--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/punbb/admin/groups.php Sat Apr 05 23:56:45 2008 -0400
@@ -0,0 +1,738 @@
+<?php
+/***********************************************************************
+
+ Copyright (C) 2002-2008 PunBB.org
+
+ This file is part of PunBB.
+
+ PunBB is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2 of the License,
+ or (at your option) any later version.
+
+ PunBB is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ MA 02111-1307 USA
+
+************************************************************************/
+
+
+// if (!defined('PUN_ROOT'))
+// define('PUN_ROOT', '../');
+// require PUN_ROOT.'include/common.php';
+require PUN_ROOT.'include/common_admin.php';
+
+// import globals (I really hope this isn't dangerous)
+foreach ( $GLOBALS as $key => $_ )
+{
+ $$key =& $GLOBALS[$key];
+}
+
+($hook = get_hook('agr_start')) ? eval($hook) : null;
+
+if ($session->user_level < USER_LEVEL_ADMIN)
+ message($lang_common['No permission']);
+
+// Load the admin.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/admin.php';
+$GLOBALS['lang_admin'] = $lang_admin;
+
+
+// Add/edit a group (stage 1)
+if (isset($_POST['add_group']) || isset($_GET['edit_group']))
+{
+ if (isset($_POST['add_group']))
+ {
+ ($hook = get_hook('agr_add_group_form_submitted')) ? eval($hook) : null;
+
+ $base_group = intval($_POST['base_group']);
+
+ $query = array(
+ 'SELECT' => 'g.*',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g.g_id='.$base_group
+ );
+
+ ($hook = get_hook('agr_qr_get_base_group')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ $group = $pun_db->fetch_assoc($result);
+
+ $mode = 'add';
+ }
+ else // We are editing a group
+ {
+ ($hook = get_hook('agr_edit_group_form_submitted')) ? eval($hook) : null;
+
+ $group_id = intval($_GET['edit_group']);
+ if ($group_id < 1)
+ message($lang_common['Bad request']);
+
+ $query = array(
+ 'SELECT' => 'g.*',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g.g_id='.$group_id
+ );
+
+ ($hook = get_hook('agr_qr_get_group')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ if (!$pun_db->num_rows($result))
+ message($lang_common['Bad request']);
+
+ $group = $pun_db->fetch_assoc($result);
+
+ $mode = 'edit';
+ }
+
+ // Setup the form
+ $pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0;
+
+ // Setup breadcrumbs
+ $pun_page['crumbs'] = array(
+ array($pun_config['o_board_title'], pun_link($pun_url['index'])),
+ array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])),
+ array($lang_admin['Groups'], pun_link($pun_url['admin_groups'])),
+ $mode == 'edit' ? $lang_admin['Edit group heading'] : $lang_admin['Add group heading']
+ );
+
+ ($hook = get_hook('agr_add_edit_group_pre_header_load')) ? eval($hook) : null;
+
+ define('PUN_PAGE_SECTION', 'users');
+ define('PUN_PAGE', 'admin-groups');
+ require PUN_ROOT.'header.php';
+
+?>
+<div id="pun-main" class="main sectioned admin">
+
+
+<?php echo generate_admin_menu(); ?>
+
+ <div class="main-head">
+ <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1>
+ </div>
+
+ <div class="main-content frm parted">
+ <div class="frm-head">
+ <h2><span><?php echo $lang_admin['Group settings heading'] ?></span></h2>
+ </div>
+ <div id="req-msg" class="frm-warn">
+ <p class="important"><?php printf($lang_common['Required warn'], '<em class="req-text">'.$lang_common['Required'].'</em>') ?></p>
+ </div>
+ <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>">
+ <div class="hidden">
+ <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups'])) ?>" />
+ <input type="hidden" name="mode" value="<?php echo $mode ?>" />
+<?php if ($mode == 'edit'): ?> <input type="hidden" name="group_id" value="<?php echo $group_id ?>" />
+<?php endif; if ($mode == 'add'): ?> <input type="hidden" name="base_group" value="<?php echo $base_group ?>" />
+<?php endif; ?> </div>
+<?php ($hook = get_hook('agr_add_edit_group_pre_title_part')) ? eval($hook) : null; ?>
+ <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>">
+ <h3><span><?php printf($lang_admin['Group title head'], $pun_page['part_count']) ?></span></h3>
+ <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend>
+ <div class="frm-fld text required">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Group title'] ?></span><br />
+ <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="req_title" size="25" maxlength="50" value="<?php if ($mode == 'edit') echo htmlspecialchars($group['g_title']); ?>" /></span>
+ <em class="req-text"><?php echo $lang_common['Required'] ?></em>
+ </label>
+ </div>
+ <div class="frm-fld text required">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['User title'] ?></span><br />
+ <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="user_title" size="25" maxlength="50" value="<?php echo htmlspecialchars($group['g_user_title']) ?>" /></span>
+ <span class="fld-help"><?php echo $lang_admin['User title info'] ?></span>
+ </label>
+ </div>
+<?php ($hook = get_hook('agr_add_edit_group_title_end')) ? eval($hook) : null; ?>
+ </fieldset>
+<?php
+
+ // The rest of the form is for non-admin groups only
+ if ($group['g_id'] != PUN_ADMIN)
+ {
+ // Reset fieldset counter
+ $pun_page['set_count'] = 0;
+
+?>
+ </div>
+<?php ($hook = get_hook('agr_add_edit_group_pre_permissions_part')) ? eval($hook) : null; ?>
+ <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>">
+ <h3><span><?php printf($lang_admin['Group perms head'], $pun_page['part_count']) ?></span></h3>
+<?php if ($mode == 'edit' && $pun_config['o_default_user_group'] == $group['g_id']): ?> <div class="frm-info">
+ <p class="warn"><?php echo $lang_admin['Moderator default group'] ?></p>
+ </div>
+<?php endif; ?> <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><strong><?php echo $lang_admin['Permissions'] ?></strong></legend>
+<?php if ($group['g_id'] != PUN_GUEST): if ($mode != 'edit' || $pun_config['o_default_user_group'] != $group['g_id']): ?><fieldset class="frm-group">
+ <legend><span><?php echo $lang_admin['Mod permissions'] ?></span></legend>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="moderator" value="1"<?php if ($group['g_moderator'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow moderate'] ?> <em class="field-info"><?php echo $lang_admin['Mods warning'] ?></em></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_edit_users" value="1"<?php if ($group['g_mod_edit_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod edit profiles'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_rename_users" value="1"<?php if ($group['g_mod_rename_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod edit username'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_change_passwords" value="1"<?php if ($group['g_mod_change_passwords'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod change pass'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="mod_ban_users" value="1"<?php if ($group['g_mod_ban_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow mod bans'] ?></label></div>
+ </fieldset>
+<?php endif; endif; ?> <fieldset class="frm-group">
+ <legend><span><?php echo $lang_admin['User permissions'] ?></span></legend>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="read_board" value="1"<?php if ($group['g_read_board'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow read board'] ?></label><br /> <em class="field-info"><?php echo $lang_admin['Allow read board info'] ?></em></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="view_users" value="1"<?php if ($group['g_view_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow view users'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_replies" value="1"<?php if ($group['g_post_replies'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow post replies'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_topics" value="1"<?php if ($group['g_post_topics'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow post topics'] ?></label></div>
+<?php if ($group['g_id'] != PUN_GUEST): ?> <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="edit_posts" value="1"<?php if ($group['g_edit_posts'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow edit posts'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="delete_posts" value="1"<?php if ($group['g_delete_posts'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow delete posts'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="delete_topics" value="1"<?php if ($group['g_delete_topics'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow delete topics'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="set_title" value="1"<?php if ($group['g_set_title'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow set user title'] ?></label></div>
+<?php endif; ?> <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="search" value="1"<?php if ($group['g_search'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow use search'] ?></label></div>
+ <div class="radbox"><label for="fld<?php echo ++$pun_page['fld_count'] ?>"><input type="checkbox" id="fld<?php echo $pun_page['fld_count'] ?>" name="search_users" value="1"<?php if ($group['g_search_users'] == '1') echo ' checked="checked"' ?> /> <?php echo $lang_admin['Allow search users'] ?></label></div>
+ </fieldset>
+<?php ($hook = get_hook('agr_add_edit_group_permissions_end')) ? eval($hook) : null; ?>
+ </fieldset>
+<?php
+
+ // Reset fieldset counter
+ $pun_page['set_count'] = 0;
+
+ // The rest of the form is for non-guest groups only
+ if ($group['g_id'] != PUN_GUEST)
+ {
+
+?>
+ </div>
+<?php ($hook = get_hook('agr_add_edit_group_pre_flood_part')) ? eval($hook) : null; ?>
+ <div class="frm-part part<?php echo ++ $pun_page['part_count'] ?>">
+ <h3><span><?php printf($lang_admin['Group flood head'], $pun_page['part_count']) ?></span></h3>
+ <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><span><?php echo $lang_admin['Restrictions'] ?></span></legend>
+ <div class="frm-fld text">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Edit interval'] ?></span><br />
+ <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="edit_subjects_interval" size="5" maxlength="5" value="<?php echo $group['g_edit_subjects_interval'] ?>" /></span>
+ <span class="fld-help"><?php echo $lang_admin['Edit interval info'] ?></span>
+ </label>
+ </div>
+ <div class="frm-fld text">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Flood interval'] ?></span><br />
+ <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="post_flood" size="5" maxlength="4" value="<?php echo $group['g_post_flood'] ?>" /></span>
+ <span class="fld-help"><?php echo $lang_admin['Flood interval info'] ?></span>
+ </label>
+ </div>
+ <div class="frm-fld text">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Search interval'] ?></span><br />
+ <span class="fld-input"><input type="text" id="fld<?php echo $pun_page['fld_count'] ?>" name="search_flood" size="5" maxlength="4" value="<?php echo $group['g_search_flood'] ?>" /></span>
+ <span class="fld-help"><?php echo $lang_admin['Search interval info'] ?></span>
+ </label>
+ </div>
+<?php ($hook = get_hook('agr_add_edit_group_flood_end')) ? eval($hook) : null; ?>
+ </fieldset>
+<?php
+
+ }
+ }
+
+?>
+ <div class="frm-buttons">
+ <span class="submit"><input type="submit" class="button" name="add_edit_group" value=" <?php echo $lang_admin['Save'] ?> " /></span>
+ </div>
+ </div>
+ </form>
+ </div>
+
+</div>
+<?php
+
+ require PUN_ROOT.'footer.php';
+}
+
+
+// Add/edit a group (stage 2)
+else if (isset($_POST['add_edit_group']))
+{
+ // Is this the admin group? (special rules apply)
+ $is_admin_group = (isset($_POST['group_id']) && $_POST['group_id'] == PUN_ADMIN) ? true : false;
+
+ $title = trim($_POST['req_title']);
+ $user_title = trim($_POST['user_title']);
+ $moderator = isset($_POST['moderator']) && $_POST['moderator'] == '1' ? '1' : '0';
+ $mod_edit_users = $moderator == '1' && isset($_POST['mod_edit_users']) && $_POST['mod_edit_users'] == '1' ? '1' : '0';
+ $mod_rename_users = $moderator == '1' && isset($_POST['mod_rename_users']) && $_POST['mod_rename_users'] == '1' ? '1' : '0';
+ $mod_change_passwords = $moderator == '1' && isset($_POST['mod_change_passwords']) && $_POST['mod_change_passwords'] == '1' ? '1' : '0';
+ $mod_ban_users = $moderator == '1' && isset($_POST['mod_ban_users']) && $_POST['mod_ban_users'] == '1' ? '1' : '0';
+ $read_board = (isset($_POST['read_board']) && $_POST['read_board'] == '1') || $is_admin_group ? '1' : '0';
+ $view_users = (isset($_POST['view_users']) && $_POST['view_users'] == '1') || $is_admin_group ? '1' : '0';
+ $post_replies = (isset($_POST['post_replies']) && $_POST['post_replies'] == '1') || $is_admin_group ? '1' : '0';
+ $post_topics = (isset($_POST['post_topics']) && $_POST['post_topics'] == '1') || $is_admin_group ? '1' : '0';
+ $edit_posts = (isset($_POST['edit_posts']) && $_POST['edit_posts'] == '1') || $is_admin_group ? '1' : '0';
+ $delete_posts = (isset($_POST['delete_posts']) && $_POST['delete_posts'] == '1') || $is_admin_group ? '1' : '0';
+ $delete_topics = (isset($_POST['delete_topics']) && $_POST['delete_topics'] == '1') || $is_admin_group ? '1' : '0';
+ $set_title = (isset($_POST['set_title']) && $_POST['set_title'] == '1') || $is_admin_group ? '1' : '0';
+ $search = (isset($_POST['search']) && $_POST['search'] == '1') || $is_admin_group ? '1' : '0';
+ $search_users = (isset($_POST['search_users']) && $_POST['search_users'] == '1') || $is_admin_group ? '1' : '0';
+ $edit_subjects_interval = isset($_POST['edit_subjects_interval']) ? intval($_POST['edit_subjects_interval']) : '0';
+ $post_flood = isset($_POST['post_flood']) ? intval($_POST['post_flood']) : '0';
+ $search_flood = isset($_POST['search_flood']) ? intval($_POST['search_flood']) : '0';
+
+ if ($title == '')
+ message($lang_admin['Must enter group message']);
+
+ $user_title = ($user_title != '') ? '\''.$pun_db->escape($user_title).'\'' : 'NULL';
+
+ if ($_POST['mode'] == 'add')
+ {
+ ($hook = get_hook('agr_add_group_form_submitted2')) ? eval($hook) : null;
+
+ $query = array(
+ 'SELECT' => '1',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g_title=\''.$pun_db->escape($title).'\''
+ );
+
+ ($hook = get_hook('agr_qr_check_group_title_collision')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ if ($pun_db->num_rows($result))
+ message(sprintf($lang_admin['Already a group message'], htmlspecialchars($title)));
+
+ // Insert the new group
+ $query = array(
+ 'INSERT' => 'g_title, g_user_title, g_moderator, g_mod_edit_users, g_mod_rename_users, g_mod_change_passwords, g_mod_ban_users, g_read_board, g_view_users, g_post_replies, g_post_topics, g_edit_posts, g_delete_posts, g_delete_topics, g_set_title, g_search, g_search_users, g_edit_subjects_interval, g_post_flood, g_search_flood',
+ 'INTO' => 'groups',
+ 'VALUES' => '\''.$pun_db->escape($title).'\', '.$user_title.', '.$moderator.', '.$mod_edit_users.', '.$mod_rename_users.', '.$mod_change_passwords.', '.$mod_ban_users.', '.$read_board.', '.$view_users.', '.$post_replies.', '.$post_topics.', '.$edit_posts.', '.$delete_posts.', '.$delete_topics.', '.$set_title.', '.$search.', '.$search_users.', '.$edit_subjects_interval.', '.$post_flood.', '.$search_flood
+ );
+
+ ($hook = get_hook('agr_qy_add_group')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ $new_group_id = $pun_db->insert_id();
+
+ // Now lets copy the forum specific permissions from the group which this group is based on
+ $query = array(
+ 'SELECT' => 'fp.forum_id, fp.read_forum, fp.post_replies, fp.post_topics',
+ 'FROM' => 'forum_perms AS fp',
+ 'WHERE' => 'group_id='.intval($_POST['base_group'])
+ );
+
+ ($hook = get_hook('agr_qr_get_group_forum_perms')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ while ($cur_forum_perm = $pun_db->fetch_assoc($result))
+ {
+ $query = array(
+ 'INSERT' => 'group_id, forum_id, read_forum, post_replies, post_topics',
+ 'INTO' => 'forum_perms',
+ 'VALUES' => $new_group_id.', '.$cur_forum_perm['forum_id'].', '.$cur_forum_perm['read_forum'].', '.$cur_forum_perm['post_replies'].', '.$cur_forum_perm['post_topics']
+ );
+
+ ($hook = get_hook('agr_qy_add_group_forum_perms')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ }
+ }
+ else
+ {
+ $group_id = intval($_POST['group_id']);
+
+ ($hook = get_hook('agr_edit_group_form_submitted2')) ? eval($hook) : null;
+
+ // Make sure admins and guests don't get moderator privileges
+ if ($group_id == PUN_ADMIN || $group_id == PUN_GUEST)
+ $moderator = '0';
+
+ // Make sure the default group isn't assigned moderator privileges
+ if ($moderator == '1' && $pun_config['o_default_user_group'] == $group_id)
+ message($lang_admin['Moderator default group']);
+
+ $query = array(
+ 'SELECT' => '1',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g_title=\''.$pun_db->escape($title).'\' AND g_id!='.$group_id
+ );
+
+ ($hook = get_hook('agr_qr_check_group_title_collision2')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ if ($pun_db->num_rows($result))
+ message(sprintf($lang_admin['Already a group message'], htmlspecialchars($title)));
+
+ // Save changes
+ $query = array(
+ 'UPDATE' => 'groups',
+ 'SET' => 'g_title=\''.$pun_db->escape($title).'\', g_user_title='.$user_title.', g_moderator='.$moderator.', g_mod_edit_users='.$mod_edit_users.', g_mod_rename_users='.$mod_rename_users.', g_mod_change_passwords='.$mod_change_passwords.', g_mod_ban_users='.$mod_ban_users.', g_read_board='.$read_board.', g_view_users='.$view_users.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood,
+ 'WHERE' => 'g_id='.$group_id
+ );
+
+ ($hook = get_hook('agr_qy_update_group')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+ // If the group doesn't have moderator privileges (it might have had before), remove its users from the moderator list in all forums
+ if (!$moderator)
+ clean_forum_moderators();
+ }
+
+ // Regenerate the quickjump cache
+ require_once PUN_ROOT.'include/cache.php';
+ generate_quickjump_cache();
+
+ pun_redirect(pun_link($pun_url['admin_groups']), (($_POST['mode'] == 'edit') ? $lang_admin['Group edited'] : $lang_admin['Group added']).' '.$lang_admin['Redirect']);
+}
+
+
+// Set default group
+else if (isset($_POST['set_default_group']))
+{
+ $group_id = intval($_POST['default_group']);
+
+ ($hook = get_hook('agr_set_default_group_form_submitted')) ? eval($hook) : null;
+
+ // Make sure it's not the admin or guest groups
+ if ($group_id == PUN_ADMIN || $group_id == PUN_GUEST)
+ message($lang_common['Bad request']);
+
+ // Make sure it's not a moderator group
+ $query = array(
+ 'SELECT' => 'g.g_id',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g.g_id='.$group_id.' AND g.g_moderator=0',
+ 'LIMIT' => '1'
+ );
+
+ ($hook = get_hook('agr_qr_get_group_moderation_status')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ if (!$pun_db->num_rows($result))
+ message($lang_common['Bad request']);
+
+ $query = array(
+ 'UPDATE' => 'config',
+ 'SET' => 'conf_value='.$group_id,
+ 'WHERE' => 'conf_name=\'o_default_user_group\''
+ );
+
+ ($hook = get_hook('agr_qy_set_default_group')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+ // Regenerate the config cache
+ require_once PUN_ROOT.'include/cache.php';
+ generate_config_cache();
+
+ pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Default group set'].' '.$lang_admin['Redirect']);
+}
+
+
+// Remove a group
+else if (isset($_GET['del_group']))
+{
+ $group_id = intval($_GET['del_group']);
+ if ($group_id < 4)
+ message($lang_common['Bad request']);
+
+ // User pressed the cancel button
+ if (isset($_POST['del_group_cancel']))
+ pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Cancel redirect']);
+
+ // Make sure we don't remove the default group
+ if ($group_id == $pun_config['o_default_user_group'])
+ message($lang_admin['Cannot remove default group']);
+
+ ($hook = get_hook('agr_del_group_selected')) ? eval($hook) : null;
+
+
+ // Check if this group has any members
+ $query = array(
+ 'SELECT' => 'g.g_title, COUNT(u.id)',
+ 'FROM' => 'groups AS g',
+ 'JOINS' => array(
+ array(
+ 'INNER JOIN' => 'users AS u',
+ 'ON' => 'g.g_id=u.group_id'
+ )
+ ),
+ 'WHERE' => 'g.g_id='.$group_id,
+ 'GROUP BY' => 'g.g_id, g.g_title'
+ );
+
+ ($hook = get_hook('agr_qr_get_group_member_count')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+ // If the group doesn't have any members or if we've already selected a group to move the members to
+ if (!$pun_db->num_rows($result) || isset($_POST['del_group']))
+ {
+ ($hook = get_hook('agr_del_group_form_submitted')) ? eval($hook) : null;
+
+ if (isset($_POST['del_group'])) // Move users
+ {
+ $query = array(
+ 'UPDATE' => 'users',
+ 'SET' => 'group_id='.intval($_POST['move_to_group']),
+ 'WHERE' => 'group_id='.$group_id
+ );
+
+ ($hook = get_hook('agr_qy_move_users')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ }
+
+ // Delete the group and any forum specific permissions
+ $query = array(
+ 'DELETE' => 'groups',
+ 'WHERE' => 'g_id='.$group_id
+ );
+
+ ($hook = get_hook('agr_qy_delete_group')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+ $query = array(
+ 'DELETE' => 'forum_perms',
+ 'WHERE' => 'group_id='.$group_id
+ );
+
+ ($hook = get_hook('agr_qy_delete_group_forum_perms')) ? eval($hook) : null;
+ $pun_db->query_build($query) or error(__FILE__, __LINE__);
+
+ clean_forum_moderators();
+
+ // Regenerate the quickjump cache
+ require_once PUN_ROOT.'include/cache.php';
+ generate_quickjump_cache();
+
+ pun_redirect(pun_link($pun_url['admin_groups']), $lang_admin['Group removed'].' '.$lang_admin['Redirect']);
+ }
+
+ list($group_title, $num_members) = $pun_db->fetch_row($result);
+
+
+ // Setup the form
+ $pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0;
+
+ // Setup breadcrumbs
+ $pun_page['crumbs'] = array(
+ array($pun_config['o_board_title'], pun_link($pun_url['index'])),
+ array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])),
+ array($lang_admin['Groups'], pun_link($pun_url['admin_groups'])),
+ $lang_admin['Remove group']
+ );
+
+ ($hook = get_hook('agr_del_group_pre_header_load')) ? eval($hook) : null;
+
+ define('PUN_PAGE_SECTION', 'users');
+ define('PUN_PAGE', 'admin-groups');
+ require PUN_ROOT.'header.php';
+
+?>
+<div id="pun-main" class="main sectioned admin">
+
+<?php echo generate_admin_menu(); ?>
+
+ <div class="main-head">
+ <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1>
+ </div>
+
+ <div class="main-content frm">
+ <div class="frm-head">
+ <h2><span><?php printf($lang_admin['Remove group head'], htmlspecialchars($group_title), $num_members) ?></span></h2>
+ </div>
+ <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&del_group=<?php echo $group_id ?>">
+ <div class="hidden">
+ <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&del_group='.$group_id) ?>" />
+ </div>
+ <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend>
+ <div class="frm-fld select">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Move users to'] ?></span><br />
+ <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="move_to_group">
+<?php
+
+ $query = array(
+ 'SELECT' => 'g.g_id, g.g_title',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g.g_id!='.PUN_GUEST.' AND g.g_id!='.$group_id,
+ 'ORDER BY' => 'g.g_title'
+ );
+
+ ($hook = get_hook('agr_qr_get_groups')) ? eval($hook) : null;
+ $result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+ while ($cur_group = $pun_db->fetch_assoc($result))
+ {
+ if ($cur_group['g_id'] == PUN_MEMBER) // Pre-select the pre-defined Members group
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+ else
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+ }
+
+?>
+
+ </select></span>
+ <span class="fld-extra"><?php echo $lang_admin['Remove group help'] ?></span>
+ </label>
+ </div>
+ </fieldset>
+ <div class="frm-buttons">
+ <span class="submit"><input type="submit" name="del_group" value="<?php echo $lang_admin['Remove group'] ?>" /></span>
+ <span class="cancel"><input type="submit" name="del_group_cancel" value="<?php echo $lang_admin['Cancel'] ?>" /></span>
+ </div>
+ </form>
+ </div>
+
+</div>
+<?php
+
+ require PUN_ROOT.'footer.php';
+}
+
+
+// Setup the form
+$pun_page['part_count'] = $pun_page['fld_count'] = $pun_page['set_count'] = 0;
+
+// Setup breadcrumbs
+$pun_page['crumbs'] = array(
+ array($pun_config['o_board_title'], pun_link($pun_url['index'])),
+ array($lang_admin['Forum administration'], pun_link($pun_url['admin_index'])),
+ $lang_admin['Groups']
+);
+
+($hook = get_hook('agr_pre_header_load')) ? eval($hook) : null;
+
+define('PUN_PAGE_SECTION', 'users');
+define('PUN_PAGE', 'admin-groups');
+require PUN_ROOT.'header.php';
+
+?>
+<div id="pun-main" class="main sectioned admin">
+
+<?php echo generate_admin_menu(); ?>
+
+ <div class="main-head">
+ <h1><span>{ <?php echo end($pun_page['crumbs']) ?> }</span></h1>
+ </div>
+
+ <div class="main-content frm">
+ <div class="frm-head">
+ <h2><span><?php echo $lang_admin['Add group heading'] ?></span></h2>
+ </div>
+ <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&action=foo">
+ <div class="hidden">
+ <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&action=foo') ?>" />
+ </div>
+ <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend>
+ <div class="frm-fld select">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Base new group'] ?></span><br />
+ <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="base_group">
+<?php
+
+$query = array(
+ 'SELECT' => 'g.g_id, g.g_title',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g_id>'.PUN_GUEST,
+ 'ORDER BY' => 'g.g_title'
+);
+
+($hook = get_hook('agr_qr_get_groups2')) ? eval($hook) : null;
+$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+while ($cur_group = $pun_db->fetch_assoc($result))
+{
+ if ($cur_group['g_id'] == $pun_config['o_default_user_group'])
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+ else
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+}
+
+?>
+ </select></span>
+ </label>
+ </div>
+ </fieldset>
+ <div class="frm-buttons">
+ <span class="submit"><input type="submit" name="add_group" value="<?php echo $lang_admin['Add group'] ?> " /></span>
+ </div>
+ </form>
+ </div>
+<?php
+
+ // Reset fieldset counter
+ $pun_page['set_count'] = 0;
+
+?>
+ <div class="main-content frm">
+ <div class="frm-head">
+ <h2><span><?php echo $lang_admin['Default group heading'] ?></span></h2>
+ </div>
+ <form class="frm-form" method="post" accept-charset="utf-8" action="<?php echo pun_link($pun_url['admin_groups']) ?>&action=foo">
+ <div class="hidden">
+ <input type="hidden" name="csrf_token" value="<?php echo generate_form_token(pun_link($pun_url['admin_groups']).'&action=foo') ?>" />
+ </div>
+ <fieldset class="frm-set set<?php echo ++$pun_page['set_count'] ?>">
+ <legend class="frm-legend"><span><?php echo $lang_admin['Options'] ?></span></legend>
+ <div class="frm-fld select">
+ <label for="fld<?php echo ++$pun_page['fld_count'] ?>">
+ <span class="fld-label"><?php echo $lang_admin['Default group'] ?></span><br />
+ <span class="fld-input"><select id="fld<?php echo $pun_page['fld_count'] ?>" name="default_group">
+<?php
+
+$query = array(
+ 'SELECT' => 'g.g_id, g.g_title',
+ 'FROM' => 'groups AS g',
+ 'WHERE' => 'g_id>'.PUN_GUEST.' AND g_moderator=0',
+ 'ORDER BY' => 'g.g_title'
+);
+
+($hook = get_hook('agr_qr_get_groups3')) ? eval($hook) : null;
+$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+while ($cur_group = $pun_db->fetch_assoc($result))
+{
+ if ($cur_group['g_id'] == $pun_config['o_default_user_group'])
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'" selected="selected">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+ else
+ echo "\t\t\t\t\t\t\t".'<option value="'.$cur_group['g_id'].'">'.htmlspecialchars($cur_group['g_title']).'</option>'."\n";
+}
+
+?>
+ </select></span>
+ </label>
+ </div>
+ </fieldset>
+ <div class="frm-buttons">
+ <span class="submit"><input type="submit" class="button" name="set_default_group" value="<?php echo $lang_admin['Set default'] ?>" /></span>
+ </div>
+ </form>
+ </div>
+ <div class="main-content frm">
+ <div class="frm-head">
+ <h2><span><?php echo $lang_admin['Existing groups heading'] ?></span></h2>
+ </div>
+ <div class="frm-info">
+ <p><?php echo $lang_admin['Existing groups intro'] ?></p>
+ </div>
+ <div class="datagrid">
+<?php
+
+$query = array(
+ 'SELECT' => 'g.g_id, g.g_title',
+ 'FROM' => 'groups AS g',
+ 'ORDER BY' => 'g.g_title'
+);
+
+($hook = get_hook('agr_qr_get_groups4')) ? eval($hook) : null;
+$result = $pun_db->query_build($query) or error(__FILE__, __LINE__);
+$pun_page['item_num'] = 0;
+while ($cur_group = $pun_db->fetch_assoc($result))
+{
+
+?>
+ <div class="grp-item databox db<?php echo ++$pun_page['item_num'] ?>">
+ <h3 class="data"><span><?php echo htmlspecialchars($cur_group['g_title']) ?></span></h3>
+ <p class="legend actions"><a href="<?php echo pun_link($pun_url['admin_groups']).'&edit_group='.$cur_group['g_id'] ?>"><span><?php echo $lang_admin['Edit'] ?><span><?php echo htmlspecialchars($cur_group['g_title']) ?></span></span></a><?php if ($cur_group['g_id'] > PUN_MEMBER) echo ' <a href="'.pun_link($pun_url['admin_groups']).'&del_group='.$cur_group['g_id'].'"><span>'.$lang_admin['Remove'].'<span> '.htmlspecialchars($cur_group['g_title']).'</span></span></a>' ?></p>
+ </div>
+<?php
+
+}
+
+?>
+ </div>
+ </div>
+
+</div>
+<?php
+
+require PUN_ROOT.'footer.php';