function BoardReport() { global $context, $txt, $sourcedir, $smcFunc; // Load the permission profiles. require_once $sourcedir . '/ManagePermissions.php'; loadLanguage('ManagePermissions'); loadPermissionProfiles(); // Get every moderator. $request = $smcFunc['db_query']('', ' SELECT mods.id_board, mods.id_member, mem.real_name FROM {db_prefix}moderators AS mods INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)', array()); $moderators = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $moderators[$row['id_board']][] = $row['real_name']; } $smcFunc['db_free_result']($request); // Get all the possible membergroups! $request = $smcFunc['db_query']('', ' SELECT id_group, group_name, online_color FROM {db_prefix}membergroups', array()); $groups = array(-1 => $txt['guest_title'], 0 => $txt['full_member']); while ($row = $smcFunc['db_fetch_assoc']($request)) { $groups[$row['id_group']] = empty($row['online_color']) ? $row['group_name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>'; } $smcFunc['db_free_result']($request); // All the fields we'll show. $boardSettings = array('category' => $txt['board_category'], 'parent' => $txt['board_parent'], 'num_topics' => $txt['board_num_topics'], 'num_posts' => $txt['board_num_posts'], 'count_posts' => $txt['board_count_posts'], 'theme' => $txt['board_theme'], 'override_theme' => $txt['board_override_theme'], 'profile' => $txt['board_profile'], 'moderators' => $txt['board_moderators'], 'groups' => $txt['board_groups']); // Do it in columns, it's just easier. setKeys('cols'); // Go through each board! $request = $smcFunc['db_query']('order_by_board_order', ' SELECT b.id_board, b.name, b.num_posts, b.num_topics, b.count_posts, b.member_groups, b.override_theme, b.id_profile, c.name AS cat_name, IFNULL(par.name, {string:text_none}) AS parent_name, IFNULL(th.value, {string:text_none}) AS theme_name FROM {db_prefix}boards AS b LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat) LEFT JOIN {db_prefix}boards AS par ON (par.id_board = b.id_parent) LEFT JOIN {db_prefix}themes AS th ON (th.id_theme = b.id_theme AND th.variable = {string:name})', array('name' => 'name', 'text_none' => $txt['none'])); $boards = array(0 => array('name' => $txt['global_boards'])); while ($row = $smcFunc['db_fetch_assoc']($request)) { // Each board has it's own table. newTable($row['name'], '', 'left', 'auto', 'left', 200, 'left'); // First off, add in the side key. addData($boardSettings); // Format the profile name. $profile_name = $context['profiles'][$row['id_profile']]['name']; // Create the main data array. $boardData = array('category' => $row['cat_name'], 'parent' => $row['parent_name'], 'num_posts' => $row['num_posts'], 'num_topics' => $row['num_topics'], 'count_posts' => empty($row['count_posts']) ? $txt['yes'] : $txt['no'], 'theme' => $row['theme_name'], 'profile' => $profile_name, 'override_theme' => $row['override_theme'] ? $txt['yes'] : $txt['no'], 'moderators' => empty($moderators[$row['id_board']]) ? $txt['none'] : implode(', ', $moderators[$row['id_board']])); // Work out the membergroups who can access it. $allowedGroups = explode(',', $row['member_groups']); foreach ($allowedGroups as $key => $group) { if (isset($groups[$group])) { $allowedGroups[$key] = $groups[$group]; } else { unset($allowedGroups[$key]); } } $boardData['groups'] = implode(', ', $allowedGroups); // Next add the main data. addData($boardData); } $smcFunc['db_free_result']($request); }
/** * Modify a specific board... * screen for editing and repositioning a board. * called by ?action=admin;area=manageboards;sa=board * uses the modify_board sub-template of the ManageBoards template. * requires manage_boards permission. * also used to show the confirm deletion of category screen (sub-template confirm_board_delete). (sub-template confirm_board_delete). */ function EditBoard() { global $txt, $context, $cat_tree, $boards, $boardList, $sourcedir, $smcFunc, $modSettings; loadTemplate('ManageBoards'); require_once $sourcedir . '/Subs-Boards.php'; getBoardTree(); // For editing the profile we'll need this. loadLanguage('ManagePermissions'); require_once $sourcedir . '/ManagePermissions.php'; loadPermissionProfiles(); // id_board