|
1 <?php |
|
2 /*********************************************************************** |
|
3 |
|
4 Copyright (C) 2002-2008 PunBB.org |
|
5 |
|
6 This file is part of PunBB. |
|
7 |
|
8 PunBB is free software; you can redistribute it and/or modify it |
|
9 under the terms of the GNU General Public License as published |
|
10 by the Free Software Foundation; either version 2 of the License, |
|
11 or (at your option) any later version. |
|
12 |
|
13 PunBB is distributed in the hope that it will be useful, but |
|
14 WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 GNU General Public License for more details. |
|
17 |
|
18 You should have received a copy of the GNU General Public License |
|
19 along with this program; if not, write to the Free Software |
|
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, |
|
21 MA 02111-1307 USA |
|
22 |
|
23 ************************************************************************/ |
|
24 |
|
25 |
|
26 // if (!defined('PUN_ROOT')) |
|
27 // define('PUN_ROOT', '../'); |
|
28 // require PUN_ROOT.'include/common.php'; |
|
29 require PUN_ROOT.'include/common_admin.php'; |
|
30 |
|
31 // import globals (I really hope this isn't dangerous) |
|
32 foreach ( $GLOBALS as $key => $_ ) |
|
33 { |
|
34 $$key =& $GLOBALS[$key]; |
|
35 } |
|
36 |
|
37 ($hook = get_hook('agr_start')) ? eval($hook) : null; |
|
38 |
|
39 if ($session->user_level < USER_LEVEL_ADMIN) |
|
40 message($lang_common['No permission']); |
|
41 |
|
42 // Load the admin.php language file |
|
43 require PUN_ROOT.'lang/'.$pun_user['language'].'/admin.php'; |
|
44 $GLOBALS['lang_admin'] = $lang_admin; |
|
45 |
|
46 |
|
47 // Add/edit a group (stage 1) |
|
48 if (isset($_POST['add_group']) || isset($_GET['edit_group'])) |
|
49 { |
|
50 if (isset($_POST['add_group'])) |
|
51 { |
|
52 ($hook = get_hook('agr_add_group_form_submitted')) ? eval($hook) : null; |
|
53 |
|
54 $base_group = intval($_POST['base_group']); |
|
55 |
|
56 $query = array( |
|
57 'SELECT' => 'g.*', |
|
58 'FROM' => 'groups AS g', |
|
59 'WHERE' => 'g.g_id='.$base_group |
|
60 ); |
|
61 |
|
62 ($hook = get_hook('agr_qr_get_base_group')) ? eval($hook) : null; |
|
63 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
64 $group = $pun_db->fetch_assoc($result); |
|
65 |
|
66 $mode = 'add'; |
|
67 } |
|
68 else // We are editing a group |
|
69 { |
|
70 ($hook = get_hook('agr_edit_group_form_submitted')) ? eval($hook) : null; |
|
71 |
|
72 $group_id = intval($_GET['edit_group']); |
|
73 if ($group_id < 1) |
|
74 message($lang_common['Bad request']); |
|
75 |
|
76 $query = array( |
|
77 'SELECT' => 'g.*', |
|
78 'FROM' => 'groups AS g', |
|
79 'WHERE' => 'g.g_id='.$group_id |
|
80 ); |
|
81 |
|
82 ($hook = get_hook('agr_qr_get_group')) ? eval($hook) : null; |
|
83 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
84 if (!$pun_db->num_rows($result)) |
|
85 message($lang_common['Bad request']); |
|
86 |
|
87 $group = $pun_db->fetch_assoc($result); |
|
88 |
|
89 $mode = 'edit'; |
|
90 } |
|
91 |
|
92 // Setup the form |
|
93 $pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0; |
|
94 |
|
95 // Setup breadcrumbs |
|
96 $pun_page['crumbs'] = array( |
|
97 array($pun_config['o_board_title'], pun_link($pun_url['index'])), |
|
98 array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])), |
|
99 array($lang_admin['Groups'], pun_link($pun_url['admin_groups'])), |
|
100 $mode == 'edit' ? $lang_admin['Edit group heading'] : $lang_admin['Add group heading'] |
|
101 ); |
|
102 |
|
103 ($hook = get_hook('agr_add_edit_group_pre_header_load')) ? eval($hook) : null; |
|
104 |
|
105 define('PUN_PAGE_SECTION', 'users'); |
|
106 define('PUN_PAGE', 'admin-groups'); |
|
107 require PUN_ROOT.'header.php'; |
|
108 |
|
109 ?> |
|
110 <div id="pun-main" class="main sectioned admin"> |
|
111 |
|
112 |
|
113 <?php echo generate_admin_menu(); ?> |
|
114 |
|
115 <div class="main-head"> |
|
116 <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1> |
|
117 </div> |
|
118 |
|
119 <div class="main-content frm parted"> |
|
120 <div class="frm-head"> |
|
121 <h2><span><?php echo $lang_admin['Group settings heading'] ?></span></h2> |
|
122 </div> |
|
123 <div id="req-msg" class="frm-warn"> |
|
124 <p class="important"><?php printf($lang_common['Required warn'], '<em class="req-text">'.$lang_common['Required'].'</em>') ?></p> |
|
125 </div> |
|
126 <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>"> |
|
127 <div class="hidden"> |
|
128 <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups'])) ?>" /> |
|
129 <input type="hidden" name="mode" value="<?php echo $mode ?>" /> |
|
130 <?php if ($mode == 'edit'): ?> <input type="hidden" name="group_id" value="<?php echo $group_id ?>" /> |
|
131 <?php endif; if ($mode == 'add'): ?> <input type="hidden" name="base_group" value="<?php echo $base_group ?>" /> |
|
132 <?php endif; ?> </div> |
|
133 <?php ($hook = get_hook('agr_add_edit_group_pre_title_part')) ? eval($hook) : null; ?> |
|
134 <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>"> |
|
135 <h3><span><?php printf($lang_admin['Group title head'], $pun_page['part_count']) ?></span></h3> |
|
136 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
137 <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend> |
|
138 <div class="frm-fld text required"> |
|
139 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
140 <span class="fld-label"><?php echo $lang_admin['Group title'] ?></span><br /> |
|
141 <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="req_title" size="25" maxlength="50" value="<?php if ($mode == 'edit') echo htmlspecialchars($group['g_title']); ?>" /></span> |
|
142 <em class="req-text"><?php echo $lang_common['Required'] ?></em> |
|
143 </label> |
|
144 </div> |
|
145 <div class="frm-fld text required"> |
|
146 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
147 <span class="fld-label"><?php echo $lang_admin['User title'] ?></span><br /> |
|
148 <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="user_title" size="25" maxlength="50" value="<?php echo htmlspecialchars($group['g_user_title']) ?>" /></span> |
|
149 <span class="fld-help"><?php echo $lang_admin['User title info'] ?></span> |
|
150 </label> |
|
151 </div> |
|
152 <?php ($hook = get_hook('agr_add_edit_group_title_end')) ? eval($hook) : null; ?> |
|
153 </fieldset> |
|
154 <?php |
|
155 |
|
156 // The rest of the form is for non-admin groups only |
|
157 if ($group['g_id'] != PUN_ADMIN) |
|
158 { |
|
159 // Reset fieldset counter |
|
160 $pun_page['set_count'] = 0; |
|
161 |
|
162 ?> |
|
163 </div> |
|
164 <?php ($hook = get_hook('agr_add_edit_group_pre_permissions_part')) ? eval($hook) : null; ?> |
|
165 <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>"> |
|
166 <h3><span><?php printf($lang_admin['Group perms head'], $pun_page['part_count']) ?></span></h3> |
|
167 <?php if ($mode == 'edit' && $pun_config['o_default_user_group'] == $group['g_id']): ?> <div class="frm-info"> |
|
168 <p class="warn"><?php echo $lang_admin['Moderator default group'] ?></p> |
|
169 </div> |
|
170 <?php endif; ?> <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
171 <legend class="frm-legend"><strong><?php echo $lang_admin['Permissions'] ?></strong></legend> |
|
172 <?php if ($group['g_id'] != PUN_GUEST): if ($mode != 'edit' || $pun_config['o_default_user_group'] != $group['g_id']): ?><fieldset class="frm-group"> |
|
173 <legend><span><?php echo $lang_admin['Mod permissions'] ?></span></legend> |
|
174 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="moderator" value="1"<?php if ($group['g_moderator'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow moderate'] ?> <em class="field-info"><?php echo $lang_admin['Mods warning'] ?></em></label></div> |
|
175 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_edit_users" value="1"<?php if ($group['g_mod_edit_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod edit profiles'] ?></label></div> |
|
176 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_rename_users" value="1"<?php if ($group['g_mod_rename_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod edit username'] ?></label></div> |
|
177 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_change_passwords" value="1"<?php if ($group['g_mod_change_passwords'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod change pass'] ?></label></div> |
|
178 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_ban_users" value="1"<?php if ($group['g_mod_ban_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod bans'] ?></label></div> |
|
179 </fieldset> |
|
180 <?php endif; endif; ?> <fieldset class="frm-group"> |
|
181 <legend><span><?php echo $lang_admin['User permissions'] ?></span></legend> |
|
182 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="read_board" value="1"<?php if ($group['g_read_board'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow read board'] ?></label><br /> <em class="field-info"><?php echo $lang_admin['Allow read board info'] ?></em></div> |
|
183 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="view_users" value="1"<?php if ($group['g_view_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow view users'] ?></label></div> |
|
184 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_replies" value="1"<?php if ($group['g_post_replies'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow post replies'] ?></label></div> |
|
185 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_topics" value="1"<?php if ($group['g_post_topics'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow post topics'] ?></label></div> |
|
186 <?php if ($group['g_id'] != PUN_GUEST): ?> <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="edit_posts" value="1"<?php if ($group['g_edit_posts'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow edit posts'] ?></label></div> |
|
187 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="delete_posts" value="1"<?php if ($group['g_delete_posts'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow delete posts'] ?></label></div> |
|
188 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="delete_topics" value="1"<?php if ($group['g_delete_topics'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow delete topics'] ?></label></div> |
|
189 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="set_title" value="1"<?php if ($group['g_set_title'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow set user title'] ?></label></div> |
|
190 <?php endif; ?> <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="search" value="1"<?php if ($group['g_search'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow use search'] ?></label></div> |
|
191 <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="search_users" value="1"<?php if ($group['g_search_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow search users'] ?></label></div> |
|
192 </fieldset> |
|
193 <?php ($hook = get_hook('agr_add_edit_group_permissions_end')) ? eval($hook) : null; ?> |
|
194 </fieldset> |
|
195 <?php |
|
196 |
|
197 // Reset fieldset counter |
|
198 $pun_page['set_count'] = 0; |
|
199 |
|
200 // The rest of the form is for non-guest groups only |
|
201 if ($group['g_id'] != PUN_GUEST) |
|
202 { |
|
203 |
|
204 ?> |
|
205 </div> |
|
206 <?php ($hook = get_hook('agr_add_edit_group_pre_flood_part')) ? eval($hook) : null; ?> |
|
207 <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>"> |
|
208 <h3><span><?php printf($lang_admin['Group flood head'], $pun_page['part_count']) ?></span></h3> |
|
209 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
210 <legend class="frm-legend"><span><?php echo $lang_admin['Restrictions'] ?></span></legend> |
|
211 <div class="frm-fld text"> |
|
212 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
213 <span class="fld-label"><?php echo $lang_admin['Edit interval'] ?></span><br /> |
|
214 <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="edit_subjects_interval" size="5" maxlength="5" value="<?php echo $group['g_edit_subjects_interval'] ?>" /></span> |
|
215 <span class="fld-help"><?php echo $lang_admin['Edit interval info'] ?></span> |
|
216 </label> |
|
217 </div> |
|
218 <div class="frm-fld text"> |
|
219 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
220 <span class="fld-label"><?php echo $lang_admin['Flood interval'] ?></span><br /> |
|
221 <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_flood" size="5" maxlength="4" value="<?php echo $group['g_post_flood'] ?>" /></span> |
|
222 <span class="fld-help"><?php echo $lang_admin['Flood interval info'] ?></span> |
|
223 </label> |
|
224 </div> |
|
225 <div class="frm-fld text"> |
|
226 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
227 <span class="fld-label"><?php echo $lang_admin['Search interval'] ?></span><br /> |
|
228 <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="search_flood" size="5" maxlength="4" value="<?php echo $group['g_search_flood'] ?>" /></span> |
|
229 <span class="fld-help"><?php echo $lang_admin['Search interval info'] ?></span> |
|
230 </label> |
|
231 </div> |
|
232 <?php ($hook = get_hook('agr_add_edit_group_flood_end')) ? eval($hook) : null; ?> |
|
233 </fieldset> |
|
234 <?php |
|
235 |
|
236 } |
|
237 } |
|
238 |
|
239 ?> |
|
240 <div class="frm-buttons"> |
|
241 <span class="submit"><input type="submit" class="button" name="add_edit_group" value=" <?php echo $lang_admin['Save'] ?> " /></span> |
|
242 </div> |
|
243 </div> |
|
244 </form> |
|
245 </div> |
|
246 |
|
247 </div> |
|
248 <?php |
|
249 |
|
250 require PUN_ROOT.'footer.php'; |
|
251 } |
|
252 |
|
253 |
|
254 // Add/edit a group (stage 2) |
|
255 else if (isset($_POST['add_edit_group'])) |
|
256 { |
|
257 // Is this the admin group? (special rules apply) |
|
258 $is_admin_group = (isset($_POST['group_id']) && $_POST['group_id'] == PUN_ADMIN) ? true : false; |
|
259 |
|
260 $title = trim($_POST['req_title']); |
|
261 $user_title = trim($_POST['user_title']); |
|
262 $moderator = isset($_POST['moderator']) && $_POST['moderator'] == '1' ? '1' : '0'; |
|
263 $mod_edit_users = $moderator == '1' && isset($_POST['mod_edit_users']) && $_POST['mod_edit_users'] == '1' ? '1' : '0'; |
|
264 $mod_rename_users = $moderator == '1' && isset($_POST['mod_rename_users']) && $_POST['mod_rename_users'] == '1' ? '1' : '0'; |
|
265 $mod_change_passwords = $moderator == '1' && isset($_POST['mod_change_passwords']) && $_POST['mod_change_passwords'] == '1' ? '1' : '0'; |
|
266 $mod_ban_users = $moderator == '1' && isset($_POST['mod_ban_users']) && $_POST['mod_ban_users'] == '1' ? '1' : '0'; |
|
267 $read_board = (isset($_POST['read_board']) && $_POST['read_board'] == '1') || $is_admin_group ? '1' : '0'; |
|
268 $view_users = (isset($_POST['view_users']) && $_POST['view_users'] == '1') || $is_admin_group ? '1' : '0'; |
|
269 $post_replies = (isset($_POST['post_replies']) && $_POST['post_replies'] == '1') || $is_admin_group ? '1' : '0'; |
|
270 $post_topics = (isset($_POST['post_topics']) && $_POST['post_topics'] == '1') || $is_admin_group ? '1' : '0'; |
|
271 $edit_posts = (isset($_POST['edit_posts']) && $_POST['edit_posts'] == '1') || $is_admin_group ? '1' : '0'; |
|
272 $delete_posts = (isset($_POST['delete_posts']) && $_POST['delete_posts'] == '1') || $is_admin_group ? '1' : '0'; |
|
273 $delete_topics = (isset($_POST['delete_topics']) && $_POST['delete_topics'] == '1') || $is_admin_group ? '1' : '0'; |
|
274 $set_title = (isset($_POST['set_title']) && $_POST['set_title'] == '1') || $is_admin_group ? '1' : '0'; |
|
275 $search = (isset($_POST['search']) && $_POST['search'] == '1') || $is_admin_group ? '1' : '0'; |
|
276 $search_users = (isset($_POST['search_users']) && $_POST['search_users'] == '1') || $is_admin_group ? '1' : '0'; |
|
277 $edit_subjects_interval = isset($_POST['edit_subjects_interval']) ? intval($_POST['edit_subjects_interval']) : '0'; |
|
278 $post_flood = isset($_POST['post_flood']) ? intval($_POST['post_flood']) : '0'; |
|
279 $search_flood = isset($_POST['search_flood']) ? intval($_POST['search_flood']) : '0'; |
|
280 |
|
281 if ($title == '') |
|
282 message($lang_admin['Must enter group message']); |
|
283 |
|
284 $user_title = ($user_title != '') ? '\''.$pun_db->escape($user_title).'\'' : 'NULL'; |
|
285 |
|
286 if ($_POST['mode'] == 'add') |
|
287 { |
|
288 ($hook = get_hook('agr_add_group_form_submitted2')) ? eval($hook) : null; |
|
289 |
|
290 $query = array( |
|
291 'SELECT' => '1', |
|
292 'FROM' => 'groups AS g', |
|
293 'WHERE' => 'g_title=\''.$pun_db->escape($title).'\'' |
|
294 ); |
|
295 |
|
296 ($hook = get_hook('agr_qr_check_group_title_collision')) ? eval($hook) : null; |
|
297 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
298 if ($pun_db->num_rows($result)) |
|
299 message(sprintf($lang_admin['Already a group message'], htmlspecialchars($title))); |
|
300 |
|
301 // Insert the new group |
|
302 $query = array( |
|
303 'INSERT' => 'g_title, g_user_title, g_moderator, g_mod_edit_users, g_mod_rename_users, g_mod_change_passwords, g_mod_ban_users, g_read_board, g_view_users, g_post_replies, g_post_topics, g_edit_posts, g_delete_posts, g_delete_topics, g_set_title, g_search, g_search_users, g_edit_subjects_interval, g_post_flood, g_search_flood', |
|
