Handling single user in multi user mode UX and first user is admin

Author: mattpass

assets/css/icecoder.css

@@ -168,6 +168,7 @@ h2 {font-size: 18px; font-weight: normal; color: #fff}
 .screenCenter .text {position: relative; display: block; margin-top: 15px; font-size: 10px; color: #888}
 .screenCenter .text input {margin-top: 1px}
 .screenCenter .text a {position: relative; display: block; margin-top: 15px; font-size: 10px; color: #888; text-decoration: none}
+.screenCenter .adminUser {margin-bottom: 15px; color: #bbb}
 .screenCenter .password {border: 0; background-color: #333; color: #fff; height: 20px}
 .screenCenter .password:focus {outline: none; background: rgba(0,198,255,0.5); color: #fff}
 .screenCenter .button {border: 0; background: #444; color: #eee; height: 22px; cursor: pointer}

lib/login.php

@@ -12,15 +12,27 @@
 
 $t = $text['login'];
 
-$settingPW = $ICEcoder["enableRegistration"] && ($ICEcoder["multiUser"] || "" === $ICEcoder["password"]);
+$settingPW = true === $ICEcoder["enableRegistration"] && (true === $ICEcoder["multiUser"] || "" === $ICEcoder["password"]);
+
+// If multiUser, detect which users we have
+if ($ICEcoder["multiUser"]) {		
+	$configUsernames = [];
+	$handle = opendir('../data/');
+	while (false !== ($file = readdir($handle))) {
+		if ($file !== "config-global.php" && 0 === strpos($file, "config-")) {
+			$configUsernames[explode("-", $file)[1]] = true;
+		}
+	}
+	closedir($handle);
+}
 ?>
 <!DOCTYPE html>
 
 <html>
 <head>
 <title>ICEcoder <?php
 echo $ICEcoder["versionNo"] . " : ";
-echo $settingPW ? "Setup" : "Login";
+echo true === $settingPW ? "Setup" : "Login";
 ?></title>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 <meta name="robots" content="noindex, nofollow">
@@ -30,27 +42,37 @@
 <link rel="icon" type="image/png" href="../assets/images/favicon.png">
 </head>
 
-<body style="background-color: #181817" onLoad="<?php if (false === isset($_GET["get"])) {$inputFocus = true === $ICEcoder["multiUser"] ? "username" : "password"; echo "document.settingsUpdate." . $inputFocus . ".focus(); ";}; ?>setTimeout(function(){document.getElementById('screenContainer').style.opacity = '1'}, 50)">
+<body style="background-color: #181817" onLoad="<?php if (false === isset($_GET["get"])) {$inputFocus = true === $ICEcoder["multiUser"] && (true === $ICEcoder["enableRegistration"] || 1 < count($configUsernames)) ? "username" : "password"; echo "document.settingsUpdate." . $inputFocus . ".focus(); ";}; ?>setTimeout(function(){document.getElementById('screenContainer').style.opacity = '1'}, 50)">
 
 <div class="screenContainer" id="screenContainer" style="background-color: #181817; opacity: 0; transition: opacity 0.1s ease-out">
 	<div class="screenVCenter">
 		<div class="screenCenter">
 		<img src="../assets/images/icecoder.png" alt="ICEcoder">
 		<div class="version" style="margin-bottom: 22px"><?php echo $ICEcoder["versionNo"];?></div>
 
-		<form name="settingsUpdate" action="login.php" method="POST"<?php if ($settingPW) {?> onsubmit="return checkCanSubmit();"<?php } ?>>
+		<form name="settingsUpdate" action="login.php" method="POST"<?php if (true === $settingPW) {?> onsubmit="return checkCanSubmit();"<?php } ?>>
+		<?php
+		if (true === $settingPW && false === $ICEcoder["multiUser"]) {
+			echo '<div class="text adminUser">User: admin</div>';
+		}
+		?>
         <?php
-		if ($ICEcoder["multiUser"]) {echo '<input type="text" name="username" class="password"><br><br>';};
+		// Display username field if multiUser enabled
+		if (true === $ICEcoder["multiUser"]) {
+			// Also set value to "admin" if only 1 user (has to be admin)
+			$showAdminValue = 1 === count($configUsernames) ? ' value="admin"' : '';
+			echo '<input type="text" name="username"' . $showAdminValue . ' class="password"><br><br>';
+		};
 		?>
 		<input type="password" name="password" class="password" id="password"<?php
-            if ($settingPW) {
+            if (true === $settingPW) {
                 ?> onkeyup="checkCase(event); pwStrength(this.value)" onchange="pwStrength(this.value)" onpaste="pwStrength(this.value)"<?php
             } else {
                 ?> onkeyup="checkCase(event)"<?php
             }
             ?>><div class="iconCapsLock" style="display: none" id="iconCapsLock" title="Caps lock on"><?php echo file_get_contents(dirname(__FILE__) . "/../assets/images/icons/alert-triangle.svg");?></div><br>
 		<?php
-		if ($settingPW) {
+		if (true === $settingPW) {
 			echo '<div id="pwReqs">'.
 				 '<div class="text" style="display: inline-block" id="pwChars">10+</div> &nbsp; ' .
 				 '<div class="text" style="display: inline-block" id="pwUpper">upper</div> &nbsp; ' .

lib/settings-screen.php

@@ -30,6 +30,7 @@
 		array_push($themeArray,basename($file,".css"));
 	}
 }
+closedir($handle);
 sort($themeArray);
 for ($i = 0;$i < count($themeArray); $i++) {
 	echo '<link rel="stylesheet" href="../assets/css/theme/' . $themeArray[$i] . '.css?microtime=' . microtime(true) . '">' . PHP_EOL;

lib/settings.php

@@ -58,7 +58,7 @@
 include_once dirname(__FILE__) . "/settings-common.php";
 
 // Establish user settings file
-$username = "";
+$username = "admin-";
 if (true === isset($_POST['username']) && "" !== $_POST['username']) {$username = $_POST['username'] . "-";};
 if (true === isset($_SESSION['username']) && "" !== $_SESSION['username']) {$username = $_SESSION['username'] . "-";};
 $settingsFile = 'config-' . $username . str_replace(".", "_", str_replace("www.", "", $_SERVER['SERVER_NAME'])) . '.php';
@@ -84,6 +84,12 @@
 
 // Check users config settings file exists
 if (false === $settingsClass->getConfigUsersFileDetails($settingsFile)['exists']) {
+    // If on the login page and we couldn't find the file, boot back to login page
+    if ("login.php" === basename($_SERVER['SCRIPT_NAME'])) {
+        header('Location: login.php');
+        echo "<script>window.location = 'login.php';</script>";
+        die('Redirecting to login...');
+    }
     $reqsFailures = ["phpUsersConfigFileExists"];
     include dirname(__FILE__) . "/requirements.php";
 }