summaryrefslogtreecommitdiffstats
path: root/pages
diff options
context:
space:
mode:
authorneoraider <devnull@localhost>2006-04-16 22:21:01 +0200
committerneoraider <devnull@localhost>2006-04-16 22:21:01 +0200
commitbde164393aa3b8c59ee15c0ae80c4268b236fb47 (patch)
tree9972504ddb25387ac1d20085e126afb583a66a19 /pages
parentac0c6f0b35a99fed2308aef85df818db3d871a95 (diff)
downloadneon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.tar
neon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.zip
Rechteverwaltung ?berarbeitet.
Diffstat (limited to 'pages')
-rw-r--r--pages/Login.c.xml2
-rw-r--r--pages/Login.n.xml2
-rw-r--r--pages/Logout.c.xml2
-rw-r--r--pages/Pages.c.xml3
-rw-r--r--pages/Pages/Copy.c.xml2
-rw-r--r--pages/Pages/Delete.c.xml2
-rw-r--r--pages/Pages/Edit.c.xml2
-rw-r--r--pages/Pages/Handle.c.xml58
-rw-r--r--pages/Pages/New.c.xml2
-rw-r--r--pages/Pages/Privs.c.xml62
-rw-r--r--pages/Pages/Rename.c.xml2
-rw-r--r--pages/Privileges.c.xml91
-rw-r--r--pages/Privileges/Update.c.xml48
-rw-r--r--pages/Users.c.xml2
-rw-r--r--pages/Users/Delete.c.xml2
-rw-r--r--pages/Users/Group.c.xml2
-rw-r--r--pages/Users/Handle.c.xml2
-rw-r--r--pages/Users/New.c.xml2
-rw-r--r--pages/Users/Password.c.xml2
-rw-r--r--pages/Users/Rename.c.xml2
-rw-r--r--pages/default.e.xml2
-rw-r--r--pages/phpexec.e.xml2
22 files changed, 135 insertions, 161 deletions
diff --git a/pages/Login.c.xml b/pages/Login.c.xml
index 666bf4e..3f69400 100644
--- a/pages/Login.c.xml
+++ b/pages/Login.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Login</name>
<template>phpexec</template>
- <access>1</access>
+ <access>1:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Login.n.xml b/pages/Login.n.xml
index 4e58e32..71fb2b3 100644
--- a/pages/Login.n.xml
+++ b/pages/Login.n.xml
@@ -3,7 +3,7 @@
<info>
<name>Login</name>
<template>phpexec</template>
- <access>1</access>
+ <access>1:0</access>
<type>n</type>
</info>
<data>
diff --git a/pages/Logout.c.xml b/pages/Logout.c.xml
index 88bbae3..9447dca 100644
--- a/pages/Logout.c.xml
+++ b/pages/Logout.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Logout</name>
<template>phpexec</template>
- <access>8</access>
+ <access>8:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Pages.c.xml b/pages/Pages.c.xml
index 7722ac5..f9db838 100644
--- a/pages/Pages.c.xml
+++ b/pages/Pages.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
@@ -47,6 +47,7 @@
echo '<input type="submit" name="view" value="Anzeigen" /> ';
echo '<input type="submit" name="new" value="Neu" /> ';
echo '<input type="submit" name="edit" value="Bearbeiten" /> ';
+ echo '<input type="submit" name="privs" value="Rechte ändern" /> ';
echo '<input type="submit" name="copy" value="Kopieren" /> ';
echo '<input type="submit" name="rename" value="Umbenennen" /> ';
echo '<input type="submit" name="delete" value="Löschen" />';
diff --git a/pages/Pages/Copy.c.xml b/pages/Pages/Copy.c.xml
index e0b2ea8..79becca 100644
--- a/pages/Pages/Copy.c.xml
+++ b/pages/Pages/Copy.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:Copy</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Pages/Delete.c.xml b/pages/Pages/Delete.c.xml
index 60d7cb6..07e6ff3 100644
--- a/pages/Pages/Delete.c.xml
+++ b/pages/Pages/Delete.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:Delete</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Pages/Edit.c.xml b/pages/Pages/Edit.c.xml
index 6680ef6..dfe9a51 100644
--- a/pages/Pages/Edit.c.xml
+++ b/pages/Pages/Edit.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:Edit</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Pages/Handle.c.xml b/pages/Pages/Handle.c.xml
index 47fa776..734c62d 100644
--- a/pages/Pages/Handle.c.xml
+++ b/pages/Pages/Handle.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:Handle</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
@@ -51,9 +51,59 @@
echo $data['content'];
}
}
+ elseif(isset($_POST['privs'])) {
+ if($_POST['name']) {
+ $name = htmlspecialchars(Unquote($_POST['name']));
+
+ $title = 'Rechte von \'' . $name . '\' ändern';
+
+ echo '<h2>Rechte von \'' . $name . '\' ändern</h2>';
+
+ $access = $GLOBALS['pages']->GetAccess(Unquote($_POST['name']), $_POST['type']);
+ $groups = $GLOBALS['user']->ListGroups();
+
+ array_unshift($groups, array(0, 'Gast'));
+
+ echo '<form action="' . $GLOBALS['links']->GetNeonLink('Pages:Privs') . '" method="post">';
+
+ echo '<input type="hidden" name="name" value="' . $name . '" />';
+ echo '<input type="hidden" name="type" value="' . $_POST['type'] . '" />';
+
+ echo '<table>';
+
+ foreach($groups as $group) {
+ echo '<tr><td>' . htmlspecialchars($group[1]) . '</td><td>';
+
+ echo '<select size="1" name="group_' . $group[0] . '">';
+
+ echo '<option value="0"';
+ if((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) == 0) echo ' selected="selected"';
+ echo '>Kein Zugriff</option>';
+
+ echo '<option value="1"';
+ if(((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) != 0)
+ && ((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) == 0))
+ echo ' selected="selected"';
+ echo '>Nur lesen</option>';
+
+ echo '<option value="2"';
+ if((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo ' selected="selected"';
+ echo '>Lesen und schreiben</option>';
+
+ echo '</select></td></tr>';
+ }
+
+ echo '</table>';
+
+ echo '<input type="submit" class="spaced-top" value="Ändern" /> ';
+ echo '<input type="submit" class="spaced-top" name="back" value="Zurück" />';
+
+ echo '</form>';
+ }
+ }
elseif(isset($_POST['copy'])) {
if($_POST['name']) {
- $name = strtr(Unquote($_POST['name']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ $name = htmlspecialchars(Unquote($_POST['name']));
$title = '\'' . $name . '\' kopieren';
@@ -70,7 +120,7 @@
}
elseif(isset($_POST['rename'])) {
if($_POST['name']) {
- $name = strtr(Unquote($_POST['name']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ $name = htmlspecialchars(Unquote($_POST['name']));
$title = '\'' . $name . '\' umbenennen';
@@ -88,7 +138,7 @@
}
elseif(isset($_POST['delete'])) {
if($_POST['name']) {
- $name = strtr(Unquote($_POST['name']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ $name = htmlspecialchars(Unquote($_POST['name']));
$title = '\'' . $name . '\' löschen';
diff --git a/pages/Pages/New.c.xml b/pages/Pages/New.c.xml
index aae764d..6dd1b68 100644
--- a/pages/Pages/New.c.xml
+++ b/pages/Pages/New.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:New</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Pages/Privs.c.xml b/pages/Pages/Privs.c.xml
new file mode 100644
index 0000000..5023d1e
--- /dev/null
+++ b/pages/Pages/Privs.c.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<page>
+ <info>
+ <name>Pages:Privs</name>
+ <template>phpexec</template>
+ <access>0:0</access>
+ <type>c</type>
+ </info>
+ <data>
+ <code>
+ <![CDATA[
+<?PHP
+ require_once('code/pages.inc.php');
+ require_once('code/links.inc.php');
+ require_once('code/util.inc.php');
+
+
+ if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e')
+ exit();
+
+ if($_POST['back']) {
+ header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false));
+ exit();
+ }
+
+ if(!$_POST['name']) exit();
+
+ $groups = $GLOBALS['user']->ListGroups();
