From 2532a68fdd5a54f869c5498d708b00e0e3f5ed2d Mon Sep 17 00:00:00 2001
From: Angelo Cuccato <cuccato@web.de>
Date: Wed, 27 Jan 2010 00:06:22 +0100
Subject: add group del

---
 www-ssl/admin/userChangeSecure.php | 49 ++++++++++++++++++++++++--------------
 www-ssl/admin/userSaveSecure.php   | 36 +++++++++++++++++++++++++++-
 2 files changed, 66 insertions(+), 19 deletions(-)

(limited to 'www-ssl')

diff --git a/www-ssl/admin/userChangeSecure.php b/www-ssl/admin/userChangeSecure.php
index bae26ad4..9da7bc75 100755
--- a/www-ssl/admin/userChangeSecure.php
+++ b/www-ssl/admin/userChangeSecure.php
@@ -16,12 +16,6 @@ if (IsSet($_GET["enterUID"]))
 		"Wenn T-Shirt ein 'Ja' enth&auml;lt, bedeutet dies, dass der Engel ".
 		"bereits sein T-Shirt erhalten hat.<br><br>\n";
 
-	echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n";
-	echo "<table border=\"0\">\n";
-	echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";
-
-	// CVS-Rechte
-	echo "  <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
 
 	$SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'";
 	$Erg_CVS =  mysql_query($SQL_CVS, $con);
@@ -30,6 +24,25 @@ if (IsSet($_GET["enterUID"]))
 		echo "Sorry, der Engel (UID=". $_GET["enterUID"]. ") wurde in der Liste nicht gefunden.";
 	else
 	{
+		// Rename if is an group
+		if( $_GET["enterUID"] < 0 ) {
+			$SQLname = "SELECT `Name` FROM `UserGroups` WHERE `UID`='". $_GET["enterUID"]. "'";
+		        $ErgName = mysql_query($SQLname, $con);
+		        echo mysql_error($con);
+
+			echo "<form action=\"./userSaveSecure.php?action=changeGroupName\" method=\"POST\">\n";
+			echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+			echo "<input type=\"text\" name=\"GroupName\" value=\"". mysql_result($ErgName, 0, "Name"). "\">\n";
+			echo "<input type=\"submit\" value=\"rename\">\n";
+			echo "</form>";
+		}
+
+		echo "<form action=\"./userSaveSecure.php?action=change\" method=\"POST\">\n";
+		echo "<table border=\"0\">\n";
+		echo "<input type=\"hidden\" name=\"Type\" value=\"Secure\">\n";
+		echo "  <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
+
+
 		$CVS_Data = mysql_fetch_array($Erg_CVS);
 		$CVS_Data_i = 1;
 		foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) 
@@ -78,19 +91,19 @@ if (IsSet($_GET["enterUID"]))
 			} //IF
 		} //Foreach	    
 		echo "</td></tr>\n";
-	} // IF TYPE
-
-	// Ende Formular
-	echo "</td></tr>\n";
-	echo "</table>\n<br>\n";
-	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
-	echo "<input type=\"submit\" value=\"sichern...\">\n";
-	echo "</form>";
+		
+		// Ende Formular
+		echo "</td></tr>\n";
+		echo "</table>\n<br>\n";
+		echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+		echo "<input type=\"submit\" value=\"sichern...\">\n";
+		echo "</form>";
 
-	echo "<form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n";
-	echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
-	echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
-	echo "</form>";
+		echo "<br><form action=\"./userSaveSecure.php?action=delete\" method=\"POST\">\n";
+		echo "<input type=\"hidden\" name=\"enterUID\" value=\"". $_GET["enterUID"]. "\">\n";
+		echo "<input type=\"submit\" value=\"l&ouml;schen...\">\n";
+		echo "</form>";
+	} 
 }
 
 include ("../../includes/footer.php");
diff --git a/www-ssl/admin/userSaveSecure.php b/www-ssl/admin/userSaveSecure.php
index 6eadeddc..4a3c1eae 100755
--- a/www-ssl/admin/userSaveSecure.php
+++ b/www-ssl/admin/userSaveSecure.php
@@ -65,8 +65,23 @@ if ( ($Right=="Y") && IsSet($_GET["action"]))
 			echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n";
 		break;
 
+	case "changeGroupName":
+		if (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]<0) )
+		{
+			$SQL = "UPDATE `UserGroups` SET `Name`='". $_POST["GroupName"]. "' WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1 ;";
+			$Erg = db_query($SQL, "Update Group Name");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+		}
+		else
+			echo "<h1>Fehler: UserID (enterUID) wurde nicht per POST übergeben</h1>\n";
+		break;
+
 	case "delete":
-		if (IsSet($_POST["enterUID"]))
+		if (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]>0) )
 		{
 			echo "delate User...";
 			$SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
@@ -95,6 +110,25 @@ if ( ($Right=="Y") && IsSet($_GET["action"]))
 			} else {
 				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
 			}
+		} elseif (IsSet($_POST["enterUID"]) && ($_POST["enterUID"]<0) ) {
+			echo "delate Group...";
+			$SQL="DELETE FROM `UserGroups` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+			$Erg = db_query($SQL, "Group delete");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+			
+			echo "<br>\ndelate UserCVS...";
+			$SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
+			$Erg = db_query($SQL2, "User CVS delete");
+			if ($Erg == 1) {
+				echo "&Auml;nderung wurde gesichert...\n";
+			} else {
+				echo "Fehler beim speichern...\n(". mysql_error($con). ")";
+			}
+			
 		}
 		break;
 	} // end switch
-- 
cgit v1.2.3-54-g00ecf