Vergleich admin/modules/user/admin_permissions.php - 1.6.10 - 1.6.18

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 6Zeile 6
 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * Website: http://mybb.com
* License: http://mybb.com/about/license
*

 * $Id: admin_permissions.php 5297 2010-12-28 22:01:14Z Tomm $

 * $Id$

 */

// Disallow direct access to this file for security reasons

 */

// Disallow direct access to this file for security reasons

Zeile 82Zeile 82
		// Log admin action
if($uid < 0)
{

		// Log admin action
if($uid < 0)
{

			$query = $db->simple_select("usergroups", "title", "gid='$gid'");


			$gid = abs($uid);
$query = $db->simple_select("usergroups", "title", "gid='{$gid}'");

			$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);


			$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);


		}

		}

		elseif($uid == 0)

		elseif($uid == 0)

		{

		{

			// Default
log_admin_action(0, $lang->default);

			// Default
log_admin_action(0, $lang->default);

		}
else
{
$user = get_user($uid);

		}
else
{
$user = get_user($uid);

			log_admin_action($uid, $user['username']);
}

flash_message($lang->success_perms_deleted, 'success');
admin_redirect("index.php?module=user-admin_permissions");

			log_admin_action($uid, $user['username']);
}

flash_message($lang->success_perms_deleted, 'success');
admin_redirect("index.php?module=user-admin_permissions");

	}

	}

	else
{
$page->output_confirm_action("index.php?module=user-admin_permissions&amp;action=delete&amp;uid={$mybb->input['uid']}", $lang->confirm_perms_deletion);
}
}

	else
{
$page->output_confirm_action("index.php?module=user-admin_permissions&amp;action=delete&amp;uid={$mybb->input['uid']}", $lang->confirm_perms_deletion);
}
}





if($mybb->input['action'] == "edit")
{
$plugins->run_hooks("admin_user_admin_permissions_edit");

if($mybb->input['action'] == "edit")
{
$plugins->run_hooks("admin_user_admin_permissions_edit");

Zeile 117Zeile 118
		{
$no_access = 0;
foreach($actions as $action => $access)

		{
$no_access = 0;
foreach($actions as $action => $access)

			{

			{

				if($access == 0)
{
++$no_access;
}

				if($access == 0)
{
++$no_access;
}

			}

			}

			// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
}

			// User can't access any actions in this module - just disallow it completely
if($no_access == count($actions))
{
unset($mybb->input['permissions'][$module]);
}

		}


		}


		// Does an options row exist for this admin already?
$query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'");
$existing_options = $db->fetch_field($query, "existing_options");

		// Does an options row exist for this admin already?
$query = $db->simple_select("adminoptions", "COUNT(uid) AS existing_options", "uid='".intval($mybb->input['uid'])."'");
$existing_options = $db->fetch_field($query, "existing_options");

Zeile 152Zeile 153

// Log admin action
if($uid > 0)


// Log admin action
if($uid > 0)

		{

		{

			// Users
$user = get_user($uid);
log_admin_action($uid, $user['username']);

			// Users
$user = get_user($uid);
log_admin_action($uid, $user['username']);

Zeile 161Zeile 162
		{
// Groups
$gid = abs($uid);

		{
// Groups
$gid = abs($uid);

			$query = $db->simple_select("usergroups", "title", "gid='$gid'");

			$query = $db->simple_select("usergroups", "title", "gid='{$gid}'");

			$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
}

			$group = $db->fetch_array($query);
log_admin_action($uid, $group['title']);
}

Zeile 177Zeile 178
	
if($uid > 0)
{

	
if($uid > 0)
{

		$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (u.usergroup=g.gid)
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");

















		switch($db->type)
{
case "pgsql":
case "sqlite":
$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((','|| u.additionalgroups|| ',' LIKE '%,'|| g.gid|| ',%') OR u.usergroup = g.gid))
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");
break;
default:
$query = $db->query("
SELECT u.uid, u.username, g.cancp, g.gid
FROM ".TABLE_PREFIX."users u
LEFT JOIN ".TABLE_PREFIX."usergroups g ON (((CONCAT(',', u.additionalgroups, ',') LIKE CONCAT('%,', g.gid, ',%')) OR u.usergroup = g.gid))
WHERE u.uid='$uid'
AND g.cancp=1
LIMIT 1
");
}


		$admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
$title = $admin['username'];

		$admin = $db->fetch_array($query);
$permission_data = get_admin_permissions($uid, $admin['gid']);
$title = $admin['username'];