[ Index ]

PHP Cross Reference of phpBB-3.2.8-deutsch

title

Body

[close]

/includes/acp/ -> auth.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  if (!defined('IN_PHPBB'))
  18  {
  19      exit;
  20  }
  21  
  22  /**
  23  * ACP Permission/Auth class
  24  */
  25  class auth_admin extends \phpbb\auth\auth
  26  {
  27      /**
  28      * Init auth settings
  29      */
  30  	function __construct()
  31      {
  32          global $db, $cache;
  33  
  34          if (($this->acl_options = $cache->get('_acl_options')) === false)
  35          {
  36              $sql = 'SELECT auth_option_id, auth_option, is_global, is_local
  37                  FROM ' . ACL_OPTIONS_TABLE . '
  38                  ORDER BY auth_option_id';
  39              $result = $db->sql_query($sql);
  40  
  41              $global = $local = 0;
  42              $this->acl_options = array();
  43              while ($row = $db->sql_fetchrow($result))
  44              {
  45                  if ($row['is_global'])
  46                  {
  47                      $this->acl_options['global'][$row['auth_option']] = $global++;
  48                  }
  49  
  50                  if ($row['is_local'])
  51                  {
  52                      $this->acl_options['local'][$row['auth_option']] = $local++;
  53                  }
  54  
  55                  $this->acl_options['id'][$row['auth_option']] = (int) $row['auth_option_id'];
  56                  $this->acl_options['option'][(int) $row['auth_option_id']] = $row['auth_option'];
  57              }
  58              $db->sql_freeresult($result);
  59  
  60              $cache->put('_acl_options', $this->acl_options);
  61          }
  62      }
  63  
  64      /**
  65      * Get permission mask
  66      * This function only supports getting permissions of one type (for example a_)
  67      *
  68      * @param set|view $mode defines the permissions we get, view gets effective permissions (checking user AND group permissions), set only gets the user or group permission set alone
  69      * @param mixed $user_id user ids to search for (a user_id or a group_id has to be specified at least)
  70      * @param mixed $group_id group ids to search for, return group related settings (a user_id or a group_id has to be specified at least)
  71      * @param mixed $forum_id forum_ids to search for. Defining a forum id also means getting local settings
  72      * @param string $auth_option the auth_option defines the permission setting to look for (a_ for example)
  73      * @param local|global $scope the scope defines the permission scope. If local, a forum_id is additionally required
  74      * @param ACL_NEVER|ACL_NO|ACL_YES $acl_fill defines the mode those permissions not set are getting filled with
  75      */
  76  	function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NEVER)
  77      {
  78          global $db, $user;
  79  
  80          $hold_ary = array();
  81          $view_user_mask = ($mode == 'view' && $group_id === false) ? true : false;
  82  
  83          if ($auth_option === false || $scope === false)
  84          {
  85              return array();
  86          }
  87  
  88          $acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data';
  89  
  90          if (!$view_user_mask)
  91          {
  92              if ($forum_id !== false)
  93              {
  94                  $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id);
  95              }
  96              else
  97              {
  98                  $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
  99              }
 100          }
 101  
 102          // Make sure hold_ary is filled with every setting (prevents missing forums/users/groups)
 103          $ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id);
 104          $forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array());
 105  
 106          // Only those options we need
 107          $compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array(''));
 108  
 109          // If forum_ids is false and the scope is local we actually want to have all forums within the array
 110          if ($scope == 'local' && !count($forum_ids))
 111          {
 112              $sql = 'SELECT forum_id
 113                  FROM ' . FORUMS_TABLE;
 114              $result = $db->sql_query($sql, 120);
 115  
 116              while ($row = $db->sql_fetchrow($result))
 117              {
 118                  $forum_ids[] = (int) $row['forum_id'];
 119              }
 120              $db->sql_freeresult($result);
 121          }
 122  
 123          if ($view_user_mask)
 124          {
 125              $auth2 = null;
 126  
 127              $sql = 'SELECT user_id, user_permissions, user_type
 128                  FROM ' . USERS_TABLE . '
 129                  WHERE ' . $db->sql_in_set('user_id', $ug_id);
 130              $result = $db->sql_query($sql);
 131  
 132              while ($userdata = $db->sql_fetchrow($result))
 133              {
 134                  if ($user->data['user_id'] != $userdata['user_id'])
 135                  {
 136                      $auth2 = new \phpbb\auth\auth();
 137                      $auth2->acl($userdata);
 138                  }
 139                  else
 140                  {
 141                      global $auth;
 142                      $auth2 = &$auth;
 143                  }
 144  
 145                  $hold_ary[$userdata['user_id']] = array();
 146                  foreach ($forum_ids as $f_id)
 147                  {
 148                      $hold_ary[$userdata['user_id']][$f_id] = array();
 149                      foreach ($compare_options as $option)
 150                      {
 151                          $hold_ary[$userdata['user_id']][$f_id][$option] = $auth2->acl_get($option, $f_id);
 152                      }
 153                  }
 154              }
 155              $db->sql_freeresult($result);
 156  
 157              unset($userdata);
 158              unset($auth2);
 159          }
 160  
 161          foreach ($ug_id as $_id)
 162          {
 163              if (!isset($hold_ary[$_id]))
 164              {
 165                  $hold_ary[$_id] = array();
 166              }
 167  
 168              foreach ($forum_ids as $f_id)
 169              {
 170                  if (!isset($hold_ary[$_id][$f_id]))
 171                  {
 172                      $hold_ary[$_id][$f_id] = array();
 173                  }
 174              }
 175          }
 176  
 177          // Now, we need to fill the gaps with $acl_fill. ;)
 178  
 179          // Now switch back to keys
 180          if (count($compare_options))
 181          {
 182              $compare_options = array_combine($compare_options, array_fill(1, count($compare_options), $acl_fill));
 183          }
 184  
 185          // Defining the user-function here to save some memory
 186          $return_acl_fill = function () use ($acl_fill)
 187          {
 188              return $acl_fill;
 189          };
 190  
 191          // Actually fill the gaps
 192          if (count($hold_ary))
 193          {
 194              foreach ($hold_ary as $ug_id => $row)
 195              {
 196                  foreach ($row as $id => $options)
 197                  {
 198                      // Do not include the global auth_option
 199                      unset($options[$auth_option]);
 200  
 201                      // Not a "fine" solution, but at all it's a 1-dimensional
 202                      // array_diff_key function filling the resulting array values with zeros
 203                      // The differences get merged into $hold_ary (all permissions having $acl_fill set)
 204                      $hold_ary[$ug_id][$id] = array_merge($options,
 205  
 206                          array_map($return_acl_fill,
 207                              array_flip(
 208                                  array_diff(
 209                                      array_keys($compare_options), array_keys($options)
 210                                  )
 211                              )
 212                          )
 213                      );
 214                  }
 215              }
 216          }
 217          else
 218          {
 219              $hold_ary[($group_id !== false) ? $group_id : $user_id][(int) $forum_id] = $compare_options;
 220          }
 221  
 222          return $hold_ary;
 223      }
 224  
 225      /**
 226      * Get permission mask for roles
 227      * This function only supports getting masks for one role
 228      */
 229  	function get_role_mask($role_id)
 230      {
 231          global $db;
 232  
 233          $hold_ary = array();
 234  
 235          // Get users having this role set...
 236          $sql = 'SELECT user_id, forum_id
 237              FROM ' . ACL_USERS_TABLE . '
 238              WHERE auth_role_id = ' . $role_id . '
 239              ORDER BY forum_id';
 240          $result = $db->sql_query($sql);
 241  
 242          while ($row = $db->sql_fetchrow($result))
 243          {
 244              $hold_ary[$row['forum_id']]['users'][] = $row['user_id'];
 245          }
 246          $db->sql_freeresult($result);
 247  
 248          // Now grab groups...
 249          $sql = 'SELECT group_id, forum_id
 250              FROM ' . ACL_GROUPS_TABLE . '
 251              WHERE auth_role_id = ' . $role_id . '
 252              ORDER BY forum_id';
 253          $result = $db->sql_query($sql);
 254  
 255          while ($row = $db->sql_fetchrow($result))
 256          {
 257              $hold_ary[$row['forum_id']]['groups'][] = $row['group_id'];
 258          }
 259          $db->sql_freeresult($result);
 260  
 261          return $hold_ary;
 262      }
 263  
 264      /**
 265      * Display permission mask (assign to template)
 266      */
 267  	function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true)
 268      {
 269          global $template, $user, $db, $phpbb_container;
 270  
 271          /* @var $phpbb_permissions \phpbb\permissions */
 272          $phpbb_permissions = $phpbb_container->get('acl.permissions');
 273  
 274          /** @var \phpbb\group\helper $group_helper */
 275          $group_helper = $phpbb_container->get('group_helper');
 276  
 277          // Define names for template loops, might be able to be set
 278          $tpl_pmask = 'p_mask';
 279          $tpl_fmask = 'f_mask';
 280          $tpl_category = 'category';
 281          $tpl_mask = 'mask';
 282  
 283          $l_acl_type = $phpbb_permissions->get_type_lang($permission_type, (($local) ? 'local' : 'global'));
 284  
 285          // Allow trace for viewing permissions and in user mode
 286          $show_trace = ($mode == 'view' && $user_mode == 'user') ? true : false;
 287  
 288          // Get names
 289          if ($user_mode == 'user')
 290          {
 291              $sql = 'SELECT user_id as ug_id, username as ug_name
 292                  FROM ' . USERS_TABLE . '
 293                  WHERE ' . $db->sql_in_set('user_id', array_keys($hold_ary)) . '
 294                  ORDER BY username_clean ASC';
 295          }
 296          else
 297          {
 298              $sql = 'SELECT group_id as ug_id, group_name as ug_name, group_type
 299                  FROM ' . GROUPS_TABLE . '
 300                  WHERE ' . $db->sql_in_set('group_id', array_keys($hold_ary)) . '
 301                  ORDER BY group_type DESC, group_name ASC';
 302          }
 303          $result = $db->sql_query($sql);
 304  
 305          $ug_names_ary = array();
 306          while ($row = $db->sql_fetchrow($result))
 307          {
 308              $ug_names_ary[$row['ug_id']] = ($user_mode == 'user') ? $row['ug_name'] : $group_helper->get_name($row['ug_name']);
 309          }
 310          $db->sql_freeresult($result);
 311  
 312          // Get used forums
 313          $forum_ids = array();
 314          foreach ($hold_ary as $ug_id => $row)
 315          {
 316              $forum_ids = array_merge($forum_ids, array_keys($row));
 317          }
 318          $forum_ids = array_unique($forum_ids);
 319  
 320          $forum_names_ary = array();
 321          if ($local)
 322          {
 323              $forum_names_ary = make_forum_select(false, false, true, false, false, false, true);
 324  
 325              // Remove the disabled ones, since we do not create an option field here...
 326              foreach ($forum_names_ary as $key => $value)
 327              {
 328                  if (!$value['disabled'])
 329                  {
 330                      continue;
 331                  }
 332                  unset($forum_names_ary[$key]);
 333              }
 334          }
 335          else
 336          {
 337              $forum_names_ary[0] = $l_acl_type;
 338          }
 339  
 340          // Get available roles
 341          $sql = 'SELECT *
 342              FROM ' . ACL_ROLES_TABLE . "
 343              WHERE role_type = '" . $db->sql_escape($permission_type) . "'
 344              ORDER BY role_order ASC";
 345          $result = $db->sql_query($sql);
 346  
 347          $roles = array();
 348          while ($row = $db->sql_fetchrow($result))
 349          {
 350              $roles[$row['role_id']] = $row;
 351          }
 352          $db->sql_freeresult($result);
 353  
 354          $cur_roles = $this->acl_role_data($user_mode, $permission_type, array_keys($hold_ary));
 355  
 356          // Build js roles array (role data assignments)
 357          $s_role_js_array = '';
 358  
 359          if (count($roles))
 360          {
 361              $s_role_js_array = array();
 362  
 363              // Make sure every role (even if empty) has its array defined
 364              foreach ($roles as $_role_id => $null)
 365              {
 366                  $s_role_js_array[$_role_id] = "\n" . 'role_options[' . $_role_id . '] = new Array();' . "\n";
 367              }
 368  
 369              $sql = 'SELECT r.role_id, o.auth_option, r.auth_setting
 370                  FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
 371                  WHERE o.auth_option_id = r.auth_option_id
 372                      AND ' . $db->sql_in_set('r.role_id', array_keys($roles));
 373              $result = $db->sql_query($sql);
 374  
 375              while ($row = $db->sql_fetchrow($result))
 376              {
 377                  $flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1);
 378                  if ($flag == $row['auth_option'])
 379                  {
 380                      continue;
 381                  }
 382  
 383                  $s_role_js_array[$row['role_id']] .= 'role_options[' . $row['role_id'] . '][\'' . addslashes($row['auth_option']) . '\'] = ' . $row['auth_setting'] . '; ';
 384              }
 385              $db->sql_freeresult($result);
 386  
 387              $s_role_js_array = implode('', $s_role_js_array);
 388          }
 389  
 390          $template->assign_var('S_ROLE_JS_ARRAY', $s_role_js_array);
 391          unset($s_role_js_array);
 392  
 393          // Now obtain memberships
 394          $user_groups_default = $user_groups_custom = array();
 395          if ($user_mode == 'user' && $group_display)
 396          {
 397              $sql = 'SELECT group_id, group_name, group_type
 398                  FROM ' . GROUPS_TABLE . '
 399                  ORDER BY group_type DESC, group_name ASC';
 400              $result = $db->sql_query($sql);
 401  
 402              $groups = array();
 403              while ($row = $db->sql_fetchrow($result))
 404              {
 405                  $groups[$row['group_id']] = $row;
 406              }
 407              $db->sql_freeresult($result);
 408  
 409              $memberships = group_memberships(false, array_keys($hold_ary), false);
 410  
 411              // User is not a member of any group? Bad admin, bad bad admin...
 412              if ($memberships)
 413              {
 414                  foreach ($memberships as $row)
 415                  {
 416                      $user_groups_default[$row['user_id']][] = $group_helper->get_name($groups[$row['group_id']]['group_name']);
 417                  }
 418              }
 419              unset($memberships, $groups);
 420          }
 421  
 422          // If we only have one forum id to display or being in local mode and more than one user/group to display,
 423          // we switch the complete interface to group by user/usergroup instead of grouping by forum
 424          // To achieve this, we need to switch the array a bit
 425          if (count($forum_ids) == 1 || ($local && count($ug_names_ary) > 1))
 426          {
 427              $hold_ary_temp = $hold_ary;
 428              $hold_ary = array();
 429              foreach ($hold_ary_temp as $ug_id => $row)
 430              {
 431                  foreach ($forum_names_ary as $forum_id => $forum_row)
 432                  {
 433                      if (isset($row[$forum_id]))
 434                      {
 435                          $hold_ary[$forum_id][$ug_id] = $row[$forum_id];
 436                      }
 437                  }
 438              }
 439              unset($hold_ary_temp);
 440  
 441              foreach ($hold_ary as $forum_id => $forum_array)
 442              {
 443                  $content_array = $categories = array();
 444                  $this->build_permission_array($hold_ary[$forum_id], $content_array, $categories, array_keys($ug_names_ary));
 445  
 446                  $template->assign_block_vars($tpl_pmask, array(
 447                      'NAME'            => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
 448                      'PADDING'        => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
 449  
 450                      'CATEGORIES'    => implode('</th><th>', $categories),
 451  
 452                      'L_ACL_TYPE'    => $l_acl_type,
 453  
 454                      'S_LOCAL'        => ($local) ? true : false,
 455                      'S_GLOBAL'        => (!$local) ? true : false,
 456                      'S_NUM_CATS'    => count($categories),
 457                      'S_VIEW'        => ($mode == 'view') ? true : false,
 458                      'S_NUM_OBJECTS'    => count($content_array),
 459                      'S_USER_MODE'    => ($user_mode == 'user') ? true : false,
 460                      'S_GROUP_MODE'    => ($user_mode == 'group') ? true : false)
 461                  );
 462  
 463                  @reset($content_array);
 464                  while (list($ug_id, $ug_array) = each($content_array))
 465                  {
 466                      // Build role dropdown options
 467                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 468  
 469                      $role_options = array();
 470  
 471                      $s_role_options = '';
 472                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 473  
 474                      @reset($roles);
 475                      while (list($role_id, $role_row) = each($roles))
 476                      {
 477                          $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
 478                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
 479  
 480                          $title = ($role_description) ? ' title="' . $role_description . '"' : '';
 481                          $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';
 482  
 483                          $role_options[] = array(
 484                              'ID'    => $role_id,
 485                              'ROLE_NAME'    => $role_name,
 486                              'TITLE'        => $role_description,
 487                              'SELECTED'    => $role_id == $current_role_id,
 488                          );
 489                      }
 490  
 491                      if ($s_role_options)
