|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* The medium permission class provides group rights. |
|
4
|
|
|
* |
|
5
|
|
|
* PHP Version 5.4 |
|
6
|
|
|
* |
|
7
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public License, |
|
8
|
|
|
* v. 2.0. If a copy of the MPL was not distributed with this file, You can |
|
9
|
|
|
* obtain one at http://mozilla.org/MPL/2.0/. |
|
10
|
|
|
* |
|
11
|
|
|
* @category phpMyFAQ |
|
12
|
|
|
* @package Perm |
|
13
|
|
|
* @author Lars Tiedemann <[email protected]> |
|
14
|
|
|
* @copyright 2005-2014 phpMyFAQ Team |
|
15
|
|
|
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 |
|
16
|
|
|
* @link http://www.phpmyfaq.de |
|
17
|
|
|
* @since 2005-09-17 |
|
18
|
|
|
*/ |
|
19
|
|
|
|
|
20
|
|
|
if (!defined('IS_VALID_PHPMYFAQ')) { |
|
21
|
|
|
exit(); |
|
22
|
|
|
} |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* PMF_Perm_Medium |
|
26
|
|
|
* |
|
27
|
|
|
* @category phpMyFAQ |
|
28
|
|
|
* @package Perm |
|
29
|
|
|
* @author Lars Tiedemann <[email protected]> |
|
30
|
|
|
* @copyright 2005-2014 phpMyFAQ Team |
|
31
|
|
|
* @license http://www.mozilla.org/MPL/2.0/ Mozilla Public License Version 2.0 |
|
32
|
|
|
* @link http://www.phpmyfaq.de |
|
33
|
|
|
* @since 2005-09-17 |
|
34
|
|
|
*/ |
|
35
|
|
|
class PMF_Perm_Medium extends PMF_Perm_Basic |
|
36
|
|
|
{ |
|
37
|
|
|
/** |
|
38
|
|
|
* Default data for new groups. |
|
39
|
|
|
* |
|
40
|
|
|
* @var array |
|
41
|
|
|
*/ |
|
42
|
|
|
public $defaultGroupData = array( |
|
43
|
|
|
'name' => 'DEFAULT_GROUP', |
|
44
|
|
|
'description' => 'Short group description.', |
|
45
|
|
|
'auto_join' => false |
|
46
|
|
|
); |
|
47
|
|
|
|
|
48
|
|
|
/** |
|
49
|
|
|
* Constructor |
|
50
|
|
|
* |
|
51
|
|
|
* @param PMF_Configuration $config |
|
52
|
|
|
* |
|
53
|
|
|
* @return PMF_Perm_Medium |
|
54
|
|
|
*/ |
|
55
|
|
|
public function __construct(PMF_Configuration $config) |
|
56
|
|
|
{ |
|
57
|
|
|
parent::__construct($config); |
|
58
|
|
|
} |
|
59
|
|
|
|
|
60
|
|
|
/** |
|
61
|
|
|
* Returns true if the group specified by $groupId owns the |
|
62
|
|
|
* right given by $rightId, otherwise false. |
|
63
|
|
|
* |
|
64
|
|
|
* @param integer $groupId Group ID |
|
65
|
|
|
* @param integer $rightId Right ID |
|
66
|
|
|
* |
|
67
|
|
|
* @return bool |
|
68
|
|
|
*/ |
|
69
|
|
View Code Duplication |
public function checkGroupRight($groupId, $rightId) |
|
70
|
|
|
{ |
|
71
|
|
|
// check input |
|
72
|
|
|
if ($rightId <= 0 || $groupId <= 0 || !is_numeric($rightId) || !is_numeric($groupId)) { |
|
73
|
|
|
return false; |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
// check right |
|
77
|
|
|
$select = sprintf(" |
|
78
|
|
|
SELECT |
|
79
|
|
|
fr.right_id AS right_id |
|
80
|
|
|
FROM |
|
81
|
|
|
%sfaqright fr, |
|
82
|
|
|
%sfaqgroup_right fgr, |
|
83
|
|
|
%sfaqgroup fg |
|
84
|
|
|
WHERE |
|
85
|
|
|
fr.right_id = %d AND |
|
86
|
|
|
fr.right_id = fgr.right_id AND |
|
87
|
|
|
fg.group_id = fgr.group_id AND |
|
88
|
|
|
fg.group_id = %d", |
|
89
|
|
|
PMF_Db::getTablePrefix(), |
|
90
|
|
|
PMF_Db::getTablePrefix(), |
|
91
|
|
|
PMF_Db::getTablePrefix(), |
|
92
|
|
|
$rightId, |
|
93
|
|
|
$groupId |
|
94
|
|
|
); |
|
95
|
|
|
|
|
96
|
|
|
$res = $this->config->getDb()->query($select); |
|
97
|
|
|
if ($this->config->getDb()->numRows($res) == 1) { |
|
98
|
|
|
return true; |
|
99
|
|
|
} |
|
100
|
|
|
return false; |
|
101
|
|
|
} |
|
102
|
|
|
|
|
103
|
|
|
/** |
|
104
|
|
|
* Returns an array that contains the right-IDs of all |
|
105
|
|
|
* group-rights the group $groupId owns. |
|
106
|
|
|
* |
|
107
|
|
|
* @param integer $groupId Group ID |
|
108
|
|
|
* |
|
109
|
|
|
* @return array |
|
110
|
|
|
*/ |
|
111
|
|
View Code Duplication |
public function getGroupRights($groupId) |
|
|
|
|
|
|
112
|
|
|
{ |
|
113
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
114
|
|
|
return false; |
|
115
|
|
|
} |
|
116
|
|
|
// check right |
|
117
|
|
|
$select = sprintf(" |
|
118
|
|
|
SELECT |
|
119
|
|
|
fr.right_id AS right_id |
|
120
|
|
|
FROM |
|
121
|
|
|
%sfaqright fr, |
|
122
|
|
|
%sfaqgroup_right fgr, |
|
123
|
|
|
%sfaqgroup fg |
|
124
|
|
|
WHERE |
|
125
|
|
|
fg.group_id = %d AND |
|
126
|
|
|
fg.group_id = fgr.group_id AND |
|
127
|
|
|
fr.right_id = fgr.right_id", |
|
128
|
|
|
PMF_Db::getTablePrefix(), |
|
129
|
|
|
PMF_Db::getTablePrefix(), |
|
130
|
|
|
PMF_Db::getTablePrefix(), |
|
131
|
|
|
$groupId |
|
132
|
|
|
); |
|
133
|
|
|
|
|
134
|
|
|
$res = $this->config->getDb()->query($select); |
|
135
|
|
|
$result = []; |
|
136
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
137
|
|
|
$result[] = $row['right_id']; |
|
138
|
|
|
} |
|
139
|
|
|
return $result; |
|
140
|
|
|
} |
|
141
|
|
|
|
|
142
|
|
|
/** |
|
143
|
|
|
* Returns true, if the user given by $userId owns the right |
|
144
|
|
|
* specified by $right. It does not matter if the user owns this |
|
145
|
|
|
* right as a user-right or because of a group-membership. |
|
146
|
|
|
* The parameter $right may be a right-ID (recommended for |
|
147
|
|
|
* performance) or a right-name. |
|
148
|
|
|
* |
|
149
|
|
|
* @param integer $userId Group ID |
|
150
|
|
|
* @param mixed $right Rights |
|
151
|
|
|
* |
|
152
|
|
|
* @return boolean |
|
153
|
|
|
*/ |
|
154
|
|
|
public function checkRight($userId, $right) |
|
155
|
|
|
{ |
|
156
|
|
|
// get right id |
|
157
|
|
|
if (!is_numeric($right) && is_string($right)) { |
|
158
|
|
|
$right = $this->getRightId($right); |
|
159
|
|
|
} |
|
160
|
|
|
|
|
161
|
|
|
// check user right and group right |
|
162
|
|
|
if ($this->checkUserGroupRight($userId, $right) || $this->checkUserRight($userId, $right)) { |
|
163
|
|
|
return true; |
|
164
|
|
|
} |
|
165
|
|
|
return false; |
|
166
|
|
|
} |
|
167
|
|
|
|
|
168
|
|
|
/** |
|
169
|
|
|
* Grants the group given by $groupId the right specified by |
|
170
|
|
|
* $rightId. |
|
171
|
|
|
* |
|
172
|
|
|
* @param integer $groupId Group ID |
|
173
|
|
|
* @param integer $rightId Right ID |
|
174
|
|
|
* |
|
175
|
|
|
* @return boolean |
|
176
|
|
|
*/ |
|
177
|
|
|
public function grantGroupRight($groupId, $rightId) |
|
178
|
|
|
{ |
|
179
|
|
|
// check input |
|
180
|
|
|
if ($rightId <= 0 || $groupId <= 0 || !is_numeric($rightId) || !is_numeric($groupId)) { |
|
181
|
|
|
return false; |
|
182
|
|
|
} |
|
183
|
|
|
|
|
184
|
|
|
// is right for users? |
|
185
|
|
|
$right_data = $this->getRightData($rightId); |
|
186
|
|
|
if (!$right_data['for_groups']) { |
|
187
|
|
|
return false; |
|
188
|
|
|
} |
|
189
|
|
|
|
|
190
|
|
|
// grant right |
|
191
|
|
|
$insert = sprintf(" |
|
192
|
|
|
INSERT INTO |
|
193
|
|
|
%sfaqgroup_right |
|
194
|
|
|
(group_id, right_id) |
|
195
|
|
|
VALUES |
|
196
|
|
|
(%d, %d)", |
|
197
|
|
|
PMF_Db::getTablePrefix(), |
|
198
|
|
|
$groupId, |
|
199
|
|
|
$rightId |
|
200
|
|
|
); |
|
201
|
|
|
|
|
202
|
|
|
$res = $this->config->getDb()->query($insert); |
|
203
|
|
|
if (!$res) { |
|
204
|
|
|
return false; |
|
205
|
|
|
} |
|
206
|
|
|
return true; |
|
207
|
|
|
} |
|
208
|
|
|
|
|
209
|
|
|
/** |
|
210
|
|
|
* Refuses the group given by $groupId the right specified by |
|
211
|
|
|
* $rightId. |
|
212
|
|
|
* |
|
213
|
|
|
* @param integer $groupId Group ID |
|
214
|
|
|
* @param integer $rightId Right ID |
|
215
|
|
|
* @return boolean |
|
216
|
|
|
*/ |
|
217
|
|
View Code Duplication |
public function refuseGroupRight($groupId, $rightId) |
|
218
|
|
|
{ |
|
219
|
|
|
// check input |
|
220
|
|
|
if ($rightId <= 0 || $groupId <= 0 || !is_numeric($rightId) || !is_numeric($groupId)) { |
|
221
|
|
|
return false; |
|
222
|
|
|
} |
|
223
|
|
|
|
|
224
|
|
|
// grant right |
|
225
|
|
|
$delete = sprintf(" |
|
226
|
|
|
DELETE FROM |
|
227
|
|
|
%sfaqgroup_right |
|
228
|
|
|
WHERE |
|
229
|
|
|
group_id = %d AND |
|
230
|
|
|
right_id = %d", |
|
231
|
|
|
PMF_Db::getTablePrefix(), |
|
232
|
|
|
$groupId, |
|
233
|
|
|
$rightId |
|
234
|
|
|
); |
|
235
|
|
|
|
|
236
|
|
|
$res = $this->config->getDb()->query($delete); |
|
237
|
|
|
if (!$res) { |
|
238
|
|
|
return false; |
|
239
|
|
|
} |
|
240
|
|
|
return true; |
|
