0,0 → 1,204 |
<?php |
// +-----------------------------------------------------------------------+ |
// | PhpWebGallery - a PHP based picture gallery | |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | |
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net | |
// +-----------------------------------------------------------------------+ |
// | branch : BSF (Best So Far) |
// | file : $RCSfile: group_list.php,v $ |
// | last update : $Date: 2005/01/17 21:02:43 $ |
// | last modifier : $Author: plg $ |
// | revision : $Revision: 1.15 $ |
// +-----------------------------------------------------------------------+ |
// | This program is free software; you can redistribute it and/or modify | |
// | it under the terms of the GNU General Public License as published by | |
// | the Free Software Foundation | |
// | | |
// | This program is distributed in the hope that it will be useful, but | |
// | WITHOUT ANY WARRANTY; without even the implied warranty of | |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
// | General Public License for more details. | |
// | | |
// | You should have received a copy of the GNU General Public License | |
// | along with this program; if not, write to the Free Software | |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
// | USA. | |
// +-----------------------------------------------------------------------+ |
if( !defined("PHPWG_ROOT_PATH") ) |
{ |
die ("Hacking attempt!"); |
} |
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); |
|
//-------------------------------------------------------------- delete a group |
$error = array(); |
if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) ) |
{ |
// destruction of the access linked to the group |
$query = 'DELETE FROM '.GROUP_ACCESS_TABLE; |
$query.= ' WHERE group_id = '.$_POST['group_id']; |
$query.= ';'; |
pwg_query( $query ); |
|
// destruction of the users links for this group |
$query = 'DELETE FROM ' . USER_GROUP_TABLE; |
$query.= ' WHERE group_id = '.$_POST['group_id']; |
pwg_query( $query ); |
|
// destruction of the group |
$query = 'DELETE FROM ' . GROUPS_TABLE; |
$query.= ' WHERE id = '.$_POST['group_id']; |
$query.= ';'; |
pwg_query( $query ); |
} |
//----------------------------------------------------------------- add a group |
elseif ( isset( $_POST['new'] ) ) |
{ |
if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] ) |
or preg_match( '/"/', $_POST['newgroup'] ) ) |
{ |
array_push( $error, $lang['group_add_error1'] ); |
} |
if ( count( $error ) == 0 ) |
{ |
// is the group not already existing ? |
$query = 'SELECT id FROM '.GROUPS_TABLE; |
$query.= " WHERE name = '".$_POST['newgroup']."'"; |
$query.= ';'; |
$result = pwg_query( $query ); |
if ( mysql_num_rows( $result ) > 0 ) |
{ |
array_push( $error, $lang['group_add_error2'] ); |
} |
} |
if ( count( $error ) == 0 ) |
{ |
// creating the group |
$query = ' INSERT INTO '.GROUPS_TABLE; |
$query.= " (name) VALUES ('".$_POST['newgroup']."')"; |
$query.= ';'; |
pwg_query( $query ); |
} |
} |
//--------------------------------------------------------------- user management |
elseif ( isset( $_POST['add'] ) ) |
{ |
$userdata = getuserdata($_POST['username']); |
if (!$userdata) |
{ |
array_push($error, $lang['user_err_unknown']); |
} |
else |
{ |
// create a new association between the user and a group |
$query = ' |
INSERT INTO '.USER_GROUP_TABLE.' |
(user_id,group_id) |
VALUES |
('.$userdata['id'].','.$_POST['edit_group_id'].') |
;'; |
pwg_query($query); |
} |
} |
elseif (isset( $_POST['deny_user'] )) |
{ |
$sql_in = ''; |
$members = $_POST['members']; |
for($i = 0; $i < count($members); $i++) |
{ |
$sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]); |
} |
$query = 'DELETE FROM ' . USER_GROUP_TABLE; |
$query.= ' WHERE user_id IN ('.$sql_in; |
$query.= ') AND group_id = '.$_POST['edit_group_id']; |
pwg_query( $query ); |
} |
//-------------------------------------------------------------- errors display |
if ( sizeof( $error ) != 0 ) |
{ |
$template->assign_block_vars('errors',array()); |
for ( $i = 0; $i < sizeof( $error ); $i++ ) |
{ |
$template->assign_block_vars('errors.error',array('ERROR'=>$error[$i])); |
} |
} |
//----------------------------------------------------------------- groups list |
|
$query = 'SELECT id,name FROM '.GROUPS_TABLE; |
$query.= ' ORDER BY id ASC;'; |
$result = pwg_query( $query ); |
$groups_display = '<select name="group_id">'; |
$groups_nb=0; |
while ( $row = mysql_fetch_array( $result ) ) |
{ |
$groups_nb++; |
$selected = ''; |
if (isset($_POST['group_id']) && $_POST['group_id']==$row['id']) |
$selected = 'selected'; |
$groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>'; |
} |
$groups_display .= '</select>'; |
|
$action = PHPWG_ROOT_PATH.'admin.php?page=group_list'; |
//----------------------------------------------------- template initialization |
$template->set_filenames( array('groups'=>'admin/group_list.tpl') ); |
$template->assign_vars(array( |
'S_GROUP_SELECT'=>$groups_display, |
|
'L_GROUP_SELECT'=>$lang['group_list_title'], |
'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'], |
'L_LOOK_UP'=>$lang['edit'], |
'L_GROUP_DELETE'=>$lang['delete'], |
'L_CREATE_NEW_GROUP'=>$lang['group_add'], |
'L_GROUP_EDIT'=>$lang['group_edit'], |
'L_USER_NAME'=>$lang['login'], |
'L_USER_EMAIL'=>$lang['mail_address'], |
'L_USER_SELECT'=>$lang['Select'], |
'L_DENY_SELECTED'=>$lang['group_deny_user'], |
'L_ADD_MEMBER'=>$lang['group_add_user'], |
'L_FIND_USERNAME'=>$lang['Find_username'], |
|
'S_GROUP_ACTION'=>add_session_id($action), |
'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') |
)); |
|
if ($groups_nb) |
{ |
$template->assign_block_vars('select_box',array()); |
} |
|
//----------------------------------------------------------------- add a group |
if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] )) |
{ |
// Retrieving the group name |
$query = 'SELECT id, name FROM '.GROUPS_TABLE; |
$query.= " WHERE id = '".$_POST['group_id']."'"; |
$query.= ';'; |
$result = mysql_fetch_array(pwg_query( $query )); |
$template->assign_block_vars('edit_group',array( |
'GROUP_NAME'=>$result['name'], |
'GROUP_ID'=>$result['id'] |
)); |
|
// Retrieving all the users |
$query = 'SELECT id, username, mail_address'; |
$query.= ' FROM ('.USERS_TABLE.' as u'; |
$query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)'; |
$query.= " WHERE ug.group_id = '".$_POST['group_id']."';"; |
$result = pwg_query( $query ); |
$i=0; |
while ( $row = mysql_fetch_array( $result ) ) |
{ |
$class = ($i % 2)? 'row1':'row2'; $i++; |
$template->assign_block_vars('edit_group.user',array( |
'ID'=>$row['id'], |
'NAME'=>$row['username'], |
'EMAIL'=>$row['mail_address'], |
'T_CLASS'=>$class |
)); |
} |
} |
|
//----------------------------------------------------------- sending html code |
$template->assign_var_from_handle('ADMIN_CONTENT', 'groups'); |
?> |