$t3[0], 'cat_id' => $cat_id ); mass_inserts(GROUP_ACCESS_TABLE,array('group_id','cat_id'), $inserts); if (pwg_db_errno() == 0) $page['infos'][] = sprintf( l10n('ec_group_create_OK2'), $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] ); else $page['errors'][] = sprintf( l10n('ec_assoc_pb'), $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; } } // If an add. p. id has been posted, the newly created group must be // allowed to navigate in this additional page if ( isset($_POST['ec_in_up_aps']) and array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) ) { $granted_groups = array(); $title_arr = array_from_query(" SELECT `title` FROM `".ADD_PAGES_TABLE."` WHERE `id` = ".$_POST['ec_in_up_aps']."; ", 'title'); $t_user = (is_in($title_arr[0], '/user_id=')) ? explode('/user_id=', $title_arr[0]) : array($title_arr[0]); if (is_in($t_user[0], '/group_id=')) { $t_group = explode('/group_id=', $t_user[0]); $granted_groups = explode(',', $t_group[1]); } else $t_group[0] = $t_user[0]; if (!in_array($t3[0], $granted_groups)) { $granted_groups[] = $t3[0]; $t_group[1] = implode(',', $granted_groups); $t_user[0] = implode('/group_id=', $t_group); if (pwg_query(" UPDATE `".ADD_PAGES_TABLE."` SET `title` = '".implode('/user_id=', $t_user)."' WHERE `id` = ".$_POST['ec_in_up_aps']."; ") === false) $page['errors'][] = sprintf( l10n('ec_assoc_pb'), $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; else $page['infos'][] = sprintf( l10n('ec_group_create_OK2'), $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] ); } } } else { // If a category id has been posted, the newly created user must be // allowed to navigate in this category, if it is not the case yet if ( isset($_POST['ec_in_up_cat']) and array_key_exists($_POST['ec_in_up_cat'], $ec_lists['categories']) ) { $private_uppercats = array_from_query(" SELECT `id` FROM `".CATEGORIES_TABLE."` WHERE `id` IN (". implode(',', get_uppercat_ids(array($_POST['ec_in_up_cat']))). ") AND `status` = 'private'; ", 'id'); // We must not reinsert already existing lines in user_access table $granteds = array(); foreach ($private_uppercats as $cat_id) $granteds[$cat_id] = array(); $result = pwg_query(" SELECT `user_id`, `cat_id` FROM `".USER_ACCESS_TABLE."` WHERE `cat_id` IN (".implode(',', $private_uppercats).") AND `user_id` = '$ec_user_id'; "); while ($row = pwg_db_fetch_assoc($result)) $granteds[$row['cat_id']][] = $row['user_id']; $inserts = array(); foreach ($private_uppercats as $cat_id) if (!in_array($ec_user_id, $granteds[$cat_id])) $inserts[] = array( 'user_id' => $ec_user_id, 'cat_id' => $cat_id ); if (count($inserts) != 0) { mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts); if (pwg_db_errno() == 0) $page['infos'][] = sprintf( l10n('ec_group_create_OK2'), $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] ); else $page['errors'][] = sprintf( l10n('ec_assoc_pb'), $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; } } // If an add. p. id has been posted, the newly created user should be // allowed to navigate in this additional page => give a warning message if ( isset($_POST['ec_in_up_aps']) and array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) ) $page['errors'][] = sprintf( l10n('ec_user_access_AP'), $ec_lists['add_pages'][$_POST['ec_in_up_aps']], $_POST['login'] ); } return $ec_user_id; } // +-----------------------------------------------------------------------+ // | Tables building functions | // +-----------------------------------------------------------------------+ /* * build_ec_duplicable_codes() * * * @param * no parameter passed, the main material on which works the function, is * the global array variable $ec_lists. * @return * (no return value) */ function build_ec_duplicable_codes() { global $ec_lists, $template; $ec_lists['duplicable_codes'] = array(); $t = array(); foreach ($ec_lists['ec_table'] as $ec_entry) { if ( is_in($ec_entry['action'], 'ec_ok') and $ec_entry['forced'] == 'false' ) { $t[$ec_entry['id']] = $ec_entry['code']; $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = $ec_entry['id']; $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['comment'] = $ec_entry['comment']; $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = $ec_entry['user_id']; } } foreach ($t as $ec_id => $ec_code) { $ec_lists['duplicable_codes']['ids'][$ec_id] = $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; $ec_lists['duplicable_codes']['comment'][$ec_id] = $ec_lists['duplicable_codes']['codes'][$ec_code]['comment']; } // Builds a category list displayed a best way build_ec_categories(false); } // +-----------------------------------------------------------------------+ // | Database modifying