function getUserPermissions($userid = '')
{
global $db, $user, $repository;
if (!$userid && is_object($user)) {
$userid = $user->id;
}
if ($userid) {
$permtable = $db->getAll("SELECT sotf_user_permissions.object_id, sotf_permissions.permission FROM sotf_user_permissions, sotf_permissions WHERE sotf_user_permissions.user_id = '{$userid}' AND sotf_user_permissions.permission_id = sotf_permissions.id");
//debug("permtable", $permtable);
// make an associative array containing the permissions for all objects
while (list(, $row) = each($permtable)) {
$permissions[$row["object_id"]][] = $row["permission"];
// object permission
}
$groups = sotf_Group::listGroupsOfUser($userid);
foreach ($groups as $gid => $gname) {
$permtable = $db->getAll("SELECT sotf_group_permissions.object_id, sotf_permissions.permission FROM sotf_group_permissions, sotf_permissions WHERE sotf_group_permissions.group_id = '{$gid}' AND sotf_group_permissions.permission_id = sotf_permissions.id");
// append to associative array containing the permissions for all objects
while (list(, $row) = each($permtable)) {
$permissions[$row["object_id"]][] = $row["permission"];
// object permission
}
// TODO: remove duplicates
}
}
if ($this->debug) {
error_log("current permissions", 0);
if (count($permissions) > 0) {
foreach ($permissions as $key => $value) {
error_log("PERMISSION: {$key} = " . join(' ', $value), 0);
}
}
}
return $permissions;
}
function getUserOrGroupName($id)
{
global $user;
if (isGroupId($id)) {
return sotf_Group::getGroupName($id);
} else {
return $user->getUsername($id);
}
}
function listGroupsOfObject($id, $perm = 'listen')
{
$groups = sotf_Group::listGroupIdsOfObject($id, $perm);
$retval = array();
foreach ($groups as $gid) {
$group = sotf_Group::getById($gid);
$retval[$group->get('name')] = $group->getAll();
}
asort($retval);
//debug("GROUPS", $retval);
return $retval;
}
<?php
// -*- tab-width: 3; indent-tabs-mode: 1; -*-
/*
* $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $
* Authors: András Micsik
*/
require "init.inc.php";
$smarty->assign('PAGETITLE', $page->getlocalized('AdminPage'));
$page->forceLogin();
//$page->errorURL = "admin.php";
checkPerm('node', 'change');
$actionsToCount = "'listens','downloads'";
$sql = "SELECT p.id, p.title, s.id AS station_id, s.name AS station_name, count(distinct h.user_id) as count FROM sotf_programmes p, sotf_stations s, sotf_user_history h WHERE p.station_id=s.id AND p.id=h.object_id AND h.action IN ({$actionsToCount}) GROUP BY p.id, p.title, s.id, s.name ORDER BY count DESC";
$count = $db->getOne("SELECT COUNT(*) FROM ({$sql}) s");
$limit = $page->splitList($count, $scriptUrl);
$res = $db->limitQuery($sql, $limit["from"], $limit["maxresults"]);
if (DB::isError($res)) {
raiseError($res);
}
$results = null;
while (DB_OK === $res->fetchInto($row)) {
$row['groups'] = sotf_Group::listGroupsOfObject($row['id']);
$results[] = $row;
}
debug("TOPLIST", $results);
$smarty->assign('TOPLIST', $results);
$page->send();
$url = $_GET['okURL'];
if (!$url) {
$url = $config['localPrefix'];
}
$page->redirect($url);
exit;
}
// we need trick for making pages indexed by Google
// therefore we pass some parameters in pathinfo
// after this call getParameter can be used to get these parameters as well
$pathinfoParamExceptions = array('getIcon', 'getJingle', 'getUserFile');
if (!in_array($page->action, $pathinfoParamExceptions)) {
sotf_Utils::collectPathinfoParams();
}
// just for debugging
$groups = sotf_Group::listGroupsOfUser($user->id);
debug("GROUPS", $groups);
// permissions object is for managing and asking for permissions
$permissions = new sotf_Permission();
//$permissions->debug = true;
// the repository of radio stations
$repository = new sotf_Repository($config['repositoryDir'], $db);
// all controlled vocabularies
$vocabularies = new sotf_Vocabularies($db);
// now you have the following global objects: $config, $db, $userdb, $smarty, $page, $repository, $user, $permission
// is that too many?
// forwarding all $config to smarty is a security risk
// $smarty->assign("CONFIG", $config);
// add basic variables to Smarty
$smarty->assign("NODEID", $config['nodeId']);
$smarty->assign("NODE_NAME", $config['nodeName']);
} elseif ($userid) {
if ($userid[0] == 'g') {
$gid = substr($userid, 1);
$group = sotf_Group::getById($gid);
$users[$userid] = $group->get('name');
$smarty->assign("USERS", $users);
} else {
$username = sotf_User::getUsername($userid);
$users[$userid] = $username;
$smarty->assign("USERS", $users);
}
} elseif ($pattern) {
$smarty->assign("PATTERN", $pattern);
$users = sotf_User::findUsers($pattern, $prefix);
debug("USERS", $users);
$groups = sotf_Group::findGroups($pattern, $prefix);
debug("GROUPS", $groups);
if (count($users) + count($groups) > 50) {
$smarty->assign("TOO_MANY_MATCHES", count($users) + count($groups));
} elseif (empty($users) and empty($groups)) {
$smarty->assign("NO_MATCHES", 1);
} else {
$smarty->assign("USERS", $users);
$smarty->assign("GROUPS", $groups);
}
}
checkPerm($objectid, "authorize");
if ($save) {
if ($userid == $user->id) {
// trying to change permissions for self
//if(!hasPerm($objectid, 'admin'))
// -*- tab-width: 3; indent-tabs-mode: 1; -*-
/*
* $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $
* Authors: András Micsik
*/
require "init.inc.php";
$smarty->assign('PAGETITLE', $page->getlocalized('AdminPage'));
$page->forceLogin();
//$page->errorURL = "admin.php";
checkPerm('node', 'change');
if (sotf_Utils::getParameter('del')) {
$uid = sotf_Utils::getParameter('uid');
$user = new sotf_User($uid);
debug("Deleting user {$uid}", $user->username);
$user->delete();
$page->redirect('adminUsers.php');
$page->logRequest();
exit;
}
$pattern = sotf_Utils::getParameter('pattern');
$count = sotf_User::countUsers($pattern);
$limit = $page->splitList($count, $scriptUrl . "?pattern=" . urlencode($pattern));
$users = sotf_User::listUsers($limit["from"], $limit["maxresults"], $pattern);
foreach ($users as $user) {
$user['groups'] = join(', ', sotf_Group::getGroupNames($user['id']));
$ulist[] = $user;
}
$smarty->assign('USERS', $ulist);
$smarty->assign('PATTERN', $pattern);
$page->send();
$g = (int) substr($g, 2);
sotf_Group::setGroup($uid, $g, 1);
debug("TYPE", gettype($g));
debug("ADD {$g}", $uGroups[$g]);
unset($uGroups[$g]);
debug("after REMOVING {$g}", $uGroups);
}
}
// remove unchecked items
debug("U2", $uGroups);
foreach ($uGroups as $gid => $rid) {
sotf_Group::setGroup($uid, $gid, 0, $rid);
}
$page->redirect("closeAndRefresh.php");
exit;
}
// close
$close = sotf_Utils::getParameter('close');
if ($close) {
$page->redirect("closeAndRefresh.php");
exit;
}
// generate output
$uGroups = sotf_Group::listGroupsOfUser($uid);
$groups = sotf_Group::listAll(0);
foreach ($groups as $g) {
$g['rid'] = $uGroups[$g['id']];
$glist[] = $g;
}
$smarty->assign('GROUPS', $glist);
$page->sendPopup();
// -*- tab-width: 3; indent-tabs-mode: 1; -*-
/*
* $Id: editNeighbour.php 339 2003-12-03 08:39:25Z andras $
* Author: András Micsik
*/
require "init.inc.php";
$smarty->assign('PAGETITLE', $page->getlocalized('AdminPage'));
$page->forceLogin();
$page->popup = true;
$page->errorURL = "editGroup.php";
checkPerm('node', "change");
$gid = sotf_Utils::getParameter('gid');
if ($gid) {
$group = sotf_Group::getById($gid);
} else {
$group = new sotf_Group();
}
# raiseError("No such group: $gid");
// save changes
if (sotf_Utils::getParameter('save')) {
$oldName = $group->get('name');
$group->setWithTextParam('name', 'name');
$group->setWithTextParam('comments', 'comments');
$group->setWithParam('price', 'price');
$name = $group->get('name');
if (!$name) {
$error = "error_name_missing";
} else {
$ex = sotf_Group::getByName($name);
if ($ex and (!$gid or $gid and $name != $oldName)) {
$error = 'error_name_in_use';
<?php
// -*- tab-width: 3; indent-tabs-mode: 1; -*-
/*
* $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $
* Authors: András Micsik
*/
require "init.inc.php";
$smarty->assign('PAGETITLE', $page->getlocalized('AdminPage'));
$page->forceLogin();
//$page->errorURL = "admin.php";
checkPerm('node', 'change');
$actionsToCount = "'listens','downloads'";
$sql = "SELECT u.id, u.username, d.contact_person, count(distinct h.object_id) as count FROM sotf_users u LEFT JOIN sotf_user_data d ON d.user_id=u.id, sotf_user_history h WHERE u.id=h.user_id AND h.action IN ({$actionsToCount}) GROUP BY u.id, u.username, d.contact_person ORDER BY count DESC";
$count = $db->getOne("SELECT COUNT(*) FROM ({$sql}) s");
$limit = $page->splitList($count, $scriptUrl);
$res = $db->limitQuery($sql, $limit["from"], $limit["maxresults"]);
if (DB::isError($res)) {
raiseError($res);
}
$results = null;
while (DB_OK === $res->fetchInto($row)) {
$row['groups'] = sotf_Group::getGroupNames($row['id']);
$results[] = $row;
}
$smarty->assign('TOPLIST', $results);
$page->send();
<?php
// -*- tab-width: 3; indent-tabs-mode: 1; -*-
/*
* $Id: showContact.php 372 2005-02-03 15:15:51Z micsik $
* Author: Andras Micsik
*/
require "init.inc.php";
$gid = sotf_Utils::getParameter('id');
$group = new sotf_Group($gid);
if (!$group) {
raiseError("no_such_object", "Group {$gid}");
}
$smarty->assign('PAGETITLE', $group->get('name'));
$smarty->assign('GID', $gid);
$smarty->assign('GROUP_DATA', $group->getAll());
$objects = $group->listObjectsOfGroup();
rsort($objects);
$numProgs = 0;
while (list(, $oid) = each($objects)) {
$obj =& $repository->getObject($oid);
if (!$obj) {
logError("DB integrity error: role {$role} for {$id} which does not exist");
continue;
}
$class = get_class($obj);
$data = array();
$data['name'] = $obj->get('name');
if ($class == 'sotf_station') {
$data['url'] = $config['rootUrl'] . "/showStation.php/{$oid}";
$data['mid'] = $page->getlocalized('Station');
$smarty->assign('REFS', $prg->getRefs());
// statistics
$smarty->assign('STATS', $prg->getStats());
// add this visit to statistics
$prg->addStat('', "visits");
// rating
$rating = new sotf_Rating();
$smarty->assign('RATING', $rating->getInstantRating($id));
// my rating?
$myRating = $rating->getMyRating($id);
debug("r", $myRating);
$smarty->assign('MY_RATING', $myRating);
if (nodeConfig('payableMode')) {
$smarty->assign('CURRENCY', $config['currency']);
if (!$prg->isFree()) {
$smarty->assign('LISTEN_GROUPS', sotf_Group::listGroupsOfObject($id, 'listen'));
}
}
if ($page->loggedIn()) {
// is in my playlist?
$smarty->assign('inplaylist', sotf_UserPlaylist::contains($id));
}
}
$db->commit();
// online counter for statistics
if ($config['counterMode']) {
$chCounter_status = 'active';
$chCounter_visible = 0;
$chCounter_page_title = 'Programm-Detailansicht - get.php';
include $config['counterURL'];
}