| [ Index ] |
|
Code source de GeekLog 1.4.1 |
1 <?php 2 3 /* Reminder: always indent with 4 spaces (no tabs). */ 4 // +---------------------------------------------------------------------------+ 5 // | Geeklog 1.4 | 6 // +---------------------------------------------------------------------------+ 7 // | group.php | 8 // | | 9 // | Geeklog group administration page. | 10 // +---------------------------------------------------------------------------+ 11 // | Copyright (C) 2000-2006 by the following authors: | 12 // | | 13 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com | 14 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net | 15 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com | 16 // | Dirk Haun - dirk AT haun-online DOT de | 17 // +---------------------------------------------------------------------------+ 18 // | | 19 // | This program is free software; you can redistribute it and/or | 20 // | modify it under the terms of the GNU General Public License | 21 // | as published by the Free Software Foundation; either version 2 | 22 // | of the License, or (at your option) any later version. | 23 // | | 24 // | This program is distributed in the hope that it will be useful, | 25 // | but WITHOUT ANY WARRANTY; without even the implied warranty of | 26 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 27 // | GNU General Public License for more details. | 28 // | | 29 // | You should have received a copy of the GNU General Public License | 30 // | along with this program; if not, write to the Free Software Foundation, | 31 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 32 // | | 33 // +---------------------------------------------------------------------------+ 34 // 35 // $Id: group.php,v 1.93 2006/11/01 19:38:56 dhaun Exp $ 36 37 /** 38 * This file is the Geeklog Group administration page 39 * 40 * @author Tony Bibbs <tony@tonybibbs.com> 41 * 42 */ 43 44 /** 45 * Geeklog common function library 46 */ 47 require_once ('../lib-common.php'); 48 49 /** 50 * Verifies that current user even has access to the page to this point 51 */ 52 require_once ('auth.inc.php'); 53 54 // Uncomment the line below if you need to debug the HTTP variables being passed 55 // to the script. This will sometimes cause errors but it will allow you to see 56 // the data being passed in a POST operation 57 // echo COM_debug($_POST); 58 59 $display = ''; 60 61 // Make sure user has rights to access this page 62 if (!SEC_hasRights ('group.edit')) { 63 $display .= COM_siteHeader ('menu', $MESSAGE[30]); 64 $display .= COM_startBlock ($MESSAGE[30], '', 65 COM_getBlockTemplate ('_msg_block', 'header')); 66 $display .= $MESSAGE[37]; 67 $display .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 68 $display .= COM_siteFooter (); 69 COM_accessLog ("User {$_USER['username']} tried to illegally access the group administration screen."); 70 echo $display; 71 exit; 72 } 73 74 /** 75 * Shows the group editor form 76 * 77 * @param string $grp_id ID of group to edit 78 * @return string HTML for group editor 79 * 80 */ 81 function editgroup($grp_id = '') 82 { 83 global $_TABLES, $_CONF, $_USER, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, 84 $LANG28, $VERBOSE; 85 86 $retval = ''; 87 88 $thisUsersGroups = SEC_getUserGroups (); 89 if (!empty ($grp_id) && 90 ($grp_id > 0) && 91 !in_array ($grp_id, $thisUsersGroups) && 92 !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $thisUsersGroups)) { 93 $retval .= COM_startBlock ($LANG_ACCESS['groupeditor'], '', 94 COM_getBlockTemplate ('_msg_block', 'header')); 95 if (!SEC_inGroup ('Root') && (DB_getItem ($_TABLES['groups'], 96 'grp_name', "grp_id = $grp_id") == 'Root')) { 97 $retval .= $LANG_ACCESS['canteditroot']; 98 COM_accessLog ("User {$_USER['username']} tried to edit the Root group with insufficient privileges."); 99 } else { 100 $retval .= $LANG_ACCESS['canteditgroup']; 101 } 102 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 103 104 return $retval; 105 } 106 107 $group_templates = new Template($_CONF['path_layout'] . 'admin/group'); 108 $group_templates->set_file('editor','groupeditor.thtml'); 109 $group_templates->set_var('site_url', $_CONF['site_url']); 110 $group_templates->set_var('site_admin_url', $_CONF['site_admin_url']); 111 $group_templates->set_var('layout_url', $_CONF['layout_url']); 112 $group_templates->set_var('lang_save', $LANG_ADMIN['save']); 113 $group_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); 114 $group_templates->set_var('lang_admingroup',$LANG28[49]); 115 $group_templates->set_var('lang_admingrp_msg', $LANG28[50]); 116 $showall = 0; 117 if (isset ($_GET['chk_showall'])) { 118 $showall = COM_applyFilter ($_GET['chk_showall'], true); 119 } 120 $group_templates->set_var('show_all', $showall); 121 122 if (!empty ($grp_id)) { 123 $result = DB_query ("SELECT grp_id,grp_name,grp_descr,grp_gl_core FROM {$_TABLES['groups']} WHERE grp_id ='$grp_id'"); 124 $A = DB_fetchArray ($result); 125 if ($A['grp_gl_core'] > 0) { 126 $group_templates->set_var ('chk_adminuse', 'checked="checked"'); 127 } 128 } else { 129 // new group, so it's obviously not a core group 130 $A['grp_gl_core'] = 0; 131 } 132 133 $retval .= COM_startBlock ($LANG_ACCESS['groupeditor'], '', 134 COM_getBlockTemplate ('_admin_block', 'header')); 135 136 if (!empty($grp_id)) { 137 // Groups tied to Geeklog's functionality shouldn't be deleted 138 if ($A['grp_gl_core'] != 1) { 139 $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] 140 . '" name="mode"%s>'; 141 $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; 142 $group_templates->set_var ('delete_option', 143 sprintf ($delbutton, $jsconfirm)); 144 $group_templates->set_var ('delete_option_no_confirmation', 145 sprintf ($delbutton, '')); 146 $group_templates->set_var ('group_core', 0); 147 } else { 148 $group_templates->set_var ('group_core', 1); 149 } 150 $group_templates->set_var ('group_id', $A['grp_id']); 151 } else { 152 $group_templates->set_var ('group_core', 0); 153 } 154 155 $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']); 156 157 if ($A['grp_gl_core'] != 1) { 158 $group_templates->set_var('groupname_inputtype', 'text'); 159 $group_templates->set_var('groupname_static', ''); 160 } else { 161 $group_templates->set_var('groupname_inputtype', 'hidden'); 162 $group_templates->set_var('groupname_static', $A['grp_name']); 163 } 164 if (isset ($A['grp_name'])) { 165 $group_templates->set_var('group_name', $A['grp_name']); 166 } else { 167 $group_templates->set_var('group_name', ''); 168 } 169 170 $group_templates->set_var('lang_description', $LANG_ACCESS['description']); 171 if (isset ($A['grp_descr'])) { 172 $group_templates->set_var('group_description', $A['grp_descr']); 173 } else { 174 $group_templates->set_var('group_description', ''); 175 } 176 $group_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']); 177 178 //$groups = SEC_getUserGroups('','',$grp_id); 179 $selected = ''; 180 if (!empty($grp_id)) { 181 $tmp = DB_query("SELECT ug_main_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_grp_id = $grp_id"); 182 $num_groups = DB_numRows($tmp); 183 for ($x = 1; $x <= $num_groups; $x++) { 184 $G = DB_fetchArray($tmp); 185 if ($x > 1) { 186 $selected .= ' ' . $G['ug_main_grp_id']; 187 } else { 188 $selected .= $G['ug_main_grp_id']; 189 } 190 } 191 } 192 if ($A['grp_gl_core'] == 1) { 193 $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['coregroupmsg']); 194 $group_templates->set_var('hide_adminoption',' style="display:none;"'); 195 196 if (!empty($selected)) { 197 $inclause = str_replace(' ',',',$selected); 198 $result= DB_query("SELECT grp_id,grp_name FROM {$_TABLES['groups']} WHERE grp_id <> $grp_id AND grp_id in ($inclause) ORDER BY grp_name"); 199 $nrows = DB_numRows($result); 200 } else { 201 $nrows = 0; 202 } 203 204 if ($nrows == 0) { 205 // this group doesn't belong to anything...give a friendly message 206 $group_templates->set_var('group_options', $LANG_ACCESS['nogroupsforcoregroup']); 207 } else { 208 $groupoptions = ''; 209 for ($i = 1; $i <= $nrows; $i++) { 210 $GRPS = DB_fetchArray($result); 211 $groupoptions .= $GRPS['grp_name'] . '<input type="hidden" name="groups[]" value="' . $GRPS['grp_id'] . '"><br>' .LB; 212 } 213 $group_templates->set_var('group_options', $groupoptions); 214 } 215 } else { 216 $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['groupmsg']); 217 $group_templates->set_var('hide_adminoption',''); 218 if ($VERBOSE) { 219 COM_errorLog("SELECTED: $selected"); 220 } 221 222 // make sure to list only those groups of which the Group Admin 223 // is a member 224 $whereGroups = '(grp_id IN (' . implode (',', $thisUsersGroups) . '))'; 225 226 // You can no longer give access to the Root group.... 227 // it's pointless and doesn't make any sense 228 if (!empty($grp_id)) { 229 $group_templates->set_var ('group_options', COM_checkList ($_TABLES['groups'], 'grp_id,grp_name', "(grp_id <> $grp_id) AND (grp_name <> 'Root') AND " . $whereGroups, $selected)); 230 } else { 231 $group_templates->set_var ('group_options', COM_checkList ($_TABLES['groups'], 'grp_id,grp_name', "(grp_name <> 'Root') AND " . $whereGroups, '')); 232 } 233 } 234 $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']); 235 236 if ($A['grp_gl_core'] == 1) { 237 $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['corerightsdescr']); 238 } else { 239 $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']); 240 } 241 242 $group_templates->set_var('rights_options', printrights($grp_id, $A['grp_gl_core'])); 243 $group_templates->parse('output','editor'); 244 $retval .= $group_templates->finish($group_templates->get_var('output')); 245 $retval .= COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer')); 246 247 return $retval; 248 } 249 250 251 /** 252 * Get the indirect features for a group, i.e. a list of all the features 253 * that this group inherited from other groups. 254 * 255 * @param int $grp_id ID of group 256 * @return string comma-separated list of feature names 257 * 258 */ 259 function getIndirectFeatures ($grp_id) 260 { 261 global $_TABLES; 262 263 $checked = array (); 264 $tocheck = array ($grp_id); 265 266 do { 267 $grp = array_pop ($tocheck); 268 269 $result = DB_query ("SELECT ug_main_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_grp_id = $grp AND ug_uid IS NULL"); 270 $numrows = DB_numRows ($result); 271 272 $checked[] = $grp; 273 274 for ($j = 0; $j < $numrows; $j++) { 275 $A = DB_fetchArray ($result); 276 if (!in_array ($A['ug_main_grp_id'], $checked) && 277 !in_array ($A['ug_main_grp_id'], $tocheck)) { 278 $tocheck[] = $A['ug_main_grp_id']; 279 } 280 } 281 } 282 while (sizeof ($tocheck) > 0); 283 284 // get features for all groups in $checked 285 $glist = join (',', $checked); 286 $result = DB_query("SELECT DISTINCT ft_name FROM {$_TABLES['access']},{$_TABLES['features']} WHERE ft_id = acc_ft_id AND acc_grp_id IN ($glist)"); 287 $nrows = DB_numRows ($result); 288 289 $retval = ''; 290 for ($j = 1; $j <= $nrows; $j++) { 291 $A = DB_fetchArray ($result); 292 $retval .= $A['ft_name']; 293 if ($j < $nrows) { 294 $retval .= ','; 295 } 296 } 297 298 return $retval; 299 } 300 301 /** 302 * Prints the features a group has access. Please follow the comments in the 303 * code closely if you need to modify this function. Also right is synonymous 304 * with feature. 305 * 306 * @param mixed $grp_id ID to print rights for 307 * @param boolean $core indicates if group is a core Geeklog group 308 * @return string HTML for rights 309 * 310 */ 311 function printrights ($grp_id = '', $core = 0) 312 { 313 global $_TABLES, $_USER, $LANG_ACCESS, $VERBOSE; 314 315 // $VERBOSE = true; 316 // this gets a bit complicated so bear with the comments 317 318 // get a list of all the features that the current user (i.e. Group Admin) 319 // has access to, so we only include these features in the list below 320 if (!SEC_inGroup('Root')) { 321 $GroupAdminFeatures = SEC_getUserPermissions (); 322 $availableFeatures = explode (',', $GroupAdminFeatures); 323 $GroupAdminFeatures = "'" . implode ("','", $availableFeatures) . "'"; 324 $ftWhere = ' WHERE ft_name IN (' . $GroupAdminFeatures . ')'; 325 } else { 326 $ftWhere = ''; 327 } 328 329 // now query for all available features 330 $features = DB_query ("SELECT ft_id,ft_name,ft_descr FROM {$_TABLES['features']}{$ftWhere} ORDER BY ft_name"); 331 $nfeatures = DB_numRows($features); 332 333 $grpftarray = array (); 334 if (!empty($grp_id)) { 335 // now get all the feature this group gets directly 336 $directfeatures = DB_query("SELECT acc_ft_id,ft_name FROM {$_TABLES['access']},{$_TABLES['features']} WHERE ft_id = acc_ft_id AND acc_grp_id = $grp_id",1); 337 338 // now in many cases the features will be given to this user indirectly 339 // via membership to another group. These are not editable and must, 340 // instead, be removed from that group directly 341 $indirectfeatures = getIndirectFeatures ($grp_id); 342 $indirectfeatures = explode (',', $indirectfeatures); 343 344 // Build an array of indirect features 345 for ($i = 0; $i < sizeof($indirectfeatures); $i++) { 346 $grpftarray[current($indirectfeatures)] = 'indirect'; 347 next($indirectfeatures); 348 } 349 350 // Build an arrray of direct features 351 $grpftarray1 = array (); 352 $ndirect = DB_numRows($directfeatures); 353 for ($i = 0; $i < $ndirect; $i++) { 354 $A = DB_fetchArray($directfeatures); 355 $grpftarray1[$A['ft_name']] = 'direct'; 356 } 357 358 // Now merge the two arrays 359 $grpftarray = array_merge ($grpftarray, $grpftarray1); 360 if ($VERBOSE) { 361 // this is for debugging purposes 362 for ($i = 1; $i < sizeof($grpftarray); $i++) { 363 COM_errorLog("element $i is feature " . key($grpftarray) . " and is " . current($grpftarray),1); 364 next($grpftarray); 365 } 366 } 367 } 368 369 // OK, now loop through and print all the features giving edit rights 370 // to only the ones that are direct features 371 $ftcount = 0; 372 $retval = '<tr>' . LB; 373 for ($i = 1; $i <= $nfeatures; $i++) { 374 if ($i > 0 AND ($i % 3 == 1)) { 375 $retval .= "</tr>\n<tr>"; 376 } 377 $A = DB_fetchArray($features); 378 379 if ((empty($grpftarray[$A['ft_name']]) OR ($grpftarray[$A['ft_name']] == 'direct')) AND ($core != 1)) { 380 $ftcount++; 381 $retval .= '<td><input type="checkbox" name="features[]" value="'. $A['ft_id'] . '"'; 382 if (!empty ($grpftarray[$A['ft_name']])) { 383 if ($grpftarray[$A['ft_name']] == 'direct') { 384 $retval .= ' checked="checked"'; 385 } 386 } 387 $retval .= '><span title="' . $A['ft_descr'] . '">' . $A['ft_name'] 388 . '</span></td>'; 389 } else { 390 // either this is an indirect right OR this is a core feature 391 if ((($core == 1) AND (isset ($grpftarray[$A['ft_name']]) AND (($grpftarray[$A['ft_name']] == 'indirect') OR ($grpftarray[$A['ft_name']] == 'direct')))) OR ($core != 1)) { 392 $ftcount++; 393 $retval .= '<td> (<i title="' 394 . $A['ft_descr'] . '">' . $A['ft_name'] . '</i>)</td>'; 395 } 396 } 397 } 398 if ($ftcount == 0) { 399 // This group doesn't have rights to any features 400 $retval .= '<td colspan="3">' . $LANG_ACCESS['grouphasnorights'] . '</td>'; 401 } 402 403 $retval .= '</tr>' . LB; 404 405 return $retval; 406 } 407 408 /** 409 * Save a group to the database 410 * 411 * @param string $grp_id ID of group to save 412 * @param string $grp_name Group Name 413 * @param string $grp_descr Description of group 414 * @param boolean $grp_admin Flag that indicates this is an admin use group 415 * @param boolean $grp_gl_core Flag that indicates if this is a core Geeklog group 416 * @param array $features Features the group has access to 417 * @param array $groups Groups this group will belong to 418 * @return string HTML refresh or error message 419 * 420 */ 421 function savegroup ($grp_id, $grp_name, $grp_descr, $grp_admin, $grp_gl_core, $features, $groups) 422 { 423 global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $VERBOSE; 424 425 if (!empty ($grp_name) && !empty ($grp_descr)) { 426 $GroupAdminGroups = SEC_getUserGroups (); 427 if (!empty ($grp_id) && 428 ($grp_id > 0) && 429 !in_array ($grp_id, $GroupAdminGroups) && 430 !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $GroupAdminGroups)) { 431 COM_accessLog ("User {$_USER['username']} tried to edit group '$grp_name' ($grp_id) with insufficient privileges."); 432 433 return COM_refresh ($_CONF['site_admin_url'] . '/group.php'); 434 } 435 436 if ($grp_gl_core == 1 AND !is_array ($features)) { 437 COM_errorLog ("Sorry, no valid features were passed to this core group ($grp_id) and saving could cause problem...bailing."); 438 439 return COM_refresh ($_CONF['site_admin_url'] . '/group.php'); 440 } 441 442 // group names have to be unique, so check if this one exists already 443 $g_id = DB_getItem ($_TABLES['groups'], 'grp_id', 444 "grp_name = '$grp_name'"); 445 if ($g_id > 0) { 446 if (empty ($grp_id) || ($grp_id != $g_id)) { 447 // there already is a group with that name - complain 448 $retval .= COM_siteHeader ('menu', $LANG_ACCESS['groupeditor']); 449 $retval .= COM_startBlock ($LANG_ACCESS['groupexists'], '', 450 COM_getBlockTemplate ('_msg_block', 'header')); 451 $retval .= $LANG_ACCESS['groupexistsmsg']; 452 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 453 $retval .= editgroup ($grp_id); 454 $retval .= COM_siteFooter (); 455 456 return $retval; 457 } 458 } 459 460 $grp_descr = COM_stripslashes ($grp_descr); 461 $grp_descr = addslashes ($grp_descr); 462 463 if (empty ($grp_id)) { 464 DB_save ($_TABLES['groups'], 'grp_name,grp_descr,grp_gl_core', 465 "'$grp_name','$grp_descr',$grp_gl_core"); 466 $grp_id = DB_getItem ($_TABLES['groups'], 'grp_id', 467 "grp_name = '$grp_name'"); 468 $new_group = true; 469 } else { 470 DB_save ($_TABLES['groups'], 471 'grp_id,grp_name,grp_descr,grp_gl_core', 472 "$grp_id,'$grp_name','$grp_descr',$grp_gl_core"); 473 $new_group = false; 474 } 475 476 // Use the field grp_gl_core to indicate if this is non-core GL Group is an Admin related group 477 if ($grp_gl_core != 1 AND $grp_id > 1) { 478 if (COM_applyFilter($grp_admin,true) == 1) { 479 DB_query("UPDATE {$_TABLES['groups']} SET grp_gl_core=2 WHERE grp_id=$grp_id"); 480 } else { 481 DB_query("UPDATE {$_TABLES['groups']} SET grp_gl_core=0 WHERE grp_id=$grp_id"); 482 } 483 } 484 485 // now save the features 486 DB_delete ($_TABLES['access'], 'acc_grp_id', $grp_id); 487 if (SEC_inGroup ('Root')) { 488 for ($i = 1; $i <= sizeof ($features); $i++) { 489 DB_query ("INSERT INTO {$_TABLES['access']} (acc_ft_id,acc_grp_id) VALUES (" . current ($features) . ",$grp_id)"); 490 next ($features); 491 } 492 } else { 493 $GroupAdminFeatures = SEC_getUserPermissions (); 494 $availableFeatures = explode (',', $GroupAdminFeatures); 495 for ($i = 1; $i <= sizeof($features); $i++) { 