Mibew/tray
1
0
Fork 0
mirror of https://github.com/Mibew/tray.git synced 2025-01-22 18:10:34 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

ability to remove operators, confirmations when removing groups/operators, capability checks

Browse Source 
git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@525 c66351dc-e62f-0410-b875-e3a5c0b9693f
This commit is contained in:
Evgeny Gryaznov 2009-06-05 11:38:24 +00:00
parent bfe023c601
commit cc275561c0
9 changed files with 129 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/messenger/webim/install/whatsnew.txt
View File

@ -5,6 +5,7 @@
[+] new project name: Mibew Messenger [+] new project name: Mibew Messenger
[!] fixed localization of dates for all languages [!] fixed localization of dates for all languages
[!] fixed online/offline image for groups [!] fixed online/offline image for groups
[+] ability to delete operators, confirmation dialog when deleting group/operator/blocked address
1.6.0 1.6.0
----- -----

11
src/messenger/webim/libs/common.php
View File

@ -234,6 +234,17 @@ function getlocal2($text,$params) {
return $string; return $string;
} }
/* prepares for Javascript string */
function getlocalforJS($text,$params) {
global $current_locale, $webim_encoding;
$string = myiconv($webim_encoding,getoutputenc(), getstring_($text,$current_locale));
$string = str_replace("\"", "\\\"", str_replace("\n", "\\n", $string));
for( $i = 0; $i < count($params); $i++ ) {
$string = str_replace("{".$i."}", $params[$i], $string);
}
return $string;
}
/* ajax server actions use utf-8 */ /* ajax server actions use utf-8 */
function getrawparam( $name ) { function getrawparam( $name ) {
global $webim_encoding; global $webim_encoding;

2
src/messenger/webim/locales/en/properties
View File

@ -249,6 +249,7 @@ page.group.no_such=No such group
page.group.title=Group details page.group.title=Group details
page.groupmembers.intro=View and edit the member list. page.groupmembers.intro=View and edit the member list.
page.groupmembers.title=Members page.groupmembers.title=Members
page.groups.confirm=Are you sure that you want to delete group "{0}"?
page.groups.intro=This page displays a list of groups in your company. Each group can have separate button and canned responses. page.groups.intro=This page displays a list of groups in your company. Each group can have separate button and canned responses.
page.groups.new=Create new group... page.groups.new=Create new group...
page.groups.title=Groups page.groups.title=Groups
@ -288,6 +289,7 @@ page_agent.title=Operator details
page_agents.agent_commonname=International name page_agents.agent_commonname=International name
page_agents.agent_name=Name page_agents.agent_name=Name
page_agents.agents=Full list of operators: page_agents.agents=Full list of operators:
page_agents.confirm=Are you sure that you want to delete operator "{0}"?
page_agents.intro=This page displays a list of company operators. page_agents.intro=This page displays a list of company operators.
page_agents.login=Login page_agents.login=Login
page_agents.new_agent=Add operator... page_agents.new_agent=Add operator...

3
src/messenger/webim/operator/blocked.php
View File

@ -29,7 +29,7 @@ if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
$banId = isset($_GET['id']) ? $_GET['id'] : ""; $banId = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $banId )) { if( !preg_match( "/^\d+$/", $banId )) {
$errors[] = "Wrong argument"; $errors[] = "Cannot delete: wrong argument";
} }
if( count($errors) == 0 ) { if( count($errors) == 0 ) {
@ -54,6 +54,7 @@ setup_pagination($blockedList);
prepare_menu($operator); prepare_menu($operator);
start_html_output(); start_html_output();
require('../view/blocked_visitors.php'); require('../view/blocked_visitors.php');
exit; exit;
?> ?>

29
src/messenger/webim/operator/groups.php
View File

@ -19,21 +19,30 @@ $operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) { if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
// TODO check permissions $groupid = isset($_GET['gid']) ? $_GET['gid'] : "";
$groupid = verifyparam( "gid", "/^(\d{1,9})?$/");
$link = connect(); if( !preg_match( "/^\d+$/", $groupid )) {
perform_query("delete from chatgroup where groupid = $groupid",$link); $errors[] = "Cannot delete: wrong argument";
perform_query("delete from chatgroupoperator where groupid = $groupid",$link); }
perform_query("update chatthread set groupid = 0 where groupid = $groupid",$link);
mysql_close($link); if( !is_capable($can_administrate, $operator)) {
header("Location: $webimroot/operator/groups.php"); $errors[] = "You are not allowed to remove groups";
exit; }
if( count($errors) == 0 ) {
$link = connect();
perform_query("delete from chatgroup where groupid = $groupid",$link);
perform_query("delete from chatgroupoperator where groupid = $groupid",$link);
perform_query("update chatthread set groupid = 0 where groupid = $groupid",$link);
mysql_close($link);
header("Location: $webimroot/operator/groups.php");
exit;
}
} }
$page = array(); $page = array();
$page['groups'] = get_groups(true); $page['groups'] = get_groups(true);
$page['canmodify'] = is_capable($can_administrate, $operator);
prepare_menu($operator); prepare_menu($operator);
start_html_output(); start_html_output();

36
src/messenger/webim/operator/operators.php
View File

@ -17,8 +17,44 @@ require_once('../libs/operator.php');
$operator = check_login(); $operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
$operatorid = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $operatorid )) {
$errors[] = "Cannot delete: wrong argument";
}
if( !is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to remove operators";
}
if( $operatorid == $operator['operatorid']) {
$errors[] = "Cannot remove self";
}
if(count($errors) == 0) {
$op = operator_by_id($operatorid);
if( !$op ) {
$errors[] = getlocal("no_such_operator");
} else if($op['vclogin'] == 'admin') {
$errors[] = 'Cannot remove operator "admin"';
}
}
if( count($errors) == 0 ) {
$link = connect();
perform_query("delete from chatgroupoperator where operatorid = $operatorid",$link);
perform_query("delete from chatoperator where operatorid = $operatorid",$link);
mysql_close($link);
header("Location: $webimroot/operator/operators.php");
exit;
}
}
$page = array(); $page = array();
$page['allowedAgents'] = get_operators(); $page['allowedAgents'] = get_operators();
$page['canmodify'] = is_capable($can_administrate, $operator);
prepare_menu($operator); prepare_menu($operator);
start_html_output(); start_html_output();

32
src/messenger/webim/view/agents.php
View File

@ -16,13 +16,23 @@ require_once("inc_menu.php");
$page['title'] = getlocal("page_agents.title"); $page['title'] = getlocal("page_agents.title");
$page['menuid'] = "operators"; $page['menuid'] = "operators";
function tpl_content() { global $page, $webimroot; function tpl_header() { global $page, $webimroot;
?>
<script type="text/javascript" language="javascript" src="<?php echo $webimroot ?>/js/jquery-1.3.2.min.js"></script>
<?php
}
function tpl_content() { global $page, $webimroot, $errors;
?> ?>
<?php echo getlocal("page_agents.intro") ?> <?php echo getlocal("page_agents.intro") ?>
<br /> <br />
<br /> <br />
<?php
require_once('inc_errors.php');
?>
<?php if($page['canmodify']) { ?>
<div class="tabletool"> <div class="tabletool">
<img src='<?php echo $webimroot ?>/images/buttons/createagent.gif' border="0" alt="" /> <img src='<?php echo $webimroot ?>/images/buttons/createagent.gif' border="0" alt="" />
<a href='<?php echo $webimroot ?>/operator/operator.php' title="<?php echo getlocal("page_agents.new_agent") ?>"> <a href='<?php echo $webimroot ?>/operator/operator.php' title="<?php echo getlocal("page_agents.new_agent") ?>">
@ -30,7 +40,7 @@ function tpl_content() { global $page, $webimroot;
</a> </a>
</div> </div>
<br clear="all"/> <br clear="all"/>
<?php } ?>
<table class="list"> <table class="list">
<thead> <thead>
@ -41,6 +51,9 @@ function tpl_content() { global $page, $webimroot;
<?php echo getlocal("page_agents.agent_name") ?> <?php echo getlocal("page_agents.agent_name") ?>
</th><th> </th><th>
<?php echo getlocal("page_agents.agent_commonname") ?> <?php echo getlocal("page_agents.agent_commonname") ?>
<?php if($page['canmodify']) { ?>
</th><th>
<?php } ?>
</th> </th>
</tr> </tr>
</thead> </thead>
@ -48,7 +61,7 @@ function tpl_content() { global $page, $webimroot;
<?php foreach( $page['allowedAgents'] as $a ) { ?> <?php foreach( $page['allowedAgents'] as $a ) { ?>
<tr> <tr>
<td class="notlast"> <td class="notlast">
<a href="<?php echo $webimroot ?>/operator/operator.php?op=<?php echo $a['operatorid'] ?>" class="man"> <a id="ti<?php echo $a['operatorid'] ?>" href="<?php echo $webimroot ?>/operator/operator.php?op=<?php echo $a['operatorid'] ?>" class="man">
<?php echo htmlspecialchars(topage($a['vclogin'])) ?> <?php echo htmlspecialchars(topage($a['vclogin'])) ?>
</a> </a>
</td> </td>
@ -58,10 +71,23 @@ function tpl_content() { global $page, $webimroot;
<td> <td>
<?php echo htmlspecialchars(topage($a['vccommonname'])) ?> <?php echo htmlspecialchars(topage($a['vccommonname'])) ?>
</td> </td>
<?php if($page['canmodify']) { ?>
<td>
<a class="removelink" id="i<?php echo $a['operatorid'] ?>" href="<?php echo $webimroot ?>/operator/operators.php?act=del&amp;id=<?php echo $a['operatorid'] ?>">
remove
</a>
</td>
<?php } ?>
</tr> </tr>
<?php } ?> <?php } ?>
</tbody> </tbody>
</table> </table>
<script type="text/javascript" language="javascript"><!--
$('a.removelink').click(function(){
var login = $("#t"+this.id).text();
return confirm("<?php echo getlocalforJS("page_agents.confirm", array('"+$.trim(login)+"')) ?>");
});
//--></script>
<?php <?php
} /* content */ } /* content */

7
src/messenger/webim/view/blocked_visitors.php
View File

@ -22,12 +22,15 @@ function tpl_header() { global $page, $webimroot;
<?php <?php
} }
function tpl_content() { global $page, $webimroot; function tpl_content() { global $page, $webimroot, $errors;
?> ?>
<?php echo getlocal("page_ban.intro") ?> <?php echo getlocal("page_ban.intro") ?>
<br /> <br />
<br /> <br />
<?php
require_once('inc_errors.php');
?>
<div class="tabletool"> <div class="tabletool">
<img src="<?php echo $webimroot ?>/images/buttons/createban.gif" border="0" alt=""/> <img src="<?php echo $webimroot ?>/images/buttons/createban.gif" border="0" alt=""/>
@ -104,7 +107,7 @@ if( $page['pagination.items'] ) {
<script type="text/javascript" language="javascript"><!-- <script type="text/javascript" language="javascript"><!--
$('a.removelink').click(function(){ $('a.removelink').click(function(){
var addr = $("#t"+this.id).text(); var addr = $("#t"+this.id).text();
return confirm("<?php echo str_replace("\n", "\\n", getlocal2("page_bans.confirm", array('"+$.trim(addr)+"'))) ?>"); return confirm("<?php echo getlocalforJS("page_bans.confirm", array('"+$.trim(addr)+"')) ?>");
}); });
//--></script> //--></script>

