default acl's
This commit is contained in:
parent
adce88e564
commit
5933f13ab7
|
@ -38,7 +38,7 @@ function network_content(&$a, $update = false) {
|
|||
'$baseurl' => $a->get_baseurl(),
|
||||
'$visitor' => 'block',
|
||||
'$lockstate' => 'unlock',
|
||||
'$acl' => populate_acl(),
|
||||
'$acl' => populate_acl($a->user),
|
||||
'$profile_uid' => $_SESSION['uid']
|
||||
));
|
||||
|
||||
|
|
|
@ -323,7 +323,7 @@ function photos_content(&$a) {
|
|||
'$filestext' => t('Select files to upload: '),
|
||||
'$albumselect' => $albumselect,
|
||||
'$permissions' => t('Permissions'),
|
||||
'$aclselect' => populate_acl(),
|
||||
'$aclselect' => populate_acl($a->user),
|
||||
'$archive' => $a->get_baseurl() . '/jumploader_z.jar',
|
||||
'$nojava' => t('Use the following controls only if the Java uploader (above) fails to launch.'),
|
||||
'$uploadurl' => $a->get_baseurl() . '/photos',
|
||||
|
|
|
@ -123,13 +123,16 @@ function profile_content(&$a, $update = false) {
|
|||
require_once('view/acl_selectors.php');
|
||||
|
||||
$tpl = file_get_contents("view/jot.tpl");
|
||||
|
||||
if(is_array($a->user) && ((strlen($a->user['allow_cid'])) || (strlen($a->user['allow_gid'])) || (strlen($a->user['deny_cid'])) || (strlen($a->user['deny_gid']))))
|
||||
$lockstate = 'lock';
|
||||
else
|
||||
$lockstate = 'unlock';
|
||||
$o .= replace_macros($tpl,array(
|
||||
'$baseurl' => $a->get_baseurl(),
|
||||
'$return_path' => $a->cmd,
|
||||
'$visitor' => (($_SESSION['uid'] == $a->profile['profile_uid']) ? 'block' : 'none'),
|
||||
'$lockstate' => 'unlock',
|
||||
'$acl' => (($_SESSION['uid'] == $a->profile['profile_uid']) ? populate_acl() : ''),
|
||||
'$lockstate' => $lockstate,
|
||||
'$acl' => (($_SESSION['uid'] == $a->profile['profile_uid']) ? populate_acl($a->user) : ''),
|
||||
'$profile_uid' => $a->profile['profile_uid']
|
||||
));
|
||||
}
|
||||
|
|
|
@ -15,12 +15,13 @@ function settings_init(&$a) {
|
|||
|
||||
function settings_post(&$a) {
|
||||
|
||||
|
||||
if(! local_user()) {
|
||||
notice( "Permission denied." . EOL);
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != $_SESSION['uid']) {
|
||||
$_SESSION['sysmsg'] .= "Permission denied." . EOL;
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
if((x($_POST,'password')) || (x($_POST,'confirm'))) {
|
||||
|
@ -30,12 +31,12 @@ function settings_post(&$a) {
|
|||
|
||||
$err = false;
|
||||
if($newpass != $confirm ) {
|
||||
$_SESSION['sysmsg'] .= "Passwords do not match. Password unchanged." . EOL;
|
||||
notice( t('Passwords do not match. Password unchanged.') . EOL);
|
||||
$err = true;
|
||||
}
|
||||
|
||||
if((! x($newpass)) || (! x($confirm))) {
|
||||
$_SESSION['sysmsg'] .= "Empty passwords are not allowed. Password unchanged." . EOL;
|
||||
notice( t('Empty passwords are not allowed. Password unchanged.') . EOL);
|
||||
$err = true;
|
||||
}
|
||||
|
||||
|
@ -45,9 +46,9 @@ function settings_post(&$a) {
|
|||
dbesc($password),
|
||||
intval($_SESSION['uid']));
|
||||
if($r)
|
||||
$_SESSION['sysmsg'] .= "Password changed." . EOL;
|
||||
notice( t('Password changed.') . EOL);
|
||||
else
|
||||
$_SESSION['sysmsg'] .= "Password update failed. Please try again." . EOL;
|
||||
notice( t('Password update failed. Please try again.') . EOL);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -63,24 +64,24 @@ function settings_post(&$a) {
|
|||
if($username != $a->user['username']) {
|
||||
$username_changed = true;
|
||||
if(strlen($username) > 40)
|
||||
$err .= " Please use a shorter name.";
|
||||
$err .= t(' Please use a shorter name.');
|
||||
if(strlen($username) < 3)
