function user_create($Username, $Password)
{
global $pdo;
if (user_exists($Username)) {
return false;
}
$stmt = $pdo->prepare('
INSERT INTO `users`
(
`username`
, `password`
) VALUES (
:username
, :password
)');
$stmt->bindValue(':username', s($Username));
$stmt->bindValue(':password', user_hash($Password, $Username));
$stmt->execute();
$uid = $pdo->lastInsertId();
$stmt->closeCursor();
// Create a group for the new user
lib('Group');
$gid = group_create(s($Username), 'user');
group_add($gid, $uid);
return $uid;
}
public function test_notifications()
{
global $phpbb_root_path, $phpEx, $phpbb_dispatcher, $phpbb_log;
include_once $phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx;
include_once $phpbb_root_path . 'includes/functions_user.' . $phpEx;
include_once $phpbb_root_path . 'includes/functions_content.' . $phpEx;
set_config(false, false, false, $this->config);
$this->container->set('groupposition.legend', new \phpbb\groupposition\legend($this->db, $this->user));
$this->container->set('groupposition.teampage', new \phpbb\groupposition\teampage($this->db, $this->user, $this->cache->get_driver()));
$phpbb_dispatcher = new phpbb_mock_event_dispatcher();
$phpbb_log = new \phpbb\log\null();
// Now on to the actual test
$group_id = false;
group_create($group_id, GROUP_OPEN, 'test', 'test group', array());
// Add user 2 as group leader
group_user_add($group_id, 2, false, false, false, true, false);
// Add user 3 as pending
group_user_add($group_id, 3, false, false, false, false, true);
$this->assert_notifications(array(array('item_id' => 3, 'item_parent_id' => $group_id, 'user_id' => 2, 'notification_read' => 0, 'notification_data' => array('group_name' => 'test'))), array('user_id' => 2));
// Approve user 3 joining the group
group_user_attributes('approve', $group_id, array(3));
// user 3 pending notification should have been deleted
$this->assert_notifications(array(), array('user_id' => 2));
$this->assert_notifications(array(array('item_id' => $group_id, 'user_id' => 3, 'notification_read' => 0, 'notification_data' => array('group_name' => 'test'))), array('user_id' => 3));
}
function creategroup_submit(Pieform $form, $values)
{
global $USER;
global $SESSION;
list($grouptype, $jointype) = explode('.', $values['grouptype']);
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
$id = group_create(array('name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'category' => empty($values['category']) ? null : intval($values['category']), 'jointype' => $jointype, 'public' => intval($values['public']), 'usersautoadded' => intval($values['usersautoadded']), 'members' => array($USER->get('id') => 'admin'), 'viewnotify' => intval($values['viewnotify'])));
$USER->reset_grouproles();
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
redirect('/group/view.php?id=' . $id);
}
function editgroup_submit(Pieform $form, $values)
{
global $USER, $SESSION, $group_data, $publicallowed;
$values['public'] = isset($values['public']) ? $values['public'] : 0;
$values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
$newvalues = array('name' => $group_data->name == $values['name'] ? $values['name'] : trim($values['name']), 'description' => $values['description'], 'grouptype' => $values['grouptype'], 'category' => empty($values['category']) ? null : intval($values['category']), 'open' => intval($values['open']), 'controlled' => intval($values['controlled']), 'request' => intval($values['request']), 'usersautoadded' => intval($values['usersautoadded']), 'public' => $publicallowed ? intval($values['public']) : 0, 'viewnotify' => intval($values['viewnotify']), 'submittableto' => intval($values['submittableto']), 'allowarchives' => intval(!empty($values['allowarchives']) ? $values['allowarchives'] : 0), 'editroles' => $values['editroles'], 'hidden' => intval($values['hidden']), 'hidemembers' => intval(!empty($values['hidemembersfrommembers']) || !empty($values['hidemembers'])), 'hidemembersfrommembers' => intval($values['hidemembersfrommembers']), 'groupparticipationreports' => intval($values['groupparticipationreports']), 'invitefriends' => intval($values['invitefriends']), 'suggestfriends' => intval($values['suggestfriends']), 'editwindowstart' => db_format_timestamp($values['editwindowstart']), 'editwindowend' => db_format_timestamp($values['editwindowend']), 'sendnow' => intval($values['sendnow']), 'feedbacknotify' => intval($values['feedbacknotify']));
if (get_config('cleanurls') && isset($values['urlid']) && '' !== (string) $values['urlid']) {
$newvalues['urlid'] = $values['urlid'];
}
db_begin();
if (!$group_data->id) {
$newvalues['members'] = array($USER->get('id') => 'admin');
$group_data->id = group_create($newvalues);
$USER->reset_grouproles();
}
// Now update the description with any embedded image info
$newvalues['description'] = EmbeddedImage::prepare_embedded_images($newvalues['description'], 'group', $group_data->id, $group_data->id);
$newvalues['id'] = $group_data->id;
unset($newvalues['members']);
group_update((object) $newvalues);
$SESSION->add_ok_msg(get_string('groupsaved', 'group'));
db_commit();
// Reload $group_data->urlid or else the redirect will fail
if (get_config('cleanurls') && (!isset($values['urlid']) || $group_data->urlid != $values['urlid'])) {
$group_data->urlid = get_field('group', 'urlid', 'id', $group_data->id);
}
redirect(group_homepage_url($group_data));
}
/**
* synchronize Mahara's groups with groups defined on a LDAP server
*
* @param boolean $dryrun dummy execution. Do not perform any database operations
* @return boolean
*/
function sync_groups($dryrun = false)
{
global $USER;
log_info('---------- started groupsync auth instance ' . $this->instanceid . ' at ' . date('r', time()) . ' ----------');
if (!$this->get_config('syncgroupscron')) {
log_info('Not set to sync groups, so exiting');
return true;
}
// We need to tell the session that we are the admin user, so that we have permission to manipulate groups
$USER->reanimate(1, 1);
$syncbyattribute = $this->get_config('syncgroupsbyuserfield') && $this->get_config('syncgroupsgroupattribute');
$syncbyclass = $this->get_config('syncgroupsbyclass') && $this->get_config('syncgroupsgroupclass') && $this->get_config('syncgroupsgroupattribute') && $this->get_config('syncgroupsmemberattribute');
$excludelist = $this->get_config('syncgroupsexcludelist');
$includelist = $this->get_config('syncgroupsincludelist');
$searchsub = $this->get_config('syncgroupssearchsub');
$grouptype = $this->get_config('syncgroupsgrouptype');
$groupattribute = $this->get_config('syncgroupsgroupattribute');
$docreate = $this->get_config('syncgroupsautocreate');
// If neither one is set, return
if (!$syncbyattribute && !$syncbyclass) {
log_info('not set to sync by user attribute or by group objects, so exiting');
return true;
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("exclusion list : ");
var_dump($excludelist);
log_debug("inclusion list : ");
var_dump($includelist);
}
// fetch userids of current members of that institution
if ($this->institution == 'mahara') {
$currentmembers = get_records_sql_assoc('select u.username as username, u.id as id from {usr} u where u.deleted=0 and not exists (select 1 from {usr_institution} ui where ui.usr=u.id)', array());
} else {
$currentmembers = get_records_sql_assoc('select u.username as username, u.id as id from {usr} u inner join {usr_institution} ui on u.id=ui.usr where u.deleted=0 and ui.institution=?', array($this->institution));
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("current members : " . count($currentmembers));
var_dump($currentmembers);
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("config. LDAP : ");
var_dump($this->get_config());
}
$groups = array();
if ($syncbyattribute) {
// get the distinct values of the used attribute by a LDAP search
// that may be restricted by flags -c or -o
$groups = array_merge($groups, $this->get_attribute_distinct_values($searchsub));
}
if ($syncbyclass) {
$groups = array_merge($groups, $this->ldap_get_grouplist('*', $searchsub));
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("Found LDAP groups : ");
var_dump($groups);
}
$nbadded = 0;
foreach ($groups as $group) {
$nomatch = false;
log_debug("Processing group '{$group}'");
if (!ldap_sync_filter_name($group, $includelist, $excludelist)) {
continue;
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug("processing group : ");
var_dump($group);
}
$ldapusers = array();
if ($syncbyattribute) {
$ldapusers = array_merge($ldapusers, $this->get_users_having_attribute_value($group));
}
if ($syncbyclass) {
$ldapusers = array_merge($ldapusers, $this->ldap_get_group_members($group));
}
// test whether this group exists within the institution
// group.shortname is limited to 255 characters. Unlikely anyone will hit this, but why not?
$shortname = substr($group, 0, 255);
if (!($dbgroup = get_record('group', 'shortname', $shortname, 'institution', $this->institution))) {
if (!$docreate) {
log_debug('autocreation is off so skipping Mahara not existing group ' . $group);
continue;
}
if (count($ldapusers) == 0) {
log_debug('will not autocreate an empty Mahara group ' . $group);
continue;
}
try {
log_info('creating group ' . $group);
// Make sure the name is unique (across all institutions)
// group.name only allows 128 characters. In the event of
// really long group names, we'll arbitrarily truncate them
$basename = $this->institution . ' : ' . $group;
$name = substr($basename, 0, 128);
$n = 0;
while (record_exists('group', 'name', $name)) {
$n++;
$tail = " {$n}";
$name .= substr($basename, 0, 128 - strlen($tail)) . $tail;
}
$dbgroup = array();
$dbgroup['name'] = $name;
$dbgroup['institution'] = $this->institution;
$dbgroup['shortname'] = $shortname;
$dbgroup['grouptype'] = $grouptype;
// default standard (change to course)
$dbgroup['controlled'] = 1;
//definitively
$nbadded++;
if (!$dryrun) {
$groupid = group_create($dbgroup);
}
} catch (Exception $ex) {
log_warn($ex->getMessage());
continue;
}
} else {
$groupid = $dbgroup->id;
log_debug('group exists ' . $group);
}
// now it does exist see what members should be added/removed
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug($group . ' : ');
var_dump($ldapusers);
}
// Puts the site's "admin" user into the group as a group admin
$members = array('1' => 'admin');
//must be set otherwise fatal error group_update_members: no group admins listed for group
foreach ($ldapusers as $username) {
if (isset($currentmembers[$username])) {
$id = $currentmembers[$username]->id;
$members[$id] = 'member';
}
}
if (get_config('auth_ldap_debug_sync_cron')) {
log_debug('new members list : ' . count($members));
var_dump($members);
}
unset($ldapusers);
//try to save memory before memory consuming call to API
$result = $dryrun ? false : group_update_members($groupid, $members);
if ($result) {
log_info(" -> added : {$result['added']} removed : {$result['removed']} updated : {$result['updated']}");
} else {
log_debug('-> no change for ' . $group);
}
unset($members);
//break;
}
log_info('---------- finished groupsync auth instance ' . $this->instanceid . ' at ' . date('r', time()) . ' ----------');
return true;
}
/**
* Update details of an existing group.
*
* @param array $new New values for the group table.
* @param bool $create Create the group if it doesn't exist yet
*/
function group_update($new, $create = false)
{
if (!empty($new->id)) {
$old = get_record_select('group', 'id = ? AND deleted = 0', array($new->id));
} else {
if (!empty($new->institution) && isset($new->shortname) && strlen($new->shortname)) {
$old = get_record_select('group', 'shortname = ? AND institution = ? AND deleted = 0', array($new->shortname, $new->institution));
if (!$old && $create) {
return group_create((array) $new);
}
}
}
if (!$old) {
throw new NotFoundException("group_update: group not found");
}
if (!empty($old->institution) && $old->institution != 'mahara') {
// Api-controlled group; check permissions.
global $USER;
if (!$USER->can_edit_institution($old->institution)) {
throw new AccessDeniedException("group_update: cannot update a group in this institution");
}
}
if (isset($new->submittableto) && empty($new->submittableto) || !isset($new->submittableto) && empty($old->submittableto)) {
$new->allowarchives = 0;
}
// Institution and shortname cannot be updated (yet)
unset($new->institution);
unset($new->shortname);
foreach (array('id', 'grouptype', 'public', 'request', 'submittableto', 'allowarchives', 'editroles', 'hidden', 'hidemembers', 'hidemembersfrommembers', 'groupparticipationreports') as $f) {
if (!isset($new->{$f})) {
$new->{$f} = $old->{$f};
}
}
if (isset($new->jointype)) {
log_warn("group_update: ignoring supplied jointype");
unset($new->jointype);
}
// If the caller isn't trying to enable open/controlled, use the old values
if (!isset($new->open)) {
$new->open = empty($new->controlled) && $old->jointype == 'open';
}
if (!isset($new->controlled)) {
$new->controlled = empty($new->open) && $old->jointype == 'controlled';
}
if ($new->open) {
if ($new->controlled) {
throw new InvalidArgumentException("group_update: a group cannot have both open and controlled membership");
}
$new->request = 0;
$new->jointype = 'open';
} else {
if ($new->controlled) {
$new->jointype = 'controlled';
} else {
$new->jointype = 'approve';
}
}
unset($new->open);
unset($new->controlled);
// Ensure only one of invitefriends,suggestfriends gets enabled.
if (!empty($new->invitefriends)) {
$new->suggestfriends = 0;
} else {
if (!isset($new->invitefriends)) {
$new->invitefriends = (int) ($old->invitefriends && empty($new->suggestfriends));
}
}
if (!isset($new->suggestfriends)) {
$new->suggestfriends = $old->suggestfriends;
}
$diff = array_diff_assoc((array) $new, (array) $old);
if (empty($diff)) {
return null;
}
db_begin();
if (isset($new->members)) {
group_update_members($new->id, $new->members);
unset($new->members);
}
update_record('group', $new, 'id');
// Add users who have requested membership of a group that's becoming
// open
if ($old->jointype != 'open' && $new->jointype == 'open') {
$userids = get_column_sql('
SELECT u.id
FROM {usr} u JOIN {group_member_request} r ON u.id = r.member
WHERE r.group = ? AND u.deleted = 0', array($new->id));
if ($userids) {
foreach ($userids as $uid) {
group_add_user($new->id, $uid);
}
}
}
// Invitations to controlled groups are allowed, but if the admin is
// changing a group to controlled membership, we'll assume they want
// want to revoke all the existing invitations.
if ($old->jointype != 'controlled' && $new->jointype == 'controlled') {
delete_records('group_member_invite', 'group', $new->id);
}
// Remove requests
if ($old->request && !$new->request) {
delete_records('group_member_request', 'group', $new->id);
}
// When the group type changes, make sure everyone has a valid role.
safe_require('grouptype', $new->grouptype);
$allowedroles = call_static_method('GroupType' . ucfirst($new->grouptype), 'get_roles');
set_field_select('group_member', 'role', 'member', '"group" = ? AND NOT role IN (' . join(',', array_fill(0, count($allowedroles), '?')) . ')', array_merge(array($new->id), $allowedroles));
// When a group changes from public -> private or vice versa, set the
// appropriate access permissions on the group homepage view.
if ($old->public != $new->public) {
$homepageid = get_field('view', 'id', 'type', 'grouphomepage', 'group', $new->id);
if ($old->public && !$new->public) {
delete_records('view_access', 'view', $homepageid, 'accesstype', 'public');
insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'loggedin', 'ctime' => db_format_timestamp(time())));
} else {
if (!$old->public && $new->public) {
delete_records('view_access', 'view', $homepageid, 'accesstype', 'loggedin');
insert_record('view_access', (object) array('view' => $homepageid, 'accesstype' => 'public', 'ctime' => db_format_timestamp(time())));
}
}
}
db_commit();
return $diff;
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : request_var('action', ''));
$group_id = request_var('g', 0);
$mark_ary = request_var('mark', array(0));
$name_ary = request_var('usernames', '');
$leader = request_var('leader', 0);
$default = request_var('default', 0);
$start = request_var('start', 0);
$update = isset($_POST['update']) ? true : false;
// Clear some vars
$can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false;
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . " \n\t\t\t\tWHERE group_id = {$group_id}";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
// Approve, demote or promote
group_user_attributes($action, $group_id, $mark_ary, false, $group_id ? $group_row['group_name'] : false);
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if (confirm_box(true)) {
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
}
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
case 'delete':
if (confirm_box(true)) {
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action));
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
break;
}
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action));
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action));
}
$name_ary = array_unique(explode("\n", $name_ary));
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_row['group_name'], $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action));
}
$message = $action == 'addleaders' ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
break;
case 'edit':
case 'add':
$data = $submit_ary = array();
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action));
}
$error = array();
$user->add_lang('ucp');
$avatar_select = basename(request_var('avatar_select', ''));
$category = basename(request_var('category', ''));
// Did we submit?
if ($update) {
$group_name = request_var('group_name', '', true);
$group_desc = request_var('group_desc', '', true);
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
$allow_desc_urls = request_var('desc_parse_urls', false);
$allow_desc_smilies = request_var('desc_parse_smilies', false);
$data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', '');
$delete = request_var('delete', '');
$submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0));
if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) {
$data['width'] = request_var('width', '');
$data['height'] = request_var('height', '');
// Avatar stuff
$var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3));
if (!($error = validate_data($data, $var_ary))) {
$data['user_id'] = "g{$group_id}";
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} else {
if ($data['remotelink']) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
}
}
}
} else {
if ($avatar_select && $config['allow_avatar_local']) {
// check avatar gallery
if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) {
$submit_ary['avatar_type'] = AVATAR_GALLERY;
list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
$submit_ary['avatar'] = $category . '/' . $avatar_select;
}
} else {
if ($delete) {
$submit_ary['avatar'] = '';
$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
}
}
}
if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']) || $group_row['group_avatar'] != $submit_ary['avatar']) || $delete) {
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
avatar_delete($group_row['group_avatar']);
}
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
$group_attributes = array();
$test_variables = array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'legend', 'message_limit');
foreach ($test_variables as $test) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) {
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = request_var('group_perm_from', 0);
// Copy permissions?
if ($group_perm_from && $action == 'add') {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
if (sizeof($groups_sql_ary)) {
switch (SQL_LAYER) {
case 'mysql':
case 'mysql4':
case 'mysqli':
$db->sql_query('INSERT INTO ' . ACL_GROUPS_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $groups_sql_ary));
break;
default:
foreach ($groups_sql_ary as $ary) {
$db->sql_query('INSERT INTO ' . ACL_GROUPS_TABLE . ' ' . $db->sql_build_array('INSERT', $ary));
}
break;
}
}
$auth->acl_clear_prefetch();
}
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = request_var('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
switch ($group_row['group_avatar_type']) {
case AVATAR_UPLOAD:
$avatar_img = $phpbb_root_path . $config['avatar_path'] . '/';
break;
case AVATAR_GALLERY:
$avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/';
break;
}
$avatar_img .= $group_row['group_avatar'];
$avatar_img = '<img src="' . $avatar_img . '" width="' . $group_row['group_avatar_width'] . '" height="' . $group_row['group_avatar_height'] . '" alt="" />';
} else {
$avatar_img = '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
}
$display_gallery = isset($_POST['display_gallery']) ? true : false;
if ($config['allow_avatar_local'] && $display_gallery) {
avatar_gallery($category, $avatar_select, 4);
}
$back_link = request_var('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . request_var('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(0), 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'GROUP_AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour'), 'UA_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour', false), 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024))));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
$this->page_title = 'GROUP_MEMBERS';
// Total number of group leaders
$sql = 'SELECT COUNT(user_id) AS total_leaders
FROM ' . USER_GROUP_TABLE . " \n\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\tAND group_leader = 1";
$result = $db->sql_query($sql);
$total_leaders = (int) $db->sql_fetchfield('total_leaders');
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . " \n\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\tAND group_leader <> 1";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug \n\t\t\t\t\tWHERE ug.group_id = {$group_id} \n\t\t\t\t\t\tAND u.user_id = ug.user_id \n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$leader = $member = 0;
$group_data = array('leader' => array(), 'member' => array());
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_leader'] ? 'leader' : 'member';
$group_data[$type][${$type}]['user_id'] = $row['user_id'];
$group_data[$type][${$type}]['group_id'] = $row['group_id'];
$group_data[$type][${$type}]['username'] = $row['username'];
$group_data[$type][${$type}]['user_regdate'] = $row['user_regdate'];
$group_data[$type][${$type}]['user_posts'] = $row['user_posts'];
$group_data[$type][${$type}]['user_pending'] = $row['user_pending'] ? 1 : 0;
${$type}++;
}
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start, true), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames')));
foreach ($group_data['leader'] as $row) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$pending = false;
foreach ($group_data['member'] as $row) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
$sql = 'SELECT g.group_id, g.group_name, g.group_type, COUNT(ug.user_id) AS total_members
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (g.group_id = ug.group_id)
GROUP BY g.group_id, g.group_name, g.group_type
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$special = $normal = 0;
$group_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
$group_ary[$type][${$type}]['group_id'] = $row['group_id'];
$group_ary[$type][${$type}]['group_name'] = $row['group_name'];
$group_ary[$type][${$type}]['group_type'] = $row['group_type'];
$group_ary[$type][${$type}]['total_members'] = $row['total_members'];
${$type}++;
}
$db->sql_freeresult($result);
ksort($group_ary);
$special_toggle = false;
foreach ($group_ary as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $row) {
$group_id = $row['group_id'];
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_DEFAULT' => "{$this->u_action}&action=default&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
function group_received_create()
{
if (group_create(stripslashes($_POST['name']), manage_setting_get_received('default_group'))) {
$_POST = array();
}
}
/**
* Correct the system groups
*/
function groups(&$error, $selected)
{
global $db;
$data = $group_rows = $existing_groups = array();
get_group_rows($data, $group_rows, $existing_groups);
foreach ($group_rows as $name) {
// Skip ones that are in the default install and are in the existing permissions
if (isset($this->db_cleaner->data->groups[$name]) && in_array($name, $existing_groups)) {
continue;
}
if (isset($selected[$name])) {
if (isset($this->db_cleaner->data->groups[$name]) && !in_array($name, $existing_groups)) {
// Add it with the default settings we've got...
$group_id = false;
group_create($group_id, $this->db_cleaner->data->groups[$name]['group_type'], $name, $this->db_cleaner->data->groups[$name]['group_desc'], array('group_colour' => $this->db_cleaner->data->groups[$name]['group_colour'], 'group_legend' => $this->db_cleaner->data->groups[$name]['group_legend'], 'group_avatar' => $this->db_cleaner->data->groups[$name]['group_avatar'], 'group_max_recipients' => $this->db_cleaner->data->groups[$name]['group_max_recipients']));
} else {
if (!isset($this->db_cleaner->data->groups[$name]) && in_array($name, $existing_groups)) {
if (!function_exists('group_delete')) {
include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
}
// Remove it
$db->sql_query('SELECT group_id FROM ' . GROUPS_TABLE . ' WHERE group_name = \'' . $db->sql_escape($name) . '\'');
$group_id = $db->sql_fetchfield('group_id');
group_delete($group_id, $name);
}
}
}
}
}
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx;
global $db, $user, $auth, $cache, $template;
$user->add_lang('groups');
$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
$mark_ary = request_var('mark', array(0));
$submit = !empty($_POST['submit']) ? true : false;
$delete = !empty($_POST['delete']) ? true : false;
$error = $data = array();
switch ($mode) {
case 'membership':
$this->page_title = 'UCP_USERGROUPS_MEMBER';
if ($submit || isset($_POST['change_default'])) {
$action = isset($_POST['change_default']) ? 'change_default' : request_var('action', '');
$group_id = $action == 'change_default' ? request_var('default', 0) : request_var('selected', 0);
if (!$group_id) {
trigger_error('NO_GROUP_SELECTED');
}
$sql = 'SELECT group_id, group_name, group_type
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id IN ({$group_id}, {$user->data['group_id']})";
$result = $db->sql_query($sql);
$group_row = array();
while ($row = $db->sql_fetchrow($result)) {
$row['group_name'] = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$group_row[$row['group_id']] = $row;
}
$db->sql_freeresult($result);
if (!sizeof($group_row)) {
trigger_error('GROUP_NOT_EXIST');
}
switch ($action) {
case 'change_default':
// User already having this group set as default?
if ($group_id == $user->data['group_id']) {
trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page);
}
if (!$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_AUTHORISED'] . $return_page);
}
// User needs to be member of the group in order to make it default
if (!group_memberships($group_id, $user->data['user_id'], true)) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('default', $group_id, $user->data['user_id']);
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page);
} else {
$s_hidden_fields = array('default' => $group_id, 'change_default' => true);
confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields));
}
break;
case 'resign':
// User tries to resign from default group but is not allowed to change it?
if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_type = (int) $db->sql_fetchfield('group_type');
$db->sql_freeresult($result);
if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) {
trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_del($group_id, $user->data['user_id']);
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']);
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$row['user_pending'] ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'resign', 'submit' => true);
confirm_box(false, $row['user_pending'] ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields));
}
break;
case 'join':
$sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
WHERE ug.user_id = u.user_id
AND ug.group_id = ' . $group_id . '
AND ug.user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
if ($row['user_pending']) {
trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page);
}
trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page);
}
// Check permission to join (open group or request)
if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) {
trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
if ($group_row[$group_id]['group_type'] == GROUP_FREE) {
group_user_add($group_id, $user->data['user_id']);
$email_template = 'group_added';
} else {
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
$email_template = 'group_request';
}
include_once $phpbb_root_path . 'includes/functions_messenger.' . $phpEx;
$messenger = new messenger();
$sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
WHERE ug.user_id = u.user_id
AND ' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . "\n\t\t\t\t\t\t\t\t\t\tAND ug.group_id = {$group_id}";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$messenger->template($email_template, $row['user_lang']);
$messenger->to($row['user_email'], $row['username']);
$messenger->im($row['user_jabber'], $row['username']);
$messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($row['username']), 'GROUP_NAME' => htmlspecialchars_decode($group_row[$group_id]['group_name']), 'REQUEST_USERNAME' => $user->data['username'], 'U_PENDING' => generate_board_url() . "/ucp.{$phpEx}?i=groups&mode=manage&action=list&g={$group_id}", 'U_GROUP' => generate_board_url() . "/memberlist.{$phpEx}?mode=group&g={$group_id}"));
$messenger->send($row['user_notify_type']);
}
$db->sql_freeresult($result);
$messenger->save_queue();
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? '' : '_PENDING'), $group_row[$group_id]['group_name']);
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'join', 'submit' => true);
confirm_box(false, $group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields));
}
break;
case 'demote':
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('demote', $group_id, $user->data['user_id']);
add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']);
meta_refresh(3, $this->u_action);
trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'demote', 'submit' => true);
confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields));
}
break;
}
}
$sql = 'SELECT g.*, ug.group_leader, ug.user_pending
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
$group_id_ary = array();
$leader_count = $member_count = $pending_count = 0;
while ($row = $db->sql_fetchrow($result)) {
$block = $row['group_leader'] ? 'leader' : ($row['user_pending'] ? 'pending' : 'member');
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars($block, array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_GROUP_DEFAULT' => $row['group_id'] == $user->data['group_id'] ? true : false, 'S_ROW_COUNT' => ${$block . '_count'}++));
$group_id_ary[] = (int) $row['group_id'];
}
$db->sql_freeresult($result);
// Hide hidden groups unless user is an admin with group privileges
$sql_and = $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE ' . (sizeof($group_id_ary) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "\n\t\t\t\t\t\tgroup_type {$sql_and}\n\t\t\t\t\tORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$nonmember_count = 0;
while ($row = $db->sql_fetchrow($result)) {
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars('nonmember', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_CLOSED' => $row['group_type'] != GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'S_CAN_JOIN' => $row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE ? true : false, 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_ROW_COUNT' => $nonmember_count++));
}
$db->sql_freeresult($result);
$template->assign_vars(array('S_CHANGE_DEFAULT' => $auth->acl_get('u_chggrp') ? true : false, 'S_LEADER_COUNT' => $leader_count, 'S_MEMBER_COUNT' => $member_count, 'S_PENDING_COUNT' => $pending_count, 'S_NONMEMBER_COUNT' => $nonmember_count, 'S_UCP_ACTION' => $this->u_action));
break;
case 'manage':
$this->page_title = 'UCP_USERGROUPS_MANAGE';
$action = isset($_POST['addusers']) ? 'addusers' : request_var('action', '');
$group_id = request_var('g', 0);
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
add_form_key('ucp_groups');
if ($group_id) {
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id = {$group_id}";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING);
}
$group_name = $group_row['group_name'];
$group_type = $group_row['group_type'];
$avatar_img = !empty($group_row['group_avatar']) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />';
$template->assign_vars(array('GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], 'AVATAR' => $avatar_img, 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : ''));
}
switch ($action) {
case 'edit':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$file_uploads = @ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on' ? true : false;
$user->add_lang(array('acp/groups', 'acp/common'));
$data = $submit_ary = array();
$update = isset($_POST['update']) ? true : false;
$error = array();
$avatar_select = basename(request_var('avatar_select', ''));
$category = basename(request_var('category', ''));
$can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false;
// Did we submit?
if ($update) {
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
$allow_desc_urls = request_var('desc_parse_urls', false);
$allow_desc_smilies = request_var('desc_parse_smilies', false);
$submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients' => request_var('group_max_recipients', 0));
$data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', '');
$data['width'] = request_var('width', '');
$data['height'] = request_var('height', '');
$delete = request_var('delete', '');
if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) {
// Avatar stuff
$var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3));
if (!($error = validate_data($data, $var_ary))) {
$data['user_id'] = "g{$group_id}";
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} else {
if ($data['remotelink']) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
}
}
}
} else {
if ($avatar_select && $config['allow_avatar_local']) {
// check avatar gallery
if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) {
$submit_ary['avatar_type'] = AVATAR_GALLERY;
list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
$submit_ary['avatar'] = $category . '/' . $avatar_select;
}
} else {
if ($delete) {
$submit_ary['avatar'] = '';
$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
} else {
if ($data['width'] && $data['height']) {
// Only update the dimensions?
if ($config['avatar_max_width'] || $config['avatar_max_height']) {
if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
if (!sizeof($error)) {
if ($config['avatar_min_width'] || $config['avatar_min_height']) {
if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
}
if (!sizeof($error)) {
$submit_ary['avatar_width'] = $data['width'];
$submit_ary['avatar_height'] = $data['height'];
}
}
}
}
}
if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && !isset($group_row['group_avatar']) || $delete) {
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
avatar_delete('group', $group_row, true);
}
}
if (!check_form_key('ucp_groups')) {
$error[] = $user->lang['FORM_INVALID'];
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
$group_attributes = array();
$test_variables = array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'legend', 'message_limit', 'max_recipients');
foreach ($test_variables as $test) {
if ($action == 'add' || isset($submit_ary[$test]) && $group_row['group_' . $test] != $submit_ary[$test]) {
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . $return_page);
}
}
if (sizeof($error)) {
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
$display_gallery = isset($_POST['display_gallery']) ? true : false;
if ($config['allow_avatar_local'] && $display_gallery) {
avatar_gallery($category, $avatar_select, 4);
}
$avatars_enabled = $can_upload || ($config['allow_avatar_local'] || $config['allow_avatar_remote']) ? true : false;
$template->assign_vars(array('S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_FORM_ENCTYPE' => $can_upload ? ' enctype="multipart/form-data"' : '', 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_AVATARS_ENABLED' => $avatars_enabled, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_DESC' => $group_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_SWATCH' => append_sid("{$phpbb_root_path}adm/swatch.{$phpEx}", 'form=ucp&name=group_colour'), 'S_UCP_ACTION' => $this->u_action . "&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024)));
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang(array('acp/groups', 'acp/common'));
$start = request_var('start', 0);
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
$approved = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$template->assign_var('S_PENDING_SET', true);
$pending = true;
} else {
if (!$row['user_pending'] && !$approved) {
$template->assign_block_vars('member', array('S_APPROVED' => true));
$template->assign_var('S_APPROVED_SET', true);
$approved = true;
}
}
$template->assign_block_vars('member', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$template->assign_vars(array('S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=ucp&field=usernames')));
break;
case 'approve':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang('acp/groups');
// Approve, demote or promote
group_user_attributes('approve', $group_id, $mark_ary, false, false);
trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
if (confirm_box(true)) {
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
}
$user->add_lang('acp/groups');
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$user->add_lang('acp/common');
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
$user->add_lang(array('acp/groups', 'acp/common'));
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
if (confirm_box(true)) {
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
if ($error) {
trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
}
trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
$user->add_lang(array('acp/groups', 'acp/common'));
$names = utf8_normalize_nfc(request_var('usernames', '', true));
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!$names) {
trigger_error($user->lang['NO_USERS'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$name_ary = array_unique(explode("\n", $names));
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
$default = request_var('default', 0);
if (confirm_box(true)) {
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) {
trigger_error($user->lang[$error] . $return_page);
}
trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$s_hidden_fields = array('default' => $default, 'usernames' => $names, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action);
confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . (sizeof($name_ary) == 1 ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields));
}
trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
default:
$user->add_lang('acp/common');
$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
AND ug.group_leader = 1
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
while ($value = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('GROUP_NAME' => $value['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $value['group_name']] : $value['group_name'], 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 'GROUP_TYPE' => $value['group_type'], 'GROUP_ID' => $value['group_id'], 'GROUP_COLOUR' => $value['group_colour'], 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}"));
}
$db->sql_freeresult($result);
break;
}
break;
}
$this->tpl_name = 'ucp_groups_' . $mode;
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
$form_key = 'acp_groups';
add_form_key($form_key);
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : request_var('action', ''));
$group_id = request_var('g', 0);
$mark_ary = request_var('mark', array(0));
$name_ary = request_var('usernames', '', true);
$leader = request_var('leader', 0);
$default = request_var('default', 0);
$start = request_var('start', 0);
$update = isset($_POST['update']) ? true : false;
// Clear some vars
$can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false;
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_id = {$group_id}";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Approve, demote or promote
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error) {
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (confirm_box(true)) {
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
}
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
case 'delete':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($action === 'delete' && $group_row['group_type'] == GROUP_SPECIAL) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
$error = group_user_del($group_id, $mark_ary, false, $group_name);
break;
}
$back_link = $action == 'delete' ? $this->u_action : $this->u_action . '&action=list&g=' . $group_id;
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($back_link), E_USER_WARNING);
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($back_link));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$name_ary = array_unique(explode("\n", $name_ary));
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$message = $leader ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
break;
case 'edit':
case 'add':
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
$data = $submit_ary = array();
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = array();
$user->add_lang('ucp');
$avatar_select = basename(request_var('avatar_select', ''));
$category = basename(request_var('category', ''));
// Did we submit?
if ($update) {
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
$allow_desc_urls = request_var('desc_parse_urls', false);
$allow_desc_smilies = request_var('desc_parse_smilies', false);
$data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', '');
$data['width'] = request_var('width', '');
$data['height'] = request_var('height', '');
$delete = request_var('delete', '');
$submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients' => request_var('group_max_recipients', 0), 'founder_manage' => 0, 'skip_auth' => request_var('group_skip_auth', 0));
if ($user->data['user_type'] == USER_FOUNDER) {
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) {
// Avatar stuff
$var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3));
if (!($error = validate_data($data, $var_ary))) {
$data['user_id'] = "g{$group_id}";
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} else {
if ($data['remotelink']) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
}
}
}
} else {
if ($avatar_select && $config['allow_avatar_local']) {
// check avatar gallery
if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) {
$submit_ary['avatar_type'] = AVATAR_GALLERY;
list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
$submit_ary['avatar'] = $category . '/' . $avatar_select;
}
} else {
if ($delete) {
$submit_ary['avatar'] = '';
$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
} else {
if ($data['width'] && $data['height']) {
// Only update the dimensions?
if ($config['avatar_max_width'] || $config['avatar_max_height']) {
if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
if (!sizeof($error)) {
if ($config['avatar_min_width'] || $config['avatar_min_height']) {
if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
}
if (!sizeof($error)) {
$submit_ary['avatar_width'] = $data['width'];
$submit_ary['avatar_height'] = $data['height'];
}
}
}
}
}
if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && !isset($group_row['group_avatar']) || $delete) {
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
avatar_delete('group', $group_row, true);
}
}
// Validate the length of "Maximum number of allowed recipients per private message" setting.
// We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value
// which is the lowest amongst DBMSes supported by phpBB3
if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215)))) {
// Replace "error" string with its real, localised form
$error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'int', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int', 'founder_manage' => 'int', 'skip_auth' => 'int');
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = request_var('group_perm_from', 0);
// Copy permissions?
// If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transferred.
// We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions.
// Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise.
if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) {
$sql = 'SELECT group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$check_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Check the group if non-founder
if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_founder_manage'] == 0)) {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
$auth->acl_clear_prefetch();
}
}
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
$avatar_img = !empty($group_row['group_avatar']) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
$display_gallery = isset($_POST['display_gallery']) ? true : false;
if ($config['allow_avatar_local'] && $display_gallery) {
avatar_gallery($category, $avatar_select, 4);
}
$back_link = request_var('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . request_var('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_GROUP_PERM' => $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth') ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'S_USER_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_FOUNDER_MANAGE' => isset($group_row['group_founder_manage']) && $group_row['group_founder_manage'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_SKIP_AUTH' => !empty($group_row['group_skip_auth']) ? ' checked="checked"' : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(false, false, $user->data['user_type'] == USER_FOUNDER ? false : 0), 'AVATAR' => $avatar_img, 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour'), 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024))));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$this->page_title = 'GROUP_MEMBERS';
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_colour, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start, true), 'GROUP_NAME' => $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'], 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames'), 'U_DEFAULT_ALL' => "{$this->u_action}&action=default&g={$group_id}"));
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
// Get us all the groups
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$lookup = $cached_group_data = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
// used to determine what type a group is
$lookup[$row['group_id']] = $type;
// used for easy access to the data within a group
$cached_group_data[$type][$row['group_id']] = $row;
$cached_group_data[$type][$row['group_id']]['total_members'] = 0;
}
$db->sql_freeresult($result);
// How many people are in which group?
$sql = 'SELECT COUNT(ug.user_id) AS total_members, ug.group_id
FROM ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($lookup)) . '
GROUP BY ug.group_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$type = $lookup[$row['group_id']];
$cached_group_data[$type][$row['group_id']]['total_members'] = $row['total_members'];
}
$db->sql_freeresult($result);
// The order is... normal, then special
ksort($cached_group_data);
foreach ($cached_group_data as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $group_id => $row) {
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
function display_options()
{
global $config, $db, $plugin, $template, $umil, $user;
$continue = (isset($_POST['continue'])) ? true : false;
$step = request_var('step', 0);
$selected = request_var('items', array('' => ''));
// Apply Changes to the DB?
$apply_changes = true;
if ($step > 0)
{
// Kick them if bad form key
check_form_key('database_cleaner', false, append_sid(STK_INDEX, 't=database_cleaner'), true);
}
// include the required file for this version
$version_file = preg_replace('#([^0-9]+)#', '_', $config['version']) . '.' . PHP_EXT;
if (!file_exists(STK_ROOT_PATH . 'includes/database_cleaner/' . $version_file))
{
trigger_error('PHPBB_VERSION_NOT_SUPPORTED');
}
include(STK_ROOT_PATH . 'includes/database_cleaner/functions.' . PHP_EXT);
include(STK_ROOT_PATH . 'includes/database_cleaner/' . $version_file);
$cleaner = new database_cleaner_data();
$user->add_lang('acp/common');
switch ($step)
{
case 0 :
// Display a quick intro here and make sure they know what they are doing...
$template->assign_vars(array(
'S_NO_INSTRUCTIONS' => true,
'SUCCESS_TITLE' => $user->lang['DATABASE_CLEANER'],
'SUCCESS_MESSAGE' => $user->lang['DATABASE_CLEANER_WELCOME'],
'ERROR_TITLE' => ' ',
'ERROR_MESSAGE' => $user->lang['DATABASE_CLEANER_WARNING'],
));
break;
case 1 :
// Redirect if they selected quit
if (isset($_POST['quit']))
{
redirect(append_sid(STK_ROOT_PATH . 'index.' . PHP_EXT));
}
// Start by disabling the board
if ($apply_changes)
{
set_config('board_disable', 1);
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['BOARD_DISABLE_SUCCESS']);
// Find any extra tables and list them as options to remove
if (!function_exists('get_tables'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT);
}
$existing_tables = get_tables($db);
$tables = array_unique(array_merge(array_keys($cleaner->tables), $existing_tables));
sort($tables);
$template->assign_block_vars('section', array(
'NAME' => $user->lang['DATABASE_TABLES'],
'TITLE' => $user->lang['DATABASE_TABLES'],
));
foreach ($tables as $table)
{
if ((isset($cleaner->tables[$table]) && !in_array($table, $existing_tables)) || (!isset($cleaner->tables[$table]) && in_array($table, $existing_tables)))
{
$template->assign_block_vars('section.items', array(
'NAME' => $table,
'FIELD_NAME' => $table,
'MISSING' => (isset($cleaner->tables[$table])) ? true : false,
));
}
}
break;
case 2:
// Remove the extra selected tables, and add the missing removed tables
$error = array();
if ($apply_changes)
{
if (!function_exists('get_tables'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT);
}
$existing_tables = get_tables($db);
$tables = array_unique(array_merge(array_keys($cleaner->tables), $existing_tables));
foreach ($tables as $table)
{
if (isset($selected[$table]))
{
if (isset($cleaner->tables[$table]) && !in_array($table, $existing_tables))
{
$result = $umil->table_add($table, $cleaner->tables[$table]);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
else if (!isset($cleaner->tables[$table]) && in_array($table, $existing_tables))
{
$result = $umil->table_remove($table);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
}
}
}
if (!empty($error))
{
$template->assign_var('ERROR_MESSAGE', implode('<br />', $error));
}
else
{
$template->assign_var('SUCCESS_MESSAGE', $user->lang['DATABASE_TABLES_SUCCESS']);
}
// Time to start going through the database and listing any extra/missing fields
$last_output_table = '';
foreach ($cleaner->tables as $table_name => $data)
{
// We shouldn't mess with profile fields here. Users probably will not know what this table does or what would happen if they remove fields added to it.
if ($table_name == PROFILE_FIELDS_DATA_TABLE)
{
continue;
}
$existing_columns = $this->get_columns($table_name);
if ($existing_columns === false)
{
// Table doesn't exist, don't handle here.
continue;
}
$columns = array_unique(array_merge(array_keys($data['COLUMNS']), $existing_columns));
sort($columns);
foreach ($columns as $column)
{
if ((!isset($data['COLUMNS'][$column]) && in_array($column, $existing_columns)) || (isset($data['COLUMNS'][$column]) && !in_array($column, $existing_columns)))
{
// Output the table block if it's not been done yet
if ($last_output_table != $table_name)
{
$last_output_table = $table_name;
$template->assign_block_vars('section', array(
'NAME' => $table_name,
'TITLE' => $user->lang['ROWS'],
));
}
$template->assign_block_vars('section.items', array(
'NAME' => $column,
'FIELD_NAME' => $table_name . '_' . $column,
'MISSING' => (!in_array($column, $existing_columns)) ? true : false,
));
}
}
}
break;
case 3:
// Update the tables according to what they selected last time
$error = array();
if ($apply_changes)
{
foreach ($cleaner->tables as $table_name => $data)
{
if ($table_name == PROFILE_FIELDS_DATA_TABLE)
{
continue;
}
$existing_columns = $this->get_columns($table_name);
if ($existing_columns === false)
{
// Table doesn't exist, don't handle here.
continue;
}
$columns = array_unique(array_merge(array_keys($data['COLUMNS']), $existing_columns));
foreach ($columns as $column)
{
if (isset($selected[$table_name . '_' . $column]))
{
if (!isset($data['COLUMNS'][$column]) && in_array($column, $existing_columns))
{
$result = $umil->table_column_remove($table_name, $column);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
else if (isset($data['COLUMNS'][$column]) && !in_array($column, $existing_columns))
{
// This can return an error under some circumstances, like when trying to add an auto-increment field (hope to hell nobody drops one of those)
$result = $umil->table_column_add($table_name, $column, $data['COLUMNS'][$column]);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
// We can re-add *some* keys
if (isset($data['KEYS']))
{
if (in_array($column, $data['KEYS']))
{
if ($data['KEYS'][$column][0] == 'INDEX' && $data['KEYS'][$column][1] == $column)
{
$result = $umil->table_index_add($table_name, $column, $column);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
}
}
}
}
}
}
}
if (!empty($error))
{
$template->assign_var('ERROR_MESSAGE', implode('<br />', $error));
}
else
{
$template->assign_var('SUCCESS_MESSAGE', $user->lang['DATABASE_COLUMNS_SUCCESS']);
}
// display extra config variables and let them check/uncheck the ones they want to add/remove
$template->assign_block_vars('section', array(
'NAME' => $user->lang['CONFIG_SETTINGS'],
'TITLE' => $user->lang['ROWS'],
));
$config_rows = $existing_config = array();
get_config_rows($cleaner, $config_rows, $existing_config);
foreach ($config_rows as $name)
{
// Skip ones that are in the default install and are in the existing config
if (isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_config)) ? true : false,
));
}
break;
case 4 :
// Add/remove the extra config variables they selected.
if ($apply_changes)
{
$config_rows = $existing_config = array();
get_config_rows($cleaner, $config_rows, $existing_config);
foreach ($config_rows as $name)
{
if (isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->config[$name]) && !in_array($name, $existing_config))
{
// Add it with the default settings we've got...
set_config($name, $cleaner->config[$name]['config_value'], $cleaner->config[$name]['is_dynamic']);
}
else if (!isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
// Remove it
$db->sql_query('DELETE FROM ' . CONFIG_TABLE . " WHERE config_name = '" . $db->sql_escape($name) . "'");
}
}
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['CONFIG_UPDATE_SUCCESS']);
// Display the extra permission fields and again let them select ones to add/remove
$template->assign_block_vars('section', array(
'NAME' => $user->lang['PERMISSION_SETTINGS'],
'TITLE' => $user->lang['ROWS'],
));
$permission_rows = $existing_permissions = array();
get_permission_rows($cleaner, $permission_rows, $existing_permissions);
foreach ($permission_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_permissions)) ? true : false,
));
}
break;
case 5 :
// Add/remove the permission fields they selected
if ($apply_changes)
{
$permission_rows = $existing_permissions = array();
get_permission_rows($cleaner, $permission_rows, $existing_permissions);
foreach ($permission_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->permissions[$name]) && !in_array($name, $existing_permissions))
{
// Add it with the default settings we've got...
$umil->permission_add($name, (($cleaner->permissions[$name]['is_global']) ? true : false));
}
else if (!isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
// Remove it
$umil->permission_remove($name, true);
$umil->permission_remove($name, false);
}
}
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['PERMISSION_UPDATE_SUCCESS']);
// Display the system groups that are missing or aren't from a vanilla installation
$template->assign_block_vars('section', array(
'NAME' => $user->lang['ACP_GROUPS_MANAGEMENT'],
'TITLE' => $user->lang['ROWS'],
));
$group_rows = $existing_groups = array();
get_group_rows($cleaner, $group_rows, $existing_groups);
foreach ($group_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_groups)) ? true : false,
));
}
break;
case 6:
// Add/remove selected system groups
if ($apply_changes)
{
$group_rows = $existing_groups = array();
get_group_rows($cleaner, $group_rows, $existing_groups);
foreach ($group_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->groups[$name]) && !in_array($name, $existing_groups))
{
// Add it with the default settings we've got...
$group_id = false;
group_create($group_id, $cleaner->groups[$name]['group_type'], $name, $cleaner->groups[$name]['group_desc'], array('group_colour' => $cleaner->groups[$name]['group_colour'], 'group_legend' => $cleaner->groups[$name]['group_legend'], 'group_avatar' => $cleaner->groups[$name]['group_avatar'], 'group_max_recipients' => $cleaner->groups[$name]['group_max_recipients']));
}
else if (!isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
// Remove it
$db->sql_query('SELECT group_id FROM ' . GROUPS_TABLE . ' WHERE group_name = \'' . $name . '\'');
$group_id = $db->sql_fetchfield('group_id');
group_delete($group_id, $name);
}
}
}
}
// Ask if they would like to reset the modules (handled in the template)
$template->assign_vars(array(
'S_MODULE_OPTIONS' => true,
'S_NO_INSTRUCTIONS' => true,
));
break;
case 7 :
// Reset the modules if they wanted to
if (isset($_POST['yes']) && $apply_changes)
{
// Remove existing modules
$db->sql_query('DELETE FROM ' . MODULES_TABLE);
// Add the modules
$db->sql_multi_insert(MODULES_TABLE, $cleaner->modules);
$template->assign_var('SUCCESS_MESSAGE', $user->lang['RESET_MODULE_SUCCESS']);
}
// Ask if they would like to reset the bots (handled in the template)
$template->assign_vars(array(
'S_BOT_OPTIONS' => true,
'S_NO_INSTRUCTIONS' => true,
));
break;
case 8 :
// Reset the bots if they wanted to
if (isset($_POST['yes']) && $apply_changes)
{
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "
WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$group_colour = $db->sql_fetchfield('group_colour', 0, $result);
$db->sql_freeresult($result);
if (!$group_id)
{
// If we reach this point then something has gone very wrong
$template->assign_var('ERROR_MESSAGE', $user->lang['NO_BOT_GROUP']);
}
else
{
if (!function_exists('user_add'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT);
}
// Remove existing bots
$uids = array();
$sql = 'SELECT user_id FROM ' . BOTS_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$uids[] = $row['user_id'];
}
$db->sql_freeresult($result);
if (!empty($uids))
{
$db->sql_query('DELETE FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $uids));
$db->sql_query('DELETE FROM ' . BOTS_TABLE);
}
// Add the bots
foreach ($this->bot_list as $bot_name => $bot_ary)
{
$user_row = array(
'user_type' => USER_IGNORE,
'group_id' => $group_id,
'username' => $bot_name,
'user_regdate' => time(),
'user_password' => '',
'user_colour' => $group_colour,
'user_email' => '',
'user_lang' => $config['default_lang'],
'user_style' => 1,
'user_timezone' => 0,
'user_dateformat' => $config['default_dateformat'],
'user_allow_massemail' => 0,
);
$user_id = user_add($user_row);
if ($user_id)
{
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'bot_active' => 1,
'bot_name' => (string) $bot_name,
'user_id' => (int) $user_id,
'bot_agent' => (string) $bot_ary[0],
'bot_ip' => (string) $bot_ary[1],
));
$result = $db->sql_query($sql);
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['RESET_BOT_SUCCESS']);
}
}
// Misc things will be done next
$template->assign_vars(array(
'SUCCESS_MESSAGE' => $user->lang['FINAL_STEP'],
'S_NO_INSTRUCTIONS' => true,
));
break;
case 9 :
if ($apply_changes)
{
set_config('board_disable', 0);
$umil->cache_purge();
$umil->cache_purge('auth');
}
// Finished?
trigger_error('DATABASE_CLEANER_SUCCESS');
break;
}
page_header($user->lang['DATABASE_CLEANER'], false);
$template->assign_vars(array(
'STEP' => $step,
'U_NEXT_STEP' => append_sid(STK_INDEX, 't=database_cleaner&step=' . ($step + 1)),
));
$template->set_filenames(array(
'body' => 'tools/database_cleaner.html',
));
page_footer();
}
/**
* Add the users to the system. Make sure that they have to change their
* password on next login also.
*/
function uploadcsv_submit(Pieform $form, $values)
{
global $SESSION, $CSVDATA, $FORMAT, $UPDATES, $USER;
$formatkeylookup = array_flip($FORMAT);
$institution = $values['institution'];
if ($values['updategroups']) {
log_info('Updating groups from the CSV file');
} else {
log_info('Inserting groups from the CSV file');
}
db_begin();
$addedgroups = array();
foreach ($CSVDATA as $record) {
$group = new StdClass();
$group->name = $record[$formatkeylookup['displayname']];
$group->shortname = $record[$formatkeylookup['shortname']];
$group->institution = $institution;
$group->grouptype = $record[$formatkeylookup['roles']];
foreach ($FORMAT as $field) {
if ($field == 'displayname' || $field == 'shortname' || $field == 'roles') {
continue;
}
if ($field == 'submitpages') {
$group->submittableto = $record[$formatkeylookup[$field]];
continue;
}
$group->{$field} = $record[$formatkeylookup[$field]];
}
if (!$values['updategroups'] || !isset($UPDATES[$group->shortname])) {
$group->members = array($USER->id => 'admin');
$group->id = group_create((array) $group);
$addedgroups[] = $group;
log_debug('added group ' . $group->name);
} else {
if (isset($UPDATES[$group->shortname])) {
$shortname = $group->shortname;
$updates = group_update($group);
if (empty($updates)) {
unset($UPDATES[$shortname]);
} else {
if (isset($updates['name'])) {
$updates['displayname'] = $updates['name'];
unset($updates['name']);
}
$UPDATES[$shortname] = $updates;
log_debug('updated group ' . $group->name . ' (' . implode(', ', array_keys((array) $updates)) . ')');
}
}
}
}
db_commit();
$SESSION->add_ok_msg(get_string('csvfileprocessedsuccessfully', 'admin'));
if ($UPDATES) {
$updatemsg = smarty_core();
$updatemsg->assign('added', count($addedgroups));
$updatemsg->assign('updates', $UPDATES);
$SESSION->add_info_msg($updatemsg->fetch('admin/groups/csvupdatemessage.tpl'), false);
} else {
$SESSION->add_ok_msg(get_string('numbernewgroupsadded', 'admin', count($addedgroups)));
}
redirect('/admin/groups/uploadcsv.php');
}
/**
* Create a group that can be used in a test.
*
* @param array $groupdata data about the group to create - this can take anything that {@link group_create} can take.
* If null then a group called 'groupX' will be created, where X is the number of groups created so far.
* These will be automatically cleaned up in tearDown, so make sure you call parent::tearDown().
* @return int new group id.
*/
protected function create_test_group($groupdata = null)
{
$testdata = array('name' => 'group' . count($this->testgroups), 'grouptype' => 'test' . count($this->testusers) . '@localhost');
$combineddata = array_merge($testdata, (array) $groupdata);
if (array_key_exists($combineddata['name'], $this->testgroups)) {
throw new MaharaUnitTextException("MaharaUnitTest::create_test_group called with duplicate name {$combineddata['name']}");
}
try {
$newgroupid = group_create($combineddata);
$this->testgroups[$combineddata['name']] = $newgroupid;
return $newgroupid;
} catch (Exception $e) {
throw new MaharaUnitTestException("MaharaUnitTest::create_test_group call caught an exception creating a group: " . $e->getMessage());
}
}
function mahara_group_update_group_members($client)
{
//Set test data
$dbuser1 = $this->create_user1_for_update();
$dbuser2 = $this->create_user2_for_update();
//Test data
//a full group: group1
$group1 = new stdClass();
$group1->name = 'The test group 1 - create';
$group1->shortname = 'testgroupshortname1';
$group1->description = 'a description for test group 1';
$group1->institution = 'mahara';
$group1->grouptype = 'standard';
$group1->open = 1;
$group1->request = 0;
$group1->controlled = 0;
$group1->submitpages = 0;
$group1->public = 0;
$group1->usersautoadded = 0;
$group1->members = array($dbuser1->id => 'admin', $dbuser2->id => 'admin');
//a small group: group2
$group2 = new stdClass();
$group2->shortname = 'testgroupshortname2';
$group2->name = 'The test group 2 - create';
$group2->description = 'a description for test group 2';
$group2->institution = 'mahara';
$group2->grouptype = 'standard';
$group2->open = 1;
$group2->request = 0;
$group2->controlled = 0;
$group2->submitpages = 0;
$group2->public = 0;
$group2->usersautoadded = 0;
$group2->members = array($dbuser1->id => 'admin');
//do not run the test if group1 or group2 already exists
foreach (array($group1->shortname, $group2->shortname) as $shortname) {
$existinggroup = get_record('group', 'shortname', $shortname, 'institution', 'mahara');
if (!empty($existinggroup)) {
group_delete($existinggroup->id);
}
}
// setup test groups
$groupid1 = group_create((array) $group1);
$groupid2 = group_create((array) $group2);
$this->created_groups[] = $groupid1;
$this->created_groups[] = $groupid2;
$dbgroup1 = get_record('group', 'shortname', $group1->shortname, 'institution', 'mahara');
$dbgroup2 = get_record('group', 'shortname', $group2->shortname, 'institution', 'mahara');
//update the test data
$group1 = new stdClass();
$group1->id = $dbgroup1->id;
$group1->shortname = 'testgroupshortname1';
$group1->institution = 'mahara';
$group1->members = array(array('id' => $dbuser1->id, 'action' => 'remove'));
//a small group: group2
$group2 = new stdClass();
$group2->shortname = 'testgroupshortname2';
$group2->institution = 'mahara';
$group2->members = array(array('username' => $dbuser2->username, 'role' => 'admin', 'action' => 'add'));
$groups = array($group1, $group2);
//update the users by web service
$function = 'mahara_group_update_group_members';
$params = array('groups' => $groups);
$client->call($function, $params);
$dbgroup1 = get_record('group', 'id', $groupid1);
$dbgroupmembers1 = get_records_array('group_member', 'group', $dbgroup1->id);
$dbgroup2 = get_record('group', 'id', $groupid2);
$dbgroupmembers2 = get_records_array('group_member', 'group', $dbgroup2->id);
//compare DB group with the test data
// current user added as admin
$this->assertEquals(count($dbgroupmembers1), 1);
// current user added as admin
$this->assertEquals(count($dbgroupmembers2), 2);
}
$cli->cli_print('will not autocreate an empty Mahara group ' . $group);
continue;
}
try {
$cli->cli_print('creating group ' . $group);
$dbgroup = array();
$dbgroup['name'] = $institutionname . ' : ' . $group;
$dbgroup['institution'] = $institutionname;
$dbgroup['shortname'] = $group;
$dbgroup['grouptype'] = $grouptype;
// default standard (change to course)
$dbgroup['controlled'] = 1;
//definitively
$nbadded++;
if (!$dryrun) {
$groupid = group_create($dbgroup);
}
} catch (Exception $ex) {
$cli->cli_print($ex->getMessage());
continue;
}
} else {
$groupid = $dbgroup->id;
$cli->cli_print('group exists ' . $group);
$ldapusers = $instance->get_users_having_attribute_value($group);
}
// now it does exist see what members should be added/removed
$members = array('1' => 'admin');
//must be set otherwise fatal error group_update_members: no group admins listed for group
foreach ($ldapusers as $username) {
if (isset($currentmembers[$username])) {
/**
* Create one or more group
*
* @param array $groups An array of groups to create.
* @return array An array of arrays describing groups
*/
public static function create_groups($groups)
{
global $USER, $WEBSERVICE_INSTITUTION;
// Do basic automatic PARAM checks on incoming data, using params description
$params = self::validate_parameters(self::create_groups_parameters(), array('groups' => $groups));
db_begin();
$groupids = array();
foreach ($params['groups'] as $group) {
// Make sure that the group doesn't already exist
if (!empty($group['name'])) {
// don't checked deleted as the real function doesn't
if (get_record('group', 'name', $group['name'])) {
throw new WebserviceInvalidParameterException(get_string('groupexists', 'auth.webservice', $group['name']));
}
} else {
if (isset($group['shortname']) && strlen($group['shortname'])) {
// check the institution is allowed
if (isset($group['institution']) && strlen($group['institution'])) {
if ($WEBSERVICE_INSTITUTION != $group['institution']) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['name']));
}
if (!$USER->can_edit_institution($group['institution'])) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['name']));
}
} else {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('instmustbeongroup', 'auth.webservice', $group['name'] . '/' . $group['shortname']));
}
// does the group exist?