28
src/messenger/webim/view/groups.php
View File

@ -16,13 +16,23 @@ require_once("inc_menu.php");
$page['title'] = getlocal("page.groups.title"); $page['title'] = getlocal("page.groups.title");
$page['menuid'] = "groups"; $page['menuid'] = "groups";
function tpl_content() { global $page, $webimroot; function tpl_header() { global $page, $webimroot;
?>
<script type="text/javascript" language="javascript" src="<?php echo $webimroot ?>/js/jquery-1.3.2.min.js"></script>
<?php
}
function tpl_content() { global $page, $webimroot, $errors;
?> ?>
<?php echo getlocal("page.groups.intro") ?> <?php echo getlocal("page.groups.intro") ?>
<br /> <br />
<br /> <br />
<?php
require_once('inc_errors.php');
?>
<?php if($page['canmodify']) { ?>
<div class="tabletool"> <div class="tabletool">
<img src='<?php echo $webimroot ?>/images/buttons/createdep.gif' border="0" alt="" /> <img src='<?php echo $webimroot ?>/images/buttons/createdep.gif' border="0" alt="" />
<a href='<?php echo $webimroot ?>/operator/group.php' title="<?php echo getlocal("page.groups.new") ?>"> <a href='<?php echo $webimroot ?>/operator/group.php' title="<?php echo getlocal("page.groups.new") ?>">
@ -30,7 +40,7 @@ function tpl_content() { global $page, $webimroot;
</a> </a>
</div> </div>
<br clear="all"/> <br clear="all"/>
<?php } ?>
<table class="list"> <table class="list">
<thead> <thead>
@ -41,7 +51,9 @@ function tpl_content() { global $page, $webimroot;
<?php echo getlocal("form.field.groupdesc") ?> <?php echo getlocal("form.field.groupdesc") ?>
</th><th> </th><th>
<?php echo getlocal("page.group.membersnum") ?> <?php echo getlocal("page.group.membersnum") ?>
<?php if($page['canmodify']) { ?>
</th><th> </th><th>
<?php } ?>
</th> </th>
</tr> </tr>
</thead> </thead>
@ -51,7 +63,7 @@ if(count($page['groups']) > 0) {
foreach( $page['groups'] as $grp ) { ?> foreach( $page['groups'] as $grp ) { ?>
<tr> <tr>
<td class="notlast"> <td class="notlast">
<a href="<?php echo $webimroot ?>/operator/group.php?gid=<?php echo $grp['groupid'] ?>" class="man"> <a href="<?php echo $webimroot ?>/operator/group.php?gid=<?php echo $grp['groupid'] ?>" id="ti<?php echo $grp['groupid'] ?>" class="man">
<?php echo htmlspecialchars(topage($grp['vclocalname'])) ?> <?php echo htmlspecialchars(topage($grp['vclocalname'])) ?>
</a> </a>
</td> </td>
@ -63,11 +75,13 @@ if(count($page['groups']) > 0) {
<?php echo htmlspecialchars(topage($grp['inumofagents'])) ?> <?php echo htmlspecialchars(topage($grp['inumofagents'])) ?>
</a> </a>
</td> </td>
<?php if($page['canmodify']) { ?>
<td> <td>
<a href="<?php echo $webimroot ?>/operator/groups.php?act=del&amp;gid=<?php echo $grp['groupid'] ?>"> <a href="<?php echo $webimroot ?>/operator/groups.php?act=del&amp;gid=<?php echo $grp['groupid'] ?>" id="i<?php echo $grp['groupid'] ?>" class="removelink">
remove remove
</a> </a>
</td> </td>
<?php } ?>
</tr> </tr>
<?php <?php
} }
@ -83,6 +97,12 @@ if(count($page['groups']) > 0) {
?> ?>
</tbody> </tbody>
</table> </table>
<script type="text/javascript" language="javascript"><!--
$('a.removelink').click(function(){
var groupname = $("#t"+this.id).text();
return confirm("<?php echo getlocalforJS("page.groups.confirm", array('"+$.trim(groupname)+"')) ?>");
});
//--></script>
<?php <?php
} /* content */ } /* content */