[dgoette] 38952: * fix request of translatable entries * replace security acl filter with security area filter, now you can request for special rights instead of an acl list * use the last used version number, and not only the last stable one to calculate a new version number * protect entries of other languages from being deleted by language maintainers of different languages * fix moving to archiv / delete revisions behavior * group list of translators by language / language maintainer now get
Author: dgoette Date: Mon Jan 19 13:01:51 2009 New Revision: 38952
URL: http://svn.reactos.org/svn/reactos?rev=38952&view=rev Log: * fix request of translatable entries * replace security acl filter with security area filter, now you can request for special rights instead of an acl list * use the last used version number, and not only the last stable one to calculate a new version number * protect entries of other languages from being deleted by language maintainers of different languages * fix moving to archiv / delete revisions behavior * group list of translators by language / language maintainer now get a list of all translators in their language, even if they have no edits made * show compare dialog correct again * compare function could have compared the wrong entries, if the entry was en english one, now the correct entry is compared and, correct versions are shown in the dropdown * entry history: display only the users language history if the user has only access to one language * don't let language maintainer search users by language * remove language maintainers ability to change the language of an user to his own language * fix adding user to group * fix problem, when draft was deleted: the user couldn't see any following draft of the same entry
Modified: branches/danny-web/reactos.org/htdocs/roscms/config.php branches/danny-web/reactos.org/htdocs/roscms/connect.db.php branches/danny-web/reactos.org/htdocs/roscms/js/cms_user.js branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/DBConnection.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php
Modified: branches/danny-web/reactos.org/htdocs/roscms/config.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/config.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -45,13 +45,14 @@
// RosCMS Table Names -define('ROSCMST_ACCESS' , 'roscms_access'); define('ROSCMST_AREA' , 'roscms_area'); define('ROSCMST_USERS' , 'roscms_accounts'); define('ROSCMST_FORBIDDEN' , 'roscms_accounts_forbidden'); define('ROSCMST_SESSIONS' , 'roscms_accounts_sessions'); define('ROSCMST_COUNTRIES' , 'roscms_countries'); define('ROSCMST_ENTRIES' , 'roscms_entries'); +define('ROSCMST_ACCESS' , 'roscms_entries_access'); +define('ROSCMST_RIGHTS' , 'roscms_entries_areas'); define('ROSCMST_REVISIONS' , 'roscms_entries_revisions'); define('ROSCMST_STEXT' , 'roscms_entries_stext'); define('ROSCMST_TAGS' , 'roscms_entries_tags'); @@ -62,11 +63,9 @@ define('ROSCMST_LANGUAGES' , 'roscms_languages'); define('ROSCMST_SUBSYS' , 'roscms_rel_accounts_subsys'); define('ROSCMST_MEMBERSHIPS', 'roscms_rel_groups_accounts'); -define('ROSCMST_ENTRY_AREA' , 'roscms_rel_groups_acl'); define('ROSCMST_AREA_ACCESS', 'roscms_rel_groups_area'); define('ROSCMST_DEPENCIES' , 'roscms_rel_revisions_depencies'); -define('ROSCMST_ACL' , 'roscms_rel_rights_access'); -define('ROSCMST_RIGHTS' , 'roscms_rights'); +define('ROSCMST_ACL' , 'roscms_rel_acl'); define('ROSCMST_TIMEZONES' , 'roscms_timezones');
Modified: branches/danny-web/reactos.org/htdocs/roscms/connect.db.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/connect.db.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -20,11 +20,11 @@
// Database: -define('DB_HOST', "localhost"); -define('DB_USER', "lev-db"); -define('DB_PASS', "DangerGround"); -define('DB_NAME', "roscms"); +$db_host = 'localhost'; +$db_user = 'user'; +$db_pass = 'pass'; +$db_name = 'roscms';
- +// vars are unset in DBConnection class
?>
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_user.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_user.js [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_user.js [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -16,9 +16,9 @@ if (document.getElementById('searchopt2').checked) soptckd = 'fullname'; if (document.getElementById('searchopt3').checked) soptckd = 'email'; if (document.getElementById('searchopt4').checked) soptckd = 'website'; - if (document.getElementById('searchopt5').checked) soptckd = 'language'; + if (document.getElementById('searchopt5') && document.getElementById('searchopt5').checked) soptckd = 'language';
- makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=list&d_val='+encodeURIComponent(document.getElementById('textfield').value)+'&d_val2='+encodeURIComponent(soptckd)); + makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=list&phrase='+encodeURIComponent(document.getElementById('textfield').value)+'&option='+encodeURIComponent(soptckd)); } }
@@ -31,7 +31,7 @@ */ function getUserDetails( user_id ) { - makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=detail&d_val='+encodeURIComponent(user_id)); + makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=detail&user='+encodeURIComponent(user_id)); }
@@ -44,7 +44,7 @@ */ function addMembership( user_id, group_id ) { - makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=addmembership&d_val='+encodeURIComponent(user_id)+'&d_val2='+encodeURIComponent(group_id)); + makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=addmembership&user='+encodeURIComponent(user_id)+'&group='+encodeURIComponent(group_id)); }
@@ -60,7 +60,7 @@ var uf_check = confirm("Be careful! \n\nDo you want to delete this membership?");
if (uf_check == true) { - makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=delmembership&d_val='+encodeURIComponent(user_id)+'&d_val2='+encodeURIComponent(member_id)); + makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=delmembership&user='+encodeURIComponent(user_id)+'&group='+encodeURIComponent(member_id)); } }
@@ -77,7 +77,7 @@ var uf_check = confirm("Do you want to continue?");
if (uf_check == true) { - makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=updateusrlang&d_val='+encodeURIComponent(user_id)+'&d_val2='+encodeURIComponent(language)); + makeRequest('?page=data_out&d_f=user&d_u=usrtbl&d_fl=updateusrlang&user='+encodeURIComponent(user_id)+'&lang='+encodeURIComponent(language)); } }
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -1028,6 +1028,9 @@ // care about visibility-status if (document.getElementById('sfv'+i).id && document.getElementById('sfv'+i).className == "filthidden") { filtstring2 += '_0'; + } + else { + filtstring2 += '_1'; }
filtstring2 += '|'; @@ -1962,14 +1965,15 @@
case 'diff': case 'diff2': - document.getElementById('editzone').innerHTML = '<div id="frmdiff">'+ http_request.responseText + '</div>'; + document.getElementById('frmdiff').innerHTML = http_request.responseText; loadEditor('diffentry'); document.getElementById('frmeditdiff').innerHTML = WDiffShortenOutput(WDiffString(document.getElementById('frmeditdiff1').innerHTML, document.getElementById('frmeditdiff2').innerHTML)); break;
case 'changetags': reloadEntryTableWithOffset(0); - alertbox('Action performed'); + if (http_request.responseText == '') alertbox('Action performed'); + else alertbox("Error while requested action:\n"+http_request.responseText); break;
case 'changetags2': @@ -2194,32 +2198,32 @@ break;
case '2': - filtstring2 = 'k_is_new_0|c_is_type_0|l_is_'+getLang()+'_0|o_desc_datetime'; + filtstring2 = 'k_is_new_0|c_is_type_0|l_is_'+getLang()+'_0|i_is_read_0|o_desc_datetime_0'; loadEntryTable('new'); break;
case '3': - filtstring2 = 'y_is_page_0|k_is_stable_0|l_is_'+getLang()+'_0|o_asc_name'; + filtstring2 = 'y_is_page_0|k_is_stable_0|l_is_'+getLang()+'_0|i_is_read_0|o_asc_name_0'; loadEntryTable('page'); break;
case '13': - filtstring2 = 'y_is_dynamic_0|k_is_stable_0|l_is_'+getLang()+'_0|o_asc_name'; + filtstring2 = 'y_is_dynamic_0|k_is_stable_0|l_is_'+getLang()+'_0|i_is_read_0|o_asc_name_0'; loadEntryTable('dynamic'); break;
case '4': - filtstring2 = 'y_is_content_0|k_is_stable_0|l_is_'+getLang()+'_0|o_asc_name'; + filtstring2 = 'y_is_content_0|k_is_stable_0|l_is_'+getLang()+'_0|i_is_read_0|o_asc_name_0'; loadEntryTable('content'); break;
case '5': - filtstring2 = 'y_is_template_0|k_is_stable_0|l_is_'+getLang()+'_0|o_asc_name'; + filtstring2 = 'y_is_template_0|k_is_stable_0|l_is_'+getLang()+'_0|i_is_read_0|o_asc_name_0'; loadEntryTable('template'); break;
case '6': - filtstring2 = 'y_is_script_0|k_is_stable_0|l_is_'+getLang()+'_0|o_asc_name'; + filtstring2 = 'y_is_script_0|k_is_stable_0|l_is_'+getLang()+'_0|i_is_read_0|o_asc_name_0'; loadEntryTable('script'); break;
@@ -2231,33 +2235,33 @@ else { translang = getLang(); } - filtstring2 = 'y_is_content_0|k_is_stable_0|i_is_default_0|c_is_user_0|l_is_'+roscms_standard_language+'_0|r_is_'+translang+'|o_desc_date'; + filtstring2 = 'y_is_content_0|k_is_stable_0|i_is_translate_0|c_is_user_0|l_is_'+roscms_standard_language+'_0|r_is_'+translang+'_0|o_desc_datetime_0'; loadEntryTable('translate'); break;
case '8': default: - filtstring2 = 'c_is_type_0|l_is_'+getLang()+'|o_desc_datetime'; + filtstring2 = 'c_is_type_0|l_is_'+getLang()+'_0|i_is_read_0|o_desc_datetime_0'; loadEntryTable('all'); break;
case '9': - filtstring2 = 's_is_true_0|c_is_type_0|l_is_'+getLang()+'_0|o_desc_datetime'; + filtstring2 = 's_is_true_0|c_is_type_0|l_is_'+getLang()+'_0|i_is_read_0|o_desc_datetime_0'; loadEntryTable('starred'); break;
case '10': - filtstring2 = 'k_is_draft_0|u_is_'+roscms_intern_login_check_username+'_0|c_is_type_0|o_desc_datetime'; + filtstring2 = 'k_is_draft_0|u_is_'+roscms_intern_login_check_username+'_0|c_is_type_0|i_is_read_0|o_desc_datetime_0'; loadEntryTable('draft'); break;
case '11': - filtstring2 = 'u_is_'+roscms_intern_login_check_username+'_0|c_is_type_0|o_desc_datetime'; + filtstring2 = 'u_is_'+roscms_intern_login_check_username+'_0|c_is_type_0|i_is_read_0|o_desc_datetime_0'; loadEntryTable('my'); break;
case '12': - filtstring2 = 'k_is_archive_0|c_is_version_0|c_is_type_0|l_is_'+getLang()+'_0|o_asc_name|o_desc_ver'; + filtstring2 = 'k_is_archive_0|c_is_version_0|c_is_type_0|l_is_'+getLang()+'_0|o_asc_name_0|i_is_read_0|o_desc_ver_0'; roscms_archive = true; /* activate archive mode*/ loadEntryTable('archive'); break; @@ -2690,7 +2694,6 @@ var filtpopstr2 = filtpopstr.split('|');
for (var i=0; i < filtpopstr2.length; i++) { - lstfilterstr2 = ''; lstfilterstr2 = filtpopstr2[i].split('_');
if (lstfilterstr2[3] == 0) {
Modified: branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/js/cms_website.js.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -167,10 +167,10 @@ filtentryselstrs2 = '<select id="sfc'+filterid+'"><?php
// ACL -$stmt=&DBConnection::getInstance()->prepare("SELECT id, name FROM ".ROSCMST_ACCESS." ORDER BY name ASC"); +$stmt=&DBConnection::getInstance()->prepare("SELECT id, name, name_short FROM ".ROSCMST_RIGHTS." ORDER BY name ASC"); $stmt->execute(); while($ACL=$stmt->fetch(PDO::FETCH_ASSOC)) { - echo '<option value="'. $ACL['id'] .'">'. $ACL['name'] .'</option>'; + echo '<option value="'. $ACL['name_short'] .'">'. $ACL['name'] .'</option>'; }
?></select>';
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/CMSWebsiteSaveEntry.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -51,7 +51,6 @@ */ private function save( ) { - $thisuser = &ThisUser::getInstance();
$type = (isset($_GET['d_val3']) ? $_GET['d_val3'] : ''); @@ -59,7 +58,7 @@
// detect if theres already a autosave-draft saved, and get rev_id if ($type == 'draft') { // draft - $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id = :user_id AND lang_id = :lang ORDER BY id DESC LIMIT 1"); + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND user_id = :user_id AND lang_id = :lang AND archive IS FALSE ORDER BY id DESC LIMIT 1"); $stmt->bindParam('data_id',$_GET['d_id'],PDO::PARAM_INT); $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); $stmt->bindParam('lang',$_GET['d_r_lang'],PDO::PARAM_INT); @@ -106,7 +105,7 @@ if ($type == 'submit') { Tag::update(Tag::getIdByUser($rev_id, 'status', -1),'new'); } - else if ($type == 'draft') { + else { Tag::update(Tag::getIdByUser($rev_id, 'status', -1),'draft'); } }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/DBConnection.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/DBConnection.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/DBConnection.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -28,11 +28,18 @@ { public function __construct() { + global $db_host, $db_host, $db_user, $db_pass; include_once(ROSCMS_PATH.'connect.db.php');
try { - parent::__construct('mysql:dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASS); - + parent::__construct('mysql:dbname='.$db_name.';host='.$db_host, $db_user, $db_pass); + + // unset loaded db config + unset($GLOBALS['db_name']); + unset($GLOBALS['db_host']); + unset($GLOBALS['db_user']); + unset($GLOBALS['db_pass']); + $this->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING); $this->setAttribute(PDO::ATTR_STATEMENT_CLASS,array('DBStatement', array($this))); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Data.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -653,20 +653,23 @@
if ($revision['version'] == 0) {
- $stmt=&DBConnection::getInstance()->prepare("SELECT id, data_id, version, lang_id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang AND archive IS FALSE ORDER BY version DESC, id DESC LIMIT 1"); + // get next rev num + $stmt=&DBConnection::getInstance()->prepare("SELECT version FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang ORDER BY version DESC, id DESC LIMIT 1"); + $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT); + $stmt->bindParam('lang',$revision['lang_id'],PDO::PARAM_INT); + $stmt->execute(); + $version_num = $stmt->fetchColumn()+1; + + // get latest stable entry + $stmt=&DBConnection::getInstance()->prepare("SELECT id, data_id, lang_id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang AND archive IS FALSE ORDER BY version DESC, id DESC LIMIT 1"); $stmt->bindParam('data_id',$revision['data_id'],PDO::PARAM_INT); $stmt->bindParam('lang',$revision['lang_id'],PDO::PARAM_INT); $stmt->execute(); $stable_revision = $stmt->fetchOnce(PDO::FETCH_ASSOC);
- // setup a new version number - $version_num = 1;
// no stable entry exist, so skip move-process if ($stable_revision !== false) { - - // stable entry exist, so increase the version number - $version_num = $stable_revision['version'] + 1;
// delete old tags $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_TAGS." WHERE rev_id = :rev_id"); @@ -744,17 +747,27 @@
// delete entry case 'xe': - if ($thisuser->hasAccess('del_entry') || $revision['user_id'] == $thisuser->id()) { - - // copy to Archive if no admin - if (!$thisuser->hasAccess('del_wo_archiv')) { - Data::copy($revision['id'], 0, $lang_id); + if ($thisuser->hasAccess('more_lang') || $revision['lang_id'] == RosUser::getLanguage($thisuser->id(),true)) { + if ($thisuser->hasAccess('del_entry') || $revision['user_id'] == $thisuser->id() && $revision['version']==0) { + + // copy to Archive if no admin + if ($revision['version']) { + Data::deleteRevision($revision['id']); + } + elseif (!$thisuser->hasAccess('del_wo_archiv')) { + Data::toArchive($revision['id']); + } + else { + //Data::deleteFile($revision['id']); + Data::deleteRevision($revision['id']); + } } - //Data::deleteFile($revision['id']); - Data::deleteRevision($revision['id']); + else { + echo 'Not enough rights for delete process.'; + } } else { - echo 'Not enough rights for delete process.'; + echo 'You have no rights to delete entries from other languages'; } break;
@@ -778,11 +791,11 @@ * @return bool * @access public */ - public static function toArchive($rev_id ) + public static function toArchive( $rev_id ) { // remove depencies DataDepencies::removeRevision($rev_id); - + // move into archive $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_REVISIONS." SET archive = TRUE WHERE id=:rev_id"); $stmt->bindParam('rev_id',$rev_id,PDO::PARAM_INT);
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Editor_Website.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -1,8 +1,8 @@ <?php /* RosCMS - ReactOS Content Management System - Copyright (C) 2007 Klemens Friedl frik85@reactos.org - 2008 Danny Götte dangerground@web.de + Copyright (C) 2007 Klemens Friedl frik85@reactos.org + 2008-2009 Danny Götte dangerground@web.de
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -342,18 +342,13 @@ <input name="editautosavemode" type="hidden" value="false" />'); }
- $stmt=&DBConnection::getInstance()->prepare("SELECT name, type FROM ".ROSCMST_ENTRIES." WHERE id = :data_id LIMIT 1"); + $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(id) FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang ORDER BY datetime DESC"); $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); - $stmt->execute(); - $data = $stmt->fetchOnce(); - - $stmt=&DBConnection::getInstance()->prepare("SELECT COUNT(*) FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE d.name = :name AND r.version > 0 AND r.lang_id = :lang ORDER BY r.id DESC"); - $stmt->bindParam('name',$data['name'],PDO::PARAM_STR); $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT); $stmt->execute(); $revisions_count = $stmt->fetchColumn();
- if ($revisions_count <= 1) { + if ($revisions_count == 0) { $stmt=&DBConnection::getInstance()->prepare("SELECT name FROM ".ROSCMST_LANGUAGES." WHERE id=:lang_id"); $stmt->bindParam('lang_id',Language::getStandardId(),PDO::PARAM_INT); $stmt->execute(); @@ -366,27 +361,27 @@ else {
if (isset($_GET['d_arch']) && $_GET['d_arch']) { - $stmt=&DBConnection::getInstance()->prepare("SELECT r.id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE d.name = :name AND r.version > 0 AND r.lang_id = :lang AND r.archive IS TRUE ORDER BY r.id DESC LIMIT 2"); - $stmt->bindParam('name',$data['name'],PDO::PARAM_STR); + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang AND archive IS TRUE ORDER BY datetime DESC LIMIT 2"); + $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT); $stmt->execute(); $diff2 = $stmt->fetch(); - $diff2 = 'ar'.$diff2['id']; + $diff2 = $diff2['id']; $diff1 = $stmt->fetchOnce(); - $diff1 = 'ar'.$diff1['id']; + $diff1 = $diff1['id']; } else { - $stmt=&DBConnection::getInstance()->prepare("SELECT r.id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE d.name = :name AND r.version > 0 AND r.lang_id = :lang AND r.archive IS FALSE ORDER BY r.id DESC LIMIT 1"); - $stmt->bindParam('name',$data['name'],PDO::PARAM_STR); + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang AND archive IS FALSE ORDER BY datetime DESC LIMIT 1"); + $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT); $stmt->execute(); $diff2 = $stmt->fetchColumn();
- $stmt=&DBConnection::getInstance()->prepare("SELECT r.id FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON d.id = r.data_id WHERE d.name = :name AND r.version > 0 AND r.lang_id = :lang AND r.archive IS TRUE ORDER BY r.id DESC LIMIT 1"); - $stmt->bindParam('name',$data['name'],PDO::PARAM_STR); + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROM ".ROSCMST_REVISIONS." WHERE data_id = :data_id AND version > 0 AND lang_id = :lang AND archive IS TRUE ORDER BY datetime DESC LIMIT 1"); + $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT); $stmt->execute(); - $diff1 = 'ar'.$stmt->fetchColumn(); + $diff1 = $stmt->fetchColumn(); }
echo_strip(' @@ -779,7 +774,12 @@ echo '<h3>Versions History</h3>';
// get a perfect mixed entry set - $dataset = $this->helperHistory(Tag::getValueByUser($this->rev_id, 'number', -1)); + if (ThisUser::getInstance()->hasAccess('more_lang')) { + $dataset = $this->helperHistory(); + } + else { + $dataset = $this->helperHistory(RosUser::getLanguage(ThisUser::getInstance()->id(),true)); + }
$last_language = null; foreach ($dataset as $revision) { @@ -1053,16 +1053,16 @@
$last_lang = null; foreach($dataset as $revision) { - if ($revision['rev_language'] != $last_lang) { + if ($revision['lang_id'] != $last_lang) { if ($last_lang !== null) { echo '</optgroup>'; }
- echo '<optgroup label="'.$revision['lang_name'].'">'; - $last_lang = $revision['rev_language']; - } - - echo '<option value="'.($revision['archive'] ? 'ar' : '').$revision['rev_id'].'"'.(($revision['rev_id'] == $selected_rev) ? ' selected="selected"' : '').'>'.$revision['data_name'].' ('.$revision['rev_date'].') - v. '.$revision['rev_version'].'; '.$revision['user_name'].'</option>'; + echo '<optgroup label="'.$revision['language'].'">'; + $last_lang = $revision['lang_id']; + } + + echo '<option value="'.$revision['id'].'"'.(($revision['id'] == $selected_rev) ? ' selected="selected"' : '').'>'.$revision['name'].' ('.$revision['date'].') - v. '.$revision['version'].'; '.$revision['user_name'].'</option>'; } echo '</optgroup>'; } @@ -1075,62 +1075,25 @@ */ private function showDifference( $rev_id1, $rev_id2 ) { - // get archive mode for entry 1 - if (substr($rev_id1, 0, 2) == 'ar') { - $h1_a = '_a'; - $h1_a2 = 'a'; - $rev_id1 = substr($rev_id1, 2); - } - else { - $h1_a = ''; - $h1_a2 = ''; - } - - // get archive mode for entry 2 - if (substr($rev_id2, 0, 2) == 'ar') { - $h2_a = '_a'; - $h2_a2 = 'a'; - $rev_id2 = substr($rev_id2, 2); - } - else { - $h2_a = ''; - $h2_a2 = ''; - } - // @TODO: add short text and optional long text additional entries // diff source 1 - $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, r.id, r.version, l.name AS language, r.datetime, u.name AS user_name FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id WHERE r.id = :rev_id LIMIT 1"); + $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, r.id, r.version, l.name AS language, r.datetime, u.name AS user_name, t.content FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id JOIN ".ROSCMST_TEXT." t ON t.rev_id=r.id WHERE r.id = :rev_id AND t.name='content' LIMIT 1"); $stmt->bindParam('rev_id',$rev_id1,PDO::PARAM_INT); $stmt->execute(); $revision1 = $stmt->fetchOnce();
- $stmt=&DBConnection::getInstance()->prepare("SELECT content FROM ".ROSCMST_TEXT." WHERE rev_id = :rev_id AND name = 'content' ORDER BY name ASC"); - $stmt->bindParam('rev_id',$rev_id1,PDO::PARAM_INT); - $stmt->execute(); - $text1 = $stmt->fetchColumn(); - // diff source 2 - $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, r.id, r.version, l.name AS language, r.datetime, u.name AS user_name FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id WHERE r.id = :rev_id LIMIT 1"); + $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, d.type, r.id, r.version, l.name AS language, r.datetime, u.name AS user_name, t.content FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id JOIN ".ROSCMST_TEXT." t ON t.rev_id=r.id WHERE r.id = :rev_id AND t.name='content' LIMIT 1"); $stmt->bindParam('rev_id',$rev_id2,PDO::PARAM_INT); $stmt->execute(); $revision2 = $stmt->fetchOnce();
- $stmt=&DBConnection::getInstance()->prepare("SELECT content FROM ".ROSCMST_TEXT." WHERE rev_id = :rev_id AND name = 'content' ORDER BY name ASC"); - $stmt->bindParam('rev_id',$rev_id2,PDO::PARAM_INT); - $stmt->execute(); - $text2 = $stmt->fetchColumn(); - // get data id from any stable revision - $this->data_id = $revision2['data_id']; - if ($h2_a2 != '') { - $this->data_id = $revision1['data_id']; - } + $this->data_id = $revision1['data_id'];
echo_strip(' <div style="display: block; border-bottom: 1px solid #bbb; border-right: 1px solid #bbb; background: white none repeat scroll 0%;"> - <div style="margin:10px;"> - <br /> - <span>Compare</span>'); + <div style="margin:10px;">');
if ($rev_id1 == $rev_id2) { echo '<p>Please select two different entries to display the differences!</p>'; @@ -1144,18 +1107,18 @@ <tr> <td style="text-align:center;"> <select name="cbmdiff1" id="cbmdiff1" onchange="'."getDiffEntries(this.value, document.getElementById('cbmdiff2').value)".'">'); + $this->selectRevision($rev_id1); // history - $this->selectRevision($rev_id1); echo_strip(' </select> </td> <td style="width:50px;text-align:center;"> - <input type="submit" name="switchdiff" id="switchdiff" value="switch" onclick="'."getDiffEntries(document.getElementById('cbmdiff2').value, document.getElementById('cbmdiff1').value)".'" /> + <button name="switchdiff" id="switchdiff" onclick="'."getDiffEntries(document.getElementById('cbmdiff2').value, document.getElementById('cbmdiff1').value)".'">switch</button> </td> <td style="text-align:center;"> <select name="cbmdiff2" id="cbmdiff2" onchange="'."getDiffEntries(document.getElementById('cbmdiff1').value, this.value)".'">'); + $this->selectRevision($rev_id2); // history - $this->selectRevision($rev_id2); echo_strip(' </select> </td> @@ -1179,15 +1142,15 @@ <li>Language: '.$revision2['language'].'</li> <li>User: '.$revision2['user_name'].'</li>'); if (ThisUser::getInstance()->hasAccess('entry_details')) { - echo '<li>ID: '.$revision2['id'].'</li>'; + echo '<li>Rev-ID: '.$revision2['id'].'</li>'; } echo_strip(' </ul> </td> </tr> </table> - <div><pre id="frmeditdiff1" style="display: none;">');echo $text1;echo_strip('</pre></div> - <div><pre id="frmeditdiff2" style="display: none;">');echo $text2;echo_strip('</pre></div> + <div id="frmeditdiff1" style="display: none;">');echo $revision1['content'];echo_strip('</div> + <div id="frmeditdiff2" style="display: none;">');echo $revision2['content'];echo_strip('</div> <div style="display: block;border-bottom: 1px solid #bbb; border-right: 1px solid #bbb; border-top: 1px solid #e3e3e3; border-left: 1px solid #e3e3e3; background: #F2F2F2;"> <pre style="margin:10px; font-size:9px; font-family:Arial, Helvetica, sans-serif;" id="frmeditdiff"> </pre> </div> @@ -1202,18 +1165,26 @@ * @param mixed data_normal should be already in right order * @access private */ - private function helperHistory( ) + private function helperHistory( $lang_id = null ) { // check stable entries $stmt=&DBConnection::getInstance()->prepare("SELECT name, type FROM ".ROSCMST_ENTRIES." WHERE id = :data_id LIMIT 1"); $stmt->bindParam('data_id',$this->data_id,PDO::PARAM_INT); $stmt->execute(); - $data = $stmt->fetchOnce(); - - // select active entries - $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, r.id, l.name AS language, r.version, r.datetime, u.name AS user_name FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id JOIN ".ROSCMST_USERS." u ON u.id = r.user_id WHERE d.name = :name AND d.type = :type AND r.version > 0 ORDER BY l.name ASC, r.datetime DESC"); - $stmt->bindParam('name',$data['data_name'],PDO::PARAM_STR); - $stmt->bindParam('type',$data['data_type'],PDO::PARAM_STR); + $data = $stmt->fetchOnce(PDO::FETCH_ASSOC); + + // select all related entries + if ($lang_id === null) { + $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, r.id, r.lang_id, l.name AS language, r.version, DATE(r.datetime) as date, r.datetime, u.name AS user_name, r.archive FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id JOIN ".ROSCMST_USERS." u ON u.id = r.user_id WHERE d.name = :name AND d.type = :type AND r.version > 0 ORDER BY l.name ASC, r.datetime DESC"); + } + + // select only one language + else { + $stmt=&DBConnection::getInstance()->prepare("SELECT r.data_id, d.name, r.id, r.lang_id, l.name AS language, r.version, DATE(r.datetime) as date, r.datetime, u.name AS user_name, r.archive FROM ".ROSCMST_ENTRIES." d JOIN ".ROSCMST_REVISIONS." r ON r.data_id = d.id JOIN ".ROSCMST_LANGUAGES." l ON r.lang_id = l.id JOIN ".ROSCMST_USERS." u ON u.id = r.user_id WHERE d.name = :name AND d.type = :type AND r.version > 0 AND r.lang_id=:lang_id ORDER BY l.name ASC, r.datetime DESC"); + $stmt->bindParam('lang_id',$lang_id,PDO::PARAM_INT); + } + $stmt->bindParam('name',$data['name'],PDO::PARAM_STR); + $stmt->bindParam('type',$data['type'],PDO::PARAM_STR); $stmt->execute(); return $stmt->fetchAll(PDO::FETCH_ASSOC); } // end of member function helperHistory
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_User.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -52,13 +52,7 @@ public function search( ) { $thisuser = &ThisUser::getInstance(); - $display = ''; // list / user details - $user_id = $_GET['d_val']; - $search_string = $_GET['d_val']; - $group_id = @$_GET['d_val2']; - $new_lang = @$_GET['d_val2']; - $search_type = @$_GET['d_Val2'];
if (!$thisuser->hasAccess('user')) { return; @@ -79,27 +73,28 @@ }
if (isset($_GET['d_fl'])) { - // do some actions switch ($_GET['d_fl']) { case 'addmembership': // check if user is already member, so we don't add him twice // also check that you don't give accounts a higher seclevel - $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM ".ROSCMST_MEMBERSHIPS." m JOIN ".ROSCMST_GROUPS." g ON m.group_id = g.id WHERE m.user_id = :user_id AND m.group_id = :group_id LIMIT 1"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); - $stmt->bindParam('group_id',$group_id,PDO::PARAM_STR); + $stmt=&DBConnection::getInstance()->prepare("SELECT DISTINCT g.security_level FROM ".ROSCMST_GROUPS." g JOIN ".ROSCMST_MEMBERSHIPS." m ON m.group_id=g.id WHERE g.id = :group_id AND m.user_id != :user_id LIMIT 1"); + $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); - if ($stmt->fetchColumn() === false) { + $level = $stmt->fetchColumn(); + + if ($level !== false && $thisuser->hasAccess('addlvl'.$level.'group')) {
// insert new membership $stmt=&DBConnection::getInstance()->prepare("INSERT INTO ".ROSCMST_MEMBERSHIPS." ( user_id , group_id ) VALUES ( :user_id, :group_id )"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); - $stmt->bindParam('group_id',$group_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT); $stmt->execute(); if ($user_lang !== false) { - Log::writeLangMedium('add user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}', $user_lang); + Log::writeLangMedium('add user account membership: user-id='.$_GET['user'].', group-id='.$_GET['group'].' done by '.$thisuser->id().' {data_user_out}', $user_lang); } - Log::writeMedium('add user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); + Log::writeMedium('add user account membership: user-id='.$_GET['user'].', group-id='.$_GET['group'].' done by '.$thisuser->id().' {data_user_out}'); } // preselect displayed content $display = 'detail'; @@ -107,13 +102,13 @@
case 'delmembership': $stmt=&DBConnection::getInstance()->prepare("DELETE FROM ".ROSCMST_MEMBERSHIPS." WHERE user_id = :user_id AND group_id = :group_id LIMIT 1"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); - $stmt->bindParam('group_id',$group_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); + $stmt->bindParam('group_id',$_GET['group'],PDO::PARAM_INT); $stmt->execute(); if ($user_lang !== false) { - Log::writeLangMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}', $user_lang); - } - Log::writeMedium('delete user account membership: user-id='.$user_id.', group-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); + Log::writeLangMedium('delete user account membership: user-id='.$_GET['user'].', group-id='.$_GET['group'].' done by '.$thisuser->id().' {data_user_out}', $user_lang); + } + Log::writeMedium('delete user account membership: user-id='.$_GET['user'].', group-id='.$_GET['group'].' done by '.$thisuser->id().' {data_user_out}'); // preselect displayed content $display = 'detail'; break; @@ -122,7 +117,7 @@ // only with admin rights if ($thisuser->hasAccess('disableaccount')) { $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_USERS." SET disabled = TRUE WHERE id = :user_id"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); } // preselect displayed content @@ -134,7 +129,7 @@ if ($thisuser->hasAccess('disableaccount')) { // enable account only, if he has already activated his account $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_USERS." SET disabled = FALSE WHERE activation = '' AND id = :user_id"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); } // preselect displayed content @@ -143,13 +138,13 @@
case 'upateusrlang': $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_USERS." SET lang_id = :lang WHERE id = :user_id"); - $stmt->bindParam('lang',$group_id); - $stmt->bindParam('user_id',$user_id); + $stmt->bindParam('lang',$_GET['lang']); + $stmt->bindParam('user_id',$_GET['user']); $stmt->execute(); if ($user_lang) { - Log::writeLangMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}', $user_lang); - } - Log::writeMedium('change user account language: user-id='.$user_id.', lang-id='.$group_id.' done by '.$thisuser->id().' {data_user_out}'); + Log::writeLangMedium('change user account language: user-id='.$_GET['user'].', lang-id='.$_GET['lang'].' done by '.$thisuser->id().' {data_user_out}', $user_lang); + } + Log::writeMedium('change user account language: user-id='.$_GET['user'].', lang-id='.$_GET['lang'].' done by '.$thisuser->id().' {data_user_out}'); // preselect displayed content $display = 'detail'; break; @@ -162,13 +157,13 @@
// list / details if($display == 'list') { - if (isset($_GET['d_val']) &&strlen($_GET['d_val']) > 2) { + if (isset($_GET['phrase']) && strlen($_GET['phrase']) > 2) { echo_strip(' <fieldset> <legend>Results</legend> <ul>');
- switch ($search_type) { + switch ($_GET['option']) { case 'fullname': $sql_search = "u.fullname"; break; @@ -179,8 +174,10 @@ $sql_search = "u.homepage"; break; case 'language': - $sql_search = "l.name"; - break; + if ($thisuser->hasAccess('more_lang')) { + $sql_search = "l.name"; + break; + } case 'accountname': default: $sql_search = "u.name"; @@ -191,13 +188,13 @@ $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE ". $sql_search ." LIKE :value ORDER BY u.name ASC LIMIT 25"); } else { - $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE ". $sql_search ." LIKE :value AND u.lang_id=:user_lang ORDER BY u.name ASC LIMIT 25"); + $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE ". $sql_search ." LIKE :value AND l.id=:user_lang ORDER BY u.name ASC LIMIT 25"); $stmt->bindValue('user_lang',$user_lang,PDO::PARAM_INT); } - $stmt->bindValue('value','%'.$search_string.'%',PDO::PARAM_INT); + $stmt->bindValue('value','%'.$_GET['phrase'].'%',PDO::PARAM_INT); $stmt->execute(); $users = $stmt->fetchAll(PDO::FETCH_ASSOC); - foreach ( $users as $user) { + foreach ($users as $user) { echo_strip(' <li> <a href="'."javascript:getUserDetails('".$user['id']."')".'">'.$user['name'].'</a> @@ -219,7 +216,7 @@
elseif ($display == 'detail') { $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.modified, u.logins, u.created, u.fullname, u.email, l.name AS language, u.disabled FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON l.id=u.lang_id WHERE u.id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); $user = $stmt->fetchOnce();
@@ -245,7 +242,7 @@ <ul>');
$stmt=&DBConnection::getInstance()->prepare("SELECT g.name, m.group_id FROM ".ROSCMST_GROUPS." g JOIN ".ROSCMST_MEMBERSHIPS." m ON g.id=m.group_id WHERE m.user_id = :user_id ORDER BY g.name ASC"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); while ($membership = $stmt->fetch(PDO::FETCH_ASSOC)) {
@@ -253,7 +250,7 @@ if ($thisuser->hasAccess('delmembership')) { echo_strip(' - <span class="frmeditbutton" onclick="'."delMembership(".$user_id.", '".$membership['group_id']."')".'"> + <span class="frmeditbutton" onclick="'."delMembership(".$_GET['user'].", '".$membership['group_id']."')".'"> <img src="images/remove.gif" alt="" style="width:11px; height:11px; border:0px;" /> Delete </span>'); @@ -264,18 +261,18 @@
if ($thisuser->hasAccess('addmembership')) { echo '<select id="cbmmemb" name="cbmmemb">'; - $stmt=&DBConnection::getInstance()->prepare("SELECT g.id, g.name FROM ".ROSCMST_MEMBERSHIPS." m JOIN ".ROSCMST_GROUPS." g ON g.id!=m.group_id WHERE m.user_id != :user-id ORDER BY g.name ASC"); - $stmt->bindParam('user_id',$user_id,PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT id, name, security_level FROM ".ROSCMST_GROUPS." WHERE id NOT IN(SELECT group_id FROM ".ROSCMST_MEMBERSHIPS." WHERE user_id=:user_id) ORDER BY name ASC"); + $stmt->bindParam('user_id',$_GET['user'],PDO::PARAM_INT); $stmt->execute(); while ($group = $stmt->fetch(PDO::FETCH_ASSOC)) {
// only super admin can give super admin rights - if ($group['usrgroup_name'] != 'sadmin' || $thisuser->hasAccess('addLvl')) { + if ($thisuser->hasAccess('addlvl'.$group['security_level'].'group')) { echo '<option value="'.$group['id'].'">'.$group['name'].'</option>'; } } echo_strip('</select> - <input type="button" name="addmemb" id="addmemb" value="Add Membership" onclick="'."getUserDetails(".$user_id.", document.getElementById('cbmmemb').value)".'" /> + <button name="addmemb" id="addmemb" onclick="'."addMembership(".$_GET['user'].", document.getElementById('cbmmemb').value)".'">Add Membership</button> <br /> <br /> <select id="cbmusrlang" name="cbmusrlang">'); @@ -285,20 +282,13 @@ echo '<option value="'.$lang['id'].'">'.$lang['name'].'</option>'; } echo_strip('</select> - <input type="button" name="addusrlang" id="addusrlang" value="Update User language" onclick="'."updateUserLang(".$user_id.", document.getElementById('cbmusrlang').value)".'" /><br />'); + <input type="button" name="addusrlang" id="addusrlang" value="Update User language" onclick="'."updateUserLang(".$_GET['user'].", document.getElementById('cbmusrlang').value)".'" /><br />'); } elseif ($thisuser->hasAccess('addtransl')) { - echo_strip('<input type="button" name="addmemb" id="addmemb" value="Make this User a Translator" onclick="'."getUserDetails(".$user_id.", 'translator')".'" /> - <br /> - <br />'); - $stmt=&DBConnection::getInstance()->prepare("SELECT l.id, l.name FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON l.id=u.lang_id WHERE id = :user_id LIMIT 1"); - $stmt->bindParam('user_id',$thisuser->id(),PDO::PARAM_INT); + $stmt=&DBConnection::getInstance()->prepare("SELECT id FROm ".ROSCMST_GROUPS." WHERE name_short='translator'"); $stmt->execute(); - $lang = $stmt->fetchColumn(); - - if ($lang !== false) { - echo '<input type="button" name="addusrlang" id="addusrlang" value="Switch User language to ''.$lang['name'].''" onclick="'."updateUserLang(".$user_id.", '".$lang['id'].")".'" /><br />'; - } + + echo '<input type="button" name="addmemb" id="addmemb" value="Make this User a Translator" onclick="'."addMembership(".$_GET['user'].", '".$stmt->fetchColumn()."')".'" />';
} echo '</fieldset><br />';
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Export_XML.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -157,7 +157,7 @@ $stmt_acl=&DBConnection::getInstance()->prepare("SELECT name FROM ".ROSCMST_ACCESS." WHERE id = :access_id LIMIT 1");
// make the order command ready for usage - if ($this->sql_order == '') { + if ($this->sql_order == null) { $this->sql_order = " ORDER BY r.id DESC"; } else { @@ -591,7 +591,7 @@
// security (ACL) case 'i': - $this->sql_where .= "d.access_id".($type_b=='is' ? '=':'!=').DBConnection::getInstance()->quote($type_c,PDO::PARAM_STR); + $this->sql_where .= "d.access_id ".($type_b=='is' ?'':"NOT ")."IN (".Data::hasAccessAsList($type_c).")"; break;
// metadata
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Generate.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -18,10 +18,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -function getTagValueG($data_id, $rev_id, $user, $name) { - return Tag::getValue($rev_id, $name, $user); -} +
/** * class Generate @@ -60,10 +57,6 @@ $this->output_type = $output_type; $this->begin = date('Y-m-d H:i:s');
- //@DEPRACTED - mysql_connect(DB_HOST, DB_USER, DB_PASS); - mysql_select_db(DB_NAME); - // try to force unlimited script runtime @set_time_limit(300); } @@ -191,7 +184,7 @@ $content = str_replace('[#'.$this->short[$depency['type']].'_'.$depency['name'].']', $this->getCached(array(null, $this->short[$depency['type']].'_'.$depency['name'])), $content); } // eval - else {echo '[#inc_'.$depency['name'].']'; + else { $content = str_replace('[#inc_'.$depency['name'].']', $this->evalTemplate(array(null,$depency['name'])), $content); } } @@ -689,7 +682,7 @@ $roscms_lang_id = $this->lang_id;
// execute code and return the output - eval($revision['content']); + eval('?>'.$revision['content']); $content = ob_get_contents(); ob_end_clean(); }
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_User.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -62,14 +62,6 @@ <h2>User</h2> <p style="font-weight: bold;">User Account Management Interface</p> <br />'); - - if ($thisuser->hasAccess('more_lang')) { - $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language, COUNT(r.id) as editcounter FROM ".ROSCMST_REVISIONS." r JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE r.version > 0 GROUP BY u.name ORDER BY editcounter DESC, u.name"); - } - else { - $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language, COUNT(r.id) as editcounter FROM ".ROSCMST_REVISIONS." r JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE r.version > 0 AND r.lang_id = :lang GROUP BY u.name ORDER BY editcounter DESC, u.name"); - $stmt->bindParam('lang',Language::getStandardId(),PDO::PARAM_INT); - }
echo_strip(' <div> @@ -85,12 +77,30 @@ <div id="userarea"></div> <br /> <br /> - <h4>Translators</h4> - <ul>'); + <h4>Translators</h4>'); + // get list of translators + if ($thisuser->hasAccess('more_lang')) { + $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language, COUNT(r.id) as editcounter FROM ".ROSCMST_REVISIONS." r JOIN ".ROSCMST_USERS." u ON r.user_id = u.id JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id WHERE r.version > 0 GROUP BY u.id ORDER BY l.level DESC, l.name ASC, editcounter DESC, u.name ASC"); + }
+ // get list only for one language + else { + $stmt=&DBConnection::getInstance()->prepare("SELECT u.id, u.name, u.fullname, l.name AS language, (SELECT COUNT(id) FROM ".ROSCMST_REVISIONS." WHERE user_id = u.id AND version > 0) as editcounter FROM ".ROSCMST_USERS." u JOIN ".ROSCMST_LANGUAGES." l ON u.lang_id=l.id JOIN ".ROSCMST_MEMBERSHIPS." m ON m.user_id=u.id JOIN ".ROSCMST_GROUPS." g ON g.id=m.group_id WHERE g.name_short='translator' AND u.lang_id = :lang ORDER BY editcounter DESC, u.name ASC"); + $stmt->bindParam('lang',ROSUser::getLanguage($thisuser->id(),true),PDO::PARAM_INT); + } + + // output list of translators $stmt->execute(); + $oldlang = null; while ($translator = $stmt->fetch(PDO::FETCH_ASSOC)) { - echo '<li>'.$translator['name'].' ('.$translator['fullname'].'; '.$translator['language'].') '.$translator['editcounter'].' stable edits</li>'; + if ($oldlang != $translator['language']) { + if ($oldlang !== null) { + echo '</ul>'; + } + echo '<h5>'.$translator['language'].'</h5><ul>'; + } + $oldlang = $translator['language']; + echo '<li>'.$translator['name'].' ('.$translator['fullname'].') '.$translator['editcounter'].' stable edits</li>'; }
echo_strip('
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/HTML_CMS_Website.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -310,6 +310,7 @@ <div id="frmedithead" style="padding-bottom: 10px;"> </div> <div style="width:100%;"> <div id="editzone"> </div> + <div id="frmdiff"></div> </div> </div> </div>
Modified: branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php URL: http://svn.reactos.org/svn/reactos/branches/danny-web/reactos.org/htdocs/ros... ============================================================================== --- branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] (original) +++ branches/danny-web/reactos.org/htdocs/roscms/lib/Tag.class.php [iso-8859-1] Mon Jan 19 13:01:51 2009 @@ -163,10 +163,11 @@ public static function update( $tag_id, $new_value ) { // tag already exists ? - $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM ".ROSCMST_TAGS." WHERE tag_id = :tag_id AND user_id IN(-1, 0, :user_id) LIMIT 1"); + $stmt=&DBConnection::getInstance()->prepare("SELECT 1 FROM ".ROSCMST_TAGS." WHERE id = :tag_id AND user_id IN(-1, 0, :user_id) LIMIT 1"); $stmt->bindParam('tag_id',$tag_id,PDO::PARAM_INT); $stmt->bindParam('user_id',ThisUser::getInstance()->id(),PDO::PARAM_INT); - if ($stmt->fetchColumn() || ThisUser::getInstance()->hasAccess('updatetag')) { + $stmt->execute(); + if ($stmt->fetchColumn()) {
// update value $stmt=&DBConnection::getInstance()->prepare("UPDATE ".ROSCMST_TAGS." SET value = :new_value WHERE id=:tag_id");
-
dgoette@svn.reactos.org