2012-06-04 16:58:40 +02:00
|
|
|
<?php
|
|
|
|
|
/*
|
|
|
|
|
FusionPBX
|
|
|
|
|
Version: MPL 1.1
|
|
|
|
|
|
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
the License. You may obtain a copy of the License at
|
|
|
|
|
http://www.mozilla.org/MPL/
|
|
|
|
|
|
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
for the specific language governing rights and limitations under the
|
|
|
|
|
License.
|
|
|
|
|
|
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
|
|
|
|
|
|
The Initial Developer of the Original Code is
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
|
|
|
Portions created by the Initial Developer are Copyright (C) 2008-2012
|
|
|
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
|
|
|
|
|
|
Contributor(s):
|
|
|
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
|
|
|
*/
|
|
|
|
|
include "root.php";
|
2013-07-06 08:03:27 +02:00
|
|
|
require_once "resources/require.php";
|
2013-07-06 07:50:55 +02:00
|
|
|
require_once "resources/check_auth.php";
|
2012-06-04 16:58:40 +02:00
|
|
|
if (permission_exists('group_members_view') || if_group("superadmin")) {
|
|
|
|
|
//access allowed
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
echo "access denied";
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//requires a superadmin to view members of the superadmin group
|
|
|
|
|
if (!if_group("superadmin") && $_GET["group_name"] == "superadmin") {
|
|
|
|
|
echo "access denied";
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-09 06:32:24 +02:00
|
|
|
//add multi-lingual support
|
2015-01-18 10:22:07 +01:00
|
|
|
$language = new text;
|
|
|
|
|
$text = $language->get();
|
2013-06-09 06:32:24 +02:00
|
|
|
|
2015-03-31 23:47:31 +02:00
|
|
|
//get the group uuid, lookup domain uuid (if any) and name
|
|
|
|
|
$group_uuid = check_str($_REQUEST['group_uuid']);
|
|
|
|
|
$sql = "select domain_uuid, group_name from v_groups ";
|
|
|
|
|
$sql .= "where group_uuid = '".$group_uuid."' ";
|
|
|
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
|
|
|
foreach ($result as &$row) {
|
|
|
|
|
$domain_uuid = $row["domain_uuid"];
|
|
|
|
|
$group_name = $row["group_name"];
|
|
|
|
|
break; //limit to 1 row
|
|
|
|
|
}
|
|
|
|
|
unset ($prep_statement);
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
//define the if group members function
|
2015-03-31 23:47:31 +02:00
|
|
|
function is_group_member($group_uuid, $user_uuid) {
|
|
|
|
|
global $db, $domain_uuid;
|
2012-06-04 16:58:40 +02:00
|
|
|
$sql = "select * from v_group_users ";
|
2015-03-31 23:47:31 +02:00
|
|
|
$sql .= "where user_uuid = '".$user_uuid."' ";
|
|
|
|
|
$sql .= "and group_uuid = '".$group_uuid."' ";
|
|
|
|
|
$sql .= "and domain_uuid = '".(($domain_uuid != '') ? $domain_uuid : $_SESSION['domain_uuid'])."' ";
|
2012-06-04 16:58:40 +02:00
|
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
if (count($prep_statement->fetchAll(PDO::FETCH_NAMED)) == 0) { return true; } else { return false; }
|
|
|
|
|
unset ($sql, $prep_statement);
|
|
|
|
|
}
|
|
|
|
|
//$exampledatareturned = example("apples", 1);
|
|
|
|
|
|
2015-03-05 11:17:47 +01:00
|
|
|
//get the the users array
|
|
|
|
|
if (permission_exists('group_member_add')) {
|
2015-03-31 23:47:31 +02:00
|
|
|
$sql = "select * from v_users where ";
|
|
|
|
|
if ($domain_uuid != '') {
|
|
|
|
|
$sql .= "domain_uuid = '".$domain_uuid."' ";
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$sql .= "domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
|
|
|
|
}
|
2015-03-05 11:17:47 +01:00
|
|
|
$sql .= "order by username ";
|
|
|
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//get the groups users
|
2015-05-10 08:13:05 +02:00
|
|
|
$sql = "select u.user_uuid, u.username, gu.group_user_uuid, gu.domain_uuid, gu.group_uuid ";
|
|
|
|
|
$sql .= "from v_group_users as gu, v_users as u, v_domains as d ";
|
|
|
|
|
$sql .= "where gu.user_uuid = u.user_uuid ";
|
|
|
|
|
$sql .= "and gu.domain_uuid = d.domain_uuid ";
|
2015-03-31 23:47:31 +02:00
|
|
|
if ($domain_uuid != '') {
|
2015-05-10 08:13:05 +02:00
|
|
|
$sql .= "and gu.domain_uuid = '".$domain_uuid."' ";
|
2015-03-31 23:47:31 +02:00
|
|
|
}
|
|
|
|
|
if (!permission_exists('user_all')) {
|
|
|
|
|
$sql .= "and u.domain_uuid = '".$_SESSION['domain_uuid']."' ";
|
|
|
|
|
}
|
2015-05-10 08:13:05 +02:00
|
|
|
$sql .= "and gu.group_uuid = '".$group_uuid."' ";
|
|
|
|
|
$sql .= "order by d.domain_name asc, u.username asc ";
|
2015-03-05 11:17:47 +01:00
|
|
|
$prep_statement = $db->prepare(check_sql($sql));
|
|
|
|
|
$prep_statement->execute();
|
|
|
|
|
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
|
|
|
|
|
|
2012-06-04 16:58:40 +02:00
|
|
|
//include the header
|
2013-07-06 08:29:50 +02:00
|
|
|
require_once "resources/header.php";
|
2014-07-10 02:32:50 +02:00
|
|
|
$document['title'] = $text['title-group_members'];
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
//show the content
|
|
|
|
|
$c = 0;
|
|
|
|
|
$row_style["0"] = "row_style0";
|
|
|
|
|
$row_style["1"] = "row_style1";
|
|
|
|
|
|
2015-02-15 12:57:14 +01:00
|
|
|
echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
echo " <tr>\n";
|
2015-02-15 12:57:14 +01:00
|
|
|
echo " <td width='100%' align='left' valign='top'>\n";
|
2015-03-31 23:47:31 +02:00
|
|
|
echo " <b>".$text['header-group_members'].$group_name."</b>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
echo " </td>\n";
|
2015-02-15 12:57:14 +01:00
|
|
|
echo " <td align='right' nowrap='nowrap' valign='middle'>\n";
|
|
|
|
|
echo " <input type='button' class='btn' style='margin-right: 15px;' alt='".$text['button-back']."' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'>";
|
|
|
|
|
echo " </td>";
|
|
|
|
|
if (permission_exists('group_member_add')) {
|
|
|
|
|
echo " <td align='right' nowrap='nowrap' valign='top'>\n";
|
|
|
|
|
echo " <form method='post' action='groupmemberadd.php'>";
|
2015-03-31 23:47:31 +02:00
|
|
|
echo " <select name='user_uuid' style='width: 200px;' class='formfld'>\n";
|
|
|
|
|
echo " <option value=''></option>\n";
|
2015-03-05 11:17:47 +01:00
|
|
|
foreach($users as $field) {
|
2015-03-31 23:47:31 +02:00
|
|
|
if (is_group_member($group_uuid, $field['user_uuid'])) {
|
2015-02-15 12:57:14 +01:00
|
|
|
