aboutsummaryrefslogtreecommitdiffstats
path: root/admin/group_list.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/group_list.php135
1 files changed, 135 insertions, 0 deletions
diff --git a/admin/group_list.php b/admin/group_list.php
new file mode 100644
index 000000000..f58dff1ff
--- /dev/null
+++ b/admin/group_list.php
@@ -0,0 +1,135 @@
+<?php
+/***************************************************************************
+ * group.php *
+ * ------------------- *
+ * application : PhpWebGallery 1.3 *
+ * author : Pierrick LE GALL <pierrick@z0rglub.com> *
+ * *
+ ***************************************************************************/
+
+/***************************************************************************
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; *
+ * *
+ ***************************************************************************/
+include_once( './include/isadmin.inc.php' );
+//----------------------------------------------------- template initialization
+$sub = $vtp->Open( '../template/'.$user['template'].'/admin/group_list.vtp' );
+$tpl = array( 'group_add','add','listuser_permission','delete',
+ 'group_confirm','yes','no','group_list_title' );
+templatize_array( $tpl, 'lang', $sub );
+//-------------------------------------------------------------- delete a group
+$error = array();
+if ( isset ( $_GET['delete'] ) and is_numeric( $_GET['delete'] ) )
+{
+ $query = 'SELECT name';
+ $query.= ' FROM '.PREFIX_TABLE.'groups';
+ $query.= ' WHERE id = '.$_GET['delete'];
+ $query.= ';';
+ $row = mysql_fetch_array( mysql_query( $query ) );
+ // confirm group deletion ?
+ if ( $_GET['confirm'] != 1 )
+ {
+ $vtp->addSession( $sub, 'deletion' );
+ $vtp->setVar( $sub, 'deletion.name', $row['name'] );
+ $yes_url = './admin.php?page=group&amp;delete='.$_GET['delete'];
+ $yes_url.= '&amp;confirm=1';
+ $vtp->setVar( $sub, 'deletion.yes_url', add_session_id( $yes_url ) );
+ $no_url = './admin.php?page=group';
+ $vtp->setVar( $sub, 'deletion.no_url', add_session_id( $no_url ) );
+ $vtp->closeSession( $sub, 'deletion' );
+ }
+ // group deletion confirmed
+ else
+ {
+ $vtp->addSession( $sub, 'confirmation' );
+ $query = 'SELECT COUNT(*) AS nb_result';
+ $query.= ' FROM '.PREFIX_TABLE.'groups';
+ $query.= ' WHERE id = '.$_GET['delete'];
+ $query.= ';';
+ $row2 = mysql_fetch_array( mysql_query( $query ) );
+ if ( $row2['nb_result'] > 0 )
+ {
+ delete_group( $_GET['delete'] );
+ $vtp->setVar( $sub, 'confirmation.class', 'info' );
+ $info = '"'.$row['name'].'" '.$lang['listuser_info_deletion'];
+ $vtp->setVar( $sub, 'confirmation.info', $info );
+ }
+ else
+ {
+ $vtp->setVar( $sub, 'confirmation.class', 'erreur' );
+ $vtp->setVar( $sub, 'confirmation.info', $lang['group_err_unknown'] );
+ }
+ $vtp->closeSession( $sub, 'confirmation' );
+ }
+}
+//----------------------------------------------------------------- add a group
+if ( isset( $_POST['submit'] ) )
+{
+ if ( preg_match( "/'/", $_POST['name'] )
+ or preg_match( '/"/', $_POST['name'] ) )
+ {
+ array_push( $error, $lang['group_add_error1'] );
+ }
+ if ( count( $error ) == 0 )
+ {
+ // is the group not already existing ?
+ $query = 'SELECT id';
+ $query.= ' FROM '.PREFIX_TABLE.'groups';
+ $query.= " WHERE name = '".$_POST['name']."'";
+ $query.= ';';
+ $result = mysql_query( $query );
+ if ( mysql_num_rows( $result ) > 0 )
+ {
+ array_push( $error, $lang['group_add_error2'] );
+ }
+ }
+ if ( count( $error ) == 0 )
+ {
+ // creating the group
+ $query = ' INSERT INTO '.PREFIX_TABLE.'groups';
+ $query.= " (name) VALUES ('".$_POST['name']."')";
+ $query.= ';';
+ mysql_query( $query );
+ }
+}
+//-------------------------------------------------------------- errors display
+if ( sizeof( $error ) != 0 )
+{
+ $vtp->addSession( $sub, 'errors' );
+ for ( $i = 0; $i < sizeof( $error ); $i++ )
+ {
+ $vtp->addSession( $sub, 'li' );
+ $vtp->setVar( $sub, 'li.li', $error[$i] );
+ $vtp->closeSession( $sub, 'li' );
+ }
+ $vtp->closeSession( $sub, 'errors' );
+}
+//----------------------------------------------------------------- groups list
+$vtp->addSession( $sub, 'groups' );
+
+$query = 'SELECT id,name';
+$query.= ' FROM '.PREFIX_TABLE.'groups';
+$query.= ' ORDER BY id ASC';
+$query.= ';';
+$result = mysql_query( $query );
+while ( $row = mysql_fetch_array( $result ) )
+{
+ $vtp->addSession( $sub, 'group' );
+ $vtp->setVar( $sub, 'group.name', $row['name'] );
+ $url = './admin.php?page=group_perm&amp;group_id='.$row['id'];
+ $vtp->setVar( $sub, 'group.permission_url', add_session_id( $url ) );
+ $url = './admin.php?page=group&amp;delete='.$row['id'];
+ $vtp->setVar( $sub, 'group.deletion_url', add_session_id( $url ) );
+ $vtp->closeSession( $sub, 'group' );
+}
+
+$vtp->closeSession( $sub, 'groups' );
+//------------------------------------------------------- create new group form
+$action = './admin.php?'.$_SERVER['QUERY_STRING'];
+$vtp->setVar( $sub, 'form_action', $action );
+//----------------------------------------------------------- sending html code
+$vtp->Parse( $handle , 'sub', $sub );
+?> \ No newline at end of file