$ax['grp_all_cats']); $stH = dbQuery("SELECT `ID`,`name` FROM `categories` WHERE `status` >= 0"); while ($row = $stH->fetch(PDO::FETCH_ASSOC)) { $catArray[$row['ID']] = $row['name']; } //display group list echo "
\n"; } function editGroup(&$group) { global $ax, $usr, $mode, $lcI; echo "\n"; } function addGroup(&$group) { //add group global $ax, $set, $mode; do { if ($group['color'] and !preg_match("/^#[0-9A-Fa-f]{6}$/", $group['color'])) { $msg = $ax['grp_invalid_color']; break; } if (!$group['name']) { $msg = $ax['grp_cred_required']; break; } if (!preg_match("/^[\w\s\._-]{2,}$/u", $group['name'])) { $msg = $ax['grp_name_invalid']; break; } $stH = stPrep("SELECT `name` FROM `groups` WHERE `name` = ? AND `status` >= 0"); stExec($stH,array($group['name'])); $row = $stH->fetch(PDO::FETCH_ASSOC); $stH = null; if ($row) { //name already exists $msg = $ax['grp_name_exists']; break; } $stH = stPrep("INSERT INTO `groups` (`name`,`privs`,`vCatIDs`,`eCatIDs`,`rEvents`,`mEvents`,`pEvents`,`upload`,`sendSms`,`tnPrivs`,`color`) VALUES (?,?,?,?,?,?,?,?,?,?,?)"); stExec($stH,array($group['name'],$group['privs'],implode(',',$group['vCatIDs']),implode(',',$group['eCatIDs']),$group['rEvts'],$group['mEvts'],$group['pEvts'],$group['upload'],$group['sndSms'],$group['tnPrivs'],$group['color'])); $msg = $ax['grp_added']; $mode = ''; } while (false); return $msg; } function updateGroup($group) { //update group global $ax, $mode; do { if ($group['color'] and !preg_match("/^#[0-9A-Fa-f]{6}$/", $group['color'])) { $msg = $ax['grp_invalid_color']; break; } if (!preg_match("/^[\w\s\._-]{2,}$/u", $group['name'])) { $msg = $ax['grp_name_invalid']; break; } $stH = stPrep("UPDATE `groups` SET `name` = ?,`privs` = ?,`vCatIDs` = ?,`eCatIDs` = ?,`rEvents` = ?,`mEvents` = ?,`pEvents` = ?,`upload` = ?,`sendSms` = ?,`tnPrivs` = ?,`color` = ? WHERE `ID` = ?"); stExec($stH,array($group['name'],$group['privs'],implode(',',$group['vCatIDs']),implode(',',$group['eCatIDs']),$group['rEvts'],$group['mEvts'],$group['pEvts'],$group['upload'],$group['sndSms'],$group['tnPrivs'],$group['color'], $group['id'])); $msg = $ax['grp_updated']; $mode = ''; } while (false); return $msg; } function deleteGroup($group) { //delete user group global $ax; do { $stH = stPrep("SELECT `name` FROM `users` WHERE `groupID` = ? AND `status` >= 0 limit 1"); stExec($stH,array($group['id'])); $row = $stH->fetch(PDO::FETCH_ASSOC); $stH = null; if ($row) { //group is in use $msg = $ax['grp_in_use'].' - '.$ax['grp_not_deleted']; break; } $stH = stPrep("UPDATE `groups` SET `status` = -1 WHERE `ID` = ?"); stExec($stH,array($group['id'])); $deleted = $stH->rowCount(); if (!$deleted) { $msg = "Database Error: {$ax['grp_not_deleted']}"; break; } $msg = $ax['grp_deleted']; } while (false); return $msg; } //Control logic if ($usr['privs'] >= 4) { //manager or admin $msg = ''; if (isset($_POST['addExe'])) { $msg = addGroup($group); } elseif (isset($_POST['updExe'])) { $msg = updateGroup($group); } elseif (isset($_POST['delExe'])) { $msg = deleteGroup($group); } echo "{$msg}
{$ax['no_way']}
\n"; } ?>