Verzeichnisstruktur phpBB-2.0.0


Veröffentlicht
03.04.2002

So funktioniert es


Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück

Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis.
Auf den Verzeichnisnamen klicken, dies zeigt nur das Verzeichnis mit Inhalt an

(Beispiel Datei-Icons)

Auf das Icon klicken um den Quellcode anzuzeigen

admin_users.php

Zuletzt modifiziert: 09.10.2024, 12:51 - Dateigröße: 45.72 KiB


0001  <?php
0002  /***************************************************************************
0003   *                              admin_users.php
0004   *                            -------------------
0005   *   begin                : Saturday, Feb 13, 2001
0006   *   copyright            : (C) 2001 The phpBB Group
0007   *   email                : support@phpbb.com
0008   *
0009   *   $Id$
0010   *
0011   *
0012   ***************************************************************************/
0013   
0014  /***************************************************************************
0015   *
0016   *   This program is free software; you can redistribute it and/or modify
0017   *   it under the terms of the GNU General Public License as published by
0018   *   the Free Software Foundation; either version 2 of the License, or
0019   *   (at your option) any later version.
0020   *
0021   ***************************************************************************/
0022   
0023  define('IN_PHPBB', 1);
0024   
0025  if( !empty($setmodules) )
0026  {
0027      $filename = basename(__FILE__);
0028      $module['Users']['Manage'] = $filename;
0029   
0030      return;
0031  }
0032   
0033  $phpbb_root_path = './../';
0034  require($phpbb_root_path . 'extension.inc');
0035  require('./pagestart.' . $phpEx);
0036  require($phpbb_root_path . 'includes/bbcode.'.$phpEx);
0037  require($phpbb_root_path . 'includes/functions_post.'.$phpEx);
0038  require($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
0039  require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
0040   
0041  $html_entities_match = array('#<#', '#>#');
0042  $html_entities_replace = array('&lt;', '&gt;');
0043   
0044  //
0045  // Set mode
0046  //
0047  if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
0048  {
0049      $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
0050      $mode = htmlspecialchars($mode);
0051  }
0052  else
0053  {
0054      $mode = '';
0055  }
0056   
0057  //
0058  // Begin program
0059  //
0060  if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) ) )
0061  {
0062      //
0063      // Ok, the profile has been modified and submitted, let's update
0064      //
0065      if ( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
0066      {
0067          $user_id = intval($HTTP_POST_VARS['id']);
0068   
0069          if (!($this_userdata = get_userdata($user_id)))
0070          {
0071              message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
0072          }
0073   
0074          if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )
0075          {
0076              $sql = "SELECT g.group_id 
0077                  FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g  
0078                  WHERE ug.user_id = $user_id 
0079                      AND g.group_id = ug.group_id 
0080                      AND g.group_single_user = 1";
0081              if( !($result = $db->sql_query($sql)) )
0082              {
0083                  message_die(GENERAL_ERROR, 'Could not obtain group information for this user', '', __LINE__, __FILE__, $sql);
0084              }
0085   
0086              $row = $db->sql_fetchrow($result);
0087              
0088              $sql = "UPDATE " . POSTS_TABLE . "
0089                  SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "
0090                  WHERE poster_id = $user_id";
0091              if( !$db->sql_query($sql) )
0092              {
0093                  message_die(GENERAL_ERROR, 'Could not update posts for this user', '', __LINE__, __FILE__, $sql);
0094              }
0095   
0096              $sql = "UPDATE " . TOPICS_TABLE . "
0097                  SET topic_poster = " . DELETED . " 
0098                  WHERE topic_poster = $user_id";
0099              if( !$db->sql_query($sql) )
0100              {
0101                  message_die(GENERAL_ERROR, 'Could not update topics for this user', '', __LINE__, __FILE__, $sql);
0102              }
0103              
0104              $sql = "UPDATE " . VOTE_USERS_TABLE . "
0105                  SET vote_user_id = " . DELETED . "
0106                  WHERE vote_user_id = $user_id";
0107              if( !$db->sql_query($sql) )
0108              {
0109                  message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
0110              }
0111              
0112              $sql = "UPDATE " . GROUPS_TABLE . "
0113                  SET group_moderator = " . $userdata['user_id'] . "
0114                  WHERE group_moderator = $user_id";
0115              if( !$db->sql_query($sql) )
0116              {
0117                  message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
0118              }
0119   
0120              $sql = "DELETE FROM " . USERS_TABLE . "
0121                  WHERE user_id = $user_id";
0122              if( !$db->sql_query($sql) )
0123              {
0124                  message_die(GENERAL_ERROR, 'Could not delete user', '', __LINE__, __FILE__, $sql);
0125              }
0126   
0127              $sql = "DELETE FROM " . USER_GROUP_TABLE . "
0128                  WHERE user_id = $user_id";
0129              if( !$db->sql_query($sql) )
0130              {
0131                  message_die(GENERAL_ERROR, 'Could not delete user from user_group table', '', __LINE__, __FILE__, $sql);
0132              }
0133   
0134              $sql = "DELETE FROM " . GROUPS_TABLE . "
0135                  WHERE group_id = " . $row['group_id'];
0136              if( !$db->sql_query($sql) )
0137              {
0138                  message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
0139              }
0140   
0141              $sql = "DELETE FROM " . AUTH_ACCESS_TABLE . "
0142                  WHERE group_id = " . $row['group_id'];
0143              if( !$db->sql_query($sql) )
0144              {
0145                  message_die(GENERAL_ERROR, 'Could not delete group for this user', '', __LINE__, __FILE__, $sql);
0146              }
0147   
0148              $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
0149                  WHERE user_id = $user_id";
0150              if ( !$db->sql_query($sql) )
0151              {
0152                  message_die(GENERAL_ERROR, 'Could not delete user from topic watch table', '', __LINE__, __FILE__, $sql);
0153              }
0154              
0155              $sql = "DELETE FROM " . BANLIST_TABLE . "
0156                  WHERE ban_userid = $user_id";
0157              if ( !$db->sql_query($sql) )
0158              {
0159                  message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql);
0160              }
0161   
0162              $sql = "DELETE FROM " . SESSIONS_TABLE . "
0163                  WHERE session_user_id = $user_id";
0164              if ( !$db->sql_query($sql) )
0165              {
0166                  message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql);
0167              }
0168              
0169              $sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . "
0170                  WHERE user_id = $user_id";
0171              if ( !$db->sql_query($sql) )
0172              {
0173                  message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql);
0174              }
0175   
0176              $sql = "SELECT privmsgs_id
0177                  FROM " . PRIVMSGS_TABLE . "
0178                  WHERE privmsgs_from_userid = $user_id 
0179                      OR privmsgs_to_userid = $user_id";
0180              if ( !($result = $db->sql_query($sql)) )
0181              {
0182                  message_die(GENERAL_ERROR, 'Could not select all users private messages', '', __LINE__, __FILE__, $sql);
0183              }
0184   
0185              // This little bit of code directly from the private messaging section.
0186              while ( $row_privmsgs = $db->sql_fetchrow($result) )
0187              {
0188                  $mark_list[] = $row_privmsgs['privmsgs_id'];
0189              }
0190              
0191              if ( count($mark_list) )
0192              {
0193                  $delete_sql_id = implode(', ', $mark_list);
0194                  
0195                  $delete_text_sql = "DELETE FROM " . PRIVMSGS_TEXT_TABLE . "
0196                      WHERE privmsgs_text_id IN ($delete_sql_id)";
0197                  $delete_sql = "DELETE FROM " . PRIVMSGS_TABLE . "
0198                      WHERE privmsgs_id IN ($delete_sql_id)";
0199                  
0200                  if ( !$db->sql_query($delete_sql) )
0201                  {
0202                      message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
0203                  }
0204                  
0205                  if ( !$db->sql_query($delete_text_sql) )
0206                  {
0207                      message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
0208                  }
0209              }
0210   
0211              $message = $lang['User_deleted'] . '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
0212   
0213              message_die(GENERAL_MESSAGE, $message);
0214          }
0215   
0216          $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
0217          $email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
0218   
0219          $password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
0220          $password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : '';
0221   
0222          $icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : '';
0223          $aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : '';
0224          $msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : '';
0225          $yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : '';
0226   
0227          $website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : '';
0228          $location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : '';
0229          $occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : '';
0230          $interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : '';
0231          $signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : '';
0232   
0233          validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
0234   
0235          $viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0;
0236          $allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE;
0237          $notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0;
0238          $notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE;
0239          $popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE;
0240          $attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0;
0241   
0242          $allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html'];
0243          $allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode'];
0244          $allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies'];
0245   
0246          $user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
0247          $user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
0248          $user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
0249          $user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat'];
0250   
0251          $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] )  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
0252          $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
0253   
0254          $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : '';
0255          $user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : '';
0256          $user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
0257          $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
0258          $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
0259          $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
0260   
0261          $user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : '';
0262          $user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';        
0263   
0264          $user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0;
0265          $user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0;
0266          $user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0;
0267          $user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0;
0268   
0269          if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
0270          {
0271              $username = stripslashes($username);
0272              $email = stripslashes($email);
0273              $password = '';
0274              $password_confirm = '';
0275   
0276              $icq = stripslashes($icq);
0277              $aim = htmlspecialchars(stripslashes($aim));
0278              $msn = htmlspecialchars(stripslashes($msn));
0279              $yim = htmlspecialchars(stripslashes($yim));
0280   
0281              $website = htmlspecialchars(stripslashes($website));
0282              $location = htmlspecialchars(stripslashes($location));
0283              $occupation = htmlspecialchars(stripslashes($occupation));
0284              $interests = htmlspecialchars(stripslashes($interests));
0285              $signature = htmlspecialchars(stripslashes($signature));
0286   
0287              $user_lang = stripslashes($user_lang);
0288              $user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
0289   
0290              if ( !isset($HTTP_POST_VARS['cancelavatar'])) 
0291              {
0292                  $user_avatar = $user_avatar_category . '/' . $user_avatar_local;
0293                  $user_avatar_type = USER_AVATAR_GALLERY;
0294              }
0295          }
0296      }
0297   
0298      if( isset( $HTTP_POST_VARS['submit'] ) )
0299      {
0300          include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
0301   
0302          $error = FALSE;
0303   
0304          if (stripslashes($username) != $this_userdata['username'])
0305          {
0306              unset($rename_user);
0307   
0308              if ( stripslashes(strtolower($username)) != strtolower($this_userdata['username']) ) 
0309              {
0310                  $result = validate_username($username);
0311                  if ( $result['error'] )
0312                  {
0313                      $error = TRUE;
0314                      $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
0315                  }
0316                  else if ( strtolower(str_replace("\\'", "''", $username)) == strtolower($userdata['username']) )
0317                  {
0318                      $error = TRUE;
0319                      $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_taken'];
0320                  }
0321              }
0322   
0323              if (!$error)
0324              {
0325                  $username_sql = "username = '" . str_replace("\\'", "''", $username) . "', ";
0326                  $rename_user = $username; // Used for renaming usergroup
0327              }
0328          }
0329   
0330          $passwd_sql = '';
0331          if( !empty($password) && !empty($password_confirm) )
0332          {
0333              //
0334              // Awww, the user wants to change their password, isn't that cute..
0335              //
0336              if($password != $password_confirm)
0337              {
0338                  $error = TRUE;
0339                  $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
0340              }
0341              else
0342              {
0343                  $password = md5($password);
0344                  $passwd_sql = "user_password = '$password', ";
0345              }
0346          }
0347          else if( $password && !$password_confirm )
0348          {
0349              $error = TRUE;
0350              $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
0351          }
0352          else if( !$password && $password_confirm )
0353          {
0354              $error = TRUE;
0355              $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
0356          }
0357   
0358          if ($signature != '')
0359          {
0360              $sig_length_check = preg_replace('/(\[.*?)(=.*?)\]/is', '\\1]', stripslashes($signature));
0361              if ( $allowhtml )
0362              {
0363                  $sig_length_check = preg_replace('/(\<.*?)(=.*?)( .*?=.*?)?([ \/]?\>)/is', '\\1\\3\\4', $sig_length_check);
0364              }
0365   
0366              // Only create a new bbcode_uid when there was no uid yet.
0367              if ( $signature_bbcode_uid == '' )
0368              {
0369                  $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
0370              }
0371              $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
0372   
0373              if ( strlen($sig_length_check) > $board_config['max_sig_chars'] )
0374              { 
0375                  $error = TRUE;
0376                  $error_msg .=  ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
0377              }
0378          }
0379   
0380          //
0381          // Avatar stuff
0382          //
0383          $avatar_sql = "";
0384          if( isset($HTTP_POST_VARS['avatardel']) )
0385          {
0386              if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
0387              {
0388                  if( @file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
0389                  {
0390                      @unlink('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
0391                  }
0392              }
0393              $avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
0394          }
0395          else if( ( $user_avatar_loc != "" || !empty($user_avatar_url) ) && !$error )
0396          {
0397              //
0398              // Only allow one type of upload, either a
0399              // filename or a URL
0400              //
0401              if( !empty($user_avatar_loc) && !empty($user_avatar_url) )
0402              {
0403                  $error = TRUE;
0404                  if( isset($error_msg) )
0405                  {
0406                      $error_msg .= "<br />";
0407                  }
0408                  $error_msg .= $lang['Only_one_avatar'];
0409              }
0410   
0411              if( $user_avatar_loc != "" )
0412              {
0413                  if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
0414                  {
0415                      if( $user_avatar_size <= $board_config['avatar_filesize'] && $user_avatar_size > 0)
0416                      {
0417                          $error_type = false;
0418   
0419                          //
0420                          // Opera appends the image name after the type, not big, not clever!
0421                          //
0422                          preg_match("'image\/[x\-]*([a-z]+)'", $user_avatar_filetype, $user_avatar_filetype);
0423                          $user_avatar_filetype = $user_avatar_filetype[1];
0424   
0425                          switch( $user_avatar_filetype )
0426                          {
0427                              case "jpeg":
0428                              case "pjpeg":
0429                              case "jpg":
0430                                  $imgtype = '.jpg';
0431                                  break;
0432                              case "gif":
0433                                  $imgtype = '.gif';
0434                                  break;
0435                              case "png":
0436                                  $imgtype = '.png';
0437                                  break;
0438                              default:
0439                                  $error = true;
0440                                  $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
0441                                  break;
0442                          }
0443   
0444                          if( !$error )
0445                          {
0446                              list($width, $height) = @getimagesize($user_avatar_loc);
0447   
0448                              if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
0449                              {
0450                                  $user_id = $this_userdata['user_id'];
0451   
0452                                  $avatar_filename = $user_id . $imgtype;
0453   
0454                                  if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
0455                                  {
0456                                      if( @file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
0457                                      {
0458                                          @unlink("./../" . $board_config['avatar_path'] . "/". $this_userdata['user_avatar']);
0459                                      }
0460                                  }
0461                                  @copy($user_avatar_loc, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
0462   
0463                                  $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
0464                              }
0465                              else
0466                              {
0467                                  $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
0468   
0469                                  $error = true;
0470                                  $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
0471                              }
0472                          }
0473                      }
0474                      else
0475                      {
0476                          $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
0477   
0478                          $error = true;
0479                          $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
0480                      }
0481                  }
0482                  else
0483                  {
0484                      $error = true;
0485                      $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
0486                  }
0487              }
0488              else if( !empty($user_avatar_url) )
0489              {
0490                  //
0491                  // First check what port we should connect
0492                  // to, look for a :[xxxx]/ or, if that doesn't
0493                  // exist assume port 80 (http)
0494                  //
0495                  preg_match("/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/", $user_avatar_url, $url_ary);
0496   
0497                  if( !empty($url_ary[4]) )
0498                  {
0499                      $port = (!empty($url_ary[3])) ? $url_ary[3] : 80;
0500   
0501                      $fsock = @fsockopen($url_ary[2], $port, $errno, $errstr);
0502                      if( $fsock )
0503                      {
0504                          $base_get = "/" . $url_ary[4];
0505   
0506                          //
0507                          // Uses HTTP 1.1, could use HTTP 1.0 ...
0508                          //
0509                          @fputs($fsock, "GET $base_get HTTP/1.1\r\n");
0510                          @fputs($fsock, "HOST: " . $url_ary[2] . "\r\n");
0511                          @fputs($fsock, "Connection: close\r\n\r\n");
0512   
0513                          unset($avatar_data);
0514                          while( !@feof($fsock) )
0515                          {
0516                              $avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
0517                          }
0518                          @fclose($fsock);
0519   
0520                          if( preg_match("/Content-Length\: ([0-9]+)[^\/ ][\s]+/i", $avatar_data, $file_data1) && preg_match("/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i", $avatar_data, $file_data2) )
0521                          {
0522                              $file_size = $file_data1[1]; 
0523                              $file_type = $file_data2[1];
0524   
0525                              switch( $file_type )
0526                              {
0527                                  case "jpeg":
0528                                  case "pjpeg":
0529                                  case "jpg":
0530                                      $imgtype = '.jpg';
0531                                      break;
0532                                  case "gif":
0533                                      $imgtype = '.gif';
0534                                      break;
0535                                  case "png":
0536                                      $imgtype = '.png';
0537                                      break;
0538                                  default:
0539                                      $error = true;
0540                                      $error_msg = (!empty($error_msg)) ? $error_msg . "<br />" . $lang['Avatar_filetype'] : $lang['Avatar_filetype'];
0541                                      break;
0542                              }
0543   
0544                              if( !$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'] )
0545                              {
0546                                  $avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);
0547   
0548                                  $tmp_filename = tempnam ("/tmp", $this_userdata['user_id'] . "-");
0549                                  $fptr = @fopen($tmp_filename, "wb");
0550                                  $bytes_written = @fwrite($fptr, $avatar_data, $file_size);
0551                                  @fclose($fptr);
0552   
0553                                  if( $bytes_written == $file_size )
0554                                  {
0555                                      list($width, $height) = @getimagesize($tmp_filename);
0556   
0557                                      if( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
0558                                      {
0559                                          $user_id = $this_userdata['user_id'];
0560   
0561                                          $avatar_filename = $user_id . $imgtype;
0562   
0563                                          if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "")
0564                                          {
0565                                              if( file_exists(@phpbb_realpath("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
0566                                              {
0567                                                  @unlink("./../" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
0568                                              }
0569                                          }
0570                                          @copy($tmp_filename, "./../" . $board_config['avatar_path'] . "/$avatar_filename");
0571                                          @unlink($tmp_filename);
0572   
0573                                          $avatar_sql = ", user_avatar = '$avatar_filename', user_avatar_type = " . USER_AVATAR_UPLOAD;
0574                                      }
0575                                      else
0576                                      {
0577                                          $l_avatar_size = sprintf($lang['Avatar_imagesize'], $board_config['avatar_max_width'], $board_config['avatar_max_height']);
0578   
0579                                          $error = true;
0580                                          $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
0581                                      }
0582                                  }
0583                                  else
0584                                  {
0585                                      //
0586                                      // Error writing file
0587                                      //
0588                                      @unlink($tmp_filename);
0589                                      message_die(GENERAL_ERROR, "Could not write avatar file to local storage. Please contact the board administrator with this message", "", __LINE__, __FILE__);
0590                                  }
0591                              }
0592                          }
0593                          else
0594                          {
0595                              //
0596                              // No data
0597                              //
0598                              $error = true;
0599                              $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['File_no_data'] : $lang['File_no_data'];
0600                          }
0601                      }
0602                      else
0603                      {
0604                          //
0605                          // No connection
0606                          //
0607                          $error = true;
0608                          $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['No_connection_URL'] : $lang['No_connection_URL'];
0609                      }
0610                  }
0611                  else
0612                  {
0613                      $error = true;
0614                      $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Incomplete_URL'] : $lang['Incomplete_URL'];
0615                  }
0616              }
0617              else if( !empty($user_avatar_name) )
0618              {
0619                  $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
0620   
0621                  $error = true;
0622                  $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $l_avatar_size : $l_avatar_size;
0623              }
0624          }
0625          else if( $user_avatar_remoteurl != "" && $avatar_sql == "" && !$error )
0626          {
0627              if( !preg_match("#^http:\/\/#i", $user_avatar_remoteurl) )
0628              {
0629                  $user_avatar_remoteurl = "http://" . $user_avatar_remoteurl;
0630              }
0631   
0632              if( preg_match("#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+\/.*?\.(gif|jpg|png)$)#is", $user_avatar_remoteurl) )
0633              {
0634                  $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_remoteurl) . "', user_avatar_type = " . USER_AVATAR_REMOTE;
0635              }
0636              else
0637              {
0638                  $error = true;
0639                  $error_msg = ( !empty($error_msg) ) ? $error_msg . "<br />" . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
0640              }
0641          }
0642          else if( $user_avatar_local != "" && $avatar_sql == "" && !$error )
0643          {
0644              $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", phpbb_ltrim(basename($user_avatar_category), "'") . '/' . phpbb_ltrim(basename($user_avatar_local), "'")) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
0645          }
0646      
0647          //
0648          // Update entry in DB
0649          //
0650          if( !$error )
0651          {
0652              $sql = "UPDATE " . USERS_TABLE . "
0653                  SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank = $user_rank" . $avatar_sql . "
0654                  WHERE user_id = $user_id";
0655   
0656              if( $result = $db->sql_query($sql) )
0657              {
0658                  if( isset($rename_user) )
0659                  {
0660                      $sql = "UPDATE " . GROUPS_TABLE . "
0661                          SET group_name = '".str_replace("\'", "''", $rename_user)."'
0662                          WHERE group_name = '".str_replace("'", "''", $this_userdata['username'] )."'";
0663                      if( !$result = $db->sql_query($sql) )
0664                      {
0665                          message_die(GENERAL_ERROR, 'Could not rename users group', '', __LINE__, __FILE__, $sql);
0666                      }
0667                  }
0668                  
0669                  // Delete user session, to prevent the user navigating the forum (if logged in) when disabled
0670                  if (!$user_status)
0671                  {
0672                      $sql = "DELETE FROM " . SESSIONS_TABLE . 
0673                          WHERE session_user_id = " . $user_id;
0674   
0675                      if ( !$db->sql_query($sql) )
0676                      {
0677                          message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
0678                      }
0679                  }
0680   
0681                  // We remove all stored login keys since the password has been updated
0682                  // and change the current one (if applicable)
0683                  if ( !empty($passwd_sql) )
0684                  {
0685                      session_reset_keys($user_id, $user_ip);
0686                  }
0687                  
0688                  $message .= $lang['Admin_user_updated'];
0689              }
0690              else
0691              {
0692                  message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql);
0693              }
0694   
0695              $message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
0696   
0697              message_die(GENERAL_MESSAGE, $message);
0698          }
0699          else
0700          {
0701              $template->set_filenames(array(
0702                  'reg_header' => 'error_body.tpl')
0703              );
0704   
0705              $template->assign_vars(array(
0706                  'ERROR_MESSAGE' => $error_msg)
0707              );
0708   
0709              $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
0710   
0711              $username = htmlspecialchars(stripslashes($username));
0712              $email = stripslashes($email);
0713              $password = '';
0714              $password_confirm = '';
0715   
0716              $icq = stripslashes($icq);
0717              $aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
0718              $msn = htmlspecialchars(stripslashes($msn));
0719              $yim = htmlspecialchars(stripslashes($yim));
0720   
0721              $website = htmlspecialchars(stripslashes($website));
0722              $location = htmlspecialchars(stripslashes($location));
0723              $occupation = htmlspecialchars(stripslashes($occupation));
0724              $interests = htmlspecialchars(stripslashes($interests));
0725              $signature = htmlspecialchars(stripslashes($signature));
0726   
0727              $user_lang = stripslashes($user_lang);
0728              $user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
0729          }
0730      }
0731      else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) )
0732      {
0733          if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) )
0734          {
0735              $user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]);
0736              $this_userdata = get_userdata($user_id);
0737              if( !$this_userdata )
0738              {
0739                  message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
0740              }
0741          }
0742          else
0743          {
0744              $this_userdata = get_userdata($HTTP_POST_VARS['username'], true);
0745              if( !$this_userdata )
0746              {
0747                  message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
0748              }
0749          }
0750   
0751          //
0752          // Now parse and display it as a template
0753          //
0754          $user_id = $this_userdata['user_id'];
0755          $username = $this_userdata['username'];
0756          $email = $this_userdata['user_email'];
0757          $password = '';
0758          $password_confirm = '';
0759   
0760          $icq = $this_userdata['user_icq'];
0761          $aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ));
0762          $msn = htmlspecialchars($this_userdata['user_msnm']);
0763          $yim = htmlspecialchars($this_userdata['user_yim']);
0764   
0765          $website = htmlspecialchars($this_userdata['user_website']);
0766          $location = htmlspecialchars($this_userdata['user_from']);
0767          $occupation = htmlspecialchars($this_userdata['user_occ']);
0768          $interests = htmlspecialchars($this_userdata['user_interests']);
0769   
0770          $signature = ($this_userdata['user_sig_bbcode_uid'] != '') ? preg_replace('#:' . $this_userdata['user_sig_bbcode_uid'] . '#si', '', $this_userdata['user_sig']) : $this_userdata['user_sig'];
0771          $signature = preg_replace($html_entities_match, $html_entities_replace, $signature);
0772   
0773          $viewemail = $this_userdata['user_viewemail'];
0774          $notifypm = $this_userdata['user_notify_pm'];
0775          $popuppm = $this_userdata['user_popup_pm'];
0776          $notifyreply = $this_userdata['user_notify'];
0777          $attachsig = $this_userdata['user_attachsig'];
0778          $allowhtml = $this_userdata['user_allowhtml'];
0779          $allowbbcode = $this_userdata['user_allowbbcode'];
0780          $allowsmilies = $this_userdata['user_allowsmile'];
0781          $allowviewonline = $this_userdata['user_allow_viewonline'];
0782   
0783          $user_avatar = $this_userdata['user_avatar'];
0784          $user_avatar_type = $this_userdata['user_avatar_type'];
0785          $user_style = $this_userdata['user_style'];
0786          $user_lang = $this_userdata['user_lang'];
0787          $user_timezone = $this_userdata['user_timezone'];
0788          $user_dateformat = htmlspecialchars($this_userdata['user_dateformat']);
0789          
0790          $user_status = $this_userdata['user_active'];
0791          $user_allowavatar = $this_userdata['user_allowavatar'];
0792          $user_allowpm = $this_userdata['user_allow_pm'];
0793          
0794          $COPPA = false;
0795   
0796          $html_status =  ($this_userdata['user_allowhtml'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
0797          $bbcode_status = ($this_userdata['user_allowbbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
0798          $smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
0799      }
0800   
0801      if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
0802      {
0803          if( !$error )
0804          {
0805              $user_id = intval($HTTP_POST_VARS['id']);
0806   
0807              $template->set_filenames(array(
0808                  "body" => "admin/user_avatar_gallery.tpl")
0809              );
0810   
0811              $dir = @opendir("../" . $board_config['avatar_gallery_path']);
0812   
0813              $avatar_images = array();
0814              while( $file = @readdir($dir) )
0815              {
0816                  if( $file != "." && $file != ".." && !is_file(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) && !is_link(phpbb_realpath("./../" . $board_config['avatar_gallery_path'] . "/" . $file)) )
0817                  {
0818                      $sub_dir = @opendir("../" . $board_config['avatar_gallery_path'] . "/" . $file);
0819   
0820                      $avatar_row_count = 0;
0821                      $avatar_col_count = 0;
0822   
0823                      while( $sub_file = @readdir($sub_dir) )
0824                      {
0825                          if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) )
0826                          {
0827                              $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;
0828   
0829                              $avatar_col_count++;
0830                              if( $avatar_col_count == 5 )
0831                              {
0832                                  $avatar_row_count++;
0833                                  $avatar_col_count = 0;
0834                              }
0835                          }
0836                      }
0837                  }
0838              }
0839      
0840              @closedir($dir);
0841   
0842              if( isset($HTTP_POST_VARS['avatarcategory']) )
0843              {
0844                  $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
0845              }
0846              else
0847              {
0848                  list($category, ) = each($avatar_images);
0849              }
0850              @reset($avatar_images);
0851   
0852              $s_categories = "";
0853              while( list($key) = each($avatar_images) )
0854              {
0855                  $selected = ( $key == $category ) ? "selected=\"selected\"" : "";
0856                  if( count($avatar_images[$key]) )
0857                  {
0858                      $s_categories .= '<option value="' . $key . '"' . $selected . '>' . ucfirst($key) . '</option>';
0859                  }
0860              }
0861   
0862              $s_colspan = 0;
0863              for($i = 0; $i < count($avatar_images[$category]); $i++)
0864              {
0865                  $template->assign_block_vars("avatar_row", array());
0866   
0867                  $s_colspan = max($s_colspan, count($avatar_images[$category][$i]));
0868   
0869                  for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
0870                  {
0871                      $template->assign_block_vars("avatar_row.avatar_column", array(
0872                          "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j])
0873                      );
0874   
0875                      $template->assign_block_vars("avatar_row.avatar_option_column", array(
0876                          "S_OPTIONS_AVATAR" => $avatar_images[$category][$i][$j])
0877                      );
0878                  }
0879              }
0880   
0881              $coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
0882   
0883              $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';
0884              $s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';
0885   
0886              $s_hidden_fields .= '<input type="hidden" name="username" value="' . str_replace("\"", "&quot;", $username) . '" />';
0887              $s_hidden_fields .= '<input type="hidden" name="email" value="' . str_replace("\"", "&quot;", $email) . '" />';
0888              $s_hidden_fields .= '<input type="hidden" name="icq" value="' . str_replace("\"", "&quot;", $icq) . '" />';
0889              $s_hidden_fields .= '<input type="hidden" name="aim" value="' . str_replace("\"", "&quot;", $aim) . '" />';
0890              $s_hidden_fields .= '<input type="hidden" name="msn" value="' . str_replace("\"", "&quot;", $msn) . '" />';
0891              $s_hidden_fields .= '<input type="hidden" name="yim" value="' . str_replace("\"", "&quot;", $yim) . '" />';
0892              $s_hidden_fields .= '<input type="hidden" name="website" value="' . str_replace("\"", "&quot;", $website) . '" />';
0893              $s_hidden_fields .= '<input type="hidden" name="location" value="' . str_replace("\"", "&quot;", $location) . '" />';
0894              $s_hidden_fields .= '<input type="hidden" name="occupation" value="' . str_replace("\"", "&quot;", $occupation) . '" />';
0895              $s_hidden_fields .= '<input type="hidden" name="interests" value="' . str_replace("\"", "&quot;", $interests) . '" />';
0896              $s_hidden_fields .= '<input type="hidden" name="signature" value="' . str_replace("\"", "&quot;", $signature) . '" />';
0897              $s_hidden_fields .= '<input type="hidden" name="viewemail" value="' . $viewemail . '" />';
0898              $s_hidden_fields .= '<input type="hidden" name="notifypm" value="' . $notifypm . '" />';
0899              $s_hidden_fields .= '<input type="hidden" name="popup_pm" value="' . $popuppm . '" />';
0900              $s_hidden_fields .= '<input type="hidden" name="notifyreply" value="' . $notifyreply . '" />';
0901              $s_hidden_fields .= '<input type="hidden" name="attachsig" value="' . $attachsig . '" />';
0902              $s_hidden_fields .= '<input type="hidden" name="allowhtml" value="' . $allowhtml . '" />';
0903              $s_hidden_fields .= '<input type="hidden" name="allowbbcode" value="' . $allowbbcode . '" />';
0904              $s_hidden_fields .= '<input type="hidden" name="allowsmilies" value="' . $allowsmilies . '" />';
0905              $s_hidden_fields .= '<input type="hidden" name="hideonline" value="' . !$allowviewonline . '" />';
0906              $s_hidden_fields .= '<input type="hidden" name="style" value="' . $user_style . '" />'; 
0907              $s_hidden_fields .= '<input type="hidden" name="language" value="' . $user_lang . '" />';
0908              $s_hidden_fields .= '<input type="hidden" name="timezone" value="' . $user_timezone . '" />';
0909              $s_hidden_fields .= '<input type="hidden" name="dateformat" value="' . str_replace("\"", "&quot;", $user_dateformat) . '" />';
0910   
0911              $s_hidden_fields .= '<input type="hidden" name="user_status" value="' . $user_status . '" />';
0912              $s_hidden_fields .= '<input type="hidden" name="user_allowpm" value="' . $user_allowpm . '" />';
0913              $s_hidden_fields .= '<input type="hidden" name="user_allowavatar" value="' . $user_allowavatar . '" />';
0914              $s_hidden_fields .= '<input type="hidden" name="user_rank" value="' . $user_rank . '" />';
0915   
0916              $template->assign_vars(array(
0917                  "L_USER_TITLE" => $lang['User_admin'],
0918                  "L_USER_EXPLAIN" => $lang['User_admin_explain'],
0919                  "L_AVATAR_GALLERY" => $lang['Avatar_gallery'], 
0920                  "L_SELECT_AVATAR" => $lang['Select_avatar'], 
0921                  "L_RETURN_PROFILE" => $lang['Return_profile'], 
0922                  "L_CATEGORY" => $lang['Select_category'], 
0923                  "L_GO" => $lang['Go'],
0924   
0925                  "S_OPTIONS_CATEGORIES" => $s_categories, 
0926                  "S_COLSPAN" => $s_colspan, 
0927                  "S_PROFILE_ACTION" => append_sid("admin_users.$phpEx?mode=$mode"), 
0928                  "S_HIDDEN_FIELDS" => $s_hidden_fields)
0929              );
0930          }
0931      }
0932      else
0933      {
0934          $s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
0935          $s_hidden_fields .= '<input type="hidden" name="id" value="' . $this_userdata['user_id'] . '" />';
0936   
0937          if( !empty($user_avatar_local) )
0938          {
0939              $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';
0940          }
0941   
0942          if( $user_avatar_type )
0943          {
0944              switch( $user_avatar_type )
0945              {
0946                  case USER_AVATAR_UPLOAD:
0947                      $avatar = '<img src="../' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />';
0948                      break;
0949                  case USER_AVATAR_REMOTE:
0950                      $avatar = (isset($HTTP_GET_VARS['p_sid'])) ? $lang['Priv_Img'] . " $user_avatar" : '<img src="' . $user_avatar . '" alt="" />';
0951                      break;
0952                  case USER_AVATAR_GALLERY:
0953                      $avatar = '<img src="../' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />';
0954                      break;
0955              }
0956          }
0957          else
0958          {
0959              $avatar = "";
0960          }
0961   
0962          $sql = "SELECT * FROM " . RANKS_TABLE . "
0963              WHERE rank_special = 1
0964              ORDER BY rank_title";
0965          if ( !($result = $db->sql_query($sql)) )
0966          {
0967              message_die(GENERAL_ERROR, 'Could not obtain ranks data', '', __LINE__, __FILE__, $sql);
0968          }
0969   
0970          $rank_select_box = '<option value="0">' . $lang['No_assigned_rank'] . '</option>';
0971          while( $row = $db->sql_fetchrow($result) )
0972          {
0973              $rank = $row['rank_title'];
0974              $rank_id = $row['rank_id'];
0975              
0976              $selected = ( $this_userdata['user_rank'] == $rank_id ) ? ' selected="selected"' : '';
0977              $rank_select_box .= '<option value="' . $rank_id . '"' . $selected . '>' . $rank . '</option>';
0978          }
0979   
0980          $template->set_filenames(array(
0981              "body" => "admin/user_edit_body.tpl")
0982          );
0983          
0984          //
0985          // Let's do an overall check for settings/versions which would prevent
0986          // us from doing file uploads....
0987          //
0988          $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
0989          $form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
0990   
0991          $template->assign_vars(array(
0992              'USERNAME' => $username,
0993              'EMAIL' => $email,
0994              'YIM' => $yim,
0995              'ICQ' => $icq,
0996              'MSN' => $msn,
0997              'AIM' => $aim,
0998              'OCCUPATION' => $occupation,
0999              'INTERESTS' => $interests,
1000              'LOCATION' => $location,
1001              'WEBSITE' => $website,
1002              'SIGNATURE' => str_replace('<br />', "\n", $signature),
1003              'VIEW_EMAIL_YES' => ($viewemail) ? 'checked="checked"' : '',
1004              'VIEW_EMAIL_NO' => (!$viewemail) ? 'checked="checked"' : '',
1005              'HIDE_USER_YES' => (!$allowviewonline) ? 'checked="checked"' : '',
1006              'HIDE_USER_NO' => ($allowviewonline) ? 'checked="checked"' : '',
1007              'NOTIFY_PM_YES' => ($notifypm) ? 'checked="checked"' : '',
1008              'NOTIFY_PM_NO' => (!$notifypm) ? 'checked="checked"' : '',
1009              'POPUP_PM_YES' => ($popuppm) ? 'checked="checked"' : '',
1010              'POPUP_PM_NO' => (!$popuppm) ? 'checked="checked"' : '',
1011              'ALWAYS_ADD_SIGNATURE_YES' => ($attachsig) ? 'checked="checked"' : '',
1012              'ALWAYS_ADD_SIGNATURE_NO' => (!$attachsig) ? 'checked="checked"' : '',
1013              'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
1014              'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '',
1015              'ALWAYS_ALLOW_BBCODE_YES' => ($allowbbcode) ? 'checked="checked"' : '',
1016              'ALWAYS_ALLOW_BBCODE_NO' => (!$allowbbcode) ? 'checked="checked"' : '',
1017              'ALWAYS_ALLOW_HTML_YES' => ($allowhtml) ? 'checked="checked"' : '',
1018              'ALWAYS_ALLOW_HTML_NO' => (!$allowhtml) ? 'checked="checked"' : '',
1019              'ALWAYS_ALLOW_SMILIES_YES' => ($allowsmilies) ? 'checked="checked"' : '',
1020              'ALWAYS_ALLOW_SMILIES_NO' => (!$allowsmilies) ? 'checked="checked"' : '',
1021              'AVATAR' => $avatar,
1022              'LANGUAGE_SELECT' => language_select($user_lang),
1023              'TIMEZONE_SELECT' => tz_select($user_timezone),
1024              'STYLE_SELECT' => style_select($user_style, 'style'),
1025              'DATE_FORMAT' => $user_dateformat,
1026              'ALLOW_PM_YES' => ($user_allowpm) ? 'checked="checked"' : '',
1027              'ALLOW_PM_NO' => (!$user_allowpm) ? 'checked="checked"' : '',
1028              'ALLOW_AVATAR_YES' => ($user_allowavatar) ? 'checked="checked"' : '',
1029              'ALLOW_AVATAR_NO' => (!$user_allowavatar) ? 'checked="checked"' : '',
1030              'USER_ACTIVE_YES' => ($user_status) ? 'checked="checked"' : '',
1031              'USER_ACTIVE_NO' => (!$user_status) ? 'checked="checked"' : '', 
1032              'RANK_SELECT_BOX' => $rank_select_box,
1033   
1034              'L_USERNAME' => $lang['Username'],
1035              'L_USER_TITLE' => $lang['User_admin'],
1036              'L_USER_EXPLAIN' => $lang['User_admin_explain'],
1037              'L_NEW_PASSWORD' => $lang['New_password'], 
1038              'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'],
1039              'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
1040              'L_PASSWORD_CONFIRM_IF_CHANGED' => $lang['password_confirm_if_changed'],
1041              'L_SUBMIT' => $lang['Submit'],
1042              'L_RESET' => $lang['Reset'],
1043              'L_ICQ_NUMBER' => $lang['ICQ'],
1044              'L_MESSENGER' => $lang['MSNM'],
1045              'L_YAHOO' => $lang['YIM'],
1046              'L_WEBSITE' => $lang['Website'],
1047              'L_AIM' => $lang['AIM'],
1048              'L_LOCATION' => $lang['Location'],
1049              'L_OCCUPATION' => $lang['Occupation'],
1050              'L_BOARD_LANGUAGE' => $lang['Board_lang'],
1051              'L_BOARD_STYLE' => $lang['Board_style'],
1052              'L_TIMEZONE' => $lang['Timezone'],
1053              'L_DATE_FORMAT' => $lang['Date_format'],
1054              'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'],
1055              'L_YES' => $lang['Yes'],
1056              'L_NO' => $lang['No'],
1057              'L_INTERESTS' => $lang['Interests'],
1058              'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'],
1059              'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'],
1060              'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'],
1061              'L_HIDE_USER' => $lang['Hide_user'],
1062              'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
1063              
1064              'L_SPECIAL' => $lang['User_special'],
1065              'L_SPECIAL_EXPLAIN' => $lang['User_special_explain'],
1066              'L_USER_ACTIVE' => $lang['User_status'],
1067              'L_ALLOW_PM' => $lang['User_allowpm'],
1068              'L_ALLOW_AVATAR' => $lang['User_allowavatar'],
1069              
1070              'L_AVATAR_PANEL' => $lang['Avatar_panel'],
1071              'L_AVATAR_EXPLAIN' => $lang['Admin_avatar_explain'],
1072              'L_DELETE_AVATAR' => $lang['Delete_Image'],
1073              'L_CURRENT_IMAGE' => $lang['Current_Image'],
1074              'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'],
1075              'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'],
1076              'L_AVATAR_GALLERY' => $lang['Select_from_gallery'],
1077              'L_SHOW_GALLERY' => $lang['View_avatar_gallery'],
1078              'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'],
1079   
1080              'L_SIGNATURE' => $lang['Signature'],
1081              'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars'] ),
1082              'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'],
1083              'L_NOTIFY_ON_REPLY' => $lang['Always_notify'],
1084              'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'],
1085              'L_PREFERENCES' => $lang['Preferences'],
1086              'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'],
1087              'L_ITEMS_REQUIRED' => $lang['Items_required'],
1088              'L_REGISTRATION_INFO' => $lang['Registration_info'],
1089              'L_PROFILE_INFO' => $lang['Profile_info'],
1090              'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
1091              'L_EMAIL_ADDRESS' => $lang['Email_address'],
1092              'S_FORM_ENCTYPE' => $form_enctype,
1093   
1094              'HTML_STATUS' => $html_status,
1095              'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 
1096              'SMILIES_STATUS' => $smilies_status,
1097   
1098              'L_DELETE_USER' => $lang['User_delete'],
1099              'L_DELETE_USER_EXPLAIN' => $lang['User_delete_explain'],
1100              'L_SELECT_RANK' => $lang['Rank_title'],
1101   
1102              'S_HIDDEN_FIELDS' => $s_hidden_fields,
1103              'S_PROFILE_ACTION' => append_sid("admin_users.$phpEx"))
1104          );
1105   
1106          if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'])) && ($board_config['allow_avatar_upload'] == TRUE) )
1107          {
1108              if ( $form_enctype != '' )
1109              {
1110                  $template->assign_block_vars('avatar_local_upload', array() );
1111              }
1112              $template->assign_block_vars('avatar_remote_upload', array() );
1113          }
1114   
1115          if( file_exists(@phpbb_realpath('./../' . $board_config['avatar_gallery_path'])) && ($board_config['allow_avatar_local'] == TRUE) )
1116          {
1117              $template->assign_block_vars('avatar_local_gallery', array() );
1118          }
1119          
1120          if( $board_config['allow_avatar_remote'] == TRUE )
1121          {
1122              $template->assign_block_vars('avatar_remote_link', array() );
1123          }
1124      }
1125   
1126      $template->pparse('body');
1127  }
1128  else
1129  {
1130      //
1131      // Default user selection box
1132      //
1133      $template->set_filenames(array(
1134          'body' => 'admin/user_select_body.tpl')
1135      );
1136   
1137      $template->assign_vars(array(
1138          'L_USER_TITLE' => $lang['User_admin'],
1139          'L_USER_EXPLAIN' => $lang['User_admin_explain'],
1140          'L_USER_SELECT' => $lang['Select_a_User'],
1141          'L_LOOK_UP' => $lang['Look_up_user'],
1142          'L_FIND_USERNAME' => $lang['Find_username'],
1143   
1144          'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"), 
1145   
1146          'S_USER_ACTION' => "admin_users.$phpEx?sid=" . $userdata['session_id'],
1147          'S_USER_SELECT' => $select_list,
1148          'S_HIDDEN_FIELDS' => '<input type="hidden" name="p_sid" value="' . $userdata['priv_session_id'] . '"/>')
1149      );
1150      $template->pparse('body');
1151   
1152  }
1153   
1154  include('./page_footer_admin.'.$phpEx);
1155   
1156  ?>