[4169] | 1 | <?php |
---|
| 2 | |
---|
| 3 | // +-----------------------------------------------------------------------+ |
---|
| 4 | // | Piwigo - a PHP based picture gallery | |
---|
| 5 | // +-----------------------------------------------------------------------+ |
---|
| 6 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
| 7 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 8 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 9 | // +-----------------------------------------------------------------------+ |
---|
| 10 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 11 | // | it under the terms of the GNU General Public License as published by | |
---|
| 12 | // | the Free Software Foundation | |
---|
| 13 | // | | |
---|
| 14 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 15 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 16 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 17 | // | General Public License for more details. | |
---|
| 18 | // | | |
---|
| 19 | // | You should have received a copy of the GNU General Public License | |
---|
| 20 | // | along with this program; if not, write to the Free Software | |
---|
| 21 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 22 | // | USA. | |
---|
| 23 | // +-----------------------------------------------------------------------+ |
---|
| 24 | |
---|
[8956] | 25 | // Keeps file coded in UTF-8 without BOM : é |
---|
[4421] | 26 | |
---|
[4169] | 27 | // *************************************************************************** |
---|
| 28 | // ** evntcats_admin_funcs.php : Admin functions (include) ** |
---|
| 29 | // ** for Piwigo plugin Event Cats ** |
---|
| 30 | // *************************************************************************** |
---|
| 31 | |
---|
| 32 | // +-----------------------------------------------------------------------+ |
---|
| 33 | // | Header | |
---|
| 34 | // +-----------------------------------------------------------------------+ |
---|
| 35 | |
---|
[4333] | 36 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
| 37 | |
---|
[4169] | 38 | global $conf, $page; |
---|
| 39 | |
---|
| 40 | // +-----------------------------------------------------------------------+ |
---|
| 41 | // | Utilities functions | |
---|
| 42 | // +-----------------------------------------------------------------------+ |
---|
| 43 | |
---|
| 44 | /* |
---|
| 45 | * ec_end1() |
---|
| 46 | * Process repetitive task when error in database modifying functions. |
---|
| 47 | * |
---|
| 48 | * @param |
---|
| 49 | * $pst : $_POST argument |
---|
| 50 | * $msg : message |
---|
| 51 | * @return |
---|
| 52 | * false as this function is used when there is a problem |
---|
| 53 | */ |
---|
| 54 | function ec_end1($pst, $msg) { |
---|
| 55 | global $page; |
---|
[4178] | 56 | if (isset($_POST[$pst])) |
---|
| 57 | $page['errors'][] = |
---|
| 58 | l10n($msg). |
---|
| 59 | '$_POST[\''.$pst.'\'] = '. |
---|
| 60 | $_POST[$pst]; |
---|
| 61 | else |
---|
| 62 | $page['errors'][] = |
---|
| 63 | l10n($msg). |
---|
| 64 | '$_POST[\''.$pst.'\'] unset'; |
---|
[4169] | 65 | return false; |
---|
| 66 | } |
---|
| 67 | |
---|
| 68 | /* |
---|
[4329] | 69 | * ec_end2() |
---|
| 70 | * Process repetitive task when error in database modifying functions. |
---|
| 71 | * |
---|
| 72 | * @param |
---|
| 73 | * $n : number to display |
---|
| 74 | * @return |
---|
| 75 | * false as this function is used when there is a problem |
---|
| 76 | */ |
---|
| 77 | function ec_end2($n) { |
---|
| 78 | global $page; |
---|
[8956] | 79 | $page['errors'][] = |
---|
| 80 | sprintf(l10n('ec_DB_problem'), $n). |
---|
| 81 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4329] | 82 | return false; |
---|
| 83 | } |
---|
| 84 | |
---|
| 85 | /* |
---|
[4181] | 86 | * ec_create_user_OK() |
---|
| 87 | * Creates new generic user and eventually new group as described in $_POST. |
---|
[4218] | 88 | * Assumes that the validity of the different indexes of $_POST it uses, have |
---|
| 89 | * already been checked. |
---|
[4169] | 90 | * |
---|
| 91 | * @param |
---|
[4181] | 92 | * no param needed |
---|
[4169] | 93 | * @return |
---|
[4181] | 94 | * the created user_id or false whether all operations suceeded or not |
---|
[4169] | 95 | */ |
---|
[4181] | 96 | function ec_create_user_OK() { |
---|
[4420] | 97 | global $page, $ec_lists; |
---|
[4178] | 98 | |
---|
[4218] | 99 | // This function assumes that the validity of the different indexes of |
---|
| 100 | // $_POST it uses, have already been checked. |
---|
[4181] | 101 | |
---|
| 102 | // User creation, as generic |
---|
| 103 | $ec_user_id = false; |
---|
| 104 | $page['errors'] = register_user( |
---|
[4436] | 105 | $_POST['login'], $_POST['password'], '', false |
---|
[4181] | 106 | ); |
---|
| 107 | if ( |
---|
| 108 | count($page['errors']) != 0 or |
---|
| 109 | !($ec_user_id = get_userid($_POST['login'])) |
---|
| 110 | ) { |
---|
| 111 | array_unshift($page['errors'], l10n('ec_user_create_pb')); |
---|
| 112 | return false; |
---|
| 113 | } |
---|
| 114 | else |
---|
[4329] | 115 | $page['infos'][] = sprintf(l10n('ec_user_create_OK'), $_POST['login']); |
---|
[4181] | 116 | if ( |
---|
| 117 | pwg_query(" |
---|
| 118 | UPDATE `".USER_INFOS_TABLE."` |
---|
| 119 | SET `status` = 'generic' |
---|
| 120 | WHERE `user_id` = ".$ec_user_id."; |
---|
| 121 | ") !== false |
---|
| 122 | ) |
---|
[4329] | 123 | $page['infos'][] = sprintf(l10n('ec_user_generic_OK'), $_POST['login']); |
---|
[4181] | 124 | else |
---|
[4329] | 125 | $page['errors'][] = sprintf(l10n('ec_user_generic_pb'), $_POST['login']); |
---|
[4181] | 126 | |
---|
[4436] | 127 | // New group creation if required, and association with user_id, and if |
---|
| 128 | // needed category or add. p., at the same time |
---|
[4181] | 129 | if ( |
---|
| 130 | isset($_POST['ec_in_up_newgroup']) and |
---|
| 131 | isset($_POST['groupname']) and |
---|
| 132 | $_POST['groupname'] != '' |
---|
| 133 | ) { |
---|
[4420] | 134 | // Checks if a group named $_POST['groupname'] already exists. |
---|
| 135 | // If not, creates it : then, t4 is no more false. In any case, t3 gets |
---|
| 136 | // the id of the group named $_POST['groupname']. |
---|
[4181] | 137 | $t2 = 0; $t3 = false; $t4 = false; |
---|
[4420] | 138 | while ( // The check is executed once at minimum |
---|
[8956] | 139 | !($t3 = mysql_fetch_row(pwg_query(" |
---|
[4181] | 140 | SELECT `id` |
---|
| 141 | FROM `".GROUPS_TABLE."` |
---|
| 142 | WHERE `name` = '".$_POST['groupname']."'; |
---|
| 143 | "))) and |
---|
[4420] | 144 | $t2++ == 0 // The check is executed twice at maximum |
---|
[4436] | 145 | ) |
---|
[4420] | 146 | $t4 = pwg_query(" |
---|
[4181] | 147 | INSERT INTO `".GROUPS_TABLE."` (`name`, `is_default`) |
---|
| 148 | VALUES ('".$_POST['groupname']."', 'false'); |
---|
[4436] | 149 | "); // Cannot be executed twice |
---|
[4181] | 150 | if ($t4) |
---|
[4329] | 151 | $page['infos'][] = |
---|
| 152 | sprintf(l10n('ec_group_create_OK'), $_POST['groupname']); |
---|
[8956] | 153 | if (!$t3) |
---|
| 154 | $page['errors'][] = |
---|
| 155 | sprintf(l10n('ec_group_create_pb'), $_POST['groupname']).' (1) : '. |
---|
| 156 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4181] | 157 | if ( |
---|
| 158 | pwg_query(" |
---|
| 159 | INSERT INTO `".USER_GROUP_TABLE."` (`user_id`, `group_id`) |
---|
| 160 | VALUES ('".$ec_user_id."', '".$t3[0]."'); |
---|
| 161 | ") === false |
---|
[8956] | 162 | ) $page['errors'][] = |
---|
| 163 | sprintf(l10n('ec_group_create_pb'), $_POST['groupname']).' (2) : '. |
---|
| 164 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4329] | 165 | else $page['infos'][] = sprintf( |
---|
| 166 | l10n('ec_group_create_OK2'), |
---|
| 167 | $_POST['login'], $_POST['groupname'] |
---|
| 168 | ); |
---|
[4418] | 169 | |
---|
