source: trunk/admin/cat_move.php @ 1004

Revision 1004, 3.9 KB checked in by nikrou, 14 years ago (diff)

Improve security of sessions:

  • use only cookies to store session id on client side
  • use default php session system with database handler to store sessions on server side
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | branch        : BSF (Best So Far)
8// | file          : $RCSfile$
9// | last update   : $Date$
10// | last modifier : $Author$
11// | revision      : $Revision$
12// +-----------------------------------------------------------------------+
13// | This program is free software; you can redistribute it and/or modify  |
14// | it under the terms of the GNU General Public License as published by  |
15// | the Free Software Foundation                                          |
16// |                                                                       |
17// | This program is distributed in the hope that it will be useful, but   |
18// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
19// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
20// | General Public License for more details.                              |
21// |                                                                       |
22// | You should have received a copy of the GNU General Public License     |
23// | along with this program; if not, write to the Free Software           |
24// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
25// | USA.                                                                  |
26// +-----------------------------------------------------------------------+
27
28if (!defined('PHPWG_ROOT_PATH'))
29{
30  die('Hacking attempt!');
31}
32include_once(PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
33
34// +-----------------------------------------------------------------------+
35// |                               functions                               |
36// +-----------------------------------------------------------------------+
37
38
39// +-----------------------------------------------------------------------+
40// |                          categories movement                          |
41// +-----------------------------------------------------------------------+
42
43if (isset($_POST['submit']))
44{
45  if (count($_POST['selection']) > 0)
46  {
47    // TODO: tests
48    move_categories($_POST['selection'], $_POST['parent']);
49  }
50  else
51  {
52    array_push(
53      $page['errors'],
54      l10n('Select at least one category')
55      );
56  }
57}
58
59// +-----------------------------------------------------------------------+
60// |                       template initialization                         |
61// +-----------------------------------------------------------------------+
62
63$template->set_filenames(
64  array(
65    'cat_move' => 'admin/cat_move.tpl'
66    )
67  );
68
69$template->assign_vars(
70  array(
71    'F_ACTION' => PHPWG_ROOT_PATH.'admin.php?page=cat_move',
72    )
73  );
74 
75// +-----------------------------------------------------------------------+
76// |                          Categories display                           |
77// +-----------------------------------------------------------------------+
78
79$query = '
80SELECT id,name,uppercats,global_rank
81  FROM '.CATEGORIES_TABLE.'
82  WHERE dir IS NULL
83;';
84
85display_select_cat_wrapper(
86  $query,
87  array(),
88  'category_option_selection'
89  );
90
91$blockname = 'category_option_parent';
92
93$template->assign_block_vars(
94  $blockname,
95  array(
96    'VALUE'=> 0,
97    'OPTION' => '------------'
98    )
99  );
100
101$query = '
102SELECT id,name,uppercats,global_rank
103  FROM '.CATEGORIES_TABLE.'
104;';
105
106display_select_cat_wrapper(
107  $query,
108  array(),
109  $blockname
110  );
111
112// +-----------------------------------------------------------------------+
113// |                          sending html code                            |
114// +-----------------------------------------------------------------------+
115
116$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_move');
117?>
Note: See TracBrowser for help on using the repository browser.