auth_admin::display_role_mask PHP Method

    function display_role_mask(&$hold_ary)
    {
        global $db, $template, $user, $phpbb_root_path, $phpbb_admin_path, $phpEx;
        if (!sizeof($hold_ary)) {
            return;
        }
        // Get forum names
        $sql = 'SELECT forum_id, forum_name
			FROM ' . FORUMS_TABLE . '
			WHERE ' . $db->sql_in_set('forum_id', array_keys($hold_ary)) . '
			ORDER BY left_id';
        $result = $db->sql_query($sql);
        // If the role is used globally, then reflect that
        $forum_names = isset($hold_ary[0]) ? array(0 => '') : array();
        while ($row = $db->sql_fetchrow($result)) {
            $forum_names[$row['forum_id']] = $row['forum_name'];
        }
        $db->sql_freeresult($result);
        foreach ($forum_names as $forum_id => $forum_name) {
            $auth_ary = $hold_ary[$forum_id];
            $template->assign_block_vars('role_mask', array('NAME' => $forum_id == 0 ? $user->lang['GLOBAL_MASK'] : $forum_name, 'FORUM_ID' => $forum_id));
            if (isset($auth_ary['users']) && sizeof($auth_ary['users'])) {
                $sql = 'SELECT user_id, username
					FROM ' . USERS_TABLE . '
					WHERE ' . $db->sql_in_set('user_id', $auth_ary['users']) . '
					ORDER BY username_clean ASC';
                $result = $db->sql_query($sql);
                while ($row = $db->sql_fetchrow($result)) {
                    $template->assign_block_vars('role_mask.users', array('USER_ID' => $row['user_id'], 'USERNAME' => get_username_string('username', $row['user_id'], $row['username']), 'U_PROFILE' => get_username_string('profile', $row['user_id'], $row['username'])));
                }
                $db->sql_freeresult($result);
            }
            if (isset($auth_ary['groups']) && sizeof($auth_ary['groups'])) {
                $sql = 'SELECT group_id, group_name, group_type
					FROM ' . GROUPS_TABLE . '
					WHERE ' . $db->sql_in_set('group_id', $auth_ary['groups']) . '
					ORDER BY group_type ASC, group_name';
                $result = $db->sql_query($sql);
                while ($row = $db->sql_fetchrow($result)) {
                    $template->assign_block_vars('role_mask.groups', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name'], 'U_PROFILE' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=group&g={$row['group_id']}")));
                }
                $db->sql_freeresult($result);
            }
        }
    }

    function main($id, $mode)
    {
        global $db, $cache, $config, $user, $lang, $auth, $template, $cms_admin;
        add_permission_language();
        include_once IP_ROOT_PATH . 'includes/class_auth_admin.' . PHP_EXT;
        $auth_admin = new auth_admin();
        $submit = isset($_POST['submit']) ? true : false;
        $role_id = request_var('role_id', 0);
        $action = request_var('paction', '');
        $action = isset($_POST['add']) ? 'add' : $action;
        $form_name = 'acp_permissions';
        add_form_key($form_name);
        $this->tpl_name = 'cms_permissions_roles.tpl';
        $this->u_action = append_sid($cms_admin->root . '?mode=auth&rmode=' . $mode . '&roles_admin=1');
        switch ($mode) {
            case 'admin_roles':
                $permission_type = 'a_';
                $this->page_title = 'ACP_ADMIN_ROLES';
                break;
            case 'cms_roles':
                $permission_type = 'cms_';
                $this->page_title = 'ACP_CMS_ROLES';
                break;
            case 'forum_roles':
                $permission_type = 'f_';
                $this->page_title = 'ACP_FORUM_ROLES';
                break;
            case 'mod_roles':
                $permission_type = 'm_';
                $this->page_title = 'ACP_MOD_ROLES';
                break;
            case 'plugins_roles':
                $permission_type = 'pl_';
                $this->page_title = 'ACP_PLUGINS_ROLES';
                break;
            case 'user_roles':
                $permission_type = 'u_';
                $this->page_title = 'ACP_USER_ROLES';
                break;
            default:
                trigger_error('NO_MODE', E_USER_ERROR);
                break;
        }
        $template->assign_vars(array('L_TITLE' => $user->lang[$this->page_title], 'L_EXPLAIN' => $user->lang[$this->page_title . '_EXPLAIN']));
        // Take action... admin submitted something
        if ($submit || $action == 'remove') {
            switch ($action) {
                case 'remove':
                    if (!$role_id) {
                        trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    $sql = 'SELECT *
						FROM ' . ACL_ROLES_TABLE . '
						WHERE role_id = ' . $role_id;
                    $result = $db->sql_query($sql);
                    $role_row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    if (!$role_row) {
                        trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    if (confirm_box(true)) {
                        $this->remove_role($role_id, $permission_type);
                        $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
                        add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_REMOVED', $role_name);
                        trigger_error($user->lang['ROLE_DELETED'] . page_back_link($this->u_action));
                    } else {
                        $s_hidden_fields = array('i' => $id, 'pmode' => $mode, 'role_id' => $role_id, 'paction' => $action);
                        confirm_box(false, 'DELETE_ROLE', build_hidden_fields($s_hidden_fields));
                    }
                    break;
                case 'edit':
                    if (!$role_id) {
                        trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    // Get role we edit
                    $sql = 'SELECT *
						FROM ' . ACL_ROLES_TABLE . '
						WHERE role_id = ' . $role_id;
                    $result = $db->sql_query($sql);
                    $role_row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    if (!$role_row) {
                        trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    // no break;
                // no break;
                case 'add':
                    if (!check_form_key($form_name)) {
                        trigger_error($user->lang['FORM_INVALID'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    $role_name = utf8_normalize_nfc(request_var('role_name', '', true));
                    $role_description = utf8_normalize_nfc(request_var('role_description', '', true));
                    $auth_settings = request_var('setting', array('' => 0));
                    if (!$role_name) {
                        trigger_error($user->lang['NO_ROLE_NAME_SPECIFIED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    if (utf8_strlen($role_description) > 4000) {
                        trigger_error($user->lang['ROLE_DESCRIPTION_LONG'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    // if we add/edit a role we check the name to be unique among the settings...
