Issues (1014)

Sources/Reports.php (4 issues)

1
<?php
2
3
/**
4
 * This file is exclusively for generating reports to help assist forum
5
 * administrators keep track of their forum configuration and state. The
6
 * core report generation is done in two areas. Firstly, a report "generator"
7
 * will fill context with relevant data. Secondly, the choice of sub-template
8
 * will determine how this data is shown to the user
9
 *
10
 * Functions ending with "Report" are responsible for generating data for reporting.
11
 * They are all called from ReportsMain.
12
 * Never access the context directly, but use the data handling functions to do so.
13
 *
14
 * Simple Machines Forum (SMF)
15
 *
16
 * @package SMF
17
 * @author Simple Machines https://www.simplemachines.org
18
 * @copyright 2022 Simple Machines and individual contributors
19
 * @license https://www.simplemachines.org/about/smf/license.php BSD
20
 *
21
 * @version 2.1.0
22
 */
23
24
if (!defined('SMF'))
25
	die('No direct access...');
26
27
/**
28
 * Handling function for generating reports.
29
 * Requires the admin_forum permission.
30
 * Loads the Reports template and language files.
31
 * Decides which type of report to generate, if this isn't passed
32
 * through the querystring it will set the report_type sub-template to
33
 * force the user to choose which type.
34
 * When generating a report chooses which sub_template to use.
35
 * Depends on the cal_enabled setting, and many of the other cal_
36
 * settings.
37
 * Will call the relevant report generation function.
38
 * If generating report will call finishTables before returning.
39
 * Accessed through ?action=admin;area=reports.
40
 */
41
function ReportsMain()
42
{
43
	global $txt, $context, $scripturl;
44
45
	// Only admins, only EVER admins!
46
	isAllowedTo('admin_forum');
47
48
	// Let's get our things running...
49
	loadTemplate('Reports');
50
	loadLanguage('Reports');
51
52
	$context['page_title'] = $txt['generate_reports'];
53
54
	// These are the types of reports which exist - and the functions to generate them.
55
	$context['report_types'] = array(
56
		'boards' => 'BoardReport',
57
		'board_perms' => 'BoardPermissionsReport',
58
		'member_groups' => 'MemberGroupsReport',
59
		'group_perms' => 'GroupPermissionsReport',
60
		'staff' => 'StaffReport',
61
	);
62
63
	call_integration_hook('integrate_report_types');
64
	// Load up all the tabs...
65
	$context[$context['admin_menu_name']]['tab_data'] = array(
66
		'title' => $txt['generate_reports'],
67
		'help' => '',
68
		'description' => $txt['generate_reports_desc'],
69
	);
70
71
	$is_first = 0;
72
	foreach ($context['report_types'] as $k => $temp)
73
		$context['report_types'][$k] = array(
74
			'id' => $k,
75
			'title' => isset($txt['gr_type_' . $k]) ? $txt['gr_type_' . $k] : $k,
76
			'description' => isset($txt['gr_type_desc_' . $k]) ? $txt['gr_type_desc_' . $k] : null,
77
			'function' => $temp,
78
			'is_first' => $is_first++ == 0,
79
		);
80
81
	// If they haven't chosen a report type which is valid, send them off to the report type chooser!
82
	if (empty($_REQUEST['rt']) || !isset($context['report_types'][$_REQUEST['rt']]))
83
	{
84
		$context['sub_template'] = 'report_type';
85
		return;
86
	}
87
	$context['report_type'] = $_REQUEST['rt'];
88
89
	// What are valid templates for showing reports?
90
	$reportTemplates = array(
91
		'main' => array(
92
			'layers' => null,
93
		),
94
		'print' => array(
95
			'layers' => array('print'),
96
		),
97
	);
98
99
	// Specific template? Use that instead of main!
100
	if (isset($_REQUEST['st']) && isset($reportTemplates[$_REQUEST['st']]))
101
	{
102
		$context['sub_template'] = $_REQUEST['st'];
103
104
		// Are we disabling the other layers - print friendly for example?
105
		if ($reportTemplates[$_REQUEST['st']]['layers'] !== null)
106
			$context['template_layers'] = $reportTemplates[$_REQUEST['st']]['layers'];
107
	}
108
109
	// Make the page title more descriptive.
110
	$context['page_title'] .= ' - ' . (isset($txt['gr_type_' . $context['report_type']]) ? $txt['gr_type_' . $context['report_type']] : $context['report_type']);
111
112
	// Build the reports button array.
113
	$context['report_buttons'] = array(
114
		'generate_reports' => array('text' => 'generate_reports', 'image' => 'print.png', 'url' => $scripturl . '?action=admin;area=reports', 'active' => true),
115
		'print' => array('text' => 'print', 'image' => 'print.png', 'url' => $scripturl . '?action=admin;area=reports;rt=' . $context['report_type'] . ';st=print', 'custom' => 'target="_blank"'),
116
	);
117
118
	// Allow mods to add additional buttons here
119
	call_integration_hook('integrate_report_buttons');
120
121
	// Now generate the data.
122
	$context['report_types'][$context['report_type']]['function']();
123
124
	// Finish the tables before exiting - this is to help the templates a little more.
125
	finishTables();
126
}
127
128
/**
129
 * Standard report about what settings the boards have.
130
 * functions ending with "Report" are responsible for generating data
131
 * for reporting.
132
 * they are all called from ReportsMain.
133
 * never access the context directly, but use the data handling
134
 * functions to do so.
135
 */
136
function BoardReport()
137
{
138
	global $context, $txt, $sourcedir, $smcFunc, $modSettings;
139
140
	// Load the permission profiles.
141
	require_once($sourcedir . '/ManagePermissions.php');
142
	loadLanguage('ManagePermissions');
143
	loadPermissionProfiles();
144
145
	// Get every moderator.
