makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Non (fully) working alternative to depedencies for admin, super mod and mod ... possibly

Browse source 
git-svn-id: file:///svn/phpbb/trunk@3827 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-04-13 18:01:30 +00:00
parent 2dc95a7e3e
commit c259434af4
1 changed files with 336 additions and 421 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

753
phpBB/adm/admin_permissions.php
View file

@ -42,10 +42,10 @@ require('pagestart.' . $phpEx);
// Grab and set some basic parameters
//
// 'mode' determines what we're altering; administrators, users, deps, etc.
// 'type' is used primarily for deps and contains the original 'mode'
// 'submit' is used to determine what we're doing ... special format
$mode = (isset($_REQUEST['mode'])) ? htmlspecialchars($_REQUEST['mode']) : '';
$type = (isset($_REQUEST['type'])) ? htmlspecialchars($_REQUEST['type']) : '';
$submode= (isset($_REQUEST['submode'])) ? htmlspecialchars($_REQUEST['submode']) : '';
$which_mode = (!empty($submode) && $submode != $mode) ? $submode : $mode;
$submit = array_values(preg_grep('#^submit_(.*)$#i', array_keys($_POST)));
$submit = (sizeof($submit)) ? substr($submit[0], strpos($submit[0], '_') + 1) : '';
@ -54,12 +54,7 @@ $submit = (sizeof($submit)) ? substr($submit[0], strpos($submit[0], '_') + 1) :
//
// 'auth_settings' contains the submitted option settings assigned to options, should be an
// associative array with integer values
// 'auth_setting' contains the value of the submitted 'auth_option', an integer value used
// mainly by deps mode
// 'auth_option' contains a single auth_option string, used mainly by deps mode
$auth_settings = (isset($_POST['settings'])) ? array_map('intval', $_POST['settings']) : '';
$auth_option = (isset($_REQUEST['option'])) ? htmlspecialchars($_REQUEST['option']) : '';
$auth_setting = (isset($_REQUEST['setting'])) ? intval($_REQUEST['setting']) : '';
$auth_settings = (isset($_POST['settings'])) ? $_POST['settings'] : '';
// Forum, User or Group information
@ -69,7 +64,17 @@ $auth_setting = (isset($_REQUEST['setting'])) ? intval($_REQUEST['setting']) : '
// 'forum_id' contains the list of forums, 0 is used for "All forums", can be array or scalar
$ug_type = (isset($_REQUEST['ug_type'])) ? htmlspecialchars($_REQUEST['ug_type']) : '';
$ug_data = (isset($_POST['ug_data'])) ? $_POST['ug_data'] : '';
$forum_id = (isset($_REQUEST['f'])) ? ((is_array($_REQUEST['f'])) ? array_map('intval', $_REQUEST['f']) : intval($_REQUEST['f'])) : 0;
if (isset($_REQUEST['f']))
{
$forum_id = (is_array($_REQUEST['f'])) ? $_REQUEST['f'] : intval($_REQUEST['f']);
}
if (!isset($forum_id[$which_mode]))
{
$forum_id[$which_mode][] = 0;
}
$sql_forum_id = implode(', ', array_map('intval', $forum_id[$which_mode]));
// Instantiate a new auth admin object in readiness
@ -137,19 +142,26 @@ if (!$auth->acl_get($which_acl))
// Are we setting deps? If we are we need to re-run the mode match above for the
// relevant 'new' mode
if ($mode == 'deps')
if (!empty($submode))
{
switch ($type)
switch ($submode)
{
case 'forum':
$l_title_explain = $user->lang['PERMISSIONS_EXPLAIN'];
$which_acl = 'a_auth';
$sql_option_mode = 'f';
break;
case 'mod':
case 'supermod':
$l_title_explain = $user->lang['MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
$sql_option_mode = 'm';
break;
case 'admin':
$which_acl = 'a_authadmins';
$sql_option_mode = 'a';
case 'supermod':
$l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN'];
$which_acl = 'a_authmods';
$sql_option_mode = 'm';
break;
}
@ -167,158 +179,88 @@ switch ($submit)
{
case 'update':
switch ($mode)
print_r($auth_settings);
// Here we decide which depedencies we are looking for ... if all the submitted
// settings are the same we look for a dependency of "All options". This allows
// for situations where for example changing permissions for all options to the
// same setting (e.g. 'unset' or 'no') could lead to forum view permissions being
// changed to 'unset'. When all options do not have the same setting we lookup
// dependencies for the given range of options and settings and those where
// "Any option" has been specified for the current range of settings
// No dependencies exist or we've already shown 'em ... so now
// we go ahead and update the permission sets
echo "DONE";
exit;
// If we are submitting with dependencies first we set the original options
if (isset($_POST['skipdeps']))
{
case 'deps':
$forum_id = (!is_array($forum_id)) ? array($forum_id) : $forum_id;
$auth_settings_ary = $db->sql_escape(serialize($auth_settings));
$sql = '';
foreach ($forum_id as $id)
{
switch (SQL_LAYER)
{
case 'mysql':
case 'mysql4':
$sql .= (($sql != '') ? ', ' : '') . "('$option', $auth_setting, $id, '$auth_settings_ary')";
break;
case 'mssql':
$sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT '$option', $auth_setting, $id, '$auth_settings_ary'";
break;
default:
$sql = "INSERT INTO " . ACL_DEPS_TABLE . " (auth_option, auth_setting, forum_id, auth_deps)
VALUES ('$option', $auth_setting, $id, '$auth_settings_ary')";
$result = $db->sql_query($sql);
$sql = '';
}
}
if ($sql != '')
{
echo $sql = "INSERT INTO " . ACL_DEPS_TABLE . " (auth_option, auth_setting, forum_id, auth_deps)
VALUES $sql";
$result = $db->sql_query($sql);
}
unset($auth_settings_ary);
exit;
break;
default:
// User wants to submit these changes ... before we allow this
// we first check to see if any dependencies exist. If they do
// we pull them, and give the user the option of applying them
// or skipping them
$sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;
$sql_dep = $sql_global = array();
foreach ($auth_settings as $option => $setting)
{
$sql_dep[$setting] .= (($sql_dep[$setting] != '') ? ', ' : '') . "'$option'";
}
$sql_options = '';
foreach ($sql_dep as $setting => $options)
{
$sql_options .= (($sql_options != '') ? ' OR ' : '') . " (auth_option IN ($options) AND auth_setting = $setting)";
}
$sql = "SELECT auth_deps
FROM " . ACL_DEPS_TABLE . "
WHERE $sql_options";
// AND forum_id $sql_forum";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
do
{
$temp = unserialize($row['auth_deps']);
foreach ($temp as $option => $setting)
{
$auth_settings[$option] = (!isset($auth_settings[$option]) || $setting < $auth_settings[$option]) ? $setting : $auth_settings[$option];
}
}
while ($row = $db->sql_fetchrow($result));
unset($temp);
unset($option);
unset($setting);
unset($sql_auth_option);
$sql_option_mode = 'f';
}
$db->sql_freeresult($result);
//print_r($auth_settings);
//echo "HERE :: UPDATE ACLS";
/*
// Admin wants subforums to inherit permissions ... so handle this
if (!empty($_POST['inherit']))
{
array_push($_POST['inherit'], $forum_id);
$forum_id = $_POST['inherit'];
}
foreach ($ug_data as $id)
{
$auth_admin->acl_set($ug_type, $forum_id, $id, $auth_settings);
}
cache_moderators();
trigger_error($user->lang['AUTH_UPDATED']);
*/
foreach ($ug_data as $id)
{
$auth_admin->acl_set($ug_type, $forum_id_deps, $id, $auth_settings_deps);
}
}
unset($auth_settings_deps);
unset($forum_id_deps);
// Admin wants subforums to inherit permissions ... so handle this
if (!empty($_POST['inherit']))
{
array_push($_POST['inherit'], $forum_id);
$forum_id = $_POST['inherit'];
}
// This will be either the submitted dependencies or the "original" options
// dependending on whether any dependencies existed and were submitted
if (empty($_POST['skipdeps']))
{
foreach ($ug_data as $id)
{
$auth_admin->acl_set($ug_type, $forum_id, $id, $auth_settings);
}
}
cache_moderators();
trigger_error($user->lang['AUTH_UPDATED']);
break;
case 'delete':
echo "HERE :: DELETE";
exit;
switch ($mode)
/*
$option_ids = false;
if (!empty($settings)
{
case 'deps':
break;
$sql = "SELECT auth_option_id
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $settings['option'] . "_%'";
$result = $db->sql_query($sql);
default:
/* $option_ids = false;
if (!empty($settings)
if ($row = $db->sql_fetchrow($result))
{
$option_ids = array();
do
{
$sql = "SELECT auth_option_id
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE '" . $settings['option'] . "_%'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result))
{
$option_ids = array();
do
{
$option_ids[] = $row['auth_option_id'];
}
while($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
$option_ids[] = $row['auth_option_id'];
}
foreach ($_POST['ug_id'] as $id)
{
$auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids);
}
cache_moderators();
trigger_error($user->lang['AUTH_UPDATED']);*/
break;
while($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
}
foreach ($_POST['ug_id'] as $id)
{
$auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids);
}
cache_moderators();
trigger_error($user->lang['AUTH_UPDATED']);
*/
break;
case 'presetsave':
@ -379,7 +321,7 @@ page_header($l_title);
// First potential form ... this is for selecting forums, users
// or groups.
if (($mode == 'user' || $mode == 'group' || $mode == 'forum' || $mode == 'mod') && empty($submit))
if (in_array($mode, array('user', 'group', 'forum', 'mod')) && empty($submit))
{
?>
@ -413,6 +355,7 @@ if (($mode == 'user' || $mode == 'group' || $mode == 'forum' || $mode == 'mod')
break;
case 'user':
?>
<tr>
<th align="center"><?php echo $user->lang['LOOK_UP_USER']; ?></th>
@ -466,11 +409,20 @@ if (($mode == 'user' || $mode == 'group' || $mode == 'forum' || $mode == 'mod')
// Second possible form, this lists the currently enabled
// users/groups for the given mode
if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($submit) && in_array($mode, array('admin', 'supermod'))))
if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || ($submit != 'options' && empty($submode) && in_array($mode, array('admin', 'supermod'))))
{
// Define appropriate SQL for linking on forums
$sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ') ' : ' = ' . $forum_id;
// Generate list of forum id's
$s_forum_id = '';
foreach ($forum_id as $forum_submode => $forum_submode_ids)
{
foreach ($forum_submode_ids as $submode_forum_id)
{
$s_forum_id .= '<input type="hidden" name="f[' . $forum_submode . '][]" value="' . $submode_forum_id . '" />';
}
}
unset($forum_submode_ids);
unset($forum_submode);
unset($submode_forum_id);
?>
@ -490,7 +442,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o
WHERE o.auth_option LIKE '" . $sql_option_mode . "_%'
AND a.auth_option_id = o.auth_option_id
AND a.forum_id $sql_forum
AND a.forum_id IN ($sql_forum_id)
AND u.user_id = a.user_id
ORDER BY u.username, u.user_regdate ASC";
$result = $db->sql_query($sql);
@ -510,7 +462,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
<td class="row1" align="center"><select style="width:280px" name="ug_data[]" multiple="multiple" size="5"><?php echo $users; ?></select></td>
</tr>
<tr>
<td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="user" /><?php echo $s_forum_id; ?></td>
</tr>
</table></form></td>
@ -520,7 +472,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
$sql = "SELECT DISTINCT g.group_id, g.group_name
FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o
WHERE o.auth_option LIKE '" . $sql_option_mode . "_%'
AND a.forum_id $sql_forum
AND a.forum_id IN ($sql_forum_id)
AND a.auth_option_id = o.auth_option_id
AND g.group_id = a.group_id
ORDER BY g.group_type DESC, g.group_name ASC";
@ -553,7 +505,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
<td class="row1" align="center"><select style="width:280px" name="ug_data[]" multiple="multiple" size="5"><?php echo $groups; ?></select></td>
</tr>
<tr>
<td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"><input class="liteoption" type="submit" name="submit_delete" value="<?php echo $user->lang['DELETE']; ?>" /> &nbsp; <input class="liteoption" type="submit" name="submit_options" value="<?php echo $user->lang['SET_OPTIONS']; ?>" /><input type="hidden" name="ug_type" value="group" /><?php echo $s_forum_id; ?></td>
</tr>
</table></form></td>
@ -568,7 +520,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
<td class="row1" align="center"><textarea cols="40" rows="4" name="ug_data[]"></textarea></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['FIND_USERNAME']; ?>" class="liteoption" onclick="window.open('<?php echo "../memberlist.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="ug_type" value="user" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['FIND_USERNAME']; ?>" class="liteoption" onclick="window.open('<?php echo "../memberlist.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" /><input type="hidden" name="ug_type" value="user" /><?php echo $s_forum_id; ?></td>
</tr>
</table></form></td>
@ -580,7 +532,7 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
<td class="row1" align="center"><select name="ug_data[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td>
</tr>
<tr>
<td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /><input type="hidden" name="ug_type" value="group" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
<td class="cat" align="center"> <input type="submit" name="submit_options" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['RESET']; ?>" class="liteoption" /><input type="hidden" name="ug_type" value="group" /><?php echo $s_forum_id; ?></td>
</tr>
</table></form></td>
</tr>
@ -592,25 +544,28 @@ if ((in_array($submit, array('usergroups', 'delete', 'cancel'))) || (empty($subm
// End user and group acl selections
// Third possible form, this is the major section of this script. It
// handles the entry of permission options for all situations
if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) || $mode == 'deps')
if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) || !empty($submode))
{
if (!isset($forum_id) && empty($ug_data) && $mode != 'deps')
if (!isset($forum_id) && empty($ug_data))
{
trigger_error($user->lang['NO_MODE']);
}
// Grab the forum details if non-zero forum_id
if ($forum_id != 0)
if (!in_array(0, $forum_id[$which_mode]))
{
$forum_data = array();
$sql = 'SELECT forum_id, forum_name, parent_id
FROM ' . FORUMS_TABLE . '
WHERE forum_id';
$sql .= (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;
FROM ' . FORUMS_TABLE . "
WHERE forum_id IN ($sql_forum_id)";
$result = $db->sql_query($sql);
if (!($forum_data = $db->sql_fetchrow($result)))
@ -623,54 +578,51 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
// Grab relevant user or group information
$ug_ids = $ug_names = $ug_hidden = '';
if ($mode != 'deps')
$l_no_error = '';
switch ($ug_type)
{
$l_no_error = '';
switch ($ug_type)
{
case 'user':
$l_no_error = $user->lang['NO_USER'];
$sql = 'SELECT user_id AS id, username AS name
FROM ' . USERS_TABLE . '
WHERE user_id';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;
break;
case 'user':
$l_no_error = $user->lang['NO_USER'];
$sql = 'SELECT user_id AS id, username AS name
FROM ' . USERS_TABLE . '
WHERE user_id';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;
break;
case 'username':
$l_no_error = $user->lang['NO_USER'];
$sql = 'SELECT user_id AS id, username AS name
FROM ' . USERS_TABLE . '
WHERE username';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#', "'\\1'", $ug_data)) . ')' : ' = ' . "'" . trim($ug_data) . "'";
break;
case 'username':
$l_no_error = $user->lang['NO_USER'];
$sql = 'SELECT user_id AS id, username AS name
FROM ' . USERS_TABLE . '
WHERE username';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#', "'\\1'", $ug_data)) . ')' : ' = ' . "'" . trim($ug_data) . "'";
break;
case 'group':
$l_no_error = $user->lang['NO_GROUP'];
$sql = 'SELECT group_id AS id, group_name AS name
FROM ' . GROUPS_TABLE . '
WHERE group_id';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;
break;
}
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
trigger_error($l_no_error);
}
unset($l_no_error);
unset($ug_data);
// Store the user_ids and names for later use
do
{
$ug_names .= (($ug_names != '') ? ', ' : '') . $row['name'];
$ug_ids .= (($ug_ids != '') ? ', ' : '') . $row['id'];
$ug_hidden .= '<input type="hidden" name="ug_data[]" value="' . $row['id'] . '" />';
}
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
case 'group':
$l_no_error = $user->lang['NO_GROUP'];
$sql = 'SELECT group_id AS id, group_name AS name
FROM ' . GROUPS_TABLE . '
WHERE group_id';
$sql .= (is_array($ug_data)) ? ' IN (' . implode(', ', $ug_data) . ')' : ' = ' . $ug_data;
break;
}
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
trigger_error($l_no_error);
}
unset($l_no_error);
unset($ug_data);
// Store the user_ids and names for later use
do
{
$ug_names .= (($ug_names != '') ? ', ' : '') . $row['name'];
$ug_ids .= (($ug_ids != '') ? ', ' : '') . $row['id'];
$ug_hidden .= '<input type="hidden" name="ug_data[]" value="' . $row['id'] . '" />';
}
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
// Grab the list of options ... if we're in deps mode we want all options,
@ -778,66 +730,77 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
// If we aren't looking @ deps then we try and grab existing sessions for
// the given forum and user/group
if ($mode != 'deps' && $auth_settings == '')
if (empty($auth_settings[$which_mode]))
{
switch ($ug_type)
if ($which_mode == $mode)
{
case 'group':
$sql_table = ACL_GROUPS_TABLE . ' a ';
$sql_join = 'a.group_id';
break;
case 'user':
$sql_table = ACL_USERS_TABLE . ' a, ';
$sql_join = 'a.user_id';;
break;
}
$sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;
$sql = "SELECT o.auth_option, MIN(a.auth_setting) AS min_auth_setting
FROM $sql_table, " . ACL_OPTIONS_TABLE . " o
WHERE o.auth_option LIKE '" . $sql_option_mode . "_%'
AND a.auth_option_id = o.auth_option_id
AND a.forum_id $sql_forum
AND $sql_join IN ($ug_ids)
GROUP BY o.auth_option";
$result = $db->sql_query($sql);
$auth_settings = array();
while ($row = $db->sql_fetchrow($result))
{
$auth_settings[$row['auth_option']] = $row['min_auth_setting'];
}
$db->sql_freeresult($result);
}
else if ($mode == 'deps')
{
$sql_forum = (is_array($forum_id)) ? ' IN (' . implode(', ', $forum_id) . ')' : ' = ' . $forum_id;
$sql_auth_option = (preg_match('#^[a-z]_$#', $auth_option)) ? " LIKE '$auth_option%'" : " IN ('" . $auth_option . "', '$sql_option_mode')";
$sql = "SELECT auth_deps
FROM " . ACL_DEPS_TABLE . "
WHERE auth_option $sql_auth_option
AND forum_id $sql_forum
AND auth_setting = $auth_setting";
$result = $db->sql_query($sql);
$auth_settings = (!isset($auth_settings)) ? array() : $auth_settings;
while ($row = $db->sql_fetchrow($result))
{
$temp = unserialize($row['auth_deps']);
foreach ($temp as $option => $setting)
switch ($ug_type)
{
$auth_settings[$option] = (!isset($auth_settings[$option]) || $setting < $auth_settings[$option]) ? $setting : $auth_settings[$option];
case 'group':
$sql_table = ACL_GROUPS_TABLE . ' a ';
$sql_join = 'a.group_id';
break;
case 'user':
$sql_table = ACL_USERS_TABLE . ' a, ';
$sql_join = 'a.user_id';;
break;
}
$sql = "SELECT o.auth_option, MIN(a.auth_setting) AS min_auth_setting
FROM $sql_table, " . ACL_OPTIONS_TABLE . " o
WHERE o.auth_option LIKE '" . $sql_option_mode . "_%'
AND a.auth_option_id = o.auth_option_id
AND a.forum_id IN ($sql_forum_id)
AND $sql_join IN ($ug_ids)
GROUP BY o.auth_option";
$result = $db->sql_query($sql);
$auth_settings[$which_mode] = array();
while ($row = $db->sql_fetchrow($result))
{
$auth_settings[$which_mode][$row['auth_option']] = $row['min_auth_setting'];
}
$db->sql_freeresult($result);
}
else
{
// We're looking at a view ... so we'll set all options to ignore
// We could be a little more clever here but the "safe side" looks
// better right now
$auth_settings[$which_mode] = array();
foreach ($auth_options as $option)
{
$auth_settings[$which_mode][$option['auth_option']] = -1;
}
}
$db->sql_freeresult($result);
unset($temp);
unset($option);
unset($setting);
unset($sql_auth_option);
}
// Should we display a dropdown for views?
$view_options = '';
if (in_array($mode, array('admin', 'supermod', 'mod')))
{
$view_options .= '<option value="-1">Select view</option>';
$view_options .= (!empty($submode) && $mode != $submode) ? '<option value="' . $mode . '">' . $user->lang['ACL_VIEW_' . strtoupper($mode)] . '</option>' : '';
$view_ary = array(
'admin' => array('forum' => 'a_auth', 'mod' => 'a_modauth', 'supermod' => 'a_modauth'),
'supermod' => array('forum' => 'a_auth'),
'mod' => array('forum' => 'a_auth')
);
foreach ($view_ary[$mode] as $which_submode => $which_acl)
{
if ($auth->acl_get($which_acl))
{
$view_options .= '<option value="' . $which_submode . '"' . (($which_submode == $submode) ? ' selected="selected"' : '') . '>' . $user->lang['ACL_VIEW_' . strtoupper($which_submode)] . '</option>';
}
}
unset($view_ary);
}
// print_r($auth_settings);
?>
<script language="Javascript" type="text/javascript">
@ -885,6 +848,11 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
elem.checked = true;
break;
case 'all_ignore':
if (elem.value == -1)
elem.checked = true;
break;
default:
option_name = elem.name.substr(9, elem.name.length - 10);
@ -919,118 +887,33 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
//-->
</script>
<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p>
<h1><?php echo $l_title; ?></h1>
<p><?php echo $l_title_explain; ?></p>
<form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode&amp;submode=$submode"; ?>"><table cellspacing="2" cellpadding="0" border="0" align="center">
<?php
if ($submit == 'update')
{
?>
<h1 style="color:red">Warning!</h1>
<p>A number of dependencies have been set for the changes you have requested. You can skip setting these dependences if you wish by clicking the appropriate checkbox. You can also modify the dependencies as required. Clicking update will commit your previous setting changes and those listed below (unless you choose to skip them).</p>
<?php
}
?>
<form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table cellspacing="2" cellpadding="0" border="0" align="center">
<?php
// The above query grabs the list of options for the required mode ...
// however for the deps system we need to grab the set of options for
// which dependencies are to be set
// This is the main listing of options
// We output this for both deps and when update is requested where
// deps exist
if ($mode == 'deps' || $submit == 'update')
if (($mode == 'admin' || $mode == 'supermod') && in_array($submode, array('forum', 'mod')))
{
?>
<tr>
<td align="right"><form method="post" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0">
<td colspan="2" align="right"><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0">
<tr>
<th colspan="2">&nbsp;</th>
</tr>
<?php
}
if ($mode == 'deps')
{
// Turn auth_options array above into the dep_auth_options list
$dep_auth_options = $dep_auth_values = $dep_auth_forums = '';
foreach ($auth_options as $option)
{
$dep_auth_options .= '<option value="' . $option['auth_option'] . '"' . (($option['auth_option'] == $auth_option) ? ' selected="selected"' : '') . '>' . ((!empty($user->lang['acl_' . $option['auth_option']])) ? $user->lang['acl_' . $option['auth_option']] : (($option['auth_option'] == $sql_option_mode . '_') ? 'Any option' : ucfirst(preg_replace('#.*?_#', '', $option['auth_option'])))) . '</option>';
}
unset($auth_options);
unset($option);
// Define the Yes, No, Unset selections
$values = array(ACL_NO => $user->lang['NO'], ACL_YES => $user->lang['YES'], ACL_UNSET => $user->lang['UNSET']);
foreach ($values as $value => $option)
{
$dep_auth_values .= '<option value="' . $value . '"' . (($value === $auth_setting) ? ' selected="selected"' : '') . '>' . $option . '</option>';
}
unset($values);
unset($option);
// We've grabbed the list of options for this mode now we need to
// grab the list of options we can set dependencies for
$founder_sql = ($user->data['user_founder']) ? ' AND founder_only <> 1' : '';
$sql = "SELECT auth_option
FROM " . ACL_OPTIONS_TABLE . "
WHERE auth_option LIKE 'f_%'
AND auth_option <> 'f_'
$founder_sql";
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result))
{
$auth_options[] = $row;
}
$db->sql_freeresult($result);
?>
<tr>
<td class="row1" width="150">Changing option:</td>
<td class="row2"><select name="option" onchange="this.form.submit()"><?php echo $dep_auth_options; ?></select></td>
</tr>
<tr>
<td class="row1" width="150">To value:</td>
<td class="row2"><select name="setting" onchange="this.form.submit()"><option value="0"<?php
echo ($dep_value == 0) ? ' selected="selected"' : '';
?>>Choose value</option><?php echo $dep_auth_values; ?></select></td>
</tr>
<?php
unset($dep_auth_options);
unset($dep_auth_values);
}
// We output this for both deps and when update is requested where
// deps exist
if ($mode == 'deps' || $submit == 'update')
{
?>
<tr>
<td class="row1" width="150">Will set options in: <br /><span class="gensmall"></span></td>
<td class="row2"><select name="f[]" multiple="4" onchange="this.form.submit()"><?php
<td class="row2"><select name="f[<?php echo $which_mode; ?>][]" multiple="4" onchange="this.form.submit()"><?php
echo make_forum_select($forum_id, false);
echo make_forum_select($forum_id[$which_mode], false);
?></select></td>
</tr>
@ -1038,30 +921,52 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
</tr>
<?php
unset($dep_forum_options);
}
// End deps output
// This is the main listing of options
?>
<tr>
<td align="left"><?php
$colspan = 4;
if ($view_options != '')
{
$colspan = 5;
?><select name="submode" onchange="if (this.options[this.selectedIndex].value != -1) this.form.submit();"><?php echo $view_options; ?></select><?php
}
?></td>
<td align="right"><?php echo $user->lang['PRESETS']; ?>: <select name="set" onchange="use_preset(this.options[this.selectedIndex].value);"><option class="sep"><?php echo $user->lang['SELECT'] . ' -&gt;'; ?></option><option value="all_yes"><?php echo $user->lang['ALL_YES']; ?></option><option value="all_no"><?php echo $user->lang['ALL_NO']; ?></option><option value="all_unset"><?php echo $user->lang['ALL_UNSET']; ?></option><?php
if ($which_mode != $mode)
{
echo '<option value="all_ignore">All Ignore</option>';
}
echo ($preset_options) ? '<option class="sep">' . $user->lang['USER_PRESETS'] . ' -&gt;' . '</option>' . $preset_options : '';
?></select></td>
</tr>
<tr>
<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th>&nbsp;<?php echo $user->lang['OPTION']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['YES']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['NO']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['UNSET']; ?>&nbsp;</th>
</tr>
</tr>
<tr>
<td colspan="2"><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th>&nbsp;<?php echo $user->lang['OPTION']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['YES']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['UNSET']; ?>&nbsp;</th>
<th width="50">&nbsp;<?php echo $user->lang['NO']; ?>&nbsp;</th><?php
if ($which_mode != $mode)
{
?>
<th width="50">&nbsp;<?php echo 'Ignore';?>&nbsp;</th><?php
}
?>
</tr>
<?php
for($i = 0; $i < sizeof($auth_options); $i++)
@ -1070,44 +975,44 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
// Try and output correct language strings, else output prettyfied auth_option
$l_auth_option = (!empty($user->lang['acl_' . $auth_options[$i]['auth_option']])) ? $user->lang['acl_' . $auth_options[$i]['auth_option']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_option']));
$s_auth_option = '[' . $which_mode . '][' . $auth_options[$i]['auth_option'] . ']';
// Which option should we select?
$selected_yes = (isset($auth_settings[$auth_options[$i]['auth_option']]) && $auth_settings[$auth_options[$i]['auth_option']] == ACL_YES) ? ' checked="checked"' : '';
$selected_no = (isset($auth_settings[$auth_options[$i]['auth_option']]) && $auth_settings[$auth_options[$i]['auth_option']] == ACL_NO) ? ' checked="checked"' : '';
$selected_unset = (!isset($auth_settings[$auth_options[$i]['auth_option']]) || $auth_settings[$auth_options[$i]['auth_option']] == ACL_UNSET) ? ' checked="checked"' : '';
// Output dependency links?
$dep_x_yes = $dep_x_no = $dep_x_unset = $dep_x_open = $dep_x_close = '';
if (in_array($mode, array('admin', 'supermod', 'mod')) && $auth->acl_get('a_deps') && $submit != 'update')
{
$dep_x_open = ' <a class="gensmall" style="vertical-align:top" href="javascript:open_win(\'' . "admin_permissions.$phpEx$SID&amp;mode=deps&amp;type=$mode&amp;" . ((is_array($forum_id)) ? implode('&amp;', preg_replace('#([0-9]+)#', 'f[]=\1', $forum_id)) : "f=$forum_id") . '&amp;option=' . $auth_options[$i]['auth_option'] . "&amp;setting=";
$dep_x_close = '\', 500, 500)" title="Set Dependency">X</a>';
$dep_x_yes = $dep_x_open . ACL_YES . $dep_x_close;
$dep_x_no = $dep_x_open . ACL_NO . $dep_x_close;
$dep_x_unset = $dep_x_open . ACL_UNSET . $dep_x_close;
}
$selected_yes = (isset($auth_settings[$which_mode][$auth_options[$i]['auth_option']]) && $auth_settings[$which_mode][$auth_options[$i]['auth_option']] == ACL_YES) ? ' checked="checked"' : '';
$selected_no = (isset($auth_settings[$which_mode][$auth_options[$i]['auth_option']]) && $auth_settings[$which_mode][$auth_options[$i]['auth_option']] == ACL_NO) ? ' checked="checked"' : '';
$selected_unset = (!isset($auth_settings[$which_mode][$auth_options[$i]['auth_option']]) || $auth_settings[$which_mode][$auth_options[$i]['auth_option']] == ACL_UNSET) ? ' checked="checked"' : '';
$selected_ignore = (isset($auth_settings[$which_mode][$auth_options[$i]['auth_option']]) && $auth_settings[$which_mode][$auth_options[$i]['auth_option']] == -1) ? ' checked="checked"' : '';
?>
<tr>
<td class="<?php echo $row_class; ?>" nowrap="nowrap"><?php echo $l_auth_option; ?>&nbsp;</td>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_YES; ?>"<?php echo $selected_yes; ?> /><?php echo $dep_x_yes; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings<?php echo $s_auth_option ;?>" value="<?php echo ACL_YES; ?>"<?php echo $selected_yes; ?> /></td>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_NO; ?>"<?php echo $selected_no; ?> /><?php echo $dep_x_no; ?></td>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings<?php echo $s_auth_option ;?>" value="<?php echo ACL_UNSET; ?>"<?php echo $selected_unset; ?> /></td>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings<?php echo $s_auth_option ;?>" value="<?php echo ACL_NO; ?>"<?php echo $selected_no; ?> /></td><?php
if ($which_mode != $mode)
{
?>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings<?php echo $s_auth_option ;?>" value="-1"<?php echo $selected_ignore; ?> /></td><?php
}
?>
<td class="<?php echo $row_class; ?>" align="center"><input type="radio" name="settings[<?php echo $auth_options[$i]['auth_option']; ?>]" value="<?php echo ACL_UNSET; ?>"<?php echo $selected_unset; ?> /><?php echo $dep_x_unset; ?></td>
</tr>
<?php
}
// Subforum inheritance
if (($sql_option_mode == 'f' || ($sql_option_mode == 'm' && $mode != 'supermod')) && $mode != 'deps' && $submit != 'update')
if (($sql_option_mode == 'f' || ($sql_option_mode == 'm' && $mode != 'supermod')) && empty($submode))
{
$children = get_forum_branch($forum_id, 'children', 'descending', false);
$children = get_forum_branch($forum_id[$which_mode], 'children', 'descending', false);
if (!empty($children))
{
@ -1117,7 +1022,7 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
<th colspan="4"><?php echo $user->lang['ACL_SUBFORUMS']; ?></th>
</tr>
<tr>
<td class="row1" colspan="4"><table width="100%" cellspacing="1" cellpadding="0" border="0">
<td class="row1" colspan="<?php echo $colspan; ?>"><table width="100%" cellspacing="1" cellpadding="0" border="0">
<tr>
<td class="gensmall" colspan="4" height="16" align="center"><?php echo $user->lang['ACL_SUBFORUMS_EXPLAIN']; ?></td>
</tr>
@ -1145,27 +1050,6 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
}
}
// Output "Skip dependencies" checkbox
if ($submit == 'update')
{
?>
<tr>
<th colspan="4"><?php echo "Dependencies" ?></th>
</tr>
<tr>
<td class="row1" colspan="4"><table width="100%" cellspacing="1" cellpadding="0" border="0">
<tr>
<td><input type="checkbox" name="skipdeps value="0" /> <?php echo "Skip these dependencies"; ?></td>
</tr>
</table></td>
</tr>
<?php
}
// Display event/cron radio buttons
if ($auth->acl_gets('a_events', 'a_cron') && $mode != 'deps' && $submit != 'update')
{
@ -1185,6 +1069,7 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
echo $user->lang['RUN_AS_EVT'];
}
if ($auth->acl_get('a_cron'))
{
@ -1202,7 +1087,37 @@ if (in_array($submit, array('options', 'presetsave', 'presetdel', 'update')) ||
?>
<tr>
<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="submit_update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="submit_cancel" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="ug_type" value="<?php echo $ug_type; ?>" /><?php echo $ug_hidden; ?><?php echo ($mode == 'deps') ? '<input type="hidden" name="type" value="' . $type . '" />' : '<input type="hidden" name="f" value="' . $forum_id . '" />'; ?></td>
<td class="cat" colspan="<?php echo $colspan; ?>" align="center"><input class="mainoption" type="submit" name="submit_update" value="<?php echo $user->lang['UPDATE']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="submit_cancel" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="ug_type" value="<?php echo $ug_type; ?>" /><?php echo $ug_hidden; ?><?php
// Output list of forums
foreach ($forum_id as $forum_submode => $forum_submode_ids)
{
foreach ($forum_submode_ids as $submode_forum_id)
{
echo '<input type="hidden" name="f[' . $forum_submode . '][]" value="' . $submode_forum_id . '" />';
}
}
unset($forum_submode_ids);
unset($forum_submode);
unset($submode_forum_id);
// Output original settings ... needed when we jump views
foreach ($auth_settings as $auth_submode => $auth_submode_settings)
{
if ($auth_submode != $which_mode)
{
foreach ($auth_submode_settings as $submode_option => $submode_setting)
{
echo '<input type="hidden" name="settings[' . $auth_submode . '][' . $submode_option . ']" value="' . $submode_setting . '" />';
}
}
}
unset($auth_submode);
unset($auth_submode_settings);
unset($auth_submode_option);
unset($auth_submode_setting);
?></td>
</tr>
</table>