plugins/admin/GroupManager.php
author Dan
Wed, 08 Jul 2009 18:49:04 -0400
changeset 1038 6a04793ae13c
parent 801 eb8b23f11744
child 1081 745200a9cc2a
permissions -rw-r--r--
SECURITY: Fixed potential XSS in $output->set_title() (introduced: 1.1.6)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     1
<?php
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     2
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     3
/*
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 685
diff changeset
     5
 * Version 1.1.6 (Caoineag beta 1)
536
218a627eb53e Rebrand as 1.1.4 (Caoineag alpha 4)
Dan
parents: 504
diff changeset
     6
 * Copyright (C) 2006-2008 Dan Fuhry
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     7
 *
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     8
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
     9
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    10
 *
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    11
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    12
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    13
 */
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    14
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    15
// Usergroup editor
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    16
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    17
function page_Admin_GroupManager()
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    18
{
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    19
  global $db, $session, $paths, $template, $plugins; // Common objects
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    20
  global $lang;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    21
  if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    22
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    23
    $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    24
    echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    25
    echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    26
    return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    27
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    28
  
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    29
  if(isset($_POST['do_create_stage1']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    30
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    31
    if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    32
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    33
      echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    34
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    35
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    36
    echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    37
    echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    38
          <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    39
          <tr><th colspan="2">' . $lang->get('acpug_heading_creating_group') . ' '.htmlspecialchars($_POST['create_group_name']).'</th></tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    40
          <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    41
            <td class="row1">' . $lang->get('acpug_field_group_mod') . '</td><td class="row1">' . $template->username_field('group_mod') . '</td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    42
          </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    43
          <tr><td class="row2">' . $lang->get('acpug_field_group_type') . '</td><td class="row2">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    44
            <label><input type="radio" name="group_status" value="'.GROUP_CLOSED.'" checked="checked" /> ' . $lang->get('groupcp_type_hidden') . '</label><br />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    45
            <label><input type="radio" name="group_status" value="'.GROUP_REQUEST.'" /> ' . $lang->get('groupcp_type_closed') . '</label><br />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    46
            <label><input type="radio" name="group_status" value="'.GROUP_OPEN.'" /> ' . $lang->get('groupcp_type_request') . '</label><br />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    47
            <label><input type="radio" name="group_status" value="'.GROUP_HIDDEN.'" /> ' . $lang->get('groupcp_type_open') . '</label>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    48
          </td></tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    49
          <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    50
            <th class="subhead" colspan="2">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    51
              <input type="hidden" name="create_group_name" value="'.htmlspecialchars($_POST['create_group_name']).'" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    52
              <input type="submit" name="do_create_stage2" value="' . $lang->get('acpug_btn_create_stage2') . '" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    53
            </th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    54
          </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    55
          </table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    56
          </div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    57
    echo '</form>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    58
    return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    59
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    60
  elseif(isset($_POST['do_create_stage2']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    61
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    62
    if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    63
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    64
      echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    65
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    66
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    67
    if(!in_array(intval($_POST['group_status']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST)))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    68
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    69
      echo '<p>Hacking attempt</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    70
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    71
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    72
    $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    73
    if(!$e)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    74
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    75
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    76
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    77
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    78
    if($db->numrows() > 0)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    79
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    80
      echo '<p>' . $lang->get('acpug_err_already_exist') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    81
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    82
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    83
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    84
    $q = $db->sql_query('INSERT INTO '.table_prefix.'groups(group_name,group_type) VALUES( \''.$db->escape($_POST['create_group_name']).'\', ' . intval($_POST['group_status']) . ' )');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    85
    if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    86
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    87
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    88
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    89
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    90
    $e = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['group_mod']).'\';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    91
    if(!$e)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    92
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    93
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    94
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    95
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    96
    if($db->numrows() < 1)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    97
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    98
      echo '<p>' . $lang->get('acpug_err_bad_username') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
    99
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   100
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   101
    $row = $db->fetchrow();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   102
    $id = $row['user_id'];
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   103
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   104
    $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   105
    if(!$e)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   106
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   107
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   108
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   109
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   110
    if($db->numrows() < 1)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   111
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   112
      echo '<p>' . $lang->get('acpug_err_bad_insert_id') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   113
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   114
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   115
    $row = $db->fetchrow();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   116
    $gid = $row['group_id'];
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   117
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   118
    $e = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.$gid.', '.$id.', 1);');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   119
    if(!$e)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   120
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   121
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   122
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   123
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   124
    $g_name = htmlspecialchars($_POST['create_group_name']);
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   125
    echo "<div class='info-box'>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   126
            <b>" . $lang->get('acpug_heading_info') . "</b><br />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   127
            " . $lang->get('acpug_msg_create_success', array('g_name' => $g_name)) . "
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   128
          </div>";
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   129
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   130
  if(isset($_POST['do_edit']) || isset($_POST['edit_do']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   131
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   132
    // Fetch the group name
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   133
    $q = $db->sql_query('SELECT group_name,system_group,group_rank FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   134
    if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   135
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   136
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   137
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   138
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   139
    if($db->numrows() < 1)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   140
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   141
      echo '<p>Error: couldn\'t look up group name</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   142
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   143
    $row = $db->fetchrow();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   144
    $name = htmlspecialchars($row['group_name']);
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   145
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   146
    if(isset($_POST['edit_do']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   147
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   148
      if(isset($_POST['edit_do']['del_group']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   149
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   150
        if ( $row['system_group'] == 1 )
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   151
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   152
          echo '<div class="error-box">' . $lang->get('acpug_err_nodelete_system_group', array('g_name' => $name)) . '</div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   153
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   154
        else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   155
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   156
          $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE group_id='.intval($_POST['group_edit_id']).';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   157
          if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   158
          {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   159
            echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   160
            return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   161
          }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   162
          $q = $db->sql_query('DELETE FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   163
          if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   164
          {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   165
            echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   166
            return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   167
          }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   168
          echo '<div class="info-box">' . $lang->get('acpug_msg_delete_success', array('g_name' => $name, 'a_flags' => 'href="javascript:ajaxPage(\'' . $paths->nslist['Admin'] . 'GroupManager\');"')) . '</div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   169
          return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   170
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   171
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   172
      if(isset($_POST['edit_do']['save_name']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   173
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   174
        if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   175
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   176
          echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   177
          return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   178
        }
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   179
        // determine rank
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   180
        $group_rank =& $_POST['group_rank'];
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   181
        if ( $_POST['group_rank'] !== 'NULL' )
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   182
        {
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   183
          $group_rank = intval($group_rank);
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   184
          if ( empty($group_rank) )
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   185
          {
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   186
            echo '<p>Hacked rank ID</p>';
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   187
            return;
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   188
          }
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   189
        }
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   190
        $row['group_rank'] = $group_rank;
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   191
        $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\',group_rank = ' . $group_rank . '
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   192
            WHERE group_id='.intval($_POST['group_edit_id']).';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   193
        if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   194
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   195
          echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   196
          return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   197
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   198
        else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   199
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   200
          echo '<div class="info-box" style="margin: 0 0 10px 0;"">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   201
                  ' . $lang->get('acpug_msg_name_update_success') . '
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   202
                </div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   203
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   204
        $name = htmlspecialchars($_POST['group_name']);
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   205
        
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   206
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   207
      $q = $db->sql_query('SELECT member_id FROM '.table_prefix.'group_members
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   208
                             WHERE group_id='.intval($_POST['group_edit_id']).';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   209
      if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   210
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   211
        echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   212
        return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   213
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   214
      if($db->numrows() > 0)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   215
      {
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   216
        while($delrow = $db->fetchrow($q))
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   217
        {
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   218
          if(isset($_POST['edit_do']['del_' . $delrow['member_id']]))
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   219
          {
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   220
            $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$delrow['member_id']);
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   221
            if(!$e)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   222
            {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   223
              echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   224
              return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   225
            }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   226
          }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   227
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   228
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   229
      $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   230
      if(isset($_POST['edit_do']['add_member']))
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   231
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   232
        $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['edit_add_username']).'\';');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   233
        if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   234
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   235
          echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   236
          return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   237
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   238
        if($db->numrows() > 0)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   239
        {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   240
          $row = $db->fetchrow();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   241
          $user_id = $row['user_id'];
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   242
          $is_mod = ( isset( $_POST['add_mod'] ) ) ? '1' : '0';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   243
          $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.intval($_POST['group_edit_id']).','.$user_id.','.$is_mod.');');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   244
          if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   245
          {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   246
            echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   247
            return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   248
          }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   249
          else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   250
          {
541
acb7e23b6ffa Massive commit with various changes. Added user ranks system (no admin interface yet) and ability for users to have custom user titles. Made cron framework accept fractions of hours through floating-point intervals. Modifed ACL editor to use miniPrompt framework for close confirmation box. Made avatar system use a special page as opposed to fetching the files directly for caching reasons.
Dan
parents: 536
diff changeset
   251
            
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   252
            echo '<div class="info-box" style="margin: 0 0 10px 0;"">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   253
                    ' . $lang->get('acpug_msg_user_added', array('username' => htmlspecialchars($_POST['edit_add_username']))) . '
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   254
                  </div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   255
          }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   256
        }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   257
        else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   258
          echo '<div class="warning-box">' . $lang->get('acpug_err_username_not_exist', array('username' => htmlspecialchars($_POST['edit_add_username']))) . '</div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   259
      }
573
43e7254afdb4 Renamed some functions (that were new in this release anyway) due to compatibility broken with PunBB bridge
Dan
parents: 541
diff changeset
   260
      generate_cache_userranks();
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   261
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   262
    $sg_disabled = ( $row['system_group'] == 1 ) ?
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   263
             ' value="' . $lang->get('acpug_btn_cant_delete') . '" disabled="disabled" style="color: #FF9773" ' :
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   264
             ' value="' . $lang->get('acpug_btn_delete_group') . '" style="color: #FF3713" ';
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   265
    
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   266
    // build rank list
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   267
    $q = $db->sql_query('SELECT rank_id, rank_title FROM ' . table_prefix . 'ranks');
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   268
    if ( !$q )
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   269
      $db->_die();
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   270
    $rank_list = '<option value="NULL"' . ( $row['group_rank'] === NULL ? ' selected="selected"' : '' ) . '>--</option>' . "\n";
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   271
    while ( $rank_row = $db->fetchrow() )
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   272
    {
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   273
      $rank_list .= '<option value="' . $rank_row['rank_id'] . '"' . ( $rank_row['rank_id'] == $row['group_rank'] ? ' selected="selected"' : '' ) . '>' . htmlspecialchars($lang->get($rank_row['rank_title'])) . '</option>' . "\n";
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   274
    }
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   275
             
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   276
    echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   277
    echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   278
          <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   279
          <tr><th>' . $lang->get('acpug_heading_edit_name') . '</th></tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   280
          <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   281
            <td class="row1">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   282
              ' . $lang->get('acpug_field_group_name') . ' <input type="text" name="group_name" value="'.$name.'" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   283
            </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   284
          </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   285
          <tr>
631
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   286
            <td class="row1">
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   287
              ' . $lang->get('acpug_field_group_rank') . ' <select name="group_rank" />' . $rank_list . '</select>
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   288
            </td>
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   289
          </tr>
f4f4146d8b6c Added group_rank option in admin group manager and user_title option in admin user manager
Dan
parents: 573
diff changeset
   290
          <tr>
347
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   291
            <th class="subhead">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   292
              <input type="submit" name="edit_do[save_name]" value="' . $lang->get('acpug_btn_save_name') . '" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   293
              <input type="submit" name="edit_do[del_group]" '.$sg_disabled.' />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   294
            </th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   295
          </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   296
          </table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   297
          </div>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   298
          <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   299
    echo '</form>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   300
    echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   301
    echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   302
          <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   303
          <tr><th colspan="3">' . $lang->get('acpug_heading_edit_members') . '</th></tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   304
    $q = $db->sql_query('SELECT m.member_id,m.is_mod,u.username FROM '.table_prefix.'group_members AS m
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   305
                           LEFT JOIN '.table_prefix.'users AS u
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   306
                             ON u.user_id=m.user_id
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   307
                             WHERE m.group_id='.intval($_POST['group_edit_id']).'
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   308
                           ORDER BY m.is_mod DESC, u.username ASC;');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   309
    if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   310
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   311
      echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   312
      return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   313
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   314
    if($db->numrows() < 1)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   315
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   316
      echo '<tr><td colspan="3" class="row1">' . $lang->get('acpug_msg_no_members') . '</td></tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   317
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   318
    else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   319
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   320
      $cls = 'row2';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   321
      while($row = $db->fetchrow())
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   322
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   323
        $cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   324
        $mod = ( $row['is_mod'] == 1 ) ? $lang->get('acpug_lbl_member_mod') : '';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   325
        echo '<tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   326
                <td class="'.$cls.'" style="width: 100%;">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   327
                  ' . $row['username'] . '
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   328
                </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   329
                <td class="'.$cls.'">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   330
                  '.$mod.'
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   331
                </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   332
                <td class="'.$cls.'">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   333
                  <input type="submit" name="edit_do[del_'.$row['member_id'].']" value="' . $lang->get('acpug_btn_remove_member') . '" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   334
                </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   335
              </tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   336
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   337
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   338
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   339
    echo '</table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   340
          </div>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   341
          <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   342
    echo '</form>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   343
    echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   344
    echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   345
          <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   346
            <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   347
              <th>' . $lang->get('acpug_heading_add_member') . '</th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   348
            </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   349
            <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   350
              <td class="row1">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   351
                ' . $lang->get('acpug_field_username') . ' ' . $template->username_field('edit_add_username') . '
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   352
              </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   353
            </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   354
            <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   355
              <td class="row2">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   356
                <label><input type="checkbox" name="add_mod" /> ' . $lang->get('acpug_field_make_mod') . '</label>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   357
                ' . $lang->get('acpug_field_make_mod_hint') . '
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   358
              </td>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   359
            </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   360
            <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   361
              <th class="subhead">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   362
                <input type="submit" name="edit_do[add_member]" value="' . $lang->get('acpug_btn_add_user') . '" />
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   363
              </th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   364
            </tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   365
          </table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   366
          </div>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   367
          <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   368
    echo '</form>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   369
    return;
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   370
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   371
  echo '<h3>' . $lang->get('acpug_heading_main') . '</h3>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   372
  echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   373
  $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups ORDER BY group_name ASC;');
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   374
  if(!$q)
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   375
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   376
    echo $db->get_error();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   377
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   378
  else
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   379
  {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   380
    echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   381
          <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   382
          <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   383
          <th>' . $lang->get('acpug_heading_edit_existing') . '</th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   384
          </tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   385
    echo '<tr><td class="row2"><select name="group_edit_id">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   386
    while ( $row = $db->fetchrow() )
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   387
    {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   388
      if ( $row['group_name'] != 'Everyone' )
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   389
      {
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   390
        echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars( $row['group_name'] ) . '</option>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   391
      }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   392
    }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   393
    $db->free_result();
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   394
    echo '</select></td></tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   395
    echo '<tr><td class="row1" style="text-align: center;"><input type="submit" name="do_edit" value="' . $lang->get('acpug_btn_edit_stage1') . '" /></td></tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   396
          </table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   397
          </div>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   398
          </form><br />';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   399
  }
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   400
  echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   401
  echo '<div class="tblholder">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   402
        <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   403
        <tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   404
        <th colspan="2">' . $lang->get('acpug_heading_create_new') . '</th>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   405
        </tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   406
  echo '<tr><td class="row2">' . $lang->get('acpug_field_group_name') . '</td><td class="row2"><input type="text" name="create_group_name" /></td></tr>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   407
  echo '<tr><td colspan="2" class="row1" style="text-align: center;"><input type="submit" name="do_create_stage1" value="' . $lang->get('acpug_btn_create_stage1') . ' &raquo;" /></td></tr>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   408
        </table>
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   409
        </div>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   410
  echo '</form>';
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   411
}
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   412
299a90e28abc Localized and separated Admin:GroupManager
Dan
parents:
diff changeset
   413
?>