$mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } // // Set username // if (isset($HTTP_GET_VARS['username'])) { $HTTP_POST_VARS['username'] = $HTTP_GET_VARS['username']; } // // Begin program // if ($mode == 'edit' || $mode == 'save' && (isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]))) { attachment_quota_settings('user', $HTTP_POST_VARS['submit'], $mode); // // Ok, the profile has been modified and submitted, let's update // if ($mode == 'save' && isset($HTTP_POST_VARS['submit']) || isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) { $user_id = intval($HTTP_POST_VARS['id']); if (!($this_userdata = get_userdata($user_id))) { message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']); } if ($HTTP_POST_VARS['deleteuser']) { $sql = "SELECT g.group_id\n FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g\n WHERE ug.user_id = {$user_id}\n AND g.group_id = ug.group_id\n AND g.group_single_user = 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $sql = "UPDATE " . POSTS_TABLE . "\n SET poster_id = " . DELETED . ", post_username = '******'\n WHERE poster_id = {$user_id}";
require $phpbb_root_path . 'admin/pagestart.' . $phpEx; // End PNphpBB2 Module if (isset($_POST[POST_GROUPS_URL]) || isset($_GET[POST_GROUPS_URL])) { $group_id = isset($_POST[POST_GROUPS_URL]) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]); } else { $group_id = 0; } if (isset($_POST['mode']) || isset($_GET['mode'])) { $mode = isset($_POST['mode']) ? $_POST['mode'] : $_GET['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } //-- mod : File Attachment Mod v2 Version 2.4.3 ---------------------------------------------------- if (!intval($attach_config['disable_mod'])) { attachment_quota_settings('group', $_POST['group_update'], $mode); } //-- fin : File Attachment Mod v2 Version 2.4.3 ---------------------------------------------------- if (isset($_POST['edit']) || isset($_POST['new'])) { // // Ok they are editing a group or creating a new group // $template->set_filenames(array('body' => 'admin/group_edit_body.tpl')); if (isset($_POST['edit'])) { // // They're editing. Grab the vars. // $sql = "SELECT *\n\t\t\tFROM " . GROUPS_TABLE . "\n\t\t\tWHERE group_single_user <> " . TRUE . "\n\t\t\tAND group_id = {$group_id}"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); }
<?php if (!empty($setmodules)) { $module['GROUPS']['MANAGE'] = basename(__FILE__); return; } require './pagestart.php'; require INC_DIR . 'functions_group.php'; $group_id = isset($_REQUEST[POST_GROUPS_URL]) ? intval($_REQUEST[POST_GROUPS_URL]) : 0; $mode = isset($_REQUEST['mode']) ? strval($_REQUEST['mode']) : ''; attachment_quota_settings('group', isset($_POST['group_update']), $mode); if (!empty($_POST['edit']) || !empty($_POST['new'])) { if (!empty($_POST['edit'])) { if (!($row = get_group_data($group_id))) { bb_die($lang['GROUP_NOT_EXIST']); } $group_info = array('group_name' => $row['group_name'], 'group_description' => $row['group_description'], 'group_moderator' => $row['group_moderator'], 'group_mod_name' => $row['moderator_name'], 'group_type' => $row['group_type'], 'release_group' => $row['release_group']); $mode = 'editgroup'; $template->assign_block_vars('group_edit', array()); } else { if (!empty($_POST['new'])) { $group_info = array('group_name' => '', 'group_description' => '', 'group_moderator' => '', 'group_mod_name' => '', 'group_type' => GROUP_OPEN, 'release_group' => 0); $mode = 'newgroup'; } } // Ok, now we know everything about them, let's show the page. $s_hidden_fields = ' <input type="hidden" name="mode" value="' . $mode . '" /> <input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /> '; $template->assign_vars(array('TPL_EDIT_GROUP' => true, 'GROUP_NAME' => stripslashes(htmlspecialchars($group_info['group_name'])), 'GROUP_DESCRIPTION' => stripslashes(htmlspecialchars($group_info['group_description'])), 'GROUP_MODERATOR' => replace_quote($group_info['group_mod_name']), 'T_GROUP_EDIT_DELETE' => $mode == 'newgroup' ? $lang['CREATE_NEW_GROUP'] : $lang['EDIT_GROUP'], 'U_SEARCH_USER' => BB_ROOT . "search.php?mode=searchuser", 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 'S_GROUP_OPEN_CHECKED' => $group_info['group_type'] == GROUP_OPEN ? HTML_CHECKED : '', 'S_GROUP_CLOSED_CHECKED' => $group_info['group_type'] == GROUP_CLOSED ? HTML_CHECKED : '', 'S_GROUP_HIDDEN_CHECKED' => $group_info['group_type'] == GROUP_HIDDEN ? HTML_CHECKED : '', 'RELEASE_GROUP' => $group_info['release_group'] ? true : false, 'S_GROUP_ACTION' => "admin_groups.php", 'S_HIDDEN_FIELDS' => $s_hidden_fields));
$phpbb_root_path = './../'; require $phpbb_root_path . 'extension.inc'; require './pagestart.' . $phpEx; include $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_mass_pm.' . $phpEx; if (isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL])) { $group_id = isset($HTTP_POST_VARS[POST_GROUPS_URL]) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); } else { $group_id = 0; } if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode'])) { $mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } attachment_quota_settings('group', $HTTP_POST_VARS['group_update'], $mode); if (isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new'])) { // // Ok they are editing a group or creating a new group // $template->set_filenames(array('body' => 'admin/group_edit_body.tpl')); if (isset($HTTP_POST_VARS['edit'])) { // // They're editing. Grab the vars. // $sql = "SELECT *\n\t\t\tFROM " . GROUPS_TABLE . "\n\t\t\tWHERE group_single_user <> " . TRUE . "\n\t\t\tAND group_id = {$group_id}"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); } if (!($group_info = $db->sql_fetchrow($result))) { message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
$mode = isset($_POST['mode']) ? $_POST['mode'] : $_GET['mode']; $mode = htmlspecialchars($mode); } else { $mode = ''; } // // Begin program // // Begin PNphpBB2 Module // When editing user profile 'username' won't be present in the POST because // PNphpBB2 doesn't allow changing the username from inside the admin CP. // We must check for 'id' otherwise the changes won't be commited to the DB. if ($mode == 'edit' || $mode == 'save' && (isset($_POST['username']) || isset($_POST['id']) || isset($_GET[POST_USERS_URL]) || isset($_POST[POST_USERS_URL]))) { //-- mod : File Attachment Mod v2 Version 2.4.3 ---------------------------------------------------- if (!intval($attach_config['disable_mod'])) { attachment_quota_settings('user', $_POST['submit'], $mode); } //-- fin : File Attachment Mod v2 Version 2.4.3 ---------------------------------------------------- // // Ok, the profile has been modified and submitted, let's update // if ($mode == 'save' && isset($_POST['submit']) || isset($_POST['avatargallery']) || isset($_POST['submitavatar']) || isset($_POST['cancelavatar'])) { $user_id = intval($_POST['id']); // Begin PNphpBB2 Module // if (!($this_userdata = get_userdata($user_id))) if (!($this_userdata = phpbb_get_userdata($user_id))) { message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']); } if ($_POST['deleteuser'] && $userdata['user_id'] != $user_id) { $sql = "SELECT g.group_id \n\t\t\t\tFROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g \n\t\t\t\tWHERE ug.user_id = {$user_id} \n\t\t\t\t\tAND g.group_id = ug.group_id \n\t\t\t\t\tAND g.group_single_user = 1"; if (!($result = $db->sql_query($sql))) {