$photoplog_category_info = $db->query_first("SELECT parentid\r\n\t\tFROM " . PHOTOPLOG_PREFIX . "photoplog_categories\r\n\t\tWHERE catid = " . intval($photoplog_catid) . "\r\n\t");
$photoplog_original_parentid = 0;
if (!$photoplog_category_info) {
print_stop_message(no_results_matched_your_query);
} else {
$photoplog_original_parentid = intval($photoplog_category_info['parentid']);
}
$photoplog_category_title = trim(strval($photoplog_category['title']));
$photoplog_category_description = trim(strval($photoplog_category['description']));
$photoplog_category_displayorder = intval(trim(strval($photoplog_category['displayorder'])));
$photoplog_category_options = $photoplog_category['options'];
foreach ($photoplog_category_options as $photoplog_key => $photoplog_val) {
$photoplog_category_options["{$photoplog_key}"] = intval(trim(strval($photoplog_val)));
}
require_once DIR . '/includes/functions_misc.php';
$photoplog_category_bitopts = convert_array_to_bits($photoplog_category_options, $photoplog_categoryoptions, 1);
if (photoplog_replace_into_category($photoplog_catid, $photoplog_category_title, $photoplog_category_description, $photoplog_category_displayorder, $photoplog_category_parentid, $photoplog_category_bitopts, $photoplog_ds_catopts)) {
if ($photoplog_category_parentid != $photoplog_original_parentid) {
$photoplog_catids_array = array($photoplog_catid, $photoplog_category_parentid, $photoplog_original_parentid);
// photoplog_regenerate_counts_table_v2($photoplog_catids_array);
}
print_cp_redirect("photoplog_category.php?" . $vbulletin->session->vars['sessionurl'] . "do=modify", 1);
} else {
print_stop_message('generic_error_x', $vbphrase['photoplog_bad_cat_replace']);
}
}
if ($_REQUEST['do'] == 'modify') {
print_form_header('photoplog_category', 'doorder');
construct_hidden_code('s', $vbulletin->session->vars['sessionhash']);
construct_hidden_code('catid', $photoplog_catid);
print_table_header($vbphrase['photoplog_category_manager'], 3);
print_stop_message('there_is_already_bb_code_named_x', htmlspecialchars_uni($vbulletin->GPC['bbcodetag']));
} else {
// fetch all tags, and make sure we can't redefine an existing, built-in code
$tags = fetch_tag_list('', true);
if ($vbulletin->GPC['twoparams'] and isset($tags['option'][$vbulletin->GPC['bbcodetag']]) or !$vbulletin->GPC['twoparams'] and isset($tags['no_option'][$vbulletin->GPC['bbcodetag']])) {
print_stop_message('there_is_already_bb_code_named_x', htmlspecialchars_uni($vbulletin->GPC['bbcodetag']));
}
}
$vbulletin->GPC['bbcodereplacement'] = str_replace('%', '%%', $vbulletin->GPC['bbcodereplacement']);
if ($vbulletin->GPC['twoparams']) {
$vbulletin->GPC['bbcodereplacement'] = str_replace('{param}', '%1$s', $vbulletin->GPC['bbcodereplacement']);
$vbulletin->GPC['bbcodereplacement'] = str_replace('{option}', '%2$s', $vbulletin->GPC['bbcodereplacement']);
} else {
$vbulletin->GPC['bbcodereplacement'] = str_replace('{param}', '%1$s', $vbulletin->GPC['bbcodereplacement']);
}
$db->query_write("\n\t\tUPDATE " . TABLE_PREFIX . "bbcode SET\n\t\t\ttitle = '" . $db->escape_string($vbulletin->GPC['title']) . "',\n\t\t\tbbcodetag = '" . $db->escape_string($vbulletin->GPC['bbcodetag']) . "',\n\t\t\tbbcodereplacement = '" . $db->escape_string($vbulletin->GPC['bbcodereplacement']) . "',\n\t\t\tbbcodeexample = '" . $db->escape_string($vbulletin->GPC['bbcodeexample']) . "',\n\t\t\tbbcodeexplanation = '" . $db->escape_string($vbulletin->GPC['bbcodeexplanation']) . "',\n\t\t\ttwoparams = '" . $db->escape_string($vbulletin->GPC['twoparams']) . "',\n\t\t\tbuttonimage = '" . $db->escape_string($vbulletin->GPC['buttonimage']) . "',\n\t\t\toptions = " . convert_array_to_bits($vbulletin->GPC['options'], $vbulletin->bf_misc['bbcodeoptions']) . "\n\t\tWHERE bbcodeid = " . $vbulletin->GPC['bbcodeid']);
build_bbcode_cache();
define('CP_REDIRECT', 'bbcode.php?do=modify');
print_stop_message('saved_bb_code_x_successfully', "[" . $vbulletin->GPC['bbcodetag'] . "]");
}
// ####################################### REMOVE #####################################
if ($_REQUEST['do'] == 'remove') {
$vbulletin->input->clean_array_gpc('r', array('bbcodeid' => TYPE_INT));
print_delete_confirmation('bbcode', $vbulletin->GPC['bbcodeid'], 'bbcode', 'kill', 'bb_code');
}
// ######################################## KILL #####################################
if ($_POST['do'] == 'kill') {
$vbulletin->input->clean_array_gpc('p', array('bbcodeid' => TYPE_INT));
$db->query_write("DELETE FROM " . TABLE_PREFIX . "bbcode WHERE bbcodeid = " . $vbulletin->GPC['bbcodeid']);
build_bbcode_cache();
$_REQUEST['do'] = 'modify';
$tableadded = 1;
print_submit_row(iif($_REQUEST['do'] == 'add', $vbphrase['save'], $vbphrase['update']), '_default_', 10);
}
// ###################### Start Update #######################
if ($_POST['do'] == 'update') {
$vbulletin->input->clean_array_gpc('p', array('sub' => TYPE_ARRAY, 'forums' => TYPE_ARRAY_BOOL, 'membergroup' => TYPE_ARRAY_UINT, 'options' => TYPE_ARRAY_UINT, 'adminoptions' => TYPE_ARRAY_UINT, 'shipping' => TYPE_UINT, 'title' => TYPE_STR, 'description' => TYPE_STR));