echo " <option value='".$field['user_uuid']."'>".$field['username']."</option>\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-03-05 11:17:47 +01:00
|
|
|
unset($sql, $users);
|
2015-02-15 12:57:14 +01:00
|
|
|
echo " </select>";
|
2015-03-31 23:47:31 +02:00
|
|
|
echo " <input type='hidden' name='domain_uuid' value='".(($domain_uuid != '') ? $domain_uuid : $_SESSION['domain_uuid'])."'>";
|
|
|
|
|
echo " <input type='hidden' name='group_uuid' value='".$group_uuid."'>";
|
|
|
|
|
echo " <input type='hidden' name='group_name' value='".$group_name."'>";
|
2015-02-15 12:57:14 +01:00
|
|
|
echo " <input type='submit' class='btn' value='".$text['button-add_member']."'>";
|
|
|
|
|
echo " </form>";
|
|
|
|
|
echo " </td>\n";
|
|
|
|
|
}
|
2012-06-04 16:58:40 +02:00
|
|
|
echo " </tr>\n";
|
|
|
|
|
echo "</table>\n";
|
2015-02-15 12:57:14 +01:00
|
|
|
echo "<br>";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2015-03-31 23:47:31 +02:00
|
|
|
$echo = "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
|
|
|
|
|
$echo .= "<tr>\n";
|
|
|
|
|
if (permission_exists('user_all')) {
|
|
|
|
|
$echo .= "<th width='30%' align='left' nowrap>".$text['label-domain']."</th>\n";
|
|
|
|
|
}
|
|
|
|
|
$echo .= " <th align='left' nowrap>".$text['label-username']."</th>\n";
|
|
|
|
|
$echo .= " <td width='25' align='right' nowrap> </td>\n";
|
|
|
|
|
$echo .= "</tr>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
$count = 0;
|
|
|
|
|
foreach ($result as &$row) {
|
|
|
|
|
$group_user_uuid = $row["group_user_uuid"];
|
|
|
|
|
$username = $row["username"];
|
|
|
|
|
$user_uuid = $row["user_uuid"];
|
2015-03-31 23:47:31 +02:00
|
|
|
$domain_uuid = $row["domain_uuid"];
|
2015-03-05 11:17:47 +01:00
|
|
|
$group_uuid = $row["group_uuid"];
|
2015-03-31 23:47:31 +02:00
|
|
|
$echo .= "<tr>";
|
|
|
|
|
if (permission_exists('user_all')) {
|
|
|
|
|
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap>".$_SESSION['domains'][$domain_uuid]['domain_name']."</td>\n";
|
|
|
|
|
}
|
|
|
|
|
$echo .= "<td align='left' class='".$row_style[$c]."' nowrap>".$username."</td>\n";
|
|
|
|
|
$echo .= "<td class='list_control_icons' style='width: 25px;'>";
|
2012-06-04 16:58:40 +02:00
|
|
|
if (permission_exists('group_member_delete')) {
|
2015-03-31 23:47:31 +02:00
|
|
|
$echo .= "<a href='groupmemberdelete.php?user_uuid=".$user_uuid."&group_name=".$group_name."&group_uuid=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
|
2012-06-04 16:58:40 +02:00
|
|
|
}
|
2015-03-31 23:47:31 +02:00
|
|
|
$echo .= "</td>\n";
|
|
|
|
|
$echo .= "</tr>\n";
|
2012-06-04 16:58:40 +02:00
|
|
|
|
2015-03-31 23:47:31 +02:00
|
|
|
$c = ($c) ? 0 : 1;
|
2014-06-20 02:49:46 +02:00
|
|
|
|
|
|
|
|
$group_users[] = $row["user_uuid"];
|
2012-06-04 16:58:40 +02:00
|
|
|
$count++;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-31 23:47:31 +02:00
|
|
|
$echo .= "</table>\n";
|
|
|
|
|
$echo .= "<br /><br />";
|
|
|
|
|
echo $echo;
|
2012-06-04 16:58:40 +02:00
|
|
|
|
|
|
|
|
//include the footer
|
2013-07-06 08:29:50 +02:00
|
|
|
require_once "resources/footer.php";
|
2012-06-04 16:58:40 +02:00
|
|
|
?>
|
