summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorPhilip Häusler <msquare@notrademark.de>2011-06-02 22:40:08 +0200
committerPhilip Häusler <msquare@notrademark.de>2011-06-02 22:40:08 +0200
commit3afd05636e46aedb53e1c1d954d23d6563b5e104 (patch)
treeaa684fe9c652ddd4d929466e0f7b20a9b21cb593 /includes
parentc0b15dfe0dce7c4603cc7ec7c19b5a6cf226dc95 (diff)
admin groups
Diffstat (limited to 'includes')
-rw-r--r--includes/funktion_menu.php40
-rw-r--r--includes/pages/admin_groups.php73
-rw-r--r--includes/sys_menu.php3
3 files changed, 75 insertions, 41 deletions
diff --git a/includes/funktion_menu.php b/includes/funktion_menu.php
deleted file mode 100644
index 0a324758..00000000
--- a/includes/funktion_menu.php
+++ /dev/null
@@ -1,40 +0,0 @@
-<?php
-// Menue generieren
-function ShowMenu($MenuName) {
- global $MenueTableStart, $MenueTableEnd, $_SESSION, $debug, $url, $ENGEL_ROOT;
- $Gefunden = false;
-
- // Ueberschift
- $Text = "";
-
- // Eintraege
- foreach ($_SESSION['CVS'] as $Key => $Entry)
- if (strpos($Key, ".php") > 0)
- if ((strpos("00$Key", "0$MenuName") > 0) || ((strlen($MenuName) == 0) && (strpos("0$Key", "/") == 0))) {
- $TempName = Get_Text($Key, true);
-
- if ((true || $debug) && ($TempName == ""))
- $TempName = "not found: \"$Key\"";
-
- if ($Entry == "Y") {
- //zum absichtlkichen ausblenden von einträgen
- if (strlen($TempName) > 1) {
- //sonderfälle:
-
- if ($Key == "admin/faq.php")
- $TempName .= " (" . noAnswer() . ")";
- elseif ($Key == "credits.php") continue;
- //ausgabe
- $Text .= "<li><a href=\"" . $url . $ENGEL_ROOT . $Key . "\">$TempName</a></li>\n";
- $Gefunden = true;
- }
- }
- elseif ($debug) {
- $Gefunden = true;
- $Text .= "<li>$TempName ($Key)</li>\n";
- }
- }
- if ($Gefunden)
- echo '<nav class="container"><h4>' . Get_Text("$MenuName/") . '</h4><ul class="content">' . $Text . '</ul></nav>';
-} //function ShowMenue
-?>
diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php
new file mode 100644
index 00000000..5d9d8180
--- /dev/null
+++ b/includes/pages/admin_groups.php
@@ -0,0 +1,73 @@
+<?php
+function admin_groups() {
+ global $user;
+
+ $html = "";
+ $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`");
+ if (!isset ($_REQUEST["action"])) {
+ $groups_html = "";
+ foreach ($groups as $group) {
+ $groups_html .= '<tr>';
+ $groups_html .= '<td>' . $group['Name'] . '</td>';
+ $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID']));
+ $privileges_html = array ();
+ foreach ($privileges as $priv)
+ $privileges_html[] = $priv['name'];
+ $groups_html .= '<td>' . join(", ", $privileges_html) . '</td>';
+ $groups_html .= '<td><a href="' . page_link_to("admin_groups") . '&action=edit&id=' . $group['UID'] . '">Ändern</a></td>';
+ $groups_html .= '</tr>';
+ }
+
+ return template_render('../templates/admin_groups.html', array (
+ 'nick' => $user['Nick'],
+ 'groups' => $groups_html
+ ));
+ } else {
+ switch ($_REQUEST["action"]) {
+ case 'edit' :
+ if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
+ $id = $_REQUEST['id'];
+ else
+ return error("Incomplete call, missing Groups ID.");
+
+ $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+ if (count($room) > 0) {
+ list ($room) = $room;
+ $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`");
+ $privileges_html = "";
+ foreach ($privileges as $priv)
+ $privileges_html .= '<tr><td><input type="checkbox" name="privileges[]" value="' . $priv['id'] . '"' . ($priv['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $priv['name'] . '</td><td>' . $priv['desc'] . '</td></tr>';
+
+ $html .= template_render('../templates/admin_groups_edit_form.html', array (
+ 'link' => page_link_to("admin_groups"),
+ 'id' => $id,
+ 'privileges' => $privileges_html
+ ));
+ } else
+ return error("No Group found.");
+ break;
+
+ case 'save' :
+ if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id']))
+ $id = $_REQUEST['id'];
+ else
+ return error("Incomplete call, missing Groups ID.");
+
+ $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+ if (!is_array($_REQUEST['privileges']))
+ $_REQUEST['privileges'] = array ();
+ if (count($room) > 0) {
+ list ($room) = $room;
+ sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id));
+ foreach ($_REQUEST['privileges'] as $priv)
+ if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0)
+ sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv));
+ header("Location: " . page_link_to("admin_groups"));
+ } else
+ return error("No Group found.");
+ break;
+ }
+ }
+ return $html;
+}
+?>
diff --git a/includes/sys_menu.php b/includes/sys_menu.php
index 822d558f..739cb9d1 100644
--- a/includes/sys_menu.php
+++ b/includes/sys_menu.php
@@ -29,7 +29,8 @@ function make_navigation() {
// Admin Navigation
$menu .= make_navigation_for(Get_Text('admin/'), array (
"admin_angel_types",
- "admin_rooms"
+ "admin_rooms",
+ "admin_groups"
));
return $menu;
}