Context Navigation

source: trunk/admin/user_perm.php @ 345

Last change on this file since 345 was 345, checked in by gweltas, 20 years ago
Merge of the 1.3.1 release Creation of an unique include file (common.php) Creation of an unique define file (include/constants.php) Modification of the installation procedure
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 7.0 KB

Line
1	<?php
2	/***************************************************************************
3	* user_perm.php *
4	* ------------------ *
5	* application : PhpWebGallery 1.3 <http://phpwebgallery.net> *
6	* author : Pierrick LE GALL <pierrick@z0rglub.com> *
7	* *
8	* $Id: user_perm.php 345 2004-02-02 00:55:18Z gweltas $
9	* *
10	***************************************************************************/
11
12	/***************************************************************************
13	* *
14	* This program is free software; you can redistribute it and/or modify *
15	* it under the terms of the GNU General Public License as published by *
16	* the Free Software Foundation; *
17	* *
18	***************************************************************************/
19	include_once( './admin/include/isadmin.inc.php' );
20	//----------------------------------------------------- template initialization
21	$sub = $vtp->Open( './template/'.$user['template'].'/admin/user_perm.vtp' );
22	$error = array();
23	$tpl = array( 'permuser_authorized','permuser_forbidden','submit',
24	'permuser_parent_forbidden','permuser_info_message',
25	'adduser_info_back','permuser_only_private' );
26	templatize_array( $tpl, 'lang', $sub );
27	$vtp->setGlobalVar( $sub, 'user_template', $user['template'] );
28	//--------------------------------------------------------------------- updates
29	if ( isset( $_POST['submit'] ) )
30	{
31	// cleaning the user_access table for this user
32	$query = 'DELETE FROM '.PREFIX_TABLE.'user_access';
33	$query.= ' WHERE user_id = '.$_GET['user_id'];
34	$query.= ';';
35	mysql_query( $query );
36	// selecting all private categories
37	$query = 'SELECT id';
38	$query.= ' FROM '.PREFIX_TABLE.'categories';
39	$query.= " WHERE status = 'private'";
40	$query.= ';';
41	$result = mysql_query( $query );
42	while ( $row = mysql_fetch_array( $result ) )
43	{
44	$radioname = 'access-'.$row['id'];
45	if ( $_POST[$radioname] == 0 )
46	{
47	$query = 'INSERT INTO '.PREFIX_TABLE.'user_access';
48	$query.= ' (user_id,cat_id) VALUES';
49	$query.= ' ('.$_GET['user_id'].','.$row['id'].')';
50	$query.= ';';
51	mysql_query ( $query );
52	}
53	}
54	check_favorites( $_GET['user_id'] );
55	synchronize_user( $_GET['user_id'] );
56	$vtp->addSession( $sub, 'confirmation' );
57	$url = './admin.php?page=user_list';
58	$vtp->setVar( $sub, 'confirmation.back_url', add_session_id( $url ) );
59	$vtp->closeSession( $sub, 'confirmation' );
60	}
61	//---------------------------------------------------------------- form display
62	$restrictions = get_user_restrictions( $_GET['user_id'], $page['user_status'],
63	false, false );
64	$action = './admin.php?page=user_perm&user_id='.$_GET['user_id'];
65	$vtp->setVar( $sub, 'action', add_session_id( $action ) );
66	// Association of group_ids with group_names -> caching informations
67	$query = 'SELECT id,name';
68	$query.= ' FROM '.PREFIX_TABLE.'groups';
69	$query.= ';';
70	$result = mysql_query( $query );
71	$groups = array();
72	while ( $row = mysql_fetch_array( $result ) )
73	{
74	$groups[$row['id']] = $row['name'];
75	}
76	// Listing of groups the user belongs to
77	$query = 'SELECT ug.group_id as groupid';
78	$query.= ' FROM '.PREFIX_TABLE.'user_group as ug';
79	$query.= ' WHERE user_id = '.$_GET['user_id'];
80	$query.= ';';
