Changes to allow all auth types to be returned

git-svn-id: file:///svn/phpbb/trunk@388 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 14:18:52 +00:00 · 2001-05-31 15:39:59 +00:00 · 2001-05-31 15:39:59 +00:00 · 3ed50ce0b7
commit 3ed50ce0b7
parent eb9734b237
7 changed files with 193 additions and 109 deletions
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@ -22,40 +22,75 @@
 * 
 ***************************************************************************/ 
-/* Notes:
+/*
- * auth() returns: 
+	Possible options to send to auth (not all are functional yet!):
- * TRUE if the user authorized
+
- * FALSE if the user is not
+	* If you include a type then a specific lookup will
- */
+	be done and the single result returned
 	* If you set type to ALL an array of all auth types
 	will be returned
 	* If you provide a forum_id a specific lookup on that
 	forum will be done
 	* If you set forum_id to LIST_ALL an array of all
 	forums to which the user has access of type will be returned
 	<- used for index and search? (type VIEW and READ respectively)
 	* If you set forum_id to LIST_ALL and type to ALL a 
 	multidimensional array containing the auth permissions
 	for all types and all forums for that user is returned
 	* If you set $userdata to ALL, then the permissions of all
 	users listed in the auth_access table will be returned for 
 	the given type and forum_id <- use to check for moderators?
 	All results are returned as associative arrays, even
 	when a single auth type is specified
 */
 function auth($type, $forum_id, $userdata, $f_access = -1)
 {
 	global $db;
 	switch($type)
 	{
 		case ALL:
 			$a_sql = "auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_votecreate, auth_vote";
 			$auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_votecreate", "auth_vote");
 			break;
 		case VIEW:
 			$a_sql = "auth_view";
 			$auth_fields = array("auth_view");
 			break;
 		case READ:
 			$a_sql = "auth_read";
 			$auth_fields = array("auth_read");
 			break;
 		case POST:
 			$a_sql = "auth_post";
 			$auth_fields = array("auth_post");
 			break;
 		case REPLY:
 			$a_sql = "auth_reply";
 			$auth_fields = array("auth_reply");
 			break;
 		case EDIT:
 			$a_sql = "auth_edit";
 			$auth_fields = array("auth_edit");
 			break;
 		case DELETE:
 			$a_sql = "auth_delete";
 			$auth_fields = array("auth_delete");
 			break;
 		case VOTECREATE:
 			$a_sql = "auth_votecreate";
 			$auth_fields = array("auth_votecreate");
 			break;
 		case VOTE:
 			$a_sql = "auth_vote";
 			$auth_fields = array("auth_vote");
 			break;
 		default:
 			break;
@ -70,14 +105,14 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
 	if($f_access == -1 || $forum_id == LIST_ALL)
 	{
 		$forum_match_sql = ($forum_id != LIST_ALL) ? "WHERE forum_id = $forum_id" : "";
-		$sql = "SELECT $a_sql AS forum_auth 
+		$sql = "SELECT $a_sql 
 			FROM ".AUTH_FORUMS_TABLE." 
 			$forum_match_sql";
 		$af_result = $db->sql_query($sql);
 		if($forum_id != LIST_ALL)
 		{
-			$f_access = $db->sql_fetchfield("forum_auth", -1, $af_result);
+			$f_access = $db->sql_fetchrow($af_result);
 		}
 		else
 		{
@ -97,118 +132,139 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
 	{
 		if($forum_id != LIST_ALL)
 		{
-			$auth_user = ($f_access == ALL) ? true : false;
+			for($i = 0; $i < count($f_access); $i++)
 			{
 				$auth_user[$auth_fields[$i]] = ($f_access[$auth_fields[$i]] == ALL) ? true : false;
 			}
 		}
 		else
 		{
 			$auth_user_list = array();
 			for($i = 0; $i < count($auth_forum_rows); $i++)
 			{
-				$auth_user_list[] = ($f_access_rows['0']['forum_auth'] == ALL) ? true : false;
+				for($j = 0; $j < count($f_access); $j++)
 				{
 					$auth_user_list[][$auth_fields[$j]] = ($f_access_rows[$i][$auth_fields[$j]] == ALL) ? true : false;
 				}
 			}
 		}
 	}
 	else 
 	{
 		//
 		// If the user is logged on and the forum
 		// type is either ALL or REG then the user
 		// has access
 		//
 		if($f_access == ALL || $f_access == REG)
 		{
 			$auth_user = true;
 		}
 		else
 		{
 			//
 			// If the type if ACL, MOD or ADMIN
 			// then we need to see if the user has
 			// specific permissions to do whatever it
 			// is they want to do ... to do this
 			// we pull relevant information for the user
 			// (and any groups they belong to)
 			//
 			$forum_match_sql = ($forum_id != LIST_ALL) ? "AND ( aa.forum_id = $forum_id OR aa.forum_id = " . ALL . ")" : "";
 			$sql = "SELECT aa.$a_sql AS user_auth, aa.auth_mod, aa.auth_admin, g.single_user 
 				FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g 
 				WHERE ug.user_id = ".$userdata['user_id']. " 
 					AND g.group_id = ug.group_id 
 					AND aa.group_id = ug.group_id 
 					$forum_match_sql";
 			$au_result = $db->sql_query($sql);
-			if(!$db->sql_numrows($au_result))
+		$forum_match_sql = ($forum_id != LIST_ALL) ? "AND ( aa.forum_id = $forum_id OR aa.forum_id = " . ALL . ")" : "";
 		$sql = "SELECT $a_sql, auth_mod, auth_admin, g.single_user 
 			FROM ".AUTH_ACCESS_TABLE." aa, " . USER_GROUP_TABLE. " ug, " . GROUPS_TABLE. " g 
 			WHERE ug.user_id = ".$userdata['user_id']. " 
 				AND g.group_id = ug.group_id 
 				AND aa.group_id = ug.group_id 
 				$forum_match_sql";
 		$au_result = $db->sql_query($sql);
 		$u_access = $db->sql_fetchrowset($au_result);
 		for($i = 0; $i < count($auth_fields); $i++)
 		{
 			$key = $auth_fields[$i];
 			$value = $f_access[$key];
 			//
 			// If the user is logged on and the forum
 			// type is either ALL or REG then the user
 			// has access
 			//
 			if($value == ALL || $value == REG)
 			{
-				//
+				$auth_user[$key] = true;
 				// No entry was found for this user
 				// thus they don't have access,
 				// You are the Weakest Link, Goodbye!
 				//
 				$auth_user = false;
 			}
 			else
 			{
-				$u_access = $db->sql_fetchrowset($au_result);
+				//
-			}
+				// If the type if ACL, MOD or ADMIN
 				// then we need to see if the user has
 				// specific permissions to do whatever it
 				// is they want to do ... to do this
 				// we pull relevant information for the user
 				// (and any groups they belong to)
 				//
-			$single_user = false;
+				$single_user = false;
-			//
+				//
-			// Now we compare the users access level
+				// Now we compare the users access level
-			// against the forums We assume here that
+				// against the forums We assume here that
-			// a moderator and admin automatically have
+				// a moderator and admin automatically have
-			// access to an ACL forum, similarly we assume
+				// access to an ACL forum, similarly we assume
