| [ Index ] |
|
Code source de Plume CMS 1.2.2 |
1 <?php 2 /* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 3 /* 4 # ***** BEGIN LICENSE BLOCK ***** 5 # This file is part of Plume CMS, a website management application. 6 # Copyright (C) 2001-2005 Loic d'Anterroches and contributors. 7 # 8 # Plume CMS is free software; you can redistribute it and/or modify 9 # it under the terms of the GNU General Public License as published by 10 # the Free Software Foundation; either version 2 of the License, or 11 # (at your option) any later version. 12 # 13 # Plume CMS is distributed in the hope that it will be useful, 14 # but WITHOUT ANY WARRANTY; without even the implied warranty of 15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 # GNU General Public License for more details. 17 # 18 # You should have received a copy of the GNU General Public License 19 # along with this program; if not, write to the Free Software 20 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 # 22 # ***** END LICENSE BLOCK ***** */ 23 24 require_once 'path.php'; 25 require_once $_PX_config['manager_path'].'/prepend.php'; 26 27 auth::checkAuth(PX_AUTH_ADMIN); 28 29 $m = new Manager(); 30 $_px_theme = $m->user->getTheme(); 31 32 33 /* ================================================= * 34 * Generate sub-menu * 35 * ================================================= */ 36 if (empty($_REQUEST['op']) && empty($_REQUEST['user_id'])) { 37 $display_add_user = true; 38 } else { 39 $display_add_user = false; 40 } 41 42 $px_submenu->addItem(__('New author'), 'users.php?op=add', 43 'themes/'.$_px_theme.'/images/ico_new.png', 44 false, $display_add_user); 45 $px_submenu->addItem(__('Back to the list of authors'), 'users.php', 46 'themes/'.$_px_theme.'/images/ico_back.png', 47 false, !$display_add_user); 48 49 /* ====================================================== * 50 * Process block * 51 * ====================================================== */ 52 53 if (empty($_REQUEST['op']) && empty($_REQUEST['user_id'])) { 54 // list the users 55 $px_users = $m->getUsers(); 56 } else { 57 // edit a user 58 // set default values 59 $px_is_admin = false; // Has the user the admin level somewhere? 60 $px_edit_ok = false; 61 $px_id = ''; 62 $px_username = ''; 63 $px_password = ''; 64 $px_realname = ''; 65 $px_email = ''; 66 $px_pubemail = ''; 67 $px_levels = array(); 68 $arry_levels[__('Administrator')] = PX_AUTH_ADMIN; 69 $arry_levels[__('Advanced author')] = PX_AUTH_ADVANCED; 70 $arry_levels[__('Simple author')] = PX_AUTH_NORMAL; 71 $arry_levels[__('No access')]= PX_AUTH_DISABLE; 72 $px_res = new Recordset(); 73 74 if (!empty($_REQUEST['user_id'])) { 75 $px_user = $m->getUserById($_REQUEST['user_id']); 76 $px_id = $px_user->f('user_id'); 77 $px_username = $px_user->f('user_username'); 78 $px_realname = $px_user->f('user_realname'); 79 $px_email = $px_user->f('user_email'); 80 $px_pubemail = $px_user->f('user_pubemail'); 81 $px_levels = $px_user->getWebsiteLevels($px_id); 82 // to get all the resources 83 // even in another website 84 $px_res = $px_user->getListResources(); 85 86 foreach ($px_user->webs as $site => $score) { 87 if ($score >= PX_AUTH_ADMIN) { 88 $px_is_admin = true; 89 break; 90 } 91 } 92 reset($px_user->webs); 93 if (auth::asLevel(PX_AUTH_ROOT) 94 || !$px_is_admin || $px_id == $m->user->f('user_id')) { 95 $px_edit_ok = true; 96 } 97 } else { 98 // new user 99 $px_edit_ok = true; 100 } 101 102 } 103 104 /* ================================================= * 105 * Save/Add the user * 106 * ================================================= */ 107 if (!empty($_POST['save'])) { 108 // Populate the list of websites 109 $authwebs = array(); 110 // populate the $authwebs with the data from database 111 // so no site can be removed 112 if ($px_id) { 113 foreach ($px_user->webs as $site => $score) { 114 $authwebs[$site] = $score; 115 } 116 } 117 foreach ($m->user->webs as $site => $score) { 118 if ($score >= PX_AUTH_ADMIN) { 119 if (isset($_POST['u_website_'.$site]) 120 && $_POST['u_website_'.$site] != PX_AUTH_DISABLE) { 121 $authwebs[$site] = $_POST['u_website_'.$site]; 122 $px_levels[$site] = $_POST['u_website_'.$site]; 123 } elseif (isset($_POST['u_website_'.$site]) 124 && $_POST['u_website_'.$site] == PX_AUTH_DISABLE) { 125 unset($authwebs[$site]); 126 unset($px_levels[$site]); 127 } 128 } 129 } 130 131 // now need to be sure that when the user is admin the level is not changed 132 // except the case of the user doing the operation to be root 133 if ($px_id) { 134 if (!auth::asLevel(PX_AUTH_ROOT)) { 135 reset($px_user->webs); 136 foreach ($px_user->webs as $site => $score) { 137 if ($score >= PX_AUTH_ADMIN) { 138 $authwebs[$site] = $score; 139 } 140 } 141 } 142 } 143 144 if ($px_edit_ok) { 145 $px_username = trim($_POST['u_username']); 146 $px_password = trim($_POST['u_password']); 147 $px_realname = trim($_POST['u_realname']); 148 $px_email = trim($_POST['u_email']); 149 $px_pubemail = trim($_POST['u_pubemail']); 150 } 151 152 if (false !== ($id = $m->saveUser($px_id, $px_username, 153 $px_password, $px_realname, 154 $px_email, $px_pubemail, $authwebs)) 155 ) { 156 if ($id == $m->user->f('user_id')) { 157 header('Location: login.php?logout=1'); 158 exit; 159 } 160 $m->setMessage(__('The author has been successfully saved.')); 161 header('Location: users.php'); 162 exit; 163 } 164 } 165 /* ================================================= * 166 * Remove a user * 167 * ================================================= */ 168 if (!empty($_POST['delete']) && !empty($px_id)) { 169 if ($px_id == 1) { 170 $m->setError(__('Error: This user cannot be deleted.'), 400); 171 } else { 172 if ($px_res->nbRow() != 0) { 173 $m->setError(__('Error: This user cannot be deleted.'), 400); 174 } else { 175 if (false !== $m->delUser($px_id)) { 176 $m->setMessage(__('Author successfully deleted.')); 177 header('Location: users.php'); 178 exit; 179 } 180 } 181 } 182 } 183 184 /* =========================================================== * 185 * Display block * 186 * =========================================================== */ 187 188 189 /* ================================================= * 190 * Set title of the page, and load common top page * 191 * ================================================= */ 192 $px_title = __('Authors'); 193 include dirname(__FILE__).'/mtemplates/_top.php'; 194 195 echo '<h1>'. __('Authors')."</h1>\n\n"; 196 197 if (empty($_REQUEST['op']) && empty($_REQUEST['user_id'])) { 198 // list the users 199 while(!$px_users->EOF()) { 200 $res = $px_users->getListResources(config::f('website_id')); 201 if ($px_users->getWebsiteLevel(config::f('website_id')) > 0) { 202 $cancel = ''; 203 } else { 204 $cancel = ' cancel'; 205 } 206 echo '<div class="line'.$cancel.'" id="p'.$px_users->f('user_id').'"><p>'; 207 if (($px_users->f('user_id') != 1) || auth::asLevel(PX_AUTH_ROOT)) { 208 echo '<a href="users.php?user_id='.$px_users->f('user_id').'"><strong>'.$px_users->f('user_realname').'</strong></a>'; 209 } else { 210 echo '<strong>'.$px_users->f('user_realname').'</strong>'; 211 } 212 echo ' ['.$res->nbRow().' '. __('resource(s)').']'; 213 echo "</p>\n\n"; 214 echo "\n</div>\n\n"; 215 216 217 $px_users->moveNext(); 218 } 219 } else { 220 if ($m->user->f('user_id') == $px_id) { 221 echo '<p class="message">'. __('Attention, you are modifying your profile. You will be logged out if changes are successfully made.').'</p>'."\n\n"; 222 } 223 224 ?> 225 226 227 <form action="users.php" method="post" id="formPost"> 228 <p class="field"><label class="float" for="u_username" style="display:inline"><strong><?php echo __('Login:'); ?></strong></label> 229 <?php if ($px_edit_ok) { 230 echo form::textField('u_username', 30, 30, $px_username, '', ''); 231 } else { 232 echo $px_username; 233 } 234 ?> 235 </p> 236 237 <p class="field"><label class="float" for="u_realname" style="display:inline"><strong><?php echo __('Name:'); ?></strong></label> 238 <?php if ($px_edit_ok) { 239 echo form::textField('u_realname', 30, 50, $px_realname, '', ''); 240 } else { 241 echo $px_realname; 242 } 243 ?> 244 </p> 245 246 <p class="field"><label class="float" for="u_email" style="display:inline"><strong><?php echo __('Email <span class="small">(not shown)</span>:'); ?></strong></label> 247 <?php if ($px_edit_ok) { 248 echo form::textField('u_email', 30, 50, $px_email, '', ''); 249 } else { 250 echo $px_email; 251 } 252 ?> 253 </p> 254 255 <p class="field"><label class="float" for="u_pubemail" style="display:inline"><?php echo __('Public email:'); ?></label> 256 <?php if ($px_edit_ok) { 257 echo form::textField('u_pubemail', 30, 50, $px_pubemail, '', ''); 258 } else { 259 echo $px_pubemail; 260 } 261 ?> 262 </p> 263 264 <?php if ($px_edit_ok): ?> 265 <p class="field"><label class="float" for="u_password" style="display:inline"><?php echo __('Password:'); ?></label> 266 <?php echo form::textField('u_password', 30, 50, '', '', ''); ?> 267 <br /><?php echo __('(keep empty not to change it)'); ?></p> 268 <?php endif; ?> 269 270 <p><strong><?php echo __('Levels'); ?></strong></p> 271 272 <?php 273 foreach ($m->user->webs as $site => $score) { 274 if ($score >= PX_AUTH_ADMIN) { 275 echo '<p class="field"><label for="u_website_'.$site.'" style="display:inline">'; 276 echo sprintf( __('Site <strong>%s</strong>:'), $m->user->wdata[$site]['website_name']); 277 echo '</label> '; 278 if (!isset($px_levels[$site])) $px_levels[$site] = PX_AUTH_DISABLE; 279 if ($px_levels[$site] >= PX_AUTH_ADMIN && !$px_edit_ok) { 280 echo __('Administrator'); 281 } else { 282 echo form::combobox('u_website_'.$site, $arry_levels, $px_levels[$site]); 283 } 284 } 285 } 286 if (!empty($px_id)) { 287 echo form::hidden('user_id',$px_id); 288 } else { 289 echo form::hidden('op','add'); 290 } 291 ?> 292 <p> <input name="save" type="submit" class="submit" value="<?php echo __('Save [s]'); ?>" 293 accesskey="s" /> 294 <?php 295 if ($px_res->nbRow() == 0 && !empty($px_id)) { 296 echo ' <input name="delete" type="submit" class="submit" '. 297 'value="'. __('Delete').'" onclick="return '. 298 'window.confirm(\''.addslashes( __('Are you sure you want to delete this author?')).'\')" />'; 299 300 } 301 ?> 302 </p> 303 </form> 304 <?php 305 } 306 307 /*================================================= 308 Load common bottom page 309 =================================================*/ 310 include dirname(__FILE__).'/mtemplates/_bottom.php'; 311 312 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 11:57:01 2007 | par Balluche grâce à PHPXref 0.7 |
|
|