--- a/language/english/admin.json Thu Jan 03 00:55:10 2008 -0500
+++ b/language/english/admin.json Thu Jan 03 18:39:19 2008 -0500
@@ -18,7 +18,7 @@
var enano_lang = {
categories: [
'adm', 'acl', 'adminusers',
- 'acphome', 'acpgc', 'acpup', 'acpft', 'acppl', 'acppm', 'acped', 'acpdb', 'acppg', 'acpum',
+ 'acphome', 'acpgc', 'acpup', 'acpft', 'acppl', 'acppm', 'acped', 'acpdb', 'acppg', 'acpum', 'acpug',
],
strings: {
meta: {
@@ -34,6 +34,7 @@
acped: 'ACP: Edit page content',
acppg: 'ACP: Page groups',
acpum: 'ACP: User management',
+ acpug: 'ACP: User group management',
},
adm: {
cat_general: 'General',
@@ -622,6 +623,48 @@
field_deleteaccount_hint: 'Even if you delete this user account, the username will be shown in page edit history, comments, and other areas of the site. Deleting a user account CANNOT BE UNDONE and should only be done in extreme circumstances. If the user has violated the site policy, deleting the account will not prevent him from using the site or creating a new account, for that you need to add a new ban rule.',
btn_save: 'Save changes',
+ },
+ acpug: {
+ heading_main: 'Manage Usergroups',
+ heading_edit_existing: 'Edit an existing group',
+ btn_edit_stage1: 'Edit group',
+ heading_create_new: 'Create a new group',
+ field_group_name: 'Group name:',
+ btn_create_stage1: 'Continue',
+
+ // Edit form
+ heading_edit_name: 'Edit group name',
+ btn_cant_delete: 'Can\'t delete system group',
+ btn_delete_group: 'Delete this group',
+ btn_save_name: 'Save name',
+ heading_edit_members: 'Edit group members',
+ msg_no_members: 'This group has no members.',
+ lbl_member_mod: 'Mod',
+ btn_remove_member: 'Remove member',
+ heading_add_member: 'Add a new member',
+ field_username: 'Username:',
+ field_make_mod: 'Is a group moderator',
+ field_make_mod_hint: '(can add and delete other members)',
+ btn_add_user: 'Add user to group',
+
+ // Create form
+ err_group_name_invalid: 'The group name you chose is invalid.',
+ heading_creating_group: 'Creating group:',
+ field_group_mod: 'Group moderator',
+ field_group_type: 'Group status',
+ btn_create_stage2: 'Create group',
+ err_already_exist: 'The group name you entered already exists.',
+ err_bad_username: 'The username you entered could not be found.',
+ err_bad_insert_id: 'The group ID could not be looked up.',
+ heading_info: 'Information',
+ msg_create_success: 'The group %g_name% has been created successfully.',
+
+ // More editor bits, validation messages
+ err_nodelete_system_group: 'The group "%g_name%" could not be deleted because it is a system group required for site functionality.',
+ msg_delete_success: 'The group "%g_name%" has been deleted. Return to the <a %a_flags%>group manager</a>.',
+ msg_name_update_success: 'The group name has been updated.',
+ msg_user_added: 'The user "%username%" has been added to this usergroup.',
+ err_username_not_exist: '<b>The user "%username%" could not be added.</b><br />This username does not exist.',
}
}
};
--- a/plugins/SpecialAdmin.php Thu Jan 03 00:55:10 2008 -0500
+++ b/plugins/SpecialAdmin.php Thu Jan 03 18:39:19 2008 -0500
@@ -43,6 +43,7 @@
require(ENANO_ROOT . '/plugins/admin/PageManager.php');
require(ENANO_ROOT . '/plugins/admin/PageEditor.php');
require(ENANO_ROOT . '/plugins/admin/PageGroups.php');
+require(ENANO_ROOT . '/plugins/admin/GroupManager.php');
require(ENANO_ROOT . '/plugins/admin/SecurityLog.php');
require(ENANO_ROOT . '/plugins/admin/UserManager.php');
@@ -1628,368 +1629,9 @@
} else echo('<p>All themes are currently installed.</p>');
}
-function page_Admin_GroupManager()
-{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $lang;
- if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
- {
- $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
- echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
- echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
- return;
- }
-
- if(isset($_POST['do_create_stage1']))
- {
- if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
- {
- echo '<p>The group name you chose is invalid.</p>';
- return;
- }
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
- <tr><th colspan="2">Creating group: '.htmlspecialchars($_POST['create_group_name']).'</th></tr>
