Location: PHPKode > projects > Meeting Request Scheduling and Booking System > mrsbs/php/admin/admin-op-handler.php
<?PHP

   // Admin operations handler
   //
   // Version: $Revision: 1.3 $
   // Date: $Date: 2006/12/09 21:54:00 $
   //
   // Copyright (c) 2006 Benjamin Oshrin
   // License restrictions apply, see LICENSE for details.

$auth_required = 1;
include('../lib/mrsbs.inc');

// We must have a place to go back to

if(isset($rvar_return))
  $op_ret = $rvar_return;
else
  mexit($tx['op.err.badparam'], 1);

switch($rvar_op)
{
 case "contact":
 case "contactinvite":
   if($rvar_contactid == "new" && authorize("admin", "contactnew"))
   {
     if(($rvar_op == "contact" &&
	 add_contact($rvar_givenname, $rvar_sn, $rvar_mail))
	||
	($rvar_op == "contactinvite" &&
	 add_contact_and_invite($rvar_givenname, $rvar_sn, $rvar_mail,
				$rvar_mtgid, $rvar_status)))
       $result = $tx['op.successful'];
     else
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
   }
   elseif(authorize("admin", "contact", $rvar_contactid))
   {
     if(update_contact($rvar_contactid, $rvar_givenname, $rvar_sn,
		       $rvar_mail))
     {
       if($_SESSION['contactid'] == $rvar_contactid)
       {
	 // Update session info

	 $u = lookup_user_by_email($rvar_mail);
	
	 if($u)
	 {
	   $_SESSION['givenname'] = $u['givenname'];
	   $_SESSION['mail'] = $u['mail'];
	   $_SESSION['sn'] = $u['sn'];
	 }
       }
       
       $result = $tx['op.successful'];
     }
     else
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
   }
   else
   {
     $result = $tx['op.err.perm'];
     $err++;
   }
   break; // contact
 case "delcontact":
   if(authorize("admin", "delcontact", $rvar_contactid))
   {
     if(delete_contact($rvar_contactid))
       $result = $tx['op.successful'];
     else
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
   }
   break; // delcontact
 case "delegates":
   if(authorize("admin", "delegates"))
   {
     $result = $tx['op.successful'];
     
     // First update existing data

     $createon = array();
     $createoff = array();
     $replyon = array();
     $createoff = array();
     $removes = array();
     
     for($i = 0;$i < count($rvar_curids);$i++)
     {
       // We loop through looking for permissions that changed
       // We assume we got here via POST

       // Check if create was toggled
       
       if($_POST['curcreate-'.$rvar_curids[$i]] == "1")
       {
	 if($_POST['create-'.$rvar_curids[$i]] != "Y")
	   $createoff[] = $rvar_curids[$i];
       }
       else
       {
	 if($_POST['create-'.$rvar_curids[$i]] == "Y")
	   $createon[] = $rvar_curids[$i];
       }

       // Check if reply was toggled
       
       if($_POST['curreply-'.$rvar_curids[$i]] == "1")
       {
	 if($_POST['reply-'.$rvar_curids[$i]] != "Y")
	   $replyoff[] = $rvar_curids[$i];
       }
       else
       {
	 if($_POST['reply-'.$rvar_curids[$i]] == "Y")
	   $replyon[] = $rvar_curids[$i];
       }

       // Check if entry should be deleted

       if($_POST['remove-'.$rvar_curids[$i]] == "Y")
	 $removes[] = $rvar_curids[$i];
     }

     if(!update_delegates($createon, $createoff, $replyon, $replyoff,
			  $removes))
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
     else
     {
       // See if a new delegate was added

       if($rvar_newdelegator > -1 && $rvar_newdelegate > -1)
       {
	 if(!add_delegate($rvar_newdelegator, $rvar_newdelegate,
			  $rvar_newcreate, $rvar_newreply))
	 {
	   $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	   $err++;
	 }
       }
     }
   }
   else
   {
     $result = $tx['op.err.perm'];
     $err++;
   }
   break; // delegates
 case "location":
   // Build the ACLs

   $acl = array();

   switch($rvar_acl)
   {
   case 'a':
     $acl['a'] = 1;
     break;
   case 'g':
     $acl['g'] = array();
     $acl['g']['count'] = count($rvar_groups);
     for($i = 0;$i < count($rvar_groups);$i++)
     {
       $acl['g'][$i] = array();
       $acl['g'][$i]['who'] = $rvar_groups[$i];
       $acl['g'][$i]['perm'] = 1;
     }
     break;
   case 'u':
     $acl['u'] = array();
     $acl['u']['count'] = 1;
     $acl['u'][0] = array();
     $acl['u'][0]['who'] = $_SESSION['contactid'];
     $acl['u'][0]['perm'] = 1;
     break;
   }
   
   if($rvar_locationid == "new" && authorize("admin", "locnew", -1))
   {
     // For now, we only support internal locations
     if(add_location($rvar_description, $rvar_capacity, $_SESSION['contactid'],
		     "I", $acl))
       $result = $tx['op.successful'];
     else
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
   }
   elseif(authorize("admin", $rvar_op, $rvar_locationid))
   {
     $owner = $_SESSION['contactid'];

     if(authorize("admin", "locationowner", $rvar_locationid))
       $owner = $rvar_owner;
     
     // For now, we only support internal locations
     if(update_location($rvar_locationid, $rvar_description, $rvar_capacity,
			$owner, "I", $acl))
       $result = $tx['op.successful'];
     else
     {
       $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
       $err++;
     }
   }
   else
   {
     $result = $tx['op.err.perm'];
     $err++;
   }
   break; // location
 case "null":
   $result = "";
   break; // null
 default:
   $result = $tx['op.err.badparam'];
   $err++;
   break;
}

?>
<HTML>
<HEAD>
<META HTTP-EQUIV="refresh" CONTENT="<?PHP print (isset($err) ? "1" : "0");?>;URL=<?PHP
  if(strstr($op_ret, "?")) $c = "&";
  else $c = "?";
  print $op_ret . $c . (isset($err) ? "error=" : "result=") . $result;
?>">
</HEAD>
<BODY BGCOLOR=gray>
<?PHP /*print $op_ret;*/?>
</BODY>
</HTML>
Return current item: Meeting Request Scheduling and Booking System