[dgoette] 38615: Welcome RosCMS admin interface, now we can manage roscms groups, ACLs and languages online and don't need to touch our DB for this again.
Author: dgoette Date: Tue Jan 6 13:51:22 2009 New Revision: 38615
URL: http://svn.reactos.org/svn/reactos?rev=38615&view=rev Log: Welcome RosCMS admin interface, now we can manage roscms groups, ACLs and languages online and don't need to touch our DB for this again.
Added: branches/danny-web/reactos.org/htdocs/roscms/js/cms_admin.js branches/danny-web/reactos.org/htdocs/roscms/lib/Admin.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Languages.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Admin.class.php Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/index.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/index.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -109,6 +109,9 @@ case 'maintain': new HTML_CMS_Maintain(); break; + case 'admin': + new HTML_CMS_Admin(); + break; case 'stats': new HTML_CMS_Stats(); break; @@ -158,6 +161,24 @@ case 'maintain': new Export_Maintain(); break; + case 'admin': + // Admin interface interaction + switch (@$_GET['d_u']) { + case 'acl': // Access Control Lists + new Admin_ACL(); + break; + case 'group': + new Admin_Groups(); + break; + case 'lang': + new Admin_Languages(); + break; + default: + die(''); + break; + } // end $_GET['d_u'] + break; + break; } // end switch break;
Added: branches/danny-web/reactos.org/htdocs/roscms/js/cms_admin.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_admin.js (added) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_admin.js [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,208 @@ + + + +/** + * requests a form for a new entry specified by subject + * the subject is interpreted in index.php + * + * @param string subject 'acl','group' or 'lang' + */ +function showNew( subject ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=new', 'GET'); +} + + + +/** + * @FILLME + */ +function submitNew( subject ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=new&submit=true', 'POST'); + return false; +} + + + +/** + * @FILLME + * + * @param string subject 'acl','group' or 'lang' + * @param string type 'edit' or 'delete' + */ +function showSearch( subject, type ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=search&for='+type, 'GET'); +} + + + +/** + * @FILLME + * + * @param string subject 'acl','group' or 'lang' + * @param string type 'edit' or 'delete' + */ +function submitSearch( subject, type ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=search&submit=true&for='+type, 'POST'); +} + + +/** + * @FILLME + * + * @param string subject 'acl','group' or 'lang' + */ +function showEdit( subject ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=edit', 'GET'); +} + + + +/** + * @FILLME + */ +function submitEdit( subject ) +{ + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=edit&submit=true', 'POST'); + return false; +} + + + +/** + * @FILLME + */ +function submitDelete( subject ) +{ + var uf = confirm("Do you really want delete this entry ?"); + if (uf==true) { + makeRequest('?page=data_out&d_f=admin&d_u=' + subject + '&action=delete&submit=true', 'POST'); + } + return false; +} + + + + +function getFormData( ) +{ + var postdata = ''; + var value; + + for(var i = 0; i < document.forms[0].elements.length; i++) { + if (postdata != '') postdata += "&"; + + switch (document.forms[0].elements[i].type) { + case 'text': + case 'hidden': + case 'select-one': + value = document.forms[0].elements[i].value; + break; + case 'checkbox': + value = document.forms[0].elements[i].checked ? 'true' : 'false'; + break; + default: + value = undefined; + break; + } + + if (value != undefined) { + postdata = postdata + document.forms[0].elements[i].name+"="+value; + } + + } + + return postdata; +} + + + +/** + * starts a new AJAX request + * if kind is 'POST' the form data will automatically used as params + * + * @param string url + * @param string kind + */ +function makeRequest( url, kind ) +{ + var http_request = false; + + if (window.XMLHttpRequest) { // Mozilla, Safari,... + http_request = new XMLHttpRequest(); + } + else if (window.ActiveXObject) { // IE + try { + http_request = new ActiveXObject("Msxml2.XMLHTTP"); + } catch (e) { + try { + http_request = new ActiveXObject("Microsoft.XMLHTTP"); + } catch (e) { + } + } + } + + if (!http_request) { // stop if browser doesn't support AJAX + alert('Cannot create an XMLHTTP instance. \nMake sure that your browser does support AJAX. \nMake sure that your browser does support AJAX. \nTry out IE 5.5+ (with ActiveX enabled), IE7+, Mozilla, Opera 9+ or Safari 3+.'); + return false; + } + + // override mime + if (http_request.overrideMimeType) { + http_request.overrideMimeType('text/html'); + } + + http_request.onreadystatechange = function() { alertContents(http_request); }; + + if (kind == 'POST') { + + // put form data as params + var parameters = getFormData(); + + http_request.open('POST', url, true); + http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); + http_request.setRequestHeader("Content-length", parameters.length); + http_request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT"); // Bypass the IE Cache + http_request.setRequestHeader("Connection", "close"); + http_request.send(parameters); + } + else { + http_request.open('GET', url, true); + http_request.setRequestHeader("If-Modified-Since", "Sat, 1 Jan 2000 00:00:00 GMT"); // Bypass the IE Cache + http_request.send(null); + } + + return true; +} + + + +/** + * inserts request results + * + * @param object reference to AJAX-Object + */ +function alertContents( http_request ) +{ + try { + if (http_request.readyState == 4) { + if (http_request.status == 200) { + document.getElementById('ajaxloadinginfo').style.display = 'none'; + document.getElementById('adminarea').innerHTML = http_request.responseText; + } + else { + alert('There was a problem with the request ['+http_request.status+' / '+http_request.readyState+']. \n\nA client (browser) or server problem. Please check and try to update your browser. \n\nIf this error happens more than once or twice, contac the website admin.'); + } + } + } + catch( e ) { + alert('Caught Exception: ' + e.description +'\n\nIf this error occur more than once or twice, please contact the website admin with the exact error message. \n\nIf you use the Safari browser, please make sure you run the latest version.'); + } + + // to prevent memory leak + http_request = null; +}
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,94 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class Admin + * + */ +abstract class Admin +{ + + + + public function __construct() + { + + // check if user has enough rights + Login::required(); + if (ThisUser::getInstance()->securityLevel() < 3) { + die('Not enough rights to access this Area.'); + } + + // is an action given ? + if (empty($_GET['action'])) { + die('missing param'); + } + + // show requested form + if (empty($_GET['submit'])) { + switch ($_GET['action']) { + case 'new': + $this->showNew(); + break; + case 'search': + $this->showSearch(); + break; + case 'edit': + $this->showEdit(); + break; + case 'delete': + $this->showDelete(); + break; + } + } + + // submit form data + else { + switch ($_GET['action']) { + case 'new': + $this->submitNew(); + break; + case 'search': + $this->submitSearch(); + break; + case 'edit': + $this->submitEdit(); + break; + case 'delete': + $this->submitDelete(); + break; + } + } + } + + + + abstract protected function showNew(); + abstract protected function showSearch(); + abstract protected function showEdit(); + abstract protected function showDelete(); + + abstract protected function submitNew(); + abstract protected function submitSearch(); + abstract protected function submitEdit(); + abstract protected function submitDelete(); +} // end of Admin +?>
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_ACL.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,404 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class Admin_ACL + * + */ +class Admin_ACL extends Admin +{ + + + + /** + * + * + * @access protected + */ + protected function showNew( ) + { + echo_strip(' + <h2>Create new Access Control List (ACL)</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Access Control List Options</legend> + <label for="acl_name">Name</label> + <input id="acl_name" name="acl_name" maxlength="100" value="" /> + <br /> + + <label for="acl_short">Short Name (Identifier)</label> + <input id="acl_short" name="acl_short" maxlength="50" value="" /> + <br /> + + <label for="acl_desc">Description</label> + <input id="acl_desc" name="acl_desc" maxlength="255" value="" /> + </fieldset> + <br /> + <fieldset> + <legend>Groups Access Rights</legend> + <table> + <tr> + <th title="Security Level">SecLvl</th> + <th>Group Name</th> + <th title="read">R</th> + <th title="write">W</th> + <th title="add">A</th> + <th title="delete">D</th> + <th title="publish">P</th> + <th title="translate">T</th> + </tr>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, security_level, description FROM ".ROSCMST_GROUPS." ORDER BY security_level ASC, name ASC"); + $stmt->execute(); + while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo_strip(' + <tr title="'.htmlspecialchars($group['description']).'"> + <td>'.$group['security_level'].'</td> + <td>'.htmlspecialchars($group['name']).'</td> + <td title="read entries"><input type="checkbox" name="read'.$group['id'].'" id="read'.$group['id'].'" checked="checked" value="1" /></td> + <td title="edit entries"><input type="checkbox" name="write'.$group['id'].'" id="write'.$group['id'].'" value="1" /></td> + <td title="add new entries"><input type="checkbox" name="add'.$group['id'].'" id="add'.$group['id'].'" value="1" /></td> + <td title="delete entries"><input type="checkbox" name="del'.$group['id'].'" id="del'.$group['id'].'" value="1" /></td> + <td title="make entries stable"><input type="checkbox" name="pub'.$group['id'].'" id="pub'.$group['id'].'" value="1" /></td> + <td title="translate entries"><input type="checkbox" name="trans'.$group['id'].'" id="trans'.$group['id'].'" value="1" /></td> + </tr>'); + } + + echo_strip(' + </table> + </fieldset> + <button onclick="'."submitNew('acl')".'">Create new ACL</button> + </form> + '); + } // end of member function showNew + + + + /** + * + * + * @access protected + */ + protected function submitNew( ) + { + $success = true; + + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACCESS." (name, name_short, description) VALUES (:name, :short, :description)"); + $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR); + if ($stmt->execute()) { + + // check for new access list id + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS." WHERE name=:name"); + $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); + $stmt->execute(); + $access_id = $stmt->fetchColumn(); + if ($access_id !== false) { + + // prepare for usage in loop + $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (acl_id, group_id, can_read, can_write, can_add, can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add, :delete, :publish, :translate)"); + $stmt_ins->bindParam('acl_id',$access_id,PDO::PARAM_INT); + + // insert access rights for each group + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_GROUPS); + $stmt->execute(); + while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT); + $stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL); + $success = $success && $stmt_ins->execute(); + } + } // end got list id + else { + $success = false; + } + } // end list inserted + else { + $success = false; + } + + // give the user a success or failure message + if ($success) { + echo 'New ACL was created successfully'; + } + else { + echo 'Error, while creating new ACL'; + } + } // end of member function submitNew + + + + /** + * + * + * @access protected + */ + protected function showSearch( ) + { + echo_strip(' + <h2>Select ACL to '.($_GET['for']=='edit' ? 'edit' : 'delete').'</h2> + <form onsubmit="return false;"> + <select name="acl" id="acl"> + <option value="0"> </option>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); + $stmt->execute(); + while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo '<option value="'.$access['id'].'" title="'.$access['description'].'">'.$access['name'].'</option>'; + } + + echo_strip(' + </select> + <button onclick="'."submitSearch('acl','".($_GET['for'] == 'edit' ? 'edit' : 'delete')."')".'">go on</button> + </form>'); + } + + + + /** + * + * + * @access protected + */ + protected function submitSearch( ) + { + // show edit / delete form, if entry was selected + if ($_POST['acl'] > 0) { + if ($_GET['for'] == 'edit') { + self::showEdit(); + } + elseif ($_GET['for'] == 'delete') { + self::showDelete(); + } + } + + // show search again + else { + self::showSearch(); + } + } + + + + /** + * + * + * @access protected + */ + protected function showEdit( ) + { + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt->execute(); + $access = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + echo_strip(' + <h2>Edit Access Control List (ACL)</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Access Control List Options</legend> + <input type="hidden" name="acl_id" id="acl_id" value="'.$access['id'].'" /> + + <label for="acl_name">Name</label> + <input id="acl_name" name="acl_name" maxlength="100" value="'.$access['name'].'" /> + <br /> + + <label for="acl_short">Short Name (Identifier)</label> + <input id="acl_short" name="acl_short" maxlength="50" value="'.$access['name_short'].'" /> + <br /> + + <label for="acl_desc">Description</label> + <input id="acl_desc" name="acl_desc" maxlength="255" value="'.$access['description'].'" /> + </fieldset> + <br /> + <fieldset> + <legend>Groups Access Rights</legend> + <table> + <tr> + <th title="Security Level">SecLvl</th> + <th>Group Name</th> + <th title="read">R</th> + <th title="write">W</th> + <th title="add">A</th> + <th title="delete">D</th> + <th title="publish">P</th> + <th title="translate">T</th> + </tr>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT g.id, g.name, g.security_level, g.description, a.can_read, a.can_write, a.can_add, a.can_delete, a.can_publish, a.can_translate FROM ".ROSCMST_ACL." a JOIN ".ROSCMST_GROUPS." g ON g.id=a.group_id WHERE a.acl_id=:acl_id ORDER BY g.security_level ASC, g.name ASC"); + $stmt->bindParam('acl_id',$access['id'],PDO::PARAM_INT); + $stmt->execute(); + while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo_strip(' + <tr title="'.htmlspecialchars($group['description']).'"> + <td>'.$group['security_level'].'</td> + <td>'.htmlspecialchars($group['name']).'</td> + <td title="read entries"><input type="checkbox" name="read'.$group['id'].'" id="read'.$group['id'].'" '.($group['can_read'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="edit entries"><input type="checkbox" name="write'.$group['id'].'" id="write'.$group['id'].'" '.($group['can_write'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="add new entries"><input type="checkbox" name="add'.$group['id'].'" id="add'.$group['id'].'" '.($group['can_add'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="delete entries"><input type="checkbox" name="del'.$group['id'].'" id="del'.$group['id'].'" '.($group['can_delete'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="make entries stable"><input type="checkbox" name="pub'.$group['id'].'" id="pub'.$group['id'].'" '.($group['can_publish'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="translate entries"><input type="checkbox" name="trans'.$group['id'].'" id="trans'.$group['id'].'" '.($group['can_translate'] == true ? 'checked="checked"' : '').' value="1" /></td> + </tr>'); + } + + echo_strip(' + </table> + </fieldset> + <button onclick="'."submitEdit('acl')".'">edit ACL</button> + </form> + '); + } + + + + /** + * + * + * @access protected + */ + protected function submitEdit( ) + { + $success = true; + + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ACCESS." SET name=:name, name_short=:short, description=:description WHERE id=:acl_id"); + $stmt->bindParam('name',$_POST['acl_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['acl_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['acl_desc'],PDO::PARAM_STR); + $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + // prepare for usage in loop + $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ACL." SET can_read=:read, can_write=:write, can_add=:add, can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id AND group_id=:group_id"); + $stmt_ins->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + + // insert access rights for each group + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_GROUPS); + $success = $success && $stmt->execute(); + while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_ins->bindParam('group_id',$group['id'],PDO::PARAM_INT); + $stmt_ins->bindValue('read',$_POST['read'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('write',$_POST['write'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('add',$_POST['add'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('delete',$_POST['del'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('publish',$_POST['pub'.$group['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('translate',$_POST['trans'.$group['id']]=='true',PDO::PARAM_BOOL); + $success = $success && $stmt_ins->execute(); + } + + // give the user a success or failure message + if ($success) { + echo 'ACL was edited successfully'; + } + else { + echo 'Error, while editing ACL'; + } + } + + + + /** + * + * + * @access protected + */ + protected function showDelete( ) + { + $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE acl_id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt->execute(); + $data_count = $stmt->fetchColumn(); + + // check if + if ($data_count > 0) { + echo '<div>Can\'t delete entry: It\'s used in '.$data_count.' entries. Remove usage first, and try again later.</div>'; + } + else { + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl'],PDO::PARAM_INT); + $stmt->execute(); + $access = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + echo_strip(' + <form onsubmit="return false;"> + <div> + <input type="hidden" name="acl_id" id="acl_id" value="'.$access['id'].'" /> + + Do you really want to delete the ACL "<span title="'.$access['description'].'">'.$access['name'].'</span>" ? + <button style="color: red;" onclick="'."submitDelete('acl')".'" name="uaq" value="yes">Yes, Delete it.</button> + <button style="color: green;" name="uaq" value="no">No</button> + </div> + </form>'); + } + } + + + + /** + * + * + * @access protected + */ + protected function submitDelete( ) + { + $success = true; + + // check if it is used anywhere + $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_ENTRIES." WHERE acl_id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $stmt->execute(); + $data_count = $stmt->fetchColumn(); + if ($data_count > 0) { + echo '<div>Can\'t delete entry: It\'s used in '.$data_count.' entries. Remove usage first, and try again later.</div>'; + } + else { + + // delete acl + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACCESS." WHERE id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + // delete rights list + if ($success) { + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE acl_id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['acl_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + } + + // status message + if ($success) { + echo 'ACL was deleted successfully'; + } + else { + echo 'Error, while deleting ACL'; + } + } + } + +} // end of Admin_ACL +?>
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Groups.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,400 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class Admin_Groups + * + */ +class Admin_Groups extends Admin +{ + + + + /** + * + * + * @access protected + */ + protected function showNew( ) + { + echo_strip(' + <h2>Create new Group</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Group Data</legend> + <label for="group_sec">Security Level</label> + <select id="group_sec" name="group_sec"> + <option value="0">0 (no access to CMS, only that myRosCMS stuff)</option> + <option value="1">1 (simple users (e.g. translator))</option> + <option value="2">2 (advanced rights, e.g. developers)</option> + <option value="3">3 (some admin functions)</option> + </select> + <br /> + + <label for="group_name">Name</label> + <input id="group_name" name="group_name" maxlength="100" /> + <br /> + + <label for="group_short">Short Name (Identifier)</label> + <input id="group_short" name="group_short" maxlength="50" /> + <br /> + + <label for="group_desc">Description</label> + <input id="group_desc" name="group_desc" maxlength="255" /> + </fieldset> + <br /> + <fieldset> + <legend>configure group access rights</legend> + <table> + <tr> + <th>ACL Name</th> + <th title="read">R</th> + <th title="write">W</th> + <th title="add">A</th> + <th title="delete">D</th> + <th title="publish">P</th> + <th title="translate">T</th> + </tr>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); + $stmt->execute(); + while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo_strip(' + <tr title="'.htmlspecialchars($acl['description']).'"> + <td>'.htmlspecialchars($acl['name']).'</td> + <td title="read entries"><input type="checkbox" name="read'.$acl['id'].'" id="read'.$acl['id'].'" value="1" /></td> + <td title="edit entries"><input type="checkbox" name="write'.$acl['id'].'" id="write'.$acl['id'].'" value="1" /></td> + <td title="add new entries"><input type="checkbox" name="add'.$acl['id'].'" id="add'.$acl['id'].'" value="1" /></td> + <td title="delete entries"><input type="checkbox" name="del'.$acl['id'].'" id="del'.$acl['id'].'" value="1" /></td> + <td title="make entries stable"><input type="checkbox" name="pub'.$acl['id'].'" id="pub'.$acl['id'].'" value="1" /></td> + <td title="translate entries"><input type="checkbox" name="trans'.$acl['id'].'" id="trans'.$acl['id'].'" value="1" /></td> + </tr>'); + } + + echo_strip(' + </table> + </fieldset> + <button onclick="'."submitNew('group')".'">Create new Group</button> + </form> + '); + } // end of member function showNew + + + + /** + * + * + * @access protected + */ + protected function submitNew( ) + { + $success = true; + + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_GROUPS." (name, name_short, description, security_level, visible) VALUES (:name, :short, :description, :security_level, FALSE)"); + $stmt->bindParam('name',$_POST['group_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['group_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['group_desc'],PDO::PARAM_STR); + $stmt->bindParam('security_level',$_POST['group_sec'],PDO::PARAM_INT); + if ($stmt->execute()) { + + // check for new access list id + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_GROUPS." WHERE name=:name"); + $stmt->bindParam('name',$_POST['group_name'],PDO::PARAM_STR); + $stmt->execute(); + $group_id = $stmt->fetchColumn(); + if ($group_id !== false) { + + // prepare for usage in loop + $stmt_ins=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_ACL." (acl_id, group_id, can_read, can_write, can_add, can_delete, can_publish, can_translate) VALUES (:acl_id, :group_id, :read, :write, :add, :delete, :publish, :translate)"); + $stmt_ins->bindParam('group_id',$group_id,PDO::PARAM_INT); + + // insert access rights for each group + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS); + $stmt->execute(); + while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_ins->bindParam('acl_id',$acl['id'],PDO::PARAM_INT); + $stmt_ins->bindValue('read',$_POST['read'.$acl['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('write',$_POST['write'.$acl['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('add',$_POST['add'.$acl['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('delete',$_POST['del'.$acl['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('publish',$_POST['pub'.$acl['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('translate',$_POST['trans'.$acl['id']]=='true',PDO::PARAM_BOOL); + $success = $success && $stmt_ins->execute(); + } + } // end got list id + else { + $success = false; + } + } // end list inserted + else { + $success = false; + } + + // give the user a success or failure message + if ($success) { + echo_strip('New Group was created successfully'); + } + else { + echo_strip('Error, while creating new Group'); + } + } // end of member function submitNew + + + + /** + * + * + * @access protected + */ + protected function showSearch( ) + { + echo_strip(' + <h2>Select Group to '.($_GET['for']=='edit' ? 'edit' : 'delete').'</h2> + <form onsubmit="return false;"> + <select name="group" id="group"> + <option value="0"> </option>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, description FROM ".ROSCMST_GROUPS." ORDER BY name ASC"); + $stmt->execute(); + while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo '<option value="'.$group['id'].'" title="'.$group['description'].'">'.$group['name'].'</option>'; + } + + echo_strip(' + </select> + <button onclick="'."submitSearch('group','".($_GET['for'] == 'edit' ? 'edit' : 'delete')."')".'">go on</button> + </form>'); + } + + + + /** + * + * + * @access protected + */ + protected function submitSearch( ) + { + // show edit / delete form, if entry was selected + if ($_POST['group'] > 0) { + if ($_GET['for'] == 'edit') { + self::showEdit(); + } + elseif ($_GET['for'] == 'delete') { + self::showDelete(); + } + } + + // show search again + else { + self::showSearch(); + } + } + + + + /** + * + * + * @access protected + */ + protected function showEdit( ) + { + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, description, id, security_level FROM ".ROSCMST_GROUPS." WHERE id=:acl_id"); + $stmt->bindParam('acl_id',$_POST['group'],PDO::PARAM_INT); + $stmt->execute(); + $group = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + echo_strip(' + <h2>Edit Group</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Group Data</legend> + <input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" /> + + <label for="group_sec">Security Level</label> + <select id="group_sec" name="group_sec"> + <option value="0"'.($group['security_level'] == 0 ? ' selected="selected"' : '').'>0 (no access to CMS, only that myRosCMS stuff)</option> + <option value="1"'.($group['security_level'] == 1 ? ' selected="selected"' : '').'>1 (simple users (e.g. translator))</option> + <option value="2"'.($group['security_level'] == 2 ? ' selected="selected"' : '').'>2 (advanced rights, e.g. developers)</option> + <option value="3"'.($group['security_level'] == 3 ? ' selected="selected"' : '').'>3 (some admin functions)</option> + </select> + <br /> + + <label for="group_name">Name</label> + <input id="group_name" name="group_name" maxlength="100" value="'.htmlspecialchars($group['name']).'" /> + <br /> + + <label for="group_short">Short Name (Identifier)</label> + <input id="group_short" name="group_short" maxlength="50" value="'.htmlspecialchars($group['name_short']).'" /> + <br /> + + <label for="group_desc">Description</label> + <input id="group_desc" name="group_desc" maxlength="255" value="'.htmlspecialchars($group['description']).'" /> + </fieldset> + <br /> + <fieldset> + <legend>configure group access rights</legend> + <table> + <tr> + <th>ACL Name</th> + <th title="read">R</th> + <th title="write">W</th> + <th title="add">A</th> + <th title="delete">D</th> + <th title="publish">P</th> + <th title="translate">T</th> + </tr>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT s.id, s.name, s.description, a.can_read, a.can_write, a.can_add, a.can_delete, a.can_publish, a.can_translate FROM ".ROSCMST_ACCESS." s JOIN ".ROSCMST_ACL." a ON a.acl_id=s.id WHERE a.group_id=:group_id ORDER BY name ASC"); + $stmt->bindParam('group_id',$group['id'],PDO::PARAM_INT); + $stmt->execute(); + while ($acl = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo_strip(' + <tr title="'.htmlspecialchars($acl['description']).'"> + <td>'.htmlspecialchars($acl['name']).'</td> + <td title="read entries"><input type="checkbox" name="read'.$acl['id'].'" id="read'.$acl['id'].'" '.($acl['can_read'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="edit entries"><input type="checkbox" name="write'.$acl['id'].'" id="write'.$acl['id'].'" '.($acl['can_write'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="add new entries"><input type="checkbox" name="add'.$acl['id'].'" id="add'.$acl['id'].'" '.($acl['can_add'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="delete entries"><input type="checkbox" name="del'.$acl['id'].'" id="del'.$acl['id'].'" '.($acl['can_delete'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="make entries stable"><input type="checkbox" name="pub'.$acl['id'].'" id="pub'.$acl['id'].'" '.($acl['can_publish'] == true ? 'checked="checked"' : '').' value="1" /></td> + <td title="translate entries"><input type="checkbox" name="trans'.$acl['id'].'" id="trans'.$acl['id'].'" '.($acl['can_translate'] == true ? 'checked="checked"' : '').' value="1" /></td> + </tr>'); + } + + echo_strip(' + </table> + </fieldset> + <button onclick="'."submitEdit('group')".'">Edit Group</button> + </form> + '); + } + + + + /** + * + * + * @access protected + */ + protected function submitEdit( ) + { + $success = true; + + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_GROUPS." SET name=:name, name_short=:short, description=:description, security_level=:sec_level WHERE id=:group_id"); + $stmt->bindParam('name',$_POST['group_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['group_short'],PDO::PARAM_STR); + $stmt->bindParam('description',$_POST['group_desc'],PDO::PARAM_STR); + $stmt->bindParam('sec_level',$_POST['group_sec'],PDO::PARAM_STR); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + // prepare for usage in loop + $stmt_ins=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_ACL." SET can_read=:read, can_write=:write, can_add=:add, can_delete=:delete, can_publish=:publish, can_translate=:translate WHERE acl_id=:acl_id AND group_id=:group_id"); + $stmt_ins->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + + // insert access rights for each group + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_ACCESS); + $success = $success && $stmt->execute(); + while ($access = $stmt->fetch(PDO::FETCH_ASSOC)) { + $stmt_ins->bindParam('acl_id',$access['id'],PDO::PARAM_INT); + $stmt_ins->bindValue('read',$_POST['read'.$access['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('write',$_POST['write'.$access['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('add',$_POST['add'.$access['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('delete',$_POST['del'.$access['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('publish',$_POST['pub'.$access['id']]=='true',PDO::PARAM_BOOL); + $stmt_ins->bindValue('translate',$_POST['trans'.$access['id']]=='true',PDO::PARAM_BOOL); + $success = $success && $stmt_ins->execute(); + } + + // give the user a success or failure message + if ($success) { + echo 'Group was edited successfully'; + } + else { + echo 'Error, while editing Group'; + } + } + + + + /** + * + * + * @access protected + */ + protected function showDelete( ) + { + $stmt=&DBConnection::getInstance()->prepare("SELECT name, description, id FROM ".ROSCMST_GROUPS." WHERE id=:group_id"); + $stmt->bindParam('group_id',$_POST['group'],PDO::PARAM_INT); + $stmt->execute(); + $group = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + echo_strip(' + <form onsubmit="return false;"> + <div> + <input type="hidden" name="group_id" id="group_id" value="'.$group['id'].'" /> + + Do you really want to delete the Group "<span title="'.$group['description'].'">'.$group['name'].'</span>" ? + <button style="color: red;" onclick="'."submitDelete('group')".'" name="uaq" value="yes">Yes, Delete it.</button> + <button style="color: green;" name="uaq" value="no">No</button> + </div> + </form>'); + } + + + + /** + * + * + * @access protected + */ + protected function submitDelete( ) + { + $success = true; + + // delete acl + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_GROUPS." WHERE id=:group_id"); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + + // delete rights list + if ($success) { + $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_ACL." WHERE group_id=:group_id"); + $stmt->bindParam('group_id',$_POST['group_id'],PDO::PARAM_INT); + $success = $success && $stmt->execute(); + } + + // status message + if ($success) { + echo 'Group was deleted successfully'; + } + else { + echo 'Error, while deleting Group'; + } + } + + + +} // end of Admin_Groups +?>
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Languages.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Languages.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Admin_Languages.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,257 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class Admin_Languages + * + */ +class Admin_Languages extends Admin +{ + + + + /** + * + * + * @access protected + */ + protected function showNew( ) + { + echo_strip(' + <h2>add new Language</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Language Data</legend> + <label for="lang_name">Name</label> + <input id="lang_name" name="lang_name" maxlength="64" /> + <br /> + + <label for="lang_short">Short Name</label> + <input id="lang_short" name="lang_short" maxlength="8" /> (folder name, where the generated content is stored) + <br /> + + <label for="lang_org">Native Name</label> + <input id="lang_org" name="lang_org" maxlength="64" /> + <br /> + + <label for="lang_level">Language level</label> + <select id="lang_level" name="lang_level"> + <option value="0">0 (processed last)</option> + <option value="1">1</option> + <option value="2">2</option> + <option value="3">3</option> + <option value="4">4</option> + <option value="5">5</option> + <option value="6">6</option> + <option value="7">7</option> + <option value="8">8</option> + <option value="9">9</option> + <option value="10">10 (reserved for standard language)</option> + </select> + </fieldset> + <button onclick="'."submitNew('lang')".'">Create new Language</button> + </form> + '); + } // end of member function showNew + + + + + /** + * + * + * @access protected + */ + protected function submitNew( ) + { + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_LANGUAGES." (name, name_short, name_original, level) VALUES (:name, :short, :org, :level)"); + $stmt->bindParam('name',$_POST['lang_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['lang_short'],PDO::PARAM_STR); + $stmt->bindParam('org',$_POST['lang_org'],PDO::PARAM_STR); + $stmt->bindParam('level',$_POST['lang_level'],PDO::PARAM_INT); + + // give the user a success or failure message + if ($stmt->execute()) { + echo_strip('New Lanaguage was created successfully'); + } + else { + echo_strip('Error, while creating new Language'); + } + } // end of member function submitNew + + + + /** + * + * + * @access protected + */ + protected function showSearch( ) + { + echo_strip(' + <h2>Select Language to '.($_GET['for']=='edit' ? 'edit' : 'delete').'</h2> + <form onsubmit="return false;"> + <select name="lang" id="lang"> + <option value="0"> </option>'); + + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, name_original FROM ".ROSCMST_LANGUAGES." ORDER BY name ASC"); + $stmt->execute(); + while ($lang = $stmt->fetch(PDO::FETCH_ASSOC)) { + echo '<option value="'.$lang['id'].'">'.$lang['name'].' ('.htmlentities($lang['name_original']).')</option>'; + } + + echo_strip(' + </select> + <button onclick="'."submitSearch('lang','".($_GET['for'] == 'edit' ? 'edit' : 'delete')."')".'">go on</button> + </form>'); + } + + + + /** + * + * + * @access protected + */ + protected function submitSearch( ) + { + // show edit / delete form, if entry was selected + if ($_POST['lang'] > 0) { + if ($_GET['for'] == 'edit') { + self::showEdit(); + } + elseif ($_GET['for'] == 'delete') { + self::showDelete(); + } + } + + // show search again + else { + self::showSearch(); + } + } + + + + /** + * + * + * @access protected + */ + protected function showEdit( ) + { + $stmt=&DBConnection::getInstance()->prepare("SELECT name, name_short, name_original, id, level FROM ".ROSCMST_LANGUAGES." WHERE id=:lang_id"); + $stmt->bindParam('lang_id',$_POST['lang'],PDO::PARAM_INT); + $stmt->execute(); + $lang = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + echo_strip(' + <h2>edit Language</h2> + <form onsubmit="return false;"> + <fieldset> + <legend>Language Data</legend> + <input type="hidden" name="lang_id" id="lang_id" value="'.$lang['id'].'" /> + + <label for="lang_name">Name</label> + <input id="lang_name" name="lang_name" maxlength="64" value="'.$lang['name'].'" /> + <br /> + + <label for="lang_short">Short Name</label> + <input id="lang_short" name="lang_short" maxlength="8" value="'.$lang['name_short'].'" /> (folder name, where the generated content is stored) + <br /> + + <label for="lang_org">Native Name</label> + <input id="lang_org" name="lang_org" maxlength="64" value="'.$lang['name_original'].'" /> + <br /> + + <label for="lang_level">Language level</label> + <select id="lang_level" name="lang_level"> + <option value="0" '.($lang['level'] == 0 ? ' selected="selected"' : '').'">0 (processed last)</option> + <option value="1" '.($lang['level'] == 1 ? ' selected="selected"' : '').'>1</option> + <option value="2" '.($lang['level'] == 2 ? ' selected="selected"' : '').'">2</option> + <option value="3" '.($lang['level'] == 3 ? ' selected="selected"' : '').'">3</option> + <option value="4" '.($lang['level'] == 4 ? ' selected="selected"' : '').'">4</option> + <option value="5" '.($lang['level'] == 5 ? ' selected="selected"' : '').'">5</option> + <option value="6" '.($lang['level'] == 6 ? ' selected="selected"' : '').'">6</option> + <option value="7" '.($lang['level'] == 7 ? ' selected="selected"' : '').'">7</option> + <option value="8" '.($lang['level'] == 8 ? ' selected="selected"' : '').'">8</option> + <option value="9" '.($lang['level'] == 9 ? ' selected="selected"' : '').'">9</option> + <option value="10" '.($lang['level'] == 10 ? ' selected="selected"' : '').'">10 (reserved for standard language)</option> + </select> + </fieldset> + <button onclick="'."submitEdit('lang')".'">Edit Language</button> + </form> + '); + } + + + + /** + * + * + * @access protected + */ + protected function submitEdit( ) + { + // try to insert new access list + $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_LANGUAGES." SET name=:name, name_short=:short, name_original=:org, level=:level WHERE id=:lang_id"); + $stmt->bindParam('name',$_POST['lang_name'],PDO::PARAM_STR); + $stmt->bindParam('short',$_POST['lang_short'],PDO::PARAM_STR); + $stmt->bindParam('org',$_POST['lang_org'],PDO::PARAM_STR); + $stmt->bindParam('level',$_POST['lang_level'],PDO::PARAM_STR); + $stmt->bindParam('lang_id',$_POST['lang_id'],PDO::PARAM_INT); + + // give the user a success or failure message + if ($stmt->execute()) { + echo 'Language was edited successfully'; + } + else { + echo 'Error, while editing Language'; + } + } + + + + /** + * + * + * @access protected + */ + protected function showDelete( ) + { + echo 'not supported'; + } + + + + /** + * + * + * @access protected + */ + protected function submitDelete( ) + { + echo 'not supported'; + } + +} // end of Admin_Languages +?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -127,7 +127,7 @@ <td> </td>'); }
- if ($thisuser->securityLevel() == 3) { + if ($thisuser->isMemberOfGroup('transmaint') || $thisuser->securityLevel() == 3) { echo_strip(' <th class="int'.(($this->branch == 'maintain') ? '2' : '1').'" onclick="'."loadBranch('maintain')".'"> <div class="tcL"> @@ -136,16 +136,28 @@ </div> </div> </th> - <td> </td> - - <th class="int'.(($this->branch == 'stats') ? '2' : '1').'" onclick="'."loadBranch('stats')".'"> - <div class="tcL"> - <div class="tcR"> - <div class="text">Statistics</div> - </div> - </div> - </th> <td> </td>'); + + if ($thisuser->securityLevel() == 3) { + echo_strip(' + <th class="int'.(($this->branch == 'admin') ? '2' : '1').'" onclick="'."loadBranch('admin')".'"> + <div class="tcL"> + <div class="tcR"> + <div class="text">Administration</div> + </div> + </div> + </th> + <td> </td> + + <th class="int'.(($this->branch == 'stats') ? '2' : '1').'" onclick="'."loadBranch('stats')".'"> + <div class="tcL"> + <div class="tcR"> + <div class="text">Statistics</div> + </div> + </div> + </th> + <td> </td>'); + } }
echo_strip('
Added: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Admin.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Admin.class.php (added) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Admin.class.php [iso-8859-1] Tue Jan 6 13:51:22 2009 @@ -1,0 +1,84 @@ +<?php + /* + RosCMS - ReactOS Content Management System + Copyright (C) 2009 Danny Götte <dangerground@web.de> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +/** + * class HTML_CMS_Admin + * + */ +class HTML_CMS_Admin extends HTML_CMS +{ + + + /** + * + * + * @access public + */ + public function __construct( $page_title = '', $page_css = 'roscms' ) + { + $this->branch = 'admin'; + $this->register_js('cms_admin.js'); + $this->register_css('cms_admin.css'); + + parent::__construct( $page_title, $page_css); + if (ThisUser::getInstance()->securityLevel() < 3) { + die('Not enough rights to get into this area'); + } + } + + + /** + * + * + * @access protected + */ + protected function body( ) + { + echo_strip(' + <ul> + <li>Access Control Lists + <ul> + <li><a href="#" onclick="'."showNew('acl')".'">new</a></li> + <li><a href="#" onclick="'."showSearch('acl','edit')".'">edit</a></li> + <li><a href="#" onclick="'."showSearch('acl','delete')".'">delete</a></li> + </ul> + </li> + <li>Groups + <ul> + <li><a href="#" onclick="'."showNew('group')".'">new</a></li> + <li><a href="#" onclick="'."showSearch('group','edit')".'">edit</a></li> + <li><a href="#" onclick="'."showSearch('group','delete')".'">delete</a></li> + </ul> + </li> + <li>Languages + <ul> + <li><a href="#" onclick="'."showNew('lang')".'">new</a></li> + <li><a href="#" onclick="'."showSearch('lang','edit')".'">edit</a></li> + </ul> + </li> + </ul> + <div id="adminarea" style="border: 1px dashed red;"> + </div>'); + } + + +} // end of HTML_CMS_Stats +?>
-
dgoette@svn.reactos.org