thorsten /
phpMyFAQ
| @@ 73-95 (lines=23) @@ | ||
| 70 | } |
|
| 71 | ||
| 72 | // update group members |
|
| 73 | if ($groupAction == 'update_members' && $user->perm->checkRight($user->getUserId(), 'editgroup')) { |
|
| 74 | $message = ''; |
|
| 75 | $groupAction = $defaultGroupAction; |
|
| 76 | $groupId = Filter::filterInput(INPUT_POST, 'group_id', FILTER_VALIDATE_INT, 0); |
|
| 77 | $groupMembers = isset($_POST['group_members']) ? $_POST['group_members'] : []; |
|
| 78 | ||
| 79 | if ($groupId == 0) { |
|
| 80 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_user_error_noId']); |
|
| 81 | } else { |
|
| 82 | $user = new User($faqConfig); |
|
| 83 | $perm = $user->perm; |
|
| 84 | if (!$perm->removeAllUsersFromGroup($groupId)) { |
|
| 85 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_msg_mysqlerr']); |
|
| 86 | } |
|
| 87 | foreach ($groupMembers as $memberId) { |
|
| 88 | $perm->addToGroup((int)$memberId, $groupId); |
|
| 89 | } |
|
| 90 | $message .= sprintf('<p class="alert alert-success">%s <strong>%s</strong> %s</p>', |
|
| 91 | $PMF_LANG['ad_msg_savedsuc_1'], |
|
| 92 | $perm->getGroupName($groupId), |
|
| 93 | $PMF_LANG['ad_msg_savedsuc_2']); |
|
| 94 | } |
|
| 95 | } |
|
| 96 | ||
| 97 | // update group rights |
|
| 98 | if ($groupAction == 'update_rights' && $user->perm->checkRight($user->getUserId(), 'editgroup')) { |
|
| @@ 98-119 (lines=22) @@ | ||
| 95 | } |
|
| 96 | ||
| 97 | // update group rights |
|
| 98 | if ($groupAction == 'update_rights' && $user->perm->checkRight($user->getUserId(), 'editgroup')) { |
|
| 99 | $message = ''; |
|
| 100 | $groupAction = $defaultGroupAction; |
|
| 101 | $groupId = Filter::filterInput(INPUT_POST, 'group_id', FILTER_VALIDATE_INT, 0); |
|
| 102 | if ($groupId == 0) { |
|
| 103 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_user_error_noId']); |
|
| 104 | } else { |
|
| 105 | $user = new User($faqConfig); |
|
| 106 | $perm = $user->perm; |
|
| 107 | $groupRights = isset($_POST['group_rights']) ? $_POST['group_rights'] : []; |
|
| 108 | if (!$perm->refuseAllGroupRights($groupId)) { |
|
| 109 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_msg_mysqlerr']); |
|
| 110 | } |
|
| 111 | foreach ($groupRights as $rightId) { |
|
| 112 | $perm->grantGroupRight($groupId, (int)$rightId); |
|
| 113 | } |
|
| 114 | $message .= sprintf('<p class="alert alert-success">%s <strong>%s</strong> %s</p>', |
|
| 115 | $PMF_LANG['ad_msg_savedsuc_1'], |
|
| 116 | $perm->getGroupName($groupId), |
|
| 117 | $PMF_LANG['ad_msg_savedsuc_2']); |
|
| 118 | } |
|
| 119 | } |
|
| 120 | ||
| 121 | // update group data |
|
| 122 | if ($groupAction == 'update_data' && $user->perm->checkRight($user->getUserId(), 'editgroup')) { |
|
| @@ 71-93 (lines=23) @@ | ||
| 68 | } |
|
| 69 | ||
| 70 | // update section members |
|
| 71 | if ($sectionAction == 'update_members' && $user->perm->checkRight($user->getUserId(), 'edit_section')) { |
|
| 72 | $message = ''; |
|
| 73 | $sectionAction = $defaultSectionAction; |
|
| 74 | $sectionId = Filter::filterInput(INPUT_POST, 'section_id', FILTER_VALIDATE_INT, 0); |
|
| 75 | $sectionMembers = isset($_POST['section_members']) ? $_POST['section_members'] : []; |
|
| 76 | ||
| 77 | if ($sectionId == 0) { |
|
| 78 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_user_error_noId']); |
|
| 79 | } else { |
|
| 80 | $user = new User($faqConfig); |
|
| 81 | $perm = $user->perm; |
|
| 82 | if (!$perm->removeAllGroupsFromSection($sectionId)) { |
|
| 83 | $message .= sprintf('<p class="alert alert-danger">%s</p>', $PMF_LANG['ad_msg_mysqlerr']); |
|
| 84 | } |
|
| 85 | foreach ($sectionMembers as $memberId) { |
|
| 86 | $perm->addGroupToSection((int) $memberId, $sectionId); |
|
| 87 | } |
|
| 88 | $message .= sprintf('<p class="alert alert-success">%s <strong>%s</strong> %s</p>', |
|
| 89 | $PMF_LANG['ad_msg_savedsuc_1'], |
|
| 90 | $perm->getSectionName($sectionId), |
|
| 91 | $PMF_LANG['ad_msg_savedsuc_2']); |
|
| 92 | } |
|
| 93 | } |
|
| 94 | ||
| 95 | // update section data |
|
| 96 | if ($sectionAction == 'update_data' && $user->perm->checkRight($user->getUserId(), 'edit_section')) { |
|
