diff options
author | neoraider <devnull@localhost> | 2006-04-16 22:21:01 +0200 |
---|---|---|
committer | neoraider <devnull@localhost> | 2006-04-16 22:21:01 +0200 |
commit | bde164393aa3b8c59ee15c0ae80c4268b236fb47 (patch) | |
tree | 9972504ddb25387ac1d20085e126afb583a66a19 /pages | |
parent | ac0c6f0b35a99fed2308aef85df818db3d871a95 (diff) | |
download | neon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.tar neon-bde164393aa3b8c59ee15c0ae80c4268b236fb47.zip |
Rechteverwaltung ?berarbeitet.
Diffstat (limited to 'pages')
-rw-r--r-- | pages/Login.c.xml | 2 | ||||
-rw-r--r-- | pages/Login.n.xml | 2 | ||||
-rw-r--r-- | pages/Logout.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages.c.xml | 3 | ||||
-rw-r--r-- | pages/Pages/Copy.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Delete.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Edit.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Handle.c.xml | 58 | ||||
-rw-r--r-- | pages/Pages/New.c.xml | 2 | ||||
-rw-r--r-- | pages/Pages/Privs.c.xml | 62 | ||||
-rw-r--r-- | pages/Pages/Rename.c.xml | 2 | ||||
-rw-r--r-- | pages/Privileges.c.xml | 91 | ||||
-rw-r--r-- | pages/Privileges/Update.c.xml | 48 | ||||
-rw-r--r-- | pages/Users.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Delete.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Group.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Handle.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/New.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Password.c.xml | 2 | ||||
-rw-r--r-- | pages/Users/Rename.c.xml | 2 | ||||
-rw-r--r-- | pages/default.e.xml | 2 | ||||
-rw-r--r-- | pages/phpexec.e.xml | 2 |
22 files changed, 135 insertions, 161 deletions
diff --git a/pages/Login.c.xml b/pages/Login.c.xml index 666bf4e..3f69400 100644 --- a/pages/Login.c.xml +++ b/pages/Login.c.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>1</access> + <access>1:0</access> <type>c</type> </info> <data> diff --git a/pages/Login.n.xml b/pages/Login.n.xml index 4e58e32..71fb2b3 100644 --- a/pages/Login.n.xml +++ b/pages/Login.n.xml @@ -3,7 +3,7 @@ <info> <name>Login</name> <template>phpexec</template> - <access>1</access> + <access>1:0</access> <type>n</type> </info> <data> diff --git a/pages/Logout.c.xml b/pages/Logout.c.xml index 88bbae3..9447dca 100644 --- a/pages/Logout.c.xml +++ b/pages/Logout.c.xml @@ -3,7 +3,7 @@ <info> <name>Logout</name> <template>phpexec</template> - <access>8</access> + <access>8:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages.c.xml b/pages/Pages.c.xml index 7722ac5..f9db838 100644 --- a/pages/Pages.c.xml +++ b/pages/Pages.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> @@ -47,6 +47,7 @@ echo '<input type="submit" name="view" value="Anzeigen" /> '; echo '<input type="submit" name="new" value="Neu" /> '; echo '<input type="submit" name="edit" value="Bearbeiten" /> '; + echo '<input type="submit" name="privs" value="Rechte ändern" /> '; echo '<input type="submit" name="copy" value="Kopieren" /> '; echo '<input type="submit" name="rename" value="Umbenennen" /> '; echo '<input type="submit" name="delete" value="Löschen" />'; diff --git a/pages/Pages/Copy.c.xml b/pages/Pages/Copy.c.xml index e0b2ea8..79becca 100644 --- a/pages/Pages/Copy.c.xml +++ b/pages/Pages/Copy.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Copy</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Delete.c.xml b/pages/Pages/Delete.c.xml index 60d7cb6..07e6ff3 100644 --- a/pages/Pages/Delete.c.xml +++ b/pages/Pages/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Delete</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Edit.c.xml b/pages/Pages/Edit.c.xml index 6680ef6..dfe9a51 100644 --- a/pages/Pages/Edit.c.xml +++ b/pages/Pages/Edit.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Edit</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Handle.c.xml b/pages/Pages/Handle.c.xml index 47fa776..734c62d 100644 --- a/pages/Pages/Handle.c.xml +++ b/pages/Pages/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Handle</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> @@ -51,9 +51,59 @@ echo $data['content']; } } + elseif(isset($_POST['privs'])) { + if($_POST['name']) { + $name = htmlspecialchars(Unquote($_POST['name'])); + + $title = 'Rechte von \'' . $name . '\' ändern'; + + echo '<h2>Rechte von \'' . $name . '\' ändern</h2>'; + + $access = $GLOBALS['pages']->GetAccess(Unquote($_POST['name']), $_POST['type']); + $groups = $GLOBALS['user']->ListGroups(); + + array_unshift($groups, array(0, 'Gast')); + + echo '<form action="' . $GLOBALS['links']->GetNeonLink('Pages:Privs') . '" method="post">'; + + echo '<input type="hidden" name="name" value="' . $name . '" />'; + echo '<input type="hidden" name="type" value="' . $_POST['type'] . '" />'; + + echo '<table>'; + + foreach($groups as $group) { + echo '<tr><td>' . htmlspecialchars($group[1]) . '</td><td>'; + + echo '<select size="1" name="group_' . $group[0] . '">'; + + echo '<option value="0"'; + if((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) == 0) echo ' selected="selected"'; + echo '>Kein Zugriff</option>'; + + echo '<option value="1"'; + if(((hexdec($access[0][$group[0]/4]) & (1 << ($group[0]%4))) != 0) + && ((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) == 0)) + echo ' selected="selected"'; + echo '>Nur lesen</option>'; + + echo '<option value="2"'; + if((hexdec($access[1][$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo ' selected="selected"'; + echo '>Lesen und schreiben</option>'; + + echo '</select></td></tr>'; + } + + echo '</table>'; + + echo '<input type="submit" class="spaced-top" value="Ändern" /> '; + echo '<input type="submit" class="spaced-top" name="back" value="Zurück" />'; + + echo '</form>'; + } + } elseif(isset($_POST['copy'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' kopieren'; @@ -70,7 +120,7 @@ } elseif(isset($_POST['rename'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' umbenennen'; @@ -88,7 +138,7 @@ } elseif(isset($_POST['delete'])) { if($_POST['name']) { - $name = strtr(Unquote($_POST['name']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars(Unquote($_POST['name'])); $title = '\'' . $name . '\' löschen'; diff --git a/pages/Pages/New.c.xml b/pages/Pages/New.c.xml index aae764d..6dd1b68 100644 --- a/pages/Pages/New.c.xml +++ b/pages/Pages/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:New</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Pages/Privs.c.xml b/pages/Pages/Privs.c.xml new file mode 100644 index 0000000..5023d1e --- /dev/null +++ b/pages/Pages/Privs.c.xml @@ -0,0 +1,62 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<page> + <info> + <name>Pages:Privs</name> + <template>phpexec</template> + <access>0:0</access> + <type>c</type> + </info> + <data> + <code> + <![CDATA[ +<?PHP + require_once('code/pages.inc.php'); + require_once('code/links.inc.php'); + require_once('code/util.inc.php'); + + + if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e') + exit(); + + if($_POST['back']) { + header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false)); + exit(); + } + + if(!$_POST['name']) exit(); + + $groups = $GLOBALS['user']->ListGroups(); + array_unshift($groups, array(0)); + + $group_max = $groups[count($groups)-1][0]; + + $readaccess = implode('', array_fill(0, $group_max/4 + 1, '0')); + $writeaccess = $readaccess; + + foreach($groups as $group) { + if(!isset($_POST['group_' . $group[0]])) exit(); + + switch($_POST['group_' . $group[0]]) { + case 0: + break; + case 1: + $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4))); + break; + case 2: + $readaccess[$group[0]/4] = dechex(hexdec($readaccess[$group[0]/4]) | (1 << ($group[0]%4))); + $writeaccess[$group[0]/4] = dechex(hexdec($writeaccess[$group[0]/4]) | (1 << ($group[0]%4))); + break; + default: + exit(); + } + } + + $GLOBALS['pages']->SetAccess(Unquote($_POST['name']), $_POST['type'], array($readaccess, $writeaccess)); + + header('Location: ' . $GLOBALS['links']->GetNeonLink('Pages', 'type=' . $_POST['type'], false)); + exit(); +?> + ]]> + </code> + </data> +</page> diff --git a/pages/Pages/Rename.c.xml b/pages/Pages/Rename.c.xml index 9744a85..236b709 100644 --- a/pages/Pages/Rename.c.xml +++ b/pages/Pages/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Pages:Rename</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Privileges.c.xml b/pages/Privileges.c.xml deleted file mode 100644 index dd263ac..0000000 --- a/pages/Privileges.c.xml +++ /dev/null @@ -1,91 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<page> - <info> - <name>Privileges</name> - <template>phpexec</template> - <access>0</access> - <type>c</type> - </info> - <data> - <code> - <![CDATA[ -<?PHP - require_once('code/db.inc.php'); - require_once('code/links.inc.php'); - require_once('code/pages.inc.php'); - - $title = 'Rechte'; - - echo '<h2>Rechte</h2>'; - - $type = $_GET['type']; - if($type != 'c' && $type != 'n' && $type != 'e') $type = 'c'; - - echo 'Seitentyp: '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=c') . '"'; - if($type == 'c') echo ' class="active_page_link"'; - echo '>Inhalt</a> | '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=n') . '"'; - if($type == 'n') echo ' class="active_page_link"'; - echo '>Navigation</a> | '; - echo '<a href="' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=e') . '"'; - if($type == 'e') echo ' class="active_page_link"'; - echo '>Editor</a><br /><br />'; - - echo '<form action="' . $GLOBALS['links']->GetNeonLink('Privileges:Update') . '" method="post">'; - - echo '<input type="hidden" name="type" value="' . $type . '" />'; - - echo '<table class="privtab">'; - - $groupres = $GLOBALS['db']->Execute('SELECT * FROM groups ORDER BY id'); - $pages = $GLOBALS['pages']->GetList(); - - $groups = $groupres->GetArray(); - array_unshift($groups, array(0, 'Gast')); - - echo '<tr class="group">'; - - echo '<td></td>'; - - foreach($groups as $group) { - echo '<td>' . $group[1] . '</td>'; - } - - echo '</tr>'; - - $linex = true; - - foreach($pages as $page) { - if($page[strlen($page)-1] != $type) continue; - - $page = substr($page, 0, -2); - - $access = $GLOBALS['pages']->GetAccess($page, $type); - - echo '<tr class="line' . ($linex ? '1' : '2') . '">'; - $linex = !$linex; - - echo '<td class="page">' . $page . '</td>'; - - foreach($groups as $group) { - echo '<td><input type="checkbox" name="' . $page . ':' . $group[0] . '" value="true" '; - if((hexdec($access[$group[0]/4]) & (1 << ($group[0]%4))) != 0) echo 'checked="checked" '; - echo '/></td>'; - } - - echo '</tr>'; - } - - echo '<tr><td colspan="' . (count($groups)+1) . '" class="submit">'; - echo '<input type="submit" value="Ändern" class="spaced-top" />'; - echo '</td></tr>'; - - echo '</table>'; - - echo '</form>'; -?> - ]]> - </code> - </data> -</page> diff --git a/pages/Privileges/Update.c.xml b/pages/Privileges/Update.c.xml deleted file mode 100644 index a8a8c54..0000000 --- a/pages/Privileges/Update.c.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<page> - <info> - <name>Privileges:Update</name> - <template>phpexec</template> - <access>0</access> - <type>c</type> - </info> - <data> - <code> - <![CDATA[ -<?PHP - require_once('code/db.inc.php'); - require_once('code/links.inc.php'); - require_once('code/pages.inc.php'); - - if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e') - exit(); - - $groupres = $GLOBALS['db']->Execute('SELECT id FROM groups ORDER by id'); - $pages = $GLOBALS['pages']->GetList(); - - $groups = $groupres->GetArray(); - array_unshift($groups, array(0)); - - $group_max = $groups[count($groups)-1][0]; - - foreach($pages as $page) { - if($page[strlen($page)-1] != $_POST['type']) continue; - - $page = substr($page, 0, -2); - - $access = join('', array_fill(0, $group_max/4 + 1, '0')); - - foreach($groups as $group) - if(isset($_POST[$page . ':' . $group[0]])) - $access[$group[0]/4] = dechex(hexdec($access[$group[0]/4]) | (1 << ($group[0]%4))); - - $GLOBALS['pages']->SetAccess($page, $_POST['type'], $access); - } - - header('Location: ' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=' . $_POST['type'], false)); - exit(); -?> - ]]> - </code> - </data> -</page> diff --git a/pages/Users.c.xml b/pages/Users.c.xml index d268cb9..2dcd181 100644 --- a/pages/Users.c.xml +++ b/pages/Users.c.xml @@ -3,7 +3,7 @@ <info> <name>Users</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Delete.c.xml b/pages/Users/Delete.c.xml index b5307db..8c32935 100644 --- a/pages/Users/Delete.c.xml +++ b/pages/Users/Delete.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Delete</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Group.c.xml b/pages/Users/Group.c.xml index ae3b487..b48e369 100644 --- a/pages/Users/Group.c.xml +++ b/pages/Users/Group.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Group</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Handle.c.xml b/pages/Users/Handle.c.xml index 138873a..abed354 100644 --- a/pages/Users/Handle.c.xml +++ b/pages/Users/Handle.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Handle</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/New.c.xml b/pages/Users/New.c.xml index 41334e4..ac6bed9 100644 --- a/pages/Users/New.c.xml +++ b/pages/Users/New.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:New</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Password.c.xml b/pages/Users/Password.c.xml index 30663c0..c08cd02 100644 --- a/pages/Users/Password.c.xml +++ b/pages/Users/Password.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Password</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/Users/Rename.c.xml b/pages/Users/Rename.c.xml index 3484aba..def6aa4 100644 --- a/pages/Users/Rename.c.xml +++ b/pages/Users/Rename.c.xml @@ -3,7 +3,7 @@ <info> <name>Users:Rename</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>c</type> </info> <data> diff --git a/pages/default.e.xml b/pages/default.e.xml index 65d2229..3c0c79e 100644 --- a/pages/default.e.xml +++ b/pages/default.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>e</type> </info> <data> diff --git a/pages/phpexec.e.xml b/pages/phpexec.e.xml index 82f0ed9..a2c390d 100644 --- a/pages/phpexec.e.xml +++ b/pages/phpexec.e.xml @@ -3,7 +3,7 @@ <info> <name>phpexec</name> <template>phpexec</template> - <access>0</access> + <access>0:0</access> <type>e</type> </info> <data> |