Groups.php 33 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003
  1. <?php
  2. /**
  3. * This file currently just shows group info, and allows certain priviledged members to add/remove members.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2011 Simple Machines
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('Hacking attempt...');
  16. /**
  17. * Entry point function, permission checks, admin bars, etc.
  18. * It allows moderators and users to access the group showing functions.
  19. * It handles permission checks, and puts the moderation bar on as required.
  20. */
  21. function Groups()
  22. {
  23. global $context, $txt, $scripturl, $sourcedir, $user_info;
  24. // The sub-actions that we can do. Format "Function Name, Mod Bar Index if appropriate".
  25. $subActions = array(
  26. 'index' => array('GroupList', 'view_groups'),
  27. 'members' => array('MembergroupMembers', 'view_groups'),
  28. 'requests' => array('GroupRequests', 'group_requests'),
  29. );
  30. // Default to sub action 'index' or 'settings' depending on permissions.
  31. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'index';
  32. // Get the template stuff up and running.
  33. loadLanguage('ManageMembers');
  34. loadLanguage('ModerationCenter');
  35. loadTemplate('ManageMembergroups');
  36. // If we can see the moderation center, and this has a mod bar entry, add the mod center bar.
  37. if (allowedTo('access_mod_center') || $user_info['mod_cache']['bq'] != '0=1' || $user_info['mod_cache']['gq'] != '0=1' || allowedTo('manage_membergroups'))
  38. {
  39. require_once($sourcedir . '/ModerationCenter.php');
  40. $_GET['area'] = $_REQUEST['sa'] == 'requests' ? 'groups' : 'viewgroups';
  41. ModerationMain(true);
  42. }
  43. // Otherwise add something to the link tree, for normal people.
  44. else
  45. {
  46. isAllowedTo('view_mlist');
  47. $context['linktree'][] = array(
  48. 'url' => $scripturl . '?action=groups',
  49. 'name' => $txt['groups'],
  50. );
  51. }
  52. // Call the actual function.
  53. $subActions[$_REQUEST['sa']][0]();
  54. }
  55. /**
  56. * This very simply lists the groups, nothing snazy.
  57. */
  58. function GroupList()
  59. {
  60. global $txt, $scripturl, $user_profile, $user_info, $context, $settings, $modSettings, $smcFunc, $sourcedir;
  61. // Yep, find the groups...
  62. $request = $smcFunc['db_query']('', '
  63. SELECT mg.id_group, mg.group_name, mg.description, mg.group_type, mg.online_color, mg.hidden,
  64. mg.stars, IFNULL(gm.id_member, 0) AS can_moderate
  65. FROM {db_prefix}membergroups AS mg
  66. LEFT JOIN {db_prefix}group_moderators AS gm ON (gm.id_group = mg.id_group AND gm.id_member = {int:current_member})
  67. WHERE mg.min_posts = {int:min_posts}
  68. AND mg.id_group != {int:mod_group}' . (allowedTo('admin_forum') ? '' : '
  69. AND mg.group_type != {int:is_protected}') . '
  70. ORDER BY group_name',
  71. array(
  72. 'current_member' => $user_info['id'],
  73. 'min_posts' => -1,
  74. 'mod_group' => 3,
  75. 'is_protected' => 1,
  76. )
  77. );
  78. // This is where we store our groups.
  79. $context['groups'] = array();
  80. $group_ids = array();
  81. $context['can_moderate'] = allowedTo('manage_membergroups');
  82. while ($row = $smcFunc['db_fetch_assoc']($request))
  83. {
  84. // We only list the groups they can see.
  85. if ($row['hidden'] && !$row['can_moderate'] && !allowedTo('manage_membergroups'))
  86. continue;
  87. $row['stars'] = explode('#', $row['stars']);
  88. $context['groups'][$row['id_group']] = array(
  89. 'id' => $row['id_group'],
  90. 'name' => $row['group_name'],
  91. 'desc' => $row['description'],
  92. 'color' => $row['online_color'],
  93. 'type' => $row['group_type'],
  94. 'num_members' => 0,
  95. 'stars' => !empty($row['stars'][0]) && !empty($row['stars'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $row['stars'][1] . '" alt="*" />', $row['stars'][0]) : '',
  96. );
  97. $context['can_moderate'] |= $row['can_moderate'];
  98. $group_ids[] = $row['id_group'];
  99. }
  100. $smcFunc['db_free_result']($request);
  101. // Count up the members separately...
  102. if (!empty($group_ids))
  103. {
  104. $query = $smcFunc['db_query']('', '
  105. SELECT id_group, COUNT(*) AS num_members
  106. FROM {db_prefix}members
  107. WHERE id_group IN ({array_int:group_list})
  108. GROUP BY id_group',
  109. array(
  110. 'group_list' => $group_ids,
  111. )
  112. );
  113. while ($row = $smcFunc['db_fetch_assoc']($query))
  114. $context['groups'][$row['id_group']]['num_members'] += $row['num_members'];
  115. $smcFunc['db_free_result']($query);
  116. // Only do additional groups if we can moderate...
  117. if ($context['can_moderate'])
  118. {
  119. $query = $smcFunc['db_query']('', '
  120. SELECT mg.id_group, COUNT(*) AS num_members
  121. FROM {db_prefix}membergroups AS mg
  122. INNER JOIN {db_prefix}members AS mem ON (mem.additional_groups != {string:blank_screen}
  123. AND mem.id_group != mg.id_group
  124. AND FIND_IN_SET(mg.id_group, mem.additional_groups) != 0)
  125. WHERE mg.id_group IN ({array_int:group_list})
  126. GROUP BY mg.id_group',
  127. array(
  128. 'group_list' => $group_ids,
  129. 'blank_screen' => '',
  130. )
  131. );
  132. while ($row = $smcFunc['db_fetch_assoc']($query))
  133. $context['groups'][$row['id_group']]['num_members'] += $row['num_members'];
  134. $smcFunc['db_free_result']($query);
  135. }
  136. }
  137. $context['sub_template'] = 'group_index';
  138. $context['page_title'] = $txt['viewing_groups'];
  139. // Making a list is not hard with this beauty.
  140. require_once($sourcedir . '/Subs-List.php');
  141. // Use the standard templates for showing this.
  142. $listOptions = array(
  143. 'id' => 'group_lists',
  144. 'title' => $context['page_title'],
  145. 'get_items' => array(
  146. 'function' => 'list_getGroups',
  147. ),
  148. 'columns' => array(
  149. 'group' => array(
  150. 'header' => array(
  151. 'value' => $txt['name'],
  152. ),
  153. 'data' => array(
  154. 'function' => create_function('$group', '
  155. global $scripturl, $context;
  156. $output = \'<a href="\' . $scripturl . \'?action=\' . $context[\'current_action\'] . (isset($context[\'admin_area\']) ? \';area=\' . $context[\'admin_area\'] : \'\') . \';sa=members;group=\' . $group[\'id\'] . \'" \' . ($group[\'color\'] ? \'style="color: \' . $group[\'color\'] . \';"\' : \'\') . \'>\' . $group[\'name\'] . \'</a>\';
  157. if ($group[\'desc\'])
  158. $output .= \'<div class="smalltext">\' . $group[\'desc\'] . \'</div>\';
  159. return $output;
  160. '),
  161. 'style' => 'width: 50%;',
  162. ),
  163. ),
  164. 'stars' => array(
  165. 'header' => array(
  166. 'value' => $txt['membergroups_stars'],
  167. ),
  168. 'data' => array(
  169. 'db' => 'stars',
  170. ),
  171. ),
  172. 'moderators' => array(
  173. 'header' => array(
  174. 'value' => $txt['moderators'],
  175. ),
  176. 'data' => array(
  177. 'function' => create_function('$group', '
  178. global $txt;
  179. return empty($group[\'moderators\']) ? \'<em>\' . $txt[\'membergroups_new_copy_none\'] . \'</em>\' : implode(\', \', $group[\'moderators\']);
  180. '),
  181. ),
  182. ),
  183. 'members' => array(
  184. 'header' => array(
  185. 'value' => $txt['membergroups_members_top'],
  186. ),
  187. 'data' => array(
  188. 'comma_format' => true,
  189. 'db' => 'num_members',
  190. ),
  191. ),
  192. ),
  193. );
  194. // Create the request list.
  195. createList($listOptions);
  196. $context['sub_template'] = 'show_list';
  197. $context['default_list'] = 'group_lists';
  198. }
  199. /**
  200. * Get the group information for the list.
  201. * @param int $start
  202. * @param int $items_per_page
  203. * @param int $sort
  204. */
  205. function list_getGroups($start, $items_per_page, $sort)
  206. {
  207. global $smcFunc, $txt, $scripturl, $user_info, $settings, $context;
  208. // Yep, find the groups...
  209. $request = $smcFunc['db_query']('', '
  210. SELECT mg.id_group, mg.group_name, mg.description, mg.group_type, mg.online_color, mg.hidden,
  211. mg.stars, IFNULL(gm.id_member, 0) AS can_moderate
  212. FROM {db_prefix}membergroups AS mg
  213. LEFT JOIN {db_prefix}group_moderators AS gm ON (gm.id_group = mg.id_group AND gm.id_member = {int:current_member})
  214. WHERE mg.min_posts = {int:min_posts}
  215. AND mg.id_group != {int:mod_group}' . (allowedTo('admin_forum') ? '' : '
  216. AND mg.group_type != {int:is_protected}') . '
  217. ORDER BY group_name',
  218. array(
  219. 'current_member' => $user_info['id'],
  220. 'min_posts' => -1,
  221. 'mod_group' => 3,
  222. 'is_protected' => 1,
  223. )
  224. );
  225. // Start collecting the data.
  226. $groups = array();
  227. $group_ids = array();
  228. $context['can_moderate'] = allowedTo('manage_membergroups');
  229. while ($row = $smcFunc['db_fetch_assoc']($request))
  230. {
  231. // We only list the groups they can see.
  232. if ($row['hidden'] && !$row['can_moderate'] && !allowedTo('manage_membergroups'))
  233. continue;
  234. $row['stars'] = explode('#', $row['stars']);
  235. $groups[$row['id_group']] = array(
  236. 'id' => $row['id_group'],
  237. 'name' => $row['group_name'],
  238. 'desc' => $row['description'],
  239. 'color' => $row['online_color'],
  240. 'type' => $row['group_type'],
  241. 'num_members' => 0,
  242. 'moderators' => array(),
  243. 'stars' => !empty($row['stars'][0]) && !empty($row['stars'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $row['stars'][1] . '" alt="*" />', $row['stars'][0]) : '',
  244. );
  245. $context['can_moderate'] |= $row['can_moderate'];
  246. $group_ids[] = $row['id_group'];
  247. }
  248. $smcFunc['db_free_result']($request);
  249. // Count up the members separately...
  250. if (!empty($group_ids))
  251. {
  252. $query = $smcFunc['db_query']('', '
  253. SELECT id_group, COUNT(*) AS num_members
  254. FROM {db_prefix}members
  255. WHERE id_group IN ({array_int:group_list})
  256. GROUP BY id_group',
  257. array(
  258. 'group_list' => $group_ids,
  259. )
  260. );
  261. while ($row = $smcFunc['db_fetch_assoc']($query))
  262. $groups[$row['id_group']]['num_members'] += $row['num_members'];
  263. $smcFunc['db_free_result']($query);
  264. // Only do additional groups if we can moderate...
  265. if ($context['can_moderate'])
  266. {
  267. $query = $smcFunc['db_query']('', '
  268. SELECT mg.id_group, COUNT(*) AS num_members
  269. FROM {db_prefix}membergroups AS mg
  270. INNER JOIN {db_prefix}members AS mem ON (mem.additional_groups != {string:blank_screen}
  271. AND mem.id_group != mg.id_group
  272. AND FIND_IN_SET(mg.id_group, mem.additional_groups) != 0)
  273. WHERE mg.id_group IN ({array_int:group_list})
  274. GROUP BY mg.id_group',
  275. array(
  276. 'group_list' => $group_ids,
  277. 'blank_screen' => '',
  278. )
  279. );
  280. while ($row = $smcFunc['db_fetch_assoc']($query))
  281. $groups[$row['id_group']]['num_members'] += $row['num_members'];
  282. $smcFunc['db_free_result']($query);
  283. }
  284. }
  285. // Get any group moderators.
  286. // Count up the members separately...
  287. if (!empty($group_ids))
  288. {
  289. $query = $smcFunc['db_query']('', '
  290. SELECT mods.id_group, mods.id_member, mem.member_name, mem.real_name
  291. FROM {db_prefix}group_moderators AS mods
  292. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  293. WHERE mods.id_group IN ({array_int:group_list})',
  294. array(
  295. 'group_list' => $group_ids,
  296. )
  297. );
  298. while ($row = $smcFunc['db_fetch_assoc']($query))
  299. $groups[$row['id_group']]['moderators'][] = '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>';
  300. $smcFunc['db_free_result']($query);
  301. }
  302. return $groups;
  303. }
  304. /**
  305. * How many groups are there that are visible?
  306. *
  307. * @return int, the groups count.
  308. */
  309. function list_getGroupCount()
  310. {
  311. global $smcFunc;
  312. $request = $smcFunc['db_query']('', '
  313. SELECT COUNT(id_group) AS group_count
  314. FROM {db_prefix}membergroups
  315. WHERE mg.min_posts = {int:min_posts}
  316. AND mg.id_group != {int:mod_group}' . (allowedTo('admin_forum') ? '' : '
  317. AND mg.group_type != {int:is_protected}'),
  318. array(
  319. 'min_posts' => -1,
  320. 'mod_group' => 3,
  321. 'is_protected' => 1,
  322. )
  323. );
  324. list ($group_count) = $smcFunc['db_fetch_row']($request);
  325. $smcFunc['db_free_result']($request);
  326. return $group_count;
  327. }
  328. /**
  329. * Display members of a group, and allow adding of members to a group. Silly function name though ;)
  330. * It can be called from ManageMembergroups if it needs templating within the admin environment.
  331. * It shows a list of members that are part of a given membergroup.
  332. * It is called by ?action=moderate;area=viewgroups;sa=members;group=x
  333. * It requires the manage_membergroups permission.
  334. * It allows to add and remove members from the selected membergroup.
  335. * It allows sorting on several columns.
  336. * It redirects to itself.
  337. * @uses ManageMembergroups template, group_members sub template.
  338. */
  339. function MembergroupMembers()
  340. {
  341. global $txt, $scripturl, $context, $modSettings, $sourcedir, $user_info, $settings, $smcFunc;
  342. $_REQUEST['group'] = isset($_REQUEST['group']) ? (int) $_REQUEST['group'] : 0;
  343. // No browsing of guests, membergroup 0 or moderators.
  344. if (in_array($_REQUEST['group'], array(-1, 0, 3)))
  345. fatal_lang_error('membergroup_does_not_exist', false);
  346. // Load up the group details.
  347. $request = $smcFunc['db_query']('', '
  348. SELECT id_group AS id, group_name AS name, CASE WHEN min_posts = {int:min_posts} THEN 1 ELSE 0 END AS assignable, hidden, online_color,
  349. stars, description, CASE WHEN min_posts != {int:min_posts} THEN 1 ELSE 0 END AS is_post_group, group_type
  350. FROM {db_prefix}membergroups
  351. WHERE id_group = {int:id_group}
  352. LIMIT 1',
  353. array(
  354. 'min_posts' => -1,
  355. 'id_group' => $_REQUEST['group'],
  356. )
  357. );
  358. // Doesn't exist?
  359. if ($smcFunc['db_num_rows']($request) == 0)
  360. fatal_lang_error('membergroup_does_not_exist', false);
  361. $context['group'] = $smcFunc['db_fetch_assoc']($request);
  362. $smcFunc['db_free_result']($request);
  363. // Fix the stars.
  364. $context['group']['stars'] = explode('#', $context['group']['stars']);
  365. $context['group']['stars'] = !empty($context['group']['stars'][0]) && !empty($context['group']['stars'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $context['group']['stars'][1] . '" alt="*" />', $context['group']['stars'][0]) : '';
  366. $context['group']['can_moderate'] = allowedTo('manage_membergroups') && (allowedTo('admin_forum') || $context['group']['group_type'] != 1);
  367. $context['linktree'][] = array(
  368. 'url' => $scripturl . '?action=groups;sa=members;group=' . $context['group']['id'],
  369. 'name' => $context['group']['name'],
  370. );
  371. $context['can_send_email'] = allowedTo('send_email_to_members');
  372. // Load all the group moderators, for fun.
  373. $request = $smcFunc['db_query']('', '
  374. SELECT mem.id_member, mem.real_name
  375. FROM {db_prefix}group_moderators AS mods
  376. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  377. WHERE mods.id_group = {int:id_group}',
  378. array(
  379. 'id_group' => $_REQUEST['group'],
  380. )
  381. );
  382. $context['group']['moderators'] = array();
  383. while ($row = $smcFunc['db_fetch_assoc']($request))
  384. {
  385. $context['group']['moderators'][] = array(
  386. 'id' => $row['id_member'],
  387. 'name' => $row['real_name']
  388. );
  389. if ($user_info['id'] == $row['id_member'] && $context['group']['group_type'] != 1)
  390. $context['group']['can_moderate'] = true;
  391. }
  392. $smcFunc['db_free_result']($request);
  393. // If this group is hidden then it can only "exists" if the user can moderate it!
  394. if ($context['group']['hidden'] && !$context['group']['can_moderate'])
  395. fatal_lang_error('membergroup_does_not_exist', false);
  396. // You can only assign membership if you are the moderator and/or can manage groups!
  397. if (!$context['group']['can_moderate'])
  398. $context['group']['assignable'] = 0;
  399. // Non-admins cannot assign admins.
  400. elseif ($context['group']['id'] == 1 && !allowedTo('admin_forum'))
  401. $context['group']['assignable'] = 0;
  402. // Removing member from group?
  403. if (isset($_POST['remove']) && !empty($_REQUEST['rem']) && is_array($_REQUEST['rem']) && $context['group']['assignable'])
  404. {
  405. checkSession();
  406. validateToken('mod-mgm');
  407. // Make sure we're dealing with integers only.
  408. foreach ($_REQUEST['rem'] as $key => $group)
  409. $_REQUEST['rem'][$key] = (int) $group;
  410. require_once($sourcedir . '/Subs-Membergroups.php');
  411. removeMembersFromGroups($_REQUEST['rem'], $_REQUEST['group'], true);
  412. }
  413. // Must be adding new members to the group...
  414. elseif (isset($_REQUEST['add']) && (!empty($_REQUEST['toAdd']) || !empty($_REQUEST['member_add'])) && $context['group']['assignable'])
  415. {
  416. checkSession();
  417. validateToken('mod-mgm');
  418. $member_query = array();
  419. $member_parameters = array();
  420. // Get all the members to be added... taking into account names can be quoted ;)
  421. $_REQUEST['toAdd'] = strtr($smcFunc['htmlspecialchars']($_REQUEST['toAdd'], ENT_QUOTES), array('&quot;' => '"'));
  422. preg_match_all('~"([^"]+)"~', $_REQUEST['toAdd'], $matches);
  423. $member_names = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_REQUEST['toAdd']))));
  424. foreach ($member_names as $index => $member_name)
  425. {
  426. $member_names[$index] = trim($smcFunc['strtolower']($member_names[$index]));
  427. if (strlen($member_names[$index]) == 0)
  428. unset($member_names[$index]);
  429. }
  430. // Any passed by ID?
  431. $member_ids = array();
  432. if (!empty($_REQUEST['member_add']))
  433. foreach ($_REQUEST['member_add'] as $id)
  434. if ($id > 0)
  435. $member_ids[] = (int) $id;
  436. // Construct the query pelements.
  437. if (!empty($member_ids))
  438. {
  439. $member_query[] = 'id_member IN ({array_int:member_ids})';
  440. $member_parameters['member_ids'] = $member_ids;
  441. }
  442. if (!empty($member_names))
  443. {
  444. $member_query[] = 'LOWER(member_name) IN ({array_string:member_names})';
  445. $member_query[] = 'LOWER(real_name) IN ({array_string:member_names})';
  446. $member_parameters['member_names'] = $member_names;
  447. }
  448. $members = array();
  449. if (!empty($member_query))
  450. {
  451. $request = $smcFunc['db_query']('', '
  452. SELECT id_member
  453. FROM {db_prefix}members
  454. WHERE (' . implode(' OR ', $member_query) . ')
  455. AND id_group != {int:id_group}
  456. AND FIND_IN_SET({int:id_group}, additional_groups) = 0',
  457. array_merge($member_parameters, array(
  458. 'id_group' => $_REQUEST['group'],
  459. ))
  460. );
  461. while ($row = $smcFunc['db_fetch_assoc']($request))
  462. $members[] = $row['id_member'];
  463. $smcFunc['db_free_result']($request);
  464. }
  465. // @todo Add $_POST['additional'] to templates!
  466. // Do the updates...
  467. if (!empty($members))
  468. {
  469. require_once($sourcedir . '/Subs-Membergroups.php');
  470. addMembersToGroup($members, $_REQUEST['group'], isset($_POST['additional']) || $context['group']['hidden'] ? 'only_additional' : 'auto', true);
  471. }
  472. }
  473. // Sort out the sorting!
  474. $sort_methods = array(
  475. 'name' => 'real_name',
  476. 'email' => allowedTo('moderate_forum') ? 'email_address' : 'hide_email ' . (isset($_REQUEST['desc']) ? 'DESC' : 'ASC') . ', email_address',
  477. 'active' => 'last_login',
  478. 'registered' => 'date_registered',
  479. 'posts' => 'posts',
  480. );
  481. // They didn't pick one, default to by name..
  482. if (!isset($_REQUEST['sort']) || !isset($sort_methods[$_REQUEST['sort']]))
  483. {
  484. $context['sort_by'] = 'name';
  485. $querySort = 'real_name';
  486. }
  487. // Otherwise default to ascending.
  488. else
  489. {
  490. $context['sort_by'] = $_REQUEST['sort'];
  491. $querySort = $sort_methods[$_REQUEST['sort']];
  492. }
  493. $context['sort_direction'] = isset($_REQUEST['desc']) ? 'down' : 'up';
  494. // The where on the query is interesting. Non-moderators should only see people who are in this group as primary.
  495. if ($context['group']['can_moderate'])
  496. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group} OR FIND_IN_SET({int:group}, additional_groups) != 0';
  497. else
  498. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group}';
  499. // Count members of the group.
  500. $request = $smcFunc['db_query']('', '
  501. SELECT COUNT(*)
  502. FROM {db_prefix}members
  503. WHERE ' . $where,
  504. array(
  505. 'group' => $_REQUEST['group'],
  506. )
  507. );
  508. list ($context['total_members']) = $smcFunc['db_fetch_row']($request);
  509. $smcFunc['db_free_result']($request);
  510. $context['total_members'] = comma_format($context['total_members']);
  511. // Create the page index.
  512. $context['page_index'] = constructPageIndex($scripturl . '?action=' . ($context['group']['can_moderate'] ? 'moderate;area=viewgroups' : 'groups') . ';sa=members;group=' . $_REQUEST['group'] . ';sort=' . $context['sort_by'] . (isset($_REQUEST['desc']) ? ';desc' : ''), $_REQUEST['start'], $context['total_members'], $modSettings['defaultMaxMembers']);
  513. $context['start'] = $_REQUEST['start'];
  514. $context['can_moderate_forum'] = allowedTo('moderate_forum');
  515. // Load up all members of this group.
  516. $request = $smcFunc['db_query']('', '
  517. SELECT id_member, member_name, real_name, email_address, member_ip, date_registered, last_login,
  518. hide_email, posts, is_activated, real_name
  519. FROM {db_prefix}members
  520. WHERE ' . $where . '
  521. ORDER BY ' . $querySort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC') . '
  522. LIMIT ' . $context['start'] . ', ' . $modSettings['defaultMaxMembers'],
  523. array(
  524. 'group' => $_REQUEST['group'],
  525. )
  526. );
  527. $context['members'] = array();
  528. while ($row = $smcFunc['db_fetch_assoc']($request))
  529. {
  530. $last_online = empty($row['last_login']) ? $txt['never'] : timeformat($row['last_login']);
  531. // Italicize the online note if they aren't activated.
  532. if ($row['is_activated'] % 10 != 1)
  533. $last_online = '<em title="' . $txt['not_activated'] . '">' . $last_online . '</em>';
  534. $context['members'][] = array(
  535. 'id' => $row['id_member'],
  536. 'name' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  537. 'email' => $row['email_address'],
  538. 'show_email' => showEmailAddress(!empty($row['hide_email']), $row['id_member']),
  539. 'ip' => '<a href="' . $scripturl . '?action=trackip;searchip=' . $row['member_ip'] . '">' . $row['member_ip'] . '</a>',
  540. 'registered' => timeformat($row['date_registered']),
  541. 'last_online' => $last_online,
  542. 'posts' => comma_format($row['posts']),
  543. 'is_activated' => $row['is_activated'] % 10 == 1,
  544. );
  545. }
  546. $smcFunc['db_free_result']($request);
  547. // Select the template.
  548. $context['sub_template'] = 'group_members';
  549. $context['page_title'] = $txt['membergroups_members_title'] . ': ' . $context['group']['name'];
  550. createToken('mod-mgm');
  551. }
  552. /**
  553. * Show and manage all group requests.
  554. */
  555. function GroupRequests()
  556. {
  557. global $txt, $context, $scripturl, $user_info, $sourcedir, $smcFunc, $modSettings, $language;
  558. // Set up the template stuff...
  559. $context['page_title'] = $txt['mc_group_requests'];
  560. $context['sub_template'] = 'show_list';
  561. // Verify we can be here.
  562. if ($user_info['mod_cache']['gq'] == '0=1')
  563. isAllowedTo('manage_membergroups');
  564. // Normally, we act normally...
  565. $where = $user_info['mod_cache']['gq'] == '1=1' || $user_info['mod_cache']['gq'] == '0=1' ? $user_info['mod_cache']['gq'] : 'lgr.' . $user_info['mod_cache']['gq'];
  566. $where_parameters = array();
  567. // We've submitted?
  568. if (isset($_POST[$context['session_var']]) && !empty($_POST['groupr']) && !empty($_POST['req_action']))
  569. {
  570. checkSession('post');
  571. validateToken('mod-gr');
  572. // Clean the values.
  573. foreach ($_POST['groupr'] as $k => $request)
  574. $_POST['groupr'][$k] = (int) $request;
  575. // If we are giving a reason (And why shouldn't we?), then we don't actually do much.
  576. if ($_POST['req_action'] == 'reason')
  577. {
  578. // Different sub template...
  579. $context['sub_template'] = 'group_request_reason';
  580. // And a limitation. We don't care that the page number bit makes no sense, as we don't need it!
  581. $where .= ' AND lgr.id_request IN ({array_int:request_ids})';
  582. $where_parameters['request_ids'] = $_POST['groupr'];
  583. $context['group_requests'] = list_getGroupRequests(0, $modSettings['defaultMaxMessages'], 'lgr.id_request', $where, $where_parameters);
  584. // Let obExit etc sort things out.
  585. obExit();
  586. }
  587. // Otherwise we do something!
  588. else
  589. {
  590. // Get the details of all the members concerned...
  591. $request = $smcFunc['db_query']('', '
  592. SELECT lgr.id_request, lgr.id_member, lgr.id_group, mem.email_address, mem.id_group AS primary_group,
  593. mem.additional_groups AS additional_groups, mem.lngfile, mem.member_name, mem.notify_types,
  594. mg.hidden, mg.group_name
  595. FROM {db_prefix}log_group_requests AS lgr
  596. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  597. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  598. WHERE ' . $where . '
  599. AND lgr.id_request IN ({array_int:request_list})
  600. ORDER BY mem.lngfile',
  601. array(
  602. 'request_list' => $_POST['groupr'],
  603. )
  604. );
  605. $email_details = array();
  606. $group_changes = array();
  607. while ($row = $smcFunc['db_fetch_assoc']($request))
  608. {
  609. $row['lngfile'] = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  610. // If we are approving work out what their new group is.
  611. if ($_POST['req_action'] == 'approve')
  612. {
  613. // For people with more than one request at once.
  614. if (isset($group_changes[$row['id_member']]))
  615. {
  616. $row['additional_groups'] = $group_changes[$row['id_member']]['add'];
  617. $row['primary_group'] = $group_changes[$row['id_member']]['primary'];
  618. }
  619. else
  620. $row['additional_groups'] = explode(',', $row['additional_groups']);
  621. // Don't have it already?
  622. if ($row['primary_group'] == $row['id_group'] || in_array($row['id_group'], $row['additional_groups']))
  623. continue;
  624. // Should it become their primary?
  625. if ($row['primary_group'] == 0 && $row['hidden'] == 0)
  626. $row['primary_group'] = $row['id_group'];
  627. else
  628. $row['additional_groups'][] = $row['id_group'];
  629. // Add them to the group master list.
  630. $group_changes[$row['id_member']] = array(
  631. 'primary' => $row['primary_group'],
  632. 'add' => $row['additional_groups'],
  633. );
  634. }
  635. // Add required information to email them.
  636. if ($row['notify_types'] != 4)
  637. $email_details[] = array(
  638. 'rid' => $row['id_request'],
  639. 'member_id' => $row['id_member'],
  640. 'member_name' => $row['member_name'],
  641. 'group_id' => $row['id_group'],
  642. 'group_name' => $row['group_name'],
  643. 'email' => $row['email_address'],
  644. 'language' => $row['lngfile'],
  645. );
  646. }
  647. $smcFunc['db_free_result']($request);
  648. // Remove the evidence...
  649. $smcFunc['db_query']('', '
  650. DELETE FROM {db_prefix}log_group_requests
  651. WHERE id_request IN ({array_int:request_list})',
  652. array(
  653. 'request_list' => $_POST['groupr'],
  654. )
  655. );
  656. // Ensure everyone who is online gets their changes right away.
  657. updateSettings(array('settings_updated' => time()));
  658. if (!empty($email_details))
  659. {
  660. require_once($sourcedir . '/Subs-Post.php');
  661. // They are being approved?
  662. if ($_POST['req_action'] == 'approve')
  663. {
  664. // Make the group changes.
  665. foreach ($group_changes as $id => $groups)
  666. {
  667. // Sanity check!
  668. foreach ($groups['add'] as $key => $value)
  669. if ($value == 0 || trim($value) == '')
  670. unset($groups['add'][$key]);
  671. $smcFunc['db_query']('', '
  672. UPDATE {db_prefix}members
  673. SET id_group = {int:primary_group}, additional_groups = {string:additional_groups}
  674. WHERE id_member = {int:selected_member}',
  675. array(
  676. 'primary_group' => $groups['primary'],
  677. 'selected_member' => $id,
  678. 'additional_groups' => implode(',', $groups['add']),
  679. )
  680. );
  681. }
  682. $lastLng = $user_info['language'];
  683. foreach ($email_details as $email)
  684. {
  685. $replacements = array(
  686. 'USERNAME' => $email['member_name'],
  687. 'GROUPNAME' => $email['group_name'],
  688. );
  689. $emaildata = loadEmailTemplate('mc_group_approve', $replacements, $email['language']);
  690. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 2);
  691. }
  692. }
  693. // Otherwise, they are getting rejected (With or without a reason).
  694. else
  695. {
  696. // Same as for approving, kind of.
  697. $lastLng = $user_info['language'];
  698. foreach ($email_details as $email)
  699. {
  700. $custom_reason = isset($_POST['groupreason']) && isset($_POST['groupreason'][$email['rid']]) ? $_POST['groupreason'][$email['rid']] : '';
  701. $replacements = array(
  702. 'USERNAME' => $email['member_name'],
  703. 'GROUPNAME' => $email['group_name'],
  704. );
  705. if (!empty($custom_reason))
  706. $replacements['REASON'] = $custom_reason;
  707. $emaildata = loadEmailTemplate(empty($custom_reason) ? 'mc_group_reject' : 'mc_group_reject_reason', $replacements, $email['language']);
  708. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 2);
  709. }
  710. }
  711. }
  712. // Restore the current language.
  713. loadLanguage('ModerationCenter');
  714. }
  715. }
  716. // We're going to want this for making our list.
  717. require_once($sourcedir . '/Subs-List.php');
  718. // This is all the information required for a group listing.
  719. $listOptions = array(
  720. 'id' => 'group_request_list',
  721. 'title' => $txt['mc_group_requests'],
  722. 'width' => '100%',
  723. 'items_per_page' => $modSettings['defaultMaxMessages'],
  724. 'no_items_label' => $txt['mc_groupr_none_found'],
  725. 'base_href' => $scripturl . '?action=groups;sa=requests',
  726. 'default_sort_col' => 'member',
  727. 'get_items' => array(
  728. 'function' => 'list_getGroupRequests',
  729. 'params' => array(
  730. $where,
  731. $where_parameters,
  732. ),
  733. ),
  734. 'get_count' => array(
  735. 'function' => 'list_getGroupRequestCount',
  736. 'params' => array(
  737. $where,
  738. $where_parameters,
  739. ),
  740. ),
  741. 'columns' => array(
  742. 'member' => array(
  743. 'header' => array(
  744. 'value' => $txt['mc_groupr_member'],
  745. ),
  746. 'data' => array(
  747. 'db' => 'member_link',
  748. ),
  749. 'sort' => array(
  750. 'default' => 'mem.member_name',
  751. 'reverse' => 'mem.member_name DESC',
  752. ),
  753. ),
  754. 'group' => array(
  755. 'header' => array(
  756. 'value' => $txt['mc_groupr_group'],
  757. ),
  758. 'data' => array(
  759. 'db' => 'group_link',
  760. ),
  761. 'sort' => array(
  762. 'default' => 'mg.group_name',
  763. 'reverse' => 'mg.group_name DESC',
  764. ),
  765. ),
  766. 'reason' => array(
  767. 'header' => array(
  768. 'value' => $txt['mc_groupr_reason'],
  769. ),
  770. 'data' => array(
  771. 'db' => 'reason',
  772. ),
  773. ),
  774. 'date' => array(
  775. 'header' => array(
  776. 'value' => $txt['date'],
  777. 'style' => 'width: 18%;white-space:nowrap;',
  778. ),
  779. 'data' => array(
  780. 'db' => 'time_submitted',
  781. ),
  782. ),
  783. 'action' => array(
  784. 'header' => array(
  785. 'value' => '<input type="checkbox" class="input_check" onclick="invertAll(this, this.form);" />',
  786. 'style' => 'width: 4%;',
  787. ),
  788. 'data' => array(
  789. 'sprintf' => array(
  790. 'format' => '<input type="checkbox" name="groupr[]" value="%1$d" class="input_check" />',
  791. 'params' => array(
  792. 'id' => false,
  793. ),
  794. ),
  795. 'style' => 'text-align: center;',
  796. ),
  797. ),
  798. ),
  799. 'form' => array(
  800. 'href' => $scripturl . '?action=groups;sa=requests',
  801. 'include_sort' => true,
  802. 'include_start' => true,
  803. 'hidden_fields' => array(
  804. $context['session_var'] => $context['session_id'],
  805. ),
  806. 'token' => 'mod-gr',
  807. ),
  808. 'additional_rows' => array(
  809. array(
  810. 'position' => 'bottom_of_list',
  811. 'value' => '
  812. <select name="req_action" onchange="if (this.value != 0 &amp;&amp; (this.value == \'reason\' || confirm(\'' . $txt['mc_groupr_warning'] . '\'))) this.form.submit();">
  813. <option value="0">' . $txt['with_selected'] . ':</option>
  814. <option value="0">---------------------</option>
  815. <option value="approve">' . $txt['mc_groupr_approve'] . '</option>
  816. <option value="reject">' . $txt['mc_groupr_reject'] . '</option>
  817. <option value="reason">' . $txt['mc_groupr_reject_w_reason'] . '</option>
  818. </select>
  819. <input type="submit" name="go" value="' . $txt['go'] . '" onclick="var sel = document.getElementById(\'req_action\'); if (sel.value != 0 &amp;&amp; sel.value != \'reason\' &amp;&amp; !confirm(\'' . $txt['mc_groupr_warning'] . '\')) return false;" class="button_submit" />',
  820. 'align' => 'right',
  821. ),
  822. ),
  823. );
  824. // Create the request list.
  825. createToken('mod-gr');
  826. createList($listOptions);
  827. $context['default_list'] = 'group_request_list';
  828. }
  829. /**
  830. * Callback function for createList().
  831. *
  832. * @param $where
  833. * @param $where_parameters
  834. * @return int, the count of group requests
  835. */
  836. function list_getGroupRequestCount($where, $where_parameters)
  837. {
  838. global $smcFunc;
  839. $request = $smcFunc['db_query']('', '
  840. SELECT COUNT(*)
  841. FROM {db_prefix}log_group_requests AS lgr
  842. WHERE ' . $where,
  843. array_merge($where_parameters, array(
  844. ))
  845. );
  846. list ($totalRequests) = $smcFunc['db_fetch_row']($request);
  847. $smcFunc['db_free_result']($request);
  848. return $totalRequests;
  849. }
  850. /**
  851. * Callback function for createList()
  852. *
  853. * @param int $start
  854. * @param int $items_per_page
  855. * @param string $sort
  856. * @param string $where
  857. * @param string $where_parameters
  858. * @return array, an array of group requests
  859. * Each group request has:
  860. * 'id'
  861. * 'member_link'
  862. * 'group_link'
  863. * 'reason'
  864. * 'time_submitted'
  865. */
  866. function list_getGroupRequests($start, $items_per_page, $sort, $where, $where_parameters)
  867. {
  868. global $smcFunc, $txt, $scripturl;
  869. $request = $smcFunc['db_query']('', '
  870. SELECT lgr.id_request, lgr.id_member, lgr.id_group, lgr.time_applied, lgr.reason,
  871. mem.member_name, mg.group_name, mg.online_color, mem.real_name
  872. FROM {db_prefix}log_group_requests AS lgr
  873. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  874. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  875. WHERE ' . $where . '
  876. ORDER BY {raw:sort}
  877. LIMIT ' . $start . ', ' . $items_per_page,
  878. array_merge($where_parameters, array(
  879. 'sort' => $sort,
  880. ))
  881. );
  882. $group_requests = array();
  883. while ($row = $smcFunc['db_fetch_assoc']($request))
  884. {
  885. $group_requests[] = array(
  886. 'id' => $row['id_request'],
  887. 'member_link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  888. 'group_link' => '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>',
  889. 'reason' => censorText($row['reason']),
  890. 'time_submitted' => timeformat($row['time_applied']),
  891. );
  892. }
  893. $smcFunc['db_free_result']($request);
  894. return $group_requests;
  895. }
  896. ?>