Project

General

Profile

« Previous | Next » 

Revision 1710

Added by Dietmar about 12 years ago

! update folder admin/groups, admin/users, admin/skel/htt

View differences:

branches/2.8.x/CHANGELOG
13 13

  
14 14

  
15 15

  
16
29 Aug-2012 Build 1710 Dietmar Woellbrink (Luisehahne)
17
! update folder admin/groups, admin/users, admin/skel/htt
16 18
29 Aug-2012 Build 1709 Dietmar Woellbrink (Luisehahne)
17 19
! update folder framework class.login, admin/login, admin/skel/htt
18 20
29 Aug-2012 Build 1708 Dietmar Woellbrink (Luisehahne)
branches/2.8.x/wb/admin/groups/save.php
1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         groups
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL$
15
 * @lastmodified    $Date$
16
 *
17
 */
18

  
19
// Print admin header
20
require('../../config.php');
21
require_once(WB_PATH.'/framework/class.admin.php');
22
// suppress to print the header, so no new FTAN will be set
23
$admin = new admin('Access', 'groups_modify', false);
24
// Create a javascript back link
25
$js_back = ADMIN_URL.'/groups/index.php';
26

  
27
if (!$admin->checkFTAN())
28
{
29
	$admin->print_header();
30
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back);
31
}
32

  
33
// Check if group group_id is a valid number and doesnt equal 1
34
$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
35
if( ($group_id < 2 ) )
36
{
37
	// if($admin_header) { $admin->print_header(); }
38
	$admin->print_header();
39
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
40
}
41

  
42
// Gather details entered
43
$group_name = $admin->get_post_escaped('group_name');
44

  
45
// Check values
46
if($group_name == "") {
47
	$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_BLANK'], $js_back);
48
}
49
// After check print the header
50
$admin->print_header();
51

  
52
// Get system permissions
53
require_once(ADMIN_PATH.'/groups/get_permissions.php');
54

  
55
// Update the database
56
$query = "UPDATE `".TABLE_PREFIX."groups` SET `name` = '$group_name', `system_permissions` = '$system_permissions', `module_permissions` = '$module_permissions', `template_permissions` = '$template_permissions' WHERE `group_id` = '$group_id'";
57

  
58
$database->query($query);
59
if($database->is_error()) {
60
	$admin->print_error($database->get_error());
61
} else {
62
	$admin->print_success($MESSAGE['GROUPS']['SAVED'], ADMIN_URL.'/groups/index.php');
63
}
64

  
65
// Print admin footer
66
$admin->print_footer();
67 0

  
branches/2.8.x/wb/admin/groups/add.php
1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         groups
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL$
15
 * @lastmodified    $Date$
16
 *
17
 */
18

  
19
// Print admin header
20
require('../../config.php');
21
require_once(WB_PATH.'/framework/class.admin.php');
22

  
23
// suppress to print the header, so no new FTAN will be set
24
$admin = new admin('Access', 'groups_add', false);
25
// Create a javascript back link
26
$js_back = ADMIN_URL.'/groups/index.php';
27

  
28
if (!$admin->checkFTAN())
29
{
30
	$admin->print_header();
31
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back);
32
}
33
// After check print the header
34
$admin->print_header();
35

  
36
// Gather details entered
37
$group_name = mysql_real_escape_string(strip_tags(trim($admin->get_post('group_name'))));
38

  
39
// Check values
40
if($group_name == "") {
41
	$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_BLANK'], $js_back);
42
}
43
$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE name = '$group_name'");  
44
if($results->numRows()>0) {
45
	$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_EXISTS'], $js_back);  
46
}
47

  
48
// Get system and module permissions
49
require(ADMIN_PATH.'/groups/get_permissions.php');
50

  
51
// Update the database
52
$query = "INSERT INTO ".TABLE_PREFIX."groups (name,system_permissions,module_permissions,template_permissions) VALUES ('$group_name','$system_permissions','$module_permissions','$template_permissions')";
53

  
54
$database->query($query);
55
if($database->is_error()) {
56
	$admin->print_error($database->get_error());
57
} else {
58
	$admin->print_success($MESSAGE['GROUPS']['ADDED'], ADMIN_URL.'/groups/index.php');
59
}
60

  
61
// Print admin footer
62
$admin->print_footer();
63 0

  
branches/2.8.x/wb/admin/groups/get_permissions.php
1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         groups
6
 * @author          Ryan Djurovich, WebsiteBaker Project
7
 * @copyright       2009-2011, Website Baker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id$
13
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15
 *
16
 */
17

  
18

  
19
if(!defined('WB_PATH')) { exit('Direct access to this file is not allowed'); }
20

  
21
// Get system permissions
22
if($admin->get_post('advanced') != 'yes') {
23
	$system_permissions['pages'] = $admin->get_post('pages');
24
		$system_permissions['pages_view'] = $system_permissions['pages'];
25
		$system_permissions['pages_add'] = $system_permissions['pages'];
26
		$system_permissions['pages_add_l0'] = $system_permissions['pages'];
27
		$system_permissions['pages_settings'] = $system_permissions['pages'];
28
		$system_permissions['pages_modify'] = $system_permissions['pages'];
29
		$system_permissions['pages_intro'] = $system_permissions['pages'];
30
		$system_permissions['pages_delete'] = $system_permissions['pages'];
31
	$system_permissions['media'] = $admin->get_post('media');
32
		$system_permissions['media_view'] = $system_permissions['media'];
33
		$system_permissions['media_upload'] = $system_permissions['media'];
34
		$system_permissions['media_rename'] = $system_permissions['media'];
35
		$system_permissions['media_delete'] = $system_permissions['media'];
36
		$system_permissions['media_create'] = $system_permissions['media'];
37
	if($admin->get_post('modules') != '' OR $admin->get_post('templates') != '' OR $admin->get_post('languages') != '') {
38
		$system_permissions['addons'] = 1;
39
	} else {
40
		$system_permissions['addons'] = 0;
41
	}
42
		$system_permissions['modules'] = $admin->get_post('modules');
43
			$system_permissions['modules_view'] = $system_permissions['modules'];
44
			$system_permissions['modules_install'] = $system_permissions['modules'];
45
			$system_permissions['modules_uninstall'] = $system_permissions['modules'];
46
		$system_permissions['templates'] = $admin->get_post('templates');
47
			$system_permissions['templates_view'] = $system_permissions['templates'];
48
			$system_permissions['templates_install'] = $system_permissions['templates'];
49
			$system_permissions['templates_uninstall'] = $system_permissions['templates'];
50
		$system_permissions['languages'] = $admin->get_post('languages');
51
			$system_permissions['languages_view'] = $system_permissions['languages'];
52
			$system_permissions['languages_install'] = $system_permissions['languages'];
53
			$system_permissions['languages_uninstall'] = $system_permissions['languages'];
54
	$system_permissions['settings'] = $admin->get_post('settings');
55
		$system_permissions['settings_basic'] = $system_permissions['settings'];
56
		$system_permissions['settings_advanced'] = $system_permissions['settings'];
57
	if($admin->get_post('users') != '' OR $admin->get_post('groups') != '') {
58
		$system_permissions['access'] = 1;
59
	} else {
60
		$system_permissions['access'] = 0;
61
	}
62
	$system_permissions['users'] = $admin->get_post('users');
63
	$system_permissions['users_view'] = $system_permissions['users'];
64
	$system_permissions['users_add'] = $system_permissions['users'];
65
	$system_permissions['users_modify'] = $system_permissions['users'];
66
	$system_permissions['users_delete'] = $system_permissions['users'];
67
	$system_permissions['groups'] = $admin->get_post('groups');
68
	$system_permissions['groups_view'] = $system_permissions['groups'];
69
	$system_permissions['groups_add'] = $system_permissions['groups'];
70
	$system_permissions['groups_modify'] = $system_permissions['groups'];
71
	$system_permissions['groups_delete'] = $system_permissions['groups'];
72
	$system_permissions['admintools'] = $admin->get_post('admintools');
73
	$system_permissions['admintools_settings'] = $system_permissions['admintools'];
74
} else {
75
	// Pages
76
	$system_permissions['pages_view'] = $admin->get_post('pages_view');
77
		$system_permissions['pages_add'] = $admin->get_post('pages_add');
78
	if($admin->get_post('pages_add') != 1 AND $admin->get_post('pages_add_l0') == 1) {
79
		$system_permissions['pages_add'] = $admin->get_post('pages_add_l0');
80
	}
81
	$system_permissions['pages_add_l0'] = $admin->get_post('pages_add_l0');
82
	$system_permissions['pages_settings'] = $admin->get_post('pages_settings');
83
	$system_permissions['pages_modify'] = $admin->get_post('pages_modify');
84
	$system_permissions['pages_intro'] = $admin->get_post('pages_intro');
85
	$system_permissions['pages_delete'] = $admin->get_post('pages_delete');
86
	if($system_permissions['pages_view'] == 1 OR $system_permissions['pages_add'] == 1 OR $system_permissions['pages_settings'] == 1 OR $system_permissions['pages_modify'] == 1 OR $system_permissions['pages_intro'] == 1 OR $system_permissions['pages_delete'] == 1) {
87
		$system_permissions['pages'] = 1;
88
	} else {
89
		$system_permissions['pages'] = '';
90
	}
91
	// Media
92
	$system_permissions['media_view'] = $admin->get_post('media_view');
93
	$system_permissions['media_upload'] = $admin->get_post('media_upload');
94
	$system_permissions['media_rename'] = $admin->get_post('media_rename');
95
	$system_permissions['media_delete'] = $admin->get_post('media_delete');
96
	$system_permissions['media_create'] = $admin->get_post('media_create');
97
	if($system_permissions['media_view'] == 1 OR $system_permissions['media_upload'] == 1 OR $system_permissions['media_rename'] == 1 OR $system_permissions['media_delete'] == 1 OR $system_permissions['media_create'] == 1) {
98
		$system_permissions['media'] = 1;
99
	} else {
100
		$system_permissions['media'] = '';
101
	}
102
	// Add-ons
103
		// Modules
104
		$system_permissions['modules_view'] = $admin->get_post('modules_view');
105
		$system_permissions['modules_install'] = $admin->get_post('modules_install');
106
		$system_permissions['modules_uninstall'] = $admin->get_post('modules_uninstall');
107
		if($system_permissions['modules_view'] == 1 OR $system_permissions['modules_install'] == 1 OR $system_permissions['modules_uninstall'] == 1) {
108
			$system_permissions['modules'] = 1;
109
		} else {
110
			$system_permissions['modules'] = '';
111
		}
112
		// Templates
113
		$system_permissions['templates_view'] = $admin->get_post('templates_view');
114
		$system_permissions['templates_install'] = $admin->get_post('templates_install');
115
		$system_permissions['templates_uninstall'] = $admin->get_post('templates_uninstall');
116
		if($system_permissions['templates_view'] == 1 OR $system_permissions['templates_install'] == 1 OR $system_permissions['templates_uninstall'] == 1) {
117
			$system_permissions['templates'] = 1;
118
		} else {
119
			$system_permissions['templates'] = '';
120
		}
121
		// Languages
122
		$system_permissions['languages_view'] = $admin->get_post('languages_view');
123
		$system_permissions['languages_install'] = $admin->get_post('languages_install');
124
		$system_permissions['languages_uninstall'] = $admin->get_post('languages_uninstall');
125
		if($system_permissions['languages_install'] == 1 OR $system_permissions['languages_uninstall'] == 1) {
126
			$system_permissions['languages'] = 1;
127
		} else {
128
			$system_permissions['languages'] = '';
129
		}
130
		// Admintools
131
		$system_permissions['admintools_settings'] = $admin->get_post('admintools_settings');
132
		if($system_permissions['admintools_settings'] == 1) {
133
			$system_permissions['admintools'] = 1;
134
		} else {
135
			$system_permissions['admintools'] = '';
136
		}
137
	if($system_permissions['modules'] == 1 OR $system_permissions['templates'] == 1 OR $system_permissions['languages'] == 1) {
138
		$system_permissions['addons'] = 1;
139
	} else {
140
		$system_permissions['addons'] = '';
141
	}
142
	// Settings
143
	$system_permissions['settings_basic'] = $admin->get_post('settings_basic');
144
	$system_permissions['settings_advanced'] = $admin->get_post('settings_advanced');
145
	if($system_permissions['settings_basic'] == 1 OR $system_permissions['settings_advanced'] == 1) {
146
		$system_permissions['settings'] = 1;
147
	} else {
148
		$system_permissions['settings'] = '';
149
	}
150
	// Access
151
		// Users
152
		$system_permissions['users_view'] = $admin->get_post('users_view');
153
		$system_permissions['users_add'] = $admin->get_post('users_add');
154
		$system_permissions['users_modify'] = $admin->get_post('users_modify');
155
		$system_permissions['users_delete'] = $admin->get_post('users_delete');
156
		if($system_permissions['users_view'] == 1 OR $system_permissions['users_add'] == 1 OR $system_permissions['users_modify'] == 1 OR $system_permissions['users_delete'] == 1) {
157
			$system_permissions['users'] = 1;
158
		} else {
159
			$system_permissions['users'] = '';
160
		}
161
		// Groups
162
		$system_permissions['groups_view'] = $admin->get_post('groups_view');
163
		$system_permissions['groups_add'] = $admin->get_post('groups_add');
164
		$system_permissions['groups_modify'] = $admin->get_post('groups_modify');
165
		$system_permissions['groups_delete'] = $admin->get_post('groups_delete');
166
		if($system_permissions['groups_view'] == 1 OR $system_permissions['groups_add'] == 1 OR $system_permissions['groups_modify'] == 1 OR $system_permissions['groups_delete'] == 1) {
167
			$system_permissions['groups'] = 1;
168
		} else {
169
			$system_permissions['groups'] = '';
170
		}
171
	if($system_permissions['users'] == 1 OR $system_permissions['groups'] == 1) {
172
		$system_permissions['access'] = 1;
173
	} else {
174
		$system_permissions['access'] = '';
175
	}
176
}
177

  
178
// Implode system permissions
179
$imploded_system_permissions = '';
180
foreach($system_permissions AS $name => $value) {
181
	if($value == true) {
182
		if($imploded_system_permissions == '') {
183
			$imploded_system_permissions = $name;
184
		} else {
185
			$imploded_system_permissions .= ','.$name;
186
		}
187
	}
188
}
189

  
190
$system_permissions = $imploded_system_permissions;
191

  
192
// Get module permissions
193
$module_permissions = '';
194
if($handle = opendir(WB_PATH.'/modules/')) {
195
	while (false !== ($file = readdir($handle))) {
196
		if($file != "." AND $file != ".." AND $file != ".svn" AND is_dir(WB_PATH."/modules/$file") AND file_exists(WB_PATH."/modules/$file/info.php")) {
197
			// Include the modules info file
198
			require(WB_PATH.'/modules/'.$file.'/info.php');
199
			// Check if it was selected to be used or not
200
			$count = 0;
201
			if(is_array($admin->get_post('module_permissions'))) {
202
				foreach($admin->get_post('module_permissions') AS $selected_name) {
203
					if($file == $selected_name) {
204
						$count = $count+1;
205
					}
206
				}
207
			}
208
			if($count == 0) {
209
				// Add unselected modules to list
210
				if($module_permissions == '') {
211
					$module_permissions = $file;
212
				} else {
213
					$module_permissions .= ','.$file;
214
				}
215
			}
216
		}
217
	}
218
}
219

  
220
// Get template permissions
221
$template_permissions = '';
222
if($handle = opendir(WB_PATH.'/templates/')) {
223
	while (false !== ($file = readdir($handle))) {
224
		if($file != "." AND $file != ".." AND $file != ".svn" AND is_dir(WB_PATH."/templates/$file") AND file_exists(WB_PATH."/templates/$file/info.php")) {
225
			// Include the modules info file
226
			require(WB_PATH.'/templates/'.$file.'/info.php');
227
			// Check if it was selected to be used or not
228
			$count = 0;
229
			if(is_array($admin->get_post('template_permissions'))) {
230
				foreach($admin->get_post('template_permissions') AS $selected_name) {
231
					if($file == $selected_name) {
232
						$count = $count+1;
233
					}
234
				}
235
			}
236
			if($count == 0) {
237
				// Add unselected modules to list
238
				if($template_permissions == '') {
239
					$template_permissions = $file;
240
				} else {
241
					$template_permissions .= ','.$file;
242
				}
243
			}
244
		}
245
	}
246
}
247

  
248
?>
249 0

  
branches/2.8.x/wb/admin/groups/groups.php
1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         groups
6
 * @author          Ryan Djurovich, WebsiteBaker Project
7
 * @copyright       2009-2011, Website Baker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id$
13
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15
 *
16
 */
17

  
18
// Include config file and admin class file
19
require('../../config.php');
20
require_once(WB_PATH.'/framework/class.admin.php');
21

  
22
// Set parameter 'action' as alternative to javascript mechanism
23
$action = 'cancel';
24
// Set parameter 'action' as alternative to javascript mechanism
25
$action = (isset($_POST['action']) && ($_POST['action'] ='modify')   ? 'modify' : $action );
26
$action = (isset($_POST['modify']) ? 'modify' : $action );
27
$action = (isset($_POST['delete']) ? 'delete' : $action );
28

  
29
switch ($action):
30
	case 'modify' :
31

  
32
			// Create new admin object
33
			$admin = new admin('Access', 'groups_modify' );
34
			// Check if group group_id is a valid number and doesnt equal 1
35
			$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
36
            if($group_id == 0){
37
				$admin->print_error($MESSAGE['USERS_NO_GROUP'] );
38
            }
39
			if( ($group_id < 2 ) )
40
			{
41
				// if($admin_header) { $admin->print_header(); }
42
				$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
43
			}
44

  
45
			// Get existing values
46
			$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE group_id = '".$group_id."'");
47
			$group = $results->fetchRow();
48
			// Setup template object, parse vars to it, then parse it
49
			// Create new template object
50
			$template = new Template(dirname($admin->correct_theme_source('groups_form.htt')));
51
			// $template->debug = true;
52
			$template->set_file('page', 'groups_form.htt');
53
			$template->set_block('page', 'main_block', 'main');
54
			$template->set_var(	array(
55
									'ACTION_URL' => ADMIN_URL.'/groups/save.php',
56
									'SUBMIT_TITLE' => $TEXT['SAVE'],
57
									'GROUP_ID' => $admin->getIDKEY($group['group_id']),
58
									'GROUP_NAME' => $group['name'],
59
									'ADVANCED_LINK' => 'groups.php',
60
									'FTAN' => $admin->getFTAN()
61
								));
62
			// Tell the browser whether or not to show advanced options
63
			if( true == (isset( $_POST['advanced']) AND ( strpos( $_POST['advanced'], ">>") > 0 ) ) ) {
64
				$template->set_var('DISPLAY_ADVANCED', '');
65
				$template->set_var('DISPLAY_BASIC', 'display:none;');
66
				$template->set_var('ADVANCED', 'yes');
67
				$template->set_var('ADVANCED_BUTTON', '&lt;&lt; '.$TEXT['HIDE_ADVANCED']);
68
			} else {
69
				$template->set_var('DISPLAY_ADVANCED', 'display:none;');
70
				$template->set_var('DISPLAY_BASIC', '');
71
				$template->set_var('ADVANCED', 'no');
72
				$template->set_var('ADVANCED_BUTTON', $TEXT['SHOW_ADVANCED'].'  &gt;&gt;');
73
			}
74

  
75
			// Explode system permissions
76
			$system_permissions = explode(',', $group['system_permissions']);
77
			// Check system permissions boxes
78
			foreach($system_permissions AS $name) {
79
					$template->set_var($name.'_checked', ' checked="checked"');
80
			}
81
			// Explode module permissions
82
			$module_permissions = explode(',', $group['module_permissions']);
83
			// Explode template permissions
84
			$template_permissions = explode(',', $group['template_permissions']);
85

  
86
			// Insert values into module list
87
			$template->set_block('main_block', 'module_list_block', 'module_list');
88
			$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "module" AND `function` = "page" ORDER BY `name`');
89
			if($result->numRows() > 0) {
90
				while($addon = $result->fetchRow()) {
91
					$template->set_var('VALUE', $addon['directory']);
92
					$template->set_var('NAME', $addon['name']);
93
					if(!is_numeric(array_search($addon['directory'], $module_permissions))) {
94
						$template->set_var('CHECKED', ' checked="checked"');
95
					} else {
96
						$template->set_var('CHECKED', '');
97
					}
98
					$template->parse('module_list', 'module_list_block', true);
99
				}
100
			}
101

  
102
			// Insert values into template list
103
			$template->set_block('main_block', 'template_list_block', 'template_list');
104
			$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "template" ORDER BY `name`');
105
			if($result->numRows() > 0) {
106
				while($addon = $result->fetchRow()) {
107
					$template->set_var('VALUE', $addon['directory']);
108
					$template->set_var('NAME', $addon['name']);
109
					if(!is_numeric(array_search($addon['directory'], $template_permissions))) {
110
						$template->set_var('CHECKED', ' checked="checked"');
111
					} else {
112
						$template->set_var('CHECKED', '');
113
					}
114
					$template->parse('template_list', 'template_list_block', true);
115
				}
116
			}
117

  
118
			// Insert language text and messages
119
			$template->set_var(array(
120
						'TEXT_RESET' => $TEXT['RESET'],
121
						'TEXT_ACTIVE' => $TEXT['ACTIVE'],
122
						'TEXT_DISABLED' => $TEXT['DISABLED'],
123
						'TEXT_PLEASE_SELECT' => $TEXT['PLEASE_SELECT'],
124
						'TEXT_USERNAME' => $TEXT['USERNAME'],
125
						'TEXT_PASSWORD' => $TEXT['PASSWORD'],
126
						'TEXT_RETYPE_PASSWORD' => $TEXT['RETYPE_PASSWORD'],
127
						'TEXT_DISPLAY_NAME' => $TEXT['DISPLAY_NAME'],
128
						'TEXT_EMAIL' => $TEXT['EMAIL'],
129
						'TEXT_GROUP' => $TEXT['GROUP'],
130
						'TEXT_SYSTEM_PERMISSIONS' => $TEXT['SYSTEM_PERMISSIONS'],
131
						'TEXT_MODULE_PERMISSIONS' => $TEXT['MODULE_PERMISSIONS'],
132
						'TEXT_TEMPLATE_PERMISSIONS' => $TEXT['TEMPLATE_PERMISSIONS'],
133
						'TEXT_NAME' => $TEXT['NAME'],
134
						'SECTION_PAGES' => $MENU['PAGES'],
135
						'SECTION_MEDIA' => $MENU['MEDIA'],
136
						'SECTION_MODULES' => $MENU['MODULES'],
137
						'SECTION_TEMPLATES' => $MENU['TEMPLATES'],
138
						'SECTION_LANGUAGES' => $MENU['LANGUAGES'],
139
						'SECTION_SETTINGS' => $MENU['SETTINGS'],
140
						'SECTION_USERS' => $MENU['USERS'],
141
						'SECTION_GROUPS' => $MENU['GROUPS'],
142
						'SECTION_ADMINTOOLS' => $MENU['ADMINTOOLS'],
143
						'TEXT_VIEW' => $TEXT['VIEW'],
144
						'TEXT_ADD' => $TEXT['ADD'],
145
						'TEXT_LEVEL' => $TEXT['LEVEL'],
146
						'TEXT_MODIFY' => $TEXT['MODIFY'],
147
						'TEXT_DELETE' => $TEXT['DELETE'],
148
						'TEXT_MODIFY_CONTENT' => $TEXT['MODIFY_CONTENT'],
149
						'TEXT_MODIFY_SETTINGS' => $TEXT['MODIFY_SETTINGS'],
150
						'HEADING_MODIFY_INTRO_PAGE' => $HEADING['MODIFY_INTRO_PAGE'],
151
						'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'],
152
						'TEXT_RENAME' => $TEXT['RENAME'],
153
						'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'],
154
						'TEXT_BASIC' => $TEXT['BASIC'],
155
						'TEXT_ADVANCED' => $TEXT['ADVANCED'],
156
						'CHANGING_PASSWORD' => $MESSAGE['USERS']['CHANGING_PASSWORD'],
157
						'HEADING_MODIFY_GROUP' => $HEADING['MODIFY_GROUP'],
158
					));
159

  
160
			// Parse template object
161
			$template->parse('main', 'main_block', false);
162
			$template->pparse('output', 'page');
163
			// Print admin footer
164
			$admin->print_footer();			break;
165
		case 'delete' :
166
			// Create new admin object
167
			$admin = new admin('Access', 'groups_delete');
168
			$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
169
            if($group_id == 0){
170
				$admin->print_error($MESSAGE['USERS_NO_GROUP'] );
171
            }
172
			// Check if user id is a valid number and doesnt equal 1
173
			if( ($group_id < 2 ) )
174
			{
175
				// if($admin_header) { $admin->print_header(); }
176
				$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] );
177
			}
178
			// Print header
179
			$admin->print_header();
180
			// Delete the group
181
			$database->query("DELETE FROM `".TABLE_PREFIX."groups` WHERE `group_id` = '".$group_id."' LIMIT 1");
182
			if($database->is_error()) {
183
				$admin->print_error($database->get_error());
184
			} else {
185
				// Delete users in the group
186
				$database->query("DELETE FROM `".TABLE_PREFIX."users` WHERE `group_id` = '".$group_id."'");
187
				if($database->is_error()) {
188
					$admin->print_error($database->get_error());
189
				} else {
190
					$admin->print_success($MESSAGE['GROUPS']['DELETED']);
191
				}
192
			}
193
			// Print admin footer
194
			$admin->print_footer();
195
			break;
196
	default:
197
			break;
198
endswitch;
199 0

  
branches/2.8.x/wb/admin/groups/delete.inc.php
1
<?php
2
/**
3
 * @category        admin
4
 * @package         groups
5
 * @author          Independend-Software-Team
6
 * @author          WebsiteBaker Project
7
 * @copyright       2009-2012, Website Baker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id$
13
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15
 * @description     all basic actions of this module, called by dispatcher only.
16
 */
17

  
18
// Must include code to stop this file being access directly
19
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
20

  
21
/* *****************************************************************************
22
 * Delete an existing group and remove existing group in user
23
 * @access public
24
 * @param object $admin: admin-object
25
 * @param int $group_id: ID from group to delete
26
 * @return bool: true or false
27
 */
28
	function delete_group($admin, $group_id = 0)
29
	{
30
		global $MESSAGE;
31
		$database = WbDatabase::getInstance();
32
	// first check form-tan
33
		if($admin->checkFTAN())
34
		{
35
			if($group_id > 1) // prevent admin [ID 1] from being deleted
36
			{
37
				$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'groups` WHERE `group_id` = '.$group_id;
38
				$groupname = ($database->get_one($sql));
39
				// $sql  = 'SELECT * FROM `'.TABLE_PREFIX.'groups` ';
40
				$sql  = 'DELETE FROM `'.TABLE_PREFIX.'groups` ';
41
				$sql .= 'WHERE `group_id` = '.$group_id;
42
				if($database->query($sql) != false)
43
				{
44
	// remove group from users groups_id
45
					msgQueue :: add($MESSAGE['GROUPS_DELETED'],true);
46
					$sql = 'SELECT `user_id`, `groups_id`, `home_folder` FROM `'.TABLE_PREFIX.'users` WHERE user_id != 1';
47
					if(($res_users = $database->query($sql)) && ($res_users->numRows() > 0) )
48
					{
49
						while($rec_users = $res_users->fetchRow(MYSQL_ASSOC))
50
						{
51
							$user_id = $rec_users['user_id'];
52
                            $groups_id = explode(',',$rec_users['groups_id']);
53

  
54
							if( is_numeric($x = array_search($group_id, $groups_id)) )
55
							{
56
	                            unset($groups_id[$x]);
57
	                            $groups_id = (sizeof($groups_id) == 0) ? FRONTEND_SIGNUP : implode(',',$groups_id);
58
                                $groups_id = ( ($groups_id == 1) && (trim($rec_users['home_folder']) != '') ) ? FRONTEND_SIGNUP : $groups_id;
59
								$sql  = 'UPDATE `'.TABLE_PREFIX.'users` SET ';
60
								$sql .= '`groups_id` = \''.$groups_id.'\' ';
61
								$sql .= 'WHERE `user_id` = '.$user_id;
62
								if( $database->query($sql) )
63
								{
64
				                    $sql_info = mysql_info($database->db_handle);
65
									if(preg_match('/matched: *([1-9][0-9]*)/i', $sql_info) != 1)
66
									{
67
										msgQueue :: add($MESSAGE['RECORD_MODIFIED_FAILED']);
68
									}
69
								} else {
70

  
71
									msgQueue :: add($database->get_error());
72
								}
73
							}
74
                        }
75
                    }
76
					// $admin->print_success($msg);
77
				} else {
78
					msgQueue :: add($MESSAGE['RECORD_MODIFIED_FAILED']);
79
				}
80
			}
81
		} else {
82
			msgQueue :: add($MESSAGE['GENERIC_SECURITY_OFFENSE']);
83
		}
84
	}
0 85

  
branches/2.8.x/wb/admin/groups/languages/EN.php
1
<?php
2
/****************************************************************************************
3
 * extended language definition for WebsiteBaker                                        *
4
 * ACP-module  pages                                                                    *
5
 * english (GB)                                                                         *
6
 ****************************************************************************************/
7

  
8
$HEADING['ADD_GROUP'] = 'Add Group';
9
$HEADING['ADD_GROUPS'] = 'Add Groups';
10
$HEADING['MODIFY_DELETE_GROUP'] = 'Modify/Delete Group';
11
$HEADING['MODIFY_DELETE_PAGE'] = 'Modify/Delete Page';
12
$HEADING['MODIFY_DELETE_USER'] = 'Modify/Delete User';
13
$HEADING['MODIFY_GROUP'] = 'Modify Group';
14
$HEADING['MODIFY_GROUPS'] = 'Modify Groups';
15
$HEADING['MODIFY_INTRO_PAGE'] = 'Modify Intro Page';
16
$HEADING['VIEW_GROUP'] = 'View Group';
17
$HEADING['VIEW_GROUPS'] = 'View Groups';
18

  
19
$MENU['ADMINTOOLS'] = 'Admin-Tools';
20
$MENU['GROUP'] = 'Group';
21
$MENU['GROUPS'] = 'Groups';
22
$MENU['HELP'] = 'Help';
23
$MENU['LANGUAGES'] = 'Languages';
24
$MENU['LOGIN'] = 'Login';
25
$MENU['LOGOUT'] = 'Log-out';
26
$MENU['MEDIA'] = 'Media';
27
$MENU['MODULES'] = 'Modules';
28
$MENU['PAGES'] = 'Pages';
29
$MENU['PREFERENCES'] = 'Preferences';
30
$MENU['USER_PREFERENCES'] = 'User Preferences';
31
$MENU['SETTINGS'] = 'Settings';
32
$MENU['START'] = 'Start';
33
$MENU['TEMPLATES'] = 'Templates';
34
$MENU['USERS'] = 'Users';
35
$MENU['VIEW'] = 'View';
36

