<?php
// NeL - MMORPG Framework <http://dev.ryzom.com/projects/nel/>
// Copyright (C) 2010  Winch Gate Property Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

	$publicAccess = true;
	include('authenticate.php');


	unset($error);

	function reorderViews($uid)
	{
		$result = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' ORDER BY ordering");
		$i = 0;
		while ($result && $arr = mysql_fetch_array($result))
		{
			sqlquery("UPDATE view_table SET ordering='$i' WHERE tid='".$arr["tid"]."'");
			++$i;
		}
	}
	
	function swapView($uid, $ordering, $offs)
	{
		$result1 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='$ordering'");
		if (!$result1 || mysql_num_rows($result1) != 1)
			return;
		$result1 = mysql_fetch_array($result1);
		$tid1 = $result1["tid"];

		$result2 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='".($ordering+$offs)."'");
		if (!$result2 || mysql_num_rows($result2) != 1)
			return;
		$result2 = mysql_fetch_array($result2);
		$tid2 = $result2["tid"];
		
		sqlquery("UPDATE view_table SET ordering='".($ordering+$offs)."' WHERE uid='$uid' AND tid='$tid1'");
		sqlquery("UPDATE view_table SET ordering='".($ordering)."' WHERE uid='$uid' AND tid='$tid2'");
	}

	function reorderRows($tid)
	{
		$result = sqlquery("SELECT vid, ordering FROM view_row WHERE tid='$tid' ORDER BY ordering");
		$i = 0;
		
		$rows = array();

		while ($result && $arr = mysql_fetch_array($result))
			$rows[] = array($arr['vid'], $arr['ordering']);

		if (count($rows) > 0)
		{
			$i = 0;
			foreach ($rows as $row)
			{
				sqlquery("UPDATE view_row SET ordering='".(-$i-1)."' WHERE tid='$tid' AND ordering='".$row[1]."'");
				++$i;
			}

			$i = 0;
			for ($i=0; $i<count($rows); ++$i)
			{
				sqlquery("UPDATE view_row SET ordering='$i' WHERE tid='$tid' AND ordering='".(-$i-1)."'");
			}
		}
	}

	function swapRows($tid, $ordering, $offs)
	{
/*
		$result1 = sqlquery("SELECT vid FROM view_row WHERE tid='$tid' AND ordering='$ordering'");
		if (!$result1 || mysql_num_rows($result1) != 1)
			return;
		$result1 = mysql_fetch_array($result1);
		$vid1 = $result1["vid"];

		$result2 = sqlquery("SELECT vid FROM view_row WHERE tid='$tid' AND ordering='".($ordering+$offs)."'");
		if (!$result2 || mysql_num_rows($result2) != 1)
			return;
		$result2 = mysql_fetch_array($result2);
		$vid2 = $result2["vid"];
		
		sqlquery("UPDATE view_row SET ordering='".($ordering+$offs)."' WHERE tid='$tid' AND vid='".($vid1)."'");
		sqlquery("UPDATE view_row SET ordering='".($ordering)."' WHERE tid='$tid' AND vid='".($vid2)."'");
*/

		sqlquery("UPDATE view_row SET ordering='-1' WHERE tid='$tid' AND ordering='".($ordering)."'");
		sqlquery("UPDATE view_row SET ordering='".($ordering)."' WHERE tid='$tid' AND ordering='".($ordering+$offs)."'");
		sqlquery("UPDATE view_row SET ordering='".($ordering+$offs)."' WHERE tid='$tid' AND ordering='-1'");

	}

	// -----------------------------
	// page commands

	// create a view
	if ($createview)
	{
		// create a table in view_table
		$result = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND name='$viewname'");
		if ($result && mysql_num_rows($result) != 0)
		{
			$error = $error."Couldn't create view '$viewname', name already in use<br>\n";
		}
		else
		{
			$result = sqlquery("INSERT INTO view_table SET uid='$uid', name='$viewname', ordering='255'");
			if (!$result)
			{
				$error = $error."Couldn't create view '$viewname', mySQL request failed<br>\n";
			}
			$result = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND name='$viewname'");
			$result = mysql_fetch_array($result);
			$tid = $result["tid"];

			reorderViews($uid);
		}
		
	}
	// duplicate a view
	else if (isset($dupView) && isset($tid))
	{
		$result = sqlquery("SELECT * FROM view_table WHERE tid='$tid'");
		if ($result && ($arr = sqlfetch($result)))
		{
			sqlquery("INSERT INTO view_table SET uid='$uid', name='CopyOf_".$arr["name"]."', ordering='127', filter='".$arr["filter"]."'");
			$res2 = sqlquery("SELECT tid FROM view_table WHERE uid='$uid' AND ordering='127'");
			$arr=sqlfetch($res2);
			$ntid = $arr["tid"];
			
			$result = sqlquery("SELECT * FROM view_row WHERE tid='$tid'");
			while ($result && ($arr=sqlfetch($result)))
			{
				sqlquery("INSERT INTO view_row SET tid='$ntid', vid='".$arr["vid"]."', name='".$arr["name"]."', ordering='".$arr["ordering"]."', filter='".$arr["filter"]."'");
			}
			
			reorderViews($uid);

			$tid = $ntid;
		}
	}
	// remove a view
	else if (isset($removeView))
	{
		if (!($result = sqlquery("DELETE FROM view_table WHERE uid='$uid' AND tid='$removeView'"))
			 || mysql_affected_rows() < 1)
		{
			$error = $error."Couldn't remove view $removeView, missing or user doesn't own it<br>\n";
		}
		else
		{
			sqlquery("DELETE FROM view_row WHERE tid='$removeView'");
			reorderViews($uid);
		}
	}
	// change view name
	else if (isset($chViewName))
	{
		sqlquery("UPDATE view_table SET name='$chViewName' WHERE tid='$tid'");
	}
	// change view state
	else if (isset($chViewFilter))
	{
		sqlquery("UPDATE view_table SET filter='$chViewFilter' WHERE tid='$tid'");
	}
	// change view state
	else if (isset($chViewDisplay))
	{
		sqlquery("UPDATE view_table SET display='$chViewDisplay' WHERE tid='$tid'");
	}
	// change view state
	else if (isset($chViewAutoDisplay))
	{
		sqlquery("UPDATE view_table SET auto_display='$chViewAutoDisplay' WHERE tid='$tid'");
	}
	// change view state
	else if (isset($chViewRefreshRate))
	{
		sqlquery("UPDATE view_table SET refresh_rate='$chViewRefreshRate' WHERE tid='$tid'");
	}
	// swap a view
	else if (isset($moveView) && isset($offs))
	{
		swapView($uid, $moveView, $offs);
	}
	// add a variable to a view
	else if (isset($addToView) && isset($tid))
	{
		if (hasAccessToVariable($addToView))
		{
			if (!($resultt = sqlquery("SELECT name FROM view_table WHERE uid='$uid' AND tid='$tid'"))
						|| mysql_num_rows($resultt) != 1)
			{
				$error = $error."Couldn't add variable $addToView to view $tid, view is missing or user doesn't own it<br>\n";
			}
			else
			{
				$resultt = mysql_fetch_array($resultt);
				$result = sqlquery("INSERT INTO view_row SET tid='$tid', vid='$addToView', name='".$variableData[$addToView]["name"]."', ordering='255'");
				if (!$result)
					$error = $error."Couldn't add variable ".$variableData[addToView]["name"]." to view ".$resultt["name"].", query failed";
				else
					reorderRows($tid);
			}
		}
	}
	// remove a row
	else if (isset($removeRow) && isset($tid))
	{
		$result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'");
		if ($result && mysql_num_rows($result)>0)
		{
			if (!($result = sqlquery("DELETE FROM view_row WHERE tid='$tid' AND ordering='$removeRow'"))
				 || mysql_affected_rows() < 1)
			{
				$error = $error."Couldn't remove row $removeRow, missing or user doesn't own it<br>\n";
			}
			else
			{
				reorderRows($tid);
			}
		}
	}
	// swap a row
	else if (isset($moveRow) && isset($tid) && isset($offs))
	{
		$result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'");
		if ($result && mysql_num_rows($result)>0)
			swapRows($tid, $moveRow, $offs);
	}
	// change a variable name
	else if ($changeVarName && isset($vid) && isset($tid))
	{
		$result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'");
		if ($result && mysql_num_rows($result)>0)
		{
			$result = sqlquery("UPDATE view_row SET name='$changeVarName' WHERE vid='$vid' AND tid='$tid'");
		}
	}
	// change a variable state
	else if (isset($changeVarFilter) && isset($vid) && isset($tid))
	{
		$result = sqlquery("SELECT uid FROM view_table WHERE tid='$tid' AND uid='$uid'");
		if ($result && mysql_num_rows($result)>0)
		{
			$result = sqlquery("UPDATE view_row SET filter='$changeVarFilter' WHERE vid='$vid' AND tid='$tid'");
		}
	}
	// select a new default_view
	else if (isset($default_view))
	{
		sqlquery("UPDATE user SET default_view='$default_view' WHERE uid='$uid'");
	}

	// change a command name
	else if (isset($chViewCommandName) && isset($vcmd) && isset($tid))
	{
		sqlquery("UPDATE view_command SET name='$chViewCommandName' WHERE tid='$tid' AND name='$vcmd'");
	}
	else if (isset($chViewCommand) && isset($vcmd) && isset($tid))
	{
		sqlquery("UPDATE view_command SET command='$chViewCommand' WHERE tid='$tid' AND name='$vcmd'");
	}
	else if (isset($rmViewCommand) && isset($vcmd) && isset($tid))
	{
		sqlquery("DELETE FROM view_command WHERE tid='$tid' AND name='$vcmd'");
	}
	else if (isset($createViewCommand) && isset($nViewCommand) && isset($nViewCommandName) && isset($tid))
	{
		sqlquery("INSERT INTO view_command SET tid='$tid', name='$nViewCommandName', command='$nViewCommand'");
	}
	else if (isset($changeVidGraph) && isset($tid))
	{
		if (isset($graphState) && $graphState == "on")
		{
			sqlquery("UPDATE view_row SET graph='1' WHERE tid='$tid' AND vid='$changeVidGraph'");
		}
		else
		{
			sqlquery("UPDATE view_row SET graph='0' WHERE tid='$tid' AND vid='$changeVidGraph'");
		}
	}

	// give a view to another user
	else if (isset($giveTo) && isset($tid))
	{
		sqlquery("UPDATE view_table SET uid='$giveTo' WHERE tid='$tid'");
		unset($tid);
	}

	// -----------------------------
	// page display

	htmlProlog($_SERVER['PHP_SELF'], "Customize views");
	
	if ($error)
	{
		echo "<b>Reported errors:</b><br>$error<br>\n";
	}

	unset($vargroups);
	$result = sqlquery("SELECT * FROM variable_group ORDER BY name");
	while ($result && ($arr=sqlfetch($result)))
	{
		if ((!isset($sel_vgid) || $sel_vgid == "") && $arr["name"] == "NoGroup")
			$sel_vgid = $arr["vgid"];
		$vargroups[$arr["name"]] = $arr["vgid"];
	}


	
	// -----------------------------
	// display customizable views

	$res = sqlquery("SELECT default_view FROM user, view_table WHERE user.uid='$uid' AND (view_table.uid='$uid' OR view_table.uid='$gid') AND view_table.tid=user.default_view");
	if ($res && ($arr=sqlfetch($res)))
		$default_view = $arr["default_view"];
		
	unset($availViews);
	unset($userViews);
	unset($groupViews);
	$res = sqlquery("SELECT name, tid, ordering FROM view_table WHERE uid='$uid' ORDER BY ordering");
	while ($res && ($arr=sqlfetch($res)))
	{
		$availViews[] = $arr;
		$userViews[] = $arr;
	}
	$res = sqlquery("SELECT name, tid, ordering FROM view_table WHERE uid='$gid' ORDER BY ordering");
	while ($res && ($arr=sqlfetch($res)))
	{
		$availViews[] = $arr;
		$groupViews[] = $arr;
	}

	echo "<br>\n";
	echo "<table border=0><tr>\n";
	echo "<td><b>Your default view:</b></td>\n";
	echo "<form method=post action='".$_SERVER['PHP_SELF']."?tid=$tid&sel_vgid=$sel_vgid'><td>\n";
	echo "<select name='default_view' onChange='submit()'>\n";
	$selected = false;
	foreach ($availViews as $view)
	{
		$selectedView = ($view["tid"]==$default_view);
		$selected |= $selectedView;
		echo "<option value='".$view["tid"]."'".($selectedView ? " selected" : "").">".$view["name"]."\n";
	}
	echo "<option value='0'".(!$selected ? " selected" : "").">None\n";
	echo "</select>\n";
	echo "</td></form>\n";
	echo "</tr></table><br>\n";

	echo "<table><tr valign=top><td>\n";
	echo "<b>Your current views: </b>".help("View")."<br><font size=0>(click name to view/edit table, click radio to select as default view)</font><br>\n";
	echo "<table border=1>\n";
	echo "<form method=post action='".$_SERVER['PHP_SELF']."?tid=$tid&sel_vgid=$sel_vgid'>";
	echo "<tr><th>Index</th><th>[Default] View</th><th>Commands</th></tr>\n";
	if (isset($userViews) && count($userViews)>0)
	{
		foreach ($userViews as $arr)
		{
			$_tname = $arr["name"];
			$_tid = $arr["tid"];
			$color = ($tid == $_tid ? " bgcolor=#eeeeee" : "");
			echo "<tr><td$color>".$arr["ordering"]."</td>";
			echo 		"<td$color><input type=radio name=default_view value='$_tid' onClick='submit()'".($_tid==$default_view ? " checked" : "")."><a href='".$_SERVER['PHP_SELF']."?tid=$_tid&sel_vgid=$sel_vgid'>$_tname</a></td>".
						"<td$color><a href='".$_SERVER['PHP_SELF']."?removeView=$_tid&tid=$tid&sel_vgid=$sel_vgid' onClick=\"return confirm('You are about to delete a View')\">Delete</a> ".
							 "<a href='".$_SERVER['PHP_SELF']."?moveView=".$arr["ordering"]."&offs=+1&tid=$tid&sel_vgid=$sel_vgid'>-</a> ".
							 "<a href='".$_SERVER['PHP_SELF']."?moveView=".$arr["ordering"]."&offs=-1&tid=$tid&sel_vgid=$sel_vgid'>+</a> ".
							 "<a href='".$_SERVER['PHP_SELF']."?dupView=true&tid=$_tid&offs=-1&sel_vgid=$sel_vgid'>Duplicate</a></td></tr>\n";
		}
	}
	echo "</form>\n";
	echo "<tr><form method=post action='".basename($_SERVER['PHP_SELF'])."'><td></td>\n";
	echo "<td><input type=text name=viewname maxlength=32 size=16></td>\n";
	echo "<td><input type=submit name=createview value='Create new view'></td>\n";
	echo "</form></tr>\n";
	echo "</table><br>\n";
	
	echo "</td>\n";

	if (isset($groupViews) && count($groupViews)>0)
	{
		echo "<td width=40></td><td>\n";
		echo "<b>$group views: </b>".help("View")."<br><font size=0>(click name to view table, click radio to select as default view)</font><br>\n";
		echo "<table border=1>\n";
		echo "<tr><th>Index</th><th>[Default] View</th><th>Commands</th></tr>\n";
		echo "<form method=post action='".$_SERVER['PHP_SELF']."?tid=$tid&sel_vgid=$sel_vgid'>\n";
		foreach ($groupViews as $arr)
		{
			$_tname = $arr["name"];
			$_tid = $arr["tid"];
			$color = ($tid == $_tid ? " bgcolor=#eeeeee" : "");
			echo "<tr><td$color>".$arr["ordering"]."</td>".
						"<td$color><input type=radio name=default_view value='$_tid' onClick='submit()'".($_tid==$default_view ? " checked" : "")."><a href='".$_SERVER['PHP_SELF']."?tid=$_tid&sel_vgid=$sel_vgid'>$_tname</a></td>".
						"<td$color><a href='".$_SERVER['PHP_SELF']."?dupView=true&tid=$_tid&offs=-1&sel_vgid=$sel_vgid'>Duplicate</a></td></tr>\n";
		}
		echo "</form>\n";
		echo "</table><br>\n";
		echo "</td>\n";
	}
	
	echo "</tr></table>\n";

	if (isset($tid))
	{
		$result = sqlquery("SELECT name, uid, filter, display, auto_display, refresh_rate FROM view_table WHERE (uid='$uid' OR uid='$gid') AND tid='$tid'");
		if (!$result || mysql_num_rows($result) == 0)
		{
			echo "<br><b>Can't display table $tid</b><br>\n";
		}
		else
		{
			echo "<table cellpadding=0 cellspacing=0><tr valign=top><td>\n";

			$result = mysql_fetch_array($result);
			$viewName = $result["name"];
			$viewFilter = $result["filter"];
			$viewDisplay = $result["display"];
			$viewAutoDisplay = $result["auto_display"];
			$viewRefreshRate = $result["refresh_rate"];

			$ownView = ($result["uid"] == $uid);

			echo "<table border=1>\n";
			echo "<tr><form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&tid=$tid'><td colspan=3><b>Content of ".($ownView ? "<input name=chViewName value='$viewName' size=32 maxlength=32>" : $viewName)."</b></td></form>";
			if ($ownView && ($admlogin == "root" || $admlogin == $group || $IsNevrax))
			{
				echo "<form method=post action='".$_SERVER['PHP_SEL']."?sel_vgid=$sel_vgid&tid=$tid'><td colspan=4>Give view to <select name='giveTo' onChange='submit()'>";
				$gresult = sqlquery("SELECT uid, login FROM user ORDER BY login");
				while ($gresult && ($garr=sqlfetch($gresult)))
				{
					echo "<option value='".$garr["uid"]."'".($uid == $garr["uid"] ? " selected" : "").">".$garr["login"];
				}
				echo "</select>";
			}
			else
			{
				echo "<td colspan=3>";
			}
			echo "</td></tr>";
			
			$result = sqlquery("SELECT view_row.name AS name, view_row.vid AS vid, view_row.ordering AS ordering, path, view_row.filter AS filter, graph ".
										 "FROM view_table, view_row, variable ".
										 "WHERE variable.command='variable' AND view_table.uid='$uid' AND view_table.tid='$tid' AND view_table.tid=view_row.tid AND ".
										 		"view_row.vid=variable.vid ORDER BY ordering");

			if (!$result)
				die("rows select failed !");
				
			unset($rows);

			echo "<tr><th>Index</th><th><b>Variable</b></th><th>Path</th><th>Privilege</th><th>Filter</th><th>Graph</th><th>Commands</th></tr>\n";
			while ($arr = mysql_fetch_array($result))
			{
				$vid = $arr["vid"];
				
				if (!hasAccessToVariable($vid))
					continue;

				$priv = getVariableRight($vid);

				$rows[$vid] = $arr["name"];

				$ordering = $arr["ordering"];
				if ($ownView)
				{
					echo "<tr>".
								"<td>".$arr["ordering"]."</td>".
								"<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&vid=$vid&tid=$tid'><td><input type=text name=changeVarName maxlength=128 size=16 value='".$arr["name"]."'></td></form>".
								"<td>".$arr["path"]."</td>".
								"<td>$priv</td>".
								"<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&vid=$vid&tid=$tid'><td><input type=text name=changeVarFilter maxlength=64 size=16 value='".$arr["filter"]."'></td></form>".
								"<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&changeVidGraph=$vid&tid=$tid'><td><input type=checkBox name=graphState".($arr["graph"] != 0 ? " checked" : "")." onClick='submit()'></td></form>".
								"<td><a href='".$_SERVER['PHP_SELF']."?removeRow=$ordering&tid=$tid&sel_vgid=$sel_vgid' onClick=\"return confirm('You are about to delete a Variable from a View')\">Delete</a> ".
									 "<a href='".$_SERVER['PHP_SELF']."?moveRow=$ordering&tid=$tid&offs=+1&sel_vgid=$sel_vgid'>-</a> ".
									 "<a href='".$_SERVER['PHP_SELF']."?moveRow=$ordering&tid=$tid&offs=-1&sel_vgid=$sel_vgid'>+</a></td></tr>\n";
				}
				else
				{
					echo "<tr>".
								"<td>".$arr["ordering"]."</td>".
								"<td>".$arr["name"]."</td>".
								"<td>".$arr["path"]."</td>".
								"<td>$priv</td>".
								"<td>".$arr["filter"]."</td>".
								"<td>".($arr["graph"] != 0 ? "Yes" : "No")."</td>".
								"<td></td></tr>\n";
				}
			}
			echo "<tr height=15><td colspan=7></td></tr>";

			$result = sqlquery("SELECT view_row.name AS name, view_row.vid AS vid, view_row.ordering AS ordering, path, view_row.filter AS filter, graph ".
										 "FROM view_table, view_row, variable ".
										 "WHERE variable.command='command' AND view_table.uid='$uid' AND view_table.tid='$tid' AND view_table.tid=view_row.tid AND ".
										 		"view_row.vid=variable.vid ORDER BY ordering");

			if (!$result)
				die("rows select failed !");
				
			unset($rows);

			echo "<tr><th>Index</th><th><b>Command</b></th><th colspan=2>Path</th><th colspan=2>Filter</th><th>Commands</th></tr>\n";
			while ($arr = mysql_fetch_array($result))
			{
				$vid = $arr["vid"];
				
				if (!hasAccessToVariable($vid))
					continue;

				$priv = getVariableRight($vid);

				$rows[$vid] = $arr["name"];

				$ordering = $arr["ordering"];
				if ($ownView)
				{
					echo "<tr>".
								"<td>".$arr["ordering"]."</td>".
								"<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&vid=$vid&tid=$tid'><td><input type=text name=changeVarName maxlength=128 size=16 value='".$arr["name"]."'></td></form>".
								"<td colspan=2>".$arr["path"]."</td>".
								"<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&vid=$vid&tid=$tid'><td colspan=2><input type=text name=changeVarFilter maxlength=64 size=16 value='".$arr["filter"]."'></td></form>".
								"<td><a href='".$_SERVER['PHP_SELF']."?removeRow=$ordering&tid=$tid&sel_vgid=$sel_vgid' onClick=\"return confirm('You are about to delete a Variable from a View')\">Delete</a> ".
									 "<a href='".$_SERVER['PHP_SELF']."?moveRow=$ordering&tid=$tid&offs=+1&sel_vgid=$sel_vgid'>-</a> ".
									 "<a href='".$_SERVER['PHP_SELF']."?moveRow=$ordering&tid=$tid&offs=-1&sel_vgid=$sel_vgid'>+</a></td></tr>\n";
				}
				else
				{
					echo "<tr>".
								"<td>".$arr["ordering"]."</td>".
								"<td>".$arr["name"]."</td>".
								"<td>".$arr["path"]."</td>".
								"<td>$priv</td>".
								"<td>".$arr["filter"]."</td>".
								"<td>".($arr["graph"] != 0 ? "Yes" : "No")."</td>".
								"<td></td></tr>\n";
				}
			}

			echo "<tr height=15><td colspan=7></td></tr>";

			echo "<tr><td colspan=7>";
			if ($ownView)
			{
				echo "<table>\n";
				echo "<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&tid=$tid'><tr><th>Filter</th><td><input name=chViewFilter value='$viewFilter' size=64 maxlength=64></td></tr></form>";
				echo "<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&tid=$tid'><tr><th>Display type</th><td><select name=chViewDisplay onChange='submit()'>";
				echo "<option value='normal'".($viewDisplay=="normal" ? " selected" : "").">Normal display";
				echo "<option value='condensed'".($viewDisplay=="condensed" ? " selected" : "").">Condensed display";
				echo "</select></td></tr></form>\n";
				echo "<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&tid=$tid'><tr><th>Display automation</th><td><select name=chViewAutoDisplay onChange='submit()'>";
				echo "<option value='auto'".($viewAutoDisplay=="auto" ? " selected" : "").">Automatic display";
				echo "<option value='manual'".($viewAutoDisplay=="manual" ? " selected" : "").">Manual display";
				echo "</select></td></tr></form>\n";
				echo "<form method=post action='".$_SERVER['PHP_SELF']."?sel_vgid=$sel_vgid&tid=$tid'><tr><th>Refresh rate</th><td><input name=chViewRefreshRate value='$viewRefreshRate' size=5 maxlength=10> seconds</td></tr></form>\n";
				echo "</table>\n";
			}
			else
			{
				echo "<b>Filter ".($ownView ? "<input name=chViewFilter value='$viewFilter' size=64 maxlength=64>" : $viewFilter)."</b><br>";
				echo ($viewDisplay == "condensed" ? "Condensed" : "Normal")." display, ";
				echo ($viewAutoDisplay == "auto" ? "Automatic" : "Manual")." display";
			}
			echo "</td></tr>";
			echo "</table>\n";
			
			echo "</td><td width=20>\n";
			echo "</td><td>\n";
			
			if ($ownView)
			{
				echo "<b>Available variables:</b><br><font size=0>(click a variable to add it to view $viewName)</font><br>\n";
	
				echo "<table border=1 cellspacing=1>\n";
				echo "<tr><th>Variable</th>";
				echo "<form method=post action='".$_SERVER['PHP_SELF']."?tid=$tid'><th><select name=sel_vgid onChange='submit()'>\n";
				foreach ($vargroups as $vargroup => $vgid)
					echo "<option value='$vgid'".($sel_vgid == $vgid ? " selected" : "").">$vargroup\n";
				echo "<option value='-1'".(!isset($sel_vgid) || $sel_vgid=='-1' ? " selected" : "").">All Groups\n";
				echo "</select></th></form>\n";
				echo "<th>Path</th><th>State</th><th>Privilege</th></tr>\n";
	
				$result = sqlquery("SELECT command, variable.vid AS vid, variable.name AS name, path, state, variable.vgid AS vgid, variable_group.name AS group_name ".
									"FROM variable, variable_group ".
									"WHERE variable.vgid = variable_group.vgid".(isset($sel_vgid) && $sel_vgid!="-1" ? " AND variable.vgid='$sel_vgid'" : "")." ORDER BY variable.command, variable.vgid, variable.name");
				if (!$result)
					die("variable select failed !");
	
				$prevvgid = "";
				$prevvtype = "";
	
				while ($arr = mysql_fetch_array($result))
				{
					$vid = $arr["vid"];
					
					if (!hasAccessToVariable($vid))
						continue;
					
					$priv = getVariableRight($vid);

					if ($prevvtype != "" && $prevvtype != $arr["command"])
					{
						echo "<tr height=15><td colspan=5></td></tr>\n";
						echo "<tr><th>Command</th><th>Group</th><th>Path</th><th>State</th><th>Privilege</th></tr>\n";

						$prevvgid = "";
					}

					if ($prevvgid != "" && $prevvgid != $arr["vgid"])
					{
						echo "<tr height=5><td colspan=5></td></tr>\n";
					}
					$prevvgid = $arr["vgid"];
					$prevvtype = $arr["command"];
	
					echo "<tr><td><b><a href='".$_SERVER['PHP_SELF']."?addToView=$vid&tid=$tid&sel_vgid=$sel_vgid'>".$arr["name"]."</a></b></td>".
								"<td>".$arr["group_name"]."</td>".
								"<td>".$arr["path"]."</td>".
								"<td>".$arr["state"]."</td>".
								"<td>$priv</td></tr>\n";
				}
				echo "</table>\n";
			}

			echo "</td></tr></table>\n";
/*			
			//if ($admlogin == "root" || $group == $admlogin)
			{
				echo "<table><tr valign=top><td>\n";

				echo "<br><br><b>View commands</b><br>\n";
				echo "<table border=1><tr><th>Name</th><td align=center><b>Command</b> <font size=1>(with full parameter list)</font></td><th></th></tr>\n";
				$result = sqlquery("SELECT name, command FROM view_command WHERE tid='$tid' ORDER BY name");
				while ($result && ($arr = sqlfetch($result)))
				{
					echo "<tr><form method=post action='$_SERVER['PHP_SELF']?tid=$tid&vcmd=".$arr["name"]."'><td><input name=chViewCommandName value='".$arr["name"]."' size=16 maxlength=32></td></form><form method=post action='$_SERVER['PHP_SELF']?tid=$tid&vcmd=".$arr["name"]."'><td><input name=chViewCommand value='".$arr["command"]."' size=32 maxlength=32></td></form><form method=post action='$_SERVER['PHP_SELF']?tid=$tid&vcmd=".$arr["name"]."'><td><input type=submit name=rmViewCommand value='Delete' onClick=\"return confirm('You are about to delete a Command')\"></td></form></tr>\n";
				}
				echo "<tr><td colspan=3 height=5></td></th>\n";
				echo "<tr><form method=post action='$_SERVER['PHP_SELF']?tid=$tid'><td><input name=nViewCommandName size=16 maxlength=32></td><td><input name=nViewCommand size=32 maxlength=32></td><td><input type=submit name=createViewCommand value='Create'></td></form></tr>\n";
				echo "</table>\n";
				
				echo "</table>\n";

				echo "</td></tr></table><br>\n";
			}
*/
		}
	}

	htmlEpilog();

?>