/** */
require_once('HTMLForm.php');
-require_once('Group.php');
/** Entry point */
function wfSpecialUserrights() {
function execute() {
// show the general form
$this->switchForm();
- if ( $this->mPosted ) {
+ if( $this->mPosted ) {
// show some more forms
- if($this->mRequest->getCheck('ssearchuser')) {
- $this->editUserGroupsForm( $this->mRequest->getVal('user-editname')); }
+ if( $this->mRequest->getCheck( 'ssearchuser' ) ) {
+ $this->editUserGroupsForm( $this->mRequest->getVal( 'user-editname' ) );
+ }
// save settings
- if($this->mRequest->getCheck('saveusergroups')) {
- $this->saveUserGroups($this->mRequest->getVal('user-editname'),
- $this->mRequest->getArray('member'),
- $this->mRequest->getArray('available'));
+ if( $this->mRequest->getCheck( 'saveusergroups' ) ) {
+ global $wgUser;
+ $username = $this->mRequest->getVal( 'user-editname' );
+ if( $wgUser->matchEditToken( $this->mRequest->getVal( 'wpEditToken' ), $username ) ) {
+ $this->saveUserGroups( $username,
+ $this->mRequest->getArray( 'member' ),
+ $this->mRequest->getArray( 'available' ) );
+ }
}
}
}
* @param array $addgroup id of groups to be added.
*
*/
- function saveUserGroups($username,$removegroup,$addgroup) {
+ function saveUserGroups( $username, $removegroup, $addgroup) {
$u = User::newFromName($username);
if(is_null($u)) {
- $wgOut->addHTML('<p>'.wfMsg('nosuchusershort',$username).'</p>');
+ $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
return;
}
if($u->getID() == 0) {
- $wgOut->addHTML('<p>'.wfMsg('nosuchusershort',$username).'</p>');
+ $wgOut->addWikiText( wfMsg( 'nosuchusershort', htmlspecialchars( $username ) ) );
return;
}
// remove then add groups
if(isset($removegroup)) {
$newGroups = array_diff($newGroups, $removegroup);
+ foreach( $removegroup as $group ) {
+ $u->removeGroup( $group );
+ }
}
if(isset($addgroup)) {
$newGroups = array_merge($newGroups, $addgroup);
+ foreach( $addgroup as $group ) {
+ $u->addGroup( $group );
+ }
}
$newGroups = array_unique( $newGroups );
-
- // save groups in user object and database
- $u->setGroups($newGroups);
- $u->saveSettings();
+
+ wfDebug( 'oldGroups: ' . print_r( $oldGroups, true ) );
+ wfDebug( 'newGroups: ' . print_r( $newGroups, true ) );
$log = new LogPage( 'rights' );
$log->addEntry( 'rights', Title::makeTitle( NS_USER, $u->getName() ), '', array( $this->makeGroupNameList( $oldGroups ),
}
function makeGroupNameList( $ids ) {
- $s = '';
- foreach( $ids as $id ) {
- if ( $s != '' ) {
- $s .= ', ';
- }
- $groupObj = Group::newFromId( $id );
- $s .= $groupObj->getExpandedName();
- }
- return $s;
+ return implode( ', ', $ids );
}
/**
$wgOut->addHTML( "<form name=\"uluser\" action=\"$this->action\" method=\"post\">\n" );
$wgOut->addHTML( $this->fieldset( 'lookup-user',
$this->textbox( 'user-editname' ) .
- '<input type="submit" name="ssearchuser" value="'.wfMsg('editusergroup').'" />'
+ wfElement( 'input', array(
+ 'type' => 'submit',
+ 'name' => 'ssearchuser',
+ 'value' => wfMsg( 'editusergroup' ) ) )
));
$wgOut->addHTML( "</form>\n" );
}
* @param string $username Name of the user.
*/
function editUserGroupsForm($username) {
- global $wgOut;
+ global $wgOut, $wgUser;
$user = User::newFromName($username);
- $encUser = htmlspecialchars( $username );
- if(is_null($user)) {
- $wgOut->addHTML('<p>'.wfMsg('nosuchusershort', $encUser).'</p>');
+ if( is_null( $user ) || $user->getID() == 0 ) {
+ $wgOut->addWikiText( wfMsg( 'nosuchusershort', wfEscapeWikiText( $username ) ) );
return;
}
-
- if($user->getID() == 0) {
- $wgOut->addHTML('<p>'.wfMsg('nosuchusershort', $encUser).'</p>');
- return;
- }
$groups = $user->getGroups();
$wgOut->addHTML( "<form name=\"editGroup\" action=\"$this->action\" method=\"post\">\n".
- '<input type="hidden" name="user-editname" value="'.$encUser.'" />');
- $wgOut->addHTML( $this->fieldset( 'editusergroup',
- wfMsg('editing', $this->mRequest->getVal('user-editname')).".<br />\n" .
+ wfElement( 'input', array(
+ 'type' => 'hidden',
+ 'name' => 'user-editname',
+ 'value' => $username ) ) .
+ wfElement( 'input', array(
+ 'type' => 'hidden',
+ 'name' => 'wpEditToken',
+ 'value' => $wgUser->editToken( $username ) ) ) .
+ $this->fieldset( 'editusergroup',
+ $wgOut->parse( wfMsg('editing', $username ) ) .
'<table border="0" align="center"><tr><td>'.
HTMLSelectGroups('member', $this->mName.'-groupsmember', $groups,true,6).
'</td><td>'.
HTMLSelectGroups('available', $this->mName.'-groupsavailable', $groups,true,6,true).
'</td></tr></table>'."\n".
- '<p>'.wfMsg('userrights-groupshelp').'</p>'."\n".
- '<input type="submit" name="saveusergroups" value="'.wfMsg('saveusergroups').'" />'
+ $wgOut->parse( wfMsg('userrights-groupshelp') ) .
+ wfElement( 'input', array(
+ 'type' => 'submit',
+ 'name' => 'saveusergroups',
+ 'value' => wfMsg( 'saveusergroups' ) ) )
));
$wgOut->addHTML( "</form>\n" );
}