1<?php
2
3include ('includes/session.php');
4$Title = _('Page Security Levels');
5include ('includes/header.php');
6
7echo '<p class="page_title_text"><img src="' . $RootPath . '/css/' . $Theme . '/images/security.png" title="' . _('Page Security Levels') . '" alt="" />' . ' ' . $Title . '</p><br />';
8
9if ($AllowDemoMode) {
10	prnMsg(_('The the system is in demo mode and the security model administration is disabled'), 'warn');
11	exit;
12}
13
14if (isset($_POST['Update'])) {
15	foreach ($_POST as $ScriptName => $PageSecurityValue) {
16		if ($ScriptName != 'Update' and $ScriptName != 'FormID') {
17			$ScriptName = mb_substr($ScriptName, 0, mb_strlen($ScriptName) - 4) . '.php';
18			$SQL = "UPDATE scripts SET pagesecurity='" . $PageSecurityValue . "' WHERE script='" . $ScriptName . "'";
19			$UpdateResult = DB_query($SQL, _('Could not update the page security value for the script because'));
20		}
21	}
22}
23
24$SQL = "SELECT script,
25			pagesecurity,
26			description
27		FROM scripts";
28
29$Result = DB_query($SQL);
30
31echo '<br /><form method="post" id="PageSecurity" action="' . htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8') . '">';
32echo '<div>';
33echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
34
35echo '<table class="selection">';
36
37$TokenSql = "SELECT tokenid,
38					tokenname
39			FROM securitytokens
40			ORDER BY tokenname";
41$TokenResult = DB_query($TokenSql);
42
43while ($MyRow = DB_fetch_array($Result)) {
44	echo '<tr>
45			<td>' . $MyRow['script'] . '</td>
46			<td><select name="' . $MyRow['script'] . '">';
47
48	while ($myTokenRow = DB_fetch_array($TokenResult)) {
49		if ($myTokenRow['tokenid'] == $MyRow['pagesecurity']) {
50			echo '<option selected="selected" value="' . $myTokenRow['tokenid'] . '">' . $myTokenRow['tokenname'] . '</option>';
51		} else {
52			echo '<option value="' . $myTokenRow['tokenid'] . '">' . $myTokenRow['tokenname'] . '</option>';
53		}
54	}
55	echo '</select></td>
56		</tr>';
57	DB_data_seek($TokenResult, 0);
58}
59
60echo '</table><br />';
61
62echo '<div class="centre">
63		<input type="submit" name="Update" value="' . _('Update Security Levels') . '" />
64	</div>
65	<br />
66    </div>
67	</form>';
68
69include ('includes/footer.php');
70?>