+++ /dev/null
-<?php\r
-/*\r
-UserCake Version: 2.0.2\r
-http://usercake.com\r
-*/\r
-\r
-require_once("models/config.php");\r
-if (!securePage($_SERVER['PHP_SELF'])){die();}\r
-$permissionId = $_GET['id'];\r
-\r
-//Check if selected permission level exists\r
-if(!permissionIdExists($permissionId)){\r
- header("Location: admin_permissions.php"); die(); \r
-}\r
-\r
-$permissionDetails = fetchPermissionDetails($permissionId); //Fetch information specific to permission level\r
-\r
-//Forms posted\r
-if(!empty($_POST)){\r
- \r
- //Delete selected permission level\r
- if(!empty($_POST['delete'])){\r
- $deletions = $_POST['delete'];\r
- if ($deletion_count = deletePermission($deletions)){\r
- $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR"); \r
- }\r
- }\r
- else\r
- {\r
- //Update permission level name\r
- if($permissionDetails['name'] != $_POST['name']) {\r
- $permission = trim($_POST['name']);\r
- \r
- //Validate new name\r
- if (permissionNameExists($permission)){\r
- $errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission));\r
- }\r
- elseif (minMaxRange(1, 50, $permission)){\r
- $errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50)); \r
- }\r
- else {\r
- if (updatePermissionName($permissionId, $permission)){\r
- $successes[] = lang("PERMISSION_NAME_UPDATE", array($permission));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR");\r
- }\r
- }\r
- }\r
- \r
- //Remove access to pages\r
- if(!empty($_POST['removePermission'])){\r
- $remove = $_POST['removePermission'];\r
- if ($deletion_count = removePermission($permissionId, $remove)) {\r
- $successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR");\r
- }\r
- }\r
- \r
- //Add access to pages\r
- if(!empty($_POST['addPermission'])){\r
- $add = $_POST['addPermission'];\r
- if ($addition_count = addPermission($permissionId, $add)) {\r
- $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR");\r
- }\r
- }\r
- \r
- //Remove access to pages\r
- if(!empty($_POST['removePage'])){\r
- $remove = $_POST['removePage'];\r
- if ($deletion_count = removePage($remove, $permissionId)) {\r
- $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR");\r
- }\r
- }\r
- \r
- //Add access to pages\r
- if(!empty($_POST['addPage'])){\r
- $add = $_POST['addPage'];\r
- if ($addition_count = addPage($add, $permissionId)) {\r
- $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));\r
- }\r
- else {\r
- $errors[] = lang("SQL_ERROR");\r
- }\r
- }\r
- $permissionDetails = fetchPermissionDetails($permissionId);\r
- }\r
-}\r
-\r
-$pagePermissions = fetchPermissionPages($permissionId); //Retrieve list of accessible pages\r
-$permissionUsers = fetchPermissionUsers($permissionId); //Retrieve list of users with membership\r
-$userData = fetchAllUsers(); //Fetch all users\r
-$pageData = fetchAllPages(); //Fetch all pages\r
-\r
-require_once("models/header.php");\r
-echo "\r
-<body>\r
-<div id='wrapper'>\r
-<div id='top'><div id='logo'></div></div>\r
-<div id='content'>\r
-<h1>UserCake</h1>\r
-<h2>Admin Permissions</h2>\r
-<div id='left-nav'>";\r
-\r
-include("left-nav.php");\r
-\r
-echo "\r
-</div>\r
-<div id='main'>";\r
-\r
-echo resultBlock($errors,$successes);\r
-\r
-echo "\r
-<form name='adminPermission' action='".$_SERVER['PHP_SELF']."?id=".$permissionId."' method='post'>\r
-<table class='admin'>\r
-<tr><td>\r
-<h3>Permission Information</h3>\r
-<div id='regbox'>\r
-<p>\r
-<label>ID:</label>\r
-".$permissionDetails['id']."\r
-</p>\r
-<p>\r
-<label>Name:</label>\r
-<input type='text' name='name' value='".$permissionDetails['name']."' />\r
-</p>\r
-<label>Delete:</label>\r
-<input type='checkbox' name='delete[".$permissionDetails['id']."]' id='delete[".$permissionDetails['id']."]' value='".$permissionDetails['id']."'>\r
-</p>\r
-</div></td><td>\r
-<h3>Permission Membership</h3>\r
-<div id='regbox'>\r
-<p>\r
-Remove Members:";\r
-\r
-//List users with permission level\r
-foreach ($userData as $v1) {\r
- if(isset($permissionUsers[$v1['id']])){\r
- echo "<br><input type='checkbox' name='removePermission[".$v1['id']."]' id='removePermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['display_name'];\r
- }\r
-}\r
-\r
-echo"\r
-</p><p>Add Members:";\r
-\r
-//List users without permission level\r
-foreach ($userData as $v1) {\r
- if(!isset($permissionUsers[$v1['id']])){\r
- echo "<br><input type='checkbox' name='addPermission[".$v1['id']."]' id='addPermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['display_name'];\r
- }\r
-}\r
-\r
-echo"\r
-</p>\r
-</div>\r
-</td>\r
-<td>\r
-<h3>Permission Access</h3>\r
-<div id='regbox'>\r
-<p>\r
-Public Access:";\r
-\r
-//List public pages\r
-foreach ($pageData as $v1) {\r
- if($v1['private'] != 1){\r
- echo "<br>".$v1['page'];\r
- }\r
-}\r
-\r
-echo"\r
-</p>\r
-<p>\r
-Remove Access:";\r
-\r
-//List pages accessible to permission level\r
-foreach ($pageData as $v1) {\r
- if(isset($pagePermissions[$v1['id']]) AND $v1['private'] == 1){\r
- echo "<br><input type='checkbox' name='removePage[".$v1['id']."]' id='removePage[".$v1['id']."]' value='".$v1['id']."'> ".$v1['page'];\r
- }\r
-}\r
-\r
-echo"\r
-</p><p>Add Access:";\r
-\r
-//List pages inaccessible to permission level\r
-foreach ($pageData as $v1) {\r
- if(!isset($pagePermissions[$v1['id']]) AND $v1['private'] == 1){\r
- echo "<br><input type='checkbox' name='addPage[".$v1['id']."]' id='addPage[".$v1['id']."]' value='".$v1['id']."'> ".$v1['page'];\r
- }\r
-}\r
-\r
-echo"\r
-</p>\r
-</div>\r
-</td>\r
-</tr>\r
-</table>\r
-<p>\r
-<label> </label>\r
-<input type='submit' value='Update' class='submit' />\r
-</p>\r
-</form>\r
-</div>\r
-<div id='bottom'></div>\r
-</div>\r
-</body>\r
-</html>";\r
-\r
-?>\r