Renamed files

git-svn-id: file:///svn/phpbb/trunk@632 89ea8834-ac86-4346-8a33-228a782c2dd0
author: Bart van Bragt <bartvb@users.sourceforge.net> 2001-07-11 22:29:08 +0000
committer: Bart van Bragt <bartvb@users.sourceforge.net> 2001-07-11 22:29:08 +0000
commit: d09d3934426fe8d093c54dea5b654e8bff5764aa (patch)
tree: 0256fd382afc444e2cfa5935564112d786ce9aa5 /phpBB/admin
parent: 8f0806e149e550d6c49a658bd875c8c55deaa395 (diff)
download: forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar
forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.gz
forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.bz2
forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.xz
forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.zip
2 files changed, 1060 insertions, 0 deletions
diff --git a/phpBB/admin/admin_forumauth.php b/phpBB/admin/admin_forumauth.php
new file mode 100644
index 0000000000..d5fde35778
--- /dev/null
+++ b/phpBB/admin/admin_forumauth.php
@@ -0,0 +1,403 @@
+<?php
+
+chdir("../");
+
+include('extension.inc');
+include('common.'.$phpEx);
+
+//
+// Start session management
+//
+//$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
+//init_userprefs($userdata);
+//
+// End session management
+//
+
+$simple_auth_ary = array(
+	0  => array(0, 0, 0, 0, 1, 0, 3, 3, 0, 0, 0), 
+	1  => array(0, 0, 0, 0, 3, 3, 3, 3, 3, 3, 3), 
+	2  => array(0, 0, 1, 1, 1, 1, 3, 3, 1, 1, 1), 
+	3  => array(1, 1, 1, 1, 1, 1, 3, 3, 1, 1, 1), 
+	4  => array(0, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2),
+	5  => array(2, 2, 2, 2, 2, 2, 2, 3, 2, 2, 2),
+	6  => array(0, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3),
+	7  => array(3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3), 
+	8  => array(0, 0, 3, 0, 0, 0, 3, 3, 3, 3, 3), 
+	9  => array(0, 0, 3, 1, 0, 0, 3, 3, 3, 3, 3)
+);
+
+$simple_auth_types = array("Public", "Test Restricted", "Registered", "Registered [Hidden]", "Private", "Private [Hidden]", "Moderators", "Moderators [Hidden]", "Moderator Post + All Reply", "Moderator Post + Reg Reply");
+
+
+$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_votecreate", "auth_vote", "auth_attachments");
+$forum_auth_levels = array("ALL", "REG", "ACL", "MOD", "ADMIN");
+$forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
+
+
+if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
+{
+	$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];
+	$forum_sql = "WHERE forum_id = $forum_id";
+}
+else
+{
+	unset($forum_id);
+	$forum_sql = "";
+}
+
+if(isset($HTTP_GET_VARS['adv']))
+{
+	$adv = $HTTP_GET_VARS['adv'];
+}
+else
+{
+	$adv = -1;
+}
+
+if(isset($HTTP_POST_VARS['submit']))
+{
+	if(!empty($forum_id))
+	{
+		$sql = "UPDATE " . FORUMS_TABLE . " SET ";
+
+		if(isset($HTTP_POST_VARS['simpleauth']))
+		{
+			$simple_ary = $simple_auth_ary[$HTTP_POST_VARS['simpleauth']];
+			for($i = 0; $i < count($simple_ary); $i++)
+			{
+				$sql .= $forum_auth_fields[$i] . " = " . $simple_ary[$i];
+				if($i < count($simple_ary) - 1)
+				{
+					$sql .= ", ";
+				}
+			}
+
+			$sql .= " WHERE forum_id = $forum_id";
+		}
+		else
+		{
+			$sql = "UPDATE " . FORUMS_TABLE . " SET ";
+
+			for($i = 0; $i < count($forum_auth_fields); $i++)
+			{
+				$value = $HTTP_POST_VARS[$forum_auth_fields[$i]];
+				if($forum_auth_fields[$i] != 'auth_view')
+				{
+					if($HTTP_POST_VARS['auth_view'] > $value)
+					{
+						$value = $HTTP_POST_VARS['auth_view'];
+					}
+				}
+				$sql .= $forum_auth_fields[$i] . " = " . $value;
+				if($i < count($forum_auth_fields) - 1)
+				{
+					$sql .= ", ";
+				}
+			}
+
+			$sql .= " WHERE forum_id = $forum_id";
+
+		}
+
+		if(strlen($sql))
+		{
+			if(!$db->sql_query($sql))
+			{
+				error_die(QUERY_ERROR, "Couldn't update auth table!", __LINE__, __FILE__);
+			}
+		}
+
+		unset($forum_id);
+		$forum_sql = "";
+		$adv = 0;
+
+	}
+}
+
+
+//
+// Start output
+//
+$sql = "SELECT *
+	FROM ".FORUMS_TABLE." 
+	$forum_sql 
+	ORDER BY forum_id ASC";
+$f_result = $db->sql_query($sql);
+$forum_rows = $db->sql_fetchrowset($f_result);
+
+//
+// Show data
+//
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+            "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>phpBB - auth testing</title>
+<style type="text/css">
+<!--
+	P {font-family:Verdana,serif;font-size:8pt}
+
+	H1 {font-family:Arial,Helvetica,sans-serif;font-size:14pt;}
+	H2 {font-family:Arial,Helvetica,sans-serif;font-size:12pt;}
+
+	TH {font-family:Verdana,serif;font-size:8pt}
+	TD {font-family:Verdana,serif;font-size:8pt}
+
+	SELECT.small	{width:140px;font-family:"Courier New",courier;font-size:8pt;}
+	INPUT.text		{font-family:"Courier New",courier;font-size:8pt;}
+//-->
+</style>
+</head>
+<body bgcolor="#FFFFFF" text="#000000">
+
+<h1>Forum Authorisation Control</h1>
+
+<?php
+
+	if(!empty($forum_id))
+	{
+
+?>
+<h2>Forum : <?php echo $forum_rows[0]['forum_name']; ?></h2>
+<?php
+
+	}
+
+?>
+
+<div align="center"><table cellspacing="1" cellpadding="4" border="0">
+<?php
+
+	for($i = 0; $i < count($forum_rows); $i++)
+	{
+		$forum_name[$i] = "<a href=\"" . append_sid("forumauth.php?" . POST_FORUM_URL . "=" . $forum_rows[$i]['forum_id']) . "\">" . $forum_rows[$i]['forum_name'] . "</a>";
+
+		reset($simple_auth_ary);
+		while(list($key, $auth_levels) = each($simple_auth_ary))
+		{
+			$matched = 1;
+			for($k = 0; $k < count($auth_levels); $k++)
+			{
+				$matched_type = $key;
+				if($forum_rows[$i][$forum_auth_fields[$k]] != $auth_levels[$k])
+				{
+					$matched = 0;
+				}
+			}
+			if($matched)
+				break;
+		}
+
+		//
+		// If we've got a custom setup
+		// then we jump into advanced
+		// mode by default
+		//
+		if($adv == -1 && !$matched)
+		{
+			$adv = 1;
+		}
+		
+		if($adv <= 0 || empty($forum_id))
+		{
+
+			//
+			// Determine whether the current
+			// forum auth fields match a preset 'simple'
+			// type
+			//
+
+			$simple_auth[$i] = (isset($forum_id)) ? "&nbsp;<select name=\"simpleauth\">" : "";
+			if(!$matched && empty($forum_id))
+			{
+				$simple_auth[$i] .= "Custom";
+				$matched_type = -1;
+			}
+			for($j = 0; $j < count($simple_auth_types); $j++)
+			{
+				if($matched_type == $j)
+				{
+					$simple_auth[$i] .= (isset($forum_id)) ? "<option value=\"$j\" selected>" : "";
+					$simple_auth[$i] .= $simple_auth_types[$j];
+					$simple_auth[$i] .= (isset($forum_id)) ? "</option>" : "";
+				}
+				else if(isset($forum_id))
+				{
+					$simple_auth[$i] .= "<option value=\"$j\">".$simple_auth_types[$j]."</option>";
+				}
+			}
+			$simple_auth[$i] .= (isset($forum_id)) ? "</select>&nbsp;" : "";
+
+		}
+
+		if($adv == 1 || empty($forum_id))
+		{
+
+			//
+			// Output values of individual 
+			// fields
+			//
+
+			for($j = 0; $j < count($forum_auth_fields); $j++)
+			{
+				$custom_auth[$i][$j] = (isset($forum_id)) ? "&nbsp;<select name=\"".$forum_auth_fields[$j]."\">" : "";
+				for($k = 0; $k < count($forum_auth_levels); $k++)
+				{
+					if($forum_rows[$i][$forum_auth_fields[$j]] == $forum_auth_const[$k])
