https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r21: Changed all bitwise operations to use can_perform() (new: includes/functions...
[bugdar.git] / admin / usergroup.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # [#]app[#] [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 require_once('./global.php');
14 require_once('./includes/functions_datastore.php');
15
16 if (!can_perform('canadmingroups'))
17 {
18 admin_login();
19 }
20
21 // ###################################################################
22
23 if (empty($_REQUEST['do']))
24 {
25 $_REQUEST['do'] = 'modify';
26 }
27
28 // ###################################################################
29
30 if ($_REQUEST['do'] == 'kill')
31 {
32 sanitize(array('usergroupid' => INT));
33
34 if ($vars['usergroupid'] < 7)
35 {
36 $admin->error('You can\'t delete a default usergroup.');
37 }
38
39 $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
40 $DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = $vars[usergroupid]");
41
42 build_usergroups();
43 build_assignedto();
44
45 $admin->redirect('usergroup.php?do=modify');
46 }
47
48 // ###################################################################
49
50 if ($_REQUEST['do'] == 'delete')
51 {
52 sanitize(array('usergroupid' => INT));
53
54 if ($vars['usergroupid'] < 7)
55 {
56 $admin->error('You can\'t delete a default usergroup.');
57 }
58
59 $admin->page_confirm('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).', 'usergroup.php?do=kill&amp;usergroupid=' . $vars['usergroupid']);
60 }
61
62 // ###################################################################
63
64 if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
65 {
66 $add = iff($_REQUEST['do'] == 'add', true, false);
67 $edit = iff($_REQUEST['do'] == 'edit', true, false);
68
69 sanitize(array('usergroupid' => INT));
70
71 $admin->page_start(iff($add, 'New Usergroup', 'Edit Usergroup'));
72
73 $admin->form_start('usergroup.php', iff($add, 'insert', 'update'));
74
75 if ($edit)
76 {
77 $usergroup = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
78 if (!is_array($usergroup))
79 {
80 $admin->error('-1');
81 }
82
83 $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
84 }
85 else
86 {
87 $usergroup['permissions'] = 319;
88 }
89
90 // Details
91 $admin->table_start();
92 $admin->table_head('Usergroup Details');
93 $admin->row_input('Usergroup Title', 'title', htmlspecialcharslike($usergroup['title']));
94 $admin->row_input('Display Title<div><dfn>This is the title that others will be able to see when comments are posted.</dfn></div>', 'displaytitle', htmlspecialcharslike($usergroup['displaytitle']));
95 $admin->row_input('Opening Tag Markup<div><dfn>Place all open HTML tags here that will be wrapped around the username.</dfn></div>', 'opentag', htmlspecialcharslike($usergroup['opentag']));
96 $admin->row_input('Closing Tag Markup<div><dfn>Place all closed HTML tags that will close any open HTML tags entered above.</dfn></div>', 'closetag', htmlspecialcharslike($usergroup['closetag']));
97 $admin->table_end();
98
99 // Permission
100 $admin->table_start();
101 $admin->table_head('Permission Settings');
102 $admin->row_span('General Permissions', 'thead', 'center');
103 $admin->row_yesno('Can View the Tracker', 'perm[canviewbugs]', $usergroup['permissions'] & $_PERMISSION['canviewbugs']);
104 $admin->row_yesno('Can Search Bugs', 'perm[cansearch]', $usergroup['permissions'] & $_PERMISSION['cansearch']);
105 $admin->row_yesno('Can Subscribe to Bugs', 'perm[cansubscribe]', $usergroup['permissions'] & $_PERMISSION['cansubscribe']);
106 $admin->row_yesno('Can Be Assigned Bugs', 'perm[canbeassignedto]', $usergroup['permissions'] & $_PERMISSION['canbeassignedto']);
107 $admin->row_span('Posting/Submitting Permissions', 'thead', 'center');
108 $admin->row_yesno('Can Vote on Polls', 'perm[canvote]', $usergroup['permissions'] & $_PERMISSION['canvote']);
109 $admin->row_yesno('Can Submit Bugs', 'perm[cansubmitbugs]', $usergroup['permissions'] & $_PERMISSION['cansubmitbugs']);
110 $admin->row_yesno('Can Post Comments', 'perm[canpostcomments]', $usergroup['permissions'] & $_PERMISSION['canpostcomments']);
111 $admin->row_yesno('Can View Attachments', 'perm[cangetattach]', $usergroup['permissions'] & $_PERMISSION['cangetattach']);
112 $admin->row_yesno('Can Put Attachments', 'perm[canputattach]', $usergroup['permissions'] & $_PERMISSION['canputattach']);
113 $admin->row_span('Moderation/Managment Permissions', 'thead', 'center');
114 $admin->row_yesno('Can Edit Own Bugs', 'perm[caneditown]', $usergroup['permissions'] & $_PERMISSION['caneditown']);
115 $admin->row_yesno('Can Edit Others\' Bugs', 'perm[caneditothers]', $usergroup['permissions'] & $_PERMISSION['caneditothers']);
116 $admin->row_yesno('Can Edit Bug Information', 'perm[caneditinfo]', $usergroup['permissions'] & $_PERMISSION['caneditinfo']);
117 $admin->row_yesno('Can Assign Bugs', 'perm[canassign]', $usergroup['permissions'] & $_PERMISSION['canassign']);
118 $admin->row_yesno('Can Change Status', 'perm[canchangestatus]', $usergroup['permissions'] & $_PERMISSION['canchangestatus']);
119 $admin->row_span('Administrator Permissions', 'thead', 'center');
