Location: PHPKode > projects > Content*Builder > contentbuilder/plugins/user_managment/usrRights.inc.php
<?

// Permission Check
	$hasEditPerms = 0;
	if((USR_MNG & $cbPerms) || (ADMIN & $cbPerms)) {
		$hasEditPerms = 1;
	}
	
	if($hasEditPerms) {
		$id = trim($id);
		$tpl->assign("EDITUID", $id);
		
		// Ermitteln der Nutzer-/Gruppenrechte ...	
		// Rights of User to mod
		// Getting User Information
		$mUser         = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_user WHERE userid = '$id'"));
		// Getting User Permissions
		$mUserPerms    = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms WHERE permID = '$id'"));
		// Getting User Groups
		$mUserGroupQ   = mysql_query("SELECT * FROM ".TABLE."_user_group_relation WHERE userID = '$id'");
		while($mUserGroupRow = mysql_fetch_object($mUserGroupQ)) {
			$mUserGroups[] = $mUserGroupRow->groupID;
			$mUserGroupsReverse[$mUserGroupRow->groupID] = 1;
		}
		
		// Getting system rights palette
		$mUserRights   = $mUserPerms->system;
	
		// Verarbeitung Formulardaten "Gruppenzuweisung" (falls aktualisiert durch Benutzer)
		if(isset($updategroup)) {
			$updateGroups = false;
			// Rechte-Abfrage
			if(ADMIN & $cbPerms) {
			    // bisherige Rechte zuruecksetzen; neue aus Formular uebernehmen
			    $mUserGroups=array();
			    $mUserGroupsReverse=array();
				if(is_array($groupID)) {	
					$mUserGroups = array();
					foreach($groupID as $k => $v) {
						$mUserGroups[] = $v;
						$mUserGroupsReverse[$v] = 1;
					}
				}
				$updateGroups = true;
			} 
			
			if($updateGroups == true) {
				$query = mysql_query("DELETE FROM ".TABLE."_user_group_relation WHERE userID = '$id'");
				foreach($mUserGroups as $k => $v) {
				    //trigger_error("INSERT INTO ".TABLE."_user_group_relation (userID,groupID) VALUES ('$id','$v')");
					$query = mysql_query("INSERT INTO ".TABLE."_user_group_relation (userID,groupID) VALUES ('$id','$v')");
				}
			}
			unset($groupID);
		}
		// Ende Verarbeitung Formulardaten "Gruppenzuweisung"	
		
		// Verarbeitung Formulardaten "Rechtevergabe" (falls aktualisiert durch Benutzer)
		if(isset($updaterights)) {
			$noChange = false;
			if((ADMIN & $mUserRights)) {
				$noChange = true;
			}
			
			// Rights Pattern - Rechte Bit Muster
			$rp = $mUserRights;
			if(!(ADMIN & $cbPerms)) {
				if(ART_SET & $cbPerms) { 
					if(isset($art_set)) { $rp |= ART_SET; } else { $rp &= ~ART_SET; }
				}
				if(HEAD_NEWS & $cbPerms) { 
					if(isset($head_news)) { $rp |= HEAD_NEWS; } else { $rp &= ~HEAD_NEWS; }
				}
				if(USR_MNG & $cbPerms) {
					if(isset($usermanagement)) { $rp |= USR_MNG; } else { $rp &= ~USR_MNG; }
				}
				if(COL_MNG & $cbPerms) {
					if(isset($folder_mng)) { $rp |= COL_MNG; } else { $rp &= ~COL_MNG; }
				}
				if(SET_GEN & $cbPerms) {
					if(isset($set_gen)) { $rp |= SET_GEN; } else { $rp &= ~SET_GEN; }
				}
				if(SET_LOG & $cbPerms) {
					if(isset($set_log)) { $rp |= SET_LOG; } else { $rp &= ~SET_LOG; }
				}
				if(SYS_MSG & $cbPerms) {
					if(isset($sys_msg)) { $rp |= SYS_MSG; } else { $rp &= ~SYS_MSG; }
				}
				if(V_LOG & $cbPerms) {
					if(isset($v_log)) { $rp |= V_LOG; } else { $rp &= ~V_LOG; }
				}
				if(UPLOAD & $cbPerms) {
					if(isset($f_up)) { $rp |= UPLOAD; } else { $rp &= ~UPLOAD; }
				}
				if(HEAD_NEWS_ALL & $cbPerms) {
					if(isset($head_news_all)) { $rp |= HEAD_NEWS_ALL; } else { $rp &= ~HEAD_NEWS_ALL; }
				}
			} else {
				if(isset($admin))          { $rp |= ADMIN; }   else { $rp &= ~ADMIN; }
				if(isset($art_set))        { $rp |= ART_SET; } else { $rp &= ~ART_SET; }
				if(isset($head_news))      { $rp |= HEAD_NEWS;}else { $rp &= ~HEAD_NEWS; }
				if(isset($usermanagement)) { $rp |= USR_MNG; } else { $rp &= ~USR_MNG; }
				if(isset($folder_mng))     { $rp |= COL_MNG; } else { $rp &= ~COL_MNG; }
				if(isset($set_gen))        { $rp |= SET_GEN; } else { $rp &= ~SET_GEN; }
				if(isset($set_log))        { $rp |= SET_LOG; } else { $rp &= ~SET_LOG; }
				if(isset($sys_msg))        { $rp |= SYS_MSG; } else { $rp &= ~SYS_MSG; }
				if(isset($v_log))          { $rp |= V_LOG; }   else { $rp &= ~V_LOG; }
				if(isset($f_up))           { $rp |= UPLOAD; }  else { $rp &= ~UPLOAD; }
				if(isset($head_news_all))  { $rp |= HEAD_NEWS_ALL; } else { $rp &= ~HEAD_NEWS_ALL; }
			}
			
			if($noChange == false) {
				$modUser = mysql_query("UPDATE ".TABLE."_perms SET system = '$rp' WHERE permID = '$id'");
			}
	
