mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Added a way to disable a user.

This commit is contained in:
terry%mozilla.org 2000-01-18 22:41:26 +00:00
Родитель 3cbacfb69a
Коммит 185b1561a8
3 изменённых файлов: 93 добавлений и 24 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

32
webtools/bugzilla/CGI.pl
Просмотреть файл

@ -487,6 +487,7 @@ sub PasswordForLogin {
sub quietly_check_login() { sub quietly_check_login() {
$::usergroupset = '0'; $::usergroupset = '0';
my $loginok = 0; my $loginok = 0;
$::disabledreason = '';
if (defined $::COOKIE{"Bugzilla_login"} && if (defined $::COOKIE{"Bugzilla_login"} &&
defined $::COOKIE{"Bugzilla_logincookie"}) { defined $::COOKIE{"Bugzilla_logincookie"}) {
ConnectToDatabase(); ConnectToDatabase();
@ -499,16 +500,23 @@ sub quietly_check_login() {
" and profiles.cryptpassword = logincookies.cryptpassword " . " and profiles.cryptpassword = logincookies.cryptpassword " .
"and logincookies.hostname = " . "and logincookies.hostname = " .
SqlQuote($ENV{"REMOTE_HOST"}) . SqlQuote($ENV{"REMOTE_HOST"}) .
", profiles.disabledtext " .
" from profiles,logincookies where logincookies.cookie = " . " from profiles,logincookies where logincookies.cookie = " .
SqlQuote($::COOKIE{"Bugzilla_logincookie"}) . SqlQuote($::COOKIE{"Bugzilla_logincookie"}) .
" and profiles.userid = logincookies.userid"); " and profiles.userid = logincookies.userid");
my @row; my @row;
if (@row = FetchSQLData()) { if (@row = FetchSQLData()) {
$loginok = $row[2]; my ($groupset, $loginname, $ok, $disabledtext) = (@row);
if ($loginok) { if ($ok) {
$::usergroupset = $row[0]; if ($disabledtext eq '') {
$::COOKIE{"Bugzilla_login"} = $row[1]; # Makes sure case is in $loginok = 1;
$::usergroupset = $groupset;
$::COOKIE{"Bugzilla_login"} = $loginname; # Makes sure case
# is in
# canonical form. # canonical form.
} else {
$::disabledreason = $disabledtext;
}
} }
} }
} }
@ -639,6 +647,22 @@ sub confirm_login {
my $loginok = quietly_check_login(); my $loginok = quietly_check_login();
if ($loginok != 1) { if ($loginok != 1) {
if ($::disabledreason) {
print "Set-Cookie: Bugzilla_login= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
Set-Cookie: Bugzilla_logincookie= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
Content-type: text/html
";
PutHeader("Your account has been disabled");
print $::disabledreason;
print "<HR>\n";
print "If you believe your account should be restored, please\n";
print "send email to " . Param("maintainer") . " explaining\n";
print "why.\n";
PutFooter();
exit();
}
print "Content-type: text/html\n\n"; print "Content-type: text/html\n\n";
PutHeader("Login", undef, undef, undef, 1); PutHeader("Login", undef, undef, undef, 1);
print "I need a legitimate e-mail address and password to continue.\n"; print "I need a legitimate e-mail address and password to continue.\n";

7
webtools/bugzilla/checksetup.pl
Просмотреть файл

@ -625,6 +625,7 @@ $table{profiles} =
realname varchar(255), realname varchar(255),
groupset bigint not null, groupset bigint not null,
emailnotification enum("ExcludeSelfChanges", "CConly", "All") not null default "ExcludeSelfChanges", emailnotification enum("ExcludeSelfChanges", "CConly", "All") not null default "ExcludeSelfChanges",
disabledtext mediumtext not null,
index(login_name)'; index(login_name)';
@ -1026,6 +1027,12 @@ if (!GetFieldDef('bugs', 'keywords')) {
} }
# 2000-01-18 Added a "disabledtext" field to the profiles table. If not
# empty, then this account has been disabled, and this field is to contain
# text describing why.
AddField('profiles', 'disabledtext', 'mediumtext not null');
# #

64
webtools/bugzilla/editusers.cgi
Просмотреть файл

@ -73,9 +73,10 @@ sub CheckUser ($)
# Displays the form to edit a user parameters # Displays the form to edit a user parameters
# #
sub EmitFormElements ($$$$$) sub EmitFormElements ($$$$$$)
{ {
my ($user, $password, $realname, $groupset, $emailnotification) = @_; my ($user, $password, $realname, $groupset, $emailnotification,
$disabledtext) = @_;
print " <TH ALIGN=\"right\">Login name:</TH>\n"; print " <TH ALIGN=\"right\">Login name:</TH>\n";
print " <TD><INPUT SIZE=64 MAXLENGTH=255 NAME=\"user\" VALUE=\"$user\"></TD>\n"; print " <TD><INPUT SIZE=64 MAXLENGTH=255 NAME=\"user\" VALUE=\"$user\"></TD>\n";
@ -102,6 +103,15 @@ sub EmitFormElements ($$$$$)
print qq{<OPTION$selectpart VALUE="$tag">$desc\n}; print qq{<OPTION$selectpart VALUE="$tag">$desc\n};
} }
print "</SELECT></TD>\n"; print "</SELECT></TD>\n";
print "</TR><TR>\n";
print " <TH ALIGN=\"right\">Disable text:</TH>\n";
print " <TD ROWSPAN=2><TEXTAREA NAME=\"disabledtext\" ROWS=10 COLS=60>" .
value_quote($disabledtext) . "</TEXTAREA>\n";
print " </TD>\n";
print "</TR><TR>\n";
print " <TD VALIGN=\"top\">If non-empty, then the account will\n";
print "be disabled, and this text should explain why.</TD>\n";
SendSQL("SELECT bit,name,description,bit & $groupset != 0 SendSQL("SELECT bit,name,description,bit & $groupset != 0
FROM groups FROM groups
@ -182,7 +192,7 @@ my $candelete = Param('allowuserdeletion');
unless ($action) { unless ($action) {
PutHeader("Select match string"); PutHeader("Select match string");
print qq{ print qq{
<FORM METHOD=POST ACTION="editusers.cgi"> <FORM METHOD=GET ACTION="editusers.cgi">
<INPUT TYPE=HIDDEN NAME="action" VALUE="list"> <INPUT TYPE=HIDDEN NAME="action" VALUE="list">
List users with login name matching: List users with login name matching:
<INPUT SIZE=32 NAME="matchstr"> <INPUT SIZE=32 NAME="matchstr">
@ -205,7 +215,8 @@ List users with login name matching:
if ($action eq 'list') { if ($action eq 'list') {
PutHeader("Select user"); PutHeader("Select user");
my $query = "SELECT login_name,realname FROM profiles WHERE login_name "; my $query = "SELECT login_name,realname,disabledtext " .
"FROM profiles WHERE login_name ";
if ($::FORM{'matchtype'} eq 'substr') { if ($::FORM{'matchtype'} eq 'substr') {
$query .= "like"; $query .= "like";
$::FORM{'matchstr'} = '%' . $::FORM{'matchstr'} . '%'; $::FORM{'matchstr'} = '%' . $::FORM{'matchstr'} . '%';
@ -234,11 +245,17 @@ if ($action eq 'list') {
if ($count % 100 == 0) { if ($count % 100 == 0) {
print "</table>$header"; print "</table>$header";
} }
my ($user, $realname) = FetchSQLData(); my ($user, $realname, $disabledtext) = FetchSQLData();
my $s = "";
my $e = "";
if ($disabledtext) {
$s = "<STRIKE>";
$e = "</STRIKE>";
}
$realname ||= "<FONT COLOR=\"red\">missing</FONT>"; $realname ||= "<FONT COLOR=\"red\">missing</FONT>";
print "<TR>\n"; print "<TR>\n";
print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=edit&user=", url_quote($user), "\"><B>$user</B></A></TD>\n"; print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=edit&user=", url_quote($user), "\"><B>$s$user$e</B></A></TD>\n";
print " <TD VALIGN=\"top\">$realname</TD>\n"; print " <TD VALIGN=\"top\">$s$realname$e</TD>\n";
if ($candelete) { if ($candelete) {
print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=del&user=", url_quote($user), "\">Delete</A></TD>\n"; print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=del&user=", url_quote($user), "\">Delete</A></TD>\n";
} }
@ -273,7 +290,7 @@ if ($action eq 'add') {
print "<FORM METHOD=POST ACTION=editusers.cgi>\n"; print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements('', '', '', 0, 'ExcludeSelfChanges'); EmitFormElements('', '', '', 0, 'ExcludeSelfChanges', '');
print "</TR></TABLE>\n<HR>\n"; print "</TR></TABLE>\n<HR>\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n"; print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
@ -298,6 +315,7 @@ if ($action eq 'new') {
# Cleanups and valididy checks # Cleanups and valididy checks
my $realname = trim($::FORM{realname} || ''); my $realname = trim($::FORM{realname} || '');
my $password = trim($::FORM{password} || ''); my $password = trim($::FORM{password} || '');
my $disabledtext = trim($::FORM{disabledtext} || '');
unless ($user) { unless ($user) {
print "You must enter a name for the new user. Please press\n"; print "You must enter a name for the new user. Please press\n";
@ -335,13 +353,15 @@ if ($action eq 'new') {
# Add the new user # Add the new user
SendSQL("INSERT INTO profiles ( " . SendSQL("INSERT INTO profiles ( " .
"login_name, password, cryptpassword, realname, groupset" . "login_name, password, cryptpassword, realname, groupset, " .
"disabledtext" .
" ) VALUES ( " . " ) VALUES ( " .
SqlQuote($user) . "," . SqlQuote($user) . "," .
SqlQuote($password) . "," . SqlQuote($password) . "," .
"encrypt(" . SqlQuote($password) . ")," . "encrypt(" . SqlQuote($password) . ")," .
SqlQuote($realname) . "," . SqlQuote($realname) . "," .
$bits . ")" ); $bits . "," .
SqlQuote($disabledtext) . ")" );
#+++ send e-mail away #+++ send e-mail away
@ -525,16 +545,18 @@ if ($action eq 'edit') {
CheckUser($user); CheckUser($user);
# get data of user # get data of user
SendSQL("SELECT password, realname, groupset, emailnotification SendSQL("SELECT password, realname, groupset, emailnotification,
disabledtext
FROM profiles FROM profiles
WHERE login_name=" . SqlQuote($user)); WHERE login_name=" . SqlQuote($user));
my ($password, $realname, $groupset, $emailnotification) = FetchSQLData(); my ($password, $realname, $groupset, $emailnotification,
$disabledtext) = FetchSQLData();
print "<FORM METHOD=POST ACTION=editusers.cgi>\n"; print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n"; print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements($user, $password, $realname, $groupset, EmitFormElements($user, $password, $realname, $groupset,
$emailnotification); $emailnotification, $disabledtext);
print "</TR></TABLE>\n"; print "</TR></TABLE>\n";
@ -543,6 +565,8 @@ if ($action eq 'edit') {
print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"groupsetold\" VALUE=\"$groupset\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"groupsetold\" VALUE=\"$groupset\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"emailnotificationold\" VALUE=\"$emailnotification\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"emailnotificationold\" VALUE=\"$emailnotification\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"disabledtextold\" VALUE=\"" .
value_quote($disabledtext) . "\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"update\">\n"; print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"update\">\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Update\">\n"; print "<INPUT TYPE=SUBMIT VALUE=\"Update\">\n";
@ -568,6 +592,8 @@ if ($action eq 'update') {
my $passwordold = trim($::FORM{passwordold} || ''); my $passwordold = trim($::FORM{passwordold} || '');
my $emailnotification = trim($::FORM{emailnotification} || ''); my $emailnotification = trim($::FORM{emailnotification} || '');
my $emailnotificationold = trim($::FORM{emailnotificationold} || ''); my $emailnotificationold = trim($::FORM{emailnotificationold} || '');
my $disabledtext = trim($::FORM{disabledtext} || '');
my $disabledtextold = trim($::FORM{disabledtextold} || '');
my $groupsetold = trim($::FORM{groupsetold} || ''); my $groupsetold = trim($::FORM{groupsetold} || '');
my $groupset = "0"; my $groupset = "0";
@ -609,6 +635,18 @@ if ($action eq 'update') {
WHERE login_name=" . SqlQuote($userold)); WHERE login_name=" . SqlQuote($userold));
print "Updated real name.<BR>\n"; print "Updated real name.<BR>\n";
} }
if ($disabledtext ne $disabledtextold) {
SendSQL("UPDATE profiles
SET disabledtext=" . SqlQuote($disabledtext) . "
WHERE login_name=" . SqlQuote($userold));
SendSQL("SELECT userid
FROM profiles
WHERE login_name=" . SqlQuote($user));
my $userid = FetchOneColumn();
SendSQL("DELETE FROM logincookies
WHERE userid=" . $userid);
print "Updated disabled text.<BR>\n";
}
if ($user ne $userold) { if ($user ne $userold) {
unless ($user) { unless ($user) {
print "Sorry, I can't delete the user's name."; print "Sorry, I can't delete the user's name.";