Context Navigation

source: trunk/admin/cat_perm.php @ 57

Last change on this file since 57 was 57, checked in by z0rglub, 21 years ago
improve the header of each file
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 7.8 KB

Line
1	<?php
2	/***************************************************************************
3	* cat_perm.php *
4	* ------------------ *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: cat_perm.php 57 2003-08-24 07:40:56Z z0rglub $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	include_once( './include/isadmin.inc.php' );
20	//----------------------------------------------------- template initialization
21	$sub = $vtp->Open( '../template/'.$user['template'].'/admin/cat_perm.vtp' );
22	$error = array();
23	$tpl = array( 'permuser_authorized','permuser_forbidden','menu_groups',
24	'submit','menu_users','permuser_parent_forbidden' );
25	templatize_array( $tpl, 'lang', $sub );
26	$vtp->setGlobalVar( $sub, 'user_template', $user['template'] );
27	//-------------------------------------------------------------- category infos
28	if ( isset( $_GET['cat_id'] ) )
29	{
30	check_cat_id( $_GET['cat_id'] );
31	if ( isset( $page['cat'] ) and is_numeric( $page['cat'] ) )
32	{
33	$result = get_cat_info( $page['cat'] );
34	$page['cat_name'] = $result['name'];
35	$page['id_uppercat'] = $result['id_uppercat'];
36	}
37	}
38	//---------------------------------------------------------- permission updates
39	if ( isset( $_POST['submit'] ) )
40	{
41	// groups access update
42	$query = 'DELETE';
43	$query.= ' FROM '.PREFIX_TABLE.'group_access';
44	$query.= ' WHERE cat_id = '.$page['cat'];
45	$query.= ';';
46	mysql_query( $query );
47	$query = 'SELECT id';
48	$query.= ' FROM '.PREFIX_TABLE.'groups';
49	$query.= ';';
50	$result = mysql_query( $query );
51	while ( $row = mysql_fetch_array( $result ) )
52	{
53	$radioname = 'groupaccess-'.$row['id'];
54	if ( $_POST[$radioname] == 0 )
55	{
56	$query = 'INSERT INTO '.PREFIX_TABLE.'group_access';
57	$query.= ' (cat_id,group_id) VALUES';
58	$query.= ' ('.$page['cat'].','.$row['id'].')';
59	$query.= ';';
60	mysql_query( $query );
61	}
62	}
63	// users access update
64	$query = 'DELETE';
65	$query.= ' FROM '.PREFIX_TABLE.'user_access';
66	$query.= ' WHERE cat_id = '.$page['cat'];
67	$query.= ';';
68	mysql_query( $query );
69	$query = 'SELECT id';
70	$query.= ' FROM '.PREFIX_TABLE.'users';
71	$query.= ';';
72	$result = mysql_query( $query );
73	while ( $row = mysql_fetch_array( $result ) )
74	{
75	$radioname = 'useraccess-'.$row['id'];
76	if ( $_POST[$radioname] == 0 )
77	{
78	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
79	$query.= ' (cat_id,user_id) VALUES';
80	$query.= ' ('.$page['cat'].','.$row['id'].')';
81	$query.= ';';
82	mysql_query( $query );
83	}
84	check_favorites( $row['id'] );
85	}
86	// echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=cat" )."\">".$lang['editcat_back']."</a> ]</div>";
87	}
88	//---------------------------------------------------------------------- groups
89	$query = 'SELECT id,name';
90	$query.= ' FROM '.PREFIX_TABLE.'groups';
91	$query. ';';
92	$result = mysql_query( $query );
93	if ( mysql_num_rows( $result ) > 0 )
94	{
95	$vtp->addSession( $sub, 'groups' );
96	// creating an array with all authorized groups for this category
97	$query = 'SELECT group_id';
98	$query.= ' FROM '.PREFIX_TABLE.'group_access';
99	$query.= ' WHERE cat_id = '.$_GET['cat_id'];
100	$query.= ';';
101	$subresult = mysql_query( $query );
102	$authorized_groups = array();
103	while ( $subrow = mysql_fetch_array( $subresult ) )
104	{
105	array_push( $authorized_groups, $subrow['group_id'] );
106	}
107	// displaying each group
108	while( $row = mysql_fetch_array( $result ) )
109	{
110	$vtp->addSession( $sub, 'group' );
111	if ( in_array( $row['id'], $authorized_groups ) )
112	{
113	$vtp->setVar( $sub, 'group.color', 'green' );
114	$vtp->setVar( $sub, 'group.authorized_checked', ' checked="checked"' );
115	}
116	else
117	{
118	$vtp->setVar( $sub, 'group.color', 'red' );
119	$vtp->setVar( $sub, 'group.forbidden_checked', ' checked="checked"' );
120	}
121	$vtp->setVar( $sub, 'group.groupname', $row['name'] );
122	$vtp->setVar( $sub, 'group.id', $row['id'] );
123	$vtp->closeSession( $sub, 'group' );
124	}
125	$vtp->closeSession( $sub, 'groups' );
126	}
127	//----------------------------------------------------------------------- users
128	$query = 'SELECT id,username,status';
129	$query.= ' FROM '.PREFIX_TABLE.'users';
130	$query.= " WHERE username != '".$conf['webmaster']."'";
131	$query.= ';';
132	$result = mysql_query( $query );
133	while ( $row = mysql_fetch_array( $result ) )
134	{
135	$vtp->addSession( $sub, 'user' );
136	$vtp->setVar( $sub, 'user.id', $row['id'] );
137	$url = add_session_id( './admin.php?page=user_perm&user_id='.$row['id']);
138	$vtp->setVar( $sub, 'user.user_perm_link', $url);
139	if ( $row['username'] == 'guest' )
140	{
141	$row['username'] = $lang['guest'];
142	}
143	$vtp->setVar( $sub, 'user.username', $row['username'] );
144
145	// for color of user : (red means access forbidden, green authorized) we
146	// ask all forbidden categories, including the groups rights
147	$restrictions = get_restrictions( $row['id'], $row['status'], false );
148	$is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
149	if ( $is_user_allowed == 0 )
150	{
151	$vtp->setVar( $sub, 'user.color', 'green' );
152	}
153	else
154	{
155	$vtp->setVar( $sub, 'user.color', 'red' );
156	}
157	// for permission update button, we only ask forbidden categories for the
158	// user, not taking into account the groups the user belongs to
159	$restrictions = get_restrictions( $row['id'], $row['status'], false, false );
160	$is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
161	if ( $is_user_allowed == 2 )
162	{
163	$vtp->addSession( $sub, 'parent_forbidden' );
164	$url = './admin.php?page=cat_perm&cat_id='.$page['id_uppercat'];
165	$vtp->setVar( $sub, 'parent_forbidden.url', add_session_id( $url ) );
166	$vtp->closeSession( $sub, 'parent_forbidden' );
167	}
168	if ( $is_user_allowed == 0 )
169	{
170	$vtp->setVar( $sub, 'user.authorized_checked', ' checked="checked"' );
171	}
172	else
173	{
174	$vtp->setVar( $sub, 'user.forbidden_checked', ' checked="checked"' );
175	}
176	// user's group(s)
177	$query = 'SELECT g.name as groupname, g.id as groupid';
178	$query.= ' FROM '.PREFIX_TABLE.'groups as g';
179	$query.= ', '.PREFIX_TABLE.'user_group as ug';
180	$query.= ' WHERE ug.group_id = g.id';
181	$query.= ' AND ug.user_id = '.$row['id'];
182	$query.= ';';
183	$subresult = mysql_query( $query );
184	if ( mysql_num_rows( $subresult ) > 0 )
185	{
186	$vtp->addSession( $sub, 'usergroups' );
187	$i = 0;
188	while( $subrow = mysql_fetch_array( $subresult ) )
189	{
190	$vtp->addSession( $sub, 'usergroup' );
191	if ( in_array( $subrow['groupid'], $authorized_groups ) )
192	{
193	$vtp->setVar( $sub, 'usergroup.color', 'green' );
194	}
195	else
196	{
197	$vtp->setVar( $sub, 'usergroup.color', 'red' );
198	}
199	$vtp->setVar( $sub, 'usergroup.name', $subrow['groupname'] );
200	if ( $i < mysql_num_rows( $subresult ) - 1 )
201	{
202	$vtp->setVar( $sub, 'usergroup.separation', ',' );
203	}
204	$vtp->closeSession( $sub, 'usergroup' );
205	$i++;
206	}
207	$vtp->closeSession( $sub, 'usergroups' );
208	}
209	$vtp->closeSession( $sub, 'user' );
210	}
211	//----------------------------------------------------------- sending html code
212	$vtp->Parse( $handle , 'sub', $sub );
213	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: