function updatePrivate($page_id, $private)
{
try {
// Make sure the specified page exists
if (!pageIdExists($page_id)) {
addAlert("danger", lang("PAGE_INVALID_ID"));
return false;
}
global $db_table_prefix;
$db = pdoConnect();
$sqlVars = array();
$query = "UPDATE " . $db_table_prefix . "pages\n\t\tSET \n\t\tprivate = :private\n\t\tWHERE\n\t\tid = :page_id";
$stmt = $db->prepare($query);
$sqlVars[':private'] = $private;
$sqlVars[':page_id'] = $page_id;
if ($stmt->execute($sqlVars)) {
return true;
} else {
return false;
}
} catch (PDOException $e) {
addAlert("danger", "Oops, looks like our database encountered an error.");
error_log("Error in " . $e->getFile() . " on line " . $e->getLine() . ": " . $e->getMessage());
return false;
} catch (ErrorException $e) {
addAlert("danger", "Oops, looks like our server might have goofed. If you're an admin, please check the PHP error logs.");
return false;
}
}
/**
* Link/unlink the specified group with the specified page. Recommend root access only.
* @param int $page_id the id of the page
* @param int $group_id the id of the group
* @param boolean $checked 1 if private page 0 if public
* @return boolean true for success, false if failed
*/
function updatePageGroupLink($page_id, $group_id, $checked)
{
// This block automatically checks this action against the permissions database before running.
if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
addAlert("danger", "Sorry, you do not have permission to access this resource.");
return false;
}
//Check if selected page exists
if (!pageIdExists($page_id)) {
addAlert("danger", "I'm sorry, the page id you specified is invalid!");
return false;
}
//TODO: Check if selected group exists
$pageDetails = fetchPageDetails($page_id);
//Fetch information specific to page
// Determine if we're changing the 'private' status, or a specific group
if ($group_id == "private") {
// Set as private if checked=1, otherwise set as 0
updatePrivate($page_id, $checked);
return true;
} else {
// Get the current page groups
$pageGroups = fetchPageGroups($page_id);
// Add the group if checked=1 and the page doesn't already have that group assigned
if ($checked == "1") {
if (!isset($pageGroups[$group_id])) {
addPage($page_id, $group_id);
return true;
} else {
return false;
}
} else {
if (isset($pageGroups[$group_id])) {
removePage($page_id, $group_id);
return true;
} else {
return false;
}
}
}
}
<?php
/**/
/*SportAnticipation~ @ENOXH 2015*/
require_once "models/config.php";
if (!securePage($_SERVER['PHP_SELF'])) {
die;
}
$pageId = $_GET['id'];
//Check if selected pages exist
if (!pageIdExists($pageId)) {
header("Location: admin_pages.php");
die;
}
$pageDetails = fetchPageDetails($pageId);
//Fetch information specific to page
//Forms posted
if (!empty($_POST)) {
$update = 0;
if (!empty($_POST['private'])) {
$private = $_POST['private'];
}
//Toggle private page setting
if (isset($private) and $private == 'Yes') {
if ($pageDetails['private'] == 0) {
if (updatePrivate($pageId, 1)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
public function index()
{
/*
UserCake (Via CupCake) Version: 2.0.2
http://usercake.com
*/
global $baseURL;
require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
if (!securePage($_SERVER['PHP_SELF'])) {
die;
}
$pageId = $_GET['id'];
//Check if selected pages exist
if (!pageIdExists($pageId)) {
header("Location: " . str_replace('index.php/', '', site_url('admin_pages')));
die;
}
$pageDetails = fetchPageDetails($pageId);
//Fetch information specific to page
//Forms posted
if (!empty($_POST)) {
$update = 0;
if (!empty($_POST['private'])) {
$private = $_POST['private'];
}
//Toggle private page setting
if (isset($private) and $private == 'Yes') {
if ($pageDetails['private'] == 0) {
if (updatePrivate($pageId, 1)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
} elseif ($pageDetails['private'] == 1) {
if (updatePrivate($pageId, 0)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Remove permission level(s) access to page
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePage($pageId, $remove)) {
$successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add permission level(s) access to page
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPage($pageId, $add)) {
$successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$pageDetails = fetchPageDetails($pageId);
}
$pagePermissions = fetchPagePermissions($pageId);
$permissionData = fetchAllPermissions();
require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Page</h2>\r\n<div id='left-nav'>";
include "{$baseURL}/application/third_party/user_cake/left-nav.php";
echo "\r\n</div>\r\n<div id='main'>";
echo resultBlock($errors, $successes);
echo "\r\n<form name='adminPage' action='" . $_SERVER['PHP_SELF'] . "?id=" . $pageId . "' method='post'>\r\n<input type='hidden' name='process' value='1'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Page Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $pageDetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n" . $pageDetails['page'] . "\r\n</p>\r\n<p>\r\n<label>Private:</label>";
//Display private checkbox
if ($pageDetails['private'] == 1) {
echo "<input type='checkbox' name='private' id='private' value='Yes' checked>";
} else {
echo "<input type='checkbox' name='private' id='private' value='Yes'>";
}
echo "\r\n</p>\r\n</div></td><td>\r\n<h3>Page Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Access:";
//Display list of permission levels with access
foreach ($permissionData as $v1) {
if (isset($pagePermissions[$v1['id']])) {
echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
echo "\r\n</p><p>Add Access:";
//Display list of permission levels without access
foreach ($permissionData as $v1) {
if (!isset($pagePermissions[$v1['id']])) {
echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
}
