-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin_permissions.php
executable file
·94 lines (80 loc) · 2.08 KB
/
admin_permissions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php
/*
UserCake Version: 2.0.2
http://usercake.com
*/
require_once("models/config.php");
if (!securePage($_SERVER['PHP_SELF'])){die();}
//Forms posted
if(!empty($_POST))
{
//Delete permission levels
if(!empty($_POST['delete'])){
$deletions = $_POST['delete'];
if ($deletion_count = deletePermission($deletions)){
$successes[] = lang("PERMISSION_DELETIONS_SUCCESSFUL", array($deletion_count));
}
}
//Create new permission level
if(!empty($_POST['newPermission'])) {
$permission = trim($_POST['newPermission']);
//Validate request
if (permissionNameExists($permission)){
$errors[] = lang("PERMISSION_NAME_IN_USE", array($permission));
}
elseif (minMaxRange(1, 50, $permission)){
$errors[] = lang("PERMISSION_CHAR_LIMIT", array(1, 50));
}
else{
if (createPermission($permission)) {
$successes[] = lang("PERMISSION_CREATION_SUCCESSFUL", array($permission));
}
else {
$errors[] = lang("SQL_ERROR");
}
}
}
}
$permissionData = fetchAllPermissions(); //Retrieve list of all permission levels
require_once("models/header.php");
echo "
<body>
<div id='wrapper'>
<div id='top'><div id='logo'></div></div>
<div id='content'>
<h1>UserCake</h1>
<h2>Admin Permissions</h2>
<div id='left-nav'>";
include("left-nav.php");
echo "
</div>
<div id='main'>";
echo resultBlock($errors,$successes);
echo "
<form name='adminPermissions' action='".$_SERVER['PHP_SELF']."' method='post'>
<table class='admin'>
<tr>
<th>Delete</th><th>Permission Name</th>
</tr>";
//List each permission level
foreach ($permissionData as $v1) {
echo "
<tr>
<td><input type='checkbox' name='delete[".$v1['id']."]' id='delete[".$v1['id']."]' value='".$v1['id']."'></td>
<td><a href='admin_permission.php?id=".$v1['id']."'>".$v1['name']."</a></td>
</tr>";
}
echo "
</table>
<p>
<label>Permission Name:</label>
<input type='text' name='newPermission' />
</p>
<input type='submit' name='Submit' value='Submit' />
</form>
</div>
<div id='bottom'></div>
</div>
</body>
</html>";
?>