Example #1
0
 */
/**
 * Load common include file
 */
require_once 'admin_common.php';
require_once 'classes/MainUI.php';
require_once 'classes/User.php';
$networks = Security::getObjectsWithPermission(Permission::P('NETWORK_PERM_EDIT_ANY_USER'));
$db = AbstractDb::getObject();
$smarty = SmartyWifidog::getObject();
$total = array();
$total['incoming'] = 0;
$total['outgoing'] = 0;
// Process user ID searchbox
$errmsg = null;
$user = User::processSelectUserUI("user_id_searchbox", $errmsg);
if (!empty($_REQUEST['user_id']) || !empty($user)) {
    header("Location: " . BASE_SSL_PATH . "admin/generic_object_admin.php?object_id={$user->getId()}&object_class=User&action=edit");
    exit;
} else {
    $smarty->assign("error", null);
    $smarty->assign('sort_ids', array('username', 'account_origin', 'reg_date'));
    $smarty->assign('direction_ids', array('asc', 'desc'));
    $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : "username";
    $direction = isset($_REQUEST['direction']) ? $_REQUEST['direction'] : "asc";
    $smarty->assign("sort", $sort);
    $smarty->assign("direction", $direction);
    if (isset($_REQUEST["page"]) && is_numeric($_REQUEST["page"])) {
        $current_page = $_REQUEST["page"];
    } else {
        $current_page = 1;
Example #2
0
 /** Process admin interface of this object.  When an object overrides this method, they should call the parent processAdminUI at the BEGINING of processing.
  */
 public function processAdminUI()
 {
     if ($this->DEPRECATEDisOwner(User::getCurrentUser()) || User::getCurrentUser()->DEPRECATEDisSuperAdmin()) {
         $db = AbstractDb::getObject();
         if ($this->getObjectType() == 'Content') {
             $content_type = FormSelectGenerator::getResult("content_" . $this->id . "_content_type", "Content");
             $this->setContentType($content_type);
         } else {
             //Content medatada
             if ($this->isSimpleContent() == false || $this->isPersistent()) {
                 /* title_is_displayed */
                 if (!empty($this->content_row['title'])) {
                     $name = "content_" . $this->id . "_title_is_displayed";
                     !empty($_REQUEST[$name]) ? $this->setTitleIsDisplayed(true) : $this->setTitleIsDisplayed(false);
                 }
                 /* title */
                 if (empty($this->content_row['title'])) {
                     $title = self::processNewContentUI("title_{$this->id}_new");
                     if ($title != null) {
                         $title_id = $title->GetId();
                         $db->execSqlUpdate("UPDATE content SET title = '{$title_id}' WHERE content_id = '{$this->id}'", FALSE);
                     }
                 } else {
                     $title = self::getObject($this->content_row['title']);
                     $name = "content_" . $this->id . "_title_erase";
                     if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) {
                         $db->execSqlUpdate("UPDATE content SET title = NULL WHERE content_id = '{$this->id}'", FALSE);
                         $title->delete($errmsg);
                     } else {
                         $title->processAdminUI();
                     }
                 }
             }
             if ($this->isSimpleContent() == false) {
                 /* description */
                 if (empty($this->content_row['description'])) {
                     $description = self::processNewContentUI("description_{$this->id}_new");
                     if ($description != null) {
                         $description_id = $description->GetId();
                         $db->execSqlUpdate("UPDATE content SET description = '{$description_id}' WHERE content_id = '{$this->id}'", FALSE);
                     }
                 } else {
                     $description = self::getObject($this->content_row['description']);
                     $name = "content_" . $this->id . "_description_erase";
                     if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) {
                         $db->execSqlUpdate("UPDATE content SET description = NULL WHERE content_id = '{$this->id}'", FALSE);
                         $description->delete($errmsg);
                     } else {
                         $description->processAdminUI();
                     }
                 }
                 /* long description */
                 if (empty($this->content_row['long_description'])) {
                     $long_description = self::processNewContentUI("long_description_{$this->id}_new");
                     if ($long_description != null) {
                         $long_description_id = $long_description->GetId();
                         $db->execSqlUpdate("UPDATE content SET long_description = '{$long_description_id}' WHERE content_id = '{$this->id}'", FALSE);
                     }
                 } else {
                     $long_description = self::getObject($this->content_row['long_description']);
                     $name = "content_" . $this->id . "_long_description_erase";
                     if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) {
                         $db->execSqlUpdate("UPDATE content SET long_description = NULL WHERE content_id = '{$this->id}'", FALSE);
                         $long_description->delete($errmsg);
                     } else {
                         $long_description->processAdminUI();
                     }
                 }
                 /* project_info */
                 if (empty($this->content_row['project_info'])) {
                     $project_info = self::processNewContentUI("project_info_{$this->id}_new");
                     if ($project_info != null) {
                         $project_info_id = $project_info->GetId();
                         $db->execSqlUpdate("UPDATE content SET project_info = '{$project_info_id}' WHERE content_id = '{$this->id}'", FALSE);
                     }
                 } else {
                     $project_info = self::getObject($this->content_row['project_info']);
                     $name = "content_" . $this->id . "_project_info_erase";
                     if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) {
                         $db->execSqlUpdate("UPDATE content SET project_info = NULL WHERE content_id = '{$this->id}'", FALSE);
                         $project_info->delete($errmsg);
                     } else {
                         $project_info->processAdminUI();
                     }
                 }
             }
             //End content metadata
             if ($this->isSimpleContent() == false || $this->isPersistent()) {
                 /* is_persistent */
                 $name = "content_" . $this->id . "_is_persistent";
                 !empty($_REQUEST[$name]) ? $this->setIsPersistent(true) : $this->setIsPersistent(false);
                 /* content_has_owners */
                 $sql = "SELECT * FROM content_has_owners WHERE content_id='{$this->id}'";
                 $db->execSql($sql, $content_owner_rows, false);
                 if ($content_owner_rows != null) {
                     foreach ($content_owner_rows as $content_owner_row) {
                         $user = User::getObject($content_owner_row['user_id']);
                         $user_id = $user->getId();
                         $name = "content_" . $this->id . "_owner_" . $user->GetId() . "_remove";
                         if (!empty($_REQUEST[$name])) {
                             $this->deleteOwner($user);
                         } else {
                             $name = "content_" . $this->id . "_owner_" . $user->GetId() . "_is_author";
                             $content_owner_row['is_author'] == 't' ? $is_author = true : ($is_author = false);
                             !empty($_REQUEST[$name]) ? $should_be_author = true : ($should_be_author = false);
                             if ($is_author != $should_be_author) {
                                 $should_be_author ? $is_author_sql = 'TRUE' : ($is_author_sql = 'FALSE');
                                 $sql = "UPDATE content_has_owners SET is_author={$is_author_sql} WHERE content_id='{$this->id}' AND user_id='{$user_id}'";
                                 if (!$db->execSqlUpdate($sql, false)) {
                                     throw new Exception(_('Unable to set as author in the database.'));
                                 }
                             }
                         }
                     }
                 }
                 $errMsg = null;
                 $user = User::processSelectUserUI("content_{$this->id}_new_owner", $errMsg);
                 $name = "content_{$this->id}_add_owner_submit";
                 if (!empty($_REQUEST[$name]) && $user != null) {
                     $this->addOwner($user);
                 }
             }
         }
         $this->refresh();
     }
 }
Example #3
0
 /**
  * Process the interface to assign stakeholders to objects
  * @param &$errMsg An error message will be appended to this is the username is not empty, but the user doesn't exist.
  *
  * @return null
  *
  * @param $targetObject The Object on which the permssion applies (Network, Server, etc.)
  */
 public static function processAssignStakeholdersUI($targetObject, &$errMsg)
 {
     $db = AbstractDb::getObject();
     $object_id = $db->escapeString($targetObject->getId());
     $object_class = get_class($targetObject);
     $table = strtolower($object_class) . '_stakeholders';
     $user = User::processSelectUserUI($object_id . "_new_stakeholder", $errMsg);
     $role = Role::processSelectAvailableRoleUI($object_id . "_new_stakeholder_role");
     if ($user && $role) {
         //The user and role exist
         if (Security::hasRole($role, $targetObject, $user)) {
             $errMsg .= sprintf(_("User %s already has role %s for this object"), $user->getUsername(), $role->getId());
         } else {
             // the user doesn't already have that role
             $sql = "INSERT INTO {$table} (object_id, user_id, role_id) VALUES ('{$object_id}', '{$user->getId()}', '{$role->getId()}');";
             $stakeholder_rows = null;
             $db->execSqlUpdate($sql, false);
         }
     }
     $stakeholder_rows = null;
     $sql = "SELECT * FROM {$table} JOIN roles USING (role_id) WHERE object_id = '{$object_id}';";
     $db->execSql($sql, $stakeholder_rows, false);
     if ($stakeholder_rows) {
         foreach ($stakeholder_rows as $stakeholder_row) {
             $user = User::getObject($stakeholder_row['user_id']);
             $name = $object_id . "_stakeholder_" . $stakeholder_row['user_id'] . "_" . $stakeholder_row['role_id'] . "_remove";
             if (!empty($_REQUEST[$name])) {
                 $userIdStr = $db->escapeString($stakeholder_row['user_id']);
                 $roleIdStr = $db->escapeString($stakeholder_row['role_id']);
                 $sql = "DELETE FROM {$table} WHERE object_id='{$object_id}' AND user_id='{$userIdStr}' AND role_id = '{$roleIdStr}';";
                 $db->execSqlUpdate($sql, false);
             }
         }
     }
     return null;
 }