showuser.php3 3.18 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?php
include("defs.php3");
include("showstuff.php3");

#
# Standard Testbed Header
#
PAGEHEADER("Show User Information");

#
# Note the difference with which this page gets it arguments!
# I invoke it using GET arguments, so uid and pid are are defined
# without having to find them in URI (like most of the other pages
# find the uid).
#

#
# Only known and logged in users can do this.
#
20
$uid = GETLOGIN();
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
LOGGEDINORDIE($uid);

$isadmin = ISADMIN($uid);

#
# Verify form arguments.
# 
if (!isset($target_uid) ||
    strcmp($target_uid, "") == 0) {
    USERERROR("You must provide a User ID.", 1);
}

#
# Check to make sure thats this is a valid UID.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
36
37
$query_result =
    DBQueryFatal("SELECT * FROM users WHERE uid='$target_uid'");
38
if (mysql_num_rows($query_result) == 0) {
39
  USERERROR("The user $target_uid is not a valid user", 1);
40
41
42
43
}

#
# Verify that this uid is a member of one of the projects that the
Leigh B. Stoller's avatar
Leigh B. Stoller committed
44
# target_uid is in. Must have proper permission in that group too. 
45
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
46
47
48
49
50
51
if (!$isadmin &&
    strcmp($uid, $target_uid)) {

    if (! TBUserInfoAccessCheck($uid, $target_uid, $TB_USERINFO_READINFO)) {
	USERERROR("You do not have permission to view this user's ".
		  "information!", 1);
52
53
54
    }
}

55
56
57
#
# Show user info.
# 
58
59
SHOWUSER($target_uid);

60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#
# Lets show projects.
#
$query_result =
    DBQueryFatal("select distinct g.pid,p.name from group_membership as g ".
		 "left join projects as p on p.pid=g.pid ".
		 "where uid='$target_uid' order by pid");

if (mysql_num_rows($query_result)) {
    echo "<center>
          <h3>Project Membership</h3>
          </center>
          <table align=center border=1 cellpadding=1 cellspacing=2>\n";

    echo "<tr>
              <td align=center>PID</td>
              <td align=center>Name</td>
          </tr>\n";

    while ($projrow = mysql_fetch_array($query_result)) {
	$pid  = $projrow[pid];
	$name = $projrow[name];

        echo "<tr>
                 <td><A href='showproject.php3?pid=$pid'>$pid</A></td>
                 <td>$name</td>
             </tr>\n";
    }
    echo "</table>\n";
}

#
# And Experiments.
#
$query_result =
    DBQueryFatal("select * from experiments  ".
		 "where expt_head_uid='$target_uid' order by pid,eid");

if (mysql_num_rows($query_result)) {
    echo "<center>
          <h3>Current Experiments</h3>
          </center>
          <table align=center border=1 cellpadding=1 cellspacing=2>\n";

    echo "<tr>
              <td align=center>PID</td>
              <td align=center>EID</td>
              <td align=center>Name</td>
          </tr>\n";

    while ($projrow = mysql_fetch_array($query_result)) {
	$pid  = $projrow[pid];
	$eid  = $projrow[eid];
	$name = $projrow[expt_name];

        echo "<tr>
                 <td><A href='showproject.php3?pid=$pid'>$pid</A></td>
                 <td><A href='showexp.php3?pid=$pid&eid=$eid'>$eid</A></td>
                 <td>$name</td>
             </tr>\n";
    }
    echo "</table>\n";
}

124
125
echo "</center>\n";

126
127
128
129
130
131
132
133
134
135
136
137
#
# Edit option.
#
if ($isadmin ||
    TBUserInfoAccessCheck($uid, $target_uid, $TB_USERINFO_MODIFYINFO)) {

    echo "<p><p><center>
           <A href='modusr_form.php3?target_uid=$target_uid'>
              Edit User Info?</a>
         </center>\n";
}
    
138
139
140
141
142
#
# Standard Testbed Footer
# 
PAGEFOOTER();
?>