| author | Dan |
| Thu, 12 Jul 2007 01:04:01 -0400 | |
| changeset 2 | a8a21e1c7afa |
| parent 0 | f9ffdbd96607 |
| permissions | -rw-r--r-- |
| 0 | 1 |
<?php |
2 |
/*********************************************************************** |
|
3 |
||
4 |
Copyright (C) 2002-2005 Rickard Andersson (rickard@punbb.org) |
|
5 |
||
6 |
This file is part of PunBB. |
|
7 |
||
8 |
PunBB is free software; you can redistribute it and/or modify it |
|
9 |
under the terms of the GNU General Public License as published |
|
10 |
by the Free Software Foundation; either version 2 of the License, |
|
11 |
or (at your option) any later version. |
|
12 |
||
13 |
PunBB is distributed in the hope that it will be useful, but |
|
14 |
WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
GNU General Public License for more details. |
|
17 |
||
18 |
You should have received a copy of the GNU General Public License |
|
19 |
along with this program; if not, write to the Free Software |
|
20 |
Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 |
MA 02111-1307 USA |
|
22 |
||
23 |
************************************************************************/ |
|
24 |
||
25 |
||
26 |
// Tell header.php to use the admin template |
|
27 |
define('PUN_ADMIN_CONSOLE', 1);
|
|
28 |
||
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
29 |
//define('PUN_ROOT', './');
|
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
30 |
//require PUN_ROOT.'include/common.php'; |
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
31 |
|
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
32 |
global $pun_db, $pun_user, $pun_config, $lang_common; |
|
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
33 |
|
| 0 | 34 |
require PUN_ROOT.'include/common_admin.php'; |
35 |
||
36 |
||
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
37 |
if ($pun_user['g_id'] < PUN_ADMIN) |
| 0 | 38 |
message($lang_common['No permission']); |
39 |
||
40 |
||
41 |
if (isset($_POST['form_sent'])) |
|
42 |
{
|
|
43 |
confirm_referrer('admin_permissions.php');
|
|
44 |
||
45 |
$form = array_map('intval', $_POST['form']);
|
|
46 |
||
47 |
while (list($key, $input) = @each($form)) |
|
48 |
{
|
|
49 |
// Only update values that have changed |
|
50 |
if (array_key_exists('p_'.$key, $pun_config) && $pun_config['p_'.$key] != $input)
|
|
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
51 |
$pun_db->query('UPDATE '.$pun_db->prefix.'config SET conf_value='.$input.' WHERE conf_name=\'p_'.$pun_db->escape($key).'\'') or error('Unable to update board config', __FILE__, __LINE__, $pun_db->error());
|
| 0 | 52 |
} |
53 |
||
54 |
// Regenerate the config cache |
|
55 |
require_once PUN_ROOT.'include/cache.php'; |
|
56 |
generate_config_cache(); |
|
57 |
||
|
2
a8a21e1c7afa
Let's just say that the API loads. While a decent part of PunBB works, we've still got a LONG way to go, mainly with form validation and security. At this point, Punano is NOT secure as far as privileges and user levels go.
Dan
parents:
0
diff
changeset
|
58 |
pun_redirect('admin_permissions.php', 'Permissions updated. Redirecting …');
|
| 0 | 59 |
} |
60 |
||
61 |
||
62 |
$page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / Permissions'; |
|
63 |
require PUN_ROOT.'header.php'; |
|
64 |
generate_admin_menu('permissions');
|
|
65 |
||
66 |
?> |
|
67 |
<div class="blockform"> |
|
68 |
<h2><span>Permissions</span></h2> |
|
69 |
<div class="box"> |
|
70 |
<form method="post" action="admin_permissions.php"> |
|
71 |
<p class="submittop"><input type="submit" name="save" value="Save changes" /></p> |
|
72 |
<div class="inform"> |
|
73 |
<input type="hidden" name="form_sent" value="1" /> |
|
74 |
<fieldset> |
|
75 |
<legend>Posting</legend> |
|
76 |
<div class="infldset"> |
|
77 |
<table class="aligntop" cellspacing="0"> |
|
78 |
<tr> |
|
79 |
<th scope="row">BBCode</th> |
|
80 |
<td> |
|
81 |
<input type="radio" name="form[message_bbcode]" value="1"<?php if ($pun_config['p_message_bbcode'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[message_bbcode]" value="0"<?php if ($pun_config['p_message_bbcode'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
82 |
<span>Allow BBCode in posts (recommended).</span> |
|
83 |
</td> |
|
84 |
</tr> |
|
85 |
<tr> |
|
86 |
<th scope="row">Image tag</th> |
|
87 |
<td> |
|
88 |
<input type="radio" name="form[message_img_tag]" value="1"<?php if ($pun_config['p_message_img_tag'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[message_img_tag]" value="0"<?php if ($pun_config['p_message_img_tag'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
89 |
<span>Allow the BBCode [img][/img] tag in posts.</span> |
|
90 |
</td> |
|
91 |
</tr> |
|
92 |
<tr> |
|
93 |
<th scope="row">All caps message</th> |
|
94 |
<td> |
|
95 |
<input type="radio" name="form[message_all_caps]" value="1"<?php if ($pun_config['p_message_all_caps'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[message_all_caps]" value="0"<?php if ($pun_config['p_message_all_caps'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
96 |
<span>Allow a message to contain only capital letters.</span> |
|
97 |
</td> |
|
98 |
</tr> |
|
99 |
<tr> |
|
100 |
<th scope="row">All caps subject</th> |
|
101 |
<td> |
|
102 |
<input type="radio" name="form[subject_all_caps]" value="1"<?php if ($pun_config['p_subject_all_caps'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[subject_all_caps]" value="0"<?php if ($pun_config['p_subject_all_caps'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
103 |
<span>Allow a subject to contain only capital letters.</span> |
|
104 |
</td> |
|
105 |
</tr> |
|
106 |
<tr> |
|
107 |
<th scope="row">Require guest e-mail</th> |
|
108 |
<td> |
|
109 |
<input type="radio" name="form[force_guest_email]" value="1"<?php if ($pun_config['p_force_guest_email'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[force_guest_email]" value="0"<?php if ($pun_config['p_force_guest_email'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
110 |
<span>Require guests to supply an e-mail address when posting.</span> |
|
111 |
</td> |
|
112 |
</tr> |
|
113 |
</table> |
|
114 |
</div> |
|
115 |
</fieldset> |
|
116 |
</div> |
|
117 |
<div class="inform"> |
|
118 |
<fieldset> |
|
119 |
<legend>Signatures</legend> |
|
120 |
<div class="infldset"> |
|
121 |
<table class="aligntop" cellspacing="0"> |
|
122 |
<tr> |
|
123 |
<th scope="row">BBCodes in signatures</th> |
|
124 |
<td> |
|
125 |
<input type="radio" name="form[sig_bbcode]" value="1"<?php if ($pun_config['p_sig_bbcode'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[sig_bbcode]" value="0"<?php if ($pun_config['p_sig_bbcode'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
126 |
<span>Allow BBCodes in user signatures.</span> |
|
127 |
</td> |
|
128 |
</tr> |
|
129 |
<tr> |
|
130 |
<th scope="row">Image tag in signatures</th> |
|
131 |
<td> |
|
132 |
<input type="radio" name="form[sig_img_tag]" value="1"<?php if ($pun_config['p_sig_img_tag'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[sig_img_tag]" value="0"<?php if ($pun_config['p_sig_img_tag'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
133 |
<span>Allow the BBCode [img][/img] tag in user signatures (not recommended).</span> |
|
134 |
</td> |
|
135 |
</tr> |
|
136 |
<tr> |
|
137 |
<th scope="row">All caps signature</th> |
|
138 |
<td> |
|
139 |
<input type="radio" name="form[sig_all_caps]" value="1"<?php if ($pun_config['p_sig_all_caps'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[sig_all_caps]" value="0"<?php if ($pun_config['p_sig_all_caps'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
140 |
<span>Allow a signature to contain only capital letters.</span> |
|
141 |
</td> |
|
142 |
</tr> |
|
143 |
<tr> |
|
144 |
<th scope="row">Maximum signature length</th> |
|
145 |
<td> |
|
146 |
<input type="text" name="form[sig_length]" size="5" maxlength="5" value="<?php echo $pun_config['p_sig_length'] ?>" /> |
|
147 |
<span>The maximum number of characters a user signature may contain.</span> |
|
148 |
</td> |
|
149 |
</tr> |
|
150 |
<tr> |
|
151 |
<th scope="row">Maximum signature lines</th> |
|
152 |
<td> |
|
153 |
<input type="text" name="form[sig_lines]" size="3" maxlength="3" value="<?php echo $pun_config['p_sig_lines'] ?>" /> |
|
154 |
<span>The maximum number of lines a user signature may contain.</span> |
|
155 |
</td> |
|
156 |
</tr> |
|
157 |
</table> |
|
158 |
</div> |
|
159 |
</fieldset> |
|
160 |
</div> |
|
161 |
<div class="inform"> |
|
162 |
<fieldset> |
|
163 |
<legend>Moderators</legend> |
|
164 |
<div class="infldset"> |
|
165 |
<table class="aligntop" cellspacing="0"> |
|
166 |
<tr> |
|
167 |
<th scope="row">Edit user profiles</th> |
|
168 |
<td> |
|
169 |
<input type="radio" name="form[mod_edit_users]" value="1"<?php if ($pun_config['p_mod_edit_users'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[mod_edit_users]" value="0"<?php if ($pun_config['p_mod_edit_users'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
170 |
<span>Allow moderators to edit user profiles.</span> |
|
171 |
</td> |
|
172 |
</tr> |
|
173 |
<tr> |
|
174 |
<th scope="row">Rename users</th> |
|
175 |
<td> |
|
176 |
<input type="radio" name="form[mod_rename_users]" value="1"<?php if ($pun_config['p_mod_rename_users'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[mod_rename_users]" value="0"<?php if ($pun_config['p_mod_rename_users'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
177 |
<span>Allow moderators to rename users. Other moderators and administrators are excluded.</span> |
|
178 |
</td> |
|
179 |
</tr> |
|
180 |
<tr> |
|
181 |
<th scope="row">Change user passwords</th> |
|
182 |
<td> |
|
183 |
<input type="radio" name="form[mod_change_passwords]" value="1"<?php if ($pun_config['p_mod_change_passwords'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[mod_change_passwords]" value="0"<?php if ($pun_config['p_mod_change_passwords'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
184 |
<span>Allow moderators to change user passwords. Other moderators and administrators are excluded.</span> |
|
185 |
</td> |
|
186 |
</tr> |
|
187 |
<tr> |
|
188 |
<th scope="row">Ban users</th> |
|
189 |
<td> |
|
190 |
<input type="radio" name="form[mod_ban_users]" value="1"<?php if ($pun_config['p_mod_ban_users'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[mod_ban_users]" value="0"<?php if ($pun_config['p_mod_ban_users'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
191 |
<span>Allow moderators to ban users (and edit/remove current bans).</span> |
|
192 |
</td> |
|
193 |
</tr> |
|
194 |
</table> |
|
195 |
</div> |
|
196 |
</fieldset> |
|
197 |
</div> |
|
198 |
<div class="inform"> |
|
199 |
<fieldset> |
|
200 |
<legend>Registration</legend> |
|
201 |
<div class="infldset"> |
|
202 |
<table class="aligntop" cellspacing="0"> |
|
203 |
<tr> |
|
204 |
<th scope="row">Allow banned e-mail addresses</th> |
|
205 |
<td> |
|
206 |
<input type="radio" name="form[allow_banned_email]" value="1"<?php if ($pun_config['p_allow_banned_email'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[allow_banned_email]" value="0"<?php if ($pun_config['p_allow_banned_email'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
207 |
<span>Allow users to register with or change to a banned e-mail address/domain. If left at it's default setting (yes) this action will be allowed, but an alert e-mail will be sent to the mailing list (an effective way of detecting multiple registrations).</span> |
|
208 |
</td> |
|
209 |
</tr> |
|
210 |
<tr> |
|
211 |
<th scope="row">Allow duplicate e-mail addresses</th> |
|
212 |
<td> |
|
213 |
<input type="radio" name="form[allow_dupe_email]" value="1"<?php if ($pun_config['p_allow_dupe_email'] == '1') echo ' checked="checked"' ?> /> <strong>Yes</strong> <input type="radio" name="form[allow_dupe_email]" value="0"<?php if ($pun_config['p_allow_dupe_email'] == '0') echo ' checked="checked"' ?> /> <strong>No</strong> |
|
214 |
<span>Controls whether users should be allowed to register with an e-mail address that another user already has. If allowed, an alert e-mail will be sent to the mailing list if a duplicate is detected.</span> |
|
215 |
</td> |
|
216 |
</tr> |
|
217 |
</table> |
|
218 |
</div> |
|
219 |
</fieldset> |
|
220 |
</div> |
|
221 |
<p class="submitend"><input type="submit" name="save" value="Save changes" /></p> |
|
222 |
</form> |
|
223 |
</div> |
|
224 |
</div> |
|
225 |
<div class="clearer"></div> |
|
226 |
</div> |
|
227 |
<?php |
|
228 |
||
229 |
require PUN_ROOT.'footer.php'; |