if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) {
foreach ($_POST['remove_user'] as $uid) {
if (perm_user_in_group($uid, $gid)) {
perm_remove_user_from_group($uid, $gid);
if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) {
admin_add_log_entry(REMOVE_USER_FROM_GROUP, array($user_logon, $group_name));
}
}
}
}
}
if (!($group = perm_get_group($gid))) {
html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back")));
}
html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s - Add/Remove Users'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css'));
$group_users_array = perm_group_get_users($gid, $start_main);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}", html_style_image('separator'), "", gettext("Add/Remove Users"), "</h1>\n";
if (isset($_GET['added'])) {
html_display_success_msg(gettext("Successfully added group. Add users to this group by searching for them below."), '800', 'center');
} else {
if (sizeof($group_users_array['user_array']) < 1) {
html_display_warning_msg(gettext("There are no users in this group. Add users to this group by searching for them below."), '800', 'center');
}
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"f_folders\" action=\"admin_user_groups_edit_users.php\" method=\"post\">\n";
echo " ", form_csrf_token_field(), "\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " ", form_input_hidden('gid', htmlentities_array($gid)), "\n";
echo " ", form_input_hidden("main_page", htmlentities_array($main_page)), "\n";
function perm_group_get_users($gid, $page = 1)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($gid)) {
return 0;
}
if (!is_numeric($page) || $page < 1) {
$page = 1;
}
$offset = calculate_page_offset($page, 20);
$group_user_array = array();
$sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, USER.LOGON, USER.NICKNAME ";
$sql .= "FROM GROUPS INNER JOIN GROUP_USERS ON (GROUP_USERS.GID = GROUPS.GID) ";
$sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) WHERE GROUPS.GID = '{$gid}' ";
$sql .= "ORDER BY USER.LOGON LIMIT {$offset}, 20";
if (!($result = $db->query($sql))) {
return false;
}
$sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
if (!($result_count = $db->query($sql))) {
return false;
}
list($group_user_count) = $result_count->fetch_row();
if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) {
return perm_group_get_users($gid, $page - 1);
}
while (($user_data = $result->fetch_assoc()) !== null) {
$group_user_array[] = $user_data;
}
return array('user_count' => $group_user_count, 'user_array' => $group_user_array);
}
header_redirect("admin_user_groups.php?webtag={$webtag}&edited=true");
exit;
}
}
$group_permissions = perm_get_group_permissions($gid);
} else {
if (isset($_POST['addusers'])) {
$redirect_uri = "admin_user_groups_edit_users.php?webtag={$webtag}&gid={$gid}";
$redirect_uri .= "&ret=admin_user_groups_edit.php%3Fwebtag%3D{$webtag}%26gid%3D{$gid}";
$redirect_uri .= "%26ret%3D" . rawurlencode(rawurlencode(rawurlencode($ret)));
header_redirect($redirect_uri);
exit;
}
}
html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css'));
$group_users_array = perm_group_get_users($gid, 0);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '800', 'center');
} else {
if (sizeof($group_users_array['user_array']) < 1) {
html_display_warning_msg(gettext("There are no users in this group. To add users click the 'Add/Remove Users' button below."), '800', 'center');
}
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"admin_user_form\" action=\"admin_user_groups_edit.php\" method=\"post\">\n";
echo " ", form_csrf_token_field(), "\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo " ", form_input_hidden("gid", htmlentities_array($gid)), "\n";
echo " ", form_input_hidden('ret', htmlentities_array($ret)), "\n";
function forum_get_permissions($fid, $offset = 0)
{
if (!($db_forum_get_permissions = db_connect())) {
return false;
}
if (!is_numeric($fid)) {
return false;
}
if (!is_numeric($offset)) {
$offset = 0;
}
$perms_user_array = array();
$sql = "SELECT SQL_CALC_FOUND_ROWS USER.UID, USER.LOGON, USER.NICKNAME FROM USER USER ";
$sql .= "LEFT JOIN USER_FORUM USER_FORUM ON (USER_FORUM.UID = USER.UID) ";
$sql .= "WHERE USER_FORUM.FID = '{$fid}' AND USER_FORUM.ALLOWED = 1 ";
$sql .= "LIMIT {$offset}, 20";
if (!($result = db_query($sql, $db_forum_get_permissions))) {
return false;
}
// Fetch the number of total results
$sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
if (!($result_count = db_query($sql, $db_forum_get_permissions))) {
return false;
}
list($perms_user_count) = db_fetch_array($result_count, DB_RESULT_NUM);
if (db_num_rows($result) > 0) {
while ($user_data = db_fetch_array($result)) {
if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) {
if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) {
$user_data['NICKNAME'] = $user_data['PEER_NICKNAME'];
}
}
if (!isset($user_data['LOGON'])) {
$user_data['LOGON'] = $lang['unknownuser'];
}
if (!isset($user_data['NICKNAME'])) {
$user_data['NICKNAME'] = "";
}
$perms_user_array[] = $user_data;
}
} else {
if ($perms_user_count > 0) {
$offset = floor(($group_user_count - 1) / 10) * 10;
return perm_group_get_users($gid, $offset);
}
}
return array('user_count' => $perms_user_count, 'user_array' => $perms_user_array);
}
function perm_group_get_users($gid, $page = 1)
{
if (!($db = db::get())) {
return false;
}
if (!is_numeric($gid)) {
return 0;
}
if (!is_numeric($page) || $page < 1) {
$page = 1;
}
$offset = calculate_page_offset($page, 20);
if (!perm_is_group($gid)) {
return false;
}
$group_user_array = array();
$sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, ";
$sql .= "USER.LOGON, USER.NICKNAME FROM GROUP_USERS ";
$sql .= "INNER JOIN GROUP_PERMS ON (GROUP_PERMS.GID = GROUP_USERS.GID) ";
$sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) ";
$sql .= "WHERE GROUP_USERS.GID = '{$gid}' GROUP BY GROUP_USERS.UID ";
$sql .= "LIMIT {$offset}, 20";
if (!($result = $db->query($sql))) {
return false;
}
$sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
if (!($result_count = $db->query($sql))) {
return false;
}
list($group_user_count) = $result_count->fetch_row();
if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) {
return perm_group_get_users($gid, $page - 1);
}
while ($user_data = $result->fetch_assoc()) {
if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) {
if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) {
$user_data['NICKNAME'] = $user_data['PEER_NICKNAME'];
}
}
if (!isset($user_data['LOGON'])) {
$user_data['LOGON'] = gettext("Unknown user");
}
if (!isset($user_data['NICKNAME'])) {
$user_data['NICKNAME'] = "";
}
$group_user_array[] = $user_data;
}
return array('user_count' => $group_user_count, 'user_array' => $group_user_array);
}
