dir/include/group.php

<?php


function group_add($name) {

	$ret = false;
	if(x($name)) {
		$r = group_byname($name); // check for dups
		if($r !== false) 
			return true;
		$r = q("INSERT INTO `group` ( `name` )
			VALUES( '%s' ) ",
			dbesc($name)
		);
		$ret = $r;
	}	
	return $ret;
}


function group_rmv($name) {
	$ret = false;
	if(x($name)) {
		$r = q("SELECT * FROM `group` WHERE `name` = '%s' LIMIT 1",
			dbesc($name)
		);
		if(count($r))
			$group_id = $r[0]['id'];
		if(! $group_id)
			return false;


		// Removing a group has broad security implications for posts that were created with this
		// group in their ACL. The posts could suddenly be made visible to somebody who
		// was not authorised to see them before. We can't take the group out of the ACL's
		// because this could inadvertantly make a post public which was restricted.

		// So we are going to keep the group in place, but hide it so you can't use it any more.
		// All _existing_ post permissions remain intact, you just can't use this group going
		// forward. Since this is a trade-off solution, we should probably document it
		// on the page and suggest that if you want to affect already published posts, you should edit 
		// the group membership before "deleting" it.

//		$r = q("DELETE FROM `group_member` WHERE `gid` = %d ",
//			intval($group_id)
//		);

		// remove group
		$r = q("UPDATE `group` SET `deleted` = 1 WHERE `name` = '%s' LIMIT 1",
			dbesc($name)
		);

		$ret = $r;

	}

	return $ret;
}

function group_byname($name) {
	if((! strlen($name)))
		return false;
	$r = q("SELECT * FROM `group` WHERE `name` = '%s' LIMIT 1",
		dbesc($name)
	);
	if(count($r))
		return $r[0]['id'];
	return false;
}

function group_rmv_member($name,$member) {
	$gid = group_byname($name);
	if(! $gid)
		return false;
	if(! ($gid && $member))
		return false;
	$r = q("DELETE FROM `group_member` WHERE `gid` = %d AND `contact-id` = %d LIMIT 1 ",
		intval($gid),
		intval($member)
	);
	return $r;
}


function group_add_member($name,$member) {
	$gid = group_byname($name);
	if((! $gid) || (! $member))
		return false;

	$r = q("SELECT * FROM `group_member` WHERE `id` = %d AND `contact-id` = %d LIMIT 1",	
		intval($gid),
		intval($member)
	);
	if(count($r))
		return true;	// You might question this, but 
				// we indicate success because the group was in fact created
				// -- It was just created at another time
 	if(! count($r))
		$r = q("INSERT INTO `group_member` (`gid`, `contact-id`)
			VALUES( %d, %d ) ",
			intval($gid),
			intval($member)
	);
	return $r;
}

function group_get_members($gid) {
	$ret = array();
	if(intval($gid)) {
		$r = q("SELECT `group_member`.`contact-id`, `contact`.* FROM `group_member` 
			LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id` 
			WHERE `gid` = %d ",
			intval($gid)
		);
		if(count($r))
			$ret = $r;
	}
	return $ret;
}



function group_side($every="contacts",$each="group") {

	if(! local_user())
		return;

$createtext = t('Create a new group');
$linktext= t('Everybody');

$o .= <<< EOT

<div id="group-sidebar">
<h3>Groups</h3>

<div id="sidebar-new-group">
<a href="group/new">$createtext</a>
</div>

<div id="sidebar-group-list">
	<ul id="sidebar-group-ul">
	<li class="sidebar-group-li" ><a href="$every" >$linktext</a></li>

EOT;

	$r = q("SELECT * FROM `group` WHERE `deleted` = 0 ");
	if(count($r)) {
		foreach($r as $rr)
			$o .= "	<li class=\"sidebar-group-li\"><a href=\"$each/{$rr['id']}\">{$rr['name']}</a></li>\r\n";
	}
	$o .= "	</ul>\r\n	</div>\r\n</div>";	

	return $o;
}

function expand_groups($a) {
	if(! (is_array($a) && count($a)))
		return array();
	$groups = implode(',', $a);
	$groups = dbesc($groups);
	$r = q("SELECT `contact-id` FROM `group_member` WHERE `gid` IN ( $groups )");
	$ret = array();
	if(count($r))
		foreach($r as $rr)
			$ret[] = $rr['contact-id'];
	return $ret;
}