diff --git a/groups.php b/groups.php
index 2bef748..ad0c810 100644
--- a/groups.php
+++ b/groups.php
@@ -41,7 +41,7 @@ if(isset($_GET['mode']))
{
$start = TimeGeneration();
$default_skin = ViewSkinName();
- $gid = intval($_GET['id']);
+ $gid = addslashes(strip_tags($_GET['id']));
if ((isset($_POST['nick']))and ($_POST['nick']!=''))
{
if($_POST['nick']!='')
@@ -68,17 +68,31 @@ if(isset($_GET['mode']))
$_POST['nick']='';
$_POST['delnick']='';
}
- $sql = "SELECT `g_id`, `name`, `desc`, `m_id` FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'";
- $group = DataBase::fetch(DataBase::sql_query($sql, GENERAL, 'Could not obtain groups information.'));
- if ($group['g_id']=='')
+ $bool = ($gid == 'mods') ? true : ($gid == 'admins') ? true : false;
+ if (!$bool)
{
- message_forum($lng['no_group'], 'index.php');
- }
+ $sql = "SELECT `g_id`, `name`, `desc`, `m_id` FROM `".GROUPS_TABLE."` WHERE `g_id`='$gid'";
+ $group = DataBase::fetch(DataBase::sql_query($sql, GENERAL, 'Could not obtain groups information.'));
+ if ($group['g_id']=='')
+ {
+ message_forum($lng['no_group'], 'groups.php');
+ }
+ }
+ if ($gid == 'admins')
+ {
+ $group['name'] = $lng['admins'];
+ $group['desc'] = $lng['admins_desc'];
+ }
+ if ($gid == 'mods')
+ {
+ $group['name'] = $lng['mods'];
+ $group['desc'] = $lng['mods_desc'];
+ }
unset($tmp);
$skin = GenerateHeader($lng['showgroup'].': '.$group['name'], '> '.$lng['showgroup'].': '.$group['name']);
include('./skins/'.$default_skin.'/overall_header.tpl');
$skin = array(
- 'moderate'=>IfModGroup($group['m_id']),
+ 'moderate'=>(is_numeric($gid)) ? IfModGroup($group['m_id']) : '',
'name'=>$group['name'],
'desc'=>$group['desc'],
'lregdate'=>$lng['luregister'],
@@ -88,7 +102,15 @@ if(isset($_GET['mode']))
'g_id'=>$group['g_id']
);
include('./skins/'.$default_skin.'/group_view_head_body.tpl');
- $sql = "SELECT ".USERS_GROUP_TABLE.".*, ".USERS_TABLE.".* FROM `".USERS_GROUP_TABLE."` LEFT JOIN ".USERS_TABLE." ON ".USERS_TABLE.".u_id =".USERS_GROUP_TABLE.".u_id WHERE `g_id`='$gid'";
+ if ($gid == 'admins') { $rnk = 2; } else {$rnk = 1;}
+ if (is_numeric($gid))
+ {
+ $sql = "SELECT ".USERS_GROUP_TABLE.".*, ".USERS_TABLE.".* FROM `".USERS_GROUP_TABLE."` LEFT JOIN ".USERS_TABLE." ON ".USERS_TABLE.".u_id =".USERS_GROUP_TABLE.".u_id WHERE `g_id`='$gid'";
+ }
+ else
+ {
+ $sql = "SELECT * FROM ".USERS_TABLE." WHERE `rank` = '$rnk'";
+ }
$query = DataBase::sql_query($sql, GENERAL, 'Could not obtain users in groups information.');
$amout = DataBase::num_rows($query);
if ($amout>0)
@@ -139,8 +161,24 @@ if(isset($_GET['mode']))
else
{
$default_skin = ViewSkinName();
+
$skin = GenerateHeader($lng['lgroups'], '> '.$lng['lgroups']);
include('./skins/'.$default_skin.'/overall_header.tpl');
+ $special_groups[] = array('admins', $lng['admins'], $lng['admins_desc']);
+ $special_groups[] = array('mods', $lng['mods'], $lng['mods_desc']);
+ $i = 0;
+ while($i<2)
+ {
+ $skin = array (
+ 'g_id'=>$special_groups[$i][0],
+ 'name' => $special_groups[$i][1],
+ 'desc' =>$special_groups[$i][2]
+ );
+ include('./skins/'.$default_skin.'/group_add_body.tpl');
+ $i++;
+ }
+ echo '
';
+
$sql = "SELECT `g_id`, `name`, `desc` FROM `".GROUPS_TABLE."` ORDER BY `sort`";
$query = DataBase::sql_query($sql, GENERAL, 'Could not obtain groups information.');
if (DataBase::num_rows($query)>0)
diff --git a/includes/classes/secure.php b/includes/classes/secure.php
index 3f3dbd0..c962291 100644
--- a/includes/classes/secure.php
+++ b/includes/classes/secure.php
@@ -148,12 +148,15 @@ class Secure
function group_exists($gid)
{
global $lng;
- $sql = "SELECT `g_id` FROM `".GROUPS_TABLE."` WHERE g_id='$gid'";
- $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain group information.'));
- $result = $result['g_id'];
- if ($result=='')
+ if ($gid != 'mods' || $gid!='admins')
{
- message_forum($lng['no_group'],'groups.php');
+ $sql = "SELECT `g_id` FROM `".GROUPS_TABLE."` WHERE g_id='$gid'";
+ $result = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain group information.'));
+ $result = $result['g_id'];
+ if ($result=='')
+ {
+ message_forum($lng['no_group'],'groups.php');
+ }
}
}
function TagsReplace($text)
diff --git a/lngs/Polish/main.php b/lngs/Polish/main.php
index 17b4bef..dc53e48 100644
--- a/lngs/Polish/main.php
+++ b/lngs/Polish/main.php
@@ -113,6 +113,10 @@ $lng['admin_mod_administration']='Pole Admina/Mod\'a';
//
//other...------------------------------------------------------------
//
+$lng['admins']='Administratorzy';
+$lng['admins_desc']='Globalni administratorzy tego forum';
+$lng['mods']='Moderatorzy';
+$lng['mods_desc']='Osoby odpowiedzialne za ład i porządek na forum';
$lng['yesterday']='Wczoraj';
$lng['today']='Dzisiaj';
$lng['message_forum']='Komunikat Forum';