|
1
|
<?php
|
|
2
|
/**
|
|
3
|
* @category admin
|
|
4
|
* @package groups
|
|
5
|
* @author WebsiteBaker Project. Independend-Software-Team
|
|
6
|
* @copyright 2009-2013, WebsiteBaker Org. e.V.
|
|
7
|
* @link http://www.websitebaker.org/
|
|
8
|
* @license http://www.gnu.org/licenses/gpl.html
|
|
9
|
* @platform WebsiteBaker 2.8.x
|
|
10
|
* @requirements PHP 5.2.2 and higher
|
|
11
|
* @version $Id: groups_mask.inc.php 1907 2013-06-07 02:30:42Z Luisehahne $
|
|
12
|
* @filesource $HeadURL: svn://isteam.dynxs.de/wb-archiv/branches/2.8.x/wb/admin/groups/groups_mask.inc.php $
|
|
13
|
* @lastmodified $Date: 2013-06-07 04:30:42 +0200 (Fri, 07 Jun 2013) $
|
|
14
|
* @description all basic actions of this module, called by dispatcher only.
|
|
15
|
*/
|
|
16
|
|
|
17
|
/* -------------------------------------------------------- */
|
|
18
|
// Must include code to stop this file being accessed directly
|
|
19
|
if(!defined('WB_URL')) {
|
|
20
|
require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php');
|
|
21
|
throw new IllegalFileException();
|
|
22
|
}
|
|
23
|
/* -------------------------------------------------------- */
|
|
24
|
|
|
25
|
/*
|
|
26
|
print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />';
|
|
27
|
print_r( $_POST ); print '</pre>'; // flush ();sleep(10); die();
|
|
28
|
*/
|
|
29
|
|
|
30
|
/* *****************************************************************************
|
|
31
|
* Show groupsmask to edit group
|
|
32
|
* @access public
|
|
33
|
* @param object $admin: admin-object
|
|
34
|
* @param int $user_id: ID from group to modify or 0 for a new group
|
|
35
|
* @return string: parsed HTML-content
|
|
36
|
*/
|
|
37
|
function show_groupmask($admin, $group_id = 0)
|
|
38
|
{
|
|
39
|
// global $TEXT, $MESSAGE, $HEADING, $MENU;
|
|
40
|
|
|
41
|
$database = WbDatabase::getInstance();
|
|
42
|
$mLang = Translate::getInstance();
|
|
43
|
// $mLang->setLanguage(dirname(__FILE__).'/languages/', LANGUAGE, DEFAULT_LANGUAGE);
|
|
44
|
include_once('upgradePermissions.php');
|
|
45
|
include_once(WB_PATH.'/framework/functions.php');
|
|
46
|
// Create new template object for the modify/remove menu
|
|
47
|
$tpl = new Template(dirname($admin->correct_theme_source('groups_form.htt')),'keep');
|
|
48
|
$tpl->set_file('page', 'groups_form.htt');
|
|
49
|
$tpl->debug = false; // false, true
|
|
50
|
|
|
51
|
$tpl->set_block('page', 'main_block', 'main');
|
|
52
|
$tpl->set_block('main_block', 'show_cmd_permission_block', 'show_cmd_permission');
|
|
53
|
$tpl->set_var('FTAN', $admin->getFTAN());
|
|
54
|
$rec_group = array();
|
|
55
|
// admin settings
|
|
56
|
// $system_settings = getSystemDefaultPermissions();
|
|
57
|
// $aSystemDefaultSettings = getSystemDefaultPermissions();
|
|
58
|
if( $group_id > 1 ) // load groupdata from db
|
|
59
|
{
|
|
60
|
// only read the first time from db to set checkboxes
|
|
61
|
if( $admin->get_post('frm_modify_group') == null )
|
|
62
|
{
|
|
63
|
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'groups` ';
|
|
64
|
$sql .= 'WHERE `group_id` = '.(int)$group_id;
|
|
65
|
// $group_id = 0; // reset to 0 if error occures
|
|
66
|
if( ($res_group = $database->query($sql)) != false )
|
|
67
|
{
|
|
68
|
if( ($rec_group = $res_group->fetchRow(MYSQL_ASSOC)) != false )
|
|
69
|
{
|
|
70
|
$group_id = $rec_group['group_id'];
|
|
71
|
// Explode system permissions
|
|
72
|
$system_permissions = $rec_group['system_permissions'];
|
|
73
|
// Explode module permissions
|
|
74
|
$module_permissions = explode(',', $rec_group['module_permissions']);
|
|
75
|
// Explode template permissions
|
|
76
|
$template_permissions = explode(',', $rec_group['template_permissions']);
|
|
77
|
}
|
|
78
|
}
|
|
79
|
|
|
80
|
$tpl->set_var(array(
|
|
81
|
'SUBMIT_TITLE' => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
|
|
82
|
'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
|
|
83
|
'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
|
|
84
|
'GROUP_ID' => $rec_group['group_id'],
|
|
85
|
'GROUP_NAME' => $rec_group['name'],
|
|
86
|
'FORM_NAME_GROUPMASK' => 'frm_modify_group',
|
|
87
|
'GROUPNAME_DISABLED' => '',
|
|
88
|
));
|
|
89
|
} else {
|
|
90
|
// set changed checkboxes and prepare db data
|
|
91
|
$module_permissions = set_module_permissions($admin);
|
|
92
|
$template_permissions = set_template_permissions($admin);
|
|
93
|
$rec_group['group_id'] = $group_id;
|
|
94
|
$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
|
|
95
|
$rec_group['module_permissions'] = convertArrayToString($module_permissions);
|
|
96
|
$rec_group['template_permissions'] = convertArrayToString($template_permissions);
|
|
97
|
|
|
98
|
$tpl->set_var(array(
|
|
99
|
'SUBMIT_TITLE' => ($admin->get_permission('groups_modify') == true) ? $mLang->TEXT_SAVE : $mLang->TEXT_BACK,
|
|
100
|
'ACTION_HANDLE' => ($admin->get_permission('groups_modify') == true) ? 'action_save' : 'action_cancel',
|
|
101
|
'ACTION_HIDDEN' => ($admin->get_permission('groups_modify') == true) ? 'action_modify' : 'action_cancel',
|
|
102
|
'TEXT_GROUPS_NAME' => $mLang->TEXT_GROUP.': ',
|
|
103
|
'FORM_NAME_GROUPMASK' => 'frm_modify_group',
|
|
104
|
// 'GROUPNAME_DISABLED' => ' readonly="readonly"',
|
|
105
|
// 'GROUPNAME_INPUT_DISABLED' => ' input_text_disabled no_input'
|
|
106
|
'GROUP_NAME' => $rec_group['name'],
|
|
107
|
'GROUPNAME_DISABLED' => '',
|
|
108
|
'GROUPNAME_INPUT_DISABLED' => ''
|
|
109
|
));
|
|
110
|
}
|
|
111
|
} else {
|
|
112
|
// set default no rights
|
|
113
|
$system_permissions = array('preferences' => 1,'preferences_view' => 1);
|
|
114
|
// $system_permissions = array();
|
|
115
|
// $system_permissions = isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $system_permissions;
|
|
116
|
$module_permissions = array();
|
|
117
|
$template_permissions = array();
|
|
118
|
// create a empty group-record with permissions masks and advanced button handle
|
|
119
|
// check for existing groupname and junp to start handling, do the same in save
|
|
120
|
// set changed checkboxes and prepare db data
|
|
121
|
$module_permissions = set_module_permissions($admin);
|
|
122
|
$template_permissions = set_template_permissions($admin);
|
|
123
|
$rec_group['group_id'] = intval($admin->get_post('group_id'));
|
|
124
|
$rec_group['name'] = $admin->add_slashes($admin->get_post('name'));
|
|
125
|
$rec_group['module_permissions'] = $module_permissions;
|
|
126
|
$rec_group['template_permissions'] = $template_permissions;
|
|
127
|
|
|
128
|
$tpl->set_var(array(
|
|
129
|
