$errors[] = lang("SQL_ERROR"); } } //Add access to pages if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($permissionId, $add)) { $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Remove access to pages if (!empty($_POST['removePage'])) { $remove = $_POST['removePage']; if ($deletion_count = removePage($remove, $permissionId)) { $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add access to pages if (!empty($_POST['addPage'])) { $add = $_POST['addPage']; if ($addition_count = addPage($add, $permissionId)) { $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $permissionDetails = fetchPermissionDetails($permissionId);
$successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private")); } else { $errors[] = lang("SQL_ERROR"); } } } elseif ($pageDetails['private'] == 1) { if (updatePrivate($pageId, 0)) { $successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public")); } else { $errors[] = lang("SQL_ERROR"); } } //Remove permission level(s) access to page if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePage($pageId, $remove)) { $successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add permission level(s) access to page if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPage($pageId, $add)) { $successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $pageDetails = fetchPageDetails($pageId);
/** * Link/unlink the specified group with the specified page. Recommend root access only. * @param int $page_id the id of the page * @param int $group_id the id of the group * @param boolean $checked 1 if private page 0 if public * @return boolean true for success, false if failed */ function updatePageGroupLink($page_id, $group_id, $checked) { // This block automatically checks this action against the permissions database before running. if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) { addAlert("danger", "Sorry, you do not have permission to access this resource."); return false; } //Check if selected page exists if (!pageIdExists($page_id)) { addAlert("danger", "I'm sorry, the page id you specified is invalid!"); return false; } //TODO: Check if selected group exists $pageDetails = fetchPageDetails($page_id); //Fetch information specific to page // Determine if we're changing the 'private' status, or a specific group if ($group_id == "private") { // Set as private if checked=1, otherwise set as 0 updatePrivate($page_id, $checked); return true; } else { // Get the current page groups $pageGroups = fetchPageGroups($page_id); // Add the group if checked=1 and the page doesn't already have that group assigned if ($checked == "1") { if (!isset($pageGroups[$group_id])) { addPage($page_id, $group_id); return true; } else { return false; } } else { if (isset($pageGroups[$group_id])) { removePage($page_id, $group_id); return true; } else { return false; } } } }
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } $permissionId = $_GET['id']; //Check if selected permission level exists if (!permissionIdExists($permissionId)) { header("Location: " . site_url('admin_permissions')); die; } $permissionDetails = fetchPermissionDetails($permissionId); //Fetch information specific to permission level //Forms posted if (!empty($_POST)) { //Delete selected permission level if (!empty($_POST['delete'])) { $deletions = $_POST['delete']; if ($deletion_count = deletePermission($deletions)) { $successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count)); header("Location: " . site_url('admin_permissions')); } else { $errors[] = lang("SQL_ERROR"); } } else { //Update permission level name if ($permissionDetails[0]['name'] != $_POST['name']) { $permission = trim($_POST['name']); //Validate new name if (permissionNameExists($permission)) { $errors[] = lang("ACCOUNT_PERMISSIONNAME_IN_USE", array($permission)); } elseif (minMaxRange(1, 50, $permission)) { $errors[] = lang("ACCOUNT_PERMISSION_CHAR_LIMIT", array(1, 50)); } else { if (updatePermissionName($permissionId, $permission)) { $successes[] = lang("PERMISSION_NAME_UPDATE", array($permission)); } else { $errors[] = lang("SQL_ERROR"); } } } //Remove access to pages if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePermission($permissionId, $remove)) { $successes[] = lang("PERMISSION_REMOVE_USERS", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add access to pages if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPermission($permissionId, $add)) { $successes[] = lang("PERMISSION_ADD_USERS", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Remove access to pages if (!empty($_POST['removePage'])) { $remove = $_POST['removePage']; if ($deletion_count = removePage($remove, $permissionId)) { $successes[] = lang("PERMISSION_REMOVE_PAGES", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add access to pages if (!empty($_POST['addPage'])) { $add = $_POST['addPage']; if ($addition_count = addPage($add, $permissionId)) { $successes[] = lang("PERMISSION_ADD_PAGES", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $permissionDetails = fetchPermissionDetails($permissionId); } } $pagePermissions = fetchPermissionPages($permissionId); //Retrieve list of accessible pages $permissionUsers = fetchPermissionUsers($permissionId); //Retrieve list of users with membership $userData = fetchAllUsers(); //Fetch all users $pageData = fetchAllPages(); //Fetch all pages require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Permissions</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminPermission' action='" . $_SERVER['PHP_SELF'] . "?id=" . $permissionId . "' method='post'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Permission Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $permissionDetails[0]['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n<input type='text' name='name' value='" . $permissionDetails[0]['name'] . "' />\r\n</p>\r\n<label>Delete:</label>\r\n<input type='checkbox' name='delete[" . $permissionDetails[0]['id'] . "]' id='delete[" . $permissionDetails[0]['id'] . "]' value='" . $permissionDetails[0]['id'] . "'>\r\n</p>\r\n</div></td><td>\r\n<h3>Permission Membership</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Members:"; //List users with permission level foreach ($userData as $v1) { if (isset($permissionUsers[$v1['id']])) { echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name']; } } echo "\r\n</p><p>Add Members:"; //List users without permission level foreach ($userData as $v1) { if (!isset($permissionUsers[$v1['id']])) { echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['display_name']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n<td>\r\n<h3>Permission Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nPublic Access:"; //List public pages foreach ($pageData as $v1) { if ($v1['private'] != 1) { echo "<br>" . $v1['page']; } } echo "\r\n</p>\r\n<p>\r\nRemove Access:"; //List pages accessible to permission level foreach ($pageData as $v1) { if (isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) { echo "<br><input type='checkbox' name='removePage[" . $v1['id'] . "]' id='removePage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page']; } } echo "\r\n</p><p>Add Access:"; //List pages inaccessible to permission level foreach ($pageData as $v1) { if (!isset($pagePermissions[$v1['id']]) and $v1['private'] == 1) { echo "<br><input type='checkbox' name='addPage[" . $v1['id'] . "]' id='addPage[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['page']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }
while ($row = $result->fetch_assoc()) { $array[] = $row["NAME"]; } } else { printf("no f*****g results!"); } mysqli_free_result($result); return $array; } $con = mysqli_connect("dbhost.cs.man.ac.uk", "mbbx9mg3", "Fincherz+2013") or die("Error " . mysqli_error($link)); mysqli_select_db($con, "mbbx9mg3"); if (isset($_POST["submit_button"])) { $itemsList = $_POST['pages']; $message = ""; foreach ($_POST['pages'] as $check) { removePage($check, $con); } $message = "Removed Successfully!"; } // isInserted $array = selectPages($con); mysqli_close($con); ?> <!DOCTYPE html> <!-- To change this license header, choose License Headers in Project Properties. To change this template file, choose Tools | Templates and open the template in the editor. --> <html> <head>
public function index() { /* UserCake (Via CupCake) Version: 2.0.2 http://usercake.com */ global $baseURL; require_once "{$baseURL}/application/third_party/user_cake/models/config.php"; if (!securePage($_SERVER['PHP_SELF'])) { die; } $pageId = $_GET['id']; //Check if selected pages exist if (!pageIdExists($pageId)) { header("Location: " . str_replace('index.php/', '', site_url('admin_pages'))); die; } $pageDetails = fetchPageDetails($pageId); //Fetch information specific to page //Forms posted if (!empty($_POST)) { $update = 0; if (!empty($_POST['private'])) { $private = $_POST['private']; } //Toggle private page setting if (isset($private) and $private == 'Yes') { if ($pageDetails['private'] == 0) { if (updatePrivate($pageId, 1)) { $successes[] = lang("PAGE_PRIVATE_TOGGLED", array("private")); } else { $errors[] = lang("SQL_ERROR"); } } } elseif ($pageDetails['private'] == 1) { if (updatePrivate($pageId, 0)) { $successes[] = lang("PAGE_PRIVATE_TOGGLED", array("public")); } else { $errors[] = lang("SQL_ERROR"); } } //Remove permission level(s) access to page if (!empty($_POST['removePermission'])) { $remove = $_POST['removePermission']; if ($deletion_count = removePage($pageId, $remove)) { $successes[] = lang("PAGE_ACCESS_REMOVED", array($deletion_count)); } else { $errors[] = lang("SQL_ERROR"); } } //Add permission level(s) access to page if (!empty($_POST['addPermission'])) { $add = $_POST['addPermission']; if ($addition_count = addPage($pageId, $add)) { $successes[] = lang("PAGE_ACCESS_ADDED", array($addition_count)); } else { $errors[] = lang("SQL_ERROR"); } } $pageDetails = fetchPageDetails($pageId); } $pagePermissions = fetchPagePermissions($pageId); $permissionData = fetchAllPermissions(); require_once "{$baseURL}/application/third_party/user_cake/models/header.php"; echo "\r\n<body>\r\n<div id='wrapper'>\r\n<div id='top'><div id='logo'></div></div>\r\n<div id='content'>\r\n<h1>UserCake (Via CupCake)</h1>\r\n<h2>Admin Page</h2>\r\n<div id='left-nav'>"; include "{$baseURL}/application/third_party/user_cake/left-nav.php"; echo "\r\n</div>\r\n<div id='main'>"; echo resultBlock($errors, $successes); echo "\r\n<form name='adminPage' action='" . $_SERVER['PHP_SELF'] . "?id=" . $pageId . "' method='post'>\r\n<input type='hidden' name='process' value='1'>\r\n<table class='admin'>\r\n<tr><td>\r\n<h3>Page Information</h3>\r\n<div id='regbox'>\r\n<p>\r\n<label>ID:</label>\r\n" . $pageDetails['id'] . "\r\n</p>\r\n<p>\r\n<label>Name:</label>\r\n" . $pageDetails['page'] . "\r\n</p>\r\n<p>\r\n<label>Private:</label>"; //Display private checkbox if ($pageDetails['private'] == 1) { echo "<input type='checkbox' name='private' id='private' value='Yes' checked>"; } else { echo "<input type='checkbox' name='private' id='private' value='Yes'>"; } echo "\r\n</p>\r\n</div></td><td>\r\n<h3>Page Access</h3>\r\n<div id='regbox'>\r\n<p>\r\nRemove Access:"; //Display list of permission levels with access foreach ($permissionData as $v1) { if (isset($pagePermissions[$v1['id']])) { echo "<br><input type='checkbox' name='removePermission[" . $v1['id'] . "]' id='removePermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p><p>Add Access:"; //Display list of permission levels without access foreach ($permissionData as $v1) { if (!isset($pagePermissions[$v1['id']])) { echo "<br><input type='checkbox' name='addPermission[" . $v1['id'] . "]' id='addPermission[" . $v1['id'] . "]' value='" . $v1['id'] . "'> " . $v1['name']; } } echo "\r\n</p>\r\n</div>\r\n</td>\r\n</tr>\r\n</table>\r\n<p>\r\n<label> </label>\r\n<input type='submit' value='Update' class='submit' />\r\n</p>\r\n</form>\r\n</div>\r\n<div id='bottom'></div>\r\n</div>\r\n</body>\r\n</html>"; }