Hệ thống quản lý phòng khám trực tuyến bằng PHP
1 <?php
2 $currDir = dirname(__FILE__);
3 require("{$currDir}/incCommon.php");
4
5 // get groupID of anonymous group
6 $anon_safe = makeSafe($adminConfig['anonymousGroup'], false);
7 $anonGroupID = sqlValue("select groupID from membership_groups where name='{$anon_safe}'");
8
9 // get list of tables
10 $table_list = getTableList();
11 $perm = array();
12
13 // request to save changes?
14 if($_POST['saveChanges'] != ''){
15 // validate data
16 $name = makeSafe($_POST['name']);
17 $description = makeSafe($_POST['description']);
18 switch($_POST['visitorSignup']){
19 case 0:
20 $allowSignup = 0;
21 $needsApproval = 1;
22 break;
23 case 2:
24 $allowSignup = 1;
25 $needsApproval = 0;
26 break;
27 default:
28 $allowSignup = 1;
29 $needsApproval = 1;
30 }
31
32 foreach($table_list as $tn => $tc){
33 $perm["{$tn}_insert"] = checkPermissionVal("{$tn}_insert");
34 $perm["{$tn}_view"] = checkPermissionVal("{$tn}_view");
35 $perm["{$tn}_edit"] = checkPermissionVal("{$tn}_edit");
36 $perm["{$tn}_delete"] = checkPermissionVal("{$tn}_delete");
37 }
38
39 // new group or old?
40 if($_POST['groupID'] == ''){ // new group
41 // make sure group name is unique
42 if(sqlValue("select count(1) from membership_groups where name='{$name}'")){
43 echo "<div class=\"alert alert-danger\">{$Translation["group exists error"]}</div>";
44 include("{$currDir}/incFooter.php");
45 }
46
47 // add group
48 sql("insert into membership_groups set name='{$name}', description='{$description}', allowSignup='{$allowSignup}', needsApproval='{$needsApproval}'", $eo);
49
50 // get new groupID
51 $groupID = db_insert_id(db_link());
52 } else { // old group
53 // validate groupID
54 $groupID = intval($_POST['groupID']);
55
56 /* force configured name and no signup for anonymous group */
57 if($groupID == $anonGroupID){
58 $name = $adminConfig['anonymousGroup'];
59 $allowSignup = 0;
60 $needsApproval = 0;
61 }
62
63 // make sure group name is unique
64 if(sqlValue("select count(1) from membership_groups where name='{$name}' and groupID!='{$groupID}'")){
65 echo "<div class=\"alert alert-danger\">{$Translation["group exists error"]}</div>";
66 include("{$currDir}/incFooter.php");
67 }
68
69 // update group
70 sql("update membership_groups set name='{$name}', description='{$description}', allowSignup='{$allowSignup}', needsApproval='{$needsApproval}' where groupID='{$groupID}'", $eo);
71
72 // reset then add group permissions
73 foreach($table_list as $tn => $tc){
74 sql("delete from membership_grouppermissions where groupID='{$groupID}' and tableName='{$tn}'", $eo);
75 }
76 }
77
78 // add group permissions
79 if($groupID){
80 foreach($table_list as $tn => $tc){
81 $allowInsert = $perm["{$tn}_insert"];
82 $allowView = $perm["{$tn}_view"];
83 $allowEdit = $perm["{$tn}_edit"];
84 $allowDelete = $perm["{$tn}_delete"];
85 sql("insert into membership_grouppermissions set groupID='{$groupID}', tableName='{$tn}', allowInsert='{$allowInsert}', allowView='{$allowView}', allowEdit='{$allowEdit}', allowDelete='{$allowDelete}'", $eo);
86 }
87 }
88
89 // redirect to group editing page
90 redirect("admin/pageEditGroup.php?groupID={$groupID}");
91 } elseif($_GET['groupID'] != ''){
92 // we have an edit request for a group
93 $groupID = intval($_GET['groupID']);
94 }
95
96 $GLOBALS['page_title'] = $Translation['view groups'];
97 include("{$currDir}/incHeader.php");
98
99 if($groupID != ''){
100 // fetch group data to fill in the form below
101 $res = sql("select * from membership_groups where groupID='{$groupID}'", $eo);
102 if($row = db_fetch_assoc($res)){
103 // get group data
104 $name = $row['name'];
105 $description = $row['description'];
