Context Navigation

source: extensions/community/admin.php @ 8063

Last change on this file since 8063 was 3673, checked in by plg, 15 years ago
first import for the Community plugin : basic feature to declare a list of non admin users able to add photos with web API.
File size: 7.1 KB

Rev	Line
[3673]	1	<?php
	2	// +-----------------------------------------------------------------------+
	3	// \| Piwigo - a PHP based picture gallery \|
	4	// +-----------------------------------------------------------------------+
	5	// \| Copyright(C) 2009 Pierrick LE GALL http://piwigo.org \|
	6	// +-----------------------------------------------------------------------+
	7	// \| This program is free software; you can redistribute it and/or modify \|
	8	// \| it under the terms of the GNU General Public License as published by \|
	9	// \| the Free Software Foundation \|
	10	// \| \|
	11	// \| This program is distributed in the hope that it will be useful, but \|
	12	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	13	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	14	// \| General Public License for more details. \|
	15	// \| \|
	16	// \| You should have received a copy of the GNU General Public License \|
	17	// \| along with this program; if not, write to the Free Software \|
	18	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	19	// \| USA. \|
	20	// +-----------------------------------------------------------------------+
	21
	22	if( !defined("PHPWG_ROOT_PATH") )
	23	{
	24	die ("Hacking attempt!");
	25	}
	26
	27	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	28	load_language('plugin.lang', COMMUNITY_PATH);
	29
	30	$conf['community_permission_levels'] = array(1,2);
	31	$admin_base_url = get_root_url().'admin.php?page=plugin&section=community%2Fadmin.php';
	32
	33	// +-----------------------------------------------------------------------+
	34	// \| Check Access and exit when user status is not ok \|
	35	// +-----------------------------------------------------------------------+
	36	check_status(ACCESS_ADMINISTRATOR);
	37
	38	// +-----------------------------------------------------------------------+
	39	// \| functions \|
	40	// +-----------------------------------------------------------------------+
	41
	42	function get_permission_level_label($level)
	43	{
	44	return '('.$level.') '.l10n( sprintf('Community level %d', $level) );
	45	}
	46
	47	// +-----------------------------------------------------------------------+
	48	// \| add permissions \|
	49	// +-----------------------------------------------------------------------+
	50
	51	if (isset($_POST['submit_add']) and !is_adviser())
	52	{
	53	if (!is_numeric($_POST['user_options']))
	54	{
	55	array_push($page['errors'], 'invalid user');
	56	}
	57	if (!is_numeric($_POST['permission_level_options']))
	58	{
	59	array_push($page['errors'], 'invalid permission level');
	60	}
	61
	62	if (count($page['errors']) == 0)
	63	{
	64	$query = '
	65	SELECT
	66	'.$conf['user_fields']['username'].' AS username
	67	FROM '.USERS_TABLE.'
	68	WHERE '.$conf['user_fields']['id'].' = '.$_POST['user_options'].'
	69	;';
	70	list($username) = mysql_fetch_row(pwg_query($query));
	71	// remove any existing permission for this user
	72	$query = '
	73	DELETE
	74	FROM '.COMMUNITY_TABLE.'
	75	WHERE user_id = '.$_POST['user_options'].'
	76	;';
	77	pwg_query($query);
	78
	79	// creating the permission
	80	$query = '
	81	INSERT INTO '.COMMUNITY_TABLE.'
	82	(user_id, permission_level)
	83	VALUES
	84	('.$_POST['user_options'].', '.$_POST['permission_level_options'].')
	85	;';
	86	pwg_query($query);
	87
	88	array_push(
	89	$page['infos'],
	90	sprintf(
	91	l10n('community permissions "%s" added/updated for "%s"'),
	92	get_permission_level_label($_POST['permission_level_options']),
	93	$username
	94	)
	95	);
	96	}
	97
	98	}
	99
	100	// +-----------------------------------------------------------------------+
	101	// \| remove permissions \|
	102	// +-----------------------------------------------------------------------+
	103
	104	if (isset($_GET['delete']) and !is_adviser())
	105	{
	106	if (is_numeric($_GET['delete']))
	107	{
	108	$query = '
	109	SELECT
	110	community.user_id,
	111	community.permission_level,
	112	u.'.$conf['user_fields']['username'].' AS username
	113	FROM '.COMMUNITY_TABLE.' AS community
	114	INNER JOIN '.USERS_TABLE.' AS u
	115	ON u.'.$conf['user_fields']['id'].' = community.user_id
	116	WHERE community.user_id = '.$_GET['delete'].'
	117	;';
	118	$result = pwg_query($query);
	119	if (mysql_num_rows($result) == 0)
	120	{
	121	array_push($page['errors'], 'this user has no community permission yet');
	122	}
	123
	124	if (count($page['errors']) == 0)
	125	{
	126	list($user_id, $permission_level, $username) = mysql_fetch_row($result);
	127
	128	$query = '
	129	DELETE
	130	FROM '.COMMUNITY_TABLE.'
	131	WHERE user_id = '.$user_id.'
	132	;';
	133	pwg_query($query);
	134
	135	array_push(
	136	$page['infos'],
	137	sprintf(
	138	l10n('community permissions "%s" removed for "%s"'),
	139	get_permission_level_label($permission_level),
	140	$username
	141	)
	142	);
	143	}
	144	}
	145	}
	146
	147	// +-----------------------------------------------------------------------+
	148	// \| template init \|
	149	// +-----------------------------------------------------------------------+
	150
	151	$template->set_filenames(
	152	array(
	153	'plugin_admin_content' => dirname(__FILE__).'/admin.tpl'
	154	)
	155	);
	156
	157	$template->assign(
	158	array(
	159	'F_ADD_ACTION'=> $admin_base_url,
	160	)
	161	);
	162
	163
	164	// user options
	165	$query = '
	166	SELECT
	167	u.'.$conf['user_fields']['id'].' AS id,
	168	u.'.$conf['user_fields']['username'].' AS username
	169	FROM '.USERS_TABLE.' AS u
	170	INNER JOIN '.USER_INFOS_TABLE.' AS ui
	171	ON u.'.$conf['user_fields']['id'].' = ui.user_id
	172	WHERE ui.status = "normal"
	173	ORDER BY username
	174	;';
	175	$user_options = array();
	176	$result = pwg_query($query);
	177	while ($row = mysql_fetch_assoc($result))
	178	{
	179	$user_options[ $row['id'] ] = $row['username'];
	180	}
	181	$template->assign(
	182	array(
	183	'user_options'=> $user_options,
	184	)
	185	);
	186
	187
	188	// permission level options
	189	$permission_level_options = array();
	190	foreach ($conf['community_permission_levels'] as $level)
	191	{
	192	$permission_level_options[$level] = get_permission_level_label($level);
	193	}
	194	$template->assign(
	195	array(
	196	'permission_level_options'=> $permission_level_options,
	197	)
	198	);
	199
	200	// user with community permissions
	201	$query = '
	202	SELECT
	203	community.user_id,
	204	community.permission_level,
	205	u.'.$conf['user_fields']['username'].' AS username
	206	FROM '.COMMUNITY_TABLE.' AS community
	207	INNER JOIN '.USERS_TABLE.' AS u
	208	ON u.'.$conf['user_fields']['id'].' = community.user_id
	209	ORDER BY username
	210	;';
	211	$result = pwg_query($query);
	212
	213	while ($row = mysql_fetch_assoc($result))
	214	{
	215	$template->append(
	216	'users',
	217	array(
	218	'NAME' => $row['username'],
	219	'PERMISSION_LEVEL' => get_permission_level_label($row['permission_level']),
	220	'U_DELETE' => $admin_base_url.'&delete='.$row['user_id']
	221	)
	222	);
	223	}
	224
	225	// +-----------------------------------------------------------------------+
	226	// \| sending html code \|
	227	// +-----------------------------------------------------------------------+
	228
	229	$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
	230	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: