groups.inc.php

极限网络智能办公系统 - Office Automation 2.8 100％ 源码

<?php

/*
	[Discuz!] (C)2001-2006 Comsenz Inc.
	This is NOT a freeware, use is subject to license terms

	$RCSfile: groups.inc.php,v $
	$Revision: 1.14 $
	$Date: 2006/03/01 01:21:42 $
*/

if(!defined('IN_DISCUZ') || !isset($PHP_SELF) || !preg_match("/[\/\\\\]admincp\.php$/", $PHP_SELF)) {
        exit('Access Denied');
}

cpheader();

if($action == 'admingroups') {

	$actionarray = array('settings', 'passport', 'siteengine', 'shopex', 'forumadd', 'forumsedit', 'forumsmerge',
		'forumdetail', 'forumdelete', 'forumcopy', 'moderators', 'threadtypes', 'memberadd', 'members', 'membersmerge',
		'editgroups', 'access', 'editcredits', 'editmedals', 'memberprofile', 'profilefields', 'ipban', 'usergroups',
		'admingroups', 'ranks', 'announcements', 'styles', 'templates', 'tpladd', 'tpledit', 'modmembers',
		'modthreads', 'modreplies', 'recyclebin', 'alipay', 'orders', 'forumlinks', 'onlinelist', 'medals',
		'censor', 'discuzcodes', 'smilies', 'attachtypes', 'creditslog', 'adv', 'advadd', 'advedit', 'export', 'import',
		'runquery', 'optimize', 'attachments', 'counter', 'threads', 'prune', 'pmprune', 'updatecache', 'jswizard',
		'fileperms', 'crons', 'avatarshow_config', 'avatarshow_register', 'qihoo_config', 'qihoo_topics',
		'pluginsconfig', 'pluginsedit', 'pluginhooks', 'pluginvars', 'illegallog', 'ratelog', 'modslog', 'medalslog',
		'banlog', 'cplog', 'creditslog', 'errorlog');

	if(!submitcheck('groupsubmit')) {

		if(!isset($edit) || empty($edit)) {

			$grouplist = '';
			$query = $db->query("SELECT a.*, u.radminid, u.grouptitle FROM {$tablepre}admingroups a
				LEFT JOIN {$tablepre}usergroups u ON u.groupid=a.admingid
				WHERE a.admingid<>'1' ORDER BY u.radminid, a.admingid");
			while($group = $db->fetch_array($query)) {
				$grouplist .= "<tr align=\"center\"><td class=\"altbg1\">$group[grouptitle]</td><td class=\"altbg2\">".
					($group['admingid'] <= 3 ? $lang['admingroups_type_system'] : $lang['admingroups_type_user'])."</td><td class=\"altbg1\">".$lang['usergroups_system_'.$group['radminid']].
					"</td><td class=\"altbg2\"><a href=\"admincp.php?action=usergroups&edit={$group[admingid]}&return=admingroups\">[{$lang[edit]}]</a></td><td class=\"altbg1\"><a href=\"admincp.php?action=admingroups&edit=$group[admingid]\">[{$lang[edit]}]</a></td></tr>\n";
			}

?>
<table cellspacing="<?=INNERBORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="95%" align="center" class="tableborder">
<tr class="header"><td><?=$lang['tips']?></td></tr>
<tr bgcolor="<?=ALTBG1?>"><td>
<br><?=$lang['admingroups_tips']?>
</td></tr></table>

<br>
<table cellspacing="<?=INNERBORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="95%" align="center" class=tableborder>
<tr class="header" align="center"><td><?=$lang['name']?></td><td><?=$lang['type']?></td><td><?=$lang['admingroups_level']?></td><td><?=$lang['admingroups_settings_user']?></td><td><?=$lang['admingroups_settings_admin']?></td></tr>
<?=$grouplist?>
</table>
<?

		} else {

			$edit = intval($edit);
			$query = $db->query("SELECT a.*, aa.disabledactions, u.radminid, u.grouptitle FROM {$tablepre}admingroups a
				LEFT JOIN {$tablepre}usergroups u ON u.groupid=a.admingid
				LEFT JOIN {$tablepre}adminactions aa ON aa.admingid=a.admingid
				WHERE a.admingid='$edit' AND a.admingid<>'1'");

			if(!$group = $db->fetch_array($query)) {
				cpmsg('undefined_action');
			}

?>
<br><br><form method="post" action="admincp.php?action=admingroups&edit=<?=$edit?>">
<input type="hidden" name="formhash" value="<?=FORMHASH?>">
<?

			if($group['radminid'] == 1) {

				$group['disabledactions'] = $group['disabledactions'] ? unserialize($group['disabledactions']) : array();

				showtype($lang['admingroups_edit'].' - '.$group['grouptitle'], 'top');

				foreach($actionarray as $actionstr) {
					showsetting('admingroups_edit_action_'.$actionstr, 'disabledactionnew['.$actionstr.']', !in_array($actionstr, $group['disabledactions']), 'radio');
				}

				showtype('', 'bottom');

			} else {

				$checkstick = array($group['allowstickthread'] => 'checked');

				showtype($lang['admingroups_edit'].' - '.$group['grouptitle'], 'top');
				showsetting('admingroups_edit_edit_post', 'alloweditpostnew', $group['alloweditpost'], 'radio');
				showsetting('admingroups_edit_edit_poll', 'alloweditpollnew', $group['alloweditpoll'], 'radio');
				showsetting('admingroups_edit_stick_thread', '', '', '<input type="radio" name="allowstickthreadnew" value="0" '.$checkstick[0].'> '.$lang['admingroups_edit_stick_thread_none'].'<br><input type="radio" name="allowstickthreadnew" value="1" '.$checkstick[1].'> '.$lang['admingroups_edit_stick_thread_1'].'<br><input type="radio" name="allowstickthreadnew" value="2" '.$checkstick[2].'> '.$lang['admingroups_edit_stick_thread_2'].'<br><input type="radio" name="allowstickthreadnew" value="3" '.$checkstick[3].'> '.$lang['admingroups_edit_stick_thread_3'].'');
				showsetting('admingroups_edit_mod_post', 'allowmodpostnew', $group['allowmodpost'], 'radio');
				showsetting('admingroups_edit_del_post', 'allowdelpostnew', $group['allowdelpost'], 'radio');
				showsetting('admingroups_edit_mass_prune', 'allowmassprunenew', $group['allowmassprune'], 'radio');
				showsetting('admingroups_edit_refund', 'allowrefundnew', $group['allowrefund'], 'radio');
				showsetting('admingroups_edit_censor_word', 'allowcensorwordnew', $group['allowcensorword'], 'radio');
				showsetting('admingroups_edit_view_ip', 'allowviewipnew', $group['allowviewip'], 'radio');
				showsetting('admingroups_edit_ban_ip', 'allowbanipnew', $group['allowbanip'], 'radio');
				showsetting('admingroups_edit_edit_user', 'alloweditusernew', $group['allowedituser'], 'radio');
				showsetting('admingroups_edit_ban_user', 'allowbanusernew', $group['allowbanuser'], 'radio');
				showsetting('admingroups_edit_mod_user', 'allowmodusernew', $group['allowmoduser'], 'radio');
				showsetting('admingroups_edit_post_announce', 'allowpostannouncenew', $group['allowpostannounce'], 'radio');
				showsetting('admingroups_edit_view_log', 'allowviewlognew', $group['allowviewlog'], 'radio');
				showsetting('admingroups_edit_disable_postctrl', 'disablepostctrlnew', $group['disablepostctrl'], 'radio');
				showtype('', 'bottom');

			}

			echo "<br><center><input type=\"submit\" name=\"groupsubmit\" value=\"$lang[submit]\"><center></form>";

		}

	} else {

		$query = $db->query("SELECT groupid, radminid FROM {$tablepre}usergroups WHERE groupid='$edit'");
		if(!$group = $db->fetch_array($query)) {
			cpmsg('undefined_action');
		}

		if($group['radminid'] == 1) {

			$dactionarray = array();
			if(is_array($disabledactionnew)) {
				foreach($disabledactionnew as $key => $value) {
					if(in_array($key, $actionarray) && !$value) {
						$dactionarray[] = $key;
					}
				}
			}

			$db->query("REPLACE INTO {$tablepre}adminactions (admingid, disabledactions)
				VALUES ('$group[groupid]', '".addslashes(serialize($dactionarray))."')");

		} else {

			$db->query("UPDATE {$tablepre}admingroups SET alloweditpost='$alloweditpostnew', alloweditpoll='$alloweditpollnew',
				allowstickthread='$allowstickthreadnew', allowmodpost='$allowmodpostnew', allowdelpost='$allowdelpostnew',
				allowmassprune='$allowmassprunenew', allowrefund='$allowrefundnew', allowcensorword='$allowcensorwordnew',
				allowviewip='$allowviewipnew', allowbanip='$allowbanipnew', allowedituser='$alloweditusernew', allowbanuser='$allowbanusernew',
				allowmoduser='$allowmodusernew', allowpostannounce='$allowpostannouncenew', allowviewlog='$allowviewlognew',
				disablepostctrl='$disablepostctrlnew' WHERE admingid='$group[groupid]' AND admingid<>'1'");

