makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-27 21:58:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Mainly updates for additional/altered admin permission options ... note, you MUST empty your current auth_options table and insert the list from the mysql_basic, you will also need to empty the auth_user/auth_group tables and re-assign permissions, and you should clear the $acl_options array in config_cache

Browse source 
git-svn-id: file:///svn/phpbb/trunk@3020 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2002-11-09 00:04:18 +00:00
parent 1c5f838a2d
commit 1405e47fc1
18 changed files with 845 additions and 908 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
phpBB/admin/admin_ban.php
View file

@ -44,7 +44,7 @@ require('pagestart.' . $phpEx);
// Do we have ban permissions?
if (!$auth->acl_get('a_ban'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
// Mode setting
@ -509,7 +509,7 @@ switch ( $mode )
<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
</tr>
</table>
@ -545,7 +545,7 @@ switch ( $mode )
?>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /></td>
<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /></td>
</tr>
</table></form>

104
phpBB/admin/admin_board.php
View file

@ -21,43 +21,66 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
{
return;
}
$file = basename(__FILE__);
$module['General']['Avatar_settings'] = "$file$SID&amp;mode=avatar";
$module['General']['Cookie_settings'] = "$file$SID&amp;mode=cookie";
$module['General']['Board_defaults'] = "$file$SID&amp;mode=default";
$module['General']['Board_settings'] = "$file$SID&amp;mode=setting";
$module['General']['Email_settings'] = "$file$SID&amp;mode=email";
$module['General']['Server_settings'] = "$file$SID&amp;mode=server";
$module['General']['Auth_settings'] = "$file$SID&amp;mode=auth";
$module['General']['Cookie_settings'] = ($auth->acl_get('a_cookies')) ? "$file$SID&amp;mode=cookie" : '';
$module['General']['Board_defaults'] = ($auth->acl_get('a_defaults')) ? "$file$SID&amp;mode=default" : '';
$module['General']['Board_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=setting" : '';
$module['General']['Avatar_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=avatar" : '';
$module['General']['Email_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=email" : '';
$module['General']['Server_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=server" : '';
$module['General']['Auth_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=auth" : '';
return;
}
// Let's set the root dir for phpBB
define('IN_PHPBB', 1);
// Load default header
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
// Are we authed?
if ( !$auth->acl_get('a_general') )
// Get mode
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Check permissions/set title
switch ($mode)
{
trigger_error($user->lang['No_admin']);
case 'cookie':
$l_title = 'Cookie_settings';
$which_auth = 'a_cookies';
break;
case 'default':
$l_title = 'Board_defaults';
$which_auth = 'a_defaults';
break;
case 'avatar':
$l_title = 'Avatar_settings';
$which_auth = 'a_board';
break;
case 'setting':
$l_title = 'Board_settings';
$which_auth = 'a_board';
break;
case 'email':
$l_title = 'Email_settings';
$which_auth = 'a_server';
break;
case 'server':
$l_title = 'Server_settings';
$which_auth = 'a_server';
break;
case 'auth':
$l_title = 'Auth_settings';
$which_auth = 'a_server';
break;
default:
return;
}
// Get mod
if ( isset($_POST['mode']) || isset($_GET['mode']) )
// Check permissions
if (!$auth->acl_get($which_acl))
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
trigger_error($user->lang['NO_ADMIN']);
}
// Pull all config data
@ -91,39 +114,6 @@ if ( isset($_POST['submit']) )
trigger_error($user->lang['Config_updated']);
}
//
// Which title?
//
switch ( $mode )
{
case 'cookie':
$l_title = 'Cookie_settings';
break;
case 'avatar':
$l_title = 'Avatar_settings';
break;
case 'default':
$l_title = 'Board_defaults';
break;
case 'setting':
$l_title = 'Board_settings';
break;
case 'email':
$l_title = 'Email_settings';
break;
case 'server':
$l_title = 'Server_settings';
break;
case 'login':
$l_title = 'Server_settings';
break;
case 'auth':
$l_title = 'Auth_settings';
break;
default:
return;
}
page_header($user->lang[$l_title]);
?>
@ -576,7 +566,7 @@ switch ( $mode )
?>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
</tr>
</table></form>

104
phpBB/admin/admin_database.php
View file

@ -21,16 +21,11 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
{
return;
}
$filename = basename(__FILE__);
$module['DB']['DB_Backup'] = $filename . "$SID&amp;mode=backup";
$module['DB']['DB_Backup'] = ($auth->acl_get('a_backup')) ? $filename . "$SID&amp;mode=backup" : '';
$file_uploads = @ini_get('file_uploads');
if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' )
if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' && $auth->acl_get('a_restore'))
{
$module['DB']['DB_Restore'] = $filename . "$SID&amp;mode=restore";
}
@ -39,36 +34,26 @@ if ( !empty($setmodules) )
}
define('IN_PHPBB', 1);
//
// Load default header
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have DB backup/restore permissions?
//
if ( !$auth->acl_get('a_general') )
{
message_die(MESSAGE, $user->lang['No_admin']);
}
//
// Increase maximum execution time, but don't complain about it if it isn't
// allowed.
//
@set_time_limit(1200);
$mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
//
// Increase maximum execution time, but don't complain about it if it isn't
// allowed.
@set_time_limit(1200);
// Begin program proper
//
switch($mode)
{
case 'backup':
if (!$auth->acl_get('a_backup'))
{
trigger_error($user->lang['NO_ADMIN']);
}
if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql')
{
@ -85,7 +70,7 @@ switch( $mode )
break;
}
message_die(MESSAGE, $user->lang['Backups_not_supported']);
trigger_error($user->lang['Backups_not_supported']);
break;
}
@ -258,7 +243,7 @@ switch( $mode )
case 'zip':
$extension = 'zip';
$zip = new zipfile;
$zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time());
$zip->add_file(ob_get_contents(), "phpbb_db_backup.sql", time());
ob_end_clean();
$contents = $zip->file();
break;
@ -301,13 +286,17 @@ switch( $mode )
fclose($fp);
unset($contents);
message_die(MESSAGE, $user->lang['Backup_success']);
trigger_error($user->lang['Backup_success']);
}
exit;
break;
case 'restore':
if (!$auth->acl_get('a_restore'))
{
trigger_error($user->lang['No_admin']);
}
if (isset($_POST['restorestart']))
{
@ -328,19 +317,19 @@ switch( $mode )
if ($file_tmpname == '' || $filename == '' || !file_exists($file_tmpname))
{
message_die(MESSAGE, $user->lang['Restore_Error_no_file']);
trigger_error($user->lang['Restore_Error_no_file']);
}
$ext = substr($filename, strrpos($filename, '.') + 1);
if (!preg_match('/^(sql|gz|bz2)$/', $ext))
{
message_die(MESSAGE, $user->lang['Restore_Error_filename']);
trigger_error($user->lang['Restore_Error_filename']);
}
if ((!extension_loaded('zlib') && $ext == 'gz') || (!extension_loaded('zip') && $ext == 'zip') || ($ext == 'bz2' && !extension_loaded('bz2')))
{
message_die(MESSAGE, $user->lang['Compress_unsupported']);
trigger_error($user->lang['Compress_unsupported']);
}
$sql_query = '';
@ -359,6 +348,9 @@ switch( $mode )
$sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname)));
break;
case 'zip':
default;
$sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname));
}
@ -383,7 +375,7 @@ switch( $mode )
add_admin_log('log_db_restore');
message_die(MESSAGE, $user->lang['Restore_success']);
trigger_error($user->lang['Restore_success']);
}
//
@ -434,6 +426,7 @@ switch( $mode )
break;
default:
trigger_error($user->lang['No_admin']);
exit;
}
@ -743,21 +736,13 @@ function get_table_def_mysql($table, $crlf)
$field_query = "SHOW FIELDS FROM $table";
$key_query = "SHOW KEYS FROM $table";
//
// If the user has selected to drop existing tables when doing a restore.
// Then we add the statement to drop the tables....
//
$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";
$schema_create .= "CREATE TABLE $table($crlf";
//
// Ok lets grab the fields...
//
$result = $db->sql_query($field_query);
if(!result)
{
message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
}
while ($row = $db->sql_fetchrow($result))
{
@ -807,7 +792,7 @@ function get_table_def_mysql($table, $crlf)
$index[$kname][] = $row['Column_name'];
}
while(list($x, $columns) = @each($index))
foreach ($index as $x => $columns)
{
$schema_create .= ", $crlf";
@ -856,10 +841,7 @@ function get_table_content_postgresql($table, $handler)
{
global $db;
//
// Grab all of the data from current table.
//
$result = $db->sql_query("SELECT * FROM $table");
$i_num_fields = $db->sql_numfields($result);
@ -877,19 +859,18 @@ function get_table_content_postgresql($table, $handler)
unset($schema_vals);
unset($schema_fields);
unset($schema_insert);
//
// Build the SQL statement to recreate the data.
//
for($i = 0; $i < $i_num_fields; $i++)
{
$strVal = $row[$aryName[$i]];
if (eregi("char|text|bool", $aryType[$i]))
if (preg_match('#char|text|bool#i', $aryType[$i]))
{
$strQuote = "'";
$strEmpty = "";
$strVal = addslashes($strVal);
}
elseif (eregi("date|timestamp", $aryType[$i]))
elseif (preg_match('#date|timestamp#i', $aryType[$i]))
{
if ($empty($strVal))
{
@ -913,18 +894,15 @@ function get_table_content_postgresql($table, $handler)
$schema_vals .= " $strQuote$strVal$strQuote,";
$schema_fields .= " $aryName[$i],";
}
$schema_vals = ereg_replace(",$", "", $schema_vals);
$schema_vals = ereg_replace("^ ", "", $schema_vals);
$schema_fields = ereg_replace(",$", "", $schema_fields);
$schema_fields = ereg_replace("^ ", "", $schema_fields);
$schema_vals = preg_replace('#,$#', '', $schema_vals);
$schema_vals = preg_replace('#^ #', '', $schema_vals);
$schema_fields = preg_replace('#,$#', '', $schema_fields);
$schema_fields = preg_replace('#^ #', '', $schema_fields);
//
// Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data.
//
$schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);";
$handler(trim($schema_insert));
@ -941,14 +919,11 @@ function get_table_content_postgresql($table, $handler)
function get_table_content_mysql($table, $handler)
{
global $db;
//
// Grab the data from the table.
//
$result = $db->sql_query("SELECT * FROM $table");
//
// Loop through the resulting rows and build the sql statement.
//
$schema_insert = "";
if ($row = $db->sql_fetchrow($result))
{
@ -970,7 +945,7 @@ function get_table_content_mysql($table, $handler)
//
// Get rid of the last comma
//
$table_list = ereg_replace(', $', '', $table_list);
$table_list = preg_replace('#, $#', '', $table_list);
$table_list .= ')';
//
// Start building the SQL statement.
@ -1003,7 +978,7 @@ function get_table_content_mysql($table, $handler)
//
// Get rid of the the last comma.
//
$schema_insert = ereg_replace(',$', '', $schema_insert);
$schema_insert = preg_replace('#,$#', '', $schema_insert);
$schema_insert .= ');';
//
// Go ahead and send the insert statement to the handler function.
@ -1041,7 +1016,7 @@ class zipfile
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;
function unix2DosTime($unixtime = 0)
function unix_to_dos_time($unixtime = 0)
{
$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
@ -1059,11 +1034,11 @@ class zipfile
($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
}
function addFile($data, $name, $time = 0)
function add_file($data, $name, $time = 0)
{
$name = str_replace('\\', '/', $name);
$dtime = dechex($this->unix2DosTime($time));
$dtime = dechex($this->unix_to_dos_time($time));
$hexdtime = '\x' . $dtime[6] . $dtime[7]
. '\x' . $dtime[4] . $dtime[5]
. '\x' . $dtime[2] . $dtime[3]
@ -1140,7 +1115,6 @@ class zipfile
pack('V', strlen($data)) . // offset to start of central dir
"\x00\x00"; // .zip file comment length
}
}
//

21
phpBB/admin/admin_disallow.php
View file

@ -23,41 +23,34 @@ define('IN_PHPBB', 1);
if(!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_names'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Disallow'] = $filename . $SID;
$module['Users']['Disallow'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have user admin permissions?
//
if ( !$auth->acl_get('a_user') )
// Check permissions
if (!$auth->acl_get('a_names'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
if (isset($_POST['add_name']))
{
include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
$disallowed_user = (isset($_POST['disallowed_user'])) ? $_POST['disallowed_user'] : $_GET['disallowed_user'];
$disallowed_user = str_replace('*', '%', $disallowed_user);
if ( !validate_username($disallowed_user) )
if (validate_username($disallowed_user))
{
$message = $user->lang['Disallowed_already'];
}
@ -92,9 +85,7 @@ else if( isset($_POST['delete_name']) )
}
//
// Grab the current list of disallowed usernames...
//
$sql = "SELECT *
FROM " . DISALLOW_TABLE;
$result = $db->sql_query($sql);

17
phpBB/admin/admin_email.php
View file

@ -21,31 +21,26 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_email'))
{
return;
}
$filename = basename(__FILE__);
$module['General']['Mass_Email'] = $filename . $SID;
$module['General']['Mass_Email'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general admin permissions?
//
if ( !$auth->acl_get('a_general') )
// Check permissions
if (!$auth->acl_get('a_email'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
@ -163,7 +158,7 @@ page_header($user->lang['Mass_Email']);
<p><?php echo $user->lang['Mass_email_explain']; ?></p>
<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
<form method="post" action="admin_mass_email.<?php echo $phpEx.$SID; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
<tr>
<th colspan="2"><?php echo $user->lang['Compose']; ?></th>
</tr>

48
phpBB/admin/admin_forums.php
View file

@ -21,45 +21,47 @@
if (!empty($setmodules))
{
if (!$auth->acl_get('a_forum'))
if (!$auth->acl_gets('a_forum', 'a_forumadd', 'a_forumdel'))
{
return;
}
$file = basename(__FILE__);
$module['Forums']['Manage'] = $file . $SID;
$module['Forums']['Manage'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
//
// Do we have forum admin permissions?
//
// Get mode
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Do we have permissions?
switch ($mode)
{
case 'add':
if (!$auth->acl_get('a_forumadd'))
{
trigger_error($user->lang['NO_ADMIN']);
}
case 'del':
if (!$auth->acl_get('a_forumdel'))
{
trigger_error($user->lang['NO_ADMIN']);
}
default:
if (!$auth->acl_get('a_forum'))
{
message_die(MESSAGE, $user->lang['No_admin']);
}
//
// Mode setting
//
if (isset($_POST['mode']) || isset($_GET['mode']))
{
$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
trigger_error($user->lang['NO_ADMIN']);
}
}
// Major routines
switch ($mode)
{
case 'move_up':
@ -355,15 +357,13 @@ switch ($mode)
break;
case 'forum_sync':
sync('forum', intval($_GET[POST_FORUM_URL]));
sync('forum', intval($_GET['f']));
$show_index = TRUE;
break;
case 'add':
case 'edit':
//
// Show form to create/modify a forum
//
if ($mode == 'edit')
{
$forum_id = intval($_GET['f']);

78
phpBB/admin/admin_permissions.php
View file

@ -21,16 +21,11 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_auth') )
{
return;
}
$filename = basename(__FILE__);
$module['Forums']['Permissions'] = $filename . $SID . '&amp;mode=forums';
$module['Forums']['Moderators'] = $filename . $SID . '&amp;mode=moderators';
$module['Forums']['Super_Moderators'] = $filename . $SID . '&amp;mode=supermoderators';
$module['General']['Administrators'] = $filename . $SID . '&amp;mode=administrators';
$module['Forums']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&amp;mode=forums' : '';
$module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=moderators' : '';
$module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=supermoderators' : '';
$module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&amp;mode=administrators' : '';
return;
}
@ -43,16 +38,10 @@ require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_auth') )
{
trigger_error($user->lang['No_admin']);
}
// Define some vars
if ( isset($_GET['f']) || isset($_POST['f']) )
if (isset($_REQUEST['f']))
{
$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
$forum_id = intval($_REQUEST['f']);
$forum_sql = " WHERE forum_id = $forum_id";
}
else
@ -61,43 +50,42 @@ else
$forum_sql = '';
}
if ( isset($_GET['mode']) || isset($_POST['mode']) )
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// Start program proper
switch ($mode)
{
case 'forums':
$l_title = $user->lang['Permissions'];
$l_title_explain = $user->lang['Permissions_explain'];
$l_can = '_can';
$l_title = $user->lang['PERMISSIONS'];
$l_title_explain = $user->lang['PERMISSIONS_EXPLAIN'];
$which_acl = 'a_auth';
break;
case 'moderators':
$l_title = $user->lang['Moderators'];
$l_title_explain = $user->lang['Moderators_explain'];
$l_can = '_can';
$l_title = $user->lang['MODERATORS'];
$l_title_explain = $user->lang['MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
break;
case 'supermoderators':
$l_title = $user->lang['Super_Moderators'];
$l_title_explain = $user->lang['Super_Moderators_explain'];
$l_can = '_can';
$l_title = $user->lang['SUPER_MODERATORS'];
$l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
break;
case 'administrators':
$l_title = $user->lang['Administrators'];
$l_title_explain = $user->lang['Administrators_explain'];
$l_can = '_can_admin';
$l_title = $user->lang['ADMINISTRATORS'];
$l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN'];
$which_acl = 'a_authadmins';
break;
}
// Permission check
if (!$auth->acl_get($which_acl))
{
trigger_error($user->lang['NO_ADMIN']);
}
// Call update or delete, both can take multiple user/group
// ids. Additionally inheritance is handled (by the auth API)
if (isset($_POST['update']))
@ -204,13 +192,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$sql = "SELECT group_id, group_name
FROM " . GROUPS_TABLE . "
ORDER BY group_name";
ORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$group_list = '';
while ($row = $db->sql_fetchrow($result))
{
$group_list .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
$group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
@ -268,13 +256,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
$forum_sql
AND a.auth_option_id = o.auth_option_id
AND g.group_id = a.group_id
ORDER BY g.group_name ASC";
ORDER BY g.group_type DESC, g.group_name ASC";
$result = $db->sql_query($sql);
$groups = '';
while ($row = $db->sql_fetchrow($result))
{
$groups .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
$groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
}
$db->sql_freeresult($result);
@ -301,7 +289,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
</tr>
</table></form></td>
@ -313,7 +301,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
<td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
</tr>
</table></form></td>
@ -451,7 +439,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
//-->
</script>
<p><?php echo $user->lang['ACL_explain']; ?></p>
<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p>
<form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table cellspacing="1" cellpadding="0" border="0" align="center">
<tr>
@ -528,7 +516,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
?>
<tr>
<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="CANCEL" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
</tr>
</table></td>
</tr>

17
phpBB/admin/admin_prune.php
View file

@ -21,38 +21,35 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_forum') )
if (!$auth->acl_get('a_prune'))
{
return;
}
$filename = basename(__FILE__);
$module['Forums']['Prune'] = $filename . $SID . '&amp;mode=forums';
$module['Forums']['Prune'] = basename(__FILE__) . $SID . '&amp;mode=forums';
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_forum') )
// Do we have permission?
if (!$auth->acl_get('a_prune'))
{
message_die(MESSAGE, $user->lang['No_admin']);
trigger_error($user->lang['NO_ADMIN']);
}
//
// Get the forum ID for pruning
//
if ( isset($_GET['f']) || isset($_POST['f']) )
if (isset($_REQUEST['f']))
{
$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
$forum_id = intval($_REQUEST['f']);
$forum_sql = ($forum_id == -1) ? '' : "AND forum_id = $forum_id";
}
else

30
phpBB/admin/admin_prune_users.php
View file

@ -21,48 +21,32 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_userdel'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Prune_users'] = $filename . $SID;
$module['Users']['Prune_users'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_userdel'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
// Set mode
//
if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
{
$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
//
//
//
// Do prune
if (isset($_POST['prune']))
{
if (empty($_POST['confirm']))
@ -237,7 +221,7 @@ page_header($user->lang['Prune_users']);
<th colspan="2"><?php echo $user->lang['Prune_users']; ?></th>
</tr>
<tr>
<td class="row1"><?php echo $user->lang['Username']; ?>: </td>
<td class="row1"><?php echo $user->lang['USERNAME']; ?>: </td>
<td class="row2"><input class="post" type="text" name="username" /></td>
</tr>
<tr>

32
phpBB/admin/admin_ranks.php
View file

@ -19,47 +19,37 @@
*
***************************************************************************/
define('IN_PHPBB', 1);
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_get('a_ranks'))
{
return;
}
$file = basename(__FILE__);
$module['Users']['Ranks'] = "$file$SID";
$module['Users']['Ranks'] = basename(__FILE__) . $SID;
return;
}
//
define('IN_PHPBB', 1);
// Let's set the root dir for phpBB
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
//
//
if ( !$auth->acl_get('a_user') )
// Do we have permission?
if (!$auth->acl_get('a_ranks'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
//
//
if ( isset($_GET['mode']) || isset($_POST['mode']) )
// Check mode
if (isset($_REQUEST['mode']))
{
$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
$mode = $_REQUEST['mode'];
}
else
{
//
// These could be entered via a form button
//
if (isset($_POST['add']))
{
$mode = 'add';
@ -74,9 +64,7 @@ else
}
}
//
//
//
// Process mode
if ($mode != '')
{
if ($mode == 'edit' || $mode == 'add')

21
phpBB/admin/admin_search.php
View file

@ -21,37 +21,30 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_search'))
{
return;
}
$filename = basename(__FILE__);
$module['DB']['Search_indexing'] = $filename . $SID;
$module['DB']['Search_indexing'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_general') )
// Check permissions
if (!$auth->acl_get('a_search'))
{
message_die(MESSAGE, $user->lang['No_admin']);
trigger_error($user->lang['NO_ADMIN']);
}
//
// Start indexing
//
if (isset($_POST['start']) || isset($_GET['batchstart']))
{
$batchsize = 200; // Process this many posts per batch
@ -60,11 +53,9 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
$loopcount = 0;
$batchend = $batchstart + $batchsize;
//
// Search re-indexing is tough on the server ... so we'll check the load
// each loop and if we're on a 1min load of 3 or more we'll re-load the page
// and try again. No idea how well this will work in practice so we'll see ...
//
if (file_exists('/proc/loadavg'))
{
if ($load = @file('/proc/loadavg'))
@ -79,9 +70,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
}
}
//
// Try and load stopword and synonym files
//
$stopword_array = array();
$synonym_array = array();

30
phpBB/admin/admin_smilies.php
View file

@ -21,7 +21,7 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_icons'))
{
return;
}
@ -34,42 +34,22 @@ if ( !empty($setmodules) )
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
//
// Do we have general permissions?
//
if (!$auth->acl_get('a_general'))
if (!$auth->acl_get('a_icons'))
{
message_die(MESSAGE, $user->lang['No_admin']);
}
//
// Check to see what mode we should operate in.
//
if (isset($_POST['type']) || isset($_GET['type']))
{
$type = (!empty($_POST['type'])) ? $_POST['type'] : $_GET['type'];
}
else
{
$type = '';
}
if (isset($_POST['mode']) || isset($_GET['mode']))
{
$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = '';
}
$type = (!empty($_REQUEST['type'])) ? $_REQUEST['type'] : '';
$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
// What are we doing?
switch ($type)
{
case 'emoticons':

57
phpBB/admin/admin_users.php
View file

@ -21,52 +21,33 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_user') )
if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel'))
{
return;
}
$filename = basename(__FILE__);
$module['Users']['Manage'] = $filename . $SID;
$module['Users']['Manage'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
// Include files
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
// Do we have forum admin permissions?
if ( !$auth->acl_get('a_user') )
{
trigger_error($user->lang['No_admin']);
}
echo $mode;
// Set mode
if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
{
$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
}
else
{
$mode = 'main';
}
$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
// Begin program
if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u']))
{
// Grab relevant userdata
if( isset( $_GET['u']) || isset( $_POST['u']) )
if(isset($_REQUEST['u']))
{
$user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']);
$user_id = intval($_REQUEST['u']);
if(!($userdata = get_userdata($user_id)))
{
@ -82,8 +63,13 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
}
// Update entry in DB
if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') )
if ($_POST['deleteuser'] && !$userdata['user_founder'])
{
if (!$auth->acl_get('a_userdel'))
{
trigger_error($user->lang['NO_ADMIN']);
}
$db->sql_transaction();
$sql = "UPDATE " . POSTS_TABLE . "
@ -108,6 +94,10 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
$sql = "DELETE FROM " . ACL_USERS_TABLE . "
WHERE user_id = $user_id";
$db->sql_query($sql);
@ -297,8 +287,12 @@ if ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
page_footer();
}
else
// Do we have permission?
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['No_admin']);
}
page_header($user->lang['Manage']);
@ -308,7 +302,7 @@ else
<p><?php echo $user->lang['User_admin_explain']; ?></p>
<form method="post" name="post" action="<?php echo "admin_users.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th align="center"><?php echo $user->lang['Select_a_User']; ?></th>
</tr>
@ -319,12 +313,11 @@ else
<?php
}
page_footer();
//
//
// ---------
// FUNCTIONS
function ipwhois($ip)
{
$ipwhois = '';
@ -366,7 +359,7 @@ function ipwhois($ip)
return $ipwhois;
}
//
//
// FUNCTIONS
// ---------
?>

67
phpBB/admin/admin_words.php
View file

@ -21,44 +21,36 @@
if (!empty($setmodules))
{
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_words'))
{
return;
}
$file = basename(__FILE__);
$module['Posts']['Word_Censor'] = "$file$SID";
$module['Posts']['Word_Censor'] = basename(__FILE__) . $SID;
return;
}
define('IN_PHPBB', 1);
//
// Include files
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require('pagestart.' . $phpEx);
require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
//
// Do we have forum admin permissions?
//
if ( !$auth->acl_get('a_general') )
if (!$auth->acl_get('a_words'))
{
return;
trigger_error($user->lang['NO_ADMIN']);
}
//
//
//
if ( isset($_GET['mode']) || isset($_POST['mode']) )
// What do we want to do?
if (isset($_REQUEST['mode']))
{
$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
$mode = $_REQUEST['mode'];
}
else
{
//
// These could be entered via a form button
//
if (isset($_POST['add']))
{
$mode = 'add';
@ -86,7 +78,7 @@ if( $mode != '' )
{
if (!$word_id)
{
message_die(MESSAGE, $user->lang['No_word_selected']);
trigger_error($user->lang['No_word_selected']);
}
$sql = "SELECT *
@ -119,12 +111,13 @@ if( $mode != '' )
<td class="row2"><input type="text" name="replacement" value="<?php echo $word_info['replacement']; ?>" /></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['Submit']; ?>" /></td>
<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['SUBMIT']; ?>" /></td>
</tr>
</table></form>
<?php
page_footer();
break;
case 'save':
@ -134,17 +127,16 @@ if( $mode != '' )
if ($word == '' || $replacement == '')
{
message_die(MESSAGE, $user->lang['Must_enter_word']);
trigger_error($user->lang['Must_enter_word']);
}
$sql = ( $word_id ) ? "UPDATE " . WORDS_TABLE . " SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";
$sql = ($word_id) ? "UPDATE " . WORDS_TABLE . " SET word = '" . sql_quote($word) . "', replacement = '" . sql_quote($replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . sql_quote($word) . "', '" . sql_quote($replacement) . "')";
$db->sql_query($sql);
$log_action = ($word_id) ? 'log_edit_word' : 'log_add_word';
add_admin_log($log_action, stripslashes($word));
$message = ($word_id) ? $user->lang['Word_updated'] : $user->lang['Word_added'];
message_die(MESSAGE, $message);
break;
case 'delete':
@ -155,7 +147,7 @@ if( $mode != '' )
}
else
{
message_die(MESSAGE, $user->lang['Must_specify_word']);
trigger_error($user->lang['Must_specify_word']);
}
$sql = "DELETE FROM " . WORDS_TABLE . "
@ -164,10 +156,34 @@ if( $mode != '' )
add_admin_log('log_delete_word');
message_die(MESSAGE, $user->lang['Word_removed']);
$message = $user->lang['Word_remove'];
break;
}
$sql = "SELECT *
FROM " . WORDS_TABLE . "
ORDER BY word";
$result = $db->sql_query($sql);
$cache_str = "\$word_censors = array(\n";
$cache_str_match = $cache_str_replace = '';
if ($row = $db->sql_fetchrow($result))
{
do
{
$cache_str_match .= "\t\t'" . addslashes('#\b' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . '\b#i') . "',\n";
$cache_str_replace .= "\t\t'" . addslashes($row['replacement']) . "',\n";
}
while ($row = $db->sql_fetchrow($result));
$cache_str .= "\t'match' => array(\n$cache_str_match\t),\n\t'replace' => array(\n$cache_str_replace\t)\n);";
}
$db->sql_freeresult($result);
config_cache_write('\$word_censors = array\(.*?\);', $cache_str);
trigger_error($message);
}
else
{
@ -212,6 +228,7 @@ else
}
while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
?>
<tr>
@ -221,8 +238,8 @@ else
<?php
page_footer();
}
page_footer()
?>

27
phpBB/admin/index.php
View file

@ -33,7 +33,7 @@ require('pagestart.' . $phpEx);
// Do we have any admin permissions at all?
if (!$auth->acl_get('a_'))
{
trigger_error('No_admin');
trigger_error($user->lang['NO_ADMIN']);
}
// Generate relevant output
@ -97,7 +97,7 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
@ksort($module);
foreach ($module as $cat => $action_ary)
{
$cat = ( !empty($user->lang[$cat . '_cat']) ) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
$cat = (empty($user->lang[$cat . '_cat'])) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
?>
<tr>
@ -108,19 +108,22 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
@ksort($action_ary);
foreach ($action_ary as $action => $file)
{
if (!empty($file))
{
$action = (!empty($user->lang[$action])) ? $user->lang[$action] : preg_replace('/_/', ' ', $action);
$cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1';
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
<td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
<td class="<?php echo $row_class; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
</tr>
<?php
}
}
}
}
?>
</table></td>
@ -138,12 +141,17 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
{
if ((isset($_POST['activate']) || isset($_POST['delete'])) && !empty($_POST['mark']))
{
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['NO_ADMIN']);
}
if (is_array($_POST['mark']))
{
$in_sql = '';
foreach ($_POST['mark'] as $user_id)
{
$in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $user_id;
$in_sql .= (($in_sql != '') ? ', ' : '') . intval($user_id);
}
if ($in_sql != '')
@ -166,6 +174,10 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
}
else if (isset($_POST['remind']))
{
if (!$auth->acl_get('a_user'))
{
trigger_error($user->lang['NO_ADMIN']);
}
}
else if (isset($_POST['resetonline']))
@ -397,6 +409,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
}
if ($auth->acl_get('a_user'))
{
?>
</table>
@ -465,6 +480,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
<?php
}
page_footer();
}

31
phpBB/install/schemas/mysql_basic.sql
View file

@ -128,10 +128,23 @@ INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_unra
INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_auth', 1, 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_general', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_server', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_defaults', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_board', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_cookies', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_words', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_icons', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_bbcode', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_attach', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_events', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_user', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_useradd', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_userdel', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ranks', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_names', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_group', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupadd', 1);
@ -139,17 +152,13 @@ INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupdel', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forum', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumadd', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumdel', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_posts', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_prune', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_auth', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authmods', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authadmins', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_backup', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_restore', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_search', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_', 1);
INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_email', 1);
@ -186,11 +195,11 @@ INSERT INTO phpbb_ranks (rank_id, rank_title, rank_min, rank_special, rank_image
# -- Groups
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 0);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'REGISTERED_INACTIVE', 0);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 0);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 0);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 0);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 3);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'INACTIVE', 3);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 3);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 3);
INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 3);
# -- User -> Group

85
phpBB/language/en/lang_admin.php
View file

@ -21,7 +21,7 @@
$lang = array_merge($lang, array(
'Admin_title' => 'Administration Panel',
'No_admin' => 'You are not authorised to administer this board',
'NO_ADMIN' => 'You are not authorised to administer this board',
'No_frames' => 'Sorry, your browser does not support frames',
'Return_to' => 'Return to ...',
'DB_cat' => 'Database Admin',
@ -39,7 +39,7 @@ $lang = array_merge($lang, array(
'Email_settings' => 'Email Settings',
'Server_settings' => 'Server Settings',
'Auth_settings' => 'Authentication',
'Permissions' => 'Permissions',
'PERMISSIONS' => 'Permissions',
'Manage' => 'Manage',
'Disallow' => 'Disallow names',
'Prune' => 'Pruning',
@ -57,7 +57,7 @@ $lang = array_merge($lang, array(
'DB_Backup' => 'DB Backup',
'DB_Restore' => 'DB Restore',
'Basic_Config' => 'Basic Configuration',
'Administrators' => 'Administrators',
'ADMINISTRATORS' => 'Administrators',
'Admin_logs' => 'Admin Log',
'Mod_logs' => 'Moderator Log',
'Users' => 'Users',
@ -97,6 +97,7 @@ $lang = array_merge($lang, array(
'log_prune_user_deac' => '<b>Users Deactivated</b> => %s',
'log_prune_user_del_del' => '<b>Users Pruned and Posts Deleted</b> => %s',
'log_prune_user_del_anon' => '<b>Users Pruned and Posts Retained</b> => %s',
'Admin_logs_explain' => 'This lists all the actions carried out by board administrators. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.',
'Mod_logs_explain' => 'This lists the actions carried out by board moderators, select a forum from the drop down list. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.',
'Display_log' => 'Display entries from previous',
@ -168,13 +169,13 @@ $lang = array_merge($lang, array(
'Restore_Error_filename' => 'The file you uploaded had an unsupported extension.',
'Compress_unsupported' => 'The version of PHP installed on this server does not support the type of compression used for your backup. Please use a compression method listed on the previous page.',
'Restore_Error_no_file' => 'No file was uploaded',
'ACL_explain' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY &gt; ALLOW &gt; INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.',
'Permissions_explain' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).',
'Moderators' => 'Moderators',
'Moderators_explain' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).',
'Super_Moderators' => 'Super Moderators',
'Super_Moderators_explain' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).',
'Administrators_explain' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.',
'ACL_EXPLAIN' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY &gt; ALLOW &gt; INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.',
'PERMISSIONS_EXPLAIN' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).',
'MODERATORS' => 'Moderators',
'MODERATORS_EXPLAIN' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).',
'SUPER_MODERATORS' => 'Super Moderators',
'SUPER_MODERATORS_EXPLAIN' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).',
'ADMINISTRATORS_EXPLAIN' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.',
'Manage_users' => 'Manage Users',
'Add_users' => 'Add Users',
'Manage_groups' => 'Manage Groups',
@ -201,26 +202,49 @@ $lang = array_merge($lang, array(
'All_Inherit' => 'All Inherit',
'Inheritance' => 'Inheritance',
'Inheritance_explain' => 'Select the subforums you want to inherit these permissions',
'acl_a_general' => 'General Settings',
'acl_a_user' => 'Users',
'acl_a_group' => 'Groups',
'acl_a_forum' => 'Forums',
'acl_a_post' => 'Posts',
'acl_a_ban' => 'Banning',
'acl_a_auth' => 'Permissions',
'acl_a_email' => 'Email',
'acl_a_styles' => 'Styles',
'acl_a_backup' => 'Backups',
'acl_a_clearlogs' => 'Clear Admin Log',
'acl_m__edit' => 'Edit posts',
'acl_m__delete' => 'Delete posts',
'acl_m__move' => 'Move posts',
'acl_m__lock' => 'Lock topics',
'acl_m__split' => 'Split topics',
'acl_m__merge' => 'Merge topics',
'acl_m__approve' => 'Approve posts',
'acl_m__unrate' => 'Un-rate topics',
'acl_m__auth' => 'Set permissions',
'acl_a_server' => 'Alter Server/Email Settings',
'acl_a_defaults' => 'Alter Board Defaults',
'acl_a_board' => 'Alter Board Settings',
'acl_a_cookies' => 'Alter Cookie Settings',
'acl_a_names' => 'Alter Disallowed Names',
'acl_a_words' => 'Alter Word Censors',
'acl_a_icons' => 'Alter Topic Icons/Emoticons',
'acl_a_search' => 'Re-index Search Tables',
'acl_a_prune' => 'Prune Forums',
'acl_a_bbcode' => 'Define BBCode Tags',
'acl_a_attach' => 'Manage Attachments',
'acl_a_events' => 'Manage User/Group Events',
'acl_a_ranks' => 'Manage User Ranks',
'acl_a_user' => 'Manage Users',
'acl_a_userdel' => 'Delete/Prune Users',
'acl_a_useradd' => 'Add New Users',
'acl_a_group' => 'Manage Groups',
'acl_a_groupdel' => 'Delete Groups',
'acl_a_groupadd' => 'Add New Groups',
'acl_a_forum' => 'Manage Forums',
'acl_a_forumdel' => 'Delete Forums',
'acl_a_forumadd' => 'Add New Forums',
'acl_a_ban' => 'Manage Bans',
'acl_a_auth' => 'Alter Forum Permissions',
'acl_a_authmods' => 'Alter Moderator Permissions',
'acl_a_authadmins' => 'Alter Admin Permissions',
'acl_a_email' => 'Mass Email',
'acl_a_styles' => 'Manage Styles',
'acl_a_backup' => 'Backup Database',
'acl_a_restore' => 'Restore Database',
'acl_a_clearlogs' => 'Clear Admin/Mod Logs',
'acl_m_edit' => 'Edit posts',
'acl_m_delete' => 'Delete posts',
'acl_m_move' => 'Move posts',
'acl_m_lock' => 'Lock topics',
'acl_m_split' => 'Split topics',
'acl_m_merge' => 'Merge topics',
'acl_m_approve' => 'Approve posts',
'acl_m_unrate' => 'Un-rate topics',
'acl_m_auth' => 'Set permissions',
'acl_f_list' => 'See forum',
'acl_f_read' => 'Read forum',
'acl_f_post' => 'Post in forum',
@ -245,6 +269,7 @@ $lang = array_merge($lang, array(
'acl_f_print' => 'Print topics',
'acl_f_ignoreflood' => 'Ignore flood limit',
'acl_f_ignorequeue' => 'Ignore mod queue',
'Auth_updated' => 'Permissions have been updated',
'Prune_users' => 'Prune Users',
'Prune_users_explain' => 'Here you can delete (or deactivate) users from you board. This can be done in a variety of ways; by post count, last activity, etc. Each of these criteria can be combined, i.e. you can prune users last active before 2002-01-01 with fewer than 10 posts. Alternatively you can enter a list of users directly into the text box, any criteria entered will be ignored. Take care with this facility! Once a user is deleted there is no way back.',