<?php
/**
* Provide an administration interface
- * DO NOT USE: INSECURE.
* @package MediaWiki
* @subpackage SpecialPage
*/
require_once('Group.php');
/** Entry point */
-function wfSpecialGroups($par=null) {
+function wfSpecialGroups() {
global $wgRequest;
- # Debug statement
- // print_r($_POST);
+
$form = new GroupsForm($wgRequest);
$form->execute();
}
var $mPosted, $mRequest, $mSaveprefs, $mChangeAllowed;
var $mNewName, $mDescription, $mOldName, $mRights, $mId;
var $mAdd, $mEdit;
-
+
/** Escaped local url name*/
var $action, $location;
/** Constructor*/
function GroupsForm ( &$request ) {
global $wgUser;
-
+
$this->mPosted = $request->wasPosted();
- $this->mRequest = $request;
+ $this->mRequest =& $request;
$this->mName = 'groups';
$this->mNewName = trim( $request->getText('editgroup-name') );
}
/**
- * Manage forms to be shown according to posted datas.
- * Depending on the submit button used : Call a form or a saving function.
+ * Manage forms to be shown according to posted data
+ * Depending on the submit button used, call a form or a saving function.
*/
function execute() {
global $wgOut;
} elseif ( $this->mEdit ) {
if ( $this->mPosted ) {
$wgOut->redirect( $this->location );
- } else {
+ } else {
$this->switchForm();
- $this->editGroupForm( $this->mId );
+ $this->editGroupForm( $this->mId );
}
} elseif ( $this->mAdd ) {
if ( $this->mPosted ) {
$wgOut->redirect( $this->location );
} else {
$this->switchForm();
- $this->editGroupForm( );
+ $this->editGroupForm( );
}
} else {
$this->showAllGroups();
/**
* Save a group
- * @todo FIXME : Log is incorrect.
*/
function saveGroup() {
global $wgOut;
$this->mNewName = trim($this->mNewName);
-
+
if ( $this->mNewName == '' ) {
$this->editGroupForm( $this->mGroupID, 'groups-noname' );
return false;
}
// Create a new group
- $g = new group();
+ $g = new Group();
$g->addToDatabase();
} else {
$add = false;
return;
}
}
-
+
// save stuff
$g->setName($this->mNewName);
$g->setDescription($this->mDescription);
- if( is_array( $this->mRights ) ) {
- $g->setRights( implode(',',$this->mRights) );
+ if( is_array( $this->mRights ) ) {
+ $g->setRights( implode(',',$this->mRights) );
}
-
+
$g->save();
-
+
// Make the log entry
$log = new LogPage( 'rights' );
$dummyTitle = Title::makeTitle( 0, '' );
} else {
if ( $this->mOldName != $this->mNewName ) {
// Abbreviated action name, must be less than 10 bytes
- $log->addEntry( 'rngroup', $dummyTitle, '', array( Group::getMessageForContent( $this->mOldName ),
+ $log->addEntry( 'rngroup', $dummyTitle, '', array( Group::getMessageForContent( $this->mOldName ),
$g->getNameForContent() ) );
} else {
$log->addEntry( 'chgroup', $dummyTitle, '', array( $g->getNameForContent() ) );
*/
function switchForm() {
global $wgOut;
-
- // group selection
+
+ // group selection
$wgOut->addHTML( "<form name=\"ulgroup\" action=\"$this->action\" method=\"post\">\n" );
$wgOut->addHTML( $this->fieldset( 'lookup-group',
HTMLSelectGroups('id', $this->mName.'-group-edit', array(0 => $this->mRequest->getVal('id')) ) .
/**
* Edit a group properties and rights.
- * @param string $groupname Name of a group to be edited.
- * @param string $error message name of the error to display
+ * @param $groupname String: Name of a group to be edited.
+ * @param $error String: message name of the error to display
*/
function editGroupForm($groupID = 0, $error = '') {
global $wgOut;
$g = Group::newFromID($groupID);
$fieldname = 'editgroup';
} else {
- // default datas when we add a group
- $g = new group();
+ // default data when we add a group
+ $g = new Group();
$fieldname = 'addgroup';
}
- $gName = $g->getName();
- $gDescription = $g->getDescription();
+ $gName = htmlspecialchars( $g->getName() );
+ $gDescription = htmlspecialchars( $g->getDescription() );
- $wgOut->addHTML( "<form name=\"editGroup\" action=\"$this->action\" method=\"post\">\n".
+ $wgOut->addHTML( "<form name=\"editGroup\" action=\"{$this->action}\" method=\"post\">\n".
'<input type="hidden" name="editgroup-oldname" value="'.$gName."\" />\n" );
$wgOut->addHTML( $this->fieldset( $fieldname,
foreach ( $groups as $group ) {
$s .= "|-\n| " . $group->getId() . ' || ' .
$group->getExpandedName() . ' || ' .
- $group->getExpandedDescription() . ' || '.
+ $group->getExpandedDescription() . ' || '.
// Insert spaces to make it wrap
str_replace( ',', ', ', $group->getRights() ) . "\n";
}
$s .= "|}\n";
$wgOut->addWikiText( $s );
}
-
+
function showRecord() {
global $wgOut;
-
+
$groups =& Group::getAllGroups();
$rec = serialize( $groups );
- // Escape it for PHP
- $rec = str_replace( array( '\\', "'" ), array( '\\\\', "\\'" ), $rec );
- // Escape it for HTML
- $rec = htmlspecialchars( $rec );
+ // Split it into lines
+ $rec = explode( "\r\n", chunk_split( $rec ) );
+ $s = '';
+ foreach ( $rec as $index => $line ) {
+ if ( trim( $line ) != '' ) {
+ if ( $s ) {
+ $s .= "' .\n\t'";
+ }
+ // Escape it for PHP
+ $line = str_replace( array( '\\', "'" ), array( '\\\\', "\\'" ), $line );
+ // Escape it for HTML
+ $line = htmlspecialchars( $line );
+ // Add it to the string
+ $s .= $line;
+ }
+ }
+ $s .= "';";
$s = "<p>Copy the following into LocalSettings.php:</p>\n" .
"<textarea readonly rows=20>\n" .
- "\$wgStaticGroups = '$rec';\n" .
+ "\$wgStaticGroups = \n\t'$s\n" .
"</textarea>";
$wgOut->addHTML( $s );
}