*/ /** * Load common include file */ require_once 'admin_common.php'; require_once 'classes/MainUI.php'; require_once 'classes/User.php'; $networks = Security::getObjectsWithPermission(Permission::P('NETWORK_PERM_EDIT_ANY_USER')); $db = AbstractDb::getObject(); $smarty = SmartyWifidog::getObject(); $total = array(); $total['incoming'] = 0; $total['outgoing'] = 0; // Process user ID searchbox $errmsg = null; $user = User::processSelectUserUI("user_id_searchbox", $errmsg); if (!empty($_REQUEST['user_id']) || !empty($user)) { header("Location: " . BASE_SSL_PATH . "admin/generic_object_admin.php?object_id={$user->getId()}&object_class=User&action=edit"); exit; } else { $smarty->assign("error", null); $smarty->assign('sort_ids', array('username', 'account_origin', 'reg_date')); $smarty->assign('direction_ids', array('asc', 'desc')); $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : "username"; $direction = isset($_REQUEST['direction']) ? $_REQUEST['direction'] : "asc"; $smarty->assign("sort", $sort); $smarty->assign("direction", $direction); if (isset($_REQUEST["page"]) && is_numeric($_REQUEST["page"])) { $current_page = $_REQUEST["page"]; } else { $current_page = 1;
/** Process admin interface of this object. When an object overrides this method, they should call the parent processAdminUI at the BEGINING of processing. */ public function processAdminUI() { if ($this->DEPRECATEDisOwner(User::getCurrentUser()) || User::getCurrentUser()->DEPRECATEDisSuperAdmin()) { $db = AbstractDb::getObject(); if ($this->getObjectType() == 'Content') { $content_type = FormSelectGenerator::getResult("content_" . $this->id . "_content_type", "Content"); $this->setContentType($content_type); } else { //Content medatada if ($this->isSimpleContent() == false || $this->isPersistent()) { /* title_is_displayed */ if (!empty($this->content_row['title'])) { $name = "content_" . $this->id . "_title_is_displayed"; !empty($_REQUEST[$name]) ? $this->setTitleIsDisplayed(true) : $this->setTitleIsDisplayed(false); } /* title */ if (empty($this->content_row['title'])) { $title = self::processNewContentUI("title_{$this->id}_new"); if ($title != null) { $title_id = $title->GetId(); $db->execSqlUpdate("UPDATE content SET title = '{$title_id}' WHERE content_id = '{$this->id}'", FALSE); } } else { $title = self::getObject($this->content_row['title']); $name = "content_" . $this->id . "_title_erase"; if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) { $db->execSqlUpdate("UPDATE content SET title = NULL WHERE content_id = '{$this->id}'", FALSE); $title->delete($errmsg); } else { $title->processAdminUI(); } } } if ($this->isSimpleContent() == false) { /* description */ if (empty($this->content_row['description'])) { $description = self::processNewContentUI("description_{$this->id}_new"); if ($description != null) { $description_id = $description->GetId(); $db->execSqlUpdate("UPDATE content SET description = '{$description_id}' WHERE content_id = '{$this->id}'", FALSE); } } else { $description = self::getObject($this->content_row['description']); $name = "content_" . $this->id . "_description_erase"; if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) { $db->execSqlUpdate("UPDATE content SET description = NULL WHERE content_id = '{$this->id}'", FALSE); $description->delete($errmsg); } else { $description->processAdminUI(); } } /* long description */ if (empty($this->content_row['long_description'])) { $long_description = self::processNewContentUI("long_description_{$this->id}_new"); if ($long_description != null) { $long_description_id = $long_description->GetId(); $db->execSqlUpdate("UPDATE content SET long_description = '{$long_description_id}' WHERE content_id = '{$this->id}'", FALSE); } } else { $long_description = self::getObject($this->content_row['long_description']); $name = "content_" . $this->id . "_long_description_erase"; if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) { $db->execSqlUpdate("UPDATE content SET long_description = NULL WHERE content_id = '{$this->id}'", FALSE); $long_description->delete($errmsg); } else { $long_description->processAdminUI(); } } /* project_info */ if (empty($this->content_row['project_info'])) { $project_info = self::processNewContentUI("project_info_{$this->id}_new"); if ($project_info != null) { $project_info_id = $project_info->GetId(); $db->execSqlUpdate("UPDATE content SET project_info = '{$project_info_id}' WHERE content_id = '{$this->id}'", FALSE); } } else { $project_info = self::getObject($this->content_row['project_info']); $name = "content_" . $this->id . "_project_info_erase"; if (!empty($_REQUEST[$name]) && $_REQUEST[$name] == true) { $db->execSqlUpdate("UPDATE content SET project_info = NULL WHERE content_id = '{$this->id}'", FALSE); $project_info->delete($errmsg); } else { $project_info->processAdminUI(); } } } //End content metadata if ($this->isSimpleContent() == false || $this->isPersistent()) { /* is_persistent */ $name = "content_" . $this->id . "_is_persistent"; !empty($_REQUEST[$name]) ? $this->setIsPersistent(true) : $this->setIsPersistent(false); /* content_has_owners */ $sql = "SELECT * FROM content_has_owners WHERE content_id='{$this->id}'"; $db->execSql($sql, $content_owner_rows, false); if ($content_owner_rows != null) { foreach ($content_owner_rows as $content_owner_row) { $user = User::getObject($content_owner_row['user_id']); $user_id = $user->getId(); $name = "content_" . $this->id . "_owner_" . $user->GetId() . "_remove"; if (!empty($_REQUEST[$name])) { $this->deleteOwner($user); } else { $name = "content_" . $this->id . "_owner_" . $user->GetId() . "_is_author"; $content_owner_row['is_author'] == 't' ? $is_author = true : ($is_author = false); !empty($_REQUEST[$name]) ? $should_be_author = true : ($should_be_author = false); if ($is_author != $should_be_author) { $should_be_author ? $is_author_sql = 'TRUE' : ($is_author_sql = 'FALSE'); $sql = "UPDATE content_has_owners SET is_author={$is_author_sql} WHERE content_id='{$this->id}' AND user_id='{$user_id}'"; if (!$db->execSqlUpdate($sql, false)) { throw new Exception(_('Unable to set as author in the database.')); } } } } } $errMsg = null; $user = User::processSelectUserUI("content_{$this->id}_new_owner", $errMsg); $name = "content_{$this->id}_add_owner_submit"; if (!empty($_REQUEST[$name]) && $user != null) { $this->addOwner($user); } } } $this->refresh(); } }
/** * Process the interface to assign stakeholders to objects * @param &$errMsg An error message will be appended to this is the username is not empty, but the user doesn't exist. * * @return null * * @param $targetObject The Object on which the permssion applies (Network, Server, etc.) */ public static function processAssignStakeholdersUI($targetObject, &$errMsg) { $db = AbstractDb::getObject(); $object_id = $db->escapeString($targetObject->getId()); $object_class = get_class($targetObject); $table = strtolower($object_class) . '_stakeholders'; $user = User::processSelectUserUI($object_id . "_new_stakeholder", $errMsg); $role = Role::processSelectAvailableRoleUI($object_id . "_new_stakeholder_role"); if ($user && $role) { //The user and role exist if (Security::hasRole($role, $targetObject, $user)) { $errMsg .= sprintf(_("User %s already has role %s for this object"), $user->getUsername(), $role->getId()); } else { // the user doesn't already have that role $sql = "INSERT INTO {$table} (object_id, user_id, role_id) VALUES ('{$object_id}', '{$user->getId()}', '{$role->getId()}');"; $stakeholder_rows = null; $db->execSqlUpdate($sql, false); } } $stakeholder_rows = null; $sql = "SELECT * FROM {$table} JOIN roles USING (role_id) WHERE object_id = '{$object_id}';"; $db->execSql($sql, $stakeholder_rows, false); if ($stakeholder_rows) { foreach ($stakeholder_rows as $stakeholder_row) { $user = User::getObject($stakeholder_row['user_id']); $name = $object_id . "_stakeholder_" . $stakeholder_row['user_id'] . "_" . $stakeholder_row['role_id'] . "_remove"; if (!empty($_REQUEST[$name])) { $userIdStr = $db->escapeString($stakeholder_row['user_id']); $roleIdStr = $db->escapeString($stakeholder_row['role_id']); $sql = "DELETE FROM {$table} WHERE object_id='{$object_id}' AND user_id='{$userIdStr}' AND role_id = '{$roleIdStr}';"; $db->execSqlUpdate($sql, false); } } } return null; }