Location: PHPKode > projects > Content*Builder > contentbuilder/plugins/user_managment/usrGroup.inc.php
<?

	if(!(ADMIN & $cbPerms)) {
		if(!(USR_MNG & $cbPerms)) {
			echo $usr_msg["permission-denied"];
			exit();
		}
	}
	
	$tpl->readTemplatesFromFile($config['templates']."messages.template");
	$tpl->readTemplatesFromFile($config['templates']."usrGroup.template");
	
	// adding stuff
	if(isset($add)) {
		if(empty($groupname)) {
			$errorList[] = $usr_msg["not_all_set"];
			$error = 1;
		}
		if(empty($error)) {
			// Rights Pattern - Rechte Bit Muster
			$rp = 0;
			if(isset($add_article))   { $rp |= ADD_ART; }
			if(isset($mod_own))       { $rp |= MOD_OWN; }
			if(isset($mod_all))       { $rp |= MOD_ALL; }
			if(isset($art_set))       { $rp |= ART_SET; }
			if(isset($head_news))     { $rp |= HEAD_NEWS; }
			if(isset($usermanagement)){ $rp |= USR_MNG; }
			if(isset($folder_mng))    { $rp |= COL_MNG; }
		    if(isset($set_gen))       { $rp |= SET_GEN; }
			if(isset($set_log))       { $rp |= SET_LOG; }
			if(isset($sys_msg))       { $rp |= SYS_MSG; }
			if(isset($v_log))         { $rp |= V_LOG; }
			if(isset($f_up))          { $rp |= UPLOAD; }
			if(isset($head_news_all)) { $rp |= HEAD_NEWS_ALL; }
			
			$dateadd = date("Y-m-d H:i:s");
			$permID  = md5($dateadd); // UserID wird aus dem aktuellen Datum erzeugt.
			$query     = mysql_query("INSERT INTO ".TABLE."_perms (permID, system) VALUES ('$permID', '$rp')");
			$groupIns  = mysql_query("INSERT INTO ".TABLE."_usergroups (permID, name) VALUES ('$permID', '$groupname')");
			
			if($query) {
				$tpl->addVar("message", "MESSAGE", $usr_msg["group_created"]);
				$tpl->setAttribute("message", "visibility", "visible");
			}
		}
	}
	
	// modifying stuff
	if(isset($modii)) {
		if(empty($groupID)) {
			$errorList[] = $usr_msg["not_all_set"];
			$error = 1;
		}
		
		if(empty($groupname)) {
			$errorList[] = $usr_msg["not_all_set"];
			$error = 1;
		}
	
		if(empty($error)) {
			$userGroup = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms as p, ".TABLE."_usergroups as ug WHERE p.permID = ug.permID AND ug.groupID = '$groupID'"));
			// Group Pattern - Rechte der Gruppe
			$permID = $userGroup->permID;
			$gp = $userGroup->system;
			
			// Rights Pattern - Rechte Bit Muster
			$rp = 0;
			if(isset($add_article))   { $rp |= ADD_ART; }
			if(isset($mod_own))       { $rp |= MOD_OWN; }
			if(isset($mod_all))       { $rp |= MOD_ALL; }
			if(isset($art_set))       { $rp |= ART_SET; }
			if(isset($head_news))     { $rp |= HEAD_NEWS; }
			if(isset($usermanagement)){ $rp |= USR_MNG; }
			if(isset($folder_mng))    { $rp |= COL_MNG; }
		    if(isset($set_gen))       { $rp |= SET_GEN; }
			if(isset($set_log))       { $rp |= SET_LOG; }
			if(isset($sys_msg))       { $rp |= SYS_MSG; }
			if(isset($v_log))         { $rp |= V_LOG; }
			if(isset($f_up))          { $rp |= UPLOAD; }
			if(isset($head_news_all)) { $rp |= HEAD_NEWS_ALL; }

			$updatequery = mysql_query("UPDATE ".TABLE."_perms SET system = '$rp' WHERE permID = '$permID'");
			$updatequery = mysql_query("UPDATE ".TABLE."_usergroups SET name = '$groupname' WHERE groupID = '$groupID'");
	
			$sumup = $addarticle + $artset + $headnews + $set_log + $sys_msg + $f_up + $set_gen + $modown + $modall + $usermanagement + $v_log + $headnews_all + $folder_mng;
			if($updatequery) {
				$tpl->addVar("message", "MESSAGE", $usr_msg["group_modified"]);
				$tpl->setAttribute("message", "visibility", "visible");
			}
			if($sumup == 0 && isset($updatequery)) {
				$tpl->addVar("message", "MESSAGE", $usr_msg["group_modify_warning"]);
				$tpl->setAttribute("message", "visibility", "visible");
			}
		}
	}
	
	if(empty($mod)) {
		$usrAction = $usr_msg["newgroup"];
	} else {
		$usrAction = $usr_msg["modifygroup"];
	}
	
	if(isset($_POST[mod])) {
		$modquery = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms as p, ".TABLE."_usergroups as ug WHERE p.permID = ug.permID AND ug.groupID = '$groupID'"));
		$modGroupName = $modQuery->name;
		$gp = $modQuery->system;
	}
	
	if((ADD_ART & $gp)   OR empty($mod)) { $tpl->addVar("user", "CHK_ADDART",		"checked"); }
	if((HEAD_NEWS & $gp) OR empty($mod)) { $tpl->addVar("user", "CHK_HEADNEWS",	 "checked"); }
	if((UPLOAD & $gp)    OR empty($mod)) { $tpl->addVar("user", "CHK_FUP",		  "checked"); }
	if((MOD_OWN & $gp)   OR empty($mod)) { $tpl->addVar("user", "CHK_MODOWN",		"checked"); }
	if((COL_MNG & $gp)   OR empty($mod)) { $tpl->addVar("user", "CHK_FOLDERMANAGE", "checked"); }
	if((SYS_MSG & $gp)   OR empty($mod)) { $tpl->addVar("user", "CHK_SYSMSG",		"checked"); }
	if(MOD_ALL & $gp)       { $tpl->addVar("user", "CHK_MODALL", "checked"); }
	if(ART_SET & $gp)       { $tpl->addVar("user", "CHK_ARTSET", "checked"); }
	if(HEAD_NEWS_ALL & $gp) { $tpl->addVar("user", "CHK_HEADNALL", "checked"); }
	if(USR_MNG & $gp)       { $tpl->addVar("user", "CHK_USRMANAGE", "checked"); }
	if(SET_GEN & $gp)       { $tpl->addVar("user", "CHK_SETGEN", "checked"); }
	if(SET_LOG & $gp)       { $tpl->addVar("user", "CHK_SETLOG", "checked"); }
	if(V_LOG & $gp)         { $tpl->addVar("user", "CHK_VLOG", "checked"); }
	
	if(isset($mod)) {
		$tpl->addVar("groupMod", "VAL_GROUPMOD", $groupmodify);
		$tpl->setAttribute("groupMod", "visibility", "visible");
	}
	if(empty($mod)) {
		$val_formname = "add";
		$val_groupmod = "";
	} else {
		$val_formname = "modii";
		$val_groupmod = 'value = "'.$modGroupName.'"';
	}
	
	$getgroup = mysql_query("SELECT * FROM ".TABLE."_usergroups");
	while($cad = mysql_fetch_array($getgroup)) {
		$usrGroupName[] = $cad[name];
		$usrGroupID[]   = $cad[groupID];
	}
	
	$tpl->addVars("user",
		array( "TXT_USRACTION"	=> $usrAction,
			  "TXT_ARTADD"		=> $usr_msg["user_add_article"],
			  "TXT_MODOWN"		=> $usr_msg["user_mod_own"],
			  "TXT_MODALL"		=> $usr_msg["user_mod_all"],
			  "TXT_ARTSET"		=> $usr_msg["user_art_set"],
			  "TXT_HEADNEWS"	=> $usr_msg["user_headnews"],
			  "TXT_HEADNALL"	=> $usr_msg["user_headnews_all"],
			  "TXT_USRMANAGE"	=> $usr_msg["usermanagement"],
			  "TXT_FOLDERMANAGE"=> $usr_msg["user_folder_mng"],
			  "TXT_SETGEN"		=> $usr_msg["user_set_gen"],
			  "TXT_SETLOG"		=> $usr_msg["user_set_log"],
			  "TXT_SYSMSG"		=> $usr_msg["user_sys_msg"],
			  "TXT_FUP"			=> $usr_msg["user_fup"],
			  "TXT_VLOG"		=> $usr_msg["user_vlog"],
			  "VAL_FORMNAME"	=> $val_formname,
			  "TXT_SAVE"		=> $usr_msg["save_group"],
			  "TXT_MODIFY"		=> $usr_msg["modify"],
			  "TXT_GROUPNAME"	=> $usr_msg["groupname"],
			  "TXT_MODGROUP"	=> $usr_msg["modifygroup"],
			  "VAL_GROUPMOD"	=> $val_groupmod));
	
	$tpl->addVars("groupModify", 
		array ( "VAL_GROUPNAME" => $usrGroupName,
				"VAL_GROUPID"   => $usrGroupID));
	
	if($error == 1) {
		$tpl->addVar("error", "MESSAGE", $errorList);
		$tpl->setAttribute("error", "visibility", "visible");
	}
	$tpl->displayParsedTemplate("user");
	$tpl->displayParsedTemplate("messages");
?>
Return current item: Content*Builder