forked from ndlibersa/auth
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathajax_processing.php
95 lines (69 loc) · 2.5 KB
/
ajax_processing.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php
/*
**************************************************************************************************************************
** CORAL Authentication Module v. 1.0
**
** Copyright (c) 2011 University of Notre Dame
**
** This file is part of CORAL.
**
** CORAL is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
**
** CORAL is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License along with CORAL. If not, see <http://www.gnu.org/licenses/>.
**
**************************************************************************************************************************
*/
session_start();
include_once 'directory.php';
if (isset($_SESSION['loginID'])){
$loginID=$_SESSION['loginID'];
}
$user = new User(new NamedArguments(array('primaryKey' => $loginID)));
if (($user->isAdmin) && ($user->getOpenSession())){
switch ($_GET['action']) {
case 'submitUser':
$util = new Utility();
//if this is an existing user
if ((isset($_POST['editLoginID'])) && ($_POST['editLoginID'] != '')){
$sUser = new User(new NamedArguments(array('primaryKey' => $_POST['editLoginID'])));
}else{
//set up new user
$sUser = new User();
$sUser->loginID = $_POST['loginID'];
}
//only update it if it was sent
if (isset($_POST['password']) && ($_POST['password'] != '')){
$prefix = $util->randomString(45);
$sUser->password = $util->hashString('sha512', $prefix . $_POST['password']);
$sUser->passwordPrefix = $prefix;
}
if ($_POST['adminInd'] == "1"){
$sUser->adminInd = "Y";
}else{
$sUser->adminInd = "N";
}
try {
$sUser->save();
} catch (Exception $e) {
echo $e->getMessage();
}
break;
echo "HERE2";
case 'deleteUser':
$loginID = $_GET['loginID'];
$dUser = new User(new NamedArguments(array('primaryKey' => $loginID)));
try {
$dUser->delete();
echo "User successfully deleted.";
} catch (Exception $e) {
echo $e->getMessage();
}
break;
default:
echo "Action " . $action . " not set up!";
break;
}
}
?>