function BoardReport()
{
global $context, $txt, $sourcedir, $smcFunc;
// Load the permission profiles.
require_once $sourcedir . '/ManagePermissions.php';
loadLanguage('ManagePermissions');
loadPermissionProfiles();
// Get every moderator.
$request = $smcFunc['db_query']('', '
SELECT mods.id_board, mods.id_member, mem.real_name
FROM {db_prefix}moderators AS mods
INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)', array());
$moderators = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$moderators[$row['id_board']][] = $row['real_name'];
}
$smcFunc['db_free_result']($request);
// Get all the possible membergroups!
$request = $smcFunc['db_query']('', '
SELECT id_group, group_name, online_color
FROM {db_prefix}membergroups', array());
$groups = array(-1 => $txt['guest_title'], 0 => $txt['full_member']);
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$groups[$row['id_group']] = empty($row['online_color']) ? $row['group_name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>';
}
$smcFunc['db_free_result']($request);
// All the fields we'll show.
$boardSettings = array('category' => $txt['board_category'], 'parent' => $txt['board_parent'], 'num_topics' => $txt['board_num_topics'], 'num_posts' => $txt['board_num_posts'], 'count_posts' => $txt['board_count_posts'], 'theme' => $txt['board_theme'], 'override_theme' => $txt['board_override_theme'], 'profile' => $txt['board_profile'], 'moderators' => $txt['board_moderators'], 'groups' => $txt['board_groups']);
// Do it in columns, it's just easier.
setKeys('cols');
// Go through each board!
$request = $smcFunc['db_query']('order_by_board_order', '
SELECT b.id_board, b.name, b.num_posts, b.num_topics, b.count_posts, b.member_groups, b.override_theme, b.id_profile,
c.name AS cat_name, IFNULL(par.name, {string:text_none}) AS parent_name, IFNULL(th.value, {string:text_none}) AS theme_name
FROM {db_prefix}boards AS b
LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
LEFT JOIN {db_prefix}boards AS par ON (par.id_board = b.id_parent)
LEFT JOIN {db_prefix}themes AS th ON (th.id_theme = b.id_theme AND th.variable = {string:name})', array('name' => 'name', 'text_none' => $txt['none']));
$boards = array(0 => array('name' => $txt['global_boards']));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// Each board has it's own table.
newTable($row['name'], '', 'left', 'auto', 'left', 200, 'left');
// First off, add in the side key.
addData($boardSettings);
// Format the profile name.
$profile_name = $context['profiles'][$row['id_profile']]['name'];
// Create the main data array.
$boardData = array('category' => $row['cat_name'], 'parent' => $row['parent_name'], 'num_posts' => $row['num_posts'], 'num_topics' => $row['num_topics'], 'count_posts' => empty($row['count_posts']) ? $txt['yes'] : $txt['no'], 'theme' => $row['theme_name'], 'profile' => $profile_name, 'override_theme' => $row['override_theme'] ? $txt['yes'] : $txt['no'], 'moderators' => empty($moderators[$row['id_board']]) ? $txt['none'] : implode(', ', $moderators[$row['id_board']]));
// Work out the membergroups who can access it.
$allowedGroups = explode(',', $row['member_groups']);
foreach ($allowedGroups as $key => $group) {
if (isset($groups[$group])) {
$allowedGroups[$key] = $groups[$group];
} else {
unset($allowedGroups[$key]);
}
}
$boardData['groups'] = implode(', ', $allowedGroups);
// Next add the main data.
addData($boardData);
}
$smcFunc['db_free_result']($request);
}
/**
* Modify a specific board...
* screen for editing and repositioning a board.
* called by ?action=admin;area=manageboards;sa=board
* uses the modify_board sub-template of the ManageBoards template.
* requires manage_boards permission.
* also used to show the confirm deletion of category screen (sub-template confirm_board_delete).
(sub-template confirm_board_delete).
*/
function EditBoard()
{
global $txt, $context, $cat_tree, $boards, $boardList, $sourcedir, $smcFunc, $modSettings;
loadTemplate('ManageBoards');
require_once $sourcedir . '/Subs-Boards.php';
getBoardTree();
// For editing the profile we'll need this.
loadLanguage('ManagePermissions');
require_once $sourcedir . '/ManagePermissions.php';
loadPermissionProfiles();
// id_board must be a number....
$_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0;
if (!isset($boards[$_REQUEST['boardid']])) {
$_REQUEST['boardid'] = 0;
$_REQUEST['sa'] = 'newboard';
}
if ($_REQUEST['sa'] == 'newboard') {
// Category doesn't exist, man... sorry.
if (empty($_REQUEST['cat'])) {
redirectexit('action=admin;area=manageboards');
}
// Some things that need to be setup for a new board.
$curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']);
$context['board_order'] = array();
$context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true);
} else {
// Just some easy shortcuts.
$curBoard =& $boards[$_REQUEST['boardid']];
$context['board'] = $boards[$_REQUEST['boardid']];
$context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&')));
$context['board']['description'] = htmlspecialchars($context['board']['description']);
$context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']);
$context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id'];
}
// As we may have come from the permissions screen keep track of where we should go on save.
$context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards';
// We might need this to hide links to certain areas.
$context['can_manage_permissions'] = allowedTo('manage_permissions');
// Default membergroups.
$context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false));
// Load membergroups.
$request = $smcFunc['db_query']('', '
SELECT group_name, id_group, min_posts
FROM {db_prefix}membergroups
WHERE id_group > {int:moderator_group} OR id_group = {int:global_moderator}
ORDER BY min_posts, id_group != {int:global_moderator}, group_name', array('moderator_group' => 3, 'global_moderator' => 2));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if ($_REQUEST['sa'] == 'newboard' && $row['min_posts'] == -1) {
$curBoard['member_groups'][] = $row['id_group'];
}
$context['groups'][(int) $row['id_group']] = array('id' => $row['id_group'], 'name' => trim($row['group_name']), 'allow' => in_array($row['id_group'], $curBoard['member_groups']), 'deny' => in_array($row['id_group'], $curBoard['deny_groups']), 'is_post_group' => $row['min_posts'] != -1);
}
$smcFunc['db_free_result']($request);
// Category doesn't exist, man... sorry.
if (!isset($boardList[$curBoard['category']])) {
redirectexit('action=admin;area=manageboards');
}
foreach ($boardList[$curBoard['category']] as $boardid) {
if ($boardid == $_REQUEST['boardid']) {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true);
} else {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false);
}
}
// Are there any places to move child boards to in the case where we are confirming a delete?
if (!empty($_REQUEST['boardid'])) {
$context['can_move_children'] = false;
$context['children'] = $boards[$_REQUEST['boardid']]['tree']['children'];
foreach ($context['board_order'] as $board) {
if ($board['is_child'] == false && $board['selected'] == false) {
$context['can_move_children'] = true;
}
}
}
// Get other available categories.
$context['categories'] = array();
foreach ($cat_tree as $catID => $tree) {
$context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']);
}
$request = $smcFunc['db_query']('', '
SELECT mem.id_member, mem.real_name
FROM {db_prefix}moderators AS mods
INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
WHERE mods.id_board = {int:current_board}', array('current_board' => $_REQUEST['boardid']));
$context['board']['moderators'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['board']['moderators'][$row['id_member']] = $row['real_name'];
}
$smcFunc['db_free_result']($request);
$context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"';
if (!empty($context['board']['moderators'])) {
list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1);
}
// Get all the themes...
$request = $smcFunc['db_query']('', '
SELECT id_theme AS id, value AS name
FROM {db_prefix}themes
WHERE variable = {string:name}', array('name' => 'name'));
$context['themes'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['themes'][] = $row;
}
$smcFunc['db_free_result']($request);
if (!isset($_REQUEST['delete'])) {
$context['sub_template'] = 'modify_board';
$context['page_title'] = $txt['boardsEdit'];
} else {
$context['sub_template'] = 'confirm_board_delete';
$context['page_title'] = $txt['mboards_delete_board'];
}
// Create a special token.
createToken('admin-be-' . $_REQUEST['boardid']);
call_integration_hook('integrate_edit_board');
}
function showPermissions($memID)
{
global $scripturl, $txt, $board, $modSettings;
global $user_profile, $context, $user_info, $sourcedir, $smcFunc;
// Verify if the user has sufficient permissions.
isAllowedTo('manage_permissions');
loadLanguage('ManagePermissions');
loadLanguage('Admin');
loadTemplate('ManageMembers');
// Load all the permission profiles.
require_once $sourcedir . '/ManagePermissions.php';
loadPermissionProfiles();
$context['member']['id'] = $memID;
$context['member']['name'] = $user_profile[$memID]['real_name'];
$context['page_title'] = $txt['showPermissions'];
$board = empty($board) ? 0 : (int) $board;
$context['board'] = $board;
// Determine which groups this user is in.
if (empty($user_profile[$memID]['additional_groups'])) {
$curGroups = array();
} else {
$curGroups = explode(',', $user_profile[$memID]['additional_groups']);
}
$curGroups[] = $user_profile[$memID]['id_group'];
$curGroups[] = $user_profile[$memID]['id_post_group'];
// Load a list of boards for the jump box - except the defaults.
