aboutsummaryrefslogtreecommitdiffstats
path: root/admin/group_list.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2005-08-16 15:19:40 +0000
committerplegall <plg@piwigo.org>2005-08-16 15:19:40 +0000
commit5840251d559a368c084602d971e8d0926860c186 (patch)
tree984da246c5e7c0f5fa97dd553da5405106c0fdfb /admin/group_list.php
parent149edc131d7cac50dfac0a9d00c0a36c4355ec9a (diff)
- modification : admin/group_list screen completely rewrite to present the
list of existing groups and a form to add a new group. Here you can delete a group, go to permissions management for a group, go to member list of a group (on admin/user_list with a filter on group). - modification : admin/user_perm and admin/group_perm are not directly reachable by the admin menu anymore. Only the user/group list lets you reach user/group permissions management screen. git-svn-id: http://piwigo.org/svn/trunk@815 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--admin/group_list.php261
1 files changed, 122 insertions, 139 deletions
diff --git a/admin/group_list.php b/admin/group_list.php
index f789a6b27..7bc08b3f4 100644
--- a/admin/group_list.php
+++ b/admin/group_list.php
@@ -24,171 +24,154 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
+
if( !defined("PHPWG_ROOT_PATH") )
{
- die ("Hacking attempt!");
+ die ("Hacking attempt!");
}
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php' );
-//-------------------------------------------------------------- delete a group
-if ( isset( $_POST['delete'] ) && isset( $_POST['confirm_delete'] ) )
+// +-----------------------------------------------------------------------+
+// | delete a group |
+// +-----------------------------------------------------------------------+
+
+if (isset($_GET['delete']) and is_numeric($_GET['delete']))
{
// destruction of the access linked to the group
- $query = 'DELETE FROM '.GROUP_ACCESS_TABLE;
- $query.= ' WHERE group_id = '.$_POST['group_id'];
- $query.= ';';
- pwg_query( $query );
-
- // destruction of the users links for this group
- $query = 'DELETE FROM ' . USER_GROUP_TABLE;
- $query.= ' WHERE group_id = '.$_POST['group_id'];
- pwg_query( $query );
-
- // destruction of the group
- $query = 'DELETE FROM ' . GROUPS_TABLE;
- $query.= ' WHERE id = '.$_POST['group_id'];
- $query.= ';';
- pwg_query( $query );
+ $query = '
+DELETE
+ FROM '.GROUP_ACCESS_TABLE.'
+ WHERE group_id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ // destruction of the users links for this group
+ $query = '
+DELETE
+ FROM '.USER_GROUP_TABLE.'
+ WHERE group_id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ $query = '
+SELECT name
+ FROM '.GROUPS_TABLE.'
+ WHERE id = '.$_GET['delete'].'
+;';
+ list($groupname) = mysql_fetch_row(pwg_query($query));
+
+ // destruction of the group
+ $query = '
+DELETE
+ FROM '.GROUPS_TABLE.'
+ WHERE id = '.$_GET['delete'].'
+;';
+ pwg_query($query);
+
+ array_push(
+ $page['infos'],
+ sprintf(l10n('group "%s" deleted'), $groupname)
+ );
}
-//----------------------------------------------------------------- add a group
-elseif ( isset( $_POST['new'] ) )
+
+// +-----------------------------------------------------------------------+
+// | add a group |
+// +-----------------------------------------------------------------------+
+
+if (isset($_POST['submit_add']))
{
- if ( empty($_POST['newgroup']) || preg_match( "/'/", $_POST['newgroup'] )
- or preg_match( '/"/', $_POST['newgroup'] ) )
+ if (empty($_POST['groupname']))
{
- array_push( $page['errors'], $lang['group_add_error1'] );
+ array_push($page['errors'], $lang['group_add_error1']);
}
- if ( count( $page['errors'] ) == 0 )
+ if (count($page['errors']) == 0)
{
// is the group not already existing ?
- $query = 'SELECT id FROM '.GROUPS_TABLE;
- $query.= " WHERE name = '".$_POST['newgroup']."'";
- $query.= ';';
- $result = pwg_query( $query );
- if ( mysql_num_rows( $result ) > 0 )
+ $query = '
+SELECT COUNT(*)
+ FROM '.GROUPS_TABLE.'
+ WHERE name = \''.$_POST['groupname'].'\'
+;';
+ list($count) = mysql_fetch_row(pwg_query($query));
+ if ($count != 0)
{
- array_push( $page['errors'], $lang['group_add_error2'] );
+ array_push($page['errors'], $lang['group_add_error2']);
}
}
- if ( count( $page['errors'] ) == 0 )
+ if (count($page['errors']) == 0)
{
// creating the group
- $query = ' INSERT INTO '.GROUPS_TABLE;
- $query.= " (name) VALUES ('".$_POST['newgroup']."')";
- $query.= ';';
- pwg_query( $query );
- }
-}
-//------------------------------------------------------------- user management
-elseif ( isset( $_POST['add'] ) )
-{
- $userdata = getuserdata($_POST['username']);
- if (!$userdata)
- {
- array_push($page['errors'], $lang['user_err_unknown']);
- }
- else
- {
- // create a new association between the user and a group
$query = '
-INSERT INTO '.USER_GROUP_TABLE.'
- (user_id,group_id)
+INSERT INTO '.GROUPS_TABLE.'
+ (name)
VALUES
- ('.$userdata['id'].','.$_POST['edit_group_id'].')
+ (\''.mysql_escape_string($_POST['groupname']).'\')
;';
pwg_query($query);
+
+ array_push(
+ $page['infos'],
+ sprintf(l10n('group "%s" added'), $_POST['groupname'])
+ );
}
}
-elseif (isset( $_POST['deny_user'] ))
-{
- $sql_in = '';
- $members = $_POST['members'];
- for($i = 0; $i < count($members); $i++)
- {
- $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
- }
- $query = 'DELETE FROM ' . USER_GROUP_TABLE;
- $query.= ' WHERE user_id IN ('.$sql_in;
- $query.= ') AND group_id = '.$_POST['edit_group_id'];
- pwg_query( $query );
-}
-//----------------------------------------------------------------- groups list
-
-$query = 'SELECT id,name FROM '.GROUPS_TABLE;
-$query.= ' ORDER BY id ASC;';
-$result = pwg_query( $query );
-$groups_display = '<select name="group_id">';
-$groups_nb=0;
-while ( $row = mysql_fetch_array( $result ) )
-{
- $groups_nb++;
- $selected = '';
- if (isset($_POST['group_id']) && $_POST['group_id']==$row['id'])
- $selected = 'selected';
- $groups_display .= '<option value="' . $row['id'] . '" '.$selected.'>' . $row['name'] . '</option>';
-}
-$groups_display .= '</select>';
-
-$action = PHPWG_ROOT_PATH.'admin.php?page=group_list';
-//----------------------------------------------------- template initialization
-$template->set_filenames( array('groups'=>'admin/group_list.tpl') );
-$template->assign_vars(array(
- 'S_GROUP_SELECT'=>$groups_display,
-
- 'L_GROUP_SELECT'=>$lang['group_list_title'],
- 'L_GROUP_CONFIRM'=>$lang['group_confirm_delete'],
- 'L_LOOK_UP'=>$lang['edit'],
- 'L_GROUP_DELETE'=>$lang['delete'],
- 'L_CREATE_NEW_GROUP'=>$lang['group_add'],
- 'L_GROUP_EDIT'=>$lang['group_edit'],
- 'L_USER_NAME'=>$lang['login'],
- 'L_USER_EMAIL'=>$lang['mail_address'],
- 'L_USER_SELECT'=>$lang['Select'],
- 'L_DENY_SELECTED'=>$lang['group_deny_user'],
- 'L_ADD_MEMBER'=>$lang['group_add_user'],
- 'L_FIND_USERNAME'=>$lang['Find_username'],
-
- 'S_GROUP_ACTION'=>add_session_id($action),
- 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php')
- ));
-
-if ($groups_nb)
-{
- $template->assign_block_vars('select_box',array());
-}
-//----------------------------------------------------------------- add a group
-if ( isset( $_POST['edit']) || isset( $_POST['add']) || isset( $_POST['deny_user'] ))
+// +-----------------------------------------------------------------------+
+// | template init |
+// +-----------------------------------------------------------------------+
+
+$template->set_filenames(array('group_list' => 'admin/group_list.tpl'));
+
+$template->assign_vars(
+ array(
+ 'F_ADD_ACTION' =>
+ add_session_id(PHPWG_ROOT_PATH.'admin.php?page=group_list')
+ )
+ );
+
+// +-----------------------------------------------------------------------+
+// | group list |
+// +-----------------------------------------------------------------------+
+
+$query = '
+SELECT id, name
+ FROM '.GROUPS_TABLE.'
+ ORDER BY id ASC
+;';
+$result = pwg_query($query);
+
+$admin_url = PHPWG_ROOT_PATH.'admin.php?page=';
+$perm_url = $admin_url.'group_perm&amp;group_id=';
+$del_url = $admin_url.'group_list&amp;delete=';
+$members_url = $admin_url.'user_list&amp;group=';
+
+$num = 0;
+while ($row = mysql_fetch_array($result))
{
- // Retrieving the group name
- $query = 'SELECT id, name FROM '.GROUPS_TABLE;
- $query.= " WHERE id = '".$_POST['group_id']."'";
- $query.= ';';
- $result = mysql_fetch_array(pwg_query( $query ));
- $template->assign_block_vars('edit_group',array(
- 'GROUP_NAME'=>$result['name'],
- 'GROUP_ID'=>$result['id']
- ));
-
- // Retrieving all the users
- $query = 'SELECT id, username, mail_address';
- $query.= ' FROM ('.USERS_TABLE.' as u';
- $query.= ' LEFT JOIN '.USER_GROUP_TABLE.' as ug ON ug.user_id=u.id)';
- $query.= " WHERE ug.group_id = '".$_POST['group_id']."';";
- $result = pwg_query( $query );
- $i=0;
- while ( $row = mysql_fetch_array( $result ) )
- {
- $class = ($i % 2)? 'row1':'row2'; $i++;
- $template->assign_block_vars('edit_group.user',array(
- 'ID'=>$row['id'],
- 'NAME'=>$row['username'],
- 'EMAIL'=>$row['mail_address'],
- 'T_CLASS'=>$class
- ));
- }
+ $query = '
+SELECT COUNT(*)
+ FROM '.USER_GROUP_TABLE.'
+ WHERE group_id = '.$row['id'].'
+;';
+ list($counter) = mysql_fetch_row(pwg_query($query));
+
+ $template->assign_block_vars(
+ 'group',
+ array(
+ 'CLASS' => ($num++ % 2 == 1) ? 'row2' : 'row1',
+ 'NAME' => $row['name'],
+ 'MEMBERS' => sprintf(l10n('%d members'), $counter),
+ 'U_MEMBERS' => $members_url.$row['id'],
+ 'U_DELETE' => $del_url.$row['id'],
+ 'U_PERM' => $perm_url.$row['id']
+ )
+ );
}
-//----------------------------------------------------------- sending html code
-$template->assign_var_from_handle('ADMIN_CONTENT', 'groups');
+// +-----------------------------------------------------------------------+
+// | sending html code |
+// +-----------------------------------------------------------------------+
+
+$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
+
?>