106 $visitorSignup = ($row['allowSignup'] == 1 && $row['needsApproval'] == 1 ? 1 : ($row['allowSignup'] == 1 ? 2 : 0));
107
108 // get group permissions for each table
109 $res = sql("select * from membership_grouppermissions where groupID='{$groupID}'", $eo);
110 while($row = db_fetch_assoc($res)){
111 $tn = $row['tableName'];
112 $perm["{$tn}_insert"] = $row['allowInsert'];
113 $perm["{$tn}_view"] = $row['allowView'];
114 $perm["{$tn}_edit"] = $row['allowEdit'];
115 $perm["{$tn}_delete"] = $row['allowDelete'];
116 }
117 } else {
118 // no such group exists
119 echo "<div class=\"alert alert-danger\">{$Translation["group not found error"]}</div>";
120 $groupID = 0;
121 }
122 }
123 ?>
124
125 <div class="page-header">
126 <h1>
127 <?php echo($groupID ? str_replace('<GROUPNAME>', '<span class="text-info">' . html_attr($name) . '</span>', $Translation['edit group']) : $Translation['add new group']); ?>
128 <div class="pull-right">
129 <div class="btn-group">
130 <a href="pageViewGroups.php" class="btn btn-default btn-lg"><i class="glyphicon glyphicon-arrow-left"></i> <span class="hidden-xs hidden-sm"><?php echo $Translation['back to groups']; ?></span></a>
131 <?php if($groupID){ ?>
132 <a href="pageViewMembers.php?groupID=<?php echo $groupID; ?>" class="btn btn-default btn-lg"><i class="glyphicon glyphicon-user"></i> <span class="hidden-xs hidden-sm"><?php echo $Translation['view group members']; ?></span></a>
133 <a href="pageEditMember.php?groupID=<?php echo $groupID; ?>" class="btn btn-default btn-lg"><i class="glyphicon glyphicon-plus"></i> <span class="hidden-xs hidden-sm"><?php echo $Translation['add member to group']; ?></span></a>
134 <a href="pageViewRecords.php?groupID=<?php echo $groupID; ?>" class="btn btn-default btn-lg"><i class="glyphicon glyphicon-th"></i> <span class="hidden-xs hidden-sm"><?php echo $Translation['view group records']; ?></span></a>
135 <?php } ?>
136 </div>
137 </div>
138 <div class="clearfix"></div>
139 </h1>
140 </div>
141
142 <?php if($anonGroupID == $groupID){ ?>
143 <div class="alert alert-warning"><?php echo $Translation["anonymous group attention"]; ?></div>
144 <?php } ?>
145
146
147 <div class="form-group">
148 <label class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"></label>
149 <div class="col-sm-8 col-md-9 col-lg-6">
150 <div class="checkbox">
151 <label>
152 <input type="checkbox" id="showToolTips" value="1" checked>
153 <?php echo $Translation["show tool tips"]; ?>
154 </label>
155 </div>
156 </div>
157 </div>
158
159 <form method="post" action="pageEditGroup.php" class="form-horizontal">
160 <input type="hidden" name="groupID" value="<?php echo $groupID; ?>">
161
162 <div class="form-group ">
163 <label for="group name" class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["group name"]; ?></label>
164 <div class="col-sm-8 col-md-9 col-lg-6 ">
165 <input class="form-control" type="text" name="name" <?php echo ($anonGroupID == $groupID ? "readonly" : ""); ?> value="<?php echo html_attr($name); ?>">
166 <span class="help-block">
167 <?php
168 if($anonGroupID == $groupID){
169 echo $Translation["readonly group name"];
170 }else{
171 echo str_replace('<ANONYMOUSGROUP>', $adminConfig['anonymousGroup'], $Translation["anonymous group name"]);
172 }
173 ?>
174 </span>
175 </div>
176 </div>
177
178 <div class="form-group ">
179 <label for="description" class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["description"]; ?></label>
180 <div class="col-sm-8 col-md-9 col-lg-6 ">
181 <textarea class="form-control" name="description" rows="5"><?php echo html_attr($description); ?></textarea>
182 </div>
183 </div>
184
185 <?php if($anonGroupID != $groupID){ ?>
186 <div class="form-group ">
187 <label for="allow visitors sign up" class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["allow visitors sign up"]; ?></label>
188 <div class="col-sm-8 col-md-9 col-lg-6 ">
189 <?php
190 echo htmlRadioGroup(
191 "visitorSignup",
192 array(0, 1, 2),
193 array(
194 $Translation["admin add users"],
195 $Translation["admin approve users"],
196 $Translation["automatically approve users"]
197 ),
198 ($groupID ? $visitorSignup : $adminConfig['defaultSignUp'])
199 );
200 ?>
201 </div>
202 </div>
203
204 <div class="row">
205 <div class=" col-lg-3 col-lg-offset-9 col-sm-4 col-sm-offset-8" >
206 <button type="submit" name="saveChanges" value="1" class="btn btn-primary btn-lg pull-right btn-block"><i class="glyphicon glyphicon-ok"></i> <?php echo $Translation["save changes"]; ?></button>
207 </div>
208 </div>
209
210 <div style="height: 3em;"></div>
211 <?php } ?>
212
213 <?php
214 // permissions arrays common to the radio groups below
215 $arrPermVal = array(0, 1, 2, 3);
216 $arrPermText = array($Translation["no"], $Translation["owner"], $Translation["group"], $Translation["all"]);
217 ?>
218
219 <div class="table-responsive">
220 <table class="table table-striped table-bordered table-hover">
221 <caption><h2><?php echo $Translation["group table permissions"]; ?></h2></caption>
222 <thead>
223 <tr>
224 <th><div><?php echo $Translation["table"]; ?></div></th>
225 <th><div><?php echo $Translation["insert"]; ?></div></th>
226 <th><div><?php echo $Translation["view"]; ?></div></th>
227 <th><div><?php echo $Translation["edit"]; ?></div></th>
228 <th><div><?php echo $Translation["delete"]; ?></div></th>
229 </tr>
230 </thead>
231 <tbody>
232 <?php foreach($table_list as $tn => $tc){ ?>
233 <!-- <?php echo $tn; ?> table -->
234 <tr>
235 <th><?php echo $tc; ?></th>
236 <td>
237 <input onMouseOver="stm(<?php echo $tn; ?>_addTip, toolTipStyle);" onMouseOut="htm();" type="checkbox" name="<?php echo $tn; ?>_insert" value="1" <?php echo ($perm["{$tn}_insert"] ? "checked class=\"text-primary\"" : ""); ?>>
238 </td>
239 <td>
240 <?php echo htmlRadioGroup("{$tn}_view", $arrPermVal, $arrPermText, $perm["{$tn}_view"], 'text-primary'); ?>
241 </td>
242 <td>
243 <?php echo htmlRadioGroup("{$tn}_edit", $arrPermVal, $arrPermText, $perm["{$tn}_edit"], 'text-primary'); ?>
244 </td>
245 <td>
246 <?php echo htmlRadioGroup("{$tn}_delete", $arrPermVal, $arrPermText, $perm["{$tn}_delete"], 'text-primary'); ?>
247 </td>
248 </tr>
249 <?php } ?>
250 </tbody>
251 </table>
252 </div>
253
254 <div class="row">
255 <div class=" col-lg-3 col-lg-offset-9 col-sm-4 col-sm-offset-8 " >
256 <button type="submit" name="saveChanges" value="1" class="btn btn-primary btn-lg btn-block "><i class="glyphicon glyphicon-ok"></i> <?php echo $Translation["save changes"]; ?></button>
257 </div>
258 </div>
259 </form>
260
261 <div style="height: 10em;"></div>
262
263 <script>
264 $j(function(){
265 var highlight_selections = function(){
266 $j('input[type=radio]:checked').parent().parent().addClass('text-primary');
267 $j('input[type=radio]:not(:checked)').parent().parent().removeClass('text-primary');
268 }
269
270 $j('input[type=radio]').change(function(){
271 highlight_selections();
272 });
273
274 highlight_selections();
275
276 /* tool tips for radios */
277 $j('input[type=radio]').parent().mouseover(function(){
278 var radio = $j(this).children('input[type=radio]');
279 stm(window[radio.attr('name') + radio.attr('value') + 'Tip'], toolTipStyle);
280 });
281 $j('input[type=radio]').parent().mouseout(function(){
282 htm();
283 });
284 });
285 </script>
286
287 <?php
288 include("{$currDir}/incFooter.php");
289 ?>