		}

		updatecache('usergroups');
		updatecache('admingroups');
		cpmsg('admingroups_edit_succeed', 'admincp.php?action=admingroups');

	}

} elseif($action == 'usergroups') {

	if(!submitcheck('groupsubmit')) {

		if(!$edit) {
			$sgroups = $smembers = array(); $sgroupids = '0';
			$membergroup = $specialgroup = $sysgroup = '';
			$sgroupids = 0;
			$query = $db->query("SELECT groupid, type, grouptitle, creditshigher, creditslower, stars, color, groupavatar FROM {$tablepre}usergroups ORDER BY creditshigher");
			while($group = $db->fetch_array($query)) {
				if($group['type'] == 'member') {
					$membergroup .= "<tr align=\"center\"><td bgcolor=\"".ALTBG1."\"><input type=\"checkbox\" name=\"delete[$group[groupid]]\" value=\"$group[groupid]\"></td>\n".
						"<td bgcolor=\"".ALTBG2."\"><input type=\"text\" size=\"12\" name=\"groupnew[$group[groupid]][grouptitle]\" value=\"$group[grouptitle]\"></td>\n".
						"<td bgcolor=\"".ALTBG1."\"><input type=\"text\" size=\"6\" name=\"groupnew[$group[groupid]][creditshigher]\" value=\"$group[creditshigher]\">\n".
						"<td bgcolor=\"".ALTBG2."\">$group[creditslower]\n".
						"<td bgcolor=\"".ALTBG1."\"><input type=\"text\" size=\"2\"name=\"groupnew[$group[groupid]][stars]\" value=\"$group[stars]\"></td>\n".
						"<td bgcolor=\"".ALTBG2."\"><input type=\"text\" size=\"6\"name=\"groupnew[$group[groupid]][color]\" value=\"$group[color]\"></td>\n".
						"<td bgcolor=\"".ALTBG1."\"><input type=\"text\" size=\"12\" name=\"groupnew[$group[groupid]][groupavatar]\" value=\"$group[groupavatar]\"></td>".
						"<td bgcolor=\"".ALTBG2."\" nowrap><a href=\"admincp.php?action=usergroups&edit=$group[groupid]\">[$lang[detail]]</a></td></tr>\n";
				} elseif($group['type'] == 'system') {
					$sysgroup .= "<tr align=\"center\">\n".
						"<td bgcolor=\"".ALTBG2."\"><input type=\"text\" size=\"12\" name=\"group_title[$group[groupid]]\" value=\"$group[grouptitle]\"></td>\n".
						"<td bgcolor=\"".ALTBG1."\">".$lang['usergroups_system_'.$group['groupid']]."</td>\n".
						"<td bgcolor=\"".ALTBG2."\"><input type=\"text\" size=\"2\"name=\"group_stars[$group[groupid]]\" value=\"$group[stars]\"></td>\n".
						"<td bgcolor=\"".ALTBG1."\"><input type=\"text\" size=\"6\"name=\"group_color[$group[groupid]]\" value=\"$group[color]\"></td>\n".
						"<td bgcolor=\"".ALTBG2."\"><input type=\"text\" size=\"12\" name=\"group_avatar[$group[groupid]]\" value=\"$group[groupavatar]\"></td>\n".
						"<td bgcolor=\"".ALTBG1."\" nowrap><a href=\"admincp.php?action=usergroups&edit=$group[groupid]\">[$lang[detail]]</a></td></tr>\n";
				} elseif($group['type'] == 'special') {
					$sgroups[] = $group;
					$sgroupids .= ','.$group['groupid'];
				}
			}

			$query = $db->query("SELECT uid, username, groupid FROM {$tablepre}members WHERE groupid IN ($sgroupids)");
			while($member = $db->fetch_array($query)) {
				$smembers[$member['groupid']][] = '<a href="viewpro.php?uid='.$member['uid'].'" target="_blank">'.$member['username'].'</a>';
			}

			foreach($sgroups as $group) {
				if(is_array($smembers[$group['groupid']])) {
					$num = count($smembers[$group['groupid']]);
					$specifiedusers = $num <= 200 ? implode(', ', $smembers[$group['groupid']]) :
						implode(', ', array_slice($smembers[$group['groupid']], 0, 200)).$lang['usergroups_specified_members_leaved_out'];

					unset($smembers[$group['groupid']]);
				} else {
					$specifiedusers = '';
					$num = 0;
				}