search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added CRSF security token checks in ACL plugin
[dokuwiki/radio.git] / lib / plugins / acl / admin.php
bloba3fb4636d1c9c46f8d5a675f6689b8461e840529
1 <?php
2 /**
3 * ACL administration functions
4 *
5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
6 * @author Andreas Gohr <andi@splitbrain.org>
7 * @author Anika Henke <anika@selfthinker.org> (concepts)
8 * @author Frank Schubert <frank@schokilade.de> (old version)
9 */
10 // must be run within Dokuwiki
11 if(!defined('DOKU_INC')) die();
12
13 if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/');
14 require_once(DOKU_PLUGIN.'admin.php');
15
16 /**
17 * All DokuWiki plugins to extend the admin function
18 * need to inherit from this class
19 */
20 class admin_plugin_acl extends DokuWiki_Admin_Plugin {
21 var $acl = null;
22 var $ns = null;
23 var $who = '';
24 var $usersgroups = array();
25 var $specials = array();
26
27 /**
28 * return some info
29 */
30 function getInfo(){
31 return array(
32 'author' => 'Andreas Gohr',
33 'email' => 'andi@splitbrain.org',
34 'date' => '2010-01-17',
35 'name' => 'ACL Manager',
36 'desc' => 'Manage Page Access Control Lists',
37 'url' => 'http://dokuwiki.org/plugin:acl',
38 );
39 }
40
41 /**
42 * return prompt for admin menu
43 */
44 function getMenuText($language) {
45 return $this->getLang('admin_acl');
46 }
47
48 /**
49 * return sort order for position in admin menu
50 */
51 function getMenuSort() {
52 return 1;
53 }
54
55 /**
56 * handle user request
57 *
58 * Initializes internal vars and handles modifications
59 *
60 * @author Andreas Gohr <andi@splitbrain.org>
61 */
62 function handle() {
63 global $AUTH_ACL;
64 global $ID;
65 global $auth;
66
67 // fresh 1:1 copy without replacements
68 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
69
70
71 // namespace given?
72 if($_REQUEST['ns'] == '*'){
73 $this->ns = '*';
74 }else{
75 $this->ns = cleanID($_REQUEST['ns']);
76 }
77
78 // user or group choosen?
79 $who = trim($_REQUEST['acl_w']);
80 if($_REQUEST['acl_t'] == '__g__' && $who){
81 $this->who = '@'.ltrim($auth->cleanGroup($who),'@');
82 }elseif($_REQUEST['acl_t'] == '__u__' && $who){
83 $this->who = ltrim($auth->cleanUser($who),'@');
84 }elseif($_REQUEST['acl_t'] &&
85 $_REQUEST['acl_t'] != '__u__' &&
86 $_REQUEST['acl_t'] != '__g__'){
87 $this->who = $_REQUEST['acl_t'];
88 }elseif($who){
89 $this->who = $who;
90 }
91
92 // handle modifications
93 if(isset($_REQUEST['cmd']) && checkSecurityToken()){
94
95 // scope for modifications
96 if($this->ns){
97 if($this->ns == '*'){
98 $scope = '*';
99 }else{
100 $scope = $this->ns.':*';
101 }
102 }else{
103 $scope = $ID;
104 }
105
106 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){
107 // handle additions or single modifications
108 $this->_acl_del($scope, $this->who);
109 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']);
110 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){
111 // handle single deletions
112 $this->_acl_del($scope, $this->who);
113 }elseif(isset($_REQUEST['cmd']['update'])){
114 // handle update of the whole file
115 foreach((array) $_REQUEST['del'] as $where => $names){
116 // remove all rules marked for deletion
117 foreach($names as $who)
118 unset($_REQUEST['acl'][$where][$who]);
119 }
120 // prepare lines
121 $lines = array();
122 // keep header
123 foreach($AUTH_ACL as $line){
124 if($line{0} == '#'){
125 $lines[] = $line;
126 }else{
127 break;
128 }
129 }
130 // re-add all rules
131 foreach((array) $_REQUEST['acl'] as $where => $opt){
132 foreach($opt as $who => $perm){
133 $who = auth_nameencode($who,true);
134 $lines[] = "$where\t$who\t$perm\n";
135 }
136 }
137 // save it
138 io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines));
139 }
140
141 // reload ACL config
142 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php');
143 }
144
145 // initialize ACL array
146 $this->_init_acl_config();
147 }
148
149 /**
150 * ACL Output function
151 *
152 * print a table with all significant permissions for the
153 * current id
154 *
155 * @author Frank Schubert <frank@schokilade.de>
156 * @author Andreas Gohr <andi@splitbrain.org>
157 */
158 function html() {
159 global $ID;
160
161 echo '<div id="acl_manager">'.NL;
162 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL;
163 echo '<div class="level1">'.NL;
164
165 echo '<div id="acl__tree">'.NL;
166 $this->_html_explorer($_REQUEST['ns']);
167 echo '</div>'.NL;
168
169 echo '<div id="acl__detail">'.NL;
170 $this->_html_detail();
171 echo '</div>'.NL;
172 echo '</div>'.NL;
173
174 echo '<div class="clearer"></div>';
175 echo '<h2>'.$this->getLang('current').'</h2>'.NL;
176 echo '<div class="level2">'.NL;
177 $this->_html_table();
178 echo '</div>'.NL;
179
180 echo '<div class="footnotes"><div class="fn">'.NL;
181 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL;
182 echo $this->getLang('p_include');
183 echo '</div></div>';
184
185 echo '</div>'.NL;
186 }
187
188 /**
189 * returns array with set options for building links
190 *
191 * @author Andreas Gohr <andi@splitbrain.org>
192 */
193 function _get_opts($addopts=null){
194 global $ID;
195 $opts = array(
196 'do'=>'admin',
197 'page'=>'acl',
198 );
199 if($this->ns) $opts['ns'] = $this->ns;
200 if($this->who) $opts['acl_w'] = $this->who;
201
202 if(is_null($addopts)) return $opts;
203 return array_merge($opts, $addopts);
204 }
205
206 /**
207 * Display a tree menu to select a page or namespace
208 *
209 * @author Andreas Gohr <andi@splitbrain.org>
210 */
211 function _html_explorer(){
212 require_once(DOKU_INC.'inc/search.php');
213 global $conf;
214 global $ID;
215 global $lang;
216
217 $dir = $conf['datadir'];
218 $ns = $this->ns;
219 if(empty($ns)){
220 $ns = dirname(str_replace(':','/',$ID));
221 if($ns == '.') $ns ='';
222 }elseif($ns == '*'){
223 $ns ='';
224 }
225 $ns = utf8_encodeFN(str_replace(':','/',$ns));
226
227 $data = $this->_get_tree($ns);
228
229 // wrap a list with the root level around the other namespaces
230 $item = array( 'level' => 0, 'id' => '*', 'type' => 'd',
231 'open' =>'true', 'label' => '['.$lang['mediaroot'].']');
232
233 echo '<ul class="acltree">';
234 echo $this->_html_li_acl($item);
235 echo '<div class="li">';
236 echo $this->_html_list_acl($item);
237 echo '</div>';
238 echo html_buildlist($data,'acl',
239 array($this,'_html_list_acl'),
240 array($this,'_html_li_acl'));
241 echo '</li>';
242 echo '</ul>';
243
244 }
245
246 /**
247 * get a combined list of media and page files
248 *
249 * @param string $folder an already converted filesystem folder of the current namespace
250 * @param string $limit limit the search to this folder
251 */
252 function _get_tree($folder,$limit=''){
253 global $conf;
254
255 // read tree structure from pages and media
256 $data = array();
257 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit);
258 $media = array();
259 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit);
260 $data = array_merge($data,$media);
261 unset($media);
262
263 // combine by sorting and removing duplicates
264 usort($data,array($this,'_tree_sort'));
265 $count = count($data);
266 if($count>0) for($i=1; $i<$count; $i++){
267 if($data[$i]['type'] == 'f') break; // namespaces come first, we're done
268 if($data[$i-1]['id'] == $data[$i]['id']) unset($data[$i]);
269 }
270 return $data;
271 }
272
273 /**
274 * usort callback
275 *
276 * Sorts the combined trees of media and page files
277 */
278 function _tree_sort($a,$b){
279 if($a['type'] == 'd' && $b['type'] == 'f'){
280 return -1;
281 }elseif($a['type'] == 'f' && $b['type'] == 'd'){
282 return 1;
283 }else{
284 return strcmp($a['id'],$b['id']);
285 }
286 }
287
288 /**
289 * Display the current ACL for selected where/who combination with
290 * selectors and modification form
291 *
292 * @author Andreas Gohr <andi@splitbrain.org>
293 */
294 function _html_detail(){
295 global $conf;
296 global $ID;
297
298 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL;
299
300 echo '<div id="acl__user">';
301 echo $this->getLang('acl_perms').' ';
302 $inl = $this->_html_select();
303 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL;
