Groups.php 30 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921
  1. <?php
  2. /**
  3. * This file currently just shows group info, and allows certain priviledged members to add/remove members.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2012 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * Entry point function, permission checks, admin bars, etc.
  18. * It allows moderators and users to access the group showing functions.
  19. * It handles permission checks, and puts the moderation bar on as required.
  20. */
  21. function Groups()
  22. {
  23. global $context, $txt, $scripturl, $sourcedir, $user_info;
  24. // The sub-actions that we can do. Format "Function Name, Mod Bar Index if appropriate".
  25. $subActions = array(
  26. 'index' => array('GroupList', 'view_groups'),
  27. 'members' => array('MembergroupMembers', 'view_groups'),
  28. 'requests' => array('GroupRequests', 'group_requests'),
  29. );
  30. // Default to sub action 'index' or 'settings' depending on permissions.
  31. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'index';
  32. // Get the template stuff up and running.
  33. loadLanguage('ManageMembers');
  34. loadLanguage('ModerationCenter');
  35. loadTemplate('ManageMembergroups');
  36. // If we can see the moderation center, and this has a mod bar entry, add the mod center bar.
  37. if (allowedTo('access_mod_center') || $user_info['mod_cache']['bq'] != '0=1' || $user_info['mod_cache']['gq'] != '0=1' || allowedTo('manage_membergroups'))
  38. {
  39. require_once($sourcedir . '/ModerationCenter.php');
  40. $_GET['area'] = $_REQUEST['sa'] == 'requests' ? 'groups' : 'viewgroups';
  41. ModerationMain(true);
  42. }
  43. // Otherwise add something to the link tree, for normal people.
  44. else
  45. {
  46. isAllowedTo('view_mlist');
  47. $context['linktree'][] = array(
  48. 'url' => $scripturl . '?action=groups',
  49. 'name' => $txt['groups'],
  50. );
  51. }
  52. // Call the actual function.
  53. $subActions[$_REQUEST['sa']][0]();
  54. }
  55. /**
  56. * This very simply lists the groups, nothing snazy.
  57. */
  58. function GroupList()
  59. {
  60. global $txt, $context, $sourcedir;
  61. $context['page_title'] = $txt['viewing_groups'];
  62. // Making a list is not hard with this beauty.
  63. require_once($sourcedir . '/Subs-List.php');
  64. // Use the standard templates for showing this.
  65. $listOptions = array(
  66. 'id' => 'group_lists',
  67. 'title' => $context['page_title'],
  68. 'get_items' => array(
  69. 'function' => 'list_getGroups',
  70. ),
  71. 'columns' => array(
  72. 'group' => array(
  73. 'header' => array(
  74. 'value' => $txt['name'],
  75. ),
  76. 'data' => array(
  77. 'function' => create_function('$group', '
  78. global $scripturl, $context;
  79. $output = \'<a href="\' . $scripturl . \'?action=\' . $context[\'current_action\'] . (isset($context[\'admin_area\']) ? \';area=\' . $context[\'admin_area\'] : \'\') . \';sa=members;group=\' . $group[\'id\'] . \'" \' . ($group[\'color\'] ? \'style="color: \' . $group[\'color\'] . \';"\' : \'\') . \'>\' . $group[\'name\'] . \'</a>\';
  80. if ($group[\'desc\'])
  81. $output .= \'<div class="smalltext">\' . $group[\'desc\'] . \'</div>\';
  82. return $output;
  83. '),
  84. 'style' => 'width: 50%;',
  85. ),
  86. ),
  87. 'icons' => array(
  88. 'header' => array(
  89. 'value' => $txt['membergroups_icons'],
  90. ),
  91. 'data' => array(
  92. 'db' => 'icons',
  93. ),
  94. ),
  95. 'moderators' => array(
  96. 'header' => array(
  97. 'value' => $txt['moderators'],
  98. ),
  99. 'data' => array(
  100. 'function' => create_function('$group', '
  101. global $txt;
  102. return empty($group[\'moderators\']) ? \'<em>\' . $txt[\'membergroups_new_copy_none\'] . \'</em>\' : implode(\', \', $group[\'moderators\']);
  103. '),
  104. ),
  105. ),
  106. 'members' => array(
  107. 'header' => array(
  108. 'value' => $txt['membergroups_members_top'],
  109. ),
  110. 'data' => array(
  111. 'comma_format' => true,
  112. 'db' => 'num_members',
  113. ),
  114. ),
  115. ),
  116. );
  117. // Create the request list.
  118. createList($listOptions);
  119. $context['sub_template'] = 'show_list';
  120. $context['default_list'] = 'group_lists';
  121. }
  122. /**
  123. * Get the group information for the list.
  124. * @param int $start
  125. * @param int $items_per_page
  126. * @param int $sort
  127. */
  128. function list_getGroups($start, $items_per_page, $sort)
  129. {
  130. global $smcFunc, $txt, $scripturl, $user_info, $settings, $context;
  131. // Yep, find the groups...
  132. $request = $smcFunc['db_query']('', '
  133. SELECT mg.id_group, mg.group_name, mg.description, mg.group_type, mg.online_color, mg.hidden,
  134. mg.icons, IFNULL(gm.id_member, 0) AS can_moderate
  135. FROM {db_prefix}membergroups AS mg
  136. LEFT JOIN {db_prefix}group_moderators AS gm ON (gm.id_group = mg.id_group AND gm.id_member = {int:current_member})
  137. WHERE mg.min_posts = {int:min_posts}
  138. AND mg.id_group != {int:mod_group}' . (allowedTo('admin_forum') ? '' : '
  139. AND mg.group_type != {int:is_protected}') . '
  140. ORDER BY group_name',
  141. array(
  142. 'current_member' => $user_info['id'],
  143. 'min_posts' => -1,
  144. 'mod_group' => 3,
  145. 'is_protected' => 1,
  146. )
  147. );
  148. // Start collecting the data.
  149. $groups = array();
  150. $group_ids = array();
  151. $context['can_moderate'] = allowedTo('manage_membergroups');
  152. while ($row = $smcFunc['db_fetch_assoc']($request))
  153. {
  154. // We only list the groups they can see.
  155. if ($row['hidden'] && !$row['can_moderate'] && !allowedTo('manage_membergroups'))
  156. continue;
  157. $row['icons'] = explode('#', $row['icons']);
  158. $groups[$row['id_group']] = array(
  159. 'id' => $row['id_group'],
  160. 'name' => $row['group_name'],
  161. 'desc' => $row['description'],
  162. 'color' => $row['online_color'],
  163. 'type' => $row['group_type'],
  164. 'num_members' => 0,
  165. 'moderators' => array(),
  166. 'icons' => !empty($row['icons'][0]) && !empty($row['icons'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $row['icons'][1] . '" alt="*" />', $row['icons'][0]) : '',
  167. );
  168. $context['can_moderate'] |= $row['can_moderate'];
  169. $group_ids[] = $row['id_group'];
  170. }
  171. $smcFunc['db_free_result']($request);
  172. // Count up the members separately...
  173. if (!empty($group_ids))
  174. {
  175. $query = $smcFunc['db_query']('', '
  176. SELECT id_group, COUNT(*) AS num_members
  177. FROM {db_prefix}members
  178. WHERE id_group IN ({array_int:group_list})
  179. GROUP BY id_group',
  180. array(
  181. 'group_list' => $group_ids,
  182. )
  183. );
  184. while ($row = $smcFunc['db_fetch_assoc']($query))
  185. $groups[$row['id_group']]['num_members'] += $row['num_members'];
  186. $smcFunc['db_free_result']($query);
  187. // Only do additional groups if we can moderate...
  188. if ($context['can_moderate'])
  189. {
  190. $query = $smcFunc['db_query']('', '
  191. SELECT mg.id_group, COUNT(*) AS num_members
  192. FROM {db_prefix}membergroups AS mg
  193. INNER JOIN {db_prefix}members AS mem ON (mem.additional_groups != {string:blank_screen}
  194. AND mem.id_group != mg.id_group
  195. AND FIND_IN_SET(mg.id_group, mem.additional_groups) != 0)
  196. WHERE mg.id_group IN ({array_int:group_list})
  197. GROUP BY mg.id_group',
  198. array(
  199. 'group_list' => $group_ids,
  200. 'blank_screen' => '',
  201. )
  202. );
  203. while ($row = $smcFunc['db_fetch_assoc']($query))
  204. $groups[$row['id_group']]['num_members'] += $row['num_members'];
  205. $smcFunc['db_free_result']($query);
  206. }
  207. }
  208. // Get any group moderators.
  209. // Count up the members separately...
  210. if (!empty($group_ids))
  211. {
  212. $query = $smcFunc['db_query']('', '
  213. SELECT mods.id_group, mods.id_member, mem.member_name, mem.real_name
  214. FROM {db_prefix}group_moderators AS mods
  215. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  216. WHERE mods.id_group IN ({array_int:group_list})',
  217. array(
  218. 'group_list' => $group_ids,
  219. )
  220. );
  221. while ($row = $smcFunc['db_fetch_assoc']($query))
  222. $groups[$row['id_group']]['moderators'][] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  223. $smcFunc['db_free_result']($query);
  224. }
  225. return $groups;
  226. }
  227. /**
  228. * How many groups are there that are visible?
  229. *
  230. * @return int, the groups count.
  231. */
  232. function list_getGroupCount()
  233. {
  234. global $smcFunc;
  235. $request = $smcFunc['db_query']('', '
  236. SELECT COUNT(id_group) AS group_count
  237. FROM {db_prefix}membergroups
  238. WHERE mg.min_posts = {int:min_posts}
  239. AND mg.id_group != {int:mod_group}' . (allowedTo('admin_forum') ? '' : '
  240. AND mg.group_type != {int:is_protected}'),
  241. array(
  242. 'min_posts' => -1,
  243. 'mod_group' => 3,
  244. 'is_protected' => 1,
  245. )
  246. );
  247. list ($group_count) = $smcFunc['db_fetch_row']($request);
  248. $smcFunc['db_free_result']($request);
  249. return $group_count;
  250. }
  251. /**
  252. * Display members of a group, and allow adding of members to a group. Silly function name though ;)
  253. * It can be called from ManageMembergroups if it needs templating within the admin environment.
  254. * It shows a list of members that are part of a given membergroup.
  255. * It is called by ?action=moderate;area=viewgroups;sa=members;group=x
  256. * It requires the manage_membergroups permission.
  257. * It allows to add and remove members from the selected membergroup.
  258. * It allows sorting on several columns.
  259. * It redirects to itself.
  260. * @uses ManageMembergroups template, group_members sub template.
  261. * @todo: use createList
  262. */
  263. function MembergroupMembers()
  264. {
  265. global $txt, $scripturl, $context, $modSettings, $sourcedir, $user_info, $settings, $smcFunc;
  266. $_REQUEST['group'] = isset($_REQUEST['group']) ? (int) $_REQUEST['group'] : 0;
  267. // No browsing of guests, membergroup 0 or moderators.
  268. if (in_array($_REQUEST['group'], array(-1, 0, 3)))
  269. fatal_lang_error('membergroup_does_not_exist', false);
  270. // Load up the group details.
  271. $request = $smcFunc['db_query']('', '
  272. SELECT id_group AS id, group_name AS name, CASE WHEN min_posts = {int:min_posts} THEN 1 ELSE 0 END AS assignable, hidden, online_color,
  273. icons, description, CASE WHEN min_posts != {int:min_posts} THEN 1 ELSE 0 END AS is_post_group, group_type
  274. FROM {db_prefix}membergroups
  275. WHERE id_group = {int:id_group}
  276. LIMIT 1',
  277. array(
  278. 'min_posts' => -1,
  279. 'id_group' => $_REQUEST['group'],
  280. )
  281. );
  282. // Doesn't exist?
  283. if ($smcFunc['db_num_rows']($request) == 0)
  284. fatal_lang_error('membergroup_does_not_exist', false);
  285. $context['group'] = $smcFunc['db_fetch_assoc']($request);
  286. $smcFunc['db_free_result']($request);
  287. // Fix the membergroup icons.
  288. $context['group']['icons'] = explode('#', $context['group']['icons']);
  289. $context['group']['icons'] = !empty($context['group']['icons'][0]) && !empty($context['group']['icons'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $context['group']['icons'][1] . '" alt="*" />', $context['group']['icons'][0]) : '';
  290. $context['group']['can_moderate'] = allowedTo('manage_membergroups') && (allowedTo('admin_forum') || $context['group']['group_type'] != 1);
  291. $context['linktree'][] = array(
  292. 'url' => $scripturl . '?action=groups;sa=members;group=' . $context['group']['id'],
  293. 'name' => $context['group']['name'],
  294. );
  295. $context['can_send_email'] = allowedTo('send_email_to_members');
  296. // Load all the group moderators, for fun.
  297. $request = $smcFunc['db_query']('', '
  298. SELECT mem.id_member, mem.real_name
  299. FROM {db_prefix}group_moderators AS mods
  300. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  301. WHERE mods.id_group = {int:id_group}',
  302. array(
  303. 'id_group' => $_REQUEST['group'],
  304. )
  305. );
  306. $context['group']['moderators'] = array();
  307. while ($row = $smcFunc['db_fetch_assoc']($request))
  308. {
  309. $context['group']['moderators'][] = array(
  310. 'id' => $row['id_member'],
  311. 'name' => $row['real_name']
  312. );
  313. if ($user_info['id'] == $row['id_member'] && $context['group']['group_type'] != 1)
  314. $context['group']['can_moderate'] = true;
  315. }
  316. $smcFunc['db_free_result']($request);
  317. // If this group is hidden then it can only "exists" if the user can moderate it!
