/** * Sets up the permissions by membergroup index page. * * - Called by ?action=managepermissions * - Creates an array of all the groups with the number of members and permissions. * * @uses ManagePermissions language file. * @uses ManagePermissions template file. * @uses ManageBoards template, permission_index sub-template. */ public function action_list() { global $txt, $scripturl, $context, $user_info, $modSettings; require_once SUBSDIR . '/Membergroups.subs.php'; require_once SUBSDIR . '/Members.subs.php'; require_once SUBSDIR . '/ManagePermissions.subs.php'; $context['page_title'] = $txt['permissions_title']; // pid = profile id if (!empty($_REQUEST['pid'])) { $_REQUEST['pid'] = (int) $_REQUEST['pid']; } // We can modify any permission set apart from the read only, reply only and no polls ones as they are redefined. $context['can_modify'] = empty($_REQUEST['pid']) || $_REQUEST['pid'] == 1 || $_REQUEST['pid'] > 4; // Load all the permissions. We'll need them in the template. loadAllPermissions(); // Also load profiles, we may want to reset. loadPermissionProfiles(); $listOptions = array('id' => 'regular_membergroups_list', 'title' => $txt['membergroups_regular'], 'base_href' => $scripturl . '?action=admin;area=permissions;sa=index' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : '') . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : ''), 'default_sort_col' => 'name', 'get_items' => array('file' => SUBSDIR . '/Membergroups.subs.php', 'function' => 'list_getMembergroups', 'params' => array('all', $user_info['id'], allowedTo('manage_membergroups'), allowedTo('admin_forum'), true, true, isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null)), 'columns' => array('name' => array('header' => array('value' => $txt['membergroups_name'], 'class' => 'grid50'), 'data' => array('function' => create_function('$rowData', ' global $scripturl, $txt; // Since the moderator group has no explicit members, no link is needed. // Since guests and regular members are not groups, no link is needed. if (in_array($rowData[\'id_group\'], array(-1, 0, 3))) $group_name = $rowData[\'group_name\']; else { $group_name = sprintf(\'<a href="%1$s?action=admin;area=membergroups;sa=members;group=%2$d">%3$s</a>\', $scripturl, $rowData[\'id_group\'], $rowData[\'group_name_color\']); } // Add a help option for guests, regular members, moderator and administrator. if (!empty($rowData[\'help\'])) $group_name .= sprintf(\' (<a href="%1$s?action=quickhelp;help=\' . $rowData[\'help\'] . \'" onclick="return reqOverlayDiv(this.href);">?</a>)\', $scripturl); if (!empty($rowData[\'children\'])) $group_name .= \' <br /> <span class="smalltext">\' . $txt[\'permissions_includes_inherited\'] . \': "\' . implode(\'", "\', $rowData[\'children\']) . \'"</span>\'; return $group_name; ')), 'sort' => array('default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name', 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name DESC')), 'members' => array('header' => array('value' => $txt['membergroups_members_top'], 'class' => 'grid10'), 'data' => array('function' => create_function('$rowData', ' global $txt, $scripturl; // No explicit members for guests and the moderator group. if (in_array($rowData[\'id_group\'], array(-1, 3))) return $txt[\'membergroups_guests_na\']; elseif ($rowData[\'can_search\']) return \'<a href="\' . $scripturl . \'?action=moderate;area=viewgroups;sa=members;group=\' . $rowData[\'id_group\'] . \'">\' . comma_format($rowData[\'num_members\']) . \'</a>\'; else return comma_format($rowData[\'num_members\']); ')), 'sort' => array('default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1', 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1 DESC')), 'permissions_allowed' => array('header' => array('value' => empty($modSettings['permission_enable_deny']) ? $txt['membergroups_permissions'] : $txt['permissions_allowed'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', ' return $rowData[\'num_permissions\'][\'allowed\']; '))), 'permissions_denied' => array('evaluate' => !empty($modSettings['permission_enable_deny']), 'header' => array('value' => $txt['permissions_denied'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', ' return $rowData[\'num_permissions\'][\'denied\']; '))), 'modify' => array('header' => array('value' => $context['can_modify'] ? $txt['permissions_modify'] : $txt['permissions_view'], 'class' => 'grid17'), 'data' => array('function' => create_function('$rowData', ' global $scripturl; if ($rowData[\'id_group\'] != 1) return \'<a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_group\'] . \'' . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : '') . '">' . $txt['membergroups_modify'] . '</a>\'; '))), 'check' => array('header' => array('value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />', 'class' => 'centertext', 'style' => 'width:4%;'), 'data' => array('function' => create_function('$rowData', ' if ($rowData[\'id_group\'] != 1) return \'<input type="checkbox" name="group[]" value="\' . $rowData[\'id_group\'] . \'" class="input_check" />\'; '), 'class' => 'centertext')))); require_once SUBSDIR . '/GenericList.class.php'; createList($listOptions); // The second list shows the post count based groups...if enabled if (!empty($modSettings['permission_enable_postgroups'])) { $listOptions = array('id' => 'post_count_membergroups_list', 'title' => $txt['membergroups_post'], 'base_href' => $scripturl . '?action=admin;area=permissions;sa=index' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : '') . (isset($_REQUEST['pid']) ? ';pid=' . $_REQUEST['pid'] : ''), 'default_sort_col' => 'required_posts', 'request_vars' => array('sort' => 'sort2', 'desc' => 'desc2'), 'get_items' => array('file' => SUBSDIR . '/Membergroups.subs.php', 'function' => 'list_getMembergroups', 'params' => array('post_count', $user_info['id'], allowedTo('manage_membergroups'), allowedTo('admin_forum'), false, true, isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null)), 'columns' => array('name' => array('header' => array('value' => $txt['membergroups_name'], 'class' => 'grid25'), 'data' => array('function' => create_function('$rowData', ' global $scripturl; return sprintf(\'<a href="%1$s?action=admin;area=permissions;sa=members;group=%2$d">%3$s</a>\', $scripturl, $rowData[\'id_group\'], $rowData[\'group_name_color\']); ')), 'sort' => array('default' => 'mg.group_name', 'reverse' => 'mg.group_name DESC')), 'required_posts' => array('header' => array('value' => $txt['membergroups_min_posts'], 'class' => 'grid25'), 'data' => array('db' => 'min_posts'), 'sort' => array('default' => 'mg.min_posts', 'reverse' => 'mg.min_posts DESC')), 'members' => array('header' => array('value' => $txt['membergroups_members_top'], 'class' => 'grid10'), 'data' => array('function' => create_function('$rowData', ' global $scripturl; if ($rowData[\'can_search\']) return \'<a href="\' . $scripturl . \'?action=moderate;area=viewgroups;sa=members;group=\' . $rowData[\'id_group\'] . \'">\' . comma_format($rowData[\'num_members\']) . \'</a>\'; else return comma_format($rowData[\'num_members\']); ')), 'sort' => array('default' => '1 DESC', 'reverse' => '1')), 'permissions_allowed' => array('header' => array('value' => empty($modSettings['permission_enable_deny']) ? $txt['membergroups_permissions'] : $txt['permissions_allowed'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', ' return $rowData[\'num_permissions\'][\'allowed\']; '))), 'permissions_denied' => array('evaluate' => !empty($modSettings['permission_enable_deny']), 'header' => array('value' => $txt['permissions_denied'], 'class' => 'grid8'), 'data' => array('function' => create_function('$rowData', ' return $rowData[\'num_permissions\'][\'denied\']; '))), 'modify' => array('header' => array('value' => $txt['modify'], 'class' => 'grid17'), 'data' => array('function' => create_function('$rowData', ' global $scripturl, $txt; if ($rowData[\'id_parent\'] == -2) return \'<a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_group\'] . (isset($_REQUEST[\'pid\']) ? \';pid=\' . $_REQUEST[\'pid\'] : \'\') . \'">\' . $txt[\'membergroups_modify\'] . \'</a>\'; else return \'<span class="smalltext">\' . $txt[\'permissions_includes_inherited_from\'] . \'"\' . $rowData[\'parent_name\'] . \'"\' . \'</span><br /><a href="\' . $scripturl . \'?action=admin;area=permissions;sa=modify;group=\' . $rowData[\'id_parent\'] . (isset($_REQUEST[\'pid\']) ? \';pid=\' . $_REQUEST[\'pid\'] : \'\') . \'">\' . $txt[\'membergroups_modify_parent\'] . \'</a>\'; '))), 'check' => array('header' => array('value' => '<input type="checkbox" onclick="invertAll(this, this.form);" class="input_check" />', 'class' => 'centertext', 'style' => 'width:4%;'), 'data' => array('sprintf' => array('format' => '<input type="checkbox" name="group[]" value="%1$d" class="input_check" />', 'params' => array('id_group' => false)), 'class' => 'centertext')))); createList($listOptions); } // pid = profile id if (!empty($_REQUEST['pid'])) { if (!isset($context['profiles'][$_REQUEST['pid']])) { fatal_lang_error('no_access', false); } // Change the selected tab to better reflect that this really is a board profile. $context[$context['admin_menu_name']]['current_subsection'] = 'profiles'; $context['profile'] = array('id' => $_REQUEST['pid'], 'name' => $context['profiles'][$_REQUEST['pid']]['name']); } $context['groups'] = array_merge(array(0 => $txt['membergroups_members']), getInheritableGroups()); // Load the proper template. $context['sub_template'] = 'permission_index'; createToken('admin-mpq'); }
/** * Editing a membergroup. * * What it does: * - Screen to edit a specific membergroup. * - Called by ?action=admin;area=membergroups;sa=edit;group=x. * - It requires the manage_membergroups permission. * - Also handles the delete button of the edit form. * - Redirects to ?action=admin;area=membergroups. * * @uses the edit_group sub template of ManageMembergroups. */ public function action_edit() { global $context, $txt, $modSettings; $current_group_id = isset($_REQUEST['group']) ? (int) $_REQUEST['group'] : 0; if (!empty($modSettings['deny_boards_access'])) { loadLanguage('ManagePermissions'); } require_once SUBSDIR . '/Membergroups.subs.php'; // Make sure this group is editable. if (!empty($current_group_id)) { $current_group = membergroupById($current_group_id); } // Now, do we have a valid id? if (!allowedTo('admin_forum') && !empty($current_group_id) && $current_group['group_type'] == 1) { fatal_lang_error('membergroup_does_not_exist', false); } // The delete this membergroup button was pressed. if (isset($_POST['delete'])) { checkSession(); validateToken('admin-mmg'); if (empty($current_group_id)) { fatal_lang_error('membergroup_does_not_exist', false); } // Let's delete the group deleteMembergroups($current_group['id_group']); redirectexit('action=admin;area=membergroups;'); } elseif (isset($_POST['save'])) { // Validate the session. checkSession(); validateToken('admin-mmg'); if (empty($current_group_id)) { fatal_lang_error('membergroup_does_not_exist', false); } require_once SUBSDIR . '/DataValidator.class.php'; $validator = new Data_Validator(); // Cleanup the inputs! :D $validator->sanitation_rules(array('max_messages' => 'intval', 'min_posts' => 'intval|abs', 'group_type' => 'intval', 'group_desc' => 'trim|Util::htmlspecialchars', 'group_name' => 'trim|Util::htmlspecialchars', 'group_hidden' => 'intval', 'group_inherit' => 'intval', 'icon_count' => 'intval', 'icon_image' => 'trim|Util::htmlspecialchars', 'online_color' => 'trim|valid_color')); $validator->input_processing(array('boardaccess' => 'array')); $validator->validation_rules(array('boardaccess' => 'contains[allow,ignore,deny]')); $validator->validate($_POST); // Can they really inherit from this group? if ($validator->group_inherit != -2 && !allowedTo('admin_forum')) { $inherit_type = membergroupById($validator->group_inherit); } $min_posts = $validator->group_type == -1 && $validator->min_posts >= 0 && $current_group['id_group'] > 3 ? $validator->min_posts : ($current_group['id_group'] == 4 ? 0 : -1); $group_inherit = $current_group['id_group'] > 1 && $current_group['id_group'] != 3 && (empty($inherit_type['group_type']) || $inherit_type['group_type'] != 1) ? $validator->group_inherit : -2; //@todo Don't set online_color for the Moderators group? // Do the update of the membergroup settings. $properties = array('max_messages' => $validator->max_messages, 'min_posts' => $min_posts, 'group_type' => $validator->group_type < 0 || $validator->group_type > 3 || $validator->group_type == 1 && !allowedTo('admin_forum') ? 0 : $validator->group_type, 'hidden' => !$validator->group_hidden || $min_posts != -1 || $current_group['id_group'] == 3 ? 0 : $validator->group_hidden, 'id_parent' => $group_inherit, 'current_group' => $current_group['id_group'], 'group_name' => $validator->group_name, 'online_color' => $validator->online_color, 'icons' => $validator->icon_count <= 0 ? '' : min($validator->icon_count, 10) . '#' . $validator->icon_image, 'description' => $current_group['id_group'] == 1 || $validator->group_type != -1 ? $validator->group_desc : ''); updateMembergroupProperties($properties); call_integration_hook('integrate_save_membergroup', array($current_group['id_group'])); // Time to update the boards this membergroup has access to. if ($current_group['id_group'] == 2 || $current_group['id_group'] > 3) { $changed_boards = array(); $changed_boards['allow'] = array(); $changed_boards['deny'] = array(); $changed_boards['ignore'] = array(); if ($validator->boardaccess) { foreach ($validator->boardaccess as $group_id => $action) { $changed_boards[$action][] = (int) $group_id; } } foreach (array('allow', 'deny') as $board_action) { // Find all board this group is in, but shouldn't be in. detachGroupFromBoards($current_group['id_group'], $changed_boards, $board_action); // Add the membergroup to all boards that hadn't been set yet. if (!empty($changed_boards[$board_action])) { assignGroupToBoards($current_group['id_group'], $changed_boards, $board_action); } } } // Remove everyone from this group! if ($min_posts != -1) { detachDeletedGroupFromMembers($current_group['id_group']); } elseif ($current_group['id_group'] != 3) { // Making it a hidden group? If so remove everyone with it as primary group (Actually, just make them additional). if ($validator->group_hidden == 2) { setGroupToHidden($current_group['id_group']); } // Either way, let's check our "show group membership" setting is correct. validateShowGroupMembership(); } // Do we need to set inherited permissions? if ($group_inherit != -2 && $group_inherit != $_POST['old_inherit']) { require_once SUBSDIR . '/Permission.subs.php'; updateChildPermissions($group_inherit); } // Finally, moderators! $moderator_string = isset($_POST['group_moderators']) ? trim($_POST['group_moderators']) : ''; detachGroupModerators($current_group['id_group']); if ((!empty($moderator_string) || !empty($_POST['moderator_list'])) && $min_posts == -1 && $current_group['id_group'] != 3) { // Get all the usernames from the string if (!empty($moderator_string)) { $moderator_string = strtr(preg_replace('~&#(\\d{4,5}|[2-9]\\d{2,4}|1[2-9]\\d);~', '&#$1;', htmlspecialchars($moderator_string, ENT_QUOTES, 'UTF-8')), array('"' => '"')); preg_match_all('~"([^"]+)"~', $moderator_string, $matches); $moderators = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $moderator_string))); for ($k = 0, $n = count($moderators); $k < $n; $k++) { $moderators[$k] = trim($moderators[$k]); if (strlen($moderators[$k]) == 0) { unset($moderators[$k]); } } // Find all the id_member's for the member_name's in the list. if (!empty($moderators)) { $group_moderators = getIDMemberFromGroupModerators($moderators); } } else { $moderators = array(); foreach ($_POST['moderator_list'] as $moderator) { $moderators[] = (int) $moderator; } $group_moderators = array(); if (!empty($moderators)) { require_once SUBSDIR . '/Members.subs.php'; $members = getBasicMemberData($moderators); foreach ($members as $member) { $group_moderators[] = $member['id_member']; } } } // Found some? if (!empty($group_moderators)) { assignGroupModerators($current_group['id_group'], $group_moderators); } } // There might have been some post group changes. updateStats('postgroups'); // We've definitely changed some group stuff. updateSettings(array('settings_updated' => time())); // Log the edit. logAction('edited_group', array('group' => $validator->group_name), 'admin'); redirectexit('action=admin;area=membergroups'); } // Fetch the current group information. $row = membergroupById($current_group['id_group'], true); if (empty($row) || !allowedTo('admin_forum') && $row['group_type'] == 1) { fatal_lang_error('membergroup_does_not_exist', false); } $row['icons'] = explode('#', $row['icons']); $context['group'] = array('id' => $row['id_group'], 'name' => $row['group_name'], 'description' => htmlspecialchars($row['description'], ENT_COMPAT, 'UTF-8'), 'editable_name' => $row['group_name'], 'color' => $row['online_color'], 'min_posts' => $row['min_posts'], 'max_messages' => $row['max_messages'], 'icon_count' => (int) $row['icons'][0], 'icon_image' => isset($row['icons'][1]) ? $row['icons'][1] : '', 'is_post_group' => $row['min_posts'] != -1, 'type' => $row['min_posts'] != -1 ? 0 : $row['group_type'], 'hidden' => $row['min_posts'] == -1 ? $row['hidden'] : 0, 'inherited_from' => $row['id_parent'], 'allow_post_group' => $row['id_group'] == 2 || $row['id_group'] > 4, 'allow_delete' => $row['id_group'] == 2 || $row['id_group'] > 4, 'allow_protected' => allowedTo('admin_forum')); // Get any moderators for this group $context['group']['moderators'] = getGroupModerators($row['id_group']); $context['group']['moderator_list'] = empty($context['group']['moderators']) ? '' : '"' . implode('", "', $context['group']['moderators']) . '"'; if (!empty($context['group']['moderators'])) { list($context['group']['last_moderator_id']) = array_slice(array_keys($context['group']['moderators']), -1); } // Get a list of boards this membergroup is allowed to see. $context['boards'] = array(); if ($row['id_group'] == 2 || $row['id_group'] > 3) { require_once SUBSDIR . '/Boards.subs.php'; $context += getBoardList(array('override_permissions' => true, 'access' => $row['id_group'], 'not_redirection' => true)); // Include a list of boards per category for easy toggling. foreach ($context['categories'] as $category) { $context['categories'][$category['id']]['child_ids'] = array_keys($category['boards']); } } // Finally, get all the groups this could be inherited off. $context['inheritable_groups'] = getInheritableGroups($row['id_group']); call_integration_hook('integrate_view_membergroup'); $context['sub_template'] = 'edit_group'; $context['page_title'] = $txt['membergroups_edit_group']; // Use the autosuggest script when needed if ($context['group']['id'] != 3 && $context['group']['id'] != 4) { loadJavascriptFile('suggest.js', array('defer' => true)); } createToken('admin-mmg'); }