function _set_users($action, $userid, $groupid) { switch ($action) { case 'add': if (isset($userid) and isset($groupid)) { $add_query = "INSERT INTO exhibit_UserGroups " . "(UserID,GroupID) " . "VALUES ('" . $userid . "', '" . $groupid . "')"; __query($add_query, "", ""); } else { _page_section("error.png", "Could not add group, invalid data."); } break; case 'delete': if (isset($groupid)) { $delete_query = "DELETE FROM exhibit_UserGroups WHERE UserID=" . $userid . " AND GroupID=" . $groupid; __query($delete_query, "", ""); } else { _page_section("error.png", "Could not delete group, no groupid given"); } break; default: _page_section("error.png", "Whoops. Did not understand what to do"); break; } _display_users(); }
$userid = $_REQUEST['userid']; $subaction = $_REQUEST['subaction']; switch ($subaction) { case ' ADD GROUP ': _page_sechead("exhibit.png", "User Management"); _set_users("add", $userid, $groupid); break; case ' DELETE ': _page_sechead("exhibit.png", "User Management"); _set_users("delete", $userid, $groupid); break; default: _page_sechead("exhibit.png", "User Management"); break; } _display_users(); break; case 'rolls': default: $roll = $_REQUEST['roll']; $library = $_REQUEST['library']; $public = $_REQUEST['public']; $group = $_REQUEST['group']; if (!isset($roll) and !isset($library)) { _page_sechead("exhibit.png", "Roll Management"); _display_permissions(); } elseif (isset($public) and isset($group)) { _page_sechead("exhibit.png", "Roll Management"); _set_permissions($roll, $library, $public, $group); } else { _page_sechead("error.png", "An error occurred updating permissions.");