From 82960dd8e707ff114d32ff5b714f09314f6a7c39 Mon Sep 17 00:00:00 2001
From: Dark Nightmare <gtdarknightmare@gmail.com>
Date: Sat, 2 Aug 2014 23:32:19 +0600
Subject: [PATCH] R593
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

+ Добавлена проверка прав в ajax
+ Добавлена возможность указать релиз группу при создании группы в администраторской панели
+ Исправленна работа bbcode
+ Исправлены мелкие недочеты

Signed-off-by: Dark Nightmare <gtdarknightmare@gmail.com>
---
 upload/admin/admin_groups.php             |  5 +++
 upload/ajax/edit_group_profile.php        |  7 ++--
 upload/ajax/html/jumpbox_guest.html       |  5 ---
 upload/ajax/html/jumpbox_user.html        |  5 ---
 upload/group_config.php                   |  2 +-
 upload/groupcp.php                        | 24 +++++++++-----
 upload/language/en/main.php               |  2 ++
 upload/language/ru/main.php               |  2 ++
 upload/language/ua/main.php               |  2 ++
 upload/templates/admin/admin_groups.tpl   |  7 ++++
 upload/templates/default/group_config.tpl |  2 +-
 upload/templates/default/groupcp.tpl      | 40 ++++++++++++++---------
 upload/triggers/cron_allowed              |  0
 13 files changed, 64 insertions(+), 39 deletions(-)
 delete mode 100644 upload/ajax/html/jumpbox_guest.html
 delete mode 100644 upload/ajax/html/jumpbox_user.html
 delete mode 100644 upload/triggers/cron_allowed

diff --git a/upload/admin/admin_groups.php b/upload/admin/admin_groups.php
index 30b819a04..81c3be58a 100644
--- a/upload/admin/admin_groups.php
+++ b/upload/admin/admin_groups.php
@@ -30,6 +30,7 @@ if (!empty($_POST['edit']) || !empty($_POST['new']))
 			'group_moderator'   => $row['group_moderator'],
 			'group_mod_name'    => $row['moderator_name'],
 			'group_type'        => $row['group_type'],
+            'release_group'     => $row['release_group'],
 		);
 		$mode = 'editgroup';
 		$template->assign_block_vars('group_edit', array());
@@ -42,6 +43,7 @@ if (!empty($_POST['edit']) || !empty($_POST['new']))
 			'group_moderator'   => '',
 			'group_mod_name'    => '',
 			'group_type'        => GROUP_OPEN,
+            'release_group'     => 0,
 		);
 		$mode = 'newgroup';
 	}
@@ -66,6 +68,7 @@ if (!empty($_POST['edit']) || !empty($_POST['new']))
 		'S_GROUP_OPEN_CHECKED'   => ($group_info['group_type'] == GROUP_OPEN) ? HTML_CHECKED : '',
 		'S_GROUP_CLOSED_CHECKED' => ($group_info['group_type'] == GROUP_CLOSED) ? HTML_CHECKED : '',
 		'S_GROUP_HIDDEN_CHECKED' => ($group_info['group_type'] == GROUP_HIDDEN ) ? HTML_CHECKED : '',
+        'RELEASE_GROUP'          => ($group_info['release_group']) ? true : false,
 		'S_GROUP_ACTION'         => "admin_groups.php",
 		'S_HIDDEN_FIELDS'        => $s_hidden_fields,
 	));
@@ -90,6 +93,7 @@ else if (!empty($_POST['group_update']))
 	else
 	{
 		$group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : GROUP_OPEN;
+        $release_group = isset($_POST['release_group']) ? intval($_POST['release_group']) : 0;
 		$group_name = isset($_POST['group_name']) ? trim($_POST['group_name']) : '';
 		$group_desc = isset($_POST['group_description']) ? trim($_POST['group_description']) : '';
 
@@ -112,6 +116,7 @@ else if (!empty($_POST['group_update']))
 
 		$sql_ary = array(
 			'group_type'        => (int) $group_type,
+            'release_group'     => (int) $release_group,
 			'group_name'        => (string) $group_name,
 			'group_description' => (string) $group_desc,
 			'group_moderator'   => (int) $group_moderator,
diff --git a/upload/ajax/edit_group_profile.php b/upload/ajax/edit_group_profile.php
index 7affe0a48..1b6356d04 100644
--- a/upload/ajax/edit_group_profile.php
+++ b/upload/ajax/edit_group_profile.php
@@ -2,7 +2,7 @@
 
 if (!defined('IN_AJAX')) die(basename(__FILE__));
 
-global $bb_cfg, $lang;
+global $bb_cfg, $userdata, $lang;
 
 if (!$group_id = intval($this->request['group_id']) OR !$group_info = get_group_data($group_id))
 {
@@ -15,7 +15,10 @@ if (!$mode = (string) $this->request['mode'])
 
 $value = $this->request['value'] = (string) (isset($this->request['value'])) ? $this->request['value'] : 0;
 
-// TODO Check for permissions
+if (!IS_ADMIN && $userdata['user_id'] != $group_info['group_moderator'])
+{
+    $this->ajax_die($lang['ONLY_FOR_MOD']);
+}
 
 switch ($mode)
 {
diff --git a/upload/ajax/html/jumpbox_guest.html b/upload/ajax/html/jumpbox_guest.html
deleted file mode 100644
index e25cf03e0..000000000
--- a/upload/ajax/html/jumpbox_guest.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<select id="jumpbox" onchange="window.location.href='viewforum.php?f='+this.value;" name="f" id="f">
-	<optgroup label="&nbsp;Ваша первая категория">
-		<option class="root_forum" value="1">&nbsp;Ваш первый форум&nbsp;</option>
-	</optgroup>
-</select>
\ No newline at end of file
diff --git a/upload/ajax/html/jumpbox_user.html b/upload/ajax/html/jumpbox_user.html
deleted file mode 100644
index e25cf03e0..000000000
--- a/upload/ajax/html/jumpbox_user.html
+++ /dev/null
@@ -1,5 +0,0 @@
-<select id="jumpbox" onchange="window.location.href='viewforum.php?f='+this.value;" name="f" id="f">
-	<optgroup label="&nbsp;Ваша первая категория">
-		<option class="root_forum" value="1">&nbsp;Ваш первый форум&nbsp;</option>
-	</optgroup>
-</select>
\ No newline at end of file
diff --git a/upload/group_config.php b/upload/group_config.php
index fcab87f7b..45a44c030 100644
--- a/upload/group_config.php
+++ b/upload/group_config.php
@@ -71,7 +71,7 @@ if ($is_moderator)
 
     $template->set_filenames(array('body' => 'group_config.tpl'));
 
-    $template->assign_vars(array('PAGE_TITLE' => 'Настройка группы'));
+    $template->assign_vars(array('PAGE_TITLE' => $lang['GROUP_CONFIGURATION']));
 
     require(PAGE_HEADER);
 
diff --git a/upload/groupcp.php b/upload/groupcp.php
index e9fd3fb10..f108668c6 100644
--- a/upload/groupcp.php
+++ b/upload/groupcp.php
@@ -73,7 +73,7 @@ if (!$group_id)
 
 	$sql = "
 		SELECT
-			g.group_name, g.group_description, g.group_id, g.group_type,
+			g.group_name, g.group_description, g.group_id, g.group_type, g.release_group,
 			IF(ug.user_id IS NOT NULL, IF(ug.user_pending = 1, $pending, $member), 0) AS membership,
 			g.group_moderator, u.username AS moderator_name,
 			IF(g.group_moderator = ug.user_id, 1, 0) AS is_group_mod,
@@ -130,7 +130,7 @@ if (!$group_id)
 			continue;
 		}
 
-		$data = array('id' => $row['group_id'], 'm' => ($row['members'] - $row['candidates']), 'c' => $row['candidates']);
+		$data = array('id' => $row['group_id'], 'm' => ($row['members'] - $row['candidates']), 'c' => $row['candidates'], 'rg' => $row['release_group']);
 
 		$groups[$type][$row['group_name']] = $data;
 	}
@@ -140,15 +140,17 @@ if (!$group_id)
 		global $lang;
 
 		$options = '';
+
 		foreach ($params as $name => $data)
 		{
 			$text  = htmlCHR(str_short(rtrim($name), HTML_SELECT_MAX_LENGTH));
 
