diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 036c9d1..ba2d1d9 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -229,12 +229,49 @@ class Database {
return FALSE;
}
}
+
+ public function listUsers($username=null) {
+ $sql = 'SELECT count(*) FROM users'.( $username ? ' WHERE username=?' : '');
+ $query = $this->executeQuery($sql, ( $username ? array($username) : array()));
+ list($count) = $query->fetch();
+ return $count;
+ }
+
+ public function getUserPassword($userID) {
+ $sql = "SELECT * FROM users WHERE id=?";
+ $query = $this->executeQuery($sql, array($userID));
+ $password = $query->fetchAll();
+ return isset($password[0]['password']) ? $password[0]['password'] : null;
+ }
+
+ public function deleteUserConfig($userID) {
+ $sql_action = 'DELETE from users_config WHERE user_id=?';
+ $params_action = array($userID);
+ $query = $this->executeQuery($sql_action, $params_action);
+ return $query;
+ }
+
+ public function deleteTagsEntriesAndEntries($userID) {
+ $entries = $this->retrieveAll($userID);
+ foreach($entries as $entryid) {
+ $tags = $this->retrieveTagsByEntry($entryid);
+ foreach($tags as $tag) {
+ $this->removeTagForEntry($entryid,$tags);
+ }
+ $this->deleteById($entryid,$userID);
+ }
+ }
+
+ public function deleteUser($userID) {
+ $sql_action = 'DELETE from users WHERE id=?';
+ $params_action = array($userID);
+ $query = $this->executeQuery($sql_action, $params_action);
+ }
public function updateContentAndTitle($id, $title, $body, $user_id) {
$sql_action = 'UPDATE entries SET content = ?, title = ? WHERE id=? AND user_id=?';
$params_action = array($body, $title, $id, $user_id);
$query = $this->executeQuery($sql_action, $params_action);
-
return $query;
}
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 811895d..aa313c2 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -241,6 +241,58 @@ class Poche
$filter = new Twig_SimpleFilter('getReadingTime', 'Tools::getReadingTime');
$this->tpl->addFilter($filter);
}
+
+ public function createNewUser() {
+ if (isset($_GET['newuser'])){
+ if ($_POST['newusername'] != "" && $_POST['password4newuser'] != ""){
+ $newusername = filter_var($_POST['newusername'], FILTER_SANITIZE_STRING);
+ if (!$this->store->userExists($newusername)){
+ if ($this->store->install($newusername, Tools::encodeString($_POST['password4newuser'] . $newusername))) {
+ Tools::logm('The new user '.$newusername.' has been installed');
+ $this->messages->add('s', sprintf(_('The new user %s has been installed. Do you want to logout ?'),$newusername));
+ Tools::redirect();
+ }
+ else {
+ Tools::logm('error during adding new user');
+ Tools::redirect();
+ }
+ }
+ else {
+ $this->messages->add('e', sprintf(_('Error : An user with the name %s already exists !'),$newusername));
+ Tools::logm('An user with the name '.$newusername.' already exists !');
+ Tools::redirect();
+ }
+ }
+ }
+ }
+
+ public function deleteUser(){
+ if (isset($_GET['deluser'])){
+ if ($this->store->listUsers() > 1) {
+ if (Tools::encodeString($_POST['password4deletinguser'].$this->user->getUsername()) == $this->store->getUserPassword($this->user->getId())) {
+ $username = $this->user->getUsername();
+ $this->store->deleteUserConfig($this->user->getId());
+ Tools::logm('The configuration for user '. $username .' has been deleted !');
+ $this->store->deleteTagsEntriesAndEntries($this->user->getId());
+ Tools::logm('The entries for user '. $username .' has been deleted !');
+ $this->store->deleteUser($this->user->getId());
+ Tools::logm('User '. $username .' has been completely deleted !');
+ Session::logout();
+ Tools::logm('logout');
+ Tools::redirect();
+ $this->messages->add('s', sprintf(_('User %s has been successfully deleted !'),$newusername));
+ }
+ else {
+ Tools::logm('Bad password !');
+ $this->messages->add('e', _('Error : The password is wrong !'));
+ }
+ }
+ else {
+ Tools::logm('Only user !');
+ $this->messages->add('e', _('Error : You are the only user, you cannot delete your account !'));
+ }
+ }
+ }
private function install()
{
@@ -520,6 +572,7 @@ class Poche
$languages = $this->getInstalledLanguages();
$token = $this->user->getConfigValue('token');
$http_auth = (isset($_SERVER['PHP_AUTH_USER']) || isset($_SERVER['REMOTE_USER'])) ? true : false;
+ $only_user = ($this->store->listUsers() > 1) ? false : true;
$tpl_vars = array(
'themes' => $themes,
'languages' => $languages,
@@ -532,6 +585,7 @@ class Poche
'token' => $token,
'user_id' => $this->user->getId(),
'http_auth' => $http_auth,
+ 'only_user' => $only_user
);
Tools::logm('config view');
break;
diff --git a/index.php b/index.php
index deb13d7..9c943b1 100755
--- a/index.php
+++ b/index.php
@@ -66,6 +66,10 @@ if (isset($_GET['login'])) {
} elseif (isset($_GET['config'])) {
# Update password
$poche->updatePassword();
+} elseif (isset($_GET['newuser'])) {
+ $poche->createNewUser();
+} elseif (isset($_GET['deluser'])) {
+ $poche->deleteUser();
} elseif (isset($_GET['import'])) {
$import = $poche->import();
$tpl_vars = array_merge($tpl_vars, $import);
diff --git a/themes/baggy/config.twig b/themes/baggy/config.twig
index d441de7..29d9e04 100755
--- a/themes/baggy/config.twig
+++ b/themes/baggy/config.twig
@@ -128,4 +128,36 @@
{% trans "Cache" %}
{% trans "Click here" %} {% trans "to delete cache." %}
+ {% trans 'Add user' %}
+ {% trans 'Add a new user :' %}
+
+
+ {% trans "Delete account" %}
+ {% if not only_user %}
+ {% else %}{% trans "You are the only user, you cannot delete your own account." %}
+ {% trans "To completely remove wallabag, delete the wallabag folder on your web server." %}
{% endif %}
{% endblock %}