break;
case GROUP_HIDDEN:
$group_row['l_group_type'] = 'HIDDEN';
// Check for membership or special permissions
if (!$auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') && $group_row['user_id'] != $user->data['user_id']) {
trigger_error('NO_GROUP');
}
break;
case GROUP_SPECIAL:
$group_row['l_group_type'] = 'SPECIAL';
break;
case GROUP_FREE:
$group_row['l_group_type'] = 'FREE';
break;
}
$avatar_img = phpbb_get_group_avatar($group_row);
// ... same for group rank
$user_rank_data = array('title' => null, 'img' => null, 'img_src' => null);
if ($group_row['group_rank']) {
$user_rank_data = phpbb_get_user_rank($group_row, false);
if ($user_rank_data['img']) {
$user_rank_data['img'] .= '<br />';
}
}
// include modules for manage groups link display or not
// need to ensure the module is active
$can_manage_group = false;
if ($user->data['is_registered'] && $group_row['group_leader']) {
if (!class_exists('p_master')) {
include $phpbb_root_path . 'includes/functions_module.' . $phpEx;
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_container, $phpbb_dispatcher;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
$form_key = 'acp_groups';
add_form_key($form_key);
if ($mode == 'position') {
$this->manage_position();
return;
}
if (!function_exists('group_user_attributes')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : $request->variable('action', ''));
$group_id = $request->variable('g', 0);
$mark_ary = $request->variable('mark', array(0));
$name_ary = $request->variable('usernames', '', true);
$leader = $request->variable('leader', 0);
$default = $request->variable('default', 0);
$start = $request->variable('start', 0);
$update = isset($_POST['update']) ? true : false;
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
// Clear some vars
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT g.*, t.teampage_position AS group_teampage
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE g.group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Approve, demote or promote
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error) {
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'set_default_on_all':
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
case 'delete':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($action === 'delete' && $group_row['group_type'] == GROUP_SPECIAL) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_del($group_id, $mark_ary, false, $group_name);
break;
}
$back_link = $action == 'delete' ? $this->u_action : $this->u_action . '&action=list&g=' . $group_id;
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($back_link), E_USER_WARNING);
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($back_link));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$name_ary = array_unique(explode("\n", $name_ary));
$group_name = $group_helper->get_name($group_row['group_name']);
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$message = $leader ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
break;
case 'edit':
case 'add':
if (!function_exists('display_forums')) {
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
}
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = array();
$user->add_lang('ucp');
// Setup avatar data for later
$avatars_enabled = false;
$avatar_drivers = null;
$avatar_data = null;
$avatar_error = array();
if ($config['allow_avatar']) {
/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the group_ prefix
$avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group');
if (!isset($avatar_data['id'])) {
$avatar_data['id'] = 'g' . $group_id;
}
}
if ($request->is_set_post('avatar_delete')) {
if (confirm_box(true)) {
$avatar_data['id'] = substr($avatar_data['id'], 1);
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_');
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array('avatar_delete' => true, 'i' => $id, 'mode' => $mode, 'g' => $group_id, 'action' => $action)));
}
}
// Did we submit?
if ($update) {
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$group_name = $request->variable('group_name', '', true);
$group_desc = $request->variable('group_desc', '', true);
$group_type = $request->variable('group_type', GROUP_FREE);
$allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
$allow_desc_urls = $request->variable('desc_parse_urls', false);
$allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array('colour' => $request->variable('group_colour', ''), 'rank' => $request->variable('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'teampage' => isset($_REQUEST['group_teampage']) ? 1 : 0, 'message_limit' => $request->variable('group_message_limit', 0), 'max_recipients' => $request->variable('group_max_recipients', 0), 'founder_manage' => 0, 'skip_auth' => $request->variable('group_skip_auth', 0));
if ($user->data['user_type'] == USER_FOUNDER) {
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
if ($config['allow_avatar']) {
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) {
$driver = $phpbb_avatar_manager->get_driver($driver_name);
$result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error);
if ($result && empty($avatar_error)) {
$result['avatar_type'] = $driver_name;
$submit_ary = array_merge($submit_ary, $result);
}
} else {
$driver = $phpbb_avatar_manager->get_driver($avatar_data['avatar_type']);
if ($driver) {
$driver->delete($avatar_data);
}
// Removing the avatar
$submit_ary['avatar_type'] = '';
$submit_ary['avatar'] = '';
$submit_ary['avatar_width'] = 0;
$submit_ary['avatar_height'] = 0;
}
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
/*
* Validate the length of "Maximum number of allowed recipients per
* private message" setting. We use 16777215 as a maximum because it matches
* MySQL unsigned mediumint maximum value which is the lowest amongst DBMSes
* supported by phpBB3. Also validate the submitted colour value.
*/
$validation_checks = array('max_recipients' => array('num', false, 0, 16777215), 'colour' => array('hex_colour', true));
/**
* Request group data and operate on it
*
* @event core.acp_manage_group_request_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array validation_checks Array with validation data
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'validation_checks');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_request_data', compact($vars)));
if ($validation_error = validate_data($submit_ary, $validation_checks)) {
// Replace "error" string with its real, localised form
$error = array_merge($error, $validation_error);
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
// However there are some attributes that need to be set everytime,
// otherwise the group gets removed from the feature.
$set_attributes = array('legend', 'teampage');
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int', 'founder_manage' => 'int', 'skip_auth' => 'int');
/**
* Initialise data before we display the add/edit form
*
* @event core.acp_manage_group_initialise_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array test_variables Array with variables for test
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'test_variables');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_initialise_data', compact($vars)));
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = $request->variable('group_perm_from', 0);
// Copy permissions?
// If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transferred.
// We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions.
// Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise.
if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) {
$sql = 'SELECT group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$check_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Check the group if non-founder
if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_founder_manage'] == 0)) {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
$auth->acl_clear_prefetch();
}
}
$cache->destroy('sql', array(GROUPS_TABLE, TEAMPAGE_TABLE));
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = $request->variable('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
// Load up stuff for avatars
if ($config['allow_avatar']) {
$avatars_enabled = false;
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type']));
foreach ($avatar_drivers as $current_driver) {
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
$template->set_filenames(array('avatar' => $driver->get_acp_template_name()));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) {
$driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
$driver_upper = strtoupper($driver_name);
$template->assign_block_vars('avatar_drivers', array('L_TITLE' => $user->lang($driver_upper . '_TITLE'), 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), 'DRIVER' => $driver_name, 'SELECTED' => $current_driver == $selected_driver, 'OUTPUT' => $template->assign_display('avatar')));
}
}
}
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
if (isset($phpbb_avatar_manager) && !$update) {
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
$back_link = $request->variable('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . $request->variable('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_GROUP_PERM' => $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth') ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_USER_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false, 'S_AVATARS_ENABLED' => $config['allow_avatar'] && $avatars_enabled, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_helper->get_name($group_name), 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_FOUNDER_MANAGE' => isset($group_row['group_founder_manage']) && $group_row['group_founder_manage'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_TEAMPAGE' => isset($group_row['group_teampage']) && $group_row['group_teampage'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_SKIP_AUTH' => !empty($group_row['group_skip_auth']) ? ' checked="checked"' : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(false, false, $user->data['user_type'] == USER_FOUNDER ? false : 0), 'AVATAR' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string()));
/**
* Modify group template data before we display the form
*
* @event core.acp_manage_group_display_form
* @var string action Type of the action: add|edit
* @var bool update Do we display the form only
* or did the user press submit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var string group_name The group name
* @var int group_type The group type
* @var array group_desc_data The group description data
* @var string group_rank The group rank
* @var string rank_options The rank options
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @since 3.1.0-b5
*/
$vars = array('action', 'update', 'group_id', 'group_row', 'group_desc_data', 'group_name', 'group_type', 'group_rank', 'rank_options', 'error');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_display_form', compact($vars)));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$this->page_title = 'GROUP_MEMBERS';
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_colour, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$base_url = $this->u_action . "&action={$action}&g={$group_id}";
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start);
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'GROUP_NAME' => $group_helper->get_name($group_row['group_name']), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames'), 'U_DEFAULT_ALL' => "{$this->u_action}&action=set_default_on_all&g={$group_id}"));
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
// Get us all the groups
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$lookup = $cached_group_data = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
// used to determine what type a group is
$lookup[$row['group_id']] = $type;
// used for easy access to the data within a group
$cached_group_data[$type][$row['group_id']] = $row;
$cached_group_data[$type][$row['group_id']]['total_members'] = 0;
}
$db->sql_freeresult($result);
// How many people are in which group?
$sql = 'SELECT COUNT(ug.user_id) AS total_members, ug.group_id
FROM ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($lookup)) . '
GROUP BY ug.group_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$type = $lookup[$row['group_id']];
$cached_group_data[$type][$row['group_id']]['total_members'] = $row['total_members'];
}
$db->sql_freeresult($result);
// The order is... normal, then special
ksort($cached_group_data);
foreach ($cached_group_data as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $group_id => $row) {
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx, $phpbb_admin_path;
global $db, $user, $auth, $cache, $template;
global $request, $phpbb_container, $phpbb_log;
$user->add_lang('groups');
$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
$mark_ary = $request->variable('mark', array(0));
$submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST);
$delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST);
$error = $data = array();
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
switch ($mode) {
case 'membership':
$this->page_title = 'UCP_USERGROUPS_MEMBER';
if ($submit || isset($_POST['change_default'])) {
$action = isset($_POST['change_default']) ? 'change_default' : $request->variable('action', '');
$group_id = $action == 'change_default' ? $request->variable('default', 0) : $request->variable('selected', 0);
if (!$group_id) {
trigger_error('NO_GROUP_SELECTED');
}
$sql = 'SELECT group_id, group_name, group_type
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id IN ({$group_id}, {$user->data['group_id']})";
$result = $db->sql_query($sql);
$group_row = array();
while ($row = $db->sql_fetchrow($result)) {
$row['group_name'] = $group_helper->get_name($row['group_name']);
$group_row[$row['group_id']] = $row;
}
$db->sql_freeresult($result);
if (!sizeof($group_row)) {
trigger_error('GROUP_NOT_EXIST');
}
switch ($action) {
case 'change_default':
// User already having this group set as default?
if ($group_id == $user->data['group_id']) {
trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page);
}
if (!$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_AUTHORISED'] . $return_page);
}
// User needs to be member of the group in order to make it default
if (!group_memberships($group_id, $user->data['user_id'], true)) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('default', $group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_CHANGE', false, array('reportee_id' => $user->data['user_id'], sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page);
} else {
$s_hidden_fields = array('default' => $group_id, 'change_default' => true);
confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields));
}
break;
case 'resign':
// User tries to resign from default group but is not allowed to change it?