if ($vbulletin->GPC['shipping'] == 2) {
$vbulletin->GPC['options']['shipping1'] = 1;
} else {
if ($vbulletin->GPC['shipping'] == 4) {
$vbulletin->GPC['options']['shipping2'] = 1;
}
}
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['sub']['options'] = convert_array_to_bits($vbulletin->GPC['options'], $subobj->_SUBSCRIPTIONOPTIONS);
$vbulletin->GPC['sub']['adminoptions'] = convert_array_to_bits($vbulletin->GPC['adminoptions'], $vbulletin->bf_misc_adminoptions);
$sub =& $vbulletin->GPC['sub'];
$sub['active'] = intval($sub['active']);
$sub['displayorder'] = intval($sub['displayorder']);
$clean_times = array();
$lengths = array('D' => 'days', 'W' => 'weeks', 'M' => 'months', 'Y' => 'years');
$counter = 0;
if (is_array($vbulletin->GPC['sub']['time'])) {
foreach ($vbulletin->GPC['sub']['time'] as $key => $moo) {
$havecurrency = false;
$counter++;
$moo['length'] = intval($moo['length']);
foreach ($moo['cost'] as $currency => $value) {
if ($value != '0.00') {
$havecurrency = true;
}
}
// ###################### Start insert / update moderator #######################
if ($_POST['do'] == 'updatemod') {
$vbulletin->input->clean_array_gpc('p', array('modusername' => TYPE_STR, 'moderator' => TYPE_ARRAY, 'modperms' => TYPE_ARRAY, 'moderatorid' => TYPE_UINT));
if (!$vbulletin->GPC['moderatorid']) {
$vbulletin->GPC['modusername'] = htmlspecialchars_uni($vbulletin->GPC['modusername']);
$userinfo = $db->query_first("\n\t\t\tSELECT userid\n\t\t\tFROM " . TABLE_PREFIX . "user\n\t\t\tWHERE username='******'modusername']) . "'\n\t\t");
} else {
$userinfo = $db->query_first("\n\t\t\tSELECT user.username, user.userid\n\t\t\tFROM " . TABLE_PREFIX . "calendarmoderator AS calendarmoderator\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (calendarmoderator.userid = user.userid)\n\t\t\tWHERE calendarmoderatorid = " . $vbulletin->GPC['moderatorid']);
$vbulletin->GPC['modusername'] = $userinfo['username'];
}
$calendarinfo = $db->query_first("\n\t\tSELECT calendarid,title\n\t\tFROM " . TABLE_PREFIX . "calendar\n\t\tWHERE calendarid = " . intval($vbulletin->GPC['moderator']['calendarid']));
if ($calendarinfo['calendarid'] and ($userinfo['userid'] or $vbulletin->GPC['moderatorid'])) {
// no errors
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['moderator']['permissions'] = convert_array_to_bits($vbulletin->GPC['modperms'], $vbulletin->bf_misc_calmoderatorpermissions, 1);
if ($vbulletin->GPC['moderatorid']) {
// update
$db->query_write(fetch_query_sql($vbulletin->GPC['moderator'], 'calendarmoderator', "WHERE calendarmoderatorid=" . $vbulletin->GPC['moderatorid']));
define('CP_REDIRECT', 'admincalendar.php');
print_stop_message('saved_moderator_x_successfully', $vbulletin->GPC['modusername']);
} else {
// insert
$vbulletin->GPC['moderator']['userid'] = $userinfo['userid'];
$db->query_write(fetch_query_sql($vbulletin->GPC['moderator'], 'calendarmoderator'));
define('CP_REDIRECT', 'admincalendar.php');
print_stop_message('saved_moderator_x_successfully', $vbulletin->GPC['modusername']);
}
} else {
// error
if (!$userinfo['userid']) {
if ($vbulletin->GPC['twoparams'])
{
$vbulletin->GPC['bbcodereplacement'] = str_replace('{option}', '%2$s', $vbulletin->GPC['bbcodereplacement']);
}
$vbulletin->GPC['bbcodereplacement'] = str_replace('{relpath}', '[relpath][/relpath]', $vbulletin->GPC['bbcodereplacement']);
$db->query_write("
UPDATE " . TABLE_PREFIX . "bbcode SET
title = '" . $db->escape_string($vbulletin->GPC['title']) . "',
bbcodetag = '" . $db->escape_string($vbulletin->GPC['bbcodetag']) . "',
bbcodereplacement = '" . $db->escape_string($vbulletin->GPC['bbcodereplacement']) . "',
bbcodeexample = '" . $db->escape_string($vbulletin->GPC['bbcodeexample']) . "',
bbcodeexplanation = '" . $db->escape_string($vbulletin->GPC['bbcodeexplanation']) . "',
twoparams = '" . $db->escape_string($vbulletin->GPC['twoparams']) . "',
buttonimage = '" . $db->escape_string($vbulletin->GPC['buttonimage']) . "',
options = " . convert_array_to_bits($vbulletin->GPC['options'], $vbulletin->bf_misc['bbcodeoptions']) . "
WHERE bbcodeid = " . $vbulletin->GPC['bbcodeid']
);
build_bbcode_cache();
define('CP_REDIRECT', 'bbcode.php?do=modify');
print_stop_message('saved_bb_code_x_successfully', "[" . $vbulletin->GPC['bbcodetag'] . "]");
}
// ####################################### REMOVE #####################################
if ($_REQUEST['do'] == 'remove')
{
$vbulletin->input->clean_array_gpc('r', array(
'bbcodeid' => TYPE_INT
}
// ###################### Start do update #######################
if ($_POST['do'] == 'doupdate') {
$vbulletin->input->clean_array_gpc('p', array('calendarpermissionid' => TYPE_INT, 'calendarid' => TYPE_INT, 'useusergroup' => TYPE_INT, 'calendarpermission' => TYPE_ARRAY));
define('CP_REDIRECT', "calendarpermission.php?do=modify#calendar" . $vbulletin->GPC['calendarid']);
if ($vbulletin->GPC['useusergroup']) {
// use usergroup defaults. delete calendarpermission if it exists
if ($vbulletin->GPC['calendarpermissionid']) {
$db->query_write("DELETE FROM " . TABLE_PREFIX . "calendarpermission WHERE calendarpermissionid = " . $vbulletin->GPC['calendarpermissionid']);
print_stop_message('deleted_calendar_permissions_successfully');
} else {
print_stop_message('saved_calendar_permissions_successfully');
}
} else {
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['calendarpermission']['calendarpermissions'] = convert_array_to_bits($vbulletin->GPC['calendarpermission'], $vbulletin->bf_ugp_calendarpermissions, 1);
if ($vbulletin->GPC['calendarid'] and !$vbulletin->GPC['calendarpermissionid']) {
$vbulletin->GPC['calendarpermission']['calendarid'] = $vbulletin->GPC['calendarid'];
$query = fetch_query_sql($vbulletin->GPC['calendarpermission'], 'calendarpermission');
$db->query_write($query);
$calendarinfo = $db->query_first("SELECT title AS calendartitle FROM " . TABLE_PREFIX . "calendar WHERE calendarid=" . $vbulletin->GPC['calendarid']);
print_stop_message('saved_calendar_permissions_successfully');
} else {
$query = fetch_query_sql($vbulletin->GPC['calendarpermission'], 'calendarpermission', "WHERE calendarpermissionid = " . $vbulletin->GPC['calendarpermissionid']);
$db->query_write($query);
print_stop_message('saved_calendar_permissions_successfully');
}
}
}
// ###################### Start fpgetstyle #######################
function fetch_forumpermission_style($color = '', $canview)
/**
* Insert a new usergroup or update an existing usergroup
*
* @param array $usergroup Usergroup information to be inserted or updated
* @param int $ugid_base Usergroup ID. New inserted usergroup's forum permission will based on this usergroup.
* @param int $usergroupid when updating an existing usergroup, pass usergroup ID as this parameter
* @return int New or existing usergroup ID
*/
public function save($usergroup, $ugid_base = 0, $usergroupid = 0)
{
$this->checkHasAdminPermission('canadminpermissions');
$bf_ugp = vB::getDatastore()->get_value('bf_ugp');
$bf_ugp_adminpermissions = vB::getDatastore()->get_value('bf_ugp_adminpermissions');
$bf_ugp_genericpermissions = vB::getDatastore()->get_value('bf_ugp_genericpermissions');
$bf_ugp_genericoptions = vB::getDatastore()->get_value('bf_ugp_genericoptions');
$bf_misc_useroptions = vB::getDatastore()->get_value('bf_misc_useroptions');
$usergroupcache = vB::getDatastore()->get_value('usergroupcache');
$bf_misc_prefixoptions = vB::getDatastore()->get_value('bf_misc_prefixoptions');
// create bitfield values
require_once DIR . '/includes/functions_misc.php';
foreach ($bf_ugp as $permissiongroup => $fields) {
if ($permissiongroup == 'createpermissions' or $permissiongroup == 'forumpermissions2') {
continue;
}
$usergroup["{$permissiongroup}"] = convert_array_to_bits($usergroup["{$permissiongroup}"], $fields, 1);
}
if (!empty($usergroupid)) {
// update
if (!($usergroup['adminpermissions'] & $bf_ugp_adminpermissions['cancontrolpanel'])) {
// check that not removing last admin group
$checkadmin = vB::getDbAssertor()->getField('usergroup_checkadmin', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'cancontrolpanel' => $bf_ugp_adminpermissions['cancontrolpanel'], 'usergroupid' => $usergroupid));
if ($usergroupid == 6) {
// stop them turning no control panel for usergroup 6, seems the most sensible thing
throw new vB_Exception_Api('invalid_usergroup_specified');
}
if (!$checkadmin) {
throw new vB_Exception_Api('cant_delete_last_admin_group');
}
}
$data = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE, vB_dB_Query::CONDITIONS_KEY => array('usergroupid' => $usergroupid));
$data = array_merge($data, $usergroup);
vB::getDbAssertor()->assertQuery('usergroup', $data);
if (!($usergroup['genericpermissions'] & $bf_ugp_genericpermissions['caninvisible'])) {
if (!($usergroup['genericoptions'] & $bf_ugp_genericoptions['allowmembergroups'])) {
// make the users in this group visible
vB::getDbAssertor()->assertQuery('usergroup_makeuservisible', array('invisible' => $bf_misc_useroptions['invisible'], 'usergroupid' => $usergroupid));
} else {
// find all groups allowed to be invisible - don't change people with those as secondary groups
vB::getDbAssertor()->assertQuery('updateInvisible', array('caninvisible' => $bf_ugp_genericpermissions['caninvisible'], 'invisible' => $bf_misc_useroptions['invisible'], 'usergroupid' => $usergroupid));
}
}
if ($usergroup['adminpermissions'] & $bf_ugp_adminpermissions['cancontrolpanel']) {
$ausers = vB::getDbAssertor()->assertQuery('usergroup_fetchausers', array('usergroupid' => $usergroupid));
foreach ($ausers as $auser) {
$userids[] = $auser['userid'];
}
if (!empty($userids)) {
foreach ($userids as $userid) {
$admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_SILENT);
$admindm->set('userid', $userid);
$admindm->save();
unset($admindm);
}
}
} else {
if ($usergroupcache["{$usergroupid}"]['adminpermissions'] & $bf_ugp_adminpermissions['cancontrolpanel']) {
// lets find admin usergroupids
$ausergroupids = array();
$usergroupcache["{$usergroupid}"]['adminpermissions'] = $usergroup['adminpermissions'];
foreach ($usergroupcache as $ausergroupid => $ausergroup) {
if ($ausergroup['adminpermissions'] & $bf_ugp_adminpermissions['cancontrolpanel']) {
$ausergroupids[] = $ausergroupid;
}
}
$ausers = vB::getDbAssertor()->assertQuery('fetchAdminusersFromUsergroup', array('ausergroupids' => $ausergroupids, 'usergroupid' => $usergroupid));
foreach ($ausers as $auser) {
$userids[] = $auser['userid'];
}
if (!empty($userids)) {
foreach ($userids as $userid) {
$info = array('userid' => $userid);
$admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_ARRAY);
$admindm->set_existing($info);
$admindm->delete();
unset($admindm);
}
}
}
}
vB_Cache::instance()->event('perms_changed');
vB::getUserContext()->clearChannelPermissions($usergroupid);
} else {
// insert
/*insert query*/
$newugid = vB::getDbAssertor()->insert('usergroup', $usergroup);
if ($ugid_base <= 0) {
// use usergroup registered as default
foreach ($usergroupcache as $ausergroup) {
if ($ausergroup['systemgroupid'] == self::REGISTERED_SYSGROUPID) {
$ugid_base = $ausergroup['usergroupid'];
}
}
}
if ($ugid_base > 0) {
$fperms = vB::getDbAssertor()->assertQuery('vBForum:forumpermission', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'usergroupid' => $ugid_base));
foreach ($fperms as $fperm) {
unset($fperm['forumpermissionid']);
$fperm['usergroupid'] = $newugid;
/*insert query*/
$data = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_INSERT);
$data += $fperm;
vB::getDbAssertor()->assertQuery('vBForum:forumpermission', $data);
}
$cperms = vB::getDbAssertor()->assertQuery('vBForum:calendarpermission', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'usergroupid' => $ugid_base));
foreach ($cperms as $cperm) {
unset($cperm['calendarpermissionid']);
$cperm['usergroupid'] = $newugid;
/*insert query*/
$data = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_INSERT);
$data += $cperm;
vB::getDbAssertor()->assertQuery('vBForum:calendarpermission', $data);
}
$perms = vB::getDbAssertor()->assertQuery('vBForum:permission', array('groupid' => $ugid_base));
foreach ($perms as $perm) {
unset($perm['permissionid']);
$perm['groupid'] = $newugid;
vB::getDbAssertor()->insert('vBForum:permission', $perm);
}
vB::getUserContext()->clearChannelPermissions();
}
vB::getDbAssertor()->assertQuery('usergroup_insertprefixpermission', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'newugid' => $newugid, 'deny_by_default' => $bf_misc_prefixoptions['deny_by_default']));
}
vB::getUserContext()->rebuildGroupAccess();
$markups = vB::getDbAssertor()->getRows('usergroup_fetchmarkups', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED));
$usergroupmarkup = array();
foreach ($markups as $markup) {
$usergroupmarkup["{$markup['usergroupid']}"]['opentag'] = $markup['opentag'];
$usergroupmarkup["{$markup['usergroupid']}"]['closetag'] = $markup['closetag'];
}
require_once DIR . '/includes/adminfunctions.php';
require_once DIR . '/includes/functions_databuild.php';
build_channel_permissions();
build_birthdays();
// could be changing sig perms -- this is unscientific, but empty the sig cache
vB::getDbAssertor()->assertQuery('truncateTable', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_METHOD, 'table' => 'sigparsed'));
if ($newugid) {
return $newugid;
} else {
return $usergroupid;
}
}
print_input_row($vbphrase['date_format_override'], 'dateoverride', '');
print_input_row($vbphrase['time_format_override'], 'timeoverride', '');
print_input_row($vbphrase['registereddate_format_override'], 'registereddateoverride', '');
print_input_row($vbphrase['calformat1_format_override'], 'calformat1override', '');
print_input_row($vbphrase['calformat2_format_override'], 'calformat2override', '');
print_input_row($vbphrase['logdate_format_override'], 'logdateoverride', '');
print_description_row($vbphrase['number_formatting'], 0, 2, 'thead');
print_input_row($vbphrase['decimal_separator'], 'decimalsep', '.', 1, 3, 1);
print_input_row($vbphrase['thousands_separator'], 'thousandsep', ',', 1, 3, 1);
print_submit_row($vbphrase['save']);
}
// ##########################################################################
if ($_POST['do'] == 'update_settings') {
$vbulletin->input->clean_array_gpc('p', array_merge($langglobals, array('isdefault' => TYPE_BOOL)));
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['options'] = convert_array_to_bits($vbulletin->GPC['options'], $vbulletin->bf_misc_languageoptions);
foreach ($langglobals as $key => $val) {
$langupdate["{$key}"] = $vbulletin->GPC["{$key}"];
}
if (empty($langupdate['title']) or empty($langupdate['charset'])) {
print_stop_message('please_complete_required_fields');
}
if ($isdefault and $langupdate['userselect'] == 0) {
print_stop_message('cant_delete_default_language');
}
// User has defined a locale.
if ($langupdate['locale'] != '') {
if (!setlocale(LC_TIME, $langupdate['locale']) or !setlocale(LC_CTYPE, $langupdate['locale'])) {
print_stop_message('invalid_locale', $langupdate['locale']);
}
if ($langupdate['dateoverride'] == '' or $langupdate['timeoverride'] == '' or $langupdate['registereddateoverride'] == '' or $langupdate['calformat1override'] == '' or $langupdate['calformat2override'] == '' or $langupdate['logdateoverride'] == '') {
/**
* Converts an array of 1/0 options into the permissions bitfield
*
* @param mixed Int OR Array of 1/0 values keyed with the bitfield names for the moderator permissions bitfield
*
* @return boolean Returns true on success
*/
function verify_permissions2(&$permissions)
{
if (!is_array($permissions) and intval($permissions)) {
return true;
}
require_once DIR . '/includes/functions_misc.php';
return $permissions = convert_array_to_bits($permissions, vB::getDatastore()->get_value('bf_misc_moderatorpermissions2'));
}
if (!is_array($vbulletin->GPC['permissions']["{$permtype}"]["{$permgroupid}"])) {
$vbulletin->GPC['permissions']["{$permtype}"]["{$permgroupid}"] = $group_default;
}
}
}
$do_save = $vbulletin->GPC['force']["{$permtype}"];
if (!$vbulletin->GPC['projectid']) {
$do_save = true;
}
$perms = array();
foreach ($vbulletin->GPC['permissions']["{$permtype}"] as $groupid => $bits) {
if (is_int($bits)) {
$perms["{$groupid}"] = $bits;
} else {
// convert to int from array of bits
$perms["{$groupid}"] = intval(convert_array_to_bits($bits, $vbulletin->pt_bitfields["{$groupid}"]));
}
if (!isset($vbulletin->GPC['original']["{$permtype}"]["{$groupid}"]) or $perms["{$groupid}"] != intval($vbulletin->GPC['original']["{$permtype}"]["{$groupid}permissions"])) {
$do_save = true;
}
}
if ($do_save) {
// permissions changed or we're forcing custom perms to be set
$db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "pt_projectpermission\n\t\t\t\t\t(usergroupid, projectid, issuetypeid, generalpermissions, postpermissions, attachpermissions)\n\t\t\t\tVALUES\n\t\t\t\t\t(" . $vbulletin->GPC['usergroupid'] . ",\n\t\t\t\t\t" . $vbulletin->GPC['projectid'] . ",\n\t\t\t\t\t'" . $db->escape_string($permtype) . "',\n\t\t\t\t\t" . intval($perms['general']) . ",\n\t\t\t\t\t" . intval($perms['post']) . ",\n\t\t\t\t\t" . intval($perms['attach']) . ")\n\t\t\t");
}
}
if (!$vbulletin->GPC['projectid']) {
// updating usergroup-level permissions
$newpermval = 0;
foreach ($vbulletin->GPC['ugpermissions'] as $bitval => $yesno) {
if ($yesno) {
print_no_permission();
}
if (
!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])
OR
!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canhavegroupblog'])
OR
!($userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canjoingroupblog'])
)
{
print_no_permission();
}
require_once(DIR . '/includes/functions_misc.php');
$permissions = convert_array_to_bits($vbulletin->GPC['userperm'], $vbulletin->bf_misc_vbbloggrouppermissions);
$db->query_write("
UPDATE " . TABLE_PREFIX . "blog_groupmembership
SET permissions = $permissions
WHERE userid = $userinfo[userid] AND bloguserid = " . $vbulletin->userinfo['userid'] . "
");
$vbulletin->url = 'blog_usercp.php?' . $vbulletin->session->vars['sessionurl'] . 'do=groups';
eval(print_standard_redirect('redirect_group_permissions_updated_successfully'));
}
if ($_REQUEST['do'] == 'customize' OR $_POST['do'] == 'docustomize')
{
if (
!($vbulletin->userinfo['permissions']['vbblog_general_permissions'] & $vbulletin->bf_ugp_vbblog_general_permissions['blog_canviewown'])
OR
if ($_POST['do'] == 'updatecp') {
$vbulletin->input->clean_array_gpc('p', array('categorypermissionid' => TYPE_UINT, 'blogcategoryid' => TYPE_UINT, 'useusergroup' => TYPE_BOOL, 'categorypermission' => TYPE_ARRAY));
define('CP_REDIRECT', "blog_admin.php?do=listcp#category" . $vbulletin->GPC['blogcategoryid']);
if ($vbulletin->GPC['useusergroup']) {
// use usergroup defaults. delete categorypermission if it exists
if ($vbulletin->GPC['categorypermissionid']) {
$db->query_write("\r\n\t\t\t\tDELETE FROM " . TABLE_PREFIX . "blog_categorypermission\r\n\t\t\t\tWHERE categorypermissionid = " . $vbulletin->GPC['categorypermissionid']);
build_category_permissions();
print_stop_message('deleted_category_permissions_successfully');
} else {
build_category_permissions();
print_stop_message('saved_category_permissions_successfully');
}
} else {
require_once DIR . '/includes/functions_misc.php';
$vbulletin->GPC['categorypermission']['categorypermissions'] = convert_array_to_bits($vbulletin->GPC['categorypermission'], $vbulletin->bf_ugp_vbblog_general_permissions, 1);
if ($vbulletin->GPC['blogcategoryid'] and !$vbulletin->GPC['categorypermissionid']) {
$vbulletin->GPC['categorypermission']['blogcategoryid'] = $vbulletin->GPC['blogcategoryid'];
$query = fetch_query_sql($vbulletin->GPC['categorypermission'], 'blog_categorypermission');
$db->query_write($query);
} else {
$query = fetch_query_sql($vbulletin->GPC['categorypermission'], 'blog_categorypermission', "WHERE categorypermissionid = " . $vbulletin->GPC['categorypermissionid']);
$db->query_write($query);
}
build_category_permissions();
print_stop_message('saved_category_permissions_successfully');
}
}
if ($_REQUEST['do'] == 'stats') {
$vbulletin->input->clean_array_gpc('r', array('start' => TYPE_ARRAY_INT, 'end' => TYPE_ARRAY_INT, 'scope' => TYPE_NOHTML, 'sort' => TYPE_NOHTML, 'nullvalue' => TYPE_BOOL, 'username' => TYPE_NOHTML, 'type' => TYPE_NOHTML));
if (!empty($vbulletin->GPC['username'])) {
}
// #############################################################################
// Moderator Permissions
if ($vbulletin->GPC['step'] == 23) {
$db->query_write("ALTER TABLE moderator ADD permissions INT UNSIGNED NOT NULL DEFAULT '0'");
echo_flush(sprintf($vbphrase['alter_table'], TABLE_PREFIX . "moderator") . "\n");
$moderators = $db->query_read("\n\t\tSELECT moderator.*,forum.title,user.username\n\t\tFROM moderator\n\t\tLEFT JOIN forum ON(forum.forumid=moderator.forumid)\n\t\tLEFT JOIN user ON(user.userid=moderator.userid)\n\t");
echo "<p>{$upgrade_phrases['upgrade_300b3.php']['updating_moderator_perms']}</p><ul>";
require_once DIR . '/includes/functions_misc.php';
while ($moderator = $db->fetch_array($moderators)) {
echo "<li>" . sprintf($upgrade_phrases['upgrade_300b3.php']['moderator_x_forum_y'], $moderator['username'], $moderator['title']) . " ...";
vbflush();
if ($moderator['title'] == '' or $moderator['username'] == '') {
echo "<i>{$upgrade_phrases['upgrade_300b3.php']['deleted_not_needed']}</i></li>\n";
} else {
$perms = convert_array_to_bits($moderator, $vbulletin->bf_misc_moderatorpermissions);
$db->query_write("UPDATE moderator SET permissions={$perms} WHERE moderatorid={$moderator['moderatorid']}");
echo "</li>\n";
}
}
echo "</ul>\n";
// drop fields converted to bitfield 'permissions'
$query[] = "ALTER TABLE moderator\n\t\tDROP newthreademail,\n\t\tDROP newpostemail,\n\t\tDROP caneditposts,\n\t\tDROP candeleteposts\n\t";
$explain[] = sprintf($vbphrase['alter_table_step_x'], 'moderator', 1, 4);
// drop fields converted to bitfield 'permissions'
$query[] = "ALTER TABLE moderator\n\t\tDROP canviewips,\n\t\tDROP canmanagethreads,\n\t\tDROP canopenclose,\n\t\tDROP caneditthreads\n\t";
$explain[] = sprintf($vbphrase['alter_table_step_x'], 'moderator', 2, 4);
// drop fields converted to bitfield 'permissions'
$query[] = "ALTER TABLE moderator\n\t\tDROP caneditstyles,\n\t\tDROP canbanusers,\n\t\tDROP canviewprofile,\n\t\tDROP canannounce\n\t";
$explain[] = sprintf($vbphrase['alter_table_step_x'], 'moderator', 3, 4);
// drop fields converted to bitfield 'permissions'
}
print_yes_no_row($vbphrase["{$permvalue['phrase']}"], "usergroup[{$permvalue['parentgroup']}][{$permtitle}]", $getval);
}
}
print_table_break();
print_column_style_code(array('width: 70%', 'width: 30%'));
}
print_submit_row(iif($_REQUEST['do'] == 'add', $vbphrase['save'], $vbphrase['update']));
}
// ###################### Start insert / update #######################
if ($_POST['do'] == 'update') {
$vbulletin->input->clean_array_gpc('p', array('usergroup' => TYPE_ARRAY, 'ugid_base' => TYPE_INT));
// create bitfield values
require_once DIR . '/includes/functions_misc.php';
foreach ($vbulletin->bf_ugp as $permissiongroup => $fields) {
$vbulletin->GPC['usergroup']["{$permissiongroup}"] = convert_array_to_bits($vbulletin->GPC['usergroup']["{$permissiongroup}"], $fields, 1);
}
($hook = vBulletinHook::fetch_hook('admin_usergroup_save')) ? eval($hook) : false;
if (!empty($vbulletin->GPC['usergroupid'])) {
// update
if (!($vbulletin->GPC['usergroup']['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
// check that not removing last admin group
$checkadmin = $db->query_first("\n\t\t\t\tSELECT COUNT(*) AS usergroups\n\t\t\t\tFROM " . TABLE_PREFIX . "usergroup\n\t\t\t\tWHERE (adminpermissions & " . $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'] . ") AND\n\t\t\t\t\tusergroupid <> " . $vbulletin->GPC['usergroupid'] . "\n\t\t\t");
if ($vbulletin->GPC['usergroupid'] == 6) {
// stop them turning no control panel for usergroup 6, seems the most sensible thing
print_stop_message('invalid_usergroup_specified');
}
if (!$checkadmin['usergroups']) {
print_stop_message('cant_delete_last_admin_group');
}
}
print_table_header($vbphrase['quick_forum_permission_setup']);
print_forum_chooser($vbphrase['apply_permissions_to_forum'], 'forumid', -1);
print_label_row($vbphrase['apply_permissions_to_usergroup'], "<span class=\"smallfont\">{$usergrouplist}</span>", '', 'top', 'usergrouplist');
print_description_row($vbphrase['permission_overwrite_notice']);
print_table_break();
print_forum_permission_rows($vbphrase['permissions']);
print_submit_row();
}
// ###################### Start do quick forum #######################
if ($_POST['do'] == 'doquickforum') {
$vbulletin->input->clean_array_gpc('p', array('usergrouplist' => TYPE_ARRAY, 'forumid' => TYPE_INT, 'forumpermission' => TYPE_ARRAY_INT));
if (sizeof($vbulletin->GPC['usergrouplist']) == 0) {
print_stop_message('invalid_usergroup_specified');
}
require_once DIR . '/includes/functions_misc.php';
$permbits = convert_array_to_bits($vbulletin->GPC['forumpermission'], $vbulletin->bf_ugp_forumpermissions, 1);
foreach ($vbulletin->GPC['usergrouplist'] as $usergroupid => $confirm) {
if ($confirm == 1) {
$usergroupid = intval($usergroupid);
/*insert query*/
$db->query_write("\n\t\t\t\tREPLACE INTO " . TABLE_PREFIX . "forumpermission\n\t\t\t\t\t(forumid, usergroupid, forumpermissions)\n\t\t\t\tVALUES\n\t\t\t\t\t(" . $vbulletin->GPC['forumid'] . ", {$usergroupid}, {$permbits})\n\t\t\t");
($hook = vBulletinHook::fetch_hook('admin_fperms_doquickforum')) ? eval($hook) : false;
}
}
build_forum_permissions();
define('CP_REDIRECT', 'forumpermission.php?do=modify&f=' . $vbulletin->GPC['forumid']);
print_stop_message('saved_forum_permissions_successfully');
}
// ###################### Start quick set #######################
if ($_REQUEST['do'] == 'quickset') {
$vbulletin->input->clean_array_gpc('r', array('type' => TYPE_STR, 'forumid' => TYPE_INT));
print_submit_row();
}
// ###################### Start do quick forum #######################
if ($_POST['do'] == 'doquickforum') {
$vbulletin->input->clean_array_gpc('p', array('usergrouplist' => vB_Cleaner::TYPE_ARRAY, 'nodeid' => vB_Cleaner::TYPE_INT, 'forumpermissions' => vB_Cleaner::TYPE_ARRAY_INT, 'moderatorpermissions' => vB_Cleaner::TYPE_ARRAY_INT, 'createpermissions' => vB_Cleaner::TYPE_ARRAY_INT, 'edit_time' => vB_Cleaner::TYPE_INT, 'require_moderate' => vB_Cleaner::TYPE_INT, 'maxtags' => vB_Cleaner::TYPE_INT, 'maxstartertags' => vB_Cleaner::TYPE_INT, 'maxothertags' => vB_Cleaner::TYPE_INT, 'maxattachments' => vB_Cleaner::TYPE_INT));
if (sizeof($vbulletin->GPC['usergrouplist']) == 0) {
print_stop_message2('invalid_usergroup_specified');
}
require_once DIR . '/includes/functions_misc.php';
$bf_ugp_forumpermissions = vB::getDatastore()->getValue('bf_ugp_forumpermissions');
$bf_misc_moderatorpermissions = vB::getDatastore()->getValue('bf_misc_moderatorpermissions');
$bf_ugp_createpermissions = vB::getDatastore()->getValue('bf_ugp_createpermissions');
$forumpermbits = convert_array_to_bits($vbulletin->GPC['forumpermissions'], $bf_ugp_forumpermissions, 1);
$forum2permbits = convert_array_to_bits($vbulletin->GPC['forumpermissions2'], $bf_ugp_forumpermissions, 1);
$moderatorpermbits = convert_array_to_bits($vbulletin->GPC['moderatorpermissions'], $bf_misc_moderatorpermissions, 1);
$createpermbits = convert_array_to_bits($vbulletin->GPC['createpermissions'], $bf_ugp_createpermissions, 1);
foreach ($vbulletin->GPC['usergrouplist'] as $usergroupid => $confirm) {
if ($confirm == 1) {
$usergroupid = intval($usergroupid);
/*insert query*/
vB::getDbAssertor()->assertQuery('replacePermissions', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_STORED, 'nodeid' => $vbulletin->GPC['nodeid'], 'usergroupid' => $usergroupid, 'forumpermissions' => $forumpermbits, 'moderatorpermissions' => $moderatorpermbits, 'createpermissions' => $createpermbits, 'forumpermissions2' => $forum2permbits, 'edit_time' => $vbulletin->GPC['edit_time'], 'require_moderate' => $vbulletin->GPC['require_moderate'], 'maxtags' => $vbulletin->GPC['maxtags'], 'maxstartertags' => $vbulletin->GPC['maxstartertags'], 'maxothertags' => $vbulletin->GPC['maxothertags'], 'maxattachments' => $vbulletin->GPC['maxattachments'], 'maxchannels' => $vbulletin->GPC['maxchannels'], 'channeliconmaxsize' => $vbulletin->GPC['channeliconmaxsize']));
// Legacy Hook 'admin_nperms_doquickforum' Removed //
}
}
build_channel_permissions();
print_stop_message2('saved_channel_permissions_successfully', 'forumpermission', array('do' => 'modify', 'n' => $vbulletin->GPC['nodeid']));
}
// ###################### Start quick set #######################
if ($_REQUEST['do'] == 'quickset') {
$vbulletin->input->clean_array_gpc('r', array('type' => vB_Cleaner::TYPE_STR, 'nodeid' => vB_Cleaner::TYPE_INT));
verify_cp_sessionhash();
/**
* Converts an array of 1/0 options into the permissions bitfield
*
* @param array Array of 1/0 values keyed with the bitfield names for the moderator permissions bitfield
*
* @return boolean Returns true on success
*/
function verify_permissions2(&$permissions)
{
require_once DIR . '/includes/functions_misc.php';
return $permissions = convert_array_to_bits($permissions, $this->registry->bf_misc_moderatorpermissions2);
}
if (vB_Bitfield_Builder::build(false) !== false) {
$myobj =& vB_Bitfield_Builder::init();
} else {
echo "<strong>error</strong>\n";
print_r(vB_Bitfield_Builder::fetch_errors());
}
foreach ($myobj->data['ugp']['adminpermissions'] as $title => $values) {
// don't show settings that have a group for the usergroup page
if (empty($values['group'])) {
$ADMINPERMISSIONS["{$title}"] = $values['value'];
$permsphrase["{$title}"] = $vbphrase["{$values['phrase']}"];
}
}
$vbulletin->input->clean_array_gpc('p', array('oldpermissions' => TYPE_INT, 'adminpermissions' => TYPE_ARRAY_INT));
require_once DIR . '/includes/functions_misc.php';
log_admin_action(iif($user, "user id = {$user['userid']} ({$user['username']})" . iif($_POST['do'] == 'update', " (" . $vbulletin->GPC['oldpermissions'] . " » " . convert_array_to_bits($vbulletin->GPC['adminpermissions'], $ADMINPERMISSIONS) . ")")));
// #############################################################################
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
// #############################################################################
if ($_POST['do'] == 'update') {
$vbulletin->input->clean_array_gpc('p', array('cssprefs' => TYPE_STR, 'dismissednews' => TYPE_STR));
foreach ($vbulletin->GPC['adminpermissions'] as $key => $value) {
$admindm->set_bitfield('adminpermissions', $key, $value);
}
($hook = vBulletinHook::fetch_hook('admin_permissions_process')) ? eval($hook) : false;
$admindm->set('cssprefs', $vbulletin->GPC['cssprefs']);
$admindm->set('dismissednews', $vbulletin->GPC['dismissednews']);
$admindm->save();
define('CP_REDIRECT', "adminpermissions.php?" . $vbulletin->session->vars['sessionurl'] . "#user{$user['userid']}");
/**
* Insert or update language
*
* @param array $data Language options to be inserted or updated
* @param int $languageid If not 0, the language with the ID will be updated
* @return int New language ID or the updated language ID
*/
public function save($data, $languageid = 0)
{
$this->checkHasAdminPermission('canadminlanguages');
require_once DIR . '/includes/adminfunctions.php';
require_once DIR . '/includes/adminfunctions_language.php';
$langglobals = array('title', 'vblangcode', 'revision', 'userselect', 'options', 'languagecode', 'charset', 'locale', 'imagesoverride', 'dateoverride', 'timeoverride', 'registereddateoverride', 'calformat1override', 'calformat2override', 'logdateoverride', 'decimalsep', 'thousandsep');
$bf_misc_languageoptions = vB::getDatastore()->get_value('bf_misc_languageoptions');
require_once DIR . '/includes/functions_misc.php';
$data['options'] = convert_array_to_bits($data['options'], $bf_misc_languageoptions);
$newlang = array();
foreach ($langglobals as $val) {
$newlang["{$val}"] =& $data["{$val}"];
}
if (empty($newlang['title']) or empty($newlang['charset'])) {
throw new vB_Exception_Api('please_complete_required_fields');
}
// User has defined a locale.
if ($newlang['locale'] != '') {
if (!setlocale(LC_TIME, $newlang['locale']) or !setlocale(LC_CTYPE, $newlang['locale'])) {
throw new vB_Exception_Api('invalid_locale', array($newlang['locale']));
}
if ($newlang['dateoverride'] == '' or $newlang['timeoverride'] == '' or $newlang['registereddateoverride'] == '' or $newlang['calformat1override'] == '' or $newlang['calformat2override'] == '' or $newlang['logdateoverride'] == '') {
throw new vB_Exception_Api('locale_define_fill_in_all_overrides');
}
}
if (!$languageid) {
/*insert query*/
$insertdata = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_INSERT);
$insertdata += $newlang;
$_languageid = vB::getDbAssertor()->assertQuery('language', $insertdata);
$languageid = $_languageid;
build_language($languageid);
build_language_datastore();
} else {
if (empty($data['product'])) {
$data['product'] = 'vbulletin';
}
$updatelanguage = false;
if (!empty($data['rvt'])) {
$updatelanguage = true;
vB::getDbAssertor()->assertQuery('phrase', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'phraseid' => $data['rvt']));
// unset reverted phrases
foreach (array_keys($data['rvt']) as $varname) {
unset($data['def']["{$varname}"]);
}
}
if (!empty($data['def'])) {
$updaterows = vB::getDbAssertor()->assertQuery('updateLanguagePhrases', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_METHOD, 'def' => $data['def'], 'languageid' => $languageid, 'fieldname' => $data['fieldname']));
}
if ($updaterows) {
$updatelanguage = true;
}
/* update query */
$updatedata = array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_UPDATE);
$updatewhere = array(vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'languageid', 'value' => $languageid, 'operator' => vB_dB_Query::OPERATOR_EQ)));
$updatedata += $newlang;
$updatedata += $updatewhere;
$updateprincipal = vB::getDbAssertor()->assertQuery('language', $updatedata);
if ($updatelanguage) {
build_language($languageid);
}
}
return $languageid;
}
