diff options
author | plegall <plg@piwigo.org> | 2005-08-16 15:19:40 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2005-08-16 15:19:40 +0000 |
commit | 5840251d559a368c084602d971e8d0926860c186 (patch) | |
tree | 984da246c5e7c0f5fa97dd553da5405106c0fdfb | |
parent | 149edc131d7cac50dfac0a9d00c0a36c4355ec9a (diff) |
- modification : admin/group_list screen completely rewrite to present the
list of existing groups and a form to add a new group. Here you can delete
a group, go to permissions management for a group, go to member list of a
group (on admin/user_list with a filter on group).
- modification : admin/user_perm and admin/group_perm are not directly
reachable by the admin menu anymore. Only the user/group list lets you
reach user/group permissions management screen.
git-svn-id: http://piwigo.org/svn/trunk@815 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin.php | 29 | ||||
-rw-r--r-- | admin/group_list.php | 261 | ||||
-rw-r--r-- | admin/group_perm.php | 173 | ||||
-rw-r--r-- | admin/user_perm.php | 121 | ||||
-rw-r--r-- | doc/ChangeLog | 12 | ||||
-rw-r--r-- | template/default/admin.tpl | 9 | ||||
-rw-r--r-- | template/default/admin/cat_options.tpl | 2 | ||||
-rw-r--r-- | template/default/admin/group_list.tpl | 64 | ||||
-rw-r--r-- | template/default/admin/group_perm.tpl | 7 | ||||
-rw-r--r-- | template/default/admin/user_list.tpl | 17 | ||||
-rw-r--r-- | template/default/admin/user_perm.tpl | 6 |
11 files changed, 328 insertions, 373 deletions
@@ -76,21 +76,26 @@ switch ( $_GET['page'] ) case 'group_list' : $title = $lang['title_groups']; $page_valide = true; break; case 'group_perm' : - /*if ( !is_numeric( $_GET['group_id'] ) ) $_GET['group_id'] = -1; - $query = 'SELECT name FROM '.GROUPS_TABLE; - $query.= ' WHERE id = '.$_GET['group_id']; - $query.= ';'; - $result = pwg_query( $query ); - if ( mysql_num_rows( $result ) > 0 ) + if (!is_numeric($_GET['group_id'])) { - $row = mysql_fetch_array( $result );*/ - $title = $lang['title_group_perm'];//.' "'.$row['name'].'"'; + $_GET['group_id'] = -1; + } + $query = ' +SELECT name + FROM '.GROUPS_TABLE.' + WHERE id = '.$_GET['group_id'].' +;'; + $result = pwg_query($query); + if (mysql_num_rows($result) > 0 ) + { + $row = mysql_fetch_array($result); + $title = $lang['title_group_perm'].' "'.$row['name'].'"'; $page_valide = true; - /*} + } else { $page_valide = false; - }*/ + } break; case 'stats': $title = $lang['title_history']; $page_valide = true; break; @@ -252,7 +257,6 @@ $template->assign_vars(array( 'L_IDENTIFY'=>$lang['identification'], 'L_USERS'=>$lang['users'], 'L_GROUPS'=>$lang['groups'], - 'L_AUTH'=>$lang['permissions'], 'L_UPDATE'=>$lang['update'], 'L_CAT_UPLOAD'=>$lang['upload'], 'L_CAT_COMMENTS'=>$lang['comments'], @@ -282,9 +286,6 @@ $template->assign_vars(array( 'U_THUMBNAILS'=>add_session_id($link_start.'thumbnail' ), 'U_USERS'=>add_session_id($link_start.'user_list' ), 'U_GROUPS'=>add_session_id($link_start.'group_list' ), - 'U_USERS_AUTH'=>add_session_id($link_start.'user_perm' ), - 'U_GROUPS_AUTH'=>add_session_id($link_start.'group_perm'), - 'U_CAT_AUTH'=>add_session_id($link_start.'cat_perm' ), 'U_RETURN'=>add_session_id(PHPWG_ROOT_PATH.'category.php') )); diff --git a/admin/group_list.php b/admin/group_list.php index f789a6b27..7bc08b3f4 100644 --- a/admin/group_list.php +++ b/admin/group_list.php @@ -24,171 +24,154 @@ // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ + if( !defined("PHPWG_ROOT_PATH") ) { - die ("Hacking attempt!"); + die ("Hacking attempt!"); } include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); -//-------------------------------------------------------------- delete a group -if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) ) +// +-----------------------------------------------------------------------+ +// | delete a group | +// +-----------------------------------------------------------------------+ + +if (isset($_GET['delete']) and is_numeric($_GET['delete'])) { // destruction of the access linked to the group - $query = 'DELETE FROM '.GROUP_ACCESS_TABLE; - $query.= ' WHERE group_id = '.$_POST['group_id']; - $query.= ';'; - pwg_query( $query ); - - // destruction of the users links for this group - $query = 'DELETE FROM ' . USER_GROUP_TABLE; - $query.= ' WHERE group_id = '.$_POST['group_id']; - pwg_query( $query ); - - // destruction of the group - $query = 'DELETE FROM ' . GROUPS_TABLE; - $query.= ' WHERE id = '.$_POST['group_id']; - $query.= ';'; - pwg_query( $query ); + $query = ' +DELETE + FROM '.GROUP_ACCESS_TABLE.' + WHERE group_id = '.$_GET['delete'].' +;'; + pwg_query($query); + + // destruction of the users links for this group + $query = ' +DELETE + FROM '.USER_GROUP_TABLE.' + WHERE group_id = '.$_GET['delete'].' +;'; + pwg_query($query); + + $query = ' +SELECT name + FROM '.GROUPS_TABLE.' + WHERE id = '.$_GET['delete'].' +;'; + list($groupname) = mysql_fetch_row(pwg_query($query)); + + // destruction of the group + $query = ' +DELETE + FROM '.GROUPS_TABLE.' + WHERE id = '.$_GET['delete'].' +;'; + pwg_query($query); + + array_push( + $page['infos'], + sprintf(l10n('group "%s" deleted'), $groupname) + ); } -//----------------------------------------------------------------- add a group -elseif ( isset( $_POST['new'] ) ) + +// +-----------------------------------------------------------------------+ +// | add a group | +// +-----------------------------------------------------------------------+ + +if (isset($_POST['submit_add'])) { - if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] ) - or preg_match( '/"/', $_POST['newgroup'] ) ) + if (empty($_POST['groupname'])) { - array_push( $page['errors'], $lang['group_add_error1'] ); + array_push($page['errors'], $lang['group_add_error1']); } - if ( count( $page['errors'] ) == 0 ) + if (count($page['errors']) == 0) { // is the group not already existing ? - $query = 'SELECT id FROM '.GROUPS_TABLE; - $query.= " WHERE name = '".$_POST['newgroup']."'"; - $query.= ';'; - $result = pwg_query( $query ); - if ( mysql_num_rows( $result ) > 0 ) + $query = ' +SELECT COUNT(*) + FROM '.GROUPS_TABLE.' + WHERE name = \''.$_POST['groupname'].'\' +;'; + list($count) = mysql_fetch_row(pwg_query($query)); + if ($count != 0) { - array_push( $page['errors'], $lang['group_add_error2'] ); + array_push($page['errors'], $lang['group_add_error2']); } } - if ( count( $page['errors'] ) == 0 ) + if (count($page['errors']) == 0) { // creating the group - $query = ' INSERT INTO '.GROUPS_TABLE; - $query.= " (name) VALUES ('".$_POST['newgroup']."')"; - $query.= ';'; - pwg_query( $query ); - } -} -//------------------------------------------------------------- user management -elseif ( isset( $_POST['add'] ) ) -{ - $userdata = getuserdata($_POST['username']); - if (!$userdata) - { - array_push($page['errors'], $lang['user_err_unknown']); - } - else - { - // create a new association between the user and a group $query = ' -INSERT INTO '.USER_GROUP_TABLE.' - (user_id,group_id) +INSERT INTO '.GROUPS_TABLE.' + (name) VALUES - ('.$userdata['id'].','.$_POST['edit_group_id'].') + (\''.mysql_escape_string($_POST['groupname']).'\') ;'; pwg_query($query); + + array_push( + $page['infos'], + sprintf(l10n('group "%s" added'), $_POST['groupname']) + ); } } -elseif (isset( $_POST['deny_user'] )) -{ - $sql_in = ''; - $members = $_POST['members']; - for($i = 0; $i < count($members); $i++) - { - $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]); - } - $query = 'DELETE FROM ' . USER_GROUP_TABLE; - $query.= ' WHERE user_id IN ('.$sql_in; - $query.= ') AND group_id = '.$_POST['edit_group_id']; - pwg_query( $query ); -} -//----------------------------------------------------------------- groups list - -$query = 'SELECT id,name FROM '.GROUPS_TABLE; -$query.= ' ORDER BY id ASC;'; -$result = pwg_query( $query ); -$groups_display = '<select name="group_id">'; -$groups_nb=0; -while ( $row = mysql_fetch_array( $result ) ) -{ - $groups_nb++; - $selected = ''; - if (isset($_POST['group_id']) && $_POST['group_id']==$row['id']) - $selected = 'selected'; - $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>'; -} -$groups_display .= '</select>'; - -$action = PHPWG_ROOT_PATH.'admin.php?page=group_list'; -//----------------------------------------------------- template initialization -$template->set_filenames( array('groups'=>'admin/group_list.tpl') ); -$template->assign_vars(array( - 'S_GROUP_SELECT'=>$groups_display, - - 'L_GROUP_SELECT'=>$lang['group_list_title'], - 'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'], - 'L_LOOK_UP'=>$lang['edit'], - 'L_GROUP_DELETE'=>$lang['delete'], - 'L_CREATE_NEW_GROUP'=>$lang['group_add'], - 'L_GROUP_EDIT'=>$lang['group_edit'], - 'L_USER_NAME'=>$lang['login'], - 'L_USER_EMAIL'=>$lang['mail_address'], - 'L_USER_SELECT'=>$lang['Select'], - 'L_DENY_SELECTED'=>$lang['group_deny_user'], - 'L_ADD_MEMBER'=>$lang['group_add_user'], - 'L_FIND_USERNAME'=>$lang['Find_username'], - - 'S_GROUP_ACTION'=>add_session_id($action), - 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') - )); - -if ($groups_nb) -{ - $template->assign_block_vars('select_box',array()); -} -//----------------------------------------------------------------- add a group -if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] )) +// +-----------------------------------------------------------------------+ +// | template init | +// +-----------------------------------------------------------------------+ + +$template->set_filenames(array('group_list' => 'admin/group_list.tpl')); + +$template->assign_vars( + array( + 'F_ADD_ACTION' => + add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list') + ) + ); + +// +-----------------------------------------------------------------------+ +// | group list | +// +-----------------------------------------------------------------------+ + +$query = ' +SELECT id, name + FROM '.GROUPS_TABLE.' + ORDER BY id ASC +;'; +$result = pwg_query($query); + +$admin_url = PHPWG_ROOT_PATH.'admin.php?page='; +$perm_url = $admin_url.'group_perm&group_id='; +$del_url = $admin_url.'group_list&delete='; +$members_url = $admin_url.'user_list&group='; + +$num = 0; +while ($row = mysql_fetch_array($result)) { - // Retrieving the group name - $query = 'SELECT id, name FROM '.GROUPS_TABLE; - $query.= " WHERE id = '".$_POST['group_id']."'"; - $query.= ';'; - $result = mysql_fetch_array(pwg_query( $query )); - $template->assign_block_vars('edit_group',array( - 'GROUP_NAME'=>$result['name'], - 'GROUP_ID'=>$result['id'] - )); - - // Retrieving all the users - $query = 'SELECT id, username, mail_address'; - $query.= ' FROM ('.USERS_TABLE.' as u'; - $query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)'; - $query.= " WHERE ug.group_id = '".$_POST['group_id']."';"; - $result = pwg_query( $query ); - $i=0; - while ( $row = mysql_fetch_array( $result ) ) - { - $class = ($i % 2)? 'row1':'row2'; $i++; - $template->assign_block_vars('edit_group.user',array( - 'ID'=>$row['id'], - 'NAME'=>$row['username'], - 'EMAIL'=>$row['mail_address'], - 'T_CLASS'=>$class - )); - } + $query = ' +SELECT COUNT(*) + FROM '.USER_GROUP_TABLE.' + WHERE group_id = '.$row['id'].' +;'; + list($counter) = mysql_fetch_row(pwg_query($query)); + + $template->assign_block_vars( + 'group', + array( + 'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1', + 'NAME' => $row['name'], + 'MEMBERS' => sprintf(l10n('%d members'), $counter), + 'U_MEMBERS' => $members_url.$row['id'], + 'U_DELETE' => $del_url.$row['id'], + 'U_PERM' => $perm_url.$row['id'] + ) + ); } -//----------------------------------------------------------- sending html code -$template->assign_var_from_handle('ADMIN_CONTENT', 'groups'); +// +-----------------------------------------------------------------------+ +// | sending html code | +// +-----------------------------------------------------------------------+ + +$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list'); + ?> diff --git a/admin/group_perm.php b/admin/group_perm.php index ba326340f..7234a5e2f 100644 --- a/admin/group_perm.php +++ b/admin/group_perm.php @@ -24,23 +24,44 @@ // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ + if( !defined("PHPWG_ROOT_PATH") ) { - die ("Hacking attempt!"); + die ("Hacking attempt!"); } - include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); -//--------------------------------------------------------------------- updates + +// +-----------------------------------------------------------------------+ +// | variables init | +// +-----------------------------------------------------------------------+ + +if (isset($_GET['group_id']) and is_numeric($_GET['group_id'])) +{ + $page['group'] = $_GET['group_id']; +} +else +{ + echo l10n('group_id URL parameter is missing'); + exit(); +} + +// +-----------------------------------------------------------------------+ +// | updates | +// +-----------------------------------------------------------------------+ + if (isset($_POST['falsify']) - and isset($_POST['cat_true']) - and count($_POST['cat_true']) > 0) + and isset($_POST['cat_true']) + and count($_POST['cat_true']) > 0) { // if you forbid access to a category, all sub-categories become // automatically forbidden $subcats = get_subcat_ids($_POST['cat_true']); - $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.' - WHERE group_id = '.$_POST['group_id'].' - AND cat_id IN ('.implode(',', $subcats).');'; + $query = ' +DELETE + FROM '.GROUP_ACCESS_TABLE.' + WHERE group_id = '.$page['group'].' + AND cat_id IN ('.implode(',', $subcats).') +;'; pwg_query($query); } else if (isset($_POST['trueify']) @@ -50,10 +71,12 @@ else if (isset($_POST['trueify']) $uppercats = get_uppercat_ids($_POST['cat_false']); $private_uppercats = array(); - $query = 'SELECT id - FROM '.CATEGORIES_TABLE.' - WHERE id IN ('.implode(',', $uppercats).') - AND status = \'private\';'; + $query = ' +SELECT id + FROM '.CATEGORIES_TABLE.' + WHERE id IN ('.implode(',', $uppercats).') + AND status = \'private\' +;'; $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { @@ -65,9 +88,11 @@ else if (isset($_POST['trueify']) // accesible $authorized_ids = array(); - $query = 'SELECT cat_id + $query = ' +SELECT cat_id FROM '.GROUP_ACCESS_TABLE.' - WHERE group_id = '.$_POST['group_id'].';'; + WHERE group_id = '.$page['group'].' +;'; $result = pwg_query($query); while ($row = mysql_fetch_array($result)) @@ -79,89 +104,73 @@ else if (isset($_POST['trueify']) $to_autorize_ids = array_diff($private_uppercats, $authorized_ids); foreach ($to_autorize_ids as $to_autorize_id) { - array_push($inserts, array('group_id' => $_POST['group_id'], - 'cat_id' => $to_autorize_id)); + array_push( + $inserts, + array( + 'group_id' => $page['group'], + 'cat_id' => $to_autorize_id + ) + ); } mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts); } -//----------------------------------------------------- template initialization -$query = 'SELECT id,name FROM '.GROUPS_TABLE; -$query.= ' ORDER BY id ASC;'; -$result = pwg_query( $query ); -$groups_display = '<select name="group_id">'; -$groups_nb=0; -while ( $row = mysql_fetch_array( $result ) ) -{ - $groups_nb++; - $selected = ''; - if (isset($_POST['group_id']) && $_POST['group_id']==$row['id']) - $selected = 'selected'; - $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>'; -} -$groups_display .= '</select>'; - -$action = PHPWG_ROOT_PATH.'admin.php?page=group_perm'; -$template->set_filenames( array('groups'=>'admin/group_perm.tpl') ); -$template->assign_vars(array( - 'S_GROUP_SELECT'=>$groups_display, - 'L_GROUP_SELECT'=>$lang['group_list_title'], - 'L_LOOK_UP'=>$lang['edit'], - 'S_GROUP_ACTION'=>add_session_id($action) - )); - -if ($groups_nb) -{ - $template->assign_block_vars('select_box',array()); -} +// +-----------------------------------------------------------------------+ +// | template init | +// +-----------------------------------------------------------------------+ -if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify'])) -{ - $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl')); - $template->assign_vars(array( - 'L_RESET'=>$lang['reset'], - 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], - 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], - 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], - - 'HIDDEN_NAME'=> 'group_id', - 'HIDDEN_VALUE'=>$_POST['group_id'], - 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'), - )); +$template->set_filenames(array('group_perm'=>'admin/cat_options.tpl')); + +$template->assign_vars( + array( + 'L_RESET'=>$lang['reset'], + 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], + 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], + 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], + + 'F_ACTION' => + add_session_id( + PHPWG_ROOT_PATH. + 'admin.php?page=group_perm&group_id='. + $page['group'] + ) + ) + ); - // only private categories are listed - $query_true = ' +// only private categories are listed +$query_true = ' SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id WHERE status = \'private\' - AND group_id = '.$_POST['group_id'].' + AND group_id = '.$page['group'].' ;'; - display_select_cat_wrapper($query_true,array(),'category_option_true'); - - $result = pwg_query($query_true); - $authorized_ids = array(); - while ($row = mysql_fetch_array($result)) - { - array_push($authorized_ids, $row['id']); - } - - $query_false = ' +display_select_cat_wrapper($query_true,array(),'category_option_true'); + +$result = pwg_query($query_true); +$authorized_ids = array(); +while ($row = mysql_fetch_array($result)) +{ + array_push($authorized_ids, $row['id']); +} + +$query_false = ' SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE.' WHERE status = \'private\''; - if (count($authorized_ids) > 0) - { - $query_false.= ' - AND id NOT IN ('.implode(',', $authorized_ids).')'; - } +if (count($authorized_ids) > 0) +{ $query_false.= ' -;'; - display_select_cat_wrapper($query_false,array(),'category_option_false'); - - $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth'); + AND id NOT IN ('.implode(',', $authorized_ids).')'; } -//----------------------------------------------------------- sending html code -$template->assign_var_from_handle('ADMIN_CONTENT', 'groups'); +$query_false.= ' +;'; +display_select_cat_wrapper($query_false,array(),'category_option_false'); + +// +-----------------------------------------------------------------------+ +// | html code display | +// +-----------------------------------------------------------------------+ + +$template->assign_var_from_handle('ADMIN_CONTENT', 'group_perm'); ?> diff --git a/admin/user_perm.php b/admin/user_perm.php index 2583306a1..f23071696 100644 --- a/admin/user_perm.php +++ b/admin/user_perm.php @@ -31,26 +31,34 @@ if (!defined('IN_ADMIN')) } include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php'); -$userdata = array(); -if (isset($_POST['submituser'])) +// +-----------------------------------------------------------------------+ +// | variables init | +// +-----------------------------------------------------------------------+ + +if (isset($_GET['user_id']) and is_numeric($_GET['user_id'])) { - $userdata = getuserdata($_POST['username']); + $page['user'] = $_GET['user_id']; } -else if (isset($_GET['user_id'])) +else { - $userdata = getuserdata(intval($_GET['user_id'])); + echo l10n('user_id URL parameter is missing'); + exit(); } -else if (isset($_POST['falsify']) - and isset($_POST['cat_true']) - and count($_POST['cat_true']) > 0) + +// +-----------------------------------------------------------------------+ +// | updates | +// +-----------------------------------------------------------------------+ + +if (isset($_POST['falsify']) + and isset($_POST['cat_true']) + and count($_POST['cat_true']) > 0) { - $userdata = getuserdata(intval($_POST['userid'])); // if you forbid access to a category, all sub-categories become // automatically forbidden $subcats = get_subcat_ids($_POST['cat_true']); $query = ' DELETE FROM '.USER_ACCESS_TABLE.' - WHERE user_id = '.$userdata['id'].' + WHERE user_id = '.$page['user'].' AND cat_id IN ('.implode(',', $subcats).') ;'; pwg_query($query); @@ -59,8 +67,6 @@ else if (isset($_POST['trueify']) and isset($_POST['cat_false']) and count($_POST['cat_false']) > 0) { - $userdata = getuserdata(intval($_POST['userid'])); - $uppercats = get_uppercat_ids($_POST['cat_false']); $private_uppercats = array(); @@ -84,7 +90,7 @@ SELECT id $query = ' SELECT cat_id FROM '.USER_ACCESS_TABLE.' - WHERE user_id = '.$userdata['id'].' + WHERE user_id = '.$page['user'].' ;'; $result = pwg_query($query); @@ -97,74 +103,61 @@ SELECT cat_id $to_autorize_ids = array_diff($private_uppercats, $authorized_ids); foreach ($to_autorize_ids as $to_autorize_id) { - array_push($inserts, array('user_id' => $userdata['id'], + array_push($inserts, array('user_id' => $page['user'], 'cat_id' => $to_autorize_id)); } mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts); } //----------------------------------------------------- template initialization -if (empty($userdata)) -{ - $template->set_filenames(array('user' => 'admin/user_perm.tpl')); - - $base_url = PHPWG_ROOT_PATH.'admin.php?page='; - - $template->assign_vars(array( - 'L_SELECT_USERNAME'=>$lang['Select_username'], - 'L_LOOKUP_USER'=>$lang['Look_up_user'], - 'L_FIND_USERNAME'=>$lang['Find_username'], - 'L_AUTH_USER'=>$lang['permuser_only_private'], - 'L_SUBMIT'=>$lang['submit'], +$template->set_filenames(array('user_perm'=>'admin/cat_options.tpl')); - 'F_SEARCH_USER_ACTION' => add_session_id($base_url.'user_perm'), - 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') - )); -} -else -{ - $template->set_filenames(array('user'=>'admin/cat_options.tpl')); - $template->assign_vars( - array( - 'L_RESET'=>$lang['reset'], - 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], - 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], - 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], - - 'HIDDEN_NAME'=> 'userid', - 'HIDDEN_VALUE'=>$userdata['id'], - 'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=user_perm'), - )); +$template->assign_vars( + array( + 'L_RESET'=>$lang['reset'], + 'L_CAT_OPTIONS_TRUE'=>$lang['authorized'], + 'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'], + 'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'], + + 'F_ACTION' => + add_session_id( + PHPWG_ROOT_PATH. + 'admin.php?page=user_perm'. + '&user_id='.$page['user'] + ) + ) + ); - // only private categories are listed - $query_true = ' +// only private categories are listed +$query_true = ' SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_ACCESS_TABLE.' ON cat_id = id WHERE status = \'private\' - AND user_id = '.$userdata['id'].' + AND user_id = '.$page['user'].' ;'; - display_select_cat_wrapper($query_true,array(),'category_option_true'); +display_select_cat_wrapper($query_true,array(),'category_option_true'); - $result = pwg_query($query_true); - $authorized_ids = array(); - while ($row = mysql_fetch_array($result)) - { - array_push($authorized_ids, $row['id']); - } - - $query_false = ' +$result = pwg_query($query_true); +$authorized_ids = array(); +while ($row = mysql_fetch_array($result)) +{ + array_push($authorized_ids, $row['id']); +} + +$query_false = ' SELECT id,name,uppercats,global_rank FROM '.CATEGORIES_TABLE.' WHERE status = \'private\''; - if (count($authorized_ids) > 0) - { - $query_false.= ' - AND id NOT IN ('.implode(',', $authorized_ids).')'; - } +if (count($authorized_ids) > 0) +{ $query_false.= ' -;'; - display_select_cat_wrapper($query_false,array(),'category_option_false'); + AND id NOT IN ('.implode(',', $authorized_ids).')'; } +$query_false.= ' +;'; +display_select_cat_wrapper($query_false,array(),'category_option_false'); + //----------------------------------------------------------- sending html code -$template->assign_var_from_handle('ADMIN_CONTENT', 'user'); + +$template->assign_var_from_handle('ADMIN_CONTENT', 'user_perm'); ?> diff --git a/doc/ChangeLog b/doc/ChangeLog index 2159cdf39..77166f56c 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,15 @@ +2005-08-16 Pierrick LE GALL + + * modification : admin/group_list screen completely rewrite to + present the list of existing groups and a form to add a new + group. Here you can delete a group, go to permissions management + for a group, go to member list of a group (on admin/user_list with + a filter on group). + + * modification : admin/user_perm and admin/group_perm are not + directly reachable by the admin menu anymore. Only the user/group + list lets you reach user/group permissions management screen. + 2005-08-15 Pierrick LE GALL * new : introduction page to administration section. This page diff --git a/template/default/admin.tpl b/template/default/admin.tpl index ab8df9d63..4c11115b9 100644 --- a/template/default/admin.tpl +++ b/template/default/admin.tpl @@ -62,13 +62,6 @@ <li><a class="adminMenu" href="{U_GROUPS}">{L_GROUPS}</a></li> </ul> </div> -<div class="titreMenu">{L_AUTH}</div> -<div class="menu"> -<ul class="menu"> - <li><a class="adminMenu" href="{U_USERS_AUTH}">{L_USERS}</a></li> - <li><a class="adminMenu" href="{U_GROUPS_AUTH}">{L_GROUPS}</a></li> -</ul> -</div> </div> </td> <td style="padding:10px;width:99%;" valign="top"> @@ -95,7 +88,7 @@ </div> <!-- END infos --> <div id="adminMain"> - {ADMIN_CONTENT}{ADMIN_CONTENT_2} + {ADMIN_CONTENT} </div> </div> </td> diff --git a/template/default/admin/cat_options.tpl b/template/default/admin/cat_options.tpl index 83829cff5..a86be6849 100644 --- a/template/default/admin/cat_options.tpl +++ b/template/default/admin/cat_options.tpl @@ -1,8 +1,6 @@ <div class="admin">{L_CAT_TITLE}</div> <form method="post" action="{F_ACTION}"> - <input type="hidden" name="{HIDDEN_NAME}" value="{HIDDEN_VALUE}" /> - <table class="doubleSelect"> <tr> <td> diff --git a/template/default/admin/group_list.tpl b/template/default/admin/group_list.tpl index 89cdf1bb2..5fac3e4bb 100644 --- a/template/default/admin/group_list.tpl +++ b/template/default/admin/group_list.tpl @@ -1,43 +1,25 @@ -<form method="post" name="post" action="{S_GROUP_ACTION}"> -<div class="admin">{L_GROUP_SELECT}</div> -<!-- BEGIN select_box --> -{S_GROUP_SELECT} <input type="submit" name="edit" value="{L_LOOK_UP}" class="bouton" /> -<input type="submit" name="delete" value="{L_GROUP_DELETE}" class="bouton" /> -<div style="vertical-align:middle;"> -<input type="checkbox" name="confirm_delete" value="1">{L_GROUP_CONFIRM} -</div> -<!-- END select_box --> -<input type="text" name="newgroup"> -<input type="submit" class="bouton" name="new" value="{L_CREATE_NEW_GROUP}" /> -<br /> -<br /> -<!-- BEGIN edit_group --> -<div class="admin">{L_GROUP_EDIT} [{edit_group.GROUP_NAME}]</div> -<table class="table2" width="60%" style="margin-left:20%;"> -<tr class="throw"> - <th width="25%">{L_USER_NAME}</th> - <th width="25%">{L_USER_EMAIL}</th> - <th width="10%">{L_USER_SELECT}</th> -</tr> -<!-- BEGIN user --> - <tr class="{edit_group.user.T_CLASS}"> - <td>{edit_group.user.NAME}</td> - <td>{edit_group.user.EMAIL}</td> - <td align="center"><input name="members[]" type="checkbox" value="{edit_group.user.ID}"></td> +<form class="filter" method="post" name="add_user" action="{F_ADD_ACTION}"> + <fieldset> + <legend>{lang:Add group}</legend> + <label>{lang:Group name} <input type="text" name="groupname" maxlength="50" size="20" /></label> + <input type="submit" name="submit_add" value="{lang:Add}" /> + </fieldset> +</form> + +<table class="table2" style="width:100%;" > + <tr class="throw"> + <th>{lang:Group name}</th> + <th>{lang:Members}</th> + <th>{lang:Actions}</th> + </tr> + <!-- BEGIN group --> + <tr class="{group.CLASS}"> + <td>{group.NAME}</td> + <td><a href="{group.U_MEMBERS}">{group.MEMBERS}</a></td> + <td style="text-align:center;"> + <a href="{group.U_PERM}"><img src="./template/default/theme/permissions.png" style="border:none" alt="permissions" title="{lang:permissions}" /></a> + <a href="{group.U_DELETE}"><img src="./template/default/theme/delete.png" style="border:none" alt="delete" title="{lang:delete}" /></a> + </td> </tr> -<!-- END user --> -<tr> - <td colspan="3" align="right" valign="middle"> - <input type="submit" name="deny_user" value="{L_DENY_SELECTED}" class="bouton" /> - </td> -</tr> + <!-- END group --> </table> -<div align="left" style="margin-left:20%;"> -<input type="text" name="username" maxlength="50" size="20" /> -<input type="submit" name="add" value="{L_ADD_MEMBER}" class="bouton" /> -<input name="edit_group_id" type="hidden" value="{edit_group.GROUP_ID}"> -<input type="submit" name="usersubmit" value="{L_FIND_USERNAME}" class="bouton" onClick="window.open('{U_SEARCH_USER}', '_phpbbsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" /> -</div> -<br /> -<!-- END edit_group --> -</form> diff --git a/template/default/admin/group_perm.tpl b/template/default/admin/group_perm.tpl deleted file mode 100644 index 9bf490e5b..000000000 --- a/template/default/admin/group_perm.tpl +++ /dev/null @@ -1,7 +0,0 @@ -<!-- BEGIN select_box --> -<form method="post" name="post" action="{S_GROUP_ACTION}"> - <div class="admin">{L_GROUP_SELECT}</div> - {S_GROUP_SELECT} - <input type="submit" name="edit" value="{L_LOOK_UP}" class="bouton" /> -</form> -<!-- END select_box -->
\ No newline at end of file diff --git a/template/default/admin/user_list.tpl b/template/default/admin/user_list.tpl index 2c8a6cc9f..ce9634c65 100644 --- a/template/default/admin/user_list.tpl +++ b/template/default/admin/user_list.tpl @@ -1,15 +1,12 @@ -<div class="admin">{L_GROUP_ADD_USER}</div> - -<form method="post" name="add_user" action="{F_ADD_ACTION}"> -<div style="text-align:center"> - {L_USERNAME} <input type="text" name="login" maxlength="50" size="20" /> - {L_PASSWORD} <input type="text" name="password" /> - <input type="submit" name="submit_add" value="{L_SUBMIT}" class="bouton" /> -</div> +<form class="filter" method="post" name="add_user" action="{F_ADD_ACTION}"> + <fieldset> + <legend>{lang:Add a user}</legend> + <label>{L_USERNAME} <input type="text" name="login" maxlength="50" size="20" /></label> + <label>{L_PASSWORD} <input type="text" name="password" /></label> + <input type="submit" name="submit_add" value="{L_SUBMIT}" class="bouton" /> + </fieldset> </form> -<div class="admin">{L_USERS_LIST}</div> - <form class="filter" method="get" name="filter" action="{F_FILTER_ACTION}"> <input type="hidden" name="page" value="user_list" /> diff --git a/template/default/admin/user_perm.tpl b/template/default/admin/user_perm.tpl deleted file mode 100644 index e3944fe42..000000000 --- a/template/default/admin/user_perm.tpl +++ /dev/null @@ -1,6 +0,0 @@ -<div class="admin">{L_SELECT_USERNAME}</div> -<form method="post" name="post" action="{F_SEARCH_USER_ACTION}"> - <input type="text" name="username" maxlength="50" size="20" /> - <input type="submit" name="submituser" value="{L_LOOKUP_USER}" class="bouton" /> - <input type="submit" name="usersubmit" value="{L_FIND_USERNAME}" class="bouton" onClick="window.open('{U_SEARCH_USER}', '_phpwgsearch', 'HEIGHT=250,resizable=yes,WIDTH=400');return false;" /> -</form>
\ No newline at end of file |