From 8ff2db064ebc2e3579864e137914a5fe887451cb Mon Sep 17 00:00:00 2001
From: "Paul S. Owen" <psotfx@users.sourceforge.net>
Date: Mon, 29 Jul 2002 23:28:01 +0000
Subject: Permission updates ... again it's mainly layout rather than actual
 capability ...

git-svn-id: file:///svn/phpbb/trunk@2791 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/admin/admin_permissions.php | 528 +++++++++++++-------------------------
 1 file changed, 180 insertions(+), 348 deletions(-)

(limited to 'phpBB/admin/admin_permissions.php')

diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php
index f7c1a42c8c..f83a203abc 100644
--- a/phpBB/admin/admin_permissions.php
+++ b/phpBB/admin/admin_permissions.php
@@ -74,14 +74,17 @@ switch ( $mode )
 	case 'forums':
 		$l_title = $lang['Permissions'];
 		$l_title_explain = $lang['Permissions_explain'];
+		$l_can = '_can';
 		break;
 	case 'moderators':
 		$l_title = $lang['Moderators'];
 		$l_title_explain = $lang['Moderators_explain'];
+		$l_can = '_can';
 		break;
 	case 'administrators':
 		$l_title = $lang['Administrators'];
 		$l_title_explain = $lang['Administrators_explain'];
+		$l_can = '_can_admin';
 		break;
 }
 
@@ -106,13 +109,12 @@ if ( !empty($forum_id) || $mode == 'administrators' )
 		$forum_info = $db->sql_fetchrow($result);
 
 		$l_title .= ' : <i>' . $forum_info['forum_name'] . '</i>';
-		$s_hidden_fields = '<input type="hidden" name="f" value="' . $forum_id .'" />';
 	}
 
 	//
 	// Generate header
 	// 
-	page_header($lang['Forums']);
+	page_header($l_title);
 
 ?>
 
@@ -126,379 +128,225 @@ if ( !empty($forum_id) || $mode == 'administrators' )
 	{
 		case 'forums':
 
-?>
-
-<form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="50%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr>
-		<th><?php echo $lang['Allowed_users']; ?></th>
-	</tr>
-	<tr>
-		<td class="row1" align="center"><select name="user_allowed" multiple="multiple" size="4"><?php echo $user_allowed_options; ?></select><br />[ <a href=""><?php echo $lang['Advanced']; ?></a> ]</td>
-	</tr>
-	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="adduser" value="Add New User" /> &nbsp; <input class="liteoption" type="submit" name="deluser" value="Remove User" /></td>
-	</tr>
-</table>
-
-<br clear="all" />
-
-<table class="bg" width="50%" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr>
-		<th><?php echo $lang['Disallowed_users']; ?></th>
-	</tr>
-	<tr>
-		<td class="row2" align="center"><select name="user_disallowed" multiple="multiple" size="4"><?php echo $user_allowed_options; ?></select><br />[ <a href=""><?php echo $lang['Advanced']; ?></a> ]</td>
-	</tr>
-	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="adduser" value="Add New User" /> &nbsp; <input class="liteoption" type="submit" name="deluser" value="Remove User" /></td>
-	</tr>
-</table>
-
-<br clear="all" />
+			$type_sql = 'forum';
+			$forum_sql = "AND a.forum_id = $forum_id";
 
-<table class="bg" width="50%" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr>
-		<th><?php echo $lang['Allowed_groups']; ?></th>
-	</tr>
-	<tr>
-		<td class="row1" align="center"><select name="group_allowed" multiple="multiple" size="4"><?php echo $group_allowed_options; ?></select><br />[ <a href=""><?php echo $lang['Advanced']; ?></a> ]</td>
-	</tr>
-	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="addgroup" value="Add New Group" /> &nbsp; <input class="liteoption" type="submit" name="delgroup" value="Remove Group" /></td>
-	</tr>
-</table>
-
-<br clear="all" />
-
-<table class="bg" width="50%" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr>
-		<th><?php echo $lang['Disallowed_groups']; ?></th>
-	</tr>
-	<tr>
-		<td class="row2" align="center"><select name="group_disallowed" multiple="multiple" size="4"><?php echo $group_disallowed_options; ?></select><br />[ <a href=""><?php echo $lang['Advanced']; ?></a> ]</td>
-	</tr>
-	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="addgroup" value="Add New Group" /> &nbsp; <input class="liteoption" type="submit" name="delgroup" value="Remove Group" /></td>
-	</tr>
-</table>
-
-<?php
 			break;
 
 		case 'moderators':
-			$sql = "SELECT auth_option 
-				FROM " . ACL_OPTIONS_TABLE . " 
-				WHERE auth_type LIKE 'mod'";
-			$result = $db->sql_query($sql);
-
-			$auth_options = array();
-			while ( $row = $db->sql_fetchrow($result) ) 
-			{
-				$auth_options[] = $row;
-			}
-
-			$sql = "SELECT u.user_id, u.username, ao.auth_option 
-				FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " au, " . ACL_OPTIONS_TABLE . " ao 
-				WHERE ao.auth_type LIKE 'mod' 
-					AND au.auth_option_id = ao.auth_option_id 
-					AND au.forum_id = $forum_id 
-					AND u.user_id = au.user_id
-				ORDER BY u.username, u.user_regdate ASC";
-			$result = $db->sql_query($sql);
-
-			$auth_users = array();
-			while ( $row = $db->sql_fetchrow($result) )
-			{
-				$auth_users[$row['auth_option']] .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
-			}
-
-			$sql = "SELECT g.group_id, g.group_name, ao.auth_option 
-				FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " ag, " . ACL_OPTIONS_TABLE . " ao 
-				WHERE ao.auth_type LIKE 'mod' 
-					AND ag.auth_option_id = ao.auth_option_id 
-					AND ag.forum_id = $forum_id 
-					AND g.group_id = ag.group_id
-				ORDER BY g.group_name ASC";
-			$result = $db->sql_query($sql);
-
-			$auth_groups = array();
-			while ( $row = $db->sql_fetchrow($result) )
-			{
-				$auth_groups[$row['auth_option']] .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
-			}
-
-?>
-
-<table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr>
-		<th>Setting</th>
-		<th>Users</th>
-		<th>Groups</th>
-	</tr>
-<?php
-			for($i = 0; $i < sizeof($auth_options); $i++)
-			{
-				$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
 
-?>
-	<tr>
-		<td class="<?php echo $row_class; ?>" align="center"><?php echo $auth_options[$i]['auth_option']; ?></td>
-		<td class="<?php echo $row_class; ?>" align="center"><select name="option[<?php echo $auth_options[$i]['auth_option']; ?>]" multiple="multiple"><?php echo $auth_users[$auth_options[$i]['auth_option']]; ?></select></td>
-		<td class="<?php echo $row_class; ?>" align="center"><select name="option[<?php echo $auth_options[$i]['auth_option']; ?>]" multiple="multiple"><?php echo $auth_groups[$auth_options[$i]['auth_option']]; ?></select></td>
-	</tr>
-
-<?php
-			}
-
-?>
-</table>
+			$type_sql = 'mod';
+			$forum_sql = "AND a.forum_id = $forum_id";
 
-<?php
 			break;
 
 		case 'administrators':
 
-			$sql = "SELECT group_id, group_name  
-				FROM " . GROUPS_TABLE;
-			$result = $db->sql_query($sql);
-
-			$group_list = '';
-			while ( $row = $db->sql_fetchrow($result) ) 
-			{
-				$group_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
-			}
-
-?>
-
-<h1><?php echo $lang['Users']; ?></h1>
+			$type_sql = 'admin';
+			$forum_sql = '';
 
-<form method="post" name="adminusers" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="45%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
-<?php
+			break;
+	}
 
-			if ( empty($HTTP_POST_VARS['discrete']) || empty($HTTP_POST_VARS['users']) )
-			{
+	$sql = "SELECT group_id, group_name  
+		FROM " . GROUPS_TABLE;
+	$result = $db->sql_query($sql);
 
-				$sql = "SELECT DISTINCT u.user_id, u.username  
-					FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " au, " . ACL_OPTIONS_TABLE . " ao 
-					WHERE ao.auth_type LIKE 'admin' 
-						AND au.auth_option_id = ao.auth_option_id 
-						AND u.user_id = au.user_id
-					ORDER BY u.username, u.user_regdate ASC";
-				$result = $db->sql_query($sql);
+	$group_list = '';
+	while ( $row = $db->sql_fetchrow($result) ) 
+	{
+		$group_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
+	}
+	$db->sql_freeresult($result);
 
-				$users = '';
-				while ( $row = $db->sql_fetchrow($result) )
-				{
-					$users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
-				}
+	if ( empty($HTTP_POST_VARS['advanced']) || empty($HTTP_POST_VARS['entries']) )
+	{
 
 ?>
+
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr>
-		<th><?php echo $lang['Manage_users']; ?></th>
-	</tr>
-	<tr>
-		<td class="row1" align="center"><select style="width:280px" name="users[]" multiple="multiple" size="5"><?php echo $users; ?></select></td>
+		<td align="center"><h1><?php echo $lang['Users']; ?></h1></td>
+		<td align="center"><h1><?php echo $lang['Groups']; ?></h1></td>
 	</tr>
 	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="deluser" value="<?php echo $lang['Remove_selected']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="discrete" value="<?php echo $lang['Advanced']; ?>" /></td>
-	</tr>
-<?php
-
-			}
-			else
-			{
-				$where_user_sql = '';
-				if ( !empty($HTTP_POST_VARS['users']) )
-				{
-					foreach ($HTTP_POST_VARS['users'] as $user_id)
-					{
-						$where_user_sql .= ( ( $where_user_sql != '' ) ? ', ' : '' ) . intval($user_id);
-					}
-
-					$where_user_sql = " AND u.user_id IN ($where_user_sql)";
-				}
-
-				$sql = "SELECT auth_option 
-					FROM " . ACL_OPTIONS_TABLE . " 
-					WHERE auth_type LIKE 'admin'";
-				$result = $db->sql_query($sql);
-
-				$auth_options = array();
-				while ( $row = $db->sql_fetchrow($result) ) 
-				{
-					$auth_options[] = $row;
-				}
-
-				$sql = "SELECT u.user_id, u.username, ao.auth_option, au.auth_allow_deny 
-					FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " au, " . ACL_OPTIONS_TABLE . " ao 
-					WHERE ao.auth_type LIKE 'admin' 
-						AND au.auth_option_id = ao.auth_option_id 
-						AND u.user_id = au.user_id
-						$where_user_sql 
-					ORDER BY u.username, u.user_regdate ASC";
-				$result = $db->sql_query($sql);
 
-				$users = array();
-				$auth_user = array();
-				while ( $row = $db->sql_fetchrow($result) )
-				{
-					$users[] = '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
+		<td><form method="post" name="adminusers" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
+<?php
 
-					$auth_user[$row['auth_option']] = ( isset($auth_user[$row['auth_option']]) ) ?  min($auth_user[$row['auth_option']], $row['auth_allow_deny']) : $row['auth_allow_deny'];
-				}
+		$sql = "SELECT DISTINCT u.user_id, u.username  
+			FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o 
+			WHERE o.auth_type LIKE '$type_sql' 
+				AND a.auth_option_id = o.auth_option_id 
+				$forum_sql 
+				AND u.user_id = a.user_id
+			ORDER BY u.username, u.user_regdate ASC";
+		$result = $db->sql_query($sql);
 
-				$users = implode('', array_unique($users));
+		$users = '';
+		while ( $row = $db->sql_fetchrow($result) )
+		{
+			$users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';
+		}
+		$db->sql_freeresult($result);
 
 ?>
-	<tr>
-		<th>&nbsp;<?php echo $lang['User_can_admin']; ?>&nbsp;</th>
-		<th>&nbsp;<?php echo $lang['Allow']; ?>&nbsp;</th>
-		<th>&nbsp;<?php echo $lang['Deny']; ?>&nbsp;</th>
-	</tr>
+			<tr>
+				<th><?php echo $lang['Manage_users']; ?></th>
+			</tr>
+			<tr>
+				<td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $users; ?></select></td>
+			</tr>
+			<tr>
+				<td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $lang['Remove_selected']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="advanced" value="<?php echo $lang['Advanced']; ?>" /><input type="hidden" name="type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+			</tr>
+		</table></form></td>
+
+		<td align="center"><form method="post" name="admingroups" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 <?php
 
-				for($i = 0; $i < sizeof($auth_options); $i++)
-				{
-					$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
-
-					$l_can_cell = ( !empty($lang['acl_admin_' . $auth_options[$i]['auth_option']]) ) ? $lang['acl_admin_' . $auth_options[$i]['auth_option']] : $auth_options[$i]['auth_option'];
+		$sql = "SELECT DISTINCT g.group_id, g.group_name  
+			FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o 
+			WHERE o.auth_type LIKE '$type_sql' 
+				$forum_sql 
+				AND a.auth_option_id = o.auth_option_id 
+				AND g.group_id = a.group_id 
+			ORDER BY g.group_name ASC";
+		$result = $db->sql_query($sql);
 
-					$can_type = ( !empty($auth_user[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
-					$cannot_type = ( empty($auth_user[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
+		$groups = '';
+		while ( $row = $db->sql_fetchrow($result) )
+		{
+			$groups .= '<option value="' . $row['group_id'] . '">' . ( ( $row['group_name'] == 'ADMINISTRATORS' ) ? $lang['Admin_group'] : $row['group_name'] ) . '</option>';
+		}
+		$db->sql_freeresult($result);
 
 ?>
-	<tr>
-		<td class="<?php echo $row_class; ?>"><?php echo $l_can_cell; ?></td>
-		<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="<?php echo $auth_options[$i]['auth_option']; ?>" value="1"<?php echo $can_type; ?> /></td>
-		<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="<?php echo $auth_options[$i]['auth_option']; ?>" value="0"<?php echo $cannot_type; ?> /></td>
-	</tr>
-<?php
-				}
+		<tr>
+			<th><?php echo $lang['Manage_groups']; ?></th>
+		</tr>
+		<tr>
+			<td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $groups; ?></select></td>
+		</tr>
+		<tr>
+			<td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $lang['Remove_selected']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="advanced" value="<?php echo $lang['Advanced']; ?>" /><input type="hidden" name="type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+		</tr>
+	</table></form></td>
 
-?>
-	<tr>
-		<td class="cat" colspan="3" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /></td>
 	</tr>
-<?php
-			}
+	<tr>
 
-?>
-</table></form>
+		<td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="90%" cellspacing="1" cellpadding="4" border="0" align="center">
+			<tr> 
+				<th><?php echo $lang['Add_users']; ?></th>
+			</tr>
+			<tr> 
+				<td class="row1" align="center"><textarea cols="40" rows="4" name="new"></textarea></td>
+			</tr>
+			<tr> 
+				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=newuser', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+			</tr>
+		</table></form></td>
+
+		<td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
+			<tr> 
+				<th><?php echo $lang['Add_groups']; ?></th>
+			</tr>
+			<tr> 
+				<td class="row1" align="center"><select name="new" multiple="multiple" size="4"><?php echo $group_list; ?></select></td>
+			</tr>
+			<tr> 
+				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+			</tr>
+		</table></form></td>
 
-<form method="post" name="addusers" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="45%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr> 
-		<th><?php echo $lang['Add_users']; ?></th>
-	</tr>
-	<tr> 
-		<td class="row1" align="center"><textarea cols="40" rows="3" name="newuser"></textarea></td>
-	</tr>
-	<tr> 
-		<td class="cat" align="center"> <input type="submit" name="adduser" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=1&amp;field=newuser', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /></td>
 	</tr>
 </table>
 
-<h1><?php echo $lang['Groups']; ?></h1>
-
-<form method="post" name="admingroups" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="45%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 <?php
 
-			if ( empty($HTTP_POST_VARS['discrete']) || empty($HTTP_POST_VARS['groups']) )
-			{
-
-				$sql = "SELECT DISTINCT g.group_id, g.group_name  
-					FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " ag, " . ACL_OPTIONS_TABLE . " ao 
-					WHERE ao.auth_type LIKE 'admin' 
-						AND ag.auth_option_id = ao.auth_option_id 
-						AND g.group_id = ag.group_id 
-					ORDER BY g.group_name ASC";
-				$result = $db->sql_query($sql);
-
-				$groups = '';
-				while ( $row = $db->sql_fetchrow($result) )
-				{
-					$groups .= '<option value="' . $row['group_id'] . '">' . ( ( $row['group_name'] == 'ADMINISTRATORS' ) ? $lang['Admin_group'] : $row['group_name'] ) . '</option>';
-				}
+	}
+	else
+	{
 
-?>
-	<tr>
-		<th><?php echo $lang['Manage_groups']; ?></th>
-	</tr>
-	<tr>
-		<td class="row1" align="center"><select style="width:280px" name="groups[]" multiple="multiple" size="5"><?php echo $groups; ?></select></td>
-	</tr>
-	<tr>
-		<td class="cat" align="center"><input class="liteoption" type="submit" name="delgroup" value="<?php echo $lang['Remove_selected']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="discrete" value="<?php echo $lang['Advanced']; ?>" /></td>
-	</tr>
-<?php
+		$sql = "SELECT auth_option 
+			FROM " . ACL_OPTIONS_TABLE . " 
+			WHERE auth_type LIKE '$type_sql'";
+		$result = $db->sql_query($sql);
 
-			}
-			else
-			{
-				$where_groups_sql = '';
-				if ( !empty($HTTP_POST_VARS['groups']) )
-				{
-					if ( is_array($HTTP_POST_VARS['groups']) )
-					{
-						foreach ($HTTP_POST_VARS['groups'] as $group_id)
-						{
-							$where_groups_sql .= ( ( $where_groups_sql != '' ) ? ', ' : '' ) . intval($group_id);
-						}
-					}
-					else
-					{
-						$where_groups_sql = intval($HTTP_POST_VARS['groups']);
-					}
-
-					$where_groups_sql = " AND g.group_id IN ($where_groups_sql)";
-				}
-
-				$sql = "SELECT auth_option 
-					FROM " . ACL_OPTIONS_TABLE . " 
-					WHERE auth_type LIKE 'admin'";
-				$result = $db->sql_query($sql);
-
-				$auth_options = array();
-				while ( $row = $db->sql_fetchrow($result) ) 
-				{
-					$auth_options[] = $row;
-				}
-
-				$sql = "SELECT g.group_id, g.group_name, ao.auth_option, ag.auth_allow_deny   
-					FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " ag, " . ACL_OPTIONS_TABLE . " ao 
-					WHERE ao.auth_type LIKE 'admin' 
-						AND ag.auth_option_id = ao.auth_option_id 
-						AND g.group_id = ag.group_id 
-						$where_groups_sql 
+		$auth_options = array();
+		while ( $row = $db->sql_fetchrow($result) ) 
+		{
+			$auth_options[] = $row;
+		}
+		$db->sql_freeresult($result);
+
+		$where_sql = '';
+		foreach ( $HTTP_POST_VARS['entries'] as $id )
+		{
+			$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($id);
+		}
+
+		switch ( $HTTP_POST_VARS['type'] )
+		{
+			case 'group':
+				$l_type = 'Group';
+
+				$sql = "SELECT g.group_id, g.group_name, o.auth_option, a.auth_allow_deny   
+					FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o 
+					WHERE o.auth_type LIKE '$type_sql' 
+						AND a.auth_option_id = o.auth_option_id 
+						$forum_sql 
+						AND g.group_id = a.group_id 
+						AND g.group_id IN ($where_sql) 
 					ORDER BY g.group_name ASC";
-				$result = $db->sql_query($sql);
+				break;
+
+			case 'user':
+				$l_type = 'User';
+
+				$sql = "SELECT u.user_id, u.username, o.auth_option, a.auth_allow_deny 
+					FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o 
+					WHERE o.auth_type LIKE '$type_sql' 
+						AND a.auth_option_id = o.auth_option_id 
+						$forum_sql 
+						AND u.user_id = a.user_id
+						AND u.user_id IN ($where_sql)  
+					ORDER BY u.username, u.user_regdate ASC";
+				break;
+		}
 
-				$groups = array();
-				$auth_group = array();
-				while ( $row = $db->sql_fetchrow($result) )
-				{
-					$groups[] = '<option value="' . $row['group_id'] . '">' . ( ( $row['group_name'] == 'ADMINISTRATORS' ) ? $lang['Admin_group'] : $row['group_name'] ) . '</option>';
+		$result = $db->sql_query($sql);
 
-					$auth_group[$row['auth_option']] = ( isset($auth_group[$row['auth_option']]) ) ?  min($auth_group[$row['auth_option']], $row['auth_allow_deny']) : $row['auth_allow_deny'];
-				}
+		$ug = '';;
+		$auth = array();
+		while ( $row = $db->sql_fetchrow($result) )
+		{
+			$ug_name = ( ( $row['group_name'] == 'ADMINISTRATORS' ) ? $lang['Admin_group'] : ( ( $HTTP_POST_VARS['type'] == 'user' ) ? $row['username'] : $row['group_name'] ) );
+			$ug .= ( !strstr($ug, $ug_name) ) ? $ug_name . "\n" : '';
 
-				$groups = implode('', array_unique($groups));
+			$auth[$row['auth_option']] = ( isset($auth_group[$row['auth_option']]) ) ?  min($auth_group[$row['auth_option']], $row['auth_allow_deny']) : $row['auth_allow_deny'];
+		}
+		$db->sql_freeresult($result);
 
 ?>
+
+<form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 	<tr>
-		<th>&nbsp;<?php echo $lang['Group_can_admin']; ?>&nbsp;</th>
+		<th>&nbsp;<?php echo $lang[$l_type . $l_can]; ?>&nbsp;</th>
 		<th>&nbsp;<?php echo $lang['Allow']; ?>&nbsp;</th>
 		<th>&nbsp;<?php echo $lang['Deny']; ?>&nbsp;</th>
 	</tr>
 <?php
 
-				for($i = 0; $i < sizeof($auth_options); $i++)
-				{
-					$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
+		for($i = 0; $i < sizeof($auth_options); $i++)
+		{
+			$row_class = ( $row_class == 'row1' ) ? 'row2' : 'row1';
 
-					$l_can_cell = ( !empty($lang['acl_admin_' . $auth_options[$i]['auth_option']]) ) ? $lang['acl_admin_' . $auth_options[$i]['auth_option']] : $auth_options[$i]['auth_option'];
+			$l_can_cell = ( !empty($lang['acl_admin_' . $auth_options[$i]['auth_option']]) ) ? $lang['acl_admin_' . $auth_options[$i]['auth_option']] : $auth_options[$i]['auth_option'];
 
-					$can_type = ( !empty($auth_group[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
-					$cannot_type = ( empty($auth_group[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
+			$can_type = ( !empty($auth[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
+			$cannot_type = ( empty($auth[$auth_options[$i]['auth_option']]) ) ? ' checked="checked"' : '';
 
 ?>
 	<tr>
@@ -507,41 +355,25 @@ if ( !empty($forum_id) || $mode == 'administrators' )
 		<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="<?php echo $auth_options[$i]['auth_option']; ?>" value="0"<?php echo $cannot_type; ?> /></td>
 	</tr>
 <?php
-				}
 
-?>
-	<tr>
-		<td class="cat" colspan="3" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /></td>
-	</tr>
-<?php
-			}
+		}
 
 ?>
-</table></form>
-
-<form method="post" name="addgroups" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table width="45%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
-	<tr> 
-		<th><?php echo $lang['Add_groups']; ?></th>
+	<tr>
+		<th colspan="3"><?php echo $lang['Applies_to_' . $l_type]; ?></th>
 	</tr>
-	<tr> 
-		<td class="row1" align="center"><select name="newgroup" multiple="multiple" size="3"><?php echo $group_list; ?></select></td>
+	<tr>
+		<td class="row1" colspan="3"><textarea cols="40" rows="3"><?php echo $ug; ?></textarea></td>
 	</tr>
-	<tr> 
-		<td class="cat" align="center"> <input type="submit" name="addgroup" value="<?php echo $lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $lang['Reset']; ?>" class="liteoption" /></td>
+	<tr>
+		<td class="cat" colspan="3" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
 	</tr>
-</table>
-
-<?php 
-			break;
-	}
-
-
-?>
-
-<?php echo $s_hidden_fields; ?></form>
+</table></form>
 
 <?php
 
+	}
+
 }
 else
 {
@@ -557,7 +389,7 @@ else
 	}
 	$db->sql_freeresult($result);
 
-	page_header($lang['Forums']);
+	page_header($l_title);
 
 ?>
 
-- 
cgit v1.2.1