diff options
Diffstat (limited to 'pages/Privileges')
-rw-r--r-- | pages/Privileges/Update.c.xml | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/pages/Privileges/Update.c.xml b/pages/Privileges/Update.c.xml new file mode 100644 index 0000000..033bb7f --- /dev/null +++ b/pages/Privileges/Update.c.xml @@ -0,0 +1,77 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<page> + <info> + <name>Privileges:Update</name> + <template>phpexec</template> + <access>00</access> + <type>c</type> + </info> + <data> + <code> + <![CDATA[ +<?PHP + require_once('code/db.inc.php'); + require_once('code/links.inc.php'); + require_once('code/pages.inc.php'); + + if($_POST['type'] != 'c' && $_POST['type'] != 'n' && $_POST['type'] != 'e') + exit(); + + $groupres = $GLOBALS['db']->Execute('SELECT id FROM groups ORDER by id'); + $pages = $GLOBALS['pages']->GetList(); + + $groups = $groupres->GetArray(); + array_unshift($groups, array(0)); + + $group_max = $groups[count($groups)-1][0]; + + foreach($pages as $page) { + if($page[strlen($page)-1] != $_POST['type']) continue; + + $page = substr($page, 0, -2); + + $access = array_fill(0, $group_max/8 + 1, 0); + + foreach($groups as $group) { + if(isset($_POST[$page . ':' . $group[0]])) + $access[$group[0]/8] |= (1 << ($group[0]%8)); + } + + $privileges = join('', array_map('chr', $access)); + + $GLOBALS['db']->Execute('UPDATE pages SET access = ? WHERE name = ?', array($privileges, $page)); + + if($GLOBALS['db']->Affected_Rows()) continue; + + $pagedata = $GLOBALS['pages']->GetPageData($page, $_POST['type']); + + $access = ''; + + for($i = 0; $i < strlen($pagedata['access']); $i+=2) + $access .= chr(hexdec(substr($pagedata['access'], $i, 2))); + + if($access == substr($privileges, 0, strlen($access))) { + for($i = strlen($access); $i < strlen($privileges); $i++) + if($privileges[$i] != 0) break; + + if($i == strlen($privileges)) continue; + } + + $string = ''; + + foreach($pagedata['data'] as $key => $val) + $string .= urlencode($key) . '=' . urlencode($val) . '&'; + + $GLOBALS['db']->Execute('INSERT INTO pages (name, template, access, data, type) VALUES (?, ?, ?, ?, ?)', + array($page, $pagedata['template'], $access, $string, $_POST['type'])); + } + + header('Location: ' . $GLOBALS['links']->GetNeonLink('Privileges', 'type=' . $_POST['type'], false)); + exit(); + + $GLOBALS['pages']->GetPageData() +?> + ]]> + </code> + </data> +</page> |