24 |
24 |
25 |
25 |
26 // Tell header.php to use the admin template |
26 // Tell header.php to use the admin template |
27 define('PUN_ADMIN_CONSOLE', 1); |
27 define('PUN_ADMIN_CONSOLE', 1); |
28 |
28 |
29 define('PUN_ROOT', './'); |
29 //define('PUN_ROOT', './'); |
30 require PUN_ROOT.'include/common.php'; |
30 //require PUN_ROOT.'include/common.php'; |
|
31 |
|
32 global $pun_db, $pun_user, $pun_config, $lang_common; |
|
33 |
31 require PUN_ROOT.'include/common_admin.php'; |
34 require PUN_ROOT.'include/common_admin.php'; |
32 |
35 |
33 |
36 |
34 if ($pun_user['g_id'] > PUN_ADMIN) |
37 if ($pun_user['g_id'] < PUN_ADMIN) |
35 message($lang_common['No permission']); |
38 message($lang_common['No permission']); |
36 |
39 |
37 |
40 |
38 // Add/edit a group (stage 1) |
41 // Add/edit a group (stage 1) |
39 if (isset($_POST['add_group']) || isset($_GET['edit_group'])) |
42 if (isset($_POST['add_group']) || isset($_GET['edit_group'])) |
40 { |
43 { |
41 if (isset($_POST['add_group'])) |
44 if (isset($_POST['add_group'])) |
42 { |
45 { |
43 $base_group = intval($_POST['base_group']); |
46 $base_group = intval($_POST['base_group']); |
44 |
47 |
45 $result = $db->query('SELECT * FROM '.$db->prefix.'groups WHERE g_id='.$base_group) or error('Unable to fetch user group info', __FILE__, __LINE__, $db->error()); |
48 $result = $pun_db->query('SELECT * FROM '.$pun_db->prefix.'groups WHERE g_id='.$base_group) or error('Unable to fetch user group info', __FILE__, __LINE__, $pun_db->error()); |
46 $group = $db->fetch_assoc($result); |
49 $group = $pun_db->fetch_assoc($result); |
47 |
50 |
48 $mode = 'add'; |
51 $mode = 'add'; |
49 } |
52 } |
50 else // We are editing a group |
53 else // We are editing a group |
51 { |
54 { |
52 $group_id = intval($_GET['edit_group']); |
55 $group_id = intval($_GET['edit_group']); |
53 if ($group_id < 1) |
56 if ($group_id < 1) |
54 message($lang_common['Bad request']); |
57 message($lang_common['Bad request']); |
55 |
58 |
56 $result = $db->query('SELECT * FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch user group info', __FILE__, __LINE__, $db->error()); |
59 $result = $pun_db->query('SELECT * FROM '.$pun_db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch user group info', __FILE__, __LINE__, $pun_db->error()); |
57 if (!$db->num_rows($result)) |
60 if (!$pun_db->num_rows($result)) |
58 message($lang_common['Bad request']); |
61 message($lang_common['Bad request']); |
59 |
62 |
60 $group = $db->fetch_assoc($result); |
63 $group = $pun_db->fetch_assoc($result); |
61 |
64 |
62 $mode = 'edit'; |
65 $mode = 'edit'; |
63 } |
66 } |
64 |
67 |
65 |
68 |
223 $search_flood = isset($_POST['search_flood']) ? intval($_POST['search_flood']) : '0'; |
226 $search_flood = isset($_POST['search_flood']) ? intval($_POST['search_flood']) : '0'; |
224 |
227 |
225 if ($title == '') |
228 if ($title == '') |
226 message('You must enter a group title.'); |
229 message('You must enter a group title.'); |
227 |
230 |
228 $user_title = ($user_title != '') ? '\''.$db->escape($user_title).'\'' : 'NULL'; |
231 $user_title = ($user_title != '') ? '\''.$pun_db->escape($user_title).'\'' : 'NULL'; |
229 |
232 |
230 if ($_POST['mode'] == 'add') |
233 if ($_POST['mode'] == 'add') |
231 { |
234 { |
232 $result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\'') or error('Unable to check group title collision', __FILE__, __LINE__, $db->error()); |
235 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'groups WHERE g_title=\''.$pun_db->escape($title).'\'') or error('Unable to check group title collision', __FILE__, __LINE__, $pun_db->error()); |
233 if ($db->num_rows($result)) |
236 if ($pun_db->num_rows($result)) |
234 message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.'); |
237 message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.'); |
235 |
238 |
236 $db->query('INSERT INTO '.$db->prefix.'groups (g_title, g_user_title, g_read_board, g_post_replies, g_post_topics, g_edit_posts, g_delete_posts, g_delete_topics, g_set_title, g_search, g_search_users, g_edit_subjects_interval, g_post_flood, g_search_flood) VALUES(\''.$db->escape($title).'\', '.$user_title.', '.$read_board.', '.$post_replies.', '.$post_topics.', '.$edit_posts.', '.$delete_posts.', '.$delete_topics.', '.$set_title.', '.$search.', '.$search_users.', '.$edit_subjects_interval.', '.$post_flood.', '.$search_flood.')') or error('Unable to add group', __FILE__, __LINE__, $db->error()); |
239 $pun_db->query('INSERT INTO '.$pun_db->prefix.'groups (g_title, g_user_title, g_read_board, g_post_replies, g_post_topics, g_edit_posts, g_delete_posts, g_delete_topics, g_set_title, g_search, g_search_users, g_edit_subjects_interval, g_post_flood, g_search_flood) VALUES(\''.$pun_db->escape($title).'\', '.$user_title.', '.$read_board.', '.$post_replies.', '.$post_topics.', '.$edit_posts.', '.$delete_posts.', '.$delete_topics.', '.$set_title.', '.$search.', '.$search_users.', '.$edit_subjects_interval.', '.$post_flood.', '.$search_flood.')') or error('Unable to add group', __FILE__, __LINE__, $pun_db->error()); |
237 $new_group_id = $db->insert_id(); |
240 $new_group_id = $pun_db->insert_id(); |
238 |
241 |
239 // Now lets copy the forum specific permissions from the group which this group is based on |
242 // Now lets copy the forum specific permissions from the group which this group is based on |
240 $result = $db->query('SELECT forum_id, read_forum, post_replies, post_topics FROM '.$db->prefix.'forum_perms WHERE group_id='.intval($_POST['base_group'])) or error('Unable to fetch group forum permission list', __FILE__, __LINE__, $db->error()); |
243 $result = $pun_db->query('SELECT forum_id, read_forum, post_replies, post_topics FROM '.$pun_db->prefix.'forum_perms WHERE group_id='.intval($_POST['base_group'])) or error('Unable to fetch group forum permission list', __FILE__, __LINE__, $pun_db->error()); |
241 while ($cur_forum_perm = $db->fetch_assoc($result)) |
244 while ($cur_forum_perm = $pun_db->fetch_assoc($result)) |
242 $db->query('INSERT INTO '.$db->prefix.'forum_perms (group_id, forum_id, read_forum, post_replies, post_topics) VALUES('.$new_group_id.', '.$cur_forum_perm['forum_id'].', '.$cur_forum_perm['read_forum'].', '.$cur_forum_perm['post_replies'].', '.$cur_forum_perm['post_topics'].')') or error('Unable to insert group forum permissions', __FILE__, __LINE__, $db->error()); |
245 $pun_db->query('INSERT INTO '.$pun_db->prefix.'forum_perms (group_id, forum_id, read_forum, post_replies, post_topics) VALUES('.$new_group_id.', '.$cur_forum_perm['forum_id'].', '.$cur_forum_perm['read_forum'].', '.$cur_forum_perm['post_replies'].', '.$cur_forum_perm['post_topics'].')') or error('Unable to insert group forum permissions', __FILE__, __LINE__, $pun_db->error()); |
243 } |
246 } |
244 else |
247 else |
245 { |
248 { |
246 $result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\' AND g_id!='.intval($_POST['group_id'])) or error('Unable to check group title collision', __FILE__, __LINE__, $db->error()); |
249 $result = $pun_db->query('SELECT 1 FROM '.$pun_db->prefix.'groups WHERE g_title=\''.$pun_db->escape($title).'\' AND g_id!='.intval($_POST['group_id'])) or error('Unable to check group title collision', __FILE__, __LINE__, $pun_db->error()); |
247 if ($db->num_rows($result)) |
250 if ($pun_db->num_rows($result)) |
248 message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.'); |
251 message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.'); |
249 |
252 |
250 $db->query('UPDATE '.$db->prefix.'groups SET g_title=\''.$db->escape($title).'\', g_user_title='.$user_title.', g_read_board='.$read_board.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood.' WHERE g_id='.intval($_POST['group_id'])) or error('Unable to update group', __FILE__, __LINE__, $db->error()); |
253 $pun_db->query('UPDATE '.$pun_db->prefix.'groups SET g_title=\''.$pun_db->escape($title).'\', g_user_title='.$user_title.', g_read_board='.$read_board.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood.' WHERE g_id='.intval($_POST['group_id'])) or error('Unable to update group', __FILE__, __LINE__, $pun_db->error()); |
251 } |
254 } |
252 |
255 |
253 // Regenerate the quickjump cache |
256 // Regenerate the quickjump cache |
254 require_once PUN_ROOT.'include/cache.php'; |
257 require_once PUN_ROOT.'include/cache.php'; |
255 generate_quickjump_cache(); |
258 generate_quickjump_cache(); |
256 |
259 |
257 redirect('admin_groups.php', 'Group '.(($_POST['mode'] == 'edit') ? 'edited' : 'added').'. Redirecting …'); |
260 pun_redirect('admin_groups.php', 'Group '.(($_POST['mode'] == 'edit') ? 'edited' : 'added').'. Redirecting …'); |
258 } |
261 } |
259 |
262 |
260 |
263 |
261 // Set default group |
264 // Set default group |
262 else if (isset($_POST['set_default_group'])) |
265 else if (isset($_POST['set_default_group'])) |
290 if ($group_id == $pun_config['o_default_user_group']) |
293 if ($group_id == $pun_config['o_default_user_group']) |
291 message('The default group cannot be removed. In order to delete this group, you must first setup a different group as the default.'); |
294 message('The default group cannot be removed. In order to delete this group, you must first setup a different group as the default.'); |
292 |
295 |
293 |
296 |
294 // Check if this group has any members |
297 // Check if this group has any members |
295 $result = $db->query('SELECT g.g_title, COUNT(u.id) FROM '.$db->prefix.'groups AS g INNER JOIN '.$db->prefix.'users AS u ON g.g_id=u.group_id WHERE g.g_id='.$group_id.' GROUP BY g.g_id, g_title') or error('Unable to fetch group info', __FILE__, __LINE__, $db->error()); |
298 $result = $pun_db->query('SELECT g.g_title, COUNT(u.id) FROM '.$pun_db->prefix.'groups AS g INNER JOIN '.$pun_db->prefix.'users AS u ON g.g_id=u.group_id WHERE g.g_id='.$group_id.' GROUP BY g.g_id, g_title') or error('Unable to fetch group info', __FILE__, __LINE__, $pun_db->error()); |
296 |
299 |
297 // If the group doesn't have any members or if we've already selected a group to move the members to |
300 // If the group doesn't have any members or if we've already selected a group to move the members to |
298 if (!$db->num_rows($result) || isset($_POST['del_group'])) |
301 if (!$pun_db->num_rows($result) || isset($_POST['del_group'])) |
299 { |
302 { |
300 if (isset($_POST['del_group'])) |
303 if (isset($_POST['del_group'])) |
301 { |
304 { |
302 $move_to_group = intval($_POST['move_to_group']); |
305 $move_to_group = intval($_POST['move_to_group']); |
303 $db->query('UPDATE '.$db->prefix.'users SET group_id='.$move_to_group.' WHERE group_id='.$group_id) or error('Unable to move users into group', __FILE__, __LINE__, $db->error()); |
306 $pun_db->query('UPDATE '.$pun_db->prefix.'users SET group_id='.$move_to_group.' WHERE group_id='.$group_id) or error('Unable to move users into group', __FILE__, __LINE__, $pun_db->error()); |
304 } |
307 } |
305 |
308 |
306 // Delete the group and any forum specific permissions |
309 // Delete the group and any forum specific permissions |
307 $db->query('DELETE FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to delete group', __FILE__, __LINE__, $db->error()); |
310 $pun_db->query('DELETE FROM '.$pun_db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to delete group', __FILE__, __LINE__, $pun_db->error()); |
308 $db->query('DELETE FROM '.$db->prefix.'forum_perms WHERE group_id='.$group_id) or error('Unable to delete group forum permissions', __FILE__, __LINE__, $db->error()); |
311 $pun_db->query('DELETE FROM '.$pun_db->prefix.'forum_perms WHERE group_id='.$group_id) or error('Unable to delete group forum permissions', __FILE__, __LINE__, $pun_db->error()); |
309 |
312 |
310 // Regenerate the quickjump cache |
313 // Regenerate the quickjump cache |
311 require_once PUN_ROOT.'include/cache.php'; |
314 require_once PUN_ROOT.'include/cache.php'; |
312 generate_quickjump_cache(); |
315 generate_quickjump_cache(); |
313 |
316 |
314 redirect('admin_groups.php', 'Group removed. Redirecting …'); |
317 pun_redirect('admin_groups.php', 'Group removed. Redirecting …'); |
315 } |
318 } |
316 |
319 |
317 |
320 |
318 list($group_title, $group_members) = $db->fetch_row($result); |
321 list($group_title, $group_members) = $pun_db->fetch_row($result); |
319 |
322 |
320 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / User groups'; |
323 $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / Admin / User groups'; |
321 require PUN_ROOT.'header.php'; |
324 require PUN_ROOT.'header.php'; |
322 |
325 |
323 generate_admin_menu('groups'); |
326 generate_admin_menu('groups'); |
446 <div class="infldset"> |
449 <div class="infldset"> |
447 <p>The pre-defined groups Guests, Administrators, Moderators and Members cannot be removed. They can however be edited. Please note though, that in some groups, some options are unavailable (e.g. the <em>edit posts</em> permission for guests). Administrators always have full permissions.</p> |
450 <p>The pre-defined groups Guests, Administrators, Moderators and Members cannot be removed. They can however be edited. Please note though, that in some groups, some options are unavailable (e.g. the <em>edit posts</em> permission for guests). Administrators always have full permissions.</p> |
448 <table cellspacing="0"> |
451 <table cellspacing="0"> |
449 <?php |
452 <?php |
450 |
453 |
451 $result = $db->query('SELECT g_id, g_title FROM '.$db->prefix.'groups ORDER BY g_id') or error('Unable to fetch user group list', __FILE__, __LINE__, $db->error()); |
454 $result = $pun_db->query('SELECT g_id, g_title FROM '.$pun_db->prefix.'groups ORDER BY g_id') or error('Unable to fetch user group list', __FILE__, __LINE__, $pun_db->error()); |
452 |
455 |
453 while ($cur_group = $db->fetch_assoc($result)) |
456 while ($cur_group = $pun_db->fetch_assoc($result)) |
454 echo "\t\t\t\t\t\t\t\t".'<tr><th scope="row"><a href="admin_groups.php?edit_group='.$cur_group['g_id'].'">Edit</a>'.(($cur_group['g_id'] > PUN_MEMBER) ? ' - <a href="admin_groups.php?del_group='.$cur_group['g_id'].'">Remove</a>' : '').'</th><td>'.pun_htmlspecialchars($cur_group['g_title']).'</td></tr>'."\n"; |
457 echo "\t\t\t\t\t\t\t\t".'<tr><th scope="row"><a href="admin_groups.php?edit_group='.$cur_group['g_id'].'">Edit</a>'.(($cur_group['g_id'] > PUN_MEMBER) ? ' - <a href="admin_groups.php?del_group='.$cur_group['g_id'].'">Remove</a>' : '').'</th><td>'.pun_htmlspecialchars($cur_group['g_title']).'</td></tr>'."\n"; |
455 |
458 |
456 ?> |
459 ?> |
457 </table> |
460 </table> |
458 </div> |
461 </div> |