cacert-webdb/pages/account/54.php

210 lines
7.9 KiB
PHP
Raw Permalink Normal View History

2005-12-04 21:04:05 +00:00
<? /*
2008-04-06 19:45:09 +00:00
LibreSSL - CAcert web application
Copyright (C) 2004-2008 CAcert Inc.
2005-12-04 21:04:05 +00:00
2008-04-06 19:45:09 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
2005-12-04 21:04:05 +00:00
2008-04-06 19:45:09 +00:00
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
2005-12-04 21:04:05 +00:00
2008-04-06 19:45:09 +00:00
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
2005-12-04 21:04:05 +00:00
*/ ?>
2006-04-17 12:02:09 +00:00
<?
2008-09-21 16:12:04 +00:00
$ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
$regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
$locid = array_key_exists('locid',$_REQUEST)?intval($_REQUEST['locid']):0;
$name = array_key_exists('name',$_REQUEST)?mysql_escape_string($_REQUEST['name']):"";
2006-04-17 12:02:09 +00:00
if($ccid > 0 && $_REQUEST['action'] == "add") { ?>
2005-12-04 21:04:05 +00:00
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Add Region")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Region")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
2006-04-17 12:02:09 +00:00
<input type="hidden" name="ccid" value="<?=$ccid?>">
2005-12-04 21:04:05 +00:00
<input type="hidden" name="oldid" value="54">
</form>
2006-04-17 12:02:09 +00:00
<? } if($regid > 0 && $_REQUEST['action'] == "edit") {
$query = "select * from `regions` where `id`='$regid' order by `name`";
2005-12-04 21:04:05 +00:00
$row = mysql_fetch_assoc(mysql_query($query));
2006-04-17 12:02:09 +00:00
$name = $row['name'];
2005-12-04 21:04:05 +00:00
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Edit Region")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Region")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
2006-04-17 12:02:09 +00:00
<input type="hidden" name="regid" value="<?=$regid?>">
2005-12-04 21:04:05 +00:00
<input type="hidden" name="oldid" value="54">
</form>
2006-04-17 12:02:09 +00:00
<? } if($regid > 0 && $_REQUEST['action'] == "add") { ?>
2005-12-04 21:04:05 +00:00
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Add Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Longitude")?>:</td>
2008-09-21 16:12:04 +00:00
<td class="DataTD"><input type="text" name="longitude" value="<?=array_key_exists('longitude',$_REQUEST)?sanitizeHTML($_REQUEST['longitude']):""?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Latitude")?>:</td>
2008-09-21 16:12:04 +00:00
<td class="DataTD"><input type="text" name="latitude" value="<?=array_key_exists('latitude',$_REQUEST)?sanitizeHTML($_REQUEST['latitude']):""?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="add">
2006-04-17 12:02:09 +00:00
<input type="hidden" name="regid" value="<?=$regid?>">
2005-12-04 21:04:05 +00:00
<input type="hidden" name="oldid" value="54">
</form>
2006-04-17 12:02:09 +00:00
<? } if($locid > 0 && $_REQUEST['action'] == "edit") {
2005-12-04 21:04:05 +00:00
$query = "select * from `locations` where `id`='$locid'";
$row = mysql_fetch_assoc(mysql_query($query));
2006-04-17 12:02:09 +00:00
if($name == "")
$name = $row['name'];
2008-09-21 16:12:04 +00:00
if(!array_key_exists('longitude',$_REQUEST) || $_REQUEST['longitude'] == "")
2005-12-04 21:04:05 +00:00
$_REQUEST['longitude'] = $row['long'];
2008-09-21 16:12:04 +00:00
if(!array_key_exists('latitude',$_REQUEST) || $_REQUEST['latitude'] == "")
2005-12-04 21:04:05 +00:00
$_REQUEST['latitude'] = $row['lat'];
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Edit Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
2008-11-23 05:01:21 +00:00
<td class="DataTD"><input type="text" name="name" value="<?=sanitizeHTML($name)?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Longitude")?>:</td>
2007-07-03 19:53:34 +00:00
<td class="DataTD"><input type="text" name="longitude" value="<?=sanitizeHTML($_REQUEST['longitude'])?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD"><?=_("Latitude")?>:</td>
2007-07-03 19:53:34 +00:00
<td class="DataTD"><input type="text" name="latitude" value="<?=sanitizeHTML($_REQUEST['latitude'])?>"></td>
2005-12-04 21:04:05 +00:00
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="edit">
2006-04-17 12:02:09 +00:00
<input type="hidden" name="locid" value="<?=$locid?>">
2005-12-04 21:04:05 +00:00
<input type="hidden" name="oldid" value="54">
</form>
2006-04-17 12:02:09 +00:00
<? } if($locid > 0 && $_REQUEST['action'] == "aliases") {
2008-11-23 05:01:21 +00:00
$query = "select * from `localias` where `locid`='".intval($locid)."'";
2006-02-03 18:45:23 +00:00
$res = mysql_query($query);
$rc = mysql_num_rows($res);
?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Location Aliases")?> - <a href="javascript:Show_Stuff()"><?=_("Add")?></a></td>
</tr>
<tr ID="display1">
<td colspan="2" class="DataTD">
<form method="post" action="account.php" ACCEPTCHARSET="utf-8">
<?=_("Location Alias")?>: <input type="text" name="name"> <input type="submit" value="Add">
<input type="hidden" name="action" value="alias">
2008-11-23 05:01:21 +00:00
<input type="hidden" name="locid" value="<?=intval($locid)?>">
2006-02-03 18:45:23 +00:00
<input type="hidden" name="oldid" value="54">
</form>
</td>
</tr>
<?
while($row = mysql_fetch_assoc($res))
{
?>
<tr>
<td class="DataTD"><?=$row['name']?></td>
2008-09-03 18:36:16 +00:00
<td class="DataTD"><a href="account.php?id=54&amp;locid=<?=$locid?>&amp;name=<?=($row['name'])?>&amp;action=delalias" onclick="return confirm('Are you sure you want to delete this location alias?');"><?=_("Delete")?></td>
2006-02-03 18:45:23 +00:00
</tr>
<? } ?>
</table>
<script language="JavaScript" type="text/javascript">
<!--
function Show_Stuff()
{
if (document.getElementById("display1").style.display == "none")
{
document.getElementById("display1").style.display = "";
} else {
document.getElementById("display1").style.display = "none";
}
}
document.getElementById("display1").style.display = "none";
-->
</script>
2006-04-17 12:02:09 +00:00
<? } if($locid > 0 && $_REQUEST['action'] == "move") {
2005-12-04 21:04:05 +00:00
$query = "select * from `locations` where `id`='$locid'";
$row = mysql_fetch_assoc(mysql_query($query));
2006-08-07 21:29:09 +00:00
$newreg = $_REQUEST['newreg'] = $row['regid'];
2005-12-04 21:04:05 +00:00
?>
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
<tr>
<td colspan="2" class="title"><?=_("Move Location")?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Location")?>:</td>
<td class="DataTD"><?=$row['name']?></td>
</tr>
<tr>
<td class="DataTD"><?=_("Set Region")?>:</td>
<td class="DataTD"><select name="newreg">
<?
2008-09-03 17:43:31 +00:00
$query = "select * from `regions` where `ccid`='".intval($row['ccid'])."' order by `name`";
2005-12-04 21:04:05 +00:00
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
2008-09-03 17:43:31 +00:00
echo "<option value='".intval($row['id'])."'";
2005-12-04 21:04:05 +00:00
if($_REQUEST['newreg'] == $row['id'])
2008-09-03 17:43:31 +00:00
echo " selected='selected'";
2005-12-04 21:04:05 +00:00
echo ">$row[name]</option>\n";
}
?>
</select></td>
</tr>
<tr>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>
<input type="hidden" name="action" value="move">
2006-04-17 12:02:09 +00:00
<input type="hidden" name="locid" value="<?=$locid?>">
2005-12-04 21:04:05 +00:00
<input type="hidden" name="oldid" value="54">
</form>
<? } ?>