You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
78 lines
3.0 KiB
78 lines
3.0 KiB
<?php
|
|
|
|
/**
|
|
* @package tikiwiki
|
|
*/
|
|
|
|
// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
|
|
//
|
|
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
|
|
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
|
|
// $Id$
|
|
|
|
require_once('tiki-setup.php');
|
|
$usermoduleslib = TikiLib::lib('usermodules');
|
|
$smarty = TikiLib::lib('smarty');
|
|
global $tiki_p_configure_modules, $prefs, $user;
|
|
$actions = [
|
|
'mc_unassign' => [
|
|
'method' => 'unassign_user_module',
|
|
'success' => tr('User module unassigned'),
|
|
'error' => tr('User module not unassigned'),
|
|
],
|
|
'mc_up' => [
|
|
'method' => 'swap_up_user_module',
|
|
'success' => tr('User module moved up'),
|
|
'error' => tr('User module not moved up'),
|
|
],
|
|
'mc_down' => [
|
|
'method' => 'swap_down_user_module',
|
|
'success' => tr('User module moved down'),
|
|
'error' => tr('User module not moved down'),
|
|
],
|
|
'mc_move' => [
|
|
'method' => 'move_module',
|
|
'success' => tr('User module moved to opposite side'),
|
|
'error' => tr('User module not moved to opposite side'),
|
|
],
|
|
];
|
|
$actions = array_intersect_key($actions, $_REQUEST);
|
|
$check_req = count($actions);
|
|
if ($tiki_p_configure_modules != 'y' && $check_req) {
|
|
Feedback::errorPage(['mes' => tr('You do not have permission to use this feature'), 'errortype' => 401]);
|
|
}
|
|
if ($prefs['user_assigned_modules'] != 'y' && $check_req) {
|
|
Feedback::errorPage(tr('This feature is disabled') . ': user_assigned_modules');
|
|
}
|
|
if (! $user && $check_req) {
|
|
Feedback::errorPage(tr('You must log in to use this feature'));
|
|
}
|
|
$request_uri = $url = isset($_SERVER["REQUEST_URI"]) ? $_SERVER['REQUEST_URI'] : '';
|
|
$access = TikiLib::lib('access');
|
|
foreach ($actions as $action => $settings) {
|
|
if (isset($_REQUEST[$action]) && $access->checkCsrf()) {
|
|
// Assign default user modules if user has not yet configured modules
|
|
if (! $usermoduleslib->user_has_assigned_modules($user)) {
|
|
$usermoduleslib->create_user_assigned_modules($user);
|
|
}
|
|
$method = $settings['method'];
|
|
$result = $usermoduleslib->$method($_REQUEST[$action], $user);
|
|
/** @var TikiDb_Pdo_Result|TikiDb_Adodb_Result $result */
|
|
if ($result && $result->numRows()) {
|
|
Feedback::success($settings['success']);
|
|
} else {
|
|
Feedback::error($settings['error']);
|
|
}
|
|
}
|
|
// Remove module movemet paramaters from an URL
|
|
// \todo What if 'mc_xxx' arg was not at the end? (if smbd fix URL by hands...)
|
|
// should I handle this very special (hack?) case?
|
|
$url = preg_replace('/(.*)(\?|&){1}(mc_up|mc_down|mc_move|mc_unassign)=[^&]*/', '\1', $url);
|
|
}
|
|
|
|
// Fix locaton if parameter was removed...
|
|
if ($url != $request_uri || (isset($_POST['redirect']) && $_POST['redirect'])) {
|
|
$access->redirect($url);
|
|
}
|
|
$smarty->assign('current_location', $url);
|
|
$smarty->assign('mpchar', (strpos($url, '?') ? '&' : '?'));
|