mirror of
				https://github.com/phpbb/phpbb.git
				synced 2025-10-25 13:46:50 +02:00 
			
		
		
		
	- ability to change anonymous user settings more easily
- fix serious bugs in permissions (always allowing if permissions explicitly set and getting wrong permission options from bitfield) - added option for returning an array to make_forum_select - again fixing bugs in module system (one for a very query consuming part and one for correctly filling the cache) git-svn-id: file:///svn/phpbb/trunk@5517 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
		| @@ -16,6 +16,7 @@ | ||||
| 		<dt><label for="username">{L_FIND_USERNAME}:</label></dt> | ||||
| 		<dd><input class="medium" type="text" id="username" name="username" /></dd> | ||||
| 		<dd>[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd> | ||||
| 		<dd class="full" style="text-align: left;"><input type="checkbox" id="anonymous" name="u" value="{ANONYMOUS_USER_ID}" />  Select Anonymous User</dd> | ||||
| 	</dl> | ||||
| 	</fieldset> | ||||
|  | ||||
|   | ||||
| @@ -30,11 +30,19 @@ function jumpto() | ||||
|  | ||||
| // Set display of page element | ||||
| // s[-1,0,1] = hide,toggle display,show | ||||
| function dE(n,s) | ||||
| function dE(n, s, type) | ||||
| { | ||||
| 	if (!type) | ||||
| 	{ | ||||
| 		type = 'block'; | ||||
| 	} | ||||
|  | ||||
| 	var e = document.getElementById(n); | ||||
| 	if(!s) s = (e.style.display=='') ? -1:1; | ||||
| 	e.style.display = (s==1) ? 'block':'none'; | ||||
| 	if (!s) | ||||
| 	{ | ||||
| 		s = (e.style.display == '') ? -1 : 1; | ||||
| 	} | ||||
| 	e.style.display = (s == 1) ? type : 'none'; | ||||
| } | ||||
|  | ||||
| function marklist(match, status) | ||||
|   | ||||
| @@ -64,6 +64,8 @@ class acp_users | ||||
|  | ||||
| 			$template->assign_vars(array( | ||||
| 				'U_ACTION'			=> $u_action, | ||||
| 				'ANONYMOUS_USER_ID'	=> ANONYMOUS, | ||||
|  | ||||
| 				'S_SELECT_USER'		=> true, | ||||
| 				'U_FIND_USERNAME'	=> $phpbb_root_path . "memberlist.$phpEx$SID&mode=searchuser&form=select_user&field=username", | ||||
| 				) | ||||
|   | ||||
| @@ -322,13 +322,13 @@ class auth | ||||
| 				{ | ||||
| 					if (isset($auth_ary[$opt])) | ||||
| 					{ | ||||
| 						$bitstring[$id] = 1; | ||||
| 						$bitstring[$id] = $auth_ary[$opt]; | ||||
|  | ||||
| 						$option_key = substr($opt, 0, strpos($opt, '_') + 1); | ||||
|  | ||||
| 						// If one option is allowed, the global permission for this option has to be allowed too | ||||
| 						// example: if the user has the a_ permission this means he has one or more a_* permissions | ||||
| 						if (!isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || !$bitstring[$this->acl_options[$ary_key][$option_key]]) | ||||
| 						if ($auth_ary[$opt] == ACL_YES && !isset($bitstring[$this->acl_options[$ary_key][$option_key]]) || !$bitstring[$this->acl_options[$ary_key][$option_key]]) | ||||
| 						{ | ||||
| 							$bitstring[$this->acl_options[$ary_key][$option_key]] = 1; | ||||
| 						} | ||||
| @@ -418,7 +418,7 @@ class auth | ||||
| 				' . (($sql_user) ? 'AND a.' . $sql_user : '') . " | ||||
| 				$sql_forum | ||||
| 				$sql_opts | ||||
| 			ORDER BY a.forum_id, ao.auth_option"; | ||||
| 			ORDER BY a.forum_id, ao.auth_option_id"; | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| @@ -435,7 +435,7 @@ class auth | ||||
| 				' . (($sql_user) ? 'AND ug.' . $sql_user : '') . " | ||||
| 				$sql_forum | ||||
| 				$sql_opts | ||||
| 			ORDER BY a.forum_id, ao.auth_option"; | ||||
| 			ORDER BY a.forum_id, ao.auth_option_id"; | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| @@ -481,7 +481,7 @@ class auth | ||||
| 				' . (($sql_group) ? 'AND a.' . $sql_group : '') . " | ||||
| 				$sql_forum | ||||
| 				$sql_opts | ||||
| 			ORDER BY a.forum_id, ao.auth_option"; | ||||
| 			ORDER BY a.forum_id, ao.auth_option_id"; | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| @@ -529,442 +529,4 @@ class auth | ||||
| 	} | ||||
| } | ||||
|  | ||||
| /** | ||||
| * @package phpBB3 | ||||
| */ | ||||
| class auth_admin extends auth | ||||
| { | ||||
| 	/** | ||||
| 	* Init auth settings | ||||
| 	*/ | ||||
| 	function auth_admin() | ||||
| 	{ | ||||
| 		global $db, $cache; | ||||
|  | ||||
| 		if (($this->acl_options = $cache->get('acl_options')) === false) | ||||
| 		{ | ||||
| 			$sql = 'SELECT auth_option, is_global, is_local | ||||
| 				FROM ' . ACL_OPTIONS_TABLE . ' | ||||
| 				ORDER BY auth_option_id'; | ||||
| 			$result = $db->sql_query($sql); | ||||
|  | ||||
| 			$global = $local = 0; | ||||
| 			while ($row = $db->sql_fetchrow($result)) | ||||
| 			{ | ||||
| 				if ($row['is_global']) | ||||
| 				{ | ||||
| 					$this->acl_options['global'][$row['auth_option']] = $global++; | ||||
| 				} | ||||
|  | ||||
| 				if ($row['is_local']) | ||||
| 				{ | ||||
| 					$this->acl_options['local'][$row['auth_option']] = $local++; | ||||
| 				} | ||||
| 			} | ||||
| 			$db->sql_freeresult($result); | ||||
|  | ||||
| 			$cache->put('acl_options', $this->acl_options); | ||||
| 		} | ||||
| 	} | ||||
| 	 | ||||
| 	/** | ||||
| 	* Get permission mask | ||||
| 	* This function only supports getting permissions of one type (for example a_) | ||||
| 	* | ||||
| 	* @param mixed $user_id user ids to search for (a user_id or a group_id has to be specified at least) | ||||
| 	* @param mixed $group_id group ids to search for, return group related settings (a user_id or a group_id has to be specified at least) | ||||
| 	* @param mixed $forum_id forum_ids to search for. Defining a forum id also means getting local settings | ||||
| 	* @param string $auth_option the auth_option defines the permission setting to look for (a_ for example) | ||||
| 	* @param local|global $scope the scope defines the permission scope. If local, a forum_id is additionally required | ||||
| 	* @param ACL_NO|ACL_UNSET|ACL_YES $acl_fill defines the mode those permissions not set are getting filled with | ||||
| 	*/ | ||||
| 	function get_mask($user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NO) | ||||
| 	{ | ||||
| 		global $db; | ||||
|  | ||||
| 		$hold_ary = array(); | ||||
|  | ||||
| 		if ($auth_option === false || $scope === false) | ||||
| 		{ | ||||
| 			return array(); | ||||
| 		} | ||||
|  | ||||
| 		if ($forum_id !== false) | ||||
| 		{ | ||||
| 			$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->acl_raw_data($user_id, $auth_option . '%', $forum_id); | ||||
| 		} | ||||
| 		else | ||||
| 		{ | ||||
| 			$hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->acl_raw_data($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false); | ||||
| 		} | ||||
|  | ||||
| 		// Make sure hold_ary is filled with every setting (prevents missing forums/users/groups) | ||||
| 		$ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id); | ||||
| 		$forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array()); | ||||
|  | ||||
| 		// If forum_ids is false and the scope is local we actually want to have all forums within the array | ||||
| 		if ($scope == 'local' && !sizeof($forum_ids)) | ||||
| 		{ | ||||
| 			$sql = 'SELECT forum_id  | ||||
| 				FROM ' . FORUMS_TABLE; | ||||
| 			$result = $db->sql_query($sql, 120); | ||||
|  | ||||
| 			while ($row = $db->sql_fetchrow($result)) | ||||
| 			{ | ||||
| 				$forum_ids[] = $row['forum_id']; | ||||
| 			} | ||||
| 			$db->sql_freeresult($result); | ||||
| 		} | ||||
|  | ||||
| 		foreach ($ug_id as $_id) | ||||
| 		{ | ||||
| 			if (!isset($hold_ary[$_id])) | ||||
| 			{ | ||||
| 				$hold_ary[$_id] = array(); | ||||
| 			} | ||||
|  | ||||
| 			foreach ($forum_ids as $f_id) | ||||
| 			{ | ||||
| 				if (!isset($hold_ary[$_id][$f_id])) | ||||
| 				{ | ||||
| 					$hold_ary[$_id][$f_id] = array(); | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		// Now, we need to fill the gaps with $acl_fill. ;) | ||||
|  | ||||
| 		// Only those options we need | ||||
| 		$compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array('')); | ||||
|  | ||||
| 		// Now switch back to keys | ||||
| 		if (sizeof($compare_options)) | ||||
| 		{ | ||||
| 			$compare_options = array_combine($compare_options, array_fill(1, sizeof($compare_options), $acl_fill)); | ||||
| 		} | ||||
|  | ||||
| 		// Defining the user-function here to save some memory | ||||
| 		$return_acl_fill = create_function('$value', 'return ' . $acl_fill . ';'); | ||||
|  | ||||
| 		// Actually fill the gaps | ||||
| 		if (sizeof($hold_ary)) | ||||
| 		{ | ||||
| 			foreach ($hold_ary as $ug_id => $row) | ||||
| 			{ | ||||
| 				foreach ($row as $id => $options) | ||||
| 				{ | ||||
| 					// Not a "fine" solution, but at all it's a 1-dimensional  | ||||
| 					// array_diff_key function filling the resulting array values with zeros | ||||
| 					// The differences get merged into $hold_ary (all permissions having $acl_fill set) | ||||
| 					$hold_ary[$ug_id][$id] = array_merge($options,  | ||||
|  | ||||
| 						array_map($return_acl_fill, | ||||
| 							array_flip( | ||||
| 								array_diff( | ||||
| 									array_keys($compare_options), array_keys($options) | ||||
| 								) | ||||
| 							) | ||||
| 						) | ||||
| 					); | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
| 		else | ||||
| 		{ | ||||
| 			$hold_ary[($group_id !== false) ? $group_id : $user_id][(int) $forum_id] = $compare_options; | ||||
| 		} | ||||
|  | ||||
| 		return $hold_ary; | ||||
| 	} | ||||
|  | ||||
| 	/** | ||||
| 	* NOTE: this function is not in use atm | ||||
| 	* Add a new option to the list ... $options is a hash of form -> | ||||
| 	* $options = array( | ||||
| 	*	'local'		=> array('option1', 'option2', ...), | ||||
| 	*	'global'	=> array('optionA', 'optionB', ...) | ||||
| 	* ); | ||||
| 	*/ | ||||
| 	function acl_add_option($options) | ||||
| 	{ | ||||
| 		global $db, $cache; | ||||
|  | ||||
| 		if (!is_array($options)) | ||||
| 		{ | ||||
| 			return false; | ||||
| 		} | ||||
|  | ||||
| 		$cur_options = array(); | ||||
|  | ||||
| 		$sql = 'SELECT auth_option, is_global, is_local | ||||
| 			FROM ' . ACL_OPTIONS_TABLE . ' | ||||
| 			ORDER BY auth_option_id'; | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| 		{ | ||||
| 			if ($row['is_global']) | ||||
| 			{ | ||||
| 				$cur_options['global'][] = $row['auth_option']; | ||||
| 			} | ||||
|  | ||||
| 			if ($row['is_local']) | ||||
| 			{ | ||||
| 				$cur_options['local'][] = $row['auth_option']; | ||||
| 			} | ||||
| 		} | ||||
| 		$db->sql_freeresult($result); | ||||
|  | ||||
| 		// Here we need to insert new options ... this requires discovering whether | ||||
| 		// an options is global, local or both and whether we need to add an permission | ||||
| 		// set flag (x_) | ||||
| 		$new_options = array('local' => array(), 'global' => array()); | ||||
|  | ||||
| 		foreach ($options as $type => $option_ary) | ||||
| 		{ | ||||
| 			$option_ary = array_unique($option_ary); | ||||
|  | ||||
| 			foreach ($option_ary as $option_value) | ||||
| 			{ | ||||
| 				if (!in_array($option_value, $cur_options[$type])) | ||||
| 				{ | ||||
| 					$new_options[$type][] = $option_value; | ||||
| 				} | ||||
|  | ||||
| 				$flag = substr($option_value, 0, strpos($option_value, '_') + 1); | ||||
|  | ||||
| 				if (!in_array($flag, $cur_options[$type]) && !in_array($flag, $new_options[$type])) | ||||
| 				{ | ||||
| 					$new_options[$type][] = $flag; | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
| 		unset($options); | ||||
|  | ||||
| 		$options = array(); | ||||
| 		$options['local'] = array_diff($new_options['local'], $new_options['global']); | ||||
| 		$options['global'] = array_diff($new_options['global'], $new_options['local']); | ||||
| 		$options['local_global'] = array_intersect($new_options['local'], $new_options['global']); | ||||
|  | ||||
| 		$sql_ary = array(); | ||||
|  | ||||
| 		foreach ($options as $type => $option_ary) | ||||
| 		{ | ||||
| 			foreach ($option_ary as $option) | ||||
| 			{ | ||||
| 				$sql_ary[] = array( | ||||
| 					'auth_option'	=> $option, | ||||
| 					'is_global'		=> ($type == 'global' || $type == 'local_global') ? 1 : 0, | ||||
| 					'is_local'		=> ($type == 'local' || $type == 'local_global') ? 1 : 0 | ||||
| 				); | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		if (sizeof($sql_ary)) | ||||
| 		{ | ||||
| 			switch (SQL_LAYER) | ||||
| 			{ | ||||
| 				case 'mysql': | ||||
| 				case 'mysql4': | ||||
| 				case 'mysqli': | ||||
| 					$db->sql_query('INSERT INTO ' . ACL_OPTIONS_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $sql_ary)); | ||||
| 				break; | ||||
|  | ||||
| 				default: | ||||
| 					foreach ($sql_ary as $ary) | ||||
| 					{ | ||||
| 						$db->sql_query('INSERT INTO ' . ACL_OPTIONS_TABLE . ' ' . $db->sql_build_array('INSERT', $ary)); | ||||
| 					} | ||||
| 				break; | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		$cache->destroy('acl_options'); | ||||
|  | ||||
| 		return true; | ||||
| 	} | ||||
|  | ||||
| 	/** | ||||
| 	* Set a user or group ACL record | ||||
| 	*/ | ||||
| 	function acl_set($ug_type, &$forum_id, &$ug_id, &$auth) | ||||
| 	{ | ||||
| 		global $db; | ||||
|  | ||||
| 		// One or more forums | ||||
| 		if (!is_array($forum_id)) | ||||
| 		{ | ||||
| 			$forum_id = array($forum_id); | ||||
| 		} | ||||
|  | ||||
| 		// Set any flags as required | ||||
| 		foreach ($auth as $auth_option => $setting) | ||||
| 		{ | ||||
| 			$flag = substr($auth_option, 0, strpos($auth_option, '_') + 1); | ||||
|  | ||||
| 			if (!isset($auth[$flag]) || !$auth[$flag]) | ||||
| 			{ | ||||
| 				$auth[$flag] = $setting; | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		$sql = 'SELECT auth_option_id, auth_option | ||||
| 			FROM ' . ACL_OPTIONS_TABLE; | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| 		{ | ||||
| 			$option_ids[$row['auth_option']] = $row['auth_option_id']; | ||||
| 		} | ||||
| 		$db->sql_freeresult($result); | ||||
|  | ||||
| 		$sql_forum = 'AND a.forum_id IN (' . implode(', ', array_map('intval', $forum_id)) . ')'; | ||||
|  | ||||
| 		if ($ug_type == 'user') | ||||
| 		{ | ||||
| 			$sql = 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting  | ||||
| 				FROM ' . ACL_USERS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o  | ||||
| 				WHERE a.auth_option_id = o.auth_option_id  | ||||
| 					$sql_forum  | ||||
| 					AND a.user_id = $ug_id"; | ||||
| 		} | ||||
| 		else | ||||
| 		{ | ||||
| 			$sql = 'SELECT o.auth_option_id, o.auth_option, a.forum_id, a.auth_setting  | ||||
| 				FROM ' . ACL_GROUPS_TABLE . ' a, ' . ACL_OPTIONS_TABLE . " o  | ||||
| 				WHERE a.auth_option_id = o.auth_option_id  | ||||
| 					$sql_forum  | ||||
| 					AND a.group_id = $ug_id"; | ||||
| 		} | ||||
| 		$result = $db->sql_query($sql); | ||||
|  | ||||
| 		$cur_auth = array(); | ||||
| 		while ($row = $db->sql_fetchrow($result)) | ||||
| 		{ | ||||
| 			$cur_auth[$row['forum_id']][$row['auth_option_id']] = $row['auth_setting']; | ||||
| 		} | ||||
| 		$db->sql_freeresult($result); | ||||
|  | ||||
| 		$table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; | ||||
| 		$id_field  = $ug_type . '_id'; | ||||
|  | ||||
| 		$sql_ary = array(); | ||||
| 		foreach ($forum_id as $forum) | ||||
| 		{ | ||||
| 			foreach ($auth as $auth_option => $setting) | ||||
| 			{ | ||||
| 				$auth_option_id = $option_ids[$auth_option]; | ||||
|  | ||||
| 				switch ($setting) | ||||
| 				{ | ||||
| 					case ACL_UNSET: | ||||
| 						if (isset($cur_auth[$forum][$auth_option_id])) | ||||
| 						{ | ||||
| 							$sql_ary['delete'][] = "DELETE FROM $table  | ||||
| 								WHERE forum_id = $forum | ||||
| 									AND auth_option_id = $auth_option_id | ||||
| 									AND $id_field = $ug_id"; | ||||
| 						} | ||||
| 					break; | ||||
|  | ||||
| 					default: | ||||
| 						if (!isset($cur_auth[$forum][$auth_option_id])) | ||||
| 						{ | ||||
| 							$sql_ary['insert'][] = "$ug_id, $forum, $auth_option_id, $setting"; | ||||
| 						} | ||||
| 						else if ($cur_auth[$forum][$auth_option_id] != $setting) | ||||
| 						{ | ||||
| 							$sql_ary['update'][] = "UPDATE " . $table . "  | ||||
| 								SET auth_setting = $setting  | ||||
| 								WHERE $id_field = $ug_id  | ||||
| 									AND forum_id = $forum  | ||||
| 									AND auth_option_id = $auth_option_id"; | ||||
| 						} | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
| 		unset($cur_auth); | ||||
|  | ||||
| 		$sql = ''; | ||||
| 		foreach ($sql_ary as $sql_type => $sql_subary) | ||||
| 		{ | ||||
| 			switch ($sql_type) | ||||
| 			{ | ||||
| 				case 'insert': | ||||
| 					switch (SQL_LAYER) | ||||
| 					{ | ||||
| 						case 'mysql': | ||||
| 							$sql = 'VALUES ' . implode(', ', preg_replace('#^(.*?)$#', '(\1)', $sql_subary)); | ||||
| 						break; | ||||
|  | ||||
| 						case 'mysql4': | ||||
| 						case 'mysqli': | ||||
| 						case 'mssql': | ||||
| 						case 'mssql_odbc': | ||||
| 						case 'sqlite': | ||||
| 							$sql = implode(' UNION ALL ', preg_replace('#^(.*?)$#', 'SELECT \1', $sql_subary)); | ||||
| 						break; | ||||
|  | ||||
| 						default: | ||||
| 							foreach ($sql_subary as $sql) | ||||
| 							{ | ||||
| 								$sql = "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_setting) VALUES ($sql)"; | ||||
| 								$db->sql_query($sql); | ||||
| 								$sql = ''; | ||||
| 							} | ||||
| 					} | ||||
|  | ||||
| 					if ($sql != '') | ||||
| 					{ | ||||
| 						$sql = "INSERT INTO $table ($id_field, forum_id, auth_option_id, auth_setting) $sql"; | ||||
| 						$db->sql_query($sql); | ||||
| 					} | ||||
| 				break; | ||||
|  | ||||
| 				case 'update': | ||||
| 				case 'delete': | ||||
| 					foreach ($sql_subary as $sql) | ||||
| 					{ | ||||
| 						$db->sql_query($sql); | ||||
| 					} | ||||
| 				break; | ||||
| 			} | ||||
| 			unset($sql_ary[$sql_type]); | ||||
| 		} | ||||
| 		unset($sql_ary); | ||||
|  | ||||
| 		$this->acl_clear_prefetch(); | ||||
| 	} | ||||
|  | ||||
| 	/** | ||||
| 	* Remove local permission | ||||
| 	*/ | ||||
| 	function acl_delete($mode, &$forum_id, &$ug_id, $auth_ids = false) | ||||
| 	{ | ||||
| 		global $db; | ||||
|  | ||||
| 		// One or more forums | ||||
| 		if (!is_array($forum_id)) | ||||
| 		{ | ||||
| 			$forum_id = array($forum_id); | ||||
| 		} | ||||
|  | ||||
| 		$auth_sql = ($auth_ids) ? ' AND auth_option_id IN (' . implode(', ', array_map('intval', $auth_ids)) . ')' : ''; | ||||
|  | ||||
| 		$table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE; | ||||
| 		$id_field  = $mode . '_id'; | ||||
|  | ||||
| 		foreach ($forum_id as $forum) | ||||
| 		{ | ||||
| 			$sql = "DELETE FROM $table | ||||
| 				WHERE $id_field = $ug_id | ||||
| 					AND forum_id = $forum | ||||
| 					$auth_sql"; | ||||
| 			$db->sql_query($sql); | ||||
| 		} | ||||
|  | ||||
| 		$this->acl_clear_prefetch(); | ||||
| 	} | ||||
| } | ||||
|  | ||||
| ?> | ||||
| @@ -28,10 +28,11 @@ function login_db(&$username, &$password) | ||||
| 		FROM ' . USERS_TABLE . " | ||||
| 		WHERE username = '" . $db->sql_escape($username) . "'"; | ||||
| 	$result = $db->sql_query($sql); | ||||
|  | ||||
| 	if ($row = $db->sql_fetchrow($result)) | ||||
| 	{ | ||||
| 	$row = $db->sql_fetchrow($result); | ||||
| 	$db->sql_freeresult($result); | ||||
|  | ||||
| 	if ($row) | ||||
| 	{ | ||||
| 		if (md5($password) == $row['user_password']) | ||||
| 		{ | ||||
| 			return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? 0 : $row; | ||||
|   | ||||
| @@ -109,7 +109,7 @@ function recalc_btree($sql_id, $sql_table, $module_class = '') | ||||
| /** | ||||
| * Simple version of jumpbox, just lists authed forums | ||||
| */ | ||||
| function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true) | ||||
| function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = false, $ignore_nonpost = false, $ignore_emptycat = true, $return_array = false) | ||||
| { | ||||
| 	global $db, $user, $auth; | ||||
|  | ||||
| @@ -123,7 +123,8 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = | ||||
|  | ||||
| 	$right = $iteration = 0; | ||||
| 	$padding_store = array('0' => ''); | ||||
| 	$forum_list = $padding = ''; | ||||
| 	$padding = ''; | ||||
| 	$forum_list = ($return_array) ? array() : ''; | ||||
|  | ||||
| 	// Sometimes it could happen that forums will be displayed here not be displayed within the index page | ||||
| 	// This is the result of forums not displayed at index, having list permissions and a parent of a forum with no permissions. | ||||
| @@ -164,9 +165,16 @@ function make_forum_select($select_id = false, $ignore_id = false, $ignore_acl = | ||||
| 			continue; | ||||
| 		} | ||||
|  | ||||
| 		if ($return_array) | ||||
| 		{ | ||||
| 			$selected = (is_array($select_id)) ? ((in_array($row['forum_id'], $select_id)) ? true : false) : (($row['forum_id'] == $select_id) ? true : false); | ||||
| 			$forum_list[$row['forum_id']] = array_merge(array('padding' => $padding, 'selected' => $selected), $row); | ||||
| 		} | ||||
| 		else | ||||
| 		{ | ||||
| 			$selected = (is_array($select_id)) ? ((in_array($row['forum_id'], $select_id)) ? ' selected="selected"' : '') : (($row['forum_id'] == $select_id) ? ' selected="selected"' : ''); | ||||
|  | ||||
| 			$forum_list .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $padding . $row['forum_name'] . '</option>'; | ||||
| 		} | ||||
|  | ||||
| 		$iteration++; | ||||
| 	} | ||||
|   | ||||
| @@ -75,22 +75,31 @@ class p_master | ||||
| 			$this->module_cache['modules'] = array(); | ||||
| 			while ($row = $db->sql_fetchrow($result)) | ||||
| 			{ | ||||
| 				// Only add if we are allowed to view this module... | ||||
| 				if (!$this->module_auth($row['module_auth'])) | ||||
| 				{ | ||||
| 					continue; | ||||
| 				} | ||||
|  | ||||
| 				$this->module_cache['modules'][] = $row; | ||||
| 			} | ||||
| 			$db->sql_freeresult($result); | ||||
| 			 | ||||
| 			// Get module parents | ||||
| 			$this->module_cache['parents'] = array(); | ||||
| 			 | ||||
| 			// We pre-get all parents due to the huge amount of queries required if we do not do so. ;) | ||||
| 			$sql = 'SELECT module_id, parent_id, left_id, right_id | ||||
| 				FROM ' . MODULES_TABLE . ' | ||||
| 				ORDER BY left_id ASC'; | ||||
| 			$result = $db->sql_query($sql); | ||||
|  | ||||
| 			$parents = array(); | ||||
| 			while ($row = $db->sql_fetchrow($result)) | ||||
| 			{ | ||||
| 				$parents[$row['module_id']] = $row; | ||||
| 			} | ||||
| 			$db->sql_freeresult($result);		 | ||||
|  | ||||
| 			foreach ($this->module_cache['modules'] as $row) | ||||
| 			{ | ||||
| 				$this->module_cache['parents'][$row['module_id']] = $this->get_parents($row['parent_id'], $row['left_id'], $row['right_id']); | ||||
| 				$this->module_cache['parents'][$row['module_id']] = $this->get_parents($row['parent_id'], $row['left_id'], $row['right_id'], $parents); | ||||
| 			} | ||||
| 			unset($parents); | ||||
|  | ||||
| 			$file = '<?php $this->module_cache=' . $cache->format_array($this->module_cache) . "; ?>"; | ||||
|  | ||||
| @@ -113,6 +122,7 @@ class p_master | ||||
| 			// Not allowed to view module? | ||||
| 			if (!$this->module_auth($row['module_auth'])) | ||||
| 			{ | ||||
| 				unset($this->module_cache['modules'][$key]); | ||||
| 				continue; | ||||
| 			} | ||||
|  | ||||
| @@ -336,7 +346,7 @@ class p_master | ||||
| 		} | ||||
| 	} | ||||
|  | ||||
| 	function get_parents($parent_id, $left_id, $right_id) | ||||
| 	function get_parents($parent_id, $left_id, $right_id, &$all_parents) | ||||
| 	{ | ||||
| 		global $db; | ||||
|  | ||||
| @@ -344,19 +354,18 @@ class p_master | ||||
|  | ||||
| 		if ($parent_id > 0) | ||||
| 		{ | ||||
| 			$sql = 'SELECT module_id, parent_id | ||||
| 				FROM ' . MODULES_TABLE . ' | ||||
| 				WHERE left_id < ' . $left_id . ' | ||||
| 					AND right_id > ' . $right_id . ' | ||||
| 				ORDER BY left_id ASC'; | ||||
| 			$result = $db->sql_query($sql); | ||||
|  | ||||
| 			$parents = array(); | ||||
| 			while ($row = $db->sql_fetchrow($result)) | ||||
| 			foreach ($all_parents as $module_id => $row) | ||||
| 			{ | ||||
| 				$parents[$row['module_id']] = $row['parent_id']; | ||||
| 				if ($row['left_id'] < $left_id && $row['right_id'] > $right_id) | ||||
| 				{ | ||||
| 					$parents[$module_id] = $row['parent_id']; | ||||
| 				} | ||||
|  | ||||
| 				if ($row['left_id'] > $left_id) | ||||
| 				{ | ||||
| 					break; | ||||
| 				} | ||||
| 			} | ||||
| 			$db->sql_freeresult($result);		 | ||||
| 		} | ||||
|  | ||||
| 		return $parents; | ||||
|   | ||||
| @@ -30,12 +30,14 @@ if (empty($lang) || !is_array($lang)) | ||||
|  | ||||
| // Common | ||||
| $lang = array_merge($lang, array( | ||||
| 	'ACP_ADMINISTRATORS'		=> 'Administrators', | ||||
| 	'ACP_ADMIN_LOGS'			=> 'Admin Log', | ||||
| 	'ACP_ATTACHMENTS'			=> 'Attachments', | ||||
| 	'ACP_ATTACHMENT_SETTINGS'	=> 'Attachment Settings', | ||||
| 	'ACP_AUTH_SETTINGS'			=> 'Authentication', | ||||
| 	'ACP_AUTOMATION'			=> 'Automation', | ||||
| 	'ACP_AVATAR_SETTINGS'		=> 'Avatar Settings', | ||||
|  | ||||
| 	'ACP_BAN'					=> 'Banning', | ||||
| 	'ACP_BAN_EMAILS'			=> 'Ban Emails', | ||||
| 	'ACP_BAN_IPS'				=> 'Ban IPs', | ||||
| @@ -45,6 +47,7 @@ $lang = array_merge($lang, array( | ||||
| 	'ACP_BOARD_MANAGEMENT'		=> 'Board Management', | ||||
| 	'ACP_BOARD_SETTINGS'		=> 'Board Settings', | ||||
| 	'ACP_BOTS'					=> 'Spiders/Robots', | ||||
| 	 | ||||
| 	'ACP_CAT_DATABASE'			=> 'Database', | ||||
| 	'ACP_CAT_DOT_MODS'			=> '.Mods', | ||||
| 	'ACP_CAT_FORUMS'			=> 'Forums', | ||||
| @@ -60,26 +63,39 @@ $lang = array_merge($lang, array( | ||||
| 	'ACP_COOKIE_SETTINGS'		=> 'Cookie Settings', | ||||
| 	'ACP_CRITICAL_LOGS'			=> 'Error Log', | ||||
| 	'ACP_CUSTOM_PROFILE_FIELDS'	=> 'Custom Profile Fields', | ||||
| 	 | ||||
| 	'ACP_DISALLOW'				=> 'Disallow', | ||||
| 	'ACP_DISALLOW_USERNAMES'	=> 'Disallow Usernames', | ||||
| 	 | ||||
| 	'ACP_EMAIL_SETTINGS'		=> 'Email Settings', | ||||
| 	'ACP_EXTENSION_GROUPS'		=> 'Manage Extension Groups', | ||||
| 	 | ||||
| 	'ACP_FORUM_LOGS'			=> 'Forum Logs', | ||||
| 	'ACP_FORUM_MANAGEMENT'		=> 'Forum Management', | ||||
| 	'ACP_FORUM_MODERATORS'		=> 'Forum Moderators', | ||||
| 	'ACP_FORUM_PERMISSIONS'		=> 'Forum Permissions', | ||||
|  | ||||
| 	'ACP_GENERAL_CONFIGURATION'		=> 'General Configuration', | ||||
| 	'ACP_GENERAL_TASKS'				=> 'General Tasks', | ||||
| 	'ACP_GLOBAL_MODERATORS'			=> 'Global Moderators', | ||||
| 	'ACP_GROUPS'					=> 'Groups', | ||||
| 	'ACP_GROUPS_FORUM_PERMISSIONS'	=> 'Groups Forum Permissions', | ||||
| 	'ACP_GROUPS_MANAGE'				=> 'Manage Groups', | ||||
| 	'ACP_GROUPS_MANAGEMENT'			=> 'Group Management', | ||||
| 	'ACP_GROUPS_PERMISSIONS'		=> 'Groups Permissions', | ||||
| 	 | ||||
| 	'ACP_ICONS'					=> 'Topic Icons', | ||||
| 	'ACP_ICONS_SMILIES'			=> 'Topic Icons/Smilies', | ||||
| 	'ACP_IMAGESETS'				=> 'Imagesets', | ||||
| 	'ACP_INDEX'					=> 'Admin index', | ||||
| 	 | ||||
| 	'ACP_JABBER_SETTINGS'		=> 'Jabber Settings', | ||||
| 	 | ||||
| 	'ACP_LANGUAGE'				=> 'Language Management', | ||||
| 	'ACP_LANGUAGE_PACKS'		=> 'Language Packs', | ||||
| 	'ACP_LOAD_SETTINGS'			=> 'Load Settings', | ||||
| 	'ACP_LOGGING'				=> 'Logging', | ||||
| 	 | ||||
| 	'ACP_MAIN'					=> 'Admin index', | ||||
| 	'ACP_MANAGE_EXTENSIONS'		=> 'Manage Extensions', | ||||
| 	'ACP_MANAGE_FORUMS'			=> 'Manage Forums', | ||||
| @@ -90,22 +106,31 @@ $lang = array_merge($lang, array( | ||||
| 	'ACP_MESSAGE_SETTINGS'		=> 'Message Settings', | ||||
| 	'ACP_MODULE_MANAGEMENT'		=> 'Module Management', | ||||
| 	'ACP_MOD_LOGS'				=> 'Moderator Log', | ||||
| 	 | ||||
| 	'ACP_ORPHAN_ATTACHMENTS'	=> 'Orphan Attachments', | ||||
| 	 | ||||
| 	'ACP_PERMISSION_MASKS'		=> 'Permission Masks', | ||||
| 	'ACP_PERMISSION_SETTINGS'	=> 'Permission Settings', | ||||
| 	'ACP_PHP_INFO'				=> 'PHP Information', | ||||
| 	'ACP_PRUNE_FORUMS'			=> 'Prune Forums', | ||||
| 	'ACP_PRUNE_USERS'			=> 'Prune Users', | ||||
| 	'ACP_PRUNING'				=> 'Pruning', | ||||
| 	 | ||||
| 	'ACP_RANKS'					=> 'Ranks', | ||||
| 	 | ||||
| 	'ACP_SERVER_CONFIGURATION'	=> 'Server Configuration', | ||||
| 	'ACP_SERVER_SETTINGS'		=> 'Server Settings', | ||||
| 	'ACP_SMILIES'				=> 'Smilies', | ||||
| 	'ACP_STYLE_COMPONENTS'		=> 'Style Components', | ||||
| 	'ACP_STYLE_MANAGEMENT'		=> 'Style Management', | ||||
| 	'ACP_STYLES'				=> 'Styles', | ||||
| 	 | ||||
| 	'ACP_TEMPLATES'				=> 'Templates', | ||||
| 	'ACP_THEMES'				=> 'Themes', | ||||
| 	 | ||||
| 	'ACP_UPDATE'					=> 'Updating', | ||||
| 	'ACP_USERS_FORUM_PERMISSIONS'	=> 'Users Forum Permissions', | ||||
| 	'ACP_USERS_PERMISSIONS'			=> 'Users Permissions', | ||||
| 	'ACP_USER_ATTACH'				=> 'Attachments', | ||||
| 	'ACP_USER_AVATAR'				=> 'Avatar', | ||||
| 	'ACP_USER_FEEDBACK'				=> 'Feedback', | ||||
| @@ -118,7 +143,14 @@ $lang = array_merge($lang, array( | ||||
| 	'ACP_USER_RANK'					=> 'Rank', | ||||
| 	'ACP_USER_SECURITY'				=> 'User Security', | ||||
| 	'ACP_USER_SIG'					=> 'Signature', | ||||
|  | ||||
| 	'ACP_VERSION_CHECK'					=> 'Check for Updates', | ||||
| 	'ACP_VIEW_ADMIN_PERMISSIONS'		=> 'View Admin Permissions', | ||||
| 	'ACP_VIEW_FORUM_MOD_PERMISSIONS'	=> 'View Forum Moderator Permissions', | ||||
| 	'ACP_VIEW_FORUM_PERMISSIONS'		=> 'View Forum Permissions', | ||||
| 	'ACP_VIEW_GLOBAL_MOD_PERMISSIONS'	=> 'View Global Moderator Permissions', | ||||
| 	'ACP_VIEW_USER_PERMISSIONS'			=> 'View User Permissions', | ||||
| 	 | ||||
| 	'ACP_WORDS'					=> 'Word Censoring', | ||||
|  | ||||
| 	'ACTION'				=> 'Action', | ||||
| @@ -152,6 +184,7 @@ $lang = array_merge($lang, array( | ||||
|  | ||||
| 	'GENERAL_OPTIONS'		=> 'General Options', | ||||
| 	'GENERAL_SETTINGS'		=> 'General Settings', | ||||
| 	'GLOBAL_MASK'			=> 'Global Permission Mask', | ||||
|  | ||||
| 	'INSTALL'				=> 'Install', | ||||
| 	'IP'					=> 'User IP', | ||||
| @@ -256,6 +289,30 @@ $lang = array_merge($lang, array( | ||||
|  | ||||
| // Log | ||||
| $lang = array_merge($lang, array( | ||||
| 	'LOG_ACL_ADD_USER_GLOBAL_U_'		=> '<b>Added or edited users user permissions</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_GROUP_GLOBAL_U_'		=> '<b>Added or edited groups user permissions</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_USER_GLOBAL_M_'		=> '<b>Added or edited users global moderator permissions</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_GROUP_GLOBAL_M_'		=> '<b>Added or edited groups global moderator permissions</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_USER_GLOBAL_A_'		=> '<b>Added or edited users admin permissions</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_GROUP_GLOBAL_A_'		=> '<b>Added or edited groups admin permissions</b><br />» %s', | ||||
|  | ||||
| 	'LOG_ACL_ADD_ADMIN_GLOBAL_A_'		=> '<b>Added or edited Administrators</b><br />» %s', | ||||
| 	'LOG_ACL_ADD_MOD_GLOBAL_M_'			=> '<b>Added or edited Global Moderators</b><br />» %s', | ||||
|  | ||||
| 	'LOG_ACL_ADD_USER_LOCAL_F_'			=> '<b>Added or edited users forum access</b> from %s<br />» %s', | ||||
| 	'LOG_ACL_ADD_USER_LOCAL_M_'			=> '<b>Added or edited users forum moderator access</b> from %s<br />» %s', | ||||
| 	'LOG_ACL_ADD_GROUP_LOCAL_F_'		=> '<b>Added or edited groups forum access</b> from %s<br />» %s', | ||||
| 	'LOG_ACL_ADD_GROUP_LOCAL_M_'		=> '<b>Added or edited groups forum moderator access</b> from %s<br />» %s', | ||||
|  | ||||
| 	'LOG_ACL_ADD_MOD_LOCAL_M_'			=> '<b>Added or edited Moderators</b> from %s<br />» %s', | ||||
| 	'LOG_ACL_ADD_FORUM_LOCAL_F_'		=> '<b>Added or edited Forum Permissions</b> from %s<br />» %s', | ||||
|  | ||||
| 	'LOG_ACL_DEL_ADMIN_GLOBAL_A_'		=> '<b>Removed Administrators</b><br />» %s', | ||||
| 	'LOG_ACL_DEL_MOD_GLOBAL_M_'			=> '<b>Removed Global Moderators</b><br />» %s', | ||||
| 	'LOG_ACL_DEL_MOD_LOCAL_M_'			=> '<b>Removed Moderators</b> from %s<br />» %s', | ||||
| 	'LOG_ACL_DEL_FORUM_LOCAL_F_'		=> '<b>Removed User/Group Forum Permissions</b> from %s<br />» %s', | ||||
|  | ||||
| 	 | ||||
| 	'LOG_ATTACH_EXT_ADD'		=> '<b>Added or edited attachment extension</b><br />» %s', | ||||
| 	'LOG_ATTACH_EXT_DEL'		=> '<b>Removed attachment extension</b><br />» %s', | ||||
| 	'LOG_ATTACH_EXT_UPDATE'		=> '<b>Updated attachment extension</b><br />» %s', | ||||
|   | ||||
		Reference in New Issue
	
	Block a user