CX: Viewing File web/group.action.php of 0.00.0a

File: 0.00.0a/web/group.action.php (View as Code)

1: 2: ob_start(); 3: require("include.php"); 4: $NATS->Start(); 5: if (!$NATS_Session->Check($NATS->DB)) 6: { 7: header("Location: ./?login_msg=Invalid+Or+Expired+Session"); 8: exit(); 9: } 10: if ($NATS_Session->userlevel<5) UL_Error("Action Group"); 11: $msg=""; 12: 13: switch($_REQUEST['action']) 14: { 15: case "delete": 16: if (!isset($_REQUEST['confirm'])) 17: { 18: $go="confirm.php?action=Delete+Group&back="; 19: $go.=urlencode("group.action.php?action=delete&groupid=".$_REQUEST['groupid']."&confirm=1"); 20: header("Location: ".$go); 21: exit(); 22: } 23: // delete it and shit! 24: 25: // node + localtests + lt results 26: break; 27: 28: case "create": 29: $q="INSERT INTO fngroup(groupname) VALUES(\"".ss($_REQUEST['groupname'])."\")"; 30: if ($_REQUEST['groupname']!="") 31: { 32: $NATS->DB->Query($q); 33: $msg="Created New Group"; 34: } 35: else $msg="Invalid Group Name"; 36: break; 37: 38: case "save_edit": 39: $q="UPDATE fngroup SET "; 40: $q.="groupname=\"".ss($_REQUEST['groupname'])."\","; 41: $q.="groupdesc=\"".ss($_REQUEST['groupdesc'])."\","; 42: $q.="groupicon=\"".ss($_REQUEST['groupicon'])."\""; 43: $q.=" WHERE groupid=".ss($_REQUEST['groupid']); 44: $NATS->DB->Query($q); 45: $msg="Saved Group Changes"; 46: break; 47: 48: case "save_members": 49: 50: // da two list nonsense again 51: /* 52: $nl=array(); 53: $nc=0; 54: $cur=array(); 55: $cc=0; 56: 57: foreach($_REQUEST['members'] as $newmem) 58: { 59: $nl[$newmem]['proc']=false; 60: $nl[$newmem]['nodeid']=$newmem; 61: $nl++; 62: } 63: */ // no let's try this and see if we get any errors and stuff 64: 65: $q="DELETE FROM fngrouplink WHERE groupid=".ss($_REQUEST['groupid']); 66: $NATS->DB->Query($q); 67: foreach($_REQUEST['members'] as $newmem) 68: { 69: $q="INSERT INTO fngrouplink(groupid,nodeid) VALUES(".ss($_REQUEST['groupid']).",\"".ss($newmem)."\")"; 70: $NATS->DB->Query($q); 71: } 72: $msg="Updated Group Membership"; 73: break; 74: 75: case "move": 76: // get my weight 77: $q="SELECT weight FROM fngroup WHERE groupid=\"".ss($_REQUEST['groupid'])."\""; 78: $r=$NATS->DB->Query($q); 79: $row=$NATS->DB->Fetch_Array($r); 80: $myweight=$row['weight']; 81: $NATS->DB->Free($r); 82: 83: // get next/prev one 84: $q="SELECT groupid,weight FROM fngroup WHERE "; 85: if ($_REQUEST['dir']=="up") $q.="weight<".$myweight." ORDER BY weight DESC LIMIT 0,1"; 86: else $q.="weight>".$myweight." ORDER BY weight ASC LIMIT 0,1"; 87: $r=$NATS->DB->Query($q); 88: if ($row=$NATS->DB->Fetch_Array($r)) 89: { 90: // swap 'em 91: $uq="UPDATE fngroup SET weight=".$myweight." WHERE groupid=".$row['groupid']; 92: $NATS->DB->Query($uq); 93: $uq="UPDATE fngroup SET weight=".$row['weight']." WHERE groupid=".ss($_REQUEST['groupid']); 94: $NATS->DB->Query($uq); 95: $msg="Updated Group Display Order"; 96: } 97: else $msg="No Higher/Lower Group"; 98: break; 99: 100: 101: 102: default: $msg="Unknown Group Action"; 103: } 104: header("Location: main.php?message=".urlencode($msg)); 105: exit(); 106: 107: ?> 108: