# HG changeset patch # User Dan # Date 1199403559 18000 # Node ID 299a90e28abcc4299b5f6e9fe68eb700ea9d94c7 # Parent cdf24ba5f11465dd3a3676e8e8ce82dd0088ef5b Localized and separated Admin:GroupManager diff -r cdf24ba5f114 -r 299a90e28abc language/english/admin.json --- a/language/english/admin.json Thu Jan 03 00:55:10 2008 -0500 +++ b/language/english/admin.json Thu Jan 03 18:39:19 2008 -0500 @@ -18,7 +18,7 @@ var enano_lang = { categories: [ 'adm', 'acl', 'adminusers', - 'acphome', 'acpgc', 'acpup', 'acpft', 'acppl', 'acppm', 'acped', 'acpdb', 'acppg', 'acpum', + 'acphome', 'acpgc', 'acpup', 'acpft', 'acppl', 'acppm', 'acped', 'acpdb', 'acppg', 'acpum', 'acpug', ], strings: { meta: { @@ -34,6 +34,7 @@ acped: 'ACP: Edit page content', acppg: 'ACP: Page groups', acpum: 'ACP: User management', + acpug: 'ACP: User group management', }, adm: { cat_general: 'General', @@ -622,6 +623,48 @@ field_deleteaccount_hint: 'Even if you delete this user account, the username will be shown in page edit history, comments, and other areas of the site. Deleting a user account CANNOT BE UNDONE and should only be done in extreme circumstances. If the user has violated the site policy, deleting the account will not prevent him from using the site or creating a new account, for that you need to add a new ban rule.', btn_save: 'Save changes', + }, + acpug: { + heading_main: 'Manage Usergroups', + heading_edit_existing: 'Edit an existing group', + btn_edit_stage1: 'Edit group', + heading_create_new: 'Create a new group', + field_group_name: 'Group name:', + btn_create_stage1: 'Continue', + + // Edit form + heading_edit_name: 'Edit group name', + btn_cant_delete: 'Can\'t delete system group', + btn_delete_group: 'Delete this group', + btn_save_name: 'Save name', + heading_edit_members: 'Edit group members', + msg_no_members: 'This group has no members.', + lbl_member_mod: 'Mod', + btn_remove_member: 'Remove member', + heading_add_member: 'Add a new member', + field_username: 'Username:', + field_make_mod: 'Is a group moderator', + field_make_mod_hint: '(can add and delete other members)', + btn_add_user: 'Add user to group', + + // Create form + err_group_name_invalid: 'The group name you chose is invalid.', + heading_creating_group: 'Creating group:', + field_group_mod: 'Group moderator', + field_group_type: 'Group status', + btn_create_stage2: 'Create group', + err_already_exist: 'The group name you entered already exists.', + err_bad_username: 'The username you entered could not be found.', + err_bad_insert_id: 'The group ID could not be looked up.', + heading_info: 'Information', + msg_create_success: 'The group %g_name% has been created successfully.', + + // More editor bits, validation messages + err_nodelete_system_group: 'The group "%g_name%" could not be deleted because it is a system group required for site functionality.', + msg_delete_success: 'The group "%g_name%" has been deleted. Return to the group manager.', + msg_name_update_success: 'The group name has been updated.', + msg_user_added: 'The user "%username%" has been added to this usergroup.', + err_username_not_exist: 'The user "%username%" could not be added.
This username does not exist.', } } }; diff -r cdf24ba5f114 -r 299a90e28abc plugins/SpecialAdmin.php --- a/plugins/SpecialAdmin.php Thu Jan 03 00:55:10 2008 -0500 +++ b/plugins/SpecialAdmin.php Thu Jan 03 18:39:19 2008 -0500 @@ -43,6 +43,7 @@ require(ENANO_ROOT . '/plugins/admin/PageManager.php'); require(ENANO_ROOT . '/plugins/admin/PageEditor.php'); require(ENANO_ROOT . '/plugins/admin/PageGroups.php'); +require(ENANO_ROOT . '/plugins/admin/GroupManager.php'); require(ENANO_ROOT . '/plugins/admin/SecurityLog.php'); require(ENANO_ROOT . '/plugins/admin/UserManager.php'); @@ -1628,368 +1629,9 @@ } else echo('

All themes are currently installed.

