Verzeichnisstruktur phpBB-3.0.0


Veröffentlicht
12.12.2007

So funktioniert es


Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück

Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis.
Auf den Verzeichnisnamen klicken, dies zeigt nur das Verzeichnis mit Inhalt an

(Beispiel Datei-Icons)

Auf das Icon klicken um den Quellcode anzuzeigen

acp_users.php

Zuletzt modifiziert: 09.10.2024, 12:51 - Dateigröße: 72.71 KiB


0001  <?php
0002  /**
0003  *
0004  * @package acp
0005  * @version $Id$
0006  * @copyright (c) 2005 phpBB Group
0007  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
0008  *
0009  */
0010   
0011  /**
0012  * @ignore
0013  */
0014  if (!defined('IN_PHPBB'))
0015  {
0016      exit;
0017  }
0018   
0019  /**
0020  * @package acp
0021  */
0022  class acp_users
0023  {
0024      var $u_action;
0025      var $p_master;
0026   
0027      function acp_users(&$p_master)
0028      {
0029          $this->p_master = &$p_master;
0030      }
0031   
0032      function main($id, $mode)
0033      {
0034          global $config, $db, $user, $auth, $template, $cache;
0035          global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
0036   
0037          $user->add_lang(array('posting', 'ucp', 'acp/users'));
0038          $this->tpl_name = 'acp_users';
0039          $this->page_title = 'ACP_USER_' . strtoupper($mode);
0040   
0041          $error        = array();
0042          $username    = utf8_normalize_nfc(request_var('username', '', true));
0043          $user_id    = request_var('u', 0);
0044          $action        = request_var('action', '');
0045   
0046          $submit        = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
0047   
0048          $form_name = 'acp_users';
0049          add_form_key($form_name);
0050   
0051          // Whois (special case)
0052          if ($action == 'whois')
0053          {
0054              include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0055   
0056              $this->page_title = 'WHOIS';
0057              $this->tpl_name = 'simple_body';
0058   
0059              $user_ip = request_var('user_ip', '');
0060              $domain = gethostbyaddr($user_ip);
0061              $ipwhois = user_ipwhois($user_ip);
0062   
0063              $template->assign_vars(array(
0064                  'MESSAGE_TITLE'        => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
0065                  'MESSAGE_TEXT'        => nl2br($ipwhois))
0066              );
0067   
0068              return;
0069          }
0070   
0071          // Show user selection mask
0072          if (!$username && !$user_id)
0073          {
0074              $this->page_title = 'SELECT_USER';
0075   
0076              $template->assign_vars(array(
0077                  'U_ACTION'            => $this->u_action,
0078                  'ANONYMOUS_USER_ID'    => ANONYMOUS,
0079   
0080                  'S_SELECT_USER'        => true,
0081                  'U_FIND_USERNAME'    => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=select_user&amp;field=username&amp;select_single=true'),
0082              ));
0083   
0084              return;
0085          }
0086   
0087          if (!$user_id)
0088          {
0089              $sql = 'SELECT user_id
0090                  FROM ' . USERS_TABLE . "
0091                  WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
0092              $result = $db->sql_query($sql);
0093              $user_id = (int) $db->sql_fetchfield('user_id');
0094              $db->sql_freeresult($result);
0095   
0096              if (!$user_id)
0097              {
0098                  trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0099              }
0100          }
0101   
0102          // Generate content for all modes
0103          $sql = 'SELECT u.*, s.*
0104              FROM ' . USERS_TABLE . ' u
0105                  LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
0106              WHERE u.user_id = ' . $user_id . '
0107              ORDER BY s.session_time DESC';
0108          $result = $db->sql_query($sql);
0109          $user_row = $db->sql_fetchrow($result);
0110          $db->sql_freeresult($result);
0111   
0112          if (!$user_row)
0113          {
0114              trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0115          }
0116   
0117          // Generate overall "header" for user admin
0118          $s_form_options = '';
0119   
0120          // Build modes dropdown list
0121          $sql = 'SELECT module_mode, module_auth
0122              FROM ' . MODULES_TABLE . "
0123              WHERE module_basename = 'users'
0124                  AND module_enabled = 1
0125                  AND module_class = 'acp'
0126              ORDER BY left_id, module_mode";
0127          $result = $db->sql_query($sql);
0128   
0129          $dropdown_modes = array();
0130          while ($row = $db->sql_fetchrow($result))
0131          {
0132              if (!$this->p_master->module_auth($row['module_auth']))
0133              {
0134                  continue;
0135              }
0136   
0137              $dropdown_modes[$row['module_mode']] = true;
0138          }
0139          $db->sql_freeresult($result);
0140   
0141          foreach ($dropdown_modes as $module_mode => $null)
0142          {
0143              $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
0144              $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
0145          }
0146   
0147          $template->assign_vars(array(
0148              'U_BACK'            => $this->u_action,
0149              'U_MODE_SELECT'        => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;u=$user_id"),
0150              'U_ACTION'            => $this->u_action . '&amp;u=' . $user_id,
0151              'S_FORM_OPTIONS'    => $s_form_options,
0152              'MANAGED_USERNAME'    => $user_row['username'])
0153          );
0154   
0155          // Prevent normal users/admins change/view founders if they are not a founder by themselves
0156          if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
0157          {
0158              trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
0159          }
0160   
0161          switch ($mode)
0162          {
0163              case 'overview':
0164   
0165                  include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0166   
0167                  $user->add_lang('acp/ban');
0168   
0169                  $delete            = request_var('delete', 0);
0170                  $delete_type    = request_var('delete_type', '');
0171                  $ip                = request_var('ip', 'ip');
0172   
0173                  if ($submit)
0174                  {
0175                      // You can't delete the founder
0176                      if ($delete && $user_row['user_type'] != USER_FOUNDER)
0177                      {
0178                          if (!$auth->acl_get('a_userdel'))
0179                          {
0180                              trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0181                          }
0182   
0183                          // Check if the user wants to remove himself or the guest user account
0184                          if ($user_id == ANONYMOUS)
0185                          {
0186                              trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0187                          }
0188   
0189                          if ($user_id == $user->data['user_id'])
0190                          {
0191                              trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0192                          }
0193   
0194                          if (confirm_box(true))
0195                          {
0196                              user_delete($delete_type, $user_id, $user_row['username']);
0197   
0198                              add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
0199                              trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
0200                          }
0201                          else
0202                          {
0203                              confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0204                                  'u'                => $user_id,
0205                                  'i'                => $id,
0206                                  'mode'            => $mode,
0207                                  'action'        => $action,
0208                                  'update'        => true,
0209                                  'delete'        => 1,
0210                                  'delete_type'    => $delete_type))
0211                              );
0212                          }
0213                      }
0214   
0215                      // Handle quicktool actions
0216                      switch ($action)
0217                      {
0218                          case 'banuser':
0219                          case 'banemail':
0220                          case 'banip':
0221   
0222                              if ($user_id == $user->data['user_id'])
0223                              {
0224                                  trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0225                              }
0226   
0227                              if ($user_row['user_type'] == USER_FOUNDER)
0228                              {
0229                                  trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0230                              }
0231   
0232                              if (!check_form_key($form_name))
0233                              {
0234                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0235                              }
0236   
0237                              $ban = array();
0238   
0239                              switch ($action)
0240                              {
0241                                  case 'banuser':
0242                                      $ban[] = $user_row['username'];
0243                                      $reason = 'USER_ADMIN_BAN_NAME_REASON';
0244                                      $log = 'LOG_USER_BAN_USER';
0245                                  break;
0246   
0247                                  case 'banemail':
0248                                      $ban[] = $user_row['user_email'];
0249                                      $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
0250                                      $log = 'LOG_USER_BAN_EMAIL';
0251                                  break;
0252   
0253                                  case 'banip':
0254                                      $ban[] = $user_row['user_ip'];
0255   
0256                                      $sql = 'SELECT DISTINCT poster_ip
0257                                          FROM ' . POSTS_TABLE . "
0258                                          WHERE poster_id = $user_id";
0259                                      $result = $db->sql_query($sql);
0260   
0261                                      while ($row = $db->sql_fetchrow($result))
0262                                      {
0263                                          $ban[] = $row['poster_ip'];
0264                                      }
0265                                      $db->sql_freeresult($result);
0266   
0267                                      $reason = 'USER_ADMIN_BAN_IP_REASON';
0268                                      $log = 'LOG_USER_BAN_IP';
0269                                  break;
0270                              }
0271   
0272                              $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
0273                              $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
0274   
0275                              // Log not used at the moment, we simply utilize the ban function.
0276                              $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
0277   
0278                              trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0279   
0280                          break;
0281   
0282                          case 'reactivate':
0283   
0284                              if ($user_id == $user->data['user_id'])
0285                              {
0286                                  trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0287                              }
0288   
0289                              if (!check_form_key($form_name))
0290                              {
0291                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0292                              }
0293   
0294                              if ($user_row['user_type'] == USER_FOUNDER)
0295                              {
0296                                  trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0297                              }
0298   
0299                              if ($user_row['user_type'] == USER_IGNORE)
0300                              {
0301                                  trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0302                              }
0303   
0304                              if ($config['email_enable'])
0305                              {
0306                                  include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
0307   
0308                                  $server_url = generate_board_url();
0309   
0310                                  $user_actkey = gen_rand_string(10);
0311                                  $key_len = 54 - (strlen($server_url));
0312                                  $key_len = ($key_len > 6) ? $key_len : 6;
0313                                  $user_actkey = substr($user_actkey, 0, $key_len);
0314                                  $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
0315   
0316                                  if ($user_row['user_type'] == USER_NORMAL)
0317                                  {
0318                                      user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
0319   
0320                                      $sql = 'UPDATE ' . USERS_TABLE . "
0321                                          SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
0322                                          WHERE user_id = $user_id";
0323                                      $db->sql_query($sql);
0324                                  }
0325                                  else
0326                                  {
0327                                      // Grabbing the last confirm key - we only send a reminder
0328                                      $sql = 'SELECT user_actkey
0329                                          FROM ' . USERS_TABLE . '
0330                                          WHERE user_id = ' . $user_id;
0331                                      $result = $db->sql_query($sql);
0332                                      $user_actkey = (string) $db->sql_fetchfield('user_actkey');
0333                                      $db->sql_freeresult($result);
0334                                  }
0335   
0336                                  $messenger = new messenger(false);
0337   
0338                                  $messenger->template($email_template, $user_row['user_lang']);
0339   
0340                                  $messenger->to($user_row['user_email'], $user_row['username']);
0341   
0342                                  $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
0343                                  $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
0344                                  $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
0345                                  $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
0346   
0347                                  $messenger->assign_vars(array(
0348                                      'WELCOME_MSG'    => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
0349                                      'USERNAME'        => htmlspecialchars_decode($user_row['username']),
0350                                      'U_ACTIVATE'    => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
0351                                  );
0352   
0353                                  $messenger->send(NOTIFY_EMAIL);
0354   
0355                                  add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
0356                                  add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
0357   
0358                                  trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0359                              }
0360   
0361                          break;
0362   
0363                          case 'active':
0364   
0365                              if ($user_id == $user->data['user_id'])
0366                              {
0367                                  // It is only deactivation since the user is already activated (else he would not have reached this page)
0368                                  trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0369                              }
0370   
0371                              if (!check_form_key($form_name))
0372                              {
0373                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0374                              }
0375   
0376                              if ($user_row['user_type'] == USER_FOUNDER)
0377                              {
0378                                  trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0379                              }
0380   
0381                              if ($user_row['user_type'] == USER_IGNORE)
0382                              {
0383                                  trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0384                              }
0385   
0386                              user_active_flip('flip', $user_id);
0387   
0388                              $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
0389                              $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
0390   
0391                              add_log('admin', $log, $user_row['username']);
0392                              add_log('user', $user_id, $log . '_USER');
0393   
0394                              trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0395   
0396                          break;
0397   
0398                          case 'delsig':
0399   
0400                              if (!check_form_key($form_name))
0401                              {
0402                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0403                              }
0404   
0405                              $sql_ary = array(
0406                                  'user_sig'                    => '',
0407                                  'user_sig_bbcode_uid'        => '',
0408                                  'user_sig_bbcode_bitfield'    => ''
0409                              );
0410   
0411                              $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
0412                                  WHERE user_id = $user_id";
0413                              $db->sql_query($sql);
0414                          
0415                              add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
0416                              add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
0417   
0418                              trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0419   
0420                          break;
0421   
0422                          case 'delavatar':
0423   
0424                              if (!check_form_key($form_name))
0425                              {
0426                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0427                              }
0428   
0429                              $sql_ary = array(
0430                                  'user_avatar'            => '',
0431                                  'user_avatar_type'        => 0,
0432                                  'user_avatar_width'        => 0,
0433                                  'user_avatar_height'    => 0,
0434                              );
0435   
0436                              $sql = 'UPDATE ' . USERS_TABLE . '
0437                                  SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
0438                                  WHERE user_id = $user_id";
0439                              $db->sql_query($sql);
0440   
0441                              // Delete old avatar if present
0442                              if ($user_row['user_avatar'] && $user_row['user_avatar_type'] != AVATAR_GALLERY)
0443                              {
0444                                  avatar_delete('user', $user_row);
0445                              }
0446   
0447                              add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
0448                              add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
0449   
0450                              trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0451                          break;
0452   
0453                          case 'delposts':
0454   
0455                              if (confirm_box(true))
0456                              {
0457                                  // Delete posts, attachments, etc.
0458                                  delete_posts('poster_id', $user_id);
0459   
0460                                  add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
0461                                  trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0462                              }
0463                              else
0464                              {
0465                                  confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0466                                      'u'                => $user_id,
0467                                      'i'                => $id,
0468                                      'mode'            => $mode,
0469                                      'action'        => $action,
0470                                      'update'        => true))
0471                                  );
0472                              }
0473   
0474                          break;
0475   
0476                          case 'delattach':
0477   
0478                              if (confirm_box(true))
0479                              {
0480                                  delete_attachments('user', $user_id);
0481   
0482                                  add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
0483                                  trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0484                              }
0485                              else
0486                              {
0487                                  confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0488                                      'u'                => $user_id,
0489                                      'i'                => $id,
0490                                      'mode'            => $mode,
0491                                      'action'        => $action,
0492                                      'update'        => true))
0493                                  );
0494                              }
0495                          
0496                          break;
0497                          
0498                          case 'moveposts':
0499   
0500                              if (!check_form_key($form_name))
0501                              {
0502                                  trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0503                              }
0504   
0505                              $user->add_lang('acp/forums');
0506   
0507                              $new_forum_id = request_var('new_f', 0);
0508   
0509                              if (!$new_forum_id)
0510                              {
0511                                  $this->page_title = 'USER_ADMIN_MOVE_POSTS';
0512   
0513                                  $template->assign_vars(array(
0514                                      'S_SELECT_FORUM'        => true,
0515                                      'U_ACTION'                => $this->u_action . "&amp;action=$action&amp;u=$user_id",
0516                                      'U_BACK'                => $this->u_action . "&amp;u=$user_id",
0517                                      'S_FORUM_OPTIONS'        => make_forum_select(false, false, false, true))
0518                                  );
0519   
0520                                  return;
0521                              }
0522   
0523                              // Is the new forum postable to?
0524                              $sql = 'SELECT forum_name, forum_type
0525                                  FROM ' . FORUMS_TABLE . "
0526                                  WHERE forum_id = $new_forum_id";
0527                              $result = $db->sql_query($sql);
0528                              $forum_info = $db->sql_fetchrow($result);
0529                              $db->sql_freeresult($result);
0530   
0531                              if (!$forum_info)
0532                              {
0533                                  trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0534                              }
0535   
0536                              if ($forum_info['forum_type'] != FORUM_POST)
0537                              {
0538                                  trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0539                              }
0540   
0541                              // Two stage?
0542                              // Move topics comprising only posts from this user
0543                              $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
0544                              $forum_id_ary = array($new_forum_id);
0545   
0546                              $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts
0547                                  FROM ' . POSTS_TABLE . "
0548                                  WHERE poster_id = $user_id
0549                                      AND forum_id <> $new_forum_id
0550                                  GROUP BY topic_id";
0551                              $result = $db->sql_query($sql);
0552   
0553                              while ($row = $db->sql_fetchrow($result))
0554                              {
0555                                  $topic_id_ary[$row['topic_id']] = $row['total_posts'];
0556                              }
0557                              $db->sql_freeresult($result);
0558   
0559                              if (sizeof($topic_id_ary))
0560                              {
0561                                  $sql = 'SELECT topic_id, forum_id, topic_title, topic_replies, topic_replies_real, topic_attachment
0562                                      FROM ' . TOPICS_TABLE . '
0563                                      WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
0564                                  $result = $db->sql_query($sql);
0565   
0566                                  while ($row = $db->sql_fetchrow($result))
0567                                  {
0568                                      if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']])
0569                                      {
0570                                          $move_topic_ary[] = $row['topic_id'];
0571                                      }
0572                                      else
0573                                      {
0574                                          $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
0575                                          $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
0576                                      }
0577   
0578                                      $forum_id_ary[] = $row['forum_id'];
0579                                  }
0580                                  $db->sql_freeresult($result);
0581                              }
0582   
0583                              // Entire topic comprises posts by this user, move these topics
0584                              if (sizeof($move_topic_ary))
0585                              {
0586                                  move_topics($move_topic_ary, $new_forum_id, false);
0587                              }
0588   
0589                              if (sizeof($move_post_ary))
0590                              {
0591                                  // Create new topic
0592                                  // Update post_ids, report_ids, attachment_ids
0593                                  foreach ($move_post_ary as $topic_id => $post_ary)
0594                                  {
0595                                      // Create new topic
0596                                      $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
0597                                          'topic_poster'                => $user_id,
0598                                          'topic_time'                => time(),
0599                                          'forum_id'                     => $new_forum_id,
0600                                          'icon_id'                    => 0,
0601                                          'topic_approved'            => 1,
0602                                          'topic_title'                 => $post_ary['title'],
0603                                          'topic_first_poster_name'    => $user_row['username'],
0604                                          'topic_type'                => POST_NORMAL,
0605                                          'topic_time_limit'            => 0,
0606                                          'topic_attachment'            => $post_ary['attach'])
0607                                      );
0608                                      $db->sql_query($sql);
0609   
0610                                      $new_topic_id = $db->sql_nextid();
0611   
0612                                      // Move posts
0613                                      $sql = 'UPDATE ' . POSTS_TABLE . "
0614                                          SET forum_id = $new_forum_id, topic_id = $new_topic_id
0615                                          WHERE topic_id = $topic_id
0616                                              AND poster_id = $user_id";
0617                                      $db->sql_query($sql);
0618   
0619                                      if ($post_ary['attach'])
0620                                      {
0621                                          $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
0622                                              SET topic_id = $new_topic_id
0623                                              WHERE topic_id = $topic_id
0624                                                  AND poster_id = $user_id";
0625                                          $db->sql_query($sql);
0626                                      }
0627   
0628                                      $new_topic_id_ary[] = $new_topic_id;
0629                                  }
0630                              }
0631   
0632                              $forum_id_ary = array_unique($forum_id_ary);
0633                              $topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary));
0634   
0635                              if (sizeof($topic_id_ary))
0636                              {
0637                                  sync('reported', 'topic_id', $topic_id_ary);
0638                                  sync('topic', 'topic_id', $topic_id_ary);
0639                              }
0640   
0641                              if (sizeof($forum_id_ary))
0642                              {
0643                                  sync('forum', 'forum_id', $forum_id_ary, false, true);
0644                              }
0645   
0646   
0647                              add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
0648                              add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
0649   
0650                              trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0651   
0652                          break;
0653                      }
0654   
0655                      // Handle registration info updates
0656                      $data = array(
0657                          'username'            => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
0658                          'user_founder'        => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
0659                          'email'                => strtolower(request_var('user_email', $user_row['user_email'])),
0660                          'email_confirm'        => strtolower(request_var('email_confirm', '')),
0661                          'new_password'        => request_var('new_password', '', true),
0662                          'password_confirm'    => request_var('password_confirm', '', true),
0663                      );
0664   
0665                      // Validation data - we do not check the password complexity setting here
0666                      $check_ary = array(
0667                          'new_password'        => array(
0668                              array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0669                              array('password')),
0670                          'password_confirm'    => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0671                      );
0672   
0673                      // Check username if altered
0674                      if ($data['username'] != $user_row['username'])
0675                      {
0676                          $check_ary += array(
0677                              'username'            => array(
0678                                  array('string', false, $config['min_name_chars'], $config['max_name_chars']),
0679                                  array('username', $user_row['username'])
0680                              ),
0681                          );
0682                      }
0683   
0684                      // Check email if altered
0685                      if ($data['email'] != $user_row['user_email'])
0686                      {
0687                          $check_ary += array(
0688                              'email'                => array(
0689                                  array('string', false, 6, 60),
0690                                  array('email', $user_row['user_email'])
0691                              ),
0692                              'email_confirm'        => array('string', true, 6, 60)
0693                          );
0694                      }
0695   
0696                      $error = validate_data($data, $check_ary);
0697   
0698                      if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
0699                      {
0700                          $error[] = 'NEW_PASSWORD_ERROR';
0701                      }
0702   
0703                      if ($data['email'] != $user_row['user_email'] && $data['email_confirm'] != $data['email'])
0704                      {
0705                          $error[] = 'NEW_EMAIL_ERROR';
0706                      }
0707   
0708                      if (!check_form_key($form_name))
0709                      {
0710                          $error[] = 'FORM_INVALID';
0711                      }
0712   
0713                      // Which updates do we need to do?
0714                      $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
0715                      $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
0716                      $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
0717   
0718                      if (!sizeof($error))
0719                      {
0720                          $sql_ary = array();
0721   
0722                          if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
0723                          {
0724                              // Only allow founders updating the founder status...
0725                              if ($user->data['user_type'] == USER_FOUNDER)
0726                              {
0727                                  // Setting a normal member to be a founder
0728                                  if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
0729                                  {
0730                                      // Make sure the user is not setting an Inactive or ignored user to be a founder
0731                                      if ($user_row['user_type'] == USER_IGNORE)
0732                                      {
0733                                          trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0734                                      }
0735   
0736                                      if ($user_row['user_type'] == USER_INACTIVE)
0737                                      {
0738                                          trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0739                                      }
0740   
0741                                      $sql_ary['user_type'] = USER_FOUNDER;
0742                                  }
0743                                  else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
0744                                  {
0745                                      // Check if at least one founder is present
0746                                      $sql = 'SELECT user_id
0747                                          FROM ' . USERS_TABLE . '
0748                                          WHERE user_type = ' . USER_FOUNDER . '
0749                                              AND user_id <> ' . $user_id;
0750                                      $result = $db->sql_query_limit($sql, 1);
0751                                      $row = $db->sql_fetchrow($result);
0752                                      $db->sql_freeresult($result);
0753   
0754                                      if ($row)
0755                                      {
0756                                          $sql_ary['user_type'] = USER_NORMAL;
0757                                      }
0758                                      else
0759                                      {
0760                                          trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0761                                      }
0762                                  }
0763                              }
0764                          }
0765   
0766                          if ($update_username !== false)
0767                          {
0768                              $sql_ary['username'] = $update_username;
0769                              $sql_ary['username_clean'] = utf8_clean_string($update_username);
0770   
0771                              add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
0772                          }
0773   
0774                          if ($update_email !== false)
0775                          {
0776                              $sql_ary += array(
0777                                  'user_email'        => $update_email,
0778                                  'user_email_hash'    => crc32($update_email) . strlen($update_email)
0779                              );
0780   
0781                              add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
0782                          }
0783   
0784                          if ($update_password)
0785                          {
0786                              $sql_ary += array(
0787                                  'user_password'        => phpbb_hash($data['new_password']),
0788                                  'user_passchg'        => time(),
0789                                  'user_pass_convert'    => 0,
0790                              );
0791   
0792                              $user->reset_login_keys($user_id);
0793                              add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
0794                          }
0795   
0796                          if (sizeof($sql_ary))
0797                          {
0798                              $sql = 'UPDATE ' . USERS_TABLE . '
0799                                  SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
0800                                  WHERE user_id = ' . $user_id;
0801                              $db->sql_query($sql);
0802                          }
0803   
0804                          if ($update_username)
0805                          {
0806                              user_update_name($user_row['username'], $update_username);
0807                          }
0808   
0809                          // Let the users permissions being updated
0810                          $auth->acl_clear_prefetch($user_id);
0811   
0812                          add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
0813   
0814                          trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0815                      }
0816   
0817                      // Replace "error" strings with their real, localised form
0818                      $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
0819                  }
0820   
0821                  if ($user_id == $user->data['user_id'])
0822                  {
0823                      $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
0824                  }
0825                  else
0826                  {
0827                      $quick_tool_ary = array();
0828   
0829                      if ($user_row['user_type'] != USER_FOUNDER)
0830                      {
0831                          $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
0832                      }
0833   
0834                      if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
0835                      {
0836                          $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
0837                      }
0838                      
0839                      $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
0840                      
0841                      if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
0842                      {
0843                          $quick_tool_ary['reactivate'] = 'FORCE';
0844                      }
0845                  }
0846   
0847                  $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
0848                  foreach ($quick_tool_ary as $value => $lang)
0849                  {
0850                      $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
0851                  }
0852   
0853                  if ($config['load_onlinetrack'])
0854                  {
0855                      $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
0856                          FROM ' . SESSIONS_TABLE . "
0857                          WHERE session_user_id = $user_id";
0858                      $result = $db->sql_query($sql);
0859                      $row = $db->sql_fetchrow($result);
0860                      $db->sql_freeresult($result);
0861   
0862                      $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
0863                      $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
0864                      unset($row);
0865                  }
0866   
0867                  $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
0868   
0869                  $inactive_reason = '';
0870                  if ($user_row['user_type'] == USER_INACTIVE)
0871                  {
0872                      $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
0873   
0874                      switch ($user_row['user_inactive_reason'])
0875                      {
0876                          case INACTIVE_REGISTER:
0877                              $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
0878                          break;
0879   
0880                          case INACTIVE_PROFILE:
0881                              $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
0882                          break;
0883   
0884                          case INACTIVE_MANUAL:
0885                              $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
0886                          break;
0887   
0888                          case INACTIVE_REMIND:
0889                              $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
0890                          break;
0891                      }
0892                  }
0893   
0894                  $template->assign_vars(array(
0895                      'L_NAME_CHARS_EXPLAIN'        => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
0896                      'L_CHANGE_PASSWORD_EXPLAIN'    => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
0897                      'S_FOUNDER'                    => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
0898   
0899                      'S_OVERVIEW'        => true,
0900                      'S_USER_IP'            => ($user_row['user_ip']) ? true : false,
0901                      'S_USER_FOUNDER'    => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
0902                      'S_ACTION_OPTIONS'    => $s_action_options,
0903                      'S_OWN_ACCOUNT'        => ($user_id == $user->data['user_id']) ? true : false,
0904                      'S_USER_INACTIVE'    => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
0905   
0906                      'U_SHOW_IP'        => $this->u_action . "&amp;u=$user_id&amp;ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
0907                      'U_WHOIS'        => $this->u_action . "&amp;action=whois&amp;user_ip={$user_row['user_ip']}",
0908   
0909                      'U_SWITCH_PERMISSIONS'    => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_row['user_id']}") : '',
0910   
0911                      'USER'                => $user_row['username'],
0912                      'USER_REGISTERED'    => $user->format_date($user_row['user_regdate']),
0913                      'REGISTERED_IP'        => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
0914                      'USER_LASTACTIVE'    => ($last_visit) ? $user->format_date($last_visit) : ' - ',
0915                      'USER_EMAIL'        => $user_row['user_email'],
0916                      'USER_WARNINGS'        => $user_row['user_warnings'],
0917                      'USER_POSTS'        => $user_row['user_posts'],
0918                      'USER_INACTIVE_REASON'    => $inactive_reason,
0919                  ));
0920   
0921              break;
0922   
0923              case 'feedback':
0924   
0925                  $user->add_lang('mcp');
0926                  
0927                  // Set up general vars
0928                  $start        = request_var('start', 0);
0929                  $deletemark = (isset($_POST['delmarked'])) ? true : false;
0930                  $deleteall    = (isset($_POST['delall'])) ? true : false;
0931                  $marked        = request_var('mark', array(0));
0932                  $message    = utf8_normalize_nfc(request_var('message', '', true));
0933   
0934                  // Sort keys
0935                  $sort_days    = request_var('st', 0);
0936                  $sort_key    = request_var('sk', 't');
0937                  $sort_dir    = request_var('sd', 'd');
0938   
0939                  // Delete entries if requested and able
0940                  if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
0941                  {
0942                      if (!check_form_key($form_name))
0943                      {
0944                          trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0945                      }
0946   
0947                      $where_sql = '';
0948                      if ($deletemark && $marked)
0949                      {
0950                          $sql_in = array();
0951                          foreach ($marked as $mark)
0952                          {
0953                              $sql_in[] = $mark;
0954                          }
0955                          $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
0956                          unset($sql_in);
0957                      }
0958   
0959                      if ($where_sql || $deleteall)
0960                      {
0961                          $sql = 'DELETE FROM ' . LOG_TABLE . '
0962                              WHERE log_type = ' . LOG_USERS . "
0963                              $where_sql";
0964                          $db->sql_query($sql);
0965   
0966                          add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
0967                      }
0968                  }
0969   
0970                  if ($submit && $message)
0971                  {
0972                      if (!check_form_key($form_name))
0973                      {
0974                          trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
0975                      }
0976   
0977                      add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
0978                      add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
0979                      add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
0980   
0981                      trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
0982                  }
0983                  
0984                  // Sorting
0985                  $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
0986                  $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
0987                  $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
0988   
0989                  $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
0990                  gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
0991   
0992                  // Define where and sort sql for use in displaying logs
0993                  $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
0994                  $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
0995   
0996                  // Grab log data
0997                  $log_data = array();
0998                  $log_count = 0;
0999                  view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
1000   
1001                  $template->assign_vars(array(
1002                      'S_FEEDBACK'    => true,
1003                      'S_ON_PAGE'        => on_page($log_count, $config['topics_per_page'], $start),
1004                      'PAGINATION'    => generate_pagination($this->u_action . "&amp;u=$user_id&amp;$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
1005   
1006                      'S_LIMIT_DAYS'    => $s_limit_days,
1007                      'S_SORT_KEY'    => $s_sort_key,
1008                      'S_SORT_DIR'    => $s_sort_dir,
1009                      'S_CLEARLOGS'    => $auth->acl_get('a_clearlogs'))
1010                  );
1011   
1012                  foreach ($log_data as $row)
1013                  {
1014                      $template->assign_block_vars('log', array(
1015                          'USERNAME'        => $row['username_full'],
1016                          'IP'            => $row['ip'],
1017                          'DATE'            => $user->format_date($row['time']),
1018                          'ACTION'        => nl2br($row['action']),
1019                          'ID'            => $row['id'])
1020                      );
1021                  }
1022   
1023              break;
1024   
1025              case 'profile':
1026   
1027                  include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1028                  include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
1029   
1030                  $cp = new custom_profile();
1031   
1032                  $cp_data = $cp_error = array();
1033   
1034                  $sql = 'SELECT lang_id
1035                      FROM ' . LANG_TABLE . "
1036                      WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
1037                  $result = $db->sql_query($sql);
1038                  $row = $db->sql_fetchrow($result);
1039                  $db->sql_freeresult($result);
1040   
1041                  $user_row['iso_lang_id'] = $row['lang_id'];
1042   
1043                  $data = array(
1044                      'icq'            => request_var('icq', $user_row['user_icq']),
1045                      'aim'            => request_var('aim', $user_row['user_aim']),
1046                      'msn'            => request_var('msn', $user_row['user_msnm']),
1047                      'yim'            => request_var('yim', $user_row['user_yim']),
1048                      'jabber'        => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
1049                      'website'        => request_var('website', $user_row['user_website']),
1050                      'location'        => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
1051                      'occupation'    => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
1052                      'interests'        => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
1053                      'bday_day'        => 0,
1054                      'bday_month'    => 0,
1055                      'bday_year'        => 0,
1056                  );
1057   
1058                  if ($user_row['user_birthday'])
1059                  {
1060                      list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
1061                  }
1062   
1063                  $data['bday_day'] = request_var('bday_day', $data['bday_day']);
1064                  $data['bday_month'] = request_var('bday_month', $data['bday_month']);
1065                  $data['bday_year'] = request_var('bday_year', $data['bday_year']);
1066   
1067                  if ($submit)
1068                  {
1069                      $error = validate_data($data, array(
1070                          'icq'            => array(
1071                              array('string', true, 3, 15),
1072                              array('match', true, '#^[0-9]+$#i')),
1073                          'aim'            => array('string', true, 3, 255),
1074                          'msn'            => array('string', true, 5, 255),
1075                          'jabber'        => array(
1076                              array('string', true, 5, 255),
1077                              array('jabber')),
1078                          'yim'            => array('string', true, 5, 255),
1079                          'website'        => array(
1080                              array('string', true, 12, 255),
1081                              array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
1082                          'location'        => array('string', true, 2, 255),
1083                          'occupation'    => array('string', true, 2, 500),
1084                          'interests'        => array('string', true, 2, 500),
1085                          'bday_day'        => array('num', true, 1, 31),
1086                          'bday_month'    => array('num', true, 1, 12),
1087                          'bday_year'        => array('num', true, 1901, gmdate('Y', time())),
1088                      ));
1089   
1090                      // validate custom profile fields
1091                      $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
1092   
1093                      if (sizeof($cp_error))
1094                      {
1095                          $error = array_merge($error, $cp_error);
1096                      }
1097                      if (!check_form_key($form_name))
1098                      {
1099                          $error[] = 'FORM_INVALID';
1100                      }
1101   
1102                      if (!sizeof($error))
1103                      {
1104                          $sql_ary = array(
1105                              'user_icq'        => $data['icq'],
1106                              'user_aim'        => $data['aim'],
1107                              'user_msnm'        => $data['msn'],
1108                              'user_yim'        => $data['yim'],
1109                              'user_jabber'    => $data['jabber'],
1110                              'user_website'    => $data['website'],
1111                              'user_from'        => $data['location'],
1112                              'user_occ'        => $data['occupation'],
1113                              'user_interests'=> $data['interests'],
1114                              'user_birthday'    => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
1115                          );
1116   
1117                          $sql = 'UPDATE ' . USERS_TABLE . '
1118                              SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1119                              WHERE user_id = $user_id";
1120                          $db->sql_query($sql);
1121   
1122                          // Update Custom Fields
1123                          if (sizeof($cp_data))
1124                          {
1125                              switch ($db->sql_layer)
1126                              {
1127                                  case 'oracle':
1128                                  case 'firebird':
1129                                  case 'postgres':
1130                                      $right_delim = $left_delim = '"';
1131                                  break;
1132   
1133                                  case 'sqlite':
1134                                  case 'mssql':
1135                                  case 'mssql_odbc':
1136                                      $right_delim = ']';
1137                                      $left_delim = '[';
1138                                  break;
1139   
1140                                  case 'mysql':
1141                                  case 'mysql4':
1142                                  case 'mysqli':
1143                                      $right_delim = $left_delim = '`';
1144                                  break;
1145                              }
1146   
1147                              foreach ($cp_data as $key => $value)
1148                              {
1149                                  $cp_data[$left_delim . $key . $right_delim] = $value;
1150                                  unset($cp_data[$key]);
1151                              }
1152   
1153                              $sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . '
1154                                  SET ' . $db->sql_build_array('UPDATE', $cp_data) . "
1155                                  WHERE user_id = $user_id";
1156                              $db->sql_query($sql);
1157   
1158                              if (!$db->sql_affectedrows())
1159                              {
1160                                  $cp_data['user_id'] = (int) $user_id;
1161   
1162                                  $db->sql_return_on_error(true);
1163   
1164                                  $sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $cp_data);
1165                                  $db->sql_query($sql);
1166   
1167                                  $db->sql_return_on_error(false);
1168                              }
1169                          }
1170   
1171                          trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1172                      }
1173   
1174                      // Replace "error" strings with their real, localised form
1175                      $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1176                  }
1177   
1178                  $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
1179                  for ($i = 1; $i < 32; $i++)
1180                  {
1181                      $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
1182                      $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
1183                  }
1184   
1185                  $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
1186                  for ($i = 1; $i < 13; $i++)
1187                  {
1188                      $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
1189                      $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
1190                  }
1191                  $s_birthday_year_options = '';
1192   
1193                  $now = getdate();
1194                  $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
1195                  for ($i = $now['year'] - 100; $i < $now['year']; $i++)
1196                  {
1197                      $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
1198                      $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
1199                  }
1200                  unset($now);
1201   
1202                  $template->assign_vars(array(
1203                      'ICQ'            => $data['icq'],
1204                      'YIM'            => $data['yim'],
1205                      'AIM'            => $data['aim'],
1206                      'MSN'            => $data['msn'],
1207                      'JABBER'        => $data['jabber'],
1208                      'WEBSITE'        => $data['website'],
1209                      'LOCATION'        => $data['location'],
1210                      'OCCUPATION'    => $data['occupation'],
1211                      'INTERESTS'        => $data['interests'],
1212   
1213                      'S_BIRTHDAY_DAY_OPTIONS'    => $s_birthday_day_options,
1214                      'S_BIRTHDAY_MONTH_OPTIONS'    => $s_birthday_month_options,
1215                      'S_BIRTHDAY_YEAR_OPTIONS'    => $s_birthday_year_options,
1216                          
1217                      'S_PROFILE'        => true)
1218                  );
1219   
1220                  // Get additional profile fields and assign them to the template block var 'profile_fields'
1221                  $user->get_profile_fields($user_id);
1222   
1223                  $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
1224   
1225              break;
1226   
1227              case 'prefs':
1228   
1229                  include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1230   
1231                  $data = array(
1232                      'dateformat'        => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
1233                      'lang'                => basename(request_var('lang', $user_row['user_lang'])),
1234                      'tz'                => request_var('tz', (float) $user_row['user_timezone']),
1235                      'style'                => request_var('style', $user_row['user_style']),
1236                      'dst'                => request_var('dst', $user_row['user_dst']),
1237                      'viewemail'            => request_var('viewemail', $user_row['user_allow_viewemail']),
1238                      'massemail'            => request_var('massemail', $user_row['user_allow_massemail']),
1239                      'hideonline'        => request_var('hideonline', !$user_row['user_allow_viewonline']),
1240                      'notifymethod'        => request_var('notifymethod', $user_row['user_notify_type']),
1241                      'notifypm'            => request_var('notifypm', $user_row['user_notify_pm']),
1242                      'popuppm'            => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
1243                      'allowpm'            => request_var('allowpm', $user_row['user_allow_pm']),
1244   
1245                      'topic_sk'            => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
1246                      'topic_sd'            => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
1247                      'topic_st'            => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
1248   
1249                      'post_sk'            => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
1250                      'post_sd'            => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
1251                      'post_st'            => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
1252   
1253                      'view_images'        => request_var('view_images', $this->optionget($user_row, 'viewimg')),
1254                      'view_flash'        => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
1255                      'view_smilies'        => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
1256                      'view_sigs'            => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
1257                      'view_avatars'        => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
1258                      'view_wordcensor'    => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
1259   
1260                      'bbcode'    => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
1261                      'smilies'    => request_var('smilies', $this->optionget($user_row, 'smilies')),
1262                      'sig'        => request_var('sig', $this->optionget($user_row, 'attachsig')),
1263                      'notify'    => request_var('notify', $user_row['user_notify']),
1264                  );
1265   
1266                  if ($submit)
1267                  {
1268                      $error = validate_data($data, array(
1269                          'dateformat'    => array('string', false, 1, 30),
1270                          'lang'            => array('match', false, '#^[a-z_\-]{2,}$#i'),
1271                          'tz'            => array('num', false, -14, 14),
1272   
1273                          'topic_sk'        => array('string', false, 1, 1),
1274                          'topic_sd'        => array('string', false, 1, 1),
1275                          'post_sk'        => array('string', false, 1, 1),
1276                          'post_sd'        => array('string', false, 1, 1),
1277                      ));
1278   
1279                      if (!check_form_key($form_name))
1280                      {
1281                          $error[] = 'FORM_INVALID';
1282                      }
1283   
1284                      if (!sizeof($error))
1285                      {
1286                          $this->optionset($user_row, 'popuppm', $data['popuppm']);
1287                          $this->optionset($user_row, 'viewimg', $data['view_images']);
1288                          $this->optionset($user_row, 'viewflash', $data['view_flash']);
1289                          $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
1290                          $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
1291                          $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
1292                          $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
1293                          $this->optionset($user_row, 'bbcode', $data['bbcode']);
1294                          $this->optionset($user_row, 'smilies', $data['smilies']);
1295                          $this->optionset($user_row, 'attachsig', $data['sig']);
1296   
1297                          $sql_ary = array(
1298                              'user_options'            => $user_row['user_options'],
1299   
1300                              'user_allow_pm'            => $data['allowpm'],
1301                              'user_allow_viewemail'    => $data['viewemail'],
1302                              'user_allow_massemail'    => $data['massemail'],
1303                              'user_allow_viewonline'    => !$data['hideonline'],
1304                              'user_notify_type'        => $data['notifymethod'],
1305                              'user_notify_pm'        => $data['notifypm'],
1306   
1307                              'user_dst'                => $data['dst'],
1308                              'user_dateformat'        => $data['dateformat'],
1309                              'user_lang'                => $data['lang'],
1310                              'user_timezone'            => $data['tz'],
1311                              'user_style'            => $data['style'],
1312   
1313                              'user_topic_sortby_type'    => $data['topic_sk'],
1314                              'user_post_sortby_type'        => $data['post_sk'],
1315                              'user_topic_sortby_dir'        => $data['topic_sd'],
1316                              'user_post_sortby_dir'        => $data['post_sd'],
1317   
1318                              'user_topic_show_days'    => $data['topic_st'],
1319                              'user_post_show_days'    => $data['post_st'],
1320   
1321                              'user_notify'    => $data['notify'],
1322                          );
1323   
1324                          $sql = 'UPDATE ' . USERS_TABLE . '
1325                              SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1326                              WHERE user_id = $user_id";
1327                          $db->sql_query($sql);
1328   
1329                          trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1330                      }
1331   
1332                      // Replace "error" strings with their real, localised form
1333                      $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1334                  }
1335   
1336                  $dateformat_options = '';
1337                  foreach ($user->lang['dateformats'] as $format => $null)
1338                  {
1339                      $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
1340                      $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
1341                      $dateformat_options .= '</option>';
1342                  }
1343   
1344                  $s_custom = false;
1345   
1346                  $dateformat_options .= '<option value="custom"';
1347                  if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
1348                  {
1349                      $dateformat_options .= ' selected="selected"';
1350                      $s_custom = true;
1351                  }
1352                  $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
1353   
1354                  $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1355   
1356                  // Topic ordering options
1357                  $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1358                  $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
1359   
1360                  // Post ordering options
1361                  $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1362                  $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
1363   
1364                  $_options = array('topic', 'post');
1365                  foreach ($_options as $sort_option)
1366                  {
1367                      ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
1368                      foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
1369                      {
1370                          $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
1371                          ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
1372                      }
1373                      ${'s_limit_' . $sort_option . '_days'} .= '</select>';
1374   
1375                      ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
1376                      foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
1377                      {
1378                          $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
1379                          ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
1380                      }
1381                      ${'s_sort_' . $sort_option . '_key'} .= '</select>';
1382   
1383                      ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
1384                      foreach ($sort_dir_text as $key => $value)
1385                      {
1386                          $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
1387                          ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1388                      }
1389                      ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
1390                  }
1391   
1392                  $template->assign_vars(array(
1393                      'S_PREFS'            => true,
1394                      'S_JABBER_DISABLED'    => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
1395                      
1396                      'VIEW_EMAIL'        => $data['viewemail'],
1397                      'MASS_EMAIL'        => $data['massemail'],
1398                      'ALLOW_PM'            => $data['allowpm'],
1399                      'HIDE_ONLINE'        => $data['hideonline'],
1400                      'NOTIFY_EMAIL'        => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
1401                      'NOTIFY_IM'            => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
1402                      'NOTIFY_BOTH'        => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
1403                      'NOTIFY_PM'            => $data['notifypm'],
1404                      'POPUP_PM'            => $data['popuppm'],
1405                      'DST'                => $data['dst'],
1406                      'BBCODE'            => $data['bbcode'],
1407                      'SMILIES'            => $data['smilies'],
1408                      'ATTACH_SIG'        => $data['sig'],
1409                      'NOTIFY'            => $data['notify'],
1410                      'VIEW_IMAGES'        => $data['view_images'],
1411                      'VIEW_FLASH'        => $data['view_flash'],
1412                      'VIEW_SMILIES'        => $data['view_smilies'],
1413                      'VIEW_SIGS'            => $data['view_sigs'],
1414                      'VIEW_AVATARS'        => $data['view_avatars'],
1415                      'VIEW_WORDCENSOR'    => $data['view_wordcensor'],
1416                      
1417                      'S_TOPIC_SORT_DAYS'        => $s_limit_topic_days,
1418                      'S_TOPIC_SORT_KEY'        => $s_sort_topic_key,
1419                      'S_TOPIC_SORT_DIR'        => $s_sort_topic_dir,
1420                      'S_POST_SORT_DAYS'        => $s_limit_post_days,
1421                      'S_POST_SORT_KEY'        => $s_sort_post_key,
1422                      'S_POST_SORT_DIR'        => $s_sort_post_dir,
1423   
1424                      'DATE_FORMAT'            => $data['dateformat'],
1425                      'S_DATEFORMAT_OPTIONS'    => $dateformat_options,
1426                      'S_CUSTOM_DATEFORMAT'    => $s_custom,
1427                      'DEFAULT_DATEFORMAT'    => $config['default_dateformat'],
1428                      'A_DEFAULT_DATEFORMAT'    => addslashes($config['default_dateformat']),
1429   
1430                      'S_LANG_OPTIONS'    => language_select($data['lang']),
1431                      'S_STYLE_OPTIONS'    => style_select($data['style']),
1432                      'S_TZ_OPTIONS'        => tz_select($data['tz'], true),
1433                      )
1434                  );
1435   
1436              break;
1437   
1438              case 'avatar':
1439   
1440                  include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1441                  include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1442   
1443                  $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
1444   
1445                  if ($submit)
1446                  {
1447   
1448                      if (!check_form_key($form_name))
1449                      {
1450                              trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1451                      }
1452   
1453                      if (avatar_process_user($error, $user_row))
1454                      {
1455                          trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_row['user_id']));
1456                      }
1457   
1458                      // Replace "error" strings with their real, localised form
1459                      $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1460                  }
1461   
1462                  // Generate users avatar
1463                  $avatar_img = ($user_row['user_avatar']) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
1464   
1465                  $display_gallery = (isset($_POST['display_gallery'])) ? true : false;
1466                  $avatar_select = basename(request_var('avatar_select', ''));
1467                  $category = basename(request_var('category', ''));
1468   
1469                  if ($config['allow_avatar_local'] && $display_gallery)
1470                  {
1471                      avatar_gallery($category, $avatar_select, 4);
1472                  }
1473   
1474                  $template->assign_vars(array(
1475                      'S_AVATAR'            => true,
1476                      'S_CAN_UPLOAD'        => ($can_upload && $config['allow_avatar_upload']) ? true : false,
1477                      'S_ALLOW_REMOTE'    => ($config['allow_avatar_remote']) ? true : false,
1478                      'S_DISPLAY_GALLERY'    => ($config['allow_avatar_local'] && !$display_gallery) ? true : false,
1479                      'S_IN_GALLERY'        => ($config['allow_avatar_local'] && $display_gallery) ? true : false,
1480   
1481                      'AVATAR_IMAGE'            => $avatar_img,
1482                      'AVATAR_MAX_FILESIZE'    => $config['avatar_filesize'],
1483                      'USER_AVATAR_WIDTH'        => $user_row['user_avatar_width'],
1484                      'USER_AVATAR_HEIGHT'    => $user_row['user_avatar_height'],
1485   
1486                      'L_AVATAR_EXPLAIN'    => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
1487                  );
1488   
1489              break;
1490   
1491              case 'rank':
1492   
1493                  if ($submit)
1494                  {
1495                      if (!check_form_key($form_name))
1496                      {
1497                          trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1498                      }
1499   
1500                      $rank_id = request_var('user_rank', 0);
1501   
1502                      $sql = 'UPDATE ' . USERS_TABLE . "
1503                          SET user_rank = $rank_id
1504                          WHERE user_id = $user_id";
1505                      $db->sql_query($sql);
1506   
1507                      trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1508                  }
1509                  
1510                  $sql = 'SELECT *
1511                      FROM ' . RANKS_TABLE . '
1512                      WHERE rank_special = 1
1513                      ORDER BY rank_title';
1514                  $result = $db->sql_query($sql);
1515   
1516                  $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
1517   
1518                  while ($row = $db->sql_fetchrow($result))
1519                  {
1520                      $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
1521                      $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
1522                  }
1523                  $db->sql_freeresult($result);
1524   
1525                  $template->assign_vars(array(
1526                      'S_RANK'            => true,
1527                      'S_RANK_OPTIONS'    => $s_rank_options)
1528                  );
1529   
1530              break;
1531              
1532              case 'sig':
1533              
1534                  include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
1535                  include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1536   
1537                  $enable_bbcode    = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', !$user->optionget('bbcode'))) ? false : true) : false;
1538                  $enable_smilies    = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', !$user->optionget('smilies'))) ? false : true) : false;
1539                  $enable_urls    = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
1540                  $signature        = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
1541   
1542                  $preview        = (isset($_POST['preview'])) ? true : false;
1543   
1544                  if ($submit || $preview)
1545                  {
1546                      include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
1547   
1548                      $message_parser = new parse_message($signature);
1549   
1550                      // Allowing Quote BBCode
1551                      $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
1552                          
1553                      if (sizeof($message_parser->warn_msg))
1554                      {
1555                          $error[] = implode('<br />', $message_parser->warn_msg);
1556                      }
1557   
1558                      if (!check_form_key($form_name))
1559                      {
1560                          $error = 'FORM_INVALID';
1561                      }
1562   
1563                      if (!sizeof($error) && $submit)
1564                      {
1565                          $sql_ary = array(
1566                              'user_sig'                    => (string) $message_parser->message,
1567                              'user_sig_bbcode_uid'        => (string) $message_parser->bbcode_uid,
1568                              'user_sig_bbcode_bitfield'    => (string) $message_parser->bbcode_bitfield
1569                          );
1570   
1571                          $sql = 'UPDATE ' . USERS_TABLE . '
1572                              SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
1573                              WHERE user_id = ' . $user_id;
1574                          $db->sql_query($sql);
1575   
1576                          trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1577                      }
1578      
1579                      // Replace "error" strings with their real, localised form
1580                      $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1581                  }
1582                  
1583                  $signature_preview = '';
1584                  
1585                  if ($preview)
1586                  {
1587                      // Now parse it for displaying
1588                      $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
1589                      unset($message_parser);
1590                  }
1591   
1592                  decode_message($signature, $user_row['user_sig_bbcode_uid']);
1593   
1594                  $template->assign_vars(array(
1595                      'S_SIGNATURE'        => true,
1596   
1597                      'SIGNATURE'            => $signature,
1598                      'SIGNATURE_PREVIEW'    => $signature_preview,
1599   
1600                      'S_BBCODE_CHECKED'        => (!$enable_bbcode) ? ' checked="checked"' : '',
1601                      'S_SMILIES_CHECKED'        => (!$enable_smilies) ? ' checked="checked"' : '',
1602                      'S_MAGIC_URL_CHECKED'    => (!$enable_urls) ? ' checked="checked"' : '',
1603   
1604                      'BBCODE_STATUS'            => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1605                      'SMILIES_STATUS'        => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1606                      'IMG_STATUS'            => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1607                      'FLASH_STATUS'            => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1608                      'URL_STATUS'            => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1609   
1610                      'L_SIGNATURE_EXPLAIN'    => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
1611   
1612                      'S_BBCODE_ALLOWED'        => $config['allow_sig_bbcode'],
1613                      'S_SMILIES_ALLOWED'        => $config['allow_sig_smilies'],
1614                      'S_BBCODE_IMG'            => ($config['allow_sig_img']) ? true : false,
1615                      'S_BBCODE_FLASH'        => ($config['allow_sig_flash']) ? true : false,
1616                      'S_LINKS_ALLOWED'        => ($config['allow_sig_links']) ? true : false)
1617                  );
1618   
1619                  // Assigning custom bbcodes
1620                  display_custom_bbcodes();
1621   
1622              break;
1623   
1624              case 'attach':
1625   
1626                  $start        = request_var('start', 0);
1627                  $deletemark = (isset($_POST['delmarked'])) ? true : false;
1628                  $marked        = request_var('mark', array(0));
1629   
1630                  // Sort keys
1631                  $sort_key    = request_var('sk', 'a');
1632                  $sort_dir    = request_var('sd', 'd');
1633   
1634                  if ($deletemark && sizeof($marked))
1635                  {
1636                      $sql = 'SELECT attach_id
1637                          FROM ' . ATTACHMENTS_TABLE . '
1638                          WHERE poster_id = ' . $user_id . '
1639                              AND is_orphan = 0
1640                              AND ' . $db->sql_in_set('attach_id', $marked);
1641                      $result = $db->sql_query($sql);
1642   
1643                      $marked = array();
1644                      while ($row = $db->sql_fetchrow($result))
1645                      {
1646                          $marked[] = $row['attach_id'];
1647                      }
1648                      $db->sql_freeresult($result);
1649                  }
1650   
1651                  if ($deletemark && sizeof($marked))
1652                  {
1653                      if (confirm_box(true))
1654                      {
1655                          $sql = 'SELECT real_filename
1656                              FROM ' . ATTACHMENTS_TABLE . '
1657                              WHERE ' . $db->sql_in_set('attach_id', $marked);
1658                          $result = $db->sql_query($sql);
1659   
1660                          $log_attachments = array();
1661                          while ($row = $db->sql_fetchrow($result))
1662                          {
1663                              $log_attachments[] = $row['real_filename'];
1664                          }
1665                          $db->sql_freeresult($result);
1666   
1667                          delete_attachments('attach', $marked);
1668   
1669                          $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
1670   
1671                          add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
1672                          trigger_error($message . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1673                      }
1674                      else
1675                      {
1676                          confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1677                              'u'                => $user_id,
1678                              'i'                => $id,
1679                              'mode'            => $mode,
1680                              'action'        => $action,
1681                              'delmarked'        => true,
1682                              'mark'            => $marked))
1683                          );
1684                      }
1685                  }
1686   
1687                  $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
1688                  $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
1689   
1690                  $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1691   
1692                  $s_sort_key = '';
1693                  foreach ($sk_text as $key => $value)
1694                  {
1695                      $selected = ($sort_key == $key) ? ' selected="selected"' : '';
1696                      $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1697                  }
1698   
1699                  $s_sort_dir = '';
1700                  foreach ($sd_text as $key => $value)
1701                  {
1702                      $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
1703                      $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1704                  }
1705   
1706                  if (!isset($sk_sql[$sort_key]))
1707                  {
1708                      $sort_key = 'a';
1709                  }
1710   
1711                  $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1712   
1713                  $sql = 'SELECT COUNT(attach_id) as num_attachments
1714                      FROM ' . ATTACHMENTS_TABLE . "
1715                      WHERE poster_id = $user_id
1716                          AND is_orphan = 0";
1717                  $result = $db->sql_query_limit($sql, 1);
1718                  $num_attachments = (int) $db->sql_fetchfield('num_attachments');
1719                  $db->sql_freeresult($result);
1720   
1721                  $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
1722                      FROM ' . ATTACHMENTS_TABLE . ' a
1723                          LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
1724                              AND a.in_message = 0)
1725                          LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
1726                              AND a.in_message = 1)
1727                      WHERE a.poster_id = ' . $user_id . "
1728                          AND a.is_orphan = 0
1729                      ORDER BY $order_by";
1730                  $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
1731   
1732                  while ($row = $db->sql_fetchrow($result))
1733                  {
1734                      if ($row['in_message'])
1735                      {
1736                          $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&amp;p={$row['post_msg_id']}");
1737                      }
1738                      else
1739                      {
1740                          $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&amp;p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
1741                      }
1742   
1743                      $template->assign_block_vars('attach', array(
1744                          'REAL_FILENAME'        => $row['real_filename'],
1745                          'COMMENT'            => nl2br($row['attach_comment']),
1746                          'EXTENSION'            => $row['extension'],
1747                          'SIZE'                => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
1748                          'DOWNLOAD_COUNT'    => $row['download_count'],
1749                          'POST_TIME'            => $user->format_date($row['filetime']),
1750                          'TOPIC_TITLE'        => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
1751   
1752                          'ATTACH_ID'            => $row['attach_id'],
1753                          'POST_ID'            => $row['post_msg_id'],
1754                          'TOPIC_ID'            => $row['topic_id'],
1755                  
1756                          'S_IN_MESSAGE'        => $row['in_message'],
1757   
1758                          'U_DOWNLOAD'        => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&amp;id=' . $row['attach_id']),
1759                          'U_VIEW_TOPIC'        => $view_topic)
1760                      );
1761                  }
1762                  $db->sql_freeresult($result);
1763          
1764                  $template->assign_vars(array(
1765                      'S_ATTACHMENTS'        => true,
1766                      'S_ON_PAGE'            => on_page($num_attachments, $config['topics_per_page'], $start),
1767                      'S_SORT_KEY'        => $s_sort_key,
1768                      'S_SORT_DIR'        => $s_sort_dir,
1769   
1770                      'PAGINATION'        => generate_pagination($this->u_action . "&amp;u=$user_id&amp;sk=$sort_key&amp;sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start, true))
1771                  );
1772   
1773              break;
1774          
1775              case 'groups':
1776   
1777                  include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1778   
1779                  $user->add_lang(array('groups', 'acp/groups'));
1780                  $group_id = request_var('g', 0);
1781                  
1782                  if ($group_id)
1783                  {
1784                      // Check the founder only entry for this group to make sure everything is well
1785                      $sql = 'SELECT group_founder_manage
1786                          FROM ' . GROUPS_TABLE . '
1787                          WHERE group_id = ' . $group_id;
1788                      $result = $db->sql_query($sql);
1789                      $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
1790                      $db->sql_freeresult($result);
1791                      
1792                      if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
1793                      {
1794                          trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1795                      }
1796                  }
1797                  else
1798                  {
1799                      $founder_manage = 0;
1800                  }
1801                  
1802                  switch ($action)
1803                  {
1804                      case 'demote':
1805                      case 'promote':
1806                      case 'default':
1807                          if (!$group_id)
1808                          {
1809                              trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1810                          }
1811                          group_user_attributes($action, $group_id, $user_id);
1812   
1813                          if ($action == 'default')
1814                          {
1815                              $user_row['group_id'] = $group_id;
1816                          }
1817                      break;
1818   
1819                      case 'delete':
1820   
1821                          if (confirm_box(true))
1822                          {
1823                              if (!$group_id)
1824                              {
1825                                  trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1826                              }
1827   
1828                              if ($error = group_user_del($group_id, $user_id))
1829                              {
1830                                  trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1831                              }
1832                          
1833                              $error = array();
1834                          }
1835                          else
1836                          {
1837                              confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1838                                  'u'                => $user_id,
1839                                  'i'                => $id,
1840                                  'mode'            => $mode,
1841                                  'action'        => $action,
1842                                  'g'                => $group_id))
1843                              );
1844                          }
1845      
1846                      break;
1847                  }
1848   
1849                  // Add user to group?
1850                  if ($submit)
1851                  {
1852   
1853                      if (!check_form_key($form_name))
1854                      {
1855                          trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1856                      }
1857   
1858                      if (!$group_id)
1859                      {
1860                          trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1861                      }
1862   
1863                      // Add user/s to group
1864                      if ($error = group_user_add($group_id, $user_id))
1865                      {
1866                          trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1867                      }
1868   
1869                      $error = array();
1870                  }
1871   
1872   
1873                  $sql = 'SELECT ug.*, g.*
1874                      FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
1875                      WHERE ug.user_id = $user_id
1876                          AND g.group_id = ug.group_id
1877                      ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
1878                  $result = $db->sql_query($sql);
1879   
1880                  $i = 0;
1881                  $group_data = $id_ary = array();
1882                  while ($row = $db->sql_fetchrow($result))
1883                  {
1884                      $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
1885   
1886                      $group_data[$type][$i]['group_id']        = $row['group_id'];
1887                      $group_data[$type][$i]['group_name']    = $row['group_name'];
1888                      $group_data[$type][$i]['group_leader']    = ($row['group_leader']) ? 1 : 0;
1889   
1890                      $id_ary[] = $row['group_id'];
1891   
1892                      $i++;
1893                  }
1894                  $db->sql_freeresult($result);
1895   
1896                  // Select box for other groups
1897                  $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
1898                      FROM ' . GROUPS_TABLE . '
1899                      ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
1900                      ORDER BY group_type DESC, group_name ASC';
1901                  $result = $db->sql_query($sql);
1902   
1903                  $s_group_options = '';
1904                  while ($row = $db->sql_fetchrow($result))
1905                  {
1906                      if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
1907                      {
1908                          continue;
1909                      }
1910   
1911                      // Do not display those groups not allowed to be managed
1912                      if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
1913                      {
1914                          continue;
1915                      }
1916   
1917                      $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
1918                  }
1919                  $db->sql_freeresult($result);
1920   
1921                  $current_type = '';
1922                  foreach ($group_data as $group_type => $data_ary)
1923                  {
1924                      if ($current_type != $group_type)
1925                      {
1926                          $template->assign_block_vars('group', array(
1927                              'S_NEW_GROUP_TYPE'        => true,
1928                              'GROUP_TYPE'            => $user->lang['USER_GROUP_' . strtoupper($group_type)])
1929                          );
1930                      }
1931   
1932                      foreach ($data_ary as $data)
1933                      {
1934                          $template->assign_block_vars('group', array(
1935                              'U_EDIT_GROUP'        => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&amp;mode=manage&amp;action=edit&amp;u=$user_id&amp;g={$data['group_id']}&amp;back_link=acp_users_groups"),
1936                              'U_DEFAULT'            => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'],
1937                              'U_DEMOTE_PROMOTE'    => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'],
1938                              'U_DELETE'            => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'],
1939   
1940                              'GROUP_NAME'        => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
1941                              'L_DEMOTE_PROMOTE'    => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
1942   
1943                              'S_NO_DEFAULT'        => ($user_row['group_id'] != $data['group_id']) ? true : false,
1944                              'S_SPECIAL_GROUP'    => ($group_type == 'special') ? true : false,
1945                              )
1946                          );
1947                      }
1948                  }
1949   
1950                  $template->assign_vars(array(
1951                      'S_GROUPS'            => true,
1952                      'S_GROUP_OPTIONS'    => $s_group_options)
1953                  );
1954   
1955              break;
1956   
1957              case 'perm':
1958   
1959                  include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
1960   
1961                  $auth_admin = new auth_admin();
1962   
1963                  $user->add_lang('acp/permissions');
1964                  add_permission_language();
1965   
1966                  $forum_id = request_var('f', 0);
1967   
1968                  // Global Permissions
1969                  if (!$forum_id)
1970                  {
1971                      // Select auth options
1972                      $sql = 'SELECT auth_option, is_local, is_global
1973                          FROM ' . ACL_OPTIONS_TABLE . '
1974                          WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
1975                              AND is_global = 1
1976                          ORDER BY auth_option';
1977                      $result = $db->sql_query($sql);
1978   
1979                      $hold_ary = array();
1980                      
1981                      while ($row = $db->sql_fetchrow($result))
1982                      {
1983                          $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
1984                          $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
1985                      }
1986                      $db->sql_freeresult($result);
1987   
1988                      unset($hold_ary);
1989                  }
1990                  else
1991                  {
1992                      $sql = 'SELECT auth_option, is_local, is_global
1993                          FROM ' . ACL_OPTIONS_TABLE . "
1994                          WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
1995                              AND is_local = 1
1996                          ORDER BY is_global DESC, auth_option";
1997                      $result = $db->sql_query($sql);
1998   
1999                      while ($row = $db->sql_fetchrow($result))
2000                      {
2001                          $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
2002                          $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
2003                      }
2004                      $db->sql_freeresult($result);
2005                  }
2006   
2007                  $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
2008                  $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
2009   
2010                  $template->assign_vars(array(
2011                      'S_PERMISSIONS'                => true,
2012   
2013                      'S_GLOBAL'                    => (!$forum_id) ? true : false,
2014                      'S_FORUM_OPTIONS'            => $s_forum_options,
2015   
2016                      'U_ACTION'                    => $this->u_action . '&amp;u=' . $user_id,
2017                      'U_USER_PERMISSIONS'        => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&amp;mode=setting_user_global&amp;user_id[]=' . $user_id),
2018                      'U_USER_FORUM_PERMISSIONS'    => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&amp;mode=setting_user_local&amp;user_id[]=' . $user_id))
2019                  );
2020              
2021              break;
2022   
2023          }
2024   
2025          // Assign general variables
2026          $template->assign_vars(array(
2027              'S_ERROR'            => (sizeof($error)) ? true : false,
2028              'ERROR_MSG'            => (sizeof($error)) ? implode('<br />', $error) : '')
2029          );
2030      }
2031   
2032      /**
2033      * Optionset replacement for this module based on $user->optionset
2034      */
2035      function optionset(&$user_row, $key, $value, $data = false)
2036      {
2037          global $user;
2038   
2039          $var = ($data) ? $data : $user_row['user_options'];
2040   
2041          if ($value && !($var & 1 << $user->keyoptions[$key]))
2042          {
2043              $var += 1 << $user->keyoptions[$key];
2044          }
2045          else if (!$value && ($var & 1 << $user->keyoptions[$key]))
2046          {
2047              $var -= 1 << $user->keyoptions[$key];
2048          }
2049          else
2050          {
2051              return ($data) ? $var : false;
2052          }
2053   
2054          if (!$data)
2055          {
2056              $user_row['user_options'] = $var;
2057              return true;
2058          }
2059          else
2060          {
2061              return $var;
2062          }
2063      }
2064   
2065      /**
2066      * Optionget replacement for this module based on $user->optionget
2067      */
2068      function optionget(&$user_row, $key, $data = false)
2069      {
2070          global $user;
2071   
2072          $var = ($data) ? $data : $user_row['user_options'];
2073          return ($var & 1 << $user->keyoptions[$key]) ? true : false;
2074      }
2075  }
2076   
2077  ?>