function on_submit()
{
$name = Url::get('name', '');
$brief = Url::get('brief', '');
$des = Url::get('des', '');
$id = (int) Url::get('id', 0);
if ($brief != '') {
$arr = array('name' => $name, 'brief' => $brief, 'des' => $des);
if (!in_array($brief, array('root', 'admin', 'mod'))) {
if ($id == 0) {
$exist = DB::exists("SELECT id FROM user_groups WHERE brief = '{$brief}'");
if (!$exist) {
$arr['time_c'] = TIME_NOW;
$arr['user_c'] = User::id();
$arr['time_m'] = TIME_NOW;
$arr['user_m'] = User::id();
DB::insert('user_groups', $arr);
User::get_system_groups(1);
Url::redirect_current();
} else {
$this->setFormError('', "Nhóm này quyền này đã tồn tại");
}
} else {
$exist = DB::exists("SELECT id FROM user_groups WHERE brief = '{$brief}' AND id!={$id}");
if (!$exist) {
$arr['time_m'] = TIME_NOW;
$arr['user_m'] = User::id();
DB::update('user_groups', $arr, "id={$id}");
User::get_system_groups(1);
Url::redirect_current();
} else {
$this->setFormError('brief', "Định danh cho nhóm này quyền này đã tồn tại!");
}
}
} else {
$this->setFormError('brief', "Định danh cho nhóm này quyền này đã tồn tại!");
}
} else {
$this->setFormError('name', 'Chưa nhập tên định danh nhóm');
}
}
function AdminGrantPerm($row)
{
Module::Module($row);
$cmd = Url::get('cmd');
if (User::is_admin() && User::have_permit('admin_perm')) {
switch (Url::get('cmd')) {
case 'del_group':
$id = (int) Url::get('id', 0);
if ($id) {
DB::query('DELETE FROM user_groups WHERE id=' . $id);
}
User::get_system_groups(1);
Url::redirect_url(Url::build_all(array('cmd', 'del_group', 'id')));
break;
/*case 'delete':
$id=(int)Url::get('id',0);
if($id)
{
DB::query('UPDATE account SET gids="0" WHERE id='.$id);
User::getUser($id,1,true);
}
Url::redirect_url(Url::build_all(array('cmd','group_id','id')));
break;*/
/*case 'delete':
$id=(int)Url::get('id',0);
if($id)
{
DB::query('UPDATE account SET gids="0" WHERE id='.$id);
User::getUser($id,1,true);
}
Url::redirect_url(Url::build_all(array('cmd','group_id','id')));
break;*/
case 'remove':
$group_id = (int) Url::get('group_id', 0);
$id = (int) Url::get('id', 0);
if (User::is_root() || $group_id != 9) {
if ($id) {
$user = User::getUser($id);
if ($user && $user != '0') {
$gids = '';
$groups = User::get_groups($user['gids']);
if ($groups) {
foreach ($groups as $gid => $group) {
if ($group_id != $gid) {
$gids .= ($gids ? '|' : '') . $gid;
}
}
}
if ($gids == '') {
$gids = '0';
}
DB::query('UPDATE account SET gids="' . $gids . '" WHERE id=' . $id);
}
DB::query('DELETE FROM user_permit WHERE type = 1 AND ref_id = ' . $id . ' AND alias = "assign_supplier"');
User::getUser($id, 1, true);
}
}
Url::redirect_url(Url::build_all(array('cmd', 'group_id', 'id')));
break;
case 'remove_permit':
$pid = Url::get('pid');
$group_id = (int) Url::get('group_id', 0);
$groups = User::get_system_groups();
if ($pid != '' && $group_id && isset($groups[$group_id])) {
$permit = DB::select('user_permit', 'type=0 AND ref_id=' . $group_id);
if ($permit) {
$pids = '';
$pid_arr = explode('|', $permit['pids']);
if ($pid_arr) {
foreach ($pid_arr as $id) {
if ($id && $id != $pid) {
$pids .= ($pids ? '|' : '') . $id;
}
}
}
$permit = array('id' => $permit['id'], 'type' => 0, 'ref_id' => $group_id, 'pids' => $pids);
DB::insert('user_permit', $permit, true);
}
}
Url::redirect_current();
break;
case 'add_group':
case 'edit_group':
require_once 'forms/EditGroup.php';
$this->add_form(new EditGroupForm());
break;
case 'scan_perm':
if (User::is_root()) {
require_once 'forms/ScanPermission.php';
$this->add_form(new ScanPermissionForm());
}
Url::redirect_current();
break;
default:
require_once 'forms/ListAdmin.php';
$this->add_form(new ListAdminForm());
break;
}
} else {
Url::access_denied();
}
}
