summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/account.module39
-rw-r--r--modules/comment.module2
-rw-r--r--modules/comment/comment.module2
-rw-r--r--modules/diary.module2
-rw-r--r--modules/story.module2
-rw-r--r--modules/story/story.module2
-rw-r--r--modules/submission.module10
7 files changed, 33 insertions, 26 deletions
diff --git a/modules/account.module b/modules/account.module
index 26466e6b5..c92cbfbd5 100644
--- a/modules/account.module
+++ b/modules/account.module
@@ -63,7 +63,7 @@ function account_find($keys) {
$find = array();
$result = db_query("SELECT * FROM users WHERE userid LIKE '%". check_input($keys) ."%' LIMIT 20");
while ($account = db_fetch_object($result)) {
- array_push($find, array("subject" => $account->userid, "link" => (user_permission($user) ? "admin.php?mod=account&op=view&name=$account->userid" : "account.php?op=view&name=$account->userid"), "user" => $account->userid));
+ array_push($find, array("subject" => $account->userid, "link" => (user_access($user, "account") ? "admin.php?mod=account&op=view&name=$account->userid" : "account.php?op=view&name=$account->userid"), "user" => $account->userid));
}
return $find;
}
@@ -75,7 +75,7 @@ function account_search() {
}
function account_display($order = "username") {
- $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "hostname" => "last_host DESC", "last access date" => "last_access DESC", "real e-mail address" => "real_email", "real name" => "name", "permissions" => "permissions", "rating" => "rating DESC", "status" => "status", "theme" => "theme", "timezone" => "timezone DESC", "username" => "userid");
+ $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "hostname" => "last_host DESC", "last access date" => "last_access DESC", "real e-mail address" => "real_email", "real name" => "name", "rating" => "rating DESC", "status" => "status", "theme" => "theme", "timezone" => "timezone DESC", "username" => "userid");
$show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "homepage" => "url");
$stat = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$perm = array(0 => "regular user", 1 => "administrator");
@@ -118,9 +118,6 @@ function account_display($order = "username") {
case "status":
$output .= " <TD ALIGN=\"center\">". $stat[$account[$value]] ."</TD>\n";
break;
- case "permissions":
- $output .= " <TD ALIGN=\"center\">". $perm[$account[$value]] ."</TD>\n";
- break;
case "timezone":
$output .= " <TD ALIGN=\"center\">". check_output($account[$value] / 3600) ."</TD>\n";
break;
@@ -142,6 +139,15 @@ function account_display($order = "username") {
print $output;
}
+function account_access($account) {
+ $data = explode(";", $account->access);
+ foreach ($data as $array) {
+ $access = explode(":", $array);
+ if ($access[0]) $output .= " <A HREF=\"admin.php?mod=$access[0]\">$access[0]</A>";
+ }
+ return $output;
+}
+
function account_blocks($id) {
$result = db_query("SELECT * FROM layout WHERE user = $id");
while ($layout = db_fetch_object($result)) {
@@ -167,17 +173,22 @@ function account_comments($id) {
}
function account_edit_save($name, $edit) {
- foreach ($edit as $key=>$value) {
- $query .= "$key = '". addslashes($value) ."', ";
- }
+ foreach ($edit as $key=>$value) if ($key != "access") $query .= "$key = '". addslashes($value) ."', ";
db_query("UPDATE users SET $query last_access = '". time() ."' WHERE userid = '$name'");
+ foreach ($edit[access] as $key=>$value) user_set(user_load($name), "access", $value, 1);
watchdog("message", "account: modified user '$name'");
}
function account_edit($name) {
+ global $access, $account;
+
+ function access($name, $module) {
+ global $access, $account;
+ $access .= "<OPTION VALUE=\"$name\"". (user_access($account, $name) ? " SELECTED" : "") .">$name</OPTION>";
+ }
+
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
- $permissions = array(0 => "regular user", 1 => "administrator");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
@@ -187,21 +198,18 @@ function account_edit($name) {
}
$stat = "<SELECT NAME=\"edit[status]\">\n$stat</SELECT>\n";
- foreach ($permissions as $key=>$value) {
- $perm .= " <OPTION VALUE=\"$key\"". (($account->permissions == $key) ? " SELECTED" : "") .">$value</OPTION>\n";
- }
- $perm = "<SELECT NAME=\"edit[permissions]\">\n$perm</SELECT>\n";
+ module_iterate("access");
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD>$account->id</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Status:</B></TD><TD>$stat</TD></TR>\n";
