aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul S. Owen <psotfx@users.sourceforge.net>2002-02-28 23:51:53 +0000
committerPaul S. Owen <psotfx@users.sourceforge.net>2002-02-28 23:51:53 +0000
commit1f004885cc876fb0c340a40519b1349c503fc180 (patch)
tree9068ae02adb13f354239091488586d6c6a0a7b22
parent46c8ea9a585e7e72ff1ec146f34d8e589820aa4f (diff)
downloadforums-1f004885cc876fb0c340a40519b1349c503fc180.tar
forums-1f004885cc876fb0c340a40519b1349c503fc180.tar.gz
forums-1f004885cc876fb0c340a40519b1349c503fc180.tar.bz2
forums-1f004885cc876fb0c340a40519b1349c503fc180.tar.xz
forums-1f004885cc876fb0c340a40519b1349c503fc180.zip
Time for Tubby bye bye
git-svn-id: file:///svn/phpbb/trunk@2227 89ea8834-ac86-4346-8a33-228a782c2dd0
-rw-r--r--phpBB/admin/admin_groupauth.php891
-rw-r--r--phpBB/admin/admin_userauth.php988
2 files changed, 0 insertions, 1879 deletions
diff --git a/phpBB/admin/admin_groupauth.php b/phpBB/admin/admin_groupauth.php
deleted file mode 100644
index 82305cfdab..0000000000
--- a/phpBB/admin/admin_groupauth.php
+++ /dev/null
@@ -1,891 +0,0 @@
-<?php
-/***************************************************************************
- * admin_groupauth.php
- * -------------------
- * begin : Saturday, Feb 13, 2001
- * copyright : (C) 2001 The phpBB Group
- * email : support@phpbb.com
- *
- * $Id$
- *
- *
- ***************************************************************************/
-
-/***************************************************************************
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- ***************************************************************************/
-
-if($setmodules == 1)
-{
- $filename = basename(__FILE__);
- $module['Groups']['Permissions'] = $filename;
-
- return;
-}
-
-//
-// Load default header
-//
-$phpbb_root_dir = "./../";
-$no_page_header = TRUE;
-require('pagestart.inc');
-
-//
-// Start program - define vars
-//
-$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
-
-$auth_field_match = array(
- "auth_view" => AUTH_VIEW,
- "auth_read" => AUTH_READ,
- "auth_post" => AUTH_POST,
- "auth_reply" => AUTH_REPLY,
- "auth_edit" => AUTH_EDIT,
- "auth_delete" => AUTH_DELETE,
- "auth_sticky" => AUTH_STICKY,
- "auth_announce" => AUTH_ANNOUNCE,
- "auth_vote" => AUTH_VOTE,
- "auth_pollcreate" => AUTH_POLLCREATE);
-
-$field_names = array(
- "auth_view" => $lang['View'],
- "auth_read" => $lang['Read'],
- "auth_post" => $lang['Post'],
- "auth_reply" => $lang['Reply'],
- "auth_edit" => $lang['Edit'],
- "auth_delete" => $lang['Delete'],
- "auth_sticky" => $lang['Sticky'],
- "auth_announce" => $lang['Announce'],
- "auth_vote" => $lang['Vote'],
- "auth_pollcreate" => $lang['Pollcreate']);
-
-
-// ---------------
-// Start Functions
-//
-function a_auth_check_group($type, $key, $u_auth, $is_admin)
-{
-
- $single_user = 0;
- $auth_user = array();
-
- while( list($entry, $u_ary) = @each($u_auth) )
- {
- if(!$single_user)
- {
- $single_user = $u_ary['group_single_user'];
-
- $result = 0;
- switch($type)
- {
- case AUTH_ACL:
- $result = $u_ary[$key];
-
- case AUTH_MOD:
- $result = $result || $u_ary['auth_mod'];
-
- case AUTH_ADMIN:
- $result = $result || $is_admin;
- break;
- }
-
- $auth_user['auth'] = $auth_user || $result;
-
- }
- $auth_user['single_group'] = ($single_user) ? "single" : "group";
-
- }
-
- return $auth_user;
-}
-//
-// End Functions
-// -------------
-
-
-if( isset($HTTP_POST_VARS['submit']) && ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) ) )
-{
- //
- // Front end
- //
- $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
- $adv = ( isset($HTTP_POST_VARS['adv']) ) ? TRUE : 0;
-
- //
- // This is where things become fun ...
- //
-
- //
- // Get list of user id's for this group_id
- //
- $sql_groupid = "SELECT user_id
- FROM " . USER_GROUP_TABLE . "
- WHERE group_id = $group_id
- AND user_id <> " . ANONYMOUS;
- if(!$result = $db->sql_query($sql_groupid))
- {
- // Error no such user/group
- }
- $ug_info = $db->sql_fetchrow($result);
-
-
- //
- // Pull all the auth/group
- // for this user
- //
-
- $sql = "SELECT aa.*, g2.group_single_user, u.username, u.user_id, g.group_id, g.group_name
- FROM " . AUTH_ACCESS_TABLE . " aa, " . AUTH_ACCESS_TABLE . " aa2, " . USER_GROUP_TABLE . " ug, " . USER_GROUP_TABLE . " ug2, " . GROUPS_TABLE . " g, " . GROUPS_TABLE . " g2, " . USERS_TABLE . " u
- WHERE g.group_id = $group_id
- AND aa.group_id = g.group_id
- AND ug.group_id = g.group_id
- AND ug2.user_id = ug.user_id
- AND u.user_id = ug2.user_id
- AND g2.group_id = ug2.group_id
- AND aa2.group_id = g2.group_id";
- $ag_result = $db->sql_query($sql);
-
- if( $num_g_access = $db->sql_numrows($ag_result) )
- {
- $g_access = $db->sql_fetchrowset($ag_result);
- }
-
- $sql = "SELECT f.*
- FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
- WHERE c.cat_id = f.cat_id
- ORDER BY c.cat_order ASC, f.forum_order ASC";
- $fa_result = $db->sql_query($sql);
-
- $forum_access = $db->sql_fetchrowset($fa_result);
-
- $change_prv_list = array();
-
- $change_mod_ary = (isset($HTTP_POST_VARS['moderator'])) ? $HTTP_POST_VARS['moderator'] : array();
-
- for($i = 0; $i < count($forum_access); $i++)
- {
- $forum_id = $forum_access[$i]['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $field = $forum_auth_fields[$j];
-
- if( isset($HTTP_POST_VARS['private']) )
- {
- if( $forum_access[$i][$field] == AUTH_ACL )
- {
- if( isset($HTTP_POST_VARS['private'][$forum_id]) )
- {
- $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS['private'][$forum_id];
- }
- }
- }
- else
- {
- if( isset($HTTP_POST_VARS[$field][$forum_id]) )
- {
- $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS[$field][$forum_id];
- }
- }
- }
- }
-
- //
- // The data above lists access and moderator permissions
- // for this user given by all the groups they belong to.
- // These values must be checked against those requested
- // by the admin and where necessary the admin is
- // informed of problems. For example, if a group the user
- // belongs to already grants the user moderator status
- // then the user won't have moderator status enabled.
