Revision 1710
Added by Luisehahne about 13 years ago
| branches/2.8.x/CHANGELOG | ||
|---|---|---|
| 13 | 13 |
|
| 14 | 14 |
|
| 15 | 15 |
|
| 16 |
29 Aug-2012 Build 1710 Dietmar Woellbrink (Luisehahne) |
|
| 17 |
! update folder admin/groups, admin/users, admin/skel/htt |
|
| 16 | 18 |
29 Aug-2012 Build 1709 Dietmar Woellbrink (Luisehahne) |
| 17 | 19 |
! update folder framework class.login, admin/login, admin/skel/htt |
| 18 | 20 |
29 Aug-2012 Build 1708 Dietmar Woellbrink (Luisehahne) |
| branches/2.8.x/wb/admin/groups/save.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package groups |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2004-2009, Ryan Djurovich |
|
| 8 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 9 |
* @link http://www.websitebaker2.org/ |
|
| 10 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 11 |
* @platform WebsiteBaker 2.8.x |
|
| 12 |
* @requirements PHP 5.2.2 and higher |
|
| 13 |
* @version $Id$ |
|
| 14 |
* @filesource $HeadURL$ |
|
| 15 |
* @lastmodified $Date$ |
|
| 16 |
* |
|
| 17 |
*/ |
|
| 18 |
|
|
| 19 |
// Print admin header |
|
| 20 |
require('../../config.php');
|
|
| 21 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 22 |
// suppress to print the header, so no new FTAN will be set |
|
| 23 |
$admin = new admin('Access', 'groups_modify', false);
|
|
| 24 |
// Create a javascript back link |
|
| 25 |
$js_back = ADMIN_URL.'/groups/index.php'; |
|
| 26 |
|
|
| 27 |
if (!$admin->checkFTAN()) |
|
| 28 |
{
|
|
| 29 |
$admin->print_header(); |
|
| 30 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back); |
|
| 31 |
} |
|
| 32 |
|
|
| 33 |
// Check if group group_id is a valid number and doesnt equal 1 |
|
| 34 |
$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
|
|
| 35 |
if( ($group_id < 2 ) ) |
|
| 36 |
{
|
|
| 37 |
// if($admin_header) { $admin->print_header(); }
|
|
| 38 |
$admin->print_header(); |
|
| 39 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
| 40 |
} |
|
| 41 |
|
|
| 42 |
// Gather details entered |
|
| 43 |
$group_name = $admin->get_post_escaped('group_name');
|
|
| 44 |
|
|
| 45 |
// Check values |
|
| 46 |
if($group_name == "") {
|
|
| 47 |
$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_BLANK'], $js_back); |
|
| 48 |
} |
|
| 49 |
// After check print the header |
|
| 50 |
$admin->print_header(); |
|
| 51 |
|
|
| 52 |
// Get system permissions |
|
| 53 |
require_once(ADMIN_PATH.'/groups/get_permissions.php'); |
|
| 54 |
|
|
| 55 |
// Update the database |
|
| 56 |
$query = "UPDATE `".TABLE_PREFIX."groups` SET `name` = '$group_name', `system_permissions` = '$system_permissions', `module_permissions` = '$module_permissions', `template_permissions` = '$template_permissions' WHERE `group_id` = '$group_id'"; |
|
| 57 |
|
|
| 58 |
$database->query($query); |
|
| 59 |
if($database->is_error()) {
|
|
| 60 |
$admin->print_error($database->get_error()); |
|
| 61 |
} else {
|
|
| 62 |
$admin->print_success($MESSAGE['GROUPS']['SAVED'], ADMIN_URL.'/groups/index.php'); |
|
| 63 |
} |
|
| 64 |
|
|
| 65 |
// Print admin footer |
|
| 66 |
$admin->print_footer(); |
|
| 67 | 0 | |
| branches/2.8.x/wb/admin/groups/add.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package groups |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2004-2009, Ryan Djurovich |
|
| 8 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 9 |
* @link http://www.websitebaker2.org/ |
|
| 10 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 11 |
* @platform WebsiteBaker 2.8.x |
|
| 12 |
* @requirements PHP 5.2.2 and higher |
|
| 13 |
* @version $Id$ |
|
| 14 |
* @filesource $HeadURL$ |
|
| 15 |
* @lastmodified $Date$ |
|
| 16 |
* |
|
| 17 |
*/ |
|
| 18 |
|
|
| 19 |
// Print admin header |
|
| 20 |
require('../../config.php');
|
|
| 21 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 22 |
|
|
| 23 |
// suppress to print the header, so no new FTAN will be set |
|
| 24 |
$admin = new admin('Access', 'groups_add', false);
|
|
| 25 |
// Create a javascript back link |
|
| 26 |
$js_back = ADMIN_URL.'/groups/index.php'; |
|
| 27 |
|
|
| 28 |
if (!$admin->checkFTAN()) |
|
| 29 |
{
|
|
| 30 |
$admin->print_header(); |
|
| 31 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back); |
|
| 32 |
} |
|
| 33 |
// After check print the header |
|
| 34 |
$admin->print_header(); |
|
| 35 |
|
|
| 36 |
// Gather details entered |
|
| 37 |
$group_name = mysql_real_escape_string(strip_tags(trim($admin->get_post('group_name'))));
|
|
| 38 |
|
|
| 39 |
// Check values |
|
| 40 |
if($group_name == "") {
|
|
| 41 |
$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_BLANK'], $js_back); |
|
| 42 |
} |
|
| 43 |
$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE name = '$group_name'");
|
|
| 44 |
if($results->numRows()>0) {
|
|
| 45 |
$admin->print_error($MESSAGE['GROUPS']['GROUP_NAME_EXISTS'], $js_back); |
|
| 46 |
} |
|
| 47 |
|
|
| 48 |
// Get system and module permissions |
|
| 49 |
require(ADMIN_PATH.'/groups/get_permissions.php'); |
|
| 50 |
|
|
| 51 |
// Update the database |
|
| 52 |
$query = "INSERT INTO ".TABLE_PREFIX."groups (name,system_permissions,module_permissions,template_permissions) VALUES ('$group_name','$system_permissions','$module_permissions','$template_permissions')";
|
|
| 53 |
|
|
| 54 |
$database->query($query); |
|
| 55 |
if($database->is_error()) {
|
|
| 56 |
$admin->print_error($database->get_error()); |
|
| 57 |
} else {
|
|
| 58 |
$admin->print_success($MESSAGE['GROUPS']['ADDED'], ADMIN_URL.'/groups/index.php'); |
|
| 59 |
} |
|
| 60 |
|
|
| 61 |
// Print admin footer |
|
| 62 |
$admin->print_footer(); |
|
| 63 | 0 | |
| branches/2.8.x/wb/admin/groups/get_permissions.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package groups |
|
| 6 |
* @author Ryan Djurovich, WebsiteBaker Project |
|
| 7 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 8 |
* @link http://www.websitebaker2.org/ |
|
| 9 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 10 |
* @platform WebsiteBaker 2.8.x |
|
| 11 |
* @requirements PHP 5.2.2 and higher |
|
| 12 |
* @version $Id$ |
|
| 13 |
* @filesource $HeadURL$ |
|
| 14 |
* @lastmodified $Date$ |
|
| 15 |
* |
|
| 16 |
*/ |
|
| 17 |
|
|
| 18 |
|
|
| 19 |
if(!defined('WB_PATH')) { exit('Direct access to this file is not allowed'); }
|
|
| 20 |
|
|
| 21 |
// Get system permissions |
|
| 22 |
if($admin->get_post('advanced') != 'yes') {
|
|
| 23 |
$system_permissions['pages'] = $admin->get_post('pages');
|
|
| 24 |
$system_permissions['pages_view'] = $system_permissions['pages']; |
|
| 25 |
$system_permissions['pages_add'] = $system_permissions['pages']; |
|
| 26 |
$system_permissions['pages_add_l0'] = $system_permissions['pages']; |
|
| 27 |
$system_permissions['pages_settings'] = $system_permissions['pages']; |
|
| 28 |
$system_permissions['pages_modify'] = $system_permissions['pages']; |
|
| 29 |
$system_permissions['pages_intro'] = $system_permissions['pages']; |
|
| 30 |
$system_permissions['pages_delete'] = $system_permissions['pages']; |
|
| 31 |
$system_permissions['media'] = $admin->get_post('media');
|
|
| 32 |
$system_permissions['media_view'] = $system_permissions['media']; |
|
| 33 |
$system_permissions['media_upload'] = $system_permissions['media']; |
|
| 34 |
$system_permissions['media_rename'] = $system_permissions['media']; |
|
| 35 |
$system_permissions['media_delete'] = $system_permissions['media']; |
|
| 36 |
$system_permissions['media_create'] = $system_permissions['media']; |
|
| 37 |
if($admin->get_post('modules') != '' OR $admin->get_post('templates') != '' OR $admin->get_post('languages') != '') {
|
|
| 38 |
$system_permissions['addons'] = 1; |
|
| 39 |
} else {
|
|
| 40 |
$system_permissions['addons'] = 0; |
|
| 41 |
} |
|
| 42 |
$system_permissions['modules'] = $admin->get_post('modules');
|
|
| 43 |
$system_permissions['modules_view'] = $system_permissions['modules']; |
|
| 44 |
$system_permissions['modules_install'] = $system_permissions['modules']; |
|
| 45 |
$system_permissions['modules_uninstall'] = $system_permissions['modules']; |
|
| 46 |
$system_permissions['templates'] = $admin->get_post('templates');
|
|
| 47 |
$system_permissions['templates_view'] = $system_permissions['templates']; |
|
| 48 |
$system_permissions['templates_install'] = $system_permissions['templates']; |
|
| 49 |
$system_permissions['templates_uninstall'] = $system_permissions['templates']; |
|
| 50 |
$system_permissions['languages'] = $admin->get_post('languages');
|
|
| 51 |
$system_permissions['languages_view'] = $system_permissions['languages']; |
|
| 52 |
$system_permissions['languages_install'] = $system_permissions['languages']; |
|
| 53 |
$system_permissions['languages_uninstall'] = $system_permissions['languages']; |
|
| 54 |
$system_permissions['settings'] = $admin->get_post('settings');
|
|
| 55 |
$system_permissions['settings_basic'] = $system_permissions['settings']; |
|
| 56 |
$system_permissions['settings_advanced'] = $system_permissions['settings']; |
|
| 57 |
if($admin->get_post('users') != '' OR $admin->get_post('groups') != '') {
|
|
| 58 |
$system_permissions['access'] = 1; |
|
| 59 |
} else {
|
|
| 60 |
$system_permissions['access'] = 0; |
|
| 61 |
} |
|
| 62 |
$system_permissions['users'] = $admin->get_post('users');
|
|
| 63 |
$system_permissions['users_view'] = $system_permissions['users']; |
|
| 64 |
$system_permissions['users_add'] = $system_permissions['users']; |
|
| 65 |
$system_permissions['users_modify'] = $system_permissions['users']; |
|
| 66 |
$system_permissions['users_delete'] = $system_permissions['users']; |
|
| 67 |
$system_permissions['groups'] = $admin->get_post('groups');
|
|
| 68 |
$system_permissions['groups_view'] = $system_permissions['groups']; |
|
| 69 |
$system_permissions['groups_add'] = $system_permissions['groups']; |
|
| 70 |
$system_permissions['groups_modify'] = $system_permissions['groups']; |
|
| 71 |
$system_permissions['groups_delete'] = $system_permissions['groups']; |
|
| 72 |
$system_permissions['admintools'] = $admin->get_post('admintools');
|
|
| 73 |
$system_permissions['admintools_settings'] = $system_permissions['admintools']; |
|
| 74 |
} else {
|
|
| 75 |
// Pages |
|
| 76 |
$system_permissions['pages_view'] = $admin->get_post('pages_view');
|
|
| 77 |
$system_permissions['pages_add'] = $admin->get_post('pages_add');
|
|
| 78 |
if($admin->get_post('pages_add') != 1 AND $admin->get_post('pages_add_l0') == 1) {
|
|
| 79 |
$system_permissions['pages_add'] = $admin->get_post('pages_add_l0');
|
|
| 80 |
} |
|
| 81 |
$system_permissions['pages_add_l0'] = $admin->get_post('pages_add_l0');
|
|
| 82 |
$system_permissions['pages_settings'] = $admin->get_post('pages_settings');
|
|
| 83 |
$system_permissions['pages_modify'] = $admin->get_post('pages_modify');
|
|
| 84 |
$system_permissions['pages_intro'] = $admin->get_post('pages_intro');
|
|
| 85 |
$system_permissions['pages_delete'] = $admin->get_post('pages_delete');
|
|
| 86 |
if($system_permissions['pages_view'] == 1 OR $system_permissions['pages_add'] == 1 OR $system_permissions['pages_settings'] == 1 OR $system_permissions['pages_modify'] == 1 OR $system_permissions['pages_intro'] == 1 OR $system_permissions['pages_delete'] == 1) {
|
|
| 87 |
$system_permissions['pages'] = 1; |
|
| 88 |
} else {
|
|
| 89 |
$system_permissions['pages'] = ''; |
|
| 90 |
} |
|
| 91 |
// Media |
|
| 92 |
$system_permissions['media_view'] = $admin->get_post('media_view');
|
|
| 93 |
$system_permissions['media_upload'] = $admin->get_post('media_upload');
|
|
| 94 |
$system_permissions['media_rename'] = $admin->get_post('media_rename');
|
|
| 95 |
$system_permissions['media_delete'] = $admin->get_post('media_delete');
|
|
| 96 |
$system_permissions['media_create'] = $admin->get_post('media_create');
|
|
| 97 |
if($system_permissions['media_view'] == 1 OR $system_permissions['media_upload'] == 1 OR $system_permissions['media_rename'] == 1 OR $system_permissions['media_delete'] == 1 OR $system_permissions['media_create'] == 1) {
|
|
| 98 |
$system_permissions['media'] = 1; |
|
| 99 |
} else {
|
|
| 100 |
$system_permissions['media'] = ''; |
|
| 101 |
} |
|
| 102 |
// Add-ons |
|
| 103 |
// Modules |
|
| 104 |
$system_permissions['modules_view'] = $admin->get_post('modules_view');
|
|
| 105 |
$system_permissions['modules_install'] = $admin->get_post('modules_install');
|
|
| 106 |
$system_permissions['modules_uninstall'] = $admin->get_post('modules_uninstall');
|
|
| 107 |
if($system_permissions['modules_view'] == 1 OR $system_permissions['modules_install'] == 1 OR $system_permissions['modules_uninstall'] == 1) {
|
|
| 108 |
$system_permissions['modules'] = 1; |
|
| 109 |
} else {
|
|
| 110 |
$system_permissions['modules'] = ''; |
|
| 111 |
} |
|
| 112 |
// Templates |
|
| 113 |
$system_permissions['templates_view'] = $admin->get_post('templates_view');
|
|
| 114 |
$system_permissions['templates_install'] = $admin->get_post('templates_install');
|
|
| 115 |
$system_permissions['templates_uninstall'] = $admin->get_post('templates_uninstall');
|
|
| 116 |
if($system_permissions['templates_view'] == 1 OR $system_permissions['templates_install'] == 1 OR $system_permissions['templates_uninstall'] == 1) {
|
|
| 117 |
$system_permissions['templates'] = 1; |
|
| 118 |
} else {
|
|
| 119 |
$system_permissions['templates'] = ''; |
|
| 120 |
} |
|
| 121 |
// Languages |
|
| 122 |
$system_permissions['languages_view'] = $admin->get_post('languages_view');
|
|
| 123 |
$system_permissions['languages_install'] = $admin->get_post('languages_install');
|
|
| 124 |
$system_permissions['languages_uninstall'] = $admin->get_post('languages_uninstall');
|
|
| 125 |
if($system_permissions['languages_install'] == 1 OR $system_permissions['languages_uninstall'] == 1) {
|
|
| 126 |
$system_permissions['languages'] = 1; |
|
| 127 |
} else {
|
|
| 128 |
$system_permissions['languages'] = ''; |
|
| 129 |
} |
|
| 130 |
// Admintools |
|
| 131 |
$system_permissions['admintools_settings'] = $admin->get_post('admintools_settings');
|
|
| 132 |
if($system_permissions['admintools_settings'] == 1) {
|
|
| 133 |
$system_permissions['admintools'] = 1; |
|
| 134 |
} else {
|
|
| 135 |
$system_permissions['admintools'] = ''; |
|
| 136 |
} |
|
| 137 |
if($system_permissions['modules'] == 1 OR $system_permissions['templates'] == 1 OR $system_permissions['languages'] == 1) {
|
|
| 138 |
$system_permissions['addons'] = 1; |
|
| 139 |
} else {
|
|
| 140 |
$system_permissions['addons'] = ''; |
|
| 141 |
} |
|
| 142 |
// Settings |
|
| 143 |
$system_permissions['settings_basic'] = $admin->get_post('settings_basic');
|
|
| 144 |
$system_permissions['settings_advanced'] = $admin->get_post('settings_advanced');
|
|
| 145 |
if($system_permissions['settings_basic'] == 1 OR $system_permissions['settings_advanced'] == 1) {
|
|
| 146 |
$system_permissions['settings'] = 1; |
|
| 147 |
} else {
|
|
| 148 |
$system_permissions['settings'] = ''; |
|
| 149 |
} |
|
| 150 |
// Access |
|
| 151 |
// Users |
|
| 152 |
$system_permissions['users_view'] = $admin->get_post('users_view');
|
|
| 153 |
$system_permissions['users_add'] = $admin->get_post('users_add');
|
|
| 154 |
$system_permissions['users_modify'] = $admin->get_post('users_modify');
|
|
| 155 |
$system_permissions['users_delete'] = $admin->get_post('users_delete');
|
|
| 156 |
if($system_permissions['users_view'] == 1 OR $system_permissions['users_add'] == 1 OR $system_permissions['users_modify'] == 1 OR $system_permissions['users_delete'] == 1) {
|
|
| 157 |
$system_permissions['users'] = 1; |
|
| 158 |
} else {
|
|
| 159 |
$system_permissions['users'] = ''; |
|
| 160 |
} |
|
| 161 |
// Groups |
|
| 162 |
$system_permissions['groups_view'] = $admin->get_post('groups_view');
|
|
| 163 |
$system_permissions['groups_add'] = $admin->get_post('groups_add');
|
|
| 164 |
$system_permissions['groups_modify'] = $admin->get_post('groups_modify');
|
|
| 165 |
$system_permissions['groups_delete'] = $admin->get_post('groups_delete');
|
|
| 166 |
if($system_permissions['groups_view'] == 1 OR $system_permissions['groups_add'] == 1 OR $system_permissions['groups_modify'] == 1 OR $system_permissions['groups_delete'] == 1) {
|
|
| 167 |
$system_permissions['groups'] = 1; |
|
| 168 |
} else {
|
|
| 169 |
$system_permissions['groups'] = ''; |
|
| 170 |
} |
|
| 171 |
if($system_permissions['users'] == 1 OR $system_permissions['groups'] == 1) {
|
|
| 172 |
$system_permissions['access'] = 1; |
|
| 173 |
} else {
|
|
| 174 |
$system_permissions['access'] = ''; |
|
| 175 |
} |
|
| 176 |
} |
|
| 177 |
|
|
| 178 |
// Implode system permissions |
|
| 179 |
$imploded_system_permissions = ''; |
|
| 180 |
foreach($system_permissions AS $name => $value) {
|
|
| 181 |
if($value == true) {
|
|
| 182 |
if($imploded_system_permissions == '') {
|
|
| 183 |
$imploded_system_permissions = $name; |
|
| 184 |
} else {
|
|
| 185 |
$imploded_system_permissions .= ','.$name; |
|
| 186 |
} |
|
| 187 |
} |
|
| 188 |
} |
|
| 189 |
|
|
| 190 |
$system_permissions = $imploded_system_permissions; |
|
| 191 |
|
|
| 192 |
// Get module permissions |
|
| 193 |
$module_permissions = ''; |
|
| 194 |
if($handle = opendir(WB_PATH.'/modules/')) {
|
|
| 195 |
while (false !== ($file = readdir($handle))) {
|
|
| 196 |
if($file != "." AND $file != ".." AND $file != ".svn" AND is_dir(WB_PATH."/modules/$file") AND file_exists(WB_PATH."/modules/$file/info.php")) {
|
|
| 197 |
// Include the modules info file |
|
| 198 |
require(WB_PATH.'/modules/'.$file.'/info.php'); |
|
| 199 |
// Check if it was selected to be used or not |
|
| 200 |
$count = 0; |
|
| 201 |
if(is_array($admin->get_post('module_permissions'))) {
|
|
| 202 |
foreach($admin->get_post('module_permissions') AS $selected_name) {
|
|
| 203 |
if($file == $selected_name) {
|
|
| 204 |
$count = $count+1; |
|
| 205 |
} |
|
| 206 |
} |
|
| 207 |
} |
|
| 208 |
if($count == 0) {
|
|
| 209 |
// Add unselected modules to list |
|
| 210 |
if($module_permissions == '') {
|
|
| 211 |
$module_permissions = $file; |
|
| 212 |
} else {
|
|
| 213 |
$module_permissions .= ','.$file; |
|
| 214 |
} |
|
| 215 |
} |
|
| 216 |
} |
|
| 217 |
} |
|
| 218 |
} |
|
| 219 |
|
|
| 220 |
// Get template permissions |
|
| 221 |
$template_permissions = ''; |
|
| 222 |
if($handle = opendir(WB_PATH.'/templates/')) {
|
|
| 223 |
while (false !== ($file = readdir($handle))) {
|
|
| 224 |
if($file != "." AND $file != ".." AND $file != ".svn" AND is_dir(WB_PATH."/templates/$file") AND file_exists(WB_PATH."/templates/$file/info.php")) {
|
|
| 225 |
// Include the modules info file |
|
| 226 |
require(WB_PATH.'/templates/'.$file.'/info.php'); |
|
| 227 |
// Check if it was selected to be used or not |
|
| 228 |
$count = 0; |
|
| 229 |
if(is_array($admin->get_post('template_permissions'))) {
|
|
| 230 |
foreach($admin->get_post('template_permissions') AS $selected_name) {
|
|
| 231 |
if($file == $selected_name) {
|
|
| 232 |
$count = $count+1; |
|
| 233 |
} |
|
| 234 |
} |
|
| 235 |
} |
|
| 236 |
if($count == 0) {
|
|
| 237 |
// Add unselected modules to list |
|
| 238 |
if($template_permissions == '') {
|
|
| 239 |
$template_permissions = $file; |
|
| 240 |
} else {
|
|
| 241 |
$template_permissions .= ','.$file; |
|
| 242 |
} |
|
| 243 |
} |
|
| 244 |
} |
|
| 245 |
} |
|
| 246 |
} |
|
| 247 |
|
|
| 248 |
?> |
|
| 249 | 0 | |
| branches/2.8.x/wb/admin/groups/groups.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package groups |
|
| 6 |
* @author Ryan Djurovich, WebsiteBaker Project |
|
| 7 |
* @copyright 2009-2011, Website Baker Org. e.V. |
|
| 8 |
* @link http://www.websitebaker2.org/ |
|
| 9 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 10 |
* @platform WebsiteBaker 2.8.x |
|
| 11 |
* @requirements PHP 5.2.2 and higher |
|
| 12 |
* @version $Id$ |
|
| 13 |
* @filesource $HeadURL$ |
|
| 14 |
* @lastmodified $Date$ |
|
| 15 |
* |
|
| 16 |
*/ |
|
| 17 |
|
|
| 18 |
// Include config file and admin class file |
|
| 19 |
require('../../config.php');
|
|
| 20 |
require_once(WB_PATH.'/framework/class.admin.php'); |
|
| 21 |
|
|
| 22 |
// Set parameter 'action' as alternative to javascript mechanism |
|
| 23 |
$action = 'cancel'; |
|
| 24 |
// Set parameter 'action' as alternative to javascript mechanism |
|
| 25 |
$action = (isset($_POST['action']) && ($_POST['action'] ='modify') ? 'modify' : $action ); |
|
| 26 |
$action = (isset($_POST['modify']) ? 'modify' : $action ); |
|
| 27 |
$action = (isset($_POST['delete']) ? 'delete' : $action ); |
|
| 28 |
|
|
| 29 |
switch ($action): |
|
| 30 |
case 'modify' : |
|
| 31 |
|
|
| 32 |
// Create new admin object |
|
| 33 |
$admin = new admin('Access', 'groups_modify' );
|
|
| 34 |
// Check if group group_id is a valid number and doesnt equal 1 |
|
| 35 |
$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
|
|
| 36 |
if($group_id == 0){
|
|
| 37 |
$admin->print_error($MESSAGE['USERS_NO_GROUP'] ); |
|
| 38 |
} |
|
| 39 |
if( ($group_id < 2 ) ) |
|
| 40 |
{
|
|
| 41 |
// if($admin_header) { $admin->print_header(); }
|
|
| 42 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
| 43 |
} |
|
| 44 |
|
|
| 45 |
// Get existing values |
|
| 46 |
$results = $database->query("SELECT * FROM ".TABLE_PREFIX."groups WHERE group_id = '".$group_id."'");
|
|
| 47 |
$group = $results->fetchRow(); |
|
| 48 |
// Setup template object, parse vars to it, then parse it |
|
| 49 |
// Create new template object |
|
| 50 |
$template = new Template(dirname($admin->correct_theme_source('groups_form.htt')));
|
|
| 51 |
// $template->debug = true; |
|
| 52 |
$template->set_file('page', 'groups_form.htt');
|
|
| 53 |
$template->set_block('page', 'main_block', 'main');
|
|
| 54 |
$template->set_var( array( |
|
| 55 |
'ACTION_URL' => ADMIN_URL.'/groups/save.php', |
|
| 56 |
'SUBMIT_TITLE' => $TEXT['SAVE'], |
|
| 57 |
'GROUP_ID' => $admin->getIDKEY($group['group_id']), |
|
| 58 |
'GROUP_NAME' => $group['name'], |
|
| 59 |
'ADVANCED_LINK' => 'groups.php', |
|
| 60 |
'FTAN' => $admin->getFTAN() |
|
| 61 |
)); |
|
| 62 |
// Tell the browser whether or not to show advanced options |
|
| 63 |
if( true == (isset( $_POST['advanced']) AND ( strpos( $_POST['advanced'], ">>") > 0 ) ) ) {
|
|
| 64 |
$template->set_var('DISPLAY_ADVANCED', '');
|
|
| 65 |
$template->set_var('DISPLAY_BASIC', 'display:none;');
|
|
| 66 |
$template->set_var('ADVANCED', 'yes');
|
|
| 67 |
$template->set_var('ADVANCED_BUTTON', '<< '.$TEXT['HIDE_ADVANCED']);
|
|
| 68 |
} else {
|
|
| 69 |
$template->set_var('DISPLAY_ADVANCED', 'display:none;');
|
|
| 70 |
$template->set_var('DISPLAY_BASIC', '');
|
|
| 71 |
$template->set_var('ADVANCED', 'no');
|
|
| 72 |
$template->set_var('ADVANCED_BUTTON', $TEXT['SHOW_ADVANCED'].' >>');
|
|
| 73 |
} |
|
| 74 |
|
|
| 75 |
// Explode system permissions |
|
| 76 |
$system_permissions = explode(',', $group['system_permissions']);
|
|
| 77 |
// Check system permissions boxes |
|
| 78 |
foreach($system_permissions AS $name) {
|
|
| 79 |
$template->set_var($name.'_checked', ' checked="checked"'); |
|
| 80 |
} |
|
| 81 |
// Explode module permissions |
|
| 82 |
$module_permissions = explode(',', $group['module_permissions']);
|
|
| 83 |
// Explode template permissions |
|
| 84 |
$template_permissions = explode(',', $group['template_permissions']);
|
|
| 85 |
|
|
| 86 |
// Insert values into module list |
|
| 87 |
$template->set_block('main_block', 'module_list_block', 'module_list');
|
|
| 88 |
$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "module" AND `function` = "page" ORDER BY `name`');
|
|
| 89 |
if($result->numRows() > 0) {
|
|
| 90 |
while($addon = $result->fetchRow()) {
|
|
| 91 |
$template->set_var('VALUE', $addon['directory']);
|
|
| 92 |
$template->set_var('NAME', $addon['name']);
|
|
| 93 |
if(!is_numeric(array_search($addon['directory'], $module_permissions))) {
|
|
| 94 |
$template->set_var('CHECKED', ' checked="checked"');
|
|
| 95 |
} else {
|
|
| 96 |
$template->set_var('CHECKED', '');
|
|
| 97 |
} |
|
| 98 |
$template->parse('module_list', 'module_list_block', true);
|
|
| 99 |
} |
|
| 100 |
} |
|
| 101 |
|
|
| 102 |
// Insert values into template list |
|
| 103 |
$template->set_block('main_block', 'template_list_block', 'template_list');
|
|
| 104 |
$result = $database->query('SELECT * FROM `'.TABLE_PREFIX.'addons` WHERE `type` = "template" ORDER BY `name`');
|
|
| 105 |
if($result->numRows() > 0) {
|
|
| 106 |
while($addon = $result->fetchRow()) {
|
|
| 107 |
$template->set_var('VALUE', $addon['directory']);
|
|
| 108 |
$template->set_var('NAME', $addon['name']);
|
|
| 109 |
if(!is_numeric(array_search($addon['directory'], $template_permissions))) {
|
|
| 110 |
$template->set_var('CHECKED', ' checked="checked"');
|
|
| 111 |
} else {
|
|
| 112 |
$template->set_var('CHECKED', '');
|
|
| 113 |
} |
|
| 114 |
$template->parse('template_list', 'template_list_block', true);
|
|
| 115 |
} |
|
| 116 |
} |
|
| 117 |
|
|
| 118 |
// Insert language text and messages |
|
| 119 |
$template->set_var(array( |
|
| 120 |
'TEXT_RESET' => $TEXT['RESET'], |
|
| 121 |
'TEXT_ACTIVE' => $TEXT['ACTIVE'], |
|
| 122 |
'TEXT_DISABLED' => $TEXT['DISABLED'], |
|
| 123 |
'TEXT_PLEASE_SELECT' => $TEXT['PLEASE_SELECT'], |
|
| 124 |
'TEXT_USERNAME' => $TEXT['USERNAME'], |
|
| 125 |
'TEXT_PASSWORD' => $TEXT['PASSWORD'], |
|
| 126 |
'TEXT_RETYPE_PASSWORD' => $TEXT['RETYPE_PASSWORD'], |
|
| 127 |
'TEXT_DISPLAY_NAME' => $TEXT['DISPLAY_NAME'], |
|
| 128 |
'TEXT_EMAIL' => $TEXT['EMAIL'], |
|
| 129 |
'TEXT_GROUP' => $TEXT['GROUP'], |
|
| 130 |
'TEXT_SYSTEM_PERMISSIONS' => $TEXT['SYSTEM_PERMISSIONS'], |
|
| 131 |
'TEXT_MODULE_PERMISSIONS' => $TEXT['MODULE_PERMISSIONS'], |
|
| 132 |
'TEXT_TEMPLATE_PERMISSIONS' => $TEXT['TEMPLATE_PERMISSIONS'], |
|
| 133 |
'TEXT_NAME' => $TEXT['NAME'], |
|
| 134 |
'SECTION_PAGES' => $MENU['PAGES'], |
|
| 135 |
'SECTION_MEDIA' => $MENU['MEDIA'], |
|
| 136 |
'SECTION_MODULES' => $MENU['MODULES'], |
|
| 137 |
'SECTION_TEMPLATES' => $MENU['TEMPLATES'], |
|
| 138 |
'SECTION_LANGUAGES' => $MENU['LANGUAGES'], |
|
| 139 |
'SECTION_SETTINGS' => $MENU['SETTINGS'], |
|
| 140 |
'SECTION_USERS' => $MENU['USERS'], |
|
| 141 |
'SECTION_GROUPS' => $MENU['GROUPS'], |
|
| 142 |
'SECTION_ADMINTOOLS' => $MENU['ADMINTOOLS'], |
|
| 143 |
'TEXT_VIEW' => $TEXT['VIEW'], |
|
| 144 |
'TEXT_ADD' => $TEXT['ADD'], |
|
| 145 |
'TEXT_LEVEL' => $TEXT['LEVEL'], |
|
| 146 |
'TEXT_MODIFY' => $TEXT['MODIFY'], |
|
| 147 |
'TEXT_DELETE' => $TEXT['DELETE'], |
|
| 148 |
'TEXT_MODIFY_CONTENT' => $TEXT['MODIFY_CONTENT'], |
|
| 149 |
'TEXT_MODIFY_SETTINGS' => $TEXT['MODIFY_SETTINGS'], |
|
| 150 |
'HEADING_MODIFY_INTRO_PAGE' => $HEADING['MODIFY_INTRO_PAGE'], |
|
| 151 |
'TEXT_CREATE_FOLDER' => $TEXT['CREATE_FOLDER'], |
|
| 152 |
'TEXT_RENAME' => $TEXT['RENAME'], |
|
| 153 |
'TEXT_UPLOAD_FILES' => $TEXT['UPLOAD_FILES'], |
|
| 154 |
'TEXT_BASIC' => $TEXT['BASIC'], |
|
| 155 |
'TEXT_ADVANCED' => $TEXT['ADVANCED'], |
|
| 156 |
'CHANGING_PASSWORD' => $MESSAGE['USERS']['CHANGING_PASSWORD'], |
|
| 157 |
'HEADING_MODIFY_GROUP' => $HEADING['MODIFY_GROUP'], |
|
| 158 |
)); |
|
| 159 |
|
|
| 160 |
// Parse template object |
|
| 161 |
$template->parse('main', 'main_block', false);
|
|
| 162 |
$template->pparse('output', 'page');
|
|
| 163 |
// Print admin footer |
|
| 164 |
$admin->print_footer(); break; |
|
| 165 |
case 'delete' : |
|
| 166 |
// Create new admin object |
|
| 167 |
$admin = new admin('Access', 'groups_delete');
|
|
| 168 |
$group_id = intval($admin->checkIDKEY('group_id', 0, $_SERVER['REQUEST_METHOD']));
|
|
| 169 |
if($group_id == 0){
|
|
| 170 |
$admin->print_error($MESSAGE['USERS_NO_GROUP'] ); |
|
| 171 |
} |
|
| 172 |
// Check if user id is a valid number and doesnt equal 1 |
|
| 173 |
if( ($group_id < 2 ) ) |
|
| 174 |
{
|
|
| 175 |
// if($admin_header) { $admin->print_header(); }
|
|
| 176 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'] ); |
|
| 177 |
} |
|
| 178 |
// Print header |
|
| 179 |
$admin->print_header(); |
|
| 180 |
// Delete the group |
|
| 181 |
$database->query("DELETE FROM `".TABLE_PREFIX."groups` WHERE `group_id` = '".$group_id."' LIMIT 1");
|
|
| 182 |
if($database->is_error()) {
|
|
| 183 |
$admin->print_error($database->get_error()); |
|
| 184 |
} else {
|
|
| 185 |
// Delete users in the group |
|
| 186 |
$database->query("DELETE FROM `".TABLE_PREFIX."users` WHERE `group_id` = '".$group_id."'");
|
|
| 187 |
if($database->is_error()) {
|
|
| 188 |
$admin->print_error($database->get_error()); |
|
| 189 |
} else {
|
|
| 190 |
$admin->print_success($MESSAGE['GROUPS']['DELETED']); |
|
| 191 |
} |
|
| 192 |
} |
|
| 193 |
// Print admin footer |
|
| 194 |
$admin->print_footer(); |
|
| 195 |
break; |
|
| 196 |
default: |
|
| 197 |
break; |
|
| 198 |
endswitch; |
|
| 199 | 0 | |
| branches/2.8.x/wb/admin/groups/delete.inc.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* @category admin |
|
| 4 |
* @package groups |
|
| 5 |
* @author Independend-Software-Team |
|
| 6 |
* @author WebsiteBaker Project |
|
| 7 |
* @copyright 2009-2012, Website Baker Org. e.V. |
|
| 8 |
* @link http://www.websitebaker2.org/ |
|
| 9 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 10 |
* @platform WebsiteBaker 2.8.x |
|
| 11 |
* @requirements PHP 5.2.2 and higher |
|
| 12 |
* @version $Id$ |
|
| 13 |
* @filesource $HeadURL$ |
|
| 14 |
* @lastmodified $Date$ |
|
| 15 |
* @description all basic actions of this module, called by dispatcher only. |
|
| 16 |
*/ |
|
| 17 |
|
|
| 18 |
// Must include code to stop this file being access directly |
|
| 19 |
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
|
|
| 20 |
|
|
| 21 |
/* ***************************************************************************** |
|
| 22 |
* Delete an existing group and remove existing group in user |
|
| 23 |
* @access public |
|
| 24 |
* @param object $admin: admin-object |
|
| 25 |
* @param int $group_id: ID from group to delete |
|
| 26 |
* @return bool: true or false |
|
| 27 |
*/ |
|
| 28 |
function delete_group($admin, $group_id = 0) |
|
| 29 |
{
|
|
| 30 |
global $MESSAGE; |
|
| 31 |
$database = WbDatabase::getInstance(); |
|
| 32 |
// first check form-tan |
|
| 33 |
if($admin->checkFTAN()) |
|
| 34 |
{
|
|
| 35 |
if($group_id > 1) // prevent admin [ID 1] from being deleted |
|
| 36 |
{
|
|
| 37 |
$sql = 'SELECT `name` FROM `'.TABLE_PREFIX.'groups` WHERE `group_id` = '.$group_id; |
|
| 38 |
$groupname = ($database->get_one($sql)); |
|
| 39 |
// $sql = 'SELECT * FROM `'.TABLE_PREFIX.'groups` '; |
|
| 40 |
$sql = 'DELETE FROM `'.TABLE_PREFIX.'groups` '; |
|
| 41 |
$sql .= 'WHERE `group_id` = '.$group_id; |
|
| 42 |
if($database->query($sql) != false) |
|
| 43 |
{
|
|
| 44 |
// remove group from users groups_id |
|
| 45 |
msgQueue :: add($MESSAGE['GROUPS_DELETED'],true); |
|
| 46 |
$sql = 'SELECT `user_id`, `groups_id`, `home_folder` FROM `'.TABLE_PREFIX.'users` WHERE user_id != 1'; |
|
| 47 |
if(($res_users = $database->query($sql)) && ($res_users->numRows() > 0) ) |
|
| 48 |
{
|
|
| 49 |
while($rec_users = $res_users->fetchRow(MYSQL_ASSOC)) |
|
| 50 |
{
|
|
| 51 |
$user_id = $rec_users['user_id']; |
|
| 52 |
$groups_id = explode(',',$rec_users['groups_id']);
|
|
| 53 |
|
|
| 54 |
if( is_numeric($x = array_search($group_id, $groups_id)) ) |
|
| 55 |
{
|
|
| 56 |
unset($groups_id[$x]); |
|
| 57 |
$groups_id = (sizeof($groups_id) == 0) ? FRONTEND_SIGNUP : implode(',',$groups_id);
|
|
| 58 |
$groups_id = ( ($groups_id == 1) && (trim($rec_users['home_folder']) != '') ) ? FRONTEND_SIGNUP : $groups_id; |
|
| 59 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` SET '; |
|
| 60 |
$sql .= '`groups_id` = \''.$groups_id.'\' '; |
|
| 61 |
$sql .= 'WHERE `user_id` = '.$user_id; |
|
| 62 |
if( $database->query($sql) ) |
|
| 63 |
{
|
|
| 64 |
$sql_info = mysql_info($database->db_handle); |
|
| 65 |
if(preg_match('/matched: *([1-9][0-9]*)/i', $sql_info) != 1)
|
|
| 66 |
{
|
|
| 67 |
msgQueue :: add($MESSAGE['RECORD_MODIFIED_FAILED']); |
|
| 68 |
} |
|
| 69 |
} else {
|
|
| 70 |
|
|
| 71 |
msgQueue :: add($database->get_error()); |
|
| 72 |
} |
|
| 73 |
} |
|
| 74 |
} |
|
| 75 |
} |
|
| 76 |
// $admin->print_success($msg); |
|
| 77 |
} else {
|
|
| 78 |
msgQueue :: add($MESSAGE['RECORD_MODIFIED_FAILED']); |
|
| 79 |
} |
|
| 80 |
} |
|
| 81 |
} else {
|
|
| 82 |
msgQueue :: add($MESSAGE['GENERIC_SECURITY_OFFENSE']); |
|
| 83 |
} |
|
| 84 |
} |
|
| 0 | 85 | |
| branches/2.8.x/wb/admin/groups/languages/EN.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/**************************************************************************************** |
|
| 3 |
* extended language definition for WebsiteBaker * |
|
| 4 |
* ACP-module pages * |
|
| 5 |
* english (GB) * |
|
| 6 |
****************************************************************************************/ |
|
| 7 |
|
|
| 8 |
$HEADING['ADD_GROUP'] = 'Add Group'; |
|
| 9 |
$HEADING['ADD_GROUPS'] = 'Add Groups'; |
|
| 10 |
$HEADING['MODIFY_DELETE_GROUP'] = 'Modify/Delete Group'; |
|
| 11 |
$HEADING['MODIFY_DELETE_PAGE'] = 'Modify/Delete Page'; |
|
| 12 |
$HEADING['MODIFY_DELETE_USER'] = 'Modify/Delete User'; |
|
| 13 |
$HEADING['MODIFY_GROUP'] = 'Modify Group'; |
|
| 14 |
$HEADING['MODIFY_GROUPS'] = 'Modify Groups'; |
|
| 15 |
$HEADING['MODIFY_INTRO_PAGE'] = 'Modify Intro Page'; |
|
| 16 |
$HEADING['VIEW_GROUP'] = 'View Group'; |
|
| 17 |
$HEADING['VIEW_GROUPS'] = 'View Groups'; |
|
| 18 |
|
|
| 19 |
$MENU['ADMINTOOLS'] = 'Admin-Tools'; |
|
| 20 |
$MENU['GROUP'] = 'Group'; |
|
| 21 |
$MENU['GROUPS'] = 'Groups'; |
|
| 22 |
$MENU['HELP'] = 'Help'; |
|
| 23 |
$MENU['LANGUAGES'] = 'Languages'; |
|
| 24 |
$MENU['LOGIN'] = 'Login'; |
|
| 25 |
$MENU['LOGOUT'] = 'Log-out'; |
|
| 26 |
$MENU['MEDIA'] = 'Media'; |
|
| 27 |
$MENU['MODULES'] = 'Modules'; |
|
| 28 |
$MENU['PAGES'] = 'Pages'; |
|
| 29 |
$MENU['PREFERENCES'] = 'Preferences'; |
|
| 30 |
$MENU['USER_PREFERENCES'] = 'User Preferences'; |
|
| 31 |
$MENU['SETTINGS'] = 'Settings'; |
|
| 32 |
$MENU['START'] = 'Start'; |
|
| 33 |
$MENU['TEMPLATES'] = 'Templates'; |
|
| 34 |
$MENU['USERS'] = 'Users'; |
|
| 35 |
$MENU['VIEW'] = 'View'; |
|
| 36 |
|
|
| 37 |
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Last modification by'; |
|
| 38 |
|
|
| 39 |
$TEXT['ACTIONS'] = 'Actions'; |
|
| 40 |
$TEXT['ACTIVE'] = 'Active'; |
|
| 41 |
$TEXT['ADD'] = 'Add'; |
|
| 42 |
$TEXT['ADVANCED'] = 'Advanced'; |
|
| 43 |
$TEXT['BACK'] = 'Back'; |
|
| 44 |
$TEXT['BASIC'] = 'Basic'; |
|
| 45 |
$TEXT['CANCEL'] = 'Cancel'; |
|
| 46 |
$TEXT['CREATE_FOLDER'] = 'Create Folder'; |
|
| 47 |
$TEXT['DELETE'] = 'Delete'; |
|
| 48 |
$TEXT['DELETED'] = 'Deleted'; |
|
| 49 |
$TEXT['FILESYSTEM_PERMISSIONS'] = 'Filesystem Permissions'; |
|
| 50 |
$TEXT['GROUP'] = 'Group'; |
|
| 51 |
$TEXT['HIDE_ADVANCED'] = 'Hide Advanced Options'; |
|
| 52 |
$TEXT['LANGUAGE'] = 'Language'; |
|
| 53 |
$TEXT['LEVEL'] = 'Level'; |
|
| 54 |
$TEXT['MANAGE_GROUPS'] = 'Manage Groups'; |
|
| 55 |
$TEXT['MANAGE_USERS'] = 'Manage Users'; |
|
| 56 |
$TEXT['MODIFY'] = 'Modify'; |
|
| 57 |
$TEXT['MODIFY_CONTENT'] = 'Modify Content'; |
|
| 58 |
$TEXT['MODIFY_SETTINGS'] = 'Modify Settings'; |
|
| 59 |
$TEXT['MODULE_PERMISSIONS'] = 'Module Permissions'; |
|
| 60 |
$TEXT['PLEASE_SELECT'] = 'Please select'; |
|
| 61 |
$TEXT['RENAME'] = 'Rename'; |
|
| 62 |
$TEXT['RESET'] = 'Reset'; |
|
| 63 |
$TEXT['SAVE'] = 'Save'; |
|
| 64 |
$TEXT['SHOW'] = 'Show'; |
|
| 65 |
$TEXT['SHOW_ADVANCED'] = 'Show Advanced Options'; |
|
| 66 |
$TEXT['SYSTEM_DEFAULT'] = 'System Default'; |
|
| 67 |
$TEXT['SYSTEM_PERMISSIONS'] = 'System Permissions'; |
|
| 68 |
$TEXT['TEMPLATE_PERMISSIONS'] = 'Template Permissions'; |
|
| 69 |
$TEXT['UPLOAD_FILES'] = 'Upload File(s)'; |
|
| 70 |
$TEXT['VIEW'] = 'View'; |
|
| 71 |
$TEXT['VIEW_DETAILS'] = 'View Details'; |
|
| 72 |
$TEXT['VISIBILITY'] = 'Visibility'; |
|
| 0 | 73 | |
| branches/2.8.x/wb/admin/groups/languages/DE.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/**************************************************************************************** |
|
| 3 |
* extended language definition for WebsiteBaker * |
|
| 4 |
* ACP-module groups * |
|
| 5 |
* deutsch * |
|
| 6 |
****************************************************************************************/ |
|
| 7 |
|
|
| 8 |
|
|
| 9 |
|
|
| 10 |
$HEADING['ADD_GROUP'] = 'Gruppe hinzufügen'; |
|
| 11 |
$HEADING['ADD_GROUPS'] = 'Gruppen hinzufügen'; |
|
| 12 |
$HEADING['MODIFY_DELETE_GROUP'] = 'Ändern/Löschen von Gruppen'; |
|
| 13 |
$HEADING['MODIFY_DELETE_PAGE'] = 'Seite ändern/Seite löschen'; |
|
| 14 |
$HEADING['MODIFY_DELETE_USER'] = 'Ändern/Löschen von Benutzern'; |
|
| 15 |
$HEADING['MODIFY_GROUP'] = 'Gruppe ändern'; |
|
| 16 |
$HEADING['MODIFY_GROUPS'] = 'Gruppen ändern'; |
|
| 17 |
$HEADING['MODIFY_INTRO_PAGE'] = 'Eingangsseite ändern'; |
|
| 18 |
$HEADING['VIEW_GROUP'] = 'Gruppe Ansicht'; |
|
| 19 |
$HEADING['VIEW_GROUPS'] = 'Gruppen Ansicht'; |
|
| 20 |
|
|
| 21 |
$MENU['ADMINTOOLS'] = 'Admin-Tools'; |
|
| 22 |
$MENU['GROUP'] = 'Gruppe'; |
|
| 23 |
$MENU['GROUPS'] = 'Gruppen'; |
|
| 24 |
$MENU['HELP'] = 'Hilfe'; |
|
| 25 |
$MENU['LANGUAGES'] = 'Sprachen'; |
|
| 26 |
$MENU['LOGIN'] = 'Anmeldung'; |
|
| 27 |
$MENU['LOGOUT'] = 'Abmelden'; |
|
| 28 |
$MENU['MEDIA'] = 'Medien'; |
|
| 29 |
$MENU['MODULES'] = 'Module'; |
|
| 30 |
$MENU['PAGES'] = 'Seiten'; |
|
| 31 |
$MENU['PREFERENCES'] = 'Einstellungen'; |
|
| 32 |
$MENU['USER_PREFERENCES'] = 'User Einstellungen'; |
|
| 33 |
$MENU['SETTINGS'] = 'Optionen'; |
|
| 34 |
$MENU['START'] = 'Start'; |
|
| 35 |
$MENU['TEMPLATES'] = 'Designvorlagen'; |
|
| 36 |
$MENU['USERS'] = 'Benutzer'; |
|
| 37 |
$MENU['VIEW'] = 'Ansicht'; |
|
| 38 |
|
|
| 39 |
$MESSAGE['PAGES_LAST_MODIFIED'] = 'Letzte Änderung durch'; |
|
| 40 |
|
|
| 41 |
$TEXT['ACTIONS'] = 'Aktionen'; |
|
| 42 |
$TEXT['ACTIVE'] = 'Aktiv'; |
|
| 43 |
$TEXT['ADD'] = 'Hinzufügen'; |
|
| 44 |
$TEXT['ADVANCED'] = 'Erweitert'; |
|
| 45 |
$TEXT['BACK'] = 'Zurück'; |
|
| 46 |
$TEXT['BASIC'] = 'Einfach'; |
|
| 47 |
$TEXT['CANCEL'] = 'Abbrechen'; |
|
| 48 |
$TEXT['CREATE_FOLDER'] = 'Ordner anlegen'; |
|
| 49 |
$TEXT['DELETE'] = 'Entfernen'; |
|
| 50 |
$TEXT['DELETED'] = 'Gelöscht'; |
|
| 51 |
$TEXT['FILESYSTEM_PERMISSIONS'] = 'Zugriffsrechte'; |
|
| 52 |
$TEXT['GROUP'] = 'Gruppe'; |
|
| 53 |
$TEXT['HIDE_ADVANCED'] = 'Erweiterte Optionen verdecken'; |
|
| 54 |
$TEXT['LANGUAGE'] = 'Sprache'; |
|
| 55 |
$TEXT['LEVEL'] = 'Ebene'; |
|
| 56 |
$TEXT['MANAGE_GROUPS'] = 'Gruppen verwalten'; |
|
| 57 |
$TEXT['MANAGE_USERS'] = 'Benutzer verwalten'; |
|
| 58 |
$TEXT['MODIFY'] = 'Ändern'; |
|
| 59 |
$TEXT['MODIFY_CONTENT'] = 'Inhalt ändern'; |
|
| 60 |
$TEXT['MODIFY_SETTINGS'] = 'Optionen ändern'; |
|
| 61 |
$TEXT['MODULE_PERMISSIONS'] = 'Modulberechtigungen'; |
|
| 62 |
$TEXT['PLEASE_SELECT'] = 'Bitte auswählen'; |
|
| 63 |
$TEXT['RENAME'] = 'Umbenennen'; |
|
| 64 |
$TEXT['RESET'] = 'Zurücksetzen'; |
|
| 65 |
$TEXT['SAVE'] = 'Speichern'; |
|
| 66 |
$TEXT['SHOW'] = 'zeigen'; |
|
| 67 |
$TEXT['SHOW_ADVANCED'] = 'Erweiterte Optionen anzeigen'; |
|
| 68 |
$TEXT['SYSTEM_DEFAULT'] = 'Standardeinstellung'; |
|
| 69 |
$TEXT['SYSTEM_PERMISSIONS'] = 'Zugangsberechtigungen'; |
|
| 70 |
$TEXT['TEMPLATE_PERMISSIONS'] = 'Zugriffsrechte für Vorlagen'; |
|
| 71 |
$TEXT['UPLOAD_FILES'] = 'Datei(en) übertragen'; |
|
| 72 |
$TEXT['VIEW'] = 'Ansicht'; |
|
| 73 |
$TEXT['VIEW_DETAILS'] = 'Details'; |
|
| 74 |
$TEXT['VISIBILITY'] = 'Sichtbarkeit'; |
|
| 0 | 75 | |
| branches/2.8.x/wb/admin/groups/groups_list.inc.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* @category admin |
|
| 4 |
* @package groups |
|
| 5 |
* @author WebsiteBaker Project, Independend-Software-Team |
|
| 6 |
* @copyright 2009-2012, WebsiteBaker Org. e.V. |
|
| 7 |
* @link http://www.websitebaker2.org/ |
|
| 8 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 9 |
* @platform WebsiteBaker 2.8.x |
|
| 10 |
* @requirements PHP 5.2.2 and higher |
|
| 11 |
* @version $Id$ |
|
| 12 |
* @filesource $HeadURL$ |
|
| 13 |
* @lastmodified $Date$ |
|
| 14 |
* @description all basic actions of this module, called by dispatcher only. |
|
| 15 |
*/ |
|
| 16 |
|
|
| 17 |
// Must include code to stop this file being access directly |
|
| 18 |
if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
|
|
| 19 |
|
|
| 20 |
/* ***************************************************************************** |
|
| 21 |
* Show groupslist with delete-/ modify-button |
|
| 22 |
* @access public |
|
| 23 |
* @param object $admin: admin-object |
|
| 24 |
* @return string: parsed HTML-content |
|
| 25 |
*/ |
|
| 26 |
function show_grouplist($admin) |
|
| 27 |
{
|
|
| 28 |
// global $TEXT, $MESSAGE, $MENU, $HEADING; |
|
| 29 |
$database = WbDatabase::getInstance(); |
|
| 30 |
$mLang = ModLanguage::getInstance(); |
|
| 31 |
// Create new template object for the modify/remove section |
|
| 32 |
$tpl = new Template(dirname($admin->correct_theme_source('groups_list.htt')),'keep');
|
|
| 33 |
$tpl->set_file('page', 'groups_list.htt');
|
|
| 34 |
$tpl->set_block('page', 'main_block', 'main');
|
|
| 35 |
|
|
| 36 |
$tpl->set_var('ACTION_URL', $_SERVER['SCRIPT_NAME']);
|
|
| 37 |
$tpl->set_var('FTAN', $admin->getFTAN());
|
|
| 38 |
|
|
| 39 |
// -- if permission then activate link 'manage users' |
|
| 40 |
$tpl->set_block('main_block', 'show_cmd_manage_users_block', 'show_cmd_manage_users');
|
|
| 41 |
if($admin->get_permission('users') == true)
|
|
| 42 |
{
|
|
| 43 |
$tpl->set_var('TEXT_MANAGE_USERS', $mLang->TEXT_MANAGE_USERS);
|
|
| 44 |
$tpl->set_var('LINK_MANAGE_USERS', ADMIN_URL.'/users/index'.PAGE_EXTENSION);
|
|
| 45 |
$tpl->parse('show_cmd_manage_users', 'show_cmd_manage_users_block', true);
|
|
| 46 |
}else { // switch off cmd_manage_groups_block
|
|
| 47 |
$tpl->parse('show_cmd_manage_users', '');
|
|
| 48 |
} |
|
| 49 |
|
|
| 50 |
$tpl->set_block('main_block', 'show_cmd_group_list_block', 'show_cmd_group_list');
|
|
| 51 |
if( $admin->get_permission('groups_view') == true )
|
|
| 52 |
{
|
|
| 53 |
$tpl->set_var('CONTENT_HEADER', $mLang->HEADING_VIEW_GROUPS);
|
|
| 54 |
if( ($admin->get_permission('groups_modify') == true) )
|
|
| 55 |
{
|
|
| 56 |
$tpl->set_var('CONTENT_HEADER', $mLang->HEADING_MODIFY_DELETE_GROUP);
|
|
| 57 |
} |
|
| 58 |
} |
|
| 59 |
|
|
| 60 |
$tpl->set_var('FORM_NAME_GROUPLIST', 'frm_group_list');
|
|
| 61 |
|
|
| 62 |
// -- build grouplist from database |
|
| 63 |
$tpl->set_block('show_cmd_group_list_block', 'grouplist_block', 'grouplist');
|
|
| 64 |
// Insert first value to say please select |
|
| 65 |
// $tpl->set_var('GROUP_ID', $admin->getIDKEY(0));
|
|
| 66 |
$tpl->set_var('GROUP_ID', 0);
|
|
| 67 |
$tpl->set_var('GROUP_NAME', '');
|
|
| 68 |
$tpl->set_var('GROUP_DISPLAY_NAME', $mLang->TEXT_PLEASE_SELECT.'...');
|
|
| 69 |
$tpl->set_var('CSS_GROUP_DELETED', '');
|
|
| 70 |
|
|
| 71 |
$tpl->parse('grouplist', 'grouplist_block', true);
|
|
| 72 |
$sql = 'SELECT `group_id`, `name` '; |
|
| 73 |
$sql .= 'FROM `'.TABLE_PREFIX.'groups` '; |
|
| 74 |
$sql .= 'WHERE `group_id` > 1 ORDER BY `name` '; |
|
| 75 |
if( ($res_groups = $database->query($sql)) != false ) |
|
| 76 |
{
|
|
| 77 |
while($rec_group = $res_groups->fetchRow(MYSQL_ASSOC)) |
|
| 78 |
{
|
|
| 79 |
// $tpl->set_var('GROUP_ID', $admin->getIDKEY($rec_group['group_id']));
|
|
| 80 |
$tpl->set_var('GROUP_ID', $rec_group['group_id']);
|
|
| 81 |
$tpl->set_var('GROUP_NAME', $rec_group['name']);
|
|
| 82 |
$tpl->set_var('GROUP_DISPLAY_NAME', $rec_group['name']);
|
|
| 83 |
$tpl->parse('grouplist', 'grouplist_block', true);
|
|
| 84 |
} |
|
| 85 |
} |
|
| 86 |
|
|
| 87 |
$sPermission = 'none'; |
|
| 88 |
$sPermission = $admin->get_permission('groups_view') ? 'permView' : $sPermission;
|
|
| 89 |
$sPermission = $admin->get_permission('groups_add') ? 'permAdd' : $sPermission;
|
|
| 90 |
$sPermission = $admin->get_permission('groups_modify') ? 'permModify' : $sPermission;
|
|
| 91 |
|
|
| 92 |
// if( ($admin->get_permission('groups_modify') == false) && ($admin->get_permission('groups_delete') == false) )
|
|
| 93 |
if( ($admin->get_permission('groups') == false) )
|
|
| 94 |
{
|
|
| 95 |
$tpl->parse('show_cmd_group_list', '');
|
|
| 96 |
} else {
|
|
| 97 |
$tpl->parse('show_cmd_group_list', 'show_cmd_group_list_block', true);
|
|
| 98 |
// -- if permission then activate button 'modify groups' |
|
| 99 |
$tpl->set_block('show_cmd_group_list', 'show_cmd_modify_group_block', 'show_cmd_modify_group');
|
|
| 100 |
if( $admin->get_permission('groups') == true )
|
|
| 101 |
{
|
|
| 102 |
$tpl->parse('show_cmd_modify_group', 'show_cmd_modify_group_block', true);
|
|
| 103 |
}else {
|
|
| 104 |
$tpl->parse('show_cmd_modify_group', '');
|
|
| 105 |
} |
|
| 106 |
// -- if permission then activate button 'delete groups' |
|
| 107 |
$tpl->set_block('show_cmd_group_list', 'show_cmd_delete_group_block', 'show_cmd_delete_group');
|
|
| 108 |
if($admin->get_permission('groups_delete') == true)
|
|
| 109 |
{
|
|
| 110 |
$tpl->parse('show_cmd_delete_group', 'show_cmd_delete_group_block', true);
|
|
| 111 |
}else {
|
|
| 112 |
$tpl->parse('show_cmd_delete_group', '');
|
|
| 113 |
} |
|
| 114 |
|
|
| 115 |
} |
|
| 116 |
|
|
| 117 |
$tpl->set_block('main_block', 'show_cmd_add_input_block', 'show_cmd_add_input');
|
|
| 118 |
if($admin->get_permission('groups_add') )
|
|
| 119 |
{
|
|
| 120 |
$tpl->set_var('DISPLAY_ADD', '');
|
|
| 121 |
$tpl->set_var('GROUP_ACTION_URL', $_SERVER['SCRIPT_NAME']);
|
|
| 122 |
$tpl->set_var('GROUPS_HEADER', $mLang->HEADING_ADD_GROUP );
|
|
| 123 |
$tpl->set_var('SUBMIT_TITLE', $mLang->TEXT_ADD);
|
|
| 124 |
$tpl->set_var('ACTION_HANDLE', 'action_modify');
|
|
| 125 |
$tpl->set_var('ACTION_HIDDEN', 'action_add');
|
|
| 126 |
$tpl->set_var('FORM_NAME_GROUPMASK', 'frm_addnew_group');
|
|
| 127 |
$tpl->parse('show_cmd_add_input', 'show_cmd_add_input_block', false);
|
|
| 128 |
} else {
|
|
| 129 |
$tpl->parse('show_cmd_add_input', '');
|
|
| 130 |
} |
|
| 131 |
|
|
| 132 |
// insert urls |
|
| 133 |
$tpl->set_var(array( |
|
| 134 |
'ADMIN_URL' => ADMIN_URL, |
|
| 135 |
'WB_URL' => WB_URL, |
|
| 136 |
'THEME_URL' => THEME_URL |
|
| 137 |
) |
|
| 138 |
); |
|
| 139 |
// Insert language text and messages |
|
| 140 |
$tpl->set_var(array( |
|
| 141 |
'TEXT_MODIFY' => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_MODIFY : $mLang->TEXT_VIEW,
|
|
| 142 |
'TEXT_DELETE' => $mLang->TEXT_DELETE, |
|
| 143 |
'CONFIRM_DELETE' => $mLang->MESSAGE_GROUPS_CONFIRM_DELETE |
|
| 144 |
)); |
|
| 145 |
|
|
| 146 |
// Parse template object |
|
| 147 |
$tpl->parse('main', 'main_block', false);
|
|
| 148 |
$output = $tpl->finish($tpl->parse('output', 'page'));
|
|
| 149 |
unset($tpl); |
|
| 150 |
return $output; |
|
| 151 |
} |
|
| 0 | 152 | |
| branches/2.8.x/wb/admin/groups/groups_mask.inc.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* @category admin |
|
| 4 |
* @package groups |
|
| 5 |
* @author WebsiteBaker Project. Independend-Software-Team |
|
| 6 |
* @copyright 2009-2012, WebsiteBaker Org. e.V. |
|
| 7 |
* @link http://www.websitebaker2.org/ |
|
| 8 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 9 |
* @platform WebsiteBaker 2.8.x |
|
| 10 |
* @requirements PHP 5.2.2 and higher |
|
| 11 |
* @version $Id$ |
|
| 12 |
* @filesource $HeadURL$ |
|
| 13 |
* @lastmodified $Date$ |
|
| 14 |
* @description all basic actions of this module, called by dispatcher only. |
|
| 15 |
*/ |
|
| 16 |
|
|
| 17 |
/* -------------------------------------------------------- */ |
|
| 18 |
// Must include code to stop this file being accessed directly |
|
| 19 |
if(defined('WB_PATH') == false)
|
|
| 20 |
{
|
|
| 21 |
// Stop this file being access directly |
|
| 22 |
die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
|
|
| 23 |
} |
|
| 24 |
/* -------------------------------------------------------- */ |
|
| 25 |
|
|
| 26 |
/* |
|
| 27 |
print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />'; |
|
| 28 |
print_r( $_POST ); print '</pre>'; // flush ();sleep(10); die(); |
|
| 29 |
*/ |
|
| 30 |
|
|
| 31 |
/* ***************************************************************************** |
|
| 32 |
* Show groupsmask to edit group |
|
| 33 |
* @access public |
|
| 34 |
* @param object $admin: admin-object |
|
| 35 |
* @param int $user_id: ID from group to modify or 0 for a new group |
|
| 36 |
* @return string: parsed HTML-content |
|
| 37 |
*/ |
|
| 38 |
function show_groupmask($admin, $group_id = 0) |
|
| 39 |
{
|
|
| 40 |
// global $TEXT, $MESSAGE, $HEADING, $MENU; |
|
| 41 |
|
|
| 42 |
$database = WbDatabase::getInstance(); |
|
| 43 |
$mLang = ModLanguage::getInstance(); |
|
| 44 |
// $mLang->setLanguage(dirname(__FILE__).'/languages/', LANGUAGE, DEFAULT_LANGUAGE); |
|
| 45 |
include_once('upgradePermissions.php');
|
|
| 46 |
include_once(WB_PATH.'/framework/functions.php'); |
|
| 47 |
// Create new template object for the modify/remove menu |
|
| 48 |
$tpl = new Template(dirname($admin->correct_theme_source('groups_form.htt')),'keep');
|
|
| 49 |
$tpl->set_file('page', 'groups_form.htt');
|
|
| 50 |
$tpl->debug = false; // false, true |
|
| 51 |
|
|
| 52 |
$tpl->set_block('page', 'main_block', 'main');
|
|
| 53 |
$tpl->set_block('main_block', 'show_cmd_permission_block', 'show_cmd_permission');
|
|
| 54 |
$tpl->set_var('FTAN', $admin->getFTAN());
|
|
| 55 |
$rec_group = array(); |
|
| 56 |
// admin settings |
|
| 57 |
// $system_settings = getSystemDefaultPermissions(); |
|
| 58 |
// $aSystemDefaultSettings = getSystemDefaultPermissions(); |
|
| 59 |
if( $group_id > 1 ) // load groupdata from db |
|
| 60 |
{
|
|
| 61 |
// only read the first time from db to set checkboxes |
|
| 62 |
if( $admin->get_post('frm_modify_group') == null )
|
|
| 63 |
{
|
|
| 64 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'groups` '; |
|
| 65 |
$sql .= 'WHERE `group_id` = '.(int)$group_id; |
|
| 66 |
// $group_id = 0; // reset to 0 if error occures |
|
| 67 |
if( ($res_group = $database->query($sql)) != false ) |
|
| 68 |
{
|
|
| 69 |
if( ($rec_group = $res_group->fetchRow(MYSQL_ASSOC)) != false ) |
|
| 70 |
{
|
|
| 71 |
$group_id = $rec_group['group_id']; |
|
| 72 |
// Explode system permissions |
|
| 73 |
$system_permissions = $rec_group['system_permissions']; |
|
| 74 |
// Explode module permissions |
|
| 75 |
$module_permissions = explode(',', $rec_group['module_permissions']);
|
|
| 76 |
// Explode template permissions |
|
| 77 |
$template_permissions = explode(',', $rec_group['template_permissions']);
|
|
| 78 |
} |
|
| 79 |
} |
|
| 80 |
|
|
| 81 |
$tpl->set_var(array( |
|
| 82 |
'SUBMIT_TITLE' => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
|
|
| 83 |
'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
|
|
| 84 |
'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
|
|
| 85 |
'GROUP_ID' => $rec_group['group_id'], |
|
| 86 |
'GROUP_NAME' => $rec_group['name'], |
|
| 87 |
'FORM_NAME_GROUPMASK' => 'frm_modify_group', |
|
| 88 |
)); |
|
| 89 |
} else {
|
|
| 90 |
// set changed checkboxes and prepare db data |
|
| 91 |
$module_permissions = set_module_permissions($admin); |
|
| 92 |
$template_permissions = set_template_permissions($admin); |
|
| 93 |
$rec_group['group_id'] = $group_id; |
|
| 94 |
$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
|
|
| 95 |
$rec_group['module_permissions'] = convertArrayToString($module_permissions); |
|
| 96 |
$rec_group['template_permissions'] = convertArrayToString($template_permissions); |
|
| 97 |
|
|
| 98 |
$tpl->set_var(array( |
|
| 99 |
'SUBMIT_TITLE' => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
|
|
| 100 |
'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
|
|
| 101 |
'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
|
|
| 102 |
'TEXT_GROUPS_NAME' => $mLang->TEXT_GROUP.': ', |
|
| 103 |
'FORM_NAME_GROUPMASK' => 'frm_modify_group', |
|
| 104 |
// 'GROUPNAME_DISABLED' => ' readonly="readonly"', |
|
| 105 |
// 'GROUPNAME_INPUT_DISABLED' => ' input_text_disabled no_input' |
|
| 106 |
'GROUP_NAME' => $rec_group['name'], |
|
| 107 |
'GROUPNAME_DISABLED' => '', |
|
| 108 |
'GROUPNAME_INPUT_DISABLED' => '' |
|
| 109 |
)); |
|
| 110 |
} |
|
| 111 |
} else {
|
|
| 112 |
// set default no rights |
|
| 113 |
$system_permissions = array('preferences' => 1,'preferences_view' => 1);
|
|
| 114 |
// $system_permissions = array(); |
|
| 115 |
// $system_permissions = isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $system_permissions; |
|
| 116 |
$module_permissions = array(); |
|
| 117 |
$template_permissions = array(); |
|
| 118 |
// create a empty group-record with permissions masks and advanced button handle |
|
| 119 |
// check for existing groupname and junp to start handling, do the same in save |
|
| 120 |
// set changed checkboxes and prepare db data |
|
| 121 |
$module_permissions = set_module_permissions($admin); |
|
| 122 |
$template_permissions = set_template_permissions($admin); |
|
| 123 |
$rec_group['group_id'] = intval($admin->get_post('group_id'));
|
|
| 124 |
$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
|
|
| 125 |
$rec_group['module_permissions'] = $module_permissions; |
|
| 126 |
$rec_group['template_permissions'] = $template_permissions; |
|
| 127 |
|
|
| 128 |
$tpl->set_var(array( |
|
| 129 |
'SUBMIT_TITLE' => ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_ADD : $mLang->TEXT_BACK,
|
|
| 130 |
'ACTION_HANDLE' => ($admin->get_permission('groups_add') == true) ? 'action_save' : 'action_cancel',
|
|
| 131 |
'ACTION_HIDDEN' => ($admin->get_permission('groups_add') == true) ? 'action_modify' : 'action_cancel',
|
|
| 132 |
'TEXT_GROUPS_NAME' => '', |
|
| 133 |
'GROUP_NAME' => $rec_group['name'], |
|
| 134 |
'FORM_NAME_GROUPMASK' => 'frm_addnew_group', |
|
| 135 |
'GROUPNAME_DISABLED' => '', |
|
| 136 |
'GROUPNAME_INPUT_DISABLED' => '' |
|
| 137 |
)); |
|
| 138 |
// $group_id = $rec_group['group_id']; |
|
| 139 |
} |
|
| 140 |
// set changed checkboxes and prepare db data |
|
| 141 |
if( isset($_POST['system_permissions']) ) |
|
| 142 |
{
|
|
| 143 |
$system_permissions = get_system_permissions($admin,$_POST['system_permissions'] ); |
|
| 144 |
$rec_group['system_permissions'] = set_system_permissions($_POST['system_permissions']); |
|
| 145 |
} else {
|
|
| 146 |
$system_permissions = get_system_permissions($admin,$system_permissions); |
|
| 147 |
$rec_group['system_permissions'] = set_system_permissions($system_permissions); |
|
| 148 |
} |
|
| 149 |
//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />'; |
|
| 150 |
//print_r( $rec_group['system_permissions'] ); print '</pre>'; |
|
| 151 |
$tpl->set_var(array( |
|
| 152 |
'GROUP_ID' => $rec_group['group_id'], |
|
| 153 |
'GROUP_NAME' => $rec_group['name'], |
|
| 154 |
'DISPLAY_ADD' => '', |
|
| 155 |
)); |
|
| 156 |
$tpl->parse('show_cmd_permission', 'show_cmd_permission_block', true);
|
|
| 157 |
// if the requested group doesn't exist, or $group_id contains 0 so it |
|
| 158 |
// will be shown a empty mask to add a new group |
|
| 159 |
// otherwise the $rec_group object contains existing data from requested group |
|
| 160 |
// $tpl->set_var('GROUP_ID', $group_id != 0 ? $admin->getIDKEY($group_id) : 0);
|
|
| 161 |
$tpl->set_var('GROUP_ACTION_URL', $_SERVER['SCRIPT_NAME']);
|
|
| 162 |
$header_extra = $mLang->TEXT_FILESYSTEM_PERMISSIONS.' '; |
|
| 163 |
if( ($admin->get_permission('groups_view') == true) )
|
|
| 164 |
{
|
|
| 165 |
$tpl->set_var('GROUPS_HEADER', $header_extra.$mLang->HEADING_VIEW_GROUP );
|
|
| 166 |
if( ($admin->get_permission('groups_modify') == true) )
|
|
| 167 |
{
|
|
| 168 |
$tpl->set_var('GROUPS_HEADER', ($group_id == 0 ? $header_extra.$mLang->HEADING_ADD_GROUP : $header_extra.$mLang->HEADING_MODIFY_GROUP) );
|
|
| 169 |
} |
|
| 170 |
} |
|
| 171 |
|
|
| 172 |
// Insert language text and messages |
|
| 173 |
$tpl->set_var('MODULE_FUNCTION', '');
|
|
| 174 |
$tpl->set_var($mLang->getLangArray()); |
|
| 175 |
|
|
| 176 |
// ------------------------ |
|
| 177 |
// Tell the browser whether or not to show advanced options |
|
| 178 |
$tpl->set_block('show_cmd_permission', 'show_cmd_manage_permission_block', 'permission_block');
|
|
| 179 |
// $tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
|
|
| 180 |
$tpl->set_block('show_cmd_permission', 'show_cmd_advanced_permission_block', 'advanced_permission_block');
