Zeile 6 | Zeile 6 |
---|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* $Id: admin_permissions.php 5380 2011-02-21 12:04:43Z Tomm $
| * $Id$
|
*/
// Disallow direct access to this file for security reasons
| */
// Disallow direct access to this file for security reasons
|
Zeile 82 | Zeile 82 |
---|
// Log admin action if($uid < 0) {
|
// Log admin action if($uid < 0) {
|
$query = $db->simple_select("usergroups", "title", "gid='$gid'");
| $gid = abs($uid); $query = $db->simple_select("usergroups", "title", "gid='{$gid}'");
|
$group = $db->fetch_array($query); log_admin_action($uid, $group['title']);
|
$group = $db->fetch_array($query); log_admin_action($uid, $group['title']);
|
}
| }
|
elseif($uid == 0)
|
elseif($uid == 0)
|
{
| {
|
// Default log_admin_action(0, $lang->default);
|
// Default log_admin_action(0, $lang->default);
|
} else { $user = get_user($uid);
| } else { $user = get_user($uid);
|
log_admin_action($uid, $user['username']); }
flash_message($lang->success_perms_deleted, 'success'); admin_redirect("index.php?module=user-admin_permissions");
|
log_admin_action($uid, $user['username']); }
flash_message($lang->success_perms_deleted, 'success'); admin_redirect("index.php?module=user-admin_permissions");
|
}
| }
|
else { $page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion); } }
|
else { $page->output_confirm_action("index.php?module=user-admin_permissions&action=delete&uid={$mybb->input['uid']}", $lang->confirm_perms_deletion); } }
|
|
|
if($mybb->input['action'] == "edit") { $plugins->run_hooks("admin_user_admin_permissions_edit");
| if($mybb->input['action'] == "edit") { $plugins->run_hooks("admin_user_admin_permissions_edit");
|
Zeile 117 | Zeile 118 |
---|
{ $no_access = 0; foreach($actions as $action => $access)
|
{ $no_access = 0; foreach($actions as $action => $access)
|
{
| {
|
if($access == 0) { ++$no_access; }
|
if($access == 0) { ++$no_access; }
|
}
| }
|
// User can't access any actions in this module - just disallow it completely if($no_access == count($actions)) { unset($mybb->input['permissions'][$module]); }
|
// User can't access any actions in this module - just disallow it completely if($no_access == count($actions)) { unset($mybb->input['permissions'][$module]); }
|
}
| }
|
// Does an options row exist for this admin already? $query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'"); $existing_options = $db->fetch_field($query, "existing_options");
| // Does an options row exist for this admin already? $query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'"); $existing_options = $db->fetch_field($query, "existing_options");
|
Zeile 152 | Zeile 153 |
---|
// Log admin action if($uid > 0)
|
// Log admin action if($uid > 0)
|
{
| {
|
// Users $user = get_user($uid); log_admin_action($uid, $user['username']);
| // Users $user = get_user($uid); log_admin_action($uid, $user['username']);
|
Zeile 161 | Zeile 162 |
---|
{ // Groups $gid = abs($uid);
|
{ // Groups $gid = abs($uid);
|
$query = $db->simple_select("usergroups", "title", "gid='$gid'");
| $query = $db->simple_select("usergroups", "title", "gid='{$gid}'");
|
$group = $db->fetch_array($query); log_admin_action($uid, $group['title']); }
| $group = $db->fetch_array($query); log_admin_action($uid, $group['title']); }
|
Zeile 177 | Zeile 178 |
---|
if($uid > 0) {
|
if($uid > 0) {
|
$query = $db->query(" SELECT u.uid, u.username, g.cancp, g.gid FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."usergroups g ON (u.usergroup=g.gid) WHERE u.uid='$uid' AND g.cancp=1 LIMIT 1 ");
| switch($db->type) { case "pgsql": case "sqlite": $query = $db->query(" SELECT u.uid, u.username, g.cancp, g.gid FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid)) WHERE u.uid='$uid' AND g.cancp=1 LIMIT 1 "); break; default: $query = $db->query(" SELECT u.uid, u.username, g.cancp, g.gid FROM ".TABLE_PREFIX."users u LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid)) WHERE u.uid='$uid' AND g.cancp=1 LIMIT 1 "); }
|
$admin = $db->fetch_array($query); $permission_data = get_admin_permissions($uid, $admin['gid']); $title = $admin['username'];
| $admin = $db->fetch_array($query); $permission_data = get_admin_permissions($uid, $admin['gid']); $title = $admin['username'];
|