1<?php 2/*************************************************************************** 3 * groupcp.php 4 * ------------------- 5 * begin : Saturday, Feb 13, 2001 6 * copyright : (C) 2001 The phpBB Group 7 * email : support@phpbb.com 8 * 9 * $Id: groupcp.php 8357 2008-02-01 11:59:05Z Kellanved $ 10 * 11 * 12 ***************************************************************************/ 13 14/*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23define('IN_PHPBB', true); 24$phpbb_root_path = './'; 25include($phpbb_root_path . 'extension.inc'); 26include($phpbb_root_path . 'common.'.$phpEx); 27 28// ------------------------- 29// 30function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$joined, &$poster_avatar, &$profile_img, &$profile, &$search_img, &$search, &$pm_img, &$pm, &$email_img, &$email, &$www_img, &$www, &$icq_status_img, &$icq_img, &$icq, &$aim_img, &$aim, &$msn_img, &$msn, &$yim_img, &$yim) 31{ 32 global $lang, $images, $board_config, $phpEx; 33 34 $from = ( !empty($row['user_from']) ) ? $row['user_from'] : ' '; 35 $joined = create_date($date_format, $row['user_regdate'], $board_config['board_timezone']); 36 $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0; 37 38 $poster_avatar = ''; 39 if ( $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] ) 40 { 41 switch( $row['user_avatar_type'] ) 42 { 43 case USER_AVATAR_UPLOAD: 44 $poster_avatar = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : ''; 45 break; 46 case USER_AVATAR_REMOTE: 47 $poster_avatar = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $row['user_avatar'] . '" alt="" border="0" />' : ''; 48 break; 49 case USER_AVATAR_GALLERY: 50 $poster_avatar = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : ''; 51 break; 52 } 53 } 54 55 if ( !empty($row['user_viewemail']) || $group_mod ) 56 { 57 $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL .'=' . $row['user_id']) : 'mailto:' . $row['user_email']; 58 59 $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>'; 60 $email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>'; 61 } 62 else 63 { 64 $email_img = ' '; 65 $email = ' '; 66 } 67 68 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id']); 69 $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>'; 70 $profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>'; 71 72 $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=" . $row['user_id']); 73 $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>'; 74 $pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>'; 75 76 $www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : ''; 77 $www = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : ''; 78 79 if ( !empty($row['user_icq']) ) 80 { 81 $icq_status_img = '<a href="http://wwp.icq.com/' . $row['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $row['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>'; 82 $icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>'; 83 $icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . $lang['ICQ'] . '</a>'; 84 } 85 else 86 { 87 $icq_status_img = ''; 88 $icq_img = ''; 89 $icq = ''; 90 } 91 92 $aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : ''; 93 $aim = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : ''; 94 95 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id']); 96 $msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : ''; 97 $msn = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : ''; 98 99 $yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : ''; 100 $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&.src=pg">' . $lang['YIM'] . '</a>' : ''; 101 102 $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&showresults=posts"); 103 $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>'; 104 $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>'; 105 106 return; 107} 108// 109// -------------------------- 110 111// 112// Start session management 113// 114$userdata = session_pagestart($user_ip, PAGE_GROUPCP); 115init_userprefs($userdata); 116// 117// End session management 118// 119 120$script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path'])); 121$script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx; 122$server_name = trim($board_config['server_name']); 123$server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://'; 124$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/'; 125 126$server_url = $server_protocol . $server_name . $server_port . $script_name; 127 128if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) 129{ 130 $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]); 131} 132else 133{ 134 $group_id = ''; 135} 136 137if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) ) 138{ 139 $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode']; 140 $mode = htmlspecialchars($mode); 141} 142else 143{ 144 $mode = ''; 145} 146 147$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0; 148$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0; 149$sid = ( isset($HTTP_POST_VARS['sid']) ) ? $HTTP_POST_VARS['sid'] : ''; 150$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0; 151$start = ($start < 0) ? 0 : $start; 152 153// 154// Default var values 155// 156$is_moderator = FALSE; 157 158if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id ) 159{ 160 if ( !$userdata['session_logged_in'] ) 161 { 162 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); 163 } 164 165 $sql = "SELECT group_moderator 166 FROM " . GROUPS_TABLE . " 167 WHERE group_id = $group_id"; 168 if ( !($result = $db->sql_query($sql)) ) 169 { 170 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql); 171 } 172 173 $row = $db->sql_fetchrow($result); 174 175 if ( $row['group_moderator'] != $userdata['user_id'] && $userdata['user_level'] != ADMIN ) 176 { 177 $template->assign_vars(array( 178 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 179 ); 180 181 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 182 183 message_die(GENERAL_MESSAGE, $message); 184 } 185 186 $sql = "UPDATE " . GROUPS_TABLE . " 187 SET group_type = " . intval($HTTP_POST_VARS['group_type']) . " 188 WHERE group_id = $group_id"; 189 if ( !($result = $db->sql_query($sql)) ) 190 { 191 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql); 192 } 193 194 $template->assign_vars(array( 195 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">') 196 ); 197 198 $message = $lang['Group_type_updated'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 199 200 message_die(GENERAL_MESSAGE, $message); 201 202} 203else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id ) 204{ 205 // 206 // First, joining a group 207 // If the user isn't logged in redirect them to login 208 // 209 if ( !$userdata['session_logged_in'] ) 210 { 211 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); 212 } 213 else if ( $sid !== $userdata['session_id'] ) 214 { 215 message_die(GENERAL_ERROR, $lang['Session_invalid']); 216 } 217 218 $sql = "SELECT ug.user_id, g.group_type 219 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 220 WHERE g.group_id = $group_id 221 AND g.group_type <> " . GROUP_HIDDEN . " 222 AND ug.group_id = g.group_id"; 223 if ( !($result = $db->sql_query($sql)) ) 224 { 225 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql); 226 } 227 228 if ( $row = $db->sql_fetchrow($result)) 229 { 230 if ( $row['group_type'] == GROUP_OPEN ) 231 { 232 do 233 { 234 if ( $userdata['user_id'] == $row['user_id'] ) 235 { 236 $template->assign_vars(array( 237 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 238 ); 239 240 $message = $lang['Already_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 241 242 message_die(GENERAL_MESSAGE, $message); 243 } 244 } while ( $row = $db->sql_fetchrow($result) ); 245 } 246 else 247 { 248 $template->assign_vars(array( 249 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 250 ); 251 252 $message = $lang['This_closed_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 253 254 message_die(GENERAL_MESSAGE, $message); 255 } 256 } 257 else 258 { 259 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); 260 } 261 262 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 263 VALUES ($group_id, " . $userdata['user_id'] . ", 1)"; 264 if ( !($result = $db->sql_query($sql)) ) 265 { 266 message_die(GENERAL_ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql); 267 } 268 269 $sql = "SELECT u.user_email, u.username, u.user_lang, g.group_name 270 FROM ".USERS_TABLE . " u, " . GROUPS_TABLE . " g 271 WHERE u.user_id = g.group_moderator 272 AND g.group_id = $group_id"; 273 if ( !($result = $db->sql_query($sql)) ) 274 { 275 message_die(GENERAL_ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql); 276 } 277 278 $moderator = $db->sql_fetchrow($result); 279 280 include($phpbb_root_path . 'includes/emailer.'.$phpEx); 281 $emailer = new emailer($board_config['smtp_delivery']); 282 283 $emailer->from($board_config['board_email']); 284 $emailer->replyto($board_config['board_email']); 285 286 $emailer->use_template('group_request', $moderator['user_lang']); 287 $emailer->email_address($moderator['user_email']); 288 $emailer->set_subject($lang['Group_request']); 289 290 $emailer->assign_vars(array( 291 'SITENAME' => $board_config['sitename'], 292 'GROUP_MODERATOR' => $moderator['username'], 293 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 294 295 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id&validate=true") 296 ); 297 $emailer->send(); 298 $emailer->reset(); 299 300 $template->assign_vars(array( 301 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 302 ); 303 304 $message = $lang['Group_joined'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 305 306 message_die(GENERAL_MESSAGE, $message); 307} 308else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending']) && $group_id ) 309{ 310 // 311 // Second, unsubscribing from a group 312 // Check for confirmation of unsub. 313 // 314 if ( $cancel ) 315 { 316 redirect(append_sid("groupcp.$phpEx", true)); 317 } 318 else if ( !$userdata['session_logged_in'] ) 319 { 320 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); 321 } 322 else if ( $sid !== $userdata['session_id'] ) 323 { 324 message_die(GENERAL_ERROR, $lang['Session_invalid']); 325 } 326 327 328 if ( $confirm ) 329 { 330 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 331 WHERE user_id = " . $userdata['user_id'] . " 332 AND group_id = $group_id"; 333 if ( !($result = $db->sql_query($sql)) ) 334 { 335 message_die(GENERAL_ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql); 336 } 337 338 if ( $userdata['user_level'] != ADMIN && $userdata['user_level'] == MOD ) 339 { 340 $sql = "SELECT COUNT(auth_mod) AS is_auth_mod 341 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 342 WHERE ug.user_id = " . $userdata['user_id'] . " 343 AND aa.group_id = ug.group_id 344 AND aa.auth_mod = 1"; 345 if ( !($result = $db->sql_query($sql)) ) 346 { 347 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql); 348 } 349 350 if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 ) 351 { 352 $sql = "UPDATE " . USERS_TABLE . " 353 SET user_level = " . USER . " 354 WHERE user_id = " . $userdata['user_id']; 355 if ( !($result = $db->sql_query($sql)) ) 356 { 357 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql); 358 } 359 } 360 } 361 362 $template->assign_vars(array( 363 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 364 ); 365 366 $message = $lang['Unsub_success'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 367 368 message_die(GENERAL_MESSAGE, $message); 369 } 370 else 371 { 372 $unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending']; 373 374 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />'; 375 $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 376 377 $page_title = $lang['Group_Control_Panel']; 378 include($phpbb_root_path . 'includes/page_header.'.$phpEx); 379 380 $template->set_filenames(array( 381 'confirm' => 'confirm_body.tpl') 382 ); 383 384 $template->assign_vars(array( 385 'MESSAGE_TITLE' => $lang['Confirm'], 386 'MESSAGE_TEXT' => $unsub_msg, 387 'L_YES' => $lang['Yes'], 388 'L_NO' => $lang['No'], 389 'S_CONFIRM_ACTION' => append_sid("groupcp.$phpEx"), 390 'S_HIDDEN_FIELDS' => $s_hidden_fields) 391 ); 392 393 $template->pparse('confirm'); 394 395 include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 396 } 397 398} 399else if ( $group_id ) 400{ 401 // 402 // Did the group moderator get here through an email? 403 // If so, check to see if they are logged in. 404 // 405 if ( isset($HTTP_GET_VARS['validate']) ) 406 { 407 if ( !$userdata['session_logged_in'] ) 408 { 409 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); 410 } 411 } 412 413 // 414 // For security, get the ID of the group moderator. 415 // 416 switch(SQL_LAYER) 417 { 418 case 'postgresql': 419 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 420 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 421 WHERE g.group_id = $group_id 422 AND aa.group_id = g.group_id 423 UNION ( 424 SELECT g.group_moderator, g.group_type, NULL 425 FROM " . GROUPS_TABLE . " g 426 WHERE g.group_id = $group_id 427 AND NOT EXISTS ( 428 SELECT aa.group_id 429 FROM " . AUTH_ACCESS_TABLE . " aa 430 WHERE aa.group_id = g.group_id 431 ) 432 ) 433 ORDER BY auth_mod DESC"; 434 break; 435 436 case 'oracle': 437 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 438 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 439 WHERE g.group_id = $group_id 440 AND aa.group_id (+) = g.group_id 441 ORDER BY aa.auth_mod DESC"; 442 break; 443 444 default: 445 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 446 FROM ( " . GROUPS_TABLE . " g 447 LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id ) 448 WHERE g.group_id = $group_id 449 ORDER BY aa.auth_mod DESC"; 450 break; 451 } 452 if ( !($result = $db->sql_query($sql)) ) 453 { 454 message_die(GENERAL_ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql); 455 } 456 457 if ( $group_info = $db->sql_fetchrow($result) ) 458 { 459 $group_moderator = $group_info['group_moderator']; 460 461 if ( $group_moderator == $userdata['user_id'] || $userdata['user_level'] == ADMIN ) 462 { 463 $is_moderator = TRUE; 464 } 465 466 // 467 // Handle Additions, removals, approvals and denials 468 // 469 if ( !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['remove']) || isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) 470 { 471 if ( !$userdata['session_logged_in'] ) 472 { 473 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true)); 474 } 475 else if ( $sid !== $userdata['session_id'] ) 476 { 477 message_die(GENERAL_ERROR, $lang['Session_invalid']); 478 } 479 480 if ( !$is_moderator ) 481 { 482 $template->assign_vars(array( 483 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">') 484 ); 485 486 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 487 488 message_die(GENERAL_MESSAGE, $message); 489 } 490 491 if ( isset($HTTP_POST_VARS['add']) ) 492 { 493 $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; 494 495 $sql = "SELECT user_id, user_email, user_lang, user_level 496 FROM " . USERS_TABLE . " 497 WHERE username = '" . str_replace("\'", "''", $username) . "'"; 498 if ( !($result = $db->sql_query($sql)) ) 499 { 500 message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql); 501 } 502 503 if ( !($row = $db->sql_fetchrow($result)) ) 504 { 505 $template->assign_vars(array( 506 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">') 507 ); 508 509 $message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>"); 510 511 message_die(GENERAL_MESSAGE, $message); 512 } 513 514 if ( $row['user_id'] == ANONYMOUS ) 515 { 516 $template->assign_vars(array( 517 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">') 518 ); 519 520 $message = $lang['Could_not_anon_user'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 521 522 message_die(GENERAL_MESSAGE, $message); 523 } 524 525 $sql = "SELECT ug.user_id, u.user_level 526 FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u 527 WHERE u.user_id = " . $row['user_id'] . " 528 AND ug.user_id = u.user_id 529 AND ug.group_id = $group_id"; 530 if ( !($result = $db->sql_query($sql)) ) 531 { 532 message_die(GENERAL_ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql); 533 } 534 535 if ( !($db->sql_fetchrow($result)) ) 536 { 537 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) 538 VALUES (" . $row['user_id'] . ", $group_id, 0)"; 539 if ( !$db->sql_query($sql) ) 540 { 541 message_die(GENERAL_ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql); 542 } 543 544 if ( $row['user_level'] != ADMIN && $row['user_level'] != MOD && $group_info['auth_mod'] ) 545 { 546 $sql = "UPDATE " . USERS_TABLE . " 547 SET user_level = " . MOD . " 548 WHERE user_id = " . $row['user_id']; 549 if ( !$db->sql_query($sql) ) 550 { 551 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql); 552 } 553 } 554 555 // 556 // Get the group name 557 // Email the user and tell them they're in the group 558 // 559 $group_sql = "SELECT group_name 560 FROM " . GROUPS_TABLE . " 561 WHERE group_id = $group_id"; 562 if ( !($result = $db->sql_query($group_sql)) ) 563 { 564 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql); 565 } 566 567 $group_name_row = $db->sql_fetchrow($result); 568 569 $group_name = $group_name_row['group_name']; 570 571 include($phpbb_root_path . 'includes/emailer.'.$phpEx); 572 $emailer = new emailer($board_config['smtp_delivery']); 573 574 $emailer->from($board_config['board_email']); 575 $emailer->replyto($board_config['board_email']); 576 577 $emailer->use_template('group_added', $row['user_lang']); 578 $emailer->email_address($row['user_email']); 579 $emailer->set_subject($lang['Group_added']); 580 581 $emailer->assign_vars(array( 582 'SITENAME' => $board_config['sitename'], 583 'GROUP_NAME' => $group_name, 584 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 585 586 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id") 587 ); 588 $emailer->send(); 589 $emailer->reset(); 590 } 591 else 592 { 593 $template->assign_vars(array( 594 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">') 595 ); 596 597 $message = $lang['User_is_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); 598 599 message_die(GENERAL_MESSAGE, $message); 600 } 601 } 602 else 603 { 604 if ( ( ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) && isset($HTTP_POST_VARS['pending_members']) ) || ( isset($HTTP_POST_VARS['remove']) && isset($HTTP_POST_VARS['members']) ) ) 605 { 606 607 $members = ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) ? $HTTP_POST_VARS['pending_members'] : $HTTP_POST_VARS['members']; 608 609 $sql_in = ''; 610 for($i = 0; $i < count($members); $i++) 611 { 612 $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]); 613 } 614 615 if ( isset($HTTP_POST_VARS['approve']) ) 616 { 617 if ( $group_info['auth_mod'] ) 618 { 619 $sql = "UPDATE " . USERS_TABLE . " 620 SET user_level = " . MOD . " 621 WHERE user_id IN ($sql_in) 622 AND user_level NOT IN (" . MOD . ", " . ADMIN . ")"; 623 if ( !$db->sql_query($sql) ) 624 { 625 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql); 626 } 627 } 628 629 $sql = "UPDATE " . USER_GROUP_TABLE . " 630 SET user_pending = 0 631 WHERE user_id IN ($sql_in) 632 AND group_id = $group_id"; 633 $sql_select = "SELECT user_email 634 FROM ". USERS_TABLE . " 635 WHERE user_id IN ($sql_in)"; 636 } 637 else if ( isset($HTTP_POST_VARS['deny']) || isset($HTTP_POST_VARS['remove']) ) 638 { 639 if ( $group_info['auth_mod'] ) 640 { 641 $sql = "SELECT ug.user_id, ug.group_id 642 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 643 WHERE ug.user_id IN ($sql_in) 644 AND aa.group_id = ug.group_id 645 AND aa.auth_mod = 1 646 GROUP BY ug.user_id, ug.group_id 647 ORDER BY ug.user_id, ug.group_id"; 648 if ( !($result = $db->sql_query($sql)) ) 649 { 650 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql); 651 } 652 653 if ( $row = $db->sql_fetchrow($result) ) 654 { 655 $group_check = array(); 656 $remove_mod_sql = ''; 657 658 do 659 { 660 $group_check[$row['user_id']][] = $row['group_id']; 661 } 662 while ( $row = $db->sql_fetchrow($result) ); 663 664 while( list($user_id, $group_list) = @each($group_check) ) 665 { 666 if ( count($group_list) == 1 ) 667 { 668 $remove_mod_sql .= ( ( $remove_mod_sql != '' ) ? ', ' : '' ) . $user_id; 669 } 670 } 671 672 if ( $remove_mod_sql != '' ) 673 { 674 $sql = "UPDATE " . USERS_TABLE . " 675 SET user_level = " . USER . " 676 WHERE user_id IN ($remove_mod_sql) 677 AND user_level NOT IN (" . ADMIN . ")"; 678 if ( !$db->sql_query($sql) ) 679 { 680 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql); 681 } 682 } 683 } 684 } 685 686 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 687 WHERE user_id IN ($sql_in) 688 AND group_id = $group_id"; 689 } 690 691 if ( !$db->sql_query($sql) ) 692 { 693 message_die(GENERAL_ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql); 694 } 695 696 // 697 // Email users when they are approved 698 // 699 if ( isset($HTTP_POST_VARS['approve']) ) 700 { 701 if ( !($result = $db->sql_query($sql_select)) ) 702 { 703 message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql); 704 } 705 706 $bcc_list = array(); 707 while ($row = $db->sql_fetchrow($result)) 708 { 709 $bcc_list[] = $row['user_email']; 710 } 711 712 // 713 // Get the group name 714 // 715 $group_sql = "SELECT group_name 716 FROM " . GROUPS_TABLE . " 717 WHERE group_id = $group_id"; 718 if ( !($result = $db->sql_query($group_sql)) ) 719 { 720 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql); 721 } 722 723 $group_name_row = $db->sql_fetchrow($result); 724 $group_name = $group_name_row['group_name']; 725 726 include($phpbb_root_path . 'includes/emailer.'.$phpEx); 727 $emailer = new emailer($board_config['smtp_delivery']); 728 729 $emailer->from($board_config['board_email']); 730 $emailer->replyto($board_config['board_email']); 731 732 for ($i = 0; $i < count($bcc_list); $i++) 733 { 734 $emailer->bcc($bcc_list[$i]); 735 } 736 737 $emailer->use_template('group_approved'); 738 $emailer->set_subject($lang['Group_approved']); 739 740 $emailer->assign_vars(array( 741 'SITENAME' => $board_config['sitename'], 742 'GROUP_NAME' => $group_name, 743 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 744 745 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id") 746 ); 747 $emailer->send(); 748 $emailer->reset(); 749 } 750 } 751 } 752 } 753 // 754 // END approve or deny 755 // 756 } 757 else 758 { 759 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); 760 } 761 762 // 763 // Get group details 764 // 765 $sql = "SELECT * 766 FROM " . GROUPS_TABLE . " 767 WHERE group_id = $group_id 768 AND group_single_user = 0"; 769 if ( !($result = $db->sql_query($sql)) ) 770 { 771 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); 772 } 773 774 if ( !($group_info = $db->sql_fetchrow($result)) ) 775 { 776 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); 777 } 778 779 // 780 // Get moderator details for this group 781 // 782 $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm 783 FROM " . USERS_TABLE . " 784 WHERE user_id = " . $group_info['group_moderator']; 785 if ( !($result = $db->sql_query($sql)) ) 786 { 787 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql); 788 } 789 790 $group_moderator = $db->sql_fetchrow($result); 791 792 // 793 // Get user information for this group 794 // 795 $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, ug.user_pending 796 FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug 797 WHERE ug.group_id = $group_id 798 AND u.user_id = ug.user_id 799 AND ug.user_pending = 0 800 AND ug.user_id <> " . $group_moderator['user_id'] . " 801 ORDER BY u.username"; 802 if ( !($result = $db->sql_query($sql)) ) 803 { 804 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql); 805 } 806 807 $group_members = $db->sql_fetchrowset($result); 808 $members_count = count($group_members); 809 $db->sql_freeresult($result); 810 811 $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm 812 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u 813 WHERE ug.group_id = $group_id 814 AND g.group_id = ug.group_id 815 AND ug.user_pending = 1 816 AND u.user_id = ug.user_id 817 ORDER BY u.username"; 818 if ( !($result = $db->sql_query($sql)) ) 819 { 820 message_die(GENERAL_ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql); 821 } 822 823 $modgroup_pending_list = $db->sql_fetchrowset($result); 824 $modgroup_pending_count = count($modgroup_pending_list); 825 $db->sql_freeresult($result); 826 827 $is_group_member = 0; 828 if ( $members_count ) 829 { 830 for($i = 0; $i < $members_count; $i++) 831 { 832 if ( $group_members[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] ) 833 { 834 $is_group_member = TRUE; 835 } 836 } 837 } 838 839 $is_group_pending_member = 0; 840 if ( $modgroup_pending_count ) 841 { 842 for($i = 0; $i < $modgroup_pending_count; $i++) 843 { 844 if ( $modgroup_pending_list[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] ) 845 { 846 $is_group_pending_member = TRUE; 847 } 848 } 849 } 850 851 if ( $userdata['user_level'] == ADMIN ) 852 { 853 $is_moderator = TRUE; 854 } 855 856 if ( $userdata['user_id'] == $group_info['group_moderator'] ) 857 { 858 $is_moderator = TRUE; 859 860 $group_details = $lang['Are_group_moderator']; 861 862 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; 863 } 864 else if ( $is_group_member || $is_group_pending_member ) 865 { 866 $template->assign_block_vars('switch_unsubscribe_group_input', array()); 867 868 $group_details = ( $is_group_pending_member ) ? $lang['Pending_this_group'] : $lang['Member_this_group']; 869 870 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; 871 } 872 else if ( $userdata['user_id'] == ANONYMOUS ) 873 { 874 $group_details = $lang['Login_to_join']; 875 $s_hidden_fields = ''; 876 } 877 else 878 { 879 if ( $group_info['group_type'] == GROUP_OPEN ) 880 { 881 $template->assign_block_vars('switch_subscribe_group_input', array()); 882 883 $group_details = $lang['This_open_group']; 884 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />'; 885 } 886 else if ( $group_info['group_type'] == GROUP_CLOSED ) 887 { 888 $group_details = $lang['This_closed_group']; 889 $s_hidden_fields = ''; 890 } 891 else if ( $group_info['group_type'] == GROUP_HIDDEN ) 892 { 893 $group_details = $lang['This_hidden_group']; 894 $s_hidden_fields = ''; 895 } 896 } 897 898 $page_title = $lang['Group_Control_Panel']; 899 include($phpbb_root_path . 'includes/page_header.'.$phpEx); 900 901 // 902 // Load templates 903 // 904 $template->set_filenames(array( 905 'info' => 'groupcp_info_body.tpl', 906 'pendinginfo' => 'groupcp_pending_info.tpl') 907 ); 908 make_jumpbox('viewforum.'.$phpEx); 909 910 // 911 // Add the moderator 912 // 913 $username = $group_moderator['username']; 914 $user_id = $group_moderator['user_id']; 915 916 generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim); 917 918 $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 919 920 $template->assign_vars(array( 921 'L_GROUP_INFORMATION' => $lang['Group_Information'], 922 'L_GROUP_NAME' => $lang['Group_name'], 923 'L_GROUP_DESC' => $lang['Group_description'], 924 'L_GROUP_TYPE' => $lang['Group_type'], 925 'L_GROUP_MEMBERSHIP' => $lang['Group_membership'], 926 'L_SUBSCRIBE' => $lang['Subscribe'], 927 'L_UNSUBSCRIBE' => $lang['Unsubscribe'], 928 'L_JOIN_GROUP' => $lang['Join_group'], 929 'L_UNSUBSCRIBE_GROUP' => $lang['Unsubscribe'], 930 'L_GROUP_OPEN' => $lang['Group_open'], 931 'L_GROUP_CLOSED' => $lang['Group_closed'], 932 'L_GROUP_HIDDEN' => $lang['Group_hidden'], 933 'L_UPDATE' => $lang['Update'], 934 'L_GROUP_MODERATOR' => $lang['Group_Moderator'], 935 'L_GROUP_MEMBERS' => $lang['Group_Members'], 936 'L_PENDING_MEMBERS' => $lang['Pending_members'], 937 'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'], 938 'L_PM' => $lang['Private_Message'], 939 'L_EMAIL' => $lang['Email'], 940 'L_POSTS' => $lang['Posts'], 941 'L_WEBSITE' => $lang['Website'], 942 'L_FROM' => $lang['Location'], 943 'L_ORDER' => $lang['Order'], 944 'L_SORT' => $lang['Sort'], 945 'L_SUBMIT' => $lang['Sort'], 946 'L_AIM' => $lang['AIM'], 947 'L_YIM' => $lang['YIM'], 948 'L_MSNM' => $lang['MSNM'], 949 'L_ICQ' => $lang['ICQ'], 950 'L_SELECT' => $lang['Select'], 951 'L_REMOVE_SELECTED' => $lang['Remove_selected'], 952 'L_ADD_MEMBER' => $lang['Add_member'], 953 'L_FIND_USERNAME' => $lang['Find_username'], 954 955 'GROUP_NAME' => $group_info['group_name'], 956 'GROUP_DESC' => $group_info['group_description'], 957 'GROUP_DETAILS' => $group_details, 958 'MOD_ROW_COLOR' => '#' . $theme['td_color1'], 959 'MOD_ROW_CLASS' => $theme['td_class1'], 960 'MOD_USERNAME' => $username, 961 'MOD_FROM' => $from, 962 'MOD_JOINED' => $joined, 963 'MOD_POSTS' => $posts, 964 'MOD_AVATAR_IMG' => $poster_avatar, 965 'MOD_PROFILE_IMG' => $profile_img, 966 'MOD_PROFILE' => $profile, 967 'MOD_SEARCH_IMG' => $search_img, 968 'MOD_SEARCH' => $search, 969 'MOD_PM_IMG' => $pm_img, 970 'MOD_PM' => $pm, 971 'MOD_EMAIL_IMG' => $email_img, 972 'MOD_EMAIL' => $email, 973 'MOD_WWW_IMG' => $www_img, 974 'MOD_WWW' => $www, 975 'MOD_ICQ_STATUS_IMG' => $icq_status_img, 976 'MOD_ICQ_IMG' => $icq_img, 977 'MOD_ICQ' => $icq, 978 'MOD_AIM_IMG' => $aim_img, 979 'MOD_AIM' => $aim, 980 'MOD_MSN_IMG' => $msn_img, 981 'MOD_MSN' => $msn, 982 'MOD_YIM_IMG' => $yim_img, 983 'MOD_YIM' => $yim, 984 985 'U_MOD_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$user_id"), 986 'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser"), 987 988 'S_GROUP_OPEN_TYPE' => GROUP_OPEN, 989 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED, 990 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN, 991 'S_GROUP_OPEN_CHECKED' => ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '', 992 'S_GROUP_CLOSED_CHECKED' => ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '', 993 'S_GROUP_HIDDEN_CHECKED' => ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '', 994 'S_HIDDEN_FIELDS' => $s_hidden_fields, 995 'S_MODE_SELECT' => $select_sort_mode, 996 'S_ORDER_SELECT' => $select_sort_order, 997 'S_GROUPCP_ACTION' => append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id")) 998 ); 999 1000 // 1001 // Dump out the remaining users 1002 // 1003 for($i = $start; $i < min($board_config['topics_per_page'] + $start, $members_count); $i++) 1004 { 1005 $username = $group_members[$i]['username']; 1006 $user_id = $group_members[$i]['user_id']; 1007 1008 generate_user_info($group_members[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim); 1009 1010 if ( $group_info['group_type'] != GROUP_HIDDEN || $is_group_member || $is_moderator ) 1011 { 1012 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; 1013 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; 1014 1015 $template->assign_block_vars('member_row', array( 1016 'ROW_COLOR' => '#' . $row_color, 1017 'ROW_CLASS' => $row_class, 1018 'USERNAME' => $username, 1019 'FROM' => $from, 1020 'JOINED' => $joined, 1021 'POSTS' => $posts, 1022 'USER_ID' => $user_id, 1023 'AVATAR_IMG' => $poster_avatar, 1024 'PROFILE_IMG' => $profile_img, 1025 'PROFILE' => $profile, 1026 'SEARCH_IMG' => $search_img, 1027 'SEARCH' => $search, 1028 'PM_IMG' => $pm_img, 1029 'PM' => $pm, 1030 'EMAIL_IMG' => $email_img, 1031 'EMAIL' => $email, 1032 'WWW_IMG' => $www_img, 1033 'WWW' => $www, 1034 'ICQ_STATUS_IMG' => $icq_status_img, 1035 'ICQ_IMG' => $icq_img, 1036 'ICQ' => $icq, 1037 'AIM_IMG' => $aim_img, 1038 'AIM' => $aim, 1039 'MSN_IMG' => $msn_img, 1040 'MSN' => $msn, 1041 'YIM_IMG' => $yim_img, 1042 'YIM' => $yim, 1043 1044 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$user_id")) 1045 ); 1046 1047 if ( $is_moderator ) 1048 { 1049 $template->assign_block_vars('member_row.switch_mod_option', array()); 1050 } 1051 } 1052 } 1053 1054 if ( !$members_count ) 1055 { 1056 // 1057 // No group members 1058 // 1059 $template->assign_block_vars('switch_no_members', array()); 1060 $template->assign_vars(array( 1061 'L_NO_MEMBERS' => $lang['No_group_members']) 1062 ); 1063 } 1064 1065 $current_page = ( !$members_count ) ? 1 : ceil( $members_count / $board_config['topics_per_page'] ); 1066 1067 $template->assign_vars(array( 1068 'PAGINATION' => generate_pagination("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id", $members_count, $board_config['topics_per_page'], $start), 1069 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), $current_page ), 1070 1071 'L_GOTO_PAGE' => $lang['Goto_page']) 1072 ); 1073 1074 if ( $group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator ) 1075 { 1076 // 1077 // No group members 1078 // 1079 $template->assign_block_vars('switch_hidden_group', array()); 1080 $template->assign_vars(array( 1081 'L_HIDDEN_MEMBERS' => $lang['Group_hidden_members']) 1082 ); 1083 } 1084 1085 // 1086 // We've displayed the members who belong to the group, now we 1087 // do that pending memebers... 1088 // 1089 if ( $is_moderator ) 1090 { 1091 // 1092 // Users pending in ONLY THIS GROUP (which is moderated by this user) 1093 // 1094 if ( $modgroup_pending_count ) 1095 { 1096 for($i = 0; $i < $modgroup_pending_count; $i++) 1097 { 1098 $username = $modgroup_pending_list[$i]['username']; 1099 $user_id = $modgroup_pending_list[$i]['user_id']; 1100 1101 generate_user_info($modgroup_pending_list[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim); 1102 1103 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2']; 1104 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2']; 1105 1106 $user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">'; 1107 1108 $template->assign_block_vars('pending_members_row', array( 1109 'ROW_CLASS' => $row_class, 1110 'ROW_COLOR' => '#' . $row_color, 1111 'USERNAME' => $username, 1112 'FROM' => $from, 1113 'JOINED' => $joined, 1114 'POSTS' => $posts, 1115 'USER_ID' => $user_id, 1116 'AVATAR_IMG' => $poster_avatar, 1117 'PROFILE_IMG' => $profile_img, 1118 'PROFILE' => $profile, 1119 'SEARCH_IMG' => $search_img, 1120 'SEARCH' => $search, 1121 'PM_IMG' => $pm_img, 1122 'PM' => $pm, 1123 'EMAIL_IMG' => $email_img, 1124 'EMAIL' => $email, 1125 'WWW_IMG' => $www_img, 1126 'WWW' => $www, 1127 'ICQ_STATUS_IMG' => $icq_status_img, 1128 'ICQ_IMG' => $icq_img, 1129 'ICQ' => $icq, 1130 'AIM_IMG' => $aim_img, 1131 'AIM' => $aim, 1132 'MSN_IMG' => $msn_img, 1133 'MSN' => $msn, 1134 'YIM_IMG' => $yim_img, 1135 'YIM' => $yim, 1136 1137 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . "=$user_id")) 1138 ); 1139 } 1140 1141 $template->assign_block_vars('switch_pending_members', array() ); 1142 1143 $template->assign_vars(array( 1144 'L_SELECT' => $lang['Select'], 1145 'L_APPROVE_SELECTED' => $lang['Approve_selected'], 1146 'L_DENY_SELECTED' => $lang['Deny_selected']) 1147 ); 1148 1149 $template->assign_var_from_handle('PENDING_USER_BOX', 'pendinginfo'); 1150 1151 } 1152 } 1153 1154 if ( $is_moderator ) 1155 { 1156 $template->assign_block_vars('switch_mod_option', array()); 1157 $template->assign_block_vars('switch_add_member', array()); 1158 } 1159 1160 $template->pparse('info'); 1161} 1162else 1163{ 1164 // 1165 // Show the main groupcp.php screen where the user can select a group. 1166 // 1167 // Select all group that the user is a member of or where the user has 1168 // a pending membership. 1169 // 1170 $in_group = array(); 1171 1172 if ( $userdata['session_logged_in'] ) 1173 { 1174 $sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending 1175 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug 1176 WHERE ug.user_id = " . $userdata['user_id'] . " 1177 AND ug.group_id = g.group_id 1178 AND g.group_single_user <> " . TRUE . " 1179 ORDER BY g.group_name, ug.user_id"; 1180 if ( !($result = $db->sql_query($sql)) ) 1181 { 1182 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); 1183 } 1184 1185 if ( $row = $db->sql_fetchrow($result) ) 1186 { 1187 $in_group = array(); 1188 $s_member_groups_opt = ''; 1189 $s_pending_groups_opt = ''; 1190 1191 do 1192 { 1193 $in_group[] = $row['group_id']; 1194 if ( $row['user_pending'] ) 1195 { 1196 $s_pending_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; 1197 } 1198 else 1199 { 1200 $s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; 1201 } 1202 } 1203 while( $row = $db->sql_fetchrow($result) ); 1204 1205 $s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>"; 1206 $s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>"; 1207 } 1208 } 1209 1210 // 1211 // Select all other groups i.e. groups that this user is not a member of 1212 // 1213 $ignore_group_sql = ( count($in_group) ) ? "AND group_id NOT IN (" . implode(', ', $in_group) . ")" : ''; 1214 $sql = "SELECT group_id, group_name, group_type 1215 FROM " . GROUPS_TABLE . " g 1216 WHERE group_single_user <> " . TRUE . " 1217 $ignore_group_sql 1218 ORDER BY g.group_name"; 1219 if ( !($result = $db->sql_query($sql)) ) 1220 { 1221 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql); 1222 } 1223 1224 $s_group_list_opt = ''; 1225 while( $row = $db->sql_fetchrow($result) ) 1226 { 1227 if ( $row['group_type'] != GROUP_HIDDEN || $userdata['user_level'] == ADMIN ) 1228 { 1229 $s_group_list_opt .='<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; 1230 } 1231 } 1232 $s_group_list = '<select name="' . POST_GROUPS_URL . '">' . $s_group_list_opt . '</select>'; 1233 1234 if ( $s_group_list_opt != '' || $s_pending_groups_opt != '' || $s_member_groups_opt != '' ) 1235 { 1236 // 1237 // Load and process templates 1238 // 1239 $page_title = $lang['Group_Control_Panel']; 1240 include($phpbb_root_path . 'includes/page_header.'.$phpEx); 1241 1242 $template->set_filenames(array( 1243 'user' => 'groupcp_user_body.tpl') 1244 ); 1245 make_jumpbox('viewforum.'.$phpEx); 1246 1247 if ( $s_pending_groups_opt != '' || $s_member_groups_opt != '' ) 1248 { 1249 $template->assign_block_vars('switch_groups_joined', array() ); 1250 } 1251 1252 if ( $s_member_groups_opt != '' ) 1253 { 1254 $template->assign_block_vars('switch_groups_joined.switch_groups_member', array() ); 1255 } 1256 1257 if ( $s_pending_groups_opt != '' ) 1258 { 1259 $template->assign_block_vars('switch_groups_joined.switch_groups_pending', array() ); 1260 } 1261 1262 if ( $s_group_list_opt != '' ) 1263 { 1264 $template->assign_block_vars('switch_groups_remaining', array() ); 1265 } 1266 1267 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />'; 1268 1269 $template->assign_vars(array( 1270 'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'], 1271 'L_JOIN_A_GROUP' => $lang['Group_member_join'], 1272 'L_YOU_BELONG_GROUPS' => $lang['Current_memberships'], 1273 'L_SELECT_A_GROUP' => $lang['Non_member_groups'], 1274 'L_PENDING_GROUPS' => $lang['Memberships_pending'], 1275 'L_SUBSCRIBE' => $lang['Subscribe'], 1276 'L_UNSUBSCRIBE' => $lang['Unsubscribe'], 1277 'L_VIEW_INFORMATION' => $lang['View_Information'], 1278 1279 'S_USERGROUP_ACTION' => append_sid("groupcp.$phpEx"), 1280 'S_HIDDEN_FIELDS' => $s_hidden_fields, 1281 1282 'GROUP_LIST_SELECT' => $s_group_list, 1283 'GROUP_PENDING_SELECT' => $s_pending_groups, 1284 'GROUP_MEMBER_SELECT' => $s_member_groups) 1285 ); 1286 1287 $template->pparse('user'); 1288 } 1289 else 1290 { 1291 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); 1292 } 1293 1294} 1295 1296include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 1297 1298?>