1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13if(!defined('DOKU_PLUGIN')) define('DOKU_PLUGIN',DOKU_INC.'lib/plugins/'); 14require_once(DOKU_PLUGIN.'admin.php'); 15 16/** 17 * All DokuWiki plugins to extend the admin function 18 * need to inherit from this class 19 */ 20class admin_plugin_acl extends DokuWiki_Admin_Plugin { 21 var $acl = null; 22 var $ns = null; 23 var $who = ''; 24 var $usersgroups = array(); 25 var $specials = array(); 26 27 /** 28 * return some info 29 */ 30 function getInfo(){ 31 return array( 32 'author' => 'Andreas Gohr', 33 'email' => 'andi@splitbrain.org', 34 'date' => '2008-12-16', 35 'name' => 'ACL', 36 'desc' => 'Manage Page Access Control Lists', 37 'url' => 'http://dokuwiki.org/plugin:acl', 38 ); 39 } 40 41 /** 42 * return prompt for admin menu 43 */ 44 function getMenuText($language) { 45 return $this->getLang('admin_acl'); 46 } 47 48 /** 49 * return sort order for position in admin menu 50 */ 51 function getMenuSort() { 52 return 1; 53 } 54 55 /** 56 * handle user request 57 * 58 * Initializes internal vars and handles modifications 59 * 60 * @author Andreas Gohr <andi@splitbrain.org> 61 */ 62 function handle() { 63 global $AUTH_ACL; 64 global $ID; 65 66 // namespace given? 67 if($_REQUEST['ns'] == '*'){ 68 $this->ns = '*'; 69 }else{ 70 $this->ns = cleanID($_REQUEST['ns']); 71 } 72 73 // user or group choosen? 74 $who = trim($_REQUEST['acl_w']); 75 if($_REQUEST['acl_t'] == '__g__' && $who){ 76 $this->who = '@'.ltrim($who,'@'); 77 }elseif($_REQUEST['acl_t'] == '__u__' && $who){ 78 $this->who = ltrim($who,'@'); 79 }elseif($_REQUEST['acl_t'] && 80 $_REQUEST['acl_t'] != '__u__' && 81 $_REQUEST['acl_t'] != '__g__'){ 82 $this->who = $_REQUEST['acl_t']; 83 }elseif($who){ 84 $this->who = $who; 85 } 86 87 // handle modifications 88 if(isset($_REQUEST['cmd'])){ 89 // scope for modifications 90 if($this->ns){ 91 if($this->ns == '*'){ 92 $scope = '*'; 93 }else{ 94 $scope = $this->ns.':*'; 95 } 96 }else{ 97 $scope = $ID; 98 } 99 100 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ 101 // handle additions or single modifications 102 $this->_acl_del($scope, $this->who); 103 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); 104 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ 105 // handle single deletions 106 $this->_acl_del($scope, $this->who); 107 }elseif(isset($_REQUEST['cmd']['update'])){ 108 // handle update of the whole file 109 foreach((array) $_REQUEST['del'] as $where => $who){ 110 // remove all rules marked for deletion 111 unset($_REQUEST['acl'][$where][$who]); 112 } 113 // prepare lines 114 $lines = array(); 115 // keep header 116 foreach($AUTH_ACL as $line){ 117 if($line{0} == '#'){ 118 $lines[] = $line; 119 }else{ 120 break; 121 } 122 } 123 // re-add all rules 124 foreach((array) $_REQUEST['acl'] as $where => $opt){ 125 foreach($opt as $who => $perm){ 126 $who = auth_nameencode($who,true); 127 $lines[] = "$where\t$who\t$perm\n"; 128 } 129 } 130 // save it 131 io_saveFile(DOKU_CONF.'acl.auth.php', join('',$lines)); 132 } 133 134 // reload ACL config 135 $AUTH_ACL = file(DOKU_CONF.'acl.auth.php'); 136 } 137 138 // initialize ACL array 139 $this->_init_acl_config(); 140 } 141 142 /** 143 * ACL Output function 144 * 145 * print a table with all significant permissions for the 146 * current id 147 * 148 * @author Frank Schubert <frank@schokilade.de> 149 * @author Andreas Gohr <andi@splitbrain.org> 150 */ 151 function html() { 152 global $ID; 153 154 echo '<div id="acl_manager">'.NL; 155 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 156 echo '<div class="level1">'.NL; 157 158 echo '<div id="acl__tree">'.NL; 159 $this->_html_explorer($_REQUEST['ns']); 160 echo '</div>'.NL; 161 162 echo '<div id="acl__detail">'.NL; 163 $this->_html_detail(); 164 echo '</div>'.NL; 165 echo '</div>'.NL; 166 167 echo '<div class="clearer"></div>'; 168 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 169 echo '<div class="level2">'.NL; 170 $this->_html_table(); 171 echo '</div>'.NL; 172 173 echo '<div class="footnotes"><div class="fn">'.NL; 174 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; 175 echo $this->getLang('p_include'); 176 echo '</div></div>'; 177 178 echo '</div>'.NL; 179 } 180 181 /** 182 * returns array with set options for building links 183 * 184 * @author Andreas Gohr <andi@splitbrain.org> 185 */ 186 function _get_opts($addopts=null){ 187 global $ID; 188 $opts = array( 189 'do'=>'admin', 190 'page'=>'acl', 191 ); 192 if($this->ns) $opts['ns'] = $this->ns; 193 if($this->who) $opts['acl_w'] = $this->who; 194 195 if(is_null($addopts)) return $opts; 196 return array_merge($opts, $addopts); 197 } 198 199 /** 200 * Display a tree menu to select a page or namespace 201 * 202 * @author Andreas Gohr <andi@splitbrain.org> 203 */ 204 function _html_explorer(){ 205 require_once(DOKU_INC.'inc/search.php'); 206 global $conf; 207 global $ID; 208 global $lang; 209 210 $dir = $conf['datadir']; 211 $ns = $this->ns; 212 if(empty($ns)){ 213 $ns = dirname(str_replace(':','/',$ID)); 214 if($ns == '.') $ns =''; 215 }elseif($ns == '*'){ 216 $ns =''; 217 } 218 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 219 220 221 $data = array(); 222 search($data,$conf['datadir'],'search_index',array('ns' => $ns)); 223 224 225 // wrap a list with the root level around the other namespaces 226 $item = array( 'level' => 0, 'id' => '*', 'type' => 'd', 227 'open' =>'true', 'label' => '['.$lang['mediaroot'].']'); 228 229 echo '<ul class="acltree">'; 230 echo $this->_html_li_acl($item); 231 echo '<div class="li">'; 232 echo $this->_html_list_acl($item); 233 echo '</div>'; 234 echo html_buildlist($data,'acl', 235 array($this,'_html_list_acl'), 236 array($this,'_html_li_acl')); 237 echo '</li>'; 238 echo '</ul>'; 239 240 } 241 242 /** 243 * Display the current ACL for selected where/who combination with 244 * selectors and modification form 245 * 246 * @author Andreas Gohr <andi@splitbrain.org> 247 */ 248 function _html_detail(){ 249 global $conf; 250 global $ID; 251 252 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 253 254 echo '<div id="acl__user">'; 255 echo $this->getLang('acl_perms').' '; 256 $inl = $this->_html_select(); 257 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 258 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 259 echo '</div>'.NL; 260 261 echo '<div id="acl__info">'; 262 $this->_html_info(); 263 echo '</div>'; 264 265 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 266 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 267 echo '<input type="hidden" name="do" value="admin" />'.NL; 268 echo '<input type="hidden" name="page" value="acl" />'.NL; 269 echo '</div></form>'.NL; 270 } 271 272 /** 273 * Print infos and editor 274 */ 275 function _html_info(){ 276 global $ID; 277 278 if($this->who){ 279 $current = $this->_get_exact_perm(); 280 281 // explain current permissions 282 $this->_html_explain($current); 283 // load editor 284 $this->_html_acleditor($current); 285 }else{ 286 echo '<p>'; 287 if($this->ns){ 288 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 289 }else{ 290 printf($this->getLang('p_choose_id'),hsc($ID)); 291 } 292 echo '</p>'; 293 294 echo $this->locale_xhtml('help'); 295 } 296 } 297 298 /** 299 * Display the ACL editor 300 * 301 * @author Andreas Gohr <andi@splitbrain.org> 302 */ 303 function _html_acleditor($current){ 304 global $lang; 305 306 echo '<fieldset>'; 307 if(is_null($current)){ 308 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 309 }else{ 310 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 311 } 312 313 314 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 315 316 if(is_null($current)){ 317 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 318 }else{ 319 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 320 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 321 } 322 323 echo '</fieldset>'; 324 } 325 326 /** 327 * Explain the currently set permissions in plain english/$lang 328 * 329 * @author Andreas Gohr <andi@splitbrain.org> 330 */ 331 function _html_explain($current){ 332 global $ID; 333 global $auth; 334 335 $who = $this->who; 336 $ns = $this->ns; 337 338 // prepare where to check 339 if($ns){ 340 if($ns == '*'){ 341 $check='*'; 342 }else{ 343 $check=$ns.':*'; 344 } 345 }else{ 346 $check = $ID; 347 } 348 349 // prepare who to check 350 if($who{0} == '@'){ 351 $user = ''; 352 $groups = array(ltrim($who,'@')); 353 }else{ 354 $user = auth_nameencode($who); 355 $info = $auth->getUserData($user); 356 if($info === false){ 357 $groups = array(); 358 }else{ 359 $groups = $info['groups']; 360 } 361 } 362 363 // check the permissions 364 $perm = auth_aclcheck($check,$user,$groups); 365 366 // build array of named permissions 367 $names = array(); 368 if($perm){ 369 if($ns){ 370 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 371 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 372 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 373 } 374 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 375 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 376 $names = array_reverse($names); 377 }else{ 378 $names[] = $this->getLang('acl_perm0'); 379 } 380 381 // print permission explanation 382 echo '<p>'; 383 if($user){ 384 if($ns){ 385 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 386 }else{ 387 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 388 } 389 }else{ 390 if($ns){ 391 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 392 }else{ 393 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 394 } 395 } 396 echo '</p>'; 397 398 // add note if admin 399 if($perm == AUTH_ADMIN){ 400 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 401 }elseif(is_null($current)){ 402 echo '<p>'.$this->getLang('p_inherited').'</p>'; 403 } 404 } 405 406 407 /** 408 * Item formatter for the tree view 409 * 410 * User function for html_buildlist() 411 * 412 * @author Andreas Gohr <andi@splitbrain.org> 413 */ 414 function _html_list_acl($item){ 415 global $ID; 416 $ret = ''; 417 // what to display 418 if($item['label']){ 419 $base = $item['label']; 420 }else{ 421 $base = ':'.$item['id']; 422 $base = substr($base,strrpos($base,':')+1); 423 } 424 425 // highlight? 426 if( ($item['type']=='d' && $item['id'] == $this->ns) || 427 ($item['type']!='d' && $item['id'] == $ID)) $cl = ' cur'; 428 429 // namespace or page? 430 if($item['type']=='d'){ 431 if($item['open']){ 432 $img = DOKU_BASE.'lib/images/minus.gif'; 433 $alt = '−'; 434 }else{ 435 $img = DOKU_BASE.'lib/images/plus.gif'; 436 $alt = '+'; 437 } 438 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 439 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id']))).'" class="idx_dir'.$cl.'">'; 440 $ret .= $base; 441 $ret .= '</a>'; 442 }else{ 443 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>''))).'" class="wikilink1'.$cl.'">'; 444 $ret .= noNS($item['id']); 445 $ret .= '</a>'; 446 } 447 return $ret; 448 } 449 450 451 function _html_li_acl($item){ 452 return '<li class="level'.$item['level'].'">'; 453 } 454 455 456 /** 457 * Get current ACL settings as multidim array 458 * 459 * @author Andreas Gohr <andi@splitbrain.org> 460 */ 461 function _init_acl_config(){ 462 global $AUTH_ACL; 463 global $conf; 464 $acl_config=array(); 465 $usersgroups = array(); 466 467 // get special users and groups 468 $this->specials[] = '@ALL'; 469 $this->specials[] = '@'.$conf['defaultgroup']; 470 if($conf['manager'] != '!!not set!!'){ 471 $this->specials = array_merge($this->specials, 472 array_map('trim', 473 explode(',',$conf['manager']))); 474 } 475 $this->specials = array_filter($this->specials); 476 $this->specials = array_unique($this->specials); 477 sort($this->specials); 478 479 foreach($AUTH_ACL as $line){ 480 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 481 if(!$line) continue; 482 483 $acl = preg_split('/\s+/',$line); 484 //0 is pagename, 1 is user, 2 is acl 485 486 $acl[1] = rawurldecode($acl[1]); 487 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 488 489 // store non-special users and groups for later selection dialog 490 $ug = $acl[1]; 491 if(in_array($ug,$this->specials)) continue; 492 $usersgroups[] = $ug; 493 } 494 495 $usersgroups = array_unique($usersgroups); 496 sort($usersgroups); 497 uksort($acl_config,array($this,'_sort_names')); 498 499 $this->acl = $acl_config; 500 $this->usersgroups = $usersgroups; 501 } 502 503 /** 504 * Custom function to sort the ACLs by namespace names 505 * 506 * @todo This maybe could be improved to resemble the real tree structure? 507 */ 508 function _sort_names($a,$b){ 509 $ca = substr_count($a,':'); 510 $cb = substr_count($b,':'); 511 if($ca < $cb){ 512 return -1; 513 }elseif($ca > $cb){ 514 return 1; 515 }else{ 516 return strcmp($a,$b); 517 } 518 } 519 520 /** 521 * Display all currently set permissions in a table 522 * 523 * @author Andreas Gohr <andi@splitbrain.org> 524 */ 525 function _html_table(){ 526 global $lang; 527 global $ID; 528 529 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 530 if($this->ns){ 531 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 532 }else{ 533 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 534 } 535 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 536 echo '<input type="hidden" name="do" value="admin" />'.NL; 537 echo '<input type="hidden" name="page" value="acl" />'.NL; 538 echo '<table class="inline">'; 539 echo '<tr>'; 540 echo '<th>'.$this->getLang('where').'</th>'; 541 echo '<th>'.$this->getLang('who').'</th>'; 542 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; 543 echo '<th>'.$lang['btn_delete'].'</th>'; 544 echo '</tr>'; 545 foreach($this->acl as $where => $set){ 546 foreach($set as $who => $perm){ 547 echo '<tr>'; 548 echo '<td>'; 549 if(substr($where,-1) == '*'){ 550 echo '<span class="aclns">'.hsc($where).'</span>'; 551 $ispage = false; 552 }else{ 553 echo '<span class="aclpage">'.hsc($where).'</span>'; 554 $ispage = true; 555 } 556 echo '</td>'; 557 558 echo '<td>'; 559 if($who{0} == '@'){ 560 echo '<span class="aclgroup">'.hsc($who).'</span>'; 561 }else{ 562 echo '<span class="acluser">'.hsc($who).'</span>'; 563 } 564 echo '</td>'; 565 566 echo '<td>'; 567 echo $this->_html_checkboxes($perm,$ispage,'acl['.hsc($where).']['.hsc($who).']'); 568 echo '</td>'; 569 570 echo '<td align="center">'; 571 echo '<input type="checkbox" name="del['.hsc($where).']" value="'.hsc($who).'" />'; 572 echo '</td>'; 573 echo '</tr>'; 574 } 575 } 576 577 echo '<tr>'; 578 echo '<th align="right" colspan="4">'; 579 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 580 echo '</th>'; 581 echo '</tr>'; 582 echo '</table>'; 583 echo '</div></form>'.NL; 584 } 585 586 587 /** 588 * Returns the permission which were set for exactly the given user/group 589 * and page/namespace. Returns null if no exact match is available 590 * 591 * @author Andreas Gohr <andi@splitbrain.org> 592 */ 593 function _get_exact_perm(){ 594 global $ID; 595 if($this->ns){ 596 if($this->ns == '*'){ 597 $check = '*'; 598 }else{ 599 $check = $this->ns.':*'; 600 } 601 }else{ 602 $check = $ID; 603 } 604 605 if(isset($this->acl[$check][$this->who])){ 606 return $this->acl[$check][$this->who]; 607 }else{ 608 return null; 609 } 610 } 611 612 /** 613 * adds new acl-entry to conf/acl.auth.php 614 * 615 * @author Frank Schubert <frank@schokilade.de> 616 */ 617 function _acl_add($acl_scope, $acl_user, $acl_level){ 618 $acl_config = file_get_contents(DOKU_CONF.'acl.auth.php'); 619 $acl_user = auth_nameencode($acl_user,true); 620 621 // max level for pagenames is edit 622 if(strpos($acl_scope,'*') === false) { 623 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 624 } 625 626 627 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 628 629 $new_config = $acl_config.$new_acl; 630 631 return io_saveFile(DOKU_CONF.'acl.auth.php', $new_config); 632 } 633 634 /** 635 * remove acl-entry from conf/acl.auth.php 636 * 637 * @author Frank Schubert <frank@schokilade.de> 638 */ 639 function _acl_del($acl_scope, $acl_user){ 640 $acl_config = file(DOKU_CONF.'acl.auth.php'); 641 $acl_user = auth_nameencode($acl_user,true); 642 643 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; 644 645 // save all non!-matching 646 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 647 648 return io_saveFile(DOKU_CONF.'acl.auth.php', join('',$new_config)); 649 } 650 651 /** 652 * print the permission radio boxes 653 * 654 * @author Frank Schubert <frank@schokilade.de> 655 * @author Andreas Gohr <andi@splitbrain.org> 656 */ 657 function _html_checkboxes($setperm,$ispage,$name){ 658 global $lang; 659 660 static $label = 0; //number labels 661 $ret = ''; 662 663 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; 664 665 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 666 $label += 1; 667 668 //general checkbox attributes 669 $atts = array( 'type' => 'radio', 670 'id' => 'pbox'.$label, 671 'name' => $name, 672 'value' => $perm ); 673 //dynamic attributes 674 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 675 if($ispage && $perm > AUTH_EDIT){ 676 $atts['disabled'] = 'disabled'; 677 $class = ' class="disabled"'; 678 }else{ 679 $class = ''; 680 } 681 682 //build code 683 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; 684 $ret .= '<input '.html_attbuild($atts).' /> '; 685 $ret .= $this->getLang('acl_perm'.$perm); 686 $ret .= '</label>'.NL; 687 } 688 return $ret; 689 } 690 691 /** 692 * Print a user/group selector (reusing already used users and groups) 693 * 694 * @author Andreas Gohr <andi@splitbrain.org> 695 */ 696 function _html_select(){ 697 global $conf; 698 $inlist = false; 699 700 if($this->who && 701 !in_array($this->who,$this->usersgroups) && 702 !in_array($this->who,$specials)){ 703 704 if($this->who{0} == '@'){ 705 $gsel = ' selected="selected"'; 706 }else{ 707 $usel = ' selected="selected"'; 708 } 709 }else{ 710 $usel = ''; 711 $gsel = ''; 712 $inlist = true; 713 } 714 715 716 echo '<select name="acl_t" class="edit">'.NL; 717 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 718 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 719 echo ' <optgroup label=" ">'.NL; 720 foreach($this->specials as $ug){ 721 if($ug == $this->who){ 722 $sel = ' selected="selected"'; 723 $inlist = true; 724 }else{ 725 $sel = ''; 726 } 727 728 if($ug{0} == '@'){ 729 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 730 }else{ 731 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 732 } 733 } 734 echo ' </optgroup>'.NL; 735 echo ' <optgroup label=" ">'.NL; 736 foreach($this->usersgroups as $ug){ 737 if($ug == $this->who){ 738 $sel = ' selected="selected"'; 739 $inlist = true; 740 }else{ 741 $sel = ''; 742 } 743 744 if($ug{0} == '@'){ 745 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 746 }else{ 747 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 748 } 749 } 750 echo ' </optgroup>'.NL; 751 echo '</select>'.NL; 752 return $inlist; 753 } 754} 755
