inc/modules/admin/what-guestedit.php

   1 <?php
   2 /************************************************************************
   3  * MXChange v0.2.1                                    Start: 09/28/2003 *
   4  * ===============                              Last change: 12/13/2004 *
   5  *                                                                      *
   6  * -------------------------------------------------------------------- *
   7  * File              : what-guestedit.php                               *
   8  * -------------------------------------------------------------------- *
   9  * Short description : Edit guest's menu                                *
  10  * -------------------------------------------------------------------- *
  11  * Kurzbeschreibung  : Menue fuer die Gaeste editieren                  *
  12  * -------------------------------------------------------------------- *
  13  *                                                                      *
  14  * -------------------------------------------------------------------- *
  15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
  16  * For more information visit: http://www.mxchange.org                  *
  17  *                                                                      *
  18  * This program is free software; you can redistribute it and/or modify *
  19  * it under the terms of the GNU General Public License as published by *
  20  * the Free Software Foundation; either version 2 of the License, or    *
  21  * (at your option) any later version.                                  *
  22  *                                                                      *
  23  * This program is distributed in the hope that it will be useful,      *
  24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
  25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
  26  * GNU General Public License for more details.                         *
  27  *                                                                      *
  28  * You should have received a copy of the GNU General Public License    *
  29  * along with this program; if not, write to the Free Software          *
  30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
  31  * MA  02110-1301  USA                                                  *
  32  ************************************************************************/
  33
  34 // Some security stuff...
  35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
  36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
  37         require($INC);
  38 }
  39
  40 // Add description as navigation point
  41 ADD_DESCR("admin", __FILE__);
  42
  43 // Do we edit/delete/change main menus or sub menus?
  44 $AND = "(what = '' OR what IS NULL)"; $SUB = "";
  45
  46 if (!empty($_GET['sub'])) {
  47         $AND = sprintf("action='%s' AND what IS NOT NULL", SQL_ESCAPE($_GET['sub']));
  48         $SUB = SQL_ESCAPE($_GET['sub']);
  49 } // END - if
  50
  51 // Get count of (maybe) selected menu points
  52 $chk = 0;
  53 if (!empty($_POST['sel'])) $chk = SELECTION_COUNT($_POST['sel']);
  54
  55 // List all menu points and make them editable
  56 if ((isset($_POST['edit'])) && ($chk > 0) && (!IS_DEMO()))
  57 {
  58         // Edit menu entries
  59         define('__SUB_VALUE', $SUB);
  60         define('__CHK_VALUE', $chk);
  61
  62         $cnt = 0; $SW = 2; $OUT = "";
  63         foreach ($_POST['sel'] as $sel => $confirm)
  64         {
  65                 if ($confirm == 1)
  66                 {
  67                         $cnt++;
  68                         $result = SQL_QUERY_ESC("SELECT title, action, what FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
  69                          array(bigintval($sel)), __FILE__, __LINE__);
  70                         if (SQL_NUMROWS($result) == 1)
  71                         {
  72                                 // Entry found so we load the stuff...
  73                                 list($menu, $act, $wht) = SQL_FETCHROW($result);
  74                                 SQL_FREERESULT($result);
  75                                 $DATA = array(
  76                                         'cnt'    => $cnt,
  77                                         'sel'    => $sel,
  78                                         'action' => ADMIN_MAKE_MENU_SELECTION("guest", "action", "sel_action[".$sel."]", $act),
  79                                         'what'   => ADMIN_MAKE_MENU_SELECTION("guest", "what", "sel_what[".$sel."]", $wht),
  80                                         'menu'   => $menu,
  81                                         'sw'     => $SW,
  82                                 );
  83                                 $OUT .= LOAD_TEMPLATE("admin_gmenu_edit_row", true, $DATA);
  84                         }
  85                          else
  86                         {
  87                                 // Entry not found?
  88                                 $content = array(
  89                                         'sw'  => $SW,
  90                                         'sel' => $sel
  91                                 );
  92                                 $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
  93                         }
  94                         $SW = 3 - $SW;
  95                 }
  96         }
  97         define('__MENU_ROWS', $OUT);
  98         define('__CNT_VALUE', $cnt);
  99
 100         // Load template
 101         LOAD_TEMPLATE("admin_gmenu_edit_form");
 102 }
 103  elseif ((isset($_POST['del'])) && (!IS_DEMO()))
 104 {
 105         // Del menu entries with or without confirmation
 106         define('__SUB_VALUE', $SUB);
 107         define('__CHK_VALUE', $chk);
 108
 109         $cnt = 0; $OUT = ""; $SW = 2;
 110         foreach ($_POST['sel'] as $sel => $confirm)
 111         {
 112                 if ($confirm == 1)
 113                 {
 114                         $cnt++;
 115                         $result = SQL_QUERY_ESC("SELECT title FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
 116                          array(bigintval($sel)), __FILE__, __LINE__);
 117                         if (SQL_NUMROWS($result) == 1)
 118                         {
 119                                 // Entry found so we load the stuff...
 120                                 list($menu) = SQL_FETCHROW($result);
 121                                 SQL_FREERESULT($result);
 122                                 $DATA = array(
 123                                         'cnt'  => $cnt,
 124                                         'menu' => $menu,
 125                                         'sel'  => $sel,
 126                                         'sw'   => $SW,
 127                                 );
 128                                 $OUT .= LOAD_TEMPLATE("admin_gmenu_delete_row", true, $DATA);
 129                         }
 130                          else
 131                         {
 132                                 // Entry not found?
 133                                 $content = array(
 134                                         'sw'  => $SW,
 135                                         'sel' => $sel
 136                                 );
 137                                 $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
 138                         }
 139                         $SW = 3 - $SW;
 140                 }
 141         }
 142         define('__MENU_ROWS', $OUT);
 143         define('__CNT_VALUE', $cnt);
 144
 145         // Load template
 146         LOAD_TEMPLATE("admin_gmenu_delete");
 147 }
 148  elseif ((isset($_POST['ok'])) && (!IS_DEMO()))
 149 {
 150         // An action is done...
 151         switch ($_POST['ok'])
 152         {
 153         case "edit": // Edit menu
 154                 foreach ($_POST['sel'] as $sel => $menu)
 155                 {
 156                         // Secure selector
 157                         $sel = bigintval($sel);
 158
 159                         // Update entry
 160                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET title='%s', action='%s', what='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 161                          array($menu, $_POST['sel_action'][$sel], $_POST['sel_what'][$sel], $sel),__FILE__, __LINE__);
 162                 }
 163                 LOAD_TEMPLATE("admin_data_saved");
 164                 break;
 165
 166         case "del": // Delete menu
 167                 foreach ($_POST['sel'] as $sel => $menu)
 168                 {
 169                         // Delete enty
 170                         $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
 171                          array(bigintval($sel)), __FILE__, __LINE__);
 172                 }
 173                 LOAD_TEMPLATE("admin_data_saved");
 174                 break;
 175
 176         case "status": // Change access levels
 177                 foreach ($_POST['sel'] as $sel => $menu)
 178                 {
 179                         // Secure selector
 180                         $sel = bigintval($sel);
 181
 182                         // Update entry
 183                         $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET visible='%s', locked='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 184                          array($_POST['visible'][$sel], $_POST['locked'][$sel], $sel), __FILE__, __LINE__);
 185                 }
 186                 LOAD_TEMPLATE("admin_data_saved");
 187                 break;
 188
 189         default: // Unexpected action
 190                 define('__OK_VALUE', $_POST['ok']);
 191                 DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", $_POST['ok']));
 192                 LOAD_TEMPLATE("admin_menu_unknown_okay");
 193                 break;
 194         }
 195 }
 196  elseif ((isset($_POST['status'])) && ($chk > 0) && (!IS_DEMO()))
 197 {
 198         // Change status (visible / locked)
 199         define('__SUB_VALUE', $SUB);
 200         define('__CHK_VALUE', $chk);
 201
 202         // Load template
 203         $SW = 2; $cnt = 0; $OUT = "";
 204         foreach ($_POST['sel'] as $sel => $confirm)
 205         {
 206                 if ($confirm == 1)
 207                 {
 208                         $cnt++;
 209                         $result = SQL_QUERY_ESC("SELECT title, visible, locked FROM "._MYSQL_PREFIX."_guest_menu WHERE ".$AND." AND id=%s LIMIT 1",
 210                          array(bigintval($sel)), __FILE__, __LINE__);
 211                         if (SQL_NUMROWS($result) == 1)
 212                         {
 213                                 // Entry found so we load the stuff...
 214                                 list($menu, $vis, $locked) = SQL_FETCHROW($result);
 215                                 SQL_FREERESULT($result);
 216                                 $content = array(
 217                                         'cnt'     => $cnt,
 218                                         'menu'    => $menu,
 219                                         'sel'     => $sel,
 220                                         'sw'      => $SW,
 221                                         'visible' => ADD_SELECTION("yn", $vis   , "visible", $sel),
 222                                         'locked'  => ADD_SELECTION("yn", $locked, "locked" , $sel),
 223                                 );
 224
 225                                 // Load template
 226                                 $OUT .= LOAD_TEMPLATE("admin_menu_status_row", true, $content);
 227                         }
 228                          else
 229                         {
 230                                 // Entry not found?
 231                                 $content = array(
 232                                         'sw'  => $SW,
 233                                         'sel' => $sel
 234                                 );
 235                                 $OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
 236                         }
 237                         $SW = 3 - $SW;
 238                 }
 239         }
 240         define('__CNT_VALUE', $cnt);
 241         define('__MENU_ROWS', $OUT);
 242
 243         // Load template
 244         LOAD_TEMPLATE("admin_gmenu_status");
 245 } else {
 246         if ((!empty($_GET['act'])) && (!empty($_GET['tid'])) && (!empty($_GET['fid']))) {
 247                 // Get IDs
 248                 if (!empty($_GET['w'])) {
 249                         // Sub menus selected
 250                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND sort='%s' LIMIT 1",
 251                          array($_GET['act'], bigintval($_GET['tid'])), __FILE__, __LINE__);
 252                         list($tid) = SQL_FETCHROW($result);
 253                         SQL_FREERESULT($result);
 254                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND sort='%s' LIMIT 1",
 255                          array($_GET['act'], bigintval($_GET['fid'])), __FILE__, __LINE__);
 256                         list($fid) = SQL_FETCHROW($result);
 257                         SQL_FREERESULT($result);
 258                 } else {
 259                         // Main menu selected
 260                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 261                          array(bigintval($_GET['tid'])), __FILE__, __LINE__);
 262                         list($tid) = SQL_FETCHROW($result);
 263                         SQL_FREERESULT($result);
 264                         $result = SQL_QUERY_ESC("SELECT id FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) AND sort='%s' LIMIT 1",
 265                          array(bigintval($_GET['fid'])), __FILE__, __LINE__);
 266                         list($fid) = SQL_FETCHROW($result);
 267                         SQL_FREERESULT($result);
 268                 }
 269
 270                 if ((!empty($tid)) && (!empty($fid))) {
 271                         // Sort menu
 272                         $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 273                                 array(bigintval($_GET['tid']), bigintval($fid)), __FILE__, __LINE__);
 274                         $result_sort = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_guest_menu SET sort='%s' WHERE ".$AND." AND id=%s LIMIT 1",
 275                                 array(bigintval($_GET['fid']), bigintval($tid)), __FILE__, __LINE__);
 276                 } // END - if
 277         } // END - if
 278
 279         // By default list menus
 280         if (empty($SUB)) {
 281                 // List only main menus
 282                 $result = SQL_QUERY("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE (what='' OR what IS NULL) ORDER BY sort ASC", __FILE__, __LINE__);
 283         } else {
 284                 // List sub menus
 285                 $result = SQL_QUERY_ESC("SELECT id, action, what, title, sort FROM "._MYSQL_PREFIX."_guest_menu WHERE action='%s' AND what != '' AND what IS NOT NULL ORDER BY sort ASC",
 286                  array($SUB), __FILE__, __LINE__);
 287         }
 288
 289         // Get number of menu entries
 290         $max = SQL_NUMROWS($result);
 291         if ($max > 0)
 292         {
 293                 // Set sub value
 294                 define('__SUB_VALUE', $SUB);
 295
 296                 $SW = 2; $cnt = 0; $OUT = "";
 297                 while (list($id, $act, $wht, $title, $sort) = SQL_FETCHROW($result))
 298                 {
 299                         $cnt++;
 300                         if (($sort == 0) || (($sort == 1) && (!empty($SUB))))
 301                         {
 302                                 // Is highest position
 303                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
 304                         }
 305                          elseif ($cnt == $max)
 306                         {
 307                                 // Is lowest position
 308                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>";
 309                         }
 310                          elseif ($sort > 0)
 311                         {
 312                                 // Anything else between highest and lowest
 313                                 $NAVI = "<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort-1)."&amp;fid=".$sort."\">".HIGHER."</A>/<A href=\"".URL."/modules.php?module=admin&amp;what=guestedit&amp;sub=".__SUB_VALUE."&amp;act=".$act."&amp;w=".$wht."&amp;tid=".($sort+1)."&amp;fid=".$sort."\">".LOWER."</A>";
 314                         }
 315                         if (empty($act)) $act = "&nbsp;";
 316                         if (empty($wht))   $wht   = "&nbsp;";
 317                         if (empty($title))  $title  = "&nbsp;";
 318                         $content = array(
 319                                 'sw'     => $SW,
 320                                 'id'     => $id,
 321                                 'action' => $act,
 322                                 'what'   => $wht,
 323                                 'title'  => $title,
 324                                 'navi'   => $NAVI,
 325                                 'mode'   => "guest"
 326                         );
 327                         $OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content);
 328                         $SW = 3 - $SW;
 329                 }
 330
 331                 // Free memory
 332                 SQL_FREERESULT($result);
 333                 define('__MENU_ROWS', $OUT);
 334
 335                 // Load template
 336                 LOAD_TEMPLATE("admin_gmenu_edit");
 337         }
 338          else
 339         {
 340                 // Menu entries are missing... (???)
 341                 LOAD_TEMPLATE("admin_settings_saved", false, ADMIN_NO_MENUS_FOUND);
 342         }
 343 }
 344
 345 //
 346 ?>