mirror of
				https://github.com/Mibew/mibew.git
				synced 2025-10-26 08:16:49 +03:00 
			
		
		
		
	ability to remove operators, confirmations when removing groups/operators, capability checks
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@525 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
		
							parent
							
								
									bfe023c601
								
							
						
					
					
						commit
						cc275561c0
					
				| @ -5,6 +5,7 @@ | |||||||
|   [+] new project name: Mibew Messenger |   [+] new project name: Mibew Messenger | ||||||
|   [!] fixed localization of dates for all languages |   [!] fixed localization of dates for all languages | ||||||
|   [!] fixed online/offline image for groups |   [!] fixed online/offline image for groups | ||||||
|  |   [+] ability to delete operators, confirmation dialog when deleting group/operator/blocked address | ||||||
| 
 | 
 | ||||||
|   1.6.0 |   1.6.0 | ||||||
|   ----- |   ----- | ||||||
|  | |||||||
| @ -234,6 +234,17 @@ function getlocal2($text,$params) { | |||||||
| 	return $string; | 	return $string; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | /* prepares for Javascript string */ | ||||||
|  | function getlocalforJS($text,$params) { | ||||||
|  | 	global $current_locale, $webim_encoding; | ||||||
|  | 	$string = myiconv($webim_encoding,getoutputenc(), getstring_($text,$current_locale)); | ||||||
|  | 	$string = str_replace("\"", "\\\"", str_replace("\n", "\\n", $string));  | ||||||
|  | 	for( $i = 0; $i < count($params); $i++ ) { | ||||||
|  | 		$string = str_replace("{".$i."}", $params[$i], $string); | ||||||
|  | 	} | ||||||
|  | 	return $string; | ||||||
|  | } | ||||||
|  | 
 | ||||||
| /* ajax server actions use utf-8 */ | /* ajax server actions use utf-8 */ | ||||||
| function getrawparam( $name ) { | function getrawparam( $name ) { | ||||||
| 	global $webim_encoding; | 	global $webim_encoding; | ||||||
|  | |||||||
| @ -249,6 +249,7 @@ page.group.no_such=No such group | |||||||
| page.group.title=Group details | page.group.title=Group details | ||||||
| page.groupmembers.intro=View and edit the member list. | page.groupmembers.intro=View and edit the member list. | ||||||
| page.groupmembers.title=Members | page.groupmembers.title=Members | ||||||
|  | page.groups.confirm=Are you sure that you want to delete group "{0}"? | ||||||
| page.groups.intro=This page displays a list of groups in your company. Each group can have separate button and canned responses. | page.groups.intro=This page displays a list of groups in your company. Each group can have separate button and canned responses. | ||||||
| page.groups.new=Create new group... | page.groups.new=Create new group... | ||||||
| page.groups.title=Groups | page.groups.title=Groups | ||||||
| @ -288,6 +289,7 @@ page_agent.title=Operator details | |||||||
| page_agents.agent_commonname=International name | page_agents.agent_commonname=International name | ||||||
| page_agents.agent_name=Name | page_agents.agent_name=Name | ||||||
| page_agents.agents=Full list of operators: | page_agents.agents=Full list of operators: | ||||||
|  | page_agents.confirm=Are you sure that you want to delete operator "{0}"? | ||||||
| page_agents.intro=This page displays a list of company operators. | page_agents.intro=This page displays a list of company operators. | ||||||
| page_agents.login=Login | page_agents.login=Login | ||||||
| page_agents.new_agent=Add operator... | page_agents.new_agent=Add operator... | ||||||
|  | |||||||
| @ -29,7 +29,7 @@ if( isset($_GET['act']) && $_GET['act'] == 'del' ) { | |||||||
| 	$banId = isset($_GET['id']) ? $_GET['id'] : ""; | 	$banId = isset($_GET['id']) ? $_GET['id'] : ""; | ||||||
| 
 | 
 | ||||||
| 	if( !preg_match( "/^\d+$/", $banId )) { | 	if( !preg_match( "/^\d+$/", $banId )) { | ||||||
| 		$errors[] = "Wrong argument"; | 		$errors[] = "Cannot delete: wrong argument"; | ||||||
| 	} | 	} | ||||||
| 
 | 
 | ||||||
| 	if( count($errors) == 0 ) { | 	if( count($errors) == 0 ) { | ||||||
| @ -54,6 +54,7 @@ setup_pagination($blockedList); | |||||||
| 
 | 
 | ||||||
| prepare_menu($operator); | prepare_menu($operator); | ||||||
| start_html_output(); | start_html_output(); | ||||||
|  | 
 | ||||||
| require('../view/blocked_visitors.php'); | require('../view/blocked_visitors.php'); | ||||||
| exit; | exit; | ||||||
| ?>
 | ?>
 | ||||||
| @ -19,21 +19,30 @@ $operator = check_login(); | |||||||
| 
 | 
 | ||||||
| if( isset($_GET['act']) && $_GET['act'] == 'del' ) { | if( isset($_GET['act']) && $_GET['act'] == 'del' ) { | ||||||
| 	 | 	 | ||||||
| 	// TODO check permissions
 | 	$groupid = isset($_GET['gid']) ? $_GET['gid'] : ""; | ||||||
| 
 | 
 | ||||||
| 	$groupid = verifyparam( "gid", "/^(\d{1,9})?$/"); | 	if( !preg_match( "/^\d+$/", $groupid )) { | ||||||
|  | 		$errors[] = "Cannot delete: wrong argument"; | ||||||
|  | 	} | ||||||
| 	 | 	 | ||||||
| 	$link = connect(); | 	if( !is_capable($can_administrate, $operator)) { | ||||||
| 	perform_query("delete from chatgroup where groupid = $groupid",$link); | 		$errors[] = "You are not allowed to remove groups"; | ||||||
| 	perform_query("delete from chatgroupoperator where groupid = $groupid",$link); | 	} | ||||||
| 	perform_query("update chatthread set groupid = 0 where groupid = $groupid",$link); | 	 | ||||||
| 	mysql_close($link); | 	if( count($errors) == 0 ) { | ||||||
| 	header("Location: $webimroot/operator/groups.php"); | 		$link = connect(); | ||||||
| 	exit; | 		perform_query("delete from chatgroup where groupid = $groupid",$link); | ||||||
|  | 		perform_query("delete from chatgroupoperator where groupid = $groupid",$link); | ||||||
|  | 		perform_query("update chatthread set groupid = 0 where groupid = $groupid",$link); | ||||||
|  | 		mysql_close($link); | ||||||
|  | 		header("Location: $webimroot/operator/groups.php"); | ||||||
|  | 		exit; | ||||||
|  | 	} | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| $page = array(); | $page = array(); | ||||||
| $page['groups'] = get_groups(true); | $page['groups'] = get_groups(true); | ||||||
|  | $page['canmodify'] = is_capable($can_administrate, $operator); | ||||||
| 
 | 
 | ||||||
| prepare_menu($operator); | prepare_menu($operator); | ||||||
| start_html_output(); | start_html_output(); | ||||||
|  | |||||||
| @ -17,8 +17,44 @@ require_once('../libs/operator.php'); | |||||||
| 
 | 
 | ||||||
| $operator = check_login(); | $operator = check_login(); | ||||||
| 
 | 
 | ||||||
|  | if( isset($_GET['act']) && $_GET['act'] == 'del' ) { | ||||||
|  | 	$operatorid = isset($_GET['id']) ? $_GET['id'] : ""; | ||||||
|  | 
 | ||||||
|  | 	if( !preg_match( "/^\d+$/", $operatorid )) { | ||||||
|  | 		$errors[] = "Cannot delete: wrong argument"; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	if( !is_capable($can_administrate, $operator)) { | ||||||
|  | 		$errors[] = "You are not allowed to remove operators"; | ||||||
|  | 	} | ||||||
|  | 	 | ||||||
|  | 	if( $operatorid == $operator['operatorid']) { | ||||||
|  | 		$errors[] = "Cannot remove self"; | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	if(count($errors) == 0) { | ||||||
|  | 		$op = operator_by_id($operatorid); | ||||||
|  | 		if( !$op ) { | ||||||
|  | 			$errors[] = getlocal("no_such_operator"); | ||||||
|  | 		} else if($op['vclogin'] == 'admin') { | ||||||
|  | 			$errors[] = 'Cannot remove operator "admin"';			 | ||||||
|  | 		}		 | ||||||
|  | 	} | ||||||
|  | 	 | ||||||
|  | 	if( count($errors) == 0 ) { | ||||||
|  | 		$link = connect(); | ||||||
|  | 		perform_query("delete from chatgroupoperator where operatorid = $operatorid",$link); | ||||||
|  | 		perform_query("delete from chatoperator where operatorid = $operatorid",$link); | ||||||
|  | 		mysql_close($link); | ||||||
|  | 		 | ||||||
|  | 		header("Location: $webimroot/operator/operators.php"); | ||||||
|  | 		exit; | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
| $page = array(); | $page = array(); | ||||||
| $page['allowedAgents'] = get_operators(); | $page['allowedAgents'] = get_operators(); | ||||||
|  | $page['canmodify'] = is_capable($can_administrate, $operator); | ||||||
| 
 | 
 | ||||||
| prepare_menu($operator); | prepare_menu($operator); | ||||||
| start_html_output(); | start_html_output(); | ||||||
|  | |||||||
| @ -16,13 +16,23 @@ require_once("inc_menu.php"); | |||||||
| $page['title'] = getlocal("page_agents.title"); | $page['title'] = getlocal("page_agents.title"); | ||||||
| $page['menuid'] = "operators"; | $page['menuid'] = "operators"; | ||||||
| 
 | 
 | ||||||
| function tpl_content() { global $page, $webimroot; | function tpl_header() { global $page, $webimroot; | ||||||
|  | ?>	
 | ||||||
|  | <script type="text/javascript" language="javascript" src="<?php echo $webimroot ?>/js/jquery-1.3.2.min.js"></script> | ||||||
|  | <?php | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function tpl_content() { global $page, $webimroot, $errors; | ||||||
| ?>
 | ?>
 | ||||||
| 
 | 
 | ||||||
| <?php echo getlocal("page_agents.intro") ?>
 | <?php echo getlocal("page_agents.intro") ?>
 | ||||||
| <br /> | <br /> | ||||||
| <br /> | <br /> | ||||||
|  | <?php  | ||||||
|  | require_once('inc_errors.php'); | ||||||
|  | ?>
 | ||||||
| 
 | 
 | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
| <div class="tabletool"> | <div class="tabletool"> | ||||||
| 	<img src='<?php echo $webimroot ?>/images/buttons/createagent.gif' border="0" alt="" /> | 	<img src='<?php echo $webimroot ?>/images/buttons/createagent.gif' border="0" alt="" /> | ||||||
| 	<a href='<?php echo $webimroot ?>/operator/operator.php' title="<?php echo getlocal("page_agents.new_agent") ?>"> | 	<a href='<?php echo $webimroot ?>/operator/operator.php' title="<?php echo getlocal("page_agents.new_agent") ?>"> | ||||||
| @ -30,7 +40,7 @@ function tpl_content() { global $page, $webimroot; | |||||||
| 	</a> | 	</a> | ||||||
| </div> | </div> | ||||||
| <br clear="all"/> | <br clear="all"/> | ||||||
| 
 | <?php } ?>
 | ||||||
| 
 | 
 | ||||||
| <table class="list"> | <table class="list"> | ||||||
| <thead> | <thead> | ||||||
| @ -41,6 +51,9 @@ function tpl_content() { global $page, $webimroot; | |||||||
| 	<?php echo getlocal("page_agents.agent_name") ?>
 | 	<?php echo getlocal("page_agents.agent_name") ?>
 | ||||||
| </th><th> | </th><th> | ||||||
| 	<?php echo getlocal("page_agents.agent_commonname") ?>
 | 	<?php echo getlocal("page_agents.agent_commonname") ?>
 | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
|  | </th><th> | ||||||
|  | <?php } ?>
 | ||||||
| </th> | </th> | ||||||
| </tr> | </tr> | ||||||
| </thead> | </thead> | ||||||
| @ -48,7 +61,7 @@ function tpl_content() { global $page, $webimroot; | |||||||
| <?php foreach( $page['allowedAgents'] as $a ) { ?>
 | <?php foreach( $page['allowedAgents'] as $a ) { ?>
 | ||||||
| <tr> | <tr> | ||||||
| 	<td class="notlast"> | 	<td class="notlast"> | ||||||
|    		<a href="<?php echo $webimroot ?>/operator/operator.php?op=<?php echo $a['operatorid'] ?>" class="man"> |    		<a id="ti<?php echo $a['operatorid'] ?>" href="<?php echo $webimroot ?>/operator/operator.php?op=<?php echo $a['operatorid'] ?>" class="man"> | ||||||
