Home Explore Help
Sign In
fusionpbx
/
fusionpbx-framework
mirror of https://github.com/fusionpbx/fusionpbx-framework.git
2
0
Fork 0
Files Issues 0 Wiki
Branch: patch-1
Branches Tags
fusionpbx-frame...
/
core
/
groups
/
group_edit.php

group_edit.php 10 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298 
  1. <?php
    2. 

  2. /*
    3. 

  3. 	FusionPBX
    4. 

  4. 	Version: MPL 1.1
    5. 

  5. 

  6. 	The contents of this file are subject to the Mozilla Public License Version
    7. 

  7. 	1.1 (the "License"); you may not use this file except in compliance with
    8. 

  8. 	the License. You may obtain a copy of the License at
    9. 

  9. 	http://www.mozilla.org/MPL/
    10. 

  10. 

  11. 	Software distributed under the License is distributed on an "AS IS" basis,
    12. 

  12. 	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
    13. 

  13. 	for the specific language governing rights and limitations under the
    14. 

  14. 	License.
    15. 

  15. 

  16. 	The Original Code is FusionPBX
    17. 

  17. 

  18. 	The Initial Developer of the Original Code is
    19. 

  19. 	Mark J Crane <[email protected]>
    20. 

  20. 	Portions created by the Initial Developer are Copyright (C) 2018-2020
    21. 

  21. 	the Initial Developer. All Rights Reserved.
    22. 

  22. 

  23. 	Contributor(s):
    24. 

  24. 	Mark J Crane <[email protected]>
    25. 

  25. */
    26. 

  26. 

  27. //includes
    28. 

  28. 	require_once "root.php";
    29. 

  29. 	require_once "resources/require.php";
    30. 

  30. 	require_once "resources/check_auth.php";
    31. 

  31. 

  32. //check permissions
    33. 

  33. 	if (permission_exists('group_add') || permission_exists('group_edit')) {
    34. 

  34. 		//access granted
    35. 

  35. 	}
    36. 

  36. 	else {
    37. 

  37. 		echo "access denied";
    38. 

  38. 		exit;
    39. 

  39. 	}
    40. 

  40. 

  41. //add multi-lingual support
    42. 

  42. 	$language = new text;
    43. 

  43. 	$text = $language->get();
    44. 

  44. 

  45. //action add or update
    46. 

  46. 	if (is_uuid($_REQUEST["id"])) {
    47. 

  47. 		$action = "update";
    48. 

  48. 		$group_uuid = $_REQUEST["id"];
    49. 

  49. 		$id = $_REQUEST["id"];
    50. 

  50. 	}
    51. 

  51. 	else {
    52. 

  52. 		$action = "add";
    53. 

  53. 	}
    54. 

  54. 

  55. //get http post variables and set them to php variables
    56. 

  56. 	if (is_array($_POST)) {
    57. 

  57. 		$group_uuid = $_POST["group_uuid"];
    58. 

  58. 		$group_name = $_POST["group_name"];
    59. 

  59. 		$domain_uuid = $_POST["domain_uuid"];
    60. 

  60. 		$group_level = $_POST["group_level"];
    61. 

  61. 		$group_protected = $_POST["group_protected"];
    62. 

  62. 		$group_description = $_POST["group_description"];
    63. 

  63. 	}
    64. 

  64. 

  65. //process the user data and save it to the database
    66. 

  66. 	if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
    67. 

  67. 

  68. 		//process the http post data by submitted action
    69. 

  69. 			if ($_POST['action'] != '' && is_uuid($group_uuid)) {
    70. 

  70. 				$array[0]['checked'] = 'true';
    71. 

  71. 				$array[0]['uuid'] = $group_uuid;
    72. 

  72. 

  73. 				switch ($_POST['action']) {
    74. 

  74. 					case 'copy':
    75. 

  75. 						if (permission_exists('group_add')) {
    76. 

  76. 							$obj = new groups;
    77. 

  77. 							$obj->copy($array);
    78. 

  78. 						}
    79. 

  79. 						break;
    80. 

  80. 					case 'delete':
    81. 

  81. 						if (permission_exists('group_delete')) {
    82. 

  82. 							$obj = new groups;
    83. 

  83. 							$obj->delete($array);
    84. 

  84. 						}
    85. 

  85. 						break;
    86. 

  86. 				}
    87. 

  87. 

  88. 				header('Location: groups.php');
    89. 

  89. 				exit;
    90. 

  90. 			}
    91. 

  91. 

  92. 		//validate the token
    93. 

  93. 			$token = new token;
    94. 

  94. 			if (!$token->validate($_SERVER['PHP_SELF'])) {
    95. 

  95. 				message::add($text['message-invalid_token'],'negative');
    96. 

  96. 				header('Location: groups.php');
    97. 

  97. 				exit;
    98. 

  98. 			}
    99. 

  99. 

  100. 		//check for all required data
    101. 

  101. 			$msg = '';
    102. 

  102. 			if (strlen($group_name) == 0) { $msg .= $text['message-required']." ".$text['label-group_name']."<br>\n"; }
    103. 

  103. 			//if (strlen($domain_uuid) == 0) { $msg .= $text['message-required']." ".$text['label-domain_uuid']."<br>\n"; }
    104. 

  104. 			if (strlen($group_level) == 0) { $msg .= $text['message-required']." ".$text['label-group_level']."<br>\n"; }
    105. 

  105. 			//if (strlen($group_protected) == 0) { $msg .= $text['message-required']." ".$text['label-group_protected']."<br>\n"; }
    106. 

  106. 			//if (strlen($group_description) == 0) { $msg .= $text['message-required']." ".$text['label-group_description']."<br>\n"; }
    107. 

  107. 			if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
    108. 

  108. 				require_once "resources/header.php";
    109. 

  109. 				require_once "resources/persist_form_var.php";
    110. 

  110. 				echo "<div align='center'>\n";
    111. 

  111. 				echo "<table><tr><td>\n";
    112. 

  112. 				echo $msg."<br />";
    113. 

  113. 				echo "</td></tr></table>\n";
    114. 

  114. 				persistformvar($_POST);
    115. 

  115. 				echo "</div>\n";
    116. 

  116. 				require_once "resources/footer.php";
    117. 

  117. 				return;
    118. 

  118. 			}
    119. 

  119. 

  120. 		//add the group_uuid
    121. 

  121. 			if (!is_uuid($_POST["group_uuid"])) {
    122. 

  122. 				$group_uuid = uuid();
    123. 

  123. 			}
    124. 

  124. 

  125. 		//prepare the array
    126. 

  126. 			$array['groups'][0]['group_uuid'] = $group_uuid;
    127. 

  127. 			$array['groups'][0]['group_name'] = $group_name;
    128. 

  128. 			$array['groups'][0]['domain_uuid'] = $domain_uuid;
    129. 

  129. 			$array['groups'][0]['group_level'] = $group_level;
    130. 

  130. 			$array['groups'][0]['group_protected'] = $group_protected;
    131. 

  131. 			$array['groups'][0]['group_description'] = $group_description;
    132. 

  132. 

  133. 		//save the data
    134. 

  134. 			$database = new database;
    135. 

  135. 			$database->app_name = 'Group Manager';
    136. 

  136. 			$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
    137. 

  137. 			$database->save($array);
    138. 

  138. 

  139. 		//redirect the user
    140. 

  140. 			if (isset($action)) {
    141. 

  141. 				if ($action == "add") {
    142. 

  142. 					$_SESSION["message"] = $text['message-add'];
    143. 

  143. 				}
    144. 

  144. 				if ($action == "update") {
    145. 

  145. 					$_SESSION["message"] = $text['message-update'];
    146. 

  146. 				}
    147. 

  147. 				header('Location: group_edit.php?id='.urlencode($group_uuid));
    148. 

  148. 				return;
    149. 

  149. 			}
    150. 

  150. 	} //(is_array($_POST) && strlen($_POST["persistformvar"]) == 0)
    151. 

  151. 

  152. //pre-populate the form
    153. 

  153. 	if (is_array($_GET) && $_POST["persistformvar"] != "true") {
    154. 

  154. 		$group_uuid = $_GET["id"];
    155. 

  155. 		$sql = "select * from v_groups ";
    156. 

  156. 		$sql .= "where group_uuid = :group_uuid ";
    157. 

  157. 		//$sql .= "and domain_uuid = :domain_uuid ";
    158. 

  158. 		//$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
    159. 

  159. 		$parameters['group_uuid'] = $group_uuid;
    160. 

