plugins/admin/PageGroups.php
changeset 75 1f85c1c609fd
child 80 cb7dde69c301
equal deleted inserted replaced
74:68469a95658d 75:1f85c1c609fd
       
     1 <?php
       
     2 
       
     3 /*
       
     4  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
       
     5  * Version 1.0.1 (Loch Ness)
       
     6  * Copyright (C) 2006-2007 Dan Fuhry
       
     7  *
       
     8  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
       
     9  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
       
    10  *
       
    11  * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
       
    12  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
       
    13  */
       
    14 
       
    15 function page_Admin_PageGroups()
       
    16 {
       
    17   global $db, $session, $paths, $template, $plugins; // Common objects
       
    18   if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
       
    19   {
       
    20     echo '<h3>Error: Not authenticated</h3><p>It looks like your administration session is invalid or you are not authorized to access this administration page. Please <a href="' . makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true) . '">re-authenticate</a> to continue.</p>';
       
    21     return;
       
    22   }
       
    23   
       
    24   if ( isset($_POST['action']) )
       
    25   {
       
    26     if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )
       
    27     {
       
    28       switch ( isset($_POST['action']['create_stage2']) )
       
    29       {
       
    30         case true:
       
    31           if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )
       
    32           {
       
    33             echo '<div class="error-box">Please enter a name for the page group.</div>';
       
    34             return;
       
    35           }
       
    36           if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )
       
    37           {
       
    38             echo '<div class="error-box">Please enter a page tag.</div>';
       
    39             return;
       
    40           }
       
    41           if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )
       
    42           {
       
    43             echo '<div class="error-box">Please create a category page before linking a page group to a category.</div>';
       
    44             return;
       
    45           }
       
    46           if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )
       
    47           {
       
    48             echo '<div class="error-box">Please specify at least one page to place in this group.</div>';
       
    49             return;
       
    50           }
       
    51           if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL )
       
    52           {
       
    53             echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';
       
    54             return;
       
    55           }
       
    56           // All checks passed, create the group
       
    57           switch($_POST['group_type'])
       
    58           {
       
    59             case PAGE_GRP_TAGGED:
       
    60               $name = $db->escape($_POST['pg_name']);
       
    61               $tag  = $db->escape($_POST['member_tag']);
       
    62               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';
       
    63               $q = $db->sql_query($sql);
       
    64               if ( !$q )
       
    65                 $db->_die();
       
    66               break;
       
    67             case PAGE_GRP_CATLINK:
       
    68               $name = $db->escape($_POST['pg_name']);
       
    69               $cat  = $db->escape($_POST['member_cat']);
       
    70               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';
       
    71               $q = $db->sql_query($sql);
       
    72               if ( !$q )
       
    73                 $db->_die();
       
    74               break;
       
    75             case PAGE_GRP_NORMAL:
       
    76               $name = $db->escape($_POST['pg_name']);
       
    77               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';
       
    78               $q = $db->sql_query($sql);
       
    79               if ( !$q )
       
    80                 $db->_die();
       
    81               
       
    82               $ins_id = $db->insert_id();
       
    83               
       
    84               // Page list
       
    85               $keys = array_keys($_POST);
       
    86               $arr_pages = array();
       
    87               foreach ( $keys as $val )
       
    88               {
       
    89                 if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )
       
    90                 {
       
    91                   $arr_pages[] = $_POST[$val];
       
    92                 }
       
    93               }
       
    94               $arr_sql = array();
       
    95               foreach ( $arr_pages as $page )
       
    96               {
       
    97                 list($id, $ns) = RenderMan::strToPageID($page);
       
    98                 $id = sanitize_page_id($id);
       
    99                 $arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';
       
   100               }
       
   101               $sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';
       
   102               $q = $db->sql_query($sql);
       
   103               if ( !$q )
       
   104                 $db->_die();
       
   105               break;
       
   106           }
       
   107           echo '<div class="info-box">The page group "' . htmlspecialchars($_POST['pg_name']) . '" has been created.</div>';
       
   108           break;
       
   109       }
       
   110       // A little Javascript magic
       
   111       ?>
       
   112       <script language="javascript" type="text/javascript">
       
   113         function pg_create_typeset(selector)
       
   114         {
       
   115           var pg_normal  = <?php echo PAGE_GRP_NORMAL; ?>;
       
   116           var pg_tagged  = <?php echo PAGE_GRP_TAGGED; ?>;
       
   117           var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;
       
   118           var selection = false;
       
   119           // Get selection
       
   120           for ( var i = 0; i < selector.childNodes.length; i++ )
       
   121           {
       
   122             var child = selector.childNodes[i];
       
   123             if ( !child || child.tagName != 'OPTION' )
       
   124             {
       
   125               continue;
       
   126             }
       
   127             if ( child.selected )
       
   128             {
       
   129               selection = child.value;
       
   130             }
       
   131           }
       
   132           if ( !selection )
       
   133           {
       
   134             alert('Cannot get field value');
       
   135             return true;
       
   136           }
       
   137           selection = parseInt(selection);
       
   138           if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink )
       
   139           {
       
   140             alert('Invalid field value');
       
   141             return true;
       
   142           }
       
   143           
       
   144           // We have the selection and it's validated; show the appropriate field group
       
   145           
       
   146           if ( selection == pg_normal )
       
   147           {
       
   148             document.getElementById('pg_create_title_catlink').style.display = 'none';
       
   149             document.getElementById('pg_create_catlink_1').style.display = 'none';
       
   150             document.getElementById('pg_create_catlink_2').style.display = 'none';
       
   151             
       
   152             document.getElementById('pg_create_title_tagged').style.display = 'none';
       
   153             document.getElementById('pg_create_tagged_1').style.display = 'none';
       
   154             document.getElementById('pg_create_tagged_2').style.display = 'none';
       
   155             
       
   156             document.getElementById('pg_create_title_normal').style.display = 'inline';
       
   157             document.getElementById('pg_create_normal_1').style.display = 'block';
       
   158             document.getElementById('pg_create_normal_2').style.display = 'block';
       
   159           }
       
   160           else if ( selection == pg_catlink )
       
   161           {
       
   162             document.getElementById('pg_create_title_catlink').style.display = 'inline';
       
   163             document.getElementById('pg_create_catlink_1').style.display = 'block';
       
   164             document.getElementById('pg_create_catlink_2').style.display = 'block';
       
   165             
       
   166             document.getElementById('pg_create_title_tagged').style.display = 'none';
       
   167             document.getElementById('pg_create_tagged_1').style.display = 'none';
       
   168             document.getElementById('pg_create_tagged_2').style.display = 'none';
       
   169             
       
   170             document.getElementById('pg_create_title_normal').style.display = 'none';
       
   171             document.getElementById('pg_create_normal_1').style.display = 'none';
       
   172             document.getElementById('pg_create_normal_2').style.display = 'none';
       
   173           }
       
   174           else if ( selection == pg_tagged )
       
   175           {
       
   176             document.getElementById('pg_create_title_catlink').style.display = 'none';
       
   177             document.getElementById('pg_create_catlink_1').style.display = 'none';
       
   178             document.getElementById('pg_create_catlink_2').style.display = 'none';
       
   179             
       
   180             document.getElementById('pg_create_title_tagged').style.display = 'inline';
       
   181             document.getElementById('pg_create_tagged_1').style.display = 'block';
       
   182             document.getElementById('pg_create_tagged_2').style.display = 'block';
       
   183             
       
   184             document.getElementById('pg_create_title_normal').style.display = 'none';
       
   185             document.getElementById('pg_create_normal_1').style.display = 'none';
       
   186             document.getElementById('pg_create_normal_2').style.display = 'none';
       
   187           }
       
   188         
       
   189         }
       
   190         
       
   191         // Set to pg_normal on page load
       
   192         var pg_createform_init = function()
       
   193         {
       
   194           document.getElementById('pg_create_title_catlink').style.display = 'none';
       
   195           document.getElementById('pg_create_catlink_1').style.display = 'none';
       
   196           document.getElementById('pg_create_catlink_2').style.display = 'none';
       
   197           
       
   198           document.getElementById('pg_create_title_tagged').style.display = 'none';
       
   199           document.getElementById('pg_create_tagged_1').style.display = 'none';
       
   200           document.getElementById('pg_create_tagged_2').style.display = 'none';
       
   201           
       
   202           document.getElementById('pg_create_title_normal').style.display = 'inline';
       
   203           document.getElementById('pg_create_normal_1').style.display = 'block';
       
   204           document.getElementById('pg_create_normal_2').style.display = 'block';
       
   205         }
       
   206         
       
   207         addOnloadHook(pg_createform_init);
       
   208         
       
   209         function pg_create_more_fields()
       
   210         {
       
   211           var targettd = document.getElementById('pg_create_normal_2');
       
   212           var id = 0;
       
   213           for ( var i = 0; i < targettd.childNodes.length; i++ )
       
   214           {
       
   215             var child = targettd.childNodes[i];
       
   216             if ( child.tagName == 'INPUT' )
       
   217             {
       
   218               if ( child.type == 'button' )
       
   219               {
       
   220                 var newInp = document.createElement('input');
       
   221                 // <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   222                 newInp.type    = 'text';
       
   223                 newInp.name    = 'member_page_' + id;
       
   224                 newInp.id      = 'pg_create_member_' + id;
       
   225                 newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };
       
   226                 newInp.size    = '30';
       
   227                 newInp.style.marginTop = '3px';
       
   228                 targettd.insertBefore(newInp, child);
       
   229                 targettd.insertBefore(document.createElement('br'), child);
       
   230                 break;
       
   231               }
       
   232               else // if ( child.type == 'text' )
       
   233               {
       
   234                 id++;
       
   235               }
       
   236             }
       
   237           }
       
   238         }
       
   239         
       
   240       </script>
       
   241       <?php
       
   242       
       
   243       // Build category list
       
   244       $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
       
   245       if ( !$q )
       
   246         $db->_die();
       
   247       
       
   248       if ( $db->numrows() < 1 )
       
   249       {
       
   250         $catlist = 'There aren\'t any categories on this site.';
       
   251       }
       
   252       else
       
   253       {
       
   254         $catlist = '<select name="member_cat">';
       
   255         while ( $row = $db->fetchrow() )
       
   256         {
       
   257           $catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';
       
   258         }
       
   259         $catlist .= '</select>';
       
   260       }
       
   261       
       
   262       echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';
       
   263       
       
   264       echo '<div class="tblholder">
       
   265             <table border="0" cellspacing="1" cellpadding="4">
       
   266               <tr>
       
   267               <th colspan="2">Create page group</th>
       
   268               </tr>';
       
   269       
       
   270       // Name
       
   271       echo '<tr>
       
   272               <td class="row2">
       
   273               Group name:<br />
       
   274               <small>This should be short, descriptive, and human-readable.</small>
       
   275               </td>
       
   276               <td class="row1">
       
   277               <input type="text" name="pg_name" size="30" />
       
   278               </td>
       
   279             </tr>';
       
   280             
       
   281       // Group type
       
   282       echo '<tr>
       
   283               <td class="row2">
       
   284               Group type:
       
   285               </td>
       
   286               <td class="row1">
       
   287               <select name="group_type" onchange="pg_create_typeset(this);">
       
   288                 <option value="' . PAGE_GRP_NORMAL  . '" selected="selected">Static group of pages</option>
       
   289                 <option value="' . PAGE_GRP_TAGGED  . '">Group of pages with one tag</option>
       
   290                 <option value="' . PAGE_GRP_CATLINK . '">Link to category</option>
       
   291               </select>
       
   292               </td>
       
   293             </tr>';
       
   294             
       
   295       // Titles
       
   296       echo '<tr>
       
   297               <th colspan="2">
       
   298                 <span id="pg_create_title_normal">
       
   299                   Static group of pages
       
   300                 </span>
       
   301                 <span id="pg_create_title_tagged">
       
   302                   Group of commonly tagged pages
       
   303                 </span>
       
   304                 <span id="pg_create_title_catlink">
       
   305                   Mirror a category
       
   306                 </span>
       
   307               </th>
       
   308             </tr>';
       
   309       
       
   310       echo '<tr>
       
   311               <td class="row2">
       
   312                 <div id="pg_create_normal_1">
       
   313                   Member pages:<br />
       
   314                   <small>Click the "plus" button to add more fields.</small>
       
   315                 </div>
       
   316                 <div id="pg_create_catlink_1">
       
   317                   Include pages in this category:<br />
       
   318                   <small>Pages in subcategories are <u>not</u> included, however subcategory pages themselves are.</small>
       
   319                 </div>
       
   320                 <div id="pg_create_tagged_1">
       
   321                   Include pages with this tag:
       
   322                 </div>
       
   323               </td>';
       
   324             
       
   325       echo '  <td class="row1">
       
   326                 <div id="pg_create_normal_2" />
       
   327                   <input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   328                   <input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   329                   <input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   330                   <input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   331                   <input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
       
   332                   <input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value="&nbsp;&nbsp;+&nbsp;&nbsp;" />
       
   333                 </div>
       
   334                 <div id="pg_create_tagged_2">
       
   335                   <input type="text" name="member_tag" size="30" />
       
   336                 </div>
       
   337                 <div id="pg_create_catlink_2">
       
   338                   ' . $catlist . '
       
   339                 </div>
       
   340               </td>
       
   341             </tr>';
       
   342             
       
   343       // Submit button
       
   344       echo '<tr>
       
   345               <th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="Create page group" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" /></th>
       
   346             </tr>';
       
   347             
       
   348       echo '</table>
       
   349             </div>';
       
   350       
       
   351       echo '</form>';
       
   352       return;
       
   353     }
       
   354     else if ( isset($_POST['action']['del']) )
       
   355     {
       
   356       // Confirmation to delete a group (this is really only a stub)
       
   357       
       
   358       $delete_id = array_keys($_POST['action']['del']);
       
   359       $delete_id = intval($delete_id[0]);
       
   360       
       
   361       if ( !empty($delete_id) )
       
   362       {
       
   363         echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
       
   364         echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />';
       
   365         echo '<div class="tblholder">';
       
   366         echo '  <table border="0" cellspacing="1" cellpadding="4">';
       
   367         echo '    <tr><th>Confirm deletion</th></tr>';
       
   368         echo '    <tr><td class="row2" style="text-align: center; padding: 20px 0;">Are you sure you want to delete this page group?</td></tr>';
       
   369         echo '    <tr><td class="row1" style="text-align: center;">';
       
   370         echo '        <input type="submit" name="action[del_confirm]" value="Yes, delete group" style="font-weight: bold;" />';
       
   371         echo '        <input type="submit" name="action[noop]" value="Cancel" style="font-weight: normal;" />';
       
   372         echo '        </td></tr>';
       
   373         echo '  </table>';
       
   374         echo '</form>';
       
   375         
       
   376         return;
       
   377       }
       
   378     }
       
   379     else if ( isset($_POST['action']['del_confirm']) )
       
   380     {
       
   381       $delete_id = intval($_POST['delete_id']);
       
   382       if ( empty($delete_id) )
       
   383       {
       
   384         echo 'Hack attempt';
       
   385         return;
       
   386       }
       
   387       // Obtain group name
       
   388       $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
       
   389       if ( !$q )
       
   390         $db->_die();
       
   391       if ( $db->numrows() < 1 )
       
   392       {
       
   393         echo 'Page group dun exist.';
       
   394         return;
       
   395       }
       
   396       $row = $db->fetchrow();
       
   397       $db->free_result();
       
   398       $pg_name = $row['pg_name'];
       
   399       unset($row);
       
   400       // Delete the group
       
   401       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
       
   402       if ( !$q )
       
   403         $db->_die();
       
   404       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');
       
   405       if ( !$q )
       
   406         $db->_die();
       
   407       echo "<div class='info-box'>The group ".'"'."$pg_name".'"'." has been deleted.</div>";
       
   408     }
       
   409     else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )
       
   410     {
       
   411       if ( isset($_POST['action']['edit_save']) )
       
   412       {
       
   413       }
       
   414      
       
   415       if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )
       
   416       {
       
   417         $json = new Services_JSON(SERVICES_JSON_LOOSE_TYPE);
       
   418         $return = array('successful' => false);
       
   419         
       
   420         //
       
   421         // Add the specified page to the group
       
   422         //
       
   423         
       
   424         // Get ID of the group
       
   425         $edit_id = intval($_POST['pg_id']);
       
   426         if ( !$edit_id )
       
   427         {
       
   428           $return = array('mode' => 'error', 'text' => 'Hack attempt');
       
   429           echo $json->encode($return);
       
   430           return;
       
   431         }
       
   432         
       
   433         // Run some validation - check that page exists and that it's not already in the group
       
   434         $page = $_POST['new_page'];
       
   435         if ( empty($page) )
       
   436         {
       
   437           $return = array('mode' => 'error', 'text' => 'Please enter a page title.');
       
   438           echo $json->encode($return);
       
   439           return;
       
   440         }
       
   441         
       
   442         if ( !isPage($page) )
       
   443         {
       
   444           $return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');
       
   445           echo $json->encode($return);
       
   446           return;
       
   447         }
       
   448         
       
   449         list($page_id, $namespace) = RenderMan::strToPageID($page);
       
   450         $page_id = sanitize_page_id($page_id);
       
   451         
       
   452         $q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');
       
   453         if ( !$q )
       
   454         {
       
   455           $return = array('mode' => 'error', 'text' => $db->get_error());
       
   456           echo $json->encode($return);
       
   457           return;
       
   458         }
       
   459         if ( $db->numrows() > 0 )
       
   460         {
       
   461           $return = array('mode' => 'error', 'text' => 'The page you are trying to add is already in this group.');
       
   462           echo $json->encode($return);
       
   463           return;
       
   464         }
       
   465         
       
   466         $q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
       
   467         if ( !$q )
       
   468         {
       
   469           $return = array('mode' => 'error', 'text' => $db->get_error());
       
   470           echo $json->encode($return);
       
   471           return;
       
   472         }
       
   473         
       
   474         $title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);
       
   475         
       
   476         $return = array('mode' => 'info', 'text' => 'The page has been added to the specified group.', 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());
       
   477         
       
   478         echo $json->encode($return);
       
   479         return;
       
   480       }
       
   481       
       
   482       if ( isset($_POST['action']['edit_save']) )
       
   483       {
       
   484         $edit_id = $_POST['action']['edit'];
       
   485       }
       
   486       else
       
   487       {
       
   488         $edit_id = array_keys($_POST['action']['edit']);
       
   489         $edit_id = intval($edit_id[0]);
       
   490       }
       
   491       
       
   492       if ( empty($edit_id) )
       
   493       {
       
   494         echo 'Hack attempt';
       
   495         return;
       
   496       }
       
   497       
       
   498       if ( isset($_POST['action']['edit_save']['do_rm']) )
       
   499       {
       
   500         $vals = array_keys($_POST['action']['edit_save']['rm']);
       
   501         $good = array();
       
   502         foreach ( $vals as $id )
       
   503         {
       
   504           if ( strval(intval($id)) == $id )
       
   505             $good[] = $id;
       
   506         }
       
   507         $subquery = 'pg_member_id=' . implode(' OR pg_member_id=', $good);
       
   508         $sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";
       
   509         if ( !$db->sql_query($sql) )
       
   510         {
       
   511           $db->_die();
       
   512         }
       
   513         echo '<div class="info-box">The requested page group members have been deleted.</div>';
       
   514       }
       
   515       
       
   516       // Fetch information about page group
       
   517       $q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
       
   518       if ( !$q )
       
   519         $db->_die();
       
   520       
       
   521       if ( $db->numrows() < 1 )
       
   522       {
       
   523         echo 'Bad request - can\'t load page group from database.';
       
   524         return;
       
   525       }
       
   526       
       
   527       $row = $db->fetchrow();
       
   528       $db->free_result();
       
   529       
       
   530       echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
       
   531       echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
       
   532       echo '<div class="tblholder">
       
   533               <table border="0" cellspacing="1" cellpadding="4">
       
   534                 <tr>
       
   535                   <th colspan="3">Editing page group: ' . htmlspecialchars($row['pg_name']) . '</th>
       
   536                 </tr>';
       
   537       // Group name
       
   538       
       
   539       echo '    <tr>
       
   540                   <td class="row2">Group name:</td>
       
   541                   <td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>
       
   542                 </tr>';
       
   543       
       
   544       $ajax_page_add = false;
       
   545                 
       
   546       // This is where the going gets tricky.
       
   547       // For static groups, we need to have each page listed out with a removal button, and a form to add new pages.
       
   548       // For category links, we need a select box with each category in it, and
       
   549       // For tag sets, just a text box to enter a new tag.
       
   550       
       
   551       // You can guess which one I dreaded.
       
   552       
       
   553       switch ( $row['pg_type'] )
       
   554       {
       
   555         case PAGE_GRP_NORMAL:
       
   556           // You have guessed correct.
       
   557           // *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*
       
   558           
       
   559           echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="Save group name" /></th></tr>';
       
   560           
       
   561           $q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m
       
   562                                  LEFT JOIN '.table_prefix.'pages AS p
       
   563                                    ON ( p.urlname = m.page_id AND p.namespace = m.namespace )
       
   564                                  WHERE m.pg_id=' . $edit_id . ';');
       
   565           
       
   566           if ( !$q )
       
   567             $db->_die();
       
   568           
       
   569           $delim = ceil( $db->numrows() / 2 );
       
   570           if ( $delim < 5 )
       
   571           {
       
   572             $delim = 0xFFFFFFFE;
       
   573             // stupid hack
       
   574             $colspan = '2" id="pg_edit_tackon2me';
       
   575           }
       
   576           else
       
   577           {
       
   578             $colspan = "1";
       
   579           }
       
   580           
       
   581           echo '<tr><td class="row2" rowspan="2"><b>Remove</b> pages:</td><td class="row1" colspan="' . $colspan . '">';
       
   582           $i = 0;
       
   583           
       
   584           while ( $row = $db->fetchrow() )
       
   585           {
       
   586             $i++;
       
   587             if ( $i == $delim )
       
   588             {
       
   589               echo '</td><td class="row1" id="pg_edit_tackon2me">';
       
   590             }
       
   591             $page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);
       
   592             echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';
       
   593           }
       
   594           
       
   595           echo '</td></tr>';
       
   596           echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="Remove selected" /></th></tr>';
       
   597           
       
   598           // More javascript magic!
       
   599           ?>
       
   600           <script type="text/javascript">
       
   601             var __pg_edit_submitAuthorized = true;;
       
   602             var __ol_pg_edit_setup = function()
       
   603             {
       
   604               var input = document.getElementById('inptext_pg_add_member');
       
   605               input.onkeyup = function(e) { ajaxPageNameComplete(this); };
       
   606               input.onkeypress = function(e) { if ( e.keyCode == 13 ) { setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500); } };
       
   607             }
       
   608             addOnloadHook(__ol_pg_edit_setup);
       
   609             var __pg_edit_objcache = false;
       
   610             function __pg_edit_ajaxadd(obj)
       
   611             {
       
   612               if ( __pg_edit_objcache )
       
   613                 return false;
       
   614               __pg_edit_objcache = obj;
       
   615               
       
   616               if ( obj.nextSibling )
       
   617               {
       
   618                 if ( obj.nextSibling.tagName == 'DIV' )
       
   619                 {
       
   620                   obj.parentNode.removeChild(obj.nextSibling);
       
   621                 }
       
   622               }
       
   623               
       
   624               // set width on parent, to prevent wrapping of ajax loading image
       
   625               var w = $(obj).Width();
       
   626               w = w + 24;
       
   627               obj.parentNode.style.width = w + 'px';
       
   628               
       
   629               // append the ajaxy loading image
       
   630               var img = document.createElement('img');
       
   631               img.src = scriptPath + '/images/loading.gif';
       
   632               img.style.marginLeft = '4px';
       
   633               insertAfter(obj.parentNode, img, obj);
       
   634               
       
   635               var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');
       
   636               var page_add = escape(obj.value);
       
   637               var pg_id = document.forms.pg_edit_frm['action[edit]'].value;
       
   638               ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()
       
   639                 {
       
   640                   if ( ajax.readyState == 4 )
       
   641                   {
       
   642                     var obj = __pg_edit_objcache;
       
   643                     __pg_edit_objcache = false;
       
   644                     
       
   645                     // kill the loading graphic
       
   646                     obj.parentNode.removeChild(obj.nextSibling);
       
   647                     
       
   648                     var resptext = String(ajax.responseText + '');
       
   649                     if ( resptext.substr(0, 1) != '{' )
       
   650                     {
       
   651                       // This ain't JSON baby.
       
   652                       alert('Invalid JSON response:\n' + resptext);
       
   653                       return false;
       
   654                     }
       
   655                     var json = parseJSON(resptext);
       
   656                     
       
   657                     var div = document.createElement('div');
       
   658                     if ( json.mode == 'info' )
       
   659                     {
       
   660                       div.className = 'info-box-mini';
       
   661                     }
       
   662                     else if ( json.mode == 'error' )
       
   663                     {
       
   664                       div.className = 'error-box-mini';
       
   665                     }
       
   666                     div.appendChild(document.createTextNode(json.text));
       
   667                     insertAfter(obj.parentNode, div, obj);
       
   668                     
       
   669                     if ( json.successful )
       
   670                     {
       
   671                       var td = document.getElementById('pg_edit_tackon2me');
       
   672                       var lbl = document.createElement('label');
       
   673                       var check = document.createElement('input');
       
   674                       check.type = 'checkbox';
       
   675                       check.name = 'action[edit_save][rm][' + json.member_id + ']';
       
   676                       lbl.appendChild(check);
       
   677                       lbl.appendChild(document.createTextNode(' ' + json.title));
       
   678                       td.appendChild(lbl);
       
   679                       td.appendChild(document.createElement('br'));
       
   680                     }
       
   681                     
       
   682                   }
       
   683                 });
       
   684             }
       
   685           </script>
       
   686           <?php
       
   687           
       
   688           $ajax_page_add = true;
       
   689           
       
   690           break;
       
   691       }
       
   692       
       
   693       if ( $ajax_page_add )
       
   694       {
       
   695         echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="Cancel all changes" /></th></tr>';
       
   696       }
       
   697       else
       
   698       {
       
   699         
       
   700       }
       
   701       
       
   702       echo '  </table>
       
   703             </div>';
       
   704       echo '</form>';
       
   705       
       
   706       // This needs to be outside of the form.
       
   707       echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';
       
   708       echo '<th colspan="2">On-the-fly tools</th></tr>';
       
   709       echo '<tr>';
       
   710       // Add pages AJAX form
       
   711       echo '<td class="row2">Add page:<br /><small>You can add multiple pages by entering part of a page title, and it will be auto-completed. Press Enter to quickly add the page. This only works if you a really up-to-date browser.</small></td>';
       
   712       echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" /></td>';
       
   713       echo '</tr></table></div>';
       
   714       
       
   715       return;
       
   716     }
       
   717     else if ( isset($_POST['action']['noop']) )
       
   718     {
       
   719       // Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)
       
   720     }
       
   721     else
       
   722     {
       
   723       echo '<div class="error-box">Invalid format of $_POST[action].</div>';
       
   724     }
       
   725   }
       
   726   // No action defined - show default menu
       
   727   
       
   728   echo '<h2>Manage page groups</h2>';
       
   729   echo '<p>Enano\'s page grouping system allows you to build sets of pages that can be controlled by a single ACL rule. This makes managing features such as a members-only section of your site a lot easier. If you don\'t use the ACL system, you probably don\'t need to use page groups.</p>';
       
   730   
       
   731   $q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');
       
   732   if ( !$q )
       
   733     $db->_die();
       
   734 
       
   735   echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
       
   736   
       
   737   echo '<div class="tblholder">
       
   738           <table border="0" cellspacing="1" cellpadding="4">
       
   739             <tr>
       
   740               <th>Group name</th>
       
   741               <th>Type</th>
       
   742               <th>Target</th>
       
   743               <th colspan="2">Actions</th>
       
   744             </tr>';
       
   745   
       
   746   if ( $row = $db->fetchrow() )
       
   747   {
       
   748     do
       
   749     {
       
   750       $name = htmlspecialchars($row['pg_name']);
       
   751       $type = 'Invalid';
       
   752       switch ( $row['pg_type'] )
       
   753       {
       
   754         case PAGE_GRP_CATLINK:
       
   755           $type = 'Link to category';
       
   756           break;
       
   757         case PAGE_GRP_TAGGED:
       
   758           $type = 'Set of tagged pages';
       
   759           break;
       
   760         case PAGE_GRP_NORMAL:
       
   761           $type = 'Static set of pages';
       
   762           break;
       
   763       }
       
   764       $target = '';
       
   765       if ( $row['pg_type'] == PAGE_GRP_TAGGED )
       
   766       {
       
   767         $target = 'Tag: ' . htmlspecialchars($row['pg_target']);
       
   768       }
       
   769       else if ( $row['pg_type'] == PAGE_GRP_CATLINK )
       
   770       {
       
   771         $target = 'Category: ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));
       
   772       }
       
   773       $btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="Edit" />';
       
   774       $btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="Delete" />';
       
   775       // stupid jEdit bug/hack
       
   776       $quot = '"';
       
   777       echo "<tr>
       
   778               <td class={$quot}row1{$quot}>$name</td>
       
   779               <td class={$quot}row2{$quot}>$type</td>
       
   780               <td class={$quot}row1{$quot}>$target</td>
       
   781               <td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_edit</td>
       
   782               <td class={$quot}row3{$quot} style={$quot}text-align: center;{$quot}>$btn_del</td>
       
   783             </tr>";
       
   784     }
       
   785     while ( $row = $db->fetchrow() );
       
   786   }
       
   787   else
       
   788   {
       
   789     echo '  <tr><td class="row3" colspan="5" style="text-align: center;">No page groups defined.</td></tr>';
       
   790   }
       
   791   
       
   792   echo '    <tr>
       
   793               <th class="subhead" colspan="5">
       
   794                 <input type="submit" name="action[create]" value="Create new group" />
       
   795               </th>
       
   796             </tr>';
       
   797   
       
   798   echo '  </table>
       
   799         </div>';
       
   800         
       
   801   echo '</form>';          
       
   802     
       
   803 }
       
   804 
       
   805 ?>