Verzeichnisstruktur phpBB-3.0.0
- Veröffentlicht
- 12.12.2007
So funktioniert es
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
acp_users.php
0001 <?php
0002 /**
0003 *
0004 * @package acp
0005 * @version $Id$
0006 * @copyright (c) 2005 phpBB Group
0007 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
0008 *
0009 */
0010
0011 /**
0012 * @ignore
0013 */
0014 if (!defined('IN_PHPBB'))
0015 {
0016 exit;
0017 }
0018
0019 /**
0020 * @package acp
0021 */
0022 class acp_users
0023 {
0024 var $u_action;
0025 var $p_master;
0026
0027 function acp_users(&$p_master)
0028 {
0029 $this->p_master = &$p_master;
0030 }
0031
0032 function main($id, $mode)
0033 {
0034 global $config, $db, $user, $auth, $template, $cache;
0035 global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
0036
0037 $user->add_lang(array('posting', 'ucp', 'acp/users'));
0038 $this->tpl_name = 'acp_users';
0039 $this->page_title = 'ACP_USER_' . strtoupper($mode);
0040
0041 $error = array();
0042 $username = utf8_normalize_nfc(request_var('username', '', true));
0043 $user_id = request_var('u', 0);
0044 $action = request_var('action', '');
0045
0046 $submit = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
0047
0048 $form_name = 'acp_users';
0049 add_form_key($form_name);
0050
0051 // Whois (special case)
0052 if ($action == 'whois')
0053 {
0054 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0055
0056 $this->page_title = 'WHOIS';
0057 $this->tpl_name = 'simple_body';
0058
0059 $user_ip = request_var('user_ip', '');
0060 $domain = gethostbyaddr($user_ip);
0061 $ipwhois = user_ipwhois($user_ip);
0062
0063 $template->assign_vars(array(
0064 'MESSAGE_TITLE' => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
0065 'MESSAGE_TEXT' => nl2br($ipwhois))
0066 );
0067
0068 return;
0069 }
0070
0071 // Show user selection mask
0072 if (!$username && !$user_id)
0073 {
0074 $this->page_title = 'SELECT_USER';
0075
0076 $template->assign_vars(array(
0077 'U_ACTION' => $this->u_action,
0078 'ANONYMOUS_USER_ID' => ANONYMOUS,
0079
0080 'S_SELECT_USER' => true,
0081 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username&select_single=true'),
0082 ));
0083
0084 return;
0085 }
0086
0087 if (!$user_id)
0088 {
0089 $sql = 'SELECT user_id
0090 FROM ' . USERS_TABLE . "
0091 WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
0092 $result = $db->sql_query($sql);
0093 $user_id = (int) $db->sql_fetchfield('user_id');
0094 $db->sql_freeresult($result);
0095
0096 if (!$user_id)
0097 {
0098 trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0099 }
0100 }
0101
0102 // Generate content for all modes
0103 $sql = 'SELECT u.*, s.*
0104 FROM ' . USERS_TABLE . ' u
0105 LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
0106 WHERE u.user_id = ' . $user_id . '
0107 ORDER BY s.session_time DESC';
0108 $result = $db->sql_query($sql);
0109 $user_row = $db->sql_fetchrow($result);
0110 $db->sql_freeresult($result);
0111
0112 if (!$user_row)
0113 {
0114 trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0115 }
0116
0117 // Generate overall "header" for user admin
0118 $s_form_options = '';
0119
0120 // Build modes dropdown list
0121 $sql = 'SELECT module_mode, module_auth
0122 FROM ' . MODULES_TABLE . "
0123 WHERE module_basename = 'users'
0124 AND module_enabled = 1
0125 AND module_class = 'acp'
0126 ORDER BY left_id, module_mode";
0127 $result = $db->sql_query($sql);
0128
0129 $dropdown_modes = array();
0130 while ($row = $db->sql_fetchrow($result))
0131 {
0132 if (!$this->p_master->module_auth($row['module_auth']))
0133 {
0134 continue;
0135 }
0136
0137 $dropdown_modes[$row['module_mode']] = true;
0138 }
0139 $db->sql_freeresult($result);
0140
0141 foreach ($dropdown_modes as $module_mode => $null)
0142 {
0143 $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
0144 $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
0145 }
0146
0147 $template->assign_vars(array(
0148 'U_BACK' => $this->u_action,
0149 'U_MODE_SELECT' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&u=$user_id"),
0150 'U_ACTION' => $this->u_action . '&u=' . $user_id,
0151 'S_FORM_OPTIONS' => $s_form_options,
0152 'MANAGED_USERNAME' => $user_row['username'])
0153 );
0154
0155 // Prevent normal users/admins change/view founders if they are not a founder by themselves
0156 if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
0157 {
0158 trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
0159 }
0160
0161 switch ($mode)
0162 {
0163 case 'overview':
0164
0165 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0166
0167 $user->add_lang('acp/ban');
0168
0169 $delete = request_var('delete', 0);
0170 $delete_type = request_var('delete_type', '');
0171 $ip = request_var('ip', 'ip');
0172
0173 if ($submit)
0174 {
0175 // You can't delete the founder
0176 if ($delete && $user_row['user_type'] != USER_FOUNDER)
0177 {
0178 if (!$auth->acl_get('a_userdel'))
0179 {
0180 trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0181 }
0182
0183 // Check if the user wants to remove himself or the guest user account
0184 if ($user_id == ANONYMOUS)
0185 {
0186 trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0187 }
0188
0189 if ($user_id == $user->data['user_id'])
0190 {
0191 trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0192 }
0193
0194 if (confirm_box(true))
0195 {
0196 user_delete($delete_type, $user_id, $user_row['username']);
0197
0198 add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
0199 trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
0200 }
0201 else
0202 {
0203 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0204 'u' => $user_id,
0205 'i' => $id,
0206 'mode' => $mode,
0207 'action' => $action,
0208 'update' => true,
0209 'delete' => 1,
0210 'delete_type' => $delete_type))
0211 );
0212 }
0213 }
0214
0215 // Handle quicktool actions
0216 switch ($action)
0217 {
0218 case 'banuser':
0219 case 'banemail':
0220 case 'banip':
0221
0222 if ($user_id == $user->data['user_id'])
0223 {
0224 trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0225 }
0226
0227 if ($user_row['user_type'] == USER_FOUNDER)
0228 {
0229 trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0230 }
0231
0232 if (!check_form_key($form_name))
0233 {
0234 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0235 }
0236
0237 $ban = array();
0238
0239 switch ($action)
0240 {
0241 case 'banuser':
0242 $ban[] = $user_row['username'];
0243 $reason = 'USER_ADMIN_BAN_NAME_REASON';
0244 $log = 'LOG_USER_BAN_USER';
0245 break;
0246
0247 case 'banemail':
0248 $ban[] = $user_row['user_email'];
0249 $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
0250 $log = 'LOG_USER_BAN_EMAIL';
0251 break;
0252
0253 case 'banip':
0254 $ban[] = $user_row['user_ip'];
0255
0256 $sql = 'SELECT DISTINCT poster_ip
0257 FROM ' . POSTS_TABLE . "
0258 WHERE poster_id = $user_id";
0259 $result = $db->sql_query($sql);
0260
0261 while ($row = $db->sql_fetchrow($result))
0262 {
0263 $ban[] = $row['poster_ip'];
0264 }
0265 $db->sql_freeresult($result);
0266
0267 $reason = 'USER_ADMIN_BAN_IP_REASON';
0268 $log = 'LOG_USER_BAN_IP';
0269 break;
0270 }
0271
0272 $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
0273 $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
0274
0275 // Log not used at the moment, we simply utilize the ban function.
0276 $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
0277
0278 trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&u=' . $user_id));
0279
0280 break;
0281
0282 case 'reactivate':
0283
0284 if ($user_id == $user->data['user_id'])
0285 {
0286 trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0287 }
0288
0289 if (!check_form_key($form_name))
0290 {
0291 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0292 }
0293
0294 if ($user_row['user_type'] == USER_FOUNDER)
0295 {
0296 trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0297 }
0298
0299 if ($user_row['user_type'] == USER_IGNORE)
0300 {
0301 trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0302 }
0303
0304 if ($config['email_enable'])
0305 {
0306 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
0307
0308 $server_url = generate_board_url();
0309
0310 $user_actkey = gen_rand_string(10);
0311 $key_len = 54 - (strlen($server_url));
0312 $key_len = ($key_len > 6) ? $key_len : 6;
0313 $user_actkey = substr($user_actkey, 0, $key_len);
0314 $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
0315
0316 if ($user_row['user_type'] == USER_NORMAL)
0317 {
0318 user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
0319
0320 $sql = 'UPDATE ' . USERS_TABLE . "
0321 SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
0322 WHERE user_id = $user_id";
0323 $db->sql_query($sql);
0324 }
0325 else
0326 {
0327 // Grabbing the last confirm key - we only send a reminder
0328 $sql = 'SELECT user_actkey
0329 FROM ' . USERS_TABLE . '
0330 WHERE user_id = ' . $user_id;
0331 $result = $db->sql_query($sql);
0332 $user_actkey = (string) $db->sql_fetchfield('user_actkey');
0333 $db->sql_freeresult($result);
0334 }
0335
0336 $messenger = new messenger(false);
0337
0338 $messenger->template($email_template, $user_row['user_lang']);
0339
0340 $messenger->to($user_row['user_email'], $user_row['username']);
0341
0342 $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
0343 $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
0344 $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
0345 $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
0346
0347 $messenger->assign_vars(array(
0348 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
0349 'USERNAME' => htmlspecialchars_decode($user_row['username']),
0350 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
0351 );
0352
0353 $messenger->send(NOTIFY_EMAIL);
0354
0355 add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
0356 add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
0357
0358 trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&u=' . $user_id));
0359 }
0360
0361 break;
0362
0363 case 'active':
0364
0365 if ($user_id == $user->data['user_id'])
0366 {
0367 // It is only deactivation since the user is already activated (else he would not have reached this page)
0368 trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0369 }
0370
0371 if (!check_form_key($form_name))
0372 {
0373 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0374 }
0375
0376 if ($user_row['user_type'] == USER_FOUNDER)
0377 {
0378 trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0379 }
0380
0381 if ($user_row['user_type'] == USER_IGNORE)
0382 {
0383 trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0384 }
0385
0386 user_active_flip('flip', $user_id);
0387
0388 $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
0389 $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
0390
0391 add_log('admin', $log, $user_row['username']);
0392 add_log('user', $user_id, $log . '_USER');
0393
0394 trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id));
0395
0396 break;
0397
0398 case 'delsig':
0399
0400 if (!check_form_key($form_name))
0401 {
0402 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0403 }
0404
0405 $sql_ary = array(
0406 'user_sig' => '',
0407 'user_sig_bbcode_uid' => '',
0408 'user_sig_bbcode_bitfield' => ''
0409 );
0410
0411 $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
0412 WHERE user_id = $user_id";
0413 $db->sql_query($sql);
0414
0415 add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
0416 add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
0417
0418 trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0419
0420 break;
0421
0422 case 'delavatar':
0423
0424 if (!check_form_key($form_name))
0425 {
0426 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0427 }
0428
0429 $sql_ary = array(
0430 'user_avatar' => '',
0431 'user_avatar_type' => 0,
0432 'user_avatar_width' => 0,
0433 'user_avatar_height' => 0,
0434 );
0435
0436 $sql = 'UPDATE ' . USERS_TABLE . '
0437 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
0438 WHERE user_id = $user_id";
0439 $db->sql_query($sql);
0440
0441 // Delete old avatar if present
0442 if ($user_row['user_avatar'] && $user_row['user_avatar_type'] != AVATAR_GALLERY)
0443 {
0444 avatar_delete('user', $user_row);
0445 }
0446
0447 add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
0448 add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
0449
0450 trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0451 break;
0452
0453 case 'delposts':
0454
0455 if (confirm_box(true))
0456 {
0457 // Delete posts, attachments, etc.
0458 delete_posts('poster_id', $user_id);
0459
0460 add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
0461 trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0462 }
0463 else
0464 {
0465 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0466 'u' => $user_id,
0467 'i' => $id,
0468 'mode' => $mode,
0469 'action' => $action,
0470 'update' => true))
0471 );
0472 }
0473
0474 break;
0475
0476 case 'delattach':
0477
0478 if (confirm_box(true))
0479 {
0480 delete_attachments('user', $user_id);
0481
0482 add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
0483 trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0484 }
0485 else
0486 {
0487 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0488 'u' => $user_id,
0489 'i' => $id,
0490 'mode' => $mode,
0491 'action' => $action,
0492 'update' => true))
0493 );
0494 }
0495
0496 break;
0497
0498 case 'moveposts':
0499
0500 if (!check_form_key($form_name))
0501 {
0502 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0503 }
0504
0505 $user->add_lang('acp/forums');
0506
0507 $new_forum_id = request_var('new_f', 0);
0508
0509 if (!$new_forum_id)
0510 {
0511 $this->page_title = 'USER_ADMIN_MOVE_POSTS';
0512
0513 $template->assign_vars(array(
0514 'S_SELECT_FORUM' => true,
0515 'U_ACTION' => $this->u_action . "&action=$action&u=$user_id",
0516 'U_BACK' => $this->u_action . "&u=$user_id",
0517 'S_FORUM_OPTIONS' => make_forum_select(false, false, false, true))
0518 );
0519
0520 return;
0521 }
0522
0523 // Is the new forum postable to?
0524 $sql = 'SELECT forum_name, forum_type
0525 FROM ' . FORUMS_TABLE . "
0526 WHERE forum_id = $new_forum_id";
0527 $result = $db->sql_query($sql);
0528 $forum_info = $db->sql_fetchrow($result);
0529 $db->sql_freeresult($result);
0530
0531 if (!$forum_info)
0532 {
0533 trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0534 }
0535
0536 if ($forum_info['forum_type'] != FORUM_POST)
0537 {
0538 trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0539 }
0540
0541 // Two stage?
0542 // Move topics comprising only posts from this user
0543 $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
0544 $forum_id_ary = array($new_forum_id);
0545
0546 $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts
0547 FROM ' . POSTS_TABLE . "
0548 WHERE poster_id = $user_id
0549 AND forum_id <> $new_forum_id
0550 GROUP BY topic_id";
0551 $result = $db->sql_query($sql);
0552
0553 while ($row = $db->sql_fetchrow($result))
0554 {
0555 $topic_id_ary[$row['topic_id']] = $row['total_posts'];
0556 }
0557 $db->sql_freeresult($result);
0558
0559 if (sizeof($topic_id_ary))
0560 {
0561 $sql = 'SELECT topic_id, forum_id, topic_title, topic_replies, topic_replies_real, topic_attachment
0562 FROM ' . TOPICS_TABLE . '
0563 WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
0564 $result = $db->sql_query($sql);
0565
0566 while ($row = $db->sql_fetchrow($result))
0567 {
0568 if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']])
0569 {
0570 $move_topic_ary[] = $row['topic_id'];
0571 }
0572 else
0573 {
0574 $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
0575 $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
0576 }
0577
0578 $forum_id_ary[] = $row['forum_id'];
0579 }
0580 $db->sql_freeresult($result);
0581 }
0582
0583 // Entire topic comprises posts by this user, move these topics
0584 if (sizeof($move_topic_ary))
0585 {
0586 move_topics($move_topic_ary, $new_forum_id, false);
0587 }
0588
0589 if (sizeof($move_post_ary))
0590 {
0591 // Create new topic
0592 // Update post_ids, report_ids, attachment_ids
0593 foreach ($move_post_ary as $topic_id => $post_ary)
0594 {
0595 // Create new topic
0596 $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
0597 'topic_poster' => $user_id,
0598 'topic_time' => time(),
0599 'forum_id' => $new_forum_id,
0600 'icon_id' => 0,
0601 'topic_approved' => 1,
0602 'topic_title' => $post_ary['title'],
0603 'topic_first_poster_name' => $user_row['username'],
0604 'topic_type' => POST_NORMAL,
0605 'topic_time_limit' => 0,
0606 'topic_attachment' => $post_ary['attach'])
0607 );
0608 $db->sql_query($sql);
0609
0610 $new_topic_id = $db->sql_nextid();
0611
0612 // Move posts
0613 $sql = 'UPDATE ' . POSTS_TABLE . "
0614 SET forum_id = $new_forum_id, topic_id = $new_topic_id
0615 WHERE topic_id = $topic_id
0616 AND poster_id = $user_id";
0617 $db->sql_query($sql);
0618
0619 if ($post_ary['attach'])
0620 {
0621 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
0622 SET topic_id = $new_topic_id
0623 WHERE topic_id = $topic_id
0624 AND poster_id = $user_id";
0625 $db->sql_query($sql);
0626 }
0627
0628 $new_topic_id_ary[] = $new_topic_id;
0629 }
0630 }
0631
0632 $forum_id_ary = array_unique($forum_id_ary);
0633 $topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary));
0634
0635 if (sizeof($topic_id_ary))
0636 {
0637 sync('reported', 'topic_id', $topic_id_ary);
0638 sync('topic', 'topic_id', $topic_id_ary);
0639 }
0640
0641 if (sizeof($forum_id_ary))
0642 {
0643 sync('forum', 'forum_id', $forum_id_ary, false, true);
0644 }
0645
0646
0647 add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
0648 add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
0649
0650 trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0651
0652 break;
0653 }
0654
0655 // Handle registration info updates
0656 $data = array(
0657 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
0658 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
0659 'email' => strtolower(request_var('user_email', $user_row['user_email'])),
0660 'email_confirm' => strtolower(request_var('email_confirm', '')),
0661 'new_password' => request_var('new_password', '', true),
0662 'password_confirm' => request_var('password_confirm', '', true),
0663 );
0664
0665 // Validation data - we do not check the password complexity setting here
0666 $check_ary = array(
0667 'new_password' => array(
0668 array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0669 array('password')),
0670 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0671 );
0672
0673 // Check username if altered
0674 if ($data['username'] != $user_row['username'])
0675 {
0676 $check_ary += array(
0677 'username' => array(
0678 array('string', false, $config['min_name_chars'], $config['max_name_chars']),
0679 array('username', $user_row['username'])
0680 ),
0681 );
0682 }
0683
0684 // Check email if altered
0685 if ($data['email'] != $user_row['user_email'])
0686 {
0687 $check_ary += array(
0688 'email' => array(
0689 array('string', false, 6, 60),
0690 array('email', $user_row['user_email'])
0691 ),
0692 'email_confirm' => array('string', true, 6, 60)
0693 );
0694 }
0695
0696 $error = validate_data($data, $check_ary);
0697
0698 if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
0699 {
0700 $error[] = 'NEW_PASSWORD_ERROR';
0701 }
0702
0703 if ($data['email'] != $user_row['user_email'] && $data['email_confirm'] != $data['email'])
0704 {
0705 $error[] = 'NEW_EMAIL_ERROR';
0706 }
0707
0708 if (!check_form_key($form_name))
0709 {
0710 $error[] = 'FORM_INVALID';
0711 }
0712
0713 // Which updates do we need to do?
0714 $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
0715 $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
0716 $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
0717
0718 if (!sizeof($error))
0719 {
0720 $sql_ary = array();
0721
0722 if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
0723 {
0724 // Only allow founders updating the founder status...
0725 if ($user->data['user_type'] == USER_FOUNDER)
0726 {
0727 // Setting a normal member to be a founder
0728 if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
0729 {
0730 // Make sure the user is not setting an Inactive or ignored user to be a founder
0731 if ($user_row['user_type'] == USER_IGNORE)
0732 {
0733 trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0734 }
0735
0736 if ($user_row['user_type'] == USER_INACTIVE)
0737 {
0738 trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0739 }
0740
0741 $sql_ary['user_type'] = USER_FOUNDER;
0742 }
0743 else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
0744 {
0745 // Check if at least one founder is present
0746 $sql = 'SELECT user_id
0747 FROM ' . USERS_TABLE . '
0748 WHERE user_type = ' . USER_FOUNDER . '
0749 AND user_id <> ' . $user_id;
0750 $result = $db->sql_query_limit($sql, 1);
0751 $row = $db->sql_fetchrow($result);
0752 $db->sql_freeresult($result);
0753
0754 if ($row)
0755 {
0756 $sql_ary['user_type'] = USER_NORMAL;
0757 }
0758 else
0759 {
0760 trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0761 }
0762 }
0763 }
0764 }
0765
0766 if ($update_username !== false)
0767 {
0768 $sql_ary['username'] = $update_username;
0769 $sql_ary['username_clean'] = utf8_clean_string($update_username);
0770
0771 add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
0772 }
0773
0774 if ($update_email !== false)
0775 {
0776 $sql_ary += array(
0777 'user_email' => $update_email,
0778 'user_email_hash' => crc32($update_email) . strlen($update_email)
0779 );
0780
0781 add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
0782 }
0783
0784 if ($update_password)
0785 {
0786 $sql_ary += array(
0787 'user_password' => phpbb_hash($data['new_password']),
0788 'user_passchg' => time(),
0789 'user_pass_convert' => 0,
0790 );
0791
0792 $user->reset_login_keys($user_id);
0793 add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
0794 }
0795
0796 if (sizeof($sql_ary))
0797 {
0798 $sql = 'UPDATE ' . USERS_TABLE . '
0799 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
0800 WHERE user_id = ' . $user_id;
0801 $db->sql_query($sql);
0802 }
0803
0804 if ($update_username)
0805 {
0806 user_update_name($user_row['username'], $update_username);
0807 }
0808
0809 // Let the users permissions being updated
0810 $auth->acl_clear_prefetch($user_id);
0811
0812 add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
0813
0814 trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0815 }
0816
0817 // Replace "error" strings with their real, localised form
0818 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
0819 }
0820
0821 if ($user_id == $user->data['user_id'])
0822 {
0823 $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
0824 }
0825 else
0826 {
0827 $quick_tool_ary = array();
0828
0829 if ($user_row['user_type'] != USER_FOUNDER)
0830 {
0831 $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
0832 }
0833
0834 if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
0835 {
0836 $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
0837 }
0838
0839 $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
0840
0841 if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
0842 {
0843 $quick_tool_ary['reactivate'] = 'FORCE';
0844 }
0845 }
0846
0847 $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
0848 foreach ($quick_tool_ary as $value => $lang)
0849 {
0850 $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
0851 }
0852
0853 if ($config['load_onlinetrack'])
0854 {
0855 $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
0856 FROM ' . SESSIONS_TABLE . "
0857 WHERE session_user_id = $user_id";
0858 $result = $db->sql_query($sql);
0859 $row = $db->sql_fetchrow($result);
0860 $db->sql_freeresult($result);
0861
0862 $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
0863 $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
0864 unset($row);
0865 }
0866
0867 $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
0868
0869 $inactive_reason = '';
0870 if ($user_row['user_type'] == USER_INACTIVE)
0871 {
0872 $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
0873
0874 switch ($user_row['user_inactive_reason'])
0875 {
0876 case INACTIVE_REGISTER:
0877 $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
0878 break;
0879
0880 case INACTIVE_PROFILE:
0881 $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
0882 break;
0883
0884 case INACTIVE_MANUAL:
0885 $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
0886 break;
0887
0888 case INACTIVE_REMIND:
0889 $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
0890 break;
0891 }
0892 }
0893
0894 $template->assign_vars(array(
0895 'L_NAME_CHARS_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
0896 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
0897 'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
0898
0899 'S_OVERVIEW' => true,
0900 'S_USER_IP' => ($user_row['user_ip']) ? true : false,
0901 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
0902 'S_ACTION_OPTIONS' => $s_action_options,
0903 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false,
0904 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
0905
0906 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
0907 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}",
0908
0909 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_row['user_id']}") : '',
0910
0911 'USER' => $user_row['username'],
0912 'USER_REGISTERED' => $user->format_date($user_row['user_regdate']),
0913 'REGISTERED_IP' => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
0914 'USER_LASTACTIVE' => ($last_visit) ? $user->format_date($last_visit) : ' - ',
0915 'USER_EMAIL' => $user_row['user_email'],
0916 'USER_WARNINGS' => $user_row['user_warnings'],
0917 'USER_POSTS' => $user_row['user_posts'],
0918 'USER_INACTIVE_REASON' => $inactive_reason,
0919 ));
0920
0921 break;
0922
0923 case 'feedback':
0924
0925 $user->add_lang('mcp');
0926
0927 // Set up general vars
0928 $start = request_var('start', 0);
0929 $deletemark = (isset($_POST['delmarked'])) ? true : false;
0930 $deleteall = (isset($_POST['delall'])) ? true : false;
0931 $marked = request_var('mark', array(0));
0932 $message = utf8_normalize_nfc(request_var('message', '', true));
0933
0934 // Sort keys
0935 $sort_days = request_var('st', 0);
0936 $sort_key = request_var('sk', 't');
0937 $sort_dir = request_var('sd', 'd');
0938
0939 // Delete entries if requested and able
0940 if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
0941 {
0942 if (!check_form_key($form_name))
0943 {
0944 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0945 }
0946
0947 $where_sql = '';
0948 if ($deletemark && $marked)
0949 {
0950 $sql_in = array();
0951 foreach ($marked as $mark)
0952 {
0953 $sql_in[] = $mark;
0954 }
0955 $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
0956 unset($sql_in);
0957 }
0958
0959 if ($where_sql || $deleteall)
0960 {
0961 $sql = 'DELETE FROM ' . LOG_TABLE . '
0962 WHERE log_type = ' . LOG_USERS . "
0963 $where_sql";
0964 $db->sql_query($sql);
0965
0966 add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
0967 }
0968 }
0969
0970 if ($submit && $message)
0971 {
0972 if (!check_form_key($form_name))
0973 {
0974 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0975 }
0976
0977 add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
0978 add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
0979 add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
0980
0981 trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0982 }
0983
0984 // Sorting
0985 $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
0986 $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
0987 $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
0988
0989 $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
0990 gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
0991
0992 // Define where and sort sql for use in displaying logs
0993 $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
0994 $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
0995
0996 // Grab log data
0997 $log_data = array();
0998 $log_count = 0;
0999 view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
1000
1001 $template->assign_vars(array(
1002 'S_FEEDBACK' => true,
1003 'S_ON_PAGE' => on_page($log_count, $config['topics_per_page'], $start),
1004 'PAGINATION' => generate_pagination($this->u_action . "&u=$user_id&$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
1005
1006 'S_LIMIT_DAYS' => $s_limit_days,
1007 'S_SORT_KEY' => $s_sort_key,
1008 'S_SORT_DIR' => $s_sort_dir,
1009 'S_CLEARLOGS' => $auth->acl_get('a_clearlogs'))
1010 );
1011
1012 foreach ($log_data as $row)
1013 {
1014 $template->assign_block_vars('log', array(
1015 'USERNAME' => $row['username_full'],
1016 'IP' => $row['ip'],
1017 'DATE' => $user->format_date($row['time']),
1018 'ACTION' => nl2br($row['action']),
1019 'ID' => $row['id'])
1020 );
1021 }
1022
1023 break;
1024
1025 case 'profile':
1026
1027 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1028 include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
1029
1030 $cp = new custom_profile();
1031
1032 $cp_data = $cp_error = array();
1033
1034 $sql = 'SELECT lang_id
1035 FROM ' . LANG_TABLE . "
1036 WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
1037 $result = $db->sql_query($sql);
1038 $row = $db->sql_fetchrow($result);
1039 $db->sql_freeresult($result);
1040
1041 $user_row['iso_lang_id'] = $row['lang_id'];
1042
1043 $data = array(
1044 'icq' => request_var('icq', $user_row['user_icq']),
1045 'aim' => request_var('aim', $user_row['user_aim']),
1046 'msn' => request_var('msn', $user_row['user_msnm']),
1047 'yim' => request_var('yim', $user_row['user_yim']),
1048 'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
1049 'website' => request_var('website', $user_row['user_website']),
1050 'location' => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
1051 'occupation' => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
1052 'interests' => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
1053 'bday_day' => 0,
1054 'bday_month' => 0,
1055 'bday_year' => 0,
1056 );
1057
1058 if ($user_row['user_birthday'])
1059 {
1060 list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
1061 }
1062
1063 $data['bday_day'] = request_var('bday_day', $data['bday_day']);
1064 $data['bday_month'] = request_var('bday_month', $data['bday_month']);
1065 $data['bday_year'] = request_var('bday_year', $data['bday_year']);
1066
1067 if ($submit)
1068 {
1069 $error = validate_data($data, array(
1070 'icq' => array(
1071 array('string', true, 3, 15),
1072 array('match', true, '#^[0-9]+$#i')),
1073 'aim' => array('string', true, 3, 255),
1074 'msn' => array('string', true, 5, 255),
1075 'jabber' => array(
1076 array('string', true, 5, 255),
1077 array('jabber')),
1078 'yim' => array('string', true, 5, 255),
1079 'website' => array(
1080 array('string', true, 12, 255),
1081 array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
1082 'location' => array('string', true, 2, 255),
1083 'occupation' => array('string', true, 2, 500),
1084 'interests' => array('string', true, 2, 500),
1085 'bday_day' => array('num', true, 1, 31),
1086 'bday_month' => array('num', true, 1, 12),
1087 'bday_year' => array('num', true, 1901, gmdate('Y', time())),
1088 ));
1089
1090 // validate custom profile fields
1091 $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
1092
1093 if (sizeof($cp_error))
1094 {
1095 $error = array_merge($error, $cp_error);
1096 }
1097 if (!check_form_key($form_name))
1098 {
1099 $error[] = 'FORM_INVALID';
1100 }
1101
1102 if (!sizeof($error))
1103 {
1104 $sql_ary = array(
1105 'user_icq' => $data['icq'],
1106 'user_aim' => $data['aim'],
1107 'user_msnm' => $data['msn'],
1108 'user_yim' => $data['yim'],
1109 'user_jabber' => $data['jabber'],
1110 'user_website' => $data['website'],
1111 'user_from' => $data['location'],
1112 'user_occ' => $data['occupation'],
1113 'user_interests'=> $data['interests'],
1114 'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
1115 );
1116
1117 $sql = 'UPDATE ' . USERS_TABLE . '
1118 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1119 WHERE user_id = $user_id";
1120 $db->sql_query($sql);
1121
1122 // Update Custom Fields
1123 if (sizeof($cp_data))
1124 {
1125 switch ($db->sql_layer)
1126 {
1127 case 'oracle':
1128 case 'firebird':
1129 case 'postgres':
1130 $right_delim = $left_delim = '"';
1131 break;
1132
1133 case 'sqlite':
1134 case 'mssql':
1135 case 'mssql_odbc':
1136 $right_delim = ']';
1137 $left_delim = '[';
1138 break;
1139
1140 case 'mysql':
1141 case 'mysql4':
1142 case 'mysqli':
1143 $right_delim = $left_delim = '`';
1144 break;
1145 }
1146
1147 foreach ($cp_data as $key => $value)
1148 {
1149 $cp_data[$left_delim . $key . $right_delim] = $value;
1150 unset($cp_data[$key]);
1151 }
1152
1153 $sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . '
1154 SET ' . $db->sql_build_array('UPDATE', $cp_data) . "
1155 WHERE user_id = $user_id";
1156 $db->sql_query($sql);
1157
1158 if (!$db->sql_affectedrows())
1159 {
1160 $cp_data['user_id'] = (int) $user_id;
1161
1162 $db->sql_return_on_error(true);
1163
1164 $sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $cp_data);
1165 $db->sql_query($sql);
1166
1167 $db->sql_return_on_error(false);
1168 }
1169 }
1170
1171 trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1172 }
1173
1174 // Replace "error" strings with their real, localised form
1175 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1176 }
1177
1178 $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
1179 for ($i = 1; $i < 32; $i++)
1180 {
1181 $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
1182 $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
1183 }
1184
1185 $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
1186 for ($i = 1; $i < 13; $i++)
1187 {
1188 $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
1189 $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
1190 }
1191 $s_birthday_year_options = '';
1192
1193 $now = getdate();
1194 $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
1195 for ($i = $now['year'] - 100; $i < $now['year']; $i++)
1196 {
1197 $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
1198 $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
1199 }
1200 unset($now);
1201
1202 $template->assign_vars(array(
1203 'ICQ' => $data['icq'],
1204 'YIM' => $data['yim'],
1205 'AIM' => $data['aim'],
1206 'MSN' => $data['msn'],
1207 'JABBER' => $data['jabber'],
1208 'WEBSITE' => $data['website'],
1209 'LOCATION' => $data['location'],
1210 'OCCUPATION' => $data['occupation'],
1211 'INTERESTS' => $data['interests'],
1212
1213 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
1214 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
1215 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
1216
1217 'S_PROFILE' => true)
1218 );
1219
1220 // Get additional profile fields and assign them to the template block var 'profile_fields'
1221 $user->get_profile_fields($user_id);
1222
1223 $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
1224
1225 break;
1226
1227 case 'prefs':
1228
1229 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1230
1231 $data = array(
1232 'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
1233 'lang' => basename(request_var('lang', $user_row['user_lang'])),
1234 'tz' => request_var('tz', (float) $user_row['user_timezone']),
1235 'style' => request_var('style', $user_row['user_style']),
1236 'dst' => request_var('dst', $user_row['user_dst']),
1237 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
1238 'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
1239 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
1240 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
1241 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
1242 'popuppm' => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
1243 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
1244
1245 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
1246 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
1247 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
1248
1249 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
1250 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
1251 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
1252
1253 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
1254 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
1255 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
1256 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
1257 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
1258 'view_wordcensor' => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
1259
1260 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
1261 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
1262 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
1263 'notify' => request_var('notify', $user_row['user_notify']),
1264 );
1265
1266 if ($submit)
1267 {
1268 $error = validate_data($data, array(
1269 'dateformat' => array('string', false, 1, 30),
1270 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
1271 'tz' => array('num', false, -14, 14),
1272
1273 'topic_sk' => array('string', false, 1, 1),
1274 'topic_sd' => array('string', false, 1, 1),
1275 'post_sk' => array('string', false, 1, 1),
1276 'post_sd' => array('string', false, 1, 1),
1277 ));
1278
1279 if (!check_form_key($form_name))
1280 {
1281 $error[] = 'FORM_INVALID';
1282 }
1283
1284 if (!sizeof($error))
1285 {
1286 $this->optionset($user_row, 'popuppm', $data['popuppm']);
1287 $this->optionset($user_row, 'viewimg', $data['view_images']);
1288 $this->optionset($user_row, 'viewflash', $data['view_flash']);
1289 $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
1290 $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
1291 $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
1292 $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
1293 $this->optionset($user_row, 'bbcode', $data['bbcode']);
1294 $this->optionset($user_row, 'smilies', $data['smilies']);
1295 $this->optionset($user_row, 'attachsig', $data['sig']);
1296
1297 $sql_ary = array(
1298 'user_options' => $user_row['user_options'],
1299
1300 'user_allow_pm' => $data['allowpm'],
1301 'user_allow_viewemail' => $data['viewemail'],
1302 'user_allow_massemail' => $data['massemail'],
1303 'user_allow_viewonline' => !$data['hideonline'],
1304 'user_notify_type' => $data['notifymethod'],
1305 'user_notify_pm' => $data['notifypm'],
1306
1307 'user_dst' => $data['dst'],
1308 'user_dateformat' => $data['dateformat'],
1309 'user_lang' => $data['lang'],
1310 'user_timezone' => $data['tz'],
1311 'user_style' => $data['style'],
1312
1313 'user_topic_sortby_type' => $data['topic_sk'],
1314 'user_post_sortby_type' => $data['post_sk'],
1315 'user_topic_sortby_dir' => $data['topic_sd'],
1316 'user_post_sortby_dir' => $data['post_sd'],
1317
1318 'user_topic_show_days' => $data['topic_st'],
1319 'user_post_show_days' => $data['post_st'],
1320
1321 'user_notify' => $data['notify'],
1322 );
1323
1324 $sql = 'UPDATE ' . USERS_TABLE . '
1325 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1326 WHERE user_id = $user_id";
1327 $db->sql_query($sql);
1328
1329 trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1330 }
1331
1332 // Replace "error" strings with their real, localised form
1333 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1334 }
1335
1336 $dateformat_options = '';
1337 foreach ($user->lang['dateformats'] as $format => $null)
1338 {
1339 $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
1340 $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
1341 $dateformat_options .= '</option>';
1342 }
1343
1344 $s_custom = false;
1345
1346 $dateformat_options .= '<option value="custom"';
1347 if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
1348 {
1349 $dateformat_options .= ' selected="selected"';
1350 $s_custom = true;
1351 }
1352 $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
1353
1354 $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1355
1356 // Topic ordering options
1357 $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1358 $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
1359
1360 // Post ordering options
1361 $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1362 $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
1363
1364 $_options = array('topic', 'post');
1365 foreach ($_options as $sort_option)
1366 {
1367 ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
1368 foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
1369 {
1370 $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
1371 ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
1372 }
1373 ${'s_limit_' . $sort_option . '_days'} .= '</select>';
1374
1375 ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
1376 foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
1377 {
1378 $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
1379 ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
1380 }
1381 ${'s_sort_' . $sort_option . '_key'} .= '</select>';
1382
1383 ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
1384 foreach ($sort_dir_text as $key => $value)
1385 {
1386 $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
1387 ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1388 }
1389 ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
1390 }
1391
1392 $template->assign_vars(array(
1393 'S_PREFS' => true,
1394 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
1395
1396 'VIEW_EMAIL' => $data['viewemail'],
1397 'MASS_EMAIL' => $data['massemail'],
1398 'ALLOW_PM' => $data['allowpm'],
1399 'HIDE_ONLINE' => $data['hideonline'],
1400 'NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
1401 'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
1402 'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
1403 'NOTIFY_PM' => $data['notifypm'],
1404 'POPUP_PM' => $data['popuppm'],
1405 'DST' => $data['dst'],
1406 'BBCODE' => $data['bbcode'],
1407 'SMILIES' => $data['smilies'],
1408 'ATTACH_SIG' => $data['sig'],
1409 'NOTIFY' => $data['notify'],
1410 'VIEW_IMAGES' => $data['view_images'],
1411 'VIEW_FLASH' => $data['view_flash'],
1412 'VIEW_SMILIES' => $data['view_smilies'],
1413 'VIEW_SIGS' => $data['view_sigs'],
1414 'VIEW_AVATARS' => $data['view_avatars'],
1415 'VIEW_WORDCENSOR' => $data['view_wordcensor'],
1416
1417 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
1418 'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
1419 'S_TOPIC_SORT_DIR' => $s_sort_topic_dir,
1420 'S_POST_SORT_DAYS' => $s_limit_post_days,
1421 'S_POST_SORT_KEY' => $s_sort_post_key,
1422 'S_POST_SORT_DIR' => $s_sort_post_dir,
1423
1424 'DATE_FORMAT' => $data['dateformat'],
1425 'S_DATEFORMAT_OPTIONS' => $dateformat_options,
1426 'S_CUSTOM_DATEFORMAT' => $s_custom,
1427 'DEFAULT_DATEFORMAT' => $config['default_dateformat'],
1428 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']),
1429
1430 'S_LANG_OPTIONS' => language_select($data['lang']),
1431 'S_STYLE_OPTIONS' => style_select($data['style']),
1432 'S_TZ_OPTIONS' => tz_select($data['tz'], true),
1433 )
1434 );
1435
1436 break;
1437
1438 case 'avatar':
1439
1440 include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1441 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1442
1443 $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
1444
1445 if ($submit)
1446 {
1447
1448 if (!check_form_key($form_name))
1449 {
1450 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1451 }
1452
1453 if (avatar_process_user($error, $user_row))
1454 {
1455 trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_row['user_id']));
1456 }
1457
1458 // Replace "error" strings with their real, localised form
1459 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1460 }
1461
1462 // Generate users avatar
1463 $avatar_img = ($user_row['user_avatar']) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
1464
1465 $display_gallery = (isset($_POST['display_gallery'])) ? true : false;
1466 $avatar_select = basename(request_var('avatar_select', ''));
1467 $category = basename(request_var('category', ''));
1468
1469 if ($config['allow_avatar_local'] && $display_gallery)
1470 {
1471 avatar_gallery($category, $avatar_select, 4);
1472 }
1473
1474 $template->assign_vars(array(
1475 'S_AVATAR' => true,
1476 'S_CAN_UPLOAD' => ($can_upload && $config['allow_avatar_upload']) ? true : false,
1477 'S_ALLOW_REMOTE' => ($config['allow_avatar_remote']) ? true : false,
1478 'S_DISPLAY_GALLERY' => ($config['allow_avatar_local'] && !$display_gallery) ? true : false,
1479 'S_IN_GALLERY' => ($config['allow_avatar_local'] && $display_gallery) ? true : false,
1480
1481 'AVATAR_IMAGE' => $avatar_img,
1482 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'],
1483 'USER_AVATAR_WIDTH' => $user_row['user_avatar_width'],
1484 'USER_AVATAR_HEIGHT' => $user_row['user_avatar_height'],
1485
1486 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
1487 );
1488
1489 break;
1490
1491 case 'rank':
1492
1493 if ($submit)
1494 {
1495 if (!check_form_key($form_name))
1496 {
1497 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1498 }
1499
1500 $rank_id = request_var('user_rank', 0);
1501
1502 $sql = 'UPDATE ' . USERS_TABLE . "
1503 SET user_rank = $rank_id
1504 WHERE user_id = $user_id";
1505 $db->sql_query($sql);
1506
1507 trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1508 }
1509
1510 $sql = 'SELECT *
1511 FROM ' . RANKS_TABLE . '
1512 WHERE rank_special = 1
1513 ORDER BY rank_title';
1514 $result = $db->sql_query($sql);
1515
1516 $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
1517
1518 while ($row = $db->sql_fetchrow($result))
1519 {
1520 $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
1521 $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
1522 }
1523 $db->sql_freeresult($result);
1524
1525 $template->assign_vars(array(
1526 'S_RANK' => true,
1527 'S_RANK_OPTIONS' => $s_rank_options)
1528 );
1529
1530 break;
1531
1532 case 'sig':
1533
1534 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
1535 include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1536
1537 $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', !$user->optionget('bbcode'))) ? false : true) : false;
1538 $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', !$user->optionget('smilies'))) ? false : true) : false;
1539 $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
1540 $signature = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
1541
1542 $preview = (isset($_POST['preview'])) ? true : false;
1543
1544 if ($submit || $preview)
1545 {
1546 include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
1547
1548 $message_parser = new parse_message($signature);
1549
1550 // Allowing Quote BBCode
1551 $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
1552
1553 if (sizeof($message_parser->warn_msg))
1554 {
1555 $error[] = implode('<br />', $message_parser->warn_msg);
1556 }
1557
1558 if (!check_form_key($form_name))
1559 {
1560 $error = 'FORM_INVALID';
1561 }
1562
1563 if (!sizeof($error) && $submit)
1564 {
1565 $sql_ary = array(
1566 'user_sig' => (string) $message_parser->message,
1567 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
1568 'user_sig_bbcode_bitfield' => (string) $message_parser->bbcode_bitfield
1569 );
1570
1571 $sql = 'UPDATE ' . USERS_TABLE . '
1572 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
1573 WHERE user_id = ' . $user_id;
1574 $db->sql_query($sql);
1575
1576 trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1577 }
1578
1579 // Replace "error" strings with their real, localised form
1580 $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1581 }
1582
1583 $signature_preview = '';
1584
1585 if ($preview)
1586 {
1587 // Now parse it for displaying
1588 $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
1589 unset($message_parser);
1590 }
1591
1592 decode_message($signature, $user_row['user_sig_bbcode_uid']);
1593
1594 $template->assign_vars(array(
1595 'S_SIGNATURE' => true,
1596
1597 'SIGNATURE' => $signature,
1598 'SIGNATURE_PREVIEW' => $signature_preview,
1599
1600 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '',
1601 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '',
1602 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '',
1603
1604 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1605 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1606 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1607 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1608 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1609
1610 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
1611
1612 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'],
1613 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'],
1614 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false,
1615 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false,
1616 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false)
1617 );
1618
1619 // Assigning custom bbcodes
1620 display_custom_bbcodes();
1621
1622 break;
1623
1624 case 'attach':
1625
1626 $start = request_var('start', 0);
1627 $deletemark = (isset($_POST['delmarked'])) ? true : false;
1628 $marked = request_var('mark', array(0));
1629
1630 // Sort keys
1631 $sort_key = request_var('sk', 'a');
1632 $sort_dir = request_var('sd', 'd');
1633
1634 if ($deletemark && sizeof($marked))
1635 {
1636 $sql = 'SELECT attach_id
1637 FROM ' . ATTACHMENTS_TABLE . '
1638 WHERE poster_id = ' . $user_id . '
1639 AND is_orphan = 0
1640 AND ' . $db->sql_in_set('attach_id', $marked);
1641 $result = $db->sql_query($sql);
1642
1643 $marked = array();
1644 while ($row = $db->sql_fetchrow($result))
1645 {
1646 $marked[] = $row['attach_id'];
1647 }
1648 $db->sql_freeresult($result);
1649 }
1650
1651 if ($deletemark && sizeof($marked))
1652 {
1653 if (confirm_box(true))
1654 {
1655 $sql = 'SELECT real_filename
1656 FROM ' . ATTACHMENTS_TABLE . '
1657 WHERE ' . $db->sql_in_set('attach_id', $marked);
1658 $result = $db->sql_query($sql);
1659
1660 $log_attachments = array();
1661 while ($row = $db->sql_fetchrow($result))
1662 {
1663 $log_attachments[] = $row['real_filename'];
1664 }
1665 $db->sql_freeresult($result);
1666
1667 delete_attachments('attach', $marked);
1668
1669 $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
1670
1671 add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
1672 trigger_error($message . adm_back_link($this->u_action . '&u=' . $user_id));
1673 }
1674 else
1675 {
1676 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1677 'u' => $user_id,
1678 'i' => $id,
1679 'mode' => $mode,
1680 'action' => $action,
1681 'delmarked' => true,
1682 'mark' => $marked))
1683 );
1684 }
1685 }
1686
1687 $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
1688 $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
1689
1690 $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1691
1692 $s_sort_key = '';
1693 foreach ($sk_text as $key => $value)
1694 {
1695 $selected = ($sort_key == $key) ? ' selected="selected"' : '';
1696 $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1697 }
1698
1699 $s_sort_dir = '';
1700 foreach ($sd_text as $key => $value)
1701 {
1702 $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
1703 $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1704 }
1705
1706 if (!isset($sk_sql[$sort_key]))
1707 {
1708 $sort_key = 'a';
1709 }
1710
1711 $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1712
1713 $sql = 'SELECT COUNT(attach_id) as num_attachments
1714 FROM ' . ATTACHMENTS_TABLE . "
1715 WHERE poster_id = $user_id
1716 AND is_orphan = 0";
1717 $result = $db->sql_query_limit($sql, 1);
1718 $num_attachments = (int) $db->sql_fetchfield('num_attachments');
1719 $db->sql_freeresult($result);
1720
1721 $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
1722 FROM ' . ATTACHMENTS_TABLE . ' a
1723 LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
1724 AND a.in_message = 0)
1725 LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
1726 AND a.in_message = 1)
1727 WHERE a.poster_id = ' . $user_id . "
1728 AND a.is_orphan = 0
1729 ORDER BY $order_by";
1730 $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
1731
1732 while ($row = $db->sql_fetchrow($result))
1733 {
1734 if ($row['in_message'])
1735 {
1736 $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&p={$row['post_msg_id']}");
1737 }
1738 else
1739 {
1740 $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
1741 }
1742
1743 $template->assign_block_vars('attach', array(
1744 'REAL_FILENAME' => $row['real_filename'],
1745 'COMMENT' => nl2br($row['attach_comment']),
1746 'EXTENSION' => $row['extension'],
1747 'SIZE' => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
1748 'DOWNLOAD_COUNT' => $row['download_count'],
1749 'POST_TIME' => $user->format_date($row['filetime']),
1750 'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
1751
1752 'ATTACH_ID' => $row['attach_id'],
1753 'POST_ID' => $row['post_msg_id'],
1754 'TOPIC_ID' => $row['topic_id'],
1755
1756 'S_IN_MESSAGE' => $row['in_message'],
1757
1758 'U_DOWNLOAD' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&id=' . $row['attach_id']),
1759 'U_VIEW_TOPIC' => $view_topic)
1760 );
1761 }
1762 $db->sql_freeresult($result);
1763
1764 $template->assign_vars(array(
1765 'S_ATTACHMENTS' => true,
1766 'S_ON_PAGE' => on_page($num_attachments, $config['topics_per_page'], $start),
1767 'S_SORT_KEY' => $s_sort_key,
1768 'S_SORT_DIR' => $s_sort_dir,
1769
1770 'PAGINATION' => generate_pagination($this->u_action . "&u=$user_id&sk=$sort_key&sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start, true))
1771 );
1772
1773 break;
1774
1775 case 'groups':
1776
1777 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1778
1779 $user->add_lang(array('groups', 'acp/groups'));
1780 $group_id = request_var('g', 0);
1781
1782 if ($group_id)
1783 {
1784 // Check the founder only entry for this group to make sure everything is well
1785 $sql = 'SELECT group_founder_manage
1786 FROM ' . GROUPS_TABLE . '
1787 WHERE group_id = ' . $group_id;
1788 $result = $db->sql_query($sql);
1789 $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
1790 $db->sql_freeresult($result);
1791
1792 if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
1793 {
1794 trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1795 }
1796 }
1797 else
1798 {
1799 $founder_manage = 0;
1800 }
1801
1802 switch ($action)
1803 {
1804 case 'demote':
1805 case 'promote':
1806 case 'default':
1807 if (!$group_id)
1808 {
1809 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1810 }
1811 group_user_attributes($action, $group_id, $user_id);
1812
1813 if ($action == 'default')
1814 {
1815 $user_row['group_id'] = $group_id;
1816 }
1817 break;
1818
1819 case 'delete':
1820
1821 if (confirm_box(true))
1822 {
1823 if (!$group_id)
1824 {
1825 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1826 }
1827
1828 if ($error = group_user_del($group_id, $user_id))
1829 {
1830 trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1831 }
1832
1833 $error = array();
1834 }
1835 else
1836 {
1837 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1838 'u' => $user_id,
1839 'i' => $id,
1840 'mode' => $mode,
1841 'action' => $action,
1842 'g' => $group_id))
1843 );
1844 }
1845
1846 break;
1847 }
1848
1849 // Add user to group?
1850 if ($submit)
1851 {
1852
1853 if (!check_form_key($form_name))
1854 {
1855 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1856 }
1857
1858 if (!$group_id)
1859 {
1860 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1861 }
1862
1863 // Add user/s to group
1864 if ($error = group_user_add($group_id, $user_id))
1865 {
1866 trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1867 }
1868
1869 $error = array();
1870 }
1871
1872
1873 $sql = 'SELECT ug.*, g.*
1874 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
1875 WHERE ug.user_id = $user_id
1876 AND g.group_id = ug.group_id
1877 ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
1878 $result = $db->sql_query($sql);
1879
1880 $i = 0;
1881 $group_data = $id_ary = array();
1882 while ($row = $db->sql_fetchrow($result))
1883 {
1884 $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
1885
1886 $group_data[$type][$i]['group_id'] = $row['group_id'];
1887 $group_data[$type][$i]['group_name'] = $row['group_name'];
1888 $group_data[$type][$i]['group_leader'] = ($row['group_leader']) ? 1 : 0;
1889
1890 $id_ary[] = $row['group_id'];
1891
1892 $i++;
1893 }
1894 $db->sql_freeresult($result);
1895
1896 // Select box for other groups
1897 $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
1898 FROM ' . GROUPS_TABLE . '
1899 ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
1900 ORDER BY group_type DESC, group_name ASC';
1901 $result = $db->sql_query($sql);
1902
1903 $s_group_options = '';
1904 while ($row = $db->sql_fetchrow($result))
1905 {
1906 if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
1907 {
1908 continue;
1909 }
1910
1911 // Do not display those groups not allowed to be managed
1912 if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
1913 {
1914 continue;
1915 }
1916
1917 $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
1918 }
1919 $db->sql_freeresult($result);
1920
1921 $current_type = '';
1922 foreach ($group_data as $group_type => $data_ary)
1923 {
1924 if ($current_type != $group_type)
1925 {
1926 $template->assign_block_vars('group', array(
1927 'S_NEW_GROUP_TYPE' => true,
1928 'GROUP_TYPE' => $user->lang['USER_GROUP_' . strtoupper($group_type)])
1929 );
1930 }
1931
1932 foreach ($data_ary as $data)
1933 {
1934 $template->assign_block_vars('group', array(
1935 'U_EDIT_GROUP' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&mode=manage&action=edit&u=$user_id&g={$data['group_id']}&back_link=acp_users_groups"),
1936 'U_DEFAULT' => $this->u_action . "&action=default&u=$user_id&g=" . $data['group_id'],
1937 'U_DEMOTE_PROMOTE' => $this->u_action . '&action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&u=$user_id&g=" . $data['group_id'],
1938 'U_DELETE' => $this->u_action . "&action=delete&u=$user_id&g=" . $data['group_id'],
1939
1940 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
1941 'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
1942
1943 'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false,
1944 'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false,
1945 )
1946 );
1947 }
1948 }
1949
1950 $template->assign_vars(array(
1951 'S_GROUPS' => true,
1952 'S_GROUP_OPTIONS' => $s_group_options)
1953 );
1954
1955 break;
1956
1957 case 'perm':
1958
1959 include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
1960
1961 $auth_admin = new auth_admin();
1962
1963 $user->add_lang('acp/permissions');
1964 add_permission_language();
1965
1966 $forum_id = request_var('f', 0);
1967
1968 // Global Permissions
1969 if (!$forum_id)
1970 {
1971 // Select auth options
1972 $sql = 'SELECT auth_option, is_local, is_global
1973 FROM ' . ACL_OPTIONS_TABLE . '
1974 WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
1975 AND is_global = 1
1976 ORDER BY auth_option';
1977 $result = $db->sql_query($sql);
1978
1979 $hold_ary = array();
1980
1981 while ($row = $db->sql_fetchrow($result))
1982 {
1983 $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
1984 $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
1985 }
1986 $db->sql_freeresult($result);
1987
1988 unset($hold_ary);
1989 }
1990 else
1991 {
1992 $sql = 'SELECT auth_option, is_local, is_global
1993 FROM ' . ACL_OPTIONS_TABLE . "
1994 WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
1995 AND is_local = 1
1996 ORDER BY is_global DESC, auth_option";
1997 $result = $db->sql_query($sql);
1998
1999 while ($row = $db->sql_fetchrow($result))
2000 {
2001 $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
2002 $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
2003 }
2004 $db->sql_freeresult($result);
2005 }
2006
2007 $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
2008 $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
2009
2010 $template->assign_vars(array(
2011 'S_PERMISSIONS' => true,
2012
2013 'S_GLOBAL' => (!$forum_id) ? true : false,
2014 'S_FORUM_OPTIONS' => $s_forum_options,
2015
2016 'U_ACTION' => $this->u_action . '&u=' . $user_id,
2017 'U_USER_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&mode=setting_user_global&user_id[]=' . $user_id),
2018 'U_USER_FORUM_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&mode=setting_user_local&user_id[]=' . $user_id))
2019 );
2020
2021 break;
2022
2023 }
2024
2025 // Assign general variables
2026 $template->assign_vars(array(
2027 'S_ERROR' => (sizeof($error)) ? true : false,
2028 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '')
2029 );
2030 }
2031
2032 /**
2033 * Optionset replacement for this module based on $user->optionset
2034 */
2035 function optionset(&$user_row, $key, $value, $data = false)
2036 {
2037 global $user;
2038
2039 $var = ($data) ? $data : $user_row['user_options'];
2040
2041 if ($value && !($var & 1 << $user->keyoptions[$key]))
2042 {
2043 $var += 1 << $user->keyoptions[$key];
2044 }
2045 else if (!$value && ($var & 1 << $user->keyoptions[$key]))
2046 {
2047 $var -= 1 << $user->keyoptions[$key];
2048 }
2049 else
2050 {
2051 return ($data) ? $var : false;
2052 }
2053
2054 if (!$data)
2055 {
2056 $user_row['user_options'] = $var;
2057 return true;
2058 }
2059 else
2060 {
2061 return $var;
2062 }
2063 }
2064
2065 /**
2066 * Optionget replacement for this module based on $user->optionget
2067 */
2068 function optionget(&$user_row, $key, $data = false)
2069 {
2070 global $user;
2071
2072 $var = ($data) ? $data : $user_row['user_options'];
2073 return ($var & 1 << $user->keyoptions[$key]) ? true : false;
2074 }
2075 }
2076
2077 ?>