if (get_record('group', 'shortname', $group['shortname'], 'institution', $group['institution'])) {
throw new WebserviceInvalidParameterException(get_string('groupexists', 'auth.webservice', $group['shortname']));
}
} else {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('noname', 'auth.webservice'));
}
}
// convert the category
if (!empty($group['category'])) {
$groupcategory = get_record('group_category', 'title', $group['category']);
if (empty($groupcategory)) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('catinvalid', 'auth.webservice', $group['category']));
}
$group['category'] = $groupcategory->id;
}
// validate the join type combinations
if ($group['open'] && $group['request']) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+request'));
}
if ($group['open'] && $group['controlled']) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('invalidjointype', 'auth.webservice', 'open+controlled'));
}
if (!$group['open'] && !$group['request'] && !$group['controlled']) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('correctjointype', 'auth.webservice'));
}
if (isset($group['editroles']) && !in_array($group['editroles'], array_keys(group_get_editroles_options()))) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('groupeditroles', 'auth.webservice', $group['editroles'], implode(', ', array_keys(group_get_editroles_options()))));
}
// check that the members exist and we are allowed to administer them
$members = array($USER->get('id') => 'admin');
foreach ($group['members'] as $member) {
if (!empty($member['id'])) {
$dbuser = get_record('usr', 'id', $member['id'], 'deleted', 0);
} else {
if (!empty($member['username'])) {
$dbuser = get_record('usr', 'username', $member['username'], 'deleted', 0);
} else {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('nousernameoridgroup', 'auth.webservice', $group['name']));
}
}
if (empty($dbuser)) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('invalidusergroup', 'auth.webservice', $member['id'] . '/' . $member['username'], $group['name']));
}
// check user is in this institution if this is an institution controlled group
if (isset($group['shortname']) && strlen($group['shortname']) && (isset($group['institution']) && strlen($group['institution']))) {
if (!mahara_external_in_institution($dbuser, $WEBSERVICE_INSTITUTION)) {
throw new WebserviceInvalidParameterException(get_string('notauthforuseridinstitutiongroup', 'auth.webservice', $dbuser->id, $WEBSERVICE_INSTITUTION, $group['shortname']));
}
} else {
// Make sure auth is valid
if (!($authinstance = get_record('auth_instance', 'id', $dbuser->authinstance))) {
throw new WebserviceInvalidParameterException(get_string('invalidauthtype', 'auth.webservice', $dbuser->authinstance));
}
// check the institution is allowed
// basic check authorisation to edit for the current institution of the user
if (!$USER->can_edit_institution($authinstance->institution)) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('accessdeniedforinstuser', 'auth.webservice', $authinstance->institution, $dbuser->username));
}
}
// check the specified role
if (!in_array($member['role'], self::$member_roles)) {
throw new WebserviceInvalidParameterException('create_groups | ' . get_string('invalidmemroles', 'auth.webservice', $member['role'], $dbuser->username));
}
$members[$dbuser->id] = $member['role'];
}
// set the basic elements
$create = array('shortname' => isset($group['shortname']) ? $group['shortname'] : null, 'name' => isset($group['name']) ? $group['name'] : null, 'description' => $group['description'], 'institution' => isset($group['institution']) ? $group['institution'] : null, 'grouptype' => $group['grouptype'], 'members' => $members);
// check for the rest
foreach (array('category', 'open', 'controlled', 'request', 'submitpages', 'editroles', 'hidemembers', 'invitefriends', 'suggestfriends', 'hidden', 'quota', 'hidemembersfrommembers', 'public', 'usersautoadded', 'viewnotify') as $attr) {
if (isset($group[$attr]) && $group[$attr] !== false && $group[$attr] !== null && strlen("" . $group[$attr])) {
$create[$attr] = $group[$attr];
}
}
// create the group
$id = group_create($create);
$groupids[] = array('id' => $id, 'name' => $group['name']);
}
db_commit();
return $groupids;
}
/**
* Setup test data
*/
protected function setUp()
{
// default current user to admin
global $USER;
$USER->id = 1;
$USER->admin = 1;
set_config('webservice_enabled', true);
set_config('webservice_rest_enabled', true);
set_config('webservice_xmlrpc_enabled', true);
set_config('webservice_soap_enabled', true);
set_config('webservice_oauth_enabled', true);
//token to test
$this->servicename = 'test webservices';
$this->testuser = '******';
$this->testinstitution = 'mytestinstitutionone';
// clean out first
$this->tearDown();
if (!($authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'webservice'))) {
$authinstance = new stdClass();
$authinstance->instancename = 'webservice';
$authinstance->institution = 'mahara';
$authinstance->authname = 'webservice';
$lastinstance = get_records_array('auth_instance', 'institution', 'mahara', 'priority DESC', '*', '0', '1');
if ($lastinstance == false) {
$authinstance->priority = 0;
} else {
$authinstance->priority = $lastinstance[0]->priority + 1;
}
$authinstance->id = insert_record('auth_instance', $authinstance, 'id', true);
}
$this->authinstance = $authinstance;
$this->institution = new Institution($authinstance->institution);
// create the new test user
if (!($dbuser = get_record('usr', 'username', $this->testuser))) {
db_begin();
$new_user = new StdClass();
$new_user->authinstance = $authinstance->id;
$new_user->username = $this->testuser;
$new_user->firstname = 'Firstname';
$new_user->lastname = 'Lastname';
$new_user->password = $this->testuser;
$new_user->email = $this->testuser . '@hogwarts.school.nz';
$new_user->passwordchange = 0;
$new_user->admin = 1;
$profilefields = new StdClass();
$userid = create_user($new_user, $profilefields, $this->institution, $authinstance);
$dbuser = get_record('usr', 'username', $this->testuser);
db_commit();
}
// construct a test service from all available functions
$dbservice = get_record('external_services', 'name', $this->servicename);
if (empty($dbservice)) {
$service = array('name' => $this->servicename, 'tokenusers' => 0, 'restrictedusers' => 0, 'enabled' => 1, 'component' => 'webservice', 'ctime' => db_format_timestamp(time()));
insert_record('external_services', $service);
$dbservice = get_record('external_services', 'name', $this->servicename);
}
$dbfunctions = get_records_array('external_functions', null, null, 'name');
foreach ($dbfunctions as $function) {
$sfexists = record_exists('external_services_functions', 'externalserviceid', $dbservice->id, 'functionname', $function->name);
if (!$sfexists) {
$service_function = array('externalserviceid' => $dbservice->id, 'functionname' => $function->name);
insert_record('external_services_functions', $service_function);
$dbservice->mtime = db_format_timestamp(time());
update_record('external_services', $dbservice);
}
}
// create an OAuth registry object
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthServer.php';
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthStore.php';
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthRequester.php';
$store = OAuthStore::instance('Mahara', array(), true);
$new_app = array('application_title' => 'Test Application', 'application_uri' => 'http://example.com', 'requester_name' => $dbuser->firstname . ' ' . $dbuser->lastname, 'requester_email' => $dbuser->email, 'callback_uri' => 'http://example.com', 'institution' => 'mahara', 'externalserviceid' => $dbservice->id);
$this->consumer_key = $store->updateConsumer($new_app, $dbuser->id, true);
$this->consumer = (object) $store->getConsumer($this->consumer_key, $dbuser->id);
// Now do the request and access token
$this->request_token = $store->addConsumerRequestToken($this->consumer_key, array());
// authorise
$verifier = $store->authorizeConsumerRequestToken($this->request_token['token'], $dbuser->id, 'localhost');
// exchange access token
$options = array();
$options['verifier'] = $verifier;
$this->access_token = $store->exchangeConsumerRequestForAccessToken($this->request_token['token'], $options);
// generate a test token
$token = webservice_generate_token(EXTERNAL_TOKEN_PERMANENT, $dbservice, $dbuser->id);
$dbtoken = get_record('external_tokens', 'token', $token);
$this->testtoken = $dbtoken->token;
// create an external test user instance
$dbserviceuser = (object) array('externalserviceid' => $dbservice->id, 'userid' => $dbuser->id, 'institution' => 'mahara', 'ctime' => db_format_timestamp(time()), 'wssigenc' => 0, 'publickeyexpires' => 0);
$dbserviceuser->id = insert_record('external_services_users', $dbserviceuser, 'id', true);
// setup test groups
$groupid = group_create(array('shortname' => 'mytestgroup1', 'name' => 'The test group 1', 'description' => 'a description for test group 1', 'institution' => 'mahara', 'grouptype' => 'standard', 'open' => 1, 'controlled' => 0, 'request' => 0, 'submitpages' => 0, 'hidemembers' => 0, 'invitefriends' => 0, 'suggestfriends' => 0, 'hidden' => 0, 'hidemembersfrommembers' => 0, 'public' => 0, 'usersautoadded' => 0, 'members' => array($dbuser->id => 'admin'), 'viewnotify' => 0));
// create test institution
$dbinstitution = get_record('institution', 'name', $this->testinstitution);
if (empty($dbinstitution)) {
db_begin();
$newinstitution = new StdClass();
$institution = $newinstitution->name = $this->testinstitution;
$newinstitution->displayname = $institution . ' - display name';
$newinstitution->authplugin = 'internal';
$newinstitution->showonlineusers = 1;
$newinstitution->registerallowed = 0;
$newinstitution->theme = null;
$newinstitution->defaultquota = get_config_plugin('artefact', 'file', 'defaultquota');
$newinstitution->defaultmembershipperiod = null;
$newinstitution->maxuseraccounts = null;
$newinstitution->allowinstitutionpublicviews = 1;
insert_record('institution', $newinstitution);
$authinstance = (object) array('instancename' => 'internal', 'priority' => 0, 'institution' => $newinstitution->name, 'authname' => 'internal');
insert_record('auth_instance', $authinstance);
db_commit();
}
//protocols to test
$this->testrest = false;
$this->testxmlrpc = false;
$this->testsoap = false;
////// READ-ONLY DB tests ////
$this->readonlytests = array();
////// WRITE DB tests ////
$this->writetests = array();
///// Authentication types ////
$this->auths = array();
//performance testing: number of time the web service are run
$this->iteration = 1;
// keep track of users created and deleted
$this->created_users = array();
// keep track of groups
$this->created_groups = array();
//DO NOT CHANGE
//reset the timers
$this->timerrest = 0;
$this->timerxmlrpc = 0;
$this->timersoap = 0;
}
function main($id, $mode)
{
global $config, $phpbb_root_path, $phpEx, $phpbb_admin_path;
global $db, $user, $auth, $cache, $template;
global $request, $phpbb_container, $phpbb_log;
$user->add_lang('groups');
$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
$mark_ary = $request->variable('mark', array(0));
$submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST);
$delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST);
$error = $data = array();
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
switch ($mode) {
case 'membership':
$this->page_title = 'UCP_USERGROUPS_MEMBER';
if ($submit || isset($_POST['change_default'])) {
$action = isset($_POST['change_default']) ? 'change_default' : $request->variable('action', '');
$group_id = $action == 'change_default' ? $request->variable('default', 0) : $request->variable('selected', 0);
if (!$group_id) {
trigger_error('NO_GROUP_SELECTED');
}
$sql = 'SELECT group_id, group_name, group_type
FROM ' . GROUPS_TABLE . "\n\t\t\t\t\t\tWHERE group_id IN ({$group_id}, {$user->data['group_id']})";
$result = $db->sql_query($sql);
$group_row = array();
while ($row = $db->sql_fetchrow($result)) {
$row['group_name'] = $group_helper->get_name($row['group_name']);
$group_row[$row['group_id']] = $row;
}
$db->sql_freeresult($result);
if (!sizeof($group_row)) {
trigger_error('GROUP_NOT_EXIST');
}
switch ($action) {
case 'change_default':
// User already having this group set as default?
if ($group_id == $user->data['group_id']) {
trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page);
}
if (!$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_AUTHORISED'] . $return_page);
}
// User needs to be member of the group in order to make it default
if (!group_memberships($group_id, $user->data['user_id'], true)) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('default', $group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_CHANGE', false, array('reportee_id' => $user->data['user_id'], sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page);
} else {
$s_hidden_fields = array('default' => $group_id, 'change_default' => true);
confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields));
}
break;
case 'resign':
// User tries to resign from default group but is not allowed to change it?
if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp')) {
trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
$sql = 'SELECT group_type
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_type = (int) $db->sql_fetchfield('group_type');
$db->sql_freeresult($result);
if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE) {
trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_del($group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_RESIGN', false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$row['user_pending'] ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'resign', 'submit' => true);
confirm_box(false, $row['user_pending'] ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields));
}
break;
case 'join':
$sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email
FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
WHERE ug.user_id = u.user_id
AND ug.group_id = ' . $group_id . '
AND ug.user_id = ' . $user->data['user_id'];
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row) {
if ($row['user_pending']) {
trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page);
}
trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page);
}
// Check permission to join (open group or request)
if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE) {
trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page);
}
if (confirm_box(true)) {
if ($group_row[$group_id]['group_type'] == GROUP_FREE) {
group_user_add($group_id, $user->data['user_id']);
} else {
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
}
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_JOIN' . ($group_row[$group_id]['group_type'] == GROUP_FREE ? '' : '_PENDING'), false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[$group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'join', 'submit' => true);
confirm_box(false, $group_row[$group_id]['group_type'] == GROUP_FREE ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields));
}
break;
case 'demote':
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
if (confirm_box(true)) {
group_user_attributes('demote', $group_id, $user->data['user_id']);
$phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_DEMOTE', false, array('reportee_id' => $user->data['user_id'], $group_row[$group_id]['group_name']));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page);
} else {
$s_hidden_fields = array('selected' => $group_id, 'action' => 'demote', 'submit' => true);
confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields));
}
break;
}
}
$sql = 'SELECT g.*, ug.group_leader, ug.user_pending
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
$group_id_ary = array();
$leader_count = $member_count = $pending_count = 0;
while ($row = $db->sql_fetchrow($result)) {
$block = $row['group_leader'] ? 'leader' : ($row['user_pending'] ? 'pending' : 'member');
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars($block, array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $group_helper->get_name($row['group_name']), 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_GROUP_DEFAULT' => $row['group_id'] == $user->data['group_id'] ? true : false, 'S_ROW_COUNT' => ${$block . '_count'}++));
$group_id_ary[] = (int) $row['group_id'];
}
$db->sql_freeresult($result);
// Hide hidden groups unless user is an admin with group privileges
$sql_and = $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
$sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE ' . (sizeof($group_id_ary) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "\n\t\t\t\t\t\tgroup_type {$sql_and}\n\t\t\t\t\tORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
$nonmember_count = 0;
while ($row = $db->sql_fetchrow($result)) {
switch ($row['group_type']) {
case GROUP_OPEN:
$group_status = 'OPEN';
break;
case GROUP_CLOSED:
$group_status = 'CLOSED';
break;
case GROUP_HIDDEN:
$group_status = 'HIDDEN';
break;
case GROUP_SPECIAL:
$group_status = 'SPECIAL';
break;
case GROUP_FREE:
$group_status = 'FREE';
break;
}
$template->assign_block_vars('nonmember', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $group_helper->get_name($row['group_name']), 'GROUP_DESC' => $row['group_type'] != GROUP_SPECIAL ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'], 'GROUP_SPECIAL' => $row['group_type'] != GROUP_SPECIAL ? false : true, 'GROUP_CLOSED' => $row['group_type'] != GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel') ? false : true, 'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status], 'S_CAN_JOIN' => $row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE ? true : false, 'GROUP_COLOUR' => $row['group_colour'], 'U_VIEW_GROUP' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=group&g=' . $row['group_id']), 'S_ROW_COUNT' => $nonmember_count++));
}
$db->sql_freeresult($result);
$template->assign_vars(array('S_CHANGE_DEFAULT' => $auth->acl_get('u_chggrp') ? true : false, 'S_LEADER_COUNT' => $leader_count, 'S_MEMBER_COUNT' => $member_count, 'S_PENDING_COUNT' => $pending_count, 'S_NONMEMBER_COUNT' => $nonmember_count, 'S_UCP_ACTION' => $this->u_action));
break;
case 'manage':
$this->page_title = 'UCP_USERGROUPS_MANAGE';
$action = isset($_POST['addusers']) ? 'addusers' : $request->variable('action', '');
$group_id = $request->variable('g', 0);
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
add_form_key('ucp_groups');
if ($group_id) {
$sql = 'SELECT g.*, t.teampage_position AS group_teampage
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE g.group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING);
}
$group_name = $group_row['group_name'];
$group_type = $group_row['group_type'];
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
$template->assign_vars(array('GROUP_NAME' => $group_helper->get_name($group_name), 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']), 'GROUP_TYPE' => $group_row['group_type'], 'AVATAR' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_IMAGE' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : ''));
}
switch ($action) {
case 'edit':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$file_uploads = @ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on' ? true : false;
$user->add_lang(array('acp/groups', 'acp/common'));
$data = $submit_ary = array();
$update = isset($_POST['update']) ? true : false;
$error = array();
// Setup avatar data for later
$avatars_enabled = false;
$avatar_drivers = null;
$avatar_data = null;
$avatar_error = array();
if ($config['allow_avatar']) {
/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the group_ prefix
$avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group');
}
// Handle deletion of avatars
if ($request->is_set_post('avatar_delete')) {
if (confirm_box(true)) {
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_');
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . $return_page);
} else {
confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array('avatar_delete' => true, 'i' => $id, 'mode' => $mode, 'g' => $group_id, 'action' => $action)));
}
}
// Did we submit?
if ($update) {
$group_name = $request->variable('group_name', '', true);
$group_desc = $request->variable('group_desc', '', true);
$group_type = $request->variable('group_type', GROUP_FREE);
$allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
$allow_desc_urls = $request->variable('desc_parse_urls', false);
$allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array('colour' => $request->variable('group_colour', ''), 'rank' => $request->variable('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'message_limit' => $request->variable('group_message_limit', 0), 'max_recipients' => $request->variable('group_max_recipients', 0), 'legend' => $group_row['group_legend'], 'teampage' => $group_row['group_teampage']);
if ($config['allow_avatar']) {
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
$config_name = preg_replace('#^avatar\\.driver.#', '', $driver_name);
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) {
$driver = $phpbb_avatar_manager->get_driver($driver_name);
$result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error);
if ($result && empty($avatar_error)) {
$result['avatar_type'] = $driver_name;
$submit_ary = array_merge($submit_ary, $result);
}
}
// Merge any avatars errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
if (!check_form_key('ucp_groups')) {
$error[] = $user->lang['FORM_INVALID'];
}
// Validate submitted colour value
if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true)))) {
// Replace "error" string with its real, localised form
$error = array_merge($error, $colour_error);
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
// However there are some attributes that need to be set everytime,
// otherwise the group gets removed from the feature.
$set_attributes = array('legend', 'teampage');
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int');
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$cache->destroy('sql', GROUPS_TABLE);
$cache->destroy('sql', TEAMPAGE_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . $return_page);
}
}
if (sizeof($error)) {
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = $request->variable('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
// Load up stuff for avatars
if ($config['allow_avatar']) {
$avatars_enabled = false;
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type']));
foreach ($avatar_drivers as $current_driver) {
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
$template->set_filenames(array('avatar' => $driver->get_template_name()));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) {
$driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
$driver_upper = strtoupper($driver_name);
$template->assign_block_vars('avatar_drivers', array('L_TITLE' => $user->lang($driver_upper . '_TITLE'), 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), 'DRIVER' => $driver_name, 'SELECTED' => $current_driver == $selected_driver, 'OUTPUT' => $template->assign_display('avatar')));
}
}
}
if (isset($phpbb_avatar_manager) && !$update) {
// Merge any avatars errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
$template->assign_vars(array('S_EDIT' => true, 'S_INCLUDE_SWATCH' => true, 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"', 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_AVATARS_ENABLED' => $config['allow_avatar'] && $avatars_enabled, 'S_GROUP_MANAGE' => true, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_DESC' => $group_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'S_UCP_ACTION' => $this->u_action . "&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string()));
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang(array('acp/groups', 'acp/common'));
$start = $request->variable('start', 0);
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\t\t\tORDER BY ug.user_pending DESC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
$approved = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$template->assign_var('S_PENDING_SET', true);
$pending = true;
} else {
if (!$row['user_pending'] && !$approved) {
$template->assign_block_vars('member', array('S_APPROVED' => true));
$template->assign_var('S_APPROVED_SET', true);
$approved = true;
}
}
$template->assign_block_vars('member', array('USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'USERNAME_FULL' => get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']), 'U_USER_VIEW' => get_username_string('profile', $row['user_id'], $row['username']), 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$base_url = $this->u_action . "&action={$action}&g={$group_id}";
$start = $pagination->validate_start($start, $config['topics_per_page'], $total_members);
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start);
$template->assign_vars(array('S_LIST' => true, 'S_ACTION_OPTIONS' => $s_action_options, 'U_ACTION' => $this->u_action . "&g={$group_id}", 'S_UCP_ACTION' => $this->u_action . "&g={$group_id}", 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=ucp&field=usernames')));
break;
case 'approve':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$user->add_lang('acp/groups');
// Approve, demote or promote
group_user_attributes('approve', $group_id, $mark_ary, false, false);
trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true)) {
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
}
$user->add_lang('acp/groups');
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$user->add_lang('acp/common');
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
// redirect to last screen
redirect($this->u_action . '&action=list&g=' . $group_id);
break;
case 'deleteusers':
$user->add_lang(array('acp/groups', 'acp/common'));
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true)) {
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
if ($error) {
trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
}
trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
// redirect to last screen
redirect($this->u_action . '&action=list&g=' . $group_id);
break;
case 'addusers':
$user->add_lang(array('acp/groups', 'acp/common'));
$names = $request->variable('usernames', '', true);
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
if (!$names) {
trigger_error($user->lang['NO_USERS'] . $return_page);
}
if (!($row = group_memberships($group_id, $user->data['user_id']))) {
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
}
list(, $row) = each($row);
if (!$row['group_leader']) {
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
$name_ary = array_unique(explode("\n", $names));
$group_name = $group_helper->get_name($group_row['group_name']);
$default = $request->variable('default', 0);
if (confirm_box(true)) {
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row)) {
trigger_error($user->lang[$error] . $return_page);
}
trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
} else {
$s_hidden_fields = array('default' => $default, 'usernames' => $names, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action);
confirm_box(false, $user->lang('GROUP_CONFIRM_ADD_USERS', sizeof($name_ary), implode($user->lang['COMMA_SEPARATOR'], $name_ary)), build_hidden_fields($s_hidden_fields));
}
trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&action=list&g=' . $group_id . '">', '</a>'));
break;
default:
$user->add_lang('acp/common');
$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader
FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
WHERE ug.user_id = ' . $user->data['user_id'] . '
AND g.group_id = ug.group_id
AND ug.group_leader = 1
ORDER BY g.group_type DESC, g.group_name';
$result = $db->sql_query($sql);
while ($value = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('GROUP_NAME' => $group_helper->get_name($value['group_name']), 'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']), 'GROUP_TYPE' => $value['group_type'], 'GROUP_ID' => $value['group_id'], 'GROUP_COLOUR' => $value['group_colour'], 'U_LIST' => $this->u_action . "&action=list&g={$value['group_id']}", 'U_EDIT' => $this->u_action . "&action=edit&g={$value['group_id']}"));
}
$db->sql_freeresult($result);
break;
}
break;
}
$this->tpl_name = 'ucp_groups_' . $mode;
}
/**
* Create a test group
* @param array $record
* @throws ErrorException if creating failed
* @return int new group id
*/
public function create_group($record)
{
// Data validation
$record['name'] = trim($record['name']);
if ($ids = get_records_sql_array('SELECT id FROM {group} WHERE LOWER(TRIM(name)) = ?', array(strtolower($record['name'])))) {
if (count($ids) > 1 || $ids[0]->id != $group_data->id) {
throw new SystemException("Invalid group name '" . $record['name'] . "'. " . get_string('groupalreadyexists', 'group'));
}
}
$record['owner'] = trim($record['owner']);
$ids = get_records_sql_array('SELECT id FROM {usr} WHERE LOWER(TRIM(username)) = ?', array(strtolower($record['owner'])));
if (!$ids || count($ids) > 1) {
throw new SystemException("Invalid group owner '" . $record['owner'] . "'. The username does not exist or duplicated");
}
$members = array($ids[0]->id => 'admin');
if (!empty($record['members'])) {
foreach (explode(',', $record['members']) as $membername) {
$ids = get_records_sql_array('SELECT id FROM {usr} WHERE LOWER(TRIM(username)) = ?', array(strtolower(trim($membername))));
if (!$ids || count($ids) > 1) {
throw new SystemException("Invalid group member '" . $membername . "'. The username does not exist or duplicated");
}
$members[$ids[0]->id] = 'member';
}
}
if (!empty($record['staff'])) {
foreach (explode(',', $record['staff']) as $membername) {
$ids = get_records_sql_array('SELECT id FROM {usr} WHERE LOWER(TRIM(username)) = ?', array(strtolower(trim($membername))));
if (!$ids || count($ids) > 1) {
throw new SystemException("Invalid group staff '" . $membername . "'. The username does not exist or duplicated");
}
$members[$ids[0]->id] = 'staff';
}
}
if (!empty($record['admins'])) {
foreach (explode(',', $record['admins']) as $membername) {
$ids = get_records_sql_array('SELECT id FROM {usr} WHERE LOWER(TRIM(username)) = ?', array(strtolower(trim($membername))));
if (!$ids || count($ids) > 1) {
throw new SystemException("Invalid group admin '" . $membername . "'. The username does not exist or duplicated");
}
$members[$ids[0]->id] = 'admin';
}
}
$availablegrouptypes = group_get_grouptypes();
if (!in_array($record['grouptype'], $availablegrouptypes)) {
throw new SystemException("Invalid grouptype '" . $record['grouptype'] . "'. This grouptype does not exist.\n" . "The available grouptypes are " . join(', ', $availablegrouptypes));
}
$availablegroupeditroles = array_keys(group_get_editroles_options());
if (!in_array($record['editroles'], $availablegroupeditroles)) {
throw new SystemException("Invalid group editroles '" . $record['editroles'] . "'. This edit role does not exist.\n" . "The available group editroles are " . join(', ', $availablegroupeditroles));
}
if (!empty($record['open'])) {
if (!empty($record['controlled'])) {
throw new SystemException('Invalid group membership setting. ' . get_string('membershipopencontrolled', 'group'));
}
if (!empty($record['request'])) {
throw new SystemException('Invalid group membership setting. ' . get_string('membershipopenrequest', 'group'));
}
}
if (!empty($record['invitefriends']) && !empty($record['suggestfriends'])) {
throw new SystemException('Invalid friend invitation setting. ' . get_string('suggestinvitefriends', 'group'));
}
if (!empty($record['suggestfriends']) && empty($record['open']) && empty($record['request'])) {
throw new SystemException('Invalid friend invitation setting. ' . get_string('suggestfriendsrequesterror', 'group'));
}
if (!empty($record['editwindowstart']) && !empty($record['editwindowend']) && $record['editwindowstart'] >= $record['editwindowend']) {
throw new SystemException('Invalid group editability setting. ' . get_string('editwindowendbeforestart', 'group'));
}
$group_data = array('id' => null, 'name' => $record['name'], 'description' => isset($record['description']) ? $record['description'] : null, 'grouptype' => $record['grouptype'], 'open' => isset($record['open']) ? $record['open'] : 1, 'controlled' => isset($record['controlled']) ? $record['controlled'] : 0, 'request' => isset($record['request']) ? $record['request'] : 0, 'invitefriends' => isset($record['invitefriends']) ? $record['invitefriends'] : 0, 'suggestfriends' => isset($record['suggestfriends']) ? $record['suggestfriends'] : 0, 'category' => null, 'public' => 0, 'usersautoadded' => 0, 'viewnotify' => GROUP_ROLES_ALL, 'submittableto' => isset($record['submittableto']) ? $record['submittableto'] : 0, 'allowarchives' => isset($record['allowarchives']) ? $record['allowarchives'] : 0, 'editroles' => isset($record['editroles']) ? $record['editroles'] : 'all', 'hidden' => 0, 'hidemembers' => 0, 'hidemembersfrommembers' => 0, 'groupparticipationreports' => 0, 'urlid' => null, 'editwindowstart' => isset($record['editwindowstart']) ? $record['editwindowstart'] : null, 'editwindowend' => isset($record['editwindowend']) ? $record['editwindowend'] : null, 'sendnow' => 0, 'feedbacknotify' => GROUP_ROLES_ALL, 'members' => $members);
// Create a new group
db_begin();
$group_data['id'] = group_create($group_data);
db_commit();
$this->groupcount++;
return $group_data['id'];
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_container, $phpbb_dispatcher;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
$form_key = 'acp_groups';
add_form_key($form_key);
if ($mode == 'position') {
$this->manage_position();
return;
}
if (!function_exists('group_user_attributes')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : $request->variable('action', ''));
$group_id = $request->variable('g', 0);
$mark_ary = $request->variable('mark', array(0));
$name_ary = $request->variable('usernames', '', true);
$leader = $request->variable('leader', 0);
$default = $request->variable('default', 0);
$start = $request->variable('start', 0);
$update = isset($_POST['update']) ? true : false;
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
// Clear some vars
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT g.*, t.teampage_position AS group_teampage
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE g.group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Approve, demote or promote
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error) {
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'set_default_on_all':
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
case 'delete':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($action === 'delete' && $group_row['group_type'] == GROUP_SPECIAL) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_del($group_id, $mark_ary, false, $group_name);
break;
}
$back_link = $action == 'delete' ? $this->u_action : $this->u_action . '&action=list&g=' . $group_id;
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($back_link), E_USER_WARNING);
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($back_link));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$name_ary = array_unique(explode("\n", $name_ary));
$group_name = $group_helper->get_name($group_row['group_name']);
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$message = $leader ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
break;
case 'edit':
case 'add':
if (!function_exists('display_forums')) {
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
}
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = array();
$user->add_lang('ucp');
// Setup avatar data for later
$avatars_enabled = false;
$avatar_drivers = null;
$avatar_data = null;
$avatar_error = array();
if ($config['allow_avatar']) {
/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the group_ prefix
$avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group');
if (!isset($avatar_data['id'])) {
$avatar_data['id'] = 'g' . $group_id;
}
}
if ($request->is_set_post('avatar_delete')) {
if (confirm_box(true)) {
$avatar_data['id'] = substr($avatar_data['id'], 1);
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_');
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array('avatar_delete' => true, 'i' => $id, 'mode' => $mode, 'g' => $group_id, 'action' => $action)));
}
}
// Did we submit?
if ($update) {
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$group_name = $request->variable('group_name', '', true);
$group_desc = $request->variable('group_desc', '', true);
$group_type = $request->variable('group_type', GROUP_FREE);
$allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
$allow_desc_urls = $request->variable('desc_parse_urls', false);
$allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array('colour' => $request->variable('group_colour', ''), 'rank' => $request->variable('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'teampage' => isset($_REQUEST['group_teampage']) ? 1 : 0, 'message_limit' => $request->variable('group_message_limit', 0), 'max_recipients' => $request->variable('group_max_recipients', 0), 'founder_manage' => 0, 'skip_auth' => $request->variable('group_skip_auth', 0));
if ($user->data['user_type'] == USER_FOUNDER) {
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
if ($config['allow_avatar']) {
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) {
$driver = $phpbb_avatar_manager->get_driver($driver_name);
$result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error);
if ($result && empty($avatar_error)) {
$result['avatar_type'] = $driver_name;
$submit_ary = array_merge($submit_ary, $result);
}
} else {
$driver = $phpbb_avatar_manager->get_driver($avatar_data['avatar_type']);
if ($driver) {
$driver->delete($avatar_data);
}
// Removing the avatar
$submit_ary['avatar_type'] = '';
$submit_ary['avatar'] = '';
$submit_ary['avatar_width'] = 0;
$submit_ary['avatar_height'] = 0;
}
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
/*
* Validate the length of "Maximum number of allowed recipients per
* private message" setting. We use 16777215 as a maximum because it matches
* MySQL unsigned mediumint maximum value which is the lowest amongst DBMSes
* supported by phpBB3. Also validate the submitted colour value.
*/
$validation_checks = array('max_recipients' => array('num', false, 0, 16777215), 'colour' => array('hex_colour', true));
/**
* Request group data and operate on it
*
* @event core.acp_manage_group_request_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array validation_checks Array with validation data
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'validation_checks');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_request_data', compact($vars)));
if ($validation_error = validate_data($submit_ary, $validation_checks)) {
// Replace "error" string with its real, localised form
$error = array_merge($error, $validation_error);
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
// However there are some attributes that need to be set everytime,
// otherwise the group gets removed from the feature.
$set_attributes = array('legend', 'teampage');
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int', 'founder_manage' => 'int', 'skip_auth' => 'int');
/**
* Initialise data before we display the add/edit form
*
* @event core.acp_manage_group_initialise_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array test_variables Array with variables for test
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'test_variables');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_initialise_data', compact($vars)));
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = $request->variable('group_perm_from', 0);
// Copy permissions?
// If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transferred.
// We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions.
// Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise.
if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) {
$sql = 'SELECT group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$check_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Check the group if non-founder
if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_founder_manage'] == 0)) {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
$auth->acl_clear_prefetch();
}
}
$cache->destroy('sql', array(GROUPS_TABLE, TEAMPAGE_TABLE));
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = $request->variable('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
// Load up stuff for avatars
if ($config['allow_avatar']) {
$avatars_enabled = false;
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type']));
foreach ($avatar_drivers as $current_driver) {
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
$template->set_filenames(array('avatar' => $driver->get_acp_template_name()));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) {
$driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
$driver_upper = strtoupper($driver_name);
$template->assign_block_vars('avatar_drivers', array('L_TITLE' => $user->lang($driver_upper . '_TITLE'), 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), 'DRIVER' => $driver_name, 'SELECTED' => $current_driver == $selected_driver, 'OUTPUT' => $template->assign_display('avatar')));
}
}
}
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
if (isset($phpbb_avatar_manager) && !$update) {
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
$back_link = $request->variable('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . $request->variable('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_GROUP_PERM' => $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth') ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_USER_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false, 'S_AVATARS_ENABLED' => $config['allow_avatar'] && $avatars_enabled, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_helper->get_name($group_name), 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_FOUNDER_MANAGE' => isset($group_row['group_founder_manage']) && $group_row['group_founder_manage'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_TEAMPAGE' => isset($group_row['group_teampage']) && $group_row['group_teampage'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_SKIP_AUTH' => !empty($group_row['group_skip_auth']) ? ' checked="checked"' : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(false, false, $user->data['user_type'] == USER_FOUNDER ? false : 0), 'AVATAR' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string()));
/**
* Modify group template data before we display the form
*
* @event core.acp_manage_group_display_form
* @var string action Type of the action: add|edit
* @var bool update Do we display the form only
* or did the user press submit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var string group_name The group name
* @var int group_type The group type
* @var array group_desc_data The group description data
* @var string group_rank The group rank
* @var string rank_options The rank options
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @since 3.1.0-b5
*/
$vars = array('action', 'update', 'group_id', 'group_row', 'group_desc_data', 'group_name', 'group_type', 'group_rank', 'rank_options', 'error');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_display_form', compact($vars)));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$this->page_title = 'GROUP_MEMBERS';
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_colour, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$base_url = $this->u_action . "&action={$action}&g={$group_id}";
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start);
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'GROUP_NAME' => $group_helper->get_name($group_row['group_name']), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames'), 'U_DEFAULT_ALL' => "{$this->u_action}&action=set_default_on_all&g={$group_id}"));
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
// Get us all the groups
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$lookup = $cached_group_data = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
// used to determine what type a group is
$lookup[$row['group_id']] = $type;
// used for easy access to the data within a group
$cached_group_data[$type][$row['group_id']] = $row;
$cached_group_data[$type][$row['group_id']]['total_members'] = 0;
}
$db->sql_freeresult($result);
// How many people are in which group?
$sql = 'SELECT COUNT(ug.user_id) AS total_members, ug.group_id
FROM ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($lookup)) . '
GROUP BY ug.group_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$type = $lookup[$row['group_id']];
$cached_group_data[$type][$row['group_id']]['total_members'] = $row['total_members'];
}
$db->sql_freeresult($result);
// The order is... normal, then special
ksort($cached_group_data);
foreach ($cached_group_data as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $group_id => $row) {
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
$header['title'] = '用户组管理';
$grouplist = group_find();
$maxgid = group_maxid();
include "./admin/view/group_list.htm";
// 用户组更新
} elseif ($action == 'create') {
$gid = param(2, 0);
$group = group_read($gid);
$group and message(-1, '用户组已经存在!');
$name = param('name');
$agreesfrom = param('agreesfrom', 0);
$agreesto = param('agreesto', 0);
$maxagrees = param('maxagrees', 0);
empty($name) and message(1, '用户组名称不能为空');
$arr = array('gid' => $gid, 'name' => $name, 'agreesfrom' => $agreesfrom, 'agreesto' => $agreesto, 'maxagrees' => $maxagrees);
$r = group_create($arr);
$r !== FALSE ? message(0, '创建成功') : message(-1, '创建失败');
// 用户组更新
} elseif ($action == 'update') {
$gid = param(2, 0);
$group = group_read($gid);
if ($method == 'GET') {
empty($group) and message(1, '用户组不存在');
include './admin/view/group_update.htm';
} else {
// 两种情况的提交 list/update
$name = param('name');
$agreesfrom = param('agreesfrom', 0);
$agreesto = param('agreesto', 0);
$maxagrees = param('maxagrees', 0);
// 标示是不是更新详情
