UsersController::doSaveCreate() - Code Metrics - Inspection of "styling improvements" - HuasoFoundries/phpPgAdmin6 - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — develop ( 51bd2c...501708 )

by Felipe

created 2018-04-20 11:40 UTC

UsersController::doSaveCreate() B

↳ Parent: UsersController

Complexity

Conditions	4
Paths	4

Size

Total Lines	22
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	22
rs	8.9197
c	0
b	0
f	0
cc	4
eloc	16
nc	4
nop	0

<?php

/**
 * PHPPgAdmin v6.0.0-beta.40
 */

namespace PHPPgAdmin\Controller;

use PHPPgAdmin\Decorators\Decorator;

/**
 * Base controller class.
 *
 * @package PHPPgAdmin
 */
class UsersController extends BaseController
{
    public $controller_name = 'UsersController';

    /**
     * Default method to render the controller according to the action parameter.
     */
    public function render()
    {
        $this->printHeader($this->lang['strusers']);
        $this->printBody();

        switch ($this->action) {
            case 'changepassword':
                if (isset($_REQUEST['ok'])) {
                    $this->doChangePassword(false);
                } else {
                    $this->doAccount();
                }

                break;
            case 'confchangepassword':
                $this->doChangePassword(true);

                break;
            case 'account':
                $this->doAccount();

                break;
            case 'save_create':
                if (isset($_REQUEST['cancel'])) {
                    $this->doDefault();
                } else {
                    $this->doSaveCreate();
                }

                break;
            case 'create':
                $this->doCreate();

                break;
            case 'drop':
                if (isset($_REQUEST['cancel'])) {
                    $this->doDefault();
                } else {
                    $this->doDrop(false);
                }

                break;
            case 'confirm_drop':
                $this->doDrop(true);

                break;
            case 'save_edit':
                if (isset($_REQUEST['cancel'])) {
                    $this->doDefault();
                } else {
                    $this->doSaveEdit();
                }

                break;
            case 'edit':
                $this->doEdit();

                break;
            default:
                $this->doDefault();

                break;
        }

        $this->printFooter();
    }

    /**
     * Show default list of users in the database.
     *
     * @param mixed $msg
     */
    public function doDefault($msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $renderUseExpires = function ($val) use ($lang) {

            return 'infinity' == $val ? $this->lang['strnever'] : htmlspecialchars($val);
        };

        $this->printTrail('server');
        $this->printTabs('server', 'users');
        $this->printMsg($msg);

        $users = $data->getUsers();

        $columns = [
            'user'      => [
                'title' => $this->lang['strusername'],
                'field' => Decorator::field('usename'),
            ],
            'superuser' => [
                'title' => $this->lang['strsuper'],
                'field' => Decorator::field('usesuper'),
                'type'  => 'yesno',
            ],
            'createdb'  => [
                'title' => $this->lang['strcreatedb'],
                'field' => Decorator::field('usecreatedb'),
                'type'  => 'yesno',
            ],
            'expires'   => [
                'title'  => $this->lang['strexpires'],
                'field'  => Decorator::field('useexpires'),
                'type'   => 'callback',
                'params' => ['function' => $renderUseExpires, 'null' => $this->lang['strnever']],
            ],
            'defaults'  => [
                'title' => $this->lang['strsessiondefaults'],
                'field' => Decorator::field('useconfig'),
            ],
            'actions'   => [
                'title' => $this->lang['stractions'],
            ],
        ];

        $actions = [
            'alter' => [
                'content' => $this->lang['stralter'],
                'attr'    => [
                    'href' => [
                        'url'     => 'users',
                        'urlvars' => [
                            'action'   => 'edit',
                            'username' => Decorator::field('usename'),
                        ],
                    ],
                ],
            ],
            'drop'  => [
                'content' => $this->lang['strdrop'],
                'attr'    => [
                    'href' => [
                        'url'     => 'users',
                        'urlvars' => [
                            'action'   => 'confirm_drop',
                            'username' => Decorator::field('usename'),
                        ],
                    ],
                ],
            ],
        ];

        echo $this->printTable($users, $columns, $actions, 'users-users', $this->lang['strnousers']);

        $this->printNavLinks(['create' => [

            'attr'    => [
                'href' => [
                    'url'     => 'users',
                    'urlvars' => [
                        'action' => 'create',
                        'server' => $_REQUEST['server'],
                    ],
                ],
            ],
            'content' => $this->lang['strcreateuser'],
        ]], 'users-users', get_defined_vars());
someFunctionCall(
    $firstArgument,
    $secondArgument,
    $thirdArgument
); // Closing parenthesis on a new line.
    }

    /**
     * If a user is not a superuser, then we have an 'account management' page
     * where they can change their password, etc.  We don't prevent them from
     * messing with the URL to gain access to other user admin stuff, because
     * the PostgreSQL permissions will prevent them changing anything anyway.
     *
     * @param mixed $msg
     */
    public function doAccount($msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $server_info = $this->misc->getServerInfo();

        $userdata         = $data->getUser($server_info['username']);
        $_REQUEST['user'] = $server_info['username'];

        $this->printTrail('user');
        $this->printTabs('server', 'account');
        $this->printMsg($msg);

        if ($userdata->recordCount() > 0) {
            $userdata->fields['usesuper']    = $data->phpBool($userdata->fields['usesuper']);
            $userdata->fields['usecreatedb'] = $data->phpBool($userdata->fields['usecreatedb']);
            echo "<table>\n";
            echo "<tr><th class=\"data\">{$this->lang['strusername']}</th><th class=\"data\">{$this->lang['strsuper']}</th><th class=\"data\">{$this->lang['strcreatedb']}</th><th class=\"data\">{$this->lang['strexpires']}</th>";
            echo "<th class=\"data\">{$this->lang['strsessiondefaults']}</th>";
            echo "</tr>\n";
            echo "<tr>\n\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usename']), "</td>\n";
            echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usesuper'], 'yesno'), "</td>\n";
            echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usecreatedb'], 'yesno'), "</td>\n";
            echo "\t<td class=\"data1\">", ('infinity' == $userdata->fields['useexpires'] || is_null($userdata->fields['useexpires']) ? $this->lang['strnever'] : $this->misc->printVal($userdata->fields['useexpires'])), "</td>\n";
            echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['useconfig']), "</td>\n";
            echo "</tr>\n</table>\n";
        } else {
            echo "<p>{$this->lang['strnodata']}</p>\n";
        }

        $this->printNavLinks(['changepassword' => [

            'attr'    => [
                'href' => [
                    'url'     => 'users',
                    'urlvars' => [
                        'action' => 'confchangepassword',
                        'server' => $_REQUEST['server'],
                    ],
                ],
            ],
            'content' => $this->lang['strchangepassword'],
        ]], 'users-account', get_defined_vars());
someFunctionCall(
    $firstArgument,
    $secondArgument,
    $thirdArgument
); // Closing parenthesis on a new line.
    }

    /**
     * Show confirmation of change password and actually change password.
     *
     * @param mixed $confirm
     * @param mixed $msg
     */
    public function doChangePassword($confirm, $msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $server_info = $this->misc->getServerInfo();

        if ($confirm) {
            $_REQUEST['user'] = $server_info['username'];
            $this->printTrail('user');
            $this->printTitle($this->lang['strchangepassword'], 'pg.user.alter');
            $this->printMsg($msg);

            if (!isset($_POST['password'])) {
                $_POST['password'] = '';
            }

            if (!isset($_POST['confirm'])) {
                $_POST['confirm'] = '';
            }

            echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
            echo "<table>\n";
            echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strpassword']}</th>\n";
            echo "\t\t<td><input type=\"password\" name=\"password\" size=\"32\" value=\"",
            htmlspecialchars($_POST['password']), "\" /></td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strconfirm']}</th>\n";
            echo "\t\t<td><input type=\"password\" name=\"confirm\" size=\"32\" value=\"\" /></td>\n\t</tr>\n";
            echo "</table>\n";
            echo "<p><input type=\"hidden\" name=\"action\" value=\"changepassword\" />\n";
            echo $this->misc->form;
            echo "<input type=\"submit\" name=\"ok\" value=\"{$this->lang['strok']}\" />\n";
            echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" />\n";
            echo "</p></form>\n";
        } else {
            // Check that password is minimum length
            if (strlen($_POST['password']) < $this->conf['min_password_length']) {
                $this->doChangePassword(true, $this->lang['strpasswordshort']);
            }

            // Check that password matches confirmation password
            elseif ($_POST['password'] != $_POST['confirm']) {

                $this->doChangePassword(true, $this->lang['strpasswordconfirm']);
            } else {
                $status = $data->changePassword(
                    $server_info['username'],
                    $_POST['password']
                );
                if (0 == $status) {
                    $this->doAccount($this->lang['strpasswordchanged']);
                } else {
                    $this->doAccount($this->lang['strpasswordchangedbad']);
                }
            }
        }
    }

    /**
     * Function to allow editing of a user.
     *
     * @param mixed $msg
     */
    public function doEdit($msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        $this->printTrail('user');
        $this->printTitle($this->lang['stralter'], 'pg.user.alter');
        $this->printMsg($msg);

