Ejemplo n.º 1
0
            $output .= file_get_contents("templates/add-remove-users.html");
        }
        $output .= "<form name='leave-group' method='post' action=''><label>Set new group admin:</label><input type='text' name='newowner'><input type='submit' value='Leave Group' name='setowner'></form>";
    } else {
        if (getGroupMember($username, $group)) {
            //Everyone else then sees...
            $output .= "<form name='leave-group' method='post' action=''><input type='submit' text='Leave Group'></form>";
        }
    }
    //Group is private?
    if (checkGroupPrivate($group) && $_SESSION['admin'] == false) {
        header("Location: {$host}/403");
        //No permission to view this
    } else {
        //Getting, prettifying and printing entries WITHOUT edit functionality. User currently must do that via landing page.
        $output .= encaseResults(getEntries($group, true));
    }
} else {
    //TODO - List all of the groups the user is a member of.
    if ($_SESSION['admin']) {
        //spit("Admin List");
        //Get ALL groups
        $sql = "SELECT DISTINCT owner, groupid FROM Groups INNER JOIN GroupMembers";
    } else {
        //spit("Normal List");
        //Searched based on usename
        $sql = "SELECT DISTINCT * FROM GroupMembers INNER JOIN Groups WHERE userid='{$username}' AND groupid=name";
        //Select everything from groups where userid in GroupMember is paired with that groupid.
    }
    $result = mysqli_query($conn, $sql);
    if ($result === FALSE) {
Ejemplo n.º 2
0
    //To update the group, we want to delete anything with this id from the relationship table
    //then IF it's not being posted to the user, insert a new relationship into the table.
    //Thus, delete relationships first
    $sql = "DELETE FROM groupposts WHERE postid='{$id}'";
    $query = mysqli_query($conn, $sql);
    echo mysqli_error($conn);
    if ($group != $username) {
        //Then add to the relationship table
        $sql = "INSERT INTO groupposts (postid, groupid) VALUES ('{$id}', '{$group}')";
        $query = mysqli_query($conn, $sql);
        echo mysqli_error($conn);
    }
}
//User deleted link
if (isset($_POST['delete'])) {
    $id = $_POST['id'];
    $title = mysqli_real_escape_string($conn, $_POST['title']);
    $url = mysqli_real_escape_string($conn, $_POST['url']);
    $group = $_POST['postTo'];
    //delete post with corresponding id
    $sql = "DELETE FROM posts WHERE postid='{$id}'";
    $query = mysqli_query($conn, $sql);
    echo mysqli_error($conn);
    //Then skim through the group/post relationship table to delete any references to that id
    $sql = "DELETE FROM groupposts WHERE postid='{$id}'";
    $query = mysqli_query($conn, $sql);
    echo mysqli_error($conn);
}
//Printing entries, WITH edit buttons on landing page.
$output .= encaseResults(getEntries($username, true), true);