Ejemplo n.º 1
0
/**
 * Check a user against multiple gang ranks.
 * This function calls gang_auth() once for each rank checked.
 * It returns true if any of the ranks validated. In other words,
 * this performs a logical OR comparison.
 *
 * @param int $userid
 * @param array $ranks
 * @return bool
 */
function gang_auth_all($userid, $ranks)
{
    global $gvars;
    if (!is_array($ranks)) {
        $ranks = array($ranks);
    }
    foreach ($ranks as $rank) {
        if (gang_auth($userid, $rank)) {
            return true;
        }
    }
    return false;
}
Ejemplo n.º 2
0
function sgang_alter_staff()
{
    global $gvars;
    if (!gang_auth_all($gvars->userid, array('pres', 'vice'))) {
        echo "<h3>You are not authorized to access this portion of the staff panel.</h3>";
        gang_go_back('yourgang.php?action=sgang_home');
        return;
    }
    if (!isset($_REQUEST['them_id']) or intval($_REQUEST['them_id']) < 1) {
        echo "<h3>Please submit a valid request.</h3>";
        gang_go_back('yourgang.php?action=sgang_leadership');
        return;
    }
    $them_id = intval($_REQUEST['them_id']);
    $q_get = sprintf('select username from users where userid = %d and gang = %d', $them_id, $gvars->ir['gang']);
    $q_get = mysql_query($q_get);
    if (!$q_get or mysql_num_rows($q_get) < 1) {
        echo "<h3>Please submit a valid request.</h3>";
        gang_go_back('yourgang.php?action=sgang_leadership');
        return;
    }
    list($them_name) = mysql_fetch_array($q_get);
    if (!isset($_REQUEST['rank']) or strlen($_REQUEST['rank']) < 1) {
        echo "<h3>Please submit a valid request.</h3>";
        gang_go_back('yourgang.php?action=sgang_leadership');
        return;
    }
    $rank = $_REQUEST['rank'];
    $us_p = gang_get_profile_link($gvars->userid, $gvars->ir['username']);
    $them_p = gang_get_profile_link($them_id, $them_name);
    $completed = false;
    switch ($rank) {
        case 'pres':
            if (gang_auth($gvars->userid, 'pres')) {
                $q_set = sprintf('update gangs set gangPRESIDENT = %d where gangID = %d', $them_id, $gvars->ir['gang']);
                mysql_query($q_set);
                if (mysql_affected_rows() > 0) {
                    $q_set = sprintf('update gangs set gangVICEPRES = 0 where gangVICEPRES = %d and gangID = %d', $them_id, $gvars->ir['gang']);
                    mysql_query($q_set);
                    gang_new_event($gvars->ir['gang'], sprintf('%s promoted %s to the position of %s', $us_p, $them_p, $gvars->pres), 'escape');
                    event_add($them_id, sprintf('%s promoted you to the position of %s of %s', $us_p, $gvars->pres, $gvars->data['gangNAME']), $gvars->c);
                    $result = "<p class=\"center\">{$them_p} has been promoted to {$gvars->pres}.</p>";
                    $completed = true;
                }
            }
            break;
        case 'vice':
            if (gang_auth($gvars->userid, 'pres') and $gvars->userid != $them_id) {
                $q_set = sprintf('update gangs set gangVICEPRES = %d where gangID = %d', $them_id, $gvars->ir['gang']);
                mysql_query($q_set);
                if (mysql_error()) {
                    echo mysql_error();
                }
                if (mysql_affected_rows() > 0) {
                    gang_new_event($gvars->ir['gang'], sprintf('%s promoted %s to the position of %s', $us_p, $them_p, $gvars->vice_pres), 'escape');
                    if ($gvars->userid != $gvars->data['gangVICEPRES'] and $gvars->data['gangVICEPRES'] > 0) {
                        event_add($them_id, sprintf('%s demoted you from the position of %s of %s', $us_p, $gvars->vice_pres, $gvars->data['gangNAME']), $gvars->c);
                    }
                    event_add($them_id, sprintf('%s promoted you to the position of %s of %s', $us_p, $gvars->vice_pres, $gvars->data['gangNAME']), $gvars->c);
                    $result = "<p class=\"center\">{$them_p} has been promoted to {$gvars->vice_pres}.</p>";
                    $completed = true;
                }
            }
            break;
        case 'remove':
            if (gang_auth($gvars->userid, 'pres')) {
                $q_set = sprintf('update gangs set gangVICEPRES = 0 where gangVICEPRES = %d and gangID = %d', $them_id, $gvars->ir['gang']);
                mysql_query($q_set);
                if (mysql_affected_rows() > 0) {
                    gang_new_event($gvars->ir['gang'], sprintf('%s demoted %s from the position of %s', $us_p, $them_p, $gvars->vice_pres), 'escape');
                    if ($them_id != $gvars->userid) {
                        event_add($them_id, sprintf('%s demoted you from the position of %s of %s', $us_p, $gvars->vice_pres, $gvars->data['gangNAME']), $gvars->c);
                    }
                    $result = "<p class=\"center\">{$them_p} has been demoted from {$gvars->vice_pres}.</p>";
                    $completed = true;
                }
            }
            break;
    }
    if (!$completed) {
        echo "<h3>The request could not be completed.</h3><p>If you are the {$gvars->pres}, you may not demote yourself, you may only promote someone else\n\t\tto the position of {$gvars->pres}. If you are the {$gvars->vice_pres}, you can only remove yourself from your position.</p>";
    } else {
        echo "<h3>Complete</h3>{$result}";
    }
    gang_go_back('yourgang.php?action=sgang_leadership');
    return;
}