PageRenderTime 47ms CodeModel.GetById 17ms RepoModel.GetById 0ms app.codeStats 0ms

/source/include/modcp/modcp_forumaccess.php

https://github.com/kuaileshike/upload
PHP | 168 lines | 134 code | 28 blank | 6 comment | 54 complexity | b51e393bb8ed0bc0a0ddff3530647cc2 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *      [Discuz!] (C)2001-2099 Comsenz Inc.
    5. 

  5.  *      This is NOT a freeware, use is subject to license terms
    6. 

  6.  *
    7. 

  7.  *      $Id: modcp_forumaccess.php 26544 2011-12-15 02:19:09Z chenmengshu $
    8. 

  8.  */
    9. 

  9. 

  10. if(!defined('IN_DISCUZ') || !defined('IN_MODCP')) {
    11. 

  11. 	exit('Access Denied');
    12. 

  12. }
    13. 

  13. 

  14. $list = $logids = array();
    15. 

  15. 

  16. include_once(libfile('function/forumlist'));
    17. 

  17. $forumlistall = forumselect(false, false, $_G['fid']);
    18. 

  18. 

  19. $adderror = $successed = 0;
    20. 

  20. $new_user = isset($_GET['new_user']) ? trim($_GET['new_user']) : '';
    21. 

  21. 

  22. if($_G['fid'] && $_G['forum']['ismoderator'] && $new_user != '' && submitcheck('addsubmit')) {
    23. 

  23. 	$deleteaccess = isset($_GET['deleteaccess']) ? 1 : 0;
    24. 

  24. 	foreach (array('view', 'post', 'reply', 'getattach', 'getimage', 'postattach', 'postimage') as $key) {
    25. 

  25. 		${'new_'.$key} = isset($_GET['new_'.$key]) ? intval($_GET['new_'.$key]) : '';
    26. 

  26. 	}
    27. 

  27. 

  28. 	if($new_user != '') {
    29. 

  29. 

  30. 		$user = C::t('common_member')->fetch_by_username($new_user);
    31. 

  31. 		$uid = $user['uid'];
    32. 

  32. 

  33. 		if(empty($user)) {
    34. 

  34. 			$adderror = 1;
    35. 

  35. 		} elseif($user['adminid'] && $_G['adminid'] != 1) {
    36. 

  36. 			$adderror = 2;
    37. 

  37. 		} else {
    38. 

  38. 

  39. 			$access = C::t('forum_access')->fetch_all_by_fid_uid($_G['fid'], $uid);
    40. 

  40. 			$access = $access[0];
    41. 

  41. 

  42. 			if($deleteaccess) {
    43. 

  43. 

  44. 				if($access && $_G['adminid'] != 1 && inwhitelist($access)) {
    45. 

  45. 					$adderror = 3;
    46. 

  46. 				} else {
    47. 

  47. 					$successed = true;
    48. 

  48. 					$access && delete_access($uid, $_G['fid']);
    49. 

  49. 				}
    50. 

  50. 

  51. 			} elseif($new_view || $new_post || $new_reply || $new_getattach || $new_getimage || $new_postattach || $new_postimage) {
    52. 

  52. 

  53. 				if($new_view == -1) {
    54. 

  54. 					$new_view = $new_post = $new_reply = $new_getattach = $new_getimage = $new_postattach = $new_postimage = -1;
    55. 

  55. 				} else {
    56. 

  56. 					$new_view = 0;
    57. 

  57. 					$new_post = $new_post ? -1 : 0;
    58. 

  58. 					$new_reply = $new_reply ? -1 : 0;
    59. 

  59. 					$new_getattach = $new_getattach ? -1 : 0;
    60. 

  60. 					$new_getimage = $new_getimage ? -1 : 0;
    61. 

  61. 					$new_postattach = $new_postattach ? -1 : 0;
    62. 

  62. 					$new_postimage = $new_postimage ? -1 : 0;
    63. 

  63. 				}
    64. 

  64. 

  65. 				if(empty($access)) {
    66. 

  66. 					$successed = true;
    67. 

  67. 					$data = array('uid' => $uid, 'fid' => $_G['fid'], 'allowview' => $new_view, 'allowpost' => $new_post, 'allowreply' => $new_reply,
    68. 

  68. 						'allowgetattach' => $new_getattach, 'allowgetimage' => $new_getimage,
    69. 

  69. 						'allowpostattach' => $new_postattach, 'allowpostimage' => $new_postimage,
    70. 

  70. 						'adminuser' => $_G['uid'], 'dateline' => $_G['timestamp']);
    71. 

  71. 					C::t('forum_access')->insert($data);
    72. 

  72. 					C::t('common_member')->update($uid, array('accessmasks' => 1), 'UNBUFFERED');
    73. 

  73. 

  74. 				} elseif($new_view == -1 && $access['allowview'] == 1 && $_G['adminid'] != 1) {
    75. 

  75. 					$adderror = 3;
    76. 

  76. 				} else {
    77. 

  77. 					if($_G['adminid'] > 1) {
    78. 

  78. 						$new_view = $access['allowview'] == 1 ? 1 : $new_view;
    79. 

  79. 						$new_post = $access['allowpost'] == 1 ? 1 : $new_post;
    80. 

  80. 						$new_reply = $access['allowreply'] == 1 ? 1 : $new_reply;
    81. 

  81. 						$new_getattach = $access['allowgetattach'] == 1 ? 1 : $new_getattach;
    82. 

  82. 						$new_getimage = $access['allowgetimage'] == 1 ? 1 : $new_getimage;
    83. 

  83. 						$new_postattach = $access['postattach'] == 1 ? 1 : $new_postattach;
    84. 

  84. 						$new_postimage = $access['postimage'] == 1 ? 1 : $new_postimage;
    85. 

  85. 					}
    86. 

  86. 					$successed = true;
    87. 

  87. 					$data = array('allowview' => $new_view, 'allowpost' => $new_post, 'allowreply' => $new_reply,
    88. 

  88. 						'allowgetattach' => $new_getattach, 'allowgetimage' => $new_getimage,
    89. 

  89. 						'allowpostattach' => $new_postattach, 'allowpostimage' => $new_postimage,
    90. 

  90. 						'adminuser' => $_G['uid'], 'dateline' => $_G['timestamp']);
    91. 

  91. 					C::t('forum_access')->update_for_uid($uid, $_G['fid'], $data);
    92. 

  92. 					C::t('common_member')->update($uid, array('accessmasks' => 1), 'UNBUFFERED');
    93. 

  93. 

  94. 				}
    95. 

  95. 			}
    96. 

  96. 		}
    97. 

  97. 	}
    98. 

  98. 

  99. 	$new_user = $adderror ? $new_user : '';
    100. 

  100. }
    101. 

  101. 

  102. $new_user = dhtmlspecialchars($new_user);
    103. 

  103. $suser = isset($_GET['suser']) ? trim($_GET['suser']) : '';
    104. 

  104. if(submitcheck('searchsubmit')) {
    105. 

  105. 	if($suser != '') {
    106. 

  106. 		$suid = C::t('common_member')->fetch_uid_by_username($suser);
    107. 

  107. 	}
    108. 

  108. }
    109. 

  109. $suser = dhtmlspecialchars($suser);
    110. 

  110. 

  111. $page = max(1, intval($_G['page']));
    112. 

  112. $ppp = 10;
    113. 

  113. $list = array('pagelink' => '', 'data' => array());
    114. 

  114. 

  115. if($num = C::t('forum_access')->fetch_all_by_fid_uid($_G['fid'], $suid, 1)) {
    116. 

  116. 

  117. 	$page = $page > ceil($num / $ppp) ? ceil($num / $ppp) : $page;
    118. 

  118. 	$start_limit = ($page - 1) * $ppp;
    119. 

  119. 	$list['pagelink'] = multi($num, $ppp, $page, "forum.php?mod=modcp&fid=$_G[fid]&action=$_GET[action]");
    120. 

  120. 

  121. 	$query = C::t('forum_access')->fetch_all_by_fid_uid($_G['fid'], $suid, 0, $start_limit, $ppp);
    122. 

  122. 	$uidarray = array();
    123. 

  123. 	foreach($query as $access) {
    124. 

  124. 		$uidarray[$access['uid']] = $access['uid'];
    125. 

  125. 		$uidarray[$access['adminuser']] = $access['adminuser'];
    126. 

  126. 		$access['allowview'] = accessimg($access['allowview']);
    127. 

  127. 		$access['allowpost'] = accessimg($access['allowpost']);
    128. 

  128. 		$access['allowreply'] = accessimg($access['allowreply']);
    129. 

  129. 		$access['allowpostattach'] = accessimg($access['allowpostattach']);
    130. 

  130. 		$access['allowgetattach'] = accessimg($access['allowgetattach']);
    131. 

  131. 		$access['allowgetimage'] = accessimg($access['allowgetimage']);
    132. 

  132. 		$access['allowpostimage'] = accessimg($access['allowpostimage']);
    133. 

  133. 		$access['dateline'] = dgmdate($access['dateline'], 'd');
    134. 

  134. 		$access['forum'] = '<a href="forum.php?mod=forumdisplay&fid='.$access['fid'].'" target="_blank">'.strip_tags($_G['cache']['forums'][$access['fid']]['name']).'</a>';
    135. 

  135. 		$list['data'][] = $access;
    136. 

  136. 	}
    137. 

  137. 

  138. 	$users = array();
    139. 

  139. 	if($uids = dimplode($uidarray)) {
    140. 

  140. 		$users = C::t('common_member')->fetch_all_username_by_uid($uids);
    141. 

  141. 	}
    142. 

  142. }
    143. 

  143. 

  144. function delete_access($uid, $fid) {
    145. 

  145. 	C::t('forum_access')->delete_by_fid($fid, $uid);
    146. 

  146. 	$mask = C::t('forum_access')->count_by_uid($uid);
    147. 

  147. 	if(!$mask) {
    148. 

  148. 		C::t('common_member')->update($uid, array('accessmasks' => ''), 'UNBUFFERED');
    149. 

  149. 	}
    150. 

  150. }
    151. 

  151. 

  152. function accessimg($access) {
    153. 

  153. 	return $access == -1 ? '<img src="'.STATICURL.'image/common/access_disallow.gif" />' :
    154. 

  154. 		($access == 1 ? '<img src="'.STATICURL.'image/common/access_allow.gif" />' : '<img src="'.STATICURL.'image/common/access_normal.gif" />');
    155. 

  155. }
    156. 

  156. 

  157. function inwhitelist($access) {
    158. 

  158. 	$return = false;
    159. 

  159. 	foreach (array('allowview', 'allowpost', 'allowreply', 'allowpostattach', 'allowgetattach', 'allowgetimage') as $key) {
    160. 

  160. 		if($access[$key] == 1) {
    161. 

  161. 			$return = true;
    162. 

  162. 			break;
    163. 

  163. 		}
    164. 

  164. 	}
    165. 

  165. 	return $return;
    166. 

  166. }
    167. 

  167. 

  168. ?>
    169.