$errors[] = lang("SQL_ERROR");
}
}
//Add access to pages
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPermission($permissionId, $add)) {
$successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Remove access to pages
if (!empty($_POST['removePage'])) {
$remove = $_POST['removePage'];
if ($deletion_count = removePage($remove, $permissionId)) {
$successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add access to pages
if (!empty($_POST['addPage'])) {
$add = $_POST['addPage'];
if ($addition_count = addPage($add, $permissionId)) {
$successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$permissionDetails = fetchPermissionDetails($permissionId);
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
} elseif ($pageDetails['private'] == 1) {
if (updatePrivate($pageId, 0)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Remove permission level(s) access to page
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePage($pageId, $remove)) {
$successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add permission level(s) access to page
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPage($pageId, $add)) {
$successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$pageDetails = fetchPageDetails($pageId);
/**
* Link/unlink the specified group with the specified page. Recommend root access only.
* @param int $page_id the id of the page
* @param int $group_id the id of the group
* @param boolean $checked 1 if private page 0 if public
* @return boolean true for success, false if failed
*/
function updatePageGroupLink($page_id, $group_id, $checked)
{
// This block automatically checks this action against the permissions database before running.
if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
addAlert("danger", "Sorry, you do not have permission to access this resource.");
return false;
}
//Check if selected page exists
if (!pageIdExists($page_id)) {
addAlert("danger", "I'm sorry, the page id you specified is invalid!");
return false;
}
//TODO: Check if selected group exists
$pageDetails = fetchPageDetails($page_id);
//Fetch information specific to page
// Determine if we're changing the 'private' status, or a specific group
if ($group_id == "private") {
// Set as private if checked=1, otherwise set as 0
updatePrivate($page_id, $checked);
return true;
} else {
// Get the current page groups
$pageGroups = fetchPageGroups($page_id);
// Add the group if checked=1 and the page doesn't already have that group assigned
if ($checked == "1") {
if (!isset($pageGroups[$group_id])) {
addPage($page_id, $group_id);
return true;
} else {
return false;
}
} else {
if (isset($pageGroups[$group_id])) {
removePage($page_id, $group_id);
return true;
} else {
return false;
}
}
}
}
public function index()
{
/*
UserCake (Via CupCake) Version: 2.0.2
http://usercake.com
*/
global $baseURL;
require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
if (!securePage($_SERVER['PHP_SELF'])) {
die;
}
$permissionId = $_GET['id'];
//Check if selected permission level exists
if (!permissionIdExists($permissionId)) {
header("Location: " . site_url('admin_permissions'));
die;
}
$permissionDetails = fetchPermissionDetails($permissionId);
//Fetch information specific to permission level
//Forms posted
if (!empty($_POST)) {
//Delete selected permission level
if (!empty($_POST['delete'])) {
$deletions = $_POST['delete'];
if ($deletion_count = deletePermission($deletions)) {
$successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
header("Location: " . site_url('admin_permissions'));
} else {
$errors[] = lang("SQL_ERROR");
}
} else {
//Update permission level name
if ($permissionDetails[0]['name'] != $_POST['name']) {
$permission = trim($_POST['name']);
//Validate new name
if (permissionNameExists($permission)) {
$errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission));
} elseif (minMaxRange(1, 50, $permission)) {
$errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50));
} else {
if (updatePermissionName($permissionId, $permission)) {
$successes[] = lang("PERMISSION_NAME_UPDATE", array($permission));
} else {
$errors[] = lang("SQL_ERROR");
}
}
}
//Remove access to pages
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePermission($permissionId, $remove)) {
$successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add access to pages
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPermission($permissionId, $add)) {
$successes[] = lang("PERMISSION_ADD_USERS", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Remove access to pages
if (!empty($_POST['removePage'])) {
$remove = $_POST['removePage'];
if ($deletion_count = removePage($remove, $permissionId)) {
$successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add access to pages
if (!empty($_POST['addPage'])) {
$add = $_POST['addPage'];
if ($addition_count = addPage($add, $permissionId)) {
$successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$permissionDetails = fetchPermissionDetails($permissionId);
}
}
$pagePermissions = fetchPermissionPages($permissionId);
//Retrieve list of accessible pages
$permissionUsers = fetchPermissionUsers($permissionId);
//Retrieve list of users with membership
$userData = fetchAllUsers();
//Fetch all users
$pageData = fetchAllPages();
//Fetch all pages
require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>";
include "{$baseURL}/application/third_party/user_cake/left-nav.php";
echo "\r\n</div>\r\n<div id='main'>";
echo resultBlock($errors, $successes);
echo "\r\n<form name='adminPermission' action='" . $_SERVER['PHP_SELF'] . "?id=" . $permissionId . "' method='post'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Permission Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $permissionDetails[0]['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n<input type='text' name='name' value='" . $permissionDetails[0]['name'] . "' />\r\n</p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $permissionDetails[0]['id'] . "]' id='delete[" . $permissionDetails[0]['id'] . "]' value='" . $permissionDetails[0]['id'] . "'>\r\n</p>\r\n</div></td><td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Members:";
//List users with permission level
foreach ($userData as $v1) {
if (isset($permissionUsers[$v1['id']])) {
echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
}
}
echo "\r\n</p><p>Add Members:";
//List users without permission level
foreach ($userData as $v1) {
if (!isset($permissionUsers[$v1['id']])) {
echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name'];
}
}
echo "\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nPublic Access:";
//List public pages
foreach ($pageData as $v1) {
if ($v1['private'] != 1) {
echo "<br>" . $v1['page'];
}
}
echo "\r\n</p>\r\n<p>\r\nRemove Access:";
//List pages accessible to permission level
foreach ($pageData as $v1) {
if (isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
echo "<br><input type='checkbox' name='removePage[" . $v1['id'] . "]' id='removePage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
}
}
echo "\r\n</p><p>Add Access:";
//List pages inaccessible to permission level
foreach ($pageData as $v1) {
if (!isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) {
echo "<br><input type='checkbox' name='addPage[" . $v1['id'] . "]' id='addPage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page'];
}
}
echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
}
while ($row = $result->fetch_assoc()) {
$array[] = $row["NAME"];
}
} else {
printf("no f*****g results!");
}
mysqli_free_result($result);
return $array;
}
$con = mysqli_connect("dbhost.cs.man.ac.uk", "mbbx9mg3", "Fincherz+2013") or die("Error " . mysqli_error($link));
mysqli_select_db($con, "mbbx9mg3");
if (isset($_POST["submit_button"])) {
$itemsList = $_POST['pages'];
$message = "";
foreach ($_POST['pages'] as $check) {
removePage($check, $con);
}
$message = "Removed Successfully!";
}
// isInserted
$array = selectPages($con);
mysqli_close($con);
?>
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
public function index()
{
/*
UserCake (Via CupCake) Version: 2.0.2
http://usercake.com
*/
global $baseURL;
require_once "{$baseURL}/application/third_party/user_cake/models/config.php";
if (!securePage($_SERVER['PHP_SELF'])) {
die;
}
$pageId = $_GET['id'];
//Check if selected pages exist
if (!pageIdExists($pageId)) {
header("Location: " . str_replace('index.php/', '', site_url('admin_pages')));
die;
}
$pageDetails = fetchPageDetails($pageId);
//Fetch information specific to page
//Forms posted
if (!empty($_POST)) {
$update = 0;
if (!empty($_POST['private'])) {
$private = $_POST['private'];
}
//Toggle private page setting
if (isset($private) and $private == 'Yes') {
if ($pageDetails['private'] == 0) {
if (updatePrivate($pageId, 1)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
} elseif ($pageDetails['private'] == 1) {
if (updatePrivate($pageId, 0)) {
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public"));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Remove permission level(s) access to page
if (!empty($_POST['removePermission'])) {
$remove = $_POST['removePermission'];
if ($deletion_count = removePage($pageId, $remove)) {
$successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
//Add permission level(s) access to page
if (!empty($_POST['addPermission'])) {
$add = $_POST['addPermission'];
if ($addition_count = addPage($pageId, $add)) {
$successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count));
} else {
$errors[] = lang("SQL_ERROR");
}
}
$pageDetails = fetchPageDetails($pageId);
}
$pagePermissions = fetchPagePermissions($pageId);
$permissionData = fetchAllPermissions();
require_once "{$baseURL}/application/third_party/user_cake/models/header.php";
echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Page</h2>\r\n<div id='left-nav'>";
include "{$baseURL}/application/third_party/user_cake/left-nav.php";
echo "\r\n</div>\r\n<div id='main'>";
echo resultBlock($errors, $successes);
echo "\r\n<form name='adminPage' action='" . $_SERVER['PHP_SELF'] . "?id=" . $pageId . "' method='post'>\r\n<input type='hidden' name='process' value='1'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Page Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $pageDetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n" . $pageDetails['page'] . "\r\n</p>\r\n<p>\r\n<label>Private:</label>";
//Display private checkbox
if ($pageDetails['private'] == 1) {
echo "<input type='checkbox' name='private' id='private' value='Yes' checked>";
} else {
echo "<input type='checkbox' name='private' id='private' value='Yes'>";
}
echo "\r\n</p>\r\n</div></td><td>\r\n<h3>Page Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Access:";
//Display list of permission levels with access
foreach ($permissionData as $v1) {
if (isset($pagePermissions[$v1['id']])) {
echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
echo "\r\n</p><p>Add Access:";
//Display list of permission levels without access
foreach ($permissionData as $v1) {
if (!isset($pagePermissions[$v1['id']])) {
echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name'];
}
}
echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>";
}
