/trunk/admin/groups/add.php - Annotate - WB 2.11.0 - Tracking

2

Manuela

<?php

2

/**

3

4

 * @category        admin

5

 * @package         groups

6

 * @author          WebsiteBaker Project

7

 * @copyright       Ryan Djurovich

8

 * @copyright       WebsiteBaker Org. e.V.

9

 * @link            http://websitebaker.org/

10

 * @license         http://www.gnu.org/licenses/gpl.html

11

 * @platform        WebsiteBaker 2.8.3

12

 * @requirements    PHP 5.3.6 and higher

13

 * @version         $Id$

14

 * @filesource      $HeadURL$

15

 * @lastmodified    $Date$

16

17

*/

18

19

// Print admin header

20

if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }

21

if ( !class_exists('admin', false) ) { require(WB_PATH.'/framework/class.admin.php'); }

22

23

// suppress to print the header, so no new FTAN will be set

24

$admin = new admin('Access', 'groups_add', false);

25

$requestMethod = '_'.($GLOBALS['_SERVER']['REQUEST_METHOD']);

26

$aRequestVars  = (@(${$requestMethod}) ? : null);

27

28

$bAdvanced       = intval(@$aRequestVars['advanced'] ?: 0);

29

$bAdvancedSave   = intval(@$aRequestVars['advanced_extended'] ?: 0);

30

$bResetSystem    = intval(@$aRequestVars['reset_system'] ?: 0);

31

$bResetModules   = intval(@$aRequestVars['reset_modules'] ?: 0);

32

$bResetTemplates = intval(@$aRequestVars['reset_templates'] ?: 0);

33

// Create a javascript back link

34

$js_back = ADMIN_URL.'/groups/index.php';

35

$action = 'save';

36

$action = (isset($_POST['cancel']) ? 'cancel' : $action );

37

    switch ($action):

38

        case 'cancel':

39

            header('HTTP/1.1 301 Moved Permanently');

40

            header('Location: '.$js_back);

41

            exit;

42

        default:

43

44

        break;

45

    endswitch;

46

47

if (!$admin->checkFTAN())

48

49

    $admin->print_header();

50

    $sInfo = strtoupper(basename(__DIR__).'_'.basename(__FILE__, ''.PAGE_EXTENSION).'::');

51

    $sDEBUG=(@DEBUG?$sInfo:'');

52

    $admin->print_error($sDEBUG.$MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL);

53

54

// After check print the header

55

$admin->print_header();

56

57

// Gather details entered

58

$group_name = preg_replace('/[^a-z0-9_-]/i', "", $admin->get_post('group_name'));

59

$group_name = $admin->StripCodeFromText($group_name);

60

61

// Check values

62

if($group_name == "") {

63

    $admin->print_error($MESSAGE['GROUPS_GROUP_NAME_BLANK'], $js_back);

64

65

$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'groups` '

66

     . 'WHERE `name`=\''.$group_name.'\'';

67

if ($database->get_one($sql)) {

68

    $admin->print_error($MESSAGE['GROUPS_GROUP_NAME_EXISTS'], $js_back);

69

70

$system_permissions = array();

71

// Get system and module permissions

72

require(ADMIN_PATH.'/groups/get_permissions.php');

73

74

// Update the database

75

$sql = 'INSERT INTO `'.TABLE_PREFIX.'groups` SET '

76

     .     '`name`=\''.$database->escapeString($group_name).'\', '

77

     .     '`system_permissions`=\''.$database->escapeString($system_permissions).'\', '

78

     .     '`module_permissions`=\''.$database->escapeString($module_permissions).'\', '

79

     .     '`template_permissions`=\''.$database->escapeString($template_permissions).'\'';

80

81

if (($database->query($sql))) {

82

    $group_id = $admin->getIDKEY($database->getLastInsertId());

83

    $modifyUrl = ADMIN_URL.'/groups/groups.php?modify=&group_id='.$group_id.'&advanced='.!$bAdvanced;

84

    $admin->print_success($MESSAGE['GROUPS_ADDED'], $modifyUrl);

85

} else {

86

    $admin->print_error($database->get_error(), $js_back);

87

88

// Print admin footer

89

$admin->print_footer();

Project

General

Profile

WB 2.11.0

Project

General

Profile

WB 2.11.0

wb-2_10_x/trunk/admin/groups/add.php @ 2