--- a/plugins/SpecialGroups.php Sun Mar 28 21:49:26 2010 -0400
+++ b/plugins/SpecialGroups.php Sun Mar 28 23:10:46 2010 -0400
@@ -1,12 +1,12 @@
<?php
/**!info**
{
- "Plugin Name" : "plugin_specialgroups_title",
- "Plugin URI" : "http://enanocms.org/",
- "Description" : "plugin_specialgroups_desc",
- "Author" : "Dan Fuhry",
- "Version" : "1.1.6",
- "Author URI" : "http://enanocms.org/"
+ "Plugin Name" : "plugin_specialgroups_title",
+ "Plugin URI" : "http://enanocms.org/",
+ "Description" : "plugin_specialgroups_desc",
+ "Author" : "Dan Fuhry",
+ "Version" : "1.1.6",
+ "Author URI" : "http://enanocms.org/"
}
**!*/
@@ -25,553 +25,553 @@
function SpecialGroups_paths_init()
{
- register_special_page('Usergroups', 'specialpage_groupcp');
+ register_special_page('Usergroups', 'specialpage_groupcp');
}
function page_Special_Usergroups()
{
- global $db, $session, $paths, $template, $plugins; // Common objects
- global $email; // Import e-mail encryption functions
- global $lang;
-
- if ( !$session->user_logged_in )
- {
- header('Location: ' . makeUrlComplete('Special', 'Login/' . $paths->page));
- $db->close();
- exit;
- }
-
- $template->header();
- userprefs_show_menu();
- if ( isset($_POST['do_view']) || isset($_POST['do_view_n']) || ( isset($_GET['act']) && isset($_POST['group_id']) ) )
- {
- $gid = ( isset ( $_POST['do_view_n'] ) ) ? intval($_POST['group_id_n']) : intval($_POST['group_id']);
- if ( empty($gid) || $gid < 1 )
- {
- die_friendly('Error', '<p>Hacking attempt</p>');
- }
- $q = $db->sql_query('SELECT group_name,group_type,system_group FROM '.table_prefix.'groups WHERE group_id=' . $gid . ';');
- if ( !$q )
- {
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- }
- $row = $db->fetchrow();
- $db->free_result();
- $members = array();
- $pending = array();
- $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,m.pending,COUNT(c.comment_id) AS num_comments
- FROM '.table_prefix.'users AS u
- LEFT JOIN '.table_prefix.'group_members AS m
- ON ( m.user_id = u.user_id )
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.name = u.username )
- WHERE m.group_id=' . $gid . '
- GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,m.pending
- ORDER BY m.is_mod DESC,u.username ASC;');
- if ( !$q )
- {
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- }
-
- $is_member = false;
- $is_mod = false;
- $is_pending = false;
-
- while ( $mr = $db->fetchrow() )
- {
- if ( $mr['pending'] == 1 )
- {
- $pending[] = $mr;
- if ( $mr['user_id'] == $session->user_id )
- {
- $is_pending = true;
- }
- }
- else
- {
- $members[] = $mr;
- if ( $mr['user_id'] == $session->user_id )
- {
- $is_member = true;
- if ( $mr['is_mod'] == 1 )
- {
- $is_mod = true;
- }
- }
- }
- }
-
- $status = ( $is_member && $is_mod )
- ? $lang->get('groupcp_status_mod')
- : ( ( $is_member && !$is_mod )
- ? $lang->get('groupcp_status_member')
- : $lang->get('groupcp_status_not_member')
- );
-
- $can_do_admin_stuff = ( $is_mod || $session->user_level >= USER_LEVEL_ADMIN );
-
- switch ( $row['group_type'] )
- {
- case GROUP_HIDDEN: $g_state = $lang->get('groupcp_type_hidden'); break;
- case GROUP_CLOSED: $g_state = $lang->get('groupcp_type_closed'); break;
- case GROUP_REQUEST: $g_state = $lang->get('groupcp_type_request'); break;
- case GROUP_OPEN: $g_state = $lang->get('groupcp_type_open'); break;
- }
-
- if ( isset($_GET['act']) && $can_do_admin_stuff )
- {
- switch($_GET['act'])
- {
- case 'update':
- if(!in_array(intval($_POST['group_state']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST)))
- {
- die_friendly('ERROR', '<p>Hacking attempt</p>');
- }
- $q = $db->sql_query('SELECT group_type, system_group FROM '.table_prefix.'groups WHERE group_id=' . intval( $_POST['group_id']) . ';');
- if ( !$q )
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- $error = false;
- if ( $db->numrows() < 1 )
- {
- echo '<div class="error-box" style="margin-left: 0;">The group you selected does not exist.</div>';
- $error = true;
- }
- $r = $db->fetchrow();
- if ( $r['system_group'] == 1 && ( intval($_POST['group_state']) == GROUP_OPEN || intval($_POST['group_state']) == GROUP_REQUEST ) )
- {
- echo '<div class="error-box" style="margin-left: 0;">' . $lang->get('groupcp_err_state_system_group') . '</div>';
- $error = true;
- }
- if ( !$error )
- {
- $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_type=' . intval($_POST['group_state']) . ' WHERE group_id=' . intval( $_POST['group_id']) . ';');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- $row['group_type'] = $_POST['group_state'];
- echo '<div class="info-box" style="margin-left: 0;">' . $lang->get('groupcp_msg_state_updated') . '</div>';
- }
- break;
- case 'adduser':
- $username = $_POST['add_username'];
- $mod = ( isset($_POST['add_mod']) ) ? '1' : '0';
-
- $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\'' . $db->escape($username) . '\';');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- if ($db->numrows() < 1)
- {
- echo '<div class="error-box">' . $lang->get('groupcp_err_user_not_found') . '</div>';
- break;
- }
- $r = $db->fetchrow();
- $db->free_result();
- $uid = intval($r['user_id']);
+ global $db, $session, $paths, $template, $plugins; // Common objects
+ global $email; // Import e-mail encryption functions
+ global $lang;
+
+ if ( !$session->user_logged_in )
+ {
+ header('Location: ' . makeUrlComplete('Special', 'Login/' . $paths->page));
+ $db->close();
+ exit;
+ }
+
+ $template->header();
+ userprefs_show_menu();
+ if ( isset($_POST['do_view']) || isset($_POST['do_view_n']) || ( isset($_GET['act']) && isset($_POST['group_id']) ) )
+ {
+ $gid = ( isset ( $_POST['do_view_n'] ) ) ? intval($_POST['group_id_n']) : intval($_POST['group_id']);
+ if ( empty($gid) || $gid < 1 )
+ {
+ die_friendly('Error', '<p>Hacking attempt</p>');
+ }
+ $q = $db->sql_query('SELECT group_name,group_type,system_group FROM '.table_prefix.'groups WHERE group_id=' . $gid . ';');
+ if ( !$q )
+ {
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ }
+ $row = $db->fetchrow();
+ $db->free_result();
+ $members = array();
+ $pending = array();
+ $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,m.pending,COUNT(c.comment_id) AS num_comments
+ FROM '.table_prefix.'users AS u
+ LEFT JOIN '.table_prefix.'group_members AS m
+ ON ( m.user_id = u.user_id )
+ LEFT JOIN '.table_prefix.'comments AS c
+ ON ( c.name = u.username )
+ WHERE m.group_id=' . $gid . '
+ GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,m.pending
+ ORDER BY m.is_mod DESC,u.username ASC;');
+ if ( !$q )
+ {
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ }
+
+ $is_member = false;
+ $is_mod = false;
+ $is_pending = false;
+
+ while ( $mr = $db->fetchrow() )
+ {
+ if ( $mr['pending'] == 1 )
+ {
+ $pending[] = $mr;
+ if ( $mr['user_id'] == $session->user_id )
+ {
+ $is_pending = true;
+ }
+ }
+ else
+ {
+ $members[] = $mr;
+ if ( $mr['user_id'] == $session->user_id )
+ {
+ $is_member = true;
+ if ( $mr['is_mod'] == 1 )
+ {
+ $is_mod = true;
+ }
+ }
+ }
+ }
+
+ $status = ( $is_member && $is_mod )
+ ? $lang->get('groupcp_status_mod')
+ : ( ( $is_member && !$is_mod )
+ ? $lang->get('groupcp_status_member')
+ : $lang->get('groupcp_status_not_member')
+ );
+
+ $can_do_admin_stuff = ( $is_mod || $session->user_level >= USER_LEVEL_ADMIN );
+
+ switch ( $row['group_type'] )
+ {
+ case GROUP_HIDDEN: $g_state = $lang->get('groupcp_type_hidden'); break;
+ case GROUP_CLOSED: $g_state = $lang->get('groupcp_type_closed'); break;
+ case GROUP_REQUEST: $g_state = $lang->get('groupcp_type_request'); break;
+ case GROUP_OPEN: $g_state = $lang->get('groupcp_type_open'); break;
+ }
+
+ if ( isset($_GET['act']) && $can_do_admin_stuff )
+ {
+ switch($_GET['act'])
+ {
+ case 'update':
+ if(!in_array(intval($_POST['group_state']), Array(GROUP_CLOSED, GROUP_OPEN, GROUP_HIDDEN, GROUP_REQUEST)))
+ {
+ die_friendly('ERROR', '<p>Hacking attempt</p>');
+ }
+ $q = $db->sql_query('SELECT group_type, system_group FROM '.table_prefix.'groups WHERE group_id=' . intval( $_POST['group_id']) . ';');
+ if ( !$q )
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ $error = false;
+ if ( $db->numrows() < 1 )
+ {
+ echo '<div class="error-box" style="margin-left: 0;">The group you selected does not exist.</div>';
+ $error = true;
+ }
+ $r = $db->fetchrow();
+ if ( $r['system_group'] == 1 && ( intval($_POST['group_state']) == GROUP_OPEN || intval($_POST['group_state']) == GROUP_REQUEST ) )
+ {
+ echo '<div class="error-box" style="margin-left: 0;">' . $lang->get('groupcp_err_state_system_group') . '</div>';
+ $error = true;
+ }
+ if ( !$error )
+ {
+ $q = $db->sql_query('UPDATE '.table_prefix.'groups SET group_type=' . intval($_POST['group_state']) . ' WHERE group_id=' . intval( $_POST['group_id']) . ';');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ $row['group_type'] = $_POST['group_state'];
+ echo '<div class="info-box" style="margin-left: 0;">' . $lang->get('groupcp_msg_state_updated') . '</div>';
+ }
+ break;
+ case 'adduser':
+ $username = $_POST['add_username'];
+ $mod = ( isset($_POST['add_mod']) ) ? '1' : '0';
+
+ $q = $db->sql_query('SELECT user_id FROM '.table_prefix.'users WHERE username=\'' . $db->escape($username) . '\';');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ if ($db->numrows() < 1)
+ {
+ echo '<div class="error-box">' . $lang->get('groupcp_err_user_not_found') . '</div>';
+ break;
+ }
+ $r = $db->fetchrow();
+ $db->free_result();
+ $uid = intval($r['user_id']);
- // Check if the user is already in the group, and if so, only update modship
- $q = $db->sql_query('SELECT member_id,is_mod FROM '.table_prefix.'group_members WHERE user_id=' . $uid . ' AND group_id=' . intval($_POST['group_id']) . ';');
- if ( !$q )
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- if ( $db->numrows() > 0 )
- {
- $r = $db->fetchrow();
- if ( (string) $r['is_mod'] != $mod )
- {
- $q = $db->sql_query('UPDATE '.table_prefix.'group_members SET is_mod=' . $mod . ' WHERE member_id=' . $r['member_id'] . ';');
- if ( !$q )
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- foreach ( $members as $i => $member )
- {
- if ( $member['member_id'] == $r['member_id'] )
- $members[$i]['is_mod'] = (int)$mod;
- }
- echo '<div class="info-box">' . $lang->get('groupcp_msg_user_already_in_mod_updated', array('username' => $username)) . '</div>';
- }
- else
- {
- echo '<div class="info-box">' . $lang->get('groupcp_msg_user_already_in', array('username' => $username)) . '</div>';
- }
- break;
- }
-
- $db->free_result();
-
- $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES(' . intval($_POST['group_id']) . ', ' . $uid . ', ' . $mod . ');');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- echo '<div class="info-box">' . $lang->get('groupcp_msg_user_added', array('username' => $username)) . '</div>';
-
- $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,COUNT(c.comment_id) AS num_comments
- FROM '.table_prefix.'users AS u
- LEFT JOIN '.table_prefix.'group_members AS m
- ON ( m.user_id = u.user_id )
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.name = u.username )
- WHERE m.group_id=' . $gid . '
- AND m.pending!=1
- AND u.user_id=' . $uid . '
- GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod
- ORDER BY m.is_mod DESC,u.username ASC
- LIMIT 1;');
- if ( !$q )
- $db->_die('SpecialGroups.php, line ' . __LINE__);
-
- $r = $db->fetchrow();
- $members[] = $r;
- $db->free_result();
-
- // just added a user to the group, so regenerate the ranks cache
- generate_cache_userranks();
-
- break;
- case 'del_users':
- foreach ( $members as $i => $member )
- {
- if ( isset($_POST['del_user'][$member['member_id']]) )
- {
- $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id=' . $member['member_id'] . ';');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- unset($members[$i]);
- }
- }
- // regenerate the ranks cache
- generate_cache_userranks();
-
- break;
- case 'pending':
- foreach ( $pending as $i => $member )
- {
- if ( isset( $_POST['with_user'][$member['member_id']]) )
- {
- if ( isset ( $_POST['do_appr_pending'] ) )
- {
- $q = $db->sql_query('UPDATE '.table_prefix.'group_members SET pending=0 WHERE member_id=' . $member['member_id'] . ';');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- $members[] = $member;
- unset($pending[$i]);
- continue;
- }
- elseif ( isset ( $_POST['do_reject_pending'] ) )
- {
- $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id=' . $member['member_id'] . ';');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- unset($pending[$i]);
- }
- }
- }
- // memberships updated/changed, regenerate ranks cache
- generate_cache_userranks();
-
- echo '<div class="info-box">' . $lang->get('groupcp_msg_pending_updated') . '</div>';
- break;
- }
- }
-
- if ( isset($_GET['act']) && $_GET['act'] == 'update' && !$is_member && $row['group_type'] == GROUP_OPEN && !$can_do_admin_stuff )
- {
- $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id) VALUES(' . $gid . ', ' . $session->user_id . ');');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- echo '<div class="info-box">' . $lang->get('groupcp_msg_self_added') . '</div>';
-
- $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,COUNT(c.comment_id) AS num_comments
- FROM '.table_prefix.'users AS u
- LEFT JOIN '.table_prefix.'group_members AS m
- ON ( m.user_id = u.user_id )
- LEFT JOIN '.table_prefix.'comments AS c
- ON ( c.name = u.username )
- WHERE m.group_id=' . $gid . '
- AND m.pending!=1
- AND u.user_id=' . $session->user_id . '
- GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod
- ORDER BY m.is_mod DESC,u.username ASC
- LIMIT 1;');
- if ( !$q )
- $db->_die('SpecialGroups.php, line ' . __LINE__);
-
- $r = $db->fetchrow();
- $members[] = $r;
- $db->free_result();
-
- }
-
- if ( isset($_GET['act']) && $_GET['act'] == 'update' && !$is_member && $row['group_type'] == GROUP_REQUEST && !$is_pending && !$can_do_admin_stuff )
- {
- $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,pending) VALUES(' . $gid . ', ' . $session->user_id . ', 1);');
- if (!$q)
- $db->_die('SpecialGroups.php, line ' . __LINE__);
- echo '<div class="info-box">' . $lang->get('groupcp_msg_membership_requested') . '</div>';
- }
-
- $state_btns = ( $can_do_admin_stuff ) ?
- '<label><input type="radio" name="group_state" value="' . GROUP_HIDDEN . '" ' . (( $row['group_type'] == GROUP_HIDDEN ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_hidden') . '</label>
- <label><input type="radio" name="group_state" value="' . GROUP_CLOSED . '" ' . (( $row['group_type'] == GROUP_CLOSED ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_closed') . '</label>
- <label><input type="radio" name="group_state" value="' . GROUP_REQUEST. '" ' . (( $row['group_type'] == GROUP_REQUEST) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_request') . '</label>
- <label><input type="radio" name="group_state" value="' . GROUP_OPEN . '" ' . (( $row['group_type'] == GROUP_OPEN ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_open') . '</label>'
- : $g_state;
- if ( !$can_do_admin_stuff && $row['group_type'] == GROUP_REQUEST && !$is_member )
- {
- if ( $is_pending )
- $state_btns .= ' ' . $lang->get('groupcp_msg_status_pending');
- else
- $state_btns .= ' <input type="submit" value="' . $lang->get('groupcp_btn_request_join') . '" />';
- }
-
- if ( !$can_do_admin_stuff && $row['group_type'] == GROUP_OPEN && !$is_member )
- {
- $state_btns .= ' <input type="submit" value="' . $lang->get('groupcp_btn_join') . '" />';
- }
-
- $g_name_local = 'groupcp_grp_' . strtolower($row['group_name']);
- $str = $lang->get($g_name_local);
- if ( $str != $g_name_local )
- $row['group_name'] = $str;
-
- echo '<form action="' . makeUrl($paths->page, 'act=update') . '" method="post" enctype="multipart/form-data">
- <div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">' . $lang->get('groupcp_th_group_info') . '</th>
- </tr>
- <tr>
- <td class="row2">' . $lang->get('groupcp_lbl_group_name') . '</td>
- <td class="row1">' . $row['group_name'] . ( $row['system_group'] == 1 ? ' ' . $lang->get('groupcp_msg_system_group') : '' ) . '</td>
- </tr>
- <tr>
- <td class="row2">' . $lang->get('groupcp_lbl_status') . '</td>
- <td class="row1">' . $status . '</td>
- </tr>
- <tr>
- <td class="row2">' . $lang->get('groupcp_lbl_state') . '</td>
- <td class="row1">' . $state_btns . '</td>
- </tr>
- ' . ( ( $is_mod || $session->user_level >= USER_LEVEL_ADMIN ) ? '
- <tr>
- <th class="subhead" colspan="2">
- <input type="submit" value="' . $lang->get('etc_save_changes') . '" />
- </th>
- </tr>
- ' : '' ) . '
- </table>
- </div>
- <input name="group_id" value="' . $gid . '" type="hidden" />
- </form>';
- if ( sizeof ( $pending ) > 0 && $can_do_admin_stuff )
- {
- echo '<form action="' . makeUrl($paths->page, 'act=pending') . '" method="post" enctype="multipart/form-data">
- <input name="group_id" value="' . $gid . '" type="hidden" />
- <h2>' . $lang->get('groupcp_th_pending_memberships') . '</h2>
- <div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>' . $lang->get('groupcp_th_username') . '</th>
- <th>' . $lang->get('groupcp_th_email') . '</th>
- <th>' . $lang->get('groupcp_th_reg_time') . '</th>
- <th>' . $lang->get('groupcp_th_comments') . '</th>
- <th>' . $lang->get('groupcp_th_select') . '</th>
- </tr>';
- $cls = 'row2';
- foreach ( $pending as $member )
- {
-
- $date = enano_date(ED_DATE, $member['reg_time']);
- $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
- $addy = $email->encryptEmail($member['email']);
-
- echo "<tr>
- <td class='{$cls}'>{$member['username']}</td>
- <td class='{$cls}'>{$addy}</td>
- <td class='{$cls}'>{$date}</td>
- <td class='{$cls}'>{$member['num_comments']}</td>
- <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='with_user[{$member['member_id']}]' /></td>
- </tr>";
- }
- echo '</table>
- </div>
- <div style="margin: 10px 0 0 auto;">
- With selected:
- <input type="submit" name="do_appr_pending" value="' . $lang->get('groupcp_btn_approve_pending') . '" />
- <input type="submit" name="do_reject_pending" value="' . $lang->get('groupcp_btn_reject_pending') . '" />
- </div>
- </form>';
- }
- echo '<form action="' . makeUrl($paths->page, 'act=del_users') . '" method="post" enctype="multipart/form-data">
- <h2>' . $lang->get('groupcp_th_group_members') . '</h2>
- <div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th>' . $lang->get('groupcp_th_username') . '</th>
- <th>' . $lang->get('groupcp_th_email') . '</th>
- <th>' . $lang->get('groupcp_th_reg_time') . '</th>
- <th>' . $lang->get('groupcp_th_comments') . '</th>
- ' . ( ( $can_do_admin_stuff ) ? '
- <th>' . $lang->get('groupcp_th_remove') . '</th>
- ' : '' ) . '
- </tr>
- <tr>
- <th colspan="5" class="subhead">' . $lang->get('groupcp_th_group_mods') . '</th>
- </tr>';
- $mod_printed = false;
- $mem_printed = false;
- $cls = 'row2';
-
- foreach ( $members as $member )
- {
- if ( $member['is_mod'] != 1 )
- break;
-
- $date = enano_date(ED_DATE, $member['reg_time']);
