sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); } $sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; if ( !($f_access = $db->$sql_fetchrow($result)) ) { $db->sql_freeresult($result); return array(); } $db->sql_freeresult($result); } // // If the user isn't logged on then all we need do is check if the forum // has the type set to ALL, if yes they are good to go, if not then they // are denied access // $u_access = array(); if ( $userdata['session_logged_in'] ) { $forum_match_sql = ( $forum_id != AUTH_LIST_ALL ) ? "AND a.forum_id = $forum_id" : ''; $sql = "SELECT a.forum_id, $a_sql, a.auth_mod FROM " . AUTH_ACCESS_TABLE . " a, " . USER_GROUP_TABLE . " ug WHERE ug.user_id = ".$userdata['user_id']. " AND ug.user_pending = 0 AND a.group_id = ug.group_id $forum_match_sql"; if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); } if ( $row = $db->sql_fetchrow($result) ) { do { if ( $forum_id != AUTH_LIST_ALL) { $u_access[] = $row; } else { $u_access[$row['forum_id']][] = $row; } } while( $row = $db->sql_fetchrow($result) ); } } $is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0; $auth_user = array(); for($i = 0; $i < count($auth_fields); $i++) { $key = $auth_fields[$i]; // // If the user is logged on and the forum type is either ALL or REG then the user has access // // If the type if ACL, MOD or ADMIN then we need to see if the user has specific permissions // to do whatever it is they want to do ... to do this we pull relevant information for the // user (and any groups they belong to) // // Now we compare the users access level against the forums. We assume here that a moderator // and admin automatically have access to an ACL forum, similarly we assume admins meet an // auth requirement of MOD // if ( $forum_id != AUTH_LIST_ALL ) { $value = $f_access[$key]; switch( $value ) { case AUTH_ALL: $auth_user[$key] = TRUE; $auth_user[$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_REG: $auth_user[$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; $auth_user[$key . '_type'] = $lang['Auth_Registered_Users']; break; case AUTH_ACL: $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access, $is_admin) : 0; $auth_user[$key . '_type'] = $lang['Auth_Users_granted_access']; break; case AUTH_MOD: $auth_user[$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; $auth_user[$key . '_type'] = $lang['Auth_Moderators']; break; case AUTH_ADMIN: $auth_user[$key] = $is_admin; $auth_user[$key . '_type'] = $lang['Auth_Administrators']; break; default: $auth_user[$key] = 0; break; } } else { for($k = 0; $k < count($f_access); $k++) { $value = $f_access[$k][$key]; $f_forum_id = $f_access[$k]['forum_id']; switch( $value ) { case AUTH_ALL: $auth_user[$f_forum_id][$key] = TRUE; $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_users']; break; case AUTH_REG: $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? TRUE : 0; $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Registered_Users']; break; case AUTH_ACL: $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_ACL, $key, $u_access[$f_forum_id], $is_admin) : 0; $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Users_granted_access']; break; case AUTH_MOD: $auth_user[$f_forum_id][$key] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Moderators']; break; case AUTH_ADMIN: $auth_user[$f_forum_id][$key] = $is_admin; $auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Administrators']; break; default: $auth_user[$f_forum_id][$key] = 0; break; } } } } // // Is user a moderator? // if ( $forum_id != AUTH_LIST_ALL ) { $auth_user['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access, $is_admin) : 0; } else { for($k = 0; $k < count($f_access); $k++) { $f_forum_id = $f_access[$k]['forum_id']; $auth_user[$f_forum_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0; } } return $auth_user; } function auth_check_user($type, $key, $u_access, $is_admin) { $auth_user = 0; if ( count($u_access) ) { for($j = 0; $j < count($u_access); $j++) { $result = 0; switch($type) { case AUTH_ACL: $result = $u_access[$j][$key]; case AUTH_MOD: $result = $result || $u_access[$j]['auth_mod']; case AUTH_ADMIN: $result = $result || $is_admin; break; } $auth_user = $auth_user || $result; } } else { $auth_user = $is_admin; } return $auth_user; } ?>