gacl/admin/edit_objects.php

   1 <?php
   2 //First make sure user has access
   3 include_once("../../interface/globals.php");
   4 include_once("$srcdir/acl.inc");
   5 //ensure user has proper access
   6 if (!acl_check('admin', 'acl')) {
   7             echo xl('ACL Administration Not Authorized');
   8             exit;
   9 }
  10 //ensure php is installed
  11 if (!isset($phpgacl_location)) {
  12             echo xl('php-GACL access controls are turned off');
  13             exit;
  14 }
  15
  16 require_once("gacl_admin.inc.php");
  17
  18 //GET takes precedence.
  19 if ($_GET['object_type'] != '') {
  20         $object_type = $_GET['object_type'];
  21 } else {
  22         $object_type = $_POST['object_type'];
  23 }
  24
  25 switch(strtolower(trim($object_type))) {
  26     case 'aco':
  27         $object_type = 'aco';
  28         $object_table = $gacl_api->_db_table_prefix . 'aco';
  29                 $object_sections_table = $gacl_api->_db_table_prefix . 'aco_sections';
  30         break;
  31     case 'aro':
  32         $object_type = 'aro';
  33         $object_table = $gacl_api->_db_table_prefix . 'aro';
  34                 $object_sections_table = $gacl_api->_db_table_prefix . 'aro_sections';
  35         break;
  36     case 'axo':
  37         $object_type = 'axo';
  38         $object_table = $gacl_api->_db_table_prefix . 'axo';
  39                 $object_sections_table = $gacl_api->_db_table_prefix . 'axo_sections';
  40         break;
  41     default:
  42         echo "ERROR: Must select an object type<br>\n";
  43         exit();
  44         break;
  45 }
  46
  47 switch ($_POST['action']) {
  48     case 'Delete':
  49
  50         if (count($_POST['delete_object']) > 0) {
  51             foreach($_POST['delete_object'] as $id) {
  52                 $gacl_api->del_object($id, $object_type, TRUE);
  53             }
  54         }
  55
  56         //Return page.
  57         $gacl_api->return_page($_POST['return_page']);
  58
  59         break;
  60     case 'Submit':
  61         $gacl_api->debug_text("Submit!!");
  62
  63         //Update objects
  64         while (list(,$row) = @each($_POST['objects'])) {
  65             list($id, $value, $order, $name) = $row;
  66             $gacl_api->edit_object($id, $_POST['section_value'], $name, $value, $order, 0, $object_type);
  67         }
  68         unset($id);
  69         unset($section_value);
  70         unset($value);
  71         unset($order);
  72         unset($name);
  73
  74         //Insert new sections
  75         while (list(,$row) = @each($_POST['new_objects'])) {
  76             list($value, $order, $name) = $row;
  77
  78             if (!empty($value) AND !empty($name)) {
  79                 $object_id= $gacl_api->add_object($_POST['section_value'], $name, $value, $order, 0, $object_type);
  80             }
  81         }
  82         $gacl_api->debug_text("return_page: ". $_POST['return_page']);
  83         $gacl_api->return_page($_POST['return_page']);
  84
  85         break;
  86     default:
  87         //Grab section name
  88         $query = "select name from $object_sections_table where value = '". $_GET['section_value'] ."'";
  89         $section_name = $db->GetOne($query);
  90
  91         $query = "select
  92                                     id,
  93                                     section_value,
  94                                     value,
  95                                     order_value,
  96                                     name
  97                         from    $object_table
  98                         where   section_value='". $_GET['section_value'] ."'
  99                         order by order_value";
 100         $rs = $db->pageexecute($query, $gacl_api->_items_per_page, $_GET['page']);
 101         $rows = $rs->GetRows();
 102
 103         while (list(,$row) = @each($rows)) {
 104             list($id, $section_value, $value, $order_value, $name) = $row;
 105
 106                 $objects[] = array(
 107                                                 'id' => $id,
 108                                                 'section_value' => $section_value,
 109                                                 'value' => $value,
 110                                                 'order' => $order_value,
 111                                                 'name' => $name
 112                                             );
 113         }
 114
 115         for($i=0; $i < 5; $i++) {
 116                 $new_objects[] = array(
 117                                                 'id' => $i,
 118                                                 'section_value' => NULL,
 119                                                 'value' => NULL,
 120                                                 'order' => NULL,
 121                                                 'name' => NULL
 122                                             );
 123         }
 124
 125         $smarty->assign('objects', $objects);
 126         $smarty->assign('new_objects', $new_objects);
 127
 128         $smarty->assign("paging_data", $gacl_api->get_paging_data($rs));
 129
 130         break;
 131 }
 132
 133 $smarty->assign('section_value', stripslashes($_GET['section_value']));
 134 $smarty->assign('section_name', $section_name);
 135 $smarty->assign('object_type', $object_type);
 136 $smarty->assign('return_page', $_SERVER['REQUEST_URI']);
 137
 138 $smarty->assign('current','edit_'. $object_type .'s');
 139 $smarty->assign('page_title', 'Edit '. strtoupper($object_type) .' Objects');
 140
 141 $smarty->assign("phpgacl_version", $gacl_api->get_version() );
 142 $smarty->assign("phpgacl_schema_version", $gacl_api->get_schema_version() );
 143
 144 $smarty->display('phpgacl/edit_objects.tpl');
 145 ?>