Context Navigation

source: trunk/admin/group_list.php @ 20321

Last change on this file since 20321 was 19703, checked in by plg, 11 years ago
update Piwigo headers to 2013 (the end of the world didn't occur as expected on r12922)
Property svn:eol-style set to `LF`
File size: 12.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
37	{
38	check_pwg_token();
39	}
40	// +-----------------------------------------------------------------------+
41	// \| add a group \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	if (empty($_POST['groupname']))
47	{
48	array_push($page['errors'], l10n('The name of a group must not contain " or \' or be empty.'));
49	}
50	if (count($page['errors']) == 0)
51	{
52	// is the group not already existing ?
53	$query = '
54	SELECT COUNT(*)
55	FROM '.GROUPS_TABLE.'
56	WHERE name = \''.$_POST['groupname'].'\'
57	;';
58	list($count) = pwg_db_fetch_row(pwg_query($query));
59	if ($count != 0)
60	{
61	array_push($page['errors'], l10n('This name is already used by another group.'));
62	}
63	}
64	if (count($page['errors']) == 0)
65	{
66	// creating the group
67	$query = '
68	INSERT INTO '.GROUPS_TABLE.'
69	(name)
70	VALUES
71	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
72	;';
73	pwg_query($query);
74
75	array_push(
76	$page['infos'],
77	sprintf(l10n('group "%s" added'), $_POST['groupname'])
78	);
79	}
80	}
81
82	// +-----------------------------------------------------------------------+
83	// \| action send \|
84	// +-----------------------------------------------------------------------+
85	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
86	{
87	// if the user tries to apply an action, it means that there is at least 1
88	// photo in the selection
89	$groups = $_POST['group_selection'];
90	if (count($groups) == 0)
91	{
92	array_push($page['errors'], l10n('Select at least one group'));
93	}
94
95	$action = $_POST['selectAction'];
96
97	// +
98	// \|rename a group
99	// +
100
101	if ($action=="rename")
102	{
103	foreach($groups as $group)
104	{
105	if ( !empty($_POST['rename_'.$group.'']) )
106	{
107	$query = '
108	UPDATE '.GROUPS_TABLE.'
109	SET name = \''.$_POST['rename_'.$group.''].'\'
110	WHERE id = '.$group.'
111	;';
112	pwg_query($query);
113	}
114	}
115	}
116
117	// +
118	// \|delete a group
119	// +
120
121	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
122	{
123	foreach($groups as $group)
124	{
125	// destruction of the access linked to the group
126	$query = '
127	DELETE
128	FROM '.GROUP_ACCESS_TABLE.'
129	WHERE group_id = '.$group.'
130	;';
131	pwg_query($query);
132
133	// destruction of the users links for this group
134	$query = '
135	DELETE
136	FROM '.USER_GROUP_TABLE.'
137	WHERE group_id = '.$group.'
138	;';
139	pwg_query($query);
140
141	$query = '
142	SELECT name
143	FROM '.GROUPS_TABLE.'
144	WHERE id = '.$group.'
145	;';
146	list($groupname) = pwg_db_fetch_row(pwg_query($query));
147
148	// destruction of the group
149	$query = '
150	DELETE
151	FROM '.GROUPS_TABLE.'
152	WHERE id = '.$group.'
153	;';
154	pwg_query($query);
155
156	array_push(
157	$page['infos'],
158	sprintf(l10n('group "%s" deleted'), $groupname)
159	);
160	}
161	}
162
163	// +
164	// \|merge groups into a new one
165	// +
166
167	if ($action=="merge" )
168	{
169	// is the group not already existing ?
170	$query = '
171	SELECT COUNT(*)
172	FROM '.GROUPS_TABLE.'
173	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
174	;';
175	list($count) = pwg_db_fetch_row(pwg_query($query));
176	if ($count != 0)
177	{
178	array_push($page['errors'], l10n('This name is already used by another group.'));
179	}
180	else
181	{
182	// creating the group
183	$query = '
184	INSERT INTO '.GROUPS_TABLE.'
185	(name)
186	VALUES
187	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
188	;';
189	pwg_query($query);
190	$query = '
191	SELECT id
192	FROM '.GROUPS_TABLE.'
193	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
194	;';
195	list($groupid) = pwg_db_fetch_row(pwg_query($query));
196	}
197	$grp_access = array();
198	$usr_grp = array();
199	foreach($groups as $group)
200	{
201	$query = '
202	SELECT *
203	FROM '.GROUP_ACCESS_TABLE.'
204	WHERE group_id = '.$group.'
205	;';
206	$res=pwg_query($query);
207	while ($row = pwg_db_fetch_assoc($res))
208	{
209	$new_grp_access= array(
210	'cat_id' => $row['cat_id'],
211	'group_id' => $groupid
212	);
213	if (!in_array($new_grp_access,$grp_access))
214	{
215	$grp_access[]=$new_grp_access;
216	}
217	}
218
219	$query = '
220	SELECT *
221	FROM '.USER_GROUP_TABLE.'
222	WHERE group_id = '.$group.'
223	;';
224	$res=pwg_query($query);
225	while ($row = pwg_db_fetch_assoc($res))
226	{
227	$new_usr_grp= array(
228	'user_id' => $row['user_id'],
229	'group_id' => $groupid
230	);
231	if (!in_array($new_usr_grp,$usr_grp))
232	{
233	$usr_grp[]=$new_usr_grp;
234	}
235	}
236	}
237	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
238	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
239	array_push(
240	$page['infos'],
241	sprintf(l10n('group "%s" added'), $_POST['merge'])
242	);
243	}
244
245	// +
246	// \|duplicate a group
247	// +
248
249	if ($action=="duplicate" )
250	{
251	foreach($groups as $group)
252	{
253	if ( empty($_POST['duplicate_'.$group.'']) )
254	{
255	break;
256	}
257	// is the group not already existing ?
258	$query = '
259	SELECT COUNT(*)
260	FROM '.GROUPS_TABLE.'
261	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
262	;';
263	list($count) = pwg_db_fetch_row(pwg_query($query));
264	if ($count != 0)
265	{
266	array_push($page['errors'], l10n('This name is already used by another group.'));
267	break;
268	}
269	// creating the group
270	$query = '
271	INSERT INTO '.GROUPS_TABLE.'
272	(name)
273	VALUES
274	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
275	;';
276	pwg_query($query);
277	$query = '
278	SELECT id
279	FROM '.GROUPS_TABLE.'
280	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
281	;';
282
283	list($groupid) = pwg_db_fetch_row(pwg_query($query));
284	$query = '
285	SELECT *
286	FROM '.GROUP_ACCESS_TABLE.'
287	WHERE group_id = '.$group.'
288	;';
289	$grp_access = array();
290	$res=pwg_query($query);
291	while ($row = pwg_db_fetch_assoc($res))
292	{
293	$grp_access[] = array(
294	'cat_id' => $row['cat_id'],
295	'group_id' => $groupid
296	);
297	}
298	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
299
300	$query = '
301	SELECT *
302	FROM '.USER_GROUP_TABLE.'
303	WHERE group_id = '.$group.'
304	;';
305	$usr_grp = array();
306	$res=pwg_query($query);
307	while ($row = pwg_db_fetch_assoc($res))
308	{
309	$usr_grp[] = array(
310	'user_id' => $row['user_id'],
311	'group_id' => $groupid
312	);
313	}
314	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
315
316	array_push(
317	$page['infos'],
318	sprintf(l10n('group "%s" added'), $_POST['duplicate_'.$group.''])
319	);
320	}
321	}
322
323
324	// +
325	// \| toggle_default
326	// +
327
328	if ($action=="toggle_default")
329	{
330	foreach($groups as $group)
331	{
332	$query = '
333	SELECT name, is_default
334	FROM '.GROUPS_TABLE.'
335	WHERE id = '.$group.'
336	;';
337	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
338
339	// update of the group
340	$query = '
341	UPDATE '.GROUPS_TABLE.'
342	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
343	WHERE id = '.$group.'
344	;';
345	pwg_query($query);
346
347	array_push(
348	$page['infos'],
349	sprintf(l10n('group "%s" updated'), $groupname)
350	);
351	}
352	}
353	}
354	// +-----------------------------------------------------------------------+
355	// \| template init \|
356	// +-----------------------------------------------------------------------+
357
358	$template->set_filenames(array('group_list' => 'group_list.tpl'));
359
360	$template->assign(
361	array(
362	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
363	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
364	'PWG_TOKEN' => get_pwg_token(),
365	)
366	);
367
368	// +-----------------------------------------------------------------------+
369	// \| group list \|
370	// +-----------------------------------------------------------------------+
371
372	$query = '
373	SELECT id, name, is_default
374	FROM '.GROUPS_TABLE.'
375	ORDER BY name ASC
376	;';
377	$result = pwg_query($query);
378
379	$admin_url = get_root_url().'admin.php?page=';
380	$perm_url = $admin_url.'group_perm&group_id=';
381	$del_url = $admin_url.'group_list&delete=';
382	$members_url = $admin_url.'user_list&group=';
383	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
384
385	while ($row = pwg_db_fetch_assoc($result))
386	{
387	$query = '
388	SELECT username
389	FROM '.USERS_TABLE.' AS u
390	INNER JOIN '.USER_GROUP_TABLE.' AS ug
391	ON u.'.$conf['user_fields']['id'].' = ug.user_id
392	WHERE ug.group_id = '.$row['id'].'
393	;';
394	$members=array();
395	$res=pwg_query($query);
396	while ($us= pwg_db_fetch_assoc($res))
397	{
398	$members[]=$us['username'];
399	}
400	$template->append(
401	'groups',
402	array(
403	'NAME' => $row['name'],
404	'ID' => $row['id'],
405	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
406	'NB_MEMBERS' => count($members),
407	'L_MEMBERS' => implode(' - ', $members),
408	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
409	'U_MEMBERS' => $members_url.$row['id'],
410	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
411	'U_PERM' => $perm_url.$row['id'],
412	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
413	)
414	);
415	}
416
417	// +-----------------------------------------------------------------------+
418	// \| sending html code \|
419	// +-----------------------------------------------------------------------+
420
421	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
422
423	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: