PageRenderTime 29ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/teams.php

https://github.com/ECP-Black/ECP
PHP | 238 lines | 238 code | 0 blank | 0 comment | 48 complexity | 1f809eaf4c08ba727aed97783103c5c4 MD5 | raw file
    

  1. <?php

    2. 

  2. function admin_teams () {

    3. 

  3. 	global $db;

    4. 

  4. 	$tpl = new smarty;

    5. 

  5. 	$tpl->assign('lang', get_languages());

    6. 

  6. 	$tpl->assign('groups', get_groups(@(int)$_POST['grID']));

    7. 

  7. 	$bilder = '<option value="">'.NONE.'</option>';

    8. 

  8. 	$pics = scan_dir('images/teams/', true);

    9. 

  9. 	$endungen = array('jpg', 'jpeg', 'JPG', 'JPEG', 'gif', 'GIF', 'PNG', 'png');

    10. 

  10. 	foreach($pics AS $value) {

    11. 

  11. 		if(in_array(substr($value, strrpos($value, '.')+1), $endungen)) {

    12. 

  12. 			$bilder .= '<option value="'.$value.'">'.$value.'</option>';

    13. 

  13. 		}

    14. 

  14. 	}

    15. 

  15. 	$tpl->assign('pics', $bilder);

    16. 

  16. 	ob_start();

    17. 

  17. 	$tpl->display(DESIGN.'/tpl/admin/teams.html');

    18. 

  18. 	$content = ob_get_contents();

    19. 

  19. 	ob_end_clean();

    20. 

  20. 	main_content(TEAMS, $content, '',1);

    21. 

  21. 	get_teams();

    22. 

  22. }

    23. 

  23. function get_teams() {

    24. 

  24. 	global $db;

    25. 

  25. 	$tpl = new smarty;

    26. 

  26. 	if(@$_GET['ajax']) ob_end_clean();

    27. 

  27. 	$teams = array();

    28. 

  28. 	$result = $db->query('SELECT tname, tID, info FROM '.DB_PRE.'ecp_teams ORDER BY posi ASC');

    29. 

  29. 	while($row = mysql_fetch_assoc($result)) {

    30. 

  30. 		$members = array();

    31. 

  31. 		$subresult = $db->query('SELECT `username`, `mID`, `userID`, `name`, `aufgabe`, `aktiv`, country FROM '.DB_PRE.'ecp_members LEFT JOIN '.DB_PRE.'ecp_user ON (ID = userID) WHERE teamID = '.$row['tID'].' ORDER BY posi ASC');

    32. 

  32. 		while($subrow = mysql_fetch_assoc($subresult)) {

    33. 

  33. 			($subrow['aktiv']) ? $subrow['aktiv'] = '<span class="member_aktiv" style="cursor:pointer" onclick="member_switch_status('.$row['tID'].', '.$subrow['userID'].');">'.AKTIV.'</span>' : $subrow['aktiv'] = '<span style="cursor:pointer" class="member_inaktiv" onclick="member_switch_status('.$row['tID'].', '.$subrow['userID'].');">'.INAKTIV.'</span>';

    34. 

  34. 			if ($subrow['name'] != '') $subrow['username'] = $subrow['name'];

    35. 

  35. 			$members[] = $subrow;

    36. 

  36. 		}

    37. 

  37. 		$row['members'] = $members;

    38. 

  38. 		$teams[] = $row;

    39. 

  39. 	}	

    40. 

  40. 	$tpl->assign('teams', $teams);

    41. 

  41. 	ob_start();

    42. 

  42. 	$tpl->display(DESIGN.'/tpl/admin/teams_overview.html');

    43. 

  43. 	$content = ob_get_contents();

    44. 

  44. 	ob_end_clean();		

    45. 

  45. 	if(@$_GET['ajax']) { echo html_ajax_convert($content); die(); } 

    46. 

  46. 	main_content(OVERVIEW, '<div id="teams_overview">'.$content.'</div>', '',1);	

    47. 

  47. }

    48. 

  48. function teams_add_member($id) {

    49. 

  49. 	ob_end_clean();

    50. 

  50. 	global $db;

    51. 

  51. 	$db->setMode(0);

    52. 

  52. 	ajax_convert_array($_POST);

    53. 

  53. 	if(!isset($_SESSION['rights']['admin']['teams']['add_member']) AND !isset($_SESSION['rights']['superadmin'])) {

    54. 

  54. 		echo NO_ADMIN_RIGHTS;

    55. 

  55. 	} else {

    56. 

  56. 		$userid = @$db->result(DB_PRE.'ecp_user', 'ID', 'username = \''.strsave(htmlspecialchars($_POST['user'])).'\'');

    57. 

  57. 		if($userid) {

    58. 

  58. 			if(@$db->result(DB_PRE.'ecp_members', 'COUNT(mID)', 'userID = '.$userid.' AND teamID = '.$id)) {

    59. 

  59. 				echo USER_ALLREADY_IN_TEAM;

    60. 

  60. 			} else {

    61. 

  61. 				if($db->query(sprintf('INSERT INTO '.DB_PRE.'ecp_members (`userID`, `teamID`, `name`, `aufgabe`, `aktiv`) VALUES (%d, %d, \'%s\', \'%s\', %d )', $userid, $id, strsave($_POST['username']), strsave($_POST['task']), (int)@$_POST['aktiv']))) {

    62. 

  62. 					$gid = $db->result(DB_PRE.'ecp_teams', 'grID', 'tID = '.$id);

    63. 

  63. 					if($gid AND !$db->result(DB_PRE.'ecp_user_groups', 'COUNT(userID)', 'userID = '.$userid.' AND gID = '.$gid)) {

    64. 

  64. 						$db->query('INSERT INTO '.DB_PRE.'ecp_user_groups (userID, gID) VALUES ('.$userid.', '.$gid.')');

    65. 

  65. 					}

    66. 

  66. 					echo 'ok';

    67. 

  67. 				}

    68. 

  68. 			}

    69. 

  69. 		} else {

    70. 

  70. 			echo NO_USER_EXIST;

    71. 

  71. 		}

    72. 

  72. 	}

    73. 

  73. 	die();

    74. 

  74. }

    75. 

  75. function get_groups($id) {

    76. 

  76. 	global $db, $groups;

    77. 

  77. 	$gruppen = '<option value="0">'.NONE.'</option>';

    78. 

  78. 	$db->query('SELECT name, groupID FROM '.DB_PRE.'ecp_groups ORDER BY name ASC');

    79. 

  79. 	while($row = $db->fetch_assoc()) {

    80. 

  80. 		($id == $row['groupID']) ? $sub = 'selcted' : $sub = '';

    81. 

  81. 		if(isset($groups[$row['name']])) $row['name'] = $groups[$row['name']];

    82. 

  82. 		$gruppen .= '<option '.$sub.' value="'.$row['groupID'].'">'.$row['name'].'</option>';

    83. 

  83. 	}

    84. 

  84. 	return $gruppen;

    85. 

  85. }

    86. 

  86. function admin_teams_add() {

    87. 

  87. 	ob_end_clean();

    88. 

  88. 	global $db;

    89. 

  89. 	ajax_convert_array($_POST);

    90. 

  90. 	if(!isset($_SESSION['rights']['admin']['teams']['add']) AND !isset($_SESSION['rights']['superadmin'])) {

    91. 

  91. 		echo NO_ADMIN_RIGHTS;

    92. 

  92. 	} else {

    93. 

  93. 		if($_POST['name'] == '') {

    94. 

  94. 			echo NOT_NEED_ALL_INPUTS;

    95. 

  95. 		} else {

    96. 

  96. 			$db->setMode(0);

    97. 

  97. 			$lang = array();

    98. 

  98. 			foreach($_POST AS $key => $value) {

    99. 

  99. 				if(strpos($key, 'cription_')) {

    100. 

  100. 					$lang[substr($key,strpos($key, '_')+1)] = $value;

    101. 

  101. 				}

    102. 

  102. 			}			

    103. 

  103. 			$sql = sprintf('INSERT INTO '.DB_PRE.'ecp_teams (`tname`, `tpic`, `grID`, `info`, `cw`, `fightus`, `joinus`) VALUES (\'%s\', \'%s\', %d, \'%s\', %d, %d, %d)',

    104. 

  104. 							strsave($_POST['name']),strsave($_POST['tpic']), (int)$_POST['grID'], strsave(json_encode($lang)), (int)@$_POST['cw'], (int)@$_POST['fightus'], (int)@$_POST['joinus']);

    105. 

  105. 			if($db->query($sql)) {

    106. 

  106. 				echo 'ok';

    107. 

  107. 				die();	

    108. 

  108. 			}

    109. 

  109. 		}

    110. 

  110. 	}

    111. 

  111. 	die();

    112. 

  112. }

    113. 

  113. function admin_teams_edit($id) {

    114. 

  114. 	ob_end_clean();

    115. 

  115. 	global $db;

    116. 

  116. 	ajax_convert_array($_POST);

    117. 

  117. 	if(!isset($_SESSION['rights']['admin']['teams']['edit']) AND !isset($_SESSION['rights']['superadmin'])) {

    118. 

  118. 		echo NO_ADMIN_RIGHTS;

    119. 

  119. 	} else {

    120. 

  120. 		ajax_convert_array($_POST);

    121. 

  121. 		if($_POST['name'] == '') {

    122. 

  122. 			echo NOT_NEED_ALL_INPUTS;

    123. 

  123. 		} else {

    124. 

  124. 			$db->setMode(0);

    125. 

  125. 			$lang = array();

    126. 

  126. 			foreach($_POST AS $key => $value) {

    127. 

  127. 				if(strpos($key, 'cription_')) {

    128. 

  128. 					$lang[substr($key,strpos($key, '_')+1)] = $value;

    129. 

  129. 				}

    130. 

  130. 			}			

    131. 

  131. 			$sql = sprintf('UPDATE '.DB_PRE.'ecp_teams SET `tname` = \'%s\', `tpic` = \'%s\', `grID` = %d, `info` = \'%s\', `cw` = %d, `fightus` = %d, joinus = %d WHERE tID = %d ',

    132. 

  132. 							strsave($_POST['name']),strsave($_POST['tpic']), (int)$_POST['grID'], strsave(json_encode($lang)), (int)@$_POST['cw'], (int)@$_POST['fightus'],(int)@$_POST['joinus'], $id);

    133. 

  133. 			if($db->query($sql)) {

    134. 

  134. 				echo 'ok';	

    135. 

  135. 			}

    136. 

  136. 		}

    137. 

  137. 	}

    138. 

  138. 	die();

    139. 

  139. }

    140. 

  140. function teams_switch_status($gid, $uid) {

    141. 

  141. 	global $db;

    142. 

  142. 	$db->setMode(0);

    143. 

  143. 	$aktiv = $db->result(DB_PRE.'ecp_members', 'aktiv', 'userID = '.$uid.' AND teamID = '.$gid);

    144. 

  144. 	if($aktiv == 0) $aktiv = 1; else $aktiv = 0;

    145. 

  145. 	if($db->query('UPDATE '.DB_PRE.'ecp_members SET aktiv = '.$aktiv.' WHERE userID = '.$uid.' AND teamID = '.$gid)) {

    146. 

  146. 		$_GET['ajax'] = 1;

    147. 

  147. 		get_teams();

    148. 

  148. 	}

    149. 

  149. }

    150. 

  150. function teams_member_del($gid, $uid) {

    151. 

  151. 	global $db;

    152. 

  152. 	$db->setMode(0);

    153. 

  153. 	ob_end_clean();

    154. 

  154. 	if(!isset($_SESSION['rights']['admin']['teams']['del_member']) AND !isset($_SESSION['rights']['superadmin'])) {

    155. 

  155. 		echo NO_ADMIN_RIGHTS;

    156. 

  156. 	} else {

    157. 

  157. 		if($db->query('DELETE FROM '.DB_PRE.'ecp_members WHERE userID = '.$uid.' AND teamID = '.$gid)) {

    158. 

  158. 			$gruppe = $db->result(DB_PRE.'ecp_teams', 'grID', 'tID = '.$gid);

    159. 

  159. 			if($gruppe) {

    160. 

  160. 				$db->query('DELETE FROM '.DB_PRE.'ecp_user_groups WHERE userID = '.$uid.' AND gID = '.$gruppe);

    161. 

  161. 			}			

    162. 

  162. 			echo 'ok';

    163. 

  163. 		}

    164. 

  164. 	}

    165. 

  165. 	die();	

    166. 

  166. }

    167. 

  167. function teams_edit_member($id, $uid) {

    168. 

  168. 	ob_end_clean();

    169. 

  169. 	global $db;

    170. 

  170. 	$db->setMode(0);

    171. 

  171. 	ajax_convert_array($_POST);

    172. 

  172. 	if(!isset($_SESSION['rights']['admin']['teams']['edit_member']) AND !isset($_SESSION['rights']['superadmin'])) {

    173. 

  173. 		echo NO_ADMIN_RIGHTS;

    174. 

  174. 	} else {

    175. 

  175. 		if($db->query(sprintf('UPDATE '.DB_PRE.'ecp_members SET `name` = \'%s\', `aufgabe` = \'%s\', `aktiv` =  %d WHERE teamID = %d AND userID = %d', strsave($_POST['username']), strsave($_POST['task']), (int)@$_POST['aktiv'], $id, $uid))) {

    176. 

  176. 			echo 'ok';	

    177. 

  177. 		}			

    178. 

  178. 	}

    179. 

  179. 	die();

    180. 

  180. }

    181. 

  181. function admin_teams_del($id) {

    182. 

  182. 	ob_end_clean();

    183. 

  183. 	global $db;

    184. 

  184. 	$db->setMode(0);

    185. 

  185. 	if(!isset($_SESSION['rights']['admin']['teams']['del']) AND !isset($_SESSION['rights']['superadmin'])) {

    186. 

  186. 		echo NO_ADMIN_RIGHTS;

    187. 

  187. 	} else {

    188. 

  188. 		$gid = $db->result(DB_PRE.'ecp_teams', 'grID', 'tID = '.$id);

    189. 

  189. 		if($db->query('DELETE FROM '.DB_PRE.'ecp_teams WHERE tID = '.$id)) {

    190. 

  190. 			if($gid) {

    191. 

  191. 				$result = $db->query('SELECT userID FROM '.DB_PRE.'ecp_members WHERE teamID = '.$id);

    192. 

  192. 				while($row = mysql_fetch_assoc($result)) {

    193. 

  193. 					$db->query('DELETE FROM '.DB_PRE.'ecp_user_groups WHERE userID = '.$row['userID'].' AND gID = '.$gid);

    194. 

  194. 				}

    195. 

  195. 			}			

    196. 

  196.  			$db->query('DELETE FROM '.DB_PRE.'ecp_members WHERE teamID = '.$id);				

    197. 

  197. 			echo 'ok';	

    198. 

  198. 		}			

    199. 

  199. 	}

    200. 

  200. 	die();

    201. 

  201. }

    202. 

  202. if (!isset($_SESSION['rights']['admin']['teams']) AND !isset($_SESSION['rights']['superadmin'])) {

    203. 

  203. 	table(ERROR, NO_ADMIN_RIGHTS);

    204. 

  204. } else {

    205. 

  205. 	if(isset($_GET['func'])) {

    206. 

  206. 		switch($_GET['func']) {

    207. 

  207. 			case 'add':

    208. 

  208. 				admin_teams_add();

    209. 

  209. 				break;

    210. 

  210. 			case 'edit':

    211. 

  211. 				admin_teams_edit((int)$_GET['id']);

    212. 

  212. 				break;

    213. 

  213. 			case 'del':

    214. 

  214. 				admin_teams_del((int)$_GET['id']);

    215. 

  215. 				break;

    216. 

  216. 			case 'get_teams':

    217. 

  217. 				get_teams();

    218. 

  218. 				break;	

    219. 

  219. 			case 'addmember':

    220. 

  220. 				teams_add_member((int)$_GET['id']);

    221. 

  221. 			break;

    222. 

  222. 			case 'switch_status':

    223. 

  223. 				teams_switch_status((int)$_GET['gid'], (int)$_GET['uid']);

    224. 

  224. 			break;							

    225. 

  225. 			case 'delmember':

    226. 

  226. 				teams_member_del((int)$_GET['gid'], (int)$_GET['uid']);

    227. 

  227. 			break;

    228. 

  228. 			case 'editmember':

    229. 

  229. 				teams_edit_member((int)$_GET['id'], (int)$_GET['uid']);

    230. 

  230. 			break;

    231. 

  231. 			default:

    232. 

  232. 				admin_teams();

    233. 

  233. 		}

    234. 

  234. 	} else {

    235. 

  235. 		admin_teams();

    236. 

  236. 	}

    237. 

  237. }

    238. 

  238. ?>
    239.