Merge lp:~dangarner/xibo/server-layout-media-permissions into lp:xibo/1.3
- server-layout-media-permissions
- Merge into faye
Proposed by
Dan Garner
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Merged at revision: | 220 | ||||||||
Proposed branch: | lp:~dangarner/xibo/server-layout-media-permissions | ||||||||
Merge into: | lp:xibo/1.3 | ||||||||
Diff against target: |
14520 lines (+7237/-5111) 59 files modified
server/install/database/41.sql (+218/-0) server/lib/app/kit.class.php (+13/-0) server/lib/app/permissionmanager.class.php (+83/-0) server/lib/app/responsemanager.class.php (+11/-5) server/lib/app/translationengine.class.php (+1/-1) server/lib/data/dataset.data.class.php (+148/-0) server/lib/data/datasetcolumn.data.class.php (+127/-0) server/lib/data/datasetdata.data.class.php (+84/-0) server/lib/data/datasetgroupsecurity.data.class.php (+149/-0) server/lib/data/layout.data.class.php (+21/-10) server/lib/data/layoutgroupsecurity.data.class.php (+149/-0) server/lib/data/layoutmediagroupsecurity.data.class.php (+194/-0) server/lib/data/layoutregiongroupsecurity.data.class.php (+150/-0) server/lib/data/media.data.class.php (+9/-11) server/lib/data/mediagroupsecurity.data.class.php (+188/-0) server/lib/data/schedule.data.class.php (+2/-0) server/lib/data/templategroupsecurity.data.class.php (+130/-0) server/lib/include.php (+1/-0) server/lib/js/core.js (+12/-3) server/lib/js/dataset.js (+69/-0) server/lib/js/layout.js (+3/-3) server/lib/js/mediamanager.js (+65/-117) server/lib/modules/module.class.php (+1164/-74) server/lib/pages/content.class.php (+120/-104) server/lib/pages/dataset.class.php (+1022/-0) server/lib/pages/display.class.php (+9/-9) server/lib/pages/displaygroup.class.php (+1/-1) server/lib/pages/group.class.php (+1/-1) server/lib/pages/index.class.php (+1/-1) server/lib/pages/layout.class.php (+664/-261) server/lib/pages/mediamanager.class.php (+165/-49) server/lib/pages/oauth.class.php (+1/-1) server/lib/pages/region.class.php (+94/-30) server/lib/pages/schedule.class.php (+109/-15) server/lib/pages/template.class.php (+225/-50) server/lib/pages/user.class.php (+66/-111) server/lib/service/rest.class.php (+3/-6) server/lib/xmds.inc.php (+1/-0) server/locale/dbtranslate.php (+1/-0) server/modules/counter.module.php (+340/-0) server/modules/embedded.module.php (+70/-32) server/modules/flash.module.php (+88/-914) server/modules/image.module.php (+92/-934) server/modules/microblog.module.php (+55/-14) server/modules/module_user_general.php (+382/-150) server/modules/powerpoint.module.php (+88/-914) server/modules/text.module.php (+313/-273) server/modules/ticker.module.php (+52/-17) server/modules/video.module.php (+88/-900) server/modules/webpage.module.php (+74/-46) server/template/css/calendar.css (+1/-0) server/template/css/links.css (+14/-0) server/template/css/presentation.css (+31/-1) server/template/css/xibo.css (+7/-2) server/template/footer.php (+1/-1) server/template/header.php (+10/-13) server/template/pages/dataset_view.php (+51/-0) server/template/pages/layout_edit.php (+1/-0) server/template/pages/mediamanager.php (+5/-37) |
||||||||
To merge this branch: | bzr merge lp:~dangarner/xibo/server-layout-media-permissions | ||||||||
Related bugs: |
|
||||||||
Related blueprints: |
Schedule Now
(Undefined)
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Dan Garner | Approve | ||
Review via email: mp+72121@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Dan Garner (dangarner) : | # |
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'server/img/forms/background_timeline.png' | |||
2 | 0 | Binary files server/img/forms/background_timeline.png 2008-12-10 23:48:58 +0000 and server/img/forms/background_timeline.png 2011-08-18 23:36:27 +0000 differ | 0 | Binary files server/img/forms/background_timeline.png 2008-12-10 23:48:58 +0000 and server/img/forms/background_timeline.png 2011-08-18 23:36:27 +0000 differ |
3 | === modified file 'server/install/database/41.sql' | |||
4 | --- server/install/database/41.sql 2011-06-05 17:18:24 +0000 | |||
5 | +++ server/install/database/41.sql 2011-08-18 23:36:27 +0000 | |||
6 | @@ -1,3 +1,221 @@ | |||
7 | 1 | CREATE TABLE IF NOT EXISTS `lklayoutgroup` ( | ||
8 | 2 | `LkLayoutGroupID` int(11) NOT NULL AUTO_INCREMENT, | ||
9 | 3 | `LayoutID` int(11) NOT NULL, | ||
10 | 4 | `GroupID` int(11) NOT NULL, | ||
11 | 5 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
12 | 6 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
13 | 7 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
14 | 8 | PRIMARY KEY (`LkLayoutGroupID`), | ||
15 | 9 | KEY `LayoutID` (`LayoutID`), | ||
16 | 10 | KEY `GroupID` (`GroupID`) | ||
17 | 11 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
18 | 12 | |||
19 | 13 | ALTER TABLE `lklayoutgroup` | ||
20 | 14 | ADD CONSTRAINT `lklayoutgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
21 | 15 | ADD CONSTRAINT `lklayoutgroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); | ||
22 | 16 | |||
23 | 17 | ALTER TABLE `group` ADD `IsEveryone` TINYINT NOT NULL DEFAULT '0'; | ||
24 | 18 | |||
25 | 19 | INSERT INTO `group` ( | ||
26 | 20 | `groupID` , | ||
27 | 21 | `group` , | ||
28 | 22 | `IsUserSpecific` , | ||
29 | 23 | `IsEveryone` | ||
30 | 24 | ) | ||
31 | 25 | VALUES ( | ||
32 | 26 | NULL , 'Everyone', '0', '1' | ||
33 | 27 | ); | ||
34 | 28 | |||
35 | 29 | CREATE TABLE IF NOT EXISTS `lkmediagroup` ( | ||
36 | 30 | `LkMediaGroupID` int(11) NOT NULL AUTO_INCREMENT, | ||
37 | 31 | `MediaID` int(11) NOT NULL, | ||
38 | 32 | `GroupID` int(11) NOT NULL, | ||
39 | 33 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
40 | 34 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
41 | 35 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
42 | 36 | PRIMARY KEY (`LkMediaGroupID`), | ||
43 | 37 | KEY `MediaID` (`MediaID`), | ||
44 | 38 | KEY `GroupID` (`GroupID`) | ||
45 | 39 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
46 | 40 | |||
47 | 41 | ALTER TABLE `lkmediagroup` | ||
48 | 42 | ADD CONSTRAINT `lkmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
49 | 43 | ADD CONSTRAINT `lkmediagroup_ibfk_1` FOREIGN KEY (`MediaID`) REFERENCES `media` (`MediaID`); | ||
50 | 44 | |||
51 | 45 | CREATE TABLE IF NOT EXISTS `lklayoutmediagroup` ( | ||
52 | 46 | `LkLayoutMediaGroup` int(11) NOT NULL AUTO_INCREMENT, | ||
53 | 47 | `LayoutID` int(11) NOT NULL, | ||
54 | 48 | `RegionID` varchar(50) NOT NULL, | ||
55 | 49 | `MediaID` varchar(50) NOT NULL, | ||
56 | 50 | `GroupID` int(11) NOT NULL, | ||
57 | 51 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
58 | 52 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
59 | 53 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
60 | 54 | PRIMARY KEY (`LkLayoutMediaGroup`), | ||
61 | 55 | KEY `LayoutID` (`LayoutID`), | ||
62 | 56 | KEY `GroupID` (`GroupID`) | ||
63 | 57 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
64 | 58 | |||
65 | 59 | ALTER TABLE `lklayoutmediagroup` | ||
66 | 60 | ADD CONSTRAINT `lklayoutmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
67 | 61 | ADD CONSTRAINT `lklayoutmediagroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); | ||
68 | 62 | |||
69 | 63 | CREATE TABLE IF NOT EXISTS `lktemplategroup` ( | ||
70 | 64 | `LkTemplateGroupID` int(11) NOT NULL AUTO_INCREMENT, | ||
71 | 65 | `TemplateID` int(11) NOT NULL, | ||
72 | 66 | `GroupID` int(11) NOT NULL, | ||
73 | 67 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
74 | 68 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
75 | 69 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
76 | 70 | PRIMARY KEY (`LkTemplateGroupID`), | ||
77 | 71 | KEY `TemplateID` (`TemplateID`), | ||
78 | 72 | KEY `GroupID` (`GroupID`) | ||
79 | 73 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
80 | 74 | |||
81 | 75 | ALTER TABLE `lktemplategroup` | ||
82 | 76 | ADD CONSTRAINT `lktemplategroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
83 | 77 | ADD CONSTRAINT `lktemplategroup_ibfk_1` FOREIGN KEY (`TemplateID`) REFERENCES `template` (`TemplateID`); | ||
84 | 78 | |||
85 | 79 | ALTER TABLE `layout` DROP `permissionID`; | ||
86 | 80 | |||
87 | 81 | ALTER TABLE `media` DROP FOREIGN KEY `media_ibfk_1` ; | ||
88 | 82 | ALTER TABLE `media` DROP `permissionID`; | ||
89 | 83 | |||
90 | 84 | ALTER TABLE `template` DROP FOREIGN KEY `template_ibfk_2` ; | ||
91 | 85 | ALTER TABLE `template` DROP `permissionID`; | ||
92 | 86 | |||
93 | 87 | DROP TABLE `permission`; | ||
94 | 88 | |||
95 | 89 | CREATE TABLE IF NOT EXISTS `lklayoutregiongroup` ( | ||
96 | 90 | `LkLayoutRegionGroup` int(11) NOT NULL AUTO_INCREMENT, | ||
97 | 91 | `LayoutID` int(11) NOT NULL, | ||
98 | 92 | `RegionID` varchar(50) NOT NULL, | ||
99 | 93 | `GroupID` int(11) NOT NULL, | ||
100 | 94 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
101 | 95 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
102 | 96 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
103 | 97 | PRIMARY KEY (`LkLayoutRegionGroup`), | ||
104 | 98 | KEY `LayoutID` (`LayoutID`), | ||
105 | 99 | KEY `GroupID` (`GroupID`) | ||
106 | 100 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
107 | 101 | |||
108 | 102 | ALTER TABLE `lklayoutregiongroup` | ||
109 | 103 | ADD CONSTRAINT `lklayoutregiongroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
110 | 104 | ADD CONSTRAINT `lklayoutregiongroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); | ||
111 | 105 | |||
112 | 106 | INSERT INTO lktemplategroup (TemplateID, GroupID, View) | ||
113 | 107 | SELECT TemplateID, GroupId, 1 | ||
114 | 108 | FROM template | ||
115 | 109 | CROSS JOIN (SELECT GroupID, `Group` FROM `group` WHERE IsEveryone = 1) `group` | ||
116 | 110 | WHERE IsSystem = 1; | ||
117 | 111 | |||
118 | 112 | INSERT INTO `setting` ( | ||
119 | 113 | `settingid` , | ||
120 | 114 | `setting` , | ||
121 | 115 | `value` , | ||
122 | 116 | `type` , | ||
123 | 117 | `helptext` , | ||
124 | 118 | `options` , | ||
125 | 119 | `cat` , | ||
126 | 120 | `userChange` | ||
127 | 121 | ) | ||
128 | 122 | VALUES ( | ||
129 | 123 | NULL , 'REGION_OPTIONS_COLOURING', 'media', 'dropdown', NULL , 'Media Colouring|Permissions Colouring', 'permissions', '1' | ||
130 | 124 | ); | ||
131 | 125 | |||
132 | 126 | UPDATE `setting` SET `setting` = 'LAYOUT_DEFAULT', | ||
133 | 127 | `helptext` = 'New layouts will be created with these settings. If public everyone will be able to view and use this layout.' WHERE `setting`.`settingid` =2 LIMIT 1 ; | ||
134 | 128 | |||
135 | 129 | UPDATE `setting` SET `setting` = 'MEDIA_DEFAULT', | ||
136 | 130 | `helptext` = 'Media will be created with these settings. If public everyone will be able to view and use this media.' WHERE `setting`.`settingid` =1 LIMIT 1 ; | ||
137 | 131 | |||
138 | 132 | INSERT INTO `pages` (`name`, `pagegroupID`) VALUES | ||
139 | 133 | ('help', 2), | ||
140 | 134 | ('clock', 2); | ||
141 | 135 | |||
142 | 136 | INSERT INTO `module` ( | ||
143 | 137 | `ModuleID` , | ||
144 | 138 | `Module` , | ||
145 | 139 | `Enabled` , | ||
146 | 140 | `RegionSpecific` , | ||
147 | 141 | `Description` , | ||
148 | 142 | `ImageUri` , | ||
149 | 143 | `SchemaVersion` , | ||
150 | 144 | `ValidExtensions` | ||
151 | 145 | ) | ||
152 | 146 | VALUES ( | ||
153 | 147 | NULL , 'Counter', '1', '1', 'Customer Counter connected to a Remote Control', 'img/forms/webpage.gif', '1', NULL | ||
154 | 148 | ); | ||
155 | 149 | |||
156 | 150 | INSERT INTO `pagegroup` ( | ||
157 | 151 | `pagegroupID` , | ||
158 | 152 | `pagegroup` | ||
159 | 153 | ) | ||
160 | 154 | VALUES ( | ||
161 | 155 | NULL , 'DataSets' | ||
162 | 156 | ); | ||
163 | 157 | |||
164 | 158 | INSERT INTO `pages` (`name`, `pagegroupID`) | ||
165 | 159 | SELECT 'dataset', pagegroupID | ||
166 | 160 | FROM pagegroup | ||
167 | 161 | WHERE pagegroup = 'DataSets'; | ||
168 | 162 | |||
169 | 163 | INSERT INTO `menuitem` (`menuID`, `pageID`, `Text`, `sequence`) | ||
170 | 164 | SELECT '4', pageID, 'DataSets', '6' | ||
171 | 165 | FROM pages | ||
172 | 166 | WHERE `name` = 'dataset'; | ||
173 | 167 | |||
174 | 168 | CREATE TABLE IF NOT EXISTS `dataset` ( | ||
175 | 169 | `DataSetID` int(11) NOT NULL AUTO_INCREMENT, | ||
176 | 170 | `DataSet` varchar(50) NOT NULL, | ||
177 | 171 | `Description` varchar(254) DEFAULT NULL, | ||
178 | 172 | `UserID` int(11) NOT NULL, | ||
179 | 173 | PRIMARY KEY (`DataSetID`), | ||
180 | 174 | KEY `UserID` (`UserID`) | ||
181 | 175 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
182 | 176 | |||
183 | 177 | CREATE TABLE IF NOT EXISTS `datasetcolumn` ( | ||
184 | 178 | `DataSetColumnID` int(11) NOT NULL AUTO_INCREMENT, | ||
185 | 179 | `DataSetID` int(11) NOT NULL, | ||
186 | 180 | `Heading` varchar(50) NOT NULL, | ||
187 | 181 | `DataTypeID` smallint(6) NOT NULL, | ||
188 | 182 | `ListContent` varchar(255) DEFAULT NULL, | ||
189 | 183 | `ColumnOrder` smallint(6) NOT NULL, | ||
190 | 184 | PRIMARY KEY (`DataSetColumnID`), | ||
191 | 185 | KEY `DataSetID` (`DataSetID`) | ||
192 | 186 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
193 | 187 | |||
194 | 188 | ALTER TABLE `datasetcolumn` | ||
195 | 189 | ADD CONSTRAINT `datasetcolumn_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`); | ||
196 | 190 | |||
197 | 191 | CREATE TABLE IF NOT EXISTS `datasetdata` ( | ||
198 | 192 | `DataSetDataID` int(11) NOT NULL AUTO_INCREMENT, | ||
199 | 193 | `DataSetColumnID` int(11) NOT NULL, | ||
200 | 194 | `RowNumber` int(11) NOT NULL, | ||
201 | 195 | `Value` varchar(255) NOT NULL, | ||
202 | 196 | PRIMARY KEY (`DataSetDataID`), | ||
203 | 197 | KEY `DataColumnID` (`DataSetColumnID`) | ||
204 | 198 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
205 | 199 | |||
206 | 200 | ALTER TABLE `datasetdata` | ||
207 | 201 | ADD CONSTRAINT `datasetdata_ibfk_1` FOREIGN KEY (`DataSetColumnID`) REFERENCES `datasetcolumn` (`DataSetColumnID`); | ||
208 | 202 | |||
209 | 203 | CREATE TABLE IF NOT EXISTS `lkdatasetgroup` ( | ||
210 | 204 | `LkDataSetGroupID` int(11) NOT NULL AUTO_INCREMENT, | ||
211 | 205 | `DataSetID` int(11) NOT NULL, | ||
212 | 206 | `GroupID` int(11) NOT NULL, | ||
213 | 207 | `View` tinyint(4) NOT NULL DEFAULT '0', | ||
214 | 208 | `Edit` tinyint(4) NOT NULL DEFAULT '0', | ||
215 | 209 | `Del` tinyint(4) NOT NULL DEFAULT '0', | ||
216 | 210 | PRIMARY KEY (`LkDataSetGroupID`), | ||
217 | 211 | KEY `DataSetID` (`DataSetID`), | ||
218 | 212 | KEY `GroupID` (`GroupID`) | ||
219 | 213 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; | ||
220 | 214 | |||
221 | 215 | ALTER TABLE `lkdatasetgroup` | ||
222 | 216 | ADD CONSTRAINT `lkdatasetgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), | ||
223 | 217 | ADD CONSTRAINT `lkdatasetgroup_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`); | ||
224 | 218 | |||
225 | 1 | 219 | ||
226 | 2 | 220 | ||
227 | 3 | UPDATE `version` SET `app_ver` = '1.3.0', `XmdsVersion` = 2; | 221 | UPDATE `version` SET `app_ver` = '1.3.0', `XmdsVersion` = 2; |
228 | 4 | 222 | ||
229 | === modified file 'server/lib/app/kit.class.php' | |||
230 | --- server/lib/app/kit.class.php 2011-02-28 16:05:59 +0000 | |||
231 | +++ server/lib/app/kit.class.php 2011-08-18 23:36:27 +0000 | |||
232 | @@ -490,5 +490,18 @@ | |||
233 | 490 | return mail($to, $subject, $message, $headers); | 490 | return mail($to, $subject, $message, $headers); |
234 | 491 | } | 491 | } |
235 | 492 | 492 | ||
236 | 493 | public static function SelectList($listName, $listValues, $idColumn, $nameColumn, $selectedId = '', $callBack = '') | ||
237 | 494 | { | ||
238 | 495 | $list = '<select name="' . $listName . '" id="' . $listName . '"' . $callBack . '>'; | ||
239 | 496 | |||
240 | 497 | foreach ($listValues as $listItem) | ||
241 | 498 | { | ||
242 | 499 | $list .= '<option value="' . $listItem[$idColumn] . '" ' . (($listItem[$idColumn] == $selectedId) ? 'selected' : '') . '>' . $listItem[$nameColumn] . '</option>'; | ||
243 | 500 | } | ||
244 | 501 | |||
245 | 502 | $list .= '</select>'; | ||
246 | 503 | |||
247 | 504 | return $list; | ||
248 | 505 | } | ||
249 | 493 | } | 506 | } |
250 | 494 | ?> | 507 | ?> |
251 | 495 | 508 | ||
252 | === added file 'server/lib/app/permissionmanager.class.php' | |||
253 | --- server/lib/app/permissionmanager.class.php 1970-01-01 00:00:00 +0000 | |||
254 | +++ server/lib/app/permissionmanager.class.php 2011-08-18 23:36:27 +0000 | |||
255 | @@ -0,0 +1,83 @@ | |||
256 | 1 | <?php | ||
257 | 2 | /* | ||
258 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
259 | 4 | * Copyright (C) 2011 Daniel Garner | ||
260 | 5 | * | ||
261 | 6 | * This file is part of Xibo. | ||
262 | 7 | * | ||
263 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
264 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
265 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
266 | 11 | * any later version. | ||
267 | 12 | * | ||
268 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
269 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
270 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
271 | 16 | * GNU Affero General Public License for more details. | ||
272 | 17 | * | ||
273 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
274 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
275 | 20 | */ | ||
276 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
277 | 22 | |||
278 | 23 | class PermissionManager | ||
279 | 24 | { | ||
280 | 25 | private $db; | ||
281 | 26 | private $user; | ||
282 | 27 | |||
283 | 28 | public $ownerId; | ||
284 | 29 | |||
285 | 30 | public $view; | ||
286 | 31 | public $edit; | ||
287 | 32 | public $del; | ||
288 | 33 | public $modifyPermissions; | ||
289 | 34 | |||
290 | 35 | /** | ||
291 | 36 | * Constructs the Module Manager. | ||
292 | 37 | * @return | ||
293 | 38 | * @param $db Object | ||
294 | 39 | * @param $user Object | ||
295 | 40 | */ | ||
296 | 41 | public function __construct(database $db, User $user) | ||
297 | 42 | { | ||
298 | 43 | $this->db =& $db; | ||
299 | 44 | $this->user =& $user; | ||
300 | 45 | |||
301 | 46 | $this->view = false; | ||
302 | 47 | $this->edit = false; | ||
303 | 48 | $this->del = false; | ||
304 | 49 | $this->modifyPermissions = false; | ||
305 | 50 | } | ||
306 | 51 | |||
307 | 52 | public function Evaluate($ownerId, $view, $edit, $del) | ||
308 | 53 | { | ||
309 | 54 | $user =& $this->user; | ||
310 | 55 | |||
311 | 56 | $this->ownerId = $ownerId; | ||
312 | 57 | $this->view = $view; | ||
313 | 58 | $this->edit = $edit; | ||
314 | 59 | $this->del = $del; | ||
315 | 60 | |||
316 | 61 | // Basic checks first | ||
317 | 62 | if ($this->user->usertypeid == 1 || $ownerId == $user->userid) | ||
318 | 63 | { | ||
319 | 64 | // Super admin or owner, therefore permission granted to everything | ||
320 | 65 | $this->FullAccess(); | ||
321 | 66 | } | ||
322 | 67 | else if ($this->user->usertypeid == 2 && $this->view == 1) | ||
323 | 68 | { | ||
324 | 69 | // Group Admin and we have view permissions (i.e. this group is assigned to this item) | ||
325 | 70 | $this->view = true; | ||
326 | 71 | $this->edit = true; | ||
327 | 72 | $this->del = true; | ||
328 | 73 | } | ||
329 | 74 | } | ||
330 | 75 | |||
331 | 76 | public function FullAccess() | ||
332 | 77 | { | ||
333 | 78 | $this->view = true; | ||
334 | 79 | $this->edit = true; | ||
335 | 80 | $this->del = true; | ||
336 | 81 | $this->modifyPermissions = true; | ||
337 | 82 | } | ||
338 | 83 | } | ||
339 | 0 | \ No newline at end of file | 84 | \ No newline at end of file |
340 | 1 | 85 | ||
341 | === modified file 'server/lib/app/responsemanager.class.php' | |||
342 | --- server/lib/app/responsemanager.class.php 2010-05-29 11:16:24 +0000 | |||
343 | +++ server/lib/app/responsemanager.class.php 2011-08-18 23:36:27 +0000 | |||
344 | @@ -45,20 +45,25 @@ | |||
345 | 45 | public $refresh; | 45 | public $refresh; |
346 | 46 | public $refreshLocation; | 46 | public $refreshLocation; |
347 | 47 | public $focusInFirstInput; | 47 | public $focusInFirstInput; |
348 | 48 | public $appendHiddenSubmit; | ||
349 | 48 | 49 | ||
350 | 49 | public $login; | 50 | public $login; |
351 | 50 | public $clockUpdate; | 51 | public $clockUpdate; |
352 | 52 | |||
353 | 53 | public $uniqueReference; | ||
354 | 51 | 54 | ||
355 | 52 | public function __construct() | 55 | public function __construct() |
356 | 53 | { | 56 | { |
357 | 54 | // Determine if this is an AJAX call or not | 57 | // Determine if this is an AJAX call or not |
359 | 55 | $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false); | 58 | $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false); |
360 | 56 | 59 | ||
361 | 57 | // Assume success | 60 | // Assume success |
366 | 58 | $this->success = true; | 61 | $this->success = true; |
367 | 59 | $this->clockUpdate = false; | 62 | $this->clockUpdate = false; |
368 | 60 | $this->focusInFirstInput = true; | 63 | $this->focusInFirstInput = true; |
369 | 61 | $this->buttons = ''; | 64 | $this->appendHiddenSubmit = true; |
370 | 65 | $this->uniqueReference = ''; | ||
371 | 66 | $this->buttons = ''; | ||
372 | 62 | 67 | ||
373 | 63 | return true; | 68 | return true; |
374 | 64 | } | 69 | } |
375 | @@ -212,6 +217,7 @@ | |||
376 | 212 | // General | 217 | // General |
377 | 213 | $response['html'] = $this->html; | 218 | $response['html'] = $this->html; |
378 | 214 | $response['buttons'] = $this->buttons; | 219 | $response['buttons'] = $this->buttons; |
379 | 220 | $response['uniqueReference'] = $this->uniqueReference; | ||
380 | 215 | 221 | ||
381 | 216 | $response['success'] = $this->success; | 222 | $response['success'] = $this->success; |
382 | 217 | $response['callBack'] = $this->callBack; | 223 | $response['callBack'] = $this->callBack; |
383 | 218 | 224 | ||
384 | === modified file 'server/lib/app/translationengine.class.php' | |||
385 | --- server/lib/app/translationengine.class.php 2010-09-18 15:40:51 +0000 | |||
386 | +++ server/lib/app/translationengine.class.php 2011-08-18 23:36:27 +0000 | |||
387 | @@ -75,7 +75,7 @@ | |||
388 | 75 | { | 75 | { |
389 | 76 | // Remove any quality rating (as we aren't interested) | 76 | // Remove any quality rating (as we aren't interested) |
390 | 77 | $rawLang = explode(';', $lang); | 77 | $rawLang = explode(';', $lang); |
392 | 78 | $lang = $rawLang[0]; | 78 | $lang = str_replace("-", "_", $rawLang[0]); |
393 | 79 | 79 | ||
394 | 80 | if (in_array($lang . '.mo', $supportedLangs)) | 80 | if (in_array($lang . '.mo', $supportedLangs)) |
395 | 81 | { | 81 | { |
396 | 82 | 82 | ||
397 | === added file 'server/lib/data/dataset.data.class.php' | |||
398 | --- server/lib/data/dataset.data.class.php 1970-01-01 00:00:00 +0000 | |||
399 | +++ server/lib/data/dataset.data.class.php 2011-08-18 23:36:27 +0000 | |||
400 | @@ -0,0 +1,148 @@ | |||
401 | 1 | <?php | ||
402 | 2 | /* | ||
403 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
404 | 4 | * Copyright (C) 2011 Daniel Garner | ||
405 | 5 | * | ||
406 | 6 | * This file is part of Xibo. | ||
407 | 7 | * | ||
408 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
409 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
410 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
411 | 11 | * any later version. | ||
412 | 12 | * | ||
413 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
414 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
415 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
416 | 16 | * GNU Affero General Public License for more details. | ||
417 | 17 | * | ||
418 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
419 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
420 | 20 | */ | ||
421 | 21 | defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); | ||
422 | 22 | |||
423 | 23 | class DataSet extends Data | ||
424 | 24 | { | ||
425 | 25 | /** | ||
426 | 26 | * Add a data set | ||
427 | 27 | * @param <type> $dataSet | ||
428 | 28 | * @param <type> $description | ||
429 | 29 | * @param <type> $userId | ||
430 | 30 | * @return <type> | ||
431 | 31 | */ | ||
432 | 32 | public function Add($dataSet, $description, $userId) | ||
433 | 33 | { | ||
434 | 34 | $db =& $this->db; | ||
435 | 35 | |||
436 | 36 | // Validation | ||
437 | 37 | if (strlen($dataSet) > 50 || strlen($dataSet) < 1) | ||
438 | 38 | { | ||
439 | 39 | $this->SetError(25001, __("Name must be between 1 and 50 characters")); | ||
440 | 40 | return false; | ||
441 | 41 | } | ||
442 | 42 | |||
443 | 43 | if (strlen($description) > 254) | ||
444 | 44 | { | ||
445 | 45 | $this->SetError(25002, __("Description can not be longer than 254 characters")); | ||
446 | 46 | return false; | ||
447 | 47 | } | ||
448 | 48 | |||
449 | 49 | // Ensure there are no layouts with the same name | ||
450 | 50 | $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' ", $dataSet); | ||
451 | 51 | |||
452 | 52 | if ($db->GetSingleRow($SQL)) | ||
453 | 53 | { | ||
454 | 54 | trigger_error($db->error()); | ||
455 | 55 | $this->SetError(25004, sprintf(__("There is already dataset called '%s'. Please choose another name."), $dataSet)); | ||
456 | 56 | return false; | ||
457 | 57 | } | ||
458 | 58 | // End Validation | ||
459 | 59 | |||
460 | 60 | $SQL = "INSERT INTO dataset (DataSet, Description, UserID) "; | ||
461 | 61 | $SQL .= " VALUES ('%s', '%s', %d) "; | ||
462 | 62 | |||
463 | 63 | if (!$id = $db->insert_query(sprintf($SQL, $dataSet, $description, $userId))) | ||
464 | 64 | { | ||
465 | 65 | trigger_error($db->error()); | ||
466 | 66 | $this->SetError(25005, __('Could not add DataSet')); | ||
467 | 67 | |||
468 | 68 | return false; | ||
469 | 69 | } | ||
470 | 70 | |||
471 | 71 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSet', 'Add'); | ||
472 | 72 | |||
473 | 73 | return $id; | ||
474 | 74 | } | ||
475 | 75 | |||
476 | 76 | /** | ||
477 | 77 | * Edit a DataSet | ||
478 | 78 | * @param <type> $dataSetId | ||
479 | 79 | * @param <type> $dataSet | ||
480 | 80 | * @param <type> $description | ||
481 | 81 | */ | ||
482 | 82 | public function Edit($dataSetId, $dataSet, $description) | ||
483 | 83 | { | ||
484 | 84 | $db =& $this->db; | ||
485 | 85 | |||
486 | 86 | // Validation | ||
487 | 87 | if (strlen($dataSet) > 50 || strlen($dataSet) < 1) | ||
488 | 88 | { | ||
489 | 89 | $this->SetError(25001, __("Name must be between 1 and 50 characters")); | ||
490 | 90 | return false; | ||
491 | 91 | } | ||
492 | 92 | |||
493 | 93 | if (strlen($description) > 254) | ||
494 | 94 | { | ||
495 | 95 | $this->SetError(25002, __("Description can not be longer than 254 characters")); | ||
496 | 96 | return false; | ||
497 | 97 | } | ||
498 | 98 | |||
499 | 99 | // Ensure there are no layouts with the same name | ||
500 | 100 | $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' AND DataSetID <> %d ", $dataSet, $dataSetId); | ||
501 | 101 | |||
502 | 102 | if ($db->GetSingleRow($SQL)) | ||
503 | 103 | { | ||
504 | 104 | trigger_error($db->error()); | ||
505 | 105 | $this->SetError(25004, sprintf(__("There is already a dataset called '%s'. Please choose another name."), $dataSet)); | ||
506 | 106 | return false; | ||
507 | 107 | } | ||
508 | 108 | // End Validation | ||
509 | 109 | |||
510 | 110 | $SQL = "UPDATE dataset SET DataSet = '%s', Description = '%s' WHERE DataSetID = %d "; | ||
511 | 111 | $SQL = sprintf($SQL, $dataSet, $description, $dataSetId); | ||
512 | 112 | |||
513 | 113 | if (!$db->query($SQL)) | ||
514 | 114 | { | ||
515 | 115 | trigger_error($db->error()); | ||
516 | 116 | $this->SetError(25005, sprintf(__('Cannot edit dataset %s'), $dataSet)); | ||
517 | 117 | return false; | ||
518 | 118 | } | ||
519 | 119 | |||
520 | 120 | return true; | ||
521 | 121 | } | ||
522 | 122 | |||
523 | 123 | /** | ||
524 | 124 | * Delete DataSet | ||
525 | 125 | * @param <type> $dataSetId | ||
526 | 126 | */ | ||
527 | 127 | public function Delete($dataSetId) | ||
528 | 128 | { | ||
529 | 129 | $db =& $this->db; | ||
530 | 130 | |||
531 | 131 | Kit::ClassLoader('datasetgroupsecurity'); | ||
532 | 132 | $security = new DataSetGroupSecurity($db); | ||
533 | 133 | $security->UnlinkAll($dataSetId); | ||
534 | 134 | |||
535 | 135 | $SQL = "DELETE FROM dataset WHERE DataSetID = %d"; | ||
536 | 136 | $SQL = sprintf($SQL, $dataSetId); | ||
537 | 137 | |||
538 | 138 | if (!$db->query($SQL)) | ||
539 | 139 | { | ||
540 | 140 | trigger_error($db->error()); | ||
541 | 141 | $this->SetError(25005, __('Cannot delete dataset')); | ||
542 | 142 | return false; | ||
543 | 143 | } | ||
544 | 144 | |||
545 | 145 | return true; | ||
546 | 146 | } | ||
547 | 147 | } | ||
548 | 148 | ?> | ||
549 | 0 | \ No newline at end of file | 149 | \ No newline at end of file |
550 | 1 | 150 | ||
551 | === added file 'server/lib/data/datasetcolumn.data.class.php' | |||
552 | --- server/lib/data/datasetcolumn.data.class.php 1970-01-01 00:00:00 +0000 | |||
553 | +++ server/lib/data/datasetcolumn.data.class.php 2011-08-18 23:36:27 +0000 | |||
554 | @@ -0,0 +1,127 @@ | |||
555 | 1 | <?php | ||
556 | 2 | /* | ||
557 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
558 | 4 | * Copyright (C) 2011 Daniel Garner | ||
559 | 5 | * | ||
560 | 6 | * This file is part of Xibo. | ||
561 | 7 | * | ||
562 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
563 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
564 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
565 | 11 | * any later version. | ||
566 | 12 | * | ||
567 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
568 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
569 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
570 | 16 | * GNU Affero General Public License for more details. | ||
571 | 17 | * | ||
572 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
573 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
574 | 20 | */ | ||
575 | 21 | defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); | ||
576 | 22 | |||
577 | 23 | class DataSetColumn extends Data | ||
578 | 24 | { | ||
579 | 25 | public function Add($dataSetId, $heading, $dataTypeId, $listContent, $columnOrder = '') | ||
580 | 26 | { | ||
581 | 27 | $db =& $this->db; | ||
582 | 28 | |||
583 | 29 | // Is the column order provided? | ||
584 | 30 | if ($columnOrder == '') | ||
585 | 31 | { | ||
586 | 32 | $SQL = ""; | ||
587 | 33 | $SQL .= "SELECT IFNULL(MAX(ColumnOrder), 1) AS ColumnOrder "; | ||
588 | 34 | $SQL .= " FROM datasetcolumn "; | ||
589 | 35 | $SQL .= sprintf("WHERE datasetID = %d ", $dataSetId); | ||
590 | 36 | |||
591 | 37 | if (!$columnOrder = $db->GetSingleValue($SQL, 'ColumnOrder', _INT)) | ||
592 | 38 | { | ||
593 | 39 | trigger_error($db->error()); | ||
594 | 40 | return $this->SetError(25005, __('Could not determine the Column Order')); | ||
595 | 41 | } | ||
596 | 42 | } | ||
597 | 43 | |||
598 | 44 | $SQL = "INSERT INTO datasetcolumn (DataSetID, Heading, DataTypeID, ListContent, ColumnOrder) "; | ||
599 | 45 | $SQL .= " VALUES (%d, '%s', %d, '%s', %d) "; | ||
600 | 46 | $SQL = sprintf($SQL, $dataSetId, $heading, $dataTypeId, $listContent, $columnOrder); | ||
601 | 47 | |||
602 | 48 | if (!$id = $db->insert_query($SQL)) | ||
603 | 49 | { | ||
604 | 50 | trigger_error($db->error()); | ||
605 | 51 | return $this->SetError(25005, __('Could not add DataSet Column')); | ||
606 | 52 | } | ||
607 | 53 | |||
608 | 54 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Add'); | ||
609 | 55 | |||
610 | 56 | return $id; | ||
611 | 57 | } | ||
612 | 58 | |||
613 | 59 | public function Edit($dataSetColumnId, $heading, $dataTypeId, $listContent, $columnOrder) | ||
614 | 60 | { | ||
615 | 61 | $db =& $this->db; | ||
616 | 62 | |||
617 | 63 | // Validation | ||
618 | 64 | if ($listContent != '') | ||
619 | 65 | { | ||
620 | 66 | $list = explode(',', $listContent); | ||
621 | 67 | |||
622 | 68 | // We can check this is valid by building up a NOT IN sql statement, if we get results.. we know its not good | ||
623 | 69 | $select = ''; | ||
624 | 70 | |||
625 | 71 | for ($i=0; $i < count($list); $i++) | ||
626 | 72 | { | ||
627 | 73 | $list_val = $list[$i]; | ||
628 | 74 | $select .= "'$list_val',"; | ||
629 | 75 | } | ||
630 | 76 | |||
631 | 77 | $select = rtrim($select, ','); | ||
632 | 78 | |||
633 | 79 | $SQL = sprintf("SELECT DataSetDataID FROM datasetdata WHERE DataColumnID = %d AND Value NOT IN (%s)", $dataSetColumnId, $select); | ||
634 | 80 | |||
635 | 81 | if (!$results = $db->query($SQL)) | ||
636 | 82 | { | ||
637 | 83 | trigger_error($db->error()); | ||
638 | 84 | return $this->SetError(25005, __('Could not edit DataSet Column')); | ||
639 | 85 | } | ||
640 | 86 | |||
641 | 87 | if ($db->num_rows($results) > 0) | ||
642 | 88 | return $this->SetError(25005, __('New list content value is invalid as it doesnt include values for existing data')); | ||
643 | 89 | } | ||
644 | 90 | |||
645 | 91 | $SQL = "UPDATE datasetcolumn SET Heading = '%s', ListContent = '%s', ColumnOrder = %d "; | ||
646 | 92 | $SQL .= " WHERE DataSetColumnID = %d"; | ||
647 | 93 | |||
648 | 94 | $SQL = sprintf($SQL, $heading, $listContent, $columnOrder, $dataSetColumnId); | ||
649 | 95 | |||
650 | 96 | if (!$db->query($SQL)) | ||
651 | 97 | { | ||
652 | 98 | trigger_error($db->error()); | ||
653 | 99 | return $this->SetError(25005, __('Could not edit DataSet Column')); | ||
654 | 100 | } | ||
655 | 101 | |||
656 | 102 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Edit'); | ||
657 | 103 | |||
658 | 104 | return true; | ||
659 | 105 | } | ||
660 | 106 | |||
661 | 107 | public function Delete($dataSetColumnId) | ||
662 | 108 | { | ||
663 | 109 | $db =& $this->db; | ||
664 | 110 | |||
665 | 111 | $SQL = "DELETE FROM datasetcolumn "; | ||
666 | 112 | $SQL .= " WHERE DataSetColumnID = %d"; | ||
667 | 113 | |||
668 | 114 | $SQL = sprintf($SQL, $dataSetColumnId); | ||
669 | 115 | |||
670 | 116 | if (!$db->query($SQL)) | ||
671 | 117 | { | ||
672 | 118 | trigger_error($db->error()); | ||
673 | 119 | return $this->SetError(25005, __('Could not delete DataSet Column')); | ||
674 | 120 | } | ||
675 | 121 | |||
676 | 122 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Delete'); | ||
677 | 123 | |||
678 | 124 | return true; | ||
679 | 125 | } | ||
680 | 126 | } | ||
681 | 127 | ?> | ||
682 | 0 | \ No newline at end of file | 128 | \ No newline at end of file |
683 | 1 | 129 | ||
684 | === added file 'server/lib/data/datasetdata.data.class.php' | |||
685 | --- server/lib/data/datasetdata.data.class.php 1970-01-01 00:00:00 +0000 | |||
686 | +++ server/lib/data/datasetdata.data.class.php 2011-08-18 23:36:27 +0000 | |||
687 | @@ -0,0 +1,84 @@ | |||
688 | 1 | <?php | ||
689 | 2 | /* | ||
690 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
691 | 4 | * Copyright (C) 2011 Daniel Garner | ||
692 | 5 | * | ||
693 | 6 | * This file is part of Xibo. | ||
694 | 7 | * | ||
695 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
696 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
697 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
698 | 11 | * any later version. | ||
699 | 12 | * | ||
700 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
701 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
702 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
703 | 16 | * GNU Affero General Public License for more details. | ||
704 | 17 | * | ||
705 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
706 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
707 | 20 | */ | ||
708 | 21 | defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); | ||
709 | 22 | |||
710 | 23 | class DataSetData extends Data | ||
711 | 24 | { | ||
712 | 25 | public function Add($dataSetColumnId, $rowNumber, $value) | ||
713 | 26 | { | ||
714 | 27 | $db =& $this->db; | ||
715 | 28 | |||
716 | 29 | $SQL = "INSERT INTO datasetdata (DataSetColumnID, RowNumber, Value) "; | ||
717 | 30 | $SQL .= " VALUES (%d, %d, '%s') "; | ||
718 | 31 | $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber, $value); | ||
719 | 32 | |||
720 | 33 | if (!$id = $db->insert_query($SQL)) | ||
721 | 34 | { | ||
722 | 35 | trigger_error($db->error()); | ||
723 | 36 | return $this->SetError(25005, __('Could not add DataSet Data')); | ||
724 | 37 | } | ||
725 | 38 | |||
726 | 39 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Add'); | ||
727 | 40 | |||
728 | 41 | return $id; | ||
729 | 42 | } | ||
730 | 43 | |||
731 | 44 | public function Edit($dataSetColumnId, $rowNumber, $value) | ||
732 | 45 | { | ||
733 | 46 | $db =& $this->db; | ||
734 | 47 | |||
735 | 48 | $SQL = "UPDATE datasetdata SET Value = '%s' "; | ||
736 | 49 | $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d"; | ||
737 | 50 | |||
738 | 51 | $SQL = sprintf($SQL, $value, $dataSetColumnId, $rowNumber); | ||
739 | 52 | |||
740 | 53 | if (!$db->query($SQL)) | ||
741 | 54 | { | ||
742 | 55 | trigger_error($db->error()); | ||
743 | 56 | return $this->SetError(25005, __('Could not edit DataSet Data')); | ||
744 | 57 | } | ||
745 | 58 | |||
746 | 59 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Edit'); | ||
747 | 60 | |||
748 | 61 | return true; | ||
749 | 62 | } | ||
750 | 63 | |||
751 | 64 | public function Delete($dataSetColumnId, $rowNumber) | ||
752 | 65 | { | ||
753 | 66 | $db =& $this->db; | ||
754 | 67 | |||
755 | 68 | $SQL = "DELETE FROM datasetdata "; | ||
756 | 69 | $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d"; | ||
757 | 70 | |||
758 | 71 | $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber); | ||
759 | 72 | |||
760 | 73 | if (!$db->query($SQL)) | ||
761 | 74 | { | ||
762 | 75 | trigger_error($db->error()); | ||
763 | 76 | return $this->SetError(25005, __('Could not delete Data for Column/Row')); | ||
764 | 77 | } | ||
765 | 78 | |||
766 | 79 | Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Delete'); | ||
767 | 80 | |||
768 | 81 | return true; | ||
769 | 82 | } | ||
770 | 83 | } | ||
771 | 84 | ?> | ||
772 | 0 | \ No newline at end of file | 85 | \ No newline at end of file |
773 | 1 | 86 | ||
774 | === added file 'server/lib/data/datasetgroupsecurity.data.class.php' | |||
775 | --- server/lib/data/datasetgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
776 | +++ server/lib/data/datasetgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
777 | @@ -0,0 +1,149 @@ | |||
778 | 1 | <?php | ||
779 | 2 | /* | ||
780 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
781 | 4 | * Copyright (C) 2011 Daniel Garner | ||
782 | 5 | * | ||
783 | 6 | * This file is part of Xibo. | ||
784 | 7 | * | ||
785 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
786 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
787 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
788 | 11 | * any later version. | ||
789 | 12 | * | ||
790 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
791 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
792 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
793 | 16 | * GNU Affero General Public License for more details. | ||
794 | 17 | * | ||
795 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
796 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
797 | 20 | */ | ||
798 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
799 | 22 | |||
800 | 23 | class DataSetGroupSecurity extends Data | ||
801 | 24 | { | ||
802 | 25 | public function __construct(database $db) | ||
803 | 26 | { | ||
804 | 27 | parent::__construct($db); | ||
805 | 28 | } | ||
806 | 29 | |||
807 | 30 | /** | ||
808 | 31 | * Links a Display Group to a Group | ||
809 | 32 | * @return | ||
810 | 33 | * @param $displayGroupID Object | ||
811 | 34 | * @param $groupID Object | ||
812 | 35 | */ | ||
813 | 36 | public function Link($dataSetId, $groupId, $view, $edit, $del) | ||
814 | 37 | { | ||
815 | 38 | $db =& $this->db; | ||
816 | 39 | |||
817 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Link'); | ||
818 | 41 | |||
819 | 42 | $SQL = ""; | ||
820 | 43 | $SQL .= "INSERT "; | ||
821 | 44 | $SQL .= "INTO lkdatasetgroup "; | ||
822 | 45 | $SQL .= " ( "; | ||
823 | 46 | $SQL .= " DataSetID, "; | ||
824 | 47 | $SQL .= " GroupID, "; | ||
825 | 48 | $SQL .= " View, "; | ||
826 | 49 | $SQL .= " Edit, "; | ||
827 | 50 | $SQL .= " Del "; | ||
828 | 51 | $SQL .= " ) "; | ||
829 | 52 | $SQL .= " VALUES "; | ||
830 | 53 | $SQL .= " ( "; | ||
831 | 54 | $SQL .= sprintf(" %d, %d, %d, %d, %d ", $dataSetId, $groupId, $view, $edit, $del); | ||
832 | 55 | $SQL .= " )"; | ||
833 | 56 | |||
834 | 57 | if (!$db->query($SQL)) | ||
835 | 58 | { | ||
836 | 59 | trigger_error($db->error()); | ||
837 | 60 | $this->SetError(25024, __('Could not Link DataSet to Group')); | ||
838 | 61 | |||
839 | 62 | return false; | ||
840 | 63 | } | ||
841 | 64 | |||
842 | 65 | Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Link'); | ||
843 | 66 | |||
844 | 67 | return true; | ||
845 | 68 | } | ||
846 | 69 | |||
847 | 70 | /** | ||
848 | 71 | * Links everyone to the layout specified | ||
849 | 72 | * @param <type> $layoutId | ||
850 | 73 | * @param <type> $view | ||
851 | 74 | * @param <type> $edit | ||
852 | 75 | * @param <type> $del | ||
853 | 76 | * @return <type> | ||
854 | 77 | */ | ||
855 | 78 | public function LinkEveryone($dataSetId, $view, $edit, $del) | ||
856 | 79 | { | ||
857 | 80 | $db =& $this->db; | ||
858 | 81 | |||
859 | 82 | Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'LinkEveryone'); | ||
860 | 83 | |||
861 | 84 | $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); | ||
862 | 85 | |||
863 | 86 | return $this->Link($dataSetId, $groupId, $view, $edit, $del); | ||
864 | 87 | } | ||
865 | 88 | |||
866 | 89 | /** | ||
867 | 90 | * Unlinks a display group from a group | ||
868 | 91 | * @return | ||
869 | 92 | * @param $displayGroupID Object | ||
870 | 93 | * @param $groupID Object | ||
871 | 94 | */ | ||
872 | 95 | public function Unlink($dataSetId, $groupId) | ||
873 | 96 | { | ||
874 | 97 | $db =& $this->db; | ||
875 | 98 | |||
876 | 99 | Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink'); | ||
877 | 100 | |||
878 | 101 | $SQL = ""; | ||
879 | 102 | $SQL .= "DELETE FROM "; | ||
880 | 103 | $SQL .= " lkdatasetgroup "; | ||
881 | 104 | $SQL .= sprintf(" WHERE DataSetID = %d AND GroupID = %d ", $dataSetId, $groupId); | ||
882 | 105 | |||
883 | 106 | if (!$db->query($SQL)) | ||
884 | 107 | { | ||
885 | 108 | trigger_error($db->error()); | ||
886 | 109 | $this->SetError(25025, __('Could not Unlink DataSet from Group')); | ||
887 | 110 | |||
888 | 111 | return false; | ||
889 | 112 | } | ||
890 | 113 | |||
891 | 114 | Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink'); | ||
892 | 115 | |||
893 | 116 | return true; | ||
894 | 117 | } | ||
895 | 118 | |||
896 | 119 | /** | ||
897 | 120 | * Unlinks a display group from a group | ||
898 | 121 | * @return | ||
899 | 122 | * @param $displayGroupID Object | ||
900 | 123 | * @param $groupID Object | ||
901 | 124 | */ | ||
902 | 125 | public function UnlinkAll($dataSetId) | ||
903 | 126 | { | ||
904 | 127 | $db =& $this->db; | ||
905 | 128 | |||
906 | 129 | Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink'); | ||
907 | 130 | |||
908 | 131 | $SQL = ""; | ||
909 | 132 | $SQL .= "DELETE FROM "; | ||
910 | 133 | $SQL .= " lkdatasetgroup "; | ||
911 | 134 | $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId); | ||
912 | 135 | |||
913 | 136 | if (!$db->query($SQL)) | ||
914 | 137 | { | ||
915 | 138 | trigger_error($db->error()); | ||
916 | 139 | $this->SetError(25025, __('Could not Unlink DataSet from Group')); | ||
917 | 140 | |||
918 | 141 | return false; | ||
919 | 142 | } | ||
920 | 143 | |||
921 | 144 | Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink'); | ||
922 | 145 | |||
923 | 146 | return true; | ||
924 | 147 | } | ||
925 | 148 | } | ||
926 | 149 | ?> | ||
927 | 0 | \ No newline at end of file | 150 | \ No newline at end of file |
928 | 1 | 151 | ||
929 | === modified file 'server/lib/data/layout.data.class.php' | |||
930 | --- server/lib/data/layout.data.class.php 2011-01-07 22:03:11 +0000 | |||
931 | +++ server/lib/data/layout.data.class.php 2011-08-18 23:36:27 +0000 | |||
932 | @@ -29,13 +29,12 @@ | |||
933 | 29 | * Add a layout | 29 | * Add a layout |
934 | 30 | * @param <type> $layout | 30 | * @param <type> $layout |
935 | 31 | * @param <type> $description | 31 | * @param <type> $description |
936 | 32 | * @param <type> $permissionid | ||
937 | 33 | * @param <type> $tags | 32 | * @param <type> $tags |
938 | 34 | * @param <type> $userid | 33 | * @param <type> $userid |
939 | 35 | * @param <type> $templateId | 34 | * @param <type> $templateId |
940 | 36 | * @return <type> | 35 | * @return <type> |
941 | 37 | */ | 36 | */ |
943 | 38 | public function Add($layout, $description, $permissionid, $tags, $userid, $templateId) | 37 | public function Add($layout, $description, $tags, $userid, $templateId) |
944 | 39 | { | 38 | { |
945 | 40 | $db =& $this->db; | 39 | $db =& $this->db; |
946 | 41 | $currentdate = date("Y-m-d H:i:s"); | 40 | $currentdate = date("Y-m-d H:i:s"); |
947 | @@ -75,17 +74,17 @@ | |||
948 | 75 | Debug::LogEntry($db, 'audit', 'Validation Compelte', 'Layout', 'Add'); | 74 | Debug::LogEntry($db, 'audit', 'Validation Compelte', 'Layout', 'Add'); |
949 | 76 | 75 | ||
950 | 77 | // Get the XML for this template. | 76 | // Get the XML for this template. |
952 | 78 | $templateXml = $this->GetTemplateXml($templateId); | 77 | $templateXml = $this->GetTemplateXml($templateId, $userid); |
953 | 79 | 78 | ||
954 | 80 | Debug::LogEntry($db, 'audit', 'Retrieved template xml', 'Layout', 'Add'); | 79 | Debug::LogEntry($db, 'audit', 'Retrieved template xml', 'Layout', 'Add'); |
955 | 81 | 80 | ||
956 | 82 | $SQL = <<<END | 81 | $SQL = <<<END |
959 | 83 | INSERT INTO layout (layout, description, userID, permissionID, createdDT, modifiedDT, tags, xml) | 82 | INSERT INTO layout (layout, description, userID, createdDT, modifiedDT, tags, xml) |
960 | 84 | VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s', '%s') | 83 | VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s') |
961 | 85 | END; | 84 | END; |
962 | 86 | 85 | ||
963 | 87 | $SQL = sprintf($SQL, $db->escape_string($layout), | 86 | $SQL = sprintf($SQL, $db->escape_string($layout), |
965 | 88 | $db->escape_string($description), $userid, $permissionid, | 87 | $db->escape_string($description), $userid, |
966 | 89 | $db->escape_string($currentdate), | 88 | $db->escape_string($currentdate), |
967 | 90 | $db->escape_string($currentdate), | 89 | $db->escape_string($currentdate), |
968 | 91 | $db->escape_string($tags), | 90 | $db->escape_string($tags), |
969 | @@ -124,7 +123,7 @@ | |||
970 | 124 | * Gets the XML for the specified template id | 123 | * Gets the XML for the specified template id |
971 | 125 | * @param <type> $templateId | 124 | * @param <type> $templateId |
972 | 126 | */ | 125 | */ |
974 | 127 | private function GetTemplateXml($templateId) | 126 | private function GetTemplateXml($templateId, $userId) |
975 | 128 | { | 127 | { |
976 | 129 | $db =& $this->db; | 128 | $db =& $this->db; |
977 | 130 | 129 | ||
978 | @@ -149,7 +148,16 @@ | |||
979 | 149 | if (!$row = $db->GetSingleRow(sprintf("SELECT xml FROM template WHERE templateID = %d ", $templateId))) | 148 | if (!$row = $db->GetSingleRow(sprintf("SELECT xml FROM template WHERE templateID = %d ", $templateId))) |
980 | 150 | trigger_error(__('Error getting this template.'), E_USER_ERROR); | 149 | trigger_error(__('Error getting this template.'), E_USER_ERROR); |
981 | 151 | 150 | ||
983 | 152 | $xml = $row['xml']; | 151 | $xmlDoc = new DOMDocument("1.0"); |
984 | 152 | $xmlDoc->loadXML($row['xml']); | ||
985 | 153 | |||
986 | 154 | $regionNodeList = $xmlDoc->getElementsByTagName('region'); | ||
987 | 155 | |||
988 | 156 | //get the regions | ||
989 | 157 | foreach ($regionNodeList as $region) | ||
990 | 158 | $region->setAttribute('userId', $userId); | ||
991 | 159 | |||
992 | 160 | $xml = $xmlDoc->saveXML(); | ||
993 | 153 | } | 161 | } |
994 | 154 | 162 | ||
995 | 155 | return $xml; | 163 | return $xml; |
996 | @@ -348,8 +356,8 @@ | |||
997 | 348 | 356 | ||
998 | 349 | // The Layout ID is the old layout | 357 | // The Layout ID is the old layout |
999 | 350 | $SQL = ""; | 358 | $SQL = ""; |
1002 | 351 | $SQL .= " INSERT INTO layout (layout, permissionID, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) "; | 359 | $SQL .= " INSERT INTO layout (layout, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) "; |
1003 | 352 | $SQL .= " SELECT '%s', permissionID, xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' "; | 360 | $SQL .= " SELECT '%s', xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' "; |
1004 | 353 | $SQL .= " FROM layout "; | 361 | $SQL .= " FROM layout "; |
1005 | 354 | $SQL .= " WHERE layoutid = %d"; | 362 | $SQL .= " WHERE layoutid = %d"; |
1006 | 355 | $SQL = sprintf($SQL, $db->escape_string($newLayoutName), $userId, $db->escape_string($currentdate), $db->escape_string($currentdate), $oldLayoutId); | 363 | $SQL = sprintf($SQL, $db->escape_string($newLayoutName), $userId, $db->escape_string($currentdate), $db->escape_string($currentdate), $oldLayoutId); |
1007 | @@ -427,6 +435,9 @@ | |||
1008 | 427 | $db =& $this->db; | 435 | $db =& $this->db; |
1009 | 428 | 436 | ||
1010 | 429 | // Remove all LK records for this layout | 437 | // Remove all LK records for this layout |
1011 | 438 | $db->query(sprintf('DELETE FROM lklayoutgroup WHERE layoutid = %d', $layoutId)); | ||
1012 | 439 | $db->query(sprintf('DELETE FROM lklayoutmediagroup WHERE layoutid = %d', $layoutId)); | ||
1013 | 440 | $db->query(sprintf('DELETE FROM lklayoutregiongroup WHERE layoutid = %d', $layoutId)); | ||
1014 | 430 | $db->query(sprintf('DELETE FROM lklayoutmedia WHERE layoutid = %d', $layoutId)); | 441 | $db->query(sprintf('DELETE FROM lklayoutmedia WHERE layoutid = %d', $layoutId)); |
1015 | 431 | 442 | ||
1016 | 432 | // Remove the Layout | 443 | // Remove the Layout |
1017 | 433 | 444 | ||
1018 | === added file 'server/lib/data/layoutgroupsecurity.data.class.php' | |||
1019 | --- server/lib/data/layoutgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
1020 | +++ server/lib/data/layoutgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
1021 | @@ -0,0 +1,149 @@ | |||
1022 | 1 | <?php | ||
1023 | 2 | /* | ||
1024 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
1025 | 4 | * Copyright (C) 2011 Daniel Garner | ||
1026 | 5 | * | ||
1027 | 6 | * This file is part of Xibo. | ||
1028 | 7 | * | ||
1029 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
1030 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
1031 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
1032 | 11 | * any later version. | ||
1033 | 12 | * | ||
1034 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
1035 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1036 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1037 | 16 | * GNU Affero General Public License for more details. | ||
1038 | 17 | * | ||
1039 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
1040 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
1041 | 20 | */ | ||
1042 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
1043 | 22 | |||
1044 | 23 | class LayoutGroupSecurity extends Data | ||
1045 | 24 | { | ||
1046 | 25 | public function __construct(database $db) | ||
1047 | 26 | { | ||
1048 | 27 | parent::__construct($db); | ||
1049 | 28 | } | ||
1050 | 29 | |||
1051 | 30 | /** | ||
1052 | 31 | * Links a Display Group to a Group | ||
1053 | 32 | * @return | ||
1054 | 33 | * @param $displayGroupID Object | ||
1055 | 34 | * @param $groupID Object | ||
1056 | 35 | */ | ||
1057 | 36 | public function Link($layoutId, $groupId, $view, $edit, $del) | ||
1058 | 37 | { | ||
1059 | 38 | $db =& $this->db; | ||
1060 | 39 | |||
1061 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Link'); | ||
1062 | 41 | |||
1063 | 42 | $SQL = ""; | ||
1064 | 43 | $SQL .= "INSERT "; | ||
1065 | 44 | $SQL .= "INTO lklayoutgroup "; | ||
1066 | 45 | $SQL .= " ( "; | ||
1067 | 46 | $SQL .= " LayoutID, "; | ||
1068 | 47 | $SQL .= " GroupID, "; | ||
1069 | 48 | $SQL .= " View, "; | ||
1070 | 49 | $SQL .= " Edit, "; | ||
1071 | 50 | $SQL .= " Del "; | ||
1072 | 51 | $SQL .= " ) "; | ||
1073 | 52 | $SQL .= " VALUES "; | ||
1074 | 53 | $SQL .= " ( "; | ||
1075 | 54 | $SQL .= sprintf(" %d, %d, %d, %d, %d ", $layoutId, $groupId, $view, $edit, $del); | ||
1076 | 55 | $SQL .= " )"; | ||
1077 | 56 | |||
1078 | 57 | if (!$db->query($SQL)) | ||
1079 | 58 | { | ||
1080 | 59 | trigger_error($db->error()); | ||
1081 | 60 | $this->SetError(25024, __('Could not Link Layout to Group')); | ||
1082 | 61 | |||
1083 | 62 | return false; | ||
1084 | 63 | } | ||
1085 | 64 | |||
1086 | 65 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Link'); | ||
1087 | 66 | |||
1088 | 67 | return true; | ||
1089 | 68 | } | ||
1090 | 69 | |||
1091 | 70 | /** | ||
1092 | 71 | * Links everyone to the layout specified | ||
1093 | 72 | * @param <type> $layoutId | ||
1094 | 73 | * @param <type> $view | ||
1095 | 74 | * @param <type> $edit | ||
1096 | 75 | * @param <type> $del | ||
1097 | 76 | * @return <type> | ||
1098 | 77 | */ | ||
1099 | 78 | public function LinkEveryone($layoutId, $view, $edit, $del) | ||
1100 | 79 | { | ||
1101 | 80 | $db =& $this->db; | ||
1102 | 81 | |||
1103 | 82 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone'); | ||
1104 | 83 | |||
1105 | 84 | $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); | ||
1106 | 85 | |||
1107 | 86 | return $this->Link($layoutId, $groupId, $view, $edit, $del); | ||
1108 | 87 | } | ||
1109 | 88 | |||
1110 | 89 | /** | ||
1111 | 90 | * Unlinks a display group from a group | ||
1112 | 91 | * @return | ||
1113 | 92 | * @param $displayGroupID Object | ||
1114 | 93 | * @param $groupID Object | ||
1115 | 94 | */ | ||
1116 | 95 | public function Unlink($layoutId, $groupId) | ||
1117 | 96 | { | ||
1118 | 97 | $db =& $this->db; | ||
1119 | 98 | |||
1120 | 99 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink'); | ||
1121 | 100 | |||
1122 | 101 | $SQL = ""; | ||
1123 | 102 | $SQL .= "DELETE FROM "; | ||
1124 | 103 | $SQL .= " lklayoutgroup "; | ||
1125 | 104 | $SQL .= sprintf(" WHERE LayoutID = %d AND GroupID = %d ", $layoutId, $groupId); | ||
1126 | 105 | |||
1127 | 106 | if (!$db->query($SQL)) | ||
1128 | 107 | { | ||
1129 | 108 | trigger_error($db->error()); | ||
1130 | 109 | $this->SetError(25025, __('Could not Unlink Layout from Group')); | ||
1131 | 110 | |||
1132 | 111 | return false; | ||
1133 | 112 | } | ||
1134 | 113 | |||
1135 | 114 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink'); | ||
1136 | 115 | |||
1137 | 116 | return true; | ||
1138 | 117 | } | ||
1139 | 118 | |||
1140 | 119 | /** | ||
1141 | 120 | * Unlinks a display group from a group | ||
1142 | 121 | * @return | ||
1143 | 122 | * @param $displayGroupID Object | ||
1144 | 123 | * @param $groupID Object | ||
1145 | 124 | */ | ||
1146 | 125 | public function UnlinkAll($layoutId) | ||
1147 | 126 | { | ||
1148 | 127 | $db =& $this->db; | ||
1149 | 128 | |||
1150 | 129 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink'); | ||
1151 | 130 | |||
1152 | 131 | $SQL = ""; | ||
1153 | 132 | $SQL .= "DELETE FROM "; | ||
1154 | 133 | $SQL .= " lklayoutgroup "; | ||
1155 | 134 | $SQL .= sprintf(" WHERE LayoutID = %d ", $layoutId); | ||
1156 | 135 | |||
1157 | 136 | if (!$db->query($SQL)) | ||
1158 | 137 | { | ||
1159 | 138 | trigger_error($db->error()); | ||
1160 | 139 | $this->SetError(25025, __('Could not Unlink Layout from Group')); | ||
1161 | 140 | |||
1162 | 141 | return false; | ||
1163 | 142 | } | ||
1164 | 143 | |||
1165 | 144 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink'); | ||
1166 | 145 | |||
1167 | 146 | return true; | ||
1168 | 147 | } | ||
1169 | 148 | } | ||
1170 | 149 | ?> | ||
1171 | 0 | \ No newline at end of file | 150 | \ No newline at end of file |
1172 | 1 | 151 | ||
1173 | === added file 'server/lib/data/layoutmediagroupsecurity.data.class.php' | |||
1174 | --- server/lib/data/layoutmediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
1175 | +++ server/lib/data/layoutmediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
1176 | @@ -0,0 +1,194 @@ | |||
1177 | 1 | <?php | ||
1178 | 2 | /* | ||
1179 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
1180 | 4 | * Copyright (C) 2011 Daniel Garner | ||
1181 | 5 | * | ||
1182 | 6 | * This file is part of Xibo. | ||
1183 | 7 | * | ||
1184 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
1185 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
1186 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
1187 | 11 | * any later version. | ||
1188 | 12 | * | ||
1189 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
1190 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1191 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1192 | 16 | * GNU Affero General Public License for more details. | ||
1193 | 17 | * | ||
1194 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
1195 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
1196 | 20 | */ | ||
1197 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
1198 | 22 | |||
1199 | 23 | class LayoutMediaGroupSecurity extends Data | ||
