PageRenderTime 51ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/forum/includes/ucp/ucp_groups.php

https://github.com/GreyTeardrop/socionicasys-forum
PHP | 1117 lines | 870 code | 212 blank | 35 comment | 181 complexity | d06de40f6cffe1a22027a40a8713b0c4 MD5 | raw file
Possible License(s): AGPL-1.0, LGPL-3.0, MPL-2.0-no-copyleft-exception 
    

  1. <?php
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * @package ucp
    5. 

  5. * @version $Id$
    6. 

  6. * @copyright (c) 2005 phpBB Group
    7. 

  7. * @license http://opensource.org/licenses/gpl-license.php GNU Public License
    8. 

  8. *
    9. 

  9. */
    10. 

  10. 

  11. /**
    12. 

  12. * @ignore
    13. 

  13. */
    14. 

  14. if (!defined('IN_PHPBB'))
    15. 

  15. {
    16. 

  16. 	exit;
    17. 

  17. }
    18. 

  18. 

  19. /**
    20. 

  20. * ucp_groups
    21. 

  21. * @package ucp
    22. 

  22. */
    23. 

  23. class ucp_groups
    24. 

  24. {
    25. 

  25. 	var $u_action;
    26. 

  26. 

  27. 	function main($id, $mode)
    28. 

  28. 	{
    29. 

  29. 		global $config, $phpbb_root_path, $phpEx;
    30. 

  30. 		global $db, $user, $auth, $cache, $template;
    31. 

  31. 

  32. 		$user->add_lang('groups');
    33. 

  33. 

  34. 		$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
    35. 

  35. 

  36. 		$mark_ary	= request_var('mark', array(0));
    37. 

  37. 		$submit		= (!empty($_POST['submit'])) ? true : false;
    38. 

  38. 		$delete		= (!empty($_POST['delete'])) ? true : false;
    39. 

  39. 		$error = $data = array();
    40. 

  40. 

  41. 		switch ($mode)
    42. 

  42. 		{
    43. 

  43. 			case 'membership':
    44. 

  44. 

  45. 				$this->page_title = 'UCP_USERGROUPS_MEMBER';
    46. 

  46. 

  47. 				if ($submit || isset($_POST['change_default']))
    48. 

  48. 				{
    49. 

  49. 					$action = (isset($_POST['change_default'])) ? 'change_default' : request_var('action', '');
    50. 

  50. 					$group_id = ($action == 'change_default') ? request_var('default', 0) : request_var('selected', 0);
    51. 

  51. 

  52. 					if (!$group_id)
    53. 

  53. 					{
    54. 

  54. 						trigger_error('NO_GROUP_SELECTED');
    55. 

  55. 					}
    56. 

  56. 

  57. 					$sql = 'SELECT group_id, group_name, group_type
    58. 

  58. 						FROM ' . GROUPS_TABLE . "
    59. 

  59. 						WHERE group_id IN ($group_id, {$user->data['group_id']})";
    60. 

  60. 					$result = $db->sql_query($sql);
    61. 

  61. 

  62. 					$group_row = array();
    63. 

  63. 					while ($row = $db->sql_fetchrow($result))
    64. 

  64. 					{
    65. 

  65. 						$row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
    66. 

  66. 						$group_row[$row['group_id']] = $row;
    67. 

  67. 					}
    68. 

  68. 					$db->sql_freeresult($result);
    69. 

  69. 

  70. 					if (!sizeof($group_row))
    71. 

  71. 					{
    72. 

  72. 						trigger_error('GROUP_NOT_EXIST');
    73. 

  73. 					}
    74. 

  74. 

  75. 					switch ($action)
    76. 

  76. 					{
    77. 

  77. 						case 'change_default':
    78. 

  78. 							// User already having this group set as default?
    79. 

  79. 							if ($group_id == $user->data['group_id'])
    80. 

  80. 							{
    81. 

  81. 								trigger_error($user->lang['ALREADY_DEFAULT_GROUP'] . $return_page);
    82. 

  82. 							}
    83. 

  83. 

  84. 							if (!$auth->acl_get('u_chggrp'))
    85. 

  85. 							{
    86. 

  86. 								trigger_error($user->lang['NOT_AUTHORISED'] . $return_page);
    87. 

  87. 							}
    88. 

  88. 

  89. 							// User needs to be member of the group in order to make it default
    90. 

  90. 							if (!group_memberships($group_id, $user->data['user_id'], true))
    91. 

  91. 							{
    92. 

  92. 								trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    93. 

  93. 							}
    94. 

  94. 

  95. 							if (confirm_box(true))
    96. 

  96. 							{
    97. 

  97. 								group_user_attributes('default', $group_id, $user->data['user_id']);
    98. 

  98. 

  99. 								add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name']));
    100. 

  100. 

  101. 								meta_refresh(3, $this->u_action);
    102. 

  102. 								trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page);
    103. 

  103. 							}
    104. 

  104. 							else
    105. 

  105. 							{
    106. 

  106. 								$s_hidden_fields = array(
    107. 

  107. 									'default'		=> $group_id,
    108. 

  108. 									'change_default'=> true
    109. 

  109. 								);
    110. 

  110. 

  111. 								confirm_box(false, sprintf($user->lang['GROUP_CHANGE_DEFAULT'], $group_row[$group_id]['group_name']), build_hidden_fields($s_hidden_fields));
    112. 

  112. 							}
    113. 

  113. 

  114. 						break;
    115. 

  115. 

  116. 						case 'resign':
    117. 

  117. 

  118. 							// User tries to resign from default group but is not allowed to change it?
    119. 

  119. 							if ($group_id == $user->data['group_id'] && !$auth->acl_get('u_chggrp'))
    120. 

  120. 							{
    121. 

  121. 								trigger_error($user->lang['NOT_RESIGN_FROM_DEFAULT_GROUP'] . $return_page);
    122. 

  122. 							}
    123. 

  123. 

  124. 							if (!($row = group_memberships($group_id, $user->data['user_id'])))
    125. 

  125. 							{
    126. 

  126. 								trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    127. 

  127. 							}
    128. 

  128. 							list(, $row) = each($row);
    129. 

  129. 

  130. 							$sql = 'SELECT group_type
    131. 

  131. 								FROM ' . GROUPS_TABLE . '
    132. 

  132. 								WHERE group_id = ' . $group_id;
    133. 

  133. 							$result = $db->sql_query($sql);
    134. 

  134. 							$group_type = (int) $db->sql_fetchfield('group_type');
    135. 

  135. 							$db->sql_freeresult($result);
    136. 

  136. 

  137. 							if ($group_type != GROUP_OPEN && $group_type != GROUP_FREE)
    138. 

  138. 							{
    139. 

  139. 								trigger_error($user->lang['CANNOT_RESIGN_GROUP'] . $return_page);
    140. 

  140. 							}
    141. 

  141. 

  142. 							if (confirm_box(true))
    143. 

  143. 							{
    144. 

  144. 								group_user_del($group_id, $user->data['user_id']);
    145. 

  145. 

  146. 								add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']);
    147. 

  147. 

  148. 								meta_refresh(3, $this->u_action);
    149. 

  149. 								trigger_error($user->lang[($row['user_pending']) ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page);
    150. 

  150. 							}
    151. 

  151. 							else
    152. 

  152. 							{
    153. 

  153. 								$s_hidden_fields = array(
    154. 

  154. 									'selected'		=> $group_id,
    155. 

  155. 									'action'		=> 'resign',
    156. 

  156. 									'submit'		=> true
    157. 

  157. 								);
    158. 

  158. 

  159. 								confirm_box(false, ($row['user_pending']) ? 'GROUP_RESIGN_PENDING' : 'GROUP_RESIGN_MEMBERSHIP', build_hidden_fields($s_hidden_fields));
    160. 

  160. 							}
    161. 

  161. 

  162. 						break;
    163. 

  163. 

  164. 						case 'join':
    165. 

  165. 

  166. 							$sql = 'SELECT ug.*, u.username, u.username_clean, u.user_email
    167. 

  167. 								FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
    168. 

  168. 								WHERE ug.user_id = u.user_id
    169. 

  169. 									AND ug.group_id = ' . $group_id . '
    170. 

  170. 									AND ug.user_id = ' . $user->data['user_id'];
    171. 

  171. 							$result = $db->sql_query($sql);
    172. 

  172. 							$row = $db->sql_fetchrow($result);
    173. 

  173. 							$db->sql_freeresult($result);
    174. 

  174. 

  175. 							if ($row)
    176. 

  176. 							{
    177. 

  177. 								if ($row['user_pending'])
    178. 

  178. 								{
    179. 

  179. 									trigger_error($user->lang['ALREADY_IN_GROUP_PENDING'] . $return_page);
    180. 

  180. 								}
    181. 

  181. 

  182. 								trigger_error($user->lang['ALREADY_IN_GROUP'] . $return_page);
    183. 

  183. 							}
    184. 

  184. 

  185. 							// Check permission to join (open group or request)
    186. 

  186. 							if ($group_row[$group_id]['group_type'] != GROUP_OPEN && $group_row[$group_id]['group_type'] != GROUP_FREE)
    187. 

  187. 							{
    188. 

  188. 								trigger_error($user->lang['CANNOT_JOIN_GROUP'] . $return_page);
    189. 

  189. 							}
    190. 

  190. 

  191. 							if (confirm_box(true))
    192. 

  192. 							{
    193. 

  193. 								if ($group_row[$group_id]['group_type'] == GROUP_FREE)
    194. 

  194. 								{
    195. 

  195. 									group_user_add($group_id, $user->data['user_id']);
    196. 

  196. 

  197. 									$email_template = 'group_added';
    198. 

  198. 								}
    199. 

  199. 								else
    200. 

  200. 								{
    201. 

  201. 									group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
    202. 

  202. 

  203. 									$email_template = 'group_request';
    204. 

  204. 								}
    205. 

  205. 

  206. 								include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
    207. 

  207. 								$messenger = new messenger();
    208. 

  208. 

  209. 								$sql = 'SELECT u.username, u.username_clean, u.user_email, u.user_notify_type, u.user_jabber, u.user_lang
    210. 

  210. 									FROM ' . USER_GROUP_TABLE . ' ug, ' . USERS_TABLE . ' u
    211. 

  211. 									WHERE ug.user_id = u.user_id
    212. 

  212. 										AND ' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? "ug.user_id = {$user->data['user_id']}" : 'ug.group_leader = 1') . "
    213. 

  213. 										AND ug.group_id = $group_id";
    214. 

  214. 								$result = $db->sql_query($sql);
    215. 

  215. 

  216. 								while ($row = $db->sql_fetchrow($result))
    217. 

  217. 								{
    218. 

  218. 									$messenger->template($email_template, $row['user_lang']);
    219. 

  219. 

  220. 									$messenger->to($row['user_email'], $row['username']);
    221. 

  221. 									$messenger->im($row['user_jabber'], $row['username']);
    222. 

  222. 

  223. 									$messenger->assign_vars(array(
    224. 

  224. 										'USERNAME'			=> htmlspecialchars_decode($row['username']),
    225. 

  225. 										'GROUP_NAME'		=> htmlspecialchars_decode($group_row[$group_id]['group_name']),
    226. 

  226. 										'REQUEST_USERNAME'	=> $user->data['username'],
    227. 

  227. 

  228. 										'U_PENDING'		=> generate_board_url() . "/ucp.$phpEx?i=groups&mode=manage&action=list&g=$group_id",
    229. 

  229. 										'U_GROUP'		=> generate_board_url() . "/memberlist.$phpEx?mode=group&g=$group_id")
    230. 

  230. 									);
    231. 

  231. 

  232. 									$messenger->send($row['user_notify_type']);
    233. 

  233. 								}
    234. 

  234. 								$db->sql_freeresult($result);
    235. 

  235. 

  236. 								$messenger->save_queue();
    237. 

  237. 

  238. 								add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']);
    239. 

  239. 

  240. 								meta_refresh(3, $this->u_action);
    241. 

  241. 								trigger_error($user->lang[($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page);
    242. 

  242. 							}
    243. 

  243. 							else
    244. 

  244. 							{
    245. 

  245. 								$s_hidden_fields = array(
    246. 

  246. 									'selected'		=> $group_id,
    247. 

  247. 									'action'		=> 'join',
    248. 

  248. 									'submit'		=> true
    249. 

  249. 								);
    250. 

  250. 

  251. 								confirm_box(false, ($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOIN' : 'GROUP_JOIN_PENDING', build_hidden_fields($s_hidden_fields));
    252. 

  252. 							}
    253. 

  253. 

  254. 						break;
    255. 

  255. 

  256. 						case 'demote':
    257. 

  257. 

  258. 							if (!($row = group_memberships($group_id, $user->data['user_id'])))
    259. 

  259. 							{
    260. 

  260. 								trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    261. 

  261. 							}
    262. 

  262. 							list(, $row) = each($row);
    263. 

  263. 

  264. 							if (!$row['group_leader'])
    265. 

  265. 							{
    266. 

  266. 								trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    267. 

  267. 							}
    268. 

  268. 

  269. 							if (confirm_box(true))
    270. 

  270. 							{
    271. 

  271. 								group_user_attributes('demote', $group_id, $user->data['user_id']);
    272. 

  272. 

  273. 								add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']);
    274. 

  274. 

  275. 								meta_refresh(3, $this->u_action);
    276. 

  276. 								trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page);
    277. 

  277. 							}
    278. 

  278. 							else
    279. 

  279. 							{
    280. 

  280. 								$s_hidden_fields = array(
    281. 

  281. 									'selected'		=> $group_id,
    282. 

  282. 									'action'		=> 'demote',
    283. 

  283. 									'submit'		=> true
    284. 

  284. 								);
    285. 

  285. 

  286. 								confirm_box(false, 'USER_GROUP_DEMOTE', build_hidden_fields($s_hidden_fields));
    287. 

  287. 							}
    288. 

  288. 

  289. 						break;
    290. 

  290. 					}
    291. 

  291. 				}
    292. 

  292. 

  293. 				$sql = 'SELECT g.*, ug.group_leader, ug.user_pending
    294. 

  294. 					FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
    295. 

  295. 					WHERE ug.user_id = ' . $user->data['user_id'] . '
    296. 

  296. 						AND g.group_id = ug.group_id
    297. 

  297. 					ORDER BY g.group_type DESC, g.group_name';
    298. 

  298. 				$result = $db->sql_query($sql);
    299. 

  299. 

  300. 				$group_id_ary = array();
    301. 

  301. 				$leader_count = $member_count = $pending_count = 0;
    302. 

  302. 				while ($row = $db->sql_fetchrow($result))
    303. 

  303. 				{
    304. 

  304. 					$block = ($row['group_leader']) ? 'leader' : (($row['user_pending']) ? 'pending' : 'member');
    305. 

  305. 

  306. 					switch ($row['group_type'])
    307. 

  307. 					{
    308. 

  308. 						case GROUP_OPEN:
    309. 

  309. 							$group_status = 'OPEN';
    310. 

  310. 						break;
    311. 

  311. 

  312. 						case GROUP_CLOSED:
    313. 

  313. 							$group_status = 'CLOSED';
    314. 

  314. 						break;
    315. 

  315. 

  316. 						case GROUP_HIDDEN:
    317. 

  317. 							$group_status = 'HIDDEN';
    318. 

  318. 						break;
    319. 

  319. 

  320. 						case GROUP_SPECIAL:
    321. 

  321. 							$group_status = 'SPECIAL';
    322. 

  322. 						break;
    323. 

  323. 

  324. 						case GROUP_FREE:
    325. 

  325. 							$group_status = 'FREE';
    326. 

  326. 						break;
    327. 

  327. 					}
    328. 

  328. 

  329. 					$template->assign_block_vars($block, array(
    330. 

  330. 						'GROUP_ID'		=> $row['group_id'],
    331. 

  331. 						'GROUP_NAME'	=> ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
    332. 

  332. 						'GROUP_DESC'	=> ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'],
    333. 

  333. 						'GROUP_SPECIAL'	=> ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
    334. 

  334. 						'GROUP_STATUS'	=> $user->lang['GROUP_IS_' . $group_status],
    335. 

  335. 						'GROUP_COLOUR'	=> $row['group_colour'],
    336. 

  336. 

  337. 						'U_VIEW_GROUP'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']),
    338. 

  338. 

  339. 						'S_GROUP_DEFAULT'	=> ($row['group_id'] == $user->data['group_id']) ? true : false,
    340. 

  340. 						'S_ROW_COUNT'		=> ${$block . '_count'}++)
    341. 

  341. 					);
    342. 

  342. 

  343. 					$group_id_ary[] = (int) $row['group_id'];
    344. 

  344. 				}
    345. 

  345. 				$db->sql_freeresult($result);
    346. 

  346. 

  347. 				// Hide hidden groups unless user is an admin with group privileges
    348. 

  348. 				$sql_and = ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? '<> ' . GROUP_SPECIAL : 'NOT IN (' . GROUP_SPECIAL . ', ' . GROUP_HIDDEN . ')';
    349. 

  349. 

  350. 				$sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage
    351. 

  351. 					FROM ' . GROUPS_TABLE . '
    352. 

  352. 					WHERE ' . ((sizeof($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "
    353. 

  353. 						group_type $sql_and
    354. 

  354. 					ORDER BY group_type DESC, group_name";
    355. 

  355. 				$result = $db->sql_query($sql);
    356. 

  356. 

  357. 				$nonmember_count = 0;
    358. 

  358. 				while ($row = $db->sql_fetchrow($result))
    359. 

  359. 				{
    360. 

  360. 					switch ($row['group_type'])
    361. 

  361. 					{
    362. 

  362. 						case GROUP_OPEN:
    363. 

  363. 							$group_status = 'OPEN';
    364. 

  364. 						break;
    365. 

  365. 

  366. 						case GROUP_CLOSED:
    367. 

  367. 							$group_status = 'CLOSED';
    368. 

  368. 						break;
    369. 

  369. 

  370. 						case GROUP_HIDDEN:
    371. 

  371. 							$group_status = 'HIDDEN';
    372. 

  372. 						break;
    373. 

  373. 

  374. 						case GROUP_SPECIAL:
    375. 

  375. 							$group_status = 'SPECIAL';
    376. 

  376. 						break;
    377. 

  377. 

  378. 						case GROUP_FREE:
    379. 

  379. 							$group_status = 'FREE';
    380. 

  380. 						break;
    381. 

  381. 					}
    382. 

  382. 

  383. 					$template->assign_block_vars('nonmember', array(
    384. 

  384. 						'GROUP_ID'		=> $row['group_id'],
    385. 

  385. 						'GROUP_NAME'	=> ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
    386. 

  386. 						'GROUP_DESC'	=> ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'],
    387. 

  387. 						'GROUP_SPECIAL'	=> ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
    388. 

  388. 						'GROUP_CLOSED'	=> ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true,
    389. 

  389. 						'GROUP_STATUS'	=> $user->lang['GROUP_IS_' . $group_status],
    390. 

  390. 						'S_CAN_JOIN'	=> ($row['group_type'] == GROUP_OPEN || $row['group_type'] == GROUP_FREE) ? true : false,
    391. 

  391. 						'GROUP_COLOUR'	=> $row['group_colour'],
    392. 

  392. 

  393. 						'U_VIEW_GROUP'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id']),
    394. 

  394. 

  395. 						'S_ROW_COUNT'	=> $nonmember_count++)
    396. 

  396. 					);
    397. 

  397. 				}
    398. 

  398. 				$db->sql_freeresult($result);
    399. 

  399. 

  400. 				$template->assign_vars(array(
    401. 

  401. 					'S_CHANGE_DEFAULT'	=> ($auth->acl_get('u_chggrp')) ? true : false,
    402. 

  402. 					'S_LEADER_COUNT'	=> $leader_count,
    403. 

  403. 					'S_MEMBER_COUNT'	=> $member_count,
    404. 

  404. 					'S_PENDING_COUNT'	=> $pending_count,
    405. 

  405. 					'S_NONMEMBER_COUNT'	=> $nonmember_count,
    406. 

  406. 

  407. 					'S_UCP_ACTION'			=> $this->u_action)
    408. 

  408. 				);
    409. 

  409. 

  410. 			break;
    411. 

  411. 

  412. 			case 'manage':
    413. 

  413. 

  414. 				$this->page_title = 'UCP_USERGROUPS_MANAGE';
    415. 

  415. 				$action		= (isset($_POST['addusers'])) ? 'addusers' : request_var('action', '');
    416. 

  416. 				$group_id	= request_var('g', 0);
    417. 

  417. 

  418. 				include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
    419. 

  419. 

  420. 				add_form_key('ucp_groups');
    421. 

  421. 

  422. 				if ($group_id)
    423. 

  423. 				{
    424. 

  424. 					$sql = 'SELECT *
    425. 

  425. 						FROM ' . GROUPS_TABLE . "
    426. 

  426. 						WHERE group_id = $group_id";
    427. 

  427. 					$result = $db->sql_query($sql);
    428. 

  428. 					$group_row = $db->sql_fetchrow($result);
    429. 

  429. 					$db->sql_freeresult($result);
    430. 

  430. 

  431. 					if (!$group_row)
    432. 

  432. 					{
    433. 

  433. 						trigger_error($user->lang['NO_GROUP'] . $return_page);
    434. 

  434. 					}
    435. 

  435. 

  436. 					// Check if the user is allowed to manage this group if set to founder only.
    437. 

  437. 					if ($user->data['user_type'] != USER_FOUNDER && $group_row['group_founder_manage'])
    438. 

  438. 					{
    439. 

  439. 						trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . $return_page, E_USER_WARNING);
    440. 

  440. 					}
    441. 

  441. 

  442. 					$group_name = $group_row['group_name'];
    443. 

  443. 					$group_type = $group_row['group_type'];
    444. 

  444. 

  445. 					$avatar_img = (!empty($group_row['group_avatar'])) ? get_user_avatar($group_row['group_avatar'], $group_row['group_avatar_type'], $group_row['group_avatar_width'], $group_row['group_avatar_height'], 'GROUP_AVATAR') : '<img src="' . $phpbb_root_path . 'adm/images/no_avatar.gif" alt="" />';
    446. 

  446. 

  447. 					$template->assign_vars(array(
    448. 

  448. 						'GROUP_NAME'			=> ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name,
    449. 

  449. 						'GROUP_INTERNAL_NAME'	=> $group_name,
    450. 

  450. 						'GROUP_COLOUR'			=> (isset($group_row['group_colour'])) ? $group_row['group_colour'] : '',
    451. 

  451. 						'GROUP_DESC_DISP'		=> generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
    452. 

  452. 						'GROUP_TYPE'			=> $group_row['group_type'],
    453. 

  453. 

  454. 						'AVATAR'				=> $avatar_img,
    455. 

  455. 						'AVATAR_IMAGE'			=> $avatar_img,
    456. 

  456. 						'AVATAR_WIDTH'			=> (isset($group_row['group_avatar_width'])) ? $group_row['group_avatar_width'] : '',
    457. 

  457. 						'AVATAR_HEIGHT'			=> (isset($group_row['group_avatar_height'])) ? $group_row['group_avatar_height'] : '',
    458. 

  458. 					));
    459. 

  459. 				}
    460. 

  460. 

  461. 				switch ($action)
    462. 

  462. 				{
    463. 

  463. 					case 'edit':
    464. 

  464. 

  465. 						if (!$group_id)
    466. 

  466. 						{
    467. 

  467. 							trigger_error($user->lang['NO_GROUP'] . $return_page);
    468. 

  468. 						}
    469. 

  469. 

  470. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    471. 

  471. 						{
    472. 

  472. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    473. 

  473. 						}
    474. 

  474. 						list(, $row) = each($row);
    475. 

  475. 

  476. 						if (!$row['group_leader'])
    477. 

  477. 						{
    478. 

  478. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    479. 

  479. 						}
    480. 

  480. 

  481. 						$file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false;
    482. 

  482. 						$user->add_lang(array('acp/groups', 'acp/common'));
    483. 

  483. 

  484. 						$data = $submit_ary = array();
    485. 

  485. 

  486. 						$update	= (isset($_POST['update'])) ? true : false;
    487. 

  487. 

  488. 						$error = array();
    489. 

  489. 

  490. 						$avatar_select = basename(request_var('avatar_select', ''));
    491. 

  491. 						$category = basename(request_var('category', ''));
    492. 

  492. 

  493. 						$can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && phpbb_is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
    494. 

  494. 

  495. 						// Did we submit?
    496. 

  496. 						if ($update)
    497. 

  497. 						{
    498. 

  498. 							$group_name	= utf8_normalize_nfc(request_var('group_name', '', true));
    499. 

  499. 							$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
    500. 

  500. 							$group_type	= request_var('group_type', GROUP_FREE);
    501. 

  501. 

  502. 							$allow_desc_bbcode	= request_var('desc_parse_bbcode', false);
    503. 

  503. 							$allow_desc_urls	= request_var('desc_parse_urls', false);
    504. 

  504. 							$allow_desc_smilies	= request_var('desc_parse_smilies', false);
    505. 

  505. 

  506. 							$submit_ary = array(
    507. 

  507. 								'colour'		=> request_var('group_colour', ''),
    508. 

  508. 								'rank'			=> request_var('group_rank', 0),
    509. 

  509. 								'receive_pm'	=> isset($_REQUEST['group_receive_pm']) ? 1 : 0,
    510. 

  510. 								'message_limit'	=> request_var('group_message_limit', 0),
    511. 

  511. 								'max_recipients'=> request_var('group_max_recipients', 0),
    512. 

  512. 							);
    513. 

  513. 

  514. 							$data['uploadurl']	= request_var('uploadurl', '');
    515. 

  515. 							$data['remotelink'] = request_var('remotelink', '');
    516. 

  516. 							$data['width']		= request_var('width', '');
    517. 

  517. 							$data['height']		= request_var('height', '');
    518. 

  518. 							$delete				= request_var('delete', '');
    519. 

  519. 

  520. 							if (!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl'] || $data['remotelink'])
    521. 

  521. 							{
    522. 

  522. 								// Avatar stuff
    523. 

  523. 								$var_ary = array(
    524. 

  524. 									'uploadurl'		=> array('string', true, 5, 255),
    525. 

  525. 									'remotelink'	=> array('string', true, 5, 255),
    526. 

  526. 									'width'			=> array('string', true, 1, 3),
    527. 

  527. 									'height'		=> array('string', true, 1, 3),
    528. 

  528. 								);
    529. 

  529. 

  530. 								if (!($error = validate_data($data, $var_ary)))
    531. 

  531. 								{
    532. 

  532. 									$data['user_id'] = "g$group_id";
    533. 

  533. 

  534. 									if ((!empty($_FILES['uploadfile']['tmp_name']) || $data['uploadurl']) && $can_upload)
    535. 

  535. 									{
    536. 

  536. 										list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_upload($data, $error);
    537. 

  537. 									}
    538. 

  538. 									else if ($data['remotelink'])
    539. 

  539. 									{
    540. 

  540. 										list($submit_ary['avatar_type'], $submit_ary['avatar'], $submit_ary['avatar_width'], $submit_ary['avatar_height']) = avatar_remote($data, $error);
    541. 

  541. 									}
    542. 

  542. 								}
    543. 

  543. 							}
    544. 

  544. 							else if ($avatar_select && $config['allow_avatar_local'])
    545. 

  545. 							{
    546. 

  546. 								// check avatar gallery
    547. 

  547. 								if (is_dir($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category))
    548. 

  548. 								{
    549. 

  549. 									$submit_ary['avatar_type'] = AVATAR_GALLERY;
    550. 

  550. 

  551. 									list($submit_ary['avatar_width'], $submit_ary['avatar_height']) = getimagesize($phpbb_root_path . $config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_select);
    552. 

  552. 									$submit_ary['avatar'] = $category . '/' . $avatar_select;
    553. 

  553. 								}
    554. 

  554. 							}
    555. 

  555. 							else if ($delete)
    556. 

  556. 							{
    557. 

  557. 								$submit_ary['avatar'] = '';
    558. 

  558. 								$submit_ary['avatar_type'] = $submit_ary['avatar_width'] = $submit_ary['avatar_height'] = 0;
    559. 

  559. 							}
    560. 

  560. 							else if ($data['width'] && $data['height'])
    561. 

  561. 							{
    562. 

  562. 								// Only update the dimensions?
    563. 

  563. 								if ($config['avatar_max_width'] || $config['avatar_max_height'])
    564. 

  564. 								{
    565. 

  565. 									if ($data['width'] > $config['avatar_max_width'] || $data['height'] > $config['avatar_max_height'])
    566. 

  566. 									{
    567. 

  567. 										$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
    568. 

  568. 									}
    569. 

  569. 								}
    570. 

  570. 

  571. 								if (!sizeof($error))
    572. 

  572. 								{
    573. 

  573. 									if ($config['avatar_min_width'] || $config['avatar_min_height'])
    574. 

  574. 									{
    575. 

  575. 										if ($data['width'] < $config['avatar_min_width'] || $data['height'] < $config['avatar_min_height'])
    576. 

  576. 										{
    577. 

  577. 											$error[] = sprintf($user->lang['AVATAR_WRONG_SIZE'], $config['avatar_min_width'], $config['avatar_min_height'], $config['avatar_max_width'], $config['avatar_max_height'], $data['width'], $data['height']);
    578. 

  578. 										}
    579. 

  579. 									}
    580. 

  580. 								}
    581. 

  581. 

  582. 								if (!sizeof($error))
    583. 

  583. 								{
    584. 

  584. 									$submit_ary['avatar_width'] = $data['width'];
    585. 

  585. 									$submit_ary['avatar_height'] = $data['height'];
    586. 

  586. 								}
    587. 

  587. 							}
    588. 

  588. 

  589. 							if ((isset($submit_ary['avatar']) && $submit_ary['avatar'] && (!isset($group_row['group_avatar']))) || $delete)
    590. 

  590. 							{
    591. 

  591. 								if (isset($group_row['group_avatar']) && $group_row['group_avatar'])
    592. 

  592. 								{
    593. 

  593. 									avatar_delete('group', $group_row, true);
    594. 

  594. 								}
    595. 

  595. 							}
    596. 

  596. 

  597. 							if (!check_form_key('ucp_groups'))
    598. 

  598. 							{
    599. 

  599. 								$error[] = $user->lang['FORM_INVALID'];
    600. 

  600. 							}
    601. 

  601. 

  602. 							if (!sizeof($error))
    603. 

  603. 							{
    604. 

  604. 								// Only set the rank, colour, etc. if it's changed or if we're adding a new
    605. 

  605. 								// group. This prevents existing group members being updated if no changes
    606. 

  606. 								// were made.
    607. 

  607. 

  608. 								$group_attributes = array();
    609. 

  609. 								$test_variables = array(
    610. 

  610. 									'rank'			=> 'int',
    611. 

  611. 									'colour'		=> 'string',
    612. 

  612. 									'avatar'		=> 'string',
    613. 

  613. 									'avatar_type'	=> 'int',
    614. 

  614. 									'avatar_width'	=> 'int',
    615. 

  615. 									'avatar_height'	=> 'int',
    616. 

  616. 									'receive_pm'	=> 'int',
    617. 

  617. 									'legend'		=> 'int',
    618. 

  618. 									'message_limit'	=> 'int',
    619. 

  619. 									'max_recipients'=> 'int',
    620. 

  620. 								);
    621. 

  621. 

  622. 								foreach ($test_variables as $test => $type)
    623. 

  623. 								{
    624. 

  624. 									if (isset($submit_ary[$test]) && ($action == 'add' || $group_row['group_' . $test] != $submit_ary[$test]))
    625. 

  625. 									{
    626. 

  626. 										settype($submit_ary[$test], $type);
    627. 

  627. 										$group_attributes['group_' . $test] = $group_row['group_' . $test] = $submit_ary[$test];
    628. 

  628. 									}
    629. 

  629. 								}
    630. 

  630. 

  631. 								if (!($error = group_create($group_id, $group_type, $group_name, $group_desc, $group_attributes, $allow_desc_bbcode, $allow_desc_urls, $allow_desc_smilies)))
    632. 

  632. 								{
    633. 

  633. 									$cache->destroy('sql', GROUPS_TABLE);
    634. 

  634. 

  635. 									$message = ($action == 'edit') ? 'GROUP_UPDATED' : 'GROUP_CREATED';
    636. 

  636. 									trigger_error($user->lang[$message] . $return_page);
    637. 

  637. 								}
    638. 

  638. 							}
    639. 

  639. 

  640. 							if (sizeof($error))
    641. 

  641. 							{
    642. 

  642. 								$group_rank = $submit_ary['rank'];
    643. 

  643. 

  644. 								$group_desc_data = array(
    645. 

  645. 									'text'			=> $group_desc,
    646. 

  646. 									'allow_bbcode'	=> $allow_desc_bbcode,
    647. 

  647. 									'allow_smilies'	=> $allow_desc_smilies,
    648. 

  648. 									'allow_urls'	=> $allow_desc_urls
    649. 

  649. 								);
    650. 

  650. 							}
    651. 

  651. 						}
    652. 

  652. 						else if (!$group_id)
    653. 

  653. 						{
    654. 

  654. 							$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
    655. 

  655. 							$group_desc_data = array(
    656. 

  656. 								'text'			=> '',
    657. 

  657. 								'allow_bbcode'	=> true,
    658. 

  658. 								'allow_smilies'	=> true,
    659. 

  659. 								'allow_urls'	=> true
    660. 

  660. 							);
    661. 

  661. 							$group_rank = 0;
    662. 

  662. 							$group_type = GROUP_OPEN;
    663. 

  663. 						}
    664. 

  664. 						else
    665. 

  665. 						{
    666. 

  666. 							$group_desc_data = generate_text_for_edit($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_options']);
    667. 

  667. 							$group_rank = $group_row['group_rank'];
    668. 

  668. 						}
    669. 

  669. 

  670. 						$sql = 'SELECT *
    671. 

  671. 							FROM ' . RANKS_TABLE . '
    672. 

  672. 							WHERE rank_special = 1
    673. 

  673. 							ORDER BY rank_title';
    674. 

  674. 						$result = $db->sql_query($sql);
    675. 

  675. 

  676. 						$rank_options = '<option value="0"' . ((!$group_rank) ? ' selected="selected"' : '') . '>' . $user->lang['USER_DEFAULT'] . '</option>';
    677. 

  677. 						while ($row = $db->sql_fetchrow($result))
    678. 

  678. 						{
    679. 

  679. 							$selected = ($group_rank && $row['rank_id'] == $group_rank) ? ' selected="selected"' : '';
    680. 

  680. 							$rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
    681. 

  681. 						}
    682. 

  682. 						$db->sql_freeresult($result);
    683. 

  683. 

  684. 						$type_free		= ($group_type == GROUP_FREE) ? ' checked="checked"' : '';
    685. 

  685. 						$type_open		= ($group_type == GROUP_OPEN) ? ' checked="checked"' : '';
    686. 

  686. 						$type_closed	= ($group_type == GROUP_CLOSED) ? ' checked="checked"' : '';
    687. 

  687. 						$type_hidden	= ($group_type == GROUP_HIDDEN) ? ' checked="checked"' : '';
    688. 

  688. 

  689. 						$display_gallery = (isset($_POST['display_gallery'])) ? true : false;
    690. 

  690. 

  691. 						if ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery)
    692. 

  692. 						{
    693. 

  693. 							avatar_gallery($category, $avatar_select, 4);
    694. 

  694. 						}
    695. 

  695. 

  696. 						$avatars_enabled = ($config['allow_avatar'] && (($can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) || ($config['allow_avatar_local'] || $config['allow_avatar_remote']))) ? true : false;
    697. 

  697. 

  698. 						$template->assign_vars(array(
    699. 

  699. 							'S_EDIT'			=> true,
    700. 

  700. 							'S_INCLUDE_SWATCH'	=> true,
    701. 

  701. 							'S_FORM_ENCTYPE'	=> ($config['allow_avatar'] && $can_upload && ($config['allow_avatar_upload'] || $config['allow_avatar_remote_upload'])) ? ' enctype="multipart/form-data"' : '',
    702. 

  702. 							'S_ERROR'			=> (sizeof($error)) ? true : false,
    703. 

  703. 							'S_SPECIAL_GROUP'	=> ($group_type == GROUP_SPECIAL) ? true : false,
    704. 

  704. 							'S_AVATARS_ENABLED'	=> $avatars_enabled,
    705. 

  705. 							'S_DISPLAY_GALLERY'	=> ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false,
    706. 

  706. 							'S_IN_GALLERY'		=> ($config['allow_avatar_local'] && $display_gallery) ? true : false,
    707. 

  707. 

  708. 							'S_UPLOAD_AVATAR_FILE'	=> ($config['allow_avatar'] && $config['allow_avatar_upload'] && $can_upload) ? true : false,
    709. 

  709. 							'S_UPLOAD_AVATAR_URL'	=> ($config['allow_avatar'] && $config['allow_avatar_remote_upload'] && $can_upload) ? true : false,
    710. 

  710. 							'S_LINK_AVATAR'			=> ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false,
    711. 

  711. 

  712. 							'ERROR_MSG'				=> (sizeof($error)) ? implode('<br />', $error) : '',
    713. 

  713. 							'GROUP_RECEIVE_PM'		=> (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '',
    714. 

  714. 							'GROUP_MESSAGE_LIMIT'	=> (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0,
    715. 

  715. 							'GROUP_MAX_RECIPIENTS'	=> (isset($group_row['group_max_recipients'])) ? $group_row['group_max_recipients'] : 0,
    716. 

  716. 

  717. 							'GROUP_DESC'			=> $group_desc_data['text'],
    718. 

  718. 							'S_DESC_BBCODE_CHECKED'	=> $group_desc_data['allow_bbcode'],
    719. 

  719. 							'S_DESC_URLS_CHECKED'	=> $group_desc_data['allow_urls'],
    720. 

  720. 							'S_DESC_SMILIES_CHECKED'=> $group_desc_data['allow_smilies'],
    721. 

  721. 

  722. 							'S_RANK_OPTIONS'		=> $rank_options,
    723. 

  723. 							'AVATAR_MAX_FILESIZE'	=> $config['avatar_filesize'],
    724. 

  724. 

  725. 							'GROUP_TYPE_FREE'		=> GROUP_FREE,
    726. 

  726. 							'GROUP_TYPE_OPEN'		=> GROUP_OPEN,
    727. 

  727. 							'GROUP_TYPE_CLOSED'		=> GROUP_CLOSED,
    728. 

  728. 							'GROUP_TYPE_HIDDEN'		=> GROUP_HIDDEN,
    729. 

  729. 							'GROUP_TYPE_SPECIAL'	=> GROUP_SPECIAL,
    730. 

  730. 

  731. 							'GROUP_FREE'		=> $type_free,
    732. 

  732. 							'GROUP_OPEN'		=> $type_open,
    733. 

  733. 							'GROUP_CLOSED'		=> $type_closed,
    734. 

  734. 							'GROUP_HIDDEN'		=> $type_hidden,
    735. 

  735. 

  736. 							'U_SWATCH'			=> append_sid("{$phpbb_root_path}adm/swatch.$phpEx", 'form=ucp&amp;name=group_colour'),
    737. 

  737. 							'S_UCP_ACTION'		=> $this->u_action . "&amp;action=$action&amp;g=$group_id",
    738. 

  738. 							'L_AVATAR_EXPLAIN'	=> sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
    739. 

  739. 						));
    740. 

  740. 

  741. 					break;
    742. 

  742. 

  743. 					case 'list':
    744. 

  744. 

  745. 						if (!$group_id)
    746. 

  746. 						{
    747. 

  747. 							trigger_error($user->lang['NO_GROUP'] . $return_page);
    748. 

  748. 						}
    749. 

  749. 

  750. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    751. 

  751. 						{
    752. 

  752. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    753. 

  753. 						}
    754. 

  754. 						list(, $row) = each($row);
    755. 

  755. 

  756. 						if (!$row['group_leader'])
    757. 

  757. 						{
    758. 

  758. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    759. 

  759. 						}
    760. 

  760. 

  761. 						$user->add_lang(array('acp/groups', 'acp/common'));
    762. 

  762. 						$start = request_var('start', 0);
    763. 

  763. 

  764. 						// Grab the leaders - always, on every page...
    765. 

  765. 						$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
    766. 

  766. 							FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
    767. 

  767. 							WHERE ug.group_id = $group_id
    768. 

  768. 								AND u.user_id = ug.user_id
    769. 

  769. 								AND ug.group_leader = 1
    770. 

  770. 							ORDER BY ug.user_pending DESC, u.username_clean";
    771. 

  771. 						$result = $db->sql_query($sql);
    772. 

  772. 

  773. 						while ($row = $db->sql_fetchrow($result))
    774. 

  774. 						{
    775. 

  775. 							$template->assign_block_vars('leader', array(
    776. 

  776. 								'USERNAME'			=> $row['username'],
    777. 

  777. 								'USERNAME_COLOUR'	=> $row['user_colour'],
    778. 

  778. 								'USERNAME_FULL'		=> get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
    779. 

  779. 								'U_USER_VIEW'		=> get_username_string('profile', $row['user_id'], $row['username']),
    780. 

  780. 								'S_GROUP_DEFAULT'	=> ($row['group_id'] == $group_id) ? true : false,
    781. 

  781. 								'JOINED'			=> ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ',
    782. 

  782. 								'USER_POSTS'		=> $row['user_posts'],
    783. 

  783. 								'USER_ID'			=> $row['user_id'])
    784. 

  784. 							);
    785. 

  785. 						}
    786. 

  786. 						$db->sql_freeresult($result);
    787. 

  787. 

  788. 						// Total number of group members (non-leaders)
    789. 

  789. 						$sql = 'SELECT COUNT(user_id) AS total_members
    790. 

  790. 							FROM ' . USER_GROUP_TABLE . "
    791. 

  791. 							WHERE group_id = $group_id
    792. 

  792. 								AND group_leader = 0";
    793. 

  793. 						$result = $db->sql_query($sql);
    794. 

  794. 						$total_members = (int) $db->sql_fetchfield('total_members');
    795. 

  795. 						$db->sql_freeresult($result);
    796. 

  796. 

  797. 						// Grab the members
    798. 

  798. 						$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
    799. 

  799. 							FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
    800. 

  800. 							WHERE ug.group_id = $group_id
    801. 

  801. 								AND u.user_id = ug.user_id
    802. 

  802. 								AND ug.group_leader = 0
    803. 

  803. 							ORDER BY ug.user_pending DESC, u.username_clean";
    804. 

  804. 						$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
    805. 

  805. 

  806. 						$pending = false;
    807. 

  807. 						$approved = false;
    808. 

  808. 

  809. 						while ($row = $db->sql_fetchrow($result))
    810. 

  810. 						{
    811. 

  811. 							if ($row['user_pending'] && !$pending)
    812. 

  812. 							{
    813. 

  813. 								$template->assign_block_vars('member', array(
    814. 

  814. 									'S_PENDING'		=> true)
    815. 

  815. 								);
    816. 

  816. 								$template->assign_var('S_PENDING_SET', true);
    817. 

  817. 

  818. 								$pending = true;
    819. 

  819. 							}
    820. 

  820. 							else if (!$row['user_pending'] && !$approved)
    821. 

  821. 							{
    822. 

  822. 								$template->assign_block_vars('member', array(
    823. 

  823. 									'S_APPROVED'		=> true)
    824. 

  824. 								);
    825. 

  825. 								$template->assign_var('S_APPROVED_SET', true);
    826. 

  826. 

  827. 								$approved = true;
    828. 

  828. 							}
    829. 

  829. 

  830. 							$template->assign_block_vars('member', array(
    831. 

  831. 								'USERNAME'			=> $row['username'],
    832. 

  832. 								'USERNAME_COLOUR'	=> $row['user_colour'],
    833. 

  833. 								'USERNAME_FULL'		=> get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
    834. 

  834. 								'U_USER_VIEW'		=> get_username_string('profile', $row['user_id'], $row['username']),
    835. 

  835. 								'S_GROUP_DEFAULT'	=> ($row['group_id'] == $group_id) ? true : false,
    836. 

  836. 								'JOINED'			=> ($row['user_regdate']) ? $user->format_date($row['user_regdate']) : ' - ',
    837. 

  837. 								'USER_POSTS'		=> $row['user_posts'],
    838. 

  838. 								'USER_ID'			=> $row['user_id'])
    839. 

  839. 							);
    840. 

  840. 						}
    841. 

  841. 						$db->sql_freeresult($result);
    842. 

  842. 

  843. 						$s_action_options = '';
    844. 

  844. 						$options = array('default' => 'DEFAULT', 'approve' => 'APPROVE', 'deleteusers' => 'DELETE');
    845. 

  845. 

  846. 						foreach ($options as $option => $lang)
    847. 

  847. 						{
    848. 

  848. 							$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
    849. 

  849. 						}
    850. 

  850. 

  851. 						$template->assign_vars(array(
    852. 

  852. 							'S_LIST'			=> true,
    853. 

  853. 							'S_ACTION_OPTIONS'	=> $s_action_options,
    854. 

  854. 							'S_ON_PAGE'			=> on_page($total_members, $config['topics_per_page'], $start),
    855. 

  855. 							'PAGINATION'		=> generate_pagination($this->u_action . "&amp;action=$action&amp;g=$group_id", $total_members, $config['topics_per_page'], $start),
    856. 

  856. 

  857. 							'U_ACTION'			=> $this->u_action . "&amp;g=$group_id",
    858. 

  858. 							'S_UCP_ACTION'		=> $this->u_action . "&amp;g=$group_id",
    859. 

  859. 							'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=ucp&amp;field=usernames'),
    860. 

  860. 						));
    861. 

  861. 

  862. 					break;
    863. 

  863. 

  864. 					case 'approve':
    865. 

  865. 

  866. 						if (!$group_id)
    867. 

  867. 						{
    868. 

  868. 							trigger_error($user->lang['NO_GROUP'] . $return_page);
    869. 

  869. 						}
    870. 

  870. 

  871. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    872. 

  872. 						{
    873. 

  873. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    874. 

  874. 						}
    875. 

  875. 						list(, $row) = each($row);
    876. 

  876. 

  877. 						if (!$row['group_leader'])
    878. 

  878. 						{
    879. 

  879. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    880. 

  880. 						}
    881. 

  881. 

  882. 						$user->add_lang('acp/groups');
    883. 

  883. 

  884. 						// Approve, demote or promote
    885. 

  885. 						group_user_attributes('approve', $group_id, $mark_ary, false, false);
    886. 

  886. 

  887. 						trigger_error($user->lang['USERS_APPROVED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    888. 

  888. 

  889. 					break;
    890. 

  890. 

  891. 					case 'default':
    892. 

  892. 

  893. 						if (!$group_id)
    894. 

  894. 						{
    895. 

  895. 							trigger_error($user->lang['NO_GROUP'] . $return_page);
    896. 

  896. 						}
    897. 

  897. 

  898. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    899. 

  899. 						{
    900. 

  900. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    901. 

  901. 						}
    902. 

  902. 						list(, $row) = each($row);
    903. 

  903. 

  904. 						if (!$row['group_leader'])
    905. 

  905. 						{
    906. 

  906. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    907. 

  907. 						}
    908. 

  908. 

  909. 						$group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
    910. 

  910. 

  911. 						if (confirm_box(true))
    912. 

  912. 						{
    913. 

  913. 							if (!sizeof($mark_ary))
    914. 

  914. 							{
    915. 

  915. 								$start = 0;
    916. 

  916. 

  917. 								do
    918. 

  918. 								{
    919. 

  919. 									$sql = 'SELECT user_id
    920. 

  920. 										FROM ' . USER_GROUP_TABLE . "
    921. 

  921. 										WHERE group_id = $group_id
    922. 

  922. 										ORDER BY user_id";
    923. 

  923. 									$result = $db->sql_query_limit($sql, 200, $start);
    924. 

  924. 

  925. 									$mark_ary = array();
    926. 

  926. 									if ($row = $db->sql_fetchrow($result))
    927. 

  927. 									{
    928. 

  928. 										do
    929. 

  929. 										{
    930. 

  930. 											$mark_ary[] = $row['user_id'];
    931. 

  931. 										}
    932. 

  932. 										while ($row = $db->sql_fetchrow($result));
    933. 

  933. 

  934. 										group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
    935. 

  935. 

  936. 										$start = (sizeof($mark_ary) < 200) ? 0 : $start + 200;
    937. 

  937. 									}
    938. 

  938. 									else
    939. 

  939. 									{
    940. 

  940. 										$start = 0;
    941. 

  941. 									}
    942. 

  942. 									$db->sql_freeresult($result);
    943. 

  943. 								}
    944. 

  944. 								while ($start);
    945. 

  945. 							}
    946. 

  946. 							else
    947. 

  947. 							{
    948. 

  948. 								group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
    949. 

  949. 							}
    950. 

  950. 

  951. 							$user->add_lang('acp/groups');
    952. 

  952. 

  953. 							trigger_error($user->lang['GROUP_DEFS_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    954. 

  954. 						}
    955. 

  955. 						else
    956. 

  956. 						{
    957. 

  957. 							$user->add_lang('acp/common');
    958. 

  958. 

  959. 							confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
    960. 

  960. 								'mark'		=> $mark_ary,
    961. 

  961. 								'g'			=> $group_id,
    962. 

  962. 								'i'			=> $id,
    963. 

  963. 								'mode'		=> $mode,
    964. 

  964. 								'action'	=> $action))
    965. 

  965. 							);
    966. 

  966. 						}
    967. 

  967. 

  968. 						// redirect to last screen
    969. 

  969. 						redirect($this->u_action . '&amp;action=list&amp;g=' . $group_id);
    970. 

  970. 

  971. 					break;
    972. 

  972. 

  973. 					case 'deleteusers':
    974. 

  974. 

  975. 						$user->add_lang(array('acp/groups', 'acp/common'));
    976. 

  976. 

  977. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    978. 

  978. 						{
    979. 

  979. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    980. 

  980. 						}
    981. 

  981. 						list(, $row) = each($row);
    982. 

  982. 

  983. 						if (!$row['group_leader'])
    984. 

  984. 						{
    985. 

  985. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    986. 

  986. 						}
    987. 

  987. 

  988. 						$group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
    989. 

  989. 

  990. 						if (confirm_box(true))
    991. 

  991. 						{
    992. 

  992. 							if (!$group_id)
    993. 

  993. 							{
    994. 

  994. 								trigger_error($user->lang['NO_GROUP'] . $return_page);
    995. 

  995. 							}
    996. 

  996. 

  997. 							$error = group_user_del($group_id, $mark_ary, false, $group_row['group_name']);
    998. 

  998. 

  999. 							if ($error)
    1000. 

  1000. 							{
    1001. 

  1001. 								trigger_error($user->lang[$error] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    1002. 

  1002. 							}
    1003. 

  1003. 

  1004. 							trigger_error($user->lang['GROUP_USERS_REMOVE'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    1005. 

  1005. 						}
    1006. 

  1006. 						else
    1007. 

  1007. 						{
    1008. 

  1008. 							confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
    1009. 

  1009. 								'mark'		=> $mark_ary,
    1010. 

  1010. 								'g'			=> $group_id,
    1011. 

  1011. 								'i'			=> $id,
    1012. 

  1012. 								'mode'		=> $mode,
    1013. 

  1013. 								'action'	=> $action))
    1014. 

  1014. 							);
    1015. 

  1015. 						}
    1016. 

  1016. 

  1017. 						// redirect to last screen
    1018. 

  1018. 						redirect($this->u_action . '&amp;action=list&amp;g=' . $group_id);
    1019. 

  1019. 

  1020. 					break;
    1021. 

  1021. 

  1022. 					case 'addusers':
    1023. 

  1023. 

  1024. 						$user->add_lang(array('acp/groups', 'acp/common'));
    1025. 

  1025. 

  1026. 						$names = utf8_normalize_nfc(request_var('usernames', '', true));
    1027. 

  1027. 

  1028. 						if (!$group_id)
    1029. 

  1029. 						{
    1030. 

  1030. 							trigger_error($user->lang['NO_GROUP'] . $return_page);
    1031. 

  1031. 						}
    1032. 

  1032. 

  1033. 						if (!$names)
    1034. 

  1034. 						{
    1035. 

  1035. 							trigger_error($user->lang['NO_USERS'] . $return_page);
    1036. 

  1036. 						}
    1037. 

  1037. 

  1038. 						if (!($row = group_memberships($group_id, $user->data['user_id'])))
    1039. 

  1039. 						{
    1040. 

  1040. 							trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
    1041. 

  1041. 						}
    1042. 

  1042. 						list(, $row) = each($row);
    1043. 

  1043. 

  1044. 						if (!$row['group_leader'])
    1045. 

  1045. 						{
    1046. 

  1046. 							trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
    1047. 

  1047. 						}
    1048. 

  1048. 

  1049. 						$name_ary = array_unique(explode("\n", $names));
    1050. 

  1050. 						$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
    1051. 

  1051. 

  1052. 						$default = request_var('default', 0);
    1053. 

  1053. 

  1054. 						if (confirm_box(true))
    1055. 

  1055. 						{
    1056. 

  1056. 							// Add user/s to group
    1057. 

  1057. 							if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row))
    1058. 

  1058. 							{
    1059. 

  1059. 								trigger_error($user->lang[$error] . $return_page);
    1060. 

  1060. 							}
    1061. 

  1061. 

  1062. 							trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    1063. 

  1063. 						}
    1064. 

  1064. 						else
    1065. 

  1065. 						{
    1066. 

  1066. 							$s_hidden_fields = array(
    1067. 

  1067. 								'default'	=> $default,
    1068. 

  1068. 								'usernames'	=> $names,
    1069. 

  1069. 								'g'			=> $group_id,
    1070. 

  1070. 								'i'			=> $id,
    1071. 

  1071. 								'mode'		=> $mode,
    1072. 

  1072. 								'action'	=> $action
    1073. 

  1073. 							);
    1074. 

  1074. 							confirm_box(false, sprintf($user->lang['GROUP_CONFIRM_ADD_USER' . ((sizeof($name_ary) == 1) ? '' : 'S')], implode(', ', $name_ary)), build_hidden_fields($s_hidden_fields));
    1075. 

  1075. 						}
    1076. 

  1076. 

  1077. 						trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
    1078. 

  1078. 

  1079. 					break;
    1080. 

  1080. 

  1081. 					default:
    1082. 

  1082. 						$user->add_lang('acp/common');
    1083. 

  1083. 

  1084. 						$sql = 'SELECT g.group_id, g.group_name, g.group_colour, g.group_desc, g.group_desc_uid, g.group_desc_bitfield, g.group_desc_options, g.group_type, ug.group_leader
    1085. 

  1085. 							FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . ' ug
    1086. 

  1086. 							WHERE ug.user_id = ' . $user->data['user_id'] . '
    1087. 

  1087. 								AND g.group_id = ug.group_id
    1088. 

  1088. 								AND ug.group_leader = 1
    1089. 

  1089. 							ORDER BY g.group_type DESC, g.group_name';
    1090. 

  1090. 						$result = $db->sql_query($sql);
    1091. 

  1091. 

  1092. 						while ($value = $db->sql_fetchrow($result))
    1093. 

  1093. 						{
    1094. 

  1094. 							$template->assign_block_vars('leader', array(
    1095. 

  1095. 								'GROUP_NAME'	=> ($value['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $value['group_name']] : $value['group_name'],
    1096. 

  1096. 								'GROUP_DESC'	=> generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']),
    1097. 

  1097. 								'GROUP_TYPE'	=> $value['group_type'],
    1098. 

  1098. 								'GROUP_ID'		=> $value['group_id'],
    1099. 

  1099. 								'GROUP_COLOUR'	=> $value['group_colour'],
    1100. 

  1100. 

  1101. 								'U_LIST'	=> $this->u_action . "&amp;action=list&amp;g={$value['group_id']}",
    1102. 

  1102. 								'U_EDIT'	=> $this->u_action . "&amp;action=edit&amp;g={$value['group_id']}")
    1103. 

  1103. 							);
    1104. 

  1104. 						}
    1105. 

  1105. 						$db->sql_freeresult($result);
    1106. 

  1106. 

  1107. 					break;
    1108. 

  1108. 				}
    1109. 

  1109. 

  1110. 			break;
    1111. 

  1111. 		}
    1112. 

  1112. 

  1113. 		$this->tpl_name = 'ucp_groups_' . $mode;
    1114. 

  1114. 	}
    1115. 

  1115. }
    1116. 

  1116. 

  1117. ?>
    1118.