userinfo['permissions'] & CANADMINGROUPS))
{
admin_login();
}
// ###################################################################
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'modify';
}
// ###################################################################
if ($_REQUEST['do'] == 'kill')
{
sanitize(array('usergroupid' => INT));
if ($vars['usergroupid'] < 7)
{
$admin->error('You can\'t delete a default usergroup.');
}
$DB_sql->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
$DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = $vars[usergroupid]");
build_usergroups();
build_assignedto();
$admin->redirect('usergroup.php?do=modify');
}
// ###################################################################
if ($_REQUEST['do'] == 'delete')
{
sanitize(array('usergroupid' => INT));
if ($vars['usergroupid'] < 7)
{
$admin->error('You can\'t delete a default usergroup.');
}
$admin->page_confirm('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).', 'usergroup.php?do=kill&usergroupid=' . $vars['usergroupid']);
}
// ###################################################################
if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit')
{
$add = iff($_REQUEST['do'] == 'add', true, false);
$edit = iff($_REQUEST['do'] == 'edit', true, false);
sanitize(array('usergroupid' => INT));
$admin->page_start(iff($add, 'New Usergroup', 'Edit Usergroup'));
$admin->form_start('usergroup.php', iff($add, 'insert', 'update'));
if ($edit)
{
$usergroup = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
if (!is_array($usergroup))
{
$admin->error('-1');
}
$admin->form_hidden_field('usergroupid', $usergroup['usergroupid']);
}
else
{
$usergroup['permissions'] = 319;
}
// Details
$admin->table_start();
$admin->table_head('Usergroup Details');
$admin->row_input('Usergroup Title', 'title', htmlspecialcharslike($usergroup['title']));
$admin->row_input('Display TitleThis is the title that others will be able to see when comments are posted.
', 'displaytitle', htmlspecialcharslike($usergroup['displaytitle']));
$admin->row_input('Opening Tag MarkupPlace all open HTML tags here that will be wrapped around the username.
', 'opentag', htmlspecialcharslike($usergroup['opentag']));
$admin->row_input('Closing Tag MarkupPlace all closed HTML tags that will close any open HTML tags entered above.
', 'closetag', htmlspecialcharslike($usergroup['closetag']));
$admin->table_end();
// Permission
$admin->table_start();
$admin->table_head('Permission Settings');
$admin->row_span('General Permissions', 'thead', 'center');
$admin->row_yesno('Can View the Tracker', 'perm[canviewbugs]', $usergroup['permissions'] & $_PERMISSION['canviewbugs']);
$admin->row_yesno('Can Search Bugs', 'perm[cansearch]', $usergroup['permissions'] & $_PERMISSION['cansearch']);
$admin->row_yesno('Can Subscribe to Bugs', 'perm[cansubscribe]', $usergroup['permissions'] & $_PERMISSION['cansubscribe']);
$admin->row_yesno('Can Be Assigned Bugs', 'perm[canbeassignedto]', $usergroup['permissions'] & $_PERMISSION['canbeassignedto']);
$admin->row_span('Posting/Submitting Permissions', 'thead', 'center');
$admin->row_yesno('Can Vote on Polls', 'perm[canvote]', $usergroup['permissions'] & $_PERMISSION['canvote']);
$admin->row_yesno('Can Submit Bugs', 'perm[cansubmitbugs]', $usergroup['permissions'] & $_PERMISSION['cansubmitbugs']);
$admin->row_yesno('Can Post Comments', 'perm[canpostcomments]', $usergroup['permissions'] & $_PERMISSION['canpostcomments']);
$admin->row_yesno('Can View Attachments', 'perm[cangetattach]', $usergroup['permissions'] & $_PERMISSION['cangetattach']);
$admin->row_yesno('Can Put Attachments', 'perm[canputattach]', $usergroup['permissions'] & $_PERMISSION['canputattach']);
$admin->row_span('Moderation/Managment Permissions', 'thead', 'center');
$admin->row_yesno('Can Edit Own Bugs', 'perm[caneditown]', $usergroup['permissions'] & $_PERMISSION['caneditown']);
$admin->row_yesno('Can Edit Others\' Bugs', 'perm[caneditothers]', $usergroup['permissions'] & $_PERMISSION['caneditothers']);
$admin->row_yesno('Can Edit Bug Information', 'perm[caneditinfo]', $usergroup['permissions'] & $_PERMISSION['caneditinfo']);
$admin->row_yesno('Can Assign Bugs', 'perm[canassign]', $usergroup['permissions'] & $_PERMISSION['canassign']);
$admin->row_yesno('Can Change Status', 'perm[canchangestatus]', $usergroup['permissions'] & $_PERMISSION['canchangestatus']);
$admin->row_span('Administrator Permissions', 'thead', 'center');
$admin->row_yesno('Can Access Control Panel', 'perm[canadminpanel]', $usergroup['permissions'] & $_PERMISSION['canadminpanel']);
$admin->row_yesno('Can Administer Bug Reports', 'perm[canadminbugs]', $usergroup['permissions'] & $_PERMISSION['canadminbugs']);
$admin->row_yesno('Can Administer Products / Components / Versions', 'perm[canadminversions]', $usergroup['permissions'] & $_PERMISSION['canadminversions']);
$admin->row_yesno('Can Administer Additional Bug Fields', 'perm[canadminfields]', $usergroup['permissions'] & $_PERMISSION['canadminfields']);
$admin->row_yesno('Can Administer Users', 'perm[canadminusers]', $usergroup['permissions'] & $_PERMISSION['canadminusers']);
$admin->row_yesno('Can Administer Usergroups', 'perm[canadmingroups]', $usergroup['permissions'] & $_PERMISSION['canadmingroups']);
$admin->row_yesno('Can Administer Settings / Maintenance Tools', 'perm[canadmintools]', $usergroup['permissions'] & $_PERMISSION['canadmintools']);
$admin->table_end();
// Submit
$admin->table_start();
$admin->row_submit();
$admin->table_end();
$admin->form_end();
$admin->page_end();
}
// ###################################################################
if ($_POST['do'] == 'insert')
{
sanitize(array('title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR));
foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
{
$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
}
$DB_sql->query("
INSERT INTO " . TABLE_PREFIX . "usergroup
(title, displaytitle, opentag, closetag, permissions)
VALUES
('" . addslasheslike($vars['title']) . "',
'" . addslasheslike($vars['displaytitle']) . "',
'" . addslasheslike($vars['opentag']) . "',
'" . addslasheslike($vars['closetag']) . "',
$permissionvalue
)"
);
build_usergroups();
$admin->redirect('usergroup.php?do=modify');
/*echo '$permvalue = ' . $permissionvalue;
echo '
';
foreach ($_PERMISSION AS $permtitle => $bitmask)
{
echo $permtitle . ' & $permvalue = ' . ($bitmask & $permissionvalue) . '
';
}
//print_r($_POST);*/
}
// ###################################################################
if ($_POST['do'] == 'update')
{
sanitize(array('usergroupid' => INT, 'title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR));
foreach ($_POST['perm'] AS $permtitle => $binaryswitch)
{
$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
}
$DB_sql->query("
UPDATE " . TABLE_PREFIX . "usergroup
SET title = '" . addslasheslike($vars['title']) . "',
displaytitle = '" . addslasheslike($vars['displaytitle']) . "',
opentag = '" . addslasheslike(unhtmlspecialchars($vars['opentag'])) . "',
closetag = '" . addslasheslike(unhtmlspecialchars($vars['closetag'])) . "',
permissions = $permissionvalue
WHERE usergroupid = $vars[usergroupid]"
);
build_usergroups();
build_assignedto();
$admin->redirect('usergroup.php?do=modify');
}
// ###################################################################
if ($_REQUEST['do'] == 'modify')
{
$admin->page_start('Usergroup Manager');
$admin->form_start('usergroup.php', 'null');
$admin->table_start();
$admin->table_head('Usergroup Manager', 3);
$groups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
while ($group = $DB_sql->fetch_array($groups))
{
$usergroups["$group[usergroupid]"] = $group;
}
$DB_sql->free_result($groups);
$groups = $DB_sql->query("
SELECT COUNT(user.userid) AS total, user.usergroupid
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
GROUP BY usergroup.usergroupid
ORDER BY usergroup.usergroupid"
);
while ($group = $DB_sql->fetch_array($groups))
{
$usergroups["$group[usergroupid]"]['total'] = $group['total'];
}
$admin->table_column_head(array('Usergroup', 'Number of Users', 'Action'));
foreach ($usergroups AS $group)
{
$admin->row_multi_item(array("$group[title]" => 'l', iff(!$group['total'], '-', $group['total']) => 'c', "[Edit]" . iff($group['usergroupid'] > 6, "[Delete]") => 'c'));
}
$admin->row_span('', 'tfoot', 'center', 3);
$admin->table_end();
$admin->form_end();
$admin->page_end();
}
/*=====================================================================*\
|| ###################################################################
|| # $HeadURL$
|| # $Id$
|| ###################################################################
\*=====================================================================*/
?>