The access rights are described now on module.php of each module folder.

includes/database_mysqli.php

@@ -2284,6 +2284,45 @@ class OGPDatabaseMySQL extends OGPDatabase
 
 		return true;
 	}
+	
+	public function clearModuleAccessRights($module_id)
+	{
+		$query = sprintf("DELETE FROM `%smodule_access_rights` WHERE `module_id` = %d",
+			$this->table_prefix,
+			$this->realEscapeSingle($module_id));
+		++$this->queries_;
+		if ( mysqli_query($this->link,$query) === FALSE )
+			return FALSE;
+		return TRUE;
+	}
+	
+	public function setModuleAccessRight($module_id, $flag, $description)
+	{
+		$module_id = $this->realEscapeSingle($module_id);
+		$flag = $this->realEscapeSingle($flag);
+		$description = $this->realEscapeSingle($description);
+		$query = "INSERT INTO `".$this->table_prefix."module_access_rights` (`module_id`, `flag`, `description` )
+			VALUES ( '$module_id', '$flag', '$description' );";
+
+		++$this->queries_;
+		if ( mysqli_query($this->link,$query) === FALSE )
+			return FALSE;
+
+		return TRUE;
+	}
+	
+	public function getModulesAccessRights()
+	{
+		$query = sprintf('SELECT * FROM `%1$smodule_access_rights`;', $this->table_prefix);
+		++$this->queries_;
+		$result = mysqli_query($this->link,$query);
+		if (!$result or mysqli_num_rows($result) == 0)
+			return FALSE;
+		$results = array();
+		while($row = mysqli_fetch_assoc($result))
+			array_push($results,$row);
+		return $results;
+	}
 
 	// User game functions
 

modules/ftp/module.php

@@ -24,8 +24,9 @@
 
 // Module general information
 $module_title = "ftp";
-$module_version = "1.4";
+$module_version = "1.41";
 $db_version = 1;
 $module_required = TRUE;
 $module_menus = array( array( 'subpage' => 'ftp_admin', 'name'=>'FTP Admin', 'group'=>'admin' ) );
+$module_access_rights = array('t' => 'allow_ftp');
 ?>

modules/gamemanager/module.php

@@ -24,10 +24,11 @@
 
 // Module general information
 $module_title = "Game manager";
-$module_version = "1.32";
+$module_version = "1.33";
 $db_version = 7;
 $module_required = TRUE;
 $module_menus = array( array( 'subpage' => 'game_monitor', 'name'=>'Game Monitor', 'group'=>'user' ) );
+$module_access_rights = array('u' => 'allow_updates', 'p' => 'allow_parameter_usage', 'e' => 'allow_extra_params', 'c' => 'allow_custom_fields');
 
 $install_queries[0] = array(
     "DROP TABLE IF EXISTS `".OGP_DB_PREFIX."home_ip_ports`;",

modules/litefm/module.php

@@ -24,8 +24,9 @@
 
 // Module general information
 $module_title = "Lite File Manager";
-$module_version = "1.1";
+$module_version = "1.11";
 $db_version = 1;
 $module_required = TRUE;
 $module_menus = array( array( 'subpage' => 'litefm_settings', 'name'=>'LiteFM Settings', 'group'=>'admin' ) );
+$module_access_rights = array('f' => 'allow_file_management');
 ?>

modules/modulemanager/module.php

@@ -24,8 +24,8 @@
 
 // Module general information
 $module_title = "Module manager";
-$module_version = "1.0";
-$db_version = 1;
+$module_version = "1.1";
+$db_version = 2;
 $module_required = TRUE;
 $module_menus = array(
 	array( 'subpage' => '', 'name'=>'Modules', 'group'=>'admin' )
@@ -33,8 +33,13 @@ $module_menus = array(
 	
 ## You will need uncomment the next three lines (remove /* from the beginning and */ from the end) 
 ## of the next array if you are updating from a version previous or equal to 2429:
-
-/* $install_queries[1] = array(	
-	"ALTER TABLE `".OGP_DB_PREFIX."module_menus` 
-	 ADD `pos` INT UNSIGNED NOT NULL;"); */
+$install_queries[0] = array();
+$install_queries[1] = array();
+$install_queries[2] = array("DROP TABLE IF EXISTS ".OGP_DB_PREFIX."module_access_rights",
+							"CREATE TABLE IF NOT EXISTS `".OGP_DB_PREFIX."module_access_rights` (".
+							"`module_id` int(11) NOT NULL COMMENT 'This references to modules.id',".
+							"`flag` char(1) NOT NULL,".
+							"`description` varchar(64) NOT NULL,".
+							"UNIQUE (`flag`)".
+							") ENGINE=MyISAM DEFAULT CHARSET=latin1;");
 ?>

modules/modulemanager/module_handling.php

@@ -107,6 +107,15 @@ function install_module($db, $module, $install_if_optional = TRUE)
         }
     }
 	
