archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- modification : admin/group_list screen completely rewrite to present the

Browse source 
list of existing groups and a form to add a new group. Here you can delete
  a group, go to permissions management for a group, go to member list of a
  group (on admin/user_list with a filter on group).

- modification : admin/user_perm and admin/group_perm are not directly
  reachable by the admin menu anymore. Only the user/group list lets you
  reach user/group permissions management screen.


git-svn-id: http://piwigo.org/svn/trunk@815 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall 2005-08-16 15:19:40 +00:00
commit 5840251d55
11 changed files with 328 additions and 373 deletions
Download patch file Download diff file Expand all files Collapse all files

265
admin/group_list.php
View file

@ -24,171 +24,154 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
if( !defined("PHPWG_ROOT_PATH") )
{
die ("Hacking attempt!");
die ("Hacking attempt!");
}
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
//-------------------------------------------------------------- delete a group
if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) )
// +-----------------------------------------------------------------------+
// | delete a group |
// +-----------------------------------------------------------------------+
if (isset($_GET['delete']) and is_numeric($_GET['delete']))
{
// destruction of the access linked to the group
$query = 'DELETE FROM '.GROUP_ACCESS_TABLE;
$query.= ' WHERE group_id = '.$_POST['group_id'];
$query.= ';';
pwg_query( $query );
// destruction of the users links for this group
$query = 'DELETE FROM ' . USER_GROUP_TABLE;
$query.= ' WHERE group_id = '.$_POST['group_id'];
pwg_query( $query );
// destruction of the group
$query = 'DELETE FROM ' . GROUPS_TABLE;
$query.= ' WHERE id = '.$_POST['group_id'];
$query.= ';';
pwg_query( $query );
$query = '
DELETE
FROM '.GROUP_ACCESS_TABLE.'
WHERE group_id = '.$_GET['delete'].'
;';
pwg_query($query);
// destruction of the users links for this group
$query = '
DELETE
FROM '.USER_GROUP_TABLE.'
WHERE group_id = '.$_GET['delete'].'
;';
pwg_query($query);
$query = '
SELECT name
FROM '.GROUPS_TABLE.'
WHERE id = '.$_GET['delete'].'
;';
list($groupname) = mysql_fetch_row(pwg_query($query));
// destruction of the group
$query = '
DELETE
FROM '.GROUPS_TABLE.'
WHERE id = '.$_GET['delete'].'
;';
pwg_query($query);
array_push(
$page['infos'],
sprintf(l10n('group "%s" deleted'), $groupname)
);
}
//----------------------------------------------------------------- add a group
elseif ( isset( $_POST['new'] ) )
// +-----------------------------------------------------------------------+
// | add a group |
// +-----------------------------------------------------------------------+
if (isset($_POST['submit_add']))
{
if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] )
or preg_match( '/"/', $_POST['newgroup'] ) )
if (empty($_POST['groupname']))
{
array_push( $page['errors'], $lang['group_add_error1'] );
array_push($page['errors'], $lang['group_add_error1']);
}
if ( count( $page['errors'] ) == 0 )
if (count($page['errors']) == 0)
{
// is the group not already existing ?
$query = 'SELECT id FROM '.GROUPS_TABLE;
$query.= " WHERE name = '".$_POST['newgroup']."'";
$query.= ';';
$result = pwg_query( $query );
if ( mysql_num_rows( $result ) > 0 )
$query = '
SELECT COUNT(*)
FROM '.GROUPS_TABLE.'
WHERE name = \''.$_POST['groupname'].'\'
;';
list($count) = mysql_fetch_row(pwg_query($query));
if ($count != 0)
{
array_push( $page['errors'], $lang['group_add_error2'] );
array_push($page['errors'], $lang['group_add_error2']);
}
}
if ( count( $page['errors'] ) == 0 )
if (count($page['errors']) == 0)
{
// creating the group
$query = ' INSERT INTO '.GROUPS_TABLE;
$query.= " (name) VALUES ('".$_POST['newgroup']."')";
$query.= ';';
pwg_query( $query );
}
}
//------------------------------------------------------------- user management
elseif ( isset( $_POST['add'] ) )
{
$userdata = getuserdata($_POST['username']);
if (!$userdata)
{
array_push($page['errors'], $lang['user_err_unknown']);
}
else
{
// create a new association between the user and a group
$query = '
INSERT INTO '.USER_GROUP_TABLE.'
(user_id,group_id)
INSERT INTO '.GROUPS_TABLE.'
(name)
VALUES
('.$userdata['id'].','.$_POST['edit_group_id'].')
(\''.mysql_escape_string($_POST['groupname']).'\')
;';
pwg_query($query);
}
}
elseif (isset( $_POST['deny_user'] ))
{
$sql_in = '';
$members = $_POST['members'];
for($i = 0; $i < count($members); $i++)
{
$sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
}
$query = 'DELETE FROM ' . USER_GROUP_TABLE;
$query.= ' WHERE user_id IN ('.$sql_in;
$query.= ') AND group_id = '.$_POST['edit_group_id'];
pwg_query( $query );
}
//----------------------------------------------------------------- groups list
$query = 'SELECT id,name FROM '.GROUPS_TABLE;
$query.= ' ORDER BY id ASC;';
$result = pwg_query( $query );
$groups_display = '<select name="group_id">';
$groups_nb=0;
while ( $row = mysql_fetch_array( $result ) )
{
$groups_nb++;
$selected = '';
if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
$selected = 'selected';
$groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>';
}
$groups_display .= '</select>';
$action = PHPWG_ROOT_PATH.'admin.php?page=group_list';
//----------------------------------------------------- template initialization
$template->set_filenames( array('groups'=>'admin/group_list.tpl') );
$template->assign_vars(array(
'S_GROUP_SELECT'=>$groups_display,
'L_GROUP_SELECT'=>$lang['group_list_title'],
'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'],
'L_LOOK_UP'=>$lang['edit'],
'L_GROUP_DELETE'=>$lang['delete'],
'L_CREATE_NEW_GROUP'=>$lang['group_add'],
'L_GROUP_EDIT'=>$lang['group_edit'],
'L_USER_NAME'=>$lang['login'],
'L_USER_EMAIL'=>$lang['mail_address'],
'L_USER_SELECT'=>$lang['Select'],
'L_DENY_SELECTED'=>$lang['group_deny_user'],
'L_ADD_MEMBER'=>$lang['group_add_user'],
'L_FIND_USERNAME'=>$lang['Find_username'],
'S_GROUP_ACTION'=>add_session_id($action),
'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
));
if ($groups_nb)
{
$template->assign_block_vars('select_box',array());
}
//----------------------------------------------------------------- add a group
if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] ))
{
// Retrieving the group name
$query = 'SELECT id, name FROM '.GROUPS_TABLE;
$query.= " WHERE id = '".$_POST['group_id']."'";
$query.= ';';
$result = mysql_fetch_array(pwg_query( $query ));
$template->assign_block_vars('edit_group',array(
'GROUP_NAME'=>$result['name'],
'GROUP_ID'=>$result['id']
));
// Retrieving all the users
$query = 'SELECT id, username, mail_address';
$query.= ' FROM ('.USERS_TABLE.' as u';
$query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)';
$query.= " WHERE ug.group_id = '".$_POST['group_id']."';";
$result = pwg_query( $query );
$i=0;
while ( $row = mysql_fetch_array( $result ) )
{
$class = ($i % 2)? 'row1':'row2'; $i++;
$template->assign_block_vars('edit_group.user',array(
'ID'=>$row['id'],
'NAME'=>$row['username'],
'EMAIL'=>$row['mail_address'],
'T_CLASS'=>$class
));
array_push(
$page['infos'],
sprintf(l10n('group "%s" added'), $_POST['groupname'])
);
}
}
//----------------------------------------------------------- sending html code
$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('group_list' => 'admin/group_list.tpl'));
$template->assign_vars(
array(
'F_ADD_ACTION' =>
add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
)
);
// +-----------------------------------------------------------------------+
// | group list |
// +-----------------------------------------------------------------------+
$query = '
SELECT id, name
FROM '.GROUPS_TABLE.'
ORDER BY id ASC
;';
$result = pwg_query($query);
$admin_url = PHPWG_ROOT_PATH.'admin.php?page=';
$perm_url = $admin_url.'group_perm&amp;group_id=';
$del_url = $admin_url.'group_list&amp;delete=';
$members_url = $admin_url.'user_list&amp;group=';
$num = 0;
while ($row = mysql_fetch_array($result))
{
$query = '
SELECT COUNT(*)
FROM '.USER_GROUP_TABLE.'
WHERE group_id = '.$row['id'].'
;';
list($counter) = mysql_fetch_row(pwg_query($query));
$template->assign_block_vars(
'group',
array(
'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1',
'NAME' => $row['name'],
'MEMBERS' => sprintf(l10n('%d members'), $counter),
'U_MEMBERS' => $members_url.$row['id'],
'U_DELETE' => $del_url.$row['id'],
'U_PERM' => $perm_url.$row['id']
)
);
}
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
?>