Context Navigation

source: trunk/admin/perm.php @ 20

Last change on this file since 20 was 10, checked in by z0rglub, 21 years ago
* empty log message *
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 9.1 KB

Line
1	<?php
2	/***************************************************************************
3	* perm.php is a part of PhpWebGallery *
4	* ------------------- *
5	* last update : Tuesday, July 16, 2002 *
6	* email : pierrick@z0rglub.com *
7	* *
8	***************************************************************************/
9
10	/***************************************************************************
11	* *
12	* This program is free software; you can redistribute it and/or modify *
13	* it under the terms of the GNU General Public License as published by *
14	* the Free Software Foundation; *
15	* *
16	***************************************************************************/
17	include_once( "./include/isadmin.inc.php" );
18	//---------------------------------------------------données de l'utilisateur
19	if ( isset( $HTTP_GET_VARS['user_id'] ) )
20	{
21	$query = "select id,pseudo,status from PREFIX_TABLE"."users where id = '".$HTTP_GET_VARS['user_id']."';";
22	$result = mysql_query( $query );
23	$row = mysql_fetch_array( $result );
24	$page['pseudo'] = $row['pseudo'];
25	$page['status'] = $row['status'];
26	if ( mysql_num_rows( $result ) == 0 )
27	{
28	echo"<div class=\"erreur\">".$lang['user_err_unknown']."</div>";
29	$erreur = true;
30	}
31	if ( $row['pseudo'] == $conf['webmaster'] )
32	{
33	echo"<div class=\"erreur\">".$lang['user_err_modify']."</div>";
34	$erreur = true;
35	}
36	}
37	//---------------------------------------------------données de la catégorie
38	if ( isset( $HTTP_GET_VARS['cat_id'] ) )
39	{
40	$HTTP_GET_VARS['cat'] = $HTTP_GET_VARS['cat_id'];
41	check_cat_id( $HTTP_GET_VARS['cat_id'] );
42	if ( isset( $page['cat'] ) )
43	{
44	$result = get_cat_info( $page['cat'] );
45	$page['cat_name'] = $result['name'];
46	$page['id_uppercat'] = $result['id_uppercat'];
47	}
48	}
49	//--------------------------------------------------------------- mise à jour
50	if ( isset( $HTTP_POST_VARS['submit'] ) )
51	{
52	if ( isset( $HTTP_GET_VARS['user_id'] ) )
53	{
54	mysql_query ( "delete from PREFIX_TABLE"."restrictions where user_id = ".$HTTP_GET_VARS['user_id'].";" );
55	$result = mysql_query ( "select id from PREFIX_TABLE"."categories;" );
56	while ( $row = mysql_fetch_array ( $result ) )
57	{
58	$nom_select = "acces-".$row['id'];
59	if ( $HTTP_POST_VARS[$nom_select] == 1 )
60	{
61	mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$HTTP_GET_VARS['user_id']."','".$row['id']."');" );
62	}
63	}
64	check_favorites( $HTTP_GET_VARS['user_id'] );
65	echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=liste_users" )."\">".$lang['adduser_info_back']."</a> ]</div>";
66	}
67	else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
68	{
69	mysql_query ( "delete from PREFIX_TABLE"."restrictions where cat_id = '".$page['cat']."';" );
70	$result = mysql_query( "select id from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
71	while ( $row = mysql_fetch_array ( $result ) )
72	{
73	$nom_select = "acces-".$row['id'];
74	if ( $HTTP_POST_VARS[$nom_select] == 1 )
75	{
76	mysql_query ( "insert into PREFIX_TABLE"."restrictions (user_id,cat_id) values ('".$row['id']."','".$page['cat']."');" );
77	}
78	check_favorites( $row['id'] );
79	}
80	echo "<div class=\"info\">".$lang['permuser_info_message']." [ <a href=\"".add_session_id_to_url( "./admin.php?page=cat" )."\">".$lang['editcat_back']."</a> ]</div>";
81	}
82	}
83	//--------------------------------------------------------------- formulaire
84	function display_cat_manager( $id_uppercat, $indent, $uppercat_authorized, $level, $restriction )
85	{
86	global PREFIX_TABLE,$lang,$conf;
87
88	$output = "";
89
90	// will we use <th> or <td> lines ?
91	if ( $level == 0 )
92	{
93	$start_line = "<th ";
94	$start_line2 = "<th ";
95	$end_line = "</th>";
96	}
97	else
98	{
99	$start_line = "<td ";
100	$end_line = "</td>";
101	if ( $level == 1 )
102	{
103	$start_line2 = "<td class=\"row1\" ";
104	}
105	else if ( $level == 2 )
106	{
107	$start_line2 = "<td class=\"row2\" ";
108	}
109	else if ( $level == 3 )
110	{
111	$start_line2 = "<td class=\"row3\" ";
112	}
113	else if ( $level == 4 )
114	{
115	$start_line2 = "<td class=\"row4\" ";
116	}
117	else
118	{
119	$start_line2 = "<td ";
120	}
121	}
122
123	$query = "select id,name,dir,rank";
124	$query.= " from PREFIX_TABLE"."categories";
125	if ( !is_numeric( $id_uppercat ) )
126	{
127	$query.= " where id_uppercat is NULL";
128	}
129	else
130	{
131	$query.= " where id_uppercat = $id_uppercat";
132	}
133	$query.= " order by rank asc;";
134	$result = mysql_query( $query );
135	while ( $row = mysql_fetch_array( $result ) )
136	{
137	$subcat_authorized = true;
138
139	$output.= "\n<tr>";
140	$output.= "\n\t".$start_line."style=\"width:85%;text-align:left;\">$indent<img src=\"".$conf['lien_puce']."\" alt=\">\" /> ";
141	if ( in_array( $row['id'], $restriction ) \|\| !$uppercat_authorized )
142	{
143	$subcat_authorized = false;
144	$color = "red";
145	}
146	else
147	{
148	$color = "green";
149	}
150	$output.= "<span style=\"color:$color;\">";
151	if ( $row['name'] == "" )
152	{
153	$output.= str_replace( "_", " ", $row['dir'] );
154	}
155	else
156	{
157	$output.= $row['name'];
158	}
159	$output.= " [ dir : ".$row['dir']." ]";
160	$output.= "</span>".$end_line;
161	$output.= "\n\t".$start_line2." style=\"width:15%;white-space:nowrap;text-align:right;font-weight:normal;\">";
162	$output.= "\n\t\t<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"0\" checked=\"checked\"/>".$lang['permuser_authorized'];
163	$output.= "\n\t\t<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"1\"";
164	if ( in_array( $row['id'], $restriction ) )
165	{
166	$output.= " checked=\"checked\"";
167	}
168	$output.= "/>".$lang['permuser_forbidden'];
169	$output.= $end_line;
170	$output.= "\n<tr>";
171	$output.= display_cat_manager( $row['id'], $indent."    ", $subcat_authorized, $level + 1, $restriction );
172	}
173	return $output;
174	}
175
176	if ( !$erreur )
177	{
178	//----------------------------------------------
179	// cas 1 : permissions pour un utilisateur donné
180	if ( isset( $HTTP_GET_VARS['user_id'] ) )
181	{
182	echo"
183	<table style=\"width:100%;\">
184	<tr>
185	<th>".$lang['permuser_title']." \"".$page['pseudo']."\"</th>
186	</tr>
187	</table>";
188	$restriction = get_restrictions( $HTTP_GET_VARS['user_id'], $page['status'], false );
189	echo"
190	<form action=\"".add_session_id_to_url( "./admin.php?page=perm&user_id=".$HTTP_GET_VARS['user_id'] )."\" method=\"post\">
191	<div style=\"color:darkblue;margin:10px;text-align:center;\">".$lang['permuser_warning']."</div>
192	<table style=\"width:100%;\">";
193
194	echo display_cat_manager( "NULL", "    ", true, 0, $restriction );
195
196	echo"
197	<tr>
198	<td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\"/></td>
199	</tr>
200	<table>
201	</form>";
202	}
203	//----------------------------------------------
204	// cas 2 : permissions pour une catégorie donnée
205	else if ( isset( $HTTP_GET_VARS['cat_id'] ) )
206	{
207	echo"
208	<table style=\"width:100%;\">
209	<tr>
210	<th>".$lang['permuser_cat_title']."\"".get_cat_display_name( $page['cat_name'], " - ", "font-style:italic;" )."\"</th>
211	</tr>
212	</table>";
213	echo"
214	<form action=\"".add_session_id_to_url( "./admin.php?page=perm&cat_id=".$page['cat'] )."\" method=\"post\">
215	<table style=\"width:100%;\">";
216
217	$result = mysql_query( "select id,pseudo,status from PREFIX_TABLE"."users where pseudo != '".$conf['webmaster']."';" );
218	$i = 0;
219	while ( $row = mysql_fetch_array( $result ) )
220	{
221	$restrictions = get_restrictions( $row['id'], $row['status'], false );
222	$is_user_allowed = is_user_allowed( $page['cat'], $restrictions );
223	$class = "";
224	if ( $i%2 == 1 )
225	{
226	$class = "class=\"row2\"";
227	}
228	echo"
229	<tr>
230	<td $class><a href=\"".add_session_id_to_url( "./admin.php?page=perm&user_id=".$row['id'] )."\">";
231	echo "<span style=\"color:";
232	if ( $is_user_allowed > 0 )
233	{
234	echo "red";
235	}
236	else
237	{
238	echo "green";
239	}
240	echo "\">".$row['pseudo']."</span></a></td>
241	<td $class style=\"text-align:right;\">";
242	if ( $is_user_allowed == 2 )
243	{
244	echo "<a href=\"".add_session_id_to_url( "./admin.php?page=perm&cat_id=".$page['id_uppercat'] )."\"><span style=\"color:red;\">".$lang['permuser_parent_forbidden']."</span></a>";
245	}
246	else
247	{
248	echo"
249	<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"0\" checked=\"checked\"/>".$lang['permuser_authorized']."
250	<input type=\"radio\" name=\"acces-".$row['id']."\" value=\"1\"";
251	if ( $is_user_allowed == 1 )
252	{
253	echo" checked=\"checked\"";
254	}
255	echo"/>".$lang['permuser_forbidden'];
256	}
257	echo"
258	</td>
259	</tr>";
260	$i++;
261	}
262	echo"
263	<tr>
264	<td colspan=\"2\" align=\"center\"><input type=\"submit\" name=\"submit\" value=\"".$lang['submit']."\"/></td>
265	</tr>
266	</table>
267	</form>";
268	}
269	}
270	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: