From c13f96f1004fc0be6955517a3b45546698d20886 Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" <psotfx@users.sourceforge.net> Date: Mon, 27 Jan 2003 15:29:06 +0000 Subject: [PATCH] Add user and group permission setup ... time for a cleanup here me thinks git-svn-id: file:///svn/phpbb/trunk@3363 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/admin_permissions.php | 697 +++++++++++++++++++----------- 1 file changed, 451 insertions(+), 246 deletions(-) diff --git a/phpBB/admin/admin_permissions.php b/phpBB/admin/admin_permissions.php index 8d13d151a1..3243574039 100644 --- a/phpBB/admin/admin_permissions.php +++ b/phpBB/admin/admin_permissions.php @@ -26,6 +26,8 @@ if (!empty($setmodules)) $module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=moderators' : ''; $module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=supermoderators' : ''; $module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&mode=administrators' : ''; + $module['Users']['PERMISSIONS'] = ($auth->acl_get('a_authusers')) ? $filename . $SID . '&mode=users' : ''; + $module['Groups']['PERMISSIONS'] = ($auth->acl_get('a_authgroups')) ? $filename . $SID . '&mode=groups' : ''; return; } @@ -39,18 +41,19 @@ require('pagestart.' . $phpEx); require_once($phpbb_root_path . 'includes/functions_admin.'.$phpEx); // Define some vars +$forum_id = 0; +$forum_sql = ''; if (isset($_REQUEST['f'])) { $forum_id = intval($_REQUEST['f']); $forum_sql = " WHERE forum_id = $forum_id"; } -else -{ - $forum_id = 0; - $forum_sql = ''; -} $mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; +$username = (isset($_REQUEST['username'])) ? $_REQUEST['username'] : ''; +$group_id = (isset($_REQUEST['g'])) ? intval($_REQUEST['g']) : ''; + + // Start program proper switch ($mode) @@ -82,6 +85,21 @@ switch ($mode) $which_acl = 'a_authadmins'; $type_sql = 'a'; break; + + case 'users': + $l_title = $user->lang['USER_PERMISSIONS']; + $l_title_explain = $user->lang['USER_PERMISSIONS_EXPLAIN']; + $which_acl = 'a_authusers'; + $type_sql = 'u'; + break; + + case 'groups': + $l_title = $user->lang['GROUP_PERMISSIONS']; + $l_title_explain = $user->lang['GROUP_PERMISSIONS_EXPLAIN']; + $which_acl = 'a_authgroups'; + $type_sql = 'u'; + break; + } // Permission check @@ -90,114 +108,151 @@ if (!$auth->acl_get($which_acl)) trigger_error($user->lang['NO_ADMIN']); } + + + // Call update or delete, both can take multiple user/group // ids. Additionally inheritance is handled (by the auth API) -if (isset($_POST['update'])) +switch ($_POST['runas']) { - $auth_admin = new auth_admin(); - - // Admin wants subforums to inherit permissions ... so handle this - if (!empty($_POST['inherit'])) - { - array_push($_POST['inherit'], $forum_id); - $forum_id = $_POST['inherit']; - } - - foreach ($_POST['entries'] as $id) - { - $auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']); - } - - cache_moderators(); - - trigger_error('Permissions updated successfully'); -} -else if (isset($_POST['delete'])) -{ - $auth_admin = new auth_admin(); - - $option_ids = false; - if (!empty($_POST['option'])) - { - $sql = "SELECT auth_option_id - FROM " . ACL_OPTIONS_TABLE . " - WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; - $result = $db->sql_query($sql); - - if ($row = $db->sql_fetchrow($result)) + case 'now': + if (isset($_POST['update'])) { - $option_ids = array(); - do + $auth_admin = new auth_admin(); + + // Admin wants subforums to inherit permissions ... so handle this + if (!empty($_POST['inherit'])) { - $option_ids[] = $row['auth_option_id']; + array_push($_POST['inherit'], $forum_id); + $forum_id = $_POST['inherit']; } - while($row = $db->sql_fetchrow($result)); + + foreach ($_POST['entries'] as $id) + { + $auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']); + } + + cache_moderators(); + + trigger_error('Permissions updated successfully'); } - $db->sql_freeresult($result); - } - - foreach ($_POST['entries'] as $id) - { - $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids); - } - - cache_moderators(); - - trigger_error('Permissions updated successfully'); -} -else if (isset($_POST['presetsave'])) -{ - $holding_ary = array(); - foreach ($_POST['option'] as $acl_option => $allow_deny) - { - switch ($allow_deny) + else if (isset($_POST['delete'])) { - case ACL_ALLOW: - $holding_ary['allow'][] = $acl_option; - break; - case ACL_DENY: - $holding_ary['deny'][] = $acl_option; - break; - case ACL_INHERIT: - $holding_ary['inherit'][] = $acl_option; - break; + $auth_admin = new auth_admin(); + + $option_ids = false; + if (!empty($_POST['option'])) + { + $sql = "SELECT auth_option_id + FROM " . ACL_OPTIONS_TABLE . " + WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; + $result = $db->sql_query($sql); + + if ($row = $db->sql_fetchrow($result)) + { + $option_ids = array(); + do + { + $option_ids[] = $row['auth_option_id']; + } + while($row = $db->sql_fetchrow($result)); + } + $db->sql_freeresult($result); + } + + foreach ($_POST['entries'] as $id) + { + $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids); + } + + cache_moderators(); + + trigger_error('Permissions updated successfully'); } - } + else if (isset($_POST['presetsave'])) + { + $holding_ary = array(); + foreach ($_POST['option'] as $acl_option => $allow_deny) + { + switch ($allow_deny) + { + case ACL_ALLOW: + $holding_ary['allow'][] = $acl_option; + break; + case ACL_DENY: + $holding_ary['deny'][] = $acl_option; + break; + case ACL_INHERIT: + $holding_ary['inherit'][] = $acl_option; + break; + } + } - $sql = array( - 'preset_user_id' => $user->data['user_id'], - 'preset_type' => $type_sql, - 'preset_data' => $db->sql_escape(serialize($holding_ary)) - ); + $sql = array( + 'preset_user_id' => $user->data['user_id'], + 'preset_type' => $type_sql, + 'preset_data' => $db->sql_escape(serialize($holding_ary)) + ); - if (!empty($_POST['presetname'])) - { - $sql['preset_name'] = $db->sql_escape($_POST['presetname']); - } - - if (!empty($_POST['presetname']) || $_POST['presetoption'] != -1) - { - $sql = ($_POST['presetoption'] == -1) ? 'INSERT INTO ' . ACL_PRESETS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql) : 'UPDATE ' . ACL_PRESETS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql) . ' WHERE preset_id =' . $_POST['presetoption']; - $db->sql_query($sql); - } -} -else if (isset($_POST['presetdel'])) -{ - if (!empty($_POST['presetoption'])) - { - $sql = "DELETE FROM " . ACL_PRESETS_TABLE . " - WHERE preset_id = " . intval($_POST['presetoption']); - $db->sql_query($sql); - } + if (!empty($_POST['presetname'])) + { + $sql['preset_name'] = $db->sql_escape($_POST['presetname']); + } + + if (!empty($_POST['presetname']) || $_POST['presetoption'] != -1) + { + $sql = ($_POST['presetoption'] == -1) ? 'INSERT INTO ' . ACL_PRESETS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql) : 'UPDATE ' . ACL_PRESETS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql) . ' WHERE preset_id =' . $_POST['presetoption']; + $db->sql_query($sql); + } + } + else if (isset($_POST['presetdel'])) + { + if (!empty($_POST['presetoption'])) + { + $sql = "DELETE FROM " . ACL_PRESETS_TABLE . " + WHERE preset_id = " . intval($_POST['presetoption']); + $db->sql_query($sql); + } + } + break; + + case 'evt': + if (isset($_POST['submit'])) + { + // user_ids are returned in user_id_ary, a simple array + $evt_code = "\$auth_admin = new auth_admin(); if (!empty(\$evt_inherit)){ array_push(\$evt_inherit, intval(\$evt_f)); } foreach (\$user_id_ary as \$id) { \$auth_admin->acl_set('user', \$evt_inherit, intval(\$id), \$evt_option); } cache_moderators();"; + + // event_code, type (user or group), id's (of users/groups), ... other data ... + event_create($evt_code, $_POST['type'], $_POST['entries'], array('mode' => $_POST['mode']), array('f' => $_POST['forum_id']), array('entries' => $_POST['entries']), array('inherit' => $_POST['inherit']), array('type' => $_POST['type']), array('option' => $_POST['option'])); + } + + // form submit page, ... associative data ... + event_define('admin_permissions', array('mode' => $mode), array('forum_id' => $forum_id), array('inherit' => $_POST['inherit']), array('entries' => $_POST['entries']), array('type' => $_POST['type']), array('option' => $_POST['option'])); + break; + + case 'crn': + break; } + + + + + + + + // Get required information, either all forums if no id was // specified or just the requsted if it was -if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators') +if (!empty($forum_id) || !empty($group_id) || !empty($username) || + $mode == 'administrators' || $mode == 'supermoderators') { // Clear some vars, grab some info if relevant ... $s_hidden_fields = ''; + + + if (!empty($forum_id)) { $sql = "SELECT forum_name, parent_id @@ -210,6 +265,41 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' $l_title .= ' : <i>' . $forum_info['forum_name'] . '</i>'; } + else if (!empty($username)) + { + $sql = "SELECT user_id + FROM " . USERS_TABLE . " + WHERE username = '$username'"; + $result = $db->sql_query($sql); + + if (!($row = $db->sql_fetchrow($result))) + { + trigger_error($user->lang['No_such_user']); + } + $db->sql_freeresult($result); + + $entries = array($row['user_id']); + $l_title .= ' : <i>' . $username . '</i>'; + } + else if (!empty($group_id)) + { + $sql = "SELECT group_name + FROM " . GROUPS_TABLE . " + WHERE group_id = $group_id"; + $result = $db->sql_query($sql); + + if (!($row = $db->sql_fetchrow($result))) + { + trigger_error($user->lang['No_such_group']); + } + $db->sql_freeresult($result); + + $entries = array($group_id); + $l_title .= ' : <i>' . $row['group_name'] . '</i>'; + } + + + // Generate header page_header($l_title); @@ -220,149 +310,29 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' <?php + + + switch ($mode) { case 'forums': - $forum_sql = "AND a.forum_id = $forum_id"; - break; - case 'moderators': $forum_sql = "AND a.forum_id = $forum_id"; break; case 'supermoderators': - $forum_sql = 'AND a.forum_id = 0'; - break; - case 'administrators': + case 'users': + case 'groups': $forum_sql = 'AND a.forum_id = 0'; break; } - $sql = "SELECT group_id, group_name - FROM " . GROUPS_TABLE . " - ORDER BY group_type DESC, group_name"; - $result = $db->sql_query($sql); - $group_list = ''; - while ($row = $db->sql_fetchrow($result)) + + + if (!empty($entries)) { - $group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; - } - $db->sql_freeresult($result); - - if (empty($_POST['advanced']) || empty($_POST['entries'])) - { - -?> - -<p><?php echo $l_title_explain; ?></p> - -<table width="100%" cellspacing="0" cellpadding="0" border="0"> - <tr> - <td align="center"><h1><?php echo $user->lang['Users']; ?></h1></td> - <td align="center"><h1><?php echo $user->lang['Groups']; ?></h1></td> - </tr> - <tr> - - <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> -<?php - - $sql = "SELECT DISTINCT u.user_id, u.username - FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o - WHERE o.auth_value LIKE '" . $type_sql . "_%' - AND a.auth_option_id = o.auth_option_id - $forum_sql - AND u.user_id = a.user_id - ORDER BY u.username, u.user_regdate ASC"; - $result = $db->sql_query($sql); - - $users = ''; - while ($row = $db->sql_fetchrow($result)) - { - $users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>'; - } - $db->sql_freeresult($result); - -?> - <tr> - <th><?php echo $user->lang['Manage_users']; ?></th> - </tr> - <tr> - <td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $users; ?></select></td> - </tr> - <tr> - <td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $user->lang['Remove_selected']; ?>" /> <input class="liteoption" type="submit" name="advanced" value="<?php echo $user->lang['Advanced']; ?>" /><input type="hidden" name="type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="option" value="<?php echo $type_sql; ?>" /></td> - </tr> - </table></form></td> - - <td align="center"><form method="post" name="admingroups" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> -<?php - - $sql = "SELECT DISTINCT g.group_id, g.group_name - FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o - WHERE o.auth_value LIKE '" . $type_sql . "_%' - $forum_sql - AND a.auth_option_id = o.auth_option_id - AND g.group_id = a.group_id - ORDER BY g.group_type DESC, g.group_name ASC"; - $result = $db->sql_query($sql); - - $groups = ''; - while ($row = $db->sql_fetchrow($result)) - { - $groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; - } - $db->sql_freeresult($result); - -?> - <tr> - <th><?php echo $user->lang['Manage_groups']; ?></th> - </tr> - <tr> - <td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $groups; ?></select></td> - </tr> - <tr> - <td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $user->lang['Remove_selected']; ?>" /> <input class="liteoption" type="submit" name="advanced" value="<?php echo $user->lang['Advanced']; ?>" /><input type="hidden" name="type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="option" value="<?php echo $type_sql; ?>" /></td> - </tr> - </table></form></td> - - </tr> - <tr> - - <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="90%" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> - <th><?php echo $user->lang['Add_users']; ?></th> - </tr> - <tr> - <td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td> - </tr> - <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../memberlist.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> - </tr> - </table></form></td> - - <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> - <tr> - <th><?php echo $user->lang['Add_groups']; ?></th> - </tr> - <tr> - <td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td> - </tr> - <tr> - <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> - </tr> - </table></form></td> - - </tr> -</table> - -<?php - - } - else - { - // Founder only operations ... these operations can // only be altered by someone with founder status $founder_sql = (!$userdata['user_founder']) ? ' AND founder_only <> 1' : ''; @@ -383,47 +353,71 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' if ($_POST['type'] == 'user' && !empty($_POST['new'])) { - $_POST['entries'] = explode("\n", $_POST['entries']); + $entries = explode("\n", $entries); } $where_sql = ''; - foreach ($_POST['entries'] as $value) + foreach ($entries as $value) { $where_sql .= (($where_sql != '') ? ', ' : '') . (($_POST['type'] == 'user' && !empty($_POST['new'])) ? '\'' . $value . '\'' : intval($value)); } + $ug = '';; + $ug_hidden = ''; + $auth_values = array(); + switch ($_POST['type']) { case 'group': $l_type = 'Group'; - $sql = (empty($_POST['new'])) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC"; + $sql = "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC"; break; case 'user': $l_type = 'User'; - $sql = (empty($_POST['new'])) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; - break; + $sql = "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC"; break; } - $result = $db->sql_query($sql); - $ug = '';; - $ug_hidden = ''; - $auth = array(); - while ($row = $db->sql_fetchrow($result)) + if ($row = $db->sql_fetchrow($result)) { - $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; - $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; + do + { + $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; + $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; - $ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />'; - $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; + $ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />'; + $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; - $auth[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; + $auth_values[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; + } + while ($row = $db->sql_fetchrow($result)); + } + else + { + $db->sql_freeresult($result); + + $sql = ($_POST['type'] == 'group') ? "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; + $result = $db->sql_query($sql); + + while ($row = $db->sql_fetchrow($result)) + { + $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; + $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; + + $ug_test = '<input type="hidden" name="entries[]" value="' . $row['id'] . '" />'; + $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; + + $auth_values[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; + } } $db->sql_freeresult($result); + + + // Now we'll build a list of preset options ... $preset_options = $preset_js = $preset_update_options = ''; $holding = array(); @@ -504,6 +498,8 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' } unset($holding); + + ?> <script language="Javascript" type="text/javascript"> @@ -609,9 +605,9 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' } else { - $allow_type = ($auth[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; - $deny_type = ($auth[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; - $inherit_type = ($auth[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; + $allow_type = ($auth_values[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; + $deny_type = ($auth_values[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; + $inherit_type = ($auth_values[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; } ?> @@ -663,6 +659,39 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' } } + if ($auth->acl_gets('a_events', 'a_cron')) + { + $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; + +?> + <tr> + <th colspan="4"><?php echo $user->lang['RUN_HOW']; ?></th> + </tr> + <tr> + <td class="<?php echo $row_class; ?>" colspan="4" align="center"><input type="radio" name="runas" value="now" checked="checked" /> <?php echo $user->lang['RUN_AS_NOW']; ?><?php + + if ($auth->acl_get('a_events')) + { + +?> <input type="radio" name="runas" value="evt" /> <?php + + echo $user->lang['RUN_AS_EVT']; + } + if ($auth->acl_get('a_cron')) + { + +?> <input type="radio" name="runas" value="crn" /> <?php + + echo $user->lang['RUN_AS_CRN']; + + } + +?></td> + </tr> +<?php + + } + ?> <tr> <td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" /> <input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td> @@ -703,15 +732,138 @@ if (!empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators' <?php + page_footer(); } + + + +?> + +<p><?php echo $l_title_explain; ?></p> + +<table width="100%" cellspacing="0" cellpadding="0" border="0"> + <tr> + <td align="center"><h1><?php echo $user->lang['Users']; ?></h1></td> + <td align="center"><h1><?php echo $user->lang['Groups']; ?></h1></td> + </tr> + <tr> + + <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> +<?php + + $sql = "SELECT DISTINCT u.user_id, u.username + FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o + WHERE o.auth_value LIKE '" . $type_sql . "_%' + AND a.auth_option_id = o.auth_option_id + $forum_sql + AND u.user_id = a.user_id + ORDER BY u.username, u.user_regdate ASC"; + $result = $db->sql_query($sql); + + $users = ''; + while ($row = $db->sql_fetchrow($result)) + { + $users .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>'; + } + $db->sql_freeresult($result); + +?> + <tr> + <th><?php echo $user->lang['Manage_users']; ?></th> + </tr> + <tr> + <td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $users; ?></select></td> + </tr> + <tr> + <td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $user->lang['Remove_selected']; ?>" /> <input class="liteoption" type="submit" name="advanced" value="<?php echo $user->lang['Advanced']; ?>" /><input type="hidden" name="type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="option" value="<?php echo $type_sql; ?>" /></td> + </tr> + </table></form></td> + + <td align="center"><form method="post" name="admingroups" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> +<?php + + $sql = "SELECT DISTINCT g.group_id, g.group_name + FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o + WHERE o.auth_value LIKE '" . $type_sql . "_%' + $forum_sql + AND a.auth_option_id = o.auth_option_id + AND g.group_id = a.group_id + ORDER BY g.group_type DESC, g.group_name ASC"; + $result = $db->sql_query($sql); + + $groups = ''; + while ($row = $db->sql_fetchrow($result)) + { + $groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + } + $db->sql_freeresult($result); + + $sql = "SELECT group_id, group_name + FROM " . GROUPS_TABLE . " + ORDER BY group_type DESC, group_name"; + $result = $db->sql_query($sql); + + $group_list = ''; + while ($row = $db->sql_fetchrow($result)) + { + $group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>'; + } + $db->sql_freeresult($result); + +?> + <tr> + <th><?php echo $user->lang['Manage_groups']; ?></th> + </tr> + <tr> + <td class="row1" align="center"><select style="width:280px" name="entries[]" multiple="multiple" size="5"><?php echo $groups; ?></select></td> + </tr> + <tr> + <td class="cat" align="center"><input class="liteoption" type="submit" name="delete" value="<?php echo $user->lang['Remove_selected']; ?>" /> <input class="liteoption" type="submit" name="advanced" value="<?php echo $user->lang['Advanced']; ?>" /><input type="hidden" name="type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="option" value="<?php echo $type_sql; ?>" /></td> + </tr> + </table></form></td> + + </tr> + <tr> + + <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table class="bg" width="90%" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th><?php echo $user->lang['Add_users']; ?></th> + </tr> + <tr> + <td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td> + </tr> + <tr> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../memberlist.$phpEx$SID"; ?>&mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + </tr> + </table></form></td> + + <td><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table width="90%" class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> + <tr> + <th><?php echo $user->lang['Add_groups']; ?></th> + </tr> + <tr> + <td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td> + </tr> + <tr> + <td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /> <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td> + </tr> + </table></form></td> + + </tr> +</table> + +<?php + + page_footer(); + } -else -{ - $select_list = make_forum_select(false, false, false); - page_header($l_title); + + +// Output appropriate front end page; forums, user or group selector +page_header($l_title); ?> @@ -720,18 +872,71 @@ else <p><?php echo $l_title_explain ?></p> <form method="post" action="<?php echo "admin_permissions.$phpEx$SID&mode=$mode"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center"> +<?php + +// Mode specific markup +switch ($mode) +{ + case 'forums': + case 'moderators': + $select_list = make_forum_select(false, false, false); + +?> <tr> <th align="center"><?php echo $user->lang['Select_a_Forum']; ?></th> </tr> <tr> <td class="row1" align="center"> <select name="f"><?php echo $select_list; ?></select> <input type="submit" value="<?php echo $user->lang['Look_up_Forum']; ?>" class="mainoption" /> </td> </tr> +<?php + + break; + + case 'users': +?> + <tr> + <th align="center"><?php echo $user->lang['Select_a_User']; ?></th> + </tr> + <tr> + <td class="row1" align="center"><input type="text" class="post" name="username" maxlength="50" size="20" /> <input type="submit" name="submituser" value="<?php echo $user->lang['Look_up_user']; ?>" class="mainoption" /> <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onClick="window.open('<?php echo "../memberlist.$phpEx$SID&mode=searchuser&field=username"; ?>', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="type" value="user" /></td> + </tr> +<?php + break; + + case 'groups': + $sql = "SELECT group_id, group_name + FROM " . GROUPS_TABLE . " + ORDER BY group_type DESC"; + $result = $db->sql_query($sql); + + $group_options = ''; + if ($row = $db->sql_fetchrow($result)) + { + do + { + $group_options .= (($group_options != '') ? ', ' : '') . '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; + } + while ($row = $db->sql_fetchrow($result)); + } + $db->sql_freeresult($result); + +?> + <tr> + <th align="center"><?php echo $user->lang['SELECT_A_GROUP']; ?></th> + </tr> + <tr> + <td class="row1" align="center"> <select name="g"><?php echo $group_options; ?></select> <input type="submit" value="<?php echo $user->lang['LOOK_UP_GROUP']; ?>" class="mainoption" /><input type="hidden" name="type" value="group" /> </td> + </tr> +<?php + break; + +} + +?> </table></form> <?php -} - page_footer(); ?> \ No newline at end of file