source: extensions/community/admin.php @ 8770

Last change on this file since 8770 was 3673, checked in by plg, 15 years ago

first import for the Community plugin : basic feature to declare a list of
non admin users able to add photos with web API.

File size: 7.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2009      Pierrick LE GALL             http://piwigo.org |
6// +-----------------------------------------------------------------------+
7// | This program is free software; you can redistribute it and/or modify  |
8// | it under the terms of the GNU General Public License as published by  |
9// | the Free Software Foundation                                          |
10// |                                                                       |
11// | This program is distributed in the hope that it will be useful, but   |
12// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
13// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
14// | General Public License for more details.                              |
15// |                                                                       |
16// | You should have received a copy of the GNU General Public License     |
17// | along with this program; if not, write to the Free Software           |
18// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
19// | USA.                                                                  |
20// +-----------------------------------------------------------------------+
21
22if( !defined("PHPWG_ROOT_PATH") )
23{
24  die ("Hacking attempt!");
25}
26
27include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28load_language('plugin.lang', COMMUNITY_PATH);
29
30$conf['community_permission_levels'] = array(1,2);
31$admin_base_url = get_root_url().'admin.php?page=plugin&section=community%2Fadmin.php';
32
33// +-----------------------------------------------------------------------+
34// | Check Access and exit when user status is not ok                      |
35// +-----------------------------------------------------------------------+
36check_status(ACCESS_ADMINISTRATOR);
37
38// +-----------------------------------------------------------------------+
39// |                               functions                               |
40// +-----------------------------------------------------------------------+
41
42function get_permission_level_label($level)
43{
44  return '('.$level.') '.l10n( sprintf('Community level %d', $level) );
45}
46
47// +-----------------------------------------------------------------------+
48// |                            add permissions                            |
49// +-----------------------------------------------------------------------+
50
51if (isset($_POST['submit_add']) and !is_adviser())
52{
53  if (!is_numeric($_POST['user_options']))
54  {
55    array_push($page['errors'], 'invalid user');
56  }
57  if (!is_numeric($_POST['permission_level_options']))
58  {
59    array_push($page['errors'], 'invalid permission level');
60  }
61
62  if (count($page['errors']) == 0)
63  {
64    $query = '
65SELECT
66    '.$conf['user_fields']['username'].' AS username
67  FROM '.USERS_TABLE.'
68  WHERE '.$conf['user_fields']['id'].' = '.$_POST['user_options'].'
69;';
70    list($username) = mysql_fetch_row(pwg_query($query));
71    // remove any existing permission for this user
72    $query = '
73DELETE
74  FROM '.COMMUNITY_TABLE.'
75  WHERE user_id = '.$_POST['user_options'].'
76;';
77    pwg_query($query);
78
79    // creating the permission
80    $query = '
81INSERT INTO '.COMMUNITY_TABLE.'
82  (user_id, permission_level)
83  VALUES
84  ('.$_POST['user_options'].', '.$_POST['permission_level_options'].')
85;';
86    pwg_query($query);
87
88    array_push(
89      $page['infos'],
90      sprintf(
91        l10n('community permissions "%s" added/updated for "%s"'),
92        get_permission_level_label($_POST['permission_level_options']),
93        $username
94        )
95      );
96  }
97
98}
99
100// +-----------------------------------------------------------------------+
101// |                           remove permissions                          |
102// +-----------------------------------------------------------------------+
103
104if (isset($_GET['delete']) and !is_adviser())
105{
106  if (is_numeric($_GET['delete']))
107  {
108    $query = '
109SELECT
110    community.user_id,
111    community.permission_level,
112    u.'.$conf['user_fields']['username'].' AS username
113  FROM '.COMMUNITY_TABLE.' AS community
114    INNER JOIN '.USERS_TABLE.' AS u
115      ON u.'.$conf['user_fields']['id'].' = community.user_id
116  WHERE community.user_id = '.$_GET['delete'].'
117;';
118    $result = pwg_query($query);
119    if (mysql_num_rows($result) == 0)
120    {
121      array_push($page['errors'], 'this user has no community permission yet');
122    }
123
124    if (count($page['errors']) == 0)
125    {
126      list($user_id, $permission_level, $username) = mysql_fetch_row($result);
127
128      $query = '
129DELETE
130  FROM '.COMMUNITY_TABLE.'
131  WHERE user_id = '.$user_id.'
132;';
133      pwg_query($query);
134
135      array_push(
136        $page['infos'],
137        sprintf(
138          l10n('community permissions "%s" removed for "%s"'),
139          get_permission_level_label($permission_level),
140          $username
141        )
142      );
143    }
144  }
145}
146
147// +-----------------------------------------------------------------------+
148// |                             template init                             |
149// +-----------------------------------------------------------------------+
150
151$template->set_filenames(
152  array(
153    'plugin_admin_content' => dirname(__FILE__).'/admin.tpl'
154    )
155  );
156
157$template->assign(
158    array(
159      'F_ADD_ACTION'=> $admin_base_url,
160    )
161  );
162
163
164// user options
165$query = '
166SELECT
167    u.'.$conf['user_fields']['id'].' AS id,
168    u.'.$conf['user_fields']['username'].' AS username
169  FROM '.USERS_TABLE.' AS u
170    INNER JOIN '.USER_INFOS_TABLE.' AS ui
171      ON u.'.$conf['user_fields']['id'].' = ui.user_id
172  WHERE ui.status = "normal"
173  ORDER BY username
174;';
175$user_options = array();
176$result = pwg_query($query);
177while ($row = mysql_fetch_assoc($result))
178{
179  $user_options[ $row['id'] ] = $row['username'];
180}
181$template->assign(
182    array(
183      'user_options'=> $user_options,
184    )
185  );
186
187 
188// permission level options
189$permission_level_options = array();
190foreach ($conf['community_permission_levels'] as $level)
191{
192  $permission_level_options[$level] = get_permission_level_label($level);
193}
194$template->assign(
195    array(
196      'permission_level_options'=> $permission_level_options,
197    )
198  );
199
200// user with community permissions
201$query = '
202SELECT
203    community.user_id,
204    community.permission_level,
205    u.'.$conf['user_fields']['username'].' AS username
206  FROM '.COMMUNITY_TABLE.' AS community
207    INNER JOIN '.USERS_TABLE.' AS u
208      ON u.'.$conf['user_fields']['id'].' = community.user_id
209  ORDER BY username
210;';
211$result = pwg_query($query);
212
213while ($row = mysql_fetch_assoc($result))
214{
215  $template->append(
216    'users',
217    array(
218      'NAME' => $row['username'],
219      'PERMISSION_LEVEL' => get_permission_level_label($row['permission_level']),
220      'U_DELETE' => $admin_base_url.'&amp;delete='.$row['user_id']
221      )
222    );
223}
224
225// +-----------------------------------------------------------------------+
226// |                           sending html code                           |
227// +-----------------------------------------------------------------------+
228
229$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
230?>
Note: See TracBrowser for help on using the repository browser.