| Zeile 6 | Zeile 6 |
|---|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* Website: http://mybb.com
* License: http://mybb.com/about/license
*
|
* $Id: admin_permissions.php 5297 2010-12-28 22:01:14Z Tomm $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
| Zeile 82 | Zeile 82 |
|---|
// Log admin action
if($uid < 0)
{
|
// Log admin action
if($uid < 0)
{
|
$query = $db->simple_select("usergroups", "title", "gid='$gid'");
| $gid = abs($uid);
$query = $db->simple_select("usergroups", "title", "gid='{$gid}'");
|
$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
|
$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
|
}
| }
|
elseif($uid == 0)
|
elseif($uid == 0)
|
{
| {
|
// Default
log_admin_action(0, $lang->default);
|
// Default
log_admin_action(0, $lang->default);
|
}
else
{
$user = get_user($uid);
| }
else
{
$user = get_user($uid);
|
log_admin_action($uid, $user['username']);
}
flash_message($lang->success_perms_deleted, 'success');
admin_redirect("index.php?module=user-admin_permissions");
|
log_admin_action($uid, $user['username']);
}
flash_message($lang->success_perms_deleted, 'success');
admin_redirect("index.php?module=user-admin_permissions");
|
}
| }
|
else
{
$page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion);
}
}
|
else
{
$page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion);
}
}
|
|
|
if($mybb->input['action'] == "edit")
{
$plugins->run_hooks("admin_user_admin_permissions_edit");
| if($mybb->input['action'] == "edit")
{
$plugins->run_hooks("admin_user_admin_permissions_edit");
|
| Zeile 117 | Zeile 118 |
|---|
{
$no_access = 0;
foreach($actions as $action => $access)
|
{
$no_access = 0;
foreach($actions as $action => $access)
|
{
| {
|
if($access == 0)
{
++$no_access;
}
|
if($access == 0)
{
++$no_access;
}
|
}
| }
|
// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
}
|
// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
}
|
}
| }
|
// Does an options row exist for this admin already?
$query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'");
$existing_options = $db->fetch_field($query, "existing_options");
| // Does an options row exist for this admin already?
$query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'");
$existing_options = $db->fetch_field($query, "existing_options");
|
| Zeile 152 | Zeile 153 |
|---|
// Log admin action
if($uid > 0)
|
// Log admin action
if($uid > 0)
|
{
| {
|
// Users
$user = get_user($uid);
log_admin_action($uid, $user['username']);
| // Users
$user = get_user($uid);
log_admin_action($uid, $user['username']);
|
| Zeile 161 | Zeile 162 |
|---|
{
// Groups
$gid = abs($uid);
|
{
// Groups
$gid = abs($uid);
|
$query = $db->simple_select("usergroups", "title", "gid='$gid'");
| $query = $db->simple_select("usergroups", "title", "gid='{$gid}'");
|
$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
}
| $group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
}
|
| Zeile 177 | Zeile 178 |
|---|
if($uid > 0)
{
|
if($uid > 0)
{
|
$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (u.usergroup=g.gid)
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");
| switch($db->type)
{
case "pgsql":
case "sqlite":
$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");
break;
default:
$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");
}
|
$admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
$title = $admin['username'];
| $admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
$title = $admin['username'];
|