GitHub Sale: sign up for any paid plan this week and pay nothing until January 1, 2009!  [ hide ]

tedkulp / cmsmadesimple-2-0 fork watch download tarball
public
Description: Git mirror of the CMS Made Simple 2.0 rewrite
Homepage: http://cmsmadesimple.org
Clone URL: git://github.com/tedkulp/cmsmadesimple-2-0.git 
Added sanitizing code so spammers can't inject code into the form
tedkulp (author)
Wed Dec 07 18:43:11 -0800 2005
commit  325c55c6309b98c3e310d2a5a812d50d95ba1db7
tree    c5849f4ed8ccd949819a093c31dc33f7b666adfa
cmsmadesimple-2-0 / admin / editgroup.php
100644 158 lines (131 sloc) 4.499 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

<?php
#CMS - CMS Made Simple
#(c)2004 by Ted Kulp (wishy@users.sf.net)
#This project's homepage is: http://cmsmadesimple.sf.net
#
#This program is free software; you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation; either version 2 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#GNU General Public License for more details.
#You should have received a copy of the GNU General Public License
#along with this program; if not, write to the Free Software
#Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
#$Id$
 
$CMS_ADMIN_PAGE=1;
 
require_once("../include.php");
require_once("../lib/classes/class.group.inc.php");
 
check_login();
 
$error = "";
 
$dropdown = "";
 
$group = "";
if (isset($_POST["group"])) $group = $_POST["group"];
 
$active = 1;
if (!isset($_POST["active"]) && isset($_POST["editgroup"])) $active = 0;
 
$group_id = -1;
if (isset($_POST["group_id"])) $group_id = $_POST["group_id"];
else if (isset($_GET["group_id"])) $group_id = $_GET["group_id"];
 
if (isset($_POST["cancel"])) {
  redirect("listgroups.php");
  return;
}
 
$userid = get_userid();
$access = check_permission($userid, 'Modify Groups');
 
if ($access) {
 
  if (isset($_POST["editgroup"]))
  {
    $validinfo = true;
    if ($group == "")
    {
      $validinfo = false;
      $error .= "<li>".lang('nofieldgiven', array(lang('name')))."</li>";
    }
 
    if ($validinfo)
    {
      $groupobj = new Group();
      $groupobj->id = $group_id;
      $groupobj->name = $group;
      $groupobj->active = $active;
 
      #Perform the editgroup_pre callback
      foreach($gCms->modules as $key=>$value)
      {
        if ($gCms->modules[$key]['installed'] == true &&
          $gCms->modules[$key]['active'] == true)
        {
          $gCms->modules[$key]['object']->EditGroupPre($groupobj);
        }
      }
 
      $result = $groupobj->save();
 
      if ($result)
      {
        #Perform the editgroup_post callback
        foreach($gCms->modules as $key=>$value)
        {
          if ($gCms->modules[$key]['installed'] == true &&
            $gCms->modules[$key]['active'] == true)
          {
            $gCms->modules[$key]['object']->EditGroupPost($groupobj);
          }
        }
 
        audit($groupobj->id, $groupobj->name, 'Edited Group');
        redirect("listgroups.php");
        return;
      }
      else {
        $error .= "<li>".lang('errorupdatinggroup')."</li>";
      }
    }
 
  }
  else if ($group_id != -1) {
 
    $query = "SELECT * from ".cms_db_prefix()."groups WHERE group_id = ?";
    $result = $db->Execute($query, array($group_id));
    
    $row = $result->FetchRow();
 
    $group = $row["group_name"];
    $active = $row["active"];
  }
}
if (strlen($group) > 0)
    {
    $CMS_ADMIN_SUBTITLE = $group;
    }
include_once("header.php");
 
if (!$access) {
  echo "<div class=\"pageerrorcontainer\"><p class=\"pageerror\">".lang('noaccessto', array(lang('editgroup')))."</p></div>";
}
else {
  if ($error != "") {
    echo "<div class=\"pageerrorcontainer\"><ul class=\"pageerror\">".$error."</ul></div>";  
  }
?>
 
<div class="pagecontainer">
  <p class="pageheader"><?php echo lang('editgroup')?></p>
  <form method="post" action="editgroup.php">
    <div class="pageoverflow">
      <p class="pagetext"><?php echo lang('name')?>:</p>
      <p class="pageinput"><input type="text" name="group" maxlength="25" value="<?php echo $group?>" /></p>
    </div>
    <div class="pageoverflow">
      <p class="pagetext"><?php echo lang('active')?>:</p>
      <p class="pageinput"><input type="checkbox" name="active" <?php echo ($active == 1?"checked=\"checked\"":"")?> /></p>
    </div>
    <div class="pageoverflow">
      <p class="pagetext">&nbsp;</p>
      <p class="pageinput">
        <input type="hidden" name="group_id" value="<?php echo $group_id?>" /><input type="hidden" name="editgroup" value="true" />
        <input type="submit" value="<?php echo lang('submit')?>" class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" />
        <input type="submit" name="cancel" value="<?php echo lang('cancel')?>" class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" />
      </p>
    </div>
  </form>
</div>
<?php
 
}
echo '<p class="pageback"><a class="pageback" href="'.$themeObject->BackUrl().'">&#171; '.lang('back').'</a></p>';
 
include_once("footer.php");
 
# vim:ts=4 sw=4 noet
?>