Groups.php 29 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853
  1. <?php
  2. /**
  3. * This file currently just shows group info, and allows certain priviledged members to add/remove members.
  4. *
  5. * Simple Machines Forum (SMF)
  6. *
  7. * @package SMF
  8. * @author Simple Machines http://www.simplemachines.org
  9. * @copyright 2014 Simple Machines and individual contributors
  10. * @license http://www.simplemachines.org/about/smf/license.php BSD
  11. *
  12. * @version 2.1 Alpha 1
  13. */
  14. if (!defined('SMF'))
  15. die('No direct access...');
  16. /**
  17. * Entry point function, permission checks, admin bars, etc.
  18. * It allows moderators and users to access the group showing functions.
  19. * It handles permission checks, and puts the moderation bar on as required.
  20. */
  21. function Groups()
  22. {
  23. global $context, $txt, $scripturl, $sourcedir, $user_info;
  24. // The sub-actions that we can do. Format "Function Name, Mod Bar Index if appropriate".
  25. $subActions = array(
  26. 'index' => array('GroupList', 'view_groups'),
  27. 'members' => array('MembergroupMembers', 'view_groups'),
  28. 'requests' => array('GroupRequests', 'group_requests'),
  29. );
  30. // Default to sub action 'index' or 'settings' depending on permissions.
  31. $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : 'index';
  32. // Get the template stuff up and running.
  33. loadLanguage('ManageMembers');
  34. loadLanguage('ModerationCenter');
  35. loadTemplate('ManageMembergroups');
  36. // If we can see the moderation center, and this has a mod bar entry, add the mod center bar.
  37. if (allowedTo('access_mod_center') || $user_info['mod_cache']['bq'] != '0=1' || $user_info['mod_cache']['gq'] != '0=1' || allowedTo('manage_membergroups'))
  38. {
  39. require_once($sourcedir . '/ModerationCenter.php');
  40. $_GET['area'] = $_REQUEST['sa'] == 'requests' ? 'groups' : 'viewgroups';
  41. ModerationMain(true);
  42. }
  43. // Otherwise add something to the link tree, for normal people.
  44. else
  45. {
  46. isAllowedTo('view_mlist');
  47. $context['linktree'][] = array(
  48. 'url' => $scripturl . '?action=groups',
  49. 'name' => $txt['groups'],
  50. );
  51. }
  52. // Call the actual function.
  53. $subActions[$_REQUEST['sa']][0]();
  54. }
  55. /**
  56. * This very simply lists the groups, nothing snazy.
  57. */
  58. function GroupList()
  59. {
  60. global $txt, $context, $sourcedir, $scripturl;
  61. $context['page_title'] = $txt['viewing_groups'];
  62. // Making a list is not hard with this beauty.
  63. require_once($sourcedir . '/Subs-List.php');
  64. // Use the standard templates for showing this.
  65. $listOptions = array(
  66. 'id' => 'group_lists',
  67. 'title' => $context['page_title'],
  68. 'base_href' => $scripturl . '?action=moderate;area=viewgroups;sa=view',
  69. 'default_sort_col' => 'group',
  70. 'get_items' => array(
  71. 'file' => $sourcedir . '/Subs-Membergroups.php',
  72. 'function' => 'list_getMembergroups',
  73. 'params' => array(
  74. 'regular',
  75. ),
  76. ),
  77. 'columns' => array(
  78. 'group' => array(
  79. 'header' => array(
  80. 'value' => $txt['name'],
  81. ),
  82. 'data' => array(
  83. 'function' => create_function('$rowData', '
  84. global $scripturl;
  85. // Since the moderator group has no explicit members, no link is needed.
  86. if ($rowData[\'id_group\'] == 3)
  87. $group_name = $rowData[\'group_name\'];
  88. else
  89. {
  90. $color_style = empty($rowData[\'online_color\']) ? \'\' : sprintf(\' style="color: %1$s;"\', $rowData[\'online_color\']);
  91. if (allowedTo(\'manage_membergroups\'))
  92. {
  93. $group_name = sprintf(\'<a href="%1$s?action=admin;area=membergroups;sa=members;group=%2$d"%3$s>%4$s</a>\', $scripturl, $rowData[\'id_group\'], $color_style, $rowData[\'group_name\']);
  94. }
  95. else
  96. {
  97. $group_name = sprintf(\'<a href="%1$s?action=groups;sa=members;group=%2$d"%3$s>%4$s</a>\', $scripturl, $rowData[\'id_group\'], $color_style, $rowData[\'group_name\']);
  98. }
  99. }
  100. // Add a help option for moderator and administrator.
  101. if ($rowData[\'id_group\'] == 1)
  102. $group_name .= sprintf(\' (<a href="%1$s?action=helpadmin;help=membergroup_administrator" onclick="return reqOverlayDiv(this.href);">?</a>)\', $scripturl);
  103. elseif ($rowData[\'id_group\'] == 3)
  104. $group_name .= sprintf(\' (<a href="%1$s?action=helpadmin;help=membergroup_moderator" onclick="return reqOverlayDiv(this.href);">?</a>)\', $scripturl);
  105. return $group_name;
  106. '),
  107. ),
  108. 'sort' => array(
  109. 'default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name',
  110. 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name DESC',
  111. ),
  112. ),
  113. 'icons' => array(
  114. 'header' => array(
  115. 'value' => $txt['membergroups_icons'],
  116. ),
  117. 'data' => array(
  118. 'db' => 'icons',
  119. ),
  120. 'sort' => array(
  121. 'default' => 'mg.icons',
  122. 'reverse' => 'mg.icons DESC',
  123. )
  124. ),
  125. 'moderators' => array(
  126. 'header' => array(
  127. 'value' => $txt['moderators'],
  128. ),
  129. 'data' => array(
  130. 'function' => create_function('$group', '
  131. global $txt;
  132. return empty($group[\'moderators\']) ? \'<em>\' . $txt[\'membergroups_new_copy_none\'] . \'</em>\' : implode(\', \', $group[\'moderators\']);
  133. '),
  134. ),
  135. ),
  136. 'members' => array(
  137. 'header' => array(
  138. 'value' => $txt['membergroups_members_top'],
  139. ),
  140. 'data' => array(
  141. 'function' => create_function('$rowData', '
  142. global $txt;
  143. // No explicit members for the moderator group.
  144. return $rowData[\'id_group\'] == 3 ? $txt[\'membergroups_guests_na\'] : comma_format($rowData[\'num_members\']);
  145. '),
  146. 'class' => 'centercol',
  147. ),
  148. 'sort' => array(
  149. 'default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1',
  150. 'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1 DESC',
  151. ),
  152. ),
  153. ),
  154. );
  155. // Create the request list.
  156. createList($listOptions);
  157. $context['sub_template'] = 'show_list';
  158. $context['default_list'] = 'group_lists';
  159. }
  160. /**
  161. * Display members of a group, and allow adding of members to a group. Silly function name though ;)
  162. * It can be called from ManageMembergroups if it needs templating within the admin environment.
  163. * It shows a list of members that are part of a given membergroup.
  164. * It is called by ?action=moderate;area=viewgroups;sa=members;group=x
  165. * It requires the manage_membergroups permission.
  166. * It allows to add and remove members from the selected membergroup.
  167. * It allows sorting on several columns.
  168. * It redirects to itself.
  169. * @uses ManageMembergroups template, group_members sub template.
  170. * @todo: use createList
  171. */
  172. function MembergroupMembers()
  173. {
  174. global $txt, $scripturl, $context, $modSettings, $sourcedir, $user_info, $settings, $smcFunc;
  175. $_REQUEST['group'] = isset($_REQUEST['group']) ? (int) $_REQUEST['group'] : 0;
  176. // No browsing of guests, membergroup 0 or moderators.
  177. if (in_array($_REQUEST['group'], array(-1, 0, 3)))
  178. fatal_lang_error('membergroup_does_not_exist', false);
  179. // Load up the group details.
  180. $request = $smcFunc['db_query']('', '
  181. SELECT id_group AS id, group_name AS name, CASE WHEN min_posts = {int:min_posts} THEN 1 ELSE 0 END AS assignable, hidden, online_color,
  182. icons, description, CASE WHEN min_posts != {int:min_posts} THEN 1 ELSE 0 END AS is_post_group, group_type
  183. FROM {db_prefix}membergroups
  184. WHERE id_group = {int:id_group}
  185. LIMIT 1',
  186. array(
  187. 'min_posts' => -1,
  188. 'id_group' => $_REQUEST['group'],
  189. )
  190. );
  191. // Doesn't exist?
