diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-07-19 23:52:10 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-07-19 23:52:10 +0000 |
| commit | c4506dbbc7fa6c9cfb56a8710591457a99b72edb (patch) | |
| tree | 5a8a5e0c519bffc7f762ca147875e56375a1bb0c /phpBB/admin | |
| parent | b69afe920ce2aa0f8c769871df7ccfd84ea03e3b (diff) | |
| download | forums-c4506dbbc7fa6c9cfb56a8710591457a99b72edb.tar forums-c4506dbbc7fa6c9cfb56a8710591457a99b72edb.tar.gz forums-c4506dbbc7fa6c9cfb56a8710591457a99b72edb.tar.bz2 forums-c4506dbbc7fa6c9cfb56a8710591457a99b72edb.tar.xz forums-c4506dbbc7fa6c9cfb56a8710591457a99b72edb.zip | |
And as if by magic group auth admin appeared
git-svn-id: file:///svn/phpbb/trunk@702 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/admin')
| -rw-r--r-- | phpBB/admin/admin_groupauth.php | 816 |
1 files changed, 519 insertions, 297 deletions
diff --git a/phpBB/admin/admin_groupauth.php b/phpBB/admin/admin_groupauth.php index aeea3f4cb3..25bd4aa313 100644 --- a/phpBB/admin/admin_groupauth.php +++ b/phpBB/admin/admin_groupauth.php @@ -1,6 +1,6 @@ <?php /*************************************************************************** - * admin_groupauth.php + * admin_userauth.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group @@ -55,16 +55,17 @@ else if( $userdata['user_level'] != ADMIN ) // Start program - define vars // $auth_field_match = array( - "auth_view" => AUTH_VIEW, - "auth_read" => AUTH_READ, - "auth_post" => AUTH_POST, - "auth_reply" => AUTH_REPLY, - "auth_edit" => AUTH_EDIT, - "auth_delete" => AUTH_DELETE, + "auth_view" => AUTH_VIEW, + "auth_read" => AUTH_READ, + "auth_post" => AUTH_POST, + "auth_reply" => AUTH_REPLY, + "auth_edit" => AUTH_EDIT, + "auth_delete" => AUTH_DELETE, "auth_sticky" => AUTH_STICKY, "auth_announce" => AUTH_ANNOUNCE); $forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce"); + $forum_auth_key_fields = array("auth_view", "auth_read", "auth_post", "auth_reply"); // @@ -82,11 +83,13 @@ $forum_auth_key_fields = array("auth_view", "auth_read", "auth_post", "auth_repl "auth_allow_smilies" => AUTH_ALLOW_SMILIES );*/ -// ---------- + +// --------------- // Start Functions // function a_auth_check_user($type, $key, $u_auth, $is_admin) { + $single_user = 0; $auth_user = array(); @@ -120,8 +123,8 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin) return $auth_user; } // -// Start Functions -// ---------- +// End Functions +// ------------- // @@ -132,30 +135,53 @@ $adv = (isset($HTTP_GET_VARS['adv'])) ? $HTTP_GET_VARS['adv'] : -1; if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) { $group_id = $HTTP_POST_VARS[POST_GROUPS_URL]; + $adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE; // // This is where things become fun ... // + + // + // Get list of user id's for this group_id + // + $sql_groupid = "SELECT user_id + FROM " . USER_GROUP_TABLE . " + WHERE group_id = $group_id + AND user_id <> " . ANONYMOUS; + if(!$result = $db->sql_query($sql_groupid)) + { + // Error no such user/group + } + $ug_info = $db->sql_fetchrow($result); - $change_mod_ary = (isset($HTTP_POST_VARS['moderator'])) ? $HTTP_POST_VARS['moderator'] : 0; - $change_prv_ary = (isset($HTTP_POST_VARS['private'])) ? $HTTP_POST_VARS['private'] : 0; // // Pull all the auth/group - // for this group + // for this user // - $sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_sticky, aa.auth_announce, aa.auth_mod, g.group_single_user - FROM " . AUTH_ACCESS_TABLE . " aa, " . GROUPS_TABLE. " g - WHERE g.group_id = $group_id - AND aa.group_id = g.group_id"; - $au_result = $db->sql_query($sql); - if($num_u_access = $db->sql_numrows($au_result)) + $sql = "SELECT aa.*, g2.group_single_user, u.username, u.user_id, g.group_id, g.group_name + FROM " . AUTH_ACCESS_TABLE . " aa, " . AUTH_ACCESS_TABLE . " aa2, " . USER_GROUP_TABLE . " ug, " . USER_GROUP_TABLE . " ug2, " . GROUPS_TABLE . " g, " . GROUPS_TABLE . " g2, " . USERS_TABLE . " u + WHERE g.group_id = $group_id + AND aa.group_id = g.group_id + AND ug.group_id = g.group_id + AND ug2.user_id = ug.user_id + AND u.user_id = ug2.user_id + AND g2.group_id = ug2.group_id + AND aa2.group_id = g2.group_id"; +/* + $sql = "SELECT aa.*, g.group_single_user, g.group_id, g.group_name + FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g + WHERE g.group_id = $group_id + AND aa.group_id = g.group_id";*/ + $ag_result = $db->sql_query($sql); + + if($num_g_access = $db->sql_numrows($ag_result)) { - $u_access = $db->sql_fetchrowset($au_result); + $g_access = $db->sql_fetchrowset($ag_result); } - $sql = "SELECT f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce + $sql = "SELECT f.* FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c WHERE c.cat_id = f.cat_id ORDER BY c.cat_order ASC, f.forum_order ASC"; @@ -163,6 +189,38 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) $forum_access = $db->sql_fetchrowset($fa_result); + $change_prv_list = array(); + + $change_mod_ary = (isset($HTTP_POST_VARS['moderator'])) ? $HTTP_POST_VARS['moderator'] : array(); + + for($i = 0; $i < count($forum_access); $i++) + { + $forum_id = $forum_access[$i]['forum_id']; + + for($j = 0; $j < count($forum_auth_fields); $j++) + { + $field = $forum_auth_fields[$j]; + + if( isset($HTTP_POST_VARS['private']) ) + { + if( $forum_access[$i][$field] == AUTH_ACL ) + { + if( isset($HTTP_POST_VARS['private'][$forum_id]) ) + { + $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS['private'][$forum_id]; + } + } + } + else + { + if( isset($HTTP_POST_VARS[$field][$forum_id]) ) + { + $change_prv_list[$forum_id][$field] = $HTTP_POST_VARS[$field][$forum_id]; + } + } + } + } + // // The data above lists access and moderator permissions // for this user given by all the groups they belong to. @@ -176,215 +234,295 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL])) // the user access goes against the group permissions // (although in this case we'll go ahead and add the user) // - + // // // - $warning_mod = array(); - $valid_auth_mod = array(); + $warning_mod_userid = array(); + $warning_mod_username = array(); + $warning_mod_frmname = array(); $valid_auth_mod_sql = array(); - @reset($change_mod_ary); + $warning_prv_userid = array(); + $warning_prv_username = array(); + $warning_prv_frmname = array(); + $valid_auth_prv_sql = array(); - while(list($chg_forum_id, $value) = @each($change_mod_ary)) + for($i = 0; $i < count($forum_access); $i++) { - $a_match = $value; + $this_forum_id = $forum_access[$i]['forum_id']; - $auth_exists = FALSE; + $update_mod = FALSE; + $update_acl = FALSE; - for($i = 0; $i < count($u_access); $i++) - { - $forum_id = $u_access[$i]['forum_id']; + $valid_auth_mod_sql_val = ""; + $valid_auth_prv_sql_fld = ""; + $valid_auth_prv_sql_val = ""; + + @reset($change_mod_ary); + @reset($change_prv_list); - if( $forum_id == $chg_forum_id ) + // + // Moderator control + // + while(list($mod_forum_id, $new_mod_status) = @each($change_mod_ary)) + { + if($mod_forum_id == $this_forum_id) { + $warned = FALSE; - if( $u_access[$i]['auth_mod'] == $value && !$u_access[$i]['group_single_user'] ) - { - $a_match = -1; - } - else if( $u_access[$i]['auth_mod'] && !$value && $u_access[$i]['group_single_user'] ) - { - // - // User is being removed as a moderator but is a moderator - // via a group, carry out the update but warn the moderator - // - $warning_mod[$chg_forum_id] = TRUE; - } - else + for($j = 0; $j < count($g_access); $j++) { - if(!$value) + if($g_access[$j]['forum_id'] == $this_forum_id) { - $sql = "DELETE FROM " . AUTH_ACCESS_TABLE; - } - else - { - $sql = "UPDATE " . AUTH_ACCESS_TABLE . " - SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0, auth_mod = " . TRUE; + $cur_mod_status = $g_access[$j]['auth_mod']; + $is_single_user = $g_access[$j]['group_single_user']; + + if($cur_mod_status == $new_mod_status && !$is_single_user) + { + // + // No need to update so set update to true + // + $update_mod = TRUE; + } + else if($cur_mod_status && !$new_mod_status && $is_single_user && !$warned) + { + // + // users within group can mod via their own auth, we'll warn + // the admin but carry out the op anyway if reqd. + // + $warning_mod_userid[$this_forum_id][] = $g_access[$j]['user_id']; + $warning_mod_username[$this_forum_id][] = $g_access[$j]['username']; + $warning_mod_frmname[$this_forum_id][] = $forum_access[$i]['forum_name']; + + $warned = TRUE; + } + else if($cur_mod_status != $new_mod_status && !$is_single_user) + { + if($new_mod_status) + { + $valid_auth_mod_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . " + SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_announce = 0, auth_sticky = 0, auth_mod = $new_mod_status + WHERE forum_id = $this_forum_id + AND group_id = $group_id"; + } + else + { + $valid_auth_mod_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . " + WHERE forum_id = $this_forum_id + AND group_id = $group_id"; + } + $update_mod = TRUE; + } } - $valid_auth_mod_sql[$chg_forum_id] = $sql . " WHERE forum_id = $chg_forum_id AND group_id = $group_id"; - $valid_auth_mod[$chg_forum_id] = 1; } - $auth_exists = TRUE; + if(!$update_mod && $new_mod_status) + { + $valid_auth_mod_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " + (forum_id, group_id, auth_mod) + VALUES ($this_forum_id, $group_id, $new_mod_status)"; + $update_mod = TRUE; + } } } - - if(!$auth_exists && $value) - { - $valid_auth_mod_sql[$chg_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, auth_mod) VALUES ($chg_forum_id, $group_id, 1)"; - $valid_auth_mod[$chg_forum_id] = 0; - } - } - - - // - // Check against priv access table ... - // - $warning_mod = array(); - $valid_auth_acl_sql = array(); - - @reset($valid_auth_mod); - @reset($change_prv_ary); - - while(list($chg_forum_id, $value) = @each($change_prv_ary)) - { - $valid_auth_acl_sql[$chg_forum_id] = ""; - $auth_exists = FALSE; - for($i = 0; $i < count($u_access); $i++) + // + // Private/ACL control + // + while(list($prv_forum_id, $new_prv_ary) = @each($change_prv_list)) { - if( $u_access[$i]['forum_id'] == $chg_forum_id ) + if($prv_forum_id == $this_forum_id && empty($valid_auth_mod_sql[$this_forum_id]) ) { - - // - // If we're updating/inserting a moderator access - // control then we don't need to both with anything here, - // adding (or updating) a user to mod status automatically - // grants access to all forum functions (unless they - // are set at admin status!). Removing moderator permissions - // automatically removes all priviledges, it does mean the - // admin has to re-enable ACL privs but it does prevent - // them accidently leaving a user with access to a forum - // they should be now denied. - // -// echo "<BR>" . $chg_forum_id . " : " . $valid_auth_mod[$chg_forum_id] . "<BR>"; - -// echo $chg_forum_id . " : " . $valid_auth_mod[$chg_forum_id] . " : " . $u_access[$i]['auth_mod'] . "<BR>"; - - if( empty($valid_auth_mod[$chg_forum_id]) && !$u_access[$i]['auth_mod']) + for($j = 0; $j < count($g_access); $j++) { - // - // User isn't a moderator so now we have to decide whether the - // the access needs creating, updating or deleting ... - // - - for($j = 0; $j < count($forum_access); $j++) + if($g_access[$j]['forum_id'] == $this_forum_id) { - if( $chg_forum_id == $forum_access[$j]['forum_id'] ) + $is_single_user = $u_access[$j]['group_single_user']; + + if(!$is_single_user) + { + $valid_auth_prv_sql[$this_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . " SET "; + } + + $is_all_zeroed = FALSE; + $warned = FALSE; + + // + // Step through all auth fields + // + @reset($new_prv_ary); + while( list($this_prv_field, $new_prv_status) = each($new_prv_ary) ) { - $update_acl_sql = ""; + // + // Is this field set to ACL? + // + $cur_prv_status = $g_access[$j][$this_prv_field]; - for($k = 0; $k < count($forum_auth_fields); $k++) + if($cur_prv_status == $new_prv_status && !$is_single_user) { - $auth_field = $forum_auth_fields[$k]; - - if( $forum_access[$j][$auth_field] == AUTH_ACL ) + // + // No need to update so set update to true + // + $update_acl = TRUE; + } + else if( ( $cur_prv_status || $g_access[$j]['auth_mod'] ) && !$new_prv_status && $is_single_user && !$warned) + { + // + // user can mod via group auth, we'll warn + // the admin but carry out the op anyway if reqd. + // + $warning_prv_userid[$this_forum_id][] = $g_access[$j]['user_id']; + $warning_prv_username[$this_forum_id][] = $g_access[$j]['username']; + $warning_prv_frmname[$this_forum_id][] = $forum_access[$i]['forum_name']; + $warned = TRUE; + } + else if($cur_prv_status != $new_prv_status && !$is_single_user) + { + if( $valid_auth_prv_sql_val != "") { - - if( $u_access[$i][$auth_field] && !$value && $u_access[$i]['group_single_user'] ) - { - // - // User is having ACL access removed from this field - // but retains access via a group they belong too, - // carry out the update but warn the moderator - // - - $warning_acl[$chg_forum_id][$auth_field] = TRUE; - } - else if( $u_access[$i][$auth_field] != $value && !$u_access[$i]['group_single_user'] ) - { - $update_acl_sql .= ($update_acl_sql != "") ? ", $auth_field = $value" : "$auth_field = $value"; - } + $valid_auth_prv_sql_val .= ", "; } - } - - $valid_auth_acl_sql[$chg_forum_id] = "UPDATE " . AUTH_ACCESS_TABLE . " SET " . $update_acl_sql ." WHERE forum_id = $chg_forum_id AND group_id = $group_id"; - - } // forum_id = forum_access - - } // for ... forum_access + $valid_auth_prv_sql_val .= "$this_prv_field = $new_prv_status"; - } // not_mod + $update_acl = TRUE; - $auth_exists = TRUE; - - } // if forum ... chg_forum + if(!$new_prv_status) + { + $is_all_zeroed = TRUE; + } + } + } - } // for ... u_access + if(!$is_single_user) + { + if(!$is_all_zeroed) + { + $valid_auth_prv_sql[$this_forum_id] .= $valid_auth_prv_sql_val . " WHERE forum_id = $this_forum_id AND group_id = $group_id"; + } + else + { + $valid_auth_prv_sql[$this_forum_id] = "DELETE FROM " . AUTH_ACCESS_TABLE . " + WHERE forum_id = $this_forum_id + AND group_id = $group_id"; + } + } + $valid_auth_prv_sql_val = ""; + } + } - if($valid_auth_acl_sql[$chg_forum_id] == "" && !$auth_exists) - { - for($j = 0; $j < count($forum_access); $j++) - { - if( $chg_forum_id == $forum_access[$j]['forum_id'] && $value) + if(!$update_acl) { - $valid_auth_acl_sql_val = ""; - $valid_auth_acl_sql_fld = ""; + // + // Step through all auth fields + // + $all_zeroed = TRUE; - for($k = 0; $k < count($forum_auth_fields); $k++) + @reset($new_prv_ary); + while( list($this_prv_field, $new_prv_status) = each($new_prv_ary) ) { - $auth_field = $forum_auth_fields[$k]; + // + // Is this field set to ACL? + // + if( $valid_auth_prv_sql_fld != "" ) + { + $valid_auth_prv_sql_fld .= ", "; + } + + if( $valid_auth_prv_sql_val != "" ) + { + $valid_auth_prv_sql_val .= ", "; + } + $valid_auth_prv_sql_fld .= "$this_prv_field"; + $valid_auth_prv_sql_val .= "$new_prv_status"; - if( $forum_access[$j][$auth_field] == AUTH_ACL ) + if($new_prv_status) { - $valid_auth_acl_sql_fld .= ($valid_auth_acl_sql_fld != "") ? ", $auth_field" : "$auth_field"; - $valid_auth_acl_sql_val .= ($valid_auth_acl_sql_val != "") ? ", $value" : "$value"; + $all_zeroed = FALSE; } } - $valid_auth_acl_sql[$chg_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $valid_auth_acl_sql_fld) VALUES ($chg_forum_id, $group_id, $valid_auth_acl_sql_val)"; + if(!$all_zeroed) + { + $valid_auth_prv_sql[$this_forum_id] = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $valid_auth_prv_sql_fld) VALUES ($this_forum_id, $group_id, $valid_auth_prv_sql_val)"; + } + + $update_acl = TRUE; } } } } -// print_r($valid_auth_acl_sql); -// echo "<BR><BR>"; - // - // The next part requires that we know whether we're - // updating an existing entry, inserting a new one or - // deleting an existing entry ... as well as what we're - // updating and with what value ... + // Checks complete, make updates to DB // - - // - // Checks complete, make updates - // - while(list($chg_forum_id, $sql) = each($valid_auth_mod_sql)) + while( list($chg_forum_id, $sql) = each($valid_auth_mod_sql) ) { if( !empty($sql) ) { - if(!$result = $db->sql_query($sql)) + if( !