Fix ACL_UNSET problem ... was causing users to be granted permission even when denied

git-svn-id: file:///svn/phpbb/trunk@3877 89ea8834-ac86-4346-8a33-228a782c2dd0
author: Paul S. Owen <psotfx@users.sourceforge.net> 2003-04-17 21:43:39 +0000
committer: Paul S. Owen <psotfx@users.sourceforge.net> 2003-04-17 21:43:39 +0000
commit: e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b (patch)
tree: c75a2485c14bce5cbc472ca0df0efb14ec1f265e /phpBB/includes
parent: e28707b3c2d73ce96e6481b1fd36b2bef2f1e477 (diff)
download: forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar
forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.gz
forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.bz2
forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.xz
forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.zip
1 files changed, 21 insertions, 19 deletions
diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php
index 747627b1cf..de282e2570 100644
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -1653,42 +1653,44 @@ if (class_exists(auth))
 			$table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
 			$id_field  = $ug_type . '_id';
 
+			$sql_ary = array();
 			foreach ($forum_id as $forum)
 			{
 				foreach ($auth as $auth_option => $setting)
 				{
 					$auth_option_id = $option_ids[$auth_option];
 
-					if (!empty($cur_auth[$forum]))
+					switch ($setting)
 					{
-						if ($setting == ACL_UNSET && isset($cur_auth[$forum][$auth_option_id]))
-						{
+						case ACL_UNSET:
 							$sql_ary[] = "DELETE FROM $table 
 								WHERE forum_id = $forum
 									AND auth_option_id = $auth_option_id
 									AND $id_field = $ug_id";
-						}
-						else
-						{
-							$sql_ary[] = (!isset($cur_auth[$forum][$auth_option_id])) ? "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_setting) VALUES ($ug_id, $forum, $auth_option_id, $setting)" : (($cur_auth[$forum][$auth_option_id] != $setting) ? "UPDATE " . $table . " SET auth_setting = $setting WHERE $id_field = $ug_id AND forum_id = $forum AND auth_option_id = $auth_option_id" : '');
-						}
-					}
-					else
-					{
-						$sql_ary[] = "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_setting) VALUES ($ug_id, $forum, $auth_option_id, $setting)";
+							break;
+
+						default:
+							if (isset($cur_auth[$forum][$auth_option_id]) && $cur_auth[$forum][$auth_option_id] != $setting)
+							{
+								$sql_ary[] = "UPDATE " . $table . " 
+									SET auth_setting = $setting 
+									WHERE $id_field = $ug_id 
+										AND forum_id = $forum 
+										AND auth_option_id = $auth_option_id";
+							}
+							else if (!isset($cur_auth[$forum][$auth_option_id]))
+							{
+								$sql_ary[] = "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_setting) 
+									VALUES ($ug_id, $forum, $auth_option_id, $setting)";
+							}
 					}
 				}
 			}
-			unset($forum_id);
-			unset($user_auth);
+			unset($cur_auth);
 
 			foreach ($sql_ary as $sql)
 			{
-				if ($sql != '')
-				{
-					$result = $db->sql_query($sql);
-					$db->sql_freeresult($result);
-				}
+				$result = $db->sql_query($sql);
 			}
 			unset($sql_ary);
author	Paul S. Owen <psotfx@users.sourceforge.net>	2003-04-17 21:43:39 +0000
committer	Paul S. Owen <psotfx@users.sourceforge.net>	2003-04-17 21:43:39 +0000
commit	e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b (patch)
tree	c75a2485c14bce5cbc472ca0df0efb14ec1f265e /phpBB/includes
parent	e28707b3c2d73ce96e6481b1fd36b2bef2f1e477 (diff)
download	forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.gz forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.bz2 forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.tar.xz forums-e93d9d23f22ff0f3e4a64abd3181babdf19a7f1b.zip