aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/functions.php64
-rw-r--r--phpBB/includes/session.php72
-rw-r--r--phpBB/includes/ucp/ucp_profile.php2
-rw-r--r--phpBB/includes/ucp/ucp_register.php2
-rw-r--r--phpBB/includes/ucp/ucp_zebra.php2
5 files changed, 70 insertions, 72 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 6859931cf9..dfb00cee18 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -210,70 +210,6 @@ function get_moderators(&$forum_moderators, $forum_id = false)
return;
}
-function discover_auth($user_id = false, $opts = false, $forum_id = false)
-{
- global $db;
-
- $sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
- $sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
- $sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
-
- $hold_ary = array();
- // First grab user settings ... each user has only one setting for each
- // option ... so we shouldn't need any ACL_NO checks ... he says ...
- $sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
- FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a
- WHERE ao.auth_option_id = a.auth_option_id
- ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
- $result = $db->sql_query($sql);
-
- while ($row = $db->sql_fetchrow($result))
- {
- $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
- }
- $db->sql_freeresult($result);
-
- // Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
- $sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting
- FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
- WHERE ao.auth_option_id = a.auth_option_id
- AND a.group_id = ug.group_id
- ' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
- $sql_forum
- $sql_opts
- ORDER BY a.forum_id, ao.auth_option";
- $result = $db->sql_query($sql);
-
- while ($row = $db->sql_fetchrow($result))
- {
- if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
- {
- $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
- }
- }
- $db->sql_freeresult($result);
-
- $auth_ary = array();
- foreach ($hold_ary as $user_id => $forum_ary)
- {
- foreach ($forum_ary as $forum_id => $auth_option_ary)
- {
- foreach ($auth_option_ary as $auth_option => $auth_setting)
- {
- if ($auth_setting == ACL_YES)
- {
- $auth_ary[$forum_id][$auth_option][] = $user_id;
- }
- }
- }
- }
-
- return $auth_ary;
-}
-
// User authorisation levels output
function gen_forum_rules($mode, &$forum_id)
{
diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php
index 27ff96fe13..8eed78b3bf 100644
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@@ -754,14 +754,12 @@ class auth
}
$db->sql_freeresult($result);
- // Now grab group settings ... users can belong to multiple groups so we grab
- // the minimum setting for all options. ACL_NO overrides ACL_YES so act appropriatley
- $sql = 'SELECT ao.auth_option, a.forum_id, MIN(a.auth_setting) as min_setting
+ // Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
+ $sql = 'SELECT ao.auth_option, a.forum_id, a.auth_setting
FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
WHERE ug.user_id = ' . $userdata['user_id'] . '
AND a.group_id = ug.group_id
AND ao.auth_option_id = a.auth_option_id
- GROUP BY ao.auth_option, a.forum_id
ORDER BY a.forum_id, ao.auth_option';
$result = $db->sql_query($sql);
@@ -769,7 +767,7 @@ class auth
{
if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] != ACL_NO))
{
- $hold_ary[$row['forum_id']][$row['auth_option']] = $row['min_setting'];
+ $hold_ary[$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
}
}
$db->sql_freeresult($result);
@@ -840,6 +838,70 @@ class auth
return;
}
+ function acl_get_list($user_id = false, $opts = false, $forum_id = false)
+ {
+ global $db;
+
+ $sql_user = ($user_id) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : '';
+ $sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
+ $sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
+
+ $hold_ary = array();
+ // First grab user settings ... each user has only one setting for each
+ // option ... so we shouldn't need any ACL_NO checks ... he says ...
+ $sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting
+ FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a
+ WHERE ao.auth_option_id = a.auth_option_id
+ ' . (($sql_user) ? 'AND a.' . $sql_user : '') . "
+ $sql_forum
+ $sql_opts
+ ORDER BY a.forum_id, ao.auth_option";
+ $result = $db->sql_query($sql);
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
+ }
+ $db->sql_freeresult($result);
+
+ // Now grab group settings ... ACL_NO overrides ACL_YES so act appropriatley
+ $sql = 'SELECT ug.user_id, ao.auth_option, a.forum_id, a.auth_setting
+ FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a
+ WHERE ao.auth_option_id = a.auth_option_id
+ AND a.group_id = ug.group_id
+ ' . (($sql_user) ? 'AND ug.' . $sql_user : '') . "
+ $sql_forum
+ $sql_opts
+ ORDER BY a.forum_id, ao.auth_option";
+ $result = $db->sql_query($sql);
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
+ {
+ $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting'];
+ }
+ }
+ $db->sql_freeresult($result);
+
+ $auth_ary = array();
+ foreach ($hold_ary as $user_id => $forum_ary)
+ {
+ foreach ($forum_ary as $forum_id => $auth_option_ary)
+ {
+ foreach ($auth_option_ary as $auth_option => $auth_setting)
+ {
+ if ($auth_setting == ACL_YES)
+ {
+ $auth_ary[$forum_id][$auth_option][] = $user_id;
+ }
+ }
+ }
+ }
+
+ return $auth_ary;
+ }
+
// Clear one or all users cached permission settings
function acl_clear_prefetch($user_id = false)
{
diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php
index 67dcdb0af1..d9038980ae 100644
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@@ -119,7 +119,7 @@ class ucp_profile extends module
if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
{
// Grab an array of user_id's with a_user permissions
- $admin_ary = discover_auth(false, 'a_user', false);
+ $admin_ary = auth::acl_get_list(false, 'a_user', false);
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php
index 71289be0b0..d50d30e428 100644
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@@ -258,7 +258,7 @@ class ucp_register extends module
{
// Grab an array of user_id's with a_user permissions ... these users
// can activate a user
- $admin_ary = discover_auth(false, 'a_user', false);
+ $admin_ary = auth::acl_get_list(false, 'a_user', false);
$sql = 'SELECT user_id, username, user_email, user_jabber, user_notify_type
FROM ' . USERS_TABLE . '
diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php
index db0a5c8ca8..9807837729 100644
--- a/phpBB/includes/ucp/ucp_zebra.php
+++ b/phpBB/includes/ucp/ucp_zebra.php
@@ -93,7 +93,7 @@ class ucp_zebra extends module
if ($mode == 'foes')
{
$perms = array();
- foreach (discover_auth($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
+ foreach (auth::acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
{
foreach ($forum_ary as $auth_option => $user_ary)
{
generated by cgit v1.2.1 (git 2.21.0) at 2025-08-26 02:36:27 +0000