a6858c6aSchris $re_edit = true; 8000440ff15Schris } else { 801073766c6Smatthiasgrimm $changes['user'] = $newuser; 8020440ff15Schris } 80393eefc2fSAndreas Gohr } 8043a97d936SAndreas Gohr if ($this->auth->canDo('modPass')) { 8052400ddcbSChristopher Smith if ($newpass || $passconfirm) { 8063a97d936SAndreas Gohr if ($this->verifyPassword($newpass, $passconfirm)) { 807359e9417SChristopher Smith $changes['pass'] = $newpass; 808359e9417SChristopher Smith } else { 809359e9417SChristopher Smith return false; 810359e9417SChristopher Smith } 81154cc7aa4SAndreas Gohr } elseif ($INPUT->has('usernotify')) { 812359e9417SChristopher Smith // no new password supplied, check if we need to generate one (or it stays unchanged) 813359e9417SChristopher Smith $changes['pass'] = auth_pwgen($olduser); 814359e9417SChristopher Smith } 815359e9417SChristopher Smith } 8160440ff15Schris 8173a97d936SAndreas Gohr if (!empty($newname) && $this->auth->canDo('modName') && $newname != $oldinfo['name']) { 818073766c6Smatthiasgrimm $changes['name'] = $newname; 81940d72af6SChristopher Smith } 8203a97d936SAndreas Gohr if (!empty($newmail) && $this->auth->canDo('modMail') && $newmail != $oldinfo['mail']) { 821073766c6Smatthiasgrimm $changes['mail'] = $newmail; 82240d72af6SChristopher Smith } 8233a97d936SAndreas Gohr if (!empty($newgrps) && $this->auth->canDo('modGroups') && $newgrps != $oldinfo['grps']) { 824073766c6Smatthiasgrimm $changes['grps'] = $newgrps; 82540d72af6SChristopher Smith } 8260440ff15Schris 82754cc7aa4SAndreas Gohr if ($ok = $this->auth->triggerUserMod('modify', [$olduser, $changes])) { 8280440ff15Schris msg($this->lang['update_ok'], 1); 829a6858c6aSchris 8306ed3476bSChristopher Smith if ($INPUT->has('usernotify') && !empty($changes['pass'])) { 831a6858c6aSchris $notify = empty($changes['user']) ? $olduser : $newuser; 8323a97d936SAndreas Gohr $this->notifyUser($notify, $changes['pass']); 833a6858c6aSchris } 834a6858c6aSchris 8359ec82636SAndreas Gohr // invalidate all sessions 8369ec82636SAndreas Gohr io_saveFile($conf['cachedir'].'/sessionpurge', time()); 8370440ff15Schris } else { 8380440ff15Schris msg($this->lang['update_fail'], -1); 8390440ff15Schris } 84078c7c8c9Schris 841a6858c6aSchris if (!empty($re_edit)) { 8423a97d936SAndreas Gohr $this->editUser($olduser); 8430440ff15Schris } 8440440ff15Schris 845a6858c6aSchris return $ok; 846a6858c6aSchris } 847a6858c6aSchris 848a6858c6aSchris /** 849c5a7c0c6SGerrit Uitslag * Send password change notification email 850c5a7c0c6SGerrit Uitslag * 851c5a7c0c6SGerrit Uitslag * @param string $user id of user 852c5a7c0c6SGerrit Uitslag * @param string $password plain text 853c5a7c0c6SGerrit Uitslag * @param bool $status_alert whether status alert should be shown 854c5a7c0c6SGerrit Uitslag * @return bool whether succesful 855a6858c6aSchris */ 8563a97d936SAndreas Gohr protected function notifyUser($user, $password, $status_alert = true) 8573a97d936SAndreas Gohr { 858a6858c6aSchris 859a6858c6aSchris if ($sent = auth_sendPassword($user, $password)) { 860328143f8SChristopher Smith if ($status_alert) { 861a6858c6aSchris msg($this->lang['notify_ok'], 1); 862328143f8SChristopher Smith } 86354cc7aa4SAndreas Gohr } elseif ($status_alert) { 864a6858c6aSchris msg($this->lang['notify_fail'], -1); 865a6858c6aSchris } 866a6858c6aSchris 867a6858c6aSchris return $sent; 868a6858c6aSchris } 869a6858c6aSchris 870a6858c6aSchris /** 871359e9417SChristopher Smith * Verify password meets minimum requirements 872359e9417SChristopher Smith * :TODO: extend to support password strength 873359e9417SChristopher Smith * 874359e9417SChristopher Smith * @param string $password candidate string for new password 875359e9417SChristopher Smith * @param string $confirm repeated password for confirmation 876359e9417SChristopher Smith * @return bool true if meets requirements, false otherwise 877359e9417SChristopher Smith */ 8783a97d936SAndreas Gohr protected function verifyPassword($password, $confirm) 8793a97d936SAndreas Gohr { 880be9008d3SChristopher Smith global $lang; 881359e9417SChristopher Smith 8822400ddcbSChristopher Smith if (empty($password) && empty($confirm)) { 883359e9417SChristopher Smith return false; 884359e9417SChristopher Smith } 885359e9417SChristopher Smith 886359e9417SChristopher Smith if ($password !== $confirm) { 887be9008d3SChristopher Smith msg($lang['regbadpass'], -1); 888359e9417SChristopher Smith return false; 889359e9417SChristopher Smith } 890359e9417SChristopher Smith 891359e9417SChristopher Smith // :TODO: test password for required strength 892359e9417SChristopher Smith 893359e9417SChristopher Smith // if we make it this far the password is good 894359e9417SChristopher Smith return true; 895359e9417SChristopher Smith } 896359e9417SChristopher Smith 897359e9417SChristopher Smith /** 898c5a7c0c6SGerrit Uitslag * Retrieve & clean user data from the form 899a6858c6aSchris * 900c5a7c0c6SGerrit Uitslag * @param bool $clean whether the cleanUser method of the authentication backend is applied 901a6858c6aSchris * @return array (user, password, full name, email, array(groups)) 9020440ff15Schris */ 9033a97d936SAndreas Gohr protected function retrieveUser($clean = true) 9043a97d936SAndreas Gohr { 90551ee2399SGerrit Uitslag /** @var AuthPlugin $auth */ 9067441e340SAndreas Gohr global $auth; 907fbfbbe8aSHakan Sandell global $INPUT; 9080440ff15Schris 90954cc7aa4SAndreas Gohr $user = []; 910fbfbbe8aSHakan Sandell $user[0] = ($clean) ? $auth->cleanUser($INPUT->str('userid')) : $INPUT->str('userid'); 911fbfbbe8aSHakan Sandell $user[1] = $INPUT->str('userpass'); 912fbfbbe8aSHakan Sandell $user[2] = $INPUT->str('username'); 913fbfbbe8aSHakan Sandell $user[3] = $INPUT->str('usermail'); 914fbfbbe8aSHakan Sandell $user[4] = explode(',', $INPUT->str('usergroups')); 915359e9417SChristopher Smith $user[5] = $INPUT->str('userpass2'); // repeated password for confirmation 9160440ff15Schris 9177441e340SAndreas Gohr $user[4] = array_map('trim', $user[4]); 91854cc7aa4SAndreas Gohr if ($clean) $user[4] = array_map([$auth, 'cleanGroup'], $user[4]); 9197441e340SAndreas Gohr $user[4] = array_filter($user[4]); 9207441e340SAndreas Gohr $user[4] = array_unique($user[4]); 92154cc7aa4SAndreas Gohr if ($user[4] === []) $user[4] = null; 9220440ff15Schris 9230440ff15Schris return $user; 9240440ff15Schris } 9250440ff15Schris 926c5a7c0c6SGerrit Uitslag /** 927c5a7c0c6SGerrit Uitslag * Set the filter with the current search terms or clear the filter 928c5a7c0c6SGerrit Uitslag * 929c5a7c0c6SGerrit Uitslag * @param string $op 'new' or 'clear' 930c5a7c0c6SGerrit Uitslag */ 9313a97d936SAndreas Gohr protected function setFilter($op) 9323a97d936SAndreas Gohr { 9330440ff15Schris 93454cc7aa4SAndreas Gohr $this->filter = []; 9350440ff15Schris 9360440ff15Schris if ($op == 'new') { 937a19c9aa0SGerrit Uitslag [$user, /* pass */, $name, $mail, $grps] = $this->retrieveUser(false); 9380440ff15Schris 9393a97d936SAndreas Gohr if (!empty($user)) $this->filter['user'] = $user; 9403a97d936SAndreas Gohr if (!empty($name)) $this->filter['name'] = $name; 9413a97d936SAndreas Gohr if (!empty($mail)) $this->filter['mail'] = $mail; 94254cc7aa4SAndreas Gohr if (!empty($grps)) $this->filter['grps'] = implode('|', $grps); 9430440ff15Schris } 9440440ff15Schris } 9450440ff15Schris 946c5a7c0c6SGerrit Uitslag /** 947c5a7c0c6SGerrit Uitslag * Get the current search terms 948c5a7c0c6SGerrit Uitslag * 949c5a7c0c6SGerrit Uitslag * @return array 950c5a7c0c6SGerrit Uitslag */ 9513a97d936SAndreas Gohr protected function retrieveFilter() 9523a97d936SAndreas Gohr { 953fbfbbe8aSHakan Sandell global $INPUT; 9540440ff15Schris 955fbfbbe8aSHakan Sandell $t_filter = $INPUT->arr('filter'); 9560440ff15Schris 9570440ff15Schris // messy, but this way we ensure we aren't getting any additional crap from malicious users 95854cc7aa4SAndreas Gohr $filter = []; 9590440ff15Schris 9600440ff15Schris if (isset($t_filter['user'])) $filter['user'] = $t_filter['user']; 9610440ff15Schris if (isset($t_filter['name'])) $filter['name'] = $t_filter['name']; 9620440ff15Schris if (isset($t_filter['mail'])) $filter['mail'] = $t_filter['mail']; 9630440ff15Schris if (isset($t_filter['grps'])) $filter['grps'] = $t_filter['grps']; 9640440ff15Schris 9650440ff15Schris return $filter; 9660440ff15Schris } 9670440ff15Schris 968c5a7c0c6SGerrit Uitslag /** 969c5a7c0c6SGerrit Uitslag * Validate and improve the pagination values 970c5a7c0c6SGerrit Uitslag */ 9713a97d936SAndreas Gohr protected function validatePagination() 9723a97d936SAndreas Gohr { 9730440ff15Schris 9743a97d936SAndreas Gohr if ($this->start >= $this->users_total) { 9753a97d936SAndreas Gohr $this->start = $this->users_total - $this->pagesize; 9760440ff15Schris } 9773a97d936SAndreas Gohr if ($this->start < 0) $this->start = 0; 9780440ff15Schris 9793a97d936SAndreas Gohr $this->last = min($this->users_total, $this->start + $this->pagesize); 9800440ff15Schris } 9810440ff15Schris 982c5a7c0c6SGerrit Uitslag /** 983c5a7c0c6SGerrit Uitslag * Return an array of strings to enable/disable pagination buttons 984c5a7c0c6SGerrit Uitslag * 985c5a7c0c6SGerrit Uitslag * @return array with enable/disable attributes 9860440ff15Schris */ 9873a97d936SAndreas Gohr protected function pagination() 9883a97d936SAndreas Gohr { 9890440ff15Schris 99051d94d49Schris $disabled = 'disabled="disabled"'; 99151d94d49Schris 99254cc7aa4SAndreas Gohr $buttons = []; 9933a97d936SAndreas Gohr $buttons['start'] = $buttons['prev'] = ($this->start == 0) ? $disabled : ''; 99451d94d49Schris 9953a97d936SAndreas Gohr if ($this->users_total == -1) { 99651d94d49Schris $buttons['last'] = $disabled; 99751d94d49Schris $buttons['next'] = ''; 99851d94d49Schris } else { 99964159a61SAndreas Gohr $buttons['last'] = $buttons['next'] = 10003a97d936SAndreas Gohr (($this->start + $this->pagesize) >= $this->users_total) ? $disabled : ''; 100151d94d49Schris } 10020440ff15Schris 10033a97d936SAndreas Gohr if ($this->lastdisabled) { 1004462e9e37SMichael Große $buttons['last'] = $disabled; 1005462e9e37SMichael Große } 1006462e9e37SMichael Große 10070440ff15Schris return $buttons; 10080440ff15Schris } 10095c967d3dSChristopher Smith 1010c5a7c0c6SGerrit Uitslag /** 1011c5a7c0c6SGerrit Uitslag * Export a list of users in csv format using the current filter criteria 10125c967d3dSChristopher Smith */ 10133a97d936SAndreas Gohr protected function exportCSV() 10143a97d936SAndreas Gohr { 10155c967d3dSChristopher Smith // list of users for export - based on current filter criteria 10163a97d936SAndreas Gohr $user_list = $this->auth->retrieveUsers(0, 0, $this->filter); 101754cc7aa4SAndreas Gohr $column_headings = [ 10185c967d3dSChristopher Smith $this->lang["user_id"], 10195c967d3dSChristopher Smith $this->lang["user_name"], 10205c967d3dSChristopher Smith $this->lang["user_mail"], 10215c967d3dSChristopher Smith $this->lang["user_groups"] 102254cc7aa4SAndreas Gohr ]; 10235c967d3dSChristopher Smith 10245c967d3dSChristopher Smith // ============================================================================================== 10255c967d3dSChristopher Smith // GENERATE OUTPUT 10265c967d3dSChristopher Smith // normal headers for downloading... 10275c967d3dSChristopher Smith header('Content-type: text/csv;charset=utf-8'); 10285c967d3dSChristopher Smith header('Content-Disposition: attachment; filename="wikiusers.csv"'); 10295c967d3dSChristopher Smith# // for debugging assistance, send as text plain to the browser 10305c967d3dSChristopher Smith# header('Content-type: text/plain;charset=utf-8'); 10315c967d3dSChristopher Smith 10325c967d3dSChristopher Smith // output the csv 10335c967d3dSChristopher Smith $fd = fopen('php://output', 'w'); 10345c967d3dSChristopher Smith fputcsv($fd, $column_headings); 10355c967d3dSChristopher Smith foreach ($user_list as $user => $info) { 103654cc7aa4SAndreas Gohr $line = [$user, $info['name'], $info['mail'], implode(',', $info['grps'])]; 10375c967d3dSChristopher Smith fputcsv($fd, $line); 10385c967d3dSChristopher Smith } 10395c967d3dSChristopher Smith fclose($fd); 10403a97d936SAndreas Gohr if (defined('DOKU_UNITTEST')) { 10413a97d936SAndreas Gohr return; 10423a97d936SAndreas Gohr } 1043b2c01466SChristopher Smith 10445c967d3dSChristopher Smith die; 10455c967d3dSChristopher Smith } 1046ae1afd2fSChristopher Smith 1047c5a7c0c6SGerrit Uitslag /** 1048c5a7c0c6SGerrit Uitslag * Import a file of users in csv format 1049ae1afd2fSChristopher Smith * 1050ae1afd2fSChristopher Smith * csv file should have 4 columns, user_id, full name, email, groups (comma separated) 1051c5a7c0c6SGerrit Uitslag * 10525ba64050SChristopher Smith * @return bool whether successful 1053ae1afd2fSChristopher Smith */ 10543a97d936SAndreas Gohr protected function importCSV() 10553a97d936SAndreas Gohr { 1056ae1afd2fSChristopher Smith // check we are allowed to add users 1057ae1afd2fSChristopher Smith if (!checkSecurityToken()) return false; 10583a97d936SAndreas Gohr if (!