- <tr>
- <td class="row1">Group moderator</td><td class="row1">' . $template->username_field('group_mod') . '</td>
- </tr>
- <tr><td class="row2">Group status</td><td class="row2">
- <label><input type="radio" name="group_status" value="'.GROUP_CLOSED.'" checked="checked" /> Closed to new members</label><br />
- <label><input type="radio" name="group_status" value="'.GROUP_REQUEST.'" /> Members can ask to be added</label><br />
- <label><input type="radio" name="group_status" value="'.GROUP_OPEN.'" /> Members can join freely</label><br />
- <label><input type="radio" name="group_status" value="'.GROUP_HIDDEN.'" /> Group is hidden</label>
- </td></tr>
- <tr>
- <th class="subhead" colspan="2">
- <input type="hidden" name="create_group_name" value="'.htmlspecialchars($_POST['create_group_name']).'" />
- <input type="submit" name="do_create_stage2" value="Create group" />
- </th>
- </tr>
- </table>
- </div>';
- echo '</form>';
- return;
- }
- elseif(isset($_POST['do_create_stage2']))
- {
- if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
- {
- echo '<p>The group name you chose is invalid.</p>';
- return;
- }
- if(!in_array(intval($_POST['group_status']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST)))
- {
- echo '<p>Hacking attempt</p>';
- return;
- }
- $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
- if(!$e)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() > 0)
- {
- echo '<p>The group name you entered already exists.</p>';
- return;
- }
- $db->free_result();
- $q = $db->sql_query('INSERT INTO '.table_prefix.'groups(group_name,group_type) VALUES( \''.$db->escape($_POST['create_group_name']).'\', ' . intval($_POST['group_status']) . ' )');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- $e = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['group_mod']).'\';');
- if(!$e)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() < 1)
- {
- echo '<p>The username you entered could not be found.</p>';
- return;
- }
- $row = $db->fetchrow();
- $id = $row['user_id'];
- $db->free_result();
- $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
- if(!$e)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() < 1)
- {
- echo '<p>The group ID could not be looked up.</p>';
- return;
- }
- $row = $db->fetchrow();
- $gid = $row['group_id'];
- $db->free_result();
- $e = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.$gid.', '.$id.', 1);');
- if(!$e)
- {
- echo $db->get_error();
- return;
- }
- $g_name = htmlspecialchars($_POST['create_group_name']);
- echo "<div class='info-box'>
- <b>Information</b><br />
- The group {$g_name} has been created successfully.
- </div>";
- }
- if(isset($_POST['do_edit']) || isset($_POST['edit_do']))
- {
- // Fetch the group name
- $q = $db->sql_query('SELECT group_name,system_group FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() < 1)
- {
- echo '<p>Error: couldn\'t look up group name</p>';
- }
- $row = $db->fetchrow();
- $name = htmlspecialchars($row['group_name']);
- $db->free_result();
- if(isset($_POST['edit_do']))
- {
- if(isset($_POST['edit_do']['del_group']))
- {
- if ( $row['system_group'] == 1 )
- {
- echo '<div class="error-box">The group "' . $name . '" could not be deleted because it is a system group required for site functionality.</div>';
- }
- else
- {
- $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE group_id='.intval($_POST['group_edit_id']).';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- $q = $db->sql_query('DELETE FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- echo '<div class="info-box">The group "'.$name.'" has been deleted. Return to the <a href="javascript:ajaxPage(\'Admin:GroupManager\');">group manager</a>.</div>';
- return;
- }
- }
- if(isset($_POST['edit_do']['save_name']))
- {
- if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name']))
- {
- echo '<p>The group name you chose is invalid.</p>';
- return;
- }
- $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\'
- WHERE group_id='.intval($_POST['group_edit_id']).';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- else
- {
- echo '<div class="info-box" style="margin: 0 0 10px 0;"">
- The group name has been updated.
