<?php } else { ?> <input type="submit" name="SAVE_NEW" value="<?php echo CREATE_NEW_GROUP; ?> " class="serendipityPrettyButton input_button" /> <?php } ?> </div> </form> <?php } elseif ($serendipity['GET']['adminAction'] == 'delete') { $group = serendipity_fetchGroup($serendipity['GET']['group']); ?> <form action="?serendipity[adminModule]=groups" method="post"> <div> <?php printf(DELETE_GROUP, (int) $serendipity['GET']['group'], htmlspecialchars($group['name'])); ?> <br /><br /> <?php echo serendipity_setFormToken(); ?> <input type="hidden" name="serendipity[group]" value="<?php echo htmlspecialchars($serendipity['GET']['group']); ?> " /> <input type="submit" name="DELETE_YES" value="<?php
/** * Check if a member of a group has permissions to execute a plugin * * @param string Pluginname * @param int ID of the group of which the members should be checked * @return boolean */ function serendipity_hasPluginPermissions($plugin, $groupid = null) { static $forbidden = null; global $serendipity; if (empty($serendipity['authorid'])) { return true; } if ($forbidden === null || $groupid !== null && !isset($forbidden[$groupid])) { $forbidden = array(); if ($groupid === null) { $groups = serendipity_checkPermission(null, null, 'all'); } else { $groups = array($groupid => serendipity_fetchGroup($groupid)); } foreach ($groups as $idx => $group) { if ($idx == 'membership') { continue; } foreach ($group as $key => $val) { if (substr($key, 0, 2) == 'f_') { $forbidden[$groupid][$key] = true; } } } } if (isset($forbidden[$groupid]['f_' . $plugin])) { return false; } else { return true; } }
function show() { global $serendipity; if ($this->selected()) { if (!headers_sent()) { header('HTTP/1.0 200'); header('Status: 200 OK'); } if (!is_object($serendipity['smarty'])) { serendipity_smarty_init(); } $members =& serendipity_db_query("SELECT g.name AS groupname,\n COUNT(e.id) AS posts,\n a.*\n FROM {$serendipity['dbPrefix']}authorgroups AS ag\n LEFT OUTER JOIN {$serendipity['dbPrefix']}groups AS g\n ON g.id = ag.groupid\n LEFT OUTER JOIN {$serendipity['dbPrefix']}authors AS a\n ON ag.authorid = a.authorid\n LEFT OUTER JOIN {$serendipity['dbPrefix']}entries AS e\n ON e.authorid = a.authorid\n WHERE ag.groupid = " . (int) $serendipity['GET']['groupid'] . "\n GROUP BY a.authorid", false, 'assoc'); $group = serendipity_fetchGroup((int) $serendipity['GET']['groupid']); if ('USERLEVEL_' == substr($group['name'], 0, 10)) { $group['name'] = constant($group['name']); } $_ENV['staticpage_pagetitle'] = 'userprofiles'; $serendipity['smarty']->assign(array('staticpage_pagetitle' => 'userprofiles', 'userprofile_groups' => serendipity_getAllGroups(), 'selected_group' => (int) $serendipity['GET']['groupid'], 'selected_group_data' => $group, 'selected_members' => $members)); $tfile = serendipity_getTemplateFile('plugin_groupmembers.tpl', 'serendipityPath'); if (!$tfile) { $tfile = dirname(__FILE__) . '/plugin_groupmembers.tpl'; } $inclusion = $serendipity['smarty']->security_settings[INCLUDE_ANY]; $serendipity['smarty']->security_settings[INCLUDE_ANY] = true; $content = $serendipity['smarty']->fetch('file:' . $tfile); $serendipity['smarty']->security_settings[INCLUDE_ANY] = $inclusion; echo $content; } }