|    			<?php echo htmlspecialchars(topage($a['vclogin'])) ?>
 |    			<?php echo htmlspecialchars(topage($a['vclogin'])) ?>
 | ||||||
|    		</a> |    		</a> | ||||||
| 	</td> | 	</td> | ||||||
| @ -58,10 +71,23 @@ function tpl_content() { global $page, $webimroot; | |||||||
| 	<td> | 	<td> | ||||||
|    		<?php echo htmlspecialchars(topage($a['vccommonname'])) ?>
 |    		<?php echo htmlspecialchars(topage($a['vccommonname'])) ?>
 | ||||||
| 	</td> | 	</td> | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
|  | 	<td> | ||||||
|  | 		<a class="removelink" id="i<?php echo $a['operatorid'] ?>" href="<?php echo $webimroot ?>/operator/operators.php?act=del&id=<?php echo $a['operatorid'] ?>"> | ||||||
|  | 			remove | ||||||
|  | 		</a> | ||||||
|  | 	</td> | ||||||
|  | <?php } ?>	
 | ||||||
| </tr> | </tr> | ||||||
| <?php } ?>
 | <?php } ?>
 | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
|  | <script type="text/javascript" language="javascript"><!-- | ||||||
|  | $('a.removelink').click(function(){ | ||||||
|  | 	var login = $("#t"+this.id).text(); | ||||||
|  | 	return confirm("<?php echo getlocalforJS("page_agents.confirm", array('"+$.trim(login)+"')) ?>"); | ||||||
|  | }); | ||||||
|  | //--></script>
 | ||||||
| 
 | 
 | ||||||
| <?php  | <?php  | ||||||
| } /* content */ | } /* content */ | ||||||
|  | |||||||
| @ -22,12 +22,15 @@ function tpl_header() { global $page, $webimroot; | |||||||
| <?php | <?php | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| function tpl_content() { global $page, $webimroot; | function tpl_content() { global $page, $webimroot, $errors; | ||||||
| ?>
 | ?>
 | ||||||
| 
 | 
 | ||||||
| <?php echo getlocal("page_ban.intro") ?>
 | <?php echo getlocal("page_ban.intro") ?>
 | ||||||
| <br /> | <br /> | ||||||
| <br /> | <br /> | ||||||
|  | <?php  | ||||||
|  | require_once('inc_errors.php'); | ||||||
|  | ?>
 | ||||||
| 
 | 
 | ||||||
| <div class="tabletool"> | <div class="tabletool"> | ||||||
| 	<img src="<?php echo $webimroot ?>/images/buttons/createban.gif" border="0" alt=""/> | 	<img src="<?php echo $webimroot ?>/images/buttons/createban.gif" border="0" alt=""/> | ||||||
| @ -104,7 +107,7 @@ if( $page['pagination.items'] ) { | |||||||
| <script type="text/javascript" language="javascript"><!-- | <script type="text/javascript" language="javascript"><!-- | ||||||
| $('a.removelink').click(function(){ | $('a.removelink').click(function(){ | ||||||
| 	var addr = $("#t"+this.id).text(); | 	var addr = $("#t"+this.id).text(); | ||||||
| 	return confirm("<?php echo str_replace("\n", "\\n", getlocal2("page_bans.confirm", array('"+$.trim(addr)+"'))) ?>"); | 	return confirm("<?php echo getlocalforJS("page_bans.confirm", array('"+$.trim(addr)+"')) ?>"); | ||||||
| }); | }); | ||||||
| //--></script>
 | //--></script>
 | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -16,13 +16,23 @@ require_once("inc_menu.php"); | |||||||
| $page['title'] = getlocal("page.groups.title"); | $page['title'] = getlocal("page.groups.title"); | ||||||
| $page['menuid'] = "groups"; | $page['menuid'] = "groups"; | ||||||
| 
 | 
 | ||||||
| function tpl_content() { global $page, $webimroot; | function tpl_header() { global $page, $webimroot; | ||||||
|  | ?>	
 | ||||||
|  | <script type="text/javascript" language="javascript" src="<?php echo $webimroot ?>/js/jquery-1.3.2.min.js"></script> | ||||||
|  | <?php | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function tpl_content() { global $page, $webimroot, $errors; | ||||||
| ?>
 | ?>
 | ||||||
| 
 | 
 | ||||||
| <?php echo getlocal("page.groups.intro") ?>
 | <?php echo getlocal("page.groups.intro") ?>
 | ||||||
| <br /> | <br /> | ||||||
| <br /> | <br /> | ||||||
|  | <?php  | ||||||
|  | require_once('inc_errors.php'); | ||||||
|  | ?>
 | ||||||
| 
 | 
 | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
| <div class="tabletool"> | <div class="tabletool"> | ||||||
| 	<img src='<?php echo $webimroot ?>/images/buttons/createdep.gif' border="0" alt="" /> | 	<img src='<?php echo $webimroot ?>/images/buttons/createdep.gif' border="0" alt="" /> | ||||||
| 	<a href='<?php echo $webimroot ?>/operator/group.php' title="<?php echo getlocal("page.groups.new") ?>"> | 	<a href='<?php echo $webimroot ?>/operator/group.php' title="<?php echo getlocal("page.groups.new") ?>"> | ||||||
| @ -30,7 +40,7 @@ function tpl_content() { global $page, $webimroot; | |||||||
| 	</a> | 	</a> | ||||||
| </div> | </div> | ||||||
| <br clear="all"/> | <br clear="all"/> | ||||||
| 
 | <?php } ?>
 | ||||||
| 
 | 
 | ||||||
| <table class="list"> | <table class="list"> | ||||||
| <thead> | <thead> | ||||||
| @ -41,7 +51,9 @@ function tpl_content() { global $page, $webimroot; | |||||||
| 	<?php echo getlocal("form.field.groupdesc") ?>
 | 	<?php echo getlocal("form.field.groupdesc") ?>
 | ||||||
| </th><th> | </th><th> | ||||||
| 	<?php echo getlocal("page.group.membersnum") ?>
 | 	<?php echo getlocal("page.group.membersnum") ?>
 | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
| </th><th> | </th><th> | ||||||
|  | <?php } ?>
 | ||||||
| </th> | </th> | ||||||
| </tr> | </tr> | ||||||
| </thead> | </thead> | ||||||
| @ -51,7 +63,7 @@ if(count($page['groups']) > 0) { | |||||||
| 	foreach( $page['groups'] as $grp ) { ?>
 | 	foreach( $page['groups'] as $grp ) { ?>
 | ||||||
| <tr> | <tr> | ||||||
| 	<td class="notlast"> | 	<td class="notlast"> | ||||||
|    		<a href="<?php echo $webimroot ?>/operator/group.php?gid=<?php echo $grp['groupid'] ?>" class="man"> |    		<a href="<?php echo $webimroot ?>/operator/group.php?gid=<?php echo $grp['groupid'] ?>" id="ti<?php echo $grp['groupid'] ?>" class="man"> | ||||||
|    			<?php echo htmlspecialchars(topage($grp['vclocalname'])) ?>
 |    			<?php echo htmlspecialchars(topage($grp['vclocalname'])) ?>
 | ||||||
|    		</a> |    		</a> | ||||||
| 	</td> | 	</td> | ||||||
| @ -63,11 +75,13 @@ if(count($page['groups']) > 0) { | |||||||
| 	   		<?php echo htmlspecialchars(topage($grp['inumofagents'])) ?>
 | 	   		<?php echo htmlspecialchars(topage($grp['inumofagents'])) ?>
 | ||||||
|    		</a> |    		</a> | ||||||
| 	</td> | 	</td> | ||||||
|  | <?php if($page['canmodify']) { ?>
 | ||||||
| 	<td> | 	<td> | ||||||
| 		<a href="<?php echo $webimroot ?>/operator/groups.php?act=del&gid=<?php echo $grp['groupid'] ?>"> | 		<a href="<?php echo $webimroot ?>/operator/groups.php?act=del&gid=<?php echo $grp['groupid'] ?>" id="i<?php echo $grp['groupid'] ?>" class="removelink"> | ||||||
| 			remove | 			remove | ||||||
| 		</a> | 		</a> | ||||||
| 	</td> | 	</td> | ||||||
|  | <?php } ?>
 | ||||||
| </tr> | </tr> | ||||||
| <?php  | <?php  | ||||||
| 	} | 	} | ||||||
| @ -83,6 +97,12 @@ if(count($page['groups']) > 0) { | |||||||
| ?>
 | ?>
 | ||||||
| </tbody> | </tbody> | ||||||
| </table> | </table> | ||||||
|  | <script type="text/javascript" language="javascript"><!-- | ||||||
|  | $('a.removelink').click(function(){ | ||||||
|  | 	var groupname = $("#t"+this.id).text(); | ||||||
|  | 	return confirm("<?php echo getlocalforJS("page.groups.confirm", array('"+$.trim(groupname)+"')) ?>"); | ||||||
|  | }); | ||||||
|  | //--></script>
 | ||||||
| 
 | 
 | ||||||
| <?php  | <?php  | ||||||
| } /* content */ | } /* content */ | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user