- </div>';
- }
- $name = htmlspecialchars($_POST['group_name']);
-
- }
- $q = $db->sql_query('SELECT member_id FROM '.table_prefix.'group_members
- WHERE group_id='.intval($_POST['group_edit_id']).';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() > 0)
- {
- while($row = $db->fetchrow($q))
- {
- if(isset($_POST['edit_do']['del_' . $row['member_id']]))
- {
- $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$row['member_id']);
- if(!$e)
- {
- echo $db->get_error();
- return;
- }
- }
- }
- }
- $db->free_result();
- if(isset($_POST['edit_do']['add_member']))
- {
- $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['edit_add_username']).'\';');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() > 0)
- {
- $row = $db->fetchrow();
- $user_id = $row['user_id'];
- $is_mod = ( isset( $_POST['add_mod'] ) ) ? '1' : '0';
- $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.intval($_POST['group_edit_id']).','.$user_id.','.$is_mod.');');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- else
- {
- echo '<div class="info-box" style="margin: 0 0 10px 0;"">
- The user "'.$_POST['edit_add_username'].'" has been added to this usergroup.
- </div>';
- }
- }
- else
- echo '<div class="warning-box"><b>The user "'.htmlspecialchars($_POST['edit_add_username']).'" could not be added.</b><br />This username does not exist.</div>';
- }
- }
- $sg_disabled = ( $row['system_group'] == 1 ) ? ' value="Can\'t delete system group" disabled="disabled" style="color: #FF9773" ' : ' value="Delete this group" style="color: #FF3713" ';
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
- <tr><th>Edit group name</th></tr>
- <tr>
- <td class="row1">
- Group name: <input type="text" name="group_name" value="'.$name.'" />
- </td>
- </tr>
- <tr>
- <th class="subhead">
- <input type="submit" name="edit_do[save_name]" value="Save name" />
- <input type="submit" name="edit_do[del_group]" '.$sg_disabled.' />
- </th>
- </tr>
- </table>
- </div>
- <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
- echo '</form>';
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
- <tr><th colspan="3">Edit group members</th></tr>';
- $q = $db->sql_query('SELECT m.member_id,m.is_mod,u.username FROM '.table_prefix.'group_members AS m
- LEFT JOIN '.table_prefix.'users AS u
- ON u.user_id=m.user_id
- WHERE m.group_id='.intval($_POST['group_edit_id']).'
- ORDER BY m.is_mod DESC, u.username ASC;');
- if(!$q)
- {
- echo $db->get_error();
- return;
- }
- if($db->numrows() < 1)
- {
- echo '<tr><td colspan="3" class="row1">This group has no members.</td></tr>';
- }
- else
- {
- $cls = 'row2';
- while($row = $db->fetchrow())
- {
- $cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
- $mod = ( $row['is_mod'] == 1 ) ? 'Mod' : '';
- echo '<tr>
- <td class="'.$cls.'" style="width: 100%;">
- ' . $row['username'] . '
- </td>
- <td class="'.$cls.'">
- '.$mod.'
- </td>
- <td class="'.$cls.'">
- <input type="submit" name="edit_do[del_'.$row['member_id'].']" value="Remove member" />
- </td>
- </tr>';
- }
- }
- $db->free_result();
- echo '</table>
- </div>
- <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
- echo '</form>';
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
- <tr>
- <th>Add a new member</th>
- </tr>
- <tr>
- <td class="row1">
- Username: ' . $template->username_field('edit_add_username') . '
- </td>
- </tr>
- <tr>
- <td class="row2">
- <label><input type="checkbox" name="add_mod" /> Is a group moderator</label> (can add and delete other members)
- </td>
- </tr>
- <tr>
- <th class="subhead">
- <input type="submit" name="edit_do[add_member]" value="Add user to group" />
- </th>
- </tr>
- </table>
- </div>
- <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
- echo '</form>';
- return;
- }
- echo '<h3>Manage Usergroups</h3>';
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups ORDER BY group_name ASC;');
- if(!$q)
- {
- echo $db->get_error();
- }
- else
- {
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
- <tr>
- <th>Edit an existing group</th>
- </tr>';
- echo '<tr><td class="row2"><select name="group_edit_id">';
- while ( $row = $db->fetchrow() )
- {
- if ( $row['group_name'] != 'Everyone' )
- {
- echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars( $row['group_name'] ) . '</option>';
- }
- }
- $db->free_result();
- echo '</select></td></tr>';
- echo '<tr><td class="row1" style="text-align: center;"><input type="submit" name="do_edit" value="Edit group" /></td></tr>
- </table>
- </div>
- </form><br />';
- }
- echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
- <tr>
- <th colspan="2">Create a new group</th>
- </tr>';
- echo '<tr><td class="row2">Group name:</td><td class="row2"><input type="text" name="create_group_name" /></td></tr>';
- echo '<tr><td colspan="2" class="row1" style="text-align: center;"><input type="submit" name="do_create_stage1" value="Continue >" /></td></tr>
- </table>
- </div>';
- echo '</form>';
-}
+/*
+ * Admin:GroupManager sources are in /plugins/admin/GroupManager.php.
+ */
function page_Admin_COPPA()
{
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/plugins/admin/GroupManager.php Thu Jan 03 18:39:19 2008 -0500
@@ -0,0 +1,383 @@
+<?php
+
+/*
+ * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
+ * Version 1.0.3 (Dyrad)
+ * Copyright (C) 2006-2007 Dan Fuhry
+ *
+ * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ */
+
+// Usergroup editor
+
+function page_Admin_GroupManager()
+{
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $lang;
+ if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
+ {
+ $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
+ echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
+ echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
+ return;
+ }
+
+ if(isset($_POST['do_create_stage1']))
+ {
+ if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
+ {
+ echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
+ return;
+ }
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
+ <tr><th colspan="2">' . $lang->get('acpug_heading_creating_group') . ' '.htmlspecialchars($_POST['create_group_name']).'</th></tr>
+ <tr>
+ <td class="row1">' . $lang->get('acpug_field_group_mod') . '</td><td class="row1">' . $template->username_field('group_mod') . '</td>
+ </tr>
+ <tr><td class="row2">' . $lang->get('acpug_field_group_type') . '</td><td class="row2">
+ <label><input type="radio" name="group_status" value="'.GROUP_CLOSED.'" checked="checked" /> ' . $lang->get('groupcp_type_hidden') . '</label><br />
+ <label><input type="radio" name="group_status" value="'.GROUP_REQUEST.'" /> ' . $lang->get('groupcp_type_closed') . '</label><br />
+ <label><input type="radio" name="group_status" value="'.GROUP_OPEN.'" /> ' . $lang->get('groupcp_type_request') . '</label><br />
+ <label><input type="radio" name="group_status" value="'.GROUP_HIDDEN.'" /> ' . $lang->get('groupcp_type_open') . '</label>
+ </td></tr>
+ <tr>
+ <th class="subhead" colspan="2">
+ <input type="hidden" name="create_group_name" value="'.htmlspecialchars($_POST['create_group_name']).'" />
+ <input type="submit" name="do_create_stage2" value="' . $lang->get('acpug_btn_create_stage2') . '" />
+ </th>
+ </tr>
+ </table>
+ </div>';
+ echo '</form>';
+ return;
+ }
+ elseif(isset($_POST['do_create_stage2']))
+ {
+ if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['create_group_name']))
+ {
+ echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
+ return;
+ }
+ if(!in_array(intval($_POST['group_status']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST)))
+ {
+ echo '<p>Hacking attempt</p>';
+ return;
+ }
+ $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
+ if(!$e)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() > 0)
+ {
+ echo '<p>' . $lang->get('acpug_err_already_exist') . '</p>';
+ return;
+ }
+ $db->free_result();
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'groups(group_name,group_type) VALUES( \''.$db->escape($_POST['create_group_name']).'\', ' . intval($_POST['group_status']) . ' )');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ $e = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['group_mod']).'\';');
+ if(!$e)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() < 1)
+ {
+ echo '<p>' . $lang->get('acpug_err_bad_username') . '</p>';
+ return;
+ }
+ $row = $db->fetchrow();
+ $id = $row['user_id'];
+ $db->free_result();
+ $e = $db->sql_query('SELECT group_id FROM '.table_prefix.'groups WHERE group_name=\''.$db->escape($_POST['create_group_name']).'\';');
+ if(!$e)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() < 1)
+ {
+ echo '<p>' . $lang->get('acpug_err_bad_insert_id') . '</p>';
+ return;
+ }
+ $row = $db->fetchrow();
+ $gid = $row['group_id'];
+ $db->free_result();
+ $e = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.$gid.', '.$id.', 1);');
+ if(!$e)
+ {
+ echo $db->get_error();
+ return;
+ }
+ $g_name = htmlspecialchars($_POST['create_group_name']);
+ echo "<div class='info-box'>
+ <b>" . $lang->get('acpug_heading_info') . "</b><br />
+ " . $lang->get('acpug_msg_create_success', array('g_name' => $g_name)) . "
+ </div>";
+ }
+ if(isset($_POST['do_edit']) || isset($_POST['edit_do']))
+ {
+ // Fetch the group name
