[Phpbb-checkins] CVS: phpBB2 groupcp.php,1.42,1.43

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv18002

Modified Files:
	groupcp.php 
Log Message:
Made hidden groups hidden, guess some extra security checks would be nice though (ppl guessing URLs)

Index: groupcp.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/groupcp.php,v
retrieving revision 1.42
retrieving revision 1.43
diff -C2 -r1.42 -r1.43
*** groupcp.php	15 Feb 2002 14:03:39 -0000	1.42
--- groupcp.php	15 Feb 2002 22:13:59 -0000	1.43
***************
*** 1057,1063 ****
  else
  {
! 	$sql = "SELECT g.group_id, g.group_name, ug.user_pending 
  		FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
! 		WHERE ug.user_id = " . $userdata['user_id'] . "  
  			AND ug.group_id = g.group_id
  			AND g.group_single_user <> " . TRUE . "
--- 1057,1072 ----
  else
  {
! //
! // Show the main groupcp.php screen where the user can select a group.
! //
! 
! 	//
! 	// Select all group that the user is a member of or where the user has
! 	// a pending membership.
! 	//
! 	$sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending 
  		FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug
! 		WHERE
! 			ug.user_id = " . $userdata['user_id'] . "  
  			AND ug.group_id = g.group_id
  			AND g.group_single_user <> " . TRUE . "
***************
*** 1073,1076 ****
--- 1082,1086 ----
  	while( $row = $db->sql_fetchrow($result) )
  	{
+ 		$in_group[] = $row['group_id'];
  		if ( $row['user_pending'] )
  		{
***************
*** 1081,1093 ****
  			$s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
  		}
- 		$in_group[] = $row['group_id'];
  	}
  	$s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>";
  	$s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>";
  
  	$ignore_group_sql =	( count($in_group) ) ? "AND group_id NOT IN (" . implode(", ", $in_group) . ")" : ""; 
  	$sql = "SELECT group_id, group_name  
  		FROM " . GROUPS_TABLE . " g 
! 		WHERE group_single_user <> " . TRUE . " 
  			$ignore_group_sql 
  		ORDER BY g.group_name";
--- 1091,1107 ----
  			$s_member_groups_opt .= '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>';
  		}
  	}
  	$s_pending_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_pending_groups_opt . "</select>";
  	$s_member_groups = '<select name="' . POST_GROUPS_URL . '">' . $s_member_groups_opt . "</select>";
  
+ 	//
+ 	// Select all other groups i.e. groups that this user is not a member of
+ 	//
  	$ignore_group_sql =	( count($in_group) ) ? "AND group_id NOT IN (" . implode(", ", $in_group) . ")" : ""; 
  	$sql = "SELECT group_id, group_name  
  		FROM " . GROUPS_TABLE . " g 
! 		WHERE
! 			group_single_user <> " . TRUE . " 
! 			AND group_type <> " . GROUP_HIDDEN . "
  			$ignore_group_sql 
  		ORDER BY g.group_name";
***************
*** 1174,1176 ****
  include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
  
! ?>
\ No newline at end of file
--- 1188,1190 ----
  include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
  
! ?>

[Phpbb-checkins] CVS: phpBB2 groupcp.php,1.42,1.43

phpBB is the world's leading open source discussion forum software.

[Phpbb-checkins] CVS: phpBB2 groupcp.php,1.42,1.43