Rev Author Line No. Line
130 kaklik 1 <?php
2 /***************************************************************************
3 * groupcp.php
4 * -------------------
5 * begin : Saturday, Feb 13, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
8 *
9 * $Id: groupcp.php,v 1.58.2.25 2005/09/17 18:36:48 grahamje Exp $
10 *
11 *
12 ***************************************************************************/
13  
14 /***************************************************************************
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 ***************************************************************************/
22  
23 define('IN_PHPBB', true);
24 $phpbb_root_path = './';
25 include($phpbb_root_path . 'extension.inc');
26 include($phpbb_root_path . 'common.'.$phpEx);
27  
28 // -------------------------
29 //
30 function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$joined, &$poster_avatar, &$profile_img, &$profile, &$search_img, &$search, &$pm_img, &$pm, &$email_img, &$email, &$www_img, &$www, &$icq_status_img, &$icq_img, &$icq, &$aim_img, &$aim, &$msn_img, &$msn, &$yim_img, &$yim)
31 {
32 global $lang, $images, $board_config, $phpEx;
33  
34 $from = ( !empty($row['user_from']) ) ? $row['user_from'] : '&nbsp;';
35 $joined = create_date($date_format, $row['user_regdate'], $board_config['board_timezone']);
36 $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
37  
38 $poster_avatar = '';
39 if ( $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] )
40 {
41 switch( $row['user_avatar_type'] )
42 {
43 case USER_AVATAR_UPLOAD:
44 $poster_avatar = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
45 break;
46 case USER_AVATAR_REMOTE:
47 $poster_avatar = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $row['user_avatar'] . '" alt="" border="0" />' : '';
48 break;
49 case USER_AVATAR_GALLERY:
50 $poster_avatar = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
51 break;
52 }
53 }
54  
55 if ( !empty($row['user_viewemail']) || $group_mod )
56 {
57 $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $row['user_id']) : 'mailto:' . $row['user_email'];
58  
59 $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
60 $email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
61 }
62 else
63 {
64 $email_img = '&nbsp;';
65 $email = '&nbsp;';
66 }
67  
68 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
69 $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
70 $profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
71  
72 $temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=" . $row['user_id']);
73 $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
74 $pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
75  
76 $www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '';
77 $www = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
78  
79 if ( !empty($row['user_icq']) )
80 {
81 $icq_status_img = '<a href="http://wwp.icq.com/' . $row['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $row['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
82 $icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
83 $icq = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . $lang['ICQ'] . '</a>';
84 }
85 else
86 {
87 $icq_status_img = '';
88 $icq_img = '';
89 $icq = '';
90 }
91  
92 $aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
93 $aim = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
94  
95 $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
96 $msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
97 $msn = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
98  
99 $yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
100 $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
101  
102 $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
103 $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
104 $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';
105  
106 return;
107 }
108 //
109 // --------------------------
110  
111 //
112 // Start session management
113 //
114 $userdata = session_pagestart($user_ip, PAGE_GROUPCP);
115 init_userprefs($userdata);
116 //
117 // End session management
118 //
119  
120 $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
121 $script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx;
122 $server_name = trim($board_config['server_name']);
123 $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
124 $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
125  
126 $server_url = $server_protocol . $server_name . $server_port . $script_name;
127  
128 if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
129 {
130 $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
131 }
132 else
133 {
134 $group_id = '';
135 }
136  
137 if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
138 {
139 $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
140 $mode = htmlspecialchars($mode);
141 }
142 else
143 {
144 $mode = '';
145 }
146  
147 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
148 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
149  
150 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
151  
152 //
153 // Default var values
154 //
155 $is_moderator = FALSE;
156  
157 if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
158 {
159 if ( !$userdata['session_logged_in'] )
160 {
161 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
162 }
163  
164 $sql = "SELECT group_moderator
165 FROM " . GROUPS_TABLE . "
166 WHERE group_id = $group_id";
167 if ( !($result = $db->sql_query($sql)) )
168 {
169 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
170 }
171  
172 $row = $db->sql_fetchrow($result);
173  
174 if ( $row['group_moderator'] != $userdata['user_id'] && $userdata['user_level'] != ADMIN )
175 {
176 $template->assign_vars(array(
177 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
178 );
179  
180 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
181  
182 message_die(GENERAL_MESSAGE, $message);
183 }
184  
185 $sql = "UPDATE " . GROUPS_TABLE . "
186 SET group_type = " . intval($HTTP_POST_VARS['group_type']) . "
187 WHERE group_id = $group_id";
188 if ( !($result = $db->sql_query($sql)) )
189 {
190 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
191 }
192  
193 $template->assign_vars(array(
194 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
195 );
196  
197 $message = $lang['Group_type_updated'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
198  
199 message_die(GENERAL_MESSAGE, $message);
200  
201 }
202 else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
203 {
204 //
205 // First, joining a group
206 // If the user isn't logged in redirect them to login
207 //
208 if ( !$userdata['session_logged_in'] )
209 {
210 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
211 }
212  
213 $sql = "SELECT ug.user_id, g.group_type
214 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
215 WHERE g.group_id = $group_id
216 AND g.group_type <> " . GROUP_HIDDEN . "
217 AND ug.group_id = g.group_id";
218 if ( !($result = $db->sql_query($sql)) )
219 {
220 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
221 }
222  
223 if ( $row = $db->sql_fetchrow($result) )
224 {
225 if ( $row['group_type'] == GROUP_OPEN )
226 {
227 do
228 {
229 if ( $userdata['user_id'] == $row['user_id'] )
230 {
231 $template->assign_vars(array(
232 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
233 );
234  
235 $message = $lang['Already_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
236  
237 message_die(GENERAL_MESSAGE, $message);
238 }
239 } while ( $row = $db->sql_fetchrow($result) );
240 }
241 else
242 {
243 $template->assign_vars(array(
244 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
245 );
246  
247 $message = $lang['This_closed_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
248  
249 message_die(GENERAL_MESSAGE, $message);
250 }
251 }
252 else
253 {
254 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
255 }
256  
257 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
258 VALUES ($group_id, " . $userdata['user_id'] . ", 1)";
259 if ( !($result = $db->sql_query($sql)) )
260 {
261 message_die(GENERAL_ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql);
262 }
263  
264 $sql = "SELECT u.user_email, u.username, u.user_lang, g.group_name
265 FROM ".USERS_TABLE . " u, " . GROUPS_TABLE . " g
266 WHERE u.user_id = g.group_moderator
267 AND g.group_id = $group_id";
268 if ( !($result = $db->sql_query($sql)) )
269 {
270 message_die(GENERAL_ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql);
271 }
272  
273 $moderator = $db->sql_fetchrow($result);
274  
275 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
276 $emailer = new emailer($board_config['smtp_delivery']);
277  
278 $emailer->from($board_config['board_email']);
279 $emailer->replyto($board_config['board_email']);
280  
281 $emailer->use_template('group_request', $moderator['user_lang']);
282 $emailer->email_address($moderator['user_email']);
283 $emailer->set_subject($lang['Group_request']);
284  
285 $emailer->assign_vars(array(
286 'SITENAME' => $board_config['sitename'],
287 'GROUP_MODERATOR' => $moderator['username'],
288 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
289  
290 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id&validate=true")
291 );
292 $emailer->send();
293 $emailer->reset();
294  
295 $template->assign_vars(array(
296 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
297 );
298  
299 $message = $lang['Group_joined'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
300  
301 message_die(GENERAL_MESSAGE, $message);
302 }
303 else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending']) && $group_id )
304 {
305 //
306 // Second, unsubscribing from a group
307 // Check for confirmation of unsub.
308 //
309 if ( $cancel )
310 {
311 redirect(append_sid("groupcp.$phpEx", true));
312 }
313 elseif ( !$userdata['session_logged_in'] )
314 {
315 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
316 }
317  
318 if ( $confirm )
319 {
320 $sql = "DELETE FROM " . USER_GROUP_TABLE . "
321 WHERE user_id = " . $userdata['user_id'] . "
322 AND group_id = $group_id";
323 if ( !($result = $db->sql_query($sql)) )
324 {
325 message_die(GENERAL_ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql);
326 }
327  
328 if ( $userdata['user_level'] != ADMIN && $userdata['user_level'] == MOD )
329 {
330 $sql = "SELECT COUNT(auth_mod) AS is_auth_mod
331 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
332 WHERE ug.user_id = " . $userdata['user_id'] . "
333 AND aa.group_id = ug.group_id
334 AND aa.auth_mod = 1";
335 if ( !($result = $db->sql_query($sql)) )
336 {
337 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
338 }
339  
340 if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
341 {
342 $sql = "UPDATE " . USERS_TABLE . "
343 SET user_level = " . USER . "
344 WHERE user_id = " . $userdata['user_id'];
345 if ( !($result = $db->sql_query($sql)) )
346 {
347 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
348 }
349 }
350 }
351  
352 $template->assign_vars(array(
353 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
354 );
355  
356 $message = $lang['Unsub_success'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
357  
358 message_die(GENERAL_MESSAGE, $message);
359 }
360 else
361 {
362 $unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
363  
364 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
365  
366 $page_title = $lang['Group_Control_Panel'];
367 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
368  
369 $template->set_filenames(array(
370 'confirm' => 'confirm_body.tpl')
371 );
372  
373 $template->assign_vars(array(
374 'MESSAGE_TITLE' => $lang['Confirm'],
375 'MESSAGE_TEXT' => $unsub_msg,
376 'L_YES' => $lang['Yes'],
377 'L_NO' => $lang['No'],
378 'S_CONFIRM_ACTION' => append_sid("groupcp.$phpEx"),
379 'S_HIDDEN_FIELDS' => $s_hidden_fields)
380 );
381  
382 $template->pparse('confirm');
383  
384 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
385 }
386  
387 }
388 else if ( $group_id )
389 {
390 //
391 // Did the group moderator get here through an email?
