query("SELECT `cldgroup` FROM `$dbname`.`user` WHERE `uuid`='$uuid'")->fetch()) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } $cld_groups = explode(',', $dbdata['cldgroup']); $multiple_uuid = explode(',', substr($_SESSION[$rspathhex.'multiple'], 0, -1)); $disabled = ''; $allowed_groups_arr = array(); if (isset($_POST['update']) && $_POST['csrf_token'] != $_SESSION[$rspathhex.'csrf_token']) { echo $lang['errcsrf']; rem_session_ts3($rspathhex); exit; } if(count($multiple_uuid) > 1 and !isset($_SESSION[$rspathhex.'uuid_verified'])) { $disabled = 1; $err_msg = sprintf($lang['stag0006'], '', ''); $err_lvl = 3; } elseif ($_SESSION[$rspathhex.'connected'] == 0) { $err_msg = sprintf($lang['stag0015'], '', ''); $err_lvl = 3; $disabled = 1; } else { if(($servergroups = $mysqlcon->query("SELECT * FROM `$dbname`.`groups`")->fetchAll(PDO::FETCH_ASSOC)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { foreach($servergroups as $servergroup) { $sqlhisgroup[$servergroup['sgid']] = $servergroup['sgidname']; if(file_exists('../tsicons/'.$servergroup['sgid'].'.png')) { $sqlhisgroup_file[$servergroup['sgid']] = true; } else { $sqlhisgroup_file[$servergroup['sgid']] = false; } } } $allowed_groups_arr = explode(',', $addons_config['assign_groups_groupids']['value']); if(isset($_POST['update']) && $_POST['csrf_token'] == $_SESSION[$rspathhex.'csrf_token']) { if(($sumentries = $mysqlcon->query("SELECT COUNT(*) FROM `$dbname`.`addon_assign_groups` WHERE `uuid`='$uuid'")->fetch(PDO::FETCH_NUM)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { if($sumentries[0] > 0) { $err_msg = $lang['stag0007']; $err_lvl = 3; } else { $set_groups = ''; $count_limit = 0; foreach($allowed_groups_arr as $allowed_group) { if(in_array($allowed_group, $cld_groups)) { $count_limit++; } if(isset($_POST[$allowed_group]) && $_POST[$allowed_group] == 1 && !in_array($allowed_group, $cld_groups)) { $set_groups .= $allowed_group.','; array_push($cld_groups, $allowed_group); $count_limit++; } if(!isset($_POST[$allowed_group]) && in_array($allowed_group, $cld_groups)) { $set_groups .= '-'.$allowed_group.','; $position = array_search($allowed_group, $cld_groups); array_splice($cld_groups, $position, 1); $count_limit--; } } $set_groups = substr($set_groups, 0, -1); if($set_groups != '' && $count_limit <= $addons_config['assign_groups_limit']['value']) { if ($mysqlcon->exec("INSERT INTO `$dbname`.`addon_assign_groups` SET `uuid`='$uuid',`grpids`='$set_groups'") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { $err_msg = $lang['stag0008']; $err_lvl = NULL; } } elseif($count_limit > $addons_config['assign_groups_limit']['value']) { $err_msg = sprintf($lang['stag0009'], $addons_config['assign_groups_limit']['value']); $err_lvl = 3; } else { $err_msg = $lang['stag0010']; $err_lvl = 3; } } } } } $_SESSION[$rspathhex.'csrf_token'] = bin2hex(openssl_random_pseudo_bytes(32)); require_once('nav.php'); ?>