示例#1
0
function ModifyMembergroup()
{
    global $context, $txt, $modSettings, $smcFunc, $sourcedir;
    if (!isset($_GET['group'])) {
        fatal_lang_error('no_access', false);
    }
    $context['group']['id'] = (int) $_GET['group'];
    // Are they toggling the view?
    if (isset($_GET['view'])) {
        $context['admin_preferences']['pv'] = $_GET['view'] == 'classic' ? 'classic' : 'simple';
        // Update the users preferences.
        require_once $sourcedir . '/Subs-Admin.php';
        updateAdminPreferences();
    }
    $context['view_type'] = !empty($context['admin_preferences']['pv']) && $context['admin_preferences']['pv'] == 'classic' ? 'classic' : 'simple';
    // It's not likely you'd end up here with this setting disabled.
    if ($_GET['group'] == 1) {
        redirectexit('action=admin;area=permissions');
    }
    loadAllPermissions($context['view_type']);
    loadPermissionProfiles();
    if ($context['group']['id'] > 0) {
        $result = $smcFunc['db_query']('', '
			SELECT group_name, id_parent
			FROM {db_prefix}membergroups
			WHERE id_group = {int:current_group}
			LIMIT 1', array('current_group' => $context['group']['id']));
        list($context['group']['name'], $parent) = $smcFunc['db_fetch_row']($result);
        $smcFunc['db_free_result']($result);
        // Cannot edit an inherited group!
        if ($parent != -2) {
            fatal_lang_error('cannot_edit_permissions_inherited');
        }
    } elseif ($context['group']['id'] == -1) {
        $context['group']['name'] = $txt['membergroups_guests'];
    } else {
        $context['group']['name'] = $txt['membergroups_members'];
    }
    $context['profile']['id'] = empty($_GET['pid']) ? 0 : (int) $_GET['pid'];
    // If this is a moderator and they are editing "no profile" then we only do boards.
    if ($context['group']['id'] == 3 && empty($context['profile']['id'])) {
        // For sanity just check they have no general permissions.
        $smcFunc['db_query']('', '
			DELETE FROM {db_prefix}permissions
			WHERE id_group = {int:moderator_group}', array('moderator_group' => 3));
        $context['profile']['id'] = 1;
    }
    $context['permission_type'] = empty($context['profile']['id']) ? 'membergroup' : 'board';
    $context['profile']['can_modify'] = !$context['profile']['id'] || $context['profiles'][$context['profile']['id']]['can_modify'];
    // Set up things a little nicer for board related stuff...
    if ($context['permission_type'] == 'board') {
        $context['profile']['name'] = $context['profiles'][$context['profile']['id']]['name'];
        $context[$context['admin_menu_name']]['current_subsection'] = 'profiles';
    }
    // Fetch the current permissions.
    $permissions = array('membergroup' => array('allowed' => array(), 'denied' => array()), 'board' => array('allowed' => array(), 'denied' => array()));
    // General permissions?
    if ($context['permission_type'] == 'membergroup') {
        $result = $smcFunc['db_query']('', '
			SELECT permission, add_deny
			FROM {db_prefix}permissions
			WHERE id_group = {int:current_group}', array('current_group' => $_GET['group']));
        while ($row = $smcFunc['db_fetch_assoc']($result)) {
            $permissions['membergroup'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['permission'];
        }
        $smcFunc['db_free_result']($result);
    }
    // Fetch current board permissions...
    $result = $smcFunc['db_query']('', '
		SELECT permission, add_deny
		FROM {db_prefix}board_permissions
		WHERE id_group = {int:current_group}
			AND id_profile = {int:current_profile}', array('current_group' => $context['group']['id'], 'current_profile' => $context['permission_type'] == 'membergroup' ? 1 : $context['profile']['id']));
    while ($row = $smcFunc['db_fetch_assoc']($result)) {
        $permissions['board'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['permission'];
    }
    $smcFunc['db_free_result']($result);
    // Loop through each permission and set whether it's checked.
    foreach ($context['permissions'] as $permissionType => $tmp) {
        foreach ($tmp['columns'] as $position => $permissionGroups) {
            foreach ($permissionGroups as $permissionGroup => $permissionArray) {
                foreach ($permissionArray['permissions'] as $perm) {
                    // Create a shortcut for the current permission.
                    $curPerm =& $context['permissions'][$permissionType]['columns'][$position][$permissionGroup]['permissions'][$perm['id']];
                    if ($tmp['view'] == 'classic') {
                        if ($perm['has_own_any']) {
                            $curPerm['any']['select'] = in_array($perm['id'] . '_any', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_any', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                            $curPerm['own']['select'] = in_array($perm['id'] . '_own', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_own', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                        } else {
                            $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
                        }
                    } else {
                        $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
                    }
                }
            }
        }
    }
    $context['sub_template'] = 'modify_group';
    $context['page_title'] = $txt['permissions_modify_group'];
}
示例#2
0
function ModifyMembergroup()
{
    global $db_prefix, $context, $txt, $modSettings;
    // It's not likely you'd end up here with this setting disabled.
    if (empty($modSettings['permission_enable_by_board']) && !empty($_REQUEST['boardid']) || $_GET['group'] == 1) {
        redirectexit('action=permissions');
    }
    $context['group']['id'] = (int) $_GET['group'];
    loadAllPermissions();
    if ($context['group']['id'] > 0) {
        $result = db_query("\n\t\t\tSELECT groupName\n\t\t\tFROM {$db_prefix}membergroups\n\t\t\tWHERE ID_GROUP = {$context['group']['id']}\n\t\t\tLIMIT 1", __FILE__, __LINE__);
        list($context['group']['name']) = mysql_fetch_row($result);
        mysql_free_result($result);
    } elseif ($context['group']['id'] == -1) {
        $context['group']['name'] =& $txt['membergroups_guests'];
    } else {
        $context['group']['name'] =& $txt['membergroups_members'];
    }
    $context['board']['id'] = empty($_GET['boardid']) ? 0 : (int) $_GET['boardid'];
    $context['local'] = !empty($_GET['boardid']);
    if ($context['local']) {
        $request = db_query("\n\t\t\tSELECT name\n\t\t\tFROM {$db_prefix}boards\n\t\t\tWHERE ID_BOARD = {$context['board']['id']}\n\t\t\t\tAND permission_mode = 1", __FILE__, __LINE__);
        // Either the board was not found or the permissions are set to global.
        if (mysql_num_rows($request) == 0) {
            fatal_lang_error('smf232', false);
        }
        list($context['board']['name']) = mysql_fetch_row($request);
        mysql_free_result($request);
    }
    // Fetch the current permissions.
    $permissions = array('membergroup' => array('allowed' => array(), 'denied' => array()), 'board' => array('allowed' => array(), 'denied' => array()));
    if ($context['group']['id'] != 3 && !$context['local']) {
        $result = db_query("\n\t\t\tSELECT permission, addDeny\n\t\t\tFROM {$db_prefix}permissions\n\t\t\tWHERE ID_GROUP = {$_GET['group']}", __FILE__, __LINE__);
        while ($row = mysql_fetch_assoc($result)) {
            $permissions['membergroup'][empty($row['addDeny']) ? 'denied' : 'allowed'][] = $row['permission'];
        }
        mysql_free_result($result);
        $context['permissions']['membergroup']['show'] = true;
    } else {
        $context['permissions']['membergroup']['show'] = false;
    }
    // Fetch current board permissions.
    $result = db_query("\n\t\tSELECT permission, addDeny\n\t\tFROM {$db_prefix}board_permissions\n\t\tWHERE ID_GROUP = {$context['group']['id']}\n\t\t\tAND ID_BOARD = {$context['board']['id']}", __FILE__, __LINE__);
    while ($row = mysql_fetch_assoc($result)) {
        $permissions['board'][empty($row['addDeny']) ? 'denied' : 'allowed'][] = $row['permission'];
    }
    mysql_free_result($result);
    $context['permissions']['board']['show'] = true;
    // Loop through each permission and set whether it's checked.
    foreach ($context['permissions'] as $permissionType => $tmp) {
        foreach ($tmp['columns'] as $position => $permissionGroups) {
            foreach ($permissionGroups as $permissionGroup => $permissionArray) {
                foreach ($permissionArray['permissions'] as $perm) {
                    // Create a shortcut for the current permission.
                    $curPerm =& $context['permissions'][$permissionType]['columns'][$position][$permissionGroup]['permissions'][$perm['id']];
                    if ($perm['has_own_any']) {
                        $curPerm['any']['select'] = in_array($perm['id'] . '_any', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_any', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                        $curPerm['own']['select'] = in_array($perm['id'] . '_own', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_own', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                    } else {
                        $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
                    }
                }
            }
        }
    }
    $context['sub_template'] = 'modify_group';
    $context['page_title'] = $txt['permissions_modify_group'];
}
 /**
  * Initializes the necessary to modify a membergroup's permissions.
  */
 public function action_modify()
 {
     global $context, $txt;
     if (!isset($_GET['group'])) {
         fatal_lang_error('no_access', false);
     }
     require_once SUBSDIR . '/ManagePermissions.subs.php';
     $context['group']['id'] = (int) $_GET['group'];
     // It's not likely you'd end up here with this setting disabled.
     if ($_GET['group'] == 1) {
         redirectexit('action=admin;area=permissions');
     }
     loadAllPermissions();
     loadPermissionProfiles();
     if ($context['group']['id'] > 0) {
         require_once SUBSDIR . '/Membergroups.subs.php';
         $group = membergroupById($context['group']['id'], true);
         $context['group']['name'] = $group['group_name'];
         $parent = $group['id_parent'];
         // Cannot edit an inherited group!
         if ($parent != -2) {
             fatal_lang_error('cannot_edit_permissions_inherited');
         }
     } elseif ($context['group']['id'] == -1) {
         $context['group']['name'] = $txt['membergroups_guests'];
     } else {
         $context['group']['name'] = $txt['membergroups_members'];
     }
     $context['profile']['id'] = empty($_GET['pid']) ? 0 : (int) $_GET['pid'];
     // If this is a moderator and they are editing "no profile" then we only do boards.
     if ($context['group']['id'] == 3 && empty($context['profile']['id'])) {
         // For sanity just check they have no general permissions.
         removeModeratorPermissions();
         $context['profile']['id'] = 1;
     }
     $context['permission_type'] = empty($context['profile']['id']) ? 'membergroup' : 'board';
     $context['profile']['can_modify'] = !$context['profile']['id'] || $context['profiles'][$context['profile']['id']]['can_modify'];
     // Set up things a little nicer for board related stuff...
     if ($context['permission_type'] == 'board') {
         $context['profile']['name'] = $context['profiles'][$context['profile']['id']]['name'];
         $context[$context['admin_menu_name']]['current_subsection'] = 'profiles';
     }
     // Fetch the current permissions.
     $permissions = array('membergroup' => array('allowed' => array(), 'denied' => array()), 'board' => array('allowed' => array(), 'denied' => array()));
     // General permissions?
     if ($context['permission_type'] == 'membergroup') {
         $permissions['membergroup'] = fetchPermissions($_GET['group']);
     }
     // Fetch current board permissions...
     $permissions['board'] = fetchBoardPermissions($context['group']['id'], $context['permission_type'], $context['profile']['id']);
     // Loop through each permission and set whether it's checked.
     foreach ($context['permissions'] as $permissionType => $tmp) {
         foreach ($tmp['columns'] as $position => $permissionGroups) {
             foreach ($permissionGroups as $permissionGroup => $permissionArray) {
                 foreach ($permissionArray['permissions'] as $perm) {
                     // Create a shortcut for the current permission.
                     $curPerm =& $context['permissions'][$permissionType]['columns'][$position][$permissionGroup]['permissions'][$perm['id']];
                     if ($perm['has_own_any']) {
                         $curPerm['any']['select'] = in_array($perm['id'] . '_any', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_any', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                         $curPerm['own']['select'] = in_array($perm['id'] . '_own', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_own', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
                     } else {
                         $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
                     }
                 }
             }
         }
     }
     $context['sub_template'] = 'modify_group';
     $context['page_title'] = $txt['permissions_modify_group'];
     createToken('admin-mp');
 }