Context Navigation

source: extensions/community/admin.php @ 7945

Last change on this file since 7945 was 3673, checked in by plg, 15 years ago
first import for the Community plugin : basic feature to declare a list of non admin users able to add photos with web API.
File size: 7.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2009 Pierrick LE GALL http://piwigo.org \|
6	// +-----------------------------------------------------------------------+
7	// \| This program is free software; you can redistribute it and/or modify \|
8	// \| it under the terms of the GNU General Public License as published by \|
9	// \| the Free Software Foundation \|
10	// \| \|
11	// \| This program is distributed in the hope that it will be useful, but \|
12	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
13	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
14	// \| General Public License for more details. \|
15	// \| \|
16	// \| You should have received a copy of the GNU General Public License \|
17	// \| along with this program; if not, write to the Free Software \|
18	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
19	// \| USA. \|
20	// +-----------------------------------------------------------------------+
21
22	if( !defined("PHPWG_ROOT_PATH") )
23	{
24	die ("Hacking attempt!");
25	}
26
27	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28	load_language('plugin.lang', COMMUNITY_PATH);
29
30	$conf['community_permission_levels'] = array(1,2);
31	$admin_base_url = get_root_url().'admin.php?page=plugin&section=community%2Fadmin.php';
32
33	// +-----------------------------------------------------------------------+
34	// \| Check Access and exit when user status is not ok \|
35	// +-----------------------------------------------------------------------+
36	check_status(ACCESS_ADMINISTRATOR);
37
38	// +-----------------------------------------------------------------------+
39	// \| functions \|
40	// +-----------------------------------------------------------------------+
41
42	function get_permission_level_label($level)
43	{
44	return '('.$level.') '.l10n( sprintf('Community level %d', $level) );
45	}
46
47	// +-----------------------------------------------------------------------+
48	// \| add permissions \|
49	// +-----------------------------------------------------------------------+
50
51	if (isset($_POST['submit_add']) and !is_adviser())
52	{
53	if (!is_numeric($_POST['user_options']))
54	{
55	array_push($page['errors'], 'invalid user');
56	}
57	if (!is_numeric($_POST['permission_level_options']))
58	{
59	array_push($page['errors'], 'invalid permission level');
60	}
61
62	if (count($page['errors']) == 0)
63	{
64	$query = '
65	SELECT
66	'.$conf['user_fields']['username'].' AS username
67	FROM '.USERS_TABLE.'
68	WHERE '.$conf['user_fields']['id'].' = '.$_POST['user_options'].'
69	;';
70	list($username) = mysql_fetch_row(pwg_query($query));
71	// remove any existing permission for this user
72	$query = '
73	DELETE
74	FROM '.COMMUNITY_TABLE.'
75	WHERE user_id = '.$_POST['user_options'].'
76	;';
77	pwg_query($query);
78
79	// creating the permission
80	$query = '
81	INSERT INTO '.COMMUNITY_TABLE.'
82	(user_id, permission_level)
83	VALUES
84	('.$_POST['user_options'].', '.$_POST['permission_level_options'].')
85	;';
86	pwg_query($query);
87
88	array_push(
89	$page['infos'],
90	sprintf(
91	l10n('community permissions "%s" added/updated for "%s"'),
92	get_permission_level_label($_POST['permission_level_options']),
93	$username
94	)
95	);
96	}
97
98	}
99
100	// +-----------------------------------------------------------------------+
101	// \| remove permissions \|
102	// +-----------------------------------------------------------------------+
103
104	if (isset($_GET['delete']) and !is_adviser())
105	{
106	if (is_numeric($_GET['delete']))
107	{
108	$query = '
109	SELECT
110	community.user_id,
111	community.permission_level,
112	u.'.$conf['user_fields']['username'].' AS username
113	FROM '.COMMUNITY_TABLE.' AS community
114	INNER JOIN '.USERS_TABLE.' AS u
115	ON u.'.$conf['user_fields']['id'].' = community.user_id
116	WHERE community.user_id = '.$_GET['delete'].'
117	;';
118	$result = pwg_query($query);
119	if (mysql_num_rows($result) == 0)
120	{
121	array_push($page['errors'], 'this user has no community permission yet');
122	}
123
124	if (count($page['errors']) == 0)
125	{
126	list($user_id, $permission_level, $username) = mysql_fetch_row($result);
127
128	$query = '
129	DELETE
130	FROM '.COMMUNITY_TABLE.'
131	WHERE user_id = '.$user_id.'
132	;';
133	pwg_query($query);
134
135	array_push(
136	$page['infos'],
137	sprintf(
138	l10n('community permissions "%s" removed for "%s"'),
139	get_permission_level_label($permission_level),
140	$username
141	)
142	);
143	}
144	}
145	}
146
147	// +-----------------------------------------------------------------------+
148	// \| template init \|
149	// +-----------------------------------------------------------------------+
150
151	$template->set_filenames(
152	array(
153	'plugin_admin_content' => dirname(__FILE__).'/admin.tpl'
154	)
155	);
156
157	$template->assign(
158	array(
159	'F_ADD_ACTION'=> $admin_base_url,
160	)
161	);
162
163
164	// user options
165	$query = '
166	SELECT
167	u.'.$conf['user_fields']['id'].' AS id,
168	u.'.$conf['user_fields']['username'].' AS username
169	FROM '.USERS_TABLE.' AS u
170	INNER JOIN '.USER_INFOS_TABLE.' AS ui
171	ON u.'.$conf['user_fields']['id'].' = ui.user_id
172	WHERE ui.status = "normal"
173	ORDER BY username
174	;';
175	$user_options = array();
176	$result = pwg_query($query);
177	while ($row = mysql_fetch_assoc($result))
178	{
179	$user_options[ $row['id'] ] = $row['username'];
180	}
181	$template->assign(
182	array(
183	'user_options'=> $user_options,
184	)
185	);
186
187
188	// permission level options
189	$permission_level_options = array();
190	foreach ($conf['community_permission_levels'] as $level)
191	{
192	$permission_level_options[$level] = get_permission_level_label($level);
193	}
194	$template->assign(
195	array(
196	'permission_level_options'=> $permission_level_options,
197	)
198	);
199
200	// user with community permissions
201	$query = '
202	SELECT
203	community.user_id,
204	community.permission_level,
205	u.'.$conf['user_fields']['username'].' AS username
206	FROM '.COMMUNITY_TABLE.' AS community
207	INNER JOIN '.USERS_TABLE.' AS u
208	ON u.'.$conf['user_fields']['id'].' = community.user_id
209	ORDER BY username
210	;';
211	$result = pwg_query($query);
212
213	while ($row = mysql_fetch_assoc($result))
214	{
215	$template->append(
216	'users',
217	array(
218	'NAME' => $row['username'],
219	'PERMISSION_LEVEL' => get_permission_level_label($row['permission_level']),
220	'U_DELETE' => $admin_base_url.'&delete='.$row['user_id']
221	)
222	);
223	}
224
225	// +-----------------------------------------------------------------------+
226	// \| sending html code \|
227	// +-----------------------------------------------------------------------+
228
229	$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
230	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: