sub quietly_check_login() {
$::usergroupset = '0';
my $loginok = 0;
+ $::disabledreason = '';
if (defined $::COOKIE{"Bugzilla_login"} &&
defined $::COOKIE{"Bugzilla_logincookie"}) {
ConnectToDatabase();
" and profiles.cryptpassword = logincookies.cryptpassword " .
"and logincookies.hostname = " .
SqlQuote($ENV{"REMOTE_HOST"}) .
+ ", profiles.disabledtext " .
" from profiles,logincookies where logincookies.cookie = " .
SqlQuote($::COOKIE{"Bugzilla_logincookie"}) .
" and profiles.userid = logincookies.userid");
my @row;
if (@row = FetchSQLData()) {
- $loginok = $row[2];
- if ($loginok) {
- $::usergroupset = $row[0];
- $::COOKIE{"Bugzilla_login"} = $row[1]; # Makes sure case is in
- # canonical form.
+ my ($groupset, $loginname, $ok, $disabledtext) = (@row);
+ if ($ok) {
+ if ($disabledtext eq '') {
+ $loginok = 1;
+ $::usergroupset = $groupset;
+ $::COOKIE{"Bugzilla_login"} = $loginname; # Makes sure case
+ # is in
+ # canonical form.
+ } else {
+ $::disabledreason = $disabledtext;
+ }
}
}
}
my $loginok = quietly_check_login();
if ($loginok != 1) {
+ if ($::disabledreason) {
+ print "Set-Cookie: Bugzilla_login= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
+Set-Cookie: Bugzilla_logincookie= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
+Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT
+Content-type: text/html
+
+";
+ PutHeader("Your account has been disabled");
+ print $::disabledreason;
+ print "<HR>\n";
+ print "If you believe your account should be restored, please\n";
+ print "send email to " . Param("maintainer") . " explaining\n";
+ print "why.\n";
+ PutFooter();
+ exit();
+ }
print "Content-type: text/html\n\n";
PutHeader("Login", undef, undef, undef, 1);
print "I need a legitimate e-mail address and password to continue.\n";
# Displays the form to edit a user parameters
#
-sub EmitFormElements ($$$$$)
+sub EmitFormElements ($$$$$$)
{
- my ($user, $password, $realname, $groupset, $emailnotification) = @_;
+ my ($user, $password, $realname, $groupset, $emailnotification,
+ $disabledtext) = @_;
print " <TH ALIGN=\"right\">Login name:</TH>\n";
print " <TD><INPUT SIZE=64 MAXLENGTH=255 NAME=\"user\" VALUE=\"$user\"></TD>\n";
print qq{<OPTION$selectpart VALUE="$tag">$desc\n};
}
print "</SELECT></TD>\n";
+ print "</TR><TR>\n";
+ print " <TH ALIGN=\"right\">Disable text:</TH>\n";
+ print " <TD ROWSPAN=2><TEXTAREA NAME=\"disabledtext\" ROWS=10 COLS=60>" .
+ value_quote($disabledtext) . "</TEXTAREA>\n";
+ print " </TD>\n";
+ print "</TR><TR>\n";
+ print " <TD VALIGN=\"top\">If non-empty, then the account will\n";
+ print "be disabled, and this text should explain why.</TD>\n";
+
SendSQL("SELECT bit,name,description,bit & $groupset != 0
FROM groups
unless ($action) {
PutHeader("Select match string");
print qq{
-<FORM METHOD=POST ACTION="editusers.cgi">
+<FORM METHOD=GET ACTION="editusers.cgi">
<INPUT TYPE=HIDDEN NAME="action" VALUE="list">
List users with login name matching:
<INPUT SIZE=32 NAME="matchstr">
if ($action eq 'list') {
PutHeader("Select user");
- my $query = "SELECT login_name,realname FROM profiles WHERE login_name ";
+ my $query = "SELECT login_name,realname,disabledtext " .