+ $q = $db->sql_query('SELECT group_name,system_group FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() < 1)
+ {
+ echo '<p>Error: couldn\'t look up group name</p>';
+ }
+ $row = $db->fetchrow();
+ $name = htmlspecialchars($row['group_name']);
+ $db->free_result();
+ if(isset($_POST['edit_do']))
+ {
+ if(isset($_POST['edit_do']['del_group']))
+ {
+ if ( $row['system_group'] == 1 )
+ {
+ echo '<div class="error-box">' . $lang->get('acpug_err_nodelete_system_group', array('g_name' => $name)) . '</div>';
+ }
+ else
+ {
+ $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE group_id='.intval($_POST['group_edit_id']).';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ $q = $db->sql_query('DELETE FROM '.table_prefix.'groups WHERE group_id='.intval($_POST['group_edit_id']).';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ echo '<div class="info-box">' . $lang->get('acpug_msg_delete_success', array('g_name' => $name, 'a_flags' => 'href="javascript:ajaxPage(\'' . $paths->nslist['Admin'] . 'GroupManager\');"')) . '</div>';
+ return;
+ }
+ }
+ if(isset($_POST['edit_do']['save_name']))
+ {
+ if(!preg_match('/^([A-z0-9 -]+)$/', $_POST['group_name']))
+ {
+ echo '<p>' . $lang->get('acpug_err_group_name_invalid') . '</p>';
+ return;
+ }
+ $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_name=\''.$db->escape($_POST['group_name']).'\'
+ WHERE group_id='.intval($_POST['group_edit_id']).';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ else
+ {
+ echo '<div class="info-box" style="margin: 0 0 10px 0;"">
+ ' . $lang->get('acpug_msg_name_update_success') . '
+ </div>';
+ }
+ $name = htmlspecialchars($_POST['group_name']);
+
+ }
+ $q = $db->sql_query('SELECT member_id FROM '.table_prefix.'group_members
+ WHERE group_id='.intval($_POST['group_edit_id']).';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() > 0)
+ {
+ while($row = $db->fetchrow($q))
+ {
+ if(isset($_POST['edit_do']['del_' . $row['member_id']]))
+ {
+ $e = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id='.$row['member_id']);
+ if(!$e)
+ {
+ echo $db->get_error();
+ return;
+ }
+ }
+ }
+ }
+ $db->free_result();
+ if(isset($_POST['edit_do']['add_member']))
+ {
+ $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\''.$db->escape($_POST['edit_add_username']).'\';');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() > 0)
+ {
+ $row = $db->fetchrow();
+ $user_id = $row['user_id'];
+ $is_mod = ( isset( $_POST['add_mod'] ) ) ? '1' : '0';
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES('.intval($_POST['group_edit_id']).','.$user_id.','.$is_mod.');');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ else
+ {
+ echo '<div class="info-box" style="margin: 0 0 10px 0;"">
+ ' . $lang->get('acpug_msg_user_added', array('username' => htmlspecialchars($_POST['edit_add_username']))) . '
+ </div>';
+ }
+ }
+ else
+ echo '<div class="warning-box">' . $lang->get('acpug_err_username_not_exist', array('username' => htmlspecialchars($_POST['edit_add_username']))) . '</div>';
+ }
+ }
+ $sg_disabled = ( $row['system_group'] == 1 ) ?
+ ' value="' . $lang->get('acpug_btn_cant_delete') . '" disabled="disabled" style="color: #FF9773" ' :
+ ' value="' . $lang->get('acpug_btn_delete_group') . '" style="color: #FF3713" ';
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
+ <tr><th>' . $lang->get('acpug_heading_edit_name') . '</th></tr>
+ <tr>
+ <td class="row1">
+ ' . $lang->get('acpug_field_group_name') . ' <input type="text" name="group_name" value="'.$name.'" />
+ </td>
+ </tr>
+ <tr>
+ <th class="subhead">
+ <input type="submit" name="edit_do[save_name]" value="' . $lang->get('acpug_btn_save_name') . '" />
+ <input type="submit" name="edit_do[del_group]" '.$sg_disabled.' />
+ </th>
+ </tr>
+ </table>
+ </div>
+ <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
+ echo '</form>';
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
+ <tr><th colspan="3">' . $lang->get('acpug_heading_edit_members') . '</th></tr>';
+ $q = $db->sql_query('SELECT m.member_id,m.is_mod,u.username FROM '.table_prefix.'group_members AS m
+ LEFT JOIN '.table_prefix.'users AS u
+ ON u.user_id=m.user_id
+ WHERE m.group_id='.intval($_POST['group_edit_id']).'
