diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-02-12 19:21:00 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-02-12 19:21:00 +0000 |
| commit | 81f78690dbcb0bb90304fb5e2b7343866d371615 (patch) | |
| tree | 13e813246688812d944a406a351ee6c57134b82c /phpBB/includes | |
| parent | 3f323153b5f201dd7954c7f4ba6da53c98defcd0 (diff) | |
| download | forums-81f78690dbcb0bb90304fb5e2b7343866d371615.tar forums-81f78690dbcb0bb90304fb5e2b7343866d371615.tar.gz forums-81f78690dbcb0bb90304fb5e2b7343866d371615.tar.bz2 forums-81f78690dbcb0bb90304fb5e2b7343866d371615.tar.xz forums-81f78690dbcb0bb90304fb5e2b7343866d371615.zip | |
my turn to break things... harharhar
- checking in permission settings and permission masks
- permission presets and documentation not finished yet
- added backtrace function to determine file/line for sql errors
- fixed marlist for orphan attachments/groups/logs/users
- able to change anonymous user settings/permissions now
- re-arranged admin permissions a bit (added some and removed some)
- setting forum permissions after creating/editing forum now selects every default group (copy permisson/dropdown to be added for adding forums)
- finished user permissions in users acp
note: the layout for permissions might change
devs: please empty the user_permissions in phpbb_users. Also, first change your auth_options table, remove all cache files and then re-set admin permissions. After having set the admin permissions you can update your modules table (else you will not see the permission tabs) - or empty the auth setting within the modules table to be able to see the permission modules (they rely on newly added permission options)
git-svn-id: file:///svn/phpbb/trunk@5553 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_bots.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_forums.php | 16 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_groups.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_jabber.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_language.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_logs.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_main.php | 28 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_permissions.php | 739 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_php_info.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_profile.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 48 | ||||
| -rw-r--r-- | phpBB/includes/acp/auth.php | 978 | ||||
| -rw-r--r-- | phpBB/includes/auth.php | 46 | ||||
| -rw-r--r-- | phpBB/includes/constants.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/db/dbal.php | 10 | ||||
| -rw-r--r-- | phpBB/includes/functions.php | 72 | ||||
| -rw-r--r-- | phpBB/includes/functions_admin.php | 2 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 7 |
18 files changed, 1937 insertions, 28 deletions
diff --git a/phpBB/includes/acp/acp_bots.php b/phpBB/includes/acp/acp_bots.php index 2fea1d866d..8ddc5016b2 100644 --- a/phpBB/includes/acp/acp_bots.php +++ b/phpBB/includes/acp/acp_bots.php @@ -337,7 +337,7 @@ class acp_bots_info 'title' => 'ACP_BOTS', 'version' => '1.0.0', 'modes' => array( - 'bots' => array('title' => 'ACP_BOTS', 'auth' => 'acl_a_server'), + 'bots' => array('title' => 'ACP_BOTS', 'auth' => 'acl_a_bots'), ), ); } diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index fc0aefa4a6..1a28cd905c 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -149,9 +149,23 @@ class acp_forums $auth->acl_clear_prefetch(); recalc_btree('forum_id', FORUMS_TABLE); + $acl_url = '&mode=setting_forum_local&forum_id[]=' . $forum_data['forum_id']; + + // Add default groups to selection + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . ' + WHERE group_type = ' . GROUP_SPECIAL; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $acl_url .= '&group_id[]=' . $row['group_id']; + } + $db->sql_freeresult($result); + // Redirect to permissions $message = ($action == 'add') ? $user->lang['FORUM_CREATED'] : $user->lang['FORUM_UPDATED']; - $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . $phpbb_admin_path . "index.$phpEx$SID&i=permissions&mode=forum&submit_usergroups=true&ug_type=forum&action=usergroups&f[forum][]={$forum_data['forum_id']}" . '">', '</a>'); + $message .= '<br /><br />' . sprintf($user->lang['REDIRECT_ACL'], '<a href="' . $phpbb_admin_path . "index.$phpEx$SID&i=permissions" . $acl_url . '">', '</a>'); trigger_error($message . adm_back_link($this->u_action . '&parent_id=' . $this->parent_id)); } diff --git a/phpBB/includes/acp/acp_groups.php b/phpBB/includes/acp/acp_groups.php index e11543ba78..cfd1cb6c9b 100644 --- a/phpBB/includes/acp/acp_groups.php +++ b/phpBB/includes/acp/acp_groups.php @@ -10,6 +10,7 @@ /** * @package acp +* @todo make sure permissions are met for adding groups and removing groups (a_groupadd, a_groupdel) */ class acp_groups { diff --git a/phpBB/includes/acp/acp_jabber.php b/phpBB/includes/acp/acp_jabber.php index 56d460f176..58e88f5020 100644 --- a/phpBB/includes/acp/acp_jabber.php +++ b/phpBB/includes/acp/acp_jabber.php @@ -176,7 +176,7 @@ class acp_jabber_info 'title' => 'ACP_JABBER_SETTINGS', 'version' => '1.0.0', 'modes' => array( - 'settings' => array('title' => 'ACP_JABBER_SETTINGS', 'auth' => 'acl_a_server'), + 'settings' => array('title' => 'ACP_JABBER_SETTINGS', 'auth' => 'acl_a_jabber'), ), ); } diff --git a/phpBB/includes/acp/acp_language.php b/phpBB/includes/acp/acp_language.php index 7bf8563440..414c313b21 100644 --- a/phpBB/includes/acp/acp_language.php +++ b/phpBB/includes/acp/acp_language.php @@ -1080,7 +1080,7 @@ class acp_language_info 'title' => 'ACP_LANGUAGE', 'version' => '1.0.0', 'modes' => array( - 'lang_packs' => array('title' => 'ACP_LANGUAGE_PACKS', 'auth' => 'acl_a_server'), + 'lang_packs' => array('title' => 'ACP_LANGUAGE_PACKS', 'auth' => 'acl_a_language'), ), ); } diff --git a/phpBB/includes/acp/acp_logs.php b/phpBB/includes/acp/acp_logs.php index 8ac93203da..0bf02970d0 100644 --- a/phpBB/includes/acp/acp_logs.php +++ b/phpBB/includes/acp/acp_logs.php @@ -151,9 +151,9 @@ class acp_logs_info 'title' => 'ACP_LOGGING', 'version' => '1.0.0', 'modes' => array( - 'admin' => array('title' => 'ACP_ADMIN_LOGS', 'auth' => 'acl_a_'), - 'mod' => array('title' => 'ACP_MOD_LOGS', 'auth' => 'acl_a_'), - 'critical' => array('title' => 'ACP_CRITICAL_LOGS', 'auth' => 'acl_a_'), + 'admin' => array('title' => 'ACP_ADMIN_LOGS', 'auth' => 'acl_a_viewlogs'), + 'mod' => array('title' => 'ACP_MOD_LOGS', 'auth' => 'acl_a_viewlogs'), + 'critical' => array('title' => 'ACP_CRITICAL_LOGS', 'auth' => 'acl_a_viewlogs'), ), ); } diff --git a/phpBB/includes/acp/acp_main.php b/phpBB/includes/acp/acp_main.php index 924ae6713b..3631272e75 100644 --- a/phpBB/includes/acp/acp_main.php +++ b/phpBB/includes/acp/acp_main.php @@ -57,6 +57,11 @@ class acp_main } else if ($action == 'delete') { + if (!$auth->acl_get('a_userdel')) + { + trigger_error($user->lang['NO_ADMIN']); + } + $sql = 'DELETE FROM ' . USER_GROUP_TABLE . " WHERE user_id IN ($mark)"; $db->sql_query($sql); $sql = 'DELETE FROM ' . USERS_TABLE . " WHERE user_id IN ($mark)"; @@ -335,18 +340,23 @@ class acp_main ) ); - view_log('admin', $log_data, $log_count, 5); + $log_data = array(); - foreach ($log_data as $row) + if ($auth->acl_get('a_viewlogs')) { - $template->assign_block_vars('log', array( - 'USERNAME' => $row['username'], - 'IP' => $row['ip'], - 'DATE' => $user->format_date($row['time']), - 'ACTION' => $row['action']) - ); + view_log('admin', $log_data, $log_count, 5); + + foreach ($log_data as $row) + { + $template->assign_block_vars('log', array( + 'USERNAME' => $row['username'], + 'IP' => $row['ip'], + 'DATE' => $user->format_date($row['time']), + 'ACTION' => $row['action']) + ); + } } - + if ($auth->acl_get('a_user')) { $sql = 'SELECT user_id, username, user_regdate diff --git a/phpBB/includes/acp/acp_permissions.php b/phpBB/includes/acp/acp_permissions.php new file mode 100644 index 0000000000..103c226611 --- /dev/null +++ b/phpBB/includes/acp/acp_permissions.php @@ -0,0 +1,739 @@ +<?php +/** +* +* @package acp +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package acp +*/ +class acp_permissions +{ + var $u_action; + var $permission_dropdown; + + function main($id, $mode) + { + global $db, $user, $auth, $template, $cache; + global $config, $SID, $phpbb_root_path, $phpbb_admin_path, $phpEx; + + include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx); + include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); + + $auth_admin = new auth_admin(); + + $user->add_lang('acp/permissions'); + $user->add_lang('acp/permissions_phpbb'); + + $this->tpl_name = 'acp_permissions'; + $this->u_action = "{$phpbb_admin_path}index.$phpEx$SID&i=$id&mode=$mode"; + + // Set some vars + $action = request_var('action', array('' => 0)); + list($action, ) = each($action); + + $action = (isset($_POST['psubmit'])) ? 'apply_permissions' : $action; + + $all_forums = request_var('all_forums', 0); + $user_id = request_var('user_id', array(0)); + $group_id = request_var('group_id', array(0)); + $forum_id = request_var('forum_id', array(0)); + $username = request_var('username', array('')); + $usernames = request_var('usernames', ''); + + // Map usernames to ids and vice versa + if ($usernames) + { + $username = explode("\n", $usernames); + } + unset($usernames); + + if (sizeof($username) && !sizeof($user_id)) + { + user_get_id_name($user_id, $username); + + if (!sizeof($user_id)) + { + trigger_error($user->lang['SELECTED_USER_NOT_EXIST'] . adm_back_link($this->u_action)); + } + } + unset($username); + + // Define some common variables for every mode + $error = array(); + + $permission_scope = (strpos($mode, '_global') !== false) ? 'global' : 'local'; + + switch ($mode) + { + case 'setting_user_global': + case 'setting_group_global': + $this->permission_dropdown = array('u_', 'm_', 'a_'); + $permission_victim = ($mode == 'setting_user_global') ? array('user') : array('group'); + $this->page_title = ($mode == 'setting_user_global') ? 'ACP_USERS_PERMISSIONS' : 'ACP_GROUPS_PERMISSIONS'; + break; + + case 'setting_user_local': + case 'setting_group_local': + $this->permission_dropdown = array('f_', 'm_'); + $permission_victim = ($mode == 'setting_user_local') ? array('user', 'forums') : array('group', 'forums'); + $this->page_title = ($mode == 'setting_user_local') ? 'ACP_USERS_FORUM_PERMISSIONS' : 'ACP_GROUPS_FORUM_PERMISSIONS'; + break; + + case 'setting_admin_global': + case 'setting_mod_global': + $this->permission_dropdown = (strpos($mode, '_admin_') !== false) ? array('a_') : array('m_'); + $permission_victim = array('usergroup'); + $this->page_title = ($mode == 'setting_admin_global') ? 'ACP_ADMINISTRATORS' : 'ACP_GLOBAL_MODERATORS'; + break; + + case 'setting_mod_local': + case 'setting_forum_local': + $this->permission_dropdown = ($mode == 'setting_mod_local') ? array('m_') : array('f_'); + $permission_victim = array('forums', 'usergroup'); + $this->page_title = ($mode == 'setting_mod_local') ? 'ACP_FORUM_MODERATORS' : 'ACP_FORUM_PERMISSIONS'; + break; + + case 'view_admin_global': + case 'view_user_global': + case 'view_mod_global': + $this->permission_dropdown = ($mode == 'view_admin_global') ? array('a_') : (($mode == 'view_user_global') ? array('u_') : array('m_')); + $permission_victim = array('usergroup_view'); + $this->page_title = ($mode == 'view_admin_global') ? 'ACP_VIEW_ADMIN_PERMISSIONS' : (($mode == 'view_user_global') ? 'ACP_VIEW_USER_PERMISSIONS' : 'ACP_VIEW_GLOBAL_MOD_PERMISSIONS'); + break; + + case 'view_mod_local': + case 'view_forum_local': + $this->permission_dropdown = ($mode == 'view_mod_local') ? array('m_') : array('f_'); + $permission_victim = array('forums', 'usergroup_view'); + $this->page_title = ($mode == 'view_mod_local') ? 'ACP_VIEW_FORUM_MOD_PERMISSIONS' : 'ACP_VIEW_FORUM_PERMISSIONS'; + break; + + default: + trigger_error('INVALID_MODE'); + } + + $template->assign_vars(array( + 'L_TITLE' => $user->lang[$this->page_title], + 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']) + ); + + // Get permission type + $permission_type = request_var('type', $this->permission_dropdown[0]); + + if (!in_array($permission_type, $this->permission_dropdown)) + { + trigger_error($user->lang['WRONG_PERMISSION_TYPE'] . adm_back_link($this->u_action)); + } + + + // Handle actions + if (strpos($mode, 'setting_') === 0 && $action) + { + switch ($action) + { + case 'delete': + $this->remove_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id, $forum_id); + break; + + case 'apply_permissions': + if (!isset($_POST['setting'])) + { + trigger_error($user->lang['NO_AUTH_SETTING_FOUND'] . adm_back_link($this->u_action)); + } + + $this->set_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id); + break; + + case 'apply_all_permissions': + if (!isset($_POST['setting'])) + { + trigger_error($user->lang['NO_AUTH_SETTING_FOUND'] . adm_back_link($this->u_action)); + } + + $this->set_all_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id); + break; + } + } + + + // Setting permissions screen + $s_hidden_fields = build_hidden_fields(array( + 'user_id' => $user_id, + 'group_id' => $group_id, + 'forum_id' => $forum_id, + 'type' => $permission_type) + ); + + if ($all_forums) + { + $s_hidden_fields .= build_hidden_fields(array('all_forums' => $all_forums)); + } + + // Go through the screens/options needed and present them in correct order + foreach ($permission_victim as $victim) + { + switch ($victim) + { + case 'forum_dropdown': + + if (sizeof($forum_id)) + { + $this->check_existence('forum', $forum_id); + continue 2; + } + + $template->assign_vars(array( + 'S_SELECT_FORUM' => true, + 'S_FORUM_OPTIONS' => make_forum_select(false, false, false)) + ); + + break; + + case 'forums': + + if (sizeof($forum_id) || $all_forums) + { + if (sizeof($forum_id)) + { + $this->check_existence('forum', $forum_id); + } + + continue 2; + } + + $template->assign_vars(array( + 'S_SELECT_FORUM' => true, + 'S_FORUM_OPTIONS' => make_forum_select(false, false, false), + 'S_FORUM_ALL' => true, + 'S_FORUM_MULTIPLE' => true) + ); + + break; + + case 'user': + + if (sizeof($user_id)) + { + $this->check_existence('user', $user_id); + continue 2; + } + + $template->assign_vars(array( + 'S_SELECT_USER' => true, + 'U_FIND_USERNAME' => $phpbb_root_path . "memberlist.$phpEx$SID&mode=searchuser&form=select_victim&field=username") + ); + + break; + + case 'group': + + if (sizeof($group_id)) + { + $this->check_existence('group', $group_id); + continue 2; + } + + $template->assign_vars(array( + 'S_SELECT_GROUP' => true, + 'S_GROUP_OPTIONS' => group_select_options(false)) + ); + + break; + + case 'usergroup': + case 'usergroup_view': + + if (sizeof($user_id) || sizeof($group_id)) + { + if (sizeof($user_id)) + { + $this->check_existence('user', $user_id); + } + + if (sizeof($group_id)) + { + $this->check_existence('group', $group_id); + } + + continue 2; + } + + $sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')' : 'AND a.forum_id <> 0'); + $sql_permission_option = "o.auth_option LIKE '" . $db->sql_escape($permission_type) . "%'"; + + $sql = 'SELECT DISTINCT u.user_id, u.username + FROM ' . USERS_TABLE . ' u, ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o + WHERE $sql_permission_option + $sql_forum_id + AND a.auth_option_id = o.auth_option_id + AND u.user_id = a.user_id + ORDER BY u.username, u.user_regdate ASC"; + $result = $db->sql_query($sql); + + $s_defined_user_options = ''; + while ($row = $db->sql_fetchrow($result)) + { + $s_defined_user_options .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>'; + } + $db->sql_freeresult($result); + + $sql = 'SELECT DISTINCT g.group_id, g.group_name, g.group_type + FROM ' . GROUPS_TABLE . ' g, ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o + WHERE $sql_permission_option + $sql_forum_id + AND a.auth_option_id = o.auth_option_id + AND g.group_id = a.group_id + ORDER BY g.group_type DESC, g.group_name ASC"; + $result = $db->sql_query($sql); + + $s_defined_group_options = ''; + $defined_group_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $s_defined_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + $defined_group_ids[] = $row['group_id']; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_SELECT_USERGROUP' => ($victim == 'usergroup') ? true : false, + 'S_SELECT_USERGROUP_VIEW' => ($victim == 'usergroup_view') ? true : false, + 'S_DEFINED_USER_OPTIONS' => $s_defined_user_options, + 'S_DEFINED_GROUP_OPTIONS' => $s_defined_group_options, + 'S_ADD_GROUP_OPTIONS' => group_select_options(false, $defined_group_ids), + 'U_FIND_USERNAME' => $phpbb_root_path . "memberlist.$phpEx$SID&mode=searchuser&form=add_user&field=username") + ); + + break; + } + + $template->assign_vars(array( + 'U_ACTION' => $this->u_action, + 'ANONYMOUS_USER_ID' => ANONYMOUS, + + 'S_SELECT_VICTIM' => true, + 'S_CAN_SELECT_USER' => ($auth->acl_get('a_authusers')) ? true : false, + 'S_CAN_SELECT_GROUP' => ($auth->acl_get('a_authgroups')) ? true : false, + 'S_HIDDEN_FIELDS' => $s_hidden_fields) + ); + + // Let the forum names being displayed + if (sizeof($forum_id)) + { + $sql = 'SELECT forum_name + FROM ' . FORUMS_TABLE . ' + WHERE forum_id IN (' . implode(', ', $forum_id) . ') + ORDER BY forum_name ASC'; + $result = $db->sql_query($sql); + + $forum_names = array(); + while ($row = $db->sql_fetchrow($result)) + { + $forum_names[] = $row['forum_name']; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_FORUM_NAMES' => (sizeof($forum_names)) ? true : false, + 'FORUM_NAMES' => implode(', ', $forum_names)) + ); + } + + return; + } + + // Set to all forums if selected + if ($permission_scope == 'local' && $all_forums) + { + $forum_id = array(); + } + + // Do not allow forum_ids being set and no other setting defined (will bog down the server too much) + if (sizeof($forum_id) && !sizeof($user_id) && !sizeof($group_id)) + { + trigger_error($user->lang['ONLY_FORUM_DEFINED'] . adm_back_link($this->u_action)); + } + + $template->assign_vars(array( + 'S_PERMISSION_DROPDOWN' => (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type) : false, + 'L_PERMISSION_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)], + + 'U_ACTION' => $this->u_action, + 'S_HIDDEN_FIELDS' => $s_hidden_fields) + ); + + if (strpos($mode, 'setting_') === 0) + { + $template->assign_vars(array( + 'S_SETTING_PERMISSIONS' => true) + ); + + $hold_ary = $auth_admin->get_mask('set', (sizeof($user_id)) ? $user_id : false, (sizeof($group_id)) ? $group_id : false, (sizeof($forum_id)) ? $forum_id : false, $permission_type, $permission_scope, ACL_UNSET); + $auth_admin->display_mask('set', $permission_type, $hold_ary, ((sizeof($user_id)) ? 'user' : 'group'), (($permission_scope == 'local') ? true : false)); + } + else + { + $template->assign_vars(array( + 'S_VIEWING_PERMISSIONS' => true) + ); + + $hold_ary = $auth_admin->get_mask('view', (sizeof($user_id)) ? $user_id : false, (sizeof($group_id)) ? $group_id : false, (sizeof($forum_id)) ? $forum_id : false, $permission_type, $permission_scope, ACL_NO); + $auth_admin->display_mask('view', $permission_type, $hold_ary, ((sizeof($user_id)) ? 'user' : 'group'), (($permission_scope == 'local') ? true : false)); + } + } + + /** + * Build dropdown field for changing permission types + */ + function build_permission_dropdown($options, $default_option) + { + global $user, $auth; + + $s_dropdown_options = ''; + foreach ($options as $setting) + { + if (!$auth->acl_get('a_' . str_replace('_', '', $setting) . 'auth')) + { + continue; + } + $selected = ($setting == $default_option) ? ' selected="selected"' : ''; + $s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $user->lang['permission_type'][$setting] . '</option>'; + } + + return $s_dropdown_options; + } + + /** + * Check if selected items exist. Remove not found ids and if empty return error. + */ + function check_existence($mode, &$ids) + { + global $db, $user; + + switch ($mode) + { + case 'user': + $table = USERS_TABLE; + $sql_id = 'user_id'; + break; + + case 'group': + $table = GROUPS_TABLE; + $sql_id = 'group_id'; + break; + + case 'forum': + $table = FORUMS_TABLE; + $sql_id = 'forum_id'; + break; + } + + $sql = "SELECT $sql_id + FROM $table + WHERE $sql_id IN (" . implode(', ', $ids) . ')'; + $result = $db->sql_query($sql); + + $ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $ids[] = $row[$sql_id]; + } + $db->sql_freeresult($result); + + if (!sizeof($ids)) + { + trigger_error($user->lang['SELECTED_' . strtoupper($mode) . '_NOT_EXIST'] . adm_back_link($this->u_action)); + } + } + + /** + * Apply permissions + */ + function set_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) + { + global $user, $auth; + + $psubmit = request_var('psubmit', array(0)); + + // User or group to be set? + $ug_type = (sizeof($user_id)) ? 'user' : 'group'; + + // Check the permission setting again + if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's')) + { + trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action)); + } + + $ug_id = $forum_id = 0; + + // We loop through the auth settings defined in our submit + list($ug_id, ) = each($psubmit); + list($forum_id, ) = each($psubmit[$ug_id]); + + $auth_settings = array_map('intval', $_POST['setting'][$ug_id][$forum_id]); + + // Do the admin want to set these permissions to other forums too? + $inherit = request_var('inherit', array(0)); + + $ug_id = array($ug_id); + $forum_id = array($forum_id); + + if (sizeof($inherit)) + { + foreach ($inherit as $_ug_id => $forum_id_ary) + { + // Inherit users/groups? + if (!in_array($_ug_id, $ug_id)) + { + $ug_id[] = $_ug_id; + } + + // Inherit forums? + $forum_id = array_merge($forum_id, array_keys($forum_id_ary)); + } + } + + $forum_id = array_unique($forum_id); + + // Update the permission set... + $auth_admin->acl_set($ug_type, $forum_id, $ug_id, $auth_settings); + + // Do we need to recache the moderator lists? + if ($permission_type == 'm_') + { + cache_moderators(); + } + + // Remove users who are now moderators or admins from everyones foes list + if ($permission_type == 'm_' || $permission_type == 'a_') + { + $this->update_foes(); + } + + $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_id, $forum_id); + + trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action)); + } + + /** + * Apply all permissions + */ + function set_all_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id) + { + global $user, $auth; + + // User or group to be set? + $ug_type = (sizeof($user_id)) ? 'user' : 'group'; + + // Check the permission setting again + if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's')) + { + trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action)); + } + + $auth_settings = $_POST['setting']; + $ug_ids = $forum_ids = array(); + + // We need to go through the auth settings + foreach ($auth_settings as $ug_id => $forum_auth_row) + { + $ug_id = (int) $ug_id; + $ug_ids[] = $ug_id; + + foreach ($forum_auth_row as $forum_id => $auth_options) + { + $forum_id = (int) $forum_id; + $forum_ids[] = $forum_id; + + // Update the permission set... + $auth_admin->acl_set($ug_type, $forum_id, $ug_id, $auth_options); + } + } + + // Do we need to recache the moderator lists? + if ($permission_type == 'm_') + { + cache_moderators(); + } + + // Remove users who are now moderators or admins from everyones foes list + if ($permission_type == 'm_' || $permission_type == 'a_') + { + $this->update_foes(); + } + + $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_ids, $forum_ids); + + trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action)); + } + + /** + * Remove permissions + */ + function remove_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id, &$forum_id) + { + global $user, $db; + + // User or group to be set? + $ug_type = (sizeof($user_id)) ? 'user' : 'group'; + + // Check the permission setting again + if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's')) + { + trigger_error($user->lang['NO_ADMIN'] . adm_back_link($this->u_action)); + } + + // Remove permission type + $sql = 'SELECT auth_option_id + FROM ' . ACL_OPTIONS_TABLE . " + WHERE auth_option LIKE '{$permission_type}%'"; + $result = $db->sql_query($sql); + + $option_id_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $option_id_ary[] = $row['auth_option_id']; + } + $db->sql_freeresult($result); + + if (sizeof($option_id_ary)) + { + $auth_admin->acl_delete($ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : false), $option_id_ary); + } + + // Do we need to recache the moderator lists? + if ($permission_type == 'm_') + { + cache_moderators(); + } + + $this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0))); + + trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action)); + } + + /** + * Log permission changes + */ + function log_action($mode, $action, $permission_type, $ug_type, $ug_id, $forum_id) + { + global $db, $user; + + if (!is_array($ug_id)) + { + $ug_id = array($ug_id); + } + + if (!is_array($forum_id)) + { + $forum_id = array($forum_id); + } + + // Logging ... first grab user or groupnames ... + $sql = ($ug_type == 'group') ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE group_id' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE user_id'; + $sql .= ' IN (' . implode(', ', array_map('intval', $ug_id)) . ')'; + $result = $db->sql_query($sql); + + $l_ug_list = ''; + while ($row = $db->sql_fetchrow($result)) + { + $l_ug_list .= (($l_ug_list != '') ? ', ' : '') . ((isset($row['group_type']) && $row['group_type'] == GROUP_SPECIAL) ? '<span class="blue">' . $user->lang['G_' . $row['name']] . '</span>' : $row['name']); + } + $db->sql_freeresult($result); + + $mode = str_replace('setting_', '', $mode); + + if ($forum_id[0] == 0) + { + add_log('admin', 'LOG_ACL_' . strtoupper($action) . '_' . strtoupper($mode) . '_' . strtoupper($permission_type), $l_ug_list); + } + else + { + // Grab the forum details if non-zero forum_id + $sql = 'SELECT forum_name + FROM ' . FORUMS_TABLE . ' + WHERE forum_id IN (' . implode(', ', $forum_id) . ')'; + $result = $db->sql_query($sql); + + $l_forum_list = ''; + while ($row = $db->sql_fetchrow($result)) + { + $l_forum_list .= (($l_forum_list != '') ? ', ' : '') . $row['forum_name']; + } + $db->sql_freeresult($result); + + add_log('admin', 'LOG_ACL_' . strtoupper($action) . '_' . strtoupper($mode) . '_' . strtoupper($permission_type), $l_forum_list, $l_ug_list); + } + } + + /** + * Update foes + */ + function update_foes() + { + global $db, $auth; + + $perms = array(); + foreach ($auth->acl_get_list(false, array('a_', 'm_'), false) as $forum_id => $forum_ary) + { + foreach ($forum_ary as $auth_option => $user_ary) + { + $perms += $user_ary; + } + } + + if (sizeof($perms)) + { + $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' + WHERE zebra_id IN (' . implode(', ', $perms) . ')'; + $db->sql_query($sql); + } + unset($perms); + } +} + +/** +* @package module_install +*/ +class acp_permissions_info +{ + function module() + { + return array( + 'filename' => 'acp_permissions', + 'title' => 'ACP_PERMISSIONS', + 'version' => '1.0.0', + 'modes' => array( + 'setting_user_global' => array('title' => 'ACP_USERS_PERMISSIONS', 'auth' => 'acl_a_authusers && (acl_a_aauth || acl_a_mauth || acl_a_uauth)'), + 'setting_user_local' => array('title' => 'ACP_USERS_FORUM_PERMISSIONS', 'auth' => 'acl_a_authusers && (acl_a_mauth || acl_a_fauth)'), + 'setting_group_global' => array('title' => 'ACP_GROUPS_PERMISSIONS', 'auth' => 'acl_a_authgroups && (acl_a_aauth || acl_a_mauth || acl_a_uauth)'), + 'setting_group_local' => array('title' => 'ACP_GROUPS_FORUM_PERMISSIONS', 'auth' => 'acl_a_authgroups && (acl_a_mauth || acl_a_fauth)'), + 'setting_admin_global' => array('title' => 'ACP_ADMINISTRATORS', 'auth' => 'acl_a_aauth && (acl_a_authusers || acl_a_authgroups)'), + 'setting_mod_global' => array('title' => 'ACP_GLOBAL_MODERATORS', 'auth' => 'acl_a_mauth && (acl_a_authusers || acl_a_authgroups)'), + 'setting_mod_local' => array('title' => 'ACP_FORUM_MODERATORS', 'auth' => 'acl_a_mauth && (acl_a_authusers || acl_a_authgroups)'), + 'setting_forum_local' => array('title' => 'ACP_FORUM_PERMISSIONS', 'auth' => 'acl_a_fauth && (acl_a_authusers || acl_a_authgroups)'), + + 'view_admin_global' => array('title' => 'ACP_VIEW_ADMIN_PERMISSIONS', 'auth' => 'acl_a_viewauth'), + 'view_user_global' => array('title' => 'ACP_VIEW_USER_PERMISSIONS', 'auth' => 'acl_a_viewauth'), + 'view_mod_global' => array('title' => 'ACP_VIEW_GLOBAL_MOD_PERMISSIONS', 'auth' => 'acl_a_viewauth'), + 'view_mod_local' => array('title' => 'ACP_VIEW_FORUM_MOD_PERMISSIONS', 'auth' => 'acl_a_viewauth'), + 'view_forum_local' => array('title' => 'ACP_VIEW_FORUM_PERMISSIONS', 'auth' => 'acl_a_viewauth'), + ), + ); + } + + function install() + { + } + + function uninstall() + { + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/acp/acp_php_info.php b/phpBB/includes/acp/acp_php_info.php index 35c5b223e6..87d74b8f3a 100644 --- a/phpBB/includes/acp/acp_php_info.php +++ b/phpBB/includes/acp/acp_php_info.php @@ -89,7 +89,7 @@ class acp_php_info_info 'title' => 'ACP_PHP_INFO', 'version' => '1.0.0', 'modes' => array( - 'info' => array('title' => 'ACP_PHP_INFO', 'auth' => 'acl_a_server'), + 'info' => array('title' => 'ACP_PHP_INFO', 'auth' => 'acl_a_phpinfo'), ), ); } diff --git a/phpBB/includes/acp/acp_profile.php b/phpBB/includes/acp/acp_profile.php index f7c3817c99..495f958481 100644 --- a/phpBB/includes/acp/acp_profile.php +++ b/phpBB/includes/acp/acp_profile.php @@ -1251,7 +1251,7 @@ class acp_profile_info 'title' => 'ACP_CUSTOM_PROFILE_FIELDS', 'version' => '1.0.0', 'modes' => array( - 'profile' => array('title' => 'ACP_CUSTOM_PROFILE_FIELDS', 'auth' => 'acl_a_user'), + 'profile' => array('title' => 'ACP_CUSTOM_PROFILE_FIELDS', 'auth' => 'acl_a_profile'), ), ); } diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 2073f00e3c..fdb02fc42e 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -1743,6 +1743,52 @@ class acp_users break; + case 'perm': + + include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx); + + $auth_admin = new auth_admin(); + + $user->add_lang('acp/permissions'); + $user->add_lang('acp/permissions_phpbb'); + + // Select auth options + $sql = 'SELECT auth_option, is_local, is_global + FROM ' . ACL_OPTIONS_TABLE . " + WHERE auth_option LIKE '%\_' + AND is_global = 1 + ORDER BY auth_option"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NO); + $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false); + } + $db->sql_freeresult($result); + + $sql = 'SELECT auth_option, is_local, is_global + FROM ' . ACL_OPTIONS_TABLE . " + WHERE auth_option LIKE '%\_' + AND is_local = 1 + ORDER BY is_global DESC, auth_option"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'local', ACL_NO); + $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false); + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'S_PERMISSIONS' => true, + 'U_USER_PERMISSIONS' => $phpbb_admin_path . 'index.' . $phpEx . $SID . '&i=permissions&mode=setting_user_global&user_id[]=' . $user_id, + 'U_USER_FORUM_PERMISSIONS' => $phpbb_admin_path . 'index.' . $phpEx . $SID . '&i=permissions&mode=setting_user_local&user_id[]=' . $user_id) + ); + + break; + } // Assign general variables @@ -1837,7 +1883,7 @@ class acp_users_info 'rank' => array('title' => 'ACP_USER_RANK', 'auth' => 'acl_a_user', 'display' => false), 'sig' => array('title' => 'ACP_USER_SIG', 'auth' => 'acl_a_user', 'display' => false), 'groups' => array('title' => 'ACP_USER_GROUPS', 'auth' => 'acl_a_user && acl_a_group', 'display' => false), - 'perm' => array('title' => 'ACP_USER_PERM', 'auth' => 'acl_a_user', 'display' => false), + 'perm' => array('title' => 'ACP_USER_PERM', 'auth' => 'acl_a_user && acl_a_viewauth', 'display' => false), 'attach' => array('title' => 'ACP_USER_ATTACH', 'auth' => 'acl_a_user', 'display' => false), ), ); diff --git a/phpBB/includes/acp/auth.php b/phpBB/includes/acp/auth.php new file mode 100644 index 0000000000..59a6b03d54 --- /dev/null +++ b/phpBB/includes/acp/auth.php @@ -0,0 +1,978 @@ +<?php +/** +* +* @package phpBB3 +* @version $Id$ +* @copyright (c) 2005 phpBB Group +* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* +*/ + +/** +* @package phpBB3 +* ACP Permission/Auth class +*/ +class auth_admin extends auth +{ + var $option_ids = array(); + + /** + * Init auth settings + */ + function auth_admin() + { + global $db, $cache; + + if (($this->acl_options = $cache->get('acl_options')) === false) + { + $sql = 'SELECT auth_option, is_global, is_local + FROM ' . ACL_OPTIONS_TABLE . ' + ORDER BY auth_option_id'; + $result = $db->sql_query($sql); + + $global = $local = 0; + while ($row = $db->sql_fetchrow($result)) + { + if ($row['is_global']) + { + $this->acl_options['global'][$row['auth_option']] = $global++; + } + + if ($row['is_local']) + { + $this->acl_options['local'][$row['auth_option']] = $local++; + } + } + $db->sql_freeresult($result); + + $cache->put('acl_options', $this->acl_options); + } + } + + /** + * Get permission mask + * This function only supports getting permissions of one type (for example a_) + * + * @param set|view $mode defines the permissions we get, view gets effective permissions (checking user AND group permissions), set only gets the user or group permission set alone + * @param mixed $user_id user ids to search for (a user_id or a group_id has to be specified at least) + * @param mixed $group_id group ids to search for, return group related settings (a user_id or a group_id has to be specified at least) + * @param mixed $forum_id forum_ids to search for. Defining a forum id also means getting local settings + * @param string $auth_option the auth_option defines the permission setting to look for (a_ for example) + * @param local|global $scope the scope defines the permission scope. If local, a forum_id is additionally required + * @param ACL_NO|ACL_UNSET|ACL_YES $acl_fill defines the mode those permissions not set are getting filled with + */ + function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NO) + { + global $db; + + $hold_ary = array(); + + if ($auth_option === false || $scope === false) + { + return array(); + } + + $acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data'; + + if ($forum_id !== false) + { + $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id); + } + else + { + $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false); + } + + // Make sure hold_ary is filled with every setting (prevents missing forums/users/groups) + $ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id); + $forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array()); + + // If forum_ids is false and the scope is local we actually want to have all forums within the array + if ($scope == 'local' && !sizeof($forum_ids)) + { + $sql = 'SELECT forum_id + FROM ' . FORUMS_TABLE; + $result = $db->sql_query($sql, 120); + + while ($row = $db->sql_fetchrow($result)) + { + $forum_ids[] = $row['forum_id']; + } + $db->sql_freeresult($result); + } + + foreach ($ug_id as $_id) + { + if (!isset($hold_ary[$_id])) + { + $hold_ary[$_id] = array(); + } + + foreach ($forum_ids as $f_id) + { + if (!isset($hold_ary[$_id][$f_id])) + { + $hold_ary[$_id][$f_id] = array(); + } + } + } + + // Now, we need to fill the gaps with $acl_fill. ;) + + // Only those options we need + $compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array('')); + + // Now switch back to keys + if (sizeof($compare_options)) + { + $compare_options = array_combine($compare_options, array_fill(1, sizeof($compare_options), $acl_fill)); + } + + // Defining the user-function here to save some memory + $return_acl_fill = create_function('$value', 'return ' . $acl_fill . ';'); + + // Actually fill the gaps + if (sizeof($hold_ary)) + { + foreach ($hold_ary as $ug_id => $row) + { + foreach ($row as $id => $options) + { + // Do not include the global auth_option + unset($options[$auth_option]); + + // Not a "fine" solution, but at all it's a 1-dimensional + // array_diff_key function filling the resulting array values with zeros + // The differences get merged into $hold_ary (all permissions having $acl_fill set) + $hold_ary[$ug_id][$id] = array_merge($options, + + array_map($return_acl_fill, + array_flip( + array_diff( + array_keys($compare_options), array_keys($options) + ) + ) + ) + ); + } + } + } + else + { + $hold_ary[($group_id !== false) ? $group_id : $user_id][(int) $forum_id] = $compare_options; + } + + return $hold_ary; + } + + /** + * Get permission mask for presets + * This function only supports getting masks for one preset + */ + function get_preset_mask($preset_id) + { + global $db; + + $hold_ary = array(); + + // Get users having this preset set... + $sql = 'SELECT user_id, forum_id + FROM ' . ACL_USERS_TABLE . ' + WHERE auth_preset_id = ' . $preset_id . ' + ORDER BY forum_id'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $hold_ary[$row['forum_id']]['users'][] = $row['user_id']; + } + $db->sql_freeresult($result); + + // Now grab groups... + $sql = 'SELECT group_id, forum_id + FROM ' . ACL_GROUPS_TABLE . ' + WHERE auth_preset_id = ' . $preset_id . ' + ORDER BY forum_id'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $hold_ary[$row['forum_id']]['groups'][] = $row['group_id']; + } + $db->sql_freeresult($result); + + return $hold_ary; + } + + /** + * Display permission mask for presets + */ + function display_preset_mask(&$hold_ary) + { + global $db, $template, $user, $phpbb_root_path, $phpbb_admin_path, $phpEx, $SID; + + if (!sizeof($hold_ary)) + { + return; + } + + // Get forum names + $sql = 'SELECT forum_id, forum_name + FROM ' . FORUMS_TABLE . ' + WHERE forum_id IN (' . implode(', ', array_keys($hold_ary)) . ')'; + $result = $db->sql_query($sql); + + $forum_names = array(); + while ($row = $db->sql_fetchrow($result)) + { + $forum_names[$row['forum_id']] = $row['forum_name']; + } + $db->sql_freeresult($result); + + foreach ($hold_ary as $forum_id => $auth_ary) + { + $template->assign_block_vars('preset_mask', array( + 'NAME' => ($forum_id == 0) ? $user->lang['GLOBAL_MASK'] : $forum_names[$forum_id], + 'FORUM_ID' => $forum_id) + ); + + if (isset($auth_ary['users']) && sizeof($auth_ary['users'])) + { + $sql = 'SELECT user_id, username + FROM ' . USERS_TABLE . ' + WHERE user_id IN (' . implode(', ', $auth_ary['users']) . ') + ORDER BY username'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('preset_mask.users', array( + 'USER_ID' => $row['user_id'], + 'USERNAME' => $row['username'], + 'U_PROFILE' => "{$phpbb_root_path}memberlist.$phpEx$SID&mode=viewprofile&u={$row['user_id']}") + ); + } + $db->sql_freeresult($result); + } + + if (isset($auth_ary['groups']) && sizeof($auth_ary['groups'])) + { + $sql = 'SELECT group_id, group_name, group_type + FROM ' . GROUPS_TABLE . ' + WHERE group_id IN (' . implode(', ', $auth_ary['groups']) . ') + ORDER BY group_type ASC, group_name'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $template->assign_block_vars('preset_mask.groups', array( + 'GROUP_ID' => $row['group_id'], + 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], + 'U_PROFILE' => $phpbb_root_path . "memberlist.$phpEx$SID&mode=group&g={$row['group_id']}") + ); + } + $db->sql_freeresult($result); + } + } + } + + /** + * NOTE: this function is not in use atm + * Add a new option to the list ... $options is a hash of form -> + * $options = array( + * 'local' => array('option1', 'option2', ...), + * 'global' => array('optionA', 'optionB', ...) + * ); + */ + function acl_add_option($options) + { + global $db, $cache; + + if (!is_array($options)) + { + return false; + } + + $cur_options = array(); + + $sql = 'SELECT auth_option, is_global, is_local + FROM ' . ACL_OPTIONS_TABLE . ' + ORDER BY auth_option_id'; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + if ($row['is_global']) + { + $cur_options['global'][] = $row['auth_option']; + } + + if ($row['is_local']) + { + $cur_options['local'][] = $row['auth_option']; + } + } + $db->sql_freeresult($result); + + // Here we need to insert new options ... this requires discovering whether + // an options is global, local or both and whether we need to add an permission + // set flag (x_) + $new_options = array('local' => array(), 'global' => array()); + + foreach ($options as $type => $option_ary) + { + $option_ary = array_unique($option_ary); + + foreach ($option_ary as $option_value) + { + if (!in_array($option_value, $cur_options[$type])) + { + $new_options[$type][] = $option_value; + } + + $flag = substr($option_value, 0, strpos($option_value, '_') + 1); + + if (!in_array($flag, $cur_options[$type]) && !in_array($flag, $new_options[$type])) + { + $new_options[$type][] = $flag; + } + } + } + unset($options); + + $options = array(); + $options['local'] = array_diff($new_options['local'], $new_options['global']); + $options['global'] = array_diff($new_options['global'], $new_options['local']); + $options['local_global'] = array_intersect($new_options['local'], $new_options['global']); + + $sql_ary = array(); + + foreach ($options as $type => $option_ary) + { + foreach ($option_ary as $option) + { + $sql_ary[] = array( + 'auth_option' => $option, + 'is_global' => ($type == 'global' || $type == 'local_global') ? 1 : 0, + 'is_local' => ($type == 'local' || $type == 'local_global') ? 1 : 0 + ); + } + } + + if (sizeof($sql_ary)) + { + switch (SQL_LAYER) + { + case 'mysql': + case 'mysql4': + case 'mysqli': + $db->sql_query('INSERT INTO ' . ACL_OPTIONS_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $sql_ary)); + break; + + default: + foreach ($sql_ary as $ary) + { + $db->sql_query('INSERT INTO ' . ACL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $ary)); + } + break; + } + } + + $cache->destroy('acl_options'); + + return true; + } + + /** + * Set a preset ACL record + */ + function acl_set_preset($preset_id, &$auth) + { + global $db; + + if (!sizeof($this->option_ids)) + { + $sql = 'SELECT auth_option_id, auth_option + FROM ' . ACL_OPTIONS_TABLE; + $result = $db->sql_query($sql); + + $this->option_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $this->option_ids[$row['auth_option']] = $row['auth_option_id']; + } + $db->sql_freeresult($result); + } + + // Set any flags as required + foreach ($auth as $auth_option => $setting) + { + $flag = substr($auth_option, 0, strpos($auth_option, '_') + 1); + + if (!isset($auth[$flag]) || !$auth[$flag]) + { + $auth[$flag] = $setting; + } + } + + $sql = 'SELECT auth_option_id, auth_setting + FROM ' . ACL_PRESETS_DATA_TABLE . ' + WHERE preset_id = ' . $preset_id; + $result = $db->sql_query($sql); + + $cur_auth = array(); + while ($row = $db->sql_fetchrow($result)) + { + $cur_auth[$row['auth_option_id']] = $row['auth_setting']; + } + $db->sql_freeresult($result); + + $sql_ary = array(); + + foreach ($auth as $auth_option => $setting) + { + $auth_option_id = (int) $this->option_ids[$auth_option]; + + switch ($setting) + { + case ACL_UNSET: + if (isset($cur_auth[$auth_option_id])) + { + $sql_ary['delete'][] = 'DELETE FROM ' . ACL_PRESETS_DATA_TABLE . ' + WHERE auth_option_id = ' . $auth_option_id . ' + AND preset_id = ' . $preset_id; + } + break; + + default: + if (!isset($cur_auth[$auth_option_id])) + { + $sql_ary['insert'][] = array( + 'preset_id' => (int) $preset_id, + 'auth_option_id' => (int) $auth_option_id, + 'auth_setting' => (int) $setting + ); + } + else if ($cur_auth[$auth_option_id] != $setting) + { + $sql_ary['update'][] = 'UPDATE ' . ACL_PRESETS_DATA_TABLE . ' + SET auth_setting = ' . (int) $setting . ' + WHERE preset_id = ' . $preset_id . ' + AND auth_option_id = ' . $auth_option_id; + } + break; + } + } + unset($cur_auth); + + foreach ($sql_ary as $sql_type => $sql_subary) + { + switch ($sql_type) + { + case 'insert': + switch (SQL_LAYER) + { + case 'mysql': + case 'mysql4': + case 'mysqli': + $db->sql_query('INSERT INTO ' . ACL_PRESETS_DATA_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $sql_subary)); + break; + + default: + foreach ($sql_subary as $ary) + { + $db->sql_query('INSERT INTO ' . ACL_PRESETS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $ary)); + } + break; + } + break; + + case 'update': + case 'delete': + foreach ($sql_subary as $sql) + { + $db->sql_query($sql); + } + break; + } + } + + $this->acl_clear_prefetch(); + } + + /** + * Set a user or group ACL record + */ + function acl_set($ug_type, &$forum_id, &$ug_id, &$auth) + { + global $db; + + // One or more forums + if (!is_array($forum_id)) + { + $forum_id = array($forum_id); + } + + // One or more users + if (!is_array($ug_id)) + { + $ug_id = array($ug_id); + } + + if (!sizeof($this->option_ids)) + { + $sql = 'SELECT auth_option_id, auth_option + FROM ' . ACL_OPTIONS_TABLE; + $result = $db->sql_query($sql); + + $this->option_ids = array(); + while ($row = $db->sql_fetchrow($result)) + { + $this->option_ids[$row['auth_option']] = $row['auth_option_id']; + } + $db->sql_freeresult($result); + } + + $ug_id_sql = 'IN (' . implode(', ', array_map('intval', $ug_id)) . ')'; + $forum_sql = 'IN (' . implode(', ', array_map('intval', $forum_id)) . ') '; + + // Set any flags as required + foreach ($auth as $auth_option => $setting) + { + $flag = substr($auth_option, 0, strpos($auth_option, '_') + 1); + + if (!isset($auth[$flag]) || !$auth[$flag]) + { + $auth[$flag] = $setting; + } + } + + if ($ug_type == 'user') + { + $sql = 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting + FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o + WHERE a.auth_option_id = o.auth_option_id + AND a.forum_id $forum_sql + AND a.user_id $ug_id_sql"; + } + else + { + $sql = 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting + FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o + WHERE a.auth_option_id = o.auth_option_id + AND a.forum_id $forum_sql + AND a.group_id $ug_id_sql"; + } + $result = $db->sql_query($sql); + + $cur_auth = array(); + while ($row = $db->sql_fetchrow($result)) + { + $cur_auth[$row['forum_id']][$row['auth_option_id']] = $row['auth_setting']; + } + $db->sql_freeresult($result); + + $table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; + $id_field = $ug_type . '_id'; + + $sql_ary = array(); + foreach ($forum_id as $forum) + { + $forum = (int) $forum; + + foreach ($auth as $auth_option => $setting) + { + $auth_option_id = (int) $this->option_ids[$auth_option]; + + switch ($setting) + { + case ACL_UNSET: + if (isset($cur_auth[$forum][$auth_option_id])) + { + $sql_ary['delete'][] = "DELETE FROM $table + WHERE forum_id = $forum + AND auth_option_id = $auth_option_id + AND $id_field $ug_id_sql"; + } + break; + + default: + if (!isset($cur_auth[$forum][$auth_option_id])) + { + foreach ($ug_id as $id) + { + $sql_ary['insert'][] = array( + $id_field => (int) $id, + 'forum_id' => (int) $forum, + 'auth_option_id' => (int) $auth_option_id, + 'auth_setting' => (int) $setting + ); + } + } + else if ($cur_auth[$forum][$auth_option_id] != $setting) + { + $sql_ary['update'][] = "UPDATE $table + SET auth_setting = " . (int) $setting . " + WHERE $id_field $ug_id_sql + AND forum_id = $forum + AND auth_option_id = $auth_option_id"; + } + break; + } + } + } + unset($cur_auth); + + foreach ($sql_ary as $sql_type => $sql_subary) + { + switch ($sql_type) + { + case 'insert': + switch (SQL_LAYER) + { + case 'mysql': + case 'mysql4': + case 'mysqli': + $db->sql_query("INSERT INTO $table " . $db->sql_build_array('MULTI_INSERT', $sql_subary)); + break; + + default: + foreach ($sql_subary as $ary) + { + $db->sql_query("INSERT INTO $table " . $db->sql_build_array('INSERT', $ary)); + } + break; + } + break; + + case 'update': + case 'delete': + foreach ($sql_subary as $sql) + { + $db->sql_query($sql); + } + break; + } + } + + $this->acl_clear_prefetch(); + } + + /** + * Remove local permission + */ + function acl_delete($mode, $ug_id = false, $forum_id = false, $auth_id = false) + { + global $db; + + if ($ug_id === false && $forum_id === false && $auth_ids === false) + { + return; + } + + $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; + $id_field = $mode . '_id'; + + $sql = array(); + + if ($auth_id !== false) + { + $sql[] = (!is_array($auth_id)) ? 'auth_option_id = ' . (int) $auth_id : 'auth_option_id IN (' . implode(', ', array_map('intval', $auth_id)) . ')'; + } + + if ($forum_id !== false) + { + $sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : 'forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')'; + } + + if ($ug_id !== false) + { + $sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $id_field . ' IN (' . implode(', ', array_map('intval', $ug_id)) . ')'; + } + + $sql = "DELETE FROM $table + WHERE " . implode(' AND ', $sql); + $db->sql_query($sql); + + $this->acl_clear_prefetch(); + } + + /** + * Display permission mask (assign to template) + */ + function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true) + { + global $template, $user, $db, $phpbb_root_path, $phpEx, $SID; + + // Define names for template loops, might be able to be set + $tpl_pmask = 'p_mask'; + $tpl_fmask = 'f_mask'; + $tpl_category = 'category'; + $tpl_mask = 'mask'; + + $l_acl_type = (isset($user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)])) ? $user->lang['ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type)] : 'ACL_TYPE_' . (($local) ? 'LOCAL' : 'GLOBAL') . '_' . strtoupper($permission_type); + + // Get names + if ($user_mode == 'user') + { + $sql = 'SELECT user_id as ug_id, username as ug_name + FROM ' . USERS_TABLE . ' + WHERE user_id IN (' . implode(', ', array_keys($hold_ary)) . ') + ORDER BY username ASC'; + } + else + { + $sql = 'SELECT group_id as ug_id, group_name as ug_name, group_type + FROM ' . GROUPS_TABLE . ' + WHERE group_id IN (' . implode(', ', array_keys($hold_ary)) . ') + ORDER BY group_type DESC, group_name ASC'; + } + $result = $db->sql_query($sql); + + $ug_names_ary = array(); + while ($row = $db->sql_fetchrow($result)) + { + $ug_names_ary[$row['ug_id']] = ($user_mode == 'user') ? $row['ug_name'] : (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['ug_name']] : $row['ug_name']); + } + $db->sql_freeresult($result); + + // Get used forums + $forum_ids = array(); + foreach ($hold_ary as $ug_id => $row) + { + $forum_ids = array_merge($forum_ids, array_keys($row)); + } + $forum_ids = array_unique($forum_ids); + + $forum_names_ary = array(); + if ($local) + { + $forum_names_ary = make_forum_select(false, false, true, false, false, true); + } + else + { + $forum_names_ary[0] = $l_acl_type; + } + + // Now obtain memberships + $user_groups_default = $user_groups_custom = array(); + if ($user_mode == 'user' && $group_display) + { + $sql = 'SELECT group_id, group_name, group_type + FROM ' . GROUPS_TABLE . ' + ORDER BY group_type DESC, group_name ASC'; + $result = $db->sql_query($sql); + + $groups = array(); + while ($row = $db->sql_fetchrow($result)) + { + $groups[$row['group_id']] = $row; + } + $db->sql_freeresult($result); + + $memberships = group_memberships(false, array_keys($hold_ary), false); + + foreach ($memberships as $row) + { + if ($groups[$row['group_id']]['group_type'] == GROUP_SPECIAL) + { + $user_groups_default[$row['user_id']][] = $user->lang['G_' . $groups[$row['group_id']]['group_name']]; + } + else + { + $user_groups_custom[$row['user_id']][] = $groups[$row['group_id']]['group_name']; + } + } + unset($memberships, $groups); + } + + // If we only have one forum id to display, we switch the complete interface to group by user/usergroup instead of grouping by forum + // To achive this, we need to switch the array a bit + if (sizeof($forum_ids) == 1) + { + $hold_ary_temp = $hold_ary; + $hold_ary = array(); + foreach ($hold_ary_temp as $ug_id => $row) + { + foreach ($row as $forum_id => $auth_row) + { + $hold_ary[$forum_id][$ug_id] = $auth_row; + } + } + unset($hold_ary_temp); + + foreach ($hold_ary as $forum_id => $forum_array) + { + $content_array = $categories = array(); + $this->build_permission_array($hold_ary[$forum_id], $content_array, $categories, array_keys($ug_names_ary)); + + $template->assign_block_vars($tpl_pmask, array( + 'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'], + 'CATEGORIES' => implode('</th><th>', $categories), + + 'L_ACL_TYPE' => $l_acl_type, + + 'S_LOCAL' => ($local) ? true : false, + 'S_GLOBAL' => (!$local) ? true : false, + 'S_NUM_CATS' => sizeof($categories), + 'S_VIEW' => ($mode == 'view') ? true : false, + 'S_NUM_OBJECTS' => sizeof($content_array), + 'S_USER_MODE' => ($user_mode == 'user') ? true : false, + 'S_GROUP_MODE' => ($user_mode == 'group') ? true : false) + ); + + foreach ($content_array as $ug_id => $ug_array) + { + $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( + 'NAME' => $ug_names_ary[$ug_id], + 'UG_ID' => $ug_id, + 'FORUM_ID' => $forum_id) + ); + + $this->assign_cat_array($ug_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id); + } + } + } + else + { + foreach ($ug_names_ary as $ug_id => $ug_name) + { + if (!isset($hold_ary[$ug_id])) + { + continue; + } + + $content_array = $categories = array(); + $this->build_permission_array($hold_ary[$ug_id], $content_array, $categories, array_keys($forum_names_ary)); + + $template->assign_block_vars($tpl_pmask, array( + 'NAME' => $ug_name, + 'CATEGORIES' => implode('</th><th>', $categories), + + 'USER_GROUPS_DEFAULT' => ($user_mode == 'user' && isset($user_groups_default[$ug_id]) && sizeof($user_groups_default[$ug_id])) ? implode(', ', $user_groups_default[$ug_id]) : '', + 'USER_GROUPS_CUSTOM' => ($user_mode == 'user' && isset($user_groups_custom[$ug_id]) && sizeof($user_groups_custom[$ug_id])) ? implode(', ', $user_groups_custom[$ug_id]) : '', + 'L_ACL_TYPE' => $l_acl_type, + + 'S_LOCAL' => ($local) ? true : false, + 'S_GLOBAL' => (!$local) ? true : false, + 'S_NUM_CATS' => sizeof($categories), + 'S_VIEW' => ($mode == 'view') ? true : false, + 'S_NUM_OBJECTS' => sizeof($content_array), + 'S_USER_MODE' => ($user_mode == 'user') ? true : false, + 'S_GROUP_MODE' => ($user_mode == 'group') ? true : false) + ); + + foreach ($content_array as $forum_id => $forum_array) + { + $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array( + 'NAME' => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'], + 'PADDING' => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'], + 'UG_ID' => $ug_id, + 'FORUM_ID' => $forum_id) + ); + + $this->assign_cat_array($forum_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id); + } + } + } + } + + /** + * Assign category to template + * used by display_mask() + */ + function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id) + { + global $template, $user; + + foreach ($category_array as $cat => $cat_array) + { + $template->assign_block_vars($tpl_cat, array( + 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NO'] && !$cat_array['S_UNSET']) ? true : false, + 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_YES'] && !$cat_array['S_UNSET']) ? true : false, + 'S_UNSET' => ($cat_array['S_UNSET'] && !$cat_array['S_NO'] && !$cat_array['S_YES']) ? true : false, + + 'CAT_NAME' => $user->lang['permission_cat'][$cat]) + ); + + foreach ($cat_array['permissions'] as $permission => $allowed) + { + $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array( + 'S_YES' => ($allowed == 1) ? true : false, + 'S_NO' => ($allowed == 0) ? true : false, + 'S_UNSET' => ($allowed == -1) ? true : false, + + 'UG_ID' => $ug_id, + 'FORUM_ID' => $forum_id, + 'FIELD_NAME' => $permission, + 'S_FIELD_NAME' => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']', + + 'PERMISSION' => $user->lang['acl_' . $permission]['lang']) + ); + } + } + } + + /** + * Building content array from permission rows with explicit key ordering + * used by display_mask() + */ + function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array) + { + global $user; + + foreach ($key_sort_array as $forum_id) + { + if (!isset($permission_row[$forum_id])) + { + continue; + } + + $permissions = $permission_row[$forum_id]; + ksort($permissions); + + foreach ($permissions as $permission => $auth_setting) + { + if (!isset($user->lang['acl_' . $permission])) + { + $user->lang['acl_' . $permission] = array( + 'cat' => 'misc', + 'lang' => '{ acl_' . $permission . ' }' + ); + } + + $cat = $user->lang['acl_' . $permission]['cat']; + + // Build our categories array + if (!isset($categories[$cat])) + { + $categories[$cat] = $user->lang['permission_cat'][$cat]; + } + + // Build our content array + if (!isset($content_array[$forum_id])) + { + $content_array[$forum_id] = array(); + } + + if (!isset($content_array[$forum_id][$cat])) + { + $content_array[$forum_id][$cat] = array( + 'S_YES' => false, + 'S_NO' => false, + 'S_UNSET' => false, + 'permissions' => array(), + ); + } + + $content_array[$forum_id][$cat]['S_YES'] |= ($auth_setting == ACL_YES) ? true : false; + $content_array[$forum_id][$cat]['S_NO'] |= ($auth_setting == ACL_NO) ? true : false; + $content_array[$forum_id][$cat]['S_UNSET'] |= ($auth_setting == ACL_UNSET) ? true : false; + + $content_array[$forum_id][$cat]['permissions'][$permission] = $auth_setting; + } + } + } +} + +?>
\ No newline at end of file diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 9608909088..ad6de1d6a8 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -494,6 +494,52 @@ class auth } /** + * Get raw user based permission settings + */ + function acl_user_raw_data($user_id = false, $opts = false, $forum_id = false) + { + global $db; + + $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : 'user_id IN (' . implode(', ', $user_id) . ')') : ''; + $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : ''; + + $sql_opts = ''; + + if ($opts !== false) + { + if (!is_array($opts)) + { + $sql_opts = (strpos($opts, '%') !== false) ? "AND ao.auth_option LIKE '" . $db->sql_escape($opts) . "'" : "AND ao.auth_option = '" . $db->sql_escape($opts) . "'"; + } + else + { + $sql_opts = 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^\s*(.*)\s*$#e', "\"'\" . \$db->sql_escape('\\1') . \"'\"", $opts)) . ')'; + } + } + + $hold_ary = array(); + + // Grab user settings ... each user has only one setting for each + // option ... so we shouldn't need any ACL_NO checks ... he says ... + $sql = 'SELECT ao.auth_option, a.user_id, a.forum_id, a.auth_setting + FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a + WHERE ao.auth_option_id = a.auth_option_id + ' . (($sql_user) ? 'AND a.' . $sql_user : '') . " + $sql_forum + $sql_opts + ORDER BY a.forum_id, ao.auth_option_id"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['auth_setting']; + } + $db->sql_freeresult($result); + + return $hold_ary; + } + + /** * Get raw group based permission settings */ function acl_group_raw_data($group_id = false, $opts = false, $forum_id = false) diff --git a/phpBB/includes/constants.php b/phpBB/includes/constants.php index 0f1ccafe38..3a25de7942 100644 --- a/phpBB/includes/constants.php +++ b/phpBB/includes/constants.php @@ -117,8 +117,8 @@ define('FIELD_DATE', 6); // Table names define('ACL_GROUPS_TABLE', $table_prefix.'auth_groups'); define('ACL_OPTIONS_TABLE', $table_prefix.'auth_options'); -define('ACL_DEPS_TABLE', $table_prefix.'auth_deps'); define('ACL_PRESETS_TABLE', $table_prefix.'auth_presets'); +define('ACL_PRESETS_DATA_TABLE', $table_prefix.'auth_preset_data'); define('ACL_USERS_TABLE', $table_prefix.'auth_users'); define('ATTACHMENTS_TABLE', $table_prefix.'attachments'); define('BANLIST_TABLE', $table_prefix.'banlist'); diff --git a/phpBB/includes/db/dbal.php b/phpBB/includes/db/dbal.php index 68f2f97ade..bce4398cb3 100644 --- a/phpBB/includes/db/dbal.php +++ b/phpBB/includes/db/dbal.php @@ -205,11 +205,13 @@ class dbal // Show complete SQL error and path to administrators only if ($auth->acl_get('a_')) - { - $this_page = (isset($_SERVER['PHP_SELF']) && !empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : $_ENV['PHP_SELF']; - $this_page .= '&' . ((isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : (isset($_ENV['QUERY_STRING']) ? $_ENV['QUERY_STRING'] : '')); + { + // Print out a nice backtrace... + $backtrace = get_backtrace(); - $message .= '<br /><br /><u>CALLING PAGE</u><br /><br />' . htmlspecialchars($this_page) . (($sql != '') ? '<br /><br /><u>SQL</u><br /><br />' . $sql : '') . '<br />'; + $message .= ($sql) ? '<br /><br /><u>SQL</u><br /><br />' . $sql : ''; + $message .= ($backtrace) ? '<br /><br /><u>BACKTRACE</u><br />' . $backtrace : ''; + $message .= '<br />'; } else { diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index a5c96f5031..c139eb5a11 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2165,4 +2165,76 @@ function page_footer() exit; } +/** +* Return a nicely formatted backtrace (parts from the php manual by diz at ysagoon dot com) +*/ +function get_backtrace() +{ + global $phpbb_root_path; + + $output = '<div style="font-family: monospace;">'; + $backtrace = debug_backtrace(); + $path = realpath($phpbb_root_path); + + foreach ($backtrace as $number => $trace) + { + // We skip the first one, because it only shows this file/function + if ($number == 0) + { + continue; + } + + // Strip the current directory from path + $trace['file'] = str_replace(array($path, '\\'), array('', '/'), $trace['file']); + $trace['file'] = substr($trace['file'], 1); + + $args = array(); + foreach ($trace['args'] as $argument) + { + switch (gettype($argument)) + { + case 'integer': + case 'double': + $args[] = $argument; + break; + + case 'string': + $argument = htmlspecialchars(substr($argument, 0, 64)) . ((strlen($argument) > 64) ? '...' : ''); + $args[] = '"' . $argument . '"'; + break; + + case 'array': + $args[] = 'Array(' . sizeof($argument) . ')'; + break; + + case 'object': + $args[] = 'Object(' . get_class($argument) . ')'; + break; + + case 'resource': + $args[] = 'Resource(' . strstr($a, '#') . ')'; + break; + + case 'boolean': + $args[] = ($argument) ? 'true' : 'false'; + break; + + case 'NULL': + $args[] = 'NULL'; + break; + + default: + $args[] = 'Unknown'; + } + } + + $output .= '<br />'; + $output .= '<b>FILE:</b> ' . htmlspecialchars($trace['file']) . '<br />'; + $output .= '<b>LINE:</b> ' . $trace['line'] . '<br />'; + $output .= '<b>CALL:</b> ' . htmlspecialchars($trace['class'] . $trace['type'] . $trace['function']) . '(' . ((sizeof($args)) ? implode(', ', $args) : '') . ')<br />'; + } + $output .= '</div>'; + return $output; +} + ?>
\ No newline at end of file diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 32cb2b383d..1aa18b467f 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -1,7 +1,7 @@ <?php /** * -* @package phpBB3 +* @package acp * @version $Id$ * @copyright (c) 2005 phpBB Group * @license http://opensource.org/licenses/gpl-license.php GNU Public License diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index a0708e88bb..5668fee1d0 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -923,15 +923,16 @@ function validate_email($email) return 'EMAIL_INVALID'; } - $banned = false; - - // TODO: This is a duplication of code from session->check_ban() + /** + * @todo This is a duplication of code from session->check_ban() + */ $sql = 'SELECT ban_ip, ban_userid, ban_email, ban_exclude, ban_give_reason, ban_end FROM ' . BANLIST_TABLE . ' WHERE ban_end >= ' . time() . ' OR ban_end = 0'; $result = $db->sql_query($sql); + $banned = false; if ($row = $db->sql_fetchrow($result)) { do |