[ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /*************************************************************************** 3 * admin_groups.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * $Id: admin_groups.php 5614 2006-03-09 19:42:41Z grahamje $ 10 * 11 * 12 ***************************************************************************/ 13 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 define('IN_PHPBB', 1); 24 25 if ( !empty($setmodules) ) 26 { 27 $filename = basename(__FILE__); 28 $module['Groups']['Manage'] = $filename; 29 30 return; 31 } 32 33 // 34 // Load default header 35 // 36 $phpbb_root_path = './../'; 37 require ($phpbb_root_path . 'extension.inc'); 38 require('./pagestart.' . $phpEx); 39 40 if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) ) 41 { 42 $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); 43 } 44 else 45 { 46 $group_id = 0; 47 } 48 49 if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) 50 { 51 $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; 52 $mode = htmlspecialchars($mode); 53 } 54 else 55 { 56 $mode = ''; 57 } 58 59 if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) ) 60 { 61 // 62 // Ok they are editing a group or creating a new group 63 // 64 $template->set_filenames(array( 65 'body' => 'admin/group_edit_body.tpl') 66 ); 67 68 if ( isset($HTTP_POST_VARS['edit']) ) 69 { 70 // 71 // They're editing. Grab the vars. 72 // 73 $sql = "SELECT * 74 FROM " . GROUPS_TABLE . " 75 WHERE group_single_user <> " . TRUE . " 76 AND group_id = $group_id"; 77 if ( !($result = $db->sql_query($sql)) ) 78 { 79 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); 80 } 81 82 if ( !($group_info = $db->sql_fetchrow($result)) ) 83 { 84 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); 85 } 86 87 $mode = 'editgroup'; 88 $template->assign_block_vars('group_edit', array()); 89 90 } 91 else if ( isset($HTTP_POST_VARS['new']) ) 92 { 93 $group_info = array ( 94 'group_name' => '', 95 'group_description' => '', 96 'group_moderator' => '', 97 'group_type' => GROUP_OPEN); 98 $group_open = ' checked="checked"'; 99 100 $mode = 'newgroup'; 101 102 } 103 104 // 105 // Ok, now we know everything about them, let's show the page. 106 // 107 if ($group_info['group_moderator'] != '') 108 { 109 $sql = "SELECT user_id, username 110 FROM " . USERS_TABLE . " 111 WHERE user_id = " . $group_info['group_moderator']; 112 if ( !($result = $db->sql_query($sql)) ) 113 { 114 message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); 115 } 116 117 if ( !($row = $db->sql_fetchrow($result)) ) 118 { 119 message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql); 120 } 121 122 $group_moderator = $row['username']; 123 } 124 else 125 { 126 $group_moderator = ''; 127 } 128 129 $group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : ''; 130 $group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : ''; 131 $group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : ''; 132 133 $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; 134 135 $template->assign_vars(array( 136 'GROUP_NAME' => $group_info['group_name'], 137 'GROUP_DESCRIPTION' => $group_info['group_description'], 138 'GROUP_MODERATOR' => $group_moderator, 139 140 'L_GROUP_TITLE' => $lang['Group_administration'], 141 'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], 142 'L_GROUP_NAME' => $lang['group_name'], 143 'L_GROUP_DESCRIPTION' => $lang['group_description'], 144 'L_GROUP_MODERATOR' => $lang['group_moderator'], 145 'L_FIND_USERNAME' => $lang['Find_username'], 146 'L_GROUP_STATUS' => $lang['group_status'], 147 'L_GROUP_OPEN' => $lang['group_open'], 148 'L_GROUP_CLOSED' => $lang['group_closed'], 149 'L_GROUP_HIDDEN' => $lang['group_hidden'], 150 'L_GROUP_DELETE' => $lang['group_delete'], 151 'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'], 152 'L_SUBMIT' => $lang['Submit'], 153 'L_RESET' => $lang['Reset'], 154 'L_DELETE_MODERATOR' => $lang['delete_group_moderator'], 155 'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'], 156 'L_YES' => $lang['Yes'], 157 158 'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"), 159 160 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 161 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 162 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 163 'S_GROUP_OPEN_CHECKED' => $group_open, 164 'S_GROUP_CLOSED_CHECKED' => $group_closed, 165 'S_GROUP_HIDDEN_CHECKED' => $group_hidden, 166 'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"), 167 'S_HIDDEN_FIELDS' => $s_hidden_fields) 168 ); 169 170 $template->pparse('body'); 171 172 } 173 else if ( isset($HTTP_POST_VARS['group_update']) ) 174 { 175 // 176 // Ok, they are submitting a group, let's save the data based on if it's new or editing 177 // 178 if ( isset($HTTP_POST_VARS['group_delete']) ) 179 { 180 // 181 // Reset User Moderator Level 182 // 183 184 // Is Group moderating a forum ? 185 $sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . " 186 WHERE group_id = " . $group_id; 187 if ( !($result = $db->sql_query($sql)) ) 188 { 189 message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql); 190 } 191 192 $row = $db->sql_fetchrow($result); 193 if (intval($row['auth_mod']) == 1) 194 { 195 // Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums 196 $sql = "SELECT user_id FROM " . USER_GROUP_TABLE . " 197 WHERE group_id = " . $group_id; 198 if ( !($result = $db->sql_query($sql)) ) 199 { 200 message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql); 201 } 202 203 $rows = $db->sql_fetchrowset($result); 204 for ($i = 0; $i < count($rows); $i++) 205 { 206 $sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug 207 WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id) 208 AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")"; 209 if ( !($result = $db->sql_query($sql)) ) 210 { 211 message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql); 212 } 213 214 if ($db->sql_numrows($result) == 0) 215 { 216 $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . " 217 WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']); 218 219 if ( !$db->sql_query($sql) ) 220 { 221 message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql); 222 } 223 } 224 } 225 } 226 227 // 228 // Delete Group 229 // 230 $sql = "DELETE FROM " . GROUPS_TABLE . " 231 WHERE group_id = " . $group_id; 232 if ( !$db->sql_query($sql) ) 233 { 234 message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql); 235 } 236 237 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 238 WHERE group_id = " . $group_id; 239 if ( !$db->sql_query($sql) ) 240 { 241 message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql); 242 } 243 244 $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " 245 WHERE group_id = " . $group_id; 246 if ( !$db->sql_query($sql) ) 247 { 248 message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql); 249 } 250 251 $message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>'); 252 253 message_die(GENERAL_MESSAGE, $message); 254 } 255 else 256 { 257 $group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN; 258 $group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : ''; 259 $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : ''; 260 $group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : ''; 261 $delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false; 262 263 if ( $group_name == '' ) 264 { 265 message_die(GENERAL_MESSAGE, $lang['No_group_name']); 266 } 267 else if ( $group_moderator == '' ) 268 { 269 message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); 270 } 271 272 $this_userdata = get_userdata($group_moderator, true); 273 $group_moderator = $this_userdata['user_id']; 274 275 if ( !$group_moderator ) 276 { 277 message_die(GENERAL_MESSAGE, $lang['No_group_moderator']); 278 } 279 280 if( $mode == "editgroup" ) 281 { 282 $sql = "SELECT * 283 FROM " . GROUPS_TABLE . " 284 WHERE group_single_user <> " . TRUE . " 285 AND group_id = " . $group_id; 286 if ( !($result = $db->sql_query($sql)) ) 287 { 288 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); 289 } 290 291 if( !($group_info = $db->sql_fetchrow($result)) ) 292 { 293 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); 294 } 295 296 if ( $group_info['group_moderator'] != $group_moderator ) 297 { 298 if ( $delete_old_moderator ) 299 { 300 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 301 WHERE user_id = " . $group_info['group_moderator'] . " 302 AND group_id = " . $group_id; 303 if ( !$db->sql_query($sql) ) 304 { 305 message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql); 306 } 307 } 308 309 $sql = "SELECT user_id 310 FROM " . USER_GROUP_TABLE . " 311 WHERE user_id = $group_moderator 312 AND group_id = $group_id"; 313 if ( !($result = $db->sql_query($sql)) ) 314 { 315 message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql); 316 } 317 318 if ( !($row = $db->sql_fetchrow($result)) ) 319 { 320 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 321 VALUES (" . $group_id . ", " . $group_moderator . ", 0)"; 322 if ( !$db->sql_query($sql) ) 323 { 324 message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql); 325 } 326 } 327 } 328 329 $sql = "UPDATE " . GROUPS_TABLE . " 330 SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator 331 WHERE group_id = $group_id"; 332 if ( !$db->sql_query($sql) ) 333 { 334 message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql); 335 } 336 337 $message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');; 338 339 message_die(GENERAL_MESSAGE, $message); 340 } 341 else if( $mode == 'newgroup' ) 342 { 343 $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) 344 VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')"; 345 if ( !$db->sql_query($sql) ) 346 { 347 message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql); 348 } 349 $new_group_id = $db->sql_nextid(); 350 351 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 352 VALUES ($new_group_id, $group_moderator, 0)"; 353 if ( !$db->sql_query($sql) ) 354 { 355 message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql); 356 } 357 358 $message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');; 359 360 message_die(GENERAL_MESSAGE, $message); 361 362 } 363 else 364 { 365 message_die(GENERAL_MESSAGE, $lang['No_group_action']); 366 } 367 } 368 } 369 else 370 { 371 $sql = "SELECT group_id, group_name 372 FROM " . GROUPS_TABLE . " 373 WHERE group_single_user <> " . TRUE . " 374 ORDER BY group_name"; 375 if ( !($result = $db->sql_query($sql)) ) 376 { 377 message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql); 378 } 379 380 $select_list = ''; 381 if ( $row = $db->sql_fetchrow($result) ) 382 { 383 $select_list .= '<select name="' . POST_GROUPS_URL . '">'; 384 do 385 { 386 $select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; 387 } 388 while ( $row = $db->sql_fetchrow($result) ); 389 $select_list .= '</select>'; 390 } 391 392 $template->set_filenames(array( 393 'body' => 'admin/group_select_body.tpl') 394 ); 395 396 $template->assign_vars(array( 397 'L_GROUP_TITLE' => $lang['Group_administration'], 398 'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'], 399 'L_GROUP_SELECT' => $lang['Select_group'], 400 'L_LOOK_UP' => $lang['Look_up_group'], 401 'L_CREATE_NEW_GROUP' => $lang['New_group'], 402 403 'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"), 404 'S_GROUP_SELECT' => $select_list) 405 ); 406 407 if ( $select_list != '' ) 408 { 409 $template->assign_block_vars('select_box', array()); 410 } 411 412 $template->pparse('body'); 413 } 414 415 include('./page_footer_admin.'.$phpEx); 416 417 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Mon Jan 14 19:21:40 2013 | Cross-referenced by PHPXref 0.7.1 |