Verzeichnisstruktur phpBB-3.1.0
- Veröffentlicht
- 27.10.2014
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
acp_users.php
0001 <?php
0002 /**
0003 *
0004 * This file is part of the phpBB Forum Software package.
0005 *
0006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
0007 * @license GNU General Public License, version 2 (GPL-2.0)
0008 *
0009 * For full copyright and license information, please see
0010 * the docs/CREDITS.txt file.
0011 *
0012 */
0013
0014 /**
0015 * @ignore
0016 */
0017 if (!defined('IN_PHPBB'))
0018 {
0019 exit;
0020 }
0021
0022 class acp_users
0023 {
0024 var $u_action;
0025 var $p_master;
0026
0027 function acp_users(&$p_master)
0028 {
0029 $this->p_master = &$p_master;
0030 }
0031
0032 function main($id, $mode)
0033 {
0034 global $config, $db, $user, $auth, $template, $cache;
0035 global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
0036 global $phpbb_dispatcher, $request;
0037 global $phpbb_container;
0038
0039 $user->add_lang(array('posting', 'ucp', 'acp/users'));
0040 $this->tpl_name = 'acp_users';
0041
0042 $error = array();
0043 $username = utf8_normalize_nfc(request_var('username', '', true));
0044 $user_id = request_var('u', 0);
0045 $action = request_var('action', '');
0046
0047 $submit = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
0048
0049 $form_name = 'acp_users';
0050 add_form_key($form_name);
0051
0052 // Whois (special case)
0053 if ($action == 'whois')
0054 {
0055 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0056
0057 $this->page_title = 'WHOIS';
0058 $this->tpl_name = 'simple_body';
0059
0060 $user_ip = phpbb_ip_normalise(request_var('user_ip', ''));
0061 $domain = gethostbyaddr($user_ip);
0062 $ipwhois = user_ipwhois($user_ip);
0063
0064 $template->assign_vars(array(
0065 'MESSAGE_TITLE' => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
0066 'MESSAGE_TEXT' => nl2br($ipwhois))
0067 );
0068
0069 return;
0070 }
0071
0072 // Show user selection mask
0073 if (!$username && !$user_id)
0074 {
0075 $this->page_title = 'SELECT_USER';
0076
0077 $template->assign_vars(array(
0078 'U_ACTION' => $this->u_action,
0079 'ANONYMOUS_USER_ID' => ANONYMOUS,
0080
0081 'S_SELECT_USER' => true,
0082 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username&select_single=true'),
0083 ));
0084
0085 return;
0086 }
0087
0088 if (!$user_id)
0089 {
0090 $sql = 'SELECT user_id
0091 FROM ' . USERS_TABLE . "
0092 WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
0093 $result = $db->sql_query($sql);
0094 $user_id = (int) $db->sql_fetchfield('user_id');
0095 $db->sql_freeresult($result);
0096
0097 if (!$user_id)
0098 {
0099 trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0100 }
0101 }
0102
0103 // Generate content for all modes
0104 $sql = 'SELECT u.*, s.*
0105 FROM ' . USERS_TABLE . ' u
0106 LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
0107 WHERE u.user_id = ' . $user_id . '
0108 ORDER BY s.session_time DESC';
0109 $result = $db->sql_query_limit($sql, 1);
0110 $user_row = $db->sql_fetchrow($result);
0111 $db->sql_freeresult($result);
0112
0113 if (!$user_row)
0114 {
0115 trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
0116 }
0117
0118 // Generate overall "header" for user admin
0119 $s_form_options = '';
0120
0121 // Build modes dropdown list
0122 $sql = 'SELECT module_mode, module_auth
0123 FROM ' . MODULES_TABLE . "
0124 WHERE module_basename = 'acp_users'
0125 AND module_enabled = 1
0126 AND module_class = 'acp'
0127 ORDER BY left_id, module_mode";
0128 $result = $db->sql_query($sql);
0129
0130 $dropdown_modes = array();
0131 while ($row = $db->sql_fetchrow($result))
0132 {
0133 if (!$this->p_master->module_auth_self($row['module_auth']))
0134 {
0135 continue;
0136 }
0137
0138 $dropdown_modes[$row['module_mode']] = true;
0139 }
0140 $db->sql_freeresult($result);
0141
0142 foreach ($dropdown_modes as $module_mode => $null)
0143 {
0144 $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
0145 $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
0146 }
0147
0148 $template->assign_vars(array(
0149 'U_BACK' => $this->u_action,
0150 'U_MODE_SELECT' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&u=$user_id"),
0151 'U_ACTION' => $this->u_action . '&u=' . $user_id,
0152 'S_FORM_OPTIONS' => $s_form_options,
0153 'MANAGED_USERNAME' => $user_row['username'])
0154 );
0155
0156 // Prevent normal users/admins change/view founders if they are not a founder by themselves
0157 if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
0158 {
0159 trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
0160 }
0161
0162 $this->page_title = $user_row['username'] . ' :: ' . $user->lang('ACP_USER_' . strtoupper($mode));
0163
0164 switch ($mode)
0165 {
0166 case 'overview':
0167
0168 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
0169
0170 $user->add_lang('acp/ban');
0171
0172 $delete = request_var('delete', 0);
0173 $delete_type = request_var('delete_type', '');
0174 $ip = request_var('ip', 'ip');
0175
0176 if ($submit)
0177 {
0178 if ($delete)
0179 {
0180 if (!$auth->acl_get('a_userdel'))
0181 {
0182 trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0183 }
0184
0185 // Check if the user wants to remove himself or the guest user account
0186 if ($user_id == ANONYMOUS)
0187 {
0188 trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0189 }
0190
0191 // Founders can not be deleted.
0192 if ($user_row['user_type'] == USER_FOUNDER)
0193 {
0194 trigger_error($user->lang['CANNOT_REMOVE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0195 }
0196
0197 if ($user_id == $user->data['user_id'])
0198 {
0199 trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0200 }
0201
0202 if ($delete_type)
0203 {
0204 if (confirm_box(true))
0205 {
0206 user_delete($delete_type, $user_id, $user_row['username']);
0207
0208 add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
0209 trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
0210 }
0211 else
0212 {
0213 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0214 'u' => $user_id,
0215 'i' => $id,
0216 'mode' => $mode,
0217 'action' => $action,
0218 'update' => true,
0219 'delete' => 1,
0220 'delete_type' => $delete_type))
0221 );
0222 }
0223 }
0224 else
0225 {
0226 trigger_error($user->lang['NO_MODE'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0227 }
0228 }
0229
0230 // Handle quicktool actions
0231 switch ($action)
0232 {
0233 case 'banuser':
0234 case 'banemail':
0235 case 'banip':
0236
0237 if ($user_id == $user->data['user_id'])
0238 {
0239 trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0240 }
0241
0242 if ($user_id == ANONYMOUS)
0243 {
0244 trigger_error($user->lang['CANNOT_BAN_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0245 }
0246
0247 if ($user_row['user_type'] == USER_FOUNDER)
0248 {
0249 trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0250 }
0251
0252 if (!check_form_key($form_name))
0253 {
0254 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0255 }
0256
0257 $ban = array();
0258
0259 switch ($action)
0260 {
0261 case 'banuser':
0262 $ban[] = $user_row['username'];
0263 $reason = 'USER_ADMIN_BAN_NAME_REASON';
0264 $log = 'LOG_USER_BAN_USER';
0265 break;
0266
0267 case 'banemail':
0268 $ban[] = $user_row['user_email'];
0269 $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
0270 $log = 'LOG_USER_BAN_EMAIL';
0271 break;
0272
0273 case 'banip':
0274 $ban[] = $user_row['user_ip'];
0275
0276 $sql = 'SELECT DISTINCT poster_ip
0277 FROM ' . POSTS_TABLE . "
0278 WHERE poster_id = $user_id";
0279 $result = $db->sql_query($sql);
0280
0281 while ($row = $db->sql_fetchrow($result))
0282 {
0283 $ban[] = $row['poster_ip'];
0284 }
0285 $db->sql_freeresult($result);
0286
0287 $reason = 'USER_ADMIN_BAN_IP_REASON';
0288 $log = 'LOG_USER_BAN_IP';
0289 break;
0290 }
0291
0292 $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
0293 $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
0294
0295 // Log not used at the moment, we simply utilize the ban function.
0296 $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
0297
0298 trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&u=' . $user_id));
0299
0300 break;
0301
0302 case 'reactivate':
0303
0304 if ($user_id == $user->data['user_id'])
0305 {
0306 trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0307 }
0308
0309 if (!check_form_key($form_name))
0310 {
0311 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0312 }
0313
0314 if ($user_row['user_type'] == USER_FOUNDER)
0315 {
0316 trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0317 }
0318
0319 if ($user_row['user_type'] == USER_IGNORE)
0320 {
0321 trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0322 }
0323
0324 if ($config['email_enable'])
0325 {
0326 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
0327
0328 $server_url = generate_board_url();
0329
0330 $user_actkey = gen_rand_string(mt_rand(6, 10));
0331 $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
0332
0333 if ($user_row['user_type'] == USER_NORMAL)
0334 {
0335 user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
0336
0337 $sql = 'UPDATE ' . USERS_TABLE . "
0338 SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
0339 WHERE user_id = $user_id";
0340 $db->sql_query($sql);
0341 }
0342 else
0343 {
0344 // Grabbing the last confirm key - we only send a reminder
0345 $sql = 'SELECT user_actkey
0346 FROM ' . USERS_TABLE . '
0347 WHERE user_id = ' . $user_id;
0348 $result = $db->sql_query($sql);
0349 $user_actkey = (string) $db->sql_fetchfield('user_actkey');
0350 $db->sql_freeresult($result);
0351 }
0352
0353 $messenger = new messenger(false);
0354
0355 $messenger->template($email_template, $user_row['user_lang']);
0356
0357 $messenger->set_addresses($user_row);
0358
0359 $messenger->anti_abuse_headers($config, $user);
0360
0361 $messenger->assign_vars(array(
0362 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
0363 'USERNAME' => htmlspecialchars_decode($user_row['username']),
0364 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
0365 );
0366
0367 $messenger->send(NOTIFY_EMAIL);
0368
0369 add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
0370 add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
0371
0372 trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&u=' . $user_id));
0373 }
0374
0375 break;
0376
0377 case 'active':
0378
0379 if ($user_id == $user->data['user_id'])
0380 {
0381 // It is only deactivation since the user is already activated (else he would not have reached this page)
0382 trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0383 }
0384
0385 if (!check_form_key($form_name))
0386 {
0387 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0388 }
0389
0390 if ($user_row['user_type'] == USER_FOUNDER)
0391 {
0392 trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0393 }
0394
0395 if ($user_row['user_type'] == USER_IGNORE)
0396 {
0397 trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0398 }
0399
0400 user_active_flip('flip', $user_id);
0401
0402 if ($user_row['user_type'] == USER_INACTIVE)
0403 {
0404 if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
0405 {
0406 $phpbb_notifications = $phpbb_container->get('notification_manager');
0407 $phpbb_notifications->delete_notifications('notification.type.admin_activate_user', $user_row['user_id']);
0408
0409 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
0410
0411 $messenger = new messenger(false);
0412
0413 $messenger->template('admin_welcome_activated', $user_row['user_lang']);
0414
0415 $messenger->set_addresses($user_row);
0416
0417 $messenger->anti_abuse_headers($config, $user);
0418
0419 $messenger->assign_vars(array(
0420 'USERNAME' => htmlspecialchars_decode($user_row['username']))
0421 );
0422
0423 $messenger->send(NOTIFY_EMAIL);
0424 }
0425 }
0426
0427 $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
0428 $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
0429
0430 add_log('admin', $log, $user_row['username']);
0431 add_log('user', $user_id, $log . '_USER');
0432
0433 trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id));
0434
0435 break;
0436
0437 case 'delsig':
0438
0439 if (!check_form_key($form_name))
0440 {
0441 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0442 }
0443
0444 $sql_ary = array(
0445 'user_sig' => '',
0446 'user_sig_bbcode_uid' => '',
0447 'user_sig_bbcode_bitfield' => ''
0448 );
0449
0450 $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
0451 WHERE user_id = $user_id";
0452 $db->sql_query($sql);
0453
0454 add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
0455 add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
0456
0457 trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0458
0459 break;
0460
0461 case 'delavatar':
0462
0463 if (!check_form_key($form_name))
0464 {
0465 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0466 }
0467
0468 // Delete old avatar if present
0469 $phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
0470 $phpbb_avatar_manager->handle_avatar_delete($db, $user, $phpbb_avatar_manager->clean_row($user_row, 'user'), USERS_TABLE, 'user_');
0471
0472 add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
0473 add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
0474
0475 trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0476 break;
0477
0478 case 'delposts':
0479
0480 if (confirm_box(true))
0481 {
0482 // Delete posts, attachments, etc.
0483 delete_posts('poster_id', $user_id);
0484
0485 add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
0486 trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0487 }
0488 else
0489 {
0490 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0491 'u' => $user_id,
0492 'i' => $id,
0493 'mode' => $mode,
0494 'action' => $action,
0495 'update' => true))
0496 );
0497 }
0498
0499 break;
0500
0501 case 'delattach':
0502
0503 if (confirm_box(true))
0504 {
0505 delete_attachments('user', $user_id);
0506
0507 add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
0508 trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0509 }
0510 else
0511 {
0512 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0513 'u' => $user_id,
0514 'i' => $id,
0515 'mode' => $mode,
0516 'action' => $action,
0517 'update' => true))
0518 );
0519 }
0520
0521 break;
0522
0523 case 'deloutbox':
0524
0525 if (confirm_box(true))
0526 {
0527 $msg_ids = array();
0528 $lang = 'EMPTY';
0529
0530 $sql = 'SELECT msg_id
0531 FROM ' . PRIVMSGS_TO_TABLE . "
0532 WHERE author_id = $user_id
0533 AND folder_id = " . PRIVMSGS_OUTBOX;
0534 $result = $db->sql_query($sql);
0535
0536 if ($row = $db->sql_fetchrow($result))
0537 {
0538 if (!function_exists('delete_pm'))
0539 {
0540 include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
0541 }
0542
0543 do
0544 {
0545 $msg_ids[] = (int) $row['msg_id'];
0546 }
0547 while ($row = $db->sql_fetchrow($result));
0548
0549 $db->sql_freeresult($result);
0550
0551 delete_pm($user_id, $msg_ids, PRIVMSGS_OUTBOX);
0552
0553 add_log('admin', 'LOG_USER_DEL_OUTBOX', $user_row['username']);
0554
0555 $lang = 'EMPTIED';
0556 }
0557 $db->sql_freeresult($result);
0558
0559 trigger_error($user->lang['USER_OUTBOX_' . $lang] . adm_back_link($this->u_action . '&u=' . $user_id));
0560 }
0561 else
0562 {
0563 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0564 'u' => $user_id,
0565 'i' => $id,
0566 'mode' => $mode,
0567 'action' => $action,
0568 'update' => true))
0569 );
0570 }
0571 break;
0572
0573 case 'moveposts':
0574
0575 if (!check_form_key($form_name))
0576 {
0577 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0578 }
0579
0580 $user->add_lang('acp/forums');
0581
0582 $new_forum_id = request_var('new_f', 0);
0583
0584 if (!$new_forum_id)
0585 {
0586 $this->page_title = 'USER_ADMIN_MOVE_POSTS';
0587
0588 $template->assign_vars(array(
0589 'S_SELECT_FORUM' => true,
0590 'U_ACTION' => $this->u_action . "&action=$action&u=$user_id",
0591 'U_BACK' => $this->u_action . "&u=$user_id",
0592 'S_FORUM_OPTIONS' => make_forum_select(false, false, false, true))
0593 );
0594
0595 return;
0596 }
0597
0598 // Is the new forum postable to?
0599 $sql = 'SELECT forum_name, forum_type
0600 FROM ' . FORUMS_TABLE . "
0601 WHERE forum_id = $new_forum_id";
0602 $result = $db->sql_query($sql);
0603 $forum_info = $db->sql_fetchrow($result);
0604 $db->sql_freeresult($result);
0605
0606 if (!$forum_info)
0607 {
0608 trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0609 }
0610
0611 if ($forum_info['forum_type'] != FORUM_POST)
0612 {
0613 trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0614 }
0615
0616 // Two stage?
0617 // Move topics comprising only posts from this user
0618 $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
0619 $forum_id_ary = array($new_forum_id);
0620
0621 $sql = 'SELECT topic_id, post_visibility, COUNT(post_id) AS total_posts
0622 FROM ' . POSTS_TABLE . "
0623 WHERE poster_id = $user_id
0624 AND forum_id <> $new_forum_id
0625 GROUP BY topic_id, post_visibility";
0626 $result = $db->sql_query($sql);
0627
0628 while ($row = $db->sql_fetchrow($result))
0629 {
0630 $topic_id_ary[$row['topic_id']][$row['post_visibility']] = $row['total_posts'];
0631 }
0632 $db->sql_freeresult($result);
0633
0634 if (sizeof($topic_id_ary))
0635 {
0636 $sql = 'SELECT topic_id, forum_id, topic_title, topic_posts_approved, topic_posts_unapproved, topic_posts_softdeleted, topic_attachment
0637 FROM ' . TOPICS_TABLE . '
0638 WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
0639 $result = $db->sql_query($sql);
0640
0641 while ($row = $db->sql_fetchrow($result))
0642 {
0643 if ($topic_id_ary[$row['topic_id']][ITEM_APPROVED] == $row['topic_posts_approved']
0644 && $topic_id_ary[$row['topic_id']][ITEM_UNAPPROVED] == $row['topic_posts_unapproved']
0645 && $topic_id_ary[$row['topic_id']][ITEM_REAPPROVE] == $row['topic_posts_unapproved']
0646 && $topic_id_ary[$row['topic_id']][ITEM_DELETED] == $row['topic_posts_softdeleted'])
0647 {
0648 $move_topic_ary[] = $row['topic_id'];
0649 }
0650 else
0651 {
0652 $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
0653 $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
0654 }
0655
0656 $forum_id_ary[] = $row['forum_id'];
0657 }
0658 $db->sql_freeresult($result);
0659 }
0660
0661 // Entire topic comprises posts by this user, move these topics
0662 if (sizeof($move_topic_ary))
0663 {
0664 move_topics($move_topic_ary, $new_forum_id, false);
0665 }
0666
0667 if (sizeof($move_post_ary))
0668 {
0669 // Create new topic
0670 // Update post_ids, report_ids, attachment_ids
0671 foreach ($move_post_ary as $topic_id => $post_ary)
0672 {
0673 // Create new topic
0674 $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
0675 'topic_poster' => $user_id,
0676 'topic_time' => time(),
0677 'forum_id' => $new_forum_id,
0678 'icon_id' => 0,
0679 'topic_visibility' => ITEM_APPROVED,
0680 'topic_title' => $post_ary['title'],
0681 'topic_first_poster_name' => $user_row['username'],
0682 'topic_type' => POST_NORMAL,
0683 'topic_time_limit' => 0,
0684 'topic_attachment' => $post_ary['attach'])
0685 );
0686 $db->sql_query($sql);
0687
0688 $new_topic_id = $db->sql_nextid();
0689
0690 // Move posts
0691 $sql = 'UPDATE ' . POSTS_TABLE . "
0692 SET forum_id = $new_forum_id, topic_id = $new_topic_id
0693 WHERE topic_id = $topic_id
0694 AND poster_id = $user_id";
0695 $db->sql_query($sql);
0696
0697 if ($post_ary['attach'])
0698 {
0699 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
0700 SET topic_id = $new_topic_id
0701 WHERE topic_id = $topic_id
0702 AND poster_id = $user_id";
0703 $db->sql_query($sql);
0704 }
0705
0706 $new_topic_id_ary[] = $new_topic_id;
0707 }
0708 }
0709
0710 $forum_id_ary = array_unique($forum_id_ary);
0711 $topic_id_ary = array_unique(array_merge(array_keys($topic_id_ary), $new_topic_id_ary));
0712
0713 if (sizeof($topic_id_ary))
0714 {
0715 sync('topic_reported', 'topic_id', $topic_id_ary);
0716 sync('topic', 'topic_id', $topic_id_ary);
0717 }
0718
0719 if (sizeof($forum_id_ary))
0720 {
0721 sync('forum', 'forum_id', $forum_id_ary, false, true);
0722 }
0723
0724 add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
0725 add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
0726
0727 trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0728
0729 break;
0730
0731 case 'leave_nr':
0732
0733 if (confirm_box(true))
0734 {
0735 remove_newly_registered($user_id, $user_row);
0736
0737 add_log('admin', 'LOG_USER_REMOVED_NR', $user_row['username']);
0738 trigger_error($user->lang['USER_LIFTED_NR'] . adm_back_link($this->u_action . '&u=' . $user_id));
0739 }
0740 else
0741 {
0742 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
0743 'u' => $user_id,
0744 'i' => $id,
0745 'mode' => $mode,
0746 'action' => $action,
0747 'update' => true))
0748 );
0749 }
0750
0751 break;
0752
0753 default:
0754 /**
0755 * Run custom quicktool code
0756 *
0757 * @event core.acp_users_overview_run_quicktool
0758 * @var array user_row Current user data
0759 * @var string action Quick tool that should be run
0760 * @since 3.1.0-a1
0761 */
0762 $vars = array('action', 'user_row');
0763 extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_run_quicktool', compact($vars)));
0764 break;
0765 }
0766
0767 // Handle registration info updates
0768 $data = array(
0769 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
0770 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
0771 'email' => strtolower(request_var('user_email', $user_row['user_email'])),
0772 'new_password' => $request->variable('new_password', '', true),
0773 'password_confirm' => $request->variable('password_confirm', '', true),
0774 );
0775
0776 // Validation data - we do not check the password complexity setting here
0777 $check_ary = array(
0778 'new_password' => array(
0779 array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0780 array('password')),
0781 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
0782 );
0783
0784 // Check username if altered
0785 if ($data['username'] != $user_row['username'])
0786 {
0787 $check_ary += array(
0788 'username' => array(
0789 array('string', false, $config['min_name_chars'], $config['max_name_chars']),
0790 array('username', $user_row['username'])
0791 ),
0792 );
0793 }
0794
0795 // Check email if altered
0796 if ($data['email'] != $user_row['user_email'])
0797 {
0798 $check_ary += array(
0799 'email' => array(
0800 array('string', false, 6, 60),
0801 array('user_email', $user_row['user_email']),
0802 ),
0803 );
0804 }
0805
0806 $error = validate_data($data, $check_ary);
0807
0808 if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
0809 {
0810 $error[] = 'NEW_PASSWORD_ERROR';
0811 }
0812
0813 if (!check_form_key($form_name))
0814 {
0815 $error[] = 'FORM_INVALID';
0816 }
0817
0818 // Instantiate passwords manager
0819 $passwords_manager = $phpbb_container->get('passwords.manager');
0820
0821 // Which updates do we need to do?
0822 $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
0823 $update_password = $data['new_password'] && !$passwords_manager->check($data['new_password'], $user_row['user_password']);
0824 $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
0825
0826 if (!sizeof($error))
0827 {
0828 $sql_ary = array();
0829
0830 if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
0831 {
0832 // Only allow founders updating the founder status...
0833 if ($user->data['user_type'] == USER_FOUNDER)
0834 {
0835 // Setting a normal member to be a founder
0836 if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
0837 {
0838 // Make sure the user is not setting an Inactive or ignored user to be a founder
0839 if ($user_row['user_type'] == USER_IGNORE)
0840 {
0841 trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0842 }
0843
0844 if ($user_row['user_type'] == USER_INACTIVE)
0845 {
0846 trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0847 }
0848
0849 $sql_ary['user_type'] = USER_FOUNDER;
0850 }
0851 else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
0852 {
0853 // Check if at least one founder is present
0854 $sql = 'SELECT user_id
0855 FROM ' . USERS_TABLE . '
0856 WHERE user_type = ' . USER_FOUNDER . '
0857 AND user_id <> ' . $user_id;
0858 $result = $db->sql_query_limit($sql, 1);
0859 $row = $db->sql_fetchrow($result);
0860 $db->sql_freeresult($result);
0861
0862 if ($row)
0863 {
0864 $sql_ary['user_type'] = USER_NORMAL;
0865 }
0866 else
0867 {
0868 trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
0869 }
0870 }
0871 }
0872 }
0873
0874 /**
0875 * Modify user data before we update it
0876 *
0877 * @event core.acp_users_overview_modify_data
0878 * @var array user_row Current user data
0879 * @var array data Submitted user data
0880 * @var array sql_ary User data we udpate
0881 * @since 3.1.0-a1
0882 */
0883 $vars = array('user_row', 'data', 'sql_ary');
0884 extract($phpbb_dispatcher->trigger_event('core.acp_users_overview_modify_data', compact($vars)));
0885
0886 if ($update_username !== false)
0887 {
0888 $sql_ary['username'] = $update_username;
0889 $sql_ary['username_clean'] = utf8_clean_string($update_username);
0890
0891 add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
0892 }
0893
0894 if ($update_email !== false)
0895 {
0896 $sql_ary += array(
0897 'user_email' => $update_email,
0898 'user_email_hash' => phpbb_email_hash($update_email),
0899 );
0900
0901 add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
0902 }
0903
0904 if ($update_password)
0905 {
0906 $sql_ary += array(
0907 'user_password' => $passwords_manager->hash($data['new_password']),
0908 'user_passchg' => time(),
0909 );
0910
0911 $user->reset_login_keys($user_id);
0912 add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
0913 }
0914
0915 if (sizeof($sql_ary))
0916 {
0917 $sql = 'UPDATE ' . USERS_TABLE . '
0918 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
0919 WHERE user_id = ' . $user_id;
0920 $db->sql_query($sql);
0921 }
0922
0923 if ($update_username)
0924 {
0925 user_update_name($user_row['username'], $update_username);
0926 }
0927
0928 // Let the users permissions being updated
0929 $auth->acl_clear_prefetch($user_id);
0930
0931 add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
0932
0933 trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
0934 }
0935
0936 // Replace "error" strings with their real, localised form
0937 $error = array_map(array($user, 'lang'), $error);
0938 }
0939
0940 if ($user_id == $user->data['user_id'])
0941 {
0942 $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH', 'deloutbox' => 'DEL_OUTBOX');
0943 if ($user_row['user_new'])
0944 {
0945 $quick_tool_ary['leave_nr'] = 'LEAVE_NR';
0946 }
0947 }
0948 else
0949 {
0950 $quick_tool_ary = array();
0951
0952 if ($user_row['user_type'] != USER_FOUNDER)
0953 {
0954 $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
0955 }
0956
0957 if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
0958 {
0959 $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
0960 }
0961
0962 $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH', 'deloutbox' => 'DEL_OUTBOX');
0963
0964 if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
0965 {
0966 $quick_tool_ary['reactivate'] = 'FORCE';
0967 }
0968
0969 if ($user_row['user_new'])
0970 {
0971 $quick_tool_ary['leave_nr'] = 'LEAVE_NR';
0972 }
0973 }
0974
0975 if ($config['load_onlinetrack'])
0976 {
0977 $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
0978 FROM ' . SESSIONS_TABLE . "
0979 WHERE session_user_id = $user_id";
0980 $result = $db->sql_query($sql);
0981 $row = $db->sql_fetchrow($result);
0982 $db->sql_freeresult($result);
0983
0984 $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
0985 $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
0986 unset($row);
0987 }
0988
0989 /**
0990 * Add additional quick tool options and overwrite user data
0991 *
0992 * @event core.acp_users_display_overview
0993 * @var array user_row Array with user data
0994 * @var array quick_tool_ary Ouick tool options
0995 * @since 3.1.0-a1
0996 */
0997 $vars = array('user_row', 'quick_tool_ary');
0998 extract($phpbb_dispatcher->trigger_event('core.acp_users_display_overview', compact($vars)));
0999
1000 $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
1001 foreach ($quick_tool_ary as $value => $lang)
1002 {
1003 $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
1004 }
1005
1006 $last_active = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
1007
1008 $inactive_reason = '';
1009 if ($user_row['user_type'] == USER_INACTIVE)
1010 {
1011 $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
1012
1013 switch ($user_row['user_inactive_reason'])
1014 {
1015 case INACTIVE_REGISTER:
1016 $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
1017 break;
1018
1019 case INACTIVE_PROFILE:
1020 $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
1021 break;
1022
1023 case INACTIVE_MANUAL:
1024 $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
1025 break;
1026
1027 case INACTIVE_REMIND:
1028 $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
1029 break;
1030 }
1031 }
1032
1033 // Posts in Queue
1034 $sql = 'SELECT COUNT(post_id) as posts_in_queue
1035 FROM ' . POSTS_TABLE . '
1036 WHERE poster_id = ' . $user_id . '
1037 AND ' . $db->sql_in_set('post_visibility', array(ITEM_UNAPPROVED, ITEM_REAPPROVE));
1038 $result = $db->sql_query($sql);
1039 $user_row['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
1040 $db->sql_freeresult($result);
1041
1042 $sql = 'SELECT post_id
1043 FROM ' . POSTS_TABLE . '
1044 WHERE poster_id = '. $user_id;
1045 $result = $db->sql_query_limit($sql, 1);
1046 $user_row['user_has_posts'] = (bool) $db->sql_fetchfield('post_id');
1047 $db->sql_freeresult($result);
1048
1049 $template->assign_vars(array(
1050 'L_NAME_CHARS_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
1051 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
1052 'L_POSTS_IN_QUEUE' => $user->lang('NUM_POSTS_IN_QUEUE', $user_row['posts_in_queue']),
1053 'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
1054
1055 'S_OVERVIEW' => true,
1056 'S_USER_IP' => ($user_row['user_ip']) ? true : false,
1057 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
1058 'S_ACTION_OPTIONS' => $s_action_options,
1059 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false,
1060 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
1061
1062 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
1063 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}",
1064 'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
1065 'U_SEARCH_USER' => ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id={$user_row['user_id']}&sr=posts") : '',
1066
1067 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_row['user_id']}&hash=" . generate_link_hash('switchperm')) : '',
1068
1069 'POSTS_IN_QUEUE' => $user_row['posts_in_queue'],
1070 'USER' => $user_row['username'],
1071 'USER_REGISTERED' => $user->format_date($user_row['user_regdate']),
1072 'REGISTERED_IP' => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
1073 'USER_LASTACTIVE' => ($last_active) ? $user->format_date($last_active) : ' - ',
1074 'USER_EMAIL' => $user_row['user_email'],
1075 'USER_WARNINGS' => $user_row['user_warnings'],
1076 'USER_POSTS' => $user_row['user_posts'],
1077 'USER_HAS_POSTS' => $user_row['user_has_posts'],
1078 'USER_INACTIVE_REASON' => $inactive_reason,
1079 ));
1080
1081 break;
1082
1083 case 'feedback':
1084
1085 $user->add_lang('mcp');
1086
1087 // Set up general vars
1088 $start = request_var('start', 0);
1089 $deletemark = (isset($_POST['delmarked'])) ? true : false;
1090 $deleteall = (isset($_POST['delall'])) ? true : false;
1091 $marked = request_var('mark', array(0));
1092 $message = utf8_normalize_nfc(request_var('message', '', true));
1093 $pagination = $phpbb_container->get('pagination');
1094
1095 // Sort keys
1096 $sort_days = request_var('st', 0);
1097 $sort_key = request_var('sk', 't');
1098 $sort_dir = request_var('sd', 'd');
1099
1100 // Delete entries if requested and able
1101 if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
1102 {
1103 if (!check_form_key($form_name))
1104 {
1105 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1106 }
1107
1108 $where_sql = '';
1109 if ($deletemark && $marked)
1110 {
1111 $sql_in = array();
1112 foreach ($marked as $mark)
1113 {
1114 $sql_in[] = $mark;
1115 }
1116 $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
1117 unset($sql_in);
1118 }
1119
1120 if ($where_sql || $deleteall)
1121 {
1122 $sql = 'DELETE FROM ' . LOG_TABLE . '
1123 WHERE log_type = ' . LOG_USERS . "
1124 AND reportee_id = $user_id
1125 $where_sql";
1126 $db->sql_query($sql);
1127
1128 add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
1129 }
1130 }
1131
1132 if ($submit && $message)
1133 {
1134 if (!check_form_key($form_name))
1135 {
1136 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1137 }
1138
1139 add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
1140 add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
1141 add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
1142
1143 trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1144 }
1145
1146 // Sorting
1147 $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1148 $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
1149 $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
1150
1151 $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
1152 gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
1153
1154 // Define where and sort sql for use in displaying logs
1155 $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
1156 $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
1157
1158 // Grab log data
1159 $log_data = array();
1160 $log_count = 0;
1161 $start = view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
1162
1163 $base_url = $this->u_action . "&u=$user_id&$u_sort_param";
1164 $pagination->generate_template_pagination($base_url, 'pagination', 'start', $log_count, $config['topics_per_page'], $start);
1165
1166 $template->assign_vars(array(
1167 'S_FEEDBACK' => true,
1168
1169 'S_LIMIT_DAYS' => $s_limit_days,
1170 'S_SORT_KEY' => $s_sort_key,
1171 'S_SORT_DIR' => $s_sort_dir,
1172 'S_CLEARLOGS' => $auth->acl_get('a_clearlogs'))
1173 );
1174
1175 foreach ($log_data as $row)
1176 {
1177 $template->assign_block_vars('log', array(
1178 'USERNAME' => $row['username_full'],
1179 'IP' => $row['ip'],
1180 'DATE' => $user->format_date($row['time']),
1181 'ACTION' => nl2br($row['action']),
1182 'ID' => $row['id'])
1183 );
1184 }
1185
1186 break;
1187
1188 case 'warnings':
1189 $user->add_lang('mcp');
1190
1191 // Set up general vars
1192 $start = request_var('start', 0);
1193 $deletemark = (isset($_POST['delmarked'])) ? true : false;
1194 $deleteall = (isset($_POST['delall'])) ? true : false;
1195 $confirm = (isset($_POST['confirm'])) ? true : false;
1196 $marked = request_var('mark', array(0));
1197 $message = utf8_normalize_nfc(request_var('message', '', true));
1198
1199 // Sort keys
1200 $sort_days = request_var('st', 0);
1201 $sort_key = request_var('sk', 't');
1202 $sort_dir = request_var('sd', 'd');
1203
1204 // Delete entries if requested and able
1205 if ($deletemark || $deleteall || $confirm)
1206 {
1207 if (confirm_box(true))
1208 {
1209 $where_sql = '';
1210 $deletemark = request_var('delmarked', 0);
1211 $deleteall = request_var('delall', 0);
1212 if ($deletemark && $marked)
1213 {
1214 $where_sql = ' AND ' . $db->sql_in_set('warning_id', array_values($marked));
1215 }
1216
1217 if ($where_sql || $deleteall)
1218 {
1219 $sql = 'DELETE FROM ' . WARNINGS_TABLE . "
1220 WHERE user_id = $user_id
1221 $where_sql";
1222 $db->sql_query($sql);
1223
1224 if ($deleteall)
1225 {
1226 $log_warnings = $deleted_warnings = 0;
1227 }
1228 else
1229 {
1230 $num_warnings = (int) $db->sql_affectedrows();
1231 $deleted_warnings = ' user_warnings - ' . $num_warnings;
1232 $log_warnings = ($num_warnings > 2) ? 2 : $num_warnings;
1233 }
1234
1235 $sql = 'UPDATE ' . USERS_TABLE . "
1236 SET user_warnings = $deleted_warnings
1237 WHERE user_id = $user_id";
1238 $db->sql_query($sql);
1239
1240 if ($log_warnings)
1241 {
1242 add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings);
1243 }
1244 else
1245 {
1246 add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']);
1247 }
1248 }
1249 }
1250 else
1251 {
1252 $s_hidden_fields = array(
1253 'i' => $id,
1254 'mode' => $mode,
1255 'u' => $user_id,
1256 'mark' => $marked,
1257 );
1258 if (isset($_POST['delmarked']))
1259 {
1260 $s_hidden_fields['delmarked'] = 1;
1261 }
1262 if (isset($_POST['delall']))
1263 {
1264 $s_hidden_fields['delall'] = 1;
1265 }
1266 if (isset($_POST['delall']) || (isset($_POST['delmarked']) && sizeof($marked)))
1267 {
1268 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));
1269 }
1270 }
1271 }
1272
1273 $sql = 'SELECT w.warning_id, w.warning_time, w.post_id, l.log_operation, l.log_data, l.user_id AS mod_user_id, m.username AS mod_username, m.user_colour AS mod_user_colour
1274 FROM ' . WARNINGS_TABLE . ' w
1275 LEFT JOIN ' . LOG_TABLE . ' l
1276 ON (w.log_id = l.log_id)
1277 LEFT JOIN ' . USERS_TABLE . ' m
1278 ON (l.user_id = m.user_id)
1279 WHERE w.user_id = ' . $user_id . '
1280 ORDER BY w.warning_time DESC';
1281 $result = $db->sql_query($sql);
1282
1283 while ($row = $db->sql_fetchrow($result))
1284 {
1285 if (!$row['log_operation'])
1286 {
1287 // We do not have a log-entry anymore, so there is no data available
1288 $row['action'] = $user->lang['USER_WARNING_LOG_DELETED'];
1289 }
1290 else
1291 {
1292 $row['action'] = (isset($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : '{' . ucfirst(str_replace('_', ' ', $row['log_operation'])) . '}';
1293 if (!empty($row['log_data']))
1294 {
1295 $log_data_ary = @unserialize($row['log_data']);
1296 $log_data_ary = ($log_data_ary === false) ? array() : $log_data_ary;
1297
1298 if (isset($user->lang[$row['log_operation']]))
1299 {
1300 // Check if there are more occurrences of % than arguments, if there are we fill out the arguments array
1301 // It doesn't matter if we add more arguments than placeholders
1302 if ((substr_count($row['action'], '%') - sizeof($log_data_ary)) > 0)
1303 {
1304 $log_data_ary = array_merge($log_data_ary, array_fill(0, substr_count($row['action'], '%') - sizeof($log_data_ary), ''));
1305 }
1306 $row['action'] = vsprintf($row['action'], $log_data_ary);
1307 $row['action'] = bbcode_nl2br(censor_text($row['action']));
1308 }
1309 else if (!empty($log_data_ary))
1310 {
1311 $row['action'] .= '<br />' . implode('', $log_data_ary);
1312 }
1313 }
1314 }
1315
1316 $template->assign_block_vars('warn', array(
1317 'ID' => $row['warning_id'],
1318 'USERNAME' => ($row['log_operation']) ? get_username_string('full', $row['mod_user_id'], $row['mod_username'], $row['mod_user_colour']) : '-',
1319 'ACTION' => make_clickable($row['action']),
1320 'DATE' => $user->format_date($row['warning_time']),
1321 ));
1322 }
1323 $db->sql_freeresult($result);
1324
1325 $template->assign_vars(array(
1326 'S_WARNINGS' => true,
1327 ));
1328
1329 break;
1330
1331 case 'profile':
1332
1333 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1334
1335 $cp = $phpbb_container->get('profilefields.manager');
1336
1337 $cp_data = $cp_error = array();
1338
1339 $sql = 'SELECT lang_id
1340 FROM ' . LANG_TABLE . "
1341 WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
1342 $result = $db->sql_query($sql);
1343 $row = $db->sql_fetchrow($result);
1344 $db->sql_freeresult($result);
1345
1346 $user_row['iso_lang_id'] = $row['lang_id'];
1347
1348 $data = array(
1349 'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
1350 'bday_day' => 0,
1351 'bday_month' => 0,
1352 'bday_year' => 0,
1353 );
1354
1355 if ($user_row['user_birthday'])
1356 {
1357 list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
1358 }
1359
1360 $data['bday_day'] = request_var('bday_day', $data['bday_day']);
1361 $data['bday_month'] = request_var('bday_month', $data['bday_month']);
1362 $data['bday_year'] = request_var('bday_year', $data['bday_year']);
1363 $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
1364
1365 if ($submit)
1366 {
1367 $error = validate_data($data, array(
1368 'jabber' => array(
1369 array('string', true, 5, 255),
1370 array('jabber')),
1371 'bday_day' => array('num', true, 1, 31),
1372 'bday_month' => array('num', true, 1, 12),
1373 'bday_year' => array('num', true, 1901, gmdate('Y', time())),
1374 'user_birthday' => array('date', true),
1375 ));
1376
1377 // validate custom profile fields
1378 $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
1379
1380 if (sizeof($cp_error))
1381 {
1382 $error = array_merge($error, $cp_error);
1383 }
1384 if (!check_form_key($form_name))
1385 {
1386 $error[] = 'FORM_INVALID';
1387 }
1388
1389 if (!sizeof($error))
1390 {
1391 $sql_ary = array(
1392 'user_jabber' => $data['jabber'],
1393 'user_birthday' => $data['user_birthday'],
1394 );
1395
1396 $sql = 'UPDATE ' . USERS_TABLE . '
1397 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1398 WHERE user_id = $user_id";
1399 $db->sql_query($sql);
1400
1401 // Update Custom Fields
1402 $cp->update_profile_field_data($user_id, $cp_data);
1403
1404 trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1405 }
1406
1407 // Replace "error" strings with their real, localised form
1408 $error = array_map(array($user, 'lang'), $error);
1409 }
1410
1411 $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
1412 for ($i = 1; $i < 32; $i++)
1413 {
1414 $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
1415 $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
1416 }
1417
1418 $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
1419 for ($i = 1; $i < 13; $i++)
1420 {
1421 $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
1422 $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
1423 }
1424 $s_birthday_year_options = '';
1425
1426 $now = getdate();
1427 $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
1428 for ($i = $now['year'] - 100; $i <= $now['year']; $i++)
1429 {
1430 $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
1431 $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
1432 }
1433 unset($now);
1434
1435 $template->assign_vars(array(
1436 'JABBER' => $data['jabber'],
1437 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
1438 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
1439 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
1440
1441 'S_PROFILE' => true)
1442 );
1443
1444 // Get additional profile fields and assign them to the template block var 'profile_fields'
1445 $user->get_profile_fields($user_id);
1446
1447 $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
1448
1449 break;
1450
1451 case 'prefs':
1452
1453 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1454
1455 $data = array(
1456 'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
1457 'lang' => basename(request_var('lang', $user_row['user_lang'])),
1458 'tz' => request_var('tz', $user_row['user_timezone']),
1459 'style' => request_var('style', $user_row['user_style']),
1460 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
1461 'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
1462 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
1463 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
1464 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
1465 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
1466
1467 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
1468 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
1469 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
1470
1471 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
1472 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
1473 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
1474
1475 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
1476 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
1477 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
1478 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
1479 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
1480 'view_wordcensor' => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
1481
1482 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
1483 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
1484 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
1485 'notify' => request_var('notify', $user_row['user_notify']),
1486 );
1487
1488 /**
1489 * Modify users preferences data
1490 *
1491 * @event core.acp_users_prefs_modify_data
1492 * @var array data Array with users preferences data
1493 * @var array user_row Array with user data
1494 * @since 3.1.0-b3
1495 */
1496 $vars = array('data', 'user_row');
1497 extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_data', compact($vars)));
1498
1499 if ($submit)
1500 {
1501 $error = validate_data($data, array(
1502 'dateformat' => array('string', false, 1, 30),
1503 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
1504 'tz' => array('timezone'),
1505
1506 'topic_sk' => array('string', false, 1, 1),
1507 'topic_sd' => array('string', false, 1, 1),
1508 'post_sk' => array('string', false, 1, 1),
1509 'post_sd' => array('string', false, 1, 1),
1510 ));
1511
1512 if (!check_form_key($form_name))
1513 {
1514 $error[] = 'FORM_INVALID';
1515 }
1516
1517 if (!sizeof($error))
1518 {
1519 $this->optionset($user_row, 'viewimg', $data['view_images']);
1520 $this->optionset($user_row, 'viewflash', $data['view_flash']);
1521 $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
1522 $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
1523 $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
1524 $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
1525 $this->optionset($user_row, 'bbcode', $data['bbcode']);
1526 $this->optionset($user_row, 'smilies', $data['smilies']);
1527 $this->optionset($user_row, 'attachsig', $data['sig']);
1528
1529 $sql_ary = array(
1530 'user_options' => $user_row['user_options'],
1531
1532 'user_allow_pm' => $data['allowpm'],
1533 'user_allow_viewemail' => $data['viewemail'],
1534 'user_allow_massemail' => $data['massemail'],
1535 'user_allow_viewonline' => !$data['hideonline'],
1536 'user_notify_type' => $data['notifymethod'],
1537 'user_notify_pm' => $data['notifypm'],
1538
1539 'user_dateformat' => $data['dateformat'],
1540 'user_lang' => $data['lang'],
1541 'user_timezone' => $data['tz'],
1542 'user_style' => $data['style'],
1543
1544 'user_topic_sortby_type' => $data['topic_sk'],
1545 'user_post_sortby_type' => $data['post_sk'],
1546 'user_topic_sortby_dir' => $data['topic_sd'],
1547 'user_post_sortby_dir' => $data['post_sd'],
1548
1549 'user_topic_show_days' => $data['topic_st'],
1550 'user_post_show_days' => $data['post_st'],
1551
1552 'user_notify' => $data['notify'],
1553 );
1554
1555 /**
1556 * Modify SQL query before users preferences are updated
1557 *
1558 * @event core.acp_users_prefs_modify_sql
1559 * @var array data Array with users preferences data
1560 * @var array user_row Array with user data
1561 * @var array sql_ary SQL array with users preferences data to update
1562 * @var array error Array with errors data
1563 * @since 3.1.0-b3
1564 */
1565 $vars = array('data', 'user_row', 'sql_ary', 'error');
1566 extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_sql', compact($vars)));
1567
1568 if (!sizeof($error))
1569 {
1570 $sql = 'UPDATE ' . USERS_TABLE . '
1571 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1572 WHERE user_id = $user_id";
1573 $db->sql_query($sql);
1574
1575 // Check if user has an active session
1576 if ($user_row['session_id'])
1577 {
1578 // We'll update the session if user_allow_viewonline has changed and the user is a bot
1579 // Or if it's a regular user and the admin set it to hide the session
1580 if ($user_row['user_allow_viewonline'] != $sql_ary['user_allow_viewonline'] && $user_row['user_type'] == USER_IGNORE
1581 || $user_row['user_allow_viewonline'] && !$sql_ary['user_allow_viewonline'])
1582 {
1583 // We also need to check if the user has the permission to cloak.
1584 $user_auth = new \phpbb\auth\auth();
1585 $user_auth->acl($user_row);
1586
1587 $session_sql_ary = array(
1588 'session_viewonline' => ($user_auth->acl_get('u_hideonline')) ? $sql_ary['user_allow_viewonline'] : true,
1589 );
1590
1591 $sql = 'UPDATE ' . SESSIONS_TABLE . '
1592 SET ' . $db->sql_build_array('UPDATE', $session_sql_ary) . "
1593 WHERE session_user_id = $user_id";
1594 $db->sql_query($sql);
1595
1596 unset($user_auth);
1597 }
1598 }
1599
1600 trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1601 }
1602 }
1603
1604 // Replace "error" strings with their real, localised form
1605 $error = array_map(array($user, 'lang'), $error);
1606 }
1607
1608 $dateformat_options = '';
1609 foreach ($user->lang['dateformats'] as $format => $null)
1610 {
1611 $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
1612 $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
1613 $dateformat_options .= '</option>';
1614 }
1615
1616 $s_custom = false;
1617
1618 $dateformat_options .= '<option value="custom"';
1619 if (!isset($user->lang['dateformats'][$data['dateformat']]))
1620 {
1621 $dateformat_options .= ' selected="selected"';
1622 $s_custom = true;
1623 }
1624 $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
1625
1626 $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1627
1628 // Topic ordering options
1629 $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1630 $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
1631
1632 // Post ordering options
1633 $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1634 $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
1635
1636 $_options = array('topic', 'post');
1637 foreach ($_options as $sort_option)
1638 {
1639 ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
1640 foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
1641 {
1642 $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
1643 ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
1644 }
1645 ${'s_limit_' . $sort_option . '_days'} .= '</select>';
1646
1647 ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
1648 foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
1649 {
1650 $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
1651 ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
1652 }
1653 ${'s_sort_' . $sort_option . '_key'} .= '</select>';
1654
1655 ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
1656 foreach ($sort_dir_text as $key => $value)
1657 {
1658 $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
1659 ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1660 }
1661 ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
1662 }
1663
1664 phpbb_timezone_select($template, $user, $data['tz'], true);
1665 $user_prefs_data = array(
1666 'S_PREFS' => true,
1667 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
1668
1669 'VIEW_EMAIL' => $data['viewemail'],
1670 'MASS_EMAIL' => $data['massemail'],
1671 'ALLOW_PM' => $data['allowpm'],
1672 'HIDE_ONLINE' => $data['hideonline'],
1673 'NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
1674 'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
1675 'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
1676 'NOTIFY_PM' => $data['notifypm'],
1677 'BBCODE' => $data['bbcode'],
1678 'SMILIES' => $data['smilies'],
1679 'ATTACH_SIG' => $data['sig'],
1680 'NOTIFY' => $data['notify'],
1681 'VIEW_IMAGES' => $data['view_images'],
1682 'VIEW_FLASH' => $data['view_flash'],
1683 'VIEW_SMILIES' => $data['view_smilies'],
1684 'VIEW_SIGS' => $data['view_sigs'],
1685 'VIEW_AVATARS' => $data['view_avatars'],
1686 'VIEW_WORDCENSOR' => $data['view_wordcensor'],
1687
1688 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
1689 'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
1690 'S_TOPIC_SORT_DIR' => $s_sort_topic_dir,
1691 'S_POST_SORT_DAYS' => $s_limit_post_days,
1692 'S_POST_SORT_KEY' => $s_sort_post_key,
1693 'S_POST_SORT_DIR' => $s_sort_post_dir,
1694
1695 'DATE_FORMAT' => $data['dateformat'],
1696 'S_DATEFORMAT_OPTIONS' => $dateformat_options,
1697 'S_CUSTOM_DATEFORMAT' => $s_custom,
1698 'DEFAULT_DATEFORMAT' => $config['default_dateformat'],
1699 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']),
1700
1701 'S_LANG_OPTIONS' => language_select($data['lang']),
1702 'S_STYLE_OPTIONS' => style_select($data['style']),
1703 );
1704
1705 /**
1706 * Modify users preferences data before assigning it to the template
1707 *
1708 * @event core.acp_users_prefs_modify_template_data
1709 * @var array data Array with users preferences data
1710 * @var array user_row Array with user data
1711 * @var array user_prefs_data Array with users preferences data to be assigned to the template
1712 * @since 3.1.0-b3
1713 */
1714 $vars = array('data', 'user_row', 'user_prefs_data');
1715 extract($phpbb_dispatcher->trigger_event('core.acp_users_prefs_modify_template_data', compact($vars)));
1716
1717 $template->assign_vars($user_prefs_data);
1718
1719 break;
1720
1721 case 'avatar':
1722
1723 include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1724
1725 $avatars_enabled = false;
1726
1727 if ($config['allow_avatar'])
1728 {
1729 $phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
1730 $avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
1731
1732 // This is normalised data, without the user_ prefix
1733 $avatar_data = \phpbb\avatar\manager::clean_row($user_row, 'user');
1734
1735 if ($submit)
1736 {
1737 if (check_form_key($form_name))
1738 {
1739 $driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
1740
1741 if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete'))
1742 {
1743 $driver = $phpbb_avatar_manager->get_driver($driver_name);
1744 $result = $driver->process_form($request, $template, $user, $avatar_data, $error);
1745
1746 if ($result && empty($error))
1747 {
1748 // Success! Lets save the result in the database
1749 $result = array(
1750 'user_avatar_type' => $driver_name,
1751 'user_avatar' => $result['avatar'],
1752 'user_avatar_width' => $result['avatar_width'],
1753 'user_avatar_height' => $result['avatar_height'],
1754 );
1755
1756 $sql = 'UPDATE ' . USERS_TABLE . '
1757 SET ' . $db->sql_build_array('UPDATE', $result) . '
1758 WHERE user_id = ' . (int) $user_id;
1759
1760 $db->sql_query($sql);
1761 trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1762 }
1763 }
1764 }
1765 else
1766 {
1767 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1768 }
1769 }
1770
1771 // Handle deletion of avatars
1772 if ($request->is_set_post('avatar_delete'))
1773 {
1774 if (!confirm_box(true))
1775 {
1776 confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array(
1777 'avatar_delete' => true))
1778 );
1779 }
1780 else
1781 {
1782 $phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, USERS_TABLE, 'user_');
1783
1784 trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1785 }
1786 }
1787
1788 $selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $user_row['user_avatar_type']));
1789
1790 foreach ($avatar_drivers as $current_driver)
1791 {
1792 $driver = $phpbb_avatar_manager->get_driver($current_driver);
1793
1794 $avatars_enabled = true;
1795 $config_name = $phpbb_avatar_manager->get_driver_config_name($driver);
1796 $template->set_filenames(array(
1797 'avatar' => "acp_avatar_options_{$config_name}.html",
1798 ));
1799
1800 if ($driver->prepare_form($request, $template, $user, $avatar_data, $error))
1801 {
1802 $driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
1803 $driver_upper = strtoupper($driver_name);
1804
1805 $template->assign_block_vars('avatar_drivers', array(
1806 'L_TITLE' => $user->lang($driver_upper . '_TITLE'),
1807 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'),
1808
1809 'DRIVER' => $driver_name,
1810 'SELECTED' => $current_driver == $selected_driver,
1811 'OUTPUT' => $template->assign_display('avatar'),
1812 ));
1813 }
1814 }
1815 }
1816
1817 // Replace "error" strings with their real, localised form
1818 $error = $phpbb_avatar_manager->localize_errors($user, $error);
1819
1820 $avatar = phpbb_get_user_avatar($user_row, 'USER_AVATAR', true);
1821
1822 $template->assign_vars(array(
1823 'S_AVATAR' => true,
1824 'ERROR' => (!empty($error)) ? implode('<br />', $error) : '',
1825 'AVATAR' => (empty($avatar) ? '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />' : $avatar),
1826
1827 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"',
1828
1829 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], $config['avatar_filesize'] / 1024),
1830
1831 'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled),
1832 ));
1833
1834 break;
1835
1836 case 'rank':
1837
1838 if ($submit)
1839 {
1840 if (!check_form_key($form_name))
1841 {
1842 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
1843 }
1844
1845 $rank_id = request_var('user_rank', 0);
1846
1847 $sql = 'UPDATE ' . USERS_TABLE . "
1848 SET user_rank = $rank_id
1849 WHERE user_id = $user_id";
1850 $db->sql_query($sql);
1851
1852 trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1853 }
1854
1855 $sql = 'SELECT *
1856 FROM ' . RANKS_TABLE . '
1857 WHERE rank_special = 1
1858 ORDER BY rank_title';
1859 $result = $db->sql_query($sql);
1860
1861 $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
1862
1863 while ($row = $db->sql_fetchrow($result))
1864 {
1865 $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
1866 $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
1867 }
1868 $db->sql_freeresult($result);
1869
1870 $template->assign_vars(array(
1871 'S_RANK' => true,
1872 'S_RANK_OPTIONS' => $s_rank_options)
1873 );
1874
1875 break;
1876
1877 case 'sig':
1878
1879 include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
1880 include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1881
1882 $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $this->optionget($user_row, 'sig_bbcode') : false;
1883 $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $this->optionget($user_row, 'sig_smilies') : false;
1884 $enable_urls = ($config['allow_sig_links']) ? (bool) $this->optionget($user_row, 'sig_links') : false;
1885 $signature = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
1886
1887 $preview = (isset($_POST['preview'])) ? true : false;
1888
1889 if ($submit || $preview)
1890 {
1891 include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
1892
1893 $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false;
1894 $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false;
1895 $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
1896
1897 $message_parser = new parse_message($signature);
1898
1899 // Allowing Quote BBCode
1900 $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
1901
1902 if (sizeof($message_parser->warn_msg))
1903 {
1904 $error[] = implode('<br />', $message_parser->warn_msg);
1905 }
1906
1907 if (!check_form_key($form_name))
1908 {
1909 $error = 'FORM_INVALID';
1910 }
1911
1912 if (!sizeof($error) && $submit)
1913 {
1914 $this->optionset($user_row, 'sig_bbcode', $enable_bbcode);
1915 $this->optionset($user_row, 'sig_smilies', $enable_smilies);
1916 $this->optionset($user_row, 'sig_links', $enable_urls);
1917
1918 $sql_ary = array(
1919 'user_sig' => (string) $message_parser->message,
1920 'user_options' => $user_row['user_options'],
1921 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
1922 'user_sig_bbcode_bitfield' => (string) $message_parser->bbcode_bitfield
1923 );
1924
1925 $sql = 'UPDATE ' . USERS_TABLE . '
1926 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
1927 WHERE user_id = ' . $user_id;
1928 $db->sql_query($sql);
1929
1930 trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
1931 }
1932
1933 // Replace "error" strings with their real, localised form
1934 $error = array_map(array($user, 'lang'), $error);
1935 }
1936
1937 $signature_preview = '';
1938
1939 if ($preview)
1940 {
1941 // Now parse it for displaying
1942 $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
1943 unset($message_parser);
1944 }
1945
1946 decode_message($signature, $user_row['user_sig_bbcode_uid']);
1947
1948 $template->assign_vars(array(
1949 'S_SIGNATURE' => true,
1950
1951 'SIGNATURE' => $signature,
1952 'SIGNATURE_PREVIEW' => $signature_preview,
1953
1954 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '',
1955 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '',
1956 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '',
1957
1958 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1959 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1960 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1961 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1962 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1963
1964 'L_SIGNATURE_EXPLAIN' => $user->lang('SIGNATURE_EXPLAIN', (int) $config['max_sig_chars']),
1965
1966 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'],
1967 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'],
1968 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false,
1969 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false,
1970 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false)
1971 );
1972
1973 // Assigning custom bbcodes
1974 display_custom_bbcodes();
1975
1976 break;
1977
1978 case 'attach':
1979
1980 $start = request_var('start', 0);
1981 $deletemark = (isset($_POST['delmarked'])) ? true : false;
1982 $marked = request_var('mark', array(0));
1983 $pagination = $phpbb_container->get('pagination');
1984
1985 // Sort keys
1986 $sort_key = request_var('sk', 'a');
1987 $sort_dir = request_var('sd', 'd');
1988
1989 if ($deletemark && sizeof($marked))
1990 {
1991 $sql = 'SELECT attach_id
1992 FROM ' . ATTACHMENTS_TABLE . '
1993 WHERE poster_id = ' . $user_id . '
1994 AND is_orphan = 0
1995 AND ' . $db->sql_in_set('attach_id', $marked);
1996 $result = $db->sql_query($sql);
1997
1998 $marked = array();
1999 while ($row = $db->sql_fetchrow($result))
2000 {
2001 $marked[] = $row['attach_id'];
2002 }
2003 $db->sql_freeresult($result);
2004 }
2005
2006 if ($deletemark && sizeof($marked))
2007 {
2008 if (confirm_box(true))
2009 {
2010 $sql = 'SELECT real_filename
2011 FROM ' . ATTACHMENTS_TABLE . '
2012 WHERE ' . $db->sql_in_set('attach_id', $marked);
2013 $result = $db->sql_query($sql);
2014
2015 $log_attachments = array();
2016 while ($row = $db->sql_fetchrow($result))
2017 {
2018 $log_attachments[] = $row['real_filename'];
2019 }
2020 $db->sql_freeresult($result);
2021
2022 delete_attachments('attach', $marked);
2023
2024 $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
2025
2026 add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode($user->lang['COMMA_SEPARATOR'], $log_attachments));
2027 trigger_error($message . adm_back_link($this->u_action . '&u=' . $user_id));
2028 }
2029 else
2030 {
2031 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
2032 'u' => $user_id,
2033 'i' => $id,
2034 'mode' => $mode,
2035 'action' => $action,
2036 'delmarked' => true,
2037 'mark' => $marked))
2038 );
2039 }
2040 }
2041
2042 $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
2043 $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
2044
2045 $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
2046
2047 $s_sort_key = '';
2048 foreach ($sk_text as $key => $value)
2049 {
2050 $selected = ($sort_key == $key) ? ' selected="selected"' : '';
2051 $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
2052 }
2053
2054 $s_sort_dir = '';
2055 foreach ($sd_text as $key => $value)
2056 {
2057 $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
2058 $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
2059 }
2060
2061 if (!isset($sk_sql[$sort_key]))
2062 {
2063 $sort_key = 'a';
2064 }
2065
2066 $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
2067
2068 $sql = 'SELECT COUNT(attach_id) as num_attachments
2069 FROM ' . ATTACHMENTS_TABLE . "
2070 WHERE poster_id = $user_id
2071 AND is_orphan = 0";
2072 $result = $db->sql_query_limit($sql, 1);
2073 $num_attachments = (int) $db->sql_fetchfield('num_attachments');
2074 $db->sql_freeresult($result);
2075
2076 $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
2077 FROM ' . ATTACHMENTS_TABLE . ' a
2078 LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
2079 AND a.in_message = 0)
2080 LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
2081 AND a.in_message = 1)
2082 WHERE a.poster_id = ' . $user_id . "
2083 AND a.is_orphan = 0
2084 ORDER BY $order_by";
2085 $result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
2086
2087 while ($row = $db->sql_fetchrow($result))
2088 {
2089 if ($row['in_message'])
2090 {
2091 $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&p={$row['post_msg_id']}");
2092 }
2093 else
2094 {
2095 $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
2096 }
2097
2098 $template->assign_block_vars('attach', array(
2099 'REAL_FILENAME' => $row['real_filename'],
2100 'COMMENT' => nl2br($row['attach_comment']),
2101 'EXTENSION' => $row['extension'],
2102 'SIZE' => get_formatted_filesize($row['filesize']),
2103 'DOWNLOAD_COUNT' => $row['download_count'],
2104 'POST_TIME' => $user->format_date($row['filetime']),
2105 'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
2106
2107 'ATTACH_ID' => $row['attach_id'],
2108 'POST_ID' => $row['post_msg_id'],
2109 'TOPIC_ID' => $row['topic_id'],
2110
2111 'S_IN_MESSAGE' => $row['in_message'],
2112
2113 'U_DOWNLOAD' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&id=' . $row['attach_id']),
2114 'U_VIEW_TOPIC' => $view_topic)
2115 );
2116 }
2117 $db->sql_freeresult($result);
2118
2119 $base_url = $this->u_action . "&u=$user_id&sk=$sort_key&sd=$sort_dir";
2120 $pagination->generate_template_pagination($base_url, 'pagination', 'start', $num_attachments, $config['topics_per_page'], $start);
2121
2122 $template->assign_vars(array(
2123 'S_ATTACHMENTS' => true,
2124 'S_SORT_KEY' => $s_sort_key,
2125 'S_SORT_DIR' => $s_sort_dir,
2126 ));
2127
2128 break;
2129
2130 case 'groups':
2131
2132 include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
2133
2134 $user->add_lang(array('groups', 'acp/groups'));
2135 $group_id = request_var('g', 0);
2136
2137 if ($group_id)
2138 {
2139 // Check the founder only entry for this group to make sure everything is well
2140 $sql = 'SELECT group_founder_manage
2141 FROM ' . GROUPS_TABLE . '
2142 WHERE group_id = ' . $group_id;
2143 $result = $db->sql_query($sql);
2144 $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
2145 $db->sql_freeresult($result);
2146
2147 if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
2148 {
2149 trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2150 }
2151 }
2152 else
2153 {
2154 $founder_manage = 0;
2155 }
2156
2157 switch ($action)
2158 {
2159 case 'demote':
2160 case 'promote':
2161 case 'default':
2162 if (!$group_id)
2163 {
2164 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2165 }
2166 group_user_attributes($action, $group_id, $user_id);
2167
2168 if ($action == 'default')
2169 {
2170 $user_row['group_id'] = $group_id;
2171 }
2172 break;
2173
2174 case 'delete':
2175
2176 if (confirm_box(true))
2177 {
2178 if (!$group_id)
2179 {
2180 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2181 }
2182
2183 if ($error = group_user_del($group_id, $user_id))
2184 {
2185 trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2186 }
2187
2188 $error = array();
2189
2190 // The delete action was successful - therefore update the user row...
2191 $sql = 'SELECT u.*, s.*
2192 FROM ' . USERS_TABLE . ' u
2193 LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
2194 WHERE u.user_id = ' . $user_id . '
2195 ORDER BY s.session_time DESC';
2196 $result = $db->sql_query_limit($sql, 1);
2197 $user_row = $db->sql_fetchrow($result);
2198 $db->sql_freeresult($result);
2199 }
2200 else
2201 {
2202 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
2203 'u' => $user_id,
2204 'i' => $id,
2205 'mode' => $mode,
2206 'action' => $action,
2207 'g' => $group_id))
2208 );
2209 }
2210
2211 break;
2212
2213 case 'approve':
2214
2215 if (confirm_box(true))
2216 {
2217 if (!$group_id)
2218 {
2219 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2220 }
2221 group_user_attributes($action, $group_id, $user_id);
2222 }
2223 else
2224 {
2225 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
2226 'u' => $user_id,
2227 'i' => $id,
2228 'mode' => $mode,
2229 'action' => $action,
2230 'g' => $group_id))
2231 );
2232 }
2233
2234 break;
2235 }
2236
2237 // Add user to group?
2238 if ($submit)
2239 {
2240
2241 if (!check_form_key($form_name))
2242 {
2243 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2244 }
2245
2246 if (!$group_id)
2247 {
2248 trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2249 }
2250
2251 // Add user/s to group
2252 if ($error = group_user_add($group_id, $user_id))
2253 {
2254 trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
2255 }
2256
2257 $error = array();
2258 }
2259
2260 $sql = 'SELECT ug.*, g.*
2261 FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
2262 WHERE ug.user_id = $user_id
2263 AND g.group_id = ug.group_id
2264 ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
2265 $result = $db->sql_query($sql);
2266
2267 $i = 0;
2268 $group_data = $id_ary = array();
2269 while ($row = $db->sql_fetchrow($result))
2270 {
2271 $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
2272
2273 $group_data[$type][$i]['group_id'] = $row['group_id'];
2274 $group_data[$type][$i]['group_name'] = $row['group_name'];
2275 $group_data[$type][$i]['group_leader'] = ($row['group_leader']) ? 1 : 0;
2276
2277 $id_ary[] = $row['group_id'];
2278
2279 $i++;
2280 }
2281 $db->sql_freeresult($result);
2282
2283 // Select box for other groups
2284 $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
2285 FROM ' . GROUPS_TABLE . '
2286 ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
2287 ORDER BY group_type DESC, group_name ASC';
2288 $result = $db->sql_query($sql);
2289
2290 $s_group_options = '';
2291 while ($row = $db->sql_fetchrow($result))
2292 {
2293 if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
2294 {
2295 continue;
2296 }
2297
2298 // Do not display those groups not allowed to be managed
2299 if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
2300 {
2301 continue;
2302 }
2303
2304 $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
2305 }
2306 $db->sql_freeresult($result);
2307
2308 $current_type = '';
2309 foreach ($group_data as $group_type => $data_ary)
2310 {
2311 if ($current_type != $group_type)
2312 {
2313 $template->assign_block_vars('group', array(
2314 'S_NEW_GROUP_TYPE' => true,
2315 'GROUP_TYPE' => $user->lang['USER_GROUP_' . strtoupper($group_type)])
2316 );
2317 }
2318
2319 foreach ($data_ary as $data)
2320 {
2321 $template->assign_block_vars('group', array(
2322 'U_EDIT_GROUP' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&mode=manage&action=edit&u=$user_id&g={$data['group_id']}&back_link=acp_users_groups"),
2323 'U_DEFAULT' => $this->u_action . "&action=default&u=$user_id&g=" . $data['group_id'],
2324 'U_DEMOTE_PROMOTE' => $this->u_action . '&action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&u=$user_id&g=" . $data['group_id'],
2325 'U_DELETE' => $this->u_action . "&action=delete&u=$user_id&g=" . $data['group_id'],
2326 'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&action=approve&u=$user_id&g=" . $data['group_id'] : '',
2327
2328 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
2329 'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
2330
2331 'S_IS_MEMBER' => ($group_type != 'pending') ? true : false,
2332 'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false,
2333 'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false,
2334 )
2335 );
2336 }
2337 }
2338
2339 $template->assign_vars(array(
2340 'S_GROUPS' => true,
2341 'S_GROUP_OPTIONS' => $s_group_options)
2342 );
2343
2344 break;
2345
2346 case 'perm':
2347
2348 include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
2349
2350 $auth_admin = new auth_admin();
2351
2352 $user->add_lang('acp/permissions');
2353 add_permission_language();
2354
2355 $forum_id = request_var('f', 0);
2356
2357 // Global Permissions
2358 if (!$forum_id)
2359 {
2360 // Select auth options
2361 $sql = 'SELECT auth_option, is_local, is_global
2362 FROM ' . ACL_OPTIONS_TABLE . '
2363 WHERE auth_option ' . $db->sql_like_expression($db->get_any_char() . '_') . '
2364 AND is_global = 1
2365 ORDER BY auth_option';
2366 $result = $db->sql_query($sql);
2367
2368 $hold_ary = array();
2369
2370 while ($row = $db->sql_fetchrow($result))
2371 {
2372 $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
2373 $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
2374 }
2375 $db->sql_freeresult($result);
2376
2377 unset($hold_ary);
2378 }
2379 else
2380 {
2381 $sql = 'SELECT auth_option, is_local, is_global
2382 FROM ' . ACL_OPTIONS_TABLE . "
2383 WHERE auth_option " . $db->sql_like_expression($db->get_any_char() . '_') . "
2384 AND is_local = 1
2385 ORDER BY is_global DESC, auth_option";
2386 $result = $db->sql_query($sql);
2387
2388 while ($row = $db->sql_fetchrow($result))
2389 {
2390 $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
2391 $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
2392 }
2393 $db->sql_freeresult($result);
2394 }
2395
2396 $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
2397 $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
2398
2399 $template->assign_vars(array(
2400 'S_PERMISSIONS' => true,
2401
2402 'S_GLOBAL' => (!$forum_id) ? true : false,
2403 'S_FORUM_OPTIONS' => $s_forum_options,
2404
2405 'U_ACTION' => $this->u_action . '&u=' . $user_id,
2406 'U_USER_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&mode=setting_user_global&user_id[]=' . $user_id),
2407 'U_USER_FORUM_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&mode=setting_user_local&user_id[]=' . $user_id))
2408 );
2409
2410 break;
2411
2412 }
2413
2414 // Assign general variables
2415 $template->assign_vars(array(
2416 'S_ERROR' => (sizeof($error)) ? true : false,
2417 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '')
2418 );
2419 }
2420
2421 /**
2422 * Set option bit field for user options in a user row array.
2423 *
2424 * Optionset replacement for this module based on $user->optionset.
2425 *
2426 * @param array $user_row Row from the users table.
2427 * @param int $key Option key, as defined in $user->keyoptions property.
2428 * @param bool $value True to set the option, false to clear the option.
2429 * @param int $data Current bit field value, or false to use $user_row['user_options']
2430 * @return int|bool If $data is false, the bit field is modified and
2431 * written back to $user_row['user_options'], and
2432 * return value is true if the bit field changed and
2433 * false otherwise. If $data is not false, the new
2434 * bitfield value is returned.
2435 */
2436 function optionset(&$user_row, $key, $value, $data = false)
2437 {
2438 global $user;
2439
2440 $var = ($data !== false) ? $data : $user_row['user_options'];
2441
2442 $new_var = phpbb_optionset($user->keyoptions[$key], $value, $var);
2443
2444 if ($data === false)
2445 {
2446 if ($new_var != $var)
2447 {
2448 $user_row['user_options'] = $new_var;
2449 return true;
2450 }
2451 else
2452 {
2453 return false;
2454 }
2455 }
2456 else
2457 {
2458 return $new_var;
2459 }
2460 }
2461
2462 /**
2463 * Get option bit field from user options in a user row array.
2464 *
2465 * Optionget replacement for this module based on $user->optionget.
2466 *
2467 * @param array $user_row Row from the users table.
2468 * @param int $key option key, as defined in $user->keyoptions property.
2469 * @param int $data bit field value to use, or false to use $user_row['user_options']
2470 * @return bool true if the option is set in the bit field, false otherwise
2471 */
2472 function optionget(&$user_row, $key, $data = false)
2473 {
2474 global $user;
2475
2476 $var = ($data !== false) ? $data : $user_row['user_options'];
2477 return phpbb_optionget($user->keyoptions[$key], $var);
2478 }
2479 }
2480