From: Joe Presbrey <presbrey@mit.edu>
Date: Fri, 9 Sep 2005 09:07:12 +0000 (+0000)
Subject: change password feature
X-Git-Url: http://andersk.mit.edu/gitweb/sql-web.git/commitdiff_plain/9840d1021689621de69674389a2a15ac10183d02

change password feature
larger default quota (50MB)
cron job to check quotas


git-svn-id: svn://presbrey.mit.edu/sql/mitsql@56 a142d4bd-2cfb-0310-9673-cb33a7e74f58
---

diff --git a/cron.php b/cron.php
new file mode 100644
index 0000000..3ec9561
--- /dev/null
+++ b/cron.php
@@ -0,0 +1,8 @@
+<?php
+
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+checkQuotas();
+
+?>
diff --git a/defaults.cfg.php b/defaults.cfg.php
index df1ab09..b8b68ad 100644
--- a/defaults.cfg.php
+++ b/defaults.cfg.php
@@ -16,8 +16,8 @@ $_NEW_USER['dCreated'] = 'NOW()';
 $_NEW_USER['bEnabled'] = 0;
 
 $_NEW_USERQUOTA['nDatabasesHard'] = 5;
-$_NEW_USERQUOTA['nBytesSoft'] = 26214400;
-$_NEW_USERQUOTA['nBytesHard'] = 26214400;
+$_NEW_USERQUOTA['nBytesSoft'] = 49807360;
+$_NEW_USERQUOTA['nBytesHard'] = 52428800;
 $_NEW_USERQUOTA['dCreated'] = 'NOW()';
 
 $_NEW_USERSTAT['nDatabases'] = 0;
diff --git a/lib/dbaccess.lib.php b/lib/dbaccess.lib.php
index d58bef8..a3211a1 100644
--- a/lib/dbaccess.lib.php
+++ b/lib/dbaccess.lib.php
@@ -75,6 +75,16 @@ function checkQuotas($userId=null) {
 				), dLastCheck = NOW()";
 	if (!empty($userId)) $sql .= sprintf(" WHERE UserId = '%s'", mysql_escape_string($userId));
 	DBUpdate($sql);
+	$sql = "UPDATE UserStat SET nDatabases = (
+				SELECT COUNT(*)
+				FROM DB
+				INNER JOIN DBOwner ON DBOwner.DatabaseId = DB.DatabaseId
+				WHERE DBOwner.UserId = UserStat.UserId
+				  AND DB.bEnabled=1
+				GROUP BY UserId
+				), dLastCheck = NOW()";
+	if (!empty($userId)) $sql .= sprintf(" WHERE UserId = '%s'", mysql_escape_string($userId));
+	DBUpdate($sql);
 }
 
 ?>
diff --git a/lib/mitsql.lib.php b/lib/mitsql.lib.php
index a7dba99..db3790d 100755
--- a/lib/mitsql.lib.php
+++ b/lib/mitsql.lib.php
@@ -13,12 +13,14 @@ require_once('security.lib.php');
 
 require_once('display.lib.php');
 
+$BASE_URL = 'http'.(isSSL()?'s':'').'://'.$_SERVER['SERVER_NAME'].BASE_URL;
+
 if (isset($_SERVER['REQUEST_URI'])) {
     //$thisPath=pathinfo($_SERVER['REQUEST_URI']);
     //session_set_cookie_params(0, $thisPath['dirname']);
 	//$arr = explode('/', $_SERVER['SCRIPT_NAME']);
     //session_set_cookie_params(0, '/'.$arr[1].'/');
-    session_set_cookie_params(0, $BASE_URL);
+    session_set_cookie_params(0, BASE_URL);
     session_start();
     define('INTERACTIVE', 1);
 } else {
diff --git a/login.php b/login.php
index de6416e..5e2d310 100644
--- a/login.php
+++ b/login.php
@@ -36,4 +36,4 @@ isLoggedIn() && redirect('main');
 
 include 'tpl/login.php';
 
-?>
\ No newline at end of file
+?>
diff --git a/main.php b/main.php
index 90bf2ea..a6a0f0e 100644
--- a/main.php
+++ b/main.php
@@ -5,30 +5,32 @@ require_once('mitsql.lib.php');
 
 if (!isLoggedIn()) redirect('index');
 
+$err1 = $msg1 = array();
+
 $User = new User($Login->getUserID());
 
 if (isPost()) {
 	if (isset($i_newdb)) {
 		$dbname = $User->getUsername().DELIMETER.$i_newdb;
 		if ($User->isOverQuota()) {
-			$err[] = 'You are over your quota. You may not add databases.';
+			$err1[] = 'You are over your quota. You may not add databases.';
 		} elseif ($User->addDB($dbname)==false) {
-			$err[] = mysql_error();
+			$err1[] = mysql_error();
 		} else {
-			$msg[] = 'Database `'.$dbname.'` created.';
+			$msg1[] = 'Database `'.$dbname.'` created.';
 		}
 	}
 	if (isset($i_drop)) {
 		$dropdbs = array_keys($i_drop);
 		foreach($dropdbs as $dbname) {
 			if ($User->delDB($dbname)) {
-				$msg[] = 'Database `'.$dbname.'` dropped.';
+				$msg1[] = 'Database `'.$dbname.'` dropped.';
 			} else {
-				$err[] = mysql_error();
+				$err1[] = mysql_error();
 			}
 		}
 	}
-	if (!count($err))
+	if (!count($err1))
 		$User->refresh();
 }
 
diff --git a/mitsql.cfg.php b/mitsql.cfg.php
index 79c60fa..8d2c911 100755
--- a/mitsql.cfg.php
+++ b/mitsql.cfg.php
@@ -27,8 +27,6 @@ defined('ADMINPASS') || define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
 defined('ADMINDB') || define('ADMINDB', 'mitsql');
 
 $BASE_PATH = dirname(__FILE__).'/';
-$BASE_URL = 'http://'.$_SERVER['SERVER_NAME'].BASE_URL;
-//$BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':'';
 
 set_time_limit(0);
 ignore_user_abort(1);
@@ -44,5 +42,4 @@ mysql_select_db(ADMINDB,$cxn);
 if (mysql_error()) die(mysql_error());
 
 chdir($CWD);
-
 ?>
diff --git a/setup.php b/setup.php
new file mode 100755
index 0000000..85e58bc
--- /dev/null
+++ b/setup.php
@@ -0,0 +1,27 @@
+<?php
+
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+if (!isLoggedIn()) redirect('index');
+
+$User = new User($Login->getUserID());
+
+if (isPost()) {
+	if (isset($i_chgpw)) {
+		$p1 = (isset($i_p[1])?$i_p[1]:'');
+		$p2 = (isset($i_p[2])?$i_p[2]:'');
+		if (empty($p1)) {
+			$err[] = 'You may not have a blank password.';
+		} elseif ($p1 != $p2) {
+			$err[] = 'Your confirmation password does not match.';
+		} else {
+			$User->setPassword($p1);
+			$msg[] = 'Your password was changed.';
+		}
+	}
+}
+
+include 'tpl/setup.php';
+
+?>
diff --git a/tpl/index.php b/tpl/index.php
index b69b07e..f434d7d 100644
--- a/tpl/index.php
+++ b/tpl/index.php
@@ -28,7 +28,7 @@ Although we continually put forth our best efforts, we can make no guarantees on
 <h2>Quotas</h2>
 
 <p>
-By default, new users can create up to <strong>5 databases</strong>, consuming a total of <strong>25 megabytes</strong> of SQL data.
+By default, new users can create up to <strong>5 databases</strong>, consuming a total of <strong>50 megabytes</strong> of SQL data.
 The system will periodically check your database sizes and suspend creation of new data (INSERT statements) if your total usage exceeds your allotted quota.
 </p>
 
diff --git a/tpl/main.php b/tpl/main.php
index 2c019d4..ea097da 100644
--- a/tpl/main.php
+++ b/tpl/main.php
@@ -6,7 +6,7 @@ if (isset($i_dropask)) {
 	$dropdbs = array_keys($i_dropask);
 	echo '<form method="post">';
 	foreach($dropdbs as $dbname) {
-		$msg[] = 'Are you sure you want to drop `'.$dbname.'`? <input style="position:absolute; right:20px;" type="submit" name="drop['.$dbname.']" value="Yes">';
+		$msg1[] = 'Are you sure you want to drop `'.$dbname.'`? <input style="position:absolute; right:20px;" type="submit" name="drop['.$dbname.']" value="Yes">';
 	}
 	echo '</form>';
 }
@@ -15,8 +15,8 @@ if (isset($i_dropask)) {
 <h2>Databases</h2>
 
 <form method="post">
-<?php printErrors($err); ?>
-<?php printMsgs($msg); ?>
+<?php printErrors($err1); ?>
+<?php printMsgs($msg1); ?>
 </form>
 
 <table width="100%">
@@ -25,6 +25,9 @@ if (isset($i_dropask)) {
 	$bytes = $User->getBytes();
 	$usage = $bytes['nBytes'];
 	$total = $bytes['nBytesHard'];
+	if (!count($myDBs)) {
+		echo '<tr><td width="100%"><em>You have no databases. Add one below.</em></td></tr>';
+	} else
 	foreach($myDBs as $db) {
 		echo '<tr><td width="100%">';
 		if ($total>0)
diff --git a/tpl/menu.php b/tpl/menu.php
index 177f8f9..bfbeb2a 100644
--- a/tpl/menu.php
+++ b/tpl/menu.php
@@ -2,6 +2,7 @@
 <?php if (isLoggedIn()): ?>
 <div style="float:left">
 <a href="do/main">Main</a> |
+<a href="do/setup">Setup</a> |
 <a href="do/main?refresh">Refresh</a> |
 <?php if (isAdmin()) { ?>
 <a href="do/admin/main">Admin</a> |
diff --git a/tpl/setup.php b/tpl/setup.php
new file mode 100755
index 0000000..65a9cc5
--- /dev/null
+++ b/tpl/setup.php
@@ -0,0 +1,22 @@
+<?php
+include 'head.php';
+?>
+
+<h2>Change Password</h2>
+
+<?php printErrors($err); ?>
+<?php printMsgs($msg); ?>
+
+<form method="post">
+<table>
+<?/*
+<tr><td align="right">old password:</td><td><input type="password" name="p[0]"></td></tr>*/?>
+<tr><td align="right">new password:</td><td><input type="password" name="p[1]"></td></tr>
+<tr><td align="right">confirm:</td><td><input type="password" name="p[2]"></td></tr>
+<tr><td align="right" colspan=2><br /><input name="chgpw" type="submit" value="change password"></td></tr>
+</table>
+</form>
+
+<?php
+include 'foot.php';
+?>