1200 | 24 | { | ||
1201 | 25 | public function __construct(database $db) | ||
1202 | 26 | { | ||
1203 | 27 | parent::__construct($db); | ||
1204 | 28 | } | ||
1205 | 29 | |||
1206 | 30 | /** | ||
1207 | 31 | * Links a Display Group to a Group | ||
1208 | 32 | * @return | ||
1209 | 33 | * @param $displayGroupID Object | ||
1210 | 34 | * @param $groupID Object | ||
1211 | 35 | */ | ||
1212 | 36 | public function Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del) | ||
1213 | 37 | { | ||
1214 | 38 | $db =& $this->db; | ||
1215 | 39 | |||
1216 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Link'); | ||
1217 | 41 | |||
1218 | 42 | $SQL = ""; | ||
1219 | 43 | $SQL .= "INSERT "; | ||
1220 | 44 | $SQL .= "INTO lklayoutmediagroup "; | ||
1221 | 45 | $SQL .= " ( "; | ||
1222 | 46 | $SQL .= " LayoutID, "; | ||
1223 | 47 | $SQL .= " RegionID, "; | ||
1224 | 48 | $SQL .= " MediaID, "; | ||
1225 | 49 | $SQL .= " GroupID, "; | ||
1226 | 50 | $SQL .= " View, "; | ||
1227 | 51 | $SQL .= " Edit, "; | ||
1228 | 52 | $SQL .= " Del "; | ||
1229 | 53 | $SQL .= " ) "; | ||
1230 | 54 | $SQL .= " VALUES "; | ||
1231 | 55 | $SQL .= " ( "; | ||
1232 | 56 | $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d, %d ", $layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del); | ||
1233 | 57 | $SQL .= " )"; | ||
1234 | 58 | |||
1235 | 59 | if (!$db->query($SQL)) | ||
1236 | 60 | { | ||
1237 | 61 | trigger_error($db->error()); | ||
1238 | 62 | $this->SetError(25026, __('Could not Link Layout Media to Group')); | ||
1239 | 63 | |||
1240 | 64 | return false; | ||
1241 | 65 | } | ||
1242 | 66 | |||
1243 | 67 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Link'); | ||
1244 | 68 | |||
1245 | 69 | return true; | ||
1246 | 70 | } | ||
1247 | 71 | |||
1248 | 72 | /** | ||
1249 | 73 | * Links everyone to the layout specified | ||
1250 | 74 | * @param <type> $layoutId | ||
1251 | 75 | * @param <type> $view | ||
1252 | 76 | * @param <type> $edit | ||
1253 | 77 | * @param <type> $del | ||
1254 | 78 | * @return <type> | ||
1255 | 79 | */ | ||
1256 | 80 | public function LinkEveryone($layoutId, $regionId, $mediaId, $view, $edit, $del) | ||
1257 | 81 | { | ||
1258 | 82 | $db =& $this->db; | ||
1259 | 83 | |||
1260 | 84 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'LinkEveryone'); | ||
1261 | 85 | |||
1262 | 86 | $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); | ||
1263 | 87 | |||
1264 | 88 | return $this->Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del); | ||
1265 | 89 | } | ||
1266 | 90 | |||
1267 | 91 | /** | ||
1268 | 92 | * Unlinks a display group from a group | ||
1269 | 93 | * @return | ||
1270 | 94 | * @param $displayGroupID Object | ||
1271 | 95 | * @param $groupID Object | ||
1272 | 96 | */ | ||
1273 | 97 | public function Unlink($layoutId, $regionId, $mediaId, $groupId) | ||
1274 | 98 | { | ||
1275 | 99 | $db =& $this->db; | ||
1276 | 100 | |||
1277 | 101 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink'); | ||
1278 | 102 | |||
1279 | 103 | $SQL = ""; | ||
1280 | 104 | $SQL .= "DELETE FROM "; | ||
1281 | 105 | $SQL .= " lklayoutmediagroup "; | ||
1282 | 106 | $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' AND GroupID = %d ", $layoutId, $regionId, $mediaId, $groupId); | ||
1283 | 107 | |||
1284 | 108 | if (!$db->query($SQL)) | ||
1285 | 109 | { | ||
1286 | 110 | trigger_error($db->error()); | ||
1287 | 111 | $this->SetError(25027, __('Could not Unlink Layout Media from Group')); | ||
1288 | 112 | |||
1289 | 113 | return false; | ||
1290 | 114 | } | ||
1291 | 115 | |||
1292 | 116 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink'); | ||
1293 | 117 | |||
1294 | 118 | return true; | ||
1295 | 119 | } | ||
1296 | 120 | |||
1297 | 121 | /** | ||
1298 | 122 | * Unlinks a display group from a group | ||
1299 | 123 | * @return | ||
1300 | 124 | * @param $displayGroupID Object | ||
1301 | 125 | * @param $groupID Object | ||
1302 | 126 | */ | ||
1303 | 127 | public function UnlinkAll($layoutId, $regionId, $mediaId) | ||
1304 | 128 | { | ||
1305 | 129 | $db =& $this->db; | ||
1306 | 130 | |||
1307 | 131 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink'); | ||
1308 | 132 | |||
1309 | 133 | $SQL = ""; | ||
1310 | 134 | $SQL .= "DELETE FROM "; | ||
1311 | 135 | $SQL .= " lklayoutmediagroup "; | ||
1312 | 136 | $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' ", $layoutId, $regionId, $mediaId); | ||
1313 | 137 | |||
1314 | 138 | if (!$db->query($SQL)) | ||
1315 | 139 | { | ||
1316 | 140 | trigger_error($db->error()); | ||
1317 | 141 | $this->SetError(25028, __('Could not Unlink Layout Media from Group')); | ||
1318 | 142 | |||
1319 | 143 | return false; | ||
1320 | 144 | } | ||
1321 | 145 | |||
1322 | 146 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink'); | ||
1323 | 147 | |||
1324 | 148 | return true; | ||
1325 | 149 | } | ||
1326 | 150 | |||
1327 | 151 | /** | ||
1328 | 152 | * Copies a media items permissions | ||
1329 | 153 | * @param <type> $layoutId | ||
1330 | 154 | * @param <type> $regionId | ||
1331 | 155 | * @param <type> $mediaId | ||
1332 | 156 | * @param <type> $newMediaId | ||
1333 | 157 | * @return <type> | ||
1334 | 158 | */ | ||
1335 | 159 | public function Copy($layoutId, $regionId, $mediaId, $newMediaId) | ||
1336 | 160 | { | ||
1337 | 161 | $db =& $this->db; | ||
1338 | 162 | |||
1339 | 163 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Copy'); | ||
1340 | 164 | |||
1341 | 165 | $SQL = ""; | ||
1342 | 166 | $SQL .= "INSERT "; | ||
1343 | 167 | $SQL .= "INTO lklayoutmediagroup "; | ||
1344 | 168 | $SQL .= " ( "; | ||
1345 | 169 | $SQL .= " LayoutID, "; | ||
1346 | 170 | $SQL .= " RegionID, "; | ||
1347 | 171 | $SQL .= " MediaID, "; | ||
1348 | 172 | $SQL .= " GroupID, "; | ||
1349 | 173 | $SQL .= " View, "; | ||
1350 | 174 | $SQL .= " Edit, "; | ||
1351 | 175 | $SQL .= " Del "; | ||
1352 | 176 | $SQL .= " ) "; | ||
1353 | 177 | $SQL .= " SELECT LayoutID, RegionID, '%s', GroupID, View, Edit, Del "; | ||
1354 | 178 | $SQL .= " FROM lklayoutmediagroup "; | ||
1355 | 179 | $SQL .= " WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' "; | ||
1356 | 180 | |||
1357 | 181 | $SQL = sprintf($SQL, $newMediaId, $layoutId, $regionId, $mediaId); | ||
1358 | 182 | |||
1359 | 183 | if (!$db->query($SQL)) | ||
1360 | 184 | { | ||
1361 | 185 | trigger_error($db->error()); | ||
1362 | 186 | $this->SetError(25028, __('Could not Copy Layout Media Security')); | ||
1363 | 187 | |||
1364 | 188 | return false; | ||
1365 | 189 | } | ||
1366 | 190 | |||
1367 | 191 | return true; | ||
1368 | 192 | } | ||
1369 | 193 | } | ||
1370 | 194 | ?> | ||
1371 | 0 | \ No newline at end of file | 195 | \ No newline at end of file |
1372 | 1 | 196 | ||
1373 | === added file 'server/lib/data/layoutregiongroupsecurity.data.class.php' | |||
1374 | --- server/lib/data/layoutregiongroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
1375 | +++ server/lib/data/layoutregiongroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
1376 | @@ -0,0 +1,150 @@ | |||
1377 | 1 | <?php | ||
1378 | 2 | /* | ||
1379 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
1380 | 4 | * Copyright (C) 2011 Daniel Garner | ||
1381 | 5 | * | ||
1382 | 6 | * This file is part of Xibo. | ||
1383 | 7 | * | ||
1384 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
1385 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
1386 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
1387 | 11 | * any later version. | ||
1388 | 12 | * | ||
1389 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
1390 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1391 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1392 | 16 | * GNU Affero General Public License for more details. | ||
1393 | 17 | * | ||
1394 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
1395 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
1396 | 20 | */ | ||
1397 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
1398 | 22 | |||
1399 | 23 | class LayoutRegionGroupSecurity extends Data | ||
1400 | 24 | { | ||
1401 | 25 | public function __construct(database $db) | ||
1402 | 26 | { | ||
1403 | 27 | parent::__construct($db); | ||
1404 | 28 | } | ||
1405 | 29 | |||
1406 | 30 | /** | ||
1407 | 31 | * Links a Display Group to a Group | ||
1408 | 32 | * @return | ||
1409 | 33 | * @param $displayGroupID Object | ||
1410 | 34 | * @param $groupID Object | ||
1411 | 35 | */ | ||
1412 | 36 | public function Link($layoutId, $regionId, $groupId, $view, $edit, $del) | ||
1413 | 37 | { | ||
1414 | 38 | $db =& $this->db; | ||
1415 | 39 | |||
1416 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Link'); | ||
1417 | 41 | |||
1418 | 42 | $SQL = ""; | ||
1419 | 43 | $SQL .= "INSERT "; | ||
1420 | 44 | $SQL .= "INTO lklayoutregiongroup "; | ||
1421 | 45 | $SQL .= " ( "; | ||
1422 | 46 | $SQL .= " LayoutID, "; | ||
1423 | 47 | $SQL .= " RegionID, "; | ||
1424 | 48 | $SQL .= " GroupID, "; | ||
1425 | 49 | $SQL .= " View, "; | ||
1426 | 50 | $SQL .= " Edit, "; | ||
1427 | 51 | $SQL .= " Del "; | ||
1428 | 52 | $SQL .= " ) "; | ||
1429 | 53 | $SQL .= " VALUES "; | ||
1430 | 54 | $SQL .= " ( "; | ||
1431 | 55 | $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d ", $layoutId, $regionId, $groupId, $view, $edit, $del); | ||
1432 | 56 | $SQL .= " )"; | ||
1433 | 57 | |||
1434 | 58 | if (!$db->query($SQL)) | ||
1435 | 59 | { | ||
1436 | 60 | trigger_error($db->error()); | ||
1437 | 61 | $this->SetError(25026, __('Could not Link Layout Region to Group')); | ||
1438 | 62 | |||
1439 | 63 | return false; | ||
1440 | 64 | } | ||
1441 | 65 | |||
1442 | 66 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Link'); | ||
1443 | 67 | |||
1444 | 68 | return true; | ||
1445 | 69 | } | ||
1446 | 70 | |||
1447 | 71 | /** | ||
1448 | 72 | * Links everyone to the layout specified | ||
1449 | 73 | * @param <type> $layoutId | ||
1450 | 74 | * @param <type> $view | ||
1451 | 75 | * @param <type> $edit | ||
1452 | 76 | * @param <type> $del | ||
1453 | 77 | * @return <type> | ||
1454 | 78 | */ | ||
1455 | 79 | public function LinkEveryone($layoutId, $regionId, $view, $edit, $del) | ||
1456 | 80 | { | ||
1457 | 81 | $db =& $this->db; | ||
1458 | 82 | |||
1459 | 83 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone'); | ||
1460 | 84 | |||
1461 | 85 | $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); | ||
1462 | 86 | |||
1463 | 87 | return $this->Link($layoutId, $regionId, $groupId, $view, $edit, $del); | ||
1464 | 88 | } | ||
1465 | 89 | |||
1466 | 90 | /** | ||
1467 | 91 | * Unlinks a display group from a group | ||
1468 | 92 | * @return | ||
1469 | 93 | * @param $displayGroupID Object | ||
1470 | 94 | * @param $groupID Object | ||
1471 | 95 | */ | ||
1472 | 96 | public function Unlink($layoutId, $regionId, $groupId) | ||
1473 | 97 | { | ||
1474 | 98 | $db =& $this->db; | ||
1475 | 99 | |||
1476 | 100 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink'); | ||
1477 | 101 | |||
1478 | 102 | $SQL = ""; | ||
1479 | 103 | $SQL .= "DELETE FROM "; | ||
1480 | 104 | $SQL .= " lklayoutregiongroup "; | ||
1481 | 105 | $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND GroupID = %d ", $layoutId, $regionId, $groupId); | ||
1482 | 106 | |||
1483 | 107 | if (!$db->query($SQL)) | ||
1484 | 108 | { | ||
1485 | 109 | trigger_error($db->error()); | ||
1486 | 110 | $this->SetError(25027, __('Could not Unlink Layout Region from Group')); | ||
1487 | 111 | |||
1488 | 112 | return false; | ||
1489 | 113 | } | ||
1490 | 114 | |||
1491 | 115 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink'); | ||
1492 | 116 | |||
1493 | 117 | return true; | ||
1494 | 118 | } | ||
1495 | 119 | |||
1496 | 120 | /** | ||
1497 | 121 | * Unlinks a display group from a group | ||
1498 | 122 | * @return | ||
1499 | 123 | * @param $displayGroupID Object | ||
1500 | 124 | * @param $groupID Object | ||
1501 | 125 | */ | ||
1502 | 126 | public function UnlinkAll($layoutId, $regionId) | ||
1503 | 127 | { | ||
1504 | 128 | $db =& $this->db; | ||
1505 | 129 | |||
1506 | 130 | Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink'); | ||
1507 | 131 | |||
1508 | 132 | $SQL = ""; | ||
1509 | 133 | $SQL .= "DELETE FROM "; | ||
1510 | 134 | $SQL .= " lklayoutregiongroup "; | ||
1511 | 135 | $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' ", $layoutId, $regionId); | ||
1512 | 136 | |||
1513 | 137 | if (!$db->query($SQL)) | ||
1514 | 138 | { | ||
1515 | 139 | trigger_error($db->error()); | ||
1516 | 140 | $this->SetError(25028, __('Could not Unlink Layout Region from Group')); | ||
1517 | 141 | |||
1518 | 142 | return false; | ||
1519 | 143 | } | ||
1520 | 144 | |||
1521 | 145 | Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink'); | ||
1522 | 146 | |||
1523 | 147 | return true; | ||
1524 | 148 | } | ||
1525 | 149 | } | ||
1526 | 150 | ?> | ||
1527 | 0 | \ No newline at end of file | 151 | \ No newline at end of file |
1528 | 1 | 152 | ||
1529 | === modified file 'server/lib/data/media.data.class.php' | |||
1530 | --- server/lib/data/media.data.class.php 2011-05-14 10:14:52 +0000 | |||
1531 | +++ server/lib/data/media.data.class.php 2011-08-18 23:36:27 +0000 | |||
1532 | @@ -33,11 +33,10 @@ | |||
1533 | 33 | * @param <type> $name | 33 | * @param <type> $name |
1534 | 34 | * @param <type> $duration | 34 | * @param <type> $duration |
1535 | 35 | * @param <type> $fileName | 35 | * @param <type> $fileName |
1536 | 36 | * @param <type> $permissionId | ||
1537 | 37 | * @param <type> $userId | 36 | * @param <type> $userId |
1538 | 38 | * @return <type> | 37 | * @return <type> |
1539 | 39 | */ | 38 | */ |
1541 | 40 | public function Add($fileId, $type, $name, $duration, $fileName, $permissionId, $userId) | 39 | public function Add($fileId, $type, $name, $duration, $fileName, $userId) |
1542 | 41 | { | 40 | { |
1543 | 42 | $db =& $this->db; | 41 | $db =& $this->db; |
1544 | 43 | 42 | ||
1545 | @@ -62,11 +61,11 @@ | |||
1546 | 62 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); | 61 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); |
1547 | 63 | 62 | ||
1548 | 64 | // All OK to insert this record | 63 | // All OK to insert this record |
1551 | 65 | $SQL = "INSERT INTO media (name, type, duration, originalFilename, permissionID, userID, retired ) "; | 64 | $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; |
1552 | 66 | $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, %d, 0) "; | 65 | $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, 0) "; |
1553 | 67 | 66 | ||
1554 | 68 | $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($type), | 67 | $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($type), |
1556 | 69 | $db->escape_string($duration), $db->escape_string($fileName), $permissionId, $userId); | 68 | $db->escape_string($duration), $db->escape_string($fileName), $userId); |
1557 | 70 | 69 | ||
1558 | 71 | if (!$mediaId = $db->insert_query($SQL)) | 70 | if (!$mediaId = $db->insert_query($SQL)) |
1559 | 72 | { | 71 | { |
1560 | @@ -111,10 +110,9 @@ | |||
1561 | 111 | * @param <type> $mediaId | 110 | * @param <type> $mediaId |
1562 | 112 | * @param <type> $name | 111 | * @param <type> $name |
1563 | 113 | * @param <type> $duration | 112 | * @param <type> $duration |
1564 | 114 | * @param <type> $permissionId | ||
1565 | 115 | * @return <bool> | 113 | * @return <bool> |
1566 | 116 | */ | 114 | */ |
1568 | 117 | public function Edit($mediaId, $name, $duration, $permissionId, $userId) | 115 | public function Edit($mediaId, $name, $duration, $userId) |
1569 | 118 | { | 116 | { |
1570 | 119 | $db =& $this->db; | 117 | $db =& $this->db; |
1571 | 120 | 118 | ||
1572 | @@ -128,8 +126,8 @@ | |||
1573 | 128 | if ($db->GetSingleRow(sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userId))) | 126 | if ($db->GetSingleRow(sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userId))) |
1574 | 129 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); | 127 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); |
1575 | 130 | 128 | ||
1578 | 131 | $SQL = "UPDATE media SET name = '%s', duration = %d, permissionID = %d WHERE MediaID = %d"; | 129 | $SQL = "UPDATE media SET name = '%s', duration = %d WHERE MediaID = %d"; |
1579 | 132 | $SQL = sprintf($SQL, $db->escape_string($name), $duration, $permissionId, $mediaId); | 130 | $SQL = sprintf($SQL, $db->escape_string($name), $duration, $mediaId); |
1580 | 133 | 131 | ||
1581 | 134 | if (!$db->query($SQL)) | 132 | if (!$db->query($SQL)) |
1582 | 135 | { | 133 | { |
1583 | @@ -153,7 +151,7 @@ | |||
1584 | 153 | // Call add with this file Id and then update the existing mediaId with the returned mediaId | 151 | // Call add with this file Id and then update the existing mediaId with the returned mediaId |
1585 | 154 | // from the add call. | 152 | // from the add call. |
1586 | 155 | // Will need to get some information about the existing media record first. | 153 | // Will need to get some information about the existing media record first. |
1588 | 156 | $SQL = "SELECT name, duration, permissionId, UserID, type FROM media WHERE MediaID = %d"; | 154 | $SQL = "SELECT name, duration, UserID, type FROM media WHERE MediaID = %d"; |
1589 | 157 | $SQL = sprintf($SQL, $mediaId); | 155 | $SQL = sprintf($SQL, $mediaId); |
1590 | 158 | 156 | ||
1591 | 159 | if (!$row = $db->GetSingleRow($SQL)) | 157 | if (!$row = $db->GetSingleRow($SQL)) |
1592 | @@ -162,7 +160,7 @@ | |||
1593 | 162 | return $this->SetError(31, 'Unable to get information about existing media record.'); | 160 | return $this->SetError(31, 'Unable to get information about existing media record.'); |
1594 | 163 | } | 161 | } |
1595 | 164 | 162 | ||
1597 | 165 | if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['permissionId'], $row['UserID'])) | 163 | if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['UserID'])) |
1598 | 166 | return false; | 164 | return false; |
1599 | 167 | 165 | ||
1600 | 168 | // Update the existing record with the new record's id | 166 | // Update the existing record with the new record's id |
1601 | 169 | 167 | ||
1602 | === added file 'server/lib/data/mediagroupsecurity.data.class.php' | |||
1603 | --- server/lib/data/mediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
1604 | +++ server/lib/data/mediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
1605 | @@ -0,0 +1,188 @@ | |||
1606 | 1 | <?php | ||
1607 | 2 | /* | ||
1608 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
1609 | 4 | * Copyright (C) 2011 Daniel Garner | ||
1610 | 5 | * | ||
1611 | 6 | * This file is part of Xibo. | ||
1612 | 7 | * | ||
1613 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
1614 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
1615 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
1616 | 11 | * any later version. | ||
1617 | 12 | * | ||
1618 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
1619 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1620 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1621 | 16 | * GNU Affero General Public License for more details. | ||
1622 | 17 | * | ||
1623 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
1624 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
1625 | 20 | */ | ||
1626 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
1627 | 22 | |||
1628 | 23 | class MediaGroupSecurity extends Data | ||
1629 | 24 | { | ||
1630 | 25 | public function __construct(database $db) | ||
1631 | 26 | { | ||
1632 | 27 | parent::__construct($db); | ||
1633 | 28 | } | ||
1634 | 29 | |||
1635 | 30 | /** | ||
1636 | 31 | * Links a Display Group to a Group | ||
1637 | 32 | * @return | ||
1638 | 33 | * @param $displayGroupID Object | ||
1639 | 34 | * @param $groupID Object | ||
1640 | 35 | */ | ||
1641 | 36 | public function Link($mediaId, $groupId, $view, $edit, $del) | ||
1642 | 37 | { | ||
1643 | 38 | $db =& $this->db; | ||
1644 | 39 | |||
1645 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Link'); | ||
1646 | 41 | |||
1647 | 42 | $SQL = ""; | ||
1648 | 43 | $SQL .= "INSERT "; | ||
1649 | 44 | $SQL .= "INTO lkmediagroup "; | ||
1650 | 45 | $SQL .= " ( "; | ||
1651 | 46 | $SQL .= " MediaID, "; | ||
1652 | 47 | $SQL .= " GroupID, "; | ||
1653 | 48 | $SQL .= " View, "; | ||
1654 | 49 | $SQL .= " Edit, "; | ||
1655 | 50 | $SQL .= " Del "; | ||
1656 | 51 | $SQL .= " ) "; | ||
1657 | 52 | $SQL .= " VALUES "; | ||
1658 | 53 | $SQL .= " ( "; | ||
1659 | 54 | $SQL .= sprintf(" %d, %d, %d, %d, %d ", $mediaId, $groupId, $view, $edit, $del); | ||
1660 | 55 | $SQL .= " )"; | ||
1661 | 56 | |||
1662 | 57 | if (!$db->query($SQL)) | ||
1663 | 58 | { | ||
1664 | 59 | trigger_error($db->error()); | ||
1665 | 60 | $this->SetError(25026, __('Could not Link Media to Group')); | ||
1666 | 61 | |||
1667 | 62 | return false; | ||
1668 | 63 | } | ||
1669 | 64 | |||
1670 | 65 | Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Link'); | ||
1671 | 66 | |||
1672 | 67 | return true; | ||
1673 | 68 | } | ||
1674 | 69 | |||
1675 | 70 | /** | ||
1676 | 71 | * Links everyone to the layout specified | ||
1677 | 72 | * @param <type> $layoutId | ||
1678 | 73 | * @param <type> $view | ||
1679 | 74 | * @param <type> $edit | ||
1680 | 75 | * @param <type> $del | ||
1681 | 76 | * @return <type> | ||
1682 | 77 | */ | ||
1683 | 78 | public function LinkEveryone($mediaId, $view, $edit, $del) | ||
1684 | 79 | { | ||
1685 | 80 | $db =& $this->db; | ||
1686 | 81 | |||
1687 | 82 | Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'LinkEveryone'); | ||
1688 | 83 | |||
1689 | 84 | $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); | ||
1690 | 85 | |||
1691 | 86 | return $this->Link($mediaId, $groupId, $view, $edit, $del); | ||
1692 | 87 | } | ||
1693 | 88 | |||
1694 | 89 | /** | ||
1695 | 90 | * Unlinks a display group from a group | ||
1696 | 91 | * @return | ||
1697 | 92 | * @param $displayGroupID Object | ||
1698 | 93 | * @param $groupID Object | ||
1699 | 94 | */ | ||
1700 | 95 | public function Unlink($mediaId, $groupId) | ||
1701 | 96 | { | ||
1702 | 97 | $db =& $this->db; | ||
1703 | 98 | |||
1704 | 99 | Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink'); | ||
1705 | 100 | |||
1706 | 101 | $SQL = ""; | ||
1707 | 102 | $SQL .= "DELETE FROM "; | ||
1708 | 103 | $SQL .= " lkmediagroup "; | ||
1709 | 104 | $SQL .= sprintf(" WHERE MediaID = %d AND GroupID = %d ", $mediaId, $groupId); | ||
1710 | 105 | |||
1711 | 106 | if (!$db->query($SQL)) | ||
1712 | 107 | { | ||
1713 | 108 | trigger_error($db->error()); | ||
1714 | 109 | $this->SetError(25027, __('Could not Unlink Layout from Group')); | ||
1715 | 110 | |||
1716 | 111 | return false; | ||
1717 | 112 | } | ||
1718 | 113 | |||
1719 | 114 | Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink'); | ||
1720 | 115 | |||
1721 | 116 | return true; | ||
1722 | 117 | } | ||
1723 | 118 | |||
1724 | 119 | /** | ||
1725 | 120 | * Unlinks a display group from a group | ||
1726 | 121 | * @return | ||
1727 | 122 | * @param $displayGroupID Object | ||
1728 | 123 | * @param $groupID Object | ||
1729 | 124 | */ | ||
1730 | 125 | public function UnlinkAll($mediaId) | ||
1731 | 126 | { | ||
1732 | 127 | $db =& $this->db; | ||
1733 | 128 | |||
1734 | 129 | Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink'); | ||
1735 | 130 | |||
1736 | 131 | $SQL = ""; | ||
1737 | 132 | $SQL .= "DELETE FROM "; | ||
1738 | 133 | $SQL .= " lkmediagroup "; | ||
1739 | 134 | $SQL .= sprintf(" WHERE MediaID = %d ", $mediaId); | ||
1740 | 135 | |||
1741 | 136 | if (!$db->query($SQL)) | ||
1742 | 137 | { | ||
1743 | 138 | trigger_error($db->error()); | ||
1744 | 139 | $this->SetError(25028, __('Could not Unlink Media from Group')); | ||
1745 | 140 | |||
1746 | 141 | return false; | ||
1747 | 142 | } | ||
1748 | 143 | |||
1749 | 144 | Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink'); | ||
1750 | 145 | |||
1751 | 146 | return true; | ||
1752 | 147 | } | ||
1753 | 148 | |||
1754 | 149 | /** | ||
1755 | 150 | * Copies a media items permissions | ||
1756 | 151 | * @param <type> $mediaId | ||
1757 | 152 | * @param <type> $newMediaId | ||
1758 | 153 | * @return <type> | ||
1759 | 154 | */ | ||
1760 | 155 | public function Copy($mediaId, $newMediaId) | ||
1761 | 156 | { | ||
1762 | 157 | $db =& $this->db; | ||
1763 | 158 | |||
1764 | 159 | Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Copy'); | ||
1765 | 160 | |||
1766 | 161 | $SQL = ""; | ||
1767 | 162 | $SQL .= "INSERT "; | ||
1768 | 163 | $SQL .= "INTO lkmediagroup "; | ||
1769 | 164 | $SQL .= " ( "; | ||
1770 | 165 | $SQL .= " MediaID, "; | ||
1771 | 166 | $SQL .= " GroupID, "; | ||
1772 | 167 | $SQL .= " View, "; | ||
1773 | 168 | $SQL .= " Edit, "; | ||
1774 | 169 | $SQL .= " Del "; | ||
1775 | 170 | $SQL .= " ) "; | ||
1776 | 171 | $SQL .= " SELECT '%s', GroupID, View, Edit, Del "; | ||
1777 | 172 | $SQL .= " FROM lkmediagroup "; | ||
1778 | 173 | $SQL .= " WHERE MediaID = '%s' "; | ||
1779 | 174 | |||
1780 | 175 | $SQL = sprintf($SQL, $newMediaId, $mediaId); | ||
1781 | 176 | |||
1782 | 177 | if (!$db->query($SQL)) | ||
1783 | 178 | { | ||
1784 | 179 | trigger_error($db->error()); | ||
1785 | 180 | $this->SetError(25028, __('Could not Copy Layout Media Security')); | ||
1786 | 181 | |||
1787 | 182 | return false; | ||
1788 | 183 | } | ||
1789 | 184 | |||
1790 | 185 | return true; | ||
1791 | 186 | } | ||
1792 | 187 | } | ||
1793 | 188 | ?> | ||
1794 | 0 | \ No newline at end of file | 189 | \ No newline at end of file |
1795 | 1 | 190 | ||
1796 | === modified file 'server/lib/data/schedule.data.class.php' | |||
1797 | --- server/lib/data/schedule.data.class.php 2011-02-13 17:08:55 +0000 | |||
1798 | +++ server/lib/data/schedule.data.class.php 2011-08-18 23:36:27 +0000 | |||
1799 | @@ -44,6 +44,8 @@ | |||
1800 | 44 | if (count($displayGroupIDs) == 0) | 44 | if (count($displayGroupIDs) == 0) |
1801 | 45 | return $this->SetError(25001, __('No display groups selected')); | 45 | return $this->SetError(25001, __('No display groups selected')); |
1802 | 46 | 46 | ||
1803 | 47 | if ($userID == 0) | ||
1804 | 48 | return $this->SetError(25001, __('No User Id Present')); | ||
1805 | 47 | 49 | ||
1806 | 48 | // Cant have a 0 increment as it creates a loop | 50 | // Cant have a 0 increment as it creates a loop |
1807 | 49 | if ($recDetail == 0) | 51 | if ($recDetail == 0) |
1808 | 50 | 52 | ||
1809 | === added file 'server/lib/data/templategroupsecurity.data.class.php' | |||
1810 | --- server/lib/data/templategroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 | |||
1811 | +++ server/lib/data/templategroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 | |||
1812 | @@ -0,0 +1,130 @@ | |||
1813 | 1 | <?php | ||
1814 | 2 | /* | ||
1815 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
1816 | 4 | * Copyright (C) 2011 Daniel Garner | ||
1817 | 5 | * | ||
1818 | 6 | * This file is part of Xibo. | ||
1819 | 7 | * | ||
1820 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
1821 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
1822 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
1823 | 11 | * any later version. | ||
1824 | 12 | * | ||
1825 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
1826 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1827 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
1828 | 16 | * GNU Affero General Public License for more details. | ||
1829 | 17 | * | ||
1830 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
1831 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
1832 | 20 | */ | ||
1833 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
1834 | 22 | |||
1835 | 23 | class TemplateGroupSecurity extends Data | ||
1836 | 24 | { | ||
1837 | 25 | public function __construct(database $db) | ||
1838 | 26 | { | ||
1839 | 27 | parent::__construct($db); | ||
1840 | 28 | } | ||
1841 | 29 | |||
1842 | 30 | /** | ||
1843 | 31 | * Links a Display Group to a Group | ||
1844 | 32 | * @return | ||
1845 | 33 | * @param $displayGroupID Object | ||
1846 | 34 | * @param $groupID Object | ||
1847 | 35 | */ | ||
1848 | 36 | public function Link($templateId, $groupId, $view, $edit, $del) | ||
1849 | 37 | { | ||
1850 | 38 | $db =& $this->db; | ||
1851 | 39 | |||
1852 | 40 | Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Link'); | ||
1853 | 41 | |||
1854 | 42 | $SQL = ""; | ||
1855 | 43 | $SQL .= "INSERT "; | ||
1856 | 44 | $SQL .= "INTO lktemplategroup "; | ||
1857 | 45 | $SQL .= " ( "; | ||
1858 | 46 | $SQL .= " TemplateID, "; | ||
1859 | 47 | $SQL .= " GroupID, "; | ||
1860 | 48 | $SQL .= " View, "; | ||
1861 | 49 | $SQL .= " Edit, "; | ||
1862 | 50 | $SQL .= " Del "; | ||
1863 | 51 | $SQL .= " ) "; | ||
1864 | 52 | $SQL .= " VALUES "; | ||
1865 | 53 | $SQL .= " ( "; | ||
1866 | 54 | $SQL .= sprintf(" %d, %d, %d, %d, %d ", $templateId, $groupId, $view, $edit, $del); | ||
1867 | 55 | $SQL .= " )"; | ||
1868 | 56 | |||
1869 | 57 | if (!$db->query($SQL)) | ||
1870 | 58 | { | ||
1871 | 59 | trigger_error($db->error()); | ||
1872 | 60 | $this->SetError(25024, __('Could not Link Template to Group')); | ||
1873 | 61 | |||
1874 | 62 | return false; | ||
1875 | 63 | } | ||
1876 | 64 | |||
1877 | 65 | Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Link'); | ||
1878 | 66 | |||
1879 | 67 | return true; | ||
1880 | 68 | } | ||
1881 | 69 | |||
1882 | 70 | /** | ||
1883 | 71 | * Unlinks a display group from a group | ||
1884 | 72 | * @return | ||
1885 | 73 | * @param $displayGroupID Object | ||
1886 | 74 | * @param $groupID Object | ||
1887 | 75 | */ | ||
1888 | 76 | public function Unlink($templateId, $groupId) | ||
1889 | 77 | { | ||
1890 | 78 | $db =& $this->db; | ||
1891 | 79 | |||
1892 | 80 | Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink'); | ||
1893 | 81 | |||
1894 | 82 | $SQL = ""; | ||
1895 | 83 | $SQL .= "DELETE FROM "; | ||
1896 | 84 | $SQL .= " lktemplategroup "; | ||
1897 | 85 | $SQL .= sprintf(" WHERE TemplateID = %d AND GroupID = %d ", $templateId, $groupId); | ||
1898 | 86 | |||
1899 | 87 | if (!$db->query($SQL)) | ||
1900 | 88 | { | ||
1901 | 89 | trigger_error($db->error()); | ||
1902 | 90 | $this->SetError(25025, __('Could not Unlink Template from Group')); | ||
1903 | 91 | |||
1904 | 92 | return false; | ||
1905 | 93 | } | ||
1906 | 94 | |||
1907 | 95 | Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink'); | ||
1908 | 96 | |||
1909 | 97 | return true; | ||
1910 | 98 | } | ||
1911 | 99 | |||
1912 | 100 | /** | ||
1913 | 101 | * Unlinks a display group from a group | ||
1914 | 102 | * @return | ||
1915 | 103 | * @param $displayGroupID Object | ||
1916 | 104 | * @param $groupID Object | ||
1917 | 105 | */ | ||
1918 | 106 | public function UnlinkAll($templateId) | ||
1919 | 107 | { | ||
1920 | 108 | $db =& $this->db; | ||
1921 | 109 | |||
1922 | 110 | Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink'); | ||
1923 | 111 | |||
1924 | 112 | $SQL = ""; | ||
1925 | 113 | $SQL .= "DELETE FROM "; | ||
1926 | 114 | $SQL .= " lktemplategroup "; | ||
1927 | 115 | $SQL .= sprintf(" WHERE TemplateID = %d ", $templateId); | ||
1928 | 116 | |||
1929 | 117 | if (!$db->query($SQL)) | ||
1930 | 118 | { | ||
1931 | 119 | trigger_error($db->error()); | ||
1932 | 120 | $this->SetError(25025, __('Could not Unlink Template from Group')); | ||
1933 | 121 | |||
1934 | 122 | return false; | ||
1935 | 123 | } | ||
1936 | 124 | |||
1937 | 125 | Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink'); | ||
1938 | 126 | |||
1939 | 127 | return true; | ||
1940 | 128 | } | ||
1941 | 129 | } | ||
1942 | 130 | ?> | ||
1943 | 0 | \ No newline at end of file | 131 | \ No newline at end of file |
1944 | 1 | 132 | ||
1945 | === modified file 'server/lib/include.php' | |||
1946 | --- server/lib/include.php 2011-06-05 16:17:41 +0000 | |||
1947 | +++ server/lib/include.php 2011-08-18 23:36:27 +0000 | |||
1948 | @@ -32,6 +32,7 @@ | |||
1949 | 32 | require_once("lib/app/pagemanager.class.php"); | 32 | require_once("lib/app/pagemanager.class.php"); |
1950 | 33 | require_once("lib/app/menumanager.class.php"); | 33 | require_once("lib/app/menumanager.class.php"); |
1951 | 34 | require_once("lib/app/modulemanager.class.php"); | 34 | require_once("lib/app/modulemanager.class.php"); |
1952 | 35 | require_once("lib/app/permissionmanager.class.php"); | ||
1953 | 35 | require_once("lib/app/formmanager.class.php"); | 36 | require_once("lib/app/formmanager.class.php"); |
1954 | 36 | require_once("lib/app/helpmanager.class.php"); | 37 | require_once("lib/app/helpmanager.class.php"); |
1955 | 37 | require_once("lib/app/responsemanager.class.php"); | 38 | require_once("lib/app/responsemanager.class.php"); |
1956 | 38 | 39 | ||
1957 | === modified file 'server/lib/js/core.js' | |||
1958 | --- server/lib/js/core.js 2010-08-01 10:45:26 +0000 | |||
1959 | +++ server/lib/js/core.js 2011-08-18 23:36:27 +0000 | |||
1960 | @@ -24,7 +24,7 @@ | |||
1961 | 24 | $('#system_message').dialog({ | 24 | $('#system_message').dialog({ |
1962 | 25 | title: "Application Message", | 25 | title: "Application Message", |
1963 | 26 | width: "320", | 26 | width: "320", |
1965 | 27 | height: "120", | 27 | height: "220", |
1966 | 28 | draggable: false, | 28 | draggable: false, |
1967 | 29 | resizable: false, | 29 | resizable: false, |
1968 | 30 | bgiframe: true, | 30 | bgiframe: true, |
1969 | @@ -299,6 +299,14 @@ | |||
1970 | 299 | $('input[type=text]', '#div_dialog').eq(0).focus(); | 299 | $('input[type=text]', '#div_dialog').eq(0).focus(); |
1971 | 300 | } | 300 | } |
1972 | 301 | 301 | ||
1973 | 302 | if (response.appendHiddenSubmit) { | ||
1974 | 303 | var hiddenField = '<input type="submit" style="display:none" />'; | ||
1975 | 304 | |||
1976 | 305 | if ($("input[type=submit]", "#div_dialog").length == 0) { | ||
1977 | 306 | $("form", "#div_dialog").append('<input type="submit" style="display:none" />'); | ||
1978 | 307 | } | ||
1979 | 308 | } | ||
1980 | 309 | |||
1981 | 302 | // Call Xibo Init for this form | 310 | // Call Xibo Init for this form |
1982 | 303 | XiboInitialise("#div_dialog"); | 311 | XiboInitialise("#div_dialog"); |
1983 | 304 | } | 312 | } |
1984 | @@ -410,8 +418,9 @@ | |||
1985 | 410 | } | 418 | } |
1986 | 411 | 419 | ||
1987 | 412 | // Should we display the message? | 420 | // Should we display the message? |
1990 | 413 | if (!response.hideMessage || response.message != '') { | 421 | if (!response.hideMessage) { |
1991 | 414 | SystemMessage(response.message); | 422 | if (response.message != '') |
1992 | 423 | SystemMessage(response.message); | ||
1993 | 415 | } | 424 | } |
1994 | 416 | 425 | ||
1995 | 417 | // Do we need to fire a callback function? | 426 | // Do we need to fire a callback function? |
1996 | 418 | 427 | ||
1997 | === added file 'server/lib/js/dataset.js' | |||
1998 | --- server/lib/js/dataset.js 1970-01-01 00:00:00 +0000 | |||
1999 | +++ server/lib/js/dataset.js 2011-08-18 23:36:27 +0000 | |||
2000 | @@ -0,0 +1,69 @@ | |||
2001 | 1 | /* | ||
2002 | 2 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
2003 | 3 | * Copyright (C) 2011 Daniel Garner | ||
2004 | 4 | * | ||
2005 | 5 | * This file is part of Xibo. | ||
2006 | 6 | * | ||
2007 | 7 | * Xibo is free software: you can redistribute it and/or modify | ||
2008 | 8 | * it under the terms of the GNU Affero General Public License as published by | ||
2009 | 9 | * the Free Software Foundation, either version 3 of the License, or | ||
2010 | 10 | * any later version. | ||
2011 | 11 | * | ||
2012 | 12 | * Xibo is distributed in the hope that it will be useful, | ||
2013 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
2014 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
2015 | 15 | * GNU Affero General Public License for more details. | ||
2016 | 16 | * | ||
2017 | 17 | * You should have received a copy of the GNU Affero General Public License | ||
2018 | 18 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
2019 | 19 | */ | ||
2020 | 20 | |||
2021 | 21 | var dataSetData = function() { | ||
2022 | 22 | $('.XiboDataSetDataForm').submit(function() { | ||
2023 | 23 | return false; | ||
2024 | 24 | }); | ||
2025 | 25 | |||
2026 | 26 | $('.XiboDataSetDataForm input').change(XiboDataSetDataFormChange); | ||
2027 | 27 | $('.XiboDataSetDataForm select').change(XiboDataSetDataFormChange); | ||
2028 | 28 | } | ||
2029 | 29 | |||
2030 | 30 | var XiboDataSetDataFormChange = function() { | ||
2031 | 31 | // Submit this form using AJAX. | ||
2032 | 32 | var url = $(this.form).attr("action") + "&ajax=true"; | ||
2033 | 33 | |||
2034 | 34 | $.ajax({ | ||
2035 | 35 | type:"post", | ||
2036 | 36 | url:url, | ||
2037 | 37 | cache:false, | ||
2038 | 38 | dataType:"json", | ||
2039 | 39 | data:$(this.form).serialize(), | ||
2040 | 40 | success: XiboDataSetDataFormSubmitResponse | ||
2041 | 41 | }); | ||
2042 | 42 | |||
2043 | 43 | return false; | ||
2044 | 44 | } | ||
2045 | 45 | |||
2046 | 46 | var XiboDataSetDataFormSubmitResponse = function(response) { | ||
2047 | 47 | |||
2048 | 48 | if (response.success) { | ||
2049 | 49 | $('#' + response.uniqueReference).attr("action", response.loadFormUri); | ||
2050 | 50 | } | ||
2051 | 51 | else { | ||
2052 | 52 | // Login Form needed? | ||
2053 | 53 | if (response.login) { | ||
2054 | 54 | LoginBox(response.message); | ||
2055 | 55 | return false; | ||
2056 | 56 | } | ||
2057 | 57 | else { | ||
2058 | 58 | // Just an error we dont know about | ||
2059 | 59 | if (response.message == undefined) { | ||
2060 | 60 | SystemMessage(response); | ||
2061 | 61 | } | ||
2062 | 62 | else { | ||
2063 | 63 | SystemMessage(response.message); | ||
2064 | 64 | } | ||
2065 | 65 | } | ||
2066 | 66 | } | ||
2067 | 67 | |||
2068 | 68 | return false; | ||
2069 | 69 | } | ||
2070 | 0 | \ No newline at end of file | 70 | \ No newline at end of file |
2071 | 1 | 71 | ||
2072 | === modified file 'server/lib/js/layout.js' | |||
2073 | --- server/lib/js/layout.js 2010-08-05 19:09:05 +0000 | |||
2074 | +++ server/lib/js/layout.js 2011-08-18 23:36:27 +0000 | |||
2075 | @@ -89,7 +89,7 @@ | |||
2076 | 89 | return false; //prevent submit | 89 | return false; //prevent submit |
2077 | 90 | } | 90 | } |
2078 | 91 | 91 | ||
2080 | 92 | function microblog_callback() | 92 | var microblog_callback = function() |
2081 | 93 | { | 93 | { |
2082 | 94 | // Conjure up a text editor | 94 | // Conjure up a text editor |
2083 | 95 | $("#ta_template").ckeditor(); | 95 | $("#ta_template").ckeditor(); |
2084 | @@ -169,7 +169,7 @@ | |||
2085 | 169 | var layoutid = $(t).attr("layoutid"); | 169 | var layoutid = $(t).attr("layoutid"); |
2086 | 170 | var regionid = $(t).attr("regionid"); | 170 | var regionid = $(t).attr("regionid"); |
2087 | 171 | 171 | ||
2089 | 172 | XiboFormRender("index.php?p=user&q=SetUserHomepageForm&layoutid="+layoutid+"®ionid="+regionid); | 172 | XiboFormRender("index.php?p=layout&q=RegionPermissionsForm&layoutid="+layoutid+"®ionid="+regionid); |
2090 | 173 | } | 173 | } |
2091 | 174 | } | 174 | } |
2092 | 175 | }); | 175 | }); |
2093 | @@ -195,7 +195,7 @@ | |||
2094 | 195 | 195 | ||
2095 | 196 | 196 | ||
2096 | 197 | // Preview | 197 | // Preview |
2098 | 198 | $('.region').each(function(){ | 198 | $('.regionPreview').each(function(){ |
2099 | 199 | new Preview(this); | 199 | new Preview(this); |
2100 | 200 | }); | 200 | }); |
2101 | 201 | 201 | ||
2102 | 202 | 202 | ||
2103 | === modified file 'server/lib/js/mediamanager.js' | |||
2104 | --- server/lib/js/mediamanager.js 2009-12-31 11:38:50 +0000 | |||
2105 | +++ server/lib/js/mediamanager.js 2011-08-18 23:36:27 +0000 | |||
2106 | @@ -1,6 +1,6 @@ | |||
2107 | 1 | /* | 1 | /* |
2108 | 2 | * Xibo - Digitial Signage - http://www.xibo.org.uk | 2 | * Xibo - Digitial Signage - http://www.xibo.org.uk |
2110 | 3 | * Copyright (C) 2006,2007,2008 Daniel Garner and James Packer | 3 | * Copyright (C) 2011 Daniel Garner |
2111 | 4 | * | 4 | * |
2112 | 5 | * This file is part of Xibo. | 5 | * This file is part of Xibo. |
2113 | 6 | * | 6 | * |
2114 | @@ -16,121 +16,69 @@ | |||
2115 | 16 | * | 16 | * |
2116 | 17 | * You should have received a copy of the GNU Affero General Public License | 17 | * You should have received a copy of the GNU Affero General Public License |
2117 | 18 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | 18 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
2118 | 19 | */ | ||
2119 | 20 | $(document).ready(function() { | ||
2120 | 21 | |||
2121 | 22 | }); | ||
2122 | 23 | |||
2123 | 24 | var exec_filter_callback = function() { | ||
2124 | 25 | |||
2125 | 26 | } | ||
2126 | 27 | |||
2127 | 28 | var submit_form_callback = function(outputDiv) { | ||
2128 | 29 | |||
2129 | 30 | //Just refresh | ||
2130 | 31 | //window.location = window.location.href; | ||
2131 | 32 | |||
2132 | 33 | return false; | ||
2133 | 34 | } | ||
2134 | 35 | |||
2135 | 36 | var region_options_callback = function(outputDiv) | ||
2136 | 37 | { | ||
2137 | 38 | set_form_size(830,450); | ||
2138 | 39 | |||
2139 | 40 | //Get all the tooltip_hidden | ||
2140 | 41 | $(".tooltip_hidden").parent().hover(function() | ||
2141 | 42 | { | ||
2142 | 43 | //Change the hidden div's content | ||
2143 | 44 | $('#tooltip_hover').html($(".tooltip_hidden",this).html()).css("left",$(this).css("left")).show(); | ||
2144 | 45 | }, function() | ||
2145 | 46 | { | ||
2146 | 47 | $('#tooltip_hover').hide(); | ||
2147 | 48 | }); | ||
2148 | 49 | |||
2149 | 50 | //Make the elements draggable | ||
2150 | 51 | $(".timebar_ctl").draggable({ | ||
2151 | 52 | containment: document.getElementById("timeline_ctl") | ||
2152 | 53 | }); | ||
2153 | 54 | |||
2154 | 55 | $(".mediabreak").droppable({ | ||
2155 | 56 | accept: ".timebar_ctl", | ||
2156 | 57 | drop: function(ev, ui) { | ||
2157 | 58 | orderRegion(ui, this); | ||
2158 | 59 | } | ||
2159 | 60 | }); | ||
2160 | 61 | } | ||
2161 | 62 | |||
2162 | 63 | function orderRegion(timeBar, mediaBreak){ | ||
2163 | 64 | var layoutid = $(timeBar.element.offsetParent).attr("layoutid"); | ||
2164 | 65 | var regionid = $(timeBar.element.offsetParent).attr("regionid"); | ||
2165 | 66 | var mediaid = $(timeBar.element).attr("mediaid"); | ||
2166 | 67 | var sequence = $(mediaBreak).attr("breakid"); | ||
2167 | 68 | |||
2168 | 69 | $.ajax({ | ||
2169 | 70 | type: "post", | ||
2170 | 71 | url: "index.php?p=layout&q=RegionOrder&layoutid=" + layoutid + "&callingpage=mediamanager&ajax=true", | ||
2171 | 72 | cache: false, | ||
2172 | 73 | datatype: "html", | ||
2173 | 74 | data: { | ||
2174 | 75 | "mediaid": mediaid, | ||
2175 | 76 | "sequence": sequence, | ||
2176 | 77 | "regionid": regionid | ||
2177 | 78 | }, | ||
2178 | 79 | success: function(transport){ | ||
2179 | 80 | |||
2180 | 81 | var response = transport.split('|'); | ||
2181 | 82 | |||
2182 | 83 | if (response[0] == '0') { | ||
2183 | 84 | //success | ||
2184 | 85 | //Post notice somewhere? | ||
2185 | 86 | } | ||
2186 | 87 | else | ||
2187 | 88 | if (response[0] == '1') //failure | ||
2188 | 89 | { | ||
2189 | 90 | |||
2190 | 91 | alert(response[1]); | ||
2191 | 92 | } | ||
2192 | 93 | else | ||
2193 | 94 | if (response[0] == '2') //login | ||
2194 | 95 | { | ||
2195 | 96 | alert("You need to login"); | ||
2196 | 97 | } | ||
2197 | 98 | else | ||
2198 | 99 | if (response[0] == '3') { | ||
2199 | 100 | window.location = response[1]; //redirect | ||
2200 | 101 | } | ||
2201 | 102 | else | ||
2202 | 103 | if (response[0] == '6') //success, load form | ||
2203 | 104 | { | ||
2204 | 105 | //we need: uri, callback, onsubmit | ||
2205 | 106 | var uri = response[1]; | ||
2206 | 107 | var callback = response[2]; | ||
2207 | 108 | var onsubmit = response[3]; | ||
2208 | 109 | |||
2209 | 110 | load_form(uri, $('#div_dialog'), callback, onsubmit); | ||
2210 | 111 | } | ||
2211 | 112 | else { | ||
2212 | 113 | alert("An unknown error occured"); | ||
2213 | 114 | } | ||
2214 | 115 | |||
2215 | 116 | return false; | ||
2216 | 117 | } | ||
2217 | 118 | }); | ||
2218 | 119 | } | ||
2219 | 120 | |||
2220 | 121 | function dialog_filter() { | ||
2221 | 122 | exec_filter('stack_filter_form','dialog_grid'); | ||
2222 | 123 | |||
2223 | 124 | return false; | ||
2224 | 125 | } | ||
2225 | 126 | |||
2226 | 127 | /** | ||
2227 | 128 | * Handles the tRegionOptions trigger | ||
2228 | 129 | */ | 19 | */ |
2235 | 130 | function tRegionOptions() | 20 | var text_callback = function() |
2236 | 131 | { | 21 | { |
2237 | 132 | var regionid = gup("regionid"); | 22 | // Conjure up a text editor |
2238 | 133 | var layoutid = gup("layoutid"); | 23 | $("#ta_text").ckeditor(); |
2239 | 134 | 24 | ||
2240 | 135 | load_form('index.php?p=layout&layoutid='+layoutid+'®ionid='+regionid+'&q=RegionOptions', $('#div_dialog'),'',region_options_callback); | 25 | // Make sure when we close the dialog we also destroy the editor |
2241 | 26 | $("#div_dialog").bind("dialogclose.xibo", function(event, ui){ | ||
2242 | 27 | $("#ta_text").ckeditorGet().destroy(); | ||
2243 | 28 | $("#div_dialog").unbind("dialogclose.xibo"); | ||
2244 | 29 | }) | ||
2245 | 30 | |||
2246 | 31 | var regionid = $("#iRegionId").val(); | ||
2247 | 32 | var width = $("#region_"+regionid).width(); | ||
2248 | 33 | var height = $("#region_"+regionid).height(); | ||
2249 | 34 | |||
2250 | 35 | // Min width | ||
2251 | 36 | if (width < 800) width = 800; | ||
2252 | 37 | |||
2253 | 38 | // Adjust the width and height | ||
2254 | 39 | width = width + 80; | ||
2255 | 40 | height = height + 295; | ||
2256 | 41 | |||
2257 | 42 | $('#div_dialog').height(height+"px"); | ||
2258 | 43 | $('#div_dialog').dialog('option', 'width', width); | ||
2259 | 44 | $('#div_dialog').dialog('option', 'height', height); | ||
2260 | 45 | $('#div_dialog').dialog('option', 'position', 'center'); | ||
2261 | 46 | |||
2262 | 47 | return false; //prevent submit | ||
2263 | 48 | } | ||
2264 | 49 | |||
2265 | 50 | var microblog_callback = function() | ||
2266 | 51 | { | ||
2267 | 52 | // Conjure up a text editor | ||
2268 | 53 | $("#ta_template").ckeditor(); | ||
2269 | 54 | $("#ta_nocontent").ckeditor(); | ||
2270 | 55 | |||
2271 | 56 | // Make sure when we close the dialog we also destroy the editor | ||
2272 | 57 | $("#div_dialog").bind("dialogclose.xibo", function(event, ui){ | ||
2273 | 58 | $("#ta_template").ckeditorGet().destroy(); | ||
2274 | 59 | $("#ta_nocontent").ckeditorGet().destroy(); | ||
2275 | 60 | |||
2276 | 61 | $("#div_dialog").unbind("dialogclose.xibo"); | ||
2277 | 62 | }) | ||
2278 | 63 | |||
2279 | 64 | var regionid = $("#iRegionId").val(); | ||
2280 | 65 | var width = $("#region_"+regionid).width(); | ||
2281 | 66 | var height = $("#region_"+regionid).height(); | ||
2282 | 67 | |||
2283 | 68 | //Min width | ||
2284 | 69 | if (width < 800) width = 800; | ||
2285 | 70 | height = height - 170; | ||
2286 | 71 | |||
2287 | 72 | // Min height | ||
2288 | 73 | if (height < 300) height = 300; | ||
2289 | 74 | |||
2290 | 75 | width = width + 80; | ||
2291 | 76 | height = height + 480; | ||
2292 | 77 | |||
2293 | 78 | $('#div_dialog').height(height+"px"); | ||
2294 | 79 | $('#div_dialog').dialog('option', 'width', width); | ||
2295 | 80 | $('#div_dialog').dialog('option', 'height', height); | ||
2296 | 81 | $('#div_dialog').dialog('option', 'position', 'center'); | ||
2297 | 82 | |||
2298 | 83 | return false; //prevent submit | ||
2299 | 136 | } | 84 | } |
2300 | 137 | \ No newline at end of file | 85 | \ No newline at end of file |
2301 | 138 | 86 | ||
2302 | === modified file 'server/lib/modules/module.class.php' | |||
2303 | --- server/lib/modules/module.class.php 2010-08-28 13:20:11 +0000 | |||
2304 | +++ server/lib/modules/module.class.php 2011-08-18 23:36:27 +0000 | |||
2305 | @@ -27,13 +27,15 @@ | |||
2306 | 27 | protected $user; | 27 | protected $user; |
2307 | 28 | protected $region; | 28 | protected $region; |
2308 | 29 | protected $response; | 29 | protected $response; |
2309 | 30 | public $auth; | ||
2310 | 31 | protected $type; | ||
2311 | 32 | protected $displayType; | ||
2312 | 30 | 33 | ||
2313 | 31 | protected $layoutid; | 34 | protected $layoutid; |
2314 | 32 | protected $regionid; | 35 | protected $regionid; |
2315 | 33 | 36 | ||
2316 | 34 | protected $mediaid; | 37 | protected $mediaid; |
2317 | 35 | protected $name; | 38 | protected $name; |
2318 | 36 | protected $type; | ||
2319 | 37 | private $schemaVersion; | 39 | private $schemaVersion; |
2320 | 38 | protected $regionSpecific; | 40 | protected $regionSpecific; |
2321 | 39 | protected $duration; | 41 | protected $duration; |
2322 | @@ -45,6 +47,9 @@ | |||
2323 | 45 | 47 | ||
2324 | 46 | protected $existingMedia; | 48 | protected $existingMedia; |
2325 | 47 | protected $deleteFromRegion; | 49 | protected $deleteFromRegion; |
2326 | 50 | protected $showRegionOptions; | ||
2327 | 51 | protected $originalUserId; | ||
2328 | 52 | protected $assignedMedia; | ||
2329 | 48 | 53 | ||
2330 | 49 | /** | 54 | /** |
2331 | 50 | * Constructor - sets up this media object with all the available information | 55 | * Constructor - sets up this media object with all the available information |
2332 | @@ -73,12 +78,13 @@ | |||
2333 | 73 | 78 | ||
2334 | 74 | $this->existingMedia = false; | 79 | $this->existingMedia = false; |
2335 | 75 | $this->deleteFromRegion = false; | 80 | $this->deleteFromRegion = false; |
2337 | 76 | $this->duration = ''; | 81 | $this->showRegionOptions = Kit::GetParam('showRegionOptions', _REQUEST, _INT, 1); |
2338 | 82 | $this->duration = ''; | ||
2339 | 77 | 83 | ||
2340 | 78 | // Determine which type this module is | 84 | // Determine which type this module is |
2341 | 79 | $this->SetModuleInformation(); | 85 | $this->SetModuleInformation(); |
2342 | 80 | 86 | ||
2344 | 81 | Debug::LogEntry($db, 'audit', 'New module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid); | 87 | Debug::LogEntry($db, 'audit', 'Module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid); |
2345 | 82 | 88 | ||
2346 | 83 | // Either the information from the region - or some blanks | 89 | // Either the information from the region - or some blanks |
2347 | 84 | $this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid); | 90 | $this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid); |
2348 | @@ -135,18 +141,20 @@ | |||
2349 | 135 | */ | 141 | */ |
2350 | 136 | final private function SetMediaInformation($layoutid, $regionid, $mediaid, $lkid) | 142 | final private function SetMediaInformation($layoutid, $regionid, $mediaid, $lkid) |
2351 | 137 | { | 143 | { |
2355 | 138 | $db =& $this->db; | 144 | $db =& $this->db; |
2356 | 139 | $region =& $this->region; | 145 | $region =& $this->region; |
2357 | 140 | $xmlDoc = new DOMDocument(); | 146 | $xmlDoc = new DOMDocument(); |
2358 | 141 | 147 | ||
2359 | 142 | if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '') | 148 | if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '') |
2360 | 143 | { | 149 | { |
2361 | 150 | // Existing media that is assigned to a layout | ||
2362 | 144 | $this->existingMedia = true; | 151 | $this->existingMedia = true; |
2363 | 152 | $this->assignedMedia = true; | ||
2364 | 145 | 153 | ||
2365 | 146 | // Set the layout Xml | 154 | // Set the layout Xml |
2366 | 147 | $layoutXml = $region->GetLayoutXml($layoutid); | 155 | $layoutXml = $region->GetLayoutXml($layoutid); |
2367 | 148 | 156 | ||
2369 | 149 | Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml); | 157 | //Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml); |
2370 | 150 | 158 | ||
2371 | 151 | $layoutDoc = new DOMDocument(); | 159 | $layoutDoc = new DOMDocument(); |
2372 | 152 | $layoutDoc->loadXML($layoutXml); | 160 | $layoutDoc->loadXML($layoutXml); |
2373 | @@ -173,10 +181,17 @@ | |||
2374 | 173 | 181 | ||
2375 | 174 | // Get the LK id if we do not have one provided | 182 | // Get the LK id if we do not have one provided |
2376 | 175 | if ($lkid == '') | 183 | if ($lkid == '') |
2378 | 176 | $this->lkid = $mediaNode->getAttribute('lkid'); | 184 | $this->lkid = $mediaNode->getAttribute('lkid'); |
2379 | 185 | |||
2380 | 186 | $this->originalUserId = $mediaNode->getAttribute('userId'); | ||
2381 | 187 | |||
2382 | 188 | // Make sure we have permissions | ||
2383 | 189 | $this->auth = $this->user->MediaAssignmentAuth($this->originalUserId, $this->layoutid, $this->regionid, $this->mediaid, true); | ||
2384 | 177 | 190 | ||
2385 | 178 | $mediaNode = $xmlDoc->importNode($mediaNode, true); | 191 | $mediaNode = $xmlDoc->importNode($mediaNode, true); |
2386 | 179 | $xmlDoc->documentElement->appendChild($mediaNode); | 192 | $xmlDoc->documentElement->appendChild($mediaNode); |
2387 | 193 | |||
2388 | 194 | Debug::LogEntry($db, 'audit', 'Existing Assigned Media XML is: \n ' . $xmlDoc->saveXML(), 'module', 'SetMediaInformation'); | ||
2389 | 180 | } | 195 | } |
2390 | 181 | else | 196 | else |
2391 | 182 | { | 197 | { |
2392 | @@ -186,9 +201,10 @@ | |||
2393 | 186 | // But this is some existing media | 201 | // But this is some existing media |
2394 | 187 | // Therefore make sure we get the bare minimum! | 202 | // Therefore make sure we get the bare minimum! |
2395 | 188 | $this->existingMedia = true; | 203 | $this->existingMedia = true; |
2396 | 204 | $this->assignedMedia = false; | ||
2397 | 189 | 205 | ||
2398 | 190 | // Load what we know about this media into the object | 206 | // Load what we know about this media into the object |
2400 | 191 | $SQL = "SELECT duration, name FROM media WHERE mediaID = '$mediaid'"; | 207 | $SQL = "SELECT duration, name, UserId FROM media WHERE mediaID = '$mediaid'"; |
2401 | 192 | 208 | ||
2402 | 193 | Debug::LogEntry($db, 'audit', $SQL, 'Module', 'SetMediaInformation'); | 209 | Debug::LogEntry($db, 'audit', $SQL, 'Module', 'SetMediaInformation'); |
2403 | 194 | 210 | ||
2404 | @@ -199,15 +215,23 @@ | |||
2405 | 199 | 215 | ||
2406 | 200 | if ($db->num_rows($result) != 0) | 216 | if ($db->num_rows($result) != 0) |
2407 | 201 | { | 217 | { |
2411 | 202 | $row = $db->get_row($result); | 218 | $row = $db->get_row($result); |
2412 | 203 | $this->duration = $row[0]; | 219 | $this->duration = $row[0]; |
2413 | 204 | $this->name = $row[1]; | 220 | $this->name = $row[1]; |
2414 | 221 | $this->originalUserId = $row[2]; | ||
2415 | 205 | } | 222 | } |
2416 | 223 | |||
2417 | 224 | $this->auth = $this->user->MediaAuth($this->mediaid, true); | ||
2418 | 225 | } | ||
2419 | 226 | else | ||
2420 | 227 | { | ||
2421 | 228 | // New assignment, therefore user and permissions are defaulted | ||
2422 | 229 | $this->originalUserId = $this->user->userid; | ||
2423 | 206 | } | 230 | } |
2424 | 207 | 231 | ||
2425 | 208 | $xml = <<<XML | 232 | $xml = <<<XML |
2426 | 209 | <root> | 233 | <root> |
2428 | 210 | <media id="" type="$this->type" duration="" lkid="" schemaVersion="$this->schemaVersion"> | 234 | <media id="" type="$this->type" duration="" lkid="" userId="$this->originalUserId" schemaVersion="$this->schemaVersion"> |
2429 | 211 | <options /> | 235 | <options /> |
2430 | 212 | <raw /> | 236 | <raw /> |
2431 | 213 | </media> | 237 | </media> |
2432 | @@ -217,9 +241,6 @@ | |||
2433 | 217 | } | 241 | } |
2434 | 218 | 242 | ||
2435 | 219 | $this->xml = $xmlDoc; | 243 | $this->xml = $xmlDoc; |
2436 | 220 | |||
2437 | 221 | Debug::LogEntry($db, 'audit', 'XML is: ' . $this->xml->saveXML()); | ||
2438 | 222 | |||
2439 | 223 | return true; | 244 | return true; |
2440 | 224 | } | 245 | } |
2441 | 225 | 246 | ||
2442 | @@ -257,6 +278,7 @@ | |||
2443 | 257 | $mediaNode->setAttribute('id', $this->mediaid); | 278 | $mediaNode->setAttribute('id', $this->mediaid); |
2444 | 258 | $mediaNode->setAttribute('duration', $this->duration); | 279 | $mediaNode->setAttribute('duration', $this->duration); |
2445 | 259 | $mediaNode->setAttribute('type', $this->type); | 280 | $mediaNode->setAttribute('type', $this->type); |
2446 | 281 | $mediaNode->setAttribute('userId', $this->originalUserId); | ||
2447 | 260 | 282 | ||
2448 | 261 | return $this->xml->saveXML($mediaNode); | 283 | return $this->xml->saveXML($mediaNode); |
2449 | 262 | } | 284 | } |
2450 | @@ -439,37 +461,150 @@ | |||
2451 | 439 | */ | 461 | */ |
2452 | 440 | public function DeleteForm() | 462 | public function DeleteForm() |
2453 | 441 | { | 463 | { |
2485 | 442 | $db =& $this->db; | 464 | $db =& $this->db; |
2486 | 443 | 465 | $helpManager = new HelpManager($db, $this->user); | |
2487 | 444 | //Parameters | 466 | $this->response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link($this->type, 'Delete') . '")'); |
2488 | 445 | $layoutid = $this->layoutid; | 467 | |
2489 | 446 | $regionid = $this->regionid; | 468 | //Parameters |
2490 | 447 | $mediaid = $this->mediaid; | 469 | $layoutid = $this->layoutid; |
2491 | 448 | 470 | $regionid = $this->regionid; | |
2492 | 449 | // Messages | 471 | $mediaid = $this->mediaid; |
2493 | 450 | $msgTitle = __('Return to the Region Options'); | 472 | $lkid = $this->lkid; |
2494 | 451 | $msgWarn = __('Are you sure you want to remove this item from Xibo?'); | 473 | $userid = $this->user->userid; |
2495 | 452 | $msgWarnLost = __('It will be lost'); | 474 | |
2496 | 453 | 475 | // Can this user delete? | |
2497 | 454 | //we can delete | 476 | if (!$this->auth->del) |
2498 | 455 | $form = <<<END | 477 | { |
2499 | 456 | <form class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia"> | 478 | $this->response->SetError('You do not have permission to delete this media.'); |
2500 | 457 | <input type="hidden" name="mediaid" value="$mediaid"> | 479 | $this->response->keepOpen = false; |
2501 | 458 | <input type="hidden" name="layoutid" value="$layoutid"> | 480 | return $this->response; |
2502 | 459 | <input type="hidden" name="regionid" value="$regionid"> | 481 | } |
2503 | 460 | <p>$msgWarn <span class="required">$msgWarnLost</span>.</p> | 482 | |
2504 | 461 | <input id="btnSave" type="submit" value="Yes" /> | 483 | // Messages |
2505 | 462 | <input class="XiboFormButton" id="btnCancel" type="button" title="$msgTitle" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="No" /> | 484 | $msgTitle = __('Return to the Region Options'); |
2506 | 463 | </form> | 485 | $msgWarn = __('Are you sure you want to remove this item from Xibo?'); |
2507 | 464 | END; | 486 | $msgWarnLost = __('It will be lost'); |
2508 | 465 | 487 | $msgYes = __('Yes'); | |
2509 | 466 | $this->response->html = $form; | 488 | $msgNo = __('No'); |
2510 | 467 | $this->response->dialogTitle = __('Delete Item'); | 489 | |
2511 | 468 | $this->response->dialogSize = true; | 490 | if ($this->regionSpecific) |
2512 | 469 | $this->response->dialogWidth = '450px'; | 491 | { |
2513 | 470 | $this->response->dialogHeight = '150px'; | 492 | $form = <<<END |
2514 | 471 | 493 | <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia"> | |
2515 | 472 | return $this->response; | 494 | <input type="hidden" name="mediaid" value="$mediaid"> |
2516 | 495 | <input type="hidden" name="layoutid" value="$layoutid"> | ||
2517 | 496 | <input type="hidden" name="regionid" value="$regionid"> | ||
2518 | 497 | <p>$msgWarn <span class="required">$msgWarnLost</span>.</p> | ||
2519 | 498 | </form> | ||
2520 | 499 | END; | ||
2521 | 500 | $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '®ionid=' . $regionid . '&q=RegionOptions")'); | ||
2522 | 501 | $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()'); | ||
2523 | 502 | } | ||
2524 | 503 | else | ||
2525 | 504 | { | ||
2526 | 505 | // This is for library based media | ||
2527 | 506 | $options = ''; | ||
2528 | 507 | |||
2529 | 508 | // Always have the abilty to unassign from the region | ||
2530 | 509 | $options .= 'unassign|' . __('Unassign from this region only'); | ||
2531 | 510 | |||
2532 | 511 | // Is this user allowed to edit this media? | ||
2533 | 512 | if ($this->auth->edit) | ||
2534 | 513 | { | ||
2535 | 514 | // Load what we know about this media into the object | ||
2536 | 515 | $SQL = "SELECT IFNULL(editedMediaID, 0) AS editedMediaID FROM media WHERE mediaID = $mediaid "; | ||
2537 | 516 | $editedMediaID = $db->GetSingleValue($SQL, 'editedMediaID', _INT); | ||
2538 | 517 | |||
2539 | 518 | if ($editedMediaID === false) | ||
2540 | 519 | { | ||
2541 | 520 | trigger_error($editedMediaID . $db->error()); | ||
2542 | 521 | $this->response->SetError(__('Error querying for the Media information')); | ||
2543 | 522 | $this->response->keepOpen = true; | ||
2544 | 523 | return $this->response; | ||
2545 | 524 | } | ||
2546 | 525 | |||
2547 | 526 | $options .= ',retire|' . __('Unassign from this region and retire'); | ||
2548 | 527 | |||
2549 | 528 | // Is this media retired? | ||
2550 | 529 | $revised = false; | ||
2551 | 530 | if ($editedMediaID != 0) | ||
2552 | 531 | $revised = true; | ||
2553 | 532 | |||
2554 | 533 | // Is this media being used anywhere else? | ||
2555 | 534 | if ($layoutid == '') | ||
2556 | 535 | { | ||
2557 | 536 | $SQL = sprintf('SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d ', $mediaid); | ||
2558 | 537 | $options = ''; | ||
2559 | 538 | } | ||
2560 | 539 | else | ||
2561 | 540 | { | ||
2562 | 541 | $SQL = sprintf("SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d AND layoutid <> %d AND regionID <> '%s' ", $mediaid, $layoutid, $regionid); | ||
2563 | 542 | } | ||
2564 | 543 | |||
2565 | 544 | if (!$results = $db->query($SQL)) | ||
2566 | 545 | { | ||
2567 | 546 | trigger_error($db->error()); | ||
2568 | 547 | |||
2569 | 548 | $this->response->SetError(__('Cannot determine if this media has been used.')); | ||
2570 | 549 | $this->response->keepOpen = true; | ||
2571 | 550 | return $this->response; | ||
2572 | 551 | } | ||
2573 | 552 | |||
2574 | 553 | if ($db->num_rows($results) == 0 && !$revised) | ||
2575 | 554 | { | ||
2576 | 555 | $options .= ',delete|' . __('Delete this media'); | ||
2577 | 556 | } | ||
2578 | 557 | else | ||
2579 | 558 | { | ||
2580 | 559 | $options .= ',retire|' . __('Retire this media'); | ||
2581 | 560 | } | ||
2582 | 561 | } | ||
2583 | 562 | else | ||
2584 | 563 | { | ||
2585 | 564 | // If this is the normal content page then say they cant edit, otherwise display the form with only the unassign option | ||
2586 | 565 | if ($layoutid == '') | ||
2587 | 566 | { | ||
2588 | 567 | $this->response->SetError(__('You do not have permission to alter/delete this media.')); | ||
2589 | 568 | $this->response->keepOpen = true; | ||
2590 | 569 | return $this->response; | ||
2591 | 570 | } | ||
2592 | 571 | } | ||
2593 | 572 | |||
2594 | 573 | $options = ltrim($options, ','); | ||
2595 | 574 | |||
2596 | 575 | $deleteOptions = listcontent($options, 'options'); | ||
2597 | 576 | |||
2598 | 577 | $msgWarn = __('Are you sure you want to delete this media?'); | ||
2599 | 578 | $msgSelect = __('Please select from the following options'); | ||
2600 | 579 | $msgCaution = __('Warning! You cannot undo this operation'); | ||
2601 | 580 | |||
2602 | 581 | //we can delete | ||
2603 | 582 | $form = <<<END | ||
2604 | 583 | <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=DeleteMedia"> | ||
2605 | 584 | <input type="hidden" name="mediaid" value="$mediaid"> | ||
2606 | 585 | <input type="hidden" name="lkid" value="$lkid"> | ||
2607 | 586 | <input type="hidden" name="layoutid" value="$layoutid"> | ||
2608 | 587 | <input type="hidden" name="regionid" value="$regionid"> | ||
2609 | 588 | <p>$msgWarn</p> | ||
2610 | 589 | <p>$msgSelect: $deleteOptions </p> | ||
2611 | 590 | <p>$msgCaution</p> | ||
2612 | 591 | </form> | ||
2613 | 592 | END; | ||
2614 | 593 | if ($layoutid == '') | ||
2615 | 594 | $this->response->AddButton(__('No'), 'XiboDialogClose()'); | ||
2616 | 595 | else | ||
2617 | 596 | $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '®ionid=' . $regionid . '&q=RegionOptions")'); | ||
2618 | 597 | |||
2619 | 598 | $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()'); | ||
2620 | 599 | } | ||
2621 | 600 | |||
2622 | 601 | $this->response->html = $form; | ||
2623 | 602 | $this->response->dialogTitle = __('Delete Media'); | ||
2624 | 603 | $this->response->dialogSize = true; | ||
2625 | 604 | $this->response->dialogWidth = '450px'; | ||
2626 | 605 | $this->response->dialogHeight = '280px'; | ||
2627 | 606 | |||
2628 | 607 | return $this->response; | ||
2629 | 473 | } | 608 | } |
2630 | 474 | 609 | ||
2631 | 475 | /** | 610 | /** |
2632 | @@ -478,21 +613,93 @@ | |||
2633 | 478 | */ | 613 | */ |
2634 | 479 | public function DeleteMedia() | 614 | public function DeleteMedia() |
2635 | 480 | { | 615 | { |
2651 | 481 | $db =& $this->db; | 616 | $db =& $this->db; |
2652 | 482 | 617 | ||
2653 | 483 | $layoutid = $this->layoutid; | 618 | $layoutid = $this->layoutid; |
2654 | 484 | $regionid = $this->regionid; | 619 | $regionid = $this->regionid; |
2655 | 485 | 620 | $mediaid = $this->mediaid; | |
2656 | 486 | $url = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions"; | 621 | |
2657 | 487 | 622 | $url = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions"; | |
2658 | 488 | $this->deleteFromRegion = true; | 623 | |
2659 | 489 | $this->UpdateRegion(); | 624 | if (!$this->auth->del) |
2660 | 490 | 625 | { | |
2661 | 491 | // We want to load a new form | 626 | $this->response->SetError('You do not have permission to delete this assignment.'); |
2662 | 492 | $this->response->loadForm = true; | 627 | $this->response->keepOpen = false; |
2663 | 493 | $this->response->loadFormUri= $url; | 628 | return $this->response; |
2664 | 494 | 629 | } | |
2665 | 495 | return $this->response; | 630 | |
2666 | 631 | if ($layoutid != '') | ||
2667 | 632 | { | ||
2668 | 633 | Kit::ClassLoader('layoutmediagroupsecurity'); | ||
2669 | 634 | $security = new LayoutMediaGroupSecurity($db); | ||
2670 | 635 | |||
2671 | 636 | if (!$security->UnlinkAll($layoutid, $regionid, $this->mediaid)) | ||
2672 | 637 | trigger_error($security->GetErrorMessage(), E_USER_ERROR); | ||
2673 | 638 | |||
2674 | 639 | $this->deleteFromRegion = true; | ||
2675 | 640 | $this->UpdateRegion(); | ||
2676 | 641 | } | ||
2677 | 642 | |||
2678 | 643 | // Are we region specific media? | ||
2679 | 644 | if (!$this->regionSpecific) | ||
2680 | 645 | { | ||
2681 | 646 | $options = Kit::GetParam('options', _POST, _WORD); | ||
2682 | 647 | |||
2683 | 648 | // If we are set to retire we retire | ||
2684 | 649 | if ($options == 'retire') | ||
2685 | 650 | { | ||
2686 | 651 | //Update the media record to say it is retired | ||
2687 | 652 | $SQL = sprintf("UPDATE media SET retired = 1 WHERE mediaid = %d ", $mediaid); | ||
2688 | 653 | |||
2689 | 654 | if (!$db->query($SQL)) | ||
2690 | 655 | { | ||
2691 | 656 | trigger_error($db->error()); | ||
2692 | 657 | |||
2693 | 658 | $this->response->SetError(__('Database error retiring this media record.')); | ||
2694 | 659 | $this->response->keepOpen = true; | ||
2695 | 660 | return $this->response; | ||
2696 | 661 | } | ||
2697 | 662 | } | ||
2698 | 663 | |||
2699 | 664 | // If we are set to delete, we delete | ||
2700 | 665 | if ($options == 'delete') | ||
2701 | 666 | { | ||
2702 | 667 | // Get the file location from the database | ||
2703 | 668 | $storedAs = $db->GetSingleValue(sprintf("SELECT storedAs FROM media WHERE mediaid = %d", $mediaid), 'storedAs', _FILENAME); | ||
2704 | 669 | |||
2705 | 670 | // Remove permission assignments | ||
2706 | 671 | Kit::ClassLoader('mediagroupsecurity'); | ||
2707 | 672 | |||
2708 | 673 | $security = new MediaGroupSecurity($db); | ||
2709 | 674 | |||
2710 | 675 | if (!$security->UnlinkAll($mediaid)) | ||
2711 | 676 | trigger_error($security->GetErrorMessage(), E_USER_ERROR); | ||
2712 | 677 | |||
2713 | 678 | //Update the media record to say it is retired | ||
2714 | 679 | $SQL = sprintf("DELETE FROM media WHERE mediaid = %d ", $mediaid); | ||
2715 | 680 | |||
2716 | 681 | if (!$db->query($SQL)) | ||
2717 | 682 | { | ||
2718 | 683 | trigger_error($db->error()); | ||
2719 | 684 | |||
2720 | 685 | $this->response->SetError(__('Database error deleting this media record.')); | ||
2721 | 686 | $this->response->keepOpen = true; | ||
2722 | 687 | return $this->response; | ||
2723 | 688 | } | ||
2724 | 689 | |||
2725 | 690 | $this->DeleteMediaFiles($storedAs); | ||
2726 | 691 | } | ||
2727 | 692 | |||
2728 | 693 | $this->response->message = __('Media Deleted'); | ||
2729 | 694 | } | ||
2730 | 695 | else | ||
2731 | 696 | { | ||
2732 | 697 | // We want to load a new form | ||
2733 | 698 | $this->response->loadForm = true; | ||
2734 | 699 | $this->response->loadFormUri= $url; | ||
2735 | 700 | } | ||
2736 | 701 | |||
2737 | 702 | return $this->response; | ||
2738 | 496 | } | 703 | } |
2739 | 497 | 704 | ||
2740 | 498 | /** | 705 | /** |
2741 | @@ -513,6 +720,118 @@ | |||
2742 | 513 | return $this->response; | 720 | return $this->response; |
2743 | 514 | } | 721 | } |
2744 | 515 | 722 | ||
2745 | 723 | protected function AddFormForLibraryMedia() | ||
2746 | 724 | { | ||
2747 | 725 | global $session; | ||
2748 | 726 | $db =& $this->db; | ||
2749 | 727 | $user =& $this->user; | ||
2750 | 728 | |||
2751 | 729 | // Would like to get the regions width / height | ||
2752 | 730 | $layoutid = $this->layoutid; | ||
2753 | 731 | $regionid = $this->regionid; | ||
2754 | 732 | |||
2755 | 733 | // Set the Session / Security information | ||
2756 | 734 | $sessionId = session_id(); | ||
2757 | 735 | $securityToken = CreateFormToken(); | ||
2758 | 736 | $backgroundImage = Kit::GetParam('backgroundImage', _GET, _BOOL, false); | ||
2759 | 737 | |||
2760 | 738 | $session->setSecurityToken($securityToken); | ||
2761 | 739 | |||
2762 | 740 | //Get the default value for the shared list | ||
2763 | 741 | $default = Config::GetSetting($db, 'defaultMedia'); | ||
2764 | 742 | $defaultDuration = Config::GetSetting($db, 'jpg_length'); | ||
2765 | 743 | |||
2766 | 744 | // Save button is different depending on if we are on a region or not | ||
2767 | 745 | if ($regionid != '' && $this->showRegionOptions) | ||
2768 | 746 | { | ||
2769 | 747 | setSession('content','mediatype', $this->type); | ||
2770 | 748 | |||
2771 | 749 | $save_button = <<<END | ||
2772 | 750 | <input id="btnSave" type="submit" value="Save" disabled /> | ||
2773 | 751 | <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="Cancel" /> | ||
2774 | 752 | <input class="XiboFormButton" type="button" href="index.php?p=content&q=LibraryAssignForm&layoutid=$layoutid®ionid=$regionid" title="Library" value="Library" /> | ||
2775 | 753 | END; | ||
2776 | 754 | } | ||
2777 | 755 | elseif ($regionid != '' && !$this->showRegionOptions) | ||
2778 | 756 | { | ||
2779 | 757 | $save_button = <<<END | ||
2780 | 758 | <input id="btnSave" type="submit" value="Save" disabled /> | ||
2781 | 759 | <input class="XiboFormButton" id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> | ||
2782 | 760 | END; | ||
2783 | 761 | } | ||
2784 | 762 | elseif ($backgroundImage) | ||
2785 | 763 | { | ||
2786 | 764 | // Show the save button, and make cancel go back to the background form | ||
2787 | 765 | $save_button = <<<END | ||
2788 | 766 | <input id="btnSave" type="submit" value="Save" disabled /> | ||
2789 | 767 | <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid" value="Cancel" /> | ||
2790 | 768 | END; | ||
2791 | 769 | } | ||
2792 | 770 | else | ||
2793 | 771 | { | ||
2794 | 772 | $save_button = <<<END | ||
2795 | 773 | <input id="btnSave" type="submit" value="Save" disabled /> | ||
2796 | 774 | <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=content&q=displayForms&sp=add" value="Cancel" /> | ||
2797 | 775 | END; | ||
2798 | 776 | } | ||
2799 | 777 | |||
2800 | 778 | $form = <<<FORM | ||
2801 | 779 | <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div> | ||
2802 | 780 | <div> | ||
2803 | 781 | <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload"> | ||
2804 | 782 | <input type="hidden" id="PHPSESSID" value="$sessionId" /> | ||
2805 | 783 | <input type="hidden" id="SecurityToken" value="$securityToken" /> | ||
2806 | 784 | <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" /> | ||
2807 | 785 | <table> | ||
2808 | 786 | <tr> | ||
2809 | 787 | <td><label for="file">$this->displayType File<span class="required">*</span></label></td> | ||
2810 | 788 | <td colspan="3"> | ||
2811 | 789 | <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" /> | ||
2812 | 790 | </td> | ||
2813 | 791 | </tr> | ||
2814 | 792 | </table> | ||
2815 | 793 | </form> | ||
2816 | 794 | </div> | ||
2817 | 795 | <div id="uploadProgress" style="display:none"> | ||
2818 | 796 | <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span> | ||
2819 | 797 | </div> | ||
2820 | 798 | <form class="XiboForm" id="AddLibraryBasedMedia" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=AddMedia"> | ||
2821 | 799 | <input type="hidden" name="layoutid" value="$layoutid"> | ||
2822 | 800 | <input type="hidden" name="regionid" value="$regionid"> | ||
2823 | 801 | <input type="hidden" name="backgroundImage" value="$backgroundImage" /> | ||
2824 | 802 | <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" /> | ||
2825 | 803 | <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /> | ||
2826 | 804 | <input type="hidden" name="hidFileID" id="hidFileID" value="" /> | ||
2827 | 805 | <table width="100%"> | ||
2828 | 806 | <tr> | ||
2829 | 807 | <td><label for="name" title="The name of the $this->type. Leave this blank to use the file name">Name</label></td> | ||
2830 | 808 | <td><input id="name" name="name" type="text"></td> | ||
2831 | 809 | </tr> | ||
2832 | 810 | <tr> | ||
2833 | 811 | <td><label for="duration" title="The duration in seconds this image should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td> | ||
2834 | 812 | <td><input id="duration" name="duration" type="text" value="$defaultDuration"></td> | ||
2835 | 813 | </tr> | ||
2836 | 814 | <tr> | ||
2837 | 815 | <td></td> | ||
2838 | 816 | <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td> | ||
2839 | 817 | </tr> | ||
2840 | 818 | <tr> | ||
2841 | 819 | <td></td> | ||
2842 | 820 | <td colspan="3">$save_button</td> | ||
2843 | 821 | </tr> | ||
2844 | 822 | </table> | ||
2845 | 823 | </form> | ||
2846 | 824 | FORM; | ||
2847 | 825 | |||
2848 | 826 | $this->response->html = $form; | ||
2849 | 827 | $this->response->dialogTitle = 'Add New ' . $this->displayType; | ||
2850 | 828 | $this->response->dialogSize = true; | ||
2851 | 829 | $this->response->dialogWidth = '450px'; | ||
2852 | 830 | $this->response->dialogHeight = '280px'; | ||
2853 | 831 | |||
2854 | 832 | return $this->response; | ||
2855 | 833 | } | ||
2856 | 834 | |||
2857 | 516 | /** | 835 | /** |
2858 | 517 | * Default Edit Form | 836 | * Default Edit Form |
2859 | 518 | * @return | 837 | * @return |
2860 | @@ -530,6 +849,148 @@ | |||
2861 | 530 | return $this->response; | 849 | return $this->response; |
2862 | 531 | } | 850 | } |
2863 | 532 | 851 | ||
2864 | 852 | protected function EditFormForLibraryMedia() | ||
2865 | 853 | { | ||
2866 | 854 | global $session; | ||
2867 | 855 | $db =& $this->db; | ||
2868 | 856 | $user =& $this->user; | ||
2869 | 857 | |||
2870 | 858 | // Would like to get the regions width / height | ||
2871 | 859 | $layoutid = $this->layoutid; | ||
2872 | 860 | $regionid = $this->regionid; | ||
2873 | 861 | $mediaid = $this->mediaid; | ||
2874 | 862 | $lkid = $this->lkid; | ||
2875 | 863 | $userid = $this->user->userid; | ||
2876 | 864 | |||
2877 | 865 | // Can this user delete? | ||
2878 | 866 | if (!$this->auth->edit) | ||
2879 | 867 | { | ||
2880 | 868 | $this->response->SetError('You do not have permission to edit this media.'); | ||
2881 | 869 | $this->response->keepOpen = false; | ||
2882 | 870 | return $this->response; | ||
2883 | 871 | } | ||
2884 | 872 | |||
2885 | 873 | // Set the Session / Security information | ||
2886 | 874 | $sessionId = session_id(); | ||
2887 | 875 | $securityToken = CreateFormToken(); | ||
2888 | 876 | |||
2889 | 877 | $session->setSecurityToken($securityToken); | ||
2890 | 878 | |||
2891 | 879 | // Load what we know about this media into the object | ||
2892 | 880 | $SQL = "SELECT name, originalFilename, userID, retired, storedAs, isEdited, editedMediaID FROM media WHERE mediaID = $mediaid "; | ||
2893 | 881 | |||
2894 | 882 | if (!$row = $db->GetSingleRow($SQL)) | ||
2895 | 883 | { | ||
2896 | 884 | trigger_error($db->error()); //log the error | ||
2897 | 885 | |||
2898 | 886 | $this->message = __('Error querying for the Media information'); | ||
2899 | 887 | return false; | ||
2900 | 888 | } | ||
2901 | 889 | |||
2902 | 890 | $name = $row['name']; | ||
2903 | 891 | $originalFilename = $row['originalFilename']; | ||
2904 | 892 | $userid = $row['userID']; | ||
2905 | 893 | $retired = $row['retired']; | ||
2906 | 894 | $storedAs = $row['storedAs']; | ||
2907 | 895 | $isEdited = $row['isEdited']; | ||
2908 | 896 | $editedMediaID = $row['editedMediaID']; | ||
2909 | 897 | $ext = strtolower(substr(strrchr($originalFilename, '.'), 1)); | ||
2910 | 898 | |||
2911 | 899 | // Save button is different depending on if we are on a region or not | ||
2912 | 900 | if ($regionid != '' && $this->showRegionOptions) | ||
2913 | 901 | { | ||
2914 | 902 | setSession('content', 'mediatype', $this->type); | ||
2915 | 903 | |||
2916 | 904 | $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>'; | ||
2917 | 905 | |||
2918 | 906 | $save_button = <<<END | ||
2919 | 907 | <input id="btnSave" type="submit" value="Save" /> | ||
2920 | 908 | <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="Cancel" /> | ||
2921 | 909 | END; | ||
2922 | 910 | } | ||
2923 | 911 | elseif ($regionid != '' && !$this->showRegionOptions) | ||
2924 | 912 | { | ||
2925 | 913 | $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>'; | ||
2926 | 914 | |||
2927 | 915 | $save_button = <<<END | ||
2928 | 916 | <input id="btnSave" type="submit" value="Save" /> | ||
2929 | 917 | <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> | ||
2930 | 918 | END; | ||
2931 | 919 | } | ||
2932 | 920 | else | ||
2933 | 921 | { | ||
2934 | 922 | $extraNotes = '<em>Note: As you are editing from the library uploading a new media item will not replace the old one from any layouts. To do this navigate to the layout and edit the media from there.</em>'; | ||
2935 | 923 | |||
2936 | 924 | $save_button = <<<END | ||
2937 | 925 | <input id="btnSave" type="submit" value="Save" /> | ||
2938 | 926 | <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> | ||
2939 | 927 | END; | ||
2940 | 928 | } | ||
2941 | 929 | |||
2942 | 930 | $durationFieldEnabled = ($this->auth->modifyPermissions) ? '' : ' readonly'; | ||
2943 | 931 | |||
2944 | 932 | $form = <<<FORM | ||
2945 | 933 | <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div> | ||
2946 | 934 | <div> | ||
2947 | 935 | <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload"> | ||
2948 | 936 | <input type="hidden" id="PHPSESSID" value="$sessionId" /> | ||
2949 | 937 | <input type="hidden" id="SecurityToken" value="$securityToken" /> | ||
2950 | 938 | <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" /> | ||
2951 | 939 | <table> | ||
2952 | 940 | <tr> | ||
2953 | 941 | <td><label for="file">New $this->displayType File<span class="required">*</span></label></td> | ||
2954 | 942 | <td colspan="3"> | ||
2955 | 943 | <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" /> | ||
2956 | 944 | </td> | ||
2957 | 945 | </tr> | ||
2958 | 946 | </table> | ||
2959 | 947 | </form> | ||
2960 | 948 | </div> | ||
2961 | 949 | <div id="uploadProgress" style="display:none"> | ||
2962 | 950 | <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span> | ||
2963 | 951 | </div> | ||
2964 | 952 | <form class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=EditMedia"> | ||
2965 | 953 | <input type="hidden" name="hidFileID" id="hidFileID" value="" /> | ||
2966 | 954 | <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /> | ||
2967 | 955 | <input type="hidden" name="layoutid" value="$layoutid"> | ||
2968 | 956 | <input type="hidden" name="regionid" value="$regionid"> | ||
2969 | 957 | <input type="hidden" name="mediaid" value="$mediaid"> | ||
2970 | 958 | <input type="hidden" name="lkid" value="$lkid"> | ||
2971 | 959 | <input type="hidden" id="PHPSESSID" value="$sessionId" /> | ||
2972 | 960 | <input type="hidden" id="SecurityToken" value="$securityToken" /> | ||
2973 | 961 | <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" /> | ||
2974 | 962 | <table> | ||
2975 | 963 | <tr> | ||
2976 | 964 | <td><label for="name" title="The name of the $this->displayType. Leave this blank to use the file name">Name</label></td> | ||
2977 | 965 | <td><input id="name" name="name" type="text" value="$name"></td> | ||
2978 | 966 | <td><label for="duration" title="The duration in seconds this media should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td> | ||
2979 | 967 | <td><input id="duration" name="duration" type="text" value="$this->duration" $durationFieldEnabled></td> | ||
2980 | 968 | </tr> | ||
2981 | 969 | <tr> | ||
2982 | 970 | <td></td> | ||
2983 | 971 | <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td> | ||
2984 | 972 | </tr> | ||
2985 | 973 | <tr> | ||
2986 | 974 | <td></td> | ||
2987 | 975 | <td colspan="2">$extraNotes</td> | ||
2988 | 976 | </tr> | ||
2989 | 977 | <tr> | ||
2990 | 978 | <td></td> | ||
2991 | 979 | <td colspan="3">$save_button</td> | ||
2992 | 980 | </tr> | ||
2993 | 981 | </table> | ||
2994 | 982 | </form> | ||
2995 | 983 | FORM; | ||
2996 | 984 | |||
2997 | 985 | $this->response->html = $form; | ||
2998 | 986 | $this->response->dialogTitle = 'Edit ' . $this->displayType; | ||
2999 | 987 | $this->response->dialogSize = true; | ||
3000 | 988 | $this->response->dialogWidth = '450px'; | ||
3001 | 989 | $this->response->dialogHeight = '280px'; | ||
3002 | 990 | |||
3003 | 991 | return $this->response; | ||
3004 | 992 | } | ||
3005 | 993 | |||
3006 | 533 | /** | 994 | /** |
3007 | 534 | * Default Add Media | 995 | * Default Add Media |
3008 | 535 | * @return | 996 | * @return |
3009 | @@ -542,6 +1003,171 @@ | |||
3010 | 542 | return $this->response; | 1003 | return $this->response; |
3011 | 543 | } | 1004 | } |
3012 | 544 | 1005 | ||
3013 | 1006 | protected function AddLibraryMedia() | ||
3014 | 1007 | { | ||
3015 | 1008 | $db =& $this->db; | ||
3016 | 1009 | $layoutid = $this->layoutid; | ||
3017 | 1010 | $regionid = $this->regionid; | ||
3018 | 1011 | $mediaid = $this->mediaid; | ||
3019 | 1012 | $userid = $this->user->userid; | ||
3020 | 1013 | $backgroundImage = Kit::GetParam('backgroundImage', _POST, _BOOL, false); | ||
3021 | 1014 | |||
3022 | 1015 | // File data | ||
3023 | 1016 | $tmpName = Kit::GetParam('hidFileID', _POST, _STRING); | ||
3024 | 1017 | |||
3025 | 1018 | if ($tmpName == '') | ||
3026 | 1019 | { | ||
3027 | 1020 | $this->response->SetError('Cannot save Image details. <br/> You must have picked a file.'); | ||
3028 | 1021 | $this->response->keepOpen = true; | ||
3029 | 1022 | return $this->response; | ||
3030 | 1023 | } | ||
3031 | 1024 | |||
3032 | 1025 | // File name and extension (orignial name) | ||
3033 | 1026 | $fileName = Kit::GetParam('txtFileName', _POST, _STRING); | ||
3034 | 1027 | $fileName = basename($fileName); | ||
3035 | 1028 | $ext = strtolower(substr(strrchr($fileName, "."), 1)); | ||
3036 | 1029 | |||
3037 | 1030 | // Other properties | ||
3038 | 1031 | $name = Kit::GetParam('name', _POST, _STRING); | ||
3039 | 1032 | $duration = Kit::GetParam('duration', _POST, _INT, -1); | ||
3040 | 1033 | |||
3041 | 1034 | if ($name == '') | ||
3042 | 1035 | $name = Kit::ValidateParam($fileName, _FILENAME); | ||
3043 | 1036 | |||
3044 | 1037 | // Validation | ||
3045 | 1038 | if (!$this->IsValidExtension($ext)) | ||
3046 | 1039 | { | ||
3047 | 1040 | $this->response->SetError(sprintf(__('Your file has an extension not supported by Media Type %s'), $this->displayType)); | ||
3048 | 1041 | $this->response->keepOpen = true; | ||
3049 | 1042 | return $this->response; | ||
3050 | 1043 | } | ||
3051 | 1044 | |||
3052 | 1045 | // Make sure the name isnt too long | ||
3053 | 1046 | if (strlen($name) > 100) | ||
3054 | 1047 | { | ||
3055 | 1048 | $this->response->SetError(__('The name cannot be longer than 100 characters')); | ||
3056 | 1049 | $this->response->keepOpen = true; | ||
3057 | 1050 | return $this->response; | ||
3058 | 1051 | } | ||
3059 | 1052 | |||
3060 | 1053 | if ($duration < 0) | ||
3061 | 1054 | { | ||
3062 | 1055 | $this->response->SetError(__('You must enter a duration.')); | ||
3063 | 1056 | $this->response->keepOpen = true; | ||
3064 | 1057 | return $this->response; | ||
3065 | 1058 | } | ||
3066 | 1059 | |||
3067 | 1060 | // Ensure the name is not already in the database | ||
3068 | 1061 | $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userid); | ||
3069 | 1062 | |||
3070 | 1063 | if(!$result = $db->query($SQL)) | ||
3071 | 1064 | { | ||
3072 | 1065 | trigger_error($db->error()); | ||
3073 | 1066 | $this->response->SetError('Error checking whether the media name is ok. Try choosing a different name.'); | ||
3074 | 1067 | $this->response->keepOpen = true; | ||
3075 | 1068 | return $this->response; | ||
3076 | 1069 | } | ||
3077 | 1070 | |||
3078 | 1071 | if ($db->num_rows($result) != 0) | ||
3079 | 1072 | { | ||
3080 | 1073 | $this->response->SetError('Some media you own already has this name. Please choose another.'); | ||
3081 | 1074 | $this->response->keepOpen = true; | ||
3082 | 1075 | return $this->response; | ||
3083 | 1076 | } | ||
3084 | 1077 | |||
3085 | 1078 | // All OK to insert this record | ||
3086 | 1079 | $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; | ||
3087 | 1080 | $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) "; | ||
3088 | 1081 | |||
3089 | 1082 | $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($duration), $db->escape_string($fileName), $userid); | ||
3090 | 1083 | |||
3091 | 1084 | if (!$mediaid = $db->insert_query($SQL)) | ||
3092 | 1085 | { | ||
3093 | 1086 | trigger_error($db->error()); | ||
3094 | 1087 | $this->response->SetError(__('Database error adding this media record.')); | ||
3095 | 1088 | $this->response->keepOpen = true; | ||
3096 | 1089 | return $this->response; | ||
3097 | 1090 | } | ||
3098 | 1091 | |||
3099 | 1092 | // File upload directory.. get this from the settings object | ||
3100 | 1093 | $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); | ||
3101 | 1094 | |||
3102 | 1095 | // What are we going to store this media as... | ||
3103 | 1096 | $storedAs = $mediaid . '.' . $ext; | ||
3104 | 1097 | |||
3105 | 1098 | // Now we need to move the file | ||
3106 | 1099 | if (!$result = rename($databaseDir . 'temp/' . $tmpName, $databaseDir . $storedAs)) | ||
3107 | 1100 | { | ||
3108 | 1101 | // If we couldnt move it - we need to delete the media record we just added | ||
3109 | 1102 | $SQL = sprintf("DELETE FROM media WHERE mediaID = %d ", $mediaid); | ||
3110 | 1103 | |||
3111 | 1104 | if (!$db->query($SQL)) | ||
3112 | 1105 | { | ||
3113 | 1106 | trigger_error($db->error()); | ||
3114 | 1107 | $this->response->SetError(__('Error storing file')); | ||
3115 | 1108 | $this->response->keepOpen = true; | ||
3116 | 1109 | return $this->response; | ||
3117 | 1110 | } | ||
3118 | 1111 | } | ||
3119 | 1112 | |||
3120 | 1113 | // Calculate the MD5 and the file size | ||
3121 | 1114 | $md5 = md5_file($databaseDir.$storedAs); | ||
3122 | 1115 | $fileSize = filesize($databaseDir.$storedAs); | ||
3123 | 1116 | |||
3124 | 1117 | // Update the media record to include this information | ||
3125 | 1118 | $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $mediaid); | ||
3126 | 1119 | |||
3127 | 1120 | if (!$db->query($SQL)) | ||
3128 | 1121 | { | ||
3129 | 1122 | trigger_error($db->error()); | ||
3130 | 1123 | return true; | ||
3131 | 1124 | } | ||
3132 | 1125 | |||
3133 | 1126 | // Required Attributes | ||
3134 | 1127 | $this->mediaid = $mediaid; | ||
3135 | 1128 | $this->duration = $duration; | ||
3136 | 1129 | |||
3137 | 1130 | // Any Options | ||
3138 | 1131 | $this->SetOption('uri', $storedAs); | ||
3139 | 1132 | |||
3140 | 1133 | // Should have built the media object entirely by this time | ||
3141 | 1134 | if ($regionid != '' && $this->showRegionOptions) | ||
3142 | 1135 | { | ||
3143 | 1136 | // This saves the Media Object to the Region | ||
3144 | 1137 | $this->UpdateRegion(); | ||
3145 | 1138 | $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions";; | ||
3146 | 1139 | } | ||
3147 | 1140 | elseif ($regionid != '' && !$this->showRegionOptions) | ||
3148 | 1141 | { | ||
3149 | 1142 | $this->UpdateRegion(); | ||
3150 | 1143 | $this->response->loadForm = false; | ||
3151 | 1144 | } | ||
3152 | 1145 | else | ||
3153 | 1146 | { | ||
3154 | 1147 | $this->response->loadFormUri = "index.php?p=content&q=displayForms&sp=add"; | ||
3155 | 1148 | } | ||
3156 | 1149 | |||
3157 | 1150 | // We want to load a new form | ||
3158 | 1151 | $this->response->loadForm = true; | ||
3159 | 1152 | |||
3160 | 1153 | // If we just added a background we should load the background form | ||
3161 | 1154 | if ($backgroundImage) | ||
3162 | 1155 | { | ||
3163 | 1156 | $this->response->loadFormUri = "index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid&backgroundOveride=$storedAs"; | ||
3164 | 1157 | } | ||
3165 | 1158 | |||
3166 | 1159 | // What permissions should we assign this with? | ||
3167 | 1160 | if (Config::GetSetting($db, 'MEDIA_DEFAULT') == 'public') | ||
3168 | 1161 | { | ||
3169 | 1162 | Kit::ClassLoader('mediagroupsecurity'); | ||
3170 | 1163 | |||
3171 | 1164 | $security = new MediaGroupSecurity($db); | ||
3172 | 1165 | $security->LinkEveryone($mediaid, 1, 0, 0); | ||
3173 | 1166 | } | ||
3174 | 1167 | |||
3175 | 1168 | return $this->response; | ||
3176 | 1169 | } | ||
3177 | 1170 | |||
3178 | 545 | /** | 1171 | /** |
3179 | 546 | * Default EditMedia | 1172 | * Default EditMedia |
3180 | 547 | * @return | 1173 | * @return |
3181 | @@ -554,18 +1180,256 @@ | |||
3182 | 554 | return $this->response; | 1180 | return $this->response; |
3183 | 555 | } | 1181 | } |
3184 | 556 | 1182 | ||
3197 | 557 | /** | 1183 | protected function EditLibraryMedia() |
3198 | 558 | * Default GetName | 1184 | { |
3199 | 559 | * @return | 1185 | $db =& $this->db; |
3200 | 560 | */ | 1186 | $user =& $this->user; |
3201 | 561 | public function GetName() | 1187 | $layoutid = $this->layoutid; |
3202 | 562 | { | 1188 | $regionid = $this->regionid; |
3203 | 563 | $db =& $this->db; | 1189 | $mediaid = $this->mediaid; |
3204 | 564 | 1190 | $userid = $this->user->userid; | |
3205 | 565 | Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName'); | 1191 | |
3206 | 566 | 1192 | if (!$this->auth->edit) | |
3207 | 567 | return $this->name; | 1193 | { |
3208 | 568 | } | 1194 | $this->response->SetError('You do not have permission to edit this media.'); |
3209 | 1195 | $this->response->keepOpen = false; | ||
3210 | 1196 | return $this->response; | ||
3211 | 1197 | } | ||
3212 | 1198 | |||
3213 | 1199 | // Stored As from the XML | ||
3214 | 1200 | $storedAs = $this->GetOption('uri'); | ||
3215 | 1201 | |||
3216 | 1202 | // File data | ||
3217 | 1203 | $tmpName = Kit::GetParam('hidFileID', _POST, _STRING); | ||
3218 | 1204 | |||
3219 | 1205 | if ($tmpName == '') | ||
3220 | 1206 | { | ||
3221 | 1207 | $fileRevision = false; | ||
3222 | 1208 | } | ||
3223 | 1209 | else | ||
3224 | 1210 | { | ||
3225 | 1211 | $fileRevision = true; | ||
3226 | 1212 | |||
3227 | 1213 | // File name and extension (orignial name) | ||
3228 | 1214 | $fileName = Kit::GetParam('txtFileName', _POST, _STRING); | ||
3229 | 1215 | $fileName = basename($fileName); | ||
3230 | 1216 | $ext = strtolower(substr(strrchr($fileName, "."), 1)); | ||
3231 | 1217 | |||
3232 | 1218 | if (!$this->IsValidExtension($ext)) | ||
3233 | 1219 | { | ||
3234 | 1220 | $this->response->SetError('Your file has an extension not supported by this Media Type.'); | ||
3235 | 1221 | $this->response->keepOpen = true; | ||
3236 | 1222 | return $this->response; | ||
3237 | 1223 | } | ||
3238 | 1224 | } | ||
3239 | 1225 | |||
3240 | 1226 | // Other properties | ||
3241 | 1227 | $name = Kit::GetParam('name', _POST, _STRING); | ||
3242 | 1228 | |||
3243 | 1229 | if ($this->auth->modifyPermissions) | ||
3244 | 1230 | $this->duration = Kit::GetParam('duration', _POST, _INT, 0); | ||
3245 | 1231 | |||
3246 | 1232 | if ($name == '') | ||
3247 | 1233 | { | ||
3248 | 1234 | if ($fileRevision) | ||
3249 | 1235 | { | ||
3250 | 1236 | $name = Kit::ValidateParam($fileName, _FILENAME); | ||
3251 | 1237 | } | ||
3252 | 1238 | else | ||
3253 | 1239 | { | ||
3254 | 1240 | $this->response->SetError(__('The Name cannot be blank.')); | ||
3255 | 1241 | $this->response->keepOpen = true; | ||
3256 | 1242 | return $this->response; | ||
3257 | 1243 | } | ||
3258 | 1244 | } | ||
3259 | 1245 | |||
3260 | 1246 | // Make sure the name isnt too long | ||
3261 | 1247 | if (strlen($name) > 100) | ||
3262 | 1248 | { | ||
3263 | 1249 | $this->response->SetError(__('The name cannot be longer than 100 characters')); | ||
3264 | 1250 | $this->response->keepOpen = true; | ||
3265 | 1251 | return $this->response; | ||
3266 | 1252 | } | ||
3267 | 1253 | |||
3268 | 1254 | if ($this->duration < 0) | ||
3269 | 1255 | { | ||
3270 | 1256 | $this->response->SetError(__('You must enter a duration.')); | ||
3271 | 1257 | $this->response->keepOpen = true; | ||
3272 | 1258 | return $this->response; | ||
3273 | 1259 | } | ||
3274 | 1260 | |||
3275 | 1261 | // Ensure the name is not already in the database | ||
3276 | 1262 | $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d AND mediaid <> %d AND IsEdited = 0", $db->escape_string($name), $userid, $mediaid); | ||
3277 | 1263 | |||
3278 | 1264 | if(!$result = $db->query($SQL)) | ||
3279 | 1265 | { | ||
3280 | 1266 | trigger_error($db->error()); | ||
3281 | 1267 | $this->response->SetError(__('Error checking whether the media name is ok. Try choosing a different name.')); | ||
3282 | 1268 | $this->response->keepOpen = true; | ||
3283 | 1269 | return $this->response; | ||
3284 | 1270 | } | ||
3285 | 1271 | |||
3286 | 1272 | if ($db->num_rows($result) != 0) | ||
3287 | 1273 | { | ||
3288 | 1274 | $this->response->SetError(__('Some media you own already has this name. Please choose another.')); | ||
3289 | 1275 | $this->response->keepOpen = true; | ||
3290 | 1276 | return $this->response; | ||
3291 | 1277 | } | ||
3292 | 1278 | |||
3293 | 1279 | //Are we revising this media - or just plain editing | ||
3294 | 1280 | if ($fileRevision) | ||
3295 | 1281 | { | ||
3296 | 1282 | // All OK to insert this record | ||
3297 | 1283 | $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; | ||
3298 | 1284 | $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) "; | ||
3299 | 1285 | |||
3300 | 1286 | $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($this->duration), $db->escape_string($fileName), $userid); | ||
3301 | 1287 | |||
3302 | 1288 | if (!$new_mediaid = $db->insert_query($SQL)) | ||
3303 | 1289 | { | ||
3304 | 1290 | trigger_error($db->error()); | ||
3305 | 1291 | trigger_error('Error inserting replacement media record.', E_USER_ERROR); | ||
3306 | 1292 | } | ||
3307 | 1293 | |||
3308 | 1294 | //What are we going to store this media as... | ||
3309 | 1295 | $storedAs = $new_mediaid . '.' . $ext; | ||
3310 | 1296 | |||
3311 | 1297 | // File upload directory.. get this from the settings object | ||
3312 | 1298 | $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); | ||
3313 | 1299 | |||
3314 | 1300 | //Now we need to move the file | ||
3315 | 1301 | if (!$result = rename($databaseDir . '/temp/' . $tmpName, $databaseDir . $storedAs)) | ||
3316 | 1302 | { | ||
3317 | 1303 | //If we couldnt move it - we need to delete the media record we just added | ||
3318 | 1304 | $SQL = "DELETE FROM media WHERE mediaID = $new_mediaid "; | ||
3319 | 1305 | |||
3320 | 1306 | if (!$db->insert_query($SQL)) | ||
3321 | 1307 | { | ||
3322 | 1308 | $this->response->SetError('Error rolling back transcation.'); | ||
3323 | 1309 | $this->response->keepOpen = true; | ||
3324 | 1310 | return $this->response; | ||
3325 | 1311 | } | ||
3326 | 1312 | } | ||
3327 | 1313 | |||
3328 | 1314 | // Calculate the MD5 and the file size | ||
3329 | 1315 | $md5 = md5_file($databaseDir.$storedAs); | ||
3330 | 1316 | $fileSize = filesize($databaseDir.$storedAs); | ||
3331 | 1317 | |||
3332 | 1318 | // Update the media record to include this information | ||
3333 | 1319 | $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $new_mediaid); | ||
3334 | 1320 | |||
3335 | 1321 | if (!$db->query($SQL)) | ||
3336 | 1322 | { | ||
3337 | 1323 | trigger_error($db->error()); | ||
3338 | 1324 | $this->response->SetError('Error updating media with Library location.'); | ||
3339 | 1325 | $this->response->keepOpen = true; | ||
3340 | 1326 | return $this->response; | ||
3341 | 1327 | } | ||
3342 | 1328 | |||
3343 | 1329 | // Update the existing record with the new record's id | ||
3344 | 1330 | $SQL = "UPDATE media SET isEdited = 1, editedMediaID = $new_mediaid "; | ||
3345 | 1331 | $SQL .= " WHERE IFNULL(editedMediaID,0) <> $new_mediaid AND mediaID = $mediaid "; | ||
3346 | 1332 | |||
3347 | 1333 | Debug::LogEntry($db, 'audit', $SQL); | ||
3348 | 1334 | |||
3349 | 1335 | if (!$db->query($SQL)) | ||
3350 | 1336 | { | ||
3351 | 1337 | trigger_error($db->error()); | ||
3352 | 1338 | |||
3353 | 1339 | $this->response->SetError('Database error editing this media record.'); | ||
3354 | 1340 | $this->response->keepOpen = true; | ||
3355 | 1341 | return $this->response; | ||
3356 | 1342 | } | ||
3357 | 1343 | |||
3358 | 1344 | // We need to assign all permissions for the old media id to the new media id | ||
3359 | 1345 | Kit::ClassLoader('mediagroupsecurity'); | ||
3360 | 1346 | |||
3361 | 1347 | $security = new MediaGroupSecurity($db); | ||
3362 | 1348 | $security->Copy($mediaid, $new_mediaid); | ||
3363 | 1349 | |||
3364 | 1350 | // Are we on a region | ||
3365 | 1351 | if ($regionid != '') | ||
3366 | 1352 | { | ||
3367 | 1353 | Kit::ClassLoader('layoutmediagroupsecurity'); | ||
3368 | 1354 | |||
3369 | 1355 | $security = new LayoutMediaGroupSecurity($db); | ||
3370 | 1356 | $security->Copy($layoutid, $regionid, $mediaid, $new_mediaid); | ||
3371 | 1357 | } | ||
3372 | 1358 | } | ||
3373 | 1359 | else | ||
3374 | 1360 | { | ||
3375 | 1361 | // Editing the existing record | ||
3376 | 1362 | $new_mediaid = $mediaid; | ||
3377 | 1363 | |||
3378 | 1364 | $SQL = "UPDATE media SET name = '%s' "; | ||
3379 | 1365 | $SQL .= " WHERE mediaID = %d "; | ||
3380 | 1366 | $SQL = sprintf($SQL, $db->escape_string($name), $mediaid); | ||
3381 | 1367 | |||
3382 | 1368 | Debug::LogEntry($db, 'audit', $SQL); | ||
3383 | 1369 | |||
3384 | 1370 | if (!$db->query($SQL)) | ||
3385 | 1371 | { | ||
3386 | 1372 | trigger_error($db->error()); | ||
3387 | 1373 | |||
3388 | 1374 | $this->response->SetError('Database error editing this media record.'); | ||
3389 | 1375 | $this->response->keepOpen = true; | ||
3390 | 1376 | return $this->response; | ||
3391 | 1377 | } | ||
3392 | 1378 | } | ||
3393 | 1379 | |||
3394 | 1380 | // Required Attributes | ||
3395 | 1381 | $this->mediaid = $new_mediaid; | ||
3396 | 1382 | |||
3397 | 1383 | // Any Options | ||
3398 | 1384 | $this->SetOption('uri', $storedAs); | ||
3399 | 1385 | |||
3400 | 1386 | // Should have built the media object entirely by this time | ||
3401 | 1387 | if ($regionid != '' && $this->showRegionOptions) | ||
3402 | 1388 | { | ||
3403 | 1389 | // This saves the Media Object to the Region | ||
3404 | 1390 | $this->UpdateRegion(); | ||
3405 | 1391 | |||
3406 | 1392 | $this->response->loadForm = true; | ||
3407 | 1393 | $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions";; | ||
3408 | 1394 | } | ||
3409 | 1395 | elseif ($regionid != '' && !$this->showRegionOptions) | ||
3410 | 1396 | { | ||
3411 | 1397 | $this->UpdateRegion(); | ||
3412 | 1398 | $this->response->loadForm = false; | ||
3413 | 1399 | } | ||
3414 | 1400 | else | ||
3415 | 1401 | { | ||
3416 | 1402 | // We are in the library so we therefore have to update the duration with the new value. | ||
3417 | 1403 | // We could do this in the above code, but it is much simpler here until we rewrite | ||
3418 | 1404 | // these classes to use a data base class. | ||
3419 | 1405 | $db->query(sprintf("UPDATE media SET duration = %d WHERE mediaID = %d", $this->duration, $this->mediaid)); | ||
3420 | 1406 | |||
3421 | 1407 | $this->response->message = 'Edited the ' . $this->displayType; | ||
3422 | 1408 | } | ||
3423 | 1409 | |||
3424 | 1410 | return $this->response; | ||
3425 | 1411 | } | ||
3426 | 1412 | |||
3427 | 1413 | /** | ||
3428 | 1414 | * Default GetName | ||
3429 | 1415 | * @return | ||
3430 | 1416 | */ | ||
3431 | 1417 | public function GetName() | ||
3432 | 1418 | { | ||
3433 | 1419 | $db =& $this->db; | ||
3434 | 1420 | |||
3435 | 1421 | if ($this->name == '' && !$this->regionSpecific) | ||
3436 | 1422 | { | ||
3437 | 1423 | // Load what we know about this media into the object | ||
3438 | 1424 | $SQL = "SELECT name FROM media WHERE mediaID = %d "; | ||
3439 | 1425 | |||
3440 | 1426 | $this->name = $db->GetSingleValue(sprintf($SQL, $this->mediaid), 'name', _STRING); | ||
3441 | 1427 | } | ||
3442 | 1428 | |||
3443 | 1429 | Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName'); | ||
3444 | 1430 | |||
3445 | 1431 | return $this->name; | ||
3446 | 1432 | } | ||
3447 | 569 | 1433 | ||
3448 | 570 | /** | 1434 | /** |
3449 | 571 | * Preview code for a module | 1435 | * Preview code for a module |
3450 | @@ -585,5 +1449,231 @@ | |||
3451 | 585 | { | 1449 | { |
3452 | 586 | return $this->regionSpecific; | 1450 | return $this->regionSpecific; |
3453 | 587 | } | 1451 | } |
3454 | 1452 | |||
3455 | 1453 | /** | ||
3456 | 1454 | * Permissions form | ||
3457 | 1455 | */ | ||
3458 | 1456 | public function PermissionsForm() | ||
3459 | 1457 | { | ||
3460 | 1458 | $db =& $this->db; | ||
3461 | 1459 | $user =& $this->user; | ||
3462 | 1460 | $response = $this->response; | ||
3463 | 1461 | $helpManager = new HelpManager($db, $user); | ||
3464 | 1462 | |||
3465 | 1463 | if (!$this->auth->modifyPermissions) | ||
3466 | 1464 | trigger_error(__('You do not have permissions to edit this media'), E_USER_ERROR); | ||
3467 | 1465 | |||
3468 | 1466 | // Form content | ||
3469 | 1467 | $form = '<form id="LayoutPermissionsForm" class="XiboForm" method="post" action="index.php?p=module&mod=' . $this->type . '&q=Exec&method=Permissions">'; | ||
3470 | 1468 | $form .= '<input type="hidden" name="layoutid" value="' . $this->layoutid . '" />'; | ||
3471 | 1469 | $form .= '<input type="hidden" name="regionid" value="' . $this->regionid . '" />'; | ||
3472 | 1470 | $form .= '<input type="hidden" name="mediaid" value="' . $this->mediaid . '" />'; | ||
3473 | 1471 | $form .= '<div class="dialog_table">'; | ||
3474 | 1472 | $form .= ' <table style="width:100%">'; | ||
3475 | 1473 | $form .= ' <tr>'; | ||
3476 | 1474 | $form .= ' <th>' . __('Group') . '</th>'; | ||
3477 | 1475 | $form .= ' <th>' . __('View') . '</th>'; | ||
3478 | 1476 | $form .= ' <th>' . __('Edit') . '</th>'; | ||
3479 | 1477 | $form .= ' <th>' . __('Delete') . '</th>'; | ||
3480 | 1478 | $form .= ' </tr>'; | ||
3481 | 1479 | |||
3482 | 1480 | // List of all Groups with a view/edit/delete checkbox | ||
3483 | 1481 | $SQL = ''; | ||
3484 | 1482 | $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific '; | ||
3485 | 1483 | $SQL .= ' FROM `group` '; | ||
3486 | 1484 | |||
3487 | 1485 | if ($this->assignedMedia) | ||
3488 | 1486 | { | ||
3489 | 1487 | $SQL .= ' LEFT OUTER JOIN lklayoutmediagroup '; | ||
3490 | 1488 | $SQL .= ' ON lklayoutmediagroup.GroupID = group.GroupID '; | ||
3491 | 1489 | $SQL .= sprintf(" AND lklayoutmediagroup.MediaID = '%s' AND lklayoutmediagroup.RegionID = '%s' AND lklayoutmediagroup.LayoutID = %d ", $this->mediaid, $this->regionid, $this->layoutid); | ||
3492 | 1490 | } | ||
3493 | 1491 | else | ||
3494 | 1492 | { | ||
3495 | 1493 | $SQL .= ' LEFT OUTER JOIN lkmediagroup '; | ||
3496 | 1494 | $SQL .= ' ON lkmediagroup.GroupID = group.GroupID '; | ||
3497 | 1495 | $SQL .= sprintf(' AND lkmediagroup.MediaID = %d ', $this->mediaid); | ||
3498 | 1496 | } | ||
3499 | 1497 | |||
3500 | 1498 | $SQL .= ' WHERE `group`.GroupID <> %d '; | ||
3501 | 1499 | $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` '; | ||
3502 | 1500 | |||
3503 | 1501 | $SQL = sprintf($SQL, $user->getGroupFromId($user->userid, true)); | ||
3504 | 1502 | |||
3505 | 1503 | Debug::LogEntry($db, 'audit', $SQL, 'module', 'PermissionsForm'); | ||
3506 | 1504 | |||
3507 | 1505 | if (!$results = $db->query($SQL)) | ||
3508 | 1506 | { | ||
3509 | 1507 | trigger_error($db->error()); | ||
3510 | 1508 | trigger_error(__('Unable to get permissions for this layout'), E_USER_ERROR); | ||
3511 | 1509 | } | ||
3512 | 1510 | |||
3513 | 1511 | while($row = $db->get_assoc_row($results)) | ||
3514 | 1512 | { | ||
3515 | 1513 | $groupId = $row['GroupID']; | ||
3516 | 1514 | $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group']; | ||
3517 | 1515 | |||
3518 | 1516 | $form .= '<tr>'; | ||
3519 | 1517 | $form .= ' <td>' . $group . '</td>'; | ||
3520 | 1518 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>'; | ||
3521 | 1519 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>'; | ||
3522 | 1520 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>'; | ||
3523 | 1521 | $form .= '</tr>'; | ||
3524 | 1522 | } | ||
3525 | 1523 | |||
3526 | 1524 | $form .= '</table>'; | ||
3527 | 1525 | $form .= '</div>'; | ||
3528 | 1526 | $form .= '</form>'; | ||
3529 | 1527 | |||
3530 | 1528 | $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px'); | ||
3531 | 1529 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")'); | ||
3532 | 1530 | $response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=layout&layoutid=' . $this->layoutid . '®ionid=' . $this->regionid . '&q=RegionOptions")'); | ||
3533 | 1531 | $response->AddButton(__('Save'), '$("#LayoutPermissionsForm").submit()'); | ||
3534 | 1532 | |||
3535 | 1533 | return $response; | ||
3536 | 1534 | } | ||
3537 | 1535 | |||
3538 | 1536 | /** | ||
3539 | 1537 | * Permissions Edit | ||
3540 | 1538 | */ | ||
3541 | 1539 | public function Permissions() | ||
3542 | 1540 | { | ||
3543 | 1541 | $db =& $this->db; | ||
3544 | 1542 | $user =& $this->user; | ||
3545 | 1543 | $response = $this->response; | ||
3546 | 1544 | |||
3547 | 1545 | Kit::ClassLoader('mediagroupsecurity'); | ||
3548 | 1546 | Kit::ClassLoader('layoutmediagroupsecurity'); | ||
3549 | 1547 | |||
3550 | 1548 | $layoutId = Kit::GetParam('layoutid', _POST, _INT); | ||
3551 | 1549 | $regionId = Kit::GetParam('regionid', _POST, _STRING); | ||
3552 | 1550 | $mediaId = Kit::GetParam('mediaid', _POST, _STRING); | ||
3553 | 1551 | $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); | ||
3554 | 1552 | |||
3555 | 1553 | if (!$this->auth->modifyPermissions) | ||
3556 | 1554 | trigger_error(__('You do not have permissions to edit this layout'), E_USER_ERROR); | ||
3557 | 1555 | |||
3558 | 1556 | // Unlink all | ||
3559 | 1557 | if ($this->assignedMedia) | ||
3560 | 1558 | { | ||
3561 | 1559 | $layoutMediaSecurity = new LayoutMediaGroupSecurity($db); | ||
3562 | 1560 | if (!$layoutMediaSecurity->UnlinkAll($layoutId, $regionId, $mediaId)) | ||
3563 | 1561 | trigger_error(__('Unable to set permissions')); | ||
3564 | 1562 | } | ||
3565 | 1563 | else | ||
3566 | 1564 | { | ||
3567 | 1565 | $mediaSecurity = new MediaGroupSecurity($db); | ||
3568 | 1566 | if (!$mediaSecurity->UnlinkAll($mediaId)) | ||
3569 | 1567 | trigger_error(__('Unable to set permissions')); | ||
3570 | 1568 | } | ||
3571 | 1569 | |||
3572 | 1570 | // Some assignments for the loop | ||
3573 | 1571 | $lastGroupId = 0; | ||
3574 | 1572 | $first = true; | ||
3575 | 1573 | $view = 0; | ||
3576 | 1574 | $edit = 0; | ||
3577 | 1575 | $del = 0; | ||
3578 | 1576 | |||
3579 | 1577 | // List of groupIds with view, edit and del assignments | ||
3580 | 1578 | foreach($groupIds as $groupPermission) | ||
3581 | 1579 | { | ||
3582 | 1580 | $groupPermission = explode('_', $groupPermission); | ||
3583 | 1581 | $groupId = $groupPermission[0]; | ||
3584 | 1582 | |||
3585 | 1583 | if ($first) | ||
3586 | 1584 | { | ||
3587 | 1585 | // First time through | ||
3588 | 1586 | $first = false; | ||
3589 | 1587 | $lastGroupId = $groupId; | ||
3590 | 1588 | } | ||
3591 | 1589 | |||
3592 | 1590 | if ($groupId != $lastGroupId) | ||
3593 | 1591 | { | ||
3594 | 1592 | // The groupId has changed, so we need to write the current settings to the db. | ||
3595 | 1593 | // Link new permissions | ||
3596 | 1594 | if ($this->assignedMedia) | ||
3597 | 1595 | { | ||
3598 | 1596 | if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) | ||
3599 | 1597 | trigger_error(__('Unable to set permissions')); | ||
3600 | 1598 | } | ||
3601 | 1599 | else | ||
3602 | 1600 | { | ||
3603 | 1601 | if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) | ||
3604 | 1602 | trigger_error(__('Unable to set permissions')); | ||
3605 | 1603 | } | ||
3606 | 1604 | |||
3607 | 1605 | // Reset | ||
3608 | 1606 | $lastGroupId = $groupId; | ||
3609 | 1607 | $view = 0; | ||
3610 | 1608 | $edit = 0; | ||
3611 | 1609 | $del = 0; | ||
3612 | 1610 | } | ||
3613 | 1611 | |||
3614 | 1612 | switch ($groupPermission[1]) | ||
3615 | 1613 | { | ||
3616 | 1614 | case 'view': | ||
3617 | 1615 | $view = 1; | ||
3618 | 1616 | break; | ||
3619 | 1617 | |||
3620 | 1618 | case 'edit': | ||
3621 | 1619 | $edit = 1; | ||
3622 | 1620 | break; | ||
3623 | 1621 | |||
3624 | 1622 | case 'del': | ||
3625 | 1623 | $del = 1; | ||
3626 | 1624 | break; | ||
3627 | 1625 | } | ||
3628 | 1626 | } | ||
3629 | 1627 | |||
3630 | 1628 | // Need to do the last one | ||
3631 | 1629 | if (!$first) | ||
3632 | 1630 | { | ||
3633 | 1631 | if ($this->assignedMedia) | ||
3634 | 1632 | { | ||
3635 | 1633 | if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) | ||
3636 | 1634 | trigger_error(__('Unable to set permissions')); | ||
3637 | 1635 | } | ||
3638 | 1636 | else | ||
3639 | 1637 | { | ||
3640 | 1638 | if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) | ||
3641 | 1639 | trigger_error(__('Unable to set permissions')); | ||
3642 | 1640 | } | ||
3643 | 1641 | } | ||
3644 | 1642 | |||
3645 | 1643 | $response->SetFormSubmitResponse(__('Permissions Changed')); | ||
3646 | 1644 | |||
3647 | 1645 | return $response; | ||
3648 | 1646 | } | ||
3649 | 1647 | |||
3650 | 1648 | /** | ||
3651 | 1649 | * Deletes the media files associated with this record | ||
3652 | 1650 | * @return | ||
3653 | 1651 | */ | ||
3654 | 1652 | private function DeleteMediaFiles($fileName) | ||
3655 | 1653 | { | ||
3656 | 1654 | $db =& $this->db; | ||
3657 | 1655 | |||
3658 | 1656 | //Library location | ||
3659 | 1657 | $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); | ||
3660 | 1658 | |||
3661 | 1659 | //3 things to check for.. | ||
3662 | 1660 | //the actual file, the thumbnail, the background | ||
3663 | 1661 | if (file_exists($databaseDir . $fileName)) | ||
3664 | 1662 | { | ||
3665 | 1663 | unlink($databaseDir . $fileName); | ||
3666 | 1664 | } | ||
3667 | 1665 | |||
3668 | 1666 | if (file_exists($databaseDir . 'tn_' . $fileName)) | ||
3669 | 1667 | { | ||
3670 | 1668 | unlink($databaseDir . 'tn_' . $fileName); | ||
3671 | 1669 | } | ||
3672 | 1670 | |||
3673 | 1671 | if (file_exists($databaseDir . 'bg_' . $fileName)) | ||
3674 | 1672 | { | ||
3675 | 1673 | unlink($databaseDir . 'bg_' . $fileName); | ||
3676 | 1674 | } | ||
3677 | 1675 | |||
3678 | 1676 | return true; | ||
3679 | 1677 | } | ||
3680 | 588 | } | 1678 | } |
3681 | 589 | ?> | 1679 | ?> |
3682 | 590 | \ No newline at end of file | 1680 | \ No newline at end of file |
3683 | 591 | 1681 | ||
3684 | === modified file 'server/lib/pages/content.class.php' | |||
3685 | --- server/lib/pages/content.class.php 2011-06-05 16:17:41 +0000 | |||
3686 | +++ server/lib/pages/content.class.php 2011-08-18 23:36:27 +0000 | |||
3687 | @@ -70,11 +70,6 @@ | |||
3688 | 70 | if (isset($_SESSION['content']['usertype'])) $usertype = $_SESSION['content']['usertype']; | 70 | if (isset($_SESSION['content']['usertype'])) $usertype = $_SESSION['content']['usertype']; |
3689 | 71 | if (isset($_SESSION['content']['playlistid'])) $playlistid = $_SESSION['content']['playlistid']; | 71 | if (isset($_SESSION['content']['playlistid'])) $playlistid = $_SESSION['content']['playlistid']; |
3690 | 72 | 72 | ||
3691 | 73 | //shared list | ||
3692 | 74 | $shared = "All"; | ||
3693 | 75 | if (isset($_SESSION['content']['shared'])) $shared = $_SESSION['content']['shared']; | ||
3694 | 76 | $shared_list = dropdownlist("SELECT 'all','All' UNION SELECT permissionID, permission FROM permission", "shared", $shared); | ||
3695 | 77 | |||
3696 | 78 | $filter_userid = ""; | 73 | $filter_userid = ""; |
3697 | 79 | if (isset($_SESSION['content']['filter_userid'])) $filter_userid = $_SESSION['content']['filter_userid']; | 74 | if (isset($_SESSION['content']['filter_userid'])) $filter_userid = $_SESSION['content']['filter_userid']; |
3698 | 80 | 75 | ||
3699 | @@ -122,8 +117,6 @@ | |||
3700 | 122 | <td>$user_list</td> | 117 | <td>$user_list</td> |
3701 | 123 | <td></td> | 118 | <td></td> |
3702 | 124 | <td></td> | 119 | <td></td> |
3703 | 125 | <td>$msgShared</td> | ||
3704 | 126 | <td>$shared_list</td> | ||
3705 | 127 | </tr> | 120 | </tr> |
3706 | 128 | </table> | 121 | </table> |
3707 | 129 | </form> | 122 | </form> |
3708 | @@ -174,12 +167,9 @@ | |||
3709 | 174 | $SQL .= " media.name, "; | 167 | $SQL .= " media.name, "; |
3710 | 175 | $SQL .= " media.type, "; | 168 | $SQL .= " media.type, "; |
3711 | 176 | $SQL .= " media.duration, "; | 169 | $SQL .= " media.duration, "; |
3715 | 177 | $SQL .= " media.userID, "; | 170 | $SQL .= " media.userID "; |
3713 | 178 | $SQL .= " permission.permission, "; | ||
3714 | 179 | $SQL .= " media.permissionID "; | ||
3716 | 180 | $SQL .= "FROM media "; | 171 | $SQL .= "FROM media "; |
3719 | 181 | $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID "; | 172 | $SQL .= "WHERE isEdited = 0 "; |
3718 | 182 | $SQL .= "WHERE 1 = 1 AND isEdited = 0 "; | ||
3720 | 183 | if ($mediatype != "all") | 173 | if ($mediatype != "all") |
3721 | 184 | { | 174 | { |
3722 | 185 | $SQL .= sprintf(" AND media.type = '%s'", $db->escape_string($mediatype)); | 175 | $SQL .= sprintf(" AND media.type = '%s'", $db->escape_string($mediatype)); |
3723 | @@ -192,10 +182,6 @@ | |||
3724 | 192 | { | 182 | { |
3725 | 193 | $SQL .= sprintf(" AND media.userid = %d ", $filter_userid); | 183 | $SQL .= sprintf(" AND media.userid = %d ", $filter_userid); |
3726 | 194 | } | 184 | } |
3727 | 195 | if ($shared != "all") | ||
3728 | 196 | { | ||
3729 | 197 | $SQL .= sprintf(" AND media.permissionID = %d ", $shared); | ||
3730 | 198 | } | ||
3731 | 199 | //retired options | 185 | //retired options |
3732 | 200 | if ($filter_retired == '1') | 186 | if ($filter_retired == '1') |
3733 | 201 | { | 187 | { |
3734 | @@ -220,7 +206,7 @@ | |||
3735 | 220 | $msgType = __('Type'); | 206 | $msgType = __('Type'); |
3736 | 221 | $msgRetired = __('Retired'); | 207 | $msgRetired = __('Retired'); |
3737 | 222 | $msgOwner = __('Owner'); | 208 | $msgOwner = __('Owner'); |
3739 | 223 | $msgShared = __('Shared'); | 209 | $msgShared = __('Permissions'); |
3740 | 224 | $msgAction = __('Action'); | 210 | $msgAction = __('Action'); |
3741 | 225 | 211 | ||
3742 | 226 | $output = <<<END | 212 | $output = <<<END |
3743 | @@ -231,83 +217,86 @@ | |||
3744 | 231 | <th>$msgName</th> | 217 | <th>$msgName</th> |
3745 | 232 | <th>$msgType</th> | 218 | <th>$msgType</th> |
3746 | 233 | <th>h:mi:ss</th> | 219 | <th>h:mi:ss</th> |
3747 | 220 | <th>$msgOwner</th> | ||
3748 | 234 | <th>$msgShared</th> | 221 | <th>$msgShared</th> |
3749 | 235 | <th>$msgOwner</th> | ||
3750 | 236 | <th>$msgAction</th> | 222 | <th>$msgAction</th> |
3751 | 237 | </tr> | 223 | </tr> |
3752 | 238 | </thead> | 224 | </thead> |
3753 | 239 | <tbody> | 225 | <tbody> |
3754 | 240 | END; | 226 | END; |
3755 | 241 | 227 | ||
3819 | 242 | while ($aRow = $db->get_row($results)) | 228 | while ($aRow = $db->get_row($results)) |
3820 | 243 | { | 229 | { |
3821 | 244 | $mediaid = Kit::ValidateParam($aRow[0], _INT); | 230 | $mediaid = Kit::ValidateParam($aRow[0], _INT); |
3822 | 245 | $media = Kit::ValidateParam($aRow[1], _STRING); | 231 | $media = Kit::ValidateParam($aRow[1], _STRING); |
3823 | 246 | $mediatype = Kit::ValidateParam($aRow[2], _WORD); | 232 | $mediatype = Kit::ValidateParam($aRow[2], _WORD); |
3824 | 247 | $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE)); | 233 | $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE)); |
3825 | 248 | $ownerid = Kit::ValidateParam($aRow[4], _INT); | 234 | $ownerid = Kit::ValidateParam($aRow[4], _INT); |
3826 | 249 | 235 | ||
3827 | 250 | $permission = Kit::ValidateParam($aRow[5], _STRING); | 236 | //get the username from the userID using the user module |
3828 | 251 | $permissionid = Kit::ValidateParam($aRow[6], _INT); | 237 | $username = $user->getNameFromID($ownerid); |
3829 | 252 | 238 | ||
3830 | 253 | //get the username from the userID using the user module | 239 | $group = $this->GroupsForMedia($mediaid); |
3831 | 254 | $username = $user->getNameFromID($ownerid); | 240 | |
3832 | 255 | $group = $user->getGroupFromID($ownerid); | 241 | // Permissions |
3833 | 256 | 242 | $auth = $this->user->MediaAuth($mediaid, true); | |
3834 | 257 | //get the permissions | 243 | |
3835 | 258 | list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid); | 244 | if ($auth->view) //is this user allowed to see this |
3836 | 259 | 245 | { | |
3837 | 260 | if ($see_permissions) //is this user allowed to see this | 246 | if ($auth->edit) |
3838 | 261 | { | 247 | { |
3839 | 262 | if ($edit_permissions) | 248 | //double click action - depends on what type of media we are |
3840 | 263 | { | 249 | $output .= <<<END |
3841 | 264 | //double click action - depends on what type of media we are | 250 | <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))"> |
3842 | 265 | $output .= <<<END | 251 | END; |
3843 | 266 | <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))"> | 252 | } |
3844 | 267 | END; | 253 | else |
3845 | 268 | } | 254 | { |
3846 | 269 | else | 255 | $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">'; |
3847 | 270 | { | 256 | } |
3848 | 271 | $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">'; | 257 | |
3849 | 272 | } | 258 | $output .= "<td>$media</td>\n"; |
3850 | 273 | 259 | $output .= "<td>$mediatype</td>\n"; | |
3851 | 274 | $output .= "<td>$media</td>\n"; | 260 | $output .= "<td>$length</td>\n"; |
3852 | 275 | $output .= "<td>$mediatype</td>\n"; | 261 | $output .= "<td>$username</td>"; |
3853 | 276 | $output .= "<td>$length</td>\n"; | 262 | $output .= "<td>$group</td>"; |
3854 | 277 | $output .= "<td>$permission</td>\n"; | 263 | |
3855 | 278 | $output .= "<td>$username</td>"; | 264 | // ACTION buttons |
3856 | 279 | 265 | if ($auth->edit) | |
3857 | 280 | // ACTION buttons | 266 | { |
3858 | 281 | if ($edit_permissions) | 267 | $msgEdit = __('Edit'); |
3859 | 282 | { | 268 | $msgDelete = __('Delete'); |
3860 | 283 | $msgEdit = __('Edit'); | 269 | |
3861 | 284 | $msgDelete = __('Delete'); | 270 | $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>"; |
3862 | 285 | 271 | ||
3863 | 286 | $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>"; | 272 | if ($auth->del) |
3864 | 287 | $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>"; | 273 | $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>"; |
3865 | 288 | } | 274 | |
3866 | 289 | else | 275 | if ($auth->modifyPermissions) |
3867 | 290 | { | 276 | $buttons .= "<button class='XiboFormButton' title='$msgShared' href='index.php?p=module&mod=$mediatype&q=Exec&method=PermissionsForm&mediaid=$mediaid'><span>$msgShared</span></button>"; |
3868 | 291 | $buttons = __("No available actions."); | 277 | } |
3869 | 292 | } | 278 | else |
3870 | 293 | 279 | { | |
3871 | 294 | $output .= <<<END | 280 | $buttons = __("No available actions."); |
3872 | 295 | <td> | 281 | } |
3873 | 296 | <div class='buttons'> | 282 | |
3874 | 297 | $buttons | 283 | $output .= <<<END |
3875 | 298 | </div> | 284 | <td> |
3876 | 299 | </td> | 285 | <div class='buttons'> |
3877 | 300 | END; | 286 | $buttons |
3878 | 301 | 287 | </div> | |
3879 | 302 | $output .= "</tr>\n"; | 288 | </td> |
3880 | 303 | } | 289 | END; |
3881 | 304 | } | 290 | |
3882 | 291 | $output .= "</tr>\n"; | ||
3883 | 292 | } | ||
3884 | 293 | } | ||
3885 | 305 | 294 | ||
3886 | 306 | $output .= "</tbody></table>\n</div>\n"; | 295 | $output .= "</tbody></table>\n</div>\n"; |
3887 | 307 | 296 | ||
3888 | 308 | $response->SetGridResponse($output); | 297 | $response->SetGridResponse($output); |
3891 | 309 | $response->Respond(); | 298 | $response->Respond(); |
3892 | 310 | } | 299 | } |
3893 | 311 | 300 | ||
3894 | 312 | /** | 301 | /** |
3895 | 313 | * Display the forms | 302 | * Display the forms |
3896 | @@ -501,11 +490,8 @@ | |||
3897 | 501 | $SQL .= " media.name, "; | 490 | $SQL .= " media.name, "; |
3898 | 502 | $SQL .= " media.type, "; | 491 | $SQL .= " media.type, "; |
3899 | 503 | $SQL .= " media.duration, "; | 492 | $SQL .= " media.duration, "; |
3903 | 504 | $SQL .= " media.userID, "; | 493 | $SQL .= " media.userID "; |
3901 | 505 | $SQL .= " permission.permission, "; | ||
3902 | 506 | $SQL .= " media.permissionID "; | ||
3904 | 507 | $SQL .= "FROM media "; | 494 | $SQL .= "FROM media "; |
3905 | 508 | $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID "; | ||
3906 | 509 | $SQL .= "WHERE retired = 0 AND isEdited = 0 "; | 495 | $SQL .= "WHERE retired = 0 AND isEdited = 0 "; |
3907 | 510 | if($mediatype != "all") | 496 | if($mediatype != "all") |
3908 | 511 | { | 497 | { |
3909 | @@ -528,7 +514,6 @@ | |||
3910 | 528 | $msgType = __('Type'); | 514 | $msgType = __('Type'); |
3911 | 529 | $msgLen = __('Duration'); | 515 | $msgLen = __('Duration'); |
3912 | 530 | $msgOwner = __('Owner'); | 516 | $msgOwner = __('Owner'); |
3913 | 531 | $msgShared = __('Shared'); | ||
3914 | 532 | $msgSelect = __('Select'); | 517 | $msgSelect = __('Select'); |
3915 | 533 | 518 | ||
3916 | 534 | //some table headings | 519 | //some table headings |
3917 | @@ -543,7 +528,6 @@ | |||
3918 | 543 | <th>$msgName</th> | 528 | <th>$msgName</th> |
3919 | 544 | <th>$msgType</th> | 529 | <th>$msgType</th> |
3920 | 545 | <th>$msgLen</th> | 530 | <th>$msgLen</th> |
3921 | 546 | <th>$msgShared</th> | ||
3922 | 547 | <th>$msgSelect</th> | 531 | <th>$msgSelect</th> |
3923 | 548 | </tr> | 532 | </tr> |
3924 | 549 | </thead> | 533 | </thead> |
3925 | @@ -559,26 +543,21 @@ | |||
3926 | 559 | $length = sec2hms(Kit::ValidateParam($row[3], _DOUBLE)); | 543 | $length = sec2hms(Kit::ValidateParam($row[3], _DOUBLE)); |
3927 | 560 | $ownerid = Kit::ValidateParam($row[4], _INT); | 544 | $ownerid = Kit::ValidateParam($row[4], _INT); |
3928 | 561 | 545 | ||
3929 | 562 | $permission = Kit::ValidateParam($row[5], _STRING); | ||
3930 | 563 | $permissionid = Kit::ValidateParam($row[6], _INT); | ||
3931 | 564 | |||
3932 | 565 | //get the username from the userID using the user module | 546 | //get the username from the userID using the user module |
3933 | 566 | $username = $user->getNameFromID($ownerid); | 547 | $username = $user->getNameFromID($ownerid); |
3934 | 567 | $group = $user->getGroupFromID($ownerid); | 548 | $group = $user->getGroupFromID($ownerid); |
3935 | 568 | 549 | ||
3941 | 569 | //get the permissions | 550 | // Permissions |
3942 | 570 | list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid); | 551 | $auth = $this->user->MediaAuth($mediaid, true); |
3938 | 571 | |||
3939 | 572 | if ($see_permissions) | ||
3940 | 573 | { //is this user allowed to see this | ||
3943 | 574 | 552 | ||
3951 | 575 | $form .= "<tr>"; | 553 | if ($auth->view) //is this user allowed to see this |
3952 | 576 | $form .= "<td>" . $media . "</td>\n"; | 554 | { |
3953 | 577 | $form .= "<td>" . $mediatype . "</td>\n"; | 555 | $form .= "<tr>"; |
3954 | 578 | $form .= "<td>" . $length . "</td>\n"; | 556 | $form .= "<td>" . $media . "</td>\n"; |
3955 | 579 | $form .= "<td>" . $permission . "</td>\n"; | 557 | $form .= "<td>" . $mediatype . "</td>\n"; |
3956 | 580 | $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>"; | 558 | $form .= "<td>" . $length . "</td>\n"; |
3957 | 581 | $form .= "</tr>"; | 559 | $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>"; |
3958 | 560 | $form .= "</tr>"; | ||
3959 | 582 | } | 561 | } |
3960 | 583 | } | 562 | } |
3961 | 584 | 563 | ||
3962 | @@ -674,5 +653,42 @@ | |||
3963 | 674 | Debug::LogEntry($db, "audit", "[OUT]", "FileUpload"); | 653 | Debug::LogEntry($db, "audit", "[OUT]", "FileUpload"); |
3964 | 675 | exit; | 654 | exit; |
3965 | 676 | } | 655 | } |
3966 | 656 | |||
3967 | 657 | /** | ||
3968 | 658 | * Get a list of group names for a layout | ||
3969 | 659 | * @param <type> $layoutId | ||
3970 | 660 | * @return <type> | ||
3971 | 661 | */ | ||
3972 | 662 | private function GroupsForMedia($mediaId) | ||
3973 | 663 | { | ||
3974 | 664 | $db =& $this->db; | ||
3975 | 665 | |||
3976 | 666 | $SQL = ''; | ||
3977 | 667 | $SQL .= 'SELECT `group`.Group '; | ||
3978 | 668 | $SQL .= ' FROM `group` '; | ||
3979 | 669 | $SQL .= ' INNER JOIN lkmediagroup '; | ||
3980 | 670 | $SQL .= ' ON `group`.GroupID = lkmediagroup.GroupID '; | ||
3981 | 671 | $SQL .= ' WHERE lkmediagroup.MediaID = %d '; | ||
3982 | 672 | |||
3983 | 673 | $SQL = sprintf($SQL, $mediaId); | ||
3984 | 674 | |||
3985 | 675 | if (!$results = $db->query($SQL)) | ||
3986 | 676 | { | ||
3987 | 677 | trigger_error($db->error()); | ||
3988 | 678 | trigger_error(__('Unable to get group information for media'), E_USER_ERROR); | ||
3989 | 679 | } | ||
3990 | 680 | |||
3991 | 681 | $groups = ''; | ||
3992 | 682 | |||
3993 | 683 | while ($row = $db->get_assoc_row($results)) | ||
3994 | 684 | { | ||
3995 | 685 | $groups .= $row['Group'] . ', '; | ||
3996 | 686 | } | ||
3997 | 687 | |||
3998 | 688 | $groups = trim($groups); | ||
3999 | 689 | $groups = trim($groups, ','); | ||
4000 | 690 | |||
4001 | 691 | return $groups; | ||
4002 | 692 | } | ||
4003 | 677 | } | 693 | } |
4004 | 678 | ?> | 694 | ?> |
4005 | 679 | \ No newline at end of file | 695 | \ No newline at end of file |
4006 | 680 | 696 | ||
4007 | === added file 'server/lib/pages/dataset.class.php' | |||
4008 | --- server/lib/pages/dataset.class.php 1970-01-01 00:00:00 +0000 | |||
4009 | +++ server/lib/pages/dataset.class.php 2011-08-18 23:36:27 +0000 | |||
4010 | @@ -0,0 +1,1022 @@ | |||
4011 | 1 | <?php | ||
4012 | 2 | /* | ||
4013 | 3 | * Xibo - Digitial Signage - http://www.xibo.org.uk | ||
4014 | 4 | * Copyright (C) 2011 Daniel Garner | ||
4015 | 5 | * | ||
4016 | 6 | * This file is part of Xibo. | ||
4017 | 7 | * | ||
4018 | 8 | * Xibo is free software: you can redistribute it and/or modify | ||
4019 | 9 | * it under the terms of the GNU Affero General Public License as published by | ||
4020 | 10 | * the Free Software Foundation, either version 3 of the License, or | ||
4021 | 11 | * any later version. | ||
4022 | 12 | * | ||
4023 | 13 | * Xibo is distributed in the hope that it will be useful, | ||
4024 | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
4025 | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
4026 | 16 | * GNU Affero General Public License for more details. | ||
4027 | 17 | * | ||
4028 | 18 | * You should have received a copy of the GNU Affero General Public License | ||
4029 | 19 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. | ||
4030 | 20 | */ | ||
4031 | 21 | defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); | ||
4032 | 22 | |||
4033 | 23 | class datasetDAO | ||
4034 | 24 | { | ||
4035 | 25 | private $db; | ||
4036 | 26 | private $user; | ||
4037 | 27 | |||
4038 | 28 | function __construct(database $db, user $user) | ||
4039 | 29 | { | ||
4040 | 30 | $this->db =& $db; | ||
4041 | 31 | $this->user =& $user; | ||
4042 | 32 | |||
4043 | 33 | Kit::ClassLoader('dataset'); | ||
4044 | 34 | Kit::ClassLoader('datasetcolumn'); | ||
4045 | 35 | Kit::ClassLoader('datasetdata'); | ||
4046 | 36 | } | ||
4047 | 37 | |||
4048 | 38 | function on_page_load() | ||
4049 | 39 | { | ||
4050 | 40 | return ""; | ||
4051 | 41 | } | ||
4052 | 42 | |||
4053 | 43 | function echo_page_heading() | ||
4054 | 44 | { | ||
4055 | 45 | echo __("Layouts"); | ||
4056 | 46 | return true; | ||
4057 | 47 | } | ||
4058 | 48 | |||
4059 | 49 | function displayPage() | ||
4060 | 50 | { | ||
4061 | 51 | require('template/pages/dataset_view.php'); | ||
4062 | 52 | } | ||
4063 | 53 | |||
4064 | 54 | public function DataSetFilter() | ||
4065 | 55 | { | ||
4066 | 56 | $id = uniqid(); | ||
4067 | 57 | |||
4068 | 58 | $xiboGrid = <<<HTML | ||
4069 | 59 | <div class="XiboGrid" id="$id"> | ||
4070 | 60 | <div class="XiboFilter"> | ||
4071 | 61 | <form onsubmit="return false"> | ||
4072 | 62 | <input type="hidden" name="p" value="dataset"> | ||
4073 | 63 | <input type="hidden" name="q" value="DataSetGrid"> | ||
4074 | 64 | </form> | ||
4075 | 65 | </div> | ||
4076 | 66 | <div class="XiboData"> | ||
4077 | 67 | |||
4078 | 68 | </div> | ||
4079 | 69 | </div> | ||
4080 | 70 | HTML; | ||
4081 | 71 | echo $xiboGrid; | ||
4082 | 72 | } | ||
4083 | 73 | |||
4084 | 74 | public function DataSetGrid() | ||
4085 | 75 | { | ||
4086 | 76 | $db =& $this->db; | ||
4087 | 77 | $user =& $this->user; | ||
4088 | 78 | $response = new ResponseManager(); | ||
4089 | 79 | |||
4090 | 80 | $msgEdit = __('Edit'); | ||
4091 | 81 | $msgDelete = __('Delete'); | ||
4092 | 82 | $msgPermissions = __('Permissions'); | ||
4093 | 83 | |||
4094 | 84 | $output = <<<END | ||
4095 | 85 | <div class="info_table"> | ||
4096 | 86 | <table style="width:100%"> | ||
4097 | 87 | <thead> | ||
4098 | 88 | <tr> | ||
4099 | 89 | <th>Name</th> | ||
4100 | 90 | <th>Description</th> | ||
4101 | 91 | <th>Owner</th> | ||
4102 | 92 | <th>$msgPermissions</th> | ||
4103 | 93 | <th>Action</th> | ||
4104 | 94 | </tr> | ||
4105 | 95 | </thead> | ||
4106 | 96 | <tbody> | ||
4107 | 97 | END; | ||
4108 | 98 | |||
4109 | 99 | foreach($this->user->DataSetList() as $dataSet) | ||
4110 | 100 | { | ||
4111 | 101 | $auth = $user->DataSetAuth($dataSet['datasetid'], true); | ||
4112 | 102 | $owner = $user->getNameFromID($dataSet['ownerid']); | ||
4113 | 103 | $groups = $this->GroupsForDataSet($dataSet['datasetid']); | ||
4114 | 104 | |||
4115 | 105 | $output .= '<tr>'; | ||
4116 | 106 | $output .= ' <td>' . $dataSet['dataset'] . '</td>'; | ||
4117 | 107 | $output .= ' <td>' . $dataSet['description'] . '</td>'; | ||
4118 | 108 | $output .= ' <td>' . $owner . '</td>'; | ||
4119 | 109 | $output .= ' <td>' . $groups . '</td>'; | ||
4120 | 110 | $output .= ' <td>'; | ||
4121 | 111 | |||
4122 | 112 | if ($auth->edit) | ||
4123 | 113 | { | ||
4124 | 114 | $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Data') . '</span></button>'; | ||
4125 | 115 | $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Columns') . '</span></button>'; | ||
4126 | 116 | $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgEdit . '</span></button>'; | ||
4127 | 117 | } | ||
4128 | 118 | |||
4129 | 119 | if ($auth->del) | ||
4130 | 120 | $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgDelete . '</span></button>'; | ||
4131 | 121 | |||
4132 | 122 | if ($auth->modifyPermissions) | ||
4133 | 123 | $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=PermissionsForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgPermissions . '</span></button>'; | ||
4134 | 124 | |||
4135 | 125 | $output .= ' </td>'; | ||
4136 | 126 | $output .= '</tr>'; | ||
4137 | 127 | } | ||
4138 | 128 | |||
4139 | 129 | $output .= '</tbody></table></div>'; | ||
4140 | 130 | $response->SetGridResponse($output); | ||
4141 | 131 | $response->Respond(); | ||
4142 | 132 | } | ||
4143 | 133 | |||
4144 | 134 | public function AddDataSetForm() | ||
4145 | 135 | { | ||
4146 | 136 | $db =& $this->db; | ||
4147 | 137 | $user =& $this->user; | ||
4148 | 138 | $response = new ResponseManager(); | ||
4149 | 139 | |||
4150 | 140 | $helpManager = new HelpManager($db, $user); | ||
4151 | 141 | |||
4152 | 142 | $msgName = __('Name'); | ||
4153 | 143 | $msgDesc = __('Description'); | ||
4154 | 144 | |||
4155 | 145 | $form = <<<END | ||
4156 | 146 | <form id="AddDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSet"> | ||
4157 | 147 | <table> | ||
4158 | 148 | <tr> | ||
4159 | 149 | <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td> | ||
4160 | 150 | <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" /></td> | ||
4161 | 151 | </tr> | ||
4162 | 152 | <tr> | ||
4163 | 153 | <td><label for="description" accesskey="d">$msgDesc</label></td> | ||
4164 | 154 | <td><input name="description" type="text" id="description" tabindex="2" /></td> | ||
4165 | 155 | </tr> | ||
4166 | 156 | </table> | ||
4167 | 157 | </form> | ||
4168 | 158 | END; | ||
4169 | 159 | |||
4170 | 160 | |||
4171 | 161 | $response->SetFormRequestResponse($form, __('Add DataSet'), '350px', '275px'); | ||
4172 | 162 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")'); | ||
4173 | 163 | $response->AddButton(__('Cancel'), 'XiboDialogClose()'); | ||
4174 | 164 | $response->AddButton(__('Add'), '$("#AddDataSetForm").submit()'); | ||
4175 | 165 | $response->Respond(); | ||
4176 | 166 | } | ||
4177 | 167 | |||
4178 | 168 | /** | ||
4179 | 169 | * Add a dataset | ||
4180 | 170 | */ | ||
4181 | 171 | public function AddDataSet() | ||
4182 | 172 | { | ||
4183 | 173 | $db =& $this->db; | ||
4184 | 174 | $user =& $this->user; | ||
4185 | 175 | $response = new ResponseManager(); | ||
4186 | 176 | |||
4187 | 177 | $dataSet = Kit::GetParam('dataset', _POST, _STRING); | ||
4188 | 178 | $description = Kit::GetParam('description', _POST, _STRING); | ||
4189 | 179 | |||
4190 | 180 | $dataSetObject = new DataSet($db); | ||
4191 | 181 | if (!$dataSetId = $dataSetObject->Add($dataSet, $description, $this->user->userid)) | ||
4192 | 182 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4193 | 183 | |||
4194 | 184 | // Also add one column | ||
4195 | 185 | $dataSetColumn = new DataSetColumn($db); | ||
4196 | 186 | $dataSetColumn->Add($dataSetId, 'Col1', 1, null, 1); | ||
4197 | 187 | |||
4198 | 188 | $response->SetFormSubmitResponse(__('DataSet Added')); | ||
4199 | 189 | $response->Respond(); | ||
4200 | 190 | } | ||
4201 | 191 | |||
4202 | 192 | public function EditDataSetForm() | ||
4203 | 193 | { | ||
4204 | 194 | $db =& $this->db; | ||
4205 | 195 | $user =& $this->user; | ||
4206 | 196 | $response = new ResponseManager(); | ||
4207 | 197 | |||
4208 | 198 | $helpManager = new HelpManager($db, $user); | ||
4209 | 199 | |||
4210 | 200 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4211 | 201 | |||
4212 | 202 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4213 | 203 | if (!$auth->edit) | ||
4214 | 204 | trigger_error(__('Access Denied')); | ||
4215 | 205 | |||
4216 | 206 | // Get the information we already know | ||
4217 | 207 | $SQL = sprintf("SELECT DataSet, Description FROM dataset WHERE DataSetID = %d", $dataSetId); | ||
4218 | 208 | |||
4219 | 209 | if (!$row = $db->GetSingleRow($SQL)) | ||
4220 | 210 | trigger_error(__('Unable to get DataSet information')); | ||
4221 | 211 | |||
4222 | 212 | $dataSet = $row['DataSet']; | ||
4223 | 213 | $description = $row['Description']; | ||
4224 | 214 | |||
4225 | 215 | $msgName = __('Name'); | ||
4226 | 216 | $msgDesc = __('Description'); | ||
4227 | 217 | |||
4228 | 218 | $form = <<<END | ||
4229 | 219 | <form id="EditDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSet"> | ||
4230 | 220 | <input type="hidden" name="datasetid" value="$dataSetId" /> | ||
4231 | 221 | <table> | ||
4232 | 222 | <tr> | ||
4233 | 223 | <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td> | ||
4234 | 224 | <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" value="$dataSet" /></td> | ||
4235 | 225 | </tr> | ||
4236 | 226 | <tr> | ||
4237 | 227 | <td><label for="description" accesskey="d">$msgDesc</label></td> | ||
4238 | 228 | <td><input name="description" type="text" id="description" tabindex="2" value="$description" /></td> | ||
4239 | 229 | </tr> | ||
4240 | 230 | </table> | ||
4241 | 231 | </form> | ||
4242 | 232 | END; | ||
4243 | 233 | |||
4244 | 234 | |||
4245 | 235 | $response->SetFormRequestResponse($form, __('Edit DataSet'), '350px', '275px'); | ||
4246 | 236 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")'); | ||
4247 | 237 | $response->AddButton(__('Cancel'), 'XiboDialogClose()'); | ||
4248 | 238 | $response->AddButton(__('Edit'), '$("#EditDataSetForm").submit()'); | ||
4249 | 239 | $response->Respond(); | ||
4250 | 240 | } | ||
4251 | 241 | |||
4252 | 242 | public function EditDataSet() | ||
4253 | 243 | { | ||
4254 | 244 | $db =& $this->db; | ||
4255 | 245 | $user =& $this->user; | ||
4256 | 246 | $response = new ResponseManager(); | ||
4257 | 247 | |||
4258 | 248 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4259 | 249 | |||
4260 | 250 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4261 | 251 | if (!$auth->edit) | ||
4262 | 252 | trigger_error(__('Access Denied')); | ||
4263 | 253 | |||
4264 | 254 | $dataSet = Kit::GetParam('dataset', _POST, _STRING); | ||
4265 | 255 | $description = Kit::GetParam('description', _POST, _STRING); | ||
4266 | 256 | |||
4267 | 257 | $dataSetObject = new DataSet($db); | ||
4268 | 258 | if (!$dataSetObject->Edit($dataSetId, $dataSet, $description)) | ||
4269 | 259 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4270 | 260 | |||
4271 | 261 | $response->SetFormSubmitResponse(__('DataSet Edited')); | ||
4272 | 262 | $response->Respond(); | ||
4273 | 263 | } | ||
4274 | 264 | |||
4275 | 265 | /** | ||
4276 | 266 | * Return the Delete Form as HTML | ||
4277 | 267 | * @return | ||
4278 | 268 | */ | ||
4279 | 269 | public function DeleteDataSetForm() | ||
4280 | 270 | { | ||
4281 | 271 | $db =& $this->db; | ||
4282 | 272 | $response = new ResponseManager(); | ||
4283 | 273 | $helpManager = new HelpManager($db, $this->user); | ||
4284 | 274 | |||
4285 | 275 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4286 | 276 | |||
4287 | 277 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4288 | 278 | if (!$auth->del) | ||
4289 | 279 | trigger_error(__('Access Denied')); | ||
4290 | 280 | |||
4291 | 281 | // Translate messages | ||
4292 | 282 | $msgDelete = __('Are you sure you want to delete this DataSet?'); | ||
4293 | 283 | $msgYes = __('Yes'); | ||
4294 | 284 | $msgNo = __('No'); | ||
4295 | 285 | |||
4296 | 286 | //we can delete | ||
4297 | 287 | $form = <<<END | ||
4298 | 288 | <form id="DataSetDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSet"> | ||
4299 | 289 | <input type="hidden" name="datasetid" value="$dataSetId"> | ||
4300 | 290 | <p>$msgDelete</p> | ||
4301 | 291 | </form> | ||
4302 | 292 | END; | ||
4303 | 293 | |||
4304 | 294 | $response->SetFormRequestResponse($form, __('Delete this DataSet?'), '350px', '200px'); | ||
4305 | 295 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Delete') . '")'); | ||
4306 | 296 | $response->AddButton(__('Cancel'), 'XiboDialogClose()'); | ||
4307 | 297 | $response->AddButton(__('Delete'), '$("#DataSetDeleteForm").submit()'); | ||
4308 | 298 | $response->Respond(); | ||
4309 | 299 | } | ||
4310 | 300 | |||
4311 | 301 | public function DeleteDataSet() | ||
4312 | 302 | { | ||
4313 | 303 | $db =& $this->db; | ||
4314 | 304 | $user =& $this->user; | ||
4315 | 305 | $response = new ResponseManager(); | ||
4316 | 306 | |||
4317 | 307 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4318 | 308 | |||
4319 | 309 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4320 | 310 | if (!$auth->del) | ||
4321 | 311 | trigger_error(__('Access Denied')); | ||
4322 | 312 | |||
4323 | 313 | $dataSetObject = new DataSet($db); | ||
4324 | 314 | if (!$dataSetObject->Delete($dataSetId)) | ||
4325 | 315 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4326 | 316 | |||
4327 | 317 | $response->SetFormSubmitResponse(__('DataSet Deleted')); | ||
4328 | 318 | $response->Respond(); | ||
4329 | 319 | } | ||
4330 | 320 | |||
4331 | 321 | public function DataSetColumnsForm() | ||
4332 | 322 | { | ||
4333 | 323 | $db =& $this->db; | ||
4334 | 324 | $response = new ResponseManager(); | ||
4335 | 325 | $helpManager = new HelpManager($db, $this->user); | ||
4336 | 326 | |||
4337 | 327 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4338 | 328 | $dataSet = Kit::GetParam('dataset', _GET, _STRING); | ||
4339 | 329 | |||
4340 | 330 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4341 | 331 | if (!$auth->edit) | ||
4342 | 332 | trigger_error(__('Access Denied')); | ||
4343 | 333 | |||
4344 | 334 | $msgEdit = __('Edit'); | ||
4345 | 335 | $msgDelete = __('Delete'); | ||
4346 | 336 | |||
4347 | 337 | $form = <<<END | ||
4348 | 338 | <div class="info_table"> | ||
4349 | 339 | <table style="width:100%"> | ||
4350 | 340 | <thead> | ||
4351 | 341 | <tr> | ||
4352 | 342 | <th>Heading</th> | ||
4353 | 343 | <th>Data Type</th> | ||
4354 | 344 | <th>List Content</th> | ||
4355 | 345 | <th>Column Order</th> | ||
4356 | 346 | <th>Action</th> | ||
4357 | 347 | </tr> | ||
4358 | 348 | </thead> | ||
4359 | 349 | <tbody> | ||
4360 | 350 | END; | ||
4361 | 351 | |||
4362 | 352 | $SQL = ""; | ||
4363 | 353 | $SQL .= "SELECT DataSetColumnID, Heading, DataTypeID, ListContent, ColumnOrder "; | ||
4364 | 354 | $SQL .= " FROM datasetcolumn "; | ||
4365 | 355 | $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId); | ||
4366 | 356 | $SQL .= "ORDER BY ColumnOrder "; | ||
4367 | 357 | |||
4368 | 358 | if (!$results = $db->query($SQL)) | ||
4369 | 359 | trigger_error(__('Unable to get columns for DataSet')); | ||
4370 | 360 | |||
4371 | 361 | while ($row = $db->get_assoc_row($results)) | ||
4372 | 362 | { | ||
4373 | 363 | $form .= '<tr>'; | ||
4374 | 364 | $form .= ' <td>' . $row['Heading'] . '</td>'; | ||
4375 | 365 | $form .= ' <td>String</td>'; | ||
4376 | 366 | $form .= ' <td>' . $row['ListContent'] . '</td>'; | ||
4377 | 367 | $form .= ' <td>' . $row['ColumnOrder'] . '</td>'; | ||
4378 | 368 | $form .= ' <td>'; | ||
4379 | 369 | $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgEdit . '</span></button>'; | ||
4380 | 370 | |||
4381 | 371 | if ($auth->del) | ||
4382 | 372 | $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgDelete . '</span></button>'; | ||
4383 | 373 | |||
4384 | 374 | $form .= ' </td>'; | ||
4385 | 375 | $form .= '</tr>'; | ||
4386 | 376 | } | ||
4387 | 377 | |||
4388 | 378 | $form .= '</tbody></table></div>'; | ||
4389 | 379 | |||
4390 | 380 | $response->SetFormRequestResponse($form, sprintf(__('Columns for %s'), $dataSet), '550px', '400px'); | ||
