plugins/admin/PageGroups.php
changeset 1227 bdac73ed481e
parent 1081 745200a9cc2a
equal deleted inserted replaced
1226:de56132c008d 1227:bdac73ed481e
    11  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
    11  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
    12  */
    12  */
    13 
    13 
    14 function page_Admin_PageGroups()
    14 function page_Admin_PageGroups()
    15 {
    15 {
    16   global $db, $session, $paths, $template, $plugins; // Common objects
    16 	global $db, $session, $paths, $template, $plugins; // Common objects
    17   global $lang;
    17 	global $lang;
    18   if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
    18 	if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN )
    19   {
    19 	{
    20     $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
    20 		$login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true);
    21     echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
    21 		echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>';
    22     echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
    22 		echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>';
    23     return;
    23 		return;
    24   }
    24 	}
    25   
    25 	
    26   if ( isset($_POST['action']) )
    26 	if ( isset($_POST['action']) )
    27   {
    27 	{
    28     if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )
    28 		if ( isset($_POST['action']['create']) || isset($_POST['action']['create_stage2']) )
    29     {
    29 		{
    30       switch ( isset($_POST['action']['create_stage2']) )
    30 			switch ( isset($_POST['action']['create_stage2']) )
    31       {
    31 			{
    32         case true:
    32 				case true:
    33           if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )
    33 					if ( empty($_POST['pg_name']) || empty($_POST['group_type']) )
    34           {
    34 					{
    35             echo '<div class="error-box">' . $lang->get('acppg_err_need_name') . '</div>';
    35 						echo '<div class="error-box">' . $lang->get('acppg_err_need_name') . '</div>';
    36             return;
    36 						return;
    37           }
    37 					}
    38           if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )
    38 					if ( $_POST['group_type'] == PAGE_GRP_TAGGED && empty($_POST['member_tag']) )
    39           {
    39 					{
    40             echo '<div class="error-box">' . $lang->get('acppg_err_need_tag') . '</div>';
    40 						echo '<div class="error-box">' . $lang->get('acppg_err_need_tag') . '</div>';
    41             return;
    41 						return;
    42           }
    42 					}
    43           if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )
    43 					if ( $_POST['group_type'] == PAGE_GRP_CATLINK && empty($_POST['member_cat']) )
    44           {
    44 					{
    45             echo '<div class="error-box">' . $lang->get('acppg_err_need_cat') . '</div>';
    45 						echo '<div class="error-box">' . $lang->get('acppg_err_need_cat') . '</div>';
    46             return;
    46 						return;
    47           }
    47 					}
    48           if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )
    48 					if ( $_POST['group_type'] == PAGE_GRP_NORMAL && empty($_POST['member_page_0']) )
    49           {
    49 					{
    50             echo '<div class="error-box">' . $lang->get('acppg_err_need_page') . '</div>';
    50 						echo '<div class="error-box">' . $lang->get('acppg_err_need_page') . '</div>';
    51             return;
    51 						return;
    52           }
    52 					}
    53           if ( $_POST['group_type'] == PAGE_GRP_REGEX && empty($_POST['regex']) )
    53 					if ( $_POST['group_type'] == PAGE_GRP_REGEX && empty($_POST['regex']) )
    54           {
    54 					{
    55             echo '<div class="error-box">' . $lang->get('acppg_err_need_regex') . '</div>';
    55 						echo '<div class="error-box">' . $lang->get('acppg_err_need_regex') . '</div>';
    56             return;
    56 						return;
    57           }
    57 					}
    58           if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL && $_POST['group_type'] != PAGE_GRP_REGEX )
    58 					if ( $_POST['group_type'] != PAGE_GRP_TAGGED && $_POST['group_type'] != PAGE_GRP_CATLINK && $_POST['group_type'] != PAGE_GRP_NORMAL && $_POST['group_type'] != PAGE_GRP_REGEX )
    59           {
    59 					{
    60             echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';
    60 						echo '<div class="error-box">Umm, you sent an invalid group type. I\'d put a real error message here but this will only be shown if you try to hack the system.</div>';
    61             return;
    61 						return;
    62           }
    62 					}
    63           // All checks passed, create the group
    63 					// All checks passed, create the group
    64           switch($_POST['group_type'])
    64 					switch($_POST['group_type'])
    65           {
    65 					{
    66             case PAGE_GRP_TAGGED:
    66 						case PAGE_GRP_TAGGED:
    67               $name = $db->escape($_POST['pg_name']);
    67 							$name = $db->escape($_POST['pg_name']);
    68               $tag  = $db->escape($_POST['member_tag']);
    68 							$tag  = $db->escape($_POST['member_tag']);
    69               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';
    69 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_TAGGED . ', \'' . $name . '\', \'' . $tag . '\');';
    70               $q = $db->sql_query($sql);
    70 							$q = $db->sql_query($sql);
    71               if ( !$q )
    71 							if ( !$q )
    72                 $db->_die();
    72 								$db->_die();
    73               break;
    73 							break;
    74             case PAGE_GRP_CATLINK:
    74 						case PAGE_GRP_CATLINK:
    75               $name = $db->escape($_POST['pg_name']);
    75 							$name = $db->escape($_POST['pg_name']);
    76               $cat  = $db->escape($_POST['member_cat']);
    76 							$cat  = $db->escape($_POST['member_cat']);
    77               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';
    77 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_CATLINK . ', \'' . $name . '\', \'' . $cat . '\');';
    78               $q = $db->sql_query($sql);
    78 							$q = $db->sql_query($sql);
    79               if ( !$q )
    79 							if ( !$q )
    80                 $db->_die();
    80 								$db->_die();
    81               break;
    81 							break;
    82             case PAGE_GRP_NORMAL:
    82 						case PAGE_GRP_NORMAL:
    83               $name = $db->escape($_POST['pg_name']);
    83 							$name = $db->escape($_POST['pg_name']);
    84               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';
    84 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name) VALUES(' . PAGE_GRP_NORMAL . ', \'' . $name . '\');';
    85               $q = $db->sql_query($sql);
    85 							$q = $db->sql_query($sql);
    86               if ( !$q )
    86 							if ( !$q )
    87                 $db->_die();
    87 								$db->_die();
    88               
    88 							
    89               $ins_id = $db->insert_id();
    89 							$ins_id = $db->insert_id();
    90               
    90 							
    91               // Page list
    91 							// Page list
    92               $keys = array_keys($_POST);
    92 							$keys = array_keys($_POST);
    93               $arr_pages = array();
    93 							$arr_pages = array();
    94               foreach ( $keys as $val )
    94 							foreach ( $keys as $val )
    95               {
    95 							{
    96                 if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )
    96 								if ( preg_match('/^member_page_([0-9]+?)$/', $val) && !empty($_POST[$val]) && isPage($_POST[$val]) )
    97                 {
    97 								{
    98                   $arr_pages[] = $_POST[$val];
    98 									$arr_pages[] = $_POST[$val];
    99                 }
    99 								}
   100               }
   100 							}
   101               $arr_sql = array();
   101 							$arr_sql = array();
   102               foreach ( $arr_pages as $page )
   102 							foreach ( $arr_pages as $page )
   103               {
   103 							{
   104                 list($id, $ns) = RenderMan::strToPageID($page);
   104 								list($id, $ns) = RenderMan::strToPageID($page);
   105                 $id = sanitize_page_id($id);
   105 								$id = sanitize_page_id($id);
   106                 $arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';
   106 								$arr_sql[] = '(' . $ins_id . ',\'' . $db->escape($id) . '\', \'' . $ns . '\')';
   107               }
   107 							}
   108               $sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';
   108 							$sql = 'INSERT INTO '.table_prefix.'page_group_members(pg_id,page_id,namespace) VALUES' . implode(',', $arr_sql) . ';';
   109               $q = $db->sql_query($sql);
   109 							$q = $db->sql_query($sql);
   110               if ( !$q )
   110 							if ( !$q )
   111                 $db->_die();
   111 								$db->_die();
   112               break;
   112 							break;
   113             case PAGE_GRP_REGEX:
   113 						case PAGE_GRP_REGEX:
   114               $name  = $db->escape($_POST['pg_name']);
   114 							$name  = $db->escape($_POST['pg_name']);
   115               $regex = $db->escape($_POST['regex']);
   115 							$regex = $db->escape($_POST['regex']);
   116               $sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_REGEX . ', \'' . $name . '\', \'' . $regex . '\');';
   116 							$sql = 'INSERT INTO '.table_prefix.'page_groups(pg_type,pg_name,pg_target) VALUES(' . PAGE_GRP_REGEX . ', \'' . $name . '\', \'' . $regex . '\');';
   117               $q = $db->sql_query($sql);
   117 							$q = $db->sql_query($sql);
   118               if ( !$q )
   118 							if ( !$q )
   119                 $db->_die();
   119 								$db->_die();
   120               break;
   120 							break;
   121           }
   121 					}
   122           echo '<div class="info-box">' . $lang->get('acppg_msg_create_success', array('group_name' => htmlspecialchars($_POST['pg_name']))) . '</div>';
   122 					echo '<div class="info-box">' . $lang->get('acppg_msg_create_success', array('group_name' => htmlspecialchars($_POST['pg_name']))) . '</div>';
   123           break;
   123 					break;
   124       }
   124 			}
   125       // A little Javascript magic
   125 			// A little Javascript magic
   126       ?>
   126 			?>
   127       <script language="javascript" type="text/javascript">
   127 			<script language="javascript" type="text/javascript">
   128         function pg_create_typeset(selector)
   128 				function pg_create_typeset(selector)
   129         {
   129 				{
   130           var pg_normal  = <?php echo PAGE_GRP_NORMAL; ?>;
   130 					var pg_normal  = <?php echo PAGE_GRP_NORMAL; ?>;
   131           var pg_tagged  = <?php echo PAGE_GRP_TAGGED; ?>;
   131 					var pg_tagged  = <?php echo PAGE_GRP_TAGGED; ?>;
   132           var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;
   132 					var pg_catlink = <?php echo PAGE_GRP_CATLINK; ?>;
   133           var pg_regex   = <?php echo PAGE_GRP_REGEX; ?>;
   133 					var pg_regex   = <?php echo PAGE_GRP_REGEX; ?>;
   134           var selection = false;
   134 					var selection = false;
   135           // Get selection
   135 					// Get selection
   136           for ( var i = 0; i < selector.childNodes.length; i++ )
   136 					for ( var i = 0; i < selector.childNodes.length; i++ )
   137           {
   137 					{
   138             var child = selector.childNodes[i];
   138 						var child = selector.childNodes[i];
   139             if ( !child || child.tagName != 'OPTION' )
   139 						if ( !child || child.tagName != 'OPTION' )
   140             {
   140 						{
   141               continue;
   141 							continue;
   142             }
   142 						}
   143             if ( child.selected )
   143 						if ( child.selected )
   144             {
   144 						{
   145               selection = child.value;
   145 							selection = child.value;
   146             }
   146 						}
   147           }
   147 					}
   148           if ( !selection )
   148 					if ( !selection )
   149           {
   149 					{
   150             alert('Cannot get field value');
   150 						alert('Cannot get field value');
   151             return true;
   151 						return true;
   152           }
   152 					}
   153           selection = parseInt(selection);
   153 					selection = parseInt(selection);
   154           if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink && selection != pg_regex )
   154 					if ( selection != pg_normal && selection != pg_tagged && selection != pg_catlink && selection != pg_regex )
   155           {
   155 					{
   156             alert('Invalid field value');
   156 						alert('Invalid field value');
   157             return true;
   157 						return true;
   158           }
   158 					}
   159           
   159 					
   160           // We have the selection and it's validated; show the appropriate field group
   160 					// We have the selection and it's validated; show the appropriate field group
   161           
   161 					
   162           if ( selection == pg_normal )
   162 					if ( selection == pg_normal )
   163           {
   163 					{
   164             document.getElementById('pg_create_title_catlink').style.display = 'none';
   164 						document.getElementById('pg_create_title_catlink').style.display = 'none';
   165             document.getElementById('pg_create_catlink_1').style.display = 'none';
   165 						document.getElementById('pg_create_catlink_1').style.display = 'none';
   166             document.getElementById('pg_create_catlink_2').style.display = 'none';
   166 						document.getElementById('pg_create_catlink_2').style.display = 'none';
   167             
   167 						
   168             document.getElementById('pg_create_title_tagged').style.display = 'none';
   168 						document.getElementById('pg_create_title_tagged').style.display = 'none';
   169             document.getElementById('pg_create_tagged_1').style.display = 'none';
   169 						document.getElementById('pg_create_tagged_1').style.display = 'none';
   170             document.getElementById('pg_create_tagged_2').style.display = 'none';
   170 						document.getElementById('pg_create_tagged_2').style.display = 'none';
   171             
   171 						
   172             document.getElementById('pg_create_title_normal').style.display = 'inline';
   172 						document.getElementById('pg_create_title_normal').style.display = 'inline';
   173             document.getElementById('pg_create_normal_1').style.display = 'block';
   173 						document.getElementById('pg_create_normal_1').style.display = 'block';
   174             document.getElementById('pg_create_normal_2').style.display = 'block';
   174 						document.getElementById('pg_create_normal_2').style.display = 'block';
   175             
   175 						
   176             document.getElementById('pg_create_title_regex').style.display = 'none';
   176 						document.getElementById('pg_create_title_regex').style.display = 'none';
   177             document.getElementById('pg_create_regex_1').style.display = 'none';
   177 						document.getElementById('pg_create_regex_1').style.display = 'none';
   178             document.getElementById('pg_create_regex_2').style.display = 'none';
   178 						document.getElementById('pg_create_regex_2').style.display = 'none';
   179           }
   179 					}
   180           else if ( selection == pg_catlink )
   180 					else if ( selection == pg_catlink )
   181           {
   181 					{
   182             document.getElementById('pg_create_title_catlink').style.display = 'inline';
   182 						document.getElementById('pg_create_title_catlink').style.display = 'inline';
   183             document.getElementById('pg_create_catlink_1').style.display = 'block';
   183 						document.getElementById('pg_create_catlink_1').style.display = 'block';
   184             document.getElementById('pg_create_catlink_2').style.display = 'block';
   184 						document.getElementById('pg_create_catlink_2').style.display = 'block';
   185             
   185 						
   186             document.getElementById('pg_create_title_tagged').style.display = 'none';
   186 						document.getElementById('pg_create_title_tagged').style.display = 'none';
   187             document.getElementById('pg_create_tagged_1').style.display = 'none';
   187 						document.getElementById('pg_create_tagged_1').style.display = 'none';
   188             document.getElementById('pg_create_tagged_2').style.display = 'none';
   188 						document.getElementById('pg_create_tagged_2').style.display = 'none';
   189             
   189 						
   190             document.getElementById('pg_create_title_normal').style.display = 'none';
   190 						document.getElementById('pg_create_title_normal').style.display = 'none';
   191             document.getElementById('pg_create_normal_1').style.display = 'none';
   191 						document.getElementById('pg_create_normal_1').style.display = 'none';
   192             document.getElementById('pg_create_normal_2').style.display = 'none';
   192 						document.getElementById('pg_create_normal_2').style.display = 'none';
   193             
   193 						
   194             document.getElementById('pg_create_title_regex').style.display = 'none';
   194 						document.getElementById('pg_create_title_regex').style.display = 'none';
   195             document.getElementById('pg_create_regex_1').style.display = 'none';
   195 						document.getElementById('pg_create_regex_1').style.display = 'none';
   196             document.getElementById('pg_create_regex_2').style.display = 'none';
   196 						document.getElementById('pg_create_regex_2').style.display = 'none';
   197           }
   197 					}
   198           else if ( selection == pg_tagged )
   198 					else if ( selection == pg_tagged )
   199           {
   199 					{
   200             document.getElementById('pg_create_title_catlink').style.display = 'none';
   200 						document.getElementById('pg_create_title_catlink').style.display = 'none';
   201             document.getElementById('pg_create_catlink_1').style.display = 'none';
   201 						document.getElementById('pg_create_catlink_1').style.display = 'none';
   202             document.getElementById('pg_create_catlink_2').style.display = 'none';
   202 						document.getElementById('pg_create_catlink_2').style.display = 'none';
   203             
   203 						
   204             document.getElementById('pg_create_title_tagged').style.display = 'inline';
   204 						document.getElementById('pg_create_title_tagged').style.display = 'inline';
   205             document.getElementById('pg_create_tagged_1').style.display = 'block';
   205 						document.getElementById('pg_create_tagged_1').style.display = 'block';
   206             document.getElementById('pg_create_tagged_2').style.display = 'block';
   206 						document.getElementById('pg_create_tagged_2').style.display = 'block';
   207             
   207 						
   208             document.getElementById('pg_create_title_normal').style.display = 'none';
   208 						document.getElementById('pg_create_title_normal').style.display = 'none';
   209             document.getElementById('pg_create_normal_1').style.display = 'none';
   209 						document.getElementById('pg_create_normal_1').style.display = 'none';
   210             document.getElementById('pg_create_normal_2').style.display = 'none';
   210 						document.getElementById('pg_create_normal_2').style.display = 'none';
   211             
   211 						
   212             document.getElementById('pg_create_title_regex').style.display = 'none';
   212 						document.getElementById('pg_create_title_regex').style.display = 'none';
   213             document.getElementById('pg_create_regex_1').style.display = 'none';
   213 						document.getElementById('pg_create_regex_1').style.display = 'none';
   214             document.getElementById('pg_create_regex_2').style.display = 'none';
   214 						document.getElementById('pg_create_regex_2').style.display = 'none';
   215           }
   215 					}
   216           else if ( selection == pg_regex )
   216 					else if ( selection == pg_regex )
   217           {
   217 					{
   218             document.getElementById('pg_create_title_catlink').style.display = 'none';
   218 						document.getElementById('pg_create_title_catlink').style.display = 'none';
   219             document.getElementById('pg_create_catlink_1').style.display = 'none';
   219 						document.getElementById('pg_create_catlink_1').style.display = 'none';
   220             document.getElementById('pg_create_catlink_2').style.display = 'none';
   220 						document.getElementById('pg_create_catlink_2').style.display = 'none';
   221             
   221 						
   222             document.getElementById('pg_create_title_tagged').style.display = 'none';
   222 						document.getElementById('pg_create_title_tagged').style.display = 'none';
   223             document.getElementById('pg_create_tagged_1').style.display = 'none';
   223 						document.getElementById('pg_create_tagged_1').style.display = 'none';
   224             document.getElementById('pg_create_tagged_2').style.display = 'none';
   224 						document.getElementById('pg_create_tagged_2').style.display = 'none';
   225             
   225 						
   226             document.getElementById('pg_create_title_normal').style.display = 'none';
   226 						document.getElementById('pg_create_title_normal').style.display = 'none';
   227             document.getElementById('pg_create_normal_1').style.display = 'none';
   227 						document.getElementById('pg_create_normal_1').style.display = 'none';
   228             document.getElementById('pg_create_normal_2').style.display = 'none';
   228 						document.getElementById('pg_create_normal_2').style.display = 'none';
   229             
   229 						
   230             document.getElementById('pg_create_title_regex').style.display = 'inline';
   230 						document.getElementById('pg_create_title_regex').style.display = 'inline';
   231             document.getElementById('pg_create_regex_1').style.display = 'block';
   231 						document.getElementById('pg_create_regex_1').style.display = 'block';
   232             document.getElementById('pg_create_regex_2').style.display = 'block';
   232 						document.getElementById('pg_create_regex_2').style.display = 'block';
   233           }
   233 					}
   234         
   234 				
   235         }
   235 				}
   236         
   236 				
   237         // Set to pg_normal on page load
   237 				// Set to pg_normal on page load
   238         var pg_createform_init = function()
   238 				var pg_createform_init = function()
   239         {
   239 				{
   240           document.getElementById('pg_create_title_catlink').style.display = 'none';
   240 					document.getElementById('pg_create_title_catlink').style.display = 'none';
   241           document.getElementById('pg_create_catlink_1').style.display = 'none';
   241 					document.getElementById('pg_create_catlink_1').style.display = 'none';