- // If the user has a group entry preventing access to a
- // forum then again, we must warn the admin that giving
- // the user access goes against the group permissions
- // (although in this case we'll go ahead and add the user)
- //
-
- //
- //
- //
- $warning_mod_userid = array();
- $warning_mod_username = array();
- $warning_mod_frmname = array();
- $valid_auth_mod_sql = array();
-
- $warning_prv_userid = array();
- $warning_prv_username = array();
- $warning_prv_frmname = array();
- $valid_auth_prv_sql = array();
-
- for($i = 0; $i < count($forum_access); $i++)
- {
- $this_forum_id = $forum_access[$i]['forum_id'];
-
- $update_mod = FALSE;
- $update_acl = FALSE;
-
- $valid_auth_mod_sql_val = "";
- $valid_auth_prv_sql_fld = "";
- $valid_auth_prv_sql_val = "";
-
- @reset($change_mod_ary);
- @reset($change_prv_list);
-
- //
- // Moderator control
- //
- while(list($mod_forum_id, $new_mod_status) = @each($change_mod_ary))
- {
- if($mod_forum_id == $this_forum_id)
- {
- $warned = FALSE;
-
- for($j = 0; $j < count($g_access); $j++)
- {
- if($g_access[$j]['forum_id'] == $this_forum_id)
- {
- $cur_mod_status = $g_access[$j]['auth_mod'];
- $is_single_user = $g_access[$j]['group_single_user'];
-
- if($cur_mod_status == $new_mod_status && !$is_single_user)
- {
- //
- // No need to update so set update to true
- //
- $update_mod = TRUE;
- }
- else if($cur_mod_status && !$new_mod_status && $is_single_user && !$warned)
- {
- //
- // users within group can mod via their own auth, we'll warn
- // the admin but carry out the op anyway if reqd.
- //
- $warning_mod_userid[$this_forum_id][] = $g_access[$j]['user_id'];
- $warning_mod_username[$this_forum_id][] = $g_access[$j]['username'];
- $warning_mod_frmname[$this_forum_id][] = $forum_access[$i]['forum_name'];
-
- $warned = TRUE;
- }
- else if($cur_mod_status != $new_mod_status && !$is_single_user)
- {
- if($new_mod_status)
- {
- $valid_auth_mod_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . "
- SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_announce = 0, auth_sticky = 0, auth_mod = $new_mod_status
- WHERE forum_id = $this_forum_id
- AND group_id = $group_id";
- }
- else
- {
- $valid_auth_mod_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . "
- WHERE forum_id = $this_forum_id
- AND group_id = $group_id";
- }
- $update_mod = TRUE;
- }
- }
- }
-
- if(!$update_mod && $new_mod_status)
- {
- $valid_auth_mod_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . "
- (forum_id, group_id, auth_mod)
- VALUES ($this_forum_id, $group_id, $new_mod_status)";
- $update_mod = TRUE;
- }
- }
- }
-
- //
- // Private/ACL control
- //
- while(list($prv_forum_id, $new_prv_ary) = @each($change_prv_list))
- {
- if($prv_forum_id == $this_forum_id && empty($valid_auth_mod_sql[$this_forum_id]) )
- {
- for($j = 0; $j < count($g_access); $j++)
- {
- if($g_access[$j]['forum_id'] == $this_forum_id)
- {
- $is_single_user = $u_access[$j]['group_single_user'];
-
- if(!$is_single_user)
- {
- $valid_auth_prv_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . " SET ";
- }
-
- $is_all_zeroed = FALSE;
- $warned = FALSE;
-
- //
- // Step through all auth fields
- //
- @reset($new_prv_ary);
- while( list($this_prv_field, $new_prv_status) = each($new_prv_ary) )
- {
- //
- // Is this field set to ACL?
- //
- $cur_prv_status = $g_access[$j][$this_prv_field];
-
- if($cur_prv_status == $new_prv_status && !$is_single_user)
- {
- //
- // No need to update so set update to true
- //
- $update_acl = TRUE;
- }
- else if( ( $cur_prv_status || $g_access[$j]['auth_mod'] ) && !$new_prv_status && $is_single_user && !$warned)
- {
- //
- // user can mod via group auth, we'll warn
- // the admin but carry out the op anyway if reqd.
- //
- $warning_prv_userid[$this_forum_id][] = $g_access[$j]['user_id'];
- $warning_prv_username[$this_forum_id][] = $g_access[$j]['username'];
- $warning_prv_frmname[$this_forum_id][] = $forum_access[$i]['forum_name'];
- $warned = TRUE;
- }
- else if($cur_prv_status != $new_prv_status && !$is_single_user)
- {
- if( $valid_auth_prv_sql_val != "")
- {
- $valid_auth_prv_sql_val .= ", ";
- }
- $valid_auth_prv_sql_val .= "$this_prv_field = $new_prv_status";
-
- $update_acl = TRUE;
-
- if(!$new_prv_status)
- {
- $is_all_zeroed = TRUE;
- }
- }
- }
-
- if(!$is_single_user)
- {
- if(!$is_all_zeroed)
- {
- $valid_auth_prv_sql[$this_forum_id] .= $valid_auth_prv_sql_val . " WHERE forum_id = $this_forum_id AND group_id = $group_id";
- }
- else
- {
- $valid_auth_prv_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . "
- WHERE forum_id = $this_forum_id
- AND group_id = $group_id";
- }
- }
- $valid_auth_prv_sql_val = "";
- }
- }
-
- if(!$update_acl)
- {
- //
- // Step through all auth fields
- //
- $all_zeroed = TRUE;
-
- @reset($new_prv_ary);
- while( list($this_prv_field, $new_prv_status) = each($new_prv_ary) )
- {
- //
- // Is this field set to ACL?
- //
- if( $valid_auth_prv_sql_fld != "" )
- {
- $valid_auth_prv_sql_fld .= ", ";
- }
-
- if( $valid_auth_prv_sql_val != "" )
- {
- $valid_auth_prv_sql_val .= ", ";
- }
- $valid_auth_prv_sql_fld .= "$this_prv_field";
- $valid_auth_prv_sql_val .= "$new_prv_status";
-
- if($new_prv_status)
- {
- $all_zeroed = FALSE;
- }
- }
-
- if(!$all_zeroed)
- {
- $valid_auth_prv_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $valid_auth_prv_sql_fld) VALUES ($this_forum_id, $group_id, $valid_auth_prv_sql_val)";
- }
-
- $update_acl = TRUE;
- }
- }
- }
- }
-
- //
- // Checks complete, make updates to DB
- //
- while( list($chg_forum_id, $sql) = @each($valid_auth_mod_sql) )
- {
- if( !empty($sql) )
- {
- if( !$result = $db->sql_query($sql) )
- {
- // Error ...
- }
- }
- }
-
- while( list($chg_forum_id, $sql) = @each($valid_auth_prv_sql) )
- {
- if( !empty($sql) )
- {
- if( !$result = $db->sql_query($sql) )
- {
- // Error ...
- }
- }
- }
-
- //
- // Any warnings?
- //
- $warning_list_mod = "";
- while( list($forum_id, $user_ary) = @each($warning_mod_userid) )
- {
- for($i = 0; $i < count($user_ary); $i++)
- {
- if( !empty($valid_auth_mod_sql[$forum_id]) )
- {
- $warning_list_mod .= "<br /><a href=\"" . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_ary[$i]) . "\">" . $warning_mod_username[$forum_id][$i] . "</a> -> " . $warning_mod_frmname[$forum_id][$i];
- }
- }
- }
-
- $warning_list_acl = "";
- while( list($forum_id, $user_ary) = @each($warning_prv_userid) )
- {
- for($i = 0; $i < count($user_ary); $i++)
- {
- if( !empty($valid_auth_prv_sql[$forum_id]) )
- {
- $warning_list_acl .= "<br /><a href=\"" . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_ary[$i]) . "\">" . $warning_prv_username[$forum_id][$i] . "</a> -> " . $warning_prv_frmname[$forum_id][$i];
- }
- }
- }
-
- $warning_list = "";
- if( $warning_list_mod != "" )
- {
- $warning_list .= $lang['Conflict_mod_groupauth'] . "<br />" . $warning_list_mod;
- }
- if( $warning_list_acl != "" )
- {
- $warning_list .= $lang['Conflict_access_groupauth'] . "<br />" . $warning_list_acl;
- }
-
- if( $warning_list != "" )
- {
- $message = $warning_list . "<br /><br />" . sprintf($lang['Click_return_groupauth'], "<a href=\"" . append_sid("admin_groupauth.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
-
- message_die(GENERAL_MESSAGE, $message);
- }
- else
- {
- $message = $lang['Auth_updated'] . "<br /><br />" . sprintf($lang['Click_return_groupauth'], "<a href=\"" . append_sid("admin_groupauth.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
-
- message_die(GENERAL_MESSAGE, $message);
- }
-
-}
-else if( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) )
-{
- //
- // Front end
- //
- $group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
- $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
-
- include('page_header_admin.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "admin/auth_ug_body.tpl")
- );
-
- $sql = "SELECT f.*
- FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
- WHERE c.cat_id = f.cat_id
- ORDER BY c.cat_order ASC, f.forum_order ASC";
- $fa_result = $db->sql_query($sql);
-
- $forum_access = $db->sql_fetchrowset($fa_result);
-
- if( empty($adv) )
- {
- for($i = 0; $i < count($forum_access); $i++)
- {
- while(list($forum_id, $forum_row) = each($forum_access))
- {
- $forum_auth_level[$forum_row['forum_id']] = AUTH_ALL;
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- if($forum_row[$forum_auth_fields[$j]] == AUTH_ACL)
- {
- $forum_auth_level[$forum_row['forum_id']] = AUTH_ACL;
- $forum_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j];
- }
- }
- }
- }
- }
-
- $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user
- FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
- WHERE g.group_id = $group_id
- AND ug.group_id = g.group_id
- AND u.user_id = ug.user_id
- ORDER BY u.username";
- $g_result = $db->sql_query($sql);
- $groupinf = $db->sql_fetchrowset($g_result);
-
- $sql = "SELECT aa.*
- FROM " . AUTH_ACCESS_TABLE . " aa, " . GROUPS_TABLE. " g
- WHERE g.group_id = $group_id
- AND aa.group_id = g.group_id
- AND g.group_single_user = 0";
- $ag_result = $db->sql_query($sql);
-
- $num_g_access = $db->sql_numrows($ag_result);
-
- if($num_g_access)
- {
- while($g_row = $db->sql_fetchrow($ag_result))
- {
- $g_access[$g_row['forum_id']][] = $g_row;
- $num_forum_access[$g_row['forum_id']]++;
- }
- }
-
- $auth_group = array();
- for($i = 0; $i < count($forum_access); $i++)
- {
- $f_forum_id = $forum_access[$i]['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $key = $forum_auth_fields[$j];
- $value = $forum_access[$i][$key];
-
- switch($value)
- {
- case AUTH_ALL:
- $auth_group[$f_forum_id][$key] = 1;
- break;
-
- case AUTH_REG:
- $auth_group[$f_forum_id][$key] = 1;
- break;
-
- case AUTH_ACL:
- if($num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_group(AUTH_ACL, $key, $g_access[$f_forum_id], 0);
- $auth_group[$f_forum_id][$key] = $result['auth'];
- $auth_field_acl[$f_forum_id][$key] = $result['auth'];
- }
- else
- {
- $auth_group[$f_forum_id][$key] = 0;
- }
- break;
-
- case AUTH_MOD:
- if($num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_group(AUTH_MOD, $key, $g_access[$f_forum_id], 0);
- $auth_group[$f_forum_id][$key] = $result['auth'];
- }
- else
- {
- $auth_group[$f_forum_id][$key] = 0;
- }
- break;
-
- case AUTH_ADMIN:
- $auth_group[$f_forum_id][$key] = 0;
- break;
-
- default:
- $auth_group[$f_forum_id][$key] = 0;
- break;
- }
- }
-
- //
- // Is user a moderator?
