phpBB 2.0.19-scripts
[autoinstalls/phpBB.git] / groupcp.php
1 <?php
2 /***************************************************************************
3  *                               groupcp.php
4  *                            -------------------
5  *   begin                : Saturday, Feb 13, 2001
6  *   copyright            : (C) 2001 The phpBB Group
7  *   email                : support@phpbb.com
8  *
9  *   $Id: groupcp.php,v 1.58.2.25 2005/09/17 18:36:48 grahamje Exp $
10  *
11  *
12  ***************************************************************************/
13
14 /***************************************************************************
15  *
16  *   This program is free software; you can redistribute it and/or modify
17  *   it under the terms of the GNU General Public License as published by
18  *   the Free Software Foundation; either version 2 of the License, or
19  *   (at your option) any later version.
20  *
21  ***************************************************************************/
22
23 define('IN_PHPBB', true);
24 $phpbb_root_path = './';
25 include($phpbb_root_path . 'extension.inc');
26 include($phpbb_root_path . 'common.'.$phpEx);
27
28 // -------------------------
29 //
30 function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$joined, &$poster_avatar, &$profile_img, &$profile, &$search_img, &$search, &$pm_img, &$pm, &$email_img, &$email, &$www_img, &$www, &$icq_status_img, &$icq_img, &$icq, &$aim_img, &$aim, &$msn_img, &$msn, &$yim_img, &$yim)
31 {
32         global $lang, $images, $board_config, $phpEx;
33
34         $from = ( !empty($row['user_from']) ) ? $row['user_from'] : '&nbsp;';
35         $joined = create_date($date_format, $row['user_regdate'], $board_config['board_timezone']);
36         $posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
37
38         $poster_avatar = '';
39         if ( $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] )
40         {
41                 switch( $row['user_avatar_type'] )
42                 {
43                         case USER_AVATAR_UPLOAD:
44                                 $poster_avatar = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
45                                 break;
46                         case USER_AVATAR_REMOTE:
47                                 $poster_avatar = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $row['user_avatar'] . '" alt="" border="0" />' : '';
48                                 break;
49                         case USER_AVATAR_GALLERY:
50                                 $poster_avatar = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $row['user_avatar'] . '" alt="" border="0" />' : '';
51                                 break;
52                 }
53         }
54
55         if ( !empty($row['user_viewemail']) || $group_mod )
56         {
57                 $email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $row['user_id']) : 'mailto:' . $row['user_email'];
58
59                 $email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
60                 $email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
61         }
62         else
63         {
64                 $email_img = '&nbsp;';
65                 $email = '&nbsp;';
66         }
67
68         $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
69         $profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
70         $profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
71
72         $temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=" . $row['user_id']);
73         $pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
74         $pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
75
76         $www_img = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww"><img src="' . $images['icon_www'] . '" alt="' . $lang['Visit_website'] . '" title="' . $lang['Visit_website'] . '" border="0" /></a>' : '';
77         $www = ( $row['user_website'] ) ? '<a href="' . $row['user_website'] . '" target="_userwww">' . $lang['Visit_website'] . '</a>' : '';
78
79         if ( !empty($row['user_icq']) )
80         {
81                 $icq_status_img = '<a href="http://wwp.icq.com/' . $row['user_icq'] . '#pager"><img src="http://web.icq.com/whitepages/online?icq=' . $row['user_icq'] . '&img=5" width="18" height="18" border="0" /></a>';
82                 $icq_img = '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '"><img src="' . $images['icon_icq'] . '" alt="' . $lang['ICQ'] . '" title="' . $lang['ICQ'] . '" border="0" /></a>';
83                 $icq =  '<a href="http://wwp.icq.com/scripts/search.dll?to=' . $row['user_icq'] . '">' . $lang['ICQ'] . '</a>';
84         }
85         else
86         {
87                 $icq_status_img = '';
88                 $icq_img = '';
89                 $icq = '';
90         }
91
92         $aim_img = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
93         $aim = ( $row['user_aim'] ) ? '<a href="aim:goim?screenname=' . $row['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
94
95         $temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']);
96         $msn_img = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
97         $msn = ( $row['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
98
99         $yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
100         $yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
101
102         $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
103         $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
104         $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';
105
106         return;
107 }
108 //
109 // --------------------------
110
111 //
112 // Start session management
113 //
114 $userdata = session_pagestart($user_ip, PAGE_GROUPCP);
115 init_userprefs($userdata);
116 //
117 // End session management
118 //
119
120 $script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
121 $script_name = ( $script_name != '' ) ? $script_name . '/groupcp.'.$phpEx : 'groupcp.'.$phpEx;
122 $server_name = trim($board_config['server_name']);
123 $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
124 $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
125
126 $server_url = $server_protocol . $server_name . $server_port . $script_name;
127
128 if ( isset($HTTP_GET_VARS[POST_GROUPS_URL]) || isset($HTTP_POST_VARS[POST_GROUPS_URL]) )
129 {
130         $group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
131 }
132 else
133 {
134         $group_id = '';
135 }
136
137 if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
138 {
139         $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
140         $mode = htmlspecialchars($mode);
141 }
142 else
143 {
144         $mode = '';
145 }
146
147 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
148 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
149
150 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
151
152 //
153 // Default var values
154 //
155 $is_moderator = FALSE;
156
157 if ( isset($HTTP_POST_VARS['groupstatus']) && $group_id )
158 {
159         if ( !$userdata['session_logged_in'] )
160         {
161                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
162         }
163
164         $sql = "SELECT group_moderator 
165                 FROM " . GROUPS_TABLE . "  
166                 WHERE group_id = $group_id";
167         if ( !($result = $db->sql_query($sql)) )
168         {
169                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
170         }
171
172         $row = $db->sql_fetchrow($result);
173
174         if ( $row['group_moderator'] != $userdata['user_id'] && $userdata['user_level'] != ADMIN )
175         {
176                 $template->assign_vars(array(
177                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
178                 );
179
180                 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
181
182                 message_die(GENERAL_MESSAGE, $message);
183         }
184
185         $sql = "UPDATE " . GROUPS_TABLE . " 
186                 SET group_type = " . intval($HTTP_POST_VARS['group_type']) . "
187                 WHERE group_id = $group_id";
188         if ( !($result = $db->sql_query($sql)) )
189         {
190                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
191         }
192
193         $template->assign_vars(array(
194                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
195         );
196
197         $message = $lang['Group_type_updated'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
198
199         message_die(GENERAL_MESSAGE, $message);
200
201 }
202 else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
203 {
204         //
205         // First, joining a group
206         // If the user isn't logged in redirect them to login
207         //
208         if ( !$userdata['session_logged_in'] )
209         {
210                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
211         }
212
213         $sql = "SELECT ug.user_id, g.group_type
214                 FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 
215                 WHERE g.group_id = $group_id 
216                         AND g.group_type <> " . GROUP_HIDDEN . " 
217                         AND ug.group_id = g.group_id";
218         if ( !($result = $db->sql_query($sql)) )
219         {
220                 message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
221         }
222
223         if (    $row = $db->sql_fetchrow($result) )
224         {
225                 if ( $row['group_type'] == GROUP_OPEN )
226                 {
227                         do
228                         {
229                                 if ( $userdata['user_id'] == $row['user_id'] )
230                                 {
231                                         $template->assign_vars(array(
232                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
233                                         );
234
235                                         $message = $lang['Already_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
236
237                                         message_die(GENERAL_MESSAGE, $message);
238                                 }
239                         } while ( $row = $db->sql_fetchrow($result) );
240                 }
241                 else
242                 {
243                         $template->assign_vars(array(
244                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
245                         );
246
247                         $message = $lang['This_closed_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
248
249                         message_die(GENERAL_MESSAGE, $message);
250                 }
251         }
252         else
253         {
254                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']); 
255         }
256
257         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending) 
258                 VALUES ($group_id, " . $userdata['user_id'] . ", 1)";
259         if ( !($result = $db->sql_query($sql)) )
260         {
261                 message_die(GENERAL_ERROR, "Error inserting user group subscription", "", __LINE__, __FILE__, $sql);
262         }
263
264         $sql = "SELECT u.user_email, u.username, u.user_lang, g.group_name 
265                 FROM ".USERS_TABLE . " u, " . GROUPS_TABLE . " g 
266                 WHERE u.user_id = g.group_moderator 
267                         AND g.group_id = $group_id";
268         if ( !($result = $db->sql_query($sql)) )
269         {
270                 message_die(GENERAL_ERROR, "Error getting group moderator data", "", __LINE__, __FILE__, $sql);
271         }
272
273         $moderator = $db->sql_fetchrow($result);
274
275         include($phpbb_root_path . 'includes/emailer.'.$phpEx);
276         $emailer = new emailer($board_config['smtp_delivery']);
277
278         $emailer->from($board_config['board_email']);
279         $emailer->replyto($board_config['board_email']);
280
281         $emailer->use_template('group_request', $moderator['user_lang']);
282         $emailer->email_address($moderator['user_email']);
283         $emailer->set_subject($lang['Group_request']);
284
285         $emailer->assign_vars(array(
286                 'SITENAME' => $board_config['sitename'], 
287                 'GROUP_MODERATOR' => $moderator['username'],
288                 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
289
290                 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id&validate=true")
291         );
292         $emailer->send();
293         $emailer->reset();
294
295         $template->assign_vars(array(
296                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
297         );
298
299         $message = $lang['Group_joined'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
300
301         message_die(GENERAL_MESSAGE, $message);
302 }
303 else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending']) && $group_id )
304 {
305         //
306         // Second, unsubscribing from a group
307         // Check for confirmation of unsub.
308         //
309         if ( $cancel )
310         {
311                 redirect(append_sid("groupcp.$phpEx", true));
312         }
313         elseif ( !$userdata['session_logged_in'] )
314         {
315                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
316         }
317
318         if ( $confirm )
319         {
320                 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 
321                         WHERE user_id = " . $userdata['user_id'] . " 
322                                 AND group_id = $group_id";
323                 if ( !($result = $db->sql_query($sql)) )
324                 {
325                         message_die(GENERAL_ERROR, 'Could not delete group memebership data', '', __LINE__, __FILE__, $sql);
326                 }
327
328                 if ( $userdata['user_level'] != ADMIN && $userdata['user_level'] == MOD )
329                 {
330                         $sql = "SELECT COUNT(auth_mod) AS is_auth_mod 
331                                 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
332                                 WHERE ug.user_id = " . $userdata['user_id'] . " 
333                                         AND aa.group_id = ug.group_id 
334                                         AND aa.auth_mod = 1";
335                         if ( !($result = $db->sql_query($sql)) )
336                         {
337                                 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
338                         }
339
340                         if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
341                         {
342                                 $sql = "UPDATE " . USERS_TABLE . " 
343                                         SET user_level = " . USER . " 
344                                         WHERE user_id = " . $userdata['user_id'];
345                                 if ( !($result = $db->sql_query($sql)) )
346                                 {
347                                         message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
348                                 }
349                         }
350                 }
351
352                 $template->assign_vars(array(
353                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
354                 );
355
356                 $message = $lang['Unsub_success'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
357
358                 message_die(GENERAL_MESSAGE, $message);
359         }
360         else
361         {
362                 $unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
363
364                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
365
366                 $page_title = $lang['Group_Control_Panel'];
367                 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
368
369                 $template->set_filenames(array(
370                         'confirm' => 'confirm_body.tpl')
371                 );
372
373                 $template->assign_vars(array(
374                         'MESSAGE_TITLE' => $lang['Confirm'],
375                         'MESSAGE_TEXT' => $unsub_msg,
376                         'L_YES' => $lang['Yes'],
377                         'L_NO' => $lang['No'],
378                         'S_CONFIRM_ACTION' => append_sid("groupcp.$phpEx"),
379                         'S_HIDDEN_FIELDS' => $s_hidden_fields)
380                 );
381
382                 $template->pparse('confirm');
383
384                 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
385         }
386
387 }
388 else if ( $group_id )
389 {
390         //
391         // Did the group moderator get here through an email?
