Просмотр файла admin/admin_groups.php

Конкурс дизайнеров на 15000 рублей
Скрипты | CMS | Боты
Размер файла: 12.35Kb 
  1. <?php
  2. /***************************************************************************
  3.  *                                mides.ru
  4.  *                            -------------------
  5.  ***************************************************************************/
  6. define('IN_PHPBB', 1);
  7.  
  8. if ( !empty($setmodules) )
  9. {
  10. 	$filename = basename(__FILE__);
  11. 	$module['Groups']['Управление группами'] = $filename;
  12.  
  13. 	return;
  14. }
  15.  
  16. $phpbb_root_path = './../';
  17. require($phpbb_root_path . 'extension.inc');
  18. require('./pagestart.' . $phpEx);
  19.  
  20. if ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
  21. {
  22. 	$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
  23. }
  24. else
  25. {
  26. 	$group_id = 0;
  27. }
  28.  
  29. if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
  30. {
  31. 	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
  32. 	$mode = htmlspecialchars($mode);
  33. }
  34. else
  35. {
  36. 	$mode = '';
  37. }
  38.  
  39. if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
  40. {
  41.  
  42. 	$template->set_filenames(array(
  43. 		'body' => 'admin/group_edit_body.tpl')
  44. 	);
  45.  
  46. 	if ( isset($HTTP_POST_VARS['edit']) )
  47. 	{
  48.  
  49. 		$sql = "SELECT *
  50. 			FROM " . GROUPS_TABLE . "
  51. 			WHERE group_single_user <> " . TRUE . "
  52. 			AND group_id = $group_id";
  53. 		if ( !($result = $db->sql_query($sql)) )
  54. 		{
  55. 			message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
  56. 		}
  57.  
  58. 		if ( !($group_info = $db->sql_fetchrow($result)) )
  59. 		{
  60. 			message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
  61. 		}
  62.  
  63. 		$mode = 'editgroup';
  64. 		$template->assign_block_vars('group_edit', array());
  65.  
  66. 	}
  67. 	else if ( isset($HTTP_POST_VARS['new']) )
  68. 	{
  69. 		$group_info = array (
  70. 			'group_name' => '',
  71. 			'group_description' => '',
  72. 			'group_moderator' => '',
  73. 			'group_type' => GROUP_OPEN);
  74. 		$group_open = ' checked="checked"';
  75.  
  76. 		$mode = 'newgroup';
  77.  
  78. 	}
  79.  
  80. 	if ($group_info['group_moderator'] != '')
  81. 	{
  82. 		$sql = "SELECT user_id, username
  83. 			FROM " . USERS_TABLE . "
  84. 			WHERE user_id = " . $group_info['group_moderator'];
  85. 		if ( !($result = $db->sql_query($sql)) )
  86. 		{
  87. 			message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
  88. 		}
  89.  
  90. 		if ( !($row = $db->sql_fetchrow($result)) )
  91. 		{
  92. 			message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
  93. 		}
  94.  
  95. 		$group_moderator = $row['username'];
  96. 	}
  97. 	else
  98. 	{
  99. 		$group_moderator = '';
  100. 	}
  101.  
  102. 	$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
  103. 	$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
  104. 	$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
  105.  
  106. 	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
  107.  
  108. 	$template->assign_vars(array(
  109. 		'GROUP_NAME' => $group_info['group_name'],
  110. 		'GROUP_DESCRIPTION' => $group_info['group_description'], 
  111. 		'GROUP_MODERATOR' => $group_moderator, 
  112.  
  113. 		'L_GROUP_TITLE' => $lang['Group_administration'],
  114. 		'L_GROUP_EDIT_DELETE' => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], 
  115. 		'L_GROUP_NAME' => $lang['group_name'],
  116. 		'L_GROUP_DESCRIPTION' => $lang['group_description'],
  117. 		'L_GROUP_MODERATOR' => $lang['group_moderator'], 
  118. 		'L_FIND_USERNAME' => $lang['Find_username'], 
  119. 		'L_GROUP_STATUS' => $lang['group_status'],
  120. 		'L_GROUP_OPEN' => $lang['group_open'],
  121. 		'L_GROUP_CLOSED' => $lang['group_closed'],
  122. 		'L_GROUP_HIDDEN' => $lang['group_hidden'],
  123. 		'L_GROUP_DELETE' => $lang['group_delete'],
  124. 		'L_GROUP_DELETE_CHECK' => $lang['group_delete_check'],
  125. 		'L_SUBMIT' => $lang['Submit'],
  126. 		'L_RESET' => $lang['Reset'],
  127. 		'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
  128. 		'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
  129. 		'L_YES' => $lang['Yes'],
  130.  
  131. 		'U_SEARCH_USER' => append_sid("../search.$phpEx?mode=searchuser"), 
  132.  