  
37
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Last modification by';
38

  
39
$TEXT['ACTIONS'] = 'Actions';
40
$TEXT['ACTIVE'] = 'Active';
41
$TEXT['ADD'] = 'Add';
42
$TEXT['ADVANCED'] = 'Advanced';
43
$TEXT['BACK'] = 'Back';
44
$TEXT['BASIC'] = 'Basic';
45
$TEXT['CANCEL'] = 'Cancel';
46
$TEXT['CREATE_FOLDER'] = 'Create Folder';
47
$TEXT['DELETE'] = 'Delete';
48
$TEXT['DELETED'] = 'Deleted';
49
$TEXT['FILESYSTEM_PERMISSIONS'] = 'Filesystem Permissions';
50
$TEXT['GROUP'] = 'Group';
51
$TEXT['HIDE_ADVANCED'] = 'Hide Advanced Options';
52
$TEXT['LANGUAGE'] = 'Language';
53
$TEXT['LEVEL'] = 'Level';
54
$TEXT['MANAGE_GROUPS'] = 'Manage Groups';
55
$TEXT['MANAGE_USERS'] = 'Manage Users';
56
$TEXT['MODIFY'] = 'Modify';
57
$TEXT['MODIFY_CONTENT'] = 'Modify Content';
58
$TEXT['MODIFY_SETTINGS'] = 'Modify Settings';
59
$TEXT['MODULE_PERMISSIONS'] = 'Module Permissions';
60
$TEXT['PLEASE_SELECT'] = 'Please select';
61
$TEXT['RENAME'] = 'Rename';
62
$TEXT['RESET'] = 'Reset';
63
$TEXT['SAVE'] = 'Save';
64
$TEXT['SHOW'] = 'Show';
65
$TEXT['SHOW_ADVANCED'] = 'Show Advanced Options';
66
$TEXT['SYSTEM_DEFAULT'] = 'System Default';
67
$TEXT['SYSTEM_PERMISSIONS'] = 'System Permissions';
68
$TEXT['TEMPLATE_PERMISSIONS'] = 'Template Permissions';
69
$TEXT['UPLOAD_FILES'] = 'Upload File(s)';
70
$TEXT['VIEW'] = 'View';
71
$TEXT['VIEW_DETAILS'] = 'View Details';
72
$TEXT['VISIBILITY'] = 'Visibility';
0 73

  
branches/2.8.x/wb/admin/groups/languages/DE.php
1
<?php
2
/****************************************************************************************
3
 * extended language definition for WebsiteBaker                                        *
4
 * ACP-module  groups                                                                    *
5
 * deutsch                                                                              *
6
 ****************************************************************************************/
7

  
8

  
9

  
10
$HEADING['ADD_GROUP'] = 'Gruppe hinzufügen';
11
$HEADING['ADD_GROUPS'] = 'Gruppen hinzufügen';
12
$HEADING['MODIFY_DELETE_GROUP'] = 'Ändern/Löschen von Gruppen';
13
$HEADING['MODIFY_DELETE_PAGE'] = 'Seite ändern/Seite löschen';
14
$HEADING['MODIFY_DELETE_USER'] = 'Ändern/Löschen von Benutzern';
15
$HEADING['MODIFY_GROUP'] = 'Gruppe ändern';
16
$HEADING['MODIFY_GROUPS'] = 'Gruppen ändern';
17
$HEADING['MODIFY_INTRO_PAGE'] = 'Eingangsseite ändern';
18
$HEADING['VIEW_GROUP'] = 'Gruppe Ansicht';
19
$HEADING['VIEW_GROUPS'] = 'Gruppen Ansicht';
20

  
21
$MENU['ADMINTOOLS'] = 'Admin-Tools';
22
$MENU['GROUP'] = 'Gruppe';
23
$MENU['GROUPS'] = 'Gruppen';
24
$MENU['HELP'] = 'Hilfe';
25
$MENU['LANGUAGES'] = 'Sprachen';
26
$MENU['LOGIN'] = 'Anmeldung';
27
$MENU['LOGOUT'] = 'Abmelden';
28
$MENU['MEDIA'] = 'Medien';
29
$MENU['MODULES'] = 'Module';
30
$MENU['PAGES'] = 'Seiten';
31
$MENU['PREFERENCES'] = 'Einstellungen';
32
$MENU['USER_PREFERENCES'] = 'User Einstellungen';
33
$MENU['SETTINGS'] = 'Optionen';
34
$MENU['START'] = 'Start';
35
$MENU['TEMPLATES'] = 'Designvorlagen';
36
$MENU['USERS'] = 'Benutzer';
37
$MENU['VIEW'] = 'Ansicht';
38

  
39
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Letzte Änderung durch';
40

  
41
$TEXT['ACTIONS'] = 'Aktionen';
42
$TEXT['ACTIVE'] = 'Aktiv';
43
$TEXT['ADD'] = 'Hinzufügen';
44
$TEXT['ADVANCED'] = 'Erweitert';
45
$TEXT['BACK'] = 'Zurück';
46
$TEXT['BASIC'] = 'Einfach';
47
$TEXT['CANCEL'] = 'Abbrechen';
48
$TEXT['CREATE_FOLDER'] = 'Ordner anlegen';
49
$TEXT['DELETE'] = 'Entfernen';
50
$TEXT['DELETED'] = 'Gelöscht';
51
$TEXT['FILESYSTEM_PERMISSIONS'] = 'Zugriffsrechte';
52
$TEXT['GROUP'] = 'Gruppe';
53
$TEXT['HIDE_ADVANCED'] = 'Erweiterte Optionen verdecken';
54
$TEXT['LANGUAGE'] = 'Sprache';
55
$TEXT['LEVEL'] = 'Ebene';
56
$TEXT['MANAGE_GROUPS'] = 'Gruppen verwalten';
57
$TEXT['MANAGE_USERS'] = 'Benutzer verwalten';
58
$TEXT['MODIFY'] = 'Ändern';
59
$TEXT['MODIFY_CONTENT'] = 'Inhalt ändern';
60
$TEXT['MODIFY_SETTINGS'] = 'Optionen ändern';
61
$TEXT['MODULE_PERMISSIONS'] = 'Modulberechtigungen';
62
$TEXT['PLEASE_SELECT'] = 'Bitte auswählen';
63
$TEXT['RENAME'] = 'Umbenennen';
64
$TEXT['RESET'] = 'Zurücksetzen';
65
$TEXT['SAVE'] = 'Speichern';
66
$TEXT['SHOW'] = 'zeigen';
67
$TEXT['SHOW_ADVANCED'] = 'Erweiterte Optionen anzeigen';
68
$TEXT['SYSTEM_DEFAULT'] = 'Standardeinstellung';
69
$TEXT['SYSTEM_PERMISSIONS'] = 'Zugangsberechtigungen';
70
$TEXT['TEMPLATE_PERMISSIONS'] = 'Zugriffsrechte für Vorlagen';
71
$TEXT['UPLOAD_FILES'] = 'Datei(en) übertragen';
72
$TEXT['VIEW'] = 'Ansicht';
73
$TEXT['VIEW_DETAILS'] = 'Details';
74
$TEXT['VISIBILITY'] = 'Sichtbarkeit';
0 75

  
branches/2.8.x/wb/admin/groups/groups_list.inc.php
1
<?php
2
/**
3
 * @category        admin
4
 * @package         groups
5
 * @author          WebsiteBaker Project, Independend-Software-Team
6
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
7
 * @link			http://www.websitebaker2.org/
8
 * @license         http://www.gnu.org/licenses/gpl.html
9
 * @platform        WebsiteBaker 2.8.x
10
 * @requirements    PHP 5.2.2 and higher
11
 * @version         $Id$
12
 * @filesource		$HeadURL$
13
 * @lastmodified    $Date$
14
 * @description     all basic actions of this module, called by dispatcher only.
15
 */
16

  
17
// Must include code to stop this file being access directly
18
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
19

  
20
/* *****************************************************************************
21
 * Show groupslist with delete-/ modify-button
22
 * @access public
23
 * @param object $admin: admin-object
24
 * @return string: parsed HTML-content
25
 */
26
	function show_grouplist($admin)
27
	{
28
//		global $TEXT, $MESSAGE, $MENU, $HEADING;
29
		$database = WbDatabase::getInstance();
30
		$mLang = ModLanguage::getInstance();
31
// Create new template object for the modify/remove section
32
		$tpl = new Template(dirname($admin->correct_theme_source('groups_list.htt')),'keep');
33
		$tpl->set_file('page', 'groups_list.htt');
34
		$tpl->set_block('page', 'main_block', 'main');
35

  
36
		$tpl->set_var('ACTION_URL', $_SERVER['SCRIPT_NAME']);
37
		$tpl->set_var('FTAN', $admin->getFTAN());
38

  
39
// -- if permission then activate link 'manage users'
40
		$tpl->set_block('main_block', 'show_cmd_manage_users_block', 'show_cmd_manage_users');
41
		if($admin->get_permission('users') == true)
42
		{
43
			$tpl->set_var('TEXT_MANAGE_USERS', $mLang->TEXT_MANAGE_USERS);
44
			$tpl->set_var('LINK_MANAGE_USERS', ADMIN_URL.'/users/index'.PAGE_EXTENSION);
45
			$tpl->parse('show_cmd_manage_users', 'show_cmd_manage_users_block', true);
46
		}else { // switch off cmd_manage_groups_block
47
			$tpl->parse('show_cmd_manage_users', '');
48
		}
49

  
50
		$tpl->set_block('main_block', 'show_cmd_group_list_block', 'show_cmd_group_list');
51
		if( $admin->get_permission('groups_view') == true )
52
		{
53
			$tpl->set_var('CONTENT_HEADER', $mLang->HEADING_VIEW_GROUPS);
54
			if( ($admin->get_permission('groups_modify') == true) )
55
			{
56
			$tpl->set_var('CONTENT_HEADER', $mLang->HEADING_MODIFY_DELETE_GROUP);
57
			}
58
		}
59

  
60
		$tpl->set_var('FORM_NAME_GROUPLIST', 'frm_group_list');
61

  
62
// -- build grouplist from database
63
		$tpl->set_block('show_cmd_group_list_block', 'grouplist_block', 'grouplist');
64
		// Insert first value to say please select
65
		// $tpl->set_var('GROUP_ID',   $admin->getIDKEY(0));
66
		$tpl->set_var('GROUP_ID', 0);
67
		$tpl->set_var('GROUP_NAME', '');
68
		$tpl->set_var('GROUP_DISPLAY_NAME', $mLang->TEXT_PLEASE_SELECT.'...');
69
		$tpl->set_var('CSS_GROUP_DELETED', '');
70

  
71
		$tpl->parse('grouplist', 'grouplist_block', true);
72
		$sql  = 'SELECT `group_id`, `name` ';
73
		$sql .= 'FROM `'.TABLE_PREFIX.'groups` ';
74
		$sql .= 'WHERE `group_id` > 1 ORDER BY `name` ';
75
		if( ($res_groups = $database->query($sql)) != false )
76
		{
77
			while($rec_group = $res_groups->fetchRow(MYSQL_ASSOC))
78
			{
79
				// $tpl->set_var('GROUP_ID', $admin->getIDKEY($rec_group['group_id']));
80
				$tpl->set_var('GROUP_ID', $rec_group['group_id']);
81
				$tpl->set_var('GROUP_NAME', $rec_group['name']);
82
				$tpl->set_var('GROUP_DISPLAY_NAME', $rec_group['name']);
83
				$tpl->parse('grouplist', 'grouplist_block', true);
84
			}
85
		}
86

  
87
		$sPermission = 'none';
88
		$sPermission = $admin->get_permission('groups_view') ? 'permView' : $sPermission;
89
		$sPermission = $admin->get_permission('groups_add') ? 'permAdd' : $sPermission;
90
		$sPermission = $admin->get_permission('groups_modify') ? 'permModify' : $sPermission;
91

  
92
// 		if( ($admin->get_permission('groups_modify') == false) && ($admin->get_permission('groups_delete') == false) )
93
		if( ($admin->get_permission('groups') == false) )
94
		{
95
			$tpl->parse('show_cmd_group_list', '');
96
        } else {
97
			$tpl->parse('show_cmd_group_list', 'show_cmd_group_list_block', true);
98
	// -- if permission then activate button 'modify groups'
99
			$tpl->set_block('show_cmd_group_list', 'show_cmd_modify_group_block', 'show_cmd_modify_group');
100
			if( $admin->get_permission('groups') == true )
101
			{
102
				$tpl->parse('show_cmd_modify_group', 'show_cmd_modify_group_block', true);
103
			}else {
104
				$tpl->parse('show_cmd_modify_group', '');
105
			}
106
	// -- if permission then activate button 'delete groups'
107
			$tpl->set_block('show_cmd_group_list', 'show_cmd_delete_group_block', 'show_cmd_delete_group');
108
			if($admin->get_permission('groups_delete') == true)
109
			{
110
				$tpl->parse('show_cmd_delete_group', 'show_cmd_delete_group_block', true);
111
			}else {
112
				$tpl->parse('show_cmd_delete_group', '');
113
			}
114

  
115
        }
116

  
117
		$tpl->set_block('main_block', 'show_cmd_add_input_block', 'show_cmd_add_input');
118
		if($admin->get_permission('groups_add') )
119
		{
120
			$tpl->set_var('DISPLAY_ADD', '');
121
			$tpl->set_var('GROUP_ACTION_URL', $_SERVER['SCRIPT_NAME']);
122
			$tpl->set_var('GROUPS_HEADER', $mLang->HEADING_ADD_GROUP );
123
			$tpl->set_var('SUBMIT_TITLE', $mLang->TEXT_ADD);
124
			$tpl->set_var('ACTION_HANDLE', 'action_modify');
125
			$tpl->set_var('ACTION_HIDDEN', 'action_add');
126
			$tpl->set_var('FORM_NAME_GROUPMASK', 'frm_addnew_group');
127
			$tpl->parse('show_cmd_add_input', 'show_cmd_add_input_block', false);
128
		} else {
129
			$tpl->parse('show_cmd_add_input', '');
130
		}
131

  
132
	// insert urls
133
		$tpl->set_var(array(
134
				'ADMIN_URL' => ADMIN_URL,
135
				'WB_URL'    => WB_URL,
136
				'THEME_URL' => THEME_URL
137
				)
138
		);
139
	// Insert language text and messages
140
		$tpl->set_var(array(
141
				'TEXT_MODIFY'    => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_MODIFY : $mLang->TEXT_VIEW,
142
				'TEXT_DELETE'    => $mLang->TEXT_DELETE,
143
				'CONFIRM_DELETE' => $mLang->MESSAGE_GROUPS_CONFIRM_DELETE
144
				));
145

  
146
	// Parse template object
147
		$tpl->parse('main', 'main_block', false);
148
		$output = $tpl->finish($tpl->parse('output', 'page'));
149
		unset($tpl);
150
		return $output;
151
	}
0 152

  
branches/2.8.x/wb/admin/groups/groups_mask.inc.php
1
<?php
2
/**
3
 * @category        admin
4
 * @package         groups
5
 * @author          WebsiteBaker Project. Independend-Software-Team
6
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
7
 * @link			http://www.websitebaker2.org/
8
 * @license         http://www.gnu.org/licenses/gpl.html
9
 * @platform        WebsiteBaker 2.8.x
10
 * @requirements    PHP 5.2.2 and higher
11
 * @version         $Id$
12
 * @filesource		$HeadURL$
13
 * @lastmodified    $Date$
14
 * @description     all basic actions of this module, called by dispatcher only.
15
 */
16

  
17
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19
if(defined('WB_PATH') == false)
20
{
21
	// Stop this file being access directly
22
		die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
23
}
24
/* -------------------------------------------------------- */
25

  
26
/*
27
print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong>  basename: '.basename(__FILE__).'  line: '.__LINE__.' -> <br />';
28
print_r( $_POST ); print '</pre>'; // flush ();sleep(10); die();
29
*/
30

  
31
/* *****************************************************************************
32
 * Show groupsmask to edit group
33
 * @access public
34
 * @param object $admin: admin-object
35
 * @param int $user_id: ID from group to modify or 0 for a new group
36
 * @return string: parsed HTML-content
37
 */
38
	function show_groupmask($admin, $group_id = 0)
39
	{
40
//		global $TEXT, $MESSAGE, $HEADING, $MENU;
41

  
42
		$database = WbDatabase::getInstance();
43
		$mLang = ModLanguage::getInstance();
44
//		$mLang->setLanguage(dirname(__FILE__).'/languages/', LANGUAGE, DEFAULT_LANGUAGE);
45
		include_once('upgradePermissions.php');
46
		include_once(WB_PATH.'/framework/functions.php');
47
	// Create new template object for the modify/remove menu
48
		$tpl = new Template(dirname($admin->correct_theme_source('groups_form.htt')),'keep');
49
		$tpl->set_file('page', 'groups_form.htt');
50
		$tpl->debug = false; // false, true
51

  
52
		$tpl->set_block('page', 'main_block', 'main');
53
		$tpl->set_block('main_block', 'show_cmd_permission_block', 'show_cmd_permission');
54
		$tpl->set_var('FTAN', $admin->getFTAN());
55
		$rec_group = array();
56
// admin settings
57
//		$system_settings = getSystemDefaultPermissions();
58
//		$aSystemDefaultSettings = getSystemDefaultPermissions();
59
		if( $group_id > 1 ) // load groupdata from db
60
		{
61
			// only read the first time from db to set checkboxes
62
			if( $admin->get_post('frm_modify_group') == null )
63
			{
64
				$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'groups` ';
65
				$sql .= 'WHERE `group_id` = '.(int)$group_id;
66
				// $group_id = 0; // reset to 0 if error occures
67
				if( ($res_group = $database->query($sql)) != false )
68
				{
69
					if( ($rec_group = $res_group->fetchRow(MYSQL_ASSOC)) != false )
70
					{
71
						$group_id = $rec_group['group_id'];
72
		// Explode system permissions
73
						$system_permissions = $rec_group['system_permissions'];
74
		// Explode module permissions
75
		 				$module_permissions = explode(',', $rec_group['module_permissions']);
76
		// Explode template permissions
77
						$template_permissions = explode(',', $rec_group['template_permissions']);
78
					}
79
				}
80

  
81
			$tpl->set_var(array(
82
						'SUBMIT_TITLE' =>  ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
83
						'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
84
						'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
85
						'GROUP_ID' => $rec_group['group_id'],
86
						'GROUP_NAME' => $rec_group['name'],
87
						'FORM_NAME_GROUPMASK' => 'frm_modify_group',
88
					));
89
			} else {
90
				// set changed checkboxes and prepare db data
91
 				$module_permissions = set_module_permissions($admin);
92
 				$template_permissions = set_template_permissions($admin);
93
				$rec_group['group_id'] = $group_id;
94
				$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
95
				$rec_group['module_permissions']   = convertArrayToString($module_permissions);
96
				$rec_group['template_permissions'] = convertArrayToString($template_permissions);
97

  
98
				$tpl->set_var(array(
99
							'SUBMIT_TITLE' =>  ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
100
							'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
101
							'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
102
							'TEXT_GROUPS_NAME' => $mLang->TEXT_GROUP.': ',
103
							'FORM_NAME_GROUPMASK' => 'frm_modify_group',
104
	//						'GROUPNAME_DISABLED' => ' readonly="readonly"',
105
	//						'GROUPNAME_INPUT_DISABLED' => ' input_text_disabled no_input'
106
							'GROUP_NAME' => $rec_group['name'],
107
							'GROUPNAME_DISABLED' => '',
108
							'GROUPNAME_INPUT_DISABLED' => ''
109
							));
110
			}
111
		} else {
112
// set default no rights
113
			$system_permissions = array('preferences' => 1,'preferences_view' => 1);
114
//		$system_permissions = array();
115
//		$system_permissions = isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $system_permissions;
116
			$module_permissions = array();
117
			$template_permissions = array();
118
	// create a empty group-record with permissions masks and advanced button handle
119
	// check for existing groupname and junp to start handling, do the same in save
120
	// set changed checkboxes and prepare db data
121
			$module_permissions = set_module_permissions($admin);
122
			$template_permissions = set_template_permissions($admin);
123
			$rec_group['group_id'] = intval($admin->get_post('group_id'));
124
			$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
125
			$rec_group['module_permissions'] = $module_permissions;
126
			$rec_group['template_permissions'] = $template_permissions;
127

  
128
			$tpl->set_var(array(
129
						'SUBMIT_TITLE' =>  ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_ADD : $mLang->TEXT_BACK,
130
						'ACTION_HANDLE' => ($admin->get_permission('groups_add') == true) ? 'action_save' : 'action_cancel',
131
						'ACTION_HIDDEN' => ($admin->get_permission('groups_add') == true) ? 'action_modify' : 'action_cancel',
132
						'TEXT_GROUPS_NAME' => '',
133
						'GROUP_NAME' => $rec_group['name'],
134
						'FORM_NAME_GROUPMASK' => 'frm_addnew_group',
135
						'GROUPNAME_DISABLED' => '',
136
						'GROUPNAME_INPUT_DISABLED' => ''
137
						));
138
//			$group_id = $rec_group['group_id'];
139
		}
140
// set changed checkboxes and prepare db data
141
		if( isset($_POST['system_permissions']) )
142
		{
143
			$system_permissions = get_system_permissions($admin,$_POST['system_permissions'] );
144
			$rec_group['system_permissions']   = set_system_permissions($_POST['system_permissions']);
145
		} else {
146
			$system_permissions = get_system_permissions($admin,$system_permissions);
147
			$rec_group['system_permissions']   = set_system_permissions($system_permissions);
148
		}
149
//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong>  basename: '.basename(__FILE__).'  line: '.__LINE__.' -> <br />';
150
//print_r( $rec_group['system_permissions']  ); print '</pre>';
151
		$tpl->set_var(array(
152
					'GROUP_ID' => $rec_group['group_id'],
153
					'GROUP_NAME' => $rec_group['name'],
154
					'DISPLAY_ADD' => '',
155
					));
156
		$tpl->parse('show_cmd_permission', 'show_cmd_permission_block', true);
157
		// if the requested group doesn't exist, or $group_id contains 0 so it
158
		// will be shown a empty mask to add a new group
159
		// otherwise the $rec_group object contains existing data from requested group
160
		// $tpl->set_var('GROUP_ID', $group_id != 0 ? $admin->getIDKEY($group_id) : 0);
161
		$tpl->set_var('GROUP_ACTION_URL', $_SERVER['SCRIPT_NAME']);
162
        $header_extra = $mLang->TEXT_FILESYSTEM_PERMISSIONS.' ';
163
		if( ($admin->get_permission('groups_view') == true) )
164
		{
165
			$tpl->set_var('GROUPS_HEADER', $header_extra.$mLang->HEADING_VIEW_GROUP );
166
			if( ($admin->get_permission('groups_modify') == true) )
167
			{
168
			$tpl->set_var('GROUPS_HEADER', ($group_id == 0 ? $header_extra.$mLang->HEADING_ADD_GROUP : $header_extra.$mLang->HEADING_MODIFY_GROUP) );
169
			}
170
		}
171

  
172
// Insert language text and messages
173
		$tpl->set_var('MODULE_FUNCTION', '');
174
		$tpl->set_var($mLang->getLangArray());
175

  
176
// ------------------------
177
// Tell the browser whether or not to show advanced options
178
		$tpl->set_block('show_cmd_permission', 'show_cmd_manage_permission_block', 'permission_block');
179
//		$tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
180
		$tpl->set_block('show_cmd_permission', 'show_cmd_advanced_permission_block', 'advanced_permission_block');
181
// first set the var {hidden_permission_list} to empty
182
//		$tpl->parse('hidden_permission_list', '');
183
// Check and set system permissions boxes in main_block
184

  
185
		if ( true == (isset( $_POST['advanced_action']) && (( $_POST['advanced_action'] == 'no') || strpos( $_POST['advanced_action'], ">>") > 0 ) ) )
186
		{
187
			$tpl->parse('hidden_permission_list', '');
188
			$tpl->set_block('show_cmd_advanced_permission_block', 'show_cmd_hidden_advanced_permission_list_block', 'hidden_advanced_permission_list');
189
			setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] );
190
			$tpl->set_var('DISPLAY_ADVANCED', '');
191
			$tpl->set_var('DISPLAY_BASIC', 'display:none;');
192
			$tpl->set_var('ADVANCED', 'yes');
193
			$tpl->set_var('ADVANCED_ACTION', 'advance_action');
194
			$tpl->set_var('ADVANCED_BUTTON',  ($admin->get_permission('groups') == true) ? '<< '.$mLang->TEXT_HIDE_ADVANCED : '<< '.$mLang->TEXT_HIDE_ADVANCED);
195
			$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS);
196

  
197
			$tpl->parse('advanced_permission_block', 'show_cmd_advanced_permission_block', true);
198
			$tpl->parse('permission_block', '');
199
		} else {
200
			$tpl->parse('hidden_advanced_permission_list', '');
201
			$tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
202
			setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] );
203
			$tpl->set_var('DISPLAY_ADVANCED', '');
204
			$tpl->set_var('DISPLAY_BASIC', '');
205
			$tpl->set_var('ADVANCED', 'no');
206
			$tpl->set_var('ADVANCED_ACTION', 'advance_action');
207
			$tpl->set_var('ADVANCED_BUTTON',  ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_SHOW_ADVANCED.' >>' : $mLang->TEXT_SHOW_ADVANCED.' >>');
208
			$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS.' ');
209

  
210
			$tpl->parse('advanced_permission_block', '');
211
			$tpl->parse('permission_block', 'show_cmd_manage_permission_block', true);
212
		}
213

  
214
// ------------------------
215

  
216
		$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
217
// Insert values into pages module list
218
		$tpl->set_block('show_cmd_permission', 'pages_module_list_block', 'module_list');
219
		$sql  = 'SELECT `directory`,`name`,`function` FROM `'.TABLE_PREFIX.'addons` ';
220
		$sql .= 'WHERE `type` = \'module\' AND `function` <> \'tool\' ';
221
		$sql .= '';
222
		$sql .= 'ORDER BY `function`, `name`';
223
		if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
224
		{
225
        	$tmp_header = '';
226
			while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
227
			{
228
				if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php'))
229
				{
230
                    if( $tmp_header != $addon['function'])
231
					{
232
						$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
233
					} else {
234
						$tpl->set_var('MODULE_FUNCTION', '');
235
					}
236

  
237
					$tpl->set_var('MOD_VALUE', $addon['directory']);
238
					$tpl->set_var('MOD_NAME', $addon['name']);
239
					if(!is_numeric(array_search($addon['directory'], $module_permissions)) )
240
					{
241
						$tpl->set_var('MOD_CHECKED', ' checked="checked"');
242
					} else {
243
	 					$tpl->set_var('MOD_CHECKED', '');
244
					}
245
					$tpl->parse('module_list', 'pages_module_list_block', true);
246
		        }
247
				$tmp_header = $addon['function'];
248
			}
249
		}
250

  
251
		$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
252
		// Insert values into pages module list
253
		$tpl->set_block('show_cmd_permission', 'tools_module_list_block', 'tools_list');
254
		$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'addons` ';
255
		$sql .= 'WHERE `type` = \'module\' AND `function` = \'tool\' ';
256
		$sql .= 'ORDER BY `name`';
257
		if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
258
		{
259
        	$tmp_header = '';
260
			while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
261
			{
262
				if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php'))
263
				{
264
                    if( $tmp_header != $addon['function'])
265
					{
266
						$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
267
					} else {
268
						$tpl->set_var('MODULE_FUNCTION', '');
269
					}
270
					$tpl->set_var('ADM_VALUE', $addon['directory']);
271
					$tpl->set_var('ADM_NAME', $addon['name']);
272
					if(!is_numeric(array_search($addon['directory'], $module_permissions)) )
273
					{
274
						$tpl->set_var('ADM_CHECKED', ' checked="checked"');
275
					} else {
276
	 					$tpl->set_var('ADM_CHECKED', '');
277
					}
278

  
279
					$tpl->parse('tools_list', 'tools_module_list_block', true);
280
		        }
281
				$tmp_header = $addon['function'];
282
			}
283
		}
284
		$tpl->set_var('HEADER_TEMPLATE_FUNCTION', '<h6>'.$mLang->TEXT_TEMPLATE_PERMISSIONS.'</h6>');
285
		// Insert values into pages module list
286
		$tpl->set_block('show_cmd_permission', 'template_list_block', 'template_list');
287
		$sql  = 'SELECT * FROM `'.TABLE_PREFIX.'addons` ';
288
		$sql .= 'WHERE `type` = \'template\' ';
289
		$sql .= 'ORDER BY `function`,`name`';
290
		if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
291
		{
292
        	$tmp_header = '';
293
			while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
294
			{
295
				if(file_exists(WB_PATH.'/templates/'.$addon['directory'].'/info.php'))
296
				{
297
                    if( $tmp_header != $addon['function'])
298
					{
299
						$tpl->set_var('TEMPLATE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
300
					} else {
301
						$tpl->set_var('TEMPLATE_FUNCTION', '');
302
					}
303
					$tpl->set_var('TMP_VALUE', $addon['directory']);
304
					$tpl->set_var('TMP_NAME', $addon['name']);
305
					if(!is_numeric(array_search($addon['directory'], $template_permissions)) )
306
					{
307
						$tpl->set_var('TMP_CHECKED', ' checked="checked"');
308
					} else {
309
	 					$tpl->set_var('TMP_CHECKED', '');
310
					}
311

  
312
					$tpl->parse('template_list', 'template_list_block', true);
313
		        }
314
				$tmp_header = $addon['function'];
315
			}
316
		}
317

  
318
// ------------------------
319
	// Parse template object
320
		$tpl->parse('main', 'main_block', false);
321
		$output = $tpl->finish($tpl->parse('output', 'page'));
322
		unset($tpl);
323
		return $output;
324
	}
0 325

  
branches/2.8.x/wb/admin/groups/upgradePermissions.php
1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         start
6
 * @author          Ryan Djurovich, WebsiteBaker Project
7
 * @copyright       2009-2012, WebsiteBaker Org. e.V.
8
 * @link			http://www.websitebaker2.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.2.2 and higher
12
 * @version         $Id$
13
 * @filesource		$HeadURL$
14
 * @lastmodified    $Date$
15
 *
16
 */
17

  
18
/* -------------------------------------------------------- */
19
// Must include code to stop this file being accessed directly
20
if(defined('WB_PATH') == false)
21
{
22
	// Stop this file being access directly
23
		die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
24
}
25
/* -------------------------------------------------------- */
26

  
27

  
... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff