|
1
|
<?php
|
|
2
|
/**
|
|
3
|
*
|
|
4
|
* @category admin
|
|
5
|
* @package start
|
|
6
|
* @author Ryan Djurovich, WebsiteBaker Project
|
|
7
|
* @copyright 2009-2012, WebsiteBaker Org. e.V.
|
|
8
|
* @link http://www.websitebaker2.org/
|
|
9
|
* @license http://www.gnu.org/licenses/gpl.html
|
|
10
|
* @platform WebsiteBaker 2.8.x
|
|
11
|
* @requirements PHP 5.2.2 and higher
|
|
12
|
* @version $Id: upgradePermissions.php 1710 2012-08-29 11:50:26Z Luisehahne $
|
|
13
|
* @filesource $HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/groups/upgradePermissions.php $
|
|
14
|
* @lastmodified $Date: 2012-08-29 13:50:26 +0200 (Wed, 29 Aug 2012) $
|
|
15
|
*
|
|
16
|
*/
|
|
17
|
|
|
18
|
/* -------------------------------------------------------- */
|
|
19
|
// Must include code to stop this file being accessed directly
|
|
20
|
if(defined('WB_PATH') == false)
|
|
21
|
{
|
|
22
|
// Stop this file being access directly
|
|
23
|
die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
|
|
24
|
}
|
|
25
|
/* -------------------------------------------------------- */
|
|
26
|
|
|
27
|
|
|
28
|
/**
|
|
29
|
*
|
|
30
|
*
|
|
31
|
* @access public getSystemDefaultPermissions()
|
|
32
|
* @param none
|
|
33
|
* @return array System Default Permissions
|
|
34
|
*
|
|
35
|
*/
|
|
36
|
function getSystemDefaultPermissions ()
|
|
37
|
{
|
|
38
|
$retVal = array(
|
|
39
|
'access' => 0,
|
|
40
|
'addons' => 0,
|
|
41
|
'admintools' => 0,
|
|
42
|
'admintools_view' => 0,
|
|
43
|
'groups' => 0,
|
|
44
|
'groups_add' => 0,
|
|
45
|
'groups_delete' => 0,
|
|
46
|
'groups_modify' => 0,
|
|
47
|
'groups_view' => 0,
|
|
48
|
'languages' => 0,
|
|
49
|
'languages_install' => 0,
|
|
50
|
'languages_uninstall' => 0,
|
|
51
|
'languages_view' => 0,
|
|
52
|
'media' => 0,
|
|
53
|
'media_create' => 0,
|
|
54
|
'media_delete' => 0,
|
|
55
|
'media_rename' => 0,
|
|
56
|
'media_upload' => 0,
|
|
57
|
'media_view' => 0,
|
|
58
|
'modules' => 0,
|
|
59
|
'modules_install' => 0,
|
|
60
|
'modules_uninstall' => 0,
|
|
61
|
'modules_view' => 0,
|
|
62
|
'pages' => 0,
|
|
63
|
'pages_add' => 0,
|
|
64
|
'pages_add_l0' => 0,
|
|
65
|
'pages_delete' => 0,
|
|
66
|
'pages_intro' => 0,
|
|
67
|
'pages_modify' => 0,
|
|
68
|
'pages_settings' => 0,
|
|
69
|
'pages_view' => 0,
|
|
70
|
'preferences' => 1,
|
|
71
|
'preferences_view' => 1,
|
|
72
|
'settings' => 0,
|
|
73
|
'settings_basic' => 0,
|
|
74
|
'settings_advanced' => 0,
|
|
75
|
'settings_view' => 0,
|
|
76
|
'templates' => 0,
|
|
77
|
'templates_install' => 0,
|
|
78
|
'templates_uninstall' => 0,
|
|
79
|
'templates_view' => 0,
|
|
80
|
'users' => 0,
|
|
81
|
'users_add' => 0,
|
|
82
|
'users_delete' => 0,
|
|
83
|
'users_modify' => 0,
|
|
84
|
'users_view' => 0
|
|
85
|
);
|
|
86
|
return $retVal;
|
|
87
|
}
|
|
88
|
|
|
89
|
/* *****************************************************************************
|
|
90
|
* Prepare $module_permissions for workout
|
|
91
|
* @access public
|
|
92
|
* @param object $admin: admin-object
|
|
93
|
* @return array:
|
|
94
|
*/
|
|
95
|
function set_module_permissions ($admin)
|
|
96
|
{
|
|
97
|
// Get template permissions
|
|
98
|
$modules = array('');
|
|
99
|
$dirs = scan_current_dir(WB_PATH.'/modules');
|
|
100
|
|
|
101
|
if(is_array($admin->get_post('module_permissions')))
|
|
102
|
{
|
|
103
|
$modules = $admin->get_post('module_permissions');
|
|
104
|
}
|
|
105
|
// foldername validation
|
|
106
|
array_walk($dirs['path'],'check_dir' );
|
|
107
|
// delete empty items
|
|
108
|
foreach($dirs['path'] AS $key=>$val) {
|
|
109
|
if(empty($dirs['path'][$key])) { unset($dirs['path'][$key]); }
|
|
110
|
}
|
|
111
|
// list of unckecked modules directories
|
|
112
|
$modules = array_diff ( $dirs['path'], $modules );
|
|
113
|
// reindex
|
|
114
|
$modules = array_merge($modules);
|
|
115
|
return $modules;
|
|
116
|
}
|
|
117
|
|
|
118
|
/* *****************************************************************************
|
|
119
|
* Prepare $template_permissions for workout
|
|
120
|
* @access public
|
|
121
|
* @param object $admin: admin-object
|
|
122
|
* @return array:
|
|
123
|
*/
|
|
124
|
function set_template_permissions ($admin)
|
|
125
|
{
|
|
126
|
// Get template permissions
|
|
127
|
$templates = array();
|
|
128
|
$dirs = scan_current_dir(WB_PATH.'/templates');
|
|
129
|
if(is_array($admin->get_post('template_permissions')))
|
|
130
|
{
|
|
131
|
foreach($admin->get_post('template_permissions') AS $selected_name)
|
|
132
|
{
|
|
133
|
if( file_exists( WB_PATH.'/templates/'.$selected_name.'/info.php') && in_array ($selected_name, $dirs['path']) )
|
|
134
|
{
|
|
135
|
$templates[] = $selected_name;
|
|
136
|
}
|
|
137
|
}
|
|
138
|
}
|
|
139
|
$templates = (sizeof($templates) > 0) ? array_diff($dirs['path'], $templates) : $dirs['path'];
|
|
140
|
// return $template_permissions = implode(',', $templates);
|
|
141
|
return $templates;
|
|
142
|
}
|
|
143
|
|
|
144
|
/* *****************************************************************************
|
|
145
|
* Prepare $system_permissions for save
|
|
146
|
* @access public
|
|
147
|
* @param
|
|
148
|
* @return string: parsed HTML-content
|
|
149
|
*/
|
|
150
|
function set_system_permissions ($system_permissions = array())
|
|
151
|
{
|
|
152
|
// Implode system permissions
|
|
153
|
$imploded_system_permissions = '';
|
|
154
|
$system_permissions = !is_array($system_permissions) ? array() : $system_permissions;
|
|
155
|
foreach($system_permissions AS $key => $value)
|
|
156
|
{
|
|
157
|
if($value == true)
|
|
158
|
{
|
|
159
|
if($imploded_system_permissions == '')
|
|
160
|
{
|
|
161
|
$imploded_system_permissions = $key;
|
|
162
|
} else {
|
|
163
|
$imploded_system_permissions .= ','.$key;
|
|
164
|
}
|
|
165
|
}
|
|
166
|
}
|
|
167
|
return $imploded_system_permissions;
|
|
168
|
}
|
|
169
|
|
|
170
|
/* *****************************************************************************
|
|
171
|
* array_walk callback functions
|
|
172
|
*/
|
|
173
|
|
|
174
|
if(!function_exists('check_dir'))
|
|
175
|
{
|
|
176
|
function check_dir(&$val, $key ) {
|
|
177
|
$RetVal = null;
|
|
178
|
$aArray[$key] = $val;
|
|
179
|
$RetVal = array_slice ($aArray,!preg_match('/^[a-z]{1}[a-z][a-z_\-0-9]{2,}$/i', $val ));
|
|
180
|
$RetVal = each ($RetVal);
|
|
181
|
$val = $RetVal['value'];
|
|
182
|
}
|
|
183
|
}
|
|
184
|
|
|
185
|
|
|
186
|
if(!function_exists('remove_underline')){
|
|
187
|
function remove_underline(& $val, $key, $vars = array())
|
|
188
|
{
|
|
189
|
$val = rtrim($val, ',');
|
|
190
|
$vars = explode ( '_', $val);
|
|
191
|
$val = $vars[0];
|
|
192
|
}
|
|
193
|
}
|
|
194
|
|
|
195
|
if(!function_exists('addons')){
|
|
196
|
function addons(& $val, $key, $vars = '')
|
|
197
|
{
|
|
198
|
$val = rtrim($val, '_');
|
|
199
|
$val = ($val == 'modules') || ($val == 'templates') || ($val == 'languages') ? 'addons' : $val;
|
|
200
|
}
|
|
201
|
}
|
|
202
|
|
|
203
|
if(!function_exists('settings')){
|
|
204
|
function settings(& $val, $key, $vars = '')
|
|
205
|
{
|
|
206
|
$val = ($val == 'settings_view') ? 'settings_basic' : $val;
|
|
207
|
// $val = ($val == 'settings_basic') || ($val == 'settings_advanced') ? 'settings_view' : $val1;
|
|
208
|
}
|
|
209
|
}
|
|
210
|
|
|
211
|
if(!function_exists('access')){
|
|
212
|
function access(& $val, $key, $vars = '')
|
|
213
|
{
|
|
214
|
$val = ($val == 'groups') || ($val == 'users') ? 'access' : $val;
|
|
215
|
}
|
|
216
|
}
|
|
217
|
function convertArrayToString ($val=null)
|
|
218
|
{
|
|
219
|
$settings = '';
|
|
220
|
if(is_array($val))
|
|
221
|
{
|
|
222
|
foreach( $val as $key => $value )
|
|
223
|
{
|
|
224
|
$settings .= trim($value.',','\'');
|
|
225
|
}
|
|
226
|
} else {
|
|
227
|
$settings = $val;
|
|
228
|
}
|
|
229
|
return trim($settings,',');
|
|
230
|
}
|
|
231
|
|
|
232
|
function convertKeyArrayToString ($val=null)
|
|
233
|
{
|
|
234
|
$settings = '';
|
|
235
|
if(is_array($val))
|
|
236
|
{
|
|
237
|
foreach( $val as $key => $value )
|
|
238
|
{
|
|
239
|
$settings .= trim($key.',','\'');
|
|
240
|
}
|
|
241
|
} else {
|
|
242
|
$settings = $val;
|
|
243
|
}
|
|
244
|
return trim($settings,',');
|
|
245
|
}
|
|
246
|
|
|
247
|
// ---------------------------------------
|
|
248
|
function convertStringToArray ($val=null)
|
|
249
|
{
|
|
250
|
$array = array();
|
|
251
|
$settings = '';
|
|
252
|
if(!is_array($val)){
|
|
253
|
$settings = explode(',', $val);
|
|
254
|
foreach( $settings as $value )
|
|
255
|
{
|
|
256
|
$array[] = $value;
|
|
257
|
}
|
|
258
|
} else {
|
|
259
|
$array = $val;
|
|
260
|
}
|
|
261
|
return $array;
|
|
262
|
}
|
|
263
|
// ---------------------------------------
|
|
264
|
function convertStringToKeyArray ($val=null)
|
|
265
|
{
|
|
266
|
$array = array();
|
|
267
|
if(!is_array($val)){
|
|
268
|
$settings = explode(',', $val);
|
|
269
|
foreach( $settings as $value )
|
|
270
|
{
|
|
271
|
$array[$value] = 1;
|
|
272
|
}
|
|
273
|
} else {
|
|
274
|
$array = $val;
|
|
275
|
}
|
|
276
|
return $array;
|
|
277
|
}
|
|
278
|
|
|
279
|
// ---------------------------------------
|
|
280
|
// workout to upgrade the groups system_permissions
|
|
281
|
/**
|
|
282
|
* get_system_permissions()
|
|
283
|
*
|
|
284
|
* @return
|
|
285
|
*/
|
|
286
|
function get_system_permissions ($admin, $SystemPermissions = null )
|
|
287
|
{
|
|
288
|
$retVal = null;
|
|
289
|
$aValidAll = array();
|
|
290
|
$aValidView = array();
|
|
291
|
$aValidBlock = array();
|
|
292
|
$aValidAddons = array();
|
|
293
|
$aValidAccess = array();
|
|
294
|
$aValidSettings = array();
|
|
295
|
$aPermissions = array();
|
|
296
|
$sValueType = '';
|
|
297
|
$sTempPermissions = '';
|
|
298
|
if($SystemPermissions==null) { return false; }
|
|
299
|
|
|
300
|
// be sure is the right string for working inside
|
|
301
|
if(is_string($SystemPermissions)) {
|
|
302
|
$SystemPermissions = convertStringToKeyArray($SystemPermissions);
|
|
303
|
}
|
|
304
|
if(is_array($SystemPermissions)&& sizeof($SystemPermissions)>0) {
|
|
305
|
$aPermissions = convertStringToKeyArray($SystemPermissions);
|
|
306
|
$sTempPermissions = convertKeyArrayToString($aPermissions).',';
|
|
307
|
}
|
|
308
|
// workout setting preferences
|
|
309
|
if($admin->is_group_match('preferences_view',$sTempPermissions))
|
|
310
|
{
|
|
311
|
$aPermissions[] = 'preferences';
|
|
312
|
$sTempPermissions .= 'preferences,';
|
|
313
|
}
|
|
314
|
// workout setting admintools
|
|
315
|
if($admin->is_group_match('admintools_view',$sTempPermissions))
|
|
316
|
{
|
|
317
|
$aPermissions[] = 'admintools';
|
|
318
|
$sTempPermissions .= 'admintools,';
|
|
319
|
}
|
|
320
|
// search all data with *_view, if not found delete the permission block
|
|
321
|
$patternView = '/[a-z]+_view/i';
|
|
322
|
if(preg_match_all($patternView, $sTempPermissions, $array ))
|
|
323
|
{
|
|
324
|
// build new Permissions kist, remove invaild entries, needed to disable checknoxes
|
|
325
|
array_walk($array[0], 'remove_underline');
|
|
326
|
$sValueType = array_unique($array[0]);
|
|
327
|
foreach($sValueType as $key => $view )
|
|
328
|
{
|
|
329
|
//build new permission string
|
|
330
|
$regex = "/(($view)[a-z_0-9]*)\,/i";
|
|
331
|
preg_match_all ($regex, $sTempPermissions, $aMatch);
|
|
332
|
$aValidBlock = $aMatch[1];
|
|
333
|
$aValidAll = array_merge($aValidAll,$aValidBlock);
|
|
334
|
}
|
|
335
|
// set all missing/needed entries
|
|
336
|
$aValidAddons = $aValidAll;
|
|
337
|
$aValidAccess = $aValidAll;
|
|
338
|
$aValidSettings = $aValidAll;
|
|
339
|
array_walk($aValidAddons, 'addons');
|
|
340
|
array_walk($aValidAccess, 'access');
|
|
341
|
array_walk($aValidSettings, 'settings');
|
|
342
|
// merge all arays and set to POST ready for save and change to advanced modus
|
|
343
|
$aSystem = array_merge_recursive( $sValueType, $aValidAll, $aValidBlock, $aValidSettings, $aValidAddons, $aValidAccess);
|
|
344
|
$retVal = array_unique($aSystem);
|
|
345
|
natsort($retVal);
|
|
346
|
// set correct index key
|
|
347
|
$retVal = array_merge($retVal);
|
|
348
|
// convert to right format
|
|
349
|
$retVal = array_fill_keys($retVal, 1);
|
|
350
|
}
|
|
351
|
|
|
352
|
$_POST['system_permissions'] = $retVal;
|
|
353
|
return $retVal;
|
|
354
|
}
|
|
355
|
// ---------------------------------------
|
|
356
|
//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.''.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />';
|
|
357
|
//print_r( $_POST ); print '</pre>';
|
|
358
|
|
|
359
|
/**
|
|
360
|
* setSystemCheckboxes()
|
|
361
|
*
|
|
362
|
* @param mixed $tpl
|
|
363
|
* @param mixed $permissions
|
|
364
|
* @return
|
|
365
|
*/
|
|
366
|
function setSystemCheckboxes( &$tpl, $admin, $permissions = null )
|
|
367
|
{
|
|
368
|
$array = array();
|
|
369
|
if(!is_array($permissions))
|
|
370
|
{
|
|
371
|
$array = convertStringToKeyArray($permissions);
|
|
372
|
} else {
|
|
373
|
$array = $permissions;
|
|
374
|
}
|
|
375
|
|
|
376
|
if ( true == (isset( $_POST['advanced_action']) && (( $_POST['advanced_action'] == 'no') || strpos( $_POST['advanced_action'], ">>") > 0 ) ) )
|
|
377
|
{
|
|
378
|
// set adbanced modus
|
|
379
|
$tpl->parse('hidden_advanced_permission_list', '', true);
|
|
380
|
$array = !is_array($array) ? array() : $array;
|
|
381
|
$aPermissions = isset($_POST['system_permissions']) ? $_POST['system_permissions'] : array();
|
|
382
|
foreach($array AS $key => $value)
|
|
383
|
{
|
|
384
|
// if(strpos($key,'_view')) { continue; }
|
|
385
|
if(array_key_exists($key, $aPermissions)) { continue; }
|
|
386
|
$tpl->set_var('SYS_NAME', "system_permissions[$key]" );
|
|
387
|
$tpl->set_var('SYS_VALUE', 1 );
|
|
388
|
$tpl->parse('hidden_advanced_permission_list', 'show_cmd_hidden_advanced_permission_list_block', true);
|
|
389
|
$checked = '';
|
|
390
|
}
|
|
391
|
|
|
392
|
} else {
|
|
393
|
// set baisc modus
|
|
394
|
$tpl->set_var('SYS_NAME', "none" );
|
|
395
|
$tpl->set_var('SYS_VALUE', '' );
|
|
396
|
$tpl->parse('hidden_permission_list', 'show_cmd_hidden_permission_list_block', true);
|
|
397
|
$array = !is_array($array) ? array() : $array;
|
|
398
|
foreach($array AS $key => $value)
|
|
399
|
{
|
|
400
|
if(strpos($key,'_view')) { continue; }
|
|
401
|
$tpl->set_var('SYS_NAME', "system_permissions[$key]" );
|
|
402
|
$tpl->set_var('SYS_VALUE', 1 );
|
|
403
|
$tpl->parse('hidden_permission_list', 'show_cmd_hidden_permission_list_block', true);
|
|
404
|
$checked = '';
|
|
405
|
}
|
|
406
|
}
|
|
407
|
reset($array);
|
|
408
|
// set checked
|
|
409
|
foreach($array AS $key => $value)
|
|
410
|
{
|
|
411
|
$checked='';
|
|
412
|
if( $key != '' )
|
|
413
|
{
|
|
414
|
$checked = ' checked="checked"';
|
|
415
|
}
|
|
416
|
$tpl->set_var('VALUE', 1);
|
|
417
|
$tpl->set_var($key.'_checked', $checked);
|
|
418
|
}
|
|
419
|
|
|
420
|
return $array;
|
|
421
|
}
|
|
422
|
|
|
423
|
/**
|
|
424
|
* upgrade_group_system_permissions()
|
|
425
|
*
|
|
426
|
* @return void
|
|
427
|
*/
|
|
428
|
function upgrade_group_system_permissions ( )
|
|
429
|
{
|
|
430
|
global $admin;
|
|
431
|
$database = WbDatabase::getInstance();
|
|
432
|
$aGroups = array();
|
|
433
|
$sTempPermissions = '';
|
|
434
|
$aTempPermissions = array();
|
|
435
|
$aAllowedPermissions = array(
|
|
436
|
'admintools','groups','languages','media','modules','pages','preferences','settings','templates','users'
|
|
437
|
);
|
|
438
|
$aPermissions = $aMatches = array();
|
|
439
|
$sql = 'SELECT `group_id`,`name`,`system_permissions` FROM `'.TABLE_PREFIX.'groups` ';
|
|
440
|
// $sql .= 'WHERE `group_id` != 1 ';
|
|
441
|
$sql .= 'ORDER BY `group_id` ';
|
|
442
|
if($oRes = $database->query($sql) )
|
|
443
|
{
|
|
444
|
while( $aPage = $oRes->fetchRow(MYSQL_ASSOC) )
|
|
445
|
{
|
|
446
|
$sTempPermissions = convertKeyArrayToString (getSystemDefaultPermissions()).',';
|
|
447
|
$sPermissions = $aPage['group_id']!= 1 ? $aPage['system_permissions'].',' : $sTempPermissions;
|
|
448
|
// check if old groups system_permissions format, there was no prferences
|
|
449
|
if( !preg_match_all( '/(preferences[a-z_0-9]*)\,/iU', $sPermissions, $aMatches) )
|
|
450
|
{
|
|
451
|
// fetch all known permission entries to set the permission_view
|
|
452
|
foreach($aAllowedPermissions as $PermissionFound)
|
|
453
|
{
|
|
454
|
$aMatches = array();
|
|
455
|
if( preg_match_all( "/(($PermissionFound)[a-z_0-9]*)\,/i", $sPermissions, $aMatches) )
|
|
456
|
{
|
|
457
|
$val1 = $admin->is_group_match("$PermissionFound".'_view',$sPermissions);
|
|
458
|
$val2 = $admin->is_group_match("$PermissionFound",$sPermissions);
|
|
459
|
if(!$val1 && $val2)
|
|
460
|
{
|
|
461
|
$sPermissions .= $PermissionFound.'_view,';
|
|
462
|
}
|
|
463
|
}
|
|
464
|
$aTempPermissions = explode(',',$sPermissions);
|
|
465
|
if(!$admin->is_group_match('preferences_view',$sPermissions))
|
|
466
|
{
|
|
467
|
$sPermissions .= 'preferences,preferences_view,';
|
|
468
|
}
|
|
469
|
}
|
|
470
|
}
|
|
471
|
// upgrade all groups system permission
|
|
472
|
$aTempPermissions = convertStringToArray(trim($sPermissions,','));
|
|
473
|
natsort($aTempPermissions);
|
|
474
|
// reindex
|
|
475
|
$aTempPermissions = array_merge(($aTempPermissions));
|
|
476
|
$retVal = array_fill_keys($aTempPermissions, 1);
|
|
477
|
$aPermissions[$aPage['name']] = get_system_permissions($admin, $retVal);
|
|
478
|
$aGroups[$aPage['name']] = convertKeyArrayToString($aPermissions[$aPage['name']]);
|
|
479
|
// and update DB
|
|
480
|
$sql = 'UPDATE `'.TABLE_PREFIX.'groups` SET ';
|
|
481
|
$sql .= '`system_permissions` =\''.$aGroups[$aPage['name']].'\' ';
|
|
482
|
$sql .= 'WHERE `name` = \''.$aPage['name'].'\' ';
|
|
483
|
if(!$database->query($sql) )
|
|
484
|
{
|
|
485
|
}
|
|
486
|
}
|
|
487
|
}
|
|
488
|
return !$database->is_error();
|
|
489
|
}
|