  160. 		$database = new database;
    161. 

  161. 		$row = $database->select($sql, $parameters, 'row');
    162. 

  162. 		if (is_array($row) && @sizeof($row) != 0) {
    163. 

  163. 			$group_name = $row["group_name"];
    164. 

  164. 			$domain_uuid = $row["domain_uuid"];
    165. 

  165. 			$group_permissions = $row["group_permissions"];
    166. 

  166. 			$group_members = $row["group_members"];
    167. 

  167. 			$group_level = $row["group_level"];
    168. 

  168. 			$group_protected = $row["group_protected"];
    169. 

  169. 			$group_description = $row["group_description"];
    170. 

  170. 		}
    171. 

  171. 		unset ($sql, $parameters, $row);
    172. 

  172. 	}
    173. 

  173. 

  174. //create token
    175. 

  175. 	$object = new token;
    176. 

  176. 	$token = $object->create($_SERVER['PHP_SELF']);
    177. 

  177. 

  178. //show the header
    179. 

  179. 	$document['title'] = $text['title-group'];
    180. 

  180. 	require_once "resources/header.php";
    181. 

  181. 

  182. //show the content
    183. 

  183. 	echo "<form name='frm' id='frm' method='post'>\n";
    184. 

  184. 

  185. 	echo "<div class='action_bar' id='action_bar'>\n";
    186. 

  186. 	echo "	<div class='heading'><b>".$text['title-group']."</b></div>\n";
    187. 

  187. 	echo "	<div class='actions'>\n";
    188. 

  188. 	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'link'=>'groups.php']);
    189. 

  189. 	$button_margin = 'margin-left: 15px;';
    190. 

  190. 	if ($action == 'update' && permission_exists('group_add')) {
    191. 

  191. 		echo button::create(['type'=>'submit','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'name'=>'action','value'=>'copy','style'=>$button_margin,'onclick'=>"if (confirm('".$text['confirm-copy']."')) { document.getElementById('frm').submit(); } else { this.blur(); return false; }"]);
    192. 

  192. 		unset($button_margin);
    193. 

  193. 	}
    194. 

  194. 	if ($action == 'update' && permission_exists('group_delete')) {
    195. 

  195. 		echo button::create(['type'=>'submit','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'action','value'=>'delete','style'=>$button_margin,'onclick'=>"if (confirm('".$text['confirm-delete']."')) { document.getElementById('frm').submit(); } else { this.blur(); return false; }"]);
    196. 

  196. 		unset($button_margin);
    197. 

  197. 	}
    198. 

  198. 	echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'style'=>'margin-left: 15px;']);
    199. 

  199. 	echo "	</div>\n";
    200. 

  200. 	echo "	<div style='clear: both;'></div>\n";
    201. 

  201. 	echo "</div>\n";
    202. 

  202. 

  203. 	echo $text['description-groups']."\n";
    204. 

  204. 	echo "<br /><br />\n";
    205. 

  205. 

  206. 	echo "<table width='100%'  border='0' cellpadding='0' cellspacing='0'>\n";
    207. 

  207. 

  208. 	echo "<tr>\n";
    209. 

  209. 	echo "<td width='30%' class='vncellreq' valign='top' align='left' nowrap='nowrap'>\n";
    210. 

  210. 	echo "	".$text['label-group_name']."\n";
    211. 

  211. 	echo "</td>\n";
    212. 

  212. 	echo "<td width='70%' class='vtable' style='position: relative;' align='left'>\n";
    213. 

  213. 	echo "	<input class='formfld' type='text' name='group_name' maxlength='255' value='".escape($group_name)."'>\n";
    214. 

  214. 	echo "<br />\n";
    215. 

  215. 	echo $text['description-group_name']."\n";
    216. 

  216. 	echo "</td>\n";
    217. 

  217. 	echo "</tr>\n";
    218. 

  218. 

  219. 	echo "<tr>\n";
    220. 

  220. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    221. 

  221. 	echo "	".$text['label-domain_uuid']."\n";
    222. 

  222. 	echo "</td>\n";
    223. 

  223. 	echo "<td class='vtable' style='position: relative;' align='left'>\n";
    224. 

  224. 	echo "	<select class='formfld' name='domain_uuid'>\n";
    225. 

