function deletegroup_submit(Pieform $form, $values)
{
global $SESSION, $USER, $groupid;
group_delete($groupid);
$SESSION->add_ok_msg(get_string('deletegroup', 'group'));
redirect('/group/mygroups.php');
}
function admindeletegroup_submit(Pieform $form, $values)
{
global $SESSION, $groupid;
require_once get_config('libroot') . 'group.php';
group_delete($groupid);
$SESSION->add_ok_msg(get_string('deletegroup', 'group'));
redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function deletegroup_submit(Pieform $form, $values)
{
require_once 'embeddedimage.php';
global $SESSION, $USER, $groupid;
group_delete($groupid);
EmbeddedImage::delete_embedded_images('group', $groupid);
$SESSION->add_ok_msg(get_string('deletegroup', 'group'));
redirect('/group/mygroups.php');
}
/**
* Delete one or more groups
*
* @param array $groups
*/
public static function delete_groups($groups)
{
global $USER, $WEBSERVICE_INSTITUTION;
$params = self::validate_parameters(self::delete_groups_parameters(), array('groups' => $groups));
db_begin();
foreach ($params['groups'] as $group) {
// Make sure that the group doesn't already exist
if (!empty($group['id'])) {
if (!($dbgroup = get_record('group', 'id', $group['id'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['id']));
}
} else {
if (!empty($group['name'])) {
if (!($dbgroup = get_record('group', 'name', $group['name'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['name']));
}
} else {
if (!empty($group['shortname'])) {
if (empty($group['institution'])) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('instmustset', 'auth.webservice', $group['shortname']));
}
if (!($dbgroup = get_record('group', 'shortname', $group['shortname'], 'institution', $group['institution'], 'deleted', 0))) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('groupnotexist', 'auth.webservice', $group['shortname'] . '/' . $group['institution']));
}
} else {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('nogroup', 'auth.webservice'));
}
}
}
// are we allowed to delete for this institution
if (!empty($dbgroup->institution)) {
if ($WEBSERVICE_INSTITUTION != $dbgroup->institution) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['name']));
}
if (!$USER->can_edit_institution($dbgroup->institution)) {
throw new WebserviceInvalidParameterException('delete_groups | ' . get_string('accessdeniedforinstgroup', 'auth.webservice', $group['institution'], $group['shortname']));
}
}
// now do the delete
group_delete($dbgroup->id);
}
db_commit();
return null;
}
exit;
}
if (isset($_GET["group-popup"])) {
group_popup();
exit;
}
if (isset($_GET["group-main-settings"])) {
group_settings();
exit;
}
if (isset($_POST["group-main-settings-save"])) {
group_settings_save();
exit;
}
if (isset($_POST["group-delete"])) {
group_delete();
exit;
}
if (isset($_GET["group-ExcludeMimeType"])) {
ExcludeMimeType();
exit;
}
if (isset($_POST["group-ExcludeMimeType-ADD"])) {
ExcludeMimeType_add();
exit;
}
if (isset($_POST["group-ExcludeMimeType-DEL"])) {
ExcludeMimeType_del();
exit;
}
if (isset($_GET["group-ExcludeMimeType-LIST"])) {
* $Id: admgroups.php,v 1.2 2003/12/18 16:42:31 iliaa Exp $
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
***************************************************************************/
require './GLOBALS.php';
fud_egw();
fud_use('adm.inc', true);
fud_use('widgets.inc', true);
fud_use('groups_adm.inc', true);
fud_use('groups.inc');
$edit = isset($_GET['edit']) ? (int) $_GET['edit'] : (isset($_POST['edit']) ? (int) $_POST['edit'] : 0);
if (isset($_GET['del'])) {
group_delete((int) $_GET['del']);
}
$hdr = group_perm_array();
$error_reason = $error = 0;
/* check for errors */
if (isset($_POST['btn_submit'])) {
$gr_inherit_id = (int) $_POST['gr_inherit_id'];
if (isset($_POST['gr_resource'])) {
$gr_resource = is_string($_POST['gr_resource']) ? array($_POST['gr_resource']) : array_unique($_POST['gr_resource']);
} else {
$gr_resource = array();
}
$gr_ramasks = (int) (!empty($_POST['gr_ramasks']));
$perm = $permi = 0;
$res = array();
foreach ($hdr as $k => $v) {
?>
">
<td class="title">
<?php
echo anchor('groups/set/' . $g['g_id'], $g['g_name']);
?>
</td>
<td><?php
echo $g['user_count'];
?>
</td>
<td class="text-right"><?php
echo group_delete($g);
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
<div class="pagination-wrapper">
<?php
$allowthread = param('allowthread', 0);
$allowpost = param('allowpost', 0);
$allowattach = param('allowattach', 0);
$allowdown = param('allowdown', 0);
$allowagree = param('allowagree', 0);
$allowtop = param('allowtop', 0);
$allowupdate = param('allowupdate', 0);
$allowdelete = param('allowdelete', 0);
$allowmove = param('allowmove', 0);
$allowbanuser = param('allowbanuser', 0);
$allowdeleteuser = param('allowdeleteuser', 0);
$allowviewip = param('allowviewip', 0);
$allowcustomurl = param('allowcustomurl', 0);
$arr2 = array('allowread' => $allowread, 'allowthread' => $allowthread, 'allowpost' => $allowpost, 'allowattach' => $allowattach, 'allowdown' => $allowdown, 'allowagree' => $allowagree, 'allowtop' => $allowtop, 'allowupdate' => $allowupdate, 'allowdelete' => $allowdelete, 'allowmove' => $allowmove, 'allowbanuser' => $allowbanuser, 'allowdeleteuser' => $allowdeleteuser, 'allowviewip' => $allowviewip, 'allowcustomurl' => $allowcustomurl);
$arr += $arr2;
}
// 更新
$r = group_update($gid, $arr);
$r !== FALSE ? message(0, '更新成功') : message(-1, '更新失败');
}
} elseif ($action == 'delete') {
if ($method != 'POST') {
message(-1, 'Method Error.');
}
$gid = param(2, 0);
$group = group_read($gid);
empty($group) and message(1, '用户组不存在');
$gid <= 101 and message(-1, '该用户组不允许删除!');
$r = group_delete($gid);
$r !== FALSE ? message(0, '删除成功') : message(1, '删除失败');
}
/**
* clean out all the test data
*/
protected function tearDown()
{
// fix the connection - this gets lost because of the tests
configure_dbconnection();
// clean down the institution
$this->clean_institution();
// delete test token
if ($this->testtoken) {
delete_records('external_tokens', 'token', $this->testtoken);
}
// remove the web service descriptions
$dbservice = get_record('external_services', 'name', $this->servicename);
if ($dbservice) {
$dbregistry = get_record('oauth_server_registry', 'externalserviceid', $dbservice->id);
if ($dbregistry) {
delete_records('oauth_server_token', 'osr_id_ref', $dbregistry->id);
}
delete_records('oauth_server_registry', 'externalserviceid', $dbservice->id);
delete_records('external_services_users', 'externalserviceid', $dbservice->id);
delete_records('external_tokens', 'externalserviceid', $dbservice->id);
delete_records('external_services_functions', 'externalserviceid', $dbservice->id);
delete_records('external_services', 'id', $dbservice->id);
}
// remove the test user
$dbuser = get_record('usr', 'username', $this->testuser);
if ($dbuser) {
$this->created_users[] = $dbuser->id;
}
// remove all left over users
if ($this->created_users) {
foreach ($this->created_users as $userid) {
delete_user($userid);
}
}
// remove left over groups
$dbgroup = get_record('group', 'shortname', 'mytestgroup1', 'institution', 'mahara');
if ($dbgroup) {
$this->created_groups[] = $dbgroup->id;
}
if ($this->created_groups) {
foreach ($this->created_groups as $groupid) {
group_delete($groupid);
}
}
}
function display_options()
{
global $config, $db, $plugin, $template, $umil, $user;
$continue = (isset($_POST['continue'])) ? true : false;
$step = request_var('step', 0);
$selected = request_var('items', array('' => ''));
// Apply Changes to the DB?