241
|
|
|
} |
|
242
|
|
|
|
|
243
|
|
|
/** |
|
244
|
|
|
* Adds a new group to the database and returns the ID of the |
|
245
|
|
|
* new group. The associative array $groupData contains the |
|
246
|
|
|
* data for the new group. |
|
247
|
|
|
* |
|
248
|
|
|
* @param array $groupData Array of group data |
|
249
|
|
|
* |
|
250
|
|
|
* @return int |
|
251
|
|
|
*/ |
|
252
|
|
|
public function addGroup(Array $groupData) |
|
253
|
|
|
{ |
|
254
|
|
|
// check if group already exists |
|
255
|
|
|
if ($this->getGroupId($groupData['name']) > 0) { |
|
256
|
|
|
return 0; |
|
257
|
|
|
} |
|
258
|
|
|
|
|
259
|
|
|
$nextId = $this->config->getDb()->nextId(PMF_Db::getTablePrefix()."faqgroup", "group_id"); |
|
260
|
|
|
$groupData = $this->checkGroupData($groupData); |
|
261
|
|
|
$insert = sprintf(" |
|
262
|
|
|
INSERT INTO |
|
263
|
|
|
%sfaqgroup |
|
264
|
|
|
(group_id, name, description, auto_join) |
|
265
|
|
|
VALUES |
|
266
|
|
|
(%d, '%s', '%s', '%s')", |
|
267
|
|
|
PMF_Db::getTablePrefix(), |
|
268
|
|
|
$nextId, |
|
269
|
|
|
$groupData['name'], |
|
270
|
|
|
$groupData['description'], |
|
271
|
|
|
(int)$groupData['auto_join'] |
|
272
|
|
|
); |
|
273
|
|
|
|
|
274
|
|
|
$res = $this->config->getDb()->query($insert); |
|
275
|
|
|
if (!$res) { |
|
276
|
|
|
return 0; |
|
277
|
|
|
} |
|
278
|
|
|
return $nextId; |
|
279
|
|
|
} |
|
280
|
|
|
|
|
281
|
|
|
/** |
|
282
|
|
|
* Changes the group data of the given group. |
|
283
|
|
|
* |
|
284
|
|
|
* @param integer $groupId Group ID |
|
285
|
|
|
* @param array $groupData Array of group data |
|
286
|
|
|
* |
|
287
|
|
|
* @return boolean |
|
288
|
|
|
*/ |
|
289
|
|
View Code Duplication |
public function changeGroup($groupId, Array $groupData) |
|
290
|
|
|
{ |
|
291
|
|
|
$checked_data = $this->checkGroupData($groupData); |
|
292
|
|
|
$set = ''; |
|
293
|
|
|
$comma = ''; |
|
294
|
|
|
|
|
295
|
|
|
foreach ($groupData as $key => $val) { |
|
296
|
|
|
$set .= $comma.$key." = '".$this->config->getDb()->escape($checked_data[$key])."'"; |
|
297
|
|
|
$comma = ",\n "; |
|
298
|
|
|
} |
|
299
|
|
|
|
|
300
|
|
|
$update = sprintf(" |
|
301
|
|
|
UPDATE |
|
302
|
|
|
%sfaqgroup |
|
303
|
|
|
SET |
|
304
|
|
|
%s |
|
305
|
|
|
WHERE |
|
306
|
|
|
group_id = %d", |
|
307
|
|
|
PMF_Db::getTablePrefix(), |
|
308
|
|
|
$set, |
|
309
|
|
|
$groupId |
|
310
|
|
|
); |
|
311
|
|
|
|
|
312
|
|
|
$res = $this->config->getDb()->query($update); |
|
313
|
|
|
|
|
314
|
|
|
if (!$res) { |
|
315
|
|
|
return false; |
|
316
|
|
|
} |
|
317
|
|
|
return true; |
|
318
|
|
|
} |
|
319
|
|
|
|
|
320
|
|
|
/** |
|
321
|
|
|
* Removes the group given by $groupId from the database. |
|
322
|
|
|
* Returns true on success, otherwise false. |
|
323
|
|
|
* |
|
324
|
|
|
* @param integer $groupId Group ID |
|
325
|
|
|
* |
|
326
|
|
|
* @return boolean |
|
327
|
|
|
*/ |
|
328
|
|
|
public function deleteGroup($groupId) |
|
329
|
|
|
{ |
|
330
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
331
|
|
|
return false; |
|
332
|
|
|
} |
|
333
|
|
|
|
|
334
|
|
|
$delete = sprintf(" |
|
335
|
|
|
DELETE FROM |
|
336
|
|
|
%sfaqgroup |
|
337
|
|
|
WHERE |
|
338
|
|
|
group_id = %d", |
|
339
|
|
|
PMF_Db::getTablePrefix(), |
|
340
|
|
|
$groupId |
|
341
|
|
|
); |
|
342
|
|
|
|
|
343
|
|
|
$res = $this->config->getDb()->query($delete); |
|
344
|
|
|
if (!$res) { |
|
345
|
|
|
return false; |
|
346
|
|
|
} |
|
347
|
|
|
|
|
348
|
|
|
$delete = sprintf(" |
|
349
|
|
|
DELETE FROM |
|
350
|
|
|
%sfaquser_group |
|
351
|
|
|
WHERE |
|
352
|
|
|
group_id = %d", |
|
353
|
|
|
PMF_Db::getTablePrefix(), |
|
354
|
|
|
$groupId |
|
355
|
|
|
); |
|
356
|
|
|
|
|
357
|
|
|
$res = $this->config->getDb()->query($delete); |
|
358
|
|
|
if (!$res) { |
|
359
|
|
|
return false; |
|
360
|
|
|
} |
|
361
|
|
|
|
|
362
|
|
|
$delete = sprintf(" |
|
363
|
|
|
DELETE FROM |
|
364
|
|
|
%sfaqgroup_right |
|
365
|
|
|
WHERE |
|
366
|
|
|
group_id = %d", |
|
367
|
|
|
PMF_Db::getTablePrefix(), |
|
368
|
|
|
$groupId |
|
369
|
|
|
); |
|
370
|
|
|
|
|
371
|
|
|
$res = $this->config->getDb()->query($delete); |
|
372
|
|
|
if (!$res) { |
|
373
|
|
|
return false; |
|
374
|
|
|
} |
|
375
|
|
|
|
|
376
|
|
|
return true; |
|
377
|
|
|
} |
|
378
|
|
|
|
|
379
|
|
|
/** |
|
380
|
|
|
* Returns true if the user given by $userId is a member of |
|
381
|
|
|
* the group specified by $groupId, otherwise false. |
|
382
|
|
|
* |
|
383
|
|
|
* @param integer $userId User ID |
|
384
|
|
|
* @param integer $groupId Group ID |
|
385
|
|
|
* |
|
386
|
|
|
* @return boolean |
|
387
|
|
|
*/ |
|
388
|
|
View Code Duplication |
public function isGroupMember($userId, $groupId) |
|
389
|
|
|
{ |
|
390
|
|
|
if ($userId <= 0 || $groupId <= 0 || !is_numeric($userId) || !is_numeric($groupId)) { |
|
391
|
|
|
return false; |
|
392
|
|
|
} |
|
393
|
|
|
|
|
394
|
|
|
$select = sprintf(" |
|
395
|
|
|
SELECT |
|
396
|
|
|
fu.user_id AS user_id |
|
397
|
|
|
FROM |
|
398
|
|
|
%sfaquser fu, |
|
399
|
|
|
%sfaquser_group fug, |
|
400
|
|
|
%sfaqgroup fg |
|
401
|
|
|
WHERE |
|
402
|
|
|
fu.user_id = %d AND |
|
403
|
|
|
fu.user_id = fug.user_id AND |
|
404
|
|
|
fg.group_id = fug.group_id AND |
|
405
|
|
|
fg.group_id = %d", |
|
406
|
|
|
PMF_Db::getTablePrefix(), |
|
407
|
|
|
PMF_Db::getTablePrefix(), |
|
408
|
|
|
PMF_Db::getTablePrefix(), |
|
409
|
|
|
$userId, |
|
410
|
|
|
$groupId |
|
411
|
|
|
); |
|
412
|
|
|
|
|
413
|
|
|
$res = $this->config->getDb()->query($select); |
|
414
|
|
|
if ($this->config->getDb()->numRows($res) == 1) { |
|
415
|
|
|
return true; |
|
416
|
|
|
} |
|
417
|
|
|
return false; |
|
418
|
|
|
} |
|
419
|
|
|
|
|
420
|
|
|
/** |
|
421
|
|
|
* Returns an array that contains the user-IDs of all members |
|
422
|
|
|
* of the group $groupId. |
|
423
|
|
|
* |
|
424
|
|
|
* @param integer $groupId Group ID |
|
425
|
|
|
* |
|
426
|
|
|
* @return array |
|
427
|
|
|
*/ |
|
428
|
|
View Code Duplication |
public function getGroupMembers($groupId) |
|
|
|
|
|
|
429
|
|
|
{ |
|
430
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
431
|
|
|
return false; |
|
432
|
|
|
} |
|
433
|
|
|
|
|
434
|
|
|
$select = sprintf(" |
|
435
|
|
|
SELECT |
|
436
|
|
|
fu.user_id AS user_id |
|
437
|
|
|
FROM |
|
438
|
|
|
%sfaquser fu, |
|
439
|
|
|
%sfaquser_group fug, |
|
440
|
|
|
%sfaqgroup fg |
|
441
|
|
|
WHERE |
|
442
|
|
|
fg.group_id = %d AND |
|
443
|
|
|
fg.group_id = fug.group_id AND |
|
444
|
|
|
fu.user_id = fug.user_id", |
|
445
|
|
|
PMF_Db::getTablePrefix(), |
|
446
|
|
|
PMF_Db::getTablePrefix(), |
|
447
|
|
|
PMF_Db::getTablePrefix(), |
|
448
|
|
|
$groupId |
|
449
|
|
|
); |
|
450
|
|
|
|
|
451
|
|
|
$res = $this->config->getDb()->query($select); |
|
452
|
|
|
$result = []; |
|
453
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
454
|
|
|
$result[] = $row['user_id']; |
|
455
|
|
|
} |
|
456
|
|
|
return $result; |
|
457
|
|
|
} |
|
458
|
|
|
|
|
459
|
|
|
/** |
|
460
|
|
|
* Adds a new member $userId to the group $groupId. |
|
461
|
|
|
* Returns true on success, otherwise false. |
|
462
|
|
|
* |
|
463
|
|
|
* @param integer $userId User ID |
|
464
|
|
|
* @param integer $groupId Group ID |
|
465
|
|
|
* |
|
466
|
|
|
* @return boolean |
|
467
|
|
|
*/ |
|
468
|
|
View Code Duplication |
function addToGroup($userId, $groupId) |
|
469
|
|
|
{ |
|
470
|
|
|
if ($userId <= 0 || $groupId <= 0 || !is_numeric($userId) || !is_numeric($groupId)) { |
|
471
|
|
|
return false; |
|
472
|
|
|
} |
|
473
|
|
|
|
|
474
|
|
|
if (!$this->getGroupData($groupId)) { |
|
475
|
|
|
return false; |
|
476
|
|
|
} |
|
477
|
|
|
|
|
478
|
|
|
// add user to group |
|
479
|
|
|
$insert = sprintf(" |
|
480
|
|
|
INSERT INTO |
|
481
|
|
|
%sfaquser_group |
|
482
|
|
|
(user_id, group_id) |
|
483
|
|
|
VALUES |
|
484
|
|
|
(%d, %d)", |
|
485
|
|
|
PMF_Db::getTablePrefix(), |
|
486
|
|
|
$userId, |
|
487
|
|
|
$groupId |
|
488
|
|
|
); |
|
489
|
|
|
|
|
490
|
|
|
$res = $this->config->getDb()->query($insert); |
|
491
|
|
|
if (!$res) { |
|
492
|
|
|
return false; |
|
493
|
|
|
} |
|
494
|
|
|
return true; |
|
495
|
|
|
} |
|
496
|
|
|
|
|
497
|
|
|
/** |
|
498
|
|
|
* Removes a user $userId from the group $groupId. |
|
499
|
|
|
* Returns true on success, otherwise false. |
|
500
|
|
|
* |
|
501
|
|
|
* @param integer $userId User ID |
|
502
|
|
|
* @param integer $groupId Group ID |
|
503
|
|
|
* |
|
504
|
|
|
* @return boolean |
|
505
|
|
|
*/ |
|
506
|
|
View Code Duplication |
public function removeFromGroup($userId, $groupId) |
|
507
|
|
|
{ |
|
508
|
|
|
if ($userId <= 0 || $groupId <= 0 || !is_numeric($userId) || !is_numeric($groupId)) { |
|
509
|
|
|
return false; |
|
510
|
|
|
} |
|
511
|
|
|
|
|
512
|
|
|
$delete = sprintf(" |
|
513
|
|
|
DELETE FROM |
|
514
|
|
|
%sfaquser_group |
|
515
|
|
|
WHERE |
|
516
|
|
|
user_id = %d AND |
|
517
|
|
|
group_id = %d", |
|
518
|
|
|
PMF_Db::getTablePrefix(), |
|
519
|
|
|
$userId, |
|
520
|
|
|
$groupId); |
|
521
|
|
|
|
|
522
|
|
|
$res = $this->config->getDb()->query($delete); |
|
523
|
|
|
if (!$res) { |
|
524
|
|
|
return false; |
|
525
|
|
|
} |
|
526
|
|
|
return true; |
|
527
|
|
|
} |
|
528
|
|
|
|
|
529
|
|
|
/** |
|
530
|
|
|
* Returns the ID of the group that has the name $name. Returns |
|
531
|
|
|
* 0 if the group-name cannot be found. |
|
532
|
|
|
* |
|
533
|
|
|
* @param string $name Group name |
|
534
|
|
|
* |
|
535
|
|
|
* @return int |
|
536
|
|
|
*/ |
|
537
|
|
View Code Duplication |
public function getGroupId($name) |
|
538
|
|
|
{ |
|
539
|
|
|
$select = sprintf(" |
|
540
|
|
|
SELECT |
|
541
|
|
|
group_id |
|
542
|
|
|
FROM |
|
543
|
|
|
%sfaqgroup |
|
544
|
|
|
WHERE |
|
545
|
|
|
name = '%s'", |
|
546
|
|
|
PMF_Db::getTablePrefix(), |
|
547
|
|
|
$this->config->getDb()->escape($name) |
|
548
|
|
|
); |
|
549
|
|
|
|
|
550
|
|
|
$res = $this->config->getDb()->query($select); |
|
551
|
|
|
if ($this->config->getDb()->numRows($res) != 1) { |
|
552
|
|
|
return 0; |
|
553
|
|
|
} |
|
554
|
|
|
$row = $this->config->getDb()->fetchArray($res); |
|
555
|
|
|
return $row['group_id']; |
|
556
|
|
|
} |
|
557
|
|
|
|
|
558
|
|
|
/** |
|
559
|
|
|
* Returns an associative array with the group-data of the group |
|
560
|
|
|
* $groupId. |
|
561
|
|
|
* |
|
562
|
|
|
* @param integer $groupId Group ID |
|
563
|
|
|
* |
|
564
|
|
|
* @return array |
|
565
|
|
|
*/ |
|
566
|
|
View Code Duplication |
public function getGroupData($groupId) |
|
567
|
|
|
{ |
|
568
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
569
|
|
|
return false; |
|
570
|
|
|
} |
|
571
|
|
|
|
|
572
|
|
|
$select = sprintf(" |
|
573
|
|
|
SELECT |
|
574
|
|
|
group_id, |
|
575
|
|
|
name, |
|
576
|
|
|
description, |
|
577
|
|
|
auto_join |
|
578
|
|
|
FROM |
|
579
|
|
|
%sfaqgroup |
|
580
|
|
|
WHERE |
|
581
|
|
|
group_id = %d", |
|
582
|
|
|
PMF_Db::getTablePrefix(), |
|
583
|
|
|
$groupId |
|
584
|
|
|
); |
|
585
|
|
|
|
|
586
|
|
|
$res = $this->config->getDb()->query($select); |
|
587
|
|
|
if ($this->config->getDb()->numRows($res) != 1) { |
|
588
|
|
|
return []; |
|
589
|
|
|
} |
|
590
|
|
|
return $this->config->getDb()->fetchArray($res); |
|
591
|
|
|
} |
|
592
|
|
|
|
|
593
|
|
|
/** |
|
594
|
|
|
* Returns an array that contains the IDs of all groups in which |
|
595
|
|
|
* the user $userId is a member. |
|
596
|
|
|
* |
|
597
|
|
|
* @param integer $userId User ID |
|
598
|
|
|
* |
|
599
|
|
|
* @return array |
|
600
|
|
|
*/ |
|
601
|
|
|
public function getUserGroups($userId) |
|
602
|
|
|
{ |
|
603
|
|
|
if ($userId <= 0 || !is_numeric($userId)) { |
|
604
|
|
|
return array(-1); |
|
605
|
|
|
} |
|
606
|
|
|
|
|
607
|
|
|
$select = sprintf(" |
|
608
|
|
|
SELECT |
|
609
|
|
|
fg.group_id AS group_id |
|
610
|
|
|
FROM |
|
611
|
|
|
%sfaquser fu, |
|
612
|
|
|
%sfaquser_group fug, |
|
613
|
|
|
%sfaqgroup fg |
|
614
|
|
|
WHERE |
|
615
|
|
|
fu.user_id = %d AND |
|
616
|
|
|
fu.user_id = fug.user_id AND |
|
617
|
|
|
fg.group_id = fug.group_id", |
|
618
|
|
|
PMF_Db::getTablePrefix(), |
|
619
|
|
|
PMF_Db::getTablePrefix(), |
|
620
|
|
|
PMF_Db::getTablePrefix(), |
|
621
|
|
|
$userId |
|
622
|
|
|
); |
|
623
|
|
|
|
|
624
|
|
|
$res = $this->config->getDb()->query($select); |
|
625
|
|
|
$result = array(-1); |
|
626
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
627
|
|
|
$result[] = $row['group_id']; |
|
628
|
|
|
} |
|
629
|
|
|
return $result; |
|
630
|
|
|
} |
|
631
|
|
|
|
|
632
|
|
|
/** |
|
633
|
|
|
* Returns an array with the IDs of all groups stored in the |
|
634
|
|
|
* database. |
|
635
|
|
|
* |
|
636
|
|
|
* @return array |
|
637
|
|
|
*/ |
|
638
|
|
View Code Duplication |
public function getAllGroups() |
|
639
|
|
|
{ |
|
640
|
|
|
$select = sprintf(" |
|
641
|
|
|
SELECT |
|
642
|
|
|
group_id |
|
643
|
|
|
FROM |
|
644
|
|
|
%sfaqgroup", |
|
645
|
|
|
PMF_Db::getTablePrefix() |
|
646
|
|
|
); |
|
647
|
|
|
|
|
648
|
|
|
$res = $this->config->getDb()->query($select); |
|
649
|
|
|
$result = []; |
|
650
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
651
|
|
|
$result[] = $row['group_id']; |
|
652
|
|
|
} |
|
653
|
|
|
|
|
654
|
|
|
return $result; |
|
655
|
|
|
} |
|
656
|
|
|
|
|
657
|
|
|
/** |
|
658
|
|
|
* Get all groups in <option> tags |
|
659
|
|
|
* |
|
660
|
|
|
* @param array $groups Selected groups |
|
661
|
|
|
* |
|
662
|
|
|
* @return string |
|
663
|
|
|
*/ |
|
664
|
|
|
public function getAllGroupsOptions(Array $groups) |
|
665
|
|
|
{ |
|
666
|
|
|
$options = ''; |
|
667
|
|
|
$allGroups = $this->getAllGroups(); |
|
668
|
|
|
|
|
669
|
|
|
foreach ($allGroups as $groupId) { |
|
670
|
|
|
if (-1 != $groupId) { |
|
671
|
|
|
$options .= sprintf('<option value="%d"%s>%s</option>', |
|
672
|
|
|
$groupId, |
|
673
|
|
|
(in_array($groupId, $groups) ? ' selected="selected"' : ''), |
|
674
|
|
|
$this->getGroupName($groupId) |
|
675
|
|
|
); |
|
676
|
|
|
} |
|
677
|
|
|
} |
|
678
|
|
|
|
|
679
|
|
|
return $options; |
|
680
|
|
|
} |
|
681
|
|
|
|
|
682
|
|
|
/** |
|
683
|
|
|
* checkUserGroupRight |
|
684
|
|
|
* |
|
685
|
|
|
* Returns true if the user $userId owns the right $rightId |
|
686
|
|
|
* because of a group-membership, otherwise false. |
|
687
|
|
|
* |
|
688
|
|
|
* @param integer $userId User ID |
|
689
|
|
|
* @param integer $rightId Right ID |
|
690
|
|
|
* @return boolean |
|
691
|
|
|
*/ |
|
692
|
|
View Code Duplication |
public function checkUserGroupRight($userId, $rightId) |
|
693
|
|
|
{ |
|
694
|
|
|
// check input |
|
695
|
|
|
if ($rightId <= 0 || $userId <= 0 || !is_numeric($rightId) || !is_numeric($userId)) { |
|
696
|
|
|
return false; |
|
697
|
|
|
} |
|
698
|
|
|
|
|
699
|
|
|
$select = sprintf(" |
|
700
|
|
|
SELECT |
|
701
|
|
|
fr.right_id AS right_id |
|
702
|
|
|
FROM |
|
703
|
|
|
%sfaqright fr, |
|
704
|
|
|
%sfaqgroup_right fgr, |
|
705
|
|
|
%sfaqgroup fg, |
|
706
|
|
|
%sfaquser_group fug, |
|
707
|
|
|
%sfaquser fu |
|
708
|
|
|
WHERE |
|
709
|
|
|
fr.right_id = %d AND |
|
710
|
|
|
fr.right_id = fgr.right_id AND |
|
711
|
|
|
fg.group_id = fgr.group_id AND |
|
712
|
|
|
fg.group_id = fug.group_id AND |
|
713
|
|
|
fu.user_id = fug.user_id AND |
|
714
|
|
|
fu.user_id = %d", |
|
715
|
|
|
PMF_Db::getTablePrefix(), |
|
716
|
|
|
PMF_Db::getTablePrefix(), |
|
717
|
|
|
PMF_Db::getTablePrefix(), |
|
718
|
|
|
PMF_Db::getTablePrefix(), |
|
719
|
|
|
PMF_Db::getTablePrefix(), |
|
720
|
|
|
$rightId, |
|
721
|
|
|
$userId |
|
722
|
|
|
); |
|
723
|
|
|
|
|
724
|
|
|
$res = $this->config->getDb()->query($select); |
|
725
|
|
|
if ($this->config->getDb()->numRows($res) == 1) { |
|
726
|
|
|
return true; |
|
727
|
|
|
} |
|
728
|
|
|
return false; |
|
729
|
|
|
} |
|
730
|
|
|
|
|
731
|
|
|
/** |
|
732
|
|
|
* Checks the given associative array $groupData. If a |
|
733
|
|
|
* parameter is incorrect or is missing, it will be replaced |
|
734
|
|
|
* by the default values in $this->defaultGroupData. |
|
735
|
|
|
* Returns the corrected $groupData associative array. |
|
736
|
|
|
* |
|
737
|
|
|
* @param array $groupData Array of group data |
|
738
|
|
|
* @return array |
|
739
|
|
|
*/ |
|
740
|
|
|
public function checkGroupData(Array $groupData) |
|
741
|
|
|
{ |
|
742
|
|
View Code Duplication |
if (!isset($groupData['name']) || !is_string($groupData['name'])) { |
