Fixed bug 462914, and fixed totally fux0red groups admin panel.

git-svn-id: file:///svn/phpbb/trunk@1158 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-16 22:51:23 +02:00 · 2001-10-10 18:06:28 +00:00
parent 61288e89d9
commit d37f5611fb
3 changed files with 20 additions and 8 deletions
--- a/phpBB/admin/admin_groups.php
+++ b/phpBB/admin/admin_groups.php
@@ -52,14 +52,16 @@ else if( $userdata['user_level'] != ADMIN )
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }

-if( (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) && empty($HTTP_POST_VARS['updategroup']))
+$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : ((isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "");
+
+if($mode && empty($HTTP_POST_VARS['updategroup']))
 {

 	//
 	// Ok they are editing a group or creating a new group
 	//
 	include("page_header_admin." . $phpEx);
-	if ( $HTTP_POST_VARS['mode'] == "editgroup" )
+	if ( $mode == "editgroup" )
 	{
 		//
 		// They're editing. Grab the vars.
@@ -78,7 +80,7 @@ if( (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) && empty($
 		}
 		$group_info = $db->sql_fetchrow($result);
 	}
-	else if ( $HTTP_GET_VARS['mode'] == "newgroup" )
+	else if ($mode == "newgroup")
 	{
 		$group_info = array (
 			"group_name" => "",
@@ -146,18 +148,24 @@ if( (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) && empty($
 	);
 	$template->pparse('body');
 }
-else if( $HTTP_POST_VARS['updategroup'] == "update" )
+else if($mode && $HTTP_POST_VARS['updategroup'] == "update" )
 {
 	//
 	// Ok, they are submitting a group, let's save the data based on if it's new or editing
 	//
-	if( isset($deletegroup) )
+	if( isset($HTTP_POST_VARS['deletegroup']) )
 	{
 		$sql = "DELETE FROM " . GROUPS_TABLE . "
 			WHERE group_id = " . $group_id;
 	}
 	else
 	{
+		$group_type = isset($HTTP_POST_VARS['group_type']) ? $HTTP_POST_VARS['group_type'] : "";
+		$group_name = isset($HTTP_POST_VARS['group_name']) ? $HTTP_POST_VARS['group_name'] : "";
+		$group_description = isset($HTTP_POST_VARS['group_description']) ? $HTTP_POST_VARS['group_description'] : "";
+		$group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? $HTTP_POST_VARS['group_moderator'] : "";
+		$group_id = isset($HTTP_POST_VARS['group_id']) ? $HTTP_POST_VARS['group_id'] : "";
+		
 		switch($mode)
 		{
 			case 'editgroup':
--- a/phpBB/groupcp.php
+++ b/phpBB/groupcp.php
@@ -610,9 +610,10 @@ else if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GR
 	// We've displayed the members who belong to the group, now we do that pending memebers... There's probably a better way of doing this..
 	$sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm
 		FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
-		WHERE g.group_moderator = " . $userdata['user_id'] . "
-			AND	ug.group_id = g.group_id
+		WHERE ug.group_id = $group_id
+			AND g.group_id = ug.group_id
 			AND ug.user_pending = 1
+			AND g.group_moderator = " . $userdata['user_id'] . "
 			AND u.user_id = ug.user_id
 		ORDER BY u.user_regdate";
 	if(!$result = $db->sql_query($sql))
@@ -624,7 +625,7 @@ else if( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GR
 		$modgroup_pending_list = $db->sql_fetchrowset($result);
 	}
 	//
-	// Users pending in groups moderated by this user
+	// Users pending in ONLY THIS GROUP (which is moderated by this user)
 	//
 	if($modgroup_pending_count)
 	{
--- a/phpBB/templates/subSilver/admin/group_edit_body.tpl
+++ b/phpBB/templates/subSilver/admin/group_edit_body.tpl
@@ -48,4 +48,7 @@
 		</span></td>
 	</tr>
  </table>
+  <input type="hidden" name="mode" value="{S_GROUP_MODE}" />
+  <input type="hidden" name="updategroup" value="update" />
+  <input type="hidden" name="group_id" value="{GROUP_ID}" />
 </form>