+					{
+						$custom_auth[$i][$j] .= (isset($forum_id)) ? "<option value=\"" . $forum_auth_const[$k] . "\" selected>" : "";
+						if(empty($forum_id))
+						{
+							if($forum_auth_levels[$k] == "ACL" || $forum_auth_levels[$k] == "MOD" || $forum_auth_levels[$k] == "ADMIN")
+							{
+								$custom_auth[$i][$j] .= "<a href=\"userauth.php?" . POST_FORUM_URL . "=" . $forum_rows[$i]['forum_id'] . "&auth=" . $forum_auth_fields[$j] . "\">";
+							}
+						}
+						$custom_auth[$i][$j] .= $forum_auth_levels[$k];
+						if(empty($forum_id))
+						{
+							if($forum_auth_levels[$k] == "ACL" || $forum_auth_levels[$k] == "MOD" || $forum_auth_levels[$k] == "ADMIN")
+							{
+								$custom_auth[$i][$j] .= "</a>";
+							}
+						}
+						$custom_auth[$i][$j] .= (isset($forum_id)) ? "</option>" : "";
+					}
+					else if(isset($forum_id))
+					{
+						$custom_auth[$i][$j] .= "<option value=\"" . $forum_auth_const[$k] . "\">". $forum_auth_levels[$k]."</option>";
+					}
+				}
+				$custom_auth[$i][$j] .= (isset($forum_id)) ? "</select>&nbsp;" : "";
+			}
+
+		}
+	}
+
+?>
+	<tr><form method="post" action="forumauth.php">
+<?php
+
+	if(empty($forum_id))
+	{
+
+?>
+		<th bgcolor="#CCCCCC">Forum Title</th>
+<?php
+
+	}
+
+	if($adv <= 0  || empty($forum_id))
+	{
+
+?>
+		<th bgcolor="#CCCCCC">Simple Auth</th>
+<?php
+
+	}
+
+	if($adv == 1 || empty($forum_id))
+	{
+		for($j = 0; $j < count($forum_auth_fields); $j++)
+		{
+			echo "<th bgcolor=\"#CCCCCC\">".preg_replace("/auth_/", "", $forum_auth_fields[$j])."</th>\n";
+		}
+	}
+
+?>
+	</tr>
+<?php
+
+	for($i = 0; $i < count($forum_rows); $i++)
+	{
+
+		unset($moderators_links);
+		for($mods = 0; $mods < count($forum_mods['forum_' . $forum_rows[$i]['forum_id'] . '_id']); $mods++)
+		{
+			if(isset($moderators_links))
+			{
+				$moderators_links .= ", ";
+			}
+			if(!($mods % 2) && $mods != 0)
+			{
+				$moderators_links .= "<br>";
+			}
+			$moderators_links .= "<a href=\"".append_sid("../profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $forum_mods['forum_'.$forum_rows[$i]['forum_id'] . '_id'][$mods]) . "\">" . $forum_mods['forum_'.$forum_rows[$i]['forum_id'] . '_name'][$mods] . "</a>";
+		}
+
+		echo "<tr>\n";
+
+		if(empty($forum_id))
+		{
+			echo "<td align=\"center\" bgcolor=\"#DDDDDD\">".$forum_name[$i]."</td>\n";
+
+			$colspan = 2;
+		}
+
+		if($adv <= 0  || empty($forum_id))
+		{
+			echo "<td align=\"center\" bgcolor=\"#DDDDDD\">".$simple_auth[$i]."</td>\n";
+
+			$colspan ++;
+		}
+
+		if($adv == 1 || empty($forum_id))
+		{
+			for($j = 0; $j < count($custom_auth[$i]); $j++)
+			{
+				echo "<td align=\"center\" bgcolor=\"#DDDDDD\">".$custom_auth[$i][$j]."</td>\n";
+
+				$colspan++;
+			}
+		}
+
+		echo "</tr>\n";
+
+	}
+
+	if(isset($forum_id))
+	{
+
+		$switch_mode = "forumauth.php?" . POST_FORUM_URL . "=" . $forum_id . "&adv=";
+		$switch_mode .= ($adv <= 0 ) ? "1" : "0";
+
+		$switch_mode_text = ($adv <= 0 ) ? "Advanced Mode" : "Simple Mode";
+
+?>
+		<tr>
+			<td colspan="<?php echo $colspan; ?>"><table width="100%" cellspacing="0" cellpadding="4" border="0">
+				<tr>
+					<td align="center"><a href="<?php echo $switch_mode ?>">Switch to <?php echo $switch_mode_text; ?></a></td>
+				</tr>
+				<tr>
+					<td align="center"><input type="hidden" name="<?php echo POST_FORUM_URL; ?>" value="<?php echo $forum_id; ?>"><input type="submit" name="submit" value="Submit Changes">&nbsp;&nbsp;<input type="reset" value="Reset to Initial"></td>
+				</tr>
+				<tr>
+					<td align="center"><a href="forumauth.php">Return to Forum Auth Index</a></td>
+				</tr>
+			</table></td>
+		</tr>
+<?php
+
+	}
+
+?>
+	</form></tr>
+</table></div>
+
+<?php
+
+?>
+<center>
+<p><a href="userauth.php">User Authorisation Admin</a></p>
+
+<font face="Verdana,serif" size="1">Powered By <a href="http://www.phpbb.com/" target="_phpbb">phpBB 2.0</a></font>
+<br clear="all">
+<font face="Verdana,serif" size="1">
+Copyright &copy; 2001 phpBB Group, All Rights Reserved</font>
+<br>
+
+</body>
+</html>
+\ No newline at end of file
diff --git a/phpBB/admin/admin_userauth.php b/phpBB/admin/admin_userauth.php
new file mode 100644
index 0000000000..ed2f33c26c
--- /dev/null
+++ b/phpBB/admin/admin_userauth.php
@@ -0,0 +1,657 @@
+<?php
+
+chdir("../");
+
+include('extension.inc');
+include('common.'.$phpEx);
+
+//
+// Start session management
+//
+$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
+init_userprefs($userdata);
+//
+// End session management
+//
+
+$auth_field_match = array(
+	"auth_view" => AUTH_VIEW,
+	"auth_read" => AUTH_READ,
+	"auth_post" => AUTH_POST,
+	"auth_reply" => AUTH_REPLY,
+	"auth_edit" => AUTH_EDIT,
+	"auth_delete" => AUTH_DELETE,
+	"auth_sticky" => AUTH_STICKY, 
+	"auth_announce" => AUTH_ANNOUNCE, 
+	"auth_vote" => AUTH_VOTE,
+	"auth_votecreate" => AUTH_VOTECREATE,
+	"auth_attachments" => AUTH_ATTACH
+);
+$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_votecreate", "auth_vote", "auth_attachments");
+
+$forum_auth_key_fields = array("auth_view", "auth_read", "auth_post", "auth_reply");
+
+// ----------
+// Start Functions
+//
+function a_auth_check_user($type, $key, $u_auth, $is_admin)
+{
+
+	$single_user = 0;
+	$auth_user = array();
+
+	while( list($entry, $u_ary) = each($u_auth) )
+	{
+		if(!$single_user)
+		{
+			$single_user = $u_ary['group_single_user'];
+			
+			$result = 0;
+			switch($type)
+			{
+				case AUTH_ACL:
+					$result = $u_ary[$key];
+
+				case AUTH_MOD:
+					$result = $result || $u_ary['auth_mod'];
+
+				case AUTH_ADMIN:
+					$result = $result || $is_admin;
+					break;
+			}
+
+			$auth_user['auth'] = (!$single_user) ? ( $auth_user || $result ) : $result;
+
+		}
+		$auth_user['single_group'] = ($single_user) ? "single" : "group";
+
+	}
+	
+	return $auth_user;
+}
+//
+// Start Functions
+// ----------
+
+
+//
+//
+//
+$adv = (isset($HTTP_GET_VARS['adv'])) ? $HTTP_GET_VARS['adv'] : -1;
+
+if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
+{
+	$user_id = $HTTP_POST_VARS[POST_USERS_URL];
+
+	//
+	// This is where things become fun ...
+	//
+	// We have to do a pile of cross-checking
+	// to ensure what the admin has requested
+	// for a user doesn't conflict with
+	// permissions already assigned. If they
+	// do we warn the admin and give them 
+	// options ... where possible
+	//
+	
+	//
+	// Get group_id for this user_id
+	//
+	$sql_groupid = "SELECT group_id 
+		FROM " . USER_GROUP_TABLE . "
+		WHERE user_id = $user_id";
+	if(!$result = $db->sql_query($sql_groupid))
+	{
+		// Error no such user/group
+	}
+	list($group_id) = $db->sql_fetchrow($result);
+
+	//
+	// Carry out requests
+	//
+	if( !$HTTP_POST_VARS['makeadmin'] && $HTTP_POST_VARS['curadmin'] )
+	{
+		//
+		// Delete any entries granting in auth_access
+		//
+		$sql_unmod = "DELETE FROM " . AUTH_ACCESS_TABLE . "     
+			WHERE group_id = $group_id";
+		if(!$result = $db->sql_query($sql_unmod))
+		{
+			// Error, couldn't delete entries
+		} 
+
+		//
+		// Update users level, reset to USER
+		//
+		$sql_userlevel = "UPDATE " . USERS_TABLE . " 
+			SET user_level = " . USER . " 
+			WHERE user_id = $user_id";
+		if(!$result = $db->sql_query($sql_userlevel))
+		{
+			// Error, couldn't set user level
+		}
+	
+		header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
+
+	}
+	else if( $HTTP_POST_VARS['makeadmin'] && !$HTTP_POST_VARS['curadmin'] )
+	{
+		//
+		// Switch user_level to ADMIN
+		//
+		$sql_userlevel = "UPDATE " . USERS_TABLE . " 
+			SET user_level = " . ADMIN . " 
+			WHERE user_id = $user_id";
+		if(!$result = $db->sql_query($sql_userlevel))
+		{
+			// Error, couldn't set user level
+		}
+			
+		// This needs changing -> Remove the
+		// user from auth_access where special 
+		// access permissions are granted but leave
+		// moderator status
+		//
+		// ---------------------------------------
+		// Delete any entries in auth_access, they
+		// are unrequired if user is becoming an 
+		// admin
+		//
+		$sql_unauth = "DELETE FROM " . AUTH_ACCESS_TABLE . "     
+			WHERE aa.group_id = $group_id";
+		if(!$result = $db->sql_query($sql_unauth))
+		{
+			// Error, couldn't delete entries
+		}
+
+		//
+		//
+		// ----------------------------------------
+
+		header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
+
+	}
+	else
+	{
+
+		$change_mod_ary = (isset($HTTP_POST_VARS['moderator'])) ? $HTTP_POST_VARS['moderator'] : 0;
+		$change_prv_ary = (isset($HTTP_POST_VARS['private'])) ? $HTTP_POST_VARS['private'] : 0;
+
+		//
+		// Pull all the group info
+		// for this user
+		//
+		$sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, g.group_single_user  
+		FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g   
+			WHERE ug.user_id = $user_id 
+				AND g.group_id = ug.group_id 
+				AND aa.group_id = ug.group_id 
+				AND g.group_single_user <> " . TRUE;
+		$au_result = $db->sql_query($sql);
+
+		$num_u_access = $db->sql_numrows($au_result);
+		if($num_u_access)
+		{
+			$u_access = $db->sql_fetchrowset($au_result);
+		}
+
+		//
+		// The data above lists access and moderator permissions
+		// for this user given by all the groups they belong to.
+		// These values must be checked against those requested
+		// by the admin and where necessary the admin is 
+		// informed of problems. For example, if a group the user
+		// belongs to already grants the user moderator status
+		// then the user won't have moderator status enabled.
+		// If the user has a group entry preventing access to a 
+		// forum then again, we must warn the admin that giving
+		// the user access goes against the group permissions
+		// (although in this case we'll go ahead and add the user)
+		//
+		
+		//
+		// Check against moderator table ...
+		//
+		$valid_auth_mod_chg = array();
+		reset($change_mod_ary);
+		while(list($chg_forum_id, $value) = each($change_mod_ary))
+		{
+			$a_match = $value;
+			for($i = 0; $i < count($u_access); $i++)
+			{
+				$forum_id = $u_access[$i]['forum_id'];
+
+				if($forum_id == $chg_forum_id && $u_access[$i]['auth_mod'] == 1)
+				{
+					$a_match = 0;
+				}
+			}
+	
+			$valid_auth_mod_chg[$chg_forum_id] = $a_match;
+
+		}
+		//
+		// valid_auth_mod_chg now contains an array (key is forum_id)
+		// where the value is 1 if the user should be an admin and 0
+		// where the user is prevented (either by the admin disallowing
+		// or the user belonging to a group which already moderates)
+		//
+
+		print_r($valid_auth_mod_chg);
+		echo "<BR><BR>";
+
+		//
+		// Check against priv access table ...
+		//
+		$valid_auth_prv_chg = array();
+		reset($change_prv_ary);
+		while(list($chg_forum_id, $value) = each($change_prv_ary))
+		{
+			$a_match = $value;
+			for($i = 0; $i < count($u_access); $i++)
+			{
+				$forum_id = $u_access[$i]['forum_id'];
+
+				if($forum_id == $chg_forum_id)
+				{
+					for($k = 0; $k < count($forum_auth_key_fields); $k++)
+					{
+						$a_match = $a_match && $u_access[$i][$forum_auth_key_fields[$k]];
+					}
+				}
+			}
+	
+			$valid_auth_prv_chg[$chg_forum_id] = $a_match;
+
+		}
+		//
+		// valid_auth_mod_chg now contains an array (key is forum_id)
+		// where the value is 1 if the user should be an admin and 0
+		// where the user is prevented (either by the admin disallowing
+		// or the user belonging to a group which already moderates)
+		//
+
+		print_r($valid_auth_prv_chg);
+		echo "<BR><BR>";
+
+		exit;
+
+		header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
+
+	}
+
+}
+else if(empty($HTTP_GET_VARS[POST_USERS_URL]))
+{
+	//
+	// Default user selection box
+	// This should be altered on the final
+	// system to list users via an alphabetical
+	// selection system ... otherwise this
+	// could get 'cumbersome' for boards
+	// with several thousand users!
+	//
+
+	$sql = "SELECT user_id, username  
+		FROM ".USERS_TABLE;
+	$u_result = $db->sql_query($sql);
+	$user_list = $db->sql_fetchrowset($u_result);
+
+	$select_list = "<select name=\"" . POST_USERS_URL . "\">";
+	for($i = 0; $i < count($user_list); $i++)
+	{
+		$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
+	}
+	$select_list .= "</select>";
+
+	$template->set_filenames(array(
+		"body" => "admin/userauth_select_body.tpl"));
+
+	$template->assign_vars(array(
+		"S_USERAUTH_ACTION" => append_sid("userauth.$phpEx"), 
+		"S_USERS_SELECT" => $select_list, 
+		
+		"U_FORUMAUTH" => append_sid("forumauth.$phpEx"))
+	);
+
+	$template->pparse("body");
+
+	exit;
+
+}
+
+	$template->set_filenames(array(
+		"body" => "admin/userauth_body.tpl")
+	);
+
+	$user_id = $HTTP_GET_VARS[POST_USERS_URL];
+
+	$sql = "SELECT forum_id, forum_name, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_votecreate, auth_vote, auth_attachments 
+		FROM " . FORUMS_TABLE;
+	$fa_result = $db->sql_query($sql);
+	$forum_access = $db->sql_fetchrowset($fa_result);
+
+	for($i = 0; $i < count($forum_access); $i++)
+	{
+		while(list($forum_id, $forum_row) = each($forum_access))
+		{
+			for($j = 0; $j < count($forum_auth_fields); $j++)
+			{
+				$basic_auth_level[$forum_row['forum_id']] = "public";
+
+				if($forum_row[$forum_auth_fields[$j]] == AUTH_REG)
+				{
+					$basic_auth_level[$forum_row['forum_id']] = "registered";
+					$basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j];
+				}
+				else if($forum_row[$forum_auth_fields[$j]] == AUTH_ACL)
+				{
+					$basic_auth_level[$forum_row['forum_id']] = "private";
+					$basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j];
+				}
+			}
+			if($forum_row['auth_view'] == AUTH_MOD || $forum_row['auth_read'] == AUTH_MOD || $forum_row['auth_post'] == AUTH_MOD || $forum_row['auth_reply'] == AUTH_MOD)
+			{
+				$basic_auth_level[$forum_row['forum_id']] = "moderate";
+			}
+			if($forum_row['auth_view'] == AUTH_ADMIN || $forum_row['auth_read'] == AUTH_ADMIN || $forum_row['auth_post'] == AUTH_ADMIN || $forum_row['auth_reply'] == AUTH_ADMIN)
+			{
+				$basic_auth_level[$forum_row['forum_id']] = "admin";
+			}
+		}
+	}
+
+	$sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user  
+		FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug   
+		WHERE u.user_id = $user_id 
+			AND ug.user_id = u.user_id 
+			AND g.group_id = ug.group_id";
+	$u_result = $db->sql_query($sql);
+	$userinf = $db->sql_fetchrowset($u_result);
+
+	$sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, g.group_single_user  
+		FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g   
+		WHERE ug.user_id = $user_id 
+			AND g.group_id = ug.group_id 
+			AND aa.group_id = ug.group_id";
+	$au_result = $db->sql_query($sql);
+
+	$num_u_access = $db->sql_numrows($au_result);
+	if($num_u_access)
+	{
+		while($u_row = $db->sql_fetchrow($au_result))
+		{
+			$u_access[$u_row['forum_id']][] = $u_row;
+			$num_forum_access[$u_row['forum_id']]++;
+		}
+	}
+
+	$is_admin = ($userinf[0]['user_level'] == ADMIN && $userinf[0]['user_id'] != ANONYMOUS) ? 1 : 0;
+
+	for($i = 0; $i < count($forum_access); $i++)
+	{
+		$f_forum_id = $forum_access[$i]['forum_id'];
+		$is_forum_restricted[$f_forum_id] = 0;
+
+		for($j = 0; $j < count($forum_auth_fields); $j++)
+		{
+			$key = $forum_auth_fields[$j];
+			$value = $forum_access[$i][$key];
+
+			switch($value)
+			{
+				case AUTH_ALL:
+					$auth_user[$f_forum_id][$key] = 1;
+					break;
+
+				case AUTH_REG:
+					$auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? 1 : 0;
+					break;
+
+				case AUTH_ACL:
+					if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
+					{
+						$result = a_auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin);
+						$auth_user_group[$f_forum_id][$key] = $result['single_group'];
+						$auth_user[$f_forum_id][$key] = $result['auth'];
+					}
+					else
+					{
+						$auth_user[$f_forum_id][$key] = 0;
+					}
+					break;
+		
+				case AUTH_MOD:
+					if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
+					{
+						$result = a_auth_check_user(AUTH_MOD, $key, $u_access[$f_forum_id], $is_admin);
+						$auth_user_group[$f_forum_id][$key] = $result['single_group'];
+						$auth_user[$f_forum_id][$key] = $result['auth'];
+					}
+					else
+					{
+						$auth_user[$f_forum_id][$key] = 0;
+					}
+					break;
+	
+				case AUTH_ADMIN:
+					$auth_user[$f_forum_id][$key] = $is_admin;
+					break;
+
+				default:
+					$auth_user[$f_forum_id][$key] = 0;
+					break;
+			}
+		}
+		//
+		// Is user a moderator?
+		//
+		if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])
+		{
+			$result = a_auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin);
+			$auth_user_group[$f_forum_id]['auth_mod'] = $result['single_group'];
+			$auth_user[$f_forum_id]['auth_mod'] = $result['auth'];
+		}
+		else
+		{
+			$auth_user[$f_forum_id][$key] = 0;
+		}
+	}
+
+	while(list($forumkey, $user_ary) = each($auth_user))
+	{
+		$simple_auth[$forumkey] = 1;
+		while(list($fieldkey, $value) = each($user_ary))
+		{
+			$simple_auth[$forumkey] = $simple_auth[$forumkey] && $value; 
+		}
+	}
+	reset($auth_user);
+
+	while(list($forumkey, $user_ary) = each($auth_user_group))
+	{
+		$simple_auth_acl[$forumkey] = "single";
+		$simple_auth_mod[$forumkey] = "single";
+
+		while(list($fieldkey, $value) = each($user_ary))
+		{
+			$simple_auth_acl[$forumkey] = ($simple_auth_acl[$forumkey] != "group") ? $value : "group";
+			$simple_auth_mod[$forumkey] = ($simple_auth_mod[$forumkey] != "group") ? $value : "group";
+		}
+	}
+
+
+	$i = 0;
+	if($adv == -1)
+	{
+		while(list($forumkey, $user_ary) = each($auth_user))
+		{
+			if($basic_auth_level[$forumkey] == "private")
+			{
+				$allowed = 1;
+				for($j = 0; $j < count($basic_auth_level_fields[$forumkey]); $j++)
+				{
+					if(!$auth_user[$forumkey][$basic_auth_level_fields[$forumkey][$j]])
+					{
+						$allowed = 0;
+					}
+				}
+				$optionlist_grant = "<select name=\"private[$forumkey]\">";
+				if($is_admin || $user_ary['auth_mod'])
+				{
+					$optionlist_grant .= "<option value=\"1\">Allowed Access</option>";
+				}
+				else if($allowed)
+				{
+					$optionlist_grant .= "<option value=\"1\" selected>Allowed Access</option><option value=\"0\">Disallowed Access</option>";
+				}
+				else
+				{
+					$optionlist_grant .= "<option value=\"1\">Allowed Access</option><option value=\"0\" selected>Disallowed Access</option>";
+				}
+				$optionlist_grant .= "</select>";
+			}
+			else
+			{
+				$optionlist_grant = "";
+			}
+
+			if($user_ary['auth_mod'])
+			{
+				$optionlist_mod = "<option value=\"1\" selected>Is a Moderator</option><option value=\"0\">Is not a Moderator</option>";
+			}
+			else
+			{
+				$optionlist_mod = "<option value=\"1\">Is a Moderator</option><option value=\"0\" selected>Is not a Moderator</option>";
+			}
+			switch($basic_auth_level[$forumkey])
+			{
+				case 'public':
+					$min_auth = "ANY";
+					break;
+				case 'registered':
+					$min_auth = "REG";
+					break;
+				case 'private':
+					$min_auth = "ACL";
+					break;
+				case 'moderate':
+					$min_auth = "MOD";
+					break;
+				case 'admin':
+					$min_auth = "MOD";
+					break;
+				default:
+					$min_auth = "authall";
+					break;
+			}
+			$single_group_acl = "";
+			if(!empty($simple_auth_acl[$forumkey]))
+			{
+				switch($simple_auth_acl[$forumkey])
+				{
+					case 'single':
+						$single_group_acl = "authuser";
+						break;
+					case 'group':
+						$single_group_acl = "authgroup";
+						break;
+				}
+			}
+			$single_group_mod = "";
+			if(!empty($simple_auth_mod[$forumkey]))
+			{
+				switch($simple_auth_mod[$forumkey])
+				{
+					case 'single':
+						$single_group_mod = "authuser";
+						break;
+					case 'group':
+						$single_group_mod = "authgroup";
+						break;
+				}
+			}
+
+			$row_class = ($i%2) ? "row2" : "row1";
+
+			$template->assign_block_vars("forums", array(
+				"ROW_CLASS" => $row_class, 
+				"MIN_AUTH" => $min_auth, 
+				"FORUM_NAME" => $forum_access[$i]['forum_name'], 
+
+				"AUTH_TYPE_ACL" => $row_class . $single_group_acl, 
+				"AUTH_TYPE_MOD" => $row_class . $single_group_mod, 
+
+				"SELECT_GRANT_LIST" => "$optionlist_grant",
+				"SELECT_MOD_LIST" => "<select name=\"moderator[$forumkey]\">$optionlist_mod</select>")
+			);
+			$i++;
+		}
+	}
+	else
+	{
+		while(list($forumkey, $user_ary) = each($auth_user))
+		{
+			echo "\t<td bgcolor=\"#DDDDDD\"><a href=\"userauth.$phpEx?" . POST_FORUM_URL . "=$forumkey&" . POST_USERS_URL . "=$user_id\">" . $f_access[$i]['forum_name'] . "</a></td>\n";
+			while(list($fieldkey, $value) = each($user_ary))
+			{
+				$can_they = ($auth_user[$forumkey][$fieldkey]) ? "Yes" : "No";
+				echo "\t<td bgcolor=\"#DDDDDD\">$can_they</td>\n";
+			}
+			echo "</tr>\n";
+			$i++;
+		}
+	}
+	reset($auth_user);
+
+	$t_username .= $userinf[0]['username'];
+	$t_usertype = ($is_admin) ? "an <b>Administrator</b>" : "a <b>User</b>";
+
+	for($i = 0; $i < count($userinf); $i++)
+	{
+		if(!$userinf[$i]['group_single_user'])
+		{
+			$group_name[] = $userinf[$i]['group_name'];
+			$group_id[] = $userinf[$i]['group_id'];
+		}
+	}
+	
+	if(count($group_name))
+	{
+		$t_usergroup_list = "belongs to the following groups; ";
+		for($i = 0; $i < count($userinf); $i++)
+		{
+			$t_usergroup_list .= "<a href=\"groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id[$i] . "\">" . $group_name[$i] . "</a>";
+			if($i < count($group_name) - 1)
+			{
+				$t_usergroup_list .= ", ";
+			}
+		}
+	}
+	else
+	{
+		$t_usergroup_list = "belongs to no usergroups.";
+	}
+
+	$s_hidden_fields = "<input type=\"hidden\" name=\"" . POST_USERS_URL . "\" value=\"$user_id\">";
+	$s_hidden_fields .= "<input type=\"hidden\" name=\"curadmin\" value=\"" . $is_admin ."\">";
+	$s_hidden_fields .= "<input type=\"hidden\" name=\"" . POST_GROUPS_URL . "\" value=\"" . "\">";
+
+	$template->assign_vars(array(
+		"USERNAME" => $t_username, 
+		"USERTYPE" => $t_usertype, 
+		
+		"S_ADMIN_CHECK_SELECTED" => (($is_admin) ? " checked" : ""), 
+
+		"S_USER_AUTH_ACTION" => append_sid("userauth.$phpEx"),
+		"S_HIDDEN_FIELDS" => $s_hidden_fields,
+
+		"USER_GROUP_LIST" => $t_usergroup_list)
+	);
+
+	$template->pparse("body");
+
+	exit;
+
+?>
+\ No newline at end of file
author	Bart van Bragt <bartvb@users.sourceforge.net>	2001-07-11 22:29:08 +0000
committer	Bart van Bragt <bartvb@users.sourceforge.net>	2001-07-11 22:29:08 +0000
commit	d09d3934426fe8d093c54dea5b654e8bff5764aa (patch)
tree	0256fd382afc444e2cfa5935564112d786ce9aa5 /phpBB/admin
parent	8f0806e149e550d6c49a658bd875c8c55deaa395 (diff)
download	forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.gz forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.bz2 forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.tar.xz forums-d09d3934426fe8d093c54dea5b654e8bff5764aa.zip