admin_groups.php

Revision 212, 15.9 kB (checked in by Nafania, 3 years ago)
--

Line
1	<?php
2	/***************************************************************************</span>
3	<span class="code-comment"> * admin_groups.php
4	* -------------------
5	* begin : Saturday, Feb 13, 2001
6	* copyright : (C) 2001 The phpBB Group
7	* email : support@phpbb.com
8	*
9	* $Id: admin_groups.php,v 1.25.2.9 2004/03/25 15:57:20 acydburn Exp $
10	*
11	*
12	***************************************************************************/
13
14	/***************************************************************************
15	*
16	* This program is free software; you can redistribute it and/or modify
17	* it under the terms of the GNU General Public License as published by
18	* the Free Software Foundation; either version 2 of the License, or
19	* (at your option) any later version.
20	*
21	***************************************************************************/
22
23	if ( !empty($setmodules) )</span>
24	<span class="code-keyword">{
25	$filename = basename(__FILE__);
26	$module['groups']['manage'] = $filename;
27
28	return;
29	}
30
31	define('IN_PHPBB', 1);
32
33	//</span>
34	<span class="code-comment">// Load default header
35	//
36	$root_path = './../';</span>
37	<span class="code-lang">require($root_path . 'extension.inc');
38	require('./pagestart.' . $phpEx);
39
40	if ( isset($_POST[POST_GROUPS_URL]) \|\| isset($_GET[POST_GROUPS_URL]) )
41	{
42	$group_id = ( isset($_POST[POST_GROUPS_URL]) ) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]);
43	}
44	else
45	{
46	$group_id = 0;
47	}
48
49	if ( isset($_POST['mode']) \|\| isset($_GET['mode']) )
50	{
51	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
52	$mode = htmlspecialchars($mode);
53	}
54	else
55	{
56	$mode = '';
57	}
58
59	if ( isset($_POST['edit']) \|\| isset($_POST['new']) )
60	{
61	//
62	// Ok they are editing a group or creating a new group
63	//
64	$template->set_filenames(array(
65	'body' => '../admin/group_edit_body.tpl')
66	);
67
68	if ( isset($_POST['edit']) )
69	{
70	//
71	// They're editing. Grab the vars.
72	//
73	$sql = "SELECT *
74	FROM " . GROUPS_TABLE . "
75	WHERE group_single_user <> " . TRUE . "
76	AND group_id = $group_id";
77	$result = $db->sql_query($sql);
78
79	if ( !($group_info = $db->sql_fetchrow($result)) )
80	{
81	trigger_error($lang['group_not_exist']);
82	return;
83	}
84
85	$mode = 'editgroup';
86	$template->assign_block_vars('group_edit', array());
87
88	}
89	else if ( isset($_POST['new']) )
90	{
91	$group_info = array (
92	'group_name' => '',
93	'group_description' => '',
94	'group_moderator' => '',
95	'group_type' => GROUP_OPEN);
96	$group_open = ' checked="checked"';
97
98	$mode = 'newgroup';
99
100	}
101
102	//
103	// Ok, now we know everything about them, let's show the page.
104	//
105	if ($group_info['group_moderator'] != '')
106	{
107	$sql = "SELECT uid, name AS username
108	FROM " . USERS_TABLE . "
109	WHERE uid = " . $group_info['group_moderator'];
110	$result = $db->sql_query($sql);
111
112	if ( !($row = $db->sql_fetchrow($result)) )
113	{
114	trigger_error('Could not obtain user info for moderator list');
115	}
116
117	$group_moderator = $row['username'];
118	}
119	else
120	{
121	$group_moderator = '';
122	}
123
124	$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
125	$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
126	$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
127
128	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
129
130	$template->assign_vars(array(
131	'GROUP_NAME' => $group_info['group_name'],
132	'GROUP_DESCRIPTION' => $group_info['group_description'],
133	'GROUP_MODERATOR' => $group_moderator,
134
135	'L_GROUP_TITLE' => $lang['group_administration'],
136	'L_GROUP_EDIT_DELETE' => ( isset($_POST['new']) ) ? $lang['new_group'] : $lang['edit_group'],
137	'L_GROUP_NAME' => $lang['group_name'],
138	'L_GROUP_DESCRIPTION' => $lang['group_description'],
139	'L_GROUP_MODERATOR' => $lang['group_moderator'],
140	'L_FIND_USERNAME' => $lang['find_username'],
141	'L_GROUP_STATUS' => $lang['group_status'],
142	'L_GROUP_OPEN' => $lang['group_open'],
143	'L_GROUP_CLOSED' => $lang['group_closed'],
144	'L_GROUP_HIDDEN' => $lang['group_hidden'],
145	'L_GROUP_DELETE' => $lang['group_delete'],
146	'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'],
147	'L_SUBMIT' => $lang['submit'],
148	'L_RESET' => $lang['reset'],
149	'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
150	'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
151	'L_YES' => $lang['yes'],
152
153	//'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"),
154	'U_SEARCH_USER' => append_sid($root_path . "phpbb2.php?page=search&mode=searchuser"),
155
156	'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
157	'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
158	'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
159	'S_GROUP_OPEN_CHECKED' => $group_open,
160	'S_GROUP_CLOSED_CHECKED' => $group_closed,
161	'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
162	'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
163	'S_HIDDEN_FIELDS' => $s_hidden_fields)
164	);
165
166	$template->display('body');
167
168	}
169	else if ( isset($_POST['group_update']) )
170	{
171	//
172	// Ok, they are submitting a group, let's save the data based on if it's new or editing
173	//
174	if ( isset($_POST['group_delete']) )
175	{
176	//
177	// Reset User Moderator Level
178	//
179
180	// Is Group moderating a forum ?
181	$sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . "
182	WHERE group_id = " . $group_id;
183	$result = $db->sql_query($sql);
184
185	$row = $db->sql_fetchrow($result);
186	if (intval($row['auth_mod']) == 1)
187	{
188	// Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums
189	$sql = "SELECT user_id FROM " . USER_GROUP_TABLE . "
190	WHERE group_id = " . $group_id;
191	$result = $db->sql_query($sql);
192
193	$rows = $db->sql_fetchrowset($result);
194	for ($i = 0; $i < sizeof($rows); $i++)
195	{
196	$sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
197	WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id)
198	AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")";
199	$result = $db->sql_query($sql);
200
201	if ( !$db->sql_fetchrow($result) )
202	{
203	$sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . "
204	WHERE user_level = " . MOD . " AND uid = " . intval($rows[$i]['user_id']);
205
206	$db->sql_query($sql);
207	}
208	}
209	}
210
211	//
212	// Delete Group
213	//
214	$sql = "DELETE FROM " . GROUPS_TABLE . "
215	WHERE group_id = " . $group_id;
216	$db->sql_query($sql);
217
218	$sql = "DELETE FROM " . USER_GROUP_TABLE . "
219	WHERE group_id = " . $group_id;
220	$db->sql_query($sql);
221
222	$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
223	WHERE group_id = " . $group_id;
224	$db->sql_query($sql);
225
226	$message = $lang['deleted_group'] . '<br /><br />' . sprintf($lang['click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
227
228	trigger_error($message);
229	return;
230	}
231	else
232	{
233	$group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : GROUP_OPEN;
234	$group_name = isset($_POST['group_name']) ? htmlspecialchars(trim($_POST['group_name'])) : '';
235	$group_description = isset($_POST['group_description']) ? trim($_POST['group_description']) : '';
236	$group_moderator = isset($_POST['username']) ? $_POST['username'] : '';
237	$delete_old_moderator = isset($_POST['delete_old_moderator']) ? true : false;
238
239	if ( $group_name == '' )
240	{
241	trigger_error($lang['no_group_name']);
242	return;
243	}
244	else if ( $group_moderator == '' )
245	{
246	trigger_error($lang['no_group_moderator']);
247	return;
248	}
249
250	$this_userdata = get_userdata($group_moderator, true);
251	$group_moderator = $this_userdata['uid'];
252
253	if ( !$group_moderator )
254	{
255	trigger_error($lang['no_group_moderator']);
256	return;
257	}
258
259	if( $mode == "editgroup" )
260	{
261	$sql = "SELECT *
262	FROM " . GROUPS_TABLE . "
263	WHERE group_single_user <> " . TRUE . "
264	AND group_id = " . $group_id;
265	$result = $db->sql_query($sql);
266
267	if( !($group_info = $db->sql_fetchrow($result)) )
268	{
269	trigger_error($lang['group_not_exist']);
270	return;
271	}
272
273	if ( $group_info['group_moderator'] != $group_moderator )
274	{
275	if ( $delete_old_moderator )
276	{
277	$sql = "DELETE FROM " . USER_GROUP_TABLE . "
278	WHERE user_id = " . $group_info['group_moderator'] . "
279	AND group_id = " . $group_id;
280	$db->sql_query($sql);
281	}
282
283	$sql = "SELECT user_id
284	FROM " . USER_GROUP_TABLE . "
285	WHERE user_id = $group_moderator
286	AND group_id = $group_id";
287	$result = $db->sql_query($sql);
288
289	if ( !($row = $db->sql_fetchrow($result)) )
290	{
291	$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
292	VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
293	$db->sql_query($sql);
294	}
295	}
296
297	$sql = "UPDATE " . GROUPS_TABLE . "
298	SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
299	WHERE group_id = $group_id";
300	$db->sql_query($sql);
301
302	$message = $lang['updated_group'] . '<br /><br />' . sprintf($lang['click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
303
304	trigger_error($message);
305	return;
306	}
307	else if( $mode == 'newgroup' )
308	{
309	$sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user)
310	VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator, '0')";
311	$db->sql_query($sql);
312	$new_group_id = $db->sql_nextid();
313
314	$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
315	VALUES ($new_group_id, $group_moderator, 0)";
316	$db->sql_query($sql);
317
318	$message = $lang['added_new_group'] . '<br /><br />' . sprintf($lang['click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
319
320	trigger_error($message);
321	return;
322
323	}
324	else
325	{
326	trigger_error($lang['no_group_action']);
327	return;
328	}
329	}
330	}
331	else
332	{
333	$sql = "SELECT group_id, group_name
334	FROM " . GROUPS_TABLE . "
335	WHERE group_single_user <> " . TRUE . "
336	ORDER BY group_name";
337	$result = $db->sql_query($sql);
338
339	$select_list = '';
340	if ( $row = $db->sql_fetchrow($result) )
341	{
342	$select_list .= '<select name="' . POST_GROUPS_URL . '">';
343	do
344	{
345	$select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
346	}
347	while ( $row = $db->sql_fetchrow($result) );
348	$select_list .= '</select>';
349	}
350
351	$template->set_filenames(array(
352	'body' => '../admin/group_select_body.tpl')
353	);
354
355	$template->assign_vars(array(
356	'L_GROUP_TITLE' => $lang['group_administration'],
357	'L_GROUP_EXPLAIN' => $lang['group_admin_explain'],
358	'L_GROUP_SELECT' => $lang['select_group'],
359	'L_LOOK_UP' => $lang['look_up_group'],
360	'L_CREATE_NEW_GROUP' => $lang['new_group'],
361
362	'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
363	'S_GROUP_SELECT' => $select_list)
364	);
365
366	if ( $select_list != '' )
367	{
368	$template->assign_block_vars('select_box', array());
369	}
370
371	$template->display('body');
372	}
373
374	include('./page_footer_admin.'.$phpEx);
375
376	?>

Note: See TracBrowser for help on using the browser.

root/admin/admin_groups.php

Download in other formats: