<?php include_once("include/db.php"); # Return list of wisp users function getWiSPUsers($params) { global $db; # Filters and sorts are the same here $filtersorts = array( 'Username' => 'users.Username', 'Disabled' => 'users.Disabled', 'ID' => 'wisp_userdata.UserID', 'Firstname' => 'wisp_userdata.Firstname', 'Lastname' => 'wisp_userdata.Lastname', 'Email' => 'wisp_userdata.Email', 'Phone' => 'wisp_userdata.Phone' ); $res = DBSelectSearch(" SELECT users.Username, users.Disabled, wisp_userdata.UserID, wisp_userdata.FirstName, wisp_userdata.LastName, wisp_userdata.Email, wisp_userdata.Phone FROM users, wisp_userdata WHERE wisp_userdata.UserID = users.ID ",$params[1],$filtersorts,$filtersorts ); $sth = $res[0]; $numResults = $res[1]; # If STH is blank, return the error back to whoever requested the data if (!isset($sth)) { return $res; } $resultArray = array(); # loop through rows while ($row = $sth->fetchObject()) { $item = array(); $item['ID'] = $row->userid; $item['Username'] = $row->username; $item['Disabled'] = $row->disabled; $item['Firstname'] = $row->firstname; $item['Lastname'] = $row->lastname; $item['Email'] = $row->email; $item['Phone'] = $row->phone; # push this row onto array array_push($resultArray,$item); } return array($resultArray,$numResults); } # Return specific wisp user row function getWiSPUser($params) { global $db; # Query for userdata and username $res = DBSelect(" SELECT wisp_userdata.UserID, wisp_userdata.FirstName, wisp_userdata.LastName, wisp_userdata.Phone, wisp_userdata.Email, users.Username FROM wisp_userdata, users WHERE wisp_userdata.UserID = ? AND users.ID = wisp_userdata.UserID ",array($params[0]) ); if (!is_object($res)) { return $res; } $resultArray = array(); $row = $res->fetchObject(); # Set userdata fields $resultArray['ID'] = $row->userid; $resultArray['Username'] = $row->username; $resultArray['Firstname'] = $row->firstname; $resultArray['Lastname'] = $row->lastname; $resultArray['Phone'] = $row->phone; $resultArray['Email'] = $row->email; $resultArray['Attributes'] = array(); # Query to get user password $res = DBSelect(" SELECT user_attributes.Value FROM user_attributes WHERE user_attributes.Name = 'User-Password' AND user_attributes.UserID = ? ",array($params[0]) ); if (!is_object($res)) { return $res; } # Set user password field $row = $res->fetchObject(); $resultArray['Password'] = $row->value; # Query to get all other attributes $res = DBSelect(" SELECT user_attributes.ID, user_attributes.Name, user_attributes.Operator, user_attributes.Value FROM user_attributes WHERE user_attributes.UserID = ? ",array($params[0]) ); if (!is_object($res)) { return $res; } $i = 0; # Array for multiple attributes while ($row = $res->fetchObject()) { $resultsArray['Attributes'][$i]['ID'] = $row->id; $resultsArray['Attributes'][$i]['Name'] = $row->name; $resultsArray['Attributes'][$i]['Operator'] = $row->operator; $resultsArray['Attributes'][$i]['Value'] = $row->value; $i++; } $numResults = $res->rowCount(); return array($resultArray,$numResults); } # Remove wisp user function removeWiSPUser($params) { global $db; DBBegin(); $res = DBDo("DELETE FROM wisp_userdata WHERE UserID = ?",array($params[0])); if ($res !== FALSE) { $res = DBDo("DELETE FROM users WHERE ID = ?",array($params[0])); } else { DBRollback(); return $res; } if ($res !== FALSE) { DBCommit(); return $res; } else { DBRollback(); } return NULL; } # Add wisp user function createWiSPUser($params) { global $db; DBBegin(); # Insert username $res = DBDo("INSERT INTO users (Username) VALUES (?)",array($params[0]['Username'])); if ($res !== FALSE) { $res = "Failed to add 'Username'"; } # Continue with others if successful if ($res !== FALSE) { $userID = DBLastInsertID(); $res = DBDo(" INSERT INTO user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)", array($userID, 'User-Password', '==', $params[0]['Password']) ); if ($res !== FALSE) { $res = "Failed to add 'User-Password' attribute"; } } # Link users ID to make user a wisp user if ($res !== FALSE) { $res = DBDo("INSERT INTO wisp_userdata (UserID) VALUES (?)",array($userID)); if ($res !== FALSE) { $res = "Failed to link to wisp users"; } } # Personal information is optional when adding if ($res !== FALSE && isset($params[0]['Firstname'])) { $res = DBDo("UPDATE wisp_userdata SET FirstName = ? WHERE UserID = ?",array($params[0]['Firstname'],$userID)); if ($res !== FALSE) { $res = "Failed to add 'Firstname'"; } } if ($res !== FALSE && isset($params[0]['Lastname'])) { $res = DBDo("UPDATE wisp_userdata SET LastName = ? WHERE UserID = ?",array($params[0]['Lastname'],$userID)); if ($res !== FALSE) { $res = "Failed to add 'Lastname'"; } } if ($res !== FALSE && isset($params[0]['Phone'])) { $res = DBDo("UPDATE wisp_userdata SET Phone = ? WHERE UserID = ?",array($params[0]['Phone'],$userID)); if ($res !== FALSE) { $res = "Failed to add 'Phone'"; } } if ($res !== FALSE && isset($params[0]['Email'])) { $res = DBDo("UPDATE wisp_userdata SET Email = ? WHERE UserID = ?",array($params[0]['Email'],$userID)); if ($res !== FALSE) { $res = "Failed to add 'Email'"; } } # Grab each attribute and add it's details to the database if ($res !== FALSE && isset($params[0]['Attributes'])) { foreach ($params[0]['Attributes'] as $attr) { $res = DBDo(" INSERT INTO user_attributes (UserID,Name,Operator,Value) VALUES (?,?,?,?)", array( $userID, $attr['Name'], $attr['Operator'], $attr['Value']) ); if ($res !== FALSE) { $res = "Failed to add 'Attribute'"; } } } # Link user to groups if any selected if (isset($params[0]['Groups'])) { $refinedGroups = array(); # Filter out unique group ID's foreach ($params[0]['Groups'] as $groupID) { $refinedGroups[$groupID] = $groupID; } foreach ($refinedGroups as $groupID) { if ($res !== FALSE) { $res = DBDo("INSERT INTO users_to_groups (UserID,GroupID) VALUES (?,?)",array($userID,$groupID['Name'])); if ($res !== FALSE) { $res = "Failed to add 'Group'"; } } } } # Commit changes if all was successful, else break if ($res === TRUE) { DBCommit(); return NULL; } else { DBRollback(); } return $res; } # Edit admin group function updateWiSPUser($params) { global $db; DBBegin(); $res = DBDo("UPDATE users SET Username = ? WHERE ID = ?",array($params[0]['Username'],$params[0]['ID'])); if ($res !== FALSE) { DBDo("UPDATE user_attributes SET User-Password = ? WHERE UserID = ?",array($params[0]['Username'],$params[0]['ID'])); } if ($res !== FALSE) { DBDo(" UPDATE wisp_userdata SET FirstName = ?, LastName = ?, Phone = ?, Email = ? WHERE UserID = ?", array($params[0]['Firstname'], $params[0]['Lastname'], $params[0]['Phone'], $params[0]['Email'], $params[0]['ID']) ); } # Commit changes if all was successful, else break if ($res !== FALSE) { DBCommit(); return $res; } else { DBRollback(); } return NULL; } # vim: ts=4