source: admin/users_actions.php @ 3874:ab8368569446

Visit:

Revision 3874:ab8368569446, 10.3 KB checked in by franck <carnet.franck.paul@…>, 7 years ago (diff)
short notation for array (array() → [])

Line
1	<?php
2	/**
3	* @package Dotclear
4	* @subpackage Backend
5	*
6	* @copyright Olivier Meunier & Association Dotclear
7	* @copyright GPL-2.0-only
8	*/
9
10	require dirname(__FILE__) . '/../inc/admin/prepend.php';
11
12	dcPage::checkSuper();
13
14	$users = [];
15	if (!empty($_POST['users']) && is_array($_POST['users'])) {
16	foreach ($_POST['users'] as $u) {
17	if ($core->userExists($u)) {
18	$users[] = $u;
19	}
20	}
21	}
22
23	$blogs = [];
24	if (!empty($_POST['blogs']) && is_array($_POST['blogs'])) {
25	foreach ($_POST['blogs'] as $b) {
26	if ($core->blogExists($b)) {
27	$blogs[] = $b;
28	}
29	}
30	}
31
32	/* Actions
33	-------------------------------------------------------- */
34	if (!empty($_POST['action']) && !empty($_POST['users'])) {
35	$action = $_POST['action'];
36
37	if (isset($_POST['redir']) && strpos($_POST['redir'], '://') === false) {
38	$redir = $_POST['redir'];
39	} else {
40	$redir = $core->adminurl->get("admin.users", [
41	'q' => $_POST['q'],
42	'sortby' => $_POST['sortby'],
43	'order' => $_POST['order'],
44	'page' => $_POST['page'],
45	'nb' => $_POST['nb']
46	]);
47	}
48
49	if (empty($users)) {
50	$core->error->add(__('No blog or user given.'));
51	}
52
53	# --BEHAVIOR-- adminUsersActions
54	$core->callBehavior('adminUsersActions', $core, $users, $blogs, $action, $redir);
55
56	# Delete users
57	if ($action == 'deleteuser' && !empty($users)) {
58	foreach ($users as $u) {
59	try
60	{
61	if ($u == $core->auth->userID()) {
62	throw new Exception(__('You cannot delete yourself.'));
63	}
64
65	# --BEHAVIOR-- adminBeforeUserDelete
66	$core->callBehavior('adminBeforeUserDelete', $u);
67
68	$core->delUser($u);
69	} catch (Exception $e) {
70	$core->error->add($e->getMessage());
71	}
72	}
73	if (!$core->error->flag()) {
74	dcPage::addSuccessNotice(__('User has been successfully deleted.'));
75	http::redirect($redir);
76	}
77	}
78
79	# Update users perms
80	if ($action == 'updateperm' && !empty($users) && !empty($blogs)) {
81	try
82	{
83	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($_POST['your_pwd'])) {
84	throw new Exception(__('Password verification failed'));
85	}
86
87	foreach ($users as $u) {
88	foreach ($blogs as $b) {
89	$set_perms = [];
90
91	if (!empty($_POST['perm'][$b])) {
92	foreach ($_POST['perm'][$b] as $perm_id => $v) {
93	if ($v) {
94	$set_perms[$perm_id] = true;
95	}
96	}
97	}
98
99	$core->setUserBlogPermissions($u, $b, $set_perms, true);
100	}
101	}
102	} catch (Exception $e) {
103	$core->error->add($e->getMessage());
104	}
105	if (!$core->error->flag()) {
106	dcPage::addSuccessNotice(__('User has been successfully updated.'));
107	http::redirect($redir);
108	}
109	}
110	}
111
112	/* DISPLAY
113	-------------------------------------------------------- */
114	if (!empty($users) && empty($blogs) && $action == 'blogs') {
115	$breadcrumb = dcPage::breadcrumb(
116	[
117	__('System') => '',
118	__('Users') => $core->adminurl->get("admin.users"),
119	__('Permissions') => ''
120	]);
121	} else {
122	$breadcrumb = dcPage::breadcrumb(
123	[
124	__('System') => '',
125	__('Users') => $core->adminurl->get("admin.users"),
126	__('Actions') => ''
127	]);
128	}
129
130	dcPage::open(
131	__('Users'),
132	dcPage::jsLoad('js/_users_actions.js') .
133	# --BEHAVIOR-- adminUsersActionsHeaders
134	$core->callBehavior('adminUsersActionsHeaders'),
135	$breadcrumb
136	);
137
138	if (!isset($action)) {
139	dcPage::close();
140	exit;
141	}
142
143	$hidden_fields = '';
144	foreach ($users as $u) {
145	$hidden_fields .= form::hidden(['users[]'], $u);
146	}
147
148	if (isset($_POST['redir']) && strpos($_POST['redir'], '://') === false) {
149	$hidden_fields .= form::hidden(['redir'], html::escapeURL($_POST['redir']));
150	} else {
151	$hidden_fields .=
152	form::hidden(['q'], html::escapeHTML($_POST['q'])) .
153	form::hidden(['sortby'], $_POST['sortby']) .
154	form::hidden(['order'], $_POST['order']) .
155	form::hidden(['page'], $_POST['page']) .
156	form::hidden(['nb'], $_POST['nb']);
157	}
158
159	echo '<p><a class="back" href="' . html::escapeURL($redir) . '">' . __('Back to user profile') . '</a></p>';
160
161	# --BEHAVIOR-- adminUsersActionsContent
162	$core->callBehavior('adminUsersActionsContent', $core, $action, $hidden_fields);
163
164	# Blog list where to set permissions
165	if (!empty($users) && empty($blogs) && $action == 'blogs') {
166	try {
167	$rs = $core->getBlogs();
168	$nb_blog = $rs->count();
169	} catch (Exception $e) {}
170
171	foreach ($users as $u) {
172	$user_list[] = '<a href="' . $core->adminurl->get("admin.user", ['id' => $u]) . '">' . $u . '</a>';
173	}
174
175	echo
176	'<p>' . sprintf(
177	__('Choose one or more blogs to which you want to give permissions to users %s.'),
178	implode(', ', $user_list)
179	) . '</p>';
180
181	if ($nb_blog == 0) {
182	echo '<p><strong>' . __('No blog') . '</strong></p>';
183	} else {
184	echo
185	'<form action="' . $core->adminurl->get("admin.user.actions") . '" method="post" id="form-blogs">' .
186	'<div class="table-outer clear">' .
187	'<table><tr>' .
188	'<th class="nowrap" colspan="2">' . __('Blog ID') . '</th>' .
189	'<th class="nowrap">' . __('Blog name') . '</th>' .
190	'<th class="nowrap">' . __('URL') . '</th>' .
191	'<th class="nowrap">' . __('Entries') . '</th>' .
192	'<th class="nowrap">' . __('Status') . '</th>' .
193	'</tr>';
194
195	while ($rs->fetch()) {
196	$img_status = $rs->blog_status == 1 ? 'check-on' : ($rs->blog_status == 0 ? 'check-off' : 'check-wrn');
197	$txt_status = $core->getBlogStatus($rs->blog_status);
198	$img_status = sprintf('<img src="images/%1$s.png" alt="%2$s" title="%2$s" />', $img_status, $txt_status);
199
200	echo
201	'<tr class="line">' .
202	'<td class="nowrap">' .
203	form::checkbox(['blogs[]'], $rs->blog_id,
204	[
205	'extra_html' => 'title="' . __('select') . ' ' . $rs->blog_id . '"'
206	]) .
207	'</td>' .
208	'<td class="nowrap">' . $rs->blog_id . '</td>' .
209	'<td class="maximal">' . html::escapeHTML($rs->blog_name) . '</td>' .
210	'<td class="nowrap"><a class="outgoing" href="' . html::escapeHTML($rs->blog_url) . '">' . html::escapeHTML($rs->blog_url) .
211	' <img src="images/outgoing-link.svg" alt="" /></a></td>' .
212	'<td class="nowrap">' . $core->countBlogPosts($rs->blog_id) . '</td>' .
213	'<td class="status">' . $img_status . '</td>' .
214	'</tr>';
215	}
216
217	echo
218	'</table></div>' .
219	'<p class="checkboxes-helpers"></p>' .
220	'<p><input id="do-action" type="submit" value="' . __('Set permissions') . '" />' .
221	$hidden_fields .
222	form::hidden(['action'], 'perms') .
223	$core->formNonce() . '</p>' .
224	'</form>';
225	}
226	}
227	# Permissions list for each selected blogs
228	elseif (!empty($blogs) && !empty($users) && $action == 'perms') {
229	$user_perm = [];
230	if (count($users) == 1) {
231	$user_perm = $core->getUserPermissions($users[0]);
232	}
233
234	foreach ($users as $u) {
235	$user_list[] = '<a href="' . $core->adminurl->get("admin.user", ['id' => $u]) . '">' . $u . '</a>';
236	}
237
238	echo
239	'<p>' . sprintf(
240	__('You are about to change permissions on the following blogs for users %s.'),
241	implode(', ', $user_list)
242	) . '</p>' .
243	'<form id="permissions-form" action="' . $core->adminurl->get("admin.user.actions") . '" method="post">';
244
245	foreach ($blogs as $b) {
246	echo '<h3>' . ('Blog:') . ' <a href="' . $core->adminurl->get("admin.blog", ['id' => html::escapeHTML($b)]) . '">' . html::escapeHTML($b) . '</a>' .
247	form::hidden(['blogs[]'], $b) . '</h3>';
248	$unknown_perms = $user_perm;
249	foreach ($core->auth->getPermissionsTypes() as $perm_id => $perm) {
250	$checked = false;
251
252	if (count($users) == 1) {
253	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
254	}
255	if (isset($unknown_perms[$b]['p'][$perm_id])) {
256	unset($unknown_perms[$b]['p'][$perm_id]);
257	}
258
259	echo
260	'<p><label for="perm' . html::escapeHTML($b) . html::escapeHTML($perm_id) . '" class="classic">' .
261	form::checkbox(['perm[' . html::escapeHTML($b) . '][' . html::escapeHTML($perm_id) . ']', 'perm' . html::escapeHTML($b) . html::escapeHTML($perm_id)],
262	1, $checked) . ' ' .
263	__($perm) . '</label></p>';
264	}
265	if (isset($unknown_perms[$b])) {
266
267	foreach ($unknown_perms[$b]['p'] as $perm_id => $v) {
268	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
269	echo
270	'<p><label for="perm' . html::escapeHTML($b) . html::escapeHTML($perm_id) . '" class="classic">' .
271	form::checkbox(
272	['perm[' . html::escapeHTML($b) . '][' . html::escapeHTML($perm_id) . ']',
273	'perm' . html::escapeHTML($b) . html::escapeHTML($perm_id)],
274	1, $checked) . ' ' .
275	sprintf(__('[%s] (unreferenced permission)'), $perm_id) . '</label></p>';
276	}
277	}
278	}
279
280	echo
281	'<p class="checkboxes-helpers"></p>' .
282	'<div class="fieldset">' .
283	'<h3>' . __('Validate permissions') . '</h3>' .
284	'<p><label for="your_pwd" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('Your password:') . '</label>' .
285	form::password('your_pwd', 20, 255,
286	[
287	'extra_html' => 'required placeholder="' . __('Password') . '"',
288	'autocomplete' => 'current-password'
289	]
290	) . '</p>' .
291	'<p><input type="submit" accesskey="s" value="' . __('Save') . '" />' .
292	$hidden_fields .
293	form::hidden(['action'], 'updateperm') .
294	$core->formNonce() . '</p>' .
295	'</div>' .
296	'</form>';
297	}
298
299	dcPage::helpBlock('core_users');
300	dcPage::close();

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/users_actions.php @ 3874:ab8368569446

Download in other formats:

Sites map