-			$members = ($data['m']) ? $lang['MEMBERS_IN_GROUP'] .': '. $data['m'] : $lang['NO_GROUP_MEMBERS'];
+            $members = ($data['m']) ? $lang['MEMBERS_IN_GROUP'] .': '. $data['m'] : $lang['NO_GROUP_MEMBERS'];
 			$candidates  = ($data['c']) ? $lang['PENDING_MEMBERS'] .': '. $data['c'] : $lang['NO_PENDING_GROUP_MEMBERS'];
 
-			$options .= '<li class="pad_2"><a href="'. GROUP_URL . $data['id'] .'" class="med bold">'. $text .'</a></li>';
-			$options .= '<ul><li class="seedmed">'. $members .'</li>';
+            $options .= '<li class="pad_2"><a href="'. GROUP_URL . $data['id'] .'" class="med bold">'. $text .'</a></li>';
+            $options .= ($data['rg']) ? '<ul><li class="med">'. $lang['RELEASE_GROUP'] .'</li>' : '';
+			$options .= '<li class="seedmed">'. $members .'</li>';
 			if (IS_AM)
 			{
 				$options .= '<li class="leechmed">'. $candidates .'</li>';
@@ -412,7 +414,7 @@ else
 	if ($is_moderator)
 	{
 		$modgroup_pending_list = DB()->fetch_rowset("
-			SELECT u.username, u.user_rank, u.user_id, u.user_opt, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email
+			SELECT u.username, u.avatar_ext_id, u.user_rank, u.user_id, u.user_opt, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email
 			FROM ". BB_USER_GROUP ." ug, ". BB_USERS ." u
 			WHERE ug.group_id = $group_id
 				AND ug.user_pending = 1
@@ -522,8 +524,11 @@ else
 		'MOD_WWW'                => $www,
 		'MOD_TIME'               => (!empty($group_info['group_time'])) ? bb_date($group_info['group_time']) : $lang['NONE'],
 		'U_SEARCH_USER'          => "search.php?mode=searchuser",
-		'U_GROUP_CONFIG'         => "group_config.php?g=$group_id",
-		'GROUP_TYPE'             => $group_type,
+
+        'U_GROUP_CONFIG'         => "group_config.php?g=$group_id",
+		'RELEASE_GROUP'          => ($group_info['release_group']) ? true : false,
+        'GROUP_TYPE'             => $group_type,
+
 		'S_GROUP_OPEN_TYPE'      => GROUP_OPEN,
 		'S_GROUP_CLOSED_TYPE'    => GROUP_CLOSED,
 		'S_GROUP_HIDDEN_TYPE'    => GROUP_HIDDEN,
@@ -591,7 +596,7 @@ else
 		{
 			$user_id = $member['user_id'];
 
-			generate_user_info($member, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time);
+			generate_user_info($member, $bb_cfg['default_dateformat'], $is_moderator, $from, $posts, $joined, $pm, $email, $www, $user_time, $avatar);
 
 			$row_class = !($i % 2) ? 'row1' : 'row2';
 
