Blame Extras/phpBB/3.0.4/includes/ucp/ucp_zebra.php

4c79b5
4c79b5
/**
4c79b5
*
4c79b5
* @package ucp
4c79b5
* @version $Id: ucp_zebra.php 8479 2008-03-29 00:22:48Z naderman $
4c79b5
* @copyright (c) 2005 phpBB Group
4c79b5
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
4c79b5
*
4c79b5
*/
4c79b5
4c79b5
/**
4c79b5
* @ignore
4c79b5
*/
4c79b5
if (!defined('IN_PHPBB'))
4c79b5
{
4c79b5
	exit;
4c79b5
}
4c79b5
4c79b5
/**
4c79b5
* ucp_zebra
4c79b5
* @package ucp
4c79b5
*/
4c79b5
class ucp_zebra
4c79b5
{
4c79b5
	var $u_action;
4c79b5
4c79b5
	function main($id, $mode)
4c79b5
	{
4c79b5
		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
4c79b5
4c79b5
		$submit	= (isset($_POST['submit']) || isset($_GET['add']) || isset($_GET['remove'])) ? true : false;
4c79b5
		$s_hidden_fields = '';
4c79b5
4c79b5
		$l_mode = strtoupper($mode);
4c79b5
4c79b5
		if ($submit)
4c79b5
		{
4c79b5
			$data = $error = array();
4c79b5
			$updated = false;
4c79b5
4c79b5
			$var_ary = array(
4c79b5
				'usernames'	=> array(0),
4c79b5
				'add'		=> '',
4c79b5
			);
4c79b5
4c79b5
			foreach ($var_ary as $var => $default)
4c79b5
			{
4c79b5
				$data[$var] = request_var($var, $default, true);
4c79b5
			}
4c79b5
4c79b5
			if (!empty($data['add']) || sizeof($data['usernames']))
4c79b5
			{
4c79b5
				if (confirm_box(true))
4c79b5
				{
4c79b5
					if ($data['add'])
4c79b5
					{
4c79b5
						$data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add'])));
4c79b5
4c79b5
						// Do these name/s exist on a list already? If so, ignore ... we could be
4c79b5
						// 'nice' and automatically handle names added to one list present on
4c79b5
						// the other (by removing the existing one) ... but I have a feeling this
4c79b5
						// may lead to complaints
4c79b5
						$sql = 'SELECT z.*, u.username, u.username_clean
4c79b5
							FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
4c79b5
							WHERE z.user_id = ' . $user->data['user_id'] . '
4c79b5
								AND u.user_id = z.zebra_id';
4c79b5
						$result = $db->sql_query($sql);
4c79b5
4c79b5
						$friends = $foes = array();
4c79b5
						while ($row = $db->sql_fetchrow($result))
4c79b5
						{
4c79b5
							if ($row['friend'])
4c79b5
							{
4c79b5
								$friends[] = utf8_clean_string($row['username']);
4c79b5
							}
4c79b5
							else
4c79b5
							{
4c79b5
								$foes[] = utf8_clean_string($row['username']);
4c79b5
							}
4c79b5
						}
4c79b5
						$db->sql_freeresult($result);
4c79b5
4c79b5
						// remove friends from the username array
4c79b5
						$n = sizeof($data['add']);
4c79b5
						$data['add'] = array_diff($data['add'], $friends);
4c79b5
4c79b5
						if (sizeof($data['add']) < $n && $mode == 'foes')
4c79b5
						{
4c79b5
							$error[] = $user->lang['NOT_ADDED_FOES_FRIENDS'];
4c79b5
						}
4c79b5
4c79b5
						// remove foes from the username array
4c79b5
						$n = sizeof($data['add']);
4c79b5
						$data['add'] = array_diff($data['add'], $foes);
4c79b5
4c79b5
						if (sizeof($data['add']) < $n && $mode == 'friends')
4c79b5
						{
4c79b5
							$error[] = $user->lang['NOT_ADDED_FRIENDS_FOES'];
4c79b5
						}
4c79b5
4c79b5
						// remove the user himself from the username array
4c79b5
						$n = sizeof($data['add']);
4c79b5
						$data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username'])));
4c79b5
4c79b5
						if (sizeof($data['add']) < $n)
4c79b5
						{
4c79b5
							$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF'];
4c79b5
						}
4c79b5
4c79b5
						unset($friends, $foes, $n);
4c79b5
4c79b5
						if (sizeof($data['add']))
4c79b5
						{
4c79b5
							$sql = 'SELECT user_id, user_type
4c79b5
								FROM ' . USERS_TABLE . '
4c79b5
								WHERE ' . $db->sql_in_set('username_clean', $data['add']) . '
4c79b5
									AND user_type <> ' . USER_INACTIVE;
4c79b5
							$result = $db->sql_query($sql);
4c79b5
4c79b5
							$user_id_ary = array();
4c79b5
							while ($row = $db->sql_fetchrow($result))
4c79b5
							{
4c79b5
								if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE)
4c79b5
								{
4c79b5
									$user_id_ary[] = $row['user_id'];
4c79b5
								}
4c79b5
								else
4c79b5
								{
4c79b5
									$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS'];
