Line 48 | Line 48 |
---|
$this->tpl_name = 'permission_trace';
|
$this->tpl_name = 'permission_trace';
|
if ($user_id && isset($auth_admin->option_ids[$permission]) && $auth->acl_get('a_viewauth'))
| if ($user_id && isset($auth_admin->acl_options['id'][$permission]) && $auth->acl_get('a_viewauth'))
|
{ $this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']); $this->permission_trace($user_id, $forum_id, $permission); return; }
|
{ $this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']); $this->permission_trace($user_id, $forum_id, $permission); return; }
|
| trigger_error('NO_MODE', E_USER_ERROR); }
// Copy forum permissions if ($mode == 'setting_forum_copy') { $this->tpl_name = 'permission_forum_copy';
if ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth')) { $this->page_title = 'ACP_FORUM_PERMISSIONS_COPY'; $this->copy_forum_permissions(); return; }
|
trigger_error('NO_MODE', E_USER_ERROR); }
| trigger_error('NO_MODE', E_USER_ERROR); }
|
Line 124 | Line 139 |
---|
$forum_id = array(); while ($row = $db->sql_fetchrow($result)) {
|
$forum_id = array(); while ($row = $db->sql_fetchrow($result)) {
|
$forum_id[] = $row['forum_id'];
| $forum_id[] = (int) $row['forum_id'];
|
} $db->sql_freeresult($result); }
| } $db->sql_freeresult($result); }
|
Line 133 | Line 148 |
---|
$forum_id = array(); foreach (get_forum_branch($subforum_id, 'children') as $row) {
|
$forum_id = array(); foreach (get_forum_branch($subforum_id, 'children') as $row) {
|
$forum_id[] = $row['forum_id'];
| $forum_id[] = (int) $row['forum_id'];
|
} }
| } }
|
Line 216 | Line 231 |
---|
{ trigger_error($user->lang['WRONG_PERMISSION_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); }
|
{ trigger_error($user->lang['WRONG_PERMISSION_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING); }
|
| |
// Handle actions if (strpos($mode, 'setting_') === 0 && $action)
| // Handle actions if (strpos($mode, 'setting_') === 0 && $action)
|
Line 224 | Line 238 |
---|
switch ($action) { case 'delete':
|
switch ($action) { case 'delete':
|
if (!check_form_key($form_name))
| if (confirm_box(true))
|
{
|
{
|
trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING); }
| |
// All users/groups selected? $all_users = (isset($_POST['all_users'])) ? true : false; $all_groups = (isset($_POST['all_groups'])) ? true : false;
| // All users/groups selected? $all_users = (isset($_POST['all_users'])) ? true : false; $all_groups = (isset($_POST['all_groups'])) ? true : false;
|
Line 254 | Line 265 |
---|
else { trigger_error($user->lang['NO_USER_GROUP_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
else { trigger_error($user->lang['NO_USER_GROUP_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
|
| } } else { if (isset($_POST['cancel'])) { $u_redirect = $this->u_action . '&type=' . $permission_type; foreach ($forum_id as $fid) { $u_redirect .= '&forum_id[]=' . $fid; } redirect($u_redirect); }
$s_hidden_fields = array( 'i' => $id, 'mode' => $mode, 'action' => array($action => 1), 'user_id' => $user_id, 'group_id' => $group_id, 'forum_id' => $forum_id, 'type' => $permission_type, ); if (isset($_POST['all_users'])) { $s_hidden_fields['all_users'] = 1; } if (isset($_POST['all_groups'])) { $s_hidden_fields['all_groups'] = 1; } confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));
|
} break;
| } break;
|
Line 369 | Line 412 |
---|
$template->assign_vars(array( 'S_SELECT_GROUP' => true,
|
$template->assign_vars(array( 'S_SELECT_GROUP' => true,
|
'S_GROUP_OPTIONS' => group_select_options(false, false, (($user->data['user_type'] == USER_FOUNDER) ? false : 0))) );
| 'S_GROUP_OPTIONS' => group_select_options(false, false, false), // Show all groups ));
|
break;
| break;
|
Line 415 | Line 458 |
---|
'S_SELECT_USERGROUP_VIEW' => ($victim == 'usergroup_view') ? true : false, 'S_DEFINED_USER_OPTIONS' => $items['user_ids_options'], 'S_DEFINED_GROUP_OPTIONS' => $items['group_ids_options'],
|
'S_SELECT_USERGROUP_VIEW' => ($victim == 'usergroup_view') ? true : false, 'S_DEFINED_USER_OPTIONS' => $items['user_ids_options'], 'S_DEFINED_GROUP_OPTIONS' => $items['group_ids_options'],
|
'S_ADD_GROUP_OPTIONS' => group_select_options(false, $items['group_ids'], (($user->data['user_type'] == USER_FOUNDER) ? false : 0)),
| 'S_ADD_GROUP_OPTIONS' => group_select_options(false, $items['group_ids'], false), // Show all groups
|
'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username&select_single=true'), ));
| 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username&select_single=true'), ));
|
Line 598 | Line 641 |
---|
$ids = array(); while ($row = $db->sql_fetchrow($result)) {
|
$ids = array(); while ($row = $db->sql_fetchrow($result)) {
|
$ids[] = $row[$sql_id];
| $ids[] = (int) $row[$sql_id];
|
} $db->sql_freeresult($result); }
| } $db->sql_freeresult($result); }
|
Line 762 | Line 805 |
---|
$this->log_action($mode, 'add', $permission_type, $ug_type, $ug_ids, $forum_ids);
|
$this->log_action($mode, 'add', $permission_type, $ug_type, $ug_ids, $forum_ids);
|
| if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local') { trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&forum_id[]=' . implode('&forum_id[]=', $forum_ids))); } else {
|
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
|
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
|
| }
|
}
/**
| }
/**
|
Line 829 | Line 879 |
---|
$this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0)));
|
$this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0)));
|
| if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local') { trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&forum_id[]=' . implode('&forum_id[]=', $forum_id))); } else {
|
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
|
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));
|
| }
|
}
/**
| }
/**
|
Line 949 | Line 1006 |
---|
LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.group_id = g.group_id) WHERE ug.user_id = ' . $user_id . ' AND ug.user_pending = 0
|
LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.group_id = g.group_id) WHERE ug.user_id = ' . $user_id . ' AND ug.user_pending = 0
|
| AND NOT (ug.group_leader = 1 AND g.group_skip_auth = 1)
|
ORDER BY g.group_type DESC, g.group_id DESC'; $result = $db->sql_query($sql);
| ORDER BY g.group_type DESC, g.group_id DESC'; $result = $db->sql_query($sql);
|
Line 1106 | Line 1164 |
---|
'S_RESULT_NO' => ($total == ACL_NO) ? true : false, 'S_RESULT_YES' => ($total == ACL_YES) ? true : false, 'S_RESULT_NEVER' => ($total == ACL_NEVER) ? true : false,
|
'S_RESULT_NO' => ($total == ACL_NO) ? true : false, 'S_RESULT_YES' => ($total == ACL_YES) ? true : false, 'S_RESULT_NEVER' => ($total == ACL_NEVER) ? true : false,
|
| )); }
/** * Handles copying permissions from one forum to others */ function copy_forum_permissions() { global $auth, $cache, $template, $user;
$user->add_lang('acp/forums');
$submit = isset($_POST['submit']) ? true : false;
if ($submit) { $src = request_var('src_forum_id', 0); $dest = request_var('dest_forum_ids', array(0));
if (confirm_box(true)) { if (copy_forum_permissions($src, $dest)) { cache_moderators();
$auth->acl_clear_prefetch(); $cache->destroy('sql', FORUMS_TABLE);
trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action)); } else { trigger_error($user->lang['SELECTED_FORUM_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } } else { $s_hidden_fields = array( 'submit' => $submit, 'src_forum_id' => $src, 'dest_forum_ids' => $dest, );
$s_hidden_fields = build_hidden_fields($s_hidden_fields);
confirm_box(false, $user->lang['COPY_PERMISSIONS_CONFIRM'], $s_hidden_fields); } }
$template->assign_vars(array( 'S_FORUM_OPTIONS' => make_forum_select(false, false, false, false, false),
|
)); }
| )); }
|
Line 1117 | Line 1226 |
---|
global $db, $user;
$sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND ' . $db->sql_in_set('a.forum_id', $forum_id) : 'AND a.forum_id <> 0');
|
global $db, $user;
$sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND ' . $db->sql_in_set('a.forum_id', $forum_id) : 'AND a.forum_id <> 0');
|
$sql_permission_option = ' AND o.auth_option ' . $db->sql_like_expression($permission_type . $db->any_char);
| |
|
|
$sql = $db->sql_build_query('SELECT_DISTINCT', array( 'SELECT' => 'u.username, u.username_clean, u.user_regdate, u.user_id',
| // Permission options are only able to be a permission set... therefore we will pre-fetch the possible options and also the possible roles $option_ids = $role_ids = array();
|
|
|
'FROM' => array( USERS_TABLE => 'u', ACL_OPTIONS_TABLE => 'o', ACL_USERS_TABLE => 'a' ),
| $sql = 'SELECT auth_option_id FROM ' . ACL_OPTIONS_TABLE . ' WHERE auth_option ' . $db->sql_like_expression($permission_type . $db->any_char); $result = $db->sql_query($sql);
|
|
|
'LEFT_JOIN' => array( array( 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 'ON' => 'a.auth_role_id = r.role_id' ) ),
| while ($row = $db->sql_fetchrow($result)) { $option_ids[] = (int) $row['auth_option_id']; } $db->sql_freeresult($result);
|
|
|
'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id) $sql_permission_option $sql_forum_id AND u.user_id = a.user_id",
| if (sizeof($option_ids)) { $sql = 'SELECT DISTINCT role_id FROM ' . ACL_ROLES_DATA_TABLE . ' WHERE ' . $db->sql_in_set('auth_option_id', $option_ids); $result = $db->sql_query($sql);
|
|
|
'ORDER_BY' => 'u.username_clean, u.user_regdate ASC' ));
| while ($row = $db->sql_fetchrow($result)) { $role_ids[] = (int) $row['role_id']; } $db->sql_freeresult($result); }
if (sizeof($option_ids) && sizeof($role_ids)) { $sql_where = 'AND (' . $db->sql_in_set('a.auth_option_id', $option_ids) . ' OR ' . $db->sql_in_set('a.auth_role_id', $role_ids) . ')'; } else if (sizeof($role_ids)) { $sql_where = 'AND ' . $db->sql_in_set('a.auth_role_id', $role_ids); } else if (sizeof($option_ids)) { $sql_where = 'AND ' . $db->sql_in_set('a.auth_option_id', $option_ids); }
// Not ideal, due to the filesort, non-use of indexes, etc. $sql = 'SELECT DISTINCT u.user_id, u.username, u.username_clean, u.user_regdate FROM ' . USERS_TABLE . ' u, ' . ACL_USERS_TABLE . " a WHERE u.user_id = a.user_id $sql_forum_id $sql_where ORDER BY u.username_clean, u.user_regdate ASC";
|
$result = $db->sql_query($sql);
$s_defined_user_options = '';
| $result = $db->sql_query($sql);
$s_defined_user_options = '';
|
Line 1153 | Line 1286 |
---|
} $db->sql_freeresult($result);
|
} $db->sql_freeresult($result);
|
$sql = $db->sql_build_query('SELECT_DISTINCT', array( 'SELECT' => 'g.group_type, g.group_name, g.group_id',
'FROM' => array( GROUPS_TABLE => 'g', ACL_OPTIONS_TABLE => 'o', ACL_GROUPS_TABLE => 'a' ),
'LEFT_JOIN' => array( array( 'FROM' => array(ACL_ROLES_DATA_TABLE => 'r'), 'ON' => 'a.auth_role_id = r.role_id' ) ),
'WHERE' => "(a.auth_option_id = o.auth_option_id OR r.auth_option_id = o.auth_option_id) $sql_permission_option
| $sql = 'SELECT DISTINCT g.group_type, g.group_name, g.group_id FROM ' . GROUPS_TABLE . ' g, ' . ACL_GROUPS_TABLE . " a WHERE g.group_id = a.group_id
|
$sql_forum_id
|
$sql_forum_id
|
AND g.group_id = a.group_id",
'ORDER_BY' => 'g.group_type DESC, g.group_name ASC' ));
| $sql_where ORDER BY g.group_type DESC, g.group_name ASC";
|
$result = $db->sql_query($sql);
$s_defined_group_options = '';
| $result = $db->sql_query($sql);
$s_defined_group_options = '';
|