1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/'); 14require_once(DOKU_PLUGIN.'admin.php'); 15 16/** 17 * All DokuWiki plugins to extend the admin function 18 * need to inherit from this class 19 */ 20class admin_plugin_acl extends DokuWiki_Admin_Plugin { 21 var $acl = null; 22 var $ns = null; 23 var $who = ''; 24 var $usersgroups = array(); 25 var $specials = array(); 26 27 /** 28 * return some info 29 */ 30 function getInfo(){ 31 return array( 32 'author' => 'Andreas Gohr', 33 'email' => 'andi@splitbrain.org', 34 'date' => '2008-12-16', 35 'name' => 'ACL', 36 'desc' => 'Manage Page Access Control Lists', 37 'url' => 'http://dokuwiki.org/plugin:acl', 38 ); 39 } 40 41 /** 42 * return prompt for admin menu 43 */ 44 function getMenuText($language) { 45 return $this->getLang('admin_acl'); 46 } 47 48 /** 49 * return sort order for position in admin menu 50 */ 51 function getMenuSort() { 52 return 1; 53 } 54 55 /** 56 * handle user request 57 * 58 * Initializes internal vars and handles modifications 59 * 60 * @author Andreas Gohr <andi@splitbrain.org> 61 */ 62 function handle() { 63 global $AUTH_ACL; 64 global $ID; 65 66 // fresh 1:1 copy without replacements 67 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 68 69 // namespace given? 70 if($_REQUEST['ns'] == '*'){ 71 $this->ns = '*'; 72 }else{ 73 $this->ns = cleanID($_REQUEST['ns']); 74 } 75 76 // user or group choosen? 77 $who = trim($_REQUEST['acl_w']); 78 if($_REQUEST['acl_t'] == '__g__' && $who){ 79 $this->who = '@'.ltrim($who,'@'); 80 }elseif($_REQUEST['acl_t'] == '__u__' && $who){ 81 $this->who = ltrim($who,'@'); 82 }elseif($_REQUEST['acl_t'] && 83 $_REQUEST['acl_t'] != '__u__' && 84 $_REQUEST['acl_t'] != '__g__'){ 85 $this->who = $_REQUEST['acl_t']; 86 }elseif($who){ 87 $this->who = $who; 88 } 89 90 // handle modifications 91 if(isset($_REQUEST['cmd'])){ 92 // scope for modifications 93 if($this->ns){ 94 if($this->ns == '*'){ 95 $scope = '*'; 96 }else{ 97 $scope = $this->ns.':*'; 98 } 99 }else{ 100 $scope = $ID; 101 } 102 103 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ 104 // handle additions or single modifications 105 $this->_acl_del($scope, $this->who); 106 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); 107 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ 108 // handle single deletions 109 $this->_acl_del($scope, $this->who); 110 }elseif(isset($_REQUEST['cmd']['update'])){ 111 // handle update of the whole file 112 foreach((array) $_REQUEST['del'] as $where => $who){ 113 // remove all rules marked for deletion 114 unset($_REQUEST['acl'][$where][$who]); 115 } 116 // prepare lines 117 $lines = array(); 118 // keep header 119 foreach($AUTH_ACL as $line){ 120 if($line{0} == '#'){ 121 $lines[] = $line; 122 }else{ 123 break; 124 } 125 } 126 // re-add all rules 127 foreach((array) $_REQUEST['acl'] as $where => $opt){ 128 foreach($opt as $who => $perm){ 129 $who = auth_nameencode($who,true); 130 $lines[] = "$where\t$who\t$perm\n"; 131 } 132 } 133 // save it 134 io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines)); 135 } 136 137 // reload ACL config 138 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 139 } 140 141 // initialize ACL array 142 $this->_init_acl_config(); 143 } 144 145 /** 146 * ACL Output function 147 * 148 * print a table with all significant permissions for the 149 * current id 150 * 151 * @author Frank Schubert <frank@schokilade.de> 152 * @author Andreas Gohr <andi@splitbrain.org> 153 */ 154 function html() { 155 global $ID; 156 157 echo '<div id="acl_manager">'.NL; 158 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 159 echo '<div class="level1">'.NL; 160 161 echo '<div id="acl__tree">'.NL; 162 $this->_html_explorer($_REQUEST['ns']); 163 echo '</div>'.NL; 164 165 echo '<div id="acl__detail">'.NL; 