* @license http://www.contenido.org/license/LIZENZ.txt * @link http://www.4fb.de * @link http://www.contenido.org * @since file available since contenido release <= 4.6 * * {@internal * created 2003-05-30 * modified 2008-06-27, Frederic Schneider, add security fix * modified 2009-11-06, Murat Purc, replaced deprecated functions (PHP 5.3 ready) * modified 2011-02-07, Murat Purc, Cleanup, optimization and formatting * * $Id$: * }} * */ if(!defined('CON_FRAMEWORK')) { die('Illegal call'); } cInclude('includes', 'functions.rights.php'); if (!$perm->have_perm_area_action($area, $action)) { // access denied $notification->displayNotification('error', i18n('Permission denied')); return; } // create group instance $oGroup = new Group(); $bError = false; $sNotification = ''; $aPerms = array(); if ($action == 'group_create') { $aPerms = buildUserOrGroupPermsFromRequest(); if ($groupname == '') { $groupname = 'grp_' . i18n("New Group"); } if (substr($groupname, 0, 4) != 'grp_') { $groupname = 'grp_' . $groupname; } $newgroupid = md5($groupname); $oGroup->setField('groupname', Contenido_Security::escapeDB($groupname, $db)); $oGroup->setField('perms', Contenido_Security::escapeDB(implode(',', $aPerms), $db)); $oGroup->setField('description', Contenido_Security::escapeDB($description, $db)); $oGroup->setField('group_id', Contenido_Security::escapeDB($newgroupid, $db)); if ($oGroup->insert()) { // clean "old" values... $sNotification = $notification->returnNotification("info", i18n("group created")); $groupname = ''; $aPerms = array(); $description = ''; } else { $sNotification = $notification->returnNotification("info", i18n("Group couldn't created")); $bError = true; } } $tpl->reset(); $tpl->set('s','NOTIFICATION', $sNotification); $form = '