146
	$request = $smcFunc['db_query']('', '
147
		SELECT mods.id_board, mods.id_member, mem.real_name
148
		FROM {db_prefix}moderators AS mods
149
			INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)',
150
		array(
151
		)
152
	);
153
	$moderators = array();
154
	while ($row = $smcFunc['db_fetch_assoc']($request))
155
		$moderators[$row['id_board']][] = $row['real_name'];
156
	$smcFunc['db_free_result']($request);
157
158
	// Get every moderator gruop.
159
	$request = $smcFunc['db_query']('', '
160
		SELECT modgs.id_board, modgs.id_group, memg.group_name
161
		FROM {db_prefix}moderator_groups AS modgs
162
			INNER JOIN {db_prefix}membergroups AS memg ON (memg.id_group = modgs.id_group)',
163
		array(
164
		)
165
	);
166
	$moderator_groups = array();
167
	while ($row = $smcFunc['db_fetch_assoc']($request))
168
		$moderator_groups[$row['id_board']][] = $row['group_name'];
169
	$smcFunc['db_free_result']($request);
170
171
	// Get all the possible membergroups!
172
	$request = $smcFunc['db_query']('', '
173
		SELECT id_group, group_name, online_color
174
		FROM {db_prefix}membergroups',
175
		array(
176
		)
177
	);
178
	$groups = array(-1 => $txt['guest_title'], 0 => $txt['membergroups_members']);
179
	while ($row = $smcFunc['db_fetch_assoc']($request))
180
		$groups[$row['id_group']] = empty($row['online_color']) ? $row['group_name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>';
181
	$smcFunc['db_free_result']($request);
182
183
	// All the fields we'll show.
184
	$boardSettings = array(
185
		'category' => $txt['board_category'],
186
		'parent' => $txt['board_parent'],
187
		'redirect' => $txt['board_redirect'],
188
		'num_topics' => $txt['board_num_topics'],
189
		'num_posts' => $txt['board_num_posts'],
190
		'count_posts' => $txt['board_count_posts'],
191
		'theme' => $txt['board_theme'],
192
		'override_theme' => $txt['board_override_theme'],
193
		'profile' => $txt['board_profile'],
194
		'moderators' => $txt['board_moderators'],
195
		'moderator_groups' => $txt['board_moderator_groups'],
196
		'groups' => $txt['board_groups'],
197
	);
198
	if (!empty($modSettings['deny_boards_access']))
199
		$boardSettings['disallowed_groups'] = $txt['board_disallowed_groups'];
200
201
	// Do it in columns, it's just easier.
202
	setKeys('cols');
203
204
	// Go through each board!
205
	$request = $smcFunc['db_query']('order_by_board_order', '
206
		SELECT b.id_board, b.name, b.num_posts, b.num_topics, b.count_posts, b.member_groups, b.override_theme, b.id_profile, b.deny_member_groups,
207
			b.redirect, c.name AS cat_name, COALESCE(par.name, {string:text_none}) AS parent_name, COALESCE(th.value, {string:text_none}) AS theme_name
208
		FROM {db_prefix}boards AS b
209
			LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
210
			LEFT JOIN {db_prefix}boards AS par ON (par.id_board = b.id_parent)
211
			LEFT JOIN {db_prefix}themes AS th ON (th.id_theme = b.id_theme AND th.variable = {string:name})
212
		ORDER BY b.board_order',
213
		array(
214
			'name' => 'name',
215
			'text_none' => $txt['none'],
216
		)
217
	);
218
219
	while ($row = $smcFunc['db_fetch_assoc']($request))
220
	{
221
		// Each board has it's own table.
222
		newTable($row['name'], '', 'left', 'auto', 'left', 200, 'left');
223
224
		$this_boardSettings = $boardSettings;
225
		if (empty($row['redirect']))
226
			unset($this_boardSettings['redirect']);
227
228
		// First off, add in the side key.
229
		addData($this_boardSettings);
230
231
		// Format the profile name.
232
		$profile_name = $context['profiles'][$row['id_profile']]['name'];
233
234
		// Create the main data array.
235
		$boardData = array(
236
			'category' => $row['cat_name'],
237
			'parent' => $row['parent_name'],
238
			'redirect' => $row['redirect'],
239
			'num_posts' => $row['num_posts'],
240
			'num_topics' => $row['num_topics'],
241
			'count_posts' => empty($row['count_posts']) ? $txt['yes'] : $txt['no'],
242
			'theme' => $row['theme_name'],
243
			'profile' => $profile_name,
244
			'override_theme' => $row['override_theme'] ? $txt['yes'] : $txt['no'],
245
			'moderators' => empty($moderators[$row['id_board']]) ? $txt['none'] : implode(', ', $moderators[$row['id_board']]),
246
			'moderator_groups' => empty($moderator_groups[$row['id_board']]) ? $txt['none'] : implode(', ', $moderator_groups[$row['id_board']]),
247
		);
248
249
		// Work out the membergroups who can and cannot access it (but only if enabled).
250
		$allowedGroups = explode(',', $row['member_groups']);
251
		foreach ($allowedGroups as $key => $group)
252
		{
253
			if (isset($groups[$group]))
254
				$allowedGroups[$key] = $groups[$group];
255
			else
256
				unset($allowedGroups[$key]);
257
		}
258
		$boardData['groups'] = implode(', ', $allowedGroups);
259
		if (!empty($modSettings['deny_boards_access']))
260
		{
261
			$disallowedGroups = explode(',', $row['deny_member_groups']);
262
			foreach ($disallowedGroups as $key => $group)
263
			{
264
				if (isset($groups[$group]))
265
					$disallowedGroups[$key] = $groups[$group];
266
				else
267
					unset($disallowedGroups[$key]);
268
			}
269
			$boardData['disallowed_groups'] = implode(', ', $disallowedGroups);
270
		}
271
272
		if (empty($row['redirect']))
273
			unset ($boardData['redirect']);
274
275
		// Next add the main data.
276
		addData($boardData);
277
	}
278
	$smcFunc['db_free_result']($request);
279
}
280
281
/**
282
 * Generate a report on the current permissions by board and membergroup.
283
 * functions ending with "Report" are responsible for generating data
284
 * for reporting.
285
 * they are all called from ReportsMain.
286
 * never access the context directly, but use the data handling
287
 * functions to do so.
288
 */
289
function BoardPermissionsReport()
290
{
291
	global $txt, $modSettings, $smcFunc;
292
293
	// Get as much memory as possible as this can be big.
294
	setMemoryLimit('256M');
295
296
	if (isset($_REQUEST['boards']))
297
	{
298
		if (!is_array($_REQUEST['boards']))
299
			$_REQUEST['boards'] = explode(',', $_REQUEST['boards']);
300
		foreach ($_REQUEST['boards'] as $k => $dummy)
301
			$_REQUEST['boards'][$k] = (int) $dummy;
302
303
		$board_clause = 'id_board IN ({array_int:boards})';
304
	}
305
	else
306
		$board_clause = '1=1';
307
308
	if (isset($_REQUEST['groups']))
309
	{
310
		if (!is_array($_REQUEST['groups']))
311
			$_REQUEST['groups'] = explode(',', $_REQUEST['groups']);
312
		foreach ($_REQUEST['groups'] as $k => $dummy)
313
			$_REQUEST['groups'][$k] = (int) $dummy;
314
315
		$group_clause = 'id_group IN ({array_int:groups})';
316
	}
317
	else
318
		$group_clause = '1=1';
319
320
	// Fetch all the board names.
321
	$request = $smcFunc['db_query']('', '
322
		SELECT id_board, name, id_profile
323
		FROM {db_prefix}boards
324
		WHERE ' . $board_clause . '
325
		ORDER BY id_board',
326
		array(
327
			'boards' => isset($_REQUEST['boards']) ? $_REQUEST['boards'] : array(),
328
		)
329
	);
330
	$profiles = array();
331
	while ($row = $smcFunc['db_fetch_assoc']($request))
332
	{
333
		$boards[$row['id_board']] = array(
334
			'name' => $row['name'],
335
			'profile' => $row['id_profile'],
336
			'mod_groups' => array(),
337
		);
338
		$profiles[] = $row['id_profile'];
339
	}
340
	$smcFunc['db_free_result']($request);
341
342
	// Get the ids of any groups allowed to moderate this board
343
	// Limit it to any boards and/or groups we're looking at
344
	$request = $smcFunc['db_query']('', '
345
		SELECT id_board, id_group
346
		FROM {db_prefix}moderator_groups
347
		WHERE ' . $board_clause . ' AND ' . $group_clause,
348
		array(
349
		)
350
	);
351
	while ($row = $smcFunc['db_fetch_assoc']($request))
352
	{
353
		$boards[$row['id_board']]['mod_groups'][] = $row['id_group'];
354
	}
355
	$smcFunc['db_free_result']($request);
356
357
	// Get all the possible membergroups, except admin!
358
	$request = $smcFunc['db_query']('', '
359
		SELECT id_group, group_name
360
		FROM {db_prefix}membergroups
361
		WHERE ' . $group_clause . '
362
			AND id_group != {int:admin_group}' . (empty($modSettings['permission_enable_postgroups']) ? '
363
			AND min_posts = {int:min_posts}' : '') . '
364
		ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
365
		array(
366
			'admin_group' => 1,
367
			'min_posts' => -1,
368
			'newbie_group' => 4,
369
			'groups' => isset($_REQUEST['groups']) ? $_REQUEST['groups'] : array(),
370
		)
371
	);
372
	if (!isset($_REQUEST['groups']) || in_array(-1, $_REQUEST['groups']) || in_array(0, $_REQUEST['groups']))
373
		$member_groups = array('col' => '', -1 => $txt['membergroups_guests'], 0 => $txt['membergroups_members']);
374
	else
375
		$member_groups = array('col' => '');
376
	while ($row = $smcFunc['db_fetch_assoc']($request))
377
		$member_groups[$row['id_group']] = $row['group_name'];
378
	$smcFunc['db_free_result']($request);
379
380
	// Make sure that every group is represented - plus in rows!
381
	setKeys('rows', $member_groups);
382
383
	// Certain permissions should not really be shown.
384
	$disabled_permissions = array();
385
	if (!$modSettings['postmod_active'])
386
	{
387
		$disabled_permissions[] = 'approve_posts';
388
		$disabled_permissions[] = 'post_unapproved_topics';
389
		$disabled_permissions[] = 'post_unapproved_replies_own';
390
		$disabled_permissions[] = 'post_unapproved_replies_any';
391
		$disabled_permissions[] = 'post_unapproved_attachments';
392
	}
393
394
	call_integration_hook('integrate_reports_boardperm', array(&$disabled_permissions));
395
396
	// Cache every permission setting, to make sure we don't miss any allows.
397
	$permissions = array();
398
	$board_permissions = array();
399
	$request = $smcFunc['db_query']('', '
400
		SELECT id_profile, id_group, add_deny, permission
401
		FROM {db_prefix}board_permissions
402
		WHERE id_profile IN ({array_int:profile_list})
403
			AND ' . $group_clause . (empty($modSettings['permission_enable_deny']) ? '
404
			AND add_deny = {int:not_deny}' : '') . '
405
		ORDER BY id_profile, permission',
406
		array(
407
			'profile_list' => $profiles,
408
			'not_deny' => 1,
409
			'groups' => isset($_REQUEST['groups']) ? $_REQUEST['groups'] : array(),
410
		)
411
	);
412
	while ($row = $smcFunc['db_fetch_assoc']($request))
413
	{
414
		if (in_array($row['permission'], $disabled_permissions))
415
			continue;
416
417
		foreach ($boards as $id => $board)
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $boards does not seem to be defined for all execution paths leading up to this point.
Loading history...
418
			if ($board['profile'] == $row['id_profile'])
419
				$board_permissions[$id][$row['id_group']][$row['permission']] = $row['add_deny'];
420
421
		// Make sure we get every permission.
422
		if (!isset($permissions[$row['permission']]))
423
		{
424
			// This will be reused on other boards.
425
			$permissions[$row['permission']] = array(
426
				'title' => isset($txt['board_perms_name_' . $row['permission']]) ? $txt['board_perms_name_' . $row['permission']] : $row['permission'],
427
			);
428
		}
429
	}
430
	$smcFunc['db_free_result']($request);
431
432
	// Now cycle through the board permissions array... lots to do ;)
433
	foreach ($board_permissions as $board => $groups)
434
	{
435
		// Create the table for this board first.
436
		newTable($boards[$board]['name'], 'x', 'all', 100, 'center', 200, 'left');
437
438
		// Add the header row - shows all the membergroups.
439
		addData($member_groups);
440
441
		// Add the separator.
442
		addSeparator($txt['board_perms_permission']);
443
444
		// Here cycle through all the detected permissions.
445
		foreach ($permissions as $ID_PERM => $perm_info)
446
		{
447
			// Default data for this row.
448
			$curData = array('col' => $perm_info['title']);
449
450
			// Now cycle each membergroup in this set of permissions.
451
			foreach ($member_groups as $id_group => $name)
452
			{
453
				// Don't overwrite the key column!
454
				if ($id_group === 'col')
455
					continue;
456
457
				$group_permissions = isset($groups[$id_group]) ? $groups[$id_group] : array();
458
459
				// Do we have any data for this group?
460
				if (isset($group_permissions[$ID_PERM]))
461
				{
462
					// Set the data for this group to be the local permission.
463
					$curData[$id_group] = $group_permissions[$ID_PERM];
464
				}
465
				// Is it inherited from Moderator?
466
				elseif (in_array($id_group, $boards[$board]['mod_groups']) && !empty($groups[3]) && isset($groups[3][$ID_PERM]))
467
				{
468
					$curData[$id_group] = $groups[3][$ID_PERM];
469
				}
470
				// Otherwise means it's set to disallow..
471
				else
472
				{
473
					$curData[$id_group] = 'x';
474
				}
475
476
				// Now actually make the data for the group look right.
477
				if (empty($curData[$id_group]))
478
					$curData[$id_group] = '<span class="red">' . $txt['board_perms_deny'] . '</span>';
479
				elseif ($curData[$id_group] == 1)
480
					$curData[$id_group] = '<span style="color: darkgreen;">' . $txt['board_perms_allow'] . '</span>';
481
				else
482
					$curData[$id_group] = 'x';
483
484
				// Embolden those permissions different from global (makes it a lot easier!)
485
				if (@$board_permissions[0][$id_group][$ID_PERM] != @$group_permissions[$ID_PERM])
486
					$curData[$id_group] = '<strong>' . $curData[$id_group] . '</strong>';
487
			}
488
489
			// Now add the data for this permission.
490
			addData($curData);
491
		}
492
	}
493
}
494
495
/**
496
 * Show what the membergroups are made of.
497
 * functions ending with "Report" are responsible for generating data
498
 * for reporting.
499
 * they are all called from ReportsMain.
500
 * never access the context directly, but use the data handling
501
 * functions to do so.
502
 */
503
function MemberGroupsReport()
504
{
505
	global $txt, $settings, $modSettings, $smcFunc;
506
507
	// Fetch all the board names.
508
	$request = $smcFunc['db_query']('', '
509
		SELECT id_board, name, member_groups, id_profile, deny_member_groups
510
		FROM {db_prefix}boards',
511
		array(
512
		)
513
	);
514
	while ($row = $smcFunc['db_fetch_assoc']($request))
515
	{
516
		if (trim($row['member_groups']) == '')
517
			$groups = array(1);
518
		else
519
			$groups = array_merge(array(1), explode(',', $row['member_groups']));
520
521
		if (trim($row['deny_member_groups']) == '')
522
			$denyGroups = array();
523
		else
524
			$denyGroups = explode(',', $row['deny_member_groups']);
525
526
		$boards[$row['id_board']] = array(
527
			'id' => $row['id_board'],
528
			'name' => $row['name'],
529
			'profile' => $row['id_profile'],
530
			'groups' => $groups,
531
			'deny_groups' => $denyGroups,
532
		);
533
	}
534
	$smcFunc['db_free_result']($request);
535
536
	// Standard settings.
537
	$mgSettings = array(
538
		'name' => '',
539
		'#sep#1' => $txt['member_group_settings'],
540
		'color' => $txt['member_group_color'],
541
		'min_posts' => $txt['member_group_min_posts'],
542
		'max_messages' => $txt['member_group_max_messages'],
543
		'icons' => $txt['member_group_icons'],
544
		'#sep#2' => $txt['member_group_access'],
545
	);
546
547
	// Add on the boards!
548
	foreach ($boards as $board)
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $boards does not seem to be defined for all execution paths leading up to this point.
Loading history...
549
		$mgSettings['board_' . $board['id']] = $board['name'];
550
551
	// Add all the membergroup settings, plus we'll be adding in columns!
552
	setKeys('cols', $mgSettings);
553
554
	// Only one table this time!
555
	newTable($txt['gr_type_member_groups'], '-', 'all', 100, 'center', 200, 'left');
556
557
	// Get the shaded column in.
558
	addData($mgSettings);
559
560
	// Now start cycling the membergroups!
561
	$request = $smcFunc['db_query']('', '
562
		SELECT mg.id_group, mg.group_name, mg.online_color, mg.min_posts, mg.max_messages, mg.icons,
563
			CASE WHEN bp.permission IS NOT NULL OR mg.id_group = {int:admin_group} THEN 1 ELSE 0 END AS can_moderate
564
		FROM {db_prefix}membergroups AS mg
565
			LEFT JOIN {db_prefix}board_permissions AS bp ON (bp.id_group = mg.id_group AND bp.id_profile = {int:default_profile} AND bp.permission = {string:moderate_board})
566
		ORDER BY mg.min_posts, CASE WHEN mg.id_group < {int:newbie_group} THEN mg.id_group ELSE 4 END, mg.group_name',
567
		array(
568
			'admin_group' => 1,
569
			'default_profile' => 1,
570
			'newbie_group' => 4,
571
			'moderate_board' => 'moderate_board',
572
		)
573
	);
574
575
	// Cache them so we get regular members too.
576
	$rows = array(
577
		array(
578
			'id_group' => -1,
579
			'group_name' => $txt['membergroups_guests'],
580
			'online_color' => '',
581
			'min_posts' => -1,
582
			'max_messages' => null,
583
			'icons' => ''
584
		),
585
		array(
586
			'id_group' => 0,
587
			'group_name' => $txt['membergroups_members'],
588
			'online_color' => '',
589
			'min_posts' => -1,
590
			'max_messages' => null,
591
			'icons' => ''
592
		),
593
	);
594
	while ($row = $smcFunc['db_fetch_assoc']($request))
595
		$rows[] = $row;
596
	$smcFunc['db_free_result']($request);
597
598
	foreach ($rows as $row)
599
	{
600
		$row['icons'] = explode('#', $row['icons']);
601
602
		$group = array(
603
			'name' => $row['group_name'],
604
			'color' => empty($row['online_color']) ? '-' : '<span style="color: ' . $row['online_color'] . ';">' . $row['online_color'] . '</span>',
605
			'min_posts' => $row['min_posts'] == -1 ? 'N/A' : $row['min_posts'],
606
			'max_messages' => $row['max_messages'],
607
			'icons' => !empty($row['icons'][0]) && !empty($row['icons'][1]) ? str_repeat('<img src="' . $settings['images_url'] . '/membericons/' . $row['icons'][1] . '" alt="*">', $row['icons'][0]) : '',
608
		);
609
610
		// Board permissions.
611
		foreach ($boards as $board)
612
			$group['board_' . $board['id']] = in_array($row['id_group'], $board['groups']) ? '<span class="success">' . $txt['board_perms_allow'] . '</span>' : (!empty($modSettings['deny_boards_access']) && in_array($row['id_group'], $board['deny_groups']) ? '<span class="alert">' . $txt['board_perms_deny'] . '</span>' : 'x');
613
614
		addData($group);
615
	}
616
}
617
618
/**
619
 * Show the large variety of group permissions assigned to each membergroup.
620
 * functions ending with "Report" are responsible for generating data
621
 * for reporting.
622
 * they are all called from ReportsMain.
623
 * never access the context directly, but use the data handling
624
 * functions to do so.
625
 */
626
function GroupPermissionsReport()
627
{
628
	global $txt, $modSettings, $smcFunc;
629
630
	if (isset($_REQUEST['groups']))
631
	{
632
		if (!is_array($_REQUEST['groups']))
633
			$_REQUEST['groups'] = explode(',', $_REQUEST['groups']);
634
		foreach ($_REQUEST['groups'] as $k => $dummy)
635
			$_REQUEST['groups'][$k] = (int) $dummy;
636
		$_REQUEST['groups'] = array_diff($_REQUEST['groups'], array(3));
637
638
		$clause = 'id_group IN ({array_int:groups})';
639
	}
640
	else
641
		$clause = 'id_group != {int:moderator_group}';
642
643
	// Get all the possible membergroups, except admin!
644
	$request = $smcFunc['db_query']('', '
645
		SELECT id_group, group_name
646
		FROM {db_prefix}membergroups
647
		WHERE ' . $clause . '
648
			AND id_group != {int:admin_group}' . (empty($modSettings['permission_enable_postgroups']) ? '
649
			AND min_posts = {int:min_posts}' : '') . '
650
		ORDER BY min_posts, CASE WHEN id_group < {int:newbie_group} THEN id_group ELSE 4 END, group_name',
651
		array(
652
			'admin_group' => 1,
653
			'min_posts' => -1,
654
			'newbie_group' => 4,
655
			'moderator_group' => 3,
656
			'groups' => isset($_REQUEST['groups']) ? $_REQUEST['groups'] : array(),
657
		)
658
	);
659
	if (!isset($_REQUEST['groups']) || in_array(-1, $_REQUEST['groups']) || in_array(0, $_REQUEST['groups']))
660
		$groups = array('col' => '', -1 => $txt['membergroups_guests'], 0 => $txt['membergroups_members']);
661
	else
662
		$groups = array('col' => '');
663
	while ($row = $smcFunc['db_fetch_assoc']($request))
664
		$groups[$row['id_group']] = $row['group_name'];
665
	$smcFunc['db_free_result']($request);
666
667
	// Make sure that every group is represented!
668
	setKeys('rows', $groups);
669
670
	// Create the table first.