   242           document.getElementById('pg_create_catlink_2').style.display = 'none';
   242 					document.getElementById('pg_create_catlink_2').style.display = 'none';
   243           
   243 					
   244           document.getElementById('pg_create_title_tagged').style.display = 'none';
   244 					document.getElementById('pg_create_title_tagged').style.display = 'none';
   245           document.getElementById('pg_create_tagged_1').style.display = 'none';
   245 					document.getElementById('pg_create_tagged_1').style.display = 'none';
   246           document.getElementById('pg_create_tagged_2').style.display = 'none';
   246 					document.getElementById('pg_create_tagged_2').style.display = 'none';
   247           
   247 					
   248           document.getElementById('pg_create_title_regex').style.display = 'none';
   248 					document.getElementById('pg_create_title_regex').style.display = 'none';
   249           document.getElementById('pg_create_regex_1').style.display = 'none';
   249 					document.getElementById('pg_create_regex_1').style.display = 'none';
   250           document.getElementById('pg_create_regex_2').style.display = 'none';
   250 					document.getElementById('pg_create_regex_2').style.display = 'none';
   251           
   251 					
   252           document.getElementById('pg_create_title_normal').style.display = 'inline';
   252 					document.getElementById('pg_create_title_normal').style.display = 'inline';
   253           document.getElementById('pg_create_normal_1').style.display = 'block';
   253 					document.getElementById('pg_create_normal_1').style.display = 'block';
   254           document.getElementById('pg_create_normal_2').style.display = 'block';
   254 					document.getElementById('pg_create_normal_2').style.display = 'block';
   255         }
   255 				}
   256         
   256 				
   257         function pg_create_more_fields()
   257 				function pg_create_more_fields()
   258         {
   258 				{
   259           var targettd = document.getElementById('pg_create_normal_2');
   259 					var targettd = document.getElementById('pg_create_normal_2');
   260           var id = 0;
   260 					var id = 0;
   261           for ( var i = 0; i < targettd.childNodes.length; i++ )
   261 					for ( var i = 0; i < targettd.childNodes.length; i++ )
   262           {
   262 					{
   263             var child = targettd.childNodes[i];
   263 						var child = targettd.childNodes[i];
   264             if ( child.tagName == 'INPUT' )
   264 						if ( child.tagName == 'INPUT' )
   265             {
   265 						{
   266               if ( child.type == 'button' )
   266 							if ( child.type == 'button' )
   267               {
   267 							{
   268                 var newInp = document.createElement('input');
   268 								var newInp = document.createElement('input');
   269                 // <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
   269 								// <input type="text" name="member_page_1" id="pg_create_member_1" onkeyup="return ajaxPageNameComplete(this);" size="30" /><br />
   270                 newInp.type    = 'text';
   270 								newInp.type    = 'text';
   271                 newInp.name    = 'member_page_' + id;
   271 								newInp.name    = 'member_page_' + id;
   272                 newInp.id      = 'pg_create_member_' + id;
   272 								newInp.id      = 'pg_create_member_' + id;
   273                 newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };
   273 								newInp.onkeyup = function(e) { return ajaxPageNameComplete(this); };
   274                 newInp.size    = '30';
   274 								newInp.size    = '30';
   275                 newInp.style.marginTop = '3px';
   275 								newInp.style.marginTop = '3px';
   276                 targettd.insertBefore(newInp, child);
   276 								targettd.insertBefore(newInp, child);
   277                 targettd.insertBefore(document.createElement('br'), child);
   277 								targettd.insertBefore(document.createElement('br'), child);
   278                 break;
   278 								break;
   279               }
   279 							}
   280               else // if ( child.type == 'text' )
   280 							else // if ( child.type == 'text' )
   281               {
   281 							{
   282                 id++;
   282 								id++;
   283               }
   283 							}
   284             }
   284 						}
   285           }
   285 					}
   286         }
   286 				}
   287         
   287 				
   288       </script>
   288 			</script>
   289       <?php
   289 			<?php
   290       
   290 			
   291       // Build category list
   291 			// Build category list
   292       $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
   292 			$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
   293       if ( !$q )
   293 			if ( !$q )
   294         $db->_die();
   294 				$db->_die();
   295       
   295 			
   296       if ( $db->numrows() < 1 )
   296 			if ( $db->numrows() < 1 )
   297       {
   297 			{
   298         $catlist = $lang->get('acppg_err_no_cats');
   298 				$catlist = $lang->get('acppg_err_no_cats');
   299       }
   299 			}
   300       else
   300 			else
   301       {
   301 			{
   302         $catlist = '<select name="member_cat">';
   302 				$catlist = '<select name="member_cat">';
   303         while ( $row = $db->fetchrow() )
   303 				while ( $row = $db->fetchrow() )
   304         {
   304 				{
   305           $catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';
   305 					$catlist .= '<option value="' . htmlspecialchars($row['urlname']) . '">' . htmlspecialchars($row['name']) . '</option>';
   306         }
   306 				}
   307         $catlist .= '</select>';
   307 				$catlist .= '</select>';
   308       }
   308 			}
   309       
   309 			
   310       echo '<script type="text/javascript">
   310 			echo '<script type="text/javascript">
   311               var __pg_edit_submitAuthorized = true;
   311 							var __pg_edit_submitAuthorized = true;
   312             </script>';
   312 						</script>';
   313       
   313 			
   314       echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';
   314 			echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized || !__pg_edit_submitAuthorized) return false;" enctype="multipart/form-data">';
   315       
   315 			
   316       echo '<div class="tblholder">
   316 			echo '<div class="tblholder">
   317             <table border="0" cellspacing="1" cellpadding="4">
   317 						<table border="0" cellspacing="1" cellpadding="4">
   318               <tr>
   318 							<tr>
   319               <th colspan="2">' . $lang->get('acppg_th_create') . '</th>
   319 							<th colspan="2">' . $lang->get('acppg_th_create') . '</th>
   320               </tr>';
   320 							</tr>';
   321       
   321 			
   322       // Name
   322 			// Name
   323       echo '<tr>
   323 			echo '<tr>
   324               <td class="row2">
   324 							<td class="row2">
   325               ' . $lang->get('acppg_field_group_name') . '<br />
   325 							' . $lang->get('acppg_field_group_name') . '<br />
   326               <small>' . $lang->get('acppg_field_group_name_hint') . '</small>
   326 							<small>' . $lang->get('acppg_field_group_name_hint') . '</small>
   327               </td>
   327 							</td>
   328               <td class="row1">
   328 							<td class="row1">
   329               <input type="text" name="pg_name" size="30" />
   329 							<input type="text" name="pg_name" size="30" />
   330               </td>
   330 							</td>
   331             </tr>';
   331 						</tr>';
   332             
   332 						
   333       // Group type
   333 			// Group type
   334       echo '<tr>
   334 			echo '<tr>
   335               <td class="row2">
   335 							<td class="row2">
   336               ' . $lang->get('acppg_field_group_type') . '
   336 							' . $lang->get('acppg_field_group_type') . '
   337               </td>
   337 							</td>
   338               <td class="row1">
   338 							<td class="row1">
   339               <select name="group_type" onchange="pg_create_typeset(this);">
   339 							<select name="group_type" onchange="pg_create_typeset(this);">
   340                 <option value="' . PAGE_GRP_NORMAL  . '" selected="selected">' . $lang->get('acppg_gtype_static') . '</option>
   340 								<option value="' . PAGE_GRP_NORMAL  . '" selected="selected">' . $lang->get('acppg_gtype_static') . '</option>
   341                 <option value="' . PAGE_GRP_TAGGED  . '">' . $lang->get('acppg_gtype_tagged') . '</option>
   341 								<option value="' . PAGE_GRP_TAGGED  . '">' . $lang->get('acppg_gtype_tagged') . '</option>
   342                 <option value="' . PAGE_GRP_CATLINK . '">' . $lang->get('acppg_gtype_catlink') . '</option>
   342 								<option value="' . PAGE_GRP_CATLINK . '">' . $lang->get('acppg_gtype_catlink') . '</option>
   343                 <option value="' . PAGE_GRP_REGEX   . '">' . $lang->get('acppg_gtype_regex_long') . '</option>
   343 								<option value="' . PAGE_GRP_REGEX   . '">' . $lang->get('acppg_gtype_regex_long') . '</option>
   344               </select>
   344 							</select>
   345               </td>
   345 							</td>
   346             </tr>';
   346 						</tr>';
   347             
   347 						
   348       // Titles
   348 			// Titles
   349       echo '<tr>
   349 			echo '<tr>
   350               <th colspan="2">
   350 							<th colspan="2">
   351                 <span id="pg_create_title_normal">
   351 								<span id="pg_create_title_normal">
   352                   ' . $lang->get('acppg_gtype_static') . '
   352 									' . $lang->get('acppg_gtype_static') . '
   353                 </span>
   353 								</span>
   354                 <span id="pg_create_title_tagged">
   354 								<span id="pg_create_title_tagged">
   355                   ' . $lang->get('acppg_gtype_tagged') . '
   355 									' . $lang->get('acppg_gtype_tagged') . '
   356                 </span>
   356 								</span>
   357                 <span id="pg_create_title_catlink">
   357 								<span id="pg_create_title_catlink">
   358                   ' . $lang->get('acppg_gtype_catlink') . '
   358 									' . $lang->get('acppg_gtype_catlink') . '
   359                 </span>
   359 								</span>
   360                 <span id="pg_create_title_regex">
   360 								<span id="pg_create_title_regex">
   361                   ' . $lang->get('acppg_gtype_regex') . '
   361 									' . $lang->get('acppg_gtype_regex') . '
   362                 </span>
   362 								</span>
   363               </th>
   363 							</th>
   364             </tr>';
   364 						</tr>';
   365       
   365 			
   366       echo '<tr>
   366 			echo '<tr>
   367               <td class="row2">
   367 							<td class="row2">
   368                 <div id="pg_create_normal_1">
   368 								<div id="pg_create_normal_1">
   369                   ' . $lang->get('acppg_field_member_pages') . '<br />
   369 									' . $lang->get('acppg_field_member_pages') . '<br />
   370                   <small>' . $lang->get('acppg_field_member_pages_hint') . '</small>
   370 									<small>' . $lang->get('acppg_field_member_pages_hint') . '</small>
   371                 </div>
   371 								</div>
   372                 <div id="pg_create_catlink_1">
   372 								<div id="pg_create_catlink_1">
   373                   ' . $lang->get('acppg_field_target_category') . '<br />
   373 									' . $lang->get('acppg_field_target_category') . '<br />
   374                   <small>' . $lang->get('acppg_field_target_category_hint') . '</small>
   374 									<small>' . $lang->get('acppg_field_target_category_hint') . '</small>
   375                 </div>
   375 								</div>
   376                 <div id="pg_create_tagged_1">
   376 								<div id="pg_create_tagged_1">
   377                   ' . $lang->get('acppg_field_target_tag') . '
   377 									' . $lang->get('acppg_field_target_tag') . '
   378                 </div>
   378 								</div>
   379                 <div id="pg_create_regex_1">
   379 								<div id="pg_create_regex_1">
   380                   ' . $lang->get('acppg_field_target_regex') . '<br />
   380 									' . $lang->get('acppg_field_target_regex') . '<br />
   381                   <small>' . $lang->get('acppg_field_target_regex_hint') . '</small>
   381 									<small>' . $lang->get('acppg_field_target_regex_hint') . '</small>
   382               </td>';
   382 							</td>';
   383             
   383 						
   384       echo '  <td class="row1">
   384 			echo '  <td class="row1">
   385                 <div id="pg_create_normal_2" />
   385 								<div id="pg_create_normal_2" />
   386                   <input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" class="autofill page" size="30" /><br />
   386 									<input type="text" style="margin-top: 3px;" name="member_page_0" id="pg_create_member_0" class="autofill page" size="30" /><br />
   387                   <input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" class="autofill page" size="30" /><br />
   387 									<input type="text" style="margin-top: 3px;" name="member_page_1" id="pg_create_member_1" class="autofill page" size="30" /><br />
   388                   <input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" class="autofill page" size="30" /><br />
   388 									<input type="text" style="margin-top: 3px;" name="member_page_2" id="pg_create_member_2" class="autofill page" size="30" /><br />
   389                   <input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" class="autofill page" size="30" /><br />
   389 									<input type="text" style="margin-top: 3px;" name="member_page_3" id="pg_create_member_3" class="autofill page" size="30" /><br />
   390                   <input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" class="autofill page" size="30" /><br />
   390 									<input type="text" style="margin-top: 3px;" name="member_page_4" id="pg_create_member_4" class="autofill page" size="30" /><br />
   391                   <input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value="&nbsp;&nbsp;+&nbsp;&nbsp;" />
   391 									<input type="button" onclick="pg_create_more_fields(); return false;" style="margin-top: 5px;" value="&nbsp;&nbsp;+&nbsp;&nbsp;" />
   392                 </div>
   392 								</div>
   393                 <div id="pg_create_tagged_2">
   393 								<div id="pg_create_tagged_2">
   394                   <input type="text" name="member_tag" size="30" />
   394 									<input type="text" name="member_tag" size="30" />
   395                 </div>
   395 								</div>
   396                 <div id="pg_create_catlink_2">
   396 								<div id="pg_create_catlink_2">
   397                   ' . $catlist . '
   397 									' . $catlist . '
   398                 </div>
   398 								</div>
   399                 <div id="pg_create_regex_2">
   399 								<div id="pg_create_regex_2">
   400                   <input type="text" name="regex" size="60" /> 
   400 									<input type="text" name="regex" size="60" /> 
   401                 </div>
   401 								</div>
   402               </td>
   402 							</td>
   403             </tr>';
   403 						</tr>';
   404             
   404 						
   405       // Submit button
   405 			// Submit button
   406       echo '<tr>
   406 			echo '<tr>
   407               <th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="' . $lang->get('acppg_btn_create_finish') . '" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" /></th>
   407 							<th class="subhead" colspan="2"><input type="submit" name="action[create_stage2]" value="' . $lang->get('acppg_btn_create_finish') . '" style="font-weight: bold;" /> <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" /></th>
   408             </tr>';
   408 						</tr>';
   409             
   409 						
   410       echo '</table>
   410 			echo '</table>
   411             </div>';
   411 						</div>';
   412       
   412 			
   413       echo '</form>';
   413 			echo '</form>';
   414       
   414 			
   415       echo '<script type="text/javascript">pg_createform_init();</script>';
   415 			echo '<script type="text/javascript">pg_createform_init();</script>';
   416       return;
   416 			return;
   417     }
   417 		}
   418     else if ( isset($_POST['action']['del']) )
   418 		else if ( isset($_POST['action']['del']) )
   419     {
   419 		{
   420       // Confirmation to delete a group (this is really only a stub)
   420 			// Confirmation to delete a group (this is really only a stub)
   421       
   421 			
   422       $delete_id = array_keys($_POST['action']['del']);
   422 			$delete_id = array_keys($_POST['action']['del']);
   423       $delete_id = intval($delete_id[0]);
   423 			$delete_id = intval($delete_id[0]);
   424       
   424 			
   425       if ( !empty($delete_id) )
   425 			if ( !empty($delete_id) )
   426       {
   426 			{
   427         echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">' . "\n";
   427 				echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">' . "\n";
   428         echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />' . "\n";
   428 				echo '<input type="hidden" name="delete_id" value="' . $delete_id . '" />' . "\n";
   429         echo '<div class="tblholder">' . "\n";
   429 				echo '<div class="tblholder">' . "\n";
   430         echo '  <table border="0" cellspacing="1" cellpadding="4">' . "\n";
   430 				echo '  <table border="0" cellspacing="1" cellpadding="4">' . "\n";
   431         echo '    <tr><th>' . $lang->get('acppg_th_delete_confirm') . '</th></tr>' . "\n";
   431 				echo '    <tr><th>' . $lang->get('acppg_th_delete_confirm') . '</th></tr>' . "\n";
   432         echo '    <tr><td class="row2" style="text-align: center; padding: 20px 0;">' . $lang->get('acppg_msg_delete_confirm') . '</td></tr>' . "\n";
   432 				echo '    <tr><td class="row2" style="text-align: center; padding: 20px 0;">' . $lang->get('acppg_msg_delete_confirm') . '</td></tr>' . "\n";
   433         echo '    <tr><td class="row1" style="text-align: center;">' . "\n";
   433 				echo '    <tr><td class="row1" style="text-align: center;">' . "\n";
   434         echo '        <input type="submit" name="action[del_confirm]" value="' . $lang->get('acppg_btn_delete_confirm') . '" style="font-weight: bold;" />' . "\n";
   434 				echo '        <input type="submit" name="action[del_confirm]" value="' . $lang->get('acppg_btn_delete_confirm') . '" style="font-weight: bold;" />' . "\n";
   435         echo '        <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" />' . "\n";
   435 				echo '        <input type="submit" name="action[noop]" value="' . $lang->get('etc_cancel') . '" style="font-weight: normal;" />' . "\n";
   436         echo '        </td></tr>' . "\n";
   436 				echo '        </td></tr>' . "\n";
   437         echo '  </table>' . "\n";
   437 				echo '  </table>' . "\n";
   438         echo '</form>' . "\n";
   438 				echo '</form>' . "\n";
   439         
   439 				
   440         return;
   440 				return;
   441       }
   441 			}
   442     }
   442 		}
   443     else if ( isset($_POST['action']['del_confirm']) )
   443 		else if ( isset($_POST['action']['del_confirm']) )
   444     {
   444 		{
   445       $delete_id = intval($_POST['delete_id']);
   445 			$delete_id = intval($_POST['delete_id']);
   446       if ( empty($delete_id) )
   446 			if ( empty($delete_id) )
   447       {
   447 			{
   448         echo 'Hack attempt';
   448 				echo 'Hack attempt';
   449         return;
   449 				return;
   450       }
   450 			}
   451       // Obtain group name
   451 			// Obtain group name
   452       $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
   452 			$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
   453       if ( !$q )
   453 			if ( !$q )
   454         $db->_die();
   454 				$db->_die();
   455       if ( $db->numrows() < 1 )
   455 			if ( $db->numrows() < 1 )
   456       {
   456 			{
   457         echo 'Page group dun exist.';
   457 				echo 'Page group dun exist.';
   458         return;
   458 				return;
   459       }
   459 			}
   460       $row = $db->fetchrow();
   460 			$row = $db->fetchrow();
   461       $db->free_result();
   461 			$db->free_result();
   462       $pg_name = $row['pg_name'];
   462 			$pg_name = $row['pg_name'];
   463       unset($row);
   463 			unset($row);
   464       // Delete the group
   464 			// Delete the group
   465       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
   465 			$q = $db->sql_query('DELETE FROM '.table_prefix.'page_groups WHERE pg_id=' . $delete_id . ';');
   466       if ( !$q )
   466 			if ( !$q )
   467         $db->_die();
   467 				$db->_die();
   468       $q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');
   468 			$q = $db->sql_query('DELETE FROM '.table_prefix.'page_group_members WHERE pg_id=' . $delete_id . ';');
   469       if ( !$q )
   469 			if ( !$q )
   470         $db->_die();
   470 				$db->_die();
   471       
   471 			
   472       $del_msg = $lang->get('acppg_msg_delete_success', array('pg_name' => htmlspecialchars($pg_name)));
   472 			$del_msg = $lang->get('acppg_msg_delete_success', array('pg_name' => htmlspecialchars($pg_name)));
   473       echo "<div class=\"info-box\">$del_msg</div>";
   473 			echo "<div class=\"info-box\">$del_msg</div>";
   474     }
   474 		}
   475     else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )
   475 		else if ( isset($_POST['action']['edit']) && !isset($_POST['action']['noop']) )
   476     {
   476 		{
   477       if ( isset($_POST['action']['edit_save']) )
   477 			if ( isset($_POST['action']['edit_save']) )
   478       {
   478 			{
   479       }
   479 			}
   480      
   480  		
   481       if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )
   481 			if ( isset($_POST['action']['edit']['add_page']) && isset($_GET['src']) && $_GET['src'] == 'ajax' )
   482       {
   482 			{
   483         $return = array('successful' => false);
   483 				$return = array('successful' => false);
   484         
   484 				
   485         //
   485 				//
   486         // Add the specified page to the group
   486 				// Add the specified page to the group
   487         //
   487 				//
   488         
   488 				
   489         // Get ID of the group
   489 				// Get ID of the group
   490         $edit_id = intval($_POST['pg_id']);
   490 				$edit_id = intval($_POST['pg_id']);
   491         if ( !$edit_id )
   491 				if ( !$edit_id )
   492         {
   492 				{
   493           $return = array('mode' => 'error', 'text' => 'Hack attempt');
   493 					$return = array('mode' => 'error', 'text' => 'Hack attempt');
   494           echo enano_json_encode($return);
   494 					echo enano_json_encode($return);
   495           return;
   495 					return;
   496         }
   496 				}
   497         
   497 				
   498         // Run some validation - check that page exists and that it's not already in the group
   498 				// Run some validation - check that page exists and that it's not already in the group
   499         $page = $_POST['new_page'];
   499 				$page = $_POST['new_page'];
   500         if ( empty($page) )
   500 				if ( empty($page) )
   501         {
   501 				{
   502           $return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_need_title'));
   502 					$return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_need_title'));
   503           echo enano_json_encode($return);
   503 					echo enano_json_encode($return);
   504           return;
   504 					return;
   505         }
   505 				}
   506         
   506 				
   507         /*
   507 				/*
   508         // We're gonna allow adding nonexistent pages for now
   508 				// We're gonna allow adding nonexistent pages for now
   509         if ( !isPage($page) )
   509 				if ( !isPage($page) )
   510         {
   510 				{
   511           $return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');
   511 					$return = array('mode' => 'error', 'text' => 'The page you are trying to add (' . htmlspecialchars($page) . ') does not exist.');
   512           echo enano_json_encode($return);
   512 					echo enano_json_encode($return);
   513           return;
   513 					return;
   514         }
   514 				}
   515         */
   515 				*/
   516         
   516 				
   517         list($page_id, $namespace) = RenderMan::strToPageID($page);
   517 				list($page_id, $namespace) = RenderMan::strToPageID($page);
   518         $page_id = sanitize_page_id($page_id);
   518 				$page_id = sanitize_page_id($page_id);
   519         
   519 				
   520         if ( !isset($paths->namespace[$namespace]) )
   520 				if ( !isset($paths->namespace[$namespace]) )
   521         {
   521 				{
   522           $return = array('mode' => 'error', 'text' => 'Invalid namespace return from RenderMan::strToPageID()');
   522 					$return = array('mode' => 'error', 'text' => 'Invalid namespace return from RenderMan::strToPageID()');
   523           echo enano_json_encode($return);
   523 					echo enano_json_encode($return);
   524           return;
   524 					return;
   525         }
   525 				}
   526         
   526 				
   527         $q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');
   527 				$q = $db->sql_query('SELECT "x" FROM '.table_prefix.'page_group_members WHERE pg_id=' . $edit_id . ' AND page_id=\'' . $db->escape($page_id) . '\' AND namespace=\'' . $namespace . '\';');
   528         if ( !$q )
   528 				if ( !$q )
   529         {
   529 				{
   530           $return = array('mode' => 'error', 'text' => $db->get_error());
   530 					$return = array('mode' => 'error', 'text' => $db->get_error());
   531           echo enano_json_encode($return);
   531 					echo enano_json_encode($return);
   532           return;
   532 					return;
   533         }
   533 				}
   534         if ( $db->numrows() > 0 )
   534 				if ( $db->numrows() > 0 )
   535         {
   535 				{
   536           $return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_already_in'));
   536 					$return = array('mode' => 'error', 'text' => $lang->get('acppg_err_ajaxadd_already_in'));
   537           echo enano_json_encode($return);
   537 					echo enano_json_encode($return);
   538           return;
   538 					return;
   539         }
   539 				}
   540         
   540 				
   541         $q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   541 				$q = $db->sql_query('INSERT INTO '.table_prefix.'page_group_members(pg_id, page_id, namespace) VALUES(' . $edit_id . ', \'' . $db->escape($page_id) . '\', \'' . $namespace . '\');');
   542         if ( !$q )
   542 				if ( !$q )
   543         {
   543 				{
   544           $return = array('mode' => 'error', 'text' => $db->get_error());
   544 					$return = array('mode' => 'error', 'text' => $db->get_error());
   545           echo enano_json_encode($return);
   545 					echo enano_json_encode($return);
   546           return;
   546 					return;
   547         }
   547 				}
   548         
   548 				
   549         $title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);
   549 				$title = "($namespace) " . get_page_title($paths->nslist[$namespace] . $page_id);
   550         
   550 				
   551         $return = array('mode' => 'info', 'text' => $lang->get('acppg_ajaxadd_success'), 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());
   551 				$return = array('mode' => 'info', 'text' => $lang->get('acppg_ajaxadd_success'), 'successful' => true, 'title' => $title, 'member_id' => $db->insert_id());
   552         
   552 				
   553         echo enano_json_encode($return);
   553 				echo enano_json_encode($return);
   554         return;
   554 				return;
   555       }
   555 			}
   556       
   556 			
   557       if ( isset($_POST['action']['edit_save']) && isset($_POST['pg_name']) )
   557 			if ( isset($_POST['action']['edit_save']) && isset($_POST['pg_name']) )
   558       {
   558 			{
   559         $edit_id = $_POST['action']['edit'];
   559 				$edit_id = $_POST['action']['edit'];
   560         $edit_id = intval($edit_id);
   560 				$edit_id = intval($edit_id);
   561         if ( !empty($edit_id) )
   561 				if ( !empty($edit_id) )
   562         {
   562 				{
   563           // Update group name
   563 					// Update group name
   564           $new_name = $_POST['pg_name'];
   564 					$new_name = $_POST['pg_name'];
   565           if ( empty($new_name) )
   565 					if ( empty($new_name) )
   566           {
   566 					{
   567             echo '<div class="error-box">' . $lang->get('acppg_err_save_need_name') . '</div>';
   567 						echo '<div class="error-box">' . $lang->get('acppg_err_save_need_name') . '</div>';
   568           }
   568 					}
   569           else
   569 					else
   570           {
   570 					{
   571             $q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
   571 						$q = $db->sql_query('SELECT pg_name FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
   572             if ( !$q )
   572 						if ( !$q )
   573               $db->_die();
   573 							$db->_die();
   574             $row = $db->fetchrow();
   574 						$row = $db->fetchrow();
   575             $db->free_result();
   575 						$db->free_result();
   576             if ( $new_name != $row['pg_name'] )
   576 						if ( $new_name != $row['pg_name'] )
   577             {
   577 						{
   578               $new_name = $db->escape(trim($new_name));
   578 							$new_name = $db->escape(trim($new_name));
   579               $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_name=\'' . $new_name . '\' WHERE pg_id=' . $edit_id . ';');
   579 							$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_name=\'' . $new_name . '\' WHERE pg_id=' . $edit_id . ';');
   580               if ( !$q )
   580 							if ( !$q )
   581                 $db->_die();
   581 								$db->_die();
   582               else
   582 							else
   583                 echo '<div class="info-box">' . $lang->get('acppg_msg_save_name_updated') . '</div>';
   583 								echo '<div class="info-box">' . $lang->get('acppg_msg_save_name_updated') . '</div>';
   584             }
   584 						}
   585             if ( $_POST['pg_type'] == PAGE_GRP_TAGGED )
   585 						if ( $_POST['pg_type'] == PAGE_GRP_TAGGED )
   586             {
   586 						{
   587               $target = $_POST['pg_target'];
   587 							$target = $_POST['pg_target'];
   588               $target = sanitize_tag($target);
   588 							$target = sanitize_tag($target);
   589               if ( empty($target) )
   589 							if ( empty($target) )
   590               {
   590 							{
   591                 echo '<div class="error-box">' . $lang->get('acppg_err_save_need_tag') . '</div>';
   591 								echo '<div class="error-box">' . $lang->get('acppg_err_save_need_tag') . '</div>';
   592               }
   592 							}
   593               else
   593 							else
   594               {
   594 							{
   595                 $target = $db->escape($target);
   595 								$target = $db->escape($target);
   596                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   596 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   597                 if ( !$q )
   597 								if ( !$q )
   598                   $db->_die();
   598 									$db->_die();
   599                 else
   599 								else
   600                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_tag_updated') . '</div>';
   600 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_tag_updated') . '</div>';
   601               }
   601 							}
   602             }
   602 						}
   603             else if ( $_POST['pg_type'] == PAGE_GRP_REGEX )
   603 						else if ( $_POST['pg_type'] == PAGE_GRP_REGEX )
   604             {
   604 						{
   605               $target = $_POST['pg_target'];
   605 							$target = $_POST['pg_target'];
   606               if ( empty($target) )
   606 							if ( empty($target) )
   607               {
   607 							{
   608                 echo '<div class="error-box">' . $lang->get('acppg_err_save_need_regex') . '</div>';
   608 								echo '<div class="error-box">' . $lang->get('acppg_err_save_need_regex') . '</div>';
   609               }
   609 							}
   610               else
   610 							else
   611               {
   611 							{
   612                 $target = $db->escape($target);
   612 								$target = $db->escape($target);
   613                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   613 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   614                 if ( !$q )
   614 								if ( !$q )
   615                   $db->_die();
   615 									$db->_die();
   616                 else
   616 								else
   617                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_regex_updated') . '</div>';
   617 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_regex_updated') . '</div>';
   618               }
   618 							}
   619             }
   619 						}
   620             else if ( $_POST['pg_type'] == PAGE_GRP_CATLINK )
   620 						else if ( $_POST['pg_type'] == PAGE_GRP_CATLINK )
   621             {
   621 						{
   622               $target = $_POST['pg_target'];
   622 							$target = $_POST['pg_target'];
   623               if ( empty($target) )
   623 							if ( empty($target) )
   624               {
   624 							{
   625                 echo '<div class="error-box">' . $lang->get('acppg_err_save_bad_category') . '</div>';
   625 								echo '<div class="error-box">' . $lang->get('acppg_err_save_bad_category') . '</div>';
   626               }
   626 							}
   627               else
   627 							else
   628               {
   628 							{
   629                 $target = $db->escape($target);
   629 								$target = $db->escape($target);
   630                 $q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   630 								$q = $db->sql_query('UPDATE '.table_prefix.'page_groups SET pg_target=\'' . $target . '\' WHERE pg_id=' . $edit_id . ';');
   631                 if ( !$q )
   631 								if ( !$q )
   632                   $db->_die();
   632 									$db->_die();
   633                 else
   633 								else
   634                   echo '<div class="info-box">' . $lang->get('acppg_msg_save_cat_updated') . '</div>';
   634 									echo '<div class="info-box">' . $lang->get('acppg_msg_save_cat_updated') . '</div>';
   635               }
   635 							}
   636             }
   636 						}
   637           }
   637 					}
   638         }
   638 				}
   639       }
   639 			}
   640       else if ( isset($_POST['action']['edit_save']) )
   640 			else if ( isset($_POST['action']['edit_save']) )
   641       {
   641 			{
   642         $edit_id = $_POST['action']['edit'];
   642 				$edit_id = $_POST['action']['edit'];
   643         $edit_id = intval($edit_id);
   643 				$edit_id = intval($edit_id);
   644       }
   644 			}
   645       else
   645 			else
   646       {
   646 			{
   647         $edit_id = array_keys($_POST['action']['edit']);
   647 				$edit_id = array_keys($_POST['action']['edit']);
   648         $edit_id = intval($edit_id[0]);
   648 				$edit_id = intval($edit_id[0]);
   649       }
   649 			}
   650       
   650 			
   651       if ( empty($edit_id) )
   651 			if ( empty($edit_id) )
   652       {
   652 			{
   653         echo 'Hack attempt';
   653 				echo 'Hack attempt';
   654         return;
   654 				return;
   655       }
   655 			}
   656       
   656 			
   657       if ( isset($_POST['action']['edit_save']['do_rm']) && !isset($_POST['pg_name']) )
   657 			if ( isset($_POST['action']['edit_save']['do_rm']) && !isset($_POST['pg_name']) )
   658       {
   658 			{
   659         $vals = array_keys($_POST['action']['edit_save']['rm']);
   659 				$vals = array_keys($_POST['action']['edit_save']['rm']);
   660         $good = array();
   660 				$good = array();
   661         foreach ( $vals as $id )
   661 				foreach ( $vals as $id )
   662         {
   662 				{
   663           if ( strval(intval($id)) == $id )
   663 					if ( strval(intval($id)) == $id )
   664             $good[] = $id;
   664 						$good[] = $id;
   665         }
   665 				}
   666         $subquery = ( count($good) > 0 ) ? 'pg_member_id=' . implode(' OR pg_member_id=', $good) : "'foo'='bar'";
   666 				$subquery = ( count($good) > 0 ) ? 'pg_member_id=' . implode(' OR pg_member_id=', $good) : "'foo'='bar'";
   667         if ( $subquery == "'foo'='bar'" )
   667 				if ( $subquery == "'foo'='bar'" )
   668         {
   668 				{
   669           echo '<div class="warning-box">' . $lang->get('acppg_err_save_no_pages') . '</div>';
   669 					echo '<div class="warning-box">' . $lang->get('acppg_err_save_no_pages') . '</div>';
   670         }
   670 				}
   671         else
   671 				else
   672         {
   672 				{
   673           $sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";
   673 					$sql = 'DELETE FROM '.table_prefix."page_group_members WHERE ( $subquery ) AND pg_id=$edit_id;";
   674           if ( !$db->sql_query($sql) )
   674 					if ( !$db->sql_query($sql) )
   675           {
   675 					{
   676             $db->_die();
   676 						$db->_die();
   677           }
   677 					}
   678           echo '<div class="info-box">' . $lang->get('acppg_msg_save_pages_deleted') . '</div>';
   678 					echo '<div class="info-box">' . $lang->get('acppg_msg_save_pages_deleted') . '</div>';
   679         }
   679 				}
   680       }
   680 			}
   681       
   681 			
   682       // Fetch information about page group
   682 			// Fetch information about page group
   683       $q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
   683 			$q = $db->sql_query('SELECT pg_name, pg_type, pg_target FROM '.table_prefix.'page_groups WHERE pg_id=' . $edit_id . ';');
   684       if ( !$q )
   684 			if ( !$q )
   685         $db->_die();
   685 				$db->_die();
   686       
   686 			
   687       if ( $db->numrows() < 1 )
   687 			if ( $db->numrows() < 1 )
   688       {
   688 			{
   689         echo 'Bad request - can\'t load page group from database.';
   689 				echo 'Bad request - can\'t load page group from database.';
   690         return;
   690 				return;
   691       }
   691 			}
   692       
   692 			
   693       $row = $db->fetchrow();
   693 			$row = $db->fetchrow();
   694       $db->free_result();
   694 			$db->free_result();
   695       
   695 			
   696       echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
   696 			echo '<form name="pg_edit_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
   697       echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
   697 			echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
   698       echo '<input type="hidden" name="pg_type" value="' . $row['pg_type'] . '" />';
   698 			echo '<input type="hidden" name="pg_type" value="' . $row['pg_type'] . '" />';
   699       echo '<div class="tblholder">
   699 			echo '<div class="tblholder">
   700               <table border="0" cellspacing="1" cellpadding="4">
   700 							<table border="0" cellspacing="1" cellpadding="4">
   701                 <tr>
   701 								<tr>
   702                   <th colspan="3">' . $lang->get('acppg_th_editing_group') . ' ' . htmlspecialchars($row['pg_name']) . '</th>
   702 									<th colspan="3">' . $lang->get('acppg_th_editing_group') . ' ' . htmlspecialchars($row['pg_name']) . '</th>
   703                 </tr>';
   703 								</tr>';
   704       // Group name
   704 			// Group name
   705       
   705 			
   706       echo '    <tr>
   706 			echo '    <tr>
   707                   <td class="row2">' . $lang->get('acppg_field_group_name') . '</td>
   707 									<td class="row2">' . $lang->get('acppg_field_group_name') . '</td>
   708                   <td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>
   708 									<td class="row1" colspan="2"><input type="text" name="pg_name" value="' . htmlspecialchars($row['pg_name']) . '" size="30" /></td>
   709                 </tr>';
   709 								</tr>';
   710       
   710 			
   711       $ajax_page_add = false;
   711 			$ajax_page_add = false;
   712                 
   712 								
   713       // This is where the going gets tricky.
   713 			// This is where the going gets tricky.
   714       // For static groups, we need to have each page listed out with a removal button, and a form to add new pages.
   714 			// For static groups, we need to have each page listed out with a removal button, and a form to add new pages.
   715       // For category links, we need a select box with each category in it, and
   715 			// For category links, we need a select box with each category in it, and
   716       // For tag sets, just a text box to enter a new tag.
   716 			// For tag sets, just a text box to enter a new tag.
   717       
   717 			
   718       // You can guess which one I dreaded.
   718 			// You can guess which one I dreaded.
   719       
   719 			
   720       switch ( $row['pg_type'] )
   720 			switch ( $row['pg_type'] )
   721       {
   721 			{
   722         case PAGE_GRP_NORMAL:
   722 				case PAGE_GRP_NORMAL:
   723           
   723 					
   724           // You have guessed correct.
   724 					// You have guessed correct.
   725           // *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*
   725 					// *Sits in chair for 10 minutes listening to the radio in an effort to put off writing the code you see below*
   726           
   726 					
   727           echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_name') . '" /></th></tr>';
   727 					echo '<tr><th colspan="3" class="subhead"><input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_name') . '" /></th></tr>';
   728           echo '</table></div>';
   728 					echo '</table></div>';
   729           echo '</form>';
   729 					echo '</form>';
   730           echo '<form name="pg_static_rm_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" enctype="multipart/form-data">';
   730 					echo '<form name="pg_static_rm_frm" action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" enctype="multipart/form-data">';
   731           echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
   731 					echo '<input type="hidden" name="action[edit]" value="' . $edit_id . '" />';
   732           echo '<div class="tblholder">
   732 					echo '<div class="tblholder">
   733                   <table border="0" cellspacing="1" cellpadding="4">
   733 									<table border="0" cellspacing="1" cellpadding="4">
   734                     <tr>
   734 										<tr>
   735                       <th colspan="3">' . $lang->get('acppg_th_remove_selected') . '</th>
   735 											<th colspan="3">' . $lang->get('acppg_th_remove_selected') . '</th>
   736                     </tr>';
   736 										</tr>';
   737           
   737 					
   738           $q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m
   738 					$q = $db->sql_query('SELECT m.pg_member_id,m.page_id,m.namespace FROM '.table_prefix.'page_group_members AS m
   739                                  LEFT JOIN '.table_prefix.'pages AS p
   739  																LEFT JOIN '.table_prefix.'pages AS p
   740                                    ON ( p.urlname = m.page_id AND p.namespace = m.namespace )
   740  																	ON ( p.urlname = m.page_id AND p.namespace = m.namespace )
   741                                  WHERE m.pg_id=' . $edit_id . ';');
   741  																WHERE m.pg_id=' . $edit_id . ';');
   742           
   742 					
   743           if ( !$q )
   743 					if ( !$q )
   744             $db->_die();
   744 						$db->_die();
   745           
   745 					
   746           $delim = ceil( $db->numrows($q) / 2 );
   746 					$delim = ceil( $db->numrows($q) / 2 );
   747           if ( $delim < 5 )
   747 					if ( $delim < 5 )
   748           {
   748 					{
   749             $delim = 0xFFFFFFFE;
   749 						$delim = 0xFFFFFFFE;
   750             // stupid hack. I'm XSSing my own code.
   750 						// stupid hack. I'm XSSing my own code.
   751             $colspan = '2" id="pg_edit_tackon2me';
   751 						$colspan = '2" id="pg_edit_tackon2me';
   752           }
   752 					}
   753           else
   753 					else
   754           {
   754 					{
   755             $colspan = "1";
   755 						$colspan = "1";
   756           }
   756 					}
   757           
   757 					
   758           echo '<tr><td class="row2" rowspan="2">' . $lang->get('acppg_field_remove') . '</td><td class="row1" colspan="' . $colspan . '">';
   758 					echo '<tr><td class="row2" rowspan="2">' . $lang->get('acppg_field_remove') . '</td><td class="row1" colspan="' . $colspan . '">';
   759           $i = 0;
   759 					$i = 0;
   760           
   760 					
   761           while ( $row = $db->fetchrow($q) )
   761 					while ( $row = $db->fetchrow($q) )
   762           {
   762 					{
   763             $i++;
   763 						$i++;
   764             if ( $i == $delim )
   764 						if ( $i == $delim )
   765             {
   765 						{
   766               echo '</td><td class="row1" id="pg_edit_tackon2me">';
   766 							echo '</td><td class="row1" id="pg_edit_tackon2me">';
   767             }
   767 						}
   768             $page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);
   768 						$page_name = '(' . $row['namespace'] . ') ' . get_page_title($paths->nslist[$row['namespace']] . $row['page_id']);
   769             echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';
   769 						echo '<label><input type="checkbox" name="action[edit_save][rm][' . $row['pg_member_id'] . ']" /> ' . htmlspecialchars($page_name) . '</label><br />';
   770           }
   770 					}
   771           
   771 					
   772           echo '</td></tr>';
   772 					echo '</td></tr>';
   773           echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="' . $lang->get('acppg_btn_do_remove') . '" /></th></tr>';
   773 					echo '<tr><th colspan="2" class="subhead" style="width: 70%;"><input type="submit" name="action[edit_save][do_rm]" value="' . $lang->get('acppg_btn_do_remove') . '" /></th></tr>';
   774           
   774 					
   775           // More javascript magic!
   775 					// More javascript magic!
   776           ?>
   776 					?>
   777           <script type="text/javascript">
   777 					<script type="text/javascript">
   778             var __pg_edit_submitAuthorized = true;
   778 						var __pg_edit_submitAuthorized = true;
   779             var __ol_pg_edit_setup = function()
   779 						var __ol_pg_edit_setup = function()
   780             {
   780 						{
   781               var input = document.getElementById('inptext_pg_add_member');
   781 							var input = document.getElementById('inptext_pg_add_member');
   782               input.onkeypress = function(e) {
   782 							input.onkeypress = function(e) {
   783                   if ( e.keyCode == 13 )
   783 									if ( e.keyCode == 13 )
   784                   {
   784 									{
   785                     setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500);
   785 										setTimeout('__pg_edit_ajaxadd(document.getElementById(\'' + this.id + '\'));', 500);
   786                   } 
   786 									} 
   787                 };
   787 								};
   788             }
   788 						}
   789             addOnloadHook(__ol_pg_edit_setup);
   789 						addOnloadHook(__ol_pg_edit_setup);
   790             var __pg_edit_objcache = false;
   790 						var __pg_edit_objcache = false;
   791             function __pg_edit_ajaxadd(obj)
   791 						function __pg_edit_ajaxadd(obj)
   792             {
   792 						{
   793               if ( __pg_edit_objcache )
   793 							if ( __pg_edit_objcache )
   794                 return false;
   794 								return false;
   795               __pg_edit_objcache = obj;
   795 							__pg_edit_objcache = obj;
   796               
   796 							
   797               if ( obj.nextSibling )
   797 							if ( obj.nextSibling )
   798               {
   798 							{
   799                 if ( obj.nextSibling.tagName == 'DIV' )
   799 								if ( obj.nextSibling.tagName == 'DIV' )
   800                 {
   800 								{
   801                   obj.parentNode.removeChild(obj.nextSibling);
   801 									obj.parentNode.removeChild(obj.nextSibling);
   802                 }
   802 								}
   803               }
   803 							}
   804               
   804 							
   805               // set width on parent, to prevent wrapping of ajax loading image
   805 							// set width on parent, to prevent wrapping of ajax loading image
   806               var w = $dynano(obj).Width();
   806 							var w = $dynano(obj).Width();
   807               w = w + 24;
   807 							w = w + 24;
   808               obj.parentNode.style.width = w + 'px';
   808 							obj.parentNode.style.width = w + 'px';
   809               
   809 							
   810               // append the ajaxy loading image
   810 							// append the ajaxy loading image
   811               var img = document.createElement('img');
   811 							var img = document.createElement('img');
   812               img.src = scriptPath + '/images/loading.gif';
   812 							img.src = scriptPath + '/images/loading.gif';
   813               img.style.marginLeft = '4px';
   813 							img.style.marginLeft = '4px';
   814               insertAfter(obj.parentNode, img, obj);
   814 							insertAfter(obj.parentNode, img, obj);
   815               
   815 							
   816               var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');
   816 							var url = makeUrlNS('Admin', 'PageGroups', 'src=ajax');
   817               var page_add = escape(obj.value);
   817 							var page_add = escape(obj.value);
   818               var pg_id = document.forms.pg_edit_frm['action[edit]'].value;
   818 							var pg_id = document.forms.pg_edit_frm['action[edit]'].value;
   819               
   819 							
   820               ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()
   820 							ajaxPost(url, 'action[edit][add_page]=&pg_id=' + pg_id + '&new_page=' + page_add, function()
   821                 {
   821 								{
   822                   if ( ajax.readyState == 4 )
   822 									if ( ajax.readyState == 4 )
   823                   {
   823 									{
   824                     var obj = __pg_edit_objcache;
   824 										var obj = __pg_edit_objcache;
   825                     __pg_edit_objcache = false;
   825 										__pg_edit_objcache = false;
   826                     
   826 										
   827                     // kill the loading graphic
   827 										// kill the loading graphic
   828                     obj.parentNode.removeChild(obj.nextSibling);
   828 										obj.parentNode.removeChild(obj.nextSibling);
   829                     
   829 										
   830                     var resptext = String(ajax.responseText + '');
   830 										var resptext = String(ajax.responseText + '');
   831                     if ( resptext.substr(0, 1) != '{' )
   831 										if ( resptext.substr(0, 1) != '{' )
   832                     {
   832 										{
   833                       // This ain't JSON baby.
   833 											// This ain't JSON baby.
   834                       alert('Invalid JSON response:\n' + resptext);
   834 											alert('Invalid JSON response:\n' + resptext);
   835                       return false;
   835 											return false;
   836                     }
   836 										}
   837                     var json = parseJSON(resptext);
   837 										var json = parseJSON(resptext);
   838                     
   838 										
   839                     var div = document.createElement('div');
   839 										var div = document.createElement('div');
   840                     if ( json.mode == 'info' )
   840 										if ( json.mode == 'info' )
   841                     {
   841 										{
   842                       div.className = 'info-box-mini';
   842 											div.className = 'info-box-mini';
   843                     }
   843 										}
   844                     else if ( json.mode == 'error' )
   844 										else if ( json.mode == 'error' )
   845                     {
   845 										{
   846                       div.className = 'error-box-mini';
   846 											div.className = 'error-box-mini';
   847                     }
   847 										}
   848                     div.appendChild(document.createTextNode(json.text));
   848 										div.appendChild(document.createTextNode(json.text));
   849                     insertAfter(obj.parentNode, div, obj);
   849 										insertAfter(obj.parentNode, div, obj);
   850                     
   850 										
   851                     if ( json.successful )
   851 										if ( json.successful )
   852                     {
   852 										{
   853                       var td = document.getElementById('pg_edit_tackon2me');
   853 											var td = document.getElementById('pg_edit_tackon2me');
   854                       var lbl = document.createElement('label');
   854 											var lbl = document.createElement('label');
   855                       var check = document.createElement('input');
   855 											var check = document.createElement('input');
   856                       check.type = 'checkbox';
   856 											check.type = 'checkbox';
   857                       check.name = 'action[edit_save][rm][' + json.member_id + ']';
   857 											check.name = 'action[edit_save][rm][' + json.member_id + ']';
   858                       lbl.appendChild(check);
   858 											lbl.appendChild(check);
   859                       lbl.appendChild(document.createTextNode(' ' + json.title));
   859 											lbl.appendChild(document.createTextNode(' ' + json.title));
   860                       td.appendChild(lbl);
   860 											td.appendChild(lbl);
   861                       td.appendChild(document.createElement('br'));
   861 											td.appendChild(document.createElement('br'));
   862                     }
   862 										}
   863                     
   863 										
   864                   }
   864 									}
   865                 });
   865 								});
   866             }
   866 						}
   867           </script>
   867 					</script>
   868           <?php
   868 					<?php
   869           
   869 					
   870           $ajax_page_add = true;
   870 					$ajax_page_add = true;
   871           
   871 					
   872           break;
   872 					break;
   873         case PAGE_GRP_TAGGED:
   873 				case PAGE_GRP_TAGGED:
   874           echo '<tr>
   874 					echo '<tr>
   875                   <td class="row2">
   875 									<td class="row2">
   876                     ' . $lang->get('acppg_field_target_tag') . '
   876 										' . $lang->get('acppg_field_target_tag') . '
   877                   </td>
   877 									</td>
   878                   <td class="row1">
   878 									<td class="row1">
   879                     <input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />
   879 										<input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />
   880                   </td>
   880 									</td>
   881                 </tr>';
   881 								</tr>';
   882           break;
   882 					break;
   883         case PAGE_GRP_REGEX:
   883 				case PAGE_GRP_REGEX:
   884           echo '<tr>
   884 					echo '<tr>
   885                   <td class="row2">
   885 									<td class="row2">
   886                     ' . $lang->get('acppg_field_target_regex') . '<br />
   886 										' . $lang->get('acppg_field_target_regex') . '<br />
   887                     <small>' . $lang->get('acppg_field_target_regex_hint') . '</small>
   887 										<small>' . $lang->get('acppg_field_target_regex_hint') . '</small>
   888                   </td>
   888 									</td>
   889                   <td class="row1">
   889 									<td class="row1">
   890                     <input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />
   890 										<input type="text" name="pg_target" value="' . htmlspecialchars($row['pg_target']) . '" size="30" />
   891                   </td>
   891 									</td>
   892                 </tr>';
   892 								</tr>';
   893           break;
   893 					break;
   894         case PAGE_GRP_CATLINK:
   894 				case PAGE_GRP_CATLINK:
   895           
   895 					
   896           // Build category list
   896 					// Build category list
   897           $q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
   897 					$q = $db->sql_query('SELECT name,urlname FROM '.table_prefix.'pages WHERE namespace=\'Category\';');
   898           if ( !$q )
   898 					if ( !$q )
   899             $db->_die();
   899 						$db->_die();
   900           
   900 					
   901           if ( $db->numrows() < 1 )
   901 					if ( $db->numrows() < 1 )
   902           {
   902 					{
   903             $catlist = 'There aren\'t any categories on this site.';
   903 						$catlist = 'There aren\'t any categories on this site.';
   904           }
   904 					}
   905           else
   905 					else
   906           {
   906 					{
   907             $catlist = '<select name="pg_target">';
   907 						$catlist = '<select name="pg_target">';
   908             while ( $catrow = $db->fetchrow() )
   908 						while ( $catrow = $db->fetchrow() )
   909             {
   909 						{
   910               $selected = ( $catrow['urlname'] == $row['pg_target'] ) ? ' selected="selected"' : '';
   910 							$selected = ( $catrow['urlname'] == $row['pg_target'] ) ? ' selected="selected"' : '';
   911               $catlist .= '<option value="' . htmlspecialchars($catrow['urlname']) . '"' . $selected . '>' . htmlspecialchars($catrow['name']) . '</option>';
   911 							$catlist .= '<option value="' . htmlspecialchars($catrow['urlname']) . '"' . $selected . '>' . htmlspecialchars($catrow['name']) . '</option>';
   912             }
   912 						}
   913             $catlist .= '</select>';
   913 						$catlist .= '</select>';
   914           }
   914 					}
   915           
   915 					
   916           echo '<tr>
   916 					echo '<tr>
   917                   <td class="row2">
   917 									<td class="row2">
   918                     ' . $lang->get('acppg_field_target_category') . '<br />
   918 										' . $lang->get('acppg_field_target_category') . '<br />
   919                     <small>' . $lang->get('acppg_field_target_category_hint2') . '</small>
   919 										<small>' . $lang->get('acppg_field_target_category_hint2') . '</small>
   920                   </td>
   920 									</td>
   921                   <td class="row1">
   921 									<td class="row1">
   922                     ' . $catlist . '
   922 										' . $catlist . '
   923                   </td>
   923 									</td>
   924                 </tr>';
   924 								</tr>';
   925           
   925 					
   926           break;
   926 					break;
   927       }
   927 			}
   928       
   928 			
   929       if ( $ajax_page_add )
   929 			if ( $ajax_page_add )
   930       {
   930 			{
   931         echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" /></th></tr>';
   931 				echo '<tr><th colspan="3"><input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" /></th></tr>';
   932       }
   932 			}
   933       else
   933 			else
   934       {
   934 			{
   935         echo '<tr><th colspan="3" class="subhead">
   935 				echo '<tr><th colspan="3" class="subhead">
   936                 <input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_update') . '" />
   936 								<input type="submit" name="action[edit_save]" value="' . $lang->get('acppg_btn_save_update') . '" />
   937                 <input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" />
   937 								<input type="submit" name="action[noop]" value="' . $lang->get('acppg_btn_cancel_all') . '" />
   938               </th></tr>';
   938 							</th></tr>';
   939       }
   939 			}
   940       
   940 			
   941       echo '  </table>
   941 			echo '  </table>
   942             </div>';
   942 						</div>';
   943       echo '</form>';
   943 			echo '</form>';
   944       
   944 			
   945       if ( $ajax_page_add )
   945 			if ( $ajax_page_add )
   946       {
   946 			{
   947         // This needs to be outside of the form.
   947 				// This needs to be outside of the form.
   948         echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';
   948 				echo '<div class="tblholder"><table border="0" cellspacing="1" cellpadding="4"><tr>';
   949         echo '<th colspan="2">' . $lang->get('acppg_th_onthefly') . '</th></tr>';
   949 				echo '<th colspan="2">' . $lang->get('acppg_th_onthefly') . '</th></tr>';
   950         echo '<tr>';
   950 				echo '<tr>';
   951         // Add pages AJAX form
   951 				// Add pages AJAX form
   952         echo '<td class="row2">' . $lang->get('acppg_field_add_page') . '<br /><small>' . $lang->get('acppg_field_add_page_hint') . '</small></td>';
   952 				echo '<td class="row2">' . $lang->get('acppg_field_add_page') . '<br /><small>' . $lang->get('acppg_field_add_page_hint') . '</small></td>';
   953         echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" class="autofill page" /></td>';
   953 				echo '<td class="row1"><input type="text" size="30" name="pg_add_member" id="inptext_pg_add_member" class="autofill page" /></td>';
   954         echo '</tr></table></div>';
   954 				echo '</tr></table></div>';
   955       }
   955 			}
   956       
   956 			
   957       return;
   957 			return;
   958     }
   958 		}
   959     else if ( isset($_POST['action']['noop']) )
   959 		else if ( isset($_POST['action']['noop']) )
   960     {
   960 		{
   961       // Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)
   961 			// Do nothing - skip to main form (noop is usually invoked by a cancel button in a form above)
   962     }
   962 		}
   963     else
   963 		else
   964     {
   964 		{
   965       echo '<div class="error-box">Invalid format of $_POST[action].</div>';
   965 			echo '<div class="error-box">Invalid format of $_POST[action].</div>';
   966     }
   966 		}
   967   }
   967 	}
   968   // No action defined - show default menu
   968 	// No action defined - show default menu
   969   
   969 	
   970   echo '<h2>' . $lang->get('acppg_heading_main') . '</h2>';
   970 	echo '<h2>' . $lang->get('acppg_heading_main') . '</h2>';
   971   echo '<p>' . $lang->get('acppg_hint_intro') . '</p>';
   971 	echo '<p>' . $lang->get('acppg_hint_intro') . '</p>';
   972   
   972 	
   973   $q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');
   973 	$q = $db->sql_query('SELECT pg_id, pg_type, pg_name, pg_target FROM '.table_prefix.'page_groups;');
   974   if ( !$q )
   974 	if ( !$q )
   975     $db->_die();
   975 		$db->_die();
   976 
   976 
   977   echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
   977 	echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
   978   
   978 	
   979   echo '<div class="tblholder">
   979 	echo '<div class="tblholder">
   980           <table border="0" cellspacing="1" cellpadding="4">
   980 					<table border="0" cellspacing="1" cellpadding="4">
   981             <tr>
   981 						<tr>
   982               <th>' . $lang->get('acppg_col_group_name') . '</th>
   982 							<th>' . $lang->get('acppg_col_group_name') . '</th>
   983               <th>' . $lang->get('acppg_col_type') . '</th>
   983 							<th>' . $lang->get('acppg_col_type') . '</th>
   984               <th>' . $lang->get('acppg_col_target') . '</th>
   984 							<th>' . $lang->get('acppg_col_target') . '</th>
   985               <th colspan="2">' . $lang->get('acppg_col_actions') . '</th>
   985 							<th colspan="2">' . $lang->get('acppg_col_actions') . '</th>
   986             </tr>';
   986 						</tr>';
   987   
   987 	
   988   if ( $row = $db->fetchrow($q) )
   988 	if ( $row = $db->fetchrow($q) )
   989   {
   989 	{
   990     do
   990 		do
   991     {
   991 		{
   992       $name = htmlspecialchars($row['pg_name']);
   992 			$name = htmlspecialchars($row['pg_name']);
   993       $type = 'Invalid';
   993 			$type = 'Invalid';
   994       switch ( $row['pg_type'] )
   994 			switch ( $row['pg_type'] )
   995       {
   995 			{
   996         case PAGE_GRP_CATLINK:
   996 				case PAGE_GRP_CATLINK:
   997           $type = $lang->get('acppg_gtype_catlink');
   997 					$type = $lang->get('acppg_gtype_catlink');
   998           break;
   998 					break;
   999         case PAGE_GRP_TAGGED:
   999 				case PAGE_GRP_TAGGED:
  1000           $type = $lang->get('acppg_gtype_tagged');
  1000 					$type = $lang->get('acppg_gtype_tagged');
  1001           break;
  1001 					break;
  1002         case PAGE_GRP_NORMAL:
  1002 				case PAGE_GRP_NORMAL:
  1003           $type = $lang->get('acppg_gtype_static');
  1003 					$type = $lang->get('acppg_gtype_static');
  1004           break;
  1004 					break;
  1005         case PAGE_GRP_REGEX:
  1005 				case PAGE_GRP_REGEX:
  1006           $type = $lang->get('acppg_gtype_regex');
  1006 					$type = $lang->get('acppg_gtype_regex');
  1007           break;
  1007 					break;
  1008       }
  1008 			}
  1009       $target = '';
  1009 			$target = '';
  1010       if ( $row['pg_type'] == PAGE_GRP_TAGGED )
  1010 			if ( $row['pg_type'] == PAGE_GRP_TAGGED )
  1011       {
  1011 			{
  1012         $target = $lang->get('acppg_lbl_tag') . ' ' . htmlspecialchars($row['pg_target']);
  1012 				$target = $lang->get('acppg_lbl_tag') . ' ' . htmlspecialchars($row['pg_target']);
  1013       }
  1013 			}
  1014       else if ( $row['pg_type'] == PAGE_GRP_CATLINK )
  1014 			else if ( $row['pg_type'] == PAGE_GRP_CATLINK )
  1015       {
  1015 			{
  1016         $target = $lang->get('acppg_lbl_category') . ' ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));
  1016 				$target = $lang->get('acppg_lbl_category') . ' ' . htmlspecialchars(get_page_title($paths->nslist['Category'] . sanitize_page_id($row['pg_target'])));
  1017       }
  1017 			}
  1018       else if ( $row['pg_type'] == PAGE_GRP_REGEX )
  1018 			else if ( $row['pg_type'] == PAGE_GRP_REGEX )
  1019       {
  1019 			{
  1020         $target = $lang->get('acppg_lbl_regex') . ' <tt>' . htmlspecialchars($row['pg_target']) . '</tt>';
  1020 				$target = $lang->get('acppg_lbl_regex') . ' <tt>' . htmlspecialchars($row['pg_target']) . '</tt>';
  1021       }
  1021 			}
  1022       $btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_edit') . '" />';
  1022 			$btn_edit = '<input type="submit" name="action[edit][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_edit') . '" />';
  1023       $btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_delete') . '" />';
  1023 			$btn_del = '<input type="submit" name="action[del][' . $row['pg_id'] . ']" value="' . $lang->get('acppg_btn_delete') . '" />';
  1024       echo "<tr>
  1024 			echo "<tr>
  1025               <td class=\"row1\">$name</td>
  1025 							<td class=\"row1\">$name</td>
  1026               <td class=\"row2\">$type</td>
  1026 							<td class=\"row2\">$type</td>
  1027               <td class=\"row1\">$target</td>
  1027 							<td class=\"row1\">$target</td>
  1028               <td class=\"row3\" style=\"text-align: center;\">$btn_edit</td>
  1028 							<td class=\"row3\" style=\"text-align: center;\">$btn_edit</td>
  1029               <td class=\"row3\" style=\"text-align: center;\">$btn_del</td>
  1029 							<td class=\"row3\" style=\"text-align: center;\">$btn_del</td>
  1030             </tr>";
  1030 						</tr>";
  1031     }
  1031 		}
  1032     while ( $row = $db->fetchrow($q) );
  1032 		while ( $row = $db->fetchrow($q) );
  1033   }
  1033 	}
  1034   else
  1034 	else
  1035   {
  1035 	{
  1036     echo '  <tr><td class="row3" colspan="5" style="text-align: center;">' . $lang->get('acppg_msg_no_groups') . '</td></tr>';
  1036 		echo '  <tr><td class="row3" colspan="5" style="text-align: center;">' . $lang->get('acppg_msg_no_groups') . '</td></tr>';
  1037   }
  1037 	}
  1038   
  1038 	
  1039   echo '    <tr>
  1039 	echo '    <tr>
  1040               <th class="subhead" colspan="5">
  1040 							<th class="subhead" colspan="5">
  1041                 <input type="submit" name="action[create]" value="' . $lang->get('acppg_btn_create_new') . '" />
  1041 								<input type="submit" name="action[create]" value="' . $lang->get('acppg_btn_create_new') . '" />
  1042               </th>
  1042 							</th>
  1043             </tr>';
  1043 						</tr>';
  1044   
  1044 	
  1045   echo '  </table>
  1045 	echo '  </table>
  1046         </div>';
  1046 				</div>';
  1047         
  1047 				
  1048   echo '</form>';          
  1048 	echo '</form>';          
  1049     
  1049 		
  1050 }
  1050 }
  1051 
  1051 
  1052 ?>
  1052 ?>