                    $sql = 'SELECT role_id
						FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\t\tAND role_name = '" . $db->sql_escape($role_name) . "'";
                    $result = $db->sql_query($sql);
                    $row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    // Make sure we only print out the error if we add the role or change it's name
                    if ($row && ($mode == 'add' || $mode == 'edit' && $role_row['role_name'] != $role_name)) {
                        trigger_error(sprintf($user->lang['ROLE_NAME_ALREADY_EXIST'], $role_name) . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    $sql_ary = array('role_name' => (string) $role_name, 'role_description' => (string) $role_description, 'role_type' => (string) $permission_type);
                    if ($action == 'edit') {
                        $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
							SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
							WHERE role_id = ' . $role_id;
                        $db->sql_query($sql);
                    } else {
                        // Get maximum role order for inserting a new role...
                        $sql = 'SELECT MAX(role_order) as max_order
							FROM ' . ACL_ROLES_TABLE . "\n\t\t\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'";
                        $result = $db->sql_query($sql);
                        $max_order = (int) $db->sql_fetchfield('max_order');
                        $db->sql_freeresult($result);
                        $sql_ary['role_order'] = $max_order + 1;
                        $sql = 'INSERT INTO ' . ACL_ROLES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
                        $db->sql_query($sql);
                        $role_id = $db->sql_nextid();
                    }
                    // Now add the auth settings
                    $auth_admin->acl_set_role($role_id, $auth_settings);
                    $role_name = !empty($user->lang[$role_name]) ? $user->lang[$role_name] : $role_name;
                    add_log('admin', 'LOG_' . strtoupper($permission_type) . 'ROLE_' . strtoupper($action), $role_name);
                    trigger_error($user->lang['ROLE_' . strtoupper($action) . '_SUCCESS'] . page_back_link($this->u_action));
                    break;
            }
        }
        // Display screens
        switch ($action) {
            case 'add':
                $options_from = request_var('options_from', 0);
                $role_row = array('role_name' => utf8_normalize_nfc(request_var('role_name', '', true)), 'role_description' => utf8_normalize_nfc(request_var('role_description', '', true)), 'role_type' => $permission_type);
                if ($options_from) {
                    $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
						FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
						WHERE o.auth_option_id = p.auth_option_id
							AND p.role_id = ' . $options_from . '
						ORDER BY p.auth_option_id';
                    $result = $db->sql_query($sql);
                    $auth_options = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $auth_options[$row['auth_option']] = $row['auth_setting'];
                    }
                    $db->sql_freeresult($result);
                } else {
                    $sql = 'SELECT auth_option_id, auth_option
						FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\t\tORDER BY auth_option_id";
                    $result = $db->sql_query($sql);
                    $auth_options = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $auth_options[$row['auth_option']] = ACL_NO;
                    }
                    $db->sql_freeresult($result);
                }
                // no break;
            // no break;
            case 'edit':
                if ($action == 'edit') {
                    if (!$role_id) {
                        trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                    }
                    $sql = 'SELECT *
						FROM ' . ACL_ROLES_TABLE . '
						WHERE role_id = ' . $role_id;
                    $result = $db->sql_query($sql);
                    $role_row = $db->sql_fetchrow($result);
                    $db->sql_freeresult($result);
                    $sql = 'SELECT p.auth_option_id, p.auth_setting, o.auth_option
						FROM ' . ACL_ROLES_DATA_TABLE . ' p, ' . ACL_OPTIONS_TABLE . ' o
						WHERE o.auth_option_id = p.auth_option_id
							AND p.role_id = ' . $role_id . '
						ORDER BY p.auth_option_id';
                    $result = $db->sql_query($sql);
                    $auth_options = array();
                    while ($row = $db->sql_fetchrow($result)) {
                        $auth_options[$row['auth_option']] = $row['auth_setting'];
                    }
                    $db->sql_freeresult($result);
                }
                if (!$role_row) {
                    trigger_error($user->lang['NO_ROLE_SELECTED'] . page_back_link($this->u_action), E_USER_WARNING);
                }
                $template->assign_vars(array('S_EDIT' => true, 'U_ACTION' => $this->u_action . "&amp;paction={$action}&amp;role_id={$role_id}", 'U_BACK' => $this->u_action, 'ROLE_NAME' => $role_row['role_name'], 'ROLE_DESCRIPTION' => $role_row['role_description'], 'L_ACL_TYPE' => $user->lang['ACL_TYPE_' . strtoupper($permission_type)]));
                // We need to fill the auth options array with ACL_NO options ;)
                $sql = 'SELECT auth_option_id, auth_option
					FROM ' . ACL_OPTIONS_TABLE . "\n\t\t\t\t\tWHERE auth_option " . $db->sql_like_expression($permission_type . $db->any_char) . "\n\t\t\t\t\t\tAND auth_option <> '{$permission_type}'\n\t\t\t\t\tORDER BY auth_option_id";
                $result = $db->sql_query($sql);
                while ($row = $db->sql_fetchrow($result)) {
                    if (!isset($auth_options[$row['auth_option']])) {
                        $auth_options[$row['auth_option']] = ACL_NO;
                    }
                }
                $db->sql_freeresult($result);
                // Unset global permission option
                unset($auth_options[$permission_type]);
                // Display auth options
                $this->display_auth_options($auth_options);
                // Get users/groups/forums using this preset...