| 170 | // If a category id has been posted, the newly created group must be |
---|
| 171 | // allowed to navigate in this category |
---|
[4436] | 172 | // We are in the group creation block, thus the we know this group cannot |
---|
| 173 | // be associated to any category |
---|
| 174 | if ( |
---|
| 175 | isset($_POST['ec_in_up_cat']) and |
---|
| 176 | array_key_exists($_POST['ec_in_up_cat'], $ec_lists['categories']) |
---|
| 177 | ) { |
---|
[8956] | 178 | if (mysql_num_rows(pwg_query(" |
---|
[4418] | 179 | SELECT `id` |
---|
| 180 | FROM `".CATEGORIES_TABLE."` |
---|
| 181 | WHERE `id` = '".$_POST['ec_in_up_cat']."'; |
---|
| 182 | ")) == 0) return ec_end1('ec_in_up_cat', 'Category doesn\'t exist : '); |
---|
| 183 | else { |
---|
[4420] | 184 | $private_uppercats = array_from_query(" |
---|
| 185 | SELECT `id` |
---|
| 186 | FROM `".CATEGORIES_TABLE."` |
---|
| 187 | WHERE `id` IN (". |
---|
| 188 | implode(',', get_uppercat_ids(array($_POST['ec_in_up_cat']))). |
---|
| 189 | ") |
---|
| 190 | AND `status` = 'private'; |
---|
| 191 | ", 'id'); |
---|
| 192 | $inserts = array(); |
---|
| 193 | foreach ($private_uppercats as $cat_id) |
---|
| 194 | $inserts[] = array( |
---|
| 195 | 'group_id' => $t3[0], |
---|
| 196 | 'cat_id' => $cat_id |
---|
| 197 | ); |
---|
| 198 | mass_inserts(GROUP_ACCESS_TABLE,array('group_id','cat_id'), $inserts); |
---|
| 199 | if (mysql_errno() == 0) |
---|
| 200 | $page['infos'][] = sprintf( |
---|
| 201 | l10n('ec_group_create_OK2'), |
---|
| 202 | $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
| 203 | ); |
---|
[8956] | 204 | else |
---|
| 205 | $page['errors'][] = sprintf( |
---|
[4436] | 206 | l10n('ec_assoc_pb'), |
---|
[8956] | 207 | $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
| 208 | ).' : MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4420] | 209 | } |
---|
[4418] | 210 | } |
---|
| 211 | |
---|
[4420] | 212 | // If an add. p. id has been posted, the newly created group must be |
---|
| 213 | // allowed to navigate in this additional page |
---|
[4436] | 214 | if ( |
---|
| 215 | isset($_POST['ec_in_up_aps']) and |
---|
| 216 | array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) |
---|
| 217 | ) { |
---|
| 218 | $granted_groups = array(); |
---|
| 219 | $title_arr = array_from_query(" |
---|
| 220 | SELECT `title` |
---|
| 221 | FROM `".ADD_PAGES_TABLE."` |
---|
| 222 | WHERE `id` = ".$_POST['ec_in_up_aps']."; |
---|
| 223 | ", 'title'); |
---|
| 224 | $t_user = (is_in($title_arr[0], '/user_id=')) ? |
---|
| 225 | explode('/user_id=', $title_arr[0]) : array($title_arr[0]); |
---|
| 226 | if (is_in($t_user[0], '/group_id=')) { |
---|
| 227 | $t_group = explode('/group_id=', $t_user[0]); |
---|
| 228 | $granted_groups = explode(',', $t_group[1]); |
---|
| 229 | } |
---|
| 230 | else $t_group[0] = $t_user[0]; |
---|
| 231 | if (!in_array($t3[0], $granted_groups)) { |
---|
| 232 | $granted_groups[] = $t3[0]; |
---|
| 233 | $t_group[1] = implode(',', $granted_groups); |
---|
| 234 | $t_user[0] = implode('/group_id=', $t_group); |
---|
| 235 | if (pwg_query(" |
---|
| 236 | UPDATE `".ADD_PAGES_TABLE."` |
---|
| 237 | SET `title` = '".implode('/user_id=', $t_user)."' |
---|
| 238 | WHERE `id` = ".$_POST['ec_in_up_aps']."; |
---|
[8956] | 239 | ") === false) |
---|
| 240 | $page['errors'][] = sprintf( |
---|
[4436] | 241 | l10n('ec_assoc_pb'), |
---|
[8956] | 242 | $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] |
---|
| 243 | ).' : MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4436] | 244 | else $page['infos'][] = sprintf( |
---|
| 245 | l10n('ec_group_create_OK2'), |
---|
| 246 | $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] |
---|
| 247 | ); |
---|
| 248 | } |
---|
| 249 | } |
---|
[4418] | 250 | } |
---|
| 251 | else { |
---|
| 252 | // If a category id has been posted, the newly created user must be |
---|
[4436] | 253 | // allowed to navigate in this category, if it is not the case yet |
---|
| 254 | if ( |
---|
| 255 | isset($_POST['ec_in_up_cat']) and |
---|
| 256 | array_key_exists($_POST['ec_in_up_cat'], $ec_lists['categories']) |
---|
| 257 | ) { |
---|
| 258 | $private_uppercats = array_from_query(" |
---|
| 259 | SELECT `id` |
---|
| 260 | FROM `".CATEGORIES_TABLE."` |
---|
| 261 | WHERE `id` IN (". |
---|
| 262 | implode(',', get_uppercat_ids(array($_POST['ec_in_up_cat']))). |
---|
| 263 | ") |
---|
| 264 | AND `status` = 'private'; |
---|
| 265 | ", 'id'); |
---|
| 266 | // We must not reinsert already existing lines in user_access table |
---|
| 267 | $granteds = array(); |
---|
| 268 | foreach ($private_uppercats as $cat_id) |
---|
| 269 | $granteds[$cat_id] = array(); |
---|
| 270 | $result = pwg_query(" |
---|
| 271 | SELECT `user_id`, `cat_id` |
---|
| 272 | FROM `".USER_ACCESS_TABLE."` |
---|
| 273 | WHERE `cat_id` IN (".implode(',', $private_uppercats).") |
---|
| 274 | AND `user_id` = '$ec_user_id'; |
---|
| 275 | "); |
---|
[8956] | 276 | while ($row = mysql_fetch_array($result)) |
---|
[4436] | 277 | $granteds[$row['cat_id']][] = $row['user_id']; |
---|
| 278 | $inserts = array(); |
---|
| 279 | foreach ($private_uppercats as $cat_id) |
---|
| 280 | if (!in_array($ec_user_id, $granteds[$cat_id])) |
---|
| 281 | $inserts[] = array( |
---|
| 282 | 'user_id' => $ec_user_id, |
---|
| 283 | 'cat_id' => $cat_id |
---|
| 284 | ); |
---|
| 285 | if (count($inserts) != 0) { |
---|
| 286 | mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts); |
---|
| 287 | if (mysql_errno() == 0) |
---|
| 288 | $page['infos'][] = sprintf( |
---|
| 289 | l10n('ec_group_create_OK2'), |
---|
| 290 | $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
| 291 | ); |
---|
[8956] | 292 | else |
---|
| 293 | $page['errors'][] = sprintf( |
---|
[4436] | 294 | l10n('ec_assoc_pb'), |
---|
| 295 | $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
[8956] | 296 | ).' : MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4436] | 297 | } |
---|
| 298 | } |
---|
| 299 | |
---|
| 300 | // If an add. p. id has been posted, the newly created user should be |
---|
| 301 | // allowed to navigate in this additional page => give a warning message |
---|
| 302 | if ( |
---|
| 303 | isset($_POST['ec_in_up_aps']) and |
---|
| 304 | array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) |
---|
| 305 | ) $page['errors'][] = sprintf( |
---|
| 306 | l10n('ec_user_access_AP'), |
---|
| 307 | $ec_lists['add_pages'][$_POST['ec_in_up_aps']], |
---|
| 308 | $_POST['login'] |
---|
| 309 | ); |
---|
[4418] | 310 | } |
---|
[4181] | 311 | return $ec_user_id; |
---|
[4169] | 312 | } |
---|
| 313 | |
---|
| 314 | // +-----------------------------------------------------------------------+ |
---|
| 315 | // | Tables building functions | |
---|
| 316 | // +-----------------------------------------------------------------------+ |
---|
| 317 | |
---|
| 318 | /* |
---|
| 319 | * build_ec_duplicable_codes() |
---|
| 320 | * |
---|
| 321 | * |
---|
| 322 | * @param |
---|
| 323 | * no parameter passed, the main material on which works the function, is |
---|
| 324 | * the global array variable $ec_lists. |
---|
| 325 | * @return |
---|
| 326 | * (no return value) |
---|
| 327 | */ |
---|
| 328 | function build_ec_duplicable_codes() { |
---|
[4173] | 329 | global $ec_lists, $template; |
---|
[4169] | 330 | $ec_lists['duplicable_codes'] = array(); |
---|
| 331 | $t = array(); |
---|
| 332 | foreach ($ec_lists['ec_table'] as $ec_entry) { |
---|
| 333 | if ( |
---|
| 334 | is_in($ec_entry['action'], 'ec_ok') and |
---|
| 335 | $ec_entry['forced'] == 'false' |
---|
| 336 | ) { |
---|
| 337 | $t[$ec_entry['id']] = $ec_entry['code']; |
---|
| 338 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = |
---|
| 339 | $ec_entry['id']; |
---|
[4418] | 340 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['comment'] = |
---|
| 341 | $ec_entry['comment']; |
---|
[4169] | 342 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = |
---|
| 343 | $ec_entry['user_id']; |
---|
| 344 | } |
---|
| 345 | } |
---|
| 346 | foreach ($t as $ec_id => $ec_code) { |
---|
| 347 | $ec_lists['duplicable_codes']['ids'][$ec_id] = |
---|
| 348 | $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; |
---|
[4418] | 349 | $ec_lists['duplicable_codes']['comment'][$ec_id] = |
---|
| 350 | $ec_lists['duplicable_codes']['codes'][$ec_code]['comment']; |
---|
[4169] | 351 | } |
---|
[4173] | 352 | |
---|
| 353 | // Builds a category list displayed a best way |
---|
| 354 | build_ec_categories(false); |
---|
[4169] | 355 | } |
---|
| 356 | |
---|
| 357 | // +-----------------------------------------------------------------------+ |
---|
| 358 | // | Database modifying functions | |
---|
| 359 | // +-----------------------------------------------------------------------+ |
---|
| 360 | |
---|
| 361 | /* |
---|
[4218] | 362 | * ec_create_modify_entry_OK() |
---|
[4169] | 363 | * returns true or false whether the creation of a new entry described by |
---|
| 364 | * $_POST was OK or not. |
---|
| 365 | * |
---|
| 366 | * @param |
---|
| 367 | * no param |
---|
| 368 | * @return |
---|
| 369 | * true if creation was OK ; false if not |
---|
| 370 | */ |
---|
[4218] | 371 | function ec_create_modify_entry_OK() { |
---|
[4436] | 372 | global $page, $ec_lists; |
---|
[4169] | 373 | |
---|
[4218] | 374 | // $_POST validity checks : action prevented in case of bad arguments |
---|
[4173] | 375 | |
---|
[4218] | 376 | if (!isset($_POST['ec_act1'])) |
---|
[4329] | 377 | return ec_end1('ec_act1', 'Bad argument : '); |
---|
[4173] | 378 | |
---|
[4219] | 379 | if ( |
---|
| 380 | ($_POST['ec_act1']) != 'toggle_forced' and |
---|
| 381 | !isset($_POST['ec_input_action']) |
---|
[4329] | 382 | ) return ec_end1('ec_input_action', 'Bad argument : '); |
---|
[4173] | 383 | |
---|
[4218] | 384 | $is_creation = true; |
---|
[4219] | 385 | $ec_user_id = 'NULL'; |
---|
[4218] | 386 | $action = 'ec_ok'; |
---|
[4219] | 387 | $del_other = false; |
---|
[4418] | 388 | $comment = ''; |
---|
[4218] | 389 | switch ($_POST['ec_act1']) { |
---|
| 390 | |
---|
[4418] | 391 | // This "switch" statement is a little bit tricky... it has been a pain to |
---|
[4221] | 392 | // debug, and I wish to nobody to have to modify it :-\ ! |
---|
| 393 | // Its principle is that it manages checks for four occurrences of |
---|
| 394 | // $_POST['ec_act1'] : 'create', 'modify_entry_submit', |
---|
| 395 | // 'duplicate_entry_submit', and 'toggle_forced'. Some checks are mutual |
---|
| 396 | // between different occurences, but never all checks of each occurrence |
---|
| 397 | // of $_POST['ec_act1']. So tests are done with "if" statements to |
---|
| 398 | // produce "break" statements when needed. |
---|
| 399 | |
---|
[4218] | 400 | case 'create': |
---|
| 401 | |
---|
[4221] | 402 | // Stops if given code or user type are incorrect |
---|
[4218] | 403 | if ( |
---|
| 404 | !isset($_POST['ec_in_up_code']) or |
---|
[8956] | 405 | !ereg('^[a-zA-Z0-9_-]{4,32}$', $_POST['ec_in_up_code']) |
---|
[4329] | 406 | ) return ec_end1('ec_in_up_code', 'Improper code : '); |
---|
[4218] | 407 | else $ec_code = $_POST['ec_in_up_code']; |
---|
| 408 | |
---|
| 409 | foreach ($ec_lists['ec_table'] as $ec_entry) |
---|
| 410 | if ($ec_code == $ec_entry['code']) |
---|
[4329] | 411 | return ec_end1('ec_in_up_code', 'Code already exists : '); |
---|
[4218] | 412 | |
---|
| 413 | if ( |
---|
| 414 | !isset($_POST['ec_sel_user']) or ( |
---|
| 415 | $_POST['ec_sel_user'] != 'new' and |
---|
| 416 | $_POST['ec_sel_user'] != 'old' |
---|
| 417 | ) |
---|
[4329] | 418 | ) return ec_end1('ec_sel_user', 'Bad argument : '); |
---|
[4218] | 419 | |
---|
| 420 | case 'modify_entry_submit': |
---|
| 421 | |
---|
[4221] | 422 | // First checks for user type and/or value |
---|
[4218] | 423 | if (isset($_POST['ec_sel_user'])) { |
---|
| 424 | if ($_POST['ec_sel_user'] == 'new') { |
---|
| 425 | if ( |
---|
| 426 | !isset($_POST['login']) or |
---|
| 427 | $_POST['login'] == '' |
---|
[4329] | 428 | ) return ec_end1('login', 'Bad argument : '); |
---|
[4218] | 429 | if (in_array($_POST['login'], $ec_lists['user_ids'])) |
---|
[4329] | 430 | return ec_end1('login', 'User already exists : '); |
---|
[4218] | 431 | } |
---|
| 432 | elseif ($_POST['ec_sel_user'] == 'old') { |
---|
| 433 | if (!isset($_POST['ec_in_up_usr_list'])) |
---|
[4329] | 434 | return ec_end1('login', 'Bad argument : '); |
---|
[4218] | 435 | $ec_user_id = $_POST['ec_in_up_usr_list']; |
---|
| 436 | if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) |
---|
[4329] | 437 | return ec_end1('ec_in_up_usr_list', 'User doesn\'t exist : '); |
---|
[4218] | 438 | } |
---|
| 439 | else $action = 'ec_nok'; |
---|
| 440 | } |
---|
| 441 | else $action = 'ec_nok'; |
---|
| 442 | |
---|
[4219] | 443 | if ($_POST['ec_act1'] == 'create') break; |
---|
[4218] | 444 | |
---|
| 445 | case 'duplicate_entry_submit': |
---|
| 446 | |
---|
[4221] | 447 | // Checks of entry value validity |
---|
[4218] | 448 | if ( |
---|
| 449 | !isset($_POST['ec_entry_sel']) or |
---|
| 450 | !array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table']) |
---|
[4329] | 451 | ) return ec_end1( |
---|
| 452 | 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' |
---|
| 453 | ); |
---|
[4218] | 454 | |
---|
[4221] | 455 | // Other checks for user type and value |
---|
[4219] | 456 | if ($_POST['ec_act1'] == 'modify_entry_submit') if ( |
---|
| 457 | !isset($_POST['ec_sel_user']) or ( |
---|
| 458 | $_POST['ec_sel_user'] == 'new' or |
---|
| 459 | $_POST['ec_sel_user'] == 'none' or ( |
---|
| 460 | $_POST['ec_sel_user'] == 'old' and |
---|
| 461 | $_POST['ec_in_up_usr_list'] != |
---|
| 462 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id'] |
---|
[4472] | 463 | ) or |
---|
| 464 | isset($_POST['ec_in_up_forced']) |
---|
[4219] | 465 | ) |
---|
| 466 | ) $del_other = true; |
---|
[4218] | 467 | |
---|
[4219] | 468 | case 'toggle_forced': |
---|
| 469 | |
---|
[4221] | 470 | // Establish default values for unchanged values |
---|
[4219] | 471 | $ec_code = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']; |
---|
| 472 | if ($action == 'ec_ok' and $ec_user_id == 'NULL') |
---|
| 473 | $ec_user_id = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']; |
---|
| 474 | $arg1 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg1']; |
---|
| 475 | $arg2 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg2']; |
---|
[4418] | 476 | $comment = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['comment']; |
---|
[4219] | 477 | if (empty($arg1)) $arg1 = 'NULL'; |
---|
| 478 | if (empty($arg2)) $arg2 = 'NULL'; |
---|
| 479 | if (empty($ec_user_id)) $ec_user_id = 'NULL'; |
---|
| 480 | if ($_POST['ec_act1'] == 'toggle_forced') { |
---|
| 481 | $forced = ( |
---|
| 482 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['forced'] == 'true' |
---|
| 483 | ) ? 'false' : 'true'; |
---|
| 484 | $del_other = ($forced == 'true'); |
---|
| 485 | $action = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['action']; |
---|
| 486 | } |
---|
| 487 | |
---|
| 488 | if ( |
---|
| 489 | $_POST['ec_act1'] == 'toggle_forced' or |
---|
| 490 | $_POST['ec_act1'] == 'modify_entry_submit' |
---|
| 491 | ) { |
---|
| 492 | $is_creation = false; |
---|
| 493 | break; |
---|
| 494 | } |
---|
| 495 | |
---|
[4221] | 496 | // Final check for entry value |
---|
[4218] | 497 | build_ec_duplicable_codes(); |
---|
| 498 | if (!array_key_exists($_POST['ec_entry_sel'], |
---|
| 499 | $ec_lists['duplicable_codes']['ids']) |
---|
[4329] | 500 | ) return ec_end1( |
---|
| 501 | 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' |
---|
| 502 | ); |
---|
[4218] | 503 | |
---|
| 504 | break; |
---|
[4329] | 505 | default: ec_end1('ec_act1', 'Bad argument : '); |
---|
[4169] | 506 | } |
---|
[4221] | 507 | // Pfew ! |
---|
[4173] | 508 | |
---|
[4219] | 509 | if ($_POST['ec_act1'] != 'toggle_forced') { |
---|
| 510 | // Preparation of $arg1, $arg2 |
---|
| 511 | switch ($_POST['ec_input_action']) { |
---|
| 512 | case 'add_p': // Additional Page |
---|
| 513 | if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; |
---|
[4329] | 514 | else ec_end1('ec_in_up_aps', 'Bad argument : '); |
---|
[4219] | 515 | $arg1 = 'NULL'; |
---|
| 516 | break; |
---|
| 517 | case 'cat': // Category |
---|
| 518 | case 'img': // Image |
---|
| 519 | if (isset($_POST['ec_in_up_cat'])) { |
---|
| 520 | $arg1 = $_POST['ec_in_up_cat']; |
---|
| 521 | if ($_POST['ec_input_action'] == 'img') { |
---|
| 522 | if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; |
---|
[4329] | 523 | else ec_end1('ec_in_up_img', 'Bad argument : '); |
---|
[4219] | 524 | } |
---|
| 525 | else $arg2 = 'NULL'; |
---|
[4178] | 526 | } |
---|
[4329] | 527 | else ec_end1('ec_in_up_cat', 'Bad argument : '); |
---|
[4219] | 528 | break; |
---|
| 529 | case 'home': // Home : nothing to do : "arg"s are '' |
---|
| 530 | case 'refused': // $_POST['ec_sel_user'] unset, nothing to do |
---|
| 531 | $arg1 = 'NULL'; $arg2 = 'NULL'; |
---|
| 532 | break; |
---|
[4329] | 533 | default: ec_end1('ec_input_action', 'Bad argument : '); |
---|
[4219] | 534 | } |
---|
| 535 | |
---|
| 536 | // Preparation of $forced |
---|
| 537 | $forced = (isset($_POST['ec_in_up_forced'])) ? 'true' : 'false'; |
---|
| 538 | if ($_POST['ec_act1'] == 'duplicate_entry_submit' and $forced == 'true') |
---|
[4329] | 539 | return ec_end1('ec_in_up_forced', 'Bad argument : '); |
---|
[4219] | 540 | |
---|
[4418] | 541 | // Preparation of $comment |
---|
| 542 | $comment = (isset($_POST['ec_in_up_comment'])) ? |
---|
| 543 | $_POST['ec_in_up_comment'] : $comment; |
---|
| 544 | |
---|
[4219] | 545 | // User and eventually group creation, if needed |
---|
| 546 | if ($_POST['ec_act1'] != 'duplicate_entry_submit') |
---|
| 547 | if (isset($_POST['ec_sel_user']) and $_POST['ec_sel_user'] == 'new') |
---|
| 548 | if (!($ec_user_id = ec_create_user_OK())) return false; |
---|
[4169] | 549 | } |
---|
[4178] | 550 | |
---|
[4219] | 551 | // Now we have all infos : check that future entry doesn't exist already |
---|
| 552 | $arg1p = ($arg1 == 'NULL') ? 'IS NULL' : ' = '.$arg1; |
---|
| 553 | $arg2p = ($arg2 == 'NULL') ? 'IS NULL' : ' = '.$arg2; |
---|
| 554 | $ec_user_idp = ($ec_user_id == 'NULL') ? 'IS NULL' : ' = '.$ec_user_id; |
---|
[8956] | 555 | if (($t1 = mysql_fetch_row(pwg_query(" |
---|
[4219] | 556 | SELECT `id` |
---|
[4282] | 557 | FROM `".EVNTCATS_TABLE."` |
---|
[4219] | 558 | WHERE `code` = '".$ec_code."' |
---|
| 559 | AND `user_id` ".$ec_user_idp." |
---|
| 560 | AND `action` = '".$action."' |
---|
| 561 | AND `arg1` ".$arg1p." |
---|
| 562 | AND `arg2` ".$arg2p." |
---|
| 563 | AND `forced` = '".$forced."' |
---|
[4418] | 564 | AND `comment` = '".$comment."' |
---|
[4219] | 565 | "))) !== false) { // print("<pre>$arg1 $arg2<br>$q</pre>"); |
---|
[4329] | 566 | $page['errors'][] = sprintf(l10n('ec_entry_already_exists'), $t1[0]); |
---|
[4219] | 567 | return false; |
---|
| 568 | } |
---|
| 569 | |
---|
| 570 | // Delete other entries using the same code, if needed |
---|
| 571 | if ($del_other) { |
---|
| 572 | if (( |
---|
[8956] | 573 | $t1 = mysql_fetch_row(pwg_query(" |
---|
[4219] | 574 | SELECT `code` |
---|
[4282] | 575 | FROM `".EVNTCATS_TABLE."` |
---|
[4219] | 576 | WHERE `id` = ".$_POST['ec_entry_sel'] |
---|
| 577 | ))) === false |
---|
| 578 | ) die('Entry not found in DB ?!'); |
---|
| 579 | $r = pwg_query(" |
---|
| 580 | SELECT `id` |
---|
[4282] | 581 | FROM `".EVNTCATS_TABLE."` |
---|
[4219] | 582 | WHERE `code` = '".$t1[0]."' |
---|
| 583 | AND `id` <> ".$_POST['ec_entry_sel'] |
---|
| 584 | ); |
---|
[8956] | 585 | while ($t2 = mysql_fetch_row($r)) if (!ec_delete_entry_OK($t2[0])) |
---|
[4219] | 586 | return false; |
---|
[4179] | 587 | } |
---|
[4169] | 588 | |
---|
[4219] | 589 | // Action ! |
---|
| 590 | $ret = true; |
---|
[4218] | 591 | if ($is_creation) { |
---|
[4179] | 592 | if ( |
---|
| 593 | pwg_query(" |
---|
[4282] | 594 | INSERT INTO `".EVNTCATS_TABLE."` ( |
---|
[4218] | 595 | `code`, |
---|
| 596 | `user_id`, |
---|
| 597 | `action`, |
---|
[4418] | 598 | `arg1`, `arg2`, `forced`, `comment` |
---|
[4218] | 599 | ) |
---|
[4179] | 600 | VALUES ( |
---|
[4218] | 601 | '".$ec_code."', |
---|
[4219] | 602 | ".$ec_user_id.", |
---|
[4218] | 603 | '".$action."', |
---|
[4418] | 604 | ".$arg1.", ".$arg2.", '".$forced."', '".$comment."' |
---|
[4179] | 605 | ); |
---|
| 606 | ") === false |
---|
| 607 | ) { |
---|
[8956] | 608 | $page['errors'][] = |
---|
| 609 | l10n('ec_entry_create_pb').' : '. |
---|
| 610 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
| 611 | ; |
---|
[4219] | 612 | $ret = false; |
---|
[4179] | 613 | } |
---|
| 614 | else { |
---|
[4221] | 615 | build_ec_lists(); // Don't remember exactly why, but must be done here |
---|
[4218] | 616 | $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); |
---|
[4169] | 617 | $page['infos'][] = |
---|
[8956] | 618 | sprintf(l10n('ec_entry_create_OK'), mysql_insert_id()). |
---|
[4219] | 619 | $ec_code.' => '. |
---|
[4218] | 620 | $ec_lists['user_ids'][$ec_user_id].$forced |
---|
[4169] | 621 | ; |
---|
[4219] | 622 | return true; |
---|
[4169] | 623 | } |
---|
| 624 | } |
---|
[4218] | 625 | else { |
---|
| 626 | if ( |
---|
| 627 | pwg_query(" |
---|
[4282] | 628 | UPDATE `".EVNTCATS_TABLE."` |
---|
[4218] | 629 | SET |
---|
[4219] | 630 | `user_id` = ".$ec_user_id.", |
---|
[4218] | 631 | `action` = '".$action."', |
---|
[4219] | 632 | `arg1` = ".$arg1.", |
---|
| 633 | `arg2` = ".$arg2.", |
---|
[4418] | 634 | `forced` = '".$forced."', |
---|
| 635 | `comment` = '".$comment."' |
---|
[4218] | 636 | WHERE `id` = '".$_POST['ec_entry_sel']."' |
---|
| 637 | ") === false |
---|
| 638 | ) { |
---|
[8956] | 639 | $page['errors'][] = |
---|
| 640 | l10n('ec_entry_create_pb').' : '. |
---|
| 641 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
| 642 | ; |
---|
[4219] | 643 | $ret = false; |
---|
[4218] | 644 | } |
---|
[4329] | 645 | else $page['infos'][] = sprintf( |
---|
| 646 | l10n('ec_entry_modify_OK'), $_POST['ec_entry_sel'] |
---|
| 647 | ); |
---|
[4218] | 648 | } |
---|
[4219] | 649 | build_ec_lists(); |
---|
| 650 | return $ret; |
---|
[4169] | 651 | } |
---|
| 652 | |
---|
| 653 | /* |
---|
[4218] | 654 | * ec_delete_entry_OK($ec_id) |
---|
| 655 | * tries to delete an existing entry. |
---|
[4169] | 656 | * |
---|
| 657 | * @param |
---|
[4218] | 658 | * $ec_id : the entry to be deleted |
---|
[4169] | 659 | * @return |
---|
[4218] | 660 | * true or false whether deleting succeeded. |
---|
[4169] | 661 | */ |
---|
[4218] | 662 | function ec_delete_entry_OK($ec_id) { |
---|
| 663 | global $page; |
---|
[8956] | 664 | if (count($t = mysql_fetch_row(pwg_query(" |
---|
[4436] | 665 | SELECT `code` |
---|
| 666 | FROM `".EVNTCATS_TABLE."` |
---|
| 667 | WHERE `id` = $ec_id; |
---|
| 668 | "))) == 0) { |
---|
| 669 | $page['errors'][] = sprintf(l10n('ec_entry_dont_exist'), $ec_id); |
---|
| 670 | return false; |
---|
| 671 | } |
---|
[4329] | 672 | if (pwg_query(" |
---|
[4282] | 673 | DELETE FROM `".EVNTCATS_TABLE."` |
---|
[4218] | 674 | WHERE `id` = ".$ec_id |
---|
[4329] | 675 | ) === false) { |
---|
[8956] | 676 | $page['errors'][] = |
---|
| 677 | sprintf(l10n('ec_entry_del_nok'), |
---|
| 678 | $ec_id). |
---|
| 679 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
[4218] | 680 | return false; |
---|
[4169] | 681 | } |
---|
[4436] | 682 | $page['infos'][] = sprintf(l10n('ec_entry_del_ok'), $ec_id, $t[0]); |
---|
[4218] | 683 | return true; |
---|
[4169] | 684 | } |
---|
| 685 | |
---|
| 686 | ?> |
---|