git.ucc.asn.au / matches / MCTX3420.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge branch 'master' of https://github.com/szmoore/MCTX3420 into users
[matches/MCTX3420.git] / testing / MCTXWeb / public_html / users / admin_permission.php
1 <?php\r
2 /*\r
3 UserCake Version: 2.0.2\r
4 http://usercake.com\r
5 */\r
6 \r
7 require_once("models/config.php");\r
8 if (!securePage($_SERVER['PHP_SELF'])){die();}\r
9 $permissionId = $_GET['id'];\r
10 \r
11 //Check if selected permission level exists\r
12 if(!permissionIdExists($permissionId)){\r
13         header("Location: admin_permissions.php"); die();       \r
14 }\r
15 \r
16 $permissionDetails = fetchPermissionDetails($permissionId); //Fetch information specific to permission level\r
17 \r
18 //Forms posted\r
19 if(!empty($_POST)){\r
20         \r
21         //Delete selected permission level\r
22         if(!empty($_POST['delete'])){\r
23                 $deletions = $_POST['delete'];\r
24                 if ($deletion_count = deletePermission($deletions)){\r
25                 $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));\r
26                 }\r
27                 else {\r
28                         $errors[] = lang("SQL_ERROR");  \r
29                 }\r
30         }\r
31         else\r
32         {\r
33                 //Update permission level name\r
34                 if($permissionDetails['name'] != $_POST['name']) {\r
35                         $permission = trim($_POST['name']);\r
36                         \r
37                         //Validate new name\r
38                         if (permissionNameExists($permission)){\r
39                                 $errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission));\r
40                         }\r
41                         elseif (minMaxRange(1, 50, $permission)){\r
42                                 $errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50));        \r
43                         }\r
44                         else {\r
45                                 if (updatePermissionName($permissionId, $permission)){\r
46                                         $successes[] = lang("PERMISSION_NAME_UPDATE", array($permission));\r
47                                 }\r
48                                 else {\r
49                                         $errors[] = lang("SQL_ERROR");\r
50                                 }\r
51                         }\r
52                 }\r
53                 \r
54                 //Remove access to pages\r
55                 if(!empty($_POST['removePermission'])){\r
56                         $remove = $_POST['removePermission'];\r
57                         if ($deletion_count = removePermission($permissionId, $remove)) {\r
58                                 $successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count));\r
59                         }\r
60                         else {\r
61                                 $errors[] = lang("SQL_ERROR");\r
62                         }\r
63                 }\r
64                 \r
65                 //Add access to pages\r
66                 if(!empty($_POST['addPermission'])){\r
67                         $add = $_POST['addPermission'];\r
68                         if ($addition_count = addPermission($permissionId, $add)) {\r
69                                 $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));\r
70                         }\r
71                         else {\r
72                                 $errors[] = lang("SQL_ERROR");\r
73                         }\r
74                 }\r
75                 \r
76                 //Remove access to pages\r
77                 if(!empty($_POST['removePage'])){\r
78                         $remove = $_POST['removePage'];\r
79                         if ($deletion_count = removePage($remove, $permissionId)) {\r
80                                 $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));\r
81                         }\r
82                         else {\r
83                                 $errors[] = lang("SQL_ERROR");\r
84                         }\r
85                 }\r
86                 \r
87                 //Add access to pages\r
88                 if(!empty($_POST['addPage'])){\r
89                         $add = $_POST['addPage'];\r
90                         if ($addition_count = addPage($add, $permissionId)) {\r
91                                 $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));\r
92                         }\r
93                         else {\r
94                                 $errors[] = lang("SQL_ERROR");\r
95                         }\r
96                 }\r
97                         $permissionDetails = fetchPermissionDetails($permissionId);\r
98         }\r
99 }\r
100 \r
101 $pagePermissions = fetchPermissionPages($permissionId); //Retrieve list of accessible pages\r
102 $permissionUsers = fetchPermissionUsers($permissionId); //Retrieve list of users with membership\r
103 $userData = fetchAllUsers(); //Fetch all users\r
104 $pageData = fetchAllPages(); //Fetch all pages\r
105 \r
106 require_once("models/header.php");\r
107 echo "\r
108 <body>\r
109 <div id='wrapper'>\r
110 <div id='top'><div id='logo'></div></div>\r
111 <div id='content'>\r
112 <h1>UserCake</h1>\r
113 <h2>Admin Permissions</h2>\r
114 <div id='left-nav'>";\r
115 \r
116 include("left-nav.php");\r
117 \r
118 echo "\r
119 </div>\r
120 <div id='main'>";\r
121 \r
122 echo resultBlock($errors,$successes);\r
123 \r
124 echo "\r
125 <form name='adminPermission' action='".$_SERVER['PHP_SELF']."?id=".$permissionId."' method='post'>\r
126 <table class='admin'>\r
127 <tr><td>\r
128 <h3>Permission Information</h3>\r
129 <div id='regbox'>\r
130 <p>\r
131 <label>ID:</label>\r
132 ".$permissionDetails['id']."\r
133 </p>\r
134 <p>\r
135 <label>Name:</label>\r
136 <input type='text' name='name' value='".$permissionDetails['name']."' />\r
137 </p>\r
138 <label>Delete:</label>\r
139 <input type='checkbox' name='delete[".$permissionDetails['id']."]' id='delete[".$permissionDetails['id']."]' value='".$permissionDetails['id']."'>\r
140 </p>\r
141 </div></td><td>\r
142 <h3>Permission Membership</h3>\r
143 <div id='regbox'>\r
144 <p>\r
145 Remove Members:";\r
146 \r
147 //List users with permission level\r
148 foreach ($userData as $v1) {\r
149         if(isset($permissionUsers[$v1['id']])){\r
150                 echo "<br><input type='checkbox' name='removePermission[".$v1['id']."]' id='removePermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['display_name'];\r
151         }\r
152 }\r
153 \r
154 echo"\r
155 </p><p>Add Members:";\r
156 \r
157 //List users without permission level\r
158 foreach ($userData as $v1) {\r
159         if(!isset($permissionUsers[$v1['id']])){\r
160                 echo "<br><input type='checkbox' name='addPermission[".$v1['id']."]' id='addPermission[".$v1['id']."]' value='".$v1['id']."'> ".$v1['display_name'];\r
161         }\r
162 }\r
163 \r
164 echo"\r
165 </p>\r
166 </div>\r
167 </td>\r
168 <td>\r
169 <h3>Permission Access</h3>\r
170 <div id='regbox'>\r
171 <p>\r
172 Public Access:";\r
173 \r
174 //List public pages\r
175 foreach ($pageData as $v1) {\r
176         if($v1['private'] != 1){\r
177                 echo "<br>".$v1['page'];\r
178         }\r
179 }\r
180 \r
181 echo"\r
182 </p>\r
183 <p>\r
184 Remove Access:";\r
185 \r
186 //List pages accessible to permission level\r
187 foreach ($pageData as $v1) {\r
188         if(isset($pagePermissions[$v1['id']]) AND $v1['private'] == 1){\r
189                 echo "<br><input type='checkbox' name='removePage[".$v1['id']."]' id='removePage[".$v1['id']."]' value='".$v1['id']."'> ".$v1['page'];\r
190         }\r
191 }\r
192 \r
193 echo"\r
194 </p><p>Add Access:";\r
195 \r
196 //List pages inaccessible to permission level\r
197 foreach ($pageData as $v1) {\r
198         if(!isset($pagePermissions[$v1['id']]) AND $v1['private'] == 1){\r
199                 echo "<br><input type='checkbox' name='addPage[".$v1['id']."]' id='addPage[".$v1['id']."]' value='".$v1['id']."'> ".$v1['page'];\r
200         }\r
201 }\r
202 \r
203 echo"\r
204 </p>\r
205 </div>\r
206 </td>\r
207 </tr>\r
208 </table>\r
209 <p>\r
210 <label>&nbsp;</label>\r
211 <input type='submit' value='Update' class='submit' />\r
212 </p>\r
213 </form>\r
214 </div>\r
215 <div id='bottom'></div>\r
216 </div>\r
217 </body>\r
218 </html>";\r
219 \r
220 ?>\r
Repository for MCTX3420 2013 Project, Team 4

UCC git Repository :: git.ucc.asn.au