Context Navigation

source: trunk/admin/group_list.php @ 20740

Last change on this file since 20740 was 20740, checked in by flop25, 11 years ago
bug:2841 doesn't duplicate using 'merge' action on only one group
Property svn:eol-style set to `LF`
File size: 12.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
37	{
38	check_pwg_token();
39	}
40	// +-----------------------------------------------------------------------+
41	// \| add a group \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	if (empty($_POST['groupname']))
47	{
48	array_push($page['errors'], l10n('The name of a group must not contain " or \' or be empty.'));
49	}
50	if (count($page['errors']) == 0)
51	{
52	// is the group not already existing ?
53	$query = '
54	SELECT COUNT(*)
55	FROM '.GROUPS_TABLE.'
56	WHERE name = \''.$_POST['groupname'].'\'
57	;';
58	list($count) = pwg_db_fetch_row(pwg_query($query));
59	if ($count != 0)
60	{
61	array_push($page['errors'], l10n('This name is already used by another group.'));
62	}
63	}
64	if (count($page['errors']) == 0)
65	{
66	// creating the group
67	$query = '
68	INSERT INTO '.GROUPS_TABLE.'
69	(name)
70	VALUES
71	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
72	;';
73	pwg_query($query);
74
75	array_push(
76	$page['infos'],
77	sprintf(l10n('group "%s" added'), $_POST['groupname'])
78	);
79	}
80	}
81
82	// +-----------------------------------------------------------------------+
83	// \| action send \|
84	// +-----------------------------------------------------------------------+
85	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
86	{
87	// if the user tries to apply an action, it means that there is at least 1
88	// photo in the selection
89	$groups = $_POST['group_selection'];
90	if (count($groups) == 0)
91	{
92	array_push($page['errors'], l10n('Select at least one group'));
93	}
94
95	$action = $_POST['selectAction'];
96
97	// +
98	// \|rename a group
99	// +
100
101	if ($action=="rename")
102	{
103	foreach($groups as $group)
104	{
105	if ( !empty($_POST['rename_'.$group.'']) )
106	{
107	$query = '
108	UPDATE '.GROUPS_TABLE.'
109	SET name = \''.$_POST['rename_'.$group.''].'\'
110	WHERE id = '.$group.'
111	;';
112	pwg_query($query);
113	}
114	}
115	}
116
117	// +
118	// \|delete a group
119	// +
120
121	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
122	{
123	foreach($groups as $group)
124	{
125	// destruction of the access linked to the group
126	$query = '
127	DELETE
128	FROM '.GROUP_ACCESS_TABLE.'
129	WHERE group_id = '.$group.'
130	;';
131	pwg_query($query);
132
133	// destruction of the users links for this group
134	$query = '
135	DELETE
136	FROM '.USER_GROUP_TABLE.'
137	WHERE group_id = '.$group.'
138	;';
139	pwg_query($query);
140
141	$query = '
142	SELECT name
143	FROM '.GROUPS_TABLE.'
144	WHERE id = '.$group.'
145	;';
146	list($groupname) = pwg_db_fetch_row(pwg_query($query));
147
148	// destruction of the group
149	$query = '
150	DELETE
151	FROM '.GROUPS_TABLE.'
152	WHERE id = '.$group.'
153	;';
154	pwg_query($query);
155
156	array_push(
157	$page['infos'],
158	sprintf(l10n('group "%s" deleted'), $groupname)
159	);
160	}
161	}
162
163	// +
164	// \|merge groups into a new one
165	// +
166
167	if ($action=="merge" and count($groups) > 1)
168	{
169	// is the group not already existing ?
170	$query = '
171	SELECT COUNT(*)
172	FROM '.GROUPS_TABLE.'
173	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
174	;';
175	list($count) = pwg_db_fetch_row(pwg_query($query));
176	if ($count != 0)
177	{
178	array_push($page['errors'], l10n('This name is already used by another group.'));
179	}
180	else
181	{
182	// creating the group
183	$query = '
184	INSERT INTO '.GROUPS_TABLE.'
185	(name)
186	VALUES
187	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
188	;';
189	pwg_query($query);
190	$query = '
191	SELECT id
192	FROM '.GROUPS_TABLE.'
193	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
194	;';
195	list($groupid) = pwg_db_fetch_row(pwg_query($query));
196	}
197	$grp_access = array();
198	$usr_grp = array();
199	foreach($groups as $group)
200	{
201	$query = '
202	SELECT *
203	FROM '.GROUP_ACCESS_TABLE.'
204	WHERE group_id = '.$group.'
205	;';
206	$res=pwg_query($query);
207	while ($row = pwg_db_fetch_assoc($res))
208	{
209	$new_grp_access= array(
210	'cat_id' => $row['cat_id'],
211	'group_id' => $groupid
212	);
213	if (!in_array($new_grp_access,$grp_access))
214	{
215	$grp_access[]=$new_grp_access;
216	}
217	}
218
219	$query = '
220	SELECT *
221	FROM '.USER_GROUP_TABLE.'
222	WHERE group_id = '.$group.'
223	;';
224	$res=pwg_query($query);
225	while ($row = pwg_db_fetch_assoc($res))
226	{
227	$new_usr_grp= array(
228	'user_id' => $row['user_id'],
229	'group_id' => $groupid
230	);
231	if (!in_array($new_usr_grp,$usr_grp))
232	{
233	$usr_grp[]=$new_usr_grp;
234	}
235	}
236	}
237	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
238	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
239	array_push(
240	$page['infos'],
241	sprintf(l10n('group "%s" added'), $_POST['merge'])
242	);
243	}
244
245	// +
246	// \|duplicate a group
247	// +
248
249	if ($action=="duplicate" )
250	{
251	foreach($groups as $group)
252	{
253	if ( empty($_POST['duplicate_'.$group.'']) )
254	{
255	break;
256	}
257	// is the group not already existing ?
258	$query = '
259	SELECT COUNT(*)
260	FROM '.GROUPS_TABLE.'
261	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
262	;';
263	list($count) = pwg_db_fetch_row(pwg_query($query));
264	if ($count != 0)
265	{
266	array_push($page['errors'], l10n('This name is already used by another group.'));
267	break;
268	}
269	// creating the group
270	$query = '
271	INSERT INTO '.GROUPS_TABLE.'
272	(name)
273	VALUES
274	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
275	;';
276	pwg_query($query);
277	$query = '
278	SELECT id
279	FROM '.GROUPS_TABLE.'
280	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
281	;';
282
283	list($groupid) = pwg_db_fetch_row(pwg_query($query));
284	$query = '
285	SELECT *
286	FROM '.GROUP_ACCESS_TABLE.'
287	WHERE group_id = '.$group.'
288	;';
289	$grp_access = array();
290	$res=pwg_query($query);
291	while ($row = pwg_db_fetch_assoc($res))
292	{
293	$grp_access[] = array(
294	'cat_id' => $row['cat_id'],
295	'group_id' => $groupid
296	);
297	}
298	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
299
300	$query = '
301	SELECT *
302	FROM '.USER_GROUP_TABLE.'
303	WHERE group_id = '.$group.'
304	;';
305	$usr_grp = array();
306	$res=pwg_query($query);
307	while ($row = pwg_db_fetch_assoc($res))
308	{
309	$usr_grp[] = array(
310	'user_id' => $row['user_id'],
311	'group_id' => $groupid
312	);
313	}
314	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
315
316	array_push(
317	$page['infos'],
318	sprintf(l10n('group "%s" added'), $_POST['duplicate_'.$group.''])
319	);
320	}
321	}
322
323
324	// +
325	// \| toggle_default
326	// +
327
328	if ($action=="toggle_default")
329	{
330	foreach($groups as $group)
331	{
332	$query = '
333	SELECT name, is_default
334	FROM '.GROUPS_TABLE.'
335	WHERE id = '.$group.'
336	;';
337	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
338
339	// update of the group
340	$query = '
341	UPDATE '.GROUPS_TABLE.'
342	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
343	WHERE id = '.$group.'
344	;';
345	pwg_query($query);
346
347	array_push(
348	$page['infos'],
349	sprintf(l10n('group "%s" updated'), $groupname)
350	);
351	}
352	}
353	}
354	// +-----------------------------------------------------------------------+
355	// \| template init \|
356	// +-----------------------------------------------------------------------+
357
358	$template->set_filenames(array('group_list' => 'group_list.tpl'));
359
360	$template->assign(
361	array(
362	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
363	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
364	'PWG_TOKEN' => get_pwg_token(),
365	)
366	);
367
368	// +-----------------------------------------------------------------------+
369	// \| group list \|
370	// +-----------------------------------------------------------------------+
371
372	$query = '
373	SELECT id, name, is_default
374	FROM '.GROUPS_TABLE.'
375	ORDER BY name ASC
376	;';
377	$result = pwg_query($query);
378
379	$admin_url = get_root_url().'admin.php?page=';
380	$perm_url = $admin_url.'group_perm&group_id=';
381	$del_url = $admin_url.'group_list&delete=';
382	$members_url = $admin_url.'user_list&group=';
383	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
384
385	while ($row = pwg_db_fetch_assoc($result))
386	{
387	$query = '
388	SELECT username
389	FROM '.USERS_TABLE.' AS u
390	INNER JOIN '.USER_GROUP_TABLE.' AS ug
391	ON u.'.$conf['user_fields']['id'].' = ug.user_id
392	WHERE ug.group_id = '.$row['id'].'
393	;';
394	$members=array();
395	$res=pwg_query($query);
396	while ($us= pwg_db_fetch_assoc($res))
397	{
398	$members[]=$us['username'];
399	}
400	$template->append(
401	'groups',
402	array(
403	'NAME' => $row['name'],
404	'ID' => $row['id'],
405	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
406	'NB_MEMBERS' => count($members),
407	'L_MEMBERS' => implode(' - ', $members),
408	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
409	'U_MEMBERS' => $members_url.$row['id'],
410	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
411	'U_PERM' => $perm_url.$row['id'],
412	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
413	)
414	);
415	}
416
417	// +-----------------------------------------------------------------------+
418	// \| sending html code \|
419	// +-----------------------------------------------------------------------+
420
421	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
422
423	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: