function flood_uncontrol($group = "")
{
$user_groups = getusergroups();
$access_opts = "";
while (list($key, $user_group) = each($user_groups)) {
$sel = $group == $user_group['0'] ? " selected" : "";
$access_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n";
}
return $access_opts;
}
/**
* Permissions Form
*/
private function display_forum_permissions_form()
{
$data = $this->data;
$data += array('forum_id' => !empty($data['forum_id']) && isnum($data['forum_id']) ? $data['forum_id'] : 0, 'forum_type' => !empty($data['forum_type']) ? $data['forum_type'] : '');
$_access = getusergroups();
$access_opts['0'] = self::$locale['531'];
while (list($key, $option) = each($_access)) {
$access_opts[$option['0']] = $option['1'];
}
$public_access_opts = $access_opts;
unset($access_opts[0]);
// remove public away.
$selection = array(self::$locale['forum_041'], "10 " . self::$locale['forum_points'], "20 " . self::$locale['forum_points'], "30 " . self::$locale['forum_points'], "40 " . self::$locale['forum_points'], "50 " . self::$locale['forum_points'], "60 " . self::$locale['forum_points'], "70 " . self::$locale['forum_points'], "80 " . self::$locale['forum_points'], "90 " . self::$locale['forum_points'], "100 " . self::$locale['forum_points']);
$options = fusion_get_groups();
unset($options[0]);
// no public to moderate, unset
unset($options[-101]);
// no member group to moderate, unset.
add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_030']));
opentable(self::$locale['forum_030']);
echo openform('permissionsForm', 'post', FUSION_REQUEST);
echo "<span class='strong display-inline-block m-b-20'>" . self::$locale['forum_006'] . " : " . $data['forum_name'] . "</span>\n";
openside();
echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_000'] . "</span><br/>\n";
echo form_select('forum_access', self::$locale['forum_031'], $data['forum_access'], array('inline' => TRUE, 'options' => $public_access_opts));
$optionArray = array("inline" => TRUE, "options" => $access_opts);
echo form_select('forum_post', self::$locale['forum_032'], $data['forum_post'], $optionArray);
echo form_select('forum_reply', self::$locale['forum_033'], $data['forum_reply'], $optionArray);
echo form_select('forum_post_ratings', self::$locale['forum_039'], $data['forum_post_ratings'], $optionArray);
closeside();
openside();
echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_001'] . "</span><br/>\n";
echo form_select('forum_poll', self::$locale['forum_036'], $data['forum_poll'], $optionArray);
echo form_select('forum_vote', self::$locale['forum_037'], $data['forum_vote'], $optionArray);
closeside();
openside();
echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_004'] . "</span><br/>\n";
echo form_select('forum_answer_threshold', self::$locale['forum_040'], $data['forum_answer_threshold'], array('options' => $selection, 'inline' => TRUE));
closeside();
openside();
echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_002'] . "</span><br/>\n";
echo form_select('forum_attach', self::$locale['forum_034'], $data['forum_attach'], array('options' => $access_opts, 'inline' => TRUE));
echo form_select('forum_attach_download', self::$locale['forum_035'], $data['forum_attach_download'], array('options' => $public_access_opts, 'inline' => TRUE));
closeside();
openside();
echo form_hidden('forum_id', '', $data['forum_id']);
echo form_select("forum_mods[]", self::$locale['forum_desc_003'], $data['forum_mods'], array("multiple" => TRUE, "width" => "100%", "options" => $options, "delimiter" => ".", "inline" => TRUE));
/*
echo "<span class='text-dark strong display-inline-block m-b-20'>".self::$locale['forum_desc_003']."</span><br/>\n";
$mod_groups = getusergroups();
$mods1_user_id = array();
$mods1_user_name = array();
while (list($key, $mod_group) = each($mod_groups)) {
if ($mod_group['0'] != USER_LEVEL_PUBLIC && $mod_group['0'] != USER_LEVEL_MEMBER && $mod_group['0'] != USER_LEVEL_SUPER_ADMIN) {
if (!preg_match("(^{$mod_group['0']}$|^{$mod_group['0']}\.|\.{$mod_group['0']}\.|\.{$mod_group['0']}$)", $data['forum_mods'])) {
$mods1_user_id[] = $mod_group['0'];
$mods1_user_name[] = $mod_group['1'];
} else {
$mods2_user_id[] = $mod_group['0'];
$mods2_user_name[] = $mod_group['1'];
}
}
}
echo "<div class='row'>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
echo "<select multiple='multiple' size='10' name='modlist1' id='modlist1' class='form-control textbox m-r-10' onchange=\"addUser('modlist2','modlist1');\">\n";
for ($i = 0; $i < count($mods1_user_id); $i++) {
echo "<option value='".$mods1_user_id[$i]."'>".$mods1_user_name[$i]."</option>\n";
}
echo "</select>\n";
echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
echo "<select multiple='multiple' size='10' name='modlist2' id='modlist2' class='form-control textbox' onchange=\"addUser('modlist1','modlist2');\">\n";
if (isset($mods2_user_id) && is_array($mods2_user_id)) {
for ($i = 0; $i < count($mods2_user_id); $i++) {
echo "<option value='".$mods2_user_id[$i]."'>".$mods2_user_name[$i]."</option>\n";
}
}
echo "</select>\n";
//echo form_text('forum_mods', '', $data['forum_mods']);
echo "</div>\n</div>\n";
*/
closeside();
echo form_button('save_permission', self::$locale['forum_042'], self::$locale['forum_042'], array('class' => 'btn-primary'));
/*
add_to_jquery(" $('#save').bind('click', function() { saveMods(); }); ");
echo "<script type='text/javascript'>\n"."function addUser(toGroup,fromGroup) {\n";
echo "var listLength = document.getElementById(toGroup).length;\n";
echo "var selItem = document.getElementById(fromGroup).selectedIndex;\n";
echo "var selText = document.getElementById(fromGroup).options[selItem].text;\n";
echo "var selValue = document.getElementById(fromGroup).options[selItem].value;\n";
echo "var i; var newItem = true;\n";
echo "for (i = 0; i < listLength; i++) {\n";
echo "if (document.getElementById(toGroup).options[i].text == selText) {\n";
echo "newItem = false; break;\n}\n}\n"."if (newItem) {\n";
echo "document.getElementById(toGroup).options[listLength] = new Option(selText, selValue);\n";
echo "document.getElementById(fromGroup).options[selItem] = null;\n}\n}\n";
echo "function saveMods() {\n"."var strValues = \"\";\n";
echo "var boxLength = document.getElementById('modlist2').length;\n";
echo "var count = 0;\n"." if (boxLength != 0) {\n"."for (i = 0; i < boxLength; i++) {\n";
echo "if (count == 0) {\n"."strValues = document.getElementById('modlist2').options[i].value;\n";
echo "} else {\n"."strValues = strValues + \".\" + document.getElementById('modlist2').options[i].value;\n";
echo "}\n"."count++;\n}\n}\n";
echo "if (strValues.length == 0) {\n"."document.forms['inputform'].submit();\n";
echo "} else {\n"."document.forms['inputform'].forum_mods.value = strValues;\n";
echo "document.forms['inputform'].submit();\n}\n}\n</script>\n";
*/
closetable();
}
function create_options($selected, $hide = array(), $off = false)
{
global $locale;
$option_list = "";
$options = getusergroups();
if ($off) {
$option_list = "<option value='0'>" . $locale['531'] . "</option>\n";
}
while (list($key, $option) = each($options)) {
if (!in_array($option['0'], $hide)) {
$sel = $selected == $option['0'] ? " selected='selected'" : "";
$option_list .= "<option value='" . $option['0'] . "'{$sel}>" . $option['1'] . "</option>\n";
}
}
return $option_list;
}
protected function displayRanksForm()
{
global $aidlink;
if (isset($_POST['cancel_rank'])) {
redirect(clean_request("", array("rank_id", "ref"), FALSE));
}
add_to_footer("<script src='" . FORUM . "admin/admin_rank.js'></script>");
$this->data['rank_language'] = LANGUAGE;
$array_apply_normal_opts = array(USER_LEVEL_MEMBER => self::$locale['424'], '104' => self::$locale['425'], USER_LEVEL_ADMIN => self::$locale['426'], USER_LEVEL_SUPER_ADMIN => self::$locale['427']);
// Special Select
$groups_arr = getusergroups();
$groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN);
$group_opts = array();
foreach ($groups_arr as $group) {
if (!in_array($group[0], $groups_except)) {
$group_opts[$group[0]] = $group[1];
}
}
$language_opts = fusion_get_enabled_languages();
$this->post_forum_ranks();
$form_action = FUSION_SELF . $aidlink . '§ion=fr';
if (isset($_GET['rank_id']) && isnum($_GET['rank_id'])) {
$result = dbquery("SELECT * FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . intval($_GET['rank_id']) . "'");
if (dbrows($result) > 0) {
$this->data = dbarray($result);
