Verzeichnisstruktur phpBB-3.1.0
- Veröffentlicht
- 27.10.2014
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
ucp_profile.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 /**
015 * @ignore
016 */
017 if (!defined('IN_PHPBB'))
018 {
019 exit;
020 }
021
022 /**
023 * ucp_profile
024 * Changing profile settings
025 *
026 * @todo what about pertaining user_sig_options?
027 */
028 class ucp_profile
029 {
030 var $u_action;
031
032 function main($id, $mode)
033 {
034 global $cache, $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
035 global $request, $phpbb_container;
036
037 $user->add_lang('posting');
038
039 $preview = $request->variable('preview', false, false, \phpbb\request\request_interface::POST);
040 $submit = $request->variable('submit', false, false, \phpbb\request\request_interface::POST);
041 $delete = $request->variable('delete', false, false, \phpbb\request\request_interface::POST);
042 $error = $data = array();
043 $s_hidden_fields = '';
044
045 switch ($mode)
046 {
047 case 'reg_details':
048
049 $data = array(
050 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)),
051 'email' => strtolower(request_var('email', $user->data['user_email'])),
052 'new_password' => $request->variable('new_password', '', true),
053 'cur_password' => $request->variable('cur_password', '', true),
054 'password_confirm' => $request->variable('password_confirm', '', true),
055 );
056
057 add_form_key('ucp_reg_details');
058
059 if ($submit)
060 {
061 // Do not check cur_password, it is the old one.
062 $check_ary = array(
063 'new_password' => array(
064 array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
065 array('password')),
066 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
067 'email' => array(
068 array('string', false, 6, 60),
069 array('user_email')),
070 );
071
072 if ($auth->acl_get('u_chgname') && $config['allow_namechange'])
073 {
074 $check_ary['username'] = array(
075 array('string', false, $config['min_name_chars'], $config['max_name_chars']),
076 array('username'),
077 );
078 }
079
080 $error = validate_data($data, $check_ary);
081
082 if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && $data['password_confirm'] != $data['new_password'])
083 {
084 $error[] = ($data['password_confirm']) ? 'NEW_PASSWORD_ERROR' : 'NEW_PASSWORD_CONFIRM_EMPTY';
085 }
086
087 // Instantiate passwords manager
088 $passwords_manager = $phpbb_container->get('passwords.manager');
089
090 // Only check the new password against the previous password if there have been no errors
091 if (!sizeof($error) && $auth->acl_get('u_chgpasswd') && $data['new_password'] && $passwords_manager->check($data['new_password'], $user->data['user_password']))
092 {
093 $error[] = 'SAME_PASSWORD_ERROR';
094 }
095
096 if (!$passwords_manager->check($data['cur_password'], $user->data['user_password']))
097 {
098 $error[] = ($data['cur_password']) ? 'CUR_PASSWORD_ERROR' : 'CUR_PASSWORD_EMPTY';
099 }
100
101 if (!check_form_key('ucp_reg_details'))
102 {
103 $error[] = 'FORM_INVALID';
104 }
105
106 if (!sizeof($error))
107 {
108 $sql_ary = array(
109 'username' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? $data['username'] : $user->data['username'],
110 'username_clean' => ($auth->acl_get('u_chgname') && $config['allow_namechange']) ? utf8_clean_string($data['username']) : $user->data['username_clean'],
111 'user_email' => ($auth->acl_get('u_chgemail')) ? $data['email'] : $user->data['user_email'],
112 'user_email_hash' => ($auth->acl_get('u_chgemail')) ? phpbb_email_hash($data['email']) : $user->data['user_email_hash'],
113 'user_password' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? $passwords_manager->hash($data['new_password']) : $user->data['user_password'],
114 'user_passchg' => ($auth->acl_get('u_chgpasswd') && $data['new_password']) ? time() : 0,
115 );
116
117 if ($auth->acl_get('u_chgname') && $config['allow_namechange'] && $data['username'] != $user->data['username'])
118 {
119 add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_NAME', $user->data['username'], $data['username']);
120 }
121
122 if ($auth->acl_get('u_chgpasswd') && $data['new_password'] && !$passwords_manager->check($data['new_password'], $user->data['user_password']))
123 {
124 $user->reset_login_keys();
125 add_log('user', $user->data['user_id'], 'LOG_USER_NEW_PASSWORD', $data['username']);
126 }
127
128 if ($auth->acl_get('u_chgemail') && $data['email'] != $user->data['user_email'])
129 {
130 add_log('user', $user->data['user_id'], 'LOG_USER_UPDATE_EMAIL', $data['username'], $user->data['user_email'], $data['email']);
131 }
132
133 $message = 'PROFILE_UPDATED';
134
135 if ($auth->acl_get('u_chgemail') && $config['email_enable'] && $data['email'] != $user->data['user_email'] && $user->data['user_type'] != USER_FOUNDER && ($config['require_activation'] == USER_ACTIVATION_SELF || $config['require_activation'] == USER_ACTIVATION_ADMIN))
136 {
137 $message = ($config['require_activation'] == USER_ACTIVATION_SELF) ? 'ACCOUNT_EMAIL_CHANGED' : 'ACCOUNT_EMAIL_CHANGED_ADMIN';
138
139 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
140
141 $server_url = generate_board_url();
142
143 $user_actkey = gen_rand_string(mt_rand(6, 10));
144
145 $messenger = new messenger(false);
146
147 $template_file = ($config['require_activation'] == USER_ACTIVATION_ADMIN) ? 'user_activate_inactive' : 'user_activate';
148 $messenger->template($template_file, $user->data['user_lang']);
149
150 $messenger->to($data['email'], $data['username']);
151
152 $messenger->anti_abuse_headers($config, $user);
153
154 $messenger->assign_vars(array(
155 'USERNAME' => htmlspecialchars_decode($data['username']),
156 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
157 );
158
159 $messenger->send(NOTIFY_EMAIL);
160
161 if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
162 {
163 // Grab an array of user_id's with a_user permissions ... these users can activate a user
164 $admin_ary = $auth->acl_get_list(false, 'a_user', false);
165 $admin_ary = (!empty($admin_ary[0]['a_user'])) ? $admin_ary[0]['a_user'] : array();
166
167 // Also include founders
168 $where_sql = ' WHERE user_type = ' . USER_FOUNDER;
169
170 if (sizeof($admin_ary))
171 {
172 $where_sql .= ' OR ' . $db->sql_in_set('user_id', $admin_ary);
173 }
174
175 $sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
176 FROM ' . USERS_TABLE . ' ' .
177 $where_sql;
178 $result = $db->sql_query($sql);
179
180 while ($row = $db->sql_fetchrow($result))
181 {
182 $messenger->template('admin_activate', $row['user_lang']);
183 $messenger->set_addresses($row);
184
185 $messenger->assign_vars(array(
186 'USERNAME' => htmlspecialchars_decode($data['username']),
187 'U_USER_DETAILS' => "$server_url/memberlist.$phpEx?mode=viewprofile&u={$user->data['user_id']}",
188 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
189 );
190
191 $messenger->send($row['user_notify_type']);
192 }
193 $db->sql_freeresult($result);
194 }
195
196 user_active_flip('deactivate', $user->data['user_id'], INACTIVE_PROFILE);
197
198 // Because we want the profile to be reactivated we set user_newpasswd to empty (else the reactivation will fail)
199 $sql_ary['user_actkey'] = $user_actkey;
200 $sql_ary['user_newpasswd'] = '';
201 }
202
203 if (sizeof($sql_ary))
204 {
205 $sql = 'UPDATE ' . USERS_TABLE . '
206 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
207 WHERE user_id = ' . $user->data['user_id'];
208 $db->sql_query($sql);
209 }
210
211 // Need to update config, forum, topic, posting, messages, etc.
212 if ($data['username'] != $user->data['username'] && $auth->acl_get('u_chgname') && $config['allow_namechange'])
213 {
214 user_update_name($user->data['username'], $data['username']);
215 }
216
217 // Now, we can remove the user completely (kill the session) - NOT BEFORE!!!
218 if (!empty($sql_ary['user_actkey']))
219 {
220 meta_refresh(5, append_sid($phpbb_root_path . 'index.' . $phpEx));
221 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid($phpbb_root_path . 'index.' . $phpEx) . '">', '</a>');
222
223 // Because the user gets deactivated we log him out too, killing his session
224 $user->session_kill();
225 }
226 else
227 {
228 meta_refresh(3, $this->u_action);
229 $message = $user->lang[$message] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
230 }
231
232 trigger_error($message);
233 }
234
235 // Replace "error" strings with their real, localised form
236 $error = array_map(array($user, 'lang'), $error);
237 }
238
239 $template->assign_vars(array(
240 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
241
242 'USERNAME' => $data['username'],
243 'EMAIL' => $data['email'],
244 'PASSWORD_CONFIRM' => $data['password_confirm'],
245 'NEW_PASSWORD' => $data['new_password'],
246 'CUR_PASSWORD' => '',
247
248 'L_USERNAME_EXPLAIN' => $user->lang($config['allow_name_chars'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_name_chars']), $user->lang('CHARACTERS', (int) $config['max_name_chars'])),
249 'L_CHANGE_PASSWORD_EXPLAIN' => $user->lang($config['pass_complex'] . '_EXPLAIN', $user->lang('CHARACTERS', (int) $config['min_pass_chars']), $user->lang('CHARACTERS', (int) $config['max_pass_chars'])),
250
251 'S_FORCE_PASSWORD' => ($auth->acl_get('u_chgpasswd') && $config['chg_passforce'] && $user->data['user_passchg'] < time() - ($config['chg_passforce'] * 86400)) ? true : false,
252 'S_CHANGE_USERNAME' => ($config['allow_namechange'] && $auth->acl_get('u_chgname')) ? true : false,
253 'S_CHANGE_EMAIL' => ($auth->acl_get('u_chgemail')) ? true : false,
254 'S_CHANGE_PASSWORD' => ($auth->acl_get('u_chgpasswd')) ? true : false)
255 );
256 break;
257
258 case 'profile_info':
259 // Do not display profile information panel if not authed to do so
260 if (!$auth->acl_get('u_chgprofileinfo'))
261 {
262 trigger_error('NO_AUTH_PROFILEINFO');
263 }
264
265 $cp = $phpbb_container->get('profilefields.manager');
266
267 $cp_data = $cp_error = array();
268
269 $data = array(
270 'jabber' => utf8_normalize_nfc(request_var('jabber', $user->data['user_jabber'], true)),
271 );
272
273 if ($config['allow_birthdays'])
274 {
275 $data['bday_day'] = $data['bday_month'] = $data['bday_year'] = 0;
276
277 if ($user->data['user_birthday'])
278 {
279 list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user->data['user_birthday']);
280 }
281
282 $data['bday_day'] = request_var('bday_day', $data['bday_day']);
283 $data['bday_month'] = request_var('bday_month', $data['bday_month']);
284 $data['bday_year'] = request_var('bday_year', $data['bday_year']);
285 $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
286 }
287
288 add_form_key('ucp_profile_info');
289
290 if ($submit)
291 {
292 $validate_array = array(
293 'jabber' => array(
294 array('string', true, 5, 255),
295 array('jabber')),
296 );
297
298 if ($config['allow_birthdays'])
299 {
300 $validate_array = array_merge($validate_array, array(
301 'bday_day' => array('num', true, 1, 31),
302 'bday_month' => array('num', true, 1, 12),
303 'bday_year' => array('num', true, 1901, gmdate('Y', time()) + 50),
304 'user_birthday' => array('date', true),
305 ));
306 }
307
308 $error = validate_data($data, $validate_array);
309
310 // validate custom profile fields
311 $cp->submit_cp_field('profile', $user->get_iso_lang_id(), $cp_data, $cp_error);
312
313 if (sizeof($cp_error))
314 {
315 $error = array_merge($error, $cp_error);
316 }
317
318 if (!check_form_key('ucp_profile_info'))
319 {
320 $error[] = 'FORM_INVALID';
321 }
322
323 if (!sizeof($error))
324 {
325 $data['notify'] = $user->data['user_notify_type'];
326
327 if ($data['notify'] == NOTIFY_IM && (!$config['jab_enable'] || !$data['jabber'] || !@extension_loaded('xml')))
328 {
329 // User has not filled in a jabber address (Or one of the modules is disabled or jabber is disabled)
330 // Disable notify by Jabber now for this user.
331 $data['notify'] = NOTIFY_EMAIL;
332 }
333
334 $sql_ary = array(
335 'user_jabber' => $data['jabber'],
336 'user_notify_type' => $data['notify'],
337 );
338
339 if ($config['allow_birthdays'])
340 {
341 $sql_ary['user_birthday'] = $data['user_birthday'];
342 }
343
344 $sql = 'UPDATE ' . USERS_TABLE . '
345 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
346 WHERE user_id = ' . $user->data['user_id'];
347 $db->sql_query($sql);
348
349 // Update Custom Fields
350 $cp->update_profile_field_data($user->data['user_id'], $cp_data);
351
352 meta_refresh(3, $this->u_action);
353 $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
354 trigger_error($message);
355 }
356
357 // Replace "error" strings with their real, localised form
358 $error = array_map(array($user, 'lang'), $error);
359 }
360
361 if ($config['allow_birthdays'])
362 {
363 $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
364 for ($i = 1; $i < 32; $i++)
365 {
366 $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
367 $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
368 }
369
370 $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
371 for ($i = 1; $i < 13; $i++)
372 {
373 $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
374 $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
375 }
376 $s_birthday_year_options = '';
377
378 $now = getdate();
379 $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
380 for ($i = $now['year'] - 100; $i <= $now['year']; $i++)
381 {
382 $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
383 $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
384 }
385 unset($now);
386
387 $template->assign_vars(array(
388 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
389 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
390 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
391 'S_BIRTHDAYS_ENABLED' => true,
392 ));
393 }
394
395 $template->assign_vars(array(
396 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
397 'S_JABBER_ENABLED' => $config['jab_enable'],
398 'JABBER' => $data['jabber'],
399 ));
400
401 // Get additional profile fields and assign them to the template block var 'profile_fields'
402 $user->get_profile_fields($user->data['user_id']);
403
404 $cp->generate_profile_fields('profile', $user->get_iso_lang_id());
405
406 break;
407
408 case 'signature':
409
410 if (!$auth->acl_get('u_sig'))
411 {
412 trigger_error('NO_AUTH_SIGNATURE');
413 }
414
415 include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
416 include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
417
418 $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $user->optionget('sig_bbcode') : false;
419 $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $user->optionget('sig_smilies') : false;
420 $enable_urls = ($config['allow_sig_links']) ? (bool) $user->optionget('sig_links') : false;
421
422 $signature = utf8_normalize_nfc(request_var('signature', (string) $user->data['user_sig'], true));
423
424 add_form_key('ucp_sig');
425
426 if ($submit || $preview)
427 {
428 include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
429
430 $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false;
431 $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false;
432 $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
433
434 if (!sizeof($error))
435 {
436 $message_parser = new parse_message($signature);
437
438 // Allowing Quote BBCode
439 $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
440
441 if (sizeof($message_parser->warn_msg))
442 {
443 $error[] = implode('<br />', $message_parser->warn_msg);
444 }
445
446 if (!check_form_key('ucp_sig'))
447 {
448 $error[] = 'FORM_INVALID';
449 }
450
451 if (!sizeof($error) && $submit)
452 {
453 $user->optionset('sig_bbcode', $enable_bbcode);
454 $user->optionset('sig_smilies', $enable_smilies);
455 $user->optionset('sig_links', $enable_urls);
456
457 $sql_ary = array(
458 'user_sig' => (string) $message_parser->message,
459 'user_options' => $user->data['user_options'],
460 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
461 'user_sig_bbcode_bitfield' => $message_parser->bbcode_bitfield
462 );
463
464 $sql = 'UPDATE ' . USERS_TABLE . '
465 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
466 WHERE user_id = ' . $user->data['user_id'];
467 $db->sql_query($sql);
468
469 $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
470 trigger_error($message);
471 }
472 }
473
474 // Replace "error" strings with their real, localised form
475 $error = array_map(array($user, 'lang'), $error);
476 }
477
478 $signature_preview = '';
479 if ($preview)
480 {
481 // Now parse it for displaying
482 $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
483 unset($message_parser);
484 }
485
486 decode_message($signature, $user->data['user_sig_bbcode_uid']);
487
488 $template->assign_vars(array(
489 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
490 'SIGNATURE' => $signature,
491 'SIGNATURE_PREVIEW' => $signature_preview,
492
493 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '',
494 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '',
495 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '',
496
497 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
498 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
499 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
500 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
501 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
502 'MAX_FONT_SIZE' => (int) $config['max_sig_font_size'],
503
504 'L_SIGNATURE_EXPLAIN' => $user->lang('SIGNATURE_EXPLAIN', (int) $config['max_sig_chars']),
505
506 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'],
507 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'],
508 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false,
509 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false,
510 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false)
511 );
512
513 // Build custom bbcodes array
514 display_custom_bbcodes();
515
516 // Generate smiley listing
517 generate_smilies('inline', 0);
518
519 break;
520
521 case 'avatar':
522
523 add_form_key('ucp_avatar');
524
525 $avatars_enabled = false;
526
527 if ($config['allow_avatar'] && $auth->acl_get('u_chgavatar'))
528 {
529 $phpbb_avatar_manager = $phpbb_container->get('avatar.manager');
530 $avatar_drivers = $phpbb_avatar_manager->get_enabled_drivers();
531
532 // This is normalised data, without the user_ prefix
533 $avatar_data = \phpbb\avatar\manager::clean_row($user->data, 'user');
534
535 if ($submit)
536 {
537 if (check_form_key('ucp_avatar'))
538 {
539 $driver_name = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', ''));
540
541 if (in_array($driver_name, $avatar_drivers) && !$request->is_set_post('avatar_delete'))
542 {
543 $driver = $phpbb_avatar_manager->get_driver($driver_name);
544 $result = $driver->process_form($request, $template, $user, $avatar_data, $error);
545
546 if ($result && empty($error))
547 {
548 // Success! Lets save the result in the database
549 $result = array(
550 'user_avatar_type' => $driver_name,
551 'user_avatar' => $result['avatar'],
552 'user_avatar_width' => $result['avatar_width'],
553 'user_avatar_height' => $result['avatar_height'],
554 );
555
556 $sql = 'UPDATE ' . USERS_TABLE . '
557 SET ' . $db->sql_build_array('UPDATE', $result) . '
558 WHERE user_id = ' . (int) $user->data['user_id'];
559
560 $db->sql_query($sql);
561
562 meta_refresh(3, $this->u_action);
563 $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
564 trigger_error($message);
565 }
566 }
567 }
568 else
569 {
570 $error[] = 'FORM_INVALID';
571 }
572 }
573
574 // Handle deletion of avatars
575 if ($request->is_set_post('avatar_delete'))
576 {
577 if (!confirm_box(true))
578 {
579 confirm_box(false, $user->lang('CONFIRM_AVATAR_DELETE'), build_hidden_fields(array(
580 'avatar_delete' => true,
581 'i' => $id,
582 'mode' => $mode))
583 );
584 }
585 else
586 {
587 $phpbb_avatar_manager->handle_avatar_delete($db, $user, $avatar_data, USERS_TABLE, 'user_');
588
589 meta_refresh(3, $this->u_action);
590 $message = $user->lang['PROFILE_UPDATED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
591 trigger_error($message);
592 }
593 }
594
595 $selected_driver = $phpbb_avatar_manager->clean_driver_name($request->variable('avatar_driver', $user->data['user_avatar_type']));
596
597 foreach ($avatar_drivers as $current_driver)
598 {
599 $driver = $phpbb_avatar_manager->get_driver($current_driver);
600
601 $avatars_enabled = true;
602 $template->set_filenames(array(
603 'avatar' => $driver->get_template_name(),
604 ));
605
606 if ($driver->prepare_form($request, $template, $user, $avatar_data, $error))
607 {
608 $driver_name = $phpbb_avatar_manager->prepare_driver_name($current_driver);
609 $driver_upper = strtoupper($driver_name);
610
611 $template->assign_block_vars('avatar_drivers', array(
612 'L_TITLE' => $user->lang($driver_upper . '_TITLE'),
613 'L_EXPLAIN' => $user->lang($driver_upper . '_EXPLAIN'),
614
615 'DRIVER' => $driver_name,
616 'SELECTED' => $current_driver == $selected_driver,
617 'OUTPUT' => $template->assign_display('avatar'),
618 ));
619 }
620 }
621
622 // Replace "error" strings with their real, localised form
623 $error = $phpbb_avatar_manager->localize_errors($user, $error);
624 }
625
626 $avatar = phpbb_get_user_avatar($user->data, 'USER_AVATAR', true);
627
628 $template->assign_vars(array(
629 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
630 'AVATAR' => $avatar,
631
632 'S_FORM_ENCTYPE' => ' enctype="multipart/form-data"',
633
634 'L_AVATAR_EXPLAIN' => phpbb_avatar_explanation_string(),
635
636 'S_AVATARS_ENABLED' => ($config['allow_avatar'] && $avatars_enabled),
637 ));
638
639 break;
640
641 case 'autologin_keys':
642
643 add_form_key('ucp_autologin_keys');
644
645 if ($submit)
646 {
647 $keys = request_var('keys', array(''));
648
649 if (!check_form_key('ucp_autologin_keys'))
650 {
651 $error[] = 'FORM_INVALID';
652 }
653
654 if (!sizeof($error))
655 {
656 if (!empty($keys))
657 {
658 foreach ($keys as $key => $id)
659 {
660 $keys[$key] = $db->sql_like_expression($id . $db->get_any_char());
661 }
662 $sql_where = '(key_id ' . implode(' OR key_id ', $keys) . ')';
663 $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
664 WHERE user_id = ' . (int) $user->data['user_id'] . '
665 AND ' . $sql_where ;
666
667 $db->sql_query($sql);
668
669 meta_refresh(3, $this->u_action);
670 $message = $user->lang['AUTOLOGIN_SESSION_KEYS_DELETED'] . '<br /><br />' . sprintf($user->lang['RETURN_UCP'], '<a href="' . $this->u_action . '">', '</a>');
671 trigger_error($message);
672 }
673 }
674
675 // Replace "error" strings with their real, localised form
676 $error = array_map(array($user, 'lang'), $error);
677 }
678
679 $sql = 'SELECT key_id, last_ip, last_login
680 FROM ' . SESSIONS_KEYS_TABLE . '
681 WHERE user_id = ' . (int) $user->data['user_id'] . '
682 ORDER BY last_login ASC';
683
684 $result = $db->sql_query($sql);
685
686 while ($row = $db->sql_fetchrow($result))
687 {
688 $template->assign_block_vars('sessions', array(
689 'KEY' => substr($row['key_id'], 0, 8),
690 'IP' => $row['last_ip'],
691 'LOGIN_TIME' => $user->format_date($row['last_login']),
692 ));
693 }
694
695 $db->sql_freeresult($result);
696
697 break;
698 }
699
700 $template->assign_vars(array(
701 'ERROR' => (sizeof($error)) ? implode('<br />', $error) : '',
702
703 'L_TITLE' => $user->lang['UCP_PROFILE_' . strtoupper($mode)],
704
705 'S_HIDDEN_FIELDS' => $s_hidden_fields,
706 'S_UCP_ACTION' => $this->u_action)
707 );
708
709 // Set desired template
710 $this->tpl_name = 'ucp_profile_' . $mode;
711 $this->page_title = 'UCP_PROFILE_' . strtoupper($mode);
712 }
713 }
714