acl_get('a_auth')) ? $filename . $SID . '&mode=forums' : ''; $module['FORUM']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=moderators' : ''; $module['FORUM']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&mode=supermoderators' : ''; $module['FORUM']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&mode=administrators' : ''; $module['USER']['PERMISSIONS'] = ($auth->acl_get('a_authusers')) ? $filename . $SID . '&mode=users' : ''; $module['GROUP']['PERMISSIONS'] = ($auth->acl_get('a_authgroups')) ? $filename . $SID . '&mode=groups' : ''; $module['GENERAL']['DEPENDENCIES'] = ($auth->acl_get('a_authdeps')) ? $filename . $SID . '&mode=deps' : ''; return; } define('IN_PHPBB', 1); // Include files $phpbb_root_path = '../'; require($phpbb_root_path . 'extension.inc'); require('pagestart.' . $phpEx); // Define some vars $forum_id = 0; $forum_sql = ''; if (isset($_REQUEST['f'])) { $forum_id = intval($_REQUEST['f']); $forum_sql = " WHERE forum_id = $forum_id"; } $mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : ''; $username = (isset($_REQUEST['username'])) ? $_REQUEST['username'] : ''; $group_id = (isset($_REQUEST['g'])) ? intval($_REQUEST['g']) : ''; $entries = (isset($_POST['entries'])) ? $_POST['entries'] : ''; // Start program proper switch ($mode) { case 'forums': $l_title = $user->lang['PERMISSIONS']; $l_title_explain = $user->lang['PERMISSIONS_EXPLAIN']; $which_acl = 'a_auth'; $type_sql = 'f'; break; case 'moderators': $l_title = $user->lang['MODERATORS']; $l_title_explain = $user->lang['MODERATORS_EXPLAIN']; $which_acl = 'a_authmods'; $type_sql = 'm'; break; case 'supermoderators': $l_title = $user->lang['SUPER_MODERATORS']; $l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN']; $which_acl = 'a_authmods'; $type_sql = 'm'; break; case 'administrators': $l_title = $user->lang['ADMINISTRATORS']; $l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN']; $which_acl = 'a_authadmins'; $type_sql = 'a'; break; case 'users': $l_title = $user->lang['USER_PERMISSIONS']; $l_title_explain = $user->lang['USER_PERMISSIONS_EXPLAIN']; $which_acl = 'a_authusers'; $type_sql = 'u'; break; case 'groups': $l_title = $user->lang['GROUP_PERMISSIONS']; $l_title_explain = $user->lang['GROUP_PERMISSIONS_EXPLAIN']; $which_acl = 'a_authgroups'; $type_sql = 'u'; break; case 'deps': $l_title = $user->lang['DEPENDENCIES']; $l_title_explain = $user->lang['DEPENDENCIES_EXPLAIN']; $which_acl = 'a_authdeps'; break; } // Permission check if (!$auth->acl_get($which_acl)) { trigger_error($user->lang['NO_ADMIN']); } // Call update or delete, both can take multiple user/group // ids. Additionally inheritance is handled (by the auth API) //switch ($_POST['runas']) //{ // case 'now': if (isset($_POST['update'])) { $auth_admin = new auth_admin(); // Admin wants subforums to inherit permissions ... so handle this if (!empty($_POST['inherit'])) { array_push($_POST['inherit'], $forum_id); $forum_id = $_POST['inherit']; } foreach ($_POST['entries'] as $id) { $auth_admin->acl_set($_POST['type'], $forum_id, $id, $_POST['option']); } cache_moderators(); trigger_error($user->lang['AUTH_UPDATED']); } else if (isset($_POST['delete'])) { $auth_admin = new auth_admin(); $option_ids = false; if (!empty($_POST['option'])) { $sql = "SELECT auth_option_id FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $_POST['option'] . "_%'"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $option_ids = array(); do { $option_ids[] = $row['auth_option_id']; } while($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); } foreach ($_POST['entries'] as $id) { $auth_admin->acl_delete($_POST['type'], $forum_id, $id, $option_ids); } cache_moderators(); trigger_error($user->lang['AUTH_UPDATED']); } else if (isset($_POST['presetsave'])) { $holding_ary = array(); foreach ($_POST['option'] as $acl_option => $allow_deny) { switch ($allow_deny) { case ACL_ALLOW: $holding_ary['allow'][] = $acl_option; break; case ACL_DENY: $holding_ary['deny'][] = $acl_option; break; case ACL_INHERIT: $holding_ary['inherit'][] = $acl_option; break; } } $sql = array( 'preset_user_id' => $user->data['user_id'], 'preset_type' => $type_sql, 'preset_data' => $db->sql_escape(serialize($holding_ary)) ); if (!empty($_POST['presetname'])) { $sql['preset_name'] = $db->sql_escape($_POST['presetname']); } if (!empty($_POST['presetname']) || $_POST['presetoption'] != -1) { $sql = ($_POST['presetoption'] == -1) ? 'INSERT INTO ' . ACL_PRESETS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql) : 'UPDATE ' . ACL_PRESETS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql) . ' WHERE preset_id =' . $_POST['presetoption']; $db->sql_query($sql); } } else if (isset($_POST['presetdel'])) { if (!empty($_POST['presetoption'])) { $sql = "DELETE FROM " . ACL_PRESETS_TABLE . " WHERE preset_id = " . intval($_POST['presetoption']); $db->sql_query($sql); } } // break; //} if ($mode == 'deps') { // Generate header page_header($l_title); $dep_quick_access = (isset($_POST['dep_quick_access'])) ? htmlspecialchars($_POST['dep_quick_access']) : ''; $dep_type = (isset($_POST['dep_type'])) ? htmlspecialchars($_POST['dep_type']) : -1; $dep_option = (isset($_POST['dep_option'])) ? $_POST['dep_option'] : array(); $dep_value = (isset($_POST['dep_value'])) ? intval($_POST['dep_value']) : -1; $dep_forum_id = (isset($_POST['f'])) ? $_POST['f'] : array(0); $acl_types = $auth_options = $value_options = $forum_options = ''; $types = array('admin' => $user->lang['ADMINISTRATORS'], 'supermod' => $user->lang['SUPER_MODERATORS'], 'mod' => $user->lang['MODERATORS']); foreach ($types as $value => $option) { $acl_types .= ''; } if (!empty($dep_type)) { switch ($dep_type) { case 'admin': $dep_type = 'a'; break; case 'supermod': case 'mod': $dep_type = 'm'; break; } $founder_sql = ($user->data['user_founder']) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_value FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $dep_type . "_%' $founder_sql"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $auth_options .= ''; } $db->sql_freeresult($result); } $values = array(ACL_DENY => $user->lang['NO'], ACL_ALLOW => $user->lang['YES'], ACL_INHERIT => $user->lang['UNSET']); foreach ($values as $value => $option) { $value_options .= ''; } $forum_options = make_forum_select($dep_forum_id, false, false); // Look for custom presets $sql = "SELECT preset_id, preset_name, preset_data FROM " . ACL_PRESETS_TABLE . " WHERE preset_type = '$type_sql' ORDER BY preset_id ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $preset_update_options .= ''; $preset_options .= ''; $preset_data = unserialize($row['preset_data']); foreach ($preset_data as $preset_type => $preset_type_ary) { $holding[$preset_type] = ''; foreach ($preset_type_ary as $preset_option) { $holding[$preset_type] .= "$preset_option, "; } } $preset_js .= "\tpresets['preset_" . $row['preset_id'] . "'] = new Array();" . "\n"; $preset_js .= "\tpresets['preset_" . $row['preset_id'] . "'] = new preset_obj('" . $holding['allow'] . "', '" . $holding['deny'] . "', '" . $holding['inherit'] . "');\n"; } while ($row = $db->sql_fetchrow($result)); } unset($holding); if ($dep_quick_access) { $sql = 'SELECT auth_deps FROM ' . ACL_DEPS_TABLE . " WHERE dep_name ='$dep_quick_access'"; $result = $db->sql_query($sql); $auth_values = array(); if ($row = $db->sql_fetchrow($result)) { $auth_values = unserialize($row); } $db->sql_freeresult($result); } ?>

">lang['QUICK ACCESS']; ?>:
 
Permission type:
Changing option:
To value:
Will set options in:
Quick access name:
">lang['PRESETS']; ?>:
data['user_founder']) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE 'f_%' AND auth_value <> 'f_' $founder_sql"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; $l_can_cell = (!empty($user->lang['acl_' . $row['auth_value']])) ? $user->lang['acl_' . $row['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $row['auth_value'])); $allow_type = (isset($auth_values[$row['auth_value']]) && $auth_values[$row['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; $deny_type = (isset($auth_values[$row['auth_value']]) && $auth_values[$row['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; $inherit_type = (!isset($auth_values[$row['auth_value']]) || $auth_values[$row['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; ?>
 lang['OPTION']; ?>   lang['YES']; ?>   lang['NO']; ?>   lang['UNSET']; ?> 
/> /> />
sql_query($sql); if (!($forum_info = $db->sql_fetchrow($result))) { trigger_error($user->lang['NO_FORUM']); } $db->sql_freeresult($result); $l_title .= ' : ' . $forum_info['forum_name'] . ''; } else if (!empty($username)) { $sql = "SELECT user_id FROM " . USERS_TABLE . " WHERE username IN ('$username')"; $result = $db->sql_query($sql); if (!($row = $db->sql_fetchrow($result))) { trigger_error($user->lang['NO_USER']); } $db->sql_freeresult($result); $entries = array($row['user_id']); $l_title .= ' : ' . $username . ''; } else if (!empty($group_id)) { $sql = "SELECT group_name FROM " . GROUPS_TABLE . " WHERE group_id IN ($group_id)"; $result = $db->sql_query($sql); if (!($row = $db->sql_fetchrow($result))) { trigger_error($user->lang['NO_GROUP']); } $db->sql_freeresult($result); $entries = array($group_id); $l_title .= ' : ' . $row['group_name'] . ''; } // Generate header page_header($l_title); ?>

data['user_founder']) ? ' AND founder_only <> 1' : ''; $sql = "SELECT auth_option_id, auth_value FROM " . ACL_OPTIONS_TABLE . " WHERE auth_value LIKE '" . $type_sql . "_%' AND auth_value <> '" . $type_sql . "_' $founder_sql"; $result = $db->sql_query($sql); $auth_options = array(); while ($row = $db->sql_fetchrow($result)) { $auth_options[] = $row; } $db->sql_freeresult($result); if ($_POST['type'] == 'user' && !empty($_POST['new'])) { $entries = explode("\n", $entries); } $where_sql = ''; foreach ($entries as $value) { $where_sql .= (($where_sql != '') ? ', ' : '') . (($_POST['type'] == 'user' && !empty($_POST['new'])) ? "'$value'" : intval($value)); } $ug = '';; $ug_hidden = ''; $auth_values = array(); switch ($_POST['type']) { case 'group': $l_type = 'Group'; $sql = "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC"; break; case 'user': $l_type = 'User'; $sql = "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC"; break; } $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $ug_test = (!empty($user->lang[$row['name']])) ? $user->lang[$row['name']] : $row['name']; $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; $ug_test = ''; $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; $auth_values[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; } while ($row = $db->sql_fetchrow($result)); } else { $db->sql_freeresult($result); $sql = ($_POST['type'] == 'group') ? "SELECT group_id AS id, group_name AS name, group_type FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC" : "SELECT user_id AS id, username AS name FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $ug_test = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang[$row['name']] : $row['name']; $ug .= (!strstr($ug, $ug_test)) ? $ug_test . "\n" : ''; $ug_test = ''; $ug_hidden .= (!strstr($ug_hidden, $ug_test)) ? $ug_test : ''; $auth_values[$row['auth_value']] = (isset($auth_group[$row['auth_value']])) ? min($auth_group[$row['auth_value']], $row['auth_allow_deny']) : $row['auth_allow_deny']; } while ($row = $db->sql_fetchrow($result)); } else { } } $db->sql_freeresult($result); // Now we'll build a list of preset options ... $preset_options = $preset_js = $preset_update_options = ''; $holding = array(); // Do we have a parent forum? If so offer option to inherit from that if ($forum_info['parent_id'] != 0) { switch ($_POST['type']) { case 'group': $sql = "SELECT o.auth_value, a.auth_allow_deny FROM " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id AND a.forum_id = " . $forum_info['parent_id'] . " AND a.group_id IN ($where_sql)"; break; case 'user': $sql = "SELECT o.auth_value, a.auth_allow_deny FROM " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id AND a.forum_id = " . $forum_info['parent_id'] . " AND a.user_id IN ($where_sql)"; break; } $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { switch ($row['auth_allow_deny']) { case ACL_ALLOW: $holding['allow'] .= $row['auth_value'] . ', '; break; case ACL_DENY: $holding['deny'] .= $row['auth_value'] . ', '; break; case ACL_INHERIT: $holding['inherit'] .= $row['auth_value'] . ', '; break; } } while ($row = $db->sql_fetchrow($result)); $preset_options .= ''; $preset_js .= "\tpresets['preset_0'] = new Array();" . "\n"; $preset_js .= "\tpresets['preset_0'] = new preset_obj('" . $holding['allow'] . "', '" . $holding['deny'] . "', '" . $holding['inherit'] . "');\n"; } $db->sql_freeresult($result); } // Look for custom presets $sql = "SELECT preset_id, preset_name, preset_data FROM " . ACL_PRESETS_TABLE . " WHERE preset_type = '$type_sql' ORDER BY preset_id ASC"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { do { $preset_update_options .= ''; $preset_options .= ''; $preset_data = unserialize($row['preset_data']); foreach ($preset_data as $preset_type => $preset_type_ary) { $holding[$preset_type] = ''; foreach ($preset_type_ary as $preset_option) { $holding[$preset_type] .= "$preset_option, "; } } $preset_js .= "\tpresets['preset_" . $row['preset_id'] . "'] = new Array();" . "\n"; $preset_js .= "\tpresets['preset_" . $row['preset_id'] . "'] = new preset_obj('" . $holding['allow'] . "', '" . $holding['deny'] . "', '" . $holding['inherit'] . "');\n"; } while ($row = $db->sql_fetchrow($result)); } unset($holding); ?>

lang['ACL_EXPLAIN']; ?>

">
lang['PRESETS']; ?>:
lang['acl_' . $auth_options[$i]['auth_value']])) ? $user->lang['acl_' . $auth_options[$i]['auth_value']] : ucfirst(preg_replace('#.*?_#', '', $auth_options[$i]['auth_value'])); if (!empty($_POST['presetsave']) || !empty($_POST['presetdel'])) { $allow_type = ($_POST['option'][$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; $deny_type = ($_POST['option'][$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; $inherit_type = ($_POST['option'][$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; } else { $allow_type = (isset($auth_values[$auth_options[$i]['auth_value']]) && $auth_values[$auth_options[$i]['auth_value']] == ACL_ALLOW) ? ' checked="checked"' : ''; $deny_type = (isset($auth_values[$auth_options[$i]['auth_value']]) && $auth_values[$auth_options[$i]['auth_value']] == ACL_DENY) ? ' checked="checked"' : ''; $inherit_type = (!isset($auth_values[$auth_options[$i]['auth_value']]) || $auth_values[$auth_options[$i]['auth_value']] == ACL_INHERIT) ? ' checked="checked"' : ''; } ?> acl_gets('a_events', 'a_cron')) { $row_class = ($row_class == 'row1') ? 'row2' : 'row1'; ?>
 lang['OPTION']; ?>   lang['YES']; ?>   lang['NO']; ?>   lang['UNSET']; ?> 
  /> /> />
lang['ACL_SUBFORUMS']; ?>
lang['ACL_SUBFORUMS_EXPLAIN']; ?>
lang['MARK_ALL']; ?> :: lang['UNMARK_ALL']; ?>
  

lang['PRESETS']; ?>
lang['PRESETS_EXPLAIN']; ?>
lang['SELECT_PRESET']; ?>:
lang['PRESET_NAME']; ?>:
 

lang['USERS']; ?>

lang['GROUPS']; ?>
">sql_query($sql); $users = ''; while ($row = $db->sql_fetchrow($result)) { $users .= ''; } $db->sql_freeresult($result); ?>
lang['MANAGE_USERS']; ?>
 
">sql_query($sql); $groups = ''; while ($row = $db->sql_fetchrow($result)) { $groups .= ''; } $db->sql_freeresult($result); $sql = "SELECT group_id, group_name FROM " . GROUPS_TABLE . " ORDER BY group_type DESC, group_name"; $result = $db->sql_query($sql); $group_list = ''; while ($row = $db->sql_fetchrow($result)) { $group_list .= ''; } $db->sql_freeresult($result); ?>
lang['MANAGE_GROUPS']; ?>
 
">
lang['ADD_USERS']; ?>
    &mode=searchuser&form=2&field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" />
">
lang['ADD_GROUPS']; ?>
 

">sql_query($sql); $group_options = ''; if ($row = $db->sql_fetchrow($result)) { do { $group_options .= (($group_options != '') ? ', ' : '') . ''; } while ($row = $db->sql_fetchrow($result)); } $db->sql_freeresult($result); ?>
lang['LOOK_UP_FORUM']; ?>
    
lang['Select_a_User']; ?>
', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;" />
lang['SELECT_A_GROUP']; ?>