if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) { foreach ($_POST['remove_user'] as $uid) { if (perm_user_in_group($uid, $gid)) { perm_remove_user_from_group($uid, $gid); if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) { admin_add_log_entry(REMOVE_USER_FROM_GROUP, array($user_logon, $group_name)); } } } } } if (!($group = perm_get_group($gid))) { html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back"))); } html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s - Add/Remove Users'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css')); $group_users_array = perm_group_get_users($gid, $start_main); echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}", html_style_image('separator'), "", gettext("Add/Remove Users"), "</h1>\n"; if (isset($_GET['added'])) { html_display_success_msg(gettext("Successfully added group. Add users to this group by searching for them below."), '800', 'center'); } else { if (sizeof($group_users_array['user_array']) < 1) { html_display_warning_msg(gettext("There are no users in this group. Add users to this group by searching for them below."), '800', 'center'); } } echo "<br />\n"; echo "<div align=\"center\">\n"; echo "<form accept-charset=\"utf-8\" name=\"f_folders\" action=\"admin_user_groups_edit_users.php\" method=\"post\">\n"; echo " ", form_csrf_token_field(), "\n"; echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " ", form_input_hidden('gid', htmlentities_array($gid)), "\n"; echo " ", form_input_hidden("main_page", htmlentities_array($main_page)), "\n";
function perm_group_get_users($gid, $page = 1) { if (!($db = db::get())) { return false; } if (!is_numeric($gid)) { return 0; } if (!is_numeric($page) || $page < 1) { $page = 1; } $offset = calculate_page_offset($page, 20); $group_user_array = array(); $sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, USER.LOGON, USER.NICKNAME "; $sql .= "FROM GROUPS INNER JOIN GROUP_USERS ON (GROUP_USERS.GID = GROUPS.GID) "; $sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) WHERE GROUPS.GID = '{$gid}' "; $sql .= "ORDER BY USER.LOGON LIMIT {$offset}, 20"; if (!($result = $db->query($sql))) { return false; } $sql = "SELECT FOUND_ROWS() AS ROW_COUNT"; if (!($result_count = $db->query($sql))) { return false; } list($group_user_count) = $result_count->fetch_row(); if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) { return perm_group_get_users($gid, $page - 1); } while (($user_data = $result->fetch_assoc()) !== null) { $group_user_array[] = $user_data; } return array('user_count' => $group_user_count, 'user_array' => $group_user_array); }
header_redirect("admin_user_groups.php?webtag={$webtag}&edited=true"); exit; } } $group_permissions = perm_get_group_permissions($gid); } else { if (isset($_POST['addusers'])) { $redirect_uri = "admin_user_groups_edit_users.php?webtag={$webtag}&gid={$gid}"; $redirect_uri .= "&ret=admin_user_groups_edit.php%3Fwebtag%3D{$webtag}%26gid%3D{$gid}"; $redirect_uri .= "%26ret%3D" . rawurlencode(rawurlencode(rawurlencode($ret))); header_redirect($redirect_uri); exit; } } html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css')); $group_users_array = perm_group_get_users($gid, 0); echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}</h1>\n"; if (isset($error_msg_array) && sizeof($error_msg_array) > 0) { html_display_error_array($error_msg_array, '800', 'center'); } else { if (sizeof($group_users_array['user_array']) < 1) { html_display_warning_msg(gettext("There are no users in this group. To add users click the 'Add/Remove Users' button below."), '800', 'center'); } } echo "<br />\n"; echo "<div align=\"center\">\n"; echo "<form accept-charset=\"utf-8\" name=\"admin_user_form\" action=\"admin_user_groups_edit.php\" method=\"post\">\n"; echo " ", form_csrf_token_field(), "\n"; echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n"; echo " ", form_input_hidden("gid", htmlentities_array($gid)), "\n"; echo " ", form_input_hidden('ret', htmlentities_array($ret)), "\n";
function forum_get_permissions($fid, $offset = 0) { if (!($db_forum_get_permissions = db_connect())) { return false; } if (!is_numeric($fid)) { return false; } if (!is_numeric($offset)) { $offset = 0; } $perms_user_array = array(); $sql = "SELECT SQL_CALC_FOUND_ROWS USER.UID, USER.LOGON, USER.NICKNAME FROM USER USER "; $sql .= "LEFT JOIN USER_FORUM USER_FORUM ON (USER_FORUM.UID = USER.UID) "; $sql .= "WHERE USER_FORUM.FID = '{$fid}' AND USER_FORUM.ALLOWED = 1 "; $sql .= "LIMIT {$offset}, 20"; if (!($result = db_query($sql, $db_forum_get_permissions))) { return false; } // Fetch the number of total results $sql = "SELECT FOUND_ROWS() AS ROW_COUNT"; if (!($result_count = db_query($sql, $db_forum_get_permissions))) { return false; } list($perms_user_count) = db_fetch_array($result_count, DB_RESULT_NUM); if (db_num_rows($result) > 0) { while ($user_data = db_fetch_array($result)) { if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) { if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) { $user_data['NICKNAME'] = $user_data['PEER_NICKNAME']; } } if (!isset($user_data['LOGON'])) { $user_data['LOGON'] = $lang['unknownuser']; } if (!isset($user_data['NICKNAME'])) { $user_data['NICKNAME'] = ""; } $perms_user_array[] = $user_data; } } else { if ($perms_user_count > 0) { $offset = floor(($group_user_count - 1) / 10) * 10; return perm_group_get_users($gid, $offset); } } return array('user_count' => $perms_user_count, 'user_array' => $perms_user_array); }
function perm_group_get_users($gid, $page = 1) { if (!($db = db::get())) { return false; } if (!is_numeric($gid)) { return 0; } if (!is_numeric($page) || $page < 1) { $page = 1; } $offset = calculate_page_offset($page, 20); if (!perm_is_group($gid)) { return false; } $group_user_array = array(); $sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, "; $sql .= "USER.LOGON, USER.NICKNAME FROM GROUP_USERS "; $sql .= "INNER JOIN GROUP_PERMS ON (GROUP_PERMS.GID = GROUP_USERS.GID) "; $sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) "; $sql .= "WHERE GROUP_USERS.GID = '{$gid}' GROUP BY GROUP_USERS.UID "; $sql .= "LIMIT {$offset}, 20"; if (!($result = $db->query($sql))) { return false; } $sql = "SELECT FOUND_ROWS() AS ROW_COUNT"; if (!($result_count = $db->query($sql))) { return false; } list($group_user_count) = $result_count->fetch_row(); if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) { return perm_group_get_users($gid, $page - 1); } while ($user_data = $result->fetch_assoc()) { if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) { if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) { $user_data['NICKNAME'] = $user_data['PEER_NICKNAME']; } } if (!isset($user_data['LOGON'])) { $user_data['LOGON'] = gettext("Unknown user"); } if (!isset($user_data['NICKNAME'])) { $user_data['NICKNAME'] = ""; } $group_user_array[] = $user_data; } return array('user_count' => $group_user_count, 'user_array' => $group_user_array); }