1 | <?php |
---|
2 | |
---|
3 | // +-----------------------------------------------------------------------+ |
---|
4 | // | Piwigo - a PHP based picture gallery | |
---|
5 | // +-----------------------------------------------------------------------+ |
---|
6 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
7 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
8 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
9 | // +-----------------------------------------------------------------------+ |
---|
10 | // | This program is free software; you can redistribute it and/or modify | |
---|
11 | // | it under the terms of the GNU General Public License as published by | |
---|
12 | // | the Free Software Foundation | |
---|
13 | // | | |
---|
14 | // | This program is distributed in the hope that it will be useful, but | |
---|
15 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
16 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
17 | // | General Public License for more details. | |
---|
18 | // | | |
---|
19 | // | You should have received a copy of the GNU General Public License | |
---|
20 | // | along with this program; if not, write to the Free Software | |
---|
21 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
22 | // | USA. | |
---|
23 | // +-----------------------------------------------------------------------+ |
---|
24 | |
---|
25 | // Keeps file coded in UTF-8 without BOM : é |
---|
26 | |
---|
27 | // *************************************************************************** |
---|
28 | // ** evntcats_admin_funcs.php : Admin functions (include) ** |
---|
29 | // ** for Piwigo plugin Event Cats ** |
---|
30 | // *************************************************************************** |
---|
31 | |
---|
32 | // +-----------------------------------------------------------------------+ |
---|
33 | // | Header | |
---|
34 | // +-----------------------------------------------------------------------+ |
---|
35 | |
---|
36 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
37 | |
---|
38 | global $conf, $page; |
---|
39 | |
---|
40 | // +-----------------------------------------------------------------------+ |
---|
41 | // | Utilities functions | |
---|
42 | // +-----------------------------------------------------------------------+ |
---|
43 | |
---|
44 | /* |
---|
45 | * ec_end1() |
---|
46 | * Process repetitive task when error in database modifying functions. |
---|
47 | * |
---|
48 | * @param |
---|
49 | * $pst : $_POST argument |
---|
50 | * $msg : message |
---|
51 | * @return |
---|
52 | * false as this function is used when there is a problem |
---|
53 | */ |
---|
54 | function ec_end1($pst, $msg) { |
---|
55 | global $page; |
---|
56 | if (isset($_POST[$pst])) |
---|
57 | $page['errors'][] = |
---|
58 | l10n($msg). |
---|
59 | '$_POST[\''.$pst.'\'] = '. |
---|
60 | $_POST[$pst]; |
---|
61 | else |
---|
62 | $page['errors'][] = |
---|
63 | l10n($msg). |
---|
64 | '$_POST[\''.$pst.'\'] unset'; |
---|
65 | return false; |
---|
66 | } |
---|
67 | |
---|
68 | /* |
---|
69 | * ec_end2() |
---|
70 | * Process repetitive task when error in database modifying functions. |
---|
71 | * |
---|
72 | * @param |
---|
73 | * $n : number to display |
---|
74 | * @return |
---|
75 | * false as this function is used when there is a problem |
---|
76 | */ |
---|
77 | function ec_end2($n) { |
---|
78 | global $page; |
---|
79 | $page['errors'][] = |
---|
80 | sprintf(l10n('ec_DB_problem'), $n). |
---|
81 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
82 | return false; |
---|
83 | } |
---|
84 | |
---|
85 | /* |
---|
86 | * ec_create_user_OK() |
---|
87 | * Creates new generic user and eventually new group as described in $_POST. |
---|
88 | * Assumes that the validity of the different indexes of $_POST it uses, have |
---|
89 | * already been checked. |
---|
90 | * |
---|
91 | * @param |
---|
92 | * no param needed |
---|
93 | * @return |
---|
94 | * the created user_id or false whether all operations suceeded or not |
---|
95 | */ |
---|
96 | function ec_create_user_OK() { |
---|
97 | global $page, $ec_lists; |
---|
98 | |
---|
99 | // This function assumes that the validity of the different indexes of |
---|
100 | // $_POST it uses, have already been checked. |
---|
101 | |
---|
102 | // User creation, as generic |
---|
103 | $ec_user_id = false; |
---|
104 | $page['errors'] = register_user( |
---|
105 | $_POST['login'], $_POST['password'], '', false |
---|
106 | ); |
---|
107 | if ( |
---|
108 | count($page['errors']) != 0 or |
---|
109 | !($ec_user_id = get_userid($_POST['login'])) |
---|
110 | ) { |
---|
111 | array_unshift($page['errors'], l10n('ec_user_create_pb')); |
---|
112 | return false; |
---|
113 | } |
---|
114 | else |
---|
115 | $page['infos'][] = sprintf(l10n('ec_user_create_OK'), $_POST['login']); |
---|
116 | if ( |
---|
117 | pwg_query(" |
---|
118 | UPDATE `".USER_INFOS_TABLE."` |
---|
119 | SET `status` = 'generic' |
---|
120 | WHERE `user_id` = ".$ec_user_id."; |
---|
121 | ") !== false |
---|
122 | ) |
---|
123 | $page['infos'][] = sprintf(l10n('ec_user_generic_OK'), $_POST['login']); |
---|
124 | else |
---|
125 | $page['errors'][] = sprintf(l10n('ec_user_generic_pb'), $_POST['login']); |
---|
126 | |
---|
127 | // New group creation if required, and association with user_id, and if |
---|
128 | // needed category or add. p., at the same time |
---|
129 | if ( |
---|
130 | isset($_POST['ec_in_up_newgroup']) and |
---|
131 | isset($_POST['groupname']) and |
---|
132 | $_POST['groupname'] != '' |
---|
133 | ) { |
---|
134 | // Checks if a group named $_POST['groupname'] already exists. |
---|
135 | // If not, creates it : then, t4 is no more false. In any case, t3 gets |
---|
136 | // the id of the group named $_POST['groupname']. |
---|
137 | $t2 = 0; $t3 = false; $t4 = false; |
---|
138 | while ( // The check is executed once at minimum |
---|
139 | (is_null($t3 = pwg_db_fetch_row(pwg_query(" |
---|
140 | SELECT `id` |
---|
141 | FROM `".GROUPS_TABLE."` |
---|
142 | WHERE `name` = '".$_POST['groupname']."'; |
---|
143 | "))) or !$t3) and |
---|
144 | $t2++ == 0 // The check is executed twice at maximum |
---|
145 | ) |
---|
146 | $t4 = pwg_query(" |
---|
147 | INSERT INTO `".GROUPS_TABLE."` (`name`, `is_default`) |
---|
148 | VALUES ('".$_POST['groupname']."', 'false'); |
---|
149 | "); // Cannot be executed twice |
---|
150 | if ($t4) |
---|
151 | $page['infos'][] = |
---|
152 | sprintf(l10n('ec_group_create_OK'), $_POST['groupname']); |
---|
153 | if (!$t3) |
---|
154 | $page['errors'][] = |
---|
155 | sprintf(l10n('ec_group_create_pb'), $_POST['groupname']).' (1) : '. |
---|
156 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
157 | if ( |
---|
158 | pwg_query(" |
---|
159 | INSERT INTO `".USER_GROUP_TABLE."` (`user_id`, `group_id`) |
---|
160 | VALUES ('".$ec_user_id."', '".$t3[0]."'); |
---|
161 | ") === false |
---|
162 | ) $page['errors'][] = |
---|
163 | sprintf(l10n('ec_group_create_pb'), $_POST['groupname']).' (2) : '. |
---|
164 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
165 | else $page['infos'][] = sprintf( |
---|
166 | l10n('ec_group_create_OK2'), |
---|
167 | $_POST['login'], $_POST['groupname'] |
---|
168 | ); |
---|
169 | |
---|
170 | // If a category id has been posted, the newly created group must be |
---|
171 | // allowed to navigate in this category |
---|
172 | // We are in the group creation block, thus the we know this group cannot |
---|
173 | // be associated to any category |
---|
174 | if ( |
---|
175 | isset($_POST['ec_in_up_cat']) and |
---|
176 | array_key_exists($_POST['ec_in_up_cat'], $ec_lists['categories']) |
---|
177 | ) { |
---|
178 | if (pwg_db_num_rows(pwg_query(" |
---|
179 | SELECT `id` |
---|
180 | FROM `".CATEGORIES_TABLE."` |
---|
181 | WHERE `id` = '".$_POST['ec_in_up_cat']."'; |
---|
182 | ")) == 0) return ec_end1('ec_in_up_cat', 'Category doesn\'t exist : '); |
---|
183 | else { |
---|
184 | $private_uppercats = array_from_query(" |
---|
185 | SELECT `id` |
---|
186 | FROM `".CATEGORIES_TABLE."` |
---|
187 | WHERE `id` IN (". |
---|
188 | implode(',', get_uppercat_ids(array($_POST['ec_in_up_cat']))). |
---|
189 | ") |
---|
190 | AND `status` = 'private'; |
---|
191 | ", 'id'); |
---|
192 | $inserts = array(); |
---|
193 | foreach ($private_uppercats as $cat_id) |
---|
194 | $inserts[] = array( |
---|
195 | 'group_id' => $t3[0], |
---|
196 | 'cat_id' => $cat_id |
---|
197 | ); |
---|
198 | mass_inserts(GROUP_ACCESS_TABLE,array('group_id','cat_id'), $inserts); |
---|
199 | if (pwg_db_errno() == 0) |
---|
200 | $page['infos'][] = sprintf( |
---|
201 | l10n('ec_group_create_OK2'), |
---|
202 | $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
203 | ); |
---|
204 | else |
---|
205 | $page['errors'][] = sprintf( |
---|
206 | l10n('ec_assoc_pb'), |
---|
207 | $_POST['groupname'],$ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
208 | ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
209 | } |
---|
210 | } |
---|
211 | |
---|
212 | // If an add. p. id has been posted, the newly created group must be |
---|
213 | // allowed to navigate in this additional page |
---|
214 | if ( |
---|
215 | isset($_POST['ec_in_up_aps']) and |
---|
216 | array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) |
---|
217 | ) { |
---|
218 | $granted_groups = array(); |
---|
219 | $title_arr = array_from_query(" |
---|
220 | SELECT `title` |
---|
221 | FROM `".ADD_PAGES_TABLE."` |
---|
222 | WHERE `id` = ".$_POST['ec_in_up_aps']."; |
---|
223 | ", 'title'); |
---|
224 | $t_user = (is_in($title_arr[0], '/user_id=')) ? |
---|
225 | explode('/user_id=', $title_arr[0]) : array($title_arr[0]); |
---|
226 | if (is_in($t_user[0], '/group_id=')) { |
---|
227 | $t_group = explode('/group_id=', $t_user[0]); |
---|
228 | $granted_groups = explode(',', $t_group[1]); |
---|
229 | } |
---|
230 | else $t_group[0] = $t_user[0]; |
---|
231 | if (!in_array($t3[0], $granted_groups)) { |
---|
232 | $granted_groups[] = $t3[0]; |
---|
233 | $t_group[1] = implode(',', $granted_groups); |
---|
234 | $t_user[0] = implode('/group_id=', $t_group); |
---|
235 | if (pwg_query(" |
---|
236 | UPDATE `".ADD_PAGES_TABLE."` |
---|
237 | SET `title` = '".implode('/user_id=', $t_user)."' |
---|
238 | WHERE `id` = ".$_POST['ec_in_up_aps']."; |
---|
239 | ") === false) |
---|
240 | $page['errors'][] = sprintf( |
---|
241 | l10n('ec_assoc_pb'), |
---|
242 | $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] |
---|
243 | ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
244 | else $page['infos'][] = sprintf( |
---|
245 | l10n('ec_group_create_OK2'), |
---|
246 | $_POST['groupname'],$ec_lists['add_pages'][$_POST['ec_in_up_aps']] |
---|
247 | ); |
---|
248 | } |
---|
249 | } |
---|
250 | } |
---|
251 | else { |
---|
252 | // If a category id has been posted, the newly created user must be |
---|
253 | // allowed to navigate in this category, if it is not the case yet |
---|
254 | if ( |
---|
255 | isset($_POST['ec_in_up_cat']) and |
---|
256 | array_key_exists($_POST['ec_in_up_cat'], $ec_lists['categories']) |
---|
257 | ) { |
---|
258 | $private_uppercats = array_from_query(" |
---|
259 | SELECT `id` |
---|
260 | FROM `".CATEGORIES_TABLE."` |
---|
261 | WHERE `id` IN (". |
---|
262 | implode(',', get_uppercat_ids(array($_POST['ec_in_up_cat']))). |
---|
263 | ") |
---|
264 | AND `status` = 'private'; |
---|
265 | ", 'id'); |
---|
266 | // We must not reinsert already existing lines in user_access table |
---|
267 | $granteds = array(); |
---|
268 | foreach ($private_uppercats as $cat_id) |
---|
269 | $granteds[$cat_id] = array(); |
---|
270 | $result = pwg_query(" |
---|
271 | SELECT `user_id`, `cat_id` |
---|
272 | FROM `".USER_ACCESS_TABLE."` |
---|
273 | WHERE `cat_id` IN (".implode(',', $private_uppercats).") |
---|
274 | AND `user_id` = '$ec_user_id'; |
---|
275 | "); |
---|
276 | while ($row = pwg_db_fetch_assoc($result)) |
---|
277 | $granteds[$row['cat_id']][] = $row['user_id']; |
---|
278 | $inserts = array(); |
---|
279 | foreach ($private_uppercats as $cat_id) |
---|
280 | if (!in_array($ec_user_id, $granteds[$cat_id])) |
---|
281 | $inserts[] = array( |
---|
282 | 'user_id' => $ec_user_id, |
---|
283 | 'cat_id' => $cat_id |
---|
284 | ); |
---|
285 | if (count($inserts) != 0) { |
---|
286 | mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $inserts); |
---|
287 | if (pwg_db_errno() == 0) |
---|
288 | $page['infos'][] = sprintf( |
---|
289 | l10n('ec_group_create_OK2'), |
---|
290 | $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
291 | ); |
---|
292 | else |
---|
293 | $page['errors'][] = sprintf( |
---|
294 | l10n('ec_assoc_pb'), |
---|
295 | $_POST['login'], $ec_lists['categories'][$_POST['ec_in_up_cat']] |
---|
296 | ).' : MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
297 | } |
---|
298 | } |
---|
299 | |
---|
300 | // If an add. p. id has been posted, the newly created user should be |
---|
301 | // allowed to navigate in this additional page => give a warning message |
---|
302 | if ( |
---|
303 | isset($_POST['ec_in_up_aps']) and |
---|
304 | array_key_exists($_POST['ec_in_up_aps'], $ec_lists['add_pages']) |
---|
305 | ) $page['errors'][] = sprintf( |
---|
306 | l10n('ec_user_access_AP'), |
---|
307 | $ec_lists['add_pages'][$_POST['ec_in_up_aps']], |
---|
308 | $_POST['login'] |
---|
309 | ); |
---|
310 | } |
---|
311 | return $ec_user_id; |
---|
312 | } |
---|
313 | |
---|
314 | // +-----------------------------------------------------------------------+ |
---|
315 | // | Tables building functions | |
---|
316 | // +-----------------------------------------------------------------------+ |
---|
317 | |
---|
318 | /* |
---|
319 | * build_ec_duplicable_codes() |
---|
320 | * |
---|
321 | * |
---|
322 | * @param |
---|
323 | * no parameter passed, the main material on which works the function, is |
---|
324 | * the global array variable $ec_lists. |
---|
325 | * @return |
---|
326 | * (no return value) |
---|
327 | */ |
---|
328 | function build_ec_duplicable_codes() { |
---|
329 | global $ec_lists, $template; |
---|
330 | $ec_lists['duplicable_codes'] = array(); |
---|
331 | $t = array(); |
---|
332 | foreach ($ec_lists['ec_table'] as $ec_entry) { |
---|
333 | if ( |
---|
334 | is_in($ec_entry['action'], 'ec_ok') and |
---|
335 | $ec_entry['forced'] == 'false' |
---|
336 | ) { |
---|
337 | $t[$ec_entry['id']] = $ec_entry['code']; |
---|
338 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = |
---|
339 | $ec_entry['id']; |
---|
340 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['comment'] = |
---|
341 | $ec_entry['comment']; |
---|
342 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = |
---|
343 | $ec_entry['user_id']; |
---|
344 | } |
---|
345 | } |
---|
346 | foreach ($t as $ec_id => $ec_code) { |
---|
347 | $ec_lists['duplicable_codes']['ids'][$ec_id] = |
---|
348 | $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; |
---|
349 | $ec_lists['duplicable_codes']['comment'][$ec_id] = |
---|
350 | $ec_lists['duplicable_codes']['codes'][$ec_code]['comment']; |
---|
351 | } |
---|
352 | |
---|
353 | // Builds a category list displayed a best way |
---|
354 | build_ec_categories(false); |
---|
355 | } |
---|
356 | |
---|
357 | // +-----------------------------------------------------------------------+ |
---|
358 | // | Database modifying functions | |
---|
359 | // +-----------------------------------------------------------------------+ |
---|
360 | |
---|
361 | /* |
---|
362 | * ec_create_modify_entry_OK() |
---|
363 | * returns true or false whether the creation of a new entry described by |
---|
364 | * $_POST was OK or not. |
---|
365 | * |
---|
366 | * @param |
---|
367 | * no param |
---|
368 | * @return |
---|
369 | * true if creation was OK ; false if not |
---|
370 | */ |
---|
371 | function ec_create_modify_entry_OK() { |
---|
372 | global $page, $ec_lists; |
---|
373 | |
---|
374 | // $_POST validity checks : action prevented in case of bad arguments |
---|
375 | |
---|
376 | if (!isset($_POST['ec_act1'])) |
---|
377 | return ec_end1('ec_act1', 'Bad argument : '); |
---|
378 | |
---|
379 | if ( |
---|
380 | ($_POST['ec_act1']) != 'toggle_forced' and |
---|
381 | !isset($_POST['ec_input_action']) |
---|
382 | ) return ec_end1('ec_input_action', 'Bad argument : '); |
---|
383 | |
---|
384 | $is_creation = true; |
---|
385 | $ec_user_id = 'NULL'; |
---|
386 | $action = 'ec_ok'; |
---|
387 | $del_other = false; |
---|
388 | $comment = ''; |
---|
389 | switch ($_POST['ec_act1']) { |
---|
390 | |
---|
391 | // This "switch" statement is a little bit tricky... it has been a pain to |
---|
392 | // debug, and I wish to nobody to have to modify it :-\ ! |
---|
393 | // Its principle is that it manages checks for four occurrences of |
---|
394 | // $_POST['ec_act1'] : 'create', 'modify_entry_submit', |
---|
395 | // 'duplicate_entry_submit', and 'toggle_forced'. Some checks are mutual |
---|
396 | // between different occurences, but never all checks of each occurrence |
---|
397 | // of $_POST['ec_act1']. So tests are done with "if" statements to |
---|
398 | // produce "break" statements when needed. |
---|
399 | |
---|
400 | case 'create': |
---|
401 | |
---|
402 | // Stops if given code or user type are incorrect |
---|
403 | if ( |
---|
404 | !isset($_POST['ec_in_up_code']) or |
---|
405 | !preg_match('/^[a-zA-Z0-9_-]{4,32}$/', $_POST['ec_in_up_code']) |
---|
406 | ) return ec_end1('ec_in_up_code', 'Improper code : '); |
---|
407 | else $ec_code = $_POST['ec_in_up_code']; |
---|
408 | |
---|
409 | foreach ($ec_lists['ec_table'] as $ec_entry) |
---|
410 | if ($ec_code == $ec_entry['code']) |
---|
411 | return ec_end1('ec_in_up_code', 'Code already exists : '); |
---|
412 | |
---|
413 | if ( |
---|
414 | !isset($_POST['ec_sel_user']) or ( |
---|
415 | $_POST['ec_sel_user'] != 'new' and |
---|
416 | $_POST['ec_sel_user'] != 'old' |
---|
417 | ) |
---|
418 | ) return ec_end1('ec_sel_user', 'Bad argument : '); |
---|
419 | |
---|
420 | case 'modify_entry_submit': |
---|
421 | |
---|
422 | // First checks for user type and/or value |
---|
423 | if (isset($_POST['ec_sel_user'])) { |
---|
424 | if ($_POST['ec_sel_user'] == 'new') { |
---|
425 | if ( |
---|
426 | !isset($_POST['login']) or |
---|
427 | $_POST['login'] == '' |
---|
428 | ) return ec_end1('login', 'Bad argument : '); |
---|
429 | if (in_array($_POST['login'], $ec_lists['user_ids'])) |
---|
430 | return ec_end1('login', 'User already exists : '); |
---|
431 | } |
---|
432 | elseif ($_POST['ec_sel_user'] == 'old') { |
---|
433 | if (!isset($_POST['ec_in_up_usr_list'])) |
---|
434 | return ec_end1('login', 'Bad argument : '); |
---|
435 | $ec_user_id = $_POST['ec_in_up_usr_list']; |
---|
436 | if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) |
---|
437 | return ec_end1('ec_in_up_usr_list', 'User doesn\'t exist : '); |
---|
438 | } |
---|
439 | else $action = 'ec_nok'; |
---|
440 | } |
---|
441 | else $action = 'ec_nok'; |
---|
442 | |
---|
443 | if ($_POST['ec_act1'] == 'create') break; |
---|
444 | |
---|
445 | case 'duplicate_entry_submit': |
---|
446 | |
---|
447 | // Checks of entry value validity |
---|
448 | if ( |
---|
449 | !isset($_POST['ec_entry_sel']) or |
---|
450 | !array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table']) |
---|
451 | ) return ec_end1( |
---|
452 | 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' |
---|
453 | ); |
---|
454 | |
---|
455 | // Other checks for user type and value |
---|
456 | if ($_POST['ec_act1'] == 'modify_entry_submit') if ( |
---|
457 | !isset($_POST['ec_sel_user']) or ( |
---|
458 | $_POST['ec_sel_user'] == 'new' or |
---|
459 | $_POST['ec_sel_user'] == 'none' or ( |
---|
460 | $_POST['ec_sel_user'] == 'old' and |
---|
461 | $_POST['ec_in_up_usr_list'] != |
---|
462 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id'] |
---|
463 | ) or |
---|
464 | isset($_POST['ec_in_up_forced']) |
---|
465 | ) |
---|
466 | ) $del_other = true; |
---|
467 | |
---|
468 | case 'toggle_forced': |
---|
469 | |
---|
470 | // Establish default values for unchanged values |
---|
471 | $ec_code = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']; |
---|
472 | if ($action == 'ec_ok' and $ec_user_id == 'NULL') |
---|
473 | $ec_user_id = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']; |
---|
474 | $arg1 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg1']; |
---|
475 | $arg2 = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['arg2']; |
---|
476 | $comment = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['comment']; |
---|
477 | if (empty($arg1)) $arg1 = 'NULL'; |
---|
478 | if (empty($arg2)) $arg2 = 'NULL'; |
---|
479 | if (empty($ec_user_id)) $ec_user_id = 'NULL'; |
---|
480 | if ($_POST['ec_act1'] == 'toggle_forced') { |
---|
481 | $forced = ( |
---|
482 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['forced'] == 'true' |
---|
483 | ) ? 'false' : 'true'; |
---|
484 | $del_other = ($forced == 'true'); |
---|
485 | $action = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['action']; |
---|
486 | } |
---|
487 | |
---|
488 | if ( |
---|
489 | $_POST['ec_act1'] == 'toggle_forced' or |
---|
490 | $_POST['ec_act1'] == 'modify_entry_submit' |
---|
491 | ) { |
---|
492 | $is_creation = false; |
---|
493 | break; |
---|
494 | } |
---|
495 | |
---|
496 | // Final check for entry value |
---|
497 | build_ec_duplicable_codes(); |
---|
498 | if (!array_key_exists($_POST['ec_entry_sel'], |
---|
499 | $ec_lists['duplicable_codes']['ids']) |
---|
500 | ) return ec_end1( |
---|
501 | 'ec_entry_sel', 'Code doesn\'t exist or non-duplicable code : ' |
---|
502 | ); |
---|
503 | |
---|
504 | break; |
---|
505 | default: ec_end1('ec_act1', 'Bad argument : '); |
---|
506 | } |
---|
507 | // Pfew ! |
---|
508 | |
---|
509 | if ($_POST['ec_act1'] != 'toggle_forced') { |
---|
510 | // Preparation of $arg1, $arg2 |
---|
511 | switch ($_POST['ec_input_action']) { |
---|
512 | case 'add_p': // Additional Page |
---|
513 | if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; |
---|
514 | else ec_end1('ec_in_up_aps', 'Bad argument : '); |
---|
515 | $arg1 = 'NULL'; |
---|
516 | break; |
---|
517 | case 'cat': // Category |
---|
518 | case 'img': // Image |
---|
519 | if (isset($_POST['ec_in_up_cat'])) { |
---|
520 | $arg1 = $_POST['ec_in_up_cat']; |
---|
521 | if ($_POST['ec_input_action'] == 'img') { |
---|
522 | if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; |
---|
523 | else ec_end1('ec_in_up_img', 'Bad argument : '); |
---|
524 | } |
---|
525 | else $arg2 = 'NULL'; |
---|
526 | } |
---|
527 | else ec_end1('ec_in_up_cat', 'Bad argument : '); |
---|
528 | break; |
---|
529 | case 'home': // Home : nothing to do : "arg"s are '' |
---|
530 | case 'refused': // $_POST['ec_sel_user'] unset, nothing to do |
---|
531 | $arg1 = 'NULL'; $arg2 = 'NULL'; |
---|
532 | break; |
---|
533 | default: ec_end1('ec_input_action', 'Bad argument : '); |
---|
534 | } |
---|
535 | |
---|
536 | // Preparation of $forced |
---|
537 | $forced = (isset($_POST['ec_in_up_forced'])) ? 'true' : 'false'; |
---|
538 | if ($_POST['ec_act1'] == 'duplicate_entry_submit' and $forced == 'true') |
---|
539 | return ec_end1('ec_in_up_forced', 'Bad argument : '); |
---|
540 | |
---|
541 | // Preparation of $comment |
---|
542 | $comment = (isset($_POST['ec_in_up_comment'])) ? |
---|
543 | $_POST['ec_in_up_comment'] : $comment; |
---|
544 | |
---|
545 | // User and eventually group creation, if needed |
---|
546 | if ($_POST['ec_act1'] != 'duplicate_entry_submit') |
---|
547 | if (isset($_POST['ec_sel_user']) and $_POST['ec_sel_user'] == 'new') |
---|
548 | if (!($ec_user_id = ec_create_user_OK())) return false; |
---|
549 | } |
---|
550 | |
---|
551 | // Now we have all infos : check that future entry doesn't exist already |
---|
552 | $arg1p = ($arg1 == 'NULL') ? 'IS NULL' : ' = '.$arg1; |
---|
553 | $arg2p = ($arg2 == 'NULL') ? 'IS NULL' : ' = '.$arg2; |
---|
554 | $ec_user_idp = ($ec_user_id == 'NULL') ? 'IS NULL' : ' = '.$ec_user_id; |
---|
555 | $r = pwg_query(" |
---|
556 | SELECT `id` |
---|
557 | FROM `".EVNTCATS_TABLE."` |
---|
558 | WHERE `code` = '".$ec_code."' |
---|
559 | AND `user_id` ".$ec_user_idp." |
---|
560 | AND `action` = '".$action."' |
---|
561 | AND `arg1` ".$arg1p." |
---|
562 | AND `arg2` ".$arg2p." |
---|
563 | AND `forced` = '".$forced."' |
---|
564 | AND `comment` = '".$comment."' |
---|
565 | "); |
---|
566 | if (pwg_db_num_rows($r)) { // print("<pre>$arg1 $arg2<br>$q</pre>"); |
---|
567 | $t1 = pwg_db_fetch_row(); |
---|
568 | $page['errors'][] = sprintf(l10n('ec_entry_already_exists'), $t1[0]); |
---|
569 | return false; |
---|
570 | } |
---|
571 | |
---|
572 | // Delete other entries using the same code, if needed |
---|
573 | if ($del_other) { |
---|
574 | $r = pwg_query(" |
---|
575 | SELECT `code` |
---|
576 | FROM `".EVNTCATS_TABLE."` |
---|
577 | WHERE `id` = ".$_POST['ec_entry_sel'] |
---|
578 | ); |
---|
579 | if (!pwg_db_num_rows($r)) die('Entry not found in DB ?!'); |
---|
580 | $t1 = pwg_db_fetch_row($r); |
---|
581 | $r = pwg_query(" |
---|
582 | SELECT `id` |
---|
583 | FROM `".EVNTCATS_TABLE."` |
---|
584 | WHERE `code` = '".$t1[0]."' |
---|
585 | AND `id` <> ".$_POST['ec_entry_sel'] |
---|
586 | ); |
---|
587 | while ($t2 = pwg_db_fetch_row($r)) if (!ec_delete_entry_OK($t2[0])) |
---|
588 | return false; |
---|
589 | } |
---|
590 | |
---|
591 | // Action ! |
---|
592 | $ret = true; |
---|
593 | if ($is_creation) { |
---|
594 | if ( |
---|
595 | pwg_query(" |
---|
596 | INSERT INTO `".EVNTCATS_TABLE."` ( |
---|
597 | `code`, |
---|
598 | `user_id`, |
---|
599 | `action`, |
---|
600 | `arg1`, `arg2`, `forced`, `comment` |
---|
601 | ) |
---|
602 | VALUES ( |
---|
603 | '".$ec_code."', |
---|
604 | ".$ec_user_id.", |
---|
605 | '".$action."', |
---|
606 | ".$arg1.", ".$arg2.", '".$forced."', '".$comment."' |
---|
607 | ); |
---|
608 | ") === false |
---|
609 | ) { |
---|
610 | $page['errors'][] = |
---|
611 | l10n('ec_entry_create_pb').' : '. |
---|
612 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"' |
---|
613 | ; |
---|
614 | $ret = false; |
---|
615 | } |
---|
616 | else { |
---|
617 | // There is an issue with pwg_db_insert_id() (actually with procedures |
---|
618 | // used in pwg_db_insert_id()): if last entry has id 2, |
---|
619 | // but entries 0 and 1 have been deleted, created entry gets id 3, |
---|
620 | // but pwg_db_insert_id() returns 0. Thus is it necessary here to get |
---|
621 | // the id another way. |
---|
622 | $r = pwg_query(" |
---|
623 | SELECT `id` |
---|
624 | FROM `".EVNTCATS_TABLE."` |
---|
625 | WHERE `code` = '".$ec_code."'" |
---|
626 | ); |
---|
627 | $t2 = pwg_db_fetch_row($r); |
---|
628 | |
---|
629 | build_ec_lists(); // Don't remember exactly why, but must be done here |
---|
630 | $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); |
---|
631 | $page['infos'][] = |
---|
632 | sprintf(l10n('ec_entry_create_OK'), $t2[0]). |
---|
633 | $ec_code.' => '. |
---|
634 | $ec_lists['user_ids'][$ec_user_id].$forced |
---|
635 | ; |
---|
636 | return true; |
---|
637 | } |
---|
638 | } |
---|
639 | else { |
---|
640 | if ( |
---|
641 | pwg_query(" |
---|
642 | UPDATE `".EVNTCATS_TABLE."` |
---|
643 | SET |
---|
644 | `user_id` = ".$ec_user_id.", |
---|
645 | `action` = '".$action."', |
---|
646 | `arg1` = ".$arg1.", |
---|
647 | `arg2` = ".$arg2.", |
---|
648 | `forced` = '".$forced."', |
---|
649 | `comment` = '".$comment."' |
---|
650 | WHERE `id` = '".$_POST['ec_entry_sel']."' |
---|
651 | ") === false |
---|
652 | ) { |
---|
653 | $page['errors'][] = |
---|
654 | l10n('ec_entry_create_pb').' : '. |
---|
655 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"' |
---|
656 | ; |
---|
657 | $ret = false; |
---|
658 | } |
---|
659 | else $page['infos'][] = sprintf( |
---|
660 | l10n('ec_entry_modify_OK'), $_POST['ec_entry_sel'] |
---|
661 | ); |
---|
662 | } |
---|
663 | build_ec_lists(); |
---|
664 | return $ret; |
---|
665 | } |
---|
666 | |
---|
667 | /* |
---|
668 | * ec_delete_entry_OK($ec_id) |
---|
669 | * tries to delete an existing entry. |
---|
670 | * |
---|
671 | * @param |
---|
672 | * $ec_id : the entry to be deleted |
---|
673 | * @return |
---|
674 | * true or false whether deleting succeeded. |
---|
675 | */ |
---|
676 | function ec_delete_entry_OK($ec_id) { |
---|
677 | global $page; |
---|
678 | $r = pwg_query(" |
---|
679 | SELECT `code` |
---|
680 | FROM `".EVNTCATS_TABLE."` |
---|
681 | WHERE `id` = $ec_id; |
---|
682 | "); |
---|
683 | if (!pwg_db_num_rows($r)) { |
---|
684 | $page['errors'][] = sprintf(l10n('ec_entry_dont_exist'), $ec_id); |
---|
685 | return false; |
---|
686 | } |
---|
687 | $t = pwg_db_fetch_row($r); |
---|
688 | if (pwg_query(" |
---|
689 | DELETE FROM `".EVNTCATS_TABLE."` |
---|
690 | WHERE `id` = ".$ec_id |
---|
691 | ) === false) { |
---|
692 | $page['errors'][] = |
---|
693 | sprintf(l10n('ec_entry_del_nok'), |
---|
694 | $ec_id). |
---|
695 | 'MySQL error '.pwg_db_errno().', "'.pwg_db_error().'"'; |
---|
696 | return false; |
---|
697 | } |
---|
698 | $page['infos'][] = sprintf(l10n('ec_entry_del_ok'), $ec_id, $t[0]); |
---|
699 | return true; |
---|
700 | } |
---|
701 | |
---|
702 | ?> |
---|