[ Index ]

PHP Cross Reference of phpBB-3.3.0-deutsch

title

Body

[close]

/includes/acp/ -> auth.php (source)

   1  <?php
   2  /**
   3  *
   4  * This file is part of the phpBB Forum Software package.
   5  *
   6  * @copyright (c) phpBB Limited <https://www.phpbb.com>
   7  * @license GNU General Public License, version 2 (GPL-2.0)
   8  *
   9  * For full copyright and license information, please see
  10  * the docs/CREDITS.txt file.
  11  *
  12  */
  13  
  14  /**
  15  * @ignore
  16  */
  17  if (!defined('IN_PHPBB'))
  18  {
  19      exit;
  20  }
  21  
  22  /**
  23  * ACP Permission/Auth class
  24  */
  25  class auth_admin extends \phpbb\auth\auth
  26  {
  27      /**
  28      * Init auth settings
  29      */
  30  	function __construct()
  31      {
  32          global $db, $cache;
  33  
  34          if (($this->acl_options = $cache->get('_acl_options')) === false)
  35          {
  36              $sql = 'SELECT auth_option_id, auth_option, is_global, is_local
  37                  FROM ' . ACL_OPTIONS_TABLE . '
  38                  ORDER BY auth_option_id';
  39              $result = $db->sql_query($sql);
  40  
  41              $global = $local = 0;
  42              $this->acl_options = array();
  43              while ($row = $db->sql_fetchrow($result))
  44              {
  45                  if ($row['is_global'])
  46                  {
  47                      $this->acl_options['global'][$row['auth_option']] = $global++;
  48                  }
  49  
  50                  if ($row['is_local'])
  51                  {
  52                      $this->acl_options['local'][$row['auth_option']] = $local++;
  53                  }
  54  
  55                  $this->acl_options['id'][$row['auth_option']] = (int) $row['auth_option_id'];
  56                  $this->acl_options['option'][(int) $row['auth_option_id']] = $row['auth_option'];
  57              }
  58              $db->sql_freeresult($result);
  59  
  60              $cache->put('_acl_options', $this->acl_options);
  61          }
  62      }
  63  
  64      /**
  65      * Get permission mask
  66      * This function only supports getting permissions of one type (for example a_)
  67      *
  68      * @param set|view $mode defines the permissions we get, view gets effective permissions (checking user AND group permissions), set only gets the user or group permission set alone
  69      * @param mixed $user_id user ids to search for (a user_id or a group_id has to be specified at least)
  70      * @param mixed $group_id group ids to search for, return group related settings (a user_id or a group_id has to be specified at least)
  71      * @param mixed $forum_id forum_ids to search for. Defining a forum id also means getting local settings
  72      * @param string $auth_option the auth_option defines the permission setting to look for (a_ for example)
  73      * @param local|global $scope the scope defines the permission scope. If local, a forum_id is additionally required
  74      * @param ACL_NEVER|ACL_NO|ACL_YES $acl_fill defines the mode those permissions not set are getting filled with
  75      */
  76  	function get_mask($mode, $user_id = false, $group_id = false, $forum_id = false, $auth_option = false, $scope = false, $acl_fill = ACL_NEVER)
  77      {
  78          global $db, $user;
  79  
  80          $hold_ary = array();
  81          $view_user_mask = ($mode == 'view' && $group_id === false) ? true : false;
  82  
  83          if ($auth_option === false || $scope === false)
  84          {
  85              return array();
  86          }
  87  
  88          $acl_user_function = ($mode == 'set') ? 'acl_user_raw_data' : 'acl_raw_data';
  89  
  90          if (!$view_user_mask)
  91          {
  92              if ($forum_id !== false)
  93              {
  94                  $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', $forum_id) : $this->$acl_user_function($user_id, $auth_option . '%', $forum_id);
  95              }
  96              else
  97              {
  98                  $hold_ary = ($group_id !== false) ? $this->acl_group_raw_data($group_id, $auth_option . '%', ($scope == 'global') ? 0 : false) : $this->$acl_user_function($user_id, $auth_option . '%', ($scope == 'global') ? 0 : false);
  99              }
 100          }
 101  
 102          // Make sure hold_ary is filled with every setting (prevents missing forums/users/groups)
 103          $ug_id = ($group_id !== false) ? ((!is_array($group_id)) ? array($group_id) : $group_id) : ((!is_array($user_id)) ? array($user_id) : $user_id);
 104          $forum_ids = ($forum_id !== false) ? ((!is_array($forum_id)) ? array($forum_id) : $forum_id) : (($scope == 'global') ? array(0) : array());
 105  
 106          // Only those options we need
 107          $compare_options = array_diff(preg_replace('/^((?!' . $auth_option . ').+)|(' . $auth_option . ')$/', '', array_keys($this->acl_options[$scope])), array(''));
 108  
 109          // If forum_ids is false and the scope is local we actually want to have all forums within the array
 110          if ($scope == 'local' && !count($forum_ids))
 111          {
 112              $sql = 'SELECT forum_id
 113                  FROM ' . FORUMS_TABLE;
 114              $result = $db->sql_query($sql, 120);
 115  
 116              while ($row = $db->sql_fetchrow($result))
 117              {
 118                  $forum_ids[] = (int) $row['forum_id'];
 119              }
 120              $db->sql_freeresult($result);
 121          }
 122  
 123          if ($view_user_mask)
 124          {
 125              $auth2 = null;
 126  
 127              $sql = 'SELECT user_id, user_permissions, user_type
 128                  FROM ' . USERS_TABLE . '
 129                  WHERE ' . $db->sql_in_set('user_id', $ug_id);
 130              $result = $db->sql_query($sql);
 131  
 132              while ($userdata = $db->sql_fetchrow($result))
 133              {
 134                  if ($user->data['user_id'] != $userdata['user_id'])
 135                  {
 136                      $auth2 = new \phpbb\auth\auth();
 137                      $auth2->acl($userdata);
 138                  }
 139                  else
 140                  {
 141                      global $auth;
 142                      $auth2 = &$auth;
 143                  }
 144  
 145                  $hold_ary[$userdata['user_id']] = array();
 146                  foreach ($forum_ids as $f_id)
 147                  {
 148                      $hold_ary[$userdata['user_id']][$f_id] = array();
 149                      foreach ($compare_options as $option)
 150                      {
 151                          $hold_ary[$userdata['user_id']][$f_id][$option] = $auth2->acl_get($option, $f_id);
 152                      }
 153                  }
 154              }
 155              $db->sql_freeresult($result);
 156  
 157              unset($userdata);
 158              unset($auth2);
 159          }
 160  
 161          foreach ($ug_id as $_id)
 162          {
 163              if (!isset($hold_ary[$_id]))
 164              {
 165                  $hold_ary[$_id] = array();
 166              }
 167  
 168              foreach ($forum_ids as $f_id)
 169              {
 170                  if (!isset($hold_ary[$_id][$f_id]))
 171                  {
 172                      $hold_ary[$_id][$f_id] = array();
 173                  }
 174              }
 175          }
 176  
 177          // Now, we need to fill the gaps with $acl_fill. ;)
 178  
 179          // Now switch back to keys
 180          if (count($compare_options))
 181          {
 182              $compare_options = array_combine($compare_options, array_fill(1, count($compare_options), $acl_fill));
 183          }
 184  
 185          // Defining the user-function here to save some memory
 186          $return_acl_fill = function () use ($acl_fill)
 187          {
 188              return $acl_fill;
 189          };
 190  
 191          // Actually fill the gaps
 192          if (count($hold_ary))
 193          {
 194              foreach ($hold_ary as $ug_id => $row)
 195              {
 196                  foreach ($row as $id => $options)
 197                  {
 198                      // Do not include the global auth_option
 199                      unset($options[$auth_option]);
 200  
 201                      // Not a "fine" solution, but at all it's a 1-dimensional
 202                      // array_diff_key function filling the resulting array values with zeros
 203                      // The differences get merged into $hold_ary (all permissions having $acl_fill set)
 204                      $hold_ary[$ug_id][$id] = array_merge($options,
 205  
 206                          array_map($return_acl_fill,
 207                              array_flip(
 208                                  array_diff(
 209                                      array_keys($compare_options), array_keys($options)
 210                                  )
 211                              )
 212                          )
 213                      );
 214                  }
 215              }
 216          }
 217          else
 218          {
 219              $hold_ary[($group_id !== false) ? $group_id : $user_id][(int) $forum_id] = $compare_options;
 220          }
 221  
 222          return $hold_ary;
 223      }
 224  
 225      /**
 226      * Get permission mask for roles
 227      * This function only supports getting masks for one role
 228      */
 229  	function get_role_mask($role_id)
 230      {
 231          global $db;
 232  
 233          $hold_ary = array();
 234  
 235          // Get users having this role set...
 236          $sql = 'SELECT user_id, forum_id
 237              FROM ' . ACL_USERS_TABLE . '
 238              WHERE auth_role_id = ' . $role_id . '
 239              ORDER BY forum_id';
 240          $result = $db->sql_query($sql);
 241  
 242          while ($row = $db->sql_fetchrow($result))
 243          {
 244              $hold_ary[$row['forum_id']]['users'][] = $row['user_id'];
 245          }
 246          $db->sql_freeresult($result);
 247  
 248          // Now grab groups...
 249          $sql = 'SELECT group_id, forum_id
 250              FROM ' . ACL_GROUPS_TABLE . '
 251              WHERE auth_role_id = ' . $role_id . '
 252              ORDER BY forum_id';
 253          $result = $db->sql_query($sql);
 254  
 255          while ($row = $db->sql_fetchrow($result))
 256          {
 257              $hold_ary[$row['forum_id']]['groups'][] = $row['group_id'];
 258          }
 259          $db->sql_freeresult($result);
 260  
 261          return $hold_ary;
 262      }
 263  
 264      /**
 265      * Display permission mask (assign to template)
 266      */
 267  	function display_mask($mode, $permission_type, &$hold_ary, $user_mode = 'user', $local = false, $group_display = true)
 268      {
 269          global $template, $user, $db, $phpbb_container;
 270  
 271          /* @var $phpbb_permissions \phpbb\permissions */
 272          $phpbb_permissions = $phpbb_container->get('acl.permissions');
 273  
 274          /** @var \phpbb\group\helper $group_helper */
 275          $group_helper = $phpbb_container->get('group_helper');
 276  
 277          // Define names for template loops, might be able to be set
 278          $tpl_pmask = 'p_mask';
 279          $tpl_fmask = 'f_mask';
 280          $tpl_category = 'category';
 281          $tpl_mask = 'mask';
 282  
 283          $l_acl_type = $phpbb_permissions->get_type_lang($permission_type, (($local) ? 'local' : 'global'));
 284  
 285          // Allow trace for viewing permissions and in user mode
 286          $show_trace = ($mode == 'view' && $user_mode == 'user') ? true : false;
 287  
 288          // Get names
 289          if ($user_mode == 'user')
 290          {
 291              $sql = 'SELECT user_id as ug_id, username as ug_name
 292                  FROM ' . USERS_TABLE . '
 293                  WHERE ' . $db->sql_in_set('user_id', array_keys($hold_ary)) . '
 294                  ORDER BY username_clean ASC';
 295          }
 296          else
 297          {
 298              $sql = 'SELECT group_id as ug_id, group_name as ug_name, group_type
 299                  FROM ' . GROUPS_TABLE . '
 300                  WHERE ' . $db->sql_in_set('group_id', array_keys($hold_ary)) . '
 301                  ORDER BY group_type DESC, group_name ASC';
 302          }
 303          $result = $db->sql_query($sql);
 304  
 305          $ug_names_ary = array();
 306          while ($row = $db->sql_fetchrow($result))
 307          {
 308              $ug_names_ary[$row['ug_id']] = ($user_mode == 'user') ? $row['ug_name'] : $group_helper->get_name($row['ug_name']);
 309          }
 310          $db->sql_freeresult($result);
 311  
 312          // Get used forums
 313          $forum_ids = array();
 314          foreach ($hold_ary as $ug_id => $row)
 315          {
 316              $forum_ids = array_merge($forum_ids, array_keys($row));
 317          }
 318          $forum_ids = array_unique($forum_ids);
 319  
 320          $forum_names_ary = array();
 321          if ($local)
 322          {
 323              $forum_names_ary = make_forum_select(false, false, true, false, false, false, true);
 324  
 325              // Remove the disabled ones, since we do not create an option field here...