- //
- if($num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_group(AUTH_MOD, 'auth_mod', $g_access[$f_forum_id], 0);
- $auth_group[$f_forum_id]['auth_mod'] = $result['auth'];
- }
- else
- {
- $auth_group[$f_forum_id][$key] = 0;
- }
- }
-
- $i = 0;
- while(list($forumkey, $group_ary) = each($auth_group))
- {
- if( empty($adv) )
- {
- if($forum_auth_level[$forumkey] == AUTH_ACL)
- {
- $allowed = 1;
-
- for($j = 0; $j < count($forum_auth_level_fields[$forumkey]); $j++)
- {
- if( !$group_ary[$forum_auth_level_fields[$forumkey][$j]] )
- {
- $allowed = 0;
- }
- }
-
- $optionlist_acl = "<select name=\"private[$forumkey]\">";
-
- if( $group_ary['auth_mod'] )
- {
- $optionlist_acl .= "<option value=\"1\">" . $lang['Allowed_Access'] . "</option>";
- }
- else if( $allowed )
- {
- $optionlist_acl .= "<option value=\"1\" selected=\"selected\">" . $lang['Allowed_Access'] . "</option><option value=\"0\">". $lang['Disallowed_Access'] . "</option>";
- }
- else
- {
- $optionlist_acl .= "<option value=\"1\">" . $lang['Allowed_Access'] . "</option><option value=\"0\" selected=\"selected\">". $lang['Disallowed_Access'] . "</option>";
- }
-
- $optionlist_acl .= "</select>";
- }
- else
- {
- $optionlist_acl = "&nbsp;";
- }
- }
- else
- {
- @reset($forum_access);
- while(list($key, $forum_row) = each($forum_access))
- {
- $forum_id = $forum_row['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $field_name = $forum_auth_fields[$j];
-
- if( $forum_row[$field_name] == AUTH_ACL )
- {
- $optionlist_acl_adv[$forum_id][$j] = "<select name=\"" . $field_name . "[$forum_id]\">";
-
- if( isset($auth_field_acl[$forum_id][$field_name]) && !$group_ary['auth_mod'] )
- {
- if(!$auth_field_acl[$forum_id][$field_name])
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['OFF'] . "</option>";
- }
- else
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\" selected=\"selected\">" . $lang['ON'] . "</option><option value=\"0\">" . $lang['OFF'] . "</option>";
- }
- }
- else
- {
- if( $group_ary['auth_mod'] )
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option>";
- }
- else
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['OFF'] . "</option>";
- }
- }
-
- $optionlist_acl_adv[$forum_id][$j] .= "</select>";
-
- }
- }
- }
- }
-
- $optionlist_mod = "<select name=\"moderator[$forumkey]\">";
- if($group_ary['auth_mod'])
- {
- $optionlist_mod .= "<option value=\"1\" selected=\"selected\">" . $lang['Is_Moderator'] . "</option><option value=\"0\">" . $lang['Not_Moderator'] . "</option>";
- }
- else
- {
- $optionlist_mod .= "<option value=\"1\">" . $lang['Is_Moderator'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['Not_Moderator'] . "</option>";
- }
- $optionlist_mod .= "</select>";
-
- $row_class = ( !($i%2) ) ? "row2" : "row1";
- $row_color = ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'];
-
- $template->assign_block_vars("forums", array(
- "ROW_COLOR" => "#" . $row_color,
- "ROW_CLASS" => $row_class,
- "FORUM_NAME" => $forum_access[$i]['forum_name'],
-
- "U_FORUM_AUTH" => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']),
-
- "S_MOD_SELECT" => $optionlist_mod)
- );
-
- if(!$adv)
- {
- $template->assign_block_vars("forums.aclvalues", array(
- "S_ACL_SELECT" => $optionlist_acl)
- );
- }
- else
- {
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $template->assign_block_vars("forums.aclvalues", array(
- "S_ACL_SELECT" => $optionlist_acl_adv[$forumkey][$j])
- );
- }
- }
-
- $i++;
- }
- @reset($auth_group);
-
- $username = array();
- $user_id = array();
- for($i = 0; $i < count($groupinf); $i++)
- {
- $username[] = $groupinf[$i]['username'];
- $user_id[] = $groupinf[$i]['user_id'];
- }
-
- $t_groupname .= $groupinf[0]['group_name'];
-
- if(count($username))
- {
- $t_usergroup_list = "";
- for($i = 0; $i < count($username); $i++)
- {
- $t_usergroup_list .= "<a href=\"" . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id[$i]) . "\">" . $username[$i] . "</a>";
- if($i < count($username) - 1)
- {
- $t_usergroup_list .= ", ";
- }
- }
- }
- else
- {
- $t_usergroup_list = $lang['None'];
- }
-
- $s_hidden_fields = "<input type=\"hidden\" name=\"" . POST_GROUPS_URL . "\" value=\"$group_id\">";
-
- $s_column_span = 2; // Two columns always present
- if(!$adv)
- {
- $template->assign_block_vars("acltype", array(
- "L_UG_ACL_TYPE" => $lang['Simple_Permission'])
- );
- $s_column_span++;
- }
- else
- {
- for($i = 0; $i < count($forum_auth_fields); $i++)
- {
- $cell_title = $field_names[$forum_auth_fields[$i]];
-
- $template->assign_block_vars("acltype", array(
- "L_UG_ACL_TYPE" => $cell_title)
- );
- $s_column_span++;
- }
- }
-
- $switch_mode = "admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id . "&adv=";
- $switch_mode .= ( !$adv ) ? "1" : "0";
- $switch_mode_text = ( !$adv ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
- $u_switch_mode = '<a href="' . append_sid($switch_mode) . '">' . $switch_mode_text . '</a>';
-
- $template->assign_block_vars("switch_group_auth", array());
-
- $template->assign_vars(array(
- "USERNAME" => $t_groupname,
- "GROUP_MEMBERSHIP" => $lang['Usergroup_members'] . ": " . $t_usergroup_list,
-
- "L_USER_OR_GROUPNAME" => $lang['Group_name'],
- "L_AUTH_TITLE" => $lang['Auth_Control_Group'],
- "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
- "L_MODERATOR_STATUS" => $lang['Moderator_status'],
- "L_PERMISSIONS" => $lang['Permissions'],
- "L_SUBMIT" => $lang['Submit'],
- "L_RESET" => $lang['Reset'],
-
- "U_USER_OR_GROUP" => append_sid("admin_groupauth.$phpEx"),
- "U_SWITCH_MODE" => $u_switch_mode,
-
- "S_COLUMN_SPAN" => $s_column_span,
- "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
- "S_HIDDEN_FIELDS" => $s_hidden_fields)
- );
-}
-else
-{
- //
- // Default user selection box
- //
- // This should be altered on the final system
- //
-
- $sql = "SELECT group_id, group_name
- FROM " . GROUPS_TABLE . "
- WHERE group_single_user <> " . TRUE;
- $g_result = $db->sql_query($sql);
- $group_list = $db->sql_fetchrowset($g_result);
-
- $select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
- for($i = 0; $i < count($group_list); $i++)
- {
- $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
- }
- $select_list .= "</select>";
-
- include('page_header_admin.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "admin/auth_select_body.tpl")
- );
-
- $template->assign_vars(array(
- "L_AUTH_TITLE" => $lang['Auth_Control_Group'],
- "L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
- "L_AUTH_SELECT" => $lang['Select_a_Group'],
- "L_LOOK_UP" => $lang['Look_up_Group'],
-
- "S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
- "S_AUTH_SELECT" => $select_list)
- );
-}
-
-$template->pparse("body");
-
-include('page_footer_admin.'.$phpEx);
-
-?>
diff --git a/phpBB/admin/admin_userauth.php b/phpBB/admin/admin_userauth.php
deleted file mode 100644
index 6c34400b7b..0000000000
--- a/phpBB/admin/admin_userauth.php
+++ /dev/null
@@ -1,988 +0,0 @@
-<?php
-/***************************************************************************
- * admin_userauth.php
- * -------------------
- * begin : Saturday, Feb 13, 2001
- * copyright : (C) 2001 The phpBB Group
- * email : support@phpbb.com
- *
- * $Id$
- *
- *
- ***************************************************************************/
-
-/***************************************************************************
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- ***************************************************************************/
-
-if( !empty($setmodules) )
-{
- $filename = basename(__FILE__);
- $module['Users']['Permissions'] = $filename;
-
- return;
-}
-
-//
-// Load default header
-//
-$phpbb_root_dir = "./../";
-$no_page_header = TRUE;
-require('pagestart.inc');
-
-
-if( isset($HTTP_POST_VARS[POST_USERS_URL]) || isset($HTTP_GET_VARS[POST_USERS_URL]) )
-{
- $user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL];
-}
-else
-{
- $user_id = "";
-}
-
-
-//
-// Start program - define vars
-//
-$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_vote", "auth_pollcreate");
-
-$auth_field_match = array(
- "auth_view" => AUTH_VIEW,
- "auth_read" => AUTH_READ,
- "auth_post" => AUTH_POST,
- "auth_reply" => AUTH_REPLY,
- "auth_edit" => AUTH_EDIT,
- "auth_delete" => AUTH_DELETE,
- "auth_sticky" => AUTH_STICKY,
- "auth_announce" => AUTH_ANNOUNCE,
- "auth_vote" => AUTH_VOTE,
- "auth_pollcreate" => AUTH_POLLCREATE);
-
-$field_names = array(
- "auth_view" => $lang['View'],
- "auth_read" => $lang['Read'],
- "auth_post" => $lang['Post'],
- "auth_reply" => $lang['Reply'],
- "auth_edit" => $lang['Edit'],
- "auth_delete" => $lang['Delete'],
- "auth_sticky" => $lang['Sticky'],
- "auth_announce" => $lang['Announce'],
- "auth_vote" => $lang['Vote'],
- "auth_pollcreate" => $lang['Pollcreate']);
-
-// ---------------
-// Start Functions
-//
-function a_auth_check_user($type, $key, $u_auth, $is_admin)
-{
-
- $single_user = 0;
- $auth_user = array();
-
- while( list($entry, $u_ary) = each($u_auth) )
- {
- if(!$single_user)
- {
- $single_user = $u_ary['group_single_user'];
-
- $result = 0;
- switch($type)
- {
- case AUTH_ACL:
- $result = $u_ary[$key];
-
- case AUTH_MOD:
- $result = $result || $u_ary['auth_mod'];
-
- case AUTH_ADMIN:
- $result = $result || $is_admin;
- break;
- }
-
- $auth_user['auth'] = $auth_user || $result;
-
- }
- $auth_user['single_group'] = ($single_user) ? "single" : "group";
-
- }
-
- return $auth_user;
-}
-//
-// End Functions
-// -------------
-
-
-//
-//
-//
-if( isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]) )
-{
- $user_id = intval($HTTP_POST_VARS[POST_USERS_URL]);
- $adv = ( isset($HTTP_POST_VARS['adv']) ) ? TRUE : 0;
-
- //
- // This is where things become fun ...
- //
-
- //
- // Get group_id for this user_id
- //
- $sql = "SELECT ug.group_id, u.user_level
- FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u, " . GROUPS_TABLE . " g
- WHERE u.user_id = $user_id
- AND ug.user_id = u.user_id
- AND g.group_id = ug.group_id
- AND g.group_single_user = " . TRUE;
- if( !($result = $db->sql_query($sql)) || $db->sql_numrows($result) != 1)
- {
- message_die(GENERAL_ERROR, "Couldn't select info from user/user_group table", "", __LINE__, __FILE__, $sql);
- }
- $ug_info = $db->sql_fetchrow($result);
-
- //
- // Carry out requests
- //
- if( $HTTP_POST_VARS['userlevel'] == "user" && $ug_info['user_level'] == ADMIN )
- {
- //
- // Make admin a user (if already admin)
- //
- if( $userdata['user_id'] != $user_id )
- {
- //
- // Delete any entries granting in auth_access
- //
- $sql = "UPDATE " . AUTH_ACCESS_TABLE . "
- SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
- WHERE group_id = " . $ug_info['group_id'];
- if(!$result = $db->sql_query($sql))
- {
- message_die(GENERAL_ERROR, "Couldn't update auth access", "", __LINE__, __FILE__, $sql);
- }
-
- //
- // Update users level, reset to USER
- //
- $sql = "UPDATE " . USERS_TABLE . "
- SET user_level = " . USER . "
- WHERE user_id = $user_id";
- if(!$result = $db->sql_query($sql))
- {
- message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
- }
- }
-
- header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id", true));
-
- }
- else if( $HTTP_POST_VARS['userlevel'] == "admin" && $ug_info['user_level'] != ADMIN )
- {
-
- //
- // Make user an admin (if already user)
- //
- $sql = "UPDATE " . USERS_TABLE . "
- SET user_level = " . ADMIN . "
- WHERE user_id = $user_id";
- if( !$result = $db->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
- }
-
- // Delete any entries in auth_access, they
- // are not required if user is becoming an
- // admin
- //
- $sql = "UPDATE " . AUTH_ACCESS_TABLE . "
- SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
- WHERE group_id = " . $ug_info['group_id'];
- if( !$result = $db->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, "Couldn't update auth access", "", __LINE__, __FILE__, $sql);
- }
-
- $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
- WHERE group_id = " . $ug_info['group_id'] . "
- AND auth_mod = 0";
- if( !$result = $db->sql_query($sql) )
- {
- message_die(GENERAL_ERROR, "Couldn't delete auth access info", "", __LINE__, __FILE__, $sql);
- }
-
- header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id", true));
- }
- else
- {
- //
- // Pull all the auth/group
- // for this user
- //
- $sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_sticky, aa.auth_announce, aa.auth_vote, aa.auth_pollcreate, aa.auth_mod, g.group_single_user, g.group_id, g.group_name
- FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
- WHERE ug.user_id = $user_id
- AND g.group_id = ug.group_id
- AND aa.group_id = ug.group_id";
- $au_result = $db->sql_query($sql);
-
- if( $num_u_access = $db->sql_numrows($au_result) )
- {
- $u_access = $db->sql_fetchrowset($au_result);
- }
-
- $sql = "SELECT f.forum_id, f.forum_name, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_vote, f.auth_pollcreate
- FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
- WHERE c.cat_id = f.cat_id
- ORDER BY c.cat_order ASC, f.forum_order ASC";
- $fa_result = $db->sql_query($sql);
-
- $forum_access = $db->sql_fetchrowset($fa_result);
-
- $change_prv_list = array();
-
- $change_mod_ary = (isset($HTTP_POST_VARS['moderator'])) ? $HTTP_POST_VARS['moderator'] : array();
-
- for($i = 0; $i < count($forum_access); $i++)
- {
- $forum_id = $forum_access[$i]['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $field = $forum_auth_fields[$j];
-
- if( isset($HTTP_POST_VARS['private']) )
- {
- if( $forum_access[$i][$field] == AUTH_ACL )
- {
- if( isset($HTTP_POST_VARS['private'][$forum_id]) )
- {
- $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS['private'][$forum_id];
- }
- }
- }
- else
- {
- if( isset($HTTP_POST_VARS[$field][$forum_id]) )
- {
- $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS[$field][$forum_id];
- }
- }
- }
- }
-
- //
- // The data above lists access and moderator permissions
- // for this user given by all the groups they belong to.
- // These values must be checked against those requested
- // by the admin and where necessary the admin is
- // informed of problems. For example, if a group the user
- // belongs to already grants the user moderator status
- // then the user won't have moderator status enabled.
- // If the user has a group entry preventing access to a
- // forum then again, we must warn the admin that giving
- // the user access goes against the group permissions
- // (although in this case we'll go ahead and add the user)
- //
-
- //
- //
- //
- $warning_mod_grpid = array();
- $warning_mod_grpname = array();
- $warning_mod_frmname = array();
- $valid_auth_mod_sql = array();
-
- $warning_prv_grpid = array();
- $warning_prv_grpname = array();
- $warning_prv_frmname = array();
- $valid_auth_prv_sql = array();
-
- for($i = 0; $i < count($forum_access); $i++)
- {
- $this_forum_id = $forum_access[$i]['forum_id'];
-
- $update_mod = FALSE;
- $update_acl = FALSE;
-
- $valid_auth_mod_sql_val = "";
- $valid_auth_prv_sql_fld = "";
- $valid_auth_prv_sql_val = "";
-
- @reset($change_mod_ary);
- @reset($change_prv_list);
-
- //
- // Moderator control
- //
- while( list($mod_forum_id, $new_mod_status) = @each($change_mod_ary) )
- {
- if( $mod_forum_id == $this_forum_id )
- {
- for($j = 0; $j < count($u_access); $j++)
- {
- if( $u_access[$j]['forum_id'] == $this_forum_id )
- {
- $cur_mod_status = $u_access[$j]['auth_mod'];
- $is_single_user = $u_access[$j]['group_single_user'];
-
- if( $cur_mod_status == $new_mod_status && $is_single_user )
- {
- //
- // No need to update so set update to true
- //
- $update_mod = TRUE;
- }
- else if( $cur_mod_status && !$new_mod_status && !$is_single_user )
- {
- //
- // user can mod via group auth, we'll warn
- // the admin but carry out the op anyway if reqd.
- //
- $warning_mod_grpid[$this_forum_id][] = $u_access[$j]['group_id'];
- $warning_mod_grpname[$this_forum_id][] = $u_access[$j]['group_name'];
- $warning_mod_frmname[$this_forum_id][] = $forum_access[$i]['forum_name'];
- }
- else if( $cur_mod_status != $new_mod_status && $is_single_user )
- {
- if( $new_mod_status )
- {
- $valid_auth_mod_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . "
- SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0, auth_vote = 0, auth_pollcreate = 0, auth_mod = $new_mod_status
- WHERE forum_id = $this_forum_id
- AND group_id = " . $ug_info['group_id'];
- }
- else
- {
- $valid_auth_mod_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . "
- WHERE forum_id = $this_forum_id
- AND group_id = " . $ug_info['group_id'];
- }
- $update_mod = TRUE;
- }
- }
- }
-
- if( !$update_mod && $new_mod_status )
- {
- $valid_auth_mod_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . "
- (forum_id, group_id, auth_mod)
- VALUES ($this_forum_id, " . $ug_info['group_id'] . ", $new_mod_status)";
- $update_mod = TRUE;
- }
- }
- }
-
- //
- // Private/ACL control
- //
- while( list($prv_forum_id, $new_prv_ary) = @each($change_prv_list) )
- {
- if( $prv_forum_id == $this_forum_id && empty($valid_auth_mod_sql[$this_forum_id]) )
- {
- for($j = 0; $j < count($u_access); $j++)
- {
- if( $u_access[$j]['forum_id'] == $this_forum_id )
- {
- $is_single_user = $u_access[$j]['group_single_user'];
-
- if($is_single_user)
- {
- $valid_auth_prv_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . " SET ";
- }
-
- $is_all_zeroed = FALSE;
- $warned = FALSE;
-
- //
- // Step through all auth fields
- //
- @reset($new_prv_ary);
- while( list($this_prv_field, $new_prv_status) = @each($new_prv_ary) )
- {
- //
- // Is this field set to ACL?
- //
- $cur_prv_status = $u_access[$j][$this_prv_field];
-
- if($cur_prv_status == $new_prv_status && $is_single_user)
- {
- //
- // No need to update so set update to true
- //
- $update_acl = TRUE;
- }
- else if( ( $cur_prv_status || $u_access[$j]['auth_mod'] ) && !$new_prv_status && !$is_single_user && !$warned )
- {
- //
- // user can mod via group auth, we'll warn
- // the admin but carry out the op anyway if reqd.
- //
- $warning_prv_grpid[$this_forum_id][] = $u_access[$j]['group_id'];
- $warning_prv_grpname[$this_forum_id][] = $u_access[$j]['group_name'];
- $warning_prv_frmname[$this_forum_id][] = $forum_access[$i]['forum_name'];
- $warned = TRUE;
- }
- else if( $cur_prv_status != $new_prv_status && $is_single_user )
- {
- if( $valid_auth_prv_sql_val != "")
- {
- $valid_auth_prv_sql_val .= ", ";
- }
- $valid_auth_prv_sql_val .= "$this_prv_field = $new_prv_status";
-
- $update_acl = TRUE;
-
- if(!$new_prv_status)
- {
- $is_all_zeroed = TRUE;
- }
- }
- }
-
- if( $is_single_user )
- {
- if( !$is_all_zeroed )
- {
- $valid_auth_prv_sql[$this_forum_id] .= $valid_auth_prv_sql_val . " WHERE forum_id = $this_forum_id AND group_id = " . $ug_info['group_id'];
- }
- else
- {
- $valid_auth_prv_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . "
- WHERE forum_id = $this_forum_id
- AND group_id = " . $ug_info['group_id'];
- }
- }
- $valid_auth_prv_sql_val = "";
- }
- }
-
- if( !$update_acl )
- {
- //
- // Step through all auth fields
- //
- $all_zeroed = TRUE;
-
- @reset($new_prv_ary);
- while( list($this_prv_field, $new_prv_status) = @each($new_prv_ary) )
- {
- //
- // Is this field set to ACL?
- //
- if( $valid_auth_prv_sql_fld != "" )
- {
- $valid_auth_prv_sql_fld .= ", ";
- }
-
- if( $valid_auth_prv_sql_val != "" )
- {
- $valid_auth_prv_sql_val .= ", ";
- }
- $valid_auth_prv_sql_fld .= "$this_prv_field";
- $valid_auth_prv_sql_val .= "$new_prv_status";
-
- if($new_prv_status)
- {
- $all_zeroed = FALSE;
- }
- }
-
- if(!$all_zeroed)
- {
- $valid_auth_prv_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $valid_auth_prv_sql_fld) VALUES ($this_forum_id, " . $ug_info['group_id'] . ", $valid_auth_prv_sql_val)";
- }
-
- $update_acl = TRUE;
- }
- }
- }
- }
-
- //
- // Checks complete, make updates to DB
- //
- while( list($chg_forum_id, $sql) = each($valid_auth_mod_sql) )
- {
- if( !empty($sql) )
- {
- if( !$result = $db->sql_query($sql) )
- {
- // Error ...
- }
- }
- }
-
- while( list($chg_forum_id, $sql) = each($valid_auth_prv_sql) )
- {
- if( !empty($sql) )
- {
- if( !$result = $db->sql_query($sql) )
- {
- // Error ...
- }
- }
- }
-
- //
- // Any warnings?
- //
- $warning_list_mod = "";
- while( list($forum_id, $group_ary) = each($warning_mod_grpid) )
- {
- for($i = 0; $i < count($group_ary); $i++)
- {
- if(!empty($valid_auth_mod_sql[$forum_id]))
- {
- $warning_list_mod .= "<br /><a href=\"" . append_sid("admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_ary[$i]) . "\">" . $warning_mod_grpname[$forum_id][$i] . "</a> -> " . $warning_mod_frmname[$forum_id][$i];
- }
- }
- }
-
- $warning_list_acl = "";
- while( list($forum_id, $group_ary) = each($warning_prv_grpid) )
- {
- for($i = 0; $i < count($group_ary); $i++)
- {
- if( !empty($valid_auth_prv_sql[$forum_id]) )
- {
- $warning_list_acl .= "<br /><a href=\"" . append_sid("admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_ary[$i]) . "\">" . $warning_prv_grpname[$forum_id][$i] . "</a> -> " . $warning_prv_frmname[$forum_id][$i];
- }
- }
- }
-
- $warning_list = "";
- if( $warning_list_mod != "" )
- {
- $warning_list .= $lang['Conflict_mod_groupauth'] . "<br />" . $warning_list_mod;
- }
- if( $warning_list_acl != "" )
- {
- $warning_list .= $lang['Conflict_access_groupauth'] . "<br />" . $warning_list_acl;
- }
-
- if( $warning_list != "" )
- {
- $message = $warning_list . "<br /><br />" . sprintf($lang['Click_return_userauth'], "<a href=\"" . append_sid("admin_userauth.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
-
- message_die(GENERAL_MESSAGE, $message);
- }
- else
- {
- $message = $lang['Auth_updated'] . "<br /><br />" . sprintf($lang['Click_return_userauth'], "<a href=\"" . append_sid("admin_userauth.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
-
- message_die(GENERAL_MESSAGE, $message);
- }
- }
-}
-else if( isset($HTTP_POST_VARS['username']) || $user_id)
-{
- if( isset($HTTP_POST_VARS['username']) )
- {
- $this_userdata = get_userdata($HTTP_POST_VARS['username']);
- if( !is_array($this_userdata) )
- {
- message_die(GENERAL_MESSAGE, $lang['No_such_user']);
- }
- $user_id = $this_userdata['user_id'];
- }
-
- //
- // Front end
- //
- $adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
-
- include('page_header_admin.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "admin/auth_ug_body.tpl")
- );
-
- $sql = "SELECT f.*
- FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
- WHERE c.cat_id = f.cat_id
- ORDER BY c.cat_order ASC, f.forum_order ASC";
- $fa_result = $db->sql_query($sql);
-
- $forum_access = $db->sql_fetchrowset($fa_result);
-
- if( empty($adv) )
- {
- for($i = 0; $i < count($forum_access); $i++)
- {
- while(list($forum_id, $forum_row) = each($forum_access))
- {
- $forum_auth_level[$forum_row['forum_id']] = AUTH_ALL;
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- if($forum_row[$forum_auth_fields[$j]] == AUTH_ACL)
- {
- $forum_auth_level[$forum_row['forum_id']] = AUTH_ACL;
- $forum_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j];
- }
- }
- }
- }
- }
-
- $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user
- FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
- WHERE u.user_id = $user_id
- AND ug.user_id = u.user_id
- AND g.group_id = ug.group_id";
- $u_result = $db->sql_query($sql);
- $userinf = $db->sql_fetchrowset($u_result);
-
- $sql = "SELECT aa.*
- FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
- WHERE ug.user_id = $user_id
- AND g.group_id = ug.group_id
- AND aa.group_id = ug.group_id
- AND g.group_single_user = " . TRUE;
- $au_result = $db->sql_query($sql);
-
- $num_u_access = $db->sql_numrows($au_result);
-
- if($num_u_access)
- {
- while($u_row = $db->sql_fetchrow($au_result))
- {
- $u_access[$u_row['forum_id']][] = $u_row;
- $num_forum_access[$u_row['forum_id']]++;
- }
- }
-
- $is_admin = ($userinf[0]['user_level'] == ADMIN && $userinf[0]['user_id'] != ANONYMOUS) ? 1 : 0;
-
- for($i = 0; $i < count($forum_access); $i++)
- {
- $f_forum_id = $forum_access[$i]['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $key = $forum_auth_fields[$j];
- $value = $forum_access[$i][$key];
-
- switch($value)
- {
- case AUTH_ALL:
- $auth_user[$f_forum_id][$key] = 1;
- break;
-
- case AUTH_REG:
- $auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? 1 : 0;
- break;
-
- case AUTH_ACL:
- if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin);
- $auth_user[$f_forum_id][$key] = $result['auth'];
- $auth_field_acl[$f_forum_id][$key] = $result['auth'];
- }
- else
- {
- $auth_user[$f_forum_id][$key] = 0;
- }
- break;
-
- case AUTH_MOD:
- if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_user(AUTH_MOD, $key, $u_access[$f_forum_id], $is_admin);
- $auth_user[$f_forum_id][$key] = $result['auth'];
- }
- else
- {
- $auth_user[$f_forum_id][$key] = 0;
- }
- break;
-
- case AUTH_ADMIN:
- $auth_user[$f_forum_id][$key] = $is_admin;
- break;
-
- default:
- $auth_user[$f_forum_id][$key] = 0;
- break;
- }
- }
-
- //
- // Is user a moderator?
- //
- if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
- {
- $result = a_auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], 0);
- $auth_user[$f_forum_id]['auth_mod'] = $result['auth'];
- }
- else
- {
- $auth_user[$f_forum_id][$key] = 0;
- }
- }
-
- $i = 0;
- while( list($forumkey, $user_ary) = @each($auth_user) )
- {
- if( empty($adv) )
- {
- if( $forum_auth_level[$forumkey] == AUTH_ACL )
- {
- $allowed = 1;
-
- for($j = 0; $j < count($forum_auth_level_fields[$forumkey]); $j++)
- {
- if( !$auth_user[$forumkey][$forum_auth_level_fields[$forumkey][$j]] )
- {
- $allowed = 0;
- }
- }
-
- $optionlist_acl = "<select name=\"private[$forumkey]\">";
-
- if( $is_admin || $user_ary['auth_mod'] )
- {
- $optionlist_acl .= "<option value=\"1\">" . $lang['Allowed_Access'] . "</option>";
- }
- else if( $allowed )
- {
- $optionlist_acl .= "<option value=\"1\" selected=\"selected\">" . $lang['Allowed_Access'] . "</option><option value=\"0\">". $lang['Disallowed_Access'] . "</option>";
- }
- else
- {
- $optionlist_acl .= "<option value=\"1\">" . $lang['Allowed_Access'] . "</option><option value=\"0\" selected=\"selected\">". $lang['Disallowed_Access'] . "</option>";
- }
-
- $optionlist_acl .= "</select>";
- }
- else
- {
- $optionlist_acl = "&nbsp;";
- }
- }
- else
- {
- @reset($forum_access);
- while( list($key, $forum_row) = @each($forum_access) )
- {
- $forum_id = $forum_row['forum_id'];
-
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $field_name = $forum_auth_fields[$j];
-
- if( $forum_row[$field_name] == AUTH_ACL )
- {
- $optionlist_acl_adv[$forum_id][$j] = "<select name=\"" . $field_name . "[$forum_id]\">";
-
- if( isset($auth_field_acl[$forum_id][$field_name]) && !($is_admin || $user_ary['auth_mod']) )
- {
- if( !$auth_field_acl[$forum_id][$field_name] )
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['OFF'] . "</option>";
- }
- else
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\" selected=\"selected\">" . $lang['ON'] . "</option><option value=\"0\">" . $lang['OFF'] . "</option>";
- }
- }
- else
- {
- if( $is_admin || $user_ary['auth_mod'] )
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option>";
- }
- else
- {
- $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">" . $lang['ON'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['OFF'] . "</option>";
- }
- }
-
- $optionlist_acl_adv[$forum_id][$j] .= "</select>";
-
- }
- }
- }
- }
-
- $optionlist_mod = "<select name=\"moderator[$forumkey]\">";
- if( $user_ary['auth_mod'] )
- {
- $optionlist_mod .= "<option value=\"1\" selected=\"selected\">" . $lang['Is_Moderator'] . "</option><option value=\"0\">" . $lang['Not_Moderator'] . "</option>";
- }
- else
- {
- $optionlist_mod .= "<option value=\"1\">" . $lang['Is_Moderator'] . "</option><option value=\"0\" selected=\"selected\">" . $lang['Not_Moderator'] . "</option>";
- }
- $optionlist_mod .= "</select>";
-
- $row_class = ( !($i%2) ) ? "row2" : "row1";
- $row_color = ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'];
-
- $template->assign_block_vars("forums", array(
- "ROW_COLOR" => "#" . $row_color,
- "ROW_CLASS" => $row_class,
- "FORUM_NAME" => $forum_access[$i]['forum_name'],
-
- "U_FORUM_AUTH" => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']),
-
- "S_MOD_SELECT" => $optionlist_mod)
- );
-
- if( !$adv )
- {
- $template->assign_block_vars("forums.aclvalues", array(
- "S_ACL_SELECT" => $optionlist_acl)
- );
- }
- else
- {
- for($j = 0; $j < count($forum_auth_fields); $j++)
- {
- $template->assign_block_vars("forums.aclvalues", array(
- "S_ACL_SELECT" => $optionlist_acl_adv[$forumkey][$j])
- );
- }
- }
-
- $i++;
- }
- @reset($auth_user);
-
- $t_username .= $userinf[0]['username'];
- $s_user_type = ($is_admin) ? '<select name="userlevel"><option value="admin" selected=\"selected\">' . $lang['Auth_Admin'] . '</option><option value="user">' . $lang['Auth_User'] . '</option></select>' : '<select name="userlevel"><option value="admin">' . $lang['Auth_Admin'] . '</option><option value="user" selected=\"selected\">' . $lang['Auth_User'] . '</option></select>';
-
- for($i = 0; $i < count($userinf); $i++)
- {
- if( !$userinf[$i]['group_single_user'] )
- {
- $group_name[] = $userinf[$i]['group_name'];
- $group_id[] = $userinf[$i]['group_id'];
- }
- }
-
- if( count($group_name) )
- {
- $t_usergroup_list = "";
- for($i = 0; $i < count($userinf); $i++)
- {
- $t_usergroup_list .= "<a href=\"" . append_sid("admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id[$i]) . "\">" . $group_name[$i] . "</a>";
- if($i < count($group_name) - 1)
- {
- $t_usergroup_list .= ", ";
- }
- }
- }
- else
- {
- $t_usergroup_list = "None";
- }
-
- $s_hidden_fields = "<input type=\"hidden\" name=\"" . POST_USERS_URL . "\" value=\"$user_id\" />";
- $s_hidden_fields .= "<input type=\"hidden\" name=\"curadmin\" value=\"" . $is_admin ."\" />";
-
- $s_column_span = 2; // Two columns always present
- if( !$adv )
- {
- $template->assign_block_vars("acltype", array(
- "L_UG_ACL_TYPE" => $lang['Simple_Permission'])
- );
- $s_column_span++;
- }
- else
- {
- for($i = 0; $i < count($forum_auth_fields); $i++)
- {
- $cell_title = $field_names[$forum_auth_fields[$i]];
-
- $template->assign_block_vars("acltype", array(
- "L_UG_ACL_TYPE" => $cell_title)
- );
- $s_column_span++;
- }
- }
-
- $adv_switch = ( empty($adv) ) ? 1 : 0;
- $switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=$adv_switch");
- $switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
- $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
-
- $template->assign_block_vars("switch_user_auth", array());
-
- $template->assign_vars(array(
- "USERNAME" => $t_username,
- "USER_LEVEL" => $lang['User_Level'] . " : " . $s_user_type,
- "USER_GROUP_MEMBERSHIPS" => $lang['Group_memberships'] . " : " . $t_usergroup_list,
-
- "L_USER_OR_GROUPNAME" => $lang['Username'],
- "L_USER_OR_GROUP" => $lang['User'],
-
- "L_AUTH_TITLE" => $lang['Auth_Control_User'],
- "L_AUTH_EXPLAIN" => $lang['User_auth_explain'],
- "L_MODERATOR_STATUS" => $lang['Moderator_status'],
- "L_PERMISSIONS" => $lang['Permissions'],
- "L_SUBMIT" => $lang['Submit'],
- "L_RESET" => $lang['Reset'],
- "L_MODERATOR_STATUS" => $lang['Moderator_status'],
-
- "U_USER_OR_GROUP" => append_sid("admin_userauth.$phpEx"),
- "U_SWITCH_MODE" => $u_switch_mode,
-
- "S_COLUMN_SPAN" => $s_column_span,
- "S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),
- "S_HIDDEN_FIELDS" => $s_hidden_fields)
- );
-
-}
-else
-{
- //
- // Default user selection box
- //
- // This should be altered on the final system
- //
-
- $sql = "SELECT user_id, username
- FROM " . USERS_TABLE . "
- WHERE user_id <> " . ANONYMOUS;
- $u_result = $db->sql_query($sql);
- $user_list = $db->sql_fetchrowset($u_result);
-
- $select_list = "<select name=\"" . POST_USERS_URL . "\">";
- for($i = 0; $i < count($user_list); $i++)
- {
- $select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
- }
- $select_list .= "</select>";
-
- include('page_header_admin.'.$phpEx);
-
- $template->set_filenames(array(
- "body" => "admin/user_select_body.tpl")
- );
-
- $template->assign_vars(array(
- "L_USER_TITLE" => $lang['Auth_Control_User'],
- "L_USER_EXPLAIN" => $lang['User_auth_explain'],
- "L_USER_SELECT" => $lang['Select_a_User'],
- "L_LOOK_UP" => $lang['Look_up_User'],
- "L_FIND_USERNAME" => $lang['Find_username'],
-
- "U_SEARCH_USER" => append_sid("../search.$phpEx?mode=searchuser"),
-
- "S_USER_ACTION" => append_sid("admin_userauth.$phpEx"))
- );
-
-}
-
-$template->pparse("body");
-
-include('page_footer_admin.'.$phpEx);
-
-?>