Ejemplo n.º 1
0
/**
 * Uses membergroupsById to return the group information of a single group
 *
 * @package Membergroups
 * @param int $group_id
 * @param bool $detailed
 * @param bool $assignable
 */
function membergroupById($group_id, $detailed = false, $assignable = false)
{
    $groups = membergroupsById(array($group_id), 1, $detailed, $assignable);
    if (isset($groups[$group_id])) {
        return $groups[$group_id];
    } else {
        return false;
    }
}
Ejemplo n.º 2
0
    /**
     * This function actually makes all the group changes
     *
     * @return string
     */
    public function action_groupMembership2()
    {
        global $context, $user_profile, $modSettings, $scripturl, $language;
        $db = database();
        $memID = currentMemberID();
        // Let's be extra cautious...
        if (!$context['user']['is_owner'] || empty($modSettings['show_group_membership'])) {
            isAllowedTo('manage_membergroups');
        }
        if (!isset($_REQUEST['gid']) && !isset($_POST['primary'])) {
            fatal_lang_error('no_access', false);
        }
        checkSession(isset($_GET['gid']) ? 'get' : 'post');
        require_once SUBSDIR . '/Membergroups.subs.php';
        $old_profile =& $user_profile[$memID];
        $context['can_manage_membergroups'] = allowedTo('manage_membergroups');
        $context['can_manage_protected'] = allowedTo('admin_forum');
        // By default the new primary is the old one.
        $newPrimary = $old_profile['id_group'];
        $addGroups = array_flip(explode(',', $old_profile['additional_groups']));
        $canChangePrimary = $old_profile['id_group'] == 0 ? 1 : 0;
        $changeType = isset($_POST['primary']) ? 'primary' : (isset($_POST['req']) ? 'request' : 'free');
        // One way or another, we have a target group in mind...
        $group_id = isset($_REQUEST['gid']) ? (int) $_REQUEST['gid'] : (int) $_POST['primary'];
        $foundTarget = $changeType == 'primary' && $group_id == 0 ? true : false;
        // Sanity check!!
        if ($group_id == 1) {
            isAllowedTo('admin_forum');
        }
        // What ever we are doing, we need to determine if changing primary is possible!
        $groups_details = membergroupsById(array($group_id, $old_profile['id_group']), 0, true);
        // Protected groups require proper permissions!
        if ($group_id != 1 && $groups_details[$group_id]['group_type'] == 1) {
            isAllowedTo('admin_forum');
        }
        foreach ($groups_details as $key => $row) {
            // Is this the new group?
            if ($row['id_group'] == $group_id) {
                $foundTarget = true;
                $group_name = $row['group_name'];
                // Does the group type match what we're doing - are we trying to request a non-requestable group?
                if ($changeType == 'request' && $row['group_type'] != 2) {
                    fatal_lang_error('no_access', false);
                } elseif ($changeType == 'free' && $row['group_type'] == 2 && $old_profile['id_group'] != $row['id_group'] && !isset($addGroups[$row['id_group']])) {
                    fatal_lang_error('no_access', false);
                } elseif ($changeType == 'free' && $row['group_type'] != 3 && $row['group_type'] != 2) {
                    fatal_lang_error('no_access', false);
                }
                // We can't change the primary group if this is hidden!
                if ($row['hidden'] == 2) {
                    $canChangePrimary = false;
                }
            }
            // If this is their old primary, can we change it?
            if ($row['id_group'] == $old_profile['id_group'] && ($row['group_type'] > 1 || $context['can_manage_membergroups']) && $canChangePrimary !== false) {
                $canChangePrimary = 1;
            }
            // If we are not doing a force primary move, don't do it automatically if current primary is not 0.
            if ($changeType != 'primary' && $old_profile['id_group'] != 0) {
                $canChangePrimary = false;
            }
            // If this is the one we are acting on, can we even act?
            if (!$context['can_manage_protected'] && $row['group_type'] == 1 || !$context['can_manage_membergroups'] && $row['group_type'] == 0) {
                $canChangePrimary = false;
            }
        }
        // Didn't find the target?
        if (!$foundTarget) {
            fatal_lang_error('no_access', false);
        }
        // Final security check, don't allow users to promote themselves to admin.
        if ($context['can_manage_membergroups'] && !allowedTo('admin_forum')) {
            $request = $db->query('', '
				SELECT COUNT(permission)
				FROM {db_prefix}permissions
				WHERE id_group = {int:selected_group}
					AND permission = {string:admin_forum}
					AND add_deny = {int:not_denied}', array('selected_group' => $group_id, 'not_denied' => 1, 'admin_forum' => 'admin_forum'));
            list($disallow) = $db->fetch_row($request);
            $db->free_result($request);
            if ($disallow) {
                isAllowedTo('admin_forum');
            }
        }
        // If we're requesting, add the note then return.
        if ($changeType == 'request') {
            $request = $db->query('', '
				SELECT id_member
				FROM {db_prefix}log_group_requests
				WHERE id_member = {int:selected_member}
					AND id_group = {int:selected_group}', array('selected_member' => $memID, 'selected_group' => $group_id));
            if ($db->num_rows($request) != 0) {
                fatal_lang_error('profile_error_already_requested_group');
            }
            $db->free_result($request);
            // Log the request.
            $db->insert('', '{db_prefix}log_group_requests', array('id_member' => 'int', 'id_group' => 'int', 'time_applied' => 'int', 'reason' => 'string-65534'), array($memID, $group_id, time(), $_POST['reason']), array('id_request'));
            // Send an email to all group moderators etc.
            require_once SUBSDIR . '/Mail.subs.php';
            // Do we have any group moderators?
            $request = $db->query('', '
				SELECT id_member
				FROM {db_prefix}group_moderators
				WHERE id_group = {int:selected_group}', array('selected_group' => $group_id));
            $moderators = array();
            while ($row = $db->fetch_assoc($request)) {
                $moderators[] = $row['id_member'];
            }
            $db->free_result($request);
            // Otherwise this is the backup!
            if (empty($moderators)) {
                require_once SUBSDIR . '/Members.subs.php';
                $moderators = membersAllowedTo('manage_membergroups');
            }
            if (!empty($moderators)) {
                require_once SUBSDIR . '/Members.subs.php';
                $members = getBasicMemberData($moderators, array('preferences' => true, 'sort' => 'lngfile'));
                foreach ($members as $member) {
                    if ($member['notify_types'] != 4) {
                        continue;
                    }
                    // Check whether they are interested.
                    if (!empty($member['mod_prefs'])) {
                        list(, , $pref_binary) = explode('|', $member['mod_prefs']);
                        if (!($pref_binary & 4)) {
                            continue;
                        }
                    }
                    $replacements = array('RECPNAME' => $member['member_name'], 'APPYNAME' => $old_profile['member_name'], 'GROUPNAME' => $group_name, 'REASON' => $_POST['reason'], 'MODLINK' => $scripturl . '?action=moderate;area=groups;sa=requests');
                    $emaildata = loadEmailTemplate('request_membership', $replacements, empty($member['lngfile']) || empty($modSettings['userLanguage']) ? $language : $member['lngfile']);
                    sendmail($member['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 2);
                }
            }
            return $changeType;
        } elseif ($changeType == 'free') {
            // Are we leaving?
            if ($old_profile['id_group'] == $group_id || isset($addGroups[$group_id])) {
                if ($old_profile['id_group'] == $group_id) {
                    $newPrimary = 0;
                } else {
                    unset($addGroups[$group_id]);
                }
            } else {
                // Can we change the primary, and do we want to?
                if ($canChangePrimary) {
                    if ($old_profile['id_group'] != 0) {
                        $addGroups[$old_profile['id_group']] = -1;
                    }
                    $newPrimary = $group_id;
                } else {
                    $addGroups[$group_id] = -1;
                }
            }
        } elseif ($canChangePrimary) {
            if ($old_profile['id_group'] != 0) {
                $addGroups[$old_profile['id_group']] = -1;
            }
            if (isset($addGroups[$group_id])) {
                unset($addGroups[$group_id]);
            }
            $newPrimary = $group_id;
        }
        // Finally, we can make the changes!
        foreach ($addGroups as $id => $dummy) {
            if (empty($id)) {
                unset($addGroups[$id]);
            }
        }
        $addGroups = implode(',', array_flip($addGroups));
        // Ensure that we don't cache permissions if the group is changing.
        if ($context['user']['is_owner']) {
            $_SESSION['mc']['time'] = 0;
        } else {
            updateSettings(array('settings_updated' => time()));
        }
        updateMemberData($memID, array('id_group' => $newPrimary, 'additional_groups' => $addGroups));
        return $changeType;
    }