1 | <?php
|
---|
2 | /**
|
---|
3 | *
|
---|
4 | * @package acp
|
---|
5 | * @version $Id$
|
---|
6 | * @copyright (c) 2005 phpBB Group
|
---|
7 | * @license http://opensource.org/licenses/gpl-license.php GNU Public License
|
---|
8 | *
|
---|
9 | */
|
---|
10 |
|
---|
11 | /**
|
---|
12 | * @ignore
|
---|
13 | */
|
---|
14 | if (!defined('IN_PHPBB'))
|
---|
15 | {
|
---|
16 | exit;
|
---|
17 | }
|
---|
18 |
|
---|
19 | /**
|
---|
20 | * @package acp
|
---|
21 | */
|
---|
22 | class acp_users
|
---|
23 | {
|
---|
24 | var $u_action;
|
---|
25 | var $p_master;
|
---|
26 |
|
---|
27 | function acp_users(&$p_master)
|
---|
28 | {
|
---|
29 | $this->p_master = &$p_master;
|
---|
30 | }
|
---|
31 |
|
---|
32 | function main($id, $mode)
|
---|
33 | {
|
---|
34 | global $config, $db, $user, $auth, $template, $cache;
|
---|
35 | global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
|
---|
36 |
|
---|
37 | $user->add_lang(array('posting', 'ucp', 'acp/users'));
|
---|
38 | $this->tpl_name = 'acp_users';
|
---|
39 | $this->page_title = 'ACP_USER_' . strtoupper($mode);
|
---|
40 |
|
---|
41 | $error = array();
|
---|
42 | $username = utf8_normalize_nfc(request_var('username', '', true));
|
---|
43 | $user_id = request_var('u', 0);
|
---|
44 | $action = request_var('action', '');
|
---|
45 |
|
---|
46 | $submit = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
|
---|
47 |
|
---|
48 | $form_name = 'acp_users';
|
---|
49 | add_form_key($form_name);
|
---|
50 |
|
---|
51 | // Whois (special case)
|
---|
52 | if ($action == 'whois')
|
---|
53 | {
|
---|
54 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
55 |
|
---|
56 | $this->page_title = 'WHOIS';
|
---|
57 | $this->tpl_name = 'simple_body';
|
---|
58 |
|
---|
59 | $user_ip = request_var('user_ip', '');
|
---|
60 | $domain = gethostbyaddr($user_ip);
|
---|
61 | $ipwhois = user_ipwhois($user_ip);
|
---|
62 |
|
---|
63 | $template->assign_vars(array(
|
---|
64 | 'MESSAGE_TITLE' => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
|
---|
65 | 'MESSAGE_TEXT' => nl2br($ipwhois))
|
---|
66 | );
|
---|
67 |
|
---|
68 | return;
|
---|
69 | }
|
---|
70 |
|
---|
71 | // Show user selection mask
|
---|
72 | if (!$username && !$user_id)
|
---|
73 | {
|
---|
74 | $this->page_title = 'SELECT_USER';
|
---|
75 |
|
---|
76 | $template->assign_vars(array(
|
---|
77 | 'U_ACTION' => $this->u_action,
|
---|
78 | 'ANONYMOUS_USER_ID' => ANONYMOUS,
|
---|
79 |
|
---|
80 | 'S_SELECT_USER' => true,
|
---|
81 | 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username&select_single=true'),
|
---|
82 | ));
|
---|
83 |
|
---|
84 | return;
|
---|
85 | }
|
---|
86 |
|
---|
87 | if (!$user_id)
|
---|
88 | {
|
---|
89 | $sql = 'SELECT user_id
|
---|
90 | FROM ' . USERS_TABLE . "
|
---|
91 | WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
|
---|
92 | $result = $db->sql_query($sql);
|
---|
93 | $user_id = (int) $db->sql_fetchfield('user_id');
|
---|
94 | $db->sql_freeresult($result);
|
---|
95 |
|
---|
96 | if (!$user_id)
|
---|
97 | {
|
---|
98 | trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
99 | }
|
---|
100 | }
|
---|
101 |
|
---|
102 | // Generate content for all modes
|
---|
103 | $sql = 'SELECT u.*, s.*
|
---|
104 | FROM ' . USERS_TABLE . ' u
|
---|
105 | LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
|
---|
106 | WHERE u.user_id = ' . $user_id . '
|
---|
107 | ORDER BY s.session_time DESC';
|
---|
108 | $result = $db->sql_query($sql);
|
---|
109 | $user_row = $db->sql_fetchrow($result);
|
---|
110 | $db->sql_freeresult($result);
|
---|
111 |
|
---|
112 | if (!$user_row)
|
---|
113 | {
|
---|
114 | trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
115 | }
|
---|
116 |
|
---|
117 | // Generate overall "header" for user admin
|
---|
118 | $s_form_options = '';
|
---|
119 |
|
---|
120 | // Build modes dropdown list
|
---|
121 | $sql = 'SELECT module_mode, module_auth
|
---|
122 | FROM ' . MODULES_TABLE . "
|
---|
123 | WHERE module_basename = 'users'
|
---|
124 | AND module_enabled = 1
|
---|
125 | AND module_class = 'acp'
|
---|
126 | ORDER BY left_id, module_mode";
|
---|
127 | $result = $db->sql_query($sql);
|
---|
128 |
|
---|
129 | $dropdown_modes = array();
|
---|
130 | while ($row = $db->sql_fetchrow($result))
|
---|
131 | {
|
---|
132 | if (!$this->p_master->module_auth($row['module_auth']))
|
---|
133 | {
|
---|
134 | continue;
|
---|
135 | }
|
---|
136 |
|
---|
137 | $dropdown_modes[$row['module_mode']] = true;
|
---|
138 | }
|
---|
139 | $db->sql_freeresult($result);
|
---|
140 |
|
---|
141 | foreach ($dropdown_modes as $module_mode => $null)
|
---|
142 | {
|
---|
143 | $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
|
---|
144 | $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
|
---|
145 | }
|
---|
146 |
|
---|
147 | $template->assign_vars(array(
|
---|
148 | 'U_BACK' => $this->u_action,
|
---|
149 | 'U_MODE_SELECT' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&u=$user_id"),
|
---|
150 | 'U_ACTION' => $this->u_action . '&u=' . $user_id,
|
---|
151 | 'S_FORM_OPTIONS' => $s_form_options,
|
---|
152 | 'MANAGED_USERNAME' => $user_row['username'])
|
---|
153 | );
|
---|
154 |
|
---|
155 | // Prevent normal users/admins change/view founders if they are not a founder by themselves
|
---|
156 | if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
|
---|
157 | {
|
---|
158 | trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
|
---|
159 | }
|
---|
160 |
|
---|
161 | switch ($mode)
|
---|
162 | {
|
---|
163 | case 'overview':
|
---|
164 |
|
---|
165 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
166 |
|
---|
167 | $user->add_lang('acp/ban');
|
---|
168 |
|
---|
169 | $delete = request_var('delete', 0);
|
---|
170 | $delete_type = request_var('delete_type', '');
|
---|
171 | $ip = request_var('ip', 'ip');
|
---|
172 |
|
---|
173 | if ($submit)
|
---|
174 | {
|
---|
175 | // You can't delete the founder
|
---|
176 | if ($delete && $user_row['user_type'] != USER_FOUNDER)
|
---|
177 | {
|
---|
178 | if (!$auth->acl_get('a_userdel'))
|
---|
179 | {
|
---|
180 | trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
181 | }
|
---|
182 |
|
---|
183 | // Check if the user wants to remove himself or the guest user account
|
---|
184 | if ($user_id == ANONYMOUS)
|
---|
185 | {
|
---|
186 | trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
187 | }
|
---|
188 |
|
---|
189 | if ($user_id == $user->data['user_id'])
|
---|
190 | {
|
---|
191 | trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
192 | }
|
---|
193 |
|
---|
194 | if (confirm_box(true))
|
---|
195 | {
|
---|
196 | user_delete($delete_type, $user_id, $user_row['username']);
|
---|
197 |
|
---|
198 | add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
|
---|
199 | trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
|
---|
200 | }
|
---|
201 | else
|
---|
202 | {
|
---|
203 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
204 | 'u' => $user_id,
|
---|
205 | 'i' => $id,
|
---|
206 | 'mode' => $mode,
|
---|
207 | 'action' => $action,
|
---|
208 | 'update' => true,
|
---|
209 | 'delete' => 1,
|
---|
210 | 'delete_type' => $delete_type))
|
---|
211 | );
|
---|
212 | }
|
---|
213 | }
|
---|
214 |
|
---|
215 | // Handle quicktool actions
|
---|
216 | switch ($action)
|
---|
217 | {
|
---|
218 | case 'banuser':
|
---|
219 | case 'banemail':
|
---|
220 | case 'banip':
|
---|
221 |
|
---|
222 | if ($user_id == $user->data['user_id'])
|
---|
223 | {
|
---|
224 | trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
225 | }
|
---|
226 |
|
---|
227 | if ($user_row['user_type'] == USER_FOUNDER)
|
---|
228 | {
|
---|
229 | trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
230 | }
|
---|
231 |
|
---|
232 | if (!check_form_key($form_name))
|
---|
233 | {
|
---|
234 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
235 | }
|
---|
236 |
|
---|
237 | $ban = array();
|
---|
238 |
|
---|
239 | switch ($action)
|
---|
240 | {
|
---|
241 | case 'banuser':
|
---|
242 | $ban[] = $user_row['username'];
|
---|
243 | $reason = 'USER_ADMIN_BAN_NAME_REASON';
|
---|
244 | $log = 'LOG_USER_BAN_USER';
|
---|
245 | break;
|
---|
246 |
|
---|
247 | case 'banemail':
|
---|
248 | $ban[] = $user_row['user_email'];
|
---|
249 | $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
|
---|
250 | $log = 'LOG_USER_BAN_EMAIL';
|
---|
251 | break;
|
---|
252 |
|
---|
253 | case 'banip':
|
---|
254 | $ban[] = $user_row['user_ip'];
|
---|
255 |
|
---|
256 | $sql = 'SELECT DISTINCT poster_ip
|
---|
257 | FROM ' . POSTS_TABLE . "
|
---|
258 | WHERE poster_id = $user_id";
|
---|
259 | $result = $db->sql_query($sql);
|
---|
260 |
|
---|
261 | while ($row = $db->sql_fetchrow($result))
|
---|
262 | {
|
---|
263 | $ban[] = $row['poster_ip'];
|
---|
264 | }
|
---|
265 | $db->sql_freeresult($result);
|
---|
266 |
|
---|
267 | $reason = 'USER_ADMIN_BAN_IP_REASON';
|
---|
268 | $log = 'LOG_USER_BAN_IP';
|
---|
269 | break;
|
---|
270 | }
|
---|
271 |
|
---|
272 | $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
|
---|
273 | $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
|
---|
274 |
|
---|
275 | // Log not used at the moment, we simply utilize the ban function.
|
---|
276 | $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
|
---|
277 |
|
---|
278 | trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
279 |
|
---|
280 | break;
|
---|
281 |
|
---|
282 | case 'reactivate':
|
---|
283 |
|
---|
284 | if ($user_id == $user->data['user_id'])
|
---|
285 | {
|
---|
286 | trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
287 | }
|
---|
288 |
|
---|
289 | if (!check_form_key($form_name))
|
---|
290 | {
|
---|
291 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
292 | }
|
---|
293 |
|
---|
294 | if ($user_row['user_type'] == USER_FOUNDER)
|
---|
295 | {
|
---|
296 | trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
297 | }
|
---|
298 |
|
---|
299 | if ($user_row['user_type'] == USER_IGNORE)
|
---|
300 | {
|
---|
301 | trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
302 | }
|
---|
303 |
|
---|
304 | if ($config['email_enable'])
|
---|
305 | {
|
---|
306 | include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
|
---|
307 |
|
---|
308 | $server_url = generate_board_url();
|
---|
309 |
|
---|
310 | $user_actkey = gen_rand_string(10);
|
---|
311 | $key_len = 54 - (strlen($server_url));
|
---|
312 | $key_len = ($key_len > 6) ? $key_len : 6;
|
---|
313 | $user_actkey = substr($user_actkey, 0, $key_len);
|
---|
314 | $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
|
---|
315 |
|
---|
316 | if ($user_row['user_type'] == USER_NORMAL)
|
---|
317 | {
|
---|
318 | user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
|
---|
319 |
|
---|
320 | $sql = 'UPDATE ' . USERS_TABLE . "
|
---|
321 | SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
|
---|
322 | WHERE user_id = $user_id";
|
---|
323 | $db->sql_query($sql);
|
---|
324 | }
|
---|
325 | else
|
---|
326 | {
|
---|
327 | // Grabbing the last confirm key - we only send a reminder
|
---|
328 | $sql = 'SELECT user_actkey
|
---|
329 | FROM ' . USERS_TABLE . '
|
---|
330 | WHERE user_id = ' . $user_id;
|
---|
331 | $result = $db->sql_query($sql);
|
---|
332 | $user_actkey = (string) $db->sql_fetchfield('user_actkey');
|
---|
333 | $db->sql_freeresult($result);
|
---|
334 | }
|
---|
335 |
|
---|
336 | $messenger = new messenger(false);
|
---|
337 |
|
---|
338 | $messenger->template($email_template, $user_row['user_lang']);
|
---|
339 |
|
---|
340 | $messenger->to($user_row['user_email'], $user_row['username']);
|
---|
341 |
|
---|
342 | $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
|
---|
343 | $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
|
---|
344 | $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
|
---|
345 | $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
|
---|
346 |
|
---|
347 | $messenger->assign_vars(array(
|
---|
348 | 'WELCOME_MSG' => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
|
---|
349 | 'USERNAME' => htmlspecialchars_decode($user_row['username']),
|
---|
350 | 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
|
---|
351 | );
|
---|
352 |
|
---|
353 | $messenger->send(NOTIFY_EMAIL);
|
---|
354 |
|
---|
355 | add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
|
---|
356 | add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
|
---|
357 |
|
---|
358 | trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
359 | }
|
---|
360 |
|
---|
361 | break;
|
---|
362 |
|
---|
363 | case 'active':
|
---|
364 |
|
---|
365 | if ($user_id == $user->data['user_id'])
|
---|
366 | {
|
---|
367 | // It is only deactivation since the user is already activated (else he would not have reached this page)
|
---|
368 | trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
369 | }
|
---|
370 |
|
---|
371 | if (!check_form_key($form_name))
|
---|
372 | {
|
---|
373 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
374 | }
|
---|
375 |
|
---|
376 | if ($user_row['user_type'] == USER_FOUNDER)
|
---|
377 | {
|
---|
378 | trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
379 | }
|
---|
380 |
|
---|
381 | if ($user_row['user_type'] == USER_IGNORE)
|
---|
382 | {
|
---|
383 | trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
384 | }
|
---|
385 |
|
---|
386 | user_active_flip('flip', $user_id);
|
---|
387 |
|
---|
388 | if ($user_row['user_type'] == USER_INACTIVE)
|
---|
389 | {
|
---|
390 | if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
|
---|
391 | {
|
---|
392 | include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
|
---|
393 |
|
---|
394 | $messenger = new messenger(false);
|
---|
395 |
|
---|
396 | $messenger->template('admin_welcome_activated', $user_row['user_lang']);
|
---|
397 |
|
---|
398 | $messenger->to($user_row['user_email'], $user_row['username']);
|
---|
399 |
|
---|
400 | $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
|
---|
401 | $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
|
---|
402 | $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
|
---|
403 | $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
|
---|
404 |
|
---|
405 | $messenger->assign_vars(array(
|
---|
406 | 'USERNAME' => htmlspecialchars_decode($user_row['username']))
|
---|
407 | );
|
---|
408 |
|
---|
409 | $messenger->send(NOTIFY_EMAIL);
|
---|
410 | }
|
---|
411 | }
|
---|
412 |
|
---|
413 | $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
|
---|
414 | $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
|
---|
415 |
|
---|
416 | add_log('admin', $log, $user_row['username']);
|
---|
417 | add_log('user', $user_id, $log . '_USER');
|
---|
418 |
|
---|
419 | trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
420 |
|
---|
421 | break;
|
---|
422 |
|
---|
423 | case 'delsig':
|
---|
424 |
|
---|
425 | if (!check_form_key($form_name))
|
---|
426 | {
|
---|
427 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
428 | }
|
---|
429 |
|
---|
430 | $sql_ary = array(
|
---|
431 | 'user_sig' => '',
|
---|
432 | 'user_sig_bbcode_uid' => '',
|
---|
433 | 'user_sig_bbcode_bitfield' => ''
|
---|
434 | );
|
---|
435 |
|
---|
436 | $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
---|
437 | WHERE user_id = $user_id";
|
---|
438 | $db->sql_query($sql);
|
---|
439 |
|
---|
440 | add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
|
---|
441 | add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
|
---|
442 |
|
---|
443 | trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
444 |
|
---|
445 | break;
|
---|
446 |
|
---|
447 | case 'delavatar':
|
---|
448 |
|
---|
449 | if (!check_form_key($form_name))
|
---|
450 | {
|
---|
451 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
452 | }
|
---|
453 |
|
---|
454 | $sql_ary = array(
|
---|
455 | 'user_avatar' => '',
|
---|
456 | 'user_avatar_type' => 0,
|
---|
457 | 'user_avatar_width' => 0,
|
---|
458 | 'user_avatar_height' => 0,
|
---|
459 | );
|
---|
460 |
|
---|
461 | $sql = 'UPDATE ' . USERS_TABLE . '
|
---|
462 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
---|
463 | WHERE user_id = $user_id";
|
---|
464 | $db->sql_query($sql);
|
---|
465 |
|
---|
466 | // Delete old avatar if present
|
---|
467 | if ($user_row['user_avatar'] && $user_row['user_avatar_type'] != AVATAR_GALLERY)
|
---|
468 | {
|
---|
469 | avatar_delete('user', $user_row);
|
---|
470 | }
|
---|
471 |
|
---|
472 | add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
|
---|
473 | add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
|
---|
474 |
|
---|
475 | trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
476 | break;
|
---|
477 |
|
---|
478 | case 'delposts':
|
---|
479 |
|
---|
480 | if (confirm_box(true))
|
---|
481 | {
|
---|
482 | // Delete posts, attachments, etc.
|
---|
483 | delete_posts('poster_id', $user_id);
|
---|
484 |
|
---|
485 | add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
|
---|
486 | trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
487 | }
|
---|
488 | else
|
---|
489 | {
|
---|
490 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
491 | 'u' => $user_id,
|
---|
492 | 'i' => $id,
|
---|
493 | 'mode' => $mode,
|
---|
494 | 'action' => $action,
|
---|
495 | 'update' => true))
|
---|
496 | );
|
---|
497 | }
|
---|
498 |
|
---|
499 | break;
|
---|
500 |
|
---|
501 | case 'delattach':
|
---|
502 |
|
---|
503 | if (confirm_box(true))
|
---|
504 | {
|
---|
505 | delete_attachments('user', $user_id);
|
---|
506 |
|
---|
507 | add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
|
---|
508 | trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
509 | }
|
---|
510 | else
|
---|
511 | {
|
---|
512 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
513 | 'u' => $user_id,
|
---|
514 | 'i' => $id,
|
---|
515 | 'mode' => $mode,
|
---|
516 | 'action' => $action,
|
---|
517 | 'update' => true))
|
---|
518 | );
|
---|
519 | }
|
---|
520 |
|
---|
521 | break;
|
---|
522 |
|
---|
523 | case 'deloutbox':
|
---|
524 |
|
---|
525 | if (confirm_box(true))
|
---|
526 | {
|
---|
527 | $msg_ids = array();
|
---|
528 | $lang = 'EMPTY';
|
---|
529 |
|
---|
530 | $sql = 'SELECT msg_id
|
---|
531 | FROM ' . PRIVMSGS_TO_TABLE . "
|
---|
532 | WHERE author_id = $user_id
|
---|
533 | AND folder_id = " . PRIVMSGS_OUTBOX;
|
---|
534 | $result = $db->sql_query($sql);
|
---|
535 |
|
---|
536 | if ($row = $db->sql_fetchrow($result))
|
---|
537 | {
|
---|
538 | if (!function_exists('delete_pm'))
|
---|
539 | {
|
---|
540 | include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
|
---|
541 | }
|
---|
542 |
|
---|
543 | do
|
---|
544 | {
|
---|
545 | $msg_ids[] = (int) $row['msg_id'];
|
---|
546 | }
|
---|
547 | while ($row = $db->sql_fetchrow($result));
|
---|
548 |
|
---|
549 | $db->sql_freeresult($result);
|
---|
550 |
|
---|
551 | delete_pm($user_id, $msg_ids, PRIVMSGS_OUTBOX);
|
---|
552 |
|
---|
553 | add_log('admin', 'LOG_USER_DEL_OUTBOX', $user_row['username']);
|
---|
554 |
|
---|
555 | $lang = 'EMPTIED';
|
---|
556 | }
|
---|
557 | $db->sql_freeresult($result);
|
---|
558 |
|
---|
559 | trigger_error($user->lang['USER_OUTBOX_' . $lang] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
560 | }
|
---|
561 | else
|
---|
562 | {
|
---|
563 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
564 | 'u' => $user_id,
|
---|
565 | 'i' => $id,
|
---|
566 | 'mode' => $mode,
|
---|
567 | 'action' => $action,
|
---|
568 | 'update' => true))
|
---|
569 | );
|
---|
570 | }
|
---|
571 | break;
|
---|
572 |
|
---|
573 | case 'moveposts':
|
---|
574 |
|
---|
575 | if (!check_form_key($form_name))
|
---|
576 | {
|
---|
577 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
578 | }
|
---|
579 |
|
---|
580 | $user->add_lang('acp/forums');
|
---|
581 |
|
---|
582 | $new_forum_id = request_var('new_f', 0);
|
---|
583 |
|
---|
584 | if (!$new_forum_id)
|
---|
585 | {
|
---|
586 | $this->page_title = 'USER_ADMIN_MOVE_POSTS';
|
---|
587 |
|
---|
588 | $template->assign_vars(array(
|
---|
589 | 'S_SELECT_FORUM' => true,
|
---|
590 | 'U_ACTION' => $this->u_action . "&action=$action&u=$user_id",
|
---|
591 | 'U_BACK' => $this->u_action . "&u=$user_id",
|
---|
592 | 'S_FORUM_OPTIONS' => make_forum_select(false, false, false, true))
|
---|
593 | );
|
---|
594 |
|
---|
595 | return;
|
---|
596 | }
|
---|
597 |
|
---|
598 | // Is the new forum postable to?
|
---|
599 | $sql = 'SELECT forum_name, forum_type
|
---|
600 | FROM ' . FORUMS_TABLE . "
|
---|
601 | WHERE forum_id = $new_forum_id";
|
---|
602 | $result = $db->sql_query($sql);
|
---|
603 | $forum_info = $db->sql_fetchrow($result);
|
---|
604 | $db->sql_freeresult($result);
|
---|
605 |
|
---|
606 | if (!$forum_info)
|
---|
607 | {
|
---|
608 | trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
609 | }
|
---|
610 |
|
---|
611 | if ($forum_info['forum_type'] != FORUM_POST)
|
---|
612 | {
|
---|
613 | trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
614 | }
|
---|
615 |
|
---|
616 | // Two stage?
|
---|
617 | // Move topics comprising only posts from this user
|
---|
618 | $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
|
---|
619 | $forum_id_ary = array($new_forum_id);
|
---|
620 |
|
---|
621 | $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts
|
---|
622 | FROM ' . POSTS_TABLE . "
|
---|
623 | WHERE poster_id = $user_id
|
---|
624 | AND forum_id <> $new_forum_id
|
---|
625 | GROUP BY topic_id";
|
---|
626 | $result = $db->sql_query($sql);
|
---|
627 |
|
---|
628 | while ($row = $db->sql_fetchrow($result))
|
---|
629 | {
|
---|
630 | $topic_id_ary[$row['topic_id']] = $row['total_posts'];
|
---|
631 | }
|
---|
632 | $db->sql_freeresult($result);
|
---|
633 |
|
---|
634 | if (sizeof($topic_id_ary))
|
---|
635 | {
|
---|
636 | $sql = 'SELECT topic_id, forum_id, topic_title, topic_replies, topic_replies_real, topic_attachment
|
---|
637 | FROM ' . TOPICS_TABLE . '
|
---|
638 | WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
|
---|
639 | $result = $db->sql_query($sql);
|
---|
640 |
|
---|
641 | while ($row = $db->sql_fetchrow($result))
|
---|
642 | {
|
---|
643 | if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']])
|
---|
644 | {
|
---|
645 | $move_topic_ary[] = $row['topic_id'];
|
---|
646 | }
|
---|
647 | else
|
---|
648 | {
|
---|
649 | $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
|
---|
650 | $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
|
---|
651 | }
|
---|
652 |
|
---|
653 | $forum_id_ary[] = $row['forum_id'];
|
---|
654 | }
|
---|
655 | $db->sql_freeresult($result);
|
---|
656 | }
|
---|
657 |
|
---|
658 | // Entire topic comprises posts by this user, move these topics
|
---|
659 | if (sizeof($move_topic_ary))
|
---|
660 | {
|
---|
661 | move_topics($move_topic_ary, $new_forum_id, false);
|
---|
662 | }
|
---|
663 |
|
---|
664 | if (sizeof($move_post_ary))
|
---|
665 | {
|
---|
666 | // Create new topic
|
---|
667 | // Update post_ids, report_ids, attachment_ids
|
---|
668 | foreach ($move_post_ary as $topic_id => $post_ary)
|
---|
669 | {
|
---|
670 | // Create new topic
|
---|
671 | $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
|
---|
672 | 'topic_poster' => $user_id,
|
---|
673 | 'topic_time' => time(),
|
---|
674 | 'forum_id' => $new_forum_id,
|
---|
675 | 'icon_id' => 0,
|
---|
676 | 'topic_approved' => 1,
|
---|
677 | 'topic_title' => $post_ary['title'],
|
---|
678 | 'topic_first_poster_name' => $user_row['username'],
|
---|
679 | 'topic_type' => POST_NORMAL,
|
---|
680 | 'topic_time_limit' => 0,
|
---|
681 | 'topic_attachment' => $post_ary['attach'])
|
---|
682 | );
|
---|
683 | $db->sql_query($sql);
|
---|
684 |
|
---|
685 | $new_topic_id = $db->sql_nextid();
|
---|
686 |
|
---|
687 | // Move posts
|
---|
688 | $sql = 'UPDATE ' . POSTS_TABLE . "
|
---|
689 | SET forum_id = $new_forum_id, topic_id = $new_topic_id
|
---|
690 | WHERE topic_id = $topic_id
|
---|
691 | AND poster_id = $user_id";
|
---|
692 | $db->sql_query($sql);
|
---|
693 |
|
---|
694 | if ($post_ary['attach'])
|
---|
695 | {
|
---|
696 | $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
|
---|
697 | SET topic_id = $new_topic_id
|
---|
698 | WHERE topic_id = $topic_id
|
---|
699 | AND poster_id = $user_id";
|
---|
700 | $db->sql_query($sql);
|
---|
701 | }
|
---|
702 |
|
---|
703 | $new_topic_id_ary[] = $new_topic_id;
|
---|
704 | }
|
---|
705 | }
|
---|
706 |
|
---|
707 | $forum_id_ary = array_unique($forum_id_ary);
|
---|
708 | $topic_id_ary = array_unique(array_merge(array_keys($topic_id_ary), $new_topic_id_ary));
|
---|
709 |
|
---|
710 | if (sizeof($topic_id_ary))
|
---|
711 | {
|
---|
712 | sync('topic_reported', 'topic_id', $topic_id_ary);
|
---|
713 | sync('topic', 'topic_id', $topic_id_ary);
|
---|
714 | }
|
---|
715 |
|
---|
716 | if (sizeof($forum_id_ary))
|
---|
717 | {
|
---|
718 | sync('forum', 'forum_id', $forum_id_ary, false, true);
|
---|
719 | }
|
---|
720 |
|
---|
721 |
|
---|
722 | add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
|
---|
723 | add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
|
---|
724 |
|
---|
725 | trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
726 |
|
---|
727 | break;
|
---|
728 |
|
---|
729 | case 'leave_nr':
|
---|
730 |
|
---|
731 | if (confirm_box(true))
|
---|
732 | {
|
---|
733 | remove_newly_registered($user_id, $user_row);
|
---|
734 |
|
---|
735 | add_log('admin', 'LOG_USER_REMOVED_NR', $user_row['username']);
|
---|
736 | trigger_error($user->lang['USER_LIFTED_NR'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
737 | }
|
---|
738 | else
|
---|
739 | {
|
---|
740 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
741 | 'u' => $user_id,
|
---|
742 | 'i' => $id,
|
---|
743 | 'mode' => $mode,
|
---|
744 | 'action' => $action,
|
---|
745 | 'update' => true))
|
---|
746 | );
|
---|
747 | }
|
---|
748 |
|
---|
749 | break;
|
---|
750 | }
|
---|
751 |
|
---|
752 | // Handle registration info updates
|
---|
753 | $data = array(
|
---|
754 | 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
|
---|
755 | 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
|
---|
756 | 'email' => strtolower(request_var('user_email', $user_row['user_email'])),
|
---|
757 | 'email_confirm' => strtolower(request_var('email_confirm', '')),
|
---|
758 | 'new_password' => request_var('new_password', '', true),
|
---|
759 | 'password_confirm' => request_var('password_confirm', '', true),
|
---|
760 | );
|
---|
761 |
|
---|
762 | // Validation data - we do not check the password complexity setting here
|
---|
763 | $check_ary = array(
|
---|
764 | 'new_password' => array(
|
---|
765 | array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
|
---|
766 | array('password')),
|
---|
767 | 'password_confirm' => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
|
---|
768 | );
|
---|
769 |
|
---|
770 | // Check username if altered
|
---|
771 | if ($data['username'] != $user_row['username'])
|
---|
772 | {
|
---|
773 | $check_ary += array(
|
---|
774 | 'username' => array(
|
---|
775 | array('string', false, $config['min_name_chars'], $config['max_name_chars']),
|
---|
776 | array('username', $user_row['username'])
|
---|
777 | ),
|
---|
778 | );
|
---|
779 | }
|
---|
780 |
|
---|
781 | // Check email if altered
|
---|
782 | if ($data['email'] != $user_row['user_email'])
|
---|
783 | {
|
---|
784 | $check_ary += array(
|
---|
785 | 'email' => array(
|
---|
786 | array('string', false, 6, 60),
|
---|
787 | array('email', $user_row['user_email'])
|
---|
788 | ),
|
---|
789 | 'email_confirm' => array('string', true, 6, 60)
|
---|
790 | );
|
---|
791 | }
|
---|
792 |
|
---|
793 | $error = validate_data($data, $check_ary);
|
---|
794 |
|
---|
795 | if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
|
---|
796 | {
|
---|
797 | $error[] = 'NEW_PASSWORD_ERROR';
|
---|
798 | }
|
---|
799 |
|
---|
800 | if ($data['email'] != $user_row['user_email'] && $data['email_confirm'] != $data['email'])
|
---|
801 | {
|
---|
802 | $error[] = 'NEW_EMAIL_ERROR';
|
---|
803 | }
|
---|
804 |
|
---|
805 | if (!check_form_key($form_name))
|
---|
806 | {
|
---|
807 | $error[] = 'FORM_INVALID';
|
---|
808 | }
|
---|
809 |
|
---|
810 | // Which updates do we need to do?
|
---|
811 | $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
|
---|
812 | $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
|
---|
813 | $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
|
---|
814 |
|
---|
815 | if (!sizeof($error))
|
---|
816 | {
|
---|
817 | $sql_ary = array();
|
---|
818 |
|
---|
819 | if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
|
---|
820 | {
|
---|
821 | // Only allow founders updating the founder status...
|
---|
822 | if ($user->data['user_type'] == USER_FOUNDER)
|
---|
823 | {
|
---|
824 | // Setting a normal member to be a founder
|
---|
825 | if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
|
---|
826 | {
|
---|
827 | // Make sure the user is not setting an Inactive or ignored user to be a founder
|
---|
828 | if ($user_row['user_type'] == USER_IGNORE)
|
---|
829 | {
|
---|
830 | trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
831 | }
|
---|
832 |
|
---|
833 | if ($user_row['user_type'] == USER_INACTIVE)
|
---|
834 | {
|
---|
835 | trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
836 | }
|
---|
837 |
|
---|
838 | $sql_ary['user_type'] = USER_FOUNDER;
|
---|
839 | }
|
---|
840 | else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
|
---|
841 | {
|
---|
842 | // Check if at least one founder is present
|
---|
843 | $sql = 'SELECT user_id
|
---|
844 | FROM ' . USERS_TABLE . '
|
---|
845 | WHERE user_type = ' . USER_FOUNDER . '
|
---|
846 | AND user_id <> ' . $user_id;
|
---|
847 | $result = $db->sql_query_limit($sql, 1);
|
---|
848 | $row = $db->sql_fetchrow($result);
|
---|
849 | $db->sql_freeresult($result);
|
---|
850 |
|
---|
851 | if ($row)
|
---|
852 | {
|
---|
853 | $sql_ary['user_type'] = USER_NORMAL;
|
---|
854 | }
|
---|
855 | else
|
---|
856 | {
|
---|
857 | trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
858 | }
|
---|
859 | }
|
---|
860 | }
|
---|
861 | }
|
---|
862 |
|
---|
863 | if ($update_username !== false)
|
---|
864 | {
|
---|
865 | $sql_ary['username'] = $update_username;
|
---|
866 | $sql_ary['username_clean'] = utf8_clean_string($update_username);
|
---|
867 |
|
---|
868 | add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
|
---|
869 | }
|
---|
870 |
|
---|
871 | if ($update_email !== false)
|
---|
872 | {
|
---|
873 | $sql_ary += array(
|
---|
874 | 'user_email' => $update_email,
|
---|
875 | 'user_email_hash' => phpbb_email_hash($update_email),
|
---|
876 | );
|
---|
877 |
|
---|
878 | add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
|
---|
879 | }
|
---|
880 |
|
---|
881 | if ($update_password)
|
---|
882 | {
|
---|
883 | $sql_ary += array(
|
---|
884 | 'user_password' => phpbb_hash($data['new_password']),
|
---|
885 | 'user_passchg' => time(),
|
---|
886 | 'user_pass_convert' => 0,
|
---|
887 | );
|
---|
888 |
|
---|
889 | $user->reset_login_keys($user_id);
|
---|
890 | add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
|
---|
891 | }
|
---|
892 |
|
---|
893 | if (sizeof($sql_ary))
|
---|
894 | {
|
---|
895 | $sql = 'UPDATE ' . USERS_TABLE . '
|
---|
896 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
|
---|
897 | WHERE user_id = ' . $user_id;
|
---|
898 | $db->sql_query($sql);
|
---|
899 | }
|
---|
900 |
|
---|
901 | if ($update_username)
|
---|
902 | {
|
---|
903 | user_update_name($user_row['username'], $update_username);
|
---|
904 | }
|
---|
905 |
|
---|
906 | // Let the users permissions being updated
|
---|
907 | $auth->acl_clear_prefetch($user_id);
|
---|
908 |
|
---|
909 | add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
|
---|
910 |
|
---|
911 | trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
912 | }
|
---|
913 |
|
---|
914 | // Replace "error" strings with their real, localised form
|
---|
915 | $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
---|
916 | }
|
---|
917 |
|
---|
918 | if ($user_id == $user->data['user_id'])
|
---|
919 | {
|
---|
920 | $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH', 'deloutbox' => 'DEL_OUTBOX');
|
---|
921 | if ($user_row['user_new'])
|
---|
922 | {
|
---|
923 | $quick_tool_ary['leave_nr'] = 'LEAVE_NR';
|
---|
924 | }
|
---|
925 | }
|
---|
926 | else
|
---|
927 | {
|
---|
928 | $quick_tool_ary = array();
|
---|
929 |
|
---|
930 | if ($user_row['user_type'] != USER_FOUNDER)
|
---|
931 | {
|
---|
932 | $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
|
---|
933 | }
|
---|
934 |
|
---|
935 | if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
|
---|
936 | {
|
---|
937 | $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
|
---|
938 | }
|
---|
939 |
|
---|
940 | $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH', 'deloutbox' => 'DEL_OUTBOX');
|
---|
941 |
|
---|
942 | if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
|
---|
943 | {
|
---|
944 | $quick_tool_ary['reactivate'] = 'FORCE';
|
---|
945 | }
|
---|
946 |
|
---|
947 | if ($user_row['user_new'])
|
---|
948 | {
|
---|
949 | $quick_tool_ary['leave_nr'] = 'LEAVE_NR';
|
---|
950 | }
|
---|
951 | }
|
---|
952 |
|
---|
953 | $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
|
---|
954 | foreach ($quick_tool_ary as $value => $lang)
|
---|
955 | {
|
---|
956 | $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
|
---|
957 | }
|
---|
958 |
|
---|
959 | if ($config['load_onlinetrack'])
|
---|
960 | {
|
---|
961 | $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
|
---|
962 | FROM ' . SESSIONS_TABLE . "
|
---|
963 | WHERE session_user_id = $user_id";
|
---|
964 | $result = $db->sql_query($sql);
|
---|
965 | $row = $db->sql_fetchrow($result);
|
---|
966 | $db->sql_freeresult($result);
|
---|
967 |
|
---|
968 | $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
|
---|
969 | $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
|
---|
970 | unset($row);
|
---|
971 | }
|
---|
972 |
|
---|
973 | $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
|
---|
974 |
|
---|
975 | $inactive_reason = '';
|
---|
976 | if ($user_row['user_type'] == USER_INACTIVE)
|
---|
977 | {
|
---|
978 | $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
|
---|
979 |
|
---|
980 | switch ($user_row['user_inactive_reason'])
|
---|
981 | {
|
---|
982 | case INACTIVE_REGISTER:
|
---|
983 | $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
|
---|
984 | break;
|
---|
985 |
|
---|
986 | case INACTIVE_PROFILE:
|
---|
987 | $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
|
---|
988 | break;
|
---|
989 |
|
---|
990 | case INACTIVE_MANUAL:
|
---|
991 | $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
|
---|
992 | break;
|
---|
993 |
|
---|
994 | case INACTIVE_REMIND:
|
---|
995 | $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
|
---|
996 | break;
|
---|
997 | }
|
---|
998 | }
|
---|
999 |
|
---|
1000 | // Posts in Queue
|
---|
1001 | $sql = 'SELECT COUNT(post_id) as posts_in_queue
|
---|
1002 | FROM ' . POSTS_TABLE . '
|
---|
1003 | WHERE poster_id = ' . $user_id . '
|
---|
1004 | AND post_approved = 0';
|
---|
1005 | $result = $db->sql_query($sql);
|
---|
1006 | $user_row['posts_in_queue'] = (int) $db->sql_fetchfield('posts_in_queue');
|
---|
1007 | $db->sql_freeresult($result);
|
---|
1008 |
|
---|
1009 | $template->assign_vars(array(
|
---|
1010 | 'L_NAME_CHARS_EXPLAIN' => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
|
---|
1011 | 'L_CHANGE_PASSWORD_EXPLAIN' => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
|
---|
1012 | 'L_POSTS_IN_QUEUE' => $user->lang('NUM_POSTS_IN_QUEUE', $user_row['posts_in_queue']),
|
---|
1013 | 'S_FOUNDER' => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
|
---|
1014 |
|
---|
1015 | 'S_OVERVIEW' => true,
|
---|
1016 | 'S_USER_IP' => ($user_row['user_ip']) ? true : false,
|
---|
1017 | 'S_USER_FOUNDER' => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
|
---|
1018 | 'S_ACTION_OPTIONS' => $s_action_options,
|
---|
1019 | 'S_OWN_ACCOUNT' => ($user_id == $user->data['user_id']) ? true : false,
|
---|
1020 | 'S_USER_INACTIVE' => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
|
---|
1021 |
|
---|
1022 | 'U_SHOW_IP' => $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
|
---|
1023 | 'U_WHOIS' => $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}",
|
---|
1024 | 'U_MCP_QUEUE' => ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
|
---|
1025 |
|
---|
1026 | 'U_SWITCH_PERMISSIONS' => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_row['user_id']}&hash=" . generate_link_hash('switchperm')) : '',
|
---|
1027 |
|
---|
1028 | 'POSTS_IN_QUEUE' => $user_row['posts_in_queue'],
|
---|
1029 | 'USER' => $user_row['username'],
|
---|
1030 | 'USER_REGISTERED' => $user->format_date($user_row['user_regdate']),
|
---|
1031 | 'REGISTERED_IP' => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
|
---|
1032 | 'USER_LASTACTIVE' => ($last_visit) ? $user->format_date($last_visit) : ' - ',
|
---|
1033 | 'USER_EMAIL' => $user_row['user_email'],
|
---|
1034 | 'USER_WARNINGS' => $user_row['user_warnings'],
|
---|
1035 | 'USER_POSTS' => $user_row['user_posts'],
|
---|
1036 | 'USER_INACTIVE_REASON' => $inactive_reason,
|
---|
1037 | ));
|
---|
1038 |
|
---|
1039 | break;
|
---|
1040 |
|
---|
1041 | case 'feedback':
|
---|
1042 |
|
---|
1043 | $user->add_lang('mcp');
|
---|
1044 |
|
---|
1045 | // Set up general vars
|
---|
1046 | $start = request_var('start', 0);
|
---|
1047 | $deletemark = (isset($_POST['delmarked'])) ? true : false;
|
---|
1048 | $deleteall = (isset($_POST['delall'])) ? true : false;
|
---|
1049 | $marked = request_var('mark', array(0));
|
---|
1050 | $message = utf8_normalize_nfc(request_var('message', '', true));
|
---|
1051 |
|
---|
1052 | // Sort keys
|
---|
1053 | $sort_days = request_var('st', 0);
|
---|
1054 | $sort_key = request_var('sk', 't');
|
---|
1055 | $sort_dir = request_var('sd', 'd');
|
---|
1056 |
|
---|
1057 | // Delete entries if requested and able
|
---|
1058 | if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
|
---|
1059 | {
|
---|
1060 | if (!check_form_key($form_name))
|
---|
1061 | {
|
---|
1062 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
1063 | }
|
---|
1064 |
|
---|
1065 | $where_sql = '';
|
---|
1066 | if ($deletemark && $marked)
|
---|
1067 | {
|
---|
1068 | $sql_in = array();
|
---|
1069 | foreach ($marked as $mark)
|
---|
1070 | {
|
---|
1071 | $sql_in[] = $mark;
|
---|
1072 | }
|
---|
1073 | $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
|
---|
1074 | unset($sql_in);
