Context Navigation

source: trunk/admin/group_list.php @ 25119

Last change on this file since 25119 was 25119, checked in by flop25, 11 years ago
bug:2980 Fatal error when renaming a group
Property svn:eol-style set to `LF`
File size: 12.2 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if( !defined("PHPWG_ROOT_PATH") )
25	{
26	die ("Hacking attempt!");
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	if (!empty($_POST) or isset($_GET['delete']) or isset($_GET['toggle_is_default']))
37	{
38	check_pwg_token();
39	}
40	// +-----------------------------------------------------------------------+
41	// \| add a group \|
42	// +-----------------------------------------------------------------------+
43
44	if (isset($_POST['submit_add']))
45	{
46	if (empty($_POST['groupname']))
47	{
48	$page['errors'][] = l10n('The name of a group must not contain " or \' or be empty.');
49	}
50	if (count($page['errors']) == 0)
51	{
52	// is the group not already existing ?
53	$query = '
54	SELECT COUNT(*)
55	FROM '.GROUPS_TABLE.'
56	WHERE name = \''.$_POST['groupname'].'\'
57	;';
58	list($count) = pwg_db_fetch_row(pwg_query($query));
59	if ($count != 0)
60	{
61	$page['errors'][] = l10n('This name is already used by another group.');
62	}
63	}
64	if (count($page['errors']) == 0)
65	{
66	// creating the group
67	$query = '
68	INSERT INTO '.GROUPS_TABLE.'
69	(name)
70	VALUES
71	(\''.pwg_db_real_escape_string($_POST['groupname']).'\')
72	;';
73	pwg_query($query);
74
75	$page['infos'][] = l10n('group "%s" added', $_POST['groupname']);
76	}
77	}
78
79	// +-----------------------------------------------------------------------+
80	// \| action send \|
81	// +-----------------------------------------------------------------------+
82	if (isset($_POST['submit']) and isset($_POST['selectAction']) and isset($_POST['group_selection']))
83	{
84	// if the user tries to apply an action, it means that there is at least 1
85	// photo in the selection
86	$groups = $_POST['group_selection'];
87	if (count($groups) == 0)
88	{
89	$page['errors'][] = l10n('Select at least one group');
90	}
91
92	$action = $_POST['selectAction'];
93
94	// +
95	// \|rename a group
96	// +
97
98	if ($action=="rename")
99	{
100	// is the group not already existing ?
101	$query = '
102	SELECT name
103	FROM '.GROUPS_TABLE.'
104	;';
105	$group_names = array_from_query($query, 'name');
106	foreach($groups as $group)
107	{
108	if ( in_array($_POST['rename_'.$group.''], $group_names))
109	{
110	$page['errors'][] = $_POST['rename_'.$group.''].' \| '.l10n('This name is already used by another group.');
111	}
112	elseif ( !empty($_POST['rename_'.$group.'']))
113	{
114	$query = '
115	UPDATE '.GROUPS_TABLE.'
116	SET name = \''.pwg_db_real_escape_string($_POST['rename_'.$group.'']).'\'
117	WHERE id = '.$group.'
118	;';
119	pwg_query($query);
120	}
121	}
122	}
123
124	// +
125	// \|delete a group
126	// +
127
128	if ($action=="delete" and isset($_POST['confirm_deletion']) and $_POST['confirm_deletion'])
129	{
130	foreach($groups as $group)
131	{
132	// destruction of the access linked to the group
133	$query = '
134	DELETE
135	FROM '.GROUP_ACCESS_TABLE.'
136	WHERE group_id = '.$group.'
137	;';
138	pwg_query($query);
139
140	// destruction of the users links for this group
141	$query = '
142	DELETE
143	FROM '.USER_GROUP_TABLE.'
144	WHERE group_id = '.$group.'
145	;';
146	pwg_query($query);
147
148	$query = '
149	SELECT name
150	FROM '.GROUPS_TABLE.'
151	WHERE id = '.$group.'
152	;';
153	list($groupname) = pwg_db_fetch_row(pwg_query($query));
154
155	// destruction of the group
156	$query = '
157	DELETE
158	FROM '.GROUPS_TABLE.'
159	WHERE id = '.$group.'
160	;';
161	pwg_query($query);
162
163	$page['infos'][] = l10n('group "%s" deleted', $groupname);
164	}
165	}
166
167	// +
168	// \|merge groups into a new one
169	// +
170
171	if ($action=="merge" and count($groups) > 1)
172	{
173	// is the group not already existing ?
174	$query = '
175	SELECT COUNT(*)
176	FROM '.GROUPS_TABLE.'
177	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
178	;';
179	list($count) = pwg_db_fetch_row(pwg_query($query));
180	if ($count != 0)
181	{
182	$page['errors'][] = l10n('This name is already used by another group.');
183	}
184	else
185	{
186	// creating the group
187	$query = '
188	INSERT INTO '.GROUPS_TABLE.'
189	(name)
190	VALUES
191	(\''.pwg_db_real_escape_string($_POST['merge']).'\')
192	;';
193	pwg_query($query);
194	$query = '
195	SELECT id
196	FROM '.GROUPS_TABLE.'
197	WHERE name = \''.pwg_db_real_escape_string($_POST['merge']).'\'
198	;';
199	list($groupid) = pwg_db_fetch_row(pwg_query($query));
200	}
201	$grp_access = array();
202	$usr_grp = array();
203	foreach($groups as $group)
204	{
205	$query = '
206	SELECT *
207	FROM '.GROUP_ACCESS_TABLE.'
208	WHERE group_id = '.$group.'
209	;';
210	$res=pwg_query($query);
211	while ($row = pwg_db_fetch_assoc($res))
212	{
213	$new_grp_access= array(
214	'cat_id' => $row['cat_id'],
215	'group_id' => $groupid
216	);
217	if (!in_array($new_grp_access,$grp_access))
218	{
219	$grp_access[]=$new_grp_access;
220	}
221	}
222
223	$query = '
224	SELECT *
225	FROM '.USER_GROUP_TABLE.'
226	WHERE group_id = '.$group.'
227	;';
228	$res=pwg_query($query);
229	while ($row = pwg_db_fetch_assoc($res))
230	{
231	$new_usr_grp= array(
232	'user_id' => $row['user_id'],
233	'group_id' => $groupid
234	);
235	if (!in_array($new_usr_grp,$usr_grp))
236	{
237	$usr_grp[]=$new_usr_grp;
238	}
239	}
240	}
241	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
242	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
243
244	$page['infos'][] = l10n('group "%s" added', $_POST['merge']);
245	}
246
247	// +
248	// \|duplicate a group
249	// +
250
251	if ($action=="duplicate" )
252	{
253	foreach($groups as $group)
254	{
255	if ( empty($_POST['duplicate_'.$group.'']) )
256	{
257	break;
258	}
259	// is the group not already existing ?
260	$query = '
261	SELECT COUNT(*)
262	FROM '.GROUPS_TABLE.'
263	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
264	;';
265	list($count) = pwg_db_fetch_row(pwg_query($query));
266	if ($count != 0)
267	{
268	$page['errors'][] = l10n('This name is already used by another group.');
269	break;
270	}
271	// creating the group
272	$query = '
273	INSERT INTO '.GROUPS_TABLE.'
274	(name)
275	VALUES
276	(\''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\')
277	;';
278	pwg_query($query);
279	$query = '
280	SELECT id
281	FROM '.GROUPS_TABLE.'
282	WHERE name = \''.pwg_db_real_escape_string($_POST['duplicate_'.$group.'']).'\'
283	;';
284
285	list($groupid) = pwg_db_fetch_row(pwg_query($query));
286	$query = '
287	SELECT *
288	FROM '.GROUP_ACCESS_TABLE.'
289	WHERE group_id = '.$group.'
290	;';
291	$grp_access = array();
292	$res=pwg_query($query);
293	while ($row = pwg_db_fetch_assoc($res))
294	{
295	$grp_access[] = array(
296	'cat_id' => $row['cat_id'],
297	'group_id' => $groupid
298	);
299	}
300	mass_inserts(GROUP_ACCESS_TABLE, array('group_id','cat_id'), $grp_access);
301
302	$query = '
303	SELECT *
304	FROM '.USER_GROUP_TABLE.'
305	WHERE group_id = '.$group.'
306	;';
307	$usr_grp = array();
308	$res=pwg_query($query);
309	while ($row = pwg_db_fetch_assoc($res))
310	{
311	$usr_grp[] = array(
312	'user_id' => $row['user_id'],
313	'group_id' => $groupid
314	);
315	}
316	mass_inserts(USER_GROUP_TABLE, array('user_id','group_id'), $usr_grp);
317
318	$page['infos'][] = l10n('group "%s" added', $_POST['duplicate_'.$group.'']);
319	}
320	}
321
322
323	// +
324	// \| toggle_default
325	// +
326
327	if ($action=="toggle_default")
328	{
329	foreach($groups as $group)
330	{
331	$query = '
332	SELECT name, is_default
333	FROM '.GROUPS_TABLE.'
334	WHERE id = '.$group.'
335	;';
336	list($groupname, $is_default) = pwg_db_fetch_row(pwg_query($query));
337
338	// update of the group
339	$query = '
340	UPDATE '.GROUPS_TABLE.'
341	SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
342	WHERE id = '.$group.'
343	;';
344	pwg_query($query);
345
346	$page['infos'][] = l10n('group "%s" updated', $groupname);
347	}
348	}
349	}
350	// +-----------------------------------------------------------------------+
351	// \| template init \|
352	// +-----------------------------------------------------------------------+
353
354	$template->set_filenames(array('group_list' => 'group_list.tpl'));
355
356	$template->assign(
357	array(
358	'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
359	'U_HELP' => get_root_url().'admin/popuphelp.php?page=group_list',
360	'PWG_TOKEN' => get_pwg_token(),
361	)
362	);
363
364	// +-----------------------------------------------------------------------+
365	// \| group list \|
366	// +-----------------------------------------------------------------------+
367
368	$query = '
369	SELECT id, name, is_default
370	FROM '.GROUPS_TABLE.'
371	ORDER BY name ASC
372	;';
373	$result = pwg_query($query);
374
375	$admin_url = get_root_url().'admin.php?page=';
376	$perm_url = $admin_url.'group_perm&group_id=';
377	$del_url = $admin_url.'group_list&delete=';
378	$members_url = $admin_url.'user_list&group=';
379	$toggle_is_default_url = $admin_url.'group_list&toggle_is_default=';
380
381	while ($row = pwg_db_fetch_assoc($result))
382	{
383	$query = '
384	SELECT username
385	FROM '.USERS_TABLE.' AS u
386	INNER JOIN '.USER_GROUP_TABLE.' AS ug
387	ON u.'.$conf['user_fields']['id'].' = ug.user_id
388	WHERE ug.group_id = '.$row['id'].'
389	;';
390	$members=array();
391	$res=pwg_query($query);
392	while ($us= pwg_db_fetch_assoc($res))
393	{
394	$members[]=$us['username'];
395	}
396	$template->append(
397	'groups',
398	array(
399	'NAME' => $row['name'],
400	'ID' => $row['id'],
401	'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('default').']' : ''),
402	'NB_MEMBERS' => count($members),
403	'L_MEMBERS' => implode(' - ', $members),
404	'MEMBERS' => l10n_dec('%d member', '%d members', count($members)),
405	'U_MEMBERS' => $members_url.$row['id'],
406	'U_DELETE' => $del_url.$row['id'].'&pwg_token='.get_pwg_token(),
407	'U_PERM' => $perm_url.$row['id'],
408	'U_ISDEFAULT' => $toggle_is_default_url.$row['id'].'&pwg_token='.get_pwg_token(),
409	)
410	);
411	}
412
413	// +-----------------------------------------------------------------------+
414	// \| sending html code \|
415	// +-----------------------------------------------------------------------+
416
417	$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
418
419	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: