mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-25 04:24:31 +02:00
Code Issues Releases Wiki Activity

Switched forum_auth to the forums table

Browse Source 
git-svn-id: file:///svn/phpbb/trunk@506 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
2001-06-17 23:53:04 +00:00
parent 04b0b11e97
commit 2ec0206283
8 changed files with 255 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
phpBB/admin/forumauth.php
View File

@ -38,8 +38,7 @@ $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
{
$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];
// $forum_sql = "WHERE forum_id = $forum_id";
$forum_sql = "AND f.forum_id = $forum_id";
$forum_sql = "WHERE forum_id = $forum_id";
}
else
{
@ -60,8 +59,7 @@ if(isset($HTTP_POST_VARS['submit']))
{
if(!empty($forum_id))
{
// $sql = "UPDATE " . FORUMS_TABLE . " SET ";
$sql = "UPDATE " . AUTH_FORUMS_TABLE . " SET ";
$sql = "UPDATE " . FORUMS_TABLE . " SET ";
if(isset($HTTP_POST_VARS['simpleauth']))
{
@ -79,8 +77,7 @@ if(isset($HTTP_POST_VARS['submit']))
}
else
{
// $sql = "UPDATE " . FORUMS_TABLE . " SET ";
$sql = "UPDATE " . AUTH_FORUMS_TABLE . " SET ";
$sql = "UPDATE " . FORUMS_TABLE . " SET ";
for($i = 0; $i < count($forum_auth_fields); $i++)
{
@ -122,37 +119,13 @@ if(isset($HTTP_POST_VARS['submit']))
//
// Start output
//
/*$sql = "SELECT *
$sql = "SELECT *
FROM ".FORUMS_TABLE."
$forum_sql
ORDER BY forum_id ASC";*/
$sql = "SELECT f.forum_id, f.forum_name, fa.*
FROM " . FORUMS_TABLE . " f, ".AUTH_FORUMS_TABLE." fa
WHERE fa.forum_id = f.forum_id
$forum_sql
ORDER BY f.forum_id ASC";
ORDER BY forum_id ASC";
$f_result = $db->sql_query($sql);
$forum_rows = $db->sql_fetchrowset($f_result);
$sql = "SELECT f.forum_id, u.username, u.user_id
FROM ".FORUMS_TABLE." f, ".USERS_TABLE." u, ".USER_GROUP_TABLE." ug, ".AUTH_ACCESS_TABLE." aa
WHERE aa.forum_id = f.forum_id
AND aa.auth_mod = 1
AND ug.group_id = aa.group_id
AND u.user_id = ug.user_id
ORDER BY f.forum_id, u.user_id";
if(!$q_forum_mods = $db->sql_query($sql))
{
error_die(SQL_QUERY, "Could not query forum moderator information.", __LINE__, __FILE__);
}
$forum_mods_list = $db->sql_fetchrowset($q_forum_mods);
for($i = 0; $i < count($forum_mods_list); $i++)
{
$forum_mods['forum_'.$forum_mods_list[$i]['forum_id'].'_name'][] = $forum_mods_list[$i]['username'];
$forum_mods['forum_'.$forum_mods_list[$i]['forum_id'].'_id'][] = $forum_mods_list[$i]['user_id'];
}
//
// Show data
//

318
phpBB/admin/userauth.php
View File

@ -29,31 +29,187 @@ $auth_field_match = array(
);
$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce", "auth_votecreate", "auth_vote", "auth_attachments");
//
//
//
$adv = (isset($HTTP_GET_VARS['adv'])) ? $HTTP_GET_VARS['adv'] : -1;
//
//
//
if(isset($HTTP_GET_VARS['adv']))
if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
{
$adv = $HTTP_GET_VARS['adv'];
$user_id = $HTTP_POST_VARS[POST_USERS_URL];
//
// This is where things become fun ...
//
// We have to do a pile of cross-checking
// to ensure what the admin has requested
// for a user doesn't conflict with
// permissions already assigned. If they
// do we warn the admin and give them
// options ... where possible
//
//
// Get group_id for this user_id
//
$sql_groupid = "SELECT group_id
FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id";
if(!$result = $db->sql_query($sql_groupid))
{
// Error no such user/group
}
list($group_id) = $db->sql_fetchrow($result);
//
// Carry out requests
//
if( !$HTTP_POST_VARS['makeadmin'] && $HTTP_POST_VARS['curadmin'] )
{
//
// Delete any entries granting moderator
// status in auth_access
//
$sql_unmod = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE group_id = $group_id";
if(!$result = $db->sql_query($sql_unmod))
{
// Error, couldn't delete entries
}
$sql_userlevel = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
WHERE user_id = $user_id";
if(!$result = $db->sql_query($sql_userlevel))
{
// Error, couldn't set user level
}
header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
}
else if( $HTTP_POST_VARS['makeadmin'] && !$HTTP_POST_VARS['curadmin'] )
{
//
// Need to switch on admin
// level, this also requires
// we remove this user from all
// auth fields(?)
//
$sql_userlevel = "UPDATE " . USERS_TABLE . "
SET user_level = " . ADMIN . "
WHERE user_id = $user_id";
if(!$result = $db->sql_query($sql_userlevel))
{
// Error, couldn't set user level
}
//
// Delete any entries in auth_access, they
// are unrequired if user is becoming an
// admin
//
$sql_unmod = "DELETE FROM " . AUTH_ACCESS_TABLE . "
WHERE aa.group_id = $group_id";
if(!$result = $db->sql_query($sql_unmod))
{
// Error, couldn't delete entries
}
//
// Remove user from any groups
//
$sql_rmgrp = "DELETE FROM " . USER_GROUP_TABLE . "
WHERE user_id = $user_id
AND group_id <> $group_id";
if(!$result = $db->sql_query($sql_rmgrp))
{
// Error, couldn't delete entries
}
$sql_mod = "INSERT INTO " . AUTH_ACCESS_TABLE . " (group_id, forum_id, auth_mod)
VALUES ($group_id, 0, 1)";
if(!$result = $db->sql_query($sql_mod))
{
// Error, couldn't delete entries
}
header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
}
else
{
//
// Pull all the group info
// for this user
//
$sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, g.group_single_user
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
AND aa.group_id = ug.group_id
AND g.group_single_user <> 1";
$au_result = $db->sql_query($sql);
$num_u_access = $db->sql_numrows($au_result);
if($num_u_access)
{
$u_access = $db->sql_fetchrowset($au_result);
}
header("Location: userauth.$phpEx?" . POST_USERS_URL . "=$user_id");
}
}
else
else if(empty($HTTP_GET_VARS[POST_USERS_URL]))
{
$adv = -1;
}
//
// Default user selection box
// This should be altered on the final
// system to list users via an alphabetical
// selection system ... otherwise this
// could get 'cumbersome' for boards
// with several thousand users!
//
$sql = "SELECT user_id, username
FROM ".USERS_TABLE;
$u_result = $db->sql_query($sql);
$user_list = $db->sql_fetchrowset($u_result);
if(isset($HTTP_GET_VARS[POST_USERS_URL]))
{
$select_list = "<select name=\"" . POST_USERS_URL . "\">";
for($i = 0; $i < count($user_list); $i++)
{
$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
}
$select_list .= "</select>";
$template->set_filenames(array(
"body" => "admin/userauth_body.tpl"));
"body" => "admin/userauth_select_body.tpl"));
$template->assign_vars(array(
"S_USERAUTH_ACTION" => append_sid("userauth.$phpEx"),
"S_USERS_SELECT" => $select_list,
"U_FORUMAUTH" => append_sid("forumauth.$phpEx"))
);
$template->pparse("body");
exit;
}
$template->set_filenames(array(
"body" => "admin/userauth_body.tpl")
);
$user_id = $HTTP_GET_VARS[POST_USERS_URL];
$sql = "SELECT f.forum_id, f.forum_name, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_announce, fa.auth_sticky, fa.auth_votecreate, fa.auth_vote, fa.auth_attachments
FROM " . FORUMS_TABLE . " f, ".AUTH_FORUMS_TABLE." fa
WHERE fa.forum_id = f.forum_id";
$sql = "SELECT forum_id, forum_name, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_votecreate, auth_vote, auth_attachments
FROM " . FORUMS_TABLE;
$fa_result = $db->sql_query($sql);
$forum_access = $db->sql_fetchrowset($fa_result);
@ -89,7 +245,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
$u_result = $db->sql_query($sql);
$userinf = $db->sql_fetchrowset($u_result);
$sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, g.group_single_user
$sql = "SELECT aa.forum_id, aa.auth_view, aa.auth_read, aa.auth_post, aa.auth_reply, aa.auth_edit, aa.auth_delete, aa.auth_votecreate, aa.auth_vote, aa.auth_attachments, aa.auth_mod, aa.auth_admin, g.group_single_user
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
WHERE ug.user_id = $user_id
AND g.group_id = ug.group_id
@ -103,7 +259,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
$u_access = $db->sql_fetchrowset($au_result);
}
$is_admin = ($userinf[0]['user_level'] == ADMIN) ? 1 : 0;
$is_admin = ($userinf[0]['user_level'] == ADMIN && $userinf[0]['user_id'] != ANONYMOUS) ? 1 : 0;
for($i = 0; $i < count($forum_access); $i++)
{
@ -113,7 +269,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
for($j = 0; $j < count($forum_auth_fields); $j++)
{
$key = $forum_auth_fields[$j];
$value = $f_access[$i][$key];
$value = $forum_access[$i][$key];
switch($value)
{
@ -126,11 +282,11 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
break;
case AUTH_ACL:
$auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0;
$auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0;
break;
case AUTH_MOD:
$auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_MOD, $key, $u_access, $is_admin) : 0;
$auth_user[$f_forum_id][$key] = ($user_id != ANONYMOUS) ? auth_check_user(AUTH_MOD, $key, $u_access, $is_admin) : 0;
break;
case AUTH_ADMIN:
@ -145,7 +301,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
//
// Is user a moderator?
//
$auth_user[$f_forum_id]['auth_mod'] = ($user_id != ANONYMOUS && $num_u_access) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
$auth_user[$f_forum_id]['auth_mod'] = ($user_id != ANONYMOUS) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0;
}
while(list($forumkey, $user_ary) = each($auth_user))
@ -154,41 +310,10 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
while(list($fieldkey, $value) = each($user_ary))
{
$simple_auth[$forumkey] = $simple_auth[$forumkey] && $value;
}
}
reset($auth_user);
$t_username .= $userinf[0]['username'];
$t_usertype = ($userinf[0]['user_level'] == ADMIN) ? "an <b>Administrator</b>" : "a <b>User</b>";
for($i = 0; $i < count($userinf); $i++)
{
if(!$userinf[$i]['group_single_user'])
{
$group_name[] = $userinf[$i]['group_name'];
$group_id[] = $userinf[$i]['group_name'];
}
}
if(count($group_name))
{
$t_usergroup_list = "belongs to the following groups; ";
for($i = 0; $i < count($userinf); $i++)
{
$t_usergroup_list .= $group_name[$i];
if($i < count($group_name) - 1)
{
$t_usergroup_list .= ", ";
}
}
}
else
{
$t_usergroup_list = "belongs to no usergroups.";
}
$i = 0;
if($adv == -1)
{
@ -207,11 +332,11 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
$optionlist_grant = "<select name=\"simple[$forumkey]\">";
if($allowed)
{
$optionlist_grant .= "<option value=\"1\" selected>Allow Access</option><option value=\"0\">Disallow Access</option>";
$optionlist_grant .= "<option value=\"1\" selected>Allowed Access</option>";
}
else
{
$optionlist_grant .= "<option value=\"1\">Allow Access</option><option value=\"0\" selected>Disallow Access</option>";
$optionlist_grant .= "<option value=\"1\">Allowed Access</option><option value=\"0\" selected>Disallowed Access</option>";
}
$optionlist_grant .= "</select>";
}
@ -221,11 +346,11 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
}
if($user_ary['auth_mod'])
{
$optionlist_mod = "<option value=\"1\">Remove Moderator</option><option value=\"0\" selected>Make Moderator</option>";
$optionlist_mod = "<option value=\"1\" selected>Is a Moderator</option>";
}
else
{
$optionlist_mod = "<option value=\"1\" selected>Remove Moderator</option><option value=\"0\">Make Moderator</option>";
$optionlist_mod = "<option value=\"1\">Is a Moderator</option><option value=\"0\" selected>Is not a Moderator</option>";
}
switch($basic_auth_level[$forumkey])
{
@ -246,7 +371,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
break;
}
$template->assign_block_vars("restrictedforums", array(
$template->assign_block_vars("forums", array(
"ROW_CLASS" => $row_class,
"FORUM_NAME" => $forum_access[$i]['forum_name'],
@ -260,8 +385,7 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
{
while(list($forumkey, $user_ary) = each($auth_user))
{
echo "<tr>\n";
echo "\t<td bgcolor=\"#DDDDDD\"><a href=\"userauth.php?" . POST_FORUM_URL . "=$forumkey&" . POST_USERS_URL . "=$user_id\">" . $f_access[$i]['forum_name'] . "</a></td>\n";
echo "\t<td bgcolor=\"#DDDDDD\"><a href=\"userauth.$phpEx?" . POST_FORUM_URL . "=$forumkey&" . POST_USERS_URL . "=$user_id\">" . $f_access[$i]['forum_name'] . "</a></td>\n";
while(list($fieldkey, $value) = each($user_ary))
{
$can_they = ($auth_user[$forumkey][$fieldkey]) ? "Yes" : "No";
@ -273,55 +397,53 @@ if(isset($HTTP_GET_VARS[POST_USERS_URL]))
}
reset($auth_user);
$t_username .= $userinf[0]['username'];
$t_usertype = ($is_admin) ? "an <b>Administrator</b>" : "a <b>User</b>";
for($i = 0; $i < count($userinf); $i++)
{
if(!$userinf[$i]['group_single_user'])
{
$group_name[] = $userinf[$i]['group_name'];
$group_id[] = $userinf[$i]['group_id'];
}
}
if(count($group_name))
{
$t_usergroup_list = "belongs to the following groups; ";
for($i = 0; $i < count($userinf); $i++)
{
$t_usergroup_list .= "<a href=\"groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id[$i] . "\">" . $group_name[$i] . "</a>";
if($i < count($group_name) - 1)
{
$t_usergroup_list .= ", ";
}
}
}
else
{
$t_usergroup_list = "belongs to no usergroups.";
}
$s_hidden_fields = "<input type=\"hidden\" name=\"" . POST_USERS_URL . "\" value=\"$user_id\">";
$s_hidden_fields .= "<input type=\"hidden\" name=\"curadmin\" value=\"" . $is_admin ."\">";
$s_hidden_fields .= "<input type=\"hidden\" name=\"" . POST_GROUPS_URL . "\" value=\"" . "\">";
$template->assign_vars(array(
"USERNAME" => $t_username,
"USERTYPE" => $t_usertype,
"S_ADMIN_CHECK_SELECTED" => (($is_admin) ? " checked" : ""),
"S_USER_AUTH_ACTION" => append_sid("userauth.$phpEx"),
"S_HIDDEN_FIELDS" => $s_hidden_fields,
"USER_GROUP_LIST" => $t_usergroup_list)
);
$template->pparse("body");
}
else
{
//
// Default user selection box
// This should be altered on the final
// system to list users via an alphabetical
// selection system ... otherwise this
// could get 'cumbersome' for boards
// with several thousand users!
//
$sql = "SELECT user_id, username
FROM ".USERS_TABLE;
$u_result = $db->sql_query($sql);
$user_list = $db->sql_fetchrowset($u_result);
$select_list = "<select name=\"" . POST_USERS_URL . "\">";
for($i = 0; $i < count($user_list); $i++)
{
$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
}
$select_list .= "</select>";
$template->set_filenames(array(
"body" => "admin/userauth_select_body.tpl"));
$template->assign_vars(array(
"S_USERAUTH_ACTION" => append_sid("userauth.$phpEx"),
"S_USERS_SELECT" => $select_list,
"U_FORUMAUTH" => append_sid("forumauth.$phpEx"))
);
$template->pparse("body");
}
exit;
?>

4
phpBB/includes/auth.php
View File

@ -132,7 +132,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
{
$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "WHERE au.forum_id = $forum_id" : "";
$sql = "SELECT au.forum_id, $a_sql
FROM ".AUTH_FORUMS_TABLE." au
FROM ".FORUMS_TABLE." au
$forum_match_sql";
$af_result = $db->sql_query($sql);
@ -164,7 +164,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
if($userdata['session_logged_in'])
{
$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND au.forum_id = $forum_id" : "";
$forum_match_sql = ($forum_id != AUTH_LIST_ALL) ? "AND ( au.forum_id = $forum_id OR au.forum_id = 0 )" : "";
$sql = "SELECT au.forum_id, $a_sql, au.auth_mod, g.group_single_user
FROM ".AUTH_ACCESS_TABLE." au, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g
WHERE ug.user_id = ".$userdata['user_id']. "

13
phpBB/index.php
View File

@ -173,7 +173,7 @@ if($total_categories)
default:
// This works on: MySQL, MSSQL and ODBC (Access)
$limit_forums = ($viewcat != -1) ? "WHERE f.cat_id = $viewcat " : "";
/*
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time
FROM ((( ".FORUMS_TABLE." f
LEFT JOIN ".POSTS_TABLE." p ON f.forum_last_post_id = p.post_id )
@ -181,15 +181,6 @@ if($total_categories)
LEFT JOIN ".USERS_TABLE." u ON p.poster_id = u.user_id )
$limit_forums
ORDER BY f.cat_id, f.forum_order";
*/
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, p.post_username, af.auth_view, af.auth_read, af.auth_post, af.auth_reply, af.auth_edit, af.auth_delete, af.auth_votecreate, af.auth_vote
FROM ((( ".FORUMS_TABLE." f
LEFT JOIN ".POSTS_TABLE." p ON f.forum_last_post_id = p.post_id )
LEFT JOIN ".TOPICS_TABLE." t ON p.post_id = t.topic_last_post_id )
LEFT JOIN ".USERS_TABLE." u ON p.poster_id = u.user_id )
LEFT JOIN ".AUTH_FORUMS_TABLE." af ON af.forum_id = f.forum_id
$limit_forums
ORDER BY f.cat_id, f.forum_order";
break;
}
@ -214,7 +205,7 @@ if($total_categories)
//
$sql = "SELECT f.forum_id, u.username, u.user_id
FROM ".FORUMS_TABLE." f, ".USERS_TABLE." u, ".USER_GROUP_TABLE." ug, ".AUTH_ACCESS_TABLE." aa
WHERE aa.forum_id = f.forum_id
WHERE ( aa.forum_id = f.forum_id OR aa.forum_id = 0 )
AND aa.auth_mod = 1
AND ug.group_id = aa.group_id
AND u.user_id = ug.user_id

9
phpBB/search.php
View File

@ -312,7 +312,7 @@ if((isset($HTTP_POST_VARS['dosearch']) || isset($HTTP_GET_VARS['dosearch'])) &&
// Limit to search to accessible
// forums
//
$is_auth_ary = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
//
// Start building appropriate SQL query
@ -355,7 +355,7 @@ if((isset($HTTP_POST_VARS['dosearch']) || isset($HTTP_GET_VARS['dosearch'])) &&
if($searchforum != "all")
{
$sql .= ($is_auth_ary[$searchforum]['auth_view']) ? " AND (f.forum_id = '$searchforum')" : "";
$sql .= ($is_auth_ary[$searchforum]['auth_read']) ? " AND (f.forum_id = '$searchforum')" : "";
}
while(list($key, $value) = each($is_auth_ary))
@ -493,12 +493,13 @@ if(!$result)
error_die(QUERY_ERROR, "Couldn't obtain forum_name/forum_id", __LINE__, __FILE__);
}
$is_auth_ary = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);
$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
$s_forums = "<option value=\"all\">".$lang['All']."</option>";
while($row = $db->sql_fetchrow($result))
{
if($is_auth_ary[$row['forum_id']]['auth_view'])
if($is_auth_ary[$row['forum_id']]['auth_read'])
{
$s_forums .= "<option value=\"".$row['forum_id']."\">".$row['forum_name']."</option>";
}

25
phpBB/templates/PSO/admin/userauth_body.tpl
View File

@ -33,14 +33,16 @@
<p>Remember that users are also granted access via usergroups so be sure to check group auth control when assigning and changing access rights!</p>
<h2>Username: {USERNAME}</h2>
<p>This user is {USERTYPE} and {USER_GROUP_LIST}</p>
<p>This user is {USERTYPE} and {USER_GROUP_LIST}
<form method="post" action="{S_USER_AUTH_ACTION}">
<input type="checkbox" name="makeadmin" value="1"{S_ADMIN_CHECK_SELECTED}> Checked if user should be an Administrator<br>
<input type="checkbox" name="makesupermod" value="1"{S_SUPERMOD_CHECK_SELECTED}> Checked if user should be a Super Moderator</p>
<h3>Restricted Forums</h3>
<h3>Access to Forums</h3>
<p>These forums need users to be granted specific access for one or more auth fields. Please keep in mind that when you grant access you are giving a user the maximum rights to the forum. So, if this forum has auth fields set for admin only access the user will be made an admin! So think before granting rights!</p>
<p>The following table lists all forums on you board. Different colour rows indicate different levels of authorisation required for a user to do one or more basic function, eg. view, read, post, reply. By design Administrators have access to and are moderators of every forum (you cannot alter individual settings for Administrators, you must first set them as users by unchecking the box above)</p>
<div align="center"><table cellspacing="1" cellpadding="4" border="0">
<tr>
@ -48,16 +50,19 @@
<th>Simple Access Control</th>
<th>Moderator</th>
</tr>
<!-- BEGIN restrictedforums -->
<!-- BEGIN forums -->
<tr>
<td class="{restrictedforums.ROW_CLASS}">{restrictedforums.FORUM_NAME}</td>
<td class="{restrictedforums.ROW_CLASS}">{restrictedforums.SELECT_GRANT_LIST}</td>
<td class="{restrictedforums.ROW_CLASS}">{restrictedforums.SELECT_MOD_LIST}</td>
<td class="{forums.ROW_CLASS}">{forums.FORUM_NAME}</td>
<td class="{forums.ROW_CLASS}">{forums.SELECT_GRANT_LIST}</td>
<td class="{forums.ROW_CLASS}">{forums.SELECT_MOD_LIST}</td>
</tr>
<!-- END forums -->
<tr>
<td colspan="3" align="center">{S_HIDDEN_FIELDS}<input type="submit" name="submit" value="Request Update">&nbsp;&nbsp;&nbsp;<input type="reset" value="Reset Changes"></td>
</tr>
<!-- END restrictedforums -->
</table></div>
<br clear="all">
</form>
<div align="center"><p>The colour coded rows in the table indicate the access level required to view, read, post or reply in the forum.</p>

14
phpBB/viewforum.php
View File

@ -56,21 +56,11 @@ init_userprefs($userdata);
//
if(isset($forum_id))
{
/*
$sql = "SELECT f.forum_name, f.forum_topics, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_votecreate, f.auth_vote, u.username, u.user_id
FROM ".FORUMS_TABLE." f, ".USERS_TABLE." u, ".USER_GROUP_TABLE." ug, ".AUTH_ACCESS_TABLE." aa
WHERE f.forum_id = $forum_id
WHERE f.forum_id = $forum_id
AND aa.auth_mod = 1
AND aa.forum_id = f.forum_id
AND ug.group_id = aa.group_id
AND u.user_id = ug.user_id";
*/
$sql = "SELECT f.forum_name, f.forum_topics, u.username, u.user_id, fa.*
FROM ".FORUMS_TABLE." f, ".USERS_TABLE." u, ".USER_GROUP_TABLE." ug, ".AUTH_ACCESS_TABLE." aa, ".AUTH_FORUMS_TABLE." fa
WHERE f.forum_id = $forum_id
AND fa.forum_id = f.forum_id
AND aa.auth_mod = 1
AND aa.forum_id = f.forum_id
AND ( aa.forum_id = f.forum_id OR aa.forum_id = 0 )
AND ug.group_id = aa.group_id
AND u.user_id = ug.user_id";
}

15
phpBB/viewtopic.php
View File

@ -139,7 +139,7 @@ else
$join_sql_table = (!isset($post_id)) ? "" : "".POSTS_TABLE." p, ".POSTS_TABLE." p2,";
$join_sql = (!isset($post_id)) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = (!isset($post_id)) ? "" : ", COUNT(p2.post_id) AS prev_posts";
/*
$order_sql = (!isset($post_id)) ? "" : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_votecreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_votecreate, f.auth_vote, f.auth_attachments" . $count_sql . "
@ -147,16 +147,6 @@ else
WHERE $join_sql
AND f.forum_id = t.forum_id
$order_sql";
*/
$order_sql = (!isset($post_id)) ? "" : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_delete, fa.auth_announce, fa.auth_sticky, fa.auth_votecreate, fa.auth_vote ORDER BY p.post_id ASC";
$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, fa.auth_view, fa.auth_read, fa.auth_post, fa.auth_reply, fa.auth_edit, fa.auth_announce, fa.auth_sticky, fa.auth_delete, fa.auth_votecreate, fa.auth_vote" . $count_sql . "
FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".AUTH_FORUMS_TABLE." fa
WHERE $join_sql
AND f.forum_id = t.forum_id
AND fa.forum_id = f.forum_id
$order_sql";
// This closes out the opening braces above
// Needed for the view/next query
@ -456,6 +446,8 @@ for($x = 0; $x < $total_posts; $x++)
$profile_img = "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=$poster_id")."\"><img src=\"".$images['profile']."\" alt=\"$l_profileof $poster\" border=\"0\"></a>";
$pm_img = "<a href=\"" . append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL. "=$poster_id") . "\"><img src=\"". $images['privmsg'] . "\" alt=\"" . $lang['Private_messaging'] . "\" border=\"0\"></a>";
$email_img = ($postrow[$x]['user_viewemail'] == 1) ? "<a href=\"mailto:".$postrow[$x]['user_email']."\"><img src=\"".$images['email']."\" alt=\"$l_email $poster\" border=\"0\"></a>" : "";
$www_img = ($postrow[$x]['user_website']) ? "<a href=\"".$postrow[$x]['user_website']."\"><img src=\"".$images['www']."\" alt=\"$l_viewsite\" border=\"0\"></a>" : "";
@ -554,6 +546,7 @@ for($x = 0; $x < $total_posts; $x++)
"POST_SUBJECT" => $post_subject,
"MESSAGE" => $message,
"PROFILE_IMG" => $profile_img,
"PM_IMG" => $pm_img,
"EMAIL_IMG" => $email_img,
"WWW_IMG" => $www_img,
"ICQ_STATUS_IMG" => $icq_status_img,