Ignore:
Timestamp:
Aug 16, 2005, 5:19:40 PM (19 years ago)
Author:
plg
Message:
  • modification : admin/group_list screen completely rewrite to present the list of existing groups and a form to add a new group. Here you can delete a group, go to permissions management for a group, go to member list of a group (on admin/user_list with a filter on group).
  • modification : admin/user_perm and admin/group_perm are not directly reachable by the admin menu anymore. Only the user/group list lets you reach user/group permissions management screen.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/admin/group_list.php

    r792 r815  
    2525// | USA.                                                                  |
    2626// +-----------------------------------------------------------------------+
     27
    2728if( !defined("PHPWG_ROOT_PATH") )
    2829{
    29         die ("Hacking attempt!");
     30  die ("Hacking attempt!");
    3031}
    3132include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
    3233
    33 //-------------------------------------------------------------- delete a group
    34 if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] )  )
     34// +-----------------------------------------------------------------------+
     35// |                             delete a group                            |
     36// +-----------------------------------------------------------------------+
     37
     38if (isset($_GET['delete']) and is_numeric($_GET['delete']))
    3539{
    3640  // destruction of the access linked to the group
    37   $query = 'DELETE FROM '.GROUP_ACCESS_TABLE;
    38   $query.= ' WHERE group_id = '.$_POST['group_id'];
    39   $query.= ';';
    40   pwg_query( $query );
    41        
    42         // destruction of the users links for this group
    43   $query = 'DELETE FROM ' . USER_GROUP_TABLE;
    44   $query.= ' WHERE group_id = '.$_POST['group_id'];
    45         pwg_query( $query );
    46        
    47         // destruction of the group
    48         $query = 'DELETE FROM ' . GROUPS_TABLE;
    49   $query.= ' WHERE id = '.$_POST['group_id'];
    50         $query.= ';';
    51         pwg_query( $query );
     41  $query = '
     42DELETE
     43  FROM '.GROUP_ACCESS_TABLE.'
     44  WHERE group_id = '.$_GET['delete'].'
     45;';
     46  pwg_query($query);
     47 
     48  // destruction of the users links for this group
     49  $query = '
     50DELETE
     51  FROM '.USER_GROUP_TABLE.'
     52  WHERE group_id = '.$_GET['delete'].'
     53;';
     54  pwg_query($query);
     55
     56  $query = '
     57SELECT name
     58  FROM '.GROUPS_TABLE.'
     59  WHERE id = '.$_GET['delete'].'
     60;';
     61  list($groupname) = mysql_fetch_row(pwg_query($query));
     62 
     63  // destruction of the group
     64  $query = '
     65DELETE
     66  FROM '.GROUPS_TABLE.'
     67  WHERE id = '.$_GET['delete'].'
     68;';
     69  pwg_query($query);
     70
     71  array_push(
     72    $page['infos'],
     73    sprintf(l10n('group "%s" deleted'), $groupname)
     74    );
    5275}
    53 //----------------------------------------------------------------- add a group
    54 elseif ( isset( $_POST['new'] ) )
     76
     77// +-----------------------------------------------------------------------+
     78// |                              add a group                              |
     79// +-----------------------------------------------------------------------+
     80
     81if (isset($_POST['submit_add']))
    5582{
    56   if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] )
    57        or preg_match( '/"/', $_POST['newgroup'] ) )
     83  if (empty($_POST['groupname']))
    5884  {
    59     array_push( $page['errors'], $lang['group_add_error1'] );
     85    array_push($page['errors'], $lang['group_add_error1']);
    6086  }
    61   if ( count( $page['errors'] ) == 0 )
     87  if (count($page['errors']) == 0)
    6288  {
    6389    // is the group not already existing ?
    64     $query = 'SELECT id FROM '.GROUPS_TABLE;
    65     $query.= " WHERE name = '".$_POST['newgroup']."'";
    66     $query.= ';';
    67     $result = pwg_query( $query );
    68     if ( mysql_num_rows( $result ) > 0 )
     90    $query = '
     91SELECT COUNT(*)
     92  FROM '.GROUPS_TABLE.'
     93  WHERE name = \''.$_POST['groupname'].'\'
     94;';
     95    list($count) = mysql_fetch_row(pwg_query($query));
     96    if ($count != 0)
    6997    {
    70       array_push( $page['errors'], $lang['group_add_error2'] );
     98      array_push($page['errors'], $lang['group_add_error2']);
    7199    }
    72100  }
    73   if ( count( $page['errors'] ) == 0 )
     101  if (count($page['errors']) == 0)
    74102  {
    75103    // creating the group
    76     $query = ' INSERT INTO '.GROUPS_TABLE;
    77     $query.= " (name) VALUES ('".$_POST['newgroup']."')";
    78     $query.= ';';
    79     pwg_query( $query );
    80   }
    81 }
    82 //------------------------------------------------------------- user management
    83 elseif ( isset( $_POST['add'] ) )
    84 {
    85   $userdata = getuserdata($_POST['username']);
    86   if (!$userdata)
    87   {
    88     array_push($page['errors'], $lang['user_err_unknown']);
    89   }
    90   else
    91   {
    92     // create a new association between the user and a group
    93104    $query = '
    94 INSERT INTO '.USER_GROUP_TABLE.'
    95   (user_id,group_id)
     105INSERT INTO '.GROUPS_TABLE.'
     106  (name)
    96107  VALUES
    97   ('.$userdata['id'].','.$_POST['edit_group_id'].')
     108  (\''.mysql_escape_string($_POST['groupname']).'\')
    98109;';
    99110    pwg_query($query);
    100   }
    101 }
    102 elseif (isset( $_POST['deny_user'] ))
    103 {
    104   $sql_in = '';
    105         $members = $_POST['members'];
    106         for($i = 0; $i < count($members); $i++)
    107   {
    108     $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
    109   }
    110   $query = 'DELETE FROM ' . USER_GROUP_TABLE;
    111   $query.= ' WHERE user_id IN ('.$sql_in;
    112         $query.= ') AND group_id = '.$_POST['edit_group_id'];
    113         pwg_query( $query );
    114 }
    115 //----------------------------------------------------------------- groups list
    116111
    117 $query = 'SELECT id,name FROM '.GROUPS_TABLE;
    118 $query.= ' ORDER BY id ASC;';
    119 $result = pwg_query( $query );
    120 $groups_display = '<select name="group_id">';
    121 $groups_nb=0;
    122 while ( $row = mysql_fetch_array( $result ) )
    123 {
    124   $groups_nb++;
    125         $selected = '';
    126         if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
    127                 $selected = 'selected';
    128   $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name']  . '</option>';
    129 }
    130 $groups_display .= '</select>';
    131 
    132 $action = PHPWG_ROOT_PATH.'admin.php?page=group_list';
    133 //----------------------------------------------------- template initialization
    134 $template->set_filenames( array('groups'=>'admin/group_list.tpl') );
    135 $template->assign_vars(array(
    136   'S_GROUP_SELECT'=>$groups_display,
    137        
    138   'L_GROUP_SELECT'=>$lang['group_list_title'],
    139   'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'],
    140   'L_LOOK_UP'=>$lang['edit'],
    141   'L_GROUP_DELETE'=>$lang['delete'],
    142   'L_CREATE_NEW_GROUP'=>$lang['group_add'],
    143   'L_GROUP_EDIT'=>$lang['group_edit'],
    144   'L_USER_NAME'=>$lang['login'],
    145   'L_USER_EMAIL'=>$lang['mail_address'],
    146   'L_USER_SELECT'=>$lang['Select'],
    147   'L_DENY_SELECTED'=>$lang['group_deny_user'],
    148   'L_ADD_MEMBER'=>$lang['group_add_user'],
    149   'L_FIND_USERNAME'=>$lang['Find_username'],
    150        
    151   'S_GROUP_ACTION'=>add_session_id($action),
    152   'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
    153   ));
    154 
    155 if ($groups_nb)
    156 {
    157   $template->assign_block_vars('select_box',array());
    158 }
    159 
    160 //----------------------------------------------------------------- add a group
    161 if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] ))
    162 {
    163   // Retrieving the group name
    164   $query = 'SELECT id, name FROM '.GROUPS_TABLE;
    165   $query.= " WHERE id = '".$_POST['group_id']."'";
    166   $query.= ';';
    167   $result = mysql_fetch_array(pwg_query( $query ));
    168   $template->assign_block_vars('edit_group',array(
    169           'GROUP_NAME'=>$result['name'],
    170           'GROUP_ID'=>$result['id']
    171                 ));
    172                
    173   // Retrieving all the users
    174   $query = 'SELECT id, username, mail_address';
    175   $query.= ' FROM ('.USERS_TABLE.' as u';
    176   $query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)';
    177   $query.= " WHERE ug.group_id = '".$_POST['group_id']."';";
    178   $result = pwg_query( $query );
    179   $i=0;
    180   while ( $row = mysql_fetch_array( $result ) )
    181   {
    182     $class = ($i % 2)? 'row1':'row2'; $i++;
    183         $template->assign_block_vars('edit_group.user',array(
    184                 'ID'=>$row['id'],
    185                 'NAME'=>$row['username'],
    186                 'EMAIL'=>$row['mail_address'],
    187                 'T_CLASS'=>$class
    188         ));
     112    array_push(
     113      $page['infos'],
     114      sprintf(l10n('group "%s" added'), $_POST['groupname'])
     115      );
    189116  }
    190117}
    191118
    192 //----------------------------------------------------------- sending html code
    193 $template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
     119// +-----------------------------------------------------------------------+
     120// |                             template init                             |
     121// +-----------------------------------------------------------------------+
     122
     123$template->set_filenames(array('group_list' => 'admin/group_list.tpl'));
     124
     125$template->assign_vars(
     126  array(
     127    'F_ADD_ACTION' =>
     128      add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
     129    )
     130  );
     131
     132// +-----------------------------------------------------------------------+
     133// |                              group list                               |
     134// +-----------------------------------------------------------------------+
     135
     136$query = '
     137SELECT id, name
     138  FROM '.GROUPS_TABLE.'
     139  ORDER BY id ASC
     140;';
     141$result = pwg_query($query);
     142
     143$admin_url = PHPWG_ROOT_PATH.'admin.php?page=';
     144$perm_url    = $admin_url.'group_perm&amp;group_id=';
     145$del_url     = $admin_url.'group_list&amp;delete=';
     146$members_url = $admin_url.'user_list&amp;group=';
     147
     148$num = 0;
     149while ($row = mysql_fetch_array($result))
     150{
     151  $query = '
     152SELECT COUNT(*)
     153  FROM '.USER_GROUP_TABLE.'
     154  WHERE group_id = '.$row['id'].'
     155;';
     156  list($counter) = mysql_fetch_row(pwg_query($query));
     157 
     158  $template->assign_block_vars(
     159    'group',
     160    array(
     161      'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1',
     162      'NAME' => $row['name'],
     163      'MEMBERS' => sprintf(l10n('%d members'), $counter),
     164      'U_MEMBERS' => $members_url.$row['id'],
     165      'U_DELETE' => $del_url.$row['id'],
     166      'U_PERM' => $perm_url.$row['id']
     167      )
     168    );
     169}
     170
     171// +-----------------------------------------------------------------------+
     172// |                           sending html code                           |
     173// +-----------------------------------------------------------------------+
     174
     175$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
     176
    194177?>
Note: See TracChangeset for help on using the changeset viewer.