-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathOptionManagerRowOps.php
181 lines (158 loc) · 5.46 KB
/
OptionManagerRowOps.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
<?php
/*******************************************************************************
*
* filename : OptionManagerRowOps.php
* last change : 2003-04-09
* website : http://www.infocentral.org
* copyright : Copyright 2003 Chris Gebhardt (http://www.openserve.org)
*
* function : Row operations for the option manager
*
* InfoCentral is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
******************************************************************************/
require "Include/Config.php";
require "Include/Functions.php";
// Get the Order, ID, Mode, and Action from the querystring
$iOrder = FilterInput($_GET["Order"],'int'); // the option Sequence
$sAction = $_GET["Action"];
$iID = FilterInput($_GET["ID"],'int'); // the option ID
$mode = trim($_GET["mode"]);
// Check security for the mode selected.
switch ($mode) {
case famroles:
case classes:
if (!$_SESSION['bMenuOptions'])
{
Redirect("Menu.php");
exit;
}
break;
case grptypes:
case grproles:
if (!$_SESSION['bManageGroups'])
{
Redirect("Menu.php");
exit;
}
break;
case custom:
case famcustom:
if (!$_SESSION['bAdmin'])
{
Redirect("Menu.php");
exit;
}
break;
default:
Redirect("Menu.php");
break;
}
// Set appropriate table and field names for the editor mode
switch ($mode) {
case famroles:
$deleteCleanupTable = "person_per";
$deleteCleanupColumn = "per_fmr_ID";
$deleteCleanupResetTo = 0;
$listID = 2;
break;
case classes:
$deleteCleanupTable = "person_per";
$deleteCleanupColumn = "per_cls_ID";
$deleteCleanupResetTo = 0;
$listID = 1;
break;
case grptypes:
$deleteCleanupTable = "group_grp";
$deleteCleanupColumn = "grp_Type";
$deleteCleanupResetTo = 0;
$listID = 3;
break;
case grproles:
$listID = FilterInput($_GET["ListID"],'int');
// Validate that this list ID is really for a group roles list. (for security)
$sSQL = "SELECT '' FROM group_grp WHERE grp_RoleListID = " . $listID;
$rsTemp = RunQuery($sSQL);
if (mysql_num_rows($rsTemp) == 0) {
Redirect("Menu.php");
break;
}
break;
case custom:
case famcustom:
$listID = FilterInput($_GET["ListID"],'int');
break;
}
switch ($sAction)
{
// Move a field up: Swap the OptionSequence (ordering) of the selected row and the one above it
case up:
$sSQL = "UPDATE list_lst SET lst_OptionSequence = '" . $iOrder . "' WHERE lst_ID = $listID AND lst_OptionSequence = '" . ($iOrder - 1) . "'";
RunQuery($sSQL);
$sSQL = "UPDATE list_lst SET lst_OptionSequence = '" . ($iOrder - 1) . "' WHERE lst_ID = $listID AND lst_OptionID = '" . $iID . "'";
RunQuery($sSQL);
break;
// Move a field down: Swap the OptionSequence (ordering) of the selected row and the one below it
case down:
$sSQL = "UPDATE list_lst SET lst_OptionSequence = '" . $iOrder . "' WHERE lst_ID = $listID AND lst_OptionSequence = '" . ($iOrder + 1) . "'";
RunQuery($sSQL);
$sSQL = "UPDATE list_lst SET lst_OptionSequence = '" . ($iOrder + 1) . "' WHERE lst_ID = $listID AND lst_OptionID = '" . $iID . "'";
RunQuery($sSQL);
break;
// Delete a field from the form
case delete:
$sSQL = "SELECT '' FROM list_lst WHERE lst_ID = $listID";
$rsPropList = RunQuery($sSQL);
$numRows = mysql_num_rows($rsPropList);
// Make sure we never delete the only option
if ($numRows > 1)
{
$sSQL = "DELETE FROM list_lst WHERE lst_ID = $listID AND lst_OptionSequence = '" . $iOrder . "'";
RunQuery($sSQL);
// Shift the remaining rows up by one
for ($reorderRow = $iOrder+1; $reorderRow <= $numRows+1; $reorderRow++)
{
$sSQL = "UPDATE list_lst SET lst_OptionSequence = '" . ($reorderRow - 1) . "' WHERE lst_ID = $listID AND lst_OptionSequence = '" . $reorderRow . "'";
RunQuery($sSQL);
}
// If group roles mode, check if we've deleted the old group default role. If so, reset default to role ID 1
// Next, if any group members were using the deleted role, reset their role to the group default.
if ($mode == "grproles")
{
// Reset if default role was just removed.
$sSQL = "UPDATE group_grp SET grp_DefaultRole = 1 WHERE grp_RoleListID = $listID AND grp_DefaultRole = $iID";
RunQuery($sSQL);
// Get the current default role and Group ID (so we can update the p2g2r table)
// This seems backwards, but grp_RoleListID is unique, having a 1-1 relationship with grp_ID.
$sSQL = "SELECT grp_ID,grp_DefaultRole FROM group_grp WHERE grp_RoleListID = $listID";
$rsTemp = RunQuery($sSQL);
$aTemp = mysql_fetch_array($rsTemp);
$sSQL = "UPDATE person2group2role_p2g2r SET p2g2r_rle_ID = $aTemp[1] WHERE p2g2r_grp_ID = $aTemp[0] AND p2g2r_rle_ID = $iID";
RunQuery($sSQL);
}
// Otherwise, for other types of assignees having a deleted option, reset them to default of 0 (undefined).
else
{
if ($deleteCleanupTable <> 0) {
$sSQL = "UPDATE $deleteCleanupTable SET $deleteCleanupColumn = $deleteCleanupResetTo WHERE $deleteCleanupColumn = " . $iID;
RunQuery($sSQL);
}
}
}
break;
// Currently this is used solely for group roles
case makedefault:
$sSQL = "UPDATE group_grp SET grp_DefaultRole = $iID WHERE grp_RoleListID = $listID";
RunQuery($sSQL);
break;
// If no valid action was specified, abort
default:
Redirect("Menu.php");
break;
}
// Reload the option manager page
Redirect("OptionManager.php?mode=$mode&ListID=$listID");
exit;
?>