Context Navigation

source: trunk/admin/cat_perm.php @ 29

Last change on this file since 29 was 29, checked in by z0rglub, 21 years ago
template as user_template for displaying pictures in the template
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 7.8 KB

Line
1	<?php
2	/***************************************************************************
3	* cat_perm.php *
4	* ------------------ *
5	* application : PhpWebGallery 1.3 *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	***************************************************************************/
9
10	/***************************************************************************
11	* *
12	* This program is free software; you can redistribute it and/or modify *
13	* it under the terms of the GNU General Public License as published by *
14	* the Free Software Foundation; *
15	* *
16	***************************************************************************/
17	include_once( './include/isadmin.inc.php' );
18	//----------------------------------------------------- template initialization
19	$sub = $vtp->Open( '../template/'.$user['template'].'/admin/cat_perm.vtp' );
20	$error = array();
21	$tpl = array( 'permuser_authorized','permuser_forbidden','menu_groups',
22	'submit','menu_users','permuser_parent_forbidden' );
23	templatize_array( $tpl, 'lang', $sub );
24	$vtp->setGlobalVar( $sub, 'user_template', $user['template'] );
25	//-------------------------------------------------------------- category infos
26	if ( isset( $_GET['cat_id'] ) )
27	{
28	check_cat_id( $_GET['cat_id'] );
29	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
30	{
31	$result = get_cat_info( $page['cat'] );
32	$page['cat_name'] = $result['name'];
33	$page['id_uppercat'] = $result['id_uppercat'];
34	}
35	}
36	//---------------------------------------------------------- permission updates
37	if ( isset( $_POST['submit'] ) )
38	{
39	// groups access update
40	$query = 'DELETE';
41	$query.= ' FROM '.PREFIX_TABLE.'group_access';
42	$query.= ' WHERE cat_id = '.$page['cat'];
43	$query.= ';';
44	mysql_query( $query );
45	$query = 'SELECT id';
46	$query.= ' FROM '.PREFIX_TABLE.'groups';
47	$query.= ';';
48	$result = mysql_query( $query );
49	while ( $row = mysql_fetch_array( $result ) )
50	{
51	$radioname = 'groupaccess-'.$row['id'];
52	if ( $_POST[$radioname] == 0 )
53	{
54	$query = 'INSERT INTO '.PREFIX_TABLE.'group_access';
55	$query.= ' (cat_id,group_id) VALUES';
56	$query.= ' ('.$page['cat'].','.$row['id'].')';
57	$query.= ';';
58	mysql_query( $query );
59	}
60	}
61	// users access update
62	$query = 'DELETE';
63	$query.= ' FROM '.PREFIX_TABLE.'user_access';
64	$query.= ' WHERE cat_id = '.$page['cat'];
65	$query.= ';';
66	mysql_query( $query );
67	$query = 'SELECT id';
68	$query.= ' FROM '.PREFIX_TABLE.'users';
69	$query.= ';';
70	$result = mysql_query( $query );
71	while ( $row = mysql_fetch_array( $result ) )
72	{
73	$radioname = 'useraccess-'.$row['id'];
74	if ( $_POST[$radioname] == 0 )
75	{
76	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
77	$query.= ' (cat_id,user_id) VALUES';
78	$query.= ' ('.$page['cat'].','.$row['id'].')';
79	$query.= ';';
80	mysql_query( $query );
81	}
82	check_favorites( $row['id'] );
83	}
84	// echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=cat" )."\">".$lang['editcat_back']."</a> ]</div>";
85	}
86	//---------------------------------------------------------------------- groups
87	$query = 'SELECT id,name';
88	$query.= ' FROM '.PREFIX_TABLE.'groups';
89	$query. ';';
90	$result = mysql_query( $query );
91	if ( mysql_num_rows( $result ) > 0 )
92	{
93	$vtp->addSession( $sub, 'groups' );
94	// creating an array with all authorized groups for this category
95	$query = 'SELECT group_id';
96	$query.= ' FROM '.PREFIX_TABLE.'group_access';
97	$query.= ' WHERE cat_id = '.$_GET['cat_id'];
98	$query.= ';';
99	$subresult = mysql_query( $query );
100	$authorized_groups = array();
101	while ( $subrow = mysql_fetch_array( $subresult ) )
102	{
103	array_push( $authorized_groups, $subrow['group_id'] );
104	}
105	// displaying each group
106	while( $row = mysql_fetch_array( $result ) )
107	{
108	$vtp->addSession( $sub, 'group' );
109	if ( in_array( $row['id'], $authorized_groups ) )
110	{
111	$vtp->setVar( $sub, 'group.color', 'green' );
112	$vtp->setVar( $sub, 'group.authorized_checked', ' checked="checked"' );
113	}
114	else
115	{
116	$vtp->setVar( $sub, 'group.color', 'red' );
117	$vtp->setVar( $sub, 'group.forbidden_checked', ' checked="checked"' );
118	}
119	$vtp->setVar( $sub, 'group.groupname', $row['name'] );
120	$vtp->setVar( $sub, 'group.id', $row['id'] );
121	$vtp->closeSession( $sub, 'group' );
122	}
123	$vtp->closeSession( $sub, 'groups' );
124	}
125	//----------------------------------------------------------------------- users
126	$query = 'SELECT id,username,status';
127	$query.= ' FROM '.PREFIX_TABLE.'users';
128	$query.= " WHERE username != '".$conf['webmaster']."'";
129	$query.= ';';
130	$result = mysql_query( $query );
131	while ( $row = mysql_fetch_array( $result ) )
132	{
133	$vtp->addSession( $sub, 'user' );
134	$vtp->setVar( $sub, 'user.id', $row['id'] );
135	$url = add_session_id( './admin.php?page=user_perm&user_id='.$row['id']);
136	$vtp->setVar( $sub, 'user.user_perm_link', $url);
137	if ( $row['username'] == 'guest' )
138	{
139	$row['username'] = $lang['guest'];
140	}
141	$vtp->setVar( $sub, 'user.username', $row['username'] );
142
143	// for color of user : (red means access forbidden, green authorized) we
144	// ask all forbidden categories, including the groups rights
145	$restrictions = get_restrictions( $row['id'], $row['status'], false );
146	$is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
147	if ( $is_user_allowed == 0 )
148	{
149	$vtp->setVar( $sub, 'user.color', 'green' );
150	}
151	else
152	{
153	$vtp->setVar( $sub, 'user.color', 'red' );
154	}
155	// for permission update button, we only ask forbidden categories for the
156	// user, not taking into account the groups the user belongs to
157	$restrictions = get_restrictions( $row['id'], $row['status'], false, false );
158	$is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
159	if ( $is_user_allowed == 2 )
160	{
161	$vtp->addSession( $sub, 'parent_forbidden' );
162	$url = './admin.php?page=cat_perm&cat_id='.$page['id_uppercat'];
163	$vtp->setVar( $sub, 'parent_forbidden.url', add_session_id( $url ) );
164	$vtp->closeSession( $sub, 'parent_forbidden' );
165	}
166	if ( $is_user_allowed == 0 )
167	{
168	$vtp->setVar( $sub, 'user.authorized_checked', ' checked="checked"' );
169	}
170	else
171	{
172	$vtp->setVar( $sub, 'user.forbidden_checked', ' checked="checked"' );
173	}
174	// user's group(s)
175	$query = 'SELECT g.name as groupname, g.id as groupid';
176	$query.= ' FROM '.PREFIX_TABLE.'groups as g';
177	$query.= ', '.PREFIX_TABLE.'user_group as ug';
178	$query.= ' WHERE ug.group_id = g.id';
179	$query.= ' AND ug.user_id = '.$row['id'];
180	$query.= ';';
181	$subresult = mysql_query( $query );
182	if ( mysql_num_rows( $subresult ) > 0 )
183	{
184	$vtp->addSession( $sub, 'usergroups' );
185	$i = 0;
186	while( $subrow = mysql_fetch_array( $subresult ) )
187	{
188	$vtp->addSession( $sub, 'usergroup' );
189	if ( in_array( $subrow['groupid'], $authorized_groups ) )
190	{
191	$vtp->setVar( $sub, 'usergroup.color', 'green' );
192	}
193	else
194	{
195	$vtp->setVar( $sub, 'usergroup.color', 'red' );
196	}
197	$vtp->setVar( $sub, 'usergroup.name', $subrow['groupname'] );
198	if ( $i < mysql_num_rows( $subresult ) - 1 )
199	{
200	$vtp->setVar( $sub, 'usergroup.separation', ',' );
201	}
202	$vtp->closeSession( $sub, 'usergroup' );
203	$i++;
204	}
205	$vtp->closeSession( $sub, 'usergroups' );
206	}
207	$vtp->closeSession( $sub, 'user' );
208	}
209	//----------------------------------------------------------- sending html code
210	$vtp->Parse( $handle , 'sub', $sub );
211	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: