index.php @ 3302

Revision 3302, 4.5 KB checked in by brol, 9 years ago (diff)
v1.2 modifs licence + encodage fichier + fin fichiers php, requiert dc2.6

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ----------------------------------
3	#
4	# This file is part of Writers, a plugin for Dotclear.
5	#
6	# Copyright (c) 2003-2008 Olivier Meunier and contributors
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK ------------------------------------
12
13	if (!defined('DC_CONTEXT_ADMIN')) { exit; }
14
15	$page_title = __('Writers');
16
17	$u_id = null;
18	$u_name = null;
19	$chooser = false;
20
21	$blog_users = $core->getBlogPermissions($core->blog->id,false);
22	$perm_types = $core->auth->getPermissionsTypes();
23
24	if (!empty($_POST['i_id']))
25	{
26	try
27	{
28	$rs = $core->getUser($_POST['i_id']);
29
30	if ($rs->isEmpty()) {
31	throw new Exception(__('Writer does not exists.'));
32	}
33
34	if ($rs->user_super) {
35	throw new Exception(__('You cannot add or update this writer.'));
36	}
37
38	if ($rs->user_id == $core->auth->userID()) {
39	throw new Exception(__('You cannot change your own permissions.'));
40	}
41
42	$u_id = $rs->user_id;
43	$u_name = dcUtils::getUserCN($u_id,$rs->user_name,$rs->user_firstname,$rs->user_displayname);
44	unset($rs);
45	$chooser = true;
46
47	if (!empty($_POST['set_perms']))
48	{
49	$set_perms = array();
50
51	if (!empty($_POST['perm']))
52	{
53	foreach ($_POST['perm'] as $perm_id => $v)
54	{
55	if (!DC_WR_ALLOW_ADMIN && $perm_id == 'admin') {
56	continue;
57	}
58
59	if ($v) {
60	$set_perms[$perm_id] = true;
61	}
62	}
63	}
64
65	$core->auth->sudo(array($core,'setUserBlogPermissions'),$u_id, $core->blog->id, $set_perms, true);
66	http::redirect($p_url.'&pup=1');
67	}
68	}
69	catch (Exception $e)
70	{
71	$core->error->add($e->getMessage());
72	}
73	}
74	elseif (!empty($_GET['u_id']))
75	{
76	try
77	{
78	if (!isset($blog_users[$_GET['u_id']])) {
79	throw new Exception(__('Writer does not exists.'));
80	}
81
82	if ($_GET['u_id'] == $core->auth->userID()) {
83	throw new Exception(__('You cannot change your own permissions.'));
84	}
85
86	$u_id = $_GET['u_id'];
87	$u_name = dcUtils::getUserCN($u_id,$blog_users[$u_id]['name'],
88	$blog_users[$u_id]['firstname'],$blog_users[$u_id]['displayname']);
89	$chooser = true;
90	}
91	catch (Exception $e)
92	{
93	$core->error->add($e->getMessage());
94	}
95	}
96	?>
97	<html>
98	<head>
99	<title><?php echo $page_title; ?></title>
100	</head>
101
102	<body>
103	<?php
104	if (!$chooser)
105	{
106	echo dcPage::breadcrumb(
107	array(
108	html::escapeHTML($core->blog->name) => '',
109	'<span class="page-title">'.$page_title.'</span>' => ''
110	));
111
112	echo '<h3>'.__('Active writers').'</h3>';
113
114	if (count($blog_users) <= 1)
115	{
116	echo '<p>'.__('No writers').'</p>';
117	}
118	else
119	{
120	foreach ($blog_users as $k => $v)
121	{
122	if (count($v['p']) > 0 && $k != $core->auth->userID())
123	{
124	echo
125	'<h4>'.html::escapeHTML($k).
126	' ('.html::escapeHTML(dcUtils::getUserCN(
127	$k, $v['name'], $v['firstname'], $v['displayname']
128	)).') - '.
129	'<a href="'.$p_url.'&u_id='.html::escapeHTML($k).'">'.
130	__('change permissions').'</a></h4>';
131
132	echo '<ul>';
133	foreach ($v['p'] as $p => $V) {
134	echo '<li>'.__($perm_types[$p]).'</li>';
135	}
136	echo '</ul>';
137	}
138	}
139	}
140
141	echo '<h3>'.__('Invite a new writer').'</h3>';
142
143	echo
144	'<form action="'.$p_url.'" method="post">'.
145	'<p><label class="classic" for="i_id">'.__('Author ID (login): ').' '.
146	form::field('i_id',32,32,$u_id).'</label> '.
147	'<input type="submit" value="'.__('Invite').'" />'.
148	$core->formNonce().'</p>'.
149	'</form>';
150	}
151	elseif ($u_id)
152	{
153	if (isset($blog_users[$u_id])) {
154	$user_perm = $blog_users[$u_id]['p'];
155	} else {
156	$user_perm = array();
157	}
158
159	echo dcPage::breadcrumb(
160	array(
161	html::escapeHTML($core->blog->name) => '',
162	'<span class="page-title">'.$page_title.'</span>' => ''
163	));
164
165	echo '<p><a class="back" href="'.html::escapeURL('plugin.php?p=writers&pup=1').'">'.__('Back').'</a></p>';
166	echo
167	'<p>'.sprintf(__('You are about to set permissions on the blog %s for user %s (%s).'),
168	'<strong>'.html::escapeHTML($core->blog->name).'</strong>',
169	'<strong>'.$u_id.'</strong>',
170	html::escapeHTML($u_name)).'</p>'.
171
172	'<form action="'.$p_url.'" method="post">';
173
174	foreach ($perm_types as $perm_id => $perm)
175	{
176	if (!DC_WR_ALLOW_ADMIN && $perm_id == 'admin') {
177	continue;
178	}
179
180	$checked = isset($user_perm[$perm_id]) && $user_perm[$perm_id];
181
182	echo
183	'<p><label class="classic">'.
184	form::checkbox(array('perm['.html::escapeHTML($perm_id).']'),
185	1,$checked).' '.
186	__($perm).'</label></p>';
187	}
188
189	echo
190	'<p><input type="submit" value="'.__('Save').'" />'.
191	$core->formNonce().
192	form::hidden('i_id',html::escapeHTML($u_id)).
193	form::hidden('set_perms',1).'</p>'.
194	'</form>';
195	}
196
197	dcPage::helpBlock('writers');
198	?>
199	</body>
200	</html>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: plugins/writers/index.php @ 3302

Download in other formats:

Sites map