<% Response.Buffer=true %>
<!--#include file="../admin_includes/checkLogin.asp"-->
<!--#include file="../global_includes/global.asp"-->


<%
dim page_id
dim process
dim redirectString

dim GroupName
dim GroupAccess
dim GroupID
dim openNodes



page_id = request.form("page_id")
process = request.form("process")

GroupName = request.form("groupName")
GroupID = request.form("groupID")
GroupAccess = request.form("groupAccess")
openNodes = request.form("openNodes")


'--Check for single quotes/apostrophes
GroupName = SQLSafe(GroupName)





if process = "update" then
	redirectString = "ia.asp?page_id=" & page_id & "&mode=manageGroups&editType=addItem&group_id=" & GroupID & "&errorMsg"
else
	redirectString = "ia.asp?page_id=" & page_id & "&mode=manageGroups&editType=addItem&newGroupName=" & GroupName & "&newGroupAccess=" & GroupAccess & "&newOpenNodes=" & openNodes & "&errorMsg"
end if





'--Check a group name has been added
if len(GroupName) < 1 then
	Response.Redirect(redirectString & "=GroupNameZeroLength")
end if


'--Check at least one section has been selected
if len(GroupAccess) < 1 then
	Response.Redirect(redirectString & "=GroupAccessZeroLength")
end if





'--If we're all good, update the record in the users table
if process = "update" then
	strSQL = "UPDATE epcms_groups SET "&_
	"group_name = '" & GroupName &"',"&_
	"group_access = '" & GroupAccess &"' "&_
	"WHERE group_id = " & GroupID
else
	strSQL = "INSERT INTO epcms_groups "&_
	"(group_name,group_access) "&_
	"VALUES ('" & GroupName & "','" & GroupAccess & "');"
end if

RunSQL strSQL





if process = "update" then
	Response.Redirect("ia.asp?mode=manageGroups&page_id=" & page_id & "&editType=view&confirmMsg=Group%20info%20updated")
else
	Response.Redirect("ia.asp?mode=manageGroups&page_id=" & page_id & "&editType=view&confirmMsg=Group%20added")
end if
%>