496 if (in_array (current ($features), $availableFeatures)) { 497 DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id,acc_grp_id) VALUES (" . current($features) . ",$grp_id)"); 498 next($features); 499 } 500 } 501 } 502 if ($VERBOSE) { 503 COM_errorLog('groups = ' . $groups); 504 COM_errorLog("deleting all group_assignments for group $grp_id/$grp_name",1); 505 } 506 507 DB_delete ($_TABLES['group_assignments'], 'ug_grp_id', $grp_id); 508 if (!empty ($groups)) { 509 for ($i = 1; $i <= sizeof ($groups); $i++) { 510 if (in_array ($grp_id, $GroupAdminGroups)) { 511 if ($VERBOSE) COM_errorLog("adding group_assignment " . current($groups) . " for $grp_name",1); 512 $sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_grp_id) VALUES (" . current($groups) . ",$grp_id)"; 513 DB_query($sql); 514 } 515 next($groups); 516 } 517 } 518 519 // Make sure Root group belongs to any new group 520 if (DB_getItem ($_TABLES['group_assignments'], 'COUNT(*)', 521 "ug_main_grp_id = $grp_id AND ug_grp_id = 1") == 0) { 522 DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_grp_id) VALUES ($grp_id, 1)"); 523 } 524 525 // make sure this Group Admin belongs to the new group 526 if (!SEC_inGroup ('Root')) { 527 if (DB_count ($_TABLES['group_assignments'], 'ug_uid', 528 "(ug_uid = {$_USER['uid']}) AND (ug_main_grp_id = $grp_id)") == 0) { 529 DB_query ("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ($grp_id,{$_USER['uid']})"); 530 } 531 } 532 533 if ($new_group) { 534 PLG_groupChanged ($grp_id, 'new'); 535 } else { 536 PLG_groupChanged ($grp_id, 'edit'); 537 } 538 if ($_POST['chk_showall'] == 1) { 539 echo COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49&showall=1'); 540 } else { 541 echo COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49'); 542 } 543 } else { 544 $retval .= COM_siteHeader ('menu', $LANG_ACCESS['groupeditor']); 545 $retval .= COM_startBlock ($LANG_ACCESS['missingfields'], '', 546 COM_getBlockTemplate ('_msg_block', 'header')); 547 $retval .= $LANG_ACCESS['missingfieldsmsg']; 548 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 549 $retval .= editgroup ($grp_id); 550 $retval .= COM_siteFooter (); 551 552 return $retval; 553 } 554 } 555 556 /** 557 * Get a list (actually an array) of all groups this group belongs to. 558 * 559 * @param basegroup int id of group 560 * @return array array of all groups 'basegroup' belongs to 561 * 562 */ 563 function getGroupList ($basegroup) 564 { 565 global $_TABLES; 566 567 $to_check = array (); 568 array_push ($to_check, $basegroup); 569 570 $checked = array (); 571 572 while (sizeof ($to_check) > 0) { 573 $thisgroup = array_pop ($to_check); 574 if ($thisgroup > 0) { 575 $result = DB_query ("SELECT ug_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = $thisgroup"); 576 $numGroups = DB_numRows ($result); 577 for ($i = 0; $i < $numGroups; $i++) { 578 $A = DB_fetchArray ($result); 579 if (!in_array ($A['ug_grp_id'], $checked)) { 580 if (!in_array ($A['ug_grp_id'], $to_check)) { 581 array_push ($to_check, $A['ug_grp_id']); 582 } 583 } 584 } 585 $checked[] = $thisgroup; 586 } 587 } 588 589 return $checked; 590 } 591 592 /** 593 * Display a list of all users in a given group. 594 * 595 * @param grp_id int group id 596 * @return string HTML for user listing 597 * 598 */ 599 function listusers ($grp_id) 600 { 601 global $_CONF, $_TABLES, $LANG28, $LANG_ACCESS, $LANG_ADMIN, $_IMAGE_TYPE; 602 603 require_once( $_CONF['path_system'] . 'lib-admin.php' ); 604 $retval = ''; 605 606 $thisUsersGroups = SEC_getUserGroups (); 607 if (!empty ($grp_id) && 608 ($grp_id > 0) && 609 !in_array ($grp_id, $thisUsersGroups) && 610 !SEC_groupIsRemoteUserAndHaveAccess( $grp_id, $thisUsersGroups)) { 611 $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'], '', 612 COM_getBlockTemplate ('_msg_block', 'header')); 613 $retval .= $LANG_ACCESS['cantlistgroup']; 614 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 615 616 return $retval; 617 } 618 619 if ($_CONF['lastlogin']) { 620 $login_text = $LANG28[41]; 621 $login_field = 'lastlogin'; 622 } else { 623 $login_text = $LANG28[40]; 624 $login_field = 'regdate'; 625 } 626 627 $header_arr = array ( 628 array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), 629 array('text' => $LANG28[37], 'field' => 'uid', 'sort' => true), 630 array('text' => $LANG28[3], 'field' => 'username', 'sort' => true), 631 array('text' => $LANG28[4], 'field' => 'fullname', 'sort' => true), 632 array('text' => $login_text, 'field' => $login_field, 'sort' => true), 633 array('text' => $LANG28[7], 'field' => 'email', 'sort' => true) 634 ); 635 636 $defsort_arr = array ('field' => 'username', 637 'direction' => 'asc' 638 ); 639 640 $form_url = $_CONF['site_admin_url'] . '/group.php?mode=listusers&grp_id='.$grp_id; 641 if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] == 1)) { 642 $form_url .= '&chk_showall=1'; 643 } 644 645 $groupname = DB_getItem ($_TABLES['groups'], 'grp_name', 646 "grp_id = '$grp_id'"); 647 $headline = sprintf ($LANG_ACCESS['usersingroup'], $groupname); 648 649 $url = $_CONF['site_admin_url'] . '/group.php'; 650 if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] == 1)) { 651 $url .= '?chk_showall=1'; 652 } 653 $menu_arr = array ( 654 array('url' => $url, 655 'text' => $LANG28[38]), 656 array('url' => $_CONF['site_admin_url'], 657 'text' => $LANG_ADMIN['admin_home'])); 658 659 $text_arr = array ('has_menu' => true, 660 'has_extras' => true, 661 'title' => $headline, 662 'instructions' => ' ', 663 'icon' => $_CONF['layout_url'] . '/images/icons/group.' 664 . $_IMAGE_TYPE, 665 'form_url' => $form_url, 666 'help_url' => '' 667 ); 668 669 $join_userinfo = ''; 670 $select_userinfo = ''; 671 if ($_CONF['lastlogin']) { 672 $join_userinfo = "LEFT JOIN {$_TABLES['userinfo']} ON {$_TABLES['users']}.uid={$_TABLES['userinfo']}.uid "; 673 $select_userinfo = ",lastlogin "; 674 } 675 676 $groups = getGroupList ($grp_id); 677 $groupList = implode (',', $groups); 678 679 $sql = "SELECT DISTINCT {$_TABLES['users']}.uid,username,fullname,email,photo,regdate$select_userinfo " 680 ."FROM {$_TABLES['group_assignments']},{$_TABLES['users']} $join_userinfo " 681 ."WHERE {$_TABLES['users']}.uid > 1 " 682 ."AND {$_TABLES['users']}.uid = {$_TABLES['group_assignments']}.ug_uid " 683 ."AND ({$_TABLES['group_assignments']}.ug_main_grp_id IN ({$groupList}))"; 684 685 $query_arr = array ('table' => 'users', 686 'sql' => $sql, 687 'query_fields' => array('username', 'email', 'fullname'), 688 'default_filter' => "AND {$_TABLES['users']}.uid > 1" 689 ); 690 691 $retval .= ADMIN_list ('user', 'ADMIN_getListField_users', $header_arr, $text_arr, $query_arr, $menu_arr, $defsort_arr); 692 693 return $retval; 694 } 695 696 function listgroups() 697 { 698 global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $LANG28, $_IMAGE_TYPE; 699 700 require_once ($_CONF['path_system'] . 'lib-admin.php'); 701 702 $retval = ''; 703 704 $header_arr = array( // display 'text' and use table field 'field' 705 array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), 706 array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), 707 array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true), 708 array('text' => $LANG_ACCESS['coregroup'], 'field' => 'grp_gl_core', 'sort' => true), 709 array('text' => $LANG_ACCESS['listusers'], 'field' => 'list', 'sort' => false) 710 ); 711 712 $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc'); 713 714 $form_url = $_CONF['site_admin_url'] . '/group.php'; 715 if (isset ($_REQUEST['chk_showall']) && ($_REQUEST['chk_showall'] == 1)) { 716 $form_url .= '?chk_showall=1'; 717 } 718 719 $menu_arr = array ( 720 array('url' => $_CONF['site_admin_url'] . '/group.php?mode=edit', 721 'text' => $LANG_ADMIN['create_new']), 722 array('url' => $_CONF['site_admin_url'], 723 'text' => $LANG_ADMIN['admin_home'])); 724 725 $text_arr = array('has_menu' => true, 726 'has_extras' => true, 727 'title' => $LANG_ACCESS['groupmanager'], 728 'instructions' => $LANG_ACCESS['newgroupmsg'], 729 'icon' => $_CONF['layout_url'] . '/images/icons/group.' 730 . $_IMAGE_TYPE, 731 'form_url' => $form_url); 732 733 $filter = '<span style="padding-right:20px;">'; 734 735 // Extra test required to handle that different ways this option is passed and need to be able to 736 // over-ride the option using the posted form when the URL contains the variable as well 737 $show_all_groups = false; 738 if (isset($_POST['q'])) { // Form has been posted - test actual option in this form 739 if ($_POST['chk_showall'] == 1) { 740 $show_all_groups = true; 741 } 742 } else if (isset ($_GET['showall']) && ($_GET['showall'] == 1)) { 743 $show_all_groups = true; 744 } 745 746 if (SEC_inGroup('Root')) { 747 $grpFilter = ''; 748 } else { 749 $thisUsersGroups = SEC_getUserGroups (); 750 $grpFilter = 'AND (grp_id IN (' . implode (',', $thisUsersGroups) . '))'; 751 } 752 753 if ($show_all_groups) { 754 $filter .= '<label for="chk_showall"><input id="chk_showall" type="checkbox" name="chk_showall" value="1" checked="checked">'; 755 $query_arr = array('table' => 'groups', 756 'sql' => "SELECT * FROM {$_TABLES['groups']} WHERE 1=1", 757 'query_fields' => array('grp_name', 'grp_descr'), 758 'default_filter' => $grpFilter); 759 } else { 760 $filter .= '<label for="chk_showall"><input id="chk_showall" type="checkbox" name="chk_showall" value="1">'; 761 $query_arr = array('table' => 'groups', 762 'sql' => "SELECT * FROM {$_TABLES['groups']} WHERE (grp_gl_core = 0 OR grp_id in (2,13))", 763 'query_fields' => array('grp_name', 'grp_descr'), 764 'default_filter' => $grpFilter); 765 } 766 $filter .= $LANG28[48] . '</label></span>'; 767 768 $retval .= ADMIN_list ('groups', 'ADMIN_getListField_groups', $header_arr, 769 $text_arr, $query_arr, $menu_arr, $defsort_arr, $filter); 770 771 return $retval; 772 } 773 774 function grp_selectUsers ($group_id, $allusers = false) 775 { 776 global $_TABLES, $_USER; 777 778 $retval = ''; 779 780 // Get a list of users in the Root Group and the selected group 781 $sql = "SELECT DISTINCT uid FROM {$_TABLES['users']} LEFT JOIN {$_TABLES['group_assignments']} "; 782 $sql .= "ON {$_TABLES['group_assignments']}.ug_uid = uid WHERE uid > 1 AND "; 783 $sql .= "({$_TABLES['group_assignments']}.ug_main_grp_id = 1 OR {$_TABLES['group_assignments']}.ug_main_grp_id = $group_id)"; 784 $result = DB_query ($sql); 785 $filteredusers = array(); 786 while ($A = DB_fetchArray($result)) { 787 $filteredusers[] = $A['uid']; 788 } 789 790 $groups = getGroupList ($group_id); 791 $grouplist = '(' . implode (',', $groups) . ')'; 792 $sql = "SELECT DISTINCT uid,username FROM {$_TABLES['users']} LEFT JOIN {$_TABLES['group_assignments']} "; 793 $sql .= "ON {$_TABLES['group_assignments']}.ug_uid = uid WHERE uid > 1 AND "; 794 $sql .= "{$_TABLES['group_assignments']}.ug_main_grp_id "; 795 if ($allusers) { 796 $sql .= 'NOT '; 797 } 798 $sql .= "IN {$grouplist} "; 799 // Filter out the users that will be in the selected group 800 if ($allusers) { 801 $filteredusers = implode(',',$filteredusers); 802 $sql .= " AND uid NOT IN ($filteredusers) "; 803 } 804 $sql .= "ORDER BY username"; 805 $result = DB_query ($sql); 806 $numUsers = DB_numRows ($result); 807 for ($i = 0; $i < $numUsers; $i++) { 808 list($uid, $username) = DB_fetchArray ($result); 809 $retval .= '<option value="' . $uid . '">' . $username . '</option>'; 810 } 811 812 return $retval; 813 } 814 815 816 function editusers ($group) 817 { 818 global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG_ADMIN, $LANG28; 819 820 $retval = ''; 821 822 $thisUsersGroups = SEC_getUserGroups (); 823 $groupName = DB_getItem($_TABLES['groups'],'grp_name',"grp_id='$group'"); 824 if (!empty ($group) && 825 ($group > 0) && 826 !in_array ($group, $thisUsersGroups) && 827 !SEC_groupIsRemoteUserAndHaveAccess($group, $thisUsersGroups) 828 ) { 829 $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'], '', 830 COM_getBlockTemplate ('_msg_block', 'header')); 831 if (!SEC_inGroup ('Root') && (DB_getItem ($_TABLES['groups'], 832 'grp_name', "grp_id = $group") == 'Root')) { 833 $retval .= $LANG_ACCESS['canteditroot']; 834 COM_accessLog ("User {$_USER['username']} tried to edit the Root group with insufficient privileges."); 835 } else { 836 $retval .= $LANG_ACCESS['canteditgroup']; 837 } 838 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 839 840 return $retval; 841 } 842 843 $group_listing_url = $_CONF['site_admin_url'] . '/group.php'; 844 if ($_REQUEST['chk_showall'] == 1) { 845 $group_listing_url .= '?chk_showall=1'; 846 } 847 848 $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'] . " - $groupName" , '', 849 COM_getBlockTemplate ('_admin_block', 'header')); 850 $groupmembers = new Template($_CONF['path_layout'] . 'admin/group'); 851 $groupmembers->set_file (array ('groupmembers'=>'groupmembers.thtml')); 852 $groupmembers->set_var ('site_url', $_CONF['site_url']); 853 $groupmembers->set_var ('site_admin_url', $_CONF['site_admin_url']); 854 $groupmembers->set_var ('group_listing_url', $group_listing_url); 855 $groupmembers->set_var ('layout_url', $_CONF['layout_url']); 856 $groupmembers->set_var ('phpself', $_CONF['site_admin_url'] . '/group.php'); 857 $groupmembers->set_var('lang_adminhome', $LANG_ACCESS['adminhome']); 858 $groupmembers->set_var('lang_instructions', $LANG_ACCESS['editgroupmsg']); 859 $groupmembers->set_var ('LANG_sitemembers',$LANG_ACCESS['availmembers']); 860 $groupmembers->set_var ('LANG_grpmembers',$LANG_ACCESS['groupmembers']); 861 $groupmembers->set_var ('sitemembers', grp_selectUsers($group,true) ); 862 $groupmembers->set_var ('group_list', grp_selectUsers($group) ); 863 $groupmembers->set_var ('LANG_add',$LANG_ACCESS['add']); 864 $groupmembers->set_var ('LANG_remove',$LANG_ACCESS['remove']); 865 $groupmembers->set_var('lang_save', $LANG_ADMIN['save']); 866 $groupmembers->set_var('lang_cancel', $LANG_ADMIN['cancel']); 867 $groupmembers->set_var ('lang_grouplist', $LANG28[38]); 868 $groupmembers->set_var('show_all', COM_applyFilter($_GET['chk_showall'],true)); 869 $groupmembers->set_var ('group_id',$group); 870 $groupmembers->parse ('output', 'groupmembers'); 871 $retval .= $groupmembers->finish($groupmembers->get_var('output')); 872 $retval .= COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer')); 873 874 return $retval; 875 } 876 877 function savegroupusers ($groupid, $groupmembers) 878 { 879 global $_CONF, $_TABLES; 880 // Delete all the current buddy records for this user and add all the selected ones 881 $sql = "DELETE FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id={$groupid} AND ug_uid IS NOT NULL"; 882 DB_query($sql); 883 $adduser = explode("|",$groupmembers); 884 for( $i = 0; $i < count($adduser); $i++ ) { 885 $adduser[$i] = COM_applyFilter($adduser[$i], true); 886 DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ('$groupid', '$adduser[$i]')"); 887 } 888 if ($_POST['chk_showall'] == 1) { 889 echo COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49&showall=1'); 890 } else { 891 echo COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=49'); 892 } 893 } 894 895 /** 896 * Delete a group 897 * 898 * @param int $grp_id id of group to delete 899 * @return string HTML redirect 900 * 901 */ 902 function deleteGroup ($grp_id) 903 { 904 global $_CONF, $_TABLES, $_USER; 905 906 if (!SEC_inGroup ('Root') && (DB_getItem ($_TABLES['groups'], 'grp_name', 907 "grp_id = $grp_id") == 'Root')) { 908 COM_accessLog ("User {$_USER['username']} tried to delete the Root group with insufficient privileges."); 909 910 return COM_refresh ($_CONF['site_admin_url'] . '/group.php'); 911 } 912 913 $GroupAdminGroups = SEC_getUserGroups (); 914 if (!in_array ($grp_id, $GroupAdminGroups) && !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $GroupAdminGroups)) { 915 COM_accessLog ("User {$_USER['username']} tried to delete group $grp_id with insufficient privileges."); 916 917 return COM_refresh ($_CONF['site_admin_url'] . '/group.php'); 918 } 919 920 DB_delete ($_TABLES['access'], 'acc_grp_id', $grp_id); 921 DB_delete ($_TABLES['group_assignments'], 'ug_grp_id', $grp_id); 922 DB_delete ($_TABLES['group_assignments'], 'ug_main_grp_id', $grp_id); 923 DB_delete ($_TABLES['groups'], 'grp_id', $grp_id); 924 925 PLG_groupChanged ($grp_id, 'delete'); 926 if ($_POST['chk_showall'] == 1) { 927 return COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50&showall=1'); 928 } else { 929 return COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50'); 930 } 931 } 932 933 // MAIN 934 $mode = ''; 935 if (isset($_REQUEST['mode'])) { 936 $mode = $_REQUEST['mode']; 937 } 938 939 if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) { 940 $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true); 941 if (!isset ($grp_id) || empty ($grp_id) || ($grp_id == 0)) { 942 COM_errorLog ('Attempted to delete group grp_id=' . $grp_id); 943 $display .= COM_refresh ($_CONF['site_admin_url'] . '/group.php'); 944 } else { 945 $display .= deleteGroup ($grp_id); 946 } 947 } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save'])) { 948 $display .= savegroup (COM_applyFilter ($_POST['grp_id'],true), 949 COM_applyFilter ($_POST['grp_name']), 950 $_POST['grp_descr'], 951 COM_applyFilter($_POST['chk_grpadmin'],true), 952 COM_applyFilter ($_POST['grp_gl_core']), 953 $_POST['features'], $_POST[$_TABLES['groups']]); 954 } else if ($mode == 'savegroupusers') { 955 $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true); 956 $display .= savegroupusers ($grp_id, $_POST['groupmembers']); 957 } else if ($mode == 'edit') { 958 $grp_id = 0; 959 if (isset ($_REQUEST['grp_id'])) { 960 $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true); 961 } 962 $display .= COM_siteHeader ('menu', $LANG_ACCESS['groupeditor']); 963 $display .= editgroup ($grp_id); 964 $display .= COM_siteFooter (); 965 } else if ($mode == 'listusers') { 966 $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true); 967 $display .= COM_siteHeader ('menu', $LANG_ACCESS['groupmembers']); 968 $display .= listusers ($grp_id); 969 $display .= COM_siteFooter (); 970 } else if ($mode == 'editusers') { 971 $grp_id = COM_applyFilter ($_REQUEST['grp_id'], true); 972 $display .= COM_siteHeader ('menu', $LANG_ACCESS['usergroupadmin']); 973 $display .= editusers ($grp_id); 974 $display .= COM_siteFooter (); 975 } else { // 'cancel' or no mode at all 976 $display .= COM_siteHeader ('menu', $LANG28[38]); 977 if (isset ($_REQUEST['msg'])) { 978 $display .= COM_showMessage (COM_applyFilter ($_REQUEST['msg'], true)); 979 } 980 $display .= listgroups(); 981 $display .= COM_siteFooter(); 982 } 983 984 echo $display; 985 986 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 12:27:40 2007 | par Balluche grâce à PHPXref 0.7 |
|
|