392         // If so, check to see if they are logged in.
393         //
394         if ( isset($HTTP_GET_VARS['validate']) )
395         {
396                 if ( !$userdata['session_logged_in'] )
397                 {
398                         redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
399                 }
400         }
401
402         //
403         // For security, get the ID of the group moderator.
404         //
405         switch(SQL_LAYER)
406         {
407                 case 'postgresql':
408                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
409                                 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
410                                 WHERE g.group_id = $group_id
411                                         AND aa.group_id = g.group_id 
412                                         UNION (
413                                                 SELECT g.group_moderator, g.group_type, NULL 
414                                                 FROM " . GROUPS_TABLE . " g
415                                                 WHERE g.group_id = $group_id
416                                                         AND NOT EXISTS (
417                                                         SELECT aa.group_id 
418                                                         FROM " . AUTH_ACCESS_TABLE . " aa 
419                                                         WHERE aa.group_id = g.group_id  
420                                                 )
421                                         )";
422                         break;
423
424                 case 'oracle':
425                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
426                                 FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
427                                 WHERE g.group_id = $group_id
428                                         AND aa.group_id (+) = g.group_id";
429                         break;
430
431                 default:
432                         $sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
433                                 FROM ( " . GROUPS_TABLE . " g 
434                                 LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
435                                 WHERE g.group_id = $group_id";
436                         break;
437         }
438         if ( !($result = $db->sql_query($sql)) )
439         {
440                 message_die(GENERAL_ERROR, 'Could not get moderator information', '', __LINE__, __FILE__, $sql);
441         }
442
443         if ( $group_info = $db->sql_fetchrow($result) )
444         {
445                 $group_moderator = $group_info['group_moderator'];
446         
447                 if ( $group_moderator == $userdata['user_id'] || $userdata['user_level'] == ADMIN )
448                 {
449                         $is_moderator = TRUE;
450                 }
451                         
452                 //
453                 // Handle Additions, removals, approvals and denials
454                 //
455                 if ( !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['remove']) || isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) )
456                 {
457                         if ( !$userdata['session_logged_in'] )
458                         {
459                                 redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
460                         }
461
462                         if ( !$is_moderator )
463                         {
464                                 $template->assign_vars(array(
465                                         'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("index.$phpEx") . '">')
466                                 );
467
468                                 $message = $lang['Not_group_moderator'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
469
470                                 message_die(GENERAL_MESSAGE, $message);
471                         }
472
473                         if ( isset($HTTP_POST_VARS['add']) )
474                         {
475                                 $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
476                                 
477                                 $sql = "SELECT user_id, user_email, user_lang, user_level  
478                                         FROM " . USERS_TABLE . " 
479                                         WHERE username = '" . str_replace("\'", "''", $username) . "'";
480                                 if ( !($result = $db->sql_query($sql)) )
481                                 {
482                                         message_die(GENERAL_ERROR, "Could not get user information", $lang['Error'], __LINE__, __FILE__, $sql);
483                                 }
484
485                                 if ( !($row = $db->sql_fetchrow($result)) )
486                                 {
487                                         $template->assign_vars(array(
488                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
489                                         );
490
491                                         $message = $lang['Could_not_add_user'] . "<br /><br />" . sprintf($lang['Click_return_group'], "<a href=\"" . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_index'], "<a href=\"" . append_sid("index.$phpEx") . "\">", "</a>");
492
493                                         message_die(GENERAL_MESSAGE, $message);
494                                 }
495
496                                 if ( $row['user_id'] == ANONYMOUS )
497                                 {
498                                         $template->assign_vars(array(
499                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
500                                         );
501
502                                         $message = $lang['Could_not_anon_user'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
503
504                                         message_die(GENERAL_MESSAGE, $message);
505                                 }
506                                 
507                                 $sql = "SELECT ug.user_id, u.user_level 
508                                         FROM " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u 
509                                         WHERE u.user_id = " . $row['user_id'] . " 
510                                                 AND ug.user_id = u.user_id 
511                                                 AND ug.group_id = $group_id";
512                                 if ( !($result = $db->sql_query($sql)) )
513                                 {
514                                         message_die(GENERAL_ERROR, 'Could not get user information', '', __LINE__, __FILE__, $sql);
515                                 }
516
517                                 if ( !($db->sql_fetchrow($result)) )
518                                 {
519                                         $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending) 
520                                                 VALUES (" . $row['user_id'] . ", $group_id, 0)";
521                                         if ( !$db->sql_query($sql) )
522                                         {
523                                                 message_die(GENERAL_ERROR, 'Could not add user to group', '', __LINE__, __FILE__, $sql);
524                                         }
525                                         
526                                         if ( $row['user_level'] != ADMIN && $row['user_level'] != MOD && $group_info['auth_mod'] )
527                                         {
528                                                 $sql = "UPDATE " . USERS_TABLE . " 
529                                                         SET user_level = " . MOD . " 
530                                                         WHERE user_id = " . $row['user_id'];
531                                                 if ( !$db->sql_query($sql) )
532                                                 {
533                                                         message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
534                                                 }
535                                         }
536
537                                         //
538                                         // Get the group name
539                                         // Email the user and tell them they're in the group
540                                         //
541                                         $group_sql = "SELECT group_name 
542                                                 FROM " . GROUPS_TABLE . " 
543                                                 WHERE group_id = $group_id";
544                                         if ( !($result = $db->sql_query($group_sql)) )
545                                         {
546                                                 message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
547                                         }
548
549                                         $group_name_row = $db->sql_fetchrow($result);
550
551                                         $group_name = $group_name_row['group_name'];
552
553                                         include($phpbb_root_path . 'includes/emailer.'.$phpEx);
554                                         $emailer = new emailer($board_config['smtp_delivery']);
555
556                                         $emailer->from($board_config['board_email']);
557                                         $emailer->replyto($board_config['board_email']);
558
559                                         $emailer->use_template('group_added', $row['user_lang']);
560                                         $emailer->email_address($row['user_email']);
561                                         $emailer->set_subject($lang['Group_added']);
562
563                                         $emailer->assign_vars(array(
564                                                 'SITENAME' => $board_config['sitename'], 
565                                                 'GROUP_NAME' => $group_name,
566                                                 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
567
568                                                 'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
569                                         );
570                                         $emailer->send();
571                                         $emailer->reset();
572                                 }
573                                 else
574                                 {
575                                         $template->assign_vars(array(
576                                                 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">')
577                                         );
578
579                                         $message = $lang['User_is_member_group'] . '<br /><br />' . sprintf($lang['Click_return_group'], '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
580
581                                         message_die(GENERAL_MESSAGE, $message);
582                                 }
583                         }
584                         else 
585                         {
586                                 if ( ( ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) && isset($HTTP_POST_VARS['pending_members']) ) || ( isset($HTTP_POST_VARS['remove']) && isset($HTTP_POST_VARS['members']) ) )
587                                 {
588
589                                         $members = ( isset($HTTP_POST_VARS['approve']) || isset($HTTP_POST_VARS['deny']) ) ? $HTTP_POST_VARS['pending_members'] : $HTTP_POST_VARS['members'];
590
591                                         $sql_in = '';
592                                         for($i = 0; $i < count($members); $i++)
593                                         {
594                                                 $sql_in .= ( ( $sql_in != '' ) ? ', ' : '' ) . intval($members[$i]);
595                                         }
596
597                                         if ( isset($HTTP_POST_VARS['approve']) )
598                                         {
599                                                 if ( $group_info['auth_mod'] )
600                                                 {
601                                                         $sql = "UPDATE " . USERS_TABLE . " 
602                                                                 SET user_level = " . MOD . " 
603                                                                 WHERE user_id IN ($sql_in) 
604                                                                         AND user_level NOT IN (" . MOD . ", " . ADMIN . ")";
605                                                         if ( !$db->sql_query($sql) )
606                                                         {
607                                                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
608                                                         }
609                                                 }
610
611                                                 $sql = "UPDATE " . USER_GROUP_TABLE . " 
612                                                         SET user_pending = 0 
613                                                         WHERE user_id IN ($sql_in) 
614                                                                 AND group_id = $group_id";
615                                                 $sql_select = "SELECT user_email 
616                                                         FROM ". USERS_TABLE . " 
617                                                         WHERE user_id IN ($sql_in)"; 
618                                         }
619                                         else if ( isset($HTTP_POST_VARS['deny']) || isset($HTTP_POST_VARS['remove']) )
620                                         {
621                                                 if ( $group_info['auth_mod'] )
622                                                 {
623                                                         $sql = "SELECT ug.user_id, ug.group_id 
624                                                                 FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
625                                                                 WHERE ug.user_id IN  ($sql_in) 
626                                                                         AND aa.group_id = ug.group_id 
627                                                                         AND aa.auth_mod = 1 
628                                                                 GROUP BY ug.user_id, ug.group_id 
629                                                                 ORDER BY ug.user_id, ug.group_id";
630                                                         if ( !($result = $db->sql_query($sql)) )
631                                                         {
632                                                                 message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
633                                                         }
634
635                                                         if ( $row = $db->sql_fetchrow($result) )
636                                                         {
637                                                                 $group_check = array();
638                                                                 $remove_mod_sql = '';
639
640                                                                 do
641                                                                 {
642                                                                         $group_check[$row['user_id']][] = $row['group_id'];
643                                                                 }
644                                                                 while ( $row = $db->sql_fetchrow($result) );
645
646                                                                 while( list($user_id, $group_list) = @each($group_check) )
647                                                                 {
648                                                                         if ( count($group_list) == 1 )
649                                                                         {
650                                                                                 $remove_mod_sql .= ( ( $remove_mod_sql != '' ) ? ', ' : '' ) . $user_id;
651                                                                         }
652                                                                 }
653
654                                                                 if ( $remove_mod_sql != '' )
655                                                                 {
656                                                                         $sql = "UPDATE " . USERS_TABLE . " 
657                                                                                 SET user_level = " . USER . " 
658                                                                                 WHERE user_id IN ($remove_mod_sql) 
659                                                                                         AND user_level NOT IN (" . ADMIN . ")";
660                                                                         if ( !$db->sql_query($sql) )
661                                                                         {
662                                                                                 message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
663                                                                         }
664                                                                 }
665                                                         }
666                                                 }
667
668                                                 $sql = "DELETE FROM " . USER_GROUP_TABLE . " 
669                                                         WHERE user_id IN ($sql_in) 
670                                                                 AND group_id = $group_id";
671                                         }
672
673                                         if ( !$db->sql_query($sql) )
674                                         {
675                                                 message_die(GENERAL_ERROR, 'Could not update user group table', '', __LINE__, __FILE__, $sql);
676                                         }
677
678                                         //
679                                         // Email users when they are approved
680                                         //
681                                         if ( isset($HTTP_POST_VARS['approve']) )
682                                         {
683                                                 if ( !($result = $db->sql_query($sql_select)) )
684                                                 {
685                                                         message_die(GENERAL_ERROR, 'Could not get user email information', '', __LINE__, __FILE__, $sql);
686                                                 }
687
688                                                 $bcc_list = array();
689                                                 while ($row = $db->sql_fetchrow($result))
690                                                 {
691                                                         $bcc_list[] = $row['user_email'];
692                                                 }
693
694                                                 //
695                                                 // Get the group name
696                                                 //
697                                                 $group_sql = "SELECT group_name 
698                                                         FROM " . GROUPS_TABLE . " 
699                                                         WHERE group_id = $group_id";
700                                                 if ( !($result = $db->sql_query($group_sql)) )
701                                                 {
702                                                         message_die(GENERAL_ERROR, 'Could not get group information', '', __LINE__, __FILE__, $group_sql);
703                                                 }
704
705                                                 $group_name_row = $db->sql_fetchrow($result);
706                                                 $group_name = $group_name_row['group_name'];
707
708                                                 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
709                                                 $emailer = new emailer($board_config['smtp_delivery']);
710
711                                                 $emailer->from($board_config['board_email']);
712                                                 $emailer->replyto($board_config['board_email']);
713
714                                                 for ($i = 0; $i < count($bcc_list); $i++)
715                                                 {
716                                                         $emailer->bcc($bcc_list[$i]);
717                                                 }
718
719                                                 $emailer->use_template('group_approved');
720                                                 $emailer->set_subject($lang['Group_approved']);
721
722                                                 $emailer->assign_vars(array(
723                                                         'SITENAME' => $board_config['sitename'], 
724                                                         'GROUP_NAME' => $group_name,
725                                                         'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
726
727                                                         'U_GROUPCP' => $server_url . '?' . POST_GROUPS_URL . "=$group_id")
728                                                 );
729                                                 $emailer->send();
730                                                 $emailer->reset();
731                                         }
732                                 }
733                         }
734                 }
735                 //
736                 // END approve or deny
737                 //
738         }
739         else
740         {
741                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
742         }
743
744         //
745         // Get group details
746         //
747         $sql = "SELECT *
748                 FROM " . GROUPS_TABLE . "
749                 WHERE group_id = $group_id
750                         AND group_single_user = 0";
751         if ( !($result = $db->sql_query($sql)) )
752         {
753                 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
754         }
755
756         if ( !($group_info = $db->sql_fetchrow($result)) )
757         {
758                 message_die(GENERAL_MESSAGE, $lang['Group_not_exist']); 
759         }
760
761         //
762         // Get moderator details for this group
763         //
764         $sql = "SELECT username, user_id, user_viewemail, user_posts, user_regdate, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm  
765                 FROM " . USERS_TABLE . " 
766                 WHERE user_id = " . $group_info['group_moderator'];
767         if ( !($result = $db->sql_query($sql)) )
768         {
769                 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
770         }
771
772         $group_moderator = $db->sql_fetchrow($result); 
773
774         //
775         // Get user information for this group
776         //
777         $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm, ug.user_pending 
778                 FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug
779                 WHERE ug.group_id = $group_id
780                         AND u.user_id = ug.user_id
781                         AND ug.user_pending = 0 
782                         AND ug.user_id <> " . $group_moderator['user_id'] . " 
783                 ORDER BY u.username"; 
784         if ( !($result = $db->sql_query($sql)) )
785         {
786                 message_die(GENERAL_ERROR, 'Error getting user list for group', '', __LINE__, __FILE__, $sql);
787         }
788
789         $group_members = $db->sql_fetchrowset($result); 
790         $members_count = count($group_members);
791         $db->sql_freeresult($result);
792
793         $sql = "SELECT u.username, u.user_id, u.user_viewemail, u.user_posts, u.user_regdate, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_msnm
794                 FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
795                 WHERE ug.group_id = $group_id
796                         AND g.group_id = ug.group_id
797                         AND ug.user_pending = 1
798                         AND u.user_id = ug.user_id
799                 ORDER BY u.username"; 
800         if ( !($result = $db->sql_query($sql)) )
801         {
802                 message_die(GENERAL_ERROR, 'Error getting user pending information', '', __LINE__, __FILE__, $sql);
803         }
804
805         $modgroup_pending_list = $db->sql_fetchrowset($result);
806         $modgroup_pending_count = count($modgroup_pending_list);
807         $db->sql_freeresult($result);
808
809         $is_group_member = 0;
810         if ( $members_count )
811         {
812                 for($i = 0; $i < $members_count; $i++)
813                 {
814                         if ( $group_members[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
815                         {
816                                 $is_group_member = TRUE; 
817                         }
818                 }
819         }
820
821         $is_group_pending_member = 0;
822         if ( $modgroup_pending_count )
823         {
824                 for($i = 0; $i < $modgroup_pending_count; $i++)
825                 {
826                         if ( $modgroup_pending_list[$i]['user_id'] == $userdata['user_id'] && $userdata['session_logged_in'] )
827                         {
828                                 $is_group_pending_member = TRUE;
829                         }
830                 }
831         }
832
833         if ( $userdata['user_level'] == ADMIN )
834         {
835                 $is_moderator = TRUE;
836         }
837
838         if ( $userdata['user_id'] == $group_info['group_moderator'] )
839         {
840                 $is_moderator = TRUE;
841
842                 $group_details =  $lang['Are_group_moderator'];
843
844                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
845         }
846         else if ( $is_group_member || $is_group_pending_member )
847         {
848                 $template->assign_block_vars('switch_unsubscribe_group_input', array());
849
850                 $group_details =  ( $is_group_pending_member ) ? $lang['Pending_this_group'] : $lang['Member_this_group'];
851
852                 $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
853         }
854         else if ( $userdata['user_id'] == ANONYMOUS )
855         {
856                 $group_details =  $lang['Login_to_join'];
857                 $s_hidden_fields = '';
858         }
859         else
860         {
861                 if ( $group_info['group_type'] == GROUP_OPEN )
862                 {
863                         $template->assign_block_vars('switch_subscribe_group_input', array());
864
865                         $group_details =  $lang['This_open_group'];
866                         $s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
867                 }
868                 else if ( $group_info['group_type'] == GROUP_CLOSED )
869                 {
870                         $group_details =  $lang['This_closed_group'];
871                         $s_hidden_fields = '';
872                 }
873                 else if ( $group_info['group_type'] == GROUP_HIDDEN )
874                 {
875                         $group_details =  $lang['This_hidden_group'];
876                         $s_hidden_fields = '';
877                 }
878         }
879
880         $page_title = $lang['Group_Control_Panel'];
881         include($phpbb_root_path . 'includes/page_header.'.$phpEx);
882
883         //
884         // Load templates
885         //
886         $template->set_filenames(array(
887                 'info' => 'groupcp_info_body.tpl', 
888                 'pendinginfo' => 'groupcp_pending_info.tpl')
889         );
890         make_jumpbox('viewforum.'.$phpEx);
891
892         //
893         // Add the moderator
894         //
895         $username = $group_moderator['username'];
896         $user_id = $group_moderator['user_id'];
897
898         generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
899
900         $s_hidden_fields .= '';
901
902         $template->assign_vars(array(
903                 'L_GROUP_INFORMATION' => $lang['Group_Information'],
904                 'L_GROUP_NAME' => $lang['Group_name'],
905                 'L_GROUP_DESC' => $lang['Group_description'],
906                 'L_GROUP_TYPE' => $lang['Group_type'],
907                 'L_GROUP_MEMBERSHIP' => $lang['Group_membership'],
908                 'L_SUBSCRIBE' => $lang['Subscribe'],
909                 'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
910                 'L_JOIN_GROUP' => $lang['Join_group'], 
911                 'L_UNSUBSCRIBE_GROUP' => $lang['Unsubscribe'], 
912                 'L_GROUP_OPEN' => $lang['Group_open'],
913                 'L_GROUP_CLOSED' => $lang['Group_closed'],
914                 'L_GROUP_HIDDEN' => $lang['Group_hidden'], 
915                 'L_UPDATE' => $lang['Update'], 
916                 'L_GROUP_MODERATOR' => $lang['Group_Moderator'], 
917                 'L_GROUP_MEMBERS' => $lang['Group_Members'], 
918                 'L_PENDING_MEMBERS' => $lang['Pending_members'], 
919                 'L_SELECT_SORT_METHOD' => $lang['Select_sort_method'], 
920                 'L_PM' => $lang['Private_Message'], 
921                 'L_EMAIL' => $lang['Email'], 
922                 'L_POSTS' => $lang['Posts'], 
923                 'L_WEBSITE' => $lang['Website'],
924                 'L_FROM' => $lang['Location'],
925                 'L_ORDER' => $lang['Order'],
926                 'L_SORT' => $lang['Sort'],
927                 'L_SUBMIT' => $lang['Sort'],
928                 'L_AIM' => $lang['AIM'],
929                 'L_YIM' => $lang['YIM'],
930                 'L_MSNM' => $lang['MSNM'],
931                 'L_ICQ' => $lang['ICQ'],
932                 'L_SELECT' => $lang['Select'],
933                 'L_REMOVE_SELECTED' => $lang['Remove_selected'],
934                 'L_ADD_MEMBER' => $lang['Add_member'],
935                 'L_FIND_USERNAME' => $lang['Find_username'],
936
937                 'GROUP_NAME' => $group_info['group_name'],
938                 'GROUP_DESC' => $group_info['group_description'],
939                 'GROUP_DETAILS' => $group_details,
940                 'MOD_ROW_COLOR' => '#' . $theme['td_color1'],
941                 'MOD_ROW_CLASS' => $theme['td_class1'],
942                 'MOD_USERNAME' => $username,
943                 'MOD_FROM' => $from,
944                 'MOD_JOINED' => $joined,
945                 'MOD_POSTS' => $posts,
946                 'MOD_AVATAR_IMG' => $poster_avatar,
947                 'MOD_PROFILE_IMG' => $profile_img, 
948                 'MOD_PROFILE' => $profile, 
949                 'MOD_SEARCH_IMG' => $search_img,
950                 'MOD_SEARCH' => $search,
951                 'MOD_PM_IMG' => $pm_img,
952                 'MOD_PM' => $pm,
953                 'MOD_EMAIL_IMG' => $email_img,
954                 'MOD_EMAIL' => $email,
955                 'MOD_WWW_IMG' => $www_img,
956                 'MOD_WWW' => $www,
957                 'MOD_ICQ_STATUS_IMG' => $icq_status_img,
958                 'MOD_ICQ_IMG' => $icq_img, 
959                 'MOD_ICQ' => $icq, 
960                 'MOD_AIM_IMG' => $aim_img,
961                 'MOD_AIM' => $aim,
962                 'MOD_MSN_IMG' => $msn_img,
963                 'MOD_MSN' => $msn,
964                 'MOD_YIM_IMG' => $yim_img,
965                 'MOD_YIM' => $yim,
966
967                 'U_MOD_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"), 
968                 'U_SEARCH_USER' => append_sid("search.$phpEx?mode=searchuser"), 
969
970                 'S_GROUP_OPEN_TYPE' => GROUP_OPEN,
971                 'S_GROUP_CLOSED_TYPE' => GROUP_CLOSED,
972                 'S_GROUP_HIDDEN_TYPE' => GROUP_HIDDEN,
973                 'S_GROUP_OPEN_CHECKED' => ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '',
974                 'S_GROUP_CLOSED_CHECKED' => ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '',
975                 'S_GROUP_HIDDEN_CHECKED' => ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '',
976                 'S_HIDDEN_FIELDS' => $s_hidden_fields, 
977                 'S_MODE_SELECT' => $select_sort_mode,
978                 'S_ORDER_SELECT' => $select_sort_order,
979                 'S_GROUPCP_ACTION' => append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id"))
980         );
981
982         //
983         // Dump out the remaining users
984         //
