Changeset 671 for trunk/admin/group_perm.php
- Timestamp:
- Jan 6, 2005, 5:33:04 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/group_perm.php
r642 r671 25 25 // | USA. | 26 26 // +-----------------------------------------------------------------------+ 27 include_once( './admin/include/isadmin.inc.php' ); 27 if( !defined("PHPWG_ROOT_PATH") ) 28 { 29 die ("Hacking attempt!"); 30 } 31 32 include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); 33 //--------------------------------------------------------------------- updates 34 if (isset($_POST['falsify']) 35 and isset($_POST['cat_true']) 36 and count($_POST['cat_true']) > 0) 37 { 38 // if you forbid access to a category, all sub-categories become 39 // automatically forbidden 40 $subcats = get_subcat_ids($_POST['cat_true']); 41 $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.' 42 WHERE group_id = '.$_POST['group_id'].' 43 AND cat_id IN ('.implode(',', $subcats).');'; 44 pwg_query($query); 45 } 46 else if (isset($_POST['trueify']) 47 and isset($_POST['cat_false']) 48 and count($_POST['cat_false']) > 0) 49 { 50 $uppercats = get_uppercat_ids($_POST['cat_false']); 51 $private_uppercats = array(); 52 53 $query = 'SELECT id 54 FROM '.CATEGORIES_TABLE.' 55 WHERE id IN ('.implode(',', $uppercats).') 56 AND status = \'private\';'; 57 $result = pwg_query($query); 58 while ($row = mysql_fetch_array($result)) 59 { 60 array_push($private_uppercats, $row['id']); 61 } 62 63 // retrying to authorize a category which is already authorized may cause 64 // an error (in SQL statement), so we need to know which categories are 65 // accesible 66 $authorized_ids = array(); 67 68 $query = 'SELECT cat_id 69 FROM '.GROUP_ACCESS_TABLE.' 70 WHERE group_id = '.$_POST['group_id'].';'; 71 $result = pwg_query($query); 72 73 while ($row = mysql_fetch_array($result)) 74 { 75 array_push($authorized_ids, $row['cat_id']); 76 } 77 78 $inserts = array(); 79 $to_autorize_ids = array_diff($private_uppercats, $authorized_ids); 80 foreach ($to_autorize_ids as $to_autorize_id) 81 { 82 array_push($inserts, array('group_id' => $_POST['group_id'], 83 'cat_id' => $to_autorize_id)); 84 } 85 86 mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); 87 } 88 28 89 //----------------------------------------------------- template initialization 29 $sub = $vtp->Open( './template/'.$user['template'].'/admin/group_perm.vtp' ); 30 $error = array(); 31 $tpl = array( 'permuser_authorized','permuser_forbidden','submit', 32 'permuser_parent_forbidden','permuser_info_message', 33 'adduser_info_back','permuser_only_private' ); 34 templatize_array( $tpl, 'lang', $sub ); 35 $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); 36 //--------------------------------------------------------------------- updates 37 if ( isset( $_POST['submit'] ) ) 38 { 39 // cleaning the user_access table for this group 40 $query = 'DELETE FROM '.PREFIX_TABLE.'group_access'; 41 $query.= ' WHERE group_id = '.$_GET['group_id']; 42 $query.= ';'; 43 pwg_query( $query ); 44 // selecting all private categories 45 $query = 'SELECT id'; 46 $query.= ' FROM '.PREFIX_TABLE.'categories'; 47 $query.= " WHERE status = 'private'"; 48 $query.= ';'; 49 $result = pwg_query( $query ); 50 while ( $row = mysql_fetch_array( $result ) ) 51 { 52 $radioname = 'access-'.$row['id']; 53 if ( $_POST[$radioname] == 0 ) 54 { 55 $query = 'INSERT INTO '.PREFIX_TABLE.'group_access'; 56 $query.= ' (group_id,cat_id) VALUES'; 57 $query.= ' ('.$_GET['group_id'].','.$row['id'].')'; 58 $query.= ';'; 59 pwg_query ( $query ); 60 } 61 } 62 // checking users favorites 63 $query = 'SELECT id'; 64 $query.= ' FROM '.USERS_TABLE; 65 $query.= ';'; 66 $result = pwg_query( $query ); 67 while ( $row = mysql_fetch_array( $result ) ) 68 { 69 check_favorites( $row['id'] ); 70 } 71 // synchronization of calculated data 72 synchronize_group( $_GET['group_id'] ); 73 // confirmation display 74 $vtp->addSession( $sub, 'confirmation' ); 75 $url = './admin.php?page=group_list'; 76 $vtp->setVar( $sub, 'confirmation.back_url', add_session_id( $url ) ); 77 $vtp->closeSession( $sub, 'confirmation' ); 78 } 79 //---------------------------------------------------------------- form display 80 $restrictions = get_group_restrictions( $_GET['group_id'] ); 81 $action = './admin.php?page=group_perm&group_id='.$_GET['group_id']; 82 $vtp->setVar( $sub, 'action', add_session_id( $action ) ); 83 // only private categories are listed 84 $query = 'SELECT id'; 85 $query.= ' FROM '.PREFIX_TABLE.'categories'; 86 $query.= " WHERE status = 'private'"; 87 $query.= ';'; 90 $query = 'SELECT id,name FROM '.GROUPS_TABLE; 91 $query.= ' ORDER BY id ASC;'; 88 92 $result = pwg_query( $query ); 93 $groups_display = '<select name="group_id">'; 94 $groups_nb=0; 89 95 while ( $row = mysql_fetch_array( $result ) ) 90 96 { 91 $vtp->addSession( $sub, 'category' ); 92 $vtp->setVar( $sub, 'category.id', $row['id'] ); 93 $url = './admin.php?page=cat_perm&cat_id='.$row['id']; 94 $vtp->setVar( $sub, 'category.cat_perm_link', add_session_id( $url ) ); 95 // Is the group allowed to access this category 96 $is_group_allowed = is_group_allowed( $row['id'], $restrictions ); 97 if ( $is_group_allowed == 0 ) 97 $groups_nb++; 98 $selected = ''; 99 if (isset($_POST['group_id']) && $_POST['group_id']==$row['id']) 100 $selected = 'selected'; 101 $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>'; 102 } 103 $groups_display .= '</select>'; 104 105 $action = PHPWG_ROOT_PATH.'admin.php?page=group_perm'; 106 $template->set_filenames( array('groups'=>'admin/group_perm.tpl') ); 107 $template->assign_vars(array( 108 'S_GROUP_SELECT'=>$groups_display, 109 'L_GROUP_SELECT'=>$lang['group_list_title'], 110 'L_LOOK_UP'=>$lang['edit'], 111 'S_GROUP_ACTION'=>add_session_id($action) 112 )); 113 114 if ($groups_nb) 115 { 116 $template->assign_block_vars('select_box',array()); 117 } 118 119 if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify'])) 120 { 121 $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl')); 122 $template->assign_vars(array( 123 'L_RESET'=>$lang['reset'], 124 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], 125 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], 126 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], 127 128 'HIDDEN_NAME'=> 'group_id', 129 'HIDDEN_VALUE'=>$_POST['group_id'], 130 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'), 131 )); 132 133 // only private categories are listed 134 $query_true = ' 135 SELECT id,name,uppercats,global_rank 136 FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id 137 WHERE status = \'private\' 138 AND group_id = '.$_POST['group_id'].' 139 ;'; 140 display_select_cat_wrapper($query_true,array(),'category_option_true'); 141 142 $result = pwg_query($query_true); 143 $authorized_ids = array(); 144 while ($row = mysql_fetch_array($result)) 98 145 { 99 $vtp->setVar( $sub, 'category.color', 'green');146 array_push($authorized_ids, $row['id']); 100 147 } 101 else 148 149 $query_false = ' 150 SELECT id,name,uppercats,global_rank 151 FROM '.CATEGORIES_TABLE.' 152 WHERE status = \'private\''; 153 if (count($authorized_ids) > 0) 102 154 { 103 $vtp->setVar( $sub, 'category.color', 'red' ); 155 $query_false.= ' 156 AND id NOT IN ('.implode(',', $authorized_ids).')'; 104 157 } 105 // category name 106 $cat_infos = get_cat_info( $row['id'] ); 107 $name = get_cat_display_name($cat_infos['name']); 108 $vtp->setVar( $sub, 'category.name', $name ); 109 // any subcat forbidden for this group ? 110 if ( $is_group_allowed == 2 ) 111 { 112 $vtp->addSession( $sub, 'parent_forbidden' ); 113 $vtp->closeSession( $sub, 'parent_forbidden' ); 114 } 115 // forbidden or authorized access ? 116 if ( $is_group_allowed == 0 or $is_group_allowed == 2 ) 117 { 118 $vtp->setVar( $sub, 'category.authorized_checked', ' checked="checked"' ); 119 } 120 else 121 { 122 $vtp->setVar( $sub, 'category.forbidden_checked', ' checked="checked"' ); 123 } 124 $vtp->closeSession( $sub, 'category' ); 158 $query_false.= ' 159 ;'; 160 display_select_cat_wrapper($query_false,array(),'category_option_false'); 161 162 $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth'); 125 163 } 126 164 //----------------------------------------------------------- sending html code 127 $vtp->Parse( $handle , 'sub', $sub ); 165 $template->assign_var_from_handle('ADMIN_CONTENT', 'groups'); 166 128 167 ?>
Note: See TracChangeset
for help on using the changeset viewer.