|
||||
$err .= " Name too short.";
|
||||
$err .= t(' Name too short.');
|
||||
}
|
||||
if($email != $a->user['email']) {
|
||||
$email_changed = true;
|
||||
if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email))
|
||||
$err .= " Not valid email.";
|
||||
$err .= t(' Not valid email.');
|
||||
$r = q("SELECT `uid` FROM `user`
|
||||
WHERE `email` = '%s' LIMIT 1",
|
||||
dbesc($email)
|
||||
);
|
||||
if($r !== NULL && count($r))
|
||||
$err .= " This email address is already registered." . EOL;
|
||||
$err .= t(' This email address is already registered.');
|
||||
}
|
||||
|
||||
if(strlen($err)) {
|
||||
$_SESSION['sysmsg'] .= $err . EOL;
|
||||
notice($err . EOL);
|
||||
return;
|
||||
}
|
||||
if($timezone != $a->user['timezone']) {
|
||||
|
@ -88,15 +89,50 @@ function settings_post(&$a) {
|
|||
if(strlen($timezone))
|
||||
date_default_timezone_set($timezone);
|
||||
}
|
||||
if($email_changed || $username_changed || $zone_changed ) {
|
||||
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s' WHERE `uid` = %d LIMIT 1",
|
||||
|
||||
$str_group_allow = '';
|
||||
$group_allow = $_POST['group_allow'];
|
||||
if(is_array($group_allow)) {
|
||||
array_walk($group_allow,'sanitise_acl');
|
||||
$str_group_allow = implode('',$group_allow);
|
||||
}
|
||||
|
||||
$str_contact_allow = '';
|
||||
$contact_allow = $_POST['contact_allow'];
|
||||
if(is_array($contact_allow)) {
|
||||
array_walk($contact_allow,'sanitise_acl');
|
||||
$str_contact_allow = implode('',$contact_allow);
|
||||
}
|
||||
|
||||
$str_group_deny = '';
|
||||
$group_deny = $_POST['group_deny'];
|
||||
if(is_array($group_deny)) {
|
||||
array_walk($group_deny,'sanitise_acl');
|
||||
$str_group_deny = implode('',$group_deny);
|
||||
}
|
||||
|
||||
$str_contact_deny = '';
|
||||
$contact_deny = $_POST['contact_deny'];
|
||||
if(is_array($contact_deny)) {
|
||||
array_walk($contact_deny,'sanitise_acl');
|
||||
$str_contact_deny = implode('',$contact_deny);
|
||||
}
|
||||
|
||||
|
||||
|
||||
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `uid` = %d LIMIT 1",
|
||||
dbesc($username),
|
||||
dbesc($email),
|
||||
dbesc($timezone),
|
||||
intval($_SESSION['uid']));
|
||||
if($r)
|
||||
$_SESSION['sysmsg'] .= "Settings updated." . EOL;
|
||||
}
|
||||
dbesc($str_contact_allow),
|
||||
dbesc($str_group_allow),
|
||||
dbesc($str_contact_deny),
|
||||
dbesc($str_group_deny),
|
||||
intval($_SESSION['uid'])
|
||||
);
|
||||
if($r)
|
||||
notice( t('Settings updated.') . EOL);
|
||||
|
||||
if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) {
|
||||
|
||||
// FIXME - set to un-verified, blocked and redirect to logout
|
||||
|
@ -161,7 +197,8 @@ function settings_content(&$a) {
|
|||
'$nickname_block' => $nickname_block,
|
||||
'$timezone' => $timezone,
|
||||
'$zoneselect' => select_timezone($timezone),
|
||||
'$acl_select' => populate_acl()
|
||||
'$permissions' => t('Default Post Permissions'),
|
||||
'$aclselect' => populate_acl($a->user)
|
||||
));
|
||||
|
||||
return $o;
|
||||
|
|
|
@ -69,8 +69,28 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
|
|||
return $o;
|
||||
}
|
||||
|
||||
function fixacl(&$item) {
|
||||
$item = intval(str_replace(array('<','>'),array('',''),$item));
|
||||
}
|
||||
|
||||
function populate_acl() {
|
||||
function populate_acl($user = null) {
|
||||
|
||||
$allow_cid = $allow_gid = $deny_cid = $deny_gid = false;
|
||||
|
||||
if(is_array($user)) {
|
||||
$allow_cid = ((strlen($user['allow_cid']))
|
||||
? explode('><', $user['allow_cid']) : array() );
|
||||
$allow_gid = ((strlen($user['allow_gid']))
|
||||
? explode('><', $user['allow_gid']) : array() );
|
||||
$deny_cid = ((strlen($user['deny_cid']))
|
||||
? explode('><', $user['deny_cid']) : array() );
|
||||
$deny_gid = ((strlen($user['deny_gid']))
|
||||
? explode('><', $user['deny_gid']) : array() );
|
||||
array_walk($allow_cid,'fixacl');
|
||||
array_walk($allow_gid,'fixacl');
|
||||
array_walk($deny_cid,'fixacl');
|
||||
array_walk($deny_gid,'fixacl');
|
||||
}
|
||||
|
||||
$o = '';
|
||||
$o .= '<div id="acl-wrapper">';
|
||||
|
@ -80,11 +100,11 @@ function populate_acl() {
|
|||
$o .= '<div id="acl-permit-wrapper">';
|
||||
$o .= '<div id="group_allow_wrapper">';
|
||||
$o .= '<label id="acl-allow-group-label" for="group_allow" >' . t('Groups') . '</label>';
|
||||
$o .= group_select('group_allow','group_allow');
|
||||
$o .= group_select('group_allow','group_allow',$allow_gid);
|
||||
$o .= '</div>';
|
||||
$o .= '<div id="contact_allow_wrapper">';
|
||||
$o .= '<label id="acl-allow-contact-label" for="contact_allow" >' . t('Contacts') . '</label>';
|
||||
$o .= contact_select('contact_allow','contact_allow');
|
||||
$o .= contact_select('contact_allow','contact_allow',$allow_cid);
|
||||
$o .= '</div>';
|
||||
$o .= '</div>' . "\r\n";
|
||||
$o .= '<div id="acl-allow-end"></div>' . "\r\n";
|
||||
|
@ -95,11 +115,11 @@ function populate_acl() {
|
|||
$o .= '<div id="acl-deny-wrapper">';
|
||||
$o .= '<div id="group_deny_wrapper" >';
|
||||
$o .= '<label id="acl-deny-group-label" for="group_deny" >' . t('Groups') . '</label>';
|
||||
$o .= group_select('group_deny','group_deny');
|
||||
$o .= group_select('group_deny','group_deny', $deny_gid);
|
||||
$o .= '</div>';
|
||||
$o .= '<div id="contact_deny_wrapper" >';
|
||||
$o .= '<label id="acl-deny-contact-label" for="contact_deny" >' . t('Contacts') . '</label>';
|
||||
$o .= contact_select('contact_deny','contact_deny');
|
||||
$o .= contact_select('contact_deny','contact_deny', $deny_cid);
|
||||
$o .= '</div>';
|
||||
$o .= '</div>' . "\r\n";
|
||||
$o .= '<div id="acl-deny-end"></div>' . "\r\n";
|
||||
|
|
|
@ -25,6 +25,20 @@ $zoneselect
|
|||
</div>
|
||||
<div id="settings-timezone-end" ></div>
|
||||
|
||||
<div id="settings-default-perms" class="settings-default-perms" >
|
||||
<div id="settings-default-perms-menu" onClick="openClose('settings-default-perms-select');" />$permissions</div>
|
||||
<div id="settings-default-perms-menu-end"></div>
|
||||
|
||||
<div id="settings-default-perms-select" style="display: none;" >
|
||||
|
||||
$aclselect
|
||||
|
||||
</div>
|
||||
</div>
|
||||
<div id="settings-default-perms-end"></div>
|
||||
|
||||
|
||||
|
||||
<div id="settings-password-wrapper" >
|
||||
<p id="settings-password-desc" >
|
||||
Leave password fields blank unless changing
|
||||
|
@ -41,6 +55,10 @@ Leave password fields blank unless changing
|
|||
<div id="settings-confirm-end" ></div>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<div id="settings-submit-wrapper" >
|
||||
<input type="submit" name="submit" id="settings-submit" value="Submit" />
|
||||
</div>
|
||||
|
|
|
@ -1326,3 +1326,16 @@ input#dfrn-url {
|
|||
text-decoration: underline;
|
||||
cursor: pointer;
|
||||
}
|
||||
#settings-default-perms-menu, #settings-default-perms-menu:visited {
|
||||
color: #8888FF;
|
||||
text-decoration: none;
|
||||
cursor: pointer;
|
||||
margin-top: 15px;
|
||||
margin-bottom: 15px;
|
||||
}
|
||||
|
||||
#settings-default-perms-menu:hover {
|
||||
color: #0000FF;
|
||||
text-decoration: underline;
|
||||
cursor: pointer;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user