6 files changed, 314 insertions, 4 deletions

diff --git a/htdocs/moderate/account.php b/htdocs/moderate/account.php
index 5fc87db..ac28b4e 100644
--- a/htdocs/moderate/account.php
+++ b/htdocs/moderate/account.php
@@ -10,11 +10,69 @@
 
 require_once('../src/base.inc.php');
 
+$error = '';
+
+// Handle form?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $user = $_SESSION['currentUser'];
+
+    // Change password
+    if (isset($_POST['oldpassword'])      and trim($_POST['oldpassword']) != ""
+        and isset($_POST['newpassword'])  and trim($_POST['newpassword']) != ""
+        and isset($_POST['newpassword2']) and trim($_POST['newpassword2']) != "") {
+
+        if ($user->authenticate($_POST['oldpassword'])) {
+            if ($_POST['newpassword'] == $_POST['newpassword2']) {
+                $user->setPassword($_POST['newpassword']);
+            
+            } else {
+                $error .= '<p>Passwords do not match.</p>';
+            }
+        } else {
+            $error .= '<p>"Old Password" does not match your current password.</p>';
+        }
+    }
+
+    // Set Notify
+    $notify = isset($_POST['notify']) and $_POST['notify'] == '1';
+    $user->setNotify($notify);
+
+    $user->save();
+}
+
+
 require_once('src/header.inc.php');
 
 echo "<h3>Your Account</h3>";
 
+if ($error != '') {
+    echo "<div class=\"errorbox\">$error</div>";
+}
 
+?>
+
+<form action="" method="post">
+<p>To change your password, enter your old and new passwords
+below.</p>
+<p><label>Old Password:
+    <input type="password" name="oldpassword" /></label></p>
+<p><label>New Password:
+    <input type="password" name="newpassword" /></label></p>
+<p><label>Confirm Password:
+    <input type="password" name="newpassword2" /></label></p>
+
+<div style="margin-top: 2em; margin-bottom: 2em;">
+<p><label><input type="checkbox" name="notify" value=\"1\" <?php
+echo $_SESSION['currentUser']->getNotify() ? 'checked="checked"' : '';
+?>/>
+    Notify when posts are created.</label></p>
+</div>
+
+<p><input type="submit" value="Update Account" /></p>
+
+</form>
+
+<?php
 
 
 require_once('src/footer.inc.php');
diff --git a/htdocs/moderate/admin.css b/htdocs/moderate/admin.css
index a1e7ed0..65a5a7f 100644
--- a/htdocs/moderate/admin.css
+++ b/htdocs/moderate/admin.css
@@ -18,3 +18,38 @@ h1 {
     display: inline-block;
     margin-right: 1em;
 }
+
+.userrow {
+    padding-left: 5px;
+    width: 50em;
+    margin-bottom: 0.25em;
+}
+
+.header {
+    border-bottom: solid 2px black;
+    margin-bottom: 1em;
+}
+
+.header span {
+    font-weight: bold;
+}
+
+.userrow span {
+    display: inline-block;
+}
+
+.userrow .name {
+    width: 12em;
+}
+
+.userrow .email {
+    width: 20em;
+}
+
+.userrow .admin {
+    width: 5em;
+}
+
+input[type=text] {
+    width: 20em;
+}
diff --git a/htdocs/moderate/src/header.inc.php b/htdocs/moderate/src/header.inc.php
index fc8a06f..30910ec 100644
--- a/htdocs/moderate/src/header.inc.php
+++ b/htdocs/moderate/src/header.inc.php
@@ -34,17 +34,18 @@ if (!isset($_SESSION['currentUser'])) {
 
 <div id="modnav">
     <ul>
-        <li><a href="">Moderate Posts</a></li>
+        <li><a href="<?= buildUrl('moderate/') ?>">Moderate Posts</a></li>
         
         <?php
             // Admin Navigation
             if ($_SESSION['currentUser']->isAdmin()) {
-                echo "<li><a href=\"". $CONFIG['urlroot'] ."/\">Pages</a></li>";
-                echo "<li><a href=\"". $CONFIG['urlroot'] ."/\">Users</a></li>";
+                echo "<li><a href=\"". buildUrl('moderate/pages/') ."\">Pages</a></li>";
+                echo "<li><a href=\"". buildUrl('moderate/users/') ."\">Users</a></li>";
             }
         ?>
 
-        <li><a href="">Account Settings</a></li>
+        <li><a href="<?= buildUrl('moderate/account.php') ?>">
+            Account Settings</a></li>
         <li><a href="">Logout</a></li>
     </ul>
 </div>
diff --git a/htdocs/moderate/users/delete.php b/htdocs/moderate/users/delete.php
new file mode 100644
index 0000000..f721f30
--- /dev/null
+++ b/htdocs/moderate/users/delete.php
@@ -0,0 +1,43 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once('../../src/base.inc.php');
+
+$error = '';
+
+$user = false;
+if (isset($_GET['id']) and is_numeric($_GET['id'])) {
+    $user = User::getById($_GET['id']);
+    
+    if ($user !== false and isset($_GET['confirmed'])) {
+        $user->delete();
+        
+        header('Location: index.php');
+    }
+
+}
+
+require_once('../src/header.inc.php');
+
+echo "<h3>Delete Users</h3>";
+
+if ($user !== false) {
+    echo "<p>Are you sure you want to delete " . $user->getName() ."?</p>"
+        . "<p><a href=\"delete.php?id=". $user->getId() ."&confirmed\">Yes</a>"
+        . " <a href=\"index.php\">No</a></p>";
+
+} else {
+    echo "<p>No user to delete.</p>";
+}
+
+require_once('../src/footer.inc.php');
+
+?>
+
diff --git a/htdocs/moderate/users/editor.php b/htdocs/moderate/users/editor.php
new file mode 100644
index 0000000..21be99e
--- /dev/null
+++ b/htdocs/moderate/users/editor.php
@@ -0,0 +1,126 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once('../../src/base.inc.php');
+
+$error = '';
+
+// Get the current user object.
+$user = new User();
+if (isset($_GET['id']) and is_numeric($_GET['id'])) {
+    $user = User::getById($_GET['id']);
+}
+
+// Save changes?
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    // Name
+    if (isset($_POST['name']) and trim($_POST['name']) != '') {
+        $user->setName($_POST['name']);
+
+    } else {
+        $error .= '<p>Name is a required field.</p>';
+    }
+
+    // Email
+    if (isset($_POST['email']) and trim($_POST['email']) != '') {
+        $user->setEmail($_POST['email']);
+
+    } else {
+        $error .= '<p>Email is a required field.</p>';
+    }
+
+    // Source
+    if (isset($_POST['source']) and trim($_POST['source']) != '') {
+        $user->setSource($_POST['source']);
+
+    } else {
+        $error .= '<p>Source is a required field.</p>';
+    }
+
+    // Set Admin
+    $admin = isset($_POST['admin']) and $_POST['admin'] == '1';
+    $user->setAdmin($admin);
+
+    // Set Notify
+    $notify = isset($_POST['notify']) and $_POST['notify'] == '1';
+    $user->setNotify($notify);
+
+    // Save the user
+    if ($error == '') {
+        if ($user->save()) {
+            // Return to users list
+            header("Location: index.php");
+
+        } else {
+            $error .= '<p>An error has occured.</p>';
+        }
+    }
+}
+
+require_once('../src/header.inc.php');
+
+echo "<h3>Edit User</h3>";
+
+if ($error != '') {
+    echo "<div class=\"errorbox\">$error</div>";
+}
+
+$url = "editor.php";
+
+if (isset($_GET['id'])) {
+    $url .= '?id=' . $_GET['id'];
+}
+
+echo "<form action=\"$url\" method=\"post\">";
+
+?>
+
+<p><label>Name: <input type="text" name="name" value="<?= $user->getName() ?>" /></label></p>
+<p><label>Email: <input type="text" name="email" value="<?= $user->getEmail() ?>" /></label></p>
+<p><label>Source: <?php sourceDropdown('source', $user->getSource()) ?></label></p>
+<p><label>
+<input type="checkbox" name="admin" value="1"  <?= $user->isAdmin() ? 'checked="checked"' : '' ?> />
+Administrator</label></p>
+<p><label>
+<input type="checkbox" name="notify" value="1" <?= $user->getNotify() ? 'checked="checked"' : '' ?> />
+Notify of posts</label></p>
+
+<p>
+<input type="submit" class="bigbutton" value="Save" />
+<a href="index.php" class="bigbutton">Cancel</a>
+</p>
+
+
+</form>
+
+<?php
+
+function sourceDropdown($name, $select) {
+    echo "<select name=\"$name\">";
+    
+    foreach(Source::getSources() as $source) {
+        if ($source->getId() == $select) {
+            echo "<option value=\"". $source->getId()
+                ."\" selected=\"selected\">"
+                . $source->getName() ."</option>";
+
+        } else {
+            echo "<option value=\"". $source->getId() ."\">"
+                . $source->getName() ."</option>";
+        }
+    }
+
+    echo "</select>";
+}
+
+require_once('../src/footer.inc.php');
+
+?>
+
diff --git a/htdocs/moderate/users/index.php b/htdocs/moderate/users/index.php
new file mode 100644
index 0000000..cda6232
--- /dev/null
+++ b/htdocs/moderate/users/index.php
@@ -0,0 +1,47 @@
+<?php
+
+/* Foursquare Community Site
+ * 
+ * Copyright (C) 2011 Foursquare Church.
+ * 
+ * Developers: Jesse Morgan <jmorgan@foursquarestaff.com>
+ *
+ */
+
+require_once('../../src/base.inc.php');
+
+$error = '';
+
+require_once('../src/header.inc.php');
+
+echo "<h3>Users</h3>";
+
+echo "<p><a class=\"bigbutton\" href=\"editor.php\">Create User</a></p>";
+
+$ui = new UserIterator();
+$ui->query();
+
+echo "<div class=\"userrow header\">"
+    . "<span class=\"name\">Name</span>"
+    . " <span class=\"email\">Email</span>"
+    . " <span class=\"admin\">Admin</span>"
+    . " <span class=\"actions\">Actions</span></div>";
+
+foreach ($ui as $user) {
+    printf("<div class=\"userrow\">"
+        . "<span class=\"name\">%s</span>"
+        . " <span class=\"email\"><a href=\"mailto:%s\">%s</a></span>"
+        . " <span class=\"admin\">%s</span>"
+        . " <span class=\"actions\">"
+        . " <a class=\"smallbutton\" href=\"editor.php?id=%s\">edit</a>"
+        . " <a class=\"smallbutton\" href=\"delete.php?id=%s\">delete</a></span></div>",
+        $user->getName(),
+        $user->getEmail(), $user->getEmail(),
+        $user->isAdmin() ? 'Yes' : 'No',
+        $user->getId(), $user->getId()
+        );
+}
+
+require_once('../src/footer.inc.php');
+
+?>