index.php @ 248

Revision 248, 4.3 KB checked in by olivier, 15 years ago (diff)
Plugins: Same as [2385]

Rev	Line
[62]	1	<?php
[225]	2	# -- BEGIN LICENSE BLOCK ----------------------------------
[62]	3	#
[225]	4	# This file is part of Dotclear 2.
[62]	5	#
[225]	6	# Copyright (c) 2003-2008 Olivier Meunier and contributors
	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK ------------------------------------
[62]	12
	13	if (!defined('DC_CONTEXT_ADMIN')) { exit; }
	14
	15	$u_id = null;
	16	$u_name = null;
	17	$chooser = false;
	18
	19	$blog_users = $core->getBlogPermissions($core->blog->id,false);
	20	$perm_types = $core->auth->getPermissionsTypes();
	21
	22	if (!empty($_POST['i_id']))
	23	{
	24	try
	25	{
	26	$rs = $core->getUser($_POST['i_id']);
	27
	28	if ($rs->isEmpty()) {
	29	throw new Exception(__('Writer does not exists.'));
	30	}
	31
	32	if ($rs->user_super) {
	33	throw new Exception(__('You cannot add or update this writer.'));
	34	}
	35
	36	if ($rs->user_id == $core->auth->userID()) {
	37	throw new Exception(__('You cannot change your own permissions.'));
	38	}
	39
	40	$u_id = $rs->user_id;
	41	$u_name = dcUtils::getUserCN($u_id,$rs->user_name,$rs->user_firstname,$rs->user_displayname);
	42	unset($rs);
	43	$chooser = true;
	44
	45	if (!empty($_POST['set_perms']))
	46	{
	47	$set_perms = array();
	48
	49	if (!empty($_POST['perm']))
	50	{
	51	foreach ($_POST['perm'] as $perm_id => $v)
	52	{
	53	if (!DC_WR_ALLOW_ADMIN && $perm_id == 'admin') {
	54	continue;
	55	}
	56
	57	if ($v) {
	58	$set_perms[$perm_id] = true;
	59	}
	60	}
	61	}
	62
	63	$core->auth->sudo(array($core,'setUserBlogPermissions'),$u_id, $core->blog->id, $set_perms, true);
	64	http::redirect($p_url.'&pup=1');
	65	}
	66	}
	67	catch (Exception $e)
	68	{
	69	$core->error->add($e->getMessage());
	70	}
	71	}
	72	elseif (!empty($_GET['u_id']))
	73	{
	74	try
	75	{
	76	if (!isset($blog_users[$_GET['u_id']])) {
	77	throw new Exception(__('Writer does not exists.'));
	78	}
	79
	80	if ($_GET['u_id'] == $core->auth->userID()) {
	81	throw new Exception(__('You cannot change your own permissions.'));
	82	}
	83
	84	$u_id = $_GET['u_id'];
	85	$u_name = dcUtils::getUserCN($u_id,$blog_users[$u_id]['name'],
	86	$blog_users[$u_id]['firstname'],$blog_users[$u_id]['displayname']);
	87	$chooser = true;
	88	}
	89	catch (Exception $e)
	90	{
	91	$core->error->add($e->getMessage());
	92	}
	93	}
	94	?>
	95	<html>
	96	<head>
	97	<title><?php echo __('Writers'); ?></title>
	98	</head>
	99
	100	<body>
	101	<?php
	102	if (!$chooser)
	103	{
[248]	104	echo '<h2>'.html::escapeHTML($core->blog->name).' &rsaquo; '.__('Writers').'</h2>';
[62]	105
	106	echo '<h3>'.__('Active writers').'</h3>';
	107
	108	if (count($blog_users) <= 1)
	109	{
	110	echo '<p>'.__('No writers').'</p>';
	111	}
	112	else
	113	{
	114	foreach ($blog_users as $k => $v)
	115	{
	116	if (count($v['p']) > 0 && $k != $core->auth->userID())
	117	{
	118	echo
	119	'<h4>'.html::escapeHTML($k).
	120	' ('.html::escapeHTML(dcUtils::getUserCN(
	121	$k, $v['name'], $v['firstname'], $v['displayname']
	122	)).') - '.
	123	'<a href="'.$p_url.'&u_id='.html::escapeHTML($k).'">'.
	124	__('change permissions').'</a></h4>';
	125
	126	echo '<ul>';
	127	foreach ($v['p'] as $p => $V) {
	128	echo '<li>'.__($perm_types[$p]).'</li>';
	129	}
	130	echo '</ul>';
	131	}
	132	}
	133	}
	134
	135	echo '<h3>'.__('Invite a new writer').'</h3>';
	136
	137	echo
	138	'<form action="'.$p_url.'" method="post">'.
	139	'<p><label class="classic">'.__('Login:').' '.
	140	form::field('i_id',32,32,$u_id).'</label> '.
[146]	141	'<input type="submit" value="'.__('invite').'" />'.
	142	$core->formNonce().'</p>'.
[62]	143	'</form>';
	144	}
	145	elseif ($u_id)
	146	{
	147	if (isset($blog_users[$u_id])) {
	148	$user_perm = $blog_users[$u_id]['p'];
	149	} else {
	150	$user_perm = array();
	151	}
	152
	153	echo
	154	'<h2>'.html::escapeHTML($core->blog->name).
[248]	155	' &rsaquo; <a href="'.$p_url.'">'.__('Writers').'</a>'.
	156	' &rsaquo; '.html::escapeHTML($u_id).'</h2>'.
[62]	157
	158	'<p>'.sprintf(__('You are about to set permissions on the blog %s for user %s (%s).'),
[194]	159	'<strong>'.html::escapeHTML($core->blog->name).'</strong>',
[62]	160	'<strong>'.$u_id.'</strong>',
	161	html::escapeHTML($u_name)).'</p>'.
	162
	163	'<form action="'.$p_url.'" method="post">';
	164
	165	foreach ($perm_types as $perm_id => $perm)
	166	{
	167	if (!DC_WR_ALLOW_ADMIN && $perm_id == 'admin') {
	168	continue;
	169	}
	170
	171	$checked = isset($user_perm[$perm_id]) && $user_perm[$perm_id];
	172
	173	echo
	174	'<p><label class="classic">'.
	175	form::checkbox(array('perm['.html::escapeHTML($perm_id).']'),
	176	1,$checked).' '.
	177	__($perm).'</label></p>';
	178	}
	179
	180	echo
	181	'<p><input type="submit" value="'.__('save').'" />'.
[146]	182	$core->formNonce().
[62]	183	form::hidden('i_id',html::escapeHTML($u_id)).
	184	form::hidden('set_perms',1).'</p>'.
	185	'</form>';
	186	}
	187	?>
	188	</body>
	189	</html>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: plugins/writers/index.php @ 248

Download in other formats:

Sites map