/**
Returns true if the user can edit the clan ID specified
@param $clanid is the clanid to check against
@param $plr is either an array of plr info (including clanid) or a numeric plr ID to check against
@param $user (optional) specifies the user object to check against, uses the logged in user if null
*/
function ps_user_can_edit_clan($clanid, $plr = null, $user = null)
{
global $cms, $ps;
if ($user == null) {
$user =& $cms->user;
}
if ($user->is_admin()) {
return true;
}
if (is_array($clanid)) {
$clanid = $clanid['clanid'];
}
if (!is_array($plr)) {
if ($plr == null) {
$plr = ps_user_plrid($user);
}
$plrid = $plr;
$plr = $ps->get_player_profile($plrid);
}
return $user->logged_in() and $plr['userid'] == $user->userid() and $plr['clanid'] == $clanid;
}
// no matching profile; lets create one (all clans should have one, regardless)
$_id = $ps->db->escape($id, true);
$ps->db->insert($ps->t_clan_profile, array('clantag' => $clan['clantag']));
}
if (!$clan) {
$data = array('message' => $cms->trans("Invalid clan ID Specified"));
$cms->full_page_err(basename(__FILE__, '.php'), $data);
exit;
}
} else {
$data = array('message' => $cms->trans("Invalid clan ID Specified"));
$cms->full_page_err(basename(__FILE__, '.php'), $data);
exit;
}
// check privileges to edit this clan
if (!ps_user_can_edit_clan($clan['clanid'], ps_user_plrid())) {
$data = array('message' => $cms->trans("Insufficient privileges to edit clan!"));
$cms->full_page_err(basename(__FILE__, '.php'), $data);
exit;
}
// add or delete a member (ajax request)
if ($add) {
if (!is_array($add)) {
$add = array($add);
}
$cmd = "SELECT plrid FROM {$ps->t_plr} p WHERE plrid IN (%s) AND p.clanid=0";
$ids = array();
$msg = "";
foreach ($add as $plrid) {
if (is_numeric($plrid)) {
$ids[] = $plrid;
