diff options
author | Philip Häusler <msquare@notrademark.de> | 2011-06-02 22:40:08 +0200 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2011-06-02 22:40:08 +0200 |
commit | 3afd05636e46aedb53e1c1d954d23d6563b5e104 (patch) | |
tree | aa684fe9c652ddd4d929466e0f7b20a9b21cb593 /includes | |
parent | c0b15dfe0dce7c4603cc7ec7c19b5a6cf226dc95 (diff) |
admin groups
Diffstat (limited to 'includes')
-rw-r--r-- | includes/funktion_menu.php | 40 | ||||
-rw-r--r-- | includes/pages/admin_groups.php | 73 | ||||
-rw-r--r-- | includes/sys_menu.php | 3 |
3 files changed, 75 insertions, 41 deletions
diff --git a/includes/funktion_menu.php b/includes/funktion_menu.php deleted file mode 100644 index 0a324758..00000000 --- a/includes/funktion_menu.php +++ /dev/null @@ -1,40 +0,0 @@ -<?php -// Menue generieren -function ShowMenu($MenuName) { - global $MenueTableStart, $MenueTableEnd, $_SESSION, $debug, $url, $ENGEL_ROOT; - $Gefunden = false; - - // Ueberschift - $Text = ""; - - // Eintraege - foreach ($_SESSION['CVS'] as $Key => $Entry) - if (strpos($Key, ".php") > 0) - if ((strpos("00$Key", "0$MenuName") > 0) || ((strlen($MenuName) == 0) && (strpos("0$Key", "/") == 0))) { - $TempName = Get_Text($Key, true); - - if ((true || $debug) && ($TempName == "")) - $TempName = "not found: \"$Key\""; - - if ($Entry == "Y") { - //zum absichtlkichen ausblenden von einträgen - if (strlen($TempName) > 1) { - //sonderfälle: - - if ($Key == "admin/faq.php") - $TempName .= " (" . noAnswer() . ")"; - elseif ($Key == "credits.php") continue; - //ausgabe - $Text .= "<li><a href=\"" . $url . $ENGEL_ROOT . $Key . "\">$TempName</a></li>\n"; - $Gefunden = true; - } - } - elseif ($debug) { - $Gefunden = true; - $Text .= "<li>$TempName ($Key)</li>\n"; - } - } - if ($Gefunden) - echo '<nav class="container"><h4>' . Get_Text("$MenuName/") . '</h4><ul class="content">' . $Text . '</ul></nav>'; -} //function ShowMenue -?> diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php new file mode 100644 index 00000000..5d9d8180 --- /dev/null +++ b/includes/pages/admin_groups.php @@ -0,0 +1,73 @@ +<?php +function admin_groups() { + global $user; + + $html = ""; + $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`"); + if (!isset ($_REQUEST["action"])) { + $groups_html = ""; + foreach ($groups as $group) { + $groups_html .= '<tr>'; + $groups_html .= '<td>' . $group['Name'] . '</td>'; + $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID'])); + $privileges_html = array (); + foreach ($privileges as $priv) + $privileges_html[] = $priv['name']; + $groups_html .= '<td>' . join(", ", $privileges_html) . '</td>'; + $groups_html .= '<td><a href="' . page_link_to("admin_groups") . '&action=edit&id=' . $group['UID'] . '">Ändern</a></td>'; + $groups_html .= '</tr>'; + } + + return template_render('../templates/admin_groups.html', array ( + 'nick' => $user['Nick'], + 'groups' => $groups_html + )); + } else { + switch ($_REQUEST["action"]) { + case 'edit' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`"); + $privileges_html = ""; + foreach ($privileges as $priv) + $privileges_html .= '<tr><td><input type="checkbox" name="privileges[]" value="' . $priv['id'] . '"' . ($priv['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $priv['name'] . '</td><td>' . $priv['desc'] . '</td></tr>'; + + $html .= template_render('../templates/admin_groups_edit_form.html', array ( + 'link' => page_link_to("admin_groups"), + 'id' => $id, + 'privileges' => $privileges_html + )); + } else + return error("No Group found."); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (!is_array($_REQUEST['privileges'])) + $_REQUEST['privileges'] = array (); + if (count($room) > 0) { + list ($room) = $room; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id)); + foreach ($_REQUEST['privileges'] as $priv) + if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0) + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv)); + header("Location: " . page_link_to("admin_groups")); + } else + return error("No Group found."); + break; + } + } + return $html; +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 822d558f..739cb9d1 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -29,7 +29,8 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( "admin_angel_types", - "admin_rooms" + "admin_rooms", + "admin_groups" )); return $menu; } |