671
	newTable($txt['gr_type_group_perms'], '-', 'all', 100, 'center', 200, 'left');
672
673
	// Show all the groups
674
	addData($groups);
675
676
	// Add a separator
677
	addSeparator($txt['board_perms_permission']);
678
679
	// Certain permissions should not really be shown.
680
	$disabled_permissions = array();
681
	if (empty($modSettings['cal_enabled']))
682
	{
683
		$disabled_permissions[] = 'calendar_view';
684
		$disabled_permissions[] = 'calendar_post';
685
		$disabled_permissions[] = 'calendar_edit_own';
686
		$disabled_permissions[] = 'calendar_edit_any';
687
	}
688
	if (empty($modSettings['warning_settings']) || $modSettings['warning_settings'][0] == 0)
689
		$disabled_permissions[] = 'issue_warning';
690
691
	call_integration_hook('integrate_reports_groupperm', array(&$disabled_permissions));
692
693
	// Now the big permission fetch!
694
	$request = $smcFunc['db_query']('', '
695
		SELECT id_group, add_deny, permission
696
		FROM {db_prefix}permissions
697
		WHERE ' . $clause . (empty($modSettings['permission_enable_deny']) ? '
698
			AND add_deny = {int:not_denied}' : '') . '
699
		ORDER BY permission',
700
		array(
701
			'not_denied' => 1,
702
			'moderator_group' => 3,
703
			'groups' => isset($_REQUEST['groups']) ? $_REQUEST['groups'] : array(),
704
		)
705
	);
706
	$lastPermission = null;
707
	$curData = array();
708
	while ($row = $smcFunc['db_fetch_assoc']($request))
709
	{
710
		if (in_array($row['permission'], $disabled_permissions))
711
			continue;
712
713
		if (strpos($row['permission'], 'bbc_') === 0)
714
			$txt['group_perms_name_' . $row['permission']] = sprintf($txt['group_perms_name_bbc'], substr($row['permission'], 4));
715
716
		// If this is a new permission flush the last row.
717
		if ($row['permission'] != $lastPermission)
718
		{
719
			// Send the data!
720
			if ($lastPermission !== null)
721
				addData($curData);
722
723
			// Add the permission name in the left column.
724
			$curData = array('col' => isset($txt['group_perms_name_' . $row['permission']]) ? $txt['group_perms_name_' . $row['permission']] : $row['permission']);
725
726
			$lastPermission = $row['permission'];
727
		}
728
729
		// Good stuff - add the permission to the list!
730
		if ($row['add_deny'])
731
			$curData[$row['id_group']] = '<span style="color: darkgreen;">' . $txt['board_perms_allow'] . '</span>';
732
		else
733
			$curData[$row['id_group']] = '<span class="red">' . $txt['board_perms_deny'] . '</span>';
734
	}
735
	$smcFunc['db_free_result']($request);
736
737
	// Flush the last data!
738
	addData($curData);
739
}
740
741
/**
742
 * Report for showing all the forum staff members - quite a feat!
743
 * functions ending with "Report" are responsible for generating data
744
 * for reporting.
745
 * they are all called from ReportsMain.
746
 * never access the context directly, but use the data handling
747
 * functions to do so.
748
 */
749
function StaffReport()
750
{
751
	global $sourcedir, $txt, $smcFunc;
752
753
	require_once($sourcedir . '/Subs-Members.php');
754
755
	// Fetch all the board names.
756
	$request = $smcFunc['db_query']('', '
757
		SELECT id_board, name
758
		FROM {db_prefix}boards',
759
		array(
760
		)
761
	);
762
	$boards = array();
763
	while ($row = $smcFunc['db_fetch_assoc']($request))
764
		$boards[$row['id_board']] = $row['name'];
765
	$smcFunc['db_free_result']($request);
766
767
	// Get every moderator.
768
	$request = $smcFunc['db_query']('', '
769
		SELECT mods.id_board, mods.id_member
770
		FROM {db_prefix}moderators AS mods',
771
		array(
772
		)
773
	);
774
	$moderators = array();
775
	$local_mods = array();
776
	while ($row = $smcFunc['db_fetch_assoc']($request))
777
	{
778
		$moderators[$row['id_member']][] = $row['id_board'];
779
		$local_mods[$row['id_member']] = $row['id_member'];
780
	}
781
	$smcFunc['db_free_result']($request);
782
783
	// Get any additional boards they can moderate through group-based board moderation
784
	$request = $smcFunc['db_query']('', '
785
		SELECT mem.id_member, modgs.id_board
786
		FROM {db_prefix}members AS mem
787
			INNER JOIN {db_prefix}moderator_groups AS modgs ON (modgs.id_group = mem.id_group OR FIND_IN_SET(modgs.id_group, mem.additional_groups) != 0)',
788
		array(
789
		)
790
	);
791
792
	// Add each board/member to the arrays, but only if they aren't already there
793
	while ($row = $smcFunc['db_fetch_assoc']($request))
794
	{
795
		// Either we don't have them as a moderator at all or at least not as a moderator of this board
796
		if (!array_key_exists($row['id_member'], $moderators) || !in_array($row['id_board'], $moderators[$row['id_member']]))
797
			$moderators[$row['id_member']][] = $row['id_board'];
798
799
		// We don't have them listed as a moderator yet
800
		if (!array_key_exists($row['id_member'], $local_mods))
801
			$local_mods[$row['id_member']] = $row['id_member'];
802
	}
803
804
	// Get a list of global moderators (i.e. members with moderation powers).
805
	$global_mods = array_intersect(membersAllowedTo('moderate_board', 0), membersAllowedTo('approve_posts', 0), membersAllowedTo('remove_any', 0), membersAllowedTo('modify_any', 0));
806
807
	// How about anyone else who is special?
808
	$allStaff = array_merge(membersAllowedTo('admin_forum'), membersAllowedTo('manage_membergroups'), membersAllowedTo('manage_permissions'), $local_mods, $global_mods);
809
810
	// Make sure everyone is there once - no admin less important than any other!
811
	$allStaff = array_unique($allStaff);
812
813
	// This is a bit of a cop out - but we're protecting their forum, really!
814
	if (count($allStaff) > 300)
815
		fatal_lang_error('report_error_too_many_staff');
816
817
	// Get all the possible membergroups!
818
	$request = $smcFunc['db_query']('', '
819
		SELECT id_group, group_name, online_color
820
		FROM {db_prefix}membergroups',
821
		array(
822
		)
823
	);
824
	$groups = array(0 => $txt['membergroups_members']);
825
	while ($row = $smcFunc['db_fetch_assoc']($request))
826
		$groups[$row['id_group']] = empty($row['online_color']) ? $row['group_name'] : '<span style="color: ' . $row['online_color'] . '">' . $row['group_name'] . '</span>';
827
	$smcFunc['db_free_result']($request);
828
829
	// All the fields we'll show.
830
	$staffSettings = array(
831
		'position' => $txt['report_staff_position'],
832
		'moderates' => $txt['report_staff_moderates'],
833
		'posts' => $txt['report_staff_posts'],
834
		'last_login' => $txt['report_staff_last_login'],
835
	);
836
837
	// Do it in columns, it's just easier.
838
	setKeys('cols');
839
840
	// Get each member!
841
	$request = $smcFunc['db_query']('', '
842
		SELECT id_member, real_name, id_group, posts, last_login
843
		FROM {db_prefix}members
844
		WHERE id_member IN ({array_int:staff_list})
845
		ORDER BY real_name',
846
		array(
847
			'staff_list' => $allStaff,
848
		)
849
	);
850
	while ($row = $smcFunc['db_fetch_assoc']($request))
851
	{
852
		// Each member gets their own table!.
853
		newTable($row['real_name'], '', 'left', 'auto', 'left', 200, 'center');
854
855
		// First off, add in the side key.
856
		addData($staffSettings);
857
858
		// Create the main data array.
859
		$staffData = array(
860
			'position' => isset($groups[$row['id_group']]) ? $groups[$row['id_group']] : $groups[0],
861
			'posts' => $row['posts'],
862
			'last_login' => timeformat($row['last_login']),
863
			'moderates' => array(),
864
		);
865
866
		// What do they moderate?
867
		if (in_array($row['id_member'], $global_mods))
868
			$staffData['moderates'] = '<em>' . $txt['report_staff_all_boards'] . '</em>';
869
		elseif (isset($moderators[$row['id_member']]))
870
		{
871
			// Get the names
872
			foreach ($moderators[$row['id_member']] as $board)
873
				if (isset($boards[$board]))
874
					$staffData['moderates'][] = $boards[$board];
875
876
			$staffData['moderates'] = implode(', ', $staffData['moderates']);
877
		}
878
		else
879
			$staffData['moderates'] = '<em>' . $txt['report_staff_no_boards'] . '</em>';
880
881
		// Next add the main data.
882
		addData($staffData);
883
	}
884
	$smcFunc['db_free_result']($request);
885
}
886
887
/**
888
 * This function creates a new table of data, most functions will only use it once.
889
 * The core of this file, it creates a new, but empty, table of data in
890
 * context, ready for filling using addData().
891
 * Fills the context variable current_table with the ID of the table created.
892
 * Keeps track of the current table count using context variable table_count.
893
 *
894
 * @param string $title Title to be displayed with this data table.
895
 * @param string $default_value Value to be displayed if a key is missing from a row.
896
 * @param string $shading Should the left, top or both (all) parts of the table beshaded?
897
 * @param string $width_normal The width of an unshaded column (auto means not defined).
898
 * @param string $align_normal The alignment of data in an unshaded column.
899
 * @param string $width_shaded The width of a shaded column (auto means not defined).
900
 * @param string $align_shaded The alignment of data in a shaded column.
901
 */
902
function newTable($title = '', $default_value = '', $shading = 'all', $width_normal = 'auto', $align_normal = 'center', $width_shaded = 'auto', $align_shaded = 'auto')
903
{
904
	global $context;
905
906
	// Set the table count if needed.
907
	if (empty($context['table_count']))
908
		$context['table_count'] = 0;
909
910
	// Create the table!
911
	$context['tables'][$context['table_count']] = array(
912
		'title' => $title,
913
		'default_value' => $default_value,
914
		'shading' => array(
915
			'left' => $shading == 'all' || $shading == 'left',
916
			'top' => $shading == 'all' || $shading == 'top',
917
		),
918
		'width' => array(
919
			'normal' => $width_normal,
920
			'shaded' => $width_shaded,
921
		),
922
		/* Align usage deprecated due to HTML5 */
923
		'align' => array(
924
			'normal' => $align_normal,
925
			'shaded' => $align_shaded,
926
		),
927
		'data' => array(),
928
	);
929
930
	$context['current_table'] = $context['table_count'];
931
932
	// Increment the count...
933
	$context['table_count']++;
934
}
935
936
/**
937
 * Adds an array of data into an existing table.
938
 * if there are no existing tables, will create one with default
939
 * attributes.
940
 * if custom_table isn't specified, it will use the last table created,
941
 * if it is specified and doesn't exist the function will return false.
942
 * if a set of keys have been specified, the function will check each
943
 * required key is present in the incoming data. If this data is missing
944
 * the current tables default value will be used.
945
 * if any key in the incoming data begins with '#sep#', the function
946
 * will add a separator across the table at this point.
947
 * once the incoming data has been sanitized, it is added to the table.
948
 *
949
 * @param array $inc_data The data to include
950
 * @param null|string $custom_table = null The ID of a custom table to put the data in
951
 * @return void|false Doesn't return anything unless we've specified an invalid custom_table
952
 */
953
function addData($inc_data, $custom_table = null)
954
{
955
	global $context;
956
957
	// No tables? Create one even though we are probably already in a bad state!
958
	if (empty($context['table_count']))
959
		newTable();
960
961
	// Specific table?
962
	if ($custom_table !== null && !isset($context['tables'][$custom_table]))
963
		return false;
964
	elseif ($custom_table !== null)
965
		$table = $custom_table;
966
	else
967
		$table = $context['current_table'];
968
969
	// If we have keys, sanitise the data...
970
	if (!empty($context['keys']))
971
	{
972
		// Basically, check every key exists!
973
		foreach ($context['keys'] as $key => $dummy)
974
		{
975
			$data[$key] = array(
976
				'v' => empty($inc_data[$key]) ? $context['tables'][$table]['default_value'] : $inc_data[$key],
977
			);
978
			// Special "hack" the adding separators when doing data by column.
979
			if (substr($key, 0, 5) == '#sep#')
980
				$data[$key]['separator'] = true;
981
		}
982
	}
983
	else
984
	{
985
		$data = $inc_data;
986
		foreach ($data as $key => $value)
987
		{
988
			$data[$key] = array(
989
				'v' => $value,
990
			);
991
			if (substr($key, 0, 5) == '#sep#')
992
				$data[$key]['separator'] = true;
993
		}
994
	}
995
996
	// Is it by row?
997
	if (empty($context['key_method']) || $context['key_method'] == 'rows')
998
	{
999
		// Add the data!
1000
		$context['tables'][$table]['data'][] = $data;
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $data does not seem to be defined for all execution paths leading up to this point.
Loading history...
1001
	}
1002
	// Otherwise, tricky!
1003
	else
1004
	{
1005
		foreach ($data as $key => $item)
1006
			$context['tables'][$table]['data'][$key][] = $item;
1007
	}
1008
}
1009
1010
/**
1011
 * Add a separator row, only really used when adding data by rows.
1012
 *
1013
 * @param string $title The title of the separator
1014
 * @param null|string $custom_table The ID of the custom table
1015
 *
1016
 * @return void|bool Returns false if there are no tables
1017
 */
1018
function addSeparator($title = '', $custom_table = null)
1019
{
1020
	global $context;
1021
1022
	// No tables - return?
1023
	if (empty($context['table_count']))
1024
		return;
1025
1026
	// Specific table?
1027
	if ($custom_table !== null && !isset($context['tables'][$table]))
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $table seems to be never defined.
Loading history...
1028
		return false;
1029
	elseif ($custom_table !== null)
1030
		$table = $custom_table;
1031
	else
1032
		$table = $context['current_table'];
1033
1034
	// Plumb in the separator
1035
	$context['tables'][$table]['data'][] = array(0 => array(
1036
		'separator' => true,
1037
		'v' => $title
1038
	));
1039
}
1040
1041
/**
1042
 * This does the necessary count of table data before displaying them.
1043
 * is (unfortunately) required to create some useful variables for templates.
1044
 * foreach data table created, it will count the number of rows and
1045
 * columns in the table.
1046
 * will also create a max_width variable for the table, to give an
1047
 * estimate width for the whole table * * if it can.
1048
 */
1049
function finishTables()
1050
{
1051
	global $context;
1052
1053
	if (empty($context['tables']))
1054
		return;
1055
1056
	// Loop through each table counting up some basic values, to help with the templating.
1057
	foreach ($context['tables'] as $id => $table)
1058
	{
1059
		$context['tables'][$id]['id'] = $id;
1060
		$context['tables'][$id]['row_count'] = count($table['data']);
1061
		$curElement = current($table['data']);
1062
		$context['tables'][$id]['column_count'] = count($curElement);
1063
1064
		// Work out the rough width - for templates like the print template. Without this we might get funny tables.
1065
		if ($table['shading']['left'] && $table['width']['shaded'] != 'auto' && $table['width']['normal'] != 'auto')
1066
			$context['tables'][$id]['max_width'] = $table['width']['shaded'] + ($context['tables'][$id]['column_count'] - 1) * $table['width']['normal'];
1067
		elseif ($table['width']['normal'] != 'auto')
1068
			$context['tables'][$id]['max_width'] = $context['tables'][$id]['column_count'] * $table['width']['normal'];
1069
		else
1070
			$context['tables'][$id]['max_width'] = 'auto';
1071
	}
1072
}
1073
1074
/**
1075
 * Set the keys in use by the tables - these ensure entries MUST exist if the data isn't sent.
1076
 *
1077
 * sets the current set of "keys" expected in each data array passed to
1078
 * addData. It also sets the way we are adding data to the data table.
1079
 * method specifies whether the data passed to addData represents a new
1080
 * column, or a new row.
1081
 * keys is an array whose keys are the keys for data being passed to
1082
 * addData().
1083
 * if reverse is set to true, then the values of the variable "keys"
1084
 * are used as opposed to the keys(!
1085
 *
1086
 * @param string $method The method. Can be 'rows' or 'columns'
1087
 * @param array $keys The keys
1088
 * @param bool $reverse Whether we want to use the values as the keys
1089
 */
1090
function setKeys($method = 'rows', $keys = array(), $reverse = false)
1091
{
1092
	global $context;
1093
1094
	// Do we want to use the keys of the keys as the keys? :P
1095
	if ($reverse)
1096
		$context['keys'] = array_flip($keys);
1097
	else
1098
		$context['keys'] = $keys;
1099
1100
	// Rows or columns?
1101
	$context['key_method'] = $method == 'rows' ? 'rows' : 'cols';
1102
}
1103
1104
?>