diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2009-07-14 20:40:45 +0000 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2009-07-14 20:40:45 +0000 |
| commit | 33033ad12555377a9b50cfbeb72b683ddd56b893 (patch) | |
| tree | b26c765b423ac7e4a0c9c0314a7a6b81254a27c2 /phpBB/includes | |
| parent | e3866c939d78b925844cd61d6ad567988f24e42d (diff) | |
| download | forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.gz forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.bz2 forums-33033ad12555377a9b50cfbeb72b683ddd56b893.tar.xz forums-33033ad12555377a9b50cfbeb72b683ddd56b893.zip | |
Fix Bug #45675 - Do not allow setting group as default group for pending user
Authorised by: AcydBurn
git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@9759 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 25 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 26 |
2 files changed, 50 insertions, 1 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index d8fef3f547..c27c259b46 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -2017,6 +2017,29 @@ class acp_users } break; + + case 'approve': + + if (confirm_box(true)) + { + if (!$group_id) + { + trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING); + } + group_user_attributes($action, $group_id, $user_id); + } + else + { + confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( + 'u' => $user_id, + 'i' => $id, + 'mode' => $mode, + 'action' => $action, + 'g' => $group_id)) + ); + } + + break; } // Add user to group? @@ -2109,10 +2132,12 @@ class acp_users 'U_DEFAULT' => $this->u_action . "&action=default&u=$user_id&g=" . $data['group_id'], 'U_DEMOTE_PROMOTE' => $this->u_action . '&action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&u=$user_id&g=" . $data['group_id'], 'U_DELETE' => $this->u_action . "&action=delete&u=$user_id&g=" . $data['group_id'], + 'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&action=approve&u=$user_id&g=" . $data['group_id'] : '', 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'], 'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'], + 'S_IS_MEMBER' => ($group_type != 'pending') ? true : false, 'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false, 'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false, ) diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 4ea094e451..c69c27c9d7 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -3109,6 +3109,27 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna break; case 'default': + // We only set default group for approved members of the group + $sql = 'SELECT user_id + FROM ' . USER_GROUP_TABLE . " + WHERE group_id = $group_id + AND user_pending = 0 + AND " . $db->sql_in_set('user_id', $user_id_ary); + $result = $db->sql_query($sql); + + $user_id_ary = $username_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $user_id_ary[] = $row['user_id']; + } + $db->sql_freeresult($result); + + $result = user_get_id_name($user_id_ary, $username_ary); + if (!sizeof($user_id_ary) || $result !== false) + { + return 'NO_USERS'; + } + $sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true); $result = $db->sql_query($sql); @@ -3197,7 +3218,7 @@ function group_validate_groupname($group_id, $group_name) */ function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false) { - global $db; + global $cache, $db; if (empty($user_id_ary)) { @@ -3297,6 +3318,9 @@ function group_set_user_default($group_id, $user_id_ary, $group_attributes = fal { group_update_listings($group_id); } + + // Because some tables/caches use usercolour-specific data we need to purge this here. + $cache->destroy('sql', MODERATOR_CACHE_TABLE); } /** |