Wiki source for AlexFranke

Show raw source

===Alex Franke's Page===

I'm brand new to WikkaWiki (and new to wikis in general), and pretty inexperienced with PHP and open source development. I've been a C# developer for years, though, and other technologies going back. I don't get a lot of chances to work on web stuff, but it interests me. I'm trying out WikkaWiki on my personal site over at My software development-related website is, and my other sites aren't really applicable, so I'll leave them out. :)

===What I'm Using WikkaWiki For===

I'm trying it out as a way to organize and manage family information, projects, to-do lists, etc. It's actually on a windows server for now.

There are a handful of people that I want to have access, and I don't want most of the site publicly accessible. I want registered users to be able to add new registered users (e.g. my brother can add his wife if he wants), but I don't want to have a simple "secret" password.

I might be missing something simple here, but I couldn't immediately find an easy way to do this. So I started writing some code. :) If there's a better way to do this, please feel free to enlighten me. Like I say, I'm still brand spankin' new to this software, and I'm still getting used to wiki syntax. (E.g., I still need to figure out how to add a camel-case name so it doesn't get picked up as a wikiname!)

Here's what I've done:
- Make read/write ACLs default to Registered Users
- 'default_write_acl' => '+',
- 'default_read_acl' => '+',
- 'default_comment_acl' => '+',
- Turn Allow User Registration Off
- 'allow_user_registration' => '0',
- Set UserSettings and Home page read ACL to public
- Write an Add New User action (more later)

==="Add New User" Action===

I lifted code from other pages (mainly User Settings and Admin Users) to build a part that allows people to add new users and optionally send them an email. At first (last night) I just added it to the bottom of Admin Users, but today I moved it over to a new page that's accessible to all registered users.

I'm new to open source, and I haven't done all me reading yet, so go easy on me! But do feel free to chime in if you see any serious issues, or if there's a built-in way to handle this. Thanks!

* Display a module for adding a user.
* This action allows users to be added (preferably by admins). As a result, a wiki
* can be configured for use by invitation only by setting allow_user_registration
* to zero and placing this action on an admin- or member-restricted page.

// defaults
if (!defined('PASSWORD_MIN_LENGTH')) define('PASSWORD_MIN_LENGTH', "5");
if (!defined('VALID_EMAIL_PATTERN')) define('VALID_EMAIL_PATTERN', "/^.+?\@.+?\..+$/"); //TODO: Use central regex library
if (!defined('INPUT_ERROR_STYLE')) define('INPUT_ERROR_STYLE', 'class="highlight"');

// i18n strings
// General
if (!defined('ADD_USER_HEADING')) define('ADD_USER_HEADING', "Add new user");
if (!defined('ADD_USER_BUTTON_LABEL')) define('ADD_USER_BUTTON_LABEL', "Add User");
if (!defined('ADD_SUCCEEDED')) define('ADD_SUCCEEDED', "User has been added!");
if (!defined('EMAIL_SUBJECT')) define('EMAIL_SUBJECT', "User has been added!");
if (!defined('EMAIL_BODY')) define('EMAIL_BODY', "A wiki account has been created for you at " . $this->config['base_url'] . ". Your username/password are: ");

// GUI Labels
if (!defined('WIKINAME_LABEL')) define('WIKINAME_LABEL', "New user's <abbr title=\"A WikiName is formed by two or more capitalized words without space, e.g. JohnDoe\">WikiName</abbr>:");
if (!defined('USER_EMAIL_LABEL')) define('USER_EMAIL_LABEL', "User's email address:");
if (!defined('PASSWORD_LABEL')) define('PASSWORD_LABEL', "Password (%s+ chars):");
if (!defined('EMAIL_NEW_USER_LABEL')) define('EMAIL_NEW_USER_LABEL', "Send welcome email:");

// Validation Errors - General
if(!defined('ERROR_VALIDATION_FAILED')) define('ERROR_VALIDATION_FAILED', "Registration validation failed, please try again!");

// ...Validation Errors - Username
if (!defined('ERROR_EMPTY_USERNAME')) define('ERROR_EMPTY_USERNAME', "Please fill in your user name.");
if (!defined('ERROR_USERNAME_EXISTS')) define('ERROR_USERNAME_EXISTS', "Sorry, this user name already exists.");
if (!defined('ERROR_WIKINAME')) define('ERROR_WIKINAME', "Username must be formatted as a ##\"\"WikiName\"\"##, e.g. ##\"\"JohnDoe\"\"##.");
if (!defined('ERROR_RESERVED_PAGENAME')) define('ERROR_RESERVED_PAGENAME', "Sorry, this name is reserved for a page. Please choose a different name.");

// ...Validation Errors - Email
if (!defined('ERROR_EMAIL_ADDRESS_REQUIRED')) define('ERROR_EMAIL_ADDRESS_REQUIRED', "Please specify an email address.");
if (!defined('ERROR_INVALID_EMAIL_ADDRESS')) define('ERROR_INVALID_EMAIL_ADDRESS', "That doesn't quite look like an email address.");

// ...Validation Errors - Password
if (!defined('ERROR_EMPTY_PASSWORD')) define('ERROR_EMPTY_PASSWORD', "Please fill in a password.");
if (!defined('ERROR_NO_BLANK')) define('ERROR_NO_BLANK', "Sorry, blanks are not permitted in the password.");
if (!defined('ERROR_PASSWORD_TOO_SHORT')) define('ERROR_PASSWORD_TOO_SHORT', "Sorry, the password must contain at least %s characters.");

//initialize variables
$url = '';
$params = '';
$username = '';
$email = '';
$password = '';
$username_highlight = '';
$email_highlight = '';
$password_highlight = '';

// Create URAuth object
$urobj = new URAuth($this);

//create URL
$url = $this->config['base_url'].$this->tag;

// append URL params depending on rewrite_mode
$params = ($this->config['rewrite_mode'] == 1) ? '?' : '&';

$regex_referrer = '@^'.preg_quote($this->config['base_url'], '@').'([^\/\?&]*)@i';
if (isset($_SERVER['HTTP_REFERER']) && preg_match($regex_referrer, $_SERVER['HTTP_REFERER'], $match))
if (strcasecmp($this->tag, $match[1]))
$_SESSION['go_back'] = $_SERVER['HTTP_REFERER'];
//We save the tag of the referring page, this tag is to be shown in label <Go back to ...>. We must use a session here because if the user
//Refresh the page by hitting <Enter> on the address bar, the value would be lost.
$_SESSION['go_back_tag'] = $match[1];

// User must be logged in
if ($user = $this->GetUser() )
// validate data source
$keep_post_data = FALSE;
if (isset($_POST['form_id']) && FALSE != ($aKey = $this->getSessionKey($_POST['form_id']))) # check if page key was stored in session
if (TRUE == ($rc = $this->hasValidSessionKey($aKey))) # check if correct name,key pair was passed
$keep_post_data = TRUE;
if(!$keep_post_data) unset($_POST);

// is user trying to add a user?
if (isset($_POST['action']) && ($_POST['action'] == 'adduser'))
// get POST parameters
$name = trim($_POST['name']);
$email = trim($this->GetSafeVar('email', 'post'));
$password = $_POST['password'];
$email_new_user = $this->GetSafeVar('email_new_user', 'post');

// validate form input
switch (TRUE)
// Validate the NAME
case (FALSE===$urobj->URAuthVerify()):
case (strlen($name) == 0):
$username_highlight = INPUT_ERROR_STYLE;
case (isset($_POST['name']) && $existingUser = $this->LoadUser($_POST['name'])):
$username_highlight = INPUT_ERROR_STYLE;
case (!$this->IsWikiName($name)):
$username_highlight = INPUT_ERROR_STYLE;
case ($this->existsPage($name,NULL,NULL,FALSE)): // name change, new interface (check for non-active page, too)
$username_highlight = INPUT_ERROR_STYLE;

// Valide EMAIL
case (strlen($email) == 0): //email is empty
$email_highlight = INPUT_ERROR_STYLE;
case (!preg_match(VALID_EMAIL_PATTERN, $email)): //invalid email
$email_highlight = INPUT_ERROR_STYLE;

// Validate PASSWORD
case (strlen($password) == 0):
$password_highlight = INPUT_ERROR_STYLE;
case (preg_match("/ /", $password)):
$passerror = ERROR_NO_BLANK;
$password_highlight = INPUT_ERROR_STYLE;
case (strlen($password) < PASSWORD_MIN_LENGTH):
$password_highlight = INPUT_ERROR_STYLE;

default: // input is valid
$this->Query("INSERT INTO ".$this->config['table_prefix']."users SET ".
"signuptime = now(), ".
"name = '".mysql_real_escape_string($name)."', ".
"email = '".mysql_real_escape_string($email)."', ".
"password = md5('".mysql_real_escape_string($_POST['password'])."')");

// Send mail to new user if requested
if ( $email_new_user )
mail( $email, EMAIL_SUBJECT, EMAIL_BODY . $name . "/" . $_POST['password'] );

// forward
$params .= 'added=true';

// display Add User form
echo $this->FormOpen();
<input type="hidden" name="action" value="adduser" />
<legend><?php echo ADD_USER_HEADING ?></legend>
<table class="usersettings">

// create confirmation message if needed
case (isset($_GET['added']) && $_GET['added'] == 'true'):
$success = ADD_SUCCEEDED;

// display error or confirmation message
case (isset($error)):
echo '<tr><td></td><td><em class="error">'.$this->Format($error).'</em></td></tr>'."\n";
case (isset($success)):
echo '<tr><td></td><td><em class="success">'.$this->Format($success).'</em></td></tr>'."\n";
<td align="right"><?php echo WIKINAME_LABEL ?></td>
<td><input <?php echo $username_highlight; ?> name="name" size="40" value="<?php echo $this->GetSafeVar('name', 'post'); ?>" /></td>
<td align="right"><?php echo USER_EMAIL_LABEL ?></td>
<td><input <?php echo $email_highlight; ?> name="email" size="40" value="" /></td>
<td align="right"><?php echo sprintf(PASSWORD_LABEL, PASSWORD_MIN_LENGTH) ?></td>
<td><input name="password" size="40" /></td>
<td align="right"><?php echo EMAIL_NEW_USER_LABEL ?></td>
<td><input type="hidden" name="email_new_user" value="N" /><input type="checkbox" name="email_new_user" value="Y" <?php echo $email_new_user == 'Y' ? 'checked="checked"' : '' ?> /></td>
<td> </td>
<td><input name="submit" type="submit" value="<?php echo ADD_USER_BUTTON_LABEL ?>" size="40" /></td>
echo $this->FormClose(); //close user settings form


Valid XHTML :: Valid CSS: :: Powered by WikkaWiki