diff options
| author | Bart van Bragt <bartvb@users.sourceforge.net> | 2002-02-15 22:13:59 +0000 |
|---|---|---|
| committer | Bart van Bragt <bartvb@users.sourceforge.net> | 2002-02-15 22:13:59 +0000 |
| commit | 06434eb0c535a6d292f9e7ce707891d56ff6f5ed (patch) | |
| tree | 324b7c3308432a149e18784e0d461a5a80cfb2ea /phpBB/groupcp.php | |
| parent | 614f58d8812c8accc6cece8c05208a7e9ed0f0d2 (diff) | |
| download | forums-06434eb0c535a6d292f9e7ce707891d56ff6f5ed.tar forums-06434eb0c535a6d292f9e7ce707891d56ff6f5ed.tar.gz forums-06434eb0c535a6d292f9e7ce707891d56ff6f5ed.tar.bz2 forums-06434eb0c535a6d292f9e7ce707891d56ff6f5ed.tar.xz forums-06434eb0c535a6d292f9e7ce707891d56ff6f5ed.zip | |
Made hidden groups hidden, guess some extra security checks would be nice though (ppl guessing URLs)
git-svn-id: file:///svn/phpbb/trunk@2165 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/groupcp.php')
| -rw-r--r-- | phpBB/groupcp.php | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/phpBB/groupcp.php b/phpBB/groupcp.php index b8c002bbab..f6b26b6244 100644 --- a/phpBB/groupcp.php +++ b/phpBB/groupcp.php @@ -1056,9 +1056,18 @@ else if( $group_id ) } else { - $sql = "SELECT g.group_id, g.group_name, ug.user_pending +// +// Show the main groupcp.php screen where the user can select a group. +// + + // + // Select all group that the user is a member of or where the user has + // a pending membership. + // + $sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug - WHERE ug.user_id = " . $userdata['user_id'] . " + WHERE + ug.user_id = " . $userdata['user_id'] . " AND ug.group_id = g.group_id AND g.group_single_user <> " . TRUE . " ORDER BY g.group_name, ug.user_id"; @@ -1072,6 +1081,7 @@ else $s_pending_groups_opt = ""; while( $row = $db->sql_fetchrow($result) ) { + $in_group[] = $row['group_id']; if ( $row['user_pending'] ) { $s_pending_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; @@ -1080,15 +1090,19 @@ else { $s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; } - $in_group[] = $row['group_id']; } $s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>"; $s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>"; + // + // Select all other groups i.e. groups that this user is not a member of + // $ignore_group_sql = ( count($in_group) ) ? "AND group_id NOT IN (" . implode(", ", $in_group) . ")" : ""; $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " g - WHERE group_single_user <> " . TRUE . " + WHERE + group_single_user <> " . TRUE . " + AND group_type <> " . GROUP_HIDDEN . " $ignore_group_sql ORDER BY g.group_name"; if ( !($result = $db->sql_query($sql)) ) @@ -1173,4 +1187,4 @@ else // include($phpbb_root_path . 'includes/page_tail.'.$phpEx); -?>
\ No newline at end of file +?> |