Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Groups/admin/modules/groups.php
<?php
// File: $Id: groups.php,v 1.11 2001/12/04 21:01:05 jgm Exp $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Jim McDonald
// Purpose of file:  Group administration
// ----------------------------------------------------------------------

if (!eregi('admin.php', $PHP_SELF)) { die ('Access Denied'); }

$hlpfile = 'manual/groups.html';

modules_get_language();

/*
 * viewGroups - view groups
 * Takes no parameters
 *
 */
function viewGroups()
{
    global $hlpfile, $dbconn, $pntable;

    $grouptable = $pntable['groups'];
    $groupcolumn = &$pntable['groups_column'];

    include("header.php");
    GraphicAdmin($hlpfile);

    // Heading
    OpenTable();
    echo "<CENTER><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT><BR>";

    if (!authorised(0, 'Groups::', '::', ACCESS_EDIT)) {
        echo _GROUPSNOAUTH;
        include 'footer.php';
        return;
    }

    // Options
    if (authorised(0, 'Groups::', '::', ACCESS_ADD)) {
        echo '<BR>
              <TABLE BORDER="0" WIDTH="100%">
              <TR>
              <TD><A HREF="admin.php?op=secnewgroup">
              <CENTER><font class="pn-title">'.
              _ADDGROUP.
             '</FONT></CENTER></A></TD>
              </TR><BR>
              </TABLE>
              <BR>';
    }
    
    // Get and display current groups
    $query = "SELECT $groupcolumn[gid],
                     $groupcolumn[name]
              FROM $grouptable
              ORDER BY $groupcolumn[name]";
    $result = $dbconn->Execute($query);

// FTO Check EOF and databse error + do not use record count
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }


    if (!$result->EOF) {
        echo "<FORM ACTION=\"admin.php\" METHOD=\"POST\">".
             "<TABLE BORDER=\"5\">".
             "<TR FONT=\"pn-title\">".
             "<TD><CENTER>"._GROUPNAME."</CENTER></TD>".
             "<TD>&nbsp;</TD>".
             "</TR>";
             

        while(!$result->EOF) {

            list($gid, $name) = $result->fields;
            echo '<TR>';
            if (authorised(0, 'Groups::', "$name::$gid", ACCESS_EDIT)) {
                 echo "<TD><A HREF=\"admin.php?op=secviewgroup&amp;gid=$gid\">$name</A></TD>";
                 if (authorised(0, 'Groups::', "$name::$gid", ACCESS_DELETE)) {
                     echo "<TD><A HREF=\"admin.php?op=secdeletegroup&amp;gid=$gid\">"._DELETE."</A></TD>";
                 } else {
                     echo "<TD>&nbsp;</TD>";
                 }
                 echo "</TR>";
            }
            $result->MoveNext();
        }
        echo "</TABLE>";

    }

    CloseTable();
    include("footer.php");
}

/*
 * viewGroup - view a group
 * Takes one parameter:
 * - the gid
 */
function viewGroup($gid)
{
    global $hlpfile, $dbconn, $pntable;

    $grouptable = $pntable['groups'];
    $groupcolumn = &$pntable['groups_column'];
    $groupmembershiptable = $pntable['group_membership'];
    $groupmembershipcolumn = &$pntable['group_membership_column'];
    $usertable = $pntable['users'];
    $usercolumn = &$pntable['users_column'];

    include("header.php");
    GraphicAdmin($hlpfile);

    // Get details on current group
    $query = "SELECT $groupcolumn[name]
              FROM $grouptable
              WHERE $groupcolumn[gid]=$gid";

    $result = $dbconn->Execute($query);
    // FTO Check atabase error
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    // Heading
    OpenTable();
    echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A><font class=\"pn-title\"><B>: $gname</B></FONT></CENTER>";

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        echo _GROUPSNOAUTH;
        CloseTable();
        include 'footer.php';
        return;
    }

    // Group options
    echo "<BR>".
         "<TABLE BORDER=\"0\" WIDTH=\"100%\">".
         "<TR>";
    if (authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        echo "<TD><A HREF=\"admin.php?op=secselectuserforgroup&amp;gid=$gid\"><CENTER><font class=\"pn-title\">"._ADDUSERTOGROUP."</FONT></CENTER></A></TD>".
         "<TD><A HREF=\"admin.php?op=secmodifygroup&amp;gid=$gid\"><CENTER><font class=\"pn-title\">"._MODIFYGROUP."</FONT></CENTER></A></TD>";
        if (authorised(0, 'Groups::', "$gname::$gid", ACCESS_DELETE)) {
            echo "<TD><A HREF=\"admin.php?op=secdeletegroup&amp;gid=$gid\"><CENTER><font class=\"pn-title\">"._DELETEGROUP."</FONT></CENTER></A></TD>";
        }
    }
    echo "</TR>".
         "</TABLE>".
         "<BR>";
    

    // Get users in this group
    $query = "SELECT $groupmembershipcolumn[uid]
              FROM $groupmembershiptable
              WHERE $groupmembershipcolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
// FTO Check EOF and databse error + do not use record count
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    if (!$result->EOF) {

//FTO Check EOF
        while (!$result->EOF){
//        for(;list($uid) = $result->fields;$result->MoveNext() ) {
            list($uid) = $result->fields;
            $uids[] = $uid;
            $result->MoveNext();
        }
        $result->Close();
        $uidlist=implode(",", $uids);

        // Get names of users
        $query = "SELECT $usercolumn[uname],
                         $usercolumn[uid]
                  FROM $usertable
                  WHERE $usercolumn[uid] IN ($uidlist)
                  ORDER BY $usercolumn[name]";
        $result = $dbconn->Execute($query);

        echo "<CENTER><B>"._USERSINGROUP."</B><BR>".
             "<TABLE BORDER=\"1\">".
             "<TR FONT=\"pn-title\">".
             "<TD><CENTER>"._USERNAME."</CENTER></TD>".
             "<TD>&nbsp;</TD>".
             "</TR>";

// FTO Check EOF and databse error + do not use record count
        if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

        while(!$result->EOF) {

            list($uname, $uid) = $result->fields;
            echo "<TR>".
                 "<TD>$uname</TD>";
            if (authorised(0, 'Groups::', "$gname::$gid", ACCESS_DELETE)) {
                echo "<TD><A HREF=\"admin.php?op=secdeleteuserfromgroup&amp;uid=$uid&amp;gid=$gid\">"._DELETE."</A></TD>";
            } else {
                echo "<TD>&nbsp;</TD>";
            }
            echo "</TR>";
            $result->MoveNext();
        }
        $result->Close();
        echo "</TABLE></CENTER><BR>";
    } else {
        echo "<CENTER><B>"._NOONEINGROUP."</B></CENTER>";
    }

    CloseTable();
    include("footer.php");

}

/*
 * newGroup - create a new group
 * Takes no parameters
 */
function newGroup()
{
    global $hlpfile;

    include("header.php");
    GraphicAdmin($hlpfile);

    // Heading
    OpenTable();
    echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A></CENTER>";
    echo "<BR>";

    if (!authorised(0, 'Groups::', '::', ACCESS_ADD)) {
        echo _GROUPSADDNOAUTH;
        CloseTable();
        include 'footer.php';
        return;
    }

    echo "<FORM ACTION=\"admin.php\" METHOD=\"POST\">".
         "<INPUT TYPE=\"HIDDEN\" NAME=\"op\" VALUE=\"secaddgroup\">".
         _GROUPNAME. ": <INPUT TYPE=\"TEXT\" NAME=\"gname\"><P>".
         "<INPUT TYPE=SUBMIT VALUE=\""._NEWGROUP."\">".
         "</FORM>";

    CloseTable();
    include("footer.php");
}

/*
 * addGroup - add a group
 * Takes one parameter:
 * - the group name
 */
function addGroup($gname)
{
    global $hlpfile, $dbconn, $pntable;

    csrfcheck();

    if (!authorised(0, 'Groups::', "$gname::", ACCESS_ADD)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        echo _GROUPSADDNOAUTH;
        CloseTable();
        include 'footer.php';
        return;
    }

    $grouptable = $pntable['groups'];
    $groupcolumn = &$pntable['groups_column'];

    // Confirm that this group does not already exist
    //FTO Use single quote for where
    $query = "SELECT COUNT(*) FROM $grouptable
              WHERE $groupcolumn[name] = '$gname'";

    $result = $dbconn->Execute($query);

    list($count) = $result->fields;
//FTO Avoid error if not $result
    if ($result) $result->Close();
    if ($count == 1) {
        include("header.php");
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        echo "<BR>";
        echo _GROUPALREADYEXISTS;
    } else {
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
        $nextId = $dbconn->GenId("{$grouptable}_SEQ");

//FTO Use single quote for values
        $query = "INSERT INTO $grouptable
                  VALUES ($nextId, '$gname')";

        $dbconn->Execute($query);

        pnRedirect('/admin.php?op=secviewgroups');
    }
}

/*
 * deleteGroup - delete a group
 * Takes two parameters:
 * - the group ID
 * - confirmation
 */
function deleteGroup($gid, $ok)
{
    global $hlpfile, $dbconn, $pntable;

    csrfcheck();

    $groupstable = $pntable['groups'];
    $groupscolumn = &$pntable['groups_column'];
    // Get details on current group
    $query = "SELECT $groupscolumn[name]
              FROM $groupstable
              WHERE $groupscolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_DELETE)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        CloseTable();
        echo _GROUPSDELNOAUTH;
        include 'footer.php';
        return;
    }

    if (!$ok) {
        include("header.php");
        GraphicAdmin($hlpfile);

        // Heading
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        echo "<BR>
              <CENTER>".
              _DELETEGROUPSURE.
             "<FORM ACTION=\"admin.php\" METHOD=\"POST\">
              <INPUT TYPE=\"HIDDEN\" NAME=\"op\" VALUE=\"secdeletegroup\">
              <INPUT TYPE=\"HIDDEN\" NAME=\"ok\" VALUE=\"1\">
              <INPUT TYPE=\"HIDDEN\" NAME=\"gid\" VALUE=\"$gid\">
              <INPUT TYPE=\"SUBMIT\" VALUE=\"".
              _YES.
             "\">
              </FORM>
              <BR>
              <A HREF=\"admin.php?op=secviewgroups\">".
              _NO.
             "</A>
              </CENTER>";

        CloseTable();
        include("footer.php");
    } else {
        $groupmembershiptable = $pntable['group_membership'];
        $groupmembershipcolumn = &$pntable['group_membership_column'];
        $grouppermstable = $pntable['group_perms'];
        $grouppermscolumn = &$pntable['group_perms_column'];
        $groupstable = $pntable['groups'];
        $groupscolumn = &$pntable['groups_column'];

        // Delete permissions for the group
        $query = "DELETE FROM $grouppermstable
                  WHERE $grouppermscolumn[gid]=$gid";
        $dbconn->Execute($query);

        // Delete membership of the group
        $query = "DELETE FROM $groupmembershiptable
                  WHERE $groupmembershipcolumn[gid]=$gid";
        $dbconn->Execute($query);

        // Delete the group itself
        $query = "DELETE FROM $groupstable
                  WHERE $groupscolumn[gid]=$gid";
        $dbconn->Execute($query);

        pnRedirect('admin.php?op=secviewgroups');
    }
}

/*
 * selectUserForGroup - select a user to add to 
 *                      a group
 * Takes one parameter:
 * - the group ID
 */
function selectUserForGroup($gid)
{
    global $hlpfile, $dbconn, $pntable;

    $grouptable = $pntable['groups'];
    $groupcolumn = &$pntable['groups_column'];
    $groupmembershiptable = $pntable['group_membership'];
    $groupmembershipcolumn = &$pntable['group_membership_column'];
    $usertable = $pntable['users'];
    $usercolumn = &$pntable['users_column'];

    include("header.php");
    GraphicAdmin($hlpfile);

    // Get details on current group
    $query = "SELECT $groupcolumn[name]
              FROM $grouptable
              WHERE $groupcolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    // Heading
    OpenTable();
    echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A><font class=\"pn-title\"><B>: $gname</B></FONT></CENTER>";
    echo "<BR>";

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        CloseTable();
        echo _GROUPSEDITNOAUTH;
        include 'footer.php';
        return;
    }
    
    // Get list of users already in this group
    $query = "SELECT $groupmembershipcolumn[uid]
              FROM $groupmembershiptable
              WHERE $groupmembershipcolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
    $uids = array();
// FTO Check EOF and databse error + do not use record count
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
    }

    while(!$result->EOF) {

        list($uid) = $result->fields;
        $uids[] = $uid;
        $result->MoveNext();
    }
    $uidlist = implode(",", $uids);
    $result->Close();

    // Get list of eligible users
    $query = "SELECT $usercolumn[uid],
                     $usercolumn[uname]
              FROM $usertable";
    if (!empty($uidlist)) {
        $query .= " WHERE $usercolumn[uid] NOT IN ($uidlist)";
    }
    $query .= " ORDER BY $usercolumn[uname]";
    $result = $dbconn->Execute($query);
    if (!$result->EOF) {
        echo "<BR>".
             "<FORM ACTION=\"admin.php\" METHOD=\"POST\">".
             _USERTOADD.": ".
             "<INPUT TYPE=\"HIDDEN\" NAME=\"op\" VALUE=\"secaddusertogroup\">".
             "<INPUT TYPE=\"HIDDEN\" NAME=\"gid\" VALUE=\"$gid\">".
             "<SELECT NAME=\"uid\">";

// FTO Check EOF and databse error
        if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

        while(!$result->EOF) {

            list($uid, $uname) = $result->fields;
            echo "<OPTION VALUE=\"$uid\">$uname</OPTION>";
            $result->MoveNext();
        }
       echo "</SELECT>".
            "  <INPUT TYPE=\"SUBMIT\" VALUE=\""._CONFIRM."\">".
            "</FORM>";
    } else {
        echo "<B>All users are currently in this group</B>";
    }
    $result->Close();

    CloseTable();
    include("footer.php");
}

/*
 * addUserToGroup - add a user to a group
 * Takes two parameters:
 * - the user ID
 * - the group ID
 */
function addUserToGroup($uid, $gid)
{
    global $hlpfile, $dbconn, $pntable;

    csrfcheck();

    // Get details on current group
    $groupstable = $pntable['groups'];
    $groupscolumn = &$pntable['groups_column'];
    $query = "SELECT $groupscolumn[name]
              FROM $groupstable
              WHERE $groupscolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        CloseTable();
        echo _GROUPSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $groupmembershiptable = $pntable['group_membership'];
    $groupmembershipcolumn = &$pntable['group_membership_column'];

    $query = "INSERT INTO $groupmembershiptable
              ($groupmembershipcolumn[uid],
               $groupmembershipcolumn[gid])
              VALUES ($uid, $gid)";
    $dbconn->Execute($query);

    Header("Location: admin.php?op=secviewgroup&gid=".$gid);
}

/*
 * deleteUserFromGroup - delete a user from a group
 * Takes two parameters:
 * - the user ID
 * - the group ID
 */
function deleteUserFromGroup($uid, $gid)
{
    global $hlpfile, $dbconn, $pntable;

    csrfcheck();

    // Get details on current group
    $groupstable = $pntable['groups'];
    $groupscolumn = &$pntable['groups_column'];
    $query = "SELECT $groupscolumn[name]
              FROM $groupstable
              WHERE $groupscolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        CloseTable();
        echo _GROUPSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $groupmembershiptable = $pntable['group_membership'];
    $groupmembershipcolumn = &$pntable['group_membership_column'];

    $query = "DELETE FROM $groupmembershiptable
              WHERE $groupmembershipcolumn[uid]=$uid
                AND $groupmembershipcolumn[gid]=$gid";
    $dbconn->Execute($query);

    pnRedirect('admin.php?op=secviewgroup&gid='.$gid);
}

/*
 * modifyGroup - modify group details
 * Takes one parameter:
 * - the group ID
 */
function modifyGroup($gid)
{
    global $hlpfile, $dbconn, $pntable;


    $groupstable = $pntable['groups'];
    $groupscolumn = &$pntable['groups_column'];

    include("header.php");
    GraphicAdmin($hlpfile);

    $query = "SELECT $groupscolumn[name]
              FROM $groupstable
              WHERE $groupscolumn[gid]=$gid";
    $result = $dbconn->Execute($query);
// FTO Check database error
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($gname) = $result->fields;
    $result->Close();

    // Heading
    OpenTable();
    echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
    echo "<br>";

    if (!authorised(0, 'Groups::', "$gname::$gid", ACCESS_EDIT)) {
        CloseTable();
        echo _GROUPSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    echo "<form action=\"admin.php\" method=\"post\">".
         "<input type=\"hidden\" name=\"op\" value=\"secrenamegroup\">".
         "<input type=\"hidden\" name=\"gid\" value=\"$gid\">".
         _GROUPNAME. ": <input type=\"text\" name=\"gname\" value=\"$gname\"><P>".
         "<input type=submit value=\""._RENAMEGROUP."\">".
         "</form>";

    CloseTable();
    include("footer.php");
}

/*
 * renameGroup - rename group
 * Takes two parameters:
 * - the group ID
 * - the new group name
 */
function renameGroup($gid, $gname)
{
    global $hlpfile, $dbconn, $pntable;

    csrfcheck();

    $groupstable = $pntable['groups'];
    $groupscolumn = &$pntable['groups_column'];

    // Get details on current group
    $query = "SELECT $groupscolumn[name]
              FROM $groupstable
              WHERE $groupscolumn[gid]=$gid";
    $result = $dbconn->Execute($query);

    // FTO Check database error
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    if ($result->EOF) {
        die("No such group ID $gid");
    }

    list($oldgname) = $result->fields;
    $result->Close();

    if (!authorised(0, 'Groups::', "$oldgname::$gid", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<CENTER><A HREF=\"admin.php?op=secviewgroups\" CLASS=\"pn-title\"><FONT SIZE=\"4\"<B>"._GROUPADMIN."</B></FONT></A>: $gname</CENTER>";
        CloseTable();
        echo _GROUPSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    //FTO Use single quote for values
    $query = "UPDATE $groupstable
              SET $groupscolumn[name]='$gname' WHERE $groupscolumn[gid]=$gid";
    $result=$dbconn->Execute($query);
    // FTO Check database error
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    pnRedirect('admin.php?op=secviewgroup&gid='.$gid);
}
  

//FTO Remove warning
if (!isset($ok)) $ok=0;

// Main function
if (!authorised(0, 'Groups::', '::', ACCESS_EDIT)) {
    include 'header.php';
    echo _GROUPSNOAUTH;
    include 'footer.php';
} else {
    switch($op) {

        case "secviewgroups";
            viewGroups();
            break;

        case "secviewgroup";
            viewGroup($gid);
            break;

        case "secnewgroup";
            newGroup();
            break;

        case "secaddgroup";
            addGroup($gname);
            break;

        case "secdeletegroup";
            deleteGroup($gid, $ok);
            break;

        case "secselectuserforgroup";
            selectUserForGroup($gid);
            break;

        case "secaddusertogroup";
            addUserToGroup($uid, $gid);
            break;

        case "secdeleteuserfromgroup";
            deleteUserFromGroup($uid, $gid);
            break;

        case "secmodifygroup";
            modifyGroup($gid);
            break;

        case "secrenamegroup";
            renameGroup($gid, $gname);
            break;

    }
}
?>
Return current item: ProNuke. Postnuke To Oracle