'); } -function page_Admin_GroupManager() -{ - global $db, $session, $paths, $template, $plugins; // Common objects - global $lang; - if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) - { - $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); - echo '

' . $lang->get('adm_err_not_auth_title') . '

'; - echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; - return; - } - - if(isset($_POST['do_create_stage1'])) - { - if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name'])) - { - echo '

The group name you chose is invalid.

'; - return; - } - echo '
'; - echo '
- - - - - - - - - -
Creating group: '.htmlspecialchars($_POST['create_group_name']).'
Group moderator' . $template->username_field('group_mod') . '
Group status -
-
-
- -
- - -
-
'; - echo '
'; - return; - } - elseif(isset($_POST['do_create_stage2'])) - { - if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name'])) - { - echo '

The group name you chose is invalid.

'; - return; - } - if(!in_array(intval($_POST['group_status']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST))) - { - echo '

Hacking attempt

'; - return; - } - $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';'); - if(!$e) - { - echo $db->get_error(); - return; - } - if($db->numrows() > 0) - { - echo '

The group name you entered already exists.

'; - return; - } - $db->free_result(); - $q = $db->sql_query('INSERT INTO '.table_prefix.'groups(group_name,group_type) VALUES( \''.$db->escape($_POST['create_group_name']).'\', ' . intval($_POST['group_status']) . ' )'); - if(!$q) - { - echo $db->get_error(); - return; - } - $e = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['group_mod']).'\';'); - if(!$e) - { - echo $db->get_error(); - return; - } - if($db->numrows() < 1) - { - echo '

The username you entered could not be found.

'; - return; - } - $row = $db->fetchrow(); - $id = $row['user_id']; - $db->free_result(); - $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';'); - if(!$e) - { - echo $db->get_error(); - return; - } - if($db->numrows() < 1) - { - echo '

The group ID could not be looked up.

'; - return; - } - $row = $db->fetchrow(); - $gid = $row['group_id']; - $db->free_result(); - $e = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.$gid.', '.$id.', 1);'); - if(!$e) - { - echo $db->get_error(); - return; - } - $g_name = htmlspecialchars($_POST['create_group_name']); - echo "
- Information
- The group {$g_name} has been created successfully. -
"; - } - if(isset($_POST['do_edit']) || isset($_POST['edit_do'])) - { - // Fetch the group name - $q = $db->sql_query('SELECT group_name,system_group FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); - if(!$q) - { - echo $db->get_error(); - return; - } - if($db->numrows() < 1) - { - echo '

Error: couldn\'t look up group name

'; - } - $row = $db->fetchrow(); - $name = htmlspecialchars($row['group_name']); - $db->free_result(); - if(isset($_POST['edit_do'])) - { - if(isset($_POST['edit_do']['del_group'])) - { - if ( $row['system_group'] == 1 ) - { - echo '
The group "' . $name . '" could not be deleted because it is a system group required for site functionality.
'; - } - else - { - $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE group_id='.intval($_POST['group_edit_id']).';'); - if(!$q) - { - echo $db->get_error(); - return; - } - $q = $db->sql_query('DELETE FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); - if(!$q) - { - echo $db->get_error(); - return; - } - echo '
The group "'.$name.'" has been deleted. Return to the group manager.
'; - return; - } - } - if(isset($_POST['edit_do']['save_name'])) - { - if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name'])) - { - echo '

The group name you chose is invalid.

'; - return; - } - $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\' - WHERE group_id='.intval($_POST['group_edit_id']).';'); - if(!$q) - { - echo $db->get_error(); - return; - } - else - { - echo '
- The group name has been updated. -
'; - } - $name = htmlspecialchars($_POST['group_name']); - - } - $q = $db->sql_query('SELECT member_id FROM '.table_prefix.'group_members - WHERE group_id='.intval($_POST['group_edit_id']).';'); - if(!$q) - { - echo $db->get_error(); - return; - } - if($db->numrows() > 0) - { - while($row = $db->fetchrow($q)) - { - if(isset($_POST['edit_do']['del_' . $row['member_id']])) - { - $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$row['member_id']); - if(!$e) - { - echo $db->get_error(); - return; - } - } - } - } - $db->free_result(); - if(isset($_POST['edit_do']['add_member'])) - { - $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['edit_add_username']).'\';'); - if(!$q) - { - echo $db->get_error(); - return; - } - if($db->numrows() > 0) - { - $row = $db->fetchrow(); - $user_id = $row['user_id']; - $is_mod = ( isset( $_POST['add_mod'] ) ) ? '1' : '0'; - $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.intval($_POST['group_edit_id']).','.$user_id.','.$is_mod.');'); - if(!$q) - { - echo $db->get_error(); - return; - } - else - { - echo '
- The user "'.$_POST['edit_add_username'].'" has been added to this usergroup. -
'; - } - } - else - echo '
The user "'.htmlspecialchars($_POST['edit_add_username']).'" could not be added.
This username does not exist.
'; - } - } - $sg_disabled = ( $row['system_group'] == 1 ) ? ' value="Can\'t delete system group" disabled="disabled" style="color: #FF9773" ' : ' value="Delete this group" style="color: #FF3713" '; - echo '
'; - echo '
- - - - - - - - -
Edit group name
- Group name: -
- - -
-
- '; - echo '
'; - echo '
'; - echo '
- - '; - $q = $db->sql_query('SELECT m.member_id,m.is_mod,u.username FROM '.table_prefix.'group_members AS m - LEFT JOIN '.table_prefix.'users AS u - ON u.user_id=m.user_id - WHERE m.group_id='.intval($_POST['group_edit_id']).' - ORDER BY m.is_mod DESC, u.username ASC;'); - if(!$q) - { - echo $db->get_error(); - return; - } - if($db->numrows() < 1) - { - echo ''; - } - else - { - $cls = 'row2'; - while($row = $db->fetchrow()) - { - $cls = ( $cls == 'row1' ) ? 'row2' : 'row1'; - $mod = ( $row['is_mod'] == 1 ) ? 'Mod' : ''; - echo ' - - - - '; - } - } - $db->free_result(); - echo '
Edit group members
This group has no members.
- ' . $row['username'] . ' - - '.$mod.' - - -
-
- '; - echo '
'; - echo '
'; - echo '
- - - - - - - - - - - - - -
Add a new member
- Username: ' . $template->username_field('edit_add_username') . ' -
- (can add and delete other members) -
- -
-
- '; - echo '
'; - return; - } - echo '

Manage Usergroups

'; - echo '
'; - $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups ORDER BY group_name ASC;'); - if(!$q) - { - echo $db->get_error(); - } - else - { - echo '
- - - - '; - echo ''; - echo ' -
Edit an existing group
-
-

'; - } - echo '
'; - echo '
- - - - '; - echo ''; - echo ' -
Create a new group
Group name:
-
'; - echo '
'; -} +/* + * Admin:GroupManager sources are in /plugins/admin/GroupManager.php. + */ function page_Admin_COPPA() { diff -r cdf24ba5f114 -r 299a90e28abc plugins/admin/GroupManager.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/plugins/admin/GroupManager.php Thu Jan 03 18:39:19 2008 -0500 @@ -0,0 +1,383 @@ +auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) + { + $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); + echo '

' . $lang->get('adm_err_not_auth_title') . '

'; + echo '

' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '

'; + return; + } + + if(isset($_POST['do_create_stage1'])) + { + if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name'])) + { + echo '

' . $lang->get('acpug_err_group_name_invalid') . '

'; + return; + } + echo '
'; + echo '
+ + + + + + + + + +
' . $lang->get('acpug_heading_creating_group') . ' '.htmlspecialchars($_POST['create_group_name']).'
' . $lang->get('acpug_field_group_mod') . '' . $template->username_field('group_mod') . '
' . $lang->get('acpug_field_group_type') . ' +
+
+
+ +
+ + +
+
'; + echo '
'; + return; + } + elseif(isset($_POST['do_create_stage2'])) + { + if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name'])) + { + echo '

' . $lang->get('acpug_err_group_name_invalid') . '

'; + return; + } + if(!in_array(intval($_POST['group_status']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST))) + { + echo '

Hacking attempt

'; + return; + } + $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';'); + if(!$e) + { + echo $db->get_error(); + return; + } + if($db->numrows() > 0) + { + echo '

' . $lang->get('acpug_err_already_exist') . '

'; + return; + } + $db->free_result(); + $q = $db->sql_query('INSERT INTO '.table_prefix.'groups(group_name,group_type) VALUES( \''.$db->escape($_POST['create_group_name']).'\', ' . intval($_POST['group_status']) . ' )'); + if(!$q) + { + echo $db->get_error(); + return; + } + $e = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['group_mod']).'\';'); + if(!$e) + { + echo $db->get_error(); + return; + } + if($db->numrows() < 1) + { + echo '

' . $lang->get('acpug_err_bad_username') . '

'; + return; + } + $row = $db->fetchrow(); + $id = $row['user_id']; + $db->free_result(); + $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';'); + if(!$e) + { + echo $db->get_error(); + return; + } + if($db->numrows() < 1) + { + echo '

' . $lang->get('acpug_err_bad_insert_id') . '

'; + return; + } + $row = $db->fetchrow(); + $gid = $row['group_id']; + $db->free_result(); + $e = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.$gid.', '.$id.', 1);'); + if(!$e) + { + echo $db->get_error(); + return; + } + $g_name = htmlspecialchars($_POST['create_group_name']); + echo "
+ " . $lang->get('acpug_heading_info') . "
+ " . $lang->get('acpug_msg_create_success', array('g_name' => $g_name)) . " +
"; + } + if(isset($_POST['do_edit']) || isset($_POST['edit_do'])) + { + // Fetch the group name + $q = $db->sql_query('SELECT group_name,system_group FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); + if(!$q) + { + echo $db->get_error(); + return; + } + if($db->numrows() < 1) + { + echo '

Error: couldn\'t look up group name

'; + } + $row = $db->fetchrow(); + $name = htmlspecialchars($row['group_name']); + $db->free_result(); + if(isset($_POST['edit_do'])) + { + if(isset($_POST['edit_do']['del_group'])) + { + if ( $row['system_group'] == 1 ) + { + echo '
' . $lang->get('acpug_err_nodelete_system_group', array('g_name' => $name)) . '
'; + } + else + { + $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE group_id='.intval($_POST['group_edit_id']).';'); + if(!$q) + { + echo $db->get_error(); + return; + } + $q = $db->sql_query('DELETE FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); + if(!$q) + { + echo $db->get_error(); + return; + } + echo '
' . $lang->get('acpug_msg_delete_success', array('g_name' => $name, 'a_flags' => 'href="javascript:ajaxPage(\'' . $paths->nslist['Admin'] . 'GroupManager\');"')) . '
'; + return; + } + } + if(isset($_POST['edit_do']['save_name'])) + { + if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name'])) + { + echo '

' . $lang->get('acpug_err_group_name_invalid') . '

'; + return; + } + $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\' + WHERE group_id='.intval($_POST['group_edit_id']).';'); + if(!$q) + { + echo $db->get_error(); + return; + } + else + { + echo '
+ ' . $lang->get('acpug_msg_name_update_success') . ' +
'; + } + $name = htmlspecialchars($_POST['group_name']); + + } + $q = $db->sql_query('SELECT member_id FROM '.table_prefix.'group_members + WHERE group_id='.intval($_POST['group_edit_id']).';'); + if(!$q) + { + echo $db->get_error(); + return; + } + if($db->numrows() > 0) + { + while($row = $db->fetchrow($q)) + { + if(isset($_POST['edit_do']['del_' . $row['member_id']])) + { + $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$row['member_id']); + if(!$e) + { + echo $db->get_error(); + return; + } + } + } + } + $db->free_result(); + if(isset($_POST['edit_do']['add_member'])) + { + $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['edit_add_username']).'\';'); + if(!$q) + { + echo $db->get_error(); + return; + } + if($db->numrows() > 0) + { + $row = $db->fetchrow(); + $user_id = $row['user_id']; + $is_mod = ( isset( $_POST['add_mod'] ) ) ? '1' : '0'; + $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.intval($_POST['group_edit_id']).','.$user_id.','.$is_mod.');'); + if(!$q) + { + echo $db->get_error(); + return; + } + else + { + echo '
+ ' . $lang->get('acpug_msg_user_added', array('username' => htmlspecialchars($_POST['edit_add_username']))) . ' +
'; + } + } + else + echo '
' . $lang->get('acpug_err_username_not_exist', array('username' => htmlspecialchars($_POST['edit_add_username']))) . '
'; + } + } + $sg_disabled = ( $row['system_group'] == 1 ) ? + ' value="' . $lang->get('acpug_btn_cant_delete') . '" disabled="disabled" style="color: #FF9773" ' : + ' value="' . $lang->get('acpug_btn_delete_group') . '" style="color: #FF3713" '; + echo '
'; + echo '
+ + + + + + + + +
' . $lang->get('acpug_heading_edit_name') . '
+ ' . $lang->get('acpug_field_group_name') . ' +
+ + +
+
+ '; + echo '
'; + echo '
'; + echo '
+ + '; + $q = $db->sql_query('SELECT m.member_id,m.is_mod,u.username FROM '.table_prefix.'group_members AS m + LEFT JOIN '.table_prefix.'users AS u + ON u.user_id=m.user_id + WHERE m.group_id='.intval($_POST['group_edit_id']).' + ORDER BY m.is_mod DESC, u.username ASC;'); + if(!$q) + { + echo $db->get_error(); + return; + } + if($db->numrows() < 1) + { + echo ''; + } + else + { + $cls = 'row2'; + while($row = $db->fetchrow()) + { + $cls = ( $cls == 'row1' ) ? 'row2' : 'row1'; + $mod = ( $row['is_mod'] == 1 ) ? $lang->get('acpug_lbl_member_mod') : ''; + echo ' + + + + '; + } + } + $db->free_result(); + echo '
' . $lang->get('acpug_heading_edit_members') . '
' . $lang->get('acpug_msg_no_members') . '
+ ' . $row['username'] . ' + + '.$mod.' + + +
+
+ '; + echo '
'; + echo '
'; + echo '
+ + + + + + + + + + + + + +
' . $lang->get('acpug_heading_add_member') . '
+ ' . $lang->get('acpug_field_username') . ' ' . $template->username_field('edit_add_username') . ' +
+ + ' . $lang->get('acpug_field_make_mod_hint') . ' +
+ +
+
+ '; + echo '
'; + return; + } + echo '

' . $lang->get('acpug_heading_main') . '

'; + echo '
'; + $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups ORDER BY group_name ASC;'); + if(!$q) + { + echo $db->get_error(); + } + else + { + echo '
+ + + + '; + echo ''; + echo ' +
' . $lang->get('acpug_heading_edit_existing') . '
+
+

'; + } + echo '
'; + echo '
+ + + + '; + echo ''; + echo ' +
' . $lang->get('acpug_heading_create_new') . '
' . $lang->get('acpug_field_group_name') . '
+
'; + echo '
'; +} + +?>