985         for($i = $start; $i < min($board_config['topics_per_page'] + $start, $members_count); $i++)
986         {
987                 $username = $group_members[$i]['username'];
988                 $user_id = $group_members[$i]['user_id'];
989
990                 generate_user_info($group_members[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
991
992                 if ( $group_info['group_type'] != GROUP_HIDDEN || $is_group_member || $is_moderator )
993                 {
994                         $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
995                         $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
996
997                         $template->assign_block_vars('member_row', array(
998                                 'ROW_COLOR' => '#' . $row_color,
999                                 'ROW_CLASS' => $row_class,
1000                                 'USERNAME' => $username,
1001                                 'FROM' => $from,
1002                                 'JOINED' => $joined,
1003                                 'POSTS' => $posts,
1004                                 'USER_ID' => $user_id, 
1005                                 'AVATAR_IMG' => $poster_avatar,
1006                                 'PROFILE_IMG' => $profile_img, 
1007                                 'PROFILE' => $profile, 
1008                                 'SEARCH_IMG' => $search_img,
1009                                 'SEARCH' => $search,
1010                                 'PM_IMG' => $pm_img,
1011                                 'PM' => $pm,
1012                                 'EMAIL_IMG' => $email_img,
1013                                 'EMAIL' => $email,
1014                                 'WWW_IMG' => $www_img,
1015                                 'WWW' => $www,
1016                                 'ICQ_STATUS_IMG' => $icq_status_img,
1017                                 'ICQ_IMG' => $icq_img, 
1018                                 'ICQ' => $icq, 
1019                                 'AIM_IMG' => $aim_img,
1020                                 'AIM' => $aim,
1021                                 'MSN_IMG' => $msn_img,
1022                                 'MSN' => $msn,
1023                                 'YIM_IMG' => $yim_img,
1024                                 'YIM' => $yim,
1025                                 
1026                                 'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1027                         );
1028
1029                         if ( $is_moderator )
1030                         {
1031                                 $template->assign_block_vars('member_row.switch_mod_option', array());
1032                         }
1033                 }
1034         }
1035
1036         if ( !$members_count )
1037         {
1038                 //
1039                 // No group members
1040                 //
1041                 $template->assign_block_vars('switch_no_members', array());
1042                 $template->assign_vars(array(
1043                         'L_NO_MEMBERS' => $lang['No_group_members'])
1044                 );
1045         }
1046
1047         $current_page = ( !$members_count ) ? 1 : ceil( $members_count / $board_config['topics_per_page'] );
1048
1049         $template->assign_vars(array(
1050                 'PAGINATION' => generate_pagination("groupcp.$phpEx?" . POST_GROUPS_URL . "=$group_id", $members_count, $board_config['topics_per_page'], $start),
1051                 'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), $current_page ), 
1052
1053                 'L_GOTO_PAGE' => $lang['Goto_page'])
1054         );
1055
1056         if ( $group_info['group_type'] == GROUP_HIDDEN && !$is_group_member && !$is_moderator )
1057         {
1058                 //
1059                 // No group members
1060                 //
1061                 $template->assign_block_vars('switch_hidden_group', array());
1062                 $template->assign_vars(array(
1063                         'L_HIDDEN_MEMBERS' => $lang['Group_hidden_members'])
1064                 );
1065         }
1066
1067         //
1068         // We've displayed the members who belong to the group, now we 
1069         // do that pending memebers... 
1070         //
1071         if ( $is_moderator )
1072         {
1073                 //
1074                 // Users pending in ONLY THIS GROUP (which is moderated by this user)
1075                 //
1076                 if ( $modgroup_pending_count )
1077                 {
1078                         for($i = 0; $i < $modgroup_pending_count; $i++)
1079                         {
1080                                 $username = $modgroup_pending_list[$i]['username'];
1081                                 $user_id = $modgroup_pending_list[$i]['user_id'];
1082
1083                                 generate_user_info($modgroup_pending_list[$i], $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
1084
1085                                 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
1086                                 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
1087
1088                                 $user_select = '<input type="checkbox" name="member[]" value="' . $user_id . '">';
1089
1090                                 $template->assign_block_vars('pending_members_row', array(
1091                                         'ROW_CLASS' => $row_class,
1092                                         'ROW_COLOR' => '#' . $row_color, 
1093                                         'USERNAME' => $username,
1094                                         'FROM' => $from,
1095                                         'JOINED' => $joined,
1096                                         'POSTS' => $posts,
1097                                         'USER_ID' => $user_id, 
1098                                         'AVATAR_IMG' => $poster_avatar,
1099                                         'PROFILE_IMG' => $profile_img, 
1100                                         'PROFILE' => $profile, 
1101                                         'SEARCH_IMG' => $search_img,
1102                                         'SEARCH' => $search,
1103                                         'PM_IMG' => $pm_img,
1104                                         'PM' => $pm,
1105                                         'EMAIL_IMG' => $email_img,
1106                                         'EMAIL' => $email,
1107                                         'WWW_IMG' => $www_img,
1108                                         'WWW' => $www,
1109                                         'ICQ_STATUS_IMG' => $icq_status_img,
1110                                         'ICQ_IMG' => $icq_img, 
1111                                         'ICQ' => $icq, 
1112                                         'AIM_IMG' => $aim_img,
1113                                         'AIM' => $aim,
1114                                         'MSN_IMG' => $msn_img,
1115                                         'MSN' => $msn,
1116                                         'YIM_IMG' => $yim_img,
1117                                         'YIM' => $yim,
1118                                         
1119                                         'U_VIEWPROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$user_id"))
1120                                 );
1121                         }
1122
1123                         $template->assign_block_vars('switch_pending_members', array() );
1124
1125                         $template->assign_vars(array(
1126                                 'L_SELECT' => $lang['Select'],
1127                                 'L_APPROVE_SELECTED' => $lang['Approve_selected'],
1128                                 'L_DENY_SELECTED' => $lang['Deny_selected'])
1129                         );
1130
1131                         $template->assign_var_from_handle('PENDING_USER_BOX', 'pendinginfo');
1132                 
1133                 }
1134         }
1135
1136         if ( $is_moderator )
1137         {
1138                 $template->assign_block_vars('switch_mod_option', array());
1139                 $template->assign_block_vars('switch_add_member', array());
1140         }
1141
1142         $template->pparse('info');
1143 }
1144 else
1145 {
1146         //
1147         // Show the main groupcp.php screen where the user can select a group.
