Context Navigation

source: trunk/admin/group_perm.php @ 2297

Last change on this file since 2297 was 2297, checked in by plg, 16 years ago
Modification: new header on PHP files, PhpWebGallery renamed Piwigo.
Property svn:eol-style set to `LF` Property svn:keywords set to `Author Date Id Revision`
File size: 7.7 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23	// +-----------------------------------------------------------------------+
24	// \| PhpWebGallery - a PHP based picture gallery \|
25	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
26	// \| Copyright (C) 2003-2008 PhpWebGallery Team - http://phpwebgallery.net \|
27	// +-----------------------------------------------------------------------+
28	// \| file : $Id: group_perm.php 2297 2008-04-04 22:57:23Z plg $
29	// \| last update : $Date: 2008-04-04 22:57:23 +0000 (Fri, 04 Apr 2008) $
30	// \| last modifier : $Author: plg $
31	// \| revision : $Revision: 2297 $
32	// +-----------------------------------------------------------------------+
33	// \| This program is free software; you can redistribute it and/or modify \|
34	// \| it under the terms of the GNU General Public License as published by \|
35	// \| the Free Software Foundation \|
36	// \| \|
37	// \| This program is distributed in the hope that it will be useful, but \|
38	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
39	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
40	// \| General Public License for more details. \|
41	// \| \|
42	// \| You should have received a copy of the GNU General Public License \|
43	// \| along with this program; if not, write to the Free Software \|
44	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
45	// \| USA. \|
46	// +-----------------------------------------------------------------------+
47
48	if( !defined("PHPWG_ROOT_PATH") )
49	{
50	die ("Hacking attempt!");
51	}
52
53	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
54
55	// +-----------------------------------------------------------------------+
56	// \| Check Access and exit when user status is not ok \|
57	// +-----------------------------------------------------------------------+
58	check_status(ACCESS_ADMINISTRATOR);
59
60	// +-----------------------------------------------------------------------+
61	// \| variables init \|
62	// +-----------------------------------------------------------------------+
63
64	if (isset($_GET['group_id']) and is_numeric($_GET['group_id']))
65	{
66	$page['group'] = $_GET['group_id'];
67	}
68	else
69	{
70	die('group_id URL parameter is missing');
71	}
72
73	// +-----------------------------------------------------------------------+
74	// \| updates \|
75	// +-----------------------------------------------------------------------+
76
77	if (isset($_POST['falsify'])
78	and isset($_POST['cat_true'])
79	and count($_POST['cat_true']) > 0)
80	{
81	// if you forbid access to a category, all sub-categories become
82	// automatically forbidden
83	$subcats = get_subcat_ids($_POST['cat_true']);
84	$query = '
85	DELETE
86	FROM '.GROUP_ACCESS_TABLE.'
87	WHERE group_id = '.$page['group'].'
88	AND cat_id IN ('.implode(',', $subcats).')
89	;';
90	pwg_query($query);
91	}
92	else if (isset($_POST['trueify'])
93	and isset($_POST['cat_false'])
94	and count($_POST['cat_false']) > 0)
95	{
96	$uppercats = get_uppercat_ids($_POST['cat_false']);
97	$private_uppercats = array();
98
99	$query = '
100	SELECT id
101	FROM '.CATEGORIES_TABLE.'
102	WHERE id IN ('.implode(',', $uppercats).')
103	AND status = \'private\'
104	;';
105	$result = pwg_query($query);
106	while ($row = mysql_fetch_array($result))
107	{
108	array_push($private_uppercats, $row['id']);
109	}
110
111	// retrying to authorize a category which is already authorized may cause
112	// an error (in SQL statement), so we need to know which categories are
113	// accesible
114	$authorized_ids = array();
115
116	$query = '
117	SELECT cat_id
118	FROM '.GROUP_ACCESS_TABLE.'
119	WHERE group_id = '.$page['group'].'
120	;';
121	$result = pwg_query($query);
122
123	while ($row = mysql_fetch_array($result))
124	{
125	array_push($authorized_ids, $row['cat_id']);
126	}
127
128	$inserts = array();
129	$to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
130	foreach ($to_autorize_ids as $to_autorize_id)
131	{
132	array_push(
133	$inserts,
134	array(
135	'group_id' => $page['group'],
136	'cat_id' => $to_autorize_id
137	)
138	);
139	}
140
141	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
142	}
143
144	// +-----------------------------------------------------------------------+
145	// \| template init \|
146	// +-----------------------------------------------------------------------+
147
148	$template->set_filenames(
149	array(
150	'group_perm' => 'admin/group_perm.tpl',
151	'double_select' => 'admin/double_select.tpl'
152	)
153	);
154
155	$template->assign(
156	array(
157	'TITLE' =>
158	sprintf(
159	l10n('Manage permissions for group "%s"'),
160	get_groupname($page['group']
161	)
162	),
163	'L_CAT_OPTIONS_TRUE'=>l10n('authorized'),
164	'L_CAT_OPTIONS_FALSE'=>l10n('forbidden'),
165
166	'F_ACTION' =>
167	get_root_url().
168	'admin.php?page=group_perm&group_id='.
169	$page['group']
170	)
171	);
172
173	// only private categories are listed
174	$query_true = '
175	SELECT id,name,uppercats,global_rank
176	FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id
177	WHERE status = \'private\'
178	AND group_id = '.$page['group'].'
179	;';
180	display_select_cat_wrapper($query_true,array(),'category_option_true');
181
182	$result = pwg_query($query_true);
183	$authorized_ids = array();
184	while ($row = mysql_fetch_array($result))
185	{
186	array_push($authorized_ids, $row['id']);
187	}
188
189	$query_false = '
190	SELECT id,name,uppercats,global_rank
191	FROM '.CATEGORIES_TABLE.'
192	WHERE status = \'private\'';
193	if (count($authorized_ids) > 0)
194	{
195	$query_false.= '
196	AND id NOT IN ('.implode(',', $authorized_ids).')';
197	}
198	$query_false.= '
199	;';
200	display_select_cat_wrapper($query_false,array(),'category_option_false');
201
202	// +-----------------------------------------------------------------------+
203	// \| html code display \|
204	// +-----------------------------------------------------------------------+
205
206	$template->assign_var_from_handle('DOUBLE_SELECT', 'double_select');
207	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_perm');
208
209	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: