Portions created by the Initial Developer are Copyright (C) 2008-2014 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ include "root.php"; require_once "resources/require.php"; //check permissions require_once "resources/check_auth.php"; if (permission_exists('group_edit')) { //access allowed } else { echo "access denied"; return; } //add multi-lingual support $language = new text; $text = $language->get(); //process update if (count($_POST) > 0) { //set the variables $group_uuid = check_str($_POST['group_uuid']); $group_name = check_str($_POST['group_name']); $group_name_previous = check_str($_POST['group_name_previous']); $domain_uuid = check_str($_POST["domain_uuid"]); $domain_uuid_previous = check_str($_POST["domain_uuid_previous"]); $group_description = check_str($_POST["group_description"]); //check for global/domain duplicates $sql = "select count(*) as num_rows from v_groups where "; $sql .= "group_name = '".$group_name."' "; $sql .= "and group_uuid <> '".$group_uuid."' "; $sql .= "and domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null "); $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); $group_exists = ($row['num_rows'] > 0) ? true : false; } else { $group_exists = false; } unset($sql, $prep_statement, $row); //update group if (!$group_exists) { $sql = "update v_groups "; $sql .= "set "; $sql .= "group_name = '".$group_name."', "; $sql .= "domain_uuid = ".(($domain_uuid != '') ? "'".$domain_uuid."'" : "null").", "; $sql .= "group_description = '".$group_description."' "; $sql .= "where group_uuid = '".$group_uuid."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); echo "

".print_r($error, true)."

"; exit; } //group changed from global to domain-specific if ($domain_uuid_previous == '' && $domain_uuid != '') { //remove any users assigned to the group from the old domain $sql = "delete from v_group_users where group_uuid = '".$group_uuid."' and domain_uuid <> '".$domain_uuid."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //update permissions to use new domain uuid $sql = "update v_group_permissions set domain_uuid = '".$domain_uuid."' where group_name = '".$group_name_previous."' and domain_uuid is null "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //change group name if ($group_name != $group_name_previous && $group_name != '') { //change group name in group users $sql = "update v_group_users set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //change group name in permissions $sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid = '".$domain_uuid."' and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } } } //group changed from one domain to another else if ($domain_uuid_previous != '' && $domain_uuid != '' && $domain_uuid_previous != $domain_uuid) { //remove any users assigned to the group from the old domain $sql = "delete from v_group_users where group_uuid = '".$group_uuid."' and domain_uuid = '".$domain_uuid_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //update permissions to use new domain uuid $sql = "update v_group_permissions set domain_uuid = '".$domain_uuid."' where group_name = '".$group_name_previous."' and domain_uuid = '".$domain_uuid_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

".print_r($error, true)."

".print_r($error, true)."

"; exit; } } } //group changed from domain-specific to global else if ($domain_uuid_previous != '' && $domain_uuid == '') { //change group name if ($group_name != $group_name_previous && $group_name != '') { //change group name in group users $sql = "update v_group_users set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //change group name in permissions $sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid = '".$domain_uuid_previous."' and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } } //update permissions to not use a domain uuid $sql = "update v_group_permissions set domain_uuid = null where group_name = '".$group_name."' and domain_uuid = '".$domain_uuid_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } } //domain didn't change, but name may still else { //change group name if ($group_name != $group_name_previous && $group_name != '') { //change group name in group users $sql = "update v_group_users set group_name = '".$group_name."' where group_uuid = '".$group_uuid."' and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } //change group name in permissions $sql = "update v_group_permissions set group_name = '".$group_name."' where domain_uuid ".(($domain_uuid != '') ? " = '".$domain_uuid."' " : " is null ")." and group_name = '".$group_name_previous."' "; if (!$db->exec(check_sql($sql))) { $error = $db->errorInfo(); //echo "

".print_r($error, true)."

"; exit; } } } $_SESSION["message"] = $text['message-update']; header("Location: groups.php"); } else { $_SESSION['message_mood'] = 'negative'; $_SESSION["message"] = $text['message-group_exists']; header("Location: groupedit.php?id=".$group_uuid); } //redirect the user return; } //pre-populate the form $group_uuid = check_str($_REQUEST['id']); if ($group_uuid != '') { $sql = "select * from v_groups where "; $sql .= "group_uuid = '".$group_uuid."' "; $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); $group_name = $row['group_name']; $domain_uuid = $row['domain_uuid']; $group_description = $row['group_description']; } } //include the header include "resources/header.php"; $document['title'] = $text['title-group_edit']; //copy group javascript echo "\n"; //show the content echo "

\n"; echo "\n"; echo "\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo "

\n"; echo " ".$text['header-group_edit']."\n"; echo "

\n"; echo " ".$text['description-group_edit']."\n"; echo "

\n"; echo " "; echo " "; echo " \n"; echo "

\n"; echo "
"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; if (permission_exists('group_domain')) { echo "\n"; echo "\n"; echo "\n"; echo "\n"; } else { echo ""; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

\n"; echo $text['label-group_name']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo "
\n"; echo " ".$text['label-domain']."\n"; echo "	\n"; echo " \n"; echo " \n"; echo " \n"; echo $text['description-domain_name']."\n"; echo "
\n"; echo $text['label-group_description']."\n"; echo "	\n"; echo " ".$group_description."\n"; echo "
\n"; echo " "; echo " \n"; echo "

\n"; echo "

"; echo "

"; //include the footer include "resources/footer.php"; ?>