Home Explore Help
Register Sign In
biotorrents
/
Gazelle
forked from Oppaitime/Gazelle
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
BioTorrents.de’s version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1141 Commits
2 Branches
Tree: 572dce17e9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '572dce17e9'
${ noResults }
Gazelle/sections/user/permissions.php

permissions.php 4.1KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. <?php

  2. declare(strict_types=1);

  3. 

  4. // todo: Redo HTML

  5. if (!check_perms('admin_manage_permissions')) {

  6.     error(403);

  7. }

  8. if (!isset($_REQUEST['userid']) || !is_number($_REQUEST['userid'])) {

  9.     error(404);

  10. }

  11. 

  12. include(SERVER_ROOT."/classes/permissions_form.php");

  13. 

  14. list($UserID, $Username, $PermissionID) = array_values(Users::user_info($_REQUEST['userid']));

  15. 

  16. $DB->query("

  17.   SELECT CustomPermissions

  18.   FROM users_main

  19.   WHERE ID = '$UserID'");

  20. 

  21. list($Customs) = $DB->next_record(MYSQLI_NUM, false);

  22. 

  23. 

  24. $Defaults = Permissions::get_permissions_for_user($UserID, []);

  25. 

  26. $Delta = [];

  27. if (isset($_POST['action'])) {

  28.     authorize();

  29. 

  30.     foreach ($PermissionsArray as $Perm => $Explaination) {

  31.         $Setting = isset($_POST["perm_$Perm"]) ? 1 : 0;

  32.         $Default = isset($Defaults[$Perm]) ? 1 : 0;

  33.         if ($Setting != $Default) {

  34.             $Delta[$Perm] = $Setting;

  35.         }

  36.     }

  37.     if (!is_number($_POST['maxcollages']) && !empty($_POST['maxcollages'])) {

  38.         error("Please enter a valid number of extra personal collages");

  39.     }

  40.     $Delta['MaxCollages'] = $_POST['maxcollages'];

  41. 

  42.     $Cache->begin_transaction("user_info_heavy_$UserID");

  43.     $Cache->update_row(false, array('CustomPermissions' => $Delta));

  44.     $Cache->commit_transaction(0);

  45.     $DB->query("

  46.     UPDATE users_main

  47.     SET CustomPermissions = '".db_string(serialize($Delta))."'

  48.     WHERE ID = '$UserID'");

  49. } elseif (!empty($Customs)) {

  50.     $Delta = unserialize($Customs);

  51. }

  52. 

  53. $Permissions = array_merge($Defaults, $Delta);

  54. $MaxCollages = $Customs['MaxCollages'] + $Delta['MaxCollages'];

  55. 

  56. function display_perm($Key, $Title)

  57. {

  58.     global $Defaults, $Permissions;

  59.     $Perm = "<input id=\"default_$Key\" type=\"checkbox\" disabled=\"disabled\"";

  60.     if (isset($Defaults[$Key]) && $Defaults[$Key]) {

  61.         $Perm .= ' checked="checked"';

  62.     }

  63.     $Perm .= " /><input type=\"checkbox\" name=\"perm_$Key\" id=\"$Key\" value=\"1\"";

  64.     if (isset($Permissions[$Key]) && $Permissions[$Key]) {

  65.         $Perm .= ' checked="checked"';

  66.     }

  67.     $Perm .= " /> <label for=\"$Key\">$Title</label><br />";

  68.     echo "$Perm\n";

  69. }

  70. 

  71. View::show_header("$Username &gt; Permissions");

  72. ?>

  73. <script type="text/javascript">

  74.   //<![CDATA[

  75.   function reset() {

  76.     for (i = 0; i < $('#permissionsform').raw().elements.length; i++) {

  77.       element = $('#permissionsform').raw().elements[i];

  78.       if (element.id.substr(0, 8) == 'default_') {

  79.         $('#' + element.id.substr(8)).raw().checked = element.checked;

  80.       }

  81.     }

  82.   }

  83.   //]]>

  84. </script>

  85. <div class="header">

  86.   <h2><?=Users::format_username($UserID, false, false, false)?> &gt;

  87.     Permissions</h2>

  88.   <div class="linkbox">

  89.     <a href="#" onclick="reset(); return false;" class="brackets">Defaults</a>

  90.   </div>

  91. </div>

  92. <div class="box pad">

  93.   <p>Before using permissions, please understand that it allows you to both add and remove access to specific features.

  94.     If you think that to add access to a feature, you need to uncheck everything else, <strong>YOU ARE WRONG</strong>.

  95.     The check boxes on the left, which are grayed out, are the standard permissions granted by their class (and

  96.     donor/artist status). Any changes you make to the right side will overwrite this. It's not complicated, and if you

  97.     screw up, click the "Defaults" link at the top. It will reset the user to their respective features granted by

  98.     class, then you can select or deselect the one or two things you want to change. <strong>DO NOT DESELECT

  99.       EVERYTHING.</strong> If you need further clarification, ask a developer before using this tool.</p>

  100. </div>

  101. <br />

  102. <form class="manage_form" name="permissions" id="permissionsform" method="post" action="">

  103.   <table class="permission_head skeleton-fix">

  104.     <tr>

  105.       <td class="label">Extra personal collages</td>

  106.       <td><input type="text" name="maxcollages" size="5"

  107.           value="<?=($MaxCollages ? $MaxCollages : '0') ?>" />

  108.       </td>

  109.     </tr>

  110.   </table>

  111.   <input type="hidden" name="action" value="permissions" />

  112.   <input type="hidden" name="auth"

  113.     value="<?=$LoggedUser['AuthKey']?>" />

  114.   <input type="hidden" name="id"

  115.     value="<?=$_REQUEST['userid']?>" />

  116.   <?php

  117. permissions_form();

  118. ?>

  119. </form>

  120. <?php View::show_footer();