2025-06-24 10:07:18 +02:00
< ? php global $session ;
2025-06-20 19:10:23 +02:00
/**
* Project : astat - simple site engine
* File : / admin / editgroup . apnl . php
*
* This library is free software ; you can redistribute it and / or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation ; either
* version 2.1 of the License , or ( at your option ) any later version .
*
* This library is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
* Lesser General Public License for more details .
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library ; if not , write to the Free Software
* Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*
* @ link http :// www . astat . org SVN : $URL $
* @ copyright 2009 becast . at
* @ author Bernhard Jaud < bernhard at becast dot at >
* @ package astat core
* @ license http :// opensource . org / licenses / gpl - license . php GNU Public License
* @ version $Id $
*/
2025-06-23 19:41:29 +02:00
If ( ! defined ( " IN_BCWE_ADMIN " )) {
2025-06-20 19:10:23 +02:00
die ( " Dieses Script kann nicht ausserhalb des Frameworks laufen! " );
}
$addnav [ " right " ] = FALSE ;
$session -> page_begin ( " editgroup " , True );
class editgroup_panel extends admin_module {
function output (){
global $session , $config , $db , $panel , $admin , $module , $root , $firephp , $log ;
if ( isset ( $_GET [ " editgroup " ]) && $_GET [ " editgroup " ] != " " ){
if ( isset ( $_POST [ " send " ]) && ! empty ( $_POST [ " name " ]) && ! empty ( $_POST [ " group " ])){
if ( ! empty ( $_POST [ " name " ])){
$id = intval ( $_POST [ " group " ]);
$db -> query ( " UPDATE ` " . $config [ " prefix " ] . " role` SET `role_name`=' " . $db -> escape ( $_POST [ " name " ]) . " ' WHERE id=' " . $id . " ' " );
unset ( $_POST [ " name " ]);
unset ( $_POST [ " submit " ]);
unset ( $_POST [ " send " ]);
unset ( $_POST [ " group " ]);
$db -> query ( " DELETE FROM ` " . $config [ " prefix " ] . " roleset` WHERE `role_id`=' " . $id . " ' " );
foreach ( $_POST as $key => $value ){
$db -> query ( " INSERT INTO ` " . $config [ " prefix " ] . " roleset` (`role_id`,`role_value_id`,`value`) VALUES (' " . $id . " ',' " . intval ( $key ) . " ',' " . $db -> escape ( $value ) . " ') " );
}
$panel -> admin_message ( " Daten übernommen! " , " Die Daten wurden erfolgreich übernommen. " , True , " editgroup " , 3 );
} else {
$panel -> admin_message ( " Fehler! " , " Der Rollenname muss ausgefüllt werden. " , True , " editgroup " , 3 );
}
} else {
$result = $db -> query ( " SELECT * FROM ` " . $config [ " prefix " ] . " role` WHERE id=' " . intval ( $_GET [ " editgroup " ]) . " ' " );
$data = $db -> fetch_array ( $result );
$panel -> title = " Gruppe editieren " ;
$panel -> content = 'Hier kann man Benutzergruppen bearbeiten.' ;
$panel -> form ( array ( " action " => $config [ " path " ] . " /admin/index.php?panel=editgroup&editgroup= " . $data [ " id " ]));
$panel -> content .= " <h3>Gruppename:</h3> " ;
$panel -> field ( array ( " name " => " name " , " typ " => " text " , " value " => $data [ " role_name " ]));
$panel -> content .= " <br /><br /> " ;
2025-06-24 21:25:19 +02:00
$panel -> content .= " <table style= \" width: 90%; border-spacing: 2px; \" >
2025-06-20 19:10:23 +02:00
< tr >
< th >< strong > Rechte </ strong ></ th >
</ tr > " ;
2025-06-24 10:07:18 +02:00
$drow = array ();
$result = $db -> query ( " SELECT * FROM ` " . $config [ " prefix " ] . " role_values` " );
2025-06-20 19:10:23 +02:00
while ( $row = $db -> fetch_array ( $result )){
2025-06-24 10:07:18 +02:00
$rval = $db -> fetch_array ( $db -> query ( " SELECT `value` FROM ` " . $config [ " prefix " ] . " roleset` WHERE role_value_id=' " . $row [ " id " ] . " ' AND role_id=' " . $data [ " id " ] . " ' " ));
if ( empty ( $rval [ " value " ])){
$rval [ " value " ] = 0 ;
}
2025-06-24 21:35:23 +02:00
$panel -> content .= " <tr><td><strong> " . $row [ " text " ] . " :</strong><br /> " . $panel -> get_option ( $row [ " type " ], $row [ " id " ], $rval [ " value " ]) . " </td></tr> " ;
2025-06-20 19:10:23 +02:00
}
$panel -> content .= " </table><br /> " ;
$panel -> field ( array ( " name " => " send " , " typ " => " hidden " , " value " => " 1 " ));
$panel -> field ( array ( " name " => " group " , " typ " => " hidden " , " value " => $data [ " id " ]));
$panel -> content .= " <br /> " ;
$panel -> submit ();
$panel -> formClose ();
$panel -> parse_page ();
}
2025-06-24 10:07:18 +02:00
} elseif ( isset ( $_GET [ " action " ]) && $_GET [ " action " ] == " delete " && isset ( $_GET [ " group " ])){
2025-06-20 19:10:23 +02:00
$result = $db -> query ( " SELECT id FROM ` " . $config [ " prefix " ] . " role` where `role_name`='User' LIMIT 1 " );
$row = $db -> fetch_array ( $result );
$db -> query ( " UPDATE ` " . $config [ " prefix " ] . " users` SET `role`=' " . $row [ " id " ] . " ' WHERE `role`=' " . intval ( $_GET [ " group " ]) . " ' " );
$db -> query ( " DELETE FROM ` " . $config [ " prefix " ] . " role` WHERE id=' " . intval ( $_GET [ " group " ]) . " ' " );
$db -> query ( " DELETE FROM ` " . $config [ " prefix " ] . " roleset` WHERE role_id=' " . intval ( $_GET [ " group " ]) . " ' " );
$panel -> admin_message ( " Usergruppe gelöscht! " , " Die Gruppe wurde erfolgreich gelöscht. " , True , " editgroup " , 3 );
} else {
$result = $db -> query ( " SELECT * FROM ` " . $config [ " prefix " ] . " role` " );
while ( $row = $db -> fetch_array ( $result )){
$role [] = $row ;
}
$panel -> title = " Vorhandene Rollen " ;
$panel -> content .= " <table class= \" sortable \" width= \" 90% \" cellspacing= \" 2 \" >
< tr >
2025-06-24 21:25:19 +02:00
< th style = \ " text-align: center; \" >ID</th>
< th style = \ " text-align: center; \" >Name</th>
< th class = \ " nosort sortcol \" style= \" text-align: center; width: 18% \" >Aktionen</th>
2025-06-20 19:10:23 +02:00
</ tr > " ;
if ( ! empty ( $role )){
foreach ( $role as $u ){
$panel -> content .= " <tr>
2025-06-24 21:25:19 +02:00
< td style = \ " text-align: center; \" > " . $u [ " id " ] . " </td>
< td style = \ " text-align: center; \" > " . $u [ " role_name " ] . " </td> " ;
2025-06-20 19:10:23 +02:00
if ( ! $u [ " special_group " ]){
2025-06-24 21:25:19 +02:00
$panel -> content .= " <td style= \" text-align: center; \" ><a onclick= \" return confirmLink(this, 'Willst du wirklich die Gruppe " . $u [ " role_name " ] . " löschen? Alle Mitglieder dieser Gruppe werden der Gruppe User zugeordnet') \" href= \" " . $config [ " path " ] . " /admin/index.php?panel=editgroup&action=delete&group= " . $u [ " id " ] . " \" ><img src= \" " . $config [ " path " ] . " /admin/images/icons/delete.png \" /></a> <a href= \" " . $config [ " path " ] . " /admin/index.php?panel=editgroup&editgroup= " . $u [ " id " ] . " \" ><img src= \" " . $config [ " path " ] . " /admin/images/icons/wrench.png \" /></a></td>
2025-06-20 19:10:23 +02:00
</ tr > " ;
} else {
2025-06-24 21:25:19 +02:00
$panel -> content .= " <td style= \" text-align: center; \" ><a href= \" " . $config [ " path " ] . " /admin/index.php?panel=editgroup&editgroup= " . $u [ " id " ] . " \" ><img src= \" " . $config [ " path " ] . " /admin/images/icons/wrench.png \" /></a></td></td>
2025-06-20 19:10:23 +02:00
</ tr > " ;
}
}
} else {
$panel -> content .= " <tr>
2025-06-24 21:25:19 +02:00
< td style = \ " text-align: center; \" colspan= \" 5 \" >Keine Rollen vorhanden.</td>
2025-06-20 19:10:23 +02:00
</ tr > " ;
}
$panel -> content .= " </table><br /> " ;
}
}
function meta () {
global $module , $config , $db , $panel , $userinfo , $admin , $root ;
$meta = '<script type="text/javascript" src="' . $config [ " path " ] . ' / js / scriptaculous / prototype . js " ></script>
< script src = " '. $config["path"] .'/js/fastinit.js " type = " text/javascript " >
</ script >
< script src = " '. $config["path"] .'/js/tablesort.js " type = " text/javascript " >
</ script >
< script type = " text/javascript " >
function deleteItem ( item ) {
if ( confirmLink ( this , " Willst du wirklich dieses Modul deinstallieren? Alle Daten diese Moduls werden gelöscht! " ) == true ){
name = " id_ " + item ;
Effect . SwitchOff ( name );
new Ajax . Request ( \ ' index . php ? panel = navigation\ ' , {
method : " post " ,
parameters : { delete : name }});
}
return false ;
}
</ script >
< style type = " text/css " >
. loadlayer {
position : absolute ;
padding : 15 px ;
width : 250 px ;
background : #ffffff;
border : 3 px solid #c90000;
text - align : center ;
margin - top : 60 px ;
left : 50 % ;
margin - left : - 150 px ;
margin - top : 100 px ;
font - weight : bold ;
z - index : 5 ;
}
div . section , div #createNew {
border : 1 px solid #CCCCCC;
margin : 30 px 5 px ;
padding : 0 px 0 px 10 px 0 px ;
background - color : #EFEFEF;
}
div #createNew input { margin-left: 5px; }
div #createNew h3, div.section h3{
font - size : 14 px ;
padding : 2 px 5 px ;
margin : 0 0 10 px 0 ;
background - color : #CCCCCC;
display : block ;
}
div . section h3 {
cursor : move ;
}
div . lineitem {
margin : 3 px 10 px ;
padding : 2 px ;
background - color : #FFFFFF;
cursor : move ;
}
h1 {
margin - bottom : 0 ;
font - size : 18 px ;
}
</ style >
< script type = " text/javascript " >
function confirmLink ( theLink , text )
{
// Confirmation is not required in the configuration file
// or browser is Opera (crappy js implementation)
if ( typeof ( window . opera ) != \ ' undefined\ ' ) {
return true ;
}
var is_confirmed = confirm ( text );
if ( is_confirmed ) {
if ( typeof ( theLink . href ) != \ ' undefined\ ' ) {
theLink . href += \ ' & is_js_confirmed = 1 \ ' ;
} else if ( typeof ( theLink . form ) != \ ' undefined\ ' ) {
theLink . form . action += \ ' ? is_js_confirmed = 1 \ ' ;
}
}
return is_confirmed ;
}
</ script > ' ;
return $meta ;
}
}
?>
