diff --git a/common.php b/common.php
index 88a5046b..8c007147 100644
--- a/common.php
+++ b/common.php
@@ -28,7 +28,7 @@ session_start();
define('MYAAC', true);
define('MYAAC_VERSION', '0.6.1');
-define('DATABASE_VERSION', 14);
+define('DATABASE_VERSION', 15);
define('TABLE_PREFIX', 'myaac_');
define('START_TIME', microtime(true));
define('MYAAC_OS', (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'WINDOWS' : (strtoupper(PHP_OS) == 'DARWIN' ? 'MAC' : 'LINUX'));
diff --git a/install/includes/schema.sql b/install/includes/schema.sql
index 34ef3d88..3827c37c 100644
--- a/install/includes/schema.sql
+++ b/install/includes/schema.sql
@@ -85,6 +85,8 @@ CREATE TABLE `myaac_forum_boards`
`description` VARCHAR(255) NOT NULL DEFAULT '',
`ordering` INT(11) NOT NULL DEFAULT 0,
`closed` TINYINT(1) NOT NULL DEFAULT 0,
+ `guild` INT(11) NOT NULL DEFAULT 0,
+ `access` INT(11) NOT NULL DEFAULT 0,
`hidden` TINYINT(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE = MyISAM;
diff --git a/system/functions.php b/system/functions.php
index 6186c498..749adf34 100644
--- a/system/functions.php
+++ b/system/functions.php
@@ -215,7 +215,7 @@ function generateRandomString($length, $lowCase = true, $upCase = false, $numeri
function getForumBoards()
{
global $db, $canEdit;
- $sections = $db->query('SELECT `id`, `name`, `description`, `closed`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') .
+ $sections = $db->query('SELECT `id`, `name`, `description`, `closed`, `guild`, `access`' . ($canEdit ? ', `hidden`, `ordering`' : '') . ' FROM `' . TABLE_PREFIX . 'forum_boards` ' . (!$canEdit ? ' WHERE `hidden` != 1' : '') .
' ORDER BY `ordering`;');
if($sections)
return $sections->fetchAll();
diff --git a/system/libs/pot/OTS_Guild.php b/system/libs/pot/OTS_Guild.php
index b2f096ed..8de2d818 100644
--- a/system/libs/pot/OTS_Guild.php
+++ b/system/libs/pot/OTS_Guild.php
@@ -74,6 +74,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
*
* @version 0.1.3
*/
+/*
public function __clone()
{
unset($this->data['id']);
@@ -90,7 +91,7 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
$this->requests->__construct($this);
}
}
-
+*/
/**
* Assigns invites handler.
*
@@ -282,6 +283,26 @@ class OTS_Guild extends OTS_Row_DAO implements IteratorAggregate, Countable
$this->data['ownerid'] = $owner->getId();
}
+ public function hasMember(OTS_Player $player) {
+ global $db;
+
+ if(!$player || !$player->isLoaded()) {
+ return false;
+ }
+
+ $player_rank = $player->getRank();
+ if(!$player_rank->isLoaded()) {
+ return false;
+ }
+
+ foreach($this->getGuildRanksList() as $rank) {
+ if($rank->getId() == $player_rank->getId()) {
+ return true;
+ }
+ }
+
+ return false;
+ }
/**
* Guild creation data.
*
diff --git a/system/migrations/15.php b/system/migrations/15.php
new file mode 100644
index 00000000..12c9f15e
--- /dev/null
+++ b/system/migrations/15.php
@@ -0,0 +1,11 @@
+<?php
+
+// add new forum.guild and forum.access fields
+if(!fieldExist('guild', TABLE_PREFIX . 'forum_boards')) {
+ $db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `guild` TINYINT(1) NOT NULL DEFAULT 0 AFTER `closed`;");
+}
+
+if(!fieldExist('access', TABLE_PREFIX . 'forum_boards')) {
+ $db->query("ALTER TABLE `" . TABLE_PREFIX . "forum_boards` ADD `access` TINYINT(1) NOT NULL DEFAULT 0 AFTER `guild`;");
+}
+?>
\ No newline at end of file
diff --git a/system/pages/forum.php b/system/pages/forum.php
index 8621bcf2..db65191c 100644
--- a/system/pages/forum.php
+++ b/system/pages/forum.php
@@ -30,11 +30,19 @@ if(!$logged)
$canEdit = hasFlag(FLAG_CONTENT_FORUM) || superAdmin();
if($canEdit)
{
+ $groups = new OTS_Groups_List();
+
if(!empty($action))
{
if($action == 'delete_board' || $action == 'edit_board' || $action == 'hide_board' || $action == 'moveup_board' || $action == 'movedown_board')
$id = $_REQUEST['id'];
+ if(isset($_REQUEST['access']))
+ $access = $_REQUEST['access'];
+
+ if(isset($_REQUEST['guild']))
+ $guild = $_REQUEST['guild'];
+
if(isset($_REQUEST['name']))
$name = $_REQUEST['name'];
@@ -44,7 +52,7 @@ if($canEdit)
$errors = array();
if($action == 'add_board') {
- if(Forum::add_board($name, $description, $errors))
+ if(Forum::add_board($name, $description, $access, $guild, $errors))
$action = $name = $description = '';
}
else if($action == 'delete_board') {
@@ -56,11 +64,14 @@ if($canEdit)
if(isset($id) && !isset($name)) {
$board = Forum::get_board($id);
$name = $board['name'];
+ $access = $board['access'];
+ $guild = $board['guild'];
$description = $board['description'];
}
else {
- Forum::update_board($id, $name, $description);
+ Forum::update_board($id, $name, $access, $guild, $description);
$action = $name = $description = '';
+ $access = $guild = 0;
}
}
else if($action == 'hide_board') {
@@ -83,12 +94,17 @@ if($canEdit)
}
if(empty($action) || $action == 'edit_board') {
+ $guilds = $db->query('SELECT `id`, `name` FROM `guilds`')->fetchAll();
echo $twig->render('forum.add_board.html.twig', array(
'link' => getLink('forum', ($action == 'edit_board' ? 'edit_board' : 'add_board')),
'action' => $action,
'id' => isset($id) ? $id : null,
'name' => isset($name) ? $name : null,
- 'description' => isset($description) ? $description : null
+ 'description' => isset($description) ? $description : null,
+ 'access' => isset($access) ? $access : 0,
+ 'guild' => isset($guild) ? $guild : null,
+ 'groups' => $groups,
+ 'guilds' => $guilds
));
if($action == 'edit_board')
@@ -103,7 +119,9 @@ foreach(getForumBoards() as $section)
'id' => $section['id'],
'name' => $section['name'],
'description' => $section['description'],
- 'closed' => $section['closed'] == '1'
+ 'closed' => $section['closed'] == '1',
+ 'guild' => $section['guild'],
+ 'access' => $section['access']
);
if($canEdit) {
@@ -124,21 +142,24 @@ if(empty($action))
$counters[$data['section']] = array('threads' => $data['threads'], 'posts' => $data['replies'] + $data['threads']);
foreach($sections as $id => $section)
{
- $last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`section` = ".(int) $id." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
- $boards[] = array(
- 'id' => $id,
- 'link' => getForumBoardLink($id),
- 'name' => $section['name'],
- 'description' => $section['description'],
- 'hidden' => $section['hidden'],
- 'posts' => isset($counters[$id]['posts']) ? $counters[$id]['posts'] : 0,
- 'threads' => isset($counters[$id]['threads']) ? $counters[$id]['threads'] : 0,
- 'last_post' => array(
- 'name' => isset($last_post['name']) ? $last_post['name'] : null,
- 'date' => isset($last_post['post_date']) ? $last_post['post_date'] : null,
- 'player_link' => isset($last_post['name']) ? getPlayerLink($last_post['name']) : null,
- )
- );
+ $show = true;
+ if(Forum::hasAccess($id)) {
+ $last_post = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`section` = ".(int) $id." AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` ORDER BY `post_date` DESC LIMIT 1")->fetch();
+ $boards[] = array(
+ 'id' => $id,
+ 'link' => getForumBoardLink($id),
+ 'name' => $section['name'],
+ 'description' => $section['description'],
+ 'hidden' => $section['hidden'],
+ 'posts' => isset($counters[$id]['posts']) ? $counters[$id]['posts'] : 0,
+ 'threads' => isset($counters[$id]['threads']) ? $counters[$id]['threads'] : 0,
+ 'last_post' => array(
+ 'name' => isset($last_post['name']) ? $last_post['name'] : null,
+ 'date' => isset($last_post['post_date']) ? $last_post['post_date'] : null,
+ 'player_link' => isset($last_post['name']) ? getPlayerLink($last_post['name']) : null,
+ )
+ );
+ }
}
echo $twig->render('forum.boards.html.twig', array(
@@ -205,7 +226,7 @@ class Forum
'post_ip' => $_SERVER['REMOTE_ADDR']
));
}
- static public function add_board($name, $description, &$errors)
+ static public function add_board($name, $description, $access, $guild, &$errors)
{
global $db;
if(isset($name[0]) && isset($description[0]))
@@ -226,7 +247,7 @@ class Forum
$query = $query->fetch();
$ordering = $query['ordering'] + 1;
}
- $db->insert(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'ordering' => $ordering));
+ $db->insert(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild, 'ordering' => $ordering));
}
else
$errors[] = 'Forum board with this name already exists.';
@@ -242,9 +263,9 @@ class Forum
return $db->select(TABLE_PREFIX . 'forum_boards', array('id' => $id));
}
- static public function update_board($id, $name, $description) {
+ static public function update_board($id, $name, $access, $guild, $description) {
global $db;
- $db->update(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description), array('id' => $id));
+ $db->update(TABLE_PREFIX . 'forum_boards', array('name' => $name, 'description' => $description, 'access' => $access, 'guild' => $guild), array('id' => $id));
}
static public function delete_board($id, &$errors)
@@ -389,4 +410,41 @@ class Forum
$post .= self::parseBBCode($text, $smiles);
return $post;
}
+
+ public static function hasAccess($board_id) {
+ global $sections, $logged, $account_logged, $logged_access;
+ if(!isset($sections[$board_id]))
+ return false;
+
+ $hasAccess = true;
+ $section = $sections[$board_id];
+ if($section['guild'] > 0) {
+ if($logged) {
+ $guild = new OTS_Guild();
+ $guild->load($section['guild']);
+ $status = false;
+ if($guild->isLoaded()) {
+ $account_players = $account_logged->getPlayers();
+ foreach ($account_players as $player) {
+ if($guild->hasMember($player)) {
+ $status = true;
+ }
+ }
+ }
+
+ if (!$status) $hasAccess = false;
+ }
+ else {
+ $hasAccess = false;
+ }
+ }
+
+ if($section['access'] > 0) {
+ if($logged_access < $section['access']) {
+ $hasAccess = false;
+ }
+ }
+
+ return $hasAccess;
+ }
}
diff --git a/system/pages/forum/edit_post.php b/system/pages/forum/edit_post.php
index 9720cc5a..5d97afe8 100644
--- a/system/pages/forum/edit_post.php
+++ b/system/pages/forum/edit_post.php
@@ -19,12 +19,12 @@ if(Forum::canPost($account_logged))
return;
}
- $thread = $db->query("SELECT `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_date`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`section` FROM `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`id` = ".$post_id." LIMIT 1")->fetch();
+ $thread = $db->query("SELECT `author_guid`, `author_aid`, `first_post`, `post_topic`, `post_date`, `post_text`, `post_smile`, `id`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = ".$post_id." LIMIT 1")->fetch();
if(isset($thread['id']))
{
$first_post = $db->query("SELECT `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`section` FROM `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`id` = ".(int) $thread['first_post']." LIMIT 1")->fetch();
echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread['first_post']) . '">'.$first_post['post_topic'].'</a> >> <b>Edit post</b>';
- if($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())
+ if(Forum::hasAccess($thread['section'] && ($account_logged->getId() == $thread['author_aid'] || Forum::isModerator())))
{
$char_id = $post_topic = $text = $smile = null;
$players_from_account = $db->query("SELECT `players`.`name`, `players`.`id` FROM `players` WHERE `players`.`account_id` = ".(int) $account_logged->getId())->fetchAll();
diff --git a/system/pages/forum/move_thread.php b/system/pages/forum/move_thread.php
index 5b6d565a..0674238f 100644
--- a/system/pages/forum/move_thread.php
+++ b/system/pages/forum/move_thread.php
@@ -11,42 +11,55 @@
*/
defined('MYAAC') or die('Direct access not allowed!');
+if(!Forum::isModerator()) {
+ echo 'You are not logged in or you are not moderator.';
+}
+
$save = isset($_REQUEST['save']) ? (int)$_REQUEST['save'] == 1 : false;
if($save) {
- if (Forum::isModerator()) {
- $id = (int)$_REQUEST['id'];
- $board = (int)$_REQUEST['section'];
- $post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = " . $id . " LIMIT 1")->fetch();
- if ($post['id'] == $id) {
- if ($post['id'] == $post['first_post']) {
- $db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `section` = " . $board . " WHERE `id` = " . $post['id'] . "") or die(mysql_error());
- $nPost = $db->query('SELECT `section` FROM `' . TABLE_PREFIX . 'forum` WHERE `id` = \'' . $id . '\' LIMIT 1;')->fetch();
- header('Location: ' . getForumBoardLink($nPost['section']));
- }
- } else
- echo 'Post with ID ' . $id . ' does not exist.';
- } else
- echo 'You are not logged in or you are not moderator.';
+ $post_id = (int)$_REQUEST['id'];
+ $board = (int)$_REQUEST['section'];
+ if(!Forum::hasAccess($board)) {
+ echo "You don't have access to this board.";
+ return;
+ }
+
+ $post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = " . $post_id . " LIMIT 1")->fetch();
+ if ($post['id'] == $post_id) {
+ if ($post['id'] == $post['first_post']) {
+ $db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `section` = " . $board . " WHERE `id` = " . $post['id'] . "");
+ $nPost = $db->query('SELECT `section` FROM `' . TABLE_PREFIX . 'forum` WHERE `id` = \'' . $post_id . '\' LIMIT 1;')->fetch();
+ header('Location: ' . getForumBoardLink($nPost['section']));
+ }
+ }
+ else
+ echo 'Post with ID ' . $post_id . ' does not exist.';
}
else {
- if (Forum::isModerator()) {
- $id = (int)$_REQUEST['id'];
- $post = $db->query("SELECT `id`, `section`, `first_post`, `post_topic`, `author_guid` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = " . $id . " LIMIT 1")->fetch();
- $name = $db->query("SELECT `name` FROM `players` WHERE `id` = " . $post['author_guid'] . " ")->fetch();
- if ($post['id'] == $id) {
- if ($post['id'] == $post['first_post']) {
- echo $twig->render('forum.move_thread.html.twig', array(
- 'thread' => $post['post_topic'],
- 'author' => $name[0],
- 'board' => $sections[$post['section']]['name'],
- 'post_id' => $post['id'],
- 'sections' => $sections,
- 'section_link' => getForumBoardLink($post['section']),
- ));
- }
- } else
- echo 'Post with ID ' . $id . ' does not exist.';
- } else
- echo 'You are not logged in or you are not moderator.';
+ $post_id = (int)$_REQUEST['id'];
+ $post = $db->query("SELECT `id`, `section`, `first_post`, `post_topic`, `author_guid` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = " . $post_id . " LIMIT 1")->fetch();
+ $name = $db->query("SELECT `name` FROM `players` WHERE `id` = " . $post['author_guid'] . " ")->fetch();
+
+ $sections_allowed = array();
+ foreach($sections as $id => $section) {
+ if(Forum::hasAccess($id)) {
+ $sections_allowed[$id] = $section;
+ }
+ }
+
+ if ($post['id'] == $post_id) {
+ if ($post['id'] == $post['first_post']) {
+ echo $twig->render('forum.move_thread.html.twig', array(
+ 'thread' => $post['post_topic'],
+ 'author' => $name['name'],
+ 'board' => $sections[$post['section']]['name'],
+ 'post_id' => $post['id'],
+ 'sections' => $sections_allowed,
+ 'section_link' => getForumBoardLink($post['section']),
+ ));
+ }
+ }
+ else
+ echo 'Post with ID ' . $post_id . ' does not exist.';
}
?>
\ No newline at end of file
diff --git a/system/pages/forum/new_post.php b/system/pages/forum/new_post.php
index 54590921..892cc442 100644
--- a/system/pages/forum/new_post.php
+++ b/system/pages/forum/new_post.php
@@ -22,7 +22,7 @@ if(Forum::canPost($account_logged))
$thread = $db->query("SELECT `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`id`, `" . TABLE_PREFIX . "forum`.`section` FROM `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`id` = ".(int) $thread_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." LIMIT 1")->fetch();
echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($thread['section']) . '">'.$sections[$thread['section']]['name'].'</a> >> <a href="' . getForumThreadLink($thread_id) . '">'.$thread['post_topic'].'</a> >> <b>Post new reply</b><br /><h3>'.$thread['post_topic'].'</h3>';
- if(isset($thread['id']))
+ if(isset($thread['id']) && Forum::hasAccess($thread['section']))
{
$quote = isset($_REQUEST['quote']) ? (int) $_REQUEST['quote'] : NULL;
$text = isset($_REQUEST['text']) ? stripslashes(trim($_REQUEST['text'])) : NULL;
@@ -81,6 +81,7 @@ if(Forum::canPost($account_logged))
echo '<br />Thank you for posting.<br /><a href="' . getForumThreadLink($thread_id, $_page) . '">GO BACK TO LAST THREAD</a>';
}
}
+
if(!$saved)
{
if(!empty($errors))
diff --git a/system/pages/forum/new_thread.php b/system/pages/forum/new_thread.php
index 6750d778..132977b5 100644
--- a/system/pages/forum/new_thread.php
+++ b/system/pages/forum/new_thread.php
@@ -17,7 +17,7 @@ if(Forum::canPost($account_logged))
$section_id = isset($_REQUEST['section_id']) ? $_REQUEST['section_id'] : null;
if($section_id !== null) {
echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($section_id) . '">' . $sections[$section_id]['name'] . '</a> >> <b>Post new thread</b><br />';
- if (isset($sections[$section_id]['name'])) {
+ if(isset($sections[$section_id]['name']) && Forum::hasAccess($section_id)) {
if ($sections[$section_id]['closed'] && !Forum::isModerator())
$errors[] = 'You cannot create topic on this board.';
@@ -76,6 +76,7 @@ if(Forum::canPost($account_logged))
echo '<br />Thank you for posting.<br /><a href="' . getForumThreadLink($thread_id) . '">GO BACK TO LAST THREAD</a>';
}
}
+
if (!$saved) {
if (!empty($errors))
echo $twig->render('error_box.html.twig', array('errors' => $errors));
diff --git a/system/pages/forum/remove_post.php b/system/pages/forum/remove_post.php
index 8757bccb..0f04c73f 100644
--- a/system/pages/forum/remove_post.php
+++ b/system/pages/forum/remove_post.php
@@ -15,7 +15,7 @@ if(Forum::isModerator())
{
$id = (int) $_REQUEST['id'];
$post = $db->query("SELECT `id`, `first_post`, `section` FROM `" . TABLE_PREFIX . "forum` WHERE `id` = ".$id." LIMIT 1")->fetch();
- if($post['id'] == $id)
+ if($post['id'] == $id && Forum::hasAccess($post['section']))
{
if($post['id'] == $post['first_post'])
{
diff --git a/system/pages/forum/show_board.php b/system/pages/forum/show_board.php
index edcaeb9d..b0c03cca 100644
--- a/system/pages/forum/show_board.php
+++ b/system/pages/forum/show_board.php
@@ -12,7 +12,18 @@
defined('MYAAC') or die('Direct access not allowed!');
$links_to_pages = '';
-$section_id = (int) $_REQUEST['id'];
+$section_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : null;
+
+if($section_id == null || !isset($sections[$section_id])) {
+ echo "Board with this id does't exist.";
+ return;
+}
+
+if(!Forum::hasAccess($section_id)) {
+ echo "You don't have access to this board.";
+ return;
+}
+
$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
$threads_count = $db->query("SELECT COUNT(`" . TABLE_PREFIX . "forum`.`id`) AS threads_count FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`section` = ".(int) $section_id." AND `" . TABLE_PREFIX . "forum`.`first_post` = `" . TABLE_PREFIX . "forum`.`id`")->fetch();
for($i = 0; $i < $threads_count['threads_count'] / $config['forum_threads_per_page']; $i++)
diff --git a/system/pages/forum/show_thread.php b/system/pages/forum/show_thread.php
index 22166e26..893ba865 100644
--- a/system/pages/forum/show_thread.php
+++ b/system/pages/forum/show_thread.php
@@ -14,72 +14,77 @@ defined('MYAAC') or die('Direct access not allowed!');
$links_to_pages = '';
$thread_id = (int) $_REQUEST['id'];
$_page = (int) (isset($_REQUEST['page']) ? $_REQUEST['page'] : 0);
-$thread_name = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_topic` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." AND `" . TABLE_PREFIX . "forum`.`id` = `" . TABLE_PREFIX . "forum`.`first_post` AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` LIMIT 1")->fetch();
-if(!empty($thread_name['name']))
-{
- $posts_count = $db->query("SELECT COUNT(`" . TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
- for($i = 0; $i < $posts_count['posts_count'] / $config['forum_threads_per_page']; $i++)
- {
- if($i != $_page)
- $links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
- else
- $links_to_pages .= '<b>'.($i + 1).' </b>';
- }
- $threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `players`.`account_id`, `players`.`vocation`" . (fieldExist('promotion', 'players') ? ", `players`.`promotion`" : "") . ", `players`.`level`, `" . TABLE_PREFIX . "forum`.`id`,`" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`section`,`" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_date`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`last_edit_aid`, `" . TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` LIMIT ".$config['forum_posts_per_page']." OFFSET ".($_page * $config['forum_posts_per_page']))->fetchAll();
- if(isset($threads[0]['name']))
- $db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
- echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($threads[0]['section']) . '">'.$sections[$threads[0]['section']]['name'].'</a> >> <b>'.$thread_name['post_topic'].'</b>';
- echo '<br /><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a><br /><br />Page: '.$links_to_pages.'<br /><table width="100%"><tr bgcolor="'.$config['lightborder'].'" width="100%"><td colspan="2"><font size="4"><b>'.htmlspecialchars($thread_name['post_topic']).'</b></font><font size="1"><br />by ' . getPlayerLink($thread_name['name']) . '</font></td></tr><tr bgcolor="'.$config['vdarkborder'].'"><td width="200"><font color="white" size="1"><b>Author</b></font></td><td> </td></tr>';
- $player = $ots->createObject('Player');
- foreach($threads as $thread)
- {
- $player->load($thread['player_id']);
- if(!$player->isLoaded()) {
- error('Forum error: Player not loaded.');
- die();
- }
-
- echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
-
- $rank = $player->getRank();
- if($rank->isLoaded())
- {
- $guild = $rank->getGuild();
- if($guild->isLoaded())
- echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
- }
- $player_account = $player->getAccount();
- $canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
-
- $posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
- echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.Forum::showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
- <tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
- if($thread['edit_date'] > 0)
- {
- if($thread['last_edit_aid'] != $thread['author_aid'])
- echo '<br />Edited by moderator';
- else
- echo '<br />Edited by '.$thread['name'];
- echo '<br />on '.date('d.m.y H:i:s', $thread['edit_date']);
- }
- echo '</font></td><td>';
- if(Forum::isModerator())
- if($thread['first_post'] != $thread['id'])
- echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove post of '.$thread['name'].'?\')"><font color="red">REMOVE POST</font></a>';
- else
- {
- echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
- echo '<br/><a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><font color="red">REMOVE THREAD</font></a>';
- }
- if($logged && ($thread['account_id'] == $account_logged->getId() || Forum::isModerator()))
- echo '<br/><a href="?subtopic=forum&action=edit_post&id='.$thread['id'].'">EDIT POST</a>';
- if($logged)
- echo '<br/><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"e='.$thread['id'].'">Quote</a>';
- echo '</td></tr>';
- }
- echo '</table><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a>';
-}
-else
- echo 'Thread with this ID does not exits.';
+$thread_name = $db->query("SELECT `players`.`name`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`section` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." AND `" . TABLE_PREFIX . "forum`.`id` = `" . TABLE_PREFIX . "forum`.`first_post` AND `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` LIMIT 1")->fetch();
+if(empty($thread_name['name'])) {
+ echo 'Thread with this ID does not exits.';
+ return;
+}
+
+if(Forum::hasAccess($thread_name['section'])) {
+ echo "You don't have access to view this thread.";
+ return;
+}
+
+$posts_count = $db->query("SELECT COUNT(`" . TABLE_PREFIX . "forum`.`id`) AS posts_count FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id)->fetch();
+for($i = 0; $i < $posts_count['posts_count'] / $config['forum_threads_per_page']; $i++)
+{
+ if($i != $_page)
+ $links_to_pages .= '<a href="' . getForumThreadLink($thread_id, $i) . '">'.($i + 1).'</a> ';
+ else
+ $links_to_pages .= '<b>'.($i + 1).' </b>';
+}
+$threads = $db->query("SELECT `players`.`id` as `player_id`, `players`.`name`, `players`.`account_id`, `players`.`vocation`" . (fieldExist('promotion', 'players') ? ", `players`.`promotion`" : "") . ", `players`.`level`, `" . TABLE_PREFIX . "forum`.`id`,`" . TABLE_PREFIX . "forum`.`first_post`, `" . TABLE_PREFIX . "forum`.`section`,`" . TABLE_PREFIX . "forum`.`post_text`, `" . TABLE_PREFIX . "forum`.`post_topic`, `" . TABLE_PREFIX . "forum`.`post_date`, `" . TABLE_PREFIX . "forum`.`post_smile`, `" . TABLE_PREFIX . "forum`.`author_aid`, `" . TABLE_PREFIX . "forum`.`author_guid`, `" . TABLE_PREFIX . "forum`.`last_edit_aid`, `" . TABLE_PREFIX . "forum`.`edit_date` FROM `players`, `" . TABLE_PREFIX . "forum` WHERE `players`.`id` = `" . TABLE_PREFIX . "forum`.`author_guid` AND `" . TABLE_PREFIX . "forum`.`first_post` = ".(int) $thread_id." ORDER BY `" . TABLE_PREFIX . "forum`.`post_date` LIMIT ".$config['forum_posts_per_page']." OFFSET ".($_page * $config['forum_posts_per_page']))->fetchAll();
+if(isset($threads[0]['name']))
+ $db->query("UPDATE `" . TABLE_PREFIX . "forum` SET `views`=`views`+1 WHERE `id` = ".(int) $thread_id);
+echo '<a href="' . getLink('forum') . '">Boards</a> >> <a href="' . getForumBoardLink($threads[0]['section']) . '">'.$sections[$threads[0]['section']]['name'].'</a> >> <b>'.$thread_name['post_topic'].'</b>';
+echo '<br /><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a><br /><br />Page: '.$links_to_pages.'<br /><table width="100%"><tr bgcolor="'.$config['lightborder'].'" width="100%"><td colspan="2"><font size="4"><b>'.htmlspecialchars($thread_name['post_topic']).'</b></font><font size="1"><br />by ' . getPlayerLink($thread_name['name']) . '</font></td></tr><tr bgcolor="'.$config['vdarkborder'].'"><td width="200"><font color="white" size="1"><b>Author</b></font></td><td> </td></tr>';
+$player = $ots->createObject('Player');
+foreach($threads as $thread)
+{
+ $player->load($thread['player_id']);
+ if(!$player->isLoaded()) {
+ error('Forum error: Player not loaded.');
+ die();
+ }
+
+ echo '<tr bgcolor="' . getStyle($number_of_rows++) . '"><td valign="top">' . getPlayerLink($thread['name']) . '<br /><br /><font size="1">Profession: '.$config['vocations'][$player->getVocation()].'<br />Level: '.$thread['level'].'<br />';
+
+ $rank = $player->getRank();
+ if($rank->isLoaded())
+ {
+ $guild = $rank->getGuild();
+ if($guild->isLoaded())
+ echo $rank->getName().' of <a href="'.getGuildLink($guild->getName(), false).'">'.$guild->getName().'</a><br />';
+ }
+ $player_account = $player->getAccount();
+ $canEditForum = $player_account->hasFlag(FLAG_CONTENT_FORUM) || $player_account->isAdmin();
+
+ $posts = $db->query("SELECT COUNT(`id`) AS 'posts' FROM `" . TABLE_PREFIX . "forum` WHERE `author_aid`=".(int) $thread['account_id'])->fetch();
+ echo '<br />Posts: '.(int) $posts['posts'].'<br /></font></td><td valign="top">'.Forum::showPost(($canEditForum ? $thread['post_topic'] : htmlspecialchars($thread['post_topic'])), ($canEditForum ? $thread['post_text'] : htmlspecialchars($thread['post_text'])), $thread['post_smile']).'</td></tr>
+ <tr bgcolor="'.getStyle($number_of_rows++).'"><td><font size="1">'.date('d.m.y H:i:s', $thread['post_date']);
+ if($thread['edit_date'] > 0)
+ {
+ if($thread['last_edit_aid'] != $thread['author_aid'])
+ echo '<br />Edited by moderator';
+ else
+ echo '<br />Edited by '.$thread['name'];
+ echo '<br />on '.date('d.m.y H:i:s', $thread['edit_date']);
+ }
+ echo '</font></td><td>';
+ if(Forum::isModerator())
+ if($thread['first_post'] != $thread['id'])
+ echo '<a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove post of '.$thread['name'].'?\')"><font color="red">REMOVE POST</font></a>';
+ else
+ {
+ echo '<a href="?subtopic=forum&action=move_thread&id='.$thread['id'].'"\')"><span style="color:darkgreen">[MOVE]</span></a>';
+ echo '<br/><a href="?subtopic=forum&action=remove_post&id='.$thread['id'].'" onclick="return confirm(\'Are you sure you want remove thread > '.$thread['post_topic'].' <?\')"><font color="red">REMOVE THREAD</font></a>';
+ }
+ if($logged && ($thread['account_id'] == $account_logged->getId() || Forum::isModerator()))
+ echo '<br/><a href="?subtopic=forum&action=edit_post&id='.$thread['id'].'">EDIT POST</a>';
+ if($logged)
+ echo '<br/><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"e='.$thread['id'].'">Quote</a>';
+ echo '</td></tr>';
+}
+echo '</table><br /><a href="?subtopic=forum&action=new_post&thread_id='.$thread_id.'"><img src="images/forum/post.gif" border="0" /></a>';
?>
\ No newline at end of file
diff --git a/system/pages/guilds/show.php b/system/pages/guilds/show.php
index 3ba571f6..f76da676 100644
--- a/system/pages/guilds/show.php
+++ b/system/pages/guilds/show.php
@@ -14,6 +14,7 @@ defined('MYAAC') or die('Direct access not allowed!');
$guild_name = $_REQUEST['guild'];
if(!Validator::guildName($guild_name))
$errors[] = Validator::getLastError();
+
if(empty($errors))
{
$guild = $ots->createObject('Guild');
diff --git a/system/templates/admin.pages.form.html.twig b/system/templates/admin.pages.form.html.twig
index c72d2160..32c142df 100644
--- a/system/templates/admin.pages.form.html.twig
+++ b/system/templates/admin.pages.form.html.twig
@@ -87,9 +87,8 @@
<td>Access:</td>
<td>
<select name="access">
- <?php foreach($groups->getGroups() as $id => $group): ?>
{% for id, group in groups %}
- <option value="{{ group.getAccess() }}"{% if access == group.getAccess() %} selected{% endif %}>{{ group.getName() }}</option>
+ <option value="{{ group.getId() }}"{% if access == group.getId() %} selected{% endif %}>{{ group.getName() }}</option>
{% endfor %}
</select>
</td>
diff --git a/system/templates/forum.add_board.html.twig b/system/templates/forum.add_board.html.twig
index 5aeb2490..b32a722e 100644
--- a/system/templates/forum.add_board.html.twig
+++ b/system/templates/forum.add_board.html.twig
@@ -16,6 +16,27 @@
<td>Description:</td>
<td><textarea name="description" maxlength="300" cols="50" rows="5">{% if description is not null %}{{ description }}{% endif %}</textarea></td>
<tr/>
+ <tr>
+ <td>Access:</td>
+ <td>
+ <select name="access">
+ {% for id, group in groups %}
+ <option value="{{ group.getAccess() }}"{% if access == group.getId() %} selected{% endif %}>{{ group.getName() }}</option>
+ {% endfor %}
+ </select>
+ </td>
+ </tr>
+ <tr>
+ <td>Guild:</td>
+ <td>
+ <select name="guild">
+ <option value="0"{% if guild == 0 %} selected{% endif %}>----</option>
+ {% for guild_ in guilds %}
+ <option value="{{ guild_.id }}"{% if guild == guild_.id %} selected{% endif %}>{{ guild_.name }}</option>
+ {% endfor %}
+ </select>
+ </td>
+ </tr>
<tr>
<td colspan="2" align="center"><input type="submit" value="Submit"/>
</tr>
diff --git a/system/templates/forum.move_thread.html.twig b/system/templates/forum.move_thread.html.twig
index f68534ec..4188cb75 100644
--- a/system/templates/forum.move_thread.html.twig
+++ b/system/templates/forum.move_thread.html.twig
@@ -18,8 +18,8 @@
<strong>BOARD:</strong> {{ board }}<br/><br/>
<strong>Select the new board: </strong>
<select name="section">
- {% for section in sections %}
- <option value="{{ section.id }}">{{ section.name }}</option>
+ {% for id, section in sections %}
+ <option value="{{ id }}">{{ section.name }}</option>
{% endfor %}
</select>
<input type="submit" value="Move Thread">