$form_action = FUSION_SELF . $aidlink . "§ion=fr&rank_id=" . $_GET['rank_id'];
} else {
redirect(clean_request("", array("rank_id", "ref"), FALSE));
}
}
$html = openform('rank_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('rank_title', self::$locale['420'], $this->data['rank_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_select('rank_image', self::$locale['421'], $this->data['rank_image'], array('options' => $this->get_rank_images(), 'placeholder' => self::$locale['choose'], "inline" => TRUE));
if (multilang_table("FR")) {
$html .= form_select('rank_language', self::$locale['global_ML100'], $this->data['rank_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE));
} else {
$html .= form_hidden('rank_language', '', $this->data['rank_language']);
}
$html .= form_checkbox('rank_type', self::$locale['429'], $this->data['rank_type'], array("options" => array(2 => self::$locale['429a'], 1 => self::$locale['429b'], 0 => self::$locale['429c']), "type" => "radio", "inline" => TRUE)) . form_text('rank_posts', self::$locale['422'], $this->data['rank_posts'], array('inline' => TRUE, 'type' => 'number', 'width' => '10%', 'disabled' => $this->data['rank_type'] != 0)) . "<span id='select_normal' " . ($this->data['rank_type'] == 2 ? "class='display-none'" : "") . " >" . form_select('rank_apply_normal', self::$locale['423'], $this->data['rank_apply'], array('options' => $array_apply_normal_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n<span id='select_special'" . ($this->data['rank_type'] != 2 ? " class='display-none'" : "") . ">" . form_select('rank_apply_special', self::$locale['423'], $this->data['rank_apply'], array('options' => $group_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n" . form_button('save_rank', self::$locale['428'], self::$locale['428'], array('class' => 'btn-primary m-r-10')) . form_button('cancel_rank', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform();
return $html;
/* echo "<td class='tbl'><strong>".self::$locale['429']."</strong></td>\n";
echo "<td class='tbl'>\n";
echo "<label><input type='radio' name='rank_type' value='2'".($rank_type == 2 ? " checked='checked'" : "")." /> ".self::$locale['429a']."</label>\n";
echo "<label><input type='radio' name='rank_type' value='1'".($rank_type == 1 ? " checked='checked'" : "")." /> ".self::$locale['429b']."</label>\n";
echo "<label><input type='radio' name='rank_type' value='0'".($rank_type == 0 ? " checked='checked'" : "")." /> ".self::$locale['429c']."</label>\n";
echo "</td>\n";
echo "</tr>\n<tr>\n";
*/
}
echo "<label><input type='radio' name='rank_type' value='2'" . ($rank_type == 2 ? " checked='checked'" : "") . " /> " . $locale['429a'] . "</label>\n";
echo "<label><input type='radio' name='rank_type' value='1'" . ($rank_type == 1 ? " checked='checked'" : "") . " /> " . $locale['429b'] . "</label>\n";
echo "<label><input type='radio' name='rank_type' value='0'" . ($rank_type == 0 ? " checked='checked'" : "") . " /> " . $locale['429c'] . "</label>\n";
echo "</td>\n";
echo "</tr>\n<tr>\n";
echo "<td class='tbl'><label for='rank_posts'>" . $locale['422'] . "</label></td>\n";
echo "<td class='tbl'>\n";
echo form_text('rank_posts', '', $rank_posts, array('disabled' => $rank_type != 0));
echo "</tr>\n<tr>\n";
echo "<td class='tbl'><label for='rank_apply_normal'>" . $locale['423'] . "</label></td>\n<td class='tbl'>\n";
$array = array(USER_LEVEL_MEMBER => $locale['424'], '104' => $locale['425'], USER_LEVEL_ADMIN => $locale['426'], USER_LEVEL_SUPER_ADMIN => $locale['427']);
echo "<span id='select_normal' " . ($rank_type == 2 ? "class='display-none'" : "") . " >";
echo form_select('rank_apply_normal', '', $rank_apply, array('options' => $array, 'placeholder' => $locale['choose']));
echo "</span>\n";
// Special Select
$groups_arr = getusergroups();
$groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN);
$group_opts = array();
foreach ($groups_arr as $group) {
if (!in_array($group[0], $groups_except)) {
$group_opts[$group[0]] = $group[1];
}
}
echo "<span id='select_special'" . ($rank_type != 2 ? " class='display-none'" : "") . ">";
echo form_select('rank_apply_special', '', $rank_apply, array('options' => $group_opts, 'placeholder' => $locale['choose']));
echo "</span>\n";
echo "</td>\n</tr>\n<tr>\n";
echo "<td align='center' colspan='2' class='tbl'>\n";
echo form_button('save_rank', $locale['428'], $locale['428'], array('class' => 'btn-primary'));
echo "</td>\n</tr>\n</table>\n</form>\n";
closetable();
$link_seo_url = "";
// Pimped
$link_visibility = "";
$link_order = "";
$link_language = "";
// Pimped
$pos1_check = " checked='checked'";
$pos2_check = "";
$pos3_check = "";
$window_check = "";
$formaction = FUSION_SELF . $aidlink;
opentable($locale['400']);
}
$visibility_opts = "";
$sel = "";
$user_groups = getusergroups(1, 1, 1, 1, 1, 1);
// Pimped
while (list($key, $user_group) = each($user_groups)) {
$sel = $link_visibility == $user_group['0'] ? " selected='selected'" : "";
$visibility_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n";
}
require_once INCLUDES . "bbcode_include.php";
echo "<form name='layoutform' method='post' action='" . $formaction . "'>\n";
echo "<table cellpadding='0' cellspacing='0' class='center'>\n<tr>\n";
echo "<td class='tbl'>" . $locale['420'] . "</td>\n";
echo "<td class='tbl'><input type='text' name='link_name' value='" . $link_name . "' maxlength='100' class='textbox' style='width:240px;' /><br />\n";
echo "</td>\n</tr>\n<tr>\n";
echo "<td class='tbl'></td>\n<td class='tbl'>";
echo display_bbcodes("240px;", "link_name", "layoutform", "b|i|u|color") . "\n";
echo "</td>\n</tr>\n<tr>\n";
echo "<td class='tbl'>" . $locale['421'] . "</td>\n";
/**
* Return user groups array
* @return array
*/
static function get_accessOpts()
{
$ref = array();
$user_groups = getusergroups();
while (list($key, $user_group) = each($user_groups)) {
$ref[$user_group[0]] = $user_group[1];
}
return $ref;
}
$_SESSION[obj]->addEditor($_REQUEST[edname]);
}
}
if ($isOwner && $_REQUEST[edaction] == 'del') {
$_SESSION[obj]->delEditor($_REQUEST[edname]);
}
/******************************************************************************
* switch between forms 1 and 2
******************************************************************************/
$step = $_REQUEST['step'];
if (!$isOwner && $isEditor) {
if (!count($_SESSION[editors])) {
if (in_array($_SESSION[auser], $_SESSION[obj]->getEditors())) {
$_SESSION[editors][] = $_SESSION[auser];
}
$groupsAndClasses = array_unique(array_merge($_SESSION[obj]->returnEditorOverlap(getuserclasses($_SESSION[auser], "all")), getusergroups($_SESSION[auser])));
foreach ($groupsAndClasses as $groupOrClass) {
if (in_array($groupOrClass, $_SESSION[obj]->getEditors())) {
$_SESSION[editors][] = $groupOrClass;
}
}
// done... now send them to step 2
$step = 2;
}
}
if ($isOwner && $_REQUEST[editpermissions]) {
if (!count($_REQUEST[editors])) {
error("You must choose some editors.");
} else {
$_SESSION[editors] = $_REQUEST[editors];
$step = 2;
}
return sprintf("%04d-%02d-%02d", intval($data[$fname]['year']), intval($data[$fname]['month']), intval($data[$fname]['mday']));
}
/*
function ec_get_timestamp($fname) {
return mktime($_POST[$fname."_hours"], $_POST[$fname."_mins"], 0,
$_POST[$fname."_month"], $_POST[$fname."_mday"],
$_POST[$fname."_year"]);
}
*/
/****************************************************************************
* GUI
*/
$sel_access = '';
$sel_login_access = '';
$fusion_groups = getusergroups();
foreach ($fusion_groups as $group) {
list($gid, $gname) = $group;
if (!checkgroup($gid)) {
continue;
}
$sel_access .= '
<option value="' . $gid . '"' . ($gid == $event['ev_access'] ? ' selected="selected"' : '') . '>' . $gname . '</option>';
if (!$gid) {
continue;
}
$sel_login_access .= '
<option value="' . $gid . '"' . ($gid == $event['ev_login_access'] ? ' selected="selected"' : '') . '>' . $gname . '</option>';
}
$sel_repeat = '';
foreach ($locale['EC125'] as $rep => $text) {
echo "<td width='1%' class='tbl' style='white-space:nowrap'><label for='forum_merge'>" . $locale['541'] . "</label></td>\n<td class='tbl'>\n";
$array = array('1' => $locale['542'], '0' => $locale['543']);
echo form_select('', 'forum_merge', 'forum_merge', $array, $forum_merge, array('placeholder' => $locale['choose']));
echo "</td>\n</tr>\n";
if (!isset($_GET['action']) || $_GET['action'] != "edit") {
echo "<tr>\n<td align='center' colspan='2' class='tbl'>\n";
echo form_button($locale['532'], 'save_forum', 'save_forum', $locale['532'], array('class' => 'btn-primary'));
echo "</td>\n";
echo "</tr>\n</table>\n";
}
}
if (!isset($_GET['action'])) {
echo "\n</form>";
}
if (isset($_GET['action']) && $_GET['action'] == "edit") {
$mod_groups = getusergroups();
$mods1_user_id = array();
$mods1_user_name = array();
while (list($key, $mod_group) = each($mod_groups)) {
if ($mod_group['0'] != "0" && $mod_group['0'] != "101" && $mod_group['0'] != "103") {
if (!preg_match("(^{$mod_group['0']}\$|^{$mod_group['0']}\\.|\\.{$mod_group['0']}\\.|\\.{$mod_group['0']}\$)", $data['forum_moderators'])) {
$mods1_user_id[] = $mod_group['0'];
$mods1_user_name[] = $mod_group['1'];
} else {
$mods2_user_id[] = $mod_group['0'];
$mods2_user_name[] = $mod_group['1'];
}
}
}
echo "<tr>\n<td class='tbl2' colspan='2'><strong>" . $locale['533'] . "</strong></td>\n";
echo "</tr>\n<tr>\n";
/**
* Get All Groups Arrays
* @return array
*/
function fusion_get_groups()
{
$visibility_opts = array();
foreach (getusergroups() as $groups) {
$visibility_opts[$groups[0]] = $groups[1];
}
return $visibility_opts;
}
protected function displayTagForm()
{
global $aidlink;
if (isset($_POST['cancel_tag'])) {
redirect(clean_request("", array("tag_id", "ref"), FALSE));
}
$this->data['rank_language'] = LANGUAGE;
// Special Select
$groups_arr = getusergroups();
$groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN);
$group_opts = array();
foreach ($groups_arr as $group) {
if (!in_array($group[0], $groups_except)) {
$group_opts[$group[0]] = $group[1];
}
}
$language_opts = fusion_get_enabled_languages();
$this->post_tags();
$form_action = FUSION_SELF . $aidlink . '&section=ft&ref=tag_form';
if (isset($_GET['tag_id']) && isnum($_GET['tag_id'])) {
$result = dbquery("SELECT * FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . intval($_GET['tag_id']) . "'");
if (dbrows($result) > 0) {
$this->data = dbarray($result);
$form_action = FUSION_SELF . $aidlink . "&section=ft&ref=tag_form&tag_id=" . $_GET['tag_id'];
} else {
redirect(clean_request("", array("rank_id", "ref"), FALSE));
}
}
$button_locale = $this->data['tag_id'] ? self::$locale['forum_tag_0208'] : self::$locale['forum_tag_0207'];
$html = openform('tag_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('tag_title', self::$locale['forum_tag_0200'], $this->data['tag_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_textarea('tag_description', self::$locale['forum_tag_0201'], $this->data['tag_description'], array('inline' => TRUE, 'type' => 'bbcode', 'autosize' => TRUE, 'preview' => TRUE)) . form_colorpicker('tag_color', self::$locale['forum_tag_0202'], $this->data['tag_color'], array('inline' => TRUE, 'required' => TRUE));
if (multilang_table("FR")) {
$html .= form_select('tag_language', self::$locale['forum_tag_0203'], $this->data['tag_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE));
} else {
$html .= form_hidden('tag_language', '', $this->data['tag_language']);
}
$html .= form_checkbox('tag_status', self::$locale['forum_tag_0204'], $this->data['tag_status'], array("options" => array(1 => self::$locale['forum_tag_0205'], 0 => self::$locale['forum_tag_0206']), "type" => "radio", "inline" => TRUE)) . form_button('save_tag', $button_locale, $button_locale, array('class' => 'btn-primary m-r-10')) . form_button('cancel_tag', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform();
return $html;
}
/**
* Checks to see if the user has the specified permissions.
*
* @param string $perms The permissions to check.
* $perms paramater can be a complex string consisting
* of ()'s, 'and', 'or', and permission types:
* 'add','edit','delete','view','discuss'
* @param optional string $user The user to check.
* @param option boolean $useronly If true, the user's permissions will be
* checked explicitly and the user will not be included in any
* groups.
* @return boolean True if the user has the permissions asked for.
* @access public
* @date 8/31/04
*/
function hasPermission($perms, $user = "", $useronly = FALSE)
{
//****************************************
// ----- Setup -----
//****************************************
global $allclasses, $_loggedin, $cfg;
// Build the permissions array to check against.
$this->buildPermissionsArray();
// Get our current user if we weren't passed one to check:
if ($user == "") {
$user = $_SESSION[auser];
}
// If we haven't built the classes array and we need it,
// build the classes array.
if (!is_array($allclasses[$_SESSION['auser']]) && !$useronly) {
$allclasses[$_SESSION['auser']] = getuserclasses($user, "all");
}
//****************************************
// ----- Return Cached Permissions ------
// If we have checked this permission string before and cached it,
// just return the cached result.
//
// There are separate entries for useronly and those with groups as well.
// This is to prevent the caching of perms for a user with groups, then
// getting that cached result when asking only for user permissions.
//****************************************
if ($useronly && isset($this->cachedPermissions["onlyuser" . $user . $perms])) {
return $this->cachedPermissions["onlyuser" . $user . $perms];
}
if (!$useronly && isset($this->cachedPermissions[$user . $perms])) {
return $this->cachedPermissions[$user . $perms];
}
//****************************************
// ----- New checking of Permissions -----
// Below is where we will check to see if the user has the permissions
// asked for.
//****************************************
// Make sure that we are fetched.
$this->fetchUp();
// The site owner will always have permission, so return
// TRUE if the user is the owner.
$owner = $this->owningSiteObj->owner;
if (strtolower($user) == strtolower($owner)) {
return TRUE;
}
// ------ Verify the permissions String ------
// Verify that the permissions string is well formed. And return
// FALSE if it is not.
$validGrants = array('add', 'edit', 'delete', 'view', 'discuss');
$validOperators = array('and', 'or', '&&', '||');
$permissionParts = explode(' ', ereg_replace("([()]){1}", "", $perms));
$i = 0;
$stringValid = 1;
foreach ($permissionParts as $permissionPart) {
if (!strlen($permissionPart)) {
continue;
}
// Begining with our first part, every other permission part
// should be a grant.
if (!($i % 2) && !in_array($permissionPart, $validGrants)) {
$stringValid = FALSE;
}
// Beginning with our second part, every other permissions
// part should be an operator
if (!(($i + 1) % 2) && !in_array($permissionPart, $validOperators)) {
$stringValid = FALSE;
}
// If we don't have a valid permissions string, return FALSE.
if (!$stringValid) {
print "ERROR! loop: {$i}: Malformed permissions string: {$perms}<br /><br />";
return FALSE;
}
$i++;
}
// convert word operators to symbol operators
$perms = str_replace('and', '&&', $perms);
$perms = str_replace('or', '||', $perms);
// ---- pull from the database/cache ---
// Get the permissions from the database
$permissions = $this->getPermissions();
// Make sure that we have a lowercase version of each entity
foreach ($permissions as $entity => $permission) {
$permissions[strtolower($entity)] = $permission;
}
// --- Build a list of all entities to check for the permissions ---
$entitiesToCheck = array();
// Add the user to the array if we have a user.
if (strlen($user)) {
$entitiesToCheck[] = strtolower($user);
}
// Determine what additional entities to check.
if (!$useronly) {
// ----- everyone ------
// Everyone, even not-logged-in users are a part of everyone.
$entitiesToCheck[] = "everyone";
// ----- institute ------
// If we are logged-in, but not of type 'visitor', the user
// is a member of institute.
// Also, if we are previewing the permissions of another user,
// and that other user is 'everyone', we don't want to include
// institute checks.
if ($_loggedin && $_SESSION['atype'] != 'visitor' && $_SESSION['auser'] != 'everyone') {
$entitiesToCheck[] = "institute";
}
// If the user has a valid campus ip-address, then they are a
// member of 'institute'.
$ipIsInInstitute = FALSE;
$ip = $_SERVER[REMOTE_ADDR];
// check if our IP is in inst_ips
if (is_array($cfg[inst_ips])) {
foreach ($cfg[inst_ips] as $i) {
if (ereg("^{$i}", $ip)) {
$ipIsInInstitute = TRUE;
}
}
}
// One other case to check is if we are trying to preview a site as it would
// be seen by another user. In this case, we don't want to check the IPs
// as that would give a false indication of what they could see.
if ($ipIsInInstitute && !$_SESSION['__no_inst_ips']) {
$entitiesToCheck[] = "institute";
}
// ----- classes ------
$classesUserIsIn = $this->returnEditorOverlap($allclasses[$_SESSION['auser']]);
$entitiesToCheck = array_merge($classesUserIsIn, $entitiesToCheck, getusergroups($_SESSION['auser']));
}
$entitiesToCheck = array_unique($entitiesToCheck);
// ------ Evaluation Strings--------
// Create an array of permission checking strings to be evaluated, one per entity.
$evalStrings = array();
foreach ($entitiesToCheck as $entity) {
$evalString = $perms;
foreach ($validGrants as $grant) {
$replacement = ' $permissions[\'' . addslashes($entity) . '\'][permissions::' . strtoupper($grant) . '()] ';
// check for just the grant in a string
$evalString = preg_replace('/^' . $grant . '$/', $replacement, $evalString);
// check for the grant at the begining of a string
$evalString = preg_replace('/^' . $grant . '\\s/', $replacement, $evalString);
// check for the grant in the middle of the string
$evalString = preg_replace('/\\s' . $grant . '\\s/', $replacement, $evalString);
// check for the grant at the end of the string
$evalString = preg_replace('/\\s' . $grant . '$/', $replacement, $evalString);
}
$evalStrings[] = "(" . $evalString . ")";
}
// Debugging line
// print "\n<br />Checking hasPermission '$perms' for '$user' ".get_class($this)." ".$this->name." / ".$this->id." - ".$this->getField("title");
// print "\n<br />Permissions = ".printpre($permissions,TRUE);
// print "\n<br />entitiesToCheck = ".printpre($entitiesToCheck,TRUE);
// ------- Check the permissions ----------
$hasPermission = FALSE;
// 'OR' the permissions of each entity together so that if one is valid,
// the user has permission.
$condition = '$hasPermission = (' . implode(" || ", $evalStrings) . ')?TRUE:FALSE;';
// printOb0("\n<hr/>");
// printOb0(printpre($condition, true));
eval($condition);
// printOb0("<br/><br/>HasPermission=".var_dumpPre($hasPermission, true));
// Cache the permissions
if ($useronly) {
$this->cachedPermissions["onlyuser" . $user . $perms] = $hasPermission;
} else {
$this->cachedPermissions[$user . $perms] = $hasPermission;
}
// ------- return our result -----------
return $hasPermission;
}
echo "<td class='tbl'>" . $locale['421'] . "</td>\n";
echo "<td class='tbl'><select name='rank_image' class='textbox' style='width:150px;'>\n";
$image_files = makefilelist(IMAGES . "ranks", ".|..|index.php", true);
echo makefileopts($image_files, $rank_image) . "</select></td>\n";
echo "</tr>\n<tr>\n";
echo "<td class='tbl'>" . $locale['422'] . "</td>\n";
echo "<td class='tbl'><input type='text' name='rank_posts' value='" . $rank_posts . "' class='textbox' style='width:150px;' /></td>\n";
echo "</tr>\n<tr>\n";
echo "<td class='tbl'>" . $locale['423'] . "</td>\n";
echo "<td class='tbl'><select name='rank_apply' class='textbox' style='width:150px;'>\n";
// Pimped: Special Group Ranks
##
$opts = "";
$sel = "";
#$user_groups = getusergroups(0,1,1,1,1,0,1,array('104', $locale['425'])); #what to do with the mods/global mods
$user_groups = getusergroups(0, 1, 1, 1, 1, 0, 1);
while (list($key, $user_group) = each($user_groups)) {
if ($rank_group != "0") {
$sel = $rank_group == $user_group['0'] ? " selected='selected'" : "";
} else {
$sel = $rank_apply == $user_group['0'] ? " selected='selected'" : "";
}
$opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n";
}
echo $opts;
#echo "<option value='101'".($rank_apply == 101 ? " selected='selected'" : "").">".$locale['424']."</option>\n";
#echo "<option value='104'".($rank_apply == 104 ? " selected='selected'" : "").">".$locale['425']."</option>\n";
#echo "<option value='102'".($rank_apply == 102 ? " selected='selected'" : "").">".$locale['426']."</option>\n";
#echo "<option value='103'".($rank_apply == 103 ? " selected='selected'" : "").">".$locale['427']."</option>\n";
##
echo "</select></td>\n</tr>\n<tr>\n";
} else {
if ($fb4['no_avatar']) {
echo "<img src='" . IMAGES . "noav.gif' alt='" . $locale['567'] . "' /><br />\n";
}
}
echo "<a href='" . BASEDIR . "profile.php?lookup=" . $data['user_id'] . "' style='font-size:12px;'>" . showLabel($data['user_id'], false, "post") . "</a><br />";
if ($fb4['user_titles_posts'] && $fb4['user_titles']) {
$titleLookup = dbquery("select * from " . $db_prefix . "fb_titles where title_id='" . $data['user_title'] . "' and (" . useraccess("title_access") . ")");
if (dbrows($titleLookup)) {
$titleData = dbarray($titleLookup);
$title = stripslash($titleData['title_title']);
} else {
$title = stripslash($data['user_title']);
}
} else {
$title = getusergroups($data['user_id']);
}
echo "<span class='small'>" . $title . "</span><br />";
renderMods(true, false);
echo "<br /><br />";
renderAwards($data['user_id'], "", "<br /><br />");
echo "<!--forum_thread_user_info-->" . $locale['502'] . " <span class='alt'>" . $data['user_posts'] . "</span><br />\n";
echo "" . $locale['504'] . " <span class='alt'>" . showdate("%d.%m.%y", $data['user_joined']) . "</span>\n";
if ($data['user_location']) {
echo "<br />" . $locale['fb500'] . ": <span class='alt'>" . stripslash($data['user_location']) . "</span>\n";
}
if ($data['user_birthdate'] !== "0000-00-00") {
$birthday = explode("-", $data['user_birthdate']);
$age = strftime("%Y") - $birthday[0];
if (strftime("%m") < $birthday[1]) {
$age--;
} elseif (dbcount("(*)", DB_ADDON_CATS, "addon_cat_name='{$addon_cat_name}' AND addon_cat_type='{$addon_cat_type}'") != 0) {
redirect(FUSION_SELF . $aidlink . "&error=2");
} else {
$addon_cat_order = dbresult(dbquery("SELECT MAX(addon_cat_order) FROM " . DB_ADDON_CATS . " WHERE addon_cat_type='{$addon_cat_type}'"), 0) + 1;
$result = dbquery("INSERT INTO " . DB_ADDON_CATS . " \r\n\t\t\tVALUES('','" . $addon_cat_type . "', '" . $addon_cat_name . "','" . $addon_cat_description . "','" . $addon_cat_access . "','" . $addon_cat_order . "')");
redirect(FUSION_SELF . $aidlink . "&insert=ok");
}
} else {
$addon_cat_type = "";
$addon_cat_name = "";
$addon_cat_description = "";
$addon_cat_access = "";
opentable($locale['addondb436']);
$cat_formaction = FUSION_SELF . $aidlink;
}
$user_groups = getusergroups();
$access_opts = "";
$sel = "";
while (list($key, $user_group) = each($user_groups)) {
$sel = $addon_cat_access == $user_group['0'] ? " selected='selected'" : "";
$access_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n";
}
$addon_type_list = "";
$tsel = "";
foreach ($addon_types as $k => $addon_type) {
$tsel = $addon_cat_type == $k ? " selected='selected'" : "";
$addon_type_list .= "<option value='" . $k . "'{$tsel}>" . $addon_type . "</option>\n";
}
echo "<form name='add_cat' method='post' action='{$cat_formaction}'>\r\n\t<table align='center' cellpadding='0' cellspacing='0' class='tbl-border'>" . (isset($error) ? "<tr><td class='tbl1 error' align='center' colspan='3'>" . $error . "</td></tr>" : "") . "\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>" . $locale['addondb402'] . "<strong><span style='color:red'>*</span></strong>:</td>\r\n\t\t\t<td class='tbl1'><input type='text' class='textbox' name='addon_cat_name' value='" . $addon_cat_name . "' style='width:250px;'></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap valign='top'>" . $locale['addondb404'] . ":</td>\r\n\t\t\t<td class='tbl1'><textarea class='textbox' name='addon_cat_description' style='width:250px; height:40px;'>" . $addon_cat_description . "</textarea></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>Type</td>\r\n\t\t\t<td class='tbl1'><select class='textbox' name='addon_cat_type' style='width:250px;'>" . $addon_type_list . "</select></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>" . $locale['addondb405'] . ":</td>\r\n\t\t\t<td class='tbl1'><select class='textbox' name='addon_cat_access' style='width:250px;'>" . $access_opts . "</select></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td class='tbl1' nowrap colspan='2' align='center'>" . $locale['addondb437'] . "</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap colspan='2' align='center'><input type='submit' class='button' name='btn_save' value='" . $locale['addondb438'] . "' />" . (isset($_GET['action']) && $_GET['action'] == "edit" || isset($error) ? " <input type='submit' class='button' name='btn_cancel' value='" . $locale['addondb428'] . "' />" : "") . "</td>\r\n\t\t</tr>\r\n\t</table>\r\n</form>";
closetable();
opentable($locale['addondb401']);
/**
* Get Group Array
* @return array
*/
public static function get_LinkVisibility()
{
static $visibility_opts = array();
$user_groups = getusergroups();
while (list($key, $user_group) = each($user_groups)) {
$visibility_opts[$user_group['0']] = $user_group['1'];
}
return (array) $visibility_opts;
}