$this->auth->canDo('addUser')) return false; 1059ae1afd2fSChristopher Smith 1060ae1afd2fSChristopher Smith // check file uploaded ok. 1061*7d34963bSAndreas Gohr if ( 1062*7d34963bSAndreas Gohr empty($_FILES['import']['size']) || 10633a97d936SAndreas Gohr !empty($_FILES['import']['error']) && $this->isUploadedFile($_FILES['import']['tmp_name']) 106464159a61SAndreas Gohr ) { 1065ae1afd2fSChristopher Smith msg($this->lang['import_error_upload'], -1); 1066ae1afd2fSChristopher Smith return false; 1067ae1afd2fSChristopher Smith } 1068ae1afd2fSChristopher Smith // retrieve users from the file 106954cc7aa4SAndreas Gohr $this->import_failures = []; 1070ae1afd2fSChristopher Smith $import_success_count = 0; 1071ae1afd2fSChristopher Smith $import_fail_count = 0; 1072ae1afd2fSChristopher Smith $line = 0; 1073ae1afd2fSChristopher Smith $fd = fopen($_FILES['import']['tmp_name'], 'r'); 1074ae1afd2fSChristopher Smith if ($fd) { 1075ae1afd2fSChristopher Smith while ($csv = fgets($fd)) { 107654cc7aa4SAndreas Gohr if (!Clean::isUtf8($csv)) { 1077efcec72bSChristopher Smith $csv = utf8_encode($csv); 1078efcec72bSChristopher Smith } 1079d0c0a5c4SAnika Henke $raw = str_getcsv($csv); 1080ae1afd2fSChristopher Smith $error = ''; // clean out any errors from the previous line 1081ae1afd2fSChristopher Smith // data checks... 1082ae1afd2fSChristopher Smith if (1 == ++$line) { 1083ae1afd2fSChristopher Smith if ($raw[0] == 'user_id' || $raw[0] == $this->lang['user_id']) continue; // skip headers 1084ae1afd2fSChristopher Smith } 1085ae1afd2fSChristopher Smith if (count($raw) < 4) { // need at least four fields 1086ae1afd2fSChristopher Smith $import_fail_count++; 1087ae1afd2fSChristopher Smith $error = sprintf($this->lang['import_error_fields'], count($raw)); 108854cc7aa4SAndreas Gohr $this->import_failures[$line] = ['error' => $error, 'user' => $raw, 'orig' => $csv]; 1089ae1afd2fSChristopher Smith continue; 1090ae1afd2fSChristopher Smith } 1091ae1afd2fSChristopher Smith array_splice($raw, 1, 0, auth_pwgen()); // splice in a generated password 10923a97d936SAndreas Gohr $clean = $this->cleanImportUser($raw, $error); 10933a97d936SAndreas Gohr if ($clean && $this->importUser($clean, $error)) { 10943a97d936SAndreas Gohr $sent = $this->notifyUser($clean[0], $clean[1], false); 1095328143f8SChristopher Smith if (!$sent) { 1096328143f8SChristopher Smith msg(sprintf($this->lang['import_notify_fail'], $clean[0], $clean[3]), -1); 1097328143f8SChristopher Smith } 1098ae1afd2fSChristopher Smith $import_success_count++; 1099ae1afd2fSChristopher Smith } else { 1100ae1afd2fSChristopher Smith $import_fail_count++; 1101e73725baSChristopher Smith array_splice($raw, 1, 1); // remove the spliced in password 110254cc7aa4SAndreas Gohr $this->import_failures[$line] = ['error' => $error, 'user' => $raw, 'orig' => $csv]; 1103ae1afd2fSChristopher Smith } 1104ae1afd2fSChristopher Smith } 110564159a61SAndreas Gohr msg( 110664159a61SAndreas Gohr sprintf( 110764159a61SAndreas Gohr $this->lang['import_success_count'], 110864159a61SAndreas Gohr ($import_success_count + $import_fail_count), 110964159a61SAndreas Gohr $import_success_count 111064159a61SAndreas Gohr ), 111164159a61SAndreas Gohr ($import_success_count ? 1 : -1) 111264159a61SAndreas Gohr ); 1113ae1afd2fSChristopher Smith if ($import_fail_count) { 1114ae1afd2fSChristopher Smith msg(sprintf($this->lang['import_failure_count'], $import_fail_count), -1); 1115ae1afd2fSChristopher Smith } 1116ae1afd2fSChristopher Smith } else { 1117ae1afd2fSChristopher Smith msg($this->lang['import_error_readfail'], -1); 1118ae1afd2fSChristopher Smith } 1119ae1afd2fSChristopher Smith 1120ae1afd2fSChristopher Smith // save import failures into the session 1121ae1afd2fSChristopher Smith if (!headers_sent()) { 1122ae1afd2fSChristopher Smith session_start(); 11233a97d936SAndreas Gohr $_SESSION['import_failures'] = $this->import_failures; 1124ae1afd2fSChristopher Smith session_write_close(); 1125ae1afd2fSChristopher Smith } 1126c5a7c0c6SGerrit Uitslag return true; 1127ae1afd2fSChristopher Smith } 1128ae1afd2fSChristopher Smith 1129c5a7c0c6SGerrit Uitslag /** 1130786dfb0eSGerrit Uitslag * Returns cleaned user data 1131c5a7c0c6SGerrit Uitslag * 1132c5a7c0c6SGerrit Uitslag * @param array $candidate raw values of line from input file 1133253d4b48SGerrit Uitslag * @param string $error 1134253d4b48SGerrit Uitslag * @return array|false cleaned data or false 1135c5a7c0c6SGerrit Uitslag */ 11363a97d936SAndreas Gohr protected function cleanImportUser($candidate, &$error) 11373a97d936SAndreas Gohr { 1138ae1afd2fSChristopher Smith global $INPUT; 1139ae1afd2fSChristopher Smith 11403a97d936SAndreas Gohr // FIXME kludgy .... 1141ae1afd2fSChristopher Smith $INPUT->set('userid', $candidate[0]); 1142ae1afd2fSChristopher Smith $INPUT->set('userpass', $candidate[1]); 1143ae1afd2fSChristopher Smith $INPUT->set('username', $candidate[2]); 1144ae1afd2fSChristopher Smith $INPUT->set('usermail', $candidate[3]); 1145ae1afd2fSChristopher Smith $INPUT->set('usergroups', $candidate[4]); 1146ae1afd2fSChristopher Smith 11473a97d936SAndreas Gohr $cleaned = $this->retrieveUser(); 114854cc7aa4SAndreas Gohr [$user, /* pass */ , $name, $mail, /* grps */ ] = $cleaned; 1149ae1afd2fSChristopher Smith if (empty($user)) { 1150ae1afd2fSChristopher Smith $error = $this->lang['import_error_baduserid']; 1151ae1afd2fSChristopher Smith return false; 1152ae1afd2fSChristopher Smith } 1153ae1afd2fSChristopher Smith 1154ae1afd2fSChristopher Smith // no need to check password, handled elsewhere 1155ae1afd2fSChristopher Smith 11563a97d936SAndreas Gohr if (!($this->auth->canDo('modName') xor empty($name))) { 1157ae1afd2fSChristopher Smith $error = $this->lang['import_error_badname']; 1158ae1afd2fSChristopher Smith return false; 1159ae1afd2fSChristopher Smith } 1160ae1afd2fSChristopher Smith 11613a97d936SAndreas Gohr if ($this->auth->canDo('modMail')) { 1162328143f8SChristopher Smith if (empty($mail) || !mail_isvalid($mail)) { 1163ae1afd2fSChristopher Smith $error = $this->lang['import_error_badmail']; 1164ae1afd2fSChristopher Smith return