-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathGroupPropsFormRowOps.php
75 lines (63 loc) · 3.26 KB
/
GroupPropsFormRowOps.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
require_once 'Include/Config.php';
require_once 'Include/Functions.php';
use ChurchCRM\Authentication\AuthenticationManager;
use ChurchCRM\model\ChurchCRM\GroupQuery;
use ChurchCRM\Utils\InputUtils;
use ChurchCRM\Utils\RedirectUtils;
// Security: user must be allowed to edit records to use this page.
AuthenticationManager::redirectHomeIfFalse(AuthenticationManager::getCurrentUser()->isManageGroupsEnabled());
// Get the Group, Property, and Action from the querystring
$iGroupID = InputUtils::legacyFilterInput($_GET['GroupID'], 'int');
$iPropID = InputUtils::legacyFilterInput($_GET['PropID'], 'int');
$sField = InputUtils::legacyFilterInput($_GET['Field']);
$sAction = InputUtils::legacyFilterInput($_GET['Action']);
// Get the group information
$group = GroupQuery::create()->findOneById($iGroupID);
// Abort if user tries to load with group having no special properties.
if (!$group->hasSpecialProps()) {
RedirectUtils::redirect('GroupView.php?GroupID=' . $iGroupID);
}
switch ($sAction) {
case 'up':
$sSQL = "UPDATE groupprop_master SET prop_ID = '" . $iPropID . "' WHERE grp_ID = '" . $iGroupID . "' AND prop_ID = '" . ($iPropID - 1) . "'";
RunQuery($sSQL);
$sSQL = "UPDATE groupprop_master SET prop_ID = '" . ($iPropID - 1) . "' WHERE grp_ID = '" . $iGroupID . "' AND prop_Field = '" . $sField . "'";
RunQuery($sSQL);
break;
case 'down':
$sSQL = "UPDATE groupprop_master SET prop_ID = '" . $iPropID . "' WHERE grp_ID = '" . $iGroupID . "' AND prop_ID = '" . ($iPropID + 1) . "'";
RunQuery($sSQL);
$sSQL = "UPDATE groupprop_master SET prop_ID = '" . ($iPropID + 1) . "' WHERE grp_ID = '" . $iGroupID . "' AND prop_Field = '" . $sField . "'";
RunQuery($sSQL);
break;
case 'delete':
// Check if this field is a custom list type. If so, the list needs to be deleted from list_lst.
$sSQL = "SELECT type_ID,prop_Special FROM groupprop_master WHERE grp_ID = '" . $iGroupID . "' AND prop_Field = '" . $sField . "'";
$rsTemp = RunQuery($sSQL);
$aTemp = mysqli_fetch_array($rsTemp);
if ($aTemp[0] == 12) {
$sSQL = "DELETE FROM list_lst WHERE lst_ID = $aTemp[1]";
RunQuery($sSQL);
}
$sSQL = 'ALTER TABLE `groupprop_' . $iGroupID . '` DROP `' . $sField . '` ;';
RunQuery($sSQL);
$sSQL = "DELETE FROM groupprop_master WHERE grp_ID = '" . $iGroupID . "' AND prop_ID = '" . $iPropID . "'";
RunQuery($sSQL);
$sSQL = 'SELECT * FROM groupprop_master WHERE grp_ID = ' . $iGroupID;
$rsPropList = RunQuery($sSQL);
$numRows = mysqli_num_rows($rsPropList);
// Shift the remaining rows up by one, unless we've just deleted the only row
if ($numRows != 0) {
for ($reorderRow = $iPropID + 1; $reorderRow <= $numRows + 1; $reorderRow++) {
$sSQL = "UPDATE groupprop_master SET prop_ID = '" . ($reorderRow - 1) . "' WHERE grp_ID = '" . $iGroupID . "' AND prop_ID = '" . $reorderRow . "'";
RunQuery($sSQL);
}
}
break;
default:
RedirectUtils::redirect('GroupView.php?GroupID=' . $iGroupID);
break;
}
// Reload the Form Editor page
RedirectUtils::redirect('GroupPropsFormEditor.php?GroupID=' . $iGroupID);