aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--admin.php29
-rw-r--r--admin/group_list.php261
-rw-r--r--admin/group_perm.php173
-rw-r--r--admin/user_perm.php121
-rw-r--r--doc/ChangeLog12
-rw-r--r--template/default/admin.tpl9
-rw-r--r--template/default/admin/cat_options.tpl2
-rw-r--r--template/default/admin/group_list.tpl64
-rw-r--r--template/default/admin/group_perm.tpl7
-rw-r--r--template/default/admin/user_list.tpl17
-rw-r--r--template/default/admin/user_perm.tpl6
11 files changed, 328 insertions, 373 deletions
diff --git a/admin.php b/admin.php
index 23bb3f76f..fa031da6e 100644
--- a/admin.php
+++ b/admin.php
@@ -76,21 +76,26 @@ switch ( $_GET['page'] )
case 'group_list' :
$title = $lang['title_groups']; $page_valide = true; break;
case 'group_perm' :
- /*if ( !is_numeric( $_GET['group_id'] ) ) $_GET['group_id'] = -1;
- $query = 'SELECT name FROM '.GROUPS_TABLE;
- $query.= ' WHERE id = '.$_GET['group_id'];
- $query.= ';';
- $result = pwg_query( $query );
- if ( mysql_num_rows( $result ) > 0 )
+ if (!is_numeric($_GET['group_id']))
{
- $row = mysql_fetch_array( $result );*/
- $title = $lang['title_group_perm'];//.' "'.$row['name'].'"';
+ $_GET['group_id'] = -1;
+ }
+ $query = '
+SELECT name
+ FROM '.GROUPS_TABLE.'
+ WHERE id = '.$_GET['group_id'].'
+;';
+ $result = pwg_query($query);
+ if (mysql_num_rows($result) > 0 )
+ {
+ $row = mysql_fetch_array($result);
+ $title = $lang['title_group_perm'].' "'.$row['name'].'"';
$page_valide = true;
- /*}
+ }
else
{
$page_valide = false;
- }*/
+ }
break;
case 'stats':
$title = $lang['title_history']; $page_valide = true; break;
@@ -252,7 +257,6 @@ $template->assign_vars(array(
'L_IDENTIFY'=>$lang['identification'],
'L_USERS'=>$lang['users'],
'L_GROUPS'=>$lang['groups'],
- 'L_AUTH'=>$lang['permissions'],
'L_UPDATE'=>$lang['update'],
'L_CAT_UPLOAD'=>$lang['upload'],
'L_CAT_COMMENTS'=>$lang['comments'],
@@ -282,9 +286,6 @@ $template->assign_vars(array(
'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ),
'U_USERS'=>add_session_id($link_start.'user_list' ),
'U_GROUPS'=>add_session_id($link_start.'group_list' ),
- 'U_USERS_AUTH'=>add_session_id($link_start.'user_perm' ),
- 'U_GROUPS_AUTH'=>add_session_id($link_start.'group_perm'),
- 'U_CAT_AUTH'=>add_session_id($link_start.'cat_perm' ),
'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php')
));
diff --git a/admin/group_list.php b/admin/group_list.php
index f789a6b27..7bc08b3f4 100644
--- a/admin/group_list.php
+++ b/admin/group_list.php
@@ -24,171 +24,154 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
+
if( !defined("PHPWG_ROOT_PATH") )
{
- die ("Hacking attempt!");
+ die ("Hacking attempt!");
}
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
-//-------------------------------------------------------------- delete a group
-if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) )
+// +-----------------------------------------------------------------------+
+// | delete a group |
+// +-----------------------------------------------------------------------+
+
+if (isset($_GET['delete']) and is_numeric($_GET['delete']))
{
// destruction of the access linked to the group
- $query = 'DELETE FROM '.GROUP_ACCESS_TABLE;
- $query.= ' WHERE group_id = '.$_POST['group_id'];
- $query.= ';';
- pwg_query( $query );
-
- // destruction of the users links for this group
- $query = 'DELETE FROM ' . USER_GROUP_TABLE;
- $query.= ' WHERE group_id = '.$_POST['group_id'];
- pwg_query( $query );
-
- // destruction of the group
- $query = 'DELETE FROM ' . GROUPS_TABLE;
- $query.= ' WHERE id = '.$_POST['group_id'];
- $query.= ';';
- pwg_query( $query );
+ $query = '
+DELETE
+ FROM '.GROUP_ACCESS_TABLE.'
+ WHERE group_id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ // destruction of the users links for this group
+ $query = '
+DELETE
+ FROM '.USER_GROUP_TABLE.'
+ WHERE group_id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ $query = '
+SELECT name
+ FROM '.GROUPS_TABLE.'
+ WHERE id = '.$_GET['delete'].'
+;';
+ list($groupname) = mysql_fetch_row(pwg_query($query));
+
+ // destruction of the group
+ $query = '
+DELETE
+ FROM '.GROUPS_TABLE.'
+ WHERE id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ array_push(
+ $page['infos'],
+ sprintf(l10n('group "%s" deleted'), $groupname)
+ );
}
-//----------------------------------------------------------------- add a group
-elseif ( isset( $_POST['new'] ) )
+
+// +-----------------------------------------------------------------------+
+// | add a group |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit_add']))
{
- if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] )
- or preg_match( '/"/', $_POST['newgroup'] ) )
+ if (empty($_POST['groupname']))
{
- array_push( $page['errors'], $lang['group_add_error1'] );
+ array_push($page['errors'], $lang['group_add_error1']);
}
- if ( count( $page['errors'] ) == 0 )
+ if (count($page['errors']) == 0)
{
// is the group not already existing ?
- $query = 'SELECT id FROM '.GROUPS_TABLE;
- $query.= " WHERE name = '".$_POST['newgroup']."'";
- $query.= ';';
- $result = pwg_query( $query );
- if ( mysql_num_rows( $result ) > 0 )
+ $query = '
+SELECT COUNT(*)
+ FROM '.GROUPS_TABLE.'
+ WHERE name = \''.$_POST['groupname'].'\'
+;';
+ list($count) = mysql_fetch_row(pwg_query($query));
+ if ($count != 0)
{
- array_push( $page['errors'], $lang['group_add_error2'] );
+ array_push($page['errors'], $lang['group_add_error2']);
}
}
- if ( count( $page['errors'] ) == 0 )
+ if (count($page['errors']) == 0)
{
// creating the group
- $query = ' INSERT INTO '.GROUPS_TABLE;
- $query.= " (name) VALUES ('".$_POST['newgroup']."')";
- $query.= ';';
- pwg_query( $query );
- }
-}
-//------------------------------------------------------------- user management
-elseif ( isset( $_POST['add'] ) )
-{
- $userdata = getuserdata($_POST['username']);
- if (!$userdata)
- {
- array_push($page['errors'], $lang['user_err_unknown']);
- }
- else
- {
- // create a new association between the user and a group
$query = '
-INSERT INTO '.USER_GROUP_TABLE.'
- (user_id,group_id)
+INSERT INTO '.GROUPS_TABLE.'
+ (name)
VALUES
- ('.$userdata['id'].','.$_POST['edit_group_id'].')
+ (\''.mysql_escape_string($_POST['groupname']).'\')
;';
pwg_query($query);
+
+ array_push(
+ $page['infos'],
+ sprintf(l10n('group "%s" added'), $_POST['groupname'])
+ );
}
}
-elseif (isset( $_POST['deny_user'] ))
-{
- $sql_in = '';
- $members = $_POST['members'];
- for($i = 0; $i < count($members); $i++)
- {
- $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
- }
- $query = 'DELETE FROM ' . USER_GROUP_TABLE;
- $query.= ' WHERE user_id IN ('.$sql_in;
- $query.= ') AND group_id = '.$_POST['edit_group_id'];
- pwg_query( $query );
-}
-//----------------------------------------------------------------- groups list
-
-$query = 'SELECT id,name FROM '.GROUPS_TABLE;
-$query.= ' ORDER BY id ASC;';
-$result = pwg_query( $query );
-$groups_display = '<select name="group_id">';
-$groups_nb=0;
-while ( $row = mysql_fetch_array( $result ) )
-{
- $groups_nb++;
- $selected = '';
- if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
- $selected = 'selected';
- $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>';
-}
-$groups_display .= '</select>';
-
-$action = PHPWG_ROOT_PATH.'admin.php?page=group_list';
-//----------------------------------------------------- template initialization
-$template->set_filenames( array('groups'=>'admin/group_list.tpl') );
-$template->assign_vars(array(
- 'S_GROUP_SELECT'=>$groups_display,
-
- 'L_GROUP_SELECT'=>$lang['group_list_title'],
- 'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'],
- 'L_LOOK_UP'=>$lang['edit'],
- 'L_GROUP_DELETE'=>$lang['delete'],
- 'L_CREATE_NEW_GROUP'=>$lang['group_add'],
- 'L_GROUP_EDIT'=>$lang['group_edit'],
- 'L_USER_NAME'=>$lang['login'],
- 'L_USER_EMAIL'=>$lang['mail_address'],
- 'L_USER_SELECT'=>$lang['Select'],
- 'L_DENY_SELECTED'=>$lang['group_deny_user'],
- 'L_ADD_MEMBER'=>$lang['group_add_user'],
- 'L_FIND_USERNAME'=>$lang['Find_username'],
-
- 'S_GROUP_ACTION'=>add_session_id($action),
- 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
- ));
-
-if ($groups_nb)
-{
- $template->assign_block_vars('select_box',array());
-}
-//----------------------------------------------------------------- add a group
-if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] ))
+// +-----------------------------------------------------------------------+
+// | template init |
+// +-----------------------------------------------------------------------+
+
+$template->set_filenames(array('group_list' => 'admin/group_list.tpl'));
+
+$template->assign_vars(
+ array(
+ 'F_ADD_ACTION' =>
+ add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
+ )
+ );
+
+// +-----------------------------------------------------------------------+
+// | group list |
+// +-----------------------------------------------------------------------+
+
+$query = '
+SELECT id, name
+ FROM '.GROUPS_TABLE.'
+ ORDER BY id ASC
+;';
+$result = pwg_query($query);
+
+$admin_url = PHPWG_ROOT_PATH.'admin.php?page=';
+$perm_url = $admin_url.'group_perm&amp;group_id=';
+$del_url = $admin_url.'group_list&amp;delete=';
+$members_url = $admin_url.'user_list&amp;group=';
+
+$num = 0;
+while ($row = mysql_fetch_array($result))
{
- // Retrieving the group name
- $query = 'SELECT id, name FROM '.GROUPS_TABLE;
- $query.= " WHERE id = '".$_POST['group_id']."'";
- $query.= ';';
- $result = mysql_fetch_array(pwg_query( $query ));
- $template->assign_block_vars('edit_group',array(
- 'GROUP_NAME'=>$result['name'],
- 'GROUP_ID'=>$result['id']
- ));
-
- // Retrieving all the users
- $query = 'SELECT id, username, mail_address';
- $query.= ' FROM ('.USERS_TABLE.' as u';
- $query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)';
- $query.= " WHERE ug.group_id = '".$_POST['group_id']."';";
- $result = pwg_query( $query );
- $i=0;
- while ( $row = mysql_fetch_array( $result ) )
- {
- $class = ($i % 2)? 'row1':'row2'; $i++;
- $template->assign_block_vars('edit_group.user',array(
- 'ID'=>$row['id'],
- 'NAME'=>$row['username'],
- 'EMAIL'=>$row['mail_address'],
- 'T_CLASS'=>$class
- ));
- }
+ $query = '
+SELECT COUNT(*)
+ FROM '.USER_GROUP_TABLE.'
+ WHERE group_id = '.$row['id'].'
+;';
+ list($counter) = mysql_fetch_row(pwg_query($query));
+
+ $template->assign_block_vars(
+ 'group',
+ array(
+ 'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1',
+ 'NAME' => $row['name'],
+ 'MEMBERS' => sprintf(l10n('%d members'), $counter),
+ 'U_MEMBERS' => $members_url.$row['id'],
+ 'U_DELETE' => $del_url.$row['id'],
+ 'U_PERM' => $perm_url.$row['id']
+ )
+ );
}
-//----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
+// +-----------------------------------------------------------------------+
+// | sending html code |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
+
?>
diff --git a/admin/group_perm.php b/admin/group_perm.php
index ba326340f..7234a5e2f 100644
--- a/admin/group_perm.php
+++ b/admin/group_perm.php
@@ -24,23 +24,44 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
+
if( !defined("PHPWG_ROOT_PATH") )
{
- die ("Hacking attempt!");
+ die ("Hacking attempt!");
}
-
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
-//--------------------------------------------------------------------- updates
+
+// +-----------------------------------------------------------------------+
+// | variables init |
+// +-----------------------------------------------------------------------+
+
+if (isset($_GET['group_id']) and is_numeric($_GET['group_id']))
+{
+ $page['group'] = $_GET['group_id'];
+}
+else
+{
+ echo l10n('group_id URL parameter is missing');
+ exit();
+}
+
+// +-----------------------------------------------------------------------+
+// | updates |
+// +-----------------------------------------------------------------------+
+
if (isset($_POST['falsify'])
- and isset($_POST['cat_true'])
- and count($_POST['cat_true']) > 0)
+ and isset($_POST['cat_true'])
+ and count($_POST['cat_true']) > 0)
{
// if you forbid access to a category, all sub-categories become
// automatically forbidden
$subcats = get_subcat_ids($_POST['cat_true']);
- $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.'
- WHERE group_id = '.$_POST['group_id'].'
- AND cat_id IN ('.implode(',', $subcats).');';
+ $query = '
+DELETE
+ FROM '.GROUP_ACCESS_TABLE.'
+ WHERE group_id = '.$page['group'].'
+ AND cat_id IN ('.implode(',', $subcats).')
+;';
pwg_query($query);
}
else if (isset($_POST['trueify'])
@@ -50,10 +71,12 @@ else if (isset($_POST['trueify'])
$uppercats = get_uppercat_ids($_POST['cat_false']);
$private_uppercats = array();
- $query = 'SELECT id
- FROM '.CATEGORIES_TABLE.'
- WHERE id IN ('.implode(',', $uppercats).')
- AND status = \'private\';';
+ $query = '
+SELECT id
+ FROM '.CATEGORIES_TABLE.'
+ WHERE id IN ('.implode(',', $uppercats).')
+ AND status = \'private\'
+;';
$result = pwg_query($query);
while ($row = mysql_fetch_array($result))
{
@@ -65,9 +88,11 @@ else if (isset($_POST['trueify'])
// accesible
$authorized_ids = array();
- $query = 'SELECT cat_id
+ $query = '
+SELECT cat_id
FROM '.GROUP_ACCESS_TABLE.'
- WHERE group_id = '.$_POST['group_id'].';';
+ WHERE group_id = '.$page['group'].'
+;';
$result = pwg_query($query);
while ($row = mysql_fetch_array($result))
@@ -79,89 +104,73 @@ else if (isset($_POST['trueify'])
$to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
foreach ($to_autorize_ids as $to_autorize_id)
{
- array_push($inserts, array('group_id' => $_POST['group_id'],
- 'cat_id' => $to_autorize_id));
+ array_push(
+ $inserts,
+ array(
+ 'group_id' => $page['group'],
+ 'cat_id' => $to_autorize_id
+ )
+ );
}
mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
}
-//----------------------------------------------------- template initialization
-$query = 'SELECT id,name FROM '.GROUPS_TABLE;
-$query.= ' ORDER BY id ASC;';
-$result = pwg_query( $query );
-$groups_display = '<select name="group_id">';
-$groups_nb=0;
-while ( $row = mysql_fetch_array( $result ) )
-{
- $groups_nb++;
- $selected = '';
- if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
- $selected = 'selected';
- $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>';
-}
-$groups_display .= '</select>';
-
-$action = PHPWG_ROOT_PATH.'admin.php?page=group_perm';
-$template->set_filenames( array('groups'=>'admin/group_perm.tpl') );
-$template->assign_vars(array(
- 'S_GROUP_SELECT'=>$groups_display,
- 'L_GROUP_SELECT'=>$lang['group_list_title'],
- 'L_LOOK_UP'=>$lang['edit'],
- 'S_GROUP_ACTION'=>add_session_id($action)
- ));
-
-if ($groups_nb)
-{
- $template->assign_block_vars('select_box',array());
-}
+// +-----------------------------------------------------------------------+
+// | template init |
+// +-----------------------------------------------------------------------+
-if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify']))
-{
- $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl'));
- $template->assign_vars(array(
- 'L_RESET'=>$lang['reset'],
- 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
- 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
- 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
-
- 'HIDDEN_NAME'=> 'group_id',
- 'HIDDEN_VALUE'=>$_POST['group_id'],
- 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'),
- ));
+$template->set_filenames(array('group_perm'=>'admin/cat_options.tpl'));
+
+$template->assign_vars(
+ array(
+ 'L_RESET'=>$lang['reset'],
+ 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
+ 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
+ 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
+
+ 'F_ACTION' =>
+ add_session_id(
+ PHPWG_ROOT_PATH.
