source: branches/1.4/admin/group_perm.php @ 8017

Last change on this file since 8017 was 675, checked in by plg, 20 years ago

all headers adapted to new year 2005, happy new year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 6.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date: 2005-01-07 23:10:51 +0000 (Fri, 07 Jan 2005) $
10// | last modifier : $Author: plg $
11// | revision      : $Revision: 675 $
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27if( !defined("PHPWG_ROOT_PATH") )
28{
29        die ("Hacking attempt!");
30}
31
32include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
33//--------------------------------------------------------------------- updates
34if (isset($_POST['falsify'])
35         and isset($_POST['cat_true'])
36         and count($_POST['cat_true']) > 0)
37{
38  // if you forbid access to a category, all sub-categories become
39  // automatically forbidden
40  $subcats = get_subcat_ids($_POST['cat_true']);
41  $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.'
42    WHERE group_id = '.$_POST['group_id'].'
43    AND cat_id IN ('.implode(',', $subcats).');';
44  pwg_query($query);
45}
46else if (isset($_POST['trueify'])
47         and isset($_POST['cat_false'])
48         and count($_POST['cat_false']) > 0)
49{
50  $uppercats = get_uppercat_ids($_POST['cat_false']);
51  $private_uppercats = array();
52
53  $query = 'SELECT id
54    FROM '.CATEGORIES_TABLE.'
55    WHERE id IN ('.implode(',', $uppercats).')
56    AND status = \'private\';';
57  $result = pwg_query($query);
58  while ($row = mysql_fetch_array($result))
59  {
60    array_push($private_uppercats, $row['id']);
61  }
62
63  // retrying to authorize a category which is already authorized may cause
64  // an error (in SQL statement), so we need to know which categories are
65  // accesible
66  $authorized_ids = array();
67   
68  $query = 'SELECT cat_id
69  FROM '.GROUP_ACCESS_TABLE.'
70  WHERE group_id = '.$_POST['group_id'].';';
71  $result = pwg_query($query);
72 
73  while ($row = mysql_fetch_array($result))
74  {
75    array_push($authorized_ids, $row['cat_id']);
76  }
77 
78  $inserts = array();
79  $to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
80  foreach ($to_autorize_ids as $to_autorize_id)
81  {
82    array_push($inserts, array('group_id' => $_POST['group_id'],
83                               'cat_id' => $to_autorize_id));
84  }
85
86  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
87}
88
89//----------------------------------------------------- template initialization
90$query = 'SELECT id,name FROM '.GROUPS_TABLE;
91$query.= ' ORDER BY id ASC;';
92$result = pwg_query( $query );
93$groups_display = '<select name="group_id">';
94$groups_nb=0;
95while ( $row = mysql_fetch_array( $result ) )
96{
97  $groups_nb++;
98  $selected = '';
99  if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
100                $selected = 'selected';
101  $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name']  . '</option>';
102}
103$groups_display .= '</select>';
104
105$action = PHPWG_ROOT_PATH.'admin.php?page=group_perm';
106$template->set_filenames( array('groups'=>'admin/group_perm.tpl') );
107$template->assign_vars(array(
108  'S_GROUP_SELECT'=>$groups_display,
109  'L_GROUP_SELECT'=>$lang['group_list_title'],
110  'L_LOOK_UP'=>$lang['edit'],
111  'S_GROUP_ACTION'=>add_session_id($action)
112  ));
113 
114if ($groups_nb) 
115{
116  $template->assign_block_vars('select_box',array());
117}
118
119if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify']))
120{
121  $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl'));
122  $template->assign_vars(array(
123      'L_RESET'=>$lang['reset'],
124      'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
125      'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
126      'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
127     
128      'HIDDEN_NAME'=> 'group_id',
129      'HIDDEN_VALUE'=>$_POST['group_id'],
130      'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'),
131  ));
132 
133  // only private categories are listed
134  $query_true = '
135SELECT id,name,uppercats,global_rank
136  FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id
137  WHERE status = \'private\'
138    AND group_id = '.$_POST['group_id'].'
139;';
140  display_select_cat_wrapper($query_true,array(),'category_option_true');
141 
142  $result = pwg_query($query_true);
143  $authorized_ids = array();
144  while ($row = mysql_fetch_array($result))
145  {
146    array_push($authorized_ids, $row['id']);
147  }
148 
149  $query_false = '
150SELECT id,name,uppercats,global_rank
151  FROM '.CATEGORIES_TABLE.'
152  WHERE status = \'private\'';
153  if (count($authorized_ids) > 0)
154  {
155    $query_false.= '
156    AND id NOT IN ('.implode(',', $authorized_ids).')';
157  }
158  $query_false.= '
159;';
160  display_select_cat_wrapper($query_false,array(),'category_option_false');
161 
162  $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth');
163}
164//----------------------------------------------------------- sending html code
165$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
166
167?>
Note: See TracBrowser for help on using the repository browser.