false; 1165ae1afd2fSChristopher Smith } 116654cc7aa4SAndreas Gohr } elseif (!empty($mail)) { 1167328143f8SChristopher Smith $error = $this->lang['import_error_badmail']; 1168328143f8SChristopher Smith return false; 1169328143f8SChristopher Smith } 1170ae1afd2fSChristopher Smith 1171ae1afd2fSChristopher Smith return $cleaned; 1172ae1afd2fSChristopher Smith } 1173ae1afd2fSChristopher Smith 1174c5a7c0c6SGerrit Uitslag /** 1175c5a7c0c6SGerrit Uitslag * Adds imported user to auth backend 1176c5a7c0c6SGerrit Uitslag * 1177c5a7c0c6SGerrit Uitslag * Required a check of canDo('addUser') before 1178c5a7c0c6SGerrit Uitslag * 1179c5a7c0c6SGerrit Uitslag * @param array $user data of user 1180c5a7c0c6SGerrit Uitslag * @param string &$error reference catched error message 11815ba64050SChristopher Smith * @return bool whether successful 1182c5a7c0c6SGerrit Uitslag */ 11833a97d936SAndreas Gohr protected function importUser($user, &$error) 11843a97d936SAndreas Gohr { 11853a97d936SAndreas Gohr if (!$this->auth->triggerUserMod('create', $user)) { 1186ae1afd2fSChristopher Smith $error = $this->lang['import_error_create']; 1187ae1afd2fSChristopher Smith return false; 1188ae1afd2fSChristopher Smith } 1189ae1afd2fSChristopher Smith 1190ae1afd2fSChristopher Smith return true; 1191ae1afd2fSChristopher Smith } 1192ae1afd2fSChristopher Smith 1193c5a7c0c6SGerrit Uitslag /** 1194c5a7c0c6SGerrit Uitslag * Downloads failures as csv file 1195c5a7c0c6SGerrit Uitslag */ 11963a97d936SAndreas Gohr protected function downloadImportFailures() 11973a97d936SAndreas Gohr { 1198ae1afd2fSChristopher Smith 1199ae1afd2fSChristopher Smith // ============================================================================================== 1200ae1afd2fSChristopher Smith // GENERATE OUTPUT 1201ae1afd2fSChristopher Smith // normal headers for downloading... 1202ae1afd2fSChristopher Smith header('Content-type: text/csv;charset=utf-8'); 1203ae1afd2fSChristopher Smith header('Content-Disposition: attachment; filename="importfails.csv"'); 1204ae1afd2fSChristopher Smith# // for debugging assistance, send as text plain to the browser 1205ae1afd2fSChristopher Smith# header('Content-type: text/plain;charset=utf-8'); 1206ae1afd2fSChristopher Smith 1207ae1afd2fSChristopher Smith // output the csv 1208ae1afd2fSChristopher Smith $fd = fopen('php://output', 'w'); 12093a97d936SAndreas Gohr foreach ($this->import_failures as $fail) { 121054cc7aa4SAndreas Gohr fwrite($fd, $fail['orig']); 1211ae1afd2fSChristopher Smith } 1212ae1afd2fSChristopher Smith fclose($fd); 1213ae1afd2fSChristopher Smith die; 1214ae1afd2fSChristopher Smith } 1215ae1afd2fSChristopher Smith 1216b2c01466SChristopher Smith /** 1217b2c01466SChristopher Smith * wrapper for is_uploaded_file to facilitate overriding by test suite 1218253d4b48SGerrit Uitslag * 1219253d4b48SGerrit Uitslag * @param string $file filename 1220253d4b48SGerrit Uitslag * @return bool 1221b2c01466SChristopher Smith */ 12223a97d936SAndreas Gohr protected function isUploadedFile($file) 12233a97d936SAndreas Gohr { 1224b2c01466SChristopher Smith return is_uploaded_file($file); 1225b2c01466SChristopher Smith } 12260440ff15Schris} 1227