25 require_once(
"../class/config.php");
26 include_once(
"head.php");
29 "user_name" => array (
"post",
"string", FALSE),
30 "site_id" => array (
"post",
"integer", -1),
31 "right" => array (
"post",
"string", FALSE),
35 if ($user_name === FALSE)
37 $msg->raise(
"ERROR",
"piwik", _(
'No piwik user specified'));
42 if ($site_id != -1 && $right !== FALSE) {
43 $db->query(
"SELECT COUNT(*) AS ok FROM piwik_sites WHERE uid=? AND piwik_id=?;",array(
$cuid,$site_id));
47 $msg->raise(
"ERROR",
"piwik", _(
"You don't own this piwik website"));
51 $db->query(
"SELECT COUNT(*) AS ok FROM piwik_users WHERE uid=? AND login=?",array(
$cuid,$user_name));
55 $msg->raise(
"ERROR",
"piwik", _(
"You don't own this piwik user"));
59 $piwik_rights = array(
"noaccess",
"view",
"admin");
60 if (in_array($right, $piwik_rights))
62 $api_data = $piwik->site_set_user_right($site_id, $user_name, $right);
63 if ($api_data === FALSE)
64 $msg->raise(
"ERROR",
"piwik", $api_data->message);
65 $msg->raise(
"ERROR",
"piwik", $api_data->message);
67 $msg->raise(
"INFO",
"piwik", _(
'success'));
71 $msg->raise(
"ERROR",
"piwik", _(
"This right does not exist"));
78 $db->query(
"SELECT piwik_id FROM piwik_sites WHERE uid=?",array(
$cuid));
79 while (
$db->next_record())
88 $db->query(
"SELECT login FROM piwik_users WHERE uid=?",arary(
$cuid));
89 while (
$db->next_record())
96 <h3><?php printf(
'%s "%s"', _(
"Rights for user"), $user_name); ?></h3>
98 echo
$msg->msg_html_all();
103 $piwik_sites[ $site->idsite ] = array(
'name' => $site->name,
'url' => $site->main_url);
115 printf(
"<li>%s -> %s</li>\n",
$piwik_sites[ $access->site ][
'name'], $access->access);
121 <h3><?php printf(
'%s "%s"', _(
"Add rights to user"), $user_name); ?></h3>
126 printf(
'<li>%s <form method="post"><input type="hidden" name="site_id" value="%d">
127 <input type="hidden" name="csrf" value="'.
csrf_get(
true).
'" />
128 <select name="right">
129 <option value="noaccess">%s</option>
130 <option value="view">%s</option>
131 <option value="admin">%s</option>
133 <input type="submit" name="add" value="ajouter" class="inb" /></form></li>', $available_user_site[
'name'], $current_id_site, _(
"noacces"), _(
"view"), _(
"admin"));
139 include_once(
"foot.php"); ?>
getFields($fields, $requestOnly=false)
Get the Fields of the posted form from $_REQUEST or POST or GET and check their type.
csrf_get($return=false)
Give a new CSRF uniq token for a form the session must be up since the CSRF is linked to the session ...
foreach($raw_sites AS $site) $raw_access
$fields
Manages piwik user accounts.