예제 #1
0
function sp_initialize_globals()
{
    global $spBootCache, $spStatus, $spGlobals;
    if ($spBootCache['site_auths'] && $spBootCache['ranks'] && $spBootCache['globals']) {
        return;
    }
    if ($spStatus == 'ok') {
        sp_setup_globals();
        $spGlobals['forum-admins'] = sp_get_admins();
        sp_build_site_auths_cache();
        do_action('sph_globals_initialized');
    }
}
function spa_save_permissions_edit_role()
{
    global $spGlobals;
    sp_build_site_auths_cache();
    check_admin_referer('forum-adminform_roleedit', 'forum-adminform_roleedit');
    $role_id = sp_esc_int($_POST['role_id']);
    $role_name = sp_filter_title_save(trim($_POST['role_name']));
    $role_desc = sp_filter_title_save(trim($_POST['role_desc']));
    # get old permissions to check role changes
    $old_roles = spa_get_role_row($role_id);
    $old_auths = unserialize($old_roles->role_auths);
    $new_auths = array();
    foreach ($spGlobals['auths_map'] as $auth_name => $auth_id) {
        $thisperm = isset($_POST['b-' . $auth_id]) ? 1 : 0;
        $new_auths[$auth_id] = $thisperm;
    }
    $new_auths = maybe_serialize($new_auths);
    $roledata = array();
    $roledata['role_name'] = $role_name;
    $roledata['role_desc'] = $role_desc;
    # force max size
    $roledata['role_name'] = substr($roledata['role_name'], 0, 50);
    $roledata['role_desc'] = substr($roledata['role_desc'], 0, 150);
    # save the permission set role updated information
    $new_auths = esc_sql($new_auths);
    $sql = 'UPDATE ' . SFROLES . ' SET ';
    $sql .= 'role_name="' . $roledata['role_name'] . '", ';
    $sql .= 'role_desc="' . $roledata['role_desc'] . '", ';
    $sql .= 'role_auths="' . $new_auths . '" ';
    $sql .= "WHERE role_id={$role_id}";
    $success = spdb_query($sql);
    if ($success == false) {
        $mess = spa_text('Permission Set Update Failed!');
    } else {
        $mess = spa_text('Permission Set Updated');
        # reset auths and memberships for everyone
        sp_reset_memberships();
        sp_reset_auths();
        do_action('sph_perms_edit', $role_id);
    }
    return $mess;
}
function spa_permissions_add_permission_form()
{
    ?>
<script type="text/javascript">
    jQuery(document).ready(function() {
    	spjAjaxForm('sfrolenew', 'sfreloadpb');
    });
</script>
<?php 
    # Get correct tooltips file
    $lang = spa_get_language_code();
    if (empty($lang)) {
        $lang = 'en';
    }
    $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-' . $lang . '.php';
    if (file_exists($ttpath) == false) {
        $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-en.php';
    }
    if (file_exists($ttpath)) {
        include_once $ttpath;
    }
    global $spGlobals;
    spa_paint_options_init();
    $ahahURL = SFHOMEURL . 'index.php?sp_ahah=permissions-loader&amp;sfnonce=' . wp_create_nonce('forum-ahah') . '&amp;saveform=addperm';
    ?>
	<form action="<?php 
    echo $ahahURL;
    ?>
" method="post" id="sfrolenew" name="sfrolenew">
<?php 
    echo sp_create_nonce('forum-adminform_rolenew');
    spa_paint_open_tab(spa_text('Permissions') . " - " . spa_text('Add New Permission'), true);
    spa_paint_open_panel();
    spa_paint_open_fieldset(spa_text('Add New Permission'), 'true', 'create-new-permission-set');
    spa_paint_input(spa_text('Permission Set Name'), "role_name", '', false, true);
    spa_paint_input(spa_text('Permission Set Description'), "role_desc", '', false, true);
    spa_paint_select_start(spa_text('Clone Existing Permission Set'), 'role', 'role');
    spa_display_permission_select('', false);
    spa_paint_select_end('<small>(' . spa_text('Select an existing Permission Set to Clone.  Any settings below will be ignored.') . ')</small>');
    ?>
					<br /><p><strong><?php 
    spa_etext('Permission Set Actions');
    ?>
:</strong></p>
<?php 
    echo '<p><img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" style="width:16px;height:16px;vertical-align:top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon will be ignored for Guest Users') . '</small>';
    echo '&nbsp;&nbsp;&nbsp;<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" style="width:16px;height:16px;vertical-align:top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon require enabling to use') . '</small>';
    echo '&nbsp;&nbsp;&nbsp;<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" style="width:16px;height:16px;vertical-align:top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon should be used with great care') . '</small></p>';
    sp_build_site_auths_cache();
    $sql = 'SELECT auth_id, auth_name, auth_cat, authcat_name, warning FROM ' . SFAUTHS . '
							JOIN ' . SFAUTHCATS . ' ON ' . SFAUTHS . '.auth_cat = ' . SFAUTHCATS . '.authcat_id
							WHERE active = 1
							ORDER BY auth_cat, auth_id';
    $authlist = spdb_select('set', $sql);
    $firstitem = true;
    $category = '';
    ?>
					<!-- OPEN OUTER CONTAINER DIV -->
					<div class="outershell" style="width: 100%;">
<?php 
    foreach ($authlist as $a) {
        if ($category != $a->authcat_name) {
            $category = $a->authcat_name;
            if (!$firstitem) {
                ?>
								<!-- CLOSE DOWN THE ENDS -->
								</table></div>
<?php 
            }
            ?>
							<!-- OPEN NEW INNER DIV -->
							<div class="innershell">
							<!-- NEW INNER DETAIL TABLE -->
							<table style="width:100%;border:0">
							<tr><td colspan="2" class="permhead"><?php 
            spa_etext($category);
            ?>
</td></tr>
<?php 
            $firstitem = false;
        }
        $auth_id = $a->auth_id;
        $auth_name = $a->auth_name;
        $authWarn = empty($a->warning) ? false : true;
        $warn = $authWarn ? " permwarning" : '';
        $tip = $authWarn ? " class='permwarning' title='" . esc_js(spa_text($a->warning)) . "'" : '';
        $button = 'b-' . $auth_id;
        if ($spGlobals['auths'][$auth_id]->ignored || $spGlobals['auths'][$auth_id]->enabling || $authWarn) {
            $span = '';
        } else {
            $span = ' colspan="2" ';
        }
        ?>
							<tr<?php 
        echo $tip;
        ?>
>
								<td class="permentry<?php 
        echo $warn;
        ?>
">

								<input type="checkbox" name="<?php 
        echo $button;
        ?>
" id="sf<?php 
        echo $button;
        ?>
"  />
								<label for="sf<?php 
        echo $button;
        ?>
" class="sflabel">
								<img style="text-align:top;float: right; border: 0pt none ; margin: -4px 5px 0px 3px; padding: 0;" class="" title="<?php 
        echo $tooltips[$auth_name];
        ?>
" src="<?php 
        echo SFADMINIMAGES;
        ?>
sp_Information.png" alt="" />
								<?php 
        spa_etext($spGlobals['auths'][$auth_id]->auth_desc);
        ?>
</label>
								<?php 
        if ($span == '') {
            ?>
									<td style="text-align:center;width:32px" class="permentry">
<?php 
        }
        if ($span == '') {
            if ($spGlobals['auths'][$auth_id]->enabling) {
                echo '<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" style="width:16px;height:16px" title="' . spa_text('Requires Enabling') . '" />';
            }
            if ($spGlobals['auths'][$auth_id]->ignored) {
                echo '<img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" style="width:16px;height:16px" title="' . spa_text('Ignored for Guests') . '" />';
            }
            if ($authWarn) {
                echo '<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" style="width:16px;height:16px" title="' . spa_text('Use with Caution') . '" />';
            }
            echo '</td>';
        } else {
            ?>
								    </td><td class="permentry" style="width:32px"></td>
                                <?php 
        }
        ?>
							</tr>
                        <?php 
    }
    ?>
					<!-- END CONTAINER DIV -->
					</table></div><div class="clearboth"></div>
					</div>
<?php 
    spa_paint_close_fieldset();
    spa_paint_close_panel();
    do_action('sph_perm_add_perm_panel');
    spa_paint_close_container();
    ?>
	<div class="sfform-submit-bar">
	<input type="submit" class="button-primary" id="saveit" name="saveit" value="<?php 
    spa_etext('Create New Permission');
    ?>
" />
	</div>
	<?php 
    spa_paint_close_tab();
    ?>
	</form>
	<div class="sfform-panel-spacer"></div>
<?php 
}
function spa_permissions_edit_permission_form($role_id)
{
    global $spGlobals;
    ?>
<script type="text/javascript">
    jQuery(document).ready(function() {
    	jQuery('#rolerow-<?php 
    echo $role_id;
    ?>
').addClass('inForm');
    	spjAjaxForm('sfroleedit<?php 
    echo $role_id;
    ?>
', 'sfreloadpb');
    	jQuery(function(jQuery){vtip();})
    });
</script>
<?php 
    # Get correct tooltips file
    $lang = spa_get_language_code();
    if (empty($lang)) {
        $lang = 'en';
    }
    $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-' . $lang . '.php';
    if (file_exists($ttpath) == false) {
        $ttpath = SPHELP . 'admin/tooltips/admin-permissions-tips-en.php';
    }
    if (file_exists($ttpath)) {
        include_once $ttpath;
    }
    $role = spa_get_role_row($role_id);
    spa_paint_options_init();
    $ahahURL = SFHOMEURL . 'index.php?sp_ahah=permissions-loader&amp;sfnonce=' . wp_create_nonce('forum-ahah') . '&amp;saveform=editperm';
    ?>
	<form action="<?php 
    echo $ahahURL;
    ?>
" method="post" id="sfroleedit<?php 
    echo $role->role_id;
    ?>
" name="sfroleedit<?php 
    echo $role->role_id;
    ?>
">
<?php 
    echo sp_create_nonce('forum-adminform_roleedit');
    spa_paint_open_tab(spa_text('Permissions') . ' - ' . spa_text('Manage Permissions'), true);
    spa_paint_open_panel();
    spa_paint_open_fieldset(spa_text('Edit Permission'), 'true', 'edit-master-permission-set');
    ?>
					<input type="hidden" name="role_id" value="<?php 
    echo $role->role_id;
    ?>
" />
<?php 
    spa_paint_input(spa_text('Permission Set Name'), 'role_name', sp_filter_title_display($role->role_name), false, true);
    spa_paint_input(spa_text('Permission Set Description'), 'role_desc', sp_filter_title_display($role->role_desc), false, true);
    ?>
					<br /><p><strong><?php 
    spa_etext("Permission Set Actions");
    ?>
:</strong></p>
<?php 
    echo '<p><img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" width="16" height="16" align="top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon will be ignored for Guest Users') . '</small><br />';
    echo '<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" width="16" height="16" align="top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon require enabling to use') . '</small><br />';
    echo '<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" width="16" height="16" align="top" />';
    echo '<small>&nbsp;' . spa_text('Note: Action settings displaying this icon should be used with great care') . '</small></p>';
    sp_build_site_auths_cache();
    $sql = 'SELECT auth_id, auth_name, auth_cat, authcat_name, warning FROM ' . SFAUTHS . '
							JOIN ' . SFAUTHCATS . ' ON ' . SFAUTHS . '.auth_cat = ' . SFAUTHCATS . '.authcat_id
							WHERE active = 1
							ORDER BY auth_cat, auth_id';
    $authlist = spdb_select('set', $sql);
    $role_auths = maybe_unserialize($role->role_auths);
    $firstitem = true;
    $category = '';
    ?>
       				<!-- OPEN OUTER CONTAINER DIV -->
					<div class="outershell" style="width: 100%;">
<?php 
    foreach ($authlist as $a) {
        if ($category != $a->authcat_name) {
            $category = $a->authcat_name;
