Blame Identity/Webenv/phpBB/3.0.4/includes/ucp/ucp_zebra.php

ef5584
ef5584
/**
ef5584
*
ef5584
* @package ucp
ef5584
* @version $Id: ucp_zebra.php 8479 2008-03-29 00:22:48Z naderman $
ef5584
* @copyright (c) 2005 phpBB Group
ef5584
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
ef5584
*
ef5584
*/
ef5584
ef5584
/**
ef5584
* @ignore
ef5584
*/
ef5584
if (!defined('IN_PHPBB'))
ef5584
{
ef5584
	exit;
ef5584
}
ef5584
ef5584
/**
ef5584
* ucp_zebra
ef5584
* @package ucp
ef5584
*/
ef5584
class ucp_zebra
ef5584
{
ef5584
	var $u_action;
ef5584
ef5584
	function main($id, $mode)
ef5584
	{
ef5584
		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
ef5584
ef5584
		$submit	= (isset($_POST['submit']) || isset($_GET['add']) || isset($_GET['remove'])) ? true : false;
ef5584
		$s_hidden_fields = '';
ef5584
ef5584
		$l_mode = strtoupper($mode);
ef5584
ef5584
		if ($submit)
ef5584
		{
ef5584
			$data = $error = array();
ef5584
			$updated = false;
ef5584
ef5584
			$var_ary = array(
ef5584
				'usernames'	=> array(0),
ef5584
				'add'		=> '',
ef5584
			);
ef5584
ef5584
			foreach ($var_ary as $var => $default)
ef5584
			{
ef5584
				$data[$var] = request_var($var, $default, true);
ef5584
			}
ef5584
ef5584
			if (!empty($data['add']) || sizeof($data['usernames']))
ef5584
			{
ef5584
				if (confirm_box(true))
ef5584
				{
ef5584
					if ($data['add'])
ef5584
					{
ef5584
						$data['add'] = array_map('trim', array_map('utf8_clean_string', explode("\n", $data['add'])));
ef5584
ef5584
						// Do these name/s exist on a list already? If so, ignore ... we could be
ef5584
						// 'nice' and automatically handle names added to one list present on
ef5584
						// the other (by removing the existing one) ... but I have a feeling this
ef5584
						// may lead to complaints
ef5584
						$sql = 'SELECT z.*, u.username, u.username_clean
ef5584
							FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
ef5584
							WHERE z.user_id = ' . $user->data['user_id'] . '
ef5584
								AND u.user_id = z.zebra_id';
ef5584
						$result = $db->sql_query($sql);
ef5584
ef5584
						$friends = $foes = array();
ef5584
						while ($row = $db->sql_fetchrow($result))
ef5584
						{
ef5584
							if ($row['friend'])
ef5584
							{
ef5584
								$friends[] = utf8_clean_string($row['username']);
ef5584
							}
ef5584
							else
ef5584
							{
ef5584
								$foes[] = utf8_clean_string($row['username']);
ef5584
							}
ef5584
						}
ef5584
						$db->sql_freeresult($result);
ef5584
ef5584
						// remove friends from the username array
ef5584
						$n = sizeof($data['add']);
ef5584
						$data['add'] = array_diff($data['add'], $friends);
ef5584
ef5584
						if (sizeof($data['add']) < $n && $mode == 'foes')
ef5584
						{
ef5584
							$error[] = $user->lang['NOT_ADDED_FOES_FRIENDS'];
ef5584
						}
ef5584
ef5584
						// remove foes from the username array
ef5584
						$n = sizeof($data['add']);
ef5584
						$data['add'] = array_diff($data['add'], $foes);
ef5584
ef5584
						if (sizeof($data['add']) < $n && $mode == 'friends')
ef5584
						{
ef5584
							$error[] = $user->lang['NOT_ADDED_FRIENDS_FOES'];
ef5584
						}
ef5584
ef5584
						// remove the user himself from the username array
ef5584
						$n = sizeof($data['add']);
ef5584
						$data['add'] = array_diff($data['add'], array(utf8_clean_string($user->data['username'])));
ef5584
ef5584
						if (sizeof($data['add']) < $n)
ef5584
						{
ef5584
							$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_SELF'];
ef5584
						}
ef5584
ef5584
						unset($friends, $foes, $n);
ef5584
ef5584
						if (sizeof($data['add']))
ef5584
						{
ef5584
							$sql = 'SELECT user_id, user_type
ef5584
								FROM ' . USERS_TABLE . '
ef5584
								WHERE ' . $db->sql_in_set('username_clean', $data['add']) . '
ef5584
									AND user_type <> ' . USER_INACTIVE;
ef5584
							$result = $db->sql_query($sql);
ef5584
ef5584
							$user_id_ary = array();
ef5584
							while ($row = $db->sql_fetchrow($result))
ef5584
							{
ef5584
								if ($row['user_id'] != ANONYMOUS && $row['user_type'] != USER_IGNORE)
ef5584
								{
ef5584
									$user_id_ary[] = $row['user_id'];
ef5584
								}
ef5584
								else
ef5584
								{
ef5584
									$error[] = $user->lang['NOT_ADDED_' . $l_mode . '_ANONYMOUS'];
ef5584
								}
ef5584
							}
ef5584
							$db->sql_freeresult($result);
ef5584
ef5584
							if (sizeof($user_id_ary))
ef5584
							{
ef5584
								// Remove users from foe list if they are admins or moderators
ef5584
								if ($mode == 'foes')
ef5584
								{
ef5584
									$perms = array();
ef5584
									foreach ($auth->acl_get_list($user_id_ary, array('a_', 'm_')) as $forum_id => $forum_ary)
ef5584
									{
ef5584
										foreach ($forum_ary as $auth_option => $user_ary)
ef5584
										{
ef5584
											$perms = array_merge($perms, $user_ary);
ef5584
										}
ef5584
									}
ef5584
ef5584
									$perms = array_unique($perms);
ef5584
ef5584
									if (sizeof($perms))
ef5584
									{
ef5584
										$error[] = $user->lang['NOT_ADDED_FOES_MOD_ADMIN'];
ef5584
									}
ef5584
ef5584
									// This may not be right ... it may yield true when perms equate to deny
ef5584
									$user_id_ary = array_diff($user_id_ary, $perms);
ef5584
									unset($perms);
ef5584
								}
ef5584
ef5584
								if (sizeof($user_id_ary))
ef5584
								{
ef5584
									$sql_mode = ($mode == 'friends') ? 'friend' : 'foe';
ef5584
ef5584
									$sql_ary = array();
ef5584
									foreach ($user_id_ary as $zebra_id)
ef5584
									{
ef5584
										$sql_ary[] = array(
ef5584
											'user_id'		=> (int) $user->data['user_id'],
ef5584
											'zebra_id'		=> (int) $zebra_id,
ef5584
											$sql_mode		=> 1
ef5584
										);
ef5584
									}
ef5584
ef5584
									$db->sql_multi_insert(ZEBRA_TABLE, $sql_ary);
ef5584
ef5584
									$updated = true;
ef5584
								}
ef5584
								unset($user_id_ary);
ef5584
							}
ef5584
							else if (!sizeof($error))
ef5584
							{
ef5584
								$error[] = $user->lang['USER_NOT_FOUND_OR_INACTIVE'];
ef5584
							}
ef5584
						}
ef5584
					}
ef5584
					else if (sizeof($data['usernames']))
ef5584
					{
ef5584
						// Force integer values
ef5584
						$data['usernames'] = array_map('intval', $data['usernames']);
ef5584
ef5584
						$sql = 'DELETE FROM ' . ZEBRA_TABLE . '
ef5584
							WHERE user_id = ' . $user->data['user_id'] . '
ef5584
								AND ' . $db->sql_in_set('zebra_id', $data['usernames']);
ef5584
						$db->sql_query($sql);
ef5584
ef5584
						$updated = true;
ef5584
					}
ef5584
ef5584
					if ($updated)
ef5584
					{
ef5584
						meta_refresh(3, $this->u_action);
ef5584
						$message = $user->lang[$l_mode . '_UPDATED'] . '
' . implode('
', $error) . ((sizeof($error)) ? '
' : '') . '
' . sprintf($user->lang['RETURN_UCP'], '', '');
ef5584
						trigger_error($message);
ef5584
					}
ef5584
					else
ef5584
					{
ef5584
						$template->assign_var('ERROR', implode('
', $error));
ef5584
					}
ef5584
				}
ef5584
				else
ef5584
				{
ef5584
					confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
ef5584
						'mode'		=> $mode,
ef5584
						'submit'	=> true,
ef5584
						'usernames'	=> $data['usernames'],
ef5584
						'add'		=> $data['add']))
ef5584
					);
ef5584
				}
ef5584
			}
ef5584
		}
ef5584
ef5584
		$sql_and = ($mode == 'friends') ? 'z.friend = 1' : 'z.foe = 1';
ef5584
		$sql = 'SELECT z.*, u.username, u.username_clean
ef5584
			FROM ' . ZEBRA_TABLE . ' z, ' . USERS_TABLE . ' u
ef5584
			WHERE z.user_id = ' . $user->data['user_id'] . "
ef5584
				AND $sql_and
ef5584
				AND u.user_id = z.zebra_id
ef5584
			ORDER BY u.username_clean ASC";
ef5584
		$result = $db->sql_query($sql);
ef5584
ef5584
		$s_username_options = '';
ef5584
		while ($row = $db->sql_fetchrow($result))
ef5584
		{
ef5584
			$s_username_options .= '<option value="' . $row['zebra_id'] . '">' . $row['username'] . '</option>';
ef5584
		}
ef5584
		$db->sql_freeresult($result);
ef5584
ef5584
		$template->assign_vars(array(
ef5584
			'L_TITLE'			=> $user->lang['UCP_ZEBRA_' . $l_mode],
ef5584
ef5584
			'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=add'),
ef5584
ef5584
			'S_USERNAME_OPTIONS'	=> $s_username_options,
ef5584
			'S_HIDDEN_FIELDS'		=> $s_hidden_fields,
ef5584
			'S_UCP_ACTION'			=> $this->u_action)
ef5584
		);
ef5584
ef5584
		$this->tpl_name = 'ucp_zebra_' . $mode;
ef5584
		$this->page_title = 'UCP_ZEBRA_' . $l_mode;
ef5584
	}
ef5584
}
ef5584
ef5584
?>