From 820df16055f47749d6508dd74471c55683d6a05c Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Fri, 8 Jun 2001 00:37:26 +0000 Subject: Some basic user auth layout tests git-svn-id: file:///svn/phpbb/trunk@440 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/userauth.php | 477 ++++++++++++++++++++--------------------------- 1 file changed, 200 insertions(+), 277 deletions(-) (limited to 'phpBB/admin/userauth.php') diff --git a/phpBB/admin/userauth.php b/phpBB/admin/userauth.php index ffd92d7e42..529e49e7d7 100644 --- a/phpBB/admin/userauth.php +++ b/phpBB/admin/userauth.php @@ -8,8 +8,8 @@ include('common.'.$phpEx); // // Start session management // -//$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); -//init_userprefs($userdata); +$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length); +init_userprefs($userdata); // // End session management // @@ -21,178 +21,80 @@ $auth_field_match = array( "auth_reply" => AUTH_REPLY, "auth_edit" => AUTH_EDIT, "auth_delete" => AUTH_DELETE, + "auth_sticky" => AUTH_STICKY, + "auth_announce" => AUTH_ANNOUNCE, "auth_vote" => AUTH_VOTE, "auth_votecreate" => AUTH_VOTECREATE, "auth_attachments" => AUTH_ATTACH ); -$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_votecreate", "auth_vote", "auth_attachments"); +$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_votecreate", "auth_vote", "auth_attachments"); - -?> - - - -phpBB - auth testing - - - - -

User Authorisation Control

- -sql_query($sql); - $forum_fields = $db->sql_fetchrow($f_result); - - $sql = "SELECT aa.*, g.group_name, u.user_id, u.username, u.user_level, f.forum_name - FROM ".AUTH_ACCESS_TABLE." aa, ".GROUPS_TABLE." g, ".USER_GROUP_TABLE." ug, ".USERS_TABLE." u, ".FORUMS_TABLE." f - WHERE f.forum_id = $forum_id - AND aa.forum_id = f.forum_id - AND ug.group_id = aa.group_id - AND g.group_id = ug.group_id - AND u.user_id = ug.user_id - ORDER BY u.user_id, aa.group_id"; - $aa_result = $db->sql_query($sql); - $user_list = $db->sql_fetchrowset($aa_result); - - - for($i = 0; $i < count($user_list); $i++) - { - $user_id = $user_list[$i]['user_id']; - $userinfo[$user_id]['username'] = $user_list[$i]['username']; - $is_admin = ($user_list[$i]['user_level'] == ADMIN) ? 1 : 0; +if(isset($HTTP_GET_VARS[POST_USERS_URL])) +{ - for($j = 0; $j < count($forum_field_name); $j++) - { - $this_field = $forum_field_name[$j]; - $is_auth[$this_field][$user_id] = auth_check_user($forum_fields[$this_field], $this_field, $user_list[$i], $is_admin); - } - } - + $template->set_filenames(array( + "body" => "admin/userauth_body.tpl")); - echo "

Forum: ".$forum_fields['forum_name']."

\n"; + $user_id = $HTTP_GET_VARS[POST_USERS_URL]; -?> -

- - - - -sql_query($sql); + $forum_access = $db->sql_fetchrowset($fa_result); - for($i = 0; $i < count($forum_field_name); $i++) + for($i = 0; $i < count($forum_access); $i++) { - echo "\t\n"; - - echo "\t\t\n"; - - reset($is_auth); - $user_auth_ary = $is_auth[$forum_field_name[$i]]; - - if($forum_fields[$forum_field_name[$i]] == AUTH_ALL || $forum_fields[$forum_field_name[$i]] == AUTH_REG) + while(list($forum_id, $forum_row) = each($forum_access)) { - if($forum_fields[$forum_field_name[$i]] == AUTH_ALL) + for($j = 0; $j < count($forum_auth_fields); $j++) { - echo "\t\t"; + $basic_auth_level[$forum_row['forum_id']] = "public"; + if($forum_row[$forum_auth_fields[$j]] == AUTH_ACL) + { + $basic_auth_level[$forum_row['forum_id']] = "private"; + $basic_auth_level_fields[$forum_row['forum_id']][] = $forum_auth_fields[$j]; + } } - else + if($forum_row['auth_view'] == AUTH_MOD || $forum_row['auth_read'] == AUTH_MOD || $forum_row['auth_post'] == AUTH_MOD || $forum_row['auth_reply'] == AUTH_MOD) { - echo "\t\t"; + $basic_auth_level[$forum_row['forum_id']] = "moderate"; } - } - else - { - echo "\t\t\n"; } - - echo "\t\n"; - } -?> -

Forum Auth Field	Users with Access
" . $forum_field_name[$i] . "	All Users	Registered Users

-sql_query($sql); - $f_access = $db->sql_fetchrowset($af_result); - - $sql = "SELECT user_id, username, user_level - FROM " . USERS_TABLE . " - WHERE user_id = $user_id"; + $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user + FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug + WHERE u.user_id = $user_id + AND ug.user_id = u.user_id + AND g.group_id = ug.group_id"; $u_result = $db->sql_query($sql); - $userinf = $db->sql_fetchrow($u_result); + $userinf = $db->sql_fetchrowset($u_result); $sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, g.group_single_user FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id - AND aa.group_id = ug.group_id"; + AND aa.group_id = ug.group_id + AND g.group_single_user = 1"; $au_result = $db->sql_query($sql); $num_u_access = $db->sql_numrows($au_result); @@ -201,11 +103,11 @@ else if(isset($HTTP_GET_VARS[POST_USERS_URL])) $u_access = $db->sql_fetchrowset($au_result); } - $is_admin = ($userinf['user_level'] == ADMIN) ? 1 : 0; + $is_admin = ($userinf[0]['user_level'] == ADMIN) ? 1 : 0; - for($i = 0; $i < count($f_access); $i++) + for($i = 0; $i < count($forum_access); $i++) { - $f_forum_id = $f_access[$i]['forum_id']; + $f_forum_id = $forum_access[$i]['forum_id']; $is_forum_restricted[$f_forum_id] = 0; for($j = 0; $j < count($forum_auth_fields); $j++) @@ -213,192 +115,213 @@ else if(isset($HTTP_GET_VARS[POST_USERS_URL])) $key = $forum_auth_fields[$j]; $value = $f_access[$i][$key]; - if($user_id == ANONYMOUS) - { - $auth_user[$f_forum_id][$key] = ($value == AUTH_ALL) ? 1 : 0; - if($value == AUTH_ACL || $value == AUTH_MOD || $value == AUTH_ADMIN) - { - $is_forum_restricted[$f_forum_id] = 1; - } - } - else if(!$num_u_access) + switch($value) { - $auth_user[$f_forum_id][$key] = ($value == AUTH_ALL || $value == AUTH_REG) ? 1 : 0; - if($value == AUTH_ACL || $value == AUTH_MOD || $value == AUTH_ADMIN) - { - $is_forum_restricted[$f_forum_id] = 1; - } - } - else - { - switch($value) - { - case AUTH_ALL: - $auth_user[$f_forum_id][$key] = 1; - break; - - case AUTH_REG: - $auth_user[$f_forum_id][$key] = 1; - break; - - case AUTH_ACL: - $auth_user[$f_forum_id][$key] = auth_check_user(AUTH_ACL, $key, $u_access, $is_admin); - $is_forum_restricted[$f_forum_id] = 1; - break; + case AUTH_ALL: + $auth_user[$f_forum_id][$key] = 1; + break; + + case AUTH_REG: + $auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? 1 : 0; + break; + + case AUTH_ACL: + $auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0; + break; - case AUTH_MOD: - $auth_user[$f_forum_id][$key] = auth_check_user(AUTH_MOD, $key, $u_access, $is_admin); - $is_forum_restricted[$f_forum_id] = 1; - break; + case AUTH_MOD: + $auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_MOD, $key, $u_access, $is_admin) : 0; + break; - case AUTH_ADMIN: - $auth_user[$f_forum_id][$key] = $is_admin; - $is_forum_restricted[$f_forum_id] = 1; - break; - - default: - $auth_user[$f_forum_id][$key] = 0; - break; - } + case AUTH_ADMIN: + $auth_user[$f_forum_id][$key] = $is_admin; + break; + + default: + $auth_user[$f_forum_id][$key] = 0; + break; } } // // Is user a moderator? // - $auth_user[$f_forum_id]['auth_mod'] = auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin); + $auth_user[$f_forum_id]['auth_mod'] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; } -?> - -

+ $simple_auth[$forumkey] = 1; + while(list($fieldkey, $value) = each($user_ary)) + { + $simple_auth[$forumkey] = $simple_auth[$forumkey] && $value; -

Restricted forums

+ } + } + reset($auth_user); -

- - -Administrator" : "a User"; - for($j = 0; $j < count($forum_auth_fields); $j++) + for($i = 0; $i < count($userinf); $i++) { - echo "\t\n"; + if(!$userinf[$i]['group_single_user']) + { + $group_name[] = $userinf[$i]['group_name']; + $group_id[] = $userinf[$i]['group_name']; + } } - echo "\t\n"; - - echo "\n"; - - $i = 0; - while(list($forumkey, $user_ary) = each($auth_user)) + + if(count($group_name)) { - if($is_forum_restricted[$forumkey]) + $t_usergroup_list = "belongs to the following groups; "; + for($i = 0; $i < count($userinf); $i++) { - echo "\n"; - echo "\t\n"; - while(list($fieldkey, $value) = each($user_ary)) + $t_usergroup_list .= $group_name[$i]; + if($i < count($group_name) - 1) { - $can_they = ($auth_user[$forumkey][$fieldkey]) ? "Yes" : "No"; - echo "\t\n"; + $t_usergroup_list .= ", "; } - echo "\n"; } - $i++; } - reset($auth_user); - -?> -

Forum Name	".preg_replace("/auth_/", "", $forum_auth_fields[$j])."	Moderator
".$f_access[$i]['forum_name']."	$can_they

- -

Forums with general (public or registered) access

- -

The following forums are set to be generally accessible to most users, either everyone or just registered users. To limit these forums (or certain fields) to specific users you need to change the forum authorisation type via the Forum Authorisation Admin panel.

- -

- - -".preg_replace("/auth_/", "", $forum_auth_fields[$j])."\n"; + $t_usergroup_list = "belongs to no usergroups."; } - echo "\t\n"; - echo "\n"; $i = 0; - while(list($forumkey, $user_ary) = each($auth_user)) + if($adv == -1) { - if(!$is_forum_restricted[$forumkey]) + while(list($forumkey, $user_ary) = each($auth_user)) + { + if($basic_auth_level[$forumkey] == "private") + { + $allowed = 1; + for($j = 0; $j < count($basic_auth_level_fields[$forumkey]); $j++) + { + if(!$auth_user[$forumkey][$basic_auth_level_fields[$forumkey][$j]]) + { + $allowed = 0; + } + } + $optionlist_grant = ""; + } + else + { + $optionlist_grant = ""; + } + if($user_ary['auth_mod']) + { + $optionlist_mod = ""; + } + else + { + $optionlist_mod = ""; + } + switch($basic_auth_level[$forumkey]) + { + case 'public': + $row_class = "authall"; + break; + case 'private': + $row_class = "authacl"; + break; + case 'moderate': + $row_class = "authmod"; + break; + case 'admin': + $row_class = "authadmin"; + break; + default: + $row_class = "authall"; + break; + } + + $template->assign_block_vars("restrictedforums", array( + "ROW_CLASS" => $row_class, + "FORUM_NAME" => $forum_access[$i]['forum_name'], + + "SELECT_GRANT_LIST" => "$optionlist_grant", + "SELECT_MOD_LIST" => "") + ); + $i++; + } + } + else + { + while(list($forumkey, $user_ary) = each($auth_user)) { echo "\n"; - echo "\t\n"; + echo "\t\n"; while(list($fieldkey, $value) = each($user_ary)) { $can_they = ($auth_user[$forumkey][$fieldkey]) ? "Yes" : "No"; echo "\t\n"; } echo "\n"; + $i++; } - $i++; } reset($auth_user); -?> -

Forum Name	Moderator
".$f_access[$i]['forum_name']."	" . $f_access[$i]['forum_name'] . "	$can_they

-assign_vars(array( + "USERNAME" => $t_username, + "USERTYPE" => $t_usertype, + + "USER_GROUP_LIST" => $t_usergroup_list) + ); + + $template->pparse("body"); + } else { + // + // Default user selection box + // This should be altered on the final + // system to list users via an alphabetical + // selection system ... otherwise this + // could get 'cumbersome' for boards + // with several thousand users! + // + $sql = "SELECT user_id, username FROM ".USERS_TABLE; $u_result = $db->sql_query($sql); $user_list = $db->sql_fetchrowset($u_result); -?> -

- - - - - - -

Select a User
"; -?>

-set_filenames(array( + "body" => "admin/userauth_select_body.tpl")); -} + $template->assign_vars(array( + "S_USERAUTH_ACTION" => append_sid("userauth.$phpEx"), + "S_USERS_SELECT" => $select_list, + + "U_FORUMAUTH" => append_sid("forumauth.$phpEx")) + ); -?> - -

Forum Authorisation Admin