<?php
$sub_menu = "300200";
require_once './_common.php';

if ($w == 'u') {
    check_demo();
}

auth_check_menu($auth, $sub_menu, 'w');

if ($is_admin != 'super' && $w == '') {
    alert('최고관리자만 접근 가능합니다.');
}

check_admin_token();

$gr_id = isset($_POST['gr_id']) ? $_POST['gr_id'] : '';

if (!preg_match("/^([A-Za-z0-9_]{1,10})$/", $gr_id)) {
    alert('그룹 ID는 공백없이 영문자, 숫자, _ 만 사용 가능합니다. (10자 이내)');
}

if (empty($gr_subject)) {
    alert('그룹 제목을 입력하세요.');
}

$posts = array();

$check_keys = array(
    'gr_subject' => '',
    'gr_device' => '',
    'gr_admin' => '',
);

for ($i = 1; $i <= 10; $i++) {
    $check_keys['gr_' . $i . '_subj']   = isset($_POST['gr_' . $i . '_subj']) ? $_POST['gr_' . $i . '_subj'] : '';
    $check_keys['gr_' . $i]           = isset($_POST['gr_' . $i]) ? $_POST['gr_' . $i] : '';
}

foreach ($check_keys as $key => $value) {
    if ($key === 'gr_subject') {
        $posts[$key] = isset($_POST[$key]) ? strip_tags(clean_xss_attributes($_POST[$key])) : '';
    } else {
        $posts[$key] = isset($_POST[$key]) ? $_POST[$key] : '';
    }
}

$sql_common = " gr_subject = '{$posts['gr_subject']}',
                gr_device = '{$posts['gr_device']}',
                gr_admin  = '{$posts['gr_admin']}',
                gr_1_subj = '{$posts['gr_1_subj']}',
                gr_2_subj = '{$posts['gr_2_subj']}',
                gr_3_subj = '{$posts['gr_3_subj']}',
                gr_4_subj = '{$posts['gr_4_subj']}',
                gr_5_subj = '{$posts['gr_5_subj']}',
                gr_6_subj = '{$posts['gr_6_subj']}',
                gr_7_subj = '{$posts['gr_7_subj']}',
                gr_8_subj = '{$posts['gr_8_subj']}',
                gr_9_subj = '{$posts['gr_9_subj']}',
                gr_10_subj = '{$posts['gr_10_subj']}',
                gr_1 = '{$posts['gr_1']}',
                gr_2 = '{$posts['gr_2']}',
                gr_3 = '{$posts['gr_3']}',
                gr_4 = '{$posts['gr_4']}',
                gr_5 = '{$posts['gr_5']}',
                gr_6 = '{$posts['gr_6']}',
                gr_7 = '{$posts['gr_7']}',
                gr_8 = '{$posts['gr_8']}',
                gr_9 = '{$posts['gr_9']}',
                gr_10 = '{$posts['gr_10']}' ";
if (isset($_POST['gr_use_access'])) {
    $sql_common .= ", gr_use_access = '{$_POST['gr_use_access']}' ";
} else {
    $sql_common .= ", gr_use_access = '' ";
}

if ($w == '') {
    $sql = " select count(*) as cnt from {$g5['group_table']} where gr_id = '{$gr_id}' ";
    $row = sql_fetch($sql);
    if ($row['cnt']) {
        alert('이미 존재하는 그룹 ID 입니다.');
    }

    $sql = " insert into {$g5['group_table']}
                set gr_id = '{$gr_id}',
                     {$sql_common} ";
    sql_query($sql);
} elseif ($w == "u") {
    $sql = " update {$g5['group_table']}
                set {$sql_common}
                where gr_id = '{$gr_id}' ";
    sql_query($sql);
} else {
    alert('제대로 된 값이 넘어오지 않았습니다.');
}

run_event('admin_boardgroup_form_update', $gr_id, $w);

goto_url('./boardgroup_form.php?w=u&amp;gr_id=' . $gr_id . '&amp;' . $qstr);