isAdmin()) { UI::exitError(getMLText("admin_tools"),getMLText("access_denied")); } if (isset($_POST["action"])) $action=$_POST["action"]; else $action=NULL; // Add new category --------------------------------------------------------- if ($action == "addcategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('addcategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } $name = trim($_POST["name"]); if($name == '') { UI::exitError(getMLText("admin_tools"),getMLText("category_noname")); } if (is_object($dms->getDocumentCategoryByName($name))) { UI::exitError(getMLText("admin_tools"),getMLText("category_exists")); } $newCategory = $dms->addDocumentCategory($name); if (!$newCategory) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } $categoryid=$newCategory->getID(); $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_add_category'))); add_log_line(".php&action=addcategory&categoryid=".$categoryid); } // Delete category --------------------------------------------------------- else if ($action == "removecategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('removecategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_document_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getDocumentCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_document_category")); } if (!$category->remove()) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_rm_category'))); add_log_line(".php&action=removecategory&categoryid=".$categoryid); $categoryid=-1; } // Edit category ----------------------------------------------------------- else if ($action == "editcategory") { /* Check if the form data comes from a trusted request */ if(!checkFormKey('editcategory')) { UI::exitError(getMLText("admin_tools"),getMLText("invalid_request_token")); } if (!isset($_POST["categoryid"]) || !is_numeric($_POST["categoryid"]) || intval($_POST["categoryid"])<1) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_document_category")); } $categoryid = $_POST["categoryid"]; $category = $dms->getDocumentCategory($categoryid); if (!is_object($category)) { UI::exitError(getMLText("admin_tools"),getMLText("unknown_document_category")); } $name = $_POST["name"]; if (!$category->setName($name)) { UI::exitError(getMLText("admin_tools"),getMLText("error_occured")); } $session->setSplashMsg(array('type'=>'success', 'msg'=>getMLText('splash_edit_category'))); add_log_line(".php&action=editcategory&categoryid=".$categoryid); } else { UI::exitError(getMLText("admin_tools"),getMLText("unknown_command")); } header("Location:../out/out.Categories.php?categoryid=".$categoryid);