Context Navigation

source: extensions/community/admin_permissions.php @ 9372

Last change on this file since 9372 was 9372, checked in by plg, 13 years ago

Rewritten version of Community plugin :

user upload (web form on gallery side)
precise permission manage (who, where, with moderation or not, ability to create sub-albums)
email notification to administrators when photos are uploaded

Requires Piwigo 2.2.0RC3

File size: 9.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30	load_language('plugin.lang', COMMUNITY_PATH);
31
32	$admin_base_url = get_root_url().'admin.php?page=plugin-community-permissions';
33
34	// +-----------------------------------------------------------------------+
35	// \| Check Access and exit when user status is not ok \|
36	// +-----------------------------------------------------------------------+
37
38	check_status(ACCESS_ADMINISTRATOR);
39
40	// +-----------------------------------------------------------------------+
41	// \| add permissions \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	$who_options = array('any_visitor', 'any_registered_user', 'user', 'group');
47
48	if (!in_array($_POST['who'], $who_options))
49	{
50	die('hacking attempt: invalid "who" option');
51	}
52
53	if ('user' == $_POST['who'])
54	{
55	check_input_parameter('who_user', $_POST, false, PATTERN_ID);
56	}
57
58	if ('group' == $_POST['who'])
59	{
60	check_input_parameter('who_group', $_POST, false, PATTERN_ID);
61	}
62
63	if (-1 != $_POST['category'])
64	{
65	check_input_parameter('category', $_POST, false, PATTERN_ID);
66	}
67
68	check_input_parameter('moderate', $_POST, false, '/^(true\|false)$/');
69
70	// creating the permission
71	$insert = array(
72	'type' => $_POST['who'],
73	'group_id' => ('group' == $_POST['who']) ? $_POST['who_group'] : null,
74	'user_id' => ('user' == $_POST['who']) ? $_POST['who_user'] : null,
75	'category_id' => ($_POST['category'] > 0) ? $_POST['category'] : null,
76	'create_subcategories' => isset($_POST['create_subcategories']) ? 'true' : 'false',
77	'moderated' => $_POST['moderate'],
78	);
79	mass_inserts(
80	COMMUNITY_PERMISSIONS_TABLE,
81	array_keys($insert),
82	array($insert)
83	);
84
85	array_push(
86	$page['infos'],
87	l10n('Permission added')
88	);
89	}
90
91	// +-----------------------------------------------------------------------+
92	// \| remove permissions \|
93	// +-----------------------------------------------------------------------+
94
95	if (isset($_GET['delete']))
96	{
97	check_input_parameter('delete', $_GET, false, PATTERN_ID);
98
99	$query = '
100	DELETE
101	FROM '.COMMUNITY_PERMISSIONS_TABLE.'
102	WHERE id = '.$_GET['delete'].'
103	;';
104	pwg_query($query);
105
106	$_SESSION['page_infos'] = array(l10n('Permission removed'));
107	redirect($admin_base_url);
108	}
109
110	// +-----------------------------------------------------------------------+
111	// \| template init \|
112	// +-----------------------------------------------------------------------+
113
114	$template->set_filenames(
115	array(
116	'plugin_admin_content' => dirname(__FILE__).'/admin_permissions.tpl'
117	)
118	);
119
120	// +-----------------------------------------------------------------------+
121	// \| prepare form \|
122	// +-----------------------------------------------------------------------+
123
124
125	// list of users
126	$users = array();
127
128	$query = '
129	SELECT
130	'.$conf['user_fields']['id'].' AS id,
131	'.$conf['user_fields']['username'].' AS username
132	FROM '.USERS_TABLE.' AS u
133	INNER JOIN '.USER_INFOS_TABLE.' AS uf ON uf.user_id = id
134	WHERE uf.status IN (\'normal\',\'generic\')
135	;';
136	$result = pwg_query($query);
137	while ($row = pwg_db_fetch_assoc($result))
138	{
139	$users[$row['id']] = $row['username'];
140	}
141
142	natcasesort($users);
143
144	$template->assign(
145	array(
146	'user_options' => $users,
147	)
148	);
149
150	// list of groups
151	$query = '
152	SELECT
153	id,
154	name
155	FROM '.GROUPS_TABLE.'
156	;';
157	$result = pwg_query($query);
158	while ($row = pwg_db_fetch_assoc($result))
159	{