+ ORDER BY m.is_mod DESC, u.username ASC;');
+ if(!$q)
+ {
+ echo $db->get_error();
+ return;
+ }
+ if($db->numrows() < 1)
+ {
+ echo '<tr><td colspan="3" class="row1">' . $lang->get('acpug_msg_no_members') . '</td></tr>';
+ }
+ else
+ {
+ $cls = 'row2';
+ while($row = $db->fetchrow())
+ {
+ $cls = ( $cls == 'row1' ) ? 'row2' : 'row1';
+ $mod = ( $row['is_mod'] == 1 ) ? $lang->get('acpug_lbl_member_mod') : '';
+ echo '<tr>
+ <td class="'.$cls.'" style="width: 100%;">
+ ' . $row['username'] . '
+ </td>
+ <td class="'.$cls.'">
+ '.$mod.'
+ </td>
+ <td class="'.$cls.'">
+ <input type="submit" name="edit_do[del_'.$row['member_id'].']" value="' . $lang->get('acpug_btn_remove_member') . '" />
+ </td>
+ </tr>';
+ }
+ }
+ $db->free_result();
+ echo '</table>
+ </div>
+ <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
+ echo '</form>';
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" style="width:100%;" cellspacing="1" cellpadding="4">
+ <tr>
+ <th>' . $lang->get('acpug_heading_add_member') . '</th>
+ </tr>
+ <tr>
+ <td class="row1">
+ ' . $lang->get('acpug_field_username') . ' ' . $template->username_field('edit_add_username') . '
+ </td>
+ </tr>
+ <tr>
+ <td class="row2">
+ <label><input type="checkbox" name="add_mod" /> ' . $lang->get('acpug_field_make_mod') . '</label>
+ ' . $lang->get('acpug_field_make_mod_hint') . '
+ </td>
+ </tr>
+ <tr>
+ <th class="subhead">
+ <input type="submit" name="edit_do[add_member]" value="' . $lang->get('acpug_btn_add_user') . '" />
+ </th>
+ </tr>
+ </table>
+ </div>
+ <input type="hidden" name="group_edit_id" value="'.htmlspecialchars($_POST['group_edit_id']).'" />';
+ echo '</form>';
+ return;
+ }
+ echo '<h3>' . $lang->get('acpug_heading_main') . '</h3>';
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups ORDER BY group_name ASC;');
+ if(!$q)
+ {
+ echo $db->get_error();
+ }
+ else
+ {
+ echo '<div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
+ <tr>
+ <th>' . $lang->get('acpug_heading_edit_existing') . '</th>
+ </tr>';
+ echo '<tr><td class="row2"><select name="group_edit_id">';
+ while ( $row = $db->fetchrow() )
+ {
+ if ( $row['group_name'] != 'Everyone' )
+ {
+ echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars( $row['group_name'] ) . '</option>';
+ }
+ }
+ $db->free_result();
+ echo '</select></td></tr>';
+ echo '<tr><td class="row1" style="text-align: center;"><input type="submit" name="do_edit" value="' . $lang->get('acpug_btn_edit_stage1') . '" /></td></tr>
+ </table>
+ </div>
+ </form><br />';
+ }
+ echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4" style="width: 100%;">
+ <tr>
+ <th colspan="2">' . $lang->get('acpug_heading_create_new') . '</th>
+ </tr>';
+ echo '<tr><td class="row2">' . $lang->get('acpug_field_group_name') . '</td><td class="row2"><input type="text" name="create_group_name" /></td></tr>';
+ echo '<tr><td colspan="2" class="row1" style="text-align: center;"><input type="submit" name="do_create_stage1" value="' . $lang->get('acpug_btn_create_stage1') . ' »" /></td></tr>
+ </table>
+ </div>';
+ echo '</form>';
+}
+
+?>