  225. 	if (strlen($domain_uuid) == 0) {
    226. 

  226. 		echo "		<option value='' selected='selected'>".$text['label-global']."</option>\n";
    227. 

  227. 	}
    228. 

  228. 	else {
    229. 

  229. 		echo "		<option value=''>".$text['label-global']."</option>\n";
    230. 

  230. 	}
    231. 

  231. 	foreach ($_SESSION['domains'] as $row) {
    232. 

  232. 		if ($row['domain_uuid'] == $domain_uuid) {
    233. 

  233. 			echo "		<option value='".$row['domain_uuid']."' selected='selected'>".escape($row['domain_name'])."</option>\n";
    234. 

  234. 		}
    235. 

  235. 		else {
    236. 

  236. 			echo "		<option value='".$row['domain_uuid']."'>".$row['domain_name']."</option>\n";
    237. 

  237. 		}
    238. 

  238. 	}
    239. 

  239. 	echo "	</select>\n";
    240. 

  240. 	echo "<br />\n";
    241. 

  241. 	echo $text['description-domain_uuid']."\n";
    242. 

  242. 	echo "</td>\n";
    243. 

  243. 	echo "</tr>\n";
    244. 

  244. 

  245. 	echo "<tr>\n";
    246. 

  246. 	echo "<td class='vncellreq' valign='top' align='left' nowrap='nowrap'>\n";
    247. 

  247. 	echo "	".$text['label-group_level']."\n";
    248. 

  248. 	echo "</td>\n";
    249. 

  249. 	echo "<td class='vtable' style='position: relative;' align='left'>\n";
    250. 

  250. 		echo "	<select class='formfld' name='group_level'>\n";
    251. 

  251. 		echo "		<option value=''></option>\n";
    252. 

  252. 		for ($l = 10; $l <=90; $l += 10) {
    253. 

  253. 			$selected = $group_level == $l ? "selected='selected'" : null;
    254. 

  254. 			echo "		<option value='".$l."' ".$selected.">".$l."</option>\n";
    255. 

  255. 		}
    256. 

  256. 		echo "	</select>\n";
    257. 

  257. 	echo "<br />\n";
    258. 

  258. 	echo $text['description-group_level']."\n";
    259. 

  259. 	echo "</td>\n";
    260. 

  260. 	echo "</tr>\n";
    261. 

  261. 

  262. 	echo "<tr>\n";
    263. 

  263. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    264. 

  264. 	echo "	".$text['label-group_protected']."\n";
    265. 

  265. 	echo "</td>\n";
    266. 

  266. 	echo "<td class='vtable' style='position: relative;' align='left'>\n";
    267. 

  267. 	echo "	<select class='formfld' name='group_protected'>\n";
    268. 

  268. 	echo "		<option value='false'>".$text['label-false']."</option>\n";
    269. 

  269. 	echo "		<option value='true' ".($group_protected == "true" ? "selected='selected'" : null).">".$text['label-true']."</option>\n";
    270. 

  270. 	echo "	</select>\n";
    271. 

  271. 	echo "<br />\n";
    272. 

  272. 	echo $text['description-group_protected']."\n";
    273. 

  273. 	echo "</td>\n";
    274. 

  274. 	echo "</tr>\n";
    275. 

  275. 

  276. 	echo "<tr>\n";
    277. 

  277. 	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
    278. 

  278. 	echo "	".$text['label-group_description']."\n";
    279. 

  279. 	echo "</td>\n";
    280. 

  280. 	echo "<td class='vtable' style='position: relative;' align='left'>\n";
    281. 

  281. 	echo "	<input class='formfld' type='text' name='group_description' maxlength='255' value='".escape($group_description)."'>\n";
    282. 

  282. 	echo "<br />\n";
    283. 

  283. 	echo $text['description-group_description']."\n";
    284. 

  284. 	echo "</td>\n";
    285. 

  285. 	echo "</tr>\n";
    286. 

  286. 

  287. 	echo "</table>";
    288. 

  288. 	echo "<br /><br />";
    289. 

  289. 

  290. 	echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
    291. 

  291. 	echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
    292. 

  292. 

  293. 	echo "</form>";
    294. 

  294. 

  295. //include the footer
    296. 

  296. 	require_once "resources/footer.php";
    297. 

  297. 

  298. ?>
    299.