A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

248 lines
8.1 KiB

<?php
/**
* @package uForum
* @file admin/admin_groups.php
* @version $Id$
* @copyright 2007-2010 (c) PioDer <[email protected]>
* @link http://www.pioder.pl/
* @license see LICENSE.txt
**/
define('IN_uF', true);
//include files
require('./../config.php');
require('./../includes/constants.php');
require('./../includes/db.php');
require('./../includes/errors.php');
require('./../includes/classes/class_pms.php');
//connect to database
DataBase::db_connect();
require('./../includes/sessions.php');
require('./../includes/classes/class_user.php');
require('./../common.php');
require('./../includes/admin/class_main.php');
require('./../includes/classes/class_forum.php');
require('./../includes/admin/class_forum.php');
require('./../includes/classes/secure.php');
require('./../lngs/'.Admin_Over::DefaultLang().'/admin.php');
SessDelInvalid();
SessRegister();
SessDeleteOld();
if (User::UserInformation($_SESSION['uid'],'rank')!=2)
{
admin_message_forum($lng['yournotadmin'],'../index.php');
}
function GenerateDefaultDisplay()
{
global $lng;
global $default_skin;
global $forum_config;
$skin['L.groups'] = $lng['admin_groups'];
$skin['L.new_group'] = $lng['new_group'];
Admin_Over::GenerateHeader();
require('./template/groups_beam_body.tpl');
$sql = "SELECT `g_id`, `name`, `desc` FROM `".GROUPS_TABLE."` ORDER BY `sort`";
$query = DataBase::sql_query($sql, GENERAL, 'Could not obtain groups information.');
while($item = DataBase::fetch($query))
{
$skin = array(
'g_id'=>$item['g_id'],
'name'=>$item['name'],
'desc'=>$item['desc'],
'move_up'=>$lng['moveup'],
'move_down'=>$lng['movedown'],
'delete'=>$lng['delete'],
'c_delete'=>$lng['c_delete_group']
);
require('./template/group_add_body.tpl');
}
echo '</table>';
require('./template/overall_footer.tpl');
}
if (!isset($_GET['mode']))
{
header('Location: admin_groups.php?mode=view');
}
switch($_GET['mode'])
{
case 'delete':
{
$gid = $_GET['id'];
Secure::group_exists($gid);
$sql = "DELETE FROM ".GROUPS_TABLE." WHERE `g_id`='$gid'";
DataBase::sql_query($sql,GENERAL,'Could not delete group.');
$sql = "DELETE FROM ".USERS_GROUP_TABLE." WHERE `g_id`='$gid'";
DataBase::sql_query($sql,GENERAL,'Could users in group.');
GenerateDefaultDisplay();
break;
}
case 'add':
{
global $lng;
global $forum_config;
global $_POST;
if (isset($_POST['group_name']))
{
if (strlen(trim($_POST['group_name']))>=5)
{
$group_name = htmlspecialchars($_POST['group_name']);
$group_desc = htmlspecialchars($_POST['group_desc']);
$group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
$result = DataBase::fetch(DataBase::sql_query("SELECT `sort` FROM `".GROUPS_TABLE."`
ORDER BY `sort` DESC LIMIT 1",GENERAL,'Could not obtain last category sort id'));
$group_sort = $result['sort'];
$group_sort = $group_sort+1;
$result = DataBase::fetch(DataBase::sql_query("SELECT
`g_id` FROM ".GROUPS_TABLE." ORDER BY `g_id` DESC LIMIT 1",GENERAL,'Could not obtain last group id.'));
$group_id = $result['g_id'];
$group_id = $group_id+1;
$sql = "INSERT INTO ".GROUPS_TABLE." VALUES ('$group_id', '$group_name', '$group_desc', '$group_mod', '$group_sort')";
DataBase::sql_query($sql, GENERAL, 'Could not add group');
unset($group_name, $group_desc, $group_mod, $group_id);
admin_message_forum($lng['group_saved'],'admin_groups.php');
}
else
{
$msg = './template/post_error_body.tpl';
$message = $lng['to_short_group_name'];
}
}
else
{
$_POST['group_name'] = '';
$_POST['group_desc'] = '';
$_POST['group_mod'] = '';
$msg='./template/blank.tpl';
}
$skin = array(
'L.save'=>$lng['submit'],
'L.reset'=>$lng['reset'],
'L.group_name'=>$lng['group_name'],
'L.group_desc'=>$lng['group_desc'],
'L.group_mod'=>$lng['group_mod'],
'L.main_beam'=>$lng['new_group'],
'action'=>'admin_groups.php?mode=add',
'L.groups' => $lng['admin_groups']
);
Admin_Over::GenerateHeader();
require('./template/group_new_edit_body.tpl');
require('./template/overall_footer.tpl');
break;
}
case 'edit':
{
global $lng;
$gid = $_GET['id'];
global $forum_config;
global $_POST;
Secure::group_exists($gid);
if (isset($_POST['group_name']))
{
if (strlen(trim($_POST['group_name']))>=5)
{
$group_name = htmlspecialchars($_POST['group_name']);
$group_desc = htmlspecialchars($_POST['group_desc']);
$group_mod = User::UserIdByNick(htmlspecialchars($_POST['group_mod']));
$group_id = htmlspecialchars($gid);
$sql = "UPDATE ".GROUPS_TABLE." SET
`name` = '$group_name',
`desc` = '$group_desc',
`m_id` = '$group_mod'
WHERE `g_id` = '$group_id'";
DataBase::sql_query($sql, GENERAL, 'Could not update group');
unset($group_name, $group_desc, $group_mod, $group_id);
admin_message_forum($lng['group_saved'],'admin_groups.php');
}
else
{
$msg = './template/post_error_body.tpl';
$message = $lng['to_short_group_name'];
}
}
else
{
$sql = "SELECT * FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'";
$g = DataBase::fetch(DataBase::sql_query($sql, GENERAL,'Could not obtain group information.'));
$_POST['group_name'] = $g['name'];
$_POST['group_desc'] = $g['desc'];
$_POST['group_mod'] = User::UserInformation($g['m_id'],'nick');
$msg='./template/blank.tpl';
}
$skin = array(
'L.save'=>$lng['submit'],
'L.reset'=>$lng['reset'],
'L.group_name'=>$lng['group_name'],
'L.group_desc'=>$lng['group_desc'],
'L.group_mod'=>$lng['group_mod'],
'L.main_beam'=>$lng['edit_group'],
'action'=>'admin_groups.php?mode=edit&id='.$gid,
'L.groups' => $lng['admin_groups']
);
Admin_Over::GenerateHeader();
require('./template/group_new_edit_body.tpl');
require('./template/overall_footer.tpl');
break;
}
case 'moveup':
{
if (isset($_GET['id']))
{
$i1 = intval($_GET['id']);
$sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
$s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
$s1 = $s1['sort'];
$s2 = $s1 -1;
if ($s1>1)
{
$sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
$s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
$i2 = $s2['g_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
DataBase::sql_query($sql,GENERAL,'Could not update group position');
$sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
DataBase::sql_query($sql,GENERAL,'Could not update group position');
}
}
GenerateDefaultDisplay();
break;
}
case 'movedown':
{
if (isset($_GET['id']))
{
$i1 = intval($_GET['id']);
$i2 = $i1 +1;
$sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `g_id`='$i1'";
$s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
$s1 = $s1['sort'];
$s2 = $s1 +1;
$sql = "SELECT `g_id` FROM ".GROUPS_TABLE;
$count = DataBase::num_rows(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
if ($s1<$count)
{
$sql = "SELECT `sort`, `g_id` FROM ".GROUPS_TABLE." WHERE `sort`='$s2'";
$s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain group information.'));
$i2 = $s2['g_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s2' WHERE `g_id`='$i1'";
DataBase::sql_query($sql,GENERAL,'Could not update group position');
$sql = "UPDATE ".GROUPS_TABLE." SET `sort`='$s1' WHERE `g_id`='$i2'";
DataBase::sql_query($sql,GENERAL,'Could not update group position');
}
}
GenerateDefaultDisplay();
break;
}
case 'view':
{
GenerateDefaultDisplay();
break;
}
default:
{
header('Location: admin_groups.php?mode=view');
break;
}
}
@ini_set('display_errors', '1');
?>