diff options
Diffstat (limited to 'includes/pages/admin_groups.php')
-rw-r--r-- | includes/pages/admin_groups.php | 111 |
1 files changed, 56 insertions, 55 deletions
diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 388e2c68..04e4320d 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -1,97 +1,98 @@ <?php -function admin_groups_title() { - return _("Grouprights"); +function admin_groups_title() +{ + return _("Grouprights"); } -function admin_groups() { - $html = ""; - $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`"); - if (! isset($_REQUEST["action"])) { - $groups_table = []; - foreach ($groups as $group) { - $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'"); - $privileges_html = []; +function admin_groups() +{ + $html = ""; + $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`"); + if (! isset($_REQUEST["action"])) { + $groups_table = []; + foreach ($groups as $group) { + $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'"); + $privileges_html = []; - foreach ($privileges as $priv) { - $privileges_html[] = $priv['name']; - } + foreach ($privileges as $priv) { + $privileges_html[] = $priv['name']; + } - $groups_table[] = [ + $groups_table[] = [ 'name' => $group['Name'], 'privileges' => join(', ', $privileges_html), - 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') + 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') ]; - } + } - return page_with_title(admin_groups_title(), [ + return page_with_title(admin_groups_title(), [ table([ 'name' => _("Name"), 'privileges' => _("Privileges"), - 'actions' => '' - ], $groups_table) + 'actions' => '' + ], $groups_table) ]); - } else { - switch ($_REQUEST["action"]) { + } else { + switch ($_REQUEST["action"]) { case 'edit': if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; + $group_id = $_REQUEST['id']; } else { - return error("Incomplete call, missing Groups ID.", true); + return error("Incomplete call, missing Groups ID.", true); } $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); if (count($group) > 0) { - list($group) = $group; - $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`"); - $privileges_html = ""; - $privileges_form = []; - foreach ($privileges as $priv) { - $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']); - $privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']); - } + list($group) = $group; + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`"); + $privileges_html = ""; + $privileges_form = []; + foreach ($privileges as $priv) { + $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']); + $privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']); + } - $privileges_form[] = form_submit('submit', _("Save")); - $html .= page_with_title(_("Edit group"), [ - form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) + $privileges_form[] = form_submit('submit', _("Save")); + $html .= page_with_title(_("Edit group"), [ + form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) ]); } else { - return error("No Group found.", true); + return error("No Group found.", true); } break; case 'save': if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; + $group_id = $_REQUEST['id']; } else { - return error("Incomplete call, missing Groups ID.", true); + return error("Incomplete call, missing Groups ID.", true); } $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); if (! is_array($_REQUEST['privileges'])) { - $_REQUEST['privileges'] = []; + $_REQUEST['privileges'] = []; } if (count($group) > 0) { - list($group) = $group; - sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'"); - $privilege_names = []; - foreach ($_REQUEST['privileges'] as $priv) { - if (preg_match("/^[0-9]{1,}$/", $priv)) { - $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); - if (count($group_privileges_source) > 0) { - sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'"); - $privilege_names[] = $group_privileges_source[0]['name']; - } + list($group) = $group; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'"); + $privilege_names = []; + foreach ($_REQUEST['privileges'] as $priv) { + if (preg_match("/^[0-9]{1,}$/", $priv)) { + $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); + if (count($group_privileges_source) > 0) { + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'"); + $privilege_names[] = $group_privileges_source[0]['name']; + } + } } - } - engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names)); - redirect(page_link_to("admin_groups")); + engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names)); + redirect(page_link_to("admin_groups")); } else { - return error("No Group found.", true); + return error("No Group found.", true); } break; } - } - return $html; + } + return $html; } -?> |