-// 'type' is used primarily for deps and contains the original 'mode'

-$type = (isset($_REQUEST['type'])) ? htmlspecialchars($_REQUEST['type']) : '';

-// 'auth_setting' contains the value of the submitted 'auth_option', an integer value used

-// mainly by deps mode

-// 'auth_option' contains a single auth_option string, used mainly by deps mode

-$auth_settings = (isset($_POST['settings'])) ? array_map('intval', $_POST['settings']) : '';

-$auth_option = (isset($_REQUEST['option'])) ? htmlspecialchars($_REQUEST['option']) : '';

-$auth_setting = (isset($_REQUEST['setting'])) ? intval($_REQUEST['setting']) : '';

-$forum_id = (isset($_REQUEST['f'])) ? ((is_array($_REQUEST['f'])) ? array_map('intval', $_REQUEST['f']) : intval($_REQUEST['f'])) : 0;

-if ($mode == 'deps')

- switch ($type)

- case 'supermod':

- case 'admin':

- $which_acl = 'a_authadmins';

- $sql_option_mode = 'a';

- switch ($mode)

- {

- case 'deps':

- $forum_id = (!is_array($forum_id)) ? array($forum_id) : $forum_id;

- $auth_settings_ary = $db->sql_escape(serialize($auth_settings));

-

- $sql = '';

- foreach ($forum_id as $id)

- {

- switch (SQL_LAYER)

- {

- case 'mysql':

- case 'mysql4':

- $sql .= (($sql != '') ? ', ' : '') . "('$option', $auth_setting, $id, '$auth_settings_ary')";

- break;

-

- case 'mssql':

- $sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT '$option', $auth_setting, $id, '$auth_settings_ary'";

- break;

-

- default:

- $sql = "INSERT INTO " . ACL_DEPS_TABLE . " (auth_option, auth_setting, forum_id, auth_deps)

- VALUES ('$option', $auth_setting, $id, '$auth_settings_ary')";

- $result = $db->sql_query($sql);

- $sql = '';

- }

- }

-

- if ($sql != '')

- {

- echo $sql = "INSERT INTO " . ACL_DEPS_TABLE . " (auth_option, auth_setting, forum_id, auth_deps)

- VALUES $sql";

- $result = $db->sql_query($sql);

- }

-

- unset($auth_settings_ary);

-

- exit;

- break;

-

- default:

-

- // User wants to submit these changes ... before we allow this

- // we first check to see if any dependencies exist. If they do

- // we pull them, and give the user the option of applying them

- // or skipping them

- $sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;

-

- $sql_dep = $sql_global = array();

- foreach ($auth_settings as $option => $setting)

- {

- $sql_dep[$setting] .= (($sql_dep[$setting] != '') ? ', ' : '') . "'$option'";

- }

-

- $sql_options = '';

- foreach ($sql_dep as $setting => $options)

- {

- $sql_options .= (($sql_options != '') ? ' OR ' : '') . " (auth_option IN ($options) AND auth_setting = $setting)";

- }

-

- $sql = "SELECT auth_deps

- FROM " . ACL_DEPS_TABLE . "

- WHERE $sql_options";

-// AND forum_id $sql_forum";

- $result = $db->sql_query($sql);

-

- if ($row = $db->sql_fetchrow($result))

- {

- do

- {

- $temp = unserialize($row['auth_deps']);

- foreach ($temp as $option => $setting)

- {

- $auth_settings[$option] = (!isset($auth_settings[$option]) || $setting < $auth_settings[$option]) ? $setting : $auth_settings[$option];

- }

- }

- while ($row = $db->sql_fetchrow($result));

-

- unset($temp);

- unset($option);

- unset($setting);

- unset($sql_auth_option);

- $sql_option_mode = 'f';

- }

- $db->sql_freeresult($result);

-

- //print_r($auth_settings);

- //echo "HERE :: UPDATE ACLS";

-/*

- // Admin wants subforums to inherit permissions ... so handle this

- if (!empty($_POST['inherit']))

- {

- array_push($_POST['inherit'], $forum_id);

- $forum_id = $_POST['inherit'];

- }

- foreach ($ug_data as $id)

- {

- $auth_admin->acl_set($ug_type, $forum_id, $id, $auth_settings);

- }

- cache_moderators();

- trigger_error($user->lang['AUTH_UPDATED']);

-*/

- }

- switch ($mode)

- case 'deps':

- break;

- default:

-/* $option_ids = false;

- if (!empty($settings)

- $sql = "SELECT auth_option_id

- FROM " . ACL_OPTIONS_TABLE . "

- WHERE auth_option LIKE '" . $settings['option'] . "_%'";

- $result = $db->sql_query($sql);

-

- if ($row = $db->sql_fetchrow($result))

- {

- $option_ids = array();

- do

- {

- $option_ids[] = $row['auth_option_id'];

- }

- while($row = $db->sql_fetchrow($result));

- }

- $db->sql_freeresult($result);

- foreach ($_POST['ug_id'] as $id)

- {

- $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids);

- }

- cache_moderators();

- trigger_error($user->lang['AUTH_UPDATED']);*/

- break;

- }

-if (($mode == 'user' || $mode == 'group' || $mode == 'forum' || $mode == 'mod') && empty($submit))

- make_forum_select();

-if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($submit) && in_array($mode, array('admin', 'supermod'))))

-

- // Define appropriate SQL for linking on forums

- $sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ') ' : ' = ' . $forum_id;

- AND a.forum_id $sql_forum

- <td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>

- AND a.forum_id $sql_forum

- <td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>

- <td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['FIND_USERNAME']; ?>" class="liteoption" onclick="window.open('<?php echo "../memberlist.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="ug_type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>

- <td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /><input type="hidden" name="ug_type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>

-if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) || $mode == 'deps')

- if (!isset($forum_id) && empty($ug_data) && $mode != 'deps')

- if ($forum_id != 0)

- FROM ' . FORUMS_TABLE . '

- WHERE forum_id';

- $sql .= (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;

- if ($mode != 'deps')

- $l_no_error = '';

- switch ($ug_type)

- {

- case 'user':

- $l_no_error = $user->lang['NO_USER'];

- $sql = 'SELECT user_id AS id, username AS name

- FROM ' . USERS_TABLE . '

- WHERE user_id';

- $sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;

- break;

- case 'username':

- $l_no_error = $user->lang['NO_USER'];

- $sql = 'SELECT user_id AS id, username AS name

- FROM ' . USERS_TABLE . '

- WHERE username';

- $sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#', "'\\1'", $ug_data)) . ')' : ' = ' . "'" . trim($ug_data) . "'";

- break;

- case 'group':

- $l_no_error = $user->lang['NO_GROUP'];

- $sql = 'SELECT group_id AS id, group_name AS name

- FROM ' . GROUPS_TABLE . '

- WHERE group_id';

- $sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;

- break;

- }

- $result = $db->sql_query($sql);

- if (!$row = $db->sql_fetchrow($result))

- {

- trigger_error($l_no_error);

- }

- unset($l_no_error);

- unset($ug_data);

- // Store the user_ids and names for later use

- do

- {

- $ug_names .= (($ug_names != '') ? ', ' : '') . $row['name'];

- $ug_ids .= (($ug_ids != '') ? ', ' : '') . $row['id'];

- $ug_hidden .= '<input type="hidden" name="ug_data[]" value="' . $row['id'] . '" />';

- }

- while ($row = $db->sql_fetchrow($result));

- $db->sql_freeresult($result);

- if ($mode != 'deps' && $auth_settings == '')

- switch ($ug_type)

- case 'group':

- $sql_table = ACL_GROUPS_TABLE . ' a ';

- $sql_join = 'a.group_id';

- break;

- case 'user':

- $sql_table = ACL_USERS_TABLE . ' a, ';

- $sql_join = 'a.user_id';;

- break;

- }

-

- $sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;

- $sql = "SELECT o.auth_option, MIN(a.auth_setting) AS min_auth_setting

- FROM $sql_table, " . ACL_OPTIONS_TABLE . " o

- WHERE o.auth_option LIKE '" . $sql_option_mode . "_%'

- AND a.auth_option_id = o.auth_option_id

- AND a.forum_id $sql_forum

- AND $sql_join IN ($ug_ids)

- GROUP BY o.auth_option";

- $result = $db->sql_query($sql);

- $auth_settings = array();

- while ($row = $db->sql_fetchrow($result))

- $auth_settings[$row['auth_option']] = $row['min_auth_setting'];

- $db->sql_freeresult($result);

- else if ($mode == 'deps')

- $sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;

- $sql_auth_option = (preg_match('#^[a-z]_$#', $auth_option)) ? " LIKE '$auth_option%'" : " IN ('" . $auth_option . "', '$sql_option_mode')";

- $sql = "SELECT auth_deps

- FROM " . ACL_DEPS_TABLE . "

- WHERE auth_option $sql_auth_option

- AND forum_id $sql_forum

- AND auth_setting = $auth_setting";

- $result = $db->sql_query($sql);

- $auth_settings = (!isset($auth_settings)) ? array() : $auth_settings;

- while ($row = $db->sql_fetchrow($result))

- $temp = unserialize($row['auth_deps']);

- foreach ($temp as $option => $setting)

- $auth_settings[$option] = (!isset($auth_settings[$option]) || $setting < $auth_settings[$option]) ? $setting : $auth_settings[$option];

- }

- $db->sql_freeresult($result);

- unset($temp);

- unset($option);

- unset($setting);

- unset($sql_auth_option);

- if ($submit == 'update')

- {

-

-?>

-<h1 style="color:red">Warning!</h1>

-

-<p>A number of dependencies have been set for the changes you have requested. You can skip setting these dependences if you wish by clicking the appropriate checkbox. You can also modify the dependencies as required. Clicking update will commit your previous setting changes and those listed below (unless you choose to skip them).</p>

-

-<?php

-

- }

-

-?>

-

-<form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table cellspacing="2" cellpadding="0" border="0" align="center">

-<?php

-

- // The above query grabs the list of options for the required mode ...

- // however for the deps system we need to grab the set of options for

- // which dependencies are to be set

- if ($mode == 'deps' || $submit == 'update')

- <td align="right"><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0">

-<?php

-

- }

-

- if ($mode == 'deps')

- {

- // Turn auth_options array above into the dep_auth_options list

- $dep_auth_options = $dep_auth_values = $dep_auth_forums = '';

- foreach ($auth_options as $option)

- {

- $dep_auth_options .= '<option value="' . $option['auth_option'] . '"' . (($option['auth_option'] == $auth_option) ? ' selected="selected"' : '') . '>' . ((!empty($user->lang['acl_' . $option['auth_option']])) ? $user->lang['acl_' . $option['auth_option']] : (($option['auth_option'] == $sql_option_mode . '_') ? 'Any option' : ucfirst(preg_replace('#.*?_#', '', $option['auth_option'])))) . '</option>';

- }

- unset($auth_options);

- unset($option);

-

-

- // Define the Yes, No, Unset selections

- $values = array(ACL_NO => $user->lang['NO'], ACL_YES => $user->lang['YES'], ACL_UNSET => $user->lang['UNSET']);

- foreach ($values as $value => $option)

- {

- $dep_auth_values .= '<option value="' . $value . '"' . (($value === $auth_setting) ? ' selected="selected"' : '') . '>' . $option . '</option>';

- }

- unset($values);

- unset($option);

-

-

- // We've grabbed the list of options for this mode now we need to

- // grab the list of options we can set dependencies for

- $founder_sql = ($user->data['user_founder']) ? ' AND founder_only <> 1' : '';

- $sql = "SELECT auth_option

- FROM " . ACL_OPTIONS_TABLE . "

- WHERE auth_option LIKE 'f_%'

- AND auth_option <> 'f_'

- $founder_sql";

- $result = $db->sql_query($sql);

-

- $auth_options = array();

- while ($row = $db->sql_fetchrow($result))

- {

- $auth_options[] = $row;

- }

- $db->sql_freeresult($result);

-

-?>

- <tr>

- <td class="row1" width="150">Changing option:</td>

- <td class="row2"><select name="option" onchange="this.form.submit()"><?php echo $dep_auth_options; ?></select></td>

- </tr>

- <tr>

- <td class="row1" width="150">To value:</td>

- <td class="row2"><select name="setting" onchange="this.form.submit()"><option value="0"<?php

-

- echo ($dep_value == 0) ? ' selected="selected"' : '';

-

-?>>Choose value</option><?php echo $dep_auth_values; ?></select></td>

- </tr>

-<?php

-

- unset($dep_auth_options);

- unset($dep_auth_values);

-

- }

-

- // We output this for both deps and when update is requested where

- // deps exist

- if ($mode == 'deps' || $submit == 'update')

- {

-

-?>

- <td class="row2"><select name="f[]" multiple="4" onchange="this.form.submit()"><?php

- echo make_forum_select($forum_id, false);

- unset($dep_forum_options);

-

-

- // This is the main listing of options

-

- </tr>

- <tr>

- <td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">

- <tr>

- <th>&nbsp;<?php echo $user->lang['OPTION']; ?>&nbsp;</th>

- <th width="50">&nbsp;<?php echo $user->lang['YES']; ?>&nbsp;</th>

- <th width="50">&nbsp;<?php echo $user->lang['NO']; ?>&nbsp;</th>

- <th width="50">&nbsp;<?php echo $user->lang['UNSET']; ?>&nbsp;</th>

- </tr>

- $selected_yes = (isset($auth_settings[$auth_options[$i]['auth_option']]) && $auth_settings[$auth_options[$i]['auth_option']] == ACL_YES) ? ' checked="checked"' : '';

- $selected_no = (isset($auth_settings[$auth_options[$i]['auth_option']]) && $auth_settings[$auth_options[$i]['auth_option']] == ACL_NO) ? ' checked="checked"' : '';

- $selected_unset = (!isset($auth_settings[$auth_options[$i]['auth_option']]) || $auth_settings[$auth_options[$i]['auth_option']] == ACL_UNSET) ? ' checked="checked"' : '';

- // Output dependency links?

- $dep_x_yes = $dep_x_no = $dep_x_unset = $dep_x_open = $dep_x_close = '';

- if (in_array($mode, array('admin', 'supermod', 'mod')) && $auth->acl_get('a_deps') && $submit != 'update')

- {

- $dep_x_open = ' <a class="gensmall" style="vertical-align:top" href="javascript:open_win(\'' . "admin_permissions.$phpEx$SID&amp;mode=deps&amp;type=$mode&amp;" . ((is_array($forum_id)) ? implode('&amp;', preg_replace('#([0-9]+)#', 'f[]=\1', $forum_id)) : "f=$forum_id") . '&amp;option=' . $auth_options[$i]['auth_option'] . "&amp;setting=";

- $dep_x_close = '\', 500, 500)" title="Set Dependency">X</a>';

- $dep_x_yes = $dep_x_open . ACL_YES . $dep_x_close;

- $dep_x_no = $dep_x_open . ACL_NO . $dep_x_close;

- $dep_x_unset = $dep_x_open . ACL_UNSET . $dep_x_close;

- }

- <tr>

- <td class="<?php echo $row_class; ?>" nowrap="nowrap"><?php echo $l_auth_option; ?>&nbsp;</td>

- <td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_YES; ?>"<?php echo $selected_yes; ?> /><?php echo $dep_x_yes; ?></td>

- <td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_NO; ?>"<?php echo $selected_no; ?> /><?php echo $dep_x_no; ?></td>

- <td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_UNSET; ?>"<?php echo $selected_unset; ?> /><?php echo $dep_x_unset; ?></td>

- if (($sql_option_mode == 'f' || ($sql_option_mode == 'm' && $mode != 'supermod')) && $mode != 'deps' && $submit != 'update')

- $children = get_forum_branch($forum_id, 'children', 'descending', false);

- <td class="row1" colspan="4"><table width="100%" cellspacing="1" cellpadding="0" border="0">

-

- // Output "Skip dependencies" checkbox

- if ($submit == 'update')

- {

-

-?>

- <tr>

- <th colspan="4"><?php echo "Dependencies" ?></th>

- </tr>

- <tr>

- <td class="row1" colspan="4"><table width="100%" cellspacing="1" cellpadding="0" border="0">

- <tr>

- <td><input type="checkbox" name="skipdeps value="0" /> <?php echo "Skip these dependencies"; ?></td>

- </tr>

- </table></td>

- </tr>

-<?php

-

- }

-

-

- }

- <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="submit_update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="submit_cancel" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="ug_type" value="<?php echo $ug_type; ?>" /><?php echo $ug_hidden; ?><?php echo ($mode == 'deps') ? '<input type="hidden" name="type" value="' . $type . '" />' : '<input type="hidden" name="f" value="' . $forum_id . '" />'; ?></td>