makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- adjusting group functions a little bit

Browse source 
git-svn-id: file:///svn/phpbb/trunk@5228 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen 2005-09-25 14:33:07 +00:00
parent b4fb715531
commit db5eb3acef
3 changed files with 236 additions and 319 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
phpBB/adm/admin_groups.php
View file

@ -52,8 +52,7 @@ $cancel = (isset($_POST['cancel'])) ? true : false;
// Clear some vars // Clear some vars
$can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false; $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
$group_row = array();
$group_type = $group_name = $group_desc = $group_colour = $group_rank = $group_avatar = false;
// Grab basic data for group, if group_id is set and exists // Grab basic data for group, if group_id is set and exists
if ($group_id) if ($group_id)
@ -62,12 +61,13 @@ if ($group_id)
FROM ' . GROUPS_TABLE . " FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id"; WHERE group_id = $group_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!extract($db->sql_fetchrow($result))) if (!$group_row)
{ {
trigger_error($user->lang['NO_GROUP']); trigger_error($user->lang['NO_GROUP']);
} }
$db->sql_freeresult($result);
} }
switch ($mode) switch ($mode)
@ -79,7 +79,7 @@ switch ($mode)
// Common javascript // Common javascript
?> ?>
<script language="Javascript" type="text/javascript"> <script language="javascript" type="text/javascript">
<!-- <!--
function marklist(match, status) function marklist(match, status)
{ {
@ -106,20 +106,23 @@ function marklist(match, status)
trigger_error($user->lang['NO_GROUP']); trigger_error($user->lang['NO_GROUP']);
} }
group_user_attributes($action, $group_id, $mark_ary, false, $group_name); group_user_attributes($action, $group_id, $mark_ary, false, ($group_id) ? $group_row['group_name'] : false);
switch ($action) switch ($action)
{ {
case 'demote': case 'demote':
$message = 'GROUP_MODS_DEMOTED'; $message = 'GROUP_MODS_DEMOTED';
break; break;
case 'promote': case 'promote':
$message = 'GROUP_MODS_PROMOTED'; $message = 'GROUP_MODS_PROMOTED';
break; break;
case 'approve': case 'approve':
$message = 'USERS_APPROVED'; $message = 'USERS_APPROVED';
break; break;
} }
trigger_error($user->lang[$message]); trigger_error($user->lang[$message]);
break; break;
@ -137,9 +140,8 @@ function marklist(match, status)
$sql = 'SELECT user_id $sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . " FROM ' . USER_GROUP_TABLE . "
WHERE group_id = $group_id WHERE group_id = $group_id
ORDER BY user_id ORDER BY user_id";
LIMIT $start, 200"; $result = $db->sql_query_limit($sql, 200, $start);
$result = $db->sql_query($sql);
$mark_ary = array(); $mark_ary = array();
if ($row = $db->sql_fetchrow($result)) if ($row = $db->sql_fetchrow($result))
@ -150,7 +152,7 @@ function marklist(match, status)
} }
while ($row = $db->sql_fetchrow($result)); while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_colour, $group_rank, $group_avatar, $group_avatar_type, $group_avatar_width, $group_avatar_height); group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = (sizeof($user_id_ary) < 200) ? 0 : $start + 200; $start = (sizeof($user_id_ary) < 200) ? 0 : $start + 200;
} }
@ -164,7 +166,7 @@ function marklist(match, status)
} }
else else
{ {
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_colour, $group_rank, $group_avatar, $group_avatar_type, $group_avatar_width, $group_avatar_height); group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
} }
trigger_error($user->lang['GROUP_DEFS_UPDATED']); trigger_error($user->lang['GROUP_DEFS_UPDATED']);
@ -186,11 +188,11 @@ function marklist(match, status)
switch ($action) switch ($action)
{ {
case 'delete': case 'delete':
$error = group_delete($group_id, $group_name); $error = group_delete($group_id, $group_row['group_name']);
break; break;
case 'deleteusers': case 'deleteusers':
$error = group_user_del($group_id, $mark_ary, false, $group_name); $error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
break; break;
} }
@ -218,7 +220,7 @@ function marklist(match, status)
$name_ary = array_unique(explode("\n", $name_ary)); $name_ary = array_unique(explode("\n", $name_ary));
// Add user/s to group // Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, $group_colour, $group_rank, $group_avatar, $group_avatar_type, $group_avatar_width, $group_avatar_height)) if ($error = group_user_add($group_id, false, $name_ary, $group_row['group_name'], $default, $leader, $group_row))
{ {
trigger_error($user->lang[$error]); trigger_error($user->lang[$error]);
} }
@ -230,6 +232,8 @@ function marklist(match, status)
case 'edit': case 'edit':
case 'add': case 'add':
$data = $submit_ary = array();
if ($action == 'edit' && !$group_id) if ($action == 'edit' && !$group_id)
{ {
trigger_error($user->lang['NO_GROUP']); trigger_error($user->lang['NO_GROUP']);
@ -243,16 +247,18 @@ function marklist(match, status)
{ {
$group_name = request_var('group_name', ''); $group_name = request_var('group_name', '');
$group_desc = request_var('group_description', ''); $group_desc = request_var('group_description', '');
$group_type = request_var('group_type', 0); $group_type = request_var('group_type', GROUP_FREE);
$colour = request_var('group_colour', '');
$rank = request_var('group_rank', 0);
$data['uploadurl'] = request_var('uploadurl', ''); $data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', ''); $data['remotelink'] = request_var('remotelink', '');
$delete = request_var('delete', ''); $delete = request_var('delete', '');
$receive_pm = isset($_REQUEST['group_receive_pm']) ? 1 : 0;
$message_limit = request_var('group_message_limit', 0); $submit_ary = array(
'colour' => request_var('group_colour', ''),
'rank' => request_var('group_rank', 0),
'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0,
'message_limit' => request_var('group_message_limit', 0)
);
$avatar = ''; $avatar = '';
@ -275,34 +281,42 @@ function marklist(match, status)
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload)
{ {
list($avatar_type, $avatar, $avatar_width, $avatar_height) = avatar_upload($data, $error); list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} }
else if ($data['remotelink']) else if ($data['remotelink'])
{ {
list($avatar_type, $avatar, $avatar_width, $avatar_height) = avatar_remote($data, $error); list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
} }
} }
} }
else if ($delete) else if ($delete)
{ {
$avatar = ''; $submit_ary['avatar'] = '';
$avatar_type = $avatar_width = $avatar_height = 0; $submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
} }
if (($avatar && $group_avatar != $avatar) || $delete) if (($submit_ary['avatar'] && (!isset($group_row['group_avatar']) || $group_row['group_avatar'] != $submit_ary['avatar'])) || $delete)
{ {
avatar_delete($group_avatar); if (isset($group_row['group_avatar']) && $group_row['group_avatar'])
{
avatar_delete($group_row['group_avatar']);
}
} }
// Only set the rank, colour, etc. if it's changed or if we're adding a new // Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes // group. This prevents existing group members being updated if no changes
// were made. // were made.
$group_attributes = array();
foreach (array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'message_limit') as $test) foreach (array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'message_limit') as $test)
{ {
${'group_' . $test} = ($action == 'add' || (isset($$test) && $$test != ${'group_' . $test})) ? $$test : false; if ($action == 'add' || (isset($group_row['group_' . $test]) && $group_row['group_' . $test] != $submit_ary[$test]))
{
$group_attributes[$test] = $group_row['group_' . $test] = $submit_ary[$test];
}
} }
if (!($error = group_create($group_id, $group_type, $group_name, $group_description, $group_colour, $group_rank, $group_avatar, $group_avatar_type, $group_avatar_width, $group_avatar_height, $group_receive_pm, $group_message_limit))) if (!($error = group_create($group_id, $group_type, $group_name, $group_description, $group_attributes)))
{ {
$message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED'; $message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($message); trigger_error($message);
@ -311,8 +325,14 @@ function marklist(match, status)
else if (!$group_id) else if (!$group_id)
{ {
$group_name = request_var('group_name', ''); $group_name = request_var('group_name', '');
$group_description = $group_colour = $group_avatar = ''; $group_description = '';
$group_type = GROUP_FREE; $group_type = GROUP_OPEN;
}
else
{
$group_name = $group_row['group_name'];
$group_description = $group_row['group_description'];
$group_type = $group_row['group_type'];
} }
?> ?>
@ -322,7 +342,6 @@ function marklist(match, status)
<p><?php echo $user->lang['GROUP_EDIT_EXPLAIN']; ?></p> <p><?php echo $user->lang['GROUP_EDIT_EXPLAIN']; ?></p>
<?php <?php
$sql = 'SELECT * $sql = 'SELECT *
FROM ' . RANKS_TABLE . ' FROM ' . RANKS_TABLE . '
WHERE rank_special = 1 WHERE rank_special = 1
@ -346,9 +365,9 @@ function marklist(match, status)
$type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : ''; $type_closed = ($group_type == GROUP_CLOSED) ? ' checked="checked"' : '';
$type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : ''; $type_hidden = ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : '';
if ($group_avatar) if (isset($group_row['group_avatar']) && $group_row['group_avatar'])
{ {
switch ($group_avatar_type) switch ($group_row['group_avatar_type'])
{ {
case AVATAR_UPLOAD: case AVATAR_UPLOAD:
$avatar_img = $phpbb_root_path . $config['avatar_path'] . '/'; $avatar_img = $phpbb_root_path . $config['avatar_path'] . '/';
@ -357,9 +376,9 @@ function marklist(match, status)
$avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/'; $avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/';
break; break;
} }
$avatar_img .= $group_avatar; $avatar_img .= $group_row['group_avatar'];
$avatar_img = '<img src="' . $avatar_img . '" width="' . $group_avatar_width . '" height="' . $group_avatar_height . '" border="0" alt="" />'; $avatar_img = '<img src="' . $avatar_img . '" width="' . $group_row['group_avatar_width'] . '" height="' . $group_row['group_avatar_height'] . '" alt="" />';
} }
else else
{ {
@ -409,7 +428,7 @@ function swatch()
if ($group_type != GROUP_SPECIAL) if ($group_type != GROUP_SPECIAL)
{ {
?><input class="post" type="text" name="group_name" value="<?php echo (!empty($group_name)) ? $group_name : ''; ?>" size="40" maxlength="40" /><?php ?><input class="post" type="text" name="group_name" value="<?php echo ($group_name) ? $group_name : ''; ?>" size="40" maxlength="40" /><?php
} }
else else
@ -423,7 +442,7 @@ function swatch()
</tr> </tr>
<tr> <tr>
<td class="row2"><b><?php echo $user->lang['GROUP_DESC']; ?>:</b></td> <td class="row2"><b><?php echo $user->lang['GROUP_DESC']; ?>:</b></td>
<td class="row1"><input class="post" type="text" name="group_description" value="<?php echo (!empty($group_description)) ? $group_description : ''; ?>" size="40" maxlength="255" /></td> <td class="row1"><input class="post" type="text" name="group_description" value="<?php echo ($group_description) ? $group_description : ''; ?>" size="40" maxlength="255" /></td>
</tr> </tr>
<?php <?php
@ -445,15 +464,15 @@ function swatch()
</tr> </tr>
<tr> <tr>
<td class="row2"><b><?php echo $user->lang['GROUP_RECEIVE_PM']; ?>:</b></td> <td class="row2"><b><?php echo $user->lang['GROUP_RECEIVE_PM']; ?>:</b></td>
<td class="row1" nowrap="nowrap"><input type="checkbox" name="group_receive_pm"<?php echo ($group_receive_pm) ? ' checked="checked"' : ''; ?> /></td> <td class="row1" nowrap="nowrap"><input type="checkbox" name="group_receive_pm"<?php echo (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : ''; ?> /></td>
</tr> </tr>
<tr> <tr>
<td class="row2"><b><?php echo $user->lang['GROUP_MESSAGE_LIMIT']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_MESSAGE_LIMIT_EXPLAIN']; ?></span></td> <td class="row2"><b><?php echo $user->lang['GROUP_MESSAGE_LIMIT']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_MESSAGE_LIMIT_EXPLAIN']; ?></span></td>
<td class="row1" nowrap="nowrap"><input class="post" type="text" maxlength="4" size="4" name="group_message_limit" value="<?php echo $group_message_limit; ?>" /></td> <td class="row1" nowrap="nowrap"><input class="post" type="text" maxlength="4" size="4" name="group_message_limit" value="<?php echo (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0; ?>" /></td>
</tr> </tr>
<tr> <tr>
<td class="row2"><b><?php echo $user->lang['GROUP_COLOR']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_COLOR_EXPLAIN']; ?></span></td> <td class="row2"><b><?php echo $user->lang['GROUP_COLOR']; ?>:</b><br /><span class="gensmall"><?php echo $user->lang['GROUP_COLOR_EXPLAIN']; ?></span></td>
<td class="row1" nowrap="nowrap"><input class="post" type="text" name="group_colour" value="<?php echo (!empty($group_colour)) ? $group_colour : ''; ?>" size="6" maxlength="6" /> &nbsp; [ <a href="<?php echo "swatch.$phpEx"; ?>" onclick="swatch();return false" target="_swatch"><?php echo $user->lang['COLOUR_SWATCH']; ?></a> ]</td> <td class="row1" nowrap="nowrap"><input class="post" type="text" name="group_colour" value="<?php echo (isset($group_row['group_colour'])) ? $group_row['group_colour'] : ''; ?>" size="6" maxlength="6" /> &nbsp; [ <a href="<?php echo "swatch.$phpEx"; ?>" onclick="swatch();return false" target="_swatch"><?php echo $user->lang['COLOUR_SWATCH']; ?></a> ]</td>
</tr> </tr>
<tr> <tr>
<td class="row2"><b><?php echo $user->lang['GROUP_RANK']; ?>:</b></td> <td class="row2"><b><?php echo $user->lang['GROUP_RANK']; ?>:</b></td>
@ -492,7 +511,7 @@ function swatch()
</tr> </tr>
<tr> <tr>
<td class="row2" width="35%"><b><?php echo $user->lang['LINK_REMOTE_SIZE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['LINK_REMOTE_SIZE_EXPLAIN']; ?></span></td> <td class="row2" width="35%"><b><?php echo $user->lang['LINK_REMOTE_SIZE']; ?>: </b><br /><span class="gensmall"><?php echo $user->lang['LINK_REMOTE_SIZE_EXPLAIN']; ?></span></td>
<td class="row1"><input class="post" type="text" name="width" size="3" value="<?php echo $group_avatar_width; ?>" /> <span class="gen">px X </span> <input class="post" type="text" name="height" size="3" value="<?php echo $group_avatar_height; ?>" /> <span class="gen">px</span></td> <td class="row1"><input class="post" type="text" name="width" size="3" value="<?php echo (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : ''; ?>" /> <span class="gen">px X </span> <input class="post" type="text" name="height" size="3" value="<?php echo (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : ''; ?>" /> <span class="gen">px</span></td>
</tr> </tr>
<?php <?php
@ -520,8 +539,9 @@ function swatch()
<td class="cat" colspan="2" align="center" valign="middle"><span class="genmed"><?php echo $user->lang['AVATAR_CATEGORY']; ?>: </span><select name="avatarcat">{S_CAT_OPTIONS}</select>&nbsp; <span class="genmed"><?php echo $user->lang['AVATAR_PAGE']; ?>: </span><select name="avatarpage">{S_PAGE_OPTIONS}</select>&nbsp;<input class="btnlite" type="submit" value="<?php echo $user->lang['GO']; ?>" name="avatargallery" /></td> <td class="cat" colspan="2" align="center" valign="middle"><span class="genmed"><?php echo $user->lang['AVATAR_CATEGORY']; ?>: </span><select name="avatarcat">{S_CAT_OPTIONS}</select>&nbsp; <span class="genmed"><?php echo $user->lang['AVATAR_PAGE']; ?>: </span><select name="avatarpage">{S_PAGE_OPTIONS}</select>&nbsp;<input class="btnlite" type="submit" value="<?php echo $user->lang['GO']; ?>" name="avatargallery" /></td>
</tr> </tr>
<tr> <tr>
<td class="row1" colspan="2" align="center"><table cellspacing="1" cellpadding="4" border="0"> <td class="row1" colspan="2" align="center">
<table cellspacing="1" cellpadding="4" border="0">
<!-- BEGIN avatar_row --> <!-- BEGIN avatar_row -->
<tr> <tr>
<!-- BEGIN avatar_column --> <!-- BEGIN avatar_column -->
@ -534,8 +554,9 @@ function swatch()
<!-- END avatar_option_column --> <!-- END avatar_option_column -->
</tr> </tr>
<!-- END avatar_row --> <!-- END avatar_row -->
</table>
</table></td> </td>
</tr> </tr>
<?php <?php
@ -604,9 +625,8 @@ function swatch()
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
WHERE ug.group_id = $group_id WHERE ug.group_id = $group_id
AND u.user_id = ug.user_id AND u.user_id = ug.user_id
ORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username ORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username ";
LIMIT $start, " . $config['topics_per_page']; $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$result = $db->sql_query($sql);
$leader = $member = 0; $leader = $member = 0;
$group_data = array(); $group_data = array();
@ -629,7 +649,7 @@ function swatch()
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
if ($group_type != GROUP_SPECIAL) if ($group_row['group_type'] != GROUP_SPECIAL)
{ {
?> ?>
@ -719,16 +739,19 @@ function swatch()
?> ?>
<tr> <tr>
<td class="cat" colspan="5" align="right"><select name="action"><option class="sep" value=""><?php echo $user->lang['SELECT_OPTION']; ?></option><?php <td class="cat" colspan="5" align="right">
<select name="action"><option class="sep" value=""><?php echo $user->lang['SELECT_OPTION']; ?></option><?php
foreach (array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE') as $option => $lang) foreach (array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE') as $option => $lang)
{ {
echo '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>'; echo '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
} }
?></select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['SUBMIT']; ?>" />&nbsp;</td> ?>
</select> <input class="btnmain" type="submit" name="update" value="<?php echo $user->lang['SUBMIT']; ?>" />&nbsp;
</td>
</tr> </tr>
</table> </table>
<table width="95%" cellspacing="1" cellpadding="1" border="0" align="center"> <table width="95%" cellspacing="1" cellpadding="1" border="0" align="center">
<tr> <tr>

2
phpBB/docs/coding-guidelines.html
View file

@ -758,7 +758,7 @@ $start = request_var('start', '0');
<p>Sessions should be initiated on each page, as near the top as possible using the following code:</p> <p>Sessions should be initiated on each page, as near the top as possible using the following code:</p>
<blockquote><pre> <blockquote><pre>
$user->start(); $user->session_begin();
$auth->acl($user->data); $auth->acl($user->data);
$user->setup(); $user->setup();
</pre></blockquote> </pre></blockquote>

356
phpBB/includes/functions_user.php
View file

@ -145,6 +145,8 @@ function user_delete($mode, $user_id)
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
if (sizeof($topic_id_ary))
{
$sql = 'SELECT topic_id, topic_replies, topic_replies_real $sql = 'SELECT topic_id, topic_replies, topic_replies_real
FROM ' . TOPICS_TABLE . ' FROM ' . TOPICS_TABLE . '
WHERE topic_id IN (' . implode(', ', array_keys($topic_id_ary)) . ')'; WHERE topic_id IN (' . implode(', ', array_keys($topic_id_ary)) . ')';
@ -166,6 +168,7 @@ function user_delete($mode, $user_id)
WHERE topic_id IN (' . implode(', ', $del_topic_ary) . ')'; WHERE topic_id IN (' . implode(', ', $del_topic_ary) . ')';
$db->sql_query($sql); $db->sql_query($sql);
} }
}
// Delete posts, attachments, etc. // Delete posts, attachments, etc.
delete_posts('poster_id', $user_id); delete_posts('poster_id', $user_id);
@ -188,9 +191,8 @@ function user_delete($mode, $user_id)
$sql = 'SELECT user_id, username $sql = 'SELECT user_id, username
FROM ' . USERS_TABLE . ' FROM ' . USERS_TABLE . '
WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ') WHERE user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
ORDER BY user_id DESC ORDER BY user_id DESC';
LIMIT 1'; $result = $db->sql_query_limit($sql, 1);
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) if ($row = $db->sql_fetchrow($result))
{ {
@ -284,8 +286,7 @@ function user_active_flip($user_id, $user_type, $user_actkey = false, $username
FROM ' . USERS_TABLE . " FROM ' . USERS_TABLE . "
WHERE user_id = $user_id"; WHERE user_id = $user_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$username = $db->sql_fetchfield('username', 0, $result);
extract($db->sql_fetchrow($result));
$db->sql_freeresult($result); $db->sql_freeresult($result);
} }
@ -303,9 +304,9 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
global $db, $user, $auth; global $db, $user, $auth;
// Delete stale bans // Delete stale bans
$sql = "DELETE FROM " . BANLIST_TABLE . " $sql = 'DELETE FROM ' . BANLIST_TABLE . '
WHERE ban_end < " . time() . " WHERE ban_end < ' . time() . '
AND ban_end <> 0"; AND ban_end <> 0';
$db->sql_query($sql); $db->sql_query($sql);
$ban_list = (!is_array($ban)) ? array_unique(explode("\n", $ban)) : $ban; $ban_list = (!is_array($ban)) ? array_unique(explode("\n", $ban)) : $ban;
@ -497,20 +498,21 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
switch (SQL_LAYER) switch (SQL_LAYER)
{ {
case 'mysql': case 'mysql':
$sql .= (($sql != '') ? ', ' : '') . "($ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason')"; $sql .= (($sql != '') ? ', ' : '') . "($ban_entry, $current_time, $ban_end, $ban_exclude, '" . $db->sql_escape($ban_reason) . "')";
break; break;
case 'mysql4': case 'mysql4':
case 'mysqli': case 'mysqli':
case 'mssql': case 'mssql':
case 'sqlite': case 'sqlite':
$sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT $ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason'"; $sql .= (($sql != '') ? ' UNION ALL ' : '') . " SELECT $ban_entry, $current_time, $ban_end, $ban_exclude, '" . $db->sql_escape($ban_reason) . "'";
break; break;
default: default:
$sql = 'INSERT INTO ' . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason) $sql = 'INSERT INTO ' . BANLIST_TABLE . " ($type, ban_start, ban_end, ban_exclude, ban_reason)
VALUES ($ban_entry, $current_time, $ban_end, $ban_exclude, '$ban_reason')"; VALUES ($ban_entry, $current_time, $ban_end, $ban_exclude, '" . $db->sql_escape($ban_reason) . "')";
$db->sql_query($sql); $db->sql_query($sql);
$sql = '';
} }
} }
@ -541,6 +543,7 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$sql_in = array(); $sql_in = array();
$sql = '';
if ($row = $db->sql_fetchrow($result)) if ($row = $db->sql_fetchrow($result))
{ {
do do
@ -551,6 +554,10 @@ function user_ban($mode, $ban, $ban_len, $ban_len_other, $ban_exclude, $ban_reas
$sql = 'WHERE session_user_id IN (' . str_replace('*', '%', implode(', ', $sql_in)) . ")"; $sql = 'WHERE session_user_id IN (' . str_replace('*', '%', implode(', ', $sql_in)) . ")";
} }
else
{
trigger_error('NO_EMAIL_TO_BAN');
}
break; break;
} }
@ -584,9 +591,9 @@ function user_unban($mode, $ban)
global $db, $user, $auth; global $db, $user, $auth;
// Delete stale bans // Delete stale bans
$sql = "DELETE FROM " . BANLIST_TABLE . " $sql = 'DELETE FROM ' . BANLIST_TABLE . '
WHERE ban_end < " . time() . " WHERE ban_end < ' . time() . '
AND ban_end <> 0"; AND ban_end <> 0';
$db->sql_query($sql); $db->sql_query($sql);
$unban_sql = implode(', ', $ban); $unban_sql = implode(', ', $ban);
@ -594,6 +601,7 @@ function user_unban($mode, $ban)
if ($unban_sql) if ($unban_sql)
{ {
$l_unban_list = ''; $l_unban_list = '';
// Grab details of bans for logging information later // Grab details of bans for logging information later
switch ($mode) switch ($mode)
{ {
@ -989,7 +997,8 @@ function avatar_upload($data, &$error)
*/ */
function avatar_gallery($category, &$error) function avatar_gallery($category, &$error)
{ {
global $config, $phpbb_root_path, $user; global $user, $cache;
global $config, $phpbb_root_path;
$path = $phpbb_root_path . $config['avatar_gallery_path']; $path = $phpbb_root_path . $config['avatar_gallery_path'];
@ -1047,11 +1056,25 @@ function avatar_gallery($category, &$error)
* Add or edit a group. If we're editing a group we only update user * Add or edit a group. If we're editing a group we only update user
* parameters such as rank, etc. if they are changed * parameters such as rank, etc. if they are changed
*/ */
function group_create($group_id, $type, $name, $desc) function group_create($group_id, $type, $name, $desc, $group_attributes)
{ {
global $phpbb_root_path, $config, $db, $user, $file_upload; global $phpbb_root_path, $config, $db, $user, $file_upload;
$error = array(); $error = array();
$attribute_ary = array(
'group_colour' => 'string',
'group_rank' => 'int',
'group_avatar' => 'string',
'group_avatar_type' => 'int',
'group_avatar_width' => 'int',
'group_avatar_height' => 'int',
'group_receive_pm' => 'int',
'group_message_limit' => 'int',
);
// Those are group-only attributes
$group_only_ary = array('group_receive_pm', 'group_message_limit');
// Check data // Check data
if (!strlen($name) || strlen($name) > 40) if (!strlen($name) || strlen($name) > 40)
@ -1077,42 +1100,31 @@ function group_create($group_id, $type, $name, $desc)
'group_type' => (int) $type, 'group_type' => (int) $type,
); );
$attribute_ary = array('group_colour' => 'string', 'group_rank' => 'int', 'group_avatar' => 'string', 'group_avatar_type' => 'int', 'group_avatar_width' => 'int', 'group_avatar_height' => 'int'); if (sizeof($group_attributes))
{
$i = 4;
foreach ($attribute_ary as $attribute => $type) foreach ($attribute_ary as $attribute => $type)
{ {
if (func_num_args() > $i && ($value = func_get_arg($i)) !== false) if (isset($group_attributes[$attribute]))
{ {
settype($value, $type); settype($group_attributes[$attribute], $type);
$sql_ary[$attribute] = $group_attributes[$attribute];
$sql_ary[$attribute] = $$attribute = $value;
} }
$i++;
} }
$group_only_ary = array('group_receive_pm' => 'int', 'group_message_limit' => 'int');
foreach ($group_only_ary as $attribute => $type)
{
if (func_num_args() > $i && ($value = func_get_arg($i)) !== false)
{
settype($value, $type);
$sql_ary[$attribute] = $value;
}
$i++;
} }
$sql = ($group_id) ? 'UPDATE ' . GROUPS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE group_id = $group_id" : 'INSERT INTO ' . GROUPS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); $sql = ($group_id) ? 'UPDATE ' . GROUPS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . " WHERE group_id = $group_id" : 'INSERT INTO ' . GROUPS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql); $db->sql_query($sql);
// Set user attributes
$sql_ary = array(); $sql_ary = array();
if (sizeof($group_attributes))
{
foreach ($attribute_ary as $attribute => $type) foreach ($attribute_ary as $attribute => $type)
{ {
if (isset($$attribute)) if (isset($group_attributes[$attribute]) && !in_array($attribute, $group_only_ary))
{ {
$sql_ary[str_replace('group', 'user', $attribute)] = $$attribute; $sql_ary[str_replace('group', 'user', $attribute)] = $group_attributes[$attribute];
}
} }
} }
@ -1149,11 +1161,7 @@ function group_delete($group_id, $group_name = false)
FROM ' . GROUPS_TABLE . " FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id"; WHERE group_id = $group_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$group_name = $db->sql_fetchfield('group_name', 0, $result);
if (!extract($db->sql_fetchrow($result)))
{
trigger_error("Could not obtain name of group $group_id", E_USER_ERROR);
}
$db->sql_freeresult($result); $db->sql_freeresult($result);
} }
@ -1167,9 +1175,8 @@ function group_delete($group_id, $group_name = false)
$sql = 'SELECT u.user_id, u.username $sql = 'SELECT u.user_id, u.username
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . " u
WHERE ug.group_id = $group_id WHERE ug.group_id = $group_id
AND u.user_id = ug.user_id AND u.user_id = ug.user_id";
LIMIT $start, 200"; $result = $db->sql_query_limit($sql, 200, $start);
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) if ($row = $db->sql_fetchrow($result))
{ {
@ -1211,7 +1218,7 @@ function group_delete($group_id, $group_name = false)
/** /**
* Add user(s) to group * Add user(s) to group
*/ */
function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $default = false, $leader = 0, $pending = 0) function group_user_add($group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $default = false, $leader = 0, $pending = 0, $group_attributes = false)
{ {
global $db, $auth; global $db, $auth;
@ -1300,72 +1307,7 @@ function group_user_add($group_id, $user_id_ary = false, $username_ary = false,
if ($default) if ($default)
{ {
$attribute_ary = array('group_colour' => 'string', 'group_rank' => 'int', 'group_avatar' => 'string', 'group_avatar_type' => 'int', 'group_avatar_width' => 'int', 'group_avatar_height' => 'int'); group_set_user_default($group_id, $user_id_ary, $group_attributes);
// Were group attributes passed to the function? If not we need to obtain them
if (func_num_args() > 6)
{
$i = 6;
foreach ($attribute_ary as $attribute => $type)
{
if (func_num_args() > $i && ($value = func_get_arg($i)) !== false)
{
settype($value, $type);
$sql_ary[$attribute] = $$attribute = $value;
}
$i++;
}
}
else
{
$sql = 'SELECT group_colour, group_rank, group_avatar, group_avatar_type, group_avatar_width, group_avatar_height
FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id";
$result = $db->sql_query($sql);
if (!extract($db->sql_fetchrow($result)))
{
trigger_error("Could not obtain group attributes for group_id $group_id", E_USER_ERROR);
}
$db->sql_freeresult($result);
if (!$group_avatar_width)
{
unset($group_avatar_width);
}
if (!$group_avatar_height)
{
unset($group_avatar_height);
}
}
$sql_set = '';
foreach ($attribute_ary as $attribute => $type)
{
if (isset($$attribute))
{
$field = str_replace('group_', 'user_', $attribute);
switch ($type)
{
case 'int':
$sql_set .= ", $field = " . (int) $$attribute;
break;
case 'double':
$sql_set .= ", $field = " . (double) $$attribute;
break;
case 'string':
$sql_set .= ", $field = '" . (string) $db->sql_escape($$attribute) . "'";
break;
}
}
}
$sql = 'UPDATE ' . USERS_TABLE . "
SET group_id = $group_id$sql_set
WHERE user_id IN (" . implode(', ', $user_id_ary) . ')';
$db->sql_query($sql);
} }
// Clear permissions cache of relevant users // Clear permissions cache of relevant users
@ -1412,8 +1354,6 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
$group_order = array('ADMINISTRATORS', 'SUPER_MODERATORS', 'REGISTERED_COPPA', 'REGISTERED', 'BOTS', 'GUESTS'); $group_order = array('ADMINISTRATORS', 'SUPER_MODERATORS', 'REGISTERED_COPPA', 'REGISTERED', 'BOTS', 'GUESTS');
$attribute_ary = array('group_colour' => 'string', 'group_rank' => 'int', 'group_avatar' => 'string', 'group_avatar_type' => 'int', 'group_avatar_width' => 'int', 'group_avatar_height' => 'int');
// We need both username and user_id info // We need both username and user_id info
user_get_id_name($user_id_ary, $username_ary); user_get_id_name($user_id_ary, $username_ary);
@ -1427,12 +1367,14 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
{ {
$group_order_id[$row['group_name']] = $row['group_id']; $group_order_id[$row['group_name']] = $row['group_id'];
$special_group_data[$row['group_id']]['group_colour'] = $row['group_colour']; $special_group_data[$row['group_id']] = array(
$special_group_data[$row['group_id']]['group_rank'] = $row['group_rank']; 'user_colour' => $row['group_colour'],
$special_group_data[$row['group_id']]['group_avatar'] = $row['group_avatar']; 'user_rank' => $row['group_rank'],
$special_group_data[$row['group_id']]['group_avatar_type'] = $row['group_avatar_type']; 'user_avatar' => $row['group_avatar'],
$special_group_data[$row['group_id']]['group_avatar_width'] = $row['group_avatar_width']; 'user_avatar_type' => $row['group_avatar_type'],
$special_group_data[$row['group_id']]['group_avatar_height'] = $row['group_avatar_height']; 'user_avatar_width' => $row['group_avatar_width'],
'user_avatar_height'=> $row['group_avatar_height'],
);
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -1478,31 +1420,12 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
foreach ($special_group_data as $gid => $default_data_ary) foreach ($special_group_data as $gid => $default_data_ary)
{ {
if (isset($sql_where_ary[$gid]) && $sql_where = implode(', ', $sql_where_ary[$gid])) if (isset($sql_where_ary[$gid]) && sizeof($sql_whery_ary[$gid]))
{ {
$sql_set = ''; $special_group_data[$gid]['group_id'] = $gid;
foreach ($special_group_data[$gid] as $attribute => $value)
{
$field = str_replace('group_', 'user_', $attribute);
switch ($attribute_ary[$attribute]) $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $special_group_data[$gid]) . '
{ WHERE user_id IN (' . implode(', ', $sql_where_ary[$gid]) . ')';
case 'int':
$sql_set .= ", $field = " . (int) $value;
break;
case 'double':
$sql_set .= ", $field = " . (double) $value;
break;
case 'string':
$sql_set .= ", $field = '" . $db->sql_escape($value) . "'";
break;
}
}
// Set new default
$sql = 'UPDATE ' . USERS_TABLE . "
SET group_id = $gid$sql_set
WHERE user_id IN (" . implode(', ', $sql_where_ary[$gid]) . ')';
$db->sql_query($sql); $db->sql_query($sql);
} }
} }
@ -1512,7 +1435,6 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
WHERE group_id = $group_id WHERE group_id = $group_id
AND user_id IN (" . implode(', ', $user_id_ary) . ')'; AND user_id IN (" . implode(', ', $user_id_ary) . ')';
$db->sql_query($sql); $db->sql_query($sql);
unset($default_ary);
// Clear permissions cache of relevant users // Clear permissions cache of relevant users
$auth->acl_clear_prefetch($user_id_ary); $auth->acl_clear_prefetch($user_id_ary);
@ -1523,11 +1445,8 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
FROM ' . GROUPS_TABLE . " FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id"; WHERE group_id = $group_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$group_name = $db->sql_fetchfield('group_name', 0, $result);
if (!extract($db->sql_fetchrow($result))) $db->sql_freeresult($result);
{
trigger_error("Could not obtain name of group $group_id", E_USER_ERROR);
}
} }
if (!function_exists('add_log')) if (!function_exists('add_log'))
@ -1540,8 +1459,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
add_log('admin', $log, $group_name, implode(', ', $username_ary)); add_log('admin', $log, $group_name, implode(', ', $username_ary));
unset($username_ary); unset($username_ary, $user_id_ary);
unset($user_id_ary);
return false; return false;
} }
@ -1549,7 +1467,7 @@ function group_user_del($group_id, $user_id_ary = false, $username_ary = false,
/** /**
* This is used to promote (to leader), demote or set as default a member/s * This is used to promote (to leader), demote or set as default a member/s
*/ */
function group_user_attributes($action, $group_id, $user_id_ary = false, $username_ary = false, $group_name = false) function group_user_attributes($action, $group_id, $user_id_ary = false, $username_ary = false, $group_name = false, $group_attributes = false)
{ {
global $db, $auth; global $db, $auth;
@ -1580,77 +1498,7 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
break; break;
case 'default': case 'default':
$attribute_ary = array('group_colour' => 'string', 'group_rank' => 'int', 'group_avatar' => 'string', 'group_avatar_type' => 'int', 'group_avatar_width' => 'int', 'group_avatar_height' => 'int'); group_set_user_default($group_id, $user_id_ary, $group_attributes);
// Were group attributes passed to the function? If not we need
// to obtain them
if (func_num_args() > 5)
{
$i = 5;
foreach ($attribute_ary as $attribute => $type)
{
if (func_num_args() > $i && ($value = func_get_arg($i)) !== false)
{
settype($value, $type);
$sql_ary[$attribute] = $$attribute = $value;
}
$i++;
}
}
else
{
$sql = 'SELECT group_colour, group_rank, group_avatar, group_avatar_type, group_avatar_width, group_avatar_height
FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id";
$result = $db->sql_query($sql);
if (!extract($db->sql_fetchrow($result)))
{
return 'NO_GROUP';
}
$db->sql_freeresult($result);
if (!$group_avatar_width)
{
unset($group_avatar_width);
}
if (!$group_avatar_height)
{
unset($group_avatar_height);
}
}
// FAILURE HERE when grabbing data from DB and checking "isset" ... will
// be true for all similar functionality
$sql_set = '';
foreach ($attribute_ary as $attribute => $type)
{
if (isset($$attribute))
{
$field = str_replace('group_', 'user_', $attribute);
switch ($type)
{
case 'int':
$sql_set .= ", $field = " . (int) $$attribute;
break;
case 'double':
$sql_set .= ", $field = " . (double) $$attribute;
break;
case 'string':
$sql_set .= ", $field = '" . (string) $db->sql_escape($$attribute) . "'";
break;
}
}
}
$sql = 'UPDATE ' . USERS_TABLE . "
SET group_id = $group_id$sql_set
WHERE user_id IN (" . implode(', ', $user_id_ary) . ')';
$db->sql_query($sql);
$log = 'LOG_GROUP_DEFAULTS'; $log = 'LOG_GROUP_DEFAULTS';
break; break;
} }
@ -1670,21 +1518,67 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna
FROM ' . GROUPS_TABLE . " FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id"; WHERE group_id = $group_id";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$group_name = $db->sql_fetchfield('group_name', 0, $result);
if (!extract($db->sql_fetchrow($result))) $db->sql_freeresult($result);
{
trigger_error("Could not obtain name of group $group_id", E_USER_ERROR);
}
} }
add_log('admin', $log, $group_name, implode(', ', $username_ary)); add_log('admin', $log, $group_name, implode(', ', $username_ary));
unset($username_ary); unset($username_ary, $user_id_ary);
unset($user_id_ary);
return false; return false;
} }
/**
* Set users default group
*/
function group_set_user_default($group_id, $user_id_ary, $group_attributes = false)
{
global $db;
if (!$user_id_ary)
{
return;
}
$attribute_ary = array(
'group_colour' => 'string',
'group_rank' => 'int',
'group_avatar' => 'string',
'group_avatar_type' => 'int',
'group_avatar_width' => 'int',
'group_avatar_height' => 'int',
);
$sql_ary = array(
'group_id' => $group_id
);
// Were group attributes passed to the function? If not we need to obtain them
if ($group_attributes === false)
{
$sql = 'SELECT ' . implode(', ', array_keys($attribute_ary)) . '
FROM ' . GROUPS_TABLE . "
WHERE group_id = $group_id";
$result = $db->sql_query($sql);
$group_attributes = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
}
foreach ($attribute_ary as $attribute => $type)
{
if (isset($group_attributes[$attribute]))
{
settype($group_attributes[$attribute], $type);
$sql_ary[str_replace('group_', 'user_', $attribute)] = $group_attributes[$attribute];
}
}
$sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE user_id IN (' . implode(', ', $user_id_ary) . ')';
$db->sql_query($sql);
}
/** /**
* Obtain either the members of a specified group, the groups the specified user is subscribed to * Obtain either the members of a specified group, the groups the specified user is subscribed to
* or checking if a specified user is in a specified group * or checking if a specified user is in a specified group