 492                      {
 493                          $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
 494                      }
 495  
 496                      if (!$current_role_id && $mode != 'view')
 497                      {
 498                          $s_custom_permissions = false;
 499  
 500                          foreach ($ug_array as $key => $value)
 501                          {
 502                              if ($value['S_NEVER'] || $value['S_YES'])
 503                              {
 504                                  $s_custom_permissions = true;
 505                                  break;
 506                              }
 507                          }
 508                      }
 509                      else
 510                      {
 511                          $s_custom_permissions = false;
 512                      }
 513  
 514                      $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
 515                          'NAME'                => $ug_names_ary[$ug_id],
 516                          'UG_ID'                => $ug_id,
 517                          'S_ROLE_OPTIONS'    => $s_role_options,
 518                          'S_CUSTOM'            => $s_custom_permissions,
 519                          'FORUM_ID'            => $forum_id,
 520                          'S_ROLE_ID'            => $current_role_id,
 521                      ));
 522  
 523                      $template->assign_block_vars_array($tpl_pmask . '.' . $tpl_fmask . '.role_options', $role_options);
 524  
 525                      $this->assign_cat_array($ug_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, ($mode == 'view'), $show_trace);
 526  
 527                      unset($content_array[$ug_id]);
 528                  }
 529  
 530                  unset($hold_ary[$forum_id]);
 531              }
 532          }
 533          else
 534          {
 535              foreach ($ug_names_ary as $ug_id => $ug_name)
 536              {
 537                  if (!isset($hold_ary[$ug_id]))
 538                  {
 539                      continue;
 540                  }
 541  
 542                  $content_array = $categories = array();
 543                  $this->build_permission_array($hold_ary[$ug_id], $content_array, $categories, array_keys($forum_names_ary));
 544  
 545                  $template->assign_block_vars($tpl_pmask, array(
 546                      'NAME'            => $ug_name,
 547                      'CATEGORIES'    => implode('</th><th>', $categories),
 548  
 549                      'USER_GROUPS_DEFAULT'    => ($user_mode == 'user' && isset($user_groups_default[$ug_id]) && count($user_groups_default[$ug_id])) ? implode($user->lang['COMMA_SEPARATOR'], $user_groups_default[$ug_id]) : '',
 550                      'USER_GROUPS_CUSTOM'    => ($user_mode == 'user' && isset($user_groups_custom[$ug_id]) && count($user_groups_custom[$ug_id])) ? implode($user->lang['COMMA_SEPARATOR'], $user_groups_custom[$ug_id]) : '',
 551                      'L_ACL_TYPE'            => $l_acl_type,
 552  
 553                      'S_LOCAL'        => ($local) ? true : false,
 554                      'S_GLOBAL'        => (!$local) ? true : false,
 555                      'S_NUM_CATS'    => count($categories),
 556                      'S_VIEW'        => ($mode == 'view') ? true : false,
 557                      'S_NUM_OBJECTS'    => count($content_array),
 558                      'S_USER_MODE'    => ($user_mode == 'user') ? true : false,
 559                      'S_GROUP_MODE'    => ($user_mode == 'group') ? true : false)
 560                  );
 561  
 562                  @reset($content_array);
 563                  while (list($forum_id, $forum_array) = each($content_array))
 564                  {
 565                      // Build role dropdown options
 566                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 567  
 568                      $role_options = array();
 569  
 570                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 571                      $s_role_options = '';
 572  
 573                      @reset($roles);
 574                      while (list($role_id, $role_row) = each($roles))
 575                      {
 576                          $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
 577                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
 578  
 579                          $title = ($role_description) ? ' title="' . $role_description . '"' : '';
 580                          $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';
 581  
 582                          $role_options[] = array(
 583                              'ID'    => $role_id,
 584                              'ROLE_NAME'    => $role_name,
 585                              'TITLE'        => $role_description,
 586                              'SELECTED'    => $role_id == $current_role_id,
 587                          );
 588                      }
 589  
 590                      if ($s_role_options)
 591                      {
 592                          $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
 593                      }
 594  
 595                      if (!$current_role_id && $mode != 'view')
 596                      {
 597                          $s_custom_permissions = false;
 598  
 599                          foreach ($forum_array as $key => $value)
 600                          {
 601                              if ($value['S_NEVER'] || $value['S_YES'])
 602                              {
 603                                  $s_custom_permissions = true;
 604                                  break;
 605                              }
 606                          }
 607                      }
 608                      else
 609                      {
 610                          $s_custom_permissions = false;
 611                      }
 612  
 613                      $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
 614                          'NAME'                => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
 615                          'PADDING'            => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
 616                          'S_CUSTOM'            => $s_custom_permissions,
 617                          'UG_ID'                => $ug_id,
 618                          'S_ROLE_OPTIONS'    => $s_role_options,
 619                          'FORUM_ID'            => $forum_id)
 620                      );
 621  
 622                      $template->assign_block_vars_array($tpl_pmask . '.' . $tpl_fmask . '.role_options', $role_options);
 623  
 624                      $this->assign_cat_array($forum_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, ($mode == 'view'), $show_trace);
 625                  }
 626  
 627                  unset($hold_ary[$ug_id], $ug_names_ary[$ug_id]);
 628              }
 629          }
 630      }
 631  
 632      /**
 633      * Display permission mask for roles
 634      */
 635  	function display_role_mask(&$hold_ary)
 636      {
 637          global $db, $template, $user, $phpbb_root_path, $phpEx;
 638          global $phpbb_container;
 639  
 640          if (!count($hold_ary))
 641          {
 642              return;
 643          }
 644  
 645          /** @var \phpbb\group\helper $group_helper */
 646          $group_helper = $phpbb_container->get('group_helper');
 647  
 648          // Get forum names
