<?php
/**
* A SpecialPage extension "GroupsAdministration" task's are:
* - Creation of new groups
* - Control over groups
* - Control over user memberships
*
* @package MediaWiki version 1.6.5 or later
* @subpackage Extensions
*
* @author Borut Tomažin (debijan@gmail.com)
* @url http://www.mediawiki.org/wiki/Extension:Prefix_Security
* @copyright Copyright © 2006, Borut Tomažin
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public Licence 2.0 or later
*/
if( defined( 'MEDIAWIKI' ) ) {
require_once( 'SpecialPage.php' );
$wgExtensionFunctions[] = 'efGroupsAdministration';
$wgExtensionCredits['specialpage'][] = array(
'name' => 'Groups Administration',
'author' => 'Borut Tomažin',
'url' => 'http://www.mediawiki.org/wiki/Extension:Prefix_Security'
);
/**
* Function: efGroupsAdministration
* - Adds new SpecialPage and performs MessageCache definitions
*/
function efGroupsAdministration() {
global $wgOut;
global $wgParser;
global $wgMessageCache;
SpecialPage::addPage( new GroupsAdministration() );
$wgMessageCache->addMessages(
array(
'groupsadministration' => "Groups Administration",
'groupsadministration-invalid' => " Group name is invalid.",
'groupsadministration-missing' => " To create a new group you should enter the name of it.",
'groupsadministration-success' => " The group \"$1\" has been successfully created.",
'groupsadministration-failed' => " Failed to create group \"$1\". It already exists.",
'groupsadministration-delete-ok' => " The group \"$1\" has been successfully deleted.",
'groupsadministration-delete-areyousure' => " Are you sure you want to delete the group \"$1\" ?",
'groupsadministration-delete-cancel' => " The deleted items have been cancelled.",
'groupsadministration-edit-new-user-missing' => " Please supply the name of the user!",
'groupsadministration-edit-new-user-not-found' => " The user name \"$1\" does not exist in database. Try to find it first.",
'groupsadministration-edit-new-user-added' => " The user name \"$1\" has been successfuly added to the group \"$2\".",
'groupsadministration-edit-new-user-exist' => " The user name \"$1\" has been already assigned to the group \"$2\".",
'groupsadministration-edit-new-user-invalid' => " The user name \"$1\" is invalid. Please check the spelling.<br>Note: user names begin with capital letter. You can also try to find username.",
'groupsadministration-edit-find-user-list' => " User names to meet the search criteria:",
'groupsadministration-edit-find-user-nothing' => " There have been no match for search criteria.",
'groupsadministration-edit-delete-ok' => " The $1 been successfully deleted.",
'groupsadministration-edit-delete-no' => " Failed to delete selected users.",
'groupsadministration-edit-delete-user-areyousure1' => " If you delete all users the group will be deleted too!!!<br>Do you still want to delete it ?",
'groupsadministration-edit-delete-user-areyousure2' => " Are you sure you want to delete selected user ?",
'groupsadministration-edit-delete-user-choose' => " Please select at least one user to delete.",
'groupsadministration-none' => " There are no groups defined.<br>Click \"Create New\" button to create one."