4391 | 381 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'ViewColumns') . '")'); | ||
4392 | 382 | $response->AddButton(__('Close'), 'XiboDialogClose()'); | ||
4393 | 383 | $response->AddButton(__('Add Column'), 'XiboFormRender("index.php?p=dataset&q=AddDataSetColumnForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); | ||
4394 | 384 | $response->Respond(); | ||
4395 | 385 | } | ||
4396 | 386 | |||
4397 | 387 | public function AddDataSetColumnForm() | ||
4398 | 388 | { | ||
4399 | 389 | $db =& $this->db; | ||
4400 | 390 | $response = new ResponseManager(); | ||
4401 | 391 | $helpManager = new HelpManager($db, $this->user); | ||
4402 | 392 | |||
4403 | 393 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4404 | 394 | $dataSet = Kit::GetParam('dataset', _GET, _STRING); | ||
4405 | 395 | |||
4406 | 396 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4407 | 397 | if (!$auth->edit) | ||
4408 | 398 | trigger_error(__('Access Denied')); | ||
4409 | 399 | |||
4410 | 400 | $msgHeading = __('Heading'); | ||
4411 | 401 | $msgListContent = __('List Content'); | ||
4412 | 402 | $msgColumnOrder = __('Column Order'); | ||
4413 | 403 | |||
4414 | 404 | $form = <<<END | ||
4415 | 405 | <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSetColumn"> | ||
4416 | 406 | <input type="hidden" name="dataset" value="$dataSet" /> | ||
4417 | 407 | <input type="hidden" name="datasetid" value="$dataSetId" /> | ||
4418 | 408 | <table> | ||
4419 | 409 | <tr> | ||
4420 | 410 | <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td> | ||
4421 | 411 | <td><input name="heading" class="required" type="text" id="heading" tabindex="1" /></td> | ||
4422 | 412 | </tr> | ||
4423 | 413 | <tr> | ||
4424 | 414 | <td><label for="listcontent" accesskey="l">$msgListContent</label></td> | ||
4425 | 415 | <td><input name="listcontent" type="text" id="listcontent" tabindex="2" /></td> | ||
4426 | 416 | </tr> | ||
4427 | 417 | <tr> | ||
4428 | 418 | <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td> | ||
4429 | 419 | <td><input name="columnorder" type="text" id="columnorder" tabindex="3" /></td> | ||
4430 | 420 | </tr> | ||
4431 | 421 | </table> | ||
4432 | 422 | </form> | ||
4433 | 423 | END; | ||
4434 | 424 | |||
4435 | 425 | $response->SetFormRequestResponse($form, __('Add Column'), '450px', '400px'); | ||
4436 | 426 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")'); | ||
4437 | 427 | $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); | ||
4438 | 428 | $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()'); | ||
4439 | 429 | $response->Respond(); | ||
4440 | 430 | } | ||
4441 | 431 | |||
4442 | 432 | public function AddDataSetColumn() | ||
4443 | 433 | { | ||
4444 | 434 | $db =& $this->db; | ||
4445 | 435 | $user =& $this->user; | ||
4446 | 436 | $response = new ResponseManager(); | ||
4447 | 437 | |||
4448 | 438 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4449 | 439 | $dataSet = Kit::GetParam('dataset', _POST, _STRING); | ||
4450 | 440 | |||
4451 | 441 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4452 | 442 | if (!$auth->edit) | ||
4453 | 443 | trigger_error(__('Access Denied')); | ||
4454 | 444 | |||
4455 | 445 | $heading = Kit::GetParam('heading', _POST, _WORD); | ||
4456 | 446 | $listContent = Kit::GetParam('listcontent', _POST, _STRING); | ||
4457 | 447 | $columnOrder = Kit::GetParam('columnorder', _POST, _INT); | ||
4458 | 448 | |||
4459 | 449 | $dataSetObject = new DataSetColumn($db); | ||
4460 | 450 | if (!$dataSetObject->Add($dataSetId, $heading, 1, $listContent)) | ||
4461 | 451 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4462 | 452 | |||
4463 | 453 | $response->SetFormSubmitResponse(__('Column Edited')); | ||
4464 | 454 | $response->hideMessage = true; | ||
4465 | 455 | $response->loadForm = true; | ||
4466 | 456 | $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; | ||
4467 | 457 | $response->Respond(); | ||
4468 | 458 | } | ||
4469 | 459 | |||
4470 | 460 | public function EditDataSetColumnForm() | ||
4471 | 461 | { | ||
4472 | 462 | $db =& $this->db; | ||
4473 | 463 | $response = new ResponseManager(); | ||
4474 | 464 | $helpManager = new HelpManager($db, $this->user); | ||
4475 | 465 | |||
4476 | 466 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4477 | 467 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT); | ||
4478 | 468 | $dataSet = Kit::GetParam('dataset', _GET, _STRING); | ||
4479 | 469 | |||
4480 | 470 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4481 | 471 | if (!$auth->edit) | ||
4482 | 472 | trigger_error(__('Access Denied')); | ||
4483 | 473 | |||
4484 | 474 | // Get some information about this data set column | ||
4485 | 475 | $SQL = sprintf("SELECT Heading, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetColumnID = %d", $dataSetColumnId); | ||
4486 | 476 | |||
4487 | 477 | if (!$row = $db->GetSingleRow($SQL)) | ||
4488 | 478 | trigger_error(__('Unabled to get Data Column information'), E_USER_ERROR); | ||
4489 | 479 | |||
4490 | 480 | $heading = Kit::ValidateParam($row['Heading'], _WORD); | ||
4491 | 481 | $listContent = Kit::ValidateParam($row['ListContent'], _STRING); | ||
4492 | 482 | $columnOrder = Kit::ValidateParam($row['ColumnOrder'], _INT); | ||
4493 | 483 | |||
4494 | 484 | $msgHeading = __('Heading'); | ||
4495 | 485 | $msgListContent = __('List Content'); | ||
4496 | 486 | $msgColumnOrder = __('Column Order'); | ||
4497 | 487 | |||
4498 | 488 | $form = <<<END | ||
4499 | 489 | <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSetColumn"> | ||
4500 | 490 | <input type="hidden" name="dataset" value="$dataSet" /> | ||
4501 | 491 | <input type="hidden" name="datasetid" value="$dataSetId" /> | ||
4502 | 492 | <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId" /> | ||
4503 | 493 | <table> | ||
4504 | 494 | <tr> | ||
4505 | 495 | <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td> | ||
4506 | 496 | <td><input name="heading" class="required" type="text" id="heading" tabindex="1" value="$heading" /></td> | ||
4507 | 497 | </tr> | ||
4508 | 498 | <tr> | ||
4509 | 499 | <td><label for="listcontent" accesskey="l">$msgListContent</label></td> | ||
4510 | 500 | <td><input name="listcontent" type="text" id="listcontent" tabindex="2" value="$listContent" /></td> | ||
4511 | 501 | </tr> | ||
4512 | 502 | <tr> | ||
4513 | 503 | <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td> | ||
4514 | 504 | <td><input name="columnorder" type="text" id="columnorder" tabindex="3" value="$columnOrder" /></td> | ||
4515 | 505 | </tr> | ||
4516 | 506 | </table> | ||
4517 | 507 | </form> | ||
4518 | 508 | END; | ||
4519 | 509 | |||
4520 | 510 | $response->SetFormRequestResponse($form, __('Edit Column'), '450px', '400px'); | ||
4521 | 511 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")'); | ||
4522 | 512 | $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); | ||
4523 | 513 | $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()'); | ||
4524 | 514 | $response->Respond(); | ||
4525 | 515 | } | ||
4526 | 516 | |||
4527 | 517 | public function EditDataSetColumn() | ||
4528 | 518 | { | ||
4529 | 519 | $db =& $this->db; | ||
4530 | 520 | $user =& $this->user; | ||
4531 | 521 | $response = new ResponseManager(); | ||
4532 | 522 | |||
4533 | 523 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4534 | 524 | $dataSet = Kit::GetParam('dataset', _POST, _STRING); | ||
4535 | 525 | |||
4536 | 526 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4537 | 527 | if (!$auth->edit) | ||
4538 | 528 | trigger_error(__('Access Denied')); | ||
4539 | 529 | |||
4540 | 530 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); | ||
4541 | 531 | $heading = Kit::GetParam('heading', _POST, _WORD); | ||
4542 | 532 | $listContent = Kit::GetParam('listcontent', _POST, _STRING); | ||
4543 | 533 | $columnOrder = Kit::GetParam('columnorder', _POST, _INT); | ||
4544 | 534 | |||
4545 | 535 | $dataSetObject = new DataSetColumn($db); | ||
4546 | 536 | if (!$dataSetObject->Edit($dataSetColumnId, $heading, 1, $listContent, $columnOrder)) | ||
4547 | 537 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4548 | 538 | |||
4549 | 539 | $response->SetFormSubmitResponse(__('Column Edited')); | ||
4550 | 540 | $response->hideMessage = true; | ||
4551 | 541 | $response->loadForm = true; | ||
4552 | 542 | $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; | ||
4553 | 543 | $response->Respond(); | ||
4554 | 544 | } | ||
4555 | 545 | |||
4556 | 546 | public function DeleteDataSetColumnForm() | ||
4557 | 547 | { | ||
4558 | 548 | $db =& $this->db; | ||
4559 | 549 | $response = new ResponseManager(); | ||
4560 | 550 | $helpManager = new HelpManager($db, $this->user); | ||
4561 | 551 | |||
4562 | 552 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4563 | 553 | $dataSet = Kit::GetParam('dataset', _GET, _STRING); | ||
4564 | 554 | |||
4565 | 555 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4566 | 556 | if (!$auth->edit) | ||
4567 | 557 | trigger_error(__('Access Denied')); | ||
4568 | 558 | |||
4569 | 559 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT); | ||
4570 | 560 | |||
4571 | 561 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4572 | 562 | if (!$auth->del) | ||
4573 | 563 | trigger_error(__('Access Denied')); | ||
4574 | 564 | |||
4575 | 565 | // Translate messages | ||
4576 | 566 | $msgDelete = __('Are you sure you want to delete this Column?'); | ||
4577 | 567 | $msgYes = __('Yes'); | ||
4578 | 568 | $msgNo = __('No'); | ||
4579 | 569 | |||
4580 | 570 | //we can delete | ||
4581 | 571 | $form = <<<END | ||
4582 | 572 | <form id="DataSetColumnDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSetColumn"> | ||
4583 | 573 | <input type="hidden" name="datasetid" value="$dataSetId"> | ||
4584 | 574 | <input type="hidden" name="dataset" value="$dataSet"> | ||
4585 | 575 | <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId"> | ||
4586 | 576 | <p>$msgDelete</p> | ||
4587 | 577 | </form> | ||
4588 | 578 | END; | ||
4589 | 579 | |||
4590 | 580 | $response->SetFormRequestResponse($form, __('Delete this Column?'), '350px', '200px'); | ||
4591 | 581 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'DeleteColumn') . '")'); | ||
4592 | 582 | $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); | ||
4593 | 583 | $response->AddButton(__('Delete'), '$("#DataSetColumnDeleteForm").submit()'); | ||
4594 | 584 | $response->Respond(); | ||
4595 | 585 | } | ||
4596 | 586 | |||
4597 | 587 | public function DeleteDataSetColumn() | ||
4598 | 588 | { | ||
4599 | 589 | $db =& $this->db; | ||
4600 | 590 | $user =& $this->user; | ||
4601 | 591 | $response = new ResponseManager(); | ||
4602 | 592 | |||
4603 | 593 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4604 | 594 | $dataSet = Kit::GetParam('dataset', _POST, _STRING); | ||
4605 | 595 | |||
4606 | 596 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4607 | 597 | if (!$auth->edit) | ||
4608 | 598 | trigger_error(__('Access Denied')); | ||
4609 | 599 | |||
4610 | 600 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); | ||
4611 | 601 | |||
4612 | 602 | $dataSetObject = new DataSetColumn($db); | ||
4613 | 603 | if (!$dataSetObject->Delete($dataSetColumnId)) | ||
4614 | 604 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4615 | 605 | |||
4616 | 606 | $response->SetFormSubmitResponse(__('Column Deleted')); | ||
4617 | 607 | $response->hideMessage = true; | ||
4618 | 608 | $response->loadForm = true; | ||
4619 | 609 | $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; | ||
4620 | 610 | $response->Respond(); | ||
4621 | 611 | } | ||
4622 | 612 | |||
4623 | 613 | public function DataSetDataForm() | ||
4624 | 614 | { | ||
4625 | 615 | $db =& $this->db; | ||
4626 | 616 | $response = new ResponseManager(); | ||
4627 | 617 | $helpManager = new HelpManager($db, $this->user); | ||
4628 | 618 | |||
4629 | 619 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4630 | 620 | $dataSet = Kit::GetParam('dataset', _GET, _STRING); | ||
4631 | 621 | |||
4632 | 622 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4633 | 623 | if (!$auth->edit) | ||
4634 | 624 | trigger_error(__('Access Denied')); | ||
4635 | 625 | |||
4636 | 626 | // Get the max number of rows | ||
4637 | 627 | $SQL = ""; | ||
4638 | 628 | $SQL .= "SELECT MAX(RowNumber) AS RowNumber, COUNT(DISTINCT datasetcolumn.DataSetColumnID) AS ColNumber "; | ||
4639 | 629 | $SQL .= " FROM datasetdata "; | ||
4640 | 630 | $SQL .= " RIGHT OUTER JOIN datasetcolumn "; | ||
4641 | 631 | $SQL .= " ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID "; | ||
4642 | 632 | $SQL .= sprintf("WHERE datasetcolumn.DataSetID = %d ", $dataSetId); | ||
4643 | 633 | |||
4644 | 634 | Debug::LogEntry($db, 'audit', $SQL, 'dataset', 'DataSetDataForm'); | ||
4645 | 635 | |||
4646 | 636 | if (!$maxResult = $db->GetSingleRow($SQL)) | ||
4647 | 637 | { | ||
4648 | 638 | trigger_error($db->error()); | ||
4649 | 639 | trigger_error(__('Unable to find the number of data points'), E_USER_ERROR); | ||
4650 | 640 | } | ||
4651 | 641 | |||
4652 | 642 | $maxRows = $maxResult['RowNumber']; | ||
4653 | 643 | $maxCols = $maxResult['ColNumber']; | ||
4654 | 644 | |||
4655 | 645 | // Get some information about the columns in this dataset | ||
4656 | 646 | $SQL = "SELECT Heading, DataSetColumnID, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetID = %d "; | ||
4657 | 647 | $SQL .= "ORDER BY ColumnOrder "; | ||
4658 | 648 | |||
4659 | 649 | if (!$results = $db->query(sprintf($SQL, $dataSetId))) | ||
4660 | 650 | { | ||
4661 | 651 | trigger_error($db->error()); | ||
4662 | 652 | trigger_error(__('Unable to find the column headings'), E_USER_ERROR); | ||
4663 | 653 | } | ||
4664 | 654 | |||
4665 | 655 | $columnDefinition = array(); | ||
4666 | 656 | |||
4667 | 657 | $form = '<div class="info_table">'; | ||
4668 | 658 | $form .= '<table style="width:100%">'; | ||
4669 | 659 | $form .= ' <tr>'; | ||
4670 | 660 | $form .= ' <th>' . __('Row Number') . '</th>'; | ||
4671 | 661 | |||
4672 | 662 | while ($row = $db->get_assoc_row($results)) | ||
4673 | 663 | { | ||
4674 | 664 | $columnDefinition[] = $row; | ||
4675 | 665 | $heading = $row['Heading']; | ||
4676 | 666 | |||
4677 | 667 | $form .= ' <th>' . $heading . '</th>'; | ||
4678 | 668 | } | ||
4679 | 669 | |||
4680 | 670 | $form .= '</tr>'; | ||
4681 | 671 | |||
4682 | 672 | // Loop through the max rows | ||
4683 | 673 | for ($row = 1; $row <= $maxRows + 2; $row++) | ||
4684 | 674 | { | ||
4685 | 675 | $form .= '<tr>'; | ||
4686 | 676 | $form .= ' <td>' . $row . '</td>'; | ||
4687 | 677 | |||
4688 | 678 | // $row is the current row | ||
4689 | 679 | for ($col = 0; $col < $maxCols; $col++) | ||
4690 | 680 | { | ||
4691 | 681 | $dataSetColumnId = $columnDefinition[$col]['DataSetColumnID']; | ||
4692 | 682 | $listContent = $columnDefinition[$col]['ListContent']; | ||
4693 | 683 | $columnOrder = $columnDefinition[$col]['ColumnOrder']; | ||
4694 | 684 | |||
4695 | 685 | // Value for this Col/Row | ||
4696 | 686 | $value = ''; | ||
4697 | 687 | |||
4698 | 688 | if ($row <= $maxRows) | ||
4699 | 689 | { | ||
4700 | 690 | // This is intended to be a blank row | ||
4701 | 691 | $SQL = ""; | ||
4702 | 692 | $SQL .= "SELECT Value "; | ||
4703 | 693 | $SQL .= " FROM datasetdata "; | ||
4704 | 694 | $SQL .= "WHERE datasetdata.RowNumber = %d "; | ||
4705 | 695 | $SQL .= " AND datasetdata.DataSetColumnID = %d "; | ||
4706 | 696 | $SQL = sprintf($SQL, $row, $dataSetColumnId); | ||
4707 | 697 | |||
4708 | 698 | Debug::LogEntry($db, 'audit', $SQL, 'dataset'); | ||
4709 | 699 | |||
4710 | 700 | if (!$results = $db->query($SQL)) | ||
4711 | 701 | { | ||
4712 | 702 | trigger_error($db->error()); | ||
4713 | 703 | trigger_error(__('Can not get the data row/column'), E_USER_ERROR); | ||
4714 | 704 | } | ||
4715 | 705 | |||
4716 | 706 | if ($db->num_rows($results) == 0) | ||
4717 | 707 | { | ||
4718 | 708 | $value = ''; | ||
4719 | 709 | } | ||
4720 | 710 | else | ||
4721 | 711 | { | ||
4722 | 712 | $valueRow = $db->get_assoc_row($results); | ||
4723 | 713 | $value = $valueRow['Value']; | ||
4724 | 714 | } | ||
4725 | 715 | } | ||
4726 | 716 | |||
4727 | 717 | // Do we need a select list? | ||
4728 | 718 | if ($listContent != '') | ||
4729 | 719 | { | ||
4730 | 720 | $listItems = explode(',', $listContent); | ||
4731 | 721 | $selected = ($value == '') ? ' selected' : ''; | ||
4732 | 722 | $select = '<select name="value">'; | ||
4733 | 723 | $select.= ' <option value="" ' . $selected . '></option>'; | ||
4734 | 724 | |||
4735 | 725 | for ($i=0; $i < count($listItems); $i++) | ||
4736 | 726 | { | ||
4737 | 727 | $selected = ($listItems[$i] == $value) ? ' selected' : ''; | ||
4738 | 728 | |||
4739 | 729 | $select .= '<option value="' . $listItems[$i] . '" ' . $selected . '>' . $listItems[$i] . '</option>'; | ||
4740 | 730 | } | ||
4741 | 731 | |||
4742 | 732 | $select .= '</select>'; | ||
4743 | 733 | } | ||
4744 | 734 | else | ||
4745 | 735 | { | ||
4746 | 736 | $select = '<input type="text" name="value" value="' . $value . '">'; | ||
4747 | 737 | } | ||
4748 | 738 | |||
4749 | 739 | $action = ($value == '') ? 'AddDataSetData' : 'EditDataSetData'; | ||
4750 | 740 | $fieldId = uniqid(); | ||
4751 | 741 | |||
4752 | 742 | $form .= <<<END | ||
4753 | 743 | <td> | ||
4754 | 744 | <form id="$fieldId" class="XiboDataSetDataForm" action="index.php?p=dataset&q=$action"> | ||
4755 | 745 | <input type="hidden" name="fieldid" value="$fieldId"> | ||
4756 | 746 | <input type="hidden" name="datasetid" value="$dataSetId"> | ||
4757 | 747 | <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId"> | ||
4758 | 748 | <input type="hidden" name="rownumber" value="$row"> | ||
4759 | 749 | $select | ||
4760 | 750 | </form> | ||
4761 | 751 | </td> | ||
4762 | 752 | END; | ||
4763 | 753 | |||
4764 | 754 | |||
4765 | 755 | } //cols loop | ||
4766 | 756 | |||
4767 | 757 | $form .= '</tr>'; | ||
4768 | 758 | } //rows loop | ||
4769 | 759 | |||
4770 | 760 | $form .= '</table></div>'; | ||
4771 | 761 | |||
4772 | 762 | $response->SetFormRequestResponse($form, $dataSet, '750px', '600px', 'dataSetData'); | ||
4773 | 763 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Data') . '")'); | ||
4774 | 764 | $response->AddButton(__('Add Rows'), 'XiboFormRender("index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); | ||
4775 | 765 | $response->AddButton(__('Done'), 'XiboDialogClose()'); | ||
4776 | 766 | $response->Respond(); | ||
4777 | 767 | } | ||
4778 | 768 | |||
4779 | 769 | public function AddDataSetData() | ||
4780 | 770 | { | ||
4781 | 771 | $db =& $this->db; | ||
4782 | 772 | $user =& $this->user; | ||
4783 | 773 | $response = new ResponseManager(); | ||
4784 | 774 | |||
4785 | 775 | $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD); | ||
4786 | 776 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4787 | 777 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); | ||
4788 | 778 | $rowNumber = Kit::GetParam('rownumber', _POST, _INT); | ||
4789 | 779 | $value = Kit::GetParam('value', _POST, _STRING); | ||
4790 | 780 | |||
4791 | 781 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4792 | 782 | if (!$auth->edit) | ||
4793 | 783 | trigger_error(__('Access Denied')); | ||
4794 | 784 | |||
4795 | 785 | $dataSetObject = new DataSetData($db); | ||
4796 | 786 | if (!$dataSetObject->Add($dataSetColumnId, $rowNumber, $value)) | ||
4797 | 787 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4798 | 788 | |||
4799 | 789 | $response->SetFormSubmitResponse(__('Data Added')); | ||
4800 | 790 | $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData'; | ||
4801 | 791 | $response->hideMessage = true; | ||
4802 | 792 | $response->keepOpen = true; | ||
4803 | 793 | $response->Respond(); | ||
4804 | 794 | } | ||
4805 | 795 | |||
4806 | 796 | public function EditDataSetData() | ||
4807 | 797 | { | ||
4808 | 798 | $db =& $this->db; | ||
4809 | 799 | $user =& $this->user; | ||
4810 | 800 | $response = new ResponseManager(); | ||
4811 | 801 | |||
4812 | 802 | $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD); | ||
4813 | 803 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4814 | 804 | $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); | ||
4815 | 805 | $rowNumber = Kit::GetParam('rownumber', _POST, _INT); | ||
4816 | 806 | $value = Kit::GetParam('value', _POST, _STRING); | ||
4817 | 807 | |||
4818 | 808 | $auth = $user->DataSetAuth($dataSetId, true); | ||
4819 | 809 | if (!$auth->edit) | ||
4820 | 810 | trigger_error(__('Access Denied')); | ||
4821 | 811 | |||
4822 | 812 | if ($value == '') | ||
4823 | 813 | { | ||
4824 | 814 | $dataSetObject = new DataSetData($db); | ||
4825 | 815 | if (!$dataSetObject->Delete($dataSetColumnId, $rowNumber)) | ||
4826 | 816 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4827 | 817 | |||
4828 | 818 | $response->SetFormSubmitResponse(__('Data Deleted')); | ||
4829 | 819 | $response->loadFormUri = 'index.php?p=dataset&q=AddDataSetData'; | ||
4830 | 820 | } | ||
4831 | 821 | else | ||
4832 | 822 | { | ||
4833 | 823 | $dataSetObject = new DataSetData($db); | ||
4834 | 824 | if (!$dataSetObject->Edit($dataSetColumnId, $rowNumber, $value)) | ||
4835 | 825 | trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); | ||
4836 | 826 | |||
4837 | 827 | $response->SetFormSubmitResponse(__('Data Edited')); | ||
4838 | 828 | $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData'; | ||
4839 | 829 | } | ||
4840 | 830 | |||
4841 | 831 | $response->hideMessage = true; | ||
4842 | 832 | $response->keepOpen = true; | ||
4843 | 833 | $response->Respond(); | ||
4844 | 834 | } | ||
4845 | 835 | |||
4846 | 836 | /** | ||
4847 | 837 | * Get a list of group names for a layout | ||
4848 | 838 | * @param <type> $layoutId | ||
4849 | 839 | * @return <type> | ||
4850 | 840 | */ | ||
4851 | 841 | private function GroupsForDataSet($dataSetId) | ||
4852 | 842 | { | ||
4853 | 843 | $db =& $this->db; | ||
4854 | 844 | |||
4855 | 845 | $SQL = ''; | ||
4856 | 846 | $SQL .= 'SELECT `group`.Group '; | ||
4857 | 847 | $SQL .= ' FROM `group` '; | ||
4858 | 848 | $SQL .= ' INNER JOIN lkdatasetgroup '; | ||
4859 | 849 | $SQL .= ' ON `group`.GroupID = lkdatasetgroup.GroupID '; | ||
4860 | 850 | $SQL .= ' WHERE lkdatasetgroup.DataSetID = %d '; | ||
4861 | 851 | |||
4862 | 852 | $SQL = sprintf($SQL, $dataSetId); | ||
4863 | 853 | |||
4864 | 854 | if (!$results = $db->query($SQL)) | ||
4865 | 855 | { | ||
4866 | 856 | trigger_error($db->error()); | ||
4867 | 857 | trigger_error(__('Unable to get group information for dataset'), E_USER_ERROR); | ||
4868 | 858 | } | ||
4869 | 859 | |||
4870 | 860 | $groups = ''; | ||
4871 | 861 | |||
4872 | 862 | while ($row = $db->get_assoc_row($results)) | ||
4873 | 863 | { | ||
4874 | 864 | $groups .= $row['Group'] . ', '; | ||
4875 | 865 | } | ||
4876 | 866 | |||
4877 | 867 | $groups = trim($groups); | ||
4878 | 868 | $groups = trim($groups, ','); | ||
4879 | 869 | |||
4880 | 870 | return $groups; | ||
4881 | 871 | } | ||
4882 | 872 | |||
4883 | 873 | public function PermissionsForm() | ||
4884 | 874 | { | ||
4885 | 875 | $db =& $this->db; | ||
4886 | 876 | $user =& $this->user; | ||
4887 | 877 | $response = new ResponseManager(); | ||
4888 | 878 | $helpManager = new HelpManager($db, $user); | ||
4889 | 879 | |||
4890 | 880 | $dataSetId = Kit::GetParam('datasetid', _GET, _INT); | ||
4891 | 881 | |||
4892 | 882 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4893 | 883 | |||
4894 | 884 | if (!$auth->modifyPermissions) | ||
4895 | 885 | trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR); | ||
4896 | 886 | |||
4897 | 887 | // Form content | ||
4898 | 888 | $form = '<form id="DataSetPermissionsForm" class="XiboForm" method="post" action="index.php?p=dataset&q=Permissions">'; | ||
4899 | 889 | $form .= '<input type="hidden" name="datasetid" value="' . $dataSetId . '" />'; | ||
4900 | 890 | $form .= '<div class="dialog_table">'; | ||
4901 | 891 | $form .= ' <table style="width:100%">'; | ||
4902 | 892 | $form .= ' <tr>'; | ||
4903 | 893 | $form .= ' <th>' . __('Group') . '</th>'; | ||
4904 | 894 | $form .= ' <th>' . __('View') . '</th>'; | ||
4905 | 895 | $form .= ' <th>' . __('Edit') . '</th>'; | ||
4906 | 896 | $form .= ' <th>' . __('Delete') . '</th>'; | ||
4907 | 897 | $form .= ' </tr>'; | ||
4908 | 898 | |||
4909 | 899 | // List of all Groups with a view/edit/delete checkbox | ||
4910 | 900 | $SQL = ''; | ||
4911 | 901 | $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific '; | ||
4912 | 902 | $SQL .= ' FROM `group` '; | ||
4913 | 903 | $SQL .= ' LEFT OUTER JOIN lkdatasetgroup '; | ||
4914 | 904 | $SQL .= ' ON lkdatasetgroup.GroupID = group.GroupID '; | ||
4915 | 905 | $SQL .= ' AND lkdatasetgroup.DataSetID = %d '; | ||
4916 | 906 | $SQL .= ' WHERE `group`.GroupID <> %d '; | ||
4917 | 907 | $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` '; | ||
4918 | 908 | |||
4919 | 909 | $SQL = sprintf($SQL, $dataSetId, $user->getGroupFromId($user->userid, true)); | ||
4920 | 910 | |||
4921 | 911 | if (!$results = $db->query($SQL)) | ||
4922 | 912 | { | ||
4923 | 913 | trigger_error($db->error()); | ||
4924 | 914 | trigger_error(__('Unable to get permissions for this dataset'), E_USER_ERROR); | ||
4925 | 915 | } | ||
4926 | 916 | |||
4927 | 917 | while($row = $db->get_assoc_row($results)) | ||
4928 | 918 | { | ||
4929 | 919 | $groupId = $row['GroupID']; | ||
4930 | 920 | $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group']; | ||
4931 | 921 | |||
4932 | 922 | $form .= '<tr>'; | ||
4933 | 923 | $form .= ' <td>' . $group . '</td>'; | ||
4934 | 924 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>'; | ||
4935 | 925 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>'; | ||
4936 | 926 | $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>'; | ||
4937 | 927 | $form .= '</tr>'; | ||
4938 | 928 | } | ||
4939 | 929 | |||
4940 | 930 | $form .= '</table>'; | ||
4941 | 931 | $form .= '</div>'; | ||
4942 | 932 | $form .= '</form>'; | ||
4943 | 933 | |||
4944 | 934 | $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px'); | ||
4945 | 935 | $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")'); | ||
4946 | 936 | $response->AddButton(__('Cancel'), 'XiboDialogClose()'); | ||
4947 | 937 | $response->AddButton(__('Save'), '$("#DataSetPermissionsForm").submit()'); | ||
4948 | 938 | $response->Respond(); | ||
4949 | 939 | } | ||
4950 | 940 | |||
4951 | 941 | public function Permissions() | ||
4952 | 942 | { | ||
4953 | 943 | $db =& $this->db; | ||
4954 | 944 | $user =& $this->user; | ||
4955 | 945 | $response = new ResponseManager(); | ||
4956 | 946 | Kit::ClassLoader('datasetgroupsecurity'); | ||
4957 | 947 | |||
4958 | 948 | $dataSetId = Kit::GetParam('datasetid', _POST, _INT); | ||
4959 | 949 | $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); | ||
4960 | 950 | |||
4961 | 951 | $auth = $this->user->DataSetAuth($dataSetId, true); | ||
4962 | 952 | |||
4963 | 953 | if (!$auth->modifyPermissions) | ||
4964 | 954 | trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR); | ||
4965 | 955 | |||
4966 | 956 | // Unlink all | ||
4967 | 957 | $security = new DataSetGroupSecurity($db); | ||
4968 | 958 | if (!$security->UnlinkAll($dataSetId)) | ||
4969 | 959 | trigger_error(__('Unable to set permissions')); | ||
4970 | 960 | |||
4971 | 961 | // Some assignments for the loop | ||
4972 | 962 | $lastGroupId = 0; | ||
4973 | 963 | $first = true; | ||
4974 | 964 | $view = 0; | ||
4975 | 965 | $edit = 0; | ||
4976 | 966 | $del = 0; | ||
4977 | 967 | |||
4978 | 968 | // List of groupIds with view, edit and del assignments | ||
4979 | 969 | foreach($groupIds as $groupPermission) | ||
4980 | 970 | { | ||
4981 | 971 | $groupPermission = explode('_', $groupPermission); | ||
4982 | 972 | $groupId = $groupPermission[0]; | ||
4983 | 973 | |||
4984 | 974 | if ($first) | ||
4985 | 975 | { | ||
4986 | 976 | // First time through | ||
4987 | 977 | $first = false; | ||
4988 | 978 | $lastGroupId = $groupId; | ||
4989 | 979 | } | ||
4990 | 980 | |||
4991 | 981 | if ($groupId != $lastGroupId) | ||
4992 | 982 | { | ||
4993 | 983 | // The groupId has changed, so we need to write the current settings to the db. | ||
4994 | 984 | // Link new permissions | ||
4995 | 985 | if (!$security->Link($dataSetId, $groupId, $view, $edit, $del)) | ||
4996 | 986 | trigger_error(__('Unable to set permissions')); | ||
4997 | 987 | |||
4998 | 988 | // Reset | ||
4999 | 989 | $lastGroupId = $groupId; | ||
5000 | 990 | $view = 0; |
The diff has been truncated for viewing.