switch ($subaction) {
case ' ADD GROUP ':
_page_sechead("exhibit.png", "Group Management");
_set_groups("add", $name, $description, 0);
break;
case ' DELETE ':
_page_sechead("exhibit.png", "Group Management");
_set_groups("delete", $name, $description, $groupid);
break;
case ' UPDATE ':
_page_sechead("exhibit.png", "Group Management");
_set_groups("update", $name, $description, $groupid);
break;
default:
_page_sechead("exhibit.png", "Group Management");
_display_groups();
break;
}
break;
case 'users':
$groupid = $_REQUEST['groupid'];
$userid = $_REQUEST['userid'];
$subaction = $_REQUEST['subaction'];
switch ($subaction) {
case ' ADD GROUP ':
_page_sechead("exhibit.png", "User Management");
_set_users("add", $userid, $groupid);
break;
case ' DELETE ':
_page_sechead("exhibit.png", "User Management");
_set_users("delete", $userid, $groupid);
function _set_groups($action, $name, $description, $groupid)
{
switch ($action) {
case 'add':
if (isset($name) and isset($description)) {
$add_query = "INSERT INTO exhibit_Groups (GroupName,GroupDescription) " . "VALUES ('" . $name . "', '" . $description . "')";
__query($add_query, "", "");
} else {
_page_section("error.png", "Could not add group, invalid data.");
}
break;
case 'delete':
if (isset($groupid)) {
$delete_query = "DELETE FROM exhibit_Groups WHERE ID=" . $groupid . " LIMIT 1";
__query($delete_query, "", "");
$delete_others = "UPDATE exhibit_Permissions SET GroupID='0' WHERE " . "GroupID='" . $groupid . "'";
} else {
_page_section("error.png", "Could not delete group, no groupid given");
}
break;
case 'update':
if (isset($groupid) and isset($name) and isset($description)) {
$update_query = "UPDATE exhibit_Groups SET GroupName='" . $name . "'," . "GroupDescription='" . $description . "' WHERE ID='" . $groupid . "'";
__query($update_query, "", "");
} else {
_page_section("error.png", "Could not update group, invalid data");
}
break;
default:
_page_section("error.png", "Whoops. Did not understand what to do");
break;
}
_display_groups();
}
