aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/ucp/ucp_groups.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes/ucp/ucp_groups.php')
-rw-r--r--phpBB/includes/ucp/ucp_groups.php147
1 files changed, 91 insertions, 56 deletions
diff --git a/phpBB/includes/ucp/ucp_groups.php b/phpBB/includes/ucp/ucp_groups.php
index 86a8226d5b..cf6e049748 100644
--- a/phpBB/includes/ucp/ucp_groups.php
+++ b/phpBB/includes/ucp/ucp_groups.php
@@ -30,16 +30,20 @@ class ucp_groups
{
global $config, $phpbb_root_path, $phpEx, $phpbb_admin_path;
global $db, $user, $auth, $cache, $template;
- global $request, $phpbb_container;
+ global $request, $phpbb_container, $phpbb_log;
+
+ /** @var \phpbb\language\language $language Language object */
+ $language = $phpbb_container->get('language');
$user->add_lang('groups');
$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
- $mark_ary = request_var('mark', array(0));
+ $mark_ary = $request->variable('mark', array(0));
$submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST);
- $delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST);
- $error = $data = array();
+
+ /** @var \phpbb\group\helper $group_helper */
+ $group_helper = $phpbb_container->get('group_helper');
switch ($mode)
{
@@ -49,8 +53,8 @@ class ucp_groups
if ($submit || isset($_POST['change_default']))
{
- $action = (isset($_POST['change_default'])) ? 'change_default' : request_var('action', '');
- $group_id = ($action == 'change_default') ? request_var('default', 0) : request_var('selected', 0);
+ $action = (isset($_POST['change_default'])) ? 'change_default' : $request->variable('action', '');
+ $group_id = ($action == 'change_default') ? $request->variable('default', 0) : $request->variable('selected', 0);
if (!$group_id)
{
@@ -65,12 +69,12 @@ class ucp_groups
$group_row = array();
while ($row = $db->sql_fetchrow($result))
{
- $row['group_name'] = ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'];
+ $row['group_name'] = $group_helper->get_name($row['group_name']);
$group_row[$row['group_id']] = $row;
}
$db->sql_freeresult($result);
- if (!sizeof($group_row))
+ if (!count($group_row))
{
trigger_error('GROUP_NOT_EXIST');
}
@@ -86,6 +90,7 @@ class ucp_groups
if (!$auth->acl_get('u_chggrp'))
{
+ send_status_line(403, 'Forbidden');
trigger_error($user->lang['NOT_AUTHORISED'] . $return_page);
}
@@ -99,7 +104,10 @@ class ucp_groups
{
group_user_attributes('default', $group_id, $user->data['user_id']);
- add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_CHANGE', sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name']));
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_CHANGE', false, array(
+ 'reportee_id' => $user->data['user_id'],
+ sprintf($user->lang['USER_GROUP_CHANGE'], $group_row[$user->data['group_id']]['group_name'], $group_row[$group_id]['group_name'])
+ ));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['CHANGED_DEFAULT_GROUP'] . $return_page);
@@ -146,7 +154,10 @@ class ucp_groups
{
group_user_del($group_id, $user->data['user_id']);
- add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_RESIGN', $group_row[$group_id]['group_name']);
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_RESIGN', false, array(
+ 'reportee_id' => $user->data['user_id'],
+ $group_row[$group_id]['group_name']
+ ));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[($row['user_pending']) ? 'GROUP_RESIGNED_PENDING' : 'GROUP_RESIGNED_MEMBERSHIP'] . $return_page);
@@ -202,7 +213,10 @@ class ucp_groups
group_user_add($group_id, $user->data['user_id'], false, false, false, 0, 1);
}
- add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), $group_row[$group_id]['group_name']);
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_JOIN' . (($group_row[$group_id]['group_type'] == GROUP_FREE) ? '' : '_PENDING'), false, array(
+ 'reportee_id' => $user->data['user_id'],
+ $group_row[$group_id]['group_name']
+ ));
meta_refresh(3, $this->u_action);
trigger_error($user->lang[($group_row[$group_id]['group_type'] == GROUP_FREE) ? 'GROUP_JOINED' : 'GROUP_JOINED_PENDING'] . $return_page);
@@ -237,7 +251,10 @@ class ucp_groups
{
group_user_attributes('demote', $group_id, $user->data['user_id']);
- add_log('user', $user->data['user_id'], 'LOG_USER_GROUP_DEMOTE', $group_row[$group_id]['group_name']);
+ $phpbb_log->add('user', $user->data['user_id'], $user->ip, 'LOG_USER_GROUP_DEMOTE', false, array(
+ 'reportee_id' => $user->data['user_id'],
+ $group_row[$group_id]['group_name']
+ ));
meta_refresh(3, $this->u_action);
trigger_error($user->lang['USER_GROUP_DEMOTED'] . $return_page);
@@ -295,7 +312,7 @@ class ucp_groups
$template->assign_block_vars($block, array(
'GROUP_ID' => $row['group_id'],
- 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
+ 'GROUP_NAME' => $group_helper->get_name($row['group_name']),
'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'GROUP_STATUS' => $user->lang['GROUP_IS_' . $group_status],
@@ -316,7 +333,7 @@ class ucp_groups
$sql = 'SELECT group_id, group_name, group_colour, group_desc, group_desc_uid, group_desc_bitfield, group_desc_options, group_type, group_founder_manage
FROM ' . GROUPS_TABLE . '
- WHERE ' . ((sizeof($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "
+ WHERE ' . ((count($group_id_ary)) ? $db->sql_in_set('group_id', $group_id_ary, true) . ' AND ' : '') . "
group_type $sql_and
ORDER BY group_type DESC, group_name";
$result = $db->sql_query($sql);
@@ -349,7 +366,7 @@ class ucp_groups
$template->assign_block_vars('nonmember', array(
'GROUP_ID' => $row['group_id'],
- 'GROUP_NAME' => ($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name'],
+ 'GROUP_NAME' => $group_helper->get_name($row['group_name']),
'GROUP_DESC' => ($row['group_type'] <> GROUP_SPECIAL) ? generate_text_for_display($row['group_desc'], $row['group_desc_uid'], $row['group_desc_bitfield'], $row['group_desc_options']) : $user->lang['GROUP_IS_SPECIAL'],
'GROUP_SPECIAL' => ($row['group_type'] <> GROUP_SPECIAL) ? false : true,
'GROUP_CLOSED' => ($row['group_type'] <> GROUP_CLOSED || $auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel')) ? false : true,
@@ -379,10 +396,13 @@ class ucp_groups
case 'manage':
$this->page_title = 'UCP_USERGROUPS_MANAGE';
- $action = (isset($_POST['addusers'])) ? 'addusers' : request_var('action', '');
- $group_id = request_var('g', 0);
+ $action = (isset($_POST['addusers'])) ? 'addusers' : $request->variable('action', '');
+ $group_id = $request->variable('g', 0);
- include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
+ if (!function_exists('phpbb_get_user_rank'))
+ {
+ include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
+ }
add_form_key('ucp_groups');
@@ -414,7 +434,7 @@ class ucp_groups
$avatar = phpbb_get_group_avatar($group_row, 'GROUP_AVATAR', true);
$template->assign_vars(array(
- 'GROUP_NAME' => ($group_type == GROUP_SPECIAL) ? $user->lang['G_' . $group_name] : $group_name,
+ 'GROUP_NAME' => $group_helper->get_name($group_name),
'GROUP_INTERNAL_NAME' => $group_name,
'GROUP_COLOUR' => (isset($group_row['group_colour'])) ? $group_row['group_colour'] : '',
'GROUP_DESC_DISP' => generate_text_for_display($group_row['group_desc'], $group_row['group_desc_uid'], $group_row['group_desc_bitfield'], $group_row['group_desc_options']),
@@ -447,11 +467,8 @@ class ucp_groups
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
- $file_uploads = (@ini_get('file_uploads') || strtolower(@ini_get('file_uploads')) == 'on') ? true : false;
$user->add_lang(array('acp/groups', 'acp/common'));
- $data = $submit_ary = array();
-
$update = (isset($_POST['update'])) ? true : false;
$error = array();
@@ -499,29 +516,33 @@ class ucp_groups
// Did we submit?
if ($update)
{
- $group_name = utf8_normalize_nfc(request_var('group_name', '', true));
- $group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
- $group_type = request_var('group_type', GROUP_FREE);
+ $group_name = $request->variable('group_name', '', true);
+ $group_desc = $request->variable('group_desc', '', true);
+ $group_type = $request->variable('group_type', GROUP_FREE);
- $allow_desc_bbcode = request_var('desc_parse_bbcode', false);
- $allow_desc_urls = request_var('desc_parse_urls', false);
- $allow_desc_smilies = request_var('desc_parse_smilies', false);
+ $allow_desc_bbcode = $request->variable('desc_parse_bbcode', false);
+ $allow_desc_urls = $request->variable('desc_parse_urls', false);
+ $allow_desc_smilies = $request->variable('desc_parse_smilies', false);
$submit_ary = array(
- 'colour' => request_var('group_colour', ''),
- 'rank' => request_var('group_rank', 0),
+ 'colour' => $request->variable('group_colour', ''),
+ 'rank' => $request->variable('group_rank', 0),
'receive_pm' => isset($_REQUEST['group_receive_pm']) ? 1 : 0,
- 'message_limit' => request_var('group_message_limit', 0),
- 'max_recipients'=> request_var('group_max_recipients', 0),
+ 'message_limit' => $request->variable('group_message_limit', 0),
+ 'max_recipients'=> $request->variable('group_max_recipients', 0),
'legend' => $group_row['group_legend'],
'teampage' => $group_row['group_teampage'],
);
- if ($config['allow_avatar'])
+ if (!check_form_key('ucp_groups'))
+ {
+ $error[] = $user->lang['FORM_INVALID'];
+ }
+
+ if (!count($error) && $config['allow_avatar'])
{
// Handle avatar
$driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
- $config_name = preg_replace('#^avatar\.driver.#', '', $driver_name);
if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete'))
{
@@ -540,11 +561,6 @@ class ucp_groups
$error = array_merge($error, $phpbb_avatar_manager->localize_errors($user, $avatar_error));
}
- if (!check_form_key('ucp_groups'))
- {
- $error[] = $user->lang['FORM_INVALID'];
- }
-
// Validate submitted colour value
if ($colour_error = validate_data($submit_ary, array('colour' => array('hex_colour', true))))
{
@@ -552,7 +568,7 @@ class ucp_groups
$error = array_merge($error, $colour_error);
}
- if (!sizeof($error))
+ if (!count($error))
{
// Only set the rank, colour, etc. if it's changed or if we're adding a new
// group. This prevents existing group members being updated if no changes
@@ -595,7 +611,7 @@ class ucp_groups
}
}
- if (sizeof($error))
+ if (count($error))
{
$error = array_map(array(&$user, 'lang'), $error);
$group_rank = $submit_ary['rank'];
@@ -610,7 +626,6 @@ class ucp_groups
}
else if (!$group_id)
{
- $group_name = utf8_normalize_nfc(request_var('group_name', '', true));
$group_desc_data = array(
'text' => '',
'allow_bbcode' => true,
@@ -694,12 +709,12 @@ class ucp_groups
'S_EDIT' => true,
'S_INCLUDE_SWATCH' => true,
'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"',
- 'S_ERROR' => (sizeof($error)) ? true : false,
+ 'S_ERROR' => (count($error)) ? true : false,
'S_SPECIAL_GROUP' => ($group_type == GROUP_SPECIAL) ? true : false,
'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled),
'S_GROUP_MANAGE' => true,
- 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '',
+ 'ERROR_MSG' => (count($error)) ? implode('<br />', $error) : '',
'GROUP_RECEIVE_PM' => (isset($group_row['group_receive_pm']) && $group_row['group_receive_pm']) ? ' checked="checked"' : '',
'GROUP_MESSAGE_LIMIT' => (isset($group_row['group_message_limit'])) ? $group_row['group_message_limit'] : 0,
'GROUP_MAX_RECIPIENTS' => (isset($group_row['group_max_recipients'])) ? $group_row['group_max_recipients'] : 0,
@@ -747,7 +762,7 @@ class ucp_groups
}
$user->add_lang(array('acp/groups', 'acp/common'));
- $start = request_var('start', 0);
+ $start = $request->variable('start', 0);
// Grab the leaders - always, on every page...
