diff --git a/www/approval.php3 b/www/approval.php3 new file mode 100755 index 0000000000000000000000000000000000000000..0191486069d98ad729220fc8330b16ba6b2e5e17 --- /dev/null +++ b/www/approval.php3 @@ -0,0 +1,106 @@ + 1"; + $result = mysql_db_query("tbdb", $query); + $numusers = mysql_num_rows($result); + $query2 = "SELECT timeout FROM login WHERE uid=\"$USER\""; + $result2 = mysql_db_query("tbdb", $query2); + $n = mysql_num_rows($result2); + $row = mysql_fetch_row($result2); + if (($n == 0) && ($numusers != 0)) { + $cmnd = "INSERT INTO login VALUES ('$USER', '0')"; + mysql_db_query("tbdb", $cmnd); + } elseif (($numusers == 0) || ($row[0] < time())) { + $cmnd = "DELETE FROM login WHERE uid=\"$USER\""; + mysql_db_query("tbdb", $cmnd); + Header("WWW-Authenticate: Basic realm=\"Testbed\""); + Header("HTTP/1.0 401 Unauthorized"); + die ("Authorization Failed\n"); + } + $timeout = time() + 1800; + $cmnd = "UPDATE login SET timeout=\"$timeout\" where uid=\"$USER\""; + mysql_db_query("tbdb", $cmnd); +} +echo " + + +Approve users"; +# +echo " +\n"; +if (isset($OK)) { + while ($elem = each($HTTP_POST_VARS)) { + $uid = $elem[0]; + $act = $elem[1]; + if ($act == "reject") { + $cmnd1 = "DELETE FROM users WHERE uid='$uid'"; + $cmnd2 = "DELETE FROM grp_memb WHERE uid='$uid'"; + $cmnd3 = "DELETE FROM proj_memb WHERE uid='$uid'"; + mysql_db_query("tbdb", $cmnd1); + mysql_db_query("tbdb", $cmnd2); + mysql_db_query("tbdb", $cmnd3); + echo "

$uid DELETED

\n"; + } elseif ($act == "accept") { + $cmnd = "UPDATE users SET trust_level=1 where uid='$uid'"; + mysql_db_query("tbdb", $cmnd); + echo "

$uid APPROVED

\n"; + } elseif ($act == "postpone") { + echo "

$uid is waiting

\n"; + } else { + echo "

Something is Wrong: $uid, $act

\n"; + } + } + die(""); +} +echo " +

Approve new users in your group

+ + + + + +\n"; + +$query = "SELECT gid FROM grp_memb WHERE uid='$USER'"; +$result = mysql_db_query("tbdb", $query); +$select = "SELECT"; +while ($row = mysql_fetch_row($result)) { + $gid = $row[0]; + if ($select == "SELECT") { + $select .= " DISTINCT uid FROM grp_memb WHERE gid='$gid'"; + } else { + $select .= " OR gid='$gid'"; + } +} +$selected = mysql_db_query("tbdb", $select); +$find = "SELECT"; +while ($row = mysql_fetch_row($selected)) { + $uid = $row[0]; + if ($find = "SELECT") { + $find .= " DISTINCT uid FROM users WHERE trust_level=0 AND uid='$uid'"; + } else { + $find .= " OR uid='$uid'"; + } +} +$found = mysql_db_query("tbdb", $find); +while ($row = mysql_fetch_row($found)) { + $uid = $row[0]; + echo " + + + \n"; +} +echo " + + +
RejectPostpone JudgementAcceptUser
$uid
+ +"; +?> \ No newline at end of file