- $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
- $addy = $email->encryptEmail($member['email']);
-
- $mod_printed = true;
-
- echo "<tr>
- <td class='{$cls}'>{$member['username']}</td>
- <td class='{$cls}'>{$addy}</td>
- <td class='{$cls}'>{$date}</td>
- <td class='{$cls}'>{$member['num_comments']}</td>
- " . ( ( $can_do_admin_stuff ) ? "
- <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='del_user[{$member['member_id']}]' /></td>
- " : '' ) . "
- </tr>";
- }
- if (!$mod_printed)
- echo '<tr><td class="' . $cls . '" colspan="5">' . $lang->get('groupcp_msg_no_mods') . '</td></th>';
- echo '<tr><th class="subhead" colspan="5">' . $lang->get('groupcp_th_group_members') . '</th></tr>';
- foreach ( $members as $member )
- {
- if ( $member['is_mod'] == 1 )
- continue;
-
- $date = enano_date(ED_DATE, $member['reg_time']);
- $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
- $addy = $email->encryptEmail($member['email']);
-
- $mem_printed = true;
-
- echo "<tr>
- <td class='{$cls}'>{$member['username']}</td>
- <td class='{$cls}'>{$addy}</td>
- <td class='{$cls}'>{$date}</td>
- <td class='{$cls}'>{$member['num_comments']}</td>
- " . ( ( $can_do_admin_stuff ) ? "
- <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='del_user[{$member['member_id']}]' /></td>
- " : '' ) . "
- </tr>";
- }
- if (!$mem_printed)
- echo '<tr><td class="' . $cls . '" colspan="5">' . $lang->get('groupcp_msg_no_members') . '</td></th>';
- echo ' </table>
- </div>';
- if ( $can_do_admin_stuff )
- {
- echo "<div style='margin: 10px 0 0 auto;'><input type='submit' name='do_del_user' value=\"" . $lang->get('groupcp_btn_remove_selected') . "\" /></div>";
- }
- echo '<input name="group_id" value="' . $gid . '" type="hidden" />
- </form>';
- if ( $can_do_admin_stuff )
- {
- echo '<form action="' . makeUrl($paths->page, 'act=adduser') . '" method="post" enctype="multipart/form-data" onsubmit="if(!submitAuthorized) return false;">
- <div class="tblholder">
- <table border="0" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">' . $lang->get('groupcp_th_add_member') . '</th>
- </tr>
- <tr>
- <td class="row2">' . $lang->get('groupcp_lbl_username') . '</td><td class="row1">' . $template->username_field('add_username') . '</td>
- </tr>
- <tr>
- <td class="row2">' . $lang->get('groupcp_lbl_moderator') . '</td><td class="row1"><label><input type="checkbox" name="add_mod" /> ' . $lang->get('groupcp_lbl_make_mod') . '</label></td>
- </tr>
- <tr>
- <th class="subhead" colspan="2">
- <input type="submit" value="' . $lang->get('groupcp_btn_add_member') . '" />
- </th>
- </tr>
- </table>
- </div>
- <input name="group_id" value="' . $gid . '" type="hidden" />
- </form>';
- }
- }
- else
- {
- echo '<form action="'.makeUrlNS('Special', 'Usergroups').'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
- echo '<div class="tblholder">
- <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
- <tr>
- <th colspan="2">' . $lang->get('groupcp_th_select_group') . '</th>
- </tr>
- <tr>
- <td class="row2" style="text-align: right; width: 50%;">
- ' . $lang->get('groupcp_lbl_current_memberships') . '
- </td>
- <td class="row1" style="width: 50%;">';
- $taboo = Array('Everyone');
- if ( sizeof ( $session->groups ) > count($taboo) )
- {
- echo '<select name="group_id">';
- foreach ( $session->groups as $id => $group )
- {
- $taboo[] = $db->escape($group);
- $group = htmlspecialchars($group);
- if ( $group != 'Everyone' )
- {
- $g_name_local = 'groupcp_grp_' . strtolower($group);
- $str = $lang->get($g_name_local);
- if ( $str != $g_name_local )
- $group = $str;
- echo '<option value="' . $id . '">' . $group . '</option>';
- }
- }
- echo '</select>
- <input type="submit" name="do_view" value="' . $lang->get('groupcp_btn_view') . '" />';
- }
- else
- {
- echo 'None';
- }
-
- echo '</td>
- </tr>';
- $taboo = 'WHERE group_name != \'' . implode('\' AND group_name != \'', $taboo) . '\'';
- $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups '.$taboo.' AND group_type != ' . GROUP_HIDDEN . ' ORDER BY group_name ASC;');
- if(!$q)
- {
- echo $db->get_error();
- $template->footer();
- return;
- }
- if($db->numrows() > 0)
- {
- echo '<tr>
- <td class="row2" style="text-align: right;">
- ' . $lang->get('groupcp_lbl_non_memberships') . '
- </td>
- <td class="row1">
- <select name="group_id_n">';
- while ( $row = $db->fetchrow() )
- {
- if ( $row['group_name'] != 'Everyone' )
- {
- echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars($row['group_name']) . '</option>';
- }
- }
- echo '</select>
- <input type="submit" name="do_view_n" value="' . $lang->get('groupcp_btn_view') . '" />
- </td>
- </tr>
- ';
- }
- $db->free_result();
- echo '</table>
- </div>
- </form>';
- }
- $template->footer();
+ // Check if the user is already in the group, and if so, only update modship
+ $q = $db->sql_query('SELECT member_id,is_mod FROM '.table_prefix.'group_members WHERE user_id=' . $uid . ' AND group_id=' . intval($_POST['group_id']) . ';');
+ if ( !$q )
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ if ( $db->numrows() > 0 )
+ {
+ $r = $db->fetchrow();
+ if ( (string) $r['is_mod'] != $mod )
+ {
+ $q = $db->sql_query('UPDATE '.table_prefix.'group_members SET is_mod=' . $mod . ' WHERE member_id=' . $r['member_id'] . ';');
+ if ( !$q )
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ foreach ( $members as $i => $member )
+ {
+ if ( $member['member_id'] == $r['member_id'] )
+ $members[$i]['is_mod'] = (int)$mod;
+ }
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_user_already_in_mod_updated', array('username' => $username)) . '</div>';
+ }
+ else
+ {
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_user_already_in', array('username' => $username)) . '</div>';
+ }
+ break;
+ }
+
+ $db->free_result();
+
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,is_mod) VALUES(' . intval($_POST['group_id']) . ', ' . $uid . ', ' . $mod . ');');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_user_added', array('username' => $username)) . '</div>';
+
+ $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,COUNT(c.comment_id) AS num_comments
+ FROM '.table_prefix.'users AS u
+ LEFT JOIN '.table_prefix.'group_members AS m
+ ON ( m.user_id = u.user_id )
+ LEFT JOIN '.table_prefix.'comments AS c
+ ON ( c.name = u.username )
+ WHERE m.group_id=' . $gid . '
+ AND m.pending!=1
+ AND u.user_id=' . $uid . '
+ GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod
+ ORDER BY m.is_mod DESC,u.username ASC
+ LIMIT 1;');
+ if ( !$q )
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+
+ $r = $db->fetchrow();
+ $members[] = $r;
+ $db->free_result();
+
+ // just added a user to the group, so regenerate the ranks cache
+ generate_cache_userranks();
+
+ break;
+ case 'del_users':
+ foreach ( $members as $i => $member )
+ {
+ if ( isset($_POST['del_user'][$member['member_id']]) )
+ {
+ $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id=' . $member['member_id'] . ';');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ unset($members[$i]);
+ }
+ }
+ // regenerate the ranks cache
+ generate_cache_userranks();
+
+ break;
+ case 'pending':
+ foreach ( $pending as $i => $member )
+ {
+ if ( isset( $_POST['with_user'][$member['member_id']]) )
+ {
+ if ( isset ( $_POST['do_appr_pending'] ) )
+ {
+ $q = $db->sql_query('UPDATE '.table_prefix.'group_members SET pending=0 WHERE member_id=' . $member['member_id'] . ';');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ $members[] = $member;
+ unset($pending[$i]);
+ continue;
+ }
+ elseif ( isset ( $_POST['do_reject_pending'] ) )
+ {
+ $q = $db->sql_query('DELETE FROM '.table_prefix.'group_members WHERE member_id=' . $member['member_id'] . ';');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ unset($pending[$i]);
+ }
+ }
+ }
+ // memberships updated/changed, regenerate ranks cache
+ generate_cache_userranks();
+
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_pending_updated') . '</div>';
+ break;
+ }
+ }
+
+ if ( isset($_GET['act']) && $_GET['act'] == 'update' && !$is_member && $row['group_type'] == GROUP_OPEN && !$can_do_admin_stuff )
+ {
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id) VALUES(' . $gid . ', ' . $session->user_id . ');');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_self_added') . '</div>';
+
+ $q = $db->sql_query('SELECT u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod,COUNT(c.comment_id) AS num_comments
+ FROM '.table_prefix.'users AS u
+ LEFT JOIN '.table_prefix.'group_members AS m
+ ON ( m.user_id = u.user_id )
+ LEFT JOIN '.table_prefix.'comments AS c
+ ON ( c.name = u.username )
+ WHERE m.group_id=' . $gid . '
+ AND m.pending!=1
+ AND u.user_id=' . $session->user_id . '
+ GROUP BY u.user_id,u.username,u.email,u.reg_time,m.member_id,m.user_id,m.is_mod
+ ORDER BY m.is_mod DESC,u.username ASC
+ LIMIT 1;');
+ if ( !$q )
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+
+ $r = $db->fetchrow();
+ $members[] = $r;
+ $db->free_result();
+
+ }
+
+ if ( isset($_GET['act']) && $_GET['act'] == 'update' && !$is_member && $row['group_type'] == GROUP_REQUEST && !$is_pending && !$can_do_admin_stuff )
+ {
+ $q = $db->sql_query('INSERT INTO '.table_prefix.'group_members(group_id,user_id,pending) VALUES(' . $gid . ', ' . $session->user_id . ', 1);');
+ if (!$q)
+ $db->_die('SpecialGroups.php, line ' . __LINE__);
+ echo '<div class="info-box">' . $lang->get('groupcp_msg_membership_requested') . '</div>';
+ }
+
+ $state_btns = ( $can_do_admin_stuff ) ?
+ '<label><input type="radio" name="group_state" value="' . GROUP_HIDDEN . '" ' . (( $row['group_type'] == GROUP_HIDDEN ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_hidden') . '</label>
+ <label><input type="radio" name="group_state" value="' . GROUP_CLOSED . '" ' . (( $row['group_type'] == GROUP_CLOSED ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_closed') . '</label>
+ <label><input type="radio" name="group_state" value="' . GROUP_REQUEST. '" ' . (( $row['group_type'] == GROUP_REQUEST) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_request') . '</label>
+ <label><input type="radio" name="group_state" value="' . GROUP_OPEN . '" ' . (( $row['group_type'] == GROUP_OPEN ) ? 'checked="checked"' : '' ) . ' /> ' . $lang->get('groupcp_type_open') . '</label>'
+ : $g_state;
+ if ( !$can_do_admin_stuff && $row['group_type'] == GROUP_REQUEST && !$is_member )
+ {
+ if ( $is_pending )
+ $state_btns .= ' ' . $lang->get('groupcp_msg_status_pending');
+ else
+ $state_btns .= ' <input type="submit" value="' . $lang->get('groupcp_btn_request_join') . '" />';
+ }
+
+ if ( !$can_do_admin_stuff && $row['group_type'] == GROUP_OPEN && !$is_member )
+ {
+ $state_btns .= ' <input type="submit" value="' . $lang->get('groupcp_btn_join') . '" />';
+ }
+
+ $g_name_local = 'groupcp_grp_' . strtolower($row['group_name']);
+ $str = $lang->get($g_name_local);
+ if ( $str != $g_name_local )
+ $row['group_name'] = $str;
+
+ echo '<form action="' . makeUrl($paths->page, 'act=update') . '" method="post" enctype="multipart/form-data">
+ <div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4">
+ <tr>
+ <th colspan="2">' . $lang->get('groupcp_th_group_info') . '</th>
+ </tr>
+ <tr>
+ <td class="row2">' . $lang->get('groupcp_lbl_group_name') . '</td>
+ <td class="row1">' . $row['group_name'] . ( $row['system_group'] == 1 ? ' ' . $lang->get('groupcp_msg_system_group') : '' ) . '</td>
+ </tr>
+ <tr>
+ <td class="row2">' . $lang->get('groupcp_lbl_status') . '</td>
+ <td class="row1">' . $status . '</td>
+ </tr>
+ <tr>
+ <td class="row2">' . $lang->get('groupcp_lbl_state') . '</td>
+ <td class="row1">' . $state_btns . '</td>
+ </tr>
+ ' . ( ( $is_mod || $session->user_level >= USER_LEVEL_ADMIN ) ? '
+ <tr>
+ <th class="subhead" colspan="2">
+ <input type="submit" value="' . $lang->get('etc_save_changes') . '" />
+ </th>
+ </tr>
+ ' : '' ) . '
+ </table>
+ </div>
+ <input name="group_id" value="' . $gid . '" type="hidden" />
+ </form>';
+ if ( sizeof ( $pending ) > 0 && $can_do_admin_stuff )
+ {
+ echo '<form action="' . makeUrl($paths->page, 'act=pending') . '" method="post" enctype="multipart/form-data">
+ <input name="group_id" value="' . $gid . '" type="hidden" />
+ <h2>' . $lang->get('groupcp_th_pending_memberships') . '</h2>
+ <div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4">
+ <tr>
+ <th>' . $lang->get('groupcp_th_username') . '</th>
+ <th>' . $lang->get('groupcp_th_email') . '</th>
+ <th>' . $lang->get('groupcp_th_reg_time') . '</th>
+ <th>' . $lang->get('groupcp_th_comments') . '</th>
+ <th>' . $lang->get('groupcp_th_select') . '</th>
+ </tr>';
+ $cls = 'row2';
+ foreach ( $pending as $member )
+ {
+
+ $date = enano_date(ED_DATE, $member['reg_time']);
+ $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
+ $addy = $email->encryptEmail($member['email']);
+
+ echo "<tr>
+ <td class='{$cls}'>{$member['username']}</td>
+ <td class='{$cls}'>{$addy}</td>
+ <td class='{$cls}'>{$date}</td>
+ <td class='{$cls}'>{$member['num_comments']}</td>
+ <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='with_user[{$member['member_id']}]' /></td>
+ </tr>";
+ }
+ echo '</table>
+ </div>
+ <div style="margin: 10px 0 0 auto;">
+ With selected:
+ <input type="submit" name="do_appr_pending" value="' . $lang->get('groupcp_btn_approve_pending') . '" />
+ <input type="submit" name="do_reject_pending" value="' . $lang->get('groupcp_btn_reject_pending') . '" />
+ </div>
+ </form>';
+ }
+ echo '<form action="' . makeUrl($paths->page, 'act=del_users') . '" method="post" enctype="multipart/form-data">
+ <h2>' . $lang->get('groupcp_th_group_members') . '</h2>
+ <div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4">
+ <tr>
+ <th>' . $lang->get('groupcp_th_username') . '</th>
+ <th>' . $lang->get('groupcp_th_email') . '</th>
+ <th>' . $lang->get('groupcp_th_reg_time') . '</th>
+ <th>' . $lang->get('groupcp_th_comments') . '</th>
+ ' . ( ( $can_do_admin_stuff ) ? '
+ <th>' . $lang->get('groupcp_th_remove') . '</th>
+ ' : '' ) . '
+ </tr>
+ <tr>
+ <th colspan="5" class="subhead">' . $lang->get('groupcp_th_group_mods') . '</th>
+ </tr>';
+ $mod_printed = false;
+ $mem_printed = false;
+ $cls = 'row2';
+
+ foreach ( $members as $member )
+ {
+ if ( $member['is_mod'] != 1 )
+ break;
+
+ $date = enano_date(ED_DATE, $member['reg_time']);
+ $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
+ $addy = $email->encryptEmail($member['email']);
+
+ $mod_printed = true;
+
+ echo "<tr>
+ <td class='{$cls}'>{$member['username']}</td>
+ <td class='{$cls}'>{$addy}</td>
+ <td class='{$cls}'>{$date}</td>
+ <td class='{$cls}'>{$member['num_comments']}</td>
+ " . ( ( $can_do_admin_stuff ) ? "
+ <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='del_user[{$member['member_id']}]' /></td>
+ " : '' ) . "
+ </tr>";
+ }
+ if (!$mod_printed)
+ echo '<tr><td class="' . $cls . '" colspan="5">' . $lang->get('groupcp_msg_no_mods') . '</td></th>';
+ echo '<tr><th class="subhead" colspan="5">' . $lang->get('groupcp_th_group_members') . '</th></tr>';
+ foreach ( $members as $member )
+ {
+ if ( $member['is_mod'] == 1 )
+ continue;
+
+ $date = enano_date(ED_DATE, $member['reg_time']);
+ $cls = ( $cls == 'row2' ) ? 'row1' : 'row2';
+ $addy = $email->encryptEmail($member['email']);
+
+ $mem_printed = true;
+
+ echo "<tr>
+ <td class='{$cls}'>{$member['username']}</td>
+ <td class='{$cls}'>{$addy}</td>
+ <td class='{$cls}'>{$date}</td>
+ <td class='{$cls}'>{$member['num_comments']}</td>
+ " . ( ( $can_do_admin_stuff ) ? "
+ <td class='{$cls}' style='text-align: center;'><input type='checkbox' name='del_user[{$member['member_id']}]' /></td>
+ " : '' ) . "
+ </tr>";
+ }
+ if (!$mem_printed)
+ echo '<tr><td class="' . $cls . '" colspan="5">' . $lang->get('groupcp_msg_no_members') . '</td></th>';
+ echo ' </table>
+ </div>';
+ if ( $can_do_admin_stuff )
+ {
+ echo "<div style='margin: 10px 0 0 auto;'><input type='submit' name='do_del_user' value=\"" . $lang->get('groupcp_btn_remove_selected') . "\" /></div>";
+ }
+ echo '<input name="group_id" value="' . $gid . '" type="hidden" />
+ </form>';
+ if ( $can_do_admin_stuff )
+ {
+ echo '<form action="' . makeUrl($paths->page, 'act=adduser') . '" method="post" enctype="multipart/form-data" onsubmit="if(!submitAuthorized) return false;">
+ <div class="tblholder">
+ <table border="0" cellspacing="1" cellpadding="4">
+ <tr>
+ <th colspan="2">' . $lang->get('groupcp_th_add_member') . '</th>
+ </tr>
+ <tr>
+ <td class="row2">' . $lang->get('groupcp_lbl_username') . '</td><td class="row1">' . $template->username_field('add_username') . '</td>
+ </tr>
+ <tr>
+ <td class="row2">' . $lang->get('groupcp_lbl_moderator') . '</td><td class="row1"><label><input type="checkbox" name="add_mod" /> ' . $lang->get('groupcp_lbl_make_mod') . '</label></td>
+ </tr>
+ <tr>
+ <th class="subhead" colspan="2">
+ <input type="submit" value="' . $lang->get('groupcp_btn_add_member') . '" />
+ </th>
+ </tr>
+ </table>
+ </div>
+ <input name="group_id" value="' . $gid . '" type="hidden" />
+ </form>';
+ }
+ }
+ else
+ {
+ echo '<form action="'.makeUrlNS('Special', 'Usergroups').'" method="post" onsubmit="if(!submitAuthorized) return false;" enctype="multipart/form-data">';
+ echo '<div class="tblholder">
+ <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
+ <tr>
+ <th colspan="2">' . $lang->get('groupcp_th_select_group') . '</th>
+ </tr>
+ <tr>
+ <td class="row2" style="text-align: right; width: 50%;">
+ ' . $lang->get('groupcp_lbl_current_memberships') . '
+ </td>
+ <td class="row1" style="width: 50%;">';
+ $taboo = Array('Everyone');
+ if ( sizeof ( $session->groups ) > count($taboo) )
+ {
+ echo '<select name="group_id">';
+ foreach ( $session->groups as $id => $group )
+ {
+ $taboo[] = $db->escape($group);
+ $group = htmlspecialchars($group);
+ if ( $group != 'Everyone' )
+ {
+ $g_name_local = 'groupcp_grp_' . strtolower($group);
+ $str = $lang->get($g_name_local);
+ if ( $str != $g_name_local )
+ $group = $str;
+ echo '<option value="' . $id . '">' . $group . '</option>';
+ }
+ }
+ echo '</select>
+ <input type="submit" name="do_view" value="' . $lang->get('groupcp_btn_view') . '" />';
+ }
+ else
+ {
+ echo 'None';
+ }
+
+ echo '</td>
+ </tr>';
+ $taboo = 'WHERE group_name != \'' . implode('\' AND group_name != \'', $taboo) . '\'';
+ $q = $db->sql_query('SELECT group_id,group_name FROM '.table_prefix.'groups '.$taboo.' AND group_type != ' . GROUP_HIDDEN . ' ORDER BY group_name ASC;');
+ if(!$q)
+ {
+ echo $db->get_error();
+ $template->footer();
+ return;
+ }
+ if($db->numrows() > 0)
+ {
+ echo '<tr>
+ <td class="row2" style="text-align: right;">
+ ' . $lang->get('groupcp_lbl_non_memberships') . '
+ </td>
+ <td class="row1">
+ <select name="group_id_n">';
+ while ( $row = $db->fetchrow() )
+ {
+ if ( $row['group_name'] != 'Everyone' )
+ {
+ echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars($row['group_name']) . '</option>';
+ }
+ }
+ echo '</select>
+ <input type="submit" name="do_view_n" value="' . $lang->get('groupcp_btn_view') . '" />
+ </td>
+ </tr>
+ ';
+ }
+ $db->free_result();
+ echo '</table>
+ </div>
+ </form>';
+ }
+ $template->footer();
}
?>