			// Logfiledaten werden gesucht
			cb_log(14);
			// Eintrag im Logfile geschrieben
			if(!$groupinsert) {
				$error = 1;
				$general_failure = 1;
				// general failure reading harddisk - who the fuck is general failure and why is he reading my harddisk?? ;)
				// bad jokes inside netbuilder-script :D - if you read this - keep it in mind, maybe we'll make a competition out of it ;)
				// found this one in the original NB 2.1 Release; Couldn't resist, had to keep it. Cheers, CB Development ;)
			}		
		}
		// Ende Verarbeitung Formulardaten "Rechtevergabe"
		
		// Beginn Sammeln der Daten fuer die Anzeige des aktuellen Status
		unset($mUser);
		unset($mUserRights);
		// Rights of User to mod
		$mUser       = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_user  WHERE userid = '$id'"));
		$mUserPerms  = mysql_fetch_object(mysql_query("SELECT * FROM ".TABLE."_perms WHERE permID = '$id'"));
		$mUserRights = $mUserPerms->system;
			
		// Getting all groups and check, which are selected
		$mUserGroupsQuery  = mysql_query("SELECT * FROM ".TABLE."_usergroups");
		while($mUserGroupsRow = mysql_fetch_object($mUserGroupsQuery)) {
			$groupName[]   = $mUserGroupsRow->name;
			$groupID[]     = $mUserGroupsRow->groupID;
			$groupPermID[] = $mUserGroupsRow->permID;
			if($mUserGroupsReverse[$mUserGroupsRow->groupID] == 1) {
				$groupSelected[] = "selected";
			} else { 
				$groupSelected[] = "";
			}
			$groupSet = true;
		}
		
		if($groupSet) {
			$tpl->assign("usr_group", 
				array ( "VAL_GROUPNAME" => $groupName,
						"VAL_GROUPID"   => $groupID,
						"SELECTED"      => $groupSelected
				)
			);
			$tpl->assign("usr_group_list",
				array(  "USERNAME"     => $mUser->name." ( ".$mUser->fullname." ) ",
						"VAL_USRID"	   => $id
				)
			);
			$tpl->assign("usr_group_list_set", "1");
		}
		
		if((ADMIN & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$tpl->assign("usr_add2_admin", 
			array(  "CHK_VALUE"      => $chk
			)
		);
		$tpl->assign("usr_add2_admin_set", "1");
		
		if((ART_SET & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "art_set";
		$usrOptText[]  = $usr_msg["user_art_set"];
		
		if((HEAD_NEWS & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "head_news";
		$usrOptText[]  = $usr_msg["user_headnews"];
		
		if((HEAD_NEWS_ALL & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "head_news_all";
		$usrOptText[]  = $usr_msg["user_headnews_all"];
		
		if((USR_MNG & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "usermanagement";
		$usrOptText[]  = $usr_msg["usermanagement"];
		
		if((COL_MNG & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "folder_mng";
		$usrOptText[]  = $usr_msg["user_folder_mng"];
		
		if((SET_GEN & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "set_gen";
		$usrOptText[]  = $usr_msg["user_set_gen"];
		
		if((SET_LOG & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "set_log";
		$usrOptText[]  = $usr_msg["user_set_log"];
		
		if((SYS_MSG & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "sys_msg";
		$usrOptText[]  = $usr_msg["user_sys_msg"];
		
		if((UPLOAD & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "f_up";
		$usrOptText[]  = $usr_msg["user_fup"];
		
		if((V_LOG & $mUserRights)) { $chk = "checked"; } else { $chk = ""; }
		$usrOptChk[]   = $chk;
		$usrOptIdent[] = "v_log";
		$usrOptText[]  = $usr_msg["user_vlog"];
		
		$tpl->assign("usr_add2_options",
			array(  "CHK_VALUE"       => $usrOptChk,
					"TXT_OPTIONIDENT" => $usrOptIdent,
					"TXT_OPTION"      => $usrOptText
			)
		);
		
		$tpl->assign("usr_add2",
			array(  "USERNAME"        => $mUser->name." ( ".$mUser->fullname." ) ",
					"VAL_USRID"       => $id
			)
		);
		
		$tpl->assign("usr_add2_set", "1");	
		
		if(!empty($errorList)) {
			$tpl->assign("errorSet", "1");
			$tpl->assign("errorList", $errorList);
		}
		// Ende Sammeln Ausgabeinformationen und Zuweisung zu patTemplates
		
		// Logging ...
		if($update4) {
			$messageList[] = $usr_msg["right_update"];
			$tpl->assign("messageSet", "1");
			$tpl->assign("messageList", $messageList);
			cb_log("17");
		}
		// Ende Logging	
	
		$mainPluginContent[]  = $tpl->fetch($config['templates']."usrRights.template", null, "pluginUsr".$cbUserID);
		$mainMessageContent[] = $tpl->fetch($config['templates']."messages.template", null, "pluginUsr".$cbUserID);
	}
?>
Return current item: Content*Builder