Context Navigation

source: trunk/admin/group_list.php @ 25005

Last change on this file since 25005 was 25005, checked in by mistic100, 11 years ago
feature 2978: remove useless sprintf in the core
Property svn:eol-style set to `LF`
File size: 11.8 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
37	{
38	check_pwg_token();
39	}
40	// +-----------------------------------------------------------------------+
41	// \| add a group \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	if (empty($_POST['groupname']))
47	{
48	array_push($page['errors'], l10n('The name of a group must not contain " or \' or be empty.'));
49	}
50	if (count($page['errors']) == 0)
51	{
52	// is the group not already existing ?
53	$query = '
54	SELECT COUNT(*)
55	FROM '.GROUPS_TABLE.'
56	WHERE name = \''.$_POST['groupname'].'\'
57	;';
58	list($count) = pwg_db_fetch_row(pwg_query($query));
59	if ($count != 0)
60	{
61	array_push($page['errors'], l10n('This name is already used by another group.'));
62	}
63	}
64	if (count($page['errors']) == 0)
65	{
66	// creating the group
67	$query = '
68	INSERT INTO '.GROUPS_TABLE.'
69	(name)
70	VALUES
71	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
72	;';
73	pwg_query($query);
74
75	$page['infos'][] = l10n('group "%s" added', $_POST['groupname']);
76	}
77	}
78
79	// +-----------------------------------------------------------------------+
80	// \| action send \|
81	// +-----------------------------------------------------------------------+
82	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
83	{
84	// if the user tries to apply an action, it means that there is at least 1
85	// photo in the selection
86	$groups = $_POST['group_selection'];
87	if (count($groups) == 0)
88	{
89	array_push($page['errors'], l10n('Select at least one group'));
90	}
91
92	$action = $_POST['selectAction'];
93
94	// +
95	// \|rename a group
96	// +
97
98	if ($action=="rename")
99	{
100	foreach($groups as $group)
101	{
102	if ( !empty($_POST['rename_'.$group.'']) )
103	{
104	$query = '
105	UPDATE '.GROUPS_TABLE.'
106	SET name = \''.$_POST['rename_'.$group.''].'\'
107	WHERE id = '.$group.'
108	;';
109	pwg_query($query);
110	}
111	}
112	}
113
114	// +
115	// \|delete a group
116	// +
117
118	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
119	{
120	foreach($groups as $group)
121	{
122	// destruction of the access linked to the group
123	$query = '
124	DELETE
125	FROM '.GROUP_ACCESS_TABLE.'
126	WHERE group_id = '.$group.'
127	;';
128	pwg_query($query);
129
130	// destruction of the users links for this group
131	$query = '
132	DELETE
133	FROM '.USER_GROUP_TABLE.'
134	WHERE group_id = '.$group.'
135	;';
136	pwg_query($query);
137
138	$query = '
139	SELECT name
140	FROM '.GROUPS_TABLE.'
141	WHERE id = '.$group.'
142	;';
143	list($groupname) = pwg_db_fetch_row(pwg_query($query));
144
145	// destruction of the group
146	$query = '
147	DELETE
148	FROM '.GROUPS_TABLE.'
149	WHERE id = '.$group.'
150	;';
151	pwg_query($query);
152
153	$page['infos'][] = l10n('group "%s" deleted', $groupname);
154	}
155	}
156
157	// +
158	// \|merge groups into a new one
159	// +
160
161	if ($action=="merge" and count($groups) > 1)
162	{
163	// is the group not already existing ?
164	$query = '
165	SELECT COUNT(*)
166	FROM '.GROUPS_TABLE.'
167	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
168	;';
169	list($count) = pwg_db_fetch_row(pwg_query($query));
170	if ($count != 0)
171	{
172	array_push($page['errors'], l10n('This name is already used by another group.'));
173	}
174	else
175	{
176	// creating the group
177	$query = '
178	INSERT INTO '.GROUPS_TABLE.'
179	(name)
180	VALUES
181	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
182	;';
183	pwg_query($query);
184	$query = '
185	SELECT id
186	FROM '.GROUPS_TABLE.'
187	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
188	;';
189	list($groupid) = pwg_db_fetch_row(pwg_query($query));
190	}
191	$grp_access = array();
192	$usr_grp = array();
193	foreach($groups as $group)
194	{
195	$query = '
196	SELECT *
197	FROM '.GROUP_ACCESS_TABLE.'
198	WHERE group_id = '.$group.'
199	;';
200	$res=pwg_query($query);
201	while ($row = pwg_db_fetch_assoc($res))
202	{
203	$new_grp_access= array(
204	'cat_id' => $row['cat_id'],
205	'group_id' => $groupid
206	);
207	if (!in_array($new_grp_access,$grp_access))
208	{
209	$grp_access[]=$new_grp_access;
210	}
211	}
212
213	$query = '
214	SELECT *
215	FROM '.USER_GROUP_TABLE.'
216	WHERE group_id = '.$group.'
217	;';
218	$res=pwg_query($query);
219	while ($row = pwg_db_fetch_assoc($res))
220	{
221	$new_usr_grp= array(
222	'user_id' => $row['user_id'],
223	'group_id' => $groupid
224	);
225	if (!in_array($new_usr_grp,$usr_grp))
226	{
227	$usr_grp[]=$new_usr_grp;
228	}
229	}
230	}
231	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
232	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
233
234	$page['infos'][] = l10n('group "%s" added', $_POST['merge']);
235	}
236
237	// +
238	// \|duplicate a group
239	// +
240
241	if ($action=="duplicate" )
242	{
243	foreach($groups as $group)
244	{
245	if ( empty($_POST['duplicate_'.$group.'']) )
246	{
247	break;
248	}
249	// is the group not already existing ?
250	$query = '
251	SELECT COUNT(*)
252	FROM '.GROUPS_TABLE.'
253	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
254	;';
255	list($count) = pwg_db_fetch_row(pwg_query($query));
256	if ($count != 0)
257	{
258	array_push($page['errors'], l10n('This name is already used by another group.'));
259	break;
260	}
261	// creating the group
262	$query = '
263	INSERT INTO '.GROUPS_TABLE.'
264	(name)
265	VALUES
266	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
267	;';
268	pwg_query($query);
269	$query = '
270	SELECT id
271	FROM '.GROUPS_TABLE.'
272	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
273	;';
274
275	list($groupid) = pwg_db_fetch_row(pwg_query($query));
276	$query = '
277	SELECT *
278	FROM '.GROUP_ACCESS_TABLE.'
279	WHERE group_id = '.$group.'
280	;';
281	$grp_access = array();
282	$res=pwg_query($query);
283	while ($row = pwg_db_fetch_assoc($res))
284	{
285	$grp_access[] = array(
286	'cat_id' => $row['cat_id'],
287	'group_id' => $groupid
288	);
289	}
290	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
291
292	$query = '
293	SELECT *
294	FROM '.USER_GROUP_TABLE.'
295	WHERE group_id = '.$group.'
296	;';
297	$usr_grp = array();
298	$res=pwg_query($query);
299	while ($row = pwg_db_fetch_assoc($res))
300	{
301	$usr_grp[] = array(
302	'user_id' => $row['user_id'],
303	'group_id' => $groupid
304	);
305	}
306	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
307
308	$page['infos'][] = l10n('group "%s" added', $_POST['duplicate_'.$group.'']);
309	}
310	}
311
312
313	// +
314	// \| toggle_default
315	// +
316
317	if ($action=="toggle_default")
318	{
319	foreach($groups as $group)
320	{
321	$query = '
322	SELECT name, is_default
323	FROM '.GROUPS_TABLE.'
324	WHERE id = '.$group.'
325	;';
326	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
327
328	// update of the group
329	$query = '
330	UPDATE '.GROUPS_TABLE.'
331	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
332	WHERE id = '.$group.'
333	;';
334	pwg_query($query);
335
336	$page['infos'][] = l10n('group "%s" updated', $groupname);
337	}
338	}
339	}
340	// +-----------------------------------------------------------------------+
341	// \| template init \|
342	// +-----------------------------------------------------------------------+
343
344	$template->set_filenames(array('group_list' => 'group_list.tpl'));
345
346	$template->assign(
347	array(
348	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
349	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
350	'PWG_TOKEN' => get_pwg_token(),
351	)
352	);
353
354	// +-----------------------------------------------------------------------+
355	// \| group list \|
356	// +-----------------------------------------------------------------------+
357
358	$query = '
359	SELECT id, name, is_default
360	FROM '.GROUPS_TABLE.'
361	ORDER BY name ASC
362	;';
363	$result = pwg_query($query);
364
365	$admin_url = get_root_url().'admin.php?page=';
366	$perm_url = $admin_url.'group_perm&group_id=';
367	$del_url = $admin_url.'group_list&delete=';
368	$members_url = $admin_url.'user_list&group=';
369	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
370
371	while ($row = pwg_db_fetch_assoc($result))
372	{
373	$query = '
374	SELECT username
375	FROM '.USERS_TABLE.' AS u
376	INNER JOIN '.USER_GROUP_TABLE.' AS ug
377	ON u.'.$conf['user_fields']['id'].' = ug.user_id
378	WHERE ug.group_id = '.$row['id'].'
379	;';
380	$members=array();
381	$res=pwg_query($query);
382	while ($us= pwg_db_fetch_assoc($res))
383	{
384	$members[]=$us['username'];
385	}
386	$template->append(
387	'groups',
388	array(
389	'NAME' => $row['name'],
390	'ID' => $row['id'],
391	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
392	'NB_MEMBERS' => count($members),
393	'L_MEMBERS' => implode(' - ', $members),
394	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
395	'U_MEMBERS' => $members_url.$row['id'],
396	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
397	'U_PERM' => $perm_url.$row['id'],
398	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
399	)
400	);
401	}
402
403	// +-----------------------------------------------------------------------+
404	// \| sending html code \|
405	// +-----------------------------------------------------------------------+
406
407	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
408
409	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: