Queries improved

[mailer.git] / inc / modules / admin / what-guestedit.php

<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 09/28/2003 *
 * ===============                              Last change: 12/13/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-guestedit.php                               *
 * -------------------------------------------------------------------- *
 * Short description : Edit guest's menu                                *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Menue fuer die Gaeste editieren                  *
 * -------------------------------------------------------------------- *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((ereg(basename(__FILE__), $_SERVER['PHP_SELF'])) || (!IS_ADMIN()))
{
        $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
        require($INC);
}
// Add description as navigation point
ADD_DESCR("admin", basename(__FILE__));

// Do we edit/delete/change main menus or sub menus?
$AND = "what = ''"; $SUB = "";

if (!empty($_GET['sub']))
{
        $AND = sprintf("action='%s'", SQL_ESCAPE($_GET['sub']));
        $SUB = SQL_ESCAPE($_GET['sub']);
}

// Get count of (maybe) selected menu points
$chk = 0;
if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);

// List all menu points and make them editable
if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
{
        // Edit menu entries
        define('__SUB_VALUE', $SUB);
        define('__CHK_VALUE', $chk);

        $cnt = 0; $SW = 2; $OUT = "";
        foreach ($_POST['sel'] as $sel => $confirm)
        {
                if ($confirm == 1)
                {
                        $cnt++;
                        $query = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($sel)), __FILE__, __LINE__);
                        if (SQL_NUMROWS($query) == 1)
                        {
                                // Entry found so we load the stuff...
                                list($menu, $act, $wht) = SQL_FETCHROW($query);
                                SQL_FREERESULT($result);
                                $DATA = array(
                                        'cnt'    => $cnt,
                                        'sel'    => $sel,
                                        'action' => ADMIN_MAKE_MENU_SELECTION("guest", "action", "sel_action[".$sel."]", $act),
                                        'what'   => ADMIN_MAKE_MENU_SELECTION("guest", "what", "sel_what[".$sel."]", $wht),
                                        'menu'   => $menu,
                                        'sw'     => $SW,
                                );
                                $OUT .= LOAD_TEMPLATE("admin_gmenu_edit_row", true, $DATA);
                        }
                         else
                        {
                                // Entry not found?
                                $content = array(
                                        'sw'  => $SW,
                                        'sel' => $sel
                                );
                                $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
                        }
                        $SW = 3 - $SW;
                }
        }
        define('__MENU_ROWS', $OUT);
        define('__CNT_VALUE', $cnt);

        // Load template
        LOAD_TEMPLATE("admin_gmenu_edit_form");
}
 elseif ((isset($_POST['del'])) && (!IS_DEMO()))
{
        // Del menu entries with or without confirmation
        define('__SUB_VALUE', $SUB);
        define('__CHK_VALUE', $chk);

        $cnt = 0; $OUT = ""; $SW = 2;
        foreach ($_POST['sel'] as $sel => $confirm)
        {
                if ($confirm == 1)
                {
                        $cnt++;
                        $query = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($sel)), __FILE__, __LINE__);
                        if (SQL_NUMROWS($query) == 1)
                        {
                                // Entry found so we load the stuff...
                                list($menu) = SQL_FETCHROW($query);
                                SQL_FREERESULT($result);
                                $DATA = array(
                                        'cnt'  => $cnt,
                                        'menu' => $menu,
                                        'sel'  => $sel,
                                        'sw'   => $SW,
                                );
                                $OUT .= LOAD_TEMPLATE("admin_gmenu_delete_row", true, $DATA);
                        }
                         else
                        {
                                // Entry not found?
                                $content = array(
                                        'sw'  => $SW,
                                        'sel' => $sel
                                );
                                $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
                        }
                        $SW = 3 - $SW;
                }
        }
        define('__MENU_ROWS', $OUT);
        define('__CNT_VALUE', $cnt);

        // Load template
        LOAD_TEMPLATE("admin_gmenu_delete");
}
 elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
{
        // An action is done...
        switch ($_POST['ok'])
        {
        case "edit": // Edit menu
                foreach ($_POST['sel'] as $sel => $menu)
                {
                        // Secure selector
                        $sel = bigintval($sel);

                        // Update entry
                        $query = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array($menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], $sel),__FILE__, __LINE__);
                }
                LOAD_TEMPLATE("admin_data_saved");
                break;

        case "del": // Delete menu
                foreach ($_POST['sel'] as $sel => $menu)
                {
                        // Delete enty
                        $query = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($sel)), __FILE__, __LINE__);
                }
                LOAD_TEMPLATE("admin_data_saved");
                break;

        case "status": // Change access levels
                foreach ($_POST['sel'] as $sel => $menu)
                {
                        // Secure selector
                        $sel = bigintval($sel);

                        // Update entry
                        $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
                }
                LOAD_TEMPLATE("admin_data_saved");
                break;

        default: // Unexpected action
                define('__OK_VALUE', $_POST['ok']);
                LOAD_TEMPLATE("admin_menu_unknown_okay");
                break;
        }
}
 elseif ((isset($_POST['status'])) && ($chk > 0) && (!IS_DEMO()))
{
        // Change status (visible / locked)
        define('__SUB_VALUE', $SUB);
        define('__CHK_VALUE', $chk);

        // Load template
        $SW = 2; $cnt = 0; $OUT = "";
        foreach ($_POST['sel'] as $sel => $confirm)
        {
                if ($confirm == 1)
                {
                        $cnt++;
                        $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($sel)), __FILE__, __LINE__);
                        if (SQL_NUMROWS($result) == 1)
                        {
                                // Entry found so we load the stuff...
                                list($menu, $vis, $locked) = SQL_FETCHROW($result);
                                SQL_FREERESULT($result);
                                $content = array(
                                        'cnt'     => $cnt,
                                        'menu'    => $menu,
                                        'sel'     => $sel,
                                        'sw'      => $SW,
                                        'visible' => ADD_SELECTION("yn", $vis   , "visible", $sel),
                                        'locked'  => ADD_SELECTION("yn", $locked, "locked" , $sel),
                                );

                                // Load template
                                $OUT .= LOAD_TEMPLATE("admin_menu_status_row", true, $content);
                        }
                         else
                        {
                                // Entry not found?
                                $content = array(
                                        'sw'  => $SW,
                                        'sel' => $sel
                                );
                                $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
                        }
                        $SW = 3 - $SW;
                }
        }
        define('__CNT_VALUE', $cnt);
        define('__MENU_ROWS', $OUT);

        // Load template
        LOAD_TEMPLATE("admin_gmenu_status");
}
 else
{
        if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid'])))
        {
                // Get IDs
                if (!empty($_GET['w']))
                {
                        // Sub menus selected
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND sort='%s' LIMIT 1",
                         array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__);
                        list($tid) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND sort='%s' LIMIT 1",
                         array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__);
                        list($fid) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
                }
                 else
                {
                        // Main menu selected
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
                         array(bigintval($_GET['tid'])), __FILE__, __LINE__);
                        list($tid) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
                        $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
                         array(bigintval($_GET['fid'])), __FILE__, __LINE__);
                        list($fid) = SQL_FETCHROW($result);
                        SQL_FREERESULT($result);
                }

                if ((!empty($tid)) && (!empty($fid)))
                {
                        // Sort menu
                        $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
                        $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
                         array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
                }
        }

        // By default list menus
        if (empty($SUB))
        {
                // List only main menus
                $query = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
        }
         else
        {
                // List sub menus
                $query = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC",
                 array($SUB), __FILE__, __LINE__);
        }

        // Get number of menu entries
        $max = SQL_NUMROWS($query);
        if ($max > 0)
        {
                // Some entties does exist!
                if (!empty($SUB))
                {
                        // Set sub value
                        define('__SUB_VALUE', $SUB);
                }
                 else
                {
                        // No sub menu selected
                        define('__SUB_VALUE', "");
                }

                $SW = 2; $cnt = 0; $OUT = "";
                while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($query))
                {
                        $cnt++;
                        if (($sort == 0) || (($sort == 1) && (!empty($SUB))))
                        {
                                // Is highest position
                                $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
                        }
                         elseif ($cnt == $max)
                        {
                                // Is lowest position
                                $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>";
                        }
                         elseif ($sort > 0)
                        {
                                // Anything else between highest and lowest
                                $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>/<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
                        }
                        if (empty($act)) $act = "&nbsp;";
                        if (empty($wht))   $wht   = "&nbsp;";
                        if (empty($title))  $title  = "&nbsp;";
                        $content = array(
                                'sw'     => $SW,
                                'id'     => $id,
                                'action' => $act,
                                'what'   => $wht,
                                'title'  => $title,
                                'navi'   => $NAVI,
                                'mode'   => "guest"
                        );
                        $OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content);
                        $SW = 3 - $SW;
                }

                // Free memory
                SQL_FREERESULT($query);
                define('__MENU_ROWS', $OUT);

                // Load template
                LOAD_TEMPLATE("admin_gmenu_edit");
        }
         else
        {
                // Menu entries are missing... (???)
                LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
        }
}

//
?>