exit;
}
if ($permission["editcateg"]) {
$category = new PMF_Category($current_admin_user, $current_admin_groups, false);
$category->getMissingCategories();
$id = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT);
$header = sprintf('%s %s: <em>%s</em>', $PMF_LANG['ad_categ_trans_1'], $PMF_LANG['ad_categ_trans_2'], $category->categoryName[$id]['name']);
$selected_lang = PMF_Filter::filterInput(INPUT_POST, 'trlang', FILTER_SANITIZE_STRING, $LANGCODE);
if ($selected_lang != $LANGCODE) {
$action = "showcategory";
$showcat = "yes";
} else {
$action = "updatecategory";
$showcat = "no";
}
$user_permission = $category->getPermissions('user', array($id));
$group_permission = $category->getPermissions('group', array($id));
?>
<header>
<h2><?php
print $header;
?>
</h2>
</header>
<form action="?action=updatecategory" method="post">
<input type="hidden" name="id" value="<?php
print $id;
?>
" />
<input type="hidden" name="parent_id" value="<?php
print $category->categoryName[$id]["parent_id"];
* @copyright 2003-2014 phpMyFAQ Team
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
* @link http://www.phpmyfaq.de
* @since 2003-03-10
*/
if (!defined('IS_VALID_PHPMYFAQ')) {
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
$protocol = 'https';
}
header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
if ($user->perm->checkRight($user->getUserId(), 'editcateg')) {
$categoryId = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT, 0);
$category = new PMF_Category($faqConfig, [], false);
$category->setUser($currentAdminUser);
$category->setGroups($currentAdminGroups);
$categories = $category->getAllCategories();
$userPermission = $category->getPermissions('user', array($categoryId));
$groupPermission = $category->getPermissions('group', array($categoryId));
$templateVars = array('PMF_LANG' => $PMF_LANG, 'allGroups' => $groupPermission[0] == -1, 'allUsers' => $userPermission[0] == -1, 'categoryId' => $categoryId, 'categoryDescription' => $categories[$categoryId]['description'], 'categoryLanguage' => $categories[$categoryId]['lang'], 'categoryName' => $categories[$categoryId]['name'], 'csrfToken' => $user->getCsrfTokenFromSession(), 'parentId' => $categories[$categoryId]['parent_id'], 'renderGroupPermissions' => false, 'restrictedGroups' => $groupPermission[0] != -1, 'restrictedUsers' => $userPermission[0] != -1, 'userOptionsOwner' => $user->getAllUserOptions($categories[$categoryId]['user_id']), 'userOptionsPermissions' => $user->getAllUserOptions($userPermission[0]));
if ($faqConfig->get('security.permLevel') != 'basic') {
$templateVars['renderGroupPermissions'] = true;
$templateVars['groupOptions'] = $user->perm->getAllGroupsOptions($groupPermission);
}
$twig->loadTemplate('category/edit.twig')->display($templateVars);
unset($templateVars, $categoryId, $category, $categories, $userPermission, $groupPermission);
} else {
require 'noperm.php';
}
<form class="form-horizontal" action="?action=savecategory" method="post" accept-charset="utf-8">
<input type="hidden" id="lang" name="lang" value="<?php
echo $LANGCODE;
?>
">
<input type="hidden" name="parent_id" value="<?php
echo $parentId;
?>
">
<input type="hidden" name="csrf" value="<?php
echo $user->getCsrfTokenFromSession();
?>
">
<?php
if ($parentId > 0) {
$userAllowed = $category->getPermissions('user', array($parentId));
$groupsAllowed = $category->getPermissions('group', array($parentId));
?>
<input type="hidden" name="restricted_users" value="<?php
echo $userAllowed[0];
?>
">
<?php
foreach ($groupsAllowed as $group) {
?>
<input type="hidden" name="restricted_groups[]" value="<?php
echo $group;
?>
">
<?php
}
<form action="?action=savecategory" method="post">
<input type="hidden" id="lang" name="lang" value="<?php
print $LANGCODE;
?>
" />
<input type="hidden" name="parent_id" value="<?php
print $parent_id;
?>
" />
<input type="hidden" name="csrf" value="<?php
print $user->getCsrfTokenFromSession();
?>
" />
<?php
if ($parent_id > 0) {
$user_allowed = $category->getPermissions('user', array($parent_id));
$group_allowed = $category->getPermissions('group', array($parent_id));
?>
<input type="hidden" name="restricted_users" value="<?php
print $user_allowed[0];
?>
" />
<input type="hidden" name="restricted_groups" value="<?php
print $group_allowed[0];
?>
" />
<?php
printf("<p>%s: %s (%s)</p>", $PMF_LANG["msgMainCategory"], $category->categoryName[$parent_id]["name"], $languageCodes[PMF_String::strtoupper($category->categoryName[$parent_id]["lang"])]);
}
?>
$recordId = $faq->addRecord($newData, $isNew);
$faq->addCategoryRelations($categories, $recordId, $newData['lang']);
$openQuestionId = PMF_Filter::filterInput(INPUT_POST, 'openQuestionID', FILTER_VALIDATE_INT);
if ($openQuestionId) {
if ($faqConfig->get('records.enableDeleteQuestion')) {
$faq->deleteQuestion($openQuestionId);
} else {
// adds this faq record id to the related open question
$faq->updateQuestionAnswer($openQuestionId, $recordId, $categories[0]);
}
}
// Activate visits
$visits = new PMF_Visits($faqConfig);
$visits->add($recordId, $newData['lang']);
// Set permissions
$userPermissions = $category->getPermissions('user', $categories);
// Add user permissions
$faq->addPermission('user', $recordId, $userPermissions);
$category->addPermission('user', $categories, $userPermissions);
// Add group permission
if ($faqConfig->get('security.permLevel') !== 'basic') {
$groupPermissions = $category->getPermissions('group', $categories);
$faq->addPermission('group', $recordId, $groupPermissions);
$category->addPermission('group', $categories, $groupPermissions);
}
// Let the PMF Administrator and the Category Owner to be informed by email of this new entry
$send = array();
$mail = new PMF_Mail($faqConfig);
$mail->setReplyTo($email, $name);
$mail->addTo($faqConfig->get('main.administrationMail'));
$send[$faqConfig->get('main.administrationMail')] = 1;
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
* @link http://www.phpmyfaq.de
* @since 2012-12-26
*/
use Symfony\Component\HttpFoundation\JsonResponse;
if (!defined('IS_VALID_PHPMYFAQ')) {
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
$protocol = 'https';
}
header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$response = new JsonResponse();
$ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
switch ($ajaxAction) {
case 'getpermissions':
$category = new PMF_Category($faqConfig, [], false);
$category->setUser($currentAdminUser);
$category->setGroups($currentAdminGroups);
$ajaxData = PMF_Filter::filterInputArray(INPUT_POST, array('categories' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_REQUIRE_SCALAR)));
if (empty($ajaxData['categories'])) {
$categories = array(-1);
// Access for all users and groups
} else {
$categories = explode(',', (int) $ajaxData['categories']);
}
$response->setData(array('user' => $category->getPermissions('user', $categories), 'group' => $category->getPermissions('group', $categories)), JSON_NUMERIC_CHECK);
break;
}
$response->send();
* @package Administration
* @author Thorsten Rinne <*****@*****.**>
* @copyright 2012-2015 phpMyFAQ Team
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0
* @link http://www.phpmyfaq.de
* @since 2012-12-26
*/
if (!defined('IS_VALID_PHPMYFAQ')) {
$protocol = 'http';
if (isset($_SERVER['HTTPS']) && strtoupper($_SERVER['HTTPS']) === 'ON') {
$protocol = 'https';
}
header('Location: ' . $protocol . '://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']));
exit;
}
$ajaxAction = PMF_Filter::filterInput(INPUT_GET, 'ajaxaction', FILTER_SANITIZE_STRING);
switch ($ajaxAction) {
case 'getpermissions':
$category = new PMF_Category($faqConfig, array(), false);
$category->setUser($currentAdminUser);
$category->setGroups($currentAdminGroups);
$ajaxData = PMF_Filter::filterInputArray(INPUT_POST, array('categories' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_REQUIRE_SCALAR)));
if (empty($ajaxData['categories'])) {
$categories = array(-1);
// Access for all users and groups
} else {
$categories = explode(',', (int) $ajaxData['categories']);
}
echo json_encode(array('user' => $category->getPermissions('user', $categories), 'group' => $category->getPermissions('group', $categories)), JSON_NUMERIC_CHECK);
break;
}