        $userdata = $data->getUser($_REQUEST['username']);

        if ($userdata->recordCount() > 0) {
            $server_info                     = $this->misc->getServerInfo();
            $canRename                       = $data->hasUserRename() && ($_REQUEST['username'] != $server_info['username']);
            $userdata->fields['usesuper']    = $data->phpBool($userdata->fields['usesuper']);
            $userdata->fields['usecreatedb'] = $data->phpBool($userdata->fields['usecreatedb']);

            if (!isset($_POST['formExpires'])) {
                if ($canRename) {
                    $_POST['newname'] = $userdata->fields['usename'];
                }

                if ($userdata->fields['usesuper']) {
                    $_POST['formSuper'] = '';
                }

                if ($userdata->fields['usecreatedb']) {
                    $_POST['formCreateDB'] = '';
                }

                $_POST['formExpires']  = 'infinity' == $userdata->fields['useexpires'] ? '' : $userdata->fields['useexpires'];
                $_POST['formPassword'] = '';
            }

            echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
            echo "<table>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strusername']}</th>\n";
            echo "\t\t<td class=\"data1\">", ($canRename ? "<input name=\"newname\" size=\"15\" maxlength=\"{$data->_maxNameLen}\" value=\"".htmlspecialchars($_POST['newname']).'" />' : $this->misc->printVal($userdata->fields['usename'])), "</td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formSuper\">{$this->lang['strsuper']}</label></th>\n";
            echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formSuper\" name=\"formSuper\"",
            (isset($_POST['formSuper'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formCreateDB\">{$this->lang['strcreatedb']}</label></th>\n";
            echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formCreateDB\" name=\"formCreateDB\"",
            (isset($_POST['formCreateDB'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strexpires']}</th>\n";
            echo "\t\t<td class=\"data1\"><input size=\"16\" name=\"formExpires\" value=\"", htmlspecialchars($_POST['formExpires']), "\" /></td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strpassword']}</th>\n";
            echo "\t\t<td class=\"data1\"><input type=\"password\" size=\"16\" name=\"formPassword\" value=\"", htmlspecialchars($_POST['formPassword']), "\" /></td>\n\t</tr>\n";
            echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strconfirm']}</th>\n";
            echo "\t\t<td class=\"data1\"><input type=\"password\" size=\"16\" name=\"formConfirm\" value=\"\" /></td>\n\t</tr>\n";
            echo "</table>\n";
            echo "<p><input type=\"hidden\" name=\"action\" value=\"save_edit\" />\n";
            echo '<input type="hidden" name="username" value="', htmlspecialchars($_REQUEST['username']), "\" />\n";
            echo $this->misc->form;
            echo "<input type=\"submit\" name=\"alter\" value=\"{$this->lang['stralter']}\" />\n";
            echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
            echo "</form>\n";
        } else {
            echo "<p>{$this->lang['strnodata']}</p>\n";
        }
    }

    /**
     * Function to save after editing a user.
     */
    public function doSaveEdit()
    {
        $data = $this->misc->getDatabaseAccessor();

        // Check name and password
        if (isset($_POST['newname']) && '' == $_POST['newname']) {
            $this->doEdit($this->lang['struserneedsname']);
        } elseif ($_POST['formPassword'] != $_POST['formConfirm']) {
            $this->doEdit($this->lang['strpasswordconfirm']);
        } else {
            if (isset($_POST['newname'])) {
                $status = $data->setRenameUser($_POST['username'], $_POST['formPassword'], isset($_POST['formCreateDB']), isset($_POST['formSuper']), $_POST['formExpires'], $_POST['newname']);
            } else {
                $status = $data->setUser($_POST['username'], $_POST['formPassword'], isset($_POST['formCreateDB']), isset($_POST['formSuper']), $_POST['formExpires']);
            }

            if (0 == $status) {
                $this->doDefault($this->lang['struserupdated']);
            } else {
                $this->doEdit($this->lang['struserupdatedbad']);
            }
        }
    }

    /**
     * Show confirmation of drop and perform actual drop.
     *
     * @param mixed $confirm
     */
    public function doDrop($confirm)
    {
        $data = $this->misc->getDatabaseAccessor();

        if ($confirm) {
            $this->printTrail('user');
            $this->printTitle($this->lang['strdrop'], 'pg.user.drop');

            echo '<p>', sprintf($this->lang['strconfdropuser'], $this->misc->printVal($_REQUEST['username'])), "</p>\n";

            echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
            echo "<p><input type=\"hidden\" name=\"action\" value=\"drop\" />\n";
            echo '<input type="hidden" name="username" value="', htmlspecialchars($_REQUEST['username']), "\" />\n";
            echo $this->misc->form;
            echo "<input type=\"submit\" name=\"drop\" value=\"{$this->lang['strdrop']}\" />\n";
            echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
            echo "</form>\n";
        } else {
            $status = $data->dropUser($_REQUEST['username']);
            if (0 == $status) {
                $this->doDefault($this->lang['struserdropped']);
            } else {
                $this->doDefault($this->lang['struserdroppedbad']);
            }
        }
    }

    /**
     * Displays a screen where they can enter a new user.
     *
     * @param mixed $msg
     */
    public function doCreate($msg = '')
    {
        $data = $this->misc->getDatabaseAccessor();

        if (!isset($_POST['formUsername'])) {
            $_POST['formUsername'] = '';
        }

        if (!isset($_POST['formPassword'])) {
            $_POST['formPassword'] = '';
        }

        if (!isset($_POST['formConfirm'])) {
            $_POST['formConfirm'] = '';
        }

        if (!isset($_POST['formExpires'])) {
            $_POST['formExpires'] = '';
        }

        $this->printTrail('server');
        $this->printTitle($this->lang['strcreateuser'], 'pg.user.create');
        $this->printMsg($msg);

        echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
        echo "<table>\n";
        echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strusername']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" maxlength=\"{$data->_maxNameLen}\" name=\"formUsername\" value=\"", htmlspecialchars($_POST['formUsername']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strpassword']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formPassword\" value=\"", htmlspecialchars($_POST['formPassword']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strconfirm']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formConfirm\" value=\"", htmlspecialchars($_POST['formConfirm']), "\" /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formSuper\">{$this->lang['strsuper']}</label></th>\n";
        echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formSuper\" name=\"formSuper\"",
        (isset($_POST['formSuper'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formCreateDB\">{$this->lang['strcreatedb']}</label></th>\n";
        echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formCreateDB\" name=\"formCreateDB\"",
        (isset($_POST['formCreateDB'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
        echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strexpires']}</th>\n";
        echo "\t\t<td class=\"data1\"><input size=\"30\" name=\"formExpires\" value=\"", htmlspecialchars($_POST['formExpires']), "\" /></td>\n\t</tr>\n";
        echo "</table>\n";
        echo "<p><input type=\"hidden\" name=\"action\" value=\"save_create\" />\n";
        echo $this->misc->form;
        echo "<input type=\"submit\" name=\"create\" value=\"{$this->lang['strcreate']}\" />\n";
        echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
        echo "</form>\n";
    }

    /**
     * Actually creates the new user in the database.
     */
    public function doSaveCreate()
    {
        $data = $this->misc->getDatabaseAccessor();

        // Check data
        if ('' == $_POST['formUsername']) {
            $this->doCreate($this->lang['struserneedsname']);
        } elseif ($_POST['formPassword'] != $_POST['formConfirm']) {
            $this->doCreate($this->lang['strpasswordconfirm']);
        } else {
            $status = $data->createUser(
                $_POST['formUsername'],
                $_POST['formPassword'],
                isset($_POST['formCreateDB']),
                isset($_POST['formSuper']),
                $_POST['formExpires'],
                []
            );
            if (0 == $status) {
                $this->doDefault($this->lang['strusercreated']);
            } else {
                $this->doCreate($this->lang['strusercreatedbad']);
            }
        }
    }
}


1			<?php
2
3			/**
4			* PHPPgAdmin v6.0.0-beta.40
5			*/
6
7			namespace PHPPgAdmin\Controller;
8
9			use PHPPgAdmin\Decorators\Decorator;
10
11			/**
12			* Base controller class.
13			*
14			* @package PHPPgAdmin
15			*/
16			class UsersController extends BaseController
17			{
18			public $controller_name = 'UsersController';
19
20			/**
21			* Default method to render the controller according to the action parameter.
22			*/
23			public function render()
24			{
25			$this->printHeader($this->lang['strusers']);
26			$this->printBody();
27
28			switch ($this->action) {
29			case 'changepassword':
30			if (isset($_REQUEST['ok'])) {
31			$this->doChangePassword(false);
32			} else {
33			$this->doAccount();
34			}
35
36			break;
37			case 'confchangepassword':
38			$this->doChangePassword(true);
39
40			break;
41			case 'account':
42			$this->doAccount();
43
44			break;
45			case 'save_create':
46			if (isset($_REQUEST['cancel'])) {
47			$this->doDefault();
48			} else {
49			$this->doSaveCreate();
50			}
51
52			break;
53			case 'create':
54			$this->doCreate();
55
56			break;
57			case 'drop':
58			if (isset($_REQUEST['cancel'])) {
59			$this->doDefault();
60			} else {
61			$this->doDrop(false);
62			}
63
64			break;
65			case 'confirm_drop':
66			$this->doDrop(true);
67
68			break;
69			case 'save_edit':
70			if (isset($_REQUEST['cancel'])) {
71			$this->doDefault();
72			} else {
73			$this->doSaveEdit();
74			}
75
76			break;
77			case 'edit':
78			$this->doEdit();
79
80			break;
81			default:
82			$this->doDefault();
83
84			break;
85			}
86
87			$this->printFooter();
88			}
89
90			/**
91			* Show default list of users in the database.
92			*
93			* @param mixed $msg
94			*/
95			public function doDefault($msg = '')
96			{
97			$data = $this->misc->getDatabaseAccessor();
98
99			$renderUseExpires = function ($val) use ($lang) {
			0 ignored issues – show Unused Code introduced 2018-04-20 11:46 UTC by Report Bug Copy Issue Report The import `$lang` is not used and could be removed. This check looks for imports that have been defined, but are not used in the scope. Loading history... Comprehensibility Best Practice introduced 2018-04-20 11:46 UTC by Report Bug Copy Issue Report The variable `$lang` seems to be never defined. Loading history...
100			return 'infinity' == $val ? $this->lang['strnever'] : htmlspecialchars($val);
101			};
102
103			$this->printTrail('server');
104			$this->printTabs('server', 'users');
105			$this->printMsg($msg);
106
107			$users = $data->getUsers();
108
109			$columns = [
110			'user' => [
111			'title' => $this->lang['strusername'],
112			'field' => Decorator::field('usename'),
113			],
114			'superuser' => [
115			'title' => $this->lang['strsuper'],
116			'field' => Decorator::field('usesuper'),
117			'type' => 'yesno',
118			],
119			'createdb' => [
120			'title' => $this->lang['strcreatedb'],
121			'field' => Decorator::field('usecreatedb'),
122			'type' => 'yesno',
123			],
124			'expires' => [
125			'title' => $this->lang['strexpires'],
126			'field' => Decorator::field('useexpires'),
127			'type' => 'callback',
128			'params' => ['function' => $renderUseExpires, 'null' => $this->lang['strnever']],
129			],
130			'defaults' => [
131			'title' => $this->lang['strsessiondefaults'],
132			'field' => Decorator::field('useconfig'),
133			],
134			'actions' => [
135			'title' => $this->lang['stractions'],
136			],
137			];
138
139			$actions = [
140			'alter' => [
141			'content' => $this->lang['stralter'],
142			'attr' => [
143			'href' => [
144			'url' => 'users',
145			'urlvars' => [
146			'action' => 'edit',
147			'username' => Decorator::field('usename'),
148			],
149			],
150			],
151			],
152			'drop' => [
153			'content' => $this->lang['strdrop'],
154			'attr' => [
155			'href' => [
156			'url' => 'users',
157			'urlvars' => [
158			'action' => 'confirm_drop',
159			'username' => Decorator::field('usename'),
160			],
161			],
162			],
163			],
164			];
165
166			echo $this->printTable($users, $columns, $actions, 'users-users', $this->lang['strnousers']);
167
168			$this->printNavLinks(['create' => [
			1 ignored issue – show Coding Style introduced 2017-10-08 18:23 UTC by Report Bug Copy Issue Report The opening parenthesis of a multi-line function call should be the last content on the line. Loading history...
169			'attr' => [
170			'href' => [
171			'url' => 'users',
172			'urlvars' => [
173			'action' => 'create',
174			'server' => $_REQUEST['server'],
175			],
176			],
177			],
178			'content' => $this->lang['strcreateuser'],
179			]], 'users-users', get_defined_vars());
			1 ignored issue – show Coding Style introduced 2017-10-08 18:23 UTC by Report Bug Copy Issue Report For multi-line function calls, the closing parenthesis should be on a new line. If a function call spawns multiple lines, the coding standard suggests to move the closing parenthesis to a new line: someFunctionCall( $firstArgument, $secondArgument, $thirdArgument ); // Closing parenthesis on a new line. Loading history...
180			}
181
182			/**
183			* If a user is not a superuser, then we have an 'account management' page
184			* where they can change their password, etc. We don't prevent them from
185			* messing with the URL to gain access to other user admin stuff, because
186			* the PostgreSQL permissions will prevent them changing anything anyway.
187			*
188			* @param mixed $msg
189			*/
190			public function doAccount($msg = '')
191			{
192			$data = $this->misc->getDatabaseAccessor();
193
194			$server_info = $this->misc->getServerInfo();
195
196			$userdata = $data->getUser($server_info['username']);
197			$_REQUEST['user'] = $server_info['username'];
198
199			$this->printTrail('user');
200			$this->printTabs('server', 'account');
201			$this->printMsg($msg);
202
203			if ($userdata->recordCount() > 0) {
204			$userdata->fields['usesuper'] = $data->phpBool($userdata->fields['usesuper']);
205			$userdata->fields['usecreatedb'] = $data->phpBool($userdata->fields['usecreatedb']);
206			echo "<table>\n";
207			echo "<tr><th class=\"data\">{$this->lang['strusername']}</th><th class=\"data\">{$this->lang['strsuper']}</th><th class=\"data\">{$this->lang['strcreatedb']}</th><th class=\"data\">{$this->lang['strexpires']}</th>";
208			echo "<th class=\"data\">{$this->lang['strsessiondefaults']}</th>";
209			echo "</tr>\n";
210			echo "<tr>\n\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usename']), "</td>\n";
211			echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usesuper'], 'yesno'), "</td>\n";
212			echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['usecreatedb'], 'yesno'), "</td>\n";
213			echo "\t<td class=\"data1\">", ('infinity' == $userdata->fields['useexpires'] \|\| is_null($userdata->fields['useexpires']) ? $this->lang['strnever'] : $this->misc->printVal($userdata->fields['useexpires'])), "</td>\n";
214			echo "\t<td class=\"data1\">", $this->misc->printVal($userdata->fields['useconfig']), "</td>\n";
215			echo "</tr>\n</table>\n";
216			} else {
217			echo "<p>{$this->lang['strnodata']}</p>\n";
218			}
219
220			$this->printNavLinks(['changepassword' => [
			1 ignored issue – show Coding Style introduced 2017-10-08 18:23 UTC by Report Bug Copy Issue Report The opening parenthesis of a multi-line function call should be the last content on the line. Loading history...
221			'attr' => [
222			'href' => [
223			'url' => 'users',
224			'urlvars' => [
225			'action' => 'confchangepassword',
226			'server' => $_REQUEST['server'],
227			],
228			],
229			],
230			'content' => $this->lang['strchangepassword'],
231			]], 'users-account', get_defined_vars());
			1 ignored issue – show Coding Style introduced 2017-10-08 18:23 UTC by Report Bug Copy Issue Report For multi-line function calls, the closing parenthesis should be on a new line. If a function call spawns multiple lines, the coding standard suggests to move the closing parenthesis to a new line: someFunctionCall( $firstArgument, $secondArgument, $thirdArgument ); // Closing parenthesis on a new line. Loading history...
232			}
233
234			/**
235			* Show confirmation of change password and actually change password.
236			*
237			* @param mixed $confirm
238			* @param mixed $msg
239			*/
240			public function doChangePassword($confirm, $msg = '')
241			{
242			$data = $this->misc->getDatabaseAccessor();
243
244			$server_info = $this->misc->getServerInfo();
245
246			if ($confirm) {
247			$_REQUEST['user'] = $server_info['username'];
248			$this->printTrail('user');
249			$this->printTitle($this->lang['strchangepassword'], 'pg.user.alter');
250			$this->printMsg($msg);
251
252			if (!isset($_POST['password'])) {
253			$_POST['password'] = '';
254			}
255
256			if (!isset($_POST['confirm'])) {
257			$_POST['confirm'] = '';
258			}
259
260			echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
261			echo "<table>\n";
262			echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strpassword']}</th>\n";
263			echo "\t\t<td><input type=\"password\" name=\"password\" size=\"32\" value=\"",
264			htmlspecialchars($_POST['password']), "\" /></td>\n\t</tr>\n";
265			echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strconfirm']}</th>\n";
266			echo "\t\t<td><input type=\"password\" name=\"confirm\" size=\"32\" value=\"\" /></td>\n\t</tr>\n";
267			echo "</table>\n";
268			echo "<p><input type=\"hidden\" name=\"action\" value=\"changepassword\" />\n";
269			echo $this->misc->form;
270			echo "<input type=\"submit\" name=\"ok\" value=\"{$this->lang['strok']}\" />\n";
271			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" />\n";
272			echo "</p></form>\n";
273			} else {
274			// Check that password is minimum length
275			if (strlen($_POST['password']) < $this->conf['min_password_length']) {
276			$this->doChangePassword(true, $this->lang['strpasswordshort']);
277			}
278
279			// Check that password matches confirmation password
280			elseif ($_POST['password'] != $_POST['confirm']) {
