PHP-Nuke PHP Cross Reference Web Portal Systems

Source: /admin/modules/groups.php - 432 lines - 23535 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /************************************************************************/

   4  /* PHP-NUKE: Web Portal System                                          */

   5  /* ===========================                                          */

   6  /*                                                                      */

   7  /* Copyright (c) 2007 by Francisco Burzi                                */

   8  /* http://phpnuke.org                                                   */

   9  /*                                                                      */

  10  /* This program is free software. You can redistribute it and/or modify */

  11  /* it under the terms of the GNU General Public License as published by */

  12  /* the Free Software Foundation; either version 2 of the License.       */

  13  /************************************************************************/

  14  
  15  if (!defined('ADMIN_FILE')) {
  16      die ("Access Denied");
  17  }
  18  
  19  global $prefix, $db, $admin_file;
  20  $aid = substr("$aid", 0,25);
  21  $row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper FROM " . $prefix . "_authors WHERE aid='$aid'"));
  22  if ($row['radminsuper'] == 1) {
  23  
  24      /*********************************************************/

  25      /* Users Groups Functions                                      */

  26      /*********************************************************/

  27  
  28  	function Groups() {
  29          global $bgcolor2, $bgcolor4, $prefix, $user_prefix, $db, $admin_file;
  30          include ("header.php");
  31          GraphicAdmin();
  32          title("" . _GROUPSADMIN . "");
  33          $grp_num = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_groups"));
  34          if ($grp_num == 0) {
  35              OpenTable();
  36              echo "<center><font class=\"title\"><b>" . _NOGROUPS . "</b></font></center>";
  37              CloseTable();
  38              echo "<br>";
  39          } else {
  40              OpenTable();
  41              echo "<center><font class=\"title\"><b>" . _UGROUPS . "</b></font></center>"
  42              ."<br><table border=\"1\" width=\"100%\"><tr>"
  43              ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _NAME . "</b></td>"
  44              ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _DESCRIPTION . "</b></td>"
  45              ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _POINTS . "</b></td>"
  46              ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _USERSCOUNT . "</b></td>"
  47              ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _FUNCTIONS . "</b></td></tr>";
  48              $result = $db->sql_query("SELECT id, name, description, points FROM " . $prefix . "_groups ORDER BY points");
  49              while ($row = $db->sql_fetchrow($result)) {
  50                  $id = intval($row['id']);
  51                  $name = filter($row['name'], nohtml);
  52                  $description = filter($row['description']);
  53                  $points = intval($row['points']);
  54                  $users_num = $db->sql_numrows($db->sql_query("SELECT * FROM " . $user_prefix . "_users WHERE points>='$points'"));
  55                  echo "<tr>"
  56                  ."<td align=\"left\" nowrap>&nbsp;$name&nbsp;</td>"
  57                  ."<td align=\"left\">$description</td>"
  58                  ."<td align=\"center\">$points</td>"
  59                  ."<td align=\"center\">$users_num</td>"
  60                  ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;[ <a href=\"".$admin_file.".php?op=grp_edit&amp;id=$id\">" . _EDIT . "</a> | <a href=\"".$admin_file.".php?op=grp_del&amp;id=$id\">" . _DELETE . "</a> ]&nbsp;</font></td></tr>";
  61              }
  62              echo "</table>";
  63              CloseTable();
  64              echo "<br>";
  65          }
  66          OpenTable();
  67          echo "<center><font class=\"option\"><b>" . _ADDNEWGROUP . "</b></font></center><br><br>"
  68          ."<form action=\"".$admin_file.".php\" method=\"post\">"
  69          ."<table border=\"0\" width=\"100%\">"
  70          ."<tr><td>" . _GTITLE . ":</td><td><input type=\"text\" name=\"name\" size=\"50\" maxlength=\"255\"></td></tr>"
  71          ."<tr><td>" . _DESCRIPTION . ":</td><td><textarea name=\"description\" cols=\"70\" rows=\"15\"></textarea></td></tr>"
  72          ."<tr><td>" . _POINTSNEEDED . ":</td><td><input type=\"text\" name=\"points\" size=\"10\" maxlength=\"20\" value=\"0\">&nbsp;<i>(" . _ONLYNUMVAL . ")</i></td></tr>"
  73          ."</table><br><br>"
  74          ."<input type=\"hidden\" name=\"op\" value=\"grp_add\">"
  75          ."<input type=\"submit\" value=\"" . _CREATEGROUP . "\"></form>";
  76          CloseTable();
  77          echo "<br>";
  78          OpenTable();
  79          echo "<center><font class=\"option\"><b>" . _POINTSSYSTEM . "</b></font></center><br><br>"
  80          ."<table border=\"1\" width=\"100%\"><tr>"
  81          ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _NAME . "</b></td>"
  82          ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _DESCRIPTION . "</b></td>"
  83          ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _POINTS . "</b></td>"
  84          ."<td align=\"center\" bgcolor=\"$bgcolor2\"><b>" . _FUNCTIONS . "</b></td></tr>"
  85          ."<tr>";
  86          $row2 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='1'"));
  87          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
  88          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS01 . "&nbsp;</td>"
  89          ."<td align=\"left\">" . _DESC01 . "</td>"
  90          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row2[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
  91          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
  92          ."<input type=\"hidden\" name=\"id\" value=\"1\">"
  93          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
  94          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
  95          ."<tr>";
  96          $row3 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='2'"));
  97          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
  98          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS02 . "&nbsp;</td>"
  99          ."<td align=\"left\">" . _DESC02 . "</td>"
 100          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row3[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 101          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 102          ."<input type=\"hidden\" name=\"id\" value=\"2\">"
 103          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 104          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 105          ."<tr>";
 106          $row4 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='3'"));
 107          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 108          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS03 . "&nbsp;</td>"
 109          ."<td align=\"left\">" . _DESC03 . "</td>"
 110          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row4[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 111          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 112          ."<input type=\"hidden\" name=\"id\" value=\"3\">"
 113          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 114          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 115          ."<tr>";
 116          $row5 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='4'"));
 117          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 118          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS04 . "&nbsp;</td>"
 119          ."<td align=\"left\">" . _DESC04 . "</td>"
 120          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row5[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 121          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 122          ."<input type=\"hidden\" name=\"id\" value=\"4\">"
 123          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 124          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 125          ."<tr>";
 126          $row6 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='5'"));
 127          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 128          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS05 . "&nbsp;</td>"
 129          ."<td align=\"left\">" . _DESC05 . "</td>"
 130          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row6[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 131          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 132          ."<input type=\"hidden\" name=\"id\" value=\"5\">"
 133          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 134          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 135          ."<tr>";
 136          $row7 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='6'"));
 137          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 138          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS06 . "&nbsp;</td>"
 139          ."<td align=\"left\">" . _DESC06 . "</td>"
 140          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row7[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 141          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 142          ."<input type=\"hidden\" name=\"id\" value=\"6\">"
 143          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 144          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 145          ."<tr>";
 146          $row8 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='7'"));
 147          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 148          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS07 . "&nbsp;</td>"
 149          ."<td align=\"left\">" . _DESC07 . "</td>"
 150          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row8[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 151          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 152          ."<input type=\"hidden\" name=\"id\" value=\"7\">"
 153          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 154          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 155          ."<tr>";
 156          $row9 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='8'"));
 157          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 158          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS08 . "&nbsp;</td>"
 159          ."<td align=\"left\">" . _DESC08 . "</td>"
 160          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row9[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 161          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 162          ."<input type=\"hidden\" name=\"id\" value=\"8\">"
 163          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 164          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 165          ."<tr>";
 166          $row10 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='9'"));
 167          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 168          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS09 . "&nbsp;</td>"
 169          ."<td align=\"left\">" . _DESC09 . "</td>"
 170          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row10[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 171          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 172          ."<input type=\"hidden\" name=\"id\" value=\"9\">"
 173          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 174          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 175          ."<tr>";
 176          $row11 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='10'"));
 177          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 178          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS10 . "&nbsp;</td>"
 179          ."<td align=\"left\">" . _DESC10 . "</td>"
 180          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row11[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 181          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 182          ."<input type=\"hidden\" name=\"id\" value=\"10\">"
 183          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 184          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 185          ."<tr>";
 186          $row12 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='11'"));
 187          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 188          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS11 . "&nbsp;</td>"
 189          ."<td align=\"left\">" . _DESC11 . "</td>"
 190          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row12[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 191          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 192          ."<input type=\"hidden\" name=\"id\" value=\"11\">"
 193          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 194          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 195          ."<tr>";
 196          $row13 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='12'"));
 197          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 198          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS12 . "&nbsp;</td>"
 199          ."<td align=\"left\">" . _DESC12 . "</td>"
 200          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row13[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 201          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 202          ."<input type=\"hidden\" name=\"id\" value=\"12\">"
 203          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 204          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 205          ."<tr>";
 206          $row14 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='13'"));
 207          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 208          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS13 . "&nbsp;</td>"
 209          ."<td align=\"left\">" . _DESC13 . "</td>"
 210          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row14[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 211          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 212          ."<input type=\"hidden\" name=\"id\" value=\"13\">"
 213          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 214          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 215          ."<tr>";
 216          $row15 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='14'"));
 217          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 218          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS14 . "&nbsp;</td>"
 219          ."<td align=\"left\">" . _DESC14 . "</td>"
 220          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row15[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 221          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 222          ."<input type=\"hidden\" name=\"id\" value=\"14\">"
 223          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 224          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 225          ."<tr>";
 226          $row16 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='15'"));
 227          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 228          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS15 . "&nbsp;</td>"
 229          ."<td align=\"left\">" . _DESC15 . "</td>"
 230          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row16[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 231          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 232          ."<input type=\"hidden\" name=\"id\" value=\"15\">"
 233          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 234          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 235          ."<tr>";
 236          $row17 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='16'"));
 237          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 238          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS16 . "&nbsp;</td>"
 239          ."<td align=\"left\">" . _DESC16 . "</td>"
 240          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row17[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 241          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 242          ."<input type=\"hidden\" name=\"id\" value=\"16\">"
 243          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 244          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 245          ."<tr>";
 246          $row18 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='17'"));
 247          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 248          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS17 . "&nbsp;</td>"
 249          ."<td align=\"left\">" . _DESC17 . "</td>"
 250          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row18[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 251          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 252          ."<input type=\"hidden\" name=\"id\" value=\"17\">"
 253          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 254          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 255          ."<tr>";
 256          $row19 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='18'"));
 257          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 258          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS18 . "&nbsp;</td>"
 259          ."<td align=\"left\">" . _DESC18 . "</td>"
 260          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row19[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 261          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 262          ."<input type=\"hidden\" name=\"id\" value=\"18\">"
 263          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 264          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 265          ."<tr>";
 266          $row20 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='19'"));
 267          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 268          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS19 . "&nbsp;</td>"
 269          ."<td align=\"left\">" . _DESC19 . "</td>"
 270          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row20[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 271          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 272          ."<input type=\"hidden\" name=\"id\" value=\"19\">"
 273          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 274          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 275          ."<tr>";
 276          $row21 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='20'"));
 277          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 278          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS20 . "&nbsp;</td>"
 279          ."<td align=\"left\">" . _DESC20 . "</td>"
 280          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row21[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 281          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 282          ."<input type=\"hidden\" name=\"id\" value=\"20\">"
 283          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 284          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>"
 285          ."<tr>";
 286          $row22 = $db->sql_fetchrow($db->sql_query("SELECT points FROM " . $prefix . "_groups_points WHERE id='21'"));
 287          echo "<form action=\"".$admin_file.".php\" method=\"post\">"
 288          ."<td align=\"left\" nowrap>&nbsp;" . _POINTS21 . "&nbsp;</td>"
 289          ."<td align=\"left\">" . _DESC21 . "</td>"
 290          ."<td align=\"center\">&nbsp;<input type=\"text\" value=\"$row22[points]\" size=\"5\" name=\"points\">&nbsp;</td>"
 291          ."<td align=\"center\" nowrap><font class=\"content\">&nbsp;"
 292          ."<input type=\"hidden\" name=\"id\" value=\"21\">"
 293          ."<input type=\"hidden\" name=\"op\" value=\"points_update\">"
 294          ."<input type=\"submit\" value=\"" . _UPDATE . "\"></form>&nbsp;</font></td></tr>";
 295          echo "</table>";
 296          CloseTable();
 297          include ("footer.php");
 298      }
 299  
 300  	function grp_add($name, $description, $points) {
 301          global $prefix, $db, $admin_file;
 302          if (!is_numeric($points) || ereg("-", $points)) {
 303              include ("header.php");
 304              GraphicAdmin();
 305              title("" . _GROUPSADMIN . "");
 306              OpenTable();
 307              echo "<center><b>" . _GROUPADDERROR . "</b><br><br>"
 308              ."" . _NONUMVALUE . "<br><br>"
 309              ."" . _GOBACK . "</center>";
 310              CloseTable();
 311              include ("footer.php");
 312          } else {
 313              $name = filter($name, nohtml, 1);
 314              $description = filter($description, "", 1);
 315              $points = intval($points);
 316              $db->sql_query("INSERT INTO " . $prefix . "_groups VALUES (NULL, '$name', '$description', '$points')");
 317              Header("Location: ".$admin_file.".php?op=Groups");
 318          }
 319      }
 320  
 321  	function grp_edit($id) {
 322          global $prefix, $db, $admin_file;
 323          include ("header.php");
 324          GraphicAdmin();
 325          title("" . _GROUPSADMIN . "");
 326          $id = intval($id);
 327          $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM " . $prefix . "_groups WHERE id='$id'"));
 328          $id = intval($row['id']);
 329          $name = filter($row['name'], nohtml);
 330          $description = filter($row['description']);
 331          $points = intval($row['points']);
 332          OpenTable();
 333          echo "<center><font class=\"option\"><b>" . _EDITGROUP . "</b></font></center><br><br>"
 334          ."<form action=\"".$admin_file.".php\" method=\"post\">"
 335          ."<table border=\"0\" width=\"100%\">"
 336          ."<tr><td>" . _GTITLE . ":</td><td><input type=\"text\" name=\"name\" size=\"50\" maxlength=\"255\" value=\"$name\"></td></tr>"
 337          ."<tr><td>" . _DESCRIPTION . ":</td><td><textarea name=\"description\" cols=\"70\" rows=\"15\">$description</textarea></td></tr>"
 338          ."<tr><td>" . _POINTSNEEDED . ":</td><td><input type=\"text\" name=\"points\" size=\"10\" maxlength=\"20\" value=\"$points\">&nbsp;<i>(" . _ONLYNUMVAL . ")</i></td></tr>"
 339          ."</table><br><br>"
 340          ."<input type=\"hidden\" name=\"id\" value=\"$id\">"
 341          ."<input type=\"hidden\" name=\"op\" value=\"grp_edit_save\">"
 342          ."<input type=\"submit\" value=\"" . _SAVEGROUP . "\"></form>";
 343          CloseTable();
 344          include ("footer.php");
 345      }
 346  
 347  	function grp_edit_save($id, $name, $description, $points) {
 348          global $prefix, $db, $admin_file;
 349          $id = intval($id);
 350          if (!is_numeric($points)) {
 351              include ("header.php");
 352              GraphicAdmin();
 353              title("" . _GROUPSADMIN . "");
 354              OpenTable();
 355              echo "<center><b>" . _GROUPADDERROR . "</b><br><br>"
 356              ."" . _NONUMVALUE . "<br><br>"
 357              ."" . _GOBACK . "</center>";
 358              CloseTable();
 359              include ("footer.php");
 360          } else {
 361              $id = intval($id);
 362              $name = filter($name, nohtml, 1);
 363              $description = filter($description, "", 1);
 364              $points = intval($points);
 365              $db->sql_query("UPDATE " . $prefix . "_groups SET name='$name', description='$description', points='$points' WHERE id='$id'");
 366              Header("Location: ".$admin_file.".php?op=Groups");
 367          }
 368      }
 369  
 370  	function grp_del($id, $ok=0) {
 371          global $prefix, $db, $admin_file;
 372          $id = intval($id);
 373          if ($ok == 0) {
 374              include ("header.php");
 375              GraphicAdmin();
 376              title("" . _GROUPSADMIN . "");
 377              OpenTable();
 378              $row = $db->sql_fetchrow($db->sql_query("SELECT name FROM " . $prefix . "_groups WHERE id='$id'"));
 379              $name = filter($row['name'], nohtml);
 380              echo "<center><b>" . _GROUPDELETE . "</b><br><br>"
 381              ."" . _SUREGRPDEL1 . " <b>$name</b><br><br>"
 382              ."[ <a href=\"".$admin_file.".php?op=grp_del&id=$id&ok=1\">" . _YES . "</a> | <a href=\"".$admin_file.".php?op=Groups\">" . _NO . "</a> ]</center>";
 383              CloseTable();
 384              include ("footer.php");
 385          } else {
 386              $db->sql_query("DELETE FROM " . $prefix . "_groups WHERE id='$id'");
 387              $db->sql_query("UPDATE " . $prefix . "_modules SET mod_group='0' WHERE mod_group='$id'");
 388              Header("Location: ".$admin_file.".php?op=Groups");
 389          }
 390      }
 391  
 392  	function p_update($points, $id) {
 393          global $prefix, $db, $admin_file;
 394          $id = intval($id);
 395          $points = intval($points);
 396          $db->sql_query("UPDATE " . $prefix . "_groups_points SET points='$points' WHERE id='$id'");
 397          Header("Location: ".$admin_file.".php?op=Groups");
 398      }
 399  
 400      switch($op) {
 401  
 402          case "Groups":
 403          Groups();
 404          break;
 405  
 406          case "grp_add":
 407          grp_add($name, $description, $points);
 408          break;
 409  
 410          case "grp_edit":
 411          grp_edit($id);
 412          break;
 413  
 414          case "grp_edit_save":
 415          grp_edit_save($id, $name, $description, $points);
 416          break;
 417  
 418          case "grp_del":
 419          grp_del($id, $ok);
 420          break;
 421  
 422          case "points_update":
 423          p_update($points, $id);
 424          break;
 425  
 426      }
 427  
 428  } else {
 429      echo "Access Denied";
 430  }
 431  
 432  ?>

title

Description

title

Description

title

Description

title

title

Body