* @link http://pioder.gim2przemysl.int.pl/dsf.html * @license GNU GPL v3 **/ define('IN_uF', true); //include files include('./../config.php'); include('./../includes/constants.php'); include('./../includes/class_db.php'); include('./../includes/class_error.php'); include('./../includes/classes/class_pms.php'); //connect to database DataBase::db_connect(); include('./../includes/sessions.php'); include('./../includes/class_user.php'); include('./../common.php'); include('./../includes/admin/class_main.php'); include('./../includes/class_forum.php'); include('./../includes/admin/class_forum.php'); include('./../includes/classes/secure.php'); include('./../lngs/'.Admin_Over::DefaultLang().'/admin.php'); sess_del_invalid($_SESSION['uid']); sess_register($_SESSION['uid']); sess_delete_old(); if (User::UserInformation($_SESSION['uid'],'rank')!=2) { admin_message_forum($lng['yournotadmin'],'../index.php'); } function GenerateDefaultDisplay() { global $lng; global $default_skin; global $forum_config; $skin['L.groups'] = $lng['admin_groups']; $skin['L.new_group'] = $lng['new_group']; Admin_Over::GenerateHeader(); include('./template/groups_beam_body.tpl'); $sql = "SELECT `g_id`, `name`, `desc` FROM `".GROUPS_TABLE."` ORDER BY `sort`"; $query = DataBase::sql_query($sql, 'GENERAL', 'Could not obtain groups information.'); while($item = mysql_fetch_array($query)) { $skin = array( 'g_id'=>$item['g_id'], 'name'=>$item['name'], 'desc'=>$item['desc'], 'move_up'=>$lng['moveup'], 'move_down'=>$lng['movedown'], 'delete'=>$lng['delete'], 'c_delete'=>$lng['c_delete_group'] ); include('./template/group_add_body.tpl'); } echo ''; include('./template/overall_footer.tpl'); } if (!isset($_GET['mode'])) { header('Location: admin_groups.php?mode=view'); } switch($_GET['mode']) { case 'delete': { $gid = $_GET['id']; Secure::group_exists($gid); $sql = "DELETE FROM ".GROUPS_TABLE." WHERE `g_id`='$gid'"; DataBase::sql_query($sql,'GENERAL','Could not delete group.'); $sql = "DELETE FROM ".USERS_GROUP_TABLE." WHERE `g_id`='$gid'"; DataBase::sql_query($sql,'GENERAL','Could users in group.'); GenerateDefaultDisplay(); break; } case 'add': { global $lng; global $forum_config; global $_POST; if (isset($_POST['group_name'])) { if (strlen(trim($_POST['group_name']))>=5) { $group_name = htmlspecialchars($_POST['group_name']); $group_desc = htmlspecialchars($_POST['group_desc']); $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod'])); $result = @mysql_fetch_array(DataBase::sql_query("SELECT `sort` FROM `".GROUPS_TABLE."` ORDER BY `sort` DESC LIMIT 1",'GENERAL','Could not obtain last category sort id')); $group_sort = $result['sort']; $group_sort = $group_sort+1; $result = @mysql_fetch_array(DataBase::sql_query("SELECT `g_id` FROM ".GROUPS_TABLE." ORDER BY `g_id` DESC LIMIT 1",'GENERAL','Could not obtain last group id.')); $group_id = $result['g_id']; $group_id = $group_id+1; $sql = "INSERT INTO ".GROUPS_TABLE." VALUES ('$group_id', '$group_name', '$group_desc', '$group_mod', '$group_sort')"; DataBase::sql_query($sql, 'GENERAL', 'Could not add group'); unset($group_name, $group_desc, $group_mod, $group_id); admin_message_forum($lng['group_saved'],'admin_groups.php'); } else { $msg = './template/post_error_body.tpl'; $message = $lng['to_short_group_name']; } } else { $_POST['group_name'] = ''; $_POST['group_desc'] = ''; $_POST['group_mod'] = ''; $msg='./template/blank.tpl'; } $skin = array( 'L.save'=>$lng['submit'], 'L.reset'=>$lng['reset'], 'L.group_name'=>$lng['group_name'], 'L.group_desc'=>$lng['group_desc'], 'L.group_mod'=>$lng['group_mod'], 'L.main_beam'=>$lng['new_group'], 'action'=>'admin_groups.php?mode=add', 'L.groups' => $lng['admin_groups'] ); Admin_Over::GenerateHeader(); include('./template/group_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } case 'edit': { global $lng; $gid = $_GET['id']; global $forum_config; global $_POST; Secure::group_exists($gid); if (isset($_POST['group_name'])) { if (strlen(trim($_POST['group_name']))>=5) { $group_name = htmlspecialchars($_POST['group_name']); $group_desc = htmlspecialchars($_POST['group_desc']); $group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod'])); $group_id = htmlspecialchars($gid); $sql = "UPDATE ".GROUPS_TABLE." SET `name` = '$group_name', `desc` = '$group_desc', `m_id` = '$group_mod' WHERE `g_id` = '$group_id'"; DataBase::sql_query($sql, 'GENERAL', 'Could not update group'); unset($group_name, $group_desc, $group_mod, $group_id); admin_message_forum($lng['group_saved'],'admin_groups.php'); } else { $msg = './template/post_error_body.tpl'; $message = $lng['to_short_group_name']; } } else { $sql = "SELECT * FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'"; $g = @mysql_fetch_array(DataBase::sql_query($sql, 'GENERAL','Could not obtain group information.')); $_POST['group_name'] = $g['name']; $_POST['group_desc'] = $g['desc']; $_POST['group_mod'] = User::UserInformation($g['m_id'],'nick'); $msg='./../skins/'.$default_skin.'/blank.tpl'; } $skin = array( 'L.save'=>$lng['submit'], 'L.reset'=>$lng['reset'], 'L.group_name'=>$lng['group_name'], 'L.group_desc'=>$lng['group_desc'], 'L.group_mod'=>$lng['group_mod'], 'L.main_beam'=>$lng['edit_group'], 'action'=>'admin_groups.php?mode=edit&id='.$gid, 'L.groups' => $lng['admin_groups'] ); Admin_Over::GenerateHeader(); include('./template/group_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } case 'moveup': { if (isset($_GET['id'])) { $i1 = intval($_GET['id']); $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'"; $s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.')); $s1 = $s1['sort']; $s2 = $s1 -1; if ($s1>1) { $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'"; $s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.')); $i2 = $s2['g_id']; $s2 = $s2['sort']; $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'"; DataBase::sql_query($sql,'GENERAL','Could not update group position'); $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'"; DataBase::sql_query($sql,'GENERAL','Could not update group position'); } } GenerateDefaultDisplay(); break; } case 'movedown': { if (isset($_GET['id'])) { $i1 = intval($_GET['id']); $i2 = $i1 +1; $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'"; $s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.')); $s1 = $s1['sort']; $s2 = $s1 +1; $sql = "SELECT `g_id` FROM ".GROUPS_TABLE; $count = @mysql_num_rows(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.')); if ($s1<$count) { $sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'"; $s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain group information.')); $i2 = $s2['g_id']; $s2 = $s2['sort']; $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'"; DataBase::sql_query($sql,'GENERAL','Could not update group position'); $sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'"; DataBase::sql_query($sql,'GENERAL','Could not update group position'); } } GenerateDefaultDisplay(); break; } case 'view': { GenerateDefaultDisplay(); break; } default: { header('Location: admin_groups.php?mode=view'); break; } } @ini_set('display_errors', '1'); ?>