]> git.vanrenterghem.biz Git - www.vanrenterghem.biz.git/blob - phpBB2/groupcp.php
Baseline
[www.vanrenterghem.biz.git] / phpBB2 / groupcp.php
1 <?php
2 /***************************************************************************
3  *                               groupcp.php
4  *                            -------------------
5  *   begin                : Saturday, Feb 13, 2001
6  *   copyright            : (C) 2001 The phpBB Group
7  *   email                : support@phpbb.com
8  *
9  *   $Id: groupcp.php,v 1.58.2.27 2006/12/16 13:11:24 acydburn Exp $
10  *
11  *
12  ***************************************************************************/
14 /***************************************************************************
15  *
16  *   This program is free software; you can redistribute it and/or modify
17  *   it under the terms of the GNU General Public License as published by
18  *   the Free Software Foundation; either version 2 of the License, or
19  *   (at your option) any later version.
20  *
21  ***************************************************************************/
23 define('IN_PHPBB', true);
24 $phpbb_root_path = './';
25 include($phpbb_root_path . 'extension.inc');
26 include($phpbb_root_path . 'common.'.$phpEx);
28 // -------------------------
29 //
30 function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$joined, &$poster_avatar, &$profile_img, &$profile, &$search_img, &$search, &$pm_img, &$pm, &$email_img, &$email, &$www_img, &$www, &$icq_status_img, &$icq_img, &$icq, &$aim_img, &$aim, &$msn_img, &$msn, &$yim_img, &$yim)
31 {
32         global $lang, $images, $board_config, $phpEx;
34         $from = ( !empty($row['user_from']) ) ? $row['user_from'] : '&nbsp;';
35         $joined = create_date($date_format, $row['user_regdate'], $board_config['board_timezone']);
36         $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
38         $poster_avatar = '';
39         if ( $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] )
40         {
41                 switch( $row['user_avatar_type'] )
42                 {
43                         case USER_AVATAR_UPLOAD:
44                                 $poster_avatar = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
45                                 break;
46                         case USER_AVATAR_REMOTE:
47                                 $poster_avatar = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $row['user_avatar'] . '" alt="" border="0" />' : '';
48                                 break;
49                         case USER_AVATAR_GALLERY:
50                                 $poster_avatar = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
51                                 break;
52                 }
53         }
55         if ( !empty($row['user_viewemail']) || $group_mod )
56         {
57                 $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $row['user_id']) : 'mailto:' . $row['user_email'];
59                 $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
60                 $email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
61         }
62         else
63         {
64                 $email_img = '&nbsp;';
65                 $email = '&nbsp;';
66         }
68         $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
69         $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
70         $profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
72         $temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=" . $row['user_id']);
73         $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
74         $pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
76         $www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '';
77         $www = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
79         if ( !empty($row['user_icq']) )
80         {
81                 $icq_status_img = '<a href="http://wwp.icq.com/' . $row['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $row['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
82                 $icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
83                 $icq =  '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . $lang['ICQ'] . '</a>';
84         }
85         else
86         {
87                 $icq_status_img = '';
88                 $icq_img = '';
89                 $icq = '';
90         }
92         $aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
93         $aim = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
95         $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
96         $msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
97         $msn = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
99         $yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
100         $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
102         $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
103         $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
104         $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';
106         return;
108 //
109 // --------------------------
111 //
112 // Start session management
113 //
114 $userdata = session_pagestart($user_ip, PAGE_GROUPCP);
115 init_userprefs($userdata);
116 //
117 // End session management
118 //
120 $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
121 $script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx;
122 $server_name = trim($board_config['server_name']);
123 $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
124 $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
126 $server_url = $server_protocol . $server_name . $server_port . $script_name;
128 if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
130         $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
132 else
134         $group_id = '';
137 if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
139         $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
140         $mode = htmlspecialchars($mode);
142 else
144         $mode = '';
147 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
148 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
150 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
151 $start = ($start < 0) ? 0 : $start;
153 //
154 // Default var values
155 //
156 $is_moderator = FALSE;
158 if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
160         if ( !$userdata['session_logged_in'] )
161         {
162                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
163         }
165         $sql = "SELECT group_moderator 
166                 FROM " . GROUPS_TABLE . "  
167                 WHERE group_id = $group_id";
168         if ( !($result = $db->sql_query($sql)) )
169         {
170                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
171         }
173         $row = $db->sql_fetchrow($result);
175         if ( $row['group_moderator'] != $userdata['user_id'] && $userdata['user_level'] != ADMIN )
176         {
177                 $template->assign_vars(array(
178                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
179                 );
181                 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
183                 message_die(GENERAL_MESSAGE, $message);
184         }
186         $sql = "UPDATE " . GROUPS_TABLE . " 
187                 SET group_type = " . intval($HTTP_POST_VARS['group_type']) . "
188                 WHERE group_id = $group_id";
189         if ( !($result = $db->sql_query($sql)) )
190         {
191                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
192         }
194         $template->assign_vars(array(
195                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
196         );
198         $message = $lang['Group_type_updated'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
200         message_die(GENERAL_MESSAGE, $message);
203 else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
205         //
206         // First, joining a group
207         // If the user isn't logged in redirect them to login
208         //
209         if ( !$userdata['session_logged_in'] )
210         {
211                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
212         }
214         $sql = "SELECT ug.user_id, g.group_type
215                 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 
216                 WHERE g.group_id = $group_id 
217                         AND g.group_type <> " . GROUP_HIDDEN . " 
218                         AND ug.group_id = g.group_id";
219         if ( !($result = $db->sql_query($sql)) )
220         {
221                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
222         }
224         if (    $row = $db->sql_fetchrow($result) )
225         {
226                 if ( $row['group_type'] == GROUP_OPEN )
227                 {
228                         do
229                         {
230                                 if ( $userdata['user_id'] == $row['user_id'] )
231                                 {
232                                         $template->assign_vars(array(
233                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
234                                         );
236                                         $message = $lang['Already_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
238                                         message_die(GENERAL_MESSAGE, $message);
239                                 }
240                         } while ( $row = $db->sql_fetchrow($result) );
241                 }
242                 else
243                 {
244                         $template->assign_vars(array(
245                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
246                         );
248                         $message = $lang['This_closed_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
250                         message_die(GENERAL_MESSAGE, $message);
251                 }
252         }
253         else
254         {
255                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); 
256         }
258         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 
259                 VALUES ($group_id, " . $userdata['user_id'] . ", 1)";
260         if ( !($result = $db->sql_query($sql)) )
261         {
262                 message_die(GENERAL_ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql);
263         }
265         $sql = "SELECT u.user_email, u.username, u.user_lang, g.group_name 
266                 FROM ".USERS_TABLE . " u, " . GROUPS_TABLE . " g 
267                 WHERE u.user_id = g.group_moderator 
268                         AND g.group_id = $group_id";
269         if ( !($result = $db->sql_query($sql)) )
270         {
271                 message_die(GENERAL_ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql);
272         }
274         $moderator = $db->sql_fetchrow($result);
276         include($phpbb_root_path . 'includes/emailer.'.$phpEx);
277         $emailer = new emailer($board_config['smtp_delivery']);
279         $emailer->from($board_config['board_email']);
280         $emailer->replyto($board_config['board_email']);
282         $emailer->use_template('group_request', $moderator['user_lang']);
283         $emailer->email_address($moderator['user_email']);
284         $emailer->set_subject($lang['Group_request']);
286         $emailer->assign_vars(array(
287                 'SITENAME' => $board_config['sitename'], 
288                 'GROUP_MODERATOR' => $moderator['username'],
289                 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
291                 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id&validate=true")
292         );
293         $emailer->send();
294         $emailer->reset();
296         $template->assign_vars(array(
297                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
298         );
300         $message = $lang['Group_joined'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
302         message_die(GENERAL_MESSAGE, $message);
304 else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending']) && $group_id )
306         //
307         // Second, unsubscribing from a group
308         // Check for confirmation of unsub.
309         //
310         if ( $cancel )
311         {
312                 redirect(append_sid("groupcp.$phpEx", true));
313         }
314         elseif ( !$userdata['session_logged_in'] )
315         {
316                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
317         }
319         if ( $confirm )
320         {
321                 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 
322                         WHERE user_id = " . $userdata['user_id'] . " 
323                                 AND group_id = $group_id";
324                 if ( !($result = $db->sql_query($sql)) )
325                 {
326                         message_die(GENERAL_ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql);
327                 }
329                 if ( $userdata['user_level'] != ADMIN && $userdata['user_level'] == MOD )
330                 {
331                         $sql = "SELECT COUNT(auth_mod) AS is_auth_mod 
332                                 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
333                                 WHERE ug.user_id = " . $userdata['user_id'] . " 
334                                         AND aa.group_id = ug.group_id 
335                                         AND aa.auth_mod = 1";
336                         if ( !($result = $db->sql_query($sql)) )
337                         {
338                                 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
339                         }
341                         if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
342                         {
343                                 $sql = "UPDATE " . USERS_TABLE . " 
344                                         SET user_level = " . USER . " 
345                                         WHERE user_id = " . $userdata['user_id'];
346                                 if ( !($result = $db->sql_query($sql)) )
347                                 {
348                                         message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
349                                 }
350                         }
351                 }
353                 $template->assign_vars(array(
354                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
355                 );
357                 $message = $lang['Unsub_success'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
359                 message_die(GENERAL_MESSAGE, $message);
360         }
361         else
362         {
363                 $unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
365                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
367                 $page_title = $lang['Group_Control_Panel'];
368                 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
370                 $template->set_filenames(array(
371                         'confirm' => 'confirm_body.tpl')
372                 );
374                 $template->assign_vars(array(
375                         'MESSAGE_TITLE' => $lang['Confirm'],
376                         'MESSAGE_TEXT' => $unsub_msg,
377                         'L_YES' => $lang['Yes'],
378                         'L_NO' => $lang['No'],
379                         'S_CONFIRM_ACTION' => append_sid("groupcp.$phpEx"),
380                         'S_HIDDEN_FIELDS' => $s_hidden_fields)
381                 );
383                 $template->pparse('confirm');
385                 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
386         }
389 else if ( $group_id )
391         //
392         // Did the group moderator get here through an email?
393         // If so, check to see if they are logged in.
394         //
395         if ( isset($HTTP_GET_VARS['validate']) )
396         {
397                 if ( !$userdata['session_logged_in'] )
398                 {
399                         redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
400                 }
401         }
403         //
404         // For security, get the ID of the group moderator.
405         //
406         switch(SQL_LAYER)
407         {
408                 case 'postgresql':
409                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
410                                 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
411                                 WHERE g.group_id = $group_id
412                                         AND aa.group_id = g.group_id 
413                                         UNION (
414                                                 SELECT g.group_moderator, g.group_type, NULL 
415                                                 FROM " . GROUPS_TABLE . " g
416                                                 WHERE g.group_id = $group_id
417                                                         AND NOT EXISTS (
418                                                         SELECT aa.group_id 
419                                                         FROM " . AUTH_ACCESS_TABLE . " aa 
420                                                         WHERE aa.group_id = g.group_id  
421                                                 )
422                                         )
423                                 ORDER BY aa.auth_mod DESC";
424                         break;
426                 case 'oracle':
427                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
428                                 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
429                                 WHERE g.group_id = $group_id
430                                         AND aa.group_id (+) = g.group_id
431                                 ORDER BY aa.auth_mod DESC";
432                         break;
434                 default:
435                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
436                                 FROM ( " . GROUPS_TABLE . " g 
437                                 LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
438                                 WHERE g.group_id = $group_id
439                                 ORDER BY aa.auth_mod DESC";
440                         break;
441         }
442         if ( !($result = $db->sql_query($sql)) )
443         {
444                 message_die(GENERAL_ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql);
445         }
447         if ( $group_info = $db->sql_fetchrow($result) )
448         {
449                 $group_moderator = $group_info['group_moderator'];
450         
451                 if ( $group_moderator == $userdata['user_id'] || $userdata['user_level'] == ADMIN )
452                 {
453                         $is_moderator = TRUE;
454                 }
455                         
456                 //
457                 // Handle Additions, removals, approvals and denials
458                 //
459                 if ( !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['remove']) || isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) )
460                 {
461                         if ( !$userdata['session_logged_in'] )
462                         {
463                                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
464                         }
466                         if ( !$is_moderator )
467                         {
468                                 $template->assign_vars(array(
469                                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
470                                 );
472                                 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
474                                 message_die(GENERAL_MESSAGE, $message);
475                         }
477                         if ( isset($HTTP_POST_VARS['add']) )
478                         {
479                                 $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
480                                 
481                                 $sql = "SELECT user_id, user_email, user_lang, user_level  
482                                         FROM " . USERS_TABLE . " 
483                                         WHERE username = '" . str_replace("\'", "''", $username) . "'";
484                                 if ( !($result = $db->sql_query($sql)) )
485                                 {
486                                         message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql);
487                                 }
489                                 if ( !($row = $db->sql_fetchrow($result)) )
490                                 {
491                                         $template->assign_vars(array(
492                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
493                                         );
495                                         $message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>");
497                                         message_die(GENERAL_MESSAGE, $message);
498                                 }
500                                 if ( $row['user_id'] == ANONYMOUS )
501                                 {
502                                         $template->assign_vars(array(
503                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
504                                         );
506                                         $message = $lang['Could_not_anon_user'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
508                                         message_die(GENERAL_MESSAGE, $message);
509                                 }
510                                 
511                                 $sql = "SELECT ug.user_id, u.user_level 
512                                         FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u 
513                                         WHERE u.user_id = " . $row['user_id'] . " 
514                                                 AND ug.user_id = u.user_id 
515                                                 AND ug.group_id = $group_id";
516                                 if ( !($result = $db->sql_query($sql)) )
517                                 {
518                                         message_die(GENERAL_ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql);
519                                 }
521                                 if ( !($db->sql_fetchrow($result)) )
522                                 {
523                                         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) 
524                                                 VALUES (" . $row['user_id'] . ", $group_id, 0)";
525                                         if ( !$db->sql_query($sql) )
526                                         {
527                                                 message_die(GENERAL_ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql);
528                                         }
529                                         
530                                         if ( $row['user_level'] != ADMIN && $row['user_level'] != MOD && $group_info['auth_mod'] )
531                                         {
532                                                 $sql = "UPDATE " . USERS_TABLE . " 
533                                                         SET user_level = " . MOD . " 
534                                                         WHERE user_id = " . $row['user_id'];
535                                                 if ( !$db->sql_query($sql) )
536                                                 {
537                                                         message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
538                                                 }
539                                         }
541                                         //
542                                         // Get the group name
543                                         // Email the user and tell them they're in the group
544                                         //
545                                         $group_sql = "SELECT group_name 
546                                                 FROM " . GROUPS_TABLE . " 
547                                                 WHERE group_id = $group_id";
548                                         if ( !($result = $db->sql_query($group_sql)) )
549                                         {
550                                                 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
551                                         }
553                                         $group_name_row = $db->sql_fetchrow($result);
555                                         $group_name = $group_name_row['group_name'];
557                                         include($phpbb_root_path . 'includes/emailer.'.$phpEx);
558                                         $emailer = new emailer($board_config['smtp_delivery']);
560                                         $emailer->from($board_config['board_email']);
561                                         $emailer->replyto($board_config['board_email']);
563                                         $emailer->use_template('group_added', $row['user_lang']);
564                                         $emailer->email_address($row['user_email']);
565                                         $emailer->set_subject($lang['Group_added']);
567                                         $emailer->assign_vars(array(
568                                                 'SITENAME' => $board_config['sitename'], 
569                                                 'GROUP_NAME' => $group_name,
570                                                 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
572                                                 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
573                                         );
574                                         $emailer->send();
575                                         $emailer->reset();
576                                 }
577                                 else
578                                 {
579                                         $template->assign_vars(array(
580                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
581                                         );
583                                         $message = $lang['User_is_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
585                                         message_die(GENERAL_MESSAGE, $message);
586                                 }
587                         }
588                         else 
589                         {
590                                 if ( ( ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) && isset($HTTP_POST_VARS['pending_members']) ) || ( isset($HTTP_POST_VARS['remove']) && isset($HTTP_POST_VARS['members']) ) )
591                                 {
593                                         $members = ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) ? $HTTP_POST_VARS['pending_members'] : $HTTP_POST_VARS['members'];
595                                         $sql_in = '';
596                                         for($i = 0; $i < count($members); $i++)
597                                         {
598                                                 $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
599                                         }
601                                         if ( isset($HTTP_POST_VARS['approve']) )
602                                         {
603                                                 if ( $group_info['auth_mod'] )
604                                                 {
605                                                         $sql = "UPDATE " . USERS_TABLE . " 
606                                                                 SET user_level = " . MOD . " 
607                                                                 WHERE user_id IN ($sql_in) 
608                                                                         AND user_level NOT IN (" . MOD . ", " . ADMIN . ")";
609                                                         if ( !$db->sql_query($sql) )
610                                                         {
611                                                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
612                                                         }
613                                                 }
615                                                 $sql = "UPDATE " . USER_GROUP_TABLE . " 
616                                                         SET user_pending = 0 
617                                                         WHERE user_id IN ($sql_in) 
618                                                                 AND group_id = $group_id";
619                                                 $sql_select = "SELECT user_email 
620                                                         FROM ". USERS_TABLE . " 
621                                                         WHERE user_id IN ($sql_in)"; 
622                                         }
623                                         else if ( isset($HTTP_POST_VARS['deny']) || isset($HTTP_POST_VARS['remove']) )
624                                         {
625                                                 if ( $group_info['auth_mod'] )
626                                                 {
627                                                         $sql = "SELECT ug.user_id, ug.group_id 
628                                                                 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
629                                                                 WHERE ug.user_id IN  ($sql_in) 
630                                                                         AND aa.group_id = ug.group_id 
631                                                                         AND aa.auth_mod = 1 
632                                                                 GROUP BY ug.user_id, ug.group_id 
633                                                                 ORDER BY ug.user_id, ug.group_id";
634                                                         if ( !($result = $db->sql_query($sql)) )
635                                                         {
636                                                                 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
637                                                         }
639                                                         if ( $row = $db->sql_fetchrow($result) )
640                                                         {
641                                                                 $group_check = array();
642                                                                 $remove_mod_sql = '';
644                                                                 do
645                                                                 {
646                                                                         $group_check[$row['user_id']][] = $row['group_id'];
647                                                                 }
648                                                                 while ( $row = $db->sql_fetchrow($result) );
650                                                                 while( list($user_id, $group_list) = @each($group_check) )
651                                                                 {
652                                                                         if ( count($group_list) == 1 )
653                                                                         {
654                                                                                 $remove_mod_sql .= ( ( $remove_mod_sql != '' ) ? ', ' : '' ) . $user_id;
655                                                                         }
656                                                                 }
