diff options
author | neoraider <devnull@localhost> | 2006-04-16 22:21:01 +0200 |
---|---|---|
committer | neoraider <devnull@localhost> | 2006-04-16 22:21:01 +0200 |
commit | bde164393aa3b8c59ee15c0ae80c4268b236fb47 (patch) | |
tree | 9972504ddb25387ac1d20085e126afb583a66a19 | |
parent | ac0c6f0b35a99fed2308aef85df818db3d871a95 (diff) | |
download | neon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.tar neon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.zip |
Rechteverwaltung ?berarbeitet.
-rw-r--r-- | code/links.inc.php | 4 | ||||
-rw-r--r-- | code/pages.inc.php | 64 | ||||
-rw-r--r-- | code/user.inc.php | 12 | ||||
-rw-r--r-- | config/neon.sql | 12 | ||||
-rw-r--r-- | pages/Login.c.xml | 2 | ||||
-rw-r--r-- | pages/Login.n.xml | 2 | ||||
-rw-r--r-- | pages/Logout.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages.c.xml | 3 | ||||
-rw-r--r-- | pages/Pages/Copy.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Delete.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Edit.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Handle.c.xml | 58 | ||||
-rw-r--r-- | pages/Pages/New.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Privs.c.xml | 62 | ||||
-rw-r--r-- | pages/Pages/Rename.c.xml | 2 | ||||
-rw-r--r-- | pages/Privileges.c.xml | 91 | ||||
-rw-r--r-- | pages/Privileges/Update.c.xml | 48 | ||||
-rw-r--r-- | pages/Users.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Delete.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Group.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Handle.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/New.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Password.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Rename.c.xml | 2 | ||||
-rw-r--r-- | pages/default.e.xml | 2 | ||||
-rw-r--r-- | pages/phpexec.e.xml | 2 | ||||
-rw-r--r-- | styles/TheWhiteOne/style.css | 2 |
27 files changed, 200 insertions, 190 deletions
diff --git a/code/links.inc.php b/code/links.inc.php index b5ae18e..d65eea1 100644 --- a/code/links.inc.php +++ b/code/links.inc.php @@ -3,7 +3,7 @@ class Links { function GetNeonLink($page, $extra = '', $html = true) { - if($GLOBALS['pages']->HasAccess($page, 'c')) { + if($GLOBALS['pages']->HasReadAccess($page, 'c')) { if($GLOBALS['user']->login_type == 'url') $ret = 'index.php?page=' . $page . '&login=' . $GLOBALS['user']->login_key . ($extra ? '&' . $extra : ''); @@ -27,7 +27,7 @@ } function GetNavPage($page) { - if($GLOBALS['pages']->HasAccess($page, 'n')) { + if($GLOBALS['pages']->HasReadAccess($page, 'n')) { $page = $GLOBALS['pages']->Get($page, 'n'); return $page['content']; } diff --git a/code/pages.inc.php b/code/pages.inc.php index 50ca2b7..c696836 100644 --- a/code/pages.inc.php +++ b/code/pages.inc.php @@ -15,9 +15,8 @@ 'Pages:Edit.c' => null, 'Pages:Handle.c' => null, 'Pages:New.c' => null, + 'Pages:Privs.c' => null, 'Pages:Rename.c' => null, - 'Privileges.c' => null, - 'Privileges:Update.c' => null, 'Users.c' => null, 'Users:Delete.c' => null, 'Users:Group.c' => null, @@ -35,7 +34,7 @@ return array('title' => $page, 'content' => ErrorMessage('PageNotFound', array('page' => $page))); - if(!$this->HasAccess($page, $type)) + if(!$this->HasReadAccess($page, $type)) return array('title' => $page, 'content' => ErrorMessage('Forbidden', array('page' => $page))); @@ -54,7 +53,7 @@ return array('title' => $page, 'content' => ErrorMessage('PageNotFound', array('page' => $page))); - if(!$GLOBALS['user']->IsAdmin()) + if(!$this->HasWriteAccess($page, $type)) return array('title' => $page, 'content' => ErrorMessage('Forbidden', array('page' => $page))); @@ -79,7 +78,7 @@ return ($res->RecordCount() > 0); } - function HasAccess($page, $type) { + function HasReadAccess($page, $type) { if(!$this->Exists($page, $type)) return false; if($GLOBALS['user']->IsAdmin()) return true; @@ -87,7 +86,18 @@ $access = $this->GetAccess($page, $type); - return ((hexdec($access[$gid/4]) & (1 << ($gid%4))) != 0); + return ((hexdec($access[0][$gid/4]) & (1 << ($gid%4))) != 0); + } + + function HasWriteAccess($page, $type) { + if(!$this->Exists($page, $type)) return false; + if($GLOBALS['user']->IsAdmin()) return true; + + $gid = $GLOBALS['user']->gid; + + $access = $this->GetAccess($page, $type); + + return ((hexdec($access[1][$gid/4]) & (1 << ($gid%4))) != 0); } function GetPageData($page, $type) { @@ -123,7 +133,7 @@ if(!$access) return null; if(count($access['children']) != 1) return; if(!is_string($access['children'][0])) return; - $access = $access['children'][0]; + $access = explode(':', $access['children'][0]); $rawdata = $GLOBALS['xmlparser']->FindTag($xmldata, 'data'); @@ -140,10 +150,10 @@ 'access' => $access, 'data' => $data); } - $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); + $res = $GLOBALS['db']->Execute('SELECT readaccess, writeaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) - $this->pages[$page . '.' . $type]['access'] = $res->fields[0]; + $this->pages[$page . '.' . $type]['access'] = array($res->fields[0], $res->fields[1]); } return $this->pages[$page . '.' . $type]; @@ -176,8 +186,8 @@ $pagedata = $this->GetPageData($page, $type); - $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', - array($page, $type, $pagedata['access'])); + $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess, writeaccess) VALUES (?, ?, ?, ?)', + array($page, $type, $pagedata['access'][0], $pagedata['access'][1])); $GLOBALS['db']->Execute('INSERT INTO pages (name, template, data, type) VALUES (?, ?, ?, ?)', array($page, $pagedata['template'], $string, $type)); @@ -233,10 +243,10 @@ } function GetAccess($page, $type) { - $res = $GLOBALS['db']->Execute('SELECT readaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); + $res = $GLOBALS['db']->Execute('SELECT readaccess, writeaccess FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) - return $res->fields[0]; + return array($res->fields[0], $res->fields[1]); $pagedata = $this->GetPageData($page, $type); @@ -247,24 +257,38 @@ $res = $GLOBALS['db']->Execute('SELECT id FROM privs WHERE name = ? AND type = ?', array($page, $type)); if($res->RecordCount()) { - $GLOBALS['db']->Execute('UPDATE privs SET readaccess = ? WHERE name = ? AND type = ?', array($access, $page, $type)); + $GLOBALS['db']->Execute('UPDATE privs SET readaccess = ?, writeaccess = ? WHERE name = ? AND type = ?', array($access[0], $access[1], $page, $type)); return true; } $pagedata = $this->GetPageData($page, $type); - if(strlen($access) > strlen($pagedata['access'])) { - if(eregi('^' . $pagedata['access'] . '0+$', $access)) return true; + $changed = false; + + if(strlen($access[0]) > strlen($pagedata['access'][0])) { + if(!eregi('^' . $pagedata['access'][0] . '0+$', $access[0])) $changed = true; } - elseif(strlen($access) < strlen($pagedata['access'])) { - if(eregi('^' . $access . '0+$', $pagedata['access'])) return true; + elseif(strlen($access[0]) < strlen($pagedata['access'][0])) { + if(!eregi('^' . $access[0] . '0+$', $pagedata['access'][0])) $changed = true; } else { - if(strcasecmp($access, $pagedata['access']) == 0) return true; + if(strcasecmp($access[0], $pagedata['access'][0]) != 0) $changed = true; + } + + if(!$changed) { + if(strlen($access[1]) > strlen($pagedata['access'][1])) { + if(eregi('^' . $pagedata['access'][1] . '0+$', $access[1])) return true; + } + elseif(strlen($access[1]) < strlen($pagedata['access'][1])) { + if(eregi('^' . $access[1] . '0+$', $pagedata['access'][1])) return true; + } + else { + if(strcasecmp($access[1], $pagedata['access'][1]) == 0) return true; + } } - $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess) VALUES (?, ?, ?)', array($page, $type, $access)); + $GLOBALS['db']->Execute('INSERT INTO privs (name, type, readaccess, writeaccess) VALUES (?, ?, ?, ?)', array($page, $type, $access[0], $access[1])); return ($GLOBALS['db']->Affected_Rows() > 0); } diff --git a/code/user.inc.php b/code/user.inc.php index b9cab2d..4912bcc 100644 --- a/code/user.inc.php +++ b/code/user.inc.php @@ -136,6 +136,18 @@ return ($GLOBALS['db']->Affected_Rows() > 0); } + + function ListUsers() { + $res = $GLOBALS['db']->Execute('SELECT id, name FROM users ORDER BY id'); + + return $res->GetArray(); + } + + function ListGroups() { + $res = $GLOBALS['db']->Execute('SELECT id, name FROM groups ORDER BY id'); + + return $res->GetArray(); + } } $GLOBALS['user'] = new User; diff --git a/config/neon.sql b/config/neon.sql index 4d663dd..21fec04 100644 --- a/config/neon.sql +++ b/config/neon.sql @@ -3,7 +3,7 @@ -- http://www.phpmyadmin.net -- -- Host: localhost --- Erstellungszeit: 14. April 2006 um 02:13 +-- Erstellungszeit: 16. April 2006 um 22:17 -- Server Version: 5.0.19 -- PHP-Version: 5.1.2-1+b1 -- @@ -58,7 +58,6 @@ INSERT INTO `nav` VALUES (9, 0, 'Mitglieder', ''); INSERT INTO `nav` VALUES (10, 0, 'Test', ''); INSERT INTO `nav` VALUES (11, 10, 'Lorem Ipsum', ':Test:LoremIpsum'); INSERT INTO `nav` VALUES (12, 8, 'Seiten', ':Pages'); -INSERT INTO `nav` VALUES (13, 8, 'Rechte', ':Privileges'); INSERT INTO `nav` VALUES (14, 8, 'Benutzer', ':Users'); -- -------------------------------------------------------- @@ -96,6 +95,7 @@ CREATE TABLE `privs` ( `name` varchar(255) NOT NULL, `type` enum('c','n','e') NOT NULL, `readaccess` text NOT NULL, + `writeaccess` text NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `name` (`name`,`type`) ) TYPE=MyISAM AUTO_INCREMENT=9 ; @@ -104,9 +104,9 @@ CREATE TABLE `privs` ( -- Daten für Tabelle `privs` -- -INSERT INTO `privs` VALUES (6, 'Home:Startseite', 'c', '9'); -INSERT INTO `privs` VALUES (2, 'Test:LoremIpsum', 'c', '9'); -INSERT INTO `privs` VALUES (3, 'Test:BBCode', 'c', '9'); +INSERT INTO `privs` VALUES (6, 'Home:Startseite', 'c', '9', '0'); +INSERT INTO `privs` VALUES (2, 'Test:LoremIpsum', 'c', '9', '0'); +INSERT INTO `privs` VALUES (3, 'Test:BBCode', 'c', '9', '0'); -- -------------------------------------------------------- @@ -129,6 +129,6 @@ CREATE TABLE `users` ( -- Daten für Tabelle `users` -- -INSERT INTO `users` VALUES (1, '', 0, 'NeoRaider', 'gamezock', '2006-04-14 02:13:08'); +INSERT INTO `users` VALUES (1, '', 0, 'NeoRaider', 'gamezock', '2006-04-16 22:17:42'); INSERT INTO `users` VALUES (3, '', 0, 'sicarius', 'armleuchter', '2006-03-05 23:46:46'); INSERT INTO `users` VALUES (4, '', 0, 'morti', 'return', '2006-03-05 22:02:27'); diff --git a/pages/Login.c.xml b/pages/Login.c.xml index 666bf4e..3f69400 100644 --- a/pages/Login.c.xml +++ b/pages/Login.c.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>1</access> + <access>1:0</access> <type>c</type> </info> <data> diff --git a/pages/Login.n.xml b/pages/Login.n.xml index 4e58e32..71fb2b3 100644 --- a/pages/Login.n.xml +++ b/pages/Login.n.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>1</access> + <access>1:0</access> <type>n</type> </info> <data> diff --git a/pages/Logout.c.xml b/pages/Logout.c.xml index 88bbae3..9447dca 100644 --- a/pages/Logout.c.xml +++ b/pages/Logout.c.xml @@ -3,7 +3,7 @@ <info> <name>Logout</name> <template>phpexec</template> - <access>8</access> + <access>8:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages.c.xml b/pages/Pages.c.xml index 7722ac5..f9db838 100644 --- a/pages/Pages.c.xml +++ b/pages/Pages.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> @@ -47,6 +47,7 @@ echo '<input type="submit" name="view" value="Anzeigen" /> '; echo '<input type="submit" name="new" value="Neu" /> '; echo '<input type="submit" name="edit" value="Bearbeiten" /> '; + echo '<input type="submit" name="privs" value="Rechte ändern" /> '; echo '<input type="submit" name="copy" value="Kopieren" /> '; echo '<input type="submit" name="rename" value="Umbenennen" /> '; echo '<input type="submit" name="delete" value="Löschen" />'; diff --git a/pages/Pages/Copy.c.xml b/pages/Pages/Copy.c.xml index e0b2ea8..79becca 100644 --- a/pages/Pages/Copy.c.xml +++ b/pages/Pages/Copy.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Copy</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Delete.c.xml b/pages/Pages/Delete.c.xml index 60d7cb6..07e6ff3 100644 --- a/pages/Pages/Delete.c.xml +++ b/pages/Pages/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Delete</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Edit.c.xml b/pages/Pages/Edit.c.xml index 6680ef6..dfe9a51 100644 --- a/pages/Pages/Edit.c.xml +++ b/pages/Pages/Edit.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Edit</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Handle.c.xml b/pages/Pages/Handle.c.xml index 47fa776..734c62d 100644 --- a/pages/Pages/Handle.c.xml +++ b/pages/Pages/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Handle</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> @@ -51,9 +51,59 @@ echo $data['content']; } } + elseif(isset($_POST['privs'])) { + if($_POST['name']) { + $name = htmlspecialchars(Unquote($_POST['name'])); + + $title = 'Rechte von \'' . $name . '\' ändern'; + + echo '<h2>Rechte von \'' . $name . '\' ändern</h2>'; + + $access = $GLOBALS['pages']->GetAccess(Unquote($_POST['name']), $_POST['type']); + $groups = $GLOBALS['user']->ListGroups(); + + array_unshift($groups, array(0, 'Gast')); + + echo '<form action="' . $GLOBALS['links']->GetNeonLink('Pages:Privs') . '" method="post">'; + + echo '<input type="hidden" name="name" value="' . $name . '" />'; + echo '<input type="hidden" name="type" value="' . $_POST['type'] . '" />'; + + echo '<table>'; + + foreach($groups as $group) { + echo '<tr><td>' . htmlspecialchars($group[1]) . '</td><td>'; + + echo '<select size="1" name="group_' . $group[0] . '">'; + + echo '<option value="0"'; + if((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) == 0) echo ' selected="selected"'; + echo '>Kein Zugriff</option>'; + + echo '<option value="1"'; + if(((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) != 0) + && ((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) == 0)) + echo ' selected="selected"'; + echo '>Nur lesen</option>'; + + echo '<option value="2"'; + if((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo ' selected="selected"'; + echo '>Lesen und schreiben</option>'; + + echo '</select></td></tr>'; + } + + echo '</table>'; + + echo '<input type="submit" class="spaced-top" value="Ändern" /> '; + echo '<input type="submit" class="spaced-top" name="back" value="Zurück" />'; + + echo '</form>'; + } + } elseif(isset($_POST['copy'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' kopieren'; @@ -70,7 +120,7 @@ } elseif(isset($_POST['rename'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' umbenennen'; @@ -88,7 +138,7 @@ } elseif(isset($_POST['delete'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' löschen'; diff --git a/pages/Pages/New.c.xml b/pages/Pages/New.c.xml index aae764d..6dd1b68 100644 --- a/pages/Pages/New.c.xml +++ b/pages/Pages/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:New</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Privs.c.xml b/pages/Pages/Privs.c.xml new file mode 100644 index 0000000..5023d1e --- /dev/null +++ b/pages/Pages/Privs.c.xml @@ -0,0 +1,62 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<page> + <info> + <name>Pages:Privs</name> + <template>phpexec</template> + <access>0:0</access> + <type>c</type> + </info> + <data> + <code> + <![CDATA[ +<?PHP + require_once('code/pages.inc.php'); + require_once('code/links.inc.php'); + require_once('code/util.inc.php'); + + + if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e') + exit(); + + if($_POST['back']) { + header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false)); + exit(); + } + + if(!$_POST['name']) exit(); + + $groups = $GLOBALS['user']->ListGroups(); + array_unshift($groups, array(0)); + + $group_max = $groups[count($groups)-1][0]; + + $readaccess = implode('', array_fill(0, $group_max/4 + 1, '0')); + $writeaccess = $readaccess; + + foreach($groups as $group) { + if(!isset($_POST['group_' . $group[0]])) exit(); + + switch($_POST['group_' . $group[0]]) { + case 0: + break; + case 1: + $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4))); + break; + case 2: + $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4))); + $writeaccess[$group[0]/4] = dechex(hexdec($writeaccess[$group[0]/4]) | (1 << ($group[0]%4))); + break; + default: + exit(); + } + } + + $GLOBALS['pages']->SetAccess(Unquote($_POST['name']), $_POST['type'], array($readaccess, $writeaccess)); + + header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false)); + exit(); +?> + ]]> + </code> + </data> +</page> diff --git a/pages/Pages/Rename.c.xml b/pages/Pages/Rename.c.xml index 9744a85..236b709 100644 --- a/pages/Pages/Rename.c.xml +++ b/pages/Pages/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Rename</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Privileges.c.xml b/pages/Privileges.c.xml deleted file mode 100644 index dd263ac..0000000 --- a/pages/Privileges.c.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<page> - <info> - <name>Privileges</name> - <template>phpexec</template> - <access>0</access> - <type>c</type> - </info> - <data> - <code> - <![CDATA[ -<?PHP - require_once('code/db.inc.php'); - require_once('code/links.inc.php'); - require_once('code/pages.inc.php'); - - $title = 'Rechte'; - - echo '<h2>Rechte</h2>'; - - $type = $_GET['type']; - if($type != 'c' && $type != 'n' && $type != 'e') $type = 'c'; - - echo 'Seitentyp: '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=c') . '"'; - if($type == 'c') echo ' class="active_page_link"'; - echo '>Inhalt</a> | '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=n') . '"'; - if($type == 'n') echo ' class="active_page_link"'; - echo '>Navigation</a> | '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=e') . '"'; - if($type == 'e') echo ' class="active_page_link"'; - echo '>Editor</a><br /><br />'; - - echo '<form action="' . $GLOBALS['links']->GetNeonLink('Privileges:Update') . '" method="post">'; - - echo '<input type="hidden" name="type" value="' . $type . '" />'; - - echo '<table class="privtab">'; - - $groupres = $GLOBALS['db']->Execute('SELECT * FROM groups ORDER BY id'); - $pages = $GLOBALS['pages']->GetList(); - - $groups = $groupres->GetArray(); - array_unshift($groups, array(0, 'Gast')); - - echo '<tr class="group">'; - - echo '<td></td>'; - - foreach($groups as $group) { - echo '<td>' . $group[1] . '</td>'; - } - - echo '</tr>'; - - $linex = true; - - foreach($pages as $page) { - if($page[strlen($page)-1] != $type) continue; - - $page = substr($page, 0, -2); - - $access = $GLOBALS['pages']->GetAccess($page, $type); - - echo '<tr class="line' . ($linex ? '1' : '2') . '">'; - $linex = !$linex; - - echo '<td class="page">' . $page . '</td>'; - - foreach($groups as $group) { - echo '<td><input type="checkbox" name="' . $page . ':' . $group[0] . '" value="true" '; - if((hexdec($access[$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo 'checked="checked" '; - echo '/></td>'; - } - - echo '</tr>'; - } - - echo '<tr><td colspan="' . (count($groups)+1) . '" class="submit">'; - echo '<input type="submit" value="Ändern" class="spaced-top" />'; - echo '</td></tr>'; - - echo '</table>'; - - echo '</form>'; -?> - ]]> - </code> - </data> -</page> diff --git a/pages/Privileges/Update.c.xml b/pages/Privileges/Update.c.xml deleted file mode 100644 index a8a8c54..0000000 --- a/pages/Privileges/Update.c.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<page> - <info> - <name>Privileges:Update</name> - <template>phpexec</template> - <access>0</access> - <type>c</type> - </info> - <data> - <code> - <![CDATA[ -<?PHP - require_once('code/db.inc.php'); - require_once('code/links.inc.php'); - require_once('code/pages.inc.php'); - - if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e') - exit(); - - $groupres = $GLOBALS['db']->Execute('SELECT id FROM groups ORDER by id'); - $pages = $GLOBALS['pages']->GetList(); - - $groups = $groupres->GetArray(); - array_unshift($groups, array(0)); - - $group_max = $groups[count($groups)-1][0]; - - foreach($pages as $page) { - if($page[strlen($page)-1] != $_POST['type']) continue; - - $page = substr($page, 0, -2); - - $access = join('', array_fill(0, $group_max/4 + 1, '0')); - - foreach($groups as $group) - if(isset($_POST[$page . ':' . $group[0]])) - $access[$group[0]/4] = dechex(hexdec($access[$group[0]/4]) | (1 << ($group[0]%4))); - - $GLOBALS['pages']->SetAccess($page, $_POST['type'], $access); - } - - header('Location: ' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=' . $_POST['type'], false)); - exit(); -?> - ]]> - </code> - </data> -</page> diff --git a/pages/Users.c.xml b/pages/Users.c.xml index d268cb9..2dcd181 100644 --- a/pages/Users.c.xml +++ b/pages/Users.c.xml @@ -3,7 +3,7 @@ <info> <name>Users</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Delete.c.xml b/pages/Users/Delete.c.xml index b5307db..8c32935 100644 --- a/pages/Users/Delete.c.xml +++ b/pages/Users/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Delete</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Group.c.xml b/pages/Users/Group.c.xml index ae3b487..b48e369 100644 --- a/pages/Users/Group.c.xml +++ b/pages/Users/Group.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Group</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Handle.c.xml b/pages/Users/Handle.c.xml index 138873a..abed354 100644 --- a/pages/Users/Handle.c.xml +++ b/pages/Users/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Handle</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/New.c.xml b/pages/Users/New.c.xml index 41334e4..ac6bed9 100644 --- a/pages/Users/New.c.xml +++ b/pages/Users/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:New</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Password.c.xml b/pages/Users/Password.c.xml index 30663c0..c08cd02 100644 --- a/pages/Users/Password.c.xml +++ b/pages/Users/Password.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Password</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Rename.c.xml b/pages/Users/Rename.c.xml index 3484aba..def6aa4 100644 --- a/pages/Users/Rename.c.xml +++ b/pages/Users/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Rename</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/default.e.xml b/pages/default.e.xml index 65d2229..3c0c79e 100644 --- a/pages/default.e.xml +++ b/pages/default.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>e</type> </info> <data> diff --git a/pages/phpexec.e.xml b/pages/phpexec.e.xml index 82f0ed9..a2c390d 100644 --- a/pages/phpexec.e.xml +++ b/pages/phpexec.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>e</type> </info> <data> diff --git a/styles/TheWhiteOne/style.css b/styles/TheWhiteOne/style.css index 9821725..b64835b 100644 --- a/styles/TheWhiteOne/style.css +++ b/styles/TheWhiteOne/style.css @@ -41,7 +41,7 @@ a.active_page_link { } select.pagelist, select.userlist, select.grouplist { - width:35em; + width:100%; } textarea.pageedit { |