304 'INTO' => 'groups', |
|
305 'VALUES' => '\''.$pun_db->escape($title).'\', '.$user_title.', '.$moderator.', '.$mod_edit_users.', '.$mod_rename_users.', '.$mod_change_passwords.', '.$mod_ban_users.', '.$read_board.', '.$view_users.', '.$post_replies.', '.$post_topics.', '.$edit_posts.', '.$delete_posts.', '.$delete_topics.', '.$set_title.', '.$search.', '.$search_users.', '.$edit_subjects_interval.', '.$post_flood.', '.$search_flood |
|
306 ); |
|
307 |
|
308 ($hook = get_hook('agr_qy_add_group')) ? eval($hook) : null; |
|
309 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
310 $new_group_id = $pun_db->insert_id(); |
|
311 |
|
312 // Now lets copy the forum specific permissions from the group which this group is based on |
|
313 $query = array( |
|
314 'SELECT' => 'fp.forum_id, fp.read_forum, fp.post_replies, fp.post_topics', |
|
315 'FROM' => 'forum_perms AS fp', |
|
316 'WHERE' => 'group_id='.intval($_POST['base_group']) |
|
317 ); |
|
318 |
|
319 ($hook = get_hook('agr_qr_get_group_forum_perms')) ? eval($hook) : null; |
|
320 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
321 while ($cur_forum_perm = $pun_db->fetch_assoc($result)) |
|
322 { |
|
323 $query = array( |
|
324 'INSERT' => 'group_id, forum_id, read_forum, post_replies, post_topics', |
|
325 'INTO' => 'forum_perms', |
|
326 'VALUES' => $new_group_id.', '.$cur_forum_perm['forum_id'].', '.$cur_forum_perm['read_forum'].', '.$cur_forum_perm['post_replies'].', '.$cur_forum_perm['post_topics'] |
|
327 ); |
|
328 |
|
329 ($hook = get_hook('agr_qy_add_group_forum_perms')) ? eval($hook) : null; |
|
330 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
331 } |
|
332 } |
|
333 else |
|
334 { |
|
335 $group_id = intval($_POST['group_id']); |
|
336 |
|
337 ($hook = get_hook('agr_edit_group_form_submitted2')) ? eval($hook) : null; |
|
338 |
|
339 // Make sure admins and guests don't get moderator privileges |
|
340 if ($group_id == PUN_ADMIN || $group_id == PUN_GUEST) |
|
341 $moderator = '0'; |
|
342 |
|
343 // Make sure the default group isn't assigned moderator privileges |
|
344 if ($moderator == '1' && $pun_config['o_default_user_group'] == $group_id) |
|
345 message($lang_admin['Moderator default group']); |
|
346 |
|
347 $query = array( |
|
348 'SELECT' => '1', |
|
349 'FROM' => 'groups AS g', |
|
350 'WHERE' => 'g_title=\''.$pun_db->escape($title).'\' AND g_id!='.$group_id |
|
351 ); |
|
352 |
|
353 ($hook = get_hook('agr_qr_check_group_title_collision2')) ? eval($hook) : null; |
|
354 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
355 if ($pun_db->num_rows($result)) |
|
356 message(sprintf($lang_admin['Already a group message'], htmlspecialchars($title))); |
|
357 |
|
358 // Save changes |
|
359 $query = array( |
|
360 'UPDATE' => 'groups', |
|
361 'SET' => 'g_title=\''.$pun_db->escape($title).'\', g_user_title='.$user_title.', g_moderator='.$moderator.', g_mod_edit_users='.$mod_edit_users.', g_mod_rename_users='.$mod_rename_users.', g_mod_change_passwords='.$mod_change_passwords.', g_mod_ban_users='.$mod_ban_users.', g_read_board='.$read_board.', g_view_users='.$view_users.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood, |
|
362 'WHERE' => 'g_id='.$group_id |
|
363 ); |
|
364 |
|
365 ($hook = get_hook('agr_qy_update_group')) ? eval($hook) : null; |
|
366 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
367 |
|
368 // If the group doesn't have moderator privileges (it might have had before), remove its users from the moderator list in all forums |
|
369 if (!$moderator) |
|
370 clean_forum_moderators(); |
|
371 } |
|
372 |
|
373 // Regenerate the quickjump cache |
|
374 require_once PUN_ROOT.'include/cache.php'; |
|
375 generate_quickjump_cache(); |
|
376 |
|
377 pun_redirect(pun_link($pun_url['admin_groups']), (($_POST['mode'] == 'edit') ? $lang_admin['Group edited'] : $lang_admin['Group added']).' '.$lang_admin['Redirect']); |
|
378 } |
|
379 |
|
380 |
|
381 // Set default group |
|
382 else if (isset($_POST['set_default_group'])) |
|
383 { |
|
384 $group_id = intval($_POST['default_group']); |
|
385 |
|
386 ($hook = get_hook('agr_set_default_group_form_submitted')) ? eval($hook) : null; |
|
387 |
|
388 // Make sure it's not the admin or guest groups |
|
389 if ($group_id == PUN_ADMIN || $group_id == PUN_GUEST) |
|
390 message($lang_common['Bad request']); |
|
391 |
|
392 // Make sure it's not a moderator group |
|
393 $query = array( |
|
394 'SELECT' => 'g.g_id', |
|
395 'FROM' => 'groups AS g', |
|
396 'WHERE' => 'g.g_id='.$group_id.' AND g.g_moderator=0', |
|
397 'LIMIT' => '1' |
|
398 ); |
|
399 |
|
400 ($hook = get_hook('agr_qr_get_group_moderation_status')) ? eval($hook) : null; |
|
401 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
402 if (!$pun_db->num_rows($result)) |
|
403 message($lang_common['Bad request']); |
|
404 |
|
405 $query = array( |
|
406 'UPDATE' => 'config', |
|
407 'SET' => 'conf_value='.$group_id, |
|
408 'WHERE' => 'conf_name=\'o_default_user_group\'' |
|
409 ); |
|
410 |
|
411 ($hook = get_hook('agr_qy_set_default_group')) ? eval($hook) : null; |
|
412 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
413 |
|
414 // Regenerate the config cache |
|
415 require_once PUN_ROOT.'include/cache.php'; |
|
416 generate_config_cache(); |
|
417 |
|
418 pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Default group set'].' '.$lang_admin['Redirect']); |
|
419 } |
|
420 |
|
421 |
|
422 // Remove a group |
|
423 else if (isset($_GET['del_group'])) |
|
424 { |
|
425 $group_id = intval($_GET['del_group']); |
|
426 if ($group_id < 4) |
|
427 message($lang_common['Bad request']); |
|
428 |
|
429 // User pressed the cancel button |
|
430 if (isset($_POST['del_group_cancel'])) |
|
431 pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Cancel redirect']); |
|
432 |
|
433 // Make sure we don't remove the default group |
|
434 if ($group_id == $pun_config['o_default_user_group']) |
|
435 message($lang_admin['Cannot remove default group']); |
|
436 |
|
437 ($hook = get_hook('agr_del_group_selected')) ? eval($hook) : null; |
|
438 |
|
439 |
|
440 // Check if this group has any members |
|
441 $query = array( |
|
442 'SELECT' => 'g.g_title, COUNT(u.id)', |
|
443 'FROM' => 'groups AS g', |
|
444 'JOINS' => array( |
|
445 array( |
|
446 'INNER JOIN' => 'users AS u', |
|
447 'ON' => 'g.g_id=u.group_id' |
|
448 ) |
|
449 ), |
|
450 'WHERE' => 'g.g_id='.$group_id, |
|
451 'GROUP BY' => 'g.g_id, g.g_title' |
|
452 ); |
|
453 |
|
454 ($hook = get_hook('agr_qr_get_group_member_count')) ? eval($hook) : null; |
|
455 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
456 |
|
457 // If the group doesn't have any members or if we've already selected a group to move the members to |
|
458 if (!$pun_db->num_rows($result) || isset($_POST['del_group'])) |
|
459 { |
|
460 ($hook = get_hook('agr_del_group_form_submitted')) ? eval($hook) : null; |
|
461 |
|
462 if (isset($_POST['del_group'])) // Move users |
|
463 { |
|
464 $query = array( |
|
465 'UPDATE' => 'users', |
|
466 'SET' => 'group_id='.intval($_POST['move_to_group']), |
|
467 'WHERE' => 'group_id='.$group_id |
|
468 ); |
|
469 |
|
470 ($hook = get_hook('agr_qy_move_users')) ? eval($hook) : null; |
|
471 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
472 } |
|
473 |
|
474 // Delete the group and any forum specific permissions |
|
475 $query = array( |
|
476 'DELETE' => 'groups', |
|
477 'WHERE' => 'g_id='.$group_id |
|
478 ); |
|
479 |
|
480 ($hook = get_hook('agr_qy_delete_group')) ? eval($hook) : null; |
|
481 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
482 |
|
483 $query = array( |
|
484 'DELETE' => 'forum_perms', |
|
485 'WHERE' => 'group_id='.$group_id |
|
486 ); |
|
487 |
|
488 ($hook = get_hook('agr_qy_delete_group_forum_perms')) ? eval($hook) : null; |
|
489 $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
490 |
|
491 clean_forum_moderators(); |
|
492 |
|
493 // Regenerate the quickjump cache |
|
494 require_once PUN_ROOT.'include/cache.php'; |
|
495 generate_quickjump_cache(); |
|
496 |
|
497 pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Group removed'].' '.$lang_admin['Redirect']); |
|
498 } |
|
499 |
|
500 list($group_title, $num_members) = $pun_db->fetch_row($result); |
|
501 |
|
502 |
|
503 // Setup the form |
|
504 $pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0; |
|
505 |
|
506 // Setup breadcrumbs |
|
507 $pun_page['crumbs'] = array( |
|
508 array($pun_config['o_board_title'], pun_link($pun_url['index'])), |
|
509 array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])), |
|
510 array($lang_admin['Groups'], pun_link($pun_url['admin_groups'])), |
|
511 $lang_admin['Remove group'] |
|
512 ); |
|
513 |
|
514 ($hook = get_hook('agr_del_group_pre_header_load')) ? eval($hook) : null; |
|
515 |
|
516 define('PUN_PAGE_SECTION', 'users'); |
|
517 define('PUN_PAGE', 'admin-groups'); |
|
518 require PUN_ROOT.'header.php'; |
|
519 |
|
520 ?> |
|
521 <div id="pun-main" class="main sectioned admin"> |
|
522 |
|
523 <?php echo generate_admin_menu(); ?> |
|
524 |
|
525 <div class="main-head"> |
|
526 <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1> |
|
527 </div> |
|
528 |
|
529 <div class="main-content frm"> |
|
530 <div class="frm-head"> |
|
531 <h2><span><?php printf($lang_admin['Remove group head'], htmlspecialchars($group_title), $num_members) ?></span></h2> |
|
532 </div> |
|
533 <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&del_group=<?php echo $group_id ?>"> |
|
534 <div class="hidden"> |
|
535 <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&del_group='.$group_id) ?>" /> |
|
536 </div> |
|
537 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
538 <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend> |
|
539 <div class="frm-fld select"> |
|
540 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
541 <span class="fld-label"><?php echo $lang_admin['Move users to'] ?></span><br /> |
|
542 <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="move_to_group"> |
|
543 <?php |
|
544 |
|
545 $query = array( |
|
546 'SELECT' => 'g.g_id, g.g_title', |
|
547 'FROM' => 'groups AS g', |
|
548 'WHERE' => 'g.g_id!='.PUN_GUEST.' AND g.g_id!='.$group_id, |
|
549 'ORDER BY' => 'g.g_title' |
|
550 ); |
|
551 |
|
552 ($hook = get_hook('agr_qr_get_groups')) ? eval($hook) : null; |
|
553 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
554 while ($cur_group = $pun_db->fetch_assoc($result)) |
|
555 { |
|
556 if ($cur_group['g_id'] == PUN_MEMBER) // Pre-select the pre-defined Members group |
|
557 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
558 else |
|
559 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
560 } |
|
561 |
|
562 ?> |
|
563 |
|
564 </select></span> |
|
565 <span class="fld-extra"><?php echo $lang_admin['Remove group help'] ?></span> |
|
566 </label> |
|
567 </div> |
|
568 </fieldset> |
|
569 <div class="frm-buttons"> |
|
570 <span class="submit"><input type="submit" name="del_group" value="<?php echo $lang_admin['Remove group'] ?>" /></span> |
|
571 <span class="cancel"><input type="submit" name="del_group_cancel" value="<?php echo $lang_admin['Cancel'] ?>" /></span> |
|
572 </div> |
|
573 </form> |
|
574 </div> |
|
575 |
|
576 </div> |
|
577 <?php |
|
578 |
|
579 require PUN_ROOT.'footer.php'; |
|
580 } |
|
581 |
|
582 |
|
583 // Setup the form |
|
584 $pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0; |
|
585 |
|
586 // Setup breadcrumbs |
|
587 $pun_page['crumbs'] = array( |
|
588 array($pun_config['o_board_title'], pun_link($pun_url['index'])), |
|
589 array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])), |
|
590 $lang_admin['Groups'] |
|
591 ); |
|
592 |
|
593 ($hook = get_hook('agr_pre_header_load')) ? eval($hook) : null; |
|
594 |
|
595 define('PUN_PAGE_SECTION', 'users'); |
|
596 define('PUN_PAGE', 'admin-groups'); |
|
597 require PUN_ROOT.'header.php'; |
|
598 |
|
599 ?> |
|
600 <div id="pun-main" class="main sectioned admin"> |
|
601 |
|
602 <?php echo generate_admin_menu(); ?> |
|
603 |
|
604 <div class="main-head"> |
|
605 <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1> |
|
606 </div> |
|
607 |
|
608 <div class="main-content frm"> |
|
609 <div class="frm-head"> |
|
610 <h2><span><?php echo $lang_admin['Add group heading'] ?></span></h2> |
|
611 </div> |
|
612 <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&action=foo"> |
|
613 <div class="hidden"> |
|
614 <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&action=foo') ?>" /> |
|
615 </div> |
|
616 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
617 <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend> |
|
618 <div class="frm-fld select"> |
|
619 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
620 <span class="fld-label"><?php echo $lang_admin['Base new group'] ?></span><br /> |
|
621 <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="base_group"> |
|
622 <?php |
|
623 |
|
624 $query = array( |
|
625 'SELECT' => 'g.g_id, g.g_title', |
|
626 'FROM' => 'groups AS g', |
|
627 'WHERE' => 'g_id>'.PUN_GUEST, |
|
628 'ORDER BY' => 'g.g_title' |
|
629 ); |
|
630 |
|
631 ($hook = get_hook('agr_qr_get_groups2')) ? eval($hook) : null; |
|
632 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
633 while ($cur_group = $pun_db->fetch_assoc($result)) |
|
634 { |
|
635 if ($cur_group['g_id'] == $pun_config['o_default_user_group']) |
|
636 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
637 else |
|
638 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
639 } |
|
640 |
|
641 ?> |
|
642 </select></span> |
|
643 </label> |
|
644 </div> |
|
645 </fieldset> |
|
646 <div class="frm-buttons"> |
|
647 <span class="submit"><input type="submit" name="add_group" value="<?php echo $lang_admin['Add group'] ?> " /></span> |
|
648 </div> |
|
649 </form> |
|
650 </div> |
|
651 <?php |
|
652 |
|
653 // Reset fieldset counter |
|
654 $pun_page['set_count'] = 0; |
|
655 |
|
656 ?> |
|
657 <div class="main-content frm"> |
|
658 <div class="frm-head"> |
|
659 <h2><span><?php echo $lang_admin['Default group heading'] ?></span></h2> |
|
660 </div> |
|
661 <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&action=foo"> |
|
662 <div class="hidden"> |
|
663 <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&action=foo') ?>" /> |
|
664 </div> |
|
665 <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>"> |
|
666 <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend> |
|
667 <div class="frm-fld select"> |
|
668 <label for="fld<?php echo ++$pun_page['fld_count'] ?>"> |
|
669 <span class="fld-label"><?php echo $lang_admin['Default group'] ?></span><br /> |
|
670 <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="default_group"> |
|
671 <?php |
|
672 |
|
673 $query = array( |
|
674 'SELECT' => 'g.g_id, g.g_title', |
|
675 'FROM' => 'groups AS g', |
|
676 'WHERE' => 'g_id>'.PUN_GUEST.' AND g_moderator=0', |
|
677 'ORDER BY' => 'g.g_title' |
|
678 ); |
|
679 |
|
680 ($hook = get_hook('agr_qr_get_groups3')) ? eval($hook) : null; |
|
681 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
682 while ($cur_group = $pun_db->fetch_assoc($result)) |
|
683 { |
|
684 if ($cur_group['g_id'] == $pun_config['o_default_user_group']) |
|
685 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
686 else |
|
687 echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n"; |
|
688 } |
|
689 |
|
690 ?> |
|
691 </select></span> |
|
692 </label> |
|
693 </div> |
|
694 </fieldset> |
|
695 <div class="frm-buttons"> |
|
696 <span class="submit"><input type="submit" class="button" name="set_default_group" value="<?php echo $lang_admin['Set default'] ?>" /></span> |
|
697 </div> |
|
698 </form> |
|
699 </div> |
|
700 <div class="main-content frm"> |
|
701 <div class="frm-head"> |
|
702 <h2><span><?php echo $lang_admin['Existing groups heading'] ?></span></h2> |
|
703 </div> |
|
704 <div class="frm-info"> |
|
705 <p><?php echo $lang_admin['Existing groups intro'] ?></p> |
|
706 </div> |
|
707 <div class="datagrid"> |
|
708 <?php |
|
709 |
|
710 $query = array( |
|
711 'SELECT' => 'g.g_id, g.g_title', |
|
712 'FROM' => 'groups AS g', |
|
713 'ORDER BY' => 'g.g_title' |
|
714 ); |
|
715 |
|
716 ($hook = get_hook('agr_qr_get_groups4')) ? eval($hook) : null; |
|
717 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
|
718 $pun_page['item_num'] = 0; |
|
719 while ($cur_group = $pun_db->fetch_assoc($result)) |
|
720 { |
|
721 |
|
722 ?> |
|
723 <div class="grp-item databox db<?php echo ++$pun_page['item_num'] ?>"> |
|
724 <h3 class="data"><span><?php echo htmlspecialchars($cur_group['g_title']) ?></span></h3> |
|
725 <p class="legend actions"><a href="<?php echo pun_link($pun_url['admin_groups']).'&edit_group='.$cur_group['g_id'] ?>"><span><?php echo $lang_admin['Edit'] ?><span><?php echo htmlspecialchars($cur_group['g_title']) ?></span></span></a><?php if ($cur_group['g_id'] > PUN_MEMBER) echo ' <a href="'.pun_link($pun_url['admin_groups']).'&del_group='.$cur_group['g_id'].'"><span>'.$lang_admin['Remove'].'<span> '.htmlspecialchars($cur_group['g_title']).'</span></span></a>' ?></p> |
|
726 </div> |
|
727 <?php |
|
728 |
|
729 } |
|
730 |
|
731 ?> |
|
732 </div> |
|
733 </div> |
|
734 |
|
735 </div> |
|
736 <?php |
|
737 |
|
738 require PUN_ROOT.'footer.php'; |