Group Manager: Member and Permission list view and button updates, bulk delete group members via class, misc other updates.

core/groups/group_permissions.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2016
+	Portions created by the Initial Developer are Copyright (C) 2008-2020
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -28,6 +28,7 @@
 	require_once "root.php";
 	require_once "resources/require.php";
 	require_once "resources/check_auth.php";
+	require_once "resources/paging.php";
 
 //check permisions
 	if (permission_exists('group_permissions') || if_group("superadmin")) {
@@ -42,36 +43,31 @@
 	$language = new text;
 	$text = $language->get();
 
-//include the header
-	$document['title'] = $text['title-group_permissions'];
-	require_once "resources/header.php";
-
-//include paging
-	require_once "resources/paging.php";
-
 //get the list of installed apps from the core and mod directories
-	$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
-	$x=0;
+	$config_list = glob($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/*/*/app_config.php");
+	$x = 0;
 	foreach ($config_list as &$config_path) {
 		include($config_path);
 		$x++;
 	}
 
+//get the group uuid passed
+	$group_uuid = $_REQUEST['group_uuid'];
+
 //if there are no permissions listed in v_group_permissions then set the default permissions
 	$sql = "select count(*) from v_group_permissions ";
 	$database = new database;
 	$group_permission_count = $database->select($sql, null, 'column');
-	unset($sql);
-
 	if ($group_permission_count == 0) {
 		//no permissions found add the defaults
-		foreach($apps as $app) {
+		foreach ($apps as $app) {
 			foreach ($app['permissions'] as $row) {
-				foreach ($row['groups'] as $index => $group) {
+				foreach ($row['groups'] as $index => $group_name) {
 					//add the record
 					$array['group_permissions'][$index]['group_permission_uuid'] = uuid();
 					$array['group_permissions'][$index]['permission_name'] = $row['name'];
-					$array['group_permissions'][$index]['group_name'] = $group;
+					$array['group_permissions'][$index]['group_name'] = $group_name;
+					$array['group_permissions'][$index]['group_uuid'] = $group_uuid;
 				}
 				if (is_array($array) && sizeof($array) != 0) {
 					$database = new database;
@@ -83,9 +79,9 @@
 			}
 		}
 	}
+	unset($sql, $group_name);
 
-//get the group uuid, lookup domain uuid (if any) and name
-	$group_uuid = $_REQUEST['group_uuid'];
+//lookup domain uuid (if any) and name
 	$sql = "select domain_uuid, group_name from v_groups ";
 	$sql .= "where group_uuid = :group_uuid ";
 	$parameters['group_uuid'] = $group_uuid;
@@ -97,6 +93,13 @@
 	}
 	unset($sql, $parameters, $row);
 
+//add the search string
+	$search = strtolower($_GET["search"]);
+	if (strlen($search) > 0) {
+		$sql_search .= " and lower(permission_name) like :search ";
+		$parameters['search'] = '%'.$search.'%';
+	}
+
 //get the permissions assigned to this group
 	$sql = "select * from v_group_permissions ";
 	$sql .= "where group_name = :group_name ";
@@ -107,6 +110,7 @@
 	else {
 		$sql .= "and domain_uuid is null ";
 	}
+	$sql .= $sql_search;
 	$parameters['group_name'] = $group_name;
 	$database = new database;
 	$result = $database->select($sql, $parameters, 'all');
@@ -117,13 +121,8 @@
 	}
 	unset($sql, $parameters, $result, $row);
 
-//show the db checklist
-	//echo "<pre>";
-	//print_r($permissions_db);
-	//echo "</pre>";
-
 //list all the permissions in the database
-	foreach($apps as $app) {
+	foreach ($apps as $app) {
 		if (isset($app['permissions'])) foreach ($app['permissions'] as $row) {
 			if ($permissions_db[$row['name']] == "true") {
 				$permissions_db_checklist[$row['name']] = "true";
@@ -134,187 +133,188 @@
 		}
 	}
 
-//show the db checklist
-	//echo "<pre>";
-	//print_r($permissions_db_checklist);
-	//echo "</pre>";
-
 //process the http post
 	if (count($_POST)>0) {
 
-		foreach($_POST['permissions_form'] as $permission) {
+		foreach ($_POST['permissions_form'] as $permission) {
 			$permissions_form[$permission] = "true";
 		}
 
 		//list all the permissions
-			foreach($apps as $app) {
-				foreach ($app['permissions'] as $row) {
-					if ($permissions_form[$row['name']] == "true") {
-						$permissions_form_checklist[$row['name']] = "true";
-					}
-					else {
-						$permissions_form_checklist[$row['name']] = "false";
+			foreach ($apps as $app) {
+				if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
+					foreach ($app['permissions'] as $row) {
+						if ($permissions_form[$row['name']] == "true") {
+							$permissions_form_checklist[$row['name']] = "true";
+						}
+						else {
+							$permissions_form_checklist[$row['name']] = "false";
+						}
 					}
 				}
 			}
-		//show the form db checklist
-			//echo "<pre>";
-			//print_r($permissions_form_checklist);
-			//echo "</pre>";
 