81	$result = mysql_query( $query );
82	$usergroups = array();
83	while ( $row = mysql_fetch_array( $result ) )
84	{
85	array_push( $usergroups, $row['groupid'] );
86	}
87	// only private categories are listed
88	$query = 'SELECT id';
89	$query.= ' FROM '.PREFIX_TABLE.'categories';
90	$query.= " WHERE status = 'private'";
91	$query.= ';';
92	$result = mysql_query( $query );
93	while ( $row = mysql_fetch_array( $result ) )
94	{
95	$vtp->addSession( $sub, 'category' );
96	$vtp->setVar( $sub, 'category.id', $row['id'] );
97	// we have to know whether the user is authorized to access this
98	// category. The category can be accessible for this user thanks to his
99	// personnal access rights OR thanks to the access rights of a group he
100	// belongs to.
101	// 1. group access :
102	// retrieving all authorized groups for this category and for this user
103	$query = 'SELECT ga.group_id as groupid';
104	$query.= ' FROM '.PREFIX_TABLE.'group_access as ga';
105	$query.= ', '.PREFIX_TABLE.'user_group as ug';
106	$query.= ' WHERE ga.group_id = ug.group_id';
107	$query.= ' AND ug.user_id = '.$_GET['user_id'];
108	$query.= ' AND cat_id = '.$row['id'];
109	$query.= ';';
110	$subresult = mysql_query( $query );
111	$authorized_groups = array();
112	while ( $subrow = mysql_fetch_array( $subresult ) )
113	{
114	array_push( $authorized_groups, $subrow['groupid'] );
115	}
116	// 2. personnal access
117	$is_user_allowed = is_user_allowed( $row['id'], $restrictions );
118	// link to the category permission management
119	$url = './admin.php?page=cat_perm&cat_id='.$row['id'];
120	$vtp->setVar( $sub, 'category.cat_perm_link', add_session_id( $url ) );
121	// color of the category : green if the user is allowed by himself or
122	// thanks to a group he belongs to
123	if ( $is_user_allowed == 0 or count( $authorized_groups ) > 0 )
124	{
125	$vtp->setVar( $sub, 'category.color', 'green' );
126	}
127	else
128	{
129	$vtp->setVar( $sub, 'category.color', 'red' );
130	}
131	// category name
132	$cat_infos = get_cat_info( $row['id'] );
133	$name = get_cat_display_name( $cat_infos['name'],' > ',
134	'font-weight:bold;' );
135	$vtp->setVar( $sub, 'category.name', $name );
136	// usergroups
137	if ( count( $usergroups ) > 0 )
138	{
139	$vtp->addSession( $sub, 'usergroups' );
140	foreach ( $usergroups as $i => $usergroup ) {
141	$vtp->addSession( $sub, 'usergroup' );
142	$vtp->setVar( $sub, 'usergroup.name', $groups[$usergroup] );
143	$url = './admin.php?page=group_perm&group_id='.$usergroup;
144	$vtp->setVar( $sub, 'usergroup.url', add_session_id( $url ) );
145	if ( in_array( $usergroup, $authorized_groups ) )
146	{
147	$vtp->setVar( $sub, 'usergroup.color', 'green' );
148	}
149	else
150	{
151	$vtp->setVar( $sub, 'usergroup.color', 'red' );
152	}
153	if ( $i < count( $usergroups ) - 1 )
154	{
155	$vtp->setVar( $sub, 'usergroup.separation', ',' );
156	}
157	$vtp->closeSession( $sub, 'usergroup' );
158	}
159	$vtp->closeSession( $sub, 'usergroups' );
160	}
161	// any subcat forbidden for this user ?
162	if ( $is_user_allowed == 2 )
163	{
164	$vtp->addSession( $sub, 'parent_forbidden' );
165	$vtp->closeSession( $sub, 'parent_forbidden' );
166	}
167	// personnal forbidden or authorized access ?
168	if ( $is_user_allowed == 0 )
169	{
170	$vtp->setVar( $sub, 'category.authorized_checked', ' checked="checked"' );
171	}
172	else
173	{
174	$vtp->setVar( $sub, 'category.forbidden_checked', ' checked="checked"' );
175	}
176	$vtp->closeSession( $sub, 'category' );
177	}
178	//----------------------------------------------------------- sending html code
179	$vtp->Parse( $handle , 'sub', $sub );
180	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: