while ($user = mysql_fetch_array($r_user)) {
print htmlspecialchars($user['username']) . ' - <a href="useredit.php?action=EditUser&userid=' . $user['userid'] . '&session=' . $session . '">edit</a><br>';
}
}
} elseif ($action == 'create') {
print '<b>Create new group</b><br><br>';
group_form(array(), 'insert');
} elseif ($action == 'insert') {
if (!$name) {
print 'Please enter a group name.';
} else {
$accessmask = 0;
/* create accessmask */
while (list($k, $v) = each($p_desc)) {
if ($permission[$k] == 'yes') {
$accessmask = flag_or($accessmask, $k);
}
}
query("INSERT INTO {$pref}" . "group (name, accessmask, title, titlepriority) VALUES\n ('" . addslashes($name) . "', '" . $accessmask . "', '" . addslashes($title) . "', '" . $titlepriority . "');");
print 'Group has been added!';
}
} elseif ($action == 'delete') {
$r_group = query("SELECT nodelete, name FROM {$pref}" . "group WHERE groupid='" . $groupid . "'");
$group = mysql_fetch_array($r_group);
/* WARNING: do NOT remove this check unless you know what youre doing .. */
if ($groupid == $config['default_groupid'] || $groupid == $config['guest_groupid']) {
print 'Sorry, you cannot delete this group (Are you trying to delete the default or guest group?).';
} else {
print 'You are going to delete "' . $group['name'] . '". Are you sure? (Group members will be removed from group)<br><br><a href="groups.php?session=' . $session . '&action=drop&groupid=' . $groupid . '">Yes</a>';
}
} elseif ($action == 'drop') {
function has_permission($perm)
{
$mask = "";
reset($this->a_group);
reset($this->a_groupboard);
while (list($groupid, $accessmask) = each($this->a_group)) {
if (isset($this->a_groupboard[$this->boardid][$groupid])) {
$mask = flag_or($mask, $this->a_groupboard[$this->boardid][$groupid]);
} else {
$mask = flag_or($mask, $accessmask);
}
}
if (strlen($mask) < $perm) {
return false;
}
$access = flag_make_array($mask);
return (bool) $access[$perm];
}
