diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-05-31 23:14:15 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-05-31 23:14:15 +0000 |
| commit | 3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d (patch) | |
| tree | 2ed595cf3de5f9a84c39a13b15f01f2980bae6bd | |
| parent | eec6b08295f7fbf3622713e63ccc0db9ee0a4ab9 (diff) | |
| download | forums-3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d.tar forums-3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d.tar.gz forums-3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d.tar.bz2 forums-3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d.tar.xz forums-3238631c1f9d84e3ae0c37ad5bf3c0c2ccd09a9d.zip | |
More changes ... admin level now set in phpbb_users rather than via auth system
git-svn-id: file:///svn/phpbb/trunk@397 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/includes/auth.php | 85 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 54 | ||||
| -rw-r--r-- | phpBB/viewforum.php | 18 | ||||
| -rw-r--r-- | phpBB/viewtopic.php | 17 |
4 files changed, 87 insertions, 87 deletions
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 146711ee11..0dd68ae860 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -23,6 +23,9 @@ ***************************************************************************/ /* + $type's accepted (eventually!): + VIEW, READ, POST, REPLY, EDIT, DELETE, VOTE, VOTECREATE, MOD, ADMIN + Possible options to send to auth (not all are functional yet!): * If you include a type then a specific lookup will @@ -56,40 +59,40 @@ function auth($type, $forum_id, $userdata, $f_access = -1) switch($type) { - case ALL: - $a_sql = "auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_votecreate, auth_vote"; + case AUTH_ALL: + $a_sql = "aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote"; $auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_votecreate", "auth_vote"); break; - case VIEW: - $a_sql = "auth_view"; + case AUTH_VIEW: + $a_sql = "aa.auth_view"; $auth_fields = array("auth_view"); break; - case READ: - $a_sql = "auth_read"; + case AUTH_READ: + $a_sql = "aa.auth_read"; $auth_fields = array("auth_read"); break; - case POST: - $a_sql = "auth_post"; + case AUTH_POST: + $a_sql = "aa.auth_post"; $auth_fields = array("auth_post"); break; - case REPLY: - $a_sql = "auth_reply"; + case AUTH_REPLY: + $a_sql = "aa.auth_reply"; $auth_fields = array("auth_reply"); break; - case EDIT: - $a_sql = "auth_edit"; + case AUTH_EDIT: + $a_sql = "aa.auth_edit"; $auth_fields = array("auth_edit"); break; - case DELETE: - $a_sql = "auth_delete"; + case AUTH_DELETE: + $a_sql = "aa.auth_delete"; $auth_fields = array("auth_delete"); break; - case VOTECREATE: - $a_sql = "auth_votecreate"; + case AUTH_VOTECREATE: + $a_sql = "aa.auth_votecreate"; $auth_fields = array("auth_votecreate"); break; - case VOTE: - $a_sql = "auth_vote"; + case AUTH_VOTE: + $a_sql = "aa.auth_vote"; $auth_fields = array("auth_vote"); break; default: @@ -102,15 +105,15 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // then we need to pull the auth information // on the given forum (or all forums) // - if($f_access == -1 || $forum_id == LIST_ALL) + if(($f_access == -1 && $type != AUTH_MOD) || $forum_id == AUTH_LIST_ALL) { - $forum_match_sql = ($forum_id != LIST_ALL) ? "WHERE forum_id = $forum_id" : ""; + $forum_match_sql = ($forum_id != LIST_ALL) ? "WHERE aa.forum_id = $forum_id" : ""; $sql = "SELECT $a_sql - FROM ".AUTH_FORUMS_TABLE." + FROM ".AUTH_FORUMS_TABLE." aa $forum_match_sql"; $af_result = $db->sql_query($sql); - if($forum_id != LIST_ALL) + if($forum_id != AUTH_LIST_ALL) { $f_access = $db->sql_fetchrow($af_result); } @@ -128,13 +131,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // they're good to go, if not then they // are denied access // - if(!$userdata['session_logged_in']) + if(!$userdata['session_logged_in'] && $type != AUTH_MOD) { - if($forum_id != LIST_ALL) + if($forum_id != AUTH_LIST_ALL) { for($i = 0; $i < count($f_access); $i++) { - $auth_user[$auth_fields[$i]] = ($f_access[$auth_fields[$i]] == ALL) ? true : false; + $auth_user[$auth_fields[$i]] = ($f_access[$auth_fields[$i]] == AUTH_ALL) ? true : false; } } else @@ -144,7 +147,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) { for($j = 0; $j < count($f_access); $j++) { - $auth_user_list[][$auth_fields[$j]] = ($f_access_rows[$i][$auth_fields[$j]] == ALL) ? true : false; + $auth_user_list[][$auth_fields[$j]] = ($f_access_rows[$i][$auth_fields[$j]] == AUTH_ALL) ? true : false; } } } @@ -152,13 +155,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } else { - - $forum_match_sql = ($forum_id != LIST_ALL) ? "AND ( aa.forum_id = $forum_id OR aa.forum_id = " . ALL . ")" : ""; - $sql = "SELECT $a_sql, auth_mod, auth_admin, g.single_user - FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g + $forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND aa.forum_id = $forum_id" : ""; + $sql = "SELECT aa.forum_id, $a_sql, aa.auth_mod, g.single_user, u.user_level + FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g, " . USERS_TABLE . " u WHERE ug.user_id = ".$userdata['user_id']. " AND g.group_id = ug.group_id AND aa.group_id = ug.group_id + AND u.user_id = ug.user_id $forum_match_sql"; $au_result = $db->sql_query($sql); @@ -174,7 +177,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // type is either ALL or REG then the user // has access // - if($value == ALL || $value == REG) + if($value == AUTH_ALL || $value == AUTH_REG) { $auth_user[$key] = true; } @@ -188,7 +191,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // we pull relevant information for the user // (and any groups they belong to) // - + $single_user = false; // @@ -209,7 +212,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1) // switch($value) { - case ACL: + case AUTH_ACL: for($j = 0; $j < count($u_access); $j++) { if(!$single_user) @@ -219,8 +222,8 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } } break; - - case MOD: + + case AUTH_MOD: for($j = 0; $j < count($u_access); $j++) { if(!$single_user) @@ -230,13 +233,13 @@ function auth($type, $forum_id, $userdata, $f_access = -1) } } break; - - case ADMIN: + + case AUTH_ADMIN: for($j = 0; $j < count($u_access); $j++) { - if(!$single_user) + if($single_user) { - $auth_user[$key] = $auth_user[$key] || $u_access[$j]['auth_admin']; + $auth_user[$key] = ($u_access[$j]['group_type'] == ADMIN) ? true : false; $single_user = $u_access[$j]['single_user']; } } @@ -261,9 +264,9 @@ function auth($type, $forum_id, $userdata, $f_access = -1) $single_user = false; for($j = 0; $j < count($u_access); $j++) { - if(!$single_user) + if($single_user) { - $auth_user['auth_admin'] = $auth_user['auth_admin'] || $u_access[$j]['auth_admin']; + $auth_user['auth_admin'] = ($u_access[$j]['group_type'] == ADMIN) ? true : false; $single_user = $u_access[$j]['single_user']; } } diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 315e95d072..63ae8710e2 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -22,27 +22,19 @@ * ***************************************************************************/ +// // Constants +// + // Debug Level define(DEBUG, 1); // Debugging on //define(DEBUG, 0); // Debugging off -// User Levels -//define(ADMIN, 4); -//define(SUPERMOD, 3); -//define(MODERATOR, 2); -define(USER, 1); +// User Levels <- Do not change the values of USER or ADMIN define(DELETED, -1); define(ANONYMOUS, -1); - -// Forum access levels -define(PUBLIC, 1); -define(PRIVATE, 2); - -// Forum posting levels -define(ANONALLOWED, 2); -define(REGONLY, 1); -define(MODONLY, 3); +define(USER, 0); +define(ADMIN, 1); // Topic state define(UNLOCKED, 0); @@ -86,22 +78,24 @@ define(PAGE_FAQ, -8); define(PAGE_POSTING, -9); // Auth settings -define(ALL, 0); -define(REG, 1); -define(ACL, 2); -define(MOD, 3); -define(SUPERMOD, 4); -define(ADMIN, 5); - -define(VIEW, 0); -define(READ, 1); -define(POST, 2); -define(REPLY, 3); -define(EDIT, 4); -define(DELETE, 5); -define(VOTECREATE, 6); -define(VOTE, 7); -define(LIST_ALL, 10); +define(AUTH_ALL, 0); + +define(AUTH_REG, 1); +define(AUTH_ACL, 2); +define(AUTH_MOD, 3); +define(AUTH_SUPERMOD, 4); +define(AUTH_ADMIN, 5); + +define(AUTH_VIEW, 0); +define(AUTH_READ, 1); +define(AUTH_POST, 2); +define(AUTH_REPLY, 3); +define(AUTH_EDIT, 4); +define(AUTH_DELETE, 5); +define(AUTH_VOTECREATE, 6); +define(AUTH_VOTE, 7); +define(AUTH_ATTACH, 8); +define(AUTH_LIST_ALL, 10); // Table names define('BANLIST_TABLE', $table_prefix.'banlist'); diff --git a/phpBB/viewforum.php b/phpBB/viewforum.php index 885c12cd55..ca76f5f042 100644 --- a/phpBB/viewforum.php +++ b/phpBB/viewforum.php @@ -56,12 +56,14 @@ init_userprefs($userdata); // if(isset($forum_id)) { - $sql = "SELECT f.forum_name, f.forum_topics, u.username, u.user_id, fa.* - FROM ".FORUMS_TABLE." f, ".FORUM_MODS_TABLE." fm, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." fa - WHERE f.forum_id = $forum_id - AND fa.forum_id = f.forum_id - AND fm.forum_id = f.forum_id - AND u.user_id = fm.user_id"; + $sql = "SELECT f.forum_name, f.forum_topics, u.username, u.user_id, fa.* + FROM ".FORUMS_TABLE." f, ".USERS_TABLE." u, ".USER_GROUP_TABLE." ug, ".AUTH_ACCESS_TABLE." aa, ".AUTH_FORUMS_TABLE." fa + WHERE f.forum_id = $forum_id + AND fa.forum_id = f.forum_id + AND aa.auth_mod = 1 + AND aa.forum_id = f.forum_id + AND ug.group_id = aa.group_id + AND u.user_id = ug.user_id"; } else { @@ -88,7 +90,7 @@ if(!$forum_row) // // Start auth check // -$is_auth = auth(ALL, $forum_id, $userdata, $forum_row[0]); +$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row[0]); if(!$is_auth['auth_read']) { @@ -311,7 +313,7 @@ if($total_topics) $s_auth_can .= "You " . (($is_auth['auth_edit']) ? "<b>can</b>" : "<b>cannot</b>") . " edit your posts in this forum<br>"; $s_auth_can .= "You " . (($is_auth['auth_delete']) ? "<b>can</b>" : "<b>cannot</b>") . " delete your posts in this forum<br>"; $s_auth_can .= ($is_auth['auth_mod']) ? "You are a moderator of this forum<br>" : ""; - $s_auth_can .= ($is_auth['auth_admin']) ? "You are a board admin<br>" : ""; + $s_auth_can .= ($userdata['user_level'] == ADMIN) ? "You are a board admin<br>" : ""; $template->assign_vars(array( "PAGINATION" => generate_pagination("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&postdays=$post_days", $topics_count, $board_config['topics_per_page'], $start), diff --git a/phpBB/viewtopic.php b/phpBB/viewtopic.php index 92e96903ad..21e0cd9fd7 100644 --- a/phpBB/viewtopic.php +++ b/phpBB/viewtopic.php @@ -131,20 +131,21 @@ else // This is perhaps a bodged(?) way // of allowing a direct link to a post // it also allows calculation of which - // page the post should be on + // page the post should be on. This query + // no longer grabs moderator info for this + // forum ... right now that's fine, but + // if needed it can be easily replaced/added // $join_sql_table = (!isset($post_id)) ? "" : "".POSTS_TABLE." p, ".POSTS_TABLE." p2,"; $join_sql = (!isset($post_id)) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id"; $count_sql = (!isset($post_id)) ? "" : ", COUNT(p2.post_id) AS prev_posts"; - $order_sql = (!isset($post_id)) ? "" : "GROUP BY fa.forum_id, fa.auth_view, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_vote, fa.auth_votecreate, fm.user_id, p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, u.username, u.user_id, fa.auth_read ORDER BY p.post_id ASC"; + $order_sql = (!isset($post_id)) ? "" : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote ORDER BY p.post_id ASC"; - $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, u.username, u.user_id, fa.*".$count_sql." - FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".FORUM_MODS_TABLE." fm, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." fa + $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . " + FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa WHERE $join_sql AND f.forum_id = t.forum_id AND fa.forum_id = f.forum_id - AND fm.forum_id = t.forum_id - AND u.user_id = fm.user_id $order_sql"; // This closes out the opening braces above @@ -213,7 +214,7 @@ init_userprefs($userdata); // // Start auth check // -$is_auth = auth(ALL, $forum_id, $userdata, $forum_row[0]); +$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row[0]); if(!$is_auth) { @@ -522,7 +523,7 @@ $s_auth_can .= "You " . (($is_auth['auth_reply']) ? "<b>can</b>" : "<b>cannot</b $s_auth_can .= "You " . (($is_auth['auth_edit']) ? "<b>can</b>" : "<b>cannot</b>") . " edit your posts in this forum<br>"; $s_auth_can .= "You " . (($is_auth['auth_delete']) ? "<b>can</b>" : "<b>cannot</b>") . " delete your posts in this forum<br>"; $s_auth_can .= ($is_auth['auth_mod']) ? "You are a moderator of this forum<br>" : ""; -$s_auth_can .= ($is_auth['auth_admin']) ? "You are a board admin<br>" : ""; +$s_auth_can .= ($userdata['user_level'] == ADMIN) ? "You are a board admin<br>" : ""; $template->assign_vars(array( "PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id", $total_replies, $board_config['posts_per_page'], $start), |