isfounder) {
exit('Access Denied');
}
if($operation == 'perm') {
$do = !in_array(getgpc('do'), array('group', 'member', 'gperm', 'notifyusers')) ? 'member' : getgpc('do');
shownav('founder', 'menu_founder_perm');
if($do == 'group') {
$id = intval(getgpc('id'));
if(!$id) {
foreach(C::t('common_admincp_group')->range() as $group) {
$groups[$group['cpgroupid']] = $group['cpgroupname'];
}
if(!submitcheck('submit')) {
showsubmenu('menu_founder_perm', array(
array('nav_founder_perm_member', 'founder&operation=perm&do=member', 0),
array('nav_founder_perm_group', 'founder&operation=perm&do=group', 1),
array('nav_founder_perm_notifyusers', 'founder&operation=perm&do=notifyusers', 0),
));
showformheader('founder&operation=perm&do=group');
showtableheader();
showsubtitle(array('', 'founder_cpgroupname', ''));
foreach($groups as $id => $group) {
showtablerow('style="height:20px"', array('class="td25"', 'class="td24"'), array(
"",
"",
''.cplang('edit').''
));
}
showtablerow('style="height:20px"', array(), array(cplang('add_new'), '', ''));
showsubmit('submit', 'submit', 'del');
showtablefooter();
showformfooter();
} else {
if(!empty($_GET['newcpgroupname'])) {
if(C::t('common_admincp_group')->fetch_by_cpgroupname($_GET['newcpgroupname'])) {
cpmsg('founder_perm_group_name_duplicate', '', 'error', array('name' => $_GET['newcpgroupname']));
}
C::t('common_admincp_group')->insert(array('cpgroupname' => strip_tags($_GET['newcpgroupname'])));
}
if(!empty($_GET['delete'])) {
C::t('common_admincp_perm')->delete_by_cpgroupid_perm($_GET['delete']);
C::t('common_admincp_member')->update_cpgroupid_by_cpgroupid($_GET['delete'], array('cpgroupid' => 0));
C::t('common_admincp_group')->delete($_GET['delete']);
}
if(!empty($_GET['name'])) {
foreach($_GET['name'] as $id => $name) {
if($groups[$id] != $name) {
$cpgroupid = ($cpgroup = C::t('common_admincp_group')->fetch_by_cpgroupname($name)) ? $cpgroup['cpgroupid'] : 0;
if($cpgroupid && $_GET['name'][$cpgroupid] == $groups[$cpgroupid]) {
cpmsg('founder_perm_group_name_duplicate', '', 'error', array('name' => $name));
}
C::t('common_admincp_group')->update($id, array('cpgroupname' => $name));
}
}
}
cpmsg('founder_perm_group_update_succeed', 'action=founder&operation=perm&do=group', 'succeed');
}
} else {
if(!submitcheck('submit')) {
showpermstyle();
$perms = array();
foreach(C::t('common_admincp_perm')->fetch_all_by_cpgroupid($id) as $perm) {
$perms[] = $perm['perm'];
}
$cpgroupname = ($cpgroup = C::t('common_admincp_group')->fetch($id)) ? $cpgroup['cpgroupname'] : '';
$data = getactionarray();
$grouplist = '';
foreach(C::t('common_admincp_group')->range() as $ggroup) {
$grouplist .= ''.$ggroup['cpgroupname'].'';
}
$grouplist = ''.
'';
showsubmenu('menu_founder_groupperm', array(array()), $grouplist, array('group' => $cpgroupname));
showformheader('founder&operation=perm&do=group&id='.$id);
showtableheader();
foreach($data['cats'] as $topkey) {
if(!$data['actions'][$topkey]) {
continue;
}
$checkedall = true;
$row = '| ';
foreach($data['actions'][$topkey] as $k => $item) {
if(!$item) {
continue;
}
$checked = @in_array($item[1], $perms);
if(!$checked) {
$checkedall = false;
}
$row .= $item[1] ? '' : '';
}
$row .= ' |
';
if($topkey != 'setting') {
showtitle('');
} else {
showtitle('founder_perm_setting');
}
echo $row;
}
showsubmit('submit');
showtablefooter();
showformfooter();
if(!empty($_GET['switch'])) {
echo '';
}
} else {
C::t('common_admincp_perm')->delete_by_cpgroupid_perm($id);
if($_GET['permnew']) {
foreach($_GET['permnew'] as $perm) {
C::t('common_admincp_perm')->insert(array('cpgroupid' => $id, 'perm' => $perm));
}
}
cpmsg('founder_perm_groupperm_update_succeed', 'action=founder&operation=perm&do=group', 'succeed');
}
}
} elseif($do == 'member') {
$founders = $_G['config']['admincp']['founder'] !== '' ? explode(',', str_replace(' ', '', addslashes($_G['config']['admincp']['founder']))) : array();
if($founders) {
$founderexists = true;
$fuid = $fuser = array();
foreach($founders as $founder) {
if(is_numeric($founder)) {
$fuid[] = $founder;
} else {
$fuser[] = $founder;
}
}
$founders = array();
if($fuid) {
$founders = $founders + C::t('common_member')->fetch_all($fuid, false, 0);
}
if($fuser) {
$founders = $founders + C::t('common_member')->fetch_all_by_username($fuser);
}
} else {
$founderexists = false;
$founders = C::t('common_member')->fetch_all_by_adminid(1);
}
$id = empty($_GET['id']) ? 0 : $_GET['id'];
if(!$id) {
if(!submitcheck('submit')) {
showsubmenu('menu_founder_perm', array(
array('nav_founder_perm_member', 'founder&operation=perm&do=member', 1),
array('nav_founder_perm_group', 'founder&operation=perm&do=group', 0),
array('nav_founder_perm_notifyusers', 'founder&operation=perm&do=notifyusers', 0),
));
$groupselect = '';
$members = $adminmembers = array();
$adminmembers = C::t('common_admincp_member')->range();
foreach ($adminmembers as $adminmember) {
$adminmembers[$adminmember['uid']] = $adminmember;
}
foreach($founders as $uid => $founder) {
$members[$uid] = array('uid' => $uid, 'username' => $founder['username'], 'cpgroupname' => cplang('founder_admin'));
}
if($adminmembers) {
foreach(C::t('common_member')->fetch_all(array_keys($adminmembers), false, 0) as $member) {
if(isset($members[$member['uid']])) {
C::t('common_admincp_member')->delete($member['uid']);
continue;
}
$member['cpgroupname'] = !empty($adminmembers[$member['uid']]['cpgroupid']) ? $groups[$adminmembers[$member['uid']]['cpgroupid']] : cplang('founder_master');
if(!$founderexists && in_array($member['uid'], array_keys($founders))) {
$member['cpgroupname'] = cplang('founder_admin');
}
$members[$member['uid']] = $member;
}
}
if(!$founderexists) {
showtips(cplang('home_security_nofounder').cplang('home_security_founder'));
} else {
showtips('home_security_founder');
}
showformheader('founder&operation=perm&do=member');
showtableheader();
showsubtitle(array('', 'founder_username', 'founder_usergname', ''));
foreach($members as $id => $member) {
$isfounder = array_key_exists($id, $founders);
showtablerow('style="height:20px"', array('class="td25"', 'class="td24"', 'class="td24"'), array(
!$isfounder || isset($adminmembers[$member['uid']]['cpgroupid']) ? "" : '',
"$member[username]",
$member['cpgroupname'],
!$isfounder && $adminmembers[$member['uid']]['cpgroupid'] ? ''.cplang('edit').'' : ''
));
}
showtablerow('style="height:20px"', array('class="td25"', 'class="td24"', 'class="td24"'), array(cplang('add_new'), '', $groupselect, ''));
showsubmit('submit', 'submit', 'del');
showtablefooter();
showformfooter();
} else {
if(!empty($_GET['newcpusername'])) {
$newcpuid = C::t('common_member')->fetch_uid_by_username($_GET['newcpusername']);
if(!$newcpuid) {
cpmsg('founder_perm_member_noexists', '', 'error', array('name' => $_GET['newcpusername']));
}
if(C::t('common_admincp_member')->count_by_uid($newcpuid) || array_key_exists($newcpuid, $founders)) {
cpmsg('founder_perm_member_duplicate', '', 'error', array('name' => $_GET['newcpusername']));
}
C::t('common_admincp_member')->insert(array('uid' => $newcpuid, 'cpgroupid' => $_GET['newcpgroupid']));
}
if(!empty($_GET['delete'])) {
C::t('common_admincp_member')->delete($_GET['delete']);
}
updatecache('founder');
cpmsg('founder_perm_member_update_succeed', 'action=founder&operation=perm&do=member', 'succeed');
}
} else {
if(!submitcheck('submit')) {
$member = C::t('common_admincp_member')->fetch($id);
if(!$member) {
cpmsg('founder_perm_member_noexists', '', 'error');
}
$user = getuserbyuid($id);
$username = $user['username'];
$cpgroupid = empty($_GET['cpgroupid']) ? $member['cpgroupid'] : $_GET['cpgroupid'];
$member['customperm'] = empty($_GET['cpgroupid']) || $_GET['cpgroupid'] == $member['cpgroupid'] ? dunserialize($member['customperm']) : array();
$perms = array();
foreach(C::t('common_admincp_perm')->fetch_all_by_cpgroupid($cpgroupid) as $perm) {
$perms[] = $perm['perm'];
}
$data = getactionarray();
$groupselect = '';
showpermstyle();
showsubmenu('menu_founder_memberperm', array(array()), '', array('username' => $username));
showformheader('founder&operation=perm&do=member&id='.$id);
showtableheader();
showsetting('founder_usergname', '', '', $groupselect);
showtablefooter();
showtableheader();
foreach($data['cats'] as $topkey) {
if(!$data['actions'][$topkey]) {
continue;
}
$checkedall = true;
$row = '| ';
foreach($data['actions'][$topkey] as $item) {
if(!$item) {
continue;
}
$checked = @in_array($item[1], $perms);
$customchecked = @in_array($item[1], $member['customperm']);
$extra = $checked ? ($customchecked ? '' : 'checked="checked" ').' onclick="checkclk(this)"' : 'disabled="disabled" ';
if(!$checked || $customchecked) {
$checkedall = false;
}
$row .= '';
}
$row .= ' |
';
if($topkey != 'setting') {
showtitle(' '.cplang('header_'.$topkey).'');
} else {
showtitle('founder_perm_setting');
}
echo $row;
}
showsubmit('submit');
showtablefooter();
showformfooter();
} else {
$_permnew = !empty($_GET['permnew']) ? $_GET['permnew'] : array();
$cpgroupidnew = $_GET['cpgroupidnew'];
$dbperms = C::t('common_admincp_perm')->fetch_all_by_cpgroupid($cpgroupidnew);
$perms = array();
foreach($dbperms as $dbperm) {
$perms[] = $dbperm['perm'];
}
$customperm = serialize(array_diff($perms, $_permnew));
C::t('common_admincp_member')->update($id, array('cpgroupid' => $cpgroupidnew, 'customperm' => $customperm));
cpmsg('founder_perm_member_update_succeed', 'action=founder&operation=perm&do=member', 'succeed');
}
}
} elseif($do == 'gperm' && !empty($_GET['gset'])) {
$gset = $_GET['gset'];
list($topkey, $k) = explode('_', $gset);
$data = getactionarray();
$gset = $data['actions'][$topkey][$k];
if(!$gset) {
cpmsg('undefined_action', '', 'error');
}
if(!submitcheck('submit')) {
$allperms = C::t('common_admincp_perm')->fetch_all_by_perm($gset[1]);
$groups = C::t('common_admincp_group')->range();
showsubmenu('menu_founder_permgrouplist', array(array()), '', array('perm' => cplang($gset[0])));
showformheader('founder&operation=perm&do=gperm&gset='.$_GET['gset']);
showtableheader();
showsubtitle(array('', 'founder_usergname'));
foreach($groups as $id => $group) {
showtablerow('style="height:20px"', array('class="td25"', ''), array(
"",
$group['cpgroupname']
));
}
showsubmit('submit');
showtablefooter();
showformfooter();
} else {
foreach(C::t('common_admincp_group')->range() as $group) {
if(in_array($group['cpgroupid'], $_GET['permnew'])) {
C::t('common_admincp_perm')->insert(array('cpgroupid' => $group['cpgroupid'], 'perm' => $gset[1]), false, true);
} else {
C::t('common_admincp_perm')->delete_by_cpgroupid_perm($group['cpgroupid'], $gset[1]);
}
}
cpmsg('founder_perm_gperm_update_succeed', 'action=founder&operation=perm', 'succeed');
}
} elseif($do == 'notifyusers') {
$notifyusers = dunserialize($_G['setting']['notifyusers']);
$notifytypes = explode(',', $_G['setting']['adminnotifytypes']);
if(!submitcheck('submit')) {
showpermstyle();
showsubmenu('menu_founder_perm', array(
array('nav_founder_perm_member', 'founder&operation=perm&do=member', 0),
array('nav_founder_perm_group', 'founder&operation=perm&do=group', 0),
array('nav_founder_perm_notifyusers', 'founder&operation=perm&do=notifyusers', 1),
));
showtips('founder_notifyusers_tips');
showformheader('founder&operation=perm&do=notifyusers');
showtableheader();
showsubtitle(array('', 'username', '', 'founder_notifyusers_types'));
foreach($notifyusers as $uid => $user) {
$types = '';
foreach($notifytypes as $key => $typename) {
$checked = $user['types'][$key] ? ' checked' : '';
if(substr($typename, 0, 7) == 'verify_') {
$i = substr($typename, -1, 1);
if($_G['setting']['verify'][$i]['available']) {
$tname = $_G['setting']['verify'][$i]['title'];
} else {
continue;
}
} else {
$tname = cplang('founder_notidyusers_'.$typename);
}
$types .= "';
}
showtablerow('style="height:20px"', array('class="td25"', 'class="td24"', 'class="td25"', 'class="vtop"'), array(
"",
"$user[username]",
''.cplang('select_all'),
$types
));
}
showtablerow('style="height:20px"', array('', 'colspan="3"'), array(cplang('add_new'), ''));
showsubmit('submit', 'submit', 'del');
showtablefooter();
showformfooter();
} else {
$newnotifyusers = array();
if($_GET['name']) {
foreach($_GET['name'] as $uid => $username) {
if($_GET['delete'] && in_array($uid, $_GET['delete'])) {
continue;
}
$types = '';
foreach($notifytypes as $typename) {
$types .= intval($_GET['notifytypes_'.$uid][$typename]);
}
$newnotifyusers[$uid] = array('username' => $username, 'types' => $types);
}
}
if($_GET['newusername']) {
$newusername = addslashes($_GET['newusername']);
$newuid = C::t('common_member')->fetch_uid_by_username($newusername);
if($newuid) {
$newnotifyusers[$newuid] = array('username' => $newusername, 'types' => '');
}
}
C::t('common_setting')->update('notifyusers', $newnotifyusers);
updatecache('setting');
cpmsg('founder_perm_notifyusers_succeed', 'action=founder&operation=perm&do=notifyusers', 'succeed');
}
}
}
function getactionarray() {
$isfounder = false;
require './source/admincp/admincp_menu.php';
require './source/admincp/admincp_perm.php';
require './source/admincp/menu/menu_cloud.php';
unset($menu['cloud'][0]);
unset($topmenu['index'], $menu['index']);
$actioncat = $actionarray = array();
$actioncat[] = 'setting';
$actioncat = array_merge($actioncat, array_keys($topmenu));
$actionarray['setting'][] = array('founder_perm_allowpost', '_allowpost');
foreach($menu as $tkey => $items) {
foreach($items as $item) {
$actionarray[$tkey][] = $item;
}
}
return array('actions' => $actionarray, 'cats' => $actioncat);
}
function showpermstyle() {
echo <<
.item{ float: left; width: 180px; line-height: 25px; margin-left: 5px; border-right: 1px #deeffb dotted; }
.vtop .right, .item .right{ padding: 0 10px; line-height: 22px; background: url('static/image/admincp/bg_repno.gif') no-repeat -286px -145px; font-weight: normal;margin-right:10px; }
.vtop a:hover.right, .item a:hover.right { text-decoration:none; }
EOF;
}