<?php
// File: $Id: permissions.php,v 1.13 2001/12/05 18:28:27 jgm Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Jim McDonald
// Purpose of file: Permissions administration
// ----------------------------------------------------------------------
if (!eregi('admin.php', $PHP_SELF)) { die ('Access Denied'); }
$hlpfile = 'manual/permissions.html';
modules_get_language();
/*
* viewPermIntro - view Perms introduction screen
* Takes no parameters
*/
function viewPermIntro()
{
global $hlpfile, $dbconn, $pntable;
$grouppermtable = $pntable['group_perms'];
$grouppermcolumn = &$pntable['group_perms_column'];
$userpermtable = $pntable['user_perms'];
$userpermcolumn = &$pntable['user_perms_column'];
// Display
startPermDisplay();
// Main
echo '<FORM ACTION="admin.php" METHOD="POST">
<TABLE BORDER="3">
<TR>
<TH COLSPAN="3"><CENTER>'.
_VIEWPERMS.
'</CENTER></TH>
</TR>
<TR>
<TH><CENTER>'.
_PERMTYPE.
'</CENTER></TH>
<TH><CENTER>'.
_COMPONENT.
'</CENTER></TH>
<TH><CENTER>'.
_INSTANCE.
'</A></CENTER></TH>
</TR>
<TR>
<TD><CENTER>
<SELECT NAME="op">
<OPTION VALUE="secviewuserperms">'.
_USER.
'<OPTION VALUE="secviewgroupperms" SELECTED>'.
_GROUP.
'</SELECT>
</TD>
<TD><CENTER>';
// $query = "SELECT DISTINCT $grouppermcolumn[component]
// FROM $grouppermtable
// ORDER BY $grouppermcolumn[component]";
// $result = $dbconn->query($query);
// if ($result->numRows() > 0) {
// echo "<SELECT NAME=\"component\">";
// while (list($component) = $result->fetchRow()) {
// echo "<OPTION VALUE=\"$component\">$component</OPTION>";
// }
// $result->free();
// echo "</SELECT>";
// } else {
echo ""._NOCOMPONENTS."";
// }
echo "</TD>".
"<TD><CENTER>";
// $query = "SELECT DISTINCT $grouppermcolumn[instance]
// FROM $grouppermtable
// ORDER BY $grouppermcolumn[instance]";
// $result = $dbconn->query($query);
// if ($result->numRows() > 0) {
// echo "<SELECT NAME=\"instance\">";
// while (list($instance) = $result->fetchRow()) {
// echo "<OPTION VALUE=\"$instance\">$instance</OPTION>";
// }
// $result->free();
// echo "</SELECT>";
// } else {
echo ""._NOINSTANCES."";
// }
echo "</TD>".
"</TR>".
"<TR>".
"<TD COLSPAN=3>".
"<CENTER><INPUT TYPE=\"SUBMIT\" VALUE=\""._VIEWPERMS."\"></CENTER>".
"</TR>".
"</TABLE>".
"</FORM>";
endPermDisplay();
}
/*
* viewPerms - view permissions
* Takes 1 parameter:
* - the type (user or group)
*/
function viewPerms($type)
{
global $dbconn, $pntable;
// Work out which tables to operate against, and
// various other bits and pieces
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
$idfield = $permcolumn['uid'];
$mltype = _USER;
$viewperms = _VIEWUSERPERMS;
$action = "secnewuserperm";
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
$idfield = $permcolumn['gid'];
$mltype = _GROUP;
$viewperms = _VIEWGROUPPERMS;
$action = "secnewgroupperm";
}
$query = "SELECT $permcolumn[pid],
$idfield,
$permcolumn[sequence],
$permcolumn[realm],
$permcolumn[component],
$permcolumn[instance],
$permcolumn[level],
$permcolumn[bond]
FROM $permtable
ORDER BY $permcolumn[sequence]";
$result = $dbconn->Execute($query);
// FTO Check EOF and databse error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
$numrows = $result->PO_RecordCount($permtable);
// Display
startPermDisplay();
startPermForm($viewperms, $mltype);
// FTO Check EOF
while(!$result->EOF) {
list($pid, $id, $sequence, $realm, $component, $instance, $level, $bond) = $result->fields;
$result->MoveNext();
if ($numrows == 1) {
$lineinfo = 0;
} else if ($sequence == 1) {
$lineinfo = 1;
} else if ($sequence == $numrows) {
$lineinfo = 3;
} else {
$lineinfo = 2;
}
addPermFormLine(0, $lineinfo, $pid, $realm, $type, $id, $component, $instance, $level, $bond);
}
endPermForm(_NEWPERM, $action);
$result->Close();
endPermDisplay();
}
/*
* incPerm - increment sequence number of a permission
* Takes two parameters:
