source: admin/users_actions.php @ 2436:801694d6e397

Visit:

Revision 2436:801694d6e397, 8.2 KB checked in by Nicolas <nikrou77@…>, 12 years ago (diff)
Update users page, addresses contextual help

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$users = array();
18	if (!empty($_POST['users']) && is_array($_POST['users']))
19	{
20	foreach ($_POST['users'] as $u)
21	{
22	if ($core->userExists($u)) {
23	$users[] = $u;
24	}
25	}
26	}
27
28	$blogs = array();
29	if (!empty($_POST['blogs']) && is_array($_POST['blogs']))
30	{
31	foreach ($_POST['blogs'] as $b)
32	{
33	if ($core->blogExists($b)) {
34	$blogs[] = $b;
35	}
36	}
37	}
38
39	/* Actions
40	-------------------------------------------------------- */
41	if (!empty($_POST['action']) && !empty($_POST['users']))
42	{
43	$action = $_POST['action'];
44
45	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
46	{
47	$redir = $_POST['redir'];
48	}
49	else
50	{
51	$redir =
52	'users.php?q='.$_POST['q'].
53	'&sortby='.$_POST['sortby'].
54	'&order='.$_POST['order'].
55	'&page='.$_POST['page'].
56	'&nb='.$_POST['nb'];
57	}
58
59	if (empty($users)) {
60	$core->error->add(__('No blog or user given.'));
61	}
62
63	# --BEHAVIOR-- adminUsersActions
64	$core->callBehavior('adminUsersActions',$core,$users,$blogs,$action,$redir);
65
66	# Delete users
67	if ($action == 'deleteuser' && !empty($users))
68	{
69	foreach ($users as $u)
70	{
71	try
72	{
73	if ($u == $core->auth->userID()) {
74	throw new Exception(__('You cannot delete yourself.'));
75	}
76
77	# --BEHAVIOR-- adminBeforeUserDelete
78	$core->callBehavior('adminBeforeUserDelete',$u);
79
80	$core->delUser($u);
81	}
82	catch (Exception $e)
83	{
84	$core->error->add($e->getMessage());
85	}
86	}
87	if (!$core->error->flag()) {
88	dcPage::addSuccessNotice(__('User has been successfully deleted.'));
89	http::redirect($redir);
90	}
91	}
92
93	# Update users perms
94	if ($action == 'updateperm' && !empty($users) && !empty($blogs))
95	{
96	try
97	{
98	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
99	throw new Exception(__('Password verification failed'));
100	}
101
102	foreach ($users as $u)
103	{
104	foreach ($blogs as $b)
105	{
106	$set_perms = array();
107
108	if (!empty($_POST['perm'][$b]))
109	{
110	foreach ($_POST['perm'][$b] as $perm_id => $v)
111	{
112	if ($v) {
113	$set_perms[$perm_id] = true;
114	}
115	}
116	}
117
118	$core->setUserBlogPermissions($u,$b,$set_perms,true);
119	}
120	}
121	}
122	catch (Exception $e)
123	{
124	$core->error->add($e->getMessage());
125	}
126	if (!$core->error->flag()) {
127	dcPage::addSuccessNotice(__('User has been successfully updated.'));
128	http::redirect($redir);
129	}
130	}
131	}
132
133	/* DISPLAY
134	-------------------------------------------------------- */
135	if (!empty($users) && empty($blogs) && $action == 'blogs') {
136	$breadcrumb = dcPage::breadcrumb(
137	array(
138	__('System') => '',
139	__('Users') => 'users.php',
140	__('Permissions') => ''
141	));
142	} else {
143	$breadcrumb = dcPage::breadcrumb(
144	array(
145	__('System') => '',
146	__('Users') => 'users.php',
147	__('Actions') => ''
148	));
149	}
150
151	dcPage::open(
152	__('Users'),
153	dcPage::jsLoad('js/_users_actions.js').
154	# --BEHAVIOR-- adminUsersActionsHeaders
155	$core->callBehavior('adminUsersActionsHeaders'),
156	$breadcrumb
157	);
158
159	if (!isset($action)) {
160	dcPage::close();
161	exit;
162	}
163
164	$hidden_fields = '';
165	foreach($users as $u) {
166	$hidden_fields .= form::hidden(array('users[]'),$u);
167	}
168
169	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
170	{
171	$hidden_fields .= form::hidden(array('redir'),html::escapeURL($_POST['redir']));
172	}
173	else
174	{
175	$hidden_fields .=
176	form::hidden(array('q'),html::escapeHTML($_POST['q'])).
177	form::hidden(array('sortby'),$_POST['sortby']).
178	form::hidden(array('order'),$_POST['order']).
179	form::hidden(array('page'),$_POST['page']).
180	form::hidden(array('nb'),$_POST['nb']);
181	}
182
183	echo '<p><a class="back" href="'.html::escapeURL($redir).'">'.__('Back to user profile').'</a></p>';
184
185	# --BEHAVIOR-- adminUsersActionsContent
186	$core->callBehavior('adminUsersActionsContent',$core,$action,$hidden_fields);
187
188	# Blog list where to set permissions
189	if (!empty($users) && empty($blogs) && $action == 'blogs')
190	{
191	try {
192	$rs = $core->getBlogs();
193	$nb_blog = $rs->count();
194	} catch (Exception $e) { }
195
196	foreach ($users as $u) {
197	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
198	}
199
200	echo
201	'<p>'.sprintf(
202	__('Choose one or more blogs to which you want to give permissions to users %s.'),
203	implode(', ',$user_list)
204	).'</p>';
205
206	if ($nb_blog == 0)
207	{
208	echo '<p><strong>'.__('No blog').'</strong></p>';
209	}
210	else
211	{
212	echo
213	'<form action="users_actions.php" method="post" id="form-blogs">'.
214	'<div class="table-outer clear">'.
215	'<table><tr>'.
216	'<th class="nowrap" colspan="2">'.__('Blog ID').'</th>'.
217	'<th class="nowrap">'.__('Blog name').'</th>'.
218	'<th class="nowrap">'.__('Entries').'</th>'.
219	'<th class="nowrap">'.__('Status').'</th>'.
220	'</tr>';
221
222	while ($rs->fetch())
223	{
224	$img_status = $rs->blog_status == 1 ? 'check-on' : 'check-off';
225	$txt_status = $core->getBlogStatus($rs->blog_status);
226	$img_status = sprintf('<img src="images/%1$s.png" alt="%2$s" title="%2$s" />',$img_status,$txt_status);
227
228	echo
229	'<tr class="line">'.
230	'<td class="nowrap">'.
231	form::checkbox(array('blogs[]'),$rs->blog_id,'','','',false,'title="'.__('select').' '.$rs->blog_id.'"').'</td>'.
232	'<td class="nowrap">'.$rs->blog_id.'</td>'.
233	'<td class="maximal">'.html::escapeHTML($rs->blog_name).'</td>'.
234	'<td class="nowrap">'.$core->countBlogPosts($rs->blog_id).'</td>'.
235	'<td class="status">'.$img_status.'</td>'.
236	'</tr>';
237	}
238
239	echo
240	'</table></div>'.
241	'<p class="checkboxes-helpers"></p>'.
242	'<p><input type="submit" value="'.__('Set permissions').'" />'.
243	$hidden_fields.
244	form::hidden(array('action'),'perms').
245	$core->formNonce().'</p>'.
246	'</form>';
247	}
248	}
249	# Permissions list for each selected blogs
250	elseif (!empty($blogs) && !empty($users) && $action == 'perms')
251	{
252	$user_perm = array();
253	if (count($users) == 1) {
254	$user_perm = $core->getUserPermissions($users[0]);
255	}
256
257	foreach ($users as $u) {
258	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
259	}
260
261	echo
262	'<p>'.sprintf(
263	__('You are about to change permissions on the following blogs for users %s.'),
264	implode(', ',$user_list)
265	).'</p>'.
266	'<form id="permissions-form" action="users_actions.php" method="post">';
267
268	foreach ($blogs as $b)
269	{
270	echo '<h3>'.('Blog:').' <a href="blog.php?id='.html::escapeHTML($b).'">'.html::escapeHTML($b).'</a>'.
271	form::hidden(array('blogs[]'),$b).'</h3>';
272	$unknown_perms = $user_perm;
273	foreach ($core->auth->getPermissionsTypes() as $perm_id => $perm)
274	{
275	$checked = false;
276
277	if (count($users) == 1) {
278	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
279	}
280	if (isset($unknown_perms[$b]['p'][$perm_id])) {
281	unset ($unknown_perms[$b]['p'][$perm_id]);
282	}
283
284	echo
285	'<p><label for="perm'.html::escapeHTML($b).html::escapeHTML($perm_id).'" class="classic">'.
286	form::checkbox(array('perm['.html::escapeHTML($b).']['.html::escapeHTML($perm_id).']','perm'.html::escapeHTML($b).html::escapeHTML($perm_id)),
287	1,$checked).' '.
288	__($perm).'</label></p>';
289	}
290	if (isset($unknown_perms[$b])) {
291
292	foreach ($unknown_perms[$b]['p'] as $perm_id => $v) {
293	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
294	echo
295	'<p><label for="perm'.html::escapeHTML($b).html::escapeHTML($perm_id).'" class="classic">'.
296	form::checkbox(
297	array('perm['.html::escapeHTML($b).']['.html::escapeHTML($perm_id).']',
298	'perm'.html::escapeHTML($b).html::escapeHTML($perm_id)),
299	1,$checked).' '.
300	sprintf(__('[%s] (unreferenced permission)'),$perm_id).'</label></p>';
301	}
302	}
303	}
304
305	echo
306	'<div class="fieldset">'.
307	'<h3>'.__('Validate permissions').'</h3>'.
308	'<p><label for="your_pwd" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Your password:').'</label>'.
309	form::password('your_pwd',20,255).'</p>'.
310	'<p><input type="submit" accesskey="s" value="'.__('Save').'" />'.
311	$hidden_fields.
312	form::hidden(array('action'),'updateperm').
313	$core->formNonce().'</p>'.
314	'</div>'.
315	'</form>';
316	}
317
318	dcPage::helpBlock('core_users');
319	dcPage::close();
320	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/users_actions.php @ 2436:801694d6e397

Download in other formats:

Sites map