Location: PHPKode > projects > ACollab > group_admin/group_assign.php
<?php
/****************************************************************************************/
/* ACollab                                                                              */
/****************************************************************************************/
/* Copyright (c) 2002-2004  Adaptive Technology Resource Centre / University of Toronto */
/*                                                                                      */
/* http://atutor.ca/acollab                                                             */
/*                                                                                      */
/* This program is free software. You may redistribute it and/or                        */
/* modify it under the terms of the GNU General Public License                          */
/* as published by the Free Software Foundation; either version 2 of the License,       */
/* or (at your option) any later version.                                               */
/*                                                                                      */
/* This program is distributed in the hope that it will be useful, but                  */
/* WITHOUT ANY WARRANTY; without even the implied warranty of                           */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                                 */
/* See the GNU General Public License for more details.                                 */
/*                                                                                      */
/* You may access the GNU General Public License at:                                    */
/* http://www.opensource.org/licenses/gpl-license.php                                   */
/*                                                                                      */
/* You may contact the Adaptive Technology Resource Centre at                           */
/* Robarts Library, University of Toronto                                               */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5                              */
/* Further contact information is available at http://www.utoronto.ca/atrc/             */
/****************************************************************************************/
/* Programmer:                                                                          */
/* Joel Kronenberg - ATRC                                                               */
/* Heidi Hazelton - ATRC	                                                            */
/****************************************************************************************/
// $Id: group_assign.php 434 2005-03-07 20:05:14Z shozubq $

define('AC_INCLUDE_PATH', '../include/');

require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_GROUP_ADMIN);

if (isset($_GET['private_folder']) && isset($_GET['member_id'])) {
	if ($_GET['private_folder'] == 1) {
		$priv_fol = 'y';
	} else {
		$priv_fol = 'n';
	}
	$mem_id = intval($_GET['member_id']);

	$sql = "UPDATE ".TABLE_PREFIX."groups_members SET private_folder='$priv_fol' WHERE member_id=$mem_id AND group_id=$_SESSION[group_id]";
	$result = mysql_query($sql, $db);
}


if (isset($_POST['cancel'])) {
	if (isset($_POST['confirm'])) {
		header('Location: group_assign.php');
	} else {
		header('Location: index.php');
	}
	exit;
}

if (isset($_POST['add'])) {
	$sql = "INSERT INTO ".TABLE_PREFIX."groups_members VALUES ";
	if (is_array($_POST['adds'])) {
		foreach ($_POST['adds'] as $mid => $add) {
			if($add) {				
				if ($mid == $_SESSION['member_id']) {
					$priv=USER_GROUP_ADMIN;	
				} else {
					$priv=USER_CLIENT;
				}
				$sql .= "(".$_SESSION['group_id'].", $mid, $priv, 0, 'y'),";
			}
		}
		$sql = substr($sql, 0, -1);
		mysql_query($sql,$db);
		header('Location: group_assign.php?f='.F_ASSIGN_ADDED);
		exit;
	}
}

if (isset($_POST['apply'])) {
	$rems = array();
	if (is_array($_POST['privs'])) {
		foreach ($_POST['privs'] as $mid => $priv) {
			if ($priv != USER_INVALID) {
				$sql = "UPDATE ".TABLE_PREFIX."groups_members SET `privileges`=$priv WHERE group_id=$_SESSION[group_id] AND member_id=$mid";
				mysql_query($sql,$db);
			} else {
				if ($mid == $_SESSION['member_id']) {
					$del_self_warning = _AC('del_self_warning');
				} else {
					$rems[$mid] = $priv;
				}
			}
		}
	}
	if (count($rems) > 0) {
		$sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id=".$_SESSION['group_id']." AND (";
		foreach ($rems as $mid => $remove) {
			$sql .= "member_id=".$mid." OR ";
		}
		$sql = substr($sql, 0, -4);
		$sql .= ")";
		mysql_query($sql,$db);
	}
	if (!isset($del_self_warning)) {
		header('Location: group_assign.php?f='.F_ASSIGN_EDITED);
		exit;
	}
}

if (isset($_POST['continue'])) {
	$sql = "DELETE FROM ".TABLE_PREFIX."groups_members WHERE group_id=".$_SESSION['group_id']." AND member_id=".$_SESSION['member_id'];
	mysql_query($sql,$db);
	header('Location: group_assign.php?f='.F_ASSIGN_EDITED);
	exit;
}

if (authenticate(USER_ADMIN, USER_RETURN_CHECK)) {
	$group_info = get_group($_SESSION['group_id']);

