  |
38 | 38 | | case 'deleteconfirm': |
| |
39 | 39 | | $this->_delete(); |
| |
40 | 40 | | break; |
 |
41 | | - | } |
| |
42 | | - | } |
| |
43 | | - | } |
|
44 | 41 | | |
|
45 | | - | function sortAccessList($a, $b) { |
| |
46 | | - | if ($a['group'] == $b['group']) { |
| |
47 | | - | if ($a['text'] == $b['text']) { |
| |
48 | | - | return 0; |
| |
49 | | - | } |
| |
| 42 | + | case 'batchSave': |
| |
| 43 | + | if ( isset($_POST['batch']) && is_array($_POST['batch']) && !empty($_POST['batch']) ) { |
| |
| 44 | + | $this->_page_contents = 'administrators_batch_edit.php'; |
|
50 | 45 | | |
|
51 | | - | return ($a['text'] < $b['text']) ? -1 : 1; |
| |
52 | | - | } |
| |
| 46 | + | if ( isset($_POST['subaction']) && ($_POST['subaction'] == 'confirm') ) { |
| |
| 47 | + | $this->_saveBatch(); |
| |
| 48 | + | } |
| |
| 49 | + | } else { |
| |
| 50 | + | $_GET['action'] = ''; |
| |
| 51 | + | } |
|
53 | 52 | | |
|
54 | | - | return ($a['group'] < $b['group']) ? -1 : 1; |
| |
| 53 | + | break; |
| |
| 54 | + | |
| |
| 55 | + | case 'batchDelete': |
| |
| 56 | + | if ( isset($_POST['batch']) && is_array($_POST['batch']) && !empty($_POST['batch']) ) { |
| |
| 57 | + | $this->_page_contents = 'administrators_batch_delete.php'; |
| |
| 58 | + | |
| |
| 59 | + | if ( isset($_POST['subaction']) && ($_POST['subaction'] == 'confirm') ) { |
| |
| 60 | + | $this->_deleteBatch(); |
| |
| 61 | + | } |
| |
| 62 | + | } else { |
| |
| 63 | + | $_GET['action'] = ''; |
| |
| 64 | + | } |
| |
| 65 | + | |
| |
| 66 | + | break; |
| |
| 67 | + | } |
| |
| 68 | + | } |
|
55 | 69 | | } |
| |
56 | 70 | | |
| |
57 | 71 | | /* Private methods */ |
| |
|
|
 |
… |
|
149 | 163 | | |
| |
150 | 164 | | if ( $osC_Database->isError() ) { |
| |
151 | 165 | | $error = true; |
|
152 | | - | } else { |
| |
153 | | - | if ($id == $_SESSION['admin']['id']) { |
| |
154 | | - | $_SESSION['admin']['access'] = osC_Access::getUserLevels($id); |
| |
155 | | - | } |
|
156 | 166 | | } |
| |
157 | 167 | | } |
| |
158 | 168 | | |
| |
159 | 169 | | if ( $error === false ) { |
| |
160 | 170 | | $osC_Database->commitTransaction(); |
| |
161 | 171 | | |
|
| 172 | + | if ($id == $_SESSION['admin']['id']) { |
| |
| 173 | + | $_SESSION['admin']['access'] = osC_Access::getUserLevels($id); |
| |
| 174 | + | } |
| |
| 175 | + | |
|
162 | 176 | | $osC_MessageStack->add_session($this->_module, SUCCESS_DB_ROWS_UPDATED, 'success'); |
| |
163 | 177 | | } else { |
| |
164 | 178 | | $osC_Database->rollbackTransaction(); |
| |
|
|
|
… |
|
201 | 215 | | |
| |
202 | 216 | | osc_redirect(osc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&page=' . $_GET['page'])); |
| |
203 | 217 | | } |
|
| 218 | + | |
| |
| 219 | + | function _saveBatch() { |
| |
| 220 | + | global $osC_Database, $osC_MessageStack; |
| |
| 221 | + | |
| |
| 222 | + | $error = false; |
| |
| 223 | + | |
| |
| 224 | + | $modules_array = array(); |
| |
| 225 | + | |
| |
| 226 | + | if ( in_array('*', $_POST['modules']) ) { |
| |
| 227 | + | $_POST['modules'] = array('*'); |
| |
| 228 | + | } |
| |
| 229 | + | |
| |
| 230 | + | foreach ($_POST['modules'] as $module) { |
| |
| 231 | + | $modules_array[$module] = '\'' . $module . '\''; |
| |
| 232 | + | } |
| |
| 233 | + | |
| |
| 234 | + | $osC_Database->startTransaction(); |
| |
| 235 | + | |
| |
| 236 | + | if ( ($_POST['type'] == 'add') || ($_POST['type'] == 'set') ) { |
| |
| 237 | + | foreach ($modules_array as $module_key => $module_access) { |
| |
| 238 | + | foreach ($_POST['batch'] as $id) { |
| |
| 239 | + | $execute = true; |
| |
| 240 | + | |
| |
| 241 | + | if ( $module_key != '*' ) { |
| |
| 242 | + | $Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1'); |
| |
| 243 | + | $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 244 | + | $Qcheck->bindInt(':administrators_id', $id); |
| |
| 245 | + | $Qcheck->bindValue(':module', '*'); |
| |
| 246 | + | $Qcheck->execute(); |
| |
| 247 | + | |
| |
| 248 | + | if ( $Qcheck->numberOfRows() === 1 ) { |
| |
| 249 | + | $execute = false; |
| |
| 250 | + | } |
| |
| 251 | + | } |
| |
| 252 | + | |
| |
| 253 | + | if ( $execute === true ) { |
| |
| 254 | + | $Qcheck = $osC_Database->query('select administrators_id from :table_administrators_access where administrators_id = :administrators_id and module = :module limit 1'); |
| |
| 255 | + | $Qcheck->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 256 | + | $Qcheck->bindInt(':administrators_id', $id); |
| |
| 257 | + | $Qcheck->bindValue(':module', $module_key); |
| |
| 258 | + | $Qcheck->execute(); |
| |
| 259 | + | |
| |
| 260 | + | if ( $Qcheck->numberOfRows() < 1 ) { |
| |
| 261 | + | $Qinsert = $osC_Database->query('insert into :table_administrators_access (administrators_id, module) values (:administrators_id, :module)'); |
| |
| 262 | + | $Qinsert->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 263 | + | $Qinsert->bindInt(':administrators_id', $id); |
| |
| 264 | + | $Qinsert->bindValue(':module', $module_key); |
| |
| 265 | + | $Qinsert->execute(); |
| |
| 266 | + | |
| |
| 267 | + | if ( $osC_Database->isError() ) { |
| |
| 268 | + | $error = true; |
| |
| 269 | + | break; |
| |
| 270 | + | } |
| |
| 271 | + | } |
| |
| 272 | + | } |
| |
| 273 | + | } |
| |
| 274 | + | } |
| |
| 275 | + | } |
| |
| 276 | + | |
| |
| 277 | + | if ( $error === false ) { |
| |
| 278 | + | if ( ($_POST['type'] == 'remove') || ($_POST['type'] == 'set') || in_array('*', $_POST['modules']) ) { |
| |
| 279 | + | if ( !empty($modules_array) ) { |
| |
| 280 | + | foreach ($_POST['batch'] as $id) { |
| |
| 281 | + | $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id = :administrators_id'); |
| |
| 282 | + | |
| |
| 283 | + | if ( $_POST['type'] == 'remove' ) { |
| |
| 284 | + | if ( !in_array('*', $_POST['modules']) ) { |
| |
| 285 | + | $Qdel->appendQuery('and module in (:module)'); |
| |
| 286 | + | $Qdel->bindRaw(':module', implode(',', $modules_array)); |
| |
| 287 | + | } |
| |
| 288 | + | } else { |
| |
| 289 | + | $Qdel->appendQuery('and module not in (:module)'); |
| |
| 290 | + | $Qdel->bindRaw(':module', implode(',', $modules_array)); |
| |
| 291 | + | } |
| |
| 292 | + | |
| |
| 293 | + | $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 294 | + | $Qdel->bindInt(':administrators_id', $id); |
| |
| 295 | + | $Qdel->execute(); |
| |
| 296 | + | |
| |
| 297 | + | if ( $osC_Database->isError() ) { |
| |
| 298 | + | $error = true; |
| |
| 299 | + | break; |
| |
| 300 | + | } |
| |
| 301 | + | } |
| |
| 302 | + | } |
| |
| 303 | + | } |
| |
| 304 | + | } |
| |
| 305 | + | |
| |
| 306 | + | if ( $error === false ) { |
| |
| 307 | + | $osC_Database->commitTransaction(); |
| |
| 308 | + | |
| |
| 309 | + | if ( in_array($_SESSION['admin']['id'], $_POST['batch']) ) { |
| |
| 310 | + | $_SESSION['admin']['access'] = osC_Access::getUserLevels($_SESSION['admin']['id']); |
| |
| 311 | + | } |
| |
| 312 | + | |
| |
| 313 | + | $osC_MessageStack->add_session($this->_module, SUCCESS_DB_ROWS_UPDATED, 'success'); |
| |
| 314 | + | } else { |
| |
| 315 | + | $osC_Database->rollbackTransaction(); |
| |
| 316 | + | |
| |
| 317 | + | $osC_MessageStack->add_session($this->_module, ERROR_DB_ROWS_NOT_UPDATED, 'error'); |
| |
| 318 | + | } |
| |
| 319 | + | |
| |
| 320 | + | osc_redirect(osc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&page=' . $_GET['page'])); |
| |
| 321 | + | } |
| |
| 322 | + | |
| |
| 323 | + | function _deleteBatch() { |
| |
| 324 | + | global $osC_Database, $osC_MessageStack; |
| |
| 325 | + | |
| |
| 326 | + | if (isset($_POST['batch']) && is_array($_POST['batch'])) { |
| |
| 327 | + | $osC_Database->startTransaction(); |
| |
| 328 | + | |
| |
| 329 | + | $Qdel = $osC_Database->query('delete from :table_administrators_access where administrators_id in (":administrators_id")'); |
| |
| 330 | + | $Qdel->bindTable(':table_administrators_access', TABLE_ADMINISTRATORS_ACCESS); |
| |
| 331 | + | $Qdel->bindRaw(':administrators_id', implode('", "', array_unique(array_filter(array_slice($_POST['batch'], 0, MAX_DISPLAY_SEARCH_RESULTS), 'is_numeric')))); |
| |
| 332 | + | $Qdel->execute(); |
| |
| 333 | + | |
| |
| 334 | + | $Qdel = $osC_Database->query('delete from :table_administrators where id in (":id")'); |
| |
| 335 | + | $Qdel->bindTable(':table_administrators', TABLE_ADMINISTRATORS); |
| |
| 336 | + | $Qdel->bindRaw(':id', implode('", "', array_unique(array_filter(array_slice($_POST['batch'], 0, MAX_DISPLAY_SEARCH_RESULTS), 'is_numeric')))); |
| |
| 337 | + | $Qdel->execute(); |
| |
| 338 | + | |
| |
| 339 | + | $osC_Database->commitTransaction(); |
| |
| 340 | + | |
| |
| 341 | + | $osC_MessageStack->add_session($this->_module, SUCCESS_DB_ROWS_UPDATED, 'success'); |
| |
| 342 | + | } |
| |
| 343 | + | |
| |
| 344 | + | osc_redirect(osc_href_link_admin(FILENAME_DEFAULT, $this->_module . '&page=' . $_GET['page'])); |
| |
| 345 | + | } |
|
204 | 346 | | } |
| |
205 | 347 | | ?> |