166 $this->_html_detail(); 167 echo '</div>'.NL; 168 echo '</div>'.NL; 169 170 echo '<div class="clearer"></div>'; 171 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 172 echo '<div class="level2">'.NL; 173 $this->_html_table(); 174 echo '</div>'.NL; 175 176 echo '<div class="footnotes"><div class="fn">'.NL; 177 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; 178 echo $this->getLang('p_include'); 179 echo '</div></div>'; 180 181 echo '</div>'.NL; 182 } 183 184 /** 185 * returns array with set options for building links 186 * 187 * @author Andreas Gohr <andi@splitbrain.org> 188 */ 189 function _get_opts($addopts=null){ 190 global $ID; 191 $opts = array( 192 'do'=>'admin', 193 'page'=>'acl', 194 ); 195 if($this->ns) $opts['ns'] = $this->ns; 196 if($this->who) $opts['acl_w'] = $this->who; 197 198 if(is_null($addopts)) return $opts; 199 return array_merge($opts, $addopts); 200 } 201 202 /** 203 * Display a tree menu to select a page or namespace 204 * 205 * @author Andreas Gohr <andi@splitbrain.org> 206 */ 207 function _html_explorer(){ 208 require_once(DOKU_INC.'inc/search.php'); 209 global $conf; 210 global $ID; 211 global $lang; 212 213 $dir = $conf['datadir']; 214 $ns = $this->ns; 215 if(empty($ns)){ 216 $ns = dirname(str_replace(':','/',$ID)); 217 if($ns == '.') $ns =''; 218 }elseif($ns == '*'){ 219 $ns =''; 220 } 221 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 222 223 224 $data = array(); 225 search($data,$conf['datadir'],'search_index',array('ns' => $ns)); 226 227 228 // wrap a list with the root level around the other namespaces 229 $item = array( 'level' => 0, 'id' => '*', 'type' => 'd', 230 'open' =>'true', 'label' => '['.$lang['mediaroot'].']'); 231 232 echo '<ul class="acltree">'; 233 echo $this->_html_li_acl($item); 234 echo '<div class="li">'; 235 echo $this->_html_list_acl($item); 236 echo '</div>'; 237 echo html_buildlist($data,'acl', 238 array($this,'_html_list_acl'), 239 array($this,'_html_li_acl')); 240 echo '</li>'; 241 echo '</ul>'; 242 243 } 244 245 /** 246 * Display the current ACL for selected where/who combination with 247 * selectors and modification form 248 * 249 * @author Andreas Gohr <andi@splitbrain.org> 250 */ 251 function _html_detail(){ 252 global $conf; 253 global $ID; 254 255 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 256 257 echo '<div id="acl__user">'; 258 echo $this->getLang('acl_perms').' '; 259 $inl = $this->_html_select(); 260 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 261 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 262 echo '</div>'.NL; 263 264 echo '<div id="acl__info">'; 265 $this->_html_info(); 266 echo '</div>'; 267 268 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 269 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 270 echo '<input type="hidden" name="do" value="admin" />'.NL; 271 echo '<input type="hidden" name="page" value="acl" />'.NL; 272 echo '</div></form>'.NL; 273 } 274 275 /** 276 * Print infos and editor 277 */ 278 function _html_info(){ 279 global $ID; 280 281 if($this->who){ 282 $current = $this->_get_exact_perm(); 283 284 // explain current permissions 285 $this->_html_explain($current); 286 // load editor 287 $this->_html_acleditor($current); 288 }else{ 289 echo '<p>'; 290 if($this->ns){ 291 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 292 }else{ 293 printf($this->getLang('p_choose_id'),hsc($ID)); 294 } 295 echo '</p>'; 296 297 echo $this->locale_xhtml('help'); 298 } 299 } 300 301 /** 302 * Display the ACL editor 303 * 304 * @author Andreas Gohr <andi@splitbrain.org> 305 */ 306 function _html_acleditor($current){ 307 global $lang; 308 309 echo '<fieldset>'; 310 if(is_null($current)){ 311 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 312 }else{ 313 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 314 } 315 316 317 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 318 319 if(is_null($current)){ 320 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 321 }else{ 322 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 323 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 324 } 325 326 echo '</fieldset>'; 327 } 328 329 /** 330 * Explain the currently set permissions in plain english/$lang 331 * 332 * @author Andreas Gohr <andi@splitbrain.org> 333 */ 334 function _html_explain($current){ 335 global $ID; 336 global $auth; 337 338 $who = $this->who; 339 $ns = $this->ns; 340 341 // prepare where to check 342 if($ns){ 343 if($ns == '*'){ 344 $check='*'; 345 }else{ 346 $check=$ns.':*'; 347 } 348 }else{ 349 $check = $ID; 350 } 351 352 // prepare who to check 353 if($who{0} == '@'){ 354 $user = ''; 355 $groups = array(ltrim($who,'@')); 356 }else{ 357 $user = auth_nameencode($who); 358 $info = $auth->getUserData($user); 359 if($info === false){ 360 $groups = array(); 361 }else{ 362 $groups = $info['grps']; 363 } 364 } 365 366 // check the permissions 367 $perm = auth_aclcheck($check,$user,$groups); 368 369 // build array of named permissions 370 $names = array(); 371 if($perm){ 372 if($ns){ 373 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 374 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 375 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 376 } 377 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 378 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 379 $names = array_reverse($names); 380 }else{ 381 $names[] = $this->getLang('acl_perm0'); 382 } 383 384 // print permission explanation 385 echo '<p>'; 386 if($user){ 387 if($ns){ 388 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 389 }else{ 390 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 391 } 392 }else{ 393 if($ns){ 394 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 395 }else{ 396 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 397 } 398 } 399 echo '</p>'; 400 401 // add note if admin 402 if($perm == AUTH_ADMIN){ 403 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 404 }elseif(is_null($current)){ 405 echo '<p>'.$this->getLang('p_inherited').'</p>'; 406 } 407 } 408 409 410 /** 411 * Item formatter for the tree view 412 * 413 * User function for html_buildlist() 414 * 415 * @author Andreas Gohr <andi@splitbrain.org> 416 */ 417 function _html_list_acl($item){ 418 global $ID; 419 $ret = ''; 420 // what to display 421 if($item['label']){ 422 $base = $item['label']; 423 }else{ 424 $base = ':'.$item['id']; 425 $base = substr($base,strrpos($base,':')+1); 426 } 427 428 // highlight? 429 if( ($item['type']=='d' && $item['id'] == $this->ns) || 430 ($item['type']!='d' && $item['id'] == $ID)) $cl = ' cur'; 431 432 // namespace or page? 433 if($item['type']=='d'){ 434 if($item['open']){ 435 $img = DOKU_BASE.'lib/images/minus.gif'; 436 $alt = '−'; 437 }else{ 438 $img = DOKU_BASE.'lib/images/plus.gif'; 439 $alt = '+'; 440 } 441 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 442 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id']))).'" class="idx_dir'.$cl.'">'; 443 $ret .= $base; 444 $ret .= '</a>'; 445 }else{ 446 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>''))).'" class="wikilink1'.$cl.'">'; 447 $ret .= noNS($item['id']); 448 $ret .= '</a>'; 449 } 450 return $ret; 451 } 452 453 454 function _html_li_acl($item){ 455 return '<li class="level'.$item['level'].'">'; 456 } 457 458 459 /** 460 * Get current ACL settings as multidim array 461 * 462 * @author Andreas Gohr <andi@splitbrain.org> 463 */ 464 function _init_acl_config(){ 465 global $AUTH_ACL; 466 global $conf; 467 $acl_config=array(); 468 $usersgroups = array(); 469 470 // get special users and groups 471 $this->specials[] = '@ALL'; 472 $this->specials[] = '@'.$conf['defaultgroup']; 473 if($conf['manager'] != '!!not set!!'){ 474 $this->specials = array_merge($this->specials, 475 array_map('trim', 476 explode(',',$conf['manager']))); 477 } 478 $this->specials = array_filter($this->specials); 479 $this->specials = array_unique($this->specials); 480 sort($this->specials); 481 482 foreach($AUTH_ACL as $line){ 483 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 484 if(!$line) continue; 485 486 $acl = preg_split('/\s+/',$line); 487 //0 is pagename, 1 is user, 2 is acl 488 489 $acl[1] = rawurldecode($acl[1]); 490 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 491 492 // store non-special users and groups for later selection dialog 493 $ug = $acl[1]; 494 if(in_array($ug,$this->specials)) continue; 495 $usersgroups[] = $ug; 496 } 497 498 $usersgroups = array_unique($usersgroups); 499 sort($usersgroups); 500 uksort($acl_config,array($this,'_sort_names')); 501 502 $this->acl = $acl_config; 503 $this->usersgroups = $usersgroups; 504 } 505 506 /** 507 * Custom function to sort the ACLs by namespace names 508 * 509 * @todo This maybe could be improved to resemble the real tree structure? 510 */ 511 function _sort_names($a,$b){ 512 $ca = substr_count($a,':'); 513 $cb = substr_count($b,':'); 514 if($ca < $cb){ 515 return -1; 516 }elseif($ca > $cb){ 517 return 1; 518 }else{ 519 return strcmp($a,$b); 520 } 521 } 522 523 /** 524 * Display all currently set permissions in a table 525 * 526 * @author Andreas Gohr <andi@splitbrain.org> 527 */ 528 function _html_table(){ 529 global $lang; 530 global $ID; 531 532 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 533 if($this->ns){ 534 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 535 }else{ 536 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 537 } 538 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 539 echo '<input type="hidden" name="do" value="admin" />'.NL; 540 echo '<input type="hidden" name="page" value="acl" />'.NL; 541 echo '<table class="inline">'; 542 echo '<tr>'; 543 echo '<th>'.$this->getLang('where').'</th>'; 544 echo '<th>'.$this->getLang('who').'</th>'; 545 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; 546 echo '<th>'.$lang['btn_delete'].'</th>'; 547 echo '</tr>'; 548 foreach($this->acl as $where => $set){ 549 foreach($set as $who => $perm){ 550 echo '<tr>'; 551 echo '<td>'; 552 if(substr($where,-1) == '*'){ 553 echo '<span class="aclns">'.hsc($where).'</span>'; 554 $ispage = false; 555 }else{ 556 echo '<span class="aclpage">'.hsc($where).'</span>'; 557 $ispage = true; 558 } 559 echo '</td>'; 560 561 echo '<td>'; 562 if($who{0} == '@'){ 563 echo '<span class="aclgroup">'.hsc($who).'</span>'; 564 }else{ 565 echo '<span class="acluser">'.hsc($who).'</span>'; 566 } 567 echo '</td>'; 568 569 echo '<td>'; 570 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 571 echo '</td>'; 572 573 echo '<td align="center">'; 574 echo '<input type="checkbox" name="del['.hsc($where).']" value="'.hsc($who).'" />'; 575 echo '</td>'; 576 echo '</tr>'; 577 } 578 } 579 580 echo '<tr>'; 581 echo '<th align="right" colspan="4">'; 582 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 583 echo '</th>'; 584 echo '</tr>'; 585 echo '</table>'; 586 echo '</div></form>'.NL; 587 } 588 589 590 /** 591 * Returns the permission which were set for exactly the given user/group 592 * and page/namespace. Returns null if no exact match is available 593 * 594 * @author Andreas Gohr <andi@splitbrain.org> 595 */ 596 function _get_exact_perm(){ 597 global $ID; 598 if($this->ns){ 599 if($this->ns == '*'){ 600 $check = '*'; 601 }else{ 602 $check = $this->ns.':*'; 603 } 604 }else{ 605 $check = $ID; 606 } 607 608 if(isset($this->acl[$check][$this->who])){ 609 return $this->acl[$check][$this->who]; 610 }else{ 611 return null; 612 } 613 } 614 615 /** 616 * adds new acl-entry to conf/acl.auth.php 617 * 618 * @author Frank Schubert <frank@schokilade.de> 619 */ 620 function _acl_add($acl_scope, $acl_user, $acl_level){ 621 $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php'); 622 $acl_user = auth_nameencode($acl_user,true); 623 624 // max level for pagenames is edit 625 if(strpos($acl_scope,'*') === false) { 626 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 627 } 628 629 630 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 631 632 $new_config = $acl_config.$new_acl; 633 634 return io_saveFile(DOKU_CONF.'acl.auth.php', $new_config); 635 } 636 637 /** 638 * remove acl-entry from conf/acl.auth.php 639 * 640 * @author Frank Schubert <frank@schokilade.de> 641 */ 642 function _acl_del($acl_scope, $acl_user){ 643 $acl_config = file(DOKU_CONF.'acl.auth.php'); 644 $acl_user = auth_nameencode($acl_user,true); 645 646 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; 647 648 // save all non!-matching 649 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 650 651 return io_saveFile(DOKU_CONF.'acl.auth.php', join('',$new_config)); 652 } 653 654 /** 655 * print the permission radio boxes 656 * 657 * @author Frank Schubert <frank@schokilade.de> 658 * @author Andreas Gohr <andi@splitbrain.org> 659 */ 660 function _html_checkboxes($setperm,$ispage,$name){ 661 global $lang; 662 663 static $label = 0; //number labels 664 $ret = ''; 665 666 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; 667 668 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 669 $label += 1; 670 671 //general checkbox attributes 672 $atts = array( 'type' => 'radio', 673 'id' => 'pbox'.$label, 674 'name' => $name, 675 'value' => $perm ); 676 //dynamic attributes 677 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 678 if($ispage && $perm > AUTH_EDIT){ 679 $atts['disabled'] = 'disabled'; 680 $class = ' class="disabled"'; 681 }else{ 682 $class = ''; 683 } 684 685 //build code 686 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; 687 $ret .= '<input '.html_attbuild($atts).' /> '; 688 $ret .= $this->getLang('acl_perm'.$perm); 689 $ret .= '</label>'.NL; 690 } 691 return $ret; 692 } 693 694 /** 695 * Print a user/group selector (reusing already used users and groups) 696 * 697 * @author Andreas Gohr <andi@splitbrain.org> 698 */ 699 function _html_select(){ 700 global $conf; 701 $inlist = false; 702 703 if($this->who && 704 !in_array($this->who,$this->usersgroups) && 705 !in_array($this->who,$this->specials)){ 706 707 if($this->who{0} == '@'){ 708 $gsel = ' selected="selected"'; 709 }else{ 710 $usel = ' selected="selected"'; 711 } 712 }else{ 713 $usel = ''; 714 $gsel = ''; 715 $inlist = true; 716 } 717 718 719 echo '<select name="acl_t" class="edit">'.NL; 720 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 721 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 722 echo ' <optgroup label=" ">'.NL; 723 foreach($this->specials as $ug){ 724 if($ug == $this->who){ 725 $sel = ' selected="selected"'; 726 $inlist = true; 727 }else{ 728 $sel = ''; 729 } 730 731 if($ug{0} == '@'){ 732 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 733 }else{ 734 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 735 } 736 } 737 echo ' </optgroup>'.NL; 738 echo ' <optgroup label=" ">'.NL; 739 foreach($this->usersgroups as $ug){ 740 if($ug == $this->who){ 741 $sel = ' selected="selected"'; 742 $inlist = true; 743 }else{ 744 $sel = ''; 745 } 746 747 if($ug{0} == '@'){ 748 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 749 }else{ 750 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 751 } 752 } 753 echo ' </optgroup>'.NL; 754 echo '</select>'.NL; 755 return $inlist; 756 } 757} 758
