$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
} else {
$mode = '';
}
//
// Set username
//
if (isset($HTTP_GET_VARS['username'])) {
$HTTP_POST_VARS['username'] = $HTTP_GET_VARS['username'];
}
//
// Begin program
//
if ($mode == 'edit' || $mode == 'save' && (isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]))) {
attachment_quota_settings('user', $HTTP_POST_VARS['submit'], $mode);
//
// Ok, the profile has been modified and submitted, let's update
//
if ($mode == 'save' && isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) {
$user_id = intval($HTTP_POST_VARS['id']);
if (!($this_userdata = get_userdata($user_id))) {
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}
if ($HTTP_POST_VARS['deleteuser']) {
$sql = "SELECT g.group_id\n FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g\n WHERE ug.user_id = {$user_id}\n AND g.group_id = ug.group_id\n AND g.group_single_user = 1";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "\n SET poster_id = " . DELETED . ", post_username = '******'\n WHERE poster_id = {$user_id}";
require $phpbb_root_path . 'admin/pagestart.' . $phpEx;
// End PNphpBB2 Module
if (isset($_POST[POST_GROUPS_URL]) || isset($_GET[POST_GROUPS_URL])) {
$group_id = isset($_POST[POST_GROUPS_URL]) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]);
} else {
$group_id = 0;
}
if (isset($_POST['mode']) || isset($_GET['mode'])) {
$mode = isset($_POST['mode']) ? $_POST['mode'] : $_GET['mode'];
$mode = htmlspecialchars($mode);
} else {
$mode = '';
}
//-- mod : File Attachment Mod v2 Version 2.4.3 ----------------------------------------------------
if (!intval($attach_config['disable_mod'])) {
attachment_quota_settings('group', $_POST['group_update'], $mode);
}
//-- fin : File Attachment Mod v2 Version 2.4.3 ----------------------------------------------------
if (isset($_POST['edit']) || isset($_POST['new'])) {
//
// Ok they are editing a group or creating a new group
//
$template->set_filenames(array('body' => 'admin/group_edit_body.tpl'));
if (isset($_POST['edit'])) {
//
// They're editing. Grab the vars.
//
$sql = "SELECT *\n\t\t\tFROM " . GROUPS_TABLE . "\n\t\t\tWHERE group_single_user <> " . TRUE . "\n\t\t\tAND group_id = {$group_id}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
<?php
if (!empty($setmodules)) {
$module['GROUPS']['MANAGE'] = basename(__FILE__);
return;
}
require './pagestart.php';
require INC_DIR . 'functions_group.php';
$group_id = isset($_REQUEST[POST_GROUPS_URL]) ? intval($_REQUEST[POST_GROUPS_URL]) : 0;
$mode = isset($_REQUEST['mode']) ? strval($_REQUEST['mode']) : '';
attachment_quota_settings('group', isset($_POST['group_update']), $mode);
if (!empty($_POST['edit']) || !empty($_POST['new'])) {
if (!empty($_POST['edit'])) {
if (!($row = get_group_data($group_id))) {
bb_die($lang['GROUP_NOT_EXIST']);
}
$group_info = array('group_name' => $row['group_name'], 'group_description' => $row['group_description'], 'group_moderator' => $row['group_moderator'], 'group_mod_name' => $row['moderator_name'], 'group_type' => $row['group_type'], 'release_group' => $row['release_group']);
$mode = 'editgroup';
$template->assign_block_vars('group_edit', array());
} else {
if (!empty($_POST['new'])) {
$group_info = array('group_name' => '', 'group_description' => '', 'group_moderator' => '', 'group_mod_name' => '', 'group_type' => GROUP_OPEN, 'release_group' => 0);
$mode = 'newgroup';
}
}
// Ok, now we know everything about them, let's show the page.
$s_hidden_fields = '
<input type="hidden" name="mode" value="' . $mode . '" />
<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />
';
$template->assign_vars(array('TPL_EDIT_GROUP' => true, 'GROUP_NAME' => stripslashes(htmlspecialchars($group_info['group_name'])), 'GROUP_DESCRIPTION' => stripslashes(htmlspecialchars($group_info['group_description'])), 'GROUP_MODERATOR' => replace_quote($group_info['group_mod_name']), 'T_GROUP_EDIT_DELETE' => $mode == 'newgroup' ? $lang['CREATE_NEW_GROUP'] : $lang['EDIT_GROUP'], 'U_SEARCH_USER' => BB_ROOT . "search.php?mode=searchuser", 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 'S_GROUP_OPEN_CHECKED' => $group_info['group_type'] == GROUP_OPEN ? HTML_CHECKED : '', 'S_GROUP_CLOSED_CHECKED' => $group_info['group_type'] == GROUP_CLOSED ? HTML_CHECKED : '', 'S_GROUP_HIDDEN_CHECKED' => $group_info['group_type'] == GROUP_HIDDEN ? HTML_CHECKED : '', 'RELEASE_GROUP' => $group_info['release_group'] ? true : false, 'S_GROUP_ACTION' => "admin_groups.php", 'S_HIDDEN_FIELDS' => $s_hidden_fields));
$phpbb_root_path = './../';
require $phpbb_root_path . 'extension.inc';
require './pagestart.' . $phpEx;
include $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_mass_pm.' . $phpEx;
if (isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL])) {
$group_id = isset($HTTP_POST_VARS[POST_GROUPS_URL]) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
} else {
$group_id = 0;
}
if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) {
$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
} else {
$mode = '';
}
attachment_quota_settings('group', $HTTP_POST_VARS['group_update'], $mode);
if (isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new'])) {
//
// Ok they are editing a group or creating a new group
//
$template->set_filenames(array('body' => 'admin/group_edit_body.tpl'));
if (isset($HTTP_POST_VARS['edit'])) {
//
// They're editing. Grab the vars.
//
$sql = "SELECT *\n\t\t\tFROM " . GROUPS_TABLE . "\n\t\t\tWHERE group_single_user <> " . TRUE . "\n\t\t\tAND group_id = {$group_id}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
}
if (!($group_info = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
$mode = isset($_POST['mode']) ? $_POST['mode'] : $_GET['mode'];
$mode = htmlspecialchars($mode);
} else {
$mode = '';
}
//
// Begin program
//
// Begin PNphpBB2 Module
// When editing user profile 'username' won't be present in the POST because
// PNphpBB2 doesn't allow changing the username from inside the admin CP.
// We must check for 'id' otherwise the changes won't be commited to the DB.
if ($mode == 'edit' || $mode == 'save' && (isset($_POST['username']) || isset($_POST['id']) || isset($_GET[POST_USERS_URL]) || isset($_POST[POST_USERS_URL]))) {
//-- mod : File Attachment Mod v2 Version 2.4.3 ----------------------------------------------------
if (!intval($attach_config['disable_mod'])) {
attachment_quota_settings('user', $_POST['submit'], $mode);
}
//-- fin : File Attachment Mod v2 Version 2.4.3 ----------------------------------------------------
//
// Ok, the profile has been modified and submitted, let's update
//
if ($mode == 'save' && isset($_POST['submit']) || isset($_POST['avatargallery']) || isset($_POST['submitavatar']) || isset($_POST['cancelavatar'])) {
$user_id = intval($_POST['id']);
// Begin PNphpBB2 Module
// if (!($this_userdata = get_userdata($user_id)))
if (!($this_userdata = phpbb_get_userdata($user_id))) {
message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}
if ($_POST['deleteuser'] && $userdata['user_id'] != $user_id) {
$sql = "SELECT g.group_id \n\t\t\t\tFROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g \n\t\t\t\tWHERE ug.user_id = {$user_id} \n\t\t\t\t\tAND g.group_id = ug.group_id \n\t\t\t\t\tAND g.group_single_user = 1";
if (!($result = $db->sql_query($sql))) {
