Context Navigation

source: branches/2.5/admin/group_list.php @ 25147

Last change on this file since 25147 was 25147, checked in by flop25, 11 years ago

merge r25119 from trunk to branch 2.5

bug:2980 Fatal error when renaming a group

Property svn:eol-style set to LF

File size: 12.4 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
37	{
38	check_pwg_token();
39	}
40	// +-----------------------------------------------------------------------+
41	// \| add a group \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	if (empty($_POST['groupname']))
47	{
48	array_push($page['errors'], l10n('The name of a group must not contain " or \' or be empty.'));
49	}
50	if (count($page['errors']) == 0)
51	{
52	// is the group not already existing ?
53	$query = '
54	SELECT COUNT(*)
55	FROM '.GROUPS_TABLE.'
56	WHERE name = \''.$_POST['groupname'].'\'
57	;';
58	list($count) = pwg_db_fetch_row(pwg_query($query));
59	if ($count != 0)
60	{
61	array_push($page['errors'], l10n('This name is already used by another group.'));
62	}
63	}
64	if (count($page['errors']) == 0)
65	{
66	// creating the group
67	$query = '
68	INSERT INTO '.GROUPS_TABLE.'
69	(name)
70	VALUES
71	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
72	;';
73	pwg_query($query);
74
75	array_push(
76	$page['infos'],
77	sprintf(l10n('group "%s" added'), $_POST['groupname'])
78	);
79	}
80	}
81
82	// +-----------------------------------------------------------------------+
83	// \| action send \|
84	// +-----------------------------------------------------------------------+
85	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
86	{
87	// if the user tries to apply an action, it means that there is at least 1
88	// photo in the selection
89	$groups = $_POST['group_selection'];
90	if (count($groups) == 0)
91	{
92	array_push($page['errors'], l10n('Select at least one group'));
93	}
94
95	$action = $_POST['selectAction'];
96
97	// +
98	// \|rename a group
99	// +
100
101	if ($action=="rename")
102	{
103	// is the group not already existing ?
104	$query = '
105	SELECT name
106	FROM '.GROUPS_TABLE.'
107	;';
108	$group_names = array_from_query($query, 'name');
109	foreach($groups as $group)
110	{
111	if ( in_array($_POST['rename_'.$group.''], $group_names))
112	{
113	$page['errors'][] = $_POST['rename_'.$group.''].' \| '.l10n('This name is already used by another group.');
114	}
115	elseif ( !empty($_POST['rename_'.$group.'']))
116	{
117	$query = '
118	UPDATE '.GROUPS_TABLE.'
119	SET name = \''.pwg_db_real_escape_string($_POST['rename_'.$group.'']).'\'
120	WHERE id = '.$group.'
121	;';
122	pwg_query($query);
123	}
124	}
125	}
126
127	// +
128	// \|delete a group
129	// +
130
131	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
132	{
133	foreach($groups as $group)
134	{
135	// destruction of the access linked to the group
136	$query = '
137	DELETE
138	FROM '.GROUP_ACCESS_TABLE.'
139	WHERE group_id = '.$group.'
140	;';
141	pwg_query($query);
142
143	// destruction of the users links for this group
144	$query = '
145	DELETE
146	FROM '.USER_GROUP_TABLE.'
147	WHERE group_id = '.$group.'
148	;';
149	pwg_query($query);
150
151	$query = '
152	SELECT name
153	FROM '.GROUPS_TABLE.'
154	WHERE id = '.$group.'
155	;';
156	list($groupname) = pwg_db_fetch_row(pwg_query($query));
157
158	// destruction of the group
159	$query = '
160	DELETE
161	FROM '.GROUPS_TABLE.'
162	WHERE id = '.$group.'
163	;';
164	pwg_query($query);
165
166	array_push(
167	$page['infos'],
168	sprintf(l10n('group "%s" deleted'), $groupname)
169	);
170	}
171	}
172
173	// +
174	// \|merge groups into a new one
175	// +
176
177	if ($action=="merge" and count($groups) > 1)
178	{
179	// is the group not already existing ?
180	$query = '
181	SELECT COUNT(*)
182	FROM '.GROUPS_TABLE.'
183	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
184	;';
185	list($count) = pwg_db_fetch_row(pwg_query($query));
186	if ($count != 0)
187	{
188	array_push($page['errors'], l10n('This name is already used by another group.'));
189	}
190	else
191	{
192	// creating the group
193	$query = '
194	INSERT INTO '.GROUPS_TABLE.'
195	(name)
196	VALUES
197	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
198	;';
199	pwg_query($query);
200	$query = '
201	SELECT id
202	FROM '.GROUPS_TABLE.'
203	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
204	;';
205	list($groupid) = pwg_db_fetch_row(pwg_query($query));
206	}
207	$grp_access = array();
208	$usr_grp = array();
209	foreach($groups as $group)
210	{
211	$query = '
212	SELECT *
213	FROM '.GROUP_ACCESS_TABLE.'
214	WHERE group_id = '.$group.'
215	;';
216	$res=pwg_query($query);
217	while ($row = pwg_db_fetch_assoc($res))
218	{
219	$new_grp_access= array(
220	'cat_id' => $row['cat_id'],
221	'group_id' => $groupid
222	);
223	if (!in_array($new_grp_access,$grp_access))
224	{
225	$grp_access[]=$new_grp_access;
226	}
227	}
228
229	$query = '
230	SELECT *
231	FROM '.USER_GROUP_TABLE.'
232	WHERE group_id = '.$group.'
233	;';
234	$res=pwg_query($query);
235	while ($row = pwg_db_fetch_assoc($res))
236	{
237	$new_usr_grp= array(
238	'user_id' => $row['user_id'],
239	'group_id' => $groupid
240	);
241	if (!in_array($new_usr_grp,$usr_grp))
242	{
243	$usr_grp[]=$new_usr_grp;
244	}
245	}
246	}
247	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
248	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
249	array_push(
250	$page['infos'],
251	sprintf(l10n('group "%s" added'), $_POST['merge'])
252	);
253	}
254
255	// +
256	// \|duplicate a group
257	// +
258
259	if ($action=="duplicate" )
260	{
261	foreach($groups as $group)
262	{
263	if ( empty($_POST['duplicate_'.$group.'']) )
264	{
265	break;
266	}
267	// is the group not already existing ?
268	$query = '
269	SELECT COUNT(*)
270	FROM '.GROUPS_TABLE.'
271	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
272	;';
273	list($count) = pwg_db_fetch_row(pwg_query($query));
274	if ($count != 0)
275	{
276	array_push($page['errors'], l10n('This name is already used by another group.'));
277	break;
278	}
279	// creating the group
280	$query = '
281	INSERT INTO '.GROUPS_TABLE.'
282	(name)
283	VALUES
284	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
285	;';
286	pwg_query($query);
287	$query = '
288	SELECT id
289	FROM '.GROUPS_TABLE.'
290	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
291	;';
292
293	list($groupid) = pwg_db_fetch_row(pwg_query($query));
294	$query = '
295	SELECT *
296	FROM '.GROUP_ACCESS_TABLE.'
297	WHERE group_id = '.$group.'
298	;';
299	$grp_access = array();
300	$res=pwg_query($query);
301	while ($row = pwg_db_fetch_assoc($res))
302	{
303	$grp_access[] = array(
304	'cat_id' => $row['cat_id'],
305	'group_id' => $groupid
306	);
307	}
308	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
309
310	$query = '
311	SELECT *
312	FROM '.USER_GROUP_TABLE.'
313	WHERE group_id = '.$group.'
314	;';
315	$usr_grp = array();
316	$res=pwg_query($query);
317	while ($row = pwg_db_fetch_assoc($res))
318	{
319	$usr_grp[] = array(
320	'user_id' => $row['user_id'],
321	'group_id' => $groupid
322	);
323	}
324	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
325
326	array_push(
327	$page['infos'],
328	sprintf(l10n('group "%s" added'), $_POST['duplicate_'.$group.''])
329	);
330	}
331	}
332
333
334	// +
335	// \| toggle_default
336	// +
337
338	if ($action=="toggle_default")
339	{
340	foreach($groups as $group)
341	{
342	$query = '
343	SELECT name, is_default
344	FROM '.GROUPS_TABLE.'
345	WHERE id = '.$group.'
346	;';
347	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
348
349	// update of the group
350	$query = '
351	UPDATE '.GROUPS_TABLE.'
352	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
353	WHERE id = '.$group.'
354	;';
355	pwg_query($query);
356
357	array_push(
358	$page['infos'],
359	sprintf(l10n('group "%s" updated'), $groupname)
360	);
361	}
362	}
363	}
364	// +-----------------------------------------------------------------------+
365	// \| template init \|
366	// +-----------------------------------------------------------------------+
367
368	$template->set_filenames(array('group_list' => 'group_list.tpl'));
369
370	$template->assign(
371	array(
372	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
373	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
374	'PWG_TOKEN' => get_pwg_token(),
375	)
376	);
377
378	// +-----------------------------------------------------------------------+
379	// \| group list \|
380	// +-----------------------------------------------------------------------+
381
382	$query = '
383	SELECT id, name, is_default
384	FROM '.GROUPS_TABLE.'
385	ORDER BY name ASC
386	;';
387	$result = pwg_query($query);
388
389	$admin_url = get_root_url().'admin.php?page=';
390	$perm_url = $admin_url.'group_perm&group_id=';
391	$del_url = $admin_url.'group_list&delete=';
392	$members_url = $admin_url.'user_list&group=';
393	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
394
395	while ($row = pwg_db_fetch_assoc($result))
396	{
397	$query = '
398	SELECT username
399	FROM '.USERS_TABLE.' AS u
400	INNER JOIN '.USER_GROUP_TABLE.' AS ug
401	ON u.'.$conf['user_fields']['id'].' = ug.user_id
402	WHERE ug.group_id = '.$row['id'].'
403	;';
404	$members=array();
405	$res=pwg_query($query);
406	while ($us= pwg_db_fetch_assoc($res))
407	{
408	$members[]=$us['username'];
409	}
410	$template->append(
411	'groups',
412	array(
413	'NAME' => $row['name'],
414	'ID' => $row['id'],
415	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
416	'NB_MEMBERS' => count($members),
417	'L_MEMBERS' => implode(' - ', $members),
418	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
419	'U_MEMBERS' => $members_url.$row['id'],
420	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
421	'U_PERM' => $perm_url.$row['id'],
422	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
423	)
424	);
425	}
426
427	// +-----------------------------------------------------------------------+
428	// \| sending html code \|
429	// +-----------------------------------------------------------------------+
430
431	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
432
433	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: