function group_init(&$a) {
if(local_user()) {
require_once('include/group.php');
- $a->page['aside'] = group_side();
+ $a->page['aside'] = group_side('contacts','group',false,(($a->argc > 1) ? intval($a->argv[1]) : 0));
}
}
}
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
+ check_form_security_token_redirectOnErr('/group/new', 'group_edit');
+
$name = notags(trim($_POST['groupname']));
$r = group_add(local_user(),$name);
if($r) {
- notice( t('Group created.') . EOL );
+ info( t('Group created.') . EOL );
$r = group_byname(local_user(),$name);
if($r)
goaway($a->get_baseurl() . '/group/' . $r);
}
else
- notice( t('Could not create group.') . EOL );
+ notice( t('Could not create group.') . EOL );
goaway($a->get_baseurl() . '/group');
return; // NOTREACHED
}
if(($a->argc == 2) && (intval($a->argv[1]))) {
+ check_form_security_token_redirectOnErr('/group', 'group_edit');
+
$r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval(local_user())
$group = $r[0];
$groupname = notags(trim($_POST['groupname']));
if((strlen($groupname)) && ($groupname != $group['name'])) {
- $r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
+ $r = q("UPDATE `group` SET `name` = '%s' WHERE `uid` = %d AND `id` = %d",
dbesc($groupname),
intval(local_user()),
intval($group['id'])
);
if($r)
- notice( t('Group name changed.') . EOL );
+ info( t('Group name changed.') . EOL );
}
- $members = $_POST['group_members_select'];
- if(is_array($members))
- array_walk($members,'validate_members');
- $r = q("DELETE FROM `group_member` WHERE `gid` = %d AND `uid` = %d",
- intval($a->argv[1]),
- intval(local_user())
- );
- $result = true;
- if(is_array($members) && count($members)) {
- foreach($members as $member) {
- $r = q("INSERT INTO `group_member` ( `uid`, `gid`, `contact-id`)
- VALUES ( %d, %d, %d )",
- intval(local_user()),
- intval($group['id']),
- intval($member)
- );
- if(! $r)
- $result = false;
- }
- }
- if($result)
- notice( t('Membership list updated.') . EOL);
+
$a->page['aside'] = group_side();
}
return;
}
function group_content(&$a) {
-
+ $change = false;
+
if(! local_user()) {
notice( t('Permission denied') . EOL);
return;
}
+ // Switch to text mode interface if we have more than 'n' contacts or group members
+
+ $switchtotext = get_pconfig(local_user(),'system','groupedit_image_limit');
+ if($switchtotext === false)
+ $switchtotext = get_config('system','groupedit_image_limit');
+ if($switchtotext === false)
+ $switchtotext = 400;
+
+ $tpl = get_markup_template('group_edit.tpl');
+
+ $context = array(
+ '$submit' => t('Save Group'),
+ );
+
if(($a->argc == 2) && ($a->argv[1] === 'new')) {
- $tpl = load_view_file('view/group_new.tpl');
- $o .= replace_macros($tpl,array(
- '$desc' => t('Create a group of contacts/friends.'),
- '$name' => t('Group Name: '),
- '$submit' => t('Submit')
- ));
- return $o;
+
+ return replace_macros($tpl, $context + array(
+ '$title' => t('Create a group of contacts/friends.'),
+ '$gname' => array('groupname',t('Group Name: '), '', ''),
+ '$gid' => 'new',
+ '$form_security_token' => get_form_security_token("group_edit"),
+ ));
+
+
}
if(($a->argc == 3) && ($a->argv[1] === 'drop')) {
+ check_form_security_token_redirectOnErr('/group', 'group_drop', 't');
+
if(intval($a->argv[2])) {
$r = q("SELECT `name` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]),
intval(local_user())
);
- if(count($r))
+ if(count($r))
$result = group_rmv(local_user(),$r[0]['name']);
if($result)
- notice( t('Group removed.') . EOL);
+ info( t('Group removed.') . EOL);
else
notice( t('Unable to remove group.') . EOL);
}
goaway($a->get_baseurl() . '/group');
- return; // NOTREACHED
+ // NOTREACHED
}
+ if(($a->argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) {
+ check_form_security_token_ForbiddenOnErr('group_member_change', 't');
+
+ $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1",
+ intval($a->argv[2]),
+ intval(local_user())
+ );
+ if(count($r))
+ $change = intval($a->argv[2]);
+ }
+
+ if(($a->argc > 1) && (intval($a->argv[1]))) {
- if(($a->argc == 2) && (intval($a->argv[1]))) {
require_once('include/acl_selectors.php');
- $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1",
intval($a->argv[1]),
intval(local_user())
);
$preselected[] = $member['id'];
}
- $drop_tpl = load_view_file('view/group_drop.tpl');
+ if($change) {
+ if(in_array($change,$preselected)) {
+ group_rmv_member(local_user(),$group['name'],$change);
+ }
+ else {
+ group_add_member(local_user(),$group['name'],$change);
+ }
+
+ $members = group_get_members($group['id']);
+ $preselected = array();
+ if(count($members)) {
+ foreach($members as $member)
+ $preselected[] = $member['id'];
+ }
+ }
+
+
+ $drop_tpl = get_markup_template('group_drop.tpl');
$drop_txt = replace_macros($drop_tpl, array(
'$id' => $group['id'],
- '$delete' => t('Delete')
+ '$delete' => t('Delete'),
+ '$form_security_token' => get_form_security_token("group_drop"),
));
$celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
- $tpl = load_view_file('view/group_edit.tpl');
- $o .= replace_macros($tpl, array(
+
+ $context = $context + array(
+ '$title' => t('Group Editor'),
+ '$gname' => array('groupname',t('Group Name: '),$group['name'], ''),
'$gid' => $group['id'],
- '$name' => $group['name'],
'$drop' => $drop_txt,
- '$selector' => contact_select('group_members_select','group_members_select',$preselected,25,false,$celeb),
- '$title' => t('Group Editor'),
- '$gname' => t('Group Name: '),
- '$members' => t('Members:'),
- '$submit' => t('Submit')
- ));
+ '$form_security_token' => get_form_security_token('group_edit'),
+ );
}
- $o .= '<div id="group-members">';
+ if(! isset($group))
+ return;
+
+ $groupeditor = array(
+ 'label_members' => t('Members'),
+ 'members' => array(),
+ 'label_contacts' => t('All Contacts'),
+ 'contacts' => array(),
+ );
+
+ $sec_token = addslashes(get_form_security_token('group_member_change'));
+ $textmode = (($switchtotext && (count($members) > $switchtotext)) ? true : false);
foreach($members as $member) {
- $o .= micropro($member,true,'mpgroup');
+ if($member['url']) {
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
+ $groupeditor['members'][] = micropro($member,true,'mpgroup', $textmode);
+ }
+ else
+ group_rmv_member(local_user(),$group['name'],$member['id']);
+ }
+
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `blocked` = 0 and `pending` = 0 and `self` = 0 ORDER BY `name` ASC",
+ intval(local_user())
+ );
+
+ if(count($r)) {
+ $textmode = (($switchtotext && (count($r) > $switchtotext)) ? true : false);
+ foreach($r as $member) {
+ if(! in_array($member['id'],$preselected)) {
+ $member['click'] = 'groupChangeMember(' . $group['id'] . ',' . $member['id'] . ',\'' . $sec_token . '\'); return true;';
+ $groupeditor['contacts'][] = micropro($member,true,'mpall', $textmode);
+ }
+ }
+ }
+
+ $context['$groupeditor'] = $groupeditor;
+ $context['$desc'] = t('Click on a contact to add or remove.');
+
+ if($change) {
+ $tpl = get_markup_template('groupeditor.tpl');
+ echo replace_macros($tpl, $context);
+ killme();
}
- $o .= '</div><div id="group-members-end"></div>';
+
+ return replace_macros($tpl, $context);
- return $o;
+}
-}
\ No newline at end of file