function flood_uncontrol($group = "") { $user_groups = getusergroups(); $access_opts = ""; while (list($key, $user_group) = each($user_groups)) { $sel = $group == $user_group['0'] ? " selected" : ""; $access_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n"; } return $access_opts; }
/** * Permissions Form */ private function display_forum_permissions_form() { $data = $this->data; $data += array('forum_id' => !empty($data['forum_id']) && isnum($data['forum_id']) ? $data['forum_id'] : 0, 'forum_type' => !empty($data['forum_type']) ? $data['forum_type'] : ''); $_access = getusergroups(); $access_opts['0'] = self::$locale['531']; while (list($key, $option) = each($_access)) { $access_opts[$option['0']] = $option['1']; } $public_access_opts = $access_opts; unset($access_opts[0]); // remove public away. $selection = array(self::$locale['forum_041'], "10 " . self::$locale['forum_points'], "20 " . self::$locale['forum_points'], "30 " . self::$locale['forum_points'], "40 " . self::$locale['forum_points'], "50 " . self::$locale['forum_points'], "60 " . self::$locale['forum_points'], "70 " . self::$locale['forum_points'], "80 " . self::$locale['forum_points'], "90 " . self::$locale['forum_points'], "100 " . self::$locale['forum_points']); $options = fusion_get_groups(); unset($options[0]); // no public to moderate, unset unset($options[-101]); // no member group to moderate, unset. add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_030'])); opentable(self::$locale['forum_030']); echo openform('permissionsForm', 'post', FUSION_REQUEST); echo "<span class='strong display-inline-block m-b-20'>" . self::$locale['forum_006'] . " : " . $data['forum_name'] . "</span>\n"; openside(); echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_000'] . "</span><br/>\n"; echo form_select('forum_access', self::$locale['forum_031'], $data['forum_access'], array('inline' => TRUE, 'options' => $public_access_opts)); $optionArray = array("inline" => TRUE, "options" => $access_opts); echo form_select('forum_post', self::$locale['forum_032'], $data['forum_post'], $optionArray); echo form_select('forum_reply', self::$locale['forum_033'], $data['forum_reply'], $optionArray); echo form_select('forum_post_ratings', self::$locale['forum_039'], $data['forum_post_ratings'], $optionArray); closeside(); openside(); echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_001'] . "</span><br/>\n"; echo form_select('forum_poll', self::$locale['forum_036'], $data['forum_poll'], $optionArray); echo form_select('forum_vote', self::$locale['forum_037'], $data['forum_vote'], $optionArray); closeside(); openside(); echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_004'] . "</span><br/>\n"; echo form_select('forum_answer_threshold', self::$locale['forum_040'], $data['forum_answer_threshold'], array('options' => $selection, 'inline' => TRUE)); closeside(); openside(); echo "<span class='text-dark strong display-inline-block m-b-20'>" . self::$locale['forum_desc_002'] . "</span><br/>\n"; echo form_select('forum_attach', self::$locale['forum_034'], $data['forum_attach'], array('options' => $access_opts, 'inline' => TRUE)); echo form_select('forum_attach_download', self::$locale['forum_035'], $data['forum_attach_download'], array('options' => $public_access_opts, 'inline' => TRUE)); closeside(); openside(); echo form_hidden('forum_id', '', $data['forum_id']); echo form_select("forum_mods[]", self::$locale['forum_desc_003'], $data['forum_mods'], array("multiple" => TRUE, "width" => "100%", "options" => $options, "delimiter" => ".", "inline" => TRUE)); /* echo "<span class='text-dark strong display-inline-block m-b-20'>".self::$locale['forum_desc_003']."</span><br/>\n"; $mod_groups = getusergroups(); $mods1_user_id = array(); $mods1_user_name = array(); while (list($key, $mod_group) = each($mod_groups)) { if ($mod_group['0'] != USER_LEVEL_PUBLIC && $mod_group['0'] != USER_LEVEL_MEMBER && $mod_group['0'] != USER_LEVEL_SUPER_ADMIN) { if (!preg_match("(^{$mod_group['0']}$|^{$mod_group['0']}\.|\.{$mod_group['0']}\.|\.{$mod_group['0']}$)", $data['forum_mods'])) { $mods1_user_id[] = $mod_group['0']; $mods1_user_name[] = $mod_group['1']; } else { $mods2_user_id[] = $mod_group['0']; $mods2_user_name[] = $mod_group['1']; } } } echo "<div class='row'>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n"; echo "<select multiple='multiple' size='10' name='modlist1' id='modlist1' class='form-control textbox m-r-10' onchange=\"addUser('modlist2','modlist1');\">\n"; for ($i = 0; $i < count($mods1_user_id); $i++) { echo "<option value='".$mods1_user_id[$i]."'>".$mods1_user_name[$i]."</option>\n"; } echo "</select>\n"; echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n"; echo "<select multiple='multiple' size='10' name='modlist2' id='modlist2' class='form-control textbox' onchange=\"addUser('modlist1','modlist2');\">\n"; if (isset($mods2_user_id) && is_array($mods2_user_id)) { for ($i = 0; $i < count($mods2_user_id); $i++) { echo "<option value='".$mods2_user_id[$i]."'>".$mods2_user_name[$i]."</option>\n"; } } echo "</select>\n"; //echo form_text('forum_mods', '', $data['forum_mods']); echo "</div>\n</div>\n"; */ closeside(); echo form_button('save_permission', self::$locale['forum_042'], self::$locale['forum_042'], array('class' => 'btn-primary')); /* add_to_jquery(" $('#save').bind('click', function() { saveMods(); }); "); echo "<script type='text/javascript'>\n"."function addUser(toGroup,fromGroup) {\n"; echo "var listLength = document.getElementById(toGroup).length;\n"; echo "var selItem = document.getElementById(fromGroup).selectedIndex;\n"; echo "var selText = document.getElementById(fromGroup).options[selItem].text;\n"; echo "var selValue = document.getElementById(fromGroup).options[selItem].value;\n"; echo "var i; var newItem = true;\n"; echo "for (i = 0; i < listLength; i++) {\n"; echo "if (document.getElementById(toGroup).options[i].text == selText) {\n"; echo "newItem = false; break;\n}\n}\n"."if (newItem) {\n"; echo "document.getElementById(toGroup).options[listLength] = new Option(selText, selValue);\n"; echo "document.getElementById(fromGroup).options[selItem] = null;\n}\n}\n"; echo "function saveMods() {\n"."var strValues = \"\";\n"; echo "var boxLength = document.getElementById('modlist2').length;\n"; echo "var count = 0;\n"." if (boxLength != 0) {\n"."for (i = 0; i < boxLength; i++) {\n"; echo "if (count == 0) {\n"."strValues = document.getElementById('modlist2').options[i].value;\n"; echo "} else {\n"."strValues = strValues + \".\" + document.getElementById('modlist2').options[i].value;\n"; echo "}\n"."count++;\n}\n}\n"; echo "if (strValues.length == 0) {\n"."document.forms['inputform'].submit();\n"; echo "} else {\n"."document.forms['inputform'].forum_mods.value = strValues;\n"; echo "document.forms['inputform'].submit();\n}\n}\n</script>\n"; */ closetable(); }
function create_options($selected, $hide = array(), $off = false) { global $locale; $option_list = ""; $options = getusergroups(); if ($off) { $option_list = "<option value='0'>" . $locale['531'] . "</option>\n"; } while (list($key, $option) = each($options)) { if (!in_array($option['0'], $hide)) { $sel = $selected == $option['0'] ? " selected='selected'" : ""; $option_list .= "<option value='" . $option['0'] . "'{$sel}>" . $option['1'] . "</option>\n"; } } return $option_list; }
protected function displayRanksForm() { global $aidlink; if (isset($_POST['cancel_rank'])) { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } add_to_footer("<script src='" . FORUM . "admin/admin_rank.js'></script>"); $this->data['rank_language'] = LANGUAGE; $array_apply_normal_opts = array(USER_LEVEL_MEMBER => self::$locale['424'], '104' => self::$locale['425'], USER_LEVEL_ADMIN => self::$locale['426'], USER_LEVEL_SUPER_ADMIN => self::$locale['427']); // Special Select $groups_arr = getusergroups(); $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN); $group_opts = array(); foreach ($groups_arr as $group) { if (!in_array($group[0], $groups_except)) { $group_opts[$group[0]] = $group[1]; } } $language_opts = fusion_get_enabled_languages(); $this->post_forum_ranks(); $form_action = FUSION_SELF . $aidlink . '§ion=fr'; if (isset($_GET['rank_id']) && isnum($_GET['rank_id'])) { $result = dbquery("SELECT * FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . intval($_GET['rank_id']) . "'"); if (dbrows($result) > 0) { $this->data = dbarray($result); $form_action = FUSION_SELF . $aidlink . "§ion=fr&rank_id=" . $_GET['rank_id']; } else { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } } $html = openform('rank_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('rank_title', self::$locale['420'], $this->data['rank_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_select('rank_image', self::$locale['421'], $this->data['rank_image'], array('options' => $this->get_rank_images(), 'placeholder' => self::$locale['choose'], "inline" => TRUE)); if (multilang_table("FR")) { $html .= form_select('rank_language', self::$locale['global_ML100'], $this->data['rank_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)); } else { $html .= form_hidden('rank_language', '', $this->data['rank_language']); } $html .= form_checkbox('rank_type', self::$locale['429'], $this->data['rank_type'], array("options" => array(2 => self::$locale['429a'], 1 => self::$locale['429b'], 0 => self::$locale['429c']), "type" => "radio", "inline" => TRUE)) . form_text('rank_posts', self::$locale['422'], $this->data['rank_posts'], array('inline' => TRUE, 'type' => 'number', 'width' => '10%', 'disabled' => $this->data['rank_type'] != 0)) . "<span id='select_normal' " . ($this->data['rank_type'] == 2 ? "class='display-none'" : "") . " >" . form_select('rank_apply_normal', self::$locale['423'], $this->data['rank_apply'], array('options' => $array_apply_normal_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n<span id='select_special'" . ($this->data['rank_type'] != 2 ? " class='display-none'" : "") . ">" . form_select('rank_apply_special', self::$locale['423'], $this->data['rank_apply'], array('options' => $group_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n" . form_button('save_rank', self::$locale['428'], self::$locale['428'], array('class' => 'btn-primary m-r-10')) . form_button('cancel_rank', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform(); return $html; /* echo "<td class='tbl'><strong>".self::$locale['429']."</strong></td>\n"; echo "<td class='tbl'>\n"; echo "<label><input type='radio' name='rank_type' value='2'".($rank_type == 2 ? " checked='checked'" : "")." /> ".self::$locale['429a']."</label>\n"; echo "<label><input type='radio' name='rank_type' value='1'".($rank_type == 1 ? " checked='checked'" : "")." /> ".self::$locale['429b']."</label>\n"; echo "<label><input type='radio' name='rank_type' value='0'".($rank_type == 0 ? " checked='checked'" : "")." /> ".self::$locale['429c']."</label>\n"; echo "</td>\n"; echo "</tr>\n<tr>\n"; */ }
echo "<label><input type='radio' name='rank_type' value='2'" . ($rank_type == 2 ? " checked='checked'" : "") . " /> " . $locale['429a'] . "</label>\n"; echo "<label><input type='radio' name='rank_type' value='1'" . ($rank_type == 1 ? " checked='checked'" : "") . " /> " . $locale['429b'] . "</label>\n"; echo "<label><input type='radio' name='rank_type' value='0'" . ($rank_type == 0 ? " checked='checked'" : "") . " /> " . $locale['429c'] . "</label>\n"; echo "</td>\n"; echo "</tr>\n<tr>\n"; echo "<td class='tbl'><label for='rank_posts'>" . $locale['422'] . "</label></td>\n"; echo "<td class='tbl'>\n"; echo form_text('rank_posts', '', $rank_posts, array('disabled' => $rank_type != 0)); echo "</tr>\n<tr>\n"; echo "<td class='tbl'><label for='rank_apply_normal'>" . $locale['423'] . "</label></td>\n<td class='tbl'>\n"; $array = array(USER_LEVEL_MEMBER => $locale['424'], '104' => $locale['425'], USER_LEVEL_ADMIN => $locale['426'], USER_LEVEL_SUPER_ADMIN => $locale['427']); echo "<span id='select_normal' " . ($rank_type == 2 ? "class='display-none'" : "") . " >"; echo form_select('rank_apply_normal', '', $rank_apply, array('options' => $array, 'placeholder' => $locale['choose'])); echo "</span>\n"; // Special Select $groups_arr = getusergroups(); $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN); $group_opts = array(); foreach ($groups_arr as $group) { if (!in_array($group[0], $groups_except)) { $group_opts[$group[0]] = $group[1]; } } echo "<span id='select_special'" . ($rank_type != 2 ? " class='display-none'" : "") . ">"; echo form_select('rank_apply_special', '', $rank_apply, array('options' => $group_opts, 'placeholder' => $locale['choose'])); echo "</span>\n"; echo "</td>\n</tr>\n<tr>\n"; echo "<td align='center' colspan='2' class='tbl'>\n"; echo form_button('save_rank', $locale['428'], $locale['428'], array('class' => 'btn-primary')); echo "</td>\n</tr>\n</table>\n</form>\n"; closetable();
$link_seo_url = ""; // Pimped $link_visibility = ""; $link_order = ""; $link_language = ""; // Pimped $pos1_check = " checked='checked'"; $pos2_check = ""; $pos3_check = ""; $window_check = ""; $formaction = FUSION_SELF . $aidlink; opentable($locale['400']); } $visibility_opts = ""; $sel = ""; $user_groups = getusergroups(1, 1, 1, 1, 1, 1); // Pimped while (list($key, $user_group) = each($user_groups)) { $sel = $link_visibility == $user_group['0'] ? " selected='selected'" : ""; $visibility_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n"; } require_once INCLUDES . "bbcode_include.php"; echo "<form name='layoutform' method='post' action='" . $formaction . "'>\n"; echo "<table cellpadding='0' cellspacing='0' class='center'>\n<tr>\n"; echo "<td class='tbl'>" . $locale['420'] . "</td>\n"; echo "<td class='tbl'><input type='text' name='link_name' value='" . $link_name . "' maxlength='100' class='textbox' style='width:240px;' /><br />\n"; echo "</td>\n</tr>\n<tr>\n"; echo "<td class='tbl'></td>\n<td class='tbl'>"; echo display_bbcodes("240px;", "link_name", "layoutform", "b|i|u|color") . "\n"; echo "</td>\n</tr>\n<tr>\n"; echo "<td class='tbl'>" . $locale['421'] . "</td>\n";
/** * Return user groups array * @return array */ static function get_accessOpts() { $ref = array(); $user_groups = getusergroups(); while (list($key, $user_group) = each($user_groups)) { $ref[$user_group[0]] = $user_group[1]; } return $ref; }
$_SESSION[obj]->addEditor($_REQUEST[edname]); } } if ($isOwner && $_REQUEST[edaction] == 'del') { $_SESSION[obj]->delEditor($_REQUEST[edname]); } /****************************************************************************** * switch between forms 1 and 2 ******************************************************************************/ $step = $_REQUEST['step']; if (!$isOwner && $isEditor) { if (!count($_SESSION[editors])) { if (in_array($_SESSION[auser], $_SESSION[obj]->getEditors())) { $_SESSION[editors][] = $_SESSION[auser]; } $groupsAndClasses = array_unique(array_merge($_SESSION[obj]->returnEditorOverlap(getuserclasses($_SESSION[auser], "all")), getusergroups($_SESSION[auser]))); foreach ($groupsAndClasses as $groupOrClass) { if (in_array($groupOrClass, $_SESSION[obj]->getEditors())) { $_SESSION[editors][] = $groupOrClass; } } // done... now send them to step 2 $step = 2; } } if ($isOwner && $_REQUEST[editpermissions]) { if (!count($_REQUEST[editors])) { error("You must choose some editors."); } else { $_SESSION[editors] = $_REQUEST[editors]; $step = 2;
} return sprintf("%04d-%02d-%02d", intval($data[$fname]['year']), intval($data[$fname]['month']), intval($data[$fname]['mday'])); } /* function ec_get_timestamp($fname) { return mktime($_POST[$fname."_hours"], $_POST[$fname."_mins"], 0, $_POST[$fname."_month"], $_POST[$fname."_mday"], $_POST[$fname."_year"]); } */ /**************************************************************************** * GUI */ $sel_access = ''; $sel_login_access = ''; $fusion_groups = getusergroups(); foreach ($fusion_groups as $group) { list($gid, $gname) = $group; if (!checkgroup($gid)) { continue; } $sel_access .= ' <option value="' . $gid . '"' . ($gid == $event['ev_access'] ? ' selected="selected"' : '') . '>' . $gname . '</option>'; if (!$gid) { continue; } $sel_login_access .= ' <option value="' . $gid . '"' . ($gid == $event['ev_login_access'] ? ' selected="selected"' : '') . '>' . $gname . '</option>'; } $sel_repeat = ''; foreach ($locale['EC125'] as $rep => $text) {
echo "<td width='1%' class='tbl' style='white-space:nowrap'><label for='forum_merge'>" . $locale['541'] . "</label></td>\n<td class='tbl'>\n"; $array = array('1' => $locale['542'], '0' => $locale['543']); echo form_select('', 'forum_merge', 'forum_merge', $array, $forum_merge, array('placeholder' => $locale['choose'])); echo "</td>\n</tr>\n"; if (!isset($_GET['action']) || $_GET['action'] != "edit") { echo "<tr>\n<td align='center' colspan='2' class='tbl'>\n"; echo form_button($locale['532'], 'save_forum', 'save_forum', $locale['532'], array('class' => 'btn-primary')); echo "</td>\n"; echo "</tr>\n</table>\n"; } } if (!isset($_GET['action'])) { echo "\n</form>"; } if (isset($_GET['action']) && $_GET['action'] == "edit") { $mod_groups = getusergroups(); $mods1_user_id = array(); $mods1_user_name = array(); while (list($key, $mod_group) = each($mod_groups)) { if ($mod_group['0'] != "0" && $mod_group['0'] != "101" && $mod_group['0'] != "103") { if (!preg_match("(^{$mod_group['0']}\$|^{$mod_group['0']}\\.|\\.{$mod_group['0']}\\.|\\.{$mod_group['0']}\$)", $data['forum_moderators'])) { $mods1_user_id[] = $mod_group['0']; $mods1_user_name[] = $mod_group['1']; } else { $mods2_user_id[] = $mod_group['0']; $mods2_user_name[] = $mod_group['1']; } } } echo "<tr>\n<td class='tbl2' colspan='2'><strong>" . $locale['533'] . "</strong></td>\n"; echo "</tr>\n<tr>\n";
/** * Get All Groups Arrays * @return array */ function fusion_get_groups() { $visibility_opts = array(); foreach (getusergroups() as $groups) { $visibility_opts[$groups[0]] = $groups[1]; } return $visibility_opts; }
protected function displayTagForm() { global $aidlink; if (isset($_POST['cancel_tag'])) { redirect(clean_request("", array("tag_id", "ref"), FALSE)); } $this->data['rank_language'] = LANGUAGE; // Special Select $groups_arr = getusergroups(); $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN); $group_opts = array(); foreach ($groups_arr as $group) { if (!in_array($group[0], $groups_except)) { $group_opts[$group[0]] = $group[1]; } } $language_opts = fusion_get_enabled_languages(); $this->post_tags(); $form_action = FUSION_SELF . $aidlink . '&section=ft&ref=tag_form'; if (isset($_GET['tag_id']) && isnum($_GET['tag_id'])) { $result = dbquery("SELECT * FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . intval($_GET['tag_id']) . "'"); if (dbrows($result) > 0) { $this->data = dbarray($result); $form_action = FUSION_SELF . $aidlink . "&section=ft&ref=tag_form&tag_id=" . $_GET['tag_id']; } else { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } } $button_locale = $this->data['tag_id'] ? self::$locale['forum_tag_0208'] : self::$locale['forum_tag_0207']; $html = openform('tag_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('tag_title', self::$locale['forum_tag_0200'], $this->data['tag_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_textarea('tag_description', self::$locale['forum_tag_0201'], $this->data['tag_description'], array('inline' => TRUE, 'type' => 'bbcode', 'autosize' => TRUE, 'preview' => TRUE)) . form_colorpicker('tag_color', self::$locale['forum_tag_0202'], $this->data['tag_color'], array('inline' => TRUE, 'required' => TRUE)); if (multilang_table("FR")) { $html .= form_select('tag_language', self::$locale['forum_tag_0203'], $this->data['tag_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)); } else { $html .= form_hidden('tag_language', '', $this->data['tag_language']); } $html .= form_checkbox('tag_status', self::$locale['forum_tag_0204'], $this->data['tag_status'], array("options" => array(1 => self::$locale['forum_tag_0205'], 0 => self::$locale['forum_tag_0206']), "type" => "radio", "inline" => TRUE)) . form_button('save_tag', $button_locale, $button_locale, array('class' => 'btn-primary m-r-10')) . form_button('cancel_tag', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform(); return $html; }
/** * Checks to see if the user has the specified permissions. * * @param string $perms The permissions to check. * $perms paramater can be a complex string consisting * of ()'s, 'and', 'or', and permission types: * 'add','edit','delete','view','discuss' * @param optional string $user The user to check. * @param option boolean $useronly If true, the user's permissions will be * checked explicitly and the user will not be included in any * groups. * @return boolean True if the user has the permissions asked for. * @access public * @date 8/31/04 */ function hasPermission($perms, $user = "", $useronly = FALSE) { //**************************************** // ----- Setup ----- //**************************************** global $allclasses, $_loggedin, $cfg; // Build the permissions array to check against. $this->buildPermissionsArray(); // Get our current user if we weren't passed one to check: if ($user == "") { $user = $_SESSION[auser]; } // If we haven't built the classes array and we need it, // build the classes array. if (!is_array($allclasses[$_SESSION['auser']]) && !$useronly) { $allclasses[$_SESSION['auser']] = getuserclasses($user, "all"); } //**************************************** // ----- Return Cached Permissions ------ // If we have checked this permission string before and cached it, // just return the cached result. // // There are separate entries for useronly and those with groups as well. // This is to prevent the caching of perms for a user with groups, then // getting that cached result when asking only for user permissions. //**************************************** if ($useronly && isset($this->cachedPermissions["onlyuser" . $user . $perms])) { return $this->cachedPermissions["onlyuser" . $user . $perms]; } if (!$useronly && isset($this->cachedPermissions[$user . $perms])) { return $this->cachedPermissions[$user . $perms]; } //**************************************** // ----- New checking of Permissions ----- // Below is where we will check to see if the user has the permissions // asked for. //**************************************** // Make sure that we are fetched. $this->fetchUp(); // The site owner will always have permission, so return // TRUE if the user is the owner. $owner = $this->owningSiteObj->owner; if (strtolower($user) == strtolower($owner)) { return TRUE; } // ------ Verify the permissions String ------ // Verify that the permissions string is well formed. And return // FALSE if it is not. $validGrants = array('add', 'edit', 'delete', 'view', 'discuss'); $validOperators = array('and', 'or', '&&', '||'); $permissionParts = explode(' ', ereg_replace("([()]){1}", "", $perms)); $i = 0; $stringValid = 1; foreach ($permissionParts as $permissionPart) { if (!strlen($permissionPart)) { continue; } // Begining with our first part, every other permission part // should be a grant. if (!($i % 2) && !in_array($permissionPart, $validGrants)) { $stringValid = FALSE; } // Beginning with our second part, every other permissions // part should be an operator if (!(($i + 1) % 2) && !in_array($permissionPart, $validOperators)) { $stringValid = FALSE; } // If we don't have a valid permissions string, return FALSE. if (!$stringValid) { print "ERROR! loop: {$i}: Malformed permissions string: {$perms}<br /><br />"; return FALSE; } $i++; } // convert word operators to symbol operators $perms = str_replace('and', '&&', $perms); $perms = str_replace('or', '||', $perms); // ---- pull from the database/cache --- // Get the permissions from the database $permissions = $this->getPermissions(); // Make sure that we have a lowercase version of each entity foreach ($permissions as $entity => $permission) { $permissions[strtolower($entity)] = $permission; } // --- Build a list of all entities to check for the permissions --- $entitiesToCheck = array(); // Add the user to the array if we have a user. if (strlen($user)) { $entitiesToCheck[] = strtolower($user); } // Determine what additional entities to check. if (!$useronly) { // ----- everyone ------ // Everyone, even not-logged-in users are a part of everyone. $entitiesToCheck[] = "everyone"; // ----- institute ------ // If we are logged-in, but not of type 'visitor', the user // is a member of institute. // Also, if we are previewing the permissions of another user, // and that other user is 'everyone', we don't want to include // institute checks. if ($_loggedin && $_SESSION['atype'] != 'visitor' && $_SESSION['auser'] != 'everyone') { $entitiesToCheck[] = "institute"; } // If the user has a valid campus ip-address, then they are a // member of 'institute'. $ipIsInInstitute = FALSE; $ip = $_SERVER[REMOTE_ADDR]; // check if our IP is in inst_ips if (is_array($cfg[inst_ips])) { foreach ($cfg[inst_ips] as $i) { if (ereg("^{$i}", $ip)) { $ipIsInInstitute = TRUE; } } } // One other case to check is if we are trying to preview a site as it would // be seen by another user. In this case, we don't want to check the IPs // as that would give a false indication of what they could see. if ($ipIsInInstitute && !$_SESSION['__no_inst_ips']) { $entitiesToCheck[] = "institute"; } // ----- classes ------ $classesUserIsIn = $this->returnEditorOverlap($allclasses[$_SESSION['auser']]); $entitiesToCheck = array_merge($classesUserIsIn, $entitiesToCheck, getusergroups($_SESSION['auser'])); } $entitiesToCheck = array_unique($entitiesToCheck); // ------ Evaluation Strings-------- // Create an array of permission checking strings to be evaluated, one per entity. $evalStrings = array(); foreach ($entitiesToCheck as $entity) { $evalString = $perms; foreach ($validGrants as $grant) { $replacement = ' $permissions[\'' . addslashes($entity) . '\'][permissions::' . strtoupper($grant) . '()] '; // check for just the grant in a string $evalString = preg_replace('/^' . $grant . '$/', $replacement, $evalString); // check for the grant at the begining of a string $evalString = preg_replace('/^' . $grant . '\\s/', $replacement, $evalString); // check for the grant in the middle of the string $evalString = preg_replace('/\\s' . $grant . '\\s/', $replacement, $evalString); // check for the grant at the end of the string $evalString = preg_replace('/\\s' . $grant . '$/', $replacement, $evalString); } $evalStrings[] = "(" . $evalString . ")"; } // Debugging line // print "\n<br />Checking hasPermission '$perms' for '$user' ".get_class($this)." ".$this->name." / ".$this->id." - ".$this->getField("title"); // print "\n<br />Permissions = ".printpre($permissions,TRUE); // print "\n<br />entitiesToCheck = ".printpre($entitiesToCheck,TRUE); // ------- Check the permissions ---------- $hasPermission = FALSE; // 'OR' the permissions of each entity together so that if one is valid, // the user has permission. $condition = '$hasPermission = (' . implode(" || ", $evalStrings) . ')?TRUE:FALSE;'; // printOb0("\n<hr/>"); // printOb0(printpre($condition, true)); eval($condition); // printOb0("<br/><br/>HasPermission=".var_dumpPre($hasPermission, true)); // Cache the permissions if ($useronly) { $this->cachedPermissions["onlyuser" . $user . $perms] = $hasPermission; } else { $this->cachedPermissions[$user . $perms] = $hasPermission; } // ------- return our result ----------- return $hasPermission; }
echo "<td class='tbl'>" . $locale['421'] . "</td>\n"; echo "<td class='tbl'><select name='rank_image' class='textbox' style='width:150px;'>\n"; $image_files = makefilelist(IMAGES . "ranks", ".|..|index.php", true); echo makefileopts($image_files, $rank_image) . "</select></td>\n"; echo "</tr>\n<tr>\n"; echo "<td class='tbl'>" . $locale['422'] . "</td>\n"; echo "<td class='tbl'><input type='text' name='rank_posts' value='" . $rank_posts . "' class='textbox' style='width:150px;' /></td>\n"; echo "</tr>\n<tr>\n"; echo "<td class='tbl'>" . $locale['423'] . "</td>\n"; echo "<td class='tbl'><select name='rank_apply' class='textbox' style='width:150px;'>\n"; // Pimped: Special Group Ranks ## $opts = ""; $sel = ""; #$user_groups = getusergroups(0,1,1,1,1,0,1,array('104', $locale['425'])); #what to do with the mods/global mods $user_groups = getusergroups(0, 1, 1, 1, 1, 0, 1); while (list($key, $user_group) = each($user_groups)) { if ($rank_group != "0") { $sel = $rank_group == $user_group['0'] ? " selected='selected'" : ""; } else { $sel = $rank_apply == $user_group['0'] ? " selected='selected'" : ""; } $opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n"; } echo $opts; #echo "<option value='101'".($rank_apply == 101 ? " selected='selected'" : "").">".$locale['424']."</option>\n"; #echo "<option value='104'".($rank_apply == 104 ? " selected='selected'" : "").">".$locale['425']."</option>\n"; #echo "<option value='102'".($rank_apply == 102 ? " selected='selected'" : "").">".$locale['426']."</option>\n"; #echo "<option value='103'".($rank_apply == 103 ? " selected='selected'" : "").">".$locale['427']."</option>\n"; ## echo "</select></td>\n</tr>\n<tr>\n";
} else { if ($fb4['no_avatar']) { echo "<img src='" . IMAGES . "noav.gif' alt='" . $locale['567'] . "' /><br />\n"; } } echo "<a href='" . BASEDIR . "profile.php?lookup=" . $data['user_id'] . "' style='font-size:12px;'>" . showLabel($data['user_id'], false, "post") . "</a><br />"; if ($fb4['user_titles_posts'] && $fb4['user_titles']) { $titleLookup = dbquery("select * from " . $db_prefix . "fb_titles where title_id='" . $data['user_title'] . "' and (" . useraccess("title_access") . ")"); if (dbrows($titleLookup)) { $titleData = dbarray($titleLookup); $title = stripslash($titleData['title_title']); } else { $title = stripslash($data['user_title']); } } else { $title = getusergroups($data['user_id']); } echo "<span class='small'>" . $title . "</span><br />"; renderMods(true, false); echo "<br /><br />"; renderAwards($data['user_id'], "", "<br /><br />"); echo "<!--forum_thread_user_info-->" . $locale['502'] . " <span class='alt'>" . $data['user_posts'] . "</span><br />\n"; echo "" . $locale['504'] . " <span class='alt'>" . showdate("%d.%m.%y", $data['user_joined']) . "</span>\n"; if ($data['user_location']) { echo "<br />" . $locale['fb500'] . ": <span class='alt'>" . stripslash($data['user_location']) . "</span>\n"; } if ($data['user_birthdate'] !== "0000-00-00") { $birthday = explode("-", $data['user_birthdate']); $age = strftime("%Y") - $birthday[0]; if (strftime("%m") < $birthday[1]) { $age--;
} elseif (dbcount("(*)", DB_ADDON_CATS, "addon_cat_name='{$addon_cat_name}' AND addon_cat_type='{$addon_cat_type}'") != 0) { redirect(FUSION_SELF . $aidlink . "&error=2"); } else { $addon_cat_order = dbresult(dbquery("SELECT MAX(addon_cat_order) FROM " . DB_ADDON_CATS . " WHERE addon_cat_type='{$addon_cat_type}'"), 0) + 1; $result = dbquery("INSERT INTO " . DB_ADDON_CATS . " \r\n\t\t\tVALUES('','" . $addon_cat_type . "', '" . $addon_cat_name . "','" . $addon_cat_description . "','" . $addon_cat_access . "','" . $addon_cat_order . "')"); redirect(FUSION_SELF . $aidlink . "&insert=ok"); } } else { $addon_cat_type = ""; $addon_cat_name = ""; $addon_cat_description = ""; $addon_cat_access = ""; opentable($locale['addondb436']); $cat_formaction = FUSION_SELF . $aidlink; } $user_groups = getusergroups(); $access_opts = ""; $sel = ""; while (list($key, $user_group) = each($user_groups)) { $sel = $addon_cat_access == $user_group['0'] ? " selected='selected'" : ""; $access_opts .= "<option value='" . $user_group['0'] . "'{$sel}>" . $user_group['1'] . "</option>\n"; } $addon_type_list = ""; $tsel = ""; foreach ($addon_types as $k => $addon_type) { $tsel = $addon_cat_type == $k ? " selected='selected'" : ""; $addon_type_list .= "<option value='" . $k . "'{$tsel}>" . $addon_type . "</option>\n"; } echo "<form name='add_cat' method='post' action='{$cat_formaction}'>\r\n\t<table align='center' cellpadding='0' cellspacing='0' class='tbl-border'>" . (isset($error) ? "<tr><td class='tbl1 error' align='center' colspan='3'>" . $error . "</td></tr>" : "") . "\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>" . $locale['addondb402'] . "<strong><span style='color:red'>*</span></strong>:</td>\r\n\t\t\t<td class='tbl1'><input type='text' class='textbox' name='addon_cat_name' value='" . $addon_cat_name . "' style='width:250px;'></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap valign='top'>" . $locale['addondb404'] . ":</td>\r\n\t\t\t<td class='tbl1'><textarea class='textbox' name='addon_cat_description' style='width:250px; height:40px;'>" . $addon_cat_description . "</textarea></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>Type</td>\r\n\t\t\t<td class='tbl1'><select class='textbox' name='addon_cat_type' style='width:250px;'>" . $addon_type_list . "</select></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap>" . $locale['addondb405'] . ":</td>\r\n\t\t\t<td class='tbl1'><select class='textbox' name='addon_cat_access' style='width:250px;'>" . $access_opts . "</select></td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t<td class='tbl1' nowrap colspan='2' align='center'>" . $locale['addondb437'] . "</td>\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t\t<td class='tbl1' nowrap colspan='2' align='center'><input type='submit' class='button' name='btn_save' value='" . $locale['addondb438'] . "' />" . (isset($_GET['action']) && $_GET['action'] == "edit" || isset($error) ? " <input type='submit' class='button' name='btn_cancel' value='" . $locale['addondb428'] . "' />" : "") . "</td>\r\n\t\t</tr>\r\n\t</table>\r\n</form>"; closetable(); opentable($locale['addondb401']);
/** * Get Group Array * @return array */ public static function get_LinkVisibility() { static $visibility_opts = array(); $user_groups = getusergroups(); while (list($key, $user_group) = each($user_groups)) { $visibility_opts[$user_group['0']] = $user_group['1']; } return (array) $visibility_opts; }