isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (isset($_POST["action"])) $action=$_POST["action"]; else $action=NULL; // Create new keyword category ------------------------------------------ if ($action == "addcategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('addcategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } $name = $_POST["name"]; if (!$name) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } if (is_object($dms->getKeywordCategoryByName($name, $user->getID()))) { UI::exitError(getMLText("admin_tools"),getMLText("keyword_exists")); } $newCategory = $dms->addKeywordCategory($user->getID(), $name); if (!$newCategory) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } $categoryid=$newCategory->getID(); } // Delete keyword categorie --------------------------------------------- else if ($action == "removecategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('removecategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getKeywordCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $owner = $category->getOwner(); if (!$owner->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!$category->remove()) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } $categoryid=-1; } // Modify keyword categorie: new name ----------------------------------- else if ($action == "editcategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('editcategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getKeywordCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $owner = $category->getOwner(); if (!$owner->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } $name = $_POST["name"]; if (!$category->setName($name)) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } } // Modify keyword categorie: new list of keywords ----------------------- else if ($action == "newkeywords") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('newkeywords')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } $categoryid = (int) $_POST["categoryid"]; $category = $dms->getKeywordCategory($categoryid); $owner = $category->getOwner(); if (!$owner->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } $keywords = $_POST["keywords"]; if(trim($keywords)) { if (!$category->addKeywordList($keywords)) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } } } // Modify keyword categorie: modify list of keywords ------------------- else if ($action == "editkeywords") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('editkeywords')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getKeywordCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $owner = $category->getOwner(); if (!$owner->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!isset($_POST["keywordsid"]) || !is_numeric($_POST["keywordsid"]) || intval($_POST["keywordsid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); } $keywordsid = $_POST["keywordsid"]; $keywords = $_POST["keywords"]; if (!$category->editKeywordList($keywordsid, $keywords)) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } } // Modify keyword categorie: delete list of keywords -------------------- else if ($action == "removekeywords") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('removekeywords')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getKeywordCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_keyword_category")); } $owner = $category->getOwner(); if (!$owner->isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (!isset($_POST["keywordsid"]) || !is_numeric($_POST["keywordsid"]) || intval($_POST["keywordsid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_id")); } $keywordsid = $_POST["keywordsid"]; if (!$category->removeKeywordList($keywordsid)) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } } else { UI::exitError(getMLText("admin_tools"),getMLText("unknown_command")); } header("Location:../out/out.DefaultKeywords.php?categoryid=".$categoryid); ?>