|
---|
1075 | }
|
---|
1076 |
|
---|
1077 | if ($where_sql || $deleteall)
|
---|
1078 | {
|
---|
1079 | $sql = 'DELETE FROM ' . LOG_TABLE . '
|
---|
1080 | WHERE log_type = ' . LOG_USERS . "
|
---|
1081 | AND reportee_id = $user_id
|
---|
1082 | $where_sql";
|
---|
1083 | $db->sql_query($sql);
|
---|
1084 |
|
---|
1085 | add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
|
---|
1086 | }
|
---|
1087 | }
|
---|
1088 |
|
---|
1089 | if ($submit && $message)
|
---|
1090 | {
|
---|
1091 | if (!check_form_key($form_name))
|
---|
1092 | {
|
---|
1093 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
1094 | }
|
---|
1095 |
|
---|
1096 | add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
|
---|
1097 | add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
|
---|
1098 | add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
|
---|
1099 |
|
---|
1100 | trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1101 | }
|
---|
1102 |
|
---|
1103 | // Sorting
|
---|
1104 | $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
---|
1105 | $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
|
---|
1106 | $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
|
---|
1107 |
|
---|
1108 | $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
|
---|
1109 | gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
|
---|
1110 |
|
---|
1111 | // Define where and sort sql for use in displaying logs
|
---|
1112 | $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
|
---|
1113 | $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
|
---|
1114 |
|
---|
1115 | // Grab log data
|
---|
1116 | $log_data = array();
|
---|
1117 | $log_count = 0;
|
---|
1118 | view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
|
---|
1119 |
|
---|
1120 | $template->assign_vars(array(
|
---|
1121 | 'S_FEEDBACK' => true,
|
---|
1122 | 'S_ON_PAGE' => on_page($log_count, $config['topics_per_page'], $start),
|
---|
1123 | 'PAGINATION' => generate_pagination($this->u_action . "&u=$user_id&$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
|
---|
1124 |
|
---|
1125 | 'S_LIMIT_DAYS' => $s_limit_days,
|
---|
1126 | 'S_SORT_KEY' => $s_sort_key,
|
---|
1127 | 'S_SORT_DIR' => $s_sort_dir,
|
---|
1128 | 'S_CLEARLOGS' => $auth->acl_get('a_clearlogs'))
|
---|
1129 | );
|
---|
1130 |
|
---|
1131 | foreach ($log_data as $row)
|
---|
1132 | {
|
---|
1133 | $template->assign_block_vars('log', array(
|
---|
1134 | 'USERNAME' => $row['username_full'],
|
---|
1135 | 'IP' => $row['ip'],
|
---|
1136 | 'DATE' => $user->format_date($row['time']),
|
---|
1137 | 'ACTION' => nl2br($row['action']),
|
---|
1138 | 'ID' => $row['id'])
|
---|
1139 | );
|
---|
1140 | }
|
---|
1141 |
|
---|
1142 | break;
|
---|
1143 |
|
---|
1144 | case 'warnings':
|
---|
1145 | $user->add_lang('mcp');
|
---|
1146 |
|
---|
1147 | // Set up general vars
|
---|
1148 | $start = request_var('start', 0);
|
---|
1149 | $deletemark = (isset($_POST['delmarked'])) ? true : false;
|
---|
1150 | $deleteall = (isset($_POST['delall'])) ? true : false;
|
---|
1151 | $confirm = (isset($_POST['confirm'])) ? true : false;
|
---|
1152 | $marked = request_var('mark', array(0));
|
---|
1153 | $message = utf8_normalize_nfc(request_var('message', '', true));
|
---|
1154 |
|
---|
1155 | // Sort keys
|
---|
1156 | $sort_days = request_var('st', 0);
|
---|
1157 | $sort_key = request_var('sk', 't');
|
---|
1158 | $sort_dir = request_var('sd', 'd');
|
---|
1159 |
|
---|
1160 | // Delete entries if requested and able
|
---|
1161 | if ($deletemark || $deleteall || $confirm)
|
---|
1162 | {
|
---|
1163 | if (confirm_box(true))
|
---|
1164 | {
|
---|
1165 | $where_sql = '';
|
---|
1166 | $deletemark = request_var('delmarked', 0);
|
---|
1167 | $deleteall = request_var('delall', 0);
|
---|
1168 | if ($deletemark && $marked)
|
---|
1169 | {
|
---|
1170 | $where_sql = ' AND ' . $db->sql_in_set('warning_id', array_values($marked));
|
---|
1171 | }
|
---|
1172 |
|
---|
1173 | if ($where_sql || $deleteall)
|
---|
1174 | {
|
---|
1175 | $sql = 'DELETE FROM ' . WARNINGS_TABLE . "
|
---|
1176 | WHERE user_id = $user_id
|
---|
1177 | $where_sql";
|
---|
1178 | $db->sql_query($sql);
|
---|
1179 |
|
---|
1180 | if ($deleteall)
|
---|
1181 | {
|
---|
1182 | $log_warnings = $deleted_warnings = 0;
|
---|
1183 | }
|
---|
1184 | else
|
---|
1185 | {
|
---|
1186 | $num_warnings = (int) $db->sql_affectedrows();
|
---|
1187 | $deleted_warnings = ' user_warnings - ' . $num_warnings;
|
---|
1188 | $log_warnings = ($num_warnings > 2) ? 2 : $num_warnings;
|
---|
1189 | }
|
---|
1190 |
|
---|
1191 | $sql = 'UPDATE ' . USERS_TABLE . "
|
---|
1192 | SET user_warnings = $deleted_warnings
|
---|
1193 | WHERE user_id = $user_id";
|
---|
1194 | $db->sql_query($sql);
|
---|
1195 |
|
---|
1196 | switch ($log_warnings)
|
---|
1197 | {
|
---|
1198 | case 2:
|
---|
1199 | add_log('admin', 'LOG_WARNINGS_DELETED', $user_row['username'], $num_warnings);
|
---|
1200 | break;
|
---|
1201 | case 1:
|
---|
1202 | add_log('admin', 'LOG_WARNING_DELETED', $user_row['username']);
|
---|
1203 | break;
|
---|
1204 | default:
|
---|
1205 | add_log('admin', 'LOG_WARNINGS_DELETED_ALL', $user_row['username']);
|
---|
1206 | break;
|
---|
1207 | }
|
---|
1208 | }
|
---|
1209 | }
|
---|
1210 | else
|
---|
1211 | {
|
---|
1212 | $s_hidden_fields = array(
|
---|
1213 | 'i' => $id,
|
---|
1214 | 'mode' => $mode,
|
---|
1215 | 'u' => $user_id,
|
---|
1216 | 'mark' => $marked,
|
---|
1217 | );
|
---|
1218 | if (isset($_POST['delmarked']))
|
---|
1219 | {
|
---|
1220 | $s_hidden_fields['delmarked'] = 1;
|
---|
1221 | }
|
---|
1222 | if (isset($_POST['delall']))
|
---|
1223 | {
|
---|
1224 | $s_hidden_fields['delall'] = 1;
|
---|
1225 | }
|
---|
1226 | if (isset($_POST['delall']) || (isset($_POST['delmarked']) && sizeof($marked)))
|
---|
1227 | {
|
---|
1228 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));
|
---|
1229 | }
|
---|
1230 | }
|
---|
1231 | }
|
---|
1232 |
|
---|
1233 | $sql = 'SELECT w.warning_id, w.warning_time, w.post_id, l.log_operation, l.log_data, l.user_id AS mod_user_id, m.username AS mod_username, m.user_colour AS mod_user_colour
