[ Index ] |
PHP Cross Reference of phpBB-3.3.12-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 if (!defined('IN_PHPBB')) 18 { 19 exit; 20 } 21 22 class acp_permission_roles 23 { 24 var $u_action; 25 protected $auth_admin; 26 27 function main($id, $mode) 28 { 29 global $db, $user, $template, $phpbb_container; 30 global $phpbb_root_path, $phpEx; 31 global $request, $phpbb_log; 32 33 if (!function_exists('user_get_id_name')) 34 { 35 include($phpbb_root_path . 'includes/functions_user.' . $phpEx); 36 } 37 38 if (!class_exists('auth_admin')) 39 { 40 include($phpbb_root_path . 'includes/acp/auth.' . $phpEx); 41 } 42 43 $this->auth_admin = new auth_admin(); 44 45 $user->add_lang('acp/permissions'); 46 add_permission_language(); 47 48 $this->tpl_name = 'acp_permission_roles'; 49 50 $submit = (isset($_POST['submit'])) ? true : false; 51 $role_id = $request->variable('role_id', 0); 52 $action = $request->variable('action', ''); 53 $action = (isset($_POST['add'])) ? 'add' : $action; 54 55 $form_name = 'acp_permissions'; 56 add_form_key($form_name); 57 58 if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down'))) 59 { 60 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 61 } 62 63 switch ($mode) 64 { 65 case 'admin_roles': 66 $permission_type = 'a_'; 67 $this->page_title = 'ACP_ADMIN_ROLES'; 68 break; 69 70 case 'user_roles': 71 $permission_type = 'u_'; 72 $this->page_title = 'ACP_USER_ROLES'; 73 break; 74 75 case 'mod_roles': 76 $permission_type = 'm_'; 77 $this->page_title = 'ACP_MOD_ROLES'; 78 break; 79 80 case 'forum_roles': 81 $permission_type = 'f_'; 82 $this->page_title = 'ACP_FORUM_ROLES'; 83 break; 84 85 default: 86 trigger_error('NO_MODE', E_USER_ERROR); 87 break; 88 } 89 90 $template->assign_vars(array( 91 'L_TITLE' => $user->lang[$this->page_title], 92 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']) 93 ); 94 95 // Take action... admin submitted something 96 if ($submit || $action == 'remove') 97 { 98 switch ($action) 99 { 100 case 'remove': 101 102 $sql = 'SELECT * 103 FROM ' . ACL_ROLES_TABLE . ' 104 WHERE role_id = ' . $role_id; 105 $result = $db->sql_query($sql); 106 $role_row = $db->sql_fetchrow($result); 107 $db->sql_freeresult($result); 108 109 if (!$role_row) 110 { 111 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 112 } 113 114 if (confirm_box(true)) 115 { 116 $this->remove_role($role_id, $permission_type); 117 118 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; 119 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', false, array($role_name)); 120 trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action)); 121 } 122 else 123 { 124 confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array( 125 'i' => $id, 126 'mode' => $mode, 127 'role_id' => $role_id, 128 'action' => $action, 129 ))); 130 } 131 132 break; 133 134 case 'edit': 135 136 // Get role we edit 137 $sql = 'SELECT * 138 FROM ' . ACL_ROLES_TABLE . ' 139 WHERE role_id = ' . $role_id; 140 $result = $db->sql_query($sql); 141 $role_row = $db->sql_fetchrow($result); 142 $db->sql_freeresult($result); 143 144 if (!$role_row) 145 { 146 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 147 } 148 149 // no break; 150 151 case 'add': 152 153 if (!check_form_key($form_name)) 154 { 155 trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING); 156 } 157 158 $role_name = $request->variable('role_name', '', true); 159 $role_description = $request->variable('role_description', '', true); 160 $auth_settings = $request->variable('setting', array('' => 0)); 161 162 if (!$role_name) 163 { 164 trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING); 165 } 166 167 if (utf8_strlen($role_description) > 4000) 168 { 169 trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 170 } 171 172 // if we add/edit a role we check the name to be unique among the settings... 173 $sql = 'SELECT role_id 174 FROM ' . ACL_ROLES_TABLE . " 175 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 176 AND role_name = '" . $db->sql_escape($role_name) . "'"; 177 $result = $db->sql_query($sql); 178 $row = $db->sql_fetchrow($result); 179 $db->sql_freeresult($result); 180 181 // Make sure we only print out the error if we add the role or change it's name 182 if ($row && ($action == 'add' || ($action == 'edit' && $role_row['role_name'] != $role_name))) 183 { 184 trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING); 185 } 186 187 $sql_ary = array( 188 'role_name' => (string) $role_name, 189 'role_description' => (string) $role_description, 190 'role_type' => (string) $permission_type, 191 ); 192 193 if ($action == 'edit') 194 { 195 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 196 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 197 WHERE role_id = ' . $role_id; 198 $db->sql_query($sql); 199 } 200 else 201 { 202 // Get maximum role order for inserting a new role... 203 $sql = 'SELECT MAX(role_order) as max_order 204 FROM ' . ACL_ROLES_TABLE . " 205 WHERE role_type = '" . $db->sql_escape($permission_type) . "'"; 206 $result = $db->sql_query($sql); 207 $max_order = (int) $db->sql_fetchfield('max_order'); 208 $db->sql_freeresult($result); 209 210 $sql_ary['role_order'] = $max_order + 1; 211 212 $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary); 213 $db->sql_query($sql); 214 215 $role_id = $db->sql_nextid(); 216 } 217 218 // Now add the auth settings 219 $this->auth_admin->acl_set_role($role_id, $auth_settings); 220 221 $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name; 222 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), false, array($role_name)); 223 224 trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action)); 225 226 break; 227 } 228 } 229 230 // Display screens 231 switch ($action) 232 { 233 case 'add': 234 235 $options_from = $request->variable('options_from', 0); 236 237 $role_row = array( 238 'role_name' => $request->variable('role_name', '', true), 239 'role_description' => $request->variable('role_description', '', true), 240 'role_type' => $permission_type, 241 ); 242 243 if ($options_from) 244 { 245 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 246 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 247 WHERE o.auth_option_id = p.auth_option_id 248 AND p.role_id = ' . $options_from . ' 249 ORDER BY p.auth_option_id'; 250 $result = $db->sql_query($sql); 251 252 $auth_options = array(); 253 while ($row = $db->sql_fetchrow($result)) 254 { 255 $auth_options[$row['auth_option']] = $row['auth_setting']; 256 } 257 $db->sql_freeresult($result); 258 } 259 else 260 { 261 $sql = 'SELECT auth_option_id, auth_option 262 FROM ' . ACL_OPTIONS_TABLE . " 263 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . " 264 AND auth_option <> '{$permission_type}' 265 ORDER BY auth_option_id"; 266 $result = $db->sql_query($sql); 267 268 $auth_options = array(); 269 while ($row = $db->sql_fetchrow($result)) 270 { 271 $auth_options[$row['auth_option']] = ACL_NO; 272 } 273 $db->sql_freeresult($result); 274 } 275 276 // no break; 277 278 case 'edit': 279 280 if ($action == 'edit') 281 { 282 $sql = 'SELECT * 283 FROM ' . ACL_ROLES_TABLE . ' 284 WHERE role_id = ' . $role_id; 285 $result = $db->sql_query($sql); 286 $role_row = $db->sql_fetchrow($result); 287 $db->sql_freeresult($result); 288 289 $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option 290 FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o 291 WHERE o.auth_option_id = p.auth_option_id 292 AND p.role_id = ' . $role_id . ' 293 ORDER BY p.auth_option_id'; 294 $result = $db->sql_query($sql); 295 296 $auth_options = array(); 297 while ($row = $db->sql_fetchrow($result)) 298 { 299 $auth_options[$row['auth_option']] = $row['auth_setting']; 300 } 301 $db->sql_freeresult($result); 302 } 303 304 if (!$role_row) 305 { 306 trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING); 307 } 308 309 /* @var $phpbb_permissions \phpbb\permissions */ 310 $phpbb_permissions = $phpbb_container->get('acl.permissions'); 311 312 $template->assign_vars(array( 313 'S_EDIT' => true, 314 315 'U_ACTION' => $this->u_action . "&action={$action}&role_id={$role_id}", 316 'U_BACK' => $this->u_action, 317 318 'ROLE_NAME' => $role_row['role_name'], 319 'ROLE_DESCRIPTION' => $role_row['role_description'], 320 'L_ACL_TYPE' => $phpbb_permissions->get_type_lang($permission_type), 321 )); 322 323 // We need to fill the auth options array with ACL_NO options ;) 324 $sql = 'SELECT auth_option_id, auth_option 325 FROM ' . ACL_OPTIONS_TABLE . " 326 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . " 327 AND auth_option <> '{$permission_type}' 328 ORDER BY auth_option_id"; 329 $result = $db->sql_query($sql); 330 331 while ($row = $db->sql_fetchrow($result)) 332 { 333 if (!isset($auth_options[$row['auth_option']])) 334 { 335 $auth_options[$row['auth_option']] = ACL_NO; 336 } 337 } 338 $db->sql_freeresult($result); 339 340 // Unset global permission option 341 unset($auth_options[$permission_type]); 342 343 // Display auth options 344 $this->display_auth_options($auth_options); 345 346 // Get users/groups/forums using this preset... 347 if ($action == 'edit') 348 { 349 $hold_ary = $this->auth_admin->get_role_mask($role_id); 350 351 if (count($hold_ary)) 352 { 353 $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name']; 354 355 $template->assign_vars(array( 356 'S_DISPLAY_ROLE_MASK' => true, 357 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)) 358 ); 359 360 $this->auth_admin->display_role_mask($hold_ary); 361 } 362 } 363 364 return; 365 break; 366 367 case 'move_up': 368 case 'move_down': 369 370 if (!check_link_hash($request->variable('hash', ''), 'acp_permission_roles')) 371 { 372 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 373 } 374 375 $sql = 'SELECT role_order 376 FROM ' . ACL_ROLES_TABLE . " 377 WHERE role_id = $role_id"; 378 $result = $db->sql_query($sql); 379 $order = $db->sql_fetchfield('role_order'); 380 $db->sql_freeresult($result); 381 382 if ($order === false || ($order == 0 && $action == 'move_up')) 383 { 384 break; 385 } 386 $order = (int) $order; 387 $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1); 388 389 $sql = 'UPDATE ' . ACL_ROLES_TABLE . ' 390 SET role_order = ' . $order_total . " - role_order 391 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 392 AND role_order IN ($order, " . (($action == 'move_up') ? $order - 1 : $order + 1) . ')'; 393 $db->sql_query($sql); 394 395 if ($request->is_ajax()) 396 { 397 $json_response = new \phpbb\json_response; 398 $json_response->send(array( 399 'success' => (bool) $db->sql_affectedrows(), 400 )); 401 } 402 403 break; 404 } 405 406 // By default, check that role_order is valid and fix it if necessary 407 $sql = 'SELECT role_id, role_order 408 FROM ' . ACL_ROLES_TABLE . " 409 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 410 ORDER BY role_order ASC"; 411 $result = $db->sql_query($sql); 412 413 if ($row = $db->sql_fetchrow($result)) 414 { 415 $order = 0; 416 do 417 { 418 $order++; 419 if ($row['role_order'] != $order) 420 { 421 $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}"); 422 } 423 } 424 while ($row = $db->sql_fetchrow($result)); 425 } 426 $db->sql_freeresult($result); 427 428 // Display assigned items? 429 $display_item = $request->variable('display_item', 0); 430 431 // Select existing roles 432 $sql = 'SELECT * 433 FROM ' . ACL_ROLES_TABLE . " 434 WHERE role_type = '" . $db->sql_escape($permission_type) . "' 435 ORDER BY role_order ASC"; 436 $result = $db->sql_query($sql); 437 438 $s_role_options = ''; 439 while ($row = $db->sql_fetchrow($result)) 440 { 441 $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name']; 442 443 $template->assign_block_vars('roles', array( 444 'ROLE_NAME' => $role_name, 445 'ROLE_DESCRIPTION' => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 446 447 'U_EDIT' => $this->u_action . '&action=edit&role_id=' . $row['role_id'], 448 'U_REMOVE' => $this->u_action . '&action=remove&role_id=' . $row['role_id'], 449 'U_MOVE_UP' => $this->u_action . '&action=move_up&role_id=' . $row['role_id'] . '&hash=' . generate_link_hash('acp_permission_roles'), 450 'U_MOVE_DOWN' => $this->u_action . '&action=move_down&role_id=' . $row['role_id'] . '&hash=' . generate_link_hash('acp_permission_roles'), 451 'U_DISPLAY_ITEMS' => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to') 452 ); 453 454 $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>'; 455 456 if ($display_item == $row['role_id']) 457 { 458 $template->assign_vars(array( 459 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)) 460 ); 461 } 462 } 463 $db->sql_freeresult($result); 464 465 $template->assign_vars(array( 466 'S_ROLE_OPTIONS' => $s_role_options) 467 ); 468 469 if ($display_item) 470 { 471 $template->assign_vars(array( 472 'S_DISPLAY_ROLE_MASK' => true) 473 ); 474 475 $hold_ary = $this->auth_admin->get_role_mask($display_item); 476 $this->auth_admin->display_role_mask($hold_ary); 477 } 478 } 479 480 /** 481 * Display permission settings able to be set 482 */ 483 function display_auth_options($auth_options) 484 { 485 global $template, $phpbb_container; 486 487 /* @var $phpbb_permissions \phpbb\permissions */ 488 $phpbb_permissions = $phpbb_container->get('acl.permissions'); 489 490 $content_array = $categories = array(); 491 $key_sort_array = array(0); 492 $auth_options = array(0 => $auth_options); 493 494 // Making use of auth_admin method here (we do not really want to change two similar code fragments) 495 $this->auth_admin->build_permission_array($auth_options, $content_array, $categories, $key_sort_array); 496 497 $content_array = $content_array[0]; 498 499 $template->assign_var('S_NUM_PERM_COLS', count($categories)); 500 501 // Assign to template 502 foreach ($content_array as $cat => $cat_array) 503 { 504 $template->assign_block_vars('auth', array( 505 'CAT_NAME' => $phpbb_permissions->get_category_lang($cat), 506 507 'S_YES' => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false, 508 'S_NEVER' => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false, 509 'S_NO' => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false) 510 ); 511 512 foreach ($cat_array['permissions'] as $permission => $allowed) 513 { 514 $template->assign_block_vars('auth.mask', array( 515 'S_YES' => ($allowed == ACL_YES) ? true : false, 516 'S_NEVER' => ($allowed == ACL_NEVER) ? true : false, 517 'S_NO' => ($allowed == ACL_NO) ? true : false, 518 519 'FIELD_NAME' => $permission, 520 'PERMISSION' => $phpbb_permissions->get_permission_lang($permission), 521 )); 522 } 523 } 524 } 525 526 /** 527 * Remove role 528 */ 529 function remove_role($role_id, $permission_type) 530 { 531 global $db; 532 533 // Get complete auth array 534 $sql = 'SELECT auth_option, auth_option_id 535 FROM ' . ACL_OPTIONS_TABLE . " 536 WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()); 537 $result = $db->sql_query($sql); 538 539 $auth_settings = array(); 540 while ($row = $db->sql_fetchrow($result)) 541 { 542 $auth_settings[$row['auth_option']] = ACL_NO; 543 } 544 $db->sql_freeresult($result); 545 546 // Get the role auth settings we need to re-set... 547 $sql = 'SELECT o.auth_option, r.auth_setting 548 FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o 549 WHERE o.auth_option_id = r.auth_option_id 550 AND r.role_id = ' . $role_id; 551 $result = $db->sql_query($sql); 552 553 while ($row = $db->sql_fetchrow($result)) 554 { 555 $auth_settings[$row['auth_option']] = $row['auth_setting']; 556 } 557 $db->sql_freeresult($result); 558 559 // Get role assignments 560 $hold_ary = $this->auth_admin->get_role_mask($role_id); 561 562 // Re-assign permissions 563 foreach ($hold_ary as $forum_id => $forum_ary) 564 { 565 if (isset($forum_ary['users'])) 566 { 567 $this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false); 568 } 569 570 if (isset($forum_ary['groups'])) 571 { 572 $this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false); 573 } 574 } 575 576 // Remove role from users and groups just to be sure (happens through acl_set) 577 $sql = 'DELETE FROM ' . ACL_USERS_TABLE . ' 578 WHERE auth_role_id = ' . $role_id; 579 $db->sql_query($sql); 580 581 $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . ' 582 WHERE auth_role_id = ' . $role_id; 583 $db->sql_query($sql); 584 585 // Remove role data and role 586 $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . ' 587 WHERE role_id = ' . $role_id; 588 $db->sql_query($sql); 589 590 $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . ' 591 WHERE role_id = ' . $role_id; 592 $db->sql_query($sql); 593 594 $this->auth_admin->acl_clear_prefetch(); 595 } 596 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Sun Jun 23 12:25:44 2024 | Cross-referenced by PHPXref 0.7.1 |