392 // If so, check to see if they are logged in.
393 //
394 if ( isset($HTTP_GET_VARS['validate']) )
395 {
396 if ( !$userdata['session_logged_in'] )
397 {
398 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
399 }
400 }
401  
402 //
403 // For security, get the ID of the group moderator.
404 //
405 switch(SQL_LAYER)
406 {
407 case 'postgresql':
408 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
409 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
410 WHERE g.group_id = $group_id
411 AND aa.group_id = g.group_id
412 UNION (
413 SELECT g.group_moderator, g.group_type, NULL
414 FROM " . GROUPS_TABLE . " g
415 WHERE g.group_id = $group_id
416 AND NOT EXISTS (
417 SELECT aa.group_id
418 FROM " . AUTH_ACCESS_TABLE . " aa
419 WHERE aa.group_id = g.group_id
420 )
421 )";
422 break;
423  
424 case 'oracle':
425 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
426 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
427 WHERE g.group_id = $group_id
428 AND aa.group_id (+) = g.group_id";
429 break;
430  
431 default:
432 $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
433 FROM ( " . GROUPS_TABLE . " g
434 LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
435 WHERE g.group_id = $group_id";
436 break;
437 }
438 if ( !($result = $db->sql_query($sql)) )
439 {
440 message_die(GENERAL_ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql);
441 }
442  
443 if ( $group_info = $db->sql_fetchrow($result) )
444 {
445 $group_moderator = $group_info['group_moderator'];
446  
447 if ( $group_moderator == $userdata['user_id'] || $userdata['user_level'] == ADMIN )
448 {
449 $is_moderator = TRUE;
450 }
451  
452 //
453 // Handle Additions, removals, approvals and denials
454 //
455 if ( !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['remove']) || isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) )
456 {
457 if ( !$userdata['session_logged_in'] )
458 {
459 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
460 }
461  
462 if ( !$is_moderator )
463 {
464 $template->assign_vars(array(
465 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
466 );
467  
468 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
469  
470 message_die(GENERAL_MESSAGE, $message);
471 }
472  
473 if ( isset($HTTP_POST_VARS['add']) )
474 {
475 $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
476  
477 $sql = "SELECT user_id, user_email, user_lang, user_level
478 FROM " . USERS_TABLE . "
479 WHERE username = '" . str_replace("\'", "''", $username) . "'";
480 if ( !($result = $db->sql_query($sql)) )
481 {
482 message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql);
483 }
484  
485 if ( !($row = $db->sql_fetchrow($result)) )
486 {
487 $template->assign_vars(array(
488 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
489 );
490  
491 $message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>");
492  
493 message_die(GENERAL_MESSAGE, $message);
494 }
495  
496 if ( $row['user_id'] == ANONYMOUS )
497 {
498 $template->assign_vars(array(
499 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
500 );
501  
502 $message = $lang['Could_not_anon_user'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
503  
504 message_die(GENERAL_MESSAGE, $message);
505 }
506  
507 $sql = "SELECT ug.user_id, u.user_level
508 FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
509 WHERE u.user_id = " . $row['user_id'] . "
510 AND ug.user_id = u.user_id
511 AND ug.group_id = $group_id";
512 if ( !($result = $db->sql_query($sql)) )
513 {
514 message_die(GENERAL_ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql);
515 }
516  
517 if ( !($db->sql_fetchrow($result)) )
518 {
519 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
520 VALUES (" . $row['user_id'] . ", $group_id, 0)";
521 if ( !$db->sql_query($sql) )
522 {
523 message_die(GENERAL_ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql);
524 }
525  
526 if ( $row['user_level'] != ADMIN && $row['user_level'] != MOD && $group_info['auth_mod'] )
527 {
528 $sql = "UPDATE " . USERS_TABLE . "
529 SET user_level = " . MOD . "
530 WHERE user_id = " . $row['user_id'];
531 if ( !$db->sql_query($sql) )
532 {
533 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
534 }
535 }
536  
537 //
538 // Get the group name
539 // Email the user and tell them they're in the group
540 //
541 $group_sql = "SELECT group_name
542 FROM " . GROUPS_TABLE . "
543 WHERE group_id = $group_id";
544 if ( !($result = $db->sql_query($group_sql)) )
545 {
546 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
547 }
548  
549 $group_name_row = $db->sql_fetchrow($result);
550  
551 $group_name = $group_name_row['group_name'];
552  
553 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
554 $emailer = new emailer($board_config['smtp_delivery']);
555  
556 $emailer->from($board_config['board_email']);
557 $emailer->replyto($board_config['board_email']);
558  
559 $emailer->use_template('group_added', $row['user_lang']);
560 $emailer->email_address($row['user_email']);
561 $emailer->set_subject($lang['Group_added']);
562  
563 $emailer->assign_vars(array(
564 'SITENAME' => $board_config['sitename'],
565 'GROUP_NAME' => $group_name,
566 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
567  
568 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
569 );
570 $emailer->send();
571 $emailer->reset();
572 }
573 else
574 {
575 $template->assign_vars(array(
576 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
577 );
578  
579 $message = $lang['User_is_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
580  
581 message_die(GENERAL_MESSAGE, $message);
582 }
583 }
584 else
585 {
586 if ( ( ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) && isset($HTTP_POST_VARS['pending_members']) ) || ( isset($HTTP_POST_VARS['remove']) && isset($HTTP_POST_VARS['members']) ) )
587 {
588  
589 $members = ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) ? $HTTP_POST_VARS['pending_members'] : $HTTP_POST_VARS['members'];
590  
591 $sql_in = '';
592 for($i = 0; $i < count($members); $i++)
593 {
594 $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
595 }
596  
597 if ( isset($HTTP_POST_VARS['approve']) )
598 {
599 if ( $group_info['auth_mod'] )
600 {
601 $sql = "UPDATE " . USERS_TABLE . "
602 SET user_level = " . MOD . "
603 WHERE user_id IN ($sql_in)
604 AND user_level NOT IN (" . MOD . ", " . ADMIN . ")";
605 if ( !$db->sql_query($sql) )
606 {
607 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
608 }
609 }
610  
611 $sql = "UPDATE " . USER_GROUP_TABLE . "
612 SET user_pending = 0
613 WHERE user_id IN ($sql_in)
614 AND group_id = $group_id";
615 $sql_select = "SELECT user_email
616 FROM ". USERS_TABLE . "
617 WHERE user_id IN ($sql_in)";
618 }
619 else if ( isset($HTTP_POST_VARS['deny']) || isset($HTTP_POST_VARS['remove']) )
620 {
621 if ( $group_info['auth_mod'] )
622 {
623 $sql = "SELECT ug.user_id, ug.group_id
624 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
625 WHERE ug.user_id IN ($sql_in)
626 AND aa.group_id = ug.group_id
627 AND aa.auth_mod = 1
628 GROUP BY ug.user_id, ug.group_id
629 ORDER BY ug.user_id, ug.group_id";
630 if ( !($result = $db->sql_query($sql)) )
631 {
632 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
633 }
634  
635 if ( $row = $db->sql_fetchrow($result) )
636 {
637 $group_check = array();
638 $remove_mod_sql = '';
639  
640 do
641 {
642 $group_check[$row['user_id']][] = $row['group_id'];
643 }
644 while ( $row = $db->sql_fetchrow($result) );
645  
646 while( list($user_id, $group_list) = @each($group_check) )
647 {
648 if ( count($group_list) == 1 )
649 {
650 $remove_mod_sql .= ( ( $remove_mod_sql != '' ) ? ', ' : '' ) . $user_id;
651 }
652 }
653  
654 if ( $remove_mod_sql != '' )
655 {
656 $sql = "UPDATE " . USERS_TABLE . "
657 SET user_level = " . USER . "
658 WHERE user_id IN ($remove_mod_sql)
659 AND user_level NOT IN (" . ADMIN . ")";
660 if ( !$db->sql_query($sql) )
661 {
662 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
663 }
664 }
665 }
666 }
667  
668 $sql = "DELETE FROM " . USER_GROUP_TABLE . "
669 WHERE user_id IN ($sql_in)
670 AND group_id = $group_id";
671 }
672  
673 if ( !$db->sql_query($sql) )
674 {
675 message_die(GENERAL_ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql);
676 }
677  
678 //
679 // Email users when they are approved
680 //
681 if ( isset($HTTP_POST_VARS['approve']) )
682 {
683 if ( !($result = $db->sql_query($sql_select)) )
684 {
685 message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
686 }
687  
688 $bcc_list = array();
689 while ($row = $db->sql_fetchrow($result))
690 {
691 $bcc_list[] = $row['user_email'];
692 }
693  
694 //
695 // Get the group name
696 //
697 $group_sql = "SELECT group_name
698 FROM " . GROUPS_TABLE . "
699 WHERE group_id = $group_id";
700 if ( !($result = $db->sql_query($group_sql)) )
701 {
702 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
703 }
704  
705 $group_name_row = $db->sql_fetchrow($result);
706 $group_name = $group_name_row['group_name'];