$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_colour, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
@@ -836,6 +851,7 @@ class ucp_groups
$s_action_options .= '<option value="' . $option . '">' . $user->lang['GROUP_' . $lang] . '</option>';
}
+ /* @var $pagination \phpbb\pagination */
$pagination = $phpbb_container->get('pagination');
$base_url = $this->u_action . "&amp;action=$action&amp;g=$group_id";
$start = $pagination->validate_start($start, $config['topics_per_page'], $total_members);
@@ -859,6 +875,11 @@ class ucp_groups
trigger_error($user->lang['NO_GROUP'] . $return_page);
}
+ if (!check_form_key('ucp_groups'))
+ {
+ trigger_error($user->lang('FORM_INVALID') . $return_page);
+ }
+
if (!($row = group_memberships($group_id, $user->data['user_id'])))
{
trigger_error($user->lang['NOT_MEMBER_OF_GROUP'] . $return_page);
@@ -897,11 +918,11 @@ class ucp_groups
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
- $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+ $group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true))
{
- if (!sizeof($mark_ary))
+ if (!count($mark_ary))
{
$start = 0;
@@ -924,7 +945,7 @@ class ucp_groups
group_user_attributes('default', $group_id, $mark_ary, false, $group_row['group_name'], $group_row);
- $start = (sizeof($mark_ary) < 200) ? 0 : $start + 200;
+ $start = (count($mark_ary) < 200) ? 0 : $start + 200;
}
else
{
@@ -976,7 +997,7 @@ class ucp_groups
trigger_error($user->lang['NOT_LEADER_OF_GROUP'] . $return_page);
}
- $group_row['group_name'] = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+ $group_row['group_name'] = $group_helper->get_name($group_row['group_name']);
if (confirm_box(true))
{
@@ -1014,7 +1035,7 @@ class ucp_groups
$user->add_lang(array('acp/groups', 'acp/common'));
- $names = utf8_normalize_nfc(request_var('usernames', '', true));
+ $names = $request->variable('usernames', '', true);
if (!$group_id)
{
@@ -1038,19 +1059,33 @@ class ucp_groups
}
$name_ary = array_unique(explode("\n", $names));
- $group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+ $group_name = $group_helper->get_name($group_row['group_name']);
- $default = request_var('default', 0);
+ $default = $request->variable('default', 0);
if (confirm_box(true))
{
+ $return_manage_page = '<br /><br />' . $language->lang('RETURN_PAGE', '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>');
+
// Add user/s to group
if ($error = group_user_add($group_id, false, $name_ary, $group_name, $default, 0, 0, $group_row))
{
- trigger_error($user->lang[$error] . $return_page);
+ $display_message = $language->lang($error);
+
+ if ($error == 'GROUP_USERS_INVALID')
+ {
+ // Find which users don't exist
+ $actual_name_ary = $name_ary;
+ $actual_user_id_ary = [];
+ user_get_id_name($actual_user_id_ary, $actual_name_ary, false, true);
+
+ $display_message = $language->lang('GROUP_USERS_INVALID', implode($language->lang('COMMA_SEPARATOR'), array_udiff($name_ary, $actual_name_ary, 'strcasecmp')));
+ }
+
+ trigger_error($display_message . $return_manage_page);
}
- trigger_error($user->lang['GROUP_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
+ trigger_error($language->lang('GROUP_USERS_ADDED') . $return_manage_page);
}
else
{
@@ -1063,7 +1098,7 @@ class ucp_groups
'action' => $action
);
- confirm_box(false, $user->lang('GROUP_CONFIRM_ADD_USERS', sizeof($name_ary), implode($user->lang['COMMA_SEPARATOR'], $name_ary)), build_hidden_fields($s_hidden_fields));
+ confirm_box(false, $user->lang('GROUP_CONFIRM_ADD_USERS', count($name_ary), implode($user->lang['COMMA_SEPARATOR'], $name_ary)), build_hidden_fields($s_hidden_fields));
}
trigger_error($user->lang['NO_USERS_ADDED'] . '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '&amp;action=list&amp;g=' . $group_id . '">', '</a>'));
@@ -1084,7 +1119,7 @@ class ucp_groups
while ($value = $db->sql_fetchrow($result))
{
$template->assign_block_vars('leader', array(
- 'GROUP_NAME' => ($value['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $value['group_name']] : $value['group_name'],
+ 'GROUP_NAME' => $group_helper->get_name($value['group_name']),
'GROUP_DESC' => generate_text_for_display($value['group_desc'], $value['group_desc_uid'], $value['group_desc_bitfield'], $value['group_desc_options']),
'GROUP_TYPE' => $value['group_type'],
'GROUP_ID' => $value['group_id'],
generated by cgit v1.2.1 (git 2.21.0) at 2024-06-10 19:10:09 +0000