vamp-website: forum/Sources/ManagePermissions.php annotate

annotate forum/Sources/ManagePermissions.php @ 76:e3e11437ecea website

Add forum code

author	Chris Cannam
date	Sun, 07 Jul 2013 11:25:48 +0200
parents
children

rev	line source
Chris@76	1 <?php
Chris@76	2
Chris@76	3 /**
Chris@76	4 * Simple Machines Forum (SMF)
Chris@76	5 *
Chris@76	6 * @package SMF
Chris@76	7 * @author Simple Machines http://www.simplemachines.org
Chris@76	8 * @copyright 2011 Simple Machines
Chris@76	9 * @license http://www.simplemachines.org/about/smf/license.php BSD
Chris@76	10 *
Chris@76	11 * @version 2.0
Chris@76	12 */
Chris@76	13
Chris@76	14 if (!defined('SMF'))
Chris@76	15 die('Hacking attempt...');
Chris@76	16
Chris@76	17 /* ManagePermissions handles all possible permission stuff. The following
Chris@76	18 functions are used:
Chris@76	19
Chris@76	20 void ModifyPermissions()
Chris@76	21 - calls the right function based on the given subaction.
Chris@76	22 - checks the permissions, based on the sub-action.
Chris@76	23 - called by ?action=managepermissions.
Chris@76	24 - loads the ManagePermissions language file.
Chris@76	25
Chris@76	26 void PermissionIndex()
Chris@76	27 - sets up the permissions by membergroup index page.
Chris@76	28 - called by ?action=managepermissions
Chris@76	29 - uses the permission_index template of the ManageBoards template.
Chris@76	30 - loads the ManagePermissions language and template.
Chris@76	31 - creates an array of all the groups with the number of members and permissions.
Chris@76	32
Chris@76	33 void SetQuickGroups()
Chris@76	34 - handles permission modification actions from the upper part of the
Chris@76	35 permission manager index.
Chris@76	36 // !!!
Chris@76	37
Chris@76	38 void ModifyMembergroup()
Chris@76	39 // !!!
Chris@76	40
Chris@76	41 void ModifyMembergroup2()
Chris@76	42 // !!!
Chris@76	43
Chris@76	44 void GeneralPermissionSettings()
Chris@76	45 - a screen to set some general settings for permissions.
Chris@76	46
Chris@76	47 void setPermissionLevel(string level, int group, int profile = 'null')
Chris@76	48 - internal function to modify permissions to a pre-defined profile.
Chris@76	49 // !!!
Chris@76	50
Chris@76	51 void loadAllPermissions()
Chris@76	52 - internal function to load permissions into $context['permissions'].
Chris@76	53 // !!!
Chris@76	54
Chris@76	55 void loadPermissionProfiles()
Chris@76	56 // !!!
Chris@76	57
Chris@76	58 void EditPermissionProfiles()
Chris@76	59 // !!!
Chris@76	60
Chris@76	61 void init_inline_permissions(array permissions)
Chris@76	62 - internal function to initialise the inline permission settings.
Chris@76	63 - loads the ManagePermissions language and template.
Chris@76	64 - loads a context variables for each permission.
Chris@76	65 - used by several settings screens to set specific permissions.
Chris@76	66
Chris@76	67 void theme_inline_permissions(string permission)
Chris@76	68 - function called by templates to show a list of permissions settings.
Chris@76	69 - calls the template function template_inline_permissions().
Chris@76	70
Chris@76	71 save_inline_permissions(array permissions)
Chris@76	72 - general function to save the inline permissions sent by a form.
Chris@76	73 - does no session check.
Chris@76	74
Chris@76	75 void updateChildPermissions(array parent, int profile = null)
Chris@76	76 // !!!
Chris@76	77
Chris@76	78 void loadIllegalPermissions()
Chris@76	79 // !!!
Chris@76	80
Chris@76	81 void loadIllegalGuestPermissions()
Chris@76	82 - loads the permissions that can not be given to guests.
Chris@76	83 - stores the permissions in $context['non_guest_permissions'].
Chris@76	84
Chris@76	85 void ModifyPostModeration()
Chris@76	86 // !!!
Chris@76	87 */
Chris@76	88
Chris@76	89 function ModifyPermissions()
Chris@76	90 {
Chris@76	91 global $txt, $scripturl, $context;
Chris@76	92
Chris@76	93 loadLanguage('ManagePermissions+ManageMembers');
Chris@76	94 loadTemplate('ManagePermissions');
Chris@76	95
Chris@76	96 // Format: 'sub-action' => array('function_to_call', 'permission_needed'),
Chris@76	97 $subActions = array(
Chris@76	98 'board' => array('PermissionByBoard', 'manage_permissions'),
Chris@76	99 'index' => array('PermissionIndex', 'manage_permissions'),
Chris@76	100 'modify' => array('ModifyMembergroup', 'manage_permissions'),
Chris@76	101 'modify2' => array('ModifyMembergroup2', 'manage_permissions'),
Chris@76	102 'quick' => array('SetQuickGroups', 'manage_permissions'),
Chris@76	103 'quickboard' => array('SetQuickBoards', 'manage_permissions'),
Chris@76	104 'postmod' => array('ModifyPostModeration', 'manage_permissions'),
Chris@76	105 'profiles' => array('EditPermissionProfiles', 'manage_permissions'),
Chris@76	106 'settings' => array('GeneralPermissionSettings', 'admin_forum'),
Chris@76	107 );
Chris@76	108
Chris@76	109 $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : (allowedTo('manage_permissions') ? 'index' : 'settings');
Chris@76	110 isAllowedTo($subActions[$_REQUEST['sa']][1]);
Chris@76	111
Chris@76	112 // Create the tabs for the template.
Chris@76	113 $context[$context['admin_menu_name']]['tab_data'] = array(
Chris@76	114 'title' => $txt['permissions_title'],
Chris@76	115 'help' => 'permissions',
Chris@76	116 'description' => '',
Chris@76	117 'tabs' => array(
Chris@76	118 'index' => array(
Chris@76	119 'description' => $txt['permissions_groups'],
Chris@76	120 ),
Chris@76	121 'board' => array(
Chris@76	122 'description' => $txt['permission_by_board_desc'],
Chris@76	123 ),
Chris@76	124 'profiles' => array(
Chris@76	125 'description' => $txt['permissions_profiles_desc'],
Chris@76	126 ),
Chris@76	127 'postmod' => array(
Chris@76	128 'description' => $txt['permissions_post_moderation_desc'],
Chris@76	129 ),
Chris@76	130 'settings' => array(
Chris@76	131 'description' => $txt['permission_settings_desc'],
Chris@76	132 ),
Chris@76	133 ),
Chris@76	134 );
Chris@76	135
Chris@76	136 $subActions[$_REQUEST['sa']][0]();
Chris@76	137 }
Chris@76	138
Chris@76	139 function PermissionIndex()
Chris@76	140 {
Chris@76	141 global $txt, $scripturl, $context, $settings, $modSettings, $smcFunc;
Chris@76	142
Chris@76	143 $context['page_title'] = $txt['permissions_title'];
Chris@76	144
Chris@76	145 // Load all the permissions. We'll need them in the template.
Chris@76	146 loadAllPermissions();
Chris@76	147
Chris@76	148 // Also load profiles, we may want to reset.
Chris@76	149 loadPermissionProfiles();
Chris@76	150
Chris@76	151 // Are we going to show the advanced options?
Chris@76	152 $context['show_advanced_options'] = empty($context['admin_preferences']['app']);
Chris@76	153
Chris@76	154 // Determine the number of ungrouped members.
Chris@76	155 $request = $smcFunc['db_query']('', '
Chris@76	156 SELECT COUNT(*)
Chris@76	157 FROM {db_prefix}members
Chris@76	158 WHERE id_group = {int:regular_group}',
Chris@76	159 array(
Chris@76	160 'regular_group' => 0,
Chris@76	161 )
Chris@76	162 );
Chris@76	163 list ($num_members) = $smcFunc['db_fetch_row']($request);
Chris@76	164 $smcFunc['db_free_result']($request);
Chris@76	165
Chris@76	166 // Fill the context variable with 'Guests' and 'Regular Members'.
Chris@76	167 $context['groups'] = array(
Chris@76	168 -1 => array(
Chris@76	169 'id' => -1,
Chris@76	170 'name' => $txt['membergroups_guests'],
Chris@76	171 'num_members' => $txt['membergroups_guests_na'],
Chris@76	172 'allow_delete' => false,
Chris@76	173 'allow_modify' => true,
Chris@76	174 'can_search' => false,
Chris@76	175 'href' => '',
Chris@76	176 'link' => '',
Chris@76	177 'is_post_group' => false,
Chris@76	178 'color' => '',
Chris@76	179 'stars' => '',
Chris@76	180 'children' => array(),
Chris@76	181 'num_permissions' => array(
Chris@76	182 'allowed' => 0,
Chris@76	183 // Can't deny guest permissions!
Chris@76	184 'denied' => '(' . $txt['permissions_none'] . ')'
Chris@76	185 ),
Chris@76	186 'access' => false
Chris@76	187 ),
Chris@76	188 0 => array(
Chris@76	189 'id' => 0,
Chris@76	190 'name' => $txt['membergroups_members'],
Chris@76	191 'num_members' => $num_members,
Chris@76	192 'allow_delete' => false,
Chris@76	193 'allow_modify' => true,
Chris@76	194 'can_search' => false,
Chris@76	195 'href' => $scripturl . '?action=moderate;area=viewgroups;sa=members;group=0',
Chris@76	196 'is_post_group' => false,
Chris@76	197 'color' => '',
Chris@76	198 'stars' => '',
Chris@76	199 'children' => array(),
Chris@76	200 'num_permissions' => array(
Chris@76	201 'allowed' => 0,
Chris@76	202 'denied' => 0
Chris@76	203 ),
Chris@76	204 'access' => false
Chris@76	205 ),
Chris@76	206 );
Chris@76	207
Chris@76	208 $postGroups = array();
Chris@76	209 $normalGroups = array();
Chris@76	210
Chris@76	211 // Query the database defined membergroups.
Chris@76	212 $query = $smcFunc['db_query']('', '
Chris@76	213 SELECT id_group, id_parent, group_name, min_posts, online_color, stars
Chris@76	214 FROM {db_prefix}membergroups' . (empty($modSettings['permission_enable_postgroups']) ? '
Chris@76	215 WHERE min_posts = {int:min_posts}' : '') . '
Chris@76	216 ORDER BY id_parent = {int:not_inherited} DESC, min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
Chris@76	217 array(
Chris@76	218 'min_posts' => -1,
Chris@76	219 'not_inherited' => -2,
Chris@76	220 'newbie_group' => 4,
Chris@76	221 )
Chris@76	222 );
Chris@76	223 while ($row = $smcFunc['db_fetch_assoc']($query))
Chris@76	224 {
Chris@76	225 // If it's inherited, just add it as a child.
Chris@76	226 if ($row['id_parent'] != -2)
Chris@76	227 {
Chris@76	228 if (isset($context['groups'][$row['id_parent']]))
Chris@76	229 $context['groups'][$row['id_parent']]['children'][$row['id_group']] = $row['group_name'];
Chris@76	230 continue;
Chris@76	231 }
Chris@76	232
Chris@76	233 $row['stars'] = explode('#', $row['stars']);
Chris@76	234 $context['groups'][$row['id_group']] = array(
Chris@76	235 'id' => $row['id_group'],
Chris@76	236 'name' => $row['group_name'],
Chris@76	237 'num_members' => $row['id_group'] != 3 ? 0 : $txt['membergroups_guests_na'],
Chris@76	238 'allow_delete' => $row['id_group'] > 4,
Chris@76	239 'allow_modify' => $row['id_group'] > 1,
Chris@76	240 'can_search' => $row['id_group'] != 3,
Chris@76	241 'href' => $scripturl . '?action=moderate;area=viewgroups;sa=members;group=' . $row['id_group'],
Chris@76	242 'is_post_group' => $row['min_posts'] != -1,
Chris@76	243 'color' => empty($row['online_color']) ? '' : $row['online_color'],
Chris@76	244 'stars' => !empty($row['stars'][0]) && !empty($row['stars'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/' . $row['stars'][1] . '" alt="*" />', $row['stars'][0]) : '',
Chris@76	245 'children' => array(),
Chris@76	246 'num_permissions' => array(
Chris@76	247 'allowed' => $row['id_group'] == 1 ? '(' . $txt['permissions_all'] . ')' : 0,
Chris@76	248 'denied' => $row['id_group'] == 1 ? '(' . $txt['permissions_none'] . ')' : 0
Chris@76	249 ),
Chris@76	250 'access' => false,
Chris@76	251 );
Chris@76	252
Chris@76	253 if ($row['min_posts'] == -1)
Chris@76	254 $normalGroups[$row['id_group']] = $row['id_group'];
Chris@76	255 else
Chris@76	256 $postGroups[$row['id_group']] = $row['id_group'];
Chris@76	257 }
Chris@76	258 $smcFunc['db_free_result']($query);
Chris@76	259
Chris@76	260 // Get the number of members in this post group.
Chris@76	261 if (!empty($postGroups))
Chris@76	262 {
Chris@76	263 $query = $smcFunc['db_query']('', '
Chris@76	264 SELECT id_post_group AS id_group, COUNT(*) AS num_members
Chris@76	265 FROM {db_prefix}members
Chris@76	266 WHERE id_post_group IN ({array_int:post_group_list})
Chris@76	267 GROUP BY id_post_group',
Chris@76	268 array(
Chris@76	269 'post_group_list' => $postGroups,
Chris@76	270 )
Chris@76	271 );
Chris@76	272 while ($row = $smcFunc['db_fetch_assoc']($query))
Chris@76	273 $context['groups'][$row['id_group']]['num_members'] += $row['num_members'];
Chris@76	274 $smcFunc['db_free_result']($query);
Chris@76	275 }
Chris@76	276
Chris@76	277 if (!empty($normalGroups))
Chris@76	278 {
Chris@76	279 // First, the easy one!
Chris@76	280 $query = $smcFunc['db_query']('', '
Chris@76	281 SELECT id_group, COUNT(*) AS num_members
Chris@76	282 FROM {db_prefix}members
Chris@76	283 WHERE id_group IN ({array_int:normal_group_list})
Chris@76	284 GROUP BY id_group',
Chris@76	285 array(
Chris@76	286 'normal_group_list' => $normalGroups,
Chris@76	287 )
Chris@76	288 );
Chris@76	289 while ($row = $smcFunc['db_fetch_assoc']($query))
Chris@76	290 $context['groups'][$row['id_group']]['num_members'] += $row['num_members'];
Chris@76	291 $smcFunc['db_free_result']($query);
Chris@76	292
Chris@76	293 // This one is slower, but it's okay... careful not to count twice!
