1:    2:    3:    4:    5:    6:    7:    8:    9:   10:   11:   12:   13:   14:   15:   16:   17:   18:   19:   20:   21:   22:   23:   24:   25:   26:   27:   28:   29:   30:   31:   32:   33:   34:   35:   36:   37:   38:   39:   40:   41:   42:   43:   44:   45:   46:   47:   48:   49:   50:   51:   52:   53:   54:   55:   56:   57:   58:   59:   60:   61:   62:   63:   64:   65:   66:   67:   68:   69:   70:   71:   72:   73:   74:   75:   76:   77:   78:   79:   80:   81:   82:   83:   84:   85:   86:   87:   88:   89:   90:   91:   92:   93:   94:   95:   96:   97:   98:   99:  100:  101:  102:  103:  104:  105:  106:  107:  108:  109:  110:  111:  112:  113:  114:  115:  116:  117:  118:  119:  120:  121:  122:  123:  124:  125:  126:  127:  128:  129:  130:  131:  132:  133:  134:  135:  136:  137:  138:  139:  140:  141:  142:  143:  144:  145:  146:  147:  148:  149:  150:  151:  152:  153:  154:  155:  156:  157:  158:  159:  160:  161:  162:  163:  164:  165:  166:  167:  168:  169:  170:  171:  172:  173:  174:  175:  176:  177:  178:  179:  180:  181:  182:  183:  184:  185:  186:  187:  188:  189:  190:  191:  192:  193:  194:  195:  196:  197:  198:  199:  200:  201:  202:  203:  204:  205:  206:  207:  208:  209:  210:  211:  212:  213:  214:  215:  216:  217:  218:  219:  220:  221:  222:  223:  224:  225:  226:  227:  228:  229:  230:  231:  232:  233:  234:  235:  236:  237:  238:  239:  240:  241:  242:  243:  244:  245:  246:  247:  248:  249:  250:  251:  252:  253:  254:  255:  256:  257:  258:  259:  260:  261:  262:  263:  264:  265:  266:  267:  268:  269:  270:  271:  272:  273:  274:  275:  276:  277:  278:  279:  280:  281:  282:  283:  284:  285:  286:  287:  288:  289:  290:  291:  292:  293:  294:  295:  296:  297:  298:  299:  300:  301:  302:  303:  304:  305:  306:  307:  308:  309:  310:  311:  312:  313:  314:  315:  316:  317:  318:  319:  320:  321:  322:  323:  324:  325:  326:  327:  328:  329:  330:  331:  332:  333:  334:  335:  336:  337:  338:  339:  340:  341:  342:  343:  344:  345:  346:  347:  348:  349:  350:  351:  352:  353:  354:  355:  356:  357:  358:  359:  360:  361:  362:  363:  364:  365:  366:  367:  368:  369:  370:  371:  372:  373:  374:  375:  376:  377:  378:  379:  380:  381:  382:  383:  384:  385:  386:  387:  388:  389:  390:  391:  392:  393:  394:  395:  396:  397:  398:  399:  400:  401:  402:  403:  404:  405:  406:  407:  408:  409:  410:  411:  412:  413:  414:  415:  416:  417:  418:  419:  420:  421:  422:  423:  424:  425:  426:  427:  428:  429:  430:  431:  432:  433:  434:  435:  436:  437:  438:  439:  440:  441:  442:  443:  444:  445:  446:  447:  448:  449:  450:  451:  452:  453:  454:  455:  456:  457:  458:  459:  460:  461:  462:  463:  464:  465:  466:  467:  468:  469:  470:  471:  472:  473:  474:  475:  476:  477:  478:  479:  480:  481:  482:  483:  484:  485:  486:  487:  488:  489:  490:  491:  492:  493:  494:  495:  496:  497:  498:  499:  500:  501:  502:  503:  504:  505:  506:  507:  508:  509:  510:  511:  512:  513:  514:  515:  516:  517:  518:  519:  520:  521:  522:  523:  524:  525:  526:  527:  528:  529:  530:  531:  532:  533:  534:  535:  536:  537:  538:  539:  540:  541:  542:  543:  544:  545:  546:  547:  548:  549:  550:  551:  552:  553:  554:  555:  556:  557:  558:  559:  560:  561:  562:  563:  564:  565:  566:  567:  568:  569:  570:  571:  572:  573:  574:  575:  576:  577:  578:  579:  580:  581:  582:  583:  584:  585:  586:  587:  588:  589:  590:  591:  592:  593:  594:  595:  596:  597:  598:  599:  600:  601:  602:  603:  604:  605:  606:  607:  608:  609:  610:  611:  612:  613:  614:  615:  616:  617:  618:  619:  620:  621:  622:  623:  624:  625:  626:  627:  628:  629:  630:  631:  632:  633:  634:  635:  636:  637:  638:  639:  640:  641:  642:  643:  644:  645:  646:  647:  648:  649:  650:  651:  652:  653:  654:  655:  656:  657:  658:  659:  660:  661:  662:  663:  664:  665:  666:  667:  668:  669:  670:  671:  672:  673:  674:  675:  676:  677:  678:  679:  680:  681:  682:  683:  684:  685:  686:  687:  688:  689:  690:  691:  692:  693:  694:  695:  696:  697:  698:  699:  700:  701:  702:  703:  704:  705:  706:  707:  708:  709:  710:  711:  712:  713:  714:  715:  716:  717:  718:  719:  720:  721:  722:  723:  724:  725:  726:  727:  728:  729:  730:  731:  732:  733:  734:  735:  736:  737:  738:  739:  740:  741:  742:  743:  744:  745:  746:  747:  748:  749:  750:  751:  752:  753:  754:  755:  756:  757:  758:  759:  760:  761:  762:  763:  764:  765:  766:  767:  768:  769:  770:  771:  772:  773:  774:  775:  776:  777:  778:  779:  780:  781:  782:  783:  784:  785:  786:  787:  788:  789:  790:  791:  792:  793:  794:  795:  796:  797:  798:  799:  800:  801:  802:  803:  804:  805:  806:  807:  808:  809:  810:  811:  812:  813:  814:  815:  816:  817:  818:  819:  820:  821:  822:  823:  824:  825:  826:  827:  828:  829:  830:  831:  832:  833:  834:  835:  836:  837:  838:  839:  840:  841:  842:  843:  844:  845:  846:  847:  848:  849:  850:  851:  852:  853:  854:  855:  856:  857:  858:  859:  860:  861:  862:  863:  864:  865:  866:  867:  868:  869:  870:  871:  872:  873:  874:  875:  876:  877:  878:  879:  880:  881:  882:  883:  884:  885:  886:  887:  888:  889:  890:  891:  892:  893:  894:  895:  896:  897:  898:  899:  900:  901:  902:  903:  904:  905:  906:  907:  908:  909:  910:  911:  912:  913:  914:  915:  916:  917:  918:  919:  920:  921:  922:  923:  924:  925:  926:  927:  928:  929:  930:  931:  932:  933:  934:  935:  936:  937:  938:  939:  940:  941:  942:  943:  944:  945:  946:  947:  948:  949:  950:  951:  952:  953:  954:  955:  956:  957:  958:  959:  960:  961:  962:  963:  964:  965:  966:  967:  968:  969:  970:  971:  972:  973:  974:  975:  976:  977:  978:  979:  980:  981:  982:  983:  984:  985:  986:  987:  988:  989:  990:  991:  992:  993:  994:  995:  996:  997:  998:  999: 1000: 1001: 1002: 1003: 1004: 1005: 1006: 1007: 1008: 1009: 1010: 1011: 1012: 1013: 1014: 1015: 1016: 1017: 1018: 1019: 1020: 1021: 1022: 1023: 1024: 1025: 1026: 1027: 1028: 1029: 1030: 1031: 1032: 1033: 1034: 1035: 1036: 1037: 1038: 1039: 1040: 1041: 1042: 1043: 1044: 1045: 1046: 1047: 1048: 1049: 1050: 1051: 1052: 1053: 1054: 1055: 1056: 1057: 1058: 1059: 1060: 1061: 1062: 1063: 1064: 1065: 1066: 1067: 1068: 1069: 1070: 1071: 1072: 1073: 1074: 1075: 1076: 1077: 1078: 1079: 1080: 1081: 1082: 1083: 1084: 1085: 1086: 1087: 1088: 1089: 1090: 1091: 1092: 1093: 1094: 1095: 1096: 1097: 1098: 1099: 1100: 1101: 1102: 1103: 1104: 1105: 1106: 1107: 1108: 1109: 1110: 1111: 1112: 1113: 1114: 1115: 1116: 1117: 1118: 1119: 1120: 1121: 1122: 1123: 1124: 1125: 1126: 1127: 1128: 1129: 1130: 1131: 1132: 1133: 1134: 1135: 1136: 1137: 1138: 1139: 1140: 1141: 1142: 1143: 1144: 1145: 1146: 1147: 1148: 1149: 1150: 1151: 1152: 1153: 1154: 1155: 1156: 1157: 1158: 1159: 1160: 1161: 1162: 1163: 1164: 1165: 1166: 1167: 1168: 1169: 1170: 1171: 1172: 1173: 1174: 1175: 1176: 1177: 1178: 1179: 1180: 1181: 1182: 1183: 1184: 1185: 1186: 1187: 1188: 1189: 1190: 1191: 1192: 1193: 1194: 1195: 1196: 1197: 1198: 1199: 1200: 1201: 1202: 1203: 1204: 1205: 1206: 1207: 1208: 1209: 1210: 1211: 1212: 1213: 1214: 1215: 1216: 1217: 1218: 1219: 1220: 1221: 1222: 1223: 1224: 1225: 1226: 1227: 1228: 1229: 1230: 1231: 1232: 1233: 1234: 1235: 1236: 1237: 1238: 1239: 1240: 1241: 1242: 1243: 1244: 1245: 1246: 1247: 1248: 1249: 1250: 1251: 1252: 1253: 1254: 1255: 1256: 1257: 1258: 1259: 1260: 1261: 1262: 1263: 1264: 1265: 1266: 1267: 1268: 1269: 1270: 1271: 1272: 1273: 1274: 1275: 1276: 1277: 1278: 1279: 1280: 1281: 1282: 1283: 1284: 1285: 
<?php

/**
 * This file is concerned with anything in the Manage Membergroups admin screen.
 *
 * Simple Machines Forum (SMF)
 *
 * @package SMF
 * @author Simple Machines http://www.simplemachines.org
 * @copyright 2019 Simple Machines and individual contributors
 * @license http://www.simplemachines.org/about/smf/license.php BSD
 *
 * @version 2.1 RC1
 */

if (!defined('SMF'))
    die('No direct access...');

/**
 * Main dispatcher, the entrance point for all 'Manage Membergroup' actions.
 * It forwards to a function based on the given subaction, default being subaction 'index', or, without manage_membergroup
 * permissions, then 'settings'.
 * Called by ?action=admin;area=membergroups.
 * Requires the manage_membergroups or the admin_forum permission.
 *
 * uses ManageMembergroups template.
 * uses ManageMembers language file.
 */
function ModifyMembergroups()
{
    global $context, $txt, $sourcedir;

    $subActions = array(
        'add' => array('AddMembergroup', 'manage_membergroups'),
        'delete' => array('DeleteMembergroup', 'manage_membergroups'),
        'edit' => array('EditMembergroup', 'manage_membergroups'),
        'index' => array('MembergroupIndex', 'manage_membergroups'),
        'members' => array('MembergroupMembers', 'manage_membergroups', 'Groups.php'),
        'settings' => array('ModifyMembergroupsettings', 'admin_forum'),
    );

    // Default to sub action 'index' or 'settings' depending on permissions.
    $_REQUEST['sa'] = isset($_REQUEST['sa']) && isset($subActions[$_REQUEST['sa']]) ? $_REQUEST['sa'] : (allowedTo('manage_membergroups') ? 'index' : 'settings');

    // Is it elsewhere?
    if (isset($subActions[$_REQUEST['sa']][2]))
        require_once($sourcedir . '/' . $subActions[$_REQUEST['sa']][2]);

    // Do the permission check, you might not be allowed her.
    isAllowedTo($subActions[$_REQUEST['sa']][1]);

    // Language and template stuff, the usual.
    loadLanguage('ManageMembers');
    loadTemplate('ManageMembergroups');

    // Setup the admin tabs.
    $context[$context['admin_menu_name']]['tab_data'] = array(
        'title' => $txt['membergroups_title'],
        'help' => 'membergroups',
        'description' => $txt['membergroups_description'],
    );

    call_integration_hook('integrate_manage_membergroups', array(&$subActions));

    // Call the right function.
    call_helper($subActions[$_REQUEST['sa']][0]);
}

/**
 * Shows an overview of the current membergroups.
 * Called by ?action=admin;area=membergroups.
 * Requires the manage_membergroups permission.
 * Splits the membergroups in regular ones and post count based groups.
 * It also counts the number of members part of each membergroup.
 *
 * uses ManageMembergroups template, main.
 */
function MembergroupIndex()
{
    global $txt, $scripturl, $context, $sourcedir;

    $context['page_title'] = $txt['membergroups_title'];

    // The first list shows the regular membergroups.
    $listOptions = array(
        'id' => 'regular_membergroups_list',
        'title' => $txt['membergroups_regular'],
        'base_href' => $scripturl . '?action=admin;area=membergroups' . (isset($_REQUEST['sort2']) ? ';sort2=' . urlencode($_REQUEST['sort2']) : ''),
        'default_sort_col' => 'name',
        'get_items' => array(
            'file' => $sourcedir . '/Subs-Membergroups.php',
            'function' => 'list_getMembergroups',
            'params' => array(
                'regular',
            ),
        ),
        'columns' => array(
            'name' => array(
                'header' => array(
                    'value' => $txt['membergroups_name'],
                ),
                'data' => array(
                    'function' => function($rowData) use ($scripturl)
                    {
                        // Since the moderator group has no explicit members, no link is needed.
                        if ($rowData['id_group'] == 3)
                            $group_name = $rowData['group_name'];
                        else
                        {
                            $color_style = empty($rowData['online_color']) ? '' : sprintf(' style="color: %1$s;"', $rowData['online_color']);
                            $group_name = sprintf('<a href="%1$s?action=admin;area=membergroups;sa=members;group=%2$d"%3$s>%4$s</a>', $scripturl, $rowData['id_group'], $color_style, $rowData['group_name']);
                        }

                        // Add a help option for moderator and administrator.
                        if ($rowData['id_group'] == 1)
                            $group_name .= sprintf(' (<a href="%1$s?action=helpadmin;help=membergroup_administrator" onclick="return reqOverlayDiv(this.href);">?</a>)', $scripturl);
                        elseif ($rowData['id_group'] == 3)
                            $group_name .= sprintf(' (<a href="%1$s?action=helpadmin;help=membergroup_moderator" onclick="return reqOverlayDiv(this.href);">?</a>)', $scripturl);

                        return $group_name;
                    },
                ),
                'sort' => array(
                    'default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name',
                    'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, mg.group_name DESC',
                ),
            ),
            'icons' => array(
                'header' => array(
                    'value' => $txt['membergroups_icons'],
                ),
                'data' => array(
                    'db' => 'icons',
                ),
                'sort' => array(
                    'default' => 'mg.icons',
                    'reverse' => 'mg.icons DESC',
                )
            ),
            'members' => array(
                'header' => array(
                    'value' => $txt['membergroups_members_top'],
                    'class' => 'centercol',
                ),
                'data' => array(
                    'function' => function($rowData) use ($txt)
                    {
                        // No explicit members for the moderator group.
                        return $rowData['id_group'] == 3 ? $txt['membergroups_guests_na'] : comma_format($rowData['num_members']);
                    },
                    'class' => 'centercol',
                ),
                'sort' => array(
                    'default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1',
                    'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, 1 DESC',
                ),
            ),
            'modify' => array(
                'header' => array(
                    'value' => $txt['modify'],
                    'class' => 'centercol',
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . $scripturl . '?action=admin;area=membergroups;sa=edit;group=%1$d">' . $txt['membergroups_modify'] . '</a>',
                        'params' => array(
                            'id_group' => false,
                        ),
                    ),
                    'class' => 'centercol',
                ),
            ),
        ),
        'additional_rows' => array(
            array(
                'position' => 'above_table_headers',
                'value' => '<a class="button" href="' . $scripturl . '?action=admin;area=membergroups;sa=add;generalgroup">' . $txt['membergroups_add_group'] . '</a>',
            ),
            array(
                'position' => 'below_table_data',
                'value' => '<a class="button" href="' . $scripturl . '?action=admin;area=membergroups;sa=add;generalgroup">' . $txt['membergroups_add_group'] . '</a>',
            ),
        ),
    );

    require_once($sourcedir . '/Subs-List.php');
    createList($listOptions);

    // The second list shows the post count based groups.
    $listOptions = array(
        'id' => 'post_count_membergroups_list',
        'title' => $txt['membergroups_post'],
        'base_href' => $scripturl . '?action=admin;area=membergroups' . (isset($_REQUEST['sort']) ? ';sort=' . urlencode($_REQUEST['sort']) : ''),
        'default_sort_col' => 'required_posts',
        'request_vars' => array(
            'sort' => 'sort2',
            'desc' => 'desc2',
        ),
        'get_items' => array(
            'file' => $sourcedir . '/Subs-Membergroups.php',
            'function' => 'list_getMembergroups',
            'params' => array(
                'post_count',
            ),
        ),
        'columns' => array(
            'name' => array(
                'header' => array(
                    'value' => $txt['membergroups_name'],
                ),
                'data' => array(
                    'function' => function($rowData) use ($scripturl)
                    {
                        $colorStyle = empty($rowData['online_color']) ? '' : sprintf(' style="color: %1$s;"', $rowData['online_color']);
                        return sprintf('<a href="%1$s?action=moderate;area=viewgroups;sa=members;group=%2$d"%3$s>%4$s</a>', $scripturl, $rowData['id_group'], $colorStyle, $rowData['group_name']);
                    },
                ),
                'sort' => array(
                    'default' => 'mg.group_name',
                    'reverse' => 'mg.group_name DESC',
                ),
            ),
            'icons' => array(
                'header' => array(
                    'value' => $txt['membergroups_icons'],
                ),
                'data' => array(
                    'db' => 'icons',
                ),
                'sort' => array(
                    'default' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, icons',
                    'reverse' => 'CASE WHEN mg.id_group < 4 THEN mg.id_group ELSE 4 END, icons DESC',
                )
            ),
            'members' => array(
                'header' => array(
                    'value' => $txt['membergroups_members_top'],
                    'class' => 'centercol',
                ),
                'data' => array(
                    'db' => 'num_members',
                    'class' => 'centercol',
                ),
                'sort' => array(
                    'default' => '1 DESC',
                    'reverse' => '1',
                ),
            ),
            'required_posts' => array(
                'header' => array(
                    'value' => $txt['membergroups_min_posts'],
                    'class' => 'centercol',
                ),
                'data' => array(
                    'db' => 'min_posts',
                    'class' => 'centercol',
                ),
                'sort' => array(
                    'default' => 'mg.min_posts',
                    'reverse' => 'mg.min_posts DESC',
                ),
            ),
            'modify' => array(
                'header' => array(
                    'value' => $txt['modify'],
                    'class' => 'centercol',
                ),
                'data' => array(
                    'sprintf' => array(
                        'format' => '<a href="' . $scripturl . '?action=admin;area=membergroups;sa=edit;group=%1$d">' . $txt['membergroups_modify'] . '</a>',
                        'params' => array(
                            'id_group' => false,
                        ),
                    ),
                    'class' => 'centercol',
                ),
            ),
        ),
        'additional_rows' => array(
            array(
                'position' => 'below_table_data',
                'value' => '<a class="button" href="' . $scripturl . '?action=admin;area=membergroups;sa=add;postgroup">' . $txt['membergroups_add_group'] . '</a>',
            ),
        ),
    );

    createList($listOptions);
}

/**
 * This function handles adding a membergroup and setting some initial properties.
 * Called by ?action=admin;area=membergroups;sa=add.
 * It requires the manage_membergroups permission.
 * Allows to use a predefined permission profile or copy one from another group.
 * Redirects to action=admin;area=membergroups;sa=edit;group=x.
 *
 * uses the new_group sub template of ManageMembergroups.
 */
function AddMembergroup()
{
    global $context, $txt, $sourcedir, $modSettings, $smcFunc;

    // A form was submitted, we can start adding.
    if (isset($_POST['group_name']) && trim($_POST['group_name']) != '')
    {
        checkSession();
        validateToken('admin-mmg');

        $postCountBasedGroup = isset($_POST['min_posts']) && (!isset($_POST['postgroup_based']) || !empty($_POST['postgroup_based']));
        $_POST['group_type'] = !isset($_POST['group_type']) || $_POST['group_type'] < 0 || $_POST['group_type'] > 3 || ($_POST['group_type'] == 1 && !allowedTo('admin_forum')) ? 0 : (int) $_POST['group_type'];

        call_integration_hook('integrate_pre_add_membergroup', array());

        $id_group = $smcFunc['db_insert']('',
            '{db_prefix}membergroups',
            array(
                'description' => 'string', 'group_name' => 'string-80', 'min_posts' => 'int',
                'icons' => 'string', 'online_color' => 'string', 'group_type' => 'int',
            ),
            array(
                '', $smcFunc['htmlspecialchars']($_POST['group_name'], ENT_QUOTES), ($postCountBasedGroup ? (int) $_POST['min_posts'] : '-1'),
                '1#icon.png', '', $_POST['group_type'],
            ),
            array('id_group'),
            1
        );

        call_integration_hook('integrate_add_membergroup', array($id_group, $postCountBasedGroup));

        // Update the post groups now, if this is a post group!
        if (isset($_POST['min_posts']))
            updateStats('postgroups');

        // You cannot set permissions for post groups if they are disabled.
        if ($postCountBasedGroup && empty($modSettings['permission_enable_postgroups']))
            $_POST['perm_type'] = '';

        if ($_POST['perm_type'] == 'predefined')
        {
            // Set default permission level.
            require_once($sourcedir . '/ManagePermissions.php');
            setPermissionLevel($_POST['level'], $id_group, 'null');
        }
        // Copy or inherit the permissions!
        elseif ($_POST['perm_type'] == 'copy' || $_POST['perm_type'] == 'inherit')
        {
            $copy_id = $_POST['perm_type'] == 'copy' ? (int) $_POST['copyperm'] : (int) $_POST['inheritperm'];

            // Are you a powerful admin?
            if (!allowedTo('admin_forum'))
            {
                $request = $smcFunc['db_query']('', '
                    SELECT group_type
                    FROM {db_prefix}membergroups
                    WHERE id_group = {int:copy_from}
                    LIMIT {int:limit}',
                    array(
                        'copy_from' => $copy_id,
                        'limit' => 1,
                    )
                );
                list ($copy_type) = $smcFunc['db_fetch_row']($request);
                $smcFunc['db_free_result']($request);

                // Protected groups are... well, protected!
                if ($copy_type == 1)
                    fatal_lang_error('membergroup_does_not_exist');
            }

            // Don't allow copying of a real priviledged person!
            require_once($sourcedir . '/ManagePermissions.php');
            loadIllegalPermissions();

            $request = $smcFunc['db_query']('', '
                SELECT permission, add_deny
                FROM {db_prefix}permissions
                WHERE id_group = {int:copy_from}',
                array(
                    'copy_from' => $copy_id,
                )
            );
            $inserts = array();
            while ($row = $smcFunc['db_fetch_assoc']($request))
            {
                if (empty($context['illegal_permissions']) || !in_array($row['permission'], $context['illegal_permissions']))
                    $inserts[] = array($id_group, $row['permission'], $row['add_deny']);
            }
            $smcFunc['db_free_result']($request);

            if (!empty($inserts))
                $smcFunc['db_insert']('insert',
                    '{db_prefix}permissions',
                    array('id_group' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
                    $inserts,
                    array('id_group', 'permission')
                );

            $request = $smcFunc['db_query']('', '
                SELECT id_profile, permission, add_deny
                FROM {db_prefix}board_permissions
                WHERE id_group = {int:copy_from}',
                array(
                    'copy_from' => $copy_id,
                )
            );
            $inserts = array();
            while ($row = $smcFunc['db_fetch_assoc']($request))
                $inserts[] = array($id_group, $row['id_profile'], $row['permission'], $row['add_deny']);
            $smcFunc['db_free_result']($request);

            if (!empty($inserts))
                $smcFunc['db_insert']('insert',
                    '{db_prefix}board_permissions',
                    array('id_group' => 'int', 'id_profile' => 'int', 'permission' => 'string', 'add_deny' => 'int'),
                    $inserts,
                    array('id_group', 'id_profile', 'permission')
                );

            // Also get some membergroup information if we're copying and not copying from guests...
            if ($copy_id > 0 && $_POST['perm_type'] == 'copy')
            {
                $request = $smcFunc['db_query']('', '
                    SELECT online_color, max_messages, icons
                    FROM {db_prefix}membergroups
                    WHERE id_group = {int:copy_from}
                    LIMIT 1',
                    array(
                        'copy_from' => $copy_id,
                    )
                );
                $group_info = $smcFunc['db_fetch_assoc']($request);
                $smcFunc['db_free_result']($request);

                // ...and update the new membergroup with it.
                $smcFunc['db_query']('', '
                    UPDATE {db_prefix}membergroups
                    SET
                        online_color = {string:online_color},
                        max_messages = {int:max_messages},
                        icons = {string:icons}
                    WHERE id_group = {int:current_group}',
                    array(
                        'max_messages' => $group_info['max_messages'],
                        'current_group' => $id_group,
                        'online_color' => $group_info['online_color'],
                        'icons' => $group_info['icons'],
                    )
                );
            }
            // If inheriting say so...
            elseif ($_POST['perm_type'] == 'inherit')
            {
                $smcFunc['db_query']('', '
                    UPDATE {db_prefix}membergroups
                    SET id_parent = {int:copy_from}
                    WHERE id_group = {int:current_group}',
                    array(
                        'copy_from' => $copy_id,
                        'current_group' => $id_group,
                    )
                );
            }
        }

        // Make sure all boards selected are stored in a proper array.
        $accesses = empty($_POST['boardaccess']) || !is_array($_POST['boardaccess']) ? array() : $_POST['boardaccess'];
        $changed_boards['allow'] = array();
        $changed_boards['deny'] = array();
        $changed_boards['ignore'] = array();
        foreach ($accesses as $group_id => $action)
            $changed_boards[$action][] = (int) $group_id;

        foreach (array('allow', 'deny') as $board_action)
        {
            // Only do this if they have special access requirements.
            if (!empty($changed_boards[$board_action]))
            {
                $smcFunc['db_query']('', '
                    UPDATE {db_prefix}boards
                    SET {raw:column} = CASE WHEN {raw:column} = {string:blank_string} THEN {string:group_id_string} ELSE CONCAT({raw:column}, {string:comma_group}) END
                    WHERE id_board IN ({array_int:board_list})',
                    array(
                        'board_list' => $changed_boards[$board_action],
                        'blank_string' => '',
                        'group_id_string' => (string) $id_group,
                        'comma_group' => ',' . $id_group,
                        'column' => $board_action == 'allow' ? 'member_groups' : 'deny_member_groups',
                    )
                );

                $smcFunc['db_query']('', '
                    DELETE FROM {db_prefix}board_permissions_view
                    WHERE id_board in({array_int:board_list}) 
                        AND id_group = {int:group_id} 
                        AND deny = {int:deny}',
                    array(
                        'board_list' => $changed_boards[$board_action],
                        'group_id' => $id_group,
                        'deny' => $board_action == 'allow' ? 0 : 1,
                    )
                );

                $insert = array();
                foreach ( $changed_boards[$board_action] as $board_id)
                    $insert[] = array($id_group, $board_id, $board_action == 'allow' ? 0 : 1);

                $smcFunc['db_insert']('insert',
                    '{db_prefix}board_permissions_view',
                    array('id_group' => 'int', 'id_board' => 'int', 'deny' => 'int'),
                    $insert,
                    array('id_group', 'id_board', 'deny')
                );
            }

        }

        // If this is joinable then set it to show group membership in people's profiles.
        if (empty($modSettings['show_group_membership']) && $_POST['group_type'] > 1)
            updateSettings(array('show_group_membership' => 1));

        // Rebuild the group cache.
        updateSettings(array(
            'settings_updated' => time(),
        ));

        // We did it.
        logAction('add_group', array('group' => $smcFunc['htmlspecialchars']($_POST['group_name'])), 'admin');

        // Go change some more settings.
        redirectexit('action=admin;area=membergroups;sa=edit;group=' . $id_group);
    }

    // Just show the 'add membergroup' screen.
    $context['page_title'] = $txt['membergroups_new_group'];
    $context['sub_template'] = 'new_group';
    $context['post_group'] = isset($_REQUEST['postgroup']);
    $context['undefined_group'] = !isset($_REQUEST['postgroup']) && !isset($_REQUEST['generalgroup']);
    $context['allow_protected'] = allowedTo('admin_forum');

    if (!empty($modSettings['deny_boards_access']))
        loadLanguage('ManagePermissions');

    $result = $smcFunc['db_query']('', '
        SELECT id_group, group_name
        FROM {db_prefix}membergroups
        WHERE (id_group > {int:moderator_group} OR id_group = {int:global_mod_group})' . (empty($modSettings['permission_enable_postgroups']) ? '
            AND min_posts = {int:min_posts}' : '') . (allowedTo('admin_forum') ? '' : '
            AND group_type != {int:is_protected}') . '
        ORDER BY min_posts, id_group != {int:global_mod_group}, group_name',
        array(
            'moderator_group' => 3,
            'global_mod_group' => 2,
            'min_posts' => -1,
            'is_protected' => 1,
        )
    );
    $context['groups'] = array();
    while ($row = $smcFunc['db_fetch_assoc']($result))
        $context['groups'][] = array(
            'id' => $row['id_group'],
            'name' => $row['group_name']
        );
    $smcFunc['db_free_result']($result);

    $request = $smcFunc['db_query']('', '
        SELECT b.id_cat, c.name AS cat_name, b.id_board, b.name, b.child_level
        FROM {db_prefix}boards AS b
            LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
        ORDER BY board_order',
        array(
        )
    );
    $context['num_boards'] = $smcFunc['db_num_rows']($request);

    $context['categories'] = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
    {
        // This category hasn't been set up yet..
        if (!isset($context['categories'][$row['id_cat']]))
            $context['categories'][$row['id_cat']] = array(
                'id' => $row['id_cat'],
                'name' => $row['cat_name'],
                'boards' => array()
            );

        // Set this board up, and let the template know when it's a child.  (indent them..)
        $context['categories'][$row['id_cat']]['boards'][$row['id_board']] = array(
            'id' => $row['id_board'],
            'name' => $row['name'],
            'child_level' => $row['child_level'],
            'allow' => false,
            'deny' => false
        );
    }
    $smcFunc['db_free_result']($request);

    // Now, let's sort the list of categories into the boards for templates that like that.
    $temp_boards = array();
    foreach ($context['categories'] as $category)
    {
        $temp_boards[] = array(
            'name' => $category['name'],
            'child_ids' => array_keys($category['boards'])
        );
        $temp_boards = array_merge($temp_boards, array_values($category['boards']));

        // Include a list of boards per category for easy toggling.
        $context['categories'][$category['id']]['child_ids'] = array_keys($category['boards']);
    }

    createToken('admin-mmg');
}

/**
 * Deleting a membergroup by URL (not implemented).
 * Called by ?action=admin;area=membergroups;sa=delete;group=x;session_var=y.
 * Requires the manage_membergroups permission.
 * Redirects to ?action=admin;area=membergroups.
 *
 * @todo look at this
 */
function DeleteMembergroup()
{
    global $sourcedir;

    checkSession('get');

    require_once($sourcedir . '/Subs-Membergroups.php');
    $result = deleteMembergroups((int) $_REQUEST['group']);
    // Need to throw a warning if it went wrong, but this is the only one we have a message for...
    if ($result === 'group_cannot_delete_sub')
        fatal_lang_error('membergroups_cannot_delete_paid', false);

    // Go back to the membergroup index.
    redirectexit('action=admin;area=membergroups;');
}

/**
 * Editing a membergroup.
 * Screen to edit a specific membergroup.
 * Called by ?action=admin;area=membergroups;sa=edit;group=x.
 * It requires the manage_membergroups permission.
 * Also handles the delete button of the edit form.
 * Redirects to ?action=admin;area=membergroups.
 *
 * uses the edit_group sub template of ManageMembergroups.
 */
function EditMembergroup()
{
    global $context, $txt, $sourcedir, $modSettings, $smcFunc, $settings;

    $_REQUEST['group'] = isset($_REQUEST['group']) && $_REQUEST['group'] > 0 ? (int) $_REQUEST['group'] : 0;

    if (!empty($modSettings['deny_boards_access']))
        loadLanguage('ManagePermissions');

    // Make sure this group is editable.
    if (!empty($_REQUEST['group']))
    {
        $request = $smcFunc['db_query']('', '
            SELECT id_group
            FROM {db_prefix}membergroups
            WHERE id_group = {int:current_group}' . (allowedTo('admin_forum') ? '' : '
                AND group_type != {int:is_protected}') . '
            LIMIT {int:limit}',
            array(
                'current_group' => $_REQUEST['group'],
                'is_protected' => 1,
                'limit' => 1,
            )
        );
        list ($_REQUEST['group']) = $smcFunc['db_fetch_row']($request);
        $smcFunc['db_free_result']($request);
    }

    // Now, do we have a valid id?
    if (empty($_REQUEST['group']))
        fatal_lang_error('membergroup_does_not_exist', false);

    // People who can manage boards are a bit special.
    require_once($sourcedir . '/Subs-Members.php');
    $board_managers = groupsAllowedTo('manage_boards', null);
    $context['can_manage_boards'] = in_array($_REQUEST['group'], $board_managers['allowed']);

    // Can this group moderate any boards?
    $request = $smcFunc['db_query']('', '
        SELECT COUNT(id_board)
        FROM {db_prefix}moderator_groups
        WHERE id_group = {int:current_group}',
        array(
            'current_group' => $_REQUEST['group'],
        )
    );

    // Why don't we have a $smcFunc['db_result'] function?
    $result = $smcFunc['db_fetch_row']($request);
    $context['is_moderator_group'] = ($result[0] > 0);
    $smcFunc['db_free_result']($request);

    // The delete this membergroup button was pressed.
    if (isset($_POST['delete']))
    {
        checkSession();
        validateToken('admin-mmg');

        require_once($sourcedir . '/Subs-Membergroups.php');
        $result = deleteMembergroups($_REQUEST['group']);
        // Need to throw a warning if it went wrong, but this is the only one we have a message for...
        if ($result === 'group_cannot_delete_sub')
            fatal_lang_error('membergroups_cannot_delete_paid', false);

        redirectexit('action=admin;area=membergroups;');
    }
    // A form was submitted with the new membergroup settings.
    elseif (isset($_POST['save']))
    {
        // Validate the session.
        checkSession();
        validateToken('admin-mmg');

        // Can they really inherit from this group?
        if ($_REQUEST['group'] > 1 && $_REQUEST['group'] != 3 && isset($_POST['group_inherit']) && $_POST['group_inherit'] != -2 && !allowedTo('admin_forum'))
        {
            $request = $smcFunc['db_query']('', '
                SELECT group_type
                FROM {db_prefix}membergroups
                WHERE id_group = {int:inherit_from}
                LIMIT {int:limit}',
                array(
                    'inherit_from' => $_POST['group_inherit'],
                    'limit' => 1,
                )
            );
            list ($inherit_type) = $smcFunc['db_fetch_row']($request);
            $smcFunc['db_free_result']($request);
        }

        // Set variables to their proper value.
        $_POST['max_messages'] = isset($_POST['max_messages']) ? (int) $_POST['max_messages'] : 0;
        $_POST['min_posts'] = isset($_POST['min_posts']) && isset($_POST['group_type']) && $_POST['group_type'] == -1 && $_REQUEST['group'] > 3 ? abs($_POST['min_posts']) : ($_REQUEST['group'] == 4 ? 0 : -1);
        $_POST['icons'] = (empty($_POST['icon_count']) || $_POST['icon_count'] < 0) ? '' : min((int) $_POST['icon_count'], 99) . '#' . $_POST['icon_image'];
        $_POST['group_desc'] = isset($_POST['group_desc']) && ($_REQUEST['group'] == 1 || (isset($_POST['group_type']) && $_POST['group_type'] != -1)) ? trim($_POST['group_desc']) : '';
        $_POST['group_type'] = !isset($_POST['group_type']) || $_POST['group_type'] < 0 || $_POST['group_type'] > 3 || ($_POST['group_type'] == 1 && !allowedTo('admin_forum')) ? 0 : (int) $_POST['group_type'];
        $_POST['group_hidden'] = empty($_POST['group_hidden']) || $_POST['min_posts'] != -1 || $_REQUEST['group'] == 3 ? 0 : (int) $_POST['group_hidden'];
        $_POST['group_inherit'] = $_REQUEST['group'] > 1 && $_REQUEST['group'] != 3 && (empty($inherit_type) || $inherit_type != 1) ? (int) $_POST['group_inherit'] : -2;
        $_POST['group_tfa_force'] = (empty($modSettings['tfa_mode']) || $modSettings['tfa_mode'] != 2 || empty($_POST['group_tfa_force'])) ? 0 : 1;

        //@todo Don't set online_color for the Moderators group?

        // Do the update of the membergroup settings.
        $smcFunc['db_query']('', '
            UPDATE {db_prefix}membergroups
            SET group_name = {string:group_name}, online_color = {string:online_color},
                max_messages = {int:max_messages}, min_posts = {int:min_posts}, icons = {string:icons},
                description = {string:group_desc}, group_type = {int:group_type}, hidden = {int:group_hidden},
                id_parent = {int:group_inherit}, tfa_required = {int:tfa_required}
            WHERE id_group = {int:current_group}',
            array(
                'max_messages' => $_POST['max_messages'],
                'min_posts' => $_POST['min_posts'],
                'group_type' => $_POST['group_type'],
                'group_hidden' => $_POST['group_hidden'],
                'group_inherit' => $_POST['group_inherit'],
                'current_group' => (int) $_REQUEST['group'],
                'group_name' => $smcFunc['htmlspecialchars']($_POST['group_name']),
                'online_color' => $_POST['online_color'],
                'icons' => $_POST['icons'],
                'group_desc' => $_POST['group_desc'],
                'tfa_required' => $_POST['group_tfa_force'],
            )
        );

        call_integration_hook('integrate_save_membergroup', array((int) $_REQUEST['group']));

        // Time to update the boards this membergroup has access to.
        if ($_REQUEST['group'] == 2 || $_REQUEST['group'] > 3)
        {
            $accesses = empty($_POST['boardaccess']) || !is_array($_POST['boardaccess']) ? array() : $_POST['boardaccess'];

            // If they can manage boards, the rules are a bit different. They can see everything.
            if ($context['can_manage_boards'])
            {
                $accesses = array();
                $request = $smcFunc['db_query']('', '
                    SELECT id_board
                    FROM {db_prefix}boards'
                );
                while ($row = $smcFunc['db_fetch_assoc']($request))
                    $accesses[(int) $row['id_board']] = 'allow';

                $smcFunc['db_free_result']($request);
            }

            $changed_boards['allow'] = array();
            $changed_boards['deny'] = array();
            $changed_boards['ignore'] = array();
            foreach ($accesses as $group_id => $action)
                $changed_boards[$action][] = (int) $group_id;

            $smcFunc['db_query']('', '
                DELETE FROM {db_prefix}board_permissions_view
                WHERE id_group = {int:group_id}',
                array(
                    'group_id' => (int) $_REQUEST['group'],
                )
            );

            foreach (array('allow', 'deny') as $board_action)
            {
                // Find all board this group is in, but shouldn't be in.
                $request = $smcFunc['db_query']('', '
                    SELECT id_board, {raw:column}
                    FROM {db_prefix}boards
                    WHERE FIND_IN_SET({string:current_group}, {raw:column}) != 0' . (empty($changed_boards[$board_action]) ? '' : '
                        AND id_board NOT IN ({array_int:board_access_list})'),
                    array(
                        'current_group' => (int) $_REQUEST['group'],
                        'board_access_list' => $changed_boards[$board_action],
                        'column' => $board_action == 'allow' ? 'member_groups' : 'deny_member_groups',
                    )
                );
                while ($row = $smcFunc['db_fetch_assoc']($request))
                    $smcFunc['db_query']('', '
                        UPDATE {db_prefix}boards
                        SET {raw:column} = {string:member_group_access}
                        WHERE id_board = {int:current_board}',
                        array(
                            'current_board' => $row['id_board'],
                            'member_group_access' => implode(',', array_diff(explode(',', $row['member_groups']), array($_REQUEST['group']))),
                            'column' => $board_action == 'allow' ? 'member_groups' : 'deny_member_groups',
                        )
                    );
                $smcFunc['db_free_result']($request);

                // Add the membergroup to all boards that hadn't been set yet.
                if (!empty($changed_boards[$board_action]))
                {
                    $smcFunc['db_query']('', '
                        UPDATE {db_prefix}boards
                        SET {raw:column} = CASE WHEN {raw:column} = {string:blank_string} THEN {string:group_id_string} ELSE CONCAT({raw:column}, {string:comma_group}) END
                        WHERE id_board IN ({array_int:board_list})
                            AND FIND_IN_SET({int:current_group}, {raw:column}) = 0',
                        array(
                            'board_list' => $changed_boards[$board_action],
                            'blank_string' => '',
                            'current_group' => (int) $_REQUEST['group'],
                            'group_id_string' => (string) (int) $_REQUEST['group'],
                            'comma_group' => ',' . $_REQUEST['group'],
                            'column' => $board_action == 'allow' ? 'member_groups' : 'deny_member_groups',
                        )
                    );

                    $insert = array();
                    foreach ( $changed_boards[$board_action] as $board_id)
                        $insert[] = array((int) $_REQUEST['group'], $board_id, $board_action == 'allow' ? 0 : 1);

                    $smcFunc['db_insert']('insert',
                        '{db_prefix}board_permissions_view',
                        array('id_group' => 'int', 'id_board' => 'int', 'deny' => 'int'),
                        $insert,
                        array('id_group', 'id_board', 'deny')
                    );
                }
            }
        }

        // Remove everyone from this group!
        if ($_POST['min_posts'] != -1)
        {
            $smcFunc['db_query']('', '
                UPDATE {db_prefix}members
                SET id_group = {int:regular_member}
                WHERE id_group = {int:current_group}',
                array(
                    'regular_member' => 0,
                    'current_group' => (int) $_REQUEST['group'],
                )
            );

            $request = $smcFunc['db_query']('', '
                SELECT id_member, additional_groups
                FROM {db_prefix}members
                WHERE FIND_IN_SET({string:current_group}, additional_groups) != 0',
                array(
                    'current_group' => (int) $_REQUEST['group'],
                )
            );
            $updates = array();
            while ($row = $smcFunc['db_fetch_assoc']($request))
                $updates[$row['additional_groups']][] = $row['id_member'];
            $smcFunc['db_free_result']($request);

            foreach ($updates as $additional_groups => $memberArray)
                updateMemberData($memberArray, array('additional_groups' => implode(',', array_diff(explode(',', $additional_groups), array((int) $_REQUEST['group'])))));

            // Sorry, but post groups can't moderate boards
            $smcFunc['db_query']('', '
                DELETE FROM {db_prefix}moderator_groups
                WHERE id_group = {int:current_group}',
                array(
                    'current_group' => (int) $_REQUEST['group'],
                )
            );
        }
        elseif ($_REQUEST['group'] != 3)
        {
            // Making it a hidden group? If so remove everyone with it as primary group (Actually, just make them additional).
            if ($_POST['group_hidden'] == 2)
            {
                $request = $smcFunc['db_query']('', '
                    SELECT id_member, additional_groups
                    FROM {db_prefix}members
                    WHERE id_group = {int:current_group}
                        AND FIND_IN_SET({int:current_group}, additional_groups) = 0',
                    array(
                        'current_group' => (int) $_REQUEST['group'],
                    )
                );
                $updates = array();
                while ($row = $smcFunc['db_fetch_assoc']($request))
                    $updates[$row['additional_groups']][] = $row['id_member'];
                $smcFunc['db_free_result']($request);

                foreach ($updates as $additional_groups => $memberArray)
                {
                    $new_groups = (!empty($additional_groups) ? $additional_groups . ',' : '') . $_REQUEST['group']; // We already validated this a while ago.
                    updateMemberData($memberArray, array('additional_groups' => $new_groups));
                }

                $smcFunc['db_query']('', '
                    UPDATE {db_prefix}members
                    SET id_group = {int:regular_member}
                    WHERE id_group = {int:current_group}',
                    array(
                        'regular_member' => 0,
                        'current_group' => $_REQUEST['group'],
                    )
                );

                // Hidden groups can't moderate boards
                $smcFunc['db_query']('', '
                    DELETE FROM {db_prefix}moderator_groups
                    WHERE id_group = {int:current_group}',
                    array(
                        'current_group' => $_REQUEST['group'],
                    )
                );
            }

            // Either way, let's check our "show group membership" setting is correct.
            $request = $smcFunc['db_query']('', '
                SELECT COUNT(*)
                FROM {db_prefix}membergroups
                WHERE group_type > {int:non_joinable}',
                array(
                    'non_joinable' => 1,
                )
            );
            list ($have_joinable) = $smcFunc['db_fetch_row']($request);
            $smcFunc['db_free_result']($request);

            // Do we need to update the setting?
            if ((empty($modSettings['show_group_membership']) && $have_joinable) || (!empty($modSettings['show_group_membership']) && !$have_joinable))
                updateSettings(array('show_group_membership' => $have_joinable ? 1 : 0));
        }

        // Do we need to set inherited permissions?
        if ($_POST['group_inherit'] != -2 && $_POST['group_inherit'] != $_POST['old_inherit'])
        {
            require_once($sourcedir . '/ManagePermissions.php');
            updateChildPermissions($_POST['group_inherit']);
        }

        // Finally, moderators!
        $moderator_string = isset($_POST['group_moderators']) ? trim($_POST['group_moderators']) : '';
        $smcFunc['db_query']('', '
            DELETE FROM {db_prefix}group_moderators
            WHERE id_group = {int:current_group}',
            array(
                'current_group' => $_REQUEST['group'],
            )
        );
        if ((!empty($moderator_string) || !empty($_POST['moderator_list'])) && $_POST['min_posts'] == -1 && $_REQUEST['group'] != 3)
        {
            $group_moderators = array();

            // Get all the usernames from the string
            if (!empty($moderator_string))
            {
                $moderator_string = strtr(preg_replace('~&amp;#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $smcFunc['htmlspecialchars']($moderator_string, ENT_QUOTES)), array('&quot;' => '"'));
                preg_match_all('~"([^"]+)"~', $moderator_string, $matches);
                $moderators = array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $moderator_string)));
                for ($k = 0, $n = count($moderators); $k < $n; $k++)
                {
                    $moderators[$k] = trim($moderators[$k]);

                    if (strlen($moderators[$k]) == 0)
                        unset($moderators[$k]);
                }

                // Find all the id_member's for the member_name's in the list.
                if (!empty($moderators))
                {
                    $request = $smcFunc['db_query']('', '
                        SELECT id_member
                        FROM {db_prefix}members
                        WHERE member_name IN ({array_string:moderators}) OR real_name IN ({array_string:moderators})
                        LIMIT {int:count}',
                        array(
                            'moderators' => $moderators,
                            'count' => count($moderators),
                        )
                    );
                    while ($row = $smcFunc['db_fetch_assoc']($request))
                        $group_moderators[] = $row['id_member'];
                    $smcFunc['db_free_result']($request);
                }
            }

            if (!empty($_POST['moderator_list']))
            {
                $moderators = array();
                foreach ($_POST['moderator_list'] as $moderator)
                    $moderators[] = (int) $moderator;

                if (!empty($moderators))
                {
                    $request = $smcFunc['db_query']('', '
                        SELECT id_member
                        FROM {db_prefix}members
                        WHERE id_member IN ({array_int:moderators})
                        LIMIT {int:num_moderators}',
                        array(
                            'moderators' => $moderators,
                            'num_moderators' => count($moderators),
                        )
                    );
                    while ($row = $smcFunc['db_fetch_assoc']($request))
                        $group_moderators[] = $row['id_member'];
                    $smcFunc['db_free_result']($request);
                }
            }

            // Make sure we don't have any duplicates first...
            $group_moderators = array_unique($group_moderators);

            // Found some?
            if (!empty($group_moderators))
            {
                $mod_insert = array();
                foreach ($group_moderators as $moderator)
                    $mod_insert[] = array($_REQUEST['group'], $moderator);

                $smcFunc['db_insert']('insert',
                    '{db_prefix}group_moderators',
                    array('id_group' => 'int', 'id_member' => 'int'),
                    $mod_insert,
                    array('id_group', 'id_member')
                );
            }
        }

        // There might have been some post group changes.
        updateStats('postgroups');
        // We've definitely changed some group stuff.
        updateSettings(array(
            'settings_updated' => time(),
        ));

        // Log the edit.
        logAction('edited_group', array('group' => $smcFunc['htmlspecialchars']($_POST['group_name'])), 'admin');

        redirectexit('action=admin;area=membergroups');
    }

    // Fetch the current group information.
    $request = $smcFunc['db_query']('', '
        SELECT group_name, description, min_posts, online_color, max_messages, icons, group_type, hidden, id_parent, tfa_required
        FROM {db_prefix}membergroups
        WHERE id_group = {int:current_group}
        LIMIT 1',
        array(
            'current_group' => (int) $_REQUEST['group'],
        )
    );
    if ($smcFunc['db_num_rows']($request) == 0)
        fatal_lang_error('membergroup_does_not_exist', false);
    $row = $smcFunc['db_fetch_assoc']($request);
    $smcFunc['db_free_result']($request);

    $row['icons'] = explode('#', $row['icons']);

    $context['group'] = array(
        'id' => $_REQUEST['group'],
        'name' => $row['group_name'],
        'description' => $smcFunc['htmlspecialchars']($row['description'], ENT_QUOTES),
        'editable_name' => $row['group_name'],
        'color' => $row['online_color'],
        'min_posts' => $row['min_posts'],
        'max_messages' => $row['max_messages'],
        'icon_count' => (int) $row['icons'][0],
        'icon_image' => isset($row['icons'][1]) ? $row['icons'][1] : '',
        'is_post_group' => $row['min_posts'] != -1,
        'type' => $row['min_posts'] != -1 ? 0 : $row['group_type'],
        'hidden' => $row['min_posts'] == -1 ? $row['hidden'] : 0,
        'inherited_from' => $row['id_parent'],
        'allow_post_group' => $_REQUEST['group'] == 2 || $_REQUEST['group'] > 4,
        'allow_delete' => $_REQUEST['group'] == 2 || $_REQUEST['group'] > 4,
        'allow_protected' => allowedTo('admin_forum'),
        'tfa_required' => $row['tfa_required'],
    );

    // Get any moderators for this group
    $request = $smcFunc['db_query']('', '
        SELECT mem.id_member, mem.real_name
        FROM {db_prefix}group_moderators AS mods
            INNER JOIN {db_prefix}members AS mem ON (mem.id_member = mods.id_member)
        WHERE mods.id_group = {int:current_group}',
        array(
            'current_group' => $_REQUEST['group'],
        )
    );
    $context['group']['moderators'] = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
        $context['group']['moderators'][$row['id_member']] = $row['real_name'];
    $smcFunc['db_free_result']($request);

    $context['group']['moderator_list'] = empty($context['group']['moderators']) ? '' : '&quot;' . implode('&quot;, &quot;', $context['group']['moderators']) . '&quot;';

    if (!empty($context['group']['moderators']))
        list ($context['group']['last_moderator_id']) = array_slice(array_keys($context['group']['moderators']), -1);

    // Get a list of boards this membergroup is allowed to see.
    $context['boards'] = array();
    if ($_REQUEST['group'] == 2 || $_REQUEST['group'] > 3)
    {
        $request = $smcFunc['db_query']('', '
            SELECT b.id_cat, c.name as cat_name, b.id_board, b.name, b.child_level,
            FIND_IN_SET({string:current_group}, b.member_groups) != 0 AS can_access, FIND_IN_SET({string:current_group}, b.deny_member_groups) != 0 AS cannot_access
            FROM {db_prefix}boards AS b
                LEFT JOIN {db_prefix}categories AS c ON (c.id_cat = b.id_cat)
            ORDER BY board_order',
            array(
                'current_group' => (int) $_REQUEST['group'],
            )
        );
        $context['categories'] = array();
        while ($row = $smcFunc['db_fetch_assoc']($request))
        {
            // This category hasn't been set up yet..
            if (!isset($context['categories'][$row['id_cat']]))
                $context['categories'][$row['id_cat']] = array(
                    'id' => $row['id_cat'],
                    'name' => $row['cat_name'],
                    'boards' => array()
                );

            // Set this board up, and let the template know when it's a child.  (indent them..)
            $context['categories'][$row['id_cat']]['boards'][$row['id_board']] = array(
                'id' => $row['id_board'],
                'name' => $row['name'],
                'child_level' => $row['child_level'],
                'allow' => !(empty($row['can_access']) || $row['can_access'] == 'f'),
                'deny' => !(empty($row['cannot_access']) || $row['cannot_access'] == 'f'),
            );
        }
        $smcFunc['db_free_result']($request);

        // Now, let's sort the list of categories into the boards for templates that like that.
        $temp_boards = array();
        foreach ($context['categories'] as $category)
        {
            $temp_boards[] = array(
                'name' => $category['name'],
                'child_ids' => array_keys($category['boards'])
            );
            $temp_boards = array_merge($temp_boards, array_values($category['boards']));

            // Include a list of boards per category for easy toggling.
            $context['categories'][$category['id']]['child_ids'] = array_keys($category['boards']);
        }
    }

    // Get a list of all the image formats we can select.
    $imageExts = array('png', 'jpg', 'jpeg', 'bmp', 'gif');

    // Scan the directory.
    $context['possible_icons'] = array();
    if ($files = scandir($settings['default_theme_dir'] . '/images/membericons'))
    {
        // Loop through every file in the directory.
        foreach ($files as $value)
        {
            // Grab the image extension.
            $ext = pathinfo($settings['default_theme_dir'] . '/images/membericons/' . $value, PATHINFO_EXTENSION);

            // If the extension is not empty, and it is valid
            if (!empty($ext) && in_array($ext, $imageExts))
                $context['possible_icons'][] = $value;
        }
    }

    // Insert our JS, if we have possible icons.
    if (!empty($context['possible_icons']))
        loadJavaScriptFile('icondropdown.js', array('validate' => true, 'minimize' => true), 'smf_icondropdown');

    loadJavaScriptFile('suggest.js', array('defer' => false, 'minimize' => true), 'smf_suggest');

    // Finally, get all the groups this could be inherited off.
    $request = $smcFunc['db_query']('', '
        SELECT id_group, group_name
        FROM {db_prefix}membergroups
        WHERE id_group != {int:current_group}' .
            (empty($modSettings['permission_enable_postgroups']) ? '
            AND min_posts = {int:min_posts}' : '') . (allowedTo('admin_forum') ? '' : '
            AND group_type != {int:is_protected}') . '
            AND id_group NOT IN (1, 3)
            AND id_parent = {int:not_inherited}',
        array(
            'current_group' => (int) $_REQUEST['group'],
            'min_posts' => -1,
            'not_inherited' => -2,
            'is_protected' => 1,
        )
    );
    $context['inheritable_groups'] = array();
    while ($row = $smcFunc['db_fetch_assoc']($request))
        $context['inheritable_groups'][$row['id_group']] = $row['group_name'];
    $smcFunc['db_free_result']($request);

    call_integration_hook('integrate_view_membergroup');

    $context['sub_template'] = 'edit_group';
    $context['page_title'] = $txt['membergroups_edit_group'];

    createToken('admin-mmg');
}

/**
 * Set some general membergroup settings and permissions.
 * Called by ?action=admin;area=membergroups;sa=settings
 * Requires the admin_forum permission (and manage_permissions for changing permissions)
 * Redirects to itself.
 *
 * uses membergroup_settings sub template of ManageMembergroups.
 */
function ModifyMembergroupsettings()
{
    global $context, $sourcedir, $scripturl, $txt;

    $context['sub_template'] = 'show_settings';
    $context['page_title'] = $txt['membergroups_settings'];

    // Needed for the settings functions.
    require_once($sourcedir . '/ManageServer.php');

    // Only one thing here!
    $config_vars = array(
        array('permissions', 'manage_membergroups'),
    );

    call_integration_hook('integrate_modify_membergroup_settings', array(&$config_vars));

    if (isset($_REQUEST['save']))
    {
        checkSession();
        call_integration_hook('integrate_save_membergroup_settings');

        // Yeppers, saving this...
        saveDBSettings($config_vars);
        $_SESSION['adm-save'] = true;
        redirectexit('action=admin;area=membergroups;sa=settings');
    }

    // Some simple context.
    $context['post_url'] = $scripturl . '?action=admin;area=membergroups;save;sa=settings';
    $context['settings_title'] = $txt['membergroups_settings'];

    // We need this for the in-line permissions
    createToken('admin-mp');

    prepareDBSettingContext($config_vars);
}

?>