<?php
/*========================================================*\
||########################################################||
||# #||
||# WB News v2.0.0 #||
||# ---------------------------------------------------- #||
||# Copyright (c) 2004-2007 #||
||# Created: 6th June 2007 #||
||# Filename: category-permission.php #||
||# #||
||########################################################||
/*========================================================*/
/**
* @author $Author: pmcilwaine $
* @version $Id: category-permission.php,v 1.1.2.3 2008/06/21 03:21:27 pmcilwaine Exp $
*/
require_once( "global.php" );
$auth->login_if( !$auth->is_logged() );
$myform = "category-permissions";
$page = new PageTemplateEngine( BuildPath("admin/main-page.ihtml") );
$tmpl->SetFilename( BuildPath("admin/category-permission.ihtml") );
$params = array(
"entry" => "\t<li>%s</li>\n\t",
"separator" => FALSE,
"class_open" => "open",
"links" => toolbarmenu()
);
$toolbar = include( INCDIR . "/page-menu.php" );
$page->AddParam( "toolbar", $toolbar );
$page->AddParam( "userinfo", $userinfo );
$formdata =& $tmpl->AddParam( "formdata", array() );
/** get usergroups **/
$fields = array(
"usergroupid",
"title"
);
$cond = array();
$cond = join( " AND ", $cond );
$group_ids = $DB->ListBy( TBL_UGROUPS, $cond, $fields, "title ASC" );
/** get group permissions **/
$id = $DB->escape( $_GET["id"] );
$fields = array(
"groupid"
);
$cond = array();
$cond[] = "\"catid\"='$id'";
$cond = join( " AND ", $cond );
$perm_ids = $DB->ListBy( TBL_CATPERMS, $cond, $fields );
if ( $_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["form"]) && $_POST["form"] == $myform )
{
$err_msg = array();
switch ( Submit() )
{
case "Ok":
$groups = array();
if ( isset($_POST["perm"]) && is_array($_POST["perm"]) )
{
foreach ( $group_ids as $group )
{
if ( !array_key_exists( $group["usergroupid"], $_POST["perm"] ) )
{
continue;
}
$groups[] = $group["usergroupid"];
}
}
if ( count($err_msg) > 0 )
{
$_SESSION["formdata"] = $_POST;
$_SESSION["err_msg"] = $err_msg;
redirect( make_url() );
exit;
}
$cond = array();
$cond[] = "\"catid\"='$id'";
$cond = join( " AND ", $cond );
$sql = "DELETE FROM " . TBL_CATPERMS . "WHERE $cond";
$DB->query( $sql );
foreach ( $groups as $group )
{
$new_id = $DB->NewID( SEQ_PREFIX . "seq_category_permissions" );
$sql = "INSERT INTO " . TBL_CATPERMS . " (id,catid,groupid) VALUES( '$new_id','$id','$group')";
$DB->query( $sql );
}
Message( "Updated category permissions" );
redirect( $_SESSION["return_page"] );
exit;
case "Cancel":
Message( "Cancelled updating category permissions" );
redirect( $_SESSION["return_page"] );
exit;
}
}
$tmpl->AddParam( "caption", "Category Permissions" );
$groups =& $tmpl->AddParam( "groups", array() );
$formdata["hidden"] = array(
"form" => $myform,
"id" => $id
);
$formdata["groups"] = array();
foreach ( $group_ids as $group )
{
$groups[] = array(
"usergroupid" => $group["usergroupid"],
"title" => htmlspecialchars( $group["title"] )
);
$formdata["groups"][$group["usergroupid"]] = NULL;
}
foreach ( $perm_ids as $group )
{
$formdata["groups"][$group["groupid"]] = TRUE;
}
$tmpl->AddParam( "buttons", "Cancel,Ok" );
$pagemenu =& $tmpl->AddParam( "pagemenu", array() );
$page->BindParam( "pagemenu", $tmpl );
$params = array(
"entry" => "\t<li>%s</li>\n\t",
"separator" => "\t<li>|</li>\n\t",
"links" => buildmenu( $theme_info["pagemenu_build"] )
);
$params = array_merge( $params, $theme_info["pagemenu"] );
$pagemenu = include( INCDIR . "/page-menu.php" );
$page->ParseContent( $tmpl->GetHTML() );
$page->ShowPage();
?>