source: admin/users_actions.php @ 1179:a43a29427ef3

Visit:

Revision 1179:a43a29427ef3, 7.1 KB checked in by franck <carnet.franck.paul@…>, 11 years ago (diff)
Update copyright notice

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	require dirname(__FILE__).'/../inc/admin/prepend.php';
14
15	dcPage::checkSuper();
16
17	$users = array();
18	if (!empty($_POST['users']) && is_array($_POST['users']))
19	{
20	foreach ($_POST['users'] as $u)
21	{
22	if ($core->userExists($u)) {
23	$users[] = $u;
24	}
25	}
26	}
27
28	$blogs = array();
29	if (!empty($_POST['blogs']) && is_array($_POST['blogs']))
30	{
31	foreach ($_POST['blogs'] as $b)
32	{
33	if ($core->blogExists($b)) {
34	$blogs[] = $b;
35	}
36	}
37	}
38
39	/* Actions
40	-------------------------------------------------------- */
41	if (!empty($_POST['action']) && !empty($_POST['users']))
42	{
43	$action = $_POST['action'];
44
45	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
46	{
47	$redir = $_POST['redir'];
48	}
49	else
50	{
51	$redir =
52	'users.php?q='.$_POST['q'].
53	'&sortby='.$_POST['sortby'].
54	'&order='.$_POST['order'].
55	'&page='.$_POST['page'].
56	'&nb='.$_POST['nb'];
57	}
58
59	if (empty($users)) {
60	$core->error->add(__('No blog or user given.'));
61	}
62
63	# --BEHAVIOR-- adminUsersActions
64	$core->callBehavior('adminUsersActions',$core,$users,$blogs,$action,$redir);
65
66	# Delete users
67	if ($action == 'deleteuser' && !empty($users))
68	{
69	foreach ($users as $u)
70	{
71	try
72	{
73	if ($u == $core->auth->userID()) {
74	throw new Exception(__('Not delete yourself.'));
75	}
76
77	# --BEHAVIOR-- adminBeforeUserDelete
78	$core->callBehavior('adminBeforeUserDelete',$u);
79
80	$core->delUser($u);
81	}
82	catch (Exception $e)
83	{
84	$core->error->add($e->getMessage());
85	}
86	}
87	if (!$core->error->flag()) {
88	http::redirect($redir.'&del=1');
89	}
90	}
91
92	# Update users perms
93	if ($action == 'updateperm' && !empty($users) && !empty($blogs))
94	{
95	try
96	{
97	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY,$_POST['your_pwd']))) {
98	throw new Exception(__('Password verification failed'));
99	}
100
101	foreach ($users as $u)
102	{
103	foreach ($blogs as $b)
104	{
105	$set_perms = array();
106
107	if (!empty($_POST['perm'][$b]))
108	{
109	foreach ($_POST['perm'][$b] as $perm_id => $v)
110	{
111	if ($v) {
112	$set_perms[$perm_id] = true;
113	}
114	}
115	}
116
117	$core->setUserBlogPermissions($u,$b,$set_perms,true);
118	}
119	}
120	}
121	catch (Exception $e)
122	{
123	$core->error->add($e->getMessage());
124	}
125	if (!$core->error->flag()) {
126	http::redirect($redir.'&upd=1');
127	}
128	}
129	}
130
131	/* DISPLAY
132	-------------------------------------------------------- */
133	dcPage::open(
134	__('Users'),
135	dcPage::jsLoad('js/_users_actions.js').
136	# --BEHAVIOR-- adminUsersActionsHeaders
137	$core->callBehavior('adminUsersActionsHeaders')
138	);
139
140	if (!isset($action)) {
141	dcPage::close();
142	exit;
143	}
144
145	$hidden_fields = '';
146	foreach($users as $u) {
147	$hidden_fields .= form::hidden(array('users[]'),$u);
148	}
149
150	if (isset($_POST['redir']) && strpos($_POST['redir'],'://') === false)
151	{
152	$hidden_fields .= form::hidden(array('redir'),html::escapeURL($_POST['redir']));
153	}
154	else
155	{
156	$hidden_fields .=
157	form::hidden(array('q'),html::escapeHTML($_POST['q'])).
158	form::hidden(array('sortby'),$_POST['sortby']).
159	form::hidden(array('order'),$_POST['order']).
160	form::hidden(array('page'),$_POST['page']).
161	form::hidden(array('nb'),$_POST['nb']);
162	}
163
164	# --BEHAVIOR-- adminUsersActionsContent
165	$core->callBehavior('adminUsersActionsContent',$core,$action,$hidden_fields);
166
167	# Blog list where to set permissions
168	if (!empty($users) && empty($blogs) && $action == 'blogs')
169	{
170	try {
171	$rs = $core->getBlogs();
172	$nb_blog = $rs->count();
173	} catch (Exception $e) { }
174
175	foreach ($users as $u) {
176	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
177	}
178
179	echo
180	'<h2><a href="users.php">'.__('Users').'</a> &rsaquo; <span class="page-title">'.__('Permissions').'</span></h2>'.
181	'<p>'.sprintf(
182	__('Choose one or more blogs to which you want to give permissions to users %s.'),
183	implode(', ',$user_list)
184	).'</p>';
185
186	if ($nb_blog == 0)
187	{
188	echo '<p><strong>'.__('No blog').'</strong></p>';
189	}
190	else
191	{
192	echo
193	'<form action="users_actions.php" method="post" id="form-blogs">'.
194	'<table class="clear"><tr>'.
195	'<th class="nowrap" colspan="2">'.__('Blog ID').'</th>'.
196	'<th class="nowrap">'.__('Blog name').'</th>'.
197	'<th class="nowrap">'.__('Entries').'</th>'.
198	'<th class="nowrap">'.__('Status').'</th>'.
199	'</tr>';
200
201	while ($rs->fetch())
202	{
203	$img_status = $rs->blog_status == 1 ? 'check-on' : 'check-off';
204	$txt_status = $core->getBlogStatus($rs->blog_status);
205	$img_status = sprintf('<img src="images/%1$s.png" alt="%2$s" title="%2$s" />',$img_status,$txt_status);
206
207	echo
208	'<tr class="line">'.
209	'<td class="nowrap">'.
210	form::checkbox(array('blogs[]'),$rs->blog_id,'','','',false,'title="'.__('select').' '.$rs->blog_id.'"').'</td>'.
211	'<td class="nowrap">'.$rs->blog_id.'</td>'.
212	'<td class="maximal">'.html::escapeHTML($rs->blog_name).'</td>'.
213	'<td class="nowrap">'.$core->countBlogPosts($rs->blog_id).'</td>'.
214	'<td class="status">'.$img_status.'</td>'.
215	'</tr>';
216	}
217
218	echo
219	'</table>'.
220	'<p class="checkboxes-helpers"></p>'.
221	'<p><input type="submit" value="'.__('Set permissions').'" />'.
222	$hidden_fields.
223	form::hidden(array('action'),'perms').
224	$core->formNonce().'</p>'.
225	'</form>';
226	}
227	}
228	# Permissions list for each selected blogs
229	elseif (!empty($blogs) && !empty($users) && $action == 'perms')
230	{
231	$user_perm = array();
232	if (count($users) == 1) {
233	$user_perm = $core->getUserPermissions($users[0]);
234	}
235
236	foreach ($users as $u) {
237	$user_list[] = '<a href="user.php?id='.$u.'">'.$u.'</a>';
238	}
239
240	echo
241	'<h2><a href="users.php">'.__('Users').'</a> &rsaquo; <span class="page-title">'.__('Permissions').'</span></h2>'.
242	'<p>'.sprintf(
243	__('You are about to change permissions on the following blogs for users %s.'),
244	implode(', ',$user_list)
245	).'</p>'.
246	'<form id="permissions-form" action="users_actions.php" method="post">';
247
248	foreach ($blogs as $b)
249	{
250	echo '<h3><a href="blog.php?id='.html::escapeHTML($b).'">'.html::escapeHTML($b).'</a>'.
251	form::hidden(array('blogs[]'),$b).'</h3>';
252
253	foreach ($core->auth->getPermissionsTypes() as $perm_id => $perm)
254	{
255	$checked = false;
256
257	if (count($users) == 1) {
258	$checked = isset($user_perm[$b]['p'][$perm_id]) && $user_perm[$b]['p'][$perm_id];
259	}
260
261	echo
262	'<p><label for="perm'.html::escapeHTML($b).html::escapeHTML($perm_id).'" class="classic">'.
263	form::checkbox(array('perm['.html::escapeHTML($b).']['.html::escapeHTML($perm_id).']','perm'.html::escapeHTML($b).html::escapeHTML($perm_id)),
264	1,$checked).' '.
265	__($perm).'</label></p>';
266	}
267	}
268
269	echo
270	'<fieldset><legend>'.__('Validate permissions').'</legend>'.
271	'<p><label for="your_pwd">'.__('Your password:').
272	form::password('your_pwd',20,255).'</label></p>'.
273	'</fieldset>'.
274	'<p><input type="submit" accesskey="s" value="'.__('Save').'" />'.
275	$hidden_fields.
276	form::hidden(array('action'),'updateperm').
277	$core->formNonce().'</p>'.
278	'</form>';
279	}
280
281	echo '<p><a class="back" href="'.html::escapeURL($redir).'">'.__('back').'</a></p>';
282
283	dcPage::close();
284	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/users_actions.php @ 1179:a43a29427ef3

Download in other formats:

Sites map