 		//list all the permissions
-			foreach($apps as $app) {
-				foreach ($app['permissions'] as $row) {
-					$permission = $row['name'];
-					if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") {
-						//matched do nothing
-					}
-					if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") {
-						//matched do nothing
-					}
-					if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
-						//delete the record
-							$array['group_permissions'][0]['group_name'] = $group_name;
-							$array['group_permissions'][0]['permission_name'] = $permission;
-							$database = new database;
-							$database->app_name = 'groups';
-							$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-							$database->delete($array);
-							unset($array);
-
-						foreach($apps as $app) {
-							foreach ($app['permissions'] as $row) {
-								if ($row['name'] == $permission) {
-
-									$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
-									$array['menu_item_groups'][0]['group_name'] = $group_name;
-									$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
-
-									$p = new permissions;
-									$p->add('menu_item_group_delete', 'temp');
-
-									$database = new database;
-									$database->app_name = 'groups';
-									$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-									$database->delete($array);
-									unset($array);
-
-									$p->delete('menu_item_group_delete', 'temp');
-
-									$sql = "select menu_item_parent_uuid from v_menu_items ";
-									$sql .= "where menu_item_uuid = :menu_item_uuid ";
-									$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
-									$parameters['menu_item_uuid'] = $row['menu']['uuid'];
-									$database = new database;
-									$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
-									unset($sql, $parameters);
-
-									$sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g  ";
-									$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
-									$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
-									$sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
-									$sql .= "and g.group_name = :group_name ";
-									$parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid;
-									$parameters['group_name'] = $group_name;
-									$database = new database;
-									$result_count = $database->select($sql, $parameters, 'column');
-
-									if ($result_count == 0) {
-										$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
-										$array['menu_item_groups'][0]['group_name'] = $group_name;
-										$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
-
-										$p = new permissions;
-										$p->add('menu_item_group_delete', 'temp');
-
-										$database = new database;
-										$database->app_name = 'groups';
-										$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-										$database->delete($array);
-										unset($array);
-
-										$p->delete('menu_item_group_delete', 'temp');
+			foreach ($apps as $app) {
+				if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
+					foreach ($app['permissions'] as $row) {
+						$permission = $row['name'];
+						if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "true") {
+							//matched do nothing
+						}
+						if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "false") {
+							//matched do nothing
+						}
+						if ($permissions_db_checklist[$permission] == "true" && $permissions_form_checklist[$permission] == "false") {
+							//delete the record
+								$array['group_permissions'][0]['group_name'] = $group_name;
+								$array['group_permissions'][0]['permission_name'] = $permission;
+								$array['group_permissions'][0]['group_uuid'] = $group_uuid;
+								$database = new database;
+								$database->app_name = 'groups';
+								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+								$database->delete($array);
+								unset($array);
+
+							foreach ($apps as $app) {
+								if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
+									foreach ($app['permissions'] as $row) {
+										if ($row['name'] == $permission) {
+
+											$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
+											$array['menu_item_groups'][0]['group_name'] = $group_name;
+											$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
+
+											$p = new permissions;
+											$p->add('menu_item_group_delete', 'temp');
+
+											$database = new database;
+											$database->app_name = 'groups';
+											$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+											$database->delete($array);
+											unset($array);
+
+											$p->delete('menu_item_group_delete', 'temp');
+
+											$sql = "select menu_item_parent_uuid from v_menu_items ";
+											$sql .= "where menu_item_uuid = :menu_item_uuid ";
+											$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
+											$parameters['menu_item_uuid'] = $row['menu']['uuid'];
+											$database = new database;
+											$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
+											unset($sql, $parameters);
+
+											$sql = "select count(*) from v_menu_items as i, v_menu_item_groups as g  ";
+											$sql .= "where i.menu_item_uuid = g.menu_item_uuid ";
+											$sql .= "and i.menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
+											$sql .= "and i.menu_item_parent_uuid = :menu_item_parent_uuid ";
+											$sql .= "and g.group_name = :group_name ";
+											$parameters['menu_item_parent_uuid'] = $menu_item_parent_uuid;
+											$parameters['group_name'] = $group_name;
+											$database = new database;
+											$result_count = $database->select($sql, $parameters, 'column');
+
+											if ($result_count == 0) {
+												$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
+												$array['menu_item_groups'][0]['group_name'] = $group_name;
+												$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
+
+												$p = new permissions;
+												$p->add('menu_item_group_delete', 'temp');
+
+												$database = new database;
+												$database->app_name = 'groups';
+												$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+												$database->delete($array);
+												unset($array);
+
+												$p->delete('menu_item_group_delete', 'temp');
+											}
+											unset($sql, $parameters, $result_count);
+										}
 									}
-									unset($sql, $parameters, $result_count);
 								}
 							}
+							//set the permission to false in the permissions_db_checklist
+								$permissions_db_checklist[$permission] = "false";
 						}
-						//set the permission to false in the permissions_db_checklist
-							$permissions_db_checklist[$permission] = "false";
-					}
-					if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
-						//add the record
-							$array['group_permissions'][0]['group_permission_uuid'] = uuid();
-							if (is_uuid($domain_uuid)) {
-								$array['group_permissions'][0]['domain_uuid'] = $domain_uuid;
-							}
-							$array['group_permissions'][0]['permission_name'] = $permission;
-							$array['group_permissions'][0]['group_name'] = $group_name;
-							$database = new database;
-							$database->app_name = 'groups';
-							$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-							$database->save($array);
-							unset($array);
-
-						foreach($apps as $app) {
-							foreach ($app['permissions'] as $row) {
-								if ($row['name'] == $permission) {
-
-									$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
-									$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
-									$array['menu_item_groups'][0]['group_name'] = $group_name;
-
-									$p = new permissions;
-									$p->add('menu_item_group_add', 'temp');
-
-									$database = new database;
-									$database->app_name = 'groups';
-									$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-									$database->save($array);
-									unset($array);
-
-									$p->delete('menu_item_group_add', 'temp');
-
-									$sql = "select menu_item_parent_uuid from v_menu_items ";
-									$sql .= "where menu_item_uuid = :menu_item_uuid ";
-									$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
-									$parameters['menu_item_uuid'] = $row['menu']['uuid'];
-									$database = new database;
-									$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
-									unset($sql, $parameters);
-
-									$sql = "select count(*) from v_menu_item_groups ";
-									$sql .= "where menu_item_uuid = :menu_item_uuid ";
-									$sql .= "and group_name = :group_name ";
-									$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
-									$parameters['menu_item_uuid'] = $menu_item_parent_uuid;
-									$parameters['group_name'] = $group_name;
-									$database = new database;
-									$result_count = $database->select($sql, $parameters, 'column');
-
-									if ($result_count == 0) {
-										$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
-										$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
-										$array['menu_item_groups'][0]['group_name'] = $group_name;
-
-										$p = new permissions;
-										$p->add('menu_item_group_add', 'temp');
-
-										$database = new database;
-										$database->app_name = 'groups';
-										$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-										$database->save($array);
-										unset($array);
-
-										$p->delete('menu_item_group_add', 'temp');
+						if ($permissions_db_checklist[$permission] == "false" && $permissions_form_checklist[$permission] == "true") {
+							//add the record
+								$array['group_permissions'][0]['group_permission_uuid'] = uuid();
+								if (is_uuid($domain_uuid)) {
+									$array['group_permissions'][0]['domain_uuid'] = $domain_uuid;
+								}
+								$array['group_permissions'][0]['permission_name'] = $permission;
+								$array['group_permissions'][0]['group_name'] = $group_name;
+								$array['group_permissions'][0]['group_uuid'] = $group_uuid;
+								$database = new database;
+								$database->app_name = 'groups';
+								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+								$database->save($array);
+								unset($array);
+
+							foreach ($apps as $app) {
+								if (is_array($app['permissions']) && @sizeof($app['permissions']) != 0) {
+									foreach ($app['permissions'] as $row) {
+										if ($row['name'] == $permission) {
+
+											$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
+											$array['menu_item_groups'][0]['menu_item_uuid'] = $row['menu']['uuid'];
+											$array['menu_item_groups'][0]['group_name'] = $group_name;
+
+											$p = new permissions;
+											$p->add('menu_item_group_add', 'temp');
+
+											$database = new database;
+											$database->app_name = 'groups';
+											$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+											$database->save($array);
+											unset($array);
+
+											$p->delete('menu_item_group_add', 'temp');
+
+											$sql = "select menu_item_parent_uuid from v_menu_items ";
+											$sql .= "where menu_item_uuid = :menu_item_uuid ";
+											$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
+											$parameters['menu_item_uuid'] = $row['menu']['uuid'];
+											$database = new database;
+											$menu_item_parent_uuid = $database->select($sql, $parameters, 'column');
+											unset($sql, $parameters);
+
+											$sql = "select count(*) from v_menu_item_groups ";
+											$sql .= "where menu_item_uuid = :menu_item_uuid ";
+											$sql .= "and group_name = :group_name ";
+											$sql .= "and menu_uuid = 'b4750c3f-2a86-b00d-b7d0-345c14eca286' ";
+											$parameters['menu_item_uuid'] = $menu_item_parent_uuid;
+											$parameters['group_name'] = $group_name;
+											$database = new database;
+											$result_count = $database->select($sql, $parameters, 'column');
+
+											if ($result_count == 0) {
+												$array['menu_item_groups'][0]['menu_uuid'] = 'b4750c3f-2a86-b00d-b7d0-345c14eca286';
+												$array['menu_item_groups'][0]['menu_item_uuid'] = $menu_item_parent_uuid;
+												$array['menu_item_groups'][0]['group_name'] = $group_name;
+
+												$p = new permissions;
+												$p->add('menu_item_group_add', 'temp');
+
+												$database = new database;
+												$database->app_name = 'groups';
+												$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+												$database->save($array);
+												unset($array);
+
+												$p->delete('menu_item_group_add', 'temp');
+											}
+
+											unset($sql, $parameters, $result_count);
+										}
 									}
-
-									unset($sql, $parameters, $result_count);
 								}
 							}
+							//set the permission to true in the permissions_db_checklist
+								$permissions_db_checklist[$permission] = "true";
 						}
-						//set the permission to true in the permissions_db_checklist
-							$permissions_db_checklist[$permission] = "true";
 					}
 				}
 			}
@@ -324,171 +324,100 @@
 		return;
 	}
 
-//copy group javascript
-	echo "<script language='javascript' type='text/javascript'>\n";
-	echo "	function copy_group() {\n";
-	echo "		var new_group_name;\n";
-	echo "		var new_group_desc;\n";
-	echo "		new_group_name = prompt('".$text['message-new_group_name']."');\n";
-	echo "		if (new_group_name != null) {\n";
-	echo "			new_group_desc = prompt('".$text['message-new_group_description']."');\n";
-	echo "			if (new_group_desc != null) {\n";
-	echo "				window.location = 'permissions_copy.php?id=".escape($group_uuid)."&new_group_name=' + new_group_name + '&new_group_desc=' + new_group_desc;\n";
-	echo "			}\n";
-	echo "		}\n";
-	echo "	}\n";
-	echo "\n";
-	echo "	$( document ).ready(function() {\n";
-	echo "		$('#group_permission_search').trigger('focus');\n";
-	echo "	});\n";
-	echo "</script>\n";
-
-//prevent enter key submit on search field
-	echo "<script language='javascript' type='text/javascript'>\n";
-	echo "	$(document).ready(function() {\n";
-	echo "		$('#group_permission_search').keydown(function(event){\n";
-	echo "			if (event.keyCode == 13) {\n";
-	echo "				event.preventDefault();\n";
-	echo "				return false;\n";
-	echo "			}\n";
-	echo "		});\n";
-	echo "	});\n";
-	echo "</script>\n";
+//include the header
+	$document['title'] = $text['title-group_permissions'];
+	require_once "resources/header.php";
 
 //show the content
-	echo "<form method='post' name='frm' action=''>\n";
-	echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>\n";
-	echo "<table cellpadding='0' cellspacing='0' width='100%' border='0'>\n";
-	echo "	<tr>\n";
-	echo "		<td width='50%' align=\"left\" nowrap=\"nowrap\" valign='top'>";
-	echo "			<b>".$text['header-group_permissions'].escape($group_name)."</b>";
-	echo "			<br><br>";
-	echo "		</td>\n";
-	echo "		<td width='50%' align=\"right\" valign='top'>\n";
-	echo "			<input type='button' class='btn' alt='".$text['button-back']."' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'> ";
-	echo "			<input type='text' id='group_permission_search' class='formfld' style='min-width: 150px; width:150px; max-width: 150px;' placeholder=\"".$text['label-search']."\" onkeyup='permission_search();'>\n";
-	echo "			<input type='button' class='btn' alt='".$text['button-copy']."' onclick='copy_group();' value='".$text['button-copy']."'>";
-	echo "			<input type='submit' class='btn' name='submit' value='".$text['button-save']."'>\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "	<tr>\n";
-	echo "		<td align=\"left\" colspan='2'>\n";
-	echo "			".$text['description-group_permissions']."\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "</table>\n";
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['header-group_permissions'].'<i>'.escape($group_name)."</i></b></div>\n";
+	echo "	<div class='actions'>\n";
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-sm-dn','link'=>'groups.php']);
+	echo 		"<form id='form_search' class='inline' method='get'>\n";
+	echo 		"<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
+	echo 		"<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
+	echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','collapse'=>'hide-sm-dn','style'=>($search != '' ? 'display: none;' : null)]);
+	echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','collapse'=>'hide-sm-dn','link'=>'group_permissions.php?group_uuid='.urlencode($group_uuid),'style'=>($search == '' ? 'display: none;' : null)]);
+	echo button::create(['type'=>'button','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'collapse'=>'hide-sm-dn','style'=>'margin-left: 15px;','onclick'=>"document.getElementById('frm').submit();"]);
+	echo "		</form>\n";
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo $text['description-group_permissions']."\n";
 	echo "<br /><br />\n";
 
-	$c = 0;
-	$row_style["0"] = "row_style0";
-	$row_style["1"] = "row_style1";
+	echo "<form method='post' name='frm' id='frm'>\n";
+
+	foreach ($apps as $app_index => $app) {
 
-	//list all the permissions
-		foreach($apps as $app_index => $app) {
-			//hide apps for which there are no permissions
+		//skip apps for which there are no permissions
 			if (!is_array($app['permissions']) || sizeof($app['permissions']) == 0) { continue; }
 
-			$app_name = $app['name'];
-			$description = $app['description']['en-us'];
+		//skip apps for which search doesn't match at least one permission
+			if ($search) {
+				$permission_matched = false;
+				foreach ($app['permissions'] as $row) {
+					if (substr_count(strtolower($row['name']), strtolower($search)) > 0) {
+						$permission_matched = true;
+						break;
+					}
+				}
+				if (!$permission_matched) { continue; }
+			}
+
+		$app_name = $app['name'];
+		$description = $app['description']['en-us'];
 
-			//used to hide apps, even if permissions don't exist
+		//used to hide apps, even if permissions don't exist
 			$array_apps_unique[] = str_replace(' ','_',strtolower($app['name']));
 
-			echo "<div id='app_".str_replace(' ','_',strtolower($app['name']))."'>";
-			echo "<b>".$app_name."</b><br />\n";
-			if ($description != '') { echo $description."<br />\n"; }
-			echo "<br>";
-
-			echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
-			echo "	<tr>\n";
-			echo "		<th style='text-align: center; padding: 0 7px;'><input type='checkbox' id='check_toggle_".$app_index."' onclick=\"check_toggle('".$app_index."', this.checked);\"></th>\n";
-			echo "		<th width='30%'>".$text['label-permission_permissions']."</th>\n";
-			echo "		<th width='70%'>".$text['label-permission_description']."</th>\n";
-			echo "	<tr>\n";
-
-			foreach ($app['permissions'] as $permission_index => $row) {
-				$checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null;
-				echo "<tr id='permission_".$row['name']."'>\n";
-				echo "	<td valign='top' class='".$row_style[$c]."' style='text-align: center; padding: 3px 0px 0px 0px;'><input type='checkbox' name='permissions_form[]' id='perm_".$app_index."_".$permission_index."' ".$checked." value='".escape($row['name'])."'></td>\n";
-				echo "	<td valign='top' nowrap='nowrap' class='".$row_style[$c]."' onclick=\"(document.getElementById('perm_".$app_index."_".$permission_index."').checked) ? document.getElementById('perm_".$app_index."_".$permission_index."').checked = false : document.getElementById('perm_".$app_index."_".$permission_index."').checked = true;\">".escape($row['name'])."</td>\n";
-				echo "	<td valign='top' class='row_stylebg' onclick=\"(document.getElementById('perm_".$app_index."_".$permission_index."').checked) ? document.getElementById('perm_".$app_index."_".$permission_index."').checked = false : document.getElementById('perm_".$app_index."_".$permission_index."').checked = true;\">".escape($row['description'])."&nbsp;</td>\n";
-				echo "</tr>\n";
-				$c = ($c == 0) ? 1 : 0;
-
-				//populate search/filter arrays
+		echo "<b>".$app_name."</b><br />\n";
+		if ($description != '') { echo $description."<br />\n"; }
+		echo "<br>";
+
+		echo "<table class='list'>\n";
+		echo "	<tr class='list-header'>\n";
+		echo "		<th class='checkbox'>\n";
+		echo "			<input type='checkbox' id='checkbox_all_".$app_index."' name='checkbox_all' onclick=\"list_all_toggle('".$app_index."');\">\n";
+		echo "		</th>\n";
+		echo "		<th class='pct-60'>".$text['label-permission_permissions']."</th>\n";
+		echo "		<th class='pct-40 hide-xs'>".$text['label-permission_description']."&nbsp;</th>\n";
+		echo "	<tr>\n";
+
+		foreach ($app['permissions'] as $permission_index => $row) {
+			//skip permission if doesn't match search
+				if ($search && substr_count(strtolower($row['name']), strtolower($search)) == 0) { continue; }
+
+			$checked = ($permissions_db_checklist[$row['name']] == "true") ? "checked='checked'" : null;
+			echo "<tr class='list-row'>\n";
+			echo "	<td class='checkbox'>\n";
+			echo "		<input type='checkbox' name='permissions_form[]' id='perm_".$app_index."_".$permission_index."' class='checkbox_".$app_index."' ".$checked." value='".escape($row['name'])."' onclick=\"if (!this.checked) { document.getElementById('checkbox_all_".$app_index."').checked = false; }\">\n";
+			echo "	</td>\n";
+			echo "	<td class='no-wrap' onclick=\"if (document.getElementById('perm_".$app_index."_".$permission_index."').checked) { document.getElementById('perm_".$app_index."_".$permission_index."').checked = false; document.getElementById('checkbox_all_".$app_index."').checked = false; } else { document.getElementById('perm_".$app_index."_".$permission_index."').checked = true; }\">".escape($row['name'])."</td>\n";
+			echo "	<td class='description overflow hide-xs' onclick=\"if (document.getElementById('perm_".$app_index."_".$permission_index."').checked) { document.getElementById('perm_".$app_index."_".$permission_index."').checked = false; document.getElementById('checkbox_all_".$app_index."').checked = false; } else { document.getElementById('perm_".$app_index."_".$permission_index."').checked = true; }\">".escape($row['description'])."&nbsp;</td>\n";
+			echo "</tr>\n";
+
+			//populate search/filter arrays
 				$array_apps[] = str_replace(' ','_',strtolower($app['name']));
 				$array_apps_original[] = $app['name'];
 				$array_permissions[] = $row['name'];
 				$array_descriptions[] = str_replace('"','\"',$row['description']);
 
-				$app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index;
-			}
+			$app_permissions[$app_index][] = "perm_".$app_index."_".$permission_index;
+		}
 
-			echo "	<tr>\n";
-			echo "		<td colspan='3' align='right' style='padding-top: 15px;'><input type='submit' name='submit' class='btn' value='".$text['button-save']."'></td>\n";
-			echo "	</tr>\n";
-			echo "</table>";
-			echo "</div>\n\n";
+		echo "</table>\n";
+		echo "<br /><br />\n";
 
-		} //end foreach
-		echo "<br>";
+	}
 
-	echo "</form>\n";
+	echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
+	echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>\n";
 
-//check or uncheck all category checkboxes
-	echo "<script>\n";
-	echo "function check_toggle(app_index, toggle_state) {\n";
-	echo "	switch (app_index) {\n";
-	foreach ($app_permissions as $app_index => $app_permission_ids) {
-		echo "	case '".$app_index."':\n";
-		foreach ($app_permission_ids as $app_permission_id) {
-			echo "	document.getElementById('".$app_permission_id."').checked = toggle_state;\n";
-		}
-		echo "	break;\n";
-	}
-	echo "	}\n";
-	echo "}\n";
-	echo "</script>\n";
-
-//setting search script
-	echo "<script>\n";
-	echo "	var apps_unique = new Array(\"".implode('","', $array_apps_unique)."\");\n";
-	echo "	var apps = new Array(\"".implode('","', $array_apps)."\");\n";
-	echo "	var apps_original = new Array(\"".implode('","', $array_apps_original)."\");\n";
-	echo "	var permissions = new Array(\"".implode('","', $array_permissions)."\");\n";
-	echo "	var descriptions = new Array(\"".implode('","', $array_descriptions)."\");\n";
-	echo "\n";
-	echo "	function permission_search() {\n";
-	echo "		var criteria = $('#group_permission_search').val();\n";
-	echo "		if (criteria.length >= 2) {\n";
-	echo "			for (var x = 0; x < apps_unique.length; x++) {\n";
-	echo "				document.getElementById('app_'+apps_unique[x]).style.display = 'none';\n";
-	echo "			}\n";
-	echo "			for (var x = 0; x < permissions.length; x++) {\n";
-	echo "				if (\n";
-	echo "					apps_original[x].toLowerCase().match(criteria.toLowerCase()) ||\n";
-	echo "					permissions[x].toLowerCase().match(criteria.toLowerCase()) ||\n";
-	echo "					descriptions[x].toLowerCase().match(criteria.toLowerCase())\n";
-	echo "					) {\n";
-	echo "					document.getElementById('app_'+apps[x]).style.display = '';\n";
-	echo "					document.getElementById('permission_'+permissions[x]).style.display = '';\n";
-	echo "				}\n";
-	echo "				else {\n";
-	echo "					document.getElementById('permission_'+permissions[x]).style.display = 'none';\n";
-	echo "				}\n";
-	echo "			}\n";
-	echo "		}\n";
-	echo "		else {\n";
-	echo "			for (var x = 0; x < permissions.length; x++) {\n";
-	echo "				document.getElementById('app_'+apps[x]).style.display = '';\n";
-	echo "				document.getElementById('permission_'+permissions[x]).style.display = '';\n";
-	echo "			}\n";
-	echo "		}\n";
-	echo "	}\n";
-	echo "\n";
-	echo "</script>\n";
+	echo "</form>\n";
 
 //show the footer
 	require_once "resources/footer.php";
 
-?>
+?>

core/groups/groupmemberadd.php

@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2020
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -83,4 +83,4 @@
 //redirect the user
 	header("Location: groupmembers.php?group_uuid=".$group_uuid."&group_name=".$group_name);
 
-?>
+?>

core/groups/groupmembers.php

@@ -48,6 +48,29 @@
 	$language = new text;
 	$text = $language->get();
 
+//get the http post data
+	if (is_array($_POST['group_members'])) {
+		$action = $_POST['action'];
+		$group_uuid = $_POST['group_uuid'];
+		$group_members = $_POST['group_members'];
+	}
+
+//process the http post data by action
+	if ($action != '' && is_array($group_members) && @sizeof($group_members) != 0) {
+		switch ($action) {
+			case 'delete':
+				if (permission_exists('group_member_delete') && is_uuid($group_uuid)) {
+					$obj = new groups;
+					$obj->group_uuid = $group_uuid;
+					$obj->delete_members($group_members);
+				}
+				break;
+		}
+
+		header('Location: groupmembers.php?group_uuid='.urlencode($group_uuid));
+		exit;
+	}
+
 //get the group uuid, lookup domain uuid (if any) and name
 	$group_uuid = $_REQUEST['group_uuid'];
 	$sql = "select domain_uuid, group_name from v_groups ";
@@ -107,93 +130,93 @@
 	$parameters['group_uuid'] = $group_uuid;
 	$database = new database;
 	$result = $database->select($sql, $parameters, 'all');
+	$num_rows = is_array($result) && @sizeof($result) != 0 ? sizeof($result) : 0;
 	unset($sql, $parameters);
 
 //create token
 	$object = new token;
-	$token = $object->create('/core/groups/groupmembers.php');
+	$token = $object->create($_SERVER['PHP_SELF']);
 
 //include the header
-	require_once "resources/header.php";
 	$document['title'] = $text['title-group_members'];
+	require_once "resources/header.php";
 
 //show the content
-	$c = 0;
-	$row_style["0"] = "row_style0";
-	$row_style["1"] = "row_style1";
-
-	echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>\n";
-	echo "	<tr>\n";
-	echo "		<td width='100%' align='left' valign='top'>\n";
-	echo "			<b>".$text['header-group_members'].$group_name."</b>\n";
-	echo "		</td>\n";
-	echo "		<td align='right' nowrap='nowrap' valign='middle'>\n";
-	echo "			<input type='button' class='btn' style='margin-right: 15px;' alt='".$text['button-back']."' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'>";
-	echo "		</td>";
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['header-group_members']." <i>".$group_name."</i> (".$num_rows.")</b></div>\n";
+	echo "	<div class='actions'>\n";
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'groups.php']);
+	if (permission_exists('group_member_delete') && $result) {
+		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'collapse'=>'hide-xs','style'=>'margin-right: 15px;','onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
+	}
 	if (permission_exists('group_member_add')) {
-		echo "		<td align='right' nowrap='nowrap' valign='top'>\n";
-		echo "			<form method='post' action='groupmemberadd.php'>";
-		echo "			<select name='user_uuid' style='width: 200px;' class='formfld'>\n";
-		echo "				<option value=''></option>\n";
-		foreach($users as $field) {
+		echo 	"<form class='inline' method='post' action='groupmemberadd.php'>\n";
+		echo "	<select name='user_uuid' class='formfld'>\n";
+		echo "		<option value=''>".$text['label-select']."...</option>\n";
+		foreach ($users as $field) {
 			if (is_group_member($group_uuid, $field['user_uuid'])) {
-				echo "		<option value='".$field['user_uuid']."'>".$field['username']."</option>\n";
+				echo "<option value='".escape($field['user_uuid'])."'>".escape($field['username'])."</option>\n";
 			}
 		}
 		unset($sql, $users);
-		echo "			</select>";
-		echo "			<input type='hidden' name='domain_uuid' value='".(($domain_uuid != '') ? $domain_uuid : $_SESSION['domain_uuid'])."'>";
-		echo "			<input type='hidden' name='group_uuid' value='".$group_uuid."'>";
-		echo "			<input type='hidden' name='group_name' value='".$group_name."'>";
-		echo "			<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
-		echo "			<input type='submit' class='btn' value='".$text['button-add_member']."'>";
-		echo "			</form>";
-		echo "		</td>\n";
+		echo "	</select>";
+		echo 	"<input type='hidden' name='domain_uuid' value='".(is_uuid($domain_uuid) ? escape($domain_uuid) : $_SESSION['domain_uuid'])."'>";
+		echo 	"<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>";
+		echo 	"<input type='hidden' name='group_name' value='".escape($group_name)."'>";
+		echo 	"<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>";
+		echo button::create(['type'=>'submit','label'=>$text['button-add_member'],'icon'=>$_SESSION['theme']['button_icon_add'],'collapse'=>'hide-xs']);
+		echo "	</form>\n";
+	}
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo "<form id='form_list' method='post'>\n";
+	echo "<input type='hidden' id='action' name='action' value=''>\n";
+	echo "<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
+
+	echo "<table class='list'>\n";
+	echo "<tr class='list-header'>\n";
+	if (permission_exists('group_member_delete')) {
+		echo "	<th class='checkbox'>\n";
+		echo "		<input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle();' ".($result ?: "style='visibility: hidden;'").">\n";
+		echo "	</th>\n";
 	}
-	echo "	</tr>\n";
-	echo "</table>\n";
-	echo "<br>";
-
-	$echo = "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
-	$echo .= "<tr>\n";
 	if (permission_exists('user_all')) {
-		$echo .= "<th width='30%' align='left' nowrap>".$text['label-domain']."</th>\n";
+		echo "<th class='pct-30'>".$text['label-domain']."</th>\n";
 	}
-	$echo .= "	<th align='left' nowrap>".$text['label-username']."</th>\n";
-	$echo .= "	<td width='25' align='right' nowrap>&nbsp;</td>\n";
-	$echo .= "</tr>\n";
+	echo "	<th>".$text['label-username']."</th>\n";
+	echo "</tr>\n";
 
-	$count = 0;
-	if (is_array($result) && sizeof($result) != 0) {
+	if (is_array($result) && @sizeof($result) != 0) {
+		$x = 0;
 		foreach ($result as &$row) {
-			$username = $row["username"];
-			$user_uuid = $row["user_uuid"];
-			$domain_uuid = $row["domain_uuid"];
-			$group_uuid = $row["group_uuid"];
-			$echo .= "<tr>";
-			if (permission_exists('user_all')) {
-				$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$_SESSION['domains'][$domain_uuid]['domain_name']."</td>\n";
-			}
-			$echo .= "<td align='left' class='".$row_style[$c]."' nowrap='nowrap'>".$username."</td>\n";
-			$echo .= "<td class='list_control_icons' style='width: 25px;'>";
+			echo "<tr class='list-row' href='".$list_row_url."'>";
 			if (permission_exists('group_member_delete')) {
-				$echo .= "<a href='groupmemberdelete.php?user_uuid=".$user_uuid."&group_name=".$group_name."&group_uuid=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
+				echo "	<td class='checkbox'>\n";
+				echo "		<input type='checkbox' name='group_members[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
+				echo "		<input type='hidden' name='group_members[$x][uuid]' value='".escape($row['user_uuid'])."' />\n";
+				echo "	</td>\n";
+			}
+			if (permission_exists('user_all')) {
+				echo "<td class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">".$_SESSION['domains'][$row["domain_uuid"]]['domain_name']."</td>\n";
 			}
-			$echo .= "</td>\n";
-			$echo .= "</tr>\n";
+			echo "<td class='no-wrap' onclick=\"if (document.getElementById('checkbox_".$x."').checked) { document.getElementById('checkbox_".$x."').checked = false; document.getElementById('checkbox_all').checked = false; } else { document.getElementById('checkbox_".$x."').checked = true; }\">".$row["username"]."</td>\n";
+			echo "</tr>\n";
+			$x++;
 
-			$c = ($c) ? 0 : 1;
+// 			echo "<a href='groupmemberdelete.php?user_uuid=".$row["user_uuid"]."&group_name=".$group_name."&group_uuid=".$row["group_uuid"]."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
 
 			$user_groups[] = $row["user_uuid"];
-			$count++;
 		}
 	}
 
-	$echo .= "</table>\n";
-	$echo .= "<br /><br />";
-	echo $echo;
+	echo "</table>\n";
+	echo "<br />";
+	echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>";
+	echo "</form>";
 
 //include the footer
 	require_once "resources/footer.php";
 
-?>
+?>

core/groups/groups.php

@@ -125,6 +125,19 @@
 	$groups = $database->select($sql, $parameters, 'all');
 	unset($sql, $parameters);
 
+//get permission counts for each group
+	if (is_array($groups) && @sizeof($groups) != 0) {
+		$sql = "select group_uuid, count(group_permission_uuid) as permission_count from v_group_permissions group by group_uuid";
+		$database = new database;
+		$result = $database->select($sql, null, 'all');
+		if (is_array($result) && @sizeof($result) != 0) {
+			foreach ($result as $row) {
+				$group_permissions[$row['group_uuid']] = $row['permission_count'];
+			}
+		}
+		unset($sql);
+	}
+
 //create token
 	$object = new token;
 	$token = $object->create($_SERVER['PHP_SELF']);
@@ -189,7 +202,7 @@
 		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
 	}
 	echo th_order_by('group_name', $text['label-group_name'], $order_by, $order);
-	echo "	<th>".$text['label-tools']."</th>\n";
+	echo "	<th class='shrink' colspan='2'>".$text['label-tools']."</th>\n";
 	echo th_order_by('group_level', $text['label-group_level'], $order_by, $order, null, "class='center'");
 	echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'");
 	echo "	<th class='pct-30 hide-sm-dn'>".$text['label-group_description']."</th>\n";
@@ -222,11 +235,8 @@
 				echo "	".escape($row['group_name']);
 			}
 			echo "	</td>\n";
-			echo "	<td class='no-link no-wrap'>\n";
-			echo "		<a href=\"/core/groups/group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_permissions']."</a>\n";
-			echo "		&nbsp;&nbsp;\n";
-			echo "		<a href=\"/core/groups/groupmembers.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_members']." (".$row['group_members'].")</a>\n";
-			echo "	</td>\n";
+			echo "	<td class='no-link no-wrap pr-15'><a href='group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_permissions']." (".($group_permissions[$row['group_uuid']] ?: 0).")</a></td>\n";
+			echo "	<td class='no-link no-wrap'><a href='groupmembers.php?group_uuid=".urlencode($row['group_uuid'])."'>".$text['label-group_members']." (".$row['group_members'].")</a></td>\n";
 			echo "	<td class='center'>".escape($row['group_level'])."</td>\n";
 			if (permission_exists('group_edit')) {
 				echo "	<td class='no-link center'>\n";

core/groups/resources/classes/groups.php

@@ -44,6 +44,7 @@ if (!class_exists('groups')) {
 		private $toggle_field;
 		private $toggle_values;
 		private $location;
+		public $group_uuid;
 
 		/**
 		 * called when the object is created
@@ -52,11 +53,6 @@ if (!class_exists('groups')) {
 			//assign the variables
 				$this->app_name = 'groups';
 				$this->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-				$this->name = 'group';
-				$this->table = 'groups';
-				$this->toggle_field = 'group_protected';
-				$this->toggle_values = ['true','false'];
-				$this->location = 'groups.php';
 		}
 
 		/**
@@ -73,6 +69,11 @@ if (!class_exists('groups')) {
 		 * delete rows from the database
 		 */
 		public function delete($records) {
+			//assign the variables
+				$this->name = 'group';
+				$this->table = 'groups';
+				$this->location = 'groups.php';
+
 			if (permission_exists($this->name.'_delete')) {
 
 				//add multi-lingual support
@@ -122,10 +123,72 @@ if (!class_exists('groups')) {
 			}
 		}
 
+		public function delete_members($records) {
+			//assign the variables
+				$this->name = 'group_member';
+				$this->table = 'user_groups';
+				$this->location = 'groupmembers.php?group_uuid='.$this->group_uuid;
+
+			if (permission_exists($this->name.'_delete')) {
+
+				//add multi-lingual support
+					$language = new text;
+					$text = $language->get();
+
+				//validate the token
+					$token = new token;
+					if (!$token->validate($_SERVER['PHP_SELF'])) {
+						message::add($text['message-invalid_token'],'negative');
+						header('Location: '.$this->location);
+						exit;
+					}
+
+				//delete multiple records
+					if (is_array($records) && @sizeof($records) != 0) {
+						//build array of checked records
+							foreach ($records as $x => $record) {
+								if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
+									$array[$this->table][$x]['user_uuid'] = $record['uuid'];
+									$array[$this->table][$x]['group_uuid'] = $this->group_uuid;
+								}
+							}
+
+						//delete the checked rows
+							if (is_array($array) && @sizeof($array) != 0) {
+
+								//grant temporary permissions
+									$p = new permissions;
+									$p->add('user_group_delete', 'temp');
+
+								//execute delete
+									$database = new database;
+									$database->app_name = $this->app_name;
+									$database->app_uuid = $this->app_uuid;
+									$database->delete($array);
+									unset($array);
+
+								//revoke temporary permissions
+									$p->delete('user_group_delete', 'temp');
+
+								//set message
+									message::add($text['message-delete']);
+							}
+							unset($records);
+					}
+			}
+		}
+
 		/**
 		 * toggle a field between two values
 		 */
 		public function toggle($records) {
+			//assign the variables
+				$this->name = 'group';
+				$this->table = 'groups';
+				$this->toggle_field = 'group_protected';
+				$this->toggle_values = ['true','false'];
+				$this->location = 'groups.php';
+
 			if (permission_exists($this->name.'_edit')) {
 
 				//add multi-lingual support
@@ -195,6 +258,11 @@ if (!class_exists('groups')) {
 		 * copy rows from the database
 		 */
 		public function copy($records) {
+			//assign the variables
+				$this->name = 'group';
+				$this->table = 'groups';
+				$this->location = 'groups.php';
+
 			if (permission_exists($this->name.'_add')) {
 
 				//add multi-lingual support