$challenge = sanitize($_POST[$i . '-challengephrase']); $response = sanitize($_POST[$i . '-challengeresponse']); $info = $userobj->getChallengePhraseInfo(); if ($challenge != $info['challenge'] || $response != $info['response']) { $userobj->setChallengePhraseInfo($challenge, $response); markUpdated(); } } $lang = sanitize($_POST[$i . '-admin_language'], 3); if ($lang != $userobj->getLanguage()) { $userobj->setLanguage($lang); markUpdated(); } $rights = 0; $oldobjects = sortMultiArray($userobj->getObjects(), 'data'); $objects = sortMultiArray(processManagedObjects($i, $rights), 'data'); if (isset($_POST['delinkAlbum_' . $i])) { $delink_primealbum = $userobj->getAlbum()->name; foreach ($objects as $key => $val) { if ($val['type'] == 'album' && $val['name'] == $delink_primealbum) { unset($objects[$key]); } } $userobj->setAlbum(NULL); markUpdated(); $alter = true; } if ($alter) { $oldrights = $userobj->getRights() & ~(ALBUM_RIGHTS | ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS); $rights = processRights($i); if (($rights & ~(ALBUM_RIGHTS | ZENPAGE_PAGES_RIGHTS | ZENPAGE_NEWS_RIGHTS)) != $oldrights) {
case 'savegroups': if (isset($_POST['checkForPostTruncation'])) { for ($i = 0; $i < $_POST['totalgroups']; $i++) { $groupname = trim(sanitize($_POST[$i . '-group'])); if (!empty($groupname)) { $rights = 0; $group = Zenphoto_Authority::newAdministrator($groupname, 0); if (isset($_POST[$i . '-initgroup']) && !empty($_POST[$i . '-initgroup'])) { $initgroupname = trim(sanitize($_POST[$i . '-initgroup'], 3)); $initgroup = Zenphoto_Authority::newAdministrator($initgroupname, 0); $rights = $initgroup->getRights(); $group->setObjects(processManagedObjects($group->getID(), $rights)); $group->setRights(NO_RIGHTS | $rights); } else { $rights = processRights($i); $group->setObjects(processManagedObjects($i, $rights)); $group->setRights(NO_RIGHTS | $rights); } $group->set('other_credentials', trim(sanitize($_POST[$i . '-desc'], 3))); $group->setName(trim(sanitize($_POST[$i . '-type'], 3))); $group->setValid(0); zp_apply_filter('save_admin_custom_data', true, $group, $i, true); $group->save(); if ($group->getName() == 'group') { //have to update any users who have this group designate. $groupname = $group->getUser(); foreach ($admins as $admin) { if ($admin['valid']) { $hisgroups = explode(',', $admin['group']); if (in_array($groupname, $hisgroups)) { $user = Zenphoto_Authority::newAdministrator($admin['user'], $admin['valid']);
} } } header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . '/' . PLUGIN_FOLDER . '/user_groups/user_groups-tab.php?page=users&tab=groups&saved'); exit; } else { if ($action == 'saveauserassignments') { for ($i = 0; $i < $_POST['totalusers']; $i++) { $username = trim(sanitize($_POST[$i . '-user'], 3)); $user = $_zp_authority->getAnAdmin(array('`user`=' => $username, '`valid`>=' => 1)); $groupname = trim(sanitize($_POST[$i . '-group'], 3)); $group = $_zp_authority->newAdministrator($groupname, 0); if (empty($groupname)) { $user->setGroup(NULL); } else { $user->setObjects(processManagedObjects($group->getID(), $rights)); $user->setRights($group->getRights() | NO_RIGHTS); $user->setGroup($groupname); } $user->save(); } header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . '/' . PLUGIN_FOLDER . '/user_groups/user_groups-tab.php?page=users&tab=assignments&saved'); exit; } } } } printAdminHeader('users'); ?> <script type="text/javascript" src="<?php echo WEBPATH . '/' . ZENFOLDER;
} if (isset($_POST['delinkAlbum_' . $i])) { $userobj->setAlbum(NULL); $updated = true; } $lang = sanitize($_POST[$i . '-admin_language'], 3); if ($lang != $userobj->getLanguage()) { $userobj->setLanguage($lang); $updated = true; } $oldrights = $userobj->getRights(); $oldobjects = $userobj->getObjects(); $rights = 0; if ($alter) { $rights = processRights($i); $objects = processManagedObjects($i, $rights); if ($objects != $oldobjects) { $userobj->setObjects($objects); } if ($rights != $oldrights) { $userobj->setRights($rights | NO_RIGHTS); } } else { $oldobjects = $userobj->setObjects(NULL); // indicates no change } $updated = zp_apply_filter('save_admin_custom_data', $updated, $userobj, $i, $alter); if ($oldrights != $userobj->getRights()) { $updated = true; } $objects = $userobj->getObjects();