160	$groups[$row['id']] = $row['name'];
161	}
162
163	natcasesort($groups);
164
165	$template->assign(
166	array(
167	'group_options' => $groups,
168	)
169	);
170
171
172	$template->assign(
173	array(
174	'F_ADD_ACTION' => COMMUNITY_BASE_URL.'-'.$page['tab'],
175	)
176	);
177
178	// list of albums
179	$query = '
180	SELECT id,name,uppercats,global_rank
181	FROM '.CATEGORIES_TABLE.'
182	;';
183
184	display_select_cat_wrapper(
185	$query,
186	array(),
187	'category_options'
188	);
189
190	// +-----------------------------------------------------------------------+
191	// \| permission list \|
192	// +-----------------------------------------------------------------------+
193
194	// user with community permissions
195	$query = '
196	SELECT
197	*
198	FROM '.COMMUNITY_PERMISSIONS_TABLE.'
199	ORDER BY id DESC
200	;';
201	$result = pwg_query($query);
202
203	$permissions = array();
204	$user_ids = array();
205	$group_ids = array();
206	$category_ids = array();
207
208	while ($row = mysql_fetch_assoc($result))
209	{
210	array_push($permissions, $row);
211
212	if (!empty($row['user_id']))
213	{
214	array_push($user_ids, $row['user_id']);
215	}
216
217	if (!empty($row['group_id']))
218	{
219	array_push($group_ids, $row['group_id']);
220	}
221
222	if (!empty($row['category_id']))
223	{
224	array_push($category_ids, $row['category_id']);
225	}
226	}
227
228	if (!empty($user_ids))
229	{
230	$query = '
231	SELECT
232	'.$conf['user_fields']['id'].' AS id,
233	'.$conf['user_fields']['username'].' AS username
234	FROM '.USERS_TABLE.'
235	WHERE '.$conf['user_fields']['id'].' IN ('.implode(',', $user_ids).')
236	;';
237	$result = pwg_query($query);
238	while ($row = pwg_db_fetch_assoc($result))
239	{
240	$name_of_user[ $row['id'] ] = $row['username'];
241	}
242	}
243
244	if (!empty($group_ids))
245	{
246	$query = '
247	SELECT
248	id,
249	name
250	FROM '.GROUPS_TABLE.'
251	WHERE id IN ('.implode(',', $group_ids).')
252	;';
253	$result = pwg_query($query);
254	while ($row = pwg_db_fetch_assoc($result))
255	{
256	$name_of_group[ $row['id'] ] = $row['name'];
257	}
258	}
259
260	if (!empty($category_ids))
261	{
262	$query = '
263	SELECT
264	id,
265	uppercats
266	FROM '.CATEGORIES_TABLE.'
267	WHERE id IN ('.implode(',', $category_ids).')
268	;';
269	$result = pwg_query($query);
270
271	while ($row = pwg_db_fetch_assoc($result))
272	{
273	$name_of_category[ $row['id'] ] = get_cat_display_name_cache(
274	$row['uppercats'],
275	null,
276	false
277	);
278	}
279	}
280
281	foreach ($permissions as $permission)
282	{
283	$where = l10n('The whole gallery');
284	if (isset($permission['category_id']))
285	{
286	$where = $name_of_category[ $permission['category_id'] ];
287	}
288
289	$who = l10n('any visitor');
290	if ('any_registered_user' == $permission['type'])
291	{
292	$who = l10n('any registered user');
293	}
294	elseif ('user' == $permission['type'])
295	{
296	$who = sprintf(
297	l10n('%s (the user)'),
298	$name_of_user[$permission['user_id']]
299	);
300	}
301	elseif ('group' == $permission['type'])
302	{
303	$who = sprintf(
304	l10n('%s (the group)'),
305	$name_of_group[$permission['group_id']]
306	);
307	}
308
309	$trust = l10n('low trust');
310	$trust_tooltip = l10n('uploaded photos must be validated by an administrator');
311	if ('false' == $permission['moderated'])
312	{
313	$trust = l10n('high trust');
314	$trust_tooltip = l10n('uploaded photos are directly displayed in the gallery');
315	}
316
317	$template->append(
318	'permissions',
319	array(
320	'WHO' => $who,
321	'WHERE' => $where,
322	'TRUST' => $trust,
323	'TRUST_TOOLTIP' => $trust_tooltip,
324	'CREATE_SUBCATEGORIES' => get_boolean($permission['create_subcategories']),
325	'U_DELETE' => $admin_base_url.'&delete='.$permission['id']
326	)
327	);
328	}
329
330	// +-----------------------------------------------------------------------+
331	// \| sending html code \|
332	// +-----------------------------------------------------------------------+
333
334	$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
335	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: