source: admin/users_actions.php @ 1477:6ffbcd3cfb6f

Visit:

Revision 1477:6ffbcd3cfb6f, 7.3 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
One more oops, one more conflict missed.

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$users = array();
18	if (!empty($_POST['users']) && is_array($_POST['users']))
19	{
20	foreach ($_POST['users'] as $u)
21	{
22	if ($core->userExists($u)) {
23	$users[] = $u;
24	}
25	}
26	}
27
28	$blogs = array();
29	if (!empty($_POST['blogs']) && is_array($_POST['blogs']))
30	{
31	foreach ($_POST['blogs'] as $b)
32	{
33	if ($core->blogExists($b)) {
34	$blogs[] = $b;
35	}
36	}
37	}
38
39	/* Actions
40	-------------------------------------------------------- */
41	if (!empty($_POST['action']) && !empty($_POST['users']))
42	{
43	$action = $_POST['action'];
44
45	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
46	{
47	$redir = $_POST['redir'];
48	}
49	else
50	{
51	$redir =
52	'users.php?q='.$_POST['q'].
53	'&sortby='.$_POST['sortby'].
54	'&order='.$_POST['order'].
55	'&page='.$_POST['page'].
56	'&nb='.$_POST['nb'];
57	}
58
59	if (empty($users)) {
60	$core->error->add(__('No blog or user given.'));
61	}
62
63	# --BEHAVIOR-- adminUsersActions
64	$core->callBehavior('adminUsersActions',$core,$users,$blogs,$action,$redir);
65
66	# Delete users
67	if ($action == 'deleteuser' && !empty($users))
68	{
69	foreach ($users as $u)
70	{
71	try
72	{
73	if ($u == $core->auth->userID()) {
74	throw new Exception(__('Not delete yourself.'));
75	}
76
77	# --BEHAVIOR-- adminBeforeUserDelete
78	$core->callBehavior('adminBeforeUserDelete',$u);
79
80	$core->delUser($u);
81	}
82	catch (Exception $e)
83	{
84	$core->error->add($e->getMessage());
85	}
86	}
87	if (!$core->error->flag()) {
88	http::redirect($redir.'&del=1');
89	}
90	}
91
92	# Update users perms
93	if ($action == 'updateperm' && !empty($users) && !empty($blogs))
94	{
95	try
96	{
97	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
98	throw new Exception(__('Password verification failed'));
99	}
100
101	foreach ($users as $u)
102	{
103	foreach ($blogs as $b)
104	{
105	$set_perms = array();
106
107	if (!empty($_POST['perm'][$b]))
108	{
109	foreach ($_POST['perm'][$b] as $perm_id => $v)
110	{
111	if ($v) {
112	$set_perms[$perm_id] = true;
113	}
114	}
115	}
116
117	$core->setUserBlogPermissions($u,$b,$set_perms,true);
118	}
119	}
120	}
121	catch (Exception $e)
122	{
123	$core->error->add($e->getMessage());
124	}
125	if (!$core->error->flag()) {
126	http::redirect($redir.'&upd=1');
127	}
128	}
129	}
130
131	/* DISPLAY
132	-------------------------------------------------------- */
133	if (!empty($users) && empty($blogs) && $action == 'blogs') {
134	$breadcrumb = dcPage::breadcrumb(
135	array(
136	__('System') => '',
137	__('Users') => 'users.php',
138	'<span class="page-title">'.__('Permissions').'</span>' => ''
139	));
140	} else {
141	$breadcrumb = dcPage::breadcrumb(
142	array(
143	__('System') => '',
144	__('Users') => 'users.php',
145	'<span class="page-title">'.__('Actions').'</span>' => ''
146	));
147	}
148
149	dcPage::open(
150	__('Users'),
151	dcPage::jsLoad('js/_users_actions.js').
152	# --BEHAVIOR-- adminUsersActionsHeaders
153	$core->callBehavior('adminUsersActionsHeaders'),
154	$breadcrumb
155	);
156
157	if (!isset($action)) {
158	dcPage::close();
159	exit;
160	}
161
162	$hidden_fields = '';
163	foreach($users as $u) {
164	$hidden_fields .= form::hidden(array('users[]'),$u);
165	}
166
167	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
168	{
169	$hidden_fields .= form::hidden(array('redir'),html::escapeURL($_POST['redir']));
170	}
171	else
172	{
173	$hidden_fields .=
174	form::hidden(array('q'),html::escapeHTML($_POST['q'])).
175	form::hidden(array('sortby'),$_POST['sortby']).
176	form::hidden(array('order'),$_POST['order']).
177	form::hidden(array('page'),$_POST['page']).
178	form::hidden(array('nb'),$_POST['nb']);
179	}
180
181	# --BEHAVIOR-- adminUsersActionsContent
182	$core->callBehavior('adminUsersActionsContent',$core,$action,$hidden_fields);
183
184	# Blog list where to set permissions
185	if (!empty($users) && empty($blogs) && $action == 'blogs')
186	{
187	try {
188	$rs = $core->getBlogs();
189	$nb_blog = $rs->count();
190	} catch (Exception $e) { }
191
192	foreach ($users as $u) {
193	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
194	}
195
196	echo
197	'<p>'.sprintf(
198	__('Choose one or more blogs to which you want to give permissions to users %s.'),
199	implode(', ',$user_list)
200	).'</p>';
201
202	if ($nb_blog == 0)
203	{
204	echo '<p><strong>'.__('No blog').'</strong></p>';
205	}
206	else
207	{
208	echo
209	'<form action="users_actions.php" method="post" id="form-blogs">'.
210	'<table class="clear"><tr>'.
211	'<th class="nowrap" colspan="2">'.__('Blog ID').'</th>'.
212	'<th class="nowrap">'.__('Blog name').'</th>'.
213	'<th class="nowrap">'.__('Entries').'</th>'.
214	'<th class="nowrap">'.__('Status').'</th>'.
215	'</tr>';
216
217	while ($rs->fetch())
218	{
219	$img_status = $rs->blog_status == 1 ? 'check-on' : 'check-off';
220	$txt_status = $core->getBlogStatus($rs->blog_status);
221	$img_status = sprintf('<img src="images/%1$s.png" alt="%2$s" title="%2$s" />',$img_status,$txt_status);
222
223	echo
224	'<tr class="line">'.
225	'<td class="nowrap">'.
226	form::checkbox(array('blogs[]'),$rs->blog_id,'','','',false,'title="'.__('select').' '.$rs->blog_id.'"').'</td>'.
227	'<td class="nowrap">'.$rs->blog_id.'</td>'.
228	'<td class="maximal">'.html::escapeHTML($rs->blog_name).'</td>'.
229	'<td class="nowrap">'.$core->countBlogPosts($rs->blog_id).'</td>'.
230	'<td class="status">'.$img_status.'</td>'.
231	'</tr>';
232	}
233
234	echo
235	'</table>'.
236	'<p class="checkboxes-helpers"></p>'.
237	'<p><input type="submit" value="'.__('Set permissions').'" />'.
238	$hidden_fields.
239	form::hidden(array('action'),'perms').
240	$core->formNonce().'</p>'.
241	'</form>';
242	}
243	}
244	# Permissions list for each selected blogs
245	elseif (!empty($blogs) && !empty($users) && $action == 'perms')
246	{
247	$user_perm = array();
248	if (count($users) == 1) {
249	$user_perm = $core->getUserPermissions($users[0]);
250	}
251
252	foreach ($users as $u) {
253	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
254	}
255
256	echo
257	'<p>'.sprintf(
258	__('You are about to change permissions on the following blogs for users %s.'),
259	implode(', ',$user_list)
260	).'</p>'.
261	'<form id="permissions-form" action="users_actions.php" method="post">';
262
263	foreach ($blogs as $b)
264	{
265	echo '<h3><a href="blog.php?id='.html::escapeHTML($b).'">'.html::escapeHTML($b).'</a>'.
266	form::hidden(array('blogs[]'),$b).'</h3>';
267
268	foreach ($core->auth->getPermissionsTypes() as $perm_id => $perm)
269	{
270	$checked = false;
271
272	if (count($users) == 1) {
273	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
274	}
275
276	echo
277	'<p><label for="perm'.html::escapeHTML($b).html::escapeHTML($perm_id).'" class="classic">'.
278	form::checkbox(array('perm['.html::escapeHTML($b).']['.html::escapeHTML($perm_id).']','perm'.html::escapeHTML($b).html::escapeHTML($perm_id)),
279	1,$checked).' '.
280	__($perm).'</label></p>';
281	}
282	}
283
284	echo
285	'<fieldset><legend>'.__('Validate permissions').'</legend>'.
286	'<p><label for="your_pwd">'.__('Your password:').'</label>'.
287	form::password('your_pwd',20,255).'</p>'.
288	'</fieldset>'.
289	'<p><input type="submit" accesskey="s" value="'.__('Save').'" />'.
290	$hidden_fields.
291	form::hidden(array('action'),'updateperm').
292	$core->formNonce().'</p>'.
293	'</form>';
294	}
295
296	echo '<p><a class="back" href="'.html::escapeURL($redir).'">'.__('back').'</a></p>';
297
298	dcPage::close();
299	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/users_actions.php @ 1477:6ffbcd3cfb6f

Download in other formats:

Sites map