4c79b5
								}
4c79b5
							}
4c79b5
							$db->sql_freeresult($result);
4c79b5
4c79b5
							if (sizeof($user_id_ary))
4c79b5
							{
4c79b5
								// Remove users from foe list if they are admins or moderators
4c79b5
								if ($mode == 'foes')
4c79b5
								{
4c79b5
									$perms = array();
4c79b5
									foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
4c79b5
									{
4c79b5
										foreach ($forum_ary as $auth_option => $user_ary)
4c79b5
										{
4c79b5
											$perms = array_merge($perms, $user_ary);
4c79b5
										}
4c79b5
									}
4c79b5
4c79b5
									$perms = array_unique($perms);
4c79b5
4c79b5
									if (sizeof($perms))
4c79b5
									{
4c79b5
										$error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN'];
4c79b5
									}
4c79b5
4c79b5
									// This may not be right ... it may yield true when perms equate to deny
4c79b5
									$user_id_ary = array_diff($user_id_ary, $perms);
4c79b5
									unset($perms);
4c79b5
								}
4c79b5
4c79b5
								if (sizeof($user_id_ary))
4c79b5
								{
4c79b5
									$sql_mode = ($mode == 'friends') ? 'friend' : 'foe';
4c79b5
4c79b5
									$sql_ary = array();
4c79b5
									foreach ($user_id_ary as $zebra_id)
4c79b5
									{
4c79b5
										$sql_ary[] = array(
4c79b5
											'user_id'		=> (int) $user->data['user_id'],
4c79b5
											'zebra_id'		=> (int) $zebra_id,
4c79b5
											$sql_mode		=> 1
4c79b5
										);
4c79b5
									}
4c79b5
4c79b5
									$db->sql_multi_insert(ZEBRA_TABLE, $sql_ary);
4c79b5
4c79b5
									$updated = true;
4c79b5
								}
4c79b5
								unset($user_id_ary);
4c79b5
							}
4c79b5
							else if (!sizeof($error))
4c79b5
							{
4c79b5
								$error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE'];
4c79b5
							}
4c79b5
						}
4c79b5
					}
4c79b5
					else if (sizeof($data['usernames']))
4c79b5
					{
4c79b5
						// Force integer values
4c79b5
						$data['usernames'] = array_map('intval', $data['usernames']);
4c79b5
4c79b5
						$sql = 'DELETE FROM ' . ZEBRA_TABLE . '
4c79b5
							WHERE user_id = ' . $user->data['user_id'] . '
4c79b5
								AND ' . $db->sql_in_set('zebra_id', $data['usernames']);
4c79b5
						$db->sql_query($sql);
4c79b5
4c79b5
						$updated = true;
4c79b5
					}
4c79b5
4c79b5
					if ($updated)
4c79b5
					{
4c79b5
						meta_refresh(3, $this->u_action);
4c79b5
						$message = $user->lang[$l_mode . '_UPDATED'] . '
' . implode('
', $error) . ((sizeof($error)) ? '
' : '') . '
' . sprintf($user->lang['RETURN_UCP'], '', '');
4c79b5
						trigger_error($message);
4c79b5
					}
4c79b5
					else
4c79b5
					{
4c79b5
						$template->assign_var('ERROR', implode('
', $error));
4c79b5
					}
4c79b5
				}
4c79b5
				else
4c79b5
				{
4c79b5
					confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
4c79b5
						'mode'		=> $mode,
4c79b5
						'submit'	=> true,
4c79b5
						'usernames'	=> $data['usernames'],
4c79b5
						'add'		=> $data['add']))
4c79b5
					);
4c79b5
				}
4c79b5
			}
4c79b5
		}
4c79b5
4c79b5
		$sql_and = ($mode == 'friends') ? 'z.friend = 1' : 'z.foe = 1';
4c79b5
		$sql = 'SELECT z.*, u.username, u.username_clean
4c79b5
			FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
4c79b5
			WHERE z.user_id = ' . $user->data['user_id'] . "
4c79b5
				AND $sql_and
4c79b5
				AND u.user_id = z.zebra_id
4c79b5
			ORDER BY u.username_clean ASC";
4c79b5
		$result = $db->sql_query($sql);
4c79b5
4c79b5
		$s_username_options = '';
4c79b5
		while ($row = $db->sql_fetchrow($result))
4c79b5
		{
4c79b5
			$s_username_options .= '<option value="' . $row['zebra_id'] . '">' . $row['username'] . '</option>';
4c79b5
		}
4c79b5
		$db->sql_freeresult($result);
4c79b5
4c79b5
		$template->assign_vars(array(
4c79b5
			'L_TITLE'			=> $user->lang['UCP_ZEBRA_' . $l_mode],
4c79b5
4c79b5
			'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add'),
4c79b5
4c79b5
			'S_USERNAME_OPTIONS'	=> $s_username_options,
4c79b5
			'S_HIDDEN_FIELDS'		=> $s_hidden_fields,
4c79b5
			'S_UCP_ACTION'			=> $this->u_action)
4c79b5
		);
4c79b5
4c79b5
		$this->tpl_name = 'ucp_zebra_' . $mode;
4c79b5
		$this->page_title = 'UCP_ZEBRA_' . $l_mode;
4c79b5
	}
4c79b5
}
4c79b5
4c79b5
?>