                if ($action == 'edit') {
                    $hold_ary = $auth_admin->get_role_mask($role_id);
                    if (sizeof($hold_ary)) {
                        $role_name = !empty($user->lang[$role_row['role_name']]) ? $user->lang[$role_row['role_name']] : $role_row['role_name'];
                        $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true, 'L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
                        $auth_admin->display_role_mask($hold_ary);
                    }
                }
                return;
                break;
            case 'move_up':
            case 'move_down':
                $order = request_var('order', 0);
                $order_total = $order * 2 + ($action == 'move_up' ? -1 : 1);
                $sql = 'UPDATE ' . ACL_ROLES_TABLE . '
					SET role_order = ' . $order_total . " - role_order\n\t\t\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\t\t\t\tAND role_order IN ({$order}, " . ($action == 'move_up' ? $order - 1 : $order + 1) . ')';
                $db->sql_query($sql);
                break;
        }
        // By default, check that role_order is valid and fix it if necessary
        $sql = 'SELECT role_id, role_order
			FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
        $result = $db->sql_query($sql);
        if ($row = $db->sql_fetchrow($result)) {
            $order = 0;
            do {
                $order++;
                if ($row['role_order'] != $order) {
                    $db->sql_query('UPDATE ' . ACL_ROLES_TABLE . " SET role_order = {$order} WHERE role_id = {$row['role_id']}");
                }
            } while ($row = $db->sql_fetchrow($result));
        }
        $db->sql_freeresult($result);
        // Display assigned items?
        $display_item = request_var('display_item', 0);
        // Select existing roles
        $sql = 'SELECT *
			FROM ' . ACL_ROLES_TABLE . "\n\t\t\tWHERE role_type = '" . $db->sql_escape($permission_type) . "'\n\t\t\tORDER BY role_order ASC";
        $result = $db->sql_query($sql);
        $s_role_options = '';
        while ($row = $db->sql_fetchrow($result)) {
            $role_name = !empty($user->lang[$row['role_name']]) ? $user->lang[$row['role_name']] : $row['role_name'];
            $template->assign_block_vars('roles', array('ROLE_NAME' => $role_name, 'ROLE_DESCRIPTION' => !empty($user->lang[$row['role_description']]) ? $user->lang[$row['role_description']] : nl2br($row['role_description']), 'U_EDIT' => $this->u_action . '&amp;paction=edit&amp;role_id=' . $row['role_id'], 'U_REMOVE' => $this->u_action . '&amp;paction=remove&amp;role_id=' . $row['role_id'], 'U_MOVE_UP' => $this->u_action . '&amp;paction=move_up&amp;order=' . $row['role_order'], 'U_MOVE_DOWN' => $this->u_action . '&amp;paction=move_down&amp;order=' . $row['role_order'], 'U_DISPLAY_ITEMS' => $row['role_id'] == $display_item ? '' : $this->u_action . '&amp;display_item=' . $row['role_id'] . '#assigned_to'));
            $s_role_options .= '<option value="' . $row['role_id'] . '">' . $role_name . '</option>';
            if ($display_item == $row['role_id']) {
                $template->assign_vars(array('L_ROLE_ASSIGNED_TO' => sprintf($user->lang['ROLE_ASSIGNED_TO'], $role_name)));
            }
        }
        $db->sql_freeresult($result);
        $template->assign_vars(array('S_ROLE_OPTIONS' => $s_role_options));
        if ($display_item) {
            $template->assign_vars(array('S_DISPLAY_ROLE_MASK' => true));
            $hold_ary = $auth_admin->get_role_mask($display_item);
            $auth_admin->display_role_mask($hold_ary);
        }
    }