From 979bb370e7b8d5bf01dd95b95ebfdcf7ca1ff842 Mon Sep 17 00:00:00 2001
From: iglocska <andras.iklody@gmail.com>
Date: Wed, 16 Apr 2014 15:52:25 +0200
Subject: [PATCH] next step in the ajaxification

- multiselect / multidelete
- some additional UI changes for the event view
---
 app/Controller/AttributesController.php |  88 ++++++---
 app/Controller/EventsController.php     |   3 -
 app/View/Attributes/view.ctp            |   2 +
 app/View/Elements/eventattribute.ctp    |  73 ++++++--
 app/View/Elements/eventattributerow.ctp |  18 +-
 app/View/Elements/eventdiscussion.ctp   | 238 ++++++++++++------------
 app/View/Events/view.ctp                |   6 +-
 app/webroot/css/main.css                |  26 +++
 app/webroot/js/ajaxification.js         |  47 ++++-
 9 files changed, 323 insertions(+), 178 deletions(-)
 create mode 100644 app/View/Attributes/view.ctp

diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php
index 940de2e4d..56d85d0ca 100755
--- a/app/Controller/AttributesController.php
+++ b/app/Controller/AttributesController.php
@@ -153,23 +153,28 @@ class AttributesController extends AppController {
 						//	debug(tru);
 					}
 				}
-				// we added all the attributes,
-				if ($fails) {
-					// list the ones that failed
-					if (!CakeSession::read('Message.flash')) {
-						$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. Please, try again.', true), 'default', array(), 'error');
-					} else {
-						$existingFlash = CakeSession::read('Message.flash');
-						$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. ' . $existingFlash['message'], true), 'default', array(), 'error');
+				if ($this->request->is('ajax')) {
+					$this->autoRender = false;
+					// handle it if some of them failed!!!!
+					return new CakeResponse(array('body'=> json_encode('saved'),'status'=>200));
+				} else {
+					// we added all the attributes,
+					if ($fails) {
+						// list the ones that failed
+						if (!CakeSession::read('Message.flash')) {
+							$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. Please, try again.', true), 'default', array(), 'error');
+						} else {
+							$existingFlash = CakeSession::read('Message.flash');
+							$this->Session->setFlash(__('The lines' . $fails . ' could not be saved. ' . $existingFlash['message'], true), 'default', array(), 'error');
+						}
 					}
+					if ($successes) {
+						// list the ones that succeeded
+						$this->Session->setFlash(__('The lines' . $successes . ' have been saved', true));
+					}
+	
+					$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
 				}
-				if ($successes) {
-					// list the ones that succeeded
-					$this->Session->setFlash(__('The lines' . $successes . ' have been saved', true));
-				}
-
-				$this->redirect(array('controller' => 'events', 'action' => 'view', $this->request->data['Attribute']['event_id']));
-
 			} else {
 				if (isset($this->request->data['Attribute']['uuid'])) {	// TODO here we should start RESTful dialog
 					// check if the uuid already exists and also save the existing attribute for further checks
@@ -860,18 +865,38 @@ class AttributesController extends AppController {
 		if (!$this->request->is('post') && !$this->_isRest()) {
 			throw new MethodNotAllowedException();
 		}
-
+		if ($this->__delete($id)) {
+			$this->Session->setFlash(__('Attribute deleted'));
+		} else {
+			$this->Session->setFlash(__('Attribute was not deleted'));
+		}
+		
+		if (!$this->_isRest()) $this->redirect($this->referer());	// TODO check
+		else $this->redirect(array('action' => 'index'));
+	}
+	
+/**
+ * unification of the actual delete for the multi-select
+ * 
+ * @param unknown $id
+ * @throws NotFoundException
+ * @throws MethodNotAllowedException
+ * @return boolean
+ * 
+ * returns true/false based on success
+ */
+	private function __delete($id) {
 		$this->Attribute->id = $id;
 		if (!$this->Attribute->exists()) {
 			throw new NotFoundException(__('Invalid attribute'));
 		}
-
+		
 		if ('true' == Configure::read('MISP.sync')) {
 			// find the uuid
 			$result = $this->Attribute->findById($id);
 			$uuid = $result['Attribute']['uuid'];
 		}
-
+		
 		// check for permissions
 		if (!$this->_isSiteAdmin()) {
 			$this->Attribute->read();
@@ -885,7 +910,7 @@ class AttributesController extends AppController {
 				}
 			}
 		}
-
+		
 		// attachment will be deleted with the beforeDelete() function in the Model
 		if ($this->Attribute->delete()) {
 			// delete the attribute from remote servers
@@ -893,17 +918,30 @@ class AttributesController extends AppController {
 				// find the uuid
 				$this->__deleteAttributeFromServers($uuid);
 			}
-
+		
 			// We have just deleted the attribute, let's also check if there are any shadow attributes that were attached to it and delete them
 			$this->loadModel('ShadowAttribute');
 			$this->ShadowAttribute->deleteAll(array('ShadowAttribute.old_id' => $id), false);
-			$this->Session->setFlash(__('Attribute deleted'));
+			return true;
 		} else {
-			$this->Session->setFlash(__('Attribute was not deleted'));
+			return false;
 		}
-
-		if (!$this->_isRest()) $this->redirect($this->referer());	// TODO check
-		else $this->redirect(array('action' => 'index'));
+		
+	}
+	
+	public function deleteSelected() {
+		//if (!$this->request->is('post') && !$this->request->is('ajax')) {
+		if (!$this->request->is('post')) {
+			throw new MethodNotAllowedException();
+		}
+		// get a json object with a list of attribute IDs to be deleted
+		// check each of them and return a json object with the successful deletes and the failed ones.
+		$ids = json_decode($this->request->data['Attribute']['ids']);
+		foreach ($ids as $id) {
+			$this->__delete($id);
+		}
+		$this->autoRender = false;
+		return new CakeResponse(array('body'=> json_encode('saved'),'status'=>200));
 	}
 
 /**
diff --git a/app/Controller/EventsController.php b/app/Controller/EventsController.php
index 2ac27b62d..6cb7459fe 100755
--- a/app/Controller/EventsController.php
+++ b/app/Controller/EventsController.php
@@ -433,9 +433,6 @@ class EventsController extends AppController {
 		$this->set('currentEvent', $id);
 	}
 	
-	private function __view() {
-		
-	}
 
 	private function __startPivoting($id, $info, $date){
 		$this->Session->write('pivot_thread', null);
diff --git a/app/View/Attributes/view.ctp b/app/View/Attributes/view.ctp
new file mode 100644
index 000000000..cdd1629e6
--- /dev/null
+++ b/app/View/Attributes/view.ctp
@@ -0,0 +1,2 @@
+<?php
+echo $this->element('eventattributerow', array('object' => $object));
\ No newline at end of file
diff --git a/app/View/Elements/eventattribute.ctp b/app/View/Elements/eventattribute.ctp
index 663341b7c..7afb28df8 100644
--- a/app/View/Elements/eventattribute.ctp
+++ b/app/View/Elements/eventattribute.ctp
@@ -1,4 +1,5 @@
 <?php
+	echo $this->Html->script('ajaxification');
 	$mayModify = (($isAclModify && $event['Event']['user_id'] == $me['id'] && $event['Event']['orgc'] == $me['org']) || ($isAclModifyOrg && $event['Event']['orgc'] == $me['org']));
 	$mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 	if (!empty($eventArray)):
@@ -41,25 +42,35 @@
 <?php 
 	endif;
 ?>
-<table class="table table-striped table-condensed">
-	<tr>
-		<th style="width:0px;padding:0px;border:0px;"></th>
-		<th>Date</th>
-		<th>Category</th>
-		<th>Type</th>
-		<th>Value</th>
-		<th>Comment</th>
-		<th>Related Events</th>
-		<th title="<?php echo $attrDescriptions['signature']['desc'];?>">IDS</th>
-		<th title="<?php echo $attrDescriptions['distribution']['desc'];?>">Distribution</th>
-		<th class="actions">Actions</th>
-	</tr>
-	<?php 
-		foreach($eventArray as $k => $object):
-			echo $this->element('eventattributerow', array('object' => $object));
-		endforeach;
-	?>
-</table>
+
+<div id="attributeList" class="attributeListContainer">
+	<div class="tabMenu">
+		<span id="create-button" class="icon-plus" onClick="clickCreateButton();"></span>
+		<span id="multi-edit-button" class="icon-edit mass-select" onClick="editSelectedAttributes(<?php echo $event['Event']['id']; ?>);"></span>
+		<span id="multi-delete-button" class = "icon-trash mass-select" onClick="deleteSelectedAttributes(<?php echo $event['Event']['id']; ?>);"></span>
+	</div>
+	<table class="table table-striped table-condensed">
+		<tr>
+			<?php if ($mayModify): ?>
+				<th><input class="select_all" type="checkbox" onClick="toggleAllAttributeCheckboxes();" /></th>
+			<?php endif;?>
+			<th>Date</th>
+			<th>Category</th>
+			<th>Type</th>
+			<th>Value</th>
+			<th>Comment</th>
+			<th>Related Events</th>
+			<th title="<?php echo $attrDescriptions['signature']['desc'];?>">IDS</th>
+			<th title="<?php echo $attrDescriptions['distribution']['desc'];?>">Distribution</th>
+			<th class="actions">Actions</th>
+		</tr>
+		<?php 
+			foreach($eventArray as $k => $object):
+				echo $this->element('eventattributerow', array('object' => $object, 'mayModify' => $mayModify, 'mayPublish' => $mayPublish));
+			endforeach;
+		?>
+	</table>
+</div>
 <?php if ($pageCount > 1): ?>
 <span id = "current_page" style="visibility:hidden;"><?php echo $page;?></span>
 <p>Page <?php echo $page; ?> of <?php echo $pageCount;?>, showing <?php echo count($eventArray); ?> records out of <?php echo $objectCount; ?> total, starting on <?php echo (($page-1) * 50) + 1;?>, ending on <?php echo (($page-1) * 50) + count($eventArray); ?></p>
@@ -97,6 +108,20 @@
 </div>
 <?php
 	endif; 
+	?>
+	<div id="edit_object_div">
+		<?php 
+			echo $this->Form->create('Attribute', array('id' => 'delete_selected', 'action' => 'deleteSelected'));
+			echo $this->Form->input('ids', array(
+				'type' => 'text',
+				'value' => 'test',
+				'style' => 'display:none;',
+				'label' => false,
+			)); 
+			echo $this->Form->end();
+		?>
+	</div>
+	<?php 
 	for ($j = 0; $j < 2; $j++) {
 		$side = 'a';
 		if ($j == 1) $side = 'b'; 
@@ -152,5 +177,15 @@
 			);
 	}
 	endif; 
+	?>
+		<script>
+			$(document).ready(function(){
+				$('.mass-select').hide();
+				$('input[type="checkbox"]').click(function(){
+					attributeListAnyCheckBoxesChecked();
+				});
+			});
+		</script>
+	<?php 
 	echo $this->Js->writeBuffer();
 ?>
\ No newline at end of file
diff --git a/app/View/Elements/eventattributerow.ctp b/app/View/Elements/eventattributerow.ctp
index 1939087f8..d61a5883d 100644
--- a/app/View/Elements/eventattributerow.ctp
+++ b/app/View/Elements/eventattributerow.ctp
@@ -11,7 +11,13 @@ if ($object['objectType'] == 0 ) {
 if ($object['objectType'] == 1) $extra2 = '1';
 ?>
 <tr id = "<?php echo $currentType . '_' . $object['id'] . '_tr'; ?>">
-	<td style="width: <?php echo $extra2; ?>0px;padding:0px;border:0px;"></td>
+	<?php if ($mayModify): ?>
+		<td class="<?php echo $extra; ?>" style="width:10px;">
+			<?php if ($object['objectType'] == 0): ?>
+			<input id = "select_<?php echo $object['id']; ?>" class="select_attribute" type="checkbox" data-id="<?php echo $object['id'];?>" />
+			<?php endif; ?>
+		</td>
+	<?php endif; ?>
 	<td class="short <?php echo $extra; ?>">
 	<?php 
 		if (isset($object['timestamp'])) echo date('Y-m-d', $object['timestamp']);
@@ -20,7 +26,7 @@ if ($object['objectType'] == 1) $extra2 = '1';
 	</td>
 	<td class="shortish <?php echo $extra; ?>">
 		<?php 
-			echo $this->Form->create($currentType, array('class' => 'inline-form inline-field-form', 'id' => $currentType . '_' . $object['id'] . '_category_form', 'action' => 'editField', 'onSubmit=\'activateField("' . $currentType . '", "' . $object['id'] . '", "' . $event['Event']['id'] . '")\''));
+			echo $this->Form->create($currentType, array('class' => 'inline-form inline-field-form', 'id' => $currentType . '_' . $object['id'] . '_category_form', 'action' => 'editField'));
 		?>
 		<div class='inline-input inline-input-container'>	
 		<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok"></span></div>	
@@ -44,7 +50,7 @@ if ($object['objectType'] == 1) $extra2 = '1';
 	</td>
 	<td class="shortish <?php echo $extra; ?>">
 		<?php 
-			echo $this->Form->create($currentType, array('class' => 'inline-form inline-field-form', 'id' => $currentType . '_' . $object['id'] . '_type_form', 'action' => 'editField', 'onSubmit=\'activateField("' . $currentType . '", "' . $object['id'] . '", "' . $event['Event']['id'] . '")\''));
+			echo $this->Form->create($currentType, array('class' => 'inline-form inline-field-form', 'id' => $currentType . '_' . $object['id'] . '_type_form', 'action' => 'editField'));
 		?>
 		<div class='inline-input inline-input-container'>	
 			<div class="inline-input-accept inline-input-button inline-input-passive"><span class = "icon-ok"></span></div>	
@@ -158,10 +164,8 @@ if ($object['objectType'] == 1) $extra2 = '1';
 		</div>	
 		<div id = "<?php echo $currentType . '_' . $object['id'] . '_ids_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'ids', <?php echo $event['Event']['id'];?>);">
 			<?php 
-				if ($object['objectType'] != 1 && $object['objectType'] != 2) {
-					if ($object['to_ids']) echo 'Yes';
-					else echo 'No';
-				}
+				if ($object['to_ids']) echo 'Yes';
+				else echo 'No';
 			?>
 		</div>
 	</td>
diff --git a/app/View/Elements/eventdiscussion.ctp b/app/View/Elements/eventdiscussion.ctp
index c2fd9b7d4..1d730b925 100644
--- a/app/View/Elements/eventdiscussion.ctp
+++ b/app/View/Elements/eventdiscussion.ctp
@@ -2,127 +2,129 @@
 	<div class="pagination">
         <ul>
         <?php
-        $this->Paginator->options(array(
-            'update' => '#top',
-            'evalScripts' => true,
-            'before' => '$(".loading").show()',
-            'complete' => '$(".loading").hide()',
-        ));
-
-            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
-            echo $this->Paginator->numbers(array('modulus' => 10, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
-            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
-        ?>
-        </ul>
-    </div>
-    <div id = "posts">
-		<?php 
-			foreach ($posts as $post) {
-		?>
-				<table class="discussionBox" id=<?php echo '"' . h($post['Post']['id']) . '"';?> >
-					<tr>
-						<td class="discussionBoxTD discussionBoxTDtop" colspan="2">
-						<div>
-							<table style="width:100%">
-								<tr>
-									<td>
-		<?php 
-										echo 'Date: ' . h($post['Post']['date_created']);
-		?>					
-									</td>
-									<td style="text-align:right">
-										<a href = #top class = "whitelink">Top</a> |
-										<a href = #<?php echo $post['Post']['id']; ?> class = "whitelink">#<?php echo h($post['Post']['id'])?></a>
-									</td>
-								</tr>
-							</table>
-						</div>
-						</td>
-					</tr>
-					<tr>
-						<td class="discussionBoxTD discussionBoxTDMid discussionBoxTDMidLeft">
-							<?php 
-								$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($post['User']['org']) . '.png';
-								if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($post['User']['org']) . '.png', array('alt' => h($post['User']['org']), 'title' => h($post['User']['org']), 'style' => 'width:48px; height:48px'));
-								else echo $this->Html->tag('span', h($post['User']['org']), array('class' => 'welcome', 'style' => 'float:center;'));								
-							?>
-						</td>
-						<td class="discussionBoxTD discussionBoxTDMid discussionBoxTDMidRight">
-		<?php 
-								echo $this->Command->convertQuotes(nl2br(h($post['Post']['contents'])));
-								if ($post['Post']['post_id'] !=0 || ($post['Post']['date_created'] != $post['Post']['date_modified'])) {
-		?>
-									<br /><br />
-		<?php 
-								}
-								if ($post['Post']['post_id'] != 0) {
-		?>
-									<span style="font-style:italic">
-										In reply to post
-										<a href = #<?php echo h($post['Post']['post_id']); ?>>#<?php echo h($post['Post']['post_id'])?></a>
-									</span>
-		<?php 
-								}
-								if ($post['Post']['date_created'] != $post['Post']['date_modified']) {
-									echo '<span style="font-style:italic">Message edited at ' . h($post['Post']['date_modified']) . '<span>';
-								}
-		?>
-						</td>
-					</tr>
-					<tr>
-						<td class="discussionBoxTD discussionBoxTDbottom" colspan = "2">
-							<table style="width:100%">
-								<tr>
-									<td>
-										<?php echo h($post['User']['email']); ?>
-									</td>
-									<td style="text-align:right">
-		<?php 
-									if (!$isSiteAdmin) {
-										if ($post['Post']['user_id'] == $myuserid) {
+        if (!empty($posts)):
+	        $this->Paginator->options(array(
+	            'update' => '#top',
+	            'evalScripts' => true,
+	            'before' => '$(".loading").show()',
+	            'complete' => '$(".loading").hide()',
+	        ));
+	
+	            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
+	            echo $this->Paginator->numbers(array('modulus' => 10, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
+	            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
+	        ?>
+	        </ul>
+	    </div>
+	    <div id = "posts">
+			<?php 
+				foreach ($posts as $post) {
+			?>
+					<table class="discussionBox" id=<?php echo '"' . h($post['Post']['id']) . '"';?> >
+						<tr>
+							<td class="discussionBoxTD discussionBoxTDtop" colspan="2">
+							<div>
+								<table style="width:100%">
+									<tr>
+										<td>
+			<?php 
+											echo 'Date: ' . h($post['Post']['date_created']);
+			?>					
+										</td>
+										<td style="text-align:right">
+											<a href = #top class = "whitelink">Top</a> |
+											<a href = #<?php echo $post['Post']['id']; ?> class = "whitelink">#<?php echo h($post['Post']['id'])?></a>
+										</td>
+									</tr>
+								</table>
+							</div>
+							</td>
+						</tr>
+						<tr>
+							<td class="discussionBoxTD discussionBoxTDMid discussionBoxTDMidLeft">
+								<?php 
+									$imgAbsolutePath = APP . WEBROOT_DIR . DS . 'img' . DS . 'orgs' . DS . h($post['User']['org']) . '.png';
+									if (file_exists($imgAbsolutePath)) echo $this->Html->image('orgs/' . h($post['User']['org']) . '.png', array('alt' => h($post['User']['org']), 'title' => h($post['User']['org']), 'style' => 'width:48px; height:48px'));
+									else echo $this->Html->tag('span', h($post['User']['org']), array('class' => 'welcome', 'style' => 'float:center;'));								
+								?>
+							</td>
+							<td class="discussionBoxTD discussionBoxTDMid discussionBoxTDMidRight">
+			<?php 
+									echo $this->Command->convertQuotes(nl2br(h($post['Post']['contents'])));
+									if ($post['Post']['post_id'] !=0 || ($post['Post']['date_created'] != $post['Post']['date_modified'])) {
+			?>
+										<br /><br />
+			<?php 
+									}
+									if ($post['Post']['post_id'] != 0) {
+			?>
+										<span style="font-style:italic">
+											In reply to post
+											<a href = #<?php echo h($post['Post']['post_id']); ?>>#<?php echo h($post['Post']['post_id'])?></a>
+										</span>
+			<?php 
+									}
+									if ($post['Post']['date_created'] != $post['Post']['date_modified']) {
+										echo '<span style="font-style:italic">Message edited at ' . h($post['Post']['date_modified']) . '<span>';
+									}
+			?>
+							</td>
+						</tr>
+						<tr>
+							<td class="discussionBoxTD discussionBoxTDbottom" colspan = "2">
+								<table style="width:100%">
+									<tr>
+										<td>
+											<?php echo h($post['User']['email']); ?>
+										</td>
+										<td style="text-align:right">
+			<?php 
+										if (!$isSiteAdmin) {
+											if ($post['Post']['user_id'] == $myuserid) {
+												echo $this->Html->link('', array('controller' => 'posts', 'action' => 'edit', h($post['Post']['id'])), array('class' => 'icon-edit', 'title' => 'Edit'));
+												echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['Post']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this post?'));
+											} else {
+			?>
+												<a href = "<?php echo Configure::read('MISP.baseurl') . '/posts/add/post/' . h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
+			<?php 							
+											}
+										} else {
 											echo $this->Html->link('', array('controller' => 'posts', 'action' => 'edit', h($post['Post']['id'])), array('class' => 'icon-edit', 'title' => 'Edit'));
 											echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['Post']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this post?'));
-										} else {
-		?>
-											<a href = "<?php echo Configure::read('MISP.baseurl') . '/posts/add/post/' . h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
-		<?php 							
+			?>
+												<a href = "<?php echo Configure::read('MISP.baseurl') . '/posts/add/post/' . h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
+			<?php 	
+								
 										}
-									} else {
-										echo $this->Html->link('', array('controller' => 'posts', 'action' => 'edit', h($post['Post']['id'])), array('class' => 'icon-edit', 'title' => 'Edit'));
-										echo $this->Form->postLink('', array('controller' => 'posts', 'action' => 'delete', h($post['Post']['id'])), array('class' => 'icon-trash', 'title' => 'Delete'), __('Are you sure you want to delete this post?'));
-		?>
-											<a href = "<?php echo Configure::read('MISP.baseurl') . '/posts/add/post/' . h($post['Post']['id']); ?>" class="icon-comment" title = "Reply"></a>
-		<?php 	
-							
-									}
-		?>
-									</td>
-								</tr>
-							</table>
-						</td>
-					</tr>
-				</table>
-				<br />
-		<?php 
-			}
-		?>
-		</div>
-		<p>
-    <?php
-    echo $this->Paginator->counter(array(
-    'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
-    ));
-    ?>
-    </p>
-    <div class="pagination">
-        <ul>
-        <?php
-            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
-            echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
-            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
-        ?>
-        </ul>
-    </div>
+			?>
+										</td>
+									</tr>
+								</table>
+							</td>
+						</tr>
+					</table>
+					<br />
+			<?php 
+				}
+			?>
+			</div>
+			<p>
+	    <?php
+	    echo $this->Paginator->counter(array(
+	    'format' => __('Page {:page} of {:pages}, showing {:current} records out of {:count} total, starting on record {:start}, ending on {:end}')
+	    ));
+	    ?>
+	    </p>
+	    <div class="pagination">
+	        <ul>
+	        <?php
+	            echo $this->Paginator->prev('&laquo; ' . __('previous'), array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'prev disabled', 'escape' => false, 'disabledTag' => 'span'));
+	            echo $this->Paginator->numbers(array('modulus' => 20, 'separator' => '', 'tag' => 'li', 'currentClass' => 'active', 'currentTag' => 'span'));
+	            echo $this->Paginator->next(__('next') . ' &raquo;', array('tag' => 'li', 'escape' => false), null, array('tag' => 'li', 'class' => 'next disabled', 'escape' => false, 'disabledTag' => 'span'));
+	        ?>
+	        </ul>
+	    </div>
+    <?php endif; ?>
 	<div class="comment">
 	<?php echo $this->Form->create('Post');?>
 		<fieldset>
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index a327b5821..779f9daef 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -201,10 +201,6 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 	<div id="pivots_div">
 		<?php if (sizeOf($allPivots) > 1) echo $this->element('pivot'); ?>
 	</div>
-	<div id="create_object_div">
-		<span id="create-button" class="btn btn-inverse" onClick="clickCreateButton();">Add Attribute</span>
-	</div>
-	<br />
 	<div id="attribute_add_form" class="attribute_add_form"></div>
 	<div id="attribute_creation_div" style="display:none;">
 		<?php 
@@ -274,4 +270,4 @@ function clickCreateButton() {
 		$("#attribute_add_form").html(data);
 	});
 }
-</script>
+</script>
\ No newline at end of file
diff --git a/app/webroot/css/main.css b/app/webroot/css/main.css
index c6b13a3d2..380d65d89 100755
--- a/app/webroot/css/main.css
+++ b/app/webroot/css/main.css
@@ -802,6 +802,32 @@ a.proposal_link_red:hover {
 	margin-bottom:0px !important;
 }
 
+.tabMenu {
+	position:absolute;
+	top:-21px;
+	height:20px;
+	margin-left:5px;
+	padding-left:10px;
+	padding-right:10px;
+	-webkit-border-radius: 4px 4px 0 0;
+	-moz-border-radius: 4px 4px 0 0;
+	border-radius: 4px 4px 0 0;
+	border: 1px solid #ddd;
+	border-bottom-color: transparent;
+	background-color: #f9f9f9;
+	border-collapse: separate !important;
+}
+
+.tabMenu [class^="icon-"] {
+	vertical-align:baseline;
+	margin-top:3px;
+}
+
+.attributeListContainer{
+	position:relative;
+	margin-top:10px;
+}
+
 @-webkit-keyframes rotation {
    from {-webkit-transform: rotate(0deg);}
    to {-webkit-transform: rotate(359deg);}
diff --git a/app/webroot/js/ajaxification.js b/app/webroot/js/ajaxification.js
index 7e261e80d..4e4cb0342 100644
--- a/app/webroot/js/ajaxification.js
+++ b/app/webroot/js/ajaxification.js
@@ -119,6 +119,13 @@ function handleAjaxEditResponse(data, event) {
 	}
 }
 
+function handleAjaxMassDeleteResponse(data, event) {
+	if (data == "\"saved\"") updateAttributeIndexOnSuccess(event);
+	else {
+		updateAttributeIndexOnSuccess(event);
+	}
+}
+
 $(function(){
     $('a:contains("Delete")').removeAttr('onclick');
     $('a:contains("Delete")').click(function(e){
@@ -128,4 +135,42 @@ $(function(){
         $.post(url);
         return false;
     });
-});
\ No newline at end of file
+});
+
+function toggleAllAttributeCheckboxes() {
+	if ($(".select_all").is(":checked")) {
+		$(".select_attribute").prop("checked", true);
+	} else {
+		$(".select_attribute").prop("checked", false);
+	}
+}
+
+function attributeListAnyCheckBoxesChecked() {
+	if ($('input[type="checkbox"]:checked').length > 0) $('.mass-select').show();
+	else $('.mass-select').hide();
+}
+
+
+function deleteSelectedAttributes(event) {
+	var answer = confirm("Are you sure you want to delete all selected attributes?");
+	if (answer) {
+		var selected = [];
+		$(".select_attribute").each(function() {
+			if ($(this).is(":checked")) {
+				var test = $(this).data("id");
+				selected.push(test);
+			}
+		});
+		$('#AttributeIds').attr('value', JSON.stringify(selected));
+		var formData = $('#delete_selected').serialize();
+		$.ajax({
+			data: formData, 
+			type:"POST", 
+			url:"/attributes/deleteSelected/",
+			success:function (data, textStatus) {
+				handleAjaxMassDeleteResponse(data, event);
+			}, 
+		});
+	}
+	return false;
+}
\ No newline at end of file