function main($id, $mode)
{
global $db, $cache, $config, $user, $lang, $auth, $template, $cms_admin;
add_permission_language();
include_once IP_ROOT_PATH . 'includes/class_auth_admin.' . PHP_EXT;
$auth_admin = new auth_admin();
$submit = isset($_POST['submit']) ? true : false;
$role_id = request_var('role_id', 0);
$action = request_var('paction', '');
$action = isset($_POST['add']) ? 'add' : $action;
$form_name = 'acp_permissions';
add_form_key($form_name);
$this->tpl_name = 'cms_permissions_roles.tpl';
$this->u_action = append_sid($cms_admin->root . '?mode=auth&rmode=' . $mode . '&roles_admin=1');
switch ($mode) {
case 'admin_roles':
$permission_type = 'a_';
$this->page_title = 'ACP_ADMIN_ROLES';
break;
case 'cms_roles':
$permission_type = 'cms_';
$this->page_title = 'ACP_CMS_ROLES';
break;
case 'forum_roles':
$permission_type = 'f_';
$this->page_title = 'ACP_FORUM_ROLES';
break;
case 'mod_roles':
$permission_type = 'm_';
$this->page_title = 'ACP_MOD_ROLES';
break;
case 'plugins_roles':
$permission_type = 'pl_';
$this->page_title = 'ACP_PLUGINS_ROLES';
break;
case 'user_roles':
$permission_type = 'u_';
$this->page_title = 'ACP_USER_ROLES';
break;
default:
trigger_error('NO_MODE', E_USER_ERROR);
break;
}
$template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']));
// Take action... admin submitted something
if ($submit || $action == 'remove') {
switch ($action) {
case 'remove':
if (!$role_id) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
if (confirm_box(true)) {
$this->remove_role($role_id, $permission_type);
$role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
trigger_error($user->lang['ROLE_DELETED'] . page_back_link($this->u_action));
} else {
$s_hidden_fields = array('i' => $id, 'pmode' => $mode, 'role_id' => $role_id, 'paction' => $action);
confirm_box(false, 'DELETE_ROLE', build_hidden_fields($s_hidden_fields));
}
break;
case 'edit':
if (!$role_id) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
// Get role we edit
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
// no break;
// no break;
case 'add':
if (!check_form_key($form_name)) {
trigger_error($user->lang['FORM_INVALID'] . page_back_link($this->u_action), E_USER_WARNING);
}
$role_name = utf8_normalize_nfc(request_var('role_name', '', true));
$role_description = utf8_normalize_nfc(request_var('role_description', '', true));
$auth_settings = request_var('setting', array('' => 0));
if (!$role_name) {
trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . page_back_link($this->u_action), E_USER_WARNING);
}
if (utf8_strlen($role_description) > 4000) {
trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . page_back_link($this->u_action), E_USER_WARNING);
}
// if we add/edit a role we check the name to be unique among the settings...
$sql = 'SELECT role_id
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// Make sure we only print out the error if we add the role or change it's name
if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) {
trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . page_back_link($this->u_action), E_USER_WARNING);
}
$sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type);
if ($action == 'edit') {
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
WHERE role_id = ' . $role_id;
$db->sql_query($sql);
} else {
// Get maximum role order for inserting a new role...
$sql = 'SELECT MAX(role_order) as max_order
FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'";
$result = $db->sql_query($sql);
$max_order = (int) $db->sql_fetchfield('max_order');
$db->sql_freeresult($result);
$sql_ary['role_order'] = $max_order + 1;
$sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
$db->sql_query($sql);
$role_id = $db->sql_nextid();
}
// Now add the auth settings
$auth_admin->acl_set_role($role_id, $auth_settings);
$role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name;
add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . page_back_link($this->u_action));
break;
}
}
// Display screens
switch ($action) {
case 'add':
$options_from = request_var('options_from', 0);
$role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type);
if ($options_from) {
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
WHERE o.auth_option_id = p.auth_option_id
AND p.role_id = ' . $options_from . '
ORDER BY p.auth_option_id';
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
} else {
$sql = 'SELECT auth_option_id, auth_option
FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id";
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = ACL_NO;
}
$db->sql_freeresult($result);
}
// no break;
// no break;
case 'edit':
if ($action == 'edit') {
if (!$role_id) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . '
WHERE role_id = ' . $role_id;
$result = $db->sql_query($sql);
$role_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
WHERE o.auth_option_id = p.auth_option_id
AND p.role_id = ' . $role_id . '
ORDER BY p.auth_option_id';
$result = $db->sql_query($sql);
$auth_options = array();
while ($row = $db->sql_fetchrow($result)) {
$auth_options[$row['auth_option']] = $row['auth_setting'];
}
$db->sql_freeresult($result);
}
if (!$role_row) {
trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
}
$template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&paction={$action}&role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)]));
// We need to fill the auth options array with ACL_NO options ;)
$sql = 'SELECT auth_option_id, auth_option
FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
if (!isset($auth_options[$row['auth_option']])) {
$auth_options[$row['auth_option']] = ACL_NO;
}
}
$db->sql_freeresult($result);
// Unset global permission option
unset($auth_options[$permission_type]);
// Display auth options
$this->display_auth_options($auth_options);
// Get users/groups/forums using this preset...
if ($action == 'edit') {
$hold_ary = $auth_admin->get_role_mask($role_id);
if (sizeof($hold_ary)) {
$role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
$template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
$auth_admin->display_role_mask($hold_ary);
}
}
return;
break;
case 'move_up':
case 'move_down':
$order = request_var('order', 0);
$order_total = $order * 2 + ($action == 'move_up' ? -1 : 1);
$sql = 'UPDATE ' . ACL_ROLES_TABLE . '
SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')';
$db->sql_query($sql);
break;
}
// By default, check that role_order is valid and fix it if necessary
$sql = 'SELECT role_id, role_order
FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
$order = 0;
do {
$order++;
if ($row['role_order'] != $order) {
$db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}");
}
} while ($row = $db->sql_fetchrow($result));
}
$db->sql_freeresult($result);
// Display assigned items?
$display_item = request_var('display_item', 0);
// Select existing roles
$sql = 'SELECT *
FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
$result = $db->sql_query($sql);
$s_role_options = '';
while ($row = $db->sql_fetchrow($result)) {
$role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name'];
$template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&paction=edit&role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&paction=remove&role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&paction=move_up&order=' . $row['role_order'], 'U_MOVE_DOWN' => $this->u_action . '&paction=move_down&order=' . $row['role_order'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&display_item=' . $row['role_id'] . '#assigned_to'));
$s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
if ($display_item == $row['role_id']) {
$template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
}
}
$db->sql_freeresult($result);
$template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options));
if ($display_item) {
$template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true));
$hold_ary = $auth_admin->get_role_mask($display_item);
$auth_admin->display_role_mask($hold_ary);
}
}