			0 ignored issues – show Coding Style introduced 2017-10-08 18:23 UTC by Report Bug Copy Issue Report Expected "} elseif (...) \n"; found "\n\n // Check that password matches confirmation password\n elseif (...) {\n" Loading history...
281			$this->doChangePassword(true, $this->lang['strpasswordconfirm']);
282			} else {
283			$status = $data->changePassword(
284			$server_info['username'],
285			$_POST['password']
286			);
287			if (0 == $status) {
288			$this->doAccount($this->lang['strpasswordchanged']);
289			} else {
290			$this->doAccount($this->lang['strpasswordchangedbad']);
291			}
292			}
293			}
294			}
295
296			/**
297			* Function to allow editing of a user.
298			*
299			* @param mixed $msg
300			*/
301			public function doEdit($msg = '')
302			{
303			$data = $this->misc->getDatabaseAccessor();
304
305			$this->printTrail('user');
306			$this->printTitle($this->lang['stralter'], 'pg.user.alter');
307			$this->printMsg($msg);
308
309			$userdata = $data->getUser($_REQUEST['username']);
310
311			if ($userdata->recordCount() > 0) {
312			$server_info = $this->misc->getServerInfo();
313			$canRename = $data->hasUserRename() && ($_REQUEST['username'] != $server_info['username']);
314			$userdata->fields['usesuper'] = $data->phpBool($userdata->fields['usesuper']);
315			$userdata->fields['usecreatedb'] = $data->phpBool($userdata->fields['usecreatedb']);
316
317			if (!isset($_POST['formExpires'])) {
318			if ($canRename) {
319			$_POST['newname'] = $userdata->fields['usename'];
320			}
321
322			if ($userdata->fields['usesuper']) {
323			$_POST['formSuper'] = '';
324			}
325
326			if ($userdata->fields['usecreatedb']) {
327			$_POST['formCreateDB'] = '';
328			}
329
330			$_POST['formExpires'] = 'infinity' == $userdata->fields['useexpires'] ? '' : $userdata->fields['useexpires'];
331			$_POST['formPassword'] = '';
332			}
333
334			echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
335			echo "<table>\n";
336			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strusername']}</th>\n";
337			echo "\t\t<td class=\"data1\">", ($canRename ? "<input name=\"newname\" size=\"15\" maxlength=\"{$data->_maxNameLen}\" value=\"".htmlspecialchars($_POST['newname']).'" />' : $this->misc->printVal($userdata->fields['usename'])), "</td>\n\t</tr>\n";
338			echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formSuper\">{$this->lang['strsuper']}</label></th>\n";
339			echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formSuper\" name=\"formSuper\"",
340			(isset($_POST['formSuper'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
341			echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formCreateDB\">{$this->lang['strcreatedb']}</label></th>\n";
342			echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formCreateDB\" name=\"formCreateDB\"",
343			(isset($_POST['formCreateDB'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
344			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strexpires']}</th>\n";
345			echo "\t\t<td class=\"data1\"><input size=\"16\" name=\"formExpires\" value=\"", htmlspecialchars($_POST['formExpires']), "\" /></td>\n\t</tr>\n";
346			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strpassword']}</th>\n";
347			echo "\t\t<td class=\"data1\"><input type=\"password\" size=\"16\" name=\"formPassword\" value=\"", htmlspecialchars($_POST['formPassword']), "\" /></td>\n\t</tr>\n";
348			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strconfirm']}</th>\n";
349			echo "\t\t<td class=\"data1\"><input type=\"password\" size=\"16\" name=\"formConfirm\" value=\"\" /></td>\n\t</tr>\n";
350			echo "</table>\n";
351			echo "<p><input type=\"hidden\" name=\"action\" value=\"save_edit\" />\n";
352			echo '<input type="hidden" name="username" value="', htmlspecialchars($_REQUEST['username']), "\" />\n";
353			echo $this->misc->form;
354			echo "<input type=\"submit\" name=\"alter\" value=\"{$this->lang['stralter']}\" />\n";
355			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
356			echo "</form>\n";
357			} else {
358			echo "<p>{$this->lang['strnodata']}</p>\n";
359			}
360			}
361
362			/**
363			* Function to save after editing a user.
364			*/
365			public function doSaveEdit()
366			{
367			$data = $this->misc->getDatabaseAccessor();
368
369			// Check name and password
370			if (isset($_POST['newname']) && '' == $_POST['newname']) {
371			$this->doEdit($this->lang['struserneedsname']);
372			} elseif ($_POST['formPassword'] != $_POST['formConfirm']) {
373			$this->doEdit($this->lang['strpasswordconfirm']);
374			} else {
375			if (isset($_POST['newname'])) {
376			$status = $data->setRenameUser($_POST['username'], $_POST['formPassword'], isset($_POST['formCreateDB']), isset($_POST['formSuper']), $_POST['formExpires'], $_POST['newname']);
377			} else {
378			$status = $data->setUser($_POST['username'], $_POST['formPassword'], isset($_POST['formCreateDB']), isset($_POST['formSuper']), $_POST['formExpires']);
379			}
380
381			if (0 == $status) {
382			$this->doDefault($this->lang['struserupdated']);
383			} else {
384			$this->doEdit($this->lang['struserupdatedbad']);
385			}
386			}
387			}
388
389			/**
390			* Show confirmation of drop and perform actual drop.
391			*
392			* @param mixed $confirm
393			*/
394			public function doDrop($confirm)
395			{
396			$data = $this->misc->getDatabaseAccessor();
397
398			if ($confirm) {
399			$this->printTrail('user');
400			$this->printTitle($this->lang['strdrop'], 'pg.user.drop');
401
402			echo '<p>', sprintf($this->lang['strconfdropuser'], $this->misc->printVal($_REQUEST['username'])), "</p>\n";
403
404			echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
405			echo "<p><input type=\"hidden\" name=\"action\" value=\"drop\" />\n";
406			echo '<input type="hidden" name="username" value="', htmlspecialchars($_REQUEST['username']), "\" />\n";
407			echo $this->misc->form;
408			echo "<input type=\"submit\" name=\"drop\" value=\"{$this->lang['strdrop']}\" />\n";
409			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
410			echo "</form>\n";
411			} else {
412			$status = $data->dropUser($_REQUEST['username']);
413			if (0 == $status) {
414			$this->doDefault($this->lang['struserdropped']);
415			} else {
416			$this->doDefault($this->lang['struserdroppedbad']);
417			}
418			}
419			}
420
421			/**
422			* Displays a screen where they can enter a new user.
423			*
424			* @param mixed $msg
425			*/
426			public function doCreate($msg = '')
427			{
428			$data = $this->misc->getDatabaseAccessor();
429
430			if (!isset($_POST['formUsername'])) {
431			$_POST['formUsername'] = '';
432			}
433
434			if (!isset($_POST['formPassword'])) {
435			$_POST['formPassword'] = '';
436			}
437
438			if (!isset($_POST['formConfirm'])) {
439			$_POST['formConfirm'] = '';
440			}
441
442			if (!isset($_POST['formExpires'])) {
443			$_POST['formExpires'] = '';
444			}
445
446			$this->printTrail('server');
447			$this->printTitle($this->lang['strcreateuser'], 'pg.user.create');
448			$this->printMsg($msg);
449
450			echo '<form action="'.\SUBFOLDER."/src/views/users\" method=\"post\">\n";
451			echo "<table>\n";
452			echo "\t<tr>\n\t\t<th class=\"data left required\">{$this->lang['strusername']}</th>\n";
453			echo "\t\t<td class=\"data1\"><input size=\"15\" maxlength=\"{$data->_maxNameLen}\" name=\"formUsername\" value=\"", htmlspecialchars($_POST['formUsername']), "\" /></td>\n\t</tr>\n";
454			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strpassword']}</th>\n";
455			echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formPassword\" value=\"", htmlspecialchars($_POST['formPassword']), "\" /></td>\n\t</tr>\n";
456			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strconfirm']}</th>\n";
457			echo "\t\t<td class=\"data1\"><input size=\"15\" type=\"password\" name=\"formConfirm\" value=\"", htmlspecialchars($_POST['formConfirm']), "\" /></td>\n\t</tr>\n";
458			echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formSuper\">{$this->lang['strsuper']}</label></th>\n";
459			echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formSuper\" name=\"formSuper\"",
460			(isset($_POST['formSuper'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
461			echo "\t<tr>\n\t\t<th class=\"data left\"><label for=\"formCreateDB\">{$this->lang['strcreatedb']}</label></th>\n";
462			echo "\t\t<td class=\"data1\"><input type=\"checkbox\" id=\"formCreateDB\" name=\"formCreateDB\"",
463			(isset($_POST['formCreateDB'])) ? ' checked="checked"' : '', " /></td>\n\t</tr>\n";
464			echo "\t<tr>\n\t\t<th class=\"data left\">{$this->lang['strexpires']}</th>\n";
465			echo "\t\t<td class=\"data1\"><input size=\"30\" name=\"formExpires\" value=\"", htmlspecialchars($_POST['formExpires']), "\" /></td>\n\t</tr>\n";
466			echo "</table>\n";
467			echo "<p><input type=\"hidden\" name=\"action\" value=\"save_create\" />\n";
468			echo $this->misc->form;
469			echo "<input type=\"submit\" name=\"create\" value=\"{$this->lang['strcreate']}\" />\n";
470			echo "<input type=\"submit\" name=\"cancel\" value=\"{$this->lang['strcancel']}\" /></p>\n";
471			echo "</form>\n";
472			}
473
474			/**
475			* Actually creates the new user in the database.
476			*/
477			public function doSaveCreate()
478			{
479			$data = $this->misc->getDatabaseAccessor();
480
481			// Check data
482			if ('' == $_POST['formUsername']) {
483			$this->doCreate($this->lang['struserneedsname']);
484			} elseif ($_POST['formPassword'] != $_POST['formConfirm']) {
485			$this->doCreate($this->lang['strpasswordconfirm']);
486			} else {
487			$status = $data->createUser(
488			$_POST['formUsername'],
489			$_POST['formPassword'],
490			isset($_POST['formCreateDB']),
491			isset($_POST['formSuper']),
492			$_POST['formExpires'],
493			[]
494			);
495			if (0 == $status) {
496			$this->doDefault($this->lang['strusercreated']);
497			} else {
498			$this->doCreate($this->lang['strusercreatedbad']);
499			}
500			}
501			}
502			}
503

HuasoFoundries / phpPgAdmin6

Push — develop ( 51bd2c...501708 )

UsersController::doSaveCreate() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like