phpBB
Statistics
| Revision:

root / branches / phpBB-3_0_0 / phpBB / includes / acp / acp_permissions.php

History | View | Annotate | Download (38.7 kB)

1
<?php
2
/**
3
*
4
* @package acp
5
* @version $Id: acp_permissions.php 10017 2009-08-18 14:37:49Z bantu $
6
* @copyright (c) 2005 phpBB Group
7
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8
*
9
*/
10




11
/**





12
* @ignore





13
*/





14
if (!defined('IN_PHPBB'))





15
{





16
        exit;





17
}





18




19
/**





20
* @package acp





21
*/





22
class acp_permissions





23
{





24
        var $u_action;





25
        var $permission_dropdown;





26




27
        function main($id, $mode)





28
        {





29
                global $db, $user, $auth, $template, $cache;





30
                global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;





31




32
                include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);





33
                include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);





34




35
                $auth_admin = new auth_admin();





36




37
                $user->add_lang('acp/permissions');





38
                add_permission_language();





39




40
                $this->tpl_name = 'acp_permissions';





41




42
                // Trace has other vars





43
                if ($mode == 'trace')





44
                {





45
                        $user_id = request_var('u', 0);





46
                        $forum_id = request_var('f', 0);





47
                        $permission = request_var('auth', '');





48




49
                        $this->tpl_name = 'permission_trace';





50




51
                        if ($user_id && isset($auth_admin->acl_options['id'][$permission]) && $auth->acl_get('a_viewauth'))





52
                        {





53
                                $this->page_title = sprintf($user->lang['TRACE_PERMISSION'], $user->lang['acl_' . $permission]['lang']);





54
                                $this->permission_trace($user_id, $forum_id, $permission);





55
                                return;





56
                        }





57
                        trigger_error('NO_MODE', E_USER_ERROR);





58
                }





59




60
                // Copy forum permissions





61
                if ($mode == 'setting_forum_copy')





62
                {





63
                        $this->tpl_name = 'permission_forum_copy';





64




65
                        if ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))





66
                        {





67
                                $this->page_title = 'ACP_FORUM_PERMISSIONS_COPY';





68
                                $this->copy_forum_permissions();





69
                                return;





70
                        }





71




72
                        trigger_error('NO_MODE', E_USER_ERROR);





73
                }





74




75
                // Set some vars





76
                $action = request_var('action', array('' => 0));





77
                $action = key($action);





78
                $action = (isset($_POST['psubmit'])) ? 'apply_permissions' : $action;





79




80
                $all_forums = request_var('all_forums', 0);





81
                $subforum_id = request_var('subforum_id', 0);





82
                $forum_id = request_var('forum_id', array(0));





83




84
                $username = request_var('username', array(''), true);





85
                $usernames = request_var('usernames', '', true);





86
                $user_id = request_var('user_id', array(0));





87




88
                $group_id = request_var('group_id', array(0));





89
                $select_all_groups = request_var('select_all_groups', 0);





90




91
                $form_name = 'acp_permissions';





92
                add_form_key($form_name);





93




94
                // If select all groups is set, we pre-build the group id array (this option is used for other screens to link to the permission settings screen)





95
                if ($select_all_groups)





96
                {





97
                        // Add default groups to selection





98
                        $sql_and = (!$config['coppa_enable']) ? " AND group_name <> 'REGISTERED_COPPA'" : '';





99




100
                        $sql = 'SELECT group_id





101
                                FROM ' . GROUPS_TABLE . '





102
                                WHERE group_type = ' . GROUP_SPECIAL . "





103
                                $sql_and";





104
                        $result = $db->sql_query($sql);





105




106
                        while ($row = $db->sql_fetchrow($result))





107
                        {





108
                                $group_id[] = $row['group_id'];





109
                        }





110
                        $db->sql_freeresult($result);





111
                }





112




113
                // Map usernames to ids and vice versa





114
                if ($usernames)





115
                {





116
                        $username = explode("\n", $usernames);





117
                }





118
                unset($usernames);





119




120
                if (sizeof($username) && !sizeof($user_id))





121
                {





122
                        user_get_id_name($user_id, $username);





123




124
                        if (!sizeof($user_id))





125
                        {





126
                                trigger_error($user->lang['SELECTED_USER_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);





127
                        }





128
                }





129
                unset($username);





130




131
                // Build forum ids (of all forums are checked or subforum listing used)





132
                if ($all_forums)





133
                {





134
                        $sql = 'SELECT forum_id





135
                                FROM ' . FORUMS_TABLE . '





136
                                ORDER BY left_id';





137
                        $result = $db->sql_query($sql);





138




139
                        $forum_id = array();





140
                        while ($row = $db->sql_fetchrow($result))





141
                        {





142
                                $forum_id[] = (int) $row['forum_id'];





143
                        }





144
                        $db->sql_freeresult($result);





145
                }





146
                else if ($subforum_id)





147
                {





148
                        $forum_id = array();





149
                        foreach (get_forum_branch($subforum_id, 'children') as $row)





150
                        {





151
                                $forum_id[] = (int) $row['forum_id'];





152
                        }





153
                }





154




155
                // Define some common variables for every mode





156
                $error = array();





157




158
                $permission_scope = (strpos($mode, '_global') !== false) ? 'global' : 'local';





159




160
                // Showing introductionary page?





161
                if ($mode == 'intro')





162
                {





163
                        $this->page_title = 'ACP_PERMISSIONS';





164




165
                        $template->assign_vars(array(





166
                                'S_INTRO'                => true)





167
                        );





168




169
                        return;





170
                }





171




172
                switch ($mode)





173
                {





174
                        case 'setting_user_global':





175
                        case 'setting_group_global':





176
                                $this->permission_dropdown = array('u_', 'm_', 'a_');





177
                                $permission_victim = ($mode == 'setting_user_global') ? array('user') : array('group');





178
                                $this->page_title = ($mode == 'setting_user_global') ? 'ACP_USERS_PERMISSIONS' : 'ACP_GROUPS_PERMISSIONS';





179
                        break;





180




181
                        case 'setting_user_local':





182
                        case 'setting_group_local':





183
                                $this->permission_dropdown = array('f_', 'm_');





184
                                $permission_victim = ($mode == 'setting_user_local') ? array('user', 'forums') : array('group', 'forums');





185
                                $this->page_title = ($mode == 'setting_user_local') ? 'ACP_USERS_FORUM_PERMISSIONS' : 'ACP_GROUPS_FORUM_PERMISSIONS';





186
                        break;





187




188
                        case 'setting_admin_global':





189
                        case 'setting_mod_global':





190
                                $this->permission_dropdown = (strpos($mode, '_admin_') !== false) ? array('a_') : array('m_');





191
                                $permission_victim = array('usergroup');





192
                                $this->page_title = ($mode == 'setting_admin_global') ? 'ACP_ADMINISTRATORS' : 'ACP_GLOBAL_MODERATORS';





193
                        break;





194




195
                        case 'setting_mod_local':





196
                        case 'setting_forum_local':





197
                                $this->permission_dropdown = ($mode == 'setting_mod_local') ? array('m_') : array('f_');





198
                                $permission_victim = array('forums', 'usergroup');





199
                                $this->page_title = ($mode == 'setting_mod_local') ? 'ACP_FORUM_MODERATORS' : 'ACP_FORUM_PERMISSIONS';





200
                        break;





201




202
                        case 'view_admin_global':





203
                        case 'view_user_global':





204
                        case 'view_mod_global':





205
                                $this->permission_dropdown = ($mode == 'view_admin_global') ? array('a_') : (($mode == 'view_user_global') ? array('u_') : array('m_'));





206
                                $permission_victim = array('usergroup_view');





207
                                $this->page_title = ($mode == 'view_admin_global') ? 'ACP_VIEW_ADMIN_PERMISSIONS' : (($mode == 'view_user_global') ? 'ACP_VIEW_USER_PERMISSIONS' : 'ACP_VIEW_GLOBAL_MOD_PERMISSIONS');





208
                        break;





209




210
                        case 'view_mod_local':





211
                        case 'view_forum_local':





212
                                $this->permission_dropdown = ($mode == 'view_mod_local') ? array('m_') : array('f_');





213
                                $permission_victim = array('forums', 'usergroup_view');





214
                                $this->page_title = ($mode == 'view_mod_local') ? 'ACP_VIEW_FORUM_MOD_PERMISSIONS' : 'ACP_VIEW_FORUM_PERMISSIONS';





215
                        break;





216




217
                        default:





218
                                trigger_error('NO_MODE', E_USER_ERROR);





219
                        break;





220
                }





221




222
                $template->assign_vars(array(





223
                        'L_TITLE'                => $user->lang[$this->page_title],





224
                        'L_EXPLAIN'                => $user->lang[$this->page_title . '_EXPLAIN'])





225
                );





226




227
                // Get permission type





228
                $permission_type = request_var('type', $this->permission_dropdown[0]);





229




230
                if (!in_array($permission_type, $this->permission_dropdown))





231
                {





232
                        trigger_error($user->lang['WRONG_PERMISSION_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);





233
                }





234




235
                // Handle actions





236
                if (strpos($mode, 'setting_') === 0 && $action)





237
                {





238
                        switch ($action)





239
                        {





240
                                case 'delete':





241
                                        if (confirm_box(true))





242
                                        {





243
                                                // All users/groups selected?





244
                                                $all_users = (isset($_POST['all_users'])) ? true : false;





245
                                                $all_groups = (isset($_POST['all_groups'])) ? true : false;





246




247
                                                if ($all_users || $all_groups)





248
                                                {





249
                                                        $items = $this->retrieve_defined_user_groups($permission_scope, $forum_id, $permission_type);





250




251
                                                        if ($all_users && sizeof($items['user_ids']))





252
                                                        {





253
                                                                $user_id = $items['user_ids'];





254
                                                        }





255
                                                        else if ($all_groups && sizeof($items['group_ids']))





256
                                                        {





257
                                                                $group_id = $items['group_ids'];





258
                                                        }





259
                                                }





260




261
                                                if (sizeof($user_id) || sizeof($group_id))





262
                                                {





263
                                                        $this->remove_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id, $forum_id);





264
                                                }





265
                                                else





266
                                                {





267
                                                        trigger_error($user->lang['NO_USER_GROUP_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);





268
                                                }





269
                                        }





270
                                        else





271
                                        {





272
                                                if (isset($_POST['cancel']))





273
                                                {





274
                                                        $u_redirect = $this->u_action . '&amp;type=' . $permission_type;





275
                                                        foreach ($forum_id as $fid)





276
                                                        {





277
                                                                $u_redirect .= '&amp;forum_id[]=' . $fid;





278
                                                        }





279
                                                        redirect($u_redirect);





280
                                                }





281




282
                                                $s_hidden_fields = array(





283
                                                        'i'                                => $id,





284
                                                        'mode'                        => $mode,





285
                                                        'action'                => array($action => 1),





286
                                                        'user_id'                => $user_id,





287
                                                        'group_id'                => $group_id,





288
                                                        'forum_id'                => $forum_id,





289
                                                        'type'                        => $permission_type,





290
                                                );





291
                                                if (isset($_POST['all_users']))





292
                                                {





293
                                                        $s_hidden_fields['all_users'] = 1;





294
                                                }





295
                                                if (isset($_POST['all_groups']))





296
                                                {





297
                                                        $s_hidden_fields['all_groups'] = 1;





298
                                                }





299
                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));





300
                                        }





301
                                break;





302




303
                                case 'apply_permissions':





304
                                        if (!isset($_POST['setting']))





305
                                        {





306
                                                trigger_error($user->lang['NO_AUTH_SETTING_FOUND'] . adm_back_link($this->u_action), E_USER_WARNING);





307
                                        }





308
                                        if (!check_form_key($form_name))





309
                                        {





310
                                                trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);





311
                                        }





312




313
                                        $this->set_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id);





314
                                break;





315




316
                                case 'apply_all_permissions':





317
                                        if (!isset($_POST['setting']))





318
                                        {





319
                                                trigger_error($user->lang['NO_AUTH_SETTING_FOUND'] . adm_back_link($this->u_action), E_USER_WARNING);





320
                                        }





321
                                        if (!check_form_key($form_name))





322
                                        {





323
                                                trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);





324
                                        }





325




326
                                        $this->set_all_permissions($mode, $permission_type, $auth_admin, $user_id, $group_id);





327
                                break;





328
                        }





329
                }





330




331




332
                // Setting permissions screen





333
                $s_hidden_fields = build_hidden_fields(array(





334
                        'user_id'                => $user_id,





335
                        'group_id'                => $group_id,





336
                        'forum_id'                => $forum_id,





337
                        'type'                        => $permission_type)





338
                );





339




340
                // Go through the screens/options needed and present them in correct order





341
                foreach ($permission_victim as $victim)





342
                {





343
                        switch ($victim)





344
                        {





345
                                case 'forum_dropdown':





346




347
                                        if (sizeof($forum_id))





348
                                        {





349
                                                $this->check_existence('forum', $forum_id);





350
                                                continue 2;





351
                                        }





352




353
                                        $template->assign_vars(array(





354
                                                'S_SELECT_FORUM'                => true,





355
                                                'S_FORUM_OPTIONS'                => make_forum_select(false, false, true, false, false))





356
                                        );





357




358
                                break;





359




360
                                case 'forums':





361




362
                                        if (sizeof($forum_id))





363
                                        {





364
                                                $this->check_existence('forum', $forum_id);





365
                                                continue 2;





366
                                        }





367




368
                                        $forum_list = make_forum_select(false, false, true, false, false, false, true);





369




370
                                        // Build forum options





371
                                        $s_forum_options = '';





372
                                        foreach ($forum_list as $f_id => $f_row)





373
                                        {





374
                                                $s_forum_options .= '<option value="' . $f_id . '"' . (($f_row['selected']) ? ' selected="selected"' : '') . (($f_row['disabled']) ? ' disabled="disabled" class="disabled-option"' : '') . '>' . $f_row['padding'] . $f_row['forum_name'] . '</option>';





375
                                        }





376




377
                                        // Build subforum options





378
                                        $s_subforum_options = $this->build_subforum_options($forum_list);





379




380
                                        $template->assign_vars(array(





381
                                                'S_SELECT_FORUM'                => true,





382
                                                'S_FORUM_OPTIONS'                => $s_forum_options,





383
                                                'S_SUBFORUM_OPTIONS'        => $s_subforum_options,





384
                                                'S_FORUM_ALL'                        => true,





385
                                                'S_FORUM_MULTIPLE'                => true)





386
                                        );





387




388
                                break;





389




390
                                case 'user':





391




392
                                        if (sizeof($user_id))





393
                                        {





394
                                                $this->check_existence('user', $user_id);





395
                                                continue 2;





396
                                        }





397




398
                                        $template->assign_vars(array(





399
                                                'S_SELECT_USER'                        => true,





400
                                                'U_FIND_USERNAME'                => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=select_victim&amp;field=username&amp;select_single=true'),





401
                                        ));





402




403
                                break;





404




405
                                case 'group':





406




407
                                        if (sizeof($group_id))





408
                                        {





409
                                                $this->check_existence('group', $group_id);





410
                                                continue 2;





411
                                        }





412




413
                                        $template->assign_vars(array(





414
                                                'S_SELECT_GROUP'                => true,





415
                                                'S_GROUP_OPTIONS'                => group_select_options(false, false, false), // Show all groups





416
                                        ));





417




418
                                break;





419




420
                                case 'usergroup':





421
                                case 'usergroup_view':





422




423
                                        $all_users = (isset($_POST['all_users'])) ? true : false;





424
                                        $all_groups = (isset($_POST['all_groups'])) ? true : false;





425




426
                                        if ((sizeof($user_id) && !$all_users) || (sizeof($group_id) && !$all_groups))





427
                                        {





428
                                                if (sizeof($user_id))





429
                                                {





430
                                                        $this->check_existence('user', $user_id);





431
                                                }





432




433
                                                if (sizeof($group_id))





434
                                                {





435
                                                        $this->check_existence('group', $group_id);





436
                                                }





437




438
                                                continue 2;





439
                                        }





440




441
                                        // Now we check the users... because the "all"-selection is different here (all defined users/groups)





442
                                        $items = $this->retrieve_defined_user_groups($permission_scope, $forum_id, $permission_type);





443




444
                                        if ($all_users && sizeof($items['user_ids']))





445
                                        {





446
                                                $user_id = $items['user_ids'];





447
                                                continue 2;





448
                                        }





449




450
                                        if ($all_groups && sizeof($items['group_ids']))





451
                                        {





452
                                                $group_id = $items['group_ids'];





453
                                                continue 2;





454
                                        }





455




456
                                        $template->assign_vars(array(





457
                                                'S_SELECT_USERGROUP'                => ($victim == 'usergroup') ? true : false,





458
                                                'S_SELECT_USERGROUP_VIEW'        => ($victim == 'usergroup_view') ? true : false,





459
                                                'S_DEFINED_USER_OPTIONS'        => $items['user_ids_options'],





460
                                                'S_DEFINED_GROUP_OPTIONS'        => $items['group_ids_options'],





461
                                                'S_ADD_GROUP_OPTIONS'                => group_select_options(false, $items['group_ids'], false),        // Show all groups





462
                                                'U_FIND_USERNAME'                        => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=add_user&amp;field=username&amp;select_single=true'),





463
                                        ));





464




465
                                break;





466
                        }





467




468
                        // The S_ALLOW_SELECT parameter below is a measure to lower memory usage.





469
                        // If there are more than 5 forums selected the admin is not able to select all users/groups too.





470
                        // We need to see if the number of forums can be increased or need to be decreased.





471




472
                        $template->assign_vars(array(





473
                                'U_ACTION'                                => $this->u_action,





474
                                'ANONYMOUS_USER_ID'                => ANONYMOUS,





475




476
                                'S_SELECT_VICTIM'                => true,





477
                                'S_ALLOW_ALL_SELECT'        => (sizeof($forum_id) > 5) ? false : true,





478
                                'S_CAN_SELECT_USER'                => ($auth->acl_get('a_authusers')) ? true : false,





479
                                'S_CAN_SELECT_GROUP'        => ($auth->acl_get('a_authgroups')) ? true : false,





480
                                'S_HIDDEN_FIELDS'                => $s_hidden_fields)





481
                        );





482




483
                        // Let the forum names being displayed





484
                        if (sizeof($forum_id))





485
                        {





486
                                $sql = 'SELECT forum_name





487
                                        FROM ' . FORUMS_TABLE . '





488
                                        WHERE ' . $db->sql_in_set('forum_id', $forum_id) . '





489
                                        ORDER BY left_id ASC';





490
                                $result = $db->sql_query($sql);





491




492
                                $forum_names = array();





493
                                while ($row = $db->sql_fetchrow($result))





494
                                {





495
                                        $forum_names[] = $row['forum_name'];





496
                                }





497
                                $db->sql_freeresult($result);





498




499
                                $template->assign_vars(array(





500
                                        'S_FORUM_NAMES'                => (sizeof($forum_names)) ? true : false,





501
                                        'FORUM_NAMES'                => implode(', ', $forum_names))





502
                                );





503
                        }





504




505
                        return;





506
                }





507




508
                // Do not allow forum_ids being set and no other setting defined (will bog down the server too much)





509
                if (sizeof($forum_id) && !sizeof($user_id) && !sizeof($group_id))





510
                {





511
                        trigger_error($user->lang['ONLY_FORUM_DEFINED'] . adm_back_link($this->u_action), E_USER_WARNING);





512
                }





513




514
                $template->assign_vars(array(





515
                        'S_PERMISSION_DROPDOWN'                => (sizeof($this->permission_dropdown) > 1) ? $this->build_permission_dropdown($this->permission_dropdown, $permission_type, $permission_scope) : false,





516
                        'L_PERMISSION_TYPE'                        => $user->lang['ACL_TYPE_' . strtoupper($permission_type)],





517




518
                        'U_ACTION'                                        => $this->u_action,





519
                        'S_HIDDEN_FIELDS'                        => $s_hidden_fields)





520
                );





521




522
                if (strpos($mode, 'setting_') === 0)





523
                {





524
                        $template->assign_vars(array(





525
                                'S_SETTING_PERMISSIONS'                => true)





526
                        );





527




528
                        $hold_ary = $auth_admin->get_mask('set', (sizeof($user_id)) ? $user_id : false, (sizeof($group_id)) ? $group_id : false, (sizeof($forum_id)) ? $forum_id : false, $permission_type, $permission_scope, ACL_NO);





529
                        $auth_admin->display_mask('set', $permission_type, $hold_ary, ((sizeof($user_id)) ? 'user' : 'group'), (($permission_scope == 'local') ? true : false));





530
                }





531
                else





532
                {





533
                        $template->assign_vars(array(





534
                                'S_VIEWING_PERMISSIONS'                => true)





535
                        );





536




537
                        $hold_ary = $auth_admin->get_mask('view', (sizeof($user_id)) ? $user_id : false, (sizeof($group_id)) ? $group_id : false, (sizeof($forum_id)) ? $forum_id : false, $permission_type, $permission_scope, ACL_NEVER);





538
                        $auth_admin->display_mask('view', $permission_type, $hold_ary, ((sizeof($user_id)) ? 'user' : 'group'), (($permission_scope == 'local') ? true : false));





539
                }





540
        }





541




542
        /**





543
        * Build +subforum options





544
        */





545
        function build_subforum_options($forum_list)





546
        {





547
                global $user;





548




549
                $s_options = '';





550




551
                $forum_list = array_merge($forum_list);





552




553
                foreach ($forum_list as $key => $row)





554
                {





555
                        if ($row['disabled'])





556
                        {





557
                                continue;





558
                        }





559




560
                        $s_options .= '<option value="' . $row['forum_id'] . '"' . (($row['selected']) ? ' selected="selected"' : '') . '>' . $row['padding'] . $row['forum_name'];





561




562
                        // We check if a branch is there...





563
                        $branch_there = false;





564




565
                        foreach (array_slice($forum_list, $key + 1) as $temp_row)





566
                        {





567
                                if ($temp_row['left_id'] > $row['left_id'] && $temp_row['left_id'] < $row['right_id'])





568
                                {





569
                                        $branch_there = true;





570
                                        break;





571
                                }





572
                                continue;





573
                        }





574




575
                        if ($branch_there)





576
                        {





577
                                $s_options .= ' [' . $user->lang['PLUS_SUBFORUMS'] . ']';





578
                        }





579




580
                        $s_options .= '</option>';





581
                }





582




583
                return $s_options;





584
        }





585




586
        /**





587
        * Build dropdown field for changing permission types





588
        */





589
        function build_permission_dropdown($options, $default_option, $permission_scope)





590
        {





591
                global $user, $auth;





592




593
                $s_dropdown_options = '';





594
                foreach ($options as $setting)





595
                {





596
                        if (!$auth->acl_get('a_' . str_replace('_', '', $setting) . 'auth'))





597
                        {





598
                                continue;





599
                        }





600




601
                        $selected = ($setting == $default_option) ? ' selected="selected"' : '';





602
                        $l_setting = (isset($user->lang['permission_type'][$permission_scope][$setting])) ? $user->lang['permission_type'][$permission_scope][$setting] : $user->lang['permission_type'][$setting];





603
                        $s_dropdown_options .= '<option value="' . $setting . '"' . $selected . '>' . $l_setting . '</option>';





604
                }





605




606
                return $s_dropdown_options;





607
        }





608




609
        /**





610
        * Check if selected items exist. Remove not found ids and if empty return error.





611
        */





612
        function check_existence($mode, &$ids)





613
        {





614
                global $db, $user;





615




616
                switch ($mode)





617
                {





618
                        case 'user':





619
                                $table = USERS_TABLE;





620
                                $sql_id = 'user_id';





621
                        break;





622




623
                        case 'group':





624
                                $table = GROUPS_TABLE;





625
                                $sql_id = 'group_id';





626
                        break;





627




628
                        case 'forum':





629
                                $table = FORUMS_TABLE;





630
                                $sql_id = 'forum_id';





631
                        break;





632
                }





633




634
                if (sizeof($ids))





635
                {





636
                        $sql = "SELECT $sql_id





637
                                FROM $table





638
                                WHERE " . $db->sql_in_set($sql_id, $ids);





639
                        $result = $db->sql_query($sql);





640




641
                        $ids = array();





642
                        while ($row = $db->sql_fetchrow($result))





643
                        {





644
                                $ids[] = (int) $row[$sql_id];





645
                        }





646
                        $db->sql_freeresult($result);





647
                }





648




649
                if (!sizeof($ids))





650
                {





651
                        trigger_error($user->lang['SELECTED_' . strtoupper($mode) . '_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);





652
                }





653
        }





654




655
        /**





656
        * Apply permissions





657
        */





658
        function set_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id)





659
        {





660
                global $user, $auth;





661




662
                $psubmit = request_var('psubmit', array(0 => array(0 => 0)));





663




664
                // User or group to be set?





665
                $ug_type = (sizeof($user_id)) ? 'user' : 'group';





666




667
                // Check the permission setting again





668
                if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's'))





669
                {





670
                        trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);





671
                }





672




673
                $ug_id = $forum_id = 0;





674




675
                // We loop through the auth settings defined in our submit





676
                list($ug_id, ) = each($psubmit);





677
                list($forum_id, ) = each($psubmit[$ug_id]);





678




679
                if (empty($_POST['setting']) || empty($_POST['setting'][$ug_id]) || empty($_POST['setting'][$ug_id][$forum_id]) || !is_array($_POST['setting'][$ug_id][$forum_id]))





680
                {





681
                        trigger_error('WRONG_PERMISSION_SETTING_FORMAT', E_USER_WARNING);





682
                }





683




684
                // We obtain and check $_POST['setting'][$ug_id][$forum_id] directly and not using request_var() because request_var()





685
                // currently does not support the amount of dimensions required. ;)





686
                //                $auth_settings = request_var('setting', array(0 => array(0 => array('' => 0))));





687
                $auth_settings = array_map('intval', $_POST['setting'][$ug_id][$forum_id]);





688




689
                // Do we have a role we want to set?





690
                $assigned_role = (isset($_POST['role'][$ug_id][$forum_id])) ? (int) $_POST['role'][$ug_id][$forum_id] : 0;





691




692
                // Do the admin want to set these permissions to other items too?





693
                $inherit = request_var('inherit', array(0 => array(0)));





694




695
                $ug_id = array($ug_id);





696
                $forum_id = array($forum_id);





697




698
                if (sizeof($inherit))





699
                {





700
                        foreach ($inherit as $_ug_id => $forum_id_ary)





701
                        {





702
                                // Inherit users/groups?





703
                                if (!in_array($_ug_id, $ug_id))





704
                                {





705
                                        $ug_id[] = $_ug_id;





706
                                }





707




708
                                // Inherit forums?





709
                                $forum_id = array_merge($forum_id, array_keys($forum_id_ary));





710
                        }





711
                }





712




713
                $forum_id = array_unique($forum_id);





714




715
                // If the auth settings differ from the assigned role, then do not set a role...





716
                if ($assigned_role)





717
                {





718
                        if (!$this->check_assigned_role($assigned_role, $auth_settings))





719
                        {





720
                                $assigned_role = 0;





721
                        }





722
                }





723




724
                // Update the permission set...





725
                $auth_admin->acl_set($ug_type, $forum_id, $ug_id, $auth_settings, $assigned_role);





726




727
                // Do we need to recache the moderator lists?





728
                if ($permission_type == 'm_')





729
                {





730
                        cache_moderators();





731
                }





732




733
                // Remove users who are now moderators or admins from everyones foes list





734
                if ($permission_type == 'm_' || $permission_type == 'a_')





735
                {





736
                        update_foes($group_id, $user_id);





737
                }





738




739
                $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_id, $forum_id);





740




741
                trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));





742
        }





743




744
        /**





745
        * Apply all permissions





746
        */





747
        function set_all_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id)





748
        {





749
                global $user, $auth;





750




751
                // User or group to be set?





752
                $ug_type = (sizeof($user_id)) ? 'user' : 'group';





753




754
                // Check the permission setting again





755
                if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's'))





756
                {





757
                        trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);





758
                }





759




760
                $auth_settings = (isset($_POST['setting'])) ? $_POST['setting'] : array();





761
                $auth_roles = (isset($_POST['role'])) ? $_POST['role'] : array();





762
                $ug_ids = $forum_ids = array();





763




764
                // We need to go through the auth settings





765
                foreach ($auth_settings as $ug_id => $forum_auth_row)





766
                {





767
                        $ug_id = (int) $ug_id;





768
                        $ug_ids[] = $ug_id;





769




770
                        foreach ($forum_auth_row as $forum_id => $auth_options)





771
                        {





772
                                $forum_id = (int) $forum_id;





773
                                $forum_ids[] = $forum_id;





774




775
                                // Check role...





776
                                $assigned_role = (isset($auth_roles[$ug_id][$forum_id])) ? (int) $auth_roles[$ug_id][$forum_id] : 0;





777




778
                                // If the auth settings differ from the assigned role, then do not set a role...





779
                                if ($assigned_role)





780
                                {





781
                                        if (!$this->check_assigned_role($assigned_role, $auth_options))





782
                                        {





783
                                                $assigned_role = 0;





784
                                        }





785
                                }





786




787
                                // Update the permission set...





788
                                $auth_admin->acl_set($ug_type, $forum_id, $ug_id, $auth_options, $assigned_role, false);





789
                        }





790
                }





791




792
                $auth_admin->acl_clear_prefetch();





793




794
                // Do we need to recache the moderator lists?





795
                if ($permission_type == 'm_')





796
                {





797
                        cache_moderators();





798
                }





799




800
                // Remove users who are now moderators or admins from everyones foes list





801
                if ($permission_type == 'm_' || $permission_type == 'a_')





802
                {





803
                        update_foes($group_id, $user_id);





804
                }





805




806
                $this->log_action($mode, 'add', $permission_type, $ug_type, $ug_ids, $forum_ids);





807




808
                if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local')





809
                {





810
                        trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_ids)));





811
                }





812
                else





813
                {





814
                        trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));





815
                }





816
        }





817




818
        /**





819
        * Compare auth settings with auth settings from role





820
        * returns false if they differ, true if they are equal





821
        */





822
        function check_assigned_role($role_id, &$auth_settings)





823
        {





824
                global $db;





825




826
                $sql = 'SELECT o.auth_option, r.auth_setting





827
                        FROM ' . ACL_OPTIONS_TABLE . ' o, ' . ACL_ROLES_DATA_TABLE . ' r





828
                        WHERE o.auth_option_id = r.auth_option_id





829
                                AND r.role_id = ' . $role_id;





830
                $result = $db->sql_query($sql);





831




832
                $test_auth_settings = array();





833
                while ($row = $db->sql_fetchrow($result))





834
                {





835
                        $test_auth_settings[$row['auth_option']] = $row['auth_setting'];





836
                }





837
                $db->sql_freeresult($result);





838




839
                // We need to add any ACL_NO setting from auth_settings to compare correctly





840
                foreach ($auth_settings as $option => $setting)





841
                {





842
                        if ($setting == ACL_NO)





843
                        {





844
                                $test_auth_settings[$option] = $setting;





845
                        }





846
                }





847




848
                if (sizeof(array_diff_assoc($auth_settings, $test_auth_settings)))





849
                {





850
                        return false;





851
                }





852




853
                return true;





854
        }





855




856
        /**





857
        * Remove permissions





858
        */





859
        function remove_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id, &$forum_id)





860
        {





861
                global $user, $db, $auth;





862




863
                // User or group to be set?





864
                $ug_type = (sizeof($user_id)) ? 'user' : 'group';





865




866
                // Check the permission setting again





867
                if (!$auth->acl_get('a_' . str_replace('_', '', $permission_type) . 'auth') || !$auth->acl_get('a_auth' . $ug_type . 's'))





868
                {





869
                        trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);





870
                }





871




872
                $auth_admin->acl_delete($ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : false), $permission_type);





873




874
                // Do we need to recache the moderator lists?





875
                if ($permission_type == 'm_')





876
                {





877
                        cache_moderators();





878
                }





879




880
                $this->log_action($mode, 'del', $permission_type, $ug_type, (($ug_type == 'user') ? $user_id : $group_id), (sizeof($forum_id) ? $forum_id : array(0 => 0)));





881




882
                if ($mode == 'setting_forum_local' || $mode == 'setting_mod_local')





883
                {





884
                        trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action . '&amp;forum_id[]=' . implode('&amp;forum_id[]=', $forum_id)));





885
                }





886
                else





887
                {





888
                        trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));





889
                }





890
        }





891




892
        /**





893
        * Log permission changes





894
        */





895
        function log_action($mode, $action, $permission_type, $ug_type, $ug_id, $forum_id)





896
        {





897
                global $db, $user;





898




899
                if (!is_array($ug_id))





900
                {





901
                        $ug_id = array($ug_id);





902
                }





903




904
                if (!is_array($forum_id))





905
                {





906
                        $forum_id = array($forum_id);





907
                }





908




909
                // Logging ... first grab user or groupnames ...





910
                $sql = ($ug_type == 'group') ? 'SELECT group_name as name, group_type FROM ' . GROUPS_TABLE . ' WHERE ' : 'SELECT username as name FROM ' . USERS_TABLE . ' WHERE ';





911
                $sql .= $db->sql_in_set(($ug_type == 'group') ? 'group_id' : 'user_id', array_map('intval', $ug_id));





912
                $result = $db->sql_query($sql);





913




914
                $l_ug_list = '';





915
                while ($row = $db->sql_fetchrow($result))





916
                {





917
                        $l_ug_list .= (($l_ug_list != '') ? ', ' : '') . ((isset($row['group_type']) && $row['group_type'] == GROUP_SPECIAL) ? '<span class="sep">' . $user->lang['G_' . $row['name']] . '</span>' : $row['name']);





918
                }





919
                $db->sql_freeresult($result);





920




921
                $mode = str_replace('setting_', '', $mode);





922




923
                if ($forum_id[0] == 0)





924
                {





925
                        add_log('admin', 'LOG_ACL_' . strtoupper($action) . '_' . strtoupper($mode) . '_' . strtoupper($permission_type), $l_ug_list);





926
                }





927
                else





928
                {





929
                        // Grab the forum details if non-zero forum_id





930
                        $sql = 'SELECT forum_name





931
                                FROM ' . FORUMS_TABLE . '





932
                                WHERE ' . $db->sql_in_set('forum_id', $forum_id);





933
                        $result = $db->sql_query($sql);





934




935
                        $l_forum_list = '';





936
                        while ($row = $db->sql_fetchrow($result))





937
                        {





938
                                $l_forum_list .= (($l_forum_list != '') ? ', ' : '') . $row['forum_name'];





939
                        }





940
                        $db->sql_freeresult($result);





941




942
                        add_log('admin', 'LOG_ACL_' . strtoupper($action) . '_' . strtoupper($mode) . '_' . strtoupper($permission_type), $l_forum_list, $l_ug_list);





943
                }





944
        }





945




946
        /**





947
        * Display a complete trace tree for the selected permission to determine where settings are set/unset





948
        */





949
        function permission_trace($user_id, $forum_id, $permission)





950
        {





951
                global $db, $template, $user, $auth;





952




953
                if ($user_id != $user->data['user_id'])





954
                {





955
                        $sql = 'SELECT user_id, username, user_permissions, user_type





956
                                FROM ' . USERS_TABLE . '





957
                                WHERE user_id = ' . $user_id;





958
                        $result = $db->sql_query($sql);





959
                        $userdata = $db->sql_fetchrow($result);





960
                        $db->sql_freeresult($result);





961
                }





962
                else





963
                {





964
                        $userdata = $user->data;





965
                }





966




967
                if (!$userdata)





968
                {





969
                        trigger_error('NO_USERS', E_USER_ERROR);





970
                }





971




972
                $forum_name = false;





973




974
                if ($forum_id)





975
                {





976
                        $sql = 'SELECT forum_name





977
                                FROM ' . FORUMS_TABLE . "





978
                                WHERE forum_id = $forum_id";





979
                        $result = $db->sql_query($sql, 3600);





980
                        $forum_name = $db->sql_fetchfield('forum_name');





981
                        $db->sql_freeresult($result);





982
                }





983




984
                $back = request_var('back', 0);





985




986
                $template->assign_vars(array(





987
                        'PERMISSION'                        => $user->lang['acl_' . $permission]['lang'],





988
                        'PERMISSION_USERNAME'        => $userdata['username'],





989
                        'FORUM_NAME'                        => $forum_name,





990




991
                        'S_GLOBAL_TRACE'                => ($forum_id) ? false : true,





992




993
                        'U_BACK'                                => ($back) ? build_url(array('f', 'back')) . "&amp;f=$back" : '')





994
                );





995




996
                $template->assign_block_vars('trace', array(





997
                        'WHO'                        => $user->lang['DEFAULT'],





998
                        'INFORMATION'        => $user->lang['TRACE_DEFAULT'],





999




1000
                        'S_SETTING_NO'                => true,





1001
                        'S_TOTAL_NO'                => true)





1002
                );





1003




1004
                $sql = 'SELECT DISTINCT g.group_name, g.group_id, g.group_type





1005
                        FROM ' . GROUPS_TABLE . ' g





1006
                                LEFT JOIN ' . USER_GROUP_TABLE . ' ug ON (ug.group_id = g.group_id)





1007
                        WHERE ug.user_id = ' . $user_id . '





1008
                                AND ug.user_pending = 0





1009
                                AND NOT (ug.group_leader = 1 AND g.group_skip_auth = 1)





1010
                        ORDER BY g.group_type DESC, g.group_id DESC';





1011
                $result = $db->sql_query($sql);





1012




1013
                $groups = array();





1014
                while ($row = $db->sql_fetchrow($result))





1015
                {





1016
                        $groups[$row['group_id']] = array(





1017
                                'auth_setting'                => ACL_NO,





1018
                                'group_name'                => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']





1019
                        );





1020
                }





1021
                $db->sql_freeresult($result);





1022




1023
                $total = ACL_NO;





1024
                $add_key = (($forum_id) ? '_LOCAL' : '');





1025




1026
                if (sizeof($groups))





1027
                {





1028
                        // Get group auth settings





1029
                        $hold_ary = $auth->acl_group_raw_data(array_keys($groups), $permission, $forum_id);





1030




1031
                        foreach ($hold_ary as $group_id => $forum_ary)





1032
                        {





1033
                                $groups[$group_id]['auth_setting'] = $hold_ary[$group_id][$forum_id][$permission];





1034
                        }





1035
                        unset($hold_ary);





1036




1037
                        foreach ($groups as $id => $row)





1038
                        {





1039
                                switch ($row['auth_setting'])





1040
                                {





1041
                                        case ACL_NO:





1042
                                                $information = $user->lang['TRACE_GROUP_NO' . $add_key];





1043
                                        break;





1044




1045
                                        case ACL_YES:





1046
                                                $information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_YES_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_YES_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_GROUP_YES_TOTAL_NO' . $add_key]);





1047
                                                $total = ($total == ACL_NO) ? ACL_YES : $total;





1048
                                        break;





1049




1050
                                        case ACL_NEVER:





1051
                                                $information = ($total == ACL_YES) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_GROUP_NEVER_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_GROUP_NEVER_TOTAL_NO' . $add_key]);





1052
                                                $total = ACL_NEVER;





1053
                                        break;





1054
                                }





1055




1056
                                $template->assign_block_vars('trace', array(





1057
                                        'WHO'                        => $row['group_name'],





1058
                                        'INFORMATION'        => $information,





1059




1060
                                        'S_SETTING_NO'                => ($row['auth_setting'] == ACL_NO) ? true : false,





1061
                                        'S_SETTING_YES'                => ($row['auth_setting'] == ACL_YES) ? true : false,





1062
                                        'S_SETTING_NEVER'        => ($row['auth_setting'] == ACL_NEVER) ? true : false,





1063
                                        'S_TOTAL_NO'                => ($total == ACL_NO) ? true : false,





1064
                                        'S_TOTAL_YES'                => ($total == ACL_YES) ? true : false,





1065
                                        'S_TOTAL_NEVER'                => ($total == ACL_NEVER) ? true : false)





1066
                                );





1067
                        }





1068
                }





1069




1070
                // Get user specific permission... globally or for this forum





1071
                $hold_ary = $auth->acl_user_raw_data($user_id, $permission, $forum_id);





1072
                $auth_setting = (!sizeof($hold_ary)) ? ACL_NO : $hold_ary[$user_id][$forum_id][$permission];





1073




1074
                switch ($auth_setting)





1075
                {





1076
                        case ACL_NO:





1077
                                $information = ($total == ACL_NO) ? $user->lang['TRACE_USER_NO_TOTAL_NO' . $add_key] : $user->lang['TRACE_USER_KEPT' . $add_key];





1078
                                $total = ($total == ACL_NO) ? ACL_NEVER : $total;





1079
                        break;





1080




1081
                        case ACL_YES:





1082
                                $information = ($total == ACL_YES) ? $user->lang['TRACE_USER_YES_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_YES_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_USER_YES_TOTAL_NO' . $add_key]);





1083
                                $total = ($total == ACL_NO) ? ACL_YES : $total;





1084
                        break;





1085




1086
                        case ACL_NEVER:





1087
                                $information = ($total == ACL_YES) ? $user->lang['TRACE_USER_NEVER_TOTAL_YES' . $add_key] : (($total == ACL_NEVER) ? $user->lang['TRACE_USER_NEVER_TOTAL_NEVER' . $add_key] : $user->lang['TRACE_USER_NEVER_TOTAL_NO' . $add_key]);





1088
                                $total = ACL_NEVER;





1089
                        break;





1090
                }





1091




1092
                $template->assign_block_vars('trace', array(





1093
                        'WHO'                        => $userdata['username'],





1094
                        'INFORMATION'        => $information,





1095




1096
                        'S_SETTING_NO'                => ($auth_setting == ACL_NO) ? true : false,





1097
                        'S_SETTING_YES'                => ($auth_setting == ACL_YES) ? true : false,





1098
                        'S_SETTING_NEVER'        => ($auth_setting == ACL_NEVER) ? true : false,





1099
                        'S_TOTAL_NO'                => false,





1100
                        'S_TOTAL_YES'                => ($total == ACL_YES) ? true : false,





1101
                        'S_TOTAL_NEVER'                => ($total == ACL_NEVER) ? true : false)





1102
                );





1103




1104
                if ($forum_id != 0 && isset($auth->acl_options['global'][$permission]))





1105
                {





1106
                        if ($user_id != $user->data['user_id'])





1107
                        {





1108
                                $auth2 = new auth();





1109
                                $auth2->acl($userdata);





1110
                                $auth_setting = $auth2->acl_get($permission);





1111
                        }





1112
                        else





1113
                        {





1114
                                $auth_setting = $auth->acl_get($permission);





1115
                        }





1116




1117
                        if ($auth_setting)





1118
                        {





1119
                                $information = ($total == ACL_YES) ? $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_YES'] : $user->lang['TRACE_USER_GLOBAL_YES_TOTAL_NEVER'];





1120
                                $total = ACL_YES;





1121
                        }





1122
                        else





1123
                        {





1124
                                $information = $user->lang['TRACE_USER_GLOBAL_NEVER_TOTAL_KEPT'];





1125
                        }





1126




1127
                        // If there is no auth information we do not need to worry the user by showing non-relevant data.





1128
                        if ($auth_setting)





1129
                        {





1130
                                $template->assign_block_vars('trace', array(





1131
                                        'WHO'                        => sprintf($user->lang['TRACE_GLOBAL_SETTING'], $userdata['username']),





1132
                                        'INFORMATION'        => sprintf($information, '<a href="' . $this->u_action . "&amp;u=$user_id&amp;f=0&amp;auth=$permission&amp;back=$forum_id\">", '</a>'),





1133




1134
                                        'S_SETTING_NO'                => false,





1135
                                        'S_SETTING_YES'                => $auth_setting,





1136
                                        'S_SETTING_NEVER'        => !$auth_setting,





1137
                                        'S_TOTAL_NO'                => false,





1138
                                        'S_TOTAL_YES'                => ($total == ACL_YES) ? true : false,





1139
                                        'S_TOTAL_NEVER'                => ($total == ACL_NEVER) ? true : false)





1140
                                );





1141
                        }





1142
                }





1143




1144
                // Take founder status into account, overwriting the default values





1145
                if ($userdata['user_type'] == USER_FOUNDER && strpos($permission, 'a_') === 0)





1146
                {





1147
                        $template->assign_block_vars('trace', array(





1148
                                'WHO'                        => $userdata['username'],





1149
                                'INFORMATION'        => $user->lang['TRACE_USER_FOUNDER'],





1150




1151
                                'S_SETTING_NO'                => ($auth_setting == ACL_NO) ? true : false,





1152
                                'S_SETTING_YES'                => ($auth_setting == ACL_YES) ? true : false,





1153
                                'S_SETTING_NEVER'        => ($auth_setting == ACL_NEVER) ? true : false,





1154
                                'S_TOTAL_NO'                => false,





1155
                                'S_TOTAL_YES'                => true,





1156
                                'S_TOTAL_NEVER'                => false)





1157
                        );





1158




1159
                        $total = ACL_YES;





1160
                }





1161




1162
                // Total value...





1163
                $template->assign_vars(array(





1164
                        'S_RESULT_NO'                => ($total == ACL_NO) ? true : false,





1165
                        'S_RESULT_YES'                => ($total == ACL_YES) ? true : false,





1166
                        'S_RESULT_NEVER'        => ($total == ACL_NEVER) ? true : false,





1167
                ));





1168
        }





1169




1170
        /**





1171
        * Handles copying permissions from one forum to others





1172
        */





1173
        function copy_forum_permissions()





1174
        {





1175
                global $auth, $cache, $template, $user;





1176




1177
                $user->add_lang('acp/forums');





1178




1179
                $submit = isset($_POST['submit']) ? true : false;





1180




1181
                if ($submit)





1182
                {





1183
                        $src = request_var('src_forum_id', 0);





1184
                        $dest = request_var('dest_forum_ids', array(0));





1185




1186
                        if (confirm_box(true))





1187
                        {





1188
                                if (copy_forum_permissions($src, $dest))





1189
                                {





1190
                                        cache_moderators();





1191




1192
                                        $auth->acl_clear_prefetch();





1193
                                        $cache->destroy('sql', FORUMS_TABLE);





1194




1195
                                        trigger_error($user->lang['AUTH_UPDATED'] . adm_back_link($this->u_action));





1196
                                }





1197
                                else





1198
                                {





1199
                                        trigger_error($user->lang['SELECTED_FORUM_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);





1200
                                }





1201
                        }





1202
                        else





1203
                        {





1204
                                $s_hidden_fields = array(





1205
                                        'submit'                        => $submit,





1206
                                        'src_forum_id'                => $src,





1207
                                        'dest_forum_ids'        => $dest,





1208
                                );





1209




1210
                                $s_hidden_fields = build_hidden_fields($s_hidden_fields);





1211




1212
                                confirm_box(false, $user->lang['COPY_PERMISSIONS_CONFIRM'], $s_hidden_fields);





1213
                        }





1214
                }





1215




1216
                $template->assign_vars(array(





1217
                        'S_FORUM_OPTIONS' => make_forum_select(false, false, false, false, false),





1218
                ));





1219
        }





1220




1221
        /**





1222
        * Get already assigned users/groups





1223
        */





1224
        function retrieve_defined_user_groups($permission_scope, $forum_id, $permission_type)





1225
        {





1226
                global $db, $user;





1227




1228
                $sql_forum_id = ($permission_scope == 'global') ? 'AND a.forum_id = 0' : ((sizeof($forum_id)) ? 'AND ' . $db->sql_in_set('a.forum_id', $forum_id) : 'AND a.forum_id <> 0');





1229




1230
                // Permission options are only able to be a permission set... therefore we will pre-fetch the possible options and also the possible roles





1231
                $option_ids = $role_ids = array();





1232




1233
                $sql = 'SELECT auth_option_id





1234
                        FROM ' . ACL_OPTIONS_TABLE . '





1235
                        WHERE auth_option ' . $db->sql_like_expression($permission_type . $db->any_char);





1236
                $result = $db->sql_query($sql);





1237




1238
                while ($row = $db->sql_fetchrow($result))





1239
                {





1240
                        $option_ids[] = (int) $row['auth_option_id'];





1241
                }





1242
                $db->sql_freeresult($result);





1243




1244
                if (sizeof($option_ids))





1245
                {





1246
                        $sql = 'SELECT DISTINCT role_id





1247
                                FROM ' . ACL_ROLES_DATA_TABLE . '





1248
                                WHERE ' . $db->sql_in_set('auth_option_id', $option_ids);





1249
                        $result = $db->sql_query($sql);





1250




1251
                        while ($row = $db->sql_fetchrow($result))





1252
                        {





1253
                                $role_ids[] = (int) $row['role_id'];





1254
                        }





1255
                        $db->sql_freeresult($result);





1256
                }





1257




1258
                if (sizeof($option_ids) && sizeof($role_ids))





1259
                {





1260
                        $sql_where = 'AND (' . $db->sql_in_set('a.auth_option_id', $option_ids) . ' OR ' . $db->sql_in_set('a.auth_role_id', $role_ids) . ')';





1261
                }





1262
                else if (sizeof($role_ids))





1263
                {





1264
                        $sql_where = 'AND ' . $db->sql_in_set('a.auth_role_id', $role_ids);





1265
                }





1266
                else if (sizeof($option_ids))





1267
                {





1268
                        $sql_where = 'AND ' . $db->sql_in_set('a.auth_option_id', $option_ids);





1269
                }





1270




1271
                // Not ideal, due to the filesort, non-use of indexes, etc.





1272
                $sql = 'SELECT DISTINCT u.user_id, u.username, u.username_clean, u.user_regdate





1273
                        FROM ' . USERS_TABLE . ' u, ' . ACL_USERS_TABLE . " a





1274
                        WHERE u.user_id = a.user_id





1275
                                $sql_forum_id





1276
                                $sql_where





1277
                        ORDER BY u.username_clean, u.user_regdate ASC";





1278
                $result = $db->sql_query($sql);





1279




1280
                $s_defined_user_options = '';





1281
                $defined_user_ids = array();





1282
                while ($row = $db->sql_fetchrow($result))





1283
                {





1284
                        $s_defined_user_options .= '<option value="' . $row['user_id'] . '">' . $row['username'] . '</option>';





1285
                        $defined_user_ids[] = $row['user_id'];





1286
                }





1287
                $db->sql_freeresult($result);





1288




1289
                $sql = 'SELECT DISTINCT g.group_type, g.group_name, g.group_id





1290
                        FROM ' . GROUPS_TABLE . ' g, ' . ACL_GROUPS_TABLE . " a





1291
                        WHERE g.group_id = a.group_id





1292
                                $sql_forum_id





1293
                                $sql_where





1294
                        ORDER BY g.group_type DESC, g.group_name ASC";





1295
                $result = $db->sql_query($sql);





1296




1297
                $s_defined_group_options = '';





1298
                $defined_group_ids = array();





1299
                while ($row = $db->sql_fetchrow($result))





1300
                {





1301
                        $s_defined_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';





1302
                        $defined_group_ids[] = $row['group_id'];





1303
                }





1304
                $db->sql_freeresult($result);





1305




1306
                return array(





1307
                        'group_ids'                        => $defined_group_ids,





1308
                        'group_ids_options'        => $s_defined_group_options,





1309
                        'user_ids'                        => $defined_user_ids,





1310
                        'user_ids_options'        => $s_defined_user_options





1311
                );





1312
        }





1313
}





1314




1315
?>