167 lines
3.7 KiB
PHP
Executable file
167 lines
3.7 KiB
PHP
Executable file
<?php
|
|
|
|
|
|
function group_add($name) {
|
|
|
|
$ret = false;
|
|
if(x($name)) {
|
|
$r = group_byname($name); // check for dups
|
|
if($r !== false)
|
|
return true;
|
|
$r = q("INSERT INTO `group` ( `name` )
|
|
VALUES( '%s' ) ",
|
|
dbesc($name)
|
|
);
|
|
$ret = $r;
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
|
|
function group_rmv($name) {
|
|
$ret = false;
|
|
if(x($name)) {
|
|
$r = q("SELECT * FROM `group` WHERE `name` = '%s' LIMIT 1",
|
|
dbesc($name)
|
|
);
|
|
if(count($r))
|
|
$group_id = $r[0]['id'];
|
|
if(! $group_id)
|
|
return false;
|
|
|
|
|
|
// Removing a group has broad security implications for posts that were created with this
|
|
// group in their ACL. The posts could suddenly be made visible to somebody who
|
|
// was not authorised to see them before. We can't take the group out of the ACL's
|
|
// because this could inadvertantly make a post public which was restricted.
|
|
|
|
// So we are going to keep the group in place, but hide it so you can't use it any more.
|
|
// All _existing_ post permissions remain intact, you just can't use this group going
|
|
// forward. Since this is a trade-off solution, we should probably document it
|
|
// on the page and suggest that if you want to affect already published posts, you should edit
|
|
// the group membership before "deleting" it.
|
|
|
|
// $r = q("DELETE FROM `group_member` WHERE `gid` = %d ",
|
|
// intval($group_id)
|
|
// );
|
|
|
|
// remove group
|
|
$r = q("UPDATE `group` SET `deleted` = 1 WHERE `name` = '%s' LIMIT 1",
|
|
dbesc($name)
|
|
);
|
|
|
|
$ret = $r;
|
|
|
|
}
|
|
|
|
return $ret;
|
|
}
|
|
|
|
function group_byname($name) {
|
|
if((! strlen($name)))
|
|
return false;
|
|
$r = q("SELECT * FROM `group` WHERE `name` = '%s' LIMIT 1",
|
|
dbesc($name)
|
|
);
|
|
if(count($r))
|
|
return $r[0]['id'];
|
|
return false;
|
|
}
|
|
|
|
function group_rmv_member($name,$member) {
|
|
$gid = group_byname($name);
|
|
if(! $gid)
|
|
return false;
|
|
if(! ($gid && $member))
|
|
return false;
|
|
$r = q("DELETE FROM `group_member` WHERE `gid` = %d AND `contact-id` = %d LIMIT 1 ",
|
|
intval($gid),
|
|
intval($member)
|
|
);
|
|
return $r;
|
|
}
|
|
|
|
|
|
function group_add_member($name,$member) {
|
|
$gid = group_byname($name);
|
|
if((! $gid) || (! $member))
|
|
return false;
|
|
|
|
$r = q("SELECT * FROM `group_member` WHERE `id` = %d AND `contact-id` = %d LIMIT 1",
|
|
intval($gid),
|
|
intval($member)
|
|
);
|
|
if(count($r))
|
|
return true; // You might question this, but
|
|
// we indicate success because the group was in fact created
|
|
// -- It was just created at another time
|
|
if(! count($r))
|
|
$r = q("INSERT INTO `group_member` (`gid`, `contact-id`)
|
|
VALUES( %d, %d ) ",
|
|
intval($gid),
|
|
intval($member)
|
|
);
|
|
return $r;
|
|
}
|
|
|
|
function group_get_members($gid) {
|
|
$ret = array();
|
|
if(intval($gid)) {
|
|
$r = q("SELECT `group_member`.`contact-id`, `contact`.* FROM `group_member`
|
|
LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`
|
|
WHERE `gid` = %d ",
|
|
intval($gid)
|
|
);
|
|
if(count($r))
|
|
$ret = $r;
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
|
|
|
|
function group_side($every="contacts",$each="group") {
|
|
|
|
if(! local_user())
|
|
return;
|
|
|
|
$createtext = t('Create a new group');
|
|
$linktext= t('Everybody');
|
|
|
|
$o .= <<< EOT
|
|
|
|
<div id="group-sidebar">
|
|
<h3>Groups</h3>
|
|
|
|
<div id="sidebar-new-group">
|
|
<a href="group/new">$createtext</a>
|
|
</div>
|
|
|
|
<div id="sidebar-group-list">
|
|
<ul id="sidebar-group-ul">
|
|
<li class="sidebar-group-li" ><a href="$every" >$linktext</a></li>
|
|
|
|
EOT;
|
|
|
|
$r = q("SELECT * FROM `group` WHERE `deleted` = 0 ");
|
|
if(count($r)) {
|
|
foreach($r as $rr)
|
|
$o .= " <li class=\"sidebar-group-li\"><a href=\"$each/{$rr['id']}\">{$rr['name']}</a></li>\r\n";
|
|
}
|
|
$o .= " </ul>\r\n </div>\r\n</div>";
|
|
|
|
return $o;
|
|
}
|
|
|
|
function expand_groups($a) {
|
|
if(! (is_array($a) && count($a)))
|
|
return array();
|
|
$groups = implode(',', $a);
|
|
$groups = dbesc($groups);
|
|
$r = q("SELECT `contact-id` FROM `group_member` WHERE `gid` IN ( $groups )");
|
|
$ret = array();
|
|
if(count($r))
|
|
foreach($r as $rr)
|
|
$ret[] = $rr['contact-id'];
|
|
return $ret;
|
|
}
|