|
743
|
|
|
$groupData['name'] = $this->defaultGroupData['name']; |
|
744
|
|
|
} |
|
745
|
|
View Code Duplication |
if (!isset($groupData['description']) || !is_string($groupData['description'])) { |
|
746
|
|
|
$groupData['description'] = $this->defaultGroupData['description']; |
|
747
|
|
|
} |
|
748
|
|
|
if (!isset($groupData['auto_join'])) { |
|
749
|
|
|
$groupData['auto_join'] = $this->defaultGroupData['auto_join']; |
|
750
|
|
|
} |
|
751
|
|
|
$groupData['auto_join'] = (int)$groupData['auto_join']; |
|
752
|
|
|
|
|
753
|
|
|
return $groupData; |
|
754
|
|
|
} |
|
755
|
|
|
|
|
756
|
|
|
/** |
|
757
|
|
|
* Returns an array that contains the right-IDs of all rights |
|
758
|
|
|
* the user $userId owns. User-rights and the rights the user |
|
759
|
|
|
* owns because of a group-membership are taken into account. |
|
760
|
|
|
* |
|
761
|
|
|
* @param integer $userId User ID |
|
762
|
|
|
* @return array |
|
763
|
|
|
*/ |
|
764
|
|
|
public function getAllUserRights($userId) |
|
765
|
|
|
{ |
|
766
|
|
|
if ($userId <= 0 || !is_numeric($userId)) { |
|
767
|
|
|
return false; |
|
768
|
|
|
} |
|
769
|
|
|
$userRights = $this->getUserRights($userId); |
|
770
|
|
|
$groupRights = $this->getUserGroupRights($userId); |
|
771
|
|
|
|
|
772
|
|
|
return array_unique(array_merge($userRights, $groupRights)); |
|
773
|
|
|
} |
|
774
|
|
|
|
|
775
|
|
|
/** |
|
776
|
|
|
* Adds the user $userId to all groups with the auto_join |
|
777
|
|
|
* option. By using the auto_join option, user administration |
|
778
|
|
|
* can be much easier. For example by setting this option only |
|
779
|
|
|
* for a single group called 'All Users'. The autoJoin() method |
|
780
|
|
|
* then has to be called every time a new user registers. |
|
781
|
|
|
* Returns true on success, otherwise false. |
|
782
|
|
|
* |
|
783
|
|
|
* @param integer $userId User ID |
|
784
|
|
|
* @return boolean |
|
785
|
|
|
*/ |
|
786
|
|
|
public function autoJoin($userId) |
|
787
|
|
|
{ |
|
788
|
|
|
if ($userId <= 0 || !is_numeric($userId)) { |
|
789
|
|
|
return false; |
|
790
|
|
|
} |
|
791
|
|
|
|
|
792
|
|
|
$select = sprintf(" |
|
793
|
|
|
SELECT |
|
794
|
|
|
group_id |
|
795
|
|
|
FROM |
|
796
|
|
|
%sfaqgroup |
|
797
|
|
|
WHERE |
|
798
|
|
|
auto_join = 1", |
|
799
|
|
|
PMF_Db::getTablePrefix() |
|
800
|
|
|
); |
|
801
|
|
|
|
|
802
|
|
|
$res = $this->config->getDb()->query($select); |
|
803
|
|
|
if (!$res) { |
|
804
|
|
|
return false; |
|
805
|
|
|
} |
|
806
|
|
|
|
|
807
|
|
|
$auto_join = []; |
|
808
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
809
|
|
|
$auto_join[] = $row['group_id']; |
|
810
|
|
|
} |
|
811
|
|
|
|
|
812
|
|
|
// add to groups |
|
813
|
|
|
foreach ($auto_join as $groupId) { |
|
814
|
|
|
$this->addToGroup($userId, $groupId); |
|
815
|
|
|
} |
|
816
|
|
|
return true; |
|
817
|
|
|
} |
|
818
|
|
|
|
|
819
|
|
|
/** |
|
820
|
|
|
* Removes the user $userId from all groups. |
|
821
|
|
|
* Returns true on success, otherwise false. |
|
822
|
|
|
* |
|
823
|
|
|
* @param integer $userId User ID |
|
824
|
|
|
* @return boolean |
|
825
|
|
|
*/ |
|
826
|
|
View Code Duplication |
public function removeFromAllGroups($userId) |
|
827
|
|
|
{ |
|
828
|
|
|
if ($userId <= 0 || !is_numeric($userId)) { |
|
829
|
|
|
return false; |
|
830
|
|
|
} |
|
831
|
|
|
|
|
832
|
|
|
$delete = sprintf(" |
|
833
|
|
|
DELETE FROM |
|
834
|
|
|
%sfaquser_group |
|
835
|
|
|
WHERE |
|
836
|
|
|
user_id = %d", |
|
837
|
|
|
PMF_Db::getTablePrefix(), |
|
838
|
|
|
$userId); |
|
839
|
|
|
|
|
840
|
|
|
$res = $this->config->getDb()->query($delete); |
|
841
|
|
|
if (!$res) { |
|
842
|
|
|
return false; |
|
843
|
|
|
} |
|
844
|
|
|
return true; |
|
845
|
|
|
} |
|
846
|
|
|
|
|
847
|
|
|
/** |
|
848
|
|
|
* getUserGroupRights |
|
849
|
|
|
* |
|
850
|
|
|
* Returns an array that contains the IDs of all rights the user |
|
851
|
|
|
* $userId owns because of a group-membership. |
|
852
|
|
|
* |
|
853
|
|
|
* @param integer $userId User ID |
|
854
|
|
|
* @return array |
|
855
|
|
|
*/ |
|
856
|
|
View Code Duplication |
public function getUserGroupRights($userId) |
|
|
|
|
|
|
857
|
|
|
{ |
|
858
|
|
|
if ($userId <= 0 || !is_numeric($userId)) { |
|
859
|
|
|
return false; |
|
860
|
|
|
} |
|
861
|
|
|
|
|
862
|
|
|
$select = sprintf(" |
|
863
|
|
|
SELECT |
|
864
|
|
|
fr.right_id AS right_id |
|
865
|
|
|
FROM |
|
866
|
|
|
%sfaqright fr, |
|
867
|
|
|
%sfaqgroup_right fgr, |
|
868
|
|
|
%sfaqgroup fg, |
|
869
|
|
|
%sfaquser_group fug, |
|
870
|
|
|
%sfaquser fu |
|
871
|
|
|
WHERE |
|
872
|
|
|
fu.user_id = %d AND |
|
873
|
|
|
fu.user_id = fug.user_id AND |
|
874
|
|
|
fg.group_id = fug.group_id AND |
|
875
|
|
|
fg.group_id = fgr.group_id AND |
|
876
|
|
|
fr.right_id = fgr.right_id", |
|
877
|
|
|
PMF_Db::getTablePrefix(), |
|
878
|
|
|
PMF_Db::getTablePrefix(), |
|
879
|
|
|
PMF_Db::getTablePrefix(), |
|
880
|
|
|
PMF_Db::getTablePrefix(), |
|
881
|
|
|
PMF_Db::getTablePrefix(), |
|
882
|
|
|
$userId); |
|
883
|
|
|
|
|
884
|
|
|
$res = $this->config->getDb()->query($select); |
|
885
|
|
|
$result = []; |
|
886
|
|
|
while ($row = $this->config->getDb()->fetchArray($res)) { |
|
887
|
|
|
$result[] = $row['right_id']; |
|
888
|
|
|
} |
|
889
|
|
|
return $result; |
|
890
|
|
|
} |
|
891
|
|
|
|
|
892
|
|
|
/** |
|
893
|
|
|
* Refuses all group rights. |
|
894
|
|
|
* Returns true on success, otherwise false. |
|
895
|
|
|
* |
|
896
|
|
|
* @param integer $groupId Group ID |
|
897
|
|
|
* @return boolean |
|
898
|
|
|
*/ |
|
899
|
|
View Code Duplication |
public function refuseAllGroupRights($groupId) |
|
900
|
|
|
{ |
|
901
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
902
|
|
|
return false; |
|
903
|
|
|
} |
|
904
|
|
|
|
|
905
|
|
|
$delete = sprintf(" |
|
906
|
|
|
DELETE FROM |
|
907
|
|
|
%sfaqgroup_right |
|
908
|
|
|
WHERE |
|
909
|
|
|
group_id = %d", |
|
910
|
|
|
PMF_Db::getTablePrefix(), |
|
911
|
|
|
$groupId); |
|
912
|
|
|
|
|
913
|
|
|
$res = $this->config->getDb()->query($delete); |
|
914
|
|
|
if (!$res) { |
|
915
|
|
|
return false; |
|
916
|
|
|
} |
|
917
|
|
|
return true; |
|
918
|
|
|
} |
|
919
|
|
|
|
|
920
|
|
|
/** |
|
921
|
|
|
* Returns the name of the group $groupId. |
|
922
|
|
|
* |
|
923
|
|
|
* @param integer $groupId Group ID |
|
924
|
|
|
* @return string |
|
925
|
|
|
*/ |
|
926
|
|
View Code Duplication |
public function getGroupName($groupId) |
|
927
|
|
|
{ |
|
928
|
|
|
if ($groupId <= 0 || !is_numeric($groupId)) { |
|
929
|
|
|
return false; |
|
930
|
|
|
} |
|
931
|
|
|
|
|
932
|
|
|
$select = sprintf(" |
|
933
|
|
|
SELECT |
|
934
|
|
|
name |
|
935
|
|
|
FROM |
|
936
|
|
|
%sfaqgroup |
|
937
|
|
|
WHERE |
|
938
|
|
|
group_id = %d", |
|
939
|
|
|
PMF_Db::getTablePrefix(), |
|
940
|
|
|
$groupId |
|
941
|
|
|
); |
|
942
|
|
|
|
|
943
|
|
|
$res = $this->config->getDb()->query($select); |
|
944
|
|
|
if ($this->config->getDb()->numRows($res) != 1) { |
|
945
|
|
|
return []; |
|
|
|
|
|
|
946
|
|
|
} |
|
947
|
|
|
$row = $this->config->getDb()->fetchArray($res); |
|
948
|
|
|
return $row['name']; |
|
949
|
|
|
} |
|
950
|
|
|
|
|
951
|
|
|
/** |
|
952
|
|
|
* Removes all users from the group $groupId. |
|
953
|
|
|
* Returns true on success, otherwise false. |
|
954
|
|
|
* |
|
955
|
|
|
* @param integer $groupId Group ID |
|
956
|
|
|
* @return bool |
|
957
|
|
|
*/ |
|
958
|
|
View Code Duplication |
public function removeAllUsersFromGroup($groupId) |
|
959
|
|
|
{ |
|
960
|
|
|
if ($groupId <= 0 or !is_numeric($groupId)) { |
|
961
|
|
|
return false; |
|
962
|
|
|
} |
|
963
|
|
|
|
|
964
|
|
|
// remove all user from group |
|
965
|
|
|
$delete = sprintf(" |
|
966
|
|
|
DELETE FROM |
|
967
|
|
|
%sfaquser_group |
|
968
|
|
|
WHERE |
|
969
|
|
|
group_id = %d", |
|
970
|
|
|
PMF_Db::getTablePrefix(), |
|
971
|
|
|
$groupId); |
|
972
|
|
|
|
|
973
|
|
|
$res = $this->config->getDb()->query($delete); |
|
974
|
|
|
if (!$res) { |
|
975
|
|
|
return false; |
|
976
|
|
|
} |
|
977
|
|
|
return true; |
|
978
|
|
|
} |
|
979
|
|
|
} |
thorsten /
phpMyFAQ
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.