if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_type = (int) $db->sql_fetchfield('group_type');
$db->sql_freeresult($result);
if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) {
trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_del($group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_RESIGN', false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$row['user_pending'] ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'resign', 'submit' => true);
confirm_box(false, $row['user_pending'] ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields));
}
break;
case 'join':
$sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
WHERE ug.user_id = u.user_id
AND ug.group_id = ' . $group_id . '
AND ug.user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
if ($row['user_pending']) {
trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page);
}
trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page);
}
// Check permission to join (open group or request)
if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) {
trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
if ($group_row[$group_id]['group_type'] == GROUP_FREE) {
group_user_add($group_id, $user->data['user_id']);
} else {
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
}
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_JOIN' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? '' : '_PENDING'), false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'join', 'submit' => true);
confirm_box(false, $group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields));
}
break;
case 'demote':
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('demote', $group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_DEMOTE', false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'demote', 'submit' => true);
confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields));
}
break;
}
}
$sql = 'SELECT g.*, ug.group_leader, ug.user_pending
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
$group_id_ary = array();
$leader_count = $member_count = $pending_count = 0;
while ($row = $db->sql_fetchrow($result)) {
$block = $row['group_leader'] ? 'leader' : ($row['user_pending'] ? 'pending' : 'member');
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars($block, array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $group_helper->get_name($row['group_name']), 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_GROUP_DEFAULT' => $row['group_id'] == $user->data['group_id'] ? true : false, 'S_ROW_COUNT' => ${$block . '_count'}++));
$group_id_ary[] = (int) $row['group_id'];
}
$db->sql_freeresult($result);
// Hide hidden groups unless user is an admin with group privileges
$sql_and = $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE ' . (sizeof($group_id_ary) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "\n\t\t\t\t\t\tgroup_type {$sql_and}\n\t\t\t\t\tORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$nonmember_count = 0;
while ($row = $db->sql_fetchrow($result)) {
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars('nonmember', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $group_helper->get_name($row['group_name']), 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_CLOSED' => $row['group_type'] != GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'S_CAN_JOIN' => $row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE ? true : false, 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_ROW_COUNT' => $nonmember_count++));
}
$db->sql_freeresult($result);
$template->assign_vars(array('S_CHANGE_DEFAULT' => $auth->acl_get('u_chggrp') ? true : false, 'S_LEADER_COUNT' => $leader_count, 'S_MEMBER_COUNT' => $member_count, 'S_PENDING_COUNT' => $pending_count, 'S_NONMEMBER_COUNT' => $nonmember_count, 'S_UCP_ACTION' => $this->u_action));
break;
case 'manage':
$this->page_title = 'UCP_USERGROUPS_MANAGE';
$action = isset($_POST['addusers']) ? 'addusers' : $request->variable('action', '');
$group_id = $request->variable('g', 0);
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
add_form_key('ucp_groups');
if ($group_id) {
$sql = 'SELECT g.*, t.teampage_position AS group_teampage
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE g.group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING);
}
$group_name = $group_row['group_name'];
$group_type = $group_row['group_type'];
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
$template->assign_vars(array('GROUP_NAME' => $group_helper->get_name($group_name), 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], 'AVATAR' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_IMAGE' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : ''));
}
switch ($action) {
case 'edit':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$file_uploads = @ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on' ? true : false;
$user->add_lang(array('acp/groups', 'acp/common'));
$data = $submit_ary = array();
$update = isset($_POST['update']) ? true : false;
$error = array();
// Setup avatar data for later
$avatars_enabled = false;
$avatar_drivers = null;
$avatar_data = null;
$avatar_error = array();
if ($config['allow_avatar']) {
/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the group_ prefix
$avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group');
}
// Handle deletion of avatars
if ($request->is_set_post('avatar_delete')) {
if (confirm_box(true)) {
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_');
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . $return_page);
} else {
confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array('avatar_delete' => true, 'i' => $id, 'mode' => $mode, 'g' => $group_id, 'action' => $action)));
}
}
// Did we submit?
if ($update) {
$group_name = $request->variable('group_name', '', true);
$group_desc = $request->variable('group_desc', '', true);
$group_type = $request->variable('group_type', GROUP_FREE);
$allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
$allow_desc_urls = $request->variable('desc_parse_urls', false);
$allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array('colour' => $request->variable('group_colour', ''), 'rank' => $request->variable('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => $request->variable('group_message_limit', 0), 'max_recipients' => $request->variable('group_max_recipients', 0), 'legend' => $group_row['group_legend'], 'teampage' => $group_row['group_teampage']);
if ($config['allow_avatar']) {
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
$config_name = preg_replace('#^avatar\\.driver.#', '', $driver_name);
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) {
$driver = $phpbb_avatar_manager->get_driver($driver_name);
$result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error);
if ($result && empty($avatar_error)) {
$result['avatar_type'] = $driver_name;
$submit_ary = array_merge($submit_ary, $result);
}
}
// Merge any avatars errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
if (!check_form_key('ucp_groups')) {
$error[] = $user->lang['FORM_INVALID'];
}
// Validate submitted colour value
if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true)))) {
// Replace "error" string with its real, localised form
$error = array_merge($error, $colour_error);
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
// However there are some attributes that need to be set everytime,
// otherwise the group gets removed from the feature.
$set_attributes = array('legend', 'teampage');
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int');
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$cache->destroy('sql', GROUPS_TABLE);
$cache->destroy('sql', TEAMPAGE_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . $return_page);
}
}
if (sizeof($error)) {
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = $request->variable('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
// Load up stuff for avatars
if ($config['allow_avatar']) {
$avatars_enabled = false;
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type']));
foreach ($avatar_drivers as $current_driver) {
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
$template->set_filenames(array('avatar' => $driver->get_template_name()));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) {
$driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
$driver_upper = strtoupper($driver_name);
$template->assign_block_vars('avatar_drivers', array('L_TITLE' => $user->lang($driver_upper . '_TITLE'), 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), 'DRIVER' => $driver_name, 'SELECTED' => $current_driver == $selected_driver, 'OUTPUT' => $template->assign_display('avatar')));
}
}
}
if (isset($phpbb_avatar_manager) && !$update) {
// Merge any avatars errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
$template->assign_vars(array('S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_AVATARS_ENABLED' => $config['allow_avatar'] && $avatars_enabled, 'S_GROUP_MANAGE' => true, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_DESC' => $group_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'S_UCP_ACTION' => $this->u_action . "&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string()));
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang(array('acp/groups', 'acp/common'));
$start = $request->variable('start', 0);
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
$approved = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$template->assign_var('S_PENDING_SET', true);
$pending = true;
} else {
if (!$row['user_pending'] && !$approved) {
$template->assign_block_vars('member', array('S_APPROVED' => true));
$template->assign_var('S_APPROVED_SET', true);
$approved = true;
}
}
$template->assign_block_vars('member', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$base_url = $this->u_action . "&action={$action}&g={$group_id}";
$start = $pagination->validate_start($start, $config['topics_per_page'], $total_members);
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start);
$template->assign_vars(array('S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, 'U_ACTION' => $this->u_action . "&g={$group_id}", 'S_UCP_ACTION' => $this->u_action . "&g={$group_id}", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=ucp&field=usernames')));
break;
case 'approve':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang('acp/groups');
// Approve, demote or promote
group_user_attributes('approve', $group_id, $mark_ary, false, false);
trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true)) {
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
}
$user->add_lang('acp/groups');
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$user->add_lang('acp/common');
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
// redirect to last screen
redirect($this->u_action . '&action=list&g=' . $group_id);
break;
case 'deleteusers':
$user->add_lang(array('acp/groups', 'acp/common'));
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true)) {
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
if ($error) {
trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
}
trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
// redirect to last screen
redirect($this->u_action . '&action=list&g=' . $group_id);
break;
case 'addusers':
$user->add_lang(array('acp/groups', 'acp/common'));
$names = $request->variable('usernames', '', true);
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!$names) {
trigger_error($user->lang['NO_USERS'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$name_ary = array_unique(explode("\n", $names));
$group_name = $group_helper->get_name($group_row['group_name']);
$default = $request->variable('default', 0);
if (confirm_box(true)) {
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) {
trigger_error($user->lang[$error] . $return_page);
}
trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$s_hidden_fields = array('default' => $default, 'usernames' => $names, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action);
confirm_box(false, $user->lang('GROUP_CONFIRM_ADD_USERS', sizeof($name_ary), implode($user->lang['COMMA_SEPARATOR'], $name_ary)), build_hidden_fields($s_hidden_fields));
}
trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
default:
$user->add_lang('acp/common');
$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
AND ug.group_leader = 1
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
while ($value = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('GROUP_NAME' => $group_helper->get_name($value['group_name']), 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 'GROUP_TYPE' => $value['group_type'], 'GROUP_ID' => $value['group_id'], 'GROUP_COLOUR' => $value['group_colour'], 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}"));
}
$db->sql_freeresult($result);
break;
}
break;
}
$this->tpl_name = 'ucp_groups_' . $mode;
}