            if (!$firstitem) {
                ?>
								<!-- CLOSE DOWN THE ENDS -->
								</table></div>
<?php 
            }
            ?>
							<!-- OPEN NEW INNER DIV -->
							<div class="innershell">
							<!-- NEW INNER DETAIL TABLE -->
							<table width="100%" border="0">
							<tr><td colspan="2" class="permhead"><?php 
            spa_etext($category);
            ?>
</td></tr>
<?php 
            $firstitem = false;
        }
        $auth_id = $a->auth_id;
        $auth_name = $a->auth_name;
        $authWarn = empty($a->warning) ? false : true;
        $warn = $authWarn ? ' permwarning' : '';
        $tip = $authWarn ? " class='vtip permwarning' title='" . esc_js(spa_text($a->warning)) . "'" : '';
        $button = 'b-' . $auth_id;
        $checked = '';
        if (isset($role_auths[$auth_id]) && $role_auths[$auth_id]) {
            $checked = ' checked="checked"';
        }
        if ($spGlobals['auths'][$auth_id]->ignored || $spGlobals['auths'][$auth_id]->enabling || $authWarn) {
            $span = '';
        } else {
            $span = ' colspan="2" ';
        }
        ?>
						<tr<?php 
        echo $tip;
        ?>
>
							<td class="permentry<?php 
        echo $warn;
        ?>
">

								<label for="sfR<?php 
        echo $role->role_id . $button;
        ?>
" class="sflabel">
								<img align="top" style="float: right; border: 0pt none ; margin: -4px 5px 0px 3px; padding: 0;" class="vtip" title="<?php 
        echo $tooltips[$auth_name];
        ?>
" src="<?php 
        echo SFADMINIMAGES;
        ?>
sp_Information.png" alt="" />
								<?php 
        spa_etext($spGlobals['auths'][$auth_id]->auth_desc);
        ?>
</label>
								<input type="checkbox" name="<?php 
        echo $button;
        ?>
" id="sfR<?php 
        echo $role->role_id . $button;
        ?>
"<?php 
        echo $checked;
        ?>
  />
								<?php 
        if ($span == '') {
            ?>
									<td align="center" class="permentry" width="32px">
<?php 
        }
        if ($span == '') {
            if ($spGlobals['auths'][$auth_id]->enabling) {
                echo '<img src="' . SFADMINIMAGES . 'sp_GlobalPerm.png" alt="" width="16" height="16" title="' . spa_text('Requires Enabling') . '" />';
            }
            if ($spGlobals['auths'][$auth_id]->ignored) {
                echo '<img src="' . SFADMINIMAGES . 'sp_GuestPerm.png" alt="" width="16" height="16" title="' . spa_text('Ignored for Guests') . '" />';
            }
            if ($authWarn) {
                echo '<img src="' . SFADMINIMAGES . 'sp_Warning.png" alt="" width="16" height="16" title="' . spa_text('Use with Caution') . '" />';
            }
            echo '</td>';
        } else {
            ?>
									</td><td class="permentry" width="32px"></td>
<?php 
        }
        ?>
						</tr>
<?php 
    }
    ?>
					<!-- END CONTAINER DIV -->
					</table></div><div class="clearboth"></div>
					</div>
<?php 
    spa_paint_close_fieldset();
    spa_paint_close_panel();
    do_action('sph_perm_edit_perm_panel');
    spa_paint_close_container();
    ?>
		<div class="sfform-submit-bar">
		<input type="submit" class="button-primary" id="sfpermedit<?php 
    echo $role->role_id;
    ?>
" name="sfpermedit<?php 
    echo $role->role_id;
    ?>
" value="<?php 
    spa_etext('Update Permission');
    ?>
" />
		<input type="button" class="button-primary" onclick="javascript:jQuery('#perm-<?php 
    echo $role->role_id;
    ?>
').html('');jQuery('#rolerow-<?php 
    echo $role_id;
    ?>
').removeClass('inForm');" id="sfpermedit<?php 
    echo $role->role_id;
    ?>
" name="editpermcancel<?php 
    echo $role->role_id;
    ?>
" value="<?php 
    spa_etext('Cancel');
    ?>
" />
		</div>
		</form>
	<?php 
    spa_paint_close_tab();
    ?>

	<div class="sfform-panel-spacer"></div>
<?php 
}