function getUserPermissions($userid = '') { global $db, $user, $repository; if (!$userid && is_object($user)) { $userid = $user->id; } if ($userid) { $permtable = $db->getAll("SELECT sotf_user_permissions.object_id, sotf_permissions.permission FROM sotf_user_permissions, sotf_permissions WHERE sotf_user_permissions.user_id = '{$userid}' AND sotf_user_permissions.permission_id = sotf_permissions.id"); //debug("permtable", $permtable); // make an associative array containing the permissions for all objects while (list(, $row) = each($permtable)) { $permissions[$row["object_id"]][] = $row["permission"]; // object permission } $groups = sotf_Group::listGroupsOfUser($userid); foreach ($groups as $gid => $gname) { $permtable = $db->getAll("SELECT sotf_group_permissions.object_id, sotf_permissions.permission FROM sotf_group_permissions, sotf_permissions WHERE sotf_group_permissions.group_id = '{$gid}' AND sotf_group_permissions.permission_id = sotf_permissions.id"); // append to associative array containing the permissions for all objects while (list(, $row) = each($permtable)) { $permissions[$row["object_id"]][] = $row["permission"]; // object permission } // TODO: remove duplicates } } if ($this->debug) { error_log("current permissions", 0); if (count($permissions) > 0) { foreach ($permissions as $key => $value) { error_log("PERMISSION: {$key} = " . join(' ', $value), 0); } } } return $permissions; }
function getUserOrGroupName($id) { global $user; if (isGroupId($id)) { return sotf_Group::getGroupName($id); } else { return $user->getUsername($id); } }
function listGroupsOfObject($id, $perm = 'listen') { $groups = sotf_Group::listGroupIdsOfObject($id, $perm); $retval = array(); foreach ($groups as $gid) { $group = sotf_Group::getById($gid); $retval[$group->get('name')] = $group->getAll(); } asort($retval); //debug("GROUPS", $retval); return $retval; }
<?php // -*- tab-width: 3; indent-tabs-mode: 1; -*- /* * $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $ * Authors: András Micsik */ require "init.inc.php"; $smarty->assign('PAGETITLE', $page->getlocalized('AdminPage')); $page->forceLogin(); //$page->errorURL = "admin.php"; checkPerm('node', 'change'); $actionsToCount = "'listens','downloads'"; $sql = "SELECT p.id, p.title, s.id AS station_id, s.name AS station_name, count(distinct h.user_id) as count FROM sotf_programmes p, sotf_stations s, sotf_user_history h WHERE p.station_id=s.id AND p.id=h.object_id AND h.action IN ({$actionsToCount}) GROUP BY p.id, p.title, s.id, s.name ORDER BY count DESC"; $count = $db->getOne("SELECT COUNT(*) FROM ({$sql}) s"); $limit = $page->splitList($count, $scriptUrl); $res = $db->limitQuery($sql, $limit["from"], $limit["maxresults"]); if (DB::isError($res)) { raiseError($res); } $results = null; while (DB_OK === $res->fetchInto($row)) { $row['groups'] = sotf_Group::listGroupsOfObject($row['id']); $results[] = $row; } debug("TOPLIST", $results); $smarty->assign('TOPLIST', $results); $page->send();
$url = $_GET['okURL']; if (!$url) { $url = $config['localPrefix']; } $page->redirect($url); exit; } // we need trick for making pages indexed by Google // therefore we pass some parameters in pathinfo // after this call getParameter can be used to get these parameters as well $pathinfoParamExceptions = array('getIcon', 'getJingle', 'getUserFile'); if (!in_array($page->action, $pathinfoParamExceptions)) { sotf_Utils::collectPathinfoParams(); } // just for debugging $groups = sotf_Group::listGroupsOfUser($user->id); debug("GROUPS", $groups); // permissions object is for managing and asking for permissions $permissions = new sotf_Permission(); //$permissions->debug = true; // the repository of radio stations $repository = new sotf_Repository($config['repositoryDir'], $db); // all controlled vocabularies $vocabularies = new sotf_Vocabularies($db); // now you have the following global objects: $config, $db, $userdb, $smarty, $page, $repository, $user, $permission // is that too many? // forwarding all $config to smarty is a security risk // $smarty->assign("CONFIG", $config); // add basic variables to Smarty $smarty->assign("NODEID", $config['nodeId']); $smarty->assign("NODE_NAME", $config['nodeName']);
} elseif ($userid) { if ($userid[0] == 'g') { $gid = substr($userid, 1); $group = sotf_Group::getById($gid); $users[$userid] = $group->get('name'); $smarty->assign("USERS", $users); } else { $username = sotf_User::getUsername($userid); $users[$userid] = $username; $smarty->assign("USERS", $users); } } elseif ($pattern) { $smarty->assign("PATTERN", $pattern); $users = sotf_User::findUsers($pattern, $prefix); debug("USERS", $users); $groups = sotf_Group::findGroups($pattern, $prefix); debug("GROUPS", $groups); if (count($users) + count($groups) > 50) { $smarty->assign("TOO_MANY_MATCHES", count($users) + count($groups)); } elseif (empty($users) and empty($groups)) { $smarty->assign("NO_MATCHES", 1); } else { $smarty->assign("USERS", $users); $smarty->assign("GROUPS", $groups); } } checkPerm($objectid, "authorize"); if ($save) { if ($userid == $user->id) { // trying to change permissions for self //if(!hasPerm($objectid, 'admin'))
// -*- tab-width: 3; indent-tabs-mode: 1; -*- /* * $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $ * Authors: András Micsik */ require "init.inc.php"; $smarty->assign('PAGETITLE', $page->getlocalized('AdminPage')); $page->forceLogin(); //$page->errorURL = "admin.php"; checkPerm('node', 'change'); if (sotf_Utils::getParameter('del')) { $uid = sotf_Utils::getParameter('uid'); $user = new sotf_User($uid); debug("Deleting user {$uid}", $user->username); $user->delete(); $page->redirect('adminUsers.php'); $page->logRequest(); exit; } $pattern = sotf_Utils::getParameter('pattern'); $count = sotf_User::countUsers($pattern); $limit = $page->splitList($count, $scriptUrl . "?pattern=" . urlencode($pattern)); $users = sotf_User::listUsers($limit["from"], $limit["maxresults"], $pattern); foreach ($users as $user) { $user['groups'] = join(', ', sotf_Group::getGroupNames($user['id'])); $ulist[] = $user; } $smarty->assign('USERS', $ulist); $smarty->assign('PATTERN', $pattern); $page->send();
$g = (int) substr($g, 2); sotf_Group::setGroup($uid, $g, 1); debug("TYPE", gettype($g)); debug("ADD {$g}", $uGroups[$g]); unset($uGroups[$g]); debug("after REMOVING {$g}", $uGroups); } } // remove unchecked items debug("U2", $uGroups); foreach ($uGroups as $gid => $rid) { sotf_Group::setGroup($uid, $gid, 0, $rid); } $page->redirect("closeAndRefresh.php"); exit; } // close $close = sotf_Utils::getParameter('close'); if ($close) { $page->redirect("closeAndRefresh.php"); exit; } // generate output $uGroups = sotf_Group::listGroupsOfUser($uid); $groups = sotf_Group::listAll(0); foreach ($groups as $g) { $g['rid'] = $uGroups[$g['id']]; $glist[] = $g; } $smarty->assign('GROUPS', $glist); $page->sendPopup();
// -*- tab-width: 3; indent-tabs-mode: 1; -*- /* * $Id: editNeighbour.php 339 2003-12-03 08:39:25Z andras $ * Author: András Micsik */ require "init.inc.php"; $smarty->assign('PAGETITLE', $page->getlocalized('AdminPage')); $page->forceLogin(); $page->popup = true; $page->errorURL = "editGroup.php"; checkPerm('node', "change"); $gid = sotf_Utils::getParameter('gid'); if ($gid) { $group = sotf_Group::getById($gid); } else { $group = new sotf_Group(); } # raiseError("No such group: $gid"); // save changes if (sotf_Utils::getParameter('save')) { $oldName = $group->get('name'); $group->setWithTextParam('name', 'name'); $group->setWithTextParam('comments', 'comments'); $group->setWithParam('price', 'price'); $name = $group->get('name'); if (!$name) { $error = "error_name_missing"; } else { $ex = sotf_Group::getByName($name); if ($ex and (!$gid or $gid and $name != $oldName)) { $error = 'error_name_in_use';
<?php // -*- tab-width: 3; indent-tabs-mode: 1; -*- /* * $Id: admin.php 554 2006-04-12 10:37:20Z buddhafly $ * Authors: András Micsik */ require "init.inc.php"; $smarty->assign('PAGETITLE', $page->getlocalized('AdminPage')); $page->forceLogin(); //$page->errorURL = "admin.php"; checkPerm('node', 'change'); $actionsToCount = "'listens','downloads'"; $sql = "SELECT u.id, u.username, d.contact_person, count(distinct h.object_id) as count FROM sotf_users u LEFT JOIN sotf_user_data d ON d.user_id=u.id, sotf_user_history h WHERE u.id=h.user_id AND h.action IN ({$actionsToCount}) GROUP BY u.id, u.username, d.contact_person ORDER BY count DESC"; $count = $db->getOne("SELECT COUNT(*) FROM ({$sql}) s"); $limit = $page->splitList($count, $scriptUrl); $res = $db->limitQuery($sql, $limit["from"], $limit["maxresults"]); if (DB::isError($res)) { raiseError($res); } $results = null; while (DB_OK === $res->fetchInto($row)) { $row['groups'] = sotf_Group::getGroupNames($row['id']); $results[] = $row; } $smarty->assign('TOPLIST', $results); $page->send();
<?php // -*- tab-width: 3; indent-tabs-mode: 1; -*- /* * $Id: showContact.php 372 2005-02-03 15:15:51Z micsik $ * Author: Andras Micsik */ require "init.inc.php"; $gid = sotf_Utils::getParameter('id'); $group = new sotf_Group($gid); if (!$group) { raiseError("no_such_object", "Group {$gid}"); } $smarty->assign('PAGETITLE', $group->get('name')); $smarty->assign('GID', $gid); $smarty->assign('GROUP_DATA', $group->getAll()); $objects = $group->listObjectsOfGroup(); rsort($objects); $numProgs = 0; while (list(, $oid) = each($objects)) { $obj =& $repository->getObject($oid); if (!$obj) { logError("DB integrity error: role {$role} for {$id} which does not exist"); continue; } $class = get_class($obj); $data = array(); $data['name'] = $obj->get('name'); if ($class == 'sotf_station') { $data['url'] = $config['rootUrl'] . "/showStation.php/{$oid}"; $data['mid'] = $page->getlocalized('Station');
$smarty->assign('REFS', $prg->getRefs()); // statistics $smarty->assign('STATS', $prg->getStats()); // add this visit to statistics $prg->addStat('', "visits"); // rating $rating = new sotf_Rating(); $smarty->assign('RATING', $rating->getInstantRating($id)); // my rating? $myRating = $rating->getMyRating($id); debug("r", $myRating); $smarty->assign('MY_RATING', $myRating); if (nodeConfig('payableMode')) { $smarty->assign('CURRENCY', $config['currency']); if (!$prg->isFree()) { $smarty->assign('LISTEN_GROUPS', sotf_Group::listGroupsOfObject($id, 'listen')); } } if ($page->loggedIn()) { // is in my playlist? $smarty->assign('inplaylist', sotf_UserPlaylist::contains($id)); } } $db->commit(); // online counter for statistics if ($config['counterMode']) { $chCounter_status = 'active'; $chCounter_visible = 0; $chCounter_page_title = 'Programm-Detailansicht - get.php'; include $config['counterURL']; }