16   global $db, $session, $paths, $template, $plugins; // Common objects

    16 	global $db, $session, $paths, $template, $plugins; // Common objects

    17   global $lang;

    17 	global $lang;

    18   if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )

    18 	if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )

    19   {

    19 	{

    20     $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);

    20 		$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);

    21     echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';

    21 		echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';

    22     echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';

    22 		echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';

    23     return;

    23 		return;

    24   }

    24 	}

    25   

    25 	

    26   if ( isset($_POST['action']) )

    26 	if ( isset($_POST['action']) )

    27   {

    27 	{

    28     if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )

    28 		if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )

    29     {

    29 		{

    30       switch ( isset($_POST['action']['create_stage2']) )

    30 			switch ( isset($_POST['action']['create_stage2']) )

    31       {

    31 			{

    32         case true:

    32 				case true:

    33           if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )

    33 					if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )

    34           {

    34 					{

    35             echo '<div class="error-box">' . $lang->get('acppg_err_need_name') . '</div>';

    35 						echo '<div class="error-box">' . $lang->get('acppg_err_need_name') . '</div>';

    36             return;

    36 						return;

    37           }

    37 					}

    38           if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )

    38 					if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )

    39           {

    39 					{

    40             echo '<div class="error-box">' . $lang->get('acppg_err_need_tag') . '</div>';

    40 						echo '<div class="error-box">' . $lang->get('acppg_err_need_tag') . '</div>';

    41             return;

    41 						return;

    42           }

    42 					}

    43           if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )

    43 					if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )

    44           {

    44 					{

    45             echo '<div class="error-box">' . $lang->get('acppg_err_need_cat') . '</div>';

    45 						echo '<div class="error-box">' . $lang->get('acppg_err_need_cat') . '</div>';

    46             return;

    46 						return;

    47           }

    47 					}

    48           if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )

    48 					if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )

    49           {

    49 					{

    50             echo '<div class="error-box">' . $lang->get('acppg_err_need_page') . '</div>';

    50 						echo '<div class="error-box">' . $lang->get('acppg_err_need_page') . '</div>';

    51             return;

    51 						return;

    52           }

    52 					}

    53           if ( $_POST['group_type'] == PAGE_GRP_REGEX && empty($_POST['regex']) )

    53 					if ( $_POST['group_type'] == PAGE_GRP_REGEX && empty($_POST['regex']) )

    54           {

    54 					{

    55             echo '<div class="error-box">' . $lang->get('acppg_err_need_regex') . '</div>';

    55 						echo '<div class="error-box">' . $lang->get('acppg_err_need_regex') . '</div>';

    56             return;

    56 						return;

    57           }

    57 					}

    58           if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL && $_POST['group_type'] != PAGE_GRP_REGEX )

    58 					if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL && $_POST['group_type'] != PAGE_GRP_REGEX )

    59           {

    59 					{

    60             echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';

    60 						echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';

    61             return;

    61 						return;

    62           }

    62 					}

    63           // All checks passed, create the group

    63 					// All checks passed, create the group

    64           switch($_POST['group_type'])

    64 					switch($_POST['group_type'])

    65           {

    65 					{

    66             case PAGE_GRP_TAGGED:

    66 						case PAGE_GRP_TAGGED:

    67               $name = $db->escape($_POST['pg_name']);

    67 							$name = $db->escape($_POST['pg_name']);

    68               $tag  = $db->escape($_POST['member_tag']);

    68 							$tag  = $db->escape($_POST['member_tag']);

    69               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';

    69 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';

    70               $q = $db->sql_query($sql);

    70 							$q = $db->sql_query($sql);

    71               if ( !$q )

    71 							if ( !$q )

    72                 $db->_die();

    72 								$db->_die();

    73               break;

    73 							break;

    74             case PAGE_GRP_CATLINK:

    74 						case PAGE_GRP_CATLINK:

    75               $name = $db->escape($_POST['pg_name']);

    75 							$name = $db->escape($_POST['pg_name']);

    76               $cat  = $db->escape($_POST['member_cat']);

    76 							$cat  = $db->escape($_POST['member_cat']);

    77               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';

    77 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';

    78               $q = $db->sql_query($sql);

    78 							$q = $db->sql_query($sql);

    79               if ( !$q )

    79 							if ( !$q )

    80                 $db->_die();

    80 								$db->_die();

    81               break;

    81 							break;

    82             case PAGE_GRP_NORMAL:

    82 						case PAGE_GRP_NORMAL:

    83               $name = $db->escape($_POST['pg_name']);

    83 							$name = $db->escape($_POST['pg_name']);

    84               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';

    84 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';

    85               $q = $db->sql_query($sql);

    85 							$q = $db->sql_query($sql);

    86               if ( !$q )

    86 							if ( !$q )

    87                 $db->_die();

    87 								$db->_die();

    88               

    88 							

    89               $ins_id = $db->insert_id();

    89 							$ins_id = $db->insert_id();

    90               

    90 							

    91               // Page list

    91 							// Page list

    92               $keys = array_keys($_POST);

    92 							$keys = array_keys($_POST);

    93               $arr_pages = array();

    93 							$arr_pages = array();

    94               foreach ( $keys as $val )

    94 							foreach ( $keys as $val )

    95               {

    95 							{

    96                 if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )

    96 								if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )

    97                 {

    97 								{

    98                   $arr_pages[] = $_POST[$val];

    98 									$arr_pages[] = $_POST[$val];

    99                 }

    99 								}

   100               }

   100 							}

   101               $arr_sql = array();

   101 							$arr_sql = array();

   102               foreach ( $arr_pages as $page )

   102 							foreach ( $arr_pages as $page )

   103               {

   103 							{

   104                 list($id, $ns) = RenderMan::strToPageID($page);

   104 								list($id, $ns) = RenderMan::strToPageID($page);

   105                 $id = sanitize_page_id($id);

   105 								$id = sanitize_page_id($id);

   106                 $arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';

   106 								$arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';

   107               }

   107 							}

   108               $sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';

   108 							$sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';

   109               $q = $db->sql_query($sql);

   109 							$q = $db->sql_query($sql);

   110               if ( !$q )

   110 							if ( !$q )

   111                 $db->_die();

   111 								$db->_die();

   112               break;

   112 							break;

   113             case PAGE_GRP_REGEX:

   113 						case PAGE_GRP_REGEX:

   114               $name  = $db->escape($_POST['pg_name']);

   114 							$name  = $db->escape($_POST['pg_name']);

   115               $regex = $db->escape($_POST['regex']);

   115 							$regex = $db->escape($_POST['regex']);

   116               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_REGEX . ', \'' . $name . '\', \'' . $regex . '\');';

   116 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_REGEX . ', \'' . $name . '\', \'' . $regex . '\');';

   117               $q = $db->sql_query($sql);

   117 							$q = $db->sql_query($sql);

   118               if ( !$q )

   118 							if ( !$q )

   119                 $db->_die();

   119 								$db->_die();

   120               break;

   120 							break;

   121           }

   121 					}

   122           echo '<div class="info-box">' . $lang->get('acppg_msg_create_success', array('group_name' => htmlspecialchars($_POST['pg_name']))) . '</div>';

   122 					echo '<div class="info-box">' . $lang->get('acppg_msg_create_success', array('group_name' => htmlspecialchars($_POST['pg_name']))) . '</div>';

   123           break;

   123 					break;

   124       }

   124 			}

   125       // A little Javascript magic

   125 			// A little Javascript magic

   126       ?>

   126 			?>

   127       <script language="javascript" type="text/javascript">

   127 			<script language="javascript" type="text/javascript">

   128         function pg_create_typeset(selector)

   128 				function pg_create_typeset(selector)

   129         {

   129 				{

   130           var pg_normal  = <?php echo PAGE_GRP_NORMAL; ?>;

   130 					var pg_normal  = <?php echo PAGE_GRP_NORMAL; ?>;

   131           var pg_tagged  = <?php echo PAGE_GRP_TAGGED; ?>;

   131 					var pg_tagged  = <?php echo PAGE_GRP_TAGGED; ?>;

   132           var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;

   132 					var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;

   133           var pg_regex   = <?php echo PAGE_GRP_REGEX; ?>;

   133 					var pg_regex   = <?php echo PAGE_GRP_REGEX; ?>;

   134           var selection = false;

   134 					var selection = false;

   135           // Get selection

   135 					// Get selection

   136           for ( var i = 0; i < selector.childNodes.length; i++ )

   136 					for ( var i = 0; i < selector.childNodes.length; i++ )

   137           {

   137 					{

   138             var child = selector.childNodes[i];

   138 						var child = selector.childNodes[i];

   139             if ( !child || child.tagName != 'OPTION' )

   139 						if ( !child || child.tagName != 'OPTION' )

   140             {

   140 						{

   141               continue;

   141 							continue;

   142             }

   142 						}

   143             if ( child.selected )

   143 						if ( child.selected )

   144             {

   144 						{

   145               selection = child.value;

   145 							selection = child.value;

   146             }

   146 						}

   147           }

   147 					}

   148           if ( !selection )

   148 					if ( !selection )

   149           {

   149 					{

   150             alert('Cannot get field value');

   150 						alert('Cannot get field value');

   151             return true;

   151 						return true;

   152           }

   152 					}

   153           selection = parseInt(selection);

   153 					selection = parseInt(selection);

   154           if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink && selection != pg_regex )

   154 					if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink && selection != pg_regex )

   155           {

   155 					{

   156             alert('Invalid field value');

   156 						alert('Invalid field value');

   157             return true;

   157 						return true;

   158           }

   158 					}

   159           

   159 					

   160           // We have the selection and it's validated; show the appropriate field group

   160 					// We have the selection and it's validated; show the appropriate field group

   161           

   161 					

   162           if ( selection == pg_normal )

   162 					if ( selection == pg_normal )

   163           {

   163 					{

   164             document.getElementById('pg_create_title_catlink').style.display = 'none';

   164 						document.getElementById('pg_create_title_catlink').style.display = 'none';

   165             document.getElementById('pg_create_catlink_1').style.display = 'none';

   165 						document.getElementById('pg_create_catlink_1').style.display = 'none';

   166             document.getElementById('pg_create_catlink_2').style.display = 'none';

   166 						document.getElementById('pg_create_catlink_2').style.display = 'none';

   167             

   167 						

   168             document.getElementById('pg_create_title_tagged').style.display = 'none';

   168 						document.getElementById('pg_create_title_tagged').style.display = 'none';

   169             document.getElementById('pg_create_tagged_1').style.display = 'none';

   169 						document.getElementById('pg_create_tagged_1').style.display = 'none';

   170             document.getElementById('pg_create_tagged_2').style.display = 'none';

   170 						document.getElementById('pg_create_tagged_2').style.display = 'none';

   171             

   171 						

   172             document.getElementById('pg_create_title_normal').style.display = 'inline';

   172 						document.getElementById('pg_create_title_normal').style.display = 'inline';

   173             document.getElementById('pg_create_normal_1').style.display = 'block';

   173 						document.getElementById('pg_create_normal_1').style.display = 'block';

   174             document.getElementById('pg_create_normal_2').style.display = 'block';

   174 						document.getElementById('pg_create_normal_2').style.display = 'block';

   175             

   175 						

   176             document.getElementById('pg_create_title_regex').style.display = 'none';

   176 						document.getElementById('pg_create_title_regex').style.display = 'none';

   177             document.getElementById('pg_create_regex_1').style.display = 'none';

   177 						document.getElementById('pg_create_regex_1').style.display = 'none';

   178             document.getElementById('pg_create_regex_2').style.display = 'none';

   178 						document.getElementById('pg_create_regex_2').style.display = 'none';

   179           }

   179 					}

   180           else if ( selection == pg_catlink )

   180 					else if ( selection == pg_catlink )

   181           {

   181 					{

   182             document.getElementById('pg_create_title_catlink').style.display = 'inline';

   182 						document.getElementById('pg_create_title_catlink').style.display = 'inline';

   183             document.getElementById('pg_create_catlink_1').style.display = 'block';

   183 						document.getElementById('pg_create_catlink_1').style.display = 'block';

   184             document.getElementById('pg_create_catlink_2').style.display = 'block';

   184 						document.getElementById('pg_create_catlink_2').style.display = 'block';

   185             

   185 						

   186             document.getElementById('pg_create_title_tagged').style.display = 'none';

   186 						document.getElementById('pg_create_title_tagged').style.display = 'none';

   187             document.getElementById('pg_create_tagged_1').style.display = 'none';

   187 						document.getElementById('pg_create_tagged_1').style.display = 'none';

   188             document.getElementById('pg_create_tagged_2').style.display = 'none';

   188 						document.getElementById('pg_create_tagged_2').style.display = 'none';

   189             

   189 						

   190             document.getElementById('pg_create_title_normal').style.display = 'none';

   190 						document.getElementById('pg_create_title_normal').style.display = 'none';

   191             document.getElementById('pg_create_normal_1').style.display = 'none';

   191 						document.getElementById('pg_create_normal_1').style.display = 'none';

   192             document.getElementById('pg_create_normal_2').style.display = 'none';

   192 						document.getElementById('pg_create_normal_2').style.display = 'none';

   193             

   193 						

   194             document.getElementById('pg_create_title_regex').style.display = 'none';

   194 						document.getElementById('pg_create_title_regex').style.display = 'none';

   195             document.getElementById('pg_create_regex_1').style.display = 'none';

   195 						document.getElementById('pg_create_regex_1').style.display = 'none';

   196             document.getElementById('pg_create_regex_2').style.display = 'none';

   196 						document.getElementById('pg_create_regex_2').style.display = 'none';

   197           }

   197 					}

   198           else if ( selection == pg_tagged )

   198 					else if ( selection == pg_tagged )

   199           {

   199 					{

   200             document.getElementById('pg_create_title_catlink').style.display = 'none';

   200 						document.getElementById('pg_create_title_catlink').style.display = 'none';

   201             document.getElementById('pg_create_catlink_1').style.display = 'none';

   201 						document.getElementById('pg_create_catlink_1').style.display = 'none';

   202             document.getElementById('pg_create_catlink_2').style.display = 'none';

   202 						document.getElementById('pg_create_catlink_2').style.display = 'none';

   203             

   203 						

   204             document.getElementById('pg_create_title_tagged').style.display = 'inline';

   204 						document.getElementById('pg_create_title_tagged').style.display = 'inline';

   205             document.getElementById('pg_create_tagged_1').style.display = 'block';

   205 						document.getElementById('pg_create_tagged_1').style.display = 'block';

   206             document.getElementById('pg_create_tagged_2').style.display = 'block';

   206 						document.getElementById('pg_create_tagged_2').style.display = 'block';

   207             

   207 						

   208             document.getElementById('pg_create_title_normal').style.display = 'none';

   208 						document.getElementById('pg_create_title_normal').style.display = 'none';

   209             document.getElementById('pg_create_normal_1').style.display = 'none';

   209 						document.getElementById('pg_create_normal_1').style.display = 'none';

   210             document.getElementById('pg_create_normal_2').style.display = 'none';

   210 						document.getElementById('pg_create_normal_2').style.display = 'none';

   211             

   211 						

   212             document.getElementById('pg_create_title_regex').style.display = 'none';

   212 						document.getElementById('pg_create_title_regex').style.display = 'none';

   213             document.getElementById('pg_create_regex_1').style.display = 'none';

   213 						document.getElementById('pg_create_regex_1').style.display = 'none';

   214             document.getElementById('pg_create_regex_2').style.display = 'none';

   214 						document.getElementById('pg_create_regex_2').style.display = 'none';

   215           }

   215 					}

   216           else if ( selection == pg_regex )

   216 					else if ( selection == pg_regex )

   217           {

   217 					{

   218             document.getElementById('pg_create_title_catlink').style.display = 'none';

   218 						document.getElementById('pg_create_title_catlink').style.display = 'none';

   219             document.getElementById('pg_create_catlink_1').style.display = 'none';

   219 						document.getElementById('pg_create_catlink_1').style.display = 'none';

   220             document.getElementById('pg_create_catlink_2').style.display = 'none';

   220 						document.getElementById('pg_create_catlink_2').style.display = 'none';

   221             

   221 						

   222             document.getElementById('pg_create_title_tagged').style.display = 'none';

   222 						document.getElementById('pg_create_title_tagged').style.display = 'none';

   223             document.getElementById('pg_create_tagged_1').style.display = 'none';

   223 						document.getElementById('pg_create_tagged_1').style.display = 'none';

   224             document.getElementById('pg_create_tagged_2').style.display = 'none';

   224 						document.getElementById('pg_create_tagged_2').style.display = 'none';

   225             

   225 						

   226             document.getElementById('pg_create_title_normal').style.display = 'none';

   226 						document.getElementById('pg_create_title_normal').style.display = 'none';

   227             document.getElementById('pg_create_normal_1').style.display = 'none';

   227 						document.getElementById('pg_create_normal_1').style.display = 'none';

   228             document.getElementById('pg_create_normal_2').style.display = 'none';

   228 						document.getElementById('pg_create_normal_2').style.display = 'none';

   229             

   229 						

   230             document.getElementById('pg_create_title_regex').style.display = 'inline';

   230 						document.getElementById('pg_create_title_regex').style.display = 'inline';

   231             document.getElementById('pg_create_regex_1').style.display = 'block';

   231 						document.getElementById('pg_create_regex_1').style.display = 'block';

   232             document.getElementById('pg_create_regex_2').style.display = 'block';

   232 						document.getElementById('pg_create_regex_2').style.display = 'block';

   233           }

   233 					}

   234         

   234 				

   235         }

   235 				}

   236         

   236 				

   237         // Set to pg_normal on page load

   237 				// Set to pg_normal on page load

   238         var pg_createform_init = function()

   238 				var pg_createform_init = function()

   239         {

   239 				{

   240           document.getElementById('pg_create_title_catlink').style.display = 'none';

   240 					document.getElementById('pg_create_title_catlink').style.display = 'none';

   241           document.getElementById('pg_create_catlink_1').style.display = 'none';

   241 					document.getElementById('pg_create_catlink_1').style.display = 'none';

   242           document.getElementById('pg_create_catlink_2').style.display = 'none';

   242 					document.getElementById('pg_create_catlink_2').style.display = 'none';

   243           

   243 					

   244           document.getElementById('pg_create_title_tagged').style.display = 'none';

   244 					document.getElementById('pg_create_title_tagged').style.display = 'none';

   245           document.getElementById('pg_create_tagged_1').style.display = 'none';

   245 					document.getElementById('pg_create_tagged_1').style.display = 'none';

   246           document.getElementById('pg_create_tagged_2').style.display = 'none';

   246 					document.getElementById('pg_create_tagged_2').style.display = 'none';

   247           

   247 					

   248           document.getElementById('pg_create_title_regex').style.display = 'none';

   248 					document.getElementById('pg_create_title_regex').style.display = 'none';

   249           document.getElementById('pg_create_regex_1').style.display = 'none';

   249 					document.getElementById('pg_create_regex_1').style.display = 'none';

   250           document.getElementById('pg_create_regex_2').style.display = 'none';

   250 					document.getElementById('pg_create_regex_2').style.display = 'none';

   251           

   251 					

   252           document.getElementById('pg_create_title_normal').style.display = 'inline';

   252 					document.getElementById('pg_create_title_normal').style.display = 'inline';

   253           document.getElementById('pg_create_normal_1').style.display = 'block';

   253 					document.getElementById('pg_create_normal_1').style.display = 'block';

   254           document.getElementById('pg_create_normal_2').style.display = 'block';

   254 					document.getElementById('pg_create_normal_2').style.display = 'block';

   255         }

   255 				}

   256         

   256 				

   257         function pg_create_more_fields()

   257 				function pg_create_more_fields()

   258         {

   258 				{

   259           var targettd = document.getElementById('pg_create_normal_2');

   259 					var targettd = document.getElementById('pg_create_normal_2');

   260           var id = 0;

   260 					var id = 0;

   261           for ( var i = 0; i < targettd.childNodes.length; i++ )

   261 					for ( var i = 0; i < targettd.childNodes.length; i++ )

   262           {

   262 					{

   263             var child = targettd.childNodes[i];

   263 						var child = targettd.childNodes[i];

   264             if ( child.tagName == 'INPUT' )

   264 						if ( child.tagName == 'INPUT' )

   265             {

   265 						{

   266               if ( child.type == 'button' )

   266 							if ( child.type == 'button' )

   267               {

   267 							{

   268                 var newInp = document.createElement('input');

   268 								var newInp = document.createElement('input');

   269                 // <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />

   269 								// <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />

   270                 newInp.type    = 'text';

   270 								newInp.type    = 'text';

   271                 newInp.name    = 'member_page_' + id;

   271 								newInp.name    = 'member_page_' + id;

   272                 newInp.id      = 'pg_create_member_' + id;

   272 								newInp.id      = 'pg_create_member_' + id;

   273                 newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };

   273 								newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };

   274                 newInp.size    = '30';

   274 								newInp.size    = '30';

   275                 newInp.style.marginTop = '3px';

   275 								newInp.style.marginTop = '3px';

   276                 targettd.insertBefore(newInp, child);

   276 								targettd.insertBefore(newInp, child);

   277                 targettd.insertBefore(document.createElement('br'), child);

   277 								targettd.insertBefore(document.createElement('br'), child);

   278                 break;

   278 								break;

   279               }

   279 							}

   280               else // if ( child.type == 'text' )

   280 							else // if ( child.type == 'text' )

   281               {

   281 							{

   282                 id++;

   282 								id++;

   283               }

   283 							}

   284             }

   284 						}

   285           }

   285 					}

   286         }

   286 				}

   287         

   287 				

   288       </script>

   288 			</script>

   289       <?php

   289 			<?php

   290       

   290 			

   291       // Build category list

   291 			// Build category list

   292       $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');

   292 			$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');

   293       if ( !$q )

   293 			if ( !$q )

   294         $db->_die();

   294 				$db->_die();

   295       

   295 			

   296       if ( $db->numrows() < 1 )

   296 			if ( $db->numrows() < 1 )

   297       {

   297 			{

   298         $catlist = $lang->get('acppg_err_no_cats');

   298 				$catlist = $lang->get('acppg_err_no_cats');

   299       }

   299 			}

   300       else

   300 			else

   301       {

   301 			{

   302         $catlist = '<select name="member_cat">';

   302 				$catlist = '<select name="member_cat">';

   303         while ( $row = $db->fetchrow() )

   303 				while ( $row = $db->fetchrow() )

   304         {

   304 				{

   305           $catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';

   305 					$catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';

   306         }

   306 				}

   307         $catlist .= '</select>';

   307 				$catlist .= '</select>';

   308       }

   308 			}

   309       

   309 			

   310       echo '<script type="text/javascript">

   310 			echo '<script type="text/javascript">

   311               var __pg_edit_submitAuthorized = true;

   311 							var __pg_edit_submitAuthorized = true;

   312             </script>';

   312 						</script>';

   313       

   313 			

   314       echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';

   314 			echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';

   315       

   315 			

   316       echo '<div class="tblholder">

   316 			echo '<div class="tblholder">

   317             <table border="0" cellspacing="1" cellpadding="4">

   317 						<table border="0" cellspacing="1" cellpadding="4">

   318               <tr>

   318 							<tr>

   319               <th colspan="2">' . $lang->get('acppg_th_create') . '</th>

   319 							<th colspan="2">' . $lang->get('acppg_th_create') . '</th>

   320               </tr>';

   320 							</tr>';

   321       

   321 			

   322       // Name

   322 			// Name

   323       echo '<tr>

   323 			echo '<tr>

   324               <td class="row2">

   324 							<td class="row2">

   325               ' . $lang->get('acppg_field_group_name') . '<br />

   325 							' . $lang->get('acppg_field_group_name') . '<br />

   326               <small>' . $lang->get('acppg_field_group_name_hint') . '</small>

   326 							<small>' . $lang->get('acppg_field_group_name_hint') . '</small>

   327               </td>

   327 							</td>

   328               <td class="row1">

   328 							<td class="row1">

   329               <input type="text" name="pg_name" size="30" />

   329 							<input type="text" name="pg_name" size="30" />

   330               </td>

   330 							</td>

   331             </tr>';

   331 						</tr>';

   332             

   332 						

   333       // Group type

   333 			// Group type

   334       echo '<tr>

   334 			echo '<tr>

   335               <td class="row2">

   335 							<td class="row2">

   336               ' . $lang->get('acppg_field_group_type') . '

   336 							' . $lang->get('acppg_field_group_type') . '

   337               </td>

   337 							</td>

   338               <td class="row1">

   338 							<td class="row1">

   339               <select name="group_type" onchange="pg_create_typeset(this);">

   339 							<select name="group_type" onchange="pg_create_typeset(this);">

   340                 <option value="' . PAGE_GRP_NORMAL  . '" selected="selected">' . $lang->get('acppg_gtype_static') . '</option>

   340 								<option value="' . PAGE_GRP_NORMAL  . '" selected="selected">' . $lang->get('acppg_gtype_static') . '</option>

   341                 <option value="' . PAGE_GRP_TAGGED  . '">' . $lang->get('acppg_gtype_tagged') . '</option>

   341 								<option value="' . PAGE_GRP_TAGGED  . '">' . $lang->get('acppg_gtype_tagged') . '</option>

   342                 <option value="' . PAGE_GRP_CATLINK . '">' . $lang->get('acppg_gtype_catlink') . '</option>

   342 								<option value="' . PAGE_GRP_CATLINK . '">' . $lang->get('acppg_gtype_catlink') . '</option>

   343                 <option value="' . PAGE_GRP_REGEX   . '">' . $lang->get('acppg_gtype_regex_long') . '</option>

   343 								<option value="' . PAGE_GRP_REGEX   . '">' . $lang->get('acppg_gtype_regex_long') . '</option>

   344               </select>

   344 							</select>

   345               </td>

   345 							</td>

   346             </tr>';

   346 						</tr>';

   347             

   347 						

   348       // Titles

   348 			// Titles

   349       echo '<tr>

   349 			echo '<tr>

   350               <th colspan="2">

   350 							<th colspan="2">

   351                 <span id="pg_create_title_normal">

   351 								<span id="pg_create_title_normal">

   352                   ' . $lang->get('acppg_gtype_static') . '

   352 									' . $lang->get('acppg_gtype_static') . '

   353                 </span>

   353 								</span>

   354                 <span id="pg_create_title_tagged">

   354 								<span id="pg_create_title_tagged">

   355                   ' . $lang->get('acppg_gtype_tagged') . '

   355 									' . $lang->get('acppg_gtype_tagged') . '

   356                 </span>

   356 								</span>

   357                 <span id="pg_create_title_catlink">

   357 								<span id="pg_create_title_catlink">

   358                   ' . $lang->get('acppg_gtype_catlink') . '

   358 									' . $lang->get('acppg_gtype_catlink') . '

   359                 </span>

   359 								</span>

   360                 <span id="pg_create_title_regex">

   360 								<span id="pg_create_title_regex">

   361                   ' . $lang->get('acppg_gtype_regex') . '

   361 									' . $lang->get('acppg_gtype_regex') . '

   362                 </span>

   362 								</span>

   363               </th>

   363 							</th>

   364             </tr>';

   364 						</tr>';

   365       

   365 			

   366       echo '<tr>

   366 			echo '<tr>

   367               <td class="row2">

   367 							<td class="row2">

   368                 <div id="pg_create_normal_1">

   368 								<div id="pg_create_normal_1">

   369                   ' . $lang->get('acppg_field_member_pages') . '<br />

   369 									' . $lang->get('acppg_field_member_pages') . '<br />

   370                   <small>' . $lang->get('acppg_field_member_pages_hint') . '</small>

   370 									<small>' . $lang->get('acppg_field_member_pages_hint') . '</small>

   371                 </div>

   371 								</div>

   372                 <div id="pg_create_catlink_1">

   372 								<div id="pg_create_catlink_1">

   373                   ' . $lang->get('acppg_field_target_category') . '<br />

   373 									' . $lang->get('acppg_field_target_category') . '<br />

   374                   <small>' . $lang->get('acppg_field_target_category_hint') . '</small>

   374 									<small>' . $lang->get('acppg_field_target_category_hint') . '</small>

   375                 </div>

   375 								</div>

   376                 <div id="pg_create_tagged_1">

   376 								<div id="pg_create_tagged_1">

   377                   ' . $lang->get('acppg_field_target_tag') . '

   377 									' . $lang->get('acppg_field_target_tag') . '

   378                 </div>

   378 								</div>

   379                 <div id="pg_create_regex_1">

   379 								<div id="pg_create_regex_1">

   380                   ' . $lang->get('acppg_field_target_regex') . '<br />

   380 									' . $lang->get('acppg_field_target_regex') . '<br />

   381                   <small>' . $lang->get('acppg_field_target_regex_hint') . '</small>

   381 									<small>' . $lang->get('acppg_field_target_regex_hint') . '</small>

   382               </td>';

   382 							</td>';

   383             

   383 						

   384       echo '  <td class="row1">

   384 			echo '  <td class="row1">

   385                 <div id="pg_create_normal_2" />

   385 								<div id="pg_create_normal_2" />

   386                   <input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" class="autofill page" size="30" /><br />

   386 									<input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" class="autofill page" size="30" /><br />

   387                   <input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" class="autofill page" size="30" /><br />

   387 									<input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" class="autofill page" size="30" /><br />

   388                   <input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" class="autofill page" size="30" /><br />

   388 									<input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" class="autofill page" size="30" /><br />

   389                   <input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" class="autofill page" size="30" /><br />

   389 									<input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" class="autofill page" size="30" /><br />

   390                   <input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" class="autofill page" size="30" /><br />

   390 									<input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" class="autofill page" size="30" /><br />

   391                   <input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value="&nbsp;&nbsp;+&nbsp;&nbsp;" />

   391 									<input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value="&nbsp;&nbsp;+&nbsp;&nbsp;" />

   392                 </div>

   392 								</div>

   393                 <div id="pg_create_tagged_2">

   393 								<div id="pg_create_tagged_2">

   394                   <input type="text" name="member_tag" size="30" />

   394 									<input type="text" name="member_tag" size="30" />

   395                 </div>

   395 								</div>

   396                 <div id="pg_create_catlink_2">

   396 								<div id="pg_create_catlink_2">

   397                   ' . $catlist . '

   397 									' . $catlist . '

   398                 </div>

   398 								</div>

   399                 <div id="pg_create_regex_2">

   399 								<div id="pg_create_regex_2">

   400                   <input type="text" name="regex" size="60" /> 

   400 									<input type="text" name="regex" size="60" /> 

   401                 </div>

   401 								</div>

   402               </td>

   402 							</td>

   403             </tr>';

   403 						</tr>';

   404             

   404 						

   405       // Submit button

   405 			// Submit button

   406       echo '<tr>

   406 			echo '<tr>

   407               <th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="' . $lang->get('acppg_btn_create_finish') . '" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" /></th>

   407 							<th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="' . $lang->get('acppg_btn_create_finish') . '" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" /></th>

   408             </tr>';

   408 						</tr>';

   409             

   409 						

   410       echo '</table>

   410 			echo '</table>

   411             </div>';

   411 						</div>';

   412       

   412 			

   413       echo '</form>';

   413 			echo '</form>';

   414       

   414 			

   415       echo '<script type="text/javascript">pg_createform_init();</script>';

   415 			echo '<script type="text/javascript">pg_createform_init();</script>';

   416       return;

   416 			return;

   417     }

   417 		}

   418     else if ( isset($_POST['action']['del']) )

   418 		else if ( isset($_POST['action']['del']) )

   419     {

   419 		{

   420       // Confirmation to delete a group (this is really only a stub)

   420 			// Confirmation to delete a group (this is really only a stub)

   421       

   421 			

   422       $delete_id = array_keys($_POST['action']['del']);

   422 			$delete_id = array_keys($_POST['action']['del']);

   423       $delete_id = intval($delete_id[0]);

   423 			$delete_id = intval($delete_id[0]);

   424       

   424 			

   425       if ( !empty($delete_id) )

   425 			if ( !empty($delete_id) )

   426       {

   426 			{

   427         echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">' . "\n";

   427 				echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">' . "\n";

   428         echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />' . "\n";

   428 				echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />' . "\n";

   429         echo '<div class="tblholder">' . "\n";

   429 				echo '<div class="tblholder">' . "\n";

   430         echo '  <table border="0" cellspacing="1" cellpadding="4">' . "\n";

   430 				echo '  <table border="0" cellspacing="1" cellpadding="4">' . "\n";

   431         echo '    <tr><th>' . $lang->get('acppg_th_delete_confirm') . '</th></tr>' . "\n";

   431 				echo '    <tr><th>' . $lang->get('acppg_th_delete_confirm') . '</th></tr>' . "\n";

   432         echo '    <tr><td class="row2" style="text-align: center; padding: 20px 0;">' . $lang->get('acppg_msg_delete_confirm') . '</td></tr>' . "\n";

   432 				echo '    <tr><td class="row2" style="text-align: center; padding: 20px 0;">' . $lang->get('acppg_msg_delete_confirm') . '</td></tr>' . "\n";

   433         echo '    <tr><td class="row1" style="text-align: center;">' . "\n";

   433 				echo '    <tr><td class="row1" style="text-align: center;">' . "\n";

   434         echo '        <input type="submit" name="action[del_confirm]" value="' . $lang->get('acppg_btn_delete_confirm') . '" style="font-weight: bold;" />' . "\n";

   434 				echo '        <input type="submit" name="action[del_confirm]" value="' . $lang->get('acppg_btn_delete_confirm') . '" style="font-weight: bold;" />' . "\n";

   435         echo '        <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" />' . "\n";

   435 				echo '        <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" />' . "\n";

   436         echo '        </td></tr>' . "\n";

   436 				echo '        </td></tr>' . "\n";

   437         echo '  </table>' . "\n";

   437 				echo '  </table>' . "\n";

   438         echo '</form>' . "\n";

   438 				echo '</form>' . "\n";

   439         

   439 				

   440         return;

   440 				return;

   441       }

   441 			}

   442     }

   442 		}

   443     else if ( isset($_POST['action']['del_confirm']) )

   443 		else if ( isset($_POST['action']['del_confirm']) )

   444     {

   444 		{

   445       $delete_id = intval($_POST['delete_id']);

   445 			$delete_id = intval($_POST['delete_id']);

   446       if ( empty($delete_id) )

   446 			if ( empty($delete_id) )

   447       {

   447 			{

   448         echo 'Hack attempt';

   448 				echo 'Hack attempt';

   449         return;

   449 				return;

   450       }

   450 			}

   451       // Obtain group name

   451 			// Obtain group name

   452       $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');

   452 			$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');

   453       if ( !$q )

   453 			if ( !$q )

   454         $db->_die();

   454 				$db->_die();

   455       if ( $db->numrows() < 1 )

   455 			if ( $db->numrows() < 1 )

   456       {

   456 			{

   457         echo 'Page group dun exist.';

   457 				echo 'Page group dun exist.';

   458         return;

   458 				return;

   459       }

   459 			}

   460       $row = $db->fetchrow();

   460 			$row = $db->fetchrow();

   461       $db->free_result();

   461 			$db->free_result();

   462       $pg_name = $row['pg_name'];

   462 			$pg_name = $row['pg_name'];

   463       unset($row);

   463 			unset($row);

   464       // Delete the group

   464 			// Delete the group

   465       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');

   465 			$q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');

   466       if ( !$q )

   466 			if ( !$q )

   467         $db->_die();

   467 				$db->_die();

   468       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');

   468 			$q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');

   469       if ( !$q )

   469 			if ( !$q )

   470         $db->_die();

   470 				$db->_die();

   471       

   471 			

   472       $del_msg = $lang->get('acppg_msg_delete_success', array('pg_name' => htmlspecialchars($pg_name)));

   472 			$del_msg = $lang->get('acppg_msg_delete_success', array('pg_name' => htmlspecialchars($pg_name)));

   473       echo "<div class=\"info-box\">$del_msg</div>";

   473 			echo "<div class=\"info-box\">$del_msg</div>";

   474     }

   474 		}

   475     else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )

   475 		else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )

   476     {

   476 		{

   477       if ( isset($_POST['action']['edit_save']) )

   477 			if ( isset($_POST['action']['edit_save']) )

   478       {

   478 			{

   479       }

   479 			}

   480      

   480  		

   481       if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )

   481 			if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )

   482       {

   482 			{

   483         $return = array('successful' => false);

   483 				$return = array('successful' => false);

   484         

   484 				

   485         //

   485 				//

   486         // Add the specified page to the group

   486 				// Add the specified page to the group

   487         //

   487 				//

   488         

   488 				

   489         // Get ID of the group

   489 				// Get ID of the group

   490         $edit_id = intval($_POST['pg_id']);

   490 				$edit_id = intval($_POST['pg_id']);

   491         if ( !$edit_id )

   491 				if ( !$edit_id )

   492         {

   492 				{

   493           $return = array('mode' => 'error', 'text' => 'Hack attempt');

   493 					$return = array('mode' => 'error', 'text' => 'Hack attempt');

   494           echo enano_json_encode($return);

   494 					echo enano_json_encode($return);

   495           return;

   495 					return;

   496         }

   496 				}

   497         

   497 				

   498         // Run some validation - check that page exists and that it's not already in the group

   498 				// Run some validation - check that page exists and that it's not already in the group

   499         $page = $_POST['new_page'];

   499 				$page = $_POST['new_page'];

   500         if ( empty($page) )

   500 				if ( empty($page) )

   501         {

   501 				{

   502           $return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_need_title'));

   502 					$return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_need_title'));

   503           echo enano_json_encode($return);

   503 					echo enano_json_encode($return);

   504           return;

   504 					return;

   505         }

   505 				}

   506         

   506 				

   507         /*

   507 				/*

   508         // We're gonna allow adding nonexistent pages for now

   508 				// We're gonna allow adding nonexistent pages for now

   509         if ( !isPage($page) )

   509 				if ( !isPage($page) )

   510         {

   510 				{

   511           $return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');

   511 					$return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');

   512           echo enano_json_encode($return);

   512 					echo enano_json_encode($return);

   513           return;

   513 					return;

   514         }

   514 				}

   515         */

   515 				*/

   516         

   516 				

   517         list($page_id, $namespace) = RenderMan::strToPageID($page);

   517 				list($page_id, $namespace) = RenderMan::strToPageID($page);

   518         $page_id = sanitize_page_id($page_id);

   518 				$page_id = sanitize_page_id($page_id);

   519         

   519 				

   520         if ( !isset($paths->namespace[$namespace]) )

   520 				if ( !isset($paths->namespace[$namespace]) )

   521         {

   521 				{

   522           $return = array('mode' => 'error', 'text' => 'Invalid namespace return from RenderMan::strToPageID()');

   522 					$return = array('mode' => 'error', 'text' => 'Invalid namespace return from RenderMan::strToPageID()');

   523           echo enano_json_encode($return);

   523 					echo enano_json_encode($return);

   524           return;

   524 					return;

   525         }

   525 				}

   526         

   526 				

   527         $q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');

   527 				$q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');

   528         if ( !$q )

   528 				if ( !$q )

   529         {

   529 				{

   530           $return = array('mode' => 'error', 'text' => $db->get_error());

   530 					$return = array('mode' => 'error', 'text' => $db->get_error());

   531           echo enano_json_encode($return);

   531 					echo enano_json_encode($return);

   532           return;

   532 					return;

   533         }

   533 				}

   534         if ( $db->numrows() > 0 )

   534 				if ( $db->numrows() > 0 )

   535         {

   535 				{

   536           $return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_already_in'));

   536 					$return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_already_in'));

   537           echo enano_json_encode($return);

   537 					echo enano_json_encode($return);

   538           return;

   538 					return;

   539         }

   539 				}

   540         

   540 				

   541         $q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');

   541 				$q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');

   542         if ( !$q )

   542 				if ( !$q )

   543         {

   543 				{

   544           $return = array('mode' => 'error', 'text' => $db->get_error());

   544 					$return = array('mode' => 'error', 'text' => $db->get_error());

   545           echo enano_json_encode($return);

   545 					echo enano_json_encode($return);

   546           return;

   546 					return;

   547         }

   547 				}

   548         

   548 				

   549         $title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);

   549 				$title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);

   550         

   550 				

   551         $return = array('mode' => 'info', 'text' => $lang->get('acppg_ajaxadd_success'), 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());

   551 				$return = array('mode' => 'info', 'text' => $lang->get('acppg_ajaxadd_success'), 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());

   552         

   552 				

   553         echo enano_json_encode($return);

   553 				echo enano_json_encode($return);

   554         return;

   554 				return;

   555       }

   555 			}

   556       

   556 			

   557       if ( isset($_POST['action']['edit_save']) && isset($_POST['pg_name']) )

   557 			if ( isset($_POST['action']['edit_save']) && isset($_POST['pg_name']) )

   558       {

   558 			{

   559         $edit_id = $_POST['action']['edit'];

   559 				$edit_id = $_POST['action']['edit'];

   560         $edit_id = intval($edit_id);

   560 				$edit_id = intval($edit_id);

   561         if ( !empty($edit_id) )

   561 				if ( !empty($edit_id) )

   562         {

   562 				{

   563           // Update group name

   563 					// Update group name

   564           $new_name = $_POST['pg_name'];

   564 					$new_name = $_POST['pg_name'];

   565           if ( empty($new_name) )

   565 					if ( empty($new_name) )

   566           {

   566 					{

   567             echo '<div class="error-box">' . $lang->get('acppg_err_save_need_name') . '</div>';

   567 						echo '<div class="error-box">' . $lang->get('acppg_err_save_need_name') . '</div>';

   568           }

   568 					}

   569           else

   569 					else

   570           {

   570 					{

   571             $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');

   571 						$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');

   572             if ( !$q )

   572 						if ( !$q )

   573               $db->_die();

   573 							$db->_die();

   574             $row = $db->fetchrow();

   574 						$row = $db->fetchrow();

   575             $db->free_result();

   575 						$db->free_result();

   576             if ( $new_name != $row['pg_name'] )

   576 						if ( $new_name != $row['pg_name'] )

   577             {

   577 						{

   578               $new_name = $db->escape(trim($new_name));

   578 							$new_name = $db->escape(trim($new_name));

   579               $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_name=\'' . $new_name . '\' WHERE pg_id=' . $edit_id . ';');

   579 							$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_name=\'' . $new_name . '\' WHERE pg_id=' . $edit_id . ';');

   580               if ( !$q )

   580 							if ( !$q )

   581                 $db->_die();

   581 								$db->_die();

   582               else

   582 							else

   583                 echo '<div class="info-box">' . $lang->get('acppg_msg_save_name_updated') . '</div>';

   583 								echo '<div class="info-box">' . $lang->get('acppg_msg_save_name_updated') . '</div>';

   584             }

   584 						}

   585             if ( $_POST['pg_type'] == PAGE_GRP_TAGGED )

   585 						if ( $_POST['pg_type'] == PAGE_GRP_TAGGED )

   586             {

   586 						{

   587               $target = $_POST['pg_target'];

   587 							$target = $_POST['pg_target'];

   588               $target = sanitize_tag($target);

   588 							$target = sanitize_tag($target);

   589               if ( empty($target) )

   589 							if ( empty($target) )

   590               {

   590 							{

   591                 echo '<div class="error-box">' . $lang->get('acppg_err_save_need_tag') . '</div>';

   591 								echo '<div class="error-box">' . $lang->get('acppg_err_save_need_tag') . '</div>';

   592               }

   592 							}

   593               else

   593 							else

   594               {

   594 							{

   595                 $target = $db->escape($target);

   595 								$target = $db->escape($target);

   596                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   596 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   597                 if ( !$q )

   597 								if ( !$q )

   598                   $db->_die();

   598 									$db->_die();

   599                 else

   599 								else

   600                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_tag_updated') . '</div>';

   600 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_tag_updated') . '</div>';

   601               }

   601 							}

   602             }

   602 						}

   603             else if ( $_POST['pg_type'] == PAGE_GRP_REGEX )

   603 						else if ( $_POST['pg_type'] == PAGE_GRP_REGEX )

   604             {

   604 						{

   605               $target = $_POST['pg_target'];

   605 							$target = $_POST['pg_target'];

   606               if ( empty($target) )

   606 							if ( empty($target) )

   607               {

   607 							{

   608                 echo '<div class="error-box">' . $lang->get('acppg_err_save_need_regex') . '</div>';

   608 								echo '<div class="error-box">' . $lang->get('acppg_err_save_need_regex') . '</div>';

   609               }

   609 							}

   610               else

   610 							else

   611               {

   611 							{

   612                 $target = $db->escape($target);

   612 								$target = $db->escape($target);

   613                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   613 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   614                 if ( !$q )

   614 								if ( !$q )

   615                   $db->_die();

   615 									$db->_die();

   616                 else

   616 								else

   617                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_regex_updated') . '</div>';

   617 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_regex_updated') . '</div>';

   618               }

   618 							}

   619             }

   619 						}

   620             else if ( $_POST['pg_type'] == PAGE_GRP_CATLINK )

   620 						else if ( $_POST['pg_type'] == PAGE_GRP_CATLINK )

   621             {

   621 						{

   622               $target = $_POST['pg_target'];

   622 							$target = $_POST['pg_target'];

   623               if ( empty($target) )

   623 							if ( empty($target) )

   624               {

   624 							{

   625                 echo '<div class="error-box">' . $lang->get('acppg_err_save_bad_category') . '</div>';

   625 								echo '<div class="error-box">' . $lang->get('acppg_err_save_bad_category') . '</div>';

   626               }

   626 							}

   627               else

   627 							else

   628               {

   628 							{

   629                 $target = $db->escape($target);

   629 								$target = $db->escape($target);

   630                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   630 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');

   631                 if ( !$q )

   631 								if ( !$q )

   632                   $db->_die();

   632 									$db->_die();

   633                 else

   633 								else

   634                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_cat_updated') . '</div>';

   634 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_cat_updated') . '</div>';

   635               }

   635 							}

   636             }

   636 						}

   637           }

   637 					}

   638         }

   638 				}

   639       }

   639 			}

   640       else if ( isset($_POST['action']['edit_save']) )

   640 			else if ( isset($_POST['action']['edit_save']) )

   641       {

   641 			{

   642         $edit_id = $_POST['action']['edit'];

   642 				$edit_id = $_POST['action']['edit'];

   643         $edit_id = intval($edit_id);

   643 				$edit_id = intval($edit_id);

   644       }

   644 			}

   645       else

   645 			else

   646       {

   646 			{

   647         $edit_id = array_keys($_POST['action']['edit']);

   647 				$edit_id = array_keys($_POST['action']['edit']);

   648         $edit_id = intval($edit_id[0]);

   648 				$edit_id = intval($edit_id[0]);

   649       }

   649 			}

   650       

   650 			

   651       if ( empty($edit_id) )

   651 			if ( empty($edit_id) )

   652       {

   652 			{

   653         echo 'Hack attempt';

   653 				echo 'Hack attempt';

   654         return;

   654 				return;

   655       }

   655 			}

   656       

   656 			

   657       if ( isset($_POST['action']['edit_save']['do_rm']) && !isset($_POST['pg_name']) )

   657 			if ( isset($_POST['action']['edit_save']['do_rm']) && !isset($_POST['pg_name']) )

   658       {

   658 			{

   659         $vals = array_keys($_POST['action']['edit_save']['rm']);

   659 				$vals = array_keys($_POST['action']['edit_save']['rm']);

   660         $good = array();

   660 				$good = array();

   661         foreach ( $vals as $id )

   661 				foreach ( $vals as $id )

   662         {

   662 				{

   663           if ( strval(intval($id)) == $id )

   663 					if ( strval(intval($id)) == $id )

   664             $good[] = $id;

   664 						$good[] = $id;

   665         }

   665 				}

   666         $subquery = ( count($good) > 0 ) ? 'pg_member_id=' . implode(' OR pg_member_id=', $good) : "'foo'='bar'";

   666 				$subquery = ( count($good) > 0 ) ? 'pg_member_id=' . implode(' OR pg_member_id=', $good) : "'foo'='bar'";

   667         if ( $subquery == "'foo'='bar'" )

   667 				if ( $subquery == "'foo'='bar'" )

   668         {

   668 				{

   669           echo '<div class="warning-box">' . $lang->get('acppg_err_save_no_pages') . '</div>';

   669 					echo '<div class="warning-box">' . $lang->get('acppg_err_save_no_pages') . '</div>';

   670         }

   670 				}

   671         else

   671 				else

   672         {

   672 				{

   673           $sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";

   673 					$sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";

   674           if ( !$db->sql_query($sql) )

   674 					if ( !$db->sql_query($sql) )

   675           {

   675 					{

   676             $db->_die();

   676 						$db->_die();

   677           }

   677 					}

   678           echo '<div class="info-box">' . $lang->get('acppg_msg_save_pages_deleted') . '</div>';

   678 					echo '<div class="info-box">' . $lang->get('acppg_msg_save_pages_deleted') . '</div>';

   679         }

   679 				}

   680       }

   680 			}

   681       

   681 			

   682       // Fetch information about page group

   682 			// Fetch information about page group

   683       $q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');

   683 			$q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');

   684       if ( !$q )

   684 			if ( !$q )

   685         $db->_die();

   685 				$db->_die();

   686       

   686 			

   687       if ( $db->numrows() < 1 )

   687 			if ( $db->numrows() < 1 )

   688       {

   688 			{

   689         echo 'Bad request - can\'t load page group from database.';

   689 				echo 'Bad request - can\'t load page group from database.';

   690         return;

   690 				return;

   691       }

   691 			}

   692       

   692 			

   693       $row = $db->fetchrow();

   693 			$row = $db->fetchrow();

   694       $db->free_result();

   694 			$db->free_result();

   695       

   695 			

   696       echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';

   696 			echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';

   697       echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';

   697 			echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';

   698       echo '<input type="hidden" name="pg_type" value="' . $row['pg_type'] . '" />';

   698 			echo '<input type="hidden" name="pg_type" value="' . $row['pg_type'] . '" />';

   699       echo '<div class="tblholder">

   699 			echo '<div class="tblholder">

   700               <table border="0" cellspacing="1" cellpadding="4">

   700 							<table border="0" cellspacing="1" cellpadding="4">

   701                 <tr>

   701 								<tr>

   702                   <th colspan="3">' . $lang->get('acppg_th_editing_group') . ' ' . htmlspecialchars($row['pg_name']) . '</th>

   702 									<th colspan="3">' . $lang->get('acppg_th_editing_group') . ' ' . htmlspecialchars($row['pg_name']) . '</th>

   703                 </tr>';

   703 								</tr>';

   704       // Group name

   704 			// Group name

   705       

   705 			

   706       echo '    <tr>

   706 			echo '    <tr>

   707                   <td class="row2">' . $lang->get('acppg_field_group_name') . '</td>

   707 									<td class="row2">' . $lang->get('acppg_field_group_name') . '</td>

   708                   <td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>

   708 									<td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>

   709                 </tr>';

   709 								</tr>';

   710       

   710 			

   711       $ajax_page_add = false;

   711 			$ajax_page_add = false;

   712                 

   712 								

   713       // This is where the going gets tricky.

   713 			// This is where the going gets tricky.

   714       // For static groups, we need to have each page listed out with a removal button, and a form to add new pages.

   714 			// For static groups, we need to have each page listed out with a removal button, and a form to add new pages.

   715       // For category links, we need a select box with each category in it, and

   715 			// For category links, we need a select box with each category in it, and

   716       // For tag sets, just a text box to enter a new tag.

   716 			// For tag sets, just a text box to enter a new tag.

   717       

   717 			

   718       // You can guess which one I dreaded.

   718 			// You can guess which one I dreaded.

   719       

   719 			

   720       switch ( $row['pg_type'] )

   720 			switch ( $row['pg_type'] )

   721       {

   721 			{

   722         case PAGE_GRP_NORMAL:

   722 				case PAGE_GRP_NORMAL:

   723           

   723 					

   724           // You have guessed correct.

   724 					// You have guessed correct.

   725           // *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*

   725 					// *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*

   726           

   726 					

   727           echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_name') . '" /></th></tr>';

   727 					echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_name') . '" /></th></tr>';

   728           echo '</table></div>';

   728 					echo '</table></div>';

   729           echo '</form>';

   729 					echo '</form>';

   730           echo '<form name="pg_static_rm_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" enctype="multipart/form-data">';

   730 					echo '<form name="pg_static_rm_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" enctype="multipart/form-data">';

   731           echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';

   731 					echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';

   732           echo '<div class="tblholder">

   732 					echo '<div class="tblholder">

   733                   <table border="0" cellspacing="1" cellpadding="4">

   733 									<table border="0" cellspacing="1" cellpadding="4">

   734                     <tr>

   734 										<tr>

   735                       <th colspan="3">' . $lang->get('acppg_th_remove_selected') . '</th>

   735 											<th colspan="3">' . $lang->get('acppg_th_remove_selected') . '</th>

   736                     </tr>';

   736 										</tr>';

   737           

   737 					

   738           $q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m

   738 					$q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m

   739                                  LEFT JOIN '.table_prefix.'pages AS p

   739  																LEFT JOIN '.table_prefix.'pages AS p

   740                                    ON ( p.urlname = m.page_id AND p.namespace = m.namespace )

   740  																	ON ( p.urlname = m.page_id AND p.namespace = m.namespace )

   741                                  WHERE m.pg_id=' . $edit_id . ';');

   741  																WHERE m.pg_id=' . $edit_id . ';');

   742           

   742 					

   743           if ( !$q )

   743 					if ( !$q )

   744             $db->_die();

   744 						$db->_die();

   745           

   745 					

   746           $delim = ceil( $db->numrows($q) / 2 );

   746 					$delim = ceil( $db->numrows($q) / 2 );

   747           if ( $delim < 5 )

   747 					if ( $delim < 5 )

   748           {

   748 					{

   749             $delim = 0xFFFFFFFE;

   749 						$delim = 0xFFFFFFFE;

   750             // stupid hack. I'm XSSing my own code.

   750 						// stupid hack. I'm XSSing my own code.

   751             $colspan = '2" id="pg_edit_tackon2me';

   751 						$colspan = '2" id="pg_edit_tackon2me';

   752           }

   752 					}

   753           else

   753 					else

   754           {

   754 					{

   755             $colspan = "1";

   755 						$colspan = "1";

   756           }

   756 					}

   757           

   757 					

   758           echo '<tr><td class="row2" rowspan="2">' . $lang->get('acppg_field_remove') . '</td><td class="row1" colspan="' . $colspan . '">';

   758 					echo '<tr><td class="row2" rowspan="2">' . $lang->get('acppg_field_remove') . '</td><td class="row1" colspan="' . $colspan . '">';

   759           $i = 0;

   759 					$i = 0;

   760           

   760 					

   761           while ( $row = $db->fetchrow($q) )

   761 					while ( $row = $db->fetchrow($q) )

   762           {

   762 					{

   763             $i++;

   763 						$i++;

   764             if ( $i == $delim )

   764 						if ( $i == $delim )

   765             {

   765 						{

   766               echo '</td><td class="row1" id="pg_edit_tackon2me">';

   766 							echo '</td><td class="row1" id="pg_edit_tackon2me">';

   767             }

   767 						}

   768             $page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);

   768 						$page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);

   769             echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';

   769 						echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';

   770           }

   770 					}

   771           

   771 					

   772           echo '</td></tr>';

   772 					echo '</td></tr>';

   773           echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="' . $lang->get('acppg_btn_do_remove') . '" /></th></tr>';

   773 					echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="' . $lang->get('acppg_btn_do_remove') . '" /></th></tr>';

   774           

   774 					

   775           // More javascript magic!

   775 					// More javascript magic!

   776           ?>

   776 					?>

   777           <script type="text/javascript">

   777 					<script type="text/javascript">

   778             var __pg_edit_submitAuthorized = true;

   778 						var __pg_edit_submitAuthorized = true;

   779             var __ol_pg_edit_setup = function()

   779 						var __ol_pg_edit_setup = function()

   780             {

   780 						{

   781               var input = document.getElementById('inptext_pg_add_member');

   781 							var input = document.getElementById('inptext_pg_add_member');

   782               input.onkeypress = function(e) {

   782 							input.onkeypress = function(e) {

   783                   if ( e.keyCode == 13 )

   783 									if ( e.keyCode == 13 )

   784                   {

   784 									{

   785                     setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500);

   785 										setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500);

   786                   } 

   786 									} 

   787                 };

   787 								};

   788             }

   788 						}

   789             addOnloadHook(__ol_pg_edit_setup);

   789 						addOnloadHook(__ol_pg_edit_setup);

   790             var __pg_edit_objcache = false;

   790 						var __pg_edit_objcache = false;

   791             function __pg_edit_ajaxadd(obj)

   791 						function __pg_edit_ajaxadd(obj)

   792             {

   792 						{

   793               if ( __pg_edit_objcache )

   793 							if ( __pg_edit_objcache )

   794                 return false;

   794 								return false;

   795               __pg_edit_objcache = obj;

   795 							__pg_edit_objcache = obj;

   796               

   796 							

   797               if ( obj.nextSibling )

   797 							if ( obj.nextSibling )

   798               {

   798 							{

   799                 if ( obj.nextSibling.tagName == 'DIV' )

   799 								if ( obj.nextSibling.tagName == 'DIV' )

   800                 {

   800 								{

   801                   obj.parentNode.removeChild(obj.nextSibling);

   801 									obj.parentNode.removeChild(obj.nextSibling);

   802                 }

   802 								}

   803               }

   803 							}

   804               

   804 							

   805               // set width on parent, to prevent wrapping of ajax loading image

   805 							// set width on parent, to prevent wrapping of ajax loading image

   806               var w = $dynano(obj).Width();

   806 							var w = $dynano(obj).Width();

   807               w = w + 24;

   807 							w = w + 24;

   808               obj.parentNode.style.width = w + 'px';

   808 							obj.parentNode.style.width = w + 'px';

   809               

   809 							

   810               // append the ajaxy loading image

   810 							// append the ajaxy loading image

   811               var img = document.createElement('img');

   811 							var img = document.createElement('img');

   812               img.src = scriptPath + '/images/loading.gif';

   812 							img.src = scriptPath + '/images/loading.gif';

   813               img.style.marginLeft = '4px';

   813 							img.style.marginLeft = '4px';

   814               insertAfter(obj.parentNode, img, obj);

   814 							insertAfter(obj.parentNode, img, obj);

   815               

   815 							

   816               var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');

   816 							var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');

   817               var page_add = escape(obj.value);

   817 							var page_add = escape(obj.value);

   818               var pg_id = document.forms.pg_edit_frm['action[edit]'].value;

   818 							var pg_id = document.forms.pg_edit_frm['action[edit]'].value;

   819               

   819 							

   820               ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()

   820 							ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()

   821                 {

   821 								{

   822                   if ( ajax.readyState == 4 )

   822 									if ( ajax.readyState == 4 )

   823                   {

   823 									{

   824                     var obj = __pg_edit_objcache;

   824 										var obj = __pg_edit_objcache;

   825                     __pg_edit_objcache = false;

   825 										__pg_edit_objcache = false;

   826                     

   826 										

   827                     // kill the loading graphic

   827 										// kill the loading graphic

   828                     obj.parentNode.removeChild(obj.nextSibling);

   828 										obj.parentNode.removeChild(obj.nextSibling);

   829                     

   829 										

   830                     var resptext = String(ajax.responseText + '');

   830 										var resptext = String(ajax.responseText + '');

   831                     if ( resptext.substr(0, 1) != '{' )

   831 										if ( resptext.substr(0, 1) != '{' )

   832                     {

   832 										{

   833                       // This ain't JSON baby.

   833 											// This ain't JSON baby.

   834                       alert('Invalid JSON response:\n' + resptext);

   834 											alert('Invalid JSON response:\n' + resptext);

   835                       return false;

   835 											return false;

   836                     }

   836 										}

   837                     var json = parseJSON(resptext);

   837 										var json = parseJSON(resptext);

   838                     

   838 										

   839                     var div = document.createElement('div');

   839 										var div = document.createElement('div');

   840                     if ( json.mode == 'info' )

   840 										if ( json.mode == 'info' )

   841                     {

   841 										{

   842                       div.className = 'info-box-mini';

   842 											div.className = 'info-box-mini';

   843                     }

   843 										}

   844                     else if ( json.mode == 'error' )

   844 										else if ( json.mode == 'error' )

   845                     {

   845 										{

   846                       div.className = 'error-box-mini';

   846 											div.className = 'error-box-mini';

   847                     }

   847 										}

   848                     div.appendChild(document.createTextNode(json.text));

   848 										div.appendChild(document.createTextNode(json.text));

   849                     insertAfter(obj.parentNode, div, obj);

   849 										insertAfter(obj.parentNode, div, obj);

   850                     

   850 										

   851                     if ( json.successful )

   851 										if ( json.successful )

   852                     {

   852 										{

   853                       var td = document.getElementById('pg_edit_tackon2me');

   853 											var td = document.getElementById('pg_edit_tackon2me');

   854                       var lbl = document.createElement('label');

   854 											var lbl = document.createElement('label');

   855                       var check = document.createElement('input');

   855 											var check = document.createElement('input');

   856                       check.type = 'checkbox';

   856 											check.type = 'checkbox';

   857                       check.name = 'action[edit_save][rm][' + json.member_id + ']';

   857 											check.name = 'action[edit_save][rm][' + json.member_id + ']';

   858                       lbl.appendChild(check);

   858 											lbl.appendChild(check);

   859                       lbl.appendChild(document.createTextNode(' ' + json.title));

   859 											lbl.appendChild(document.createTextNode(' ' + json.title));

   860                       td.appendChild(lbl);

   860 											td.appendChild(lbl);

   861                       td.appendChild(document.createElement('br'));

   861 											td.appendChild(document.createElement('br'));

   862                     }

   862 										}

   863                     

   863 										

   864                   }

   864 									}

   865                 });

   865 								});

   866             }

   866 						}

   867           </script>

   867 					</script>

   868           <?php

   868 					<?php

   869           

   869 					

   870           $ajax_page_add = true;

   870 					$ajax_page_add = true;

   871           

   871 					

   872           break;

   872 					break;

   873         case PAGE_GRP_TAGGED:

   873 				case PAGE_GRP_TAGGED:

   874           echo '<tr>

   874 					echo '<tr>

   875                   <td class="row2">

   875 									<td class="row2">

   876                     ' . $lang->get('acppg_field_target_tag') . '

   876 										' . $lang->get('acppg_field_target_tag') . '

   877                   </td>

   877 									</td>

   878                   <td class="row1">

   878 									<td class="row1">

   879                     <input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />

   879 										<input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />

   880                   </td>

   880 									</td>

   881                 </tr>';

   881 								</tr>';

   882           break;

   882 					break;

   883         case PAGE_GRP_REGEX:

   883 				case PAGE_GRP_REGEX:

   884           echo '<tr>

   884 					echo '<tr>

   885                   <td class="row2">

   885 									<td class="row2">

   886                     ' . $lang->get('acppg_field_target_regex') . '<br />

   886 										' . $lang->get('acppg_field_target_regex') . '<br />

   887                     <small>' . $lang->get('acppg_field_target_regex_hint') . '</small>

   887 										<small>' . $lang->get('acppg_field_target_regex_hint') . '</small>

   888                   </td>

   888 									</td>

   889                   <td class="row1">

   889 									<td class="row1">

   890                     <input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />

   890 										<input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />

   891                   </td>

   891 									</td>

   892                 </tr>';

   892 								</tr>';

   893           break;

   893 					break;

   894         case PAGE_GRP_CATLINK:

   894 				case PAGE_GRP_CATLINK:

   895           

   895 					

   896           // Build category list

   896 					// Build category list

   897           $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');

   897 					$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');

   898           if ( !$q )

   898 					if ( !$q )

   899             $db->_die();

   899 						$db->_die();

   900           

   900 					

   901           if ( $db->numrows() < 1 )

   901 					if ( $db->numrows() < 1 )

   902           {

   902 					{

   903             $catlist = 'There aren\'t any categories on this site.';

   903 						$catlist = 'There aren\'t any categories on this site.';

   904           }

   904 					}

   905           else

   905 					else

   906           {

   906 					{

   907             $catlist = '<select name="pg_target">';

   907 						$catlist = '<select name="pg_target">';

   908             while ( $catrow = $db->fetchrow() )

   908 						while ( $catrow = $db->fetchrow() )

   909             {

   909 						{

   910               $selected = ( $catrow['urlname'] == $row['pg_target'] ) ? ' selected="selected"' : '';

   910 							$selected = ( $catrow['urlname'] == $row['pg_target'] ) ? ' selected="selected"' : '';

   911               $catlist .= '<option value="' . htmlspecialchars($catrow['urlname']) . '"' . $selected . '>' . htmlspecialchars($catrow['name']) . '</option>';

   911 							$catlist .= '<option value="' . htmlspecialchars($catrow['urlname']) . '"' . $selected . '>' . htmlspecialchars($catrow['name']) . '</option>';

   912             }

   912 						}

   913             $catlist .= '</select>';

   913 						$catlist .= '</select>';

   914           }

   914 					}

   915           

   915 					

   916           echo '<tr>

   916 					echo '<tr>

   917                   <td class="row2">

   917 									<td class="row2">

   918                     ' . $lang->get('acppg_field_target_category') . '<br />

   918 										' . $lang->get('acppg_field_target_category') . '<br />

   919                     <small>' . $lang->get('acppg_field_target_category_hint2') . '</small>

   919 										<small>' . $lang->get('acppg_field_target_category_hint2') . '</small>

   920                   </td>

   920 									</td>

   921                   <td class="row1">

   921 									<td class="row1">

   922                     ' . $catlist . '

   922 										' . $catlist . '

   923                   </td>

   923 									</td>

   924                 </tr>';

   924 								</tr>';

   925           

   925 					

   926           break;

   926 					break;

   927       }

   927 			}

   928       

   928 			

   929       if ( $ajax_page_add )

   929 			if ( $ajax_page_add )

   930       {

   930 			{

   931         echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" /></th></tr>';

   931 				echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" /></th></tr>';

   932       }

   932 			}

   933       else

   933 			else

   934       {

   934 			{

   935         echo '<tr><th colspan="3" class="subhead">

   935 				echo '<tr><th colspan="3" class="subhead">

   936                 <input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_update') . '" />

   936 								<input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_update') . '" />

   937                 <input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" />

   937 								<input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" />

   938               </th></tr>';

   938 							</th></tr>';

   939       }

   939 			}

   940       

   940 			

   941       echo '  </table>

   941 			echo '  </table>

   942             </div>';

   942 						</div>';

   943       echo '</form>';

   943 			echo '</form>';

   944       

   944 			

   945       if ( $ajax_page_add )

   945 			if ( $ajax_page_add )

   946       {

   946 			{

   947         // This needs to be outside of the form.

   947 				// This needs to be outside of the form.

   948         echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';

   948 				echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';

   949         echo '<th colspan="2">' . $lang->get('acppg_th_onthefly') . '</th></tr>';

   949 				echo '<th colspan="2">' . $lang->get('acppg_th_onthefly') . '</th></tr>';

   950         echo '<tr>';

   950 				echo '<tr>';

   951         // Add pages AJAX form

   951 				// Add pages AJAX form

   952         echo '<td class="row2">' . $lang->get('acppg_field_add_page') . '<br /><small>' . $lang->get('acppg_field_add_page_hint') . '</small></td>';

   952 				echo '<td class="row2">' . $lang->get('acppg_field_add_page') . '<br /><small>' . $lang->get('acppg_field_add_page_hint') . '</small></td>';

   953         echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" class="autofill page" /></td>';

   953 				echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" class="autofill page" /></td>';

   954         echo '</tr></table></div>';

   954 				echo '</tr></table></div>';

   955       }

   955 			}

   956       

   956 			

   957       return;

   957 			return;

   958     }

   958 		}

   959     else if ( isset($_POST['action']['noop']) )

   959 		else if ( isset($_POST['action']['noop']) )

   960     {

   960 		{

   961       // Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)

   961 			// Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)

   962     }

   962 		}

   963     else

   963 		else

   964     {

   964 		{

   965       echo '<div class="error-box">Invalid format of $_POST[action].</div>';

   965 			echo '<div class="error-box">Invalid format of $_POST[action].</div>';

   966     }

   966 		}

   967   }

   967 	}

   968   // No action defined - show default menu

   968 	// No action defined - show default menu

   969   

   969 	

   970   echo '<h2>' . $lang->get('acppg_heading_main') . '</h2>';

   970 	echo '<h2>' . $lang->get('acppg_heading_main') . '</h2>';

   971   echo '<p>' . $lang->get('acppg_hint_intro') . '</p>';

   971 	echo '<p>' . $lang->get('acppg_hint_intro') . '</p>';

   972   

   972 	

   973   $q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');

   973 	$q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');

   974   if ( !$q )

   974 	if ( !$q )

   975     $db->_die();

   975 		$db->_die();

   977   echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';

   977 	echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';

   978   

   978 	

   979   echo '<div class="tblholder">

   979 	echo '<div class="tblholder">

   980           <table border="0" cellspacing="1" cellpadding="4">

   980 					<table border="0" cellspacing="1" cellpadding="4">

   981             <tr>

   981 						<tr>

   982               <th>' . $lang->get('acppg_col_group_name') . '</th>

   982 							<th>' . $lang->get('acppg_col_group_name') . '</th>

   983               <th>' . $lang->get('acppg_col_type') . '</th>

   983 							<th>' . $lang->get('acppg_col_type') . '</th>

   984               <th>' . $lang->get('acppg_col_target') . '</th>

   984 							<th>' . $lang->get('acppg_col_target') . '</th>

   985               <th colspan="2">' . $lang->get('acppg_col_actions') . '</th>

   985 							<th colspan="2">' . $lang->get('acppg_col_actions') . '</th>

   986             </tr>';

   986 						</tr>';

   987   

   987 	

   988   if ( $row = $db->fetchrow($q) )

   988 	if ( $row = $db->fetchrow($q) )

   989   {

   989 	{

   990     do

   990 		do

   991     {

   991 		{

   992       $name = htmlspecialchars($row['pg_name']);

   992 			$name = htmlspecialchars($row['pg_name']);

   993       $type = 'Invalid';

   993 			$type = 'Invalid';

   994       switch ( $row['pg_type'] )

   994 			switch ( $row['pg_type'] )

   995       {

   995 			{

   996         case PAGE_GRP_CATLINK:

   996 				case PAGE_GRP_CATLINK:

   997           $type = $lang->get('acppg_gtype_catlink');

   997 					$type = $lang->get('acppg_gtype_catlink');

   998           break;

   998 					break;

   999         case PAGE_GRP_TAGGED:

   999 				case PAGE_GRP_TAGGED:

  1000           $type = $lang->get('acppg_gtype_tagged');

  1000 					$type = $lang->get('acppg_gtype_tagged');

  1001           break;

  1001 					break;

  1002         case PAGE_GRP_NORMAL:

  1002 				case PAGE_GRP_NORMAL:

  1003           $type = $lang->get('acppg_gtype_static');

  1003 					$type = $lang->get('acppg_gtype_static');

  1004           break;

  1004 					break;

  1005         case PAGE_GRP_REGEX:

  1005 				case PAGE_GRP_REGEX:

  1006           $type = $lang->get('acppg_gtype_regex');

  1006 					$type = $lang->get('acppg_gtype_regex');

  1007           break;

  1007 					break;

  1008       }

  1008 			}

  1009       $target = '';

  1009 			$target = '';

  1010       if ( $row['pg_type'] == PAGE_GRP_TAGGED )

  1010 			if ( $row['pg_type'] == PAGE_GRP_TAGGED )

  1011       {

  1011 			{

  1012         $target = $lang->get('acppg_lbl_tag') . ' ' . htmlspecialchars($row['pg_target']);

  1012 				$target = $lang->get('acppg_lbl_tag') . ' ' . htmlspecialchars($row['pg_target']);

  1013       }

  1013 			}

  1014       else if ( $row['pg_type'] == PAGE_GRP_CATLINK )

  1014 			else if ( $row['pg_type'] == PAGE_GRP_CATLINK )

  1015       {

  1015 			{

  1016         $target = $lang->get('acppg_lbl_category') . ' ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));

  1016 				$target = $lang->get('acppg_lbl_category') . ' ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));

  1017       }

  1017 			}

  1018       else if ( $row['pg_type'] == PAGE_GRP_REGEX )

  1018 			else if ( $row['pg_type'] == PAGE_GRP_REGEX )

  1019       {

  1019 			{

  1020         $target = $lang->get('acppg_lbl_regex') . ' <tt>' . htmlspecialchars($row['pg_target']) . '</tt>';

  1020 				$target = $lang->get('acppg_lbl_regex') . ' <tt>' . htmlspecialchars($row['pg_target']) . '</tt>';

  1021       }

  1021 			}

  1022       $btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_edit') . '" />';

  1022 			$btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_edit') . '" />';

  1023       $btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_delete') . '" />';

  1023 			$btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_delete') . '" />';

  1024       echo "<tr>

  1024 			echo "<tr>

  1025               <td class=\"row1\">$name</td>

  1025 							<td class=\"row1\">$name</td>

  1026               <td class=\"row2\">$type</td>

  1026 							<td class=\"row2\">$type</td>

  1027               <td class=\"row1\">$target</td>

  1027 							<td class=\"row1\">$target</td>

  1028               <td class=\"row3\" style=\"text-align: center;\">$btn_edit</td>

  1028 							<td class=\"row3\" style=\"text-align: center;\">$btn_edit</td>

  1029               <td class=\"row3\" style=\"text-align: center;\">$btn_del</td>

  1029 							<td class=\"row3\" style=\"text-align: center;\">$btn_del</td>

  1030             </tr>";

  1030 						</tr>";

  1031     }

  1031 		}

  1032     while ( $row = $db->fetchrow($q) );

  1032 		while ( $row = $db->fetchrow($q) );

  1033   }

  1033 	}

  1034   else

  1034 	else

  1035   {

  1035 	{

  1036     echo '  <tr><td class="row3" colspan="5" style="text-align: center;">' . $lang->get('acppg_msg_no_groups') . '</td></tr>';

  1036 		echo '  <tr><td class="row3" colspan="5" style="text-align: center;">' . $lang->get('acppg_msg_no_groups') . '</td></tr>';

  1037   }

  1037 	}

  1038   

  1038 	

  1039   echo '    <tr>

  1039 	echo '    <tr>

  1040               <th class="subhead" colspan="5">

  1040 							<th class="subhead" colspan="5">

  1041                 <input type="submit" name="action[create]" value="' . $lang->get('acppg_btn_create_new') . '" />

  1041 								<input type="submit" name="action[create]" value="' . $lang->get('acppg_btn_create_new') . '" />

  1042               </th>

  1042 							</th>

  1043             </tr>';

  1043 						</tr>';

  1044   

  1044 	

  1045   echo '  </table>

  1045 	echo '  </table>

  1046         </div>';

  1046 				</div>';

  1047         

  1047 				

  1048   echo '</form>';          

  1048 	echo '</form>';          

  1049     

  1049