/** * Adds a new object into access control lists * * Usage example: * <code> * $auth_permit = array( * COT_GROUP_DEFAULT => 'R', * COT_GROUP_GUESTS => '0',, * COT_GROUP_MEMBERS => 'R', * 12 => 'RW', // allows Read & Write for group with ID = 12 * ); * * $auth_lock = array( * COT_GROUP_DEFAULT => 'A', * COT_GROUP_GUESTS => 'W12345A', * COT_GROUP_MEMBERS => 'A', * 12 => 'R', // cannot change Read for group with ID = 12 * ); * * cot_auth_add_item('test', 'item123', $auth_permit, $auth_lock); * </code> * * @param string $module_name The module object belongs to * @param string $item_id Object identifier within the module * @param array $auth_permit Allowed permissions map * @param array $auth_lock Locked permissions map * @return int Number of rows inserted * @global CotDB $db */ function cot_auth_add_item($module_name, $item_id, $auth_permit = array(), $auth_lock = array()) { global $db, $cot_groups, $db_auth, $usr, $cot_auth_default_permit, $cot_auth_default_lock; $auth_permit = $auth_permit + $cot_auth_default_permit; $auth_lock = $auth_lock + $cot_auth_default_lock; $ins_array = array(); foreach ($cot_groups as $k => $v) { if (!$v['skiprights']) { $base_grp = $k > COT_GROUP_SUPERADMINS ? COT_GROUP_DEFAULT : $k; $ins_array[] = array('auth_groupid' => $k, 'auth_code' => $module_name, 'auth_option' => $item_id, 'auth_rights' => cot_auth_getvalue($auth_permit[$base_grp]), 'auth_rights_lock' => cot_auth_getvalue($auth_lock[$base_grp]), 'auth_setbyuserid' => $usr['id']); } } $res = $db->insert($db_auth, $ins_array); cot_auth_reorder(); cot_auth_clear('all'); return $res; }
} elseif ($rtplmode == 3) { $rstructure['structure_tpl'] = cot_import($rtplforcedarr[$i], 'D', 'TXT'); } elseif ($rtplmode == 2) { $rstructure['structure_tpl'] = 'same_as_parent'; } elseif ($rtplmode == 1) { $rstructure['structure_tpl'] = ''; } if (!cot_error_found()) { $res = cot_structure_update($n, $i, $oldrow, $rstructure, $is_module); if (is_array($res)) { cot_error($res[0], $res[1]); } } } cot_extrafield_movefiles(); cot_auth_clear('all'); if ($cache) { $cache->clear(); } /* === Hook === */ foreach (cot_getextplugins('admin.structure.update.done') as $pl) { include $pl; } /* ===== */ if (!cot_error_found()) { cot_message('Updated'); } else { cot_error('adm_structure_somenotupdated'); } cot_redirect(cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&d=' . $durl, '', true)); } elseif ($a == 'add' && !empty($_POST)) {
include $pl; } /* ===== */ cot_shield_protect(); $sql = $db->query("SELECT * FROM {$db_users} WHERE user_lostpass='******' AND (user_maingrp=2 OR user_maingrp='-1') LIMIT 1"); if ($row = $sql->fetch()) { if ($row['user_maingrp'] == 2) { if ($y == 1) { $sql = $db->update($db_users, array('user_maingrp' => 4), "user_id='" . $row['user_id'] . "' AND user_lostpass='******'"); $sql = $db->update($db_groups_users, array('gru_groupid' => 4), "gru_groupid=2 AND gru_userid='" . $row['user_id'] . "'"); /* === Hook for the plugins === */ foreach (cot_getextplugins('users.register.validate.done') as $pl) { include $pl; } /* ===== */ cot_auth_clear($row['user_id']); if (!empty($token) && $token == $row['user_token'] && $sys['now'] < $row['user_regdate'] + 172800) { cot_redirect(cot_url('login', 'a=check&v=' . $v . '&token=' . $token, '', true)); } else { cot_redirect(cot_url('message', 'msg=106', '', true)); } } elseif ($y == 0) { foreach ($cot_extrafields[$db_users] as $exfld) { cot_extrafield_unlinkfiles($row['user_' . $exfld['field_name']], $exfld); } $sql = $db->delete($db_users, "user_id=" . (int) $row['user_id']); $sql = $db->delete($db_groups_users, "gru_userid='" . $row['user_id'] . "'"); /* === Hook for the plugins === */ foreach (cot_getextplugins('users.register.validate.rejected') as $pl) { include $pl; }
$db->delete($db_groups_users, "gru_userid={$id} AND gru_groupid={$k}"); } } if ($ruser['user_maingrp'] == COT_GROUP_MEMBERS && $urr['user_maingrp'] == COT_GROUP_INACTIVE) { $rsubject = $L['useed_accountactivated']; $rbody = $L['Hi'] . " " . $urr['user_name'] . ",\n\n"; $rbody .= $L['useed_email']; $rbody .= $L['auth_contactadmin']; cot_mail($urr['user_email'], $rsubject, $rbody); } /* === Hook === */ foreach (cot_getextplugins('users.edit.update.done') as $pl) { include $pl; } /* ===== */ cot_auth_clear($id); cot_log("Edited user #" . $id, 'adm'); cot_message('User_data_updated'); cot_redirect(cot_url('users', "m=edit&id=" . $id, '', true)); } else { cot_redirect(cot_url('users', "m=edit&id={$id}", '', true)); } } $sql = $db->query("SELECT * FROM {$db_users} WHERE user_id={$id} LIMIT 1"); $urr = $sql->fetch(); $title_params = array('EDIT' => $L['Edit'], 'NAME' => $urr['user_name']); $out['subtitle'] = cot_title('{EDIT} - {NAME}', $title_params); $out['head'] .= $R['code_noindex']; $mskin = cot_tplfile(array('users', 'edit', $usr['maingrp']), 'module'); /* === Hook === */ foreach (cot_getextplugins('users.edit.main') as $pl) {