+ $output .= " <TR><TD ALIGN=\"right\"><B>Access:</B></TD><TD><SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real name:</B></TD><TD>". check_output($account->name) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD><INPUT NAME=\"edit[fake_email]\" SIZE=\"55\" VALUE=\"$account->fake_email\"></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD><INPUT NAME=\"edit[url]\" SIZE=\"55\" VALUE=\"$account->url\"></TD></TR>\n";
- $output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>$perm</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from ". check_output($account->last_host) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>User rating:</B></TD><TD>". check_output($account->rating) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD><TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->bio</TEXTAREA></TD></TR>\n";
@@ -221,7 +229,6 @@ function account_edit($name) {
function account_view($name) {
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
- $permissions = array(0 => "regular user", 1 => "administrator");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
@@ -229,12 +236,12 @@ function account_view($name) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD><A HREF=\"admin.php?mod=account&op=edit&name=$account->userid\">$account->id</A></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Status:</B></TD><TD>". $status[$account->status] ."</TD></TR>\n";
+ $output .= " <TR><TD ALIGN=\"right\"><B>Access:</B></TD><TD>". check_output(account_access($account)) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real name:</B></TD><TD>". check_output($account->name) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD>". check_output($account->fake_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
- $output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>". $permissions[$account->permissions] ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from ". check_output($account->last_host) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>User rating:</B></TD><TD>". check_output($account->rating) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD>". check_output($account->bio) ."</TD></TR>\n";
diff --git a/modules/comment.module b/modules/comment.module
index 4d73e3caf..ef0bce34a 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -8,7 +8,7 @@ function comment_find($keys) {
$find = array();
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%". check_input($keys) ."%' OR c.comment LIKE '%". check_input($keys) ."%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
- array_push($find, array("subject" => check_output($comment->subject), "link" => (user_permission($user) ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp));
+ array_push($find, array("subject" => check_output($comment->subject), "link" => (user_access($user, "comment") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp));
}
return $find;
}
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index 4d73e3caf..ef0bce34a 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -8,7 +8,7 @@ function comment_find($keys) {
$find = array();
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%". check_input($keys) ."%' OR c.comment LIKE '%". check_input($keys) ."%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
- array_push($find, array("subject" => check_output($comment->subject), "link" => (user_permission($user) ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp));
+ array_push($find, array("subject" => check_output($comment->subject), "link" => (user_access($user, "comment") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp));
}
return $find;
}
diff --git a/modules/diary.module b/modules/diary.module
index c8e93c6be..0f366a84f 100644
--- a/modules/diary.module
+++ b/modules/diary.module
@@ -16,7 +16,7 @@ function diary_find($keys) {
$find = array();
$result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE d.text LIKE '%". check_input($keys) ."%' ORDER BY d.timestamp DESC LIMIT 20");
while ($diary = db_fetch_object($result)) {
- array_push($find, array("subject" => "$diary->userid's diary", "link" => (user_permission($user) ? "admin.php?mod=diary&op=edit&id=$diary->id" : "module.php?mod=diary&op=view&name=$diary->userid"), "user" => $diary->userid, "date" => $diary->timestamp));
+ array_push($find, array("subject" => "$diary->userid's diary", "link" => (user_access($user, "diary") ? "admin.php?mod=diary&op=edit&id=$diary->id" : "module.php?mod=diary&op=view&name=$diary->userid"), "user" => $diary->userid, "date" => $diary->timestamp));
}
return $find;
diff --git a/modules/story.module b/modules/story.module
index 47671033e..535821ccd 100644
--- a/modules/story.module
+++ b/modules/story.module
@@ -20,7 +20,7 @@ function story_find($keys) {
$find = array();
$result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.status = 2 AND (s.subject LIKE '%". check_input($keys) ."%' OR s.abstract LIKE '%". check_input($keys) ."%' OR s.article LIKE '%". check_input($keys) ."%') ORDER BY s.timestamp DESC LIMIT 20");
while ($story = db_fetch_object($result)) {
- array_push($find, array("subject" => check_output($story->subject), "link" => (user_permission($user) ? "admin.php?mod=story&op=edit&id=$story->id" : "story.php?id=$story->id"), "user" => $story->userid, "date" => $story->timestamp));
+ array_push($find, array("subject" => check_output($story->subject), "link" => (user_access($user, "story") ? "admin.php?mod=story&op=edit&id=$story->id" : "story.php?id=$story->id"), "user" => $story->userid, "date" => $story->timestamp));
}
return $find;
}
diff --git a/modules/story/story.module b/modules/story/story.module
index 47671033e..535821ccd 100644
--- a/modules/story/story.module
+++ b/modules/story/story.module
@@ -20,7 +20,7 @@ function story_find($keys) {
$find = array();
$result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.status = 2 AND (s.subject LIKE '%". check_input($keys) ."%' OR s.abstract LIKE '%". check_input($keys) ."%' OR s.article LIKE '%". check_input($keys) ."%') ORDER BY s.timestamp DESC LIMIT 20");
while ($story = db_fetch_object($result)) {
- array_push($find, array("subject" => check_output($story->subject), "link" => (user_permission($user) ? "admin.php?mod=story&op=edit&id=$story->id" : "story.php?id=$story->id"), "user" => $story->userid, "date" => $story->timestamp));
+ array_push($find, array("subject" => check_output($story->subject), "link" => (user_access($user, "story") ? "admin.php?mod=story&op=edit&id=$story->id" : "story.php?id=$story->id"), "user" => $story->userid, "date" => $story->timestamp));
}
return $find;
}
diff --git a/modules/submission.module b/modules/submission.module
index 338408d4c..3cc666f55 100644
--- a/modules/submission.module
+++ b/modules/submission.module
@@ -22,7 +22,7 @@ function submission_score($id) {
function submission_vote($id, $vote, $comment) {
global $user;
- if (!user_get_history($user->history, "s$id")) {
+ if (!user_get($user, "history", "s$id")) {
// Update submission's score- and votes-field:
db_query("UPDATE stories SET score = score $vote, votes = votes + 1 WHERE id = $id");
@@ -33,7 +33,7 @@ function submission_vote($id, $vote, $comment) {
}
// Update user's history record:
- user_set_history("s$id", $vote);
+ $user = user_set($user, "history", "s$id", $vote);
// Update story table (if required):
$result = db_query("SELECT * FROM stories WHERE id = $id");
@@ -65,7 +65,7 @@ function submission_page_main() {
$content .= "<TABLE BORDER=\"0\" CELLSPACING=\"4\" CELLPADDING=\"4\">\n";
$content .= " <TR BGCOLOR=\"$bgcolor1\"><TH>". t("Subject") ."</TH><TH>". t("Section") ."</TH><TH>". t("Date") ."</TH><TH>". t("Author") ."</TH><TH>". t("Score") ."</TH></TR>\n";
while ($submission = db_fetch_object($result)) {
- if ($user->id == $submission->author || user_get_history($user->history, "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"module.php?mod=submission&op=view&id=$submission->id\">". check_output($submission->subject) ."</A></TD><TD>$submission->section</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n";
+ if ($user->id == $submission->author || user_get($user, "history", "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"module.php?mod=submission&op=view&id=$submission->id\">". check_output($submission->subject) ."</A></TD><TD>$submission->section</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n";
else $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"module.php?mod=submission&op=view&id=$submission->id\">". check_output($submission->subject) ."</A></TD><TD>$submission->section</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"module.php?mod=submission&op=view&id=$submission->id\">". t("vote") ."</A></TD></TR>\n";
}
$content .= "</TABLE>\n";
@@ -81,7 +81,7 @@ function submission_display_item($id) {
$result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = $id");
$submission = db_fetch_object($result);
- if ($user->id == $submission->author || user_get_history($user->history, "s$submission->id")) {
+ if ($user->id == $submission->author || user_get($user, "history", "s$submission->id")) {
header("Location: story.php?id=$submission->id");
}
else {
@@ -111,7 +111,7 @@ function submission_page() {
global $comment, $id, $op, $user, $vote;
if ($user->id) {
- user_rehash();
+ $user = user_load($user->userid);
switch($op) {
case "view":
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 10:06:39 +0000