+ 'admin.php?page=group_perm&amp;group_id='.
+ $page['group']
+ )
+ )
+ );
- // only private categories are listed
- $query_true = '
+// only private categories are listed
+$query_true = '
SELECT id,name,uppercats,global_rank
FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id
WHERE status = \'private\'
- AND group_id = '.$_POST['group_id'].'
+ AND group_id = '.$page['group'].'
;';
- display_select_cat_wrapper($query_true,array(),'category_option_true');
-
- $result = pwg_query($query_true);
- $authorized_ids = array();
- while ($row = mysql_fetch_array($result))
- {
- array_push($authorized_ids, $row['id']);
- }
-
- $query_false = '
+display_select_cat_wrapper($query_true,array(),'category_option_true');
+
+$result = pwg_query($query_true);
+$authorized_ids = array();
+while ($row = mysql_fetch_array($result))
+{
+ array_push($authorized_ids, $row['id']);
+}
+
+$query_false = '
SELECT id,name,uppercats,global_rank
FROM '.CATEGORIES_TABLE.'
WHERE status = \'private\'';
- if (count($authorized_ids) > 0)
- {
- $query_false.= '
- AND id NOT IN ('.implode(',', $authorized_ids).')';
- }
+if (count($authorized_ids) > 0)
+{
$query_false.= '
-;';
- display_select_cat_wrapper($query_false,array(),'category_option_false');
-
- $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth');
+ AND id NOT IN ('.implode(',', $authorized_ids).')';
}
-//----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
+$query_false.= '
+;';
+display_select_cat_wrapper($query_false,array(),'category_option_false');
+
+// +-----------------------------------------------------------------------+
+// | html code display |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'group_perm');
?>
diff --git a/admin/user_perm.php b/admin/user_perm.php
index 2583306a1..f23071696 100644
--- a/admin/user_perm.php
+++ b/admin/user_perm.php
@@ -31,26 +31,34 @@ if (!defined('IN_ADMIN'))
}
include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
-$userdata = array();
-if (isset($_POST['submituser']))
+// +-----------------------------------------------------------------------+
+// | variables init |
+// +-----------------------------------------------------------------------+
+
+if (isset($_GET['user_id']) and is_numeric($_GET['user_id']))
{
- $userdata = getuserdata($_POST['username']);
+ $page['user'] = $_GET['user_id'];
}
-else if (isset($_GET['user_id']))
+else
{
- $userdata = getuserdata(intval($_GET['user_id']));
+ echo l10n('user_id URL parameter is missing');
+ exit();
}
-else if (isset($_POST['falsify'])
- and isset($_POST['cat_true'])
- and count($_POST['cat_true']) > 0)
+
+// +-----------------------------------------------------------------------+
+// | updates |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['falsify'])
+ and isset($_POST['cat_true'])
+ and count($_POST['cat_true']) > 0)
{
- $userdata = getuserdata(intval($_POST['userid']));
// if you forbid access to a category, all sub-categories become
// automatically forbidden
$subcats = get_subcat_ids($_POST['cat_true']);
$query = '
DELETE FROM '.USER_ACCESS_TABLE.'
- WHERE user_id = '.$userdata['id'].'
+ WHERE user_id = '.$page['user'].'
AND cat_id IN ('.implode(',', $subcats).')
;';
pwg_query($query);
@@ -59,8 +67,6 @@ else if (isset($_POST['trueify'])
and isset($_POST['cat_false'])
and count($_POST['cat_false']) > 0)
{
- $userdata = getuserdata(intval($_POST['userid']));
-
$uppercats = get_uppercat_ids($_POST['cat_false']);
$private_uppercats = array();
@@ -84,7 +90,7 @@ SELECT id
$query = '
SELECT cat_id
FROM '.USER_ACCESS_TABLE.'
- WHERE user_id = '.$userdata['id'].'
+ WHERE user_id = '.$page['user'].'
;';
$result = pwg_query($query);
@@ -97,74 +103,61 @@ SELECT cat_id
$to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
foreach ($to_autorize_ids as $to_autorize_id)
{
- array_push($inserts, array('user_id' => $userdata['id'],
+ array_push($inserts, array('user_id' => $page['user'],
'cat_id' => $to_autorize_id));
}
mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts);
}
//----------------------------------------------------- template initialization
-if (empty($userdata))
-{
- $template->set_filenames(array('user' => 'admin/user_perm.tpl'));
-
- $base_url = PHPWG_ROOT_PATH.'admin.php?page=';
-
- $template->assign_vars(array(
- 'L_SELECT_USERNAME'=>$lang['Select_username'],
- 'L_LOOKUP_USER'=>$lang['Look_up_user'],
- 'L_FIND_USERNAME'=>$lang['Find_username'],
- 'L_AUTH_USER'=>$lang['permuser_only_private'],
- 'L_SUBMIT'=>$lang['submit'],
+$template->set_filenames(array('user_perm'=>'admin/cat_options.tpl'));
- 'F_SEARCH_USER_ACTION' => add_session_id($base_url.'user_perm'),
- 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
- ));
-}
-else
-{
- $template->set_filenames(array('user'=>'admin/cat_options.tpl'));
- $template->assign_vars(
- array(
- 'L_RESET'=>$lang['reset'],
- 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
- 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
- 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
-
- 'HIDDEN_NAME'=> 'userid',
- 'HIDDEN_VALUE'=>$userdata['id'],
- 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_perm'),
- ));
+$template->assign_vars(
+ array(
+ 'L_RESET'=>$lang['reset'],
+ 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
+ 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
+ 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
+
+ 'F_ACTION' =>
+ add_session_id(
+ PHPWG_ROOT_PATH.
+ 'admin.php?page=user_perm'.
+ '&amp;user_id='.$page['user']
+ )
+ )
+ );
- // only private categories are listed
- $query_true = '
+// only private categories are listed
+$query_true = '
SELECT id,name,uppercats,global_rank
FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_ACCESS_TABLE.' ON cat_id = id
WHERE status = \'private\'
- AND user_id = '.$userdata['id'].'
+ AND user_id = '.$page['user'].'
;';
- display_select_cat_wrapper($query_true,array(),'category_option_true');
+display_select_cat_wrapper($query_true,array(),'category_option_true');
- $result = pwg_query($query_true);
- $authorized_ids = array();
- while ($row = mysql_fetch_array($result))
- {
- array_push($authorized_ids, $row['id']);
- }
-
- $query_false = '
+$result = pwg_query($query_true);
+$authorized_ids = array();
+while ($row = mysql_fetch_array($result))
+{
+ array_push($authorized_ids, $row['id']);
+}
+
+$query_false = '
SELECT id,name,uppercats,global_rank
FROM '.CATEGORIES_TABLE.'
WHERE status = \'private\'';
- if (count($authorized_ids) > 0)
- {
- $query_false.= '
- AND id NOT IN ('.implode(',', $authorized_ids).')';
- }
+if (count($authorized_ids) > 0)
+{
$query_false.= '
-;';
- display_select_cat_wrapper($query_false,array(),'category_option_false');
+ AND id NOT IN ('.implode(',', $authorized_ids).')';
}
+$query_false.= '
+;';
+display_select_cat_wrapper($query_false,array(),'category_option_false');
+
//----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'user');
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'user_perm');
?>
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 2159cdf39..77166f56c 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,15 @@
+2005-08-16 Pierrick LE GALL
+
+ * modification : admin/group_list screen completely rewrite to
+ present the list of existing groups and a form to add a new
+ group. Here you can delete a group, go to permissions management
+ for a group, go to member list of a group (on admin/user_list with
+ a filter on group).
+
+ * modification : admin/user_perm and admin/group_perm are not
+ directly reachable by the admin menu anymore. Only the user/group
+ list lets you reach user/group permissions management screen.
+
2005-08-15 Pierrick LE GALL
* new : introduction page to administration section. This page
diff --git a/template/default/admin.tpl b/template/default/admin.tpl
index ab8df9d63..4c11115b9 100644
--- a/template/default/admin.tpl
+++ b/template/default/admin.tpl
@@ -62,13 +62,6 @@
<li><a class="adminMenu" href="{U_GROUPS}">{L_GROUPS}</a></li>
</ul>
</div>
-<div class="titreMenu">{L_AUTH}</div>
-<div class="menu">
-<ul class="menu">
- <li><a class="adminMenu" href="{U_USERS_AUTH}">{L_USERS}</a></li>
- <li><a class="adminMenu" href="{U_GROUPS_AUTH}">{L_GROUPS}</a></li>
-</ul>
-</div>
</div>
</td>
<td style="padding:10px;width:99%;" valign="top">
@@ -95,7 +88,7 @@
</div>
<!-- END infos -->
<div id="adminMain">
- {ADMIN_CONTENT}{ADMIN_CONTENT_2}
+ {ADMIN_CONTENT}
</div>
</div>
</td>
diff --git a/template/default/admin/cat_options.tpl b/template/default/admin/cat_options.tpl
index 83829cff5..a86be6849 100644
--- a/template/default/admin/cat_options.tpl
+++ b/template/default/admin/cat_options.tpl
@@ -1,8 +1,6 @@
<div class="admin">{L_CAT_TITLE}</div>
<form method="post" action="{F_ACTION}">
- <input type="hidden" name="{HIDDEN_NAME}" value="{HIDDEN_VALUE}" />
-
<table class="doubleSelect">
<tr>
<td>
diff --git a/template/default/admin/group_list.tpl b/template/default/admin/group_list.tpl
index 89cdf1bb2..5fac3e4bb 100644
--- a/template/default/admin/group_list.tpl
+++ b/template/default/admin/group_list.tpl
@@ -1,43 +1,25 @@
-<form method="post" name="post" action="{S_GROUP_ACTION}">
-<div class="admin">{L_GROUP_SELECT}</div>
-<!-- BEGIN select_box -->
-{S_GROUP_SELECT}&nbsp;&nbsp;<input type="submit" name="edit" value="{L_LOOK_UP}" class="bouton" />
-<input type="submit" name="delete" value="{L_GROUP_DELETE}" class="bouton" />
-<div style="vertical-align:middle;">
-<input type="checkbox" name="confirm_delete" value="1">{L_GROUP_CONFIRM}
-</div>
-<!-- END select_box -->
-<input type="text" name="newgroup">
-<input type="submit" class="bouton" name="new" value="{L_CREATE_NEW_GROUP}" />
-<br />
-<br />
-<!-- BEGIN edit_group -->
-<div class="admin">{L_GROUP_EDIT} [{edit_group.GROUP_NAME}]</div>
-<table class="table2" width="60%" style="margin-left:20%;">
-<tr class="throw">
- <th width="25%">{L_USER_NAME}</th>
- <th width="25%">{L_USER_EMAIL}</th>
- <th width="10%">{L_USER_SELECT}</th>
-</tr>
-<!-- BEGIN user -->
- <tr class="{edit_group.user.T_CLASS}">
- <td>{edit_group.user.NAME}</td>
- <td>{edit_group.user.EMAIL}</td>
- <td align="center"><input name="members[]" type="checkbox" value="{edit_group.user.ID}"></td>
+<form class="filter" method="post" name="add_user" action="{F_ADD_ACTION}">
+ <fieldset>
+ <legend>{lang:Add group}</legend>
+ <label>{lang:Group name} <input type="text" name="groupname" maxlength="50" size="20" /></label>
+ <input type="submit" name="submit_add" value="{lang:Add}" />
+ </fieldset>
+</form>
+
+<table class="table2" style="width:100%;" >
+ <tr class="throw">
+ <th>{lang:Group name}</th>
+ <th>{lang:Members}</th>
+ <th>{lang:Actions}</th>
+ </tr>
+ <!-- BEGIN group -->
+ <tr class="{group.CLASS}">
+ <td>{group.NAME}</td>
+ <td><a href="{group.U_MEMBERS}">{group.MEMBERS}</a></td>
+ <td style="text-align:center;">
+ <a href="{group.U_PERM}"><img src="./template/default/theme/permissions.png" style="border:none" alt="permissions" title="{lang:permissions}" /></a>
+ <a href="{group.U_DELETE}"><img src="./template/default/theme/delete.png" style="border:none" alt="delete" title="{lang:delete}" /></a>
+ </td>
</tr>
-<!-- END user -->
-<tr>
- <td colspan="3" align="right" valign="middle">
- <input type="submit" name="deny_user" value="{L_DENY_SELECTED}" class="bouton" />
- </td>
-</tr>
+ <!-- END group -->
</table>
-<div align="left" style="margin-left:20%;">
-<input type="text" name="username" maxlength="50" size="20" />
-<input type="submit" name="add" value="{L_ADD_MEMBER}" class="bouton" />
-<input name="edit_group_id" type="hidden" value="{edit_group.GROUP_ID}">
-<input type="submit" name="usersubmit" value="{L_FIND_USERNAME}" class="bouton" onClick="window.open('{U_SEARCH_USER}', '_phpbbsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" />
-</div>
-<br />
-<!-- END edit_group -->
-</form>
diff --git a/template/default/admin/group_perm.tpl b/template/default/admin/group_perm.tpl
deleted file mode 100644
index 9bf490e5b..000000000
--- a/template/default/admin/group_perm.tpl
+++ /dev/null
@@ -1,7 +0,0 @@
-<!-- BEGIN select_box -->
-<form method="post" name="post" action="{S_GROUP_ACTION}">
- <div class="admin">{L_GROUP_SELECT}</div>
- {S_GROUP_SELECT}&nbsp;&nbsp;
- <input type="submit" name="edit" value="{L_LOOK_UP}" class="bouton" />
-</form>
-<!-- END select_box --> \ No newline at end of file
diff --git a/template/default/admin/user_list.tpl b/template/default/admin/user_list.tpl
index 2c8a6cc9f..ce9634c65 100644
--- a/template/default/admin/user_list.tpl
+++ b/template/default/admin/user_list.tpl
@@ -1,15 +1,12 @@
-<div class="admin">{L_GROUP_ADD_USER}</div>
-
-<form method="post" name="add_user" action="{F_ADD_ACTION}">
-<div style="text-align:center">
- {L_USERNAME} <input type="text" name="login" maxlength="50" size="20" />
- {L_PASSWORD} <input type="text" name="password" />
- <input type="submit" name="submit_add" value="{L_SUBMIT}" class="bouton" />
-</div>
+<form class="filter" method="post" name="add_user" action="{F_ADD_ACTION}">
+ <fieldset>
+ <legend>{lang:Add a user}</legend>
+ <label>{L_USERNAME} <input type="text" name="login" maxlength="50" size="20" /></label>
+ <label>{L_PASSWORD} <input type="text" name="password" /></label>
+ <input type="submit" name="submit_add" value="{L_SUBMIT}" class="bouton" />
+ </fieldset>
</form>
-<div class="admin">{L_USERS_LIST}</div>
-
<form class="filter" method="get" name="filter" action="{F_FILTER_ACTION}">
<input type="hidden" name="page" value="user_list" />
diff --git a/template/default/admin/user_perm.tpl b/template/default/admin/user_perm.tpl
deleted file mode 100644
index e3944fe42..000000000
--- a/template/default/admin/user_perm.tpl
+++ /dev/null
@@ -1,6 +0,0 @@
-<div class="admin">{L_SELECT_USERNAME}</div>
-<form method="post" name="post" action="{F_SEARCH_USER_ACTION}">
- <input type="text" name="username" maxlength="50" size="20" />
- <input type="submit" name="submituser" value="{L_LOOKUP_USER}" class="bouton" />
- <input type="submit" name="usersubmit" value="{L_FIND_USERNAME}" class="bouton" onClick="window.open('{U_SEARCH_USER}', '_phpwgsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" />
-</form> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-06 16:49:25 +0000