Ignore:
Timestamp:
Jan 6, 2005, 5:33:04 PM (19 years ago)
Author:
gweltas
Message:
  • Group permission delivery
  • Reorganisation of common.lang.php
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/group_perm.php

    r642 r671  
    2525// | USA.                                                                  |
    2626// +-----------------------------------------------------------------------+
    27 include_once( './admin/include/isadmin.inc.php' );
     27if( !defined("PHPWG_ROOT_PATH") )
     28{
     29        die ("Hacking attempt!");
     30}
     31
     32include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
     33//--------------------------------------------------------------------- updates
     34if (isset($_POST['falsify'])
     35         and isset($_POST['cat_true'])
     36         and count($_POST['cat_true']) > 0)
     37{
     38  // if you forbid access to a category, all sub-categories become
     39  // automatically forbidden
     40  $subcats = get_subcat_ids($_POST['cat_true']);
     41  $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.'
     42    WHERE group_id = '.$_POST['group_id'].'
     43    AND cat_id IN ('.implode(',', $subcats).');';
     44  pwg_query($query);
     45}
     46else if (isset($_POST['trueify'])
     47         and isset($_POST['cat_false'])
     48         and count($_POST['cat_false']) > 0)
     49{
     50  $uppercats = get_uppercat_ids($_POST['cat_false']);
     51  $private_uppercats = array();
     52
     53  $query = 'SELECT id
     54    FROM '.CATEGORIES_TABLE.'
     55    WHERE id IN ('.implode(',', $uppercats).')
     56    AND status = \'private\';';
     57  $result = pwg_query($query);
     58  while ($row = mysql_fetch_array($result))
     59  {
     60    array_push($private_uppercats, $row['id']);
     61  }
     62
     63  // retrying to authorize a category which is already authorized may cause
     64  // an error (in SQL statement), so we need to know which categories are
     65  // accesible
     66  $authorized_ids = array();
     67   
     68  $query = 'SELECT cat_id
     69  FROM '.GROUP_ACCESS_TABLE.'
     70  WHERE group_id = '.$_POST['group_id'].';';
     71  $result = pwg_query($query);
     72 
     73  while ($row = mysql_fetch_array($result))
     74  {
     75    array_push($authorized_ids, $row['cat_id']);
     76  }
     77 
     78  $inserts = array();
     79  $to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
     80  foreach ($to_autorize_ids as $to_autorize_id)
     81  {
     82    array_push($inserts, array('group_id' => $_POST['group_id'],
     83                               'cat_id' => $to_autorize_id));
     84  }
     85
     86  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
     87}
     88
    2889//----------------------------------------------------- template initialization
    29 $sub = $vtp->Open( './template/'.$user['template'].'/admin/group_perm.vtp' );
    30 $error = array();
    31 $tpl = array( 'permuser_authorized','permuser_forbidden','submit',
    32               'permuser_parent_forbidden','permuser_info_message',
    33               'adduser_info_back','permuser_only_private' );
    34 templatize_array( $tpl, 'lang', $sub );
    35 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] );
    36 //--------------------------------------------------------------------- updates
    37 if ( isset( $_POST['submit'] ) )
    38 {
    39   // cleaning the user_access table for this group
    40   $query = 'DELETE FROM '.PREFIX_TABLE.'group_access';
    41   $query.= ' WHERE group_id = '.$_GET['group_id'];
    42   $query.= ';';
    43   pwg_query( $query );
    44   // selecting all private categories
    45   $query = 'SELECT id';
    46   $query.= ' FROM '.PREFIX_TABLE.'categories';
    47   $query.= " WHERE status = 'private'";
    48   $query.= ';';
    49   $result = pwg_query( $query );
    50   while ( $row = mysql_fetch_array( $result ) )
    51   {
    52     $radioname = 'access-'.$row['id'];
    53     if ( $_POST[$radioname] == 0 )
    54     {
    55       $query = 'INSERT INTO '.PREFIX_TABLE.'group_access';
    56       $query.= ' (group_id,cat_id) VALUES';
    57       $query.= ' ('.$_GET['group_id'].','.$row['id'].')';
    58       $query.= ';';
    59       pwg_query ( $query );
    60     }
    61   }
    62   // checking users favorites
    63   $query = 'SELECT id';
    64   $query.= ' FROM '.USERS_TABLE;
    65   $query.= ';';
    66   $result = pwg_query( $query );
    67   while ( $row = mysql_fetch_array( $result ) )
    68   {
    69     check_favorites( $row['id'] );
    70   }
    71   // synchronization of calculated data
    72   synchronize_group( $_GET['group_id'] );
    73   // confirmation display
    74   $vtp->addSession( $sub, 'confirmation' );
    75   $url = './admin.php?page=group_list';
    76   $vtp->setVar( $sub, 'confirmation.back_url', add_session_id( $url ) );
    77   $vtp->closeSession( $sub, 'confirmation' );
    78 }
    79 //---------------------------------------------------------------- form display
    80 $restrictions = get_group_restrictions( $_GET['group_id'] );
    81 $action = './admin.php?page=group_perm&group_id='.$_GET['group_id'];
    82 $vtp->setVar( $sub, 'action', add_session_id( $action ) );
    83 // only private categories are listed
    84 $query = 'SELECT id';
    85 $query.= ' FROM '.PREFIX_TABLE.'categories';
    86 $query.= " WHERE status = 'private'";
    87 $query.= ';';
     90$query = 'SELECT id,name FROM '.GROUPS_TABLE;
     91$query.= ' ORDER BY id ASC;';
    8892$result = pwg_query( $query );
     93$groups_display = '<select name="group_id">';
     94$groups_nb=0;
    8995while ( $row = mysql_fetch_array( $result ) )
    9096{
    91   $vtp->addSession( $sub, 'category' );
    92   $vtp->setVar( $sub, 'category.id', $row['id'] );
    93   $url = './admin.php?page=cat_perm&amp;cat_id='.$row['id'];
    94   $vtp->setVar( $sub, 'category.cat_perm_link', add_session_id( $url ) );
    95   // Is the group allowed to access this category
    96   $is_group_allowed = is_group_allowed( $row['id'], $restrictions );
    97   if ( $is_group_allowed == 0 )
     97  $groups_nb++;
     98  $selected = '';
     99  if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
     100                $selected = 'selected';
     101  $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name']  . '</option>';
     102}
     103$groups_display .= '</select>';
     104
     105$action = PHPWG_ROOT_PATH.'admin.php?page=group_perm';
     106$template->set_filenames( array('groups'=>'admin/group_perm.tpl') );
     107$template->assign_vars(array(
     108  'S_GROUP_SELECT'=>$groups_display,
     109  'L_GROUP_SELECT'=>$lang['group_list_title'],
     110  'L_LOOK_UP'=>$lang['edit'],
     111  'S_GROUP_ACTION'=>add_session_id($action)
     112  ));
     113 
     114if ($groups_nb)
     115{
     116  $template->assign_block_vars('select_box',array());
     117}
     118
     119if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify']))
     120{
     121  $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl'));
     122  $template->assign_vars(array(
     123      'L_RESET'=>$lang['reset'],
     124      'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
     125      'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
     126      'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
     127     
     128      'HIDDEN_NAME'=> 'group_id',
     129      'HIDDEN_VALUE'=>$_POST['group_id'],
     130      'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'),
     131  ));
     132 
     133  // only private categories are listed
     134  $query_true = '
     135SELECT id,name,uppercats,global_rank
     136  FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id
     137  WHERE status = \'private\'
     138    AND group_id = '.$_POST['group_id'].'
     139;';
     140  display_select_cat_wrapper($query_true,array(),'category_option_true');
     141 
     142  $result = pwg_query($query_true);
     143  $authorized_ids = array();
     144  while ($row = mysql_fetch_array($result))
    98145  {
    99     $vtp->setVar( $sub, 'category.color', 'green' );
     146    array_push($authorized_ids, $row['id']);
    100147  }
    101   else
     148 
     149  $query_false = '
     150SELECT id,name,uppercats,global_rank
     151  FROM '.CATEGORIES_TABLE.'
     152  WHERE status = \'private\'';
     153  if (count($authorized_ids) > 0)
    102154  {
    103     $vtp->setVar( $sub, 'category.color', 'red' );
     155    $query_false.= '
     156    AND id NOT IN ('.implode(',', $authorized_ids).')';
    104157  }
    105   // category name
    106   $cat_infos = get_cat_info( $row['id'] );
    107   $name = get_cat_display_name($cat_infos['name']);
    108   $vtp->setVar( $sub, 'category.name', $name );
    109   // any subcat forbidden for this group ?
    110   if ( $is_group_allowed == 2 )
    111   {
    112     $vtp->addSession( $sub, 'parent_forbidden' );
    113     $vtp->closeSession( $sub, 'parent_forbidden' );
    114   }
    115   // forbidden or authorized access ?
    116   if ( $is_group_allowed == 0 or $is_group_allowed == 2 )
    117   {
    118     $vtp->setVar( $sub, 'category.authorized_checked', ' checked="checked"' );
    119   }
    120   else
    121   {
    122     $vtp->setVar( $sub, 'category.forbidden_checked', ' checked="checked"' );
    123   }
    124   $vtp->closeSession( $sub, 'category' );
     158  $query_false.= '
     159;';
     160  display_select_cat_wrapper($query_false,array(),'category_option_false');
     161 
     162  $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth');
    125163}
    126164//----------------------------------------------------------- sending html code
    127 $vtp->Parse( $handle , 'sub', $sub );
     165$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
     166
    128167?>
Note: See TracChangeset for help on using the changeset viewer.