diff options
Diffstat (limited to 'phpBB/includes/ucp/ucp_zebra.php')
| -rw-r--r-- | phpBB/includes/ucp/ucp_zebra.php | 198 |
1 files changed, 172 insertions, 26 deletions
diff --git a/phpBB/includes/ucp/ucp_zebra.php b/phpBB/includes/ucp/ucp_zebra.php index b5a4051390..5627537d80 100644 --- a/phpBB/includes/ucp/ucp_zebra.php +++ b/phpBB/includes/ucp/ucp_zebra.php @@ -1,32 +1,178 @@ <?php -/*************************************************************************** - * usercp_profile.php - * ------------------- - * begin : Saturday, Feb 21, 2003 - * copyright : (C) 2001 The phpBB Group - * email : support@phpbb.com - * - * $Id$ - * - * - ***************************************************************************/ - -/*************************************************************************** - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * - ***************************************************************************/ - - -class ucp_zebra extends ucp +// ------------------------------------------------------------- +// +// $Id$ +// +// FILENAME : ucp_zebra.php +// STARTED : Sun Sep 28, 2003 +// COPYRIGHT : © 2001, 2003 phpBB Group +// WWW : http://www.phpbb.com/ +// LICENCE : GPL vs2.0 [ see /docs/COPYING ] +// +// ------------------------------------------------------------- + +class ucp_zebra extends module { - function main($module_id) + function ucp_zebra($id, $mode) { - return; + global $censors, $config, $db, $user, $auth, $SID, $template, $phpbb_root_path, $phpEx; + + $submit = (!empty($_POST['submit'])) ? true : false; + + if ($submit) + { + $var_ary = array( + 'usernames' => 0, + 'add' => '', + ); + + foreach ($var_ary as $var => $default) + { + $data[$var] = request_var($var, $default); + } + + $var_ary = array( + 'add' => array('string', false) + ); + + $error = validate_data($data, $var_ary); + extract($data); + unset($data); + + if ($add) + { + $add = explode("\n", $add); + + // Do these name/s exist on a list already? If so, ignore ... we could be + // 'nice' and automatically handle names added to one list present on + // the other (by removing the existing one) ... but I have a feeling this + // may lead to complaints + $sql = 'SELECT z.*, u.username + FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u + WHERE z.user_id = ' . $user->data['user_id'] . " + AND u.user_id = z.zebra_id"; + $result = $db->sql_query($sql); + + $friends = $foes = array(); + while ($row = $db->sql_fetchrow($result)) + { + if ($row['friend']) + { + $friends[] = $row['username']; + } + else + { + $foes[] = $row['username']; + } + } + $db->sql_freeresult($result); + + $add = array_diff($add, $friends, $foes, array($user->data['user_id'])); + unset($friends); + unset($foes); + + $add = implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . \$db->sql_escape('\\1') . \"'\"", $add)); + + $sql = 'SELECT user_id, user_permissions, user_founder + FROM ' . USERS_TABLE . ' + WHERE username IN (' . $add . ')'; + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + $user_id_ary = array(); + do + { + $user_id_ary[] = $row['user_id']; + } + while ($row = $db->sql_fetchrow($result)); + + // Remove users from foe list if they are admins or moderators + if ($mode == 'foes') + { + // This isn't right ... + $user_id_ary = array_diff($user_id_ary, array_keys(discover_auth($user_id_ary, array('a_', 'm_')))); + } + + if (sizeof($user_id_ary)) + { + $sql_mode = ($mode == 'friends') ? 'friend' : 'foe'; + + switch (SQL_LAYER) + { + case 'mysql': + case 'mysql4': + $sql = 'INSERT INTO ' . ZEBRA_TABLE . " (user_id, zebra_id, $sql_mode) + VALUES " . implode(', ', preg_replace('#^([0-9]+)$#', '(' . $user->data['user_id'] . ", \\1, 1)", $user_id_ary)); + $db->sql_query($sql); + break; + + case 'mssql': + case 'mssql-odbc': + case 'sqlite': + $sql = 'INSERT INTO ' . ZEBRA_TABLE . " (user_id, zebra_id, $sql_mode) + " . implode(' UNION ALL ', preg_replace('#^([0-9]+)$#', '(' . $user->data['user_id'] . ", \\1, 1)", $user_id_ary)); + $db->sql_query($sql); + break; + + default: + foreach ($user_id_ary as $zebra_id) + { + $sql = 'INSERT INTO ' . ZEBRA_TABLE . " (user_id, zebra_id, $sql_mode) + VALUES (" . $user->data['user_id'] . ", $zebra_id, 1)"; + $db->sql_query($sql); + } + break; + } + } + unset($user_id_ary); + } + $db->sql_freeresult($result); + } + else if ($usernames) + { + // Force integer values + $usernames = array_map('intval', $usernames); + + $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' + WHERE user_id = ' . $user->data['user_id'] . ' + AND zebra_id IN (' . implode(', ', $usernames) . ')'; + $db->sql_query($sql); + } + + meta_refresh(3, "ucp.$phpEx$SID&i=$id&mode=$mode"); + $message = $user->lang[strtoupper($mode) . '_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], "<a href=\"ucp.$phpEx$SID&i=$id&mode=$mode\">", '</a>'); + trigger_error($message); + } + + $sql_and = ($mode == 'friends') ? 'z.friend = 1' : 'z.foe = 1'; + $sql = 'SELECT z.*, u.username + FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u + WHERE z.user_id = ' . $user->data['user_id'] . " + AND $sql_and + AND u.user_id = z.zebra_id"; + $result = $db->sql_query($sql); + + $s_username_options = ''; + while ($row = $db->sql_fetchrow($result)) + { + $s_username_options .= '<option value="' . $row['zebra_id'] . '">' . $row['username'] . '</option>'; + } + $db->sql_freeresult($result); + + $template->assign_vars(array( + 'L_TITLE' => $user->lang['UCP_' . strtoupper($mode)], + + 'U_SEARCH_USER' => "memberlist.$phpEx$SID&mode=searchuser&form=ucp&field=add", + + 'S_USERNAME_OPTIONS' => $s_username_options, + 'S_HIDDEN_FIELDS' => $s_hidden_fields, + 'S_UCP_ACTION' => "ucp.$phpEx$SID&i=$id&mode=$mode") + ); + + $this->display($user->lang['UCP_ZEBRA'], 'ucp_zebra_' . $mode . '.html'); + + } } |