128 </div>"; |
128 </div>"; |
129 } |
129 } |
130 if(isset($_POST['do_edit']) || isset($_POST['edit_do'])) |
130 if(isset($_POST['do_edit']) || isset($_POST['edit_do'])) |
131 { |
131 { |
132 // Fetch the group name |
132 // Fetch the group name |
133 $q = $db->sql_query('SELECT group_name,system_group FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); |
133 $q = $db->sql_query('SELECT group_name,system_group,group_rank FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';'); |
134 if(!$q) |
134 if(!$q) |
135 { |
135 { |
136 echo $db->get_error(); |
136 echo $db->get_error(); |
137 return; |
137 return; |
138 } |
138 } |
174 if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name'])) |
174 if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name'])) |
175 { |
175 { |
176 echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>'; |
176 echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>'; |
177 return; |
177 return; |
178 } |
178 } |
179 $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\' |
179 // determine rank |
|
180 $group_rank =& $_POST['group_rank']; |
|
181 if ( $_POST['group_rank'] !== 'NULL' ) |
|
182 { |
|
183 $group_rank = intval($group_rank); |
|
184 if ( empty($group_rank) ) |
|
185 { |
|
186 echo '<p>Hacked rank ID</p>'; |
|
187 return; |
|
188 } |
|
189 } |
|
190 $row['group_rank'] = $group_rank; |
|
191 $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\',group_rank = ' . $group_rank . ' |
180 WHERE group_id='.intval($_POST['group_edit_id']).';'); |
192 WHERE group_id='.intval($_POST['group_edit_id']).';'); |
181 if(!$q) |
193 if(!$q) |
182 { |
194 { |
183 echo $db->get_error(); |
195 echo $db->get_error(); |
184 return; |
196 return; |
199 echo $db->get_error(); |
211 echo $db->get_error(); |
200 return; |
212 return; |
201 } |
213 } |
202 if($db->numrows() > 0) |
214 if($db->numrows() > 0) |
203 { |
215 { |
204 while($row = $db->fetchrow($q)) |
216 while($delrow = $db->fetchrow($q)) |
205 { |
217 { |
206 if(isset($_POST['edit_do']['del_' . $row['member_id']])) |
218 if(isset($_POST['edit_do']['del_' . $delrow['member_id']])) |
207 { |
219 { |
208 $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$row['member_id']); |
220 $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$delrow['member_id']); |
209 if(!$e) |
221 if(!$e) |
210 { |
222 { |
211 echo $db->get_error(); |
223 echo $db->get_error(); |
212 return; |
224 return; |
213 } |
225 } |
248 generate_cache_userranks(); |
260 generate_cache_userranks(); |
249 } |
261 } |
250 $sg_disabled = ( $row['system_group'] == 1 ) ? |
262 $sg_disabled = ( $row['system_group'] == 1 ) ? |
251 ' value="' . $lang->get('acpug_btn_cant_delete') . '" disabled="disabled" style="color: #FF9773" ' : |
263 ' value="' . $lang->get('acpug_btn_cant_delete') . '" disabled="disabled" style="color: #FF9773" ' : |
252 ' value="' . $lang->get('acpug_btn_delete_group') . '" style="color: #FF3713" '; |
264 ' value="' . $lang->get('acpug_btn_delete_group') . '" style="color: #FF3713" '; |
|
265 |
|
266 // build rank list |
|
267 $q = $db->sql_query('SELECT rank_id, rank_title FROM ' . table_prefix . 'ranks'); |
|
268 if ( !$q ) |
|
269 $db->_die(); |
|
270 $rank_list = '<option value="NULL"' . ( $row['group_rank'] === NULL ? ' selected="selected"' : '' ) . '>--</option>' . "\n"; |
|
271 while ( $rank_row = $db->fetchrow() ) |
|
272 { |
|
273 $rank_list .= '<option value="' . $rank_row['rank_id'] . '"' . ( $rank_row['rank_id'] == $row['group_rank'] ? ' selected="selected"' : '' ) . '>' . htmlspecialchars($lang->get($rank_row['rank_title'])) . '</option>' . "\n"; |
|
274 } |
|
275 |
253 echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">'; |
276 echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">'; |
254 echo '<div class="tblholder"> |
277 echo '<div class="tblholder"> |
255 <table border="0" style="width:100%;" cellspacing="1" cellpadding="4"> |
278 <table border="0" style="width:100%;" cellspacing="1" cellpadding="4"> |
256 <tr><th>' . $lang->get('acpug_heading_edit_name') . '</th></tr> |
279 <tr><th>' . $lang->get('acpug_heading_edit_name') . '</th></tr> |
257 <tr> |
280 <tr> |
258 <td class="row1"> |
281 <td class="row1"> |
259 ' . $lang->get('acpug_field_group_name') . ' <input type="text" name="group_name" value="'.$name.'" /> |
282 ' . $lang->get('acpug_field_group_name') . ' <input type="text" name="group_name" value="'.$name.'" /> |
|
283 </td> |
|
284 </tr> |
|
285 <tr> |
|
286 <td class="row1"> |
|
287 ' . $lang->get('acpug_field_group_rank') . ' <select name="group_rank" />' . $rank_list . '</select> |
260 </td> |
288 </td> |
261 </tr> |
289 </tr> |
262 <tr> |
290 <tr> |
263 <th class="subhead"> |
291 <th class="subhead"> |
264 <input type="submit" name="edit_do[save_name]" value="' . $lang->get('acpug_btn_save_name') . '" /> |
292 <input type="submit" name="edit_do[save_name]" value="' . $lang->get('acpug_btn_save_name') . '" /> |