|
1
|
|
|
<?php |
|
2
|
|
|
/* |
|
3
|
|
|
* You may not change or alter any portion of this comment or credits |
|
4
|
|
|
* of supporting developers from this source code or any supporting source code |
|
5
|
|
|
* which is considered copyrighted (c) material of the original comment or credit authors. |
|
6
|
|
|
* |
|
7
|
|
|
* This program is distributed in the hope that it will be useful, |
|
8
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* @copyright XOOPS Project https://xoops.org/ |
|
14
|
|
|
* @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
|
15
|
|
|
* @package |
|
16
|
|
|
* @since |
|
17
|
|
|
* @author XOOPS Development Team, Kazumi Ono (AKA onokazu) |
|
18
|
|
|
*/ |
|
19
|
|
|
/** @var XoopsUser $xoopsUser */ |
|
20
|
|
|
include_once dirname(dirname(dirname(__DIR__))) . '/include/cp_header.php'; |
|
21
|
|
|
$modid = isset($_POST['modid']) ? (int)$_POST['modid'] : 0; |
|
22
|
|
|
|
|
23
|
|
|
// we don't want system module permissions to be changed here |
|
24
|
|
|
if ($modid <= 1 || !is_object($xoopsUser) || !$xoopsUser->isAdmin($modid)) { |
|
25
|
|
|
redirect_header(XOOPS_URL . '/index.php', 1, _NOPERM); |
|
26
|
|
|
} |
|
27
|
|
|
/** @var XoopsModuleHandler $module_handler */ |
|
28
|
|
|
$module_handler = xoops_getHandler('module'); |
|
29
|
|
|
/** @var \XoopsModule $module */ |
|
30
|
|
|
$module = $module_handler->get($modid); |
|
31
|
|
|
if (!is_object($module) || !$module->getVar('isactive')) { |
|
32
|
|
|
redirect_header(XOOPS_URL . '/admin.php', 1, _MODULENOEXIST); |
|
33
|
|
|
} |
|
34
|
|
|
|
|
35
|
|
|
$msg = array(); |
|
36
|
|
|
|
|
37
|
|
|
/** @var XoopsMemberHandler $member_handler */ |
|
38
|
|
|
$member_handler = xoops_getHandler('member'); |
|
39
|
|
|
$group_list = $member_handler->getGroupList(); |
|
40
|
|
|
|
|
41
|
|
|
if (is_array($_POST['perms']) && !empty($_POST['perms'])) { |
|
42
|
|
|
/** @var XoopsGroupPermHandler $gperm_handler */ |
|
43
|
|
|
$gperm_handler = xoops_getHandler('groupperm'); |
|
44
|
|
|
foreach ($_POST['perms'] as $perm_name => $perm_data) { |
|
45
|
|
|
if ($GLOBALS['xoopsSecurity']->check(true, false, $perm_name) && false !== $gperm_handler->deleteByModule($modid, $perm_name)) { |
|
46
|
|
|
foreach ($perm_data['groups'] as $group_id => $item_ids) { |
|
47
|
|
|
foreach ($item_ids as $item_id => $selected) { |
|
48
|
|
|
if ($selected == 1) { |
|
49
|
|
|
// make sure that all parent ids are selected as well |
|
50
|
|
|
if ($perm_data['parents'][$item_id] !== '') { |
|
51
|
|
|
$parent_ids = explode(':', $perm_data['parents'][$item_id]); |
|
52
|
|
|
foreach ($parent_ids as $pid) { |
|
53
|
|
|
// if ($pid != 0 && !in_array($pid, array_keys($item_ids))) { |
|
54
|
|
|
if ($pid != 0 && !array_key_exists($pid, $item_ids)) { |
|
55
|
|
|
// one of the parent items were not selected, so skip this item |
|
56
|
|
|
$msg[] = sprintf(_MD_AM_PERMADDNG, '<strong>' . $perm_name . '</strong>', '<strong>' . $perm_data['itemname'][$item_id] . '</strong>', '<strong>' . $group_list[$group_id] . '</strong>') . ' (' . _MD_AM_PERMADDNGP . ')'; |
|
57
|
|
|
continue 2; |
|
58
|
|
|
} |
|
59
|
|
|
} |
|
60
|
|
|
} |
|
61
|
|
|
/** @var XoopsGroupPerm $gperm */ |
|
62
|
|
|
$gperm = $gperm_handler->create(); |
|
63
|
|
|
$gperm->setVar('gperm_groupid', $group_id); |
|
64
|
|
|
$gperm->setVar('gperm_name', $perm_name); |
|
65
|
|
|
$gperm->setVar('gperm_modid', $modid); |
|
66
|
|
|
$gperm->setVar('gperm_itemid', $item_id); |
|
67
|
|
|
if (!$gperm_handler->insert($gperm)) { |
|
68
|
|
|
$msg[] = sprintf(_MD_AM_PERMADDNG, '<strong>' . $perm_name . '</strong>', '<strong>' . $perm_data['itemname'][$item_id] . '</strong>', '<strong>' . $group_list[$group_id] . '</strong>'); |
|
69
|
|
|
} else { |
|
70
|
|
|
$msg[] = sprintf(_MD_AM_PERMADDOK, '<strong>' . $perm_name . '</strong>', '<strong>' . $perm_data['itemname'][$item_id] . '</strong>', '<strong>' . $group_list[$group_id] . '</strong>'); |
|
71
|
|
|
} |
|
72
|
|
|
unset($gperm); |
|
73
|
|
|
} |
|
74
|
|
|
} |
|
75
|
|
|
} |
|
76
|
|
|
} else { |
|
77
|
|
|
$msg[] = sprintf(_MD_AM_PERMRESETNG, $module->getVar('name') . '(' . $perm_name . ')'); |
|
78
|
|
|
} |
|
79
|
|
|
} |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
$backlink = xoops_getenv('HTTP_REFERER'); |
|
83
|
|
|
if ($module->getVar('hasadmin')) { |
|
84
|
|
|
$adminindex = isset($_POST['redirect_url']) ? $_POST['redirect_url'] : $module->getInfo('adminindex'); |
|
85
|
|
|
if ($adminindex) { |
|
86
|
|
|
$backlink = XOOPS_URL . '/modules/' . $module->getVar('dirname') . '/' . $adminindex; |
|
|
|
|
|
|
87
|
|
|
} |
|
88
|
|
|
} |
|
89
|
|
|
$backlink = $backlink ?: XOOPS_URL . '/admin.php'; |
|
90
|
|
|
|
|
91
|
|
|
redirect_header($backlink, 2, implode('<br>', $msg)); |
|
92
|
|
|
|
XOOPS /
XoopsCore25
Loading history...