658                                                                 if ( $remove_mod_sql != '' )
659                                                                 {
660                                                                         $sql = "UPDATE " . USERS_TABLE . " 
661                                                                                 SET user_level = " . USER . " 
662                                                                                 WHERE user_id IN ($remove_mod_sql) 
663                                                                                         AND user_level NOT IN (" . ADMIN . ")";
664                                                                         if ( !$db->sql_query($sql) )
665                                                                         {
666                                                                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
667                                                                         }
668                                                                 }
669                                                         }
670                                                 }
672                                                 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 
673                                                         WHERE user_id IN ($sql_in) 
674                                                                 AND group_id = $group_id";
675                                         }
677                                         if ( !$db->sql_query($sql) )
678                                         {
679                                                 message_die(GENERAL_ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql);
680                                         }
682                                         //
683                                         // Email users when they are approved
684                                         //
685                                         if ( isset($HTTP_POST_VARS['approve']) )
686                                         {
687                                                 if ( !($result = $db->sql_query($sql_select)) )
688                                                 {
689                                                         message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
690                                                 }
692                                                 $bcc_list = array();
693                                                 while ($row = $db->sql_fetchrow($result))
694                                                 {
695                                                         $bcc_list[] = $row['user_email'];
696                                                 }
698                                                 //
699                                                 // Get the group name
700                                                 //
701                                                 $group_sql = "SELECT group_name 
702                                                         FROM " . GROUPS_TABLE . " 
703                                                         WHERE group_id = $group_id";
704                                                 if ( !($result = $db->sql_query($group_sql)) )
705                                                 {
706                                                         message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
707                                                 }
709                                                 $group_name_row = $db->sql_fetchrow($result);
710                                                 $group_name = $group_name_row['group_name'];
712                                                 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
713                                                 $emailer = new emailer($board_config['smtp_delivery']);
715                                                 $emailer->from($board_config['board_email']);
716                                                 $emailer->replyto($board_config['board_email']);
718                                                 for ($i = 0; $i < count($bcc_list); $i++)
719                                                 {
720                                                         $emailer->bcc($bcc_list[$i]);
721                                                 }
723                                                 $emailer->use_template('group_approved');
724                                                 $emailer->set_subject($lang['Group_approved']);
726                                                 $emailer->assign_vars(array(
727                                                         'SITENAME' => $board_config['sitename'], 
728                                                         'GROUP_NAME' => $group_name,
729                                                         'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
731                                                         'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
732                                                 );
733                                                 $emailer->send();
734                                                 $emailer->reset();
735                                         }
736                                 }
737                         }
738                 }
739                 //
740                 // END approve or deny
741                 //
742         }
743         else
744         {
745                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
746         }
748         //
749         // Get group details
750         //
751         $sql = "SELECT *
752                 FROM " . GROUPS_TABLE . "
753                 WHERE group_id = $group_id
754                         AND group_single_user = 0";
755         if ( !($result = $db->sql_query($sql)) )
756         {
757                 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
758         }
760         if ( !($group_info = $db->sql_fetchrow($result)) )
761         {
762                 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); 
763         }
765         //
766         // Get moderator details for this group
767         //
768         $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm  
769                 FROM " . USERS_TABLE . " 
770                 WHERE user_id = " . $group_info['group_moderator'];
771         if ( !($result = $db->sql_query($sql)) )
772         {
773                 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
774         }
776         $group_moderator = $db->sql_fetchrow($result); 
778         //
779         // Get user information for this group
780         //
781         $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, ug.user_pending 
782                 FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
783                 WHERE ug.group_id = $group_id
784                         AND u.user_id = ug.user_id
785                         AND ug.user_pending = 0 
786                         AND ug.user_id <> " . $group_moderator['user_id'] . " 
787                 ORDER BY u.username"; 
788         if ( !($result = $db->sql_query($sql)) )
789         {
790                 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
791         }
793         $group_members = $db->sql_fetchrowset($result); 
794         $members_count = count($group_members);
795         $db->sql_freeresult($result);
797         $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm
798                 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
799                 WHERE ug.group_id = $group_id
800                         AND g.group_id = ug.group_id
801                         AND ug.user_pending = 1
802                         AND u.user_id = ug.user_id
803                 ORDER BY u.username"; 
804         if ( !($result = $db->sql_query($sql)) )
805         {
806                 message_die(GENERAL_ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql);
807         }
809         $modgroup_pending_list = $db->sql_fetchrowset($result);
810         $modgroup_pending_count = count($modgroup_pending_list);
811         $db->sql_freeresult($result);
813         $is_group_member = 0;
814         if ( $members_count )
815         {
816                 for($i = 0; $i < $members_count; $i++)
817                 {
818                         if ( $group_members[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
819                         {
820                                 $is_group_member = TRUE; 
821                         }
822                 }
823         }
825         $is_group_pending_member = 0;
826         if ( $modgroup_pending_count )
827         {
828                 for($i = 0; $i < $modgroup_pending_count; $i++)
829                 {
830                         if ( $modgroup_pending_list[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
831                         {
832                                 $is_group_pending_member = TRUE;
833                         }
834                 }
835         }
837         if ( $userdata['user_level'] == ADMIN )
838         {
839                 $is_moderator = TRUE;
840         }
842         if ( $userdata['user_id'] == $group_info['group_moderator'] )
843         {
844                 $is_moderator = TRUE;
846                 $group_details =  $lang['Are_group_moderator'];
848                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
849         }
850         else if ( $is_group_member || $is_group_pending_member )
851         {
852                 $template->assign_block_vars('switch_unsubscribe_group_input', array());
854                 $group_details =  ( $is_group_pending_member ) ? $lang['Pending_this_group'] : $lang['Member_this_group'];
856                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
857         }
858         else if ( $userdata['user_id'] == ANONYMOUS )
859         {
860                 $group_details =  $lang['Login_to_join'];
861                 $s_hidden_fields = '';
862         }
863         else
864         {
865                 if ( $group_info['group_type'] == GROUP_OPEN )
866                 {
867                         $template->assign_block_vars('switch_subscribe_group_input', array());
869                         $group_details =  $lang['This_open_group'];
870                         $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
871                 }
872                 else if ( $group_info['group_type'] == GROUP_CLOSED )
873                 {
874                         $group_details =  $lang['This_closed_group'];
875                         $s_hidden_fields = '';
876                 }
877                 else if ( $group_info['group_type'] == GROUP_HIDDEN )
878                 {
879                         $group_details =  $lang['This_hidden_group'];
880                         $s_hidden_fields = '';
881                 }
882         }
884         $page_title = $lang['Group_Control_Panel'];
885         include($phpbb_root_path . 'includes/page_header.'.$phpEx);
887         //
888         // Load templates
889         //
890         $template->set_filenames(array(
891                 'info' => 'groupcp_info_body.tpl', 
892                 'pendinginfo' => 'groupcp_pending_info.tpl')
893         );
894         make_jumpbox('viewforum.'.$phpEx);
896         //
897         // Add the moderator
898         //
899         $username = $group_moderator['username'];
900         $user_id = $group_moderator['user_id'];
902         generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
904         $s_hidden_fields .= '';
906         $template->assign_vars(array(
907                 'L_GROUP_INFORMATION' => $lang['Group_Information'],
908                 'L_GROUP_NAME' => $lang['Group_name'],
909                 'L_GROUP_DESC' => $lang['Group_description'],
910                 'L_GROUP_TYPE' => $lang['Group_type'],
911                 'L_GROUP_MEMBERSHIP' => $lang['Group_membership'],
912                 'L_SUBSCRIBE' => $lang['Subscribe'],
913                 'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
914                 'L_JOIN_GROUP' => $lang['Join_group'], 
915                 'L_UNSUBSCRIBE_GROUP' => $lang['Unsubscribe'], 
916                 'L_GROUP_OPEN' => $lang['Group_open'],
917                 'L_GROUP_CLOSED' => $lang['Group_closed'],
918                 'L_GROUP_HIDDEN' => $lang['Group_hidden'], 
919                 'L_UPDATE' => $lang['Update'], 
920                 'L_GROUP_MODERATOR' => $lang['Group_Moderator'], 
921                 'L_GROUP_MEMBERS' => $lang['Group_Members'], 
922                 'L_PENDING_MEMBERS' => $lang['Pending_members'], 
923                 'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'], 
924                 'L_PM' => $lang['Private_Message'], 
925                 'L_EMAIL' => $lang['Email'], 
926                 'L_POSTS' => $lang['Posts'], 
927                 'L_WEBSITE' => $lang['Website'],
928                 'L_FROM' => $lang['Location'],
929                 'L_ORDER' => $lang['Order'],
930                 'L_SORT' => $lang['Sort'],
931                 'L_SUBMIT' => $lang['Sort'],
932                 'L_AIM' => $lang['AIM'],
933                 'L_YIM' => $lang['YIM'],
934                 'L_MSNM' => $lang['MSNM'],
935                 'L_ICQ' => $lang['ICQ'],
936                 'L_SELECT' => $lang['Select'],
937                 'L_REMOVE_SELECTED' => $lang['Remove_selected'],
938                 'L_ADD_MEMBER' => $lang['Add_member'],
939                 'L_FIND_USERNAME' => $lang['Find_username'],
941                 'GROUP_NAME' => $group_info['group_name'],
942                 'GROUP_DESC' => $group_info['group_description'],
943                 'GROUP_DETAILS' => $group_details,
944                 'MOD_ROW_COLOR' => '#' . $theme['td_color1'],
945                 'MOD_ROW_CLASS' => $theme['td_class1'],
946                 'MOD_USERNAME' => $username,
947                 'MOD_FROM' => $from,
948                 'MOD_JOINED' => $joined,
949                 'MOD_POSTS' => $posts,
950                 'MOD_AVATAR_IMG' => $poster_avatar,
951                 'MOD_PROFILE_IMG' => $profile_img, 
952                 'MOD_PROFILE' => $profile, 
953                 'MOD_SEARCH_IMG' => $search_img,
954                 'MOD_SEARCH' => $search,
955                 'MOD_PM_IMG' => $pm_img,
956                 'MOD_PM' => $pm,
957                 'MOD_EMAIL_IMG' => $email_img,
958                 'MOD_EMAIL' => $email,
959                 'MOD_WWW_IMG' => $www_img,
960                 'MOD_WWW' => $www,
961                 'MOD_ICQ_STATUS_IMG' => $icq_status_img,
962                 'MOD_ICQ_IMG' => $icq_img, 
963                 'MOD_ICQ' => $icq, 
964                 'MOD_AIM_IMG' => $aim_img,
965                 'MOD_AIM' => $aim,
966                 'MOD_MSN_IMG' => $msn_img,
967                 'MOD_MSN' => $msn,
968                 'MOD_YIM_IMG' => $yim_img,
969                 'MOD_YIM' => $yim,
971                 'U_MOD_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"), 
972                 'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser"), 
974                 'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
975                 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
976                 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
977                 'S_GROUP_OPEN_CHECKED' => ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '',
978                 'S_GROUP_CLOSED_CHECKED' => ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '',
979                 'S_GROUP_HIDDEN_CHECKED' => ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '',
980                 'S_HIDDEN_FIELDS' => $s_hidden_fields, 
981                 'S_MODE_SELECT' => $select_sort_mode,
982                 'S_ORDER_SELECT' => $select_sort_order,
983                 'S_GROUPCP_ACTION' => append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id"))
984         );
986         //
987         // Dump out the remaining users
988         //
989         for($i = $start; $i < min($board_config['topics_per_page'] + $start, $members_count); $i++)
990         {
991                 $username = $group_members[$i]['username'];
992                 $user_id = $group_members[$i]['user_id'];
994                 generate_user_info($group_members[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
996                 if ( $group_info['group_type'] != GROUP_HIDDEN || $is_group_member || $is_moderator )
997                 {
998                         $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
999                         $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
1001                         $template->assign_block_vars('member_row', array(
1002                                 'ROW_COLOR' => '#' . $row_color,
1003                                 'ROW_CLASS' => $row_class,
1004                                 'USERNAME' => $username,
1005                                 'FROM' => $from,
1006                                 'JOINED' => $joined,
1007                                 'POSTS' => $posts,
1008                                 'USER_ID' => $user_id, 
1009                                 'AVATAR_IMG' => $poster_avatar,
1010                                 'PROFILE_IMG' => $profile_img, 
1011                                 'PROFILE' => $profile, 
1012                                 'SEARCH_IMG' => $search_img,
1013                                 'SEARCH' => $search,
1014                                 'PM_IMG' => $pm_img,
1015                                 'PM' => $pm,
1016                                 'EMAIL_IMG' => $email_img,
1017                                 'EMAIL' => $email,
1018                                 'WWW_IMG' => $www_img,
1019                                 'WWW' => $www,
1020                                 'ICQ_STATUS_IMG' => $icq_status_img,
1021                                 'ICQ_IMG' => $icq_img, 
1022                                 'ICQ' => $icq, 
1023                                 'AIM_IMG' => $aim_img,
1024                                 'AIM' => $aim,
1025                                 'MSN_IMG' => $msn_img,
1026                                 'MSN' => $msn,
1027                                 'YIM_IMG' => $yim_img,
1028                                 'YIM' => $yim,
1029                                 
1030                                 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1031                         );
1033                         if ( $is_moderator )
1034                         {
1035                                 $template->assign_block_vars('member_row.switch_mod_option', array());
1036                         }
1037                 }
1038         }
1040         if ( !$members_count )
1041         {
1042                 //
1043                 // No group members
1044                 //
1045                 $template->assign_block_vars('switch_no_members', array());
1046                 $template->assign_vars(array(
1047                         'L_NO_MEMBERS' => $lang['No_group_members'])
1048                 );
1049         }
1051         $current_page = ( !$members_count ) ? 1 : ceil( $members_count / $board_config['topics_per_page'] );
1053         $template->assign_vars(array(
1054                 'PAGINATION' => generate_pagination("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id", $members_count, $board_config['topics_per_page'], $start),
1055                 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), $current_page ), 
1057                 'L_GOTO_PAGE' => $lang['Goto_page'])
1058         );
1060         if ( $group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator )
1061         {
1062                 //
1063                 // No group members
1064                 //
1065                 $template->assign_block_vars('switch_hidden_group', array());
1066                 $template->assign_vars(array(
1067                         'L_HIDDEN_MEMBERS' => $lang['Group_hidden_members'])
1068                 );
1069         }
1071         //
1072         // We've displayed the members who belong to the group, now we 
1073         // do that pending memebers... 
1074         //
1075         if ( $is_moderator )
1076         {
1077                 //
1078                 // Users pending in ONLY THIS GROUP (which is moderated by this user)
1079                 //
1080                 if ( $modgroup_pending_count )
1081                 {
1082                         for($i = 0; $i < $modgroup_pending_count; $i++)
1083                         {
1084                                 $username = $modgroup_pending_list[$i]['username'];
1085                                 $user_id = $modgroup_pending_list[$i]['user_id'];
1087                                 generate_user_info($modgroup_pending_list[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
1089                                 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
1090                                 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
1092                                 $user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">';
1094                                 $template->assign_block_vars('pending_members_row', array(
1095                                         'ROW_CLASS' => $row_class,
1096                                         'ROW_COLOR' => '#' . $row_color, 
1097                                         'USERNAME' => $username,
1098                                         'FROM' => $from,
1099                                         'JOINED' => $joined,
1100                                         'POSTS' => $posts,
1101                                         'USER_ID' => $user_id, 
1102                                         'AVATAR_IMG' => $poster_avatar,
1103                                         'PROFILE_IMG' => $profile_img, 
1104                                         'PROFILE' => $profile, 
1105                                         'SEARCH_IMG' => $search_img,
1106                                         'SEARCH' => $search,
1107                                         'PM_IMG' => $pm_img,
1108                                         'PM' => $pm,
1109                                         'EMAIL_IMG' => $email_img,
1110                                         'EMAIL' => $email,
1111                                         'WWW_IMG' => $www_img,
1112                                         'WWW' => $www,
1113                                         'ICQ_STATUS_IMG' => $icq_status_img,
1114                                         'ICQ_IMG' => $icq_img, 
1115                                         'ICQ' => $icq, 
1116                                         'AIM_IMG' => $aim_img,
1117                                         'AIM' => $aim,
1118                                         'MSN_IMG' => $msn_img,
1119                                         'MSN' => $msn,
1120                                         'YIM_IMG' => $yim_img,
1121                                         'YIM' => $yim,
1122                                         
1123                                         'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1124                                 );
1125                         }
1127                         $template->assign_block_vars('switch_pending_members', array() );
1129                         $template->assign_vars(array(
1130                                 'L_SELECT' => $lang['Select'],
1131                                 'L_APPROVE_SELECTED' => $lang['Approve_selected'],
1132                                 'L_DENY_SELECTED' => $lang['Deny_selected'])
1133                         );
1135                         $template->assign_var_from_handle('PENDING_USER_BOX', 'pendinginfo');
1136                 
1137                 }
1138         }
1140         if ( $is_moderator )
1141         {
1142                 $template->assign_block_vars('switch_mod_option', array());
1143                 $template->assign_block_vars('switch_add_member', array());
1144         }
1146         $template->pparse('info');
1148 else
1150         //
1151         // Show the main groupcp.php screen where the user can select a group.
1152         //
1153         // Select all group that the user is a member of or where the user has
1154         // a pending membership.
1155         //
1156         $in_group = array();
1157         
1158         if ( $userdata['session_logged_in'] ) 
1159         {
1160                 $sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending 
1161                         FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
1162                         WHERE ug.user_id = " . $userdata['user_id'] . "  
1163                                 AND ug.group_id = g.group_id
1164                                 AND g.group_single_user <> " . TRUE . "
1165                         ORDER BY g.group_name, ug.user_id";
1166                 if ( !($result = $db->sql_query($sql)) )
1167                 {
1168                         message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1169                 }
1171                 if ( $row = $db->sql_fetchrow($result) )
1172                 {
1173                         $in_group = array();
1174                         $s_member_groups_opt = '';
1175                         $s_pending_groups_opt = '';
1177                         do
1178                         {
1179                                 $in_group[] = $row['group_id'];
1180                                 if ( $row['user_pending'] )
1181                                 {
1182                                         $s_pending_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1183                                 }
1184                                 else
1185                                 {
1186                                         $s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1187                                 }
1188                         }
1189                         while( $row = $db->sql_fetchrow($result) );
1191                         $s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>";
1192                         $s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>";
1193                 }
1194         }
1196         //
1197         // Select all other groups i.e. groups that this user is not a member of
1198         //
1199         $ignore_group_sql =     ( count($in_group) ) ? "AND group_id NOT IN (" . implode(', ', $in_group) . ")" : ''; 
1200         $sql = "SELECT group_id, group_name, group_type 
1201                 FROM " . GROUPS_TABLE . " g 
1202                 WHERE group_single_user <> " . TRUE . " 
1203                         $ignore_group_sql 
1204                 ORDER BY g.group_name";
1205         if ( !($result = $db->sql_query($sql)) )
1206         {
1207                 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1208         }
1210         $s_group_list_opt = '';
1211         while( $row = $db->sql_fetchrow($result) )
1212         {
1213                 if  ( $row['group_type'] != GROUP_HIDDEN || $userdata['user_level'] == ADMIN )
1214                 {
1215                         $s_group_list_opt .='<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1216                 }
1217         }
1218         $s_group_list = '<select name="' . POST_GROUPS_URL . '">' . $s_group_list_opt . '</select>';
1220         if ( $s_group_list_opt != '' || $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1221         {
1222                 //
1223                 // Load and process templates
1224                 //
1225                 $page_title = $lang['Group_Control_Panel'];
1226                 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
1228                 $template->set_filenames(array(
1229                         'user' => 'groupcp_user_body.tpl')
1230                 );
1231                 make_jumpbox('viewforum.'.$phpEx);
1233                 if ( $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1234                 {
1235                         $template->assign_block_vars('switch_groups_joined', array() );
1236                 }
1238                 if ( $s_member_groups_opt != '' )
1239                 {
1240                         $template->assign_block_vars('switch_groups_joined.switch_groups_member', array() );
1241                 }
1243                 if ( $s_pending_groups_opt != '' )
1244                 {
1245                         $template->assign_block_vars('switch_groups_joined.switch_groups_pending', array() );
1246                 }
1248                 if ( $s_group_list_opt != '' )
1249                 {
1250                         $template->assign_block_vars('switch_groups_remaining', array() );
1251                 }
1253                 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
1255                 $template->assign_vars(array(
1256                         'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],
1257                         'L_JOIN_A_GROUP' => $lang['Group_member_join'],
1258                         'L_YOU_BELONG_GROUPS' => $lang['Current_memberships'],
1259                         'L_SELECT_A_GROUP' => $lang['Non_member_groups'],
1260                         'L_PENDING_GROUPS' => $lang['Memberships_pending'],
1261                         'L_SUBSCRIBE' => $lang['Subscribe'],
1262                         'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
1263                         'L_VIEW_INFORMATION' => $lang['View_Information'], 
1265                         'S_USERGROUP_ACTION' => append_sid("groupcp.$phpEx"), 
1266                         'S_HIDDEN_FIELDS' => $s_hidden_fields, 
1268                         'GROUP_LIST_SELECT' => $s_group_list,
1269                         'GROUP_PENDING_SELECT' => $s_pending_groups,
1270                         'GROUP_MEMBER_SELECT' => $s_member_groups)
1271                 );
1273                 $template->pparse('user');
1274         }
1275         else
1276         {
1277                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
1278         }
1282 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1284 ?>