304 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL;
305 echo '</div>'.NL;
306
307 echo '<div id="acl__info">';
308 $this->_html_info();
309 echo '</div>';
310
311 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL;
312 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL;
313 echo '<input type="hidden" name="do" value="admin" />'.NL;
314 echo '<input type="hidden" name="page" value="acl" />'.NL;
315 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL;
316 echo '</div></form>'.NL;
317 }
318
319 /**
320 * Print infos and editor
321 */
322 function _html_info(){
323 global $ID;
324
325 if($this->who){
326 $current = $this->_get_exact_perm();
327
328 // explain current permissions
329 $this->_html_explain($current);
330 // load editor
331 $this->_html_acleditor($current);
332 }else{
333 echo '<p>';
334 if($this->ns){
335 printf($this->getLang('p_choose_ns'),hsc($this->ns));
336 }else{
337 printf($this->getLang('p_choose_id'),hsc($ID));
338 }
339 echo '</p>';
340
341 echo $this->locale_xhtml('help');
342 }
343 }
344
345 /**
346 * Display the ACL editor
347 *
348 * @author Andreas Gohr <andi@splitbrain.org>
349 */
350 function _html_acleditor($current){
351 global $lang;
352
353 echo '<fieldset>';
354 if(is_null($current)){
355 echo '<legend>'.$this->getLang('acl_new').'</legend>';
356 }else{
357 echo '<legend>'.$this->getLang('acl_mod').'</legend>';
358 }
359
360
361 echo $this->_html_checkboxes($current,empty($this->ns),'acl');
362
363 if(is_null($current)){
364 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL;
365 }else{
366 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL;
367 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL;
368 }
369
370 echo '</fieldset>';
371 }
372
373 /**
374 * Explain the currently set permissions in plain english/$lang
375 *
376 * @author Andreas Gohr <andi@splitbrain.org>
377 */
378 function _html_explain($current){
379 global $ID;
380 global $auth;
381
382 $who = $this->who;
383 $ns = $this->ns;
384
385 // prepare where to check
386 if($ns){
387 if($ns == '*'){
388 $check='*';
389 }else{
390 $check=$ns.':*';
391 }
392 }else{
393 $check = $ID;
394 }
395
396 // prepare who to check
397 if($who{0} == '@'){
398 $user = '';
399 $groups = array(ltrim($who,'@'));
400 }else{
401 $user = auth_nameencode($who);
402 $info = $auth->getUserData($user);
403 if($info === false){
404 $groups = array();
405 }else{
406 $groups = $info['grps'];
407 }
408 }
409
410 // check the permissions
411 $perm = auth_aclcheck($check,$user,$groups);
412
413 // build array of named permissions
414 $names = array();
415 if($perm){
416 if($ns){
417 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16');
418 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8');
419 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4');
420 }
421 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2');
422 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1');
423 $names = array_reverse($names);
424 }else{
425 $names[] = $this->getLang('acl_perm0');
426 }
427
428 // print permission explanation
429 echo '<p>';
430 if($user){
431 if($ns){
432 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names));
433 }else{
434 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names));
435 }
436 }else{
437 if($ns){
438 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names));
439 }else{
440 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names));
441 }
442 }
443 echo '</p>';
444
445 // add note if admin
446 if($perm == AUTH_ADMIN){
447 echo '<p>'.$this->getLang('p_isadmin').'</p>';
448 }elseif(is_null($current)){
449 echo '<p>'.$this->getLang('p_inherited').'</p>';
450 }
451 }
452
453
454 /**
455 * Item formatter for the tree view
456 *
457 * User function for html_buildlist()
458 *
459 * @author Andreas Gohr <andi@splitbrain.org>
460 */
461 function _html_list_acl($item){
462 global $ID;
463 $ret = '';
464 // what to display
465 if($item['label']){
466 $base = $item['label'];
467 }else{
468 $base = ':'.$item['id'];
469 $base = substr($base,strrpos($base,':')+1);
470 }
471
472 // highlight?
473 if( ($item['type']=='d' && $item['id'] == $this->ns) ||
474 ($item['type']!='d' && $item['id'] == $ID)) $cl = ' cur';
475
476 // namespace or page?
477 if($item['type']=='d'){
478 if($item['open']){
479 $img = DOKU_BASE.'lib/images/minus.gif';
480 $alt = '&minus;';
481 }else{
482 $img = DOKU_BASE.'lib/images/plus.gif';
483 $alt = '+';
484 }
485 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />';
486 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">';
487 $ret .= $base;
488 $ret .= '</a>';
489 }else{
490 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">';
491 $ret .= noNS($item['id']);
492 $ret .= '</a>';
493 }
494 return $ret;
495 }
496
497
498 function _html_li_acl($item){
499 return '<li class="level'.$item['level'].'">';
500 }
501
502
503 /**
504 * Get current ACL settings as multidim array
505 *
506 * @author Andreas Gohr <andi@splitbrain.org>
507 */
508 function _init_acl_config(){
509 global $AUTH_ACL;
510 global $conf;
511 $acl_config=array();
512 $usersgroups = array();
513
514 // get special users and groups
515 $this->specials[] = '@ALL';
516 $this->specials[] = '@'.$conf['defaultgroup'];
517 if($conf['manager'] != '!!not set!!'){
518 $this->specials = array_merge($this->specials,
519 array_map('trim',
520 explode(',',$conf['manager'])));
521 }
522 $this->specials = array_filter($this->specials);
523 $this->specials = array_unique($this->specials);
524 sort($this->specials);
525
526 foreach($AUTH_ACL as $line){
527 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments
528 if(!$line) continue;
529
530 $acl = preg_split('/\s+/',$line);
531 //0 is pagename, 1 is user, 2 is acl
532
533 $acl[1] = rawurldecode($acl[1]);
534 $acl_config[$acl[0]][$acl[1]] = $acl[2];
535
536 // store non-special users and groups for later selection dialog
537 $ug = $acl[1];
538 if(in_array($ug,$this->specials)) continue;
539 $usersgroups[] = $ug;
540 }
541
542 $usersgroups = array_unique($usersgroups);
543 sort($usersgroups);
544 ksort($acl_config);
545
546 $this->acl = $acl_config;
547 $this->usersgroups = $usersgroups;
548 }
549
550 /**
551 * Display all currently set permissions in a table
552 *
553 * @author Andreas Gohr <andi@splitbrain.org>
554 */
555 function _html_table(){
556 global $lang;
557 global $ID;
558
559 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL;
560 if($this->ns){
561 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL;
562 }else{
563 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL;
564 }
565 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL;
566 echo '<input type="hidden" name="do" value="admin" />'.NL;
567 echo '<input type="hidden" name="page" value="acl" />'.NL;
568 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL;
569 echo '<table class="inline">';
570 echo '<tr>';
571 echo '<th>'.$this->getLang('where').'</th>';
572 echo '<th>'.$this->getLang('who').'</th>';
573 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>';
574 echo '<th>'.$lang['btn_delete'].'</th>';
575 echo '</tr>';
576 foreach($this->acl as $where => $set){
577 foreach($set as $who => $perm){
578 echo '<tr>';
579 echo '<td>';
580 if(substr($where,-1) == '*'){
581 echo '<span class="aclns">'.hsc($where).'</span>';
582 $ispage = false;
583 }else{
584 echo '<span class="aclpage">'.hsc($where).'</span>';
585 $ispage = true;
586 }
587 echo '</td>';
588
589 echo '<td>';
590 if($who{0} == '@'){
591 echo '<span class="aclgroup">'.hsc($who).'</span>';
592 }else{
593 echo '<span class="acluser">'.hsc($who).'</span>';
594 }
595 echo '</td>';
596
597 echo '<td>';
598 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']');
599 echo '</td>';
600
601 echo '<td align="center">';
602 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />';
603 echo '</td>';
604 echo '</tr>';
605 }
606 }
607
608 echo '<tr>';
609 echo '<th align="right" colspan="4">';
610 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />';
611 echo '</th>';
612 echo '</tr>';
613 echo '</table>';
614 echo '</div></form>'.NL;
615 }
616
617
618 /**
619 * Returns the permission which were set for exactly the given user/group
620 * and page/namespace. Returns null if no exact match is available
621 *
622 * @author Andreas Gohr <andi@splitbrain.org>
623 */
624 function _get_exact_perm(){
625 global $ID;
626 if($this->ns){
627 if($this->ns == '*'){
628 $check = '*';
629 }else{
630 $check = $this->ns.':*';
631 }
632 }else{
633 $check = $ID;
634 }
635
636 if(isset($this->acl[$check][$this->who])){
637 return $this->acl[$check][$this->who];
638 }else{
639 return null;
640 }
641 }
642
643 /**
644 * adds new acl-entry to conf/acl.auth.php
645 *
646 * @author Frank Schubert <frank@schokilade.de>
647 */
648 function _acl_add($acl_scope, $acl_user, $acl_level){
649 $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php');
650 $acl_user = auth_nameencode($acl_user,true);
651
652 // max level for pagenames is edit
653 if(strpos($acl_scope,'*') === false) {
654 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT;
655 }
656
657
658 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n";
659
660 $new_config = $acl_config.$new_acl;
661
662 return io_saveFile(DOKU_CONF.'acl.auth.php', $new_config);
663 }
664
665 /**
666 * remove acl-entry from conf/acl.auth.php
667 *
668 * @author Frank Schubert <frank@schokilade.de>
669 */
670 function _acl_del($acl_scope, $acl_user){
671 $acl_config = file(DOKU_CONF.'acl.auth.php');
672 $acl_user = auth_nameencode($acl_user,true);
673
674 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$';
675
676 // save all non!-matching
677 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT);
678
679 return io_saveFile(DOKU_CONF.'acl.auth.php', join('',$new_config));
680 }
681
682 /**
683 * print the permission radio boxes
684 *
685 * @author Frank Schubert <frank@schokilade.de>
686 * @author Andreas Gohr <andi@splitbrain.org>
687 */
688 function _html_checkboxes($setperm,$ispage,$name){
689 global $lang;
690
691 static $label = 0; //number labels
692 $ret = '';
693
694 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT;
695
696 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){
697 $label += 1;
698
699 //general checkbox attributes
700 $atts = array( 'type' => 'radio',
701 'id' => 'pbox'.$label,
702 'name' => $name,
703 'value' => $perm );
704 //dynamic attributes
705 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked';
706 if($ispage && $perm > AUTH_EDIT){
707 $atts['disabled'] = 'disabled';
708 $class = ' class="disabled"';
709 }else{
710 $class = '';
711 }
712
713 //build code
714 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>';
715 $ret .= '<input '.html_attbuild($atts).' />&nbsp;';
716 $ret .= $this->getLang('acl_perm'.$perm);
717 $ret .= '</label>'.NL;
718 }
719 return $ret;
720 }
721
722 /**
723 * Print a user/group selector (reusing already used users and groups)
724 *
725 * @author Andreas Gohr <andi@splitbrain.org>
726 */
727 function _html_select(){
728 global $conf;
729 $inlist = false;
730
731 if($this->who &&
732 !in_array($this->who,$this->usersgroups) &&
733 !in_array($this->who,$this->specials)){
734
735 if($this->who{0} == '@'){
736 $gsel = ' selected="selected"';
737 }else{
738 $usel = ' selected="selected"';
739 }
740 }else{
741 $usel = '';
742 $gsel = '';
743 $inlist = true;
744 }
745
746
747 echo '<select name="acl_t" class="edit">'.NL;
748 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL;
749 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL;
750 echo ' <optgroup label="&nbsp;">'.NL;
751 foreach($this->specials as $ug){
752 if($ug == $this->who){
753 $sel = ' selected="selected"';
754 $inlist = true;
755 }else{
756 $sel = '';
757 }
758
759 if($ug{0} == '@'){
760 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL;
761 }else{
762 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL;
763 }
764 }
765 echo ' </optgroup>'.NL;
766 echo ' <optgroup label="&nbsp;">'.NL;
767 foreach($this->usersgroups as $ug){
768 if($ug == $this->who){
769 $sel = ' selected="selected"';
770 $inlist = true;
771 }else{
772 $sel = '';
773 }
774
775 if($ug{0} == '@'){
776 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL;
777 }else{
778 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL;
779 }
780 }
781 echo ' </optgroup>'.NL;
782 echo '</select>'.NL;
783 return $inlist;
784 }
785 }