+ "FROM profiles WHERE login_name ";
if ($::FORM{'matchtype'} eq 'substr') {
$query .= "like";
$::FORM{'matchstr'} = '%' . $::FORM{'matchstr'} . '%';
if ($count % 100 == 0) {
print "</table>$header";
}
- my ($user, $realname) = FetchSQLData();
+ my ($user, $realname, $disabledtext) = FetchSQLData();
+ my $s = "";
+ my $e = "";
+ if ($disabledtext) {
+ $s = "<STRIKE>";
+ $e = "</STRIKE>";
+ }
$realname ||= "<FONT COLOR=\"red\">missing</FONT>";
print "<TR>\n";
- print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=edit&user=", url_quote($user), "\"><B>$user</B></A></TD>\n";
- print " <TD VALIGN=\"top\">$realname</TD>\n";
+ print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=edit&user=", url_quote($user), "\"><B>$s$user$e</B></A></TD>\n";
+ print " <TD VALIGN=\"top\">$s$realname$e</TD>\n";
if ($candelete) {
print " <TD VALIGN=\"top\"><A HREF=\"editusers.cgi?action=del&user=", url_quote($user), "\">Delete</A></TD>\n";
}
print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
- EmitFormElements('', '', '', 0, 'ExcludeSelfChanges');
+ EmitFormElements('', '', '', 0, 'ExcludeSelfChanges', '');
print "</TR></TABLE>\n<HR>\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Add\">\n";
# Cleanups and valididy checks
my $realname = trim($::FORM{realname} || '');
my $password = trim($::FORM{password} || '');
+ my $disabledtext = trim($::FORM{disabledtext} || '');
unless ($user) {
print "You must enter a name for the new user. Please press\n";
# Add the new user
SendSQL("INSERT INTO profiles ( " .
- "login_name, password, cryptpassword, realname, groupset" .
- " ) VALUES ( " .
- SqlQuote($user) . "," .
- SqlQuote($password) . "," .
- "encrypt(" . SqlQuote($password) . ")," .
- SqlQuote($realname) . "," .
- $bits . ")" );
+ "login_name, password, cryptpassword, realname, groupset, " .
+ "disabledtext" .
+ " ) VALUES ( " .
+ SqlQuote($user) . "," .
+ SqlQuote($password) . "," .
+ "encrypt(" . SqlQuote($password) . ")," .
+ SqlQuote($realname) . "," .
+ $bits . "," .
+ SqlQuote($disabledtext) . ")" );
#+++ send e-mail away
CheckUser($user);
# get data of user
- SendSQL("SELECT password, realname, groupset, emailnotification
+ SendSQL("SELECT password, realname, groupset, emailnotification,
+ disabledtext
FROM profiles
WHERE login_name=" . SqlQuote($user));
- my ($password, $realname, $groupset, $emailnotification) = FetchSQLData();
+ my ($password, $realname, $groupset, $emailnotification,
+ $disabledtext) = FetchSQLData();
print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";
EmitFormElements($user, $password, $realname, $groupset,
- $emailnotification);
+ $emailnotification, $disabledtext);
print "</TR></TABLE>\n";
print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"groupsetold\" VALUE=\"$groupset\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"emailnotificationold\" VALUE=\"$emailnotification\">\n";
+ print "<INPUT TYPE=HIDDEN NAME=\"disabledtextold\" VALUE=\"" .
+ value_quote($disabledtext) . "\">\n";
print "<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"update\">\n";
print "<INPUT TYPE=SUBMIT VALUE=\"Update\">\n";
my $passwordold = trim($::FORM{passwordold} || '');
my $emailnotification = trim($::FORM{emailnotification} || '');
my $emailnotificationold = trim($::FORM{emailnotificationold} || '');
+ my $disabledtext = trim($::FORM{disabledtext} || '');
+ my $disabledtextold = trim($::FORM{disabledtextold} || '');
my $groupsetold = trim($::FORM{groupsetold} || '');
my $groupset = "0";
WHERE login_name=" . SqlQuote($userold));
print "Updated real name.<BR>\n";
}
+ if ($disabledtext ne $disabledtextold) {
+ SendSQL("UPDATE profiles
+ SET disabledtext=" . SqlQuote($disabledtext) . "
+ WHERE login_name=" . SqlQuote($userold));
+ SendSQL("SELECT userid
+ FROM profiles
+ WHERE login_name=" . SqlQuote($user));
+ my $userid = FetchOneColumn();
+ SendSQL("DELETE FROM logincookies
+ WHERE userid=" . $userid);
+ print "Updated disabled text.<BR>\n";
+ }
if ($user ne $userold) {
unless ($user) {
print "Sorry, I can't delete the user's name.";
projects / thirdparty / bugzilla.git / commitdiff