'SUBMIT_TITLE' => ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_ADD : $mLang->TEXT_BACK,
|
|
130
|
'ACTION_HANDLE' => ($admin->get_permission('groups_add') == true) ? 'action_save' : 'action_cancel',
|
|
131
|
'ACTION_HIDDEN' => ($admin->get_permission('groups_add') == true) ? 'action_modify' : 'action_cancel',
|
|
132
|
'TEXT_GROUPS_NAME' => '',
|
|
133
|
'GROUP_NAME' => $rec_group['name'],
|
|
134
|
'FORM_NAME_GROUPMASK' => 'frm_addnew_group',
|
|
135
|
'GROUPNAME_DISABLED' => '',
|
|
136
|
'GROUPNAME_INPUT_DISABLED' => ''
|
|
137
|
));
|
|
138
|
// $group_id = $rec_group['group_id'];
|
|
139
|
}
|
|
140
|
// set changed checkboxes and prepare db data
|
|
141
|
if( isset($_POST['system_permissions']) )
|
|
142
|
{
|
|
143
|
$system_permissions = get_system_permissions($admin,$_POST['system_permissions'] );
|
|
144
|
$rec_group['system_permissions'] = set_system_permissions($_POST['system_permissions']);
|
|
145
|
} else {
|
|
146
|
$system_permissions = get_system_permissions($admin,$system_permissions);
|
|
147
|
$rec_group['system_permissions'] = set_system_permissions($system_permissions);
|
|
148
|
}
|
|
149
|
//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.'frm_modify_group'.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />';
|
|
150
|
//print_r( $rec_group['system_permissions'] ); print '</pre>';
|
|
151
|
$tpl->set_var(array(
|
|
152
|
'GROUP_ID' => $rec_group['group_id'],
|
|
153
|
'GROUP_NAME' => $rec_group['name'],
|
|
154
|
'DISPLAY_ADD' => '',
|
|
155
|
));
|
|
156
|
$tpl->parse('show_cmd_permission', 'show_cmd_permission_block', true);
|
|
157
|
// if the requested group doesn't exist, or $group_id contains 0 so it
|
|
158
|
// will be shown a empty mask to add a new group
|
|
159
|
// otherwise the $rec_group object contains existing data from requested group
|
|
160
|
// $tpl->set_var('GROUP_ID', $group_id != 0 ? $admin->getIDKEY($group_id) : 0);
|
|
161
|
$tpl->set_var('GROUP_ACTION_URL', $_SERVER['SCRIPT_NAME']);
|
|
162
|
$header_extra = $mLang->TEXT_FILESYSTEM_PERMISSIONS.' ';
|
|
163
|
if( ($admin->get_permission('groups_view') == true) )
|
|
164
|
{
|
|
165
|
$tpl->set_var('GROUPS_HEADER', $header_extra.$mLang->HEADING_VIEW_GROUP );
|
|
166
|
if( ($admin->get_permission('groups_modify') == true) )
|
|
167
|
{
|
|
168
|
$tpl->set_var('GROUPS_HEADER', ($group_id == 0 ? $header_extra.$mLang->HEADING_ADD_GROUP : $header_extra.$mLang->HEADING_MODIFY_GROUP) );
|
|
169
|
}
|
|
170
|
}
|
|
171
|
|
|
172
|
// Insert language text and messages
|
|
173
|
$tpl->set_var('MODULE_FUNCTION', '');
|
|
174
|
$tpl->set_var($mLang->getLangArray());
|
|
175
|
|
|
176
|
// ------------------------
|
|
177
|
// Tell the browser whether or not to show advanced options
|
|
178
|
$tpl->set_block('show_cmd_permission', 'show_cmd_manage_permission_block', 'permission_block');
|
|
179
|
// $tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
|
|
180
|
$tpl->set_block('show_cmd_permission', 'show_cmd_advanced_permission_block', 'advanced_permission_block');
|
|
181
|
// first set the var {hidden_permission_list} to empty
|
|
182
|
// $tpl->parse('hidden_permission_list', '');
|
|
183
|
// Check and set system permissions boxes in main_block
|
|
184
|
|
|
185
|
if ( true == (isset( $_POST['advanced_action']) && (( $_POST['advanced_action'] == 'no') || strpos( $_POST['advanced_action'], ">>") > 0 ) ) )
|
|
186
|
{
|
|
187
|
$tpl->parse('hidden_permission_list', '');
|
|
188
|
$tpl->set_block('show_cmd_advanced_permission_block', 'show_cmd_hidden_advanced_permission_list_block', 'hidden_advanced_permission_list');
|
|
189
|
setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] );
|
|
190
|
$tpl->set_var('DISPLAY_ADVANCED', '');
|
|
191
|
$tpl->set_var('DISPLAY_BASIC', 'display:none;');
|
|
192
|
$tpl->set_var('ADVANCED', 'yes');
|
|
193
|
$tpl->set_var('ADVANCED_ACTION', 'advance_action');
|
|
194
|
$tpl->set_var('ADVANCED_BUTTON', ($admin->get_permission('groups') == true) ? '<< '.$mLang->TEXT_HIDE_ADVANCED : '<< '.$mLang->TEXT_HIDE_ADVANCED);
|
|
195
|
$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS);
|
|
196
|
|
|
197
|
$tpl->parse('advanced_permission_block', 'show_cmd_advanced_permission_block', true);
|
|
198
|
$tpl->parse('permission_block', '');
|
|
199
|
} else {
|
|
200
|
$tpl->parse('hidden_advanced_permission_list', '');
|
|
201
|
$tpl->set_block('show_cmd_manage_permission_block', 'show_cmd_hidden_permission_list_block', 'hidden_permission_list');
|
|
202
|
setSystemCheckboxes( $tpl, $admin, isset($_POST['system_permissions']) ? $_POST['system_permissions'] : $rec_group['system_permissions'] );
|
|
203
|
$tpl->set_var('DISPLAY_ADVANCED', '');
|
|
204
|
$tpl->set_var('DISPLAY_BASIC', '');
|
|
205
|
$tpl->set_var('ADVANCED', 'no');
|
|
206
|
$tpl->set_var('ADVANCED_ACTION', 'advance_action');
|
|
207
|
$tpl->set_var('ADVANCED_BUTTON', ($admin->get_permission('groups_add') == true) ? $mLang->TEXT_SHOW_ADVANCED.' >>' : $mLang->TEXT_SHOW_ADVANCED.' >>');
|
|
208
|
$tpl->set_var('FILESYSTEM_PERMISSIONS', $mLang->TEXT_FILESYSTEM_PERMISSIONS.' ');
|
|
209
|
|
|
210
|
$tpl->parse('advanced_permission_block', '');
|
|
211
|
$tpl->parse('permission_block', 'show_cmd_manage_permission_block', true);
|
|
212
|
}
|
|
213
|
|
|
214
|
// ------------------------
|
|
215
|
|
|
216
|
$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
|
|
217
|
// Insert values into pages module list
|
|
218
|
$tpl->set_block('show_cmd_permission', 'pages_module_list_block', 'module_list');
|
|
219
|
$sql = 'SELECT `directory`,`name`,`function` FROM `'.TABLE_PREFIX.'addons` ';
|
|
220
|
$sql .= 'WHERE `type` = \'module\' AND `function` <> \'tool\' ';
|
|
221
|
$sql .= '';
|
|
222
|
$sql .= 'ORDER BY `function`, `name`';
|
|
223
|
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
|
|
224
|
{
|
|
225
|
$tmp_header = '';
|
|
226
|
while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
|
|
227
|
{
|
|
228
|
if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php'))
|
|
229
|
{
|
|
230
|
if( $tmp_header != $addon['function'])
|
|
231
|
{
|
|
232
|
$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
233
|
} else {
|
|
234
|
$tpl->set_var('MODULE_FUNCTION', '');
|
|
235
|
}
|
|
236
|
|
|
237
|
$tpl->set_var('MOD_VALUE', $addon['directory']);
|
|
238
|
$tpl->set_var('MOD_NAME', $addon['name']);
|
|
239
|
if(!is_numeric(array_search($addon['directory'], $module_permissions)) )
|
|
240
|
{
|
|
241
|
$tpl->set_var('MOD_CHECKED', ' checked="checked"');
|
|
242
|
} else {
|
|
243
|
$tpl->set_var('MOD_CHECKED', '');
|
|
244
|
}
|
|
245
|
$tpl->parse('module_list', 'pages_module_list_block', true);
|
|
246
|
}
|
|
247
|
$tmp_header = $addon['function'];
|
|
248
|
}
|
|
249
|
}
|
|
250
|
|
|
251
|
$tpl->set_var('HEADER_MODULE_FUNCTION', '<h6>'.$mLang->TEXT_MODULE_PERMISSIONS.'</h6>');
|
|
252
|
// Insert values into pages module list
|
|
253
|
$tpl->set_block('show_cmd_permission', 'tools_module_list_block', 'tools_list');
|
|
254
|
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'addons` ';
|
|
255
|
$sql .= 'WHERE `type` = \'module\' AND `function` = \'tool\' ';
|
|
256
|
$sql .= 'ORDER BY `name`';
|
|
257
|
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
|
|
258
|
{
|
|
259
|
$tmp_header = '';
|
|
260
|
while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
|
|
261
|
{
|
|
262
|
if(file_exists(WB_PATH.'/modules/'.$addon['directory'].'/info.php'))
|
|
263
|
{
|
|
264
|
if( $tmp_header != $addon['function'])
|
|
265
|
{
|
|
266
|
$tpl->set_var('MODULE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
267
|
} else {
|
|
268
|
$tpl->set_var('MODULE_FUNCTION', '');
|
|
269
|
}
|
|
270
|
$tpl->set_var('ADM_VALUE', $addon['directory']);
|
|
271
|
$tpl->set_var('ADM_NAME', $addon['name']);
|
|
272
|
if(!is_numeric(array_search($addon['directory'], $module_permissions)) )
|
|
273
|
{
|
|
274
|
$tpl->set_var('ADM_CHECKED', ' checked="checked"');
|
|
275
|
} else {
|
|
276
|
$tpl->set_var('ADM_CHECKED', '');
|
|
277
|
}
|
|
278
|
|
|
279
|
$tpl->parse('tools_list', 'tools_module_list_block', true);
|
|
280
|
}
|
|
281
|
$tmp_header = $addon['function'];
|
|
282
|
}
|
|
283
|
}
|
|
284
|
$tpl->set_var('HEADER_TEMPLATE_FUNCTION', '<h6>'.$mLang->TEXT_TEMPLATE_PERMISSIONS.'</h6>');
|
|
285
|
// Insert values into pages module list
|
|
286
|
$tpl->set_block('show_cmd_permission', 'template_list_block', 'template_list');
|
|
287
|
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'addons` ';
|
|
288
|
$sql .= 'WHERE `type` = \'template\' ';
|
|
289
|
$sql .= 'ORDER BY `function`,`name`';
|
|
290
|
if(($res_pages = $database->query($sql)) && ($res_pages->numRows() > 0) )
|
|
291
|
{
|
|
292
|
$tmp_header = '';
|
|
293
|
while($addon = $res_pages->fetchRow(MYSQL_ASSOC))
|
|
294
|
{
|
|
295
|
if(file_exists(WB_PATH.'/templates/'.$addon['directory'].'/info.php'))
|
|
296
|
{
|
|
297
|
if( $tmp_header != $addon['function'])
|
|
298
|
{
|
|
299
|
$tpl->set_var('TEMPLATE_FUNCTION', '<h6>'.strtoupper($addon['function']).'</h6>');
|
|
300
|
} else {
|
|
301
|
$tpl->set_var('TEMPLATE_FUNCTION', '');
|
|
302
|
}
|
|
303
|
$tpl->set_var('TMP_VALUE', $addon['directory']);
|
|
304
|
$tpl->set_var('TMP_NAME', $addon['name']);
|
|
305
|
if(!is_numeric(array_search($addon['directory'], $template_permissions)) )
|
|
306
|
{
|
|
307
|
$tpl->set_var('TMP_CHECKED', ' checked="checked"');
|
|
308
|
} else {
|
|
309
|
$tpl->set_var('TMP_CHECKED', '');
|
|
310
|
}
|
|
311
|
|
|
312
|
$tpl->parse('template_list', 'template_list_block', true);
|
|
313
|
}
|
|
314
|
$tmp_header = $addon['function'];
|
|
315
|
}
|
|
316
|
}
|
|
317
|
|
|
318
|
// ------------------------
|
|
319
|
// Parse template object
|
|
320
|
$tpl->parse('main', 'main_block', false);
|
|
321
|
$output = $tpl->finish($tpl->parse('output', 'page'));
|
|
322
|
unset($tpl);
|
|
323
|
return $output;
|
|
324
|
}
|