- <?php
- /**
- * @package uForum
- * @file admin/admin_groups.php
- * @version $Id$
- * @copyright 2007-2010 (c) PioDer <pioder@wp.pl>
- * @link http://www.pioder.pl/
- * @license see LICENSE.txt
- **/
- define('IN_uF', true);
- //include files
- require('./../config.php');
- require('./../includes/constants.php');
- require('./../includes/db.php');
- require('./../includes/errors.php');
- require('./../includes/classes/class_pms.php');
- //connect to database
- DataBase::db_connect();
- require('./../includes/sessions.php');
- require('./../includes/classes/class_user.php');
- require('./../common.php');
- require('./../includes/admin/class_main.php');
- require('./../includes/classes/class_forum.php');
- require('./../includes/admin/class_forum.php');
- require('./../includes/classes/secure.php');
- require('./../lngs/'.Admin_Over::DefaultLang().'/admin.php');
- SessDelInvalid();
- SessRegister();
- SessDeleteOld();
- if (User::UserInformation($_SESSION['uid'],'rank')!=2)
- {
- admin_message_forum($lng['yournotadmin'],'../index.php');
- }
- function GenerateDefaultDisplay()
- {
- global $lng;
- global $default_skin;
- global $forum_config;
- $skin['L.groups'] = $lng['admin_groups'];
- $skin['L.new_group'] = $lng['new_group'];
- Admin_Over::GenerateHeader();
- require('./template/groups_beam_body.tpl');
- $sql = "SELECT `g_id`, `name`, `desc` FROM `".GROUPS_TABLE."` ORDER BY `sort`";
- $query = DataBase::sql_query($sql, GENERAL, 'Could not obtain groups information.');
- while($item = DataBase::fetch($query))
- {
- $skin = array(
- 'g_id'=>$item['g_id'],
- 'name'=>$item['name'],
- 'desc'=>$item['desc'],
- 'move_up'=>$lng['moveup'],
- 'move_down'=>$lng['movedown'],
- 'delete'=>$lng['delete'],
- 'c_delete'=>$lng['c_delete_group']
- );
- require('./template/group_add_body.tpl');
- }
- echo '</table>';
- require('./template/overall_footer.tpl');
- }
- if (!isset($_GET['mode']))
- {
- header('Location: admin_groups.php?mode=view');
- }
- switch($_GET['mode'])
- {
- case 'delete':
- {
- $gid = $_GET['id'];
- Secure::group_exists($gid);
- $sql = "DELETE FROM ".GROUPS_TABLE." WHERE `g_id`='$gid'";
- DataBase::sql_query($sql,GENERAL,'Could not delete group.');
- $sql = "DELETE FROM ".USERS_GROUP_TABLE." WHERE `g_id`='$gid'";
- DataBase::sql_query($sql,GENERAL,'Could users in group.');
- GenerateDefaultDisplay();
- break;
- }
- case 'add':
- {
- global $lng;
- global $forum_config;
- global $_POST;
- if (isset($_POST['group_name']))
- {
- if (strlen(trim($_POST['group_name']))>=5)
- {
- $group_name = htmlspecialchars($_POST['group_name']);
- $group_desc = htmlspecialchars($_POST['group_desc']);
- $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
- $result = DataBase::fetch(DataBase::sql_query("SELECT `sort` FROM `".GROUPS_TABLE."`
- ORDER BY `sort` DESC LIMIT 1",GENERAL,'Could not obtain last category sort id'));
- $group_sort = $result['sort'];
- $group_sort = $group_sort+1;
- $result = DataBase::fetch(DataBase::sql_query("SELECT
- `g_id` FROM ".GROUPS_TABLE." ORDER BY `g_id` DESC LIMIT 1",GENERAL,'Could not obtain last group id.'));
- $group_id = $result['g_id'];
- $group_id = $group_id+1;
- $sql = "INSERT INTO ".GROUPS_TABLE." VALUES ('$group_id', '$group_name', '$group_desc', '$group_mod', '$group_sort')";
- DataBase::sql_query($sql, GENERAL, 'Could not add group');
- unset($group_name, $group_desc, $group_mod, $group_id);
- admin_message_forum($lng['group_saved'],'admin_groups.php');
- }
- else
- {
- $msg = './template/post_error_body.tpl';
- $message = $lng['to_short_group_name'];
- }
- }
- else
- {
- $_POST['group_name'] = '';
- $_POST['group_desc'] = '';
- $_POST['group_mod'] = '';
- $msg='./template/blank.tpl';
- }
- $skin = array(
- 'L.save'=>$lng['submit'],
- 'L.reset'=>$lng['reset'],
- 'L.group_name'=>$lng['group_name'],
- 'L.group_desc'=>$lng['group_desc'],
- 'L.group_mod'=>$lng['group_mod'],
- 'L.main_beam'=>$lng['new_group'],
- 'action'=>'admin_groups.php?mode=add',
- 'L.groups' => $lng['admin_groups']
- );
- Admin_Over::GenerateHeader();
- require('./template/group_new_edit_body.tpl');
- require('./template/overall_footer.tpl');
- break;
- }
- case 'edit':
- {
- global $lng;
- $gid = $_GET['id'];
- global $forum_config;
- global $_POST;
- Secure::group_exists($gid);
- if (isset($_POST['group_name']))
- {
- if (strlen(trim($_POST['group_name']))>=5)
- {
- $group_name = htmlspecialchars($_POST['group_name']);
- $group_desc = htmlspecialchars($_POST['group_desc']);
- $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
- $group_id = htmlspecialchars($gid);
- $sql = "UPDATE ".GROUPS_TABLE." SET
- `name` = '$group_name',
- `desc` = '$group_desc',
- `m_id` = '$group_mod'
- WHERE `g_id` = '$group_id'";
- DataBase::sql_query($sql, GENERAL, 'Could not update group');
- unset($group_name, $group_desc, $group_mod, $group_id);
- admin_message_forum($lng['group_saved'],'admin_groups.php');
- }
- else
- {
- $msg = './template/post_error_body.tpl';
- $message = $lng['to_short_group_name'];
- }
- }
- else
- {
- $sql = "SELECT * FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'";
- $g = DataBase::fetch(DataBase::sql_query($sql, GENERAL,'Could not obtain group information.'));
- $_POST['group_name'] = $g['name'];
- $_POST['group_desc'] = $g['desc'];
- $_POST['group_mod'] = User::UserInformation($g['m_id'],'nick');
- $msg='./template/blank.tpl';
- }
- $skin = array(
- 'L.save'=>$lng['submit'],
- 'L.reset'=>$lng['reset'],
- 'L.group_name'=>$lng['group_name'],
- 'L.group_desc'=>$lng['group_desc'],
- 'L.group_mod'=>$lng['group_mod'],
- 'L.main_beam'=>$lng['edit_group'],
- 'action'=>'admin_groups.php?mode=edit&id='.$gid,
- 'L.groups' => $lng['admin_groups']
- );
- Admin_Over::GenerateHeader();
- require('./template/group_new_edit_body.tpl');
- require('./template/overall_footer.tpl');
- break;
- }
- case 'moveup':
- {
- if (isset($_GET['id']))
- {
- $i1 = intval($_GET['id']);
- $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
- $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
- $s1 = $s1['sort'];
- $s2 = $s1 -1;
- if ($s1>1)
- {
- $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
- $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
- $i2 = $s2['g_id'];
- $s2 = $s2['sort'];
- $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
- DataBase::sql_query($sql,GENERAL,'Could not update group position');
- $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
- DataBase::sql_query($sql,GENERAL,'Could not update group position');
- }
- }
- GenerateDefaultDisplay();
- break;
- }
- case 'movedown':
- {
- if (isset($_GET['id']))
- {
- $i1 = intval($_GET['id']);
- $i2 = $i1 +1;
- $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
- $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
- $s1 = $s1['sort'];
- $s2 = $s1 +1;
- $sql = "SELECT `g_id` FROM ".GROUPS_TABLE;
- $count = DataBase::num_rows(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
- if ($s1<$count)
- {
- $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
- $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
- $i2 = $s2['g_id'];
- $s2 = $s2['sort'];
- $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
- DataBase::sql_query($sql,GENERAL,'Could not update group position');
- $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
- DataBase::sql_query($sql,GENERAL,'Could not update group position');
- }
- }
- GenerateDefaultDisplay();
- break;
- }
- case 'view':
- {
- GenerateDefaultDisplay();
- break;
- }
- default:
- {
- header('Location: admin_groups.php?mode=view');
- break;
- }
- }
- @ini_set('display_errors', '1');
- ?>
|