source: trunk/admin/group_list.php @ 2933

Last change on this file since 2933 was 2752, checked in by patdenice, 16 years ago
  • change mysql_escape_string function (deprecated) by mysql_real_escape_string.
  • Correction on install.tpl (link color).
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 6.8 KB
RevLine 
[21]1<?php
[362]2// +-----------------------------------------------------------------------+
[2297]3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
[815]23
[623]24if( !defined("PHPWG_ROOT_PATH") )
25{
[815]26  die ("Hacking attempt!");
[623]27}
28
[1072]29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
[815]31// +-----------------------------------------------------------------------+
[1072]32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36// +-----------------------------------------------------------------------+
[815]37// |                             delete a group                            |
38// +-----------------------------------------------------------------------+
39
[1591]40if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser())
[21]41{
[631]42  // destruction of the access linked to the group
[815]43  $query = '
44DELETE
45  FROM '.GROUP_ACCESS_TABLE.'
46  WHERE group_id = '.$_GET['delete'].'
47;';
48  pwg_query($query);
49 
50  // destruction of the users links for this group
51  $query = '
52DELETE
53  FROM '.USER_GROUP_TABLE.'
54  WHERE group_id = '.$_GET['delete'].'
55;';
56  pwg_query($query);
57
58  $query = '
59SELECT name
60  FROM '.GROUPS_TABLE.'
61  WHERE id = '.$_GET['delete'].'
62;';
63  list($groupname) = mysql_fetch_row(pwg_query($query));
64 
65  // destruction of the group
66  $query = '
67DELETE
68  FROM '.GROUPS_TABLE.'
69  WHERE id = '.$_GET['delete'].'
70;';
71  pwg_query($query);
72
73  array_push(
74    $page['infos'],
75    sprintf(l10n('group "%s" deleted'), $groupname)
76    );
[21]77}
[815]78
79// +-----------------------------------------------------------------------+
80// |                              add a group                              |
81// +-----------------------------------------------------------------------+
82
[1591]83if (isset($_POST['submit_add']) and !is_adviser())
[21]84{
[815]85  if (empty($_POST['groupname']))
[21]86  {
[2201]87    array_push($page['errors'], l10n('group_add_error1'));
[21]88  }
[815]89  if (count($page['errors']) == 0)
[21]90  {
91    // is the group not already existing ?
[815]92    $query = '
93SELECT COUNT(*)
94  FROM '.GROUPS_TABLE.'
95  WHERE name = \''.$_POST['groupname'].'\'
96;';
97    list($count) = mysql_fetch_row(pwg_query($query));
98    if ($count != 0)
[21]99    {
[2201]100      array_push($page['errors'], l10n('group_add_error2'));
[21]101    }
102  }
[815]103  if (count($page['errors']) == 0)
[21]104  {
105    // creating the group
[704]106    $query = '
[815]107INSERT INTO '.GROUPS_TABLE.'
108  (name)
[704]109  VALUES
[2752]110  (\''.mysql_real_escape_string($_POST['groupname']).'\')
[704]111;';
112    pwg_query($query);
[815]113
114    array_push(
115      $page['infos'],
116      sprintf(l10n('group "%s" added'), $_POST['groupname'])
117      );
[704]118  }
[623]119}
[21]120
[815]121// +-----------------------------------------------------------------------+
[1583]122// | toggle is default group property                                      |
123// +-----------------------------------------------------------------------+
124
[1591]125if (isset($_GET['toggle_is_default']) and is_numeric($_GET['toggle_is_default']) and !is_adviser())
[1583]126{
127  $query = '
128SELECT name, is_default
129  FROM '.GROUPS_TABLE.'
130  WHERE id = '.$_GET['toggle_is_default'].'
131;';
132  list($groupname, $is_default) = mysql_fetch_row(pwg_query($query));
133 
134  // update of the group
135  $query = '
136UPDATE '.GROUPS_TABLE.'
137  SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
138  WHERE id = '.$_GET['toggle_is_default'].'
139;';
140  pwg_query($query);
141
142  array_push(
143    $page['infos'],
144    sprintf(l10n('group "%s" updated'), $groupname)
145    );
146}
147
148// +-----------------------------------------------------------------------+
[815]149// |                             template init                             |
150// +-----------------------------------------------------------------------+
[21]151
[2530]152$template->set_filenames(array('group_list' => 'group_list.tpl'));
[623]153
[2273]154$template->assign(
[815]155  array(
[2273]156    'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
157    'U_HELP' => get_root_url().'popuphelp.php?page=group_list',
[815]158    )
159  );
[623]160
[815]161// +-----------------------------------------------------------------------+
162// |                              group list                               |
163// +-----------------------------------------------------------------------+
164
165$query = '
[1583]166SELECT id, name, is_default
[815]167  FROM '.GROUPS_TABLE.'
[1960]168  ORDER BY name ASC
[815]169;';
170$result = pwg_query($query);
171
[2273]172$admin_url = get_root_url().'admin.php?page=';
[815]173$perm_url    = $admin_url.'group_perm&amp;group_id=';
174$del_url     = $admin_url.'group_list&amp;delete=';
175$members_url = $admin_url.'user_list&amp;group=';
[1583]176$toggle_is_default_url     = $admin_url.'group_list&amp;toggle_is_default=';
[815]177
178while ($row = mysql_fetch_array($result))
[623]179{
[815]180  $query = '
181SELECT COUNT(*)
182  FROM '.USER_GROUP_TABLE.'
183  WHERE group_id = '.$row['id'].'
184;';
185  list($counter) = mysql_fetch_row(pwg_query($query));
186 
[2273]187  $template->append(
188    'groups',
[815]189    array(
190      'NAME' => $row['name'],
[1583]191      'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('is_default_group').']' : ''),
[1932]192      'MEMBERS' => l10n_dec('%d member', '%d members', $counter),
[815]193      'U_MEMBERS' => $members_url.$row['id'],
194      'U_DELETE' => $del_url.$row['id'],
[1583]195      'U_PERM' => $perm_url.$row['id'],
196      'U_ISDEFAULT' => $toggle_is_default_url.$row['id']
[815]197      )
198    );
[623]199}
200
[815]201// +-----------------------------------------------------------------------+
202// |                           sending html code                           |
203// +-----------------------------------------------------------------------+
204
205$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
206
[362]207?>
Note: See TracBrowser for help on using the repository browser.