<?
if(!(ADMIN & $cbPerms)) {
if(!(USR_MNG & $cbPerms)) {
echo $usr_msg["permission-denied"];
exit();
}
}
$tpl->readTemplatesFromFile($config['templates']."messages.template");
$tpl->readTemplatesFromFile($config['templates']."usrGroup.template");
// adding stuff
if(isset($add)) {
if(empty($groupname)) {
$errorList[] = $usr_msg["not_all_set"];
$error = 1;
}
if(empty($error)) {
// Rights Pattern - Rechte Bit Muster
$rp = 0;
if(isset($add_article)) { $rp |= ADD_ART; }
if(isset($mod_own)) { $rp |= MOD_OWN; }
if(isset($mod_all)) { $rp |= MOD_ALL; }
if(isset($art_set)) { $rp |= ART_SET; }
if(isset($head_news)) { $rp |= HEAD_NEWS; }
if(isset($usermanagement)){ $rp |= USR_MNG; }
if(isset($folder_mng)) { $rp |= COL_MNG; }
if(isset($set_gen)) { $rp |= SET_GEN; }
if(isset($set_log)) { $rp |= SET_LOG; }
if(isset($sys_msg)) { $rp |= SYS_MSG; }
if(isset($v_log)) { $rp |= V_LOG; }
if(isset($f_up)) { $rp |= UPLOAD; }
if(isset($head_news_all)) { $rp |= HEAD_NEWS_ALL; }
$dateadd = date("Y-m-d H:i:s");
$permID = md5($dateadd); // UserID wird aus dem aktuellen Datum erzeugt.
$query = mysql_query("INSERT INTO ".TABLE."_perms (permID, system) VALUES ('$permID', '$rp')");
$groupIns = mysql_query("INSERT INTO ".TABLE."_usergroups (permID, name) VALUES ('$permID', '$groupname')");
if($query) {
$tpl->addVar("message", "MESSAGE", $usr_msg["group_created"]);
$tpl->setAttribute("message", "visibility", "visible");
}
}
}
// modifying stuff
if(isset($modii)) {
if(empty($groupID)) {
$errorList[] = $usr_msg["not_all_set"];
$error = 1;
}
if(empty($groupname)) {
$errorList[] = $usr_msg["not_all_set"];
$error = 1;
}
if(empty($error)) {
$userGroup = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms as p, ".TABLE."_usergroups as ug WHERE p.permID = ug.permID AND ug.groupID = '$groupID'"));
// Group Pattern - Rechte der Gruppe
$permID = $userGroup->permID;
$gp = $userGroup->system;
// Rights Pattern - Rechte Bit Muster
$rp = 0;
if(isset($add_article)) { $rp |= ADD_ART; }
if(isset($mod_own)) { $rp |= MOD_OWN; }
if(isset($mod_all)) { $rp |= MOD_ALL; }
if(isset($art_set)) { $rp |= ART_SET; }
if(isset($head_news)) { $rp |= HEAD_NEWS; }
if(isset($usermanagement)){ $rp |= USR_MNG; }
if(isset($folder_mng)) { $rp |= COL_MNG; }
if(isset($set_gen)) { $rp |= SET_GEN; }
if(isset($set_log)) { $rp |= SET_LOG; }
if(isset($sys_msg)) { $rp |= SYS_MSG; }
if(isset($v_log)) { $rp |= V_LOG; }
if(isset($f_up)) { $rp |= UPLOAD; }
if(isset($head_news_all)) { $rp |= HEAD_NEWS_ALL; }
$updatequery = mysql_query("UPDATE ".TABLE."_perms SET system = '$rp' WHERE permID = '$permID'");
$updatequery = mysql_query("UPDATE ".TABLE."_usergroups SET name = '$groupname' WHERE groupID = '$groupID'");
$sumup = $addarticle + $artset + $headnews + $set_log + $sys_msg + $f_up + $set_gen + $modown + $modall + $usermanagement + $v_log + $headnews_all + $folder_mng;
if($updatequery) {
$tpl->addVar("message", "MESSAGE", $usr_msg["group_modified"]);
$tpl->setAttribute("message", "visibility", "visible");
}
if($sumup == 0 && isset($updatequery)) {
$tpl->addVar("message", "MESSAGE", $usr_msg["group_modify_warning"]);
$tpl->setAttribute("message", "visibility", "visible");
}
}
}
if(empty($mod)) {
$usrAction = $usr_msg["newgroup"];
} else {
$usrAction = $usr_msg["modifygroup"];
}
if(isset($_POST[mod])) {
$modquery = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms as p, ".TABLE."_usergroups as ug WHERE p.permID = ug.permID AND ug.groupID = '$groupID'"));
$modGroupName = $modQuery->name;
$gp = $modQuery->system;
}
if((ADD_ART & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_ADDART", "checked"); }
if((HEAD_NEWS & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_HEADNEWS", "checked"); }
if((UPLOAD & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_FUP", "checked"); }
if((MOD_OWN & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_MODOWN", "checked"); }
if((COL_MNG & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_FOLDERMANAGE", "checked"); }
if((SYS_MSG & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_SYSMSG", "checked"); }
if(MOD_ALL & $gp) { $tpl->addVar("user", "CHK_MODALL", "checked"); }
if(ART_SET & $gp) { $tpl->addVar("user", "CHK_ARTSET", "checked"); }
if(HEAD_NEWS_ALL & $gp) { $tpl->addVar("user", "CHK_HEADNALL", "checked"); }
if(USR_MNG & $gp) { $tpl->addVar("user", "CHK_USRMANAGE", "checked"); }
if(SET_GEN & $gp) { $tpl->addVar("user", "CHK_SETGEN", "checked"); }
if(SET_LOG & $gp) { $tpl->addVar("user", "CHK_SETLOG", "checked"); }
if(V_LOG & $gp) { $tpl->addVar("user", "CHK_VLOG", "checked"); }
if(isset($mod)) {
$tpl->addVar("groupMod", "VAL_GROUPMOD", $groupmodify);
$tpl->setAttribute("groupMod", "visibility", "visible");
}
if(empty($mod)) {
$val_formname = "add";
$val_groupmod = "";
} else {
$val_formname = "modii";
$val_groupmod = 'value = "'.$modGroupName.'"';
}
$getgroup = mysql_query("SELECT * FROM ".TABLE."_usergroups");
while($cad = mysql_fetch_array($getgroup)) {
$usrGroupName[] = $cad[name];
$usrGroupID[] = $cad[groupID];
}
$tpl->addVars("user",
array( "TXT_USRACTION" => $usrAction,
"TXT_ARTADD" => $usr_msg["user_add_article"],
"TXT_MODOWN" => $usr_msg["user_mod_own"],
"TXT_MODALL" => $usr_msg["user_mod_all"],
"TXT_ARTSET" => $usr_msg["user_art_set"],
"TXT_HEADNEWS" => $usr_msg["user_headnews"],
"TXT_HEADNALL" => $usr_msg["user_headnews_all"],
"TXT_USRMANAGE" => $usr_msg["usermanagement"],
"TXT_FOLDERMANAGE"=> $usr_msg["user_folder_mng"],
"TXT_SETGEN" => $usr_msg["user_set_gen"],
"TXT_SETLOG" => $usr_msg["user_set_log"],
"TXT_SYSMSG" => $usr_msg["user_sys_msg"],
"TXT_FUP" => $usr_msg["user_fup"],
"TXT_VLOG" => $usr_msg["user_vlog"],
"VAL_FORMNAME" => $val_formname,
"TXT_SAVE" => $usr_msg["save_group"],
"TXT_MODIFY" => $usr_msg["modify"],
"TXT_GROUPNAME" => $usr_msg["groupname"],
"TXT_MODGROUP" => $usr_msg["modifygroup"],
"VAL_GROUPMOD" => $val_groupmod));
$tpl->addVars("groupModify",
array ( "VAL_GROUPNAME" => $usrGroupName,
"VAL_GROUPID" => $usrGroupID));
if($error == 1) {
$tpl->addVar("error", "MESSAGE", $errorList);
$tpl->setAttribute("error", "visibility", "visible");
}
$tpl->displayParsedTemplate("user");
$tpl->displayParsedTemplate("messages");
?>