Beehive PHP Cross Reference Discussion Forums

Source: /admin_user_groups_edit.php - 388 lines - 19525 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Bootstrap
  25  require_once  'boot.php';
  26  
  27  // Required includes
  28  require_once  BH_INCLUDE_PATH . 'admin.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'perm.inc.php';
  35  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  36  require_once  BH_INCLUDE_PATH . 'word_filter.inc.php';
  37  // End Required includes
  38  
  39  // Check we're logged in correctly
  40  if (!session::logged_in()) {
  41      html_guest_error();
  42  }
  43  
  44  // Check we have Admin / Moderator access
  45  if (!(session::check_perm(USER_PERM_ADMIN_TOOLS, 0))) {
  46      html_draw_error(gettext("You do not have permission to use this section."));
  47  }
  48  
  49  // Perform additional admin login.
  50  admin_check_credentials();
  51  
  52  $gid = null;
  53  $t_name = null;
  54  
  55  // Are we returning somewhere?
  56  if (isset($_GET['ret']) && strlen(trim($_GET['ret'])) > 0) {
  57      $ret = rawurldecode(trim($_GET['ret']));
  58  } else if (isset($_POST['ret']) && strlen(trim($_POST['ret'])) > 0) {
  59      $ret = trim($_POST['ret']);
  60  } else {
  61      $ret = "admin_user_groups.php?webtag=$webtag";
  62  }
  63  
  64  // validate the return to page
  65  if (isset($ret) && strlen(trim($ret)) > 0) {
  66  
  67      $available_pages = array(
  68          'admin_user_groups.php',
  69          'admin_user.php'
  70      );
  71  
  72      $available_pages_preg = implode("|^", array_map('preg_quote_callback', $available_pages));
  73  
  74      if (preg_match("/^$available_pages_preg/", basename($ret)) < 1) {
  75          $ret = "admin_user_groups.php?webtag=$webtag";
  76      }
  77  }
  78  
  79  // Cancel button has been pressed.
  80  if (isset($_POST['cancel'])) {
  81  
  82      header_redirect($ret);
  83      exit;
  84  }
  85  
  86  if (isset($_GET['gid']) && is_numeric($_GET['gid'])) {
  87  
  88      $gid = $_GET['gid'];
  89  
  90  } else if (isset($_POST['gid']) && is_numeric($_POST['gid'])) {
  91  
  92      $gid = $_POST['gid'];
  93  
  94  } else {
  95  
  96      html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back")));
  97  }
  98  
  99  if (!$group = perm_get_group($gid)) {
 100      html_draw_error(gettext("Supplied GID is not a user group"), 'admin_user_groups.php', 'get', array('back' => gettext("Back")));
 101  }
 102  
 103  // Array to hold error messages
 104  $error_msg_array = array();
 105  
 106  // Get Group Permissions
 107  $group_permissions = perm_get_group_permissions($gid);
 108  
 109  // Do updates
 110  if (isset($_POST['save'])) {
 111  
 112      $valid = true;
 113  
 114      if (isset($_POST['t_name']) && strlen(trim($_POST['t_name'])) > 0) {
 115  
 116          $t_name = trim($_POST['t_name']);
 117  
 118      } else {
 119  
 120          $error_msg_array[] = gettext("You must enter a group name");
 121          $valid = false;
 122      }
 123  
 124      if (isset($_POST['t_description']) && strlen(trim($_POST['t_description'])) > 0) {
 125          $t_description = trim($_POST['t_description']);
 126      } else {
 127          $t_description = "";
 128      }
 129  
 130      $t_admintools = (double)(isset($_POST['t_admintools'])) ? $_POST['t_admintools'] : 0;
 131      $t_banned = (double)(isset($_POST['t_banned'])) ? $_POST['t_banned'] : 0;
 132      $t_wormed = (double)(isset($_POST['t_wormed'])) ? $_POST['t_wormed'] : 0;
 133      $t_globalmod = (double)(isset($_POST['t_globalmod'])) ? $_POST['t_globalmod'] : 0;
 134      $t_linksmod = (double)(isset($_POST['t_linksmod'])) ? $_POST['t_linksmod'] : 0;
 135  
 136      $new_group_perms = (double)$t_banned | $t_wormed | $t_globalmod | $t_linksmod;
 137  
 138      if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) {
 139  
 140          $new_group_perms = (double)$new_group_perms | $t_admintools;
 141  
 142      } else {
 143  
 144          $new_group_perms = (double)$new_group_perms | ($group_permissions & USER_PERM_ADMIN_TOOLS);
 145      }
 146  
 147      if ($valid) {
 148  
 149          if (perm_update_group($gid, $t_name, $t_description, $new_group_perms)) {
 150  
 151              if (isset($_POST['t_update_perms_array']) && is_array($_POST['t_update_perms_array'])) {
 152  
 153                  $t_update_perms_array = $_POST['t_update_perms_array'];
 154  
 155                  $folder_array = perm_group_get_folders($gid);
 156  
 157                  foreach ($t_update_perms_array as $fid) {
 158  
 159                      $t_post_read = (double)(isset($_POST['t_post_read'][$fid])) ? $_POST['t_post_read'][$fid] : 0;
 160                      $t_post_create = (double)(isset($_POST['t_post_create'][$fid])) ? $_POST['t_post_create'][$fid] : 0;
 161                      $t_thread_create = (double)(isset($_POST['t_thread_create'][$fid])) ? $_POST['t_thread_create'][$fid] : 0;
 162                      $t_post_edit = (double)(isset($_POST['t_post_edit'][$fid])) ? $_POST['t_post_edit'][$fid] : 0;
 163                      $t_post_delete = (double)(isset($_POST['t_post_delete'][$fid])) ? $_POST['t_post_delete'][$fid] : 0;
 164                      $t_post_attach = (double)(isset($_POST['t_post_attach'][$fid])) ? $_POST['t_post_attach'][$fid] : 0;
 165                      $t_moderator = (double)(isset($_POST['t_moderator'][$fid])) ? $_POST['t_moderator'][$fid] : 0;
 166                      $t_post_html = (double)(isset($_POST['t_post_html'][$fid])) ? $_POST['t_post_html'][$fid] : 0;
 167                      $t_post_sig = (double)(isset($_POST['t_post_sig'][$fid])) ? $_POST['t_post_sig'][$fid] : 0;
 168                      $t_post_approval = (double)(isset($_POST['t_post_approval'][$fid])) ? $_POST['t_post_approval'][$fid] : 0;
 169  
 170                      $new_group_perms = (double)$t_post_read | $t_post_create | $t_thread_create;
 171                      $new_group_perms = (double)$new_group_perms | $t_post_edit | $t_post_delete;
 172                      $new_group_perms = (double)$new_group_perms | $t_moderator | $t_post_attach;
 173                      $new_group_perms = (double)$new_group_perms | $t_post_html | $t_post_sig | $t_post_approval;
 174  
 175                      if (!perm_update_group_folder_perms($gid, $fid, $new_group_perms)) {
 176  
 177                          $error_msg_array[] = gettext("Failed to update folder access settings");
 178                          $valid = false;
 179                      }
 180                  }
 181              }
 182  
 183              admin_add_log_entry(UPDATE_USER_GROUP, array($t_name));
 184              header_redirect("admin_user_groups.php?webtag=$webtag&edited=true");
 185              exit;
 186          }
 187      }
 188  
 189      $group_permissions = perm_get_group_permissions($gid);
 190  
 191  } else if (isset($_POST['addusers'])) {
 192  
 193      $redirect_uri = "admin_user_groups_edit_users.php?webtag=$webtag&gid=$gid";
 194      $redirect_uri .= "&ret=admin_user_groups_edit.php%3Fwebtag%3D$webtag%26gid%3D$gid";
 195      $redirect_uri .= "%26ret%3D" . rawurlencode(rawurlencode(rawurlencode($ret)));
 196  
 197      header_redirect($redirect_uri);
 198      exit;
 199  }
 200  
 201  html_draw_top(sprintf('title=%s', sprintf(gettext("Admin - Manage User Groups - %s"), $group['GROUP_NAME'])), 'class=window_title', 'main_css=admin.css');
 202  
 203  $group_users_array = perm_group_get_users($gid, 0);
 204  
 205  echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Manage User Groups"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />{$group['GROUP_NAME']}</h1>\n";
 206  
 207  if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 208  
 209      html_display_error_array($error_msg_array, '800', 'center');
 210  
 211  } else if (sizeof($group_users_array['user_array']) < 1) {
 212  
 213      html_display_warning_msg(gettext("There are no users in this group. To add users click the 'Add/Remove Users' button below."), '800', 'center');
 214  }
 215  
 216  echo "<br />\n";
 217  echo "<div align=\"center\">\n";
 218  echo "<form accept-charset=\"utf-8\" name=\"admin_user_form\" action=\"admin_user_groups_edit.php\" method=\"post\">\n";
 219  echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 220  echo "  ", form_input_hidden("gid", htmlentities_array($gid)), "\n";
 221  echo "  ", form_input_hidden('ret', htmlentities_array($ret)), "\n";
 222  echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"800\">\n";
 223  echo "    <tr>\n";
 224  echo "      <td align=\"left\">\n";
 225  echo "        <table class=\"box\" width=\"100%\">\n";
 226  echo "          <tr>\n";
 227  echo "            <td align=\"left\" class=\"posthead\">\n";
 228  echo "              <table class=\"posthead\" width=\"100%\">\n";
 229  echo "                <tr>\n";
 230  echo "                  <td align=\"left\" class=\"subhead\" colspan=\"2\">", gettext("Name and Description"), "</td>\n";
 231  echo "                </tr>\n";
 232  echo "                <tr>\n";
 233  echo "                  <td align=\"center\">\n";
 234  echo "                    <table class=\"posthead\" width=\"95%\">\n";
 235  echo "                      <tr>\n";
 236  echo "                        <td align=\"left\" width=\"200\" class=\"posthead\">", gettext("Name"), ":</td>\n";
 237  echo "                        <td align=\"left\">" . form_input_text("t_name", (isset($t_name) ? htmlentities_array($t_name) : htmlentities_array($group['GROUP_NAME'])), 30, 64) . "</td>\n";
 238  echo "                      </tr>\n";
 239  echo "                      <tr>\n";
 240  echo "                        <td align=\"left\" width=\"200\" class=\"posthead\">", gettext("Description"), ":</td>\n";
 241  echo "                        <td align=\"left\">" . form_input_text("t_description", (isset($t_description) ? htmlentities_array($t_description) : htmlentities_array($group['GROUP_DESC'])), 30, 64) . "</td>\n";
 242  echo "                      </tr>\n";
 243  echo "                      <tr>\n";
 244  echo "                        <td align=\"left\">&nbsp;</td>\n";
 245  echo "                        <td align=\"left\">&nbsp;</td>\n";
 246  echo "                      </tr>\n";
 247  echo "                    </table>\n";
 248  echo "                  </td>\n";
 249  echo "                </tr>\n";
 250  echo "              </table>\n";
 251  echo "            </td>\n";
 252  echo "          </tr>\n";
 253  echo "        </table>\n";
 254  echo "        <br />\n";
 255  echo "        <table class=\"box\" width=\"100%\">\n";
 256  echo "          <tr>\n";
 257  echo "            <td align=\"left\" class=\"posthead\">\n";
 258  echo "              <table class=\"posthead\" width=\"100%\">\n";
 259  echo "                <tr>\n";
 260  echo "                  <td align=\"left\" class=\"subhead\" colspan=\"1\">", gettext("Group Status"), "</td>\n";
 261  echo "                </tr>\n";
 262  echo "                <tr>\n";
 263  echo "                  <td align=\"center\">\n";
 264  echo "                    <table class=\"posthead\" width=\"95%\">\n";
 265  
 266  if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) {
 267  
 268      echo "                      <tr>\n";
 269      echo "                        <td align=\"left\">", form_checkbox("t_admintools", USER_PERM_ADMIN_TOOLS, gettext("Group can access admin tools"), $group_permissions & USER_PERM_ADMIN_TOOLS), "</td>\n";
 270      echo "                      </tr>\n";
 271  }
 272  
 273  echo "                      <tr>\n";
 274  echo "                        <td align=\"left\">", form_checkbox("t_globalmod", USER_PERM_FOLDER_MODERATE, gettext("Group can moderate all folders"), $group_permissions & USER_PERM_FOLDER_MODERATE), "</td>\n";
 275  echo "                      </tr>\n";
 276  echo "                      <tr>\n";
 277  echo "                        <td align=\"left\">", form_checkbox("t_linksmod", USER_PERM_LINKS_MODERATE, gettext("Group can moderate Links sections"), $group_permissions & USER_PERM_LINKS_MODERATE), "</td>\n";
 278  echo "                      </tr>\n";
 279  echo "                      <tr>\n";
 280  echo "                        <td align=\"left\">", form_checkbox("t_banned", USER_PERM_BANNED, gettext("Group is banned"), $group_permissions & USER_PERM_BANNED), "</td>\n";
 281  echo "                      </tr>\n";
 282  echo "                      <tr>\n";
 283  echo "                        <td align=\"left\">", form_checkbox("t_wormed", USER_PERM_WORMED, gettext("Group is wormed"), $group_permissions & USER_PERM_WORMED), "</td>\n";
 284  echo "                      </tr>\n";
 285  echo "                      <tr>\n";
 286  echo "                        <td align=\"left\">&nbsp;</td>\n";
 287  echo "                      </tr>\n";
 288  echo "                    </table>\n";
 289  echo "                  </td>\n";
 290  echo "                </tr>\n";
 291  echo "              </table>\n";
 292  echo "            </td>\n";
 293  echo "          </tr>\n";
 294  echo "        </table>\n";
 295  echo "        <br />\n";
 296  
 297  if (($folder_array = perm_group_get_folders($gid)) !== false) {
 298  
 299      echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"800\">\n";
 300      echo "    <tr>\n";
 301      echo "      <td align=\"left\">\n";
 302      echo "        <table class=\"box\" width=\"100%\">\n";
 303      echo "          <tr>\n";
 304      echo "            <td align=\"left\" class=\"posthead\">\n";
 305      echo "              <table class=\"posthead\" width=\"100%\">\n";
 306      echo "                <tr>\n";
 307      echo "                  <td class=\"subhead\" align=\"left\">", gettext("Folder Access"), "</td>\n";
 308      echo "                </tr>\n";
 309      echo "                <tr>\n";
 310      echo "                  <td align=\"left\">&nbsp;</td>\n";
 311      echo "                </tr>\n";
 312      echo "                <tr>\n";
 313      echo "                  <td align=\"center\">\n";
 314      echo "                    <table class=\"box\" width=\"95%\">\n";
 315      echo "                      <tr>\n";
 316      echo "                        <td align=\"left\" class=\"posthead\">\n";
 317      echo "                          <table class=\"posthead\" width=\"100%\">\n";
 318      echo "                            <tr>\n";
 319      echo "                              <td align=\"left\" class=\"subhead\" width=\"150\">", gettext("Folders"), "</td>\n";
 320      echo "                              <td align=\"left\" class=\"subhead\">", gettext("Permissions"), "</td>\n";
 321      echo "                            </tr>\n";
 322      echo "                            <tr>\n";
 323      echo "                              <td align=\"left\" colspan=\"2\">\n";
 324      echo "                                <div class=\"admin_folder_perms\">\n";
 325  
 326      foreach ($folder_array as $fid => $folder) {
 327  
 328          echo "                                  ", form_input_hidden("t_update_perms_array[]", htmlentities_array($folder['FID'])), "\n";
 329          echo "                                  <table class=\"posthead\" width=\"100%\">\n";
 330          echo "                                    <tr>\n";
 331          echo "                                      <td align=\"left\" rowspan=\"5\" width=\"150\" valign=\"top\"><a href=\"admin_folder_edit.php?webtag=$webtag&amp;fid={$folder['FID']}\" target=\"_self\">", word_filter_add_ob_tags($folder['TITLE'], true), "</a></td>\n";
 332          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_read[{$folder['FID']}]", USER_PERM_POST_READ, gettext("Read Posts"), $folder['STATUS'] & USER_PERM_POST_READ), "</td>\n";
 333          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_create[{$folder['FID']}]", USER_PERM_POST_CREATE, gettext("Reply to threads"), $folder['STATUS'] & USER_PERM_POST_CREATE), "</td>\n";
 334          echo "                                    </tr>\n";
 335          echo "                                    <tr>\n";
 336          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_thread_create[{$folder['FID']}]", USER_PERM_THREAD_CREATE, gettext("Create new threads"), $folder['STATUS'] & USER_PERM_THREAD_CREATE), "</td>\n";
 337          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_edit[{$folder['FID']}]", USER_PERM_POST_EDIT, gettext("Edit posts"), $folder['STATUS'] & USER_PERM_POST_EDIT), "</td>\n";
 338          echo "                                    </tr>\n";
 339          echo "                                    <tr>\n";
 340          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_delete[{$folder['FID']}]", USER_PERM_POST_DELETE, gettext("Delete posts"), $folder['STATUS'] & USER_PERM_POST_DELETE), "</td>\n";
 341          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_attach[{$folder['FID']}]", USER_PERM_POST_ATTACHMENTS, gettext("Upload attachments"), $folder['STATUS'] & USER_PERM_POST_ATTACHMENTS), "</td>\n";
 342          echo "                                    </tr>\n";
 343          echo "                                    <tr>\n";
 344          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_html[{$folder['FID']}]", USER_PERM_HTML_POSTING, gettext("Post in HTML"), $folder['STATUS'] & USER_PERM_HTML_POSTING), "</td>\n";
 345          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_sig[{$folder['FID']}]", USER_PERM_SIGNATURE, gettext("Post a signature"), $folder['STATUS'] & USER_PERM_SIGNATURE), "</td>\n";
 346          echo "                                    </tr>\n";
 347          echo "                                    <tr>\n";
 348          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_moderator[{$folder['FID']}]", USER_PERM_FOLDER_MODERATE, gettext("Moderate folder"), $folder['STATUS'] & USER_PERM_FOLDER_MODERATE), "</td>\n";
 349          echo "                                      <td align=\"left\" style=\"white-space: nowrap\">", form_checkbox("t_post_approval[{$folder['FID']}]", USER_PERM_POST_APPROVAL, gettext("Require Post Approval"), $folder['STATUS'] & USER_PERM_POST_APPROVAL), "</td>\n";
 350          echo "                                    </tr>\n";
 351          echo "                                    <tr>\n";
 352          echo "                                      <td align=\"left\" colspan=\"4\">&nbsp;</td>\n";
 353          echo "                                    </tr>\n";
 354          echo "                                  </table>\n";
 355      }
 356  
 357      echo "                                </div>\n";
 358      echo "                              </td>\n";
 359      echo "                            </tr>\n";
 360      echo "                          </table>\n";
 361      echo "                        </td>\n";
 362      echo "                      </tr>\n";
 363      echo "                    </table>\n";
 364      echo "                  </td>\n";
 365      echo "                </tr>\n";
 366      echo "              </table>\n";
 367      echo "            </td>\n";
 368      echo "          </tr>\n";
 369      echo "        </table>\n";
 370      echo "      </td>\n";
 371      echo "    </tr>\n";
 372      echo "  </table>\n";
 373      echo "  <br />\n";
 374  }
 375  
 376  echo "      </td>\n";
 377  echo "    </tr>\n";
 378  echo "    <tr>\n";
 379  echo "      <td align=\"left\">&nbsp;</td>\n";
 380  echo "    </tr>\n";
 381  echo "    <tr>\n";
 382  echo "      <td align=\"center\">", form_submit("save", gettext("Save")), "&nbsp;", form_submit("addusers", gettext("Add/Remove Users")), "&nbsp;", form_submit("cancel", gettext("Cancel")), "</td>\n";
 383  echo "    </tr>\n";
 384  echo "  </table>\n";
 385  echo "</form>\n";
 386  echo "</div>\n";
 387  
 388  html_draw_bottom();

title

Description

title

Description

title

Description

title

title

Body