multiple functions in forumteam
#11
(2015-01-23, 01:26 PM)Leefish Wrote: Its not a security issue on the code;its just that sometimes administrators have a "secret" admin account that displays as a member. Your plugin (I think) would take away that option.

You can make a special user group for these "admins" which are not shown as members of the forum team. I think think needs already to be done anyhow, because they need a display group as a "normal" user.
Regards, Ad Bakker (NL)
Reply
#12
Yea, that was my point Ad. You can have a user with a primary group of member, an additional group of admin and a display group as banned. That is in the default.
Random Fish and Sims Maniac
MY PLUGINS
Help MyBBSupport help you - remember to mark your threads as solved


Reply
#13
Or you can make an additional admin group which can have all priviliges of a "normal" admin, except that this group is not part of the forum team (can be set in the user group options).
Regards, Ad Bakker (NL)
Reply
#14
But - if you start including additional groups in the showteam - then you have to also check if the secret staff are excluded. Like um,

I have

Get all users who are usergroup moderator;
Get all users with additional group moderator;

As soon as you do that then you have an issue I think; because the additional group can be a group that shows on the showteam page, and now you out your secret moderators.

The MyBB showteam doesnt do this because it doesnt take additional groups into account.

Of course you can just make a group that is admin but not the admin usergroup, but the query needs to be done right Smile
Random Fish and Sims Maniac
MY PLUGINS
Help MyBBSupport help you - remember to mark your threads as solved


Reply
#15
That's not how showteam.php is working. 
  1. It starts with selecting all groups that are part of the forumteam, so the additional team (for which it is stated that it is not a show team) is not selected. 
  2. Then it is gathering all users who have these groups as primary or display group. In a loop over these users these are added to an array that contains all users per team group.
  3. Then in a loop over all forumteam groups all members of these groups are displayed in the list.
So, members from a usergroup for which it is defined that it is not a forumteam group, and have their primary or display group also as a group that is not a forumteam group, will not be listed in the forum team table.

The only thing I did was in item 2. looking at both the display group and the primary group and all the additional groups. The original code only looks at the display group, and only when this is not defined at the primary group. Further it completely neglects the additional usergroups.
My solution does therefore only work when the users which are members of more show teams have at least one of these as their primary or additional usergroup. But that is also the case for the original code.

As I see it now, it is simply a bug!!
Regards, Ad Bakker (NL)
Reply
#16
Yea, so you did the query properly Smile
Random Fish and Sims Maniac
MY PLUGINS
Help MyBBSupport help you - remember to mark your threads as solved


Reply
#17
Hi, this is exactly what I'm looking for. could you share your plugin? thanks!

(2015-01-23, 12:01 PM)Ad Bakker Wrote: Sorry for not reacting. I think the subscription to this discussion was broken when it was moved to this forum.

What I intended was that members that are member of different forum teams are displayed as a member of all these teams. Now they are only displayed in the team given by their "user group" or "display group" (when this is defined).

In the meantime I have made a plugin, which is essentially a copy of showteam.php with a few lines of extra coding. I tested it on my test forum and it works.

Here the old output:



And this the new:



You can see the difference with member "lid1", who is member of three different groups.

It was mentioned before that there could be a security risk involved, but I cannot comrehend why this could be.
Reply
#18
(2015-06-15, 04:39 PM)luiz.schmidt Wrote: Hi, this is exactly what I'm looking for. could you share your plugin? thanks!

Copy the source below and save it as "forumteam_extended.php". Copy that files to your /inc/plugins directory.

In your AdminCP go to plugins and activate it.

I think this must work, I removed some specific things for my forum, so now it is suitable for a normal MyBB 1805 install.

<?php
/**
 * Disallow direct access to this file for security reasons 
 * 
 */
if(!defined("IN_MYBB"))
{
	die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
}
$plugins->add_hook("showteam_start", "showteam_extended");
/**
 * Standard MyBB info function
 * 
 */
function showteam_extended_info()
{
    global $lang;
    return Array(
        'name'          => "showteam_extended",
        'description'   => "extended forum team list where one member can be in several teams",
        'website'       => '',
        'author'        => 'Ad Bakker',
        'authorsite'    => '',
        'version'       => '1.0',
        'guid'          => '',
        'compatibility' => '18*',
    );
}

function showteam_extended()
{
	define("IN_MYBB", 1);
	define('THIS_SCRIPT', 'showteam_extended.php');

	global $lang, $db, $mybb, $templates, $templatelist, $plugins, $headerinclude, $header, $footer, $theme;
	$templatelist = 	'showteam_moderators_forum,postbit_email,postbit_pm,showteam_moderators_mod,showteam_usergroup_user,showteam_moderators,showteam_usergroup,showteam';
	require_once "./global.php";
	require_once "./inc/functions.php";
	$timecut = TIME_NOW - $mybb->settings['wolcutoff'];
	$usergroups = array();
	$moderators = array();
	$users = array();
	
	// Fetch the list of groups which are to be shown on the page
	$mygroup = $mybb->user['usergroup'];
	$query = $db->simple_select("usergroups", "gid, title, usertitle, showforumteam, cansendemail, showforumteam", "1=1", array('order_by' => 'disporder'));

	while($usergroup = $db->fetch_array($query))
	{
		if ($usergroup['gid'] == $mygroup) $Icansendemail = $usergroup['cansendemail'];
		if ($usergroup['showforumteam'] != 1) continue;
		$usergroups[$usergroup['gid']] = $usergroup;
	}
	
	if(empty($usergroups))
	{
		error($lang->error_noteamstoshow);
	}
	
	// Fetch specific forum moderator details
	if($usergroups[6]['gid'])
	{
		$query = $db->query("
			SELECT m.*, f.name
			FROM ".TABLE_PREFIX."moderators m
			LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid=m.id)
			LEFT JOIN ".TABLE_PREFIX."forums f ON (f.fid=m.fid)
			WHERE f.active = 1 AND m.isgroup = 0
			ORDER BY u.username
		");
		while($moderator = $db->fetch_array($query))
		{
			$moderators[$moderator['id']][] = $moderator;
		}
	}
	$groups_in = implode(",", array_keys($usergroups));
	$users_in = implode(",", array_keys($moderators));
	if(!$groups_in)
	{
		$groups_in = 0;
	}
	if(!$users_in)
	{
		$users_in = 0;
	}
	$forum_permissions = forum_permissions();
	$where = "uid IN ($users_in) OR usergroup IN ($groups_in)";
	if ($groups_in != 0)
	{
		$groups = explode(',',$groups_in);
		foreach ($groups as $group)
		{
			$where .= " OR {$group} IN (additionalgroups)";
		}
	}
	$query = $db->simple_select("users", "uid, username, displaygroup, usergroup, additionalgroups, usertitle, ignorelist, email, hideemail, receivepms, lastactive, lastvisit, invisible, skype, google", $where, array('order_by' => 'username'));
	while($user = $db->fetch_array($query))
	{
		if(isset($moderators[$user['uid']]))
		{
			foreach($moderators[$user['uid']] as $forum)
			{
				if($forum_permissions[$forum['fid']]['canview'] == 1)
				{
					$forum_url = get_forum_link($forum['fid']);
					eval("\$forumlist .= \"".$templates->get("showteam_moderators_forum")."\";");
				}
				else
				{
					$forumlist .= $lang->forum_hidden."<br /";
				}
			}
			$user['forumlist'] = $forumlist; 
			$forumlist = '';
			
			$usergroups[6]['user_list'][$user['uid']] = $user;
		}

		$groups = array();
		if ($user['usergroup'] !=6)
		{
			$groups[] = $user['usergroup'];
		}
		if ($user['additionalgroups'])
		{
			$groups = array_merge($groups,explode(',',$user['additionalgroups']));
		}
		foreach ($groups as $group)
		{
			if($group !=6 && $usergroups[$group])
			{
				$usergroups[$group]['user_list'][$user['uid']] = $user;
			}
		}
	}

	$grouplist = '';
	foreach($usergroups as $usergroup)
	{
		if ($usergroup['showforumteam'] != 1) continue;
		$usergrouprows = $modrows = '';

		if(!isset($usergroup['user_list']))
		{
			continue;
		}
	
		$bgcolor = '';
		foreach($usergroup['user_list'] as $user)
		{
			$user['username'] = format_name($user['username'], $user['usergroup'], $user['displaygroup']);
			$user['profilelink'] = get_profile_link($user['uid']);
	
			$emailcode = $pmcode = '';

			if($user['hideemail'] != 1 && $Icansendemail == 1)
			{
				eval("\$emailcode = \"".$templates->get("postbit_email")."\";");
			}
	
			if($user['receivepms'] != 0 && $mybb->settings['enablepms'] != 0 && my_strpos(",".$user['ignorelist'].",", ",".$mybb->user['uid'].",") === false)
			{
				eval("\$pmcode = \"".$templates->get("postbit_pm")."\";");
			}
	
			if($user['lastactive'] > $timecut && ($user['invisible'] == 0 || $mybb->usergroup['canviewwolinvis'] == 1) && $user['lastvisit'] != $user['lastactive'])
			{
				$status = "online";
			}
			else
			{
				$status = "offline";
			}
	
			if($user['invisible'] == 1 && $mybb->usergroup['canviewwolinvis'] != 1 && $user['uid'] != $mybb->user['uid'])
			{
				if($user['lastactive'])
				{
					$user['lastvisit'] = $lang->lastvisit_hidden;
				}
				else
				{
					$user['lastvisit'] = $lang->lastvisit_never;
				}
			}
			else
			{
				$user['lastvisit'] = my_date('relative', $user['lastactive']);
			}
			
			if ($user['usertitle'])
			{
				$usertitle = $user['usertitle'];
			}
			else
			{
				if ($user['displaygroup'])
				{
					$displaygroup = usergroup_displaygroup($user['displaygroup']);
					$usertitle = $displaygroup['usertitle'];
				}
				else
				{
					$displaygroup = usergroup_displaygroup($user['usergroup']);
					$usertitle = $displaygroup['usertitle'];
				}
			}

			if ($user['username'] && $user['additionalgroups'])
			{
				$additionalgroups = explode(",",$user['additionalgroups']);
				foreach ($additionalgroups as $additionalgroup)
				{
					$displaygroup = usergroup_displaygroup($additionalgroup);
					if ($displaygroup['usertitle'] != "")
					{
						$usertitle .= ", ".$displaygroup['usertitle'];
					}
				}
			}

			$bgcolor = alt_trow();
			$plugins->run_hooks('showteam_user');
	
			if($usergroup['gid'] == 6 && !empty($user['forumlist']))
			{
				$forumslist = $user['forumlist'];
				eval("\$modrows .= \"".$templates->get("showteam_moderators_mod")."\";");
			}
			else
			{
				eval("\$usergrouprows .= \"".$templates->get("showteam_usergroup_user")."\";");
			}
		}
	
		if($modrows && $usergroup['gid'] == 6)
		{
			eval("\$grouplist .= \"".$templates->get("showteam_moderators")."\";");
		}
	
		if($usergrouprows)
		{
			eval("\$grouplist .= \"".$templates->get("showteam_usergroup")."\";");
		}
	}
	
	if(empty($grouplist))
	{
		error($lang->error_noteamstoshow);
	}
	
	eval("\$showteam = \"".$templates->get("showteam")."\";");
	output_page($showteam);
	exit();
}
?>

Success!!
Regards, Ad Bakker (NL)
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)