} break; case 'insert': $error = zen_create_profile($_POST); if ($error != '') { $messageStack->add($error, 'error'); $pagesByMenu = zen_get_admin_pages(FALSE); $action = 'add'; } else { $messageStack->add_session(SUCCESS_PROFILE_INSERTED, 'success'); zen_redirect(zen_href_link(FILENAME_PROFILES)); } break; case 'update': zen_remove_profile_permits($profile); zen_insert_pages_into_profile($profile, $_POST['p']); $messageStack->add_session(SUCCESS_PROFILE_UPDATED, 'success'); zen_redirect(zen_href_link(FILENAME_PROFILES)); break; case 'update_name': zen_update_profile_name($profile, $_POST['profile-name']); $messageStack->add_session(SUCCESS_PROFILE_NAME_UPDATED, 'success'); zen_redirect(zen_href_link(FILENAME_PROFILES)); break; case 'rename': default: // if no specific action requested prepare the listing data $profileList = zen_get_profiles(TRUE); break; } ?>
function zen_create_profile($profileData) { global $db; $retVal = ''; if (!isset($profileData['name'])) { $retVal = ERROR_NO_PROFILE_NAME; } else { $name = zen_db_prepare_input($profileData['name']); if (empty($name)) { $retVal = ERROR_INVALID_PROFILE_NAME; } else { $sql = "SELECT profile_id FROM " . TABLE_ADMIN_PROFILES . " WHERE profile_name = :name:"; $sql = $db->bindVars($sql, ':name:', $name, 'string'); $result = $db->Execute($sql); if ($result->RecordCount() > 0) { $retVal = ERROR_DUPLICATE_PROFILE_NAME; } else { if (!isset($profileData['p']) || !is_array($profileData['p']) || sizeof($profileData['p']) == 0) { $retVal = ERROR_NO_PAGES_IN_PROFILE; } else { $sql = "INSERT INTO " . TABLE_ADMIN_PROFILES . "\n SET profile_name = :name:"; $sql = $db->bindVars($sql, ':name:', $name, 'string'); $db->Execute($sql); $profileId = $db->Insert_ID(); if (is_numeric($profileId)) { // suceeded in creating the profile so result returned was the profile ID zen_insert_pages_into_profile($profileId, $profileData['p']); zen_record_admin_activity('Created new admin Profile "' . (int) $profileId . '"', 'warning'); } else { // failed to create the profile return error message $retVal = ERROR_UNABLE_TO_CREATE_PROFILE; } } } } } return $retVal; }