mirror of
https://github.com/phpbb/phpbb.git
synced 2025-06-28 14:18:52 +00:00
Allow restricted view forums
git-svn-id: file:///svn/phpbb/trunk@402 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen
parent
f3d9aa24f0
commit
ad4cfc051c
4 changed files with 212 additions and 133 deletions
|
|
@ -125,6 +125,8 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
//
|
||||
if(!$userdata['session_logged_in'])
|
||||
{
|
||||
$auth_user = array();
|
||||
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
for($i = 0; $i < count($f_access); $i++)
|
||||
|
|
@ -134,12 +136,11 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
}
|
||||
else
|
||||
{
|
||||
$auth_user_list = array();
|
||||
for($i = 0; $i < count($f_access); $i++)
|
||||
{
|
||||
for($j = 0; $j < count($auth_fields); $j++)
|
||||
{
|
||||
$auth_user_list[$f_access[$i]['forum_id']][$auth_fields[$j]] = ($f_access[$i][$auth_fields[$j]] == AUTH_ALL) ? 1 : 0;
|
||||
$auth_user[$f_access[$i]['forum_id']][$auth_fields[$j]] = ($f_access[$i][$auth_fields[$j]] == AUTH_ALL) ? 1 : 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -154,16 +155,19 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
AND aa.group_id = ug.group_id
|
||||
$forum_match_sql";
|
||||
$au_result = $db->sql_query($sql);
|
||||
|
||||
$u_access = $db->sql_fetchrowset($au_result);
|
||||
|
||||
$num_forums = (is_array($f_access[0])) ? count($f_access) : 1;
|
||||
|
||||
$is_admin = ($userdata['user_level'] == ADMIN) ? 1 : 0;
|
||||
|
||||
$auth_user = array();
|
||||
for($k = 0; $k < $num_forums; $k++)
|
||||
{
|
||||
for($i = 0; $i < count($auth_fields); $i++)
|
||||
{
|
||||
$key = $auth_fields[$i];
|
||||
$value = $f_access[$key];
|
||||
$value = ($forum_id != AUTH_LIST_ALL) ? $f_access[$key] : $f_access[$f_access[$k]['forum_id']][$key];
|
||||
|
||||
//
|
||||
// If the user is logged on and the forum
|
||||
|
|
@ -171,10 +175,17 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
// has access
|
||||
//
|
||||
if($value == AUTH_ALL || $value == AUTH_REG)
|
||||
{
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user[$key] = 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']][$key] = 1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
//
|
||||
// If the type if ACL, MOD or ADMIN
|
||||
|
|
@ -223,7 +234,16 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
{
|
||||
$single_user = $u_access[$j]['single_user'];
|
||||
|
||||
$auth_user[$key] = (!$single_user) ? ($auth_user[$key] || $u_access[$j][$key] || $u_access[$i]['auth_mod'] || $is_admin) : ($u_access[$j][$key] || $u_access[$i]['auth_mod'] || $is_admin);
|
||||
$result = (!$single_user) ? ($auth_user[$key] || $u_access[$j][$key] || $u_access[$i]['auth_mod'] || $is_admin) : ($u_access[$j][$key] || $u_access[$i]['auth_mod'] || $is_admin);
|
||||
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user[$key] = $result;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']][$key] = $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
|
@ -236,6 +256,15 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
$single_user = $u_access[$j]['single_user'];
|
||||
|
||||
$auth_user[$key] = (!$single_user) ? ($auth_user[$key] || $u_access[$j]['auth_mod'] || $is_admin) : ($u_access[$j]['auth_mod'] || $is_admin);
|
||||
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user[$key] = $result;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']][$key] = $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
|
@ -244,16 +273,29 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
//
|
||||
// Pretty redundant right now ...
|
||||
//
|
||||
$auth_user[$key] = ($userdata['user_level'] == ADMIN) ? 1 : 0;
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user[$key] = $is_admin;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']][$key] = $is_admin;
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user[$key] = 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']][$key] = 0;
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Is user a moderator?
|
||||
//
|
||||
|
|
@ -264,7 +306,16 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
{
|
||||
$single_user = $u_access[$j]['single_user'];
|
||||
|
||||
$auth_user['auth_mod'] = (!$single_user) ? ($auth_user['auth_mod'] || $u_access[$j]['auth_mod'] || $is_admin) : ($u_access[$j]['auth_mod'] || $is_admin);
|
||||
$result = (!$single_user) ? ($auth_user['auth_mod'] || $u_access[$j]['auth_mod'] || $is_admin) : ($u_access[$j]['auth_mod'] || $is_admin);
|
||||
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user['auth_mod'] = $result;
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']]['auth_mod'] = $result;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -272,8 +323,15 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
// Is user an admin (this is
|
||||
// really redundant at this time)
|
||||
//
|
||||
if($forum_id != AUTH_LIST_ALL)
|
||||
{
|
||||
$auth_user['auth_admin'] = $is_admin;
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
$auth_user[$f_access[$k]['forum_id']]['auth_admin'] = $is_admin;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
|
|
@ -281,7 +339,7 @@ function auth($type, $forum_id, $userdata, $f_access = -1)
|
|||
// however it will also return an array if a listing
|
||||
// of all forums to which a user has access was requested.
|
||||
//
|
||||
return ( ($forum_id != AUTH_LIST_ALL) ? $auth_user : $auth_user_list );
|
||||
return $auth_user;
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
@ -127,11 +127,12 @@ if($total_categories)
|
|||
default:
|
||||
// This works on: MySQL, MSSQL and ODBC (Access)
|
||||
$limit_forums = ($viewcat != -1) ? "WHERE f.cat_id = $viewcat " : "";
|
||||
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time
|
||||
FROM (( ".FORUMS_TABLE." f
|
||||
$sql = "SELECT f.*, t.topic_id, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, p.post_time, af.auth_view, af.auth_read, af.auth_post, af.auth_reply, af.auth_edit, af.auth_delete, af.auth_votecreate, af.auth_vote
|
||||
FROM ((( ".FORUMS_TABLE." f
|
||||
LEFT JOIN ".POSTS_TABLE." p ON f.forum_last_post_id = p.post_id )
|
||||
LEFT JOIN ".TOPICS_TABLE." t ON p.post_id = t.topic_last_post_id )
|
||||
LEFT JOIN ".USERS_TABLE." u ON p.poster_id = u.user_id
|
||||
LEFT JOIN ".USERS_TABLE." u ON p.poster_id = u.user_id )
|
||||
LEFT JOIN ".AUTH_FORUMS_TABLE." af ON af.forum_id = f.forum_id
|
||||
$limit_forums
|
||||
ORDER BY f.cat_id, f.forum_order";
|
||||
break;
|
||||
|
|
@ -140,6 +141,8 @@ if($total_categories)
|
|||
{
|
||||
error_die(SQL_QUERY, "Could not query forums information.", __LINE__, __FILE__);
|
||||
}
|
||||
$total_forums = $db->sql_numrows($q_forums);
|
||||
$forum_rows = $db->sql_fetchrowset($q_forums);
|
||||
|
||||
//
|
||||
// Note that this doesn't resolve conflicts where a user
|
||||
|
|
@ -162,9 +165,6 @@ if($total_categories)
|
|||
{
|
||||
error_die(SQL_QUERY, "Could not query forum moderator information.", __LINE__, __FILE__);
|
||||
}
|
||||
|
||||
$total_forums = $db->sql_numrows($q_forums);
|
||||
$forum_rows = $db->sql_fetchrowset($q_forums);
|
||||
$forum_mods_list = $db->sql_fetchrowset($q_forum_mods);
|
||||
|
||||
for($i = 0; $i < count($forum_mods_list); $i++)
|
||||
|
|
@ -173,23 +173,25 @@ if($total_categories)
|
|||
$forum_mods['forum_'.$forum_mods_list[$i]['forum_id'].'_id'][] = $forum_mods_list[$i]['user_id'];
|
||||
}
|
||||
|
||||
//
|
||||
// Find which forums are visible for
|
||||
// this user
|
||||
//
|
||||
$is_auth_ary = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata, $forum_rows);
|
||||
|
||||
//
|
||||
// Okay, let's build the index
|
||||
//
|
||||
$gen_cat = array();
|
||||
|
||||
for($i = 0; $i < $total_categories; $i++)
|
||||
{
|
||||
$template->assign_block_vars("catrow",
|
||||
array(
|
||||
"CAT_ID" => $category_rows[$i]['cat_id'],
|
||||
"CAT_DESC" => stripslashes($category_rows[$i]['cat_title']),
|
||||
"U_VIEWCAT" => append_sid("index." . $phpEx . "?viewcat=" . $category_rows[$i]['cat_id'])
|
||||
)
|
||||
);
|
||||
|
||||
for($j = 0; $j < $total_forums; $j++)
|
||||
{
|
||||
|
||||
if( ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $viewcat == -1 ) ||
|
||||
( $category_rows[$i]['cat_id'] == $viewcat) )
|
||||
if( ( ($forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $viewcat == -1) ||
|
||||
($category_rows[$i]['cat_id'] == $viewcat) ) &&
|
||||
$is_auth_ary[$forum_rows[$j]['forum_id']]['auth_view'])
|
||||
{
|
||||
|
||||
$folder_image = "<img src=\"".$images['folder']."\">";
|
||||
$posts = $forum_rows[$j]['forum_posts'];
|
||||
$topics = $forum_rows[$j]['forum_topics'];
|
||||
|
|
@ -231,6 +233,17 @@ if($total_categories)
|
|||
$moderators_links .= "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_mods['forum_'.$forum_rows[$j]['forum_id'].'_id'][$mods])."\">".$forum_mods['forum_'.$forum_rows[$j]['forum_id'].'_name'][$mods]."</a>";
|
||||
}
|
||||
|
||||
if(!$gen_cat[$category_rows[$i]['cat_id']])
|
||||
{
|
||||
$category_rows[$i]['cat_id']. " : " . $gen_cat[$category_rows[$i]['cat_id']]."<br>";
|
||||
$template->assign_block_vars("catrow", array(
|
||||
"CAT_ID" => $category_rows[$i]['cat_id'],
|
||||
"CAT_DESC" => stripslashes($category_rows[$i]['cat_title']),
|
||||
"U_VIEWCAT" => append_sid("index." . $phpEx . "?viewcat=" . $category_rows[$i]['cat_id']))
|
||||
);
|
||||
$gen_cat[$category_rows[$i]['cat_id']] = 1;
|
||||
}
|
||||
|
||||
$template->assign_block_vars("catrow.forumrow",
|
||||
array(
|
||||
"FOLDER" => $folder_image,
|
||||
|
|
@ -244,12 +257,20 @@ if($total_categories)
|
|||
|
||||
"U_VIEWFORUM" => append_sid("viewforum." . $phpEx . "?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id'] . "&" . $forum_rows[$j]['forum_posts']))
|
||||
);
|
||||
// "LAST_POST_USER" => "$forum_rows[$j]['username']",
|
||||
// "U_LAST_POST_USER_PROFILE" => "profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_rows[$j]['user_id']",
|
||||
// "U_LAST_POST" => "viewtopic.".$phpEx."?t=".$forum_rows[$j]['topic_id'],
|
||||
}
|
||||
else if($viewcat != -1)
|
||||
{
|
||||
if(!$gen_cat[$category_rows[$i]['cat_id']])
|
||||
{
|
||||
$template->assign_block_vars("catrow", array(
|
||||
"CAT_ID" => $category_rows[$i]['cat_id'],
|
||||
"CAT_DESC" => stripslashes($category_rows[$i]['cat_title']),
|
||||
"U_VIEWCAT" => append_sid("index." . $phpEx . "?viewcat=" . $category_rows[$i]['cat_id']))
|
||||
);
|
||||
$gen_cat[$category_rows[$i]['cat_id']] = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} // for ... categories
|
||||
|
||||
}// if ... total_categories
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ if(!$forum_row)
|
|||
//
|
||||
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row[0]);
|
||||
|
||||
if(!$is_auth['auth_read'])
|
||||
if(!$is_auth['auth_read'] || !$is_auth['auth_view'])
|
||||
{
|
||||
//
|
||||
// Ooopss, user is not authed
|
||||
|
|
|
|||
|
|
@ -216,7 +216,7 @@ init_userprefs($userdata);
|
|||
//
|
||||
$is_auth = auth(AUTH_ALL, $forum_id, $userdata, $forum_row[0]);
|
||||
|
||||
if(!$is_auth)
|
||||
if(!$is_auth['auth_view'] || !$is_auth['auth_view'])
|
||||
{
|
||||
//
|
||||
// Ooopss, user is not authed
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue