diff --git a/DB/db_rewrite.sql b/DB/db_rewrite.sql index d4811235..5041ce9b 100644 --- a/DB/db_rewrite.sql +++ b/DB/db_rewrite.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 02. Juni 2011 um 19:37 +-- Erstellungszeit: 02. Juni 2011 um 20:39 -- Server Version: 5.1.44 -- PHP-Version: 5.3.1 @@ -80,8 +80,9 @@ INSERT INTO `Counter` (`URL`, `Anz`) VALUES ('register', 3), ('admin_rooms', 70), ('admin_angel_types', 69), -('user_settings', 111), -('user_messages', 102); +('user_settings', 115), +('user_messages', 102), +('admin_groups', 86); -- -------------------------------------------------------- @@ -125,22 +126,22 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` ( `privilege_id` int(11) NOT NULL, PRIMARY KEY (`id`), KEY `group_id` (`group_id`,`privilege_id`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=28 ; -- -- Daten für Tabelle `GroupPrivileges` -- INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES -(1, -1, 1), -(2, -1, 2), +(24, -1, 5), (3, -2, 3), (4, -2, 4), -(5, -1, 5), +(23, -1, 2), (6, -4, 6), (7, -4, 7), (8, -2, 8), -(9, -2, 9); +(9, -2, 9), +(12, -5, 10); -- -------------------------------------------------------- @@ -253,7 +254,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` ( `desc` varchar(1024) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ; +) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=11 ; -- -- Daten für Tabelle `Privileges` @@ -268,7 +269,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES (6, 'admin_rooms', 'Räume administrieren'), (7, 'admin_angel_types', 'Engel Typen administrieren'), (8, 'user_settings', 'User profile settings'), -(9, 'user_messages', 'Writing and reading messages from user to user'); +(9, 'user_messages', 'Writing and reading messages from user to user'), +(10, 'admin_groups', 'Manage usergroups and their rights'); -- -------------------------------------------------------- @@ -995,7 +997,9 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES ('credits', 'DE', 'Credits'), ('credits', 'EN', 'Credits'), ('pub_messages_Neu', 'DE', 'Neu'), -('pub_messages_Neu', 'EN', 'New'); +('pub_messages_Neu', 'EN', 'New'), +('admin_groups', 'DE', 'Gruppenrechte'), +('admin_groups', 'EN', 'Grouprights'); -- -------------------------------------------------------- @@ -1038,7 +1042,7 @@ CREATE TABLE IF NOT EXISTS `User` ( -- INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES -(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307043433, '0000-00-00 00:00:00', '', '', ''), +(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307046926, '0000-00-00 00:00:00', '', '', ''), (147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1307042703, '2011-06-02 00:55:09', '', '', ''); -- -------------------------------------------------------- diff --git a/includes/funktion_menu.php b/includes/funktion_menu.php deleted file mode 100644 index 0a324758..00000000 --- a/includes/funktion_menu.php +++ /dev/null @@ -1,40 +0,0 @@ - $Entry) - if (strpos($Key, ".php") > 0) - if ((strpos("00$Key", "0$MenuName") > 0) || ((strlen($MenuName) == 0) && (strpos("0$Key", "/") == 0))) { - $TempName = Get_Text($Key, true); - - if ((true || $debug) && ($TempName == "")) - $TempName = "not found: \"$Key\""; - - if ($Entry == "Y") { - //zum absichtlkichen ausblenden von einträgen - if (strlen($TempName) > 1) { - //sonderfälle: - - if ($Key == "admin/faq.php") - $TempName .= " (" . noAnswer() . ")"; - elseif ($Key == "credits.php") continue; - //ausgabe - $Text .= "
  • $TempName
    • \n"; - $Gefunden = true; - } - } - elseif ($debug) { - $Gefunden = true; - $Text .= "
  • $TempName ($Key)
    • \n"; - } - } - if ($Gefunden) - echo ''; -} //function ShowMenue -?> diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php new file mode 100644 index 00000000..5d9d8180 --- /dev/null +++ b/includes/pages/admin_groups.php @@ -0,0 +1,73 @@ +'; + $groups_html .= '' . $group['Name'] . ''; + $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=" . sql_escape($group['UID'])); + $privileges_html = array (); + foreach ($privileges as $priv) + $privileges_html[] = $priv['name']; + $groups_html .= '' . join(", ", $privileges_html) . ''; + $groups_html .= 'Ändern'; + $groups_html .= ''; + } + + return template_render('../templates/admin_groups.html', array ( + 'nick' => $user['Nick'], + 'groups' => $groups_html + )); + } else { + switch ($_REQUEST["action"]) { + case 'edit' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (count($room) > 0) { + list ($room) = $room; + $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`=" . sql_escape($id) . ") ORDER BY `Privileges`.`name`"); + $privileges_html = ""; + foreach ($privileges as $priv) + $privileges_html .= '' . $priv['name'] . '' . $priv['desc'] . ''; + + $html .= template_render('../templates/admin_groups_edit_form.html', array ( + 'link' => page_link_to("admin_groups"), + 'id' => $id, + 'privileges' => $privileges_html + )); + } else + return error("No Group found."); + break; + + case 'save' : + if (isset ($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing Groups ID."); + + $room = sql_select("SELECT * FROM `Groups` WHERE `UID`=" . sql_escape($id) . " LIMIT 1"); + if (!is_array($_REQUEST['privileges'])) + $_REQUEST['privileges'] = array (); + if (count($room) > 0) { + list ($room) = $room; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`=" . sql_escape($id)); + foreach ($_REQUEST['privileges'] as $priv) + if (preg_match("/^[0-9]{1,}$/", $priv) && sql_num_query("SELECT * FROM `Privileges` WHERE `id`=" . sql_escape($priv)) > 0) + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=" . sql_escape($id) . ", `privilege_id`=" . sql_escape($priv)); + header("Location: " . page_link_to("admin_groups")); + } else + return error("No Group found."); + break; + } + } + return $html; +} +?> diff --git a/includes/sys_menu.php b/includes/sys_menu.php index 822d558f..739cb9d1 100644 --- a/includes/sys_menu.php +++ b/includes/sys_menu.php @@ -29,7 +29,8 @@ function make_navigation() { // Admin Navigation $menu .= make_navigation_for(Get_Text('admin/'), array ( "admin_angel_types", - "admin_rooms" + "admin_rooms", + "admin_groups" )); return $menu; } diff --git a/templates/admin_groups.html b/templates/admin_groups.html new file mode 100644 index 00000000..c5b4ac57 --- /dev/null +++ b/templates/admin_groups.html @@ -0,0 +1,21 @@ +Hallo %nick%, +
    +hier hast du die Möglichkeit Gruppenrechte zu ändern: + + + + + + + + + + %groups% + +
    + Name + + Rechte + +   +
    diff --git a/templates/admin_groups_edit_form.html b/templates/admin_groups_edit_form.html new file mode 100644 index 00000000..5729df64 --- /dev/null +++ b/templates/admin_groups_edit_form.html @@ -0,0 +1,21 @@ +
    + + + + + + + + + + %privileges% + +
    +   + + Name + + Description +
    + +
    \ No newline at end of file diff --git a/txt/TODO b/txt/TODO index fbaf4377..1ebf5e52 100644 --- a/txt/TODO +++ b/txt/TODO @@ -4,6 +4,8 @@ * user_messages schön machen * Formulare weg von Tabellen * user_news lässt sich nicht bedienen (POST ohne redirects...) + * Privilegien korrigieren (an die vom CVS anpassen) + * Beim Raum-Management die benötigten Engel anzeigen * schichten ueber monatsgrenzen einbaue im moment werden die tage nur diff --git a/www-ssl/admin/group.php b/www-ssl/admin/group.php deleted file mode 100644 index b8a52ec2..00000000 --- a/www-ssl/admin/group.php +++ /dev/null @@ -1,49 +0,0 @@ -\n"; - echo "\n"; - echo "\tGroupname\n"; - echo "\tLink\n"; - echo "\n"; - - for ($n = 0; $n < $Zeilen; $n++) { - echo "\n"; - echo "\t" . mysql_result($Erg, $n, "Name") . "\n"; - - echo "change\n"; - echo "\n"; - } - - // new form - echo "\n"; - echo "\t
    \n"; - echo "\t\t\n"; - echo "\t\t\n"; - echo "\t
    \n"; - echo "\n"; - - echo "\t\n"; - // Ende Userliste -} - -include ("includes/footer.php"); -?> - - diff --git a/www-ssl/index.php b/www-ssl/index.php index 48aea75c..6bfbcc32 100644 --- a/www-ssl/index.php +++ b/www-ssl/index.php @@ -61,6 +61,10 @@ if (in_array($p, $privileges)) { elseif ($p == "admin_rooms") { require_once ('includes/pages/admin_rooms.php'); $content = admin_rooms(); + } + elseif ($p == "admin_groups") { + require_once ('includes/pages/admin_groups.php'); + $content = admin_groups(); } else { require_once ('includes/pages/guest_start.php'); $content = guest_start(); diff --git a/www-ssl/nonpublic/messages.php b/www-ssl/nonpublic/messages.php deleted file mode 100644 index 4868136d..00000000 --- a/www-ssl/nonpublic/messages.php +++ /dev/null @@ -1,124 +0,0 @@ -\n"; - echo Get_Text("pub_messages_text1") . "

    \n"; - - //show exist Messages - $SQL = "SELECT * FROM `Messages` WHERE `SUID`='" . $_SESSION["UID"] . "' OR `RUID`='" . $_SESSION["UID"] . "'"; - $erg = mysql_query($SQL, $con); - - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - - for ($i = 0; $i < mysql_num_rows($erg); $i++) { - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - } - - // send Messeges - echo ""; - echo "\n"; - echo "\n"; - echo "\n"; - - // Listet alle Nicks auf - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo ""; - - echo "
    " . Get_Text("pub_messages_Datum") . "" . Get_Text("pub_messages_Von") . "" . Get_Text("pub_messages_An") . "" . Get_Text("pub_messages_Text") . "
    " . mysql_result($erg, $i, "Datum") . "" . UID2Nick(mysql_result($erg, $i, "SUID")) . "" . UID2Nick(mysql_result($erg, $i, "RUID")) . "" . mysql_result($erg, $i, "Text") . ""; - - if (mysql_result($erg, $i, "RUID") == $_SESSION["UID"]) { - echo "" . Get_Text("pub_messages_DelMsg") . ""; - - if (mysql_result($erg, $i, "isRead") == "N") - echo "" . Get_Text("pub_messages_MarkRead") . ""; - } else { - if (mysql_result($erg, $i, "isRead") == "N") - echo Get_Text("pub_messages_NotRead"); - } - - echo "
    \n"; - break; - - case "SendMsg" : - echo Get_Text("pub_messages_Send1") . "...
    \n"; - - $SQL = "INSERT INTO `Messages` ( `Datum` , `SUID` , `RUID` , `Text` ) VALUES (" . - "'" . gmdate("Y-m-j H:i:s", time()) . "', " . - "'" . $_SESSION["UID"] . "', " . - "'" . $_POST["RUID"] . "', " . - "'" . $_POST["Text"] . "');"; - - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_Send_OK") . "\n"; - else - echo Get_Text("pub_messages_Send_Error") . "...\n(" . mysql_error($con) . ")"; - break; - - case "MarkRead" : - $SQL = "UPDATE `Messages` SET `isRead` = 'Y' " . - "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID`='" . $_SESSION["UID"] . "' " . - "LIMIT 1 ;"; - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_MarkRead_OK") . "\n"; - else - echo Get_Text("pub_messages_MarkRead_KO") . "...\n(" . mysql_error($con) . ")"; - break; - - case "DelMsg" : - $SQL = "DELETE FROM `Messages` " . - "WHERE `Datum` = '" . $_GET["Datum"] . "' AND `RUID` ='" . $_SESSION["UID"] . "' " . - "LIMIT 1;"; - $Erg = mysql_query($SQL, $con); - - if ($Erg == 1) - echo Get_Text("pub_messages_DelMsg_OK") . "\n"; - else - echo Get_Text("pub_messages_DelMsg_KO") . "...\n(" . mysql_error($con) . ")"; - break; - - default : - echo Get_Text("pub_messages_NoCommand"); -} - -include "includes/footer.php"; -?>