120 $admin->row_yesno('Can Access Control Panel', 'perm[canadminpanel]', $usergroup['permissions'] & $_PERMISSION['canadminpanel']);
121 $admin->row_yesno('Can Administer Bug Reports', 'perm[canadminbugs]', $usergroup['permissions'] & $_PERMISSION['canadminbugs']);
122 $admin->row_yesno('Can Administer Products / Components / Versions', 'perm[canadminversions]', $usergroup['permissions'] & $_PERMISSION['canadminversions']);
123 $admin->row_yesno('Can Administer Additional Bug Fields', 'perm[canadminfields]', $usergroup['permissions'] & $_PERMISSION['canadminfields']);
124 $admin->row_yesno('Can Administer Users', 'perm[canadminusers]', $usergroup['permissions'] & $_PERMISSION['canadminusers']);
125 $admin->row_yesno('Can Administer Usergroups', 'perm[canadmingroups]', $usergroup['permissions'] & $_PERMISSION['canadmingroups']);
126 $admin->row_yesno('Can Administer Settings / Maintenance Tools', 'perm[canadmintools]', $usergroup['permissions'] & $_PERMISSION['canadmintools']);
127 $admin->table_end();
128
129 // Submit
130 $admin->table_start();
131 $admin->row_submit();
132 $admin->table_end();
133
134 $admin->form_end();
135
136 $admin->page_end();
137 }
138
139 // ###################################################################
140
141 if ($_POST['do'] == 'insert')
142 {
143 sanitize(array('title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR));
144
145 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
146 {
147 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
148 }
149
150 $DB_sql->query("
151 INSERT INTO " . TABLE_PREFIX . "usergroup
152 (title, displaytitle, opentag, closetag, permissions)
153 VALUES
154 ('" . addslasheslike($vars['title']) . "',
155 '" . addslasheslike($vars['displaytitle']) . "',
156 '" . addslasheslike($vars['opentag']) . "',
157 '" . addslasheslike($vars['closetag']) . "',
158 $permissionvalue
159 )"
160 );
161
162 build_usergroups();
163
164 $admin->redirect('usergroup.php?do=modify');
165
166 /*echo '$permvalue = ' . $permissionvalue;
167
168 echo '<hr>';
169
170 foreach ($_PERMISSION AS $permtitle => $bitmask)
171 {
172 echo $permtitle . ' & $permvalue = ' . ($bitmask & $permissionvalue) . '<br>';
173 }
174
175 //print_r($_POST);*/
176 }
177
178 // ###################################################################
179
180 if ($_POST['do'] == 'update')
181 {
182 sanitize(array('usergroupid' => INT, 'title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR));
183
184 foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
185 {
186 $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
187 }
188
189 $DB_sql->query("
190 UPDATE " . TABLE_PREFIX . "usergroup
191 SET title = '" . addslasheslike($vars['title']) . "',
192 displaytitle = '" . addslasheslike($vars['displaytitle']) . "',
193 opentag = '" . addslasheslike(unhtmlspecialchars($vars['opentag'])) . "',
194 closetag = '" . addslasheslike(unhtmlspecialchars($vars['closetag'])) . "',
195 permissions = $permissionvalue
196 WHERE usergroupid = $vars[usergroupid]"
197 );
198
199 build_usergroups();
200 build_assignedto();
201
202 $admin->redirect('usergroup.php?do=modify');
203 }
204
205 // ###################################################################
206
207 if ($_REQUEST['do'] == 'modify')
208 {
209 $admin->page_start('Usergroup Manager');
210
211 $admin->form_start('usergroup.php', 'null');
212 $admin->table_start();
213 $admin->table_head('Usergroup Manager', 3);
214
215 $groups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
216 while ($group = $DB_sql->fetch_array($groups))
217 {
218 $usergroups["$group[usergroupid]"] = $group;
219 }
220 $DB_sql->free_result($groups);
221
222 $groups = $DB_sql->query("
223 SELECT COUNT(user.userid) AS total, user.usergroupid
224 FROM " . TABLE_PREFIX . "user AS user
225 LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
226 GROUP BY usergroup.usergroupid
227 ORDER BY usergroup.usergroupid"
228 );
229 while ($group = $DB_sql->fetch_array($groups))
230 {
231 $usergroups["$group[usergroupid]"]['total'] = $group['total'];
232 }
233
234 $admin->table_column_head(array('Usergroup', 'Number of Users', 'Action'));
235 foreach ($usergroups AS $group)
236 {
237 $admin->row_multi_item(array("<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">$group[title]</a>" => 'l', iff(!$group['total'], '-', $group['total']) => 'c', "<a href=\"usergroup.php?do=edit&amp;usergroupid=$group[usergroupid]\">[Edit]</a>" . iff($group['usergroupid'] > 6, "<a href=\"usergroup.php?do=delete&amp;usergroupid=$group[usergroupid]\">[Delete]</a>") => 'c'));
238 }
239
240 $admin->row_span('<input type="button" name="addug" value=" Add New Usergroup " onclick="window.location = \'usergroup.php?do=add\';" />', 'tfoot', 'center', 3);
241 $admin->table_end();
242 $admin->form_end();
243
244 $admin->page_end();
245 }
246
247 /*=====================================================================*\
248 || ###################################################################
249 || # $HeadURL$
250 || # $Id$
251 || ###################################################################
252 \*=====================================================================*/
253 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.