Context Navigation

source: trunk/admin/group_list.php @ 26019

Last change on this file since 26019 was 25975, checked in by rvelices, 11 years ago
invalidate_user_cache fix in web service method + do not invalidate user cache on every page hit on album list, photo etc ...
Property svn:eol-style set to `LF`
File size: 12.7 KB

Rev	Line
[21]	1	<?php
[362]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[19703]	5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[815]	23
[623]	24	if( !defined("PHPWG_ROOT_PATH") )
	25	{
[815]	26	die ("Hacking attempt!");
[623]	27	}
	28
[1072]	29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	30
[815]	31	// +-----------------------------------------------------------------------+
[25449]	32	// \| tabs \|
	33	// +-----------------------------------------------------------------------+
	34
	35	include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
	36
	37	$my_base_url = get_root_url().'admin.php?page=';
	38
	39	$tabsheet = new tabsheet();
	40	$tabsheet->set_id('groups');
	41	$tabsheet->select('group_list');
	42	$tabsheet->assign();
	43
	44	// +-----------------------------------------------------------------------+
[1072]	45	// \| Check Access and exit when user status is not ok \|
	46	// +-----------------------------------------------------------------------+
	47	check_status(ACCESS_ADMINISTRATOR);
	48
[5195]	49	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
	50	{
	51	check_pwg_token();
	52	}
[1072]	53	// +-----------------------------------------------------------------------+
[815]	54	// \| add a group \|
	55	// +-----------------------------------------------------------------------+
	56
[8126]	57	if (isset($_POST['submit_add']))
[21]	58	{
[815]	59	if (empty($_POST['groupname']))
[21]	60	{
[25018]	61	$page['errors'][] = l10n('The name of a group must not contain " or \' or be empty.');
[21]	62	}
[815]	63	if (count($page['errors']) == 0)
[21]	64	{
	65	// is the group not already existing ?
[815]	66	$query = '
	67	SELECT COUNT(*)
	68	FROM '.GROUPS_TABLE.'
	69	WHERE name = \''.$_POST['groupname'].'\'
	70	;';
[4325]	71	list($count) = pwg_db_fetch_row(pwg_query($query));
[815]	72	if ($count != 0)
[21]	73	{
[25018]	74	$page['errors'][] = l10n('This name is already used by another group.');
[21]	75	}
	76	}
[815]	77	if (count($page['errors']) == 0)
[21]	78	{
	79	// creating the group
[704]	80	$query = '
[815]	81	INSERT INTO '.GROUPS_TABLE.'
	82	(name)
[704]	83	VALUES
[4325]	84	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
[704]	85	;';
	86	pwg_query($query);
[815]	87
[25005]	88	$page['infos'][] = l10n('group "%s" added', $_POST['groupname']);
[704]	89	}
[623]	90	}
[21]	91
[815]	92	// +-----------------------------------------------------------------------+
[19286]	93	// \| action send \|
[1583]	94	// +-----------------------------------------------------------------------+
[19286]	95	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
	96	{
	97	// if the user tries to apply an action, it means that there is at least 1
	98	// photo in the selection
	99	$groups = $_POST['group_selection'];
	100	if (count($groups) == 0)
	101	{
[25018]	102	$page['errors'][] = l10n('Select at least one group');
[19286]	103	}
[1583]	104
[19286]	105	$action = $_POST['selectAction'];
	106
	107	// +
	108	// \|rename a group
	109	// +
	110
	111	if ($action=="rename")
	112	{
[25119]	113	// is the group not already existing ?
	114	$query = '
	115	SELECT name
	116	FROM '.GROUPS_TABLE.'
	117	;';
	118	$group_names = array_from_query($query, 'name');
[19286]	119	foreach($groups as $group)
	120	{
[25119]	121	if ( in_array($_POST['rename_'.$group.''], $group_names))
[19286]	122	{
[25119]	123	$page['errors'][] = $_POST['rename_'.$group.''].' \| '.l10n('This name is already used by another group.');
	124	}
	125	elseif ( !empty($_POST['rename_'.$group.'']))
	126	{
[19286]	127	$query = '
	128	UPDATE '.GROUPS_TABLE.'
[25119]	129	SET name = \''.pwg_db_real_escape_string($_POST['rename_'.$group.'']).'\'
[19286]	130	WHERE id = '.$group.'
	131	;';
	132	pwg_query($query);
	133	}
	134	}
	135	}
	136
	137	// +
	138	// \|delete a group
	139	// +
	140
[19290]	141	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
[19286]	142	{
	143	foreach($groups as $group)
	144	{
	145	// destruction of the access linked to the group
	146	$query = '
	147	DELETE
	148	FROM '.GROUP_ACCESS_TABLE.'
	149	WHERE group_id = '.$group.'
	150	;';
	151	pwg_query($query);
	152
	153	// destruction of the users links for this group
	154	$query = '
	155	DELETE
	156	FROM '.USER_GROUP_TABLE.'
	157	WHERE group_id = '.$group.'
	158	;';
	159	pwg_query($query);
	160
	161	$query = '
	162	SELECT name
	163	FROM '.GROUPS_TABLE.'
	164	WHERE id = '.$group.'
	165	;';
	166	list($groupname) = pwg_db_fetch_row(pwg_query($query));
	167
	168	// destruction of the group
	169	$query = '
	170	DELETE
	171	FROM '.GROUPS_TABLE.'
	172	WHERE id = '.$group.'
	173	;';
	174	pwg_query($query);
	175
[25005]	176	$page['infos'][] = l10n('group "%s" deleted', $groupname);
[19286]	177	}
	178	}
	179
	180	// +
[19290]	181	// \|merge groups into a new one
	182	// +
	183
[20740]	184	if ($action=="merge" and count($groups) > 1)
[19290]	185	{
	186	// is the group not already existing ?
	187	$query = '
	188	SELECT COUNT(*)
	189	FROM '.GROUPS_TABLE.'
	190	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
	191	;';
	192	list($count) = pwg_db_fetch_row(pwg_query($query));
	193	if ($count != 0)
	194	{
[25018]	195	$page['errors'][] = l10n('This name is already used by another group.');
[19290]	196	}
	197	else
	198	{
	199	// creating the group
	200	$query = '
	201	INSERT INTO '.GROUPS_TABLE.'
	202	(name)
	203	VALUES
	204	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
	205	;';
	206	pwg_query($query);
	207	$query = '
	208	SELECT id
	209	FROM '.GROUPS_TABLE.'
	210	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
	211	;';
	212	list($groupid) = pwg_db_fetch_row(pwg_query($query));
	213	}
	214	$grp_access = array();
	215	$usr_grp = array();
	216	foreach($groups as $group)
	217	{
	218	$query = '
	219	SELECT *
	220	FROM '.GROUP_ACCESS_TABLE.'
	221	WHERE group_id = '.$group.'
	222	;';
	223	$res=pwg_query($query);
	224	while ($row = pwg_db_fetch_assoc($res))
	225	{
	226	$new_grp_access= array(
	227	'cat_id' => $row['cat_id'],
	228	'group_id' => $groupid
	229	);
	230	if (!in_array($new_grp_access,$grp_access))
	231	{
	232	$grp_access[]=$new_grp_access;
	233	}
	234	}
	235
	236	$query = '
	237	SELECT *
	238	FROM '.USER_GROUP_TABLE.'
	239	WHERE group_id = '.$group.'
	240	;';
	241	$res=pwg_query($query);
	242	while ($row = pwg_db_fetch_assoc($res))
	243	{
	244	$new_usr_grp= array(
	245	'user_id' => $row['user_id'],
	246	'group_id' => $groupid
	247	);
	248	if (!in_array($new_usr_grp,$usr_grp))
	249	{
	250	$usr_grp[]=$new_usr_grp;
	251	}
	252	}
	253	}
	254	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
	255	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
[25005]	256
	257	$page['infos'][] = l10n('group "%s" added', $_POST['merge']);
[19290]	258	}
	259
	260	// +
[19286]	261	// \|duplicate a group
	262	// +
	263
	264	if ($action=="duplicate" )
	265	{
	266	foreach($groups as $group)
	267	{
	268	if ( empty($_POST['duplicate_'.$group.'']) )
	269	{
	270	break;
	271	}
	272	// is the group not already existing ?
	273	$query = '
	274	SELECT COUNT(*)
	275	FROM '.GROUPS_TABLE.'
	276	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
	277	;';
	278	list($count) = pwg_db_fetch_row(pwg_query($query));
	279	if ($count != 0)
	280	{
[25018]	281	$page['errors'][] = l10n('This name is already used by another group.');
[19286]	282	break;
	283	}
	284	// creating the group
	285	$query = '
	286	INSERT INTO '.GROUPS_TABLE.'
	287	(name)
	288	VALUES
	289	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
	290	;';
	291	pwg_query($query);
	292	$query = '
	293	SELECT id
	294	FROM '.GROUPS_TABLE.'
	295	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
	296	;';
	297
	298	list($groupid) = pwg_db_fetch_row(pwg_query($query));
	299	$query = '
	300	SELECT *
	301	FROM '.GROUP_ACCESS_TABLE.'
	302	WHERE group_id = '.$group.'
	303	;';
	304	$grp_access = array();
	305	$res=pwg_query($query);
	306	while ($row = pwg_db_fetch_assoc($res))
	307	{
	308	$grp_access[] = array(
	309	'cat_id' => $row['cat_id'],
	310	'group_id' => $groupid
	311	);
	312	}
	313	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
	314
	315	$query = '
	316	SELECT *
	317	FROM '.USER_GROUP_TABLE.'
	318	WHERE group_id = '.$group.'
	319	;';
	320	$usr_grp = array();
	321	$res=pwg_query($query);
	322	while ($row = pwg_db_fetch_assoc($res))
	323	{
	324	$usr_grp[] = array(
	325	'user_id' => $row['user_id'],
	326	'group_id' => $groupid
	327	);
	328	}
	329	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
[1583]	330
[25005]	331	$page['infos'][] = l10n('group "%s" added', $_POST['duplicate_'.$group.'']);
[19286]	332	}
	333	}
[1583]	334
[19286]	335
	336	// +
	337	// \| toggle_default
	338	// +
	339
	340	if ($action=="toggle_default")
	341	{
	342	foreach($groups as $group)
	343	{
	344	$query = '
	345	SELECT name, is_default
	346	FROM '.GROUPS_TABLE.'
	347	WHERE id = '.$group.'
	348	;';
	349	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
	350
	351	// update of the group
	352	$query = '
	353	UPDATE '.GROUPS_TABLE.'
	354	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
	355	WHERE id = '.$group.'
	356	;';
	357	pwg_query($query);
	358
[25005]	359	$page['infos'][] = l10n('group "%s" updated', $groupname);
[19286]	360	}
	361	}
[25975]	362	invalidate_user_cache();
[1583]	363	}
	364	// +-----------------------------------------------------------------------+
[815]	365	// \| template init \|
	366	// +-----------------------------------------------------------------------+
[21]	367
[2530]	368	$template->set_filenames(array('group_list' => 'group_list.tpl'));
[623]	369
[2273]	370	$template->assign(
[815]	371	array(
[2273]	372	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
[5920]	373	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
[5195]	374	'PWG_TOKEN' => get_pwg_token(),
[815]	375	)
	376	);
[623]	377
[815]	378	// +-----------------------------------------------------------------------+
	379	// \| group list \|
	380	// +-----------------------------------------------------------------------+
	381
	382	$query = '
[1583]	383	SELECT id, name, is_default
[815]	384	FROM '.GROUPS_TABLE.'
[1960]	385	ORDER BY name ASC
[815]	386	;';
	387	$result = pwg_query($query);
	388
[2273]	389	$admin_url = get_root_url().'admin.php?page=';
[815]	390	$perm_url = $admin_url.'group_perm&group_id=';
	391	$del_url = $admin_url.'group_list&delete=';
	392	$members_url = $admin_url.'user_list&group=';
[1583]	393	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
[815]	394
[4325]	395	while ($row = pwg_db_fetch_assoc($result))
[623]	396	{
[815]	397	$query = '
[19290]	398	SELECT username
	399	FROM '.USERS_TABLE.' AS u
	400	INNER JOIN '.USER_GROUP_TABLE.' AS ug
	401	ON u.'.$conf['user_fields']['id'].' = ug.user_id
	402	WHERE ug.group_id = '.$row['id'].'
[815]	403	;';
[19290]	404	$members=array();
	405	$res=pwg_query($query);
	406	while ($us= pwg_db_fetch_assoc($res))
	407	{
	408	$members[]=$us['username'];
	409	}
[2273]	410	$template->append(
	411	'groups',
[815]	412	array(
	413	'NAME' => $row['name'],
[19286]	414	'ID' => $row['id'],
[5021]	415	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
[19290]	416	'NB_MEMBERS' => count($members),
[25449]	417	'L_MEMBERS' => implode(' <span class="userSeparator">·</span> ', $members),
[19290]	418	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
[815]	419	'U_MEMBERS' => $members_url.$row['id'],
[5195]	420	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
[1583]	421	'U_PERM' => $perm_url.$row['id'],
[5195]	422	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
[815]	423	)
	424	);
[623]	425	}
	426
[815]	427	// +-----------------------------------------------------------------------+
	428	// \| sending html code \|
	429	// +-----------------------------------------------------------------------+
	430
	431	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
	432
[19286]	433	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: