A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

248 lines
8.2 KiB

  1. <?php
  2. /**
  3. * @package µForum
  4. * @file admin/admin_groups.php
  5. * @version 1.0.x, 22-08-2007, 11:26
  6. * @copyright 2008(c) PioDer <pioder@wp.pl>
  7. * @link http://pioder.gim2przemysl.int.pl/dsf.html
  8. * @license GNU GPL v3
  9. **/
  10. define('IN_uF', true);
  11. //include files
  12. include('./../config.php');
  13. include('./../includes/constants.php');
  14. include('./../includes/class_db.php');
  15. include('./../includes/class_error.php');
  16. include('./../includes/classes/class_pms.php');
  17. //connect to database
  18. DataBase::db_connect();
  19. include('./../includes/sessions.php');
  20. include('./../includes/class_user.php');
  21. include('./../common.php');
  22. include('./../includes/admin/class_main.php');
  23. include('./../includes/class_forum.php');
  24. include('./../includes/admin/class_forum.php');
  25. include('./../includes/classes/secure.php');
  26. include('./../lngs/'.Admin_Over::DefaultLang().'/admin.php');
  27. sess_del_invalid($_SESSION['uid']);
  28. sess_register($_SESSION['uid']);
  29. sess_delete_old();
  30. if (User::UserInformation($_SESSION['uid'],'rank')!=2)
  31. {
  32. admin_message_forum($lng['yournotadmin'],'../index.php');
  33. }
  34. function GenerateDefaultDisplay()
  35. {
  36. global $lng;
  37. global $default_skin;
  38. global $forum_config;
  39. $skin['L.groups'] = $lng['admin_groups'];
  40. $skin['L.new_group'] = $lng['new_group'];
  41. Admin_Over::GenerateHeader();
  42. include('./template/groups_beam_body.tpl');
  43. $sql = "SELECT `g_id`, `name`, `desc` FROM `".GROUPS_TABLE."` ORDER BY `sort`";
  44. $query = DataBase::sql_query($sql, 'GENERAL', 'Could not obtain groups information.');
  45. while($item = mysql_fetch_array($query))
  46. {
  47. $skin = array(
  48. 'g_id'=>$item['g_id'],
  49. 'name'=>$item['name'],
  50. 'desc'=>$item['desc'],
  51. 'move_up'=>$lng['moveup'],
  52. 'move_down'=>$lng['movedown'],
  53. 'delete'=>$lng['delete'],
  54. 'c_delete'=>$lng['c_delete_group']
  55. );
  56. include('./template/group_add_body.tpl');
  57. }
  58. echo '</table>';
  59. include('./template/overall_footer.tpl');
  60. }
  61. if (!isset($_GET['mode']))
  62. {
  63. header('Location: admin_groups.php?mode=view');
  64. }
  65. switch($_GET['mode'])
  66. {
  67. case 'delete':
  68. {
  69. $gid = $_GET['id'];
  70. Secure::group_exists($gid);
  71. $sql = "DELETE FROM ".GROUPS_TABLE." WHERE `g_id`='$gid'";
  72. DataBase::sql_query($sql,'GENERAL','Could not delete group.');
  73. $sql = "DELETE FROM ".USERS_GROUP_TABLE." WHERE `g_id`='$gid'";
  74. DataBase::sql_query($sql,'GENERAL','Could users in group.');
  75. GenerateDefaultDisplay();
  76. break;
  77. }
  78. case 'add':
  79. {
  80. global $lng;
  81. global $forum_config;
  82. global $_POST;
  83. if (isset($_POST['group_name']))
  84. {
  85. if (strlen(trim($_POST['group_name']))>=5)
  86. {
  87. $group_name = htmlspecialchars($_POST['group_name']);
  88. $group_desc = htmlspecialchars($_POST['group_desc']);
  89. $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
  90. $result = @mysql_fetch_array(DataBase::sql_query("SELECT `sort` FROM `".GROUPS_TABLE."`
  91. ORDER BY `sort` DESC LIMIT 1",'GENERAL','Could not obtain last category sort id'));
  92. $group_sort = $result['sort'];
  93. $group_sort = $group_sort+1;
  94. $result = @mysql_fetch_array(DataBase::sql_query("SELECT
  95. `g_id` FROM ".GROUPS_TABLE." ORDER BY `g_id` DESC LIMIT 1",'GENERAL','Could not obtain last group id.'));
  96. $group_id = $result['g_id'];
  97. $group_id = $group_id+1;
  98. $sql = "INSERT INTO ".GROUPS_TABLE." VALUES ('$group_id', '$group_name', '$group_desc', '$group_mod', '$group_sort')";
  99. DataBase::sql_query($sql, 'GENERAL', 'Could not add group');
  100. unset($group_name, $group_desc, $group_mod, $group_id);
  101. admin_message_forum($lng['group_saved'],'admin_groups.php');
  102. }
  103. else
  104. {
  105. $msg = './template/post_error_body.tpl';
  106. $message = $lng['to_short_group_name'];
  107. }
  108. }
  109. else
  110. {
  111. $_POST['group_name'] = '';
  112. $_POST['group_desc'] = '';
  113. $_POST['group_mod'] = '';
  114. $msg='./template/blank.tpl';
  115. }
  116. $skin = array(
  117. 'L.save'=>$lng['submit'],
  118. 'L.reset'=>$lng['reset'],
  119. 'L.group_name'=>$lng['group_name'],
  120. 'L.group_desc'=>$lng['group_desc'],
  121. 'L.group_mod'=>$lng['group_mod'],
  122. 'L.main_beam'=>$lng['new_group'],
  123. 'action'=>'admin_groups.php?mode=add',
  124. 'L.groups' => $lng['admin_groups']
  125. );
  126. Admin_Over::GenerateHeader();
  127. include('./template/group_new_edit_body.tpl');
  128. include('./template/overall_footer.tpl');
  129. break;
  130. }
  131. case 'edit':
  132. {
  133. global $lng;
  134. $gid = $_GET['id'];
  135. global $forum_config;
  136. global $_POST;
  137. Secure::group_exists($gid);
  138. if (isset($_POST['group_name']))
  139. {
  140. if (strlen(trim($_POST['group_name']))>=5)
  141. {
  142. $group_name = htmlspecialchars($_POST['group_name']);
  143. $group_desc = htmlspecialchars($_POST['group_desc']);
  144. $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
  145. $group_id = htmlspecialchars($gid);
  146. $sql = "UPDATE ".GROUPS_TABLE." SET
  147. `name` = '$group_name',
  148. `desc` = '$group_desc',
  149. `m_id` = '$group_mod'
  150. WHERE `g_id` = '$group_id'";
  151. DataBase::sql_query($sql, 'GENERAL', 'Could not update group');
  152. unset($group_name, $group_desc, $group_mod, $group_id);
  153. admin_message_forum($lng['group_saved'],'admin_groups.php');
  154. }
  155. else
  156. {
  157. $msg = './template/post_error_body.tpl';
  158. $message = $lng['to_short_group_name'];
  159. }
  160. }
  161. else
  162. {
  163. $sql = "SELECT * FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'";
  164. $g = @mysql_fetch_array(DataBase::sql_query($sql, 'GENERAL','Could not obtain group information.'));
  165. $_POST['group_name'] = $g['name'];
  166. $_POST['group_desc'] = $g['desc'];
  167. $_POST['group_mod'] = User::UserInformation($g['m_id'],'nick');
  168. $msg='./../skins/'.$default_skin.'/blank.tpl';
  169. }
  170. $skin = array(
  171. 'L.save'=>$lng['submit'],
  172. 'L.reset'=>$lng['reset'],
  173. 'L.group_name'=>$lng['group_name'],
  174. 'L.group_desc'=>$lng['group_desc'],
  175. 'L.group_mod'=>$lng['group_mod'],
  176. 'L.main_beam'=>$lng['edit_group'],
  177. 'action'=>'admin_groups.php?mode=edit&id='.$gid,
  178. 'L.groups' => $lng['admin_groups']
  179. );
  180. Admin_Over::GenerateHeader();
  181. include('./template/group_new_edit_body.tpl');
  182. include('./template/overall_footer.tpl');
  183. break;
  184. }
  185. case 'moveup':
  186. {
  187. if (isset($_GET['id']))
  188. {
  189. $i1 = intval($_GET['id']);
  190. $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
  191. $s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.'));
  192. $s1 = $s1['sort'];
  193. $s2 = $s1 -1;
  194. if ($s1>1)
  195. {
  196. $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
  197. $s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.'));
  198. $i2 = $s2['g_id'];
  199. $s2 = $s2['sort'];
  200. $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
  201. DataBase::sql_query($sql,'GENERAL','Could not update group position');
  202. $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
  203. DataBase::sql_query($sql,'GENERAL','Could not update group position');
  204. }
  205. }
  206. GenerateDefaultDisplay();
  207. break;
  208. }
  209. case 'movedown':
  210. {
  211. if (isset($_GET['id']))
  212. {
  213. $i1 = intval($_GET['id']);
  214. $i2 = $i1 +1;
  215. $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
  216. $s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.'));
  217. $s1 = $s1['sort'];
  218. $s2 = $s1 +1;
  219. $sql = "SELECT `g_id` FROM ".GROUPS_TABLE;
  220. $count = @mysql_num_rows(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.'));
  221. if ($s1<$count)
  222. {
  223. $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
  224. $s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.'));
  225. $i2 = $s2['g_id'];
  226. $s2 = $s2['sort'];
  227. $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
  228. DataBase::sql_query($sql,'GENERAL','Could not update group position');
  229. $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
  230. DataBase::sql_query($sql,'GENERAL','Could not update group position');
  231. }
  232. }
  233. GenerateDefaultDisplay();
  234. break;
  235. }
  236. case 'view':
  237. {
  238. GenerateDefaultDisplay();
  239. break;
  240. }
  241. default:
  242. {
  243. header('Location: admin_groups.php?mode=view');
  244. break;
  245. }
  246. }
  247. @ini_set('display_errors', '1');
  248. ?>