+ array_unshift($groups, array(0));
+
+ $group_max = $groups[count($groups)-1][0];
+
+ $readaccess = implode('', array_fill(0, $group_max/4 + 1, '0'));
+ $writeaccess = $readaccess;
+
+ foreach($groups as $group) {
+ if(!isset($_POST['group_' . $group[0]])) exit();
+
+ switch($_POST['group_' . $group[0]]) {
+ case 0:
+ break;
+ case 1:
+ $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4)));
+ break;
+ case 2:
+ $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4)));
+ $writeaccess[$group[0]/4] = dechex(hexdec($writeaccess[$group[0]/4]) | (1 << ($group[0]%4)));
+ break;
+ default:
+ exit();
+ }
+ }
+
+ $GLOBALS['pages']->SetAccess(Unquote($_POST['name']), $_POST['type'], array($readaccess, $writeaccess));
+
+ header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false));
+ exit();
+?>
+ ]]>
+ </code>
+ </data>
+</page>
diff --git a/pages/Pages/Rename.c.xml b/pages/Pages/Rename.c.xml
index 9744a85..236b709 100644
--- a/pages/Pages/Rename.c.xml
+++ b/pages/Pages/Rename.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Pages:Rename</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Privileges.c.xml b/pages/Privileges.c.xml
deleted file mode 100644
index dd263ac..0000000
--- a/pages/Privileges.c.xml
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<page>
- <info>
- <name>Privileges</name>
- <template>phpexec</template>
- <access>0</access>
- <type>c</type>
- </info>
- <data>
- <code>
- <![CDATA[
-<?PHP
- require_once('code/db.inc.php');
- require_once('code/links.inc.php');
- require_once('code/pages.inc.php');
-
- $title = 'Rechte';
-
- echo '<h2>Rechte</h2>';
-
- $type = $_GET['type'];
- if($type != 'c' && $type != 'n' && $type != 'e') $type = 'c';
-
- echo 'Seitentyp: ';
- echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=c') . '"';
- if($type == 'c') echo ' class="active_page_link"';
- echo '>Inhalt</a> | ';
- echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=n') . '"';
- if($type == 'n') echo ' class="active_page_link"';
- echo '>Navigation</a> | ';
- echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=e') . '"';
- if($type == 'e') echo ' class="active_page_link"';
- echo '>Editor</a><br /><br />';
-
- echo '<form action="' . $GLOBALS['links']->GetNeonLink('Privileges:Update') . '" method="post">';
-
- echo '<input type="hidden" name="type" value="' . $type . '" />';
-
- echo '<table class="privtab">';
-
- $groupres = $GLOBALS['db']->Execute('SELECT * FROM groups ORDER BY id');
- $pages = $GLOBALS['pages']->GetList();
-
- $groups = $groupres->GetArray();
- array_unshift($groups, array(0, 'Gast'));
-
- echo '<tr class="group">';
-
- echo '<td></td>';
-
- foreach($groups as $group) {
- echo '<td>' . $group[1] . '</td>';
- }
-
- echo '</tr>';
-
- $linex = true;
-
- foreach($pages as $page) {
- if($page[strlen($page)-1] != $type) continue;
-
- $page = substr($page, 0, -2);
-
- $access = $GLOBALS['pages']->GetAccess($page, $type);
-
- echo '<tr class="line' . ($linex ? '1' : '2') . '">';
- $linex = !$linex;
-
- echo '<td class="page">' . $page . '</td>';
-
- foreach($groups as $group) {
- echo '<td><input type="checkbox" name="' . $page . ':' . $group[0] . '" value="true" ';
- if((hexdec($access[$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo 'checked="checked" ';
- echo '/></td>';
- }
-
- echo '</tr>';
- }
-
- echo '<tr><td colspan="' . (count($groups)+1) . '" class="submit">';
- echo '<input type="submit" value="Ändern" class="spaced-top" />';
- echo '</td></tr>';
-
- echo '</table>';
-
- echo '</form>';
-?>
- ]]>
- </code>
- </data>
-</page>
diff --git a/pages/Privileges/Update.c.xml b/pages/Privileges/Update.c.xml
deleted file mode 100644
index a8a8c54..0000000
--- a/pages/Privileges/Update.c.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<page>
- <info>
- <name>Privileges:Update</name>
- <template>phpexec</template>
- <access>0</access>
- <type>c</type>
- </info>
- <data>
- <code>
- <![CDATA[
-<?PHP
- require_once('code/db.inc.php');
- require_once('code/links.inc.php');
- require_once('code/pages.inc.php');
-
- if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e')
- exit();
-
- $groupres = $GLOBALS['db']->Execute('SELECT id FROM groups ORDER by id');
- $pages = $GLOBALS['pages']->GetList();
-
- $groups = $groupres->GetArray();
- array_unshift($groups, array(0));
-
- $group_max = $groups[count($groups)-1][0];
-
- foreach($pages as $page) {
- if($page[strlen($page)-1] != $_POST['type']) continue;
-
- $page = substr($page, 0, -2);
-
- $access = join('', array_fill(0, $group_max/4 + 1, '0'));
-
- foreach($groups as $group)
- if(isset($_POST[$page . ':' . $group[0]]))
- $access[$group[0]/4] = dechex(hexdec($access[$group[0]/4]) | (1 << ($group[0]%4)));
-
- $GLOBALS['pages']->SetAccess($page, $_POST['type'], $access);
- }
-
- header('Location: ' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=' . $_POST['type'], false));
- exit();
-?>
- ]]>
- </code>
- </data>
-</page>
diff --git a/pages/Users.c.xml b/pages/Users.c.xml
index d268cb9..2dcd181 100644
--- a/pages/Users.c.xml
+++ b/pages/Users.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/Delete.c.xml b/pages/Users/Delete.c.xml
index b5307db..8c32935 100644
--- a/pages/Users/Delete.c.xml
+++ b/pages/Users/Delete.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:Delete</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/Group.c.xml b/pages/Users/Group.c.xml
index ae3b487..b48e369 100644
--- a/pages/Users/Group.c.xml
+++ b/pages/Users/Group.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:Group</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/Handle.c.xml b/pages/Users/Handle.c.xml
index 138873a..abed354 100644
--- a/pages/Users/Handle.c.xml
+++ b/pages/Users/Handle.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:Handle</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/New.c.xml b/pages/Users/New.c.xml
index 41334e4..ac6bed9 100644
--- a/pages/Users/New.c.xml
+++ b/pages/Users/New.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:New</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/Password.c.xml b/pages/Users/Password.c.xml
index 30663c0..c08cd02 100644
--- a/pages/Users/Password.c.xml
+++ b/pages/Users/Password.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:Password</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/Users/Rename.c.xml b/pages/Users/Rename.c.xml
index 3484aba..def6aa4 100644
--- a/pages/Users/Rename.c.xml
+++ b/pages/Users/Rename.c.xml
@@ -3,7 +3,7 @@
<info>
<name>Users:Rename</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>c</type>
</info>
<data>
diff --git a/pages/default.e.xml b/pages/default.e.xml
index 65d2229..3c0c79e 100644
--- a/pages/default.e.xml
+++ b/pages/default.e.xml
@@ -3,7 +3,7 @@
<info>
<name>phpexec</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>e</type>
</info>
<data>
diff --git a/pages/phpexec.e.xml b/pages/phpexec.e.xml
index 82f0ed9..a2c390d 100644
--- a/pages/phpexec.e.xml
+++ b/pages/phpexec.e.xml
@@ -3,7 +3,7 @@
<info>
<name>phpexec</name>
<template>phpexec</template>
- <access>0</access>
+ <access>0:0</access>
<type>e</type>
</info>
<data>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 12:25:50 +0200