Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
185 lines (152 sloc) 5.99 KB
<?PHP // $Id$
// Admin-only script to assign administrative rights to users
// !!! based on ../course/teacher.php (cut and pasted, then mangled)
require("../config.php");
# sanity checks
assert("!ereg('[^0-9]', \$_REQUEST['add'])");
assert("!ereg('[^0-9]', \$_REQUEST['remove'])");
if (! $site = get_site()) {
redirect("$CFG->wwwroot/admin/");
}
require_login();
if (!isadmin()) {
error("You must be an administrator to use this page.");
}
$primaryadmin = get_admin();
/// If you want any administrator to have the ability to assign admin
/// rights, then comment out the following if statement
if ($primaryadmin->id != $USER->id) {
error("You must be the primary administrator to use this page.");
}
/// assign all of the configurable language strings
$stringstoload = array (
"assignadmins",
"administration",
"existingadmins",
"noexistingadmins",
"potentialadmins",
"nopotentialadmins",
"addadmin",
"removeadmin",
"search",
"searchagain",
"toomanytoshow",
);
foreach ($stringstoload as $stringtoload){
$strstringtoload = "str" . $stringtoload;
$$strstringtoload = get_string($stringtoload);
}
print_header("$site->shortname: $course->shortname: $strassignadmins",
"$site->fullname",
"<A HREF=\"$CFG->wwwroot/admin\">$stradministration</A> ->
<A HREF=\"{$_SERVER['PHP_SELF']}\">$strassignadmins</A>", "");
/// Get all existing admins
$admins = get_admins();
/// Add an admin if one is specified
if ($_REQUEST['add']) {
$user = @get_record("user", "id", $_REQUEST['add']) or
error("That account (id = {$_REQUEST['add']}) doesn't exist");
if ($admins) {
foreach ($admins as $aa) {
if ($aa->id == $user->id) {
error("That user is already an admin.");
}
}
}
$admin->user = $user->id;
$admin->id = insert_record("user_admins", $admin);
$admins[] = $user;
}
/// Remove an admin if one is specified.
if ($_REQUEST['remove']) {
$user = @get_record("user", "id", $_REQUEST['remove']) or
error("That account (id = {$_REQUEST['remove']}) doesn't exist");
if ($admins) {
foreach ($admins as $key => $aa) {
if ($aa->id == $user->id) {
/// make sure that we don't delete the primary admin
/// account, so that there is always at least on admin
if ($aa->id == $primaryadmin->id) {
error("That user is the primary admin, and shouldn't be removed.");
} else {
remove_admin($user->id);
unset($admins[$key]);
}
}
}
}
}
/// Print the lists of existing and potential admins
echo "<TABLE CELLPADDING=2 CELLSPACING=10 ALIGN=CENTER>";
echo "<TR><TH WIDTH=50%>$strexistingadmins</TH><TH WIDTH=50%>$strpotentialadmins</TH></TR>";
echo "<TR><TD WIDTH=50% NOWRAP VALIGN=TOP>";
/// First, show existing admins
if (! $admins) {
echo "<P ALIGN=CENTER>$strnoexistingadmins</A>";
} else {
foreach ($admins as $admin) {
echo "<P ALIGN=right>$admin->firstname $admin->lastname,
$admin->email &nbsp;&nbsp; ";
if ($primaryadmin->id == $admin->id){
print_spacer(10, 9, false);
} else {
echo "<A HREF=\"{$_SERVER['PHP_SELF']}?remove=$admin->id\"
TITLE=\"$strremoveadmin\"><IMG SRC=\"../pix/t/right.gif\"
BORDER=0></A>";
}
echo "</P>";
}
}
echo "<TD WIDTH=50% NOWRAP VALIGN=TOP>";
/// Print list of potential admins
if ($search) {
$users = get_records_sql("SELECT * from user WHERE confirmed = 1 AND deleted = 0
AND (firstname LIKE '%$search%' OR
lastname LIKE '%$search%' OR
email LIKE '%$search%')
AND username <> 'guest' AND username <> 'changeme'");
} else {
$users = get_records_sql("SELECT * from user WHERE confirmed = 1 AND deleted = 0
AND username <> 'guest' AND username <> 'changeme'");
}
if ($users) {
foreach ($users as $user) { // Remove users who are already admins
if ($admins) {
foreach ($admins as $admin) {
if ($admin->id == $user->id) {
continue 2;
}
}
}
$potential[] = $user;
}
}
if (! $potential) {
echo "<P ALIGN=CENTER>$strnopotentialadmins</A>";
if ($search) {
echo "<FORM ACTION={$_SERVER['PHP_SELF']} METHOD=POST>";
echo "<INPUT TYPE=text NAME=search SIZE=20>";
echo "<INPUT TYPE=submit VALUE=\"$strsearchagain\">";
echo "</FORM>";
}
} else {
if ($search) {
echo "<P ALIGN=CENTER>($strsearchresults)</P>";
}
if (count($potential) <= 20) {
foreach ($potential as $user) {
echo "<P ALIGN=LEFT><A HREF=\"{$_SERVER['PHP_SELF']}?add=$user->id\"
TITLE=\"$straddadmin\"><IMG SRC=\"../pix/t/left.gif\" BORDER=0></A>&nbsp;&nbsp;$user->firstname $user->lastname, $user->email";
}
} else {
echo "<P ALIGN=CENTER>There are too many users to show.<BR>";
echo "Enter a search word here.";
echo "<FORM ACTION={$_SERVER['PHP_SELF']} METHOD=POST>";
echo "<INPUT TYPE=text NAME=search SIZE=20>";
echo "<INPUT TYPE=submit VALUE=\"$strsearch\">";
echo "</FORM>";
}
}
echo "</TR></TABLE>";
print_footer();
?>
Jump to Line
Something went wrong with that request. Please try again.