	$_SECTION[0][0] = _AC('administration');
	$_SECTION[0][1] = 'admin/index.php';
	$_SECTION[1][0] = _AC('groups');
	$_SECTION[1][1] = 'admin/groups.php';
	$_SECTION[2][0] = $group_info['title'];
	$_SECTION[2][1] = 'group_admin/index.php';
	$_SECTION[3][0] = _AC('group_member_management');
	$_SECTION[3][1] = 'group_admin/group_assign.php';

	require(AC_INCLUDE_PATH.'admin/header.inc.php');
} else {
	$_SECTION[0][0] = _AC('home');
	$_SECTION[0][1] = 'home.php';
	$_SECTION[1][0] = _AC('administration');
	$_SECTION[1][1] = 'group_admin/';
	$_SECTION[2][0] = _AC('group_member_management');
	$_SECTION[2][1] = 'group_admin/group_assign.php';

	require(AC_INCLUDE_PATH.'header.inc.php');
}

if (isset($errors)) {
	print_errors($errors);
	unset($errors);
}

if (isset($_GET['f'])) {
	$_SESSION['show_feedback'] = '';
	print_feedback($_GET['f']);
	unset($_GET['f']);
}

if ($_GET['group_sort'] == 'DESC') {
	$group_sort = 'ASC';
} else {
	$group_sort = 'DESC';
}

if ($_GET['non_group_sort'] == 'DESC') {
	$non_group_sort = 'ASC';
} else {
	$non_group_sort = 'DESC';
}


if (isset($del_self_warning)) {
?>
	<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="form_rem_confirm">
	<input type="hidden" name="confirm" value="1" />
	<table width="100%" cellspacing="0" cellpadding="2" style="border: 1pt solid " bgcolor="white" align="center" summary="">
	<tr>
		<td align="center"><br /><?php echo $del_self_warning; ?><br /><br />
			<input type="submit" name="continue" value="<?php echo _AC('continue'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /> &nbsp; <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br />
		</td>
	</tr>
	</table>
	</form>
	<br />

<?php
	require(AC_INCLUDE_PATH.'footer.inc.php');
	exit;
}
$studs = array();
$studs_group = array();

// COURSE LIST
if ($_SESSION['course_id'] > 0) {
	$sql = "SELECT DISTINCT(E.member_id), H.group_id, H.privileges, H.private_folder FROM ".AT_TABLE_PREFIX."course_enrollment E LEFT JOIN ".TABLE_PREFIX."groups_members H USING (member_id) WHERE E.course_id=".$_SESSION['course_id'];
} else {
	$sql = "SELECT M.member_id, G.group_id, G.privileges, G.private_folder FROM ".TABLE_PREFIX."members M LEFT JOIN ".TABLE_PREFIX."groups_members G USING (member_id) ORDER BY M.login ASC";
}

if ($result = mysql_query($sql,$db)) {
	echo '<table cellspacing="0" cellpadding="5" border="0" align="center" summary=""><tr><td width="50%" valign="top">';

	echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form_add">';
	echo '<table width="100%" cellspacing="0" cellpadding="2" border="0" bgcolor="white" align="center" summary="" class="box2">';
	echo '<tr>';
	echo '<th colspan="2" class="box" align="center">';
	if ($non_group_sort == 'DESC' ) {
		echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?non_group_sort=DESC' . SEP . 'group_sort=' . $_GET['group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('nongroup_members') . ' <img src="images/asc.gif" height="7" width="11" alt="'._AC('username_asc').'" border="0"  class="img4"/></a>';
	}
	else {
		echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?non_group_sort=ASC' . SEP . 'group_sort=' . $_GET['group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('nongroup_members') . ' <img src="images/desc.gif" height="7" width="11" alt="'._AC('username_desc').'" border="0"  class="img4"/></a>';
	}
	echo '</th></tr>';

	while ($row = mysql_fetch_assoc($result)) {
		if ($row['group_id'] == $_SESSION['group_id']) {	
			$studs_group[$row['member_id']] = $row;
			if (isset($studs[$row['member_id']])) {
				unset($studs[$row['member_id']]);
			}
		} else if (!isset($studs_group[$row['member_id']])) {	
			$studs[$row['member_id']] = $row;
		}
	}
	if (count($studs)>0) {

		//sorting order
		if ($non_group_sort == 'DESC') {
			//reverse the thurst of durst (always wanted to say that :), reverse the array order
			$studs = array_reverse($studs);
		}

		$counter=1;
		$d = '';
		foreach ($studs as $row) {
			$counter++;
			echo '<tr>';
			echo '<td class="row'.(($counter-1)%2).'">';
			echo '<input type="checkbox" name="adds['.$row['member_id'].']" id="add'.$row['member_id'].'" value="1"'.$n.'> <label for="add'.$row['member_id'].'">';
		
			$sql	= "SELECT login, first_name, last_name FROM ".MEMBERS_TABLE_PREFIX."members WHERE member_id=".$row['member_id'];
			$result	= mysql_query($sql, $db);
			$mem	= mysql_fetch_array($result);
			echo $mem['login'];
			if ($mem['first_name']!='' || $mem['last_name']!='') {
				echo ' - '.$mem['first_name'].' '.$mem['last_name'];
			}
			echo '</label>';
			echo '</td>';
			echo '</tr>';
		}
	} else {
		echo '<tr>';
		echo '<td class="row'.(($counter-1)%2).'">';
		echo _AC('no_unassigned');
		$d = 'disabled="disabled"';
		echo '</td>';
		echo '</tr>';
	}

	echo '<tr>';
	echo '<td colspan="2" align="center" class="row1"><br /><input type="submit" name="add" value="'._AC('add').'" class="submitY" onfocus="this.className=\'submitY highlight\'" onblur="this.className=\'submitY\'" '.$d.' /><br /><br /></td>';
	echo '</tr>';
	echo '</table>';
	echo '</form></td><td width="60%" valign="top">';

	//GROUP LIST
	echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="form_remove">';
	echo '<table width="100%" cellspacing="0" cellpadding="2" border="0" bgcolor="white" align="center" summary="" class="box2">';
	echo '<tr>';
	echo '<th colspan="2" class="box" align="center">';
	if ($group_sort == 'DESC' ) {
		echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?group_sort=DESC' . SEP . 'non_group_sort=' . $_GET['non_group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('group_members') . ' <img src="images/asc.gif" height="7" width="11" alt="'._AC('username_asc').'" border="0"  class="img4"/></a>';
	}
	else {
		echo '<a class="sortbox" href="'.$_SERVER['PHP_SELF'].'?group_sort=ASC' . SEP . 'non_group_sort=' . $_GET['non_group_sort'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">' . _AC('group_members') . ' <img src="images/desc.gif" height="7" width="11" alt="'._AC('username_desc').'" border="0"  class="img4"/></a>';
	}
	echo '</th></tr>';

	if (count($studs_group)>0) {
		//sorting order
		if ($group_sort == 'DESC') {
			//reverse the thurst of durst (always wanted to say that :), reverse the array order
			$studs_group = array_reverse($studs_group);
		}

		$counter=1;
		foreach ($studs_group as $stud) {				
			$counter++;
			$inst = FALSE;
			$d = '';
			echo '<tr>';
			echo '<td class="row'.(($counter-1)%2).'">';

			$sql	= "SELECT login, first_name, last_name FROM ".MEMBERS_TABLE_PREFIX."members WHERE member_id=".$stud['member_id'];
			$result	= mysql_query($sql, $db);
			$mem	= mysql_fetch_assoc($result);

			if ($stud['member_id'] == $_SESSION['member_id']) {
				echo '<strong>'._AC('chat_you').'</strong>';
			} else {
				echo $mem['login'];
			}
			if ($mem['first_name']!='' || $mem['last_name']!='') {
				echo ' - '.$mem['first_name'].' '.$mem['last_name'];
			}			
			echo '</td>';

			if ($_SESSION['course_id'] > 0) {
				//check if instructor
				$sql	= "SELECT count(member_id) FROM ".MEMBERS_TABLE_PREFIX."courses WHERE member_id=".$stud['member_id']." AND course_id=".$_SESSION['course_id'];
				$result	= mysql_query($sql, $db);
				$row = mysql_fetch_array($result);
				if ($row[0] > 0) {
					$inst = true;
				}
			}
			$a = "";
			$r = "";
			if (($stud['privileges'] == USER_GROUP_ADMIN) || ($stud['privilege'] == USER_ADMIN)) {
				$a = 'checked="checked"';
			} else {
				$r = 'checked="checked"';
			}

			if (!$inst) {
				echo '<td class="row'.(($counter-1)%2).'" nowrap="nowrap">';

				if ($stud['private_folder'] == 'y') {
					echo '<a href="'.$_SERVER['PHP_SELF'].'?non_group_sort=' . $_GET['non_group_sort'] . SEP . 'group_sort=' . $_GET['group_sort'] . SEP . 'private_folder=0' . SEP . 'member_id=' . $stud['member_id'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">(' . _AC('disable_personal_folder') . ')</a>';
				} else {
					echo '<a href="'.$_SERVER['PHP_SELF'].'?non_group_sort=' . $_GET['non_group_sort'] . SEP . 'group_sort=' . $_GET['group_sort'] . SEP . 'private_folder=1' . SEP . 'member_id=' . $stud['member_id'] . '" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">(' . _AC('enable_personal_folder') . ')</a>';
				}
				
				if ($_SESSION['member_id'] == $stud['member_id']) {
					echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" id="r' . $stud['member_id'] . '" disabled="disabled" /><label for="r' . $stud['member_id'] . '">' . _AC('regular') . '</label>';
				} else {
					echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" value="' . USER_CLIENT . '" id="r' . $stud['member_id'] . '" ' . $r . ' /><label for="r' . $stud['member_id'] . '">' . _AC('regular') . '</label>';
				}
				
				echo '<input type="radio" name="privs['.$stud['member_id'].']" value="'.USER_GROUP_ADMIN.'" id="a' . $stud['member_id'] . '" ' . $a . ' /><label for="a' . $stud['member_id'] . '">' . _AC('group_admin') . '</label>&nbsp; <strong>|</strong>';

				if ($_SESSION['member_id'] == $stud['member_id']) {
					echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" id="rem' . $stud['member_id'] . '" disabled="disabled" /><label for="rem' . $stud['member_id'] . '">' . _AC('remove') . '</label>';				
				} else {				
					echo '<input type="radio" name="privs[' . $stud['member_id'] . ']" value="' . USER_INVALID . '" id="rem' . $stud['member_id'] . '" /><label for="rem' . $stud['member_id'] . '">' . _AC('remove') . '</label>';
				}
				echo '</td>';
			} else {
				echo '<td class="row'.(($counter-1)%2).'"> - '._AC('group_admin').'</td>';
			}
			echo '</tr>';
		}
	} else {
		echo '<tr>';
		echo '<td class="row'.(($counter-1)%2).'">';
		echo _AC('no_members_found');
		$d = 'disabled="disabled"';
		echo '</td>';
		echo '</tr>';
	}

	echo '<tr>';
	echo '<td colspan="2" align="center" class="row1" nowrap="nowrap"><br /><input type="submit" name="apply" value="'._AC('apply').'" class="submitY" onfocus="this.className=\'submitY highlight\'" onblur="this.className=\'submitY\'" '.$d.' /> &nbsp; <input type="submit" name="cancel" value="'._AC('cancel').'" class="submitN" onfocus="this.className=\'submitN highlight\'" onblur="this.className=\'submitN\'" /><br /><br /></td>';
	echo '</tr>';
	echo '</table>';
	echo '</form>';

	echo '</td></tr></table>';
} else {
	echo _AC('no_group_members');
}

require(AC_INCLUDE_PATH.'footer.inc.php');
?>
Return current item: ACollab