<?php
/************************************************************************
 * MXChange v0.2.1                                    Start: 09/28/2003 *
 * ===============                              Last change: 12/13/2004 *
 *                                                                      *
 * -------------------------------------------------------------------- *
 * File              : what-guestedit.php                               *
 * -------------------------------------------------------------------- *
 * Short description : Edit guest's menu                                *
 * -------------------------------------------------------------------- *
 * Kurzbeschreibung  : Menue fuer die Gaeste editieren                  *
 * -------------------------------------------------------------------- *
 * $Revision:: 856                                                    $ *
 * $Date:: 2009-03-06 20:24:32 +0100 (Fr, 06. Mär 2009)              $ *
 * $Tag:: 0.2.1-FINAL                                                 $ *
 * $Author:: stelzi                                                   $ *
 * Needs to be in all Files and every File needs "svn propset           *
 * svn:keywords Date Revision" (autoprobset!) at least!!!!!!            *
 * -------------------------------------------------------------------- *
 * Copyright (c) 2003 - 2008 by Roland Haeder                           *
 * For more information visit: http://www.mxchange.org                  *
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 * This program is distributed in the hope that it will be useful,      *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
 * GNU General Public License for more details.                         *
 *                                                                      *
 * You should have received a copy of the GNU General Public License    *
 * along with this program; if not, write to the Free Software          *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
 * MA  02110-1301  USA                                                  *
 ************************************************************************/

// Some security stuff...
if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
	$INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
	require($INC);
}

// Add description as navigation point
ADD_DESCR("admin", __FILE__);

// Do we edit/delete/change main menus or sub menus?
$AND = "(`what` = '' OR `what` IS NULL)"; $SUB = "";

if (REQUEST_ISSET_GET(('sub'))) {
	$AND = sprintf("action='%s' AND `what` IS NOT NULL", REQUEST_GET(('sub')));
	$SUB = REQUEST_GET(('sub'));
} // END - if

// Get count of (maybe) selected menu points
$chk = 0;
if (REQUEST_ISSET_POST('sel')) $chk = SELECTION_COUNT(REQUEST_POST('sel'));

// List all menu points and make them editable
if ((REQUEST_ISSET_POST('edit')) && ($chk > 0) && (!IS_DEMO()))
{
	// Edit menu entries
	define('__SUB_VALUE', $SUB);
	define('__CHK_VALUE', $chk);

	$cnt = 0; $OUT = ""; $SW = 2;
	foreach (REQUEST_POST('sel') as $sel => $confirm)
	{
		if ($confirm == 1)
		{
			$cnt++;
			$result = SQL_QUERY_ESC("SELECT title, action, what FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1",
			 array(bigintval($sel)), __FILE__, __LINE__);
			if (SQL_NUMROWS($result) == 1)
			{
				// Entry found so we load the stuff...
				list($menu, $act, $wht) = SQL_FETCHROW($result);
				SQL_FREERESULT($result);
				$DATA = array(
					'cnt'    => $cnt,
					'sel'    => $sel,
					'action' => ADMIN_MAKE_MENU_SELECTION("guest", "action", "sel_action[".$sel."]", $act),
					'what'   => ADMIN_MAKE_MENU_SELECTION("guest", "what", "sel_what[".$sel."]", $wht),
					'menu'   => $menu,
					'sw'     => $SW,
				);
				$OUT .= LOAD_TEMPLATE("admin_gmenu_edit_row", true, $DATA);
			}
			 else
			{
				// Entry not found?
				$content = array(
					'sw'  => $SW,
					'sel' => $sel
				);
				$OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
			}
			$SW = 3 - $SW;
		}
	}
	define('__MENU_ROWS', $OUT);
	define('__CNT_VALUE', $cnt);

	// Load template
	LOAD_TEMPLATE("admin_gmenu_edit_form");
} elseif ((REQUEST_ISSET_POST('del')) && (!IS_DEMO())) {
	// Del menu entries with or without confirmation
	define('__SUB_VALUE', $SUB);
	define('__CHK_VALUE', $chk);

	$cnt = 0; $OUT = ""; $SW = 2;
	foreach (REQUEST_POST('sel') as $sel => $confirm) {
		if ($confirm == 1) {
			$cnt++;
			$result = SQL_QUERY_ESC("SELECT title FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1",
				array(bigintval($sel)), __FILE__, __LINE__);
			if (SQL_NUMROWS($result) == 1) {
				// Entry found so we load the stuff...
				list($menu) = SQL_FETCHROW($result);
				SQL_FREERESULT($result);
				$DATA = array(
					'cnt'  => $cnt,
					'menu' => $menu,
					'sel'  => $sel,
					'sw'   => $SW,
				);
				$OUT .= LOAD_TEMPLATE("admin_gmenu_delete_row", true, $DATA);
			} else {
				// Entry not found?
				$content = array(
					'sw'  => $SW,
					'sel' => $sel
				);
				$OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
			}
			$SW = 3 - $SW;
		}
	}
	define('__MENU_ROWS', $OUT);
	define('__CNT_VALUE', $cnt);

	// Load template
	LOAD_TEMPLATE("admin_gmenu_delete");
} elseif ((IS_FORM_SENT()) && (!IS_DEMO())) {
	// An action is done...
	switch (REQUEST_POST('ok'))
	{
	case "edit": // Edit menu
		foreach (REQUEST_POST('sel') as $sel => $menu) {
			// Secure selector
			$sel = bigintval($sel);

			// Update entry
			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `title`='%s', `action`='%s', `what`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
				array($menu, REQUEST_POST('sel_action', $sel), REQUEST_POST('sel_what', $sel), $sel),__FILE__, __LINE__);
		}
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
		break;

	case "del": // Delete menu
		foreach (REQUEST_POST('sel') as $sel => $menu) {
			// Delete enty
			SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1",
				array(bigintval($sel)), __FILE__, __LINE__);
		}
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
		break;

	case "status": // Change access levels
		foreach (REQUEST_POST('sel') as $sel => $menu) {
			// Secure selector
			$sel = bigintval($sel);

			// Update entry
			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `visible`='%s', `locked`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
				array(REQUEST_POST('visible', $sel), REQUEST_POST('locked', $sel), $sel), __FILE__, __LINE__);
		}
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('SETTINGS_SAVED'));
		break;

	default: // Unexpected action
		define('__OK_VALUE', REQUEST_POST('ok'));
		DEBUG_LOG(__FILE__, __LINE__, sprintf("Unsupported action %s detected.", REQUEST_POST('ok')));
		LOAD_TEMPLATE("admin_menu_unknown_okay");
		break;
	}
} elseif ((REQUEST_ISSET_POST(('status'))) && ($chk > 0) && (!IS_DEMO())) {
	// Change status (visible / locked)
	define('__SUB_VALUE', $SUB);
	define('__CHK_VALUE', $chk);

	// Load template
	$SW = 2; $cnt = 0; $OUT = "";
	foreach (REQUEST_POST('sel') as $sel => $confirm)
	{
		if ($confirm == 1)
		{
			$cnt++;
			$result = SQL_QUERY_ESC("SELECT title, visible, locked FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE ".$AND." AND id=%s LIMIT 1",
			 array(bigintval($sel)), __FILE__, __LINE__);
			if (SQL_NUMROWS($result) == 1)
			{
				// Entry found so we load the stuff...
				list($menu, $vis, $locked) = SQL_FETCHROW($result);
				SQL_FREERESULT($result);
				$content = array(
					'cnt'     => $cnt,
					'menu'    => $menu,
					'sel'     => $sel,
					'sw'      => $SW,
					'visible' => ADD_SELECTION("yn", $vis   , "visible", $sel),
					'locked'  => ADD_SELECTION("yn", $locked, "locked" , $sel),
				);

				// Load template
				$OUT .= LOAD_TEMPLATE("admin_menu_status_row", true, $content);
			}
			 else
			{
				// Entry not found?
				$content = array(
					'sw'  => $SW,
					'sel' => $sel
				);
				$OUT .= LOAD_TEMPLATE("admin_menu_404_row", true, $content);
			}
			$SW = 3 - $SW;
		}
	}
	define('__CNT_VALUE', $cnt);
	define('__MENU_ROWS', $OUT);

	// Load template
	LOAD_TEMPLATE("admin_gmenu_status");
} else {
	if ((REQUEST_ISSET_GET(('act'))) && (REQUEST_ISSET_GET(('tid'))) && (REQUEST_ISSET_GET(('fid')))) {
		// Get IDs
		if (REQUEST_ISSET_GET(('w'))) {
			// Sub menus selected
			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
			 array(REQUEST_GET('act'), bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
			list($tid) = SQL_FETCHROW($result);
			SQL_FREERESULT($result);
			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `sort`='%s' LIMIT 1",
			 array(REQUEST_GET('act'), bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
			list($fid) = SQL_FETCHROW($result);
			SQL_FREERESULT($result);
		} else {
			// Main menu selected
			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
			 array(bigintval(REQUEST_GET('tid'))), __FILE__, __LINE__);
			list($tid) = SQL_FETCHROW($result);
			SQL_FREERESULT($result);
			$result = SQL_QUERY_ESC("SELECT id FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE (what='' OR `what` IS NULL) AND `sort`='%s' LIMIT 1",
			 array(bigintval(REQUEST_GET('fid'))), __FILE__, __LINE__);
			list($fid) = SQL_FETCHROW($result);
			SQL_FREERESULT($result);
		}

		if ((!empty($tid)) && (!empty($fid))) {
			// Sort menu
			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
				array(bigintval(REQUEST_GET('tid')), bigintval($fid)), __FILE__, __LINE__);
			SQL_QUERY_ESC("UPDATE `{!_MYSQL_PREFIX!}_guest_menu` SET `sort`='%s' WHERE ".$AND." AND id=%s LIMIT 1",
				array(bigintval(REQUEST_GET('fid')), bigintval($tid)), __FILE__, __LINE__);
		} // END - if
	} // END - if

	// By default list menus
	if (empty($SUB)) {
		// List only main menus
		$result = SQL_QUERY("SELECT `id`, `action`, `what`, `title`, `sort` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE (`what`='' OR `what` IS NULL) ORDER BY `sort` ASC", __FILE__, __LINE__);
	} else {
		// List sub menus
		$result = SQL_QUERY_ESC("SELECT `id`, `action`, `what`, `title`, `sort` FROM `{!_MYSQL_PREFIX!}_guest_menu` WHERE `action`='%s' AND `what` != '' AND `what` IS NOT NULL ORDER BY `sort` ASC",
			array($SUB), __FILE__, __LINE__);
	}

	// Get number of menu entries
	$max = SQL_NUMROWS($result);
	if ($max > 0) {
		// Set sub value
		// @TODO Rewrite this constant
		define('__SUB_VALUE', $SUB);

		// Init variables
		$SW = 2;
		$cnt = 0;
		$OUT = "";

		// Process all menu entries
		while ($content = SQL_FETCHARRAY($result)) {
			$cnt++;
			if (($content['sort'] == 0) || (($content['sort'] == 1) && (!empty($SUB)))) {
				// Is highest position
				$NAVI = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=guestedit&amp;sub={!__SUB_VALUE!}&amp;act=".$content['action']."&amp;w=".$content['what']."&amp;tid=".($content['sort']+1)."&amp;fid=".$content['sort']."\">{--LOWER--}</a>";
			} elseif ($cnt == $max) {
				// Is lowest position
				$NAVI = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=guestedit&amp;sub={!__SUB_VALUE!}&amp;act=".$content['action']."&amp;w=".$content['what']."&amp;tid=".($content['sort']-1)."&amp;fid=".$content['sort']."\">{--HIGHER--}</a>";
			} elseif ($content['sort'] > 0) {
				// Anything else between highest and lowest
				$NAVI = "<a href=\"{!URL!}/modules.php?module=admin&amp;what=guestedit&amp;sub={!__SUB_VALUE!}&amp;act=".$content['action']."&amp;w=".$content['what']."&amp;tid=".($content['sort']-1)."&amp;fid=".$content['sort']."\">{--HIGHER--}</a>/<a href=\"{!URL!}/modules.php?module=admin&amp;what=guestedit&amp;sub={!__SUB_VALUE!}&amp;act=".$content['action']."&amp;w=".$content['what']."&amp;tid=".($content['sort']+1)."&amp;fid=".$content['sort']."\">{--LOWER--}</a>";
			}

			if (empty($content['action'])) $content['action'] = "&nbsp;";
			if (empty($content['what']))   $content['what']   = "&nbsp;";
			if (empty($content['title']))  $content['title']  = "&nbsp;";

			$content = array(
				'sw'     => $SW,
				'id'     => $content['id'],
				'action' => $content['action'],
				'what'   => $content['what'],
				'title'  => $content['title'],
				'navi'   => $NAVI,
				'mode'   => "guest"
			);
			$OUT .= LOAD_TEMPLATE("admin_menu_overview_row", true, $content);
			$SW = 3 - $SW;
		}

		// Free memory
		SQL_FREERESULT($result);
		define('__MENU_ROWS', $OUT);

		// Load template
		LOAD_TEMPLATE("admin_gmenu_edit");
	} else {
		// Menu entries are missing... (???)
		LOAD_TEMPLATE("admin_settings_saved", false, getMessage('ADMIN_NO_MENUS_FOUND'));
	}
}

//
?>