+	$db->clearModuleAccessRights($module_id);
+	if(isset($module_access_rights) and is_array($module_access_rights) and !empty($module_access_rights))
+	{
+		foreach($module_access_rights as $flag => $description)
+		{
+			$db->setModuleAccessRight($module_id, $flag, $description);
+		}
+	}
+	
     return 1;
 }
 
@@ -127,7 +136,9 @@ function uninstall_module($db, $module_id, $module, $adminOverride = false)
 		}
 
 		include("modules/".$module."/module.php");
-
+		
+		$db->clearModuleAccessRights($module_id);
+		
 		if ( isset( $uninstall_queries ) )
 		{
 			foreach ( $uninstall_queries as $query )
@@ -206,6 +217,16 @@ function update_module($db, $module_id, $module)
 			++$i;
 		}
 	}
+	
+	$db->clearModuleAccessRights($module_id);
+	if(isset($module_access_rights) and is_array($module_access_rights) and !empty($module_access_rights))
+	{
+		foreach($module_access_rights as $flag => $description)
+		{
+			$db->setModuleAccessRight($module_id, $flag, $description);
+		}
+	}
+	
 	$db->updateModule($module_id, $module_version, $db_version);
 	echo "<p>".get_lang_f('updated_module',$module_title)." - ".$module_info['db_version'] ." to ". $db_version."</p>";
 }

modules/status/status.php

@@ -135,7 +135,7 @@ function exec_ogp_module()
 					<h4>".get_lang('process_monitor')."</h4>
 					<div class=\"dragbox-content\">";
 		if(isset($taskoutput) && is_array($taskoutput) && isset($taskoutput["task"]) && !empty($taskoutput["task"])){
-			echo "<pre>" . $taskoutput["task"] . "</pre>";
+			echo "<pre>" . htmlentities($taskoutput["task"]) . "</pre>";
 		}
 
 		echo '		</div>
@@ -144,4 +144,4 @@ function exec_ogp_module()
 	}
 }
 
-?>
+?>

modules/user_games/add_home.php

@@ -57,12 +57,9 @@ function exec_ogp_module()
 
 	echo "<p> <span class='note'>".get_lang('note').":</span> ".get_lang('add_mods_note')."</p>";
 	
-	$selections = array( "allow_updates" => "u",
-		"allow_file_management" => "f",
-		"allow_parameter_usage" => "p",
-		"allow_extra_params" => "e",
-		"allow_ftp" => "t",
-		"allow_custom_fields" => "c");
+	$selections = array();
+	foreach($db->getModulesAccessRights() as $ar)
+		$selections[$ar['description']] = $ar['flag'];
 	
 	if ( isset($_REQUEST['add_game_home']) )
 	{

modules/user_games/assign_home.php

@@ -78,15 +78,15 @@ function exec_ogp_module()
 		echo "<p class='note'>".get_lang("not_available")."</p>";
 		return;
 	}
-
-	/// \todo We might want to save this information to XML file?
-	$selections = array( "allow_updates" => "u",
-		"allow_file_management" => "f",
-		"allow_parameter_usage" => "p",
-		"allow_extra_params" => "e",
-		"allow_ftp" => "t",
-		"allow_custom_fields" => "c");
-
+	
+	$selections = array();
+	$full_access = '';
+	foreach($db->getModulesAccessRights() as $ar)
+	{
+		$selections[$ar['description']] = $ar['flag'];
+		$full_access .= $ar['flag'];
+	}
+	
 	if ( isset($_REQUEST['user_id']) )
 	{
 		$assign_id = $_REQUEST['user_id'];
@@ -207,7 +207,7 @@ function exec_ogp_module()
 			<?php
 			if( $isAdmin )
 			{
-				$access_rights = "ufpetc";
+				$access_rights = $full_access;
 			}
 			else
 			{