]> git.vanrenterghem.biz Git - www.vanrenterghem.biz.git/blob - phpBB2/admin/admin_groups.php
Voeg foto Frederik toe.
[www.vanrenterghem.biz.git] / phpBB2 / admin / admin_groups.php
1 <?php
2 /***************************************************************************
3  *                             admin_groups.php
4  *                            -------------------
5  *   begin                : Saturday, Feb 13, 2001
6  *   copyright            : (C) 2001 The phpBB Group
7  *   email                : support@phpbb.com
8  *
9  *   $Id: admin_groups.php,v 1.25.2.13 2006/03/09 19:42:41 grahamje Exp $
10  *
11  *
12  ***************************************************************************/
14 /***************************************************************************
15  *
16  *   This program is free software; you can redistribute it and/or modify
17  *   it under the terms of the GNU General Public License as published by
18  *   the Free Software Foundation; either version 2 of the License, or
19  *   (at your option) any later version.
20  *
21  ***************************************************************************/
23 define('IN_PHPBB', 1);
25 if ( !empty($setmodules) )
26 {
27         $filename = basename(__FILE__);
28         $module['Groups']['Manage'] = $filename;
30         return;
31 }
33 //
34 // Load default header
35 //
36 $phpbb_root_path = './../';
37 require($phpbb_root_path . 'extension.inc');
38 require('./pagestart.' . $phpEx);
40 if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
41 {
42         $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
43 }
44 else
45 {
46         $group_id = 0;
47 }
49 if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
50 {
51         $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
52         $mode = htmlspecialchars($mode);
53 }
54 else
55 {
56         $mode = '';
57 }
59 if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
60 {
61         //
62         // Ok they are editing a group or creating a new group
63         //
64         $template->set_filenames(array(
65                 'body' => 'admin/group_edit_body.tpl')
66         );
68         if ( isset($HTTP_POST_VARS['edit']) )
69         {
70                 //
71                 // They're editing. Grab the vars.
72                 //
73                 $sql = "SELECT *
74                         FROM " . GROUPS_TABLE . "
75                         WHERE group_single_user <> " . TRUE . "
76                         AND group_id = $group_id";
77                 if ( !($result = $db->sql_query($sql)) )
78                 {
79                         message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
80                 }
82                 if ( !($group_info = $db->sql_fetchrow($result)) )
83                 {
84                         message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
85                 }
87                 $mode = 'editgroup';
88                 $template->assign_block_vars('group_edit', array());
90         }
91         else if ( isset($HTTP_POST_VARS['new']) )
92         {
93                 $group_info = array (
94                         'group_name' => '',
95                         'group_description' => '',
96                         'group_moderator' => '',
97                         'group_type' => GROUP_OPEN);
98                 $group_open = ' checked="checked"';
100                 $mode = 'newgroup';
102         }
104         //
105         // Ok, now we know everything about them, let's show the page.
106         //
107         if ($group_info['group_moderator'] != '')
108         {
109                 $sql = "SELECT user_id, username
110                         FROM " . USERS_TABLE . "
111                         WHERE user_id = " . $group_info['group_moderator'];
112                 if ( !($result = $db->sql_query($sql)) )
113                 {
114                         message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
115                 }
117                 if ( !($row = $db->sql_fetchrow($result)) )
118                 {
119                         message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
120                 }
122                 $group_moderator = $row['username'];
123         }
124         else
125         {
126                 $group_moderator = '';
127         }
129         $group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
130         $group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
131         $group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
133         $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
135         $template->assign_vars(array(
136                 'GROUP_NAME' => $group_info['group_name'],
137                 'GROUP_DESCRIPTION' => $group_info['group_description'], 
138                 'GROUP_MODERATOR' => $group_moderator, 
140                 'L_GROUP_TITLE' => $lang['Group_administration'],
141                 'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], 
142                 'L_GROUP_NAME' => $lang['group_name'],
143                 'L_GROUP_DESCRIPTION' => $lang['group_description'],
144                 'L_GROUP_MODERATOR' => $lang['group_moderator'], 
145                 'L_FIND_USERNAME' => $lang['Find_username'], 
146                 'L_GROUP_STATUS' => $lang['group_status'],
147                 'L_GROUP_OPEN' => $lang['group_open'],
148                 'L_GROUP_CLOSED' => $lang['group_closed'],
149                 'L_GROUP_HIDDEN' => $lang['group_hidden'],
150                 'L_GROUP_DELETE' => $lang['group_delete'],
151                 'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'],
152                 'L_SUBMIT' => $lang['Submit'],
153                 'L_RESET' => $lang['Reset'],
154                 'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
155                 'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
156                 'L_YES' => $lang['Yes'],
158                 'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"), 
160                 'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
161                 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
162                 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
163                 'S_GROUP_OPEN_CHECKED' => $group_open,
164                 'S_GROUP_CLOSED_CHECKED' => $group_closed,
165                 'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
166                 'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
167                 'S_HIDDEN_FIELDS' => $s_hidden_fields)
168         );
170         $template->pparse('body');
173 else if ( isset($HTTP_POST_VARS['group_update']) )
175         //
176         // Ok, they are submitting a group, let's save the data based on if it's new or editing
177         //
178         if ( isset($HTTP_POST_VARS['group_delete']) )
179         {
180                 //
181                 // Reset User Moderator Level
182                 //
184                 // Is Group moderating a forum ?
185                 $sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . " 
186                         WHERE group_id = " . $group_id;
187                 if ( !($result = $db->sql_query($sql)) )
188                 {
189                         message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql);
190                 }
192                 $row = $db->sql_fetchrow($result);
193                 if (intval($row['auth_mod']) == 1)
194                 {
195                         // Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums
196                         $sql = "SELECT user_id FROM " . USER_GROUP_TABLE . "
197                                 WHERE group_id = " . $group_id;
198                         if ( !($result = $db->sql_query($sql)) )
199                         {
200                                 message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql);
201                         }
203                         $rows = $db->sql_fetchrowset($result);
204                         for ($i = 0; $i < count($rows); $i++)
205                         {
206                                 $sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
207                                 WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id) 
208                                         AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")";
209                                 if ( !($result = $db->sql_query($sql)) )
210                                 {
211                                         message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql);
212                                 }
214                                 if ($db->sql_numrows($result) == 0)
215                                 {
216                                         $sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . " 
217                                         WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']);
218                                         
219                                         if ( !$db->sql_query($sql) )
220                                         {
221                                                 message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql);
222                                         }
223                                 }
224                         }
225                 }
227                 //
228                 // Delete Group
229                 //
230                 $sql = "DELETE FROM " . GROUPS_TABLE . "
231                         WHERE group_id = " . $group_id;
232                 if ( !$db->sql_query($sql) )
233                 {
234                         message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
235                 }
237                 $sql = "DELETE FROM " . USER_GROUP_TABLE . "
238                         WHERE group_id = " . $group_id;
239                 if ( !$db->sql_query($sql) )
240                 {
241                         message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql);
242                 }
244                 $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
245                         WHERE group_id = " . $group_id;
246                 if ( !$db->sql_query($sql) )
247                 {
248                         message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql);
249                 }
251                 $message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
253                 message_die(GENERAL_MESSAGE, $message);
254         }
255         else
256         {
257                 $group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
258                 $group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
259                 $group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
260                 $group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
261                 $delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;
263                 if ( $group_name == '' )
264                 {
265                         message_die(GENERAL_MESSAGE, $lang['No_group_name']);
266                 }
267                 else if ( $group_moderator == '' )
268                 {
269                         message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
270                 }
271                 
272                 $this_userdata = get_userdata($group_moderator, true);
273                 $group_moderator = $this_userdata['user_id'];
275                 if ( !$group_moderator )
276                 {
277                         message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
278                 }
279                                 
280                 if( $mode == "editgroup" )
281                 {
282                         $sql = "SELECT *
283                                 FROM " . GROUPS_TABLE . "
284                                 WHERE group_single_user <> " . TRUE . "
285                                 AND group_id = " . $group_id;
286                         if ( !($result = $db->sql_query($sql)) )
287                         {
288                                 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
289                         }
291                         if( !($group_info = $db->sql_fetchrow($result)) )
292                         {
293                                 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
294                         }
295                 
296                         if ( $group_info['group_moderator'] != $group_moderator )
297                         {
298                                 if ( $delete_old_moderator )
299                                 {
300                                         $sql = "DELETE FROM " . USER_GROUP_TABLE . "
301                                                 WHERE user_id = " . $group_info['group_moderator'] . " 
302                                                         AND group_id = " . $group_id;
303                                         if ( !$db->sql_query($sql) )
304                                         {
305                                                 message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
306                                         }
307                                 }
309                                 $sql = "SELECT user_id 
310                                         FROM " . USER_GROUP_TABLE . " 
311                                         WHERE user_id = $group_moderator 
312                                                 AND group_id = $group_id";
313                                 if ( !($result = $db->sql_query($sql)) )
314                                 {
315                                         message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql);
316                                 }
318                                 if ( !($row = $db->sql_fetchrow($result)) )
319                                 {
320                                         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
321                                                 VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
322                                         if ( !$db->sql_query($sql) )
323                                         {
324                                                 message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
325                                         }
326                                 }
327                         }
329                         $sql = "UPDATE " . GROUPS_TABLE . "
330                                 SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator 
331                                 WHERE group_id = $group_id";
332                         if ( !$db->sql_query($sql) )
333                         {
334                                 message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
335                         }
336         
337                         $message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
339                         message_die(GENERAL_MESSAGE, $message);
340                 }
341                 else if( $mode == 'newgroup' )
342                 {
343                         $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) 
344                                 VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator,   '0')";
345                         if ( !$db->sql_query($sql) )
346                         {
347                                 message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql);
348                         }
349                         $new_group_id = $db->sql_nextid();
351                         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
352                                 VALUES ($new_group_id, $group_moderator, 0)";
353                         if ( !$db->sql_query($sql) )
354                         {
355                                 message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql);
356                         }
357                         
358                         $message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
360                         message_die(GENERAL_MESSAGE, $message);
362                 }
363                 else
364                 {
365                         message_die(GENERAL_MESSAGE, $lang['No_group_action']);
366                 }
367         }
369 else
371         $sql = "SELECT group_id, group_name
372                 FROM " . GROUPS_TABLE . "
373                 WHERE group_single_user <> " . TRUE . "
374                 ORDER BY group_name";
375         if ( !($result = $db->sql_query($sql)) )
376         {
377                 message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql);
378         }
380         $select_list = '';
381         if ( $row = $db->sql_fetchrow($result) )
382         {
383                 $select_list .= '<select name="' . POST_GROUPS_URL . '">';
384                 do
385                 {
386                         $select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
387                 }
388                 while ( $row = $db->sql_fetchrow($result) );
389                 $select_list .= '</select>';
390         }
392         $template->set_filenames(array(
393                 'body' => 'admin/group_select_body.tpl')
394         );
396         $template->assign_vars(array(
397                 'L_GROUP_TITLE' => $lang['Group_administration'],
398                 'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'],
399                 'L_GROUP_SELECT' => $lang['Select_group'],
400                 'L_LOOK_UP' => $lang['Look_up_group'],
401                 'L_CREATE_NEW_GROUP' => $lang['New_group'],
403                 'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
404                 'S_GROUP_SELECT' => $select_list)
405         );
407         if ( $select_list != '' )
408         {
409                 $template->assign_block_vars('select_box', array());
410         }
412         $template->pparse('body');
415 include('./page_footer_admin.'.$phpEx);
417 ?>