userExists($u)) { $users[] = $u; } } } $blogs = []; if (!empty($_POST['blogs']) && is_array($_POST['blogs'])) { foreach ($_POST['blogs'] as $b) { if ($core->blogExists($b)) { $blogs[] = $b; } } } /* Actions -------------------------------------------------------- */ if (!empty($_POST['action']) && !empty($_POST['users'])) { $action = $_POST['action']; if (isset($_POST['redir']) && strpos($_POST['redir'], '://') === false) { $redir = $_POST['redir']; } else { $redir = $core->adminurl->get("admin.users", [ 'q' => $_POST['q'], 'sortby' => $_POST['sortby'], 'order' => $_POST['order'], 'page' => $_POST['page'], 'nb' => $_POST['nb'] ]); } if (empty($users)) { $core->error->add(__('No blog or user given.')); } # --BEHAVIOR-- adminUsersActions $core->callBehavior('adminUsersActions', $core, $users, $blogs, $action, $redir); # Delete users if ($action == 'deleteuser' && !empty($users)) { foreach ($users as $u) { try { if ($u == $core->auth->userID()) { throw new Exception(__('You cannot delete yourself.')); } # --BEHAVIOR-- adminBeforeUserDelete $core->callBehavior('adminBeforeUserDelete', $u); $core->delUser($u); } catch (Exception $e) { $core->error->add($e->getMessage()); } } if (!$core->error->flag()) { dcPage::addSuccessNotice(__('User has been successfully deleted.')); http::redirect($redir); } } # Update users perms if ($action == 'updateperm' && !empty($users) && !empty($blogs)) { try { if (empty($_POST['your_pwd']) || !$core->auth->checkPassword($_POST['your_pwd'])) { throw new Exception(__('Password verification failed')); } foreach ($users as $u) { foreach ($blogs as $b) { $set_perms = []; if (!empty($_POST['perm'][$b])) { foreach ($_POST['perm'][$b] as $perm_id => $v) { if ($v) { $set_perms[$perm_id] = true; } } } $core->setUserBlogPermissions($u, $b, $set_perms, true); } } } catch (Exception $e) { $core->error->add($e->getMessage()); } if (!$core->error->flag()) { dcPage::addSuccessNotice(__('User has been successfully updated.')); http::redirect($redir); } } } /* DISPLAY -------------------------------------------------------- */ if (!empty($users) && empty($blogs) && $action == 'blogs') { $breadcrumb = dcPage::breadcrumb( [ __('System') => '', __('Users') => $core->adminurl->get("admin.users"), __('Permissions') => '' ]); } else { $breadcrumb = dcPage::breadcrumb( [ __('System') => '', __('Users') => $core->adminurl->get("admin.users"), __('Actions') => '' ]); } dcPage::open( __('Users'), dcPage::jsLoad('js/_users_actions.js') . # --BEHAVIOR-- adminUsersActionsHeaders $core->callBehavior('adminUsersActionsHeaders'), $breadcrumb ); if (!isset($action)) { dcPage::close(); exit; } $hidden_fields = ''; foreach ($users as $u) { $hidden_fields .= form::hidden(['users[]'], $u); } if (isset($_POST['redir']) && strpos($_POST['redir'], '://') === false) { $hidden_fields .= form::hidden(['redir'], html::escapeURL($_POST['redir'])); } else { $hidden_fields .= form::hidden(['q'], html::escapeHTML($_POST['q'])) . form::hidden(['sortby'], $_POST['sortby']) . form::hidden(['order'], $_POST['order']) . form::hidden(['page'], $_POST['page']) . form::hidden(['nb'], $_POST['nb']); } echo '

' . __('Back to user profile') . '

'; # --BEHAVIOR-- adminUsersActionsContent $core->callBehavior('adminUsersActionsContent', $core, $action, $hidden_fields); # Blog list where to set permissions if (!empty($users) && empty($blogs) && $action == 'blogs') { try { $rs = $core->getBlogs(); $nb_blog = $rs->count(); } catch (Exception $e) {} foreach ($users as $u) { $user_list[] = ' $u]) . '">' . $u . ''; } echo '

' . sprintf( __('Choose one or more blogs to which you want to give permissions to users %s.'), implode(', ', $user_list) ) . '

'; if ($nb_blog == 0) { echo '

' . __('No blog') . '

'; } else { echo '
' . '
' . '' . '' . '' . '' . '' . '' . ''; while ($rs->fetch()) { $img_status = $rs->blog_status == 1 ? 'check-on' : ($rs->blog_status == 0 ? 'check-off' : 'check-wrn'); $txt_status = $core->getBlogStatus($rs->blog_status); $img_status = sprintf('%2$s', $img_status, $txt_status); echo '' . '' . '' . '' . '' . '' . '' . ''; } echo '
' . __('Blog ID') . '' . __('Blog name') . '' . __('URL') . '' . __('Entries') . '' . __('Status') . '
' . form::checkbox(['blogs[]'], $rs->blog_id, [ 'extra_html' => 'title="' . __('select') . ' ' . $rs->blog_id . '"' ]) . '' . $rs->blog_id . '' . html::escapeHTML($rs->blog_name) . '' . html::escapeHTML($rs->blog_url) . ' ' . $core->countBlogPosts($rs->blog_id) . '' . $img_status . '
' . '

' . '

' . $hidden_fields . form::hidden(['action'], 'perms') . $core->formNonce() . '

' . '
'; } } # Permissions list for each selected blogs elseif (!empty($blogs) && !empty($users) && $action == 'perms') { $user_perm = []; if (count($users) == 1) { $user_perm = $core->getUserPermissions($users[0]); } foreach ($users as $u) { $user_list[] = ' $u]) . '">' . $u . ''; } echo '

' . sprintf( __('You are about to change permissions on the following blogs for users %s.'), implode(', ', $user_list) ) . '

' . '
'; foreach ($blogs as $b) { echo '

' . ('Blog:') . ' html::escapeHTML($b)]) . '">' . html::escapeHTML($b) . '' . form::hidden(['blogs[]'], $b) . '

'; $unknown_perms = $user_perm; foreach ($core->auth->getPermissionsTypes() as $perm_id => $perm) { $checked = false; if (count($users) == 1) { $checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id]; } if (isset($unknown_perms[$b]['p'][$perm_id])) { unset($unknown_perms[$b]['p'][$perm_id]); } echo '

'; } if (isset($unknown_perms[$b])) { foreach ($unknown_perms[$b]['p'] as $perm_id => $v) { $checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id]; echo '

'; } } } echo '

' . '
' . '

' . __('Validate permissions') . '

' . '

' . form::password('your_pwd', 20, 255, [ 'extra_html' => 'required placeholder="' . __('Password') . '"', 'autocomplete' => 'current-password' ] ) . '

' . '

' . $hidden_fields . form::hidden(['action'], 'updateperm') . $core->formNonce() . '

' . '
' . '
'; } dcPage::helpBlock('core_users'); dcPage::close();