Portions created by the Initial Developer are Copyright (C) 2008-2020 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (permission_exists('group_member_view') || if_group("superadmin")) { //access allowed } else { echo "access denied"; return; } //requires a superadmin to view members of the superadmin group if (!if_group("superadmin") && $_GET["group_name"] == "superadmin") { echo "access denied"; return; } //add multi-lingual support $language = new text; $text = $language->get(); //get the http post data if (is_array($_POST['group_members'])) { $action = $_POST['action']; $group_uuid = $_POST['group_uuid']; $group_members = $_POST['group_members']; } //process the http post data by action if ($action != '' && is_array($group_members) && @sizeof($group_members) != 0) { switch ($action) { case 'delete': if (permission_exists('group_member_delete') && is_uuid($group_uuid)) { $obj = new groups; $obj->group_uuid = $group_uuid; $obj->delete_members($group_members); } break; } header('Location: group_members.php?group_uuid='.urlencode($group_uuid)); exit; } //get the group uuid, lookup domain uuid (if any) and name $group_uuid = $_REQUEST['group_uuid']; $sql = "select domain_uuid, group_name from v_groups "; $sql .= "where group_uuid = :group_uuid "; $parameters['group_uuid'] = $group_uuid; $database = new database; $row = $database->select($sql, $parameters, 'row'); if (is_array($row) && sizeof($row) != 0) { $domain_uuid = $row["domain_uuid"]; $group_name = $row["group_name"]; } unset($sql, $parameters, $row); //get the the users array if (permission_exists('group_member_add')) { $sql = "select * from v_users where "; $sql .= "domain_uuid = :domain_uuid "; $sql .= "order by username "; $parameters['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : $_SESSION['domain_uuid']; $database = new database; $users = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); } //get the groups users $sql = "select u.user_uuid, u.username, ug.user_group_uuid, ug.domain_uuid, ug.group_uuid "; $sql .= "from v_user_groups as ug, v_users as u, v_domains as d "; $sql .= "where ug.user_uuid = u.user_uuid "; $sql .= "and ug.domain_uuid = d.domain_uuid "; if (is_uuid($domain_uuid)) { $sql .= "and ug.domain_uuid = :domain_uuid_ug "; $parameters['domain_uuid_ug'] = $domain_uuid; } if (!permission_exists('user_all')) { $sql .= "and u.domain_uuid = :domain_uuid_u "; $parameters['domain_uuid_u'] = $_SESSION['domain_uuid']; } $sql .= "and ug.group_uuid = :group_uuid "; $sql .= "order by d.domain_name asc, u.username asc "; $parameters['group_uuid'] = $group_uuid; $database = new database; $user_groups = $database->select($sql, $parameters, 'all'); $num_rows = is_array($user_groups) && @sizeof($user_groups) != 0 ? sizeof($user_groups) : 0; unset($sql, $parameters); //add group_member to the users array foreach ($users as &$field) { $field['group_member'] = 'false'; foreach($user_groups as $row) { if ($row['user_uuid'] == $field['user_uuid']) { $field['group_member'] = 'true'; break; } } } //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); //include the header $document['title'] = $text['title-group_members']; require_once "resources/header.php"; //show the content echo "
\n"; echo "
".$text['header-group_members']." (".$group_name.": ".$num_rows.")
\n"; echo "
\n"; echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'groups.php']); if (permission_exists('group_permission_view')) { echo button::create(['type'=>'button','label'=>$text['button-permissions'],'icon'=>'key','style'=>'margin-right: 15px;','link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid)]); } if (permission_exists('group_member_add')) { echo "
\n"; echo " \n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo button::create(['type'=>'submit','label'=>$text['button-add_member'],'icon'=>$_SESSION['theme']['button_icon_add'],'collapse'=>'hide-xs']); echo "
\n"; } if (permission_exists('group_member_delete') && $user_groups) { echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'btn_delete','collapse'=>'hide-xs','onclick'=>"modal_open('modal-delete','btn_delete');"]); } echo "
\n"; echo "
\n"; echo "
\n"; if (permission_exists('group_member_delete') && $user_groups) { echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'button','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','onclick'=>"modal_close(); list_action_set('delete'); list_form_submit('form_list');"])]); } echo "
\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; if (permission_exists('group_member_delete')) { echo " \n"; } if (permission_exists('user_all')) { echo "\n"; } echo " \n"; echo "\n"; if (is_array($user_groups) && @sizeof($user_groups) != 0) { $x = 0; foreach ($user_groups as &$row) { echo ""; if (permission_exists('group_member_delete')) { echo " \n"; } if (permission_exists('user_all')) { echo "\n"; } echo "\n"; echo "\n"; $x++; } } echo "
\n"; echo " \n"; echo " ".$text['label-domain']."".$text['label-username']."
\n"; echo " \n"; echo " \n"; echo " ".$_SESSION['domains'][$row["domain_uuid"]]['domain_name']."".$row["username"]."
\n"; echo "
"; echo ""; echo "
"; //include the footer require_once "resources/footer.php"; ?>