Changeset 815 for trunk/admin/group_list.php
- Timestamp:
- Aug 16, 2005, 5:19:40 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/group_list.php
r792 r815 25 25 // | USA. | 26 26 // +-----------------------------------------------------------------------+ 27 27 28 if( !defined("PHPWG_ROOT_PATH") ) 28 29 { 29 30 die ("Hacking attempt!"); 30 31 } 31 32 include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' ); 32 33 33 //-------------------------------------------------------------- delete a group 34 if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) ) 34 // +-----------------------------------------------------------------------+ 35 // | delete a group | 36 // +-----------------------------------------------------------------------+ 37 38 if (isset($_GET['delete']) and is_numeric($_GET['delete'])) 35 39 { 36 40 // destruction of the access linked to the group 37 $query = 'DELETE FROM '.GROUP_ACCESS_TABLE; 38 $query.= ' WHERE group_id = '.$_POST['group_id']; 39 $query.= ';'; 40 pwg_query( $query ); 41 42 // destruction of the users links for this group 43 $query = 'DELETE FROM ' . USER_GROUP_TABLE; 44 $query.= ' WHERE group_id = '.$_POST['group_id']; 45 pwg_query( $query ); 46 47 // destruction of the group 48 $query = 'DELETE FROM ' . GROUPS_TABLE; 49 $query.= ' WHERE id = '.$_POST['group_id']; 50 $query.= ';'; 51 pwg_query( $query ); 41 $query = ' 42 DELETE 43 FROM '.GROUP_ACCESS_TABLE.' 44 WHERE group_id = '.$_GET['delete'].' 45 ;'; 46 pwg_query($query); 47 48 // destruction of the users links for this group 49 $query = ' 50 DELETE 51 FROM '.USER_GROUP_TABLE.' 52 WHERE group_id = '.$_GET['delete'].' 53 ;'; 54 pwg_query($query); 55 56 $query = ' 57 SELECT name 58 FROM '.GROUPS_TABLE.' 59 WHERE id = '.$_GET['delete'].' 60 ;'; 61 list($groupname) = mysql_fetch_row(pwg_query($query)); 62 63 // destruction of the group 64 $query = ' 65 DELETE 66 FROM '.GROUPS_TABLE.' 67 WHERE id = '.$_GET['delete'].' 68 ;'; 69 pwg_query($query); 70 71 array_push( 72 $page['infos'], 73 sprintf(l10n('group "%s" deleted'), $groupname) 74 ); 52 75 } 53 //----------------------------------------------------------------- add a group 54 elseif ( isset( $_POST['new'] ) ) 76 77 // +-----------------------------------------------------------------------+ 78 // | add a group | 79 // +-----------------------------------------------------------------------+ 80 81 if (isset($_POST['submit_add'])) 55 82 { 56 if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] ) 57 or preg_match( '/"/', $_POST['newgroup'] ) ) 83 if (empty($_POST['groupname'])) 58 84 { 59 array_push( $page['errors'], $lang['group_add_error1']);85 array_push($page['errors'], $lang['group_add_error1']); 60 86 } 61 if ( count( $page['errors'] ) == 0)87 if (count($page['errors']) == 0) 62 88 { 63 89 // is the group not already existing ? 64 $query = 'SELECT id FROM '.GROUPS_TABLE; 65 $query.= " WHERE name = '".$_POST['newgroup']."'"; 66 $query.= ';'; 67 $result = pwg_query( $query ); 68 if ( mysql_num_rows( $result ) > 0 ) 90 $query = ' 91 SELECT COUNT(*) 92 FROM '.GROUPS_TABLE.' 93 WHERE name = \''.$_POST['groupname'].'\' 94 ;'; 95 list($count) = mysql_fetch_row(pwg_query($query)); 96 if ($count != 0) 69 97 { 70 array_push( $page['errors'], $lang['group_add_error2']);98 array_push($page['errors'], $lang['group_add_error2']); 71 99 } 72 100 } 73 if ( count( $page['errors'] ) == 0)101 if (count($page['errors']) == 0) 74 102 { 75 103 // creating the group 76 $query = ' INSERT INTO '.GROUPS_TABLE;77 $query.= " (name) VALUES ('".$_POST['newgroup']."')";78 $query.= ';';79 pwg_query( $query );80 }81 }82 //------------------------------------------------------------- user management83 elseif ( isset( $_POST['add'] ) )84 {85 $userdata = getuserdata($_POST['username']);86 if (!$userdata)87 {88 array_push($page['errors'], $lang['user_err_unknown']);89 }90 else91 {92 // create a new association between the user and a group93 104 $query = ' 94 INSERT INTO '. USER_GROUP_TABLE.'95 ( user_id,group_id)105 INSERT INTO '.GROUPS_TABLE.' 106 (name) 96 107 VALUES 97 ( '.$userdata['id'].','.$_POST['edit_group_id'].')108 (\''.mysql_escape_string($_POST['groupname']).'\') 98 109 ;'; 99 110 pwg_query($query); 100 }101 }102 elseif (isset( $_POST['deny_user'] ))103 {104 $sql_in = '';105 $members = $_POST['members'];106 for($i = 0; $i < count($members); $i++)107 {108 $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);109 }110 $query = 'DELETE FROM ' . USER_GROUP_TABLE;111 $query.= ' WHERE user_id IN ('.$sql_in;112 $query.= ') AND group_id = '.$_POST['edit_group_id'];113 pwg_query( $query );114 }115 //----------------------------------------------------------------- groups list116 111 117 $query = 'SELECT id,name FROM '.GROUPS_TABLE; 118 $query.= ' ORDER BY id ASC;'; 119 $result = pwg_query( $query ); 120 $groups_display = '<select name="group_id">'; 121 $groups_nb=0; 122 while ( $row = mysql_fetch_array( $result ) ) 123 { 124 $groups_nb++; 125 $selected = ''; 126 if (isset($_POST['group_id']) && $_POST['group_id']==$row['id']) 127 $selected = 'selected'; 128 $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>'; 129 } 130 $groups_display .= '</select>'; 131 132 $action = PHPWG_ROOT_PATH.'admin.php?page=group_list'; 133 //----------------------------------------------------- template initialization 134 $template->set_filenames( array('groups'=>'admin/group_list.tpl') ); 135 $template->assign_vars(array( 136 'S_GROUP_SELECT'=>$groups_display, 137 138 'L_GROUP_SELECT'=>$lang['group_list_title'], 139 'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'], 140 'L_LOOK_UP'=>$lang['edit'], 141 'L_GROUP_DELETE'=>$lang['delete'], 142 'L_CREATE_NEW_GROUP'=>$lang['group_add'], 143 'L_GROUP_EDIT'=>$lang['group_edit'], 144 'L_USER_NAME'=>$lang['login'], 145 'L_USER_EMAIL'=>$lang['mail_address'], 146 'L_USER_SELECT'=>$lang['Select'], 147 'L_DENY_SELECTED'=>$lang['group_deny_user'], 148 'L_ADD_MEMBER'=>$lang['group_add_user'], 149 'L_FIND_USERNAME'=>$lang['Find_username'], 150 151 'S_GROUP_ACTION'=>add_session_id($action), 152 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') 153 )); 154 155 if ($groups_nb) 156 { 157 $template->assign_block_vars('select_box',array()); 158 } 159 160 //----------------------------------------------------------------- add a group 161 if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] )) 162 { 163 // Retrieving the group name 164 $query = 'SELECT id, name FROM '.GROUPS_TABLE; 165 $query.= " WHERE id = '".$_POST['group_id']."'"; 166 $query.= ';'; 167 $result = mysql_fetch_array(pwg_query( $query )); 168 $template->assign_block_vars('edit_group',array( 169 'GROUP_NAME'=>$result['name'], 170 'GROUP_ID'=>$result['id'] 171 )); 172 173 // Retrieving all the users 174 $query = 'SELECT id, username, mail_address'; 175 $query.= ' FROM ('.USERS_TABLE.' as u'; 176 $query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)'; 177 $query.= " WHERE ug.group_id = '".$_POST['group_id']."';"; 178 $result = pwg_query( $query ); 179 $i=0; 180 while ( $row = mysql_fetch_array( $result ) ) 181 { 182 $class = ($i % 2)? 'row1':'row2'; $i++; 183 $template->assign_block_vars('edit_group.user',array( 184 'ID'=>$row['id'], 185 'NAME'=>$row['username'], 186 'EMAIL'=>$row['mail_address'], 187 'T_CLASS'=>$class 188 )); 112 array_push( 113 $page['infos'], 114 sprintf(l10n('group "%s" added'), $_POST['groupname']) 115 ); 189 116 } 190 117 } 191 118 192 //----------------------------------------------------------- sending html code 193 $template->assign_var_from_handle('ADMIN_CONTENT', 'groups'); 119 // +-----------------------------------------------------------------------+ 120 // | template init | 121 // +-----------------------------------------------------------------------+ 122 123 $template->set_filenames(array('group_list' => 'admin/group_list.tpl')); 124 125 $template->assign_vars( 126 array( 127 'F_ADD_ACTION' => 128 add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list') 129 ) 130 ); 131 132 // +-----------------------------------------------------------------------+ 133 // | group list | 134 // +-----------------------------------------------------------------------+ 135 136 $query = ' 137 SELECT id, name 138 FROM '.GROUPS_TABLE.' 139 ORDER BY id ASC 140 ;'; 141 $result = pwg_query($query); 142 143 $admin_url = PHPWG_ROOT_PATH.'admin.php?page='; 144 $perm_url = $admin_url.'group_perm&group_id='; 145 $del_url = $admin_url.'group_list&delete='; 146 $members_url = $admin_url.'user_list&group='; 147 148 $num = 0; 149 while ($row = mysql_fetch_array($result)) 150 { 151 $query = ' 152 SELECT COUNT(*) 153 FROM '.USER_GROUP_TABLE.' 154 WHERE group_id = '.$row['id'].' 155 ;'; 156 list($counter) = mysql_fetch_row(pwg_query($query)); 157 158 $template->assign_block_vars( 159 'group', 160 array( 161 'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1', 162 'NAME' => $row['name'], 163 'MEMBERS' => sprintf(l10n('%d members'), $counter), 164 'U_MEMBERS' => $members_url.$row['id'], 165 'U_DELETE' => $del_url.$row['id'], 166 'U_PERM' => $perm_url.$row['id'] 167 ) 168 ); 169 } 170 171 // +-----------------------------------------------------------------------+ 172 // | sending html code | 173 // +-----------------------------------------------------------------------+ 174 175 $template->assign_var_from_handle('ADMIN_CONTENT', 'group_list'); 176 194 177 ?>
Note: See TracChangeset
for help on using the changeset viewer.