Project

General

Profile

1 1710 Luisehahne
<?php
2
/**
3
 * @category        admin
4
 * @package         groups
5
 * @author          WebsiteBaker Project, Independend-Software-Team
6
 * @copyright       2009-2012, Website Baker Org. e.V.
7
 * @link			http://www.websitebaker2.org/
8
 * @license         http://www.gnu.org/licenses/gpl.html
9
 * @platform        WebsiteBaker 2.8.x
10
 * @requirements    PHP 5.2.2 and higher
11
 * @version         $Id$
12
 * @filesource		$HeadURL$
13
 * @lastmodified    $Date$
14
 * @description     all basic actions of this module, called by dispatcher only.
15
 */
16
17
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19
if(defined('WB_PATH') == false)
20
{
21
	// Stop this file being access directly
22
		die('<h2 style="color:red;margin:3em auto;text-align:center;">Cannot access this file directly</h2>');
23
}
24
/* -------------------------------------------------------- */
25
26
/* *****************************************************************************
27
 * Modify existing groups or insert a new group
28
 * @access public
29
 * @param object &$admin: reference to admin-object
30
 * @param object &$database: reference to database object
31
 * @param int $group_id: ID from group to modify or 0 for a new group
32
 * @return string: parsed HTML-content
33
 */
34
	function save_group($admin, $group_id = 0)
35
	{
36 1883 Luisehahne
//		global $TEXT, $MESSAGE, $HEADING, $MENU;
37 1710 Luisehahne
		include_once('upgradePermissions.php');
38
		include_once(WB_PATH.'/framework/functions.php');
39
		$database = WbDatabase::getInstance();
40 1883 Luisehahne
		$mLang = Translate::getInstance();
41 1710 Luisehahne
	// check for valid group_id
42
		$sql = '';
43
44
//		$system_settings = getSystemDefaultPermissions();
45
		$system_settings = isset($_POST['system_permissions']) ? $_POST['system_permissions'] : array();
46
47
	// check FTAN and prevent 'admin'[id=1] from become changed
48
		if( $admin->checkFTAN() && $group_id != 1 )
49
		{
50
			$system_permissions   = get_system_permissions ($admin,$system_settings);
51
			$system_permissions   = set_system_permissions($system_permissions);
52
53
			$module_permissions   = set_module_permissions($admin);
54
			$module_permissions   = implode (',', $module_permissions);
55
56
			$template_permissions = set_template_permissions($admin);
57
			$template_permissions = implode (',', $template_permissions);
58
59
			// prepare empty record to add new group
60 1868 Luisehahne
			$group_name = $database->escapeString(strip_tags(trim($admin->get_post('name'))));
61 1710 Luisehahne
//	print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.''.' );</strong>  basename: '.basename(__FILE__).'  line: '.__LINE__.' -> <br />';
62
//	print_r( $_POST ); print '</pre>';
63
64
			$sql  = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'groups` ';
65
			$sql .= 'WHERE `group_id` <> '.$group_id.' AND `name` LIKE BINARY \''.$group_name.'\'';
66
67
			if($group_name == '')
68
			{
69 1883 Luisehahne
				msgQueue::add($mLang->MESSAGE_GROUPS_GROUP_NAME_BLANK );
70 1710 Luisehahne
			} elseif($group_name != '') {
71
		// check request vars and assign values to record
72
				if( $database->get_one($sql) != false )
73
				{
74 1883 Luisehahne
					msgQueue::add($mLang->MESSAGE_GROUPS_GROUP_NAME_EXISTS );
75 1710 Luisehahne
				} else {
76
					if( $group_id == 0 )
77
					{
78
						$sql  = 'INSERT INTO `'.TABLE_PREFIX.'groups` ';
79
						$where = '';
80
					} else {
81
						$sql  = 'UPDATE `'.TABLE_PREFIX.'groups` ';
82
						$where = 'WHERE `group_id` = '.$group_id;
83
					}
84
                 }
85
			}
86
87
		// save new/changed values if no error given before
88
            if( msgQueue::isEmpty() )
89
			{
90
				$sql .= 'SET `name` = \''.$group_name.'\', ';
91
				$sql .= '`system_permissions` = \''.$system_permissions.'\', ';
92
				$sql .= '`module_permissions` = \''.$module_permissions.'\', ';
93
				$sql .= '`template_permissions` = \''.$template_permissions.'\' ';
94
				$sql .= $where;
95
				if( $database->query($sql) )
96
				{
97 1883 Luisehahne
	                msgQueue::add($mLang->MESSAGE_GROUPS_SAVED ,true);
98 1710 Luisehahne
				} else {
99 1883 Luisehahne
					msgQueue::add($mLang->MESSAGE_RECORD_MODIFIED_FAILED );
100 1710 Luisehahne
				}
101
			}
102
		} else {
103
			msgQueue::add('FTAN-check failed or tried to change admin');
104
		}
105
		$admin->print_header();
106
		return $group_id;
107
	}