static function renderUpdateFormBackend(SiteUser $user = null, $action = '')
{
// set default action value
if ($action != '') {
$action = uri($action);
}
// get vars from form submission
$username = isset($_POST['username']) ? strip_tags($_POST['username']) : (isset($user) ? $user->getUsername() : '');
$email = isset($_POST['email']) ? strip_tags($_POST['email']) : (isset($user) ? $user->getEmail() : '');
$password = '';
$password_confirm = '';
$active = isset($_POST['active']) ? strip_tags($_POST['active']) : (isset($user) ? $user->getActive() : false);
$mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>';
$roles_form_markup = '<div id="form-field-roles"><label>Roles</label><ul class="checkbox">';
foreach (SiteRole::findAll() as $role) {
$roles_form_markup .= '<li><label><input type="checkbox" name="roles[' . $role->getid() . ']" value=1 ' . (isset($_POST['roles']) ? isset($_POST['roles'][$role->getId()]) ? 'checked="checked"' : '' : ($user && $user->hasRole($role->getName()) ? 'checked="checked"' : '')) . ' />' . $role->getName() . '</label></li>';
}
$roles_form_markup .= '</ul></div>';
$rtn = '
<form action="' . $action . '" method="POST" id="adduser" enctype="multipart/form-data">
<div class="form-group" id="form-field-username">
<label for="username">' . i18n(array('en' => 'Username', 'zh' => '用户名')) . $mandatory_label . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'alphabetical letters, number or underscore', 'zh' => '英文字母,数字或下划线')) . ')</i></small></label>
<input type="text" class="form-control" id="username" name="username" value="' . $username . '" required placeholder="" />
</div>
<div class="form-group" id="form-field-email" >
<label for="email">' . i18n(array('en' => 'Email', 'zh' => '电子邮箱')) . $mandatory_label . '</label>
<input type="email" class="form-control" id="email" name="email" value="' . $email . '" required />
</div>
<div class="form-group" id="form-field-password">
<label for="password">' . i18n(array('en' => 'Password', 'zh' => '密码')) . $mandatory_label . ' <small style="font-weight: normal;"><i>(' . i18n(array('en' => 'at least 6 letters', 'zh' => '至少6位')) . ')</i></small></label>
<input type="password" class="form-control" id="password" name="password" value="' . $password . '" required />
</div>
<div class="form-group" id="form-field-password_confirm">
<label for="password_confirm">' . i18n(array('en' => 'Password again', 'zh' => '再次确认密码')) . $mandatory_label . '</label>
<input type="password" class="form-control" id="password_confirm" name="password_confirm" value="' . $password_confirm . '" required />
</div>
' . (class_exists('SiteProfile') ? SiteProfile::renderUpdateForm($user) : '') . '
<div class="checkbox" id="form-field-active">
<label>
<input type="checkbox" id="active" name="active" value="1" ' . ($active == false ? '' : 'checked="checked"') . '> ' . i18n(array('en' => 'Active?', 'zh' => '有效用户')) . '
</label>
</div>
<input type="hidden" value=1 name="noemailnotification" />
' . (is_backend() ? $roles_form_markup : '') . '
<div class="form-group" id="form-field-notice"><small><i>
' . $mandatory_label . i18n(array('en' => ' indicates mandatory fields', 'zh' => ' 标记为必填项')) . '
</i></small></div>
<button type="submit" name="submit" class="btn btn-primary">' . (is_null($user) ? i18n(array('en' => 'Add new user', 'zh' => '添加新用户')) : i18n(array('en' => 'Update user', 'zh' => '更新用户'))) . '</button>
</form>
';
return $rtn;
}
static function renderCreateFormFrontend(MySiteUser $user = null, $action = '')
{
// set default action value
if ($action != '') {
$action = uri($action);
}
// get vars from form submission
$username = isset($_POST['username']) ? strip_tags($_POST['username']) : (isset($user) ? $user->getUsername() : '');
$email = isset($_POST['email']) ? strip_tags($_POST['email']) : (isset($user) ? $user->getEmail() : '');
$password = '';
$password_confirm = '';
if ($user && $user->getId() == MySiteUser::getCurrentUser()->getId()) {
// when updating self profile, we don't include 'active'
$active_field = '';
} else {
$active = isset($_POST['active']) ? strip_tags($_POST['active']) : (isset($user) ? $user->getActive() . "" : false);
$active_field = '
<div class="form-group" id="form-field-active">
<label class="col-sm-2 control-label" for="active">' . i18n(array('en' => 'Active', 'zh' => '是否在职')) . '</label>
<div class="col-sm-10">
<select class="form-control" name="active" id="active">
<option value="1" ' . ($active && $active == "1" ? 'selected=selected' : '') . '>在职</option>
<option value="0" ' . ($active && $active == "0" ? 'selected=selected' : '') . '>离职</option>
</select>
</div>
</div>
<div class="hr-line-dashed"></div>';
}
$mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>';
$roles_form_markup = '<div id="form-field-roles"><label class="col-sm-2 control-label">Roles</label><div class="col-sm-10"><ul class="checkbox">';
foreach (SiteRole::findAll() as $role) {
$roles_form_markup .= '<li><label><input type="checkbox" name="roles[' . $role->getid() . ']" value=1 ' . (isset($_POST['roles']) ? isset($_POST['roles'][$role->getId()]) ? 'checked="checked"' : '' : ($user && $user->hasRole($role->getName()) ? 'checked="checked"' : '')) . ' />' . $role->getName() . '</label></li>';
}
$roles_form_markup .= '</ul></div></div>';
$rtn = '
<form class="form-horizontal" action="' . $action . '" method="POST" enctype="multipart/form-data">
<div class="form-group" id="form-field-email" >
<label class="col-sm-2 control-label" for="email">' . i18n(array('en' => 'Email', 'zh' => '电子邮箱')) . $mandatory_label . '</label>
<div class="col-sm-10">
<input type="email" class="form-control" id="email" name="email" value="' . $email . '" required />
</div>
</div>
<div class="hr-line-dashed"></div>
<div class="form-group" id="form-field-password">
<label class="col-sm-2 control-label" for="password">' . i18n(array('en' => 'Password', 'zh' => '密码')) . $mandatory_label . ' </label>
<div class="col-sm-10">
<input type="password" class="form-control" id="password" name="password" value="' . $password . '" required />
<span class="help-block m-b-none"><small>(' . i18n(array('en' => 'at least 6 letters', 'zh' => '至少6位')) . ')</small></span>
</div>
</div>
<div class="form-group" id="form-field-password_confirm">
<label class="col-sm-2 control-label" for="password_confirm">' . i18n(array('en' => 'Password again', 'zh' => '再次确认密码')) . $mandatory_label . '</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="password_confirm" name="password_confirm" value="' . $password_confirm . '" required />
</div>
</div>
<div class="hr-line-dashed"></div>
' . (class_exists('SiteProfile') ? SiteProfile::renderUpdateForm($user) : '') . '
<div class="hr-line-dashed"></div>
' . $active_field . '
<input type="hidden" value=1 name="noemailnotification" />
' . (is_backend() ? $roles_form_markup : '') . '
<div class="form-group" id="form-field-notice">
<div class="col-sm-10 col-sm-push-2">
<small><i>
' . $mandatory_label . i18n(array('en' => ' indicates mandatory fields', 'zh' => ' 标记为必填项')) . '
</i></small>
</div>
</div>
<div class="col-sm-10 col-sm-push-2">
<button type="submit" name="submit" class="btn btn-primary">' . (is_null($user) ? i18n(array('en' => 'Add new user', 'zh' => '添加新用户')) : i18n(array('en' => 'Update user', 'zh' => '更新用户'))) . '</button>
</div>
</form>
';
return $rtn;
}
<?php
// handle submission
if (isset($_POST['submit'])) {
SitePermissionRole::truncate();
foreach ($_POST as $key => $val) {
if (strstr($key, 'role_')) {
$tokens = explode('_', $key);
$role_id = (int) $tokens[1];
foreach ($val as $permission_id => $v) {
$spr = new SitePermissionRole();
$spr->setRoleId($role_id);
$spr->setPermissionId($permission_id);
$spr->save();
}
}
}
Message::register(new Message(Message::SUCCESS, 'Permissions updated successfully!'));
HTML::forwardBackToReferer();
}
$html = new HTML();
$html->renderOut('core/backend/html_header', array('title' => i18n(array('en' => 'Manage permission', 'zh' => '管理权限'))), true);
$html->output('<div id="wrapper">');
$html->renderOut('core/backend/header');
$html->renderOut('siteuser/backend/permission/manage', array('permissions' => SitePermission::findAll(), 'roles' => SiteRole::findAll()), true);
$html->output('</div>');
$html->renderOut('core/backend/html_footer');
exit;
require_permission('管理用户权限');
/** prepare vars **/
$myuser = MySiteUser::getCurrentUser();
/** handle submission **/
if (isset($_POST['submit'])) {
SitePermissionRole::truncate();
foreach ($_POST as $key => $val) {
if (strstr($key, 'role_')) {
$tokens = explode('_', $key);
$role_id = (int) $tokens[1];
foreach ($val as $permission_id => $v) {
$spr = new SitePermissionRole();
$spr->setRoleId($role_id);
$spr->setPermissionId($permission_id);
$spr->save();
}
}
}
Message::register(new Message(Message::SUCCESS, '用户权限更新成功!'));
HTML::forwardBackToReferer();
}
/** presentation **/
$html = new HTML();
$html->renderOut('site/components/html_header', array('title' => '管理用户权限', 'body_class' => 'permission'));
$html->renderOut('site/components/mainnav', array('user' => $myuser));
$html->output('<div id="page-wrapper" class="gray-bg">');
$html->renderOut('site/components/topnav', array('user' => $myuser));
$html->renderOut('site/components/page_header', array('title' => '管理用户权限', 'breadcrumb' => array('首页' => uri(''), '客户管理' => '#', '管理用户权限' => '#')));
$html->renderOut('site/siteuser_permission', array('permissions' => SitePermission::findAll(), 'roles' => SiteRole::findAll()));
$html->output('</div>');
$html->renderOut('site/components/html_footer');