707  
708 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
709 $emailer = new emailer($board_config['smtp_delivery']);
710  
711 $emailer->from($board_config['board_email']);
712 $emailer->replyto($board_config['board_email']);
713  
714 for ($i = 0; $i < count($bcc_list); $i++)
715 {
716 $emailer->bcc($bcc_list[$i]);
717 }
718  
719 $emailer->use_template('group_approved');
720 $emailer->set_subject($lang['Group_approved']);
721  
722 $emailer->assign_vars(array(
723 'SITENAME' => $board_config['sitename'],
724 'GROUP_NAME' => $group_name,
725 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
726  
727 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
728 );
729 $emailer->send();
730 $emailer->reset();
731 }
732 }
733 }
734 }
735 //
736 // END approve or deny
737 //
738 }
739 else
740 {
741 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
742 }
743  
744 //
745 // Get group details
746 //
747 $sql = "SELECT *
748 FROM " . GROUPS_TABLE . "
749 WHERE group_id = $group_id
750 AND group_single_user = 0";
751 if ( !($result = $db->sql_query($sql)) )
752 {
753 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
754 }
755  
756 if ( !($group_info = $db->sql_fetchrow($result)) )
757 {
758 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']);
759 }
760  
761 //
762 // Get moderator details for this group
763 //
764 $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm
765 FROM " . USERS_TABLE . "
766 WHERE user_id = " . $group_info['group_moderator'];
767 if ( !($result = $db->sql_query($sql)) )
768 {
769 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
770 }
771  
772 $group_moderator = $db->sql_fetchrow($result);
773  
774 //
775 // Get user information for this group
776 //
777 $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, ug.user_pending
778 FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
779 WHERE ug.group_id = $group_id
780 AND u.user_id = ug.user_id
781 AND ug.user_pending = 0
782 AND ug.user_id <> " . $group_moderator['user_id'] . "
783 ORDER BY u.username";
784 if ( !($result = $db->sql_query($sql)) )
785 {
786 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
787 }
788  
789 $group_members = $db->sql_fetchrowset($result);
790 $members_count = count($group_members);
791 $db->sql_freeresult($result);
792  
793 $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm
794 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
795 WHERE ug.group_id = $group_id
796 AND g.group_id = ug.group_id
797 AND ug.user_pending = 1
798 AND u.user_id = ug.user_id
799 ORDER BY u.username";
800 if ( !($result = $db->sql_query($sql)) )
801 {
802 message_die(GENERAL_ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql);
803 }
804  
805 $modgroup_pending_list = $db->sql_fetchrowset($result);
806 $modgroup_pending_count = count($modgroup_pending_list);
807 $db->sql_freeresult($result);
808  
809 $is_group_member = 0;
810 if ( $members_count )
811 {
812 for($i = 0; $i < $members_count; $i++)
813 {
814 if ( $group_members[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
815 {
816 $is_group_member = TRUE;
817 }
818 }
819 }
820  
821 $is_group_pending_member = 0;
822 if ( $modgroup_pending_count )
823 {
824 for($i = 0; $i < $modgroup_pending_count; $i++)
825 {
826 if ( $modgroup_pending_list[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
827 {
828 $is_group_pending_member = TRUE;
829 }
830 }
831 }
832  
833 if ( $userdata['user_level'] == ADMIN )
834 {
835 $is_moderator = TRUE;
836 }
837  
838 if ( $userdata['user_id'] == $group_info['group_moderator'] )
839 {
840 $is_moderator = TRUE;
841  
842 $group_details = $lang['Are_group_moderator'];
843  
844 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
845 }
846 else if ( $is_group_member || $is_group_pending_member )
847 {
848 $template->assign_block_vars('switch_unsubscribe_group_input', array());
849  
850 $group_details = ( $is_group_pending_member ) ? $lang['Pending_this_group'] : $lang['Member_this_group'];
851  
852 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
853 }
854 else if ( $userdata['user_id'] == ANONYMOUS )
855 {
856 $group_details = $lang['Login_to_join'];
857 $s_hidden_fields = '';
858 }
859 else
860 {
861 if ( $group_info['group_type'] == GROUP_OPEN )
862 {
863 $template->assign_block_vars('switch_subscribe_group_input', array());
864  
865 $group_details = $lang['This_open_group'];
866 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
867 }
868 else if ( $group_info['group_type'] == GROUP_CLOSED )
869 {
870 $group_details = $lang['This_closed_group'];
871 $s_hidden_fields = '';
872 }
873 else if ( $group_info['group_type'] == GROUP_HIDDEN )
874 {
875 $group_details = $lang['This_hidden_group'];
876 $s_hidden_fields = '';
877 }
878 }
879  
880 $page_title = $lang['Group_Control_Panel'];
881 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
882  
883 //
884 // Load templates
885 //
886 $template->set_filenames(array(
887 'info' => 'groupcp_info_body.tpl',
888 'pendinginfo' => 'groupcp_pending_info.tpl')
889 );
890 make_jumpbox('viewforum.'.$phpEx);
891  
892 //
893 // Add the moderator
894 //
895 $username = $group_moderator['username'];
896 $user_id = $group_moderator['user_id'];
897  
898 generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
899  
900 $s_hidden_fields .= '';
901  
902 $template->assign_vars(array(
903 'L_GROUP_INFORMATION' => $lang['Group_Information'],
904 'L_GROUP_NAME' => $lang['Group_name'],
905 'L_GROUP_DESC' => $lang['Group_description'],
906 'L_GROUP_TYPE' => $lang['Group_type'],
907 'L_GROUP_MEMBERSHIP' => $lang['Group_membership'],
908 'L_SUBSCRIBE' => $lang['Subscribe'],
909 'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
910 'L_JOIN_GROUP' => $lang['Join_group'],
911 'L_UNSUBSCRIBE_GROUP' => $lang['Unsubscribe'],
912 'L_GROUP_OPEN' => $lang['Group_open'],
913 'L_GROUP_CLOSED' => $lang['Group_closed'],
914 'L_GROUP_HIDDEN' => $lang['Group_hidden'],
915 'L_UPDATE' => $lang['Update'],
916 'L_GROUP_MODERATOR' => $lang['Group_Moderator'],
917 'L_GROUP_MEMBERS' => $lang['Group_Members'],
918 'L_PENDING_MEMBERS' => $lang['Pending_members'],
919 'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'],
920 'L_PM' => $lang['Private_Message'],
921 'L_EMAIL' => $lang['Email'],
922 'L_POSTS' => $lang['Posts'],
923 'L_WEBSITE' => $lang['Website'],
924 'L_FROM' => $lang['Location'],
925 'L_ORDER' => $lang['Order'],
926 'L_SORT' => $lang['Sort'],
927 'L_SUBMIT' => $lang['Sort'],
928 'L_AIM' => $lang['AIM'],
929 'L_YIM' => $lang['YIM'],
930 'L_MSNM' => $lang['MSNM'],
931 'L_ICQ' => $lang['ICQ'],
932 'L_SELECT' => $lang['Select'],
933 'L_REMOVE_SELECTED' => $lang['Remove_selected'],
934 'L_ADD_MEMBER' => $lang['Add_member'],
935 'L_FIND_USERNAME' => $lang['Find_username'],
936  
937 'GROUP_NAME' => $group_info['group_name'],
938 'GROUP_DESC' => $group_info['group_description'],
939 'GROUP_DETAILS' => $group_details,
940 'MOD_ROW_COLOR' => '#' . $theme['td_color1'],
941 'MOD_ROW_CLASS' => $theme['td_class1'],
942 'MOD_USERNAME' => $username,
943 'MOD_FROM' => $from,
944 'MOD_JOINED' => $joined,
945 'MOD_POSTS' => $posts,
946 'MOD_AVATAR_IMG' => $poster_avatar,
947 'MOD_PROFILE_IMG' => $profile_img,
948 'MOD_PROFILE' => $profile,
949 'MOD_SEARCH_IMG' => $search_img,
950 'MOD_SEARCH' => $search,
951 'MOD_PM_IMG' => $pm_img,
952 'MOD_PM' => $pm,
953 'MOD_EMAIL_IMG' => $email_img,
954 'MOD_EMAIL' => $email,
955 'MOD_WWW_IMG' => $www_img,
956 'MOD_WWW' => $www,
957 'MOD_ICQ_STATUS_IMG' => $icq_status_img,
958 'MOD_ICQ_IMG' => $icq_img,
959 'MOD_ICQ' => $icq,
960 'MOD_AIM_IMG' => $aim_img,
961 'MOD_AIM' => $aim,
962 'MOD_MSN_IMG' => $msn_img,
963 'MOD_MSN' => $msn,
964 'MOD_YIM_IMG' => $yim_img,
965 'MOD_YIM' => $yim,
966  
967 'U_MOD_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"),
968 'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser"),
969  
970 'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
971 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
972 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
973 'S_GROUP_OPEN_CHECKED' => ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '',
974 'S_GROUP_CLOSED_CHECKED' => ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '',
975 'S_GROUP_HIDDEN_CHECKED' => ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '',
976 'S_HIDDEN_FIELDS' => $s_hidden_fields,
977 'S_MODE_SELECT' => $select_sort_mode,
978 'S_ORDER_SELECT' => $select_sort_order,
979 'S_GROUPCP_ACTION' => append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id"))
980 );
981  
982 //
983 // Dump out the remaining users
984 //
985 for($i = $start; $i < min($board_config['topics_per_page'] + $start, $members_count); $i++)
986 {
987 $username = $group_members[$i]['username'];
988 $user_id = $group_members[$i]['user_id'];
989  
990 generate_user_info($group_members[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
991  
992 if ( $group_info['group_type'] != GROUP_HIDDEN || $is_group_member || $is_moderator )
993 {
994 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
995 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
996  
997 $template->assign_block_vars('member_row', array(
998 'ROW_COLOR' => '#' . $row_color,
999 'ROW_CLASS' => $row_class,
1000 'USERNAME' => $username,
1001 'FROM' => $from,
1002 'JOINED' => $joined,
1003 'POSTS' => $posts,
1004 'USER_ID' => $user_id,
1005 'AVATAR_IMG' => $poster_avatar,
1006 'PROFILE_IMG' => $profile_img,
1007 'PROFILE' => $profile,
1008 'SEARCH_IMG' => $search_img,
1009 'SEARCH' => $search,
1010 'PM_IMG' => $pm_img,
1011 'PM' => $pm,
1012 'EMAIL_IMG' => $email_img,
1013 'EMAIL' => $email,
1014 'WWW_IMG' => $www_img,
1015 'WWW' => $www,
1016 'ICQ_STATUS_IMG' => $icq_status_img,
1017 'ICQ_IMG' => $icq_img,
1018 'ICQ' => $icq,
1019 'AIM_IMG' => $aim_img,
1020 'AIM' => $aim,
1021 'MSN_IMG' => $msn_img,
1022 'MSN' => $msn,
1023 'YIM_IMG' => $yim_img,
1024 'YIM' => $yim,
1025  
1026 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1027 );
1028  
1029 if ( $is_moderator )
1030 {
1031 $template->assign_block_vars('member_row.switch_mod_option', array());
1032 }
1033 }
1034 }
1035  
1036 if ( !$members_count )
1037 {
1038 //
1039 // No group members
1040 //
1041 $template->assign_block_vars('switch_no_members', array());
1042 $template->assign_vars(array(
1043 'L_NO_MEMBERS' => $lang['No_group_members'])
1044 );
1045 }
1046  
1047 $current_page = ( !$members_count ) ? 1 : ceil( $members_count / $board_config['topics_per_page'] );
1048  
1049 $template->assign_vars(array(
1050 'PAGINATION' => generate_pagination("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id", $members_count, $board_config['topics_per_page'], $start),
1051 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), $current_page ),
1052  
1053 'L_GOTO_PAGE' => $lang['Goto_page'])
1054 );
1055  
1056 if ( $group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator )
1057 {
1058 //
1059 // No group members
1060 //
1061 $template->assign_block_vars('switch_hidden_group', array());
1062 $template->assign_vars(array(
1063 'L_HIDDEN_MEMBERS' => $lang['Group_hidden_members'])
1064 );
1065 }
1066  
1067 //
1068 // We've displayed the members who belong to the group, now we
1069 // do that pending memebers...
1070 //
1071 if ( $is_moderator )
1072 {
1073 //
1074 // Users pending in ONLY THIS GROUP (which is moderated by this user)
1075 //
1076 if ( $modgroup_pending_count )
1077 {
1078 for($i = 0; $i < $modgroup_pending_count; $i++)
1079 {
1080 $username = $modgroup_pending_list[$i]['username'];
1081 $user_id = $modgroup_pending_list[$i]['user_id'];
1082  
1083 generate_user_info($modgroup_pending_list[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
1084  
1085 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
1086 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
1087  
1088 $user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">';
1089  
1090 $template->assign_block_vars('pending_members_row', array(
1091 'ROW_CLASS' => $row_class,
1092 'ROW_COLOR' => '#' . $row_color,
1093 'USERNAME' => $username,
1094 'FROM' => $from,
1095 'JOINED' => $joined,
1096 'POSTS' => $posts,
1097 'USER_ID' => $user_id,
1098 'AVATAR_IMG' => $poster_avatar,
1099 'PROFILE_IMG' => $profile_img,
1100 'PROFILE' => $profile,
1101 'SEARCH_IMG' => $search_img,
1102 'SEARCH' => $search,
1103 'PM_IMG' => $pm_img,
1104 'PM' => $pm,
1105 'EMAIL_IMG' => $email_img,
1106 'EMAIL' => $email,
1107 'WWW_IMG' => $www_img,
1108 'WWW' => $www,
1109 'ICQ_STATUS_IMG' => $icq_status_img,
1110 'ICQ_IMG' => $icq_img,
1111 'ICQ' => $icq,
1112 'AIM_IMG' => $aim_img,
1113 'AIM' => $aim,
1114 'MSN_IMG' => $msn_img,
1115 'MSN' => $msn,
1116 'YIM_IMG' => $yim_img,
1117 'YIM' => $yim,
1118  
1119 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1120 );
1121 }
1122  
1123 $template->assign_block_vars('switch_pending_members', array() );
1124  
1125 $template->assign_vars(array(
1126 'L_SELECT' => $lang['Select'],
1127 'L_APPROVE_SELECTED' => $lang['Approve_selected'],
1128 'L_DENY_SELECTED' => $lang['Deny_selected'])
1129 );
1130  
1131 $template->assign_var_from_handle('PENDING_USER_BOX', 'pendinginfo');
1132  
1133 }
1134 }
1135  
1136 if ( $is_moderator )
1137 {
1138 $template->assign_block_vars('switch_mod_option', array());
1139 $template->assign_block_vars('switch_add_member', array());
1140 }
1141  
1142 $template->pparse('info');
1143 }
1144 else
1145 {
1146 //
1147 // Show the main groupcp.php screen where the user can select a group.
1148 //
1149 // Select all group that the user is a member of or where the user has
1150 // a pending membership.
1151 //
1152 $in_group = array();
1153  
1154 if ( $userdata['session_logged_in'] )
1155 {
1156 $sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending
1157 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
1158 WHERE ug.user_id = " . $userdata['user_id'] . "
1159 AND ug.group_id = g.group_id
1160 AND g.group_single_user <> " . TRUE . "
1161 ORDER BY g.group_name, ug.user_id";
1162 if ( !($result = $db->sql_query($sql)) )
1163 {
1164 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1165 }
1166  
1167 if ( $row = $db->sql_fetchrow($result) )
1168 {
1169 $in_group = array();
1170 $s_member_groups_opt = '';
1171 $s_pending_groups_opt = '';
1172  
1173 do
1174 {
1175 $in_group[] = $row['group_id'];
1176 if ( $row['user_pending'] )
1177 {
1178 $s_pending_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1179 }
1180 else
1181 {
1182 $s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1183 }
1184 }
1185 while( $row = $db->sql_fetchrow($result) );
1186  
1187 $s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>";
1188 $s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>";
1189 }
1190 }
1191  
1192 //
1193 // Select all other groups i.e. groups that this user is not a member of
1194 //
1195 $ignore_group_sql = ( count($in_group) ) ? "AND group_id NOT IN (" . implode(', ', $in_group) . ")" : '';
1196 $sql = "SELECT group_id, group_name, group_type
1197 FROM " . GROUPS_TABLE . " g
1198 WHERE group_single_user <> " . TRUE . "
1199 $ignore_group_sql
1200 ORDER BY g.group_name";
1201 if ( !($result = $db->sql_query($sql)) )
1202 {
1203 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1204 }
1205  
1206 $s_group_list_opt = '';
1207 while( $row = $db->sql_fetchrow($result) )
1208 {
1209 if ( $row['group_type'] != GROUP_HIDDEN || $userdata['user_level'] == ADMIN )
1210 {
1211 $s_group_list_opt .='<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1212 }
1213 }
1214 $s_group_list = '<select name="' . POST_GROUPS_URL . '">' . $s_group_list_opt . '</select>';
1215  
1216 if ( $s_group_list_opt != '' || $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1217 {
1218 //
1219 // Load and process templates
1220 //
1221 $page_title = $lang['Group_Control_Panel'];
1222 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
1223  
1224 $template->set_filenames(array(
1225 'user' => 'groupcp_user_body.tpl')
1226 );
1227 make_jumpbox('viewforum.'.$phpEx);
1228  
1229 if ( $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1230 {
1231 $template->assign_block_vars('switch_groups_joined', array() );
1232 }
1233  
1234 if ( $s_member_groups_opt != '' )
1235 {
1236 $template->assign_block_vars('switch_groups_joined.switch_groups_member', array() );
1237 }
1238  
1239 if ( $s_pending_groups_opt != '' )
1240 {
1241 $template->assign_block_vars('switch_groups_joined.switch_groups_pending', array() );
1242 }
1243  
1244 if ( $s_group_list_opt != '' )
1245 {
1246 $template->assign_block_vars('switch_groups_remaining', array() );
1247 }
1248  
1249 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
1250  
1251 $template->assign_vars(array(
1252 'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],
1253 'L_JOIN_A_GROUP' => $lang['Group_member_join'],
1254 'L_YOU_BELONG_GROUPS' => $lang['Current_memberships'],
1255 'L_SELECT_A_GROUP' => $lang['Non_member_groups'],
1256 'L_PENDING_GROUPS' => $lang['Memberships_pending'],
1257 'L_SUBSCRIBE' => $lang['Subscribe'],
1258 'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
1259 'L_VIEW_INFORMATION' => $lang['View_Information'],
1260  
1261 'S_USERGROUP_ACTION' => append_sid("groupcp.$phpEx"),
1262 'S_HIDDEN_FIELDS' => $s_hidden_fields,
1263  
1264 'GROUP_LIST_SELECT' => $s_group_list,
1265 'GROUP_PENDING_SELECT' => $s_pending_groups,
1266 'GROUP_MEMBER_SELECT' => $s_member_groups)
1267 );
1268  
1269 $template->pparse('user');
1270 }
1271 else
1272 {
1273 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
1274 }
1275  
1276 }
1277  
1278 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1279  
1280 ?>