Chris@76	294 $query = $smcFunc['db_query']('', '
Chris@76	295 SELECT mg.id_group, COUNT(*) AS num_members
Chris@76	296 FROM {db_prefix}membergroups AS mg
Chris@76	297 INNER JOIN {db_prefix}members AS mem ON (mem.additional_groups != {string:blank_string}
Chris@76	298 AND mem.id_group != mg.id_group
Chris@76	299 AND FIND_IN_SET(mg.id_group, mem.additional_groups) != 0)
Chris@76	300 WHERE mg.id_group IN ({array_int:normal_group_list})
Chris@76	301 GROUP BY mg.id_group',
Chris@76	302 array(
Chris@76	303 'normal_group_list' => $normalGroups,
Chris@76	304 'blank_string' => '',
Chris@76	305 )
Chris@76	306 );
Chris@76	307 while ($row = $smcFunc['db_fetch_assoc']($query))
Chris@76	308 $context['groups'][$row['id_group']]['num_members'] += $row['num_members'];
Chris@76	309 $smcFunc['db_free_result']($query);
Chris@76	310 }
Chris@76	311
Chris@76	312 foreach ($context['groups'] as $id => $data)
Chris@76	313 {
Chris@76	314 if ($data['href'] != '')
Chris@76	315 $context['groups'][$id]['link'] = '<a href="' . $data['href'] . '">' . $data['num_members'] . '</a>';
Chris@76	316 }
Chris@76	317
Chris@76	318 if (empty($_REQUEST['pid']))
Chris@76	319 {
Chris@76	320 $request = $smcFunc['db_query']('', '
Chris@76	321 SELECT id_group, COUNT(*) AS num_permissions, add_deny
Chris@76	322 FROM {db_prefix}permissions
Chris@76	323 ' . (empty($context['hidden_permissions']) ? '' : ' WHERE permission NOT IN ({array_string:hidden_permissions})') . '
Chris@76	324 GROUP BY id_group, add_deny',
Chris@76	325 array(
Chris@76	326 'hidden_permissions' => !empty($context['hidden_permissions']) ? $context['hidden_permissions'] : array(),
Chris@76	327 )
Chris@76	328 );
Chris@76	329 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	330 if (isset($context['groups'][(int) $row['id_group']]) && (!empty($row['add_deny']) \|\| $row['id_group'] != -1))
Chris@76	331 $context['groups'][(int) $row['id_group']]['num_permissions'][empty($row['add_deny']) ? 'denied' : 'allowed'] = $row['num_permissions'];
Chris@76	332 $smcFunc['db_free_result']($request);
Chris@76	333
Chris@76	334 // Get the "default" profile permissions too.
Chris@76	335 $request = $smcFunc['db_query']('', '
Chris@76	336 SELECT id_profile, id_group, COUNT(*) AS num_permissions, add_deny
Chris@76	337 FROM {db_prefix}board_permissions
Chris@76	338 WHERE id_profile = {int:default_profile}
Chris@76	339 ' . (empty($context['hidden_permissions']) ? '' : ' AND permission NOT IN ({array_string:hidden_permissions})') . '
Chris@76	340 GROUP BY id_profile, id_group, add_deny',
Chris@76	341 array(
Chris@76	342 'default_profile' => 1,
Chris@76	343 'hidden_permissions' => !empty($context['hidden_permissions']) ? $context['hidden_permissions'] : array(),
Chris@76	344 )
Chris@76	345 );
Chris@76	346 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	347 {
Chris@76	348 if (isset($context['groups'][(int) $row['id_group']]) && (!empty($row['add_deny']) \|\| $row['id_group'] != -1))
Chris@76	349 $context['groups'][(int) $row['id_group']]['num_permissions'][empty($row['add_deny']) ? 'denied' : 'allowed'] += $row['num_permissions'];
Chris@76	350 }
Chris@76	351 $smcFunc['db_free_result']($request);
Chris@76	352 }
Chris@76	353 else
Chris@76	354 {
Chris@76	355 $_REQUEST['pid'] = (int) $_REQUEST['pid'];
Chris@76	356
Chris@76	357 if (!isset($context['profiles'][$_REQUEST['pid']]))
Chris@76	358 fatal_lang_error('no_access', false);
Chris@76	359
Chris@76	360 // Change the selected tab to better reflect that this really is a board profile.
Chris@76	361 $context[$context['admin_menu_name']]['current_subsection'] = 'profiles';
Chris@76	362
Chris@76	363 $request = $smcFunc['db_query']('', '
Chris@76	364 SELECT id_profile, id_group, COUNT(*) AS num_permissions, add_deny
Chris@76	365 FROM {db_prefix}board_permissions
Chris@76	366 WHERE id_profile = {int:current_profile}
Chris@76	367 GROUP BY id_profile, id_group, add_deny',
Chris@76	368 array(
Chris@76	369 'current_profile' => $_REQUEST['pid'],
Chris@76	370 )
Chris@76	371 );
Chris@76	372 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	373 {
Chris@76	374 if (isset($context['groups'][(int) $row['id_group']]) && (!empty($row['add_deny']) \|\| $row['id_group'] != -1))
Chris@76	375 $context['groups'][(int) $row['id_group']]['num_permissions'][empty($row['add_deny']) ? 'denied' : 'allowed'] += $row['num_permissions'];
Chris@76	376 }
Chris@76	377 $smcFunc['db_free_result']($request);
Chris@76	378
Chris@76	379 $context['profile'] = array(
Chris@76	380 'id' => $_REQUEST['pid'],
Chris@76	381 'name' => $context['profiles'][$_REQUEST['pid']]['name'],
Chris@76	382 );
Chris@76	383 }
Chris@76	384
Chris@76	385 // We can modify any permission set apart from the read only, reply only and no polls ones as they are redefined.
Chris@76	386 $context['can_modify'] = empty($_REQUEST['pid']) \|\| $_REQUEST['pid'] == 1 \|\| $_REQUEST['pid'] > 4;
Chris@76	387
Chris@76	388 // Load the proper template.
Chris@76	389 $context['sub_template'] = 'permission_index';
Chris@76	390 }
Chris@76	391
Chris@76	392 function PermissionByBoard()
Chris@76	393 {
Chris@76	394 global $context, $modSettings, $txt, $smcFunc, $sourcedir, $cat_tree, $boardList, $boards;
Chris@76	395
Chris@76	396 $context['page_title'] = $txt['permissions_boards'];
Chris@76	397 $context['edit_all'] = isset($_GET['edit']);
Chris@76	398
Chris@76	399 // Saving?
Chris@76	400 if (!empty($_POST['save_changes']) && !empty($_POST['boardprofile']))
Chris@76	401 {
Chris@76	402 checkSession('request');
Chris@76	403
Chris@76	404 $changes = array();
Chris@76	405 foreach ($_POST['boardprofile'] as $board => $profile)
Chris@76	406 {
Chris@76	407 $changes[(int) $profile][] = (int) $board;
Chris@76	408 }
Chris@76	409
Chris@76	410 if (!empty($changes))
Chris@76	411 {
Chris@76	412 foreach ($changes as $profile => $boards)
Chris@76	413 $smcFunc['db_query']('', '
Chris@76	414 UPDATE {db_prefix}boards
Chris@76	415 SET id_profile = {int:current_profile}
Chris@76	416 WHERE id_board IN ({array_int:board_list})',
Chris@76	417 array(
Chris@76	418 'board_list' => $boards,
Chris@76	419 'current_profile' => $profile,
Chris@76	420 )
Chris@76	421 );
Chris@76	422 }
Chris@76	423
Chris@76	424 $context['edit_all'] = false;
Chris@76	425 }
Chris@76	426
Chris@76	427 // Load all permission profiles.
Chris@76	428 loadPermissionProfiles();
Chris@76	429
Chris@76	430 // Get the board tree.
Chris@76	431 require_once($sourcedir . '/Subs-Boards.php');
Chris@76	432
Chris@76	433 getBoardTree();
Chris@76	434
Chris@76	435 // Build the list of the boards.
Chris@76	436 $context['categories'] = array();
Chris@76	437 foreach ($cat_tree as $catid => $tree)
Chris@76	438 {
Chris@76	439 $context['categories'][$catid] = array(
Chris@76	440 'name' => &$tree['node']['name'],
Chris@76	441 'id' => &$tree['node']['id'],
Chris@76	442 'boards' => array()
Chris@76	443 );
Chris@76	444 foreach ($boardList[$catid] as $boardid)
Chris@76	445 {
Chris@76	446 if (!isset($context['profiles'][$boards[$boardid]['profile']]))
Chris@76	447 $boards[$boardid]['profile'] = 1;
Chris@76	448
Chris@76	449 $context['categories'][$catid]['boards'][$boardid] = array(
Chris@76	450 'id' => &$boards[$boardid]['id'],
Chris@76	451 'name' => &$boards[$boardid]['name'],
Chris@76	452 'description' => &$boards[$boardid]['description'],
Chris@76	453 'child_level' => &$boards[$boardid]['level'],
Chris@76	454 'profile' => &$boards[$boardid]['profile'],
Chris@76	455 'profile_name' => $context['profiles'][$boards[$boardid]['profile']]['name'],
Chris@76	456 );
Chris@76	457 }
Chris@76	458 }
Chris@76	459
Chris@76	460 $context['sub_template'] = 'by_board';
Chris@76	461 }
Chris@76	462
Chris@76	463 function SetQuickGroups()
Chris@76	464 {
Chris@76	465 global $context, $smcFunc;
Chris@76	466
Chris@76	467 checkSession();
Chris@76	468
Chris@76	469 loadIllegalPermissions();
Chris@76	470 loadIllegalGuestPermissions();
Chris@76	471
Chris@76	472 // Make sure only one of the quick options was selected.
Chris@76	473 if ((!empty($_POST['predefined']) && ((isset($_POST['copy_from']) && $_POST['copy_from'] != 'empty') \|\| !empty($_POST['permissions']))) \|\| (!empty($_POST['copy_from']) && $_POST['copy_from'] != 'empty' && !empty($_POST['permissions'])))
Chris@76	474 fatal_lang_error('permissions_only_one_option', false);
Chris@76	475
Chris@76	476 if (empty($_POST['group']) \|\| !is_array($_POST['group']))
Chris@76	477 $_POST['group'] = array();
Chris@76	478
Chris@76	479 // Only accept numeric values for selected membergroups.
Chris@76	480 foreach ($_POST['group'] as $id => $group_id)
Chris@76	481 $_POST['group'][$id] = (int) $group_id;
Chris@76	482 $_POST['group'] = array_unique($_POST['group']);
Chris@76	483
Chris@76	484 if (empty($_REQUEST['pid']))
Chris@76	485 $_REQUEST['pid'] = 0;
Chris@76	486 else
Chris@76	487 $_REQUEST['pid'] = (int) $_REQUEST['pid'];
Chris@76	488
Chris@76	489 // Fix up the old global to the new default!
Chris@76	490 $bid = max(1, $_REQUEST['pid']);
Chris@76	491
Chris@76	492 // No modifying the predefined profiles.
Chris@76	493 if ($_REQUEST['pid'] > 1 && $_REQUEST['pid'] < 5)
Chris@76	494 fatal_lang_error('no_access', false);
Chris@76	495
Chris@76	496 // Clear out any cached authority.
Chris@76	497 updateSettings(array('settings_updated' => time()));
Chris@76	498
Chris@76	499 // No groups where selected.
Chris@76	500 if (empty($_POST['group']))
Chris@76	501 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	502
Chris@76	503 // Set a predefined permission profile.
Chris@76	504 if (!empty($_POST['predefined']))
Chris@76	505 {
Chris@76	506 // Make sure it's a predefined permission set we expect.
Chris@76	507 if (!in_array($_POST['predefined'], array('restrict', 'standard', 'moderator', 'maintenance')))
Chris@76	508 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	509
Chris@76	510 foreach ($_POST['group'] as $group_id)
Chris@76	511 {
Chris@76	512 if (!empty($_REQUEST['pid']))
Chris@76	513 setPermissionLevel($_POST['predefined'], $group_id, $_REQUEST['pid']);
Chris@76	514 else
Chris@76	515 setPermissionLevel($_POST['predefined'], $group_id);
Chris@76	516 }
Chris@76	517 }
Chris@76	518 // Set a permission profile based on the permissions of a selected group.
Chris@76	519 elseif ($_POST['copy_from'] != 'empty')
Chris@76	520 {
Chris@76	521 // Just checking the input.
Chris@76	522 if (!is_numeric($_POST['copy_from']))
Chris@76	523 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	524
Chris@76	525 // Make sure the group we're copying to is never included.
Chris@76	526 $_POST['group'] = array_diff($_POST['group'], array($_POST['copy_from']));
Chris@76	527
Chris@76	528 // No groups left? Too bad.
Chris@76	529 if (empty($_POST['group']))
Chris@76	530 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	531
Chris@76	532 if (empty($_REQUEST['pid']))
Chris@76	533 {
Chris@76	534 // Retrieve current permissions of group.
Chris@76	535 $request = $smcFunc['db_query']('', '
Chris@76	536 SELECT permission, add_deny
Chris@76	537 FROM {db_prefix}permissions
Chris@76	538 WHERE id_group = {int:copy_from}',
Chris@76	539 array(
Chris@76	540 'copy_from' => $_POST['copy_from'],
Chris@76	541 )
Chris@76	542 );
Chris@76	543 $target_perm = array();
Chris@76	544 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	545 $target_perm[$row['permission']] = $row['add_deny'];
Chris@76	546 $smcFunc['db_free_result']($request);
Chris@76	547
Chris@76	548 $inserts = array();
Chris@76	549 foreach ($_POST['group'] as $group_id)
Chris@76	550 foreach ($target_perm as $perm => $add_deny)
Chris@76	551 {
Chris@76	552 // No dodgy permissions please!
Chris@76	553 if (!empty($context['illegal_permissions']) && in_array($perm, $context['illegal_permissions']))
Chris@76	554 continue;
Chris@76	555 if ($group_id == -1 && in_array($perm, $context['non_guest_permissions']))
Chris@76	556 continue;
Chris@76	557
Chris@76	558 if ($group_id != 1 && $group_id != 3)
Chris@76	559 $inserts[] = array($perm, $group_id, $add_deny);
Chris@76	560 }
Chris@76	561
Chris@76	562 // Delete the previous permissions...
Chris@76	563 $smcFunc['db_query']('', '
Chris@76	564 DELETE FROM {db_prefix}permissions
Chris@76	565 WHERE id_group IN ({array_int:group_list})
Chris@76	566 ' . (empty($context['illegal_permissions']) ? '' : ' AND permission NOT IN ({array_string:illegal_permissions})'),
Chris@76	567 array(
Chris@76	568 'group_list' => $_POST['group'],
Chris@76	569 'illegal_permissions' => !empty($context['illegal_permissions']) ? $context['illegal_permissions'] : array(),
Chris@76	570 )
Chris@76	571 );
Chris@76	572
Chris@76	573 if (!empty($inserts))
Chris@76	574 {
Chris@76	575 // ..and insert the new ones.
Chris@76	576 $smcFunc['db_insert']('',
Chris@76	577 '{db_prefix}permissions',
Chris@76	578 array(
Chris@76	579 'permission' => 'string', 'id_group' => 'int', 'add_deny' => 'int',
Chris@76	580 ),
Chris@76	581 $inserts,
Chris@76	582 array('permission', 'id_group')
Chris@76	583 );
Chris@76	584 }
Chris@76	585 }
Chris@76	586
Chris@76	587 // Now do the same for the board permissions.
Chris@76	588 $request = $smcFunc['db_query']('', '
Chris@76	589 SELECT permission, add_deny
Chris@76	590 FROM {db_prefix}board_permissions
Chris@76	591 WHERE id_group = {int:copy_from}
Chris@76	592 AND id_profile = {int:current_profile}',
Chris@76	593 array(
Chris@76	594 'copy_from' => $_POST['copy_from'],
Chris@76	595 'current_profile' => $bid,
Chris@76	596 )
Chris@76	597 );
Chris@76	598 $target_perm = array();
Chris@76	599 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	600 $target_perm[$row['permission']] = $row['add_deny'];
Chris@76	601 $smcFunc['db_free_result']($request);
Chris@76	602
Chris@76	603 $inserts = array();
Chris@76	604 foreach ($_POST['group'] as $group_id)
Chris@76	605 foreach ($target_perm as $perm => $add_deny)
Chris@76	606 {
Chris@76	607 // Are these for guests?
Chris@76	608 if ($group_id == -1 && in_array($perm, $context['non_guest_permissions']))
Chris@76	609 continue;
Chris@76	610
Chris@76	611 $inserts[] = array($perm, $group_id, $bid, $add_deny);
Chris@76	612 }
Chris@76	613
Chris@76	614 // Delete the previous global board permissions...
Chris@76	615 $smcFunc['db_query']('', '
Chris@76	616 DELETE FROM {db_prefix}board_permissions
Chris@76	617 WHERE id_group IN ({array_int:current_group_list})
Chris@76	618 AND id_profile = {int:current_profile}',
Chris@76	619 array(
Chris@76	620 'current_group_list' => $_POST['group'],
Chris@76	621 'current_profile' => $bid,
Chris@76	622 )
Chris@76	623 );
Chris@76	624
Chris@76	625 // And insert the copied permissions.
Chris@76	626 if (!empty($inserts))
Chris@76	627 {
Chris@76	628 // ..and insert the new ones.
Chris@76	629 $smcFunc['db_insert']('',
Chris@76	630 '{db_prefix}board_permissions',
Chris@76	631 array('permission' => 'string', 'id_group' => 'int', 'id_profile' => 'int', 'add_deny' => 'int'),
Chris@76	632 $inserts,
Chris@76	633 array('permission', 'id_group', 'id_profile')
Chris@76	634 );
Chris@76	635 }
Chris@76	636
Chris@76	637 // Update any children out there!
Chris@76	638 updateChildPermissions($_POST['group'], $_REQUEST['pid']);
Chris@76	639 }
Chris@76	640 // Set or unset a certain permission for the selected groups.
Chris@76	641 elseif (!empty($_POST['permissions']))
Chris@76	642 {
Chris@76	643 // Unpack two variables that were transported.
Chris@76	644 list ($permissionType, $permission) = explode('/', $_POST['permissions']);
Chris@76	645
Chris@76	646 // Check whether our input is within expected range.
Chris@76	647 if (!in_array($_POST['add_remove'], array('add', 'clear', 'deny')) \|\| !in_array($permissionType, array('membergroup', 'board')))
Chris@76	648 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	649
Chris@76	650 if ($_POST['add_remove'] == 'clear')
Chris@76	651 {
Chris@76	652 if ($permissionType == 'membergroup')
Chris@76	653 $smcFunc['db_query']('', '
Chris@76	654 DELETE FROM {db_prefix}permissions
Chris@76	655 WHERE id_group IN ({array_int:current_group_list})
Chris@76	656 AND permission = {string:current_permission}
Chris@76	657 ' . (empty($context['illegal_permissions']) ? '' : ' AND permission NOT IN ({array_string:illegal_permissions})'),
Chris@76	658 array(
Chris@76	659 'current_group_list' => $_POST['group'],
Chris@76	660 'current_permission' => $permission,
Chris@76	661 'illegal_permissions' => !empty($context['illegal_permissions']) ? $context['illegal_permissions'] : array(),
Chris@76	662 )
Chris@76	663 );
Chris@76	664 else
Chris@76	665 $smcFunc['db_query']('', '
Chris@76	666 DELETE FROM {db_prefix}board_permissions
Chris@76	667 WHERE id_group IN ({array_int:current_group_list})
Chris@76	668 AND id_profile = {int:current_profile}
Chris@76	669 AND permission = {string:current_permission}',
Chris@76	670 array(
Chris@76	671 'current_group_list' => $_POST['group'],
Chris@76	672 'current_profile' => $bid,
Chris@76	673 'current_permission' => $permission,
Chris@76	674 )
Chris@76	675 );
Chris@76	676 }
Chris@76	677 // Add a permission (either 'set' or 'deny').
Chris@76	678 else
Chris@76	679 {
Chris@76	680 $add_deny = $_POST['add_remove'] == 'add' ? '1' : '0';
Chris@76	681 $permChange = array();
Chris@76	682 foreach ($_POST['group'] as $groupID)
Chris@76	683 {
Chris@76	684 if ($groupID == -1 && in_array($permission, $context['non_guest_permissions']))
Chris@76	685 continue;
Chris@76	686
Chris@76	687 if ($permissionType == 'membergroup' && $groupID != 1 && $groupID != 3 && (empty($context['illegal_permissions']) \|\| !in_array($permission, $context['illegal_permissions'])))
Chris@76	688 $permChange[] = array($permission, $groupID, $add_deny);
Chris@76	689 elseif ($permissionType != 'membergroup')
Chris@76	690 $permChange[] = array($permission, $groupID, $bid, $add_deny);
Chris@76	691 }
Chris@76	692
Chris@76	693 if (!empty($permChange))
Chris@76	694 {
Chris@76	695 if ($permissionType == 'membergroup')
Chris@76	696 $smcFunc['db_insert']('replace',
Chris@76	697 '{db_prefix}permissions',
Chris@76	698 array('permission' => 'string', 'id_group' => 'int', 'add_deny' => 'int'),
Chris@76	699 $permChange,
Chris@76	700 array('permission', 'id_group')
Chris@76	701 );
Chris@76	702 // Board permissions go into the other table.
Chris@76	703 else
Chris@76	704 $smcFunc['db_insert']('replace',
Chris@76	705 '{db_prefix}board_permissions',
Chris@76	706 array('permission' => 'string', 'id_group' => 'int', 'id_profile' => 'int', 'add_deny' => 'int'),
Chris@76	707 $permChange,
Chris@76	708 array('permission', 'id_group', 'id_profile')
Chris@76	709 );
Chris@76	710 }
Chris@76	711 }
Chris@76	712
Chris@76	713 // Another child update!
Chris@76	714 updateChildPermissions($_POST['group'], $_REQUEST['pid']);
Chris@76	715 }
Chris@76	716
Chris@76	717 redirectexit('action=admin;area=permissions;pid=' . $_REQUEST['pid']);
Chris@76	718 }
Chris@76	719
Chris@76	720 function ModifyMembergroup()
Chris@76	721 {
Chris@76	722 global $context, $txt, $modSettings, $smcFunc, $sourcedir;
Chris@76	723
Chris@76	724 if (!isset($_GET['group']))
Chris@76	725 fatal_lang_error('no_access', false);
Chris@76	726
Chris@76	727 $context['group']['id'] = (int) $_GET['group'];
Chris@76	728
Chris@76	729 // Are they toggling the view?
Chris@76	730 if (isset($_GET['view']))
Chris@76	731 {
Chris@76	732 $context['admin_preferences']['pv'] = $_GET['view'] == 'classic' ? 'classic' : 'simple';
Chris@76	733
Chris@76	734 // Update the users preferences.
Chris@76	735 require_once($sourcedir . '/Subs-Admin.php');
Chris@76	736 updateAdminPreferences();
Chris@76	737 }
Chris@76	738
Chris@76	739 $context['view_type'] = !empty($context['admin_preferences']['pv']) && $context['admin_preferences']['pv'] == 'classic' ? 'classic' : 'simple';
Chris@76	740
Chris@76	741 // It's not likely you'd end up here with this setting disabled.
Chris@76	742 if ($_GET['group'] == 1)
Chris@76	743 redirectexit('action=admin;area=permissions');
Chris@76	744
Chris@76	745 loadAllPermissions($context['view_type']);
Chris@76	746 loadPermissionProfiles();
Chris@76	747
Chris@76	748 if ($context['group']['id'] > 0)
Chris@76	749 {
Chris@76	750 $result = $smcFunc['db_query']('', '
Chris@76	751 SELECT group_name, id_parent
Chris@76	752 FROM {db_prefix}membergroups
Chris@76	753 WHERE id_group = {int:current_group}
Chris@76	754 LIMIT 1',
Chris@76	755 array(
Chris@76	756 'current_group' => $context['group']['id'],
Chris@76	757 )
Chris@76	758 );
Chris@76	759 list ($context['group']['name'], $parent) = $smcFunc['db_fetch_row']($result);
Chris@76	760 $smcFunc['db_free_result']($result);
Chris@76	761
Chris@76	762 // Cannot edit an inherited group!
Chris@76	763 if ($parent != -2)
Chris@76	764 fatal_lang_error('cannot_edit_permissions_inherited');
Chris@76	765 }
Chris@76	766 elseif ($context['group']['id'] == -1)
Chris@76	767 $context['group']['name'] = $txt['membergroups_guests'];
Chris@76	768 else
Chris@76	769 $context['group']['name'] = $txt['membergroups_members'];
Chris@76	770
Chris@76	771 $context['profile']['id'] = empty($_GET['pid']) ? 0 : (int) $_GET['pid'];
Chris@76	772
Chris@76	773 // If this is a moderator and they are editing "no profile" then we only do boards.
Chris@76	774 if ($context['group']['id'] == 3 && empty($context['profile']['id']))
Chris@76	775 {
Chris@76	776 // For sanity just check they have no general permissions.
Chris@76	777 $smcFunc['db_query']('', '
Chris@76	778 DELETE FROM {db_prefix}permissions
Chris@76	779 WHERE id_group = {int:moderator_group}',
Chris@76	780 array(
Chris@76	781 'moderator_group' => 3,
Chris@76	782 )
Chris@76	783 );
Chris@76	784
Chris@76	785 $context['profile']['id'] = 1;
Chris@76	786 }
Chris@76	787
Chris@76	788 $context['permission_type'] = empty($context['profile']['id']) ? 'membergroup' : 'board';
Chris@76	789 $context['profile']['can_modify'] = !$context['profile']['id'] \|\| $context['profiles'][$context['profile']['id']]['can_modify'];
Chris@76	790
Chris@76	791 // Set up things a little nicer for board related stuff...
Chris@76	792 if ($context['permission_type'] == 'board')
Chris@76	793 {
Chris@76	794 $context['profile']['name'] = $context['profiles'][$context['profile']['id']]['name'];
Chris@76	795 $context[$context['admin_menu_name']]['current_subsection'] = 'profiles';
Chris@76	796 }
Chris@76	797
Chris@76	798 // Fetch the current permissions.
Chris@76	799 $permissions = array(
Chris@76	800 'membergroup' => array('allowed' => array(), 'denied' => array()),
Chris@76	801 'board' => array('allowed' => array(), 'denied' => array())
Chris@76	802 );
Chris@76	803
Chris@76	804 // General permissions?
Chris@76	805 if ($context['permission_type'] == 'membergroup')
Chris@76	806 {
Chris@76	807 $result = $smcFunc['db_query']('', '
Chris@76	808 SELECT permission, add_deny
Chris@76	809 FROM {db_prefix}permissions
Chris@76	810 WHERE id_group = {int:current_group}',
Chris@76	811 array(
Chris@76	812 'current_group' => $_GET['group'],
Chris@76	813 )
Chris@76	814 );
Chris@76	815 while ($row = $smcFunc['db_fetch_assoc']($result))
Chris@76	816 $permissions['membergroup'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['permission'];
Chris@76	817 $smcFunc['db_free_result']($result);
Chris@76	818 }
Chris@76	819
Chris@76	820 // Fetch current board permissions...
Chris@76	821 $result = $smcFunc['db_query']('', '
Chris@76	822 SELECT permission, add_deny
Chris@76	823 FROM {db_prefix}board_permissions
Chris@76	824 WHERE id_group = {int:current_group}
Chris@76	825 AND id_profile = {int:current_profile}',
Chris@76	826 array(
Chris@76	827 'current_group' => $context['group']['id'],
Chris@76	828 'current_profile' => $context['permission_type'] == 'membergroup' ? 1 : $context['profile']['id'],
Chris@76	829 )
Chris@76	830 );
Chris@76	831 while ($row = $smcFunc['db_fetch_assoc']($result))
Chris@76	832 $permissions['board'][empty($row['add_deny']) ? 'denied' : 'allowed'][] = $row['permission'];
Chris@76	833 $smcFunc['db_free_result']($result);
Chris@76	834
Chris@76	835 // Loop through each permission and set whether it's checked.
Chris@76	836 foreach ($context['permissions'] as $permissionType => $tmp)
Chris@76	837 {
Chris@76	838 foreach ($tmp['columns'] as $position => $permissionGroups)
Chris@76	839 {
Chris@76	840 foreach ($permissionGroups as $permissionGroup => $permissionArray)
Chris@76	841 {
Chris@76	842 foreach ($permissionArray['permissions'] as $perm)
Chris@76	843 {
Chris@76	844 // Create a shortcut for the current permission.
Chris@76	845 $curPerm = &$context['permissions'][$permissionType]['columns'][$position][$permissionGroup]['permissions'][$perm['id']];
Chris@76	846 if ($tmp['view'] == 'classic')
Chris@76	847 {
Chris@76	848 if ($perm['has_own_any'])
Chris@76	849 {
Chris@76	850 $curPerm['any']['select'] = in_array($perm['id'] . '_any', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_any', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
Chris@76	851 $curPerm['own']['select'] = in_array($perm['id'] . '_own', $permissions[$permissionType]['allowed']) ? 'on' : (in_array($perm['id'] . '_own', $permissions[$permissionType]['denied']) ? 'denied' : 'off');
Chris@76	852 }
Chris@76	853 else
Chris@76	854 $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
Chris@76	855 }
Chris@76	856 else
Chris@76	857 {
Chris@76	858 $curPerm['select'] = in_array($perm['id'], $permissions[$permissionType]['denied']) ? 'denied' : (in_array($perm['id'], $permissions[$permissionType]['allowed']) ? 'on' : 'off');
Chris@76	859 }
Chris@76	860 }
Chris@76	861 }
Chris@76	862 }
Chris@76	863 }
Chris@76	864 $context['sub_template'] = 'modify_group';
Chris@76	865 $context['page_title'] = $txt['permissions_modify_group'];
Chris@76	866 }
Chris@76	867
Chris@76	868 function ModifyMembergroup2()
Chris@76	869 {
Chris@76	870 global $modSettings, $smcFunc, $context;
Chris@76	871
Chris@76	872 checkSession();
Chris@76	873
Chris@76	874 loadIllegalPermissions();
Chris@76	875
Chris@76	876 $_GET['group'] = (int) $_GET['group'];
Chris@76	877 $_GET['pid'] = (int) $_GET['pid'];
Chris@76	878
Chris@76	879 // Cannot modify predefined profiles.
Chris@76	880 if ($_GET['pid'] > 1 && $_GET['pid'] < 5)
Chris@76	881 fatal_lang_error('no_access', false);
Chris@76	882
Chris@76	883 // Verify this isn't inherited.
Chris@76	884 if ($_GET['group'] == -1 \|\| $_GET['group'] == 0)
Chris@76	885 $parent = -2;
Chris@76	886 else
Chris@76	887 {
Chris@76	888 $result = $smcFunc['db_query']('', '
Chris@76	889 SELECT id_parent
Chris@76	890 FROM {db_prefix}membergroups
Chris@76	891 WHERE id_group = {int:current_group}
Chris@76	892 LIMIT 1',
Chris@76	893 array(
Chris@76	894 'current_group' => $_GET['group'],
Chris@76	895 )
Chris@76	896 );
Chris@76	897 list ($parent) = $smcFunc['db_fetch_row']($result);
Chris@76	898 $smcFunc['db_free_result']($result);
Chris@76	899 }
Chris@76	900
Chris@76	901 if ($parent != -2)
Chris@76	902 fatal_lang_error('cannot_edit_permissions_inherited');
Chris@76	903
Chris@76	904 $givePerms = array('membergroup' => array(), 'board' => array());
Chris@76	905
Chris@76	906 // Guest group, we need illegal, guest permissions.
Chris@76	907 if ($_GET['group'] == -1)
Chris@76	908 {
Chris@76	909 loadIllegalGuestPermissions();
Chris@76	910 $context['illegal_permissions'] = array_merge($context['illegal_permissions'], $context['non_guest_permissions']);
Chris@76	911 }
Chris@76	912
Chris@76	913 // Prepare all permissions that were set or denied for addition to the DB.
Chris@76	914 if (isset($_POST['perm']) && is_array($_POST['perm']))
Chris@76	915 {
Chris@76	916 foreach ($_POST['perm'] as $perm_type => $perm_array)
Chris@76	917 {
Chris@76	918 if (is_array($perm_array))
Chris@76	919 {
Chris@76	920 foreach ($perm_array as $permission => $value)
Chris@76	921 if ($value == 'on' \|\| $value == 'deny')
Chris@76	922 {
Chris@76	923 // Don't allow people to escalate themselves!
Chris@76	924 if (!empty($context['illegal_permissions']) && in_array($permission, $context['illegal_permissions']))
Chris@76	925 continue;
Chris@76	926
Chris@76	927 $givePerms[$perm_type][] = array($_GET['group'], $permission, $value == 'deny' ? 0 : 1);
Chris@76	928 }
Chris@76	929 }
Chris@76	930 }
Chris@76	931 }
Chris@76	932
Chris@76	933 // Insert the general permissions.
Chris@76	934 if ($_GET['group'] != 3 && empty($_GET['pid']))
Chris@76	935 {
Chris@76	936 $smcFunc['db_query']('', '
Chris@76	937 DELETE FROM {db_prefix}permissions
Chris@76	938 WHERE id_group = {int:current_group}
Chris@76	939 ' . (empty($context['illegal_permissions']) ? '' : ' AND permission NOT IN ({array_string:illegal_permissions})'),
Chris@76	940 array(
Chris@76	941 'current_group' => $_GET['group'],
Chris@76	942 'illegal_permissions' => !empty($context['illegal_permissions']) ? $context['illegal_permissions'] : array(),
Chris@76	943 )
Chris@76	944 );
Chris@76	945
Chris@76	946 if (!empty($givePerms['membergroup']))
Chris@76	947 {
Chris@76	948 $smcFunc['db_insert']('replace',
Chris@76	949 '{db_prefix}permissions',
Chris@76	950 array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	951 $givePerms['membergroup'],
Chris@76	952 array('id_group', 'permission')
Chris@76	953 );
Chris@76	954 }
Chris@76	955 }
Chris@76	956
Chris@76	957 // Insert the boardpermissions.
Chris@76	958 $profileid = max(1, $_GET['pid']);
Chris@76	959 $smcFunc['db_query']('', '
Chris@76	960 DELETE FROM {db_prefix}board_permissions
Chris@76	961 WHERE id_group = {int:current_group}
Chris@76	962 AND id_profile = {int:current_profile}',
Chris@76	963 array(
Chris@76	964 'current_group' => $_GET['group'],
Chris@76	965 'current_profile' => $profileid,
Chris@76	966 )
Chris@76	967 );
Chris@76	968 if (!empty($givePerms['board']))
Chris@76	969 {
Chris@76	970 foreach ($givePerms['board'] as $k => $v)
Chris@76	971 $givePerms['board'][$k][] = $profileid;
Chris@76	972 $smcFunc['db_insert']('replace',
Chris@76	973 '{db_prefix}board_permissions',
Chris@76	974 array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int', 'id_profile' => 'int'),
Chris@76	975 $givePerms['board'],
Chris@76	976 array('id_group', 'permission', 'id_profile')
Chris@76	977 );
Chris@76	978 }
Chris@76	979
Chris@76	980 // Update any inherited permissions as required.
Chris@76	981 updateChildPermissions($_GET['group'], $_GET['pid']);
Chris@76	982
Chris@76	983 // Clear cached privs.
Chris@76	984 updateSettings(array('settings_updated' => time()));
Chris@76	985
Chris@76	986 redirectexit('action=admin;area=permissions;pid=' . $_GET['pid']);
Chris@76	987 }
Chris@76	988
Chris@76	989 // Screen for modifying general permission settings.
Chris@76	990 function GeneralPermissionSettings($return_config = false)
Chris@76	991 {
Chris@76	992 global $context, $modSettings, $sourcedir, $txt, $scripturl, $smcFunc;
Chris@76	993
Chris@76	994 // All the setting variables
Chris@76	995 $config_vars = array(
Chris@76	996 array('title', 'settings'),
Chris@76	997 // Inline permissions.
Chris@76	998 array('permissions', 'manage_permissions'),
Chris@76	999 '',
Chris@76	1000 // A few useful settings
Chris@76	1001 array('check', 'permission_enable_deny', 0, $txt['permission_settings_enable_deny'], 'help' => 'permissions_deny'),
Chris@76	1002 array('check', 'permission_enable_postgroups', 0, $txt['permission_settings_enable_postgroups'], 'help' => 'permissions_postgroups'),
Chris@76	1003 );
Chris@76	1004
Chris@76	1005 if ($return_config)
Chris@76	1006 return $config_vars;
Chris@76	1007
Chris@76	1008 $context['page_title'] = $txt['permission_settings_title'];
Chris@76	1009 $context['sub_template'] = 'show_settings';
Chris@76	1010
Chris@76	1011 // Needed for the inline permission functions, and the settings template.
Chris@76	1012 require_once($sourcedir . '/ManageServer.php');
Chris@76	1013
Chris@76	1014 // Don't let guests have these permissions.
Chris@76	1015 $context['post_url'] = $scripturl . '?action=admin;area=permissions;save;sa=settings';
Chris@76	1016 $context['permissions_excluded'] = array(-1);
Chris@76	1017
Chris@76	1018 // Saving the settings?
Chris@76	1019 if (isset($_GET['save']))
Chris@76	1020 {
Chris@76	1021 checkSession('post');
Chris@76	1022 saveDBSettings($config_vars);
Chris@76	1023
Chris@76	1024 // Clear all deny permissions...if we want that.
Chris@76	1025 if (empty($modSettings['permission_enable_deny']))
Chris@76	1026 {
Chris@76	1027 $smcFunc['db_query']('', '
Chris@76	1028 DELETE FROM {db_prefix}permissions
Chris@76	1029 WHERE add_deny = {int:denied}',
Chris@76	1030 array(
Chris@76	1031 'denied' => 0,
Chris@76	1032 )
Chris@76	1033 );
Chris@76	1034 $smcFunc['db_query']('', '
Chris@76	1035 DELETE FROM {db_prefix}board_permissions
Chris@76	1036 WHERE add_deny = {int:denied}',
Chris@76	1037 array(
Chris@76	1038 'denied' => 0,
Chris@76	1039 )
Chris@76	1040 );
Chris@76	1041 }
Chris@76	1042
Chris@76	1043 // Make sure there are no postgroup based permissions left.
Chris@76	1044 if (empty($modSettings['permission_enable_postgroups']))
Chris@76	1045 {
Chris@76	1046 // Get a list of postgroups.
Chris@76	1047 $post_groups = array();
Chris@76	1048 $request = $smcFunc['db_query']('', '
Chris@76	1049 SELECT id_group
Chris@76	1050 FROM {db_prefix}membergroups
Chris@76	1051 WHERE min_posts != {int:min_posts}',
Chris@76	1052 array(
Chris@76	1053 'min_posts' => -1,
Chris@76	1054 )
Chris@76	1055 );
Chris@76	1056 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	1057 $post_groups[] = $row['id_group'];
Chris@76	1058 $smcFunc['db_free_result']($request);
Chris@76	1059
Chris@76	1060 // Remove'em.
Chris@76	1061 $smcFunc['db_query']('', '
Chris@76	1062 DELETE FROM {db_prefix}permissions
Chris@76	1063 WHERE id_group IN ({array_int:post_group_list})',
Chris@76	1064 array(
Chris@76	1065 'post_group_list' => $post_groups,
Chris@76	1066 )
Chris@76	1067 );
Chris@76	1068 $smcFunc['db_query']('', '
Chris@76	1069 DELETE FROM {db_prefix}board_permissions
Chris@76	1070 WHERE id_group IN ({array_int:post_group_list})',
Chris@76	1071 array(
Chris@76	1072 'post_group_list' => $post_groups,
Chris@76	1073 )
Chris@76	1074 );
Chris@76	1075 $smcFunc['db_query']('', '
Chris@76	1076 UPDATE {db_prefix}membergroups
Chris@76	1077 SET id_parent = {int:not_inherited}
Chris@76	1078 WHERE id_parent IN ({array_int:post_group_list})',
Chris@76	1079 array(
Chris@76	1080 'post_group_list' => $post_groups,
Chris@76	1081 'not_inherited' => -2,
Chris@76	1082 )
Chris@76	1083 );
Chris@76	1084 }
Chris@76	1085
Chris@76	1086 redirectexit('action=admin;area=permissions;sa=settings');
Chris@76	1087 }
Chris@76	1088
Chris@76	1089 prepareDBSettingContext($config_vars);
Chris@76	1090 }
Chris@76	1091
Chris@76	1092 // Set the permission level for a specific profile, group, or group for a profile.
Chris@76	1093 function setPermissionLevel($level, $group, $profile = 'null')
Chris@76	1094 {
Chris@76	1095 global $smcFunc, $context;
Chris@76	1096
Chris@76	1097 loadIllegalPermissions();
Chris@76	1098 loadIllegalGuestPermissions();
Chris@76	1099
Chris@76	1100 // Levels by group... restrict, standard, moderator, maintenance.
Chris@76	1101 $groupLevels = array(
Chris@76	1102 'board' => array('inherit' => array()),
Chris@76	1103 'group' => array('inherit' => array())
Chris@76	1104 );
Chris@76	1105 // Levels by board... standard, publish, free.
Chris@76	1106 $boardLevels = array('inherit' => array());
Chris@76	1107
Chris@76	1108 // Restrictive - ie. guests.
Chris@76	1109 $groupLevels['global']['restrict'] = array(
Chris@76	1110 'search_posts',
Chris@76	1111 'calendar_view',
Chris@76	1112 'view_stats',
Chris@76	1113 'who_view',
Chris@76	1114 'profile_view_own',
Chris@76	1115 'profile_identity_own',
Chris@76	1116 );
Chris@76	1117 $groupLevels['board']['restrict'] = array(
Chris@76	1118 'poll_view',
Chris@76	1119 'post_new',
Chris@76	1120 'post_reply_own',
Chris@76	1121 'post_reply_any',
Chris@76	1122 'delete_own',
Chris@76	1123 'modify_own',
Chris@76	1124 'mark_any_notify',
Chris@76	1125 'mark_notify',
Chris@76	1126 'report_any',
Chris@76	1127 'send_topic',
Chris@76	1128 );
Chris@76	1129
Chris@76	1130 // Standard - ie. members. They can do anything Restrictive can.
Chris@76	1131 $groupLevels['global']['standard'] = array_merge($groupLevels['global']['restrict'], array(
Chris@76	1132 'view_mlist',
Chris@76	1133 'karma_edit',
Chris@76	1134 'pm_read',
Chris@76	1135 'pm_send',
Chris@76	1136 'profile_view_any',
Chris@76	1137 'profile_extra_own',
Chris@76	1138 'profile_server_avatar',
Chris@76	1139 'profile_upload_avatar',
Chris@76	1140 'profile_remote_avatar',
Chris@76	1141 'profile_remove_own',
Chris@76	1142 ));
Chris@76	1143 $groupLevels['board']['standard'] = array_merge($groupLevels['board']['restrict'], array(
Chris@76	1144 'poll_vote',
Chris@76	1145 'poll_edit_own',
Chris@76	1146 'poll_post',
Chris@76	1147 'poll_add_own',
Chris@76	1148 'post_attachment',
Chris@76	1149 'lock_own',
Chris@76	1150 'remove_own',
Chris@76	1151 'view_attachments',
Chris@76	1152 ));
Chris@76	1153
Chris@76	1154 // Moderator - ie. moderators :P. They can do what standard can, and more.
Chris@76	1155 $groupLevels['global']['moderator'] = array_merge($groupLevels['global']['standard'], array(
Chris@76	1156 'calendar_post',
Chris@76	1157 'calendar_edit_own',
Chris@76	1158 'access_mod_center',
Chris@76	1159 'issue_warning',
Chris@76	1160 ));
Chris@76	1161 $groupLevels['board']['moderator'] = array_merge($groupLevels['board']['standard'], array(
Chris@76	1162 'make_sticky',
Chris@76	1163 'poll_edit_any',
Chris@76	1164 'delete_any',
Chris@76	1165 'modify_any',
Chris@76	1166 'lock_any',
Chris@76	1167 'remove_any',
Chris@76	1168 'move_any',
Chris@76	1169 'merge_any',
Chris@76	1170 'split_any',
Chris@76	1171 'poll_lock_any',
Chris@76	1172 'poll_remove_any',
Chris@76	1173 'poll_add_any',
Chris@76	1174 'approve_posts',
Chris@76	1175 ));
Chris@76	1176
Chris@76	1177 // Maintenance - wannabe admins. They can do almost everything.
Chris@76	1178 $groupLevels['global']['maintenance'] = array_merge($groupLevels['global']['moderator'], array(
Chris@76	1179 'manage_attachments',
Chris@76	1180 'manage_smileys',
Chris@76	1181 'manage_boards',
Chris@76	1182 'moderate_forum',
Chris@76	1183 'manage_membergroups',
Chris@76	1184 'manage_bans',
Chris@76	1185 'admin_forum',
Chris@76	1186 'manage_permissions',
Chris@76	1187 'edit_news',
Chris@76	1188 'calendar_edit_any',
Chris@76	1189 'profile_identity_any',
Chris@76	1190 'profile_extra_any',
Chris@76	1191 'profile_title_any',
Chris@76	1192 ));
Chris@76	1193 $groupLevels['board']['maintenance'] = array_merge($groupLevels['board']['moderator'], array(
Chris@76	1194 ));
Chris@76	1195
Chris@76	1196 // Standard - nothing above the group permissions. (this SHOULD be empty.)
Chris@76	1197 $boardLevels['standard'] = array(
Chris@76	1198 );
Chris@76	1199
Chris@76	1200 // Locked - just that, you can't post here.
Chris@76	1201 $boardLevels['locked'] = array(
Chris@76	1202 'poll_view',
Chris@76	1203 'mark_notify',
Chris@76	1204 'report_any',
Chris@76	1205 'send_topic',
Chris@76	1206 'view_attachments',
Chris@76	1207 );
Chris@76	1208
Chris@76	1209 // Publisher - just a little more...
Chris@76	1210 $boardLevels['publish'] = array_merge($boardLevels['locked'], array(
Chris@76	1211 'post_new',
Chris@76	1212 'post_reply_own',
Chris@76	1213 'post_reply_any',
Chris@76	1214 'delete_own',
Chris@76	1215 'modify_own',
Chris@76	1216 'mark_any_notify',
Chris@76	1217 'delete_replies',
Chris@76	1218 'modify_replies',
Chris@76	1219 'poll_vote',
Chris@76	1220 'poll_edit_own',
Chris@76	1221 'poll_post',
Chris@76	1222 'poll_add_own',
Chris@76	1223 'poll_remove_own',
Chris@76	1224 'post_attachment',
Chris@76	1225 'lock_own',
Chris@76	1226 'remove_own',
Chris@76	1227 ));
Chris@76	1228
Chris@76	1229 // Free for All - Scary. Just scary.
Chris@76	1230 $boardLevels['free'] = array_merge($boardLevels['publish'], array(
Chris@76	1231 'poll_lock_any',
Chris@76	1232 'poll_edit_any',
Chris@76	1233 'poll_add_any',
Chris@76	1234 'poll_remove_any',
Chris@76	1235 'make_sticky',
Chris@76	1236 'lock_any',
Chris@76	1237 'remove_any',
Chris@76	1238 'delete_any',
Chris@76	1239 'split_any',
Chris@76	1240 'merge_any',
Chris@76	1241 'modify_any',
Chris@76	1242 'approve_posts',
Chris@76	1243 ));
Chris@76	1244
Chris@76	1245 // Make sure we're not granting someone too many permissions!
Chris@76	1246 foreach ($groupLevels['global'][$level] as $k => $permission)
Chris@76	1247 {
Chris@76	1248 if (!empty($context['illegal_permissions']) && in_array($permission, $context['illegal_permissions']))
Chris@76	1249 unset($groupLevels['global'][$level][$k]);
Chris@76	1250
Chris@76	1251 if ($group == -1 && in_array($permission, $context['non_guest_permissions']))
Chris@76	1252 unset($groupLevels['global'][$level][$k]);
Chris@76	1253 }
Chris@76	1254 if ($group == -1)
Chris@76	1255 foreach ($groupLevels['board'][$level] as $k => $permission)
Chris@76	1256 if (in_array($permission, $context['non_guest_permissions']))
Chris@76	1257 unset($groupLevels['board'][$level][$k]);
Chris@76	1258
Chris@76	1259 // Reset all cached permissions.
Chris@76	1260 updateSettings(array('settings_updated' => time()));
Chris@76	1261
Chris@76	1262 // Setting group permissions.
Chris@76	1263 if ($profile === 'null' && $group !== 'null')
Chris@76	1264 {
Chris@76	1265 $group = (int) $group;
Chris@76	1266
Chris@76	1267 if (empty($groupLevels['global'][$level]))
Chris@76	1268 return;
Chris@76	1269
Chris@76	1270 $smcFunc['db_query']('', '
Chris@76	1271 DELETE FROM {db_prefix}permissions
Chris@76	1272 WHERE id_group = {int:current_group}
Chris@76	1273 ' . (empty($context['illegal_permissions']) ? '' : ' AND permission NOT IN ({array_string:illegal_permissions})'),
Chris@76	1274 array(
Chris@76	1275 'current_group' => $group,
Chris@76	1276 'illegal_permissions' => !empty($context['illegal_permissions']) ? $context['illegal_permissions'] : array(),
Chris@76	1277 )
Chris@76	1278 );
Chris@76	1279 $smcFunc['db_query']('', '
Chris@76	1280 DELETE FROM {db_prefix}board_permissions
Chris@76	1281 WHERE id_group = {int:current_group}
Chris@76	1282 AND id_profile = {int:default_profile}',
Chris@76	1283 array(
Chris@76	1284 'current_group' => $group,
Chris@76	1285 'default_profile' => 1,
Chris@76	1286 )
Chris@76	1287 );
Chris@76	1288
Chris@76	1289 $groupInserts = array();
Chris@76	1290 foreach ($groupLevels['global'][$level] as $permission)
Chris@76	1291 $groupInserts[] = array($group, $permission);
Chris@76	1292
Chris@76	1293 $smcFunc['db_insert']('insert',
Chris@76	1294 '{db_prefix}permissions',
Chris@76	1295 array('id_group' => 'int', 'permission' => 'string'),
Chris@76	1296 $groupInserts,
Chris@76	1297 array('id_group')
Chris@76	1298 );
Chris@76	1299
Chris@76	1300 $boardInserts = array();
Chris@76	1301 foreach ($groupLevels['board'][$level] as $permission)
Chris@76	1302 $boardInserts[] = array(1, $group, $permission);
Chris@76	1303
Chris@76	1304 $smcFunc['db_insert']('insert',
Chris@76	1305 '{db_prefix}board_permissions',
Chris@76	1306 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string'),
Chris@76	1307 $boardInserts,
Chris@76	1308 array('id_profile', 'id_group')
Chris@76	1309 );
Chris@76	1310 }
Chris@76	1311 // Setting profile permissions for a specific group.
Chris@76	1312 elseif ($profile !== 'null' && $group !== 'null' && ($profile == 1 \|\| $profile > 4))
Chris@76	1313 {
Chris@76	1314 $group = (int) $group;
Chris@76	1315 $profile = (int) $profile;
Chris@76	1316
Chris@76	1317 if (!empty($groupLevels['global'][$level]))
Chris@76	1318 {
Chris@76	1319 $smcFunc['db_query']('', '
Chris@76	1320 DELETE FROM {db_prefix}board_permissions
Chris@76	1321 WHERE id_group = {int:current_group}
Chris@76	1322 AND id_profile = {int:current_profile}',
Chris@76	1323 array(
Chris@76	1324 'current_group' => $group,
Chris@76	1325 'current_profile' => $profile,
Chris@76	1326 )
Chris@76	1327 );
Chris@76	1328 }
Chris@76	1329
Chris@76	1330 if (!empty($groupLevels['board'][$level]))
Chris@76	1331 {
Chris@76	1332 $boardInserts = array();
Chris@76	1333 foreach ($groupLevels['board'][$level] as $permission)
Chris@76	1334 $boardInserts[] = array($profile, $group, $permission);
Chris@76	1335
Chris@76	1336 $smcFunc['db_insert']('insert',
Chris@76	1337 '{db_prefix}board_permissions',
Chris@76	1338 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string'),
Chris@76	1339 $boardInserts,
Chris@76	1340 array('id_profile', 'id_group')
Chris@76	1341 );
Chris@76	1342 }
Chris@76	1343 }
Chris@76	1344 // Setting profile permissions for all groups.
Chris@76	1345 elseif ($profile !== 'null' && $group === 'null' && ($profile == 1 \|\| $profile > 4))
Chris@76	1346 {
Chris@76	1347 $profile = (int) $profile;
Chris@76	1348
Chris@76	1349 $smcFunc['db_query']('', '
Chris@76	1350 DELETE FROM {db_prefix}board_permissions
Chris@76	1351 WHERE id_profile = {int:current_profile}',
Chris@76	1352 array(
Chris@76	1353 'current_profile' => $profile,
Chris@76	1354 )
Chris@76	1355 );
Chris@76	1356
Chris@76	1357 if (empty($boardLevels[$level]))
Chris@76	1358 return;
Chris@76	1359
Chris@76	1360 // Get all the groups...
Chris@76	1361 $query = $smcFunc['db_query']('', '
Chris@76	1362 SELECT id_group
Chris@76	1363 FROM {db_prefix}membergroups
Chris@76	1364 WHERE id_group > {int:moderator_group}
Chris@76	1365 ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
Chris@76	1366 array(
Chris@76	1367 'moderator_group' => 3,
Chris@76	1368 'newbie_group' => 4,
Chris@76	1369 )
Chris@76	1370 );
Chris@76	1371 while ($row = $smcFunc['db_fetch_row']($query))
Chris@76	1372 {
Chris@76	1373 $group = $row[0];
Chris@76	1374
Chris@76	1375 $boardInserts = array();
Chris@76	1376 foreach ($boardLevels[$level] as $permission)
Chris@76	1377 $boardInserts[] = array($profile, $group, $permission);
Chris@76	1378
Chris@76	1379 $smcFunc['db_insert']('insert',
Chris@76	1380 '{db_prefix}board_permissions',
Chris@76	1381 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string'),
Chris@76	1382 $boardInserts,
Chris@76	1383 array('id_profile', 'id_group')
Chris@76	1384 );
Chris@76	1385 }
Chris@76	1386 $smcFunc['db_free_result']($query);
Chris@76	1387
Chris@76	1388 // Add permissions for ungrouped members.
Chris@76	1389 $boardInserts = array();
Chris@76	1390 foreach ($boardLevels[$level] as $permission)
Chris@76	1391 $boardInserts[] = array($profile, 0, $permission);
Chris@76	1392
Chris@76	1393 $smcFunc['db_insert']('insert',
Chris@76	1394 '{db_prefix}board_permissions',
Chris@76	1395 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string'),
Chris@76	1396 $boardInserts,
Chris@76	1397 array('id_profile', 'id_group')
Chris@76	1398 );
Chris@76	1399 }
Chris@76	1400 // $profile and $group are both null!
Chris@76	1401 else
Chris@76	1402 fatal_lang_error('no_access', false);
Chris@76	1403 }
Chris@76	1404
Chris@76	1405 function loadAllPermissions($loadType = 'classic')
Chris@76	1406 {
Chris@76	1407 global $context, $txt, $modSettings;
Chris@76	1408
Chris@76	1409 // List of all the groups dependant on the currently selected view - for the order so it looks pretty, yea?
Chris@76	1410 // Note to Mod authors - you don't need to stick your permission group here if you don't mind SMF sticking it the last group of the page.
Chris@76	1411 $permissionGroups = array(
Chris@76	1412 'membergroup' => array(
Chris@76	1413 'simple' => array(
Chris@76	1414 'view_basic_info',
Chris@76	1415 'use_pm_system',
Chris@76	1416 'post_calendar',
Chris@76	1417 'edit_profile',
Chris@76	1418 'delete_account',
Chris@76	1419 'use_avatar',
Chris@76	1420 'moderate_general',
Chris@76	1421 'administrate',
Chris@76	1422 ),
Chris@76	1423 'classic' => array(
Chris@76	1424 'general',
Chris@76	1425 'pm',
Chris@76	1426 'calendar',
Chris@76	1427 'maintenance',
Chris@76	1428 'member_admin',
Chris@76	1429 'profile',
Chris@76	1430 ),
Chris@76	1431 ),
Chris@76	1432 'board' => array(
Chris@76	1433 'simple' => array(
Chris@76	1434 'make_posts',
Chris@76	1435 'make_unapproved_posts',
Chris@76	1436 'post_polls',
Chris@76	1437 'participate',
Chris@76	1438 'modify',
Chris@76	1439 'notification',
Chris@76	1440 'attach',
Chris@76	1441 'moderate',
Chris@76	1442 ),
Chris@76	1443 'classic' => array(
Chris@76	1444 'general_board',
Chris@76	1445 'topic',
Chris@76	1446 'post',
Chris@76	1447 'poll',
Chris@76	1448 'notification',
Chris@76	1449 'attachment',
Chris@76	1450 ),
Chris@76	1451 ),
Chris@76	1452 );
Chris@76	1453
Chris@76	1454 /* The format of this list is as follows:
Chris@76	1455 'membergroup' => array(
Chris@76	1456 'permissions_inside' => array(has_multiple_options, classic_view_group, simple_view_group(_own), simple_view_group_any),
Chris@76	1457 ),
Chris@76	1458 'board' => array(
Chris@76	1459 'permissions_inside' => array(has_multiple_options, classic_view_group, simple_view_group(_own), simple_view_group_any),
Chris@76	1460 );
Chris@76	1461 */
Chris@76	1462 $permissionList = array(
Chris@76	1463 'membergroup' => array(
Chris@76	1464 'view_stats' => array(false, 'general', 'view_basic_info'),
Chris@76	1465 'view_mlist' => array(false, 'general', 'view_basic_info'),
Chris@76	1466 'who_view' => array(false, 'general', 'view_basic_info'),
Chris@76	1467 'search_posts' => array(false, 'general', 'view_basic_info'),
Chris@76	1468 'karma_edit' => array(false, 'general', 'moderate_general'),
Chris@76	1469 'pm_read' => array(false, 'pm', 'use_pm_system'),
Chris@76	1470 'pm_send' => array(false, 'pm', 'use_pm_system'),
Chris@76	1471 'calendar_view' => array(false, 'calendar', 'view_basic_info'),
Chris@76	1472 'calendar_post' => array(false, 'calendar', 'post_calendar'),
Chris@76	1473 'calendar_edit' => array(true, 'calendar', 'post_calendar', 'moderate_general'),
Chris@76	1474 'admin_forum' => array(false, 'maintenance', 'administrate'),
Chris@76	1475 'manage_boards' => array(false, 'maintenance', 'administrate'),
Chris@76	1476 'manage_attachments' => array(false, 'maintenance', 'administrate'),
Chris@76	1477 'manage_smileys' => array(false, 'maintenance', 'administrate'),
Chris@76	1478 'edit_news' => array(false, 'maintenance', 'administrate'),
Chris@76	1479 'access_mod_center' => array(false, 'maintenance', 'moderate_general'),
Chris@76	1480 'moderate_forum' => array(false, 'member_admin', 'moderate_general'),
Chris@76	1481 'manage_membergroups' => array(false, 'member_admin', 'administrate'),
Chris@76	1482 'manage_permissions' => array(false, 'member_admin', 'administrate'),
Chris@76	1483 'manage_bans' => array(false, 'member_admin', 'administrate'),
Chris@76	1484 'send_mail' => array(false, 'member_admin', 'administrate'),
Chris@76	1485 'issue_warning' => array(false, 'member_admin', 'moderate_general'),
Chris@76	1486 'profile_view' => array(true, 'profile', 'view_basic_info', 'view_basic_info'),
Chris@76	1487 'profile_identity' => array(true, 'profile', 'edit_profile', 'moderate_general'),
Chris@76	1488 'profile_extra' => array(true, 'profile', 'edit_profile', 'moderate_general'),
Chris@76	1489 'profile_title' => array(true, 'profile', 'edit_profile', 'moderate_general'),
Chris@76	1490 'profile_remove' => array(true, 'profile', 'delete_account', 'moderate_general'),
Chris@76	1491 'profile_server_avatar' => array(false, 'profile', 'use_avatar'),
Chris@76	1492 'profile_upload_avatar' => array(false, 'profile', 'use_avatar'),
Chris@76	1493 'profile_remote_avatar' => array(false, 'profile', 'use_avatar'),
Chris@76	1494 ),
Chris@76	1495 'board' => array(
Chris@76	1496 'moderate_board' => array(false, 'general_board', 'moderate'),
Chris@76	1497 'approve_posts' => array(false, 'general_board', 'moderate'),
Chris@76	1498 'post_new' => array(false, 'topic', 'make_posts'),
Chris@76	1499 'post_unapproved_topics' => array(false, 'topic', 'make_unapproved_posts'),
Chris@76	1500 'post_unapproved_replies' => array(true, 'topic', 'make_unapproved_posts', 'make_unapproved_posts'),
Chris@76	1501 'post_reply' => array(true, 'topic', 'make_posts', 'make_posts'),
Chris@76	1502 'merge_any' => array(false, 'topic', 'moderate'),
Chris@76	1503 'split_any' => array(false, 'topic', 'moderate'),
Chris@76	1504 'send_topic' => array(false, 'topic', 'moderate'),
Chris@76	1505 'make_sticky' => array(false, 'topic', 'moderate'),
Chris@76	1506 'move' => array(true, 'topic', 'moderate', 'moderate'),
Chris@76	1507 'lock' => array(true, 'topic', 'moderate', 'moderate'),
Chris@76	1508 'remove' => array(true, 'topic', 'modify', 'moderate'),
Chris@76	1509 'modify_replies' => array(false, 'topic', 'moderate'),
Chris@76	1510 'delete_replies' => array(false, 'topic', 'moderate'),
Chris@76	1511 'announce_topic' => array(false, 'topic', 'moderate'),
Chris@76	1512 'delete' => array(true, 'post', 'modify', 'moderate'),
Chris@76	1513 'modify' => array(true, 'post', 'modify', 'moderate'),
Chris@76	1514 'report_any' => array(false, 'post', 'participate'),
Chris@76	1515 'poll_view' => array(false, 'poll', 'participate'),
Chris@76	1516 'poll_vote' => array(false, 'poll', 'participate'),
Chris@76	1517 'poll_post' => array(false, 'poll', 'post_polls'),
Chris@76	1518 'poll_add' => array(true, 'poll', 'post_polls', 'moderate'),
Chris@76	1519 'poll_edit' => array(true, 'poll', 'modify', 'moderate'),
Chris@76	1520 'poll_lock' => array(true, 'poll', 'moderate', 'moderate'),
Chris@76	1521 'poll_remove' => array(true, 'poll', 'modify', 'moderate'),
Chris@76	1522 'mark_any_notify' => array(false, 'notification', 'notification'),
Chris@76	1523 'mark_notify' => array(false, 'notification', 'notification'),
Chris@76	1524 'view_attachments' => array(false, 'attachment', 'participate'),
Chris@76	1525 'post_unapproved_attachments' => array(false, 'attachment', 'make_unapproved_posts'),
Chris@76	1526 'post_attachment' => array(false, 'attachment', 'attach'),
Chris@76	1527 ),
Chris@76	1528 );
Chris@76	1529
Chris@76	1530 // All permission groups that will be shown in the left column on classic view.
Chris@76	1531 $leftPermissionGroups = array(
Chris@76	1532 'general',
Chris@76	1533 'calendar',
Chris@76	1534 'maintenance',
Chris@76	1535 'member_admin',
Chris@76	1536 'topic',
Chris@76	1537 'post',
Chris@76	1538 );
Chris@76	1539
Chris@76	1540 // We need to know what permissions we can't give to guests.
Chris@76	1541 loadIllegalGuestPermissions();
Chris@76	1542
Chris@76	1543 // Some permissions are hidden if features are off.
Chris@76	1544 $hiddenPermissions = array();
Chris@76	1545 $relabelPermissions = array(); // Permissions to apply a different label to.
Chris@76	1546 $relabelGroups = array(); // As above but for groups.
Chris@76	1547 if (!in_array('cd', $context['admin_features']))
Chris@76	1548 {
Chris@76	1549 $hiddenPermissions[] = 'calendar_view';
Chris@76	1550 $hiddenPermissions[] = 'calendar_post';
Chris@76	1551 $hiddenPermissions[] = 'calendar_edit';
Chris@76	1552 }
Chris@76	1553 if (!in_array('w', $context['admin_features']))
Chris@76	1554 $hiddenPermissions[] = 'issue_warning';
Chris@76	1555
Chris@76	1556 // Post moderation?
Chris@76	1557 if (!$modSettings['postmod_active'])
Chris@76	1558 {
Chris@76	1559 $hiddenPermissions[] = 'approve_posts';
Chris@76	1560 $hiddenPermissions[] = 'post_unapproved_topics';
Chris@76	1561 $hiddenPermissions[] = 'post_unapproved_replies';
Chris@76	1562 $hiddenPermissions[] = 'post_unapproved_attachments';
Chris@76	1563 }
Chris@76	1564 // If we show them on classic view we change the name.
Chris@76	1565 else
Chris@76	1566 {
Chris@76	1567 // Relabel the topics permissions
Chris@76	1568 $relabelPermissions['post_new'] = 'auto_approve_topics';
Chris@76	1569
Chris@76	1570 // Relabel the reply permissions
Chris@76	1571 $relabelPermissions['post_reply'] = 'auto_approve_replies';
Chris@76	1572
Chris@76	1573 // Relabel the attachment permissions
Chris@76	1574 $relabelPermissions['post_attachment'] = 'auto_approve_attachments';
Chris@76	1575 }
Chris@76	1576
Chris@76	1577 // Provide a practical way to modify permissions.
Chris@76	1578 call_integration_hook('integrate_load_permissions', array(&$permissionGroups, &$permissionList, &$leftPermissionGroups, &$hiddenPermissions, &$relabelPermissions));
Chris@76	1579
Chris@76	1580 $context['permissions'] = array();
Chris@76	1581 $context['hidden_permissions'] = array();
Chris@76	1582 foreach ($permissionList as $permissionType => $permissionList)
Chris@76	1583 {
Chris@76	1584 $context['permissions'][$permissionType] = array(
Chris@76	1585 'id' => $permissionType,
Chris@76	1586 'view' => $loadType,
Chris@76	1587 'columns' => array()
Chris@76	1588 );
Chris@76	1589 foreach ($permissionList as $permission => $permissionArray)
Chris@76	1590 {
Chris@76	1591 // If this is a guest permission we don't do it if it's the guest group.
Chris@76	1592 if (isset($context['group']['id']) && $context['group']['id'] == -1 && in_array($permission, $context['non_guest_permissions']))
Chris@76	1593 continue;
Chris@76	1594
Chris@76	1595 // What groups will this permission be in?
Chris@76	1596 $own_group = $permissionArray[($loadType == 'classic' ? 1 : 2)];
Chris@76	1597 $any_group = $loadType == 'simple' && !empty($permissionArray[3]) ? $permissionArray[3] : ($loadType == 'simple' && $permissionArray[0] ? $permissionArray[2] : '');
Chris@76	1598
Chris@76	1599 // First, Do these groups actually exist - if not add them.
Chris@76	1600 if (!isset($permissionGroups[$permissionType][$loadType][$own_group]))
Chris@76	1601 $permissionGroups[$permissionType][$loadType][$own_group] = true;
Chris@76	1602 if (!empty($any_group) && !isset($permissionGroups[$permissionType][$loadType][$any_group]))
Chris@76	1603 $permissionGroups[$permissionType][$loadType][$any_group] = true;
Chris@76	1604
Chris@76	1605 // What column should this be located into?
Chris@76	1606 $position = $loadType == 'classic' && !in_array($own_group, $leftPermissionGroups) ? 1 : 0;
Chris@76	1607
Chris@76	1608 // If the groups have not yet been created be sure to create them.
Chris@76	1609 $bothGroups = array('own' => $own_group);
Chris@76	1610 $bothGroups = array();
Chris@76	1611
Chris@76	1612 // For guests, just reset the array.
Chris@76	1613 if (!isset($context['group']['id']) \|\| !($context['group']['id'] == -1 && $any_group))
Chris@76	1614 $bothGroups['own'] = $own_group;
Chris@76	1615
Chris@76	1616 if ($any_group)
Chris@76	1617 {
Chris@76	1618 $bothGroups['any'] = $any_group;
Chris@76	1619
Chris@76	1620 }
Chris@76	1621
Chris@76	1622 foreach ($bothGroups as $group)
Chris@76	1623 if (!isset($context['permissions'][$permissionType]['columns'][$position][$group]))
Chris@76	1624 $context['permissions'][$permissionType]['columns'][$position][$group] = array(
Chris@76	1625 'type' => $permissionType,
Chris@76	1626 'id' => $group,
Chris@76	1627 'name' => $loadType == 'simple' ? (isset($txt['permissiongroup_simple_' . $group]) ? $txt['permissiongroup_simple_' . $group] : '') : $txt['permissiongroup_' . $group],
Chris@76	1628 'icon' => isset($txt['permissionicon_' . $group]) ? $txt['permissionicon_' . $group] : $txt['permissionicon'],
Chris@76	1629 'help' => isset($txt['permissionhelp_' . $group]) ? $txt['permissionhelp_' . $group] : '',
Chris@76	1630 'hidden' => false,
Chris@76	1631 'permissions' => array()
Chris@76	1632 );
Chris@76	1633
Chris@76	1634 // This is where we set up the permission dependant on the view.
Chris@76	1635 if ($loadType == 'classic')
Chris@76	1636 {
Chris@76	1637 $context['permissions'][$permissionType]['columns'][$position][$own_group]['permissions'][$permission] = array(
Chris@76	1638 'id' => $permission,
Chris@76	1639 'name' => !isset($relabelPermissions[$permission]) ? $txt['permissionname_' . $permission] : $txt[$relabelPermissions[$permission]],
Chris@76	1640 'show_help' => isset($txt['permissionhelp_' . $permission]),
Chris@76	1641 'note' => isset($txt['permissionnote_' . $permission]) ? $txt['permissionnote_' . $permission] : '',
Chris@76	1642 'has_own_any' => $permissionArray[0],
Chris@76	1643 'own' => array(
Chris@76	1644 'id' => $permission . '_own',
Chris@76	1645 'name' => $permissionArray[0] ? $txt['permissionname_' . $permission . '_own'] : ''
Chris@76	1646 ),
Chris@76	1647 'any' => array(
Chris@76	1648 'id' => $permission . '_any',
Chris@76	1649 'name' => $permissionArray[0] ? $txt['permissionname_' . $permission . '_any'] : ''
Chris@76	1650 ),
Chris@76	1651 'hidden' => in_array($permission, $hiddenPermissions),
Chris@76	1652 );
Chris@76	1653 }
Chris@76	1654 else
Chris@76	1655 {
Chris@76	1656 foreach ($bothGroups as $group_type => $group)
Chris@76	1657 {
Chris@76	1658 $context['permissions'][$permissionType]['columns'][$position][$group]['permissions'][$permission . ($permissionArray[0] ? '_' . $group_type : '')] = array(
Chris@76	1659 'id' => $permission . ($permissionArray[0] ? '_' . $group_type : ''),
Chris@76	1660 'name' => isset($txt['permissionname_simple_' . $permission . ($permissionArray[0] ? '_' . $group_type : '')]) ? $txt['permissionname_simple_' . $permission . ($permissionArray[0] ? '_' . $group_type : '')] : $txt['permissionname_' . $permission],
Chris@76	1661 'help_index' => isset($txt['permissionhelp_' . $permission]) ? 'permissionhelp_' . $permission : '',
Chris@76	1662 'hidden' => in_array($permission, $hiddenPermissions),
Chris@76	1663 );
Chris@76	1664 }
Chris@76	1665 }
Chris@76	1666
Chris@76	1667 if (in_array($permission, $hiddenPermissions))
Chris@76	1668 {
Chris@76	1669 if ($permissionArray[0])
Chris@76	1670 {
Chris@76	1671 $context['hidden_permissions'][] = $permission . '_own';
Chris@76	1672 $context['hidden_permissions'][] = $permission . '_any';
Chris@76	1673 }
Chris@76	1674 else
Chris@76	1675 $context['hidden_permissions'][] = $permission;
Chris@76	1676 }
Chris@76	1677 }
Chris@76	1678 ksort($context['permissions'][$permissionType]['columns']);
Chris@76	1679 }
Chris@76	1680
Chris@76	1681 // Check we don't leave any empty groups - and mark hidden ones as such.
Chris@76	1682 foreach ($context['permissions'][$permissionType]['columns'] as $column => $groups)
Chris@76	1683 foreach ($groups as $id => $group)
Chris@76	1684 {
Chris@76	1685 if (empty($group['permissions']))
Chris@76	1686 unset($context['permissions'][$permissionType]['columns'][$column][$id]);
Chris@76	1687 else
Chris@76	1688 {
Chris@76	1689 $foundNonHidden = false;
Chris@76	1690 foreach ($group['permissions'] as $permission)
Chris@76	1691 if (empty($permission['hidden']))
Chris@76	1692 $foundNonHidden = true;
Chris@76	1693 if (!$foundNonHidden)
Chris@76	1694 $context['permissions'][$permissionType]['columns'][$column][$id]['hidden'] = true;
Chris@76	1695 }
Chris@76	1696 }
Chris@76	1697 }
Chris@76	1698
Chris@76	1699 // Initialize a form with inline permissions.
Chris@76	1700 function init_inline_permissions($permissions, $excluded_groups = array())
Chris@76	1701 {
Chris@76	1702 global $context, $txt, $modSettings, $smcFunc;
Chris@76	1703
Chris@76	1704 loadLanguage('ManagePermissions');
Chris@76	1705 loadTemplate('ManagePermissions');
Chris@76	1706 $context['can_change_permissions'] = allowedTo('manage_permissions');
Chris@76	1707
Chris@76	1708 // Nothing to initialize here.
Chris@76	1709 if (!$context['can_change_permissions'])
Chris@76	1710 return;
Chris@76	1711
Chris@76	1712 // Load the permission settings for guests
Chris@76	1713 foreach ($permissions as $permission)
Chris@76	1714 $context[$permission] = array(
Chris@76	1715 -1 => array(
Chris@76	1716 'id' => -1,
Chris@76	1717 'name' => $txt['membergroups_guests'],
Chris@76	1718 'is_postgroup' => false,
Chris@76	1719 'status' => 'off',
Chris@76	1720 ),
Chris@76	1721 0 => array(
Chris@76	1722 'id' => 0,
Chris@76	1723 'name' => $txt['membergroups_members'],
Chris@76	1724 'is_postgroup' => false,
Chris@76	1725 'status' => 'off',
Chris@76	1726 ),
Chris@76	1727 );
Chris@76	1728
Chris@76	1729 $request = $smcFunc['db_query']('', '
Chris@76	1730 SELECT id_group, CASE WHEN add_deny = {int:denied} THEN {string:deny} ELSE {string:on} END AS status, permission
Chris@76	1731 FROM {db_prefix}permissions
Chris@76	1732 WHERE id_group IN (-1, 0)
Chris@76	1733 AND permission IN ({array_string:permissions})',
Chris@76	1734 array(
Chris@76	1735 'denied' => 0,
Chris@76	1736 'permissions' => $permissions,
Chris@76	1737 'deny' => 'deny',
Chris@76	1738 'on' => 'on',
Chris@76	1739 )
Chris@76	1740 );
Chris@76	1741 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	1742 $context[$row['permission']][$row['id_group']]['status'] = $row['status'];
Chris@76	1743 $smcFunc['db_free_result']($request);
Chris@76	1744
Chris@76	1745 $request = $smcFunc['db_query']('', '
Chris@76	1746 SELECT mg.id_group, mg.group_name, mg.min_posts, IFNULL(p.add_deny, -1) AS status, p.permission
Chris@76	1747 FROM {db_prefix}membergroups AS mg
Chris@76	1748 LEFT JOIN {db_prefix}permissions AS p ON (p.id_group = mg.id_group AND p.permission IN ({array_string:permissions}))
Chris@76	1749 WHERE mg.id_group NOT IN (1, 3)
Chris@76	1750 AND mg.id_parent = {int:not_inherited}' . (empty($modSettings['permission_enable_postgroups']) ? '
Chris@76	1751 AND mg.min_posts = {int:min_posts}' : '') . '
Chris@76	1752 ORDER BY mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name',
Chris@76	1753 array(
Chris@76	1754 'not_inherited' => -2,
Chris@76	1755 'min_posts' => -1,
Chris@76	1756 'newbie_group' => 4,
Chris@76	1757 'permissions' => $permissions,
Chris@76	1758 )
Chris@76	1759 );
Chris@76	1760 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	1761 {
Chris@76	1762 // Initialize each permission as being 'off' until proven otherwise.
Chris@76	1763 foreach ($permissions as $permission)
Chris@76	1764 if (!isset($context[$permission][$row['id_group']]))
Chris@76	1765 $context[$permission][$row['id_group']] = array(
Chris@76	1766 'id' => $row['id_group'],
Chris@76	1767 'name' => $row['group_name'],
Chris@76	1768 'is_postgroup' => $row['min_posts'] != -1,
Chris@76	1769 'status' => 'off',
Chris@76	1770 );
Chris@76	1771
Chris@76	1772 $context[$row['permission']][$row['id_group']]['status'] = empty($row['status']) ? 'deny' : ($row['status'] == 1 ? 'on' : 'off');
Chris@76	1773 }
Chris@76	1774 $smcFunc['db_free_result']($request);
Chris@76	1775
Chris@76	1776 // Some permissions cannot be given to certain groups. Remove the groups.
Chris@76	1777 foreach ($excluded_groups as $group)
Chris@76	1778 {
Chris@76	1779 foreach ($permissions as $permission)
Chris@76	1780 {
Chris@76	1781 if (isset($context[$permission][$group]))
Chris@76	1782 unset($context[$permission][$group]);
Chris@76	1783 }
Chris@76	1784 }
Chris@76	1785 }
Chris@76	1786
Chris@76	1787 // Show a collapsible box to set a specific permission.
Chris@76	1788 function theme_inline_permissions($permission)
Chris@76	1789 {
Chris@76	1790 global $context;
Chris@76	1791
Chris@76	1792 $context['current_permission'] = $permission;
Chris@76	1793 $context['member_groups'] = $context[$permission];
Chris@76	1794
Chris@76	1795 template_inline_permissions();
Chris@76	1796 }
Chris@76	1797
Chris@76	1798 // Save the permissions of a form containing inline permissions.
Chris@76	1799 function save_inline_permissions($permissions)
Chris@76	1800 {
Chris@76	1801 global $context, $smcFunc;
Chris@76	1802
Chris@76	1803 // No permissions? Not a great deal to do here.
Chris@76	1804 if (!allowedTo('manage_permissions'))
Chris@76	1805 return;
Chris@76	1806
Chris@76	1807 // Almighty session check, verify our ways.
Chris@76	1808 checkSession();
Chris@76	1809
Chris@76	1810 // Check they can't do certain things.
Chris@76	1811 loadIllegalPermissions();
Chris@76	1812
Chris@76	1813 $insertRows = array();
Chris@76	1814 foreach ($permissions as $permission)
Chris@76	1815 {
Chris@76	1816 if (!isset($_POST[$permission]))
Chris@76	1817 continue;
Chris@76	1818
Chris@76	1819 foreach ($_POST[$permission] as $id_group => $value)
Chris@76	1820 {
Chris@76	1821 if (in_array($value, array('on', 'deny')) && (empty($context['illegal_permissions']) \|\| !in_array($permission, $context['illegal_permissions'])))
Chris@76	1822 $insertRows[] = array((int) $id_group, $permission, $value == 'on' ? 1 : 0);
Chris@76	1823 }
Chris@76	1824 }
Chris@76	1825
Chris@76	1826 // Remove the old permissions...
Chris@76	1827 $smcFunc['db_query']('', '
Chris@76	1828 DELETE FROM {db_prefix}permissions
Chris@76	1829 WHERE permission IN ({array_string:permissions})
Chris@76	1830 ' . (empty($context['illegal_permissions']) ? '' : ' AND permission NOT IN ({array_string:illegal_permissions})'),
Chris@76	1831 array(
Chris@76	1832 'illegal_permissions' => !empty($context['illegal_permissions']) ? $context['illegal_permissions'] : array(),
Chris@76	1833 'permissions' => $permissions,
Chris@76	1834 )
Chris@76	1835 );
Chris@76	1836
Chris@76	1837 // ...and replace them with new ones.
Chris@76	1838 if (!empty($insertRows))
Chris@76	1839 $smcFunc['db_insert']('insert',
Chris@76	1840 '{db_prefix}permissions',
Chris@76	1841 array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	1842 $insertRows,
Chris@76	1843 array('id_group', 'permission')
Chris@76	1844 );
Chris@76	1845
Chris@76	1846 // Do a full child update.
Chris@76	1847 updateChildPermissions(array(), -1);
Chris@76	1848
Chris@76	1849 // Just in case we cached this.
Chris@76	1850 updateSettings(array('settings_updated' => time()));
Chris@76	1851 }
Chris@76	1852
Chris@76	1853 function loadPermissionProfiles()
Chris@76	1854 {
Chris@76	1855 global $context, $txt, $smcFunc;
Chris@76	1856
Chris@76	1857 $request = $smcFunc['db_query']('', '
Chris@76	1858 SELECT id_profile, profile_name
Chris@76	1859 FROM {db_prefix}permission_profiles
Chris@76	1860 ORDER BY id_profile',
Chris@76	1861 array(
Chris@76	1862 )
Chris@76	1863 );
Chris@76	1864 $context['profiles'] = array();
Chris@76	1865 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	1866 {
Chris@76	1867 // Format the label nicely.
Chris@76	1868 if (isset($txt['permissions_profile_' . $row['profile_name']]))
Chris@76	1869 $name = $txt['permissions_profile_' . $row['profile_name']];
Chris@76	1870 else
Chris@76	1871 $name = $row['profile_name'];
Chris@76	1872
Chris@76	1873 $context['profiles'][$row['id_profile']] = array(
Chris@76	1874 'id' => $row['id_profile'],
Chris@76	1875 'name' => $name,
Chris@76	1876 'can_modify' => $row['id_profile'] == 1 \|\| $row['id_profile'] > 4,
Chris@76	1877 'unformatted_name' => $row['profile_name'],
Chris@76	1878 );
Chris@76	1879 }
Chris@76	1880 $smcFunc['db_free_result']($request);
Chris@76	1881 }
Chris@76	1882
Chris@76	1883 // Add/Edit/Delete profiles.
Chris@76	1884 function EditPermissionProfiles()
Chris@76	1885 {
Chris@76	1886 global $context, $txt, $smcFunc;
Chris@76	1887
Chris@76	1888 // Setup the template, first for fun.
Chris@76	1889 $context['page_title'] = $txt['permissions_profile_edit'];
Chris@76	1890 $context['sub_template'] = 'edit_profiles';
Chris@76	1891
Chris@76	1892 // If we're creating a new one do it first.
Chris@76	1893 if (isset($_POST['create']) && trim($_POST['profile_name']) != '')
Chris@76	1894 {
Chris@76	1895 checkSession();
Chris@76	1896
Chris@76	1897 $_POST['copy_from'] = (int) $_POST['copy_from'];
Chris@76	1898 $_POST['profile_name'] = $smcFunc['htmlspecialchars']($_POST['profile_name']);
Chris@76	1899
Chris@76	1900 // Insert the profile itself.
Chris@76	1901 $smcFunc['db_insert']('',
Chris@76	1902 '{db_prefix}permission_profiles',
Chris@76	1903 array(
Chris@76	1904 'profile_name' => 'string',
Chris@76	1905 ),
Chris@76	1906 array(
Chris@76	1907 $_POST['profile_name'],
Chris@76	1908 ),
Chris@76	1909 array('id_profile')
Chris@76	1910 );
Chris@76	1911 $profile_id = $smcFunc['db_insert_id']('{db_prefix}permission_profiles', 'id_profile');
Chris@76	1912
Chris@76	1913 // Load the permissions from the one it's being copied from.
Chris@76	1914 $request = $smcFunc['db_query']('', '
Chris@76	1915 SELECT id_group, permission, add_deny
Chris@76	1916 FROM {db_prefix}board_permissions
Chris@76	1917 WHERE id_profile = {int:copy_from}',
Chris@76	1918 array(
Chris@76	1919 'copy_from' => $_POST['copy_from'],
Chris@76	1920 )
Chris@76	1921 );
Chris@76	1922 $inserts = array();
Chris@76	1923 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	1924 $inserts[] = array($profile_id, $row['id_group'], $row['permission'], $row['add_deny']);
Chris@76	1925 $smcFunc['db_free_result']($request);
Chris@76	1926
Chris@76	1927 if (!empty($inserts))
Chris@76	1928 $smcFunc['db_insert']('insert',
Chris@76	1929 '{db_prefix}board_permissions',
Chris@76	1930 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	1931 $inserts,
Chris@76	1932 array('id_profile', 'id_group', 'permission')
Chris@76	1933 );
Chris@76	1934 }
Chris@76	1935 // Renaming?
Chris@76	1936 elseif (isset($_POST['rename']))
Chris@76	1937 {
Chris@76	1938 checkSession();
Chris@76	1939
Chris@76	1940 // Just showing the boxes?
Chris@76	1941 if (!isset($_POST['rename_profile']))
Chris@76	1942 $context['show_rename_boxes'] = true;
Chris@76	1943 else
Chris@76	1944 {
Chris@76	1945 foreach ($_POST['rename_profile'] as $id => $value)
Chris@76	1946 {
Chris@76	1947 $value = $smcFunc['htmlspecialchars']($value);
Chris@76	1948
Chris@76	1949 if (trim($value) != '' && $id > 4)
Chris@76	1950 $smcFunc['db_query']('', '
Chris@76	1951 UPDATE {db_prefix}permission_profiles
Chris@76	1952 SET profile_name = {string:profile_name}
Chris@76	1953 WHERE id_profile = {int:current_profile}',
Chris@76	1954 array(
Chris@76	1955 'current_profile' => (int) $id,
Chris@76	1956 'profile_name' => $value,
Chris@76	1957 )
Chris@76	1958 );
Chris@76	1959 }
Chris@76	1960 }
Chris@76	1961 }
Chris@76	1962 // Deleting?
Chris@76	1963 elseif (isset($_POST['delete']) && !empty($_POST['delete_profile']))
Chris@76	1964 {
Chris@76	1965 checkSession('post');
Chris@76	1966
Chris@76	1967 $profiles = array();
Chris@76	1968 foreach ($_POST['delete_profile'] as $profile)
Chris@76	1969 if ($profile > 4)
Chris@76	1970 $profiles[] = (int) $profile;
Chris@76	1971
Chris@76	1972 // Verify it's not in use...
Chris@76	1973 $request = $smcFunc['db_query']('', '
Chris@76	1974 SELECT id_board
Chris@76	1975 FROM {db_prefix}boards
Chris@76	1976 WHERE id_profile IN ({array_int:profile_list})
Chris@76	1977 LIMIT 1',
Chris@76	1978 array(
Chris@76	1979 'profile_list' => $profiles,
Chris@76	1980 )
Chris@76	1981 );
Chris@76	1982 if ($smcFunc['db_num_rows']($request) != 0)
Chris@76	1983 fatal_lang_error('no_access', false);
Chris@76	1984 $smcFunc['db_free_result']($request);
Chris@76	1985
Chris@76	1986 // Oh well, delete.
Chris@76	1987 $smcFunc['db_query']('', '
Chris@76	1988 DELETE FROM {db_prefix}permission_profiles
Chris@76	1989 WHERE id_profile IN ({array_int:profile_list})',
Chris@76	1990 array(
Chris@76	1991 'profile_list' => $profiles,
Chris@76	1992 )
Chris@76	1993 );
Chris@76	1994 }
Chris@76	1995
Chris@76	1996 // Clearly, we'll need this!
Chris@76	1997 loadPermissionProfiles();
Chris@76	1998
Chris@76	1999 // Work out what ones are in use.
Chris@76	2000 $request = $smcFunc['db_query']('', '
Chris@76	2001 SELECT id_profile, COUNT(id_board) AS board_count
Chris@76	2002 FROM {db_prefix}boards
Chris@76	2003 GROUP BY id_profile',
Chris@76	2004 array(
Chris@76	2005 )
Chris@76	2006 );
Chris@76	2007 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2008 if (isset($context['profiles'][$row['id_profile']]))
Chris@76	2009 {
Chris@76	2010 $context['profiles'][$row['id_profile']]['in_use'] = true;
Chris@76	2011 $context['profiles'][$row['id_profile']]['boards'] = $row['board_count'];
Chris@76	2012 $context['profiles'][$row['id_profile']]['boards_text'] = $row['board_count'] > 1 ? sprintf($txt['permissions_profile_used_by_many'], $row['board_count']) : $txt['permissions_profile_used_by_' . ($row['board_count'] ? 'one' : 'none')];
Chris@76	2013 }
Chris@76	2014 $smcFunc['db_free_result']($request);
Chris@76	2015
Chris@76	2016 // What can we do with these?
Chris@76	2017 $context['can_edit_something'] = false;
Chris@76	2018 foreach ($context['profiles'] as $id => $profile)
Chris@76	2019 {
Chris@76	2020 // Can't delete special ones.
Chris@76	2021 $context['profiles'][$id]['can_edit'] = isset($txt['permissions_profile_' . $profile['unformatted_name']]) ? false : true;
Chris@76	2022 if ($context['profiles'][$id]['can_edit'])
Chris@76	2023 $context['can_edit_something'] = true;
Chris@76	2024
Chris@76	2025 // You can only delete it if you can edit it AND it's not in use.
Chris@76	2026 $context['profiles'][$id]['can_delete'] = $context['profiles'][$id]['can_edit'] && empty($profile['in_use']) ? true : false;
Chris@76	2027 }
Chris@76	2028 }
Chris@76	2029
Chris@76	2030 // This function updates the permissions of any groups based off this group.
Chris@76	2031 function updateChildPermissions($parents, $profile = null)
Chris@76	2032 {
Chris@76	2033 global $smcFunc;
Chris@76	2034
Chris@76	2035 // All the parent groups to sort out.
Chris@76	2036 if (!is_array($parents))
Chris@76	2037 $parents = array($parents);
Chris@76	2038
Chris@76	2039 // Find all the children of this group.
Chris@76	2040 $request = $smcFunc['db_query']('', '
Chris@76	2041 SELECT id_parent, id_group
Chris@76	2042 FROM {db_prefix}membergroups
Chris@76	2043 WHERE id_parent != {int:not_inherited}
Chris@76	2044 ' . (empty($parents) ? '' : 'AND id_parent IN ({array_int:parent_list})'),
Chris@76	2045 array(
Chris@76	2046 'parent_list' => $parents,
Chris@76	2047 'not_inherited' => -2,
Chris@76	2048 )
Chris@76	2049 );
Chris@76	2050 $children = array();
Chris@76	2051 $parents = array();
Chris@76	2052 $child_groups = array();
Chris@76	2053 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2054 {
Chris@76	2055 $children[$row['id_parent']][] = $row['id_group'];
Chris@76	2056 $child_groups[] = $row['id_group'];
Chris@76	2057 $parents[] = $row['id_parent'];
Chris@76	2058 }
Chris@76	2059 $smcFunc['db_free_result']($request);
Chris@76	2060
Chris@76	2061 $parents = array_unique($parents);
Chris@76	2062
Chris@76	2063 // Not a sausage, or a child?
Chris@76	2064 if (empty($children))
Chris@76	2065 return false;
Chris@76	2066
Chris@76	2067 // First off, are we doing general permissions?
Chris@76	2068 if ($profile < 1 \|\| $profile === null)
Chris@76	2069 {
Chris@76	2070 // Fetch all the parent permissions.
Chris@76	2071 $request = $smcFunc['db_query']('', '
Chris@76	2072 SELECT id_group, permission, add_deny
Chris@76	2073 FROM {db_prefix}permissions
Chris@76	2074 WHERE id_group IN ({array_int:parent_list})',
Chris@76	2075 array(
Chris@76	2076 'parent_list' => $parents,
Chris@76	2077 )
Chris@76	2078 );
Chris@76	2079 $permissions = array();
Chris@76	2080 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2081 foreach ($children[$row['id_group']] as $child)
Chris@76	2082 $permissions[] = array($child, $row['permission'], $row['add_deny']);
Chris@76	2083 $smcFunc['db_free_result']($request);
Chris@76	2084
Chris@76	2085 $smcFunc['db_query']('', '
Chris@76	2086 DELETE FROM {db_prefix}permissions
Chris@76	2087 WHERE id_group IN ({array_int:child_groups})',
Chris@76	2088 array(
Chris@76	2089 'child_groups' => $child_groups,
Chris@76	2090 )
Chris@76	2091 );
Chris@76	2092
Chris@76	2093 // Finally insert.
Chris@76	2094 if (!empty($permissions))
Chris@76	2095 {
Chris@76	2096 $smcFunc['db_insert']('insert',
Chris@76	2097 '{db_prefix}permissions',
Chris@76	2098 array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	2099 $permissions,
Chris@76	2100 array('id_group', 'permission')
Chris@76	2101 );
Chris@76	2102 }
Chris@76	2103 }
Chris@76	2104
Chris@76	2105 // Then, what about board profiles?
Chris@76	2106 if ($profile != -1)
Chris@76	2107 {
Chris@76	2108 $profileQuery = $profile === null ? '' : ' AND id_profile = {int:current_profile}';
Chris@76	2109
Chris@76	2110 // Again, get all the parent permissions.
Chris@76	2111 $request = $smcFunc['db_query']('', '
Chris@76	2112 SELECT id_profile, id_group, permission, add_deny
Chris@76	2113 FROM {db_prefix}board_permissions
Chris@76	2114 WHERE id_group IN ({array_int:parent_groups})
Chris@76	2115 ' . $profileQuery,
Chris@76	2116 array(
Chris@76	2117 'parent_groups' => $parents,
Chris@76	2118 'current_profile' => $profile !== null && $profile ? $profile : 1,
Chris@76	2119 )
Chris@76	2120 );
Chris@76	2121 $permissions = array();
Chris@76	2122 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2123 foreach ($children[$row['id_group']] as $child)
Chris@76	2124 $permissions[] = array($child, $row['id_profile'], $row['permission'], $row['add_deny']);
Chris@76	2125 $smcFunc['db_free_result']($request);
Chris@76	2126
Chris@76	2127 $smcFunc['db_query']('', '
Chris@76	2128 DELETE FROM {db_prefix}board_permissions
Chris@76	2129 WHERE id_group IN ({array_int:child_groups})
Chris@76	2130 ' . $profileQuery,
Chris@76	2131 array(
Chris@76	2132 'child_groups' => $child_groups,
Chris@76	2133 'current_profile' => $profile !== null && $profile ? $profile : 1,
Chris@76	2134 )
Chris@76	2135 );
Chris@76	2136
Chris@76	2137 // Do the insert.
Chris@76	2138 if (!empty($permissions))
Chris@76	2139 {
Chris@76	2140 $smcFunc['db_insert']('insert',
Chris@76	2141 '{db_prefix}board_permissions',
Chris@76	2142 array('id_group' => 'int', 'id_profile' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	2143 $permissions,
Chris@76	2144 array('id_group', 'id_profile', 'permission')
Chris@76	2145 );
Chris@76	2146 }
Chris@76	2147 }
Chris@76	2148 }
Chris@76	2149
Chris@76	2150 // Load permissions someone cannot grant.
Chris@76	2151 function loadIllegalPermissions()
Chris@76	2152 {
Chris@76	2153 global $context;
Chris@76	2154
Chris@76	2155 $context['illegal_permissions'] = array();
Chris@76	2156 if (!allowedTo('admin_forum'))
Chris@76	2157 $context['illegal_permissions'][] = 'admin_forum';
Chris@76	2158 if (!allowedTo('manage_membergroups'))
Chris@76	2159 $context['illegal_permissions'][] = 'manage_membergroups';
Chris@76	2160 if (!allowedTo('manage_permissions'))
Chris@76	2161 $context['illegal_permissions'][] = 'manage_permissions';
Chris@76	2162 }
Chris@76	2163
Chris@76	2164 // Load all the permissions that can not be given to guests.
Chris@76	2165 function loadIllegalGuestPermissions()
Chris@76	2166 {
Chris@76	2167 global $context;
Chris@76	2168
Chris@76	2169 $context['non_guest_permissions'] = array(
Chris@76	2170 'delete_replies',
Chris@76	2171 'karma_edit',
Chris@76	2172 'poll_add_own',
Chris@76	2173 'pm_read',
Chris@76	2174 'pm_send',
Chris@76	2175 'profile_identity',
Chris@76	2176 'profile_extra',
Chris@76	2177 'profile_title',
Chris@76	2178 'profile_remove',
Chris@76	2179 'profile_server_avatar',
Chris@76	2180 'profile_upload_avatar',
Chris@76	2181 'profile_remote_avatar',
Chris@76	2182 'profile_view_own',
Chris@76	2183 'mark_any_notify',
Chris@76	2184 'mark_notify',
Chris@76	2185 'admin_forum',
Chris@76	2186 'manage_boards',
Chris@76	2187 'manage_attachments',
Chris@76	2188 'manage_smileys',
Chris@76	2189 'edit_news',
Chris@76	2190 'access_mod_center',
Chris@76	2191 'moderate_forum',
Chris@76	2192 'issue_warning',
Chris@76	2193 'manage_membergroups',
Chris@76	2194 'manage_permissions',
Chris@76	2195 'manage_bans',
Chris@76	2196 'move_own',
Chris@76	2197 'modify_replies',
Chris@76	2198 'send_mail',
Chris@76	2199 'approve_posts',
Chris@76	2200 );
Chris@76	2201 }
Chris@76	2202
Chris@76	2203 // Present a nice way of applying post moderation.
Chris@76	2204 function ModifyPostModeration()
Chris@76	2205 {
Chris@76	2206 global $context, $txt, $smcFunc, $modSettings;
Chris@76	2207
Chris@76	2208 // Just in case.
Chris@76	2209 checkSession('get');
Chris@76	2210
Chris@76	2211 $context['page_title'] = $txt['permissions_post_moderation'];
Chris@76	2212 $context['sub_template'] = 'postmod_permissions';
Chris@76	2213 $context['current_profile'] = isset($_REQUEST['pid']) ? (int) $_REQUEST['pid'] : 1;
Chris@76	2214
Chris@76	2215 // Load all the permission profiles.
Chris@76	2216 loadPermissionProfiles();
Chris@76	2217
Chris@76	2218 // Mappings, our key => array(can_do_moderated, can_do_all)
Chris@76	2219 $mappings = array(
Chris@76	2220 'new_topic' => array('post_new', 'post_unapproved_topics'),
Chris@76	2221 'replies_own' => array('post_reply_own', 'post_unapproved_replies_own'),
Chris@76	2222 'replies_any' => array('post_reply_any', 'post_unapproved_replies_any'),
Chris@76	2223 'attachment' => array('post_attachment', 'post_unapproved_attachments'),
Chris@76	2224 );
Chris@76	2225
Chris@76	2226 // Start this with the guests/members.
Chris@76	2227 $context['profile_groups'] = array(
Chris@76	2228 -1 => array(
Chris@76	2229 'id' => -1,
Chris@76	2230 'name' => $txt['membergroups_guests'],
Chris@76	2231 'color' => '',
Chris@76	2232 'new_topic' => 'disallow',
Chris@76	2233 'replies_own' => 'disallow',
Chris@76	2234 'replies_any' => 'disallow',
Chris@76	2235 'attachment' => 'disallow',
Chris@76	2236 'children' => array(),
Chris@76	2237 ),
Chris@76	2238 0 => array(
Chris@76	2239 'id' => 0,
Chris@76	2240 'name' => $txt['membergroups_members'],
Chris@76	2241 'color' => '',
Chris@76	2242 'new_topic' => 'disallow',
Chris@76	2243 'replies_own' => 'disallow',
Chris@76	2244 'replies_any' => 'disallow',
Chris@76	2245 'attachment' => 'disallow',
Chris@76	2246 'children' => array(),
Chris@76	2247 ),
Chris@76	2248 );
Chris@76	2249
Chris@76	2250 // Load the groups.
Chris@76	2251 $request = $smcFunc['db_query']('', '
Chris@76	2252 SELECT id_group, group_name, online_color, id_parent
Chris@76	2253 FROM {db_prefix}membergroups
Chris@76	2254 WHERE id_group != {int:admin_group}
Chris@76	2255 ' . (empty($modSettings['permission_enable_postgroups']) ? ' AND min_posts = {int:min_posts}' : '') . '
Chris@76	2256 ORDER BY id_parent ASC',
Chris@76	2257 array(
Chris@76	2258 'admin_group' => 1,
Chris@76	2259 'min_posts' => -1,
Chris@76	2260 )
Chris@76	2261 );
Chris@76	2262 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2263 {
Chris@76	2264 if ($row['id_parent'] == -2)
Chris@76	2265 {
Chris@76	2266 $context['profile_groups'][$row['id_group']] = array(
Chris@76	2267 'id' => $row['id_group'],
Chris@76	2268 'name' => $row['group_name'],
Chris@76	2269 'color' => $row['online_color'],
Chris@76	2270 'new_topic' => 'disallow',
Chris@76	2271 'replies_own' => 'disallow',
Chris@76	2272 'replies_any' => 'disallow',
Chris@76	2273 'attachment' => 'disallow',
Chris@76	2274 'children' => array(),
Chris@76	2275 );
Chris@76	2276 }
Chris@76	2277 elseif (isset($context['profile_groups'][$row['id_parent']]))
Chris@76	2278 $context['profile_groups'][$row['id_parent']]['children'][] = $row['group_name'];
Chris@76	2279 }
Chris@76	2280 $smcFunc['db_free_result']($request);
Chris@76	2281
Chris@76	2282 // What are the permissions we are querying?
Chris@76	2283 $all_permissions = array();
Chris@76	2284 foreach ($mappings as $perm_set)
Chris@76	2285 $all_permissions = array_merge($all_permissions, $perm_set);
Chris@76	2286
Chris@76	2287 // If we're saving the changes then do just that - save them.
Chris@76	2288 if (!empty($_POST['save_changes']) && ($context['current_profile'] == 1 \|\| $context['current_profile'] > 4))
Chris@76	2289 {
Chris@76	2290 // Start by deleting all the permissions relevant.
Chris@76	2291 $smcFunc['db_query']('', '
Chris@76	2292 DELETE FROM {db_prefix}board_permissions
Chris@76	2293 WHERE id_profile = {int:current_profile}
Chris@76	2294 AND permission IN ({array_string:permissions})
Chris@76	2295 AND id_group IN ({array_int:profile_group_list})',
Chris@76	2296 array(
Chris@76	2297 'profile_group_list' => array_keys($context['profile_groups']),
Chris@76	2298 'current_profile' => $context['current_profile'],
Chris@76	2299 'permissions' => $all_permissions,
Chris@76	2300 )
Chris@76	2301 );
Chris@76	2302
Chris@76	2303 // Do it group by group.
Chris@76	2304 $new_permissions = array();
Chris@76	2305 foreach ($context['profile_groups'] as $id => $group)
Chris@76	2306 {
Chris@76	2307 foreach ($mappings as $index => $data)
Chris@76	2308 {
Chris@76	2309 if (isset($_POST[$index][$group['id']]))
Chris@76	2310 {
Chris@76	2311 if ($_POST[$index][$group['id']] == 'allow')
Chris@76	2312 {
Chris@76	2313 // Give them both sets for fun.
Chris@76	2314 $new_permissions[] = array($context['current_profile'], $group['id'], $data[0], 1);
Chris@76	2315 $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
Chris@76	2316 }
Chris@76	2317 elseif ($_POST[$index][$group['id']] == 'moderate')
Chris@76	2318 $new_permissions[] = array($context['current_profile'], $group['id'], $data[1], 1);
Chris@76	2319 }
Chris@76	2320 }
Chris@76	2321 }
Chris@76	2322
Chris@76	2323 // Insert new permissions.
Chris@76	2324 if (!empty($new_permissions))
Chris@76	2325 $smcFunc['db_insert']('',
Chris@76	2326 '{db_prefix}board_permissions',
Chris@76	2327 array('id_profile' => 'int', 'id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
Chris@76	2328 $new_permissions,
Chris@76	2329 array('id_profile', 'id_group', 'permission')
Chris@76	2330 );
Chris@76	2331 }
Chris@76	2332
Chris@76	2333 // Now get all the permissions!
Chris@76	2334 $request = $smcFunc['db_query']('', '
Chris@76	2335 SELECT id_group, permission, add_deny
Chris@76	2336 FROM {db_prefix}board_permissions
Chris@76	2337 WHERE id_profile = {int:current_profile}
Chris@76	2338 AND permission IN ({array_string:permissions})
Chris@76	2339 AND id_group IN ({array_int:profile_group_list})',
Chris@76	2340 array(
Chris@76	2341 'profile_group_list' => array_keys($context['profile_groups']),
Chris@76	2342 'current_profile' => $context['current_profile'],
Chris@76	2343 'permissions' => $all_permissions,
Chris@76	2344 )
Chris@76	2345 );
Chris@76	2346 while ($row = $smcFunc['db_fetch_assoc']($request))
Chris@76	2347 {
Chris@76	2348 foreach ($mappings as $key => $data)
Chris@76	2349 {
Chris@76	2350 foreach ($data as $index => $perm)
Chris@76	2351 {
Chris@76	2352 if ($perm == $row['permission'])
Chris@76	2353 {
Chris@76	2354 // Only bother if it's not denied.
Chris@76	2355 if ($row['add_deny'])
Chris@76	2356 {
Chris@76	2357 // Full allowance?
Chris@76	2358 if ($index == 0)
Chris@76	2359 $context['profile_groups'][$row['id_group']][$key] = 'allow';
Chris@76	2360 // Otherwise only bother with moderate if not on allow.
Chris@76	2361 elseif ($context['profile_groups'][$row['id_group']][$key] != 'allow')
Chris@76	2362 $context['profile_groups'][$row['id_group']][$key] = 'moderate';
Chris@76	2363 }
Chris@76	2364 }
Chris@76	2365 }
Chris@76	2366 }
Chris@76	2367 }
Chris@76	2368 $smcFunc['db_free_result']($request);
Chris@76	2369 }
Chris@76	2370
Chris@76	2371 ?>

Mercurial > hg > vamp-website

annotate forum/Sources/ManagePermissions.php @ 76:e3e11437ecea website