Verzeichnisstruktur phpBB-2.0.0
- Veröffentlicht
- 03.04.2002
So funktioniert es
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
usercp_register.php
0001 <?php
0002 /***************************************************************************
0003 * usercp_register.php
0004 * -------------------
0005 * begin : Saturday, Feb 13, 2001
0006 * copyright : (C) 2001 The phpBB Group
0007 * email : support@phpbb.com
0008 *
0009 * $Id$
0010 *
0011 *
0012 ***************************************************************************/
0013
0014 /***************************************************************************
0015 *
0016 * This program is free software; you can redistribute it and/or modify
0017 * it under the terms of the GNU General Public License as published by
0018 * the Free Software Foundation; either version 2 of the License, or
0019 * (at your option) any later version.
0020 *
0021 *
0022 ***************************************************************************/
0023
0024 /*
0025
0026 This code has been modified from its original form by psoTFX @ phpbb.com
0027 Changes introduce the back-ported phpBB 2.2 visual confirmation code.
0028
0029 NOTE: Anyone using the modified code contained within this script MUST include
0030 a relevant message such as this in usercp_register.php ... failure to do so
0031 will affect a breach of Section 2a of the GPL and our copyright
0032
0033 png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved
0034
0035 */
0036
0037 if ( !defined('IN_PHPBB') )
0038 {
0039 die("Hacking attempt");
0040 exit;
0041 }
0042
0043 $unhtml_specialchars_match = array('#>#', '#<#', '#"#', '#&#');
0044 $unhtml_specialchars_replace = array('>', '<', '"', '&');
0045
0046 // ---------------------------------------
0047 // Load agreement template since user has not yet
0048 // agreed to registration conditions/coppa
0049 //
0050 function show_coppa()
0051 {
0052 global $userdata, $template, $lang, $phpbb_root_path, $phpEx;
0053
0054 $template->set_filenames(array(
0055 'body' => 'agreement.tpl')
0056 );
0057
0058 $template->assign_vars(array(
0059 'REGISTRATION' => $lang['Registration'],
0060 'AGREEMENT' => $lang['Reg_agreement'],
0061 "AGREE_OVER_13" => $lang['Agree_over_13'],
0062 "AGREE_UNDER_13" => $lang['Agree_under_13'],
0063 'DO_NOT_AGREE' => $lang['Agree_not'],
0064
0065 "U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
0066 "U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
0067 );
0068
0069 $template->pparse('body');
0070
0071 }
0072 //
0073 // ---------------------------------------
0074
0075 $error = FALSE;
0076 $error_msg = '';
0077 $page_title = ( $mode == 'editprofile' ) ? $lang['Edit_profile'] : $lang['Register'];
0078
0079 if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )
0080 {
0081 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
0082
0083 show_coppa();
0084
0085 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
0086 }
0087
0088 $coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE;
0089
0090 //
0091 // Check and initialize some variables if needed
0092 //
0093 if (
0094 isset($HTTP_POST_VARS['submit']) ||
0095 isset($HTTP_POST_VARS['avatargallery']) ||
0096 isset($HTTP_POST_VARS['submitavatar']) ||
0097 isset($HTTP_POST_VARS['cancelavatar']) ||
0098 $mode == 'register' )
0099 {
0100 include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
0101 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
0102 include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
0103
0104 if ( $mode == 'editprofile' )
0105 {
0106 $user_id = intval($HTTP_POST_VARS['user_id']);
0107 $current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email']));
0108 }
0109
0110 $strip_var_list = array('email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests', 'confirm_code' => 'confirm_code');
0111
0112 // Strip all tags from data ... may p**s some people off, bah, strip_tags is
0113 // doing the job but can still break HTML output ... have no choice, have
0114 // to use htmlspecialchars ... be prepared to be moaned at.
0115 while( list($var, $param) = @each($strip_var_list) )
0116 {
0117 if ( !empty($HTTP_POST_VARS[$param]) )
0118 {
0119 $$var = trim(htmlspecialchars($HTTP_POST_VARS[$param]));
0120 }
0121 }
0122
0123 $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
0124
0125 $trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');
0126
0127 while( list($var, $param) = @each($trim_var_list) )
0128 {
0129 if ( !empty($HTTP_POST_VARS[$param]) )
0130 {
0131 $$var = trim($HTTP_POST_VARS[$param]);
0132 }
0133 }
0134
0135 $signature = (isset($signature)) ? str_replace('<br />', "\n", $signature) : '';
0136 $signature_bbcode_uid = '';
0137
0138 // Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
0139 // empty strings if they fail.
0140 validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
0141
0142 $viewemail = ( isset($HTTP_POST_VARS['viewemail']) ) ? ( ($HTTP_POST_VARS['viewemail']) ? TRUE : 0 ) : 0;
0143 $allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
0144 $notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
0145 $notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
0146 $popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
0147 $sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
0148
0149 if ( $mode == 'register' )
0150 {
0151 $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $board_config['allow_sig'];
0152
0153 $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $board_config['allow_html'];
0154 $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $board_config['allow_bbcode'];
0155 $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $board_config['allow_smilies'];
0156 }
0157 else
0158 {
0159 $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $userdata['user_attachsig'];
0160
0161 $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml'];
0162 $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode'];
0163 $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmile'];
0164 }
0165
0166 $user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style'];
0167
0168 if ( !empty($HTTP_POST_VARS['language']) )
0169 {
0170 if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) )
0171 {
0172 $user_lang = htmlspecialchars($HTTP_POST_VARS['language']);
0173 }
0174 else
0175 {
0176 $error = true;
0177 $error_msg = $lang['Fields_empty'];
0178 }
0179 }
0180 else
0181 {
0182 $user_lang = $board_config['default_lang'];
0183 }
0184
0185 $user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
0186
0187 $sql = "SELECT config_value
0188 FROM " . CONFIG_TABLE . "
0189 WHERE config_name = 'default_dateformat'";
0190 if ( !($result = $db->sql_query($sql)) )
0191 {
0192 message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql);
0193 }
0194 $row = $db->sql_fetchrow($result);
0195 $board_config['default_dateformat'] = $row['config_value'];
0196 $user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
0197
0198 $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
0199 $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
0200
0201 $user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
0202 $user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
0203 $user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
0204 $user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
0205 $user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
0206
0207 $user_avatar = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
0208 $user_avatar_type = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';
0209
0210 if ( (isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) && (!isset($HTTP_POST_VARS['submit'])) )
0211 {
0212 $username = stripslashes($username);
0213 $email = stripslashes($email);
0214 $cur_password = htmlspecialchars(stripslashes($cur_password));
0215 $new_password = htmlspecialchars(stripslashes($new_password));
0216 $password_confirm = htmlspecialchars(stripslashes($password_confirm));
0217
0218 $icq = stripslashes($icq);
0219 $aim = stripslashes($aim);
0220 $msn = stripslashes($msn);
0221 $yim = stripslashes($yim);
0222
0223 $website = stripslashes($website);
0224 $location = stripslashes($location);
0225 $occupation = stripslashes($occupation);
0226 $interests = stripslashes($interests);
0227 $signature = htmlspecialchars(stripslashes($signature));
0228
0229 $user_lang = stripslashes($user_lang);
0230 $user_dateformat = stripslashes($user_dateformat);
0231
0232 if ( !isset($HTTP_POST_VARS['cancelavatar']))
0233 {
0234 $user_avatar = $user_avatar_category . '/' . $user_avatar_local;
0235 $user_avatar_type = USER_AVATAR_GALLERY;
0236 }
0237 }
0238 }
0239
0240 //
0241 // Let's make sure the user isn't logged in while registering,
0242 // and ensure that they were trying to register a second time
0243 // (Prevents double registrations)
0244 //
0245 if ($mode == 'register' && ($userdata['session_logged_in'] || $username == $userdata['username']))
0246 {
0247 message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
0248 }
0249
0250 //
0251 // Did the user submit? In this case build a query to update the users profile in the DB
0252 //
0253 if ( isset($HTTP_POST_VARS['submit']) )
0254 {
0255 include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
0256
0257 // session id check
0258 if ($sid == '' || $sid != $userdata['session_id'])
0259 {
0260 $error = true;
0261 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
0262 }
0263
0264 $passwd_sql = '';
0265 if ( $mode == 'editprofile' )
0266 {
0267 if ( $user_id != $userdata['user_id'] )
0268 {
0269 $error = TRUE;
0270 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Wrong_Profile'];
0271 }
0272 }
0273 else if ( $mode == 'register' )
0274 {
0275 if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
0276 {
0277 $error = TRUE;
0278 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty'];
0279 }
0280 }
0281
0282 if ($board_config['enable_confirm'] && $mode == 'register')
0283 {
0284 if (empty($HTTP_POST_VARS['confirm_id']))
0285 {
0286 $error = TRUE;
0287 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
0288 }
0289 else
0290 {
0291 $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
0292 if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
0293 {
0294 $confirm_id = '';
0295 }
0296
0297 $sql = 'SELECT code
0298 FROM ' . CONFIRM_TABLE . "
0299 WHERE confirm_id = '$confirm_id'
0300 AND session_id = '" . $userdata['session_id'] . "'";
0301 if (!($result = $db->sql_query($sql)))
0302 {
0303 message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);
0304 }
0305
0306 if ($row = $db->sql_fetchrow($result))
0307 {
0308 if ($row['code'] != $confirm_code)
0309 {
0310 $error = TRUE;
0311 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
0312 }
0313 else
0314 {
0315 $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
0316 WHERE confirm_id = '$confirm_id'
0317 AND session_id = '" . $userdata['session_id'] . "'";
0318 if (!$db->sql_query($sql))
0319 {
0320 message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);
0321 }
0322 }
0323 }
0324 else
0325 {
0326 $error = TRUE;
0327 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
0328 }
0329 $db->sql_freeresult($result);
0330 }
0331 }
0332
0333 $passwd_sql = '';
0334 if ( !empty($new_password) && !empty($password_confirm) )
0335 {
0336 if ( $new_password != $password_confirm )
0337 {
0338 $error = TRUE;
0339 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
0340 }
0341 else if ( strlen($new_password) > 32 )
0342 {
0343 $error = TRUE;
0344 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_long'];
0345 }
0346 else
0347 {
0348 if ( $mode == 'editprofile' )
0349 {
0350 $sql = "SELECT user_password
0351 FROM " . USERS_TABLE . "
0352 WHERE user_id = $user_id";
0353 if ( !($result = $db->sql_query($sql)) )
0354 {
0355 message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
0356 }
0357
0358 $row = $db->sql_fetchrow($result);
0359
0360 if ( $row['user_password'] != md5($cur_password) )
0361 {
0362 $error = TRUE;
0363 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Current_password_mismatch'];
0364 }
0365 }
0366
0367 if ( !$error )
0368 {
0369 $new_password = md5($new_password);
0370 $passwd_sql = "user_password = '$new_password', ";
0371 }
0372 }
0373 }
0374 else if ( ( empty($new_password) && !empty($password_confirm) ) || ( !empty($new_password) && empty($password_confirm) ) )
0375 {
0376 $error = TRUE;
0377 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
0378 }
0379
0380 //
0381 // Do a ban check on this email address
0382 //
0383 if ( $email != $userdata['user_email'] || $mode == 'register' )
0384 {
0385 $result = validate_email($email);
0386 if ( $result['error'] )
0387 {
0388 $email = $userdata['user_email'];
0389
0390 $error = TRUE;
0391 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
0392 }
0393
0394 if ( $mode == 'editprofile' )
0395 {
0396 $sql = "SELECT user_password
0397 FROM " . USERS_TABLE . "
0398 WHERE user_id = $user_id";
0399 if ( !($result = $db->sql_query($sql)) )
0400 {
0401 message_die(GENERAL_ERROR, 'Could not obtain user_password information', '', __LINE__, __FILE__, $sql);
0402 }
0403
0404 $row = $db->sql_fetchrow($result);
0405
0406 if ( $row['user_password'] != md5($cur_password) )
0407 {
0408 $email = $userdata['user_email'];
0409
0410 $error = TRUE;
0411 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Current_password_mismatch'];
0412 }
0413 }
0414 }
0415
0416 $username_sql = '';
0417 if ( $board_config['allow_namechange'] || $mode == 'register' )
0418 {
0419 if ( empty($username) )
0420 {
0421 // Error is already triggered, since one field is empty.
0422 $error = TRUE;
0423 }
0424 else if ( $username != $userdata['username'] || $mode == 'register')
0425 {
0426 if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')
0427 {
0428 $result = validate_username($username);
0429 if ( $result['error'] )
0430 {
0431 $error = TRUE;
0432 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
0433 }
0434 }
0435
0436 if (!$error)
0437 {
0438 $username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
0439 }
0440 }
0441 }
0442
0443 if ( $signature != '' )
0444 {
0445 if ( strlen($signature) > $board_config['max_sig_chars'] )
0446 {
0447 $error = TRUE;
0448 $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
0449 }
0450
0451 if ( !isset($signature_bbcode_uid) || $signature_bbcode_uid == '' )
0452 {
0453 $signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
0454 }
0455 $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
0456 }
0457
0458 if ( $website != '' )
0459 {
0460 rawurlencode($website);
0461 }
0462
0463 $avatar_sql = '';
0464
0465 if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' )
0466 {
0467 $avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
0468 }
0469 else
0470 if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
0471 {
0472 if ( !empty($user_avatar_upload) )
0473 {
0474 $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
0475 $avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
0476 }
0477 else if ( !empty($user_avatar_name) )
0478 {
0479 $l_avatar_size = sprintf($lang['Avatar_filesize'], round($board_config['avatar_filesize'] / 1024));
0480
0481 $error = true;
0482 $error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $l_avatar_size;
0483 }
0484 }
0485 else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
0486 {
0487 user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
0488 $avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
0489 }
0490 else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
0491 {
0492 user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
0493 $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local, $user_avatar_category);
0494 }
0495
0496 if ( !$error )
0497 {
0498 if ( $avatar_sql == '' )
0499 {
0500 $avatar_sql = ( $mode == 'editprofile' ) ? '' : "'', " . USER_AVATAR_NONE;
0501 }
0502
0503 if ( $mode == 'editprofile' )
0504 {
0505 if ( $email != $userdata['user_email'] && $board_config['require_activation'] != USER_ACTIVATION_NONE && $userdata['user_level'] != ADMIN )
0506 {
0507 $user_active = 0;
0508
0509 $user_actkey = gen_rand_string(true);
0510 $key_len = 54 - ( strlen($server_url) );
0511 $key_len = ( $key_len > 6 ) ? $key_len : 6;
0512 $user_actkey = substr($user_actkey, 0, $key_len);
0513
0514 if ( $userdata['session_logged_in'] )
0515 {
0516 session_end($userdata['session_id'], $userdata['user_id']);
0517 }
0518 }
0519 else
0520 {
0521 $user_active = 1;
0522 $user_actkey = '';
0523 }
0524
0525 $sql = "UPDATE " . USERS_TABLE . "
0526 SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popup_pm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
0527 WHERE user_id = $user_id";
0528 if ( !($result = $db->sql_query($sql)) )
0529 {
0530 message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
0531 }
0532
0533 // We remove all stored login keys since the password has been updated
0534 // and change the current one (if applicable)
0535 if ( !empty($passwd_sql) )
0536 {
0537 session_reset_keys($user_id, $user_ip);
0538 }
0539
0540 if ( !$user_active )
0541 {
0542 //
0543 // The users account has been deactivated, send them an email with a new activation key
0544 //
0545 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
0546 $emailer = new emailer($board_config['smtp_delivery']);
0547
0548 if ( $board_config['require_activation'] != USER_ACTIVATION_ADMIN )
0549 {
0550 $emailer->from($board_config['board_email']);
0551 $emailer->replyto($board_config['board_email']);
0552
0553 $emailer->use_template('user_activate', stripslashes($user_lang));
0554 $emailer->email_address($email);
0555 $emailer->set_subject($lang['Reactivate']);
0556
0557 $emailer->assign_vars(array(
0558 'SITENAME' => $board_config['sitename'],
0559 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
0560 'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
0561
0562 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
0563 );
0564 $emailer->send();
0565 $emailer->reset();
0566 }
0567 else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
0568 {
0569 $sql = 'SELECT user_email, user_lang
0570 FROM ' . USERS_TABLE . '
0571 WHERE user_level = ' . ADMIN;
0572
0573 if ( !($result = $db->sql_query($sql)) )
0574 {
0575 message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
0576 }
0577
0578 while ($row = $db->sql_fetchrow($result))
0579 {
0580 $emailer->from($board_config['board_email']);
0581 $emailer->replyto($board_config['board_email']);
0582
0583 $emailer->email_address(trim($row['user_email']));
0584 $emailer->use_template("admin_activate", $row['user_lang']);
0585 $emailer->set_subject($lang['Reactivate']);
0586
0587 $emailer->assign_vars(array(
0588 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
0589 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
0590
0591 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
0592 );
0593 $emailer->send();
0594 $emailer->reset();
0595 }
0596 $db->sql_freeresult($result);
0597 }
0598
0599 $message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
0600 }
0601 else
0602 {
0603 $message = $lang['Profile_updated'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
0604 }
0605
0606 $template->assign_vars(array(
0607 "META" => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
0608 );
0609
0610 message_die(GENERAL_MESSAGE, $message);
0611 }
0612 else
0613 {
0614 $sql = "SELECT MAX(user_id) AS total
0615 FROM " . USERS_TABLE;
0616 if ( !($result = $db->sql_query($sql)) )
0617 {
0618 message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
0619 }
0620
0621 if ( !($row = $db->sql_fetchrow($result)) )
0622 {
0623 message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
0624 }
0625 $user_id = $row['total'] + 1;
0626
0627 //
0628 // Get current date
0629 //
0630 $sql = "INSERT INTO " . USERS_TABLE . " (user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
0631 VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
0632 if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
0633 {
0634 $user_actkey = gen_rand_string(true);
0635 $key_len = 54 - (strlen($server_url));
0636 $key_len = ( $key_len > 6 ) ? $key_len : 6;
0637 $user_actkey = substr($user_actkey, 0, $key_len);
0638 $sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
0639 }
0640 else
0641 {
0642 $sql .= "1, '')";
0643 }
0644
0645 if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
0646 {
0647 message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
0648 }
0649
0650 $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
0651 VALUES ('', 'Personal User', 1, 0)";
0652 if ( !($result = $db->sql_query($sql)) )
0653 {
0654 message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
0655 }
0656
0657 $group_id = $db->sql_nextid();
0658
0659 $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
0660 VALUES ($user_id, $group_id, 0)";
0661 if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
0662 {
0663 message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
0664 }
0665
0666 if ( $coppa )
0667 {
0668 $message = $lang['COPPA'];
0669 $email_template = 'coppa_welcome_inactive';
0670 }
0671 else if ( $board_config['require_activation'] == USER_ACTIVATION_SELF )
0672 {
0673 $message = $lang['Account_inactive'];
0674 $email_template = 'user_welcome_inactive';
0675 }
0676 else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
0677 {
0678 $message = $lang['Account_inactive_admin'];
0679 $email_template = 'admin_welcome_inactive';
0680 }
0681 else
0682 {
0683 $message = $lang['Account_added'];
0684 $email_template = 'user_welcome';
0685 }
0686
0687 include($phpbb_root_path . 'includes/emailer.'.$phpEx);
0688 $emailer = new emailer($board_config['smtp_delivery']);
0689
0690 $emailer->from($board_config['board_email']);
0691 $emailer->replyto($board_config['board_email']);
0692
0693 $emailer->use_template($email_template, stripslashes($user_lang));
0694 $emailer->email_address($email);
0695 $emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));
0696
0697 if( $coppa )
0698 {
0699 $emailer->assign_vars(array(
0700 'SITENAME' => $board_config['sitename'],
0701 'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
0702 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
0703 'PASSWORD' => $password_confirm,
0704 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
0705
0706 'FAX_INFO' => $board_config['coppa_fax'],
0707 'MAIL_INFO' => $board_config['coppa_mail'],
0708 'EMAIL_ADDRESS' => $email,
0709 'ICQ' => $icq,
0710 'AIM' => $aim,
0711 'YIM' => $yim,
0712 'MSN' => $msn,
0713 'WEB_SITE' => $website,
0714 'FROM' => $location,
0715 'OCC' => $occupation,
0716 'INTERESTS' => $interests,
0717 'SITENAME' => $board_config['sitename']));
0718 }
0719 else
0720 {
0721 $emailer->assign_vars(array(
0722 'SITENAME' => $board_config['sitename'],
0723 'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
0724 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
0725 'PASSWORD' => $password_confirm,
0726 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
0727
0728 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
0729 );
0730 }
0731
0732 $emailer->send();
0733 $emailer->reset();
0734
0735 if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
0736 {
0737 $sql = "SELECT user_email, user_lang
0738 FROM " . USERS_TABLE . "
0739 WHERE user_level = " . ADMIN;
0740
0741 if ( !($result = $db->sql_query($sql)) )
0742 {
0743 message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
0744 }
0745
0746 while ($row = $db->sql_fetchrow($result))
0747 {
0748 $emailer->from($board_config['board_email']);
0749 $emailer->replyto($board_config['board_email']);
0750
0751 $emailer->email_address(trim($row['user_email']));
0752 $emailer->use_template("admin_activate", $row['user_lang']);
0753 $emailer->set_subject($lang['New_account_subject']);
0754
0755 $emailer->assign_vars(array(
0756 'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
0757 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
0758
0759 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
0760 );
0761 $emailer->send();
0762 $emailer->reset();
0763 }
0764 $db->sql_freeresult($result);
0765 }
0766
0767 $message = $message . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
0768
0769 message_die(GENERAL_MESSAGE, $message);
0770 } // if mode == register
0771 }
0772 } // End of submit
0773
0774
0775 if ( $error )
0776 {
0777 //
0778 // If an error occured we need to stripslashes on returned data
0779 //
0780 $username = stripslashes($username);
0781 $email = stripslashes($email);
0782 $cur_password = '';
0783 $new_password = '';
0784 $password_confirm = '';
0785
0786 $icq = stripslashes($icq);
0787 $aim = str_replace('+', ' ', stripslashes($aim));
0788 $msn = stripslashes($msn);
0789 $yim = stripslashes($yim);
0790
0791 $website = stripslashes($website);
0792 $location = stripslashes($location);
0793 $occupation = stripslashes($occupation);
0794 $interests = stripslashes($interests);
0795 $signature = stripslashes($signature);
0796 $signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $signature) : $signature;
0797
0798 $user_lang = stripslashes($user_lang);
0799 $user_dateformat = stripslashes($user_dateformat);
0800
0801 }
0802 else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
0803 {
0804 $user_id = $userdata['user_id'];
0805 $username = $userdata['username'];
0806 $email = $userdata['user_email'];
0807 $cur_password = '';
0808 $new_password = '';
0809 $password_confirm = '';
0810
0811 $icq = $userdata['user_icq'];
0812 $aim = str_replace('+', ' ', $userdata['user_aim']);
0813 $msn = $userdata['user_msnm'];
0814 $yim = $userdata['user_yim'];
0815
0816 $website = $userdata['user_website'];
0817 $location = $userdata['user_from'];
0818 $occupation = $userdata['user_occ'];
0819 $interests = $userdata['user_interests'];
0820 $signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
0821 $signature = ($signature_bbcode_uid != '') ? preg_replace('/:(([a-z0-9]+:)?)' . preg_quote($signature_bbcode_uid, '/') . '(=|\])/si', '\\3', $userdata['user_sig']) : $userdata['user_sig'];
0822
0823 $viewemail = $userdata['user_viewemail'];
0824 $notifypm = $userdata['user_notify_pm'];
0825 $popup_pm = $userdata['user_popup_pm'];
0826 $notifyreply = $userdata['user_notify'];
0827 $attachsig = $userdata['user_attachsig'];
0828 $allowhtml = $userdata['user_allowhtml'];
0829 $allowbbcode = $userdata['user_allowbbcode'];
0830 $allowsmilies = $userdata['user_allowsmile'];
0831 $allowviewonline = $userdata['user_allow_viewonline'];
0832
0833 $user_avatar = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar'] : '';
0834 $user_avatar_type = ( $userdata['user_allowavatar'] ) ? $userdata['user_avatar_type'] : USER_AVATAR_NONE;
0835
0836 $user_style = $userdata['user_style'];
0837 $user_lang = $userdata['user_lang'];
0838 $user_timezone = $userdata['user_timezone'];
0839 $user_dateformat = $userdata['user_dateformat'];
0840 }
0841
0842 //
0843 // Default pages
0844 //
0845 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
0846
0847 make_jumpbox('viewforum.'.$phpEx);
0848
0849 if ( $mode == 'editprofile' )
0850 {
0851 if ( $user_id != $userdata['user_id'] )
0852 {
0853 $error = TRUE;
0854 $error_msg = $lang['Wrong_Profile'];
0855 }
0856 }
0857
0858 if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
0859 {
0860 include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
0861
0862 $avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory']) : '';
0863
0864 $template->set_filenames(array(
0865 'body' => 'profile_avatar_gallery.tpl')
0866 );
0867
0868 $allowviewonline = !$allowviewonline;
0869
0870 display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $new_password, $cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
0871 }
0872 else
0873 {
0874 include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
0875
0876 if ( !isset($coppa) )
0877 {
0878 $coppa = FALSE;
0879 }
0880
0881 if ( !isset($user_style) )
0882 {
0883 $user_style = $board_config['default_style'];
0884 }
0885
0886 $avatar_img = '';
0887 if ( $user_avatar_type )
0888 {
0889 switch( $user_avatar_type )
0890 {
0891 case USER_AVATAR_UPLOAD:
0892 $avatar_img = ( $board_config['allow_avatar_upload'] ) ? '<img src="' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />' : '';
0893 break;
0894 case USER_AVATAR_REMOTE:
0895 $avatar_img = ( $board_config['allow_avatar_remote'] ) ? '<img src="' . $user_avatar . '" alt="" />' : '';
0896 break;
0897 case USER_AVATAR_GALLERY:
0898 $avatar_img = ( $board_config['allow_avatar_local'] ) ? '<img src="' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />' : '';
0899 break;
0900 }
0901 }
0902
0903 $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
0904 $s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
0905 if( $mode == 'editprofile' )
0906 {
0907 $s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';
0908 //
0909 // Send the users current email address. If they change it, and account activation is turned on
0910 // the user account will be disabled and the user will have to reactivate their account.
0911 //
0912 $s_hidden_fields .= '<input type="hidden" name="current_email" value="' . $userdata['user_email'] . '" />';
0913 }
0914
0915 if ( !empty($user_avatar_local) )
0916 {
0917 $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';
0918 }
0919
0920 $html_status = ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
0921 $bbcode_status = ( $userdata['user_allowbbcode'] && $board_config['allow_bbcode'] ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
0922 $smilies_status = ( $userdata['user_allowsmile'] && $board_config['allow_smilies'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
0923
0924 if ( $error )
0925 {
0926 $template->set_filenames(array(
0927 'reg_header' => 'error_body.tpl')
0928 );
0929 $template->assign_vars(array(
0930 'ERROR_MESSAGE' => $error_msg)
0931 );
0932 $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
0933 }
0934
0935 $template->set_filenames(array(
0936 'body' => 'profile_add_body.tpl')
0937 );
0938
0939 if ( $mode == 'editprofile' )
0940 {
0941 $template->assign_block_vars('switch_edit_profile', array());
0942 }
0943
0944 if ( ($mode == 'register') || ($board_config['allow_namechange']) )
0945 {
0946 $template->assign_block_vars('switch_namechange_allowed', array());
0947 }
0948 else
0949 {
0950 $template->assign_block_vars('switch_namechange_disallowed', array());
0951 }
0952
0953
0954 // Visual Confirmation
0955 $confirm_image = '';
0956 if (!empty($board_config['enable_confirm']) && $mode == 'register')
0957 {
0958 $sql = 'SELECT session_id
0959 FROM ' . SESSIONS_TABLE;
0960 if (!($result = $db->sql_query($sql)))
0961 {
0962 message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql);
0963 }
0964
0965 if ($row = $db->sql_fetchrow($result))
0966 {
0967 $confirm_sql = '';
0968 do
0969 {
0970 $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'";
0971 }
0972 while ($row = $db->sql_fetchrow($result));
0973
0974 $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
0975 WHERE session_id NOT IN ($confirm_sql)";
0976 if (!$db->sql_query($sql))
0977 {
0978 message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql);
0979 }
0980 }
0981 $db->sql_freeresult($result);
0982
0983 $sql = 'SELECT COUNT(session_id) AS attempts
0984 FROM ' . CONFIRM_TABLE . "
0985 WHERE session_id = '" . $userdata['session_id'] . "'";
0986 if (!($result = $db->sql_query($sql)))
0987 {
0988 message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql);
0989 }
0990
0991 if ($row = $db->sql_fetchrow($result))
0992 {
0993 if ($row['attempts'] > 3)
0994 {
0995 message_die(GENERAL_MESSAGE, $lang['Too_many_registers']);
0996 }
0997 }
0998 $db->sql_freeresult($result);
0999
1000 // Generate the required confirmation code
1001 // NB 0 (zero) could get confused with O (the letter) so we make change it
1002 $code = dss_rand();
1003 $code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);
1004
1005 $confirm_id = md5(uniqid($user_ip));
1006
1007 $sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code)
1008 VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
1009 if (!$db->sql_query($sql))
1010 {
1011 message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
1012 }
1013
1014 unset($code);
1015
1016 $confirm_image = '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />';
1017 $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
1018
1019 $template->assign_block_vars('switch_confirm', array());
1020 }
1021
1022
1023 //
1024 // Let's do an overall check for settings/versions which would prevent
1025 // us from doing file uploads....
1026 //
1027 $ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
1028 $form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
1029
1030 $template->assign_vars(array(
1031 'USERNAME' => isset($username) ? $username : '',
1032 'CUR_PASSWORD' => isset($cur_password) ? $cur_password : '',
1033 'NEW_PASSWORD' => isset($new_password) ? $new_password : '',
1034 'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '',
1035 'EMAIL' => isset($email) ? $email : '',
1036 'CONFIRM_IMG' => $confirm_image,
1037 'YIM' => $yim,
1038 'ICQ' => $icq,
1039 'MSN' => $msn,
1040 'AIM' => $aim,
1041 'OCCUPATION' => $occupation,
1042 'INTERESTS' => $interests,
1043 'LOCATION' => $location,
1044 'WEBSITE' => $website,
1045 'SIGNATURE' => str_replace('<br />', "\n", $signature),
1046 'VIEW_EMAIL_YES' => ( $viewemail ) ? 'checked="checked"' : '',
1047 'VIEW_EMAIL_NO' => ( !$viewemail ) ? 'checked="checked"' : '',
1048 'HIDE_USER_YES' => ( !$allowviewonline ) ? 'checked="checked"' : '',
1049 'HIDE_USER_NO' => ( $allowviewonline ) ? 'checked="checked"' : '',
1050 'NOTIFY_PM_YES' => ( $notifypm ) ? 'checked="checked"' : '',
1051 'NOTIFY_PM_NO' => ( !$notifypm ) ? 'checked="checked"' : '',
1052 'POPUP_PM_YES' => ( $popup_pm ) ? 'checked="checked"' : '',
1053 'POPUP_PM_NO' => ( !$popup_pm ) ? 'checked="checked"' : '',
1054 'ALWAYS_ADD_SIGNATURE_YES' => ( $attachsig ) ? 'checked="checked"' : '',
1055 'ALWAYS_ADD_SIGNATURE_NO' => ( !$attachsig ) ? 'checked="checked"' : '',
1056 'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
1057 'NOTIFY_REPLY_NO' => ( !$notifyreply ) ? 'checked="checked"' : '',
1058 'ALWAYS_ALLOW_BBCODE_YES' => ( $allowbbcode ) ? 'checked="checked"' : '',
1059 'ALWAYS_ALLOW_BBCODE_NO' => ( !$allowbbcode ) ? 'checked="checked"' : '',
1060 'ALWAYS_ALLOW_HTML_YES' => ( $allowhtml ) ? 'checked="checked"' : '',
1061 'ALWAYS_ALLOW_HTML_NO' => ( !$allowhtml ) ? 'checked="checked"' : '',
1062 'ALWAYS_ALLOW_SMILIES_YES' => ( $allowsmilies ) ? 'checked="checked"' : '',
1063 'ALWAYS_ALLOW_SMILIES_NO' => ( !$allowsmilies ) ? 'checked="checked"' : '',
1064 'ALLOW_AVATAR' => $board_config['allow_avatar_upload'],
1065 'AVATAR' => $avatar_img,
1066 'AVATAR_SIZE' => $board_config['avatar_filesize'],
1067 'LANGUAGE_SELECT' => language_select($user_lang, 'language'),
1068 'STYLE_SELECT' => style_select($user_style, 'style'),
1069 'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'),
1070 'DATE_FORMAT' => $user_dateformat,
1071 'HTML_STATUS' => $html_status,
1072 'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
1073 'SMILIES_STATUS' => $smilies_status,
1074
1075 'L_CURRENT_PASSWORD' => $lang['Current_password'],
1076 'L_NEW_PASSWORD' => ( $mode == 'register' ) ? $lang['Password'] : $lang['New_password'],
1077 'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
1078 'L_CONFIRM_PASSWORD_EXPLAIN' => ( $mode == 'editprofile' ) ? $lang['Confirm_password_explain'] : '',
1079 'L_PASSWORD_IF_CHANGED' => ( $mode == 'editprofile' ) ? $lang['password_if_changed'] : '',
1080 'L_PASSWORD_CONFIRM_IF_CHANGED' => ( $mode == 'editprofile' ) ? $lang['password_confirm_if_changed'] : '',
1081 'L_SUBMIT' => $lang['Submit'],
1082 'L_RESET' => $lang['Reset'],
1083 'L_ICQ_NUMBER' => $lang['ICQ'],
1084 'L_MESSENGER' => $lang['MSNM'],
1085 'L_YAHOO' => $lang['YIM'],
1086 'L_WEBSITE' => $lang['Website'],
1087 'L_AIM' => $lang['AIM'],
1088 'L_LOCATION' => $lang['Location'],
1089 'L_OCCUPATION' => $lang['Occupation'],
1090 'L_BOARD_LANGUAGE' => $lang['Board_lang'],
1091 'L_BOARD_STYLE' => $lang['Board_style'],
1092 'L_TIMEZONE' => $lang['Timezone'],
1093 'L_DATE_FORMAT' => $lang['Date_format'],
1094 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'],
1095 'L_YES' => $lang['Yes'],
1096 'L_NO' => $lang['No'],
1097 'L_INTERESTS' => $lang['Interests'],
1098 'L_ALWAYS_ALLOW_SMILIES' => $lang['Always_smile'],
1099 'L_ALWAYS_ALLOW_BBCODE' => $lang['Always_bbcode'],
1100 'L_ALWAYS_ALLOW_HTML' => $lang['Always_html'],
1101 'L_HIDE_USER' => $lang['Hide_user'],
1102 'L_ALWAYS_ADD_SIGNATURE' => $lang['Always_add_sig'],
1103
1104 'L_AVATAR_PANEL' => $lang['Avatar_panel'],
1105 'L_AVATAR_EXPLAIN' => sprintf($lang['Avatar_explain'], $board_config['avatar_max_width'], $board_config['avatar_max_height'], (round($board_config['avatar_filesize'] / 1024))),
1106 'L_UPLOAD_AVATAR_FILE' => $lang['Upload_Avatar_file'],
1107 'L_UPLOAD_AVATAR_URL' => $lang['Upload_Avatar_URL'],
1108 'L_UPLOAD_AVATAR_URL_EXPLAIN' => $lang['Upload_Avatar_URL_explain'],
1109 'L_AVATAR_GALLERY' => $lang['Select_from_gallery'],
1110 'L_SHOW_GALLERY' => $lang['View_avatar_gallery'],
1111 'L_LINK_REMOTE_AVATAR' => $lang['Link_remote_Avatar'],
1112 'L_LINK_REMOTE_AVATAR_EXPLAIN' => $lang['Link_remote_Avatar_explain'],
1113 'L_DELETE_AVATAR' => $lang['Delete_Image'],
1114 'L_CURRENT_IMAGE' => $lang['Current_Image'],
1115
1116 'L_SIGNATURE' => $lang['Signature'],
1117 'L_SIGNATURE_EXPLAIN' => sprintf($lang['Signature_explain'], $board_config['max_sig_chars']),
1118 'L_NOTIFY_ON_REPLY' => $lang['Always_notify'],
1119 'L_NOTIFY_ON_REPLY_EXPLAIN' => $lang['Always_notify_explain'],
1120 'L_NOTIFY_ON_PRIVMSG' => $lang['Notify_on_privmsg'],
1121 'L_POPUP_ON_PRIVMSG' => $lang['Popup_on_privmsg'],
1122 'L_POPUP_ON_PRIVMSG_EXPLAIN' => $lang['Popup_on_privmsg_explain'],
1123 'L_PREFERENCES' => $lang['Preferences'],
1124 'L_PUBLIC_VIEW_EMAIL' => $lang['Public_view_email'],
1125 'L_ITEMS_REQUIRED' => $lang['Items_required'],
1126 'L_REGISTRATION_INFO' => $lang['Registration_info'],
1127 'L_PROFILE_INFO' => $lang['Profile_info'],
1128 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
1129 'L_EMAIL_ADDRESS' => $lang['Email_address'],
1130
1131 'L_CONFIRM_CODE_IMPAIRED' => sprintf($lang['Confirm_code_impaired'], '<a href="mailto:' . $board_config['board_email'] . '">', '</a>'),
1132 'L_CONFIRM_CODE' => $lang['Confirm_code'],
1133 'L_CONFIRM_CODE_EXPLAIN' => $lang['Confirm_code_explain'],
1134
1135 'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
1136 'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
1137 'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'],
1138 'S_HIDDEN_FIELDS' => $s_hidden_fields,
1139 'S_FORM_ENCTYPE' => $form_enctype,
1140 'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
1141 );
1142
1143 //
1144 // This is another cheat using the block_var capability
1145 // of the templates to 'fake' an IF...ELSE...ENDIF solution
1146 // it works well :)
1147 //
1148 if ( $mode != 'register' )
1149 {
1150 if ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) )
1151 {
1152 $template->assign_block_vars('switch_avatar_block', array() );
1153
1154 if ( $board_config['allow_avatar_upload'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_path'])) )
1155 {
1156 if ( $form_enctype != '' )
1157 {
1158 $template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array() );
1159 }
1160 $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array() );
1161 }
1162
1163 if ( $board_config['allow_avatar_remote'] )
1164 {
1165 $template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array() );
1166 }
1167
1168 if ( $board_config['allow_avatar_local'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_gallery_path'])) )
1169 {
1170 $template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array() );
1171 }
1172 }
1173 }
1174 }
1175
1176 $template->pparse('body');
1177
1178 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
1179
1180 ?>