Subversion Repositories svnkaklik

Rev

Details | Last modification | View Log

Rev Author Line No. Line
6 kaklik 1
<?php
2
// +-----------------------------------------------------------------------+
3
// | PhpWebGallery - a PHP based picture gallery                           |
4
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6
// +-----------------------------------------------------------------------+
7
// | branch        : BSF (Best So Far)
8
// | file          : $RCSfile: group_perm.php,v $
9
// | last update   : $Date: 2005/01/07 23:10:51 $
10
// | last modifier : $Author: plg $
11
// | revision      : $Revision: 1.16 $
12
// +-----------------------------------------------------------------------+
13
// | This program is free software; you can redistribute it and/or modify  |
14
// | it under the terms of the GNU General Public License as published by  |
15
// | the Free Software Foundation                                          |
16
// |                                                                       |
17
// | This program is distributed in the hope that it will be useful, but   |
18
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20
// | General Public License for more details.                              |
21
// |                                                                       |
22
// | You should have received a copy of the GNU General Public License     |
23
// | along with this program; if not, write to the Free Software           |
24
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25
// | USA.                                                                  |
26
// +-----------------------------------------------------------------------+
27
if( !defined("PHPWG_ROOT_PATH") )
28
{
29
	die ("Hacking attempt!");
30
}
31
 
32
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
33
//--------------------------------------------------------------------- updates
34
if (isset($_POST['falsify'])
35
         and isset($_POST['cat_true'])
36
         and count($_POST['cat_true']) > 0)
37
{
38
  // if you forbid access to a category, all sub-categories become
39
  // automatically forbidden
40
  $subcats = get_subcat_ids($_POST['cat_true']);
41
  $query = 'DELETE FROM '.GROUP_ACCESS_TABLE.'
42
    WHERE group_id = '.$_POST['group_id'].'
43
    AND cat_id IN ('.implode(',', $subcats).');';
44
  pwg_query($query);
45
}
46
else if (isset($_POST['trueify'])
47
         and isset($_POST['cat_false'])
48
         and count($_POST['cat_false']) > 0)
49
{
50
  $uppercats = get_uppercat_ids($_POST['cat_false']);
51
  $private_uppercats = array();
52
 
53
  $query = 'SELECT id
54
    FROM '.CATEGORIES_TABLE.'
55
    WHERE id IN ('.implode(',', $uppercats).')
56
    AND status = \'private\';';
57
  $result = pwg_query($query);
58
  while ($row = mysql_fetch_array($result))
59
  {
60
    array_push($private_uppercats, $row['id']);
61
  }
62
 
63
  // retrying to authorize a category which is already authorized may cause
64
  // an error (in SQL statement), so we need to know which categories are
65
  // accesible
66
  $authorized_ids = array();
67
 
68
  $query = 'SELECT cat_id
69
  FROM '.GROUP_ACCESS_TABLE.'
70
  WHERE group_id = '.$_POST['group_id'].';';
71
  $result = pwg_query($query);
72
 
73
  while ($row = mysql_fetch_array($result))
74
  {
75
    array_push($authorized_ids, $row['cat_id']);
76
  }
77
 
78
  $inserts = array();
79
  $to_autorize_ids = array_diff($private_uppercats, $authorized_ids);
80
  foreach ($to_autorize_ids as $to_autorize_id)
81
  {
82
    array_push($inserts, array('group_id' => $_POST['group_id'],
83
                               'cat_id' => $to_autorize_id));
84
  }
85
 
86
  mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $inserts);
87
}
88
 
89
//----------------------------------------------------- template initialization
90
$query = 'SELECT id,name FROM '.GROUPS_TABLE;
91
$query.= ' ORDER BY id ASC;';
92
$result = pwg_query( $query );
93
$groups_display = '<select name="group_id">';
94
$groups_nb=0;
95
while ( $row = mysql_fetch_array( $result ) )
96
{
97
  $groups_nb++;
98
  $selected = '';
99
  if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
100
		$selected = 'selected';
101
  $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name']  . '</option>';
102
}
103
$groups_display .= '</select>';
104
 
105
$action = PHPWG_ROOT_PATH.'admin.php?page=group_perm';
106
$template->set_filenames( array('groups'=>'admin/group_perm.tpl') );
107
$template->assign_vars(array(
108
  'S_GROUP_SELECT'=>$groups_display,
109
  'L_GROUP_SELECT'=>$lang['group_list_title'],
110
  'L_LOOK_UP'=>$lang['edit'],
111
  'S_GROUP_ACTION'=>add_session_id($action)
112
  ));
113
 
114
if ($groups_nb) 
115
{
116
  $template->assign_block_vars('select_box',array());
117
}
118
 
119
if ( isset( $_POST['edit']) || isset($_POST['falsify']) || isset($_POST['trueify']))
120
{
121
  $template->set_filenames(array('groups_auth'=>'admin/cat_options.tpl'));
122
  $template->assign_vars(array(
123
      'L_RESET'=>$lang['reset'],
124
      'L_CAT_OPTIONS_TRUE'=>$lang['authorized'],
125
      'L_CAT_OPTIONS_FALSE'=>$lang['forbidden'],
126
      'L_CAT_OPTIONS_INFO'=>$lang['permuser_info'],
127
 
128
      'HIDDEN_NAME'=> 'group_id',
129
      'HIDDEN_VALUE'=>$_POST['group_id'],
130
      'F_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_perm'),
131
  ));
132
 
133
  // only private categories are listed
134
  $query_true = '
135
SELECT id,name,uppercats,global_rank
136
  FROM '.CATEGORIES_TABLE.' INNER JOIN '.GROUP_ACCESS_TABLE.' ON cat_id = id
137
  WHERE status = \'private\'
138
    AND group_id = '.$_POST['group_id'].'
139
;';
140
  display_select_cat_wrapper($query_true,array(),'category_option_true');
141
 
142
  $result = pwg_query($query_true);
143
  $authorized_ids = array();
144
  while ($row = mysql_fetch_array($result))
145
  {
146
    array_push($authorized_ids, $row['id']);
147
  }
148
 
149
  $query_false = '
150
SELECT id,name,uppercats,global_rank
151
  FROM '.CATEGORIES_TABLE.'
152
  WHERE status = \'private\'';
153
  if (count($authorized_ids) > 0)
154
  {
155
    $query_false.= '
156
    AND id NOT IN ('.implode(',', $authorized_ids).')';
157
  }
158
  $query_false.= '
159
;';
160
  display_select_cat_wrapper($query_false,array(),'category_option_false');
161
 
162
  $template->assign_var_from_handle('ADMIN_CONTENT_2', 'groups_auth');
163
}
164
//----------------------------------------------------------- sending html code
165
$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
166
 
167
?>