functions | // +-----------------------------------------------------------------------+ /* * ec_create_modify_entry_OK() * returns true or false whether the creation of a new entry described by * $_POST was OK or not. * * @param * no param * @return * true if creation was OK ; false if not */ function ec_create_modify_entry_OK() { global $page, $ec_lists; // $_POST validity checks : action prevented in case of bad arguments if (!isset($_POST['ec_act1'])) return ec_end1('ec_act1', 'Bad argument : '); if ( ($_POST['ec_act1']) != 'toggle_forced' and !isset($_POST['ec_input_action']) ) return ec_end1('ec_input_action', 'Bad argument : '); $is_creation = true; $ec_user_id = 'NULL'; $action = 'ec_ok'; $del_other = false; $comment = ''; switch ($_POST['ec_act1']) { // This "switch" statement is a little bit tricky... it has been a pain to // debug, and I wish to nobody to have to modify it :-\ ! // Its principle is that it manages checks for four occurrences of // $_POST['ec_act1'] : 'create', 'modify_entry_submit', // 'duplicate_entry_submit', and 'toggle_forced'. Some checks are mutual // between different occurences, but never all checks of each occurrence // of $_POST['ec_act1']. So tests are done with "if" statements to // produce "break" statements when needed. case 'create': // Stops if given code or user type are incorrect if ( !isset($_POST['ec_in_up_code']) or !preg_match('/^[a-zA-Z0-9_-]{4,32}$/', $_POST['ec_in_up_code']) ) return ec_end1('ec_in_up_code', 'Improper code : '); else $ec_code = $_POST['ec_in_up_code']; foreach ($ec_lists['ec_table'] as $ec_entry) if ($ec_code == $ec_entry['code']) return ec_end1('ec_in_up_code', 'Code already exists : '); if ( !isset($_POST['ec_sel_user']) or ( $_POST['ec_sel_user'] != 'new' and $_POST['ec_sel_user'] != 'old' ) ) return ec_end1('ec_sel_user', 'Bad argument : '); case 'modify_entry_submit': // First checks for user type and/or value if (isset($_POST['ec_sel_user'])) { if ($_POST['ec_sel_user'] == 'new') { if ( !isset($_POST['login']) or $_POST['login'] == '' ) return ec_end1('login', 'Bad argument : '); if (in_array($_POST['login'], $ec_lists['user_ids'])) return ec_end1('login', 'User already exists : '); } elseif ($_POST['ec_sel_user'] == 'old') { if (!isset($_POST['ec_in_up_usr_list'])) return ec_end1('login', 'Bad argument : '); $ec_user_id = $_POST['ec_in_up_usr_list']; if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) return ec_end1('ec_in_up_usr_list', 'User doesn\'t exist : '); } else $action = 'ec_nok'; } else $action = 'ec_nok'; if ($_POST['ec_act1'] == 'create') break; case 'duplicate_entry_submit': // Checks of entry value validity if ( !isset($_POST['ec_entry_sel']) or !array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table']) ) return ec_end1( 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' ); // Other checks for user type and value if ($_POST['ec_act1'] == 'modify_entry_submit') if ( !isset($_POST['ec_sel_user']) or ( $_POST['ec_sel_user'] == 'new' or $_POST['ec_sel_user'] == 'none' or ( $_POST['ec_sel_user'] == 'old' and $_POST['ec_in_up_usr_list'] != $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id'] ) or isset($_POST['ec_in_up_forced']) ) ) $del_other = true; case 'toggle_forced': // Establish default values for unchanged values $ec_code = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']; if ($action == 'ec_ok' and $ec_user_id == 'NULL') $ec_user_id = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']; $arg1 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg1']; $arg2 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg2']; $comment = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['comment']; if (empty($arg1)) $arg1 = 'NULL'; if (empty($arg2)) $arg2 = 'NULL'; if (empty($ec_user_id)) $ec_user_id = 'NULL'; if ($_POST['ec_act1'] == 'toggle_forced') { $forced = ( $ec_lists['ec_table'][$_POST['ec_entry_sel']]['forced'] == 'true' ) ? 'false' : 'true'; $del_other = ($forced == 'true'); $action = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['action']; } if ( $_POST['ec_act1'] == 'toggle_forced' or $_POST['ec_act1'] == 'modify_entry_submit' ) { $is_creation = false; break; } // Final check for entry value build_ec_duplicable_codes(); if (!array_key_exists($_POST['ec_entry_sel'], $ec_lists['duplicable_codes']['ids']) ) return ec_end1( 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' ); break; default: ec_end1('ec_act1', 'Bad argument : '); } // Pfew ! if ($_POST['ec_act1'] != 'toggle_forced') { // Preparation of $arg1, $arg2 switch ($_POST['ec_input_action']) { case 'add_p': // Additional Page if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; else ec_end1('ec_in_up_aps', 'Bad argument : '); $arg1 = 'NULL'; break; case 'cat': // Category case 'img': // Image if (isset($_POST['ec_in_up_cat'])) { $arg1 = $_POST['ec_in_up_cat']; if ($_POST['ec_input_action'] == 'img') { if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; else ec_end1('ec_in_up_img', 'Bad argument : '); } else $arg2 = 'NULL'; } else ec_end1('ec_in_up_cat', 'Bad argument : '); break; case 'home': // Home : nothing to do : "arg"s are '' case 'refused': // $_POST['ec_sel_user'] unset, nothing to do $arg1 = 'NULL'; $arg2 = 'NULL'; break; default: ec_end1('ec_input_action', 'Bad argument : '); } // Preparation of $forced $forced = (isset($_POST['ec_in_up_forced'])) ? 'true' : 'false'; if ($_POST['ec_act1'] == 'duplicate_entry_submit' and $forced == 'true') return ec_end1('ec_in_up_forced', 'Bad argument : '); // Preparation of $comment $comment = (isset($_POST['ec_in_up_comment'])) ? $_POST['ec_in_up_comment'] : $comment; // User and eventually group creation, if needed if ($_POST['ec_act1'] != 'duplicate_entry_submit') if (isset($_POST['ec_sel_user']) and $_POST['ec_sel_user'] == 'new') if (!($ec_user_id = ec_create_user_OK())) return false; } // Now we have all infos : check that future entry doesn't exist already $arg1p = ($arg1 == 'NULL') ? 'IS NULL' : ' = '.$arg1; $arg2p = ($arg2 == 'NULL') ? 'IS NULL' : ' = '.$arg2; $ec_user_idp = ($ec_user_id == 'NULL') ? 'IS NULL' : ' = '.$ec_user_id; $r = pwg_query(" SELECT `id` FROM `".EVNTCATS_TABLE."` WHERE `code` = '".$ec_code."' AND `user_id` ".$ec_user_idp." AND `action` = '".$action."' AND `arg1` ".$arg1p." AND `arg2` ".$arg2p." AND `forced` = '".$forced."' AND `comment` = '".$comment."' "); if (pwg_db_num_rows($r)) { // print("
$arg1 $arg2
$q
"); $t1 = pwg_db_fetch_row(); $page['errors'][] = sprintf(l10n('ec_entry_already_exists'), $t1[0]); return false; } // Delete other entries using the same code, if needed if ($del_other) { $r = pwg_query(" SELECT `code` FROM `".EVNTCATS_TABLE."` WHERE `id` = ".$_POST['ec_entry_sel'] ); if (!pwg_db_num_rows($r)) die('Entry not found in DB ?!'); $t1 = pwg_db_fetch_row($r); $r = pwg_query(" SELECT `id` FROM `".EVNTCATS_TABLE."` WHERE `code` = '".$t1[0]."' AND `id` <> ".$_POST['ec_entry_sel'] ); while ($t2 = pwg_db_fetch_row($r)) if (!ec_delete_entry_OK($t2[0])) return false; } // Action ! $ret = true; if ($is_creation) { if ( pwg_query(" INSERT INTO `".EVNTCATS_TABLE."` ( `code`, `user_id`, `action`, `arg1`, `arg2`, `forced`, `comment` ) VALUES ( '".$ec_code."', ".$ec_user_id.", '".$action."', ".$arg1.", ".$arg2.", '".$forced."', '".$comment."' ); ") === false ) { $page['errors'][] = l10n('ec_entry_create_pb').' : '. 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"' ; $ret = false; } else { // There is an issue with pwg_db_insert_id() (actually with procedures // used in pwg_db_insert_id()): if last entry has id 2, // but entries 0 and 1 have been deleted, created entry gets id 3, // but pwg_db_insert_id() returns 0. Thus is it necessary here to get // the id another way. $r = pwg_query(" SELECT `id` FROM `".EVNTCATS_TABLE."` WHERE `code` = '".$ec_code."'" ); $t2 = pwg_db_fetch_row($r); build_ec_lists(); // Don't remember exactly why, but must be done here $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); $page['infos'][] = sprintf(l10n('ec_entry_create_OK'), $t2[0]). $ec_code.' => '. $ec_lists['user_ids'][$ec_user_id].$forced ; return true; } } else { if ( pwg_query(" UPDATE `".EVNTCATS_TABLE."` SET `user_id` = ".$ec_user_id.", `action` = '".$action."', `arg1` = ".$arg1.", `arg2` = ".$arg2.", `forced` = '".$forced."', `comment` = '".$comment."' WHERE `id` = '".$_POST['ec_entry_sel']."' ") === false ) { $page['errors'][] = l10n('ec_entry_create_pb').' : '. 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"' ; $ret = false; } else $page['infos'][] = sprintf( l10n('ec_entry_modify_OK'), $_POST['ec_entry_sel'] ); } build_ec_lists(); return $ret; } /* * ec_delete_entry_OK($ec_id) * tries to delete an existing entry. * * @param * $ec_id : the entry to be deleted * @return * true or false whether deleting succeeded. */ function ec_delete_entry_OK($ec_id) { global $page; $r = pwg_query(" SELECT `code` FROM `".EVNTCATS_TABLE."` WHERE `id` = $ec_id; "); if (!pwg_db_num_rows($r)) { $page['errors'][] = sprintf(l10n('ec_entry_dont_exist'), $ec_id); return false; } $t = pwg_db_fetch_row($r); if (pwg_query(" DELETE FROM `".EVNTCATS_TABLE."` WHERE `id` = ".$ec_id ) === false) { $page['errors'][] = sprintf(l10n('ec_entry_del_nok'), $ec_id). 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; return false; } $page['infos'][] = sprintf(l10n('ec_entry_del_ok'), $ec_id, $t[0]); return true; } ?>