1 | <?php |
---|
2 | // +-----------------------------------------------------------------------+ |
---|
3 | // | PhpWebGallery - a PHP based picture gallery | |
---|
4 | // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | |
---|
5 | // | Copyright (C) 2003-2004 PhpWebGallery Team - http://phpwebgallery.net | |
---|
6 | // +-----------------------------------------------------------------------+ |
---|
7 | // | branch : BSF (Best So Far) |
---|
8 | // | file : $RCSfile$ |
---|
9 | // | last update : $Date: 2004-12-23 14:59:37 +0000 (Thu, 23 Dec 2004) $ |
---|
10 | // | last modifier : $Author: gweltas $ |
---|
11 | // | revision : $Revision: 655 $ |
---|
12 | // +-----------------------------------------------------------------------+ |
---|
13 | // | This program is free software; you can redistribute it and/or modify | |
---|
14 | // | it under the terms of the GNU General Public License as published by | |
---|
15 | // | the Free Software Foundation | |
---|
16 | // | | |
---|
17 | // | This program is distributed in the hope that it will be useful, but | |
---|
18 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
19 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
20 | // | General Public License for more details. | |
---|
21 | // | | |
---|
22 | // | You should have received a copy of the GNU General Public License | |
---|
23 | // | along with this program; if not, write to the Free Software | |
---|
24 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
25 | // | USA. | |
---|
26 | // +-----------------------------------------------------------------------+ |
---|
27 | |
---|
28 | if( !defined("IN_ADMIN") ) |
---|
29 | { |
---|
30 | die ("Hacking attempt!"); |
---|
31 | } |
---|
32 | include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); |
---|
33 | |
---|
34 | $userdata = array(); |
---|
35 | if ( isset( $_POST['submituser'] ) ) |
---|
36 | { |
---|
37 | $userdata = getuserdata($_POST['username']); |
---|
38 | } |
---|
39 | elseif (isset($_POST['falsify']) || isset($_POST['trueify'])) |
---|
40 | { |
---|
41 | $userdata = getuserdata(intval($_POST['userid'])); |
---|
42 | // cleaning the user_access table for this user |
---|
43 | if (isset($_POST['cat_true']) && count($_POST['cat_true']) > 0) |
---|
44 | { |
---|
45 | foreach ($_POST['cat_true'] as $auth_cat) |
---|
46 | { |
---|
47 | $query = 'DELETE FROM '.USER_ACCESS_TABLE; |
---|
48 | $query.= ' WHERE user_id = '.$userdata['id']; |
---|
49 | $query.= ' AND cat_id='.$auth_cat.';'; |
---|
50 | pwg_query ( $query ); |
---|
51 | } |
---|
52 | } |
---|
53 | |
---|
54 | if (isset($_POST['cat_false']) && count($_POST['cat_false']) > 0) |
---|
55 | { |
---|
56 | foreach ($_POST['cat_false'] as $auth_cat) |
---|
57 | { |
---|
58 | $query = 'INSERT INTO '.USER_ACCESS_TABLE; |
---|
59 | $query.= ' (user_id,cat_id) VALUES'; |
---|
60 | $query.= ' ('.$userdata['id'].','.$auth_cat.')'; |
---|
61 | $query.= ';'; |
---|
62 | pwg_query ( $query ); |
---|
63 | } |
---|
64 | } |
---|
65 | } |
---|
66 | |
---|
67 | //----------------------------------------------------- template initialization |
---|
68 | |
---|
69 | if ( empty($userdata)) |
---|
70 | { |
---|
71 | $template->set_filenames( array('user'=>'admin/user_perm.tpl') ); |
---|
72 | $template->assign_vars(array( |
---|
73 | 'L_SELECT_USERNAME'=>$lang['Select_username'], |
---|
74 | 'L_LOOKUP_USER'=>$lang['Look_up_user'], |
---|
75 | 'L_FIND_USERNAME'=>$lang['Find_username'], |
---|
76 | 'L_AUTH_USER'=>$lang['permuser_only_private'], |
---|
77 | 'L_SUBMIT'=>$lang['submit'], |
---|
78 | |
---|
79 | 'F_SEARCH_USER_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_perm'), |
---|
80 | 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') |
---|
81 | )); |
---|
82 | } |
---|
83 | else |
---|
84 | { |
---|
85 | $cat_url = '<a href="'.add_session_id(PHPWG_ROOT_PATH.'admin.php?page=cat_options§ion=status'); |
---|
86 | $cat_url .= '">'.$lang['permuser_info_link'].'</a>'; |
---|
87 | $template->set_filenames( array('user'=>'admin/cat_options.tpl') ); |
---|
88 | $template->assign_vars(array( |
---|
89 | 'L_RESET'=>$lang['reset'], |
---|
90 | 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], |
---|
91 | 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], |
---|
92 | 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'].' '.$cat_url, |
---|
93 | |
---|
94 | 'HIDDEN_NAME'=> 'userid', |
---|
95 | 'HIDDEN_VALUE'=>$userdata['id'], |
---|
96 | 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_perm'), |
---|
97 | )); |
---|
98 | |
---|
99 | |
---|
100 | // only private categories are listed |
---|
101 | $query_true = 'SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE; |
---|
102 | $query_true.= ' LEFT JOIN '.USER_ACCESS_TABLE.' as u'; |
---|
103 | $query_true.= ' ON u.cat_id=id'; |
---|
104 | $query_true.= ' WHERE status = \'private\' AND u.user_id='.$userdata['id'].';'; |
---|
105 | $result = pwg_query($query_true); |
---|
106 | $categorie_true = array(); |
---|
107 | while (!empty($result) && $row = mysql_fetch_array($result)) |
---|
108 | { |
---|
109 | array_push($categorie_true, $row); |
---|
110 | } |
---|
111 | |
---|
112 | $query = 'SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE; |
---|
113 | $query.= ' WHERE status = \'private\''; |
---|
114 | $result = pwg_query($query); |
---|
115 | $categorie_false = array(); |
---|
116 | while ($row = mysql_fetch_array($result)) |
---|
117 | { |
---|
118 | if (!in_array($row,$categorie_true)) |
---|
119 | array_push($categorie_false, $row); |
---|
120 | } |
---|
121 | usort($categorie_true, 'global_rank_compare'); |
---|
122 | usort($categorie_false, 'global_rank_compare'); |
---|
123 | display_select_categories($categorie_true, array(), 'category_option_true', true); |
---|
124 | display_select_categories($categorie_false, array(), 'category_option_false', true); |
---|
125 | } |
---|
126 | |
---|
127 | //----------------------------------------------------------- sending html code |
---|
128 | $template->assign_var_from_handle('ADMIN_CONTENT', 'user'); |
---|
129 | ?> |
---|