-			// admins meet an auth requirement of MOD
+				// admins meet an auth requirement of MOD
-			//
+				//
-			// The access level assigned to a single user
+				// The access level assigned to a single user
-			// automatically takes precedence over any
+				// automatically takes precedence over any
-			// levels granted by that user being a member
+				// levels granted by that user being a member
-			// of a multi-user usergroup, eg. a user
+				// of a multi-user usergroup, eg. a user
-			// who is banned from a forum won't gain
+				// who is banned from a forum won't gain
-			// access to it even if they belong to a group
+				// access to it even if they belong to a group
-			// which has access (and vice versa). This
+				// which has access (and vice versa). This
-			// check is done via the single_user check
+				// check is done via the single_user check
-			//
+				//
-			switch($f_access)
+				switch($value)
-			{
+				{
-				case ACL:
+					case ACL:
-					for($i = 0; $i < count($u_access); $i++)
+						for($j = 0; $j < count($u_access); $j++)
 					{
 						if(!$single_user)
 						{
-							$auth_user = $auth_user || $u_access[$i]['user_auth'] || $u_access[$i]['auth_mod'] || $u_access[$i]['auth_admin'];
+							if(!$single_user)
-							$single_user = $u_access[$i]['single_user'];
+							{
 								$auth_user[$key] = $auth_user[$key] || $u_access[$j]['user_auth'] || $u_access[$i]['auth_mod'] || $u_access[$j]['auth_admin'];
 								$single_user = $u_access[$j]['single_user'];
 							}
 						}
-					}
+						break;
-					break;
+			
 					case MOD:
 						for($j = 0; $j < count($u_access); $j++)
 						{
 							if(!$single_user)
 							{
 								$auth_user[$key] = $auth_user[$key] || $u_access[$j]['auth_mod'] || $u_access[$j]['auth_admin'];
 								$single_user = $u_access[$j]['single_user'];
 							}
 						}
 						break;
-				case MOD:
+					case ADMIN:
-					for($i = 0; $i < count($u_access); $i++)
+						for($j = 0; $j < count($u_access); $j++)
 					{
 						if(!$single_user)
 						{
-							$auth_user = $auth_user || $u_access[$i]['auth_mod'] || $u_access[$i]['auth_admin'];
+							if(!$single_user)
-							$single_user = $u_access[$i]['single_user'];
+							{
 								$auth_user[$key] = $auth_user[$key] || $u_access[$j]['auth_admin'];
 								$single_user = $u_access[$j]['single_user'];
 							}
 						}
-					}
+						break;
 					break;
 				case ADMIN:
 					for($i = 0; $i < count($u_access); $i++)
 					{
 						if(!$single_user)
 						{
 							$auth_user = $auth_user || $u_access[$i]['auth_admin'];
 							$single_user = $u_access[$i]['single_user'];
 						}
 					}
 					break;
-				default:
+					default:
-					$auth_user = false;
+						$auth_user[$auth_fields[$i]] = false;
-					break;
+						break;
 				}
 			}
 		}
 		$single_user = false;
 		for($j = 0; $j < count($u_access); $j++)
 		{
 			if(!$single_user)
 			{
 				$auth_user['auth_mod'] = $auth_user['auth_mod'] || $u_access[$j]['auth_mod'];
 				$single_user = $u_access[$j]['single_user'];
 			}
 		}
 		$single_user = false;
 		for($j = 0; $j < count($u_access); $j++)
 		{
 			if(!$single_user)
 			{
 				$auth_user['auth_admin'] = $auth_user['auth_admin'] || $u_access[$j]['auth_admin'];
 				$single_user = $u_access[$j]['single_user'];
 			}
 		}
 	}
--- a/phpBB/templates/Default/viewforum_body.tpl
+++ b/phpBB/templates/Default/viewforum_body.tpl
@ -99,6 +99,9 @@
 	 </td>
 	</tr>
 	<tr>
 		<td align="left" style="{font-size: 8pt; height: 55px;}">{S_AUTH_LIST}</td>
 	</tr>
  </table>
 </td>
 </tr>
--- a/phpBB/templates/Default/viewtopic_body.tpl
+++ b/phpBB/templates/Default/viewtopic_body.tpl
@ -145,6 +145,9 @@
 	 </td>
 	</tr>
 	<tr>
 		<td align="left" style="{font-size: 8pt; height: 55px;}">{S_AUTH_LIST}</td>
 	</tr>
  </table>
 </td>
 </tr>
--- a/phpBB/templates/PSO/viewforum_body.tpl
+++ b/phpBB/templates/PSO/viewforum_body.tpl
@ -51,7 +51,7 @@
 	<tr>
 		<td width="20"></td>
 		<td width="40%"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}"><b>{S_TIMEZONE}</b></font></td>
-		<td rowspan="6" align="right" valign="top" nowrap>{JUMPBOX}</td>
+		<td rowspan="6" align="right" valign="top" nowrap>{JUMPBOX}<br><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">{S_AUTH_LIST}</font></td>
 	</tr>
 	<tr>
 		<td><img src="images/red_folder.gif"></td>
--- a/phpBB/templates/PSO/viewtopic_body.tpl
+++ b/phpBB/templates/PSO/viewtopic_body.tpl
@ -9,12 +9,12 @@
 	<tr>
 		<td bgcolor="{T_TH_COLOR1}"><table border="0" cellpadding="4" cellspacing="1" width="100%">
 			<tr>
-			        <td colspan="2" bgcolor="{T_TH_COLOR2}"><table width="100%" cellspacing="0" cellpadding="0" border="0"> 
+		        <td colspan="2" bgcolor="{T_TH_COLOR2}"><table width="100%" cellspacing="0" cellpadding="0" border="0"> 
-			                <tr>
+	                <tr>
-                        			<td><font face="{T_FONTFACE1}" size="{T_FONTSIZE3}"><b>{TOPIC_TITLE}</b></font></td> 
+               			<td><font face="{T_FONTFACE1}" size="{T_FONTSIZE3}"><b>{TOPIC_TITLE}</b></font></td> 
-                        			<td align="right" valign="middle"><a href="{U_POST_REPLY_TOPIC}"><img src="templates/PSO/images/reply.gif" border="1" /></a>&nbsp;&nbsp;<a href="{U_POST_NEW_TOPIC}"><img src="templates/PSO/images/post.gif" border="1" /></a>&nbsp;</td>  
+               			<td align="right" valign="middle"><a href="{U_POST_REPLY_TOPIC}"><img src="templates/PSO/images/reply.gif" border="1" /></a>&nbsp;&nbsp;<a href="{U_POST_NEW_TOPIC}"><img src="templates/PSO/images/post.gif" border="1" /></a>&nbsp;</td>  
- 			               </tr>
+	               </tr>
-        			</table></td>
+      			</table></td>
 			</tr>
 			<tr>
 				<td width="20%" bgcolor="{T_TH_COLOR3}"><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}"><b>{L_AUTHOR}</b></font></td>
@ -59,6 +59,6 @@
 <div align="center"><table cellspacing="2" border="0" width="98%">
 	<tr>
 		<td width="40%" valign="top"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}"><b>{S_TIMEZONE}</b></font></td>
-		<td align="right" valign="top" nowrap>{JUMPBOX}</td>
+		<td align="right" valign="top" nowrap>{JUMPBOX}<br><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">{S_AUTH_LIST}</font></td>
 	</tr>
 </table></div>
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -56,7 +56,7 @@ init_userprefs($userdata);
 //
 if(isset($forum_id))
 {
-	$sql = "SELECT f.forum_type, f.forum_name, f.forum_topics, u.username, u.user_id, fa.* 
+	$sql = "SELECT f.forum_name, f.forum_topics, u.username, u.user_id, fa.* 
 		FROM ".FORUMS_TABLE." f, ".FORUM_MODS_TABLE." fm, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." fa 
 		WHERE f.forum_id = $forum_id 
 			AND fa.forum_id = f.forum_id 
@ -88,9 +88,9 @@ if(!$forum_row)
 //
 // Start auth check
 //
-$is_auth = auth(READ, $forum_id, $userdata, $forum_row['0']['auth_read']);
+$is_auth = auth(ALL, $forum_id, $userdata, $forum_row[0]);
-if(!$is_auth)
+if(!$is_auth['auth_read'])
 {
 	//
 	// Ooopss, user is not authed
@ -304,10 +304,21 @@ if($total_topics)
 		);
 	}
 	$s_auth_can = "";
 	$s_auth_can .= "You " . (($is_auth['auth_read']) ? "<b>can</b>" : "<b>cannot</b>" ) . " read posts in this forum<br>";
 	$s_auth_can .= "You " . (($is_auth['auth_post']) ? "<b>can</b>" : "<b>cannot</b>") . " add new topics to this forum<br>";
 	$s_auth_can .= "You " . (($is_auth['auth_reply']) ? "<b>can</b>" : "<b>cannot</b>") . " reply to posts in this forum<br>";
 	$s_auth_can .= "You " . (($is_auth['auth_edit']) ? "<b>can</b>" : "<b>cannot</b>") . " edit your posts in this forum<br>";
 	$s_auth_can .= "You " . (($is_auth['auth_delete']) ? "<b>can</b>" : "<b>cannot</b>") . " delete your posts in this forum<br>";
 	$s_auth_can .= ($is_auth['auth_mod']) ? "You are a moderator of this forum<br>" : "";
 	$s_auth_can .= ($is_auth['auth_admin']) ? "You are a board admin<br>" : "";
 	$template->assign_vars(array(
 		"PAGINATION" => generate_pagination("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&postdays=$post_days", $topics_count, $board_config['topics_per_page'], $start),
 		"ON_PAGE" => (floor($start/$board_config['topics_per_page'])+1),
-		"TOTAL_PAGES" => ceil($topics_count/$board_config['topics_per_page']),
+		"TOTAL_PAGES" => ceil($topics_count/$board_config['topics_per_page']), 
 		"S_AUTH_LIST" => $s_auth_can,
 		"L_OF" => $lang['of'],
 		"L_PAGE" => $lang['Page'],
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -136,9 +136,9 @@ else
 	$join_sql_table = (!isset($post_id)) ? "" : "".POSTS_TABLE." p, ".POSTS_TABLE." p2,";
 	$join_sql = (!isset($post_id)) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
 	$count_sql = (!isset($post_id)) ? "" : ", COUNT(p2.post_id) AS prev_posts";
-	$order_sql = (!isset($post_id)) ? "" : "GROUP BY fm.user_id, p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_type, f.forum_name, f.forum_id, u.username, u.user_id ORDER BY p.post_id ASC";
+	$order_sql = (!isset($post_id)) ? "" : "GROUP BY fm.user_id, p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, u.username, u.user_id, fa.auth_read ORDER BY p.post_id ASC";
-	$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_type, f.forum_name, f.forum_id, u.username, u.user_id, fa.auth_read".$count_sql." 
+	$sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, f.forum_name, f.forum_id, u.username, u.user_id, fa.*".$count_sql." 
 		FROM $join_sql_table ".TOPICS_TABLE." t, ".FORUMS_TABLE." f, ".FORUM_MODS_TABLE." fm, ".USERS_TABLE." u, ".AUTH_FORUMS_TABLE." fa  
 		WHERE $join_sql 
 			AND f.forum_id = t.forum_id 
@ -213,7 +213,7 @@ init_userprefs($userdata);
 //
 // Start auth check
 //
-$is_auth = auth(READ, $forum_id, $userdata, $forum_row[0]['auth_read']);
+$is_auth = auth(ALL,  $forum_id, $userdata, $forum_row[0]);
 if(!$is_auth)
 {
@ -515,11 +515,22 @@ else
 	$pages = "1 $l_page";
 }
 $s_auth_can = "";
 $s_auth_can .= "You " . (($is_auth['auth_read']) ? "<b>can</b>" : "<b>cannot</b>" ) . " read posts in this forum<br>";
 $s_auth_can .= "You " . (($is_auth['auth_post']) ? "<b>can</b>" : "<b>cannot</b>") . " add new topics to this forum<br>";
 $s_auth_can .= "You " . (($is_auth['auth_reply']) ? "<b>can</b>" : "<b>cannot</b>") . " reply to posts in this forum<br>";
 $s_auth_can .= "You " . (($is_auth['auth_edit']) ? "<b>can</b>" : "<b>cannot</b>") . " edit your posts in this forum<br>";
 $s_auth_can .= "You " . (($is_auth['auth_delete']) ? "<b>can</b>" : "<b>cannot</b>") . " delete your posts in this forum<br>";
 $s_auth_can .= ($is_auth['auth_mod']) ? "You are a moderator of this forum<br>" : "";
 $s_auth_can .= ($is_auth['auth_admin']) ? "You are a board admin<br>" : "";
 $template->assign_vars(array(
 	"PAGINATION" => generate_pagination("viewtopic.$phpEx?".POST_TOPIC_URL."=$topic_id", $total_replies, $board_config['posts_per_page'], $start),
 	"ON_PAGE" => (floor($start/$board_config['posts_per_page'])+1),
 	"TOTAL_PAGES" => ceil(($total_replies)/$board_config['posts_per_page']),
 	"S_AUTH_LIST" => $s_auth_can,
 	"L_OF" => $lang['of'],
 	"L_PAGE" => $lang['Page'],
 	"L_GOTO_PAGE" => $lang['Goto_page'])