$request = $smcFunc['db_query']('order_by_board_order', '
SELECT b.id_board, b.name, b.id_profile, b.member_groups, IFNULL(mods.id_member, 0) AS is_mod
FROM {db_prefix}boards AS b
LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})
WHERE {query_see_board}', array('current_member' => $memID));
$context['boards'] = array();
$context['no_access_boards'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod']) {
$context['no_access_boards'][] = array('id' => $row['id_board'], 'name' => $row['name'], 'is_last' => false);
} elseif ($row['id_profile'] != 1 || $row['is_mod']) {
$context['boards'][$row['id_board']] = array('id' => $row['id_board'], 'name' => $row['name'], 'selected' => $board == $row['id_board'], 'profile' => $row['id_profile'], 'profile_name' => $context['profiles'][$row['id_profile']]['name']);
}
}
$smcFunc['db_free_result']($request);
if (!empty($context['no_access_boards'])) {
$context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true;
}
$context['member']['permissions'] = array('general' => array(), 'board' => array());
// If you're an admin we know you can do everything, we might as well leave.
$context['member']['has_all_permissions'] = in_array(1, $curGroups);
if ($context['member']['has_all_permissions']) {
return;
}
$denied = array();
// Get all general permissions.
$result = $smcFunc['db_query']('', '
SELECT p.permission, p.add_deny, mg.group_name, p.id_group
FROM {db_prefix}permissions AS p
LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = p.id_group)
WHERE p.id_group IN ({array_int:group_list})
ORDER BY p.add_deny DESC, p.permission, mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name', array('group_list' => $curGroups, 'newbie_group' => 4));
while ($row = $smcFunc['db_fetch_assoc']($result)) {
// We don't know about this permission, it doesn't exist :P.
if (!isset($txt['permissionname_' . $row['permission']])) {
continue;
}
if (empty($row['add_deny'])) {
$denied[] = $row['permission'];
}
// Permissions that end with _own or _any consist of two parts.
if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)])) {
$name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
} else {
$name = $txt['permissionname_' . $row['permission']];
}
// Add this permission if it doesn't exist yet.
if (!isset($context['member']['permissions']['general'][$row['permission']])) {
$context['member']['permissions']['general'][$row['permission']] = array('id' => $row['permission'], 'groups' => array('allowed' => array(), 'denied' => array()), 'name' => $name, 'is_denied' => false, 'is_global' => true);
}
// Add the membergroup to either the denied or the allowed groups.
$context['member']['permissions']['general'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
// Once denied is always denied.
$context['member']['permissions']['general'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
}
$smcFunc['db_free_result']($result);
$request = $smcFunc['db_query']('', '
SELECT
bp.add_deny, bp.permission, bp.id_group, mg.group_name' . (empty($board) ? '' : ',
b.id_profile, CASE WHEN mods.id_member IS NULL THEN 0 ELSE 1 END AS is_moderator') . '
FROM {db_prefix}board_permissions AS bp' . (empty($board) ? '' : '
INNER JOIN {db_prefix}boards AS b ON (b.id_board = {int:current_board})
LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})') . '
LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = bp.id_group)
WHERE bp.id_profile = {raw:current_profile}
AND bp.id_group IN ({array_int:group_list}' . (empty($board) ? ')' : ', {int:moderator_group})
AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})'), array('current_board' => $board, 'group_list' => $curGroups, 'current_member' => $memID, 'current_profile' => empty($board) ? '1' : 'b.id_profile', 'moderator_group' => 3));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
// We don't know about this permission, it doesn't exist :P.
if (!isset($txt['permissionname_' . $row['permission']])) {
continue;
}
// The name of the permission using the format 'permission name' - 'own/any topic/event/etc.'.
if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)])) {
$name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']];
} else {
$name = $txt['permissionname_' . $row['permission']];
}
// Create the structure for this permission.
if (!isset($context['member']['permissions']['board'][$row['permission']])) {
$context['member']['permissions']['board'][$row['permission']] = array('id' => $row['permission'], 'groups' => array('allowed' => array(), 'denied' => array()), 'name' => $name, 'is_denied' => false, 'is_global' => empty($board));
}
$context['member']['permissions']['board'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][$row['id_group']] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name'];
$context['member']['permissions']['board'][$row['permission']]['is_denied'] |= empty($row['add_deny']);
}
$smcFunc['db_free_result']($request);
}
function ModifyPostModeration()
{
global $context, $txt, $smcFunc, $modSettings;
// Just in case.
checkSession('get');
$context['page_title'] = $txt['permissions_post_moderation'];
$context['sub_template'] = 'postmod_permissions';
$context['current_profile'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 1;
// Load all the permission profiles.
loadPermissionProfiles();
// Mappings, our key => array(can_do_moderated, can_do_all)
$mappings = array('new_topic' => array('post_new', 'post_unapproved_topics'), 'replies_own' => array('post_reply_own', 'post_unapproved_replies_own'), 'replies_any' => array('post_reply_any', 'post_unapproved_replies_any'), 'attachment' => array('post_attachment', 'post_unapproved_attachments'));
// Start this with the guests/members.
$context['profile_groups'] = array(-1 => array('id' => -1, 'name' => $txt['membergroups_guests'], 'color' => '', 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array()), 0 => array('id' => 0, 'name' => $txt['membergroups_members'], 'color' => '', 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array()));
// Load the groups.
$request = $smcFunc['db_query']('', '
SELECT id_group, group_name, online_color, id_parent
FROM {db_prefix}membergroups
WHERE id_group != {int:admin_group}
' . (empty($modSettings['permission_enable_postgroups']) ? ' AND min_posts = {int:min_posts}' : '') . '
ORDER BY id_parent ASC', array('admin_group' => 1, 'min_posts' => -1));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if ($row['id_parent'] == -2) {
$context['profile_groups'][$row['id_group']] = array('id' => $row['id_group'], 'name' => $row['group_name'], 'color' => $row['online_color'], 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array());
} elseif (isset($context['profile_groups'][$row['id_parent']])) {
$context['profile_groups'][$row['id_parent']]['children'][] = $row['group_name'];
}
}
$smcFunc['db_free_result']($request);
// What are the permissions we are querying?
$all_permissions = array();
foreach ($mappings as $perm_set) {
$all_permissions = array_merge($all_permissions, $perm_set);
}
// If we're saving the changes then do just that - save them.
if (!empty($_POST['save_changes']) && ($context['current_profile'] == 1 || $context['current_profile'] > 4)) {
// Start by deleting all the permissions relevant.
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}board_permissions
WHERE id_profile = {int:current_profile}
AND permission IN ({array_string:permissions})
AND id_group IN ({array_int:profile_group_list})', array('profile_group_list' => array_keys($context['profile_groups']), 'current_profile' => $context['current_profile'], 'permissions' => $all_permissions));
// Do it group by group.
$new_permissions = array();
foreach ($context['profile_groups'] as $id => $group) {
foreach ($mappings as $index => $data) {
if (isset($_POST[$index][$group['id']])) {
if ($_POST[$index][$group['id']] == 'allow') {
// Give them both sets for fun.
$new_permissions[] = array($context['current_profile'], $group['id'], $data[0], 1);
$new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
} elseif ($_POST[$index][$group['id']] == 'moderate') {
$new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
}
}
}
}
// Insert new permissions.
if (!empty($new_permissions)) {
$smcFunc['db_insert']('', '{db_prefix}board_permissions', array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'), $new_permissions, array('id_profile', 'id_group', 'permission'));
}
}
// Now get all the permissions!
$request = $smcFunc['db_query']('', '
SELECT id_group, permission, add_deny
FROM {db_prefix}board_permissions
WHERE id_profile = {int:current_profile}
AND permission IN ({array_string:permissions})
AND id_group IN ({array_int:profile_group_list})', array('profile_group_list' => array_keys($context['profile_groups']), 'current_profile' => $context['current_profile'], 'permissions' => $all_permissions));
while ($row = $smcFunc['db_fetch_assoc']($request)) {
foreach ($mappings as $key => $data) {
foreach ($data as $index => $perm) {
if ($perm == $row['permission']) {
// Only bother if it's not denied.
if ($row['add_deny']) {
// Full allowance?
if ($index == 0) {
$context['profile_groups'][$row['id_group']][$key] = 'allow';
} elseif ($context['profile_groups'][$row['id_group']][$key] != 'allow') {
$context['profile_groups'][$row['id_group']][$key] = 'moderate';
}
}
}
}
}
}
$smcFunc['db_free_result']($request);
}
/**
* Show permissions for a user.
*/
public function action_showPermissions()
{
global $txt, $board, $user_profile, $context, $scripturl;
// Verify if the user has sufficient permissions.
isAllowedTo('manage_permissions');
loadLanguage('ManagePermissions');
loadLanguage('Admin');
loadTemplate('ManageMembers');
loadTemplate('ProfileInfo');
// Load all the permission profiles.
require_once SUBSDIR . '/ManagePermissions.subs.php';
loadPermissionProfiles();
$memID = currentMemberID();
$context['member']['id'] = $memID;
$context['member']['name'] = $user_profile[$memID]['real_name'];
$context['page_title'] = $txt['showPermissions'];
$board = empty($board) ? 0 : (int) $board;
$context['board'] = $board;
// Determine which groups this user is in.
if (empty($user_profile[$memID]['additional_groups'])) {
$curGroups = array();
} else {
$curGroups = explode(',', $user_profile[$memID]['additional_groups']);
}
$curGroups[] = $user_profile[$memID]['id_group'];
$curGroups[] = $user_profile[$memID]['id_post_group'];
// Load a list of boards for the jump box - except the defaults.
require_once SUBSDIR . '/Boards.subs.php';
$board_list = getBoardList(array('moderator' => $memID), true);
$context['boards'] = array();
$context['no_access_boards'] = array();
foreach ($board_list as $row) {
if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod']) {
$context['no_access_boards'][] = array('id' => $row['id_board'], 'name' => $row['board_name'], 'is_last' => false);
} elseif ($row['id_profile'] != 1 || $row['is_mod']) {
$context['boards'][$row['id_board']] = array('id' => $row['id_board'], 'name' => $row['board_name'], 'url' => $scripturl, '?board=', $row['id_board'], '.0', 'selected' => $board == $row['id_board'], 'profile' => $row['id_profile'], 'profile_name' => $context['profiles'][$row['id_profile']]['name']);
}
}
if (!empty($context['no_access_boards'])) {
$context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true;
}
$context['member']['permissions'] = array('general' => array(), 'board' => array());
// If you're an admin we know you can do everything, we might as well leave.
$context['member']['has_all_permissions'] = in_array(1, $curGroups);
if ($context['member']['has_all_permissions']) {
return;
}
// Get all general permissions for the groups this member is in
$context['member']['permissions']['general'] = getMemberGeneralPermissions($curGroups);
// Get all board permissions for this member
$context['member']['permissions']['board'] = getMemberBoardPermissions($memID, $curGroups, $board);
}
/**
* Present a nice way of applying post moderation.
*/
public function action_postmod()
{
global $context, $txt;
require_once SUBSDIR . '/ManagePermissions.subs.php';
// Just in case.
checkSession('get');
$context['page_title'] = $txt['permissions_post_moderation'];
$context['sub_template'] = 'postmod_permissions';
$context['current_profile'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 1;
// Load all the permission profiles.
loadPermissionProfiles();
// Mappings, our key => array(can_do_moderated, can_do_all)
$mappings = array('new_topic' => array('post_new', 'post_unapproved_topics'), 'replies_own' => array('post_reply_own', 'post_unapproved_replies_own'), 'replies_any' => array('post_reply_any', 'post_unapproved_replies_any'), 'attachment' => array('post_attachment', 'post_unapproved_attachments'));
call_integration_hook('integrate_post_moderation_mapping', array(&$mappings));
// Load the groups.
require_once SUBSDIR . '/Membergroups.subs.php';
$context['profile_groups'] = prepareMembergroupPermissions();
// What are the permissions we are querying?
$all_permissions = array();
foreach ($mappings as $perm_set) {
$all_permissions = array_merge($all_permissions, $perm_set);
}
// If we're saving the changes then do just that - save them.
if (!empty($_POST['save_changes']) && ($context['current_profile'] == 1 || $context['current_profile'] > 4)) {
validateToken('admin-mppm');
// Start by deleting all the permissions relevant.
deleteBoardPermissions($context['profile_groups'], $context['current_profile'], $all_permissions);
// Do it group by group.
$new_permissions = array();
foreach ($context['profile_groups'] as $id => $group) {
foreach ($mappings as $index => $data) {
if (isset($_POST[$index][$group['id']])) {
if ($_POST[$index][$group['id']] == 'allow') {
// Give them both sets for fun.
$new_permissions[] = array($context['current_profile'], $group['id'], $data[0], 1);
$new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
} elseif ($_POST[$index][$group['id']] == 'moderate') {
$new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
}
}
}
}
// Insert new permissions.
if (!empty($new_permissions)) {
insertBoardPermission($new_permissions);
}
}
// Now get all the permissions!
$perm = getPermission(array_keys($context['profile_groups']), $context['current_profile'], $all_permissions);
foreach ($perm as $id_group => $row) {
foreach ($mappings as $key => $data) {
foreach ($data as $index => $perm) {
// Only bother if it's not denied.
if (!empty($row['add']) && in_array($perm, $row['add'])) {
// Full allowance?
if ($index == 0) {
$context['profile_groups'][$id_group][$key] = 'allow';
} elseif ($context['profile_groups'][$id_group][$key] != 'allow') {
$context['profile_groups'][$id_group][$key] = 'moderate';
}
}
}
}
}
createToken('admin-mppm');
}
/**
* Standard report about what settings the boards have.
* functions ending with "Report" are responsible for generating data
* for reporting.
* they are all called from action_index.
* never access the context directly, but use the data handling
* functions to do so.
*/
public function action_boards()
{
global $context, $txt, $modSettings;
// Load the permission profiles.
require_once SUBSDIR . '/ManagePermissions.subs.php';
require_once SUBSDIR . '/Boards.subs.php';
require_once SUBSDIR . '/Membergroups.subs.php';
require_once SUBSDIR . '/Reports.subs.php';
loadLanguage('ManagePermissions');
loadPermissionProfiles();
// Get every moderator.
$moderators = allBoardModerators();
$boards_moderated = array();
foreach ($moderators as $id_board => $rows) {
foreach ($rows as $row) {
$boards_moderated[$id_board][] = $row['real_name'];
}
}
// Get all the possible membergroups!
$all_groups = getBasicMembergroupData(array('all'), array(), null, false);
$groups = array(-1 => $txt['guest_title'], 0 => $txt['full_member']);
foreach ($all_groups as $row) {
$groups[$row['id']] = empty($row['online_color']) ? $row['name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['name'] . '</span>';
}
// All the fields we'll show.
$boardSettings = array('category' => $txt['board_category'], 'parent' => $txt['board_parent'], 'num_topics' => $txt['board_num_topics'], 'num_posts' => $txt['board_num_posts'], 'count_posts' => $txt['board_count_posts'], 'theme' => $txt['board_theme'], 'override_theme' => $txt['board_override_theme'], 'profile' => $txt['board_profile'], 'moderators' => $txt['board_moderators'], 'groups' => $txt['board_groups']);
if (!empty($modSettings['deny_boards_access'])) {
$boardSettings['disallowed_groups'] = $txt['board_disallowed_groups'];
}
// Do it in columns, it's just easier.
setKeys('cols');
// Go through each board!
$boards = reportsBoardsList();
foreach ($boards as $row) {
// Each board has it's own table.
newTable($row['name'], '', 'left', 'auto', 'left', 200, 'left');
// First off, add in the side key.
addData($boardSettings);
// Format the profile name.
$profile_name = $context['profiles'][$row['id_profile']]['name'];
// Create the main data array.
$boardData = array('category' => $row['cat_name'], 'parent' => $row['parent_name'], 'num_posts' => $row['num_posts'], 'num_topics' => $row['num_topics'], 'count_posts' => empty($row['count_posts']) ? $txt['yes'] : $txt['no'], 'theme' => $row['theme_name'], 'profile' => $profile_name, 'override_theme' => $row['override_theme'] ? $txt['yes'] : $txt['no'], 'moderators' => empty($boards_moderated[$row['id_board']]) ? $txt['none'] : implode(', ', $boards_moderated[$row['id_board']]));
// Work out the membergroups who can and cannot access it (but only if enabled).
$allowedGroups = explode(',', $row['member_groups']);
foreach ($allowedGroups as $key => $group) {
if (isset($groups[$group])) {
$allowedGroups[$key] = $groups[$group];
} else {
unset($allowedGroups[$key]);
}
}
$boardData['groups'] = implode(', ', $allowedGroups);
if (!empty($modSettings['deny_boards_access'])) {
$disallowedGroups = explode(',', $row['deny_member_groups']);
foreach ($disallowedGroups as $key => $group) {
if (isset($groups[$group])) {
$disallowedGroups[$key] = $groups[$group];
} else {
unset($disallowedGroups[$key]);
}
}
$boardData['disallowed_groups'] = implode(', ', $disallowedGroups);
}
// Next add the main data.
addData($boardData);
}
}
/**
* Modify a specific board...
*
* What it doews
* - screen for editing and repositioning a board.
* - called by ?action=admin;area=manageboards;sa=board
* - also used to show the confirm deletion of category screen (sub-template confirm_board_delete).
* - requires manage_boards permission.
*
* @uses the modify_board sub-template of the ManageBoards template.
* @uses ManagePermissions language
*/
public function action_board()
{
global $txt, $context, $cat_tree, $boards, $boardList, $modSettings;
loadTemplate('ManageBoards');
require_once SUBSDIR . '/Boards.subs.php';
getBoardTree();
// For editing the profile we'll need this.
loadLanguage('ManagePermissions');
require_once SUBSDIR . '/ManagePermissions.subs.php';
loadPermissionProfiles();
// id_board must be a number....
$_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0;
if (!isset($boards[$_REQUEST['boardid']])) {
$_REQUEST['boardid'] = 0;
$_REQUEST['sa'] = 'newboard';
}
if ($_REQUEST['sa'] == 'newboard') {
// Category doesn't exist, man... sorry.
if (empty($_REQUEST['cat'])) {
redirectexit('action=admin;area=manageboards');
}
// Some things that need to be setup for a new board.
$curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']);
$context['board_order'] = array();
$context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true);
} else {
// Just some easy shortcuts.
$curBoard =& $boards[$_REQUEST['boardid']];
$context['board'] = $boards[$_REQUEST['boardid']];
$context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&')), ENT_COMPAT, 'UTF-8');
$context['board']['description'] = htmlspecialchars($context['board']['description'], ENT_COMPAT, 'UTF-8');
$context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']);
$context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id'];
}
// As we may have come from the permissions screen keep track of where we should go on save.
$context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards';
// We might need this to hide links to certain areas.
$context['can_manage_permissions'] = allowedTo('manage_permissions');
// Default membergroups.
$context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false));
$context['groups'] += getOtherGroups($curBoard);
// Category doesn't exist, man... sorry.
if (!isset($boardList[$curBoard['category']])) {
redirectexit('action=admin;area=manageboards');
}
foreach ($boardList[$curBoard['category']] as $boardid) {
if ($boardid == $_REQUEST['boardid']) {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true);
} else {
$context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false);
}
}
// Are there any places to move sub-boards to in the case where we are confirming a delete?
if (!empty($_REQUEST['boardid'])) {
$context['can_move_children'] = false;
$context['children'] = $boards[$_REQUEST['boardid']]['tree']['children'];
foreach ($context['board_order'] as $board) {
if ($board['is_child'] == false && $board['selected'] == false) {
$context['can_move_children'] = true;
}
}
}
// Get other available categories.
$context['categories'] = array();
foreach ($cat_tree as $catID => $tree) {
$context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']);
}
$context['board']['moderators'] = getBoardModerators($_REQUEST['boardid']);
$context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"';
if (!empty($context['board']['moderators'])) {
list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1);
}
$context['themes'] = getAllThemes();
if (!isset($_REQUEST['delete'])) {
$context['sub_template'] = 'modify_board';
$context['page_title'] = $txt['boardsEdit'];
loadJavascriptFile('suggest.js', array('defer' => true));
} else {
$context['sub_template'] = 'confirm_board_delete';
$context['page_title'] = $txt['mboards_delete_board'];
}
// Create a special token.
createToken('admin-be-' . $_REQUEST['boardid']);
call_integration_hook('integrate_edit_board');
}