$apply_changes = true;
if ($step > 0)
{
// Kick them if bad form key
check_form_key('database_cleaner', false, append_sid(STK_INDEX, 't=database_cleaner'), true);
}
// include the required file for this version
$version_file = preg_replace('#([^0-9]+)#', '_', $config['version']) . '.' . PHP_EXT;
if (!file_exists(STK_ROOT_PATH . 'includes/database_cleaner/' . $version_file))
{
trigger_error('PHPBB_VERSION_NOT_SUPPORTED');
}
include(STK_ROOT_PATH . 'includes/database_cleaner/functions.' . PHP_EXT);
include(STK_ROOT_PATH . 'includes/database_cleaner/' . $version_file);
$cleaner = new database_cleaner_data();
$user->add_lang('acp/common');
switch ($step)
{
case 0 :
// Display a quick intro here and make sure they know what they are doing...
$template->assign_vars(array(
'S_NO_INSTRUCTIONS' => true,
'SUCCESS_TITLE' => $user->lang['DATABASE_CLEANER'],
'SUCCESS_MESSAGE' => $user->lang['DATABASE_CLEANER_WELCOME'],
'ERROR_TITLE' => ' ',
'ERROR_MESSAGE' => $user->lang['DATABASE_CLEANER_WARNING'],
));
break;
case 1 :
// Redirect if they selected quit
if (isset($_POST['quit']))
{
redirect(append_sid(STK_ROOT_PATH . 'index.' . PHP_EXT));
}
// Start by disabling the board
if ($apply_changes)
{
set_config('board_disable', 1);
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['BOARD_DISABLE_SUCCESS']);
// Find any extra tables and list them as options to remove
if (!function_exists('get_tables'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT);
}
$existing_tables = get_tables($db);
$tables = array_unique(array_merge(array_keys($cleaner->tables), $existing_tables));
sort($tables);
$template->assign_block_vars('section', array(
'NAME' => $user->lang['DATABASE_TABLES'],
'TITLE' => $user->lang['DATABASE_TABLES'],
));
foreach ($tables as $table)
{
if ((isset($cleaner->tables[$table]) && !in_array($table, $existing_tables)) || (!isset($cleaner->tables[$table]) && in_array($table, $existing_tables)))
{
$template->assign_block_vars('section.items', array(
'NAME' => $table,
'FIELD_NAME' => $table,
'MISSING' => (isset($cleaner->tables[$table])) ? true : false,
));
}
}
break;
case 2:
// Remove the extra selected tables, and add the missing removed tables
$error = array();
if ($apply_changes)
{
if (!function_exists('get_tables'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_install.' . PHP_EXT);
}
$existing_tables = get_tables($db);
$tables = array_unique(array_merge(array_keys($cleaner->tables), $existing_tables));
foreach ($tables as $table)
{
if (isset($selected[$table]))
{
if (isset($cleaner->tables[$table]) && !in_array($table, $existing_tables))
{
$result = $umil->table_add($table, $cleaner->tables[$table]);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
else if (!isset($cleaner->tables[$table]) && in_array($table, $existing_tables))
{
$result = $umil->table_remove($table);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
}
}
}
if (!empty($error))
{
$template->assign_var('ERROR_MESSAGE', implode('<br />', $error));
}
else
{
$template->assign_var('SUCCESS_MESSAGE', $user->lang['DATABASE_TABLES_SUCCESS']);
}
// Time to start going through the database and listing any extra/missing fields
$last_output_table = '';
foreach ($cleaner->tables as $table_name => $data)
{
// We shouldn't mess with profile fields here. Users probably will not know what this table does or what would happen if they remove fields added to it.
if ($table_name == PROFILE_FIELDS_DATA_TABLE)
{
continue;
}
$existing_columns = $this->get_columns($table_name);
if ($existing_columns === false)
{
// Table doesn't exist, don't handle here.
continue;
}
$columns = array_unique(array_merge(array_keys($data['COLUMNS']), $existing_columns));
sort($columns);
foreach ($columns as $column)
{
if ((!isset($data['COLUMNS'][$column]) && in_array($column, $existing_columns)) || (isset($data['COLUMNS'][$column]) && !in_array($column, $existing_columns)))
{
// Output the table block if it's not been done yet
if ($last_output_table != $table_name)
{
$last_output_table = $table_name;
$template->assign_block_vars('section', array(
'NAME' => $table_name,
'TITLE' => $user->lang['ROWS'],
));
}
$template->assign_block_vars('section.items', array(
'NAME' => $column,
'FIELD_NAME' => $table_name . '_' . $column,
'MISSING' => (!in_array($column, $existing_columns)) ? true : false,
));
}
}
}
break;
case 3:
// Update the tables according to what they selected last time
$error = array();
if ($apply_changes)
{
foreach ($cleaner->tables as $table_name => $data)
{
if ($table_name == PROFILE_FIELDS_DATA_TABLE)
{
continue;
}
$existing_columns = $this->get_columns($table_name);
if ($existing_columns === false)
{
// Table doesn't exist, don't handle here.
continue;
}
$columns = array_unique(array_merge(array_keys($data['COLUMNS']), $existing_columns));
foreach ($columns as $column)
{
if (isset($selected[$table_name . '_' . $column]))
{
if (!isset($data['COLUMNS'][$column]) && in_array($column, $existing_columns))
{
$result = $umil->table_column_remove($table_name, $column);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
else if (isset($data['COLUMNS'][$column]) && !in_array($column, $existing_columns))
{
// This can return an error under some circumstances, like when trying to add an auto-increment field (hope to hell nobody drops one of those)
$result = $umil->table_column_add($table_name, $column, $data['COLUMNS'][$column]);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
// We can re-add *some* keys
if (isset($data['KEYS']))
{
if (in_array($column, $data['KEYS']))
{
if ($data['KEYS'][$column][0] == 'INDEX' && $data['KEYS'][$column][1] == $column)
{
$result = $umil->table_index_add($table_name, $column, $column);
if (stripos($result, 'SQL ERROR'))
{
$error[] = $result;
}
}
}
}
}
}
}
}
}
if (!empty($error))
{
$template->assign_var('ERROR_MESSAGE', implode('<br />', $error));
}
else
{
$template->assign_var('SUCCESS_MESSAGE', $user->lang['DATABASE_COLUMNS_SUCCESS']);
}
// display extra config variables and let them check/uncheck the ones they want to add/remove
$template->assign_block_vars('section', array(
'NAME' => $user->lang['CONFIG_SETTINGS'],
'TITLE' => $user->lang['ROWS'],
));
$config_rows = $existing_config = array();
get_config_rows($cleaner, $config_rows, $existing_config);
foreach ($config_rows as $name)
{
// Skip ones that are in the default install and are in the existing config
if (isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_config)) ? true : false,
));
}
break;
case 4 :
// Add/remove the extra config variables they selected.
if ($apply_changes)
{
$config_rows = $existing_config = array();
get_config_rows($cleaner, $config_rows, $existing_config);
foreach ($config_rows as $name)
{
if (isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->config[$name]) && !in_array($name, $existing_config))
{
// Add it with the default settings we've got...
set_config($name, $cleaner->config[$name]['config_value'], $cleaner->config[$name]['is_dynamic']);
}
else if (!isset($cleaner->config[$name]) && in_array($name, $existing_config))
{
// Remove it
$db->sql_query('DELETE FROM ' . CONFIG_TABLE . " WHERE config_name = '" . $db->sql_escape($name) . "'");
}
}
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['CONFIG_UPDATE_SUCCESS']);
// Display the extra permission fields and again let them select ones to add/remove
$template->assign_block_vars('section', array(
'NAME' => $user->lang['PERMISSION_SETTINGS'],
'TITLE' => $user->lang['ROWS'],
));
$permission_rows = $existing_permissions = array();
get_permission_rows($cleaner, $permission_rows, $existing_permissions);
foreach ($permission_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_permissions)) ? true : false,
));
}
break;
case 5 :
// Add/remove the permission fields they selected
if ($apply_changes)
{
$permission_rows = $existing_permissions = array();
get_permission_rows($cleaner, $permission_rows, $existing_permissions);
foreach ($permission_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->permissions[$name]) && !in_array($name, $existing_permissions))
{
// Add it with the default settings we've got...
$umil->permission_add($name, (($cleaner->permissions[$name]['is_global']) ? true : false));
}
else if (!isset($cleaner->permissions[$name]) && in_array($name, $existing_permissions))
{
// Remove it
$umil->permission_remove($name, true);
$umil->permission_remove($name, false);
}
}
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['PERMISSION_UPDATE_SUCCESS']);
// Display the system groups that are missing or aren't from a vanilla installation
$template->assign_block_vars('section', array(
'NAME' => $user->lang['ACP_GROUPS_MANAGEMENT'],
'TITLE' => $user->lang['ROWS'],
));
$group_rows = $existing_groups = array();
get_group_rows($cleaner, $group_rows, $existing_groups);
foreach ($group_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
continue;
}
$template->assign_block_vars('section.items', array(
'NAME' => $name,
'FIELD_NAME' => $name,
'MISSING' => (!in_array($name, $existing_groups)) ? true : false,
));
}
break;
case 6:
// Add/remove selected system groups
if ($apply_changes)
{
$group_rows = $existing_groups = array();
get_group_rows($cleaner, $group_rows, $existing_groups);
foreach ($group_rows as $name)
{
// Skip ones that are in the default install and are in the existing permissions
if (isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
continue;
}
if (isset($selected[$name]))
{
if (isset($cleaner->groups[$name]) && !in_array($name, $existing_groups))
{
// Add it with the default settings we've got...
$group_id = false;
group_create($group_id, $cleaner->groups[$name]['group_type'], $name, $cleaner->groups[$name]['group_desc'], array('group_colour' => $cleaner->groups[$name]['group_colour'], 'group_legend' => $cleaner->groups[$name]['group_legend'], 'group_avatar' => $cleaner->groups[$name]['group_avatar'], 'group_max_recipients' => $cleaner->groups[$name]['group_max_recipients']));
}
else if (!isset($cleaner->groups[$name]) && in_array($name, $existing_groups))
{
// Remove it
$db->sql_query('SELECT group_id FROM ' . GROUPS_TABLE . ' WHERE group_name = \'' . $name . '\'');
$group_id = $db->sql_fetchfield('group_id');
group_delete($group_id, $name);
}
}
}
}
// Ask if they would like to reset the modules (handled in the template)
$template->assign_vars(array(
'S_MODULE_OPTIONS' => true,
'S_NO_INSTRUCTIONS' => true,
));
break;
case 7 :
// Reset the modules if they wanted to
if (isset($_POST['yes']) && $apply_changes)
{
// Remove existing modules
$db->sql_query('DELETE FROM ' . MODULES_TABLE);
// Add the modules
$db->sql_multi_insert(MODULES_TABLE, $cleaner->modules);
$template->assign_var('SUCCESS_MESSAGE', $user->lang['RESET_MODULE_SUCCESS']);
}
// Ask if they would like to reset the bots (handled in the template)
$template->assign_vars(array(
'S_BOT_OPTIONS' => true,
'S_NO_INSTRUCTIONS' => true,
));
break;
case 8 :
// Reset the bots if they wanted to
if (isset($_POST['yes']) && $apply_changes)
{
$sql = 'SELECT group_id, group_colour
FROM ' . GROUPS_TABLE . "
WHERE group_name = 'BOTS'";
$result = $db->sql_query($sql);
$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
$group_colour = $db->sql_fetchfield('group_colour', 0, $result);
$db->sql_freeresult($result);
if (!$group_id)
{
// If we reach this point then something has gone very wrong
$template->assign_var('ERROR_MESSAGE', $user->lang['NO_BOT_GROUP']);
}
else
{
if (!function_exists('user_add'))
{
include(PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT);
}
// Remove existing bots
$uids = array();
$sql = 'SELECT user_id FROM ' . BOTS_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$uids[] = $row['user_id'];
}
$db->sql_freeresult($result);
if (!empty($uids))
{
$db->sql_query('DELETE FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $uids));
$db->sql_query('DELETE FROM ' . BOTS_TABLE);
}
// Add the bots
foreach ($this->bot_list as $bot_name => $bot_ary)
{
$user_row = array(
'user_type' => USER_IGNORE,
'group_id' => $group_id,
'username' => $bot_name,
'user_regdate' => time(),
'user_password' => '',
'user_colour' => $group_colour,
'user_email' => '',
'user_lang' => $config['default_lang'],
'user_style' => 1,
'user_timezone' => 0,
'user_dateformat' => $config['default_dateformat'],
'user_allow_massemail' => 0,
);
$user_id = user_add($user_row);
if ($user_id)
{
$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'bot_active' => 1,
'bot_name' => (string) $bot_name,
'user_id' => (int) $user_id,
'bot_agent' => (string) $bot_ary[0],
'bot_ip' => (string) $bot_ary[1],
));
$result = $db->sql_query($sql);
}
}
$template->assign_var('SUCCESS_MESSAGE', $user->lang['RESET_BOT_SUCCESS']);
}
}
// Misc things will be done next
$template->assign_vars(array(
'SUCCESS_MESSAGE' => $user->lang['FINAL_STEP'],
'S_NO_INSTRUCTIONS' => true,
));
break;
case 9 :
if ($apply_changes)
{
set_config('board_disable', 0);
$umil->cache_purge();
$umil->cache_purge('auth');
}
// Finished?
trigger_error('DATABASE_CLEANER_SUCCESS');
break;
}
page_header($user->lang['DATABASE_CLEANER'], false);
$template->assign_vars(array(
'STEP' => $step,
'U_NEXT_STEP' => append_sid(STK_INDEX, 't=database_cleaner&step=' . ($step + 1)),
));
$template->set_filenames(array(
'body' => 'tools/database_cleaner.html',
));
page_footer();
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
$form_key = 'acp_groups';
add_form_key($form_key);
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : request_var('action', ''));
$group_id = request_var('g', 0);
$mark_ary = request_var('mark', array(0));
$name_ary = request_var('usernames', '', true);
$leader = request_var('leader', 0);
$default = request_var('default', 0);
$start = request_var('start', 0);
$update = isset($_POST['update']) ? true : false;
// Clear some vars
$can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false;
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . "\n\t\t\t\tWHERE group_id = {$group_id}";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Approve, demote or promote
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error) {
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (confirm_box(true)) {
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
}
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
case 'delete':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($action === 'delete' && $group_row['group_type'] == GROUP_SPECIAL) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
$error = group_user_del($group_id, $mark_ary, false, $group_name);
break;
}
$back_link = $action == 'delete' ? $this->u_action : $this->u_action . '&action=list&g=' . $group_id;
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($back_link), E_USER_WARNING);
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($back_link));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$name_ary = array_unique(explode("\n", $name_ary));
$group_name = $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$message = $leader ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
break;
case 'edit':
case 'add':
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
$data = $submit_ary = array();
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = array();
$user->add_lang('ucp');
$avatar_select = basename(request_var('avatar_select', ''));
$category = basename(request_var('category', ''));
// Did we submit?
if ($update) {
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
$allow_desc_urls = request_var('desc_parse_urls', false);
$allow_desc_smilies = request_var('desc_parse_smilies', false);
$data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', '');
$data['width'] = request_var('width', '');
$data['height'] = request_var('height', '');
$delete = request_var('delete', '');
$submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0), 'max_recipients' => request_var('group_max_recipients', 0), 'founder_manage' => 0, 'skip_auth' => request_var('group_skip_auth', 0));
if ($user->data['user_type'] == USER_FOUNDER) {
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) {
// Avatar stuff
$var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3));
if (!($error = validate_data($data, $var_ary))) {
$data['user_id'] = "g{$group_id}";
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} else {
if ($data['remotelink']) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
}
}
}
} else {
if ($avatar_select && $config['allow_avatar_local']) {
// check avatar gallery
if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) {
$submit_ary['avatar_type'] = AVATAR_GALLERY;
list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
$submit_ary['avatar'] = $category . '/' . $avatar_select;
}
} else {
if ($delete) {
$submit_ary['avatar'] = '';
$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
} else {
if ($data['width'] && $data['height']) {
// Only update the dimensions?
if ($config['avatar_max_width'] || $config['avatar_max_height']) {
if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
if (!sizeof($error)) {
if ($config['avatar_min_width'] || $config['avatar_min_height']) {
if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height']) {
$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
}
}
}
if (!sizeof($error)) {
$submit_ary['avatar_width'] = $data['width'];
$submit_ary['avatar_height'] = $data['height'];
}
}
}
}
}
if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && !isset($group_row['group_avatar']) || $delete) {
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
avatar_delete('group', $group_row, true);
}
}
// Validate the length of "Maximum number of allowed recipients per private message" setting.
// We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value
// which is the lowest amongst DBMSes supported by phpBB3
if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215)))) {
// Replace "error" string with its real, localised form
$error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'int', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int', 'founder_manage' => 'int', 'skip_auth' => 'int');
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = request_var('group_perm_from', 0);
// Copy permissions?
// If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transferred.
// We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions.
// Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise.
if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) {
$sql = 'SELECT group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$check_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Check the group if non-founder
if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_founder_manage'] == 0)) {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
$auth->acl_clear_prefetch();
}
}
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
$avatar_img = !empty($group_row['group_avatar']) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
$display_gallery = isset($_POST['display_gallery']) ? true : false;
if ($config['allow_avatar_local'] && $display_gallery) {
avatar_gallery($category, $avatar_select, 4);
}
$back_link = request_var('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . request_var('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_GROUP_PERM' => $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth') ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'S_USER_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_FOUNDER_MANAGE' => isset($group_row['group_founder_manage']) && $group_row['group_founder_manage'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_SKIP_AUTH' => !empty($group_row['group_skip_auth']) ? ' checked="checked"' : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(false, false, $user->data['user_type'] == USER_FOUNDER ? false : 0), 'AVATAR' => $avatar_img, 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour'), 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024))));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$this->page_title = 'GROUP_MEMBERS';
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_colour, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start, true), 'GROUP_NAME' => $group_row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'], 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames'), 'U_DEFAULT_ALL' => "{$this->u_action}&action=default&g={$group_id}"));
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
// Get us all the groups
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$lookup = $cached_group_data = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
// used to determine what type a group is
$lookup[$row['group_id']] = $type;
// used for easy access to the data within a group
$cached_group_data[$type][$row['group_id']] = $row;
$cached_group_data[$type][$row['group_id']]['total_members'] = 0;
}
$db->sql_freeresult($result);
// How many people are in which group?
$sql = 'SELECT COUNT(ug.user_id) AS total_members, ug.group_id
FROM ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($lookup)) . '
GROUP BY ug.group_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$type = $lookup[$row['group_id']];
$cached_group_data[$type][$row['group_id']]['total_members'] = $row['total_members'];
}
$db->sql_freeresult($result);
// The order is... normal, then special
ksort($cached_group_data);
foreach ($cached_group_data as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $group_id => $row) {
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
/**
* Superclass tearDown method takes care to delete all data that has been created with any of the create_test_ methods.
*
* <b>always</b> call this, even if you override it.
*/
protected function tearDown()
{
foreach ($this->testusers as $userid) {
delete_user($userid);
}
foreach ($this->testgroups as $group) {
group_delete($group);
}
foreach ($this->testinstitutions as $institution) {
delete_records('institution', 'name', $institution);
}
}
function mahara_group_update_group_members($client)
{
//Set test data
$dbuser1 = $this->create_user1_for_update();
$dbuser2 = $this->create_user2_for_update();
//Test data
//a full group: group1
$group1 = new stdClass();
$group1->name = 'The test group 1 - create';
$group1->shortname = 'testgroupshortname1';
$group1->description = 'a description for test group 1';
$group1->institution = 'mahara';
$group1->grouptype = 'standard';
$group1->open = 1;
$group1->request = 0;
$group1->controlled = 0;
$group1->submitpages = 0;
$group1->public = 0;
$group1->usersautoadded = 0;
$group1->members = array($dbuser1->id => 'admin', $dbuser2->id => 'admin');
//a small group: group2
$group2 = new stdClass();
$group2->shortname = 'testgroupshortname2';
$group2->name = 'The test group 2 - create';
$group2->description = 'a description for test group 2';
$group2->institution = 'mahara';
$group2->grouptype = 'standard';
$group2->open = 1;
$group2->request = 0;
$group2->controlled = 0;
$group2->submitpages = 0;
$group2->public = 0;
$group2->usersautoadded = 0;
$group2->members = array($dbuser1->id => 'admin');
//do not run the test if group1 or group2 already exists
foreach (array($group1->shortname, $group2->shortname) as $shortname) {
$existinggroup = get_record('group', 'shortname', $shortname, 'institution', 'mahara');
if (!empty($existinggroup)) {
group_delete($existinggroup->id);
}
}
// setup test groups
$groupid1 = group_create((array) $group1);
$groupid2 = group_create((array) $group2);
$this->created_groups[] = $groupid1;
$this->created_groups[] = $groupid2;
$dbgroup1 = get_record('group', 'shortname', $group1->shortname, 'institution', 'mahara');
$dbgroup2 = get_record('group', 'shortname', $group2->shortname, 'institution', 'mahara');
//update the test data
$group1 = new stdClass();
$group1->id = $dbgroup1->id;
$group1->shortname = 'testgroupshortname1';
$group1->institution = 'mahara';
$group1->members = array(array('id' => $dbuser1->id, 'action' => 'remove'));
//a small group: group2
$group2 = new stdClass();
$group2->shortname = 'testgroupshortname2';
$group2->institution = 'mahara';
$group2->members = array(array('username' => $dbuser2->username, 'role' => 'admin', 'action' => 'add'));
$groups = array($group1, $group2);
//update the users by web service
$function = 'mahara_group_update_group_members';
$params = array('groups' => $groups);
$client->call($function, $params);
$dbgroup1 = get_record('group', 'id', $groupid1);
$dbgroupmembers1 = get_records_array('group_member', 'group', $dbgroup1->id);
$dbgroup2 = get_record('group', 'id', $groupid2);
$dbgroupmembers2 = get_records_array('group_member', 'group', $dbgroup2->id);
//compare DB group with the test data
// current user added as admin
$this->assertEquals(count($dbgroupmembers1), 1);
// current user added as admin
$this->assertEquals(count($dbgroupmembers2), 2);
}
}
global $DOCUMENT_ROOT, $action, $id;
include $DOCUMENT_ROOT . '/admin/inc/menu.php';
include '../menu.php';
$manage_menu->SetActive('usergroup');
$usergroup_menu->SetActive('group');
if ($action == 'create') {
group_received_create();
}
/* Printing da page */
print $manage_menu->InnerHTML();
print $usergroup_menu->InnerHTML();
print '${information}';
/* Print the create form */
if ($action == 'edit') {
include 'edit.php';
} else {
if ($action == 'save') {
group_update($id);
} else {
if ($action == 'delete') {
group_delete($id);
}
}
$list = group_list();
if (count($list) > 0) {
include 'list.php';
}
/* Print the create form */
include 'create_form.php';
}
/**
* Correct the system groups
*/
function groups(&$error, $selected)
{
global $db;
$data = $group_rows = $existing_groups = array();
get_group_rows($data, $group_rows, $existing_groups);
foreach ($group_rows as $name) {
// Skip ones that are in the default install and are in the existing permissions
if (isset($this->db_cleaner->data->groups[$name]) && in_array($name, $existing_groups)) {
continue;
}
if (isset($selected[$name])) {
if (isset($this->db_cleaner->data->groups[$name]) && !in_array($name, $existing_groups)) {
// Add it with the default settings we've got...
$group_id = false;
group_create($group_id, $this->db_cleaner->data->groups[$name]['group_type'], $name, $this->db_cleaner->data->groups[$name]['group_desc'], array('group_colour' => $this->db_cleaner->data->groups[$name]['group_colour'], 'group_legend' => $this->db_cleaner->data->groups[$name]['group_legend'], 'group_avatar' => $this->db_cleaner->data->groups[$name]['group_avatar'], 'group_max_recipients' => $this->db_cleaner->data->groups[$name]['group_max_recipients']));
} else {
if (!isset($this->db_cleaner->data->groups[$name]) && in_array($name, $existing_groups)) {
if (!function_exists('group_delete')) {
include PHPBB_ROOT_PATH . 'includes/functions_user.' . PHP_EXT;
}
// Remove it
$db->sql_query('SELECT group_id FROM ' . GROUPS_TABLE . ' WHERE group_name = \'' . $db->sql_escape($name) . '\'');
$group_id = $db->sql_fetchfield('group_id');
group_delete($group_id, $name);
}
}
}
}
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : request_var('action', ''));
$group_id = request_var('g', 0);
$mark_ary = request_var('mark', array(0));
$name_ary = request_var('usernames', '');
$leader = request_var('leader', 0);
$default = request_var('default', 0);
$start = request_var('start', 0);
$update = isset($_POST['update']) ? true : false;
// Clear some vars
$can_upload = file_exists($phpbb_root_path . $config['avatar_path']) && is_writeable($phpbb_root_path . $config['avatar_path']) && $file_uploads ? true : false;
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT *
FROM ' . GROUPS_TABLE . " \n\t\t\t\tWHERE group_id = {$group_id}";
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
// Approve, demote or promote
group_user_attributes($action, $group_id, $mark_ary, false, $group_id ? $group_row['group_name'] : false);
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if (confirm_box(true)) {
if (!sizeof($mark_ary)) {
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
} else {
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
}
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
case 'delete':
if (confirm_box(true)) {
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action));
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
break;
}
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action));
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action));
}
$name_ary = array_unique(explode("\n", $name_ary));
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_row['group_name'], $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action));
}
$message = $action == 'addleaders' ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
break;
case 'edit':
case 'add':
$data = $submit_ary = array();
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action));
}
$error = array();
$user->add_lang('ucp');
$avatar_select = basename(request_var('avatar_select', ''));
$category = basename(request_var('category', ''));
// Did we submit?
if ($update) {
$group_name = request_var('group_name', '', true);
$group_desc = request_var('group_desc', '', true);
$group_type = request_var('group_type', GROUP_FREE);
$allow_desc_bbcode = request_var('desc_parse_bbcode', false);
$allow_desc_urls = request_var('desc_parse_urls', false);
$allow_desc_smilies = request_var('desc_parse_smilies', false);
$data['uploadurl'] = request_var('uploadurl', '');
$data['remotelink'] = request_var('remotelink', '');
$delete = request_var('delete', '');
$submit_ary = array('colour' => request_var('group_colour', ''), 'rank' => request_var('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'message_limit' => request_var('group_message_limit', 0));
if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink']) {
$data['width'] = request_var('width', '');
$data['height'] = request_var('height', '');
// Avatar stuff
$var_ary = array('uploadurl' => array('string', true, 5, 255), 'remotelink' => array('string', true, 5, 255), 'width' => array('string', true, 1, 3), 'height' => array('string', true, 1, 3));
if (!($error = validate_data($data, $var_ary))) {
$data['user_id'] = "g{$group_id}";
if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
} else {
if ($data['remotelink']) {
list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
}
}
}
} else {
if ($avatar_select && $config['allow_avatar_local']) {
// check avatar gallery
if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category)) {
$submit_ary['avatar_type'] = AVATAR_GALLERY;
list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
$submit_ary['avatar'] = $category . '/' . $avatar_select;
}
} else {
if ($delete) {
$submit_ary['avatar'] = '';
$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
}
}
}
if (isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']) || $group_row['group_avatar'] != $submit_ary['avatar']) || $delete) {
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
avatar_delete($group_row['group_avatar']);
}
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
$group_attributes = array();
$test_variables = array('rank', 'colour', 'avatar', 'avatar_type', 'avatar_width', 'avatar_height', 'receive_pm', 'legend', 'message_limit');
foreach ($test_variables as $test) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test])) {
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = request_var('group_perm_from', 0);
// Copy permissions?
if ($group_perm_from && $action == 'add') {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
if (sizeof($groups_sql_ary)) {
switch (SQL_LAYER) {
case 'mysql':
case 'mysql4':
case 'mysqli':
$db->sql_query('INSERT INTO ' . ACL_GROUPS_TABLE . ' ' . $db->sql_build_array('MULTI_INSERT', $groups_sql_ary));
break;
default:
foreach ($groups_sql_ary as $ary) {
$db->sql_query('INSERT INTO ' . ACL_GROUPS_TABLE . ' ' . $db->sql_build_array('INSERT', $ary));
}
break;
}
}
$auth->acl_clear_prefetch();
}
$cache->destroy('sql', GROUPS_TABLE);
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = request_var('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
if (isset($group_row['group_avatar']) && $group_row['group_avatar']) {
switch ($group_row['group_avatar_type']) {
case AVATAR_UPLOAD:
$avatar_img = $phpbb_root_path . $config['avatar_path'] . '/';
break;
case AVATAR_GALLERY:
$avatar_img = $phpbb_root_path . $config['avatar_gallery_path'] . '/';
break;
}
$avatar_img .= $group_row['group_avatar'];
$avatar_img = '<img src="' . $avatar_img . '" width="' . $group_row['group_avatar_width'] . '" height="' . $group_row['group_avatar_height'] . '" alt="" />';
} else {
$avatar_img = '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
}
$display_gallery = isset($_POST['display_gallery']) ? true : false;
if ($config['allow_avatar_local'] && $display_gallery) {
avatar_gallery($category, $avatar_select, 4);
}
$back_link = request_var('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . request_var('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_CAN_UPLOAD' => $can_upload, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_DISPLAY_GALLERY' => $config['allow_avatar_local'] && !$display_gallery ? true : false, 'S_IN_GALLERY' => $config['allow_avatar_local'] && $display_gallery ? true : false, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_type == GROUP_SPECIAL ? $user->lang['G_' . $group_name] : $group_name, 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(0), 'AVATAR_IMAGE' => $avatar_img, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'GROUP_AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'GROUP_AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour'), 'UA_SWATCH' => append_sid("{$phpbb_admin_path}swatch.{$phpEx}", 'form=settings&name=group_colour', false), 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024))));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action));
}
$this->page_title = 'GROUP_MEMBERS';
// Total number of group leaders
$sql = 'SELECT COUNT(user_id) AS total_leaders
FROM ' . USER_GROUP_TABLE . " \n\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\tAND group_leader = 1";
$result = $db->sql_query($sql);
$total_leaders = (int) $db->sql_fetchfield('total_leaders');
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . " \n\t\t\t\t\tWHERE group_id = {$group_id} \n\t\t\t\t\t\tAND group_leader <> 1";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug \n\t\t\t\t\tWHERE ug.group_id = {$group_id} \n\t\t\t\t\t\tAND u.user_id = ug.user_id \n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$leader = $member = 0;
$group_data = array('leader' => array(), 'member' => array());
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_leader'] ? 'leader' : 'member';
$group_data[$type][${$type}]['user_id'] = $row['user_id'];
$group_data[$type][${$type}]['group_id'] = $row['group_id'];
$group_data[$type][${$type}]['username'] = $row['username'];
$group_data[$type][${$type}]['user_regdate'] = $row['user_regdate'];
$group_data[$type][${$type}]['user_posts'] = $row['user_posts'];
$group_data[$type][${$type}]['user_pending'] = $row['user_pending'] ? 1 : 0;
${$type}++;
}
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'S_ON_PAGE' => on_page($total_members, $config['topics_per_page'], $start), 'PAGINATION' => generate_pagination($this->u_action . "&action={$action}&g={$group_id}", $total_members, $config['topics_per_page'], $start, true), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames')));
foreach ($group_data['leader'] as $row) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$pending = false;
foreach ($group_data['member'] as $row) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
$sql = 'SELECT g.group_id, g.group_name, g.group_type, COUNT(ug.user_id) AS total_members
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (g.group_id = ug.group_id)
GROUP BY g.group_id, g.group_name, g.group_type
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$special = $normal = 0;
$group_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
$group_ary[$type][${$type}]['group_id'] = $row['group_id'];
$group_ary[$type][${$type}]['group_name'] = $row['group_name'];
$group_ary[$type][${$type}]['group_type'] = $row['group_type'];
$group_ary[$type][${$type}]['total_members'] = $row['total_members'];
${$type}++;
}
$db->sql_freeresult($result);
ksort($group_ary);
$special_toggle = false;
foreach ($group_ary as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $row) {
$group_id = $row['group_id'];
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_DEFAULT' => "{$this->u_action}&action=default&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
function main($id, $mode)
{
global $config, $db, $user, $auth, $template, $cache;
global $phpbb_root_path, $phpbb_admin_path, $phpEx;
global $request, $phpbb_container, $phpbb_dispatcher;
$user->add_lang('acp/groups');
$this->tpl_name = 'acp_groups';
$this->page_title = 'ACP_GROUPS_MANAGE';
$form_key = 'acp_groups';
add_form_key($form_key);
if ($mode == 'position') {
$this->manage_position();
return;
}
if (!function_exists('group_user_attributes')) {
include $phpbb_root_path . 'includes/functions_user.' . $phpEx;
}
// Check and set some common vars
$action = isset($_POST['add']) ? 'add' : (isset($_POST['addusers']) ? 'addusers' : $request->variable('action', ''));
$group_id = $request->variable('g', 0);
$mark_ary = $request->variable('mark', array(0));
$name_ary = $request->variable('usernames', '', true);
$leader = $request->variable('leader', 0);
$default = $request->variable('default', 0);
$start = $request->variable('start', 0);
$update = isset($_POST['update']) ? true : false;
/** @var \phpbb\group\helper $group_helper */
$group_helper = $phpbb_container->get('group_helper');
// Clear some vars
$group_row = array();
// Grab basic data for group, if group_id is set and exists
if ($group_id) {
$sql = 'SELECT g.*, t.teampage_position AS group_teampage
FROM ' . GROUPS_TABLE . ' g
LEFT JOIN ' . TEAMPAGE_TABLE . ' t
ON (t.group_id = g.group_id)
WHERE g.group_id = ' . $group_id;
$result = $db->sql_query($sql);
$group_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$group_row) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Check if the user is allowed to manage this group if set to founder only.
if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage']) {
trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
// Which page?
switch ($action) {
case 'approve':
case 'demote':
case 'promote':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
// Approve, demote or promote
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_attributes($action, $group_id, $mark_ary, false, $group_name);
if (!$error) {
switch ($action) {
case 'demote':
$message = 'GROUP_MODS_DEMOTED';
break;
case 'promote':
$message = 'GROUP_MODS_PROMOTED';
break;
case 'approve':
$message = 'USERS_APPROVED';
break;
}
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
break;
case 'default':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'set_default_on_all':
if (confirm_box(true)) {
$group_name = $group_helper->get_name($group_row['group_name']);
$start = 0;
do {
$sql = 'SELECT user_id
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\t\tORDER BY user_id";
$result = $db->sql_query_limit($sql, 200, $start);
$mark_ary = array();
if ($row = $db->sql_fetchrow($result)) {
do {
$mark_ary[] = $row['user_id'];
} while ($row = $db->sql_fetchrow($result));
group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
$start = sizeof($mark_ary) < 200 ? 0 : $start + 200;
} else {
$start = 0;
}
$db->sql_freeresult($result);
} while ($start);
trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'deleteusers':
if (empty($mark_ary)) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
case 'delete':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
} else {
if ($action === 'delete' && $group_row['group_type'] == GROUP_SPECIAL) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
}
if (confirm_box(true)) {
$error = '';
switch ($action) {
case 'delete':
if (!$auth->acl_get('a_groupdel')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = group_delete($group_id, $group_row['group_name']);
break;
case 'deleteusers':
$group_name = $group_helper->get_name($group_row['group_name']);
$error = group_user_del($group_id, $mark_ary, false, $group_name);
break;
}
$back_link = $action == 'delete' ? $this->u_action : $this->u_action . '&action=list&g=' . $group_id;
if ($error) {
trigger_error($user->lang[$error] . adm_back_link($back_link), E_USER_WARNING);
}
$message = $action == 'delete' ? 'GROUP_DELETED' : 'GROUP_USERS_REMOVE';
trigger_error($user->lang[$message] . adm_back_link($back_link));
} else {
confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array('mark' => $mark_ary, 'g' => $group_id, 'i' => $id, 'mode' => $mode, 'action' => $action)));
}
break;
case 'addusers':
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if (!$name_ary) {
trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$name_ary = array_unique(explode("\n", $name_ary));
$group_name = $group_helper->get_name($group_row['group_name']);
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, $leader, 0, $group_row)) {
trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
}
$message = $leader ? 'GROUP_MODS_ADDED' : 'GROUP_USERS_ADDED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
break;
case 'edit':
case 'add':
if (!function_exists('display_forums')) {
include $phpbb_root_path . 'includes/functions_display.' . $phpEx;
}
if ($action == 'edit' && !$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
if ($action == 'add' && !$auth->acl_get('a_groupadd')) {
trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$error = array();
$user->add_lang('ucp');
// Setup avatar data for later
$avatars_enabled = false;
$avatar_drivers = null;
$avatar_data = null;
$avatar_error = array();
if ($config['allow_avatar']) {
/* @var $phpbb_avatar_manager \phpbb\avatar\manager */
$phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
$avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
// This is normalised data, without the group_ prefix
$avatar_data = \phpbb\avatar\manager::clean_row($group_row, 'group');
if (!isset($avatar_data['id'])) {
$avatar_data['id'] = 'g' . $group_id;
}
}
if ($request->is_set_post('avatar_delete')) {
if (confirm_box(true)) {
$avatar_data['id'] = substr($avatar_data['id'], 1);
$phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, GROUPS_TABLE, 'group_');
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
} else {
confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array('avatar_delete' => true, 'i' => $id, 'mode' => $mode, 'g' => $group_id, 'action' => $action)));
}
}
// Did we submit?
if ($update) {
if (!check_form_key($form_key)) {
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
$group_name = $request->variable('group_name', '', true);
$group_desc = $request->variable('group_desc', '', true);
$group_type = $request->variable('group_type', GROUP_FREE);
$allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
$allow_desc_urls = $request->variable('desc_parse_urls', false);
$allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array('colour' => $request->variable('group_colour', ''), 'rank' => $request->variable('group_rank', 0), 'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0, 'legend' => isset($_REQUEST['group_legend']) ? 1 : 0, 'teampage' => isset($_REQUEST['group_teampage']) ? 1 : 0, 'message_limit' => $request->variable('group_message_limit', 0), 'max_recipients' => $request->variable('group_max_recipients', 0), 'founder_manage' => 0, 'skip_auth' => $request->variable('group_skip_auth', 0));
if ($user->data['user_type'] == USER_FOUNDER) {
$submit_ary['founder_manage'] = isset($_REQUEST['group_founder_manage']) ? 1 : 0;
}
if ($config['allow_avatar']) {
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete')) {
$driver = $phpbb_avatar_manager->get_driver($driver_name);
$result = $driver->process_form($request, $template, $user, $avatar_data, $avatar_error);
if ($result && empty($avatar_error)) {
$result['avatar_type'] = $driver_name;
$submit_ary = array_merge($submit_ary, $result);
}
} else {
$driver = $phpbb_avatar_manager->get_driver($avatar_data['avatar_type']);
if ($driver) {
$driver->delete($avatar_data);
}
// Removing the avatar
$submit_ary['avatar_type'] = '';
$submit_ary['avatar'] = '';
$submit_ary['avatar_width'] = 0;
$submit_ary['avatar_height'] = 0;
}
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
/*
* Validate the length of "Maximum number of allowed recipients per
* private message" setting. We use 16777215 as a maximum because it matches
* MySQL unsigned mediumint maximum value which is the lowest amongst DBMSes
* supported by phpBB3. Also validate the submitted colour value.
*/
$validation_checks = array('max_recipients' => array('num', false, 0, 16777215), 'colour' => array('hex_colour', true));
/**
* Request group data and operate on it
*
* @event core.acp_manage_group_request_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array validation_checks Array with validation data
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'validation_checks');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_request_data', compact($vars)));
if ($validation_error = validate_data($submit_ary, $validation_checks)) {
// Replace "error" string with its real, localised form
$error = array_merge($error, $validation_error);
}
if (!sizeof($error)) {
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
// were made.
// However there are some attributes that need to be set everytime,
// otherwise the group gets removed from the feature.
$set_attributes = array('legend', 'teampage');
$group_attributes = array();
$test_variables = array('rank' => 'int', 'colour' => 'string', 'avatar' => 'string', 'avatar_type' => 'string', 'avatar_width' => 'int', 'avatar_height' => 'int', 'receive_pm' => 'int', 'legend' => 'int', 'teampage' => 'int', 'message_limit' => 'int', 'max_recipients' => 'int', 'founder_manage' => 'int', 'skip_auth' => 'int');
/**
* Initialise data before we display the add/edit form
*
* @event core.acp_manage_group_initialise_data
* @var string action Type of the action: add|edit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @var string group_name The group name
* @var string group_desc The group description
* @var int group_type The group type
* @var bool allow_desc_bbcode Allow bbcode in group description: true|false
* @var bool allow_desc_urls Allow urls in group description: true|false
* @var bool allow_desc_smilies Allow smiles in group description: true|false
* @var array submit_ary Array with new group data
* @var array test_variables Array with variables for test
* @since 3.1.0-b5
*/
$vars = array('action', 'group_id', 'group_row', 'error', 'group_name', 'group_desc', 'group_type', 'allow_desc_bbcode', 'allow_desc_urls', 'allow_desc_smilies', 'submit_ary', 'test_variables');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_initialise_data', compact($vars)));
foreach ($test_variables as $test => $type) {
if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test] || isset($group_attributes['group_avatar']) && strpos($test, 'avatar') === 0 || in_array($test, $set_attributes))) {
settype($submit_ary[$test], $type);
$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
}
}
if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies))) {
$group_perm_from = $request->variable('group_perm_from', 0);
// Copy permissions?
// If the user has the a_authgroups permission and at least one additional permission ability set the permissions are fully transferred.
// We do not limit on one auth category because this can lead to incomplete permissions being tricky to fix for the admin, roles being assigned or added non-default permissions.
// Since the user only has the option to copy permissions from non leader managed groups this seems to be a good compromise.
if ($group_perm_from && $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth')) {
$sql = 'SELECT group_founder_manage
FROM ' . GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$check_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Check the group if non-founder
if ($check_row && ($user->data['user_type'] == USER_FOUNDER || $check_row['group_founder_manage'] == 0)) {
// From the mysql documentation:
// Prior to MySQL 4.0.14, the target table of the INSERT statement cannot appear in the FROM clause of the SELECT part of the query. This limitation is lifted in 4.0.14.
// Due to this we stay on the safe side if we do the insertion "the manual way"
// Copy permisisons from/to the acl groups table (only group_id gets changed)
$sql = 'SELECT forum_id, auth_option_id, auth_role_id, auth_setting
FROM ' . ACL_GROUPS_TABLE . '
WHERE group_id = ' . $group_perm_from;
$result = $db->sql_query($sql);
$groups_sql_ary = array();
while ($row = $db->sql_fetchrow($result)) {
$groups_sql_ary[] = array('group_id' => (int) $group_id, 'forum_id' => (int) $row['forum_id'], 'auth_option_id' => (int) $row['auth_option_id'], 'auth_role_id' => (int) $row['auth_role_id'], 'auth_setting' => (int) $row['auth_setting']);
}
$db->sql_freeresult($result);
// Now insert the data
$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
$auth->acl_clear_prefetch();
}
}
$cache->destroy('sql', array(GROUPS_TABLE, TEAMPAGE_TABLE));
$message = $action == 'edit' ? 'GROUP_UPDATED' : 'GROUP_CREATED';
trigger_error($user->lang[$message] . adm_back_link($this->u_action));
}
}
if (sizeof($error)) {
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
$group_desc_data = array('text' => $group_desc, 'allow_bbcode' => $allow_desc_bbcode, 'allow_smilies' => $allow_desc_smilies, 'allow_urls' => $allow_desc_urls);
}
} else {
if (!$group_id) {
$group_name = $request->variable('group_name', '', true);
$group_desc_data = array('text' => '', 'allow_bbcode' => true, 'allow_smilies' => true, 'allow_urls' => true);
$group_rank = 0;
$group_type = GROUP_OPEN;
} else {
$group_name = $group_row['group_name'];
$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
$group_type = $group_row['group_type'];
$group_rank = $group_row['group_rank'];
}
}
$sql = 'SELECT *
FROM ' . RANKS_TABLE . '
WHERE rank_special = 1
ORDER BY rank_title';
$result = $db->sql_query($sql);
$rank_options = '<option value="0"' . (!$group_rank ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
while ($row = $db->sql_fetchrow($result)) {
$selected = $group_rank && $row['rank_id'] == $group_rank ? ' selected="selected"' : '';
$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
}
$db->sql_freeresult($result);
$type_free = $group_type == GROUP_FREE ? ' checked="checked"' : '';
$type_open = $group_type == GROUP_OPEN ? ' checked="checked"' : '';
$type_closed = $group_type == GROUP_CLOSED ? ' checked="checked"' : '';
$type_hidden = $group_type == GROUP_HIDDEN ? ' checked="checked"' : '';
// Load up stuff for avatars
if ($config['allow_avatar']) {
$avatars_enabled = false;
$selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $avatar_data['avatar_type']));
foreach ($avatar_drivers as $current_driver) {
$driver = $phpbb_avatar_manager->get_driver($current_driver);
$avatars_enabled = true;
$template->set_filenames(array('avatar' => $driver->get_acp_template_name()));
if ($driver->prepare_form($request, $template, $user, $avatar_data, $avatar_error)) {
$driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
$driver_upper = strtoupper($driver_name);
$template->assign_block_vars('avatar_drivers', array('L_TITLE' => $user->lang($driver_upper . '_TITLE'), 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'), 'DRIVER' => $driver_name, 'SELECTED' => $current_driver == $selected_driver, 'OUTPUT' => $template->assign_display('avatar')));
}
}
}
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
if (isset($phpbb_avatar_manager) && !$update) {
// Merge any avatar errors into the primary error array
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
$back_link = $request->variable('back_link', '');
switch ($back_link) {
case 'acp_users_groups':
$u_back = append_sid("{$phpbb_admin_path}index.{$phpEx}", 'i=users&mode=groups&u=' . $request->variable('u', 0));
break;
default:
$u_back = $this->u_action;
break;
}
$template->assign_vars(array('S_EDIT' => true, 'S_ADD_GROUP' => $action == 'add' ? true : false, 'S_GROUP_PERM' => $action == 'add' && $auth->acl_get('a_authgroups') && $auth->acl_gets('a_aauth', 'a_fauth', 'a_mauth', 'a_uauth') ? true : false, 'S_INCLUDE_SWATCH' => true, 'S_ERROR' => sizeof($error) ? true : false, 'S_SPECIAL_GROUP' => $group_type == GROUP_SPECIAL ? true : false, 'S_USER_FOUNDER' => $user->data['user_type'] == USER_FOUNDER ? true : false, 'S_AVATARS_ENABLED' => $config['allow_avatar'] && $avatars_enabled, 'ERROR_MSG' => sizeof($error) ? implode('<br />', $error) : '', 'GROUP_NAME' => $group_helper->get_name($group_name), 'GROUP_INTERNAL_NAME' => $group_name, 'GROUP_DESC' => $group_desc_data['text'], 'GROUP_RECEIVE_PM' => isset($group_row['group_receive_pm']) && $group_row['group_receive_pm'] ? ' checked="checked"' : '', 'GROUP_FOUNDER_MANAGE' => isset($group_row['group_founder_manage']) && $group_row['group_founder_manage'] ? ' checked="checked"' : '', 'GROUP_LEGEND' => isset($group_row['group_legend']) && $group_row['group_legend'] ? ' checked="checked"' : '', 'GROUP_TEAMPAGE' => isset($group_row['group_teampage']) && $group_row['group_teampage'] ? ' checked="checked"' : '', 'GROUP_MESSAGE_LIMIT' => isset($group_row['group_message_limit']) ? $group_row['group_message_limit'] : 0, 'GROUP_MAX_RECIPIENTS' => isset($group_row['group_max_recipients']) ? $group_row['group_max_recipients'] : 0, 'GROUP_COLOUR' => isset($group_row['group_colour']) ? $group_row['group_colour'] : '', 'GROUP_SKIP_AUTH' => !empty($group_row['group_skip_auth']) ? ' checked="checked"' : '', 'S_DESC_BBCODE_CHECKED' => $group_desc_data['allow_bbcode'], 'S_DESC_URLS_CHECKED' => $group_desc_data['allow_urls'], 'S_DESC_SMILIES_CHECKED' => $group_desc_data['allow_smilies'], 'S_RANK_OPTIONS' => $rank_options, 'S_GROUP_OPTIONS' => group_select_options(false, false, $user->data['user_type'] == USER_FOUNDER ? false : 0), 'AVATAR' => empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar, 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'], 'AVATAR_WIDTH' => isset($group_row['group_avatar_width']) ? $group_row['group_avatar_width'] : '', 'AVATAR_HEIGHT' => isset($group_row['group_avatar_height']) ? $group_row['group_avatar_height'] : '', 'GROUP_TYPE_FREE' => GROUP_FREE, 'GROUP_TYPE_OPEN' => GROUP_OPEN, 'GROUP_TYPE_CLOSED' => GROUP_CLOSED, 'GROUP_TYPE_HIDDEN' => GROUP_HIDDEN, 'GROUP_TYPE_SPECIAL' => GROUP_SPECIAL, 'GROUP_FREE' => $type_free, 'GROUP_OPEN' => $type_open, 'GROUP_CLOSED' => $type_closed, 'GROUP_HIDDEN' => $type_hidden, 'U_BACK' => $u_back, 'U_ACTION' => "{$this->u_action}&action={$action}&g={$group_id}", 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string()));
/**
* Modify group template data before we display the form
*
* @event core.acp_manage_group_display_form
* @var string action Type of the action: add|edit
* @var bool update Do we display the form only
* or did the user press submit
* @var int group_id The group id
* @var array group_row Array with new group data
* @var string group_name The group name
* @var int group_type The group type
* @var array group_desc_data The group description data
* @var string group_rank The group rank
* @var string rank_options The rank options
* @var array error Array of errors, if you add errors
* ensure to update the template variables
* S_ERROR and ERROR_MSG to display it
* @since 3.1.0-b5
*/
$vars = array('action', 'update', 'group_id', 'group_row', 'group_desc_data', 'group_name', 'group_type', 'group_rank', 'rank_options', 'error');
extract($phpbb_dispatcher->trigger_event('core.acp_manage_group_display_form', compact($vars)));
return;
break;
case 'list':
if (!$group_id) {
trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
}
/* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$this->page_title = 'GROUP_MEMBERS';
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_colour, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 1\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$template->assign_block_vars('leader', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
// Total number of group members (non-leaders)
$sql = 'SELECT COUNT(user_id) AS total_members
FROM ' . USER_GROUP_TABLE . "\n\t\t\t\t\tWHERE group_id = {$group_id}\n\t\t\t\t\t\tAND group_leader = 0";
$result = $db->sql_query($sql);
$total_members = (int) $db->sql_fetchfield('total_members');
$db->sql_freeresult($result);
$s_action_options = '';
$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'demote' => 'DEMOTE', 'promote' => 'PROMOTE', 'deleteusers' => 'DELETE');
foreach ($options as $option => $lang) {
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
$base_url = $this->u_action . "&action={$action}&g={$group_id}";
$pagination->generate_template_pagination($base_url, 'pagination', 'start', $total_members, $config['topics_per_page'], $start);
$template->assign_vars(array('S_LIST' => true, 'S_GROUP_SPECIAL' => $group_row['group_type'] == GROUP_SPECIAL ? true : false, 'S_ACTION_OPTIONS' => $s_action_options, 'GROUP_NAME' => $group_helper->get_name($group_row['group_name']), 'U_ACTION' => $this->u_action . "&g={$group_id}", 'U_BACK' => $this->u_action, 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=searchuser&form=list&field=usernames'), 'U_DEFAULT_ALL' => "{$this->u_action}&action=set_default_on_all&g={$group_id}"));
// Grab the members
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug\n\t\t\t\t\tWHERE ug.group_id = {$group_id}\n\t\t\t\t\t\tAND u.user_id = ug.user_id\n\t\t\t\t\t\tAND ug.group_leader = 0\n\t\t\t\t\tORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
$pending = false;
while ($row = $db->sql_fetchrow($result)) {
if ($row['user_pending'] && !$pending) {
$template->assign_block_vars('member', array('S_PENDING' => true));
$pending = true;
}
$template->assign_block_vars('member', array('U_USER_EDIT' => append_sid("{$phpbb_admin_path}index.{$phpEx}", "i=users&action=edit&u={$row['user_id']}"), 'USERNAME' => $row['username'], 'USERNAME_COLOUR' => $row['user_colour'], 'S_GROUP_DEFAULT' => $row['group_id'] == $group_id ? true : false, 'JOINED' => $row['user_regdate'] ? $user->format_date($row['user_regdate']) : ' - ', 'USER_POSTS' => $row['user_posts'], 'USER_ID' => $row['user_id']));
}
$db->sql_freeresult($result);
return;
break;
}
$template->assign_vars(array('U_ACTION' => $this->u_action, 'S_GROUP_ADD' => $auth->acl_get('a_groupadd') ? true : false));
// Get us all the groups
$sql = 'SELECT g.group_id, g.group_name, g.group_type
FROM ' . GROUPS_TABLE . ' g
ORDER BY g.group_type ASC, g.group_name';
$result = $db->sql_query($sql);
$lookup = $cached_group_data = array();
while ($row = $db->sql_fetchrow($result)) {
$type = $row['group_type'] == GROUP_SPECIAL ? 'special' : 'normal';
// used to determine what type a group is
$lookup[$row['group_id']] = $type;
// used for easy access to the data within a group
$cached_group_data[$type][$row['group_id']] = $row;
$cached_group_data[$type][$row['group_id']]['total_members'] = 0;
}
$db->sql_freeresult($result);
// How many people are in which group?
$sql = 'SELECT COUNT(ug.user_id) AS total_members, ug.group_id
FROM ' . USER_GROUP_TABLE . ' ug
WHERE ' . $db->sql_in_set('ug.group_id', array_keys($lookup)) . '
GROUP BY ug.group_id';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$type = $lookup[$row['group_id']];
$cached_group_data[$type][$row['group_id']]['total_members'] = $row['total_members'];
}
$db->sql_freeresult($result);
// The order is... normal, then special
ksort($cached_group_data);
foreach ($cached_group_data as $type => $row_ary) {
if ($type == 'special') {
$template->assign_block_vars('groups', array('S_SPECIAL' => true));
}
foreach ($row_ary as $group_id => $row) {
$group_name = !empty($user->lang['G_' . $row['group_name']]) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
$template->assign_block_vars('groups', array('U_LIST' => "{$this->u_action}&action=list&g={$group_id}", 'U_EDIT' => "{$this->u_action}&action=edit&g={$group_id}", 'U_DELETE' => $auth->acl_get('a_groupdel') ? "{$this->u_action}&action=delete&g={$group_id}" : '', 'S_GROUP_SPECIAL' => $row['group_type'] == GROUP_SPECIAL ? true : false, 'GROUP_NAME' => $group_name, 'TOTAL_MEMBERS' => $row['total_members']));
}
}
}
client_list($option, $task);
break;
// ------------------------------------ Groups
// ------------------------------------ Groups
case 'group.edit':
group_edit($id, $option, $task);
break;
case 'group.save':
case 'group.apply':
group_save($id, $option, $task);
break;
case 'group.cancel':
group_cancel($id, $option, $task);
break;
case 'group.delete':
group_delete($cid, $option, $task);
break;
case 'group.order':
group_order($cid, 0, $option, $task);
break;
case 'group.orderup':
group_order(intval($cid[0]), -1, $option, $task);
break;
case 'group.orderdn':
group_order(intval($cid[0]), 1, $option, $task);
break;
case 'group.publish':
group_publish($cid, 1, $option, $task);
break;
case 'group.unpublish':
group_publish($cid, 0, $option, $task);