|
|
| 181 |
// first set the var {hidden_permission_list} to empty
|
|
| 182 |
// $tpl->parse('hidden_permission_list', '');
|
|
| 183 |
// Check and set system permissions boxes in main_block |
|
| 184 |
|
|
| 185 |
if ( true == (isset( $_POST['advanced_action']) && (( $_POST['advanced_action'] == 'no') || strpos( $_POST['advanced_action'], ">>") > 0 ) ) ) |
|
| 186 |
{
|
|
| 187 |
$tpl->parse('hidden_permission_list', '');
|
|
| 188 |
$tpl->set_block('show_cmd_advanced_permission_block', 'show_cmd_hidden_advanced_permission_list_block', 'hidden_advanced_permission_list');
|
|
| 189 |
setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] ); |
|
| 190 |
$tpl->set_var('DISPLAY_ADVANCED', '');
|
|
| 191 |
$tpl->set_var('DISPLAY_BASIC', 'display:none;');
|
|
| 192 |
$tpl->set_var('ADVANCED', 'yes');
|
|
| 193 |
$tpl->set_var('ADVANCED_ACTION', 'advance_action');
|
|
| 194 |
$tpl->set_var('ADVANCED_BUTTON', ($admin->get_permission('groups') == true) ? '<< '.$mLang->TEXT_HIDE_ADVANCED : '<< '.$mLang->TEXT_HIDE_ADVANCED);
|
|
| 195 |
$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS);
|
|
| 196 |
|
|
| 197 |
$tpl->parse('advanced_permission_block', 'show_cmd_advanced_permission_block', true);
|
|
| 198 |
$tpl->parse('permission_block', '');
|
|
| 199 |
} else {
|
|
| 200 |
$tpl->parse('hidden_advanced_permission_list', '');
|
|
| 201 |
$tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
|
|
| 202 |
setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] ); |
|
| 203 |
$tpl->set_var('DISPLAY_ADVANCED', '');
|
|
| 204 |
$tpl->set_var('DISPLAY_BASIC', '');
|
|
| 205 |
$tpl->set_var('ADVANCED', 'no');
|
|
| 206 |
$tpl->set_var('ADVANCED_ACTION', 'advance_action');
|
|
| 207 |
$tpl->set_var('ADVANCED_BUTTON', ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_SHOW_ADVANCED.' >>' : $mLang->TEXT_SHOW_ADVANCED.' >>');
|
|
| 208 |
$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS.' ');
|
|
| 209 |
|
|
| 210 |
$tpl->parse('advanced_permission_block', '');
|
|
| 211 |
$tpl->parse('permission_block', 'show_cmd_manage_permission_block', true);
|
|
| 212 |
} |
|
| 213 |
|
|
| 214 |
// ------------------------ |
|
| 215 |
|
|
| 216 |
$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
|
|
| 217 |
// Insert values into pages module list |
|
| 218 |
$tpl->set_block('show_cmd_permission', 'pages_module_list_block', 'module_list');
|
|
| 219 |
$sql = 'SELECT `directory`,`name`,`function` FROM `'.TABLE_PREFIX.'addons` '; |
|
| 220 |
$sql .= 'WHERE `type` = \'module\' AND `function` <> \'tool\' '; |
|
| 221 |
$sql .= ''; |
|
| 222 |
$sql .= 'ORDER BY `function`, `name`'; |
|
| 223 |
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) ) |
|
| 224 |
{
|
|
| 225 |
$tmp_header = ''; |
|
| 226 |
while($addon = $res_pages->fetchRow(MYSQL_ASSOC)) |
|
| 227 |
{
|
|
| 228 |
if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php')) |
|
| 229 |
{
|
|
| 230 |
if( $tmp_header != $addon['function']) |
|
| 231 |
{
|
|
| 232 |
$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
| 233 |
} else {
|
|
| 234 |
$tpl->set_var('MODULE_FUNCTION', '');
|
|
| 235 |
} |
|
| 236 |
|
|
| 237 |
$tpl->set_var('MOD_VALUE', $addon['directory']);
|
|
| 238 |
$tpl->set_var('MOD_NAME', $addon['name']);
|
|
| 239 |
if(!is_numeric(array_search($addon['directory'], $module_permissions)) ) |
|
| 240 |
{
|
|
| 241 |
$tpl->set_var('MOD_CHECKED', ' checked="checked"');
|
|
| 242 |
} else {
|
|
| 243 |
$tpl->set_var('MOD_CHECKED', '');
|
|
| 244 |
} |
|
| 245 |
$tpl->parse('module_list', 'pages_module_list_block', true);
|
|
| 246 |
} |
|
| 247 |
$tmp_header = $addon['function']; |
|
| 248 |
} |
|
| 249 |
} |
|
| 250 |
|
|
| 251 |
$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
|
|
| 252 |
// Insert values into pages module list |
|
| 253 |
$tpl->set_block('show_cmd_permission', 'tools_module_list_block', 'tools_list');
|
|
| 254 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'addons` '; |
|
| 255 |
$sql .= 'WHERE `type` = \'module\' AND `function` = \'tool\' '; |
|
| 256 |
$sql .= 'ORDER BY `name`'; |
|
| 257 |
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) ) |
|
| 258 |
{
|
|
| 259 |
$tmp_header = ''; |
|
| 260 |
while($addon = $res_pages->fetchRow(MYSQL_ASSOC)) |
|
| 261 |
{
|
|
| 262 |
if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php')) |
|
| 263 |
{
|
|
| 264 |
if( $tmp_header != $addon['function']) |
|
| 265 |
{
|
|
| 266 |
$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
| 267 |
} else {
|
|
| 268 |
$tpl->set_var('MODULE_FUNCTION', '');
|
|
| 269 |
} |
|
| 270 |
$tpl->set_var('ADM_VALUE', $addon['directory']);
|
|
| 271 |
$tpl->set_var('ADM_NAME', $addon['name']);
|
|
| 272 |
if(!is_numeric(array_search($addon['directory'], $module_permissions)) ) |
|
| 273 |
{
|
|
| 274 |
$tpl->set_var('ADM_CHECKED', ' checked="checked"');
|
|
| 275 |
} else {
|
|
| 276 |
$tpl->set_var('ADM_CHECKED', '');
|
|
| 277 |
} |
|
| 278 |
|
|
| 279 |
$tpl->parse('tools_list', 'tools_module_list_block', true);
|
|
| 280 |
} |
|
| 281 |
$tmp_header = $addon['function']; |
|
| 282 |
} |
|
| 283 |
} |
|
| 284 |
$tpl->set_var('HEADER_TEMPLATE_FUNCTION', '<h6>'.$mLang->TEXT_TEMPLATE_PERMISSIONS.'</h6>');
|
|
| 285 |
// Insert values into pages module list |
|
| 286 |
$tpl->set_block('show_cmd_permission', 'template_list_block', 'template_list');
|
|
| 287 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'addons` '; |
|
| 288 |
$sql .= 'WHERE `type` = \'template\' '; |
|
| 289 |
$sql .= 'ORDER BY `function`,`name`'; |
|
| 290 |
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) ) |
|
| 291 |
{
|
|
| 292 |
$tmp_header = ''; |
|
| 293 |
while($addon = $res_pages->fetchRow(MYSQL_ASSOC)) |
|
| 294 |
{
|
|
| 295 |
if(file_exists(WB_PATH.'/templates/'.$addon['directory'].'/info.php')) |
|
| 296 |
{
|
|
| 297 |
if( $tmp_header != $addon['function']) |
|
| 298 |
{
|
|
| 299 |
$tpl->set_var('TEMPLATE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
| 300 |
} else {
|
|
| 301 |
$tpl->set_var('TEMPLATE_FUNCTION', '');
|
|
| 302 |
} |
|
| 303 |
$tpl->set_var('TMP_VALUE', $addon['directory']);
|
|
| 304 |
$tpl->set_var('TMP_NAME', $addon['name']);
|
|
| 305 |
if(!is_numeric(array_search($addon['directory'], $template_permissions)) ) |
|
| 306 |
{
|
|
| 307 |
$tpl->set_var('TMP_CHECKED', ' checked="checked"');
|
|
| 308 |
} else {
|
|
| 309 |
$tpl->set_var('TMP_CHECKED', '');
|
|
| 310 |
} |
|
| 311 |
|
|
| 312 |
$tpl->parse('template_list', 'template_list_block', true);
|
|
| 313 |
} |
|
| 314 |
$tmp_header = $addon['function']; |
|
| 315 |
} |
|
| 316 |
} |
|
| 317 |
|
|
| 318 |
// ------------------------ |
|
| 319 |
// Parse template object |
|
| 320 |
$tpl->parse('main', 'main_block', false);
|
|
| 321 |
$output = $tpl->finish($tpl->parse('output', 'page'));
|
|
| 322 |
unset($tpl); |
|
| 323 |
return $output; |
|
| 324 |
} |
|
| 0 | 325 | |
| branches/2.8.x/wb/admin/groups/upgradePermissions.php | ||
|---|---|---|
| 1 |
<?php |
|
| 2 |
/** |
|
| 3 |
* |
|
| 4 |
* @category admin |
|
| 5 |
* @package start |
|
| 6 |
* @author Ryan Djurovich, WebsiteBaker Project |
|
| 7 |
* @copyright 2009-2012, WebsiteBaker Org. e.V. |
|
| 8 |
* @link http://www.websitebaker2.org/ |
|
| 9 |
* @license http://www.gnu.org/licenses/gpl.html |
|
| 10 |
* @platform WebsiteBaker 2.8.x |
|
| 11 |
* @requirements PHP 5.2.2 and higher |
|
| 12 |
* @version $Id$ |
|
| 13 |
* @filesource $HeadURL$ |
|
| 14 |
* @lastmodified $Date$ |
|
| 15 |
* |
|
| 16 |
*/ |
|
| 17 |
|
|
| 18 |
/* -------------------------------------------------------- */ |
|
| 19 |
// Must include code to stop this file being accessed directly |
|
| 20 |
if(defined('WB_PATH') == false)
|
|
| 21 |
{
|
|
| 22 |
// Stop this file being access directly |
|
| 23 |
die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
|
|
| 24 |
} |
|
| 25 |
/* -------------------------------------------------------- */ |
|
| 26 |
|
|
| 27 |
|
|
Also available in: Unified diff
! update folder admin/groups, admin/users, admin/skel/htt