source: trunk/admin/group_list.php @ 2933

Last change on this file since 2933 was 2752, checked in by patdenice, 16 years ago
  • change mysql_escape_string function (deprecated) by mysql_real_escape_string.
  • Correction on install.tpl (link color).
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 6.8 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008      Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if( !defined("PHPWG_ROOT_PATH") )
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36// +-----------------------------------------------------------------------+
37// |                             delete a group                            |
38// +-----------------------------------------------------------------------+
39
40if (isset($_GET['delete']) and is_numeric($_GET['delete']) and !is_adviser())
41{
42  // destruction of the access linked to the group
43  $query = '
44DELETE
45  FROM '.GROUP_ACCESS_TABLE.'
46  WHERE group_id = '.$_GET['delete'].'
47;';
48  pwg_query($query);
49 
50  // destruction of the users links for this group
51  $query = '
52DELETE
53  FROM '.USER_GROUP_TABLE.'
54  WHERE group_id = '.$_GET['delete'].'
55;';
56  pwg_query($query);
57
58  $query = '
59SELECT name
60  FROM '.GROUPS_TABLE.'
61  WHERE id = '.$_GET['delete'].'
62;';
63  list($groupname) = mysql_fetch_row(pwg_query($query));
64 
65  // destruction of the group
66  $query = '
67DELETE
68  FROM '.GROUPS_TABLE.'
69  WHERE id = '.$_GET['delete'].'
70;';
71  pwg_query($query);
72
73  array_push(
74    $page['infos'],
75    sprintf(l10n('group "%s" deleted'), $groupname)
76    );
77}
78
79// +-----------------------------------------------------------------------+
80// |                              add a group                              |
81// +-----------------------------------------------------------------------+
82
83if (isset($_POST['submit_add']) and !is_adviser())
84{
85  if (empty($_POST['groupname']))
86  {
87    array_push($page['errors'], l10n('group_add_error1'));
88  }
89  if (count($page['errors']) == 0)
90  {
91    // is the group not already existing ?
92    $query = '
93SELECT COUNT(*)
94  FROM '.GROUPS_TABLE.'
95  WHERE name = \''.$_POST['groupname'].'\'
96;';
97    list($count) = mysql_fetch_row(pwg_query($query));
98    if ($count != 0)
99    {
100      array_push($page['errors'], l10n('group_add_error2'));
101    }
102  }
103  if (count($page['errors']) == 0)
104  {
105    // creating the group
106    $query = '
107INSERT INTO '.GROUPS_TABLE.'
108  (name)
109  VALUES
110  (\''.mysql_real_escape_string($_POST['groupname']).'\')
111;';
112    pwg_query($query);
113
114    array_push(
115      $page['infos'],
116      sprintf(l10n('group "%s" added'), $_POST['groupname'])
117      );
118  }
119}
120
121// +-----------------------------------------------------------------------+
122// | toggle is default group property                                      |
123// +-----------------------------------------------------------------------+
124
125if (isset($_GET['toggle_is_default']) and is_numeric($_GET['toggle_is_default']) and !is_adviser())
126{
127  $query = '
128SELECT name, is_default
129  FROM '.GROUPS_TABLE.'
130  WHERE id = '.$_GET['toggle_is_default'].'
131;';
132  list($groupname, $is_default) = mysql_fetch_row(pwg_query($query));
133 
134  // update of the group
135  $query = '
136UPDATE '.GROUPS_TABLE.'
137  SET is_default = \''.boolean_to_string(!get_boolean($is_default)).'\'
138  WHERE id = '.$_GET['toggle_is_default'].'
139;';
140  pwg_query($query);
141
142  array_push(
143    $page['infos'],
144    sprintf(l10n('group "%s" updated'), $groupname)
145    );
146}
147
148// +-----------------------------------------------------------------------+
149// |                             template init                             |
150// +-----------------------------------------------------------------------+
151
152$template->set_filenames(array('group_list' => 'group_list.tpl'));
153
154$template->assign(
155  array(
156    'F_ADD_ACTION' => get_root_url().'admin.php?page=group_list',
157    'U_HELP' => get_root_url().'popuphelp.php?page=group_list',
158    )
159  );
160
161// +-----------------------------------------------------------------------+
162// |                              group list                               |
163// +-----------------------------------------------------------------------+
164
165$query = '
166SELECT id, name, is_default
167  FROM '.GROUPS_TABLE.'
168  ORDER BY name ASC
169;';
170$result = pwg_query($query);
171
172$admin_url = get_root_url().'admin.php?page=';
173$perm_url    = $admin_url.'group_perm&amp;group_id=';
174$del_url     = $admin_url.'group_list&amp;delete=';
175$members_url = $admin_url.'user_list&amp;group=';
176$toggle_is_default_url     = $admin_url.'group_list&amp;toggle_is_default=';
177
178while ($row = mysql_fetch_array($result))
179{
180  $query = '
181SELECT COUNT(*)
182  FROM '.USER_GROUP_TABLE.'
183  WHERE group_id = '.$row['id'].'
184;';
185  list($counter) = mysql_fetch_row(pwg_query($query));
186 
187  $template->append(
188    'groups',
189    array(
190      'NAME' => $row['name'],
191      'IS_DEFAULT' => (get_boolean($row['is_default']) ? ' ['.l10n('is_default_group').']' : ''),
192      'MEMBERS' => l10n_dec('%d member', '%d members', $counter),
193      'U_MEMBERS' => $members_url.$row['id'],
194      'U_DELETE' => $del_url.$row['id'],
195      'U_PERM' => $perm_url.$row['id'],
196      'U_ISDEFAULT' => $toggle_is_default_url.$row['id']
197      )
198    );
199}
200
201// +-----------------------------------------------------------------------+
202// |                           sending html code                           |
203// +-----------------------------------------------------------------------+
204
205$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
206
207?>
Note: See TracBrowser for help on using the repository browser.