38443-vm/includes/permissions.php

<?php

class Permissions {
    const VIEW_CHANNEL = 1;
    const SEND_MESSAGES = 2;
    const MANAGE_MESSAGES = 4;
    const MANAGE_CHANNELS = 8;
    const MANAGE_SERVER = 16;
    const ADMINISTRATOR = 32;

    public static function hasPermission($user_id, $server_id, $permission) {
        $stmt = db()->prepare("SELECT is_admin FROM users WHERE id = ?");
        $stmt->execute([$user_id]);
        $user = $stmt->fetch();
        if ($user && $user['is_admin']) return true;

        $stmt = db()->prepare("SELECT owner_id FROM servers WHERE id = ?");
        $stmt->execute([$server_id]);
        $server = $stmt->fetch();
        if ($server && $server['owner_id'] == $user_id) return true;

        $stmt = db()->prepare("
            SELECT SUM(r.permissions) as total_perms 
            FROM roles r
            JOIN user_roles ur ON r.id = ur.role_id
            WHERE ur.user_id = ? AND r.server_id = ?
        ");
        $stmt->execute([$user_id, $server_id]);
        $row = $stmt->fetch();
        $perms = (int)($row['total_perms'] ?? 0);

        if ($perms & self::ADMINISTRATOR) return true;
        return ($perms & $permission) === $permission;
    }

    public static function canSendInChannel($user_id, $channel_id) {
        $stmt = db()->prepare("SELECT server_id FROM channels WHERE id = ?");
        $stmt->execute([$channel_id]);
        $c = $stmt->fetch();
        if (!$c) return false;
        $server_id = $c['server_id'];

        // Check if owner
        $stmt = db()->prepare("SELECT owner_id FROM servers WHERE id = ?");
        $stmt->execute([$server_id]);
        $s = $stmt->fetch();
        if ($s && $s['owner_id'] == $user_id) return true;

        // Check overrides
        $stmt = db()->prepare("
            SELECT cp.allow_permissions, cp.deny_permissions 
            FROM channel_permissions cp 
            JOIN user_roles ur ON cp.role_id = ur.role_id 
            WHERE ur.user_id = ? AND cp.channel_id = ?
        ");
        $stmt->execute([$user_id, $channel_id]);
        $overrides = $stmt->fetchAll();

        foreach($overrides as $o) {
            if ($o['deny_permissions'] & 1) return false; // Bit 1 for SEND_MESSAGES in overrides
            if ($o['allow_permissions'] & 1) return true;
        }

        return self::hasPermission($user_id, $server_id, self::SEND_MESSAGES);
    }
}