 649          $sql = 'SELECT forum_id, forum_name
 650              FROM ' . FORUMS_TABLE . '
 651              WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary)) . '
 652              ORDER BY left_id';
 653          $result = $db->sql_query($sql);
 654  
 655          // If the role is used globally, then reflect that
 656          $forum_names = (isset($hold_ary[0])) ? array(0 => '') : array();
 657          while ($row = $db->sql_fetchrow($result))
 658          {
 659              $forum_names[$row['forum_id']] = $row['forum_name'];
 660          }
 661          $db->sql_freeresult($result);
 662  
 663          foreach ($forum_names as $forum_id => $forum_name)
 664          {
 665              $auth_ary = $hold_ary[$forum_id];
 666  
 667              $template->assign_block_vars('role_mask', array(
 668                  'NAME'                => ($forum_id == 0) ? $user->lang['GLOBAL_MASK'] : $forum_name,
 669                  'FORUM_ID'            => $forum_id)
 670              );
 671  
 672              if (isset($auth_ary['users']) && count($auth_ary['users']))
 673              {
 674                  $sql = 'SELECT user_id, username
 675                      FROM ' . USERS_TABLE . '
 676                      WHERE ' . $db->sql_in_set('user_id', $auth_ary['users']) . '
 677                      ORDER BY username_clean ASC';
 678                  $result = $db->sql_query($sql);
 679  
 680                  while ($row = $db->sql_fetchrow($result))
 681                  {
 682                      $template->assign_block_vars('role_mask.users', array(
 683                          'USER_ID'        => $row['user_id'],
 684                          'USERNAME'        => get_username_string('username', $row['user_id'], $row['username']),
 685                          'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username']),
 686                      ));
 687                  }
 688                  $db->sql_freeresult($result);
 689              }
 690  
 691              if (isset($auth_ary['groups']) && count($auth_ary['groups']))
 692              {
 693                  $sql = 'SELECT group_id, group_name, group_type
 694                      FROM ' . GROUPS_TABLE . '
 695                      WHERE ' . $db->sql_in_set('group_id', $auth_ary['groups']) . '
 696                      ORDER BY group_type ASC, group_name';
 697                  $result = $db->sql_query($sql);
 698  
 699                  while ($row = $db->sql_fetchrow($result))
 700                  {
 701                      $template->assign_block_vars('role_mask.groups', array(
 702                          'GROUP_ID'        => $row['group_id'],
 703                          'GROUP_NAME'    => $group_helper->get_name($row['group_name']),
 704                          'U_PROFILE'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=group&amp;g={$row['group_id']}"))
 705                      );
 706                  }
 707                  $db->sql_freeresult($result);
 708              }
 709          }
 710      }
 711  
 712      /**
 713      * NOTE: this function is not in use atm
 714      * Add a new option to the list ... $options is a hash of form ->
 715      * $options = array(
 716      *    'local'        => array('option1', 'option2', ...),
 717      *    'global'    => array('optionA', 'optionB', ...)
 718      * );
 719      */
 720  	function acl_add_option($options)
 721      {
 722          global $db, $cache;
 723  
 724          if (!is_array($options))
 725          {
 726              return false;
 727          }
 728  
 729          $cur_options = array();
 730  
 731          // Determine current options
 732          $sql = 'SELECT auth_option, is_global, is_local
 733              FROM ' . ACL_OPTIONS_TABLE . '
 734              ORDER BY auth_option_id';
 735          $result = $db->sql_query($sql);
 736  
 737          while ($row = $db->sql_fetchrow($result))
 738          {
 739              $cur_options[$row['auth_option']] = ($row['is_global'] && $row['is_local']) ? 'both' : (($row['is_global']) ? 'global' : 'local');
 740          }
 741          $db->sql_freeresult($result);
 742  
 743          // Here we need to insert new options ... this requires discovering whether
 744          // an options is global, local or both and whether we need to add an permission
 745          // set flag (x_)
 746          $new_options = array('local' => array(), 'global' => array());
 747  
 748          foreach ($options as $type => $option_ary)
 749          {
 750              $option_ary = array_unique($option_ary);
 751  
 752              foreach ($option_ary as $option_value)
 753              {
 754                  $new_options[$type][] = $option_value;
 755  
 756                  $flag = substr($option_value, 0, strpos($option_value, '_') + 1);
 757  
 758                  if (!in_array($flag, $new_options[$type]))
 759                  {
 760                      $new_options[$type][] = $flag;
 761                  }
 762              }
 763          }
 764          unset($options);
 765  
 766          $options = array();
 767          $options['local'] = array_diff($new_options['local'], $new_options['global']);
 768          $options['global'] = array_diff($new_options['global'], $new_options['local']);
 769          $options['both'] = array_intersect($new_options['local'], $new_options['global']);
 770  
 771          // Now check which options to add/update
 772          $add_options = $update_options = array();
 773  
 774          // First local ones...
 775          foreach ($options as $type => $option_ary)
 776          {
 777              foreach ($option_ary as $option)
 778              {
 779                  if (!isset($cur_options[$option]))
 780                  {
 781                      $add_options[] = array(
 782                          'auth_option'    => (string) $option,
 783                          'is_global'        => ($type == 'global' || $type == 'both') ? 1 : 0,
 784                          'is_local'        => ($type == 'local' || $type == 'both') ? 1 : 0
 785                      );
 786  
 787                      continue;
 788                  }
 789  
 790                  // Else, update existing entry if it is changed...
 791                  if ($type === $cur_options[$option])
 792                  {
 793                      continue;
 794                  }
 795  
 796                  // New type is always both:
 797                  // If is now both, we set both.
 798                  // If it was global the new one is local and we need to set it to both
 799                  // If it was local the new one is global and we need to set it to both
 800                  $update_options[] = $option;
 801              }
 802          }
 803  
 804          if (!empty($add_options))
 805          {
 806              $db->sql_multi_insert(ACL_OPTIONS_TABLE, $add_options);
 807          }
 808  
 809          if (!empty($update_options))
 810          {
 811              $sql = 'UPDATE ' . ACL_OPTIONS_TABLE . '
 812                  SET is_global = 1, is_local = 1
 813                  WHERE ' . $db->sql_in_set('auth_option', $update_options);
 814              $db->sql_query($sql);
 815          }
 816  
 817          $cache->destroy('_acl_options');
 818          $this->acl_clear_prefetch();
 819  
 820          // Because we just changed the options and also purged the options cache, we instantly update/regenerate it for later calls to succeed.
 821          $this->acl_options = array();
 822          $this->__construct();
 823  
 824          return true;
 825      }
 826  
 827      /**
 828      * Set a user or group ACL record
 829      */
 830  	function acl_set($ug_type, $forum_id, $ug_id, $auth, $role_id = 0, $clear_prefetch = true)
 831      {
 832          global $db;
 833  
 834          // One or more forums
 835          if (!is_array($forum_id))
 836          {
 837              $forum_id = array($forum_id);
 838          }
 839  
 840          // One or more users
 841          if (!is_array($ug_id))
 842          {
 843              $ug_id = array($ug_id);
 844          }
 845  
 846          $ug_id_sql = $db->sql_in_set($ug_type . '_id', array_map('intval', $ug_id));
 847          $forum_sql = $db->sql_in_set('forum_id', array_map('intval', $forum_id));
 848  
 849          // Instead of updating, inserting, removing we just remove all current settings and re-set everything...
 850          $table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
 851          $id_field = $ug_type . '_id';
 852  
 853          // Get any flags as required
 854          reset($auth);
 855          $flag = key($auth);
 856          $flag = substr($flag, 0, strpos($flag, '_') + 1);
 857  
 858          // This ID (the any-flag) is set if one or more permissions are true...
 859          $any_option_id = (int) $this->acl_options['id'][$flag];
 860  
 861          // Remove any-flag from auth ary
 862          if (isset($auth[$flag]))
 863          {
 864              unset($auth[$flag]);
 865          }
 866  
 867          // Remove current auth options...
 868          $auth_option_ids = array((int) $any_option_id);
 869          foreach ($auth as $auth_option => $auth_setting)
 870          {
 871              $auth_option_ids[] = (int) $this->acl_options['id'][$auth_option];
 872          }
 873  
 874          $sql = "DELETE FROM $table
 875              WHERE $forum_sql
 876                  AND $ug_id_sql
 877                  AND " . $db->sql_in_set('auth_option_id', $auth_option_ids);
 878          $db->sql_query($sql);
 879  
 880          // Remove those having a role assigned... the correct type of course...
 881          $sql = 'SELECT role_id
 882              FROM ' . ACL_ROLES_TABLE . "
 883              WHERE role_type = '" . $db->sql_escape($flag) . "'";
 884          $result = $db->sql_query($sql);
 885  
 886          $role_ids = array();
 887          while ($row = $db->sql_fetchrow($result))
 888          {
 889              $role_ids[] = $row['role_id'];
 890          }
 891          $db->sql_freeresult($result);
 892  
 893          if (count($role_ids))
 894          {
 895              $sql = "DELETE FROM $table
 896                  WHERE $forum_sql
 897                      AND $ug_id_sql
 898                      AND auth_option_id = 0
 899                      AND " . $db->sql_in_set('auth_role_id', $role_ids);
 900              $db->sql_query($sql);
 901          }
 902  
 903          // Ok, include the any-flag if one or more auth options are set to yes...
 904          foreach ($auth as $auth_option => $setting)
 905          {
 906              if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))
 907              {
 908                  $auth[$flag] = ACL_YES;
 909              }
 910          }
 911  
 912          $sql_ary = array();
 913          foreach ($forum_id as $forum)
 914          {
 915              $forum = (int) $forum;
 916  
 917              if ($role_id)
 918              {
 919                  foreach ($ug_id as $id)
 920                  {
 921                      $sql_ary[] = array(
 922                          $id_field            => (int) $id,
 923                          'forum_id'            => (int) $forum,
 924                          'auth_option_id'    => 0,
 925                          'auth_setting'        => 0,
 926                          'auth_role_id'        => (int) $role_id,
 927                      );
 928                  }
 929              }
 930              else
 931              {
 932                  foreach ($auth as $auth_option => $setting)
 933                  {
 934                      $auth_option_id = (int) $this->acl_options['id'][$auth_option];
 935  
 936                      if ($setting != ACL_NO)
 937                      {
 938                          foreach ($ug_id as $id)
 939                          {
 940                              $sql_ary[] = array(
 941                                  $id_field            => (int) $id,
 942                                  'forum_id'            => (int) $forum,
 943                                  'auth_option_id'    => (int) $auth_option_id,
 944                                  'auth_setting'        => (int) $setting
 945                              );
 946                          }
 947                      }
 948                  }
 949              }
 950          }
 951  
 952          $db->sql_multi_insert($table, $sql_ary);
 953  
 954          if ($clear_prefetch)
 955          {
 956              $this->acl_clear_prefetch();
 957          }
 958      }
 959  
 960      /**
 961      * Set a role-specific ACL record
 962      */
 963  	function acl_set_role($role_id, $auth)
 964      {
 965          global $db;
 966  
 967          // Get any-flag as required
 968          reset($auth);
 969          $flag = key($auth);
 970          $flag = substr($flag, 0, strpos($flag, '_') + 1);
 971  
 972          // Remove any-flag from auth ary
 973          if (isset($auth[$flag]))
 974          {
 975              unset($auth[$flag]);
 976          }
 977  
 978          // Re-set any flag...
 979          foreach ($auth as $auth_option => $setting)
 980          {
 981              if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))
 982              {
 983                  $auth[$flag] = ACL_YES;
 984              }
 985          }
 986  
 987          $sql_ary = array();
 988          foreach ($auth as $auth_option => $setting)
 989          {
 990              $auth_option_id = (int) $this->acl_options['id'][$auth_option];
 991  
 992              if ($setting != ACL_NO)
 993              {
 994                  $sql_ary[] = array(
 995                      'role_id'            => (int) $role_id,
 996                      'auth_option_id'    => (int) $auth_option_id,
 997                      'auth_setting'        => (int) $setting
 998                  );
 999              }
1000          }
1001  
1002          // If no data is there, we set the any-flag to ACL_NEVER...
1003          if (!count($sql_ary))
1004          {
1005              $sql_ary[] = array(
1006                  'role_id'            => (int) $role_id,
1007                  'auth_option_id'    => (int) $this->acl_options['id'][$flag],
1008                  'auth_setting'        => ACL_NEVER
1009              );
1010          }
1011  
1012          // Remove current auth options...
1013          $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
1014              WHERE role_id = ' . $role_id;
1015          $db->sql_query($sql);
1016  
1017          // Now insert the new values
1018          $db->sql_multi_insert(ACL_ROLES_DATA_TABLE, $sql_ary);
1019  
1020          $this->acl_clear_prefetch();
1021      }
1022  
1023      /**
1024      * Remove local permission
1025      */
1026  	function acl_delete($mode, $ug_id = false, $forum_id = false, $permission_type = false)
1027      {
1028          global $db;
1029  
1030          if ($ug_id === false && $forum_id === false)
1031          {
1032              return;
1033          }
1034  
1035          $option_id_ary = array();
1036          $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
1037          $id_field = $mode . '_id';
1038  
1039          $where_sql = array();
1040  
1041          if ($forum_id !== false)
1042          {
1043              $where_sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : $db->sql_in_set('forum_id', array_map('intval', $forum_id));
1044          }
1045  
1046          if ($ug_id !== false)
1047          {
1048              $where_sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $db->sql_in_set($id_field, array_map('intval', $ug_id));
1049          }
1050  
1051          // There seem to be auth options involved, therefore we need to go through the list and make sure we capture roles correctly
1052          if ($permission_type !== false)
1053          {
1054              // Get permission type
1055              $sql = 'SELECT auth_option, auth_option_id
1056                  FROM ' . ACL_OPTIONS_TABLE . "
1057                  WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char());
1058              $result = $db->sql_query($sql);
1059  
1060              $auth_id_ary = array();
1061              while ($row = $db->sql_fetchrow($result))
1062              {
1063                  $option_id_ary[] = $row['auth_option_id'];
1064                  $auth_id_ary[$row['auth_option']] = ACL_NO;
1065              }
1066              $db->sql_freeresult($result);
1067  
1068              // First of all, lets grab the items having roles with the specified auth options assigned
1069              $sql = "SELECT auth_role_id, $id_field, forum_id
1070                  FROM $table, " . ACL_ROLES_TABLE . " r
1071                  WHERE auth_role_id <> 0
1072                      AND auth_role_id = r.role_id
1073                      AND r.role_type = '{$permission_type}'
1074                      AND " . implode(' AND ', $where_sql) . '
1075                  ORDER BY auth_role_id';
1076              $result = $db->sql_query($sql);
1077  
1078              $cur_role_auth = array();
1079              while ($row = $db->sql_fetchrow($result))
1080              {
1081                  $cur_role_auth[$row['auth_role_id']][$row['forum_id']][] = $row[$id_field];
1082              }
1083              $db->sql_freeresult($result);
1084  
1085              // Get role data for resetting data
1086              if (count($cur_role_auth))
1087              {
1088                  $sql = 'SELECT ao.auth_option, rd.role_id, rd.auth_setting
1089                      FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_ROLES_DATA_TABLE . ' rd
1090                      WHERE ao.auth_option_id = rd.auth_option_id
1091                          AND ' . $db->sql_in_set('rd.role_id', array_keys($cur_role_auth));
1092                  $result = $db->sql_query($sql);
1093  
1094                  $auth_settings = array();
1095                  while ($row = $db->sql_fetchrow($result))
1096                  {
1097                      // We need to fill all auth_options, else setting it will fail...
1098                      if (!isset($auth_settings[$row['role_id']]))
1099                      {
1100                          $auth_settings[$row['role_id']] = $auth_id_ary;
1101                      }
1102                      $auth_settings[$row['role_id']][$row['auth_option']] = $row['auth_setting'];
1103                  }
1104                  $db->sql_freeresult($result);
1105  
1106                  // Set the options
1107                  foreach ($cur_role_auth as $role_id => $auth_row)
1108                  {
1109                      foreach ($auth_row as $f_id => $ug_row)
1110                      {
1111                          $this->acl_set($mode, $f_id, $ug_row, $auth_settings[$role_id], 0, false);
1112                      }
1113                  }
1114              }
1115          }
1116  
1117          // Now, normally remove permissions...
1118          if ($permission_type !== false)
1119          {
1120              $where_sql[] = $db->sql_in_set('auth_option_id', array_map('intval', $option_id_ary));
1121          }
1122  
1123          $sql = "DELETE FROM $table
1124              WHERE " . implode(' AND ', $where_sql);
1125          $db->sql_query($sql);
1126  
1127          $this->acl_clear_prefetch();
1128      }
1129  
1130      /**
1131      * Assign category to template
1132      * used by display_mask()
1133      */
1134  	function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id, $s_view, $show_trace = false)
1135      {
1136          global $template, $phpbb_admin_path, $phpEx, $phpbb_container;
1137  
1138          /* @var $phpbb_permissions \phpbb\permissions */
1139          $phpbb_permissions = $phpbb_container->get('acl.permissions');
1140  
1141          @reset($category_array);
1142          while (list($cat, $cat_array) = each($category_array))
1143          {
1144              if (!$phpbb_permissions->category_defined($cat))
1145              {
1146                  continue;
1147              }
1148  
1149              $template->assign_block_vars($tpl_cat, array(
1150                  'S_YES'        => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
1151                  'S_NEVER'    => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
1152                  'S_NO'        => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false,
1153  
1154                  'CAT_NAME'    => $phpbb_permissions->get_category_lang($cat),
1155              ));
1156  
1157              /*    Sort permissions by name (more naturaly and user friendly than sorting by a primary key)
1158              *    Commented out due to it's memory consumption and time needed
1159              *
1160              $key_array = array_intersect(array_keys($user->lang), array_map(create_function('$a', 'return "acl_" . $a;'), array_keys($cat_array['permissions'])));
1161              $values_array = $cat_array['permissions'];
1162  
1163              $cat_array['permissions'] = array();
1164  
1165              foreach ($key_array as $key)
1166              {
1167                  $key = str_replace('acl_', '', $key);
1168                  $cat_array['permissions'][$key] = $values_array[$key];
1169              }
1170              unset($key_array, $values_array);
1171  */
1172              @reset($cat_array['permissions']);
1173              while (list($permission, $allowed) = each($cat_array['permissions']))
1174              {
1175                  if (!$phpbb_permissions->permission_defined($permission))
1176                  {
1177                      continue;
1178                  }
1179  
1180                  if ($s_view)
1181                  {
1182                      $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(
1183                          'S_YES'        => ($allowed == ACL_YES) ? true : false,
1184                          'S_NEVER'    => ($allowed == ACL_NEVER) ? true : false,
1185  
1186                          'UG_ID'            => $ug_id,
1187                          'FORUM_ID'        => $forum_id,
1188                          'FIELD_NAME'    => $permission,
1189                          'S_FIELD_NAME'    => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',
1190  
1191                          'U_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&amp;mode=trace&amp;u=$ug_id&amp;f=$forum_id&amp;auth=$permission") : '',
1192                          'UA_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
1193  
1194                          'PERMISSION'    => $phpbb_permissions->get_permission_lang($permission),
1195                      ));
1196                  }
1197                  else
1198                  {
1199                      $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(
1200                          'S_YES'        => ($allowed == ACL_YES) ? true : false,
1201                          'S_NEVER'    => ($allowed == ACL_NEVER) ? true : false,
1202                          'S_NO'        => ($allowed == ACL_NO) ? true : false,
1203  
1204                          'UG_ID'            => $ug_id,
1205                          'FORUM_ID'        => $forum_id,
1206                          'FIELD_NAME'    => $permission,
1207                          'S_FIELD_NAME'    => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',
1208  
1209                          'U_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&amp;mode=trace&amp;u=$ug_id&amp;f=$forum_id&amp;auth=$permission") : '',
1210                          'UA_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
1211  
1212                          'PERMISSION'    => $phpbb_permissions->get_permission_lang($permission),
1213                      ));
1214                  }
1215              }
1216          }
1217      }
1218  
1219      /**
1220      * Building content array from permission rows with explicit key ordering
1221      * used by display_mask()
1222      */
1223  	function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array)
1224      {
1225          global $phpbb_container;
1226  
1227          /* @var $phpbb_permissions \phpbb\permissions */
1228          $phpbb_permissions = $phpbb_container->get('acl.permissions');
1229  
1230          foreach ($key_sort_array as $forum_id)
1231          {
1232              if (!isset($permission_row[$forum_id]))
1233              {
1234                  continue;
1235              }
1236  
1237              $permissions = $permission_row[$forum_id];
1238              ksort($permissions);
1239  
1240              @reset($permissions);
1241              while (list($permission, $auth_setting) = each($permissions))
1242              {
1243                  $cat = $phpbb_permissions->get_permission_category($permission);
1244  
1245                  // Build our categories array
1246                  if (!isset($categories[$cat]))
1247                  {
1248                      $categories[$cat] = $phpbb_permissions->get_category_lang($cat);
1249                  }
1250  
1251                  // Build our content array
1252                  if (!isset($content_array[$forum_id]))
1253                  {
1254                      $content_array[$forum_id] = array();
1255                  }
1256  
1257                  if (!isset($content_array[$forum_id][$cat]))
1258                  {
1259                      $content_array[$forum_id][$cat] = array(
1260                          'S_YES'            => false,
1261                          'S_NEVER'        => false,
1262                          'S_NO'            => false,
1263                          'permissions'    => array(),
1264                      );
1265                  }
1266  
1267                  $content_array[$forum_id][$cat]['S_YES'] |= ($auth_setting == ACL_YES) ? true : false;
1268                  $content_array[$forum_id][$cat]['S_NEVER'] |= ($auth_setting == ACL_NEVER) ? true : false;
1269                  $content_array[$forum_id][$cat]['S_NO'] |= ($auth_setting == ACL_NO) ? true : false;
1270  
1271                  $content_array[$forum_id][$cat]['permissions'][$permission] = $auth_setting;
1272              }
1273          }
1274      }
1275  
1276      /**
1277      * Use permissions from another user. This transferes a permission set from one user to another.
1278      * The other user is always able to revert back to his permission set.
1279      * This function does not check for lower/higher permissions, it is possible for the user to gain
1280      * "more" permissions by this.
1281      * Admin permissions will not be copied.
1282      */
1283  	function ghost_permissions($from_user_id, $to_user_id)
1284      {
1285          global $db;
1286  
1287          if ($to_user_id == ANONYMOUS)
1288          {
1289              return false;
1290          }
1291  
1292          $hold_ary = $this->acl_raw_data_single_user($from_user_id);
1293  
1294          // Key 0 in $hold_ary are global options, all others are forum_ids
1295  
1296          // We disallow copying admin permissions
1297          foreach ($this->acl_options['global'] as $opt => $id)
1298          {
1299              if (strpos($opt, 'a_') === 0)
1300              {
1301                  $hold_ary[0][$this->acl_options['id'][$opt]] = ACL_NEVER;
1302              }
1303          }
1304  
1305          // Force a_switchperm to be allowed
1306          $hold_ary[0][$this->acl_options['id']['a_switchperm']] = ACL_YES;
1307  
1308          $user_permissions = $this->build_bitstring($hold_ary);
1309  
1310          if (!$user_permissions)
1311          {
1312              return false;
1313          }
1314  
1315          $sql = 'UPDATE ' . USERS_TABLE . "
1316              SET user_permissions = '" . $db->sql_escape($user_permissions) . "',
1317                  user_perm_from = $from_user_id
1318              WHERE user_id = " . $to_user_id;
1319          $db->sql_query($sql);
1320  
1321          return true;
1322      }
1323  }


Generated: Tue Apr 7 19:42:26 2020 Cross-referenced by PHPXref 0.7.1