 326              foreach ($forum_names_ary as $key => $value)
 327              {
 328                  if (!$value['disabled'])
 329                  {
 330                      continue;
 331                  }
 332                  unset($forum_names_ary[$key]);
 333              }
 334          }
 335          else
 336          {
 337              $forum_names_ary[0] = $l_acl_type;
 338          }
 339  
 340          // Get available roles
 341          $sql = 'SELECT *
 342              FROM ' . ACL_ROLES_TABLE . "
 343              WHERE role_type = '" . $db->sql_escape($permission_type) . "'
 344              ORDER BY role_order ASC";
 345          $result = $db->sql_query($sql);
 346  
 347          $roles = array();
 348          while ($row = $db->sql_fetchrow($result))
 349          {
 350              $roles[$row['role_id']] = $row;
 351          }
 352          $db->sql_freeresult($result);
 353  
 354          $cur_roles = $this->acl_role_data($user_mode, $permission_type, array_keys($hold_ary));
 355  
 356          // Build js roles array (role data assignments)
 357          $s_role_js_array = '';
 358  
 359          if (count($roles))
 360          {
 361              $s_role_js_array = array();
 362  
 363              // Make sure every role (even if empty) has its array defined
 364              foreach ($roles as $_role_id => $null)
 365              {
 366                  $s_role_js_array[$_role_id] = "\n" . 'role_options[' . $_role_id . '] = new Array();' . "\n";
 367              }
 368  
 369              $sql = 'SELECT r.role_id, o.auth_option, r.auth_setting
 370                  FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
 371                  WHERE o.auth_option_id = r.auth_option_id
 372                      AND ' . $db->sql_in_set('r.role_id', array_keys($roles));
 373              $result = $db->sql_query($sql);
 374  
 375              while ($row = $db->sql_fetchrow($result))
 376              {
 377                  $flag = substr($row['auth_option'], 0, strpos($row['auth_option'], '_') + 1);
 378                  if ($flag == $row['auth_option'])
 379                  {
 380                      continue;
 381                  }
 382  
 383                  $s_role_js_array[$row['role_id']] .= 'role_options[' . $row['role_id'] . '][\'' . addslashes($row['auth_option']) . '\'] = ' . $row['auth_setting'] . '; ';
 384              }
 385              $db->sql_freeresult($result);
 386  
 387              $s_role_js_array = implode('', $s_role_js_array);
 388          }
 389  
 390          $template->assign_var('S_ROLE_JS_ARRAY', $s_role_js_array);
 391          unset($s_role_js_array);
 392  
 393          // Now obtain memberships
 394          $user_groups_default = $user_groups_custom = array();
 395          if ($user_mode == 'user' && $group_display)
 396          {
 397              $sql = 'SELECT group_id, group_name, group_type
 398                  FROM ' . GROUPS_TABLE . '
 399                  ORDER BY group_type DESC, group_name ASC';
 400              $result = $db->sql_query($sql);
 401  
 402              $groups = array();
 403              while ($row = $db->sql_fetchrow($result))
 404              {
 405                  $groups[$row['group_id']] = $row;
 406              }
 407              $db->sql_freeresult($result);
 408  
 409              $memberships = group_memberships(false, array_keys($hold_ary), false);
 410  
 411              // User is not a member of any group? Bad admin, bad bad admin...
 412              if ($memberships)
 413              {
 414                  foreach ($memberships as $row)
 415                  {
 416                      $user_groups_default[$row['user_id']][] = $group_helper->get_name($groups[$row['group_id']]['group_name']);
 417                  }
 418              }
 419              unset($memberships, $groups);
 420          }
 421  
 422          // If we only have one forum id to display or being in local mode and more than one user/group to display,
 423          // we switch the complete interface to group by user/usergroup instead of grouping by forum
 424          // To achieve this, we need to switch the array a bit
 425          if (count($forum_ids) == 1 || ($local && count($ug_names_ary) > 1))
 426          {
 427              $hold_ary_temp = $hold_ary;
 428              $hold_ary = array();
 429              foreach ($hold_ary_temp as $ug_id => $row)
 430              {
 431                  foreach ($forum_names_ary as $forum_id => $forum_row)
 432                  {
 433                      if (isset($row[$forum_id]))
 434                      {
 435                          $hold_ary[$forum_id][$ug_id] = $row[$forum_id];
 436                      }
 437                  }
 438              }
 439              unset($hold_ary_temp);
 440  
 441              foreach ($hold_ary as $forum_id => $forum_array)
 442              {
 443                  $content_array = $categories = array();
 444                  $this->build_permission_array($hold_ary[$forum_id], $content_array, $categories, array_keys($ug_names_ary));
 445  
 446                  $template->assign_block_vars($tpl_pmask, array(
 447                      'NAME'            => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
 448                      'PADDING'        => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
 449  
 450                      'CATEGORIES'    => implode('</th><th>', $categories),
 451  
 452                      'L_ACL_TYPE'    => $l_acl_type,
 453  
 454                      'S_LOCAL'        => ($local) ? true : false,
 455                      'S_GLOBAL'        => (!$local) ? true : false,
 456                      'S_NUM_CATS'    => count($categories),
 457                      'S_VIEW'        => ($mode == 'view') ? true : false,
 458                      'S_NUM_OBJECTS'    => count($content_array),
 459                      'S_USER_MODE'    => ($user_mode == 'user') ? true : false,
 460                      'S_GROUP_MODE'    => ($user_mode == 'group') ? true : false)
 461                  );
 462  
 463                  foreach ($content_array as $ug_id => $ug_array)
 464                  {
 465                      // Build role dropdown options
 466                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 467  
 468                      $role_options = array();
 469  
 470                      $s_role_options = '';
 471                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 472  
 473                      foreach ($roles as $role_id => $role_row)
 474                      {
 475                          $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
 476                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
 477  
 478                          $title = ($role_description) ? ' title="' . $role_description . '"' : '';
 479                          $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';
 480  
 481                          $role_options[] = array(
 482                              'ID'    => $role_id,
 483                              'ROLE_NAME'    => $role_name,
 484                              'TITLE'        => $role_description,
 485                              'SELECTED'    => $role_id == $current_role_id,
 486                          );
 487                      }
 488  
 489                      if ($s_role_options)
 490                      {
 491                          $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
 492                      }
 493  
 494                      if (!$current_role_id && $mode != 'view')
 495                      {
 496                          $s_custom_permissions = false;
 497  
 498                          foreach ($ug_array as $key => $value)
 499                          {
 500                              if ($value['S_NEVER'] || $value['S_YES'])
 501                              {
 502                                  $s_custom_permissions = true;
 503                                  break;
 504                              }
 505                          }
 506                      }
 507                      else
 508                      {
 509                          $s_custom_permissions = false;
 510                      }
 511  
 512                      $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
 513                          'NAME'                => $ug_names_ary[$ug_id],
 514                          'UG_ID'                => $ug_id,
 515                          'S_ROLE_OPTIONS'    => $s_role_options,
 516                          'S_CUSTOM'            => $s_custom_permissions,
 517                          'FORUM_ID'            => $forum_id,
 518                          'S_ROLE_ID'            => $current_role_id,
 519                      ));
 520  
 521                      $template->assign_block_vars_array($tpl_pmask . '.' . $tpl_fmask . '.role_options', $role_options);
 522  
 523                      $this->assign_cat_array($ug_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, ($mode == 'view'), $show_trace);
 524  
 525                      unset($content_array[$ug_id]);
 526                  }
 527  
 528                  unset($hold_ary[$forum_id]);
 529              }
 530          }
 531          else
 532          {
 533              foreach ($ug_names_ary as $ug_id => $ug_name)
 534              {
 535                  if (!isset($hold_ary[$ug_id]))
 536                  {
 537                      continue;
 538                  }
 539  
 540                  $content_array = $categories = array();
 541                  $this->build_permission_array($hold_ary[$ug_id], $content_array, $categories, array_keys($forum_names_ary));
 542  
 543                  $template->assign_block_vars($tpl_pmask, array(
 544                      'NAME'            => $ug_name,
 545                      'CATEGORIES'    => implode('</th><th>', $categories),
 546  
 547                      'USER_GROUPS_DEFAULT'    => ($user_mode == 'user' && isset($user_groups_default[$ug_id]) && count($user_groups_default[$ug_id])) ? implode($user->lang['COMMA_SEPARATOR'], $user_groups_default[$ug_id]) : '',
 548                      'USER_GROUPS_CUSTOM'    => ($user_mode == 'user' && isset($user_groups_custom[$ug_id]) && count($user_groups_custom[$ug_id])) ? implode($user->lang['COMMA_SEPARATOR'], $user_groups_custom[$ug_id]) : '',
 549                      'L_ACL_TYPE'            => $l_acl_type,
 550  
 551                      'S_LOCAL'        => ($local) ? true : false,
 552                      'S_GLOBAL'        => (!$local) ? true : false,
 553                      'S_NUM_CATS'    => count($categories),
 554                      'S_VIEW'        => ($mode == 'view') ? true : false,
 555                      'S_NUM_OBJECTS'    => count($content_array),
 556                      'S_USER_MODE'    => ($user_mode == 'user') ? true : false,
 557                      'S_GROUP_MODE'    => ($user_mode == 'group') ? true : false)
 558                  );
 559  
 560                  foreach ($content_array as $forum_id => $forum_array)
 561                  {
 562                      // Build role dropdown options
 563                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 564  
 565                      $role_options = array();
 566  
 567                      $current_role_id = (isset($cur_roles[$ug_id][$forum_id])) ? $cur_roles[$ug_id][$forum_id] : 0;
 568                      $s_role_options = '';
 569  
 570                      foreach ($roles as $role_id => $role_row)
 571                      {
 572                          $role_description = (!empty($user->lang[$role_row['role_description']])) ? $user->lang[$role_row['role_description']] : nl2br($role_row['role_description']);
 573                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
 574  
 575                          $title = ($role_description) ? ' title="' . $role_description . '"' : '';
 576                          $s_role_options .= '<option value="' . $role_id . '"' . (($role_id == $current_role_id) ? ' selected="selected"' : '') . $title . '>' . $role_name . '</option>';
 577  
 578                          $role_options[] = array(
 579                              'ID'    => $role_id,
 580                              'ROLE_NAME'    => $role_name,
 581                              'TITLE'        => $role_description,
 582                              'SELECTED'    => $role_id == $current_role_id,
 583                          );
 584                      }
 585  
 586                      if ($s_role_options)
 587                      {
 588                          $s_role_options = '<option value="0"' . ((!$current_role_id) ? ' selected="selected"' : '') . ' title="' . htmlspecialchars($user->lang['NO_ROLE_ASSIGNED_EXPLAIN']) . '">' . $user->lang['NO_ROLE_ASSIGNED'] . '</option>' . $s_role_options;
 589                      }
 590  
 591                      if (!$current_role_id && $mode != 'view')
 592                      {
 593                          $s_custom_permissions = false;
 594  
 595                          foreach ($forum_array as $key => $value)
 596                          {
 597                              if ($value['S_NEVER'] || $value['S_YES'])
 598                              {
 599                                  $s_custom_permissions = true;
 600                                  break;
 601                              }
 602                          }
 603                      }
 604                      else
 605                      {
 606                          $s_custom_permissions = false;
 607                      }
 608  
 609                      $template->assign_block_vars($tpl_pmask . '.' . $tpl_fmask, array(
 610                          'NAME'                => ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
 611                          'PADDING'            => ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
 612                          'S_CUSTOM'            => $s_custom_permissions,
 613                          'UG_ID'                => $ug_id,
 614                          'S_ROLE_OPTIONS'    => $s_role_options,
 615                          'FORUM_ID'            => $forum_id)
 616                      );
 617  
 618                      $template->assign_block_vars_array($tpl_pmask . '.' . $tpl_fmask . '.role_options', $role_options);
 619  
 620                      $this->assign_cat_array($forum_array, $tpl_pmask . '.' . $tpl_fmask . '.' . $tpl_category, $tpl_mask, $ug_id, $forum_id, ($mode == 'view'), $show_trace);
 621                  }
 622  
 623                  unset($hold_ary[$ug_id], $ug_names_ary[$ug_id]);
 624              }
 625          }
 626      }
 627  
 628      /**
 629      * Display permission mask for roles
 630      */
 631  	function display_role_mask(&$hold_ary)
 632      {
 633          global $db, $template, $user, $phpbb_root_path, $phpEx;
 634          global $phpbb_container;
 635  
 636          if (!count($hold_ary))
 637          {
 638              return;
 639          }
 640  
 641          /** @var \phpbb\group\helper $group_helper */
 642          $group_helper = $phpbb_container->get('group_helper');
 643  
 644          // Get forum names
 645          $sql = 'SELECT forum_id, forum_name
 646              FROM ' . FORUMS_TABLE . '
 647              WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary)) . '
 648              ORDER BY left_id';
 649          $result = $db->sql_query($sql);
 650  
 651          // If the role is used globally, then reflect that
 652          $forum_names = (isset($hold_ary[0])) ? array(0 => '') : array();
 653          while ($row = $db->sql_fetchrow($result))
 654          {
 655              $forum_names[$row['forum_id']] = $row['forum_name'];
 656          }
 657          $db->sql_freeresult($result);
 658  
 659          foreach ($forum_names as $forum_id => $forum_name)
 660          {
 661              $auth_ary = $hold_ary[$forum_id];
 662  
 663              $template->assign_block_vars('role_mask', array(
 664                  'NAME'                => ($forum_id == 0) ? $user->lang['GLOBAL_MASK'] : $forum_name,
 665                  'FORUM_ID'            => $forum_id)
 666              );
 667  
 668              if (isset($auth_ary['users']) && count($auth_ary['users']))
 669              {
 670                  $sql = 'SELECT user_id, username
 671                      FROM ' . USERS_TABLE . '
 672                      WHERE ' . $db->sql_in_set('user_id', $auth_ary['users']) . '
 673                      ORDER BY username_clean ASC';
 674                  $result = $db->sql_query($sql);
 675  
 676                  while ($row = $db->sql_fetchrow($result))
 677                  {
 678                      $template->assign_block_vars('role_mask.users', array(
 679                          'USER_ID'        => $row['user_id'],
 680                          'USERNAME'        => get_username_string('username', $row['user_id'], $row['username']),
 681                          'U_PROFILE'        => get_username_string('profile', $row['user_id'], $row['username']),
 682                      ));
 683                  }
 684                  $db->sql_freeresult($result);
 685              }
 686  
 687              if (isset($auth_ary['groups']) && count($auth_ary['groups']))
 688              {
 689                  $sql = 'SELECT group_id, group_name, group_type
 690                      FROM ' . GROUPS_TABLE . '
 691                      WHERE ' . $db->sql_in_set('group_id', $auth_ary['groups']) . '
 692                      ORDER BY group_type ASC, group_name';
 693                  $result = $db->sql_query($sql);
 694  
 695                  while ($row = $db->sql_fetchrow($result))
 696                  {
 697                      $template->assign_block_vars('role_mask.groups', array(
 698                          'GROUP_ID'        => $row['group_id'],
 699                          'GROUP_NAME'    => $group_helper->get_name($row['group_name']),
 700                          'U_PROFILE'        => append_sid("{$phpbb_root_path}memberlist.$phpEx", "mode=group&amp;g={$row['group_id']}"))
 701                      );
 702                  }
 703                  $db->sql_freeresult($result);
 704              }
 705          }
 706      }
 707  
 708      /**
 709      * NOTE: this function is not in use atm
 710      * Add a new option to the list ... $options is a hash of form ->
 711      * $options = array(
 712      *    'local'        => array('option1', 'option2', ...),
 713      *    'global'    => array('optionA', 'optionB', ...)
 714      * );
 715      */
 716  	function acl_add_option($options)
 717      {
 718          global $db, $cache;
 719  
 720          if (!is_array($options))
 721          {
 722              return false;
 723          }
 724  
 725          $cur_options = array();
 726  
 727          // Determine current options
 728          $sql = 'SELECT auth_option, is_global, is_local
 729              FROM ' . ACL_OPTIONS_TABLE . '
 730              ORDER BY auth_option_id';
 731          $result = $db->sql_query($sql);
 732  
 733          while ($row = $db->sql_fetchrow($result))
 734          {
 735              $cur_options[$row['auth_option']] = ($row['is_global'] && $row['is_local']) ? 'both' : (($row['is_global']) ? 'global' : 'local');
 736          }
 737          $db->sql_freeresult($result);
 738  
 739          // Here we need to insert new options ... this requires discovering whether
 740          // an options is global, local or both and whether we need to add an permission
 741          // set flag (x_)
 742          $new_options = array('local' => array(), 'global' => array());
 743  
 744          foreach ($options as $type => $option_ary)
 745          {
 746              $option_ary = array_unique($option_ary);
 747  
 748              foreach ($option_ary as $option_value)
 749              {
 750                  $new_options[$type][] = $option_value;
 751  
 752                  $flag = substr($option_value, 0, strpos($option_value, '_') + 1);
 753  
 754                  if (!in_array($flag, $new_options[$type]))
 755                  {
 756                      $new_options[$type][] = $flag;
 757                  }
 758              }
 759          }
 760          unset($options);
 761  
 762          $options = array();
 763          $options['local'] = array_diff($new_options['local'], $new_options['global']);
 764          $options['global'] = array_diff($new_options['global'], $new_options['local']);
 765          $options['both'] = array_intersect($new_options['local'], $new_options['global']);
 766  
 767          // Now check which options to add/update
 768          $add_options = $update_options = array();
 769  
 770          // First local ones...
 771          foreach ($options as $type => $option_ary)
 772          {
 773              foreach ($option_ary as $option)
 774              {
 775                  if (!isset($cur_options[$option]))
 776                  {
 777                      $add_options[] = array(
 778                          'auth_option'    => (string) $option,
 779                          'is_global'        => ($type == 'global' || $type == 'both') ? 1 : 0,
 780                          'is_local'        => ($type == 'local' || $type == 'both') ? 1 : 0
 781                      );
 782  
 783                      continue;
 784                  }
 785  
 786                  // Else, update existing entry if it is changed...
 787                  if ($type === $cur_options[$option])
 788                  {
 789                      continue;
 790                  }
 791  
 792                  // New type is always both:
 793                  // If is now both, we set both.
 794                  // If it was global the new one is local and we need to set it to both
 795                  // If it was local the new one is global and we need to set it to both
 796                  $update_options[] = $option;
 797              }
 798          }
 799  
 800          if (!empty($add_options))
 801          {
 802              $db->sql_multi_insert(ACL_OPTIONS_TABLE, $add_options);
 803          }
 804  
 805          if (!empty($update_options))
 806          {
 807              $sql = 'UPDATE ' . ACL_OPTIONS_TABLE . '
 808                  SET is_global = 1, is_local = 1
 809                  WHERE ' . $db->sql_in_set('auth_option', $update_options);
 810              $db->sql_query($sql);
 811          }
 812  
 813          $cache->destroy('_acl_options');
 814          $this->acl_clear_prefetch();
 815  
 816          // Because we just changed the options and also purged the options cache, we instantly update/regenerate it for later calls to succeed.
 817          $this->acl_options = array();
 818          $this->__construct();
 819  
 820          return true;
 821      }
 822  
 823      /**
 824      * Set a user or group ACL record
 825      */
 826  	function acl_set($ug_type, $forum_id, $ug_id, $auth, $role_id = 0, $clear_prefetch = true)
 827      {
 828          global $db;
 829  
 830          // One or more forums
 831          if (!is_array($forum_id))
 832          {
 833              $forum_id = array($forum_id);
 834          }
 835  
 836          // One or more users
 837          if (!is_array($ug_id))
 838          {
 839              $ug_id = array($ug_id);
 840          }
 841  
 842          $ug_id_sql = $db->sql_in_set($ug_type . '_id', array_map('intval', $ug_id));
 843          $forum_sql = $db->sql_in_set('forum_id', array_map('intval', $forum_id));
 844  
 845          // Instead of updating, inserting, removing we just remove all current settings and re-set everything...
 846          $table = ($ug_type == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
 847          $id_field = $ug_type . '_id';
 848  
 849          // Get any flags as required
 850          reset($auth);
 851          $flag = key($auth);
 852          $flag = substr($flag, 0, strpos($flag, '_') + 1);
 853  
 854          // This ID (the any-flag) is set if one or more permissions are true...
 855          $any_option_id = (int) $this->acl_options['id'][$flag];
 856  
 857          // Remove any-flag from auth ary
 858          if (isset($auth[$flag]))
 859          {
 860              unset($auth[$flag]);
 861          }
 862  
 863          // Remove current auth options...
 864          $auth_option_ids = array((int) $any_option_id);
 865          foreach ($auth as $auth_option => $auth_setting)
 866          {
 867              $auth_option_ids[] = (int) $this->acl_options['id'][$auth_option];
 868          }
 869  
 870          $sql = "DELETE FROM $table
 871              WHERE $forum_sql
 872                  AND $ug_id_sql
 873                  AND " . $db->sql_in_set('auth_option_id', $auth_option_ids);
 874          $db->sql_query($sql);
 875  
 876          // Remove those having a role assigned... the correct type of course...
 877          $sql = 'SELECT role_id
 878              FROM ' . ACL_ROLES_TABLE . "
 879              WHERE role_type = '" . $db->sql_escape($flag) . "'";
 880          $result = $db->sql_query($sql);
 881  
 882          $role_ids = array();
 883          while ($row = $db->sql_fetchrow($result))
 884          {
 885              $role_ids[] = $row['role_id'];
 886          }
 887          $db->sql_freeresult($result);
 888  
 889          if (count($role_ids))
 890          {
 891              $sql = "DELETE FROM $table
 892                  WHERE $forum_sql
 893                      AND $ug_id_sql
 894                      AND auth_option_id = 0
 895                      AND " . $db->sql_in_set('auth_role_id', $role_ids);
 896              $db->sql_query($sql);
 897          }
 898  
 899          // Ok, include the any-flag if one or more auth options are set to yes...
 900          foreach ($auth as $auth_option => $setting)
 901          {
 902              if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))
 903              {
 904                  $auth[$flag] = ACL_YES;
 905              }
 906          }
 907  
 908          $sql_ary = array();
 909          foreach ($forum_id as $forum)
 910          {
 911              $forum = (int) $forum;
 912  
 913              if ($role_id)
 914              {
 915                  foreach ($ug_id as $id)
 916                  {
 917                      $sql_ary[] = array(
 918                          $id_field            => (int) $id,
 919                          'forum_id'            => (int) $forum,
 920                          'auth_option_id'    => 0,
 921                          'auth_setting'        => 0,
 922                          'auth_role_id'        => (int) $role_id,
 923                      );
 924                  }
 925              }
 926              else
 927              {
 928                  foreach ($auth as $auth_option => $setting)
 929                  {
 930                      $auth_option_id = (int) $this->acl_options['id'][$auth_option];
 931  
 932                      if ($setting != ACL_NO)
 933                      {
 934                          foreach ($ug_id as $id)
 935                          {
 936                              $sql_ary[] = array(
 937                                  $id_field            => (int) $id,
 938                                  'forum_id'            => (int) $forum,
 939                                  'auth_option_id'    => (int) $auth_option_id,
 940                                  'auth_setting'        => (int) $setting
 941                              );
 942                          }
 943                      }
 944                  }
 945              }
 946          }
 947  
 948          $db->sql_multi_insert($table, $sql_ary);
 949  
 950          if ($clear_prefetch)
 951          {
 952              $this->acl_clear_prefetch();
 953          }
 954      }
 955  
 956      /**
 957      * Set a role-specific ACL record
 958      */
 959  	function acl_set_role($role_id, $auth)
 960      {
 961          global $db;
 962  
 963          // Get any-flag as required
 964          reset($auth);
 965          $flag = key($auth);
 966          $flag = substr($flag, 0, strpos($flag, '_') + 1);
 967  
 968          // Remove any-flag from auth ary
 969          if (isset($auth[$flag]))
 970          {
 971              unset($auth[$flag]);
 972          }
 973  
 974          // Re-set any flag...
 975          foreach ($auth as $auth_option => $setting)
 976          {
 977              if ($setting == ACL_YES && (!isset($auth[$flag]) || $auth[$flag] == ACL_NEVER))
 978              {
 979                  $auth[$flag] = ACL_YES;
 980              }
 981          }
 982  
 983          $sql_ary = array();
 984          foreach ($auth as $auth_option => $setting)
 985          {
 986              $auth_option_id = (int) $this->acl_options['id'][$auth_option];
 987  
 988              if ($setting != ACL_NO)
 989              {
 990                  $sql_ary[] = array(
 991                      'role_id'            => (int) $role_id,
 992                      'auth_option_id'    => (int) $auth_option_id,
 993                      'auth_setting'        => (int) $setting
 994                  );
 995              }
 996          }
 997  
 998          // If no data is there, we set the any-flag to ACL_NEVER...
 999          if (!count($sql_ary))
1000          {
1001              $sql_ary[] = array(
1002                  'role_id'            => (int) $role_id,
1003                  'auth_option_id'    => (int) $this->acl_options['id'][$flag],
1004                  'auth_setting'        => ACL_NEVER
1005              );
1006          }
1007  
1008          // Remove current auth options...
1009          $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
1010              WHERE role_id = ' . $role_id;
1011          $db->sql_query($sql);
1012  
1013          // Now insert the new values
1014          $db->sql_multi_insert(ACL_ROLES_DATA_TABLE, $sql_ary);
1015  
1016          $this->acl_clear_prefetch();
1017      }
1018  
1019      /**
1020      * Remove local permission
1021      */
1022  	function acl_delete($mode, $ug_id = false, $forum_id = false, $permission_type = false)
1023      {
1024          global $db;
1025  
1026          if ($ug_id === false && $forum_id === false)
1027          {
1028              return;
1029          }
1030  
1031          $option_id_ary = array();
1032          $table = ($mode == 'user') ? ACL_USERS_TABLE : ACL_GROUPS_TABLE;
1033          $id_field = $mode . '_id';
1034  
1035          $where_sql = array();
1036  
1037          if ($forum_id !== false)
1038          {
1039              $where_sql[] = (!is_array($forum_id)) ? 'forum_id = ' . (int) $forum_id : $db->sql_in_set('forum_id', array_map('intval', $forum_id));
1040          }
1041  
1042          if ($ug_id !== false)
1043          {
1044              $where_sql[] = (!is_array($ug_id)) ? $id_field . ' = ' . (int) $ug_id : $db->sql_in_set($id_field, array_map('intval', $ug_id));
1045          }
1046  
1047          // There seem to be auth options involved, therefore we need to go through the list and make sure we capture roles correctly
1048          if ($permission_type !== false)
1049          {
1050              // Get permission type
1051              $sql = 'SELECT auth_option, auth_option_id
1052                  FROM ' . ACL_OPTIONS_TABLE . "
1053                  WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char());
1054              $result = $db->sql_query($sql);
1055  
1056              $auth_id_ary = array();
1057              while ($row = $db->sql_fetchrow($result))
1058              {
1059                  $option_id_ary[] = $row['auth_option_id'];
1060                  $auth_id_ary[$row['auth_option']] = ACL_NO;
1061              }
1062              $db->sql_freeresult($result);
1063  
1064              // First of all, lets grab the items having roles with the specified auth options assigned
1065              $sql = "SELECT auth_role_id, $id_field, forum_id
1066                  FROM $table, " . ACL_ROLES_TABLE . " r
1067                  WHERE auth_role_id <> 0
1068                      AND auth_role_id = r.role_id
1069                      AND r.role_type = '{$permission_type}'
1070                      AND " . implode(' AND ', $where_sql) . '
1071                  ORDER BY auth_role_id';
1072              $result = $db->sql_query($sql);
1073  
1074              $cur_role_auth = array();
1075              while ($row = $db->sql_fetchrow($result))
1076              {
1077                  $cur_role_auth[$row['auth_role_id']][$row['forum_id']][] = $row[$id_field];
1078              }
1079              $db->sql_freeresult($result);
1080  
1081              // Get role data for resetting data
1082              if (count($cur_role_auth))
1083              {
1084                  $sql = 'SELECT ao.auth_option, rd.role_id, rd.auth_setting
1085                      FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_ROLES_DATA_TABLE . ' rd
1086                      WHERE ao.auth_option_id = rd.auth_option_id
1087                          AND ' . $db->sql_in_set('rd.role_id', array_keys($cur_role_auth));
1088                  $result = $db->sql_query($sql);
1089  
1090                  $auth_settings = array();
1091                  while ($row = $db->sql_fetchrow($result))
1092                  {
1093                      // We need to fill all auth_options, else setting it will fail...
1094                      if (!isset($auth_settings[$row['role_id']]))
1095                      {
1096                          $auth_settings[$row['role_id']] = $auth_id_ary;
1097                      }
1098                      $auth_settings[$row['role_id']][$row['auth_option']] = $row['auth_setting'];
1099                  }
1100                  $db->sql_freeresult($result);
1101  
1102                  // Set the options
1103                  foreach ($cur_role_auth as $role_id => $auth_row)
1104                  {
1105                      foreach ($auth_row as $f_id => $ug_row)
1106                      {
1107                          $this->acl_set($mode, $f_id, $ug_row, $auth_settings[$role_id], 0, false);
1108                      }
1109                  }
1110              }
1111          }
1112  
1113          // Now, normally remove permissions...
1114          if ($permission_type !== false)
1115          {
1116              $where_sql[] = $db->sql_in_set('auth_option_id', array_map('intval', $option_id_ary));
1117          }
1118  
1119          $sql = "DELETE FROM $table
1120              WHERE " . implode(' AND ', $where_sql);
1121          $db->sql_query($sql);
1122  
1123          $this->acl_clear_prefetch();
1124      }
1125  
1126      /**
1127      * Assign category to template
1128      * used by display_mask()
1129      */
1130  	function assign_cat_array(&$category_array, $tpl_cat, $tpl_mask, $ug_id, $forum_id, $s_view, $show_trace = false)
1131      {
1132          global $template, $phpbb_admin_path, $phpEx, $phpbb_container;
1133  
1134          /* @var $phpbb_permissions \phpbb\permissions */
1135          $phpbb_permissions = $phpbb_container->get('acl.permissions');
1136  
1137          foreach ($category_array as $cat => $cat_array)
1138          {
1139              if (!$phpbb_permissions->category_defined($cat))
1140              {
1141                  continue;
1142              }
1143  
1144              $template->assign_block_vars($tpl_cat, array(
1145                  'S_YES'        => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
1146                  'S_NEVER'    => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
1147                  'S_NO'        => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false,
1148  
1149                  'CAT_NAME'    => $phpbb_permissions->get_category_lang($cat),
1150              ));
1151  
1152              /*    Sort permissions by name (more naturaly and user friendly than sorting by a primary key)
1153              *    Commented out due to it's memory consumption and time needed
1154              *
1155              $key_array = array_intersect(array_keys($user->lang), array_map(create_function('$a', 'return "acl_" . $a;'), array_keys($cat_array['permissions'])));
1156              $values_array = $cat_array['permissions'];
1157  
1158              $cat_array['permissions'] = array();
1159  
1160              foreach ($key_array as $key)
1161              {
1162                  $key = str_replace('acl_', '', $key);
1163                  $cat_array['permissions'][$key] = $values_array[$key];
1164              }
1165              unset($key_array, $values_array);
1166  */
1167              foreach ($cat_array['permissions'] as $permission => $allowed)
1168              {
1169                  if (!$phpbb_permissions->permission_defined($permission))
1170                  {
1171                      continue;
1172                  }
1173  
1174                  if ($s_view)
1175                  {
1176                      $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(
1177                          'S_YES'        => ($allowed == ACL_YES) ? true : false,
1178                          'S_NEVER'    => ($allowed == ACL_NEVER) ? true : false,
1179  
1180                          'UG_ID'            => $ug_id,
1181                          'FORUM_ID'        => $forum_id,
1182                          'FIELD_NAME'    => $permission,
1183                          'S_FIELD_NAME'    => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',
1184  
1185                          'U_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&amp;mode=trace&amp;u=$ug_id&amp;f=$forum_id&amp;auth=$permission") : '',
1186                          'UA_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
1187  
1188                          'PERMISSION'    => $phpbb_permissions->get_permission_lang($permission),
1189                      ));
1190                  }
1191                  else
1192                  {
1193                      $template->assign_block_vars($tpl_cat . '.' . $tpl_mask, array(
1194                          'S_YES'        => ($allowed == ACL_YES) ? true : false,
1195                          'S_NEVER'    => ($allowed == ACL_NEVER) ? true : false,
1196                          'S_NO'        => ($allowed == ACL_NO) ? true : false,
1197  
1198                          'UG_ID'            => $ug_id,
1199                          'FORUM_ID'        => $forum_id,
1200                          'FIELD_NAME'    => $permission,
1201                          'S_FIELD_NAME'    => 'setting[' . $ug_id . '][' . $forum_id . '][' . $permission . ']',
1202  
1203                          'U_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&amp;mode=trace&amp;u=$ug_id&amp;f=$forum_id&amp;auth=$permission") : '',
1204                          'UA_TRACE'        => ($show_trace) ? append_sid("{$phpbb_admin_path}index.$phpEx", "i=permissions&mode=trace&u=$ug_id&f=$forum_id&auth=$permission", false) : '',
1205  
1206                          'PERMISSION'    => $phpbb_permissions->get_permission_lang($permission),
1207                      ));
1208                  }
1209              }
1210          }
1211      }
1212  
1213      /**
1214      * Building content array from permission rows with explicit key ordering
1215      * used by display_mask()
1216      */
1217  	function build_permission_array(&$permission_row, &$content_array, &$categories, $key_sort_array)
1218      {
1219          global $phpbb_container;
1220  
1221          /* @var $phpbb_permissions \phpbb\permissions */
1222          $phpbb_permissions = $phpbb_container->get('acl.permissions');
1223  
1224          foreach ($key_sort_array as $forum_id)
1225          {
1226              if (!isset($permission_row[$forum_id]))
1227              {
1228                  continue;
1229              }
1230  
1231              $permissions = $permission_row[$forum_id];
1232              ksort($permissions);
1233  
1234              foreach ($permissions as $permission => $auth_setting)
1235              {
1236                  $cat = $phpbb_permissions->get_permission_category($permission);
1237  
1238                  // Build our categories array
1239                  if (!isset($categories[$cat]))
1240                  {
1241                      $categories[$cat] = $phpbb_permissions->get_category_lang($cat);
1242                  }
1243  
1244                  // Build our content array
1245                  if (!isset($content_array[$forum_id]))
1246                  {
1247                      $content_array[$forum_id] = array();
1248                  }
1249  
1250                  if (!isset($content_array[$forum_id][$cat]))
1251                  {
1252                      $content_array[$forum_id][$cat] = array(
1253                          'S_YES'            => false,
1254                          'S_NEVER'        => false,
1255                          'S_NO'            => false,
1256                          'permissions'    => array(),
1257                      );
1258                  }
1259  
1260                  $content_array[$forum_id][$cat]['S_YES'] |= ($auth_setting == ACL_YES) ? true : false;
1261                  $content_array[$forum_id][$cat]['S_NEVER'] |= ($auth_setting == ACL_NEVER) ? true : false;
1262                  $content_array[$forum_id][$cat]['S_NO'] |= ($auth_setting == ACL_NO) ? true : false;
1263  
1264                  $content_array[$forum_id][$cat]['permissions'][$permission] = $auth_setting;
1265              }
1266          }
1267      }
1268  
1269      /**
1270      * Use permissions from another user. This transferes a permission set from one user to another.
1271      * The other user is always able to revert back to his permission set.
1272      * This function does not check for lower/higher permissions, it is possible for the user to gain
1273      * "more" permissions by this.
1274      * Admin permissions will not be copied.
1275      */
1276  	function ghost_permissions($from_user_id, $to_user_id)
1277      {
1278          global $db;
1279  
1280          if ($to_user_id == ANONYMOUS)
1281          {
1282              return false;
1283          }
1284  
1285          $hold_ary = $this->acl_raw_data_single_user($from_user_id);
1286  
1287          // Key 0 in $hold_ary are global options, all others are forum_ids
1288  
1289          // We disallow copying admin permissions
1290          foreach ($this->acl_options['global'] as $opt => $id)
1291          {
1292              if (strpos($opt, 'a_') === 0)
1293              {
1294                  $hold_ary[0][$this->acl_options['id'][$opt]] = ACL_NEVER;
1295              }
1296          }
1297  
1298          // Force a_switchperm to be allowed
1299          $hold_ary[0][$this->acl_options['id']['a_switchperm']] = ACL_YES;
1300  
1301          $user_permissions = $this->build_bitstring($hold_ary);
1302  
1303          if (!$user_permissions)
1304          {
1305              return false;
1306          }
1307  
1308          $sql = 'UPDATE ' . USERS_TABLE . "
1309              SET user_permissions = '" . $db->sql_escape($user_permissions) . "',
1310                  user_perm_from = $from_user_id
1311              WHERE user_id = " . $to_user_id;
1312          $db->sql_query($sql);
1313  
1314          return true;
1315      }
1316  }


Generated: Tue Apr 7 19:44:41 2020 Cross-referenced by PHPXref 0.7.1