* - the type
* - the pid to increment
*/
function incPerm($type, $pid)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against, and
// various other bits and pieces
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
}
// Sanitise vars
$ts = new MyTextSanitizer();
$pid = $ts->sanitizeIntoDB($pid);
// Get info on current perm
$query = "SELECT $permcolumn[sequence]
FROM $permtable
WHERE $permcolumn[pid]=$pid";
$result = $dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
//FTO Do not use record count
// if ($result->PO_RecordCount() != 1) {
if ($result->EOF) {
die("No such permissions ID $gid");
}
list($seq) = $result->fields;
$result->Close();
if ($seq != 1) {
$altseq = $seq-1;
// Get info on displaced perm
$query = "SELECT $permcolumn[pid]
FROM $permtable
WHERE $permcolumn[sequence]=$altseq";
$result = $dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
//FTO Do not use record count
// if ($result->PO_RecordCount() != 1) {
if ($result->EOF) {
die("No such permissions ID $gid");
}
list($altpid) = $result->fields;
$result->Close();
// Swap sequence numbers
$query = "UPDATE $permtable
SET $permcolumn[sequence]=$seq
WHERE $permcolumn[pid]=$altpid";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
$query = "UPDATE $permtable
SET $permcolumn[sequence]=$altseq
WHERE $permcolumn[pid]=$pid";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
}
pnRedirect('admin.php?op=secview'.${type}.'perms');
}
/*
* decPerm - decrement sequence number of a permission
* Takes two parameters:
* - the type
* - the pid to decrement
*/
function decPerm($type, $pid)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
}
// Sanitise vars
$ts = new MyTextSanitizer();
$pid = $ts->sanitizeIntoDB($pid);
// Get info on current perm
$query = "SELECT $permcolumn[sequence]
FROM $permtable
WHERE $permcolumn[pid]=$pid";
$result = $dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
//FTO Do not use Record Count
// if ($result->PO_Record Count() != 1) {
if ($result->EOF) {
die("No such permissions ID $gid");
}
list($seq) = $result->fields;
$result->Close();
$maxseq = maxSequence($permtable, $permcolumn['sequence']);
if ($seq != $maxseq) {
$altseq = $seq+1;
// Get info on displaced perm
$query = "SELECT $permcolumn[pid]
FROM $permtable
WHERE $permcolumn[sequence]=$altseq";
$result = $dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
//FTO Do not use Record Count
// if ($result->PO_Record Count() != 1) {
if ($result->EOF) {
die("No such permissions ID $gid");
}
list($altpid) = $result->fields;
$result->Close();
// Swap sequence numbers
$query = "UPDATE $permtable
SET $permcolumn[sequence]=$seq
WHERE $permcolumn[pid]=$altpid";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
$query = "UPDATE $permtable
SET $permcolumn[sequence]=$altseq
WHERE $permcolumn[pid]=$pid";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
}
pnRedirect('admin.php?op=secview'.${type}.'perms');
}
/*
* modifyPerm - modify permission
* Takes two parameters:
* - the type
* - the pid
*/
function modifyPerm($type, $pid)
{
global $dbconn, $pntable;
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
$idfield = $permcolumn['uid'];
$mltype = _USER;
$action = "secchangeuserperm";
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
$idfield = $permcolumn['gid'];
$mltype = _GROUP;
$action = "secchangegroupperm";
}
// Sanitise vars
$ts = new MyTextSanitizer();
$pid = $ts->sanitizeIntoDB($pid);
// Details on current perm
$query = "SELECT $permcolumn[realm],
$idfield,
$permcolumn[component],
$permcolumn[instance],
$permcolumn[level]
FROM $permtable
WHERE $permcolumn[pid]=$pid";
$result = $dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
if ($result->EOF) {
die("No such permissions ID $gid");
}
//ADODBtag list+row
list($realm, $id, $component, $instance, $level) = $result->fields;
$result->Close();
// Display
startPermDisplay();
startPermForm(_MODIFYPERM, $mltype);
addPermFormLine(1, 0, $pid, $realm, $type, $id, $component, $instance, $level, 0);
addPermFormVar("pid", $pid);
endPermForm(_SAVEMODPERM, $action);
endPermDisplay();
}
/*
* changePerm - change attributes of a permission
* Takes 7 parameters:
* - the type
* - the pid
* - the new realm
* - the new group/user ID
* - the new component
* - the new instance
* - the new level
*/
function changePerm($type, $pid, $realm, $id, $component, $instance, $level)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
$idfield = $permcolumn['uid'];
$view = "secviewuserperms";
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
$idfield = $permcolumn['gid'];
$view = "secviewgroupperms";
}
// Sanitise vars
$ts = new MyTextSanitizer();
$realm = $ts->sanitizeIntoDB($realm);
$id = $ts->sanitizeIntoDB($id);
$component = $ts->sanitizeIntoDB($component);
$instance = $ts->sanitizeIntoDB($instance);
$level = $ts->sanitizeIntoDB($level);
$pid = $ts->sanitizeIntoDB($pid);
//FTO Replace double by simple quotes
$query = "UPDATE $permtable
SET $permcolumn[realm]=$realm,
$idfield=$id,
$permcolumn[component]='$component',
$permcolumn[instance]='$instance',
$permcolumn[level]=$level
WHERE $permcolumn[pid]=$pid";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
pnRedirect('admin.php?op='.$view);
}
/*
* newPerm - create a new permission
* Takes one parameter:
* - the type
*/
function newPerm($type)
{
global $dbconn, $pntable;
// Work out which tables to operate against
if ($type == "user") {
$mltype = _USER;
$action = "secadduserperm";
} else {
$mltype = _GROUP;
$action = "secaddgroupperm";
}
// Display
startPermDisplay();
startPermForm(_NEWPERM, $mltype);
addPermFormLine(1, 0, 0, 0, $type, 0, "", "", "", 0);
endPermForm(_SAVEPERM, $action);
endPermDisplay();
}
/*
* addPerm - add a perm
* Takes 5 parameters:
* - the type
* - the realm
* - the user/group ID
* - the component
* - the instance
* - the level
*/
function addPerm($type, $realm, $id, $component, $instance, $level)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
$idfield = $permcolumn['uid'];
$view = "secviewuserperms";
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
$idfield = $permcolumn['gid'];
$view = "secviewgroupperms";
}
$maxseq = maxSequence($permtable, $permcolumn['sequence']);
$newseq = $maxseq + 1;
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextId = $dbconn->GenId("{$permtable}_SEQ");
// Sanitise vars
$ts = new MyTextSanitizer();
$realm = $ts->sanitizeIntoDB($realm);
$id = $ts->sanitizeIntoDB($id);
$component = $ts->sanitizeIntoDB($component);
$instance = $ts->sanitizeIntoDB($instance);
$level = $ts->sanitizeIntoDB($level);
//FTO Replace double by simple quotes
$query = "INSERT INTO $permtable
($permcolumn[pid],
$permcolumn[realm],
$idfield,
$permcolumn[sequence],
$permcolumn[component],
$permcolumn[instance],
$permcolumn[level],
$permcolumn[bond])
VALUES
($nextId,
$realm,
$id,
$newseq,
'$component',
'$instance',
$level,
0)";
$result=$dbconn->Execute($query);
// FTO Check database error
if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
pnRedirect('admin.php?op='.$view);
}
/*
* deletePerm - delete a permission
* Takes 2 arguments:
* - the type
* - the pid to delete
*/
function deletePerm($type, $pid)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
$idfield = $permcolumn['uid'];
$view = "secviewuserperms";
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
$idfield = $permcolumn['gid'];
$view = "secviewgroupperms";
}
// See if this perm is bonded
// Sanitise vars
$ts = new MyTextSanitizer();
$pid = $ts->sanitizeIntoDB($pid);
$query = "DELETE FROM $permtable
WHERE $permcolumn[pid]=$pid";
$dbconn->Execute($query);
resequencePerms($type);
pnRedirect('/admin.php?op='.$view);
}
// Helper functions
/*
* maxSequence - get the highest sequence number
* for a given table
* Takes 2 parameters:
* - the table name
* - the sequence column name
*/
function maxSequence($table, $column)
{
global $dbconn;
$query = "SELECT MAX($column)
FROM $table";
$result = $dbconn->Execute($query);
//ADODBtag list+row
list($maxseq) = $result->fields;
$result->Close();
return($maxseq);
}
/*
* getUsersInfo - get users information
* Takes no parameters
*/
function getUsersInfo()
{
global $dbconn, $pntable;
//FTO Use quotes for index name
$usertable = $pntable['users'];
$usercolumn = &$pntable['users_column'];
$query = "SELECT $usercolumn[uid],
$usercolumn[uname]
FROM $usertable
ORDER BY $usercolumn[uname]";
$result = $dbconn->Execute($query);
$users['-1'] = _ALLUSERS;
$users[0] = _UNREGISTEREDUSER;
//ADODBtag MoveNext while+list+row
// FTO Check EOF and databse error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(!$result->EOF) {
list($id, $name) = $result->fields;
$result->MoveNext();
$users[$id] = $name;
}
$result->Close();
return($users);
}
/*
* getGroupsInfo - get groups information
* Takes no parameters
*/
function getGroupsInfo()
{
global $dbconn, $pntable;
$grouptable = $pntable['groups'];
$groupcolumn = &$pntable['groups_column'];
$query = "SELECT $groupcolumn[gid],
$groupcolumn[name]
FROM $grouptable
ORDER BY $groupcolumn[name]";
$result = $dbconn->Execute($query);
$groups['-1'] = _ALLGROUPS;
$groups[0] = _UNREGISTEREDGROUP;
//ADODBtag MoveNext while+list+row
// FTO Check EOF and databse error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(!$result->EOF) {
list($gid, $name) = $result->fields;
$result->MoveNext();
$groups[$gid] = $name;
}
$result->Close();
return($groups);
}
/*
* getRealmsInfo - get realms information
* Takes no parameters
*/
function getRealmsInfo()
{
global $dbconn, $pntable;
$realmtable = $pntable['realms'];
$realmcolumn = &$pntable['realms_column'];
$query = "SELECT $realmcolumn[rid],
$realmcolumn[name]
FROM $realmtable";
$result = $dbconn->Execute($query);
$realms[0] = _ALLREALMS;
//ADODBtag MoveNext while+list+row
// FTO Check EOF and databse error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(!$result->EOF) {
list($rid, $rname) = $result->fields;
$result->MoveNext();
$realms[$rid] = $rname;
}
$result->Close();
return($realms);
}
/*
* startPermDisplay - start display of permissions
* information
* Takes no parameters
*/
function startPermDisplay()
{
global $hlpfile;
include("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo '<CENTER>
<A HREF="admin.php?op=secviewpermintro"><font class="pn-title"><B>'.
_PERMADMIN.
'</B></FONT></A><BR>
<BR>
<TABLE BORDER="0" WIDTH="100%">
<TR>
<TH><A HREF="admin.php?op=secnewuserperm"><CENTER><font class="pn-title">'.
_ADDUSERPERM.
'</FONT></CENTER></A></TH>
<TH><A HREF="admin.php?op=secnewgroupperm"><CENTER><font class="pn-title">'.
_ADDGROUPPERM.
'</FONT></CENTER></A></TH>
</TR><BR>
</TABLE>
<BR>';
}
/*
* endPermDisplay - end display of permissions
* information
* Takes no parameters
*/
function endPermDisplay()
{
CloseTable();
include("footer.php");
}
/*
* startPermForm - start display of
* permissions form
* Takes two parameters:
* - the header for the block
* - the perm type (user/group)
*/
function startPermForm($header, $type)
{
echo '<FORM ACTION="admin.php" METHOD="POST">
<TABLE BORDER="3">
<TR>
<TH COLSPAN="7"><CENTER>'.
$header.
'</CENTER></TH>
</TR>
<TR>
<TH><CENTER>'.
_SEQUENCE.
'</CENTER></TH>
<TH><CENTER>'.
_REALM.
'</CENTER></TH>
<TH><CENTER>'.
$type.
'</CENTER></TH>
<SCRIPT TYPE="text/javascript">
function showinstanceinformation() {
window.open ("admin.php?op=secshowinstanceinformation","Instance_Information", "toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=400,height=300");
}
</SCRIPT>
<TH><CENTER>
<A HREF="javascript:showinstanceinformation()">'.
_COMPONENT.
'</CENTER></TH>
<TH><CENTER>
<A HREF="javascript:showinstanceinformation()">'.
_INSTANCE.
'</CENTER></TH>
<TH><CENTER>'.
_PERMLEVEL.
'</CENTER></TH>
<TH><CENTER>'.
_PERMOPS.
'</CENTER></TH>
</TR>';
}
/*
* endPermForm - end display of
* permissions form
* Takes two parameters:
* - the tailname for the block
* - the operation on submission of the form
*/
function endPermForm($tail, $operation)
{
echo '<TR>
<TD COLSPAN=7>
<CENTER><INPUT TYPE="SUBMIT" VALUE="'.
$tail.
'"></CENTER>
</TR>
</TABLE>
<INPUT TYPE="HIDDEN" NAME="op" VALUE="'.
$operation.
'">
</FORM>';
}
/*
* addPermFormVar - add a variable to the
* permissiosns form
* Takes two arguments:
* - name of variable
* - value of variable
*/
function addPermFormVar($name, $value)
{
echo "<INPUT TYPE=\"HIDDEN\" NAME=\"$name\" VALUE=\"$value\">";
}
/*
* addPermFormLine - add a line to a
* permissions form
*
* Takes 9 parameters:
* - is the line editable (1=yes)
* - information on the line (0=only, 1=first, 2=middle, 3=last)
* - the pid
* - the realm
* - the type (user or group)
* - the type id (uid or gid)
* - the component
* - the instance
* - the level
* - the bond
*/
function addPermFormLine($editable, $lineinfo, $pid, $realm, $type, $id, $component, $instance, $level, $bond)
{
static $bound = 0;
// Realm information for translation
$realms = getRealmsInfo();
// Group/user information for translation
if ($type == "user") {
$names = getUsersInfo();
} else {
$names = getGroupsInfo();
}
if ($editable) {
echo '<TR>
<TD> </TD>
<TD><CENTER>
<SELECT NAME="realm">';
foreach($realms as $k => $v) {
if ($realm == $k) {
$selected = " SELECTED";
} else {
$selected = "";
}
echo "<OPTION VALUE=\"$k\"$selected>$v</OPTION>";
}
echo '</SELECT>
</CENTER></TD>
<TD><CENTER>
<SELECT NAME="id">';
foreach($names as $k => $v) {
if ($id == $k) {
$selected = " SELECTED";
} else {
$selected = "";
}
echo "<OPTION VALUE=\"$k\"$selected>$v</OPTION>";
}
echo '</SELECT></td>
<TD><CENTER>
<INPUT NAME="component" TYPE="textbox" VALUE="'.
$component.
'">
</CENTER></TD>
<TD><CENTER>
<INPUT NAME="instance" TYPE="textbox" VALUE="'.
$instance.
'">
</CENTER></TD>
<TD><CENTER>
<SELECT NAME="level">';
foreach(accesslevelnames() as $k => $v) {
if ($level == $k) {
$selected = " SELECTED";
} else {
$selected = "";
}
echo "<OPTION VALUE=\"$k\"$selected>$v</OPTION>";
}
echo '</CENTER></TD>
<TD> </TD>
</TR>';
} else {
echo '<TR>
<TD><CENTER>';
if ($lineinfo) {
if ($lineinfo != 1) {
// Not first entry - show 'up' arrow
echo "<A HREF=\"admin.php?op=secinc${type}perm&pid=$pid&bond=$bond\"><IMG SRC=\"images/global/up.gif\" alt=\""._UP."\"></A> ";
}
if ($lineinfo != 3) {
// Not last entry - show 'down' arrow
echo "<A HREF=\"admin.php?op=secdec${type}perm&pid=$pid&bond=$bond\"><IMG SRC=\"images/global/down.gif\" alt=\""._DOWN."\"></A> ";
}
}
//FTO Remove warning
if (!isset($realms[$realm]))
{ $realm='';
$realms[$realm]='';
}
if (!isset($level))
{ $level='';
}
echo '</CENTER></TD>
<TD><CENTER>'.
$realms[$realm].
'</CENTER></TD>
<TD><CENTER>'.
$names[$id].
'</CENTER></TD>
<TD><CENTER>'.
$component.
'</CENTER></TD>
<TD><CENTER>'.
$instance.
'</CENTER></TD>
<TD><CENTER>'.
accesslevelname($level).
'</CENTER></TD>
<TD><CENTER>';
if ($bond) {
echo "<A HREF=\"admin.php?op=secbreak${type}perm&pid=$pid\">"._BREAK."</A> ";
}
// Binding to come later
// if (($lineinfo != 0) && (lineinfo != 3)) {
// echo "<A HREF=\"admin.php?op=secbind${type}perm&pid=$pid\">"._BIND."</A> ";
// }
echo "<A HREF=\"admin.php?op=secmodify${type}perm&pid=$pid\">"._EDIT."</A> ".
"<A HREF=\"admin.php?op=secdelete${type}perm&pid=$pid\">"._DELETE."</A> ".
'</CENTER></TD>';
}
// Tidy up static with last line
if (($lineinfo == 0) || ($lineinfo == 3)) {
$bound = 0;
}
}
/*
* resequencePerms - resequence a permissions table
* Takes one parameter:
* - the type of the table
*/
function resequencePerms($type)
{
global $dbconn, $pntable;
csrfcheck();
// Work out which tables to operate against
if ($type == "user") {
$permtable = $pntable['user_perms'];
$permcolumn = &$pntable['user_perms_column'];
} else {
$permtable = $pntable['group_perms'];
$permcolumn = &$pntable['group_perms_column'];
}
// Get the information
$query = "SELECT $permcolumn[pid],
$permcolumn[sequence]
FROM $permtable
ORDER BY $permcolumn[sequence]";
$result = $dbconn->Execute($query);
// Fix sequence numbers
$seq=1;
//ADODBtag MoveNext while+list+row
// FTO Check EOF and databse error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(!$result->EOF) {
list($pid, $curseq) = $result->fields;
$result->MoveNext();
if ($curseq != $seq) {
$query = "UPDATE $permtable
SET $permcolumn[sequence]=$seq
WHERE $permcolumn[pid]=$pid";
$dbconn->Execute($query);
}
$seq++;
}
$result->Close();
}
/*
* showInstanceInformation - Show instance information gathered
* from blocks and modules
* Takes no parameters
*/
function showInstanceInformation()
{
// Pretty much raw HTML here
echo '<HTML>
<HEAD>
</HEAD>
<BODY>
<CENTER>
<H1>Permissions Information</H1>
<TABLE BORDER="3">
<TR>
<TH><CENTER>
Registered Component
</CENTER></TH>
<TH><CENTER>
Instance template
</CENTER></TH>
</TR>';
$schemas = getinstanceschemainfo();
foreach ($schemas as $k => $v) {
echo '<TR>
<TD><CENTER>';
echo $k;
echo '</CENTER></TD>
<TD><CENTER>';
echo $v;
echo '</CENTER></TD>
</TR>';
}
echo '<TABLE>
</CENTER>
</BODY>
</HTML>';
}
// Require administration access to do anything
if (!authorised(0, 'Permissions::', '::', ACCESS_ADMIN)) {
include 'header.php';
echo _PERMISSIONSNOAUTH;
include 'footer.php';
} else {
switch($op) {
case "secviewpermintro";
viewPermIntro();
break;
case "secviewgroupperms";
viewPerms("group");
break;
case "secviewuserperms";
viewPerms("user");
break;
case "secnewgroupperm";
newPerm("group");
break;
case "secnewuserperm";
newPerm("user");
break;
case "secaddgroupperm";
addPerm("group", $realm, $id, $component, $instance, $level);
break;
case "secadduserperm";
addPerm("user", $realm, $id, $component, $instance, $level);
break;
case "secdeletegroupperm";
deletePerm("group", $pid);
break;
case "secdeleteuserperm";
deletePerm("user", $pid);
break;
case "secmodifygroupperm";
modifyPerm("group", $pid);
break;
case "secmodifyuserperm";
modifyPerm("user", $pid);
break;
case "secchangegroupperm";
changePerm("group", $pid, $realm, $id, $component, $instance, $level);
break;
case "secchangeuserperm";
changePerm("user", $pid, $realm, $id, $component, $instance, $level);
break;
case "secincgroupperm";
incPerm("group", $pid);
break;
case "secincuserperm";
incPerm("user", $pid);
break;
case "secdecgroupperm";
decPerm("group", $pid);
break;
case "secdecuserperm";
decPerm("user", $pid);
break;
case "secshowinstanceinformation";
showInstanceInformation();
break;
}
}
?>