Changeset 815 for trunk/admin/user_perm.php
- Timestamp:
- Aug 16, 2005, 5:19:40 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/user_perm.php
r709 r815 32 32 include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php'); 33 33 34 $userdata = array(); 35 if (isset($_POST['submituser'])) 34 // +-----------------------------------------------------------------------+ 35 // | variables init | 36 // +-----------------------------------------------------------------------+ 37 38 if (isset($_GET['user_id']) and is_numeric($_GET['user_id'])) 36 39 { 37 $ userdata = getuserdata($_POST['username']);40 $page['user'] = $_GET['user_id']; 38 41 } 39 else if (isset($_GET['user_id']))42 else 40 43 { 41 $userdata = getuserdata(intval($_GET['user_id'])); 44 echo l10n('user_id URL parameter is missing'); 45 exit(); 42 46 } 43 else if (isset($_POST['falsify']) 44 and isset($_POST['cat_true']) 45 and count($_POST['cat_true']) > 0) 47 48 // +-----------------------------------------------------------------------+ 49 // | updates | 50 // +-----------------------------------------------------------------------+ 51 52 if (isset($_POST['falsify']) 53 and isset($_POST['cat_true']) 54 and count($_POST['cat_true']) > 0) 46 55 { 47 $userdata = getuserdata(intval($_POST['userid']));48 56 // if you forbid access to a category, all sub-categories become 49 57 // automatically forbidden … … 51 59 $query = ' 52 60 DELETE FROM '.USER_ACCESS_TABLE.' 53 WHERE user_id = '.$ userdata['id'].'61 WHERE user_id = '.$page['user'].' 54 62 AND cat_id IN ('.implode(',', $subcats).') 55 63 ;'; … … 60 68 and count($_POST['cat_false']) > 0) 61 69 { 62 $userdata = getuserdata(intval($_POST['userid']));63 64 70 $uppercats = get_uppercat_ids($_POST['cat_false']); 65 71 $private_uppercats = array(); … … 85 91 SELECT cat_id 86 92 FROM '.USER_ACCESS_TABLE.' 87 WHERE user_id = '.$ userdata['id'].'93 WHERE user_id = '.$page['user'].' 88 94 ;'; 89 95 $result = pwg_query($query); … … 98 104 foreach ($to_autorize_ids as $to_autorize_id) 99 105 { 100 array_push($inserts, array('user_id' => $ userdata['id'],106 array_push($inserts, array('user_id' => $page['user'], 101 107 'cat_id' => $to_autorize_id)); 102 108 } … … 105 111 } 106 112 //----------------------------------------------------- template initialization 107 if (empty($userdata)) 108 { 109 $template->set_filenames(array('user' => 'admin/user_perm.tpl')); 113 $template->set_filenames(array('user_perm'=>'admin/cat_options.tpl')); 110 114 111 $base_url = PHPWG_ROOT_PATH.'admin.php?page='; 112 113 $template->assign_vars(array( 114 'L_SELECT_USERNAME'=>$lang['Select_username'], 115 'L_LOOKUP_USER'=>$lang['Look_up_user'], 116 'L_FIND_USERNAME'=>$lang['Find_username'], 117 'L_AUTH_USER'=>$lang['permuser_only_private'], 118 'L_SUBMIT'=>$lang['submit'], 115 $template->assign_vars( 116 array( 117 'L_RESET'=>$lang['reset'], 118 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], 119 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], 120 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], 121 122 'F_ACTION' => 123 add_session_id( 124 PHPWG_ROOT_PATH. 125 'admin.php?page=user_perm'. 126 '&user_id='.$page['user'] 127 ) 128 ) 129 ); 119 130 120 'F_SEARCH_USER_ACTION' => add_session_id($base_url.'user_perm'), 121 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') 122 )); 123 } 124 else 125 { 126 $template->set_filenames(array('user'=>'admin/cat_options.tpl')); 127 $template->assign_vars( 128 array( 129 'L_RESET'=>$lang['reset'], 130 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], 131 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], 132 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], 133 134 'HIDDEN_NAME'=> 'userid', 135 'HIDDEN_VALUE'=>$userdata['id'], 136 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_perm'), 137 )); 138 139 // only private categories are listed 140 $query_true = ' 131 // only private categories are listed 132 $query_true = ' 141 133 SELECT id,name,uppercats,global_rank 142 134 FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_ACCESS_TABLE.' ON cat_id = id 143 135 WHERE status = \'private\' 144 AND user_id = '.$ userdata['id'].'136 AND user_id = '.$page['user'].' 145 137 ;'; 146 138 display_select_cat_wrapper($query_true,array(),'category_option_true'); 147 139 148 149 150 151 152 153 154 155 140 $result = pwg_query($query_true); 141 $authorized_ids = array(); 142 while ($row = mysql_fetch_array($result)) 143 { 144 array_push($authorized_ids, $row['id']); 145 } 146 147 $query_false = ' 156 148 SELECT id,name,uppercats,global_rank 157 149 FROM '.CATEGORIES_TABLE.' 158 150 WHERE status = \'private\''; 159 160 161 151 if (count($authorized_ids) > 0) 152 { 153 $query_false.= ' 162 154 AND id NOT IN ('.implode(',', $authorized_ids).')'; 163 164 155 } 156 $query_false.= ' 165 157 ;'; 166 167 } 158 display_select_cat_wrapper($query_false,array(),'category_option_false'); 159 168 160 //----------------------------------------------------------- sending html code 169 $template->assign_var_from_handle('ADMIN_CONTENT', 'user'); 161 162 $template->assign_var_from_handle('ADMIN_CONTENT', 'user_perm'); 170 163 ?>
Note: See TracChangeset
for help on using the changeset viewer.