ManageMembergroups.php 36 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102
  1. <?php
  2. /**
  3. * This file is concerned with anything in the Manage Membergroups admin screen.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2011 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * Main dispatcher, the entrance point for all 'Manage Membergroup' actions.
  18. * It forwards to a function based on the given subaction, default being subaction 'index', or, without manage_membergroup
  19. * permissions, then 'settings'.
  20. * Called by ?action=admin;area=membergroups.
  21. * Requires the manage_membergroups or the admin_forum permission.
  22. *
  23. * @uses ManageMembergroups template.
  24. * @uses ManageMembers language file.
  25. */
  26. function ModifyMembergroups()
  27. {
  28. global $context, $txt, $scripturl, $sourcedir;
  29. $subActions = array(
  30. 'add' => array('AddMembergroup', 'manage_membergroups'),
  31. 'delete' => array('DeleteMembergroup', 'manage_membergroups'),
  32. 'edit' => array('EditMembergroup', 'manage_membergroups'),
  33. 'index' => array('MembergroupIndex', 'manage_membergroups'),
  34. 'members' => array('MembergroupMembers', 'manage_membergroups', 'Groups.php'),
  35. 'settings' => array('ModifyMembergroupsettings', 'admin_forum'),
  36. );
  37. call_integration_hook('integrate_manage_membergroups', array(&$subActions));
  38. // Default to sub action 'index' or 'settings' depending on permissions.
  39. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : (allowedTo('manage_membergroups') ? 'index' : 'settings');
  40. // Is it elsewhere?
  41. if (isset($subActions[$_REQUEST['sa']][2]))
  42. require_once($sourcedir . '/' . $subActions[$_REQUEST['sa']][2]);
  43. // Do the permission check, you might not be allowed her.
  44. isAllowedTo($subActions[$_REQUEST['sa']][1]);
  45. // Language and template stuff, the usual.
  46. loadLanguage('ManageMembers');
  47. loadTemplate('ManageMembergroups');
  48. // Setup the admin tabs.
  49. $context[$context['admin_menu_name']]['tab_data'] = array(
  50. 'title' => $txt['membergroups_title'],
  51. 'help' => 'membergroups',
  52. 'description' => $txt['membergroups_description'],
  53. );
  54. // Call the right function.
  55. $subActions[$_REQUEST['sa']][0]();
  56. }
  57. /**
  58. * Shows an overview of the current membergroups.
  59. * Called by ?action=admin;area=membergroups.
  60. * Requires the manage_membergroups permission.
  61. * Splits the membergroups in regular ones and post count based groups.
  62. * It also counts the number of members part of each membergroup.
  63. *
  64. * @uses ManageMembergroups template, main.
  65. */
  66. function MembergroupIndex()
  67. {
  68. global $txt, $scripturl, $context, $settings, $smcFunc, $sourcedir;
  69. $context['page_title'] = $txt['membergroups_title'];
  70. // The first list shows the regular membergroups.
  71. $listOptions = array(
  72. 'id' => 'regular_membergroups_list',
  73. 'title' => $txt['membergroups_regular'],
  74. 'base_href' => $scripturl . '?action=admin;area=membergroups' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : ''),
  75. 'default_sort_col' => 'name',
  76. 'get_items' => array(
  77. 'file' => $sourcedir . '/Subs-Membergroups.php',
  78. 'function' => 'list_getMembergroups',
  79. 'params' => array(
  80. 'regular',
  81. ),
  82. ),
  83. 'columns' => array(
  84. 'name' => array(
  85. 'header' => array(
  86. 'value' => $txt['membergroups_name'],
  87. ),
  88. 'data' => array(
  89. 'function' => create_function('$rowData', '
  90. global $scripturl;
  91. // Since the moderator group has no explicit members, no link is needed.
  92. if ($rowData[\'id_group\'] == 3)
  93. $group_name = $rowData[\'group_name\'];
  94. else
  95. {
  96. $color_style = empty($rowData[\'online_color\']) ? \'\' : sprintf(\' style="color: %1$s;"\', $rowData[\'online_color\']);
  97. $group_name = sprintf(\'<a href="%1$s?action=admin;area=membergroups;sa=members;group=%2$d"%3$s>%4$s</a>\', $scripturl, $rowData[\'id_group\'], $color_style, $rowData[\'group_name\']);
  98. }
  99. // Add a help option for moderator and administrator.
  100. if ($rowData[\'id_group\'] == 1)
  101. $group_name .= sprintf(\' (<a href="%1$s?action=helpadmin;help=membergroup_administrator" onclick="return reqWin(this.href);">?</a>)\', $scripturl);
  102. elseif ($rowData[\'id_group\'] == 3)
  103. $group_name .= sprintf(\' (<a href="%1$s?action=helpadmin;help=membergroup_moderator" onclick="return reqWin(this.href);">?</a>)\', $scripturl);
  104. return $group_name;
  105. '),
  106. ),
  107. 'sort' => array(
  108. 'default' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, group_name',
  109. 'reverse' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, group_name DESC',
  110. ),
  111. ),
  112. 'stars' => array(
  113. 'header' => array(
  114. 'value' => $txt['membergroups_stars'],
  115. ),
  116. 'data' => array(
  117. 'function' => create_function('$rowData', '
  118. global $settings;
  119. $stars = explode(\'#\', $rowData[\'stars\']);
  120. // In case no stars are setup, return with nothing
  121. if (empty($stars[0]) || empty($stars[1]))
  122. return \'\';
  123. // Otherwise repeat the image a given number of times.
  124. else
  125. {
  126. $image = sprintf(\'<img src="%1$s/%2$s" alt="*" />\', $settings[\'images_url\'], $stars[1]);
  127. return str_repeat($image, $stars[0]);
  128. }
  129. '),
  130. ),
  131. 'sort' => array(
  132. 'default' => 'stars',
  133. 'reverse' => 'stars DESC',
  134. )
  135. ),
  136. 'members' => array(
  137. 'header' => array(
  138. 'value' => $txt['membergroups_members_top'],
  139. ),
  140. 'data' => array(
  141. 'function' => create_function('$rowData', '
  142. global $txt;
  143. // No explicit members for the moderator group.
  144. return $rowData[\'id_group\'] == 3 ? $txt[\'membergroups_guests_na\'] : $rowData[\'num_members\'];
  145. '),
  146. 'style' => 'text-align: center',
  147. ),
  148. 'sort' => array(
  149. 'default' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, 1',
  150. 'reverse' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, 1 DESC',
  151. ),
  152. ),
  153. 'modify' => array(
  154. 'header' => array(
  155. 'value' => $txt['modify'],
  156. ),
  157. 'data' => array(
  158. 'sprintf' => array(
  159. 'format' => '<a href="' . $scripturl . '?action=admin;area=membergroups;sa=edit;group=%1$d">' . $txt['membergroups_modify'] . '</a>',
  160. 'params' => array(
  161. 'id_group' => false,
  162. ),
  163. ),
  164. 'style' => 'text-align: center',
  165. ),
  166. ),
  167. ),
  168. 'additional_rows' => array(
  169. array(
  170. 'position' => 'below_table_data',
  171. 'value' => '[<a href="' . $scripturl . '?action=admin;area=membergroups;sa=add;generalgroup">' . $txt['membergroups_add_group'] . '</a>]',
  172. ),
  173. ),
  174. );
  175. call_integration_hook('integrate_modify_regular_groups', array(&$listOptions));
  176. require_once($sourcedir . '/Subs-List.php');
  177. createList($listOptions);
  178. // The second list shows the post count based groups.
  179. $listOptions = array(
  180. 'id' => 'post_count_membergroups_list',
  181. 'title' => $txt['membergroups_post'],
  182. 'base_href' => $scripturl . '?action=admin;area=membergroups' . (isset($_REQUEST['sort']) ? ';sort=' . urlencode($_REQUEST['sort']) : ''),
  183. 'default_sort_col' => 'required_posts',
  184. 'request_vars' => array(
  185. 'sort' => 'sort2',
  186. 'desc' => 'desc2',
  187. ),
  188. 'get_items' => array(
  189. 'file' => $sourcedir . '/Subs-Membergroups.php',
  190. 'function' => 'list_getMembergroups',
  191. 'params' => array(
  192. 'post_count',
  193. ),
  194. ),
  195. 'columns' => array(
  196. 'name' => array(
  197. 'header' => array(
  198. 'value' => $txt['membergroups_name'],
  199. ),
  200. 'data' => array(
  201. 'function' => create_function('$rowData', '
  202. global $scripturl;
  203. $colorStyle = empty($rowData[\'online_color\']) ? \'\' : sprintf(\' style="color: %1$s;"\', $rowData[\'online_color\']);
  204. return sprintf(\'<a href="%1$s?action=moderate;area=viewgroups;sa=members;group=%2$d"%3$s>%4$s</a>\', $scripturl, $rowData[\'id_group\'], $colorStyle, $rowData[\'group_name\']);
  205. '),
  206. ),
  207. 'sort' => array(
  208. 'default' => 'group_name',
  209. 'reverse' => 'group_name DESC',
  210. ),
  211. ),
  212. 'stars' => array(
  213. 'header' => array(
  214. 'value' => $txt['membergroups_stars'],
  215. ),
  216. 'data' => array(
  217. 'function' => create_function('$rowData', '
  218. global $settings;
  219. $stars = explode(\'#\', $rowData[\'stars\']);
  220. if (empty($stars[0]) || empty($stars[1]))
  221. return \'\';
  222. else
  223. {
  224. $star_image = sprintf(\'<img src="%1$s/%2$s" alt="*" />\', $settings[\'images_url\'], $stars[1]);
  225. return str_repeat($star_image, $stars[0]);
  226. }
  227. '),
  228. ),
  229. 'sort' => array(
  230. 'default' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, stars',
  231. 'reverse' => 'CASE WHEN id_group < 4 THEN id_group ELSE 4 END, stars DESC',
  232. )
  233. ),
  234. 'members' => array(
  235. 'header' => array(
  236. 'value' => $txt['membergroups_members_top'],
  237. ),
  238. 'data' => array(
  239. 'db' => 'num_members',
  240. 'style' => 'text-align: center',
  241. ),
  242. 'sort' => array(
  243. 'default' => '1 DESC',
  244. 'reverse' => '1',
  245. ),
  246. ),
  247. 'required_posts' => array(
  248. 'header' => array(
  249. 'value' => $txt['membergroups_min_posts'],
  250. ),
  251. 'data' => array(
  252. 'db' => 'min_posts',
  253. 'style' => 'text-align: center',
  254. ),
  255. 'sort' => array(
  256. 'default' => 'min_posts',
  257. 'reverse' => 'min_posts DESC',
  258. ),
  259. ),
  260. 'modify' => array(
  261. 'header' => array(
  262. 'value' => $txt['modify'],
  263. ),
  264. 'data' => array(
  265. 'sprintf' => array(
  266. 'format' => '<a href="' . $scripturl . '?action=admin;area=membergroups;sa=edit;group=%1$d">' . $txt['membergroups_modify'] . '</a>',
  267. 'params' => array(
  268. 'id_group' => false,
  269. ),
  270. ),
  271. 'style' => 'text-align: center',
  272. ),
  273. ),
  274. ),
  275. 'additional_rows' => array(
  276. array(
  277. 'position' => 'below_table_data',
  278. 'value' => '[<a href="' . $scripturl . '?action=admin;area=membergroups;sa=add;postgroup">' . $txt['membergroups_add_group'] . '</a>]',
  279. ),
  280. ),
  281. );
  282. call_integration_hook('integrate_modify_post_groups', array(&$listOptions));
  283. createList($listOptions);
  284. }
  285. /**
  286. * This function handles adding a membergroup and setting some initial properties.
  287. * Called by ?action=admin;area=membergroups;sa=add.
  288. * It requires the manage_membergroups permission.
  289. * Allows to use a predefined permission profile or copy one from another group.
  290. * Redirects to action=admin;area=membergroups;sa=edit;group=x.
  291. *
  292. * @uses the new_group sub template of ManageMembergroups.
  293. */
  294. function AddMembergroup()
  295. {
  296. global $context, $txt, $sourcedir, $modSettings, $smcFunc;
  297. // A form was submitted, we can start adding.
  298. if (!empty($_POST['group_name']))
  299. {
  300. checkSession();
  301. validateToken('admin-mmg');
  302. $postCountBasedGroup = isset($_POST['min_posts']) && (!isset($_POST['postgroup_based']) || !empty($_POST['postgroup_based']));
  303. $_POST['group_type'] = !isset($_POST['group_type']) || $_POST['group_type'] < 0 || $_POST['group_type'] > 3 || ($_POST['group_type'] == 1 && !allowedTo('admin_forum')) ? 0 : (int) $_POST['group_type'];
  304. /**
  305. * @todo Check for members with same name too?
  306. */
  307. $request = $smcFunc['db_query']('', '
  308. SELECT MAX(id_group)
  309. FROM {db_prefix}membergroups',
  310. array(
  311. )
  312. );
  313. list ($id_group) = $smcFunc['db_fetch_row']($request);
  314. $smcFunc['db_free_result']($request);
  315. $id_group++;
  316. $smcFunc['db_insert']('',
  317. '{db_prefix}membergroups',
  318. array(
  319. 'id_group' => 'int', 'description' => 'string', 'group_name' => 'string-80', 'min_posts' => 'int',
  320. 'stars' => 'string', 'online_color' => 'string', 'group_type' => 'int',
  321. ),
  322. array(
  323. $id_group, '', $_POST['group_name'], ($postCountBasedGroup ? (int) $_POST['min_posts'] : '-1'),
  324. '1#star.gif', '', $_POST['group_type'],
  325. ),
  326. array('id_group')
  327. );
  328. call_integration_hook('integrate_add_membergroup', array($id_group, $postCountBasedGroup));
  329. // Update the post groups now, if this is a post group!
  330. if (isset($_POST['min_posts']))
  331. updateStats('postgroups');
  332. // You cannot set permissions for post groups if they are disabled.
  333. if ($postCountBasedGroup && empty($modSettings['permission_enable_postgroups']))
  334. $_POST['perm_type'] = '';
  335. if ($_POST['perm_type'] == 'predefined')
  336. {
  337. // Set default permission level.
  338. require_once($sourcedir . '/ManagePermissions.php');
  339. setPermissionLevel($_POST['level'], $id_group, 'null');
  340. }
  341. // Copy or inherit the permissions!
  342. elseif ($_POST['perm_type'] == 'copy' || $_POST['perm_type'] == 'inherit')
  343. {
  344. $copy_id = $_POST['perm_type'] == 'copy' ? (int) $_POST['copyperm'] : (int) $_POST['inheritperm'];
  345. // Are you a powerful admin?
  346. if (!allowedTo('admin_forum'))
  347. {
  348. $request = $smcFunc['db_query']('', '
  349. SELECT group_type
  350. FROM {db_prefix}membergroups
  351. WHERE id_group = {int:copy_from}
  352. LIMIT {int:limit}',
  353. array(
  354. 'copy_from' => $copy_id,
  355. 'limit' => 1,
  356. )
  357. );
  358. list ($copy_type) = $smcFunc['db_fetch_row']($request);
  359. $smcFunc['db_free_result']($request);
  360. // Protected groups are... well, protected!
  361. if ($copy_type == 1)
  362. fatal_lang_error('membergroup_does_not_exist');
  363. }
  364. // Don't allow copying of a real priviledged person!
  365. require_once($sourcedir . '/ManagePermissions.php');
  366. loadIllegalPermissions();
  367. $request = $smcFunc['db_query']('', '
  368. SELECT permission, add_deny
  369. FROM {db_prefix}permissions
  370. WHERE id_group = {int:copy_from}',
  371. array(
  372. 'copy_from' => $copy_id,
  373. )
  374. );
  375. $inserts = array();
  376. while ($row = $smcFunc['db_fetch_assoc']($request))
  377. {
  378. if (empty($context['illegal_permissions']) || !in_array($row['permission'], $context['illegal_permissions']))
  379. $inserts[] = array($id_group, $row['permission'], $row['add_deny']);
  380. }
  381. $smcFunc['db_free_result']($request);
  382. if (!empty($inserts))
  383. $smcFunc['db_insert']('insert',
  384. '{db_prefix}permissions',
  385. array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
  386. $inserts,
  387. array('id_group', 'permission')
  388. );
  389. $request = $smcFunc['db_query']('', '
  390. SELECT id_profile, permission, add_deny
  391. FROM {db_prefix}board_permissions
  392. WHERE id_group = {int:copy_from}',
  393. array(
  394. 'copy_from' => $copy_id,
  395. )
  396. );
  397. $inserts = array();
  398. while ($row = $smcFunc['db_fetch_assoc']($request))
  399. $inserts[] = array($id_group, $row['id_profile'], $row['permission'], $row['add_deny']);
  400. $smcFunc['db_free_result']($request);
  401. if (!empty($inserts))
  402. $smcFunc['db_insert']('insert',
  403. '{db_prefix}board_permissions',
  404. array('id_group' => 'int', 'id_profile' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
  405. $inserts,
  406. array('id_group', 'id_profile', 'permission')
  407. );
  408. // Also get some membergroup information if we're copying and not copying from guests...
  409. if ($copy_id > 0 && $_POST['perm_type'] == 'copy')
  410. {
  411. $request = $smcFunc['db_query']('', '
  412. SELECT online_color, max_messages, stars
  413. FROM {db_prefix}membergroups
  414. WHERE id_group = {int:copy_from}
  415. LIMIT 1',
  416. array(
  417. 'copy_from' => $copy_id,
  418. )
  419. );
  420. $group_info = $smcFunc['db_fetch_assoc']($request);
  421. $smcFunc['db_free_result']($request);
  422. // ...and update the new membergroup with it.
  423. $smcFunc['db_query']('', '
  424. UPDATE {db_prefix}membergroups
  425. SET
  426. online_color = {string:online_color},
  427. max_messages = {int:max_messages},
  428. stars = {string:stars}
  429. WHERE id_group = {int:current_group}',
  430. array(
  431. 'max_messages' => $group_info['max_messages'],
  432. 'current_group' => $id_group,
  433. 'online_color' => $group_info['online_color'],
  434. 'stars' => $group_info['stars'],
  435. )
  436. );
  437. }
  438. // If inheriting say so...
  439. elseif ($_POST['perm_type'] == 'inherit')
  440. {
  441. $smcFunc['db_query']('', '
  442. UPDATE {db_prefix}membergroups
  443. SET id_parent = {int:copy_from}
  444. WHERE id_group = {int:current_group}',
  445. array(
  446. 'copy_from' => $copy_id,
  447. 'current_group' => $id_group,
  448. )
  449. );
  450. }
  451. }
  452. // Make sure all boards selected are stored in a proper array.
  453. $_POST['boardaccess'] = empty($_POST['boardaccess']) || !is_array($_POST['boardaccess']) ? array() : $_POST['boardaccess'];
  454. foreach ($_POST['boardaccess'] as $key => $value)
  455. $_POST['boardaccess'][$key] = (int) $value;
  456. // Only do this if they have special access requirements.
  457. if (!empty($_POST['boardaccess']))
  458. $smcFunc['db_query']('', '
  459. UPDATE {db_prefix}boards
  460. SET member_groups = CASE WHEN member_groups = {string:blank_string} THEN {string:group_id_string} ELSE CONCAT(member_groups, {string:comma_group}) END
  461. WHERE id_board IN ({array_int:board_list})',
  462. array(
  463. 'board_list' => $_POST['boardaccess'],
  464. 'blank_string' => '',
  465. 'group_id_string' => (string) $id_group,
  466. 'comma_group' => ',' . $id_group,
  467. )
  468. );
  469. // If this is joinable then set it to show group membership in people's profiles.
  470. if (empty($modSettings['show_group_membership']) && $_POST['group_type'] > 1)
  471. updateSettings(array('show_group_membership' => 1));
  472. // Rebuild the group cache.
  473. updateSettings(array(
  474. 'settings_updated' => time(),
  475. ));
  476. // We did it.
  477. logAction('add_group', array('group' => $_POST['group_name']), 'admin');
  478. // Go change some more settings.
  479. redirectexit('action=admin;area=membergroups;sa=edit;group=' . $id_group);
  480. }
  481. // Just show the 'add membergroup' screen.
  482. $context['page_title'] = $txt['membergroups_new_group'];
  483. $context['sub_template'] = 'new_group';
  484. $context['post_group'] = isset($_REQUEST['postgroup']);
  485. $context['undefined_group'] = !isset($_REQUEST['postgroup']) && !isset($_REQUEST['generalgroup']);
  486. $context['allow_protected'] = allowedTo('admin_forum');
  487. $result = $smcFunc['db_query']('', '
  488. SELECT id_group, group_name
  489. FROM {db_prefix}membergroups
  490. WHERE (id_group > {int:moderator_group} OR id_group = {int:global_mod_group})' . (empty($modSettings['permission_enable_postgroups']) ? '
  491. AND min_posts = {int:min_posts}' : '') . (allowedTo('admin_forum') ? '' : '
  492. AND group_type != {int:is_protected}') . '
  493. ORDER BY min_posts, id_group != {int:global_mod_group}, group_name',
  494. array(
  495. 'moderator_group' => 3,
  496. 'global_mod_group' => 2,
  497. 'min_posts' => -1,
  498. 'is_protected' => 1,
  499. )
  500. );
  501. $context['groups'] = array();
  502. while ($row = $smcFunc['db_fetch_assoc']($result))
  503. $context['groups'][] = array(
  504. 'id' => $row['id_group'],
  505. 'name' => $row['group_name']
  506. );
  507. $smcFunc['db_free_result']($result);
  508. $result = $smcFunc['db_query']('', '
  509. SELECT id_board, name, child_level
  510. FROM {db_prefix}boards
  511. ORDER BY board_order',
  512. array(
  513. )
  514. );
  515. $context['boards'] = array();
  516. while ($row = $smcFunc['db_fetch_assoc']($result))
  517. $context['boards'][] = array(
  518. 'id' => $row['id_board'],
  519. 'name' => $row['name'],
  520. 'child_level' => $row['child_level'],
  521. 'selected' => false
  522. );
  523. $smcFunc['db_free_result']($result);
  524. createToken('admin-mmg');
  525. }
  526. /**
  527. * Deleting a membergroup by URL (not implemented).
  528. * Called by ?action=admin;area=membergroups;sa=delete;group=x;session_var=y.
  529. * Requires the manage_membergroups permission.
  530. * Redirects to ?action=admin;area=membergroups.
  531. *
  532. * @todo look at this
  533. */
  534. function DeleteMembergroup()
  535. {
  536. global $sourcedir;
  537. checkSession('get');
  538. require_once($sourcedir . '/Subs-Membergroups.php');
  539. deleteMembergroups((int) $_REQUEST['group']);
  540. // Go back to the membergroup index.
  541. redirectexit('action=admin;area=membergroups;');
  542. }
  543. /**
  544. * Editing a membergroup.
  545. * Screen to edit a specific membergroup.
  546. * Called by ?action=admin;area=membergroups;sa=edit;group=x.
  547. * It requires the manage_membergroups permission.
  548. * Also handles the delete button of the edit form.
  549. * Redirects to ?action=admin;area=membergroups.
  550. *
  551. * @uses the edit_group sub template of ManageMembergroups.
  552. */
  553. function EditMembergroup()
  554. {
  555. global $context, $txt, $sourcedir, $modSettings, $smcFunc;
  556. $_REQUEST['group'] = isset($_REQUEST['group']) && $_REQUEST['group'] > 0 ? (int) $_REQUEST['group'] : 0;
  557. // Make sure this group is editable.
  558. if (!empty($_REQUEST['group']))
  559. {
  560. $request = $smcFunc['db_query']('', '
  561. SELECT id_group
  562. FROM {db_prefix}membergroups
  563. WHERE id_group = {int:current_group}' . (allowedTo('admin_forum') ? '' : '
  564. AND group_type != {int:is_protected}') . '
  565. LIMIT {int:limit}',
  566. array(
  567. 'current_group' => $_REQUEST['group'],
  568. 'is_protected' => 1,
  569. 'limit' => 1,
  570. )
  571. );
  572. list ($_REQUEST['group']) = $smcFunc['db_fetch_row']($request);
  573. $smcFunc['db_free_result']($request);
  574. }
  575. // Now, do we have a valid id?
  576. if (empty($_REQUEST['group']))
  577. fatal_lang_error('membergroup_does_not_exist', false);
  578. // The delete this membergroup button was pressed.
  579. if (isset($_POST['delete']))
  580. {
  581. checkSession();
  582. validateToken('admin-mmg');
  583. require_once($sourcedir . '/Subs-Membergroups.php');
  584. deleteMembergroups($_REQUEST['group']);
  585. redirectexit('action=admin;area=membergroups;');
  586. }
  587. // A form was submitted with the new membergroup settings.
  588. elseif (isset($_POST['submit']))
  589. {
  590. // Validate the session.
  591. checkSession();
  592. validateToken('admin-mmg');
  593. // Can they really inherit from this group?
  594. if (isset($_POST['group_inherit']) && $_POST['group_inherit'] != -2 && !allowedTo('admin_forum'))
  595. {
  596. $request = $smcFunc['db_query']('', '
  597. SELECT group_type
  598. FROM {db_prefix}membergroups
  599. WHERE id_group = {int:inherit_from}
  600. LIMIT {int:limit}',
  601. array(
  602. 'inherit_from' => $_POST['group_inherit'],
  603. 'limit' => 1,
  604. )
  605. );
  606. list ($inherit_type) = $smcFunc['db_fetch_row']($request);
  607. $smcFunc['db_free_result']($request);
  608. }
  609. // Set variables to their proper value.
  610. $_POST['max_messages'] = isset($_POST['max_messages']) ? (int) $_POST['max_messages'] : 0;
  611. $_POST['min_posts'] = isset($_POST['min_posts']) && isset($_POST['group_type']) && $_POST['group_type'] == -1 && $_REQUEST['group'] > 3 ? abs($_POST['min_posts']) : ($_REQUEST['group'] == 4 ? 0 : -1);
  612. $_POST['stars'] = (empty($_POST['star_count']) || $_POST['star_count'] < 0) ? '' : min((int) $_POST['star_count'], 99) . '#' . $_POST['star_image'];
  613. $_POST['group_desc'] = isset($_POST['group_desc']) && ($_REQUEST['group'] == 1 || (isset($_POST['group_type']) && $_POST['group_type'] != -1)) ? trim($_POST['group_desc']) : '';
  614. $_POST['group_type'] = !isset($_POST['group_type']) || $_POST['group_type'] < 0 || $_POST['group_type'] > 3 || ($_POST['group_type'] == 1 && !allowedTo('admin_forum')) ? 0 : (int) $_POST['group_type'];
  615. $_POST['group_hidden'] = empty($_POST['group_hidden']) || $_POST['min_posts'] != -1 || $_REQUEST['group'] == 3 ? 0 : (int) $_POST['group_hidden'];
  616. $_POST['group_inherit'] = $_REQUEST['group'] > 1 && $_REQUEST['group'] != 3 && (empty($inherit_type) || $inherit_type != 1) ? (int) $_POST['group_inherit'] : -2;
  617. /**
  618. * @todo Don't set online_color for the Moderators group?
  619. */
  620. // Do the update of the membergroup settings.
  621. $smcFunc['db_query']('', '
  622. UPDATE {db_prefix}membergroups
  623. SET group_name = {string:group_name}, online_color = {string:online_color},
  624. max_messages = {int:max_messages}, min_posts = {int:min_posts}, stars = {string:stars},
  625. description = {string:group_desc}, group_type = {int:group_type}, hidden = {int:group_hidden},
  626. id_parent = {int:group_inherit}
  627. WHERE id_group = {int:current_group}',
  628. array(
  629. 'max_messages' => $_POST['max_messages'],
  630. 'min_posts' => $_POST['min_posts'],
  631. 'group_type' => $_POST['group_type'],
  632. 'group_hidden' => $_POST['group_hidden'],
  633. 'group_inherit' => $_POST['group_inherit'],
  634. 'current_group' => (int) $_REQUEST['group'],
  635. 'group_name' => $_POST['group_name'],
  636. 'online_color' => $_POST['online_color'],
  637. 'stars' => $_POST['stars'],
  638. 'group_desc' => $_POST['group_desc'],
  639. )
  640. );
  641. call_integration_hook('integrate_save_membergroup', array((int) $_REQUEST['group']));
  642. // Time to update the boards this membergroup has access to.
  643. if ($_REQUEST['group'] == 2 || $_REQUEST['group'] > 3)
  644. {
  645. $_POST['boardaccess'] = empty($_POST['boardaccess']) || !is_array($_POST['boardaccess']) ? array() : $_POST['boardaccess'];
  646. foreach ($_POST['boardaccess'] as $key => $value)
  647. $_POST['boardaccess'][$key] = (int) $value;
  648. // Find all board this group is in, but shouldn't be in.
  649. $request = $smcFunc['db_query']('', '
  650. SELECT id_board, member_groups
  651. FROM {db_prefix}boards
  652. WHERE FIND_IN_SET({string:current_group}, member_groups) != 0' . (empty($_POST['boardaccess']) ? '' : '
  653. AND id_board NOT IN ({array_int:board_access_list})'),
  654. array(
  655. 'current_group' => (int) $_REQUEST['group'],
  656. 'board_access_list' => $_POST['boardaccess'],
  657. )
  658. );
  659. while ($row = $smcFunc['db_fetch_assoc']($request))
  660. $smcFunc['db_query']('', '
  661. UPDATE {db_prefix}boards
  662. SET member_groups = {string:member_group_access}
  663. WHERE id_board = {int:current_board}',
  664. array(
  665. 'current_board' => $row['id_board'],
  666. 'member_group_access' => implode(',', array_diff(explode(',', $row['member_groups']), array($_REQUEST['group']))),
  667. )
  668. );
  669. $smcFunc['db_free_result']($request);
  670. // Add the membergroup to all boards that hadn't been set yet.
  671. if (!empty($_POST['boardaccess']))
  672. $smcFunc['db_query']('', '
  673. UPDATE {db_prefix}boards
  674. SET member_groups = CASE WHEN member_groups = {string:blank_string} THEN {string:group_id_string} ELSE CONCAT(member_groups, {string:comma_group}) END
  675. WHERE id_board IN ({array_int:board_list})
  676. AND FIND_IN_SET({int:current_group}, member_groups) = 0',
  677. array(
  678. 'board_list' => $_POST['boardaccess'],
  679. 'blank_string' => '',
  680. 'current_group' => (int) $_REQUEST['group'],
  681. 'group_id_string' => (string) (int) $_REQUEST['group'],
  682. 'comma_group' => ',' . $_REQUEST['group'],
  683. )
  684. );
  685. }
  686. // Remove everyone from this group!
  687. if ($_POST['min_posts'] != -1)
  688. {
  689. $smcFunc['db_query']('', '
  690. UPDATE {db_prefix}members
  691. SET id_group = {int:regular_member}
  692. WHERE id_group = {int:current_group}',
  693. array(
  694. 'regular_member' => 0,
  695. 'current_group' => (int) $_REQUEST['group'],
  696. )
  697. );
  698. $request = $smcFunc['db_query']('', '
  699. SELECT id_member, additional_groups
  700. FROM {db_prefix}members
  701. WHERE FIND_IN_SET({string:current_group}, additional_groups) != 0',
  702. array(
  703. 'current_group' => (int) $_REQUEST['group'],
  704. )
  705. );
  706. $updates = array();
  707. while ($row = $smcFunc['db_fetch_assoc']($request))
  708. $updates[$row['additional_groups']][] = $row['id_member'];
  709. $smcFunc['db_free_result']($request);
  710. foreach ($updates as $additional_groups => $memberArray)
  711. updateMemberData($memberArray, array('additional_groups' => implode(',', array_diff(explode(',', $additional_groups), array((int) $_REQUEST['group'])))));
  712. }
  713. elseif ($_REQUEST['group'] != 3)
  714. {
  715. // Making it a hidden group? If so remove everyone with it as primary group (Actually, just make them additional).
  716. if ($_POST['group_hidden'] == 2)
  717. {
  718. $request = $smcFunc['db_query']('', '
  719. SELECT id_member, additional_groups
  720. FROM {db_prefix}members
  721. WHERE id_group = {int:current_group}
  722. AND FIND_IN_SET({int:current_group}, additional_groups) = 0',
  723. array(
  724. 'current_group' => (int) $_REQUEST['group'],
  725. )
  726. );
  727. $updates = array();
  728. while ($row = $smcFunc['db_fetch_assoc']($request))
  729. $updates[$row['additional_groups']][] = $row['id_member'];
  730. $smcFunc['db_free_result']($request);
  731. foreach ($updates as $additional_groups => $memberArray)
  732. updateMemberData($memberArray, array('additional_groups' => implode(',', array_merge(explode(',', $additional_groups), array((int) $_REQUEST['group'])))));
  733. $smcFunc['db_query']('', '
  734. UPDATE {db_prefix}members
  735. SET id_group = {int:regular_member}
  736. WHERE id_group = {int:current_group}',
  737. array(
  738. 'regular_member' => 0,
  739. 'current_group' => $_REQUEST['group'],
  740. )
  741. );
  742. }
  743. // Either way, let's check our "show group membership" setting is correct.
  744. $request = $smcFunc['db_query']('', '
  745. SELECT COUNT(*)
  746. FROM {db_prefix}membergroups
  747. WHERE group_type > {int:non_joinable}',
  748. array(
  749. 'non_joinable' => 1,
  750. )
  751. );
  752. list ($have_joinable) = $smcFunc['db_fetch_row']($request);
  753. $smcFunc['db_free_result']($request);
  754. // Do we need to update the setting?
  755. if ((empty($modSettings['show_group_membership']) && $have_joinable) || (!empty($modSettings['show_group_membership']) && !$have_joinable))
  756. updateSettings(array('show_group_membership' => $have_joinable ? 1 : 0));
  757. }
  758. // Do we need to set inherited permissions?
  759. if ($_POST['group_inherit'] != -2 && $_POST['group_inherit'] != $_POST['old_inherit'])
  760. {
  761. require_once($sourcedir . '/ManagePermissions.php');
  762. updateChildPermissions($_POST['group_inherit']);
  763. }
  764. // Finally, moderators!
  765. $moderator_string = isset($_POST['group_moderators']) ? trim($_POST['group_moderators']) : '';
  766. $smcFunc['db_query']('', '
  767. DELETE FROM {db_prefix}group_moderators
  768. WHERE id_group = {int:current_group}',
  769. array(
  770. 'current_group' => $_REQUEST['group'],
  771. )
  772. );
  773. if ((!empty($moderator_string) || !empty($_POST['moderator_list'])) && $_POST['min_posts'] == -1 && $_REQUEST['group'] != 3)
  774. {
  775. // Get all the usernames from the string
  776. if (!empty($moderator_string))
  777. {
  778. $moderator_string = strtr(preg_replace('~&amp;#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', htmlspecialchars($moderator_string), ENT_QUOTES), array('&quot;' => '"'));
  779. preg_match_all('~"([^"]+)"~', $moderator_string, $matches);
  780. $moderators = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $moderator_string)));
  781. for ($k = 0, $n = count($moderators); $k < $n; $k++)
  782. {
  783. $moderators[$k] = trim($moderators[$k]);
  784. if (strlen($moderators[$k]) == 0)
  785. unset($moderators[$k]);
  786. }
  787. // Find all the id_member's for the member_name's in the list.
  788. $group_moderators = array();
  789. if (!empty($moderators))
  790. {
  791. $request = $smcFunc['db_query']('', '
  792. SELECT id_member
  793. FROM {db_prefix}members
  794. WHERE member_name IN ({array_string:moderators}) OR real_name IN ({array_string:moderators})
  795. LIMIT ' . count($moderators),
  796. array(
  797. 'moderators' => $moderators,
  798. )
  799. );
  800. while ($row = $smcFunc['db_fetch_assoc']($request))
  801. $group_moderators[] = $row['id_member'];
  802. $smcFunc['db_free_result']($request);
  803. }
  804. }
  805. else
  806. {
  807. $moderators = array();
  808. foreach ($_POST['moderator_list'] as $moderator)
  809. $moderators[] = (int) $moderator;
  810. $group_moderators = array();
  811. if (!empty($moderators))
  812. {
  813. $request = $smcFunc['db_query']('', '
  814. SELECT id_member
  815. FROM {db_prefix}members
  816. WHERE id_member IN ({array_int:moderators})
  817. LIMIT {int:num_moderators}',
  818. array(
  819. 'moderators' => $moderators,
  820. 'num_moderators' => count($moderators),
  821. )
  822. );
  823. while ($row = $smcFunc['db_fetch_assoc']($request))
  824. $group_moderators[] = $row['id_member'];
  825. $smcFunc['db_free_result']($request);
  826. }
  827. }
  828. // Found some?
  829. if (!empty($group_moderators))
  830. {
  831. $mod_insert = array();
  832. foreach ($group_moderators as $moderator)
  833. $mod_insert[] = array($_REQUEST['group'], $moderator);
  834. $smcFunc['db_insert']('insert',
  835. '{db_prefix}group_moderators',
  836. array('id_group' => 'int', 'id_member' => 'int'),
  837. $mod_insert,
  838. array('id_group', 'id_member')
  839. );
  840. }
  841. }
  842. // There might have been some post group changes.
  843. updateStats('postgroups');
  844. // We've definitely changed some group stuff.
  845. updateSettings(array(
  846. 'settings_updated' => time(),
  847. ));
  848. // Log the edit.
  849. logAction('edited_group', array('group' => $_POST['group_name']), 'admin');
  850. redirectexit('action=admin;area=membergroups');
  851. }
  852. // Fetch the current group information.
  853. $request = $smcFunc['db_query']('', '
  854. SELECT group_name, description, min_posts, online_color, max_messages, stars, group_type, hidden, id_parent
  855. FROM {db_prefix}membergroups
  856. WHERE id_group = {int:current_group}
  857. LIMIT 1',
  858. array(
  859. 'current_group' => (int) $_REQUEST['group'],
  860. )
  861. );
  862. if ($smcFunc['db_num_rows']($request) == 0)
  863. fatal_lang_error('membergroup_does_not_exist', false);
  864. $row = $smcFunc['db_fetch_assoc']($request);
  865. $smcFunc['db_free_result']($request);
  866. $row['stars'] = explode('#', $row['stars']);
  867. $context['group'] = array(
  868. 'id' => $_REQUEST['group'],
  869. 'name' => $row['group_name'],
  870. 'description' => htmlspecialchars($row['description']),
  871. 'editable_name' => htmlspecialchars($row['group_name']),
  872. 'color' => $row['online_color'],
  873. 'min_posts' => $row['min_posts'],
  874. 'max_messages' => $row['max_messages'],
  875. 'star_count' => (int) $row['stars'][0],
  876. 'star_image' => isset($row['stars'][1]) ? $row['stars'][1] : '',
  877. 'is_post_group' => $row['min_posts'] != -1,
  878. 'type' => $row['min_posts'] != -1 ? 0 : $row['group_type'],
  879. 'hidden' => $row['min_posts'] == -1 ? $row['hidden'] : 0,
  880. 'inherited_from' => $row['id_parent'],
  881. 'allow_post_group' => $_REQUEST['group'] == 2 || $_REQUEST['group'] > 4,
  882. 'allow_delete' => $_REQUEST['group'] == 2 || $_REQUEST['group'] > 4,
  883. 'allow_protected' => allowedTo('admin_forum'),
  884. );
  885. // Get any moderators for this group
  886. $request = $smcFunc['db_query']('', '
  887. SELECT mem.id_member, mem.real_name
  888. FROM {db_prefix}group_moderators AS mods
  889. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  890. WHERE mods.id_group = {int:current_group}',
  891. array(
  892. 'current_group' => $_REQUEST['group'],
  893. )
  894. );
  895. $context['group']['moderators'] = array();
  896. while ($row = $smcFunc['db_fetch_assoc']($request))
  897. $context['group']['moderators'][$row['id_member']] = $row['real_name'];
  898. $smcFunc['db_free_result']($request);
  899. $context['group']['moderator_list'] = empty($context['group']['moderators']) ? '' : '&quot;' . implode('&quot;, &quot;', $context['group']['moderators']) . '&quot;';
  900. if (!empty($context['group']['moderators']))
  901. list ($context['group']['last_moderator_id']) = array_slice(array_keys($context['group']['moderators']), -1);
  902. // Get a list of boards this membergroup is allowed to see.
  903. $context['boards'] = array();
  904. if ($_REQUEST['group'] == 2 || $_REQUEST['group'] > 3)
  905. {
  906. $result = $smcFunc['db_query']('', '
  907. SELECT id_board, name, child_level, FIND_IN_SET({string:current_group}, member_groups) != 0 AS can_access
  908. FROM {db_prefix}boards
  909. ORDER BY board_order',
  910. array(
  911. 'current_group' => (int) $_REQUEST['group'],
  912. )
  913. );
  914. while ($row = $smcFunc['db_fetch_assoc']($result))
  915. $context['boards'][] = array(
  916. 'id' => $row['id_board'],
  917. 'name' => $row['name'],
  918. 'child_level' => $row['child_level'],
  919. 'selected' => !(empty($row['can_access']) || $row['can_access'] == 'f'),
  920. );
  921. $smcFunc['db_free_result']($result);
  922. }
  923. // Finally, get all the groups this could be inherited off.
  924. $request = $smcFunc['db_query']('', '
  925. SELECT id_group, group_name
  926. FROM {db_prefix}membergroups
  927. WHERE id_group != {int:current_group}' .
  928. (empty($modSettings['permission_enable_postgroups']) ? '
  929. AND min_posts = {int:min_posts}' : '') . (allowedTo('admin_forum') ? '' : '
  930. AND group_type != {int:is_protected}') . '
  931. AND id_group NOT IN (1, 3)
  932. AND id_parent = {int:not_inherited}',
  933. array(
  934. 'current_group' => (int) $_REQUEST['group'],
  935. 'min_posts' => -1,
  936. 'not_inherited' => -2,
  937. 'is_protected' => 1,
  938. )
  939. );
  940. $context['inheritable_groups'] = array();
  941. while ($row = $smcFunc['db_fetch_assoc']($request))
  942. $context['inheritable_groups'][$row['id_group']] = $row['group_name'];
  943. $smcFunc['db_free_result']($request);
  944. call_integration_hook('integrate_view_membergroup');
  945. $context['sub_template'] = 'edit_group';
  946. $context['page_title'] = $txt['membergroups_edit_group'];
  947. createToken('admin-mmg');
  948. }
  949. /**
  950. * Set some general membergroup settings and permissions.
  951. * Called by ?action=admin;area=membergroups;sa=settings
  952. * Requires the admin_forum permission (and manage_permissions for changing permissions)
  953. * Redirects to itself.
  954. *
  955. * @uses membergroup_settings sub template of ManageMembergroups.
  956. */
  957. function ModifyMembergroupsettings()
  958. {
  959. global $context, $sourcedir, $scripturl, $modSettings, $txt;
  960. $context['sub_template'] = 'show_settings';
  961. $context['page_title'] = $txt['membergroups_settings'];
  962. // Needed for the settings functions.
  963. require_once($sourcedir . '/ManageServer.php');
  964. // Don't allow assignment of guests.
  965. $context['permissions_excluded'] = array(-1);
  966. // Only one thing here!
  967. $config_vars = array(
  968. array('permissions', 'manage_membergroups'),
  969. );
  970. call_integration_hook('integrate_modify_membergroup_settings', array(&$config_vars));
  971. if (isset($_REQUEST['save']))
  972. {
  973. checkSession();
  974. call_integration_hook('integrate_save_membergroup_settings');
  975. // Yeppers, saving this...
  976. saveDBSettings($config_vars);
  977. redirectexit('action=admin;area=membergroups;sa=settings');
  978. }
  979. // Some simple context.
  980. $context['post_url'] = $scripturl . '?action=admin;area=membergroups;save;sa=settings';
  981. $context['settings_title'] = $txt['membergroups_settings'];
  982. prepareDBSettingContext($config_vars);
  983. }
  984. ?>