| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * @package ucp 5 * @version $Id$ 6 * @copyright (c) 2005 phpBB Group 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 8 * 9 */ 10 11 /** 12 * @ignore 13 */ 14 if (!defined('IN_PHPBB')) 15 { 16 exit; 17 } 18 19 /** 20 * ucp_groups 21 * @package ucp 22 */ 23 class ucp_groups 24 { 25 var $u_action; 26 27 function main($id, $mode) 28 { 29 global $config, $phpbb_root_path, $phpEx; 30 global $db, $user, $auth, $cache, $template; 31 32 $user->add_lang('groups'); 33 34 $return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>'); 35 36 $mark_ary = request_var('mark', array(0)); 37 $submit = (!empty($_POST['submit'])) ? true : false; 38 $delete = (!empty($_POST['delete'])) ? true : false; 39 $error = $data = array(); 40 41 switch ($mode) 42 { 43 case 'membership': 44 45 $this->page_title = 'UCP_USERGROUPS_MEMBER'; 46 47 if ($submit || isset($_POST['change_default'])) 48 { 49 $action = (isset($_POST['change_default'])) ? 'change_default' : request_var('action', ''); 50 $group_id = ($action == 'change_default') ? request_var('default', 0) : request_var('selected', 0); 51 52 if (!$group_id) 53 { 54 trigger_error('NO_GROUP_SELECTED'); 55 } 56 57 $sql = 'SELECT group_id, group_name, group_type 58 FROM ' . GROUPS_TABLE . " 59 WHERE group_id IN ($group_id, {$user->data['group_id']})"; 60 $result = $db->sql_query($sql); 61 62 $group_row = array(); 63 while ($row = $db->sql_fetchrow($result)) 64 { 65 $row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']; 66 $group_row[$row['group_id']] = $row; 67 } 68 $db->sql_freeresult($result); 69 70 if (!sizeof($group_row)) 71 { 72 trigger_error('GROUP_NOT_EXIST'); 73 } 74 75 switch ($action) 76 { 77 case 'change_default': 78 // User already having this group set as default? 79 if ($group_id == $user->data['group_id']) 80 { 81 trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page); 82 } 83 84 if (!$auth->acl_get('u_chggrp')) 85 { 86 trigger_error($user->lang['NOT_AUTHORISED'] . $return_page); 87 } 88 89 // User needs to be member of the group in order to make it default 90 if (!group_memberships($group_id, $user->data['user_id'], true)) 91 { 92 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 93 } 94 95 if (confirm_box(true)) 96 { 97 group_user_attributes('default', $group_id, $user->data['user_id']); 98 99 add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])); 100 101 meta_refresh(3, $this->u_action); 102 trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page); 103 } 104 else 105 { 106 $s_hidden_fields = array( 107 'default' => $group_id, 108 'change_default'=> true 109 ); 110 111 confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields)); 112 } 113 114 break; 115 116 case 'resign': 117 118 // User tries to resign from default group but is not allowed to change it? 119 if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) 120 { 121 trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page); 122 } 123 124 if (!($row = group_memberships($group_id, $user->data['user_id']))) 125 { 126 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 127 } 128 list(, $row) = each($row); 129 130 $sql = 'SELECT group_type 131 FROM ' . GROUPS_TABLE . ' 132 WHERE group_id = ' . $group_id; 133 $result = $db->sql_query($sql); 134 $group_type = (int) $db->sql_fetchfield('group_type'); 135 $db->sql_freeresult($result); 136 137 if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) 138 { 139 trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page); 140 } 141 142 if (confirm_box(true)) 143 { 144 group_user_del($group_id, $user->data['user_id']); 145 146 add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']); 147 148 meta_refresh(3, $this->u_action); 149 trigger_error($user->lang[($row['user_pending']) ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page); 150 } 151 else 152 { 153 $s_hidden_fields = array( 154 'selected' => $group_id, 155 'action' => 'resign', 156 'submit' => true 157 ); 158 159 confirm_box(false, ($row['user_pending']) ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields)); 160 } 161 162 break; 163 164 case 'join': 165 166 $sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email 167 FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u 168 WHERE ug.user_id = u.user_id 169 AND ug.group_id = ' . $group_id . ' 170 AND ug.user_id = ' . $user->data['user_id']; 171 $result = $db->sql_query($sql); 172 $row = $db->sql_fetchrow($result); 173 $db->sql_freeresult($result); 174 175 if ($row) 176 { 177 if ($row['user_pending']) 178 { 179 trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page); 180 } 181 182 trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page); 183 } 184 185 // Check permission to join (open group or request) 186 if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) 187 { 188 trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page); 189 } 190 191 if (confirm_box(true)) 192 { 193 if ($group_row[$group_id]['group_type'] == GROUP_FREE) 194 { 195 group_user_add($group_id, $user->data['user_id']); 196 } 197 else 198 { 199 group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1); 200 201 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); 202 $messenger = new messenger(); 203 204 $sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang 205 FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u 206 WHERE ug.user_id = u.user_id 207 AND ug.group_leader = 1 208 AND ug.group_id = $group_id"; 209 $result = $db->sql_query($sql); 210 211 while ($row = $db->sql_fetchrow($result)) 212 { 213 $messenger->template('group_request', $row['user_lang']); 214 215 $messenger->to($row['user_email'], $row['username']); 216 $messenger->im($row['user_jabber'], $row['username']); 217 218 $messenger->assign_vars(array( 219 'USERNAME' => htmlspecialchars_decode($row['username']), 220 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), 221 'REQUEST_USERNAME' => $user->data['username'], 222 223 'U_PENDING' => generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id", 224 'U_GROUP' => generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id") 225 ); 226 227 $messenger->send($row['user_notify_type']); 228 } 229 $db->sql_freeresult($result); 230 231 $messenger->save_queue(); 232 } 233 234 add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']); 235 236 meta_refresh(3, $this->u_action); 237 trigger_error($user->lang[($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page); 238 } 239 else 240 { 241 $s_hidden_fields = array( 242 'selected' => $group_id, 243 'action' => 'join', 244 'submit' => true 245 ); 246 247 confirm_box(false, ($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields)); 248 } 249 250 break; 251 252 case 'demote': 253 254 if (!($row = group_memberships($group_id, $user->data['user_id']))) 255 { 256 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 257 } 258 list(, $row) = each($row); 259 260 if (!$row['group_leader']) 261 { 262 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 263 } 264 265 if (confirm_box(true)) 266 { 267 group_user_attributes('demote', $group_id, $user->data['user_id']); 268 269 add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']); 270 271 meta_refresh(3, $this->u_action); 272 trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page); 273 } 274 else 275 { 276 $s_hidden_fields = array( 277 'selected' => $group_id, 278 'action' => 'demote', 279 'submit' => true 280 ); 281 282 confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields)); 283 } 284 285 break; 286 } 287 } 288 289 $sql = 'SELECT g.*, ug.group_leader, ug.user_pending 290 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug 291 WHERE ug.user_id = ' . $user->data['user_id'] . ' 292 AND g.group_id = ug.group_id 293 ORDER BY g.group_type DESC, g.group_name'; 294 $result = $db->sql_query($sql); 295 296 $group_id_ary = array(); 297 $leader_count = $member_count = $pending_count = 0; 298 while ($row = $db->sql_fetchrow($result)) 299 { 300 $block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member'); 301 302 switch ($row['group_type']) 303 { 304 case GROUP_OPEN: 305 $group_status = 'OPEN'; 306 break; 307 308 case GROUP_CLOSED: 309 $group_status = 'CLOSED'; 310 break; 311 312 case GROUP_HIDDEN: 313 $group_status = 'HIDDEN'; 314 break; 315 316 case GROUP_SPECIAL: 317 $group_status = 'SPECIAL'; 318 break; 319 320 case GROUP_FREE: 321 $group_status = 'FREE'; 322 break; 323 } 324 325 $template->assign_block_vars($block, array( 326 'GROUP_ID' => $row['group_id'], 327 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 328 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 329 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, 330 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 331 'GROUP_COLOUR' => $row['group_colour'], 332 333 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), 334 335 'S_GROUP_DEFAULT' => ($row['group_id'] == $user->data['group_id']) ? true : false, 336 'S_ROW_COUNT' => ${$block . '_count'}++) 337 ); 338 339 $group_id_ary[] = (int) $row['group_id']; 340 } 341 $db->sql_freeresult($result); 342 343 // Hide hidden groups unless user is an admin with group privileges 344 $sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')'; 345 346 $sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage 347 FROM ' . GROUPS_TABLE . ' 348 WHERE ' . ((sizeof($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . " 349 group_type $sql_and 350 ORDER BY group_type DESC, group_name"; 351 $result = $db->sql_query($sql); 352 353 $nonmember_count = 0; 354 while ($row = $db->sql_fetchrow($result)) 355 { 356 switch ($row['group_type']) 357 { 358 case GROUP_OPEN: 359 $group_status = 'OPEN'; 360 break; 361 362 case GROUP_CLOSED: 363 $group_status = 'CLOSED'; 364 break; 365 366 case GROUP_HIDDEN: 367 $group_status = 'HIDDEN'; 368 break; 369 370 case GROUP_SPECIAL: 371 $group_status = 'SPECIAL'; 372 break; 373 374 case GROUP_FREE: 375 $group_status = 'FREE'; 376 break; 377 } 378 379 $template->assign_block_vars('nonmember', array( 380 'GROUP_ID' => $row['group_id'], 381 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 382 'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 383 'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true, 384 'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true, 385 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 386 'S_CAN_JOIN' => ($row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE) ? true : false, 387 'GROUP_COLOUR' => $row['group_colour'], 388 389 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&g=' . $row['group_id']), 390 391 'S_ROW_COUNT' => $nonmember_count++) 392 ); 393 } 394 $db->sql_freeresult($result); 395 396 $template->assign_vars(array( 397 'S_CHANGE_DEFAULT' => ($auth->acl_get('u_chggrp')) ? true : false, 398 'S_LEADER_COUNT' => $leader_count, 399 'S_MEMBER_COUNT' => $member_count, 400 'S_PENDING_COUNT' => $pending_count, 401 'S_NONMEMBER_COUNT' => $nonmember_count, 402 403 'S_UCP_ACTION' => $this->u_action) 404 ); 405 406 break; 407 408 case 'manage': 409 410 $this->page_title = 'UCP_USERGROUPS_MANAGE'; 411 $action = (isset($_POST['addusers'])) ? 'addusers' : request_var('action', ''); 412 $group_id = request_var('g', 0); 413 414 include($phpbb_root_path . 'includes/functions_display.' . $phpEx); 415 416 add_form_key('ucp_groups'); 417 418 if ($group_id) 419 { 420 $sql = 'SELECT * 421 FROM ' . GROUPS_TABLE . " 422 WHERE group_id = $group_id"; 423 $result = $db->sql_query($sql); 424 $group_row = $db->sql_fetchrow($result); 425 $db->sql_freeresult($result); 426 427 if (!$group_row) 428 { 429 trigger_error($user->lang['NO_GROUP'] . $return_page); 430 } 431 432 // Check if the user is allowed to manage this group if set to founder only. 433 if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) 434 { 435 trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING); 436 } 437 438 $group_name = $group_row['group_name']; 439 $group_type = $group_row['group_type']; 440 441 $avatar_img = (!empty($group_row['group_avatar'])) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />'; 442 443 $template->assign_vars(array( 444 'GROUP_NAME' => ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name, 445 'GROUP_INTERNAL_NAME' => $group_name, 446 'GROUP_COLOUR' => (isset($group_row['group_colour'])) ? $group_row['group_colour'] : '', 447 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 448 'GROUP_TYPE' => $group_row['group_type'], 449 450 'AVATAR' => $avatar_img, 451 'AVATAR_IMAGE' => $avatar_img, 452 'AVATAR_WIDTH' => (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '', 453 'AVATAR_HEIGHT' => (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '', 454 )); 455 } 456 457 switch ($action) 458 { 459 case 'edit': 460 461 if (!$group_id) 462 { 463 trigger_error($user->lang['NO_GROUP'] . $return_page); 464 } 465 466 if (!($row = group_memberships($group_id, $user->data['user_id']))) 467 { 468 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 469 } 470 list(, $row) = each($row); 471 472 if (!$row['group_leader']) 473 { 474 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 475 } 476 477 $file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false; 478 $user->add_lang(array('acp/groups', 'acp/common')); 479 480 $data = $submit_ary = array(); 481 482 $update = (isset($_POST['update'])) ? true : false; 483 484 $error = array(); 485 486 $avatar_select = basename(request_var('avatar_select', '')); 487 $category = basename(request_var('category', '')); 488 489 $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; 490 491 // Did we submit? 492 if ($update) 493 { 494 $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); 495 $group_desc = utf8_normalize_nfc(request_var('group_desc', '', true)); 496 $group_type = request_var('group_type', GROUP_FREE); 497 498 $allow_desc_bbcode = request_var('desc_parse_bbcode', false); 499 $allow_desc_urls = request_var('desc_parse_urls', false); 500 $allow_desc_smilies = request_var('desc_parse_smilies', false); 501 502 $submit_ary = array( 503 'colour' => request_var('group_colour', ''), 504 'rank' => request_var('group_rank', 0), 505 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 506 'message_limit' => request_var('group_message_limit', 0), 507 'max_recipients'=> request_var('group_max_recipients', 0), 508 ); 509 510 $data['uploadurl'] = request_var('uploadurl', ''); 511 $data['remotelink'] = request_var('remotelink', ''); 512 $data['width'] = request_var('width', ''); 513 $data['height'] = request_var('height', ''); 514 $delete = request_var('delete', ''); 515 516 if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) 517 { 518 // Avatar stuff 519 $var_ary = array( 520 'uploadurl' => array('string', true, 5, 255), 521 'remotelink' => array('string', true, 5, 255), 522 'width' => array('string', true, 1, 3), 523 'height' => array('string', true, 1, 3), 524 ); 525 526 if (!($error = validate_data($data, $var_ary))) 527 { 528 $data['user_id'] = "g$group_id"; 529 530 if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) 531 { 532 list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error); 533 } 534 else if ($data['remotelink']) 535 { 536 list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error); 537 } 538 } 539 } 540 else if ($avatar_select && $config['allow_avatar_local']) 541 { 542 // check avatar gallery 543 if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) 544 { 545 $submit_ary['avatar_type'] = AVATAR_GALLERY; 546 547 list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select); 548 $submit_ary['avatar'] = $category . '/' . $avatar_select; 549 } 550 } 551 else if ($delete) 552 { 553 $submit_ary['avatar'] = ''; 554 $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0; 555 } 556 else if ($data['width'] && $data['height']) 557 { 558 // Only update the dimensions? 559 if ($config['avatar_max_width'] || $config['avatar_max_height']) 560 { 561 if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) 562 { 563 $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); 564 } 565 } 566 567 if (!sizeof($error)) 568 { 569 if ($config['avatar_min_width'] || $config['avatar_min_height']) 570 { 571 if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) 572 { 573 $error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']); 574 } 575 } 576 } 577 578 if (!sizeof($error)) 579 { 580 $submit_ary['avatar_width'] = $data['width']; 581 $submit_ary['avatar_height'] = $data['height']; 582 } 583 } 584 585 if ((isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']))) || $delete) 586 { 587 if (isset($group_row['group_avatar']) && $group_row['group_avatar']) 588 { 589 avatar_delete('group', $group_row, true); 590 } 591 } 592 593 if (!check_form_key('ucp_groups')) 594 { 595 $error[] = $user->lang['FORM_INVALID']; 596 } 597 598 // Validate submitted colour value 599 if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true)))) 600 { 601 // Replace "error" string with its real, localised form 602 $error = array_merge($error, $colour_error); 603 } 604 605 if (!sizeof($error)) 606 { 607 // Only set the rank, colour, etc. if it's changed or if we're adding a new 608 // group. This prevents existing group members being updated if no changes 609 // were made. 610 611 $group_attributes = array(); 612 $test_variables = array( 613 'rank' => 'int', 614 'colour' => 'string', 615 'avatar' => 'string', 616 'avatar_type' => 'int', 617 'avatar_width' => 'int', 618 'avatar_height' => 'int', 619 'receive_pm' => 'int', 620 'legend' => 'int', 621 'message_limit' => 'int', 622 'max_recipients'=> 'int', 623 ); 624 625 foreach ($test_variables as $test => $type) 626 { 627 if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) 628 { 629 settype($submit_ary[$test], $type); 630 $group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test]; 631 } 632 } 633 634 if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) 635 { 636 $cache->destroy('sql', GROUPS_TABLE); 637 638 $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; 639 trigger_error($user->lang[$message] . $return_page); 640 } 641 } 642 643 if (sizeof($error)) 644 { 645 $error = array_map(array(&$user, 'lang'), $error); 646 $group_rank = $submit_ary['rank']; 647 648 $group_desc_data = array( 649 'text' => $group_desc, 650 'allow_bbcode' => $allow_desc_bbcode, 651 'allow_smilies' => $allow_desc_smilies, 652 'allow_urls' => $allow_desc_urls 653 ); 654 } 655 } 656 else if (!$group_id) 657 { 658 $group_name = utf8_normalize_nfc(request_var('group_name', '', true)); 659 $group_desc_data = array( 660 'text' => '', 661 'allow_bbcode' => true, 662 'allow_smilies' => true, 663 'allow_urls' => true 664 ); 665 $group_rank = 0; 666 $group_type = GROUP_OPEN; 667 } 668 else 669 { 670 $group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']); 671 $group_rank = $group_row['group_rank']; 672 } 673 674 $sql = 'SELECT * 675 FROM ' . RANKS_TABLE . ' 676 WHERE rank_special = 1 677 ORDER BY rank_title'; 678 $result = $db->sql_query($sql); 679 680 $rank_options = '<option value="0"' . ((!$group_rank) ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>'; 681 while ($row = $db->sql_fetchrow($result)) 682 { 683 $selected = ($group_rank && $row['rank_id'] == $group_rank) ? ' selected="selected"' : ''; 684 $rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>'; 685 } 686 $db->sql_freeresult($result); 687 688 $type_free = ($group_type == GROUP_FREE) ? ' checked="checked"' : ''; 689 $type_open = ($group_type == GROUP_OPEN) ? ' checked="checked"' : ''; 690 $type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : ''; 691 $type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : ''; 692 693 $display_gallery = (isset($_POST['display_gallery'])) ? true : false; 694 695 if ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery) 696 { 697 avatar_gallery($category, $avatar_select, 4); 698 } 699 700 $avatars_enabled = ($config['allow_avatar'] && (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false; 701 702 $template->assign_vars(array( 703 'S_EDIT' => true, 704 'S_INCLUDE_SWATCH' => true, 705 'S_FORM_ENCTYPE' => ($config['allow_avatar'] && $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '', 706 'S_ERROR' => (sizeof($error)) ? true : false, 707 'S_SPECIAL_GROUP' => ($group_type == GROUP_SPECIAL) ? true : false, 708 'S_AVATARS_ENABLED' => $avatars_enabled, 709 'S_DISPLAY_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false, 710 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false, 711 712 'S_UPLOAD_AVATAR_FILE' => ($config['allow_avatar'] && $config['allow_avatar_upload'] && $can_upload) ? true : false, 713 'S_UPLOAD_AVATAR_URL' => ($config['allow_avatar'] && $config['allow_avatar_remote_upload'] && $can_upload) ? true : false, 714 'S_LINK_AVATAR' => ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false, 715 716 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '', 717 'GROUP_RECEIVE_PM' => (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '', 718 'GROUP_MESSAGE_LIMIT' => (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0, 719 'GROUP_MAX_RECIPIENTS' => (isset($group_row['group_max_recipients'])) ? $group_row['group_max_recipients'] : 0, 720 721 'GROUP_DESC' => $group_desc_data['text'], 722 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 723 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 724 'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'], 725 726 'S_RANK_OPTIONS' => $rank_options, 727 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 728 729 'GROUP_TYPE_FREE' => GROUP_FREE, 730 'GROUP_TYPE_OPEN' => GROUP_OPEN, 731 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 732 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 733 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 734 735 'GROUP_FREE' => $type_free, 736 'GROUP_OPEN' => $type_open, 737 'GROUP_CLOSED' => $type_closed, 738 'GROUP_HIDDEN' => $type_hidden, 739 740 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&name=group_colour'), 741 'S_UCP_ACTION' => $this->u_action . "&action=$action&g=$group_id", 742 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024), 743 )); 744 745 break; 746 747 case 'list': 748 749 if (!$group_id) 750 { 751 trigger_error($user->lang['NO_GROUP'] . $return_page); 752 } 753 754 if (!($row = group_memberships($group_id, $user->data['user_id']))) 755 { 756 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 757 } 758 list(, $row) = each($row); 759 760 if (!$row['group_leader']) 761 { 762 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 763 } 764 765 $user->add_lang(array('acp/groups', 'acp/common')); 766 $start = request_var('start', 0); 767 768 // Grab the leaders - always, on every page... 769 $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending 770 FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug 771 WHERE ug.group_id = $group_id 772 AND u.user_id = ug.user_id 773 AND ug.group_leader = 1 774 ORDER BY ug.user_pending DESC, u.username_clean"; 775 $result = $db->sql_query($sql); 776 777 while ($row = $db->sql_fetchrow($result)) 778 { 779 $template->assign_block_vars('leader', array( 780 'USERNAME' => $row['username'], 781 'USERNAME_COLOUR' => $row['user_colour'], 782 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 783 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 784 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, 785 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', 786 'USER_POSTS' => $row['user_posts'], 787 'USER_ID' => $row['user_id']) 788 ); 789 } 790 $db->sql_freeresult($result); 791 792 // Total number of group members (non-leaders) 793 $sql = 'SELECT COUNT(user_id) AS total_members 794 FROM ' . USER_GROUP_TABLE . " 795 WHERE group_id = $group_id 796 AND group_leader = 0"; 797 $result = $db->sql_query($sql); 798 $total_members = (int) $db->sql_fetchfield('total_members'); 799 $db->sql_freeresult($result); 800 801 // Grab the members 802 $sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending 803 FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug 804 WHERE ug.group_id = $group_id 805 AND u.user_id = ug.user_id 806 AND ug.group_leader = 0 807 ORDER BY ug.user_pending DESC, u.username_clean"; 808 $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start); 809 810 $pending = false; 811 $approved = false; 812 813 while ($row = $db->sql_fetchrow($result)) 814 { 815 if ($row['user_pending'] && !$pending) 816 { 817 $template->assign_block_vars('member', array( 818 'S_PENDING' => true) 819 ); 820 $template->assign_var('S_PENDING_SET', true); 821 822 $pending = true; 823 } 824 else if (!$row['user_pending'] && !$approved) 825 { 826 $template->assign_block_vars('member', array( 827 'S_APPROVED' => true) 828 ); 829 $template->assign_var('S_APPROVED_SET', true); 830 831 $approved = true; 832 } 833 834 $template->assign_block_vars('member', array( 835 'USERNAME' => $row['username'], 836 'USERNAME_COLOUR' => $row['user_colour'], 837 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 838 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 839 'S_GROUP_DEFAULT' => ($row['group_id'] == $group_id) ? true : false, 840 'JOINED' => ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ', 841 'USER_POSTS' => $row['user_posts'], 842 'USER_ID' => $row['user_id']) 843 ); 844 } 845 $db->sql_freeresult($result); 846 847 $s_action_options = ''; 848 $options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE'); 849 850 foreach ($options as $option => $lang) 851 { 852 $s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>'; 853 } 854 855 $template->assign_vars(array( 856 'S_LIST' => true, 857 'S_ACTION_OPTIONS' => $s_action_options, 858 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 859 'PAGINATION' => generate_pagination($this->u_action . "&action=$action&g=$group_id", $total_members, $config['topics_per_page'], $start), 860 861 'U_ACTION' => $this->u_action . "&g=$group_id", 862 'S_UCP_ACTION' => $this->u_action . "&g=$group_id", 863 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'), 864 )); 865 866 break; 867 868 case 'approve': 869 870 if (!$group_id) 871 { 872 trigger_error($user->lang['NO_GROUP'] . $return_page); 873 } 874 875 if (!($row = group_memberships($group_id, $user->data['user_id']))) 876 { 877 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 878 } 879 list(, $row) = each($row); 880 881 if (!$row['group_leader']) 882 { 883 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 884 } 885 886 $user->add_lang('acp/groups'); 887 888 // Approve, demote or promote 889 group_user_attributes('approve', $group_id, $mark_ary, false, false); 890 891 trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 892 893 break; 894 895 case 'default': 896 897 if (!$group_id) 898 { 899 trigger_error($user->lang['NO_GROUP'] . $return_page); 900 } 901 902 if (!($row = group_memberships($group_id, $user->data['user_id']))) 903 { 904 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 905 } 906 list(, $row) = each($row); 907 908 if (!$row['group_leader']) 909 { 910 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 911 } 912 913 $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; 914 915 if (confirm_box(true)) 916 { 917 if (!sizeof($mark_ary)) 918 { 919 $start = 0; 920 921 do 922 { 923 $sql = 'SELECT user_id 924 FROM ' . USER_GROUP_TABLE . " 925 WHERE group_id = $group_id 926 ORDER BY user_id"; 927 $result = $db->sql_query_limit($sql, 200, $start); 928 929 $mark_ary = array(); 930 if ($row = $db->sql_fetchrow($result)) 931 { 932 do 933 { 934 $mark_ary[] = $row['user_id']; 935 } 936 while ($row = $db->sql_fetchrow($result)); 937 938 group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); 939 940 $start = (sizeof($mark_ary) < 200) ? 0 : $start + 200; 941 } 942 else 943 { 944 $start = 0; 945 } 946 $db->sql_freeresult($result); 947 } 948 while ($start); 949 } 950 else 951 { 952 group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row); 953 } 954 955 $user->add_lang('acp/groups'); 956 957 trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 958 } 959 else 960 { 961 $user->add_lang('acp/common'); 962 963 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 964 'mark' => $mark_ary, 965 'g' => $group_id, 966 'i' => $id, 967 'mode' => $mode, 968 'action' => $action)) 969 ); 970 } 971 972 // redirect to last screen 973 redirect($this->u_action . '&action=list&g=' . $group_id); 974 975 break; 976 977 case 'deleteusers': 978 979 $user->add_lang(array('acp/groups', 'acp/common')); 980 981 if (!($row = group_memberships($group_id, $user->data['user_id']))) 982 { 983 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 984 } 985 list(, $row) = each($row); 986 987 if (!$row['group_leader']) 988 { 989 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 990 } 991 992 $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; 993 994 if (confirm_box(true)) 995 { 996 if (!$group_id) 997 { 998 trigger_error($user->lang['NO_GROUP'] . $return_page); 999 } 1000 1001 $error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']); 1002 1003 if ($error) 1004 { 1005 trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 1006 } 1007 1008 trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 1009 } 1010 else 1011 { 1012 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 1013 'mark' => $mark_ary, 1014 'g' => $group_id, 1015 'i' => $id, 1016 'mode' => $mode, 1017 'action' => $action)) 1018 ); 1019 } 1020 1021 // redirect to last screen 1022 redirect($this->u_action . '&action=list&g=' . $group_id); 1023 1024 break; 1025 1026 case 'addusers': 1027 1028 $user->add_lang(array('acp/groups', 'acp/common')); 1029 1030 $names = utf8_normalize_nfc(request_var('usernames', '', true)); 1031 1032 if (!$group_id) 1033 { 1034 trigger_error($user->lang['NO_GROUP'] . $return_page); 1035 } 1036 1037 if (!$names) 1038 { 1039 trigger_error($user->lang['NO_USERS'] . $return_page); 1040 } 1041 1042 if (!($row = group_memberships($group_id, $user->data['user_id']))) 1043 { 1044 trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page); 1045 } 1046 list(, $row) = each($row); 1047 1048 if (!$row['group_leader']) 1049 { 1050 trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page); 1051 } 1052 1053 $name_ary = array_unique(explode("\n", $names)); 1054 $group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name']; 1055 1056 $default = request_var('default', 0); 1057 1058 if (confirm_box(true)) 1059 { 1060 // Add user/s to group 1061 if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) 1062 { 1063 trigger_error($user->lang[$error] . $return_page); 1064 } 1065 1066 trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 1067 } 1068 else 1069 { 1070 $s_hidden_fields = array( 1071 'default' => $default, 1072 'usernames' => $names, 1073 'g' => $group_id, 1074 'i' => $id, 1075 'mode' => $mode, 1076 'action' => $action 1077 ); 1078 confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields)); 1079 } 1080 1081 trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>')); 1082 1083 break; 1084 1085 default: 1086 $user->add_lang('acp/common'); 1087 1088 $sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader 1089 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug 1090 WHERE ug.user_id = ' . $user->data['user_id'] . ' 1091 AND g.group_id = ug.group_id 1092 AND ug.group_leader = 1 1093 ORDER BY g.group_type DESC, g.group_name'; 1094 $result = $db->sql_query($sql); 1095 1096 while ($value = $db->sql_fetchrow($result)) 1097 { 1098 $template->assign_block_vars('leader', array( 1099 'GROUP_NAME' => ($value['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $value['group_name']] : $value['group_name'], 1100 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 1101 'GROUP_TYPE' => $value['group_type'], 1102 'GROUP_ID' => $value['group_id'], 1103 'GROUP_COLOUR' => $value['group_colour'], 1104 1105 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 1106 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}") 1107 ); 1108 } 1109 $db->sql_freeresult($result); 1110 1111 break; 1112 } 1113 1114 break; 1115 } 1116 1117 $this->tpl_name = 'ucp_groups_' . $mode; 1118 } 1119 } 1120 1121 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Oct 2 15:03:47 2013 | Cross-referenced by PHPXref 0.7.1 |