exit; } if ($permission["editcateg"]) { $category = new PMF_Category($current_admin_user, $current_admin_groups, false); $category->getMissingCategories(); $id = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT); $header = sprintf('%s %s: <em>%s</em>', $PMF_LANG['ad_categ_trans_1'], $PMF_LANG['ad_categ_trans_2'], $category->categoryName[$id]['name']); $selected_lang = PMF_Filter::filterInput(INPUT_POST, 'trlang', FILTER_SANITIZE_STRING, $LANGCODE); if ($selected_lang != $LANGCODE) { $action = "showcategory"; $showcat = "yes"; } else { $action = "updatecategory"; $showcat = "no"; } $user_permission = $category->getPermissions('user', array($id)); $group_permission = $category->getPermissions('group', array($id)); ?> <header> <h2><?php print $header; ?> </h2> </header> <form action="?action=updatecategory" method="post"> <input type="hidden" name="id" value="<?php print $id; ?> " /> <input type="hidden" name="parent_id" value="<?php print $category->categoryName[$id]["parent_id"];
* @copyright 2003-2014 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2003-03-10 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } if ($user->perm->checkRight($user->getUserId(), 'editcateg')) { $categoryId = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT, 0); $category = new PMF_Category($faqConfig, [], false); $category->setUser($currentAdminUser); $category->setGroups($currentAdminGroups); $categories = $category->getAllCategories(); $userPermission = $category->getPermissions('user', array($categoryId)); $groupPermission = $category->getPermissions('group', array($categoryId)); $templateVars = array('PMF_LANG' => $PMF_LANG, 'allGroups' => $groupPermission[0] == -1, 'allUsers' => $userPermission[0] == -1, 'categoryId' => $categoryId, 'categoryDescription' => $categories[$categoryId]['description'], 'categoryLanguage' => $categories[$categoryId]['lang'], 'categoryName' => $categories[$categoryId]['name'], 'csrfToken' => $user->getCsrfTokenFromSession(), 'parentId' => $categories[$categoryId]['parent_id'], 'renderGroupPermissions' => false, 'restrictedGroups' => $groupPermission[0] != -1, 'restrictedUsers' => $userPermission[0] != -1, 'userOptionsOwner' => $user->getAllUserOptions($categories[$categoryId]['user_id']), 'userOptionsPermissions' => $user->getAllUserOptions($userPermission[0])); if ($faqConfig->get('security.permLevel') != 'basic') { $templateVars['renderGroupPermissions'] = true; $templateVars['groupOptions'] = $user->perm->getAllGroupsOptions($groupPermission); } $twig->loadTemplate('category/edit.twig')->display($templateVars); unset($templateVars, $categoryId, $category, $categories, $userPermission, $groupPermission); } else { require 'noperm.php'; }
<form class="form-horizontal" action="?action=savecategory" method="post" accept-charset="utf-8"> <input type="hidden" id="lang" name="lang" value="<?php echo $LANGCODE; ?> "> <input type="hidden" name="parent_id" value="<?php echo $parentId; ?> "> <input type="hidden" name="csrf" value="<?php echo $user->getCsrfTokenFromSession(); ?> "> <?php if ($parentId > 0) { $userAllowed = $category->getPermissions('user', array($parentId)); $groupsAllowed = $category->getPermissions('group', array($parentId)); ?> <input type="hidden" name="restricted_users" value="<?php echo $userAllowed[0]; ?> "> <?php foreach ($groupsAllowed as $group) { ?> <input type="hidden" name="restricted_groups[]" value="<?php echo $group; ?> "> <?php }
<form action="?action=savecategory" method="post"> <input type="hidden" id="lang" name="lang" value="<?php print $LANGCODE; ?> " /> <input type="hidden" name="parent_id" value="<?php print $parent_id; ?> " /> <input type="hidden" name="csrf" value="<?php print $user->getCsrfTokenFromSession(); ?> " /> <?php if ($parent_id > 0) { $user_allowed = $category->getPermissions('user', array($parent_id)); $group_allowed = $category->getPermissions('group', array($parent_id)); ?> <input type="hidden" name="restricted_users" value="<?php print $user_allowed[0]; ?> " /> <input type="hidden" name="restricted_groups" value="<?php print $group_allowed[0]; ?> " /> <?php printf("<p>%s: %s (%s)</p>", $PMF_LANG["msgMainCategory"], $category->categoryName[$parent_id]["name"], $languageCodes[PMF_String::strtoupper($category->categoryName[$parent_id]["lang"])]); } ?>
$recordId = $faq->addRecord($newData, $isNew); $faq->addCategoryRelations($categories, $recordId, $newData['lang']); $openQuestionId = PMF_Filter::filterInput(INPUT_POST, 'openQuestionID', FILTER_VALIDATE_INT); if ($openQuestionId) { if ($faqConfig->get('records.enableDeleteQuestion')) { $faq->deleteQuestion($openQuestionId); } else { // adds this faq record id to the related open question $faq->updateQuestionAnswer($openQuestionId, $recordId, $categories[0]); } } // Activate visits $visits = new PMF_Visits($faqConfig); $visits->add($recordId, $newData['lang']); // Set permissions $userPermissions = $category->getPermissions('user', $categories); // Add user permissions $faq->addPermission('user', $recordId, $userPermissions); $category->addPermission('user', $categories, $userPermissions); // Add group permission if ($faqConfig->get('security.permLevel') !== 'basic') { $groupPermissions = $category->getPermissions('group', $categories); $faq->addPermission('group', $recordId, $groupPermissions); $category->addPermission('group', $categories, $groupPermissions); } // Let the PMF Administrator and the Category Owner to be informed by email of this new entry $send = array(); $mail = new PMF_Mail($faqConfig); $mail->setReplyTo($email, $name); $mail->addTo($faqConfig->get('main.administrationMail')); $send[$faqConfig->get('main.administrationMail')] = 1;
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2012-12-26 */ use Symfony\Component\HttpFoundation\JsonResponse; if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $response = new JsonResponse(); $ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); switch ($ajaxAction) { case 'getpermissions': $category = new PMF_Category($faqConfig, [], false); $category->setUser($currentAdminUser); $category->setGroups($currentAdminGroups); $ajaxData = PMF_Filter::filterInputArray(INPUT_POST, array('categories' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_REQUIRE_SCALAR))); if (empty($ajaxData['categories'])) { $categories = array(-1); // Access for all users and groups } else { $categories = explode(',', (int) $ajaxData['categories']); } $response->setData(array('user' => $category->getPermissions('user', $categories), 'group' => $category->getPermissions('group', $categories)), JSON_NUMERIC_CHECK); break; } $response->send();
* @package Administration * @author Thorsten Rinne <*****@*****.**> * @copyright 2012-2015 phpMyFAQ Team * @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 * @link http://www.phpmyfaq.de * @since 2012-12-26 */ if (!defined('IS_VALID_PHPMYFAQ')) { $protocol = 'http'; if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') { $protocol = 'https'; } header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING); switch ($ajaxAction) { case 'getpermissions': $category = new PMF_Category($faqConfig, array(), false); $category->setUser($currentAdminUser); $category->setGroups($currentAdminGroups); $ajaxData = PMF_Filter::filterInputArray(INPUT_POST, array('categories' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_REQUIRE_SCALAR))); if (empty($ajaxData['categories'])) { $categories = array(-1); // Access for all users and groups } else { $categories = explode(',', (int) $ajaxData['categories']); } echo json_encode(array('user' => $category->getPermissions('user', $categories), 'group' => $category->getPermissions('group', $categories)), JSON_NUMERIC_CHECK); break; }