  192. if ($smcFunc['db_num_rows']($request) == 0)
  193. fatal_lang_error('membergroup_does_not_exist', false);
  194. $context['group'] = $smcFunc['db_fetch_assoc']($request);
  195. $smcFunc['db_free_result']($request);
  196. // Fix the membergroup icons.
  197. $context['group']['icons'] = explode('#', $context['group']['icons']);
  198. $context['group']['icons'] = !empty($context['group']['icons'][0]) && !empty($context['group']['icons'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/membericons/' . $context['group']['icons'][1] . '" alt="*">', $context['group']['icons'][0]) : '';
  199. $context['group']['can_moderate'] = allowedTo('manage_membergroups') && (allowedTo('admin_forum') || $context['group']['group_type'] != 1);
  200. $context['linktree'][] = array(
  201. 'url' => $scripturl . '?action=groups;sa=members;group=' . $context['group']['id'],
  202. 'name' => $context['group']['name'],
  203. );
  204. $context['can_send_email'] = allowedTo('send_email_to_members');
  205. // Load all the group moderators, for fun.
  206. $request = $smcFunc['db_query']('', '
  207. SELECT mem.id_member, mem.real_name
  208. FROM {db_prefix}group_moderators AS mods
  209. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
  210. WHERE mods.id_group = {int:id_group}',
  211. array(
  212. 'id_group' => $_REQUEST['group'],
  213. )
  214. );
  215. $context['group']['moderators'] = array();
  216. while ($row = $smcFunc['db_fetch_assoc']($request))
  217. {
  218. $context['group']['moderators'][] = array(
  219. 'id' => $row['id_member'],
  220. 'name' => $row['real_name']
  221. );
  222. if ($user_info['id'] == $row['id_member'] && $context['group']['group_type'] != 1)
  223. $context['group']['can_moderate'] = true;
  224. }
  225. $smcFunc['db_free_result']($request);
  226. // If this group is hidden then it can only "exists" if the user can moderate it!
  227. if ($context['group']['hidden'] && !$context['group']['can_moderate'])
  228. fatal_lang_error('membergroup_does_not_exist', false);
  229. // You can only assign membership if you are the moderator and/or can manage groups!
  230. if (!$context['group']['can_moderate'])
  231. $context['group']['assignable'] = 0;
  232. // Non-admins cannot assign admins.
  233. elseif ($context['group']['id'] == 1 && !allowedTo('admin_forum'))
  234. $context['group']['assignable'] = 0;
  235. // Removing member from group?
  236. if (isset($_POST['remove']) && !empty($_REQUEST['rem']) && is_array($_REQUEST['rem']) && $context['group']['assignable'])
  237. {
  238. checkSession();
  239. validateToken('mod-mgm');
  240. // Make sure we're dealing with integers only.
  241. foreach ($_REQUEST['rem'] as $key => $group)
  242. $_REQUEST['rem'][$key] = (int) $group;
  243. require_once($sourcedir . '/Subs-Membergroups.php');
  244. removeMembersFromGroups($_REQUEST['rem'], $_REQUEST['group'], true);
  245. }
  246. // Must be adding new members to the group...
  247. elseif (isset($_REQUEST['add']) && (!empty($_REQUEST['toAdd']) || !empty($_REQUEST['member_add'])) && $context['group']['assignable'])
  248. {
  249. checkSession();
  250. validateToken('mod-mgm');
  251. $member_query = array();
  252. $member_parameters = array();
  253. // Get all the members to be added... taking into account names can be quoted ;)
  254. $_REQUEST['toAdd'] = strtr($smcFunc['htmlspecialchars']($_REQUEST['toAdd'], ENT_QUOTES), array('&quot;' => '"'));
  255. preg_match_all('~"([^"]+)"~', $_REQUEST['toAdd'], $matches);
  256. $member_names = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_REQUEST['toAdd']))));
  257. foreach ($member_names as $index => $member_name)
  258. {
  259. $member_names[$index] = trim($smcFunc['strtolower']($member_names[$index]));
  260. if (strlen($member_names[$index]) == 0)
  261. unset($member_names[$index]);
  262. }
  263. // Any passed by ID?
  264. $member_ids = array();
  265. if (!empty($_REQUEST['member_add']))
  266. foreach ($_REQUEST['member_add'] as $id)
  267. if ($id > 0)
  268. $member_ids[] = (int) $id;
  269. // Construct the query pelements.
  270. if (!empty($member_ids))
  271. {
  272. $member_query[] = 'id_member IN ({array_int:member_ids})';
  273. $member_parameters['member_ids'] = $member_ids;
  274. }
  275. if (!empty($member_names))
  276. {
  277. $member_query[] = 'LOWER(member_name) IN ({array_string:member_names})';
  278. $member_query[] = 'LOWER(real_name) IN ({array_string:member_names})';
  279. $member_parameters['member_names'] = $member_names;
  280. }
  281. $members = array();
  282. if (!empty($member_query))
  283. {
  284. $request = $smcFunc['db_query']('', '
  285. SELECT id_member
  286. FROM {db_prefix}members
  287. WHERE (' . implode(' OR ', $member_query) . ')
  288. AND id_group != {int:id_group}
  289. AND FIND_IN_SET({int:id_group}, additional_groups) = 0',
  290. array_merge($member_parameters, array(
  291. 'id_group' => $_REQUEST['group'],
  292. ))
  293. );
  294. while ($row = $smcFunc['db_fetch_assoc']($request))
  295. $members[] = $row['id_member'];
  296. $smcFunc['db_free_result']($request);
  297. }
  298. // @todo Add $_POST['additional'] to templates!
  299. // Do the updates...
  300. if (!empty($members))
  301. {
  302. require_once($sourcedir . '/Subs-Membergroups.php');
  303. addMembersToGroup($members, $_REQUEST['group'], isset($_POST['additional']) || $context['group']['hidden'] ? 'only_additional' : 'auto', true);
  304. }
  305. }
  306. // Sort out the sorting!
  307. $sort_methods = array(
  308. 'name' => 'real_name',
  309. 'email' => allowedTo('moderate_forum') ? 'email_address' : 'hide_email ' . (isset($_REQUEST['desc']) ? 'DESC' : 'ASC') . ', email_address',
  310. 'active' => 'last_login',
  311. 'registered' => 'date_registered',
  312. 'posts' => 'posts',
  313. );
  314. // They didn't pick one, default to by name..
  315. if (!isset($_REQUEST['sort']) || !isset($sort_methods[$_REQUEST['sort']]))
  316. {
  317. $context['sort_by'] = 'name';
  318. $querySort = 'real_name';
  319. }
  320. // Otherwise default to ascending.
  321. else
  322. {
  323. $context['sort_by'] = $_REQUEST['sort'];
  324. $querySort = $sort_methods[$_REQUEST['sort']];
  325. }
  326. $context['sort_direction'] = isset($_REQUEST['desc']) ? 'down' : 'up';
  327. // The where on the query is interesting. Non-moderators should only see people who are in this group as primary.
  328. if ($context['group']['can_moderate'])
  329. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group} OR FIND_IN_SET({int:group}, additional_groups) != 0';
  330. else
  331. $where = $context['group']['is_post_group'] ? 'id_post_group = {int:group}' : 'id_group = {int:group}';
  332. // Count members of the group.
  333. $request = $smcFunc['db_query']('', '
  334. SELECT COUNT(*)
  335. FROM {db_prefix}members
  336. WHERE ' . $where,
  337. array(
  338. 'group' => $_REQUEST['group'],
  339. )
  340. );
  341. list ($context['total_members']) = $smcFunc['db_fetch_row']($request);
  342. $smcFunc['db_free_result']($request);
  343. $context['total_members'] = comma_format($context['total_members']);
  344. // Create the page index.
  345. $context['page_index'] = constructPageIndex($scripturl . '?action=' . ($context['group']['can_moderate'] ? 'moderate;area=viewgroups' : 'groups') . ';sa=members;group=' . $_REQUEST['group'] . ';sort=' . $context['sort_by'] . (isset($_REQUEST['desc']) ? ';desc' : ''), $_REQUEST['start'], $context['total_members'], $modSettings['defaultMaxMembers']);
  346. $context['start'] = $_REQUEST['start'];
  347. $context['can_moderate_forum'] = allowedTo('moderate_forum');
  348. // Load up all members of this group.
  349. $request = $smcFunc['db_query']('', '
  350. SELECT id_member, member_name, real_name, email_address, member_ip, date_registered, last_login,
  351. hide_email, posts, is_activated, real_name
  352. FROM {db_prefix}members
  353. WHERE ' . $where . '
  354. ORDER BY ' . $querySort . ' ' . ($context['sort_direction'] == 'down' ? 'DESC' : 'ASC') . '
  355. LIMIT ' . $context['start'] . ', ' . $modSettings['defaultMaxMembers'],
  356. array(
  357. 'group' => $_REQUEST['group'],
  358. )
  359. );
  360. $context['members'] = array();
  361. while ($row = $smcFunc['db_fetch_assoc']($request))
  362. {
  363. $last_online = empty($row['last_login']) ? $txt['never'] : timeformat($row['last_login']);
  364. // Italicize the online note if they aren't activated.
  365. if ($row['is_activated'] % 10 != 1)
  366. $last_online = '<em title="' . $txt['not_activated'] . '">' . $last_online . '</em>';
  367. $context['members'][] = array(
  368. 'id' => $row['id_member'],
  369. 'name' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  370. 'email' => $row['email_address'],
  371. 'show_email' => showEmailAddress(!empty($row['hide_email']), $row['id_member']),
  372. 'ip' => '<a href="' . $scripturl . '?action=trackip;searchip=' . $row['member_ip'] . '">' . $row['member_ip'] . '</a>',
  373. 'registered' => timeformat($row['date_registered']),
  374. 'last_online' => $last_online,
  375. 'posts' => comma_format($row['posts']),
  376. 'is_activated' => $row['is_activated'] % 10 == 1,
  377. );
  378. }
  379. $smcFunc['db_free_result']($request);
  380. // Select the template.
  381. $context['sub_template'] = 'group_members';
  382. $context['page_title'] = $txt['membergroups_members_title'] . ': ' . $context['group']['name'];
  383. createToken('mod-mgm');
  384. if ($context['group']['assignable'])
  385. loadJavascriptFile('suggest.js', array('default_theme' => true, 'defer' => false), 'smf_suggest');
  386. }
  387. /**
  388. * Show and manage all group requests.
  389. */
  390. function GroupRequests()
  391. {
  392. global $txt, $context, $scripturl, $user_info, $sourcedir, $smcFunc, $modSettings, $language;
  393. // Set up the template stuff...
  394. $context['page_title'] = $txt['mc_group_requests'];
  395. $context['sub_template'] = 'show_list';
  396. // Verify we can be here.
  397. if ($user_info['mod_cache']['gq'] == '0=1')
  398. isAllowedTo('manage_membergroups');
  399. // Normally, we act normally...
  400. $where = ($user_info['mod_cache']['gq'] == '1=1' || $user_info['mod_cache']['gq'] == '0=1' ? $user_info['mod_cache']['gq'] : 'lgr.' . $user_info['mod_cache']['gq']) . ' AND lgr.status = {int:status_open}';
  401. $where_parameters = array(
  402. 'status_open' => 0,
  403. );
  404. // We've submitted?
  405. if (isset($_POST[$context['session_var']]) && !empty($_POST['groupr']) && !empty($_POST['req_action']))
  406. {
  407. checkSession();
  408. validateToken('mod-gr');
  409. // Clean the values.
  410. foreach ($_POST['groupr'] as $k => $request)
  411. $_POST['groupr'][$k] = (int) $request;
  412. $log_changes = array();
  413. // If we are giving a reason (And why shouldn't we?), then we don't actually do much.
  414. if ($_POST['req_action'] == 'reason')
  415. {
  416. // Different sub template...
  417. $context['sub_template'] = 'group_request_reason';
  418. // And a limitation. We don't care that the page number bit makes no sense, as we don't need it!
  419. $where .= ' AND lgr.id_request IN ({array_int:request_ids})';
  420. $where_parameters['request_ids'] = $_POST['groupr'];
  421. $context['group_requests'] = list_getGroupRequests(0, $modSettings['defaultMaxMessages'], 'lgr.id_request', $where, $where_parameters);
  422. // Need to make another token for this.
  423. createToken('mod-gr');
  424. // Let obExit etc sort things out.
  425. obExit();
  426. }
  427. // Otherwise we do something!
  428. else
  429. {
  430. // Get the details of all the members concerned...
  431. $request = $smcFunc['db_query']('', '
  432. SELECT lgr.id_request, lgr.id_member, lgr.id_group, mem.email_address, mem.id_group AS primary_group,
  433. mem.additional_groups AS additional_groups, mem.lngfile, mem.member_name, mem.notify_types,
  434. mg.hidden, mg.group_name
  435. FROM {db_prefix}log_group_requests AS lgr
  436. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  437. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  438. WHERE ' . $where . '
  439. AND lgr.id_request IN ({array_int:request_list})
  440. ORDER BY mem.lngfile',
  441. array(
  442. 'request_list' => $_POST['groupr'],
  443. 'status_open' => 0,
  444. )
  445. );
  446. $email_details = array();
  447. $group_changes = array();
  448. while ($row = $smcFunc['db_fetch_assoc']($request))
  449. {
  450. $row['lngfile'] = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  451. if (!isset($log_changes[$row['id_request']]))
  452. $log_changes[$row['id_request']] = array(
  453. 'id_request' => $row['id_request'],
  454. 'status' => $_POST['req_action'] == 'approve' ? 1 : 2, // 1 = approved, 2 = rejected
  455. 'id_member_acted' => $user_info['id'],
  456. 'member_name_acted' => $user_info['name'],
  457. 'time_acted' => time(),
  458. 'act_reason' => $_POST['req_action'] != 'approve' && !empty($_POST['groupreason']) && !empty($_POST['groupreason'][$row['id_request']]) ? $smcFunc['htmlspecialchars']($_POST['groupreason'][$row['id_request']], ENT_QUOTES) : '',
  459. );
  460. // If we are approving work out what their new group is.
  461. if ($_POST['req_action'] == 'approve')
  462. {
  463. // For people with more than one request at once.
  464. if (isset($group_changes[$row['id_member']]))
  465. {
  466. $row['additional_groups'] = $group_changes[$row['id_member']]['add'];
  467. $row['primary_group'] = $group_changes[$row['id_member']]['primary'];
  468. }
  469. else
  470. $row['additional_groups'] = explode(',', $row['additional_groups']);
  471. // Don't have it already?
  472. if ($row['primary_group'] == $row['id_group'] || in_array($row['id_group'], $row['additional_groups']))
  473. continue;
  474. // Should it become their primary?
  475. if ($row['primary_group'] == 0 && $row['hidden'] == 0)
  476. $row['primary_group'] = $row['id_group'];
  477. else
  478. $row['additional_groups'][] = $row['id_group'];
  479. // Add them to the group master list.
  480. $group_changes[$row['id_member']] = array(
  481. 'primary' => $row['primary_group'],
  482. 'add' => $row['additional_groups'],
  483. );
  484. }
  485. // Add required information to email them.
  486. if ($row['notify_types'] != 4)
  487. $email_details[] = array(
  488. 'rid' => $row['id_request'],
  489. 'member_id' => $row['id_member'],
  490. 'member_name' => $row['member_name'],
  491. 'group_id' => $row['id_group'],
  492. 'group_name' => $row['group_name'],
  493. 'email' => $row['email_address'],
  494. 'language' => $row['lngfile'],
  495. );
  496. }
  497. $smcFunc['db_free_result']($request);
  498. // Ensure everyone who is online gets their changes right away.
  499. updateSettings(array('settings_updated' => time()));
  500. if (!empty($email_details))
  501. {
  502. require_once($sourcedir . '/Subs-Post.php');
  503. // They are being approved?
  504. if ($_POST['req_action'] == 'approve')
  505. {
  506. // Make the group changes.
  507. foreach ($group_changes as $id => $groups)
  508. {
  509. // Sanity check!
  510. foreach ($groups['add'] as $key => $value)
  511. if ($value == 0 || trim($value) == '')
  512. unset($groups['add'][$key]);
  513. $smcFunc['db_query']('', '
  514. UPDATE {db_prefix}members
  515. SET id_group = {int:primary_group}, additional_groups = {string:additional_groups}
  516. WHERE id_member = {int:selected_member}',
  517. array(
  518. 'primary_group' => $groups['primary'],
  519. 'selected_member' => $id,
  520. 'additional_groups' => implode(',', $groups['add']),
  521. )
  522. );
  523. }
  524. $lastLng = $user_info['language'];
  525. foreach ($email_details as $email)
  526. {
  527. $replacements = array(
  528. 'USERNAME' => $email['member_name'],
  529. 'GROUPNAME' => $email['group_name'],
  530. );
  531. $emaildata = loadEmailTemplate('mc_group_approve', $replacements, $email['language']);
  532. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, 'grpapp' . $email['rid'], false, 2);
  533. }
  534. }
  535. // Otherwise, they are getting rejected (With or without a reason).
  536. else
  537. {
  538. // Same as for approving, kind of.
  539. $lastLng = $user_info['language'];
  540. foreach ($email_details as $email)
  541. {
  542. $custom_reason = isset($_POST['groupreason']) && isset($_POST['groupreason'][$email['rid']]) ? $_POST['groupreason'][$email['rid']] : '';
  543. $replacements = array(
  544. 'USERNAME' => $email['member_name'],
  545. 'GROUPNAME' => $email['group_name'],
  546. );
  547. if (!empty($custom_reason))
  548. $replacements['REASON'] = $custom_reason;
  549. $emaildata = loadEmailTemplate(empty($custom_reason) ? 'mc_group_reject' : 'mc_group_reject_reason', $replacements, $email['language']);
  550. sendmail($email['email'], $emaildata['subject'], $emaildata['body'], null, 'grprej' . $email['rid'], false, 2);
  551. }
  552. }
  553. }
  554. // Some changes to log?
  555. if (!empty($log_changes))
  556. {
  557. foreach ($log_changes as $id_request => $details)
  558. {
  559. $smcFunc['db_query']('', '
  560. UPDATE {db_prefix}log_group_requests
  561. SET status = {int:status},
  562. id_member_acted = {int:id_member_acted},
  563. member_name_acted = {string:member_name_acted},
  564. time_acted = {int:time_acted},
  565. act_reason = {string:act_reason}
  566. WHERE id_request = {int:id_request}',
  567. $details
  568. );
  569. }
  570. }
  571. // Restore the current language.
  572. loadLanguage('ModerationCenter');
  573. }
  574. }
  575. // We're going to want this for making our list.
  576. require_once($sourcedir . '/Subs-List.php');
  577. // This is all the information required for a group listing.
  578. $listOptions = array(
  579. 'id' => 'group_request_list',
  580. 'width' => '100%',
  581. 'items_per_page' => $modSettings['defaultMaxMessages'],
  582. 'no_items_label' => $txt['mc_groupr_none_found'],
  583. 'base_href' => $scripturl . '?action=groups;sa=requests',
  584. 'default_sort_col' => 'member',
  585. 'get_items' => array(
  586. 'function' => 'list_getGroupRequests',
  587. 'params' => array(
  588. $where,
  589. $where_parameters,
  590. ),
  591. ),
  592. 'get_count' => array(
  593. 'function' => 'list_getGroupRequestCount',
  594. 'params' => array(
  595. $where,
  596. $where_parameters,
  597. ),
  598. ),
  599. 'columns' => array(
  600. 'member' => array(
  601. 'header' => array(
  602. 'value' => $txt['mc_groupr_member'],
  603. ),
  604. 'data' => array(
  605. 'db' => 'member_link',
  606. ),
  607. 'sort' => array(
  608. 'default' => 'mem.member_name',
  609. 'reverse' => 'mem.member_name DESC',
  610. ),
  611. ),
  612. 'group' => array(
  613. 'header' => array(
  614. 'value' => $txt['mc_groupr_group'],
  615. ),
  616. 'data' => array(
  617. 'db' => 'group_link',
  618. ),
  619. 'sort' => array(
  620. 'default' => 'mg.group_name',
  621. 'reverse' => 'mg.group_name DESC',
  622. ),
  623. ),
  624. 'reason' => array(
  625. 'header' => array(
  626. 'value' => $txt['mc_groupr_reason'],
  627. ),
  628. 'data' => array(
  629. 'db' => 'reason',
  630. ),
  631. ),
  632. 'date' => array(
  633. 'header' => array(
  634. 'value' => $txt['date'],
  635. 'style' => 'width: 18%; white-space:nowrap;',
  636. ),
  637. 'data' => array(
  638. 'db' => 'time_submitted',
  639. ),
  640. ),
  641. 'action' => array(
  642. 'header' => array(
  643. 'value' => '<input type="checkbox" class="input_check" onclick="invertAll(this, this.form);">',
  644. 'style' => 'width: 4%;',
  645. 'class' => 'centercol',
  646. ),
  647. 'data' => array(
  648. 'sprintf' => array(
  649. 'format' => '<input type="checkbox" name="groupr[]" value="%1$d" class="input_check">',
  650. 'params' => array(
  651. 'id' => false,
  652. ),
  653. ),
  654. 'class' => 'centercol',
  655. ),
  656. ),
  657. ),
  658. 'form' => array(
  659. 'href' => $scripturl . '?action=groups;sa=requests',
  660. 'include_sort' => true,
  661. 'include_start' => true,
  662. 'hidden_fields' => array(
  663. $context['session_var'] => $context['session_id'],
  664. ),
  665. 'token' => 'mod-gr',
  666. ),
  667. 'additional_rows' => array(
  668. array(
  669. 'position' => 'bottom_of_list',
  670. 'value' => '
  671. <select name="req_action" onchange="if (this.value != 0 &amp;&amp; (this.value == \'reason\' || confirm(\'' . $txt['mc_groupr_warning'] . '\'))) this.form.submit();">
  672. <option value="0">' . $txt['with_selected'] . ':</option>
  673. <option value="0">---------------------</option>
  674. <option value="approve">' . $txt['mc_groupr_approve'] . '</option>
  675. <option value="reject">' . $txt['mc_groupr_reject'] . '</option>
  676. <option value="reason">' . $txt['mc_groupr_reject_w_reason'] . '</option>
  677. </select>
  678. <input type="submit" name="go" value="' . $txt['go'] . '" onclick="var sel = document.getElementById(\'req_action\'); if (sel.value != 0 &amp;&amp; sel.value != \'reason\' &amp;&amp; !confirm(\'' . $txt['mc_groupr_warning'] . '\')) return false;" class="button_submit">',
  679. 'class' => 'floatright',
  680. ),
  681. ),
  682. );
  683. // Create the request list.
  684. createToken('mod-gr');
  685. createList($listOptions);
  686. $context['default_list'] = 'group_request_list';
  687. $context[$context['moderation_menu_name']]['tab_data'] = array(
  688. 'title' => $txt['mc_group_requests'],
  689. );
  690. }
  691. /**
  692. * Callback function for createList().
  693. *
  694. * @param $where
  695. * @param $where_parameters
  696. * @return int, the count of group requests
  697. */
  698. function list_getGroupRequestCount($where, $where_parameters)
  699. {
  700. global $smcFunc;
  701. $request = $smcFunc['db_query']('', '
  702. SELECT COUNT(*)
  703. FROM {db_prefix}log_group_requests AS lgr
  704. WHERE ' . $where,
  705. array_merge($where_parameters, array(
  706. ))
  707. );
  708. list ($totalRequests) = $smcFunc['db_fetch_row']($request);
  709. $smcFunc['db_free_result']($request);
  710. return $totalRequests;
  711. }
  712. /**
  713. * Callback function for createList()
  714. *
  715. * @param int $start The result to start with
  716. * @param int $items_per_page The number of items per page
  717. * @param string $sort An SQL sort expression (column/direction)
  718. * @param string $where Data for the WHERE clause
  719. * @param string $where_parameters Parameter values to be inerted into the WHERE clause
  720. * @return array An array of group requests
  721. * Each group request has:
  722. * 'id'
  723. * 'member_link'
  724. * 'group_link'
  725. * 'reason'
  726. * 'time_submitted'
  727. */
  728. function list_getGroupRequests($start, $items_per_page, $sort, $where, $where_parameters)
  729. {
  730. global $smcFunc, $scripturl;
  731. $request = $smcFunc['db_query']('', '
  732. SELECT lgr.id_request, lgr.id_member, lgr.id_group, lgr.time_applied, lgr.reason,
  733. mem.member_name, mg.group_name, mg.online_color, mem.real_name
  734. FROM {db_prefix}log_group_requests AS lgr
  735. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = lgr.id_member)
  736. INNER JOIN {db_prefix}membergroups AS mg ON (mg.id_group = lgr.id_group)
  737. WHERE ' . $where . '
  738. ORDER BY {raw:sort}
  739. LIMIT ' . $start . ', ' . $items_per_page,
  740. array_merge($where_parameters, array(
  741. 'sort' => $sort,
  742. ))
  743. );
  744. $group_requests = array();
  745. while ($row = $smcFunc['db_fetch_assoc']($request))
  746. {
  747. $group_requests[] = array(
  748. 'id' => $row['id_request'],
  749. 'member_link' => '<a href="' . $scripturl . '?action=profile;u=' . $row['id_member'] . '">' . $row['real_name'] . '</a>',
  750. 'group_link' => '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>',
  751. 'reason' => censorText($row['reason']),
  752. 'time_submitted' => timeformat($row['time_applied']),
  753. );
  754. }
  755. $smcFunc['db_free_result']($request);
  756. return $group_requests;
  757. }
  758. ?>