<?php
/**
* Access Control Management
*
* Access permission administration functions
*
* @author Chinamann <hide@address.com>
* @version $Id: permissions.php,v 2.3 2007/01/02 16:31:22 andig2 Exp $
*/
require_once './core/functions.php';
require_once './core/template.php';
localnet_or_die();
permission_or_die(PERM_ADMIN);
/**
* Return if Checkbox is checked
*
* @param string $name Name of a checkbox
* @return boolean true if checked
*/
function getStatOfCheckbox($name)
{
global $$name;
return (!empty($$name));
}
if (!empty($from_uid))
{
$WHERE = "";
if ($config['denyguest'])
{
$WHERE = ' WHERE A.id != '.$config['guestid'].
' AND C.id != '.$config['guestid'];
}
// current user permissions
$result = runSQL(
'SELECT
CASE WHEN B.permissions IS NULL THEN 1 ELSE 0 END AS newentry, '.
$from_uid.' AS from_uid,
C.name AS from_name,
A.id AS to_uid,
A.name AS to_name,
CASE WHEN B.permissions IS NULL THEN 0 ELSE B.permissions END AS permissions
FROM '.TBL_USERS.' A
LEFT OUTER JOIN '.TBL_PERMISSIONS.' B
ON A.id = B.TO_UID
AND B.FROM_UID = '. $from_uid .
' INNER JOIN '.TBL_USERS.' C ON '.$from_uid.' = C.ID' . $WHERE .
' ORDER BY A.id'
);
foreach ($result as $perm)
{
$perm['read'] = ($perm['permissions'] & PERM_READ);
$perm['write'] = ($perm['permissions'] & PERM_WRITE);
// process SAVE
if (!empty($save))
{
// make sure read is allowed when write is set
$rfn = 'readflag_'.$perm['to_uid'];
if (getStatOfCheckbox('writeflag_'.$perm['to_uid'])) $$rfn = '1';
// changed?
if ($perm['read'] != getStatOfCheckbox('readflag_'.$perm['to_uid']) ||
$perm['write'] != getStatOfCheckbox('writeflag_'.$perm['to_uid']))
{
// update
$newperm = PERM_READ * getStatOfCheckbox('readflag_'.$perm['to_uid']) +
PERM_WRITE * getStatOfCheckbox('writeflag_'.$perm['to_uid']);
$SQL = 'REPLACE INTO '.TBL_PERMISSIONS." SET from_uid=".$from_uid.", to_uid=".$perm['to_uid'].", permissions=".$newperm;
runSQL($SQL);
$perm['read'] = getStatOfCheckbox('readflag_'.$perm['to_uid']);
$perm['write'] = getStatOfCheckbox('writeflag_'.$perm['to_uid']);
/*
if ($perm['newentry']) // new
{
// insert
$newperm = PERM_READ * getStatOfCheckbox('readflag_'.$perm['to_uid']) +
PERM_WRITE * getStatOfCheckbox('writeflag_'.$perm['to_uid']);
$INSERT = 'INSERT INTO '.TBL_PERMISSIONS." SET from_uid=".$from_uid.", to_uid=".$perm['to_uid'].", permissions=".$newperm;
runSQL($INSERT);
$perm['read'] = getStatOfCheckbox('readflag_'.$perm['to_uid']);
$perm['write'] = getStatOfCheckbox('writeflag_'.$perm['to_uid']);
}
else // old
{
if ((getStatOfCheckbox('readflag_'.$perm['to_uid']) + getStatOfCheckbox('writeflag_'.$perm['to_uid'])) == 0)
{
// delete
$DELETE = "DELETE FROM ".TBL_PERMISSIONS." WHERE from_uid=".$from_uid." AND to_uid=".$perm['to_uid'];
runSQL($DELETE);
$perm['read'] = 0;
$perm['write'] = 0;
}
else
{
// update
$newperm = PERM_READ * getStatOfCheckbox('readflag_'.$perm['to_uid']) +
PERM_WRITE * getStatOfCheckbox('writeflag_'.$perm['to_uid']);
$UPDATE = "UPDATE ".TBL_PERMISSIONS." SET permissions=".$newperm." WHERE from_uid=".$from_uid." AND to_uid=".$perm['to_uid'];
runSQL($UPDATE);
$perm['read'] = getStatOfCheckbox('readflag_'.$perm['to_uid']);
$perm['write'] = getStatOfCheckbox('writeflag_'.$perm['to_uid']);
}
}
*/
}
// clear permission cache
clear_permission_cache();
}
$permlist[] = $perm;
}
}
// prepare templates
tpl_page();
$smarty->assign('permlist', $permlist);
//$smarty->assign('from_name', $permlist[0]['from_name']);
$smarty->assign('from_uid', $permlist[0]['from_uid']);
$smarty->assign('owners', out_owners(false,false,true));
$smarty->assign('message', $message);
// display templates
tpl_display('permissions.tpl');
?>