2 * Written by Richard W.M. Jones <rich@merjis.com>.
3 * Copyright (C) 2004 Merjis Ltd.
4 * $Id: edit_user.ml,v 1.2 2004/09/09 09:35:33 rich Exp $
13 open Cocanwiki_strings
16 let run r (q : cgi) (dbh : Dbi.connection) hostid _ self =
17 let userid = int_of_string (q#param "userid") in
19 (* Get the user's original name. If we're going to change the
20 * name, we need to do additional checks.
22 let sth = dbh#prepare_cached "select name from users
23 where hostid = ? and id = ?" in
24 sth#execute [`Int hostid; `Int userid];
25 let original_name = sth#fetch1string () in
27 let name = trim (q#param "name") in
29 if original_name <> name then (
31 error ~back_button:true ~title:"Bad username"
32 q "The username you gave is empty.";
36 (* Check it's not a duplicate, then change it. *)
37 let sth = dbh#prepare_cached "select id from users
38 where hostid = ? and name = ?" in
39 sth#execute [`Int hostid; `String name];
43 error ~back_button:true ~title:"Username already taken"
44 q ("That username has already been taken by another user.");
49 let sth = dbh#prepare_cached "update users set name = ?
50 where hostid = ? and id = ?" in
51 sth#execute [`String name; `Int hostid; `Int userid]
54 (* Change email address and permissions. *)
55 let email = trim (q#param "email") in
56 let email = if email = "" then `Null else `String email in
58 let can_edit = q#param_true "can_edit" in
59 let can_manage_users = q#param_true "can_manage_users" in
61 (* Trying to remove manage users permission from self? *)
62 (match can_manage_users, self with
63 | false, User (id, _, _) when id = userid ->
64 error ~back_button:true ~title:"Remove manage users from self"
65 q ("You tried to remove 'Manage users' permission from yourself. "^
66 "You can't do this. You'll have to do it from another "^
71 let sth = dbh#prepare_cached "update users set email = ?,
72 can_edit = ?, can_manage_users = ?
73 where hostid = ? and id = ?" in
74 sth#execute [email; `Bool can_edit; `Bool can_manage_users;
75 `Int hostid; `Int userid];
80 let buttons = [ ok_button "/_users" ] in
81 ok ~buttons ~title:"Saved"
82 q "Changes were saved."
85 register_script ~restrict:[CanManageUsers] run