Verzeichnisstruktur phpBB-3.1.0


Veröffentlicht
27.10.2014

So funktioniert es


Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück

Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis.
Auf den Verzeichnisnamen klicken, dies zeigt nur das Verzeichnis mit Inhalt an

(Beispiel Datei-Icons)

Auf das Icon klicken um den Quellcode anzuzeigen

acp_permission_roles.php

Zuletzt modifiziert: 09.10.2024, 12:52 - Dateigröße: 16.87 KiB


001  <?php
002  /**
003  *
004  * This file is part of the phpBB Forum Software package.
005  *
006  * @copyright (c) phpBB Limited <https://www.phpbb.com>
007  * @license GNU General Public License, version 2 (GPL-2.0)
008  *
009  * For full copyright and license information, please see
010  * the docs/CREDITS.txt file.
011  *
012  */
013   
014  /**
015  * @ignore
016  */
017  if (!defined('IN_PHPBB'))
018  {
019      exit;
020  }
021   
022  class acp_permission_roles
023  {
024      var $u_action;
025      protected $auth_admin;
026   
027      function main($id, $mode)
028      {
029          global $db, $user, $auth, $template, $cache, $phpbb_container;
030          global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
031          global $request;
032   
033          include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
034          include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
035   
036          $this->auth_admin = new auth_admin();
037   
038          $user->add_lang('acp/permissions');
039          add_permission_language();
040   
041          $this->tpl_name = 'acp_permission_roles';
042   
043          $submit = (isset($_POST['submit'])) ? true : false;
044          $role_id = request_var('role_id', 0);
045          $action = request_var('action', '');
046          $action = (isset($_POST['add'])) ? 'add' : $action;
047   
048          $form_name = 'acp_permissions';
049          add_form_key($form_name);
050   
051          if (!$role_id && in_array($action, array('remove', 'edit', 'move_up', 'move_down')))
052          {
053              trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
054          }
055   
056          switch ($mode)
057          {
058              case 'admin_roles':
059                  $permission_type = 'a_';
060                  $this->page_title = 'ACP_ADMIN_ROLES';
061              break;
062   
063              case 'user_roles':
064                  $permission_type = 'u_';
065                  $this->page_title = 'ACP_USER_ROLES';
066              break;
067   
068              case 'mod_roles':
069                  $permission_type = 'm_';
070                  $this->page_title = 'ACP_MOD_ROLES';
071              break;
072   
073              case 'forum_roles':
074                  $permission_type = 'f_';
075                  $this->page_title = 'ACP_FORUM_ROLES';
076              break;
077   
078              default:
079                  trigger_error('NO_MODE', E_USER_ERROR);
080              break;
081          }
082   
083          $template->assign_vars(array(
084              'L_TITLE'        => $user->lang[$this->page_title],
085              'L_EXPLAIN'        => $user->lang[$this->page_title . '_EXPLAIN'])
086          );
087   
088          // Take action... admin submitted something
089          if ($submit || $action == 'remove')
090          {
091              switch ($action)
092              {
093                  case 'remove':
094   
095                      $sql = 'SELECT *
096                          FROM ' . ACL_ROLES_TABLE . '
097                          WHERE role_id = ' . $role_id;
098                      $result = $db->sql_query($sql);
099                      $role_row = $db->sql_fetchrow($result);
100                      $db->sql_freeresult($result);
101   
102                      if (!$role_row)
103                      {
104                          trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
105                      }
106   
107                      if (confirm_box(true))
108                      {
109                          $this->remove_role($role_id, $permission_type);
110   
111                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
112                          add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
113                          trigger_error($user->lang['ROLE_DELETED'] . adm_back_link($this->u_action));
114                      }
115                      else
116                      {
117                          confirm_box(false, 'DELETE_ROLE', build_hidden_fields(array(
118                              'i'            => $id,
119                              'mode'        => $mode,
120                              'role_id'    => $role_id,
121                              'action'    => $action,
122                          )));
123                      }
124   
125                  break;
126   
127                  case 'edit':
128   
129                      // Get role we edit
130                      $sql = 'SELECT *
131                          FROM ' . ACL_ROLES_TABLE . '
132                          WHERE role_id = ' . $role_id;
133                      $result = $db->sql_query($sql);
134                      $role_row = $db->sql_fetchrow($result);
135                      $db->sql_freeresult($result);
136   
137                      if (!$role_row)
138                      {
139                          trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
140                      }
141   
142                  // no break;
143   
144                  case 'add':
145   
146                      if (!check_form_key($form_name))
147                      {
148                          trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
149                      }
150   
151                      $role_name = utf8_normalize_nfc(request_var('role_name', '', true));
152                      $role_description = utf8_normalize_nfc(request_var('role_description', '', true));
153                      $auth_settings = request_var('setting', array('' => 0));
154   
155                      if (!$role_name)
156                      {
157                          trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . adm_back_link($this->u_action), E_USER_WARNING);
158                      }
159   
160                      if (utf8_strlen($role_description) > 4000)
161                      {
162                          trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
163                      }
164   
165                      // if we add/edit a role we check the name to be unique among the settings...
166                      $sql = 'SELECT role_id
167                          FROM ' . ACL_ROLES_TABLE . "
168                          WHERE role_type = '" . $db->sql_escape($permission_type) . "'
169                              AND role_name = '" . $db->sql_escape($role_name) . "'";
170                      $result = $db->sql_query($sql);
171                      $row = $db->sql_fetchrow($result);
172                      $db->sql_freeresult($result);
173   
174                      // Make sure we only print out the error if we add the role or change it's name
175                      if ($row && ($mode == 'add' || ($mode == 'edit' && $role_row['role_name'] != $role_name)))
176                      {
177                          trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . adm_back_link($this->u_action), E_USER_WARNING);
178                      }
179   
180                      $sql_ary = array(
181                          'role_name'            => (string) $role_name,
182                          'role_description'    => (string) $role_description,
183                          'role_type'            => (string) $permission_type,
184                      );
185   
186                      if ($action == 'edit')
187                      {
188                          $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
189                              SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
190                              WHERE role_id = ' . $role_id;
191                          $db->sql_query($sql);
192                      }
193                      else
194                      {
195                          // Get maximum role order for inserting a new role...
196                          $sql = 'SELECT MAX(role_order) as max_order
197                              FROM ' . ACL_ROLES_TABLE . "
198                              WHERE role_type = '" . $db->sql_escape($permission_type) . "'";
199                          $result = $db->sql_query($sql);
200                          $max_order = (int) $db->sql_fetchfield('max_order');
201                          $db->sql_freeresult($result);
202   
203                          $sql_ary['role_order'] = $max_order + 1;
204   
205                          $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
206                          $db->sql_query($sql);
207   
208                          $role_id = $db->sql_nextid();
209                      }
210   
211                      // Now add the auth settings
212                      $this->auth_admin->acl_set_role($role_id, $auth_settings);
213   
214                      $role_name = (!empty($user->lang[$role_name])) ? $user->lang[$role_name] : $role_name;
215                      add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
216   
217                      trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . adm_back_link($this->u_action));
218   
219                  break;
220              }
221          }
222   
223          // Display screens
224          switch ($action)
225          {
226              case 'add':
227   
228                  $options_from = request_var('options_from', 0);
229   
230                  $role_row = array(
231                      'role_name'            => utf8_normalize_nfc(request_var('role_name', '', true)),
232                      'role_description'    => utf8_normalize_nfc(request_var('role_description', '', true)),
233                      'role_type'            => $permission_type,
234                  );
235   
236                  if ($options_from)
237                  {
238                      $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
239                          FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
240                          WHERE o.auth_option_id = p.auth_option_id
241                              AND p.role_id = ' . $options_from . '
242                          ORDER BY p.auth_option_id';
243                      $result = $db->sql_query($sql);
244   
245                      $auth_options = array();
246                      while ($row = $db->sql_fetchrow($result))
247                      {
248                          $auth_options[$row['auth_option']] = $row['auth_setting'];
249                      }
250                      $db->sql_freeresult($result);
251                  }
252                  else
253                  {
254                      $sql = 'SELECT auth_option_id, auth_option
255                          FROM ' . ACL_OPTIONS_TABLE . "
256                          WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
257                              AND auth_option <> '{$permission_type}'
258                          ORDER BY auth_option_id";
259                      $result = $db->sql_query($sql);
260   
261                      $auth_options = array();
262                      while ($row = $db->sql_fetchrow($result))
263                      {
264                          $auth_options[$row['auth_option']] = ACL_NO;
265                      }
266                      $db->sql_freeresult($result);
267                  }
268   
269              // no break;
270   
271              case 'edit':
272   
273                  if ($action == 'edit')
274                  {
275                      $sql = 'SELECT *
276                          FROM ' . ACL_ROLES_TABLE . '
277                          WHERE role_id = ' . $role_id;
278                      $result = $db->sql_query($sql);
279                      $role_row = $db->sql_fetchrow($result);
280                      $db->sql_freeresult($result);
281   
282                      $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
283                          FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
284                          WHERE o.auth_option_id = p.auth_option_id
285                              AND p.role_id = ' . $role_id . '
286                          ORDER BY p.auth_option_id';
287                      $result = $db->sql_query($sql);
288   
289                      $auth_options = array();
290                      while ($row = $db->sql_fetchrow($result))
291                      {
292                          $auth_options[$row['auth_option']] = $row['auth_setting'];
293                      }
294                      $db->sql_freeresult($result);
295                  }
296   
297                  if (!$role_row)
298                  {
299                      trigger_error($user->lang['NO_ROLE_SELECTED'] . adm_back_link($this->u_action), E_USER_WARNING);
300                  }
301   
302                  $phpbb_permissions = $phpbb_container->get('acl.permissions');
303   
304                  $template->assign_vars(array(
305                      'S_EDIT'            => true,
306   
307                      'U_ACTION'            => $this->u_action . "&amp;action={$action}&amp;role_id={$role_id}",
308                      'U_BACK'            => $this->u_action,
309   
310                      'ROLE_NAME'            => $role_row['role_name'],
311                      'ROLE_DESCRIPTION'    => $role_row['role_description'],
312                      'L_ACL_TYPE'        => $phpbb_permissions->get_type_lang($permission_type),
313                  ));
314   
315                  // We need to fill the auth options array with ACL_NO options ;)
316                  $sql = 'SELECT auth_option_id, auth_option
317                      FROM ' . ACL_OPTIONS_TABLE . "
318                      WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char()) . "
319                          AND auth_option <> '{$permission_type}'
320                      ORDER BY auth_option_id";
321                  $result = $db->sql_query($sql);
322   
323                  while ($row = $db->sql_fetchrow($result))
324                  {
325                      if (!isset($auth_options[$row['auth_option']]))
326                      {
327                          $auth_options[$row['auth_option']] = ACL_NO;
328                      }
329                  }
330                  $db->sql_freeresult($result);
331   
332                  // Unset global permission option
333                  unset($auth_options[$permission_type]);
334   
335                  // Display auth options
336                  $this->display_auth_options($auth_options);
337   
338                  // Get users/groups/forums using this preset...
339                  if ($action == 'edit')
340                  {
341                      $hold_ary = $this->auth_admin->get_role_mask($role_id);
342   
343                      if (sizeof($hold_ary))
344                      {
345                          $role_name = (!empty($user->lang[$role_row['role_name']])) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
346   
347                          $template->assign_vars(array(
348                              'S_DISPLAY_ROLE_MASK'    => true,
349                              'L_ROLE_ASSIGNED_TO'    => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
350                          );
351   
352                          $this->auth_admin->display_role_mask($hold_ary);
353                      }
354                  }
355   
356                  return;
357              break;
358   
359              case 'move_up':
360              case 'move_down':
361   
362                  $sql = 'SELECT role_order
363                      FROM ' . ACL_ROLES_TABLE . "
364                      WHERE role_id = $role_id";
365                  $result = $db->sql_query($sql);
366                  $order = $db->sql_fetchfield('role_order');
367                  $db->sql_freeresult($result);
368   
369                  if ($order === false || ($order == 0 && $action == 'move_up'))
370                  {
371                      break;
372                  }
373                  $order = (int) $order;
374                  $order_total = $order * 2 + (($action == 'move_up') ? -1 : 1);
375   
376                  $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
377                      SET role_order = ' . $order_total . " - role_order
378                      WHERE role_type = '" . $db->sql_escape($permission_type) . "'
379                          AND role_order IN ($order" . (($action == 'move_up') ? $order - 1 : $order + 1) . ')';
380                  $db->sql_query($sql);
381   
382                  if ($request->is_ajax())
383                  {
384                      $json_response = new \phpbb\json_response;
385                      $json_response->send(array(
386                          'success'    => (bool) $db->sql_affectedrows(),
387                      ));
388                  }
389   
390              break;
391          }
392   
393          // By default, check that role_order is valid and fix it if necessary
394          $sql = 'SELECT role_id, role_order
395              FROM ' . ACL_ROLES_TABLE . "
396              WHERE role_type = '" . $db->sql_escape($permission_type) . "'
397              ORDER BY role_order ASC";
398          $result = $db->sql_query($sql);
399   
400          if ($row = $db->sql_fetchrow($result))
401          {
402              $order = 0;
403              do
404              {
405                  $order++;
406                  if ($row['role_order'] != $order)
407                  {
408                      $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = $order WHERE role_id = {$row['role_id']}");
409                  }
410              }
411              while ($row = $db->sql_fetchrow($result));
412          }
413          $db->sql_freeresult($result);
414   
415          // Display assigned items?
416          $display_item = request_var('display_item', 0);
417   
418          // Select existing roles
419          $sql = 'SELECT *
420              FROM ' . ACL_ROLES_TABLE . "
421              WHERE role_type = '" . $db->sql_escape($permission_type) . "'
422              ORDER BY role_order ASC";
423          $result = $db->sql_query($sql);
424   
425          $s_role_options = '';
426          while ($row = $db->sql_fetchrow($result))
427          {
428              $role_name = (!empty($user->lang[$row['role_name']])) ? $user->lang[$row['role_name']] : $row['role_name'];
429   
430              $template->assign_block_vars('roles', array(
431                  'ROLE_NAME'                => $role_name,
432                  'ROLE_DESCRIPTION'        => (!empty($user->lang[$row['role_description']])) ? $user->lang[$row['role_description']] : nl2br($row['role_description']),
433   
434                  'U_EDIT'            => $this->u_action . '&amp;action=edit&amp;role_id=' . $row['role_id'],
435                  'U_REMOVE'            => $this->u_action . '&amp;action=remove&amp;role_id=' . $row['role_id'],
436                  'U_MOVE_UP'            => $this->u_action . '&amp;action=move_up&amp;role_id=' . $row['role_id'],
437                  'U_MOVE_DOWN'        => $this->u_action . '&amp;action=move_down&amp;role_id=' . $row['role_id'],
438                  'U_DISPLAY_ITEMS'    => ($row['role_id'] == $display_item) ? '' : $this->u_action . '&amp;display_item=' . $row['role_id'] . '#assigned_to')
439              );
440   
441              $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
442   
443              if ($display_item == $row['role_id'])
444              {
445                  $template->assign_vars(array(
446                      'L_ROLE_ASSIGNED_TO'    => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name))
447                  );
448              }
449          }
450          $db->sql_freeresult($result);
451   
452          $template->assign_vars(array(
453              'S_ROLE_OPTIONS'        => $s_role_options)
454          );
455   
456          if ($display_item)
457          {
458              $template->assign_vars(array(
459                  'S_DISPLAY_ROLE_MASK'    => true)
460              );
461   
462              $hold_ary = $this->auth_admin->get_role_mask($display_item);
463              $this->auth_admin->display_role_mask($hold_ary);
464          }
465      }
466   
467      /**
468      * Display permission settings able to be set
469      */
470      function display_auth_options($auth_options)
471      {
472          global $template, $user, $phpbb_container;
473   
474          $phpbb_permissions = $phpbb_container->get('acl.permissions');
475   
476          $content_array = $categories = array();
477          $key_sort_array = array(0);
478          $auth_options = array(0 => $auth_options);
479   
480          // Making use of auth_admin method here (we do not really want to change two similar code fragments)
481          $this->auth_admin->build_permission_array($auth_options, $content_array, $categories, $key_sort_array);
482   
483          $content_array = $content_array[0];
484   
485          $template->assign_var('S_NUM_PERM_COLS', sizeof($categories));
486   
487          // Assign to template
488          foreach ($content_array as $cat => $cat_array)
489          {
490              $template->assign_block_vars('auth', array(
491                  'CAT_NAME'    => $phpbb_permissions->get_category_lang($cat),
492   
493                  'S_YES'        => ($cat_array['S_YES'] && !$cat_array['S_NEVER'] && !$cat_array['S_NO']) ? true : false,
494                  'S_NEVER'    => ($cat_array['S_NEVER'] && !$cat_array['S_YES'] && !$cat_array['S_NO']) ? true : false,
495                  'S_NO'        => ($cat_array['S_NO'] && !$cat_array['S_NEVER'] && !$cat_array['S_YES']) ? true : false)
496              );
497   
498              foreach ($cat_array['permissions'] as $permission => $allowed)
499              {
500                  $template->assign_block_vars('auth.mask', array(
501                      'S_YES'        => ($allowed == ACL_YES) ? true : false,
502                      'S_NEVER'    => ($allowed == ACL_NEVER) ? true : false,
503                      'S_NO'        => ($allowed == ACL_NO) ? true : false,
504   
505                      'FIELD_NAME'    => $permission,
506                      'PERMISSION'    => $phpbb_permissions->get_permission_lang($permission),
507                  ));
508              }
509          }
510      }
511   
512      /**
513      * Remove role
514      */
515      function remove_role($role_id, $permission_type)
516      {
517          global $db;
518   
519          // Get complete auth array
520          $sql = 'SELECT auth_option, auth_option_id
521              FROM ' . ACL_OPTIONS_TABLE . "
522              WHERE auth_option " . $db->sql_like_expression($permission_type . $db->get_any_char());
523          $result = $db->sql_query($sql);
524   
525          $auth_settings = array();
526          while ($row = $db->sql_fetchrow($result))
527          {
528              $auth_settings[$row['auth_option']] = ACL_NO;
529          }
530          $db->sql_freeresult($result);
531   
532          // Get the role auth settings we need to re-set...
533          $sql = 'SELECT o.auth_option, r.auth_setting
534              FROM ' . ACL_ROLES_DATA_TABLE . ' r, ' . ACL_OPTIONS_TABLE . ' o
535              WHERE o.auth_option_id = r.auth_option_id
536                  AND r.role_id = ' . $role_id;
537          $result = $db->sql_query($sql);
538   
539          while ($row = $db->sql_fetchrow($result))
540          {
541              $auth_settings[$row['auth_option']] = $row['auth_setting'];
542          }
543          $db->sql_freeresult($result);
544   
545          // Get role assignments
546          $hold_ary = $this->auth_admin->get_role_mask($role_id);
547   
548          // Re-assign permissions
549          foreach ($hold_ary as $forum_id => $forum_ary)
550          {
551              if (isset($forum_ary['users']))
552              {
553                  $this->auth_admin->acl_set('user', $forum_id, $forum_ary['users'], $auth_settings, 0, false);
554              }
555   
556              if (isset($forum_ary['groups']))
557              {
558                  $this->auth_admin->acl_set('group', $forum_id, $forum_ary['groups'], $auth_settings, 0, false);
559              }
560          }
561   
562          // Remove role from users and groups just to be sure (happens through acl_set)
563          $sql = 'DELETE FROM ' . ACL_USERS_TABLE . '
564              WHERE auth_role_id = ' . $role_id;
565          $db->sql_query($sql);
566   
567          $sql = 'DELETE FROM ' . ACL_GROUPS_TABLE . '
568              WHERE auth_role_id = ' . $role_id;
569          $db->sql_query($sql);
570   
571          // Remove role data and role
572          $sql = 'DELETE FROM ' . ACL_ROLES_DATA_TABLE . '
573              WHERE role_id = ' . $role_id;
574          $db->sql_query($sql);
575   
576          $sql = 'DELETE FROM ' . ACL_ROLES_TABLE . '
577              WHERE role_id = ' . $role_id;
578          $db->sql_query($sql);
579   
580          $this->auth_admin->acl_clear_prefetch();
581      }
582  }
583