)
);
}
/**
* Class: GroupsAdministration
* - The main class for executing head operations
*/
class GroupsAdministration extends IncludableSpecialPage {
/**
* Constructor: GroupsAdministration
*/
function GroupsAdministration() {
SpecialPage::SpecialPage( 'GroupsAdministration', '', true, false, 'default', false );
}
/**
* Function: execute
* - Main execution function
*
* @param $par
*/
function execute( $par ) {
global $wgOut;
global $wgTitle;
global $wgUser;
global $wgVersion;
global $wgRequest;
global $wgArticlePath;
global $wgGroupPermissions;
$textbox_width = "size='20'";
$server_param = strstr( $wgArticlePath, "?" ) ? "&" : "?";
$this->setHeaders();
# If user is logged in
if( !$wgUser->isLoggedIn() ) {
$wgOut->loginToUse();
return;
}
# If user is on permission list or If user is Sysop
if( !$this->canAdministrate() ) {
$wgOut->permissionRequired( "Administrate" );
return;
}
# If Page is readonly
if ( wfReadOnly() ) {
$wgOut->readOnlyPage();
return;
}
# If user has the right version
if ( version_compare($wgVersion, '1.6.3', '<') ) {
$wgOut->versionRequired('1.6.3');
return;
}
$action = $wgTitle->escapeLocalURL();
#=====================================================#
# PRE GET REQUESTS
#=====================================================#
$operand = -1;
$finded_users_array = array();
$users_to_delete = "";
$num_to_delete = 0;
# if( $_SERVER['REQUEST_METHOD'] == 'GET' ) {
# }
#=====================================================#
# PRE POST REQUESTS
#=====================================================#
if( $wgRequest->wasPosted() ) {
# PRE POST REQUEST: create new group
#============================================#
if( $wgRequest->getText( 'create_new_group' ) != "" ) {
$new_group = $wgRequest->getText( 'new_group' );
if( strlen( $new_group ) == 0 ) {
$operand = 0;
}
else {
$user_name_id = $wgUser->idFromName( $wgUser->getName() );
$group_name = $new_group;
$dbr =& wfGetDB( DB_SLAVE );
$sql = "
SELECT ug_group
FROM ".$this->DatabasePrefixExists()."user_groups
WHERE ug_group='$group_name'
";
$res = $dbr->query( $sql );
if( $dbr->numRows( $res ) == 0 ) {
$dbr =& wfGetDB( DB_MASTER );
$sql = "
INSERT INTO ".$this->DatabasePrefixExists()."user_groups (ug_user, ug_group)
VALUES ('$user_name_id', '$group_name')
";
$dbr->query( $sql );
$operand = 1;
}
else {
$operand = 2;
}
$dbr->freeResult( $res );
}
}
# PRE POST REQUEST: delete group - yes
#============================================#
if( $wgRequest->getText( 'delete_group_yes' ) != "" ) {
$group_name = $wgRequest->getText( 'group_name' );
$dbr =& wfGetDB( DB_MASTER );
$sql = "
DELETE FROM ".$this->DatabasePrefixExists()."user_groups
WHERE ug_group='$group_name'
";
$dbr->query( $sql );
}
# PRE POST REQUEST: edit group - add user
#============================================#
if( $wgRequest->getText( 'add_new_user' ) != "" ) {
if( $wgRequest->getText( 'new_user' ) != "" ) {
$add_user_name = /*strtolower( */$wgRequest->getText( 'new_user' ) /*)*/;
#$add_user_name = strtoupper( $add_user_name[0] ) . substr( $add_user_name, 1, strlen( $add_user_name ) -1 );
if( $wgUser->isValidUserName( $add_user_name ) ) {
if( strlen( $wgUser->whoIs( $wgUser->idFromName( $add_user_name ) ) ) > 0 ) {
$group_name = $wgRequest->getText( 'group_name' );
$add_user_name_id = $wgUser->idFromName( $add_user_name );
$dbr =& wfGetDB( DB_SLAVE );
$sql = "
SELECT *
FROM ".$this->DatabasePrefixExists()."user_groups
WHERE ug_user='$add_user_name_id'
AND ug_group='$group_name'
";
$res = $dbr->query( $sql );
if( $dbr->numRows( $res ) == 0 ) {
$dbr->freeResult( $res );
$dbr =& wfGetDB( DB_MASTER );
$sql = "
INSERT INTO ".$this->DatabasePrefixExists()."user_groups ( ug_user, ug_group )
VALUES ( '$add_user_name_id', '$group_name' )
";
$dbr->query( $sql );
$operand = 0;
}
else {
$operand = 1;
}
}
else {
$operand = 2;
}
}
else {
$operand = 3;
}
}
else {
$operand = 4;
}
}
# PRE POST REQUEST: edit group - find user
#============================================#
if( $wgRequest->getText( 'find_user' ) != "" ) {
if( $wgRequest->getText( 'new_user' ) != "" ) {
$user_to_find = strtolower( $wgRequest->getText( 'new_user' ) );
if( strlen( $user_to_find ) > 1 )
$user_to_find = strtoupper( $user_to_find[0] ) . substr( $user_to_find, 1, strlen( $user_to_find ) -1 );
else
$user_to_find = strtoupper( $user_to_find[0] );
$dbr =& wfGetDB( DB_SLAVE );
$sql = "SELECT user_name, user_real_name FROM ".$this->DatabasePrefixExists()."user";
$res = $dbr->query( $sql );
$num = 0;
$finded_users_array = array();
while( $row = $dbr->fetchObject( $res ) ) {
$user = $row->user_name;
if( $user_to_find == substr( $user, 0, strlen( $user_to_find ) ) ) {
$finded_users_array[] = $user;
$num++;
}
}
$dbr->freeResult( $res );
if( $num > 0 ) {
$operand = 0;
}
else {
$operand = 1;
}
}
else {
$operand = 2;
}
}
# PRE POST REQUEST: edit group - delete yes
#============================================#
if( $wgRequest->getText( 'delete_user_yes' ) != "" ) {
$group_name = $wgRequest->getText( 'group_name' );
$remove_user_id = $wgRequest->getText( 'remove_user' );
$dbr =& wfGetDB( DB_MASTER );
$sql = "
DELETE FROM ".$this->DatabasePrefixExists()."user_groups
WHERE ug_user='$remove_user_id'
AND ug_group='$group_name'
";
$dbr->query( $sql );
$operand = 1;
}
}
#=====================================================#
# The Main Page
#=====================================================#
$filename = "./extensions/Installation.php";
if( file_exists( $filename ) ) {
require_once( $filename );
}
else {
$desc = " '''SpecialPage extension \"GroupsAdministration\"'''";
$desc.= "<br>•package MediaWiki version 1.6.5 or later";
$desc.= "<br>•subpackage Extensions";
$desc.= "<br><br>•author Borut Tomažin (debijan@gmail.com)";
$desc.= "<br>•copyright Copyright © 2006, Borut Tomažin";
$desc.= "<br>•licence http://www.gnu.org/copyleft/gpl.html GNU General Public Licence 2.0 later";
$wgOut->addWikiText( $desc );
$wgOut->addHTML( "<fieldset><legend>Available groups</legend>" );
$dbr =& wfGetDB( DB_SLAVE );
$sql = "SELECT DISTINCT ug_group FROM ".$this->DatabasePrefixExists()."user_groups";
$res = $dbr->query( $sql );
$count = $dbr->numRows( $res );
if( $count > 0 ) {
$wgOut->addHTML( "<ul>" );
while( $row = $dbr->fetchObject( $res ) ) {
$user_group = $row->ug_group;
$action_edit = $action.$server_param."action=edit_group&group_name=".$user_group;
$action_delete = $action.$server_param."action=delete_group&group_name=".$user_group;
$wgOut->addHTML( "
<input type='hidden' name='group_name' value=\"$user_group\">
<li>
<a href='$action_edit'>".$user_group."</a>
<a href='$action_delete'>(delete)</a>
</li>
" );
}
$wgOut->addHTML( "
</ul>
</table>
<P> </P>
" );
}
else {
$wgOut->addWikiText( wfMsg( 'groupsadministration-none' ) );
}
$dbr->freeResult( $res );
$action = $wgTitle->escapeLocalUrl();
$wgOut->addHTML( "
<form name='form_create' method='post' action=\"$action\">
<input type='text' name='new_group' title='To create new group type here the name of it !' $textbox_width>
<input type='submit' name='create_new_group' value='Create New'>
</form>
</fieldset>
" );
}
#=====================================================#
# GET REQUESTS
#=====================================================#
if( $_SERVER['REQUEST_METHOD'] == 'GET' ) {
# GET REQUEST: delete group - question
#============================================#
if( $wgRequest->getText( 'action' ) == "delete_group" ) {
$group_name = $wgRequest->getText( 'group_name' );
$action = $wgTitle->escapeLocalURL();
$wgOut->addWikiText( wfMsg( 'groupsadministration-delete-areyousure', $group_name ) );
$wgOut->addHTML( "
<form name='form_delete' method='post' action=\"$action\">
<input type='hidden' name='group_name' value=\"$group_name\">
<input type='submit' name='delete_group_yes' value='Yes'>
<input type='submit' name='delete_group_no' value='No'>
" );
}
# GET REQUEST: edit group
#============================================#
if( $wgRequest->getText( 'action' ) == "edit_group" ) {
$this->edit_group( "", $textbox_width );
}
# GET REQUEST: edit group
#============================================#
if( $wgRequest->getText( 'edit_group' ) != "" || $wgRequest->getText( 'add_new_user' ) != ""
|| $wgRequest->getText( 'find_user' ) != "" || $wgRequest->getText( 'delete_selected_users' )
|| $wgRequest->getText( 'delete_user_yes' ) || $wgRequest->getText( 'delete_user_no' ) ) {
$this->edit_group( "", $textbox_width );
}
# PRE GET REQUEST: remove user from group - question
#============================================#
if ( ( $group_name = $wgRequest->getText( 'group_name' ) )
&& ( $remove_user = $wgRequest->getText( 'remove_user' ) ) ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-delete-user-areyousure2' ) );
$wgOut->addHTML( "
<form name='form_delete_user' method='post' action=\"$action\">
<input type='hidden' name='edit_group' value='true'>
<input type='hidden' name='group_name' value='$group_name'>
<input type='hidden' name='remove_user' value='$remove_user'>
<input type='submit' name='delete_user_yes' value='Yes'>
<input type='submit' name='delete_user_no' value='No'>
</form>
" );
}
}
#=====================================================#
# POST REQUESTS
#=====================================================#
if ( $wgRequest->wasPosted() ) {
# POST REQUEST: create new group
#============================================#
if( $wgRequest->getText( 'create_new_group' ) != "" ) {
if( $operand == 0 )
$wgOut->addWikiText( wfMsg( 'groupsadministration-missing' ) );
else if( $operand == 1 ) {
$this->edit_group( $wgRequest->getText( 'new_group' ), $textbox_width );
}
else
$wgOut->addWikiText( wfMsg( 'groupsadministration-failed', $wgRequest->getText( 'new_group' ) ) );
return;
}
# POST REQUEST: delete group - yes
#============================================#
if( $wgRequest->getText( 'delete_group_yes' ) != "" ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-delete-ok', $wgRequest->getText( 'group_name' ) ) );
return;
}
# POST REQUEST: edit group
#============================================#
if( $wgRequest->getText( 'edit_group' ) != "" || $wgRequest->getText( 'add_new_user' ) != ""
|| $wgRequest->getText( 'find_user' ) != "" || $wgRequest->getText( 'delete_selected_users' )
|| $wgRequest->getText( 'delete_user_yes' ) || $wgRequest->getText( 'delete_user_no' ) ) {
$this->edit_group( "", $textbox_width );
}
# POST REQUEST: edit group - add user
#============================================#
if( $wgRequest->getText( 'add_new_user' ) != "" ) {
if( $operand == 0 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-added', $add_user_name, $group_name ) );
return;
}
else if( $operand == 1 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-exist', $add_user_name, $group_name ) );
return;
}
else if( $operand == 2 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-not-found', $add_user_name ) );
return;
}
else if( $operand == 3 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-invalid', $add_user_name ) );
return;
}
else if( $operand == 4 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-missing' ) );
return;
}
}
# POST REQUEST: edit group - find user
#============================================#
if( $wgRequest->getText( 'find_user' ) != "" ) {
if( $operand == 0 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-find-user-list' ) );
foreach( $finded_users_array as $finded ) {
$wgOut->addWikiText( "* ".$finded );
}
return;
}
else if( $operand == 1 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-find-user-nothing' ) );
return;
}
else if( $operand == 2 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-new-user-missing' ) );
return;
}
}
# POST REQUEST: edit group - delete selected users - question
#============================================#
if( $wgRequest->getText( 'delete_selected_users' ) != "" ) {
if( $operand == 0 ) {
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-delete-user-choose' ) );
return;
}
else if( $operand == 1 ) {
$action = $wgTitle->escapeLocalURL();
$user_number = $wgRequest->getInt( 'user_number' );
$group_name = $wgRequest->getText( 'group_name' );
if( $user_number == $num_to_delete )
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-delete-user-areyousure1' ) );
else
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-delete-user-areyousure2' ) );
$wgOut->addHTML( "
<form name='form_delete_user' method='post' action=\"$action\">
<input type='hidden' name='group_name' value='$group_name'>
<input type='hidden' name='users_to_delete' value=\"$users_to_delete\">
<input type='submit' name='delete_user_yes' value='Yes'>
<input type='submit' name='delete_user_no' value='No'>
" );
}
}
# POST REQUEST: edit group - delete yes
#============================================#
if( $wgRequest->getText( 'delete_user_yes' ) != "" ) {
if( $operand == 1 )
$wgOut->addWikiText( wfMsg( 'groupsadministration-edit-delete-ok', "user has" ) );
return;
}
}
}
/**
* Function: edit_group
* - Creates edit area upon edit button click
*
* @param $group_name: String name of the group
* @param $textbox_width: String textbox width
*/
function edit_group( $group_name = "", $textbox_width = "size='20'" ) {
global $wgRequest;
global $wgTitle;
global $wgOut;
global $wgUser;
global $wgGroupPermissions;
$server_param = strstr( $wgArticlePath, "?" ) ? "&" : "?";
if( $group_name == "" )
$group_name = $wgRequest->getText( 'group_name' );
$dbr =& wfGetDB( DB_SLAVE );
$sql = "
SELECT * FROM ".$this->DatabasePrefixExists()."user_groups
WHERE ug_group='$group_name'
";
$res = $dbr->query( $sql );
$count = $dbr->numRows( $res );
if( $count == 0 )
return;
$user_id_array = array();
while( $row = $dbr->fetchObject( $res ) ) {
$user_id_array[] = $row->ug_user;
}
$dbr->freeResult( $res );
$num = 0;
$action = $wgTitle->escapeLocalUrl();
$wgOut->addHTML( "
<fieldset><legend>Group <b>\"".$group_name."\"</b></legend>
<form name='form_delete_selected' method='post' action='$action'>
<b>Users:</b>
<ul>
" );
$remove_action = "$action{$server_param}edit_group=true&group_name=$group_name&";
foreach( $user_id_array as $user_id ) {
$num++;
$user_name = $wgUser->whoIs( $user_id );
$name_u = "user_name_".$num;
$name_c = "delete_checkbox_".$num;
$wgOut->addHTML( "
<input type='hidden' name='$name_u' value='$user_name'>
<li>{$user_name} (<a href='{$remove_action}remove_user={$user_id}'>remove user</a>)</li>
" );
}
$wgOut->addHTML( "</ul><br>" );
if( $count == 0 ) {
$wgOut->addWikiText( " There are no users for this group." );
$wgOut->addHTML( "
<input type='hidden' name='user_number' value='$num'>
<input type='hidden' name='group_name' value='$group_name'>
<input type='text' name='new_user' title='To add or find user type the name here' $textbox_width>
<input type='submit' name='add_new_user' value='Add User'>
<input type='submit' name='find_user' value='Find'>
" );
}
else {
$wgOut->addHTML( "
<input type='hidden' name='user_number' value='$num'>
<input type='hidden' name='group_name' value='$group_name'>
<input type='text' name='new_user' title='To add or find user type the name here' $textbox_width>
<input type='submit' name='add_new_user' value='Add User'>
<input type='submit' name='find_user' value='Find'>
" );
}
$wgOut->addHTML( "<font size='1'><br>* Warning: if you delete all users than the group will be deleted to!!!</font>" );
$wgOut->addHTML( "</form></fieldset>" );
}
/**
* Function: canAdministrate
* - Retrieves username listed in $wgGroupPermissions['logged']['prefixAdministration'] array
* - If this array does not exist then only Sysops can Administrate
*/
function canAdministrate() {
global $wgUser;
global $wgOut;
global $wgGroupPermissions;
if( isset( $wgGroupPermissions['logged']['prefixAdministration'] ) ) {
$username = $wgUser->whoIs( $wgUser->getId() );
if( in_array( $username, $wgGroupPermissions['logged']['prefixAdministration'] ) )
return true;
else
if( !$wgUser->isAllowed("userrights") )
return false;
}
else {
if( !$wgUser->isAllowed("userrights") ) {
return false;
}
}
return true;
}
/**
* Function: DatabasePrefixExists
* - Returns the database table prefix if exist, else returns ""
*/
function DatabasePrefixExists() {
global $wgGroupPermissions;
if( isset( $wgGroupPermissions['logged']['databasePrefix'] ) )
return $wgGroupPermissions['logged']['databasePrefix'];
return "";
}
}
}
else {
echo( "This is an extension to the MediaWiki package and cannot be run standalone.\n" );
die( -1 );
}
?>