  133. 		'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
  134. 		'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
  135. 		'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
  136. 		'S_GROUP_OPEN_CHECKED' => $group_open,
  137. 		'S_GROUP_CLOSED_CHECKED' => $group_closed,
  138. 		'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
  139. 		'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
  140. 		'S_HIDDEN_FIELDS' => $s_hidden_fields)
  141. 	);
  142.  
  143. 	$template->pparse('body');
  144.  
  145. }
  146. else if ( isset($HTTP_POST_VARS['group_update']) )
  147. {
  148.  
  149. 	if ( isset($HTTP_POST_VARS['group_delete']) )
  150. 	{
  151.  
  152. 		$sql = "SELECT auth_mod FROM " . AUTH_ACCESS_TABLE . " 
  153. 			WHERE group_id = " . $group_id;
  154. 		if ( !($result = $db->sql_query($sql)) )
  155. 		{
  156. 			message_die(GENERAL_ERROR, 'Could not select auth_access', '', __LINE__, __FILE__, $sql);
  157. 		}
  158.  
  159. 		$row = $db->sql_fetchrow($result);
  160. 		if (intval($row['auth_mod']) == 1)
  161. 		{
  162. 			$sql = "SELECT user_id FROM " . USER_GROUP_TABLE . "
  163. 				WHERE group_id = " . $group_id;
  164. 			if ( !($result = $db->sql_query($sql)) )
  165. 			{
  166. 				message_die(GENERAL_ERROR, 'Could not select user_group', '', __LINE__, __FILE__, $sql);
  167. 			}
  168.  
  169. 			$rows = $db->sql_fetchrowset($result);
  170. 			for ($i = 0; $i < count($rows); $i++)
  171. 			{
  172. 				$sql = "SELECT g.group_id FROM " . AUTH_ACCESS_TABLE . " a, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
  173. 				WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id) 
  174. 					AND (ug.user_id = " . intval($rows[$i]['user_id']) . ") AND (ug.group_id <> " . $group_id . ")";
  175. 				if ( !($result = $db->sql_query($sql)) )
  176. 				{
  177. 					message_die(GENERAL_ERROR, 'Could not obtain moderator permissions', '', __LINE__, __FILE__, $sql);
  178. 				}
  179.  
  180. 				if ($db->sql_numrows($result) == 0)
  181. 				{
  182. 					$sql = "UPDATE " . USERS_TABLE . " SET user_level = " . USER . " 
  183. 					WHERE user_level = " . MOD . " AND user_id = " . intval($rows[$i]['user_id']);
  184. 					
  185. 					if ( !$db->sql_query($sql) )
  186. 					{
  187. 						message_die(GENERAL_ERROR, 'Could not update moderator permissions', '', __LINE__, __FILE__, $sql);
  188. 					}
  189. 				}
  190. 			}
  191. 		}
  192.  
  193. 		$sql = "DELETE FROM " . GROUPS_TABLE . "
  194. 			WHERE group_id = " . $group_id;
  195. 		if ( !$db->sql_query($sql) )
  196. 		{
  197. 			message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
  198. 		}
  199.  
  200. 		$sql = "DELETE FROM " . USER_GROUP_TABLE . "
  201. 			WHERE group_id = " . $group_id;
  202. 		if ( !$db->sql_query($sql) )
  203. 		{
  204. 			message_die(GENERAL_ERROR, 'Could not update user_group', '', __LINE__, __FILE__, $sql);
  205. 		}
  206.  
  207. 		$sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
  208. 			WHERE group_id = " . $group_id;
  209. 		if ( !$db->sql_query($sql) )
  210. 		{
  211. 			message_die(GENERAL_ERROR, 'Could not update auth_access', '', __LINE__, __FILE__, $sql);
  212. 		}
  213.  
  214. 		$message = $lang['Deleted_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
  215.  
  216. 		message_die(GENERAL_MESSAGE, $message);
  217. 	}
  218. 	else
  219. 	{
  220. 		$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
  221. 		$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
  222. 		$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
  223. 		$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
  224. 		$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;
  225.  
  226. 		if ( $group_name == '' )
  227. 		{
  228. 			message_die(GENERAL_MESSAGE, $lang['No_group_name']);
  229. 		}
  230. 		else if ( $group_moderator == '' )
  231. 		{
  232. 			message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
  233. 		}
  234. 		
  235. 		$this_userdata = get_userdata($group_moderator, true);
  236. 		$group_moderator = $this_userdata['user_id'];
  237.  
  238. 		if ( !$group_moderator )
  239. 		{
  240. 			message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
  241. 		}
  242. 				
  243. 		if( $mode == "editgroup" )
  244. 		{
  245. 			$sql = "SELECT *
  246. 				FROM " . GROUPS_TABLE . "
  247. 				WHERE group_single_user <> " . TRUE . "
  248. 				AND group_id = " . $group_id;
  249. 			if ( !($result = $db->sql_query($sql)) )
  250. 			{
  251. 				message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
  252. 			}
  253.  
  254. 			if( !($group_info = $db->sql_fetchrow($result)) )
  255. 			{
  256. 				message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
  257. 			}
  258. 		
  259. 			if ( $group_info['group_moderator'] != $group_moderator )
  260. 			{
  261. 				if ( $delete_old_moderator )
  262. 				{
  263. 					$sql = "DELETE FROM " . USER_GROUP_TABLE . "
  264. 						WHERE user_id = " . $group_info['group_moderator'] . " 
  265. 							AND group_id = " . $group_id;
  266. 					if ( !$db->sql_query($sql) )
  267. 					{
  268. 						message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
  269. 					}
  270. 				}
  271.  
  272. 				$sql = "SELECT user_id 
  273. 					FROM " . USER_GROUP_TABLE . " 
  274. 					WHERE user_id = $group_moderator 
  275. 						AND group_id = $group_id";
  276. 				if ( !($result = $db->sql_query($sql)) )
  277. 				{
  278. 					message_die(GENERAL_ERROR, 'Failed to obtain current group moderator info', '', __LINE__, __FILE__, $sql);
  279. 				}
  280.  
  281. 				if ( !($row = $db->sql_fetchrow($result)) )
  282. 				{
  283. 					$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
  284. 						VALUES (" . $group_id . ", " . $group_moderator . ", 0)";
  285. 					if ( !$db->sql_query($sql) )
  286. 					{
  287. 						message_die(GENERAL_ERROR, 'Could not update group moderator', '', __LINE__, __FILE__, $sql);
  288. 					}
  289. 				}
  290. 			}
  291.  
  292. 			$sql = "UPDATE " . GROUPS_TABLE . "
  293. 				SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "', group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator 
  294. 				WHERE group_id = $group_id";
  295. 			if ( !$db->sql_query($sql) )
  296. 			{
  297. 				message_die(GENERAL_ERROR, 'Could not update group', '', __LINE__, __FILE__, $sql);
  298. 			}
  299. 	
  300. 			$message = $lang['Updated_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
  301.  
  302. 			message_die(GENERAL_MESSAGE, $message);
  303. 		}
  304. 		else if( $mode == 'newgroup' )
  305. 		{
  306. 			$sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) 
  307. 				VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''", $group_description) . "', $group_moderator,	'0')";
  308. 			if ( !$db->sql_query($sql) )
  309. 			{
  310. 				message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql);
  311. 			}
  312. 			$new_group_id = $db->sql_nextid();
  313.  
  314. 			$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
  315. 				VALUES ($new_group_id, $group_moderator, 0)";
  316. 			if ( !$db->sql_query($sql) )
  317. 			{
  318. 				message_die(GENERAL_ERROR, 'Could not insert new user-group info', '', __LINE__, __FILE__, $sql);
  319. 			}
  320. 			
  321. 			$message = $lang['Added_new_group'] . '<br /><br />' . sprintf($lang['Click_return_groupsadmin'], '<a href="' . append_sid("admin_groups.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');;
  322.  
  323. 			message_die(GENERAL_MESSAGE, $message);
  324.  
  325. 		}
  326. 		else
  327. 		{
  328. 			message_die(GENERAL_MESSAGE, $lang['No_group_action']);
  329. 		}
  330. 	}
  331. }
  332. else
  333. {
  334. 	$sql = "SELECT group_id, group_name
  335. 		FROM " . GROUPS_TABLE . "
  336. 		WHERE group_single_user <> " . TRUE . "
  337. 		ORDER BY group_name";
  338. 	if ( !($result = $db->sql_query($sql)) )
  339. 	{
  340. 		message_die(GENERAL_ERROR, 'Could not obtain group list', '', __LINE__, __FILE__, $sql);
  341. 	}
  342.  
  343. 	$select_list = '';
  344. 	if ( $row = $db->sql_fetchrow($result) )
  345. 	{
  346. 		$select_list .= '<select name="' . POST_GROUPS_URL . '">';
  347. 		do
  348. 		{
  349. 			$select_list .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
  350. 		}
  351. 		while ( $row = $db->sql_fetchrow($result) );
  352. 		$select_list .= '</select>';
  353. 	}
  354.  
  355. 	$template->set_filenames(array(
  356. 		'body' => 'admin/group_select_body.tpl')
  357. 	);
  358.  
  359. 	$template->assign_vars(array(
  360. 		'L_GROUP_TITLE' => $lang['Group_administration'],
  361. 		'L_GROUP_EXPLAIN' => $lang['Group_admin_explain'],
  362. 		'L_GROUP_SELECT' => $lang['Select_group'],
  363. 		'L_LOOK_UP' => $lang['Look_up_group'],
  364. 		'L_CREATE_NEW_GROUP' => $lang['New_group'],
  365.  
  366. 		'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
  367. 		'S_GROUP_SELECT' => $select_list)
  368. 	);
  369.  
  370. 	if ( $select_list != '' )
  371. 	{
  372. 		$template->assign_block_vars('select_box', array());
  373. 	}
  374.  
  375. 	$template->pparse('body');
  376. }
  377.  
  378. include('./page_footer_admin.'.$phpEx);
  379.  
  380. ?>