function spa_save_permissions_edit_role() { global $spGlobals; sp_build_site_auths_cache(); check_admin_referer('forum-adminform_roleedit', 'forum-adminform_roleedit'); $role_id = sp_esc_int($_POST['role_id']); $role_name = sp_filter_title_save(trim($_POST['role_name'])); $role_desc = sp_filter_title_save(trim($_POST['role_desc'])); # get old permissions to check role changes $old_roles = spa_get_role_row($role_id); $old_auths = unserialize($old_roles->role_auths); $new_auths = array(); foreach ($spGlobals['auths_map'] as $auth_name => $auth_id) { $thisperm = isset($_POST['b-' . $auth_id]) ? 1 : 0; $new_auths[$auth_id] = $thisperm; } $new_auths = maybe_serialize($new_auths); $roledata = array(); $roledata['role_name'] = $role_name; $roledata['role_desc'] = $role_desc; # force max size $roledata['role_name'] = substr($roledata['role_name'], 0, 50); $roledata['role_desc'] = substr($roledata['role_desc'], 0, 150); # save the permission set role updated information $new_auths = esc_sql($new_auths); $sql = 'UPDATE ' . SFROLES . ' SET '; $sql .= 'role_name="' . $roledata['role_name'] . '", '; $sql .= 'role_desc="' . $roledata['role_desc'] . '", '; $sql .= 'role_auths="' . $new_auths . '" '; $sql .= "WHERE role_id={$role_id}"; $success = spdb_query($sql); if ($success == false) { $mess = spa_text('Permission Set Update Failed!'); } else { $mess = spa_text('Permission Set Updated'); # reset auths and memberships for everyone sp_reset_memberships(); sp_reset_auths(); do_action('sph_perms_edit', $role_id); } return $mess; }
function spa_permissions_edit_permission_form($role_id) { global $spGlobals; ?> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#rolerow-<?php echo $role_id; ?> ').addClass('inForm'); spjAjaxForm('sfroleedit<?php echo $role_id; ?> ', 'sfreloadpb'); jQuery(function(jQuery){vtip();}) }); </script> <?php # Get correct tooltips file $lang = spa_get_language_code(); if (empty($lang)) { $lang = 'en'; } $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-' . $lang . '.php'; if (file_exists($ttpath) == false) { $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-en.php'; } if (file_exists($ttpath)) { include_once $ttpath; } $role = spa_get_role_row($role_id); spa_paint_options_init(); $ahahURL = SFHOMEURL . 'index.php?sp_ahah=permissions-loader&sfnonce=' . wp_create_nonce('forum-ahah') . '&saveform=editperm'; ?> <form action="<?php echo $ahahURL; ?> " method="post" id="sfroleedit<?php echo $role->role_id; ?> " name="sfroleedit<?php echo $role->role_id; ?> "> <?php echo sp_create_nonce('forum-adminform_roleedit'); spa_paint_open_tab(spa_text('Permissions') . ' - ' . spa_text('Manage Permissions'), true); spa_paint_open_panel(); spa_paint_open_fieldset(spa_text('Edit Permission'), 'true', 'edit-master-permission-set'); ?> <input type="hidden" name="role_id" value="<?php echo $role->role_id; ?> " /> <?php spa_paint_input(spa_text('Permission Set Name'), 'role_name', sp_filter_title_display($role->role_name), false, true); spa_paint_input(spa_text('Permission Set Description'), 'role_desc', sp_filter_title_display($role->role_desc), false, true); ?> <br /><p><strong><?php spa_etext("Permission Set Actions"); ?> :</strong></p> <?php echo '<p><img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" width="16" height="16" align="top" />'; echo '<small> ' . spa_text('Note: Action settings displaying this icon will be ignored for Guest Users') . '</small><br />'; echo '<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" width="16" height="16" align="top" />'; echo '<small> ' . spa_text('Note: Action settings displaying this icon require enabling to use') . '</small><br />'; echo '<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" width="16" height="16" align="top" />'; echo '<small> ' . spa_text('Note: Action settings displaying this icon should be used with great care') . '</small></p>'; sp_build_site_auths_cache(); $sql = 'SELECT auth_id, auth_name, auth_cat, authcat_name, warning FROM ' . SFAUTHS . ' JOIN ' . SFAUTHCATS . ' ON ' . SFAUTHS . '.auth_cat = ' . SFAUTHCATS . '.authcat_id WHERE active = 1 ORDER BY auth_cat, auth_id'; $authlist = spdb_select('set', $sql); $role_auths = maybe_unserialize($role->role_auths); $firstitem = true; $category = ''; ?> <!-- OPEN OUTER CONTAINER DIV --> <div class="outershell" style="width: 100%;"> <?php foreach ($authlist as $a) { if ($category != $a->authcat_name) { $category = $a->authcat_name; if (!$firstitem) { ?> <!-- CLOSE DOWN THE ENDS --> </table></div> <?php } ?> <!-- OPEN NEW INNER DIV --> <div class="innershell"> <!-- NEW INNER DETAIL TABLE --> <table width="100%" border="0"> <tr><td colspan="2" class="permhead"><?php spa_etext($category); ?> </td></tr> <?php $firstitem = false; } $auth_id = $a->auth_id; $auth_name = $a->auth_name; $authWarn = empty($a->warning) ? false : true; $warn = $authWarn ? ' permwarning' : ''; $tip = $authWarn ? " class='vtip permwarning' title='" . esc_js(spa_text($a->warning)) . "'" : ''; $button = 'b-' . $auth_id; $checked = ''; if (isset($role_auths[$auth_id]) && $role_auths[$auth_id]) { $checked = ' checked="checked"'; } if ($spGlobals['auths'][$auth_id]->ignored || $spGlobals['auths'][$auth_id]->enabling || $authWarn) { $span = ''; } else { $span = ' colspan="2" '; } ?> <tr<?php echo $tip; ?> > <td class="permentry<?php echo $warn; ?> "> <label for="sfR<?php echo $role->role_id . $button; ?> " class="sflabel"> <img align="top" style="float: right; border: 0pt none ; margin: -4px 5px 0px 3px; padding: 0;" class="vtip" title="<?php echo $tooltips[$auth_name]; ?> " src="<?php echo SFADMINIMAGES; ?> sp_Information.png" alt="" /> <?php spa_etext($spGlobals['auths'][$auth_id]->auth_desc); ?> </label> <input type="checkbox" name="<?php echo $button; ?> " id="sfR<?php echo $role->role_id . $button; ?> "<?php echo $checked; ?> /> <?php if ($span == '') { ?> <td align="center" class="permentry" width="32px"> <?php } if ($span == '') { if ($spGlobals['auths'][$auth_id]->enabling) { echo '<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" width="16" height="16" title="' . spa_text('Requires Enabling') . '" />'; } if ($spGlobals['auths'][$auth_id]->ignored) { echo '<img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" width="16" height="16" title="' . spa_text('Ignored for Guests') . '" />'; } if ($authWarn) { echo '<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" width="16" height="16" title="' . spa_text('Use with Caution') . '" />'; } echo '</td>'; } else { ?> </td><td class="permentry" width="32px"></td> <?php } ?> </tr> <?php } ?> <!-- END CONTAINER DIV --> </table></div><div class="clearboth"></div> </div> <?php spa_paint_close_fieldset(); spa_paint_close_panel(); do_action('sph_perm_edit_perm_panel'); spa_paint_close_container(); ?> <div class="sfform-submit-bar"> <input type="submit" class="button-primary" id="sfpermedit<?php echo $role->role_id; ?> " name="sfpermedit<?php echo $role->role_id; ?> " value="<?php spa_etext('Update Permission'); ?> " /> <input type="button" class="button-primary" onclick="javascript:jQuery('#perm-<?php echo $role->role_id; ?> ').html('');jQuery('#rolerow-<?php echo $role_id; ?> ').removeClass('inForm');" id="sfpermedit<?php echo $role->role_id; ?> " name="editpermcancel<?php echo $role->role_id; ?> " value="<?php spa_etext('Cancel'); ?> " /> </div> </form> <?php spa_paint_close_tab(); ?> <div class="sfform-panel-spacer"></div> <?php }
function spa_forums_view_forums_permission_form($forum_id) { ?> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#forumrow-<?php echo $forum_id; ?> ').addClass('inForm'); }); </script> <?php $forum = spdb_table(SFFORUMS, "forum_id={$forum_id}", 'row'); spa_paint_options_init(); spa_paint_open_tab(spa_text('Forums') . ' - ' . spa_text('Manage Groups and Forums'), true); spa_paint_open_panel(); spa_paint_open_fieldset(spa_text('View Forum Permissions'), false); $perms = sp_get_forum_permissions($forum->forum_id); if ($perms) { ?> <table class="sfmaintable" cellpadding="5" cellspacing="3"> <tr> <td align="center" colspan="3"><strong><?php echo spa_text('Current permission set for forum') . ' ' . sp_filter_title_display($forum->forum_name); ?> </strong></td> </tr> <?php foreach ($perms as $perm) { $usergroup = spa_get_usergroups_row($perm->usergroup_id); $role = spa_get_role_row($perm->permission_role); ?> <tr> <td class="sflabel"><?php echo sp_filter_title_display($usergroup->usergroup_name); ?> => <?php echo sp_filter_title_display($role->role_name); ?> </td> <td align="center"> <?php $base = SFHOMEURL . 'index.php?sp_ahah=forums-loader&sfnonce=' . wp_create_nonce('forum-ahah'); $target = "curperm-{$perm->permission_id}"; $image = SFADMINIMAGES; ?> <input type="button" class="spButton-tall" value="<?php echo sp_splice(spa_text('Edit Permission Set'), 0); ?> " onclick="spjLoadForm('editperm', '<?php echo $base; ?> ', '<?php echo $target; ?> ', '<?php echo $image; ?> ', '<?php echo $perm->permission_id; ?> ');" /> <input type="button" class="spButton-tall" value="<?php echo sp_splice(spa_text('Delete Permission Set'), 0); ?> " onclick="spjLoadForm('delperm', '<?php echo $base; ?> ', '<?php echo $target; ?> ', '<?php echo $image; ?> ', '<?php echo $perm->permission_id; ?> ');" /> </td> </tr> <tr class="sfinline-form"> <!-- This row will hold hidden forms for the current forum permission set --> <td colspan="3"> <div id="curperm-<?php echo $perm->permission_id; ?> "> </td> </tr> <?php } ?> <?php } else { ?> <table class="sfmaintable" cellpadding="5" cellspacing="3"> <tr> <td> <?php spa_etext('No permission sets for any usergroup'); ?> </td> </tr> <?php } ?> <tr> <td colspan="3" align="center"> <?php $base = SFHOMEURL . 'index.php?sp_ahah=forums-loader&sfnonce=' . wp_create_nonce('forum-ahah'); $target = "newperm-{$forum->forum_id}"; $image = SFADMINIMAGES; ?> <input type="button" class="spButton-tall" value="<?php echo sp_splice(spa_text('Add Permission'), 0); ?> " onclick="spjLoadForm('addperm', '<?php echo $base; ?> ', '<?php echo $target; ?> ', '<?php echo $image; ?> ', '<?php echo $forum->forum_id; ?> ', 'sfopen');" /> </td> </tr> <tr class="sfinline-form"> <!-- This row will hold ahah forms for adding a new forum permission set --> <td colspan="3"> <div id="newperm-<?php echo $forum->forum_id; ?> "> </div> </td> </tr> </table> <?php spa_paint_close_fieldset(); spa_paint_close_panel(); spa_paint_close_container(); ?> <form> <div class="sfform-submit-bar"> <input type="button" class="button-primary" onclick="javascript:jQuery('#forum-<?php echo $forum->forum_id; ?> ').html('');jQuery('#forumrow-<?php echo $forum_id; ?> ').removeClass('inForm');" id="sfgroupdel<?php echo $forum->forum_id; ?> " name="forumcancel<?php echo $forum->forum_id; ?> " value="<?php spa_etext('Cancel'); ?> " /> </div> </form> <?php spa_paint_close_tab(); ?> <div class="sfform-panel-spacer"></div> <?php }
function spa_permissions_delete_permission_form($role_id) { ?> <script type="text/javascript"> jQuery(document).ready(function() { jQuery('#rolerow-<?php echo $role_id; ?> ').addClass('inForm'); spjAjaxForm('sfroledel<?php echo $role_id; ?> ', 'sfreloadpb'); }); </script> <?php $role = spa_get_role_row($role_id); spa_paint_options_init(); $ahahURL = SFHOMEURL . 'index.php?sp_ahah=permissions-loader&sfnonce=' . wp_create_nonce('forum-ahah') . '&saveform=delperm'; ?> <form action="<?php echo $ahahURL; ?> " method="post" id="sfroledel<?php echo $role->role_id; ?> " name="sfroledel<?php echo $role->role_id; ?> "> <?php echo sp_create_nonce('forum-adminform_roledelete'); spa_paint_open_tab(spa_text('Permissions') . " - " . spa_text('Manage Permissions'), true); spa_paint_open_panel(); spa_paint_open_fieldset(spa_text('Delete Permission'), 'true', 'delete-master-permission-set'); ?> <input type="hidden" name="role_id" value="<?php echo $role->role_id; ?> " /> <?php echo '<p>'; spa_etext("Warning! You are about to delete a Permission!"); echo '</p>'; echo '<p>'; spa_etext("This will remove the Permission and also remove it from ALL Forums that used this Permission."); echo '</p>'; echo '<p>'; echo sprintf(spa_text('Please note that this action %s can NOT be reversed %s'), '<strong>', '</strong>'); echo '</p>'; echo '<p>'; spa_etext('Click on the Delete Permission button below to proceed.'); echo '</p>'; spa_paint_close_fieldset(); spa_paint_close_panel(); do_action('sph_perm_delete_perm_panel'); spa_paint_close_container(); ?> <div class="sfform-submit-bar"> <input type="submit" class="button-primary" id="sfpermedit<?php echo $role->role_id; ?> " name="sfpermdel<?php echo $role->role_id; ?> " value="<?php spa_etext('Delete Permission'); ?> " /> <input type="button" class="button-primary" onclick="javascript:jQuery('#perm-<?php echo $role->role_id; ?> ').html('');jQuery('#rolerow-<?php echo $role_id; ?> ').removeClass('inForm');" id="sfpermdel<?php echo $role->role_id; ?> " name="delpermcancel<?php echo $role->role_id; ?> " value="<?php spa_etext('Cancel'); ?> " /> </div> </form> <?php spa_paint_close_tab(); ?> <div class="sfform-panel-spacer"></div> <?php }