$result = $db->sql_query($sql) ) { // Error ... } } } - while(list($chg_forum_id, $sql) = each($valid_auth_acl_sql)) + while( list($chg_forum_id, $sql) = each($valid_auth_prv_sql) ) { if( !empty($sql) ) { - if(!$result = $db->sql_query($sql)) + if( !$result = $db->sql_query($sql) ) { // Error ... } } } - header("Location: admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=$group_id"); + // + // Any warnings? + // + $warning_list = ""; + while( list($forum_id, $user_ary) = each($warning_mod_userid) ) + { + for($i = 0; $i < count($user_ary); $i++) + { + if(!empty($valid_auth_mod_sql[$forum_id])) + { + $warning_list .= "<b><a href=\"admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_ary[$i] . "\">" . $warning_mod_username[$forum_id][$i] . "</a></b> has moderator status on <b>" . $warning_mod_frmname[$forum_id][$i] . "</b><br />"; + } + } + } + + while( list($forum_id, $user_ary) = each($warning_prv_userid) ) + { + for($i = 0; $i < count($user_ary); $i++) + { + if(!empty($valid_auth_prv_sql[$forum_id])) + { + $warning_list .= "<b><a href=\"admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_ary[$i] . "\">" . $warning_prv_username[$forum_id][$i] . "</a></b> has access status to <b>" . $warning_prv_frmname[$forum_id][$i] . "</b><br />"; + } + } + } + + if($warning_list != "") + { + $warning_list = "<br />The following user/s still have access/moderator rights to this forum via their user auth settings. You may want to alter the user authorisation/s to fully prevent them having access/moderator rights. The users granted rights are noted below.<br/><br/>" . $warning_list . "<br />Click <a href=\"admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=$group_id\">HERE</a> to return to group auth admin<br />"; + + $template_header = "admin/page_header.tpl"; + include('page_header_admin.'.$phpEx); + + $template->set_filenames(array( + "body" => "admin/admin_message_body.tpl") + ); + $template->assign_vars(array( + "MESSAGE_TITLE" => "Authorisation Conflict Warning", + "MESSAGE_TEXT" => $warning_list) + ); + } + else + { + header("Location: admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=$group_id"); + } } else if(empty($HTTP_GET_VARS[POST_GROUPS_URL])) @@ -397,15 +535,14 @@ else if(empty($HTTP_GET_VARS[POST_GROUPS_URL])) $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " - WHERE group_single_user <> 1"; - $u_result = $db->sql_query($sql); - - $user_list = $db->sql_fetchrowset($u_result); + WHERE group_single_user <> " . TRUE; + $g_result = $db->sql_query($sql); + $group_list = $db->sql_fetchrowset($g_result); $select_list = "<select name=\"" . POST_GROUPS_URL . "\">"; - for($i = 0; $i < count($user_list); $i++) + for($i = 0; $i < count($group_list); $i++) { - $select_list .= "<option value=\"" . $user_list[$i]['group_id'] . "\">" . $user_list[$i]['group_name'] . "</option>"; + $select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>"; } $select_list .= "</select>"; @@ -420,98 +557,105 @@ else if(empty($HTTP_GET_VARS[POST_GROUPS_URL])) "L_USER_OR_GROUP" => "Group", "S_USERAUTH_ACTION" => append_sid("admin_groupauth.$phpEx"), - "S_USERS_SELECT" => $select_list, - - "U_FORUMAUTH" => append_sid("admin_forumauth.$phpEx")) + "S_USERS_SELECT" => $select_list) ); - $template->pparse("body"); - - include('page_footer_admin.'.$phpEx); - } +else +{ + // + // Front end + // + $group_id = $HTTP_GET_VARS[POST_GROUPS_URL]; + if( isset($HTTP_GET_VARS['adv']) ) + { + $adv = $HTTP_GET_VARS['adv']; + } + else + { + $adv = FALSE; + } + $template_header = "admin/page_header.tpl"; + include('page_header_admin.'.$phpEx); -// -// Front end -// -$template_header = "admin/page_header.tpl"; -include('page_header_admin.'.$phpEx); - -$template->set_filenames(array( - "body" => "admin/ug_auth_body.tpl") -); - -$group_id = $HTTP_GET_VARS[POST_GROUPS_URL]; + $template->set_filenames(array( + "body" => "admin/ug_auth_body.tpl") + ); -$sql = "SELECT f.forum_id, f.forum_name, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_announce, f.auth_sticky - FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c - WHERE c.cat_id = f.cat_id - ORDER BY c.cat_order ASC, f.forum_order ASC"; -$fa_result = $db->sql_query($sql); + // + // + // + $sql = "SELECT f.* + FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c + WHERE c.cat_id = f.cat_id + ORDER BY c.cat_order ASC, f.forum_order ASC"; + $fa_result = $db->sql_query($sql); -$forum_access = $db->sql_fetchrowset($fa_result); + $forum_access = $db->sql_fetchrowset($fa_result); -if($adv == -1) -{ - for($i = 0; $i < count($forum_access); $i++) + if( empty($adv) ) { - while(list($forum_id, $forum_row) = each($forum_access)) + for($i = 0; $i < count($forum_access); $i++) { - for($j = 0; $j < count($forum_auth_key_fields); $j++) + while(list($forum_id, $forum_row) = each($forum_access)) { - $basic_auth_level[$forum_row['forum_id']] = "public"; - - if($forum_row[$forum_auth_key_fields[$j]] == AUTH_REG) + for($j = 0; $j < count($forum_auth_key_fields); $j++) { - $basic_auth_level[$forum_row['forum_id']] = "registered"; - $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; - } - else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_ACL) - { - $basic_auth_level[$forum_row['forum_id']] = "private"; - $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; - } - else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_MOD) - { - $basic_auth_level[$forum_row['forum_id']] = "moderator"; - $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; - } - else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_ADMIN) - { - $basic_auth_level[$forum_row['forum_id']] = "admin"; - $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + $basic_auth_level[$forum_row['forum_id']] = "public"; + + if($forum_row[$forum_auth_key_fields[$j]] == AUTH_REG) + { + $basic_auth_level[$forum_row['forum_id']] = "registered"; + $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + } + else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_ACL) + { + $basic_auth_level[$forum_row['forum_id']] = "private"; + $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + } + else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_MOD) + { + $basic_auth_level[$forum_row['forum_id']] = "moderator"; + $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + } + else if($forum_row[$forum_auth_key_fields[$j]] == AUTH_ADMIN) + { + $basic_auth_level[$forum_row['forum_id']] = "admin"; + $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + } } } } } - $sql = "SELECT u.user_id, u.username, g.group_id, g.group_name, g.group_single_user + $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE g.group_id = $group_id - AND ug.group_id = g.group_id + AND ug.group_id = g.group_id AND u.user_id = ug.user_id"; $g_result = $db->sql_query($sql); - $groupinf = $db->sql_fetchrowset($g_result); - $sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_mod - FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g + $sql = "SELECT aa.* + FROM " . AUTH_ACCESS_TABLE . " aa, " . GROUPS_TABLE. " g WHERE g.group_id = $group_id AND aa.group_id = g.group_id - AND g.group_single_user <> " . TRUE; - $au_result = $db->sql_query($sql); + AND g.group_single_user = 0"; + $ag_result = $db->sql_query($sql); - $num_u_access = $db->sql_numrows($au_result); - if($num_u_access) + $num_g_access = $db->sql_numrows($ag_result); + + if($num_g_access) { - while($u_row = $db->sql_fetchrow($au_result)) + while($g_row = $db->sql_fetchrow($ag_result)) { - $u_access[$u_row['forum_id']][] = $u_row; - $num_forum_access[$u_row['forum_id']]++; + $g_access[$g_row['forum_id']][] = $g_row; + $num_forum_access[$g_row['forum_id']]++; } } + $auth_group = array(); for($i = 0; $i < count($forum_access); $i++) { $f_forum_id = $forum_access[$i]['forum_id']; @@ -525,91 +669,84 @@ if($adv == -1) switch($value) { case AUTH_ALL: - $auth_user[$f_forum_id][$key] = 1; + $auth_group[$f_forum_id][$key] = 1; break; case AUTH_REG: - $auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? 1 : 0; + $auth_group[$f_forum_id][$key] = 1; break; case AUTH_ACL: - if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id]) + if($num_forum_access[$f_forum_id]) { - $result = a_auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], 0); - $auth_user[$f_forum_id][$key] = $result['auth']; + $result = a_auth_check_user(AUTH_ACL, $key, $g_access[$f_forum_id], 0); + $auth_group[$f_forum_id][$key] = $result['auth']; + $auth_field_acl[$f_forum_id][$key] = $result['auth']; } else { - $auth_user[$f_forum_id][$key] = 0; + $auth_group[$f_forum_id][$key] = 0; } break; - + case AUTH_MOD: - if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id]) + if($num_forum_access[$f_forum_id]) { - $result = a_auth_check_user(AUTH_MOD, $key, $u_access[$f_forum_id], 0); - $auth_user[$f_forum_id][$key] = $result['auth']; + $result = a_auth_check_user(AUTH_MOD, $key, $g_access[$f_forum_id], 0); + $auth_group[$f_forum_id][$key] = $result['auth']; } else { - $auth_user[$f_forum_id][$key] = 0; + $auth_group[$f_forum_id][$key] = 0; } break; - + case AUTH_ADMIN: - $auth_user[$f_forum_id][$key] = 0; + $auth_group[$f_forum_id][$key] = 0; break; default: - $auth_user[$f_forum_id][$key] = 0; + $auth_group[$f_forum_id][$key] = 0; break; } } + // // Is user a moderator? // - if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id]) + if($num_forum_access[$f_forum_id]) { - $result = a_auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], 0); - $auth_user[$f_forum_id]['auth_mod'] = $result['auth']; + $result = a_auth_check_user(AUTH_MOD, 'auth_mod', $g_access[$f_forum_id], 0); + $auth_group[$f_forum_id]['auth_mod'] = $result['auth']; } else { - $auth_user[$f_forum_id][$key] = 0; + $auth_group[$f_forum_id][$key] = 0; } } - while(list($forumkey, $user_ary) = each($auth_user)) - { - $simple_auth[$forumkey] = 1; - while(list($fieldkey, $value) = each($user_ary)) - { - $simple_auth[$forumkey] = $simple_auth[$forumkey] && $value; - } - } - reset($auth_user); - $i = 0; - if($adv == -1) + while(list($forumkey, $group_ary) = each($auth_group)) { - while(list($forumkey, $user_ary) = each($auth_user)) + if( empty($adv) ) { if($basic_auth_level[$forumkey] == "private") { $allowed = 1; + for($j = 0; $j < count($basic_auth_level_fields[$forumkey]); $j++) { - if(!$auth_user[$forumkey][$basic_auth_level_fields[$forumkey][$j]]) + if(!$group_ary[$basic_auth_level_fields[$forumkey][$j]]) { $allowed = 0; } } $optionlist_acl = "<select name=\"private[$forumkey]\">"; - if($is_admin || $user_ary['auth_mod']) + if( $auth_group['auth_mod'] ) { $optionlist_acl .= "<option value=\"1\">Allowed Access</option>"; } - else if($allowed) + else if( $allowed ) { $optionlist_acl .= "<option value=\"1\" selected>Allowed Access</option><option value=\"0\">Disallowed Access</option>"; } @@ -623,77 +760,162 @@ if($adv == -1) { $optionlist_acl = " "; } - - $optionlist_mod = "<select name=\"moderator[$forumkey]\">"; - if($user_ary['auth_mod']) - { - $optionlist_mod .= "<option value=\"1\" selected>Is a Moderator</option><option value=\"0\">Is not a Moderator</option>"; - } - else + } + else + { + @reset($forum_access); + while(list($key, $forum_row) = each($forum_access)) { - $optionlist_mod .= "<option value=\"1\">Is a Moderator</option><option value=\"0\" selected>Is not a Moderator</option>"; + $forum_id = $forum_row['forum_id']; + + for($j = 0; $j < count($forum_auth_fields); $j++) + { + $field_name = $forum_auth_fields[$j]; + + if( $forum_row[$field_name] == AUTH_ACL ) + { + $optionlist_acl_adv[$forum_id][$j] = "<select name=\"" . $field_name . "[$forum_id]\">"; + + if( isset($auth_field_acl[$forum_id][$field_name]) && !$auth_group['auth_mod'] ) + { + if(!$auth_field_acl[$forum_id][$field_name]) + { + $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">On</option><option value=\"0\" selected>Off</option>"; + } + else + { + $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\" selected>On</option><option value=\"0\">Off</option>"; + } + } + else + { + if( $auth_group['auth_mod'] ) + { + $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">On</option>"; + } + else + { + $optionlist_acl_adv[$forum_id][$j] .= "<option value=\"1\">On</option><option value=\"0\" selected>Off</option>"; + } + } + + $optionlist_acl_adv[$forum_id][$j] .= "</select>"; + + } + } } - $optionlist_mod .= "</select>"; + } - $row_class = ($i%2) ? "row2" : "row1"; + $optionlist_mod = "<select name=\"moderator[$forumkey]\">"; + if($group_ary['auth_mod']) + { + $optionlist_mod .= "<option value=\"1\" selected>Moderator</option><option value=\"0\">Not Moderator</option>"; + } + else + { + $optionlist_mod .= "<option value=\"1\">Moderator</option><option value=\"0\" selected>Not Moderator</option>"; + } + $optionlist_mod .= "</select>"; - $template->assign_block_vars("forums", array( - "ROW_CLASS" => $row_class, - "FORUM_NAME" => $forum_access[$i]['forum_name'], + $row_class = ($i%2) ? "row2" : "row1"; - "U_FORUM_AUTH" => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']), - - "S_ACL_SELECT" => $optionlist_acl, - "S_MOD_SELECT" => $optionlist_mod) + $template->assign_block_vars("forums", array( + "ROW_CLASS" => $row_class, + "FORUM_NAME" => $forum_access[$i]['forum_name'], + + "U_FORUM_AUTH" => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']), + + "S_MOD_SELECT" => $optionlist_mod) + ); + + if(!$adv) + { + $template->assign_block_vars("forums.aclvalues", array( + "S_ACL_SELECT" => $optionlist_acl) ); - $i++; } - } - reset($auth_user); + else + { + for($j = 0; $j < count($forum_auth_fields); $j++) + { + $template->assign_block_vars("forums.aclvalues", array( + "S_ACL_SELECT" => $optionlist_acl_adv[$forumkey][$j]) + ); + } + } - $t_groupname .= $groupinf[0]['group_name']; + $i++; + } + @reset($auth_group); for($i = 0; $i < count($groupinf); $i++) { $username[] = $groupinf[$i]['username']; $user_id[] = $groupinf[$i]['user_id']; } - + + $t_groupname .= $groupinf[0]['group_name']; + if(count($username)) { - $t_username_list = ""; - - for($i = 0; $i < count($groupinf); $i++) + $t_usergroup_list = ""; + for($i = 0; $i < count($username); $i++) { - $t_username_list .= "<a href=\"admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id[$i] . "\">" . $username[$i] . "</a>"; + $t_usergroup_list .= "<a href=\"admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id[$i] . "\">" . $username[$i] . "</a>"; if($i < count($username) - 1) { - $t_username_list .= ", "; + $t_usergroup_list .= ", "; } } } else { - $t_username_list = "<b>Has no members</b>"; + $t_usergroup_list = "None"; } $s_hidden_fields = "<input type=\"hidden\" name=\"" . POST_GROUPS_URL . "\" value=\"$group_id\">"; + $s_hidden_fields .= "<input type=\"hidden\" name=\"curadmin\" value=\"" . $is_admin ."\">"; + + $s_column_span = 2; // Two columns always present + if(!$adv) + { + $template->assign_block_vars("acltype", array( + "L_UG_ACL_TYPE" => "Simple Auth Setting") + ); + $s_column_span++; + } + else + { + for($i = 0; $i < count($forum_auth_fields); $i++) + { + $template->assign_block_vars("acltype", array( + "L_UG_ACL_TYPE" => ucfirst(preg_replace("/auth_/", "", $forum_auth_fields[$i]))) + ); + $s_column_span++; + } + } + + $switch_mode = "admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id . "&adv="; + $switch_mode .= ( !$adv ) ? "1" : "0"; + $switch_mode_text = ( !$adv ) ? "Advanced Mode" : "Simple Mode"; + $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>'; $template->assign_vars(array( "USERNAME" => $t_groupname, - "USER_GROUP_MEMBERSHIPS" => "This group has the following members: $t_username_list", + "USER_GROUP_MEMBERSHIPS" => "This group has the following members: $t_usergroup_list", - "L_USER_OR_GROUPNAME" => "Groupname", + "L_USER_OR_GROUPNAME" => "Group name", "L_USER_OR_GROUP" => "Group", "U_USER_OR_GROUP" => append_sid("admin_groupauth.$phpEx"), - "U_FORUMAUTH" => append_sid("admin_forumauth.$phpEx"), - + "U_SWITCH_MODE" => $u_switch_mode, + + "S_COLUMN_SPAN" => $s_column_span, "S_USER_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"), "S_HIDDEN_FIELDS" => $s_hidden_fields) ); -} // if adv == -1 +} $template->pparse("body"); |