1148         //
1149         // Select all group that the user is a member of or where the user has
1150         // a pending membership.
1151         //
1152         $in_group = array();
1153         
1154         if ( $userdata['session_logged_in'] ) 
1155         {
1156                 $sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending 
1157                         FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
1158                         WHERE ug.user_id = " . $userdata['user_id'] . "  
1159                                 AND ug.group_id = g.group_id
1160                                 AND g.group_single_user <> " . TRUE . "
1161                         ORDER BY g.group_name, ug.user_id";
1162                 if ( !($result = $db->sql_query($sql)) )
1163                 {
1164                         message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1165                 }
1166
1167                 if ( $row = $db->sql_fetchrow($result) )
1168                 {
1169                         $in_group = array();
1170                         $s_member_groups_opt = '';
1171                         $s_pending_groups_opt = '';
1172
1173                         do
1174                         {
1175                                 $in_group[] = $row['group_id'];
1176                                 if ( $row['user_pending'] )
1177                                 {
1178                                         $s_pending_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1179                                 }
1180                                 else
1181                                 {
1182                                         $s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1183                                 }
1184                         }
1185                         while( $row = $db->sql_fetchrow($result) );
1186
1187                         $s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>";
1188                         $s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>";
1189                 }
1190         }
1191
1192         //
1193         // Select all other groups i.e. groups that this user is not a member of
1194         //
1195         $ignore_group_sql =     ( count($in_group) ) ? "AND group_id NOT IN (" . implode(', ', $in_group) . ")" : ''; 
1196         $sql = "SELECT group_id, group_name, group_type 
1197                 FROM " . GROUPS_TABLE . " g 
1198                 WHERE group_single_user <> " . TRUE . " 
1199                         $ignore_group_sql 
1200                 ORDER BY g.group_name";
1201         if ( !($result = $db->sql_query($sql)) )
1202         {
1203                 message_die(GENERAL_ERROR, 'Error getting group information', '', __LINE__, __FILE__, $sql);
1204         }
1205
1206         $s_group_list_opt = '';
1207         while( $row = $db->sql_fetchrow($result) )
1208         {
1209                 if  ( $row['group_type'] != GROUP_HIDDEN || $userdata['user_level'] == ADMIN )
1210                 {
1211                         $s_group_list_opt .='<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
1212                 }
1213         }
1214         $s_group_list = '<select name="' . POST_GROUPS_URL . '">' . $s_group_list_opt . '</select>';
1215
1216         if ( $s_group_list_opt != '' || $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1217         {
1218                 //
1219                 // Load and process templates
1220                 //
1221                 $page_title = $lang['Group_Control_Panel'];
1222                 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
1223
1224                 $template->set_filenames(array(
1225                         'user' => 'groupcp_user_body.tpl')
1226                 );
1227                 make_jumpbox('viewforum.'.$phpEx);
1228
1229                 if ( $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
1230                 {
1231                         $template->assign_block_vars('switch_groups_joined', array() );
1232                 }
1233
1234                 if ( $s_member_groups_opt != '' )
1235                 {
1236                         $template->assign_block_vars('switch_groups_joined.switch_groups_member', array() );
1237                 }
1238
1239                 if ( $s_pending_groups_opt != '' )
1240                 {
1241                         $template->assign_block_vars('switch_groups_joined.switch_groups_pending', array() );
1242                 }
1243
1244                 if ( $s_group_list_opt != '' )
1245                 {
1246                         $template->assign_block_vars('switch_groups_remaining', array() );
1247                 }
1248
1249                 $s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
1250
1251                 $template->assign_vars(array(
1252                         'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],
1253                         'L_JOIN_A_GROUP' => $lang['Group_member_join'],
1254                         'L_YOU_BELONG_GROUPS' => $lang['Current_memberships'],
1255                         'L_SELECT_A_GROUP' => $lang['Non_member_groups'],
1256                         'L_PENDING_GROUPS' => $lang['Memberships_pending'],
1257                         'L_SUBSCRIBE' => $lang['Subscribe'],
1258                         'L_UNSUBSCRIBE' => $lang['Unsubscribe'],
1259                         'L_VIEW_INFORMATION' => $lang['View_Information'], 
1260
1261                         'S_USERGROUP_ACTION' => append_sid("groupcp.$phpEx"), 
1262                         'S_HIDDEN_FIELDS' => $s_hidden_fields, 
1263
1264                         'GROUP_LIST_SELECT' => $s_group_list,
1265                         'GROUP_PENDING_SELECT' => $s_pending_groups,
1266                         'GROUP_MEMBER_SELECT' => $s_member_groups)
1267                 );
1268
1269                 $template->pparse('user');
1270         }
1271         else
1272         {
1273                 message_die(GENERAL_MESSAGE, $lang['No_groups_exist']);
1274         }
1275
1276 }
1277
1278 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1279
1280 ?>