$qListMembers = db_query("SELECT * FROM " . $sql_prefix . "_group_members\n\t\tWHERE groupID = " . db_escape($groupID)); while ($rListMembers = db_fetch($qListMembers)) { $content .= "<tr><td>"; // Get info about this user $qUserInfo = db_query("SELECT nick FROM " . $sql_prefix . "_users\n\t\t\tWHERE ID = '{$rListMembers->userID}'"); $rUserInfo = db_fetch($qUserInfo); $content .= $rUserInfo->nick; $content .= "</td><td>"; if (acl_access("grouprights", $groupID, 1) == 'Admin' && $action != 'changeGroupRights' || acl_access("eventadmin", "", $sessioninfo->eventID) == 'Admin' && $action != 'changeGroupRights') { $content .= "<a href=\"?module=groups&action=changeGroupRights&groupID={$groupID}&userID={$rListMembers->userID}\">"; $content .= $rListMembers->access; $content .= "</a>\n"; } elseif (acl_access("grouprights", $groupID, 1) == 'Admin' && $action == 'changeGroupRights' && $_GET['userID'] == $rListMembers->userID || acl_access("eventadmin", "", $sessioninfo->eventID) == 'Admin' && $action == 'changeGroupRights' && $_GET['userID'] == $rListMembers->userID) { $content .= "<form method=POST action=?module=groups&action=doChangeGroupRights&groupID={$groupID}&userID=" . $_GET['userID'] . ">\n"; $content .= "<select name=groupRights>\n"; $content .= option_rights($rListMembers->access); $content .= "</select><input type=submit value='" . lang("Save", "group") . "'>"; $content .= "</form>"; } else { $content .= $rListMembers->access; } $content .= "</td></tr>\n\n"; } // End while $rListMembers $content .= "</table>"; // Do test of users group-rights. If admin, display add members-form if (acl_access("grouprights", $groupID, 1) == 'Admin' || acl_access("eventadmin", "", $sessioninfo->eventID) == 'Admin') { $content .= "<form method=POST action=?module=groups&action=addGroupMember&groupID={$groupID}>\n"; $content .= "<input type=text name=searchUser value='" . $searchUser . "'>"; $content .= "<input type=submit value='" . lang("Search user", "groups") . "'>"; $content .= "</form>";
if (acl_access("globaladmin", "", 0) == 'Admin') { $content .= "<tr></tr>"; for ($i = 0; $i < count($globalaccess); $i++) { $qFindAccess = db_query("SELECT * FROM " . $sql_prefix . "_ACLs WHERE eventID IN (1, {$eventID})\n\t\t\t\tAND groupID = '" . db_escape($groupID) . "' AND accessmodule = '" . $globalaccess[$i] . "'"); $rFindAccess = db_fetch($qFindAccess); $access = $rFindAccess->access; if (!isset($access)) { $access = 'No'; } $content .= "<tr><td>"; $content .= $globalaccess[$i]; $content .= "</td><td>"; if ($action == "changeGroupRights" && $globalaccess[$i] == $_GET['accessmodule']) { $content .= "<form method=\"post\" action=\"?module=eventadmin&action=doChangeRights&groupID={$groupID}&accessmodule={$globalaccess[$i]}\">"; $content .= "<select name=groupRight>"; $content .= option_rights($access); $content .= "</select>"; $content .= "<input type=submit value='" . lang("Save", "eventadmin") . "'>"; $content .= "</form>"; } else { $content .= "<a href=\"?module=eventadmin&action=changeGroupRights&groupID={$groupID}&accessmodule={$globalaccess[$i]}\">"; $content .= $access; $content .= "</a>\n"; } // End else $content .= "</td></tr>"; } // End for } // End if acl_access(globaladmin); $content .= "</table>";
} // Edit ACLs for this static page $qGetPageInfo = db_query("SELECT * FROM " . $sql_prefix . "_static WHERE ID = '" . db_escape($page) . "'"); $rGetPageInfo = db_fetch($qGetPageInfo); $content .= lang("Editing: ", "static"); $content .= $rGetPageInfo->header; $content .= "<br /><table>"; $qGetCurrentACL = db_query("SELECT a.*,g.groupname FROM " . $sql_prefix . "_ACLs a JOIN " . $sql_prefix . "_groups g ON g.ID=a.groupID\n\t\tWHERE a.eventID = '{$sessioninfo->eventID}'\n\t\tAND subcategory = '{$page}'\n\t\tAND accessmodule = 'static'"); while ($rGetCurrentACL = db_fetch($qGetCurrentACL)) { $content .= "<tr><td>"; $content .= $rGetCurrentACL->groupname; $content .= "</td><td>"; if ($action == 'changeACL' && $_GET['groupID'] == $rGetCurrentACL->groupID) { $content .= "<form method=POST action=?module=static&action=doChangeACL&groupID={$rGetCurrentACL->groupID}&page={$page}>\n"; $content .= "<select name=groupRights>\n"; $content .= option_rights($rGetCurrentACL->access); $content .= "</select><input type=submit value='" . lang("Save", "group") . "'>"; $content .= "</form>"; } else { $content .= "<a href=\"?module=static&action=changeACL&groupID={$rGetCurrentACL->groupID}&page={$page}\">"; $content .= $rGetCurrentACL->access; $content .= "</a>\n"; } // End action != 'changeACL' $content .= "</td></tr>"; } // End while $content .= "</table>"; $content .= "<form method='POST' action='?module=static&action=addNewACL&page={$page}'>\n"; // Get all global or event accessgroups $qGetGroups = db_query("SELECT * FROM " . $sql_prefix . "_groups\n\t\tWHERE grouptype = 'access'\n\t\tAND eventID IN ({$sessioninfo->eventID}, 1)");