  318. if ($context['group']['hidden'] && !$context['group']['can_moderate'])
  319. fatal_lang_error('membergroup_does_not_exist', false);
  320. // You can only assign membership if you are the moderator and/or can manage groups!
  321. if (!$context['group']['can_moderate'])
  322. $context['group']['assignable'] = 0;
  323. // Non-admins cannot assign admins.
  324. elseif ($context['group']['id'] == 1 && !allowedTo('admin_forum'))
  325. $context['group']['assignable'] = 0;
  326. // Removing member from group?
  327. if (isset($_POST['remove']) && !empty($_REQUEST['rem']) && is_array($_REQUEST['rem']) && $context['group']['assignable'])
  328. {
  329. checkSession();
  330. validateToken('mod-mgm');
  331. // Make sure we're dealing with integers only.
  332. foreach ($_REQUEST['rem'] as $key => $group)
  333. $_REQUEST['rem'][$key] = (int) $group;
  334. require_once($sourcedir . '/Subs-Membergroups.php');
  335. removeMembersFromGroups($_REQUEST['rem'], $_REQUEST['group'], true);
  336. }
  337. // Must be adding new members to the group...
  338. elseif (isset($_REQUEST['add']) && (!empty($_REQUEST['toAdd']) || !empty($_REQUEST['member_add'])) && $context['group']['assignable'])
  339. {
  340. checkSession();
  341. validateToken('mod-mgm');
  342. $member_query = array();
  343. $member_parameters = array();
  344. // Get all the members to be added... taking into account names can be quoted ;)
  345. $_REQUEST['toAdd'] = strtr($smcFunc['htmlspecialchars']($_REQUEST['toAdd'], ENT_QUOTES), array('&quot;' => '"'));
  346. preg_match_all('~"([^"]+)"~', $_REQUEST['toAdd'], $matches);
  347. $member_names = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_REQUEST['toAdd']))));
  348. foreach ($member_names as $index => $member_name)
  349. {
  350. $member_names[$index] = trim($smcFunc['strtolower']($member_names[$index]));
  351. if (strlen($member_names[$index]) == 0)
  352. unset($member_names[$index]);
  353. }
  354. // Any passed by ID?
  355. $member_ids = array();
  356. if (!empty($_REQUEST['member_add']))
  357. foreach ($_REQUEST['member_add'] as $id)
  358. if ($id > 0)
  359. $member_ids[] = (int) $id;
  360. // Construct the query pelements.
  361. if (!empty($member_ids))
  362. {
  363. $member_query[] = 'id_member IN ({array_int:member_ids})';
  364. $member_parameters['member_ids'] = $member_ids;
  365. }
  366. if (!empty($member_names))
  367. {
  368. $member_query[] = 'LOWER(member_name) IN ({array_string:member_names})';
  369. $member_query[] = 'LOWER(real_name) IN ({array_string:member_names})';
  370. $member_parameters['member_names'] = $member_names;
  371. }
  372. $members = array();
  373. if (!empty($member_query))
  374. {
  375. $request = $smcFunc['db_query']('', '
  376. SELECT id_member
  377. FROM {db_prefix}members
  378. WHERE (' . implode(' OR ', $member_query) . ')
  379. AND id_group != {int:id_group}
  380. AND FIND_IN_SET({int:id_group}, additional_groups) = 0',
  381. array_merge($member_parameters, array(
  382. 'id_group' => $_REQUEST['group'],
  383. ))
  384. );
  385. while ($row = $smcFunc['db_fetch_assoc']($request))
  386. $members[] = $row['id_member'];
  387. $smcFunc['db_free_result']($request);
  388. }
  389. // @todo Add $_POST['additional'] to templates!
  390. // Do the updates...
  391. if (!empty($members))
  392. {
  393. require_once($sourcedir . '/Subs-Membergroups.php');
  394. addMembersToGroup($members, $_REQUEST['group'], isset($_POST['additional']) || $context['group']['hidden'] ? 'only_additional' : 'auto', true);
  395. }
  396. }
  397. // Sort out the sorting!
  398. $sort_methods = array(
  399. 'name' => 'real_name',
  400. 'email' => allowedTo('moderate_forum') ? 'email_address' : 'hide_email ' . (isset($_REQUEST['desc']) ? 'DESC' : 'ASC') . ', email_address',
  401. 'active' => 'last_login',
  402. 'registered' => 'date_registered',
  403. 'posts' => 'posts',
  404. );
  405. // They didn't pick one, default to by name..
  406. if (!isset($_REQUEST['sort']) || !isset($sort_methods[$_REQUEST['sort']]))
  407. {
  408. $context['sort_by'] = 'name';
  409. $querySort = 'real_name';
  410. }
  411. // Otherwise default to ascending.
  412. else
  413. {
  414. $context['sort_by'] = $_REQUEST['sort'];
  415. $querySort = $sort_methods[$_REQUEST['sort']];
  416. }
  417. $context['sort_direction'] = isset($_REQUEST['desc']) ? 'down' : 'up';
  418. // The where on the query is interesting. Non-moderators should only see people who are in this group as primary.
  419. if ($context['group']['can_moderate'])
  420. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group} OR FIND_IN_SET({int:group}, additional_groups) != 0';
  421. else
  422. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group}';
  423. // Count members of the group.
  424. $request = $smcFunc['db_query']('', '
  425. SELECT COUNT(*)
  426. FROM {db_prefix}members
  427. WHERE ' . $where,
  428. array(
  429. 'group' => $_REQUEST['group'],
  430. )
  431. );
  432. list ($context['total_members']) = $smcFunc['db_fetch_row']($request);
  433. $smcFunc['db_free_result']($request);
  434. $context['total_members'] = comma_format($context['total_members']);
  435. // Create the page index.
  436. $context['page_index'] = constructPageIndex($scripturl . '?action=' . ($context['group']['can_moderate'] ? 'moderate;area=viewgroups' : 'groups') . ';sa=members;group=' . $_REQUEST['group'] . ';sort=' . $context['sort_by'] . (isset($_REQUEST['desc']) ? ';desc' : ''), $_REQUEST['start'], $context['total_members'], $modSettings['defaultMaxMembers']);
  437. $context['start'] = $_REQUEST['start'];
  438. $context['can_moderate_forum'] = allowedTo('moderate_forum');
  439. // Load up all members of this group.
  440. $request = $smcFunc['db_query']('', '
  441. SELECT id_member, member_name, real_name, email_address, member_ip, date_registered, last_login,
  442. hide_email, posts, is_activated, real_name
  443. FROM {db_prefix}members
  444. WHERE ' . $where . '
  445. ORDER BY ' . $querySort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC') . '
  446. LIMIT ' . $context['start'] . ', ' . $modSettings['defaultMaxMembers'],
  447. array(
  448. 'group' => $_REQUEST['group'],
  449. )
  450. );
  451. $context['members'] = array();
  452. while ($row = $smcFunc['db_fetch_assoc']($request))
  453. {
  454. $last_online = empty($row['last_login']) ? $txt['never'] : timeformat($row['last_login']);
  455. // Italicize the online note if they aren't activated.
  456. if ($row['is_activated'] % 10 != 1)
  457. $last_online = '<em title="' . $txt['not_activated'] . '">' . $last_online . '</em>';
  458. $context['members'][] = array(
  459. 'id' => $row['id_member'],
  460. 'name' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  461. 'email' => $row['email_address'],
  462. 'show_email' => showEmailAddress(!empty($row['hide_email']), $row['id_member']),
  463. 'ip' => '<a href="' . $scripturl . '?action=trackip;searchip=' . $row['member_ip'] . '">' . $row['member_ip'] . '</a>',
  464. 'registered' => timeformat($row['date_registered']),
  465. 'last_online' => $last_online,
  466. 'posts' => comma_format($row['posts']),
  467. 'is_activated' => $row['is_activated'] % 10 == 1,
  468. );
  469. }
  470. $smcFunc['db_free_result']($request);
  471. // Select the template.
  472. $context['sub_template'] = 'group_members';
  473. $context['page_title'] = $txt['membergroups_members_title'] . ': ' . $context['group']['name'];
  474. createToken('mod-mgm');
  475. }
  476. /**
  477. * Show and manage all group requests.
  478. */
  479. function GroupRequests()
  480. {
  481. global $txt, $context, $scripturl, $user_info, $sourcedir, $smcFunc, $modSettings, $language;
  482. // Set up the template stuff...
  483. $context['page_title'] = $txt['mc_group_requests'];
  484. $context['sub_template'] = 'show_list';
  485. // Verify we can be here.
  486. if ($user_info['mod_cache']['gq'] == '0=1')
  487. isAllowedTo('manage_membergroups');
  488. // Normally, we act normally...
  489. $where = $user_info['mod_cache']['gq'] == '1=1' || $user_info['mod_cache']['gq'] == '0=1' ? $user_info['mod_cache']['gq'] : 'lgr.' . $user_info['mod_cache']['gq'];
  490. $where_parameters = array();
  491. // We've submitted?
  492. if (isset($_POST[$context['session_var']]) && !empty($_POST['groupr']) && !empty($_POST['req_action']))
  493. {
  494. checkSession('post');
  495. validateToken('mod-gr');
  496. // Clean the values.
  497. foreach ($_POST['groupr'] as $k => $request)
  498. $_POST['groupr'][$k] = (int) $request;
  499. // If we are giving a reason (And why shouldn't we?), then we don't actually do much.
  500. if ($_POST['req_action'] == 'reason')
  501. {
  502. // Different sub template...
  503. $context['sub_template'] = 'group_request_reason';
  504. // And a limitation. We don't care that the page number bit makes no sense, as we don't need it!
  505. $where .= ' AND lgr.id_request IN ({array_int:request_ids})';
  506. $where_parameters['request_ids'] = $_POST['groupr'];
  507. $context['group_requests'] = list_getGroupRequests(0, $modSettings['defaultMaxMessages'], 'lgr.id_request', $where, $where_parameters);
  508. // Let obExit etc sort things out.
  509. obExit();
  510. }
  511. // Otherwise we do something!
  512. else
  513. {
  514. // Get the details of all the members concerned...
  515. $request = $smcFunc['db_query']('', '
  516. SELECT lgr.id_request, lgr.id_member, lgr.id_group, mem.email_address, mem.id_group AS primary_group,
  517. mem.additional_groups AS additional_groups, mem.lngfile, mem.member_name, mem.notify_types,
  518. mg.hidden, mg.group_name
  519. FROM {db_prefix}log_group_requests AS lgr
  520. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  521. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  522. WHERE ' . $where . '
  523. AND lgr.id_request IN ({array_int:request_list})
  524. ORDER BY mem.lngfile',
  525. array(
  526. 'request_list' => $_POST['groupr'],
  527. )
  528. );
  529. $email_details = array();
  530. $group_changes = array();
  531. while ($row = $smcFunc['db_fetch_assoc']($request))
  532. {
  533. $row['lngfile'] = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  534. // If we are approving work out what their new group is.
  535. if ($_POST['req_action'] == 'approve')
  536. {
  537. // For people with more than one request at once.
  538. if (isset($group_changes[$row['id_member']]))
  539. {
  540. $row['additional_groups'] = $group_changes[$row['id_member']]['add'];
  541. $row['primary_group'] = $group_changes[$row['id_member']]['primary'];
  542. }
  543. else
  544. $row['additional_groups'] = explode(',', $row['additional_groups']);
  545. // Don't have it already?
  546. if ($row['primary_group'] == $row['id_group'] || in_array($row['id_group'], $row['additional_groups']))
  547. continue;
  548. // Should it become their primary?
  549. if ($row['primary_group'] == 0 && $row['hidden'] == 0)
  550. $row['primary_group'] = $row['id_group'];
  551. else
  552. $row['additional_groups'][] = $row['id_group'];
  553. // Add them to the group master list.
  554. $group_changes[$row['id_member']] = array(
  555. 'primary' => $row['primary_group'],
  556. 'add' => $row['additional_groups'],
  557. );
  558. }
  559. // Add required information to email them.
  560. if ($row['notify_types'] != 4)
  561. $email_details[] = array(
  562. 'rid' => $row['id_request'],
  563. 'member_id' => $row['id_member'],
  564. 'member_name' => $row['member_name'],
  565. 'group_id' => $row['id_group'],
  566. 'group_name' => $row['group_name'],
  567. 'email' => $row['email_address'],
  568. 'language' => $row['lngfile'],
  569. );
  570. }
  571. $smcFunc['db_free_result']($request);
  572. // Remove the evidence...
  573. $smcFunc['db_query']('', '
  574. DELETE FROM {db_prefix}log_group_requests
  575. WHERE id_request IN ({array_int:request_list})',
  576. array(
  577. 'request_list' => $_POST['groupr'],
  578. )
  579. );
  580. // Ensure everyone who is online gets their changes right away.
  581. updateSettings(array('settings_updated' => time()));
  582. if (!empty($email_details))
  583. {
  584. require_once($sourcedir . '/Subs-Post.php');
  585. // They are being approved?
  586. if ($_POST['req_action'] == 'approve')
  587. {
  588. // Make the group changes.
  589. foreach ($group_changes as $id => $groups)
  590. {
  591. // Sanity check!
  592. foreach ($groups['add'] as $key => $value)
  593. if ($value == 0 || trim($value) == '')
  594. unset($groups['add'][$key]);
  595. $smcFunc['db_query']('', '
  596. UPDATE {db_prefix}members
  597. SET id_group = {int:primary_group}, additional_groups = {string:additional_groups}
  598. WHERE id_member = {int:selected_member}',
  599. array(
  600. 'primary_group' => $groups['primary'],
  601. 'selected_member' => $id,
  602. 'additional_groups' => implode(',', $groups['add']),
  603. )
  604. );
  605. }
  606. $lastLng = $user_info['language'];
  607. foreach ($email_details as $email)
  608. {
  609. $replacements = array(
  610. 'USERNAME' => $email['member_name'],
  611. 'GROUPNAME' => $email['group_name'],
  612. );
  613. $emaildata = loadEmailTemplate('mc_group_approve', $replacements, $email['language']);
  614. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 2);
  615. }
  616. }
  617. // Otherwise, they are getting rejected (With or without a reason).
  618. else
  619. {
  620. // Same as for approving, kind of.
  621. $lastLng = $user_info['language'];
  622. foreach ($email_details as $email)
  623. {
  624. $custom_reason = isset($_POST['groupreason']) && isset($_POST['groupreason'][$email['rid']]) ? $_POST['groupreason'][$email['rid']] : '';
  625. $replacements = array(
  626. 'USERNAME' => $email['member_name'],
  627. 'GROUPNAME' => $email['group_name'],
  628. );
  629. if (!empty($custom_reason))
  630. $replacements['REASON'] = $custom_reason;
  631. $emaildata = loadEmailTemplate(empty($custom_reason) ? 'mc_group_reject' : 'mc_group_reject_reason', $replacements, $email['language']);
  632. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 2);
  633. }
  634. }
  635. }
  636. // Restore the current language.
  637. loadLanguage('ModerationCenter');
  638. }
  639. }
  640. // We're going to want this for making our list.
  641. require_once($sourcedir . '/Subs-List.php');
  642. // This is all the information required for a group listing.
  643. $listOptions = array(
  644. 'id' => 'group_request_list',
  645. 'title' => $txt['mc_group_requests'],
  646. 'width' => '100%',
  647. 'items_per_page' => $modSettings['defaultMaxMessages'],
  648. 'no_items_label' => $txt['mc_groupr_none_found'],
  649. 'base_href' => $scripturl . '?action=groups;sa=requests',
  650. 'default_sort_col' => 'member',
  651. 'get_items' => array(
  652. 'function' => 'list_getGroupRequests',
  653. 'params' => array(
  654. $where,
  655. $where_parameters,
  656. ),
  657. ),
  658. 'get_count' => array(
  659. 'function' => 'list_getGroupRequestCount',
  660. 'params' => array(
  661. $where,
  662. $where_parameters,
  663. ),
  664. ),
  665. 'columns' => array(
  666. 'member' => array(
  667. 'header' => array(
  668. 'value' => $txt['mc_groupr_member'],
  669. ),
  670. 'data' => array(
  671. 'db' => 'member_link',
  672. ),
  673. 'sort' => array(
  674. 'default' => 'mem.member_name',
  675. 'reverse' => 'mem.member_name DESC',
  676. ),
  677. ),
  678. 'group' => array(
  679. 'header' => array(
  680. 'value' => $txt['mc_groupr_group'],
  681. ),
  682. 'data' => array(
  683. 'db' => 'group_link',
  684. ),
  685. 'sort' => array(
  686. 'default' => 'mg.group_name',
  687. 'reverse' => 'mg.group_name DESC',
  688. ),
  689. ),
  690. 'reason' => array(
  691. 'header' => array(
  692. 'value' => $txt['mc_groupr_reason'],
  693. ),
  694. 'data' => array(
  695. 'db' => 'reason',
  696. ),
  697. ),
  698. 'date' => array(
  699. 'header' => array(
  700. 'value' => $txt['date'],
  701. 'style' => 'width: 18%;white-space:nowrap;',
  702. ),
  703. 'data' => array(
  704. 'db' => 'time_submitted',
  705. ),
  706. ),
  707. 'action' => array(
  708. 'header' => array(
  709. 'value' => '<input type="checkbox" class="input_check" onclick="invertAll(this, this.form);" />',
  710. 'style' => 'width: 4%;',
  711. ),
  712. 'data' => array(
  713. 'sprintf' => array(
  714. 'format' => '<input type="checkbox" name="groupr[]" value="%1$d" class="input_check" />',
  715. 'params' => array(
  716. 'id' => false,
  717. ),
  718. ),
  719. 'style' => 'text-align: center;',
  720. ),
  721. ),
  722. ),
  723. 'form' => array(
  724. 'href' => $scripturl . '?action=groups;sa=requests',
  725. 'include_sort' => true,
  726. 'include_start' => true,
  727. 'hidden_fields' => array(
  728. $context['session_var'] => $context['session_id'],
  729. ),
  730. 'token' => 'mod-gr',
  731. ),
  732. 'additional_rows' => array(
  733. array(
  734. 'position' => 'bottom_of_list',
  735. 'value' => '
  736. <select name="req_action" onchange="if (this.value != 0 &amp;&amp; (this.value == \'reason\' || confirm(\'' . $txt['mc_groupr_warning'] . '\'))) this.form.submit();">
  737. <option value="0">' . $txt['with_selected'] . ':</option>
  738. <option value="0">---------------------</option>
  739. <option value="approve">' . $txt['mc_groupr_approve'] . '</option>
  740. <option value="reject">' . $txt['mc_groupr_reject'] . '</option>
  741. <option value="reason">' . $txt['mc_groupr_reject_w_reason'] . '</option>
  742. </select>
  743. <input type="submit" name="go" value="' . $txt['go'] . '" onclick="var sel = document.getElementById(\'req_action\'); if (sel.value != 0 &amp;&amp; sel.value != \'reason\' &amp;&amp; !confirm(\'' . $txt['mc_groupr_warning'] . '\')) return false;" class="button_submit" style="float: none"/>',
  744. 'align' => 'right',
  745. ),
  746. ),
  747. );
  748. // Create the request list.
  749. createToken('mod-gr');
  750. createList($listOptions);
  751. $context['default_list'] = 'group_request_list';
  752. }
  753. /**
  754. * Callback function for createList().
  755. *
  756. * @param $where
  757. * @param $where_parameters
  758. * @return int, the count of group requests
  759. */
  760. function list_getGroupRequestCount($where, $where_parameters)
  761. {
  762. global $smcFunc;
  763. $request = $smcFunc['db_query']('', '
  764. SELECT COUNT(*)
  765. FROM {db_prefix}log_group_requests AS lgr
  766. WHERE ' . $where,
  767. array_merge($where_parameters, array(
  768. ))
  769. );
  770. list ($totalRequests) = $smcFunc['db_fetch_row']($request);
  771. $smcFunc['db_free_result']($request);
  772. return $totalRequests;
  773. }
  774. /**
  775. * Callback function for createList()
  776. *
  777. * @param int $start
  778. * @param int $items_per_page
  779. * @param string $sort
  780. * @param string $where
  781. * @param string $where_parameters
  782. * @return array, an array of group requests
  783. * Each group request has:
  784. * 'id'
  785. * 'member_link'
  786. * 'group_link'
  787. * 'reason'
  788. * 'time_submitted'
  789. */
  790. function list_getGroupRequests($start, $items_per_page, $sort, $where, $where_parameters)
  791. {
  792. global $smcFunc, $txt, $scripturl;
  793. $request = $smcFunc['db_query']('', '
  794. SELECT lgr.id_request, lgr.id_member, lgr.id_group, lgr.time_applied, lgr.reason,
  795. mem.member_name, mg.group_name, mg.online_color, mem.real_name
  796. FROM {db_prefix}log_group_requests AS lgr
  797. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  798. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  799. WHERE ' . $where . '
  800. ORDER BY {raw:sort}
  801. LIMIT ' . $start . ', ' . $items_per_page,
  802. array_merge($where_parameters, array(
  803. 'sort' => $sort,
  804. ))
  805. );
  806. $group_requests = array();
  807. while ($row = $smcFunc['db_fetch_assoc']($request))
  808. {
  809. $group_requests[] = array(
  810. 'id' => $row['id_request'],
  811. 'member_link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  812. 'group_link' => '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>',
  813. 'reason' => censorText($row['reason']),
  814. 'time_submitted' => timeformat($row['time_applied']),
  815. );
  816. }
  817. $smcFunc['db_free_result']($request);
  818. return $group_requests;
  819. }
  820. ?>