function ModifySettings() { global $modSettings, $context, $settings, $db_prefix, $txt, $boarddir, $sourcedir; loadTemplate('ManageCalendar'); $context['page_title'] = $txt['calendar_settings']; $context['sub_template'] = 'modify_settings'; // A file we need to show permissions inline. require_once $sourcedir . '/ManagePermissions.php'; $calendarPermissions = array('calendar_view', 'calendar_post', 'calendar_edit_own', 'calendar_edit_any'); // A form was submitted. if (isset($_POST['sc'], $_POST['cal_days_for_index'])) { checkSession(); // Although the display settings are combined to the user, they are seperate to the database. $toSet['cal_showholidaysonindex'] = $_POST['cal_showholidays'] == 'index' || $_POST['cal_showholidays'] == 'all' ? '1' : '0'; $toSet['cal_showbdaysonindex'] = $_POST['cal_showbdays'] == 'index' || $_POST['cal_showbdays'] == 'all' ? '1' : '0'; $toSet['cal_showeventsonindex'] = $_POST['cal_showevents'] == 'index' || $_POST['cal_showevents'] == 'all' ? '1' : '0'; $toSet['cal_showholidaysoncalendar'] = $_POST['cal_showholidays'] == 'cal' || $_POST['cal_showholidays'] == 'all' ? '1' : '0'; $toSet['cal_showbdaysoncalendar'] = $_POST['cal_showbdays'] == 'cal' || $_POST['cal_showbdays'] == 'all' ? '1' : '0'; $toSet['cal_showeventsoncalendar'] = $_POST['cal_showevents'] == 'cal' || $_POST['cal_showevents'] == 'all' ? '1' : '0'; updateSettings(array('cal_enabled' => isset($_POST['cal_enabled']) ? '1' : '0', 'cal_daysaslink' => isset($_POST['cal_daysaslink']) ? '1' : '0', 'cal_showweeknum' => isset($_POST['cal_showweeknum']) ? '1' : '0', 'cal_days_for_index' => (int) $_POST['cal_days_for_index'], 'cal_showholidaysonindex' => $toSet['cal_showholidaysonindex'], 'cal_showbdaysonindex' => $toSet['cal_showbdaysonindex'], 'cal_showeventsonindex' => $toSet['cal_showeventsonindex'], 'cal_showholidaysoncalendar' => $toSet['cal_showholidaysoncalendar'], 'cal_showbdaysoncalendar' => $toSet['cal_showbdaysoncalendar'], 'cal_showeventsoncalendar' => $toSet['cal_showeventsoncalendar'], 'cal_defaultboard' => (int) $_POST['cal_defaultboard'], 'cal_allow_unlinked' => isset($_POST['cal_allow_unlinked']) ? '1' : '0', 'cal_minyear' => (int) $_POST['cal_minyear'], 'cal_maxyear' => (int) $_POST['cal_maxyear'], 'cal_bdaycolor' => $_POST['cal_bdaycolor'], 'cal_eventcolor' => $_POST['cal_eventcolor'], 'cal_holidaycolor' => $_POST['cal_holidaycolor'], 'cal_allowspan' => isset($_POST['cal_allowspan']) ? '1' : '0', 'cal_maxspan' => (int) $_POST['cal_maxspan'], 'cal_showInTopic' => isset($_POST['cal_showInTopic']) ? '1' : '0')); save_inline_permissions($calendarPermissions); updateStats('calendar'); // Ensure we redirect incase the change in settings means the tabs are outdated. redirectexit('action=managecalendar;sa=settings'); } // Load the boards list. $context['cal_boards'] = array(''); $request = db_query("\n\t\tSELECT b.ID_BOARD, b.name AS bName, c.name AS cName\n\t\tFROM {$db_prefix}boards AS b\n\t\t\tLEFT JOIN {$db_prefix}categories AS c ON (c.ID_CAT = b.ID_CAT)", __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { $context['cal_boards'][$row['ID_BOARD']] = $row['cName'] . ' - ' . $row['bName']; } mysql_free_result($request); // Initialize the inline permission settings. init_inline_permissions($calendarPermissions); // Setup the display settings, just for better UI ;) $context['cal_showholidays'] = empty($modSettings['cal_showholidaysonindex']) ? empty($modSettings['cal_showholidaysoncalendar']) ? 'never' : 'cal' : (empty($modSettings['cal_showholidaysoncalendar']) ? 'index' : 'all'); $context['cal_showbdays'] = empty($modSettings['cal_showbdaysonindex']) ? empty($modSettings['cal_showbdaysoncalendar']) ? 'never' : 'cal' : (empty($modSettings['cal_showbdaysoncalendar']) ? 'index' : 'all'); $context['cal_showevents'] = empty($modSettings['cal_showeventsonindex']) ? empty($modSettings['cal_showeventsoncalendar']) ? 'never' : 'cal' : (empty($modSettings['cal_showeventsoncalendar']) ? 'index' : 'all'); }
function saveDBSettings(&$config_vars) { global $sourcedir, $context; $inlinePermissions = array(); foreach ($config_vars as $var) { if (!isset($var[1]) || !isset($_POST[$var[1]]) && $var[0] != 'check' && $var[0] != 'permissions' && ($var[0] != 'bbc' || !isset($_POST[$var[1] . '_enabledTags']))) { continue; } elseif ($var[0] == 'check') { $setArray[$var[1]] = !empty($_POST[$var[1]]) ? '1' : '0'; } elseif ($var[0] == 'select' && in_array($_POST[$var[1]], array_keys($var[2]))) { $setArray[$var[1]] = $_POST[$var[1]]; } elseif ($var[0] == 'select' && !empty($var['multiple']) && array_intersect($_POST[$var[1]], array_keys($var[2])) != array()) { // For security purposes we validate this line by line. $options = array(); foreach ($_POST[$var[1]] as $invar) { if (in_array($invar, array_keys($var[2]))) { $options[] = $invar; } } $setArray[$var[1]] = serialize($options); } elseif ($var[0] == 'int') { $setArray[$var[1]] = (int) $_POST[$var[1]]; } elseif ($var[0] == 'float') { $setArray[$var[1]] = (double) $_POST[$var[1]]; } elseif ($var[0] == 'text' || $var[0] == 'large_text') { $setArray[$var[1]] = $_POST[$var[1]]; } elseif ($var[0] == 'password') { if (isset($_POST[$var[1]][1]) && $_POST[$var[1]][0] == $_POST[$var[1]][1]) { $setArray[$var[1]] = $_POST[$var[1]][0]; } } elseif ($var[0] == 'bbc') { $bbcTags = array(); foreach (parse_bbc(false) as $tag) { $bbcTags[] = $tag['tag']; } if (!isset($_POST[$var[1] . '_enabledTags'])) { $_POST[$var[1] . '_enabledTags'] = array(); } elseif (!is_array($_POST[$var[1] . '_enabledTags'])) { $_POST[$var[1] . '_enabledTags'] = array($_POST[$var[1] . '_enabledTags']); } $setArray[$var[1]] = implode(',', array_diff($bbcTags, $_POST[$var[1] . '_enabledTags'])); } elseif ($var[0] == 'permissions') { $inlinePermissions[] = $var[1]; } } if (!empty($setArray)) { updateSettings($setArray); } // If we have inline permissions we need to save them. if (!empty($inlinePermissions) && allowedTo('manage_permissions')) { require_once $sourcedir . '/ManagePermissions.php'; save_inline_permissions($inlinePermissions); } }
function GeneralPermissionSettings() { global $context, $db_prefix, $modSettings, $sourcedir, $txt; $context['page_title'] = $txt['permission_settings_title']; if (!empty($_POST['save_settings'])) { checkSession(); // If the by-board setting has been disabled, remove local permissions. if (!empty($modSettings['permission_enable_by_board']) && empty($_POST['permission_enable_by_board'])) { db_query("\n\t\t\t\tUPDATE {$db_prefix}boards\n\t\t\t\tSET permission_mode = 0", __FILE__, __LINE__); db_query("\n\t\t\t\tDELETE FROM {$db_prefix}board_permissions\n\t\t\t\tWHERE ID_BOARD != 0", __FILE__, __LINE__); } elseif (empty($modSettings['permission_enable_by_board']) && !empty($_POST['permission_enable_by_board'])) { // Fetch the existing global board permissions. $request = db_query("\n\t\t\t\tSELECT permission, ID_GROUP, addDeny\n\t\t\t\tFROM {$db_prefix}board_permissions\n\t\t\t\tWHERE ID_BOARD = 0", __FILE__, __LINE__); $perm = array(); while ($row = mysql_fetch_assoc($request)) { $perm[$row['ID_GROUP']][$row['addDeny']][] = $row['permission']; } mysql_free_result($request); // Cycle through all boards with restrictions. $request = db_query("\n\t\t\t\tSELECT ID_BOARD, permission_mode\n\t\t\t\tFROM {$db_prefix}boards AS b\n\t\t\t\tWHERE permission_mode > 1", __FILE__, __LINE__); $insertRows = array(); $boards = array(); while ($row = mysql_fetch_assoc($request)) { $boards[] = $row['ID_BOARD']; foreach ($perm as $ID_GROUP => $perm_array) { if (!in_array('moderate_board', $perm_array[1])) { if ($row['permission_mode'] == 4) { $perm_array[1] = array_diff($perm_array[1], array('post_reply_own', 'post_reply_any')); } if ($row['permission_mode'] >= 3) { $perm_array[1] = array_diff($perm_array[1], array('post_new')); } if ($row['permission_mode'] >= 2) { $perm_array[1] = array_diff($perm_array[1], array('poll_post')); } } foreach ($perm_array as $deny => $permissions) { foreach ($permissions as $permission) { $insertRows[] = "('{$permission}', {$row['ID_BOARD']}, {$ID_GROUP}, {$deny})"; } } } } mysql_free_result($request); if (!empty($insertRows)) { db_query("\n\t\t\t\t\tINSERT INTO {$db_prefix}board_permissions\n\t\t\t\t\t\t(permission, ID_BOARD, ID_GROUP, addDeny)\n\t\t\t\t\tVALUES " . implode(', ', $insertRows), __FILE__, __LINE__); } if (!empty($boards)) { db_query("\n\t\t\t\t\tUPDATE {$db_prefix}boards\n\t\t\t\t\tSET permission_mode = 1\n\t\t\t\t\tWHERE ID_BOARD IN (" . implode(', ', $boards) . ')', __FILE__, __LINE__); } } updateSettings(array('permission_enable_deny' => empty($_POST['permission_enable_deny']) ? '0' : '1', 'permission_enable_postgroups' => empty($_POST['permission_enable_postgroups']) ? '0' : '1', 'permission_enable_by_board' => empty($_POST['permission_enable_by_board']) ? '0' : '1')); // Clear all deny permissions...if we want that. if (empty($modSettings['permission_enable_deny'])) { db_query("\n\t\t\t\tDELETE FROM {$db_prefix}permissions\n\t\t\t\tWHERE addDeny = 0", __FILE__, __LINE__); db_query("\n\t\t\t\tDELETE FROM {$db_prefix}board_permissions\n\t\t\t\tWHERE addDeny = 0", __FILE__, __LINE__); } // Make sure there are no postgroup based permissions left. if (empty($modSettings['permission_enable_postgroups'])) { // Get a list of postgroups. $post_groups = array(); $request = db_query("\n\t\t\t\tSELECT ID_GROUP\n\t\t\t\tFROM {$db_prefix}membergroups\n\t\t\t\tWHERE minPosts != -1", __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { $post_groups[] = $row['ID_GROUP']; } mysql_free_result($request); // Remove'em. db_query("\n\t\t\t\tDELETE FROM {$db_prefix}permissions\n\t\t\t\tWHERE ID_GROUP IN (" . implode(', ', $post_groups) . ')', __FILE__, __LINE__); db_query("\n\t\t\t\tDELETE FROM {$db_prefix}board_permissions\n\t\t\t\tWHERE ID_GROUP IN (" . implode(', ', $post_groups) . ')', __FILE__, __LINE__); } save_inline_permissions(array('manage_permissions')); } init_inline_permissions(array('manage_permissions'), array(-1)); $context['sub_template'] = 'general_permission_settings'; }
function EditBoardSettings() { global $context, $txt, $db_prefix, $sourcedir, $modSettings; $context['page_title'] = $txt[41] . ' - ' . $txt['settings']; loadTemplate('ManageBoards'); $context['sub_template'] = 'modify_general_settings'; // Needed for the inline permission functions. require_once $sourcedir . '/ManagePermissions.php'; if (!empty($_POST['save_settings'])) { checkSession(); updateSettings(array('countChildPosts' => empty($_POST['countChildPosts']) ? '0' : '1', 'recycle_enable' => empty($_POST['recycle_enable']) ? '0' : '1', 'recycle_board' => (int) $_POST['recycle_board'])); // Save the permissions. save_inline_permissions(array('manage_boards')); } // Get a list of boards. $context['boards'] = array(); $request = db_query("\n\t\tSELECT b.ID_BOARD, b.name AS bName, c.ID_CAT, c.name AS cName\n\t\tFROM {$db_prefix}boards AS b\n\t\t\tLEFT JOIN {$db_prefix}categories AS c ON (c.ID_CAT = b.ID_CAT)", __FILE__, __LINE__); while ($row = mysql_fetch_assoc($request)) { $context['boards'][] = array('id' => $row['ID_BOARD'], 'name' => $row['bName'], 'is_recycle' => !empty($modSettings['recycle_board']) && $modSettings['recycle_board'] == $row['ID_BOARD'], 'category' => array('id' => $row['ID_CAT'], 'name' => $row['cName'])); } mysql_free_result($request); // Initialize permissions. init_inline_permissions(array('manage_boards'), array(-1)); }
function ManageAvatarSettings() { global $txt, $context, $db_prefix, $modSettings, $sourcedir; $context['page_title'] = $txt['smf201']; $context['description'] = $txt['smf202']; $context['selected'] = 'avatar_settings'; $context['sub_template'] = 'avatars'; // Perform a test to see if the GD module is installed. $testGD = get_extension_funcs('gd'); $context['gd_installed'] = !empty($testGD); // We need this file for the inline permission settings. require_once $sourcedir . '/ManagePermissions.php'; // Let's save the avatar settings. if (!empty($_POST['avatarSettings'])) { checkSession(); // Store the changed mod settings. updateSettings(array('avatar_directory' => $_POST['avatar_directory'], 'avatar_url' => $_POST['avatar_url'], 'avatar_download_external' => empty($_POST['avatar_download_external']) ? '0' : '1', 'avatar_max_width_upload' => (int) $_POST['avatar_max_width_upload'], 'avatar_max_height_upload' => (int) $_POST['avatar_max_height_upload'], 'avatar_resize_upload' => empty($_POST['avatar_resize_upload']) ? '0' : '1', 'avatar_download_png' => empty($_POST['avatar_download_png']) ? '0' : '1', 'custom_avatar_enabled' => empty($_POST['custom_avatar_enabled']) ? '0' : '1')); // Only update these settings if they are not disabled by JavaScript. if (empty($_POST['avatar_download_external'])) { updateSettings(array('avatar_max_width_external' => empty($_POST['avatar_max_width_external']) ? 0 : (int) $_POST['avatar_max_width_external'], 'avatar_max_height_external' => empty($_POST['avatar_max_height_external']) ? 0 : (int) $_POST['avatar_max_height_external'], 'avatar_action_too_large' => $_POST['avatar_action_too_large'])); } if (!empty($_POST['custom_avatar_enabled'])) { updateSettings(array('custom_avatar_dir' => $_POST['custom_avatar_dir'], 'custom_avatar_url' => $_POST['custom_avatar_url'])); } // Save the adjusted permissions. save_inline_permissions(array('profile_server_avatar', 'profile_upload_avatar', 'profile_remote_avatar')); } init_inline_permissions(array('profile_server_avatar', 'profile_upload_avatar', 'profile_remote_avatar'), array(-1)); $context['valid_avatar_dir'] = is_dir($modSettings['avatar_directory']); $context['valid_custom_avatar_dir'] = empty($modSettings['custom_avatar_enabled']) || is_dir($modSettings['custom_avatar_dir']) && is_writable($modSettings['custom_avatar_dir']); }
function ModifyMembergroupSettings() { global $context, $db_prefix, $sourcedir, $modSettings, $txt; $context['sub_template'] = 'membergroup_settings'; $context['page_title'] = $txt['membergroups_settings']; // Needed for the inline permission functions. require_once $sourcedir . '/ManagePermissions.php'; if (!empty($_POST['save_settings'])) { checkSession(); // Save the permissions. save_inline_permissions(array('manage_membergroups')); } // Initialize permissions. init_inline_permissions(array('manage_membergroups'), array(-1)); }
function EditSearchSettings() { global $txt, $context, $sourcedir; $context['page_title'] = $txt['search_settings_title']; $context['sub_template'] = 'modify_settings'; // Including a file needed for inline permissions. require_once $sourcedir . '/ManagePermissions.php'; // A form was submitted. if (isset($_POST['save'])) { checkSession(); updateSettings(array('simpleSearch' => isset($_POST['simpleSearch']) ? '1' : '0', 'search_results_per_page' => (int) $_POST['search_results_per_page'], 'search_max_results' => (int) $_POST['search_max_results'])); // Save the permissions. save_inline_permissions(array('search_posts')); } // Initialize permissions. init_inline_permissions(array('search_posts')); }
function ModifyNewsSettings() { global $context, $db_prefix, $sourcedir, $modSettings, $txt; $context['page_title'] = $txt[7] . ' - ' . $txt['settings']; $context['sub_template'] = 'news_settings'; // Needed for the inline permission functions. require_once $sourcedir . '/ManagePermissions.php'; if (!empty($_POST['save_settings'])) { checkSession(); updateSettings(array('xmlnews_enable' => empty($_POST['xmlnews_enable']) ? '0' : '1', 'xmlnews_maxlen' => (int) $_POST['xmlnews_maxlen'])); // Save the permissions. save_inline_permissions(array('edit_news', 'send_mail')); } // Initialize permissions. init_inline_permissions(array('edit_news', 'send_mail'), array(-1)); }