if (isset($_POST['remove_user']) && is_array($_POST['remove_user'])) {
        foreach ($_POST['remove_user'] as $uid) {
            if (perm_user_in_group($uid, $gid)) {
                perm_remove_user_from_group($uid, $gid);
                if (($user_logon = user_get_logon($uid)) && ($group_name = perm_get_group_name($gid))) {
                    admin_add_log_entry(REMOVE_USER_FROM_GROUP, array($user_logon, $group_name));
                }
            }
        }
    }
}
if (!($group = perm_get_group($gid))) {
    html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back")));
}
html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s - Add/Remove Users'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css'));
$group_users_array = perm_group_get_users($gid, $start_main);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}", html_style_image('separator'), "", gettext("Add/Remove Users"), "</h1>\n";
if (isset($_GET['added'])) {
    html_display_success_msg(gettext("Successfully added group. Add users to this group by searching for them below."), '800', 'center');
} else {
    if (sizeof($group_users_array['user_array']) < 1) {
        html_display_warning_msg(gettext("There are no users in this group. Add users to this group by searching for them below."), '800', 'center');
    }
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"f_folders\" action=\"admin_user_groups_edit_users.php\" method=\"post\">\n";
echo "  ", form_csrf_token_field(), "\n";
echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo "  ", form_input_hidden('gid', htmlentities_array($gid)), "\n";
echo "  ", form_input_hidden("main_page", htmlentities_array($main_page)), "\n";
Exemplo n.º 2
0
function perm_group_get_users($gid, $page = 1)
{
    if (!($db = db::get())) {
        return false;
    }
    if (!is_numeric($gid)) {
        return 0;
    }
    if (!is_numeric($page) || $page < 1) {
        $page = 1;
    }
    $offset = calculate_page_offset($page, 20);
    $group_user_array = array();
    $sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, USER.LOGON, USER.NICKNAME ";
    $sql .= "FROM GROUPS INNER JOIN GROUP_USERS ON (GROUP_USERS.GID = GROUPS.GID) ";
    $sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) WHERE GROUPS.GID = '{$gid}' ";
    $sql .= "ORDER BY USER.LOGON LIMIT {$offset}, 20";
    if (!($result = $db->query($sql))) {
        return false;
    }
    $sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
    if (!($result_count = $db->query($sql))) {
        return false;
    }
    list($group_user_count) = $result_count->fetch_row();
    if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) {
        return perm_group_get_users($gid, $page - 1);
    }
    while (($user_data = $result->fetch_assoc()) !== null) {
        $group_user_array[] = $user_data;
    }
    return array('user_count' => $group_user_count, 'user_array' => $group_user_array);
}
            header_redirect("admin_user_groups.php?webtag={$webtag}&edited=true");
            exit;
        }
    }
    $group_permissions = perm_get_group_permissions($gid);
} else {
    if (isset($_POST['addusers'])) {
        $redirect_uri = "admin_user_groups_edit_users.php?webtag={$webtag}&gid={$gid}";
        $redirect_uri .= "&ret=admin_user_groups_edit.php%3Fwebtag%3D{$webtag}%26gid%3D{$gid}";
        $redirect_uri .= "%26ret%3D" . rawurlencode(rawurlencode(rawurlencode($ret)));
        header_redirect($redirect_uri);
        exit;
    }
}
html_draw_top(array('title' => sprintf(gettext('Admin - Manage User Groups - %s'), $group['GROUP_NAME']), 'class' => 'window_title', 'main_css' => 'admin.css'));
$group_users_array = perm_group_get_users($gid, 0);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Manage User Groups"), html_style_image('separator'), "{$group['GROUP_NAME']}</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
    html_display_error_array($error_msg_array, '800', 'center');
} else {
    if (sizeof($group_users_array['user_array']) < 1) {
        html_display_warning_msg(gettext("There are no users in this group. To add users click the 'Add/Remove Users' button below."), '800', 'center');
    }
}
echo "<br />\n";
echo "<div align=\"center\">\n";
echo "<form accept-charset=\"utf-8\" name=\"admin_user_form\" action=\"admin_user_groups_edit.php\" method=\"post\">\n";
echo "  ", form_csrf_token_field(), "\n";
echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
echo "  ", form_input_hidden("gid", htmlentities_array($gid)), "\n";
echo "  ", form_input_hidden('ret', htmlentities_array($ret)), "\n";
Exemplo n.º 4
0
function forum_get_permissions($fid, $offset = 0)
{
    if (!($db_forum_get_permissions = db_connect())) {
        return false;
    }
    if (!is_numeric($fid)) {
        return false;
    }
    if (!is_numeric($offset)) {
        $offset = 0;
    }
    $perms_user_array = array();
    $sql = "SELECT SQL_CALC_FOUND_ROWS USER.UID, USER.LOGON, USER.NICKNAME FROM USER USER ";
    $sql .= "LEFT JOIN USER_FORUM USER_FORUM ON (USER_FORUM.UID = USER.UID) ";
    $sql .= "WHERE USER_FORUM.FID = '{$fid}' AND USER_FORUM.ALLOWED = 1 ";
    $sql .= "LIMIT {$offset}, 20";
    if (!($result = db_query($sql, $db_forum_get_permissions))) {
        return false;
    }
    // Fetch the number of total results
    $sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
    if (!($result_count = db_query($sql, $db_forum_get_permissions))) {
        return false;
    }
    list($perms_user_count) = db_fetch_array($result_count, DB_RESULT_NUM);
    if (db_num_rows($result) > 0) {
        while ($user_data = db_fetch_array($result)) {
            if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) {
                if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) {
                    $user_data['NICKNAME'] = $user_data['PEER_NICKNAME'];
                }
            }
            if (!isset($user_data['LOGON'])) {
                $user_data['LOGON'] = $lang['unknownuser'];
            }
            if (!isset($user_data['NICKNAME'])) {
                $user_data['NICKNAME'] = "";
            }
            $perms_user_array[] = $user_data;
        }
    } else {
        if ($perms_user_count > 0) {
            $offset = floor(($group_user_count - 1) / 10) * 10;
            return perm_group_get_users($gid, $offset);
        }
    }
    return array('user_count' => $perms_user_count, 'user_array' => $perms_user_array);
}
Exemplo n.º 5
0
function perm_group_get_users($gid, $page = 1)
{
    if (!($db = db::get())) {
        return false;
    }
    if (!is_numeric($gid)) {
        return 0;
    }
    if (!is_numeric($page) || $page < 1) {
        $page = 1;
    }
    $offset = calculate_page_offset($page, 20);
    if (!perm_is_group($gid)) {
        return false;
    }
    $group_user_array = array();
    $sql = "SELECT SQL_CALC_FOUND_ROWS GROUP_USERS.UID, ";
    $sql .= "USER.LOGON, USER.NICKNAME FROM GROUP_USERS ";
    $sql .= "INNER JOIN GROUP_PERMS ON (GROUP_PERMS.GID = GROUP_USERS.GID) ";
    $sql .= "INNER JOIN USER ON (USER.UID = GROUP_USERS.UID) ";
    $sql .= "WHERE GROUP_USERS.GID = '{$gid}' GROUP BY GROUP_USERS.UID ";
    $sql .= "LIMIT {$offset}, 20";
    if (!($result = $db->query($sql))) {
        return false;
    }
    $sql = "SELECT FOUND_ROWS() AS ROW_COUNT";
    if (!($result_count = $db->query($sql))) {
        return false;
    }
    list($group_user_count) = $result_count->fetch_row();
    if ($result->num_rows == 0 && $group_user_count > 0 && $page > 1) {
        return perm_group_get_users($gid, $page - 1);
    }
    while ($user_data = $result->fetch_assoc()) {
        if (isset($user_data['LOGON']) && isset($user_data['PEER_NICKNAME'])) {
            if (!is_null($user_data['PEER_NICKNAME']) && strlen($user_data['PEER_NICKNAME']) > 0) {
                $user_data['NICKNAME'] = $user_data['PEER_NICKNAME'];
            }
        }
        if (!isset($user_data['LOGON'])) {
            $user_data['LOGON'] = gettext("Unknown user");
        }
        if (!isset($user_data['NICKNAME'])) {
            $user_data['NICKNAME'] = "";
        }
        $group_user_array[] = $user_data;
    }
    return array('user_count' => $group_user_count, 'user_array' => $group_user_array);
}