must be a number.... $_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0; if (!isset($boards[$_REQUEST['boardid']])) { $_REQUEST['boardid'] = 0; $_REQUEST['sa'] = 'newboard'; } if ($_REQUEST['sa'] == 'newboard') { // Category doesn't exist, man... sorry. if (empty($_REQUEST['cat'])) { redirectexit('action=admin;area=manageboards'); } // Some things that need to be setup for a new board. $curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']); $context['board_order'] = array(); $context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true); } else { // Just some easy shortcuts. $curBoard =& $boards[$_REQUEST['boardid']]; $context['board'] = $boards[$_REQUEST['boardid']]; $context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&'))); $context['board']['description'] = htmlspecialchars($context['board']['description']); $context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']); $context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id']; } // As we may have come from the permissions screen keep track of where we should go on save. $context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards'; // We might need this to hide links to certain areas. $context['can_manage_permissions'] = allowedTo('manage_permissions'); // Default membergroups. $context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false)); // Load membergroups. $request = $smcFunc['db_query']('', ' SELECT group_name, id_group, min_posts FROM {db_prefix}membergroups WHERE id_group > {int:moderator_group} OR id_group = {int:global_moderator} ORDER BY min_posts, id_group != {int:global_moderator}, group_name', array('moderator_group' => 3, 'global_moderator' => 2)); while ($row = $smcFunc['db_fetch_assoc']($request)) { if ($_REQUEST['sa'] == 'newboard' && $row['min_posts'] == -1) { $curBoard['member_groups'][] = $row['id_group']; } $context['groups'][(int) $row['id_group']] = array('id' => $row['id_group'], 'name' => trim($row['group_name']), 'allow' => in_array($row['id_group'], $curBoard['member_groups']), 'deny' => in_array($row['id_group'], $curBoard['deny_groups']), 'is_post_group' => $row['min_posts'] != -1); } $smcFunc['db_free_result']($request); // Category doesn't exist, man... sorry. if (!isset($boardList[$curBoard['category']])) { redirectexit('action=admin;area=manageboards'); } foreach ($boardList[$curBoard['category']] as $boardid) { if ($boardid == $_REQUEST['boardid']) { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true); } else { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false); } } // Are there any places to move child boards to in the case where we are confirming a delete? if (!empty($_REQUEST['boardid'])) { $context['can_move_children'] = false; $context['children'] = $boards[$_REQUEST['boardid']]['tree']['children']; foreach ($context['board_order'] as $board) { if ($board['is_child'] == false && $board['selected'] == false) { $context['can_move_children'] = true; } } } // Get other available categories. $context['categories'] = array(); foreach ($cat_tree as $catID => $tree) { $context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']); } $request = $smcFunc['db_query']('', ' SELECT mem.id_member, mem.real_name FROM {db_prefix}moderators AS mods INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member) WHERE mods.id_board = {int:current_board}', array('current_board' => $_REQUEST['boardid'])); $context['board']['moderators'] = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $context['board']['moderators'][$row['id_member']] = $row['real_name']; } $smcFunc['db_free_result']($request); $context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"'; if (!empty($context['board']['moderators'])) { list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1); } // Get all the themes... $request = $smcFunc['db_query']('', ' SELECT id_theme AS id, value AS name FROM {db_prefix}themes WHERE variable = {string:name}', array('name' => 'name')); $context['themes'] = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $context['themes'][] = $row; } $smcFunc['db_free_result']($request); if (!isset($_REQUEST['delete'])) { $context['sub_template'] = 'modify_board'; $context['page_title'] = $txt['boardsEdit']; } else { $context['sub_template'] = 'confirm_board_delete'; $context['page_title'] = $txt['mboards_delete_board']; } // Create a special token. createToken('admin-be-' . $_REQUEST['boardid']); call_integration_hook('integrate_edit_board'); }
function showPermissions($memID) { global $scripturl, $txt, $board, $modSettings; global $user_profile, $context, $user_info, $sourcedir, $smcFunc; // Verify if the user has sufficient permissions. isAllowedTo('manage_permissions'); loadLanguage('ManagePermissions'); loadLanguage('Admin'); loadTemplate('ManageMembers'); // Load all the permission profiles. require_once $sourcedir . '/ManagePermissions.php'; loadPermissionProfiles(); $context['member']['id'] = $memID; $context['member']['name'] = $user_profile[$memID]['real_name']; $context['page_title'] = $txt['showPermissions']; $board = empty($board) ? 0 : (int) $board; $context['board'] = $board; // Determine which groups this user is in. if (empty($user_profile[$memID]['additional_groups'])) { $curGroups = array(); } else { $curGroups = explode(',', $user_profile[$memID]['additional_groups']); } $curGroups[] = $user_profile[$memID]['id_group']; $curGroups[] = $user_profile[$memID]['id_post_group']; // Load a list of boards for the jump box - except the defaults. $request = $smcFunc['db_query']('order_by_board_order', ' SELECT b.id_board, b.name, b.id_profile, b.member_groups, IFNULL(mods.id_member, 0) AS is_mod FROM {db_prefix}boards AS b LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member}) WHERE {query_see_board}', array('current_member' => $memID)); $context['boards'] = array(); $context['no_access_boards'] = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod']) { $context['no_access_boards'][] = array('id' => $row['id_board'], 'name' => $row['name'], 'is_last' => false); } elseif ($row['id_profile'] != 1 || $row['is_mod']) { $context['boards'][$row['id_board']] = array('id' => $row['id_board'], 'name' => $row['name'], 'selected' => $board == $row['id_board'], 'profile' => $row['id_profile'], 'profile_name' => $context['profiles'][$row['id_profile']]['name']); } } $smcFunc['db_free_result']($request); if (!empty($context['no_access_boards'])) { $context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true; } $context['member']['permissions'] = array('general' => array(), 'board' => array()); // If you're an admin we know you can do everything, we might as well leave. $context['member']['has_all_permissions'] = in_array(1, $curGroups); if ($context['member']['has_all_permissions']) { return; } $denied = array(); // Get all general permissions. $result = $smcFunc['db_query']('', ' SELECT p.permission, p.add_deny, mg.group_name, p.id_group FROM {db_prefix}permissions AS p LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = p.id_group) WHERE p.id_group IN ({array_int:group_list}) ORDER BY p.add_deny DESC, p.permission, mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name', array('group_list' => $curGroups, 'newbie_group' => 4)); while ($row = $smcFunc['db_fetch_assoc']($result)) { // We don't know about this permission, it doesn't exist :P. if (!isset($txt['permissionname_' . $row['permission']])) { continue; } if (empty($row['add_deny'])) { $denied[] = $row['permission']; } // Permissions that end with _own or _any consist of two parts. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)])) { $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']]; } else { $name = $txt['permissionname_' . $row['permission']]; } // Add this permission if it doesn't exist yet. if (!isset($context['member']['permissions']['general'][$row['permission']])) { $context['member']['permissions']['general'][$row['permission']] = array('id' => $row['permission'], 'groups' => array('allowed' => array(), 'denied' => array()), 'name' => $name, 'is_denied' => false, 'is_global' => true); } // Add the membergroup to either the denied or the allowed groups. $context['member']['permissions']['general'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name']; // Once denied is always denied. $context['member']['permissions']['general'][$row['permission']]['is_denied'] |= empty($row['add_deny']); } $smcFunc['db_free_result']($result); $request = $smcFunc['db_query']('', ' SELECT bp.add_deny, bp.permission, bp.id_group, mg.group_name' . (empty($board) ? '' : ', b.id_profile, CASE WHEN mods.id_member IS NULL THEN 0 ELSE 1 END AS is_moderator') . ' FROM {db_prefix}board_permissions AS bp' . (empty($board) ? '' : ' INNER JOIN {db_prefix}boards AS b ON (b.id_board = {int:current_board}) LEFT JOIN {db_prefix}moderators AS mods ON (mods.id_board = b.id_board AND mods.id_member = {int:current_member})') . ' LEFT JOIN {db_prefix}membergroups AS mg ON (mg.id_group = bp.id_group) WHERE bp.id_profile = {raw:current_profile} AND bp.id_group IN ({array_int:group_list}' . (empty($board) ? ')' : ', {int:moderator_group}) AND (mods.id_member IS NOT NULL OR bp.id_group != {int:moderator_group})'), array('current_board' => $board, 'group_list' => $curGroups, 'current_member' => $memID, 'current_profile' => empty($board) ? '1' : 'b.id_profile', 'moderator_group' => 3)); while ($row = $smcFunc['db_fetch_assoc']($request)) { // We don't know about this permission, it doesn't exist :P. if (!isset($txt['permissionname_' . $row['permission']])) { continue; } // The name of the permission using the format 'permission name' - 'own/any topic/event/etc.'. if (in_array(substr($row['permission'], -4), array('_own', '_any')) && isset($txt['permissionname_' . substr($row['permission'], 0, -4)])) { $name = $txt['permissionname_' . substr($row['permission'], 0, -4)] . ' - ' . $txt['permissionname_' . $row['permission']]; } else { $name = $txt['permissionname_' . $row['permission']]; } // Create the structure for this permission. if (!isset($context['member']['permissions']['board'][$row['permission']])) { $context['member']['permissions']['board'][$row['permission']] = array('id' => $row['permission'], 'groups' => array('allowed' => array(), 'denied' => array()), 'name' => $name, 'is_denied' => false, 'is_global' => empty($board)); } $context['member']['permissions']['board'][$row['permission']]['groups'][empty($row['add_deny']) ? 'denied' : 'allowed'][$row['id_group']] = $row['id_group'] == 0 ? $txt['membergroups_members'] : $row['group_name']; $context['member']['permissions']['board'][$row['permission']]['is_denied'] |= empty($row['add_deny']); } $smcFunc['db_free_result']($request); }
function ModifyPostModeration() { global $context, $txt, $smcFunc, $modSettings; // Just in case. checkSession('get'); $context['page_title'] = $txt['permissions_post_moderation']; $context['sub_template'] = 'postmod_permissions'; $context['current_profile'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 1; // Load all the permission profiles. loadPermissionProfiles(); // Mappings, our key => array(can_do_moderated, can_do_all) $mappings = array('new_topic' => array('post_new', 'post_unapproved_topics'), 'replies_own' => array('post_reply_own', 'post_unapproved_replies_own'), 'replies_any' => array('post_reply_any', 'post_unapproved_replies_any'), 'attachment' => array('post_attachment', 'post_unapproved_attachments')); // Start this with the guests/members. $context['profile_groups'] = array(-1 => array('id' => -1, 'name' => $txt['membergroups_guests'], 'color' => '', 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array()), 0 => array('id' => 0, 'name' => $txt['membergroups_members'], 'color' => '', 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array())); // Load the groups. $request = $smcFunc['db_query']('', ' SELECT id_group, group_name, online_color, id_parent FROM {db_prefix}membergroups WHERE id_group != {int:admin_group} ' . (empty($modSettings['permission_enable_postgroups']) ? ' AND min_posts = {int:min_posts}' : '') . ' ORDER BY id_parent ASC', array('admin_group' => 1, 'min_posts' => -1)); while ($row = $smcFunc['db_fetch_assoc']($request)) { if ($row['id_parent'] == -2) { $context['profile_groups'][$row['id_group']] = array('id' => $row['id_group'], 'name' => $row['group_name'], 'color' => $row['online_color'], 'new_topic' => 'disallow', 'replies_own' => 'disallow', 'replies_any' => 'disallow', 'attachment' => 'disallow', 'children' => array()); } elseif (isset($context['profile_groups'][$row['id_parent']])) { $context['profile_groups'][$row['id_parent']]['children'][] = $row['group_name']; } } $smcFunc['db_free_result']($request); // What are the permissions we are querying? $all_permissions = array(); foreach ($mappings as $perm_set) { $all_permissions = array_merge($all_permissions, $perm_set); } // If we're saving the changes then do just that - save them. if (!empty($_POST['save_changes']) && ($context['current_profile'] == 1 || $context['current_profile'] > 4)) { // Start by deleting all the permissions relevant. $smcFunc['db_query']('', ' DELETE FROM {db_prefix}board_permissions WHERE id_profile = {int:current_profile} AND permission IN ({array_string:permissions}) AND id_group IN ({array_int:profile_group_list})', array('profile_group_list' => array_keys($context['profile_groups']), 'current_profile' => $context['current_profile'], 'permissions' => $all_permissions)); // Do it group by group. $new_permissions = array(); foreach ($context['profile_groups'] as $id => $group) { foreach ($mappings as $index => $data) { if (isset($_POST[$index][$group['id']])) { if ($_POST[$index][$group['id']] == 'allow') { // Give them both sets for fun. $new_permissions[] = array($context['current_profile'], $group['id'], $data[0], 1); $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1); } elseif ($_POST[$index][$group['id']] == 'moderate') { $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1); } } } } // Insert new permissions. if (!empty($new_permissions)) { $smcFunc['db_insert']('', '{db_prefix}board_permissions', array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'), $new_permissions, array('id_profile', 'id_group', 'permission')); } } // Now get all the permissions! $request = $smcFunc['db_query']('', ' SELECT id_group, permission, add_deny FROM {db_prefix}board_permissions WHERE id_profile = {int:current_profile} AND permission IN ({array_string:permissions}) AND id_group IN ({array_int:profile_group_list})', array('profile_group_list' => array_keys($context['profile_groups']), 'current_profile' => $context['current_profile'], 'permissions' => $all_permissions)); while ($row = $smcFunc['db_fetch_assoc']($request)) { foreach ($mappings as $key => $data) { foreach ($data as $index => $perm) { if ($perm == $row['permission']) { // Only bother if it's not denied. if ($row['add_deny']) { // Full allowance? if ($index == 0) { $context['profile_groups'][$row['id_group']][$key] = 'allow'; } elseif ($context['profile_groups'][$row['id_group']][$key] != 'allow') { $context['profile_groups'][$row['id_group']][$key] = 'moderate'; } } } } } } $smcFunc['db_free_result']($request); }
/** * Show permissions for a user. */ public function action_showPermissions() { global $txt, $board, $user_profile, $context, $scripturl; // Verify if the user has sufficient permissions. isAllowedTo('manage_permissions'); loadLanguage('ManagePermissions'); loadLanguage('Admin'); loadTemplate('ManageMembers'); loadTemplate('ProfileInfo'); // Load all the permission profiles. require_once SUBSDIR . '/ManagePermissions.subs.php'; loadPermissionProfiles(); $memID = currentMemberID(); $context['member']['id'] = $memID; $context['member']['name'] = $user_profile[$memID]['real_name']; $context['page_title'] = $txt['showPermissions']; $board = empty($board) ? 0 : (int) $board; $context['board'] = $board; // Determine which groups this user is in. if (empty($user_profile[$memID]['additional_groups'])) { $curGroups = array(); } else { $curGroups = explode(',', $user_profile[$memID]['additional_groups']); } $curGroups[] = $user_profile[$memID]['id_group']; $curGroups[] = $user_profile[$memID]['id_post_group']; // Load a list of boards for the jump box - except the defaults. require_once SUBSDIR . '/Boards.subs.php'; $board_list = getBoardList(array('moderator' => $memID), true); $context['boards'] = array(); $context['no_access_boards'] = array(); foreach ($board_list as $row) { if (count(array_intersect($curGroups, explode(',', $row['member_groups']))) === 0 && !$row['is_mod']) { $context['no_access_boards'][] = array('id' => $row['id_board'], 'name' => $row['board_name'], 'is_last' => false); } elseif ($row['id_profile'] != 1 || $row['is_mod']) { $context['boards'][$row['id_board']] = array('id' => $row['id_board'], 'name' => $row['board_name'], 'url' => $scripturl, '?board=', $row['id_board'], '.0', 'selected' => $board == $row['id_board'], 'profile' => $row['id_profile'], 'profile_name' => $context['profiles'][$row['id_profile']]['name']); } } if (!empty($context['no_access_boards'])) { $context['no_access_boards'][count($context['no_access_boards']) - 1]['is_last'] = true; } $context['member']['permissions'] = array('general' => array(), 'board' => array()); // If you're an admin we know you can do everything, we might as well leave. $context['member']['has_all_permissions'] = in_array(1, $curGroups); if ($context['member']['has_all_permissions']) { return; } // Get all general permissions for the groups this member is in $context['member']['permissions']['general'] = getMemberGeneralPermissions($curGroups); // Get all board permissions for this member $context['member']['permissions']['board'] = getMemberBoardPermissions($memID, $curGroups, $board); }
/** * Present a nice way of applying post moderation. */ public function action_postmod() { global $context, $txt; require_once SUBSDIR . '/ManagePermissions.subs.php'; // Just in case. checkSession('get'); $context['page_title'] = $txt['permissions_post_moderation']; $context['sub_template'] = 'postmod_permissions'; $context['current_profile'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 1; // Load all the permission profiles. loadPermissionProfiles(); // Mappings, our key => array(can_do_moderated, can_do_all) $mappings = array('new_topic' => array('post_new', 'post_unapproved_topics'), 'replies_own' => array('post_reply_own', 'post_unapproved_replies_own'), 'replies_any' => array('post_reply_any', 'post_unapproved_replies_any'), 'attachment' => array('post_attachment', 'post_unapproved_attachments')); call_integration_hook('integrate_post_moderation_mapping', array(&$mappings)); // Load the groups. require_once SUBSDIR . '/Membergroups.subs.php'; $context['profile_groups'] = prepareMembergroupPermissions(); // What are the permissions we are querying? $all_permissions = array(); foreach ($mappings as $perm_set) { $all_permissions = array_merge($all_permissions, $perm_set); } // If we're saving the changes then do just that - save them. if (!empty($_POST['save_changes']) && ($context['current_profile'] == 1 || $context['current_profile'] > 4)) { validateToken('admin-mppm'); // Start by deleting all the permissions relevant. deleteBoardPermissions($context['profile_groups'], $context['current_profile'], $all_permissions); // Do it group by group. $new_permissions = array(); foreach ($context['profile_groups'] as $id => $group) { foreach ($mappings as $index => $data) { if (isset($_POST[$index][$group['id']])) { if ($_POST[$index][$group['id']] == 'allow') { // Give them both sets for fun. $new_permissions[] = array($context['current_profile'], $group['id'], $data[0], 1); $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1); } elseif ($_POST[$index][$group['id']] == 'moderate') { $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1); } } } } // Insert new permissions. if (!empty($new_permissions)) { insertBoardPermission($new_permissions); } } // Now get all the permissions! $perm = getPermission(array_keys($context['profile_groups']), $context['current_profile'], $all_permissions); foreach ($perm as $id_group => $row) { foreach ($mappings as $key => $data) { foreach ($data as $index => $perm) { // Only bother if it's not denied. if (!empty($row['add']) && in_array($perm, $row['add'])) { // Full allowance? if ($index == 0) { $context['profile_groups'][$id_group][$key] = 'allow'; } elseif ($context['profile_groups'][$id_group][$key] != 'allow') { $context['profile_groups'][$id_group][$key] = 'moderate'; } } } } } createToken('admin-mppm'); }
/** * Standard report about what settings the boards have. * functions ending with "Report" are responsible for generating data * for reporting. * they are all called from action_index. * never access the context directly, but use the data handling * functions to do so. */ public function action_boards() { global $context, $txt, $modSettings; // Load the permission profiles. require_once SUBSDIR . '/ManagePermissions.subs.php'; require_once SUBSDIR . '/Boards.subs.php'; require_once SUBSDIR . '/Membergroups.subs.php'; require_once SUBSDIR . '/Reports.subs.php'; loadLanguage('ManagePermissions'); loadPermissionProfiles(); // Get every moderator. $moderators = allBoardModerators(); $boards_moderated = array(); foreach ($moderators as $id_board => $rows) { foreach ($rows as $row) { $boards_moderated[$id_board][] = $row['real_name']; } } // Get all the possible membergroups! $all_groups = getBasicMembergroupData(array('all'), array(), null, false); $groups = array(-1 => $txt['guest_title'], 0 => $txt['full_member']); foreach ($all_groups as $row) { $groups[$row['id']] = empty($row['online_color']) ? $row['name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['name'] . '</span>'; } // All the fields we'll show. $boardSettings = array('category' => $txt['board_category'], 'parent' => $txt['board_parent'], 'num_topics' => $txt['board_num_topics'], 'num_posts' => $txt['board_num_posts'], 'count_posts' => $txt['board_count_posts'], 'theme' => $txt['board_theme'], 'override_theme' => $txt['board_override_theme'], 'profile' => $txt['board_profile'], 'moderators' => $txt['board_moderators'], 'groups' => $txt['board_groups']); if (!empty($modSettings['deny_boards_access'])) { $boardSettings['disallowed_groups'] = $txt['board_disallowed_groups']; } // Do it in columns, it's just easier. setKeys('cols'); // Go through each board! $boards = reportsBoardsList(); foreach ($boards as $row) { // Each board has it's own table. newTable($row['name'], '', 'left', 'auto', 'left', 200, 'left'); // First off, add in the side key. addData($boardSettings); // Format the profile name. $profile_name = $context['profiles'][$row['id_profile']]['name']; // Create the main data array. $boardData = array('category' => $row['cat_name'], 'parent' => $row['parent_name'], 'num_posts' => $row['num_posts'], 'num_topics' => $row['num_topics'], 'count_posts' => empty($row['count_posts']) ? $txt['yes'] : $txt['no'], 'theme' => $row['theme_name'], 'profile' => $profile_name, 'override_theme' => $row['override_theme'] ? $txt['yes'] : $txt['no'], 'moderators' => empty($boards_moderated[$row['id_board']]) ? $txt['none'] : implode(', ', $boards_moderated[$row['id_board']])); // Work out the membergroups who can and cannot access it (but only if enabled). $allowedGroups = explode(',', $row['member_groups']); foreach ($allowedGroups as $key => $group) { if (isset($groups[$group])) { $allowedGroups[$key] = $groups[$group]; } else { unset($allowedGroups[$key]); } } $boardData['groups'] = implode(', ', $allowedGroups); if (!empty($modSettings['deny_boards_access'])) { $disallowedGroups = explode(',', $row['deny_member_groups']); foreach ($disallowedGroups as $key => $group) { if (isset($groups[$group])) { $disallowedGroups[$key] = $groups[$group]; } else { unset($disallowedGroups[$key]); } } $boardData['disallowed_groups'] = implode(', ', $disallowedGroups); } // Next add the main data. addData($boardData); } }
/** * Modify a specific board... * * What it doews * - screen for editing and repositioning a board. * - called by ?action=admin;area=manageboards;sa=board * - also used to show the confirm deletion of category screen (sub-template confirm_board_delete). * - requires manage_boards permission. * * @uses the modify_board sub-template of the ManageBoards template. * @uses ManagePermissions language */ public function action_board() { global $txt, $context, $cat_tree, $boards, $boardList, $modSettings; loadTemplate('ManageBoards'); require_once SUBSDIR . '/Boards.subs.php'; getBoardTree(); // For editing the profile we'll need this. loadLanguage('ManagePermissions'); require_once SUBSDIR . '/ManagePermissions.subs.php'; loadPermissionProfiles(); // id_board must be a number.... $_REQUEST['boardid'] = isset($_REQUEST['boardid']) ? (int) $_REQUEST['boardid'] : 0; if (!isset($boards[$_REQUEST['boardid']])) { $_REQUEST['boardid'] = 0; $_REQUEST['sa'] = 'newboard'; } if ($_REQUEST['sa'] == 'newboard') { // Category doesn't exist, man... sorry. if (empty($_REQUEST['cat'])) { redirectexit('action=admin;area=manageboards'); } // Some things that need to be setup for a new board. $curBoard = array('member_groups' => array(0, -1), 'deny_groups' => array(), 'category' => (int) $_REQUEST['cat']); $context['board_order'] = array(); $context['board'] = array('is_new' => true, 'id' => 0, 'name' => $txt['mboards_new_board_name'], 'description' => '', 'count_posts' => 1, 'posts' => 0, 'topics' => 0, 'theme' => 0, 'profile' => 1, 'override_theme' => 0, 'redirect' => '', 'category' => (int) $_REQUEST['cat'], 'no_children' => true); } else { // Just some easy shortcuts. $curBoard =& $boards[$_REQUEST['boardid']]; $context['board'] = $boards[$_REQUEST['boardid']]; $context['board']['name'] = htmlspecialchars(strtr($context['board']['name'], array('&' => '&')), ENT_COMPAT, 'UTF-8'); $context['board']['description'] = htmlspecialchars($context['board']['description'], ENT_COMPAT, 'UTF-8'); $context['board']['no_children'] = empty($boards[$_REQUEST['boardid']]['tree']['children']); $context['board']['is_recycle'] = !empty($modSettings['recycle_enable']) && !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $context['board']['id']; } // As we may have come from the permissions screen keep track of where we should go on save. $context['redirect_location'] = isset($_GET['rid']) && $_GET['rid'] == 'permissions' ? 'permissions' : 'boards'; // We might need this to hide links to certain areas. $context['can_manage_permissions'] = allowedTo('manage_permissions'); // Default membergroups. $context['groups'] = array(-1 => array('id' => '-1', 'name' => $txt['parent_guests_only'], 'allow' => in_array('-1', $curBoard['member_groups']), 'deny' => in_array('-1', $curBoard['deny_groups']), 'is_post_group' => false), 0 => array('id' => '0', 'name' => $txt['parent_members_only'], 'allow' => in_array('0', $curBoard['member_groups']), 'deny' => in_array('0', $curBoard['deny_groups']), 'is_post_group' => false)); $context['groups'] += getOtherGroups($curBoard); // Category doesn't exist, man... sorry. if (!isset($boardList[$curBoard['category']])) { redirectexit('action=admin;area=manageboards'); } foreach ($boardList[$curBoard['category']] as $boardid) { if ($boardid == $_REQUEST['boardid']) { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' (' . $txt['mboards_current_position'] . ')', 'children' => $boards[$boardid]['tree']['children'], 'no_children' => empty($boards[$boardid]['tree']['children']), 'is_child' => false, 'selected' => true); } else { $context['board_order'][] = array('id' => $boardid, 'name' => str_repeat('-', $boards[$boardid]['level']) . ' ' . $boards[$boardid]['name'], 'is_child' => empty($_REQUEST['boardid']) ? false : isChildOf($boardid, $_REQUEST['boardid']), 'selected' => false); } } // Are there any places to move sub-boards to in the case where we are confirming a delete? if (!empty($_REQUEST['boardid'])) { $context['can_move_children'] = false; $context['children'] = $boards[$_REQUEST['boardid']]['tree']['children']; foreach ($context['board_order'] as $board) { if ($board['is_child'] == false && $board['selected'] == false) { $context['can_move_children'] = true; } } } // Get other available categories. $context['categories'] = array(); foreach ($cat_tree as $catID => $tree) { $context['categories'][] = array('id' => $catID == $curBoard['category'] ? 0 : $catID, 'name' => $tree['node']['name'], 'selected' => $catID == $curBoard['category']); } $context['board']['moderators'] = getBoardModerators($_REQUEST['boardid']); $context['board']['moderator_list'] = empty($context['board']['moderators']) ? '' : '"' . implode('", "', $context['board']['moderators']) . '"'; if (!empty($context['board']['moderators'])) { list($context['board']['last_moderator_id']) = array_slice(array_keys($context['board']['moderators']), -1); } $context['themes'] = getAllThemes(); if (!isset($_REQUEST['delete'])) { $context['sub_template'] = 'modify_board'; $context['page_title'] = $txt['boardsEdit']; loadJavascriptFile('suggest.js', array('defer' => true)); } else { $context['sub_template'] = 'confirm_board_delete'; $context['page_title'] = $txt['mboards_delete_board']; } // Create a special token. createToken('admin-be-' . $_REQUEST['boardid']); call_integration_hook('integrate_edit_board'); }