]> git.vanrenterghem.biz Git - www.vanrenterghem.biz.git/blob - phpBB2/admin/admin_ug_auth.php
Baseline
[www.vanrenterghem.biz.git] / phpBB2 / admin / admin_ug_auth.php
1 <?php
2 /***************************************************************************
3  *                            admin_ug_auth.php
4  *                            -------------------
5  *   begin                : Saturday, Feb 13, 2001
6  *   copyright            : (C) 2001 The phpBB Group
7  *   email                : support@phpbb.com
8  *
9  *   $Id: admin_ug_auth.php,v 1.13.2.10 2005/09/14 18:14:29 acydburn Exp $
10  *
11  *
12  ***************************************************************************/
14 /***************************************************************************
15  *
16  *   This program is free software; you can redistribute it and/or modify
17  *   it under the terms of the GNU General Public License as published by
18  *   the Free Software Foundation; either version 2 of the License, or
19  *   (at your option) any later version.
20  *
21  ***************************************************************************/
23 define('IN_PHPBB', 1);
25 if( !empty($setmodules) )
26 {
27         $filename = basename(__FILE__);
28         $module['Users']['Permissions'] = $filename . "?mode=user";
29         $module['Groups']['Permissions'] = $filename . "?mode=group";
31         return;
32 }
34 //
35 // Load default header
36 //
37 $no_page_header = TRUE;
39 $phpbb_root_path = "./../";
40 require($phpbb_root_path . 'extension.inc');
41 require('./pagestart.' . $phpEx);
43 $params = array('mode' => 'mode', 'user_id' => POST_USERS_URL, 'group_id' => POST_GROUPS_URL, 'adv' => 'adv');
45 while( list($var, $param) = @each($params) )
46 {
47         if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
48         {
49                 $$var = ( !empty($HTTP_POST_VARS[$param]) ) ? $HTTP_POST_VARS[$param] : $HTTP_GET_VARS[$param];
50         }
51         else
52         {
53                 $$var = "";
54         }
55 }
57 $user_id = intval($user_id);
58 $group_id = intval($group_id);
59 $adv = intval($adv);
60 $mode = htmlspecialchars($mode);
62 //
63 // Start program - define vars
64 //
65 $forum_auth_fields = array('auth_view', 'auth_read', 'auth_post', 'auth_reply', 'auth_edit', 'auth_delete', 'auth_sticky', 'auth_announce', 'auth_vote', 'auth_pollcreate');
67 $auth_field_match = array(
68         'auth_view' => AUTH_VIEW,
69         'auth_read' => AUTH_READ,
70         'auth_post' => AUTH_POST,
71         'auth_reply' => AUTH_REPLY,
72         'auth_edit' => AUTH_EDIT,
73         'auth_delete' => AUTH_DELETE,
74         'auth_sticky' => AUTH_STICKY,
75         'auth_announce' => AUTH_ANNOUNCE, 
76         'auth_vote' => AUTH_VOTE, 
77         'auth_pollcreate' => AUTH_POLLCREATE);
79 $field_names = array(
80         'auth_view' => $lang['View'],
81         'auth_read' => $lang['Read'],
82         'auth_post' => $lang['Post'],
83         'auth_reply' => $lang['Reply'],
84         'auth_edit' => $lang['Edit'],
85         'auth_delete' => $lang['Delete'],
86         'auth_sticky' => $lang['Sticky'],
87         'auth_announce' => $lang['Announce'], 
88         'auth_vote' => $lang['Vote'], 
89         'auth_pollcreate' => $lang['Pollcreate']);
91 // ---------------
92 // Start Functions
93 //
94 function check_auth($type, $key, $u_access, $is_admin)
95 {
96         $auth_user = 0;
98         if( count($u_access) )
99         {
100                 for($j = 0; $j < count($u_access); $j++)
101                 {
102                         $result = 0;
103                         switch($type)
104                         {
105                                 case AUTH_ACL:
106                                         $result = $u_access[$j][$key];
108                                 case AUTH_MOD:
109                                         $result = $result || $u_access[$j]['auth_mod'];
111                                 case AUTH_ADMIN:
112                                         $result = $result || $is_admin;
113                                         break;
114                         }
116                         $auth_user = $auth_user || $result;
117                 }
118         }
119         else
120         {
121                 $auth_user = $is_admin;
122         }
124         return $auth_user;
126 //
127 // End Functions
128 // -------------
130 if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || ( $mode == 'group' && $group_id ) ) )
132         $user_level = '';
133         if ( $mode == 'user' )
134         {
135                 //
136                 // Get group_id for this user_id
137                 //
138                 $sql = "SELECT g.group_id, u.user_level
139                         FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u, " . GROUPS_TABLE . " g
140                         WHERE u.user_id = $user_id 
141                                 AND ug.user_id = u.user_id 
142                                 AND g.group_id = ug.group_id 
143                                 AND g.group_single_user = " . TRUE;
144                 if ( !($result = $db->sql_query($sql)) )
145                 {
146                         message_die(GENERAL_ERROR, 'Could not select info from user/user_group table', '', __LINE__, __FILE__, $sql);
147                 }
149                 $row = $db->sql_fetchrow($result);
151                 $group_id = $row['group_id'];
152                 $user_level = $row['user_level'];
154                 $db->sql_freeresult($result);
155         }
157         //
158         // Carry out requests
159         //
160         if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'admin' && $user_level != ADMIN )
161         {
162                 //
163                 // Make user an admin (if already user)
164                 //
165                 if ( $userdata['user_id'] != $user_id )
166                 {
167                         $sql = "UPDATE " . USERS_TABLE . "
168                                 SET user_level = " . ADMIN . "
169                                 WHERE user_id = $user_id";
170                         if ( !($result = $db->sql_query($sql)) )
171                         {
172                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
173                         }
175                         $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
176                                 WHERE group_id = $group_id 
177                                         AND auth_mod = 0";
178                         if ( !($result = $db->sql_query($sql)) )
179                         {
180                                 message_die(GENERAL_ERROR, "Couldn't delete auth access info", "", __LINE__, __FILE__, $sql);
181                         }
183                         //
184                         // Delete any entries in auth_access, they are not required if user is becoming an
185                         // admin
186                         //
187                         $sql = "UPDATE " . AUTH_ACCESS_TABLE . "
188                                 SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
189                                 WHERE group_id = $group_id"; 
190                         if ( !($result = $db->sql_query($sql)) )
191                         {
192                                 message_die(GENERAL_ERROR, "Couldn't update auth access", "", __LINE__, __FILE__, $sql);
193                         }
194                 }
196                 $message = $lang['Auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_userauth'], '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
197                 message_die(GENERAL_MESSAGE, $message);
198         }
199         else
200         {
201                 if ( $mode == 'user' && $HTTP_POST_VARS['userlevel'] == 'user' && $user_level == ADMIN )
202                 {
203                         //
204                         // Make admin a user (if already admin) ... ignore if you're trying
205                         // to change yourself from an admin to user!
206                         //
207                         if ( $userdata['user_id'] != $user_id )
208                         {
209                                 $sql = "UPDATE " . AUTH_ACCESS_TABLE . "
210                                         SET auth_view = 0, auth_read = 0, auth_post = 0, auth_reply = 0, auth_edit = 0, auth_delete = 0, auth_sticky = 0, auth_announce = 0
211                                         WHERE group_id = $group_id";
212                                 if ( !($result = $db->sql_query($sql)) )
213                                 {
214                                         message_die(GENERAL_ERROR, 'Could not update auth access', '', __LINE__, __FILE__, $sql);
215                                 }
217                                 //
218                                 // Update users level, reset to USER
219                                 //
220                                 $sql = "UPDATE " . USERS_TABLE . "
221                                         SET user_level = " . USER . "
222                                         WHERE user_id = $user_id";
223                                 if ( !($result = $db->sql_query($sql)) )
224                                 {
225                                         message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
226                                 }
227                         }
229                         $message = $lang['Auth_updated'] . '<br /><br />' . sprintf($lang['Click_return_userauth'], '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
230                 }
231                 else
232                 {
233         
234                         $change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : false;
236                         if ( empty($adv) )
237                         {
238                                 $change_acl_list = ( isset($HTTP_POST_VARS['private']) ) ? $HTTP_POST_VARS['private'] : false;
239                         }
240                         else
241                         {
242                                 $change_acl_list = array();
243                                 for($j = 0; $j < count($forum_auth_fields); $j++)
244                                 {
245                                         $auth_field = $forum_auth_fields[$j];
247                                         while( list($forum_id, $value) = @each($HTTP_POST_VARS['private_' . $auth_field]) )
248                                         {
249                                                 $change_acl_list[$forum_id][$auth_field] = $value;
250                                         }
251                                 }
252                         }
254                         $sql = 'SELECT f.* 
255                                 FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
256                                 WHERE f.cat_id = c.cat_id
257                                 ORDER BY c.cat_order, f.forum_order';
258                         if ( !($result = $db->sql_query($sql)) )
259                         {
260                                 message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
261                         }
263                         $forum_access = array();
264                         while( $row = $db->sql_fetchrow($result) )
265                         {
266                                 $forum_access[] = $row;
267                         }
268                         $db->sql_freeresult($result);
270                         $sql = ( $mode == 'user' ) ? "SELECT aa.* FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND aa.group_id = ug.group_id AND g.group_single_user = " . TRUE : "SELECT * FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = $group_id";
271                         if ( !($result = $db->sql_query($sql)) )
272                         {
273                                 message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
274                         }
276                         $auth_access = array();
277                         while( $row = $db->sql_fetchrow($result) )
278                         {
279                                 $auth_access[$row['forum_id']] = $row;
280                         }
281                         $db->sql_freeresult($result);
283                         $forum_auth_action = array();
284                         $update_acl_status = array();
285                         $update_mod_status = array();
287                         for($i = 0; $i < count($forum_access); $i++)
288                         {
289                                 $forum_id = $forum_access[$i]['forum_id'];
291                                 if ( 
292                                         ( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id]['auth_mod'] != $auth_access[$forum_id]['auth_mod'] ) || 
293                                         ( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]['auth_mod']) ) 
294                                 )
295                                 {
296                                         $update_mod_status[$forum_id] = $change_mod_list[$forum_id]['auth_mod'];
298                                         if ( !$update_mod_status[$forum_id] )
299                                         {
300                                                 $forum_auth_action[$forum_id] = 'delete';
301                                         }
302                                         else if ( !isset($auth_access[$forum_id]['auth_mod']) )
303                                         {
304                                                 $forum_auth_action[$forum_id] = 'insert';
305                                         }
306                                         else
307                                         {
308                                                 $forum_auth_action[$forum_id] = 'update';
309                                         }
310                                 }
312                                 for($j = 0; $j < count($forum_auth_fields); $j++)
313                                 {
314                                         $auth_field = $forum_auth_fields[$j];
316                                         if( $forum_access[$i][$auth_field] == AUTH_ACL && isset($change_acl_list[$forum_id][$auth_field]) )
317                                         {
318                                                 if ( ( empty($auth_access[$forum_id]['auth_mod']) && 
319                                                         ( isset($auth_access[$forum_id][$auth_field]) && $change_acl_list[$forum_id][$auth_field] != $auth_access[$forum_id][$auth_field] ) || 
320                                                         ( !isset($auth_access[$forum_id][$auth_field]) && !empty($change_acl_list[$forum_id][$auth_field]) ) ) ||
321                                                         !empty($update_mod_status[$forum_id])
322                                                 )
323                                                 {
324                                                         $update_acl_status[$forum_id][$auth_field] = ( !empty($update_mod_status[$forum_id]) ) ? 0 :  $change_acl_list[$forum_id][$auth_field];
326                                                         if ( isset($auth_access[$forum_id][$auth_field]) && empty($update_acl_status[$forum_id][$auth_field]) && $forum_auth_action[$forum_id] != 'insert' && $forum_auth_action[$forum_id] != 'update' )
327                                                         {
328                                                                 $forum_auth_action[$forum_id] = 'delete';
329                                                         }
330                                                         else if ( !isset($auth_access[$forum_id][$auth_field]) && !( $forum_auth_action[$forum_id] == 'delete' && empty($update_acl_status[$forum_id][$auth_field]) ) )
331                                                         {
332                                                                 $forum_auth_action[$forum_id] = 'insert';
333                                                         }
334                                                         else if ( isset($auth_access[$forum_id][$auth_field]) && !empty($update_acl_status[$forum_id][$auth_field]) ) 
335                                                         {
336                                                                 $forum_auth_action[$forum_id] = 'update';
337                                                         }
338                                                 }
339                                                 else if ( ( empty($auth_access[$forum_id]['auth_mod']) && 
340                                                         ( isset($auth_access[$forum_id][$auth_field]) && $change_acl_list[$forum_id][$auth_field] == $auth_access[$forum_id][$auth_field] ) ) && $forum_auth_action[$forum_id] == 'delete' )
341                                                 {
342                                                         $forum_auth_action[$forum_id] = 'update';
343                                                 }
344                                         }
345                                 }
346                         }
348                         //
349                         // Checks complete, make updates to DB
350                         //
351                         $delete_sql = '';
352                         while( list($forum_id, $action) = @each($forum_auth_action) )
353                         {
354                                 if ( $action == 'delete' )
355                                 {
356                                         $delete_sql .= ( ( $delete_sql != '' ) ? ', ' : '' ) . $forum_id;
357                                 }
358                                 else
359                                 {
360                                         if ( $action == 'insert' )
361                                         {
362                                                 $sql_field = '';
363                                                 $sql_value = '';
364                                                 while ( list($auth_type, $value) = @each($update_acl_status[$forum_id]) )
365                                                 {
366                                                         $sql_field .= ( ( $sql_field != '' ) ? ', ' : '' ) . $auth_type;
367                                                         $sql_value .= ( ( $sql_value != '' ) ? ', ' : '' ) . $value;
368                                                 }
369                                                 $sql_field .= ( ( $sql_field != '' ) ? ', ' : '' ) . 'auth_mod';
370                                                 $sql_value .= ( ( $sql_value != '' ) ? ', ' : '' ) . ( ( !isset($update_mod_status[$forum_id]) ) ? 0 : $update_mod_status[$forum_id]);
372                                                 $sql = "INSERT INTO " . AUTH_ACCESS_TABLE . " (forum_id, group_id, $sql_field) 
373                                                         VALUES ($forum_id, $group_id, $sql_value)";
374                                         }
375                                         else
376                                         {
377                                                 $sql_values = '';
378                                                 while ( list($auth_type, $value) = @each($update_acl_status[$forum_id]) )
379                                                 {
380                                                         $sql_values .= ( ( $sql_values != '' ) ? ', ' : '' ) . $auth_type . ' = ' . $value;
381                                                 }
382                                                 $sql_values .= ( ( $sql_values != '' ) ? ', ' : '' ) . 'auth_mod = ' . ( ( !isset($update_mod_status[$forum_id]) ) ? 0 : $update_mod_status[$forum_id]);
384                                                 $sql = "UPDATE " . AUTH_ACCESS_TABLE . " 
385                                                         SET $sql_values 
386                                                         WHERE group_id = $group_id 
387                                                                 AND forum_id = $forum_id";
388                                         }
389                                         if( !($result = $db->sql_query($sql)) )
390                                         {
391                                                 message_die(GENERAL_ERROR, "Couldn't update private forum permissions", "", __LINE__, __FILE__, $sql);
392                                         }
393                                 }
394                         }
396                         if ( $delete_sql != '' )
397                         {
398                                 $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . " 
399                                         WHERE group_id = $group_id 
400                                                 AND forum_id IN ($delete_sql)";
401                                 if( !($result = $db->sql_query($sql)) )
402                                 {
403                                         message_die(GENERAL_ERROR, "Couldn't delete permission entries", "", __LINE__, __FILE__, $sql);
404                                 }
405                         }
407                         $l_auth_return = ( $mode == 'user' ) ? $lang['Click_return_userauth'] : $lang['Click_return_groupauth'];
408                         $message = $lang['Auth_updated'] . '<br /><br />' . sprintf($l_auth_return, '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$mode") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
409                 }
411                 //
412                 // Update user level to mod for appropriate users
413                 // 
414                 $sql = "SELECT u.user_id 
415                         FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u  
416                         WHERE ug.group_id = aa.group_id 
417                                 AND u.user_id = ug.user_id 
418                                 AND ug.user_pending = 0
419                                 AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ") 
420                         GROUP BY u.user_id 
421                         HAVING SUM(aa.auth_mod) > 0";
422                 if ( !($result = $db->sql_query($sql)) )
423                 {
424                         message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
425                 }
427                 $set_mod = '';
428                 while( $row = $db->sql_fetchrow($result) )
429                 {
430                         $set_mod .= ( ( $set_mod != '' ) ? ', ' : '' ) . $row['user_id'];
431                 }
432                 $db->sql_freeresult($result);
434                 //
435                 // Update user level to user for appropriate users
436                 // 
437                 switch ( SQL_LAYER )
438                 {
439                         case 'postgresql':
440                                 $sql = "SELECT u.user_id 
441                                         FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa
442                                         WHERE ug.user_id = u.user_id 
443                                                 AND aa.group_id = ug.group_id 
444                                                 AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")
445                                         GROUP BY u.user_id 
446                                         HAVING SUM(aa.auth_mod) = 0 
447                                         UNION (
448                                                 SELECT u.user_id  
449                                                 FROM " . USERS_TABLE . " u 
450                                                 WHERE NOT EXISTS ( 
451                                                         SELECT aa.auth_mod 
452                                                         FROM " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa 
453                                                         WHERE ug.user_id = u.user_id 
454                                                                 AND aa.group_id = ug.group_id
455                                                 )
456                                                 AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")  
457                                                 GROUP BY u.user_id
458                                         )";
459                                 break;
460                         case 'oracle':
461                                 $sql = "SELECT u.user_id 
462                                         FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug, " . AUTH_ACCESS_TABLE . " aa 
463                                         WHERE ug.user_id = u.user_id(+)
464                                                 AND aa.group_id = ug.group_id(+) 
465                                                 AND u.user_level NOT IN (" . USER . ", " . ADMIN . ")
466                                         GROUP BY u.user_id 
467                                         HAVING SUM(aa.auth_mod) = 0";
468                                 break;
469                         default:
470                                 $sql = "SELECT u.user_id 
471                                         FROM ( ( " . USERS_TABLE . " u  
472                                         LEFT JOIN " . USER_GROUP_TABLE . " ug ON ug.user_id = u.user_id ) 
473                                         LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = ug.group_id ) 
474                                         WHERE u.user_level NOT IN (" . USER . ", " . ADMIN . ")
475                                         GROUP BY u.user_id 
476                                         HAVING SUM(aa.auth_mod) = 0";
477                                 break;
478                 }
479                 if ( !($result = $db->sql_query($sql)) )
480                 {
481                         message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
482                 }
484                 $unset_mod = "";
485                 while( $row = $db->sql_fetchrow($result) )
486                 {
487                         $unset_mod .= ( ( $unset_mod != '' ) ? ', ' : '' ) . $row['user_id'];
488                 }
489                 $db->sql_freeresult($result);
491                 if ( $set_mod != '' )
492                 {
493                         $sql = "UPDATE " . USERS_TABLE . " 
494                                 SET user_level = " . MOD . " 
495                                 WHERE user_id IN ($set_mod)";
496                         if( !($result = $db->sql_query($sql)) )
497                         {
498                                 message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
499                         }
500                 }
502                 if ( $unset_mod != '' )
503                 {
504                         $sql = "UPDATE " . USERS_TABLE . " 
505                                 SET user_level = " . USER . " 
506                                 WHERE user_id IN ($unset_mod)";
507                         if( !($result = $db->sql_query($sql)) )
508                         {
509                                 message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
510                         }
511                 }
513                 $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
514                         WHERE group_id = $group_id";
515                 $result = $db->sql_query($sql);
517                 $group_user = array();
518                 while ($row = $db->sql_fetchrow($result))
519                 {
520                         $group_user[$row['user_id']] = $row['user_id'];
521                 }
522                 $db->sql_freeresult($result);
524                 $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod 
525                         FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
526                         WHERE ug.user_id IN (" . implode(', ', $group_user) . ") 
527                                 AND aa.group_id = ug.group_id 
528                                 AND aa.auth_mod = 1
529                         GROUP BY ug.user_id";
530                 if ( !($result = $db->sql_query($sql)) )
531                 {
532                         message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
533                 }
535                 while ($row = $db->sql_fetchrow($result))
536                 {
537                         if ($row['is_auth_mod'])
538                         {
539                                 unset($group_user[$row['user_id']]);
540                         }
541                 }
542                 $db->sql_freeresult($result);
544                 if (sizeof($group_user))
545                 {
546                         $sql = "UPDATE " . USERS_TABLE . " 
547                                 SET user_level = " . USER . " 
548                                 WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
549                         if ( !($result = $db->sql_query($sql)) )
550                         {
551                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
552                         }
553                 }
555                 message_die(GENERAL_MESSAGE, $message);
556         }
558 else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id ) ) || ( $mode == 'group' && $group_id ) )
560         if ( isset($HTTP_POST_VARS['username']) )
561         {
562                 $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
563                 if ( !is_array($this_userdata) )
564                 {
565                         message_die(GENERAL_MESSAGE, $lang['No_such_user']);
566                 }
567                 $user_id = $this_userdata['user_id'];
568         }
570         //
571         // Front end
572         //
573         $sql = "SELECT f.* 
574                 FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
575                 WHERE f.cat_id = c.cat_id
576                 ORDER BY c.cat_order, f.forum_order ASC";
577         if ( !($result = $db->sql_query($sql)) )
578         {
579                 message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
580         }
582         $forum_access = array();
583         while( $row = $db->sql_fetchrow($result) )
584         {
585                 $forum_access[] = $row;
586         }
587         $db->sql_freeresult($result);
589         if( empty($adv) )
590         {
591                 for($i = 0; $i < count($forum_access); $i++)
592                 {
593                         $forum_id = $forum_access[$i]['forum_id'];
595                         $forum_auth_level[$forum_id] = AUTH_ALL;
597                         for($j = 0; $j < count($forum_auth_fields); $j++)
598                         {
599                                 $forum_access[$i][$forum_auth_fields[$j]] . ' :: ';
600                                 if ( $forum_access[$i][$forum_auth_fields[$j]] == AUTH_ACL )
601                                 {
602                                         $forum_auth_level[$forum_id] = AUTH_ACL;
603                                         $forum_auth_level_fields[$forum_id][] = $forum_auth_fields[$j];
604                                 }
605                         }
606                 }
607         }
609         $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
610         $sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
611         if ( !($result = $db->sql_query($sql)) )
612         {
613                 message_die(GENERAL_ERROR, "Couldn't obtain user/group information", "", __LINE__, __FILE__, $sql);
614         }
615         $ug_info = array();
616         while( $row = $db->sql_fetchrow($result) )
617         {
618                 $ug_info[] = $row;
619         }
620         $db->sql_freeresult($result);
622         $sql = ( $mode == 'user' ) ? "SELECT aa.*, g.group_single_user FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g WHERE ug.user_id = $user_id AND g.group_id = ug.group_id AND aa.group_id = ug.group_id AND g.group_single_user = 1" : "SELECT * FROM " . AUTH_ACCESS_TABLE . " WHERE group_id = $group_id";
623         if ( !($result = $db->sql_query($sql)) )
624         {
625                 message_die(GENERAL_ERROR, "Couldn't obtain user/group permissions", "", __LINE__, __FILE__, $sql);
626         }
628         $auth_access = array();
629         $auth_access_count = array();
630         while( $row = $db->sql_fetchrow($result) )
631         {
632                 $auth_access[$row['forum_id']][] = $row; 
633                 $auth_access_count[$row['forum_id']]++;
634         }
635         $db->sql_freeresult($result);
637         $is_admin = ( $mode == 'user' ) ? ( ( $ug_info[0]['user_level'] == ADMIN && $ug_info[0]['user_id'] != ANONYMOUS ) ? 1 : 0 ) : 0;
639         for($i = 0; $i < count($forum_access); $i++)
640         {
641                 $forum_id = $forum_access[$i]['forum_id'];
643                 unset($prev_acl_setting);
644                 for($j = 0; $j < count($forum_auth_fields); $j++)
645                 {
646                         $key = $forum_auth_fields[$j];
647                         $value = $forum_access[$i][$key];
649                         switch( $value )
650                         {
651                                 case AUTH_ALL:
652                                 case AUTH_REG:
653                                         $auth_ug[$forum_id][$key] = 1;
654                                         break;
656                                 case AUTH_ACL:
657                                         $auth_ug[$forum_id][$key] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_ACL, $key, $auth_access[$forum_id], $is_admin) : 0;
658                                         $auth_field_acl[$forum_id][$key] = $auth_ug[$forum_id][$key];
660                                         if ( isset($prev_acl_setting) )
661                                         {
662                                                 if ( $prev_acl_setting != $auth_ug[$forum_id][$key] && empty($adv) )
663                                                 {
664                                                         $adv = 1;
665                                                 }
666                                         }
668                                         $prev_acl_setting = $auth_ug[$forum_id][$key];
670                                         break;
672                                 case AUTH_MOD:
673                                         $auth_ug[$forum_id][$key] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_MOD, $key, $auth_access[$forum_id], $is_admin) : 0;
674                                         break;
676                                 case AUTH_ADMIN:
677                                         $auth_ug[$forum_id][$key] = $is_admin;
678                                         break;
680                                 default:
681                                         $auth_ug[$forum_id][$key] = 0;
682                                         break;
683                         }
684                 }
686                 //
687                 // Is user a moderator?
688                 //
689                 $auth_ug[$forum_id]['auth_mod'] = ( !empty($auth_access_count[$forum_id]) ) ? check_auth(AUTH_MOD, 'auth_mod', $auth_access[$forum_id], 0) : 0;
690         }
691         
692         $i = 0;
693         @reset($auth_ug);
694         while( list($forum_id, $user_ary) = @each($auth_ug) )
695         {
696                 if ( empty($adv) )
697                 {
698                         if ( $forum_auth_level[$forum_id] == AUTH_ACL )
699                         {
700                                 $allowed = 1;
702                                 for($j = 0; $j < count($forum_auth_level_fields[$forum_id]); $j++)
703                                 {
704                                         if ( !$auth_ug[$forum_id][$forum_auth_level_fields[$forum_id][$j]] )
705                                         {
706                                                 $allowed = 0;
707                                         }
708                                 }
710                                 $optionlist_acl = '<select name="private[' . $forum_id . ']">';
712                                 if ( $is_admin || $user_ary['auth_mod'] )
713                                 {
714                                         $optionlist_acl .= '<option value="1">' . $lang['Allowed_Access'] . '</option>';
715                                 }
716                                 else if ( $allowed )
717                                 {
718                                         $optionlist_acl .= '<option value="1" selected="selected">' . $lang['Allowed_Access'] . '</option><option value="0">'. $lang['Disallowed_Access'] . '</option>';
719                                 }
720                                 else
721                                 {
722                                         $optionlist_acl .= '<option value="1">' . $lang['Allowed_Access'] . '</option><option value="0" selected="selected">' . $lang['Disallowed_Access'] . '</option>';
723                                 }
725                                 $optionlist_acl .= '</select>';
726                         }
727                         else
728                         {
729                                 $optionlist_acl = '&nbsp;';
730                         }
731                 }
732                 else
733                 {
734                         for($j = 0; $j < count($forum_access); $j++)
735                         {
736                                 if ( $forum_access[$j]['forum_id'] == $forum_id )
737                                 {
738                                         for($k = 0; $k < count($forum_auth_fields); $k++)
739                                         {
740                                                 $field_name = $forum_auth_fields[$k];
742                                                 if( $forum_access[$j][$field_name] == AUTH_ACL )
743                                                 {
744                                                         $optionlist_acl_adv[$forum_id][$k] = '<select name="private_' . $field_name . '[' . $forum_id . ']">';
746                                                         if( isset($auth_field_acl[$forum_id][$field_name]) && !($is_admin || $user_ary['auth_mod']) )
747                                                         {
748                                                                 if( !$auth_field_acl[$forum_id][$field_name] )
749                                                                 {
750                                                                         $optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option><option value="0" selected="selected">' . $lang['OFF'] . '</option>';
751                                                                 }
752                                                                 else
753                                                                 {
754                                                                         $optionlist_acl_adv[$forum_id][$k] .= '<option value="1" selected="selected">' . $lang['ON'] . '</option><option value="0">' . $lang['OFF'] . '</option>';
755                                                                 }
756                                                         }
757                                                         else
758                                                         {
759                                                                 if( $is_admin || $user_ary['auth_mod'] )
760                                                                 {
761                                                                         $optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option>';
762                                                                 }
763                                                                 else
764                                                                 {
765                                                                         $optionlist_acl_adv[$forum_id][$k] .= '<option value="1">' . $lang['ON'] . '</option><option value="0" selected="selected">' . $lang['OFF'] . '</option>';
766                                                                 }
767                                                         }
769                                                         $optionlist_acl_adv[$forum_id][$k] .= '</select>';
771                                                 }
772                                         }
773                                 }
774                         }
775                 }
777                 $optionlist_mod = '<select name="moderator[' . $forum_id . ']">';
778                 $optionlist_mod .= ( $user_ary['auth_mod'] ) ? '<option value="1" selected="selected">' . $lang['Is_Moderator'] . '</option><option value="0">' . $lang['Not_Moderator'] . '</option>' : '<option value="1">' . $lang['Is_Moderator'] . '</option><option value="0" selected="selected">' . $lang['Not_Moderator'] . '</option>';
779                 $optionlist_mod .= '</select>';
781                 $row_class = ( !( $i % 2 ) ) ? 'row2' : 'row1';
782                 $row_color = ( !( $i % 2 ) ) ? $theme['td_color1'] : $theme['td_color2'];
784                 $template->assign_block_vars('forums', array(
785                         'ROW_COLOR' => '#' . $row_color,
786                         'ROW_CLASS' => $row_class,
787                         'FORUM_NAME' => $forum_access[$i]['forum_name'],
789                         'U_FORUM_AUTH' => append_sid("admin_forumauth.$phpEx?f=" . $forum_access[$i]['forum_id']),
791                         'S_MOD_SELECT' => $optionlist_mod)
792                 );
794                 if( !$adv )
795                 {
796                         $template->assign_block_vars('forums.aclvalues', array(
797                                 'S_ACL_SELECT' => $optionlist_acl)
798                         );
799                 }
800                 else
801                 {
802                         for($j = 0; $j < count($forum_auth_fields); $j++)
803                         {
804                                 $template->assign_block_vars('forums.aclvalues', array(
805                                         'S_ACL_SELECT' => $optionlist_acl_adv[$forum_id][$j])
806                                 );
807                         }
808                 }
810                 $i++;
811         }
812 //      @reset($auth_user);
813         
814         if ( $mode == 'user' )
815         {
816                 $t_username = $ug_info[0]['username'];
817                 $s_user_type = ( $is_admin ) ? '<select name="userlevel"><option value="admin" selected="selected">' . $lang['Auth_Admin'] . '</option><option value="user">' . $lang['Auth_User'] . '</option></select>' : '<select name="userlevel"><option value="admin">' . $lang['Auth_Admin'] . '</option><option value="user" selected="selected">' . $lang['Auth_User'] . '</option></select>';
818         }
819         else
820         {
821                 $t_groupname = $ug_info[0]['group_name'];
822         }
824         $name = array();
825         $id = array();
826         for($i = 0; $i < count($ug_info); $i++)
827         {
828                 if( ( $mode == 'user' && !$ug_info[$i]['group_single_user'] ) || $mode == 'group' )
829                 {
830                         $name[] = ( $mode == 'user' ) ? $ug_info[$i]['group_name'] :  $ug_info[$i]['username'];
831                         $id[] = ( $mode == 'user' ) ? intval($ug_info[$i]['group_id']) : intval($ug_info[$i]['user_id']);
832                 }
833         }
835         $t_usergroup_list = $t_pending_list = '';
836         if( count($name) )
837         {
838                 for($i = 0; $i < count($ug_info); $i++)
839                 {
840                         $ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
842                         if (!$ug_info[$i]['user_pending'])
843                         {
844                                 $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
845                         }
846                         else
847                         {
848                                 $t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
849                         }
850                 }
851         }
853         $t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
854         $t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;
856         $s_column_span = 2; // Two columns always present
857         if( !$adv )
858         {
859                 $template->assign_block_vars('acltype', array(
860                         'L_UG_ACL_TYPE' => $lang['Simple_Permission'])
861                 );
862                 $s_column_span++;
863         }
864         else
865         {
866                 for($i = 0; $i < count($forum_auth_fields); $i++)
867                 {
868                         $cell_title = $field_names[$forum_auth_fields[$i]];
870                         $template->assign_block_vars('acltype', array(
871                                 'L_UG_ACL_TYPE' => $cell_title)
872                         );
873                         $s_column_span++;
874                 }
875         }
877         //
878         // Dump in the page header ...
879         //
880         include('./page_header_admin.'.$phpEx);
882         $template->set_filenames(array(
883                 "body" => 'admin/auth_ug_body.tpl')
884         );
886         $adv_switch = ( empty($adv) ) ? 1 : 0;
887         $u_ug_switch = ( $mode == 'user' ) ? POST_USERS_URL . "=" . $user_id : POST_GROUPS_URL . "=" . $group_id;
888         $switch_mode = append_sid("admin_ug_auth.$phpEx?mode=$mode&amp;" . $u_ug_switch . "&amp;adv=$adv_switch");
889         $switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
890         $u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
892         $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="adv" value="' . $adv . '" />';
893         $s_hidden_fields .= ( $mode == 'user' ) ? '<input type="hidden" name="' . POST_USERS_URL . '" value="' . $user_id . '" />' : '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
895         if ( $mode == 'user' )
896         {
897                 $template->assign_block_vars('switch_user_auth', array());
899                 $template->assign_vars(array(
900                         'USERNAME' => $t_username,
901                         'USER_LEVEL' => $lang['User_Level'] . " : " . $s_user_type,
902                         'USER_GROUP_MEMBERSHIPS' => $lang['Group_memberships'] . ' : ' . $t_usergroup_list)
903                 );
904         }
905         else
906         {
907                 $template->assign_block_vars("switch_group_auth", array());
909                 $template->assign_vars(array(
910                         'USERNAME' => $t_groupname,
911                         'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '<br />' . $lang['Pending_members'] . ' : ' . $t_pending_list)
912                 );
913         }
915         $template->assign_vars(array(
916                 'L_USER_OR_GROUPNAME' => ( $mode == 'user' ) ? $lang['Username'] : $lang['Group_name'],
918                 'L_AUTH_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
919                 'L_AUTH_EXPLAIN' => ( $mode == 'user' ) ? $lang['User_auth_explain'] : $lang['Group_auth_explain'],
920                 'L_MODERATOR_STATUS' => $lang['Moderator_status'],
921                 'L_PERMISSIONS' => $lang['Permissions'],
922                 'L_SUBMIT' => $lang['Submit'],
923                 'L_RESET' => $lang['Reset'], 
924                 'L_FORUM' => $lang['Forum'], 
926                 'U_USER_OR_GROUP' => append_sid("admin_ug_auth.$phpEx"),
927                 'U_SWITCH_MODE' => $u_switch_mode,
929                 'S_COLUMN_SPAN' => $s_column_span,
930                 'S_AUTH_ACTION' => append_sid("admin_ug_auth.$phpEx"), 
931                 'S_HIDDEN_FIELDS' => $s_hidden_fields)
932         );
934 else
936         //
937         // Select a user/group
938         //
939         include('./page_header_admin.'.$phpEx);
941         $template->set_filenames(array(
942                 'body' => ( $mode == 'user' ) ? 'admin/user_select_body.tpl' : 'admin/auth_select_body.tpl')
943         );
945         if ( $mode == 'user' )
946         {
947                 $template->assign_vars(array(
948                         'L_FIND_USERNAME' => $lang['Find_username'],
950                         'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"))
951                 );
952         }
953         else
954         {
955                 $sql = "SELECT group_id, group_name
956                         FROM " . GROUPS_TABLE . "
957                         WHERE group_single_user <> " . TRUE;
958                 if ( !($result = $db->sql_query($sql)) )
959                 {
960                         message_die(GENERAL_ERROR, "Couldn't get group list", "", __LINE__, __FILE__, $sql);
961                 }
963                 if ( $row = $db->sql_fetchrow($result) )
964                 {
965                         $select_list = '<select name="' . POST_GROUPS_URL . '">';
966                         do
967                         {
968                                 $select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
969                         }
970                         while ( $row = $db->sql_fetchrow($result) );
971                         $select_list .= '</select>';
972                 }
974                 $template->assign_vars(array(
975                         'S_AUTH_SELECT' => $select_list)
976                 );
977         }
979         $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
981         $l_type = ( $mode == 'user' ) ? 'USER' : 'AUTH';
983         $template->assign_vars(array(
984                 'L_' . $l_type . '_TITLE' => ( $mode == 'user' ) ? $lang['Auth_Control_User'] : $lang['Auth_Control_Group'],
985                 'L_' . $l_type . '_EXPLAIN' => ( $mode == 'user' ) ? $lang['User_auth_explain'] : $lang['Group_auth_explain'],
986                 'L_' . $l_type . '_SELECT' => ( $mode == 'user' ) ? $lang['Select_a_User'] : $lang['Select_a_Group'],
987                 'L_LOOK_UP' => ( $mode == 'user' ) ? $lang['Look_up_User'] : $lang['Look_up_Group'],
989                 'S_HIDDEN_FIELDS' => $s_hidden_fields, 
990                 'S_' . $l_type . '_ACTION' => append_sid("admin_ug_auth.$phpEx"))
991         );
995 $template->pparse('body');
997 include('./page_footer_admin.'.$phpEx);
999 ?>