change password feature

larger default quota (50MB)
cron job to check quotas

git-svn-id: svn://presbrey.mit.edu/sql/mitsql@56 a142d4bd-2cfb-0310-9673-cb33a7e74f58

diff --git a/cron.php b/cron.php
new file mode 100644 (file)
index 0000000..3ec9561
--- /dev/null
+++ b/cron.php
@@ -0,0 +1,8 @@
+<?php
+
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+checkQuotas();
+
+?>

diff --git a/defaults.cfg.php b/defaults.cfg.php
index df1ab0949b8924052b4753eb38811da6f6b39fe8..b8b68adab9c8989c22fe55b616a44f40dc9e0b7d 100644 (file)
--- a/defaults.cfg.php
+++ b/defaults.cfg.php
@@ -16,8 +16,8 @@ $_NEW_USER['dCreated'] = 'NOW()';
 $_NEW_USER['bEnabled'] = 0;
 
 $_NEW_USERQUOTA['nDatabasesHard'] = 5;
-$_NEW_USERQUOTA['nBytesSoft'] = 26214400;
-$_NEW_USERQUOTA['nBytesHard'] = 26214400;
+$_NEW_USERQUOTA['nBytesSoft'] = 49807360;
+$_NEW_USERQUOTA['nBytesHard'] = 52428800;
 $_NEW_USERQUOTA['dCreated'] = 'NOW()';
 
 $_NEW_USERSTAT['nDatabases'] = 0;

diff --git a/lib/dbaccess.lib.php b/lib/dbaccess.lib.php
index d58bef8e689132129af39c1d6c4aab8886064cb2..a3211a11a6986f3cb2b76406f3e9ee0e6838bd33 100644 (file)
--- a/lib/dbaccess.lib.php
+++ b/lib/dbaccess.lib.php
@@ -75,6 +75,16 @@ function checkQuotas($userId=null) {
                                ), dLastCheck = NOW()";
        if (!empty($userId)) $sql .= sprintf(" WHERE UserId = '%s'", mysql_escape_string($userId));
        DBUpdate($sql);
+       $sql = "UPDATE UserStat SET nDatabases = (
+                               SELECT COUNT(*)
+                               FROM DB
+                               INNER JOIN DBOwner ON DBOwner.DatabaseId = DB.DatabaseId
+                               WHERE DBOwner.UserId = UserStat.UserId
+                                 AND DB.bEnabled=1
+                               GROUP BY UserId
+                               ), dLastCheck = NOW()";
+       if (!empty($userId)) $sql .= sprintf(" WHERE UserId = '%s'", mysql_escape_string($userId));
+       DBUpdate($sql);
 }
 
 ?>

diff --git a/lib/mitsql.lib.php b/lib/mitsql.lib.php
index a7dba99057cf9965655869ef65a65cc4cea3beac..db3790df2fd57df3e2ef4533e7939b118ffb4f35 100755 (executable)
--- a/lib/mitsql.lib.php
+++ b/lib/mitsql.lib.php
@@ -13,12 +13,14 @@ require_once('security.lib.php');
 
 require_once('display.lib.php');
 
+$BASE_URL = 'http'.(isSSL()?'s':'').'://'.$_SERVER['SERVER_NAME'].BASE_URL;
+
 if (isset($_SERVER['REQUEST_URI'])) {
     //$thisPath=pathinfo($_SERVER['REQUEST_URI']);
     //session_set_cookie_params(0, $thisPath['dirname']);
        //$arr = explode('/', $_SERVER['SCRIPT_NAME']);
     //session_set_cookie_params(0, '/'.$arr[1].'/');
-    session_set_cookie_params(0, $BASE_URL);
+    session_set_cookie_params(0, BASE_URL);
     session_start();
     define('INTERACTIVE', 1);
 } else {

diff --git a/login.php b/login.php
index de6416eb033b41e5ebd3e844e8d5052342452c5b..5e2d3109e2086ac8683780e11cb7a7665d93165a 100644 (file)
--- a/login.php
+++ b/login.php
@@ -36,4 +36,4 @@ isLoggedIn() && redirect('main');
 
 include 'tpl/login.php';
 
-?>
\ No newline at end of file
+?>

diff --git a/main.php b/main.php
index 90bf2ea91a43798cd61bc76c4fb758e1e991dacf..a6a0f0e3a9053aa0b6c03bc87fbd519c264f682a 100644 (file)
--- a/main.php
+++ b/main.php
@@ -5,30 +5,32 @@ require_once('mitsql.lib.php');
 
 if (!isLoggedIn()) redirect('index');
 
+$err1 = $msg1 = array();
+
 $User = new User($Login->getUserID());
 
 if (isPost()) {
        if (isset($i_newdb)) {
                $dbname = $User->getUsername().DELIMETER.$i_newdb;
                if ($User->isOverQuota()) {
-                       $err[] = 'You are over your quota. You may not add databases.';
+                       $err1[] = 'You are over your quota. You may not add databases.';
                } elseif ($User->addDB($dbname)==false) {
-                       $err[] = mysql_error();
+                       $err1[] = mysql_error();
                } else {
-                       $msg[] = 'Database `'.$dbname.'` created.';
+                       $msg1[] = 'Database `'.$dbname.'` created.';
                }
        }
        if (isset($i_drop)) {
                $dropdbs = array_keys($i_drop);
                foreach($dropdbs as $dbname) {
                        if ($User->delDB($dbname)) {
-                               $msg[] = 'Database `'.$dbname.'` dropped.';
+                               $msg1[] = 'Database `'.$dbname.'` dropped.';
                        } else {
-                               $err[] = mysql_error();
+                               $err1[] = mysql_error();
                        }
                }
        }
-       if (!count($err))
+       if (!count($err1))
                $User->refresh();
 }
 

diff --git a/mitsql.cfg.php b/mitsql.cfg.php
index 79c60fab945bb9e2e10cb2a7453c8d81c37a063d..8d2c911a2e4f96db3d4dfe2079fd22ebf43b823f 100755 (executable)
--- a/mitsql.cfg.php
+++ b/mitsql.cfg.php
@@ -27,8 +27,6 @@ defined('ADMINPASS') || define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
 defined('ADMINDB') || define('ADMINDB', 'mitsql');
 
 $BASE_PATH = dirname(__FILE__).'/';
-$BASE_URL = 'http://'.$_SERVER['SERVER_NAME'].BASE_URL;
-//$BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':'';
 
 set_time_limit(0);
 ignore_user_abort(1);
@@ -44,5 +42,4 @@ mysql_select_db(ADMINDB,$cxn);
 if (mysql_error()) die(mysql_error());
 
 chdir($CWD);
-
 ?>

diff --git a/setup.php b/setup.php
new file mode 100755 (executable)
index 0000000..85e58bc
--- /dev/null
+++ b/setup.php
@@ -0,0 +1,27 @@
+<?php
+
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+if (!isLoggedIn()) redirect('index');
+
+$User = new User($Login->getUserID());
+
+if (isPost()) {
+       if (isset($i_chgpw)) {
+               $p1 = (isset($i_p[1])?$i_p[1]:'');
+               $p2 = (isset($i_p[2])?$i_p[2]:'');
+               if (empty($p1)) {
+                       $err[] = 'You may not have a blank password.';
+               } elseif ($p1 != $p2) {
+                       $err[] = 'Your confirmation password does not match.';
+               } else {
+                       $User->setPassword($p1);
+                       $msg[] = 'Your password was changed.';
+               }
+       }
+}
+
+include 'tpl/setup.php';
+
+?>

diff --git a/tpl/index.php b/tpl/index.php
index b69b07e24f8688bfc84acf379511464b42b6dc7b..f434d7d8e110bd9dbce7908bfa43edc22218e9d4 100644 (file)
--- a/tpl/index.php
+++ b/tpl/index.php
@@ -28,7 +28,7 @@ Although we continually put forth our best efforts, we can make no guarantees on
 <h2>Quotas</h2>
 
 <p>
-By default, new users can create up to <strong>5 databases</strong>, consuming a total of <strong>25 megabytes</strong> of SQL data.
+By default, new users can create up to <strong>5 databases</strong>, consuming a total of <strong>50 megabytes</strong> of SQL data.
 The system will periodically check your database sizes and suspend creation of new data (INSERT statements) if your total usage exceeds your allotted quota.
 </p>
 

diff --git a/tpl/main.php b/tpl/main.php
index 2c019d42f581b7dc491a35dccc8c321f6a9dbd7a..ea097da090970d021f51c556721683e0b2d0b369 100644 (file)
--- a/tpl/main.php
+++ b/tpl/main.php
@@ -6,7 +6,7 @@ if (isset($i_dropask)) {
        $dropdbs = array_keys($i_dropask);
        echo '<form method="post">';
        foreach($dropdbs as $dbname) {
-               $msg[] = 'Are you sure you want to drop `'.$dbname.'`? <input style="position:absolute; right:20px;" type="submit" name="drop['.$dbname.']" value="Yes">';
+               $msg1[] = 'Are you sure you want to drop `'.$dbname.'`? <input style="position:absolute; right:20px;" type="submit" name="drop['.$dbname.']" value="Yes">';
        }
        echo '</form>';
 }
@@ -15,8 +15,8 @@ if (isset($i_dropask)) {
 <h2>Databases</h2>
 
 <form method="post">
-<?php printErrors($err); ?>
-<?php printMsgs($msg); ?>
+<?php printErrors($err1); ?>
+<?php printMsgs($msg1); ?>
 </form>
 
 <table width="100%">
@@ -25,6 +25,9 @@ if (isset($i_dropask)) {
        $bytes = $User->getBytes();
        $usage = $bytes['nBytes'];
        $total = $bytes['nBytesHard'];
+       if (!count($myDBs)) {
+               echo '<tr><td width="100%"><em>You have no databases. Add one below.</em></td></tr>';
+       } else
        foreach($myDBs as $db) {
                echo '<tr><td width="100%">';
                if ($total>0)

diff --git a/tpl/menu.php b/tpl/menu.php
index 177f8f99f83e08d6b0cd14c92ad38978aeb8be3c..bfbeb2ac3ea2cf6f609c7d079a7a2631b6fcf673 100644 (file)
--- a/tpl/menu.php
+++ b/tpl/menu.php
@@ -2,6 +2,7 @@
 <?php if (isLoggedIn()): ?>
 <div style="float:left">
 <a href="do/main">Main</a> |
+<a href="do/setup">Setup</a> |
 <a href="do/main?refresh">Refresh</a> |
 <?php if (isAdmin()) { ?>
 <a href="do/admin/main">Admin</a> |

diff --git a/tpl/setup.php b/tpl/setup.php
new file mode 100755 (executable)
index 0000000..65a9cc5
--- /dev/null
+++ b/tpl/setup.php
@@ -0,0 +1,22 @@
+<?php
+include 'head.php';
+?>
+
+<h2>Change Password</h2>
+
+<?php printErrors($err); ?>
+<?php printMsgs($msg); ?>
+
+<form method="post">
+<table>
+<?/*
+<tr><td align="right">old password:</td><td><input type="password" name="p[0]"></td></tr>*/?>
+<tr><td align="right">new password:</td><td><input type="password" name="p[1]"></td></tr>
+<tr><td align="right">confirm:</td><td><input type="password" name="p[2]"></td></tr>
+<tr><td align="right" colspan=2><br /><input name="chgpw" type="submit" value="change password"></td></tr>
+</table>
+</form>
+
+<?php
+include 'foot.php';
+?>