6 files changed, 121 insertions, 97 deletions
diff --git a/phpBB/adm/admin_permissions.php b/phpBB/adm/admin_permissions.php
index 9bc6c65a6d..b29dc5e995 100644
--- a/phpBB/adm/admin_permissions.php
+++ b/phpBB/adm/admin_permissions.php
@@ -1,33 +1,25 @@
 <?php
-/***************************************************************************
- *                           admin_permissions.php
- *                            -------------------
- *   begin                : Saturday, Feb 13, 2001
- *   copyright            : © 2001 The phpBB Group
- *   email                : support@phpbb.com
- *
- *   $Id$
- *
- ***************************************************************************/
-
-/***************************************************************************
- *
- *   This program is free software; you can redistribute it and/or modify
- *   it under the terms of the GNU General Public License as published by
- *   the Free Software Foundation; either version 2 of the License, or
- *   (at your option) any later version.
- *
- ***************************************************************************/
+// -------------------------------------------------------------
+//
+// $Id$
+//
+// FILENAME  : admin_permissions.php
+// STARTED   : Sat Feb 13, 2001
+// COPYRIGHT : © 2001, 2003 phpBB Group
+// WWW       : http://www.phpbb.com/
+// LICENCE   : GPL vs2.0 [ see /docs/COPYING ] 
+// 
+// -------------------------------------------------------------
 
 if (!empty($setmodules))
 {
 	$filename = basename(__FILE__);
-	$module['FORUM']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&amp;mode=forum' : '';
-	$module['FORUM']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=mod' : '';
-	$module['FORUM']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=supermod' : '';
-	$module['FORUM']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&amp;mode=admin' : '';
-	$module['USER']['PERMISSIONS'] = ($auth->acl_get('a_authusers')) ? $filename . $SID . '&amp;mode=user' : '';
-	$module['GROUP']['PERMISSIONS'] = ($auth->acl_get('a_authgroups')) ? $filename . $SID . '&amp;mode=group' : '';
+	$module['PERM']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? "$filename$SID&amp;mode=forum" : '';
+	$module['PERM']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? "$filename$SID&amp;mode=mod" : '';
+	$module['PERM']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? "$filename$SID&amp;mode=supermod" : '';
+	$module['PERM']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? "$filename$SID&amp;mode=admin" : '';
+	$module['PERM']['USER_PERMS'] = ($auth->acl_get('a_authusers')) ? "$filename$SID&amp;mode=user" : '';
+	$module['PERM']['GROUP_PERMS'] = ($auth->acl_get('a_authgroups')) ? "$filename$SID&amp;mode=group" : '';
 
 	return;
 }
@@ -238,6 +230,12 @@ switch ($submit)
 				cache_moderators();
 			}
 
+			// Remove users who are now moderators or admins from everyones foes
+			// list
+			if ($mode == 'mod' || sizeof($auth_settings['mod']) || $mode == 'admin' || sizeof($auth_settings['admin']))
+			{
+				update_foes();
+			}
 
 			// Logging ... first grab user or groupnames ...
 			$sql = ($ug_type == 'group') ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE user_id';
@@ -1314,4 +1312,32 @@ if (in_array($submit, array('add_options', 'edit_options', 'presetsave', 'preset
 // Output page footer
 adm_page_footer();
 
+// ---------
+// FUNCTIONS
+//
+function update_foes()
+{
+	global $db;
+
+	$perms = array();
+	foreach (auth::acl_get_list(false, array('a_', 'm_'), false) as $forum_id => $forum_ary)
+	{
+		foreach ($forum_ary as $auth_option => $user_ary)
+		{
+			$perms += $user_ary;
+		}
+	}
+
+	if (sizeof($perms))
+	{
+		$sql = 'DELETE FROM ' . ZEBRA_TABLE . ' 
+			WHERE zebra_id IN (' . implode(', ', $perms) . ')';
+		$db->sql_query($sql);
+	}
+	unset($perms);
+}
+//
+// FUNCTIONS
+// ---------
+
 ?>
 \ No newline at end of file
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 6859931cf9..dfb00cee18 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -210,70 +210,6 @@ function get_moderators(&$forum_moderators, $forum_id = false)
 	return;
 }
 
-function discover_auth($user_id = false, $opts = false, $forum_id = false)
-{
-	global $db;
-
-	$sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
-	$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
-	$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
-
-	$hold_ary = array();
-	// First grab user settings ... each user has only one setting for each
-	// option ... so we shouldn't need any ACL_NO checks ... he says ...
-	$sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
-		FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a 
-		WHERE ao.auth_option_id = a.auth_option_id 
-			' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
-			$sql_forum 
-			$sql_opts 
-		ORDER BY a.forum_id, ao.auth_option";
-	$result = $db->sql_query($sql);
-
-	while ($row = $db->sql_fetchrow($result))
-	{
-		$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting']; 
-	}
-	$db->sql_freeresult($result);
-
-	// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
-	$sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting 
-		FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a 
-		WHERE ao.auth_option_id = a.auth_option_id 
-			AND a.group_id = ug.group_id
-			' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
-			$sql_forum 
-			$sql_opts 
-		ORDER BY a.forum_id, ao.auth_option";
-	$result = $db->sql_query($sql);
-
-	while ($row = $db->sql_fetchrow($result))
-	{
-		if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
-		{
-			$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting']; 
-		}
-	}
-	$db->sql_freeresult($result);
-
-	$auth_ary = array();
-	foreach ($hold_ary as $user_id => $forum_ary)
-	{
-		foreach ($forum_ary as $forum_id => $auth_option_ary)
-		{
-			foreach ($auth_option_ary as $auth_option => $auth_setting)
-			{
-				if ($auth_setting == ACL_YES)
-				{
-					$auth_ary[$forum_id][$auth_option][] = $user_id;
-				}
-			}
-		}
-	}
-
-	return $auth_ary;
-}
-
 // User authorisation levels output
 function gen_forum_rules($mode, &$forum_id)
 {
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 27ff96fe13..8eed78b3bf 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -754,14 +754,12 @@ class auth
 		}
 		$db->sql_freeresult($result);
 
-		// Now grab group settings ... users can belong to multiple groups so we grab
-		// the minimum setting for all options. ACL_NO overrides ACL_YES so act appropriatley
-		$sql = 'SELECT ao.auth_option, a.forum_id, MIN(a.auth_setting) as min_setting
+		// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
+		$sql = 'SELECT ao.auth_option, a.forum_id, a.auth_setting
 			FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a 
 			WHERE ug.user_id = ' . $userdata['user_id'] . '
 				AND a.group_id = ug.group_id
 				AND ao.auth_option_id = a.auth_option_id 
-			GROUP BY ao.auth_option, a.forum_id
 			ORDER BY a.forum_id, ao.auth_option';
 		$result = $db->sql_query($sql);
 
@@ -769,7 +767,7 @@ class auth
 		{
 			if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] != ACL_NO))
 			{
-				$hold_ary[$row['forum_id']][$row['auth_option']] = $row['min_setting']; 
+				$hold_ary[$row['forum_id']][$row['auth_option']] = $row['auth_setting']; 
 			}
 		}
 		$db->sql_freeresult($result);
@@ -840,6 +838,70 @@ class auth
 		return;
 	}
 
+	function acl_get_list($user_id = false, $opts = false, $forum_id = false)
+	{
+		global $db;
+
+		$sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
+		$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
+		$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
+
+		$hold_ary = array();
+		// First grab user settings ... each user has only one setting for each
+		// option ... so we shouldn't need any ACL_NO checks ... he says ...
+		$sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
+			FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a 
+			WHERE ao.auth_option_id = a.auth_option_id 
+				' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
+				$sql_forum 
+				$sql_opts 
+			ORDER BY a.forum_id, ao.auth_option";
+		$result = $db->sql_query($sql);
+
+		while ($row = $db->sql_fetchrow($result))
+		{
+			$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting']; 
+		}
+		$db->sql_freeresult($result);
+
+		// Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
+		$sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting 
+			FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a 
+			WHERE ao.auth_option_id = a.auth_option_id 
+				AND a.group_id = ug.group_id
+				' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
+				$sql_forum 
+				$sql_opts 
+			ORDER BY a.forum_id, ao.auth_option";
+		$result = $db->sql_query($sql);
+
+		while ($row = $db->sql_fetchrow($result))
+		{
+			if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
+			{
+				$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting']; 
+			}
+		}
+		$db->sql_freeresult($result);
+
+		$auth_ary = array();
+		foreach ($hold_ary as $user_id => $forum_ary)
+		{
+			foreach ($forum_ary as $forum_id => $auth_option_ary)
+			{
+				foreach ($auth_option_ary as $auth_option => $auth_setting)
+				{
+					if ($auth_setting == ACL_YES)
+					{
+						$auth_ary[$forum_id][$auth_option][] = $user_id;
+					}
+				}
+			}
+		}
+
+		return $auth_ary;
+	}
+
 	// Clear one or all users cached permission settings
 	function acl_clear_prefetch($user_id = false)
 	{
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 67dcdb0af1..d9038980ae 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -119,7 +119,7 @@ class ucp_profile extends module
 							if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
 							{
 								// Grab an array of user_id's with a_user permissions
-								$admin_ary = discover_auth(false, 'a_user', false);
+								$admin_ary = auth::acl_get_list(false, 'a_user', false);
 
 								$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
 									FROM ' . USERS_TABLE . ' 
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 71289be0b0..d50d30e428 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -258,7 +258,7 @@ class ucp_register extends module
 					{
 						// Grab an array of user_id's with a_user permissions ... these users
 						// can activate a user
-						$admin_ary = discover_auth(false, 'a_user', false);
+						$admin_ary = auth::acl_get_list(false, 'a_user', false);
 
 						$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
 							FROM ' . USERS_TABLE . ' 
diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php
index db0a5c8ca8..9807837729 100644
--- a/phpBB/includes/ucp/ucp_zebra.php
+++ b/phpBB/includes/ucp/ucp_zebra.php
@@ -93,7 +93,7 @@ class ucp_zebra extends module
 						if ($mode == 'foes')
 						{
 							$perms = array();
-							foreach (discover_auth($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
+							foreach (auth::acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
 							{
 								foreach ($forum_ary as $auth_option => $user_ary)
 								{