fetch_row($sql)) { $group_id = $row['group_id']; } else { $group_id = \TorrentPier\Legacy\Group::create_user_group($user_id); } if (!$group_id || !$user_id || null === $this_user_level) { trigger_error('data missing', E_USER_ERROR); } // Make user an admin (if already user) if (isset($_POST['userlevel'])) { if ($_POST['userlevel'] === 'admin') { if ($userdata['user_id'] == $user_id || $user_id == GUEST_UID || $user_id == BOT_UID) { bb_die($lang['AUTH_GENERAL_ERROR']); } DB()->query('UPDATE ' . BB_USERS . ' SET user_level = ' . ADMIN . " WHERE user_id = $user_id"); // Delete any entries in auth_access, they are not required if user is becoming an admin \TorrentPier\Legacy\Group::delete_permissions($group_id, $user_id); $message = $lang['AUTH_UPDATED'] . '

'; $message .= sprintf($lang['CLICK_RETURN_USERAUTH'], '', '') . '

'; $message .= sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '', ''); bb_die($message); } // Make admin a user (if already admin) elseif ($_POST['userlevel'] === 'user') { // ignore if you're trying to change yourself from an admin to user! if ($userdata['user_id'] == $user_id) { bb_die($lang['AUTH_SELF_ERROR']); } // Update users level, reset to USER DB()->query('UPDATE ' . BB_USERS . ' SET user_level = ' . USER . " WHERE user_id = $user_id"); \TorrentPier\Legacy\Group::delete_permissions($group_id, $user_id); $message = $lang['AUTH_UPDATED'] . '

'; $message .= sprintf($lang['CLICK_RETURN_USERAUTH'], '', '') . '

'; $message .= sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '', ''); bb_die($message); } } // // Submit new USER permissions // $auth = []; if (!empty($_POST['auth']) && is_array($_POST['auth'])) { array_deep($_POST['auth'], 'intval'); foreach ($_POST['auth'] as $f_id => $bf_ary) { if (array_sum($bf_ary)) { $auth[$f_id] = bit2dec(array_keys($bf_ary, 1)); } } } \TorrentPier\Legacy\Group::delete_permissions($group_id, null, $cat_id); \TorrentPier\Legacy\Group::store_permissions($group_id, $auth); \TorrentPier\Legacy\Group::update_user_level($user_id); $l_auth_return = ($mode == 'user') ? $lang['CLICK_RETURN_USERAUTH'] : $lang['CLICK_RETURN_GROUPAUTH']; $message = $lang['AUTH_UPDATED'] . '

'; $message .= sprintf($l_auth_return, '', '') . '

'; $message .= sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '', ''); bb_die($message); } // // Submit new GROUP permissions // elseif ($submit && $mode == 'group' && (!empty($_POST['auth']) && is_array($_POST['auth']))) { if (!$group_data = \TorrentPier\Legacy\Group::get_group_data($group_id)) { bb_die($lang['GROUP_NOT_EXIST']); } $auth = []; array_deep($_POST['auth'], 'intval'); foreach ($_POST['auth'] as $f_id => $bf_ary) { if (array_sum($bf_ary)) { $auth[$f_id] = bit2dec(array_keys($bf_ary, 1)); } } \TorrentPier\Legacy\Group::delete_permissions($group_id, null, $cat_id); \TorrentPier\Legacy\Group::store_permissions($group_id, $auth); \TorrentPier\Legacy\Group::update_user_level('all'); $l_auth_return = $lang['CLICK_RETURN_GROUPAUTH']; $message = $lang['AUTH_UPDATED'] . '

'; $message .= sprintf($l_auth_return, '', '') . '

'; $message .= sprintf($lang['CLICK_RETURN_ADMIN_INDEX'], '', ''); bb_die($message); } // // Front end (changing permissions) // if ($mode == 'user' && (!empty($_POST['username']) || $user_id)) { $page_cfg['quirks_mode'] = true; if (!empty($_POST['username'])) { $this_userdata = get_userdata($_POST['username'], true); $user_id = $this_userdata['user_id']; } else { $this_userdata = get_userdata($user_id); } if (!$this_userdata) { bb_die($lang['NO_SUCH_USER']); } if (!$forums = $datastore->get('cat_forums')) { $datastore->update('cat_forums'); $forums = $datastore->get('cat_forums'); } $base_url = basename(__FILE__) . "?mode=user&" . POST_USERS_URL . "=$user_id"; $ug_data = $this_userdata; $ug_data['session_logged_in'] = 1; $u_access = auth(AUTH_ALL, AUTH_LIST_ALL, $ug_data, [], UG_PERM_USER_ONLY); $g_access = auth(AUTH_ALL, AUTH_LIST_ALL, $ug_data, [], UG_PERM_GROUP_ONLY); foreach ($forums['c'] as $c_id => $c_data) { $template->assign_block_vars('c', array( 'CAT_ID' => $c_id, 'CAT_TITLE' => $forums['cat_title_html'][$c_id], 'CAT_HREF' => "$base_url&" . POST_CAT_URL . "=$c_id", )); if (!$c =& $_REQUEST[POST_CAT_URL] or !in_array($c, array('all', $c_id)) or empty($c_data['forums'])) { continue; } foreach ($c_data['forums'] as $f_id) { $f_data = $forums['f'][$f_id]; $auth_mod = ($u_access[$f_id]['auth_mod'] || $g_access[$f_id]['auth_mod']); $disabled = $g_access[$f_id]['auth_mod']; $template->assign_block_vars('c.f', array( 'DISABLED' => $disabled, 'FORUM_ID' => $f_id, 'FORUM_NAME' => str_short($forums['forum_name_html'][$f_id], $max_forum_name_length), 'SF_SPACER' => $f_data['forum_parent'] ? HTML_SF_SPACER : '', 'IS_MODERATOR' => (bool)$auth_mod, 'MOD_STATUS' => $auth_mod ? $lang['MODERATOR'] : $lang['NONE'], 'MOD_CLASS' => $auth_mod ? ($disabled ? 'yesDisabled' : 'yesMOD') : 'noMOD', 'AUTH_MOD_VAL' => $auth_mod ? 1 : 0, )); foreach ($forum_auth_fields as $auth_type) { $bf_num = $bf['forum_perm'][$auth_type]; $f_perm = $f_data[$auth_type]; $auth_via_acl = ($u_access[$f_id][$auth_type] || $g_access[$f_id][$auth_type]); if ($f_perm == AUTH_ACL) { $disabled = ($auth_mod || $g_access[$f_id][$auth_type]); $perm_sign = ($auth_via_acl || $auth_mod) ? $yes_sign : $no_sign; $acl_class = ($auth_via_acl || $auth_mod) ? 'yes' : 'no'; } else { $disabled = true; $perm_sign = $auth_via_acl ? $yes_sign : $no_sign; $acl_class = $auth_via_acl ? 'yes' : 'no'; } $template->assign_block_vars('c.f.acl', array( 'DISABLED' => $disabled, 'PERM_SIGN' => $perm_sign, 'ACL_CLASS' => $acl_class, 'FORUM_ID' => $f_id, 'ACL_TYPE_BF' => $bf_num, 'ACL_VAL' => $auth_via_acl ? 1 : 0, )); } } } $template->assign_vars(array( 'AUTH_MOD_BF' => AUTH_MOD, )); $s_column_span = 2; foreach ($forum_auth_fields as $auth_type) { $template->assign_block_vars('acltype', array( 'ACL_TYPE_NAME' => preg_replace('#(.{5})#u', "\\1
", $lang[strtoupper($auth_type)]), 'ACL_TYPE_BF' => $bf['forum_perm'][$auth_type], )); $s_column_span++; } unset($forums, $u_access, $g_access); $datastore->rm('cat_forums'); $s_hidden_fields = ' '; $s_user_type = ($this_userdata['user_level'] == ADMIN) ? ' ' . $lang['AUTH_ADMIN'] . ' ' . $lang['AUTH_USER'] . ' ' : ' ' . $lang['AUTH_ADMIN'] . ' ' . $lang['AUTH_USER'] . ' '; $template->assign_block_vars('switch_user_auth', []); $template->assign_vars(array( 'TPL_AUTH_UG_MAIN' => true, 'USER_OR_GROUPNAME' => profile_url($this_userdata, true), 'USER_LEVEL' => $lang['USER_LEVEL'] . ' : ' . $s_user_type, 'T_USER_OR_GROUPNAME' => $lang['USERNAME'], 'T_AUTH_TITLE' => $lang['AUTH_CONTROL_USER'], 'T_AUTH_EXPLAIN' => $lang['USER_AUTH_EXPLAIN'], 'S_COLUMN_SPAN' => $s_column_span, 'S_HIDDEN_FIELDS' => $s_hidden_fields, )); } elseif ($mode == 'group' && $group_id) { $page_cfg['quirks_mode'] = true; if (!$group_data = \TorrentPier\Legacy\Group::get_group_data($group_id)) { bb_die($lang['GROUP_NOT_EXIST']); } if (!$forums = $datastore->get('cat_forums')) { $datastore->update('cat_forums'); $forums = $datastore->get('cat_forums'); } $base_url = basename(__FILE__) . "?mode=group&" . POST_GROUPS_URL . "=$group_id"; $ug_data = array('group_id' => $group_id); $u_access = auth(AUTH_ALL, AUTH_LIST_ALL, $ug_data); foreach ($forums['c'] as $c_id => $c_data) { $template->assign_block_vars('c', array( 'CAT_ID' => $c_id, 'CAT_TITLE' => $forums['cat_title_html'][$c_id], 'CAT_HREF' => "$base_url&" . POST_CAT_URL . "=$c_id", )); if (!($c =& $_REQUEST[POST_CAT_URL]) || !in_array($c, array('all', $c_id)) || empty($c_data['forums'])) { continue; } foreach ($c_data['forums'] as $f_id) { $f_data = $forums['f'][$f_id]; $auth_mod = $u_access[$f_id]['auth_mod']; $template->assign_block_vars('c.f', array( 'DISABLED' => false, 'FORUM_ID' => $f_id, 'FORUM_NAME' => str_short($forums['forum_name_html'][$f_id], $max_forum_name_length), 'SF_SPACER' => $f_data['forum_parent'] ? HTML_SF_SPACER : '', 'IS_MODERATOR' => (bool)$auth_mod, 'MOD_STATUS' => $auth_mod ? $lang['MODERATOR'] : $lang['NO'], 'MOD_CLASS' => $auth_mod ? 'yesMOD' : 'noMOD', 'AUTH_MOD_VAL' => $auth_mod ? 1 : 0, )); foreach ($forum_auth_fields as $auth_type) { $bf_num = $bf['forum_perm'][$auth_type]; $f_perm = $f_data[$auth_type]; $auth_via_acl = $u_access[$f_id][$auth_type]; if ($f_perm == AUTH_ACL) { $disabled = $auth_mod; $perm_sign = ($auth_via_acl || $auth_mod) ? $yes_sign : $no_sign; $acl_class = ($auth_via_acl || $auth_mod) ? 'yes' : 'no'; } else { $disabled = true; $perm_sign = $auth_via_acl ? $yes_sign : $no_sign; $acl_class = $auth_via_acl ? 'yes' : 'no'; } $template->assign_block_vars('c.f.acl', array( 'DISABLED' => $disabled, 'PERM_SIGN' => $perm_sign, 'ACL_CLASS' => $acl_class, 'FORUM_ID' => $f_id, 'ACL_TYPE_BF' => $bf_num, 'ACL_VAL' => $auth_via_acl ? 1 : 0, )); } } } $template->assign_vars(array( 'AUTH_MOD_BF' => AUTH_MOD, )); $s_column_span = 2; foreach ($forum_auth_fields as $auth_type) { $template->assign_block_vars('acltype', array( 'ACL_TYPE_NAME' => preg_replace('#(.{5})#u', "\\1
", $lang[strtoupper($auth_type)]), 'ACL_TYPE_BF' => $bf['forum_perm'][$auth_type], )); $s_column_span++; } unset($forums, $ug_data, $u_access); $datastore->rm('cat_forums'); $s_hidden_fields = ' '; $template->assign_vars(array( 'TPL_AUTH_UG_MAIN' => true, 'T_USER_OR_GROUPNAME' => $lang['GROUP_NAME'], 'USER_LEVEL' => false, 'T_AUTH_TITLE' => $lang['AUTH_CONTROL_GROUP'], 'T_AUTH_EXPLAIN' => $lang['GROUP_AUTH_EXPLAIN'], 'USER_OR_GROUPNAME' => ('' . htmlCHR($group_data['group_name']) . ''), 'S_COLUMN_SPAN' => $s_column_span, 'S_HIDDEN_FIELDS' => $s_hidden_fields, )); } else { // Select a user/group if ($mode == 'user') { $template->assign_vars(array( 'TPL_SELECT_USER' => true, 'U_SEARCH_USER' => BB_ROOT . 'search.php?mode=searchuser', )); } else { $template->assign_vars(array( 'TPL_SELECT_GROUP' => true, 'S_GROUP_SELECT' => get_select('groups'), )); } $s_hidden_fields = ''; $template->assign_vars(array( 'S_HIDDEN_FIELDS' => $s_hidden_fields, )); } $template->assign_vars(array( 'YES_SIGN' => $yes_sign, 'NO_SIGN' => $no_sign, 'S_AUTH_ACTION' => 'admin_ug_auth.php', 'SELECTED_CAT' => !empty($_REQUEST[POST_CAT_URL]) ? $_REQUEST[POST_CAT_URL] : '', 'U_ALL_FORUMS' => !empty($base_url) ? "$base_url&" . POST_CAT_URL . "=all" : '', )); print_page('admin_ug_auth.tpl', 'admin');