@@ -599,6 +604,7 @@ else
 
 			$template->assign_block_vars('pending', array(
 				'ROW_CLASS' => $row_class,
+                'AVATAR_IMG'=> $avatar,
 				'USER'      => profile_url($member),
 				'FROM'      => $from,
 				'JOINED'    => $joined,
diff --git a/upload/language/en/main.php b/upload/language/en/main.php
index c3384aafc..3d0b8ffa4 100644
--- a/upload/language/en/main.php
+++ b/upload/language/en/main.php
@@ -699,6 +699,8 @@ $lang['ORDER'] = 'Order';
 // Group control panel
 //
 $lang['GROUP_CONTROL_PANEL'] = 'User Groups';
+$lang['GROUP_CONFIGURATION'] = 'Group Configuration';
+$lang['GROUP_GOTO_CONFIG'] = 'Go to Group Configuration panel';
 $lang['GROUP_RETURN'] = 'Return to User Group page';
 $lang['MEMBERSHIP_DETAILS'] = 'Group Membership Details';
 $lang['JOIN_A_GROUP'] = 'Join a Group';
diff --git a/upload/language/ru/main.php b/upload/language/ru/main.php
index d34a09425..5a1eefddd 100644
--- a/upload/language/ru/main.php
+++ b/upload/language/ru/main.php
@@ -699,6 +699,8 @@ $lang['ORDER'] = ''; // не нужно, в английском использ
 // Group control panel
 //
 $lang['GROUP_CONTROL_PANEL'] = 'Группы';
+$lang['GROUP_CONFIGURATION'] = 'Настройка группы';
+$lang['GROUP_GOTO_CONFIG'] = 'Перейти в панель управления группой';
 $lang['GROUP_RETURN'] = 'Вернуться на страницу группы';
 $lang['MEMBERSHIP_DETAILS'] = 'Информация о членстве в группах';
 $lang['JOIN_A_GROUP'] = 'Вступить в группу';
diff --git a/upload/language/ua/main.php b/upload/language/ua/main.php
index 55a149897..731fa2ea1 100644
--- a/upload/language/ua/main.php
+++ b/upload/language/ua/main.php
@@ -699,6 +699,8 @@ $lang['ORDER'] = ''; // не потрібно, в англійській вик
 // Group control panel
 //
 $lang['GROUP_CONTROL_PANEL'] = 'Групи';
+$lang['GROUP_CONFIGURATION'] = 'Настройка группы';
+$lang['GROUP_GOTO_CONFIG'] = 'Перейти в панель управления группой';
 $lang['GROUP_RETURN'] = 'Вернуться на страницу групи';
 $lang['MEMBERSHIP_DETAILS'] = 'Інформація про членство в групах';
 $lang['JOIN_A_GROUP'] = 'Вступити в групу';
diff --git a/upload/templates/admin/admin_groups.tpl b/upload/templates/admin/admin_groups.tpl
index 076a978b6..dbf4bfd00 100644
--- a/upload/templates/admin/admin_groups.tpl
+++ b/upload/templates/admin/admin_groups.tpl
@@ -33,6 +33,13 @@
 		<div><input type="radio" name="group_type" value="{S_GROUP_HIDDEN_TYPE}" {S_GROUP_HIDDEN_CHECKED} />	{L_GROUP_HIDDEN}</div>
 	</td>
 </tr>
+<tr>
+    <td>{L_RELEASE_GROUP}</td>
+    <td>
+        <label><input type="radio" name="release_group" value="1" <!-- IF RELEASE_GROUP -->checked="checked"<!-- ENDIF --> />{L_YES}</label>&nbsp;&nbsp;
+        <label><input type="radio" name="release_group" value="0" <!-- IF not RELEASE_GROUP -->checked="checked"<!-- ENDIF --> />{L_NO}</label>
+    </td>
+</tr>
 <!-- BEGIN group_edit -->
 <tr>
 	<td>{L_DELETE_OLD_GROUP_MOD}</td>
diff --git a/upload/templates/default/group_config.tpl b/upload/templates/default/group_config.tpl
index 8aa99ff7b..f204536d8 100644
--- a/upload/templates/default/group_config.tpl
+++ b/upload/templates/default/group_config.tpl
@@ -33,7 +33,7 @@
                 <textarea cols="80" id="group_description" rows="6" >{GROUP_DESCRIPTION}</textarea>
             </p>
             <p>
-                <input type="button" value="{L_AJAX_PREVIEW}" onclick="ajax.exec({ action: 'posts', type: 'view_message', message: $('textarea#group_description').val()});ajax.callback.posts=function(data){$('div#preview').show().html(data.message_html)}">
+                <input type="button" value="{L_AJAX_PREVIEW}" onclick="ajax.exec({ action: 'posts', type: 'view_message', message: $('textarea#group_description').val()});ajax.callback.posts=function(data){$('div#preview').html(data.message_html);initPostBBCode('div#preview')}">
                 <input type="button" value="{L_SAVE}" onclick="javascript:manage_group('group_description',$('textarea#group_description').val())">
             </p>
         </td>
diff --git a/upload/templates/default/groupcp.tpl b/upload/templates/default/groupcp.tpl
index 59feca4ad..5fe2cd091 100644
--- a/upload/templates/default/groupcp.tpl
+++ b/upload/templates/default/groupcp.tpl
@@ -56,15 +56,21 @@
 </tr>
 <tr><td colspan="2"><h2>{GROUP_NAME}</h2></td></tr>
 <tr>
-	<td align="center" valign="top">
-		<div style="height:100px;width:100px;background:#285e8e;">&nbsp;</div>
-	</td>
-	<td valign="top">
-		<!-- IF GROUP_DESCRIPTION -->
-		{GROUP_DESCRIPTION}
-		<!-- ENDIF / GROUP_DESCRIPTION -->
-	</td>
+    <td align="center" valign="top">
+        <div style="height:100px;width:100px;background:#285e8e;">&nbsp;</div>
+    </td>
+    <td valign="top">
+        <!-- IF GROUP_DESCRIPTION -->
+        <div class="post_wrap">{GROUP_DESCRIPTION}</div>
+        <!-- ENDIF / GROUP_DESCRIPTION -->
+    </td>
 </tr>
+<!-- IF RELEASE_GROUP -->
+<tr>
+    <td>{L_GROUP_TYPE}</td>
+    <td>{L_RELEASE_GROUP}</td>
+</tr>
+<!-- ENDIF -->
 <tr>
 	<td>{L_GROUP_TIME}</td>
 	<td>{MOD_TIME}</td>
@@ -83,8 +89,8 @@
 </tr>
 <!-- BEGIN switch_mod_option -->
 <tr>
-	<td>Настройка группы:</td>
-	<td><a href="{U_GROUP_CONFIG}">Перейти в панель управления группой</a></td>
+    <td>{L_GROUP_CONFIGURATION}:</td>
+    <td><a href="{U_GROUP_CONFIG}">{L_GROUP_GOTO_CONFIG}</a></td>
 </tr>
 <!-- END switch_mod_option -->
 </table>
@@ -154,13 +160,13 @@
 
 <!-- BEGIN switch_no_members -->
 <tr>
-	<td colspan="10" class="row1 tCenter pad_10">{L_NO_GROUP_MEMBERS}</td>
+	<td colspan="11" class="row1 tCenter pad_10">{L_NO_GROUP_MEMBERS}</td>
 </tr>
 <!-- END switch_no_members -->
 
 <!-- BEGIN switch_hidden_group -->
 <tr>
-	<td colspan="10" class="row1 tCenter">{L_HIDDEN_GROUP_MEMBERS}</td>
+	<td colspan="11" class="row1 tCenter">{L_HIDDEN_GROUP_MEMBERS}</td>
 </tr>
 <!-- END switch_hidden_group -->
 
@@ -197,7 +203,8 @@
 <table class="forumline">
 <thead>
 <tr>
-	<th class="{sorter: false}" ><b class="tbs-text">{L_SELECT}</b></th>
+    <th class="{sorter: false}" ><b class="tbs-text">#</b></th>
+    <th class="{sorter: false}" ><b class="tbs-text">{L_AVATAR}</b></th>
 	<th class="{sorter: 'text'}" ><b class="tbs-text">{L_USERNAME}</b></th>
 	<th class="{sorter: false}" ><b class="tbs-text">{L_PM}</b></th>
 	<th class="{sorter: 'text'}" ><b class="tbs-text">{L_EMAIL}</b></th>
@@ -207,12 +214,13 @@
 	<th class="{sorter: false}" ><b class="tbs-text">{L_WEBSITE}</b></th>
 </tr>
 <tr>
-    <td class="catTitle" colspan="8">{L_PENDING_MEMBERS}</td>
+    <td class="catTitle" colspan="9">{L_PENDING_MEMBERS}</td>
 </tr>
 </thead>
 <!-- BEGIN pending -->
 <tr class="{pending.ROW_CLASS} tCenter">
-	<td><input type="checkbox" name="pending_members[]" value="{pending.USER_ID}"/></td>
+	<td width="3%"><input type="checkbox" name="pending_members[]" value="{pending.USER_ID}"/></td>
+    <td width="3%">{pending.AVATAR_IMG}</td>
 	<td>{pending.USER}</td>
 	<td>{pending.PM}</td>
 	<td>{pending.EMAIL}</td>
@@ -224,7 +232,7 @@
 <!-- END pending -->
 <tfoot>
 <tr>
-	<td class="cat" colspan="8">
+	<td class="cat" colspan="9">
 		<input type="submit" name="approve" value="{L_APPROVE_SELECTED}" onclick="return confirm('{L_APPROVE_SELECTED}?');" class="mainoption" />
 		&nbsp;
 		<input type="submit" name="deny" value="{L_DENY_SELECTED}" onclick="return confirm('{L_DENY_SELECTED}?');" class="liteoption" />
diff --git a/upload/triggers/cron_allowed b/upload/triggers/cron_allowed
deleted file mode 100644
index e69de29bb..000000000