|
---|
1234 | FROM ' . WARNINGS_TABLE . ' w
|
---|
1235 | LEFT JOIN ' . LOG_TABLE . ' l
|
---|
1236 | ON (w.log_id = l.log_id)
|
---|
1237 | LEFT JOIN ' . USERS_TABLE . ' m
|
---|
1238 | ON (l.user_id = m.user_id)
|
---|
1239 | WHERE w.user_id = ' . $user_id . '
|
---|
1240 | ORDER BY w.warning_time DESC';
|
---|
1241 | $result = $db->sql_query($sql);
|
---|
1242 |
|
---|
1243 | while ($row = $db->sql_fetchrow($result))
|
---|
1244 | {
|
---|
1245 | if (!$row['log_operation'])
|
---|
1246 | {
|
---|
1247 | // We do not have a log-entry anymore, so there is no data available
|
---|
1248 | $row['action'] = $user->lang['USER_WARNING_LOG_DELETED'];
|
---|
1249 | }
|
---|
1250 | else
|
---|
1251 | {
|
---|
1252 | $row['action'] = (isset($user->lang[$row['log_operation']])) ? $user->lang[$row['log_operation']] : '{' . ucfirst(str_replace('_', ' ', $row['log_operation'])) . '}';
|
---|
1253 | if (!empty($row['log_data']))
|
---|
1254 | {
|
---|
1255 | $log_data_ary = @unserialize($row['log_data']);
|
---|
1256 | $log_data_ary = ($log_data_ary === false) ? array() : $log_data_ary;
|
---|
1257 |
|
---|
1258 | if (isset($user->lang[$row['log_operation']]))
|
---|
1259 | {
|
---|
1260 | // Check if there are more occurrences of % than arguments, if there are we fill out the arguments array
|
---|
1261 | // It doesn't matter if we add more arguments than placeholders
|
---|
1262 | if ((substr_count($row['action'], '%') - sizeof($log_data_ary)) > 0)
|
---|
1263 | {
|
---|
1264 | $log_data_ary = array_merge($log_data_ary, array_fill(0, substr_count($row['action'], '%') - sizeof($log_data_ary), ''));
|
---|
1265 | }
|
---|
1266 | $row['action'] = vsprintf($row['action'], $log_data_ary);
|
---|
1267 | $row['action'] = bbcode_nl2br(censor_text($row['action']));
|
---|
1268 | }
|
---|
1269 | else if (!empty($log_data_ary))
|
---|
1270 | {
|
---|
1271 | $row['action'] .= '<br />' . implode('', $log_data_ary);
|
---|
1272 | }
|
---|
1273 | }
|
---|
1274 | }
|
---|
1275 |
|
---|
1276 |
|
---|
1277 | $template->assign_block_vars('warn', array(
|
---|
1278 | 'ID' => $row['warning_id'],
|
---|
1279 | 'USERNAME' => ($row['log_operation']) ? get_username_string('full', $row['mod_user_id'], $row['mod_username'], $row['mod_user_colour']) : '-',
|
---|
1280 | 'ACTION' => make_clickable($row['action']),
|
---|
1281 | 'DATE' => $user->format_date($row['warning_time']),
|
---|
1282 | ));
|
---|
1283 | }
|
---|
1284 | $db->sql_freeresult($result);
|
---|
1285 |
|
---|
1286 | $template->assign_vars(array(
|
---|
1287 | 'S_WARNINGS' => true,
|
---|
1288 | ));
|
---|
1289 |
|
---|
1290 | break;
|
---|
1291 |
|
---|
1292 | case 'profile':
|
---|
1293 |
|
---|
1294 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
1295 | include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
|
---|
1296 |
|
---|
1297 | $cp = new custom_profile();
|
---|
1298 |
|
---|
1299 | $cp_data = $cp_error = array();
|
---|
1300 |
|
---|
1301 | $sql = 'SELECT lang_id
|
---|
1302 | FROM ' . LANG_TABLE . "
|
---|
1303 | WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
|
---|
1304 | $result = $db->sql_query($sql);
|
---|
1305 | $row = $db->sql_fetchrow($result);
|
---|
1306 | $db->sql_freeresult($result);
|
---|
1307 |
|
---|
1308 | $user_row['iso_lang_id'] = $row['lang_id'];
|
---|
1309 |
|
---|
1310 | $data = array(
|
---|
1311 | 'icq' => request_var('icq', $user_row['user_icq']),
|
---|
1312 | 'aim' => request_var('aim', $user_row['user_aim']),
|
---|
1313 | 'msn' => request_var('msn', $user_row['user_msnm']),
|
---|
1314 | 'yim' => request_var('yim', $user_row['user_yim']),
|
---|
1315 | 'jabber' => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
|
---|
1316 | 'website' => request_var('website', $user_row['user_website']),
|
---|
1317 | 'location' => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
|
---|
1318 | 'occupation' => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
|
---|
1319 | 'interests' => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
|
---|
1320 | 'bday_day' => 0,
|
---|
1321 | 'bday_month' => 0,
|
---|
1322 | 'bday_year' => 0,
|
---|
1323 | );
|
---|
1324 |
|
---|
1325 | if ($user_row['user_birthday'])
|
---|
1326 | {
|
---|
1327 | list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
|
---|
1328 | }
|
---|
1329 |
|
---|
1330 | $data['bday_day'] = request_var('bday_day', $data['bday_day']);
|
---|
1331 | $data['bday_month'] = request_var('bday_month', $data['bday_month']);
|
---|
1332 | $data['bday_year'] = request_var('bday_year', $data['bday_year']);
|
---|
1333 | $data['user_birthday'] = sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']);
|
---|
1334 |
|
---|
1335 |
|
---|
1336 | if ($submit)
|
---|
1337 | {
|
---|
1338 | $error = validate_data($data, array(
|
---|
1339 | 'icq' => array(
|
---|
1340 | array('string', true, 3, 15),
|
---|
1341 | array('match', true, '#^[0-9]+$#i')),
|
---|
1342 | 'aim' => array('string', true, 3, 255),
|
---|
1343 | 'msn' => array('string', true, 5, 255),
|
---|
1344 | 'jabber' => array(
|
---|
1345 | array('string', true, 5, 255),
|
---|
1346 | array('jabber')),
|
---|
1347 | 'yim' => array('string', true, 5, 255),
|
---|
1348 | 'website' => array(
|
---|
1349 | array('string', true, 12, 255),
|
---|
1350 | array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
|
---|
1351 | 'location' => array('string', true, 2, 100),
|
---|
1352 | 'occupation' => array('string', true, 2, 500),
|
---|
1353 | 'interests' => array('string', true, 2, 500),
|
---|
1354 | 'bday_day' => array('num', true, 1, 31),
|
---|
1355 | 'bday_month' => array('num', true, 1, 12),
|
---|
1356 | 'bday_year' => array('num', true, 1901, gmdate('Y', time())),
|
---|
1357 | 'user_birthday' => array('date', true),
|
---|
1358 | ));
|
---|
1359 |
|
---|
1360 | // validate custom profile fields
|
---|
1361 | $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
|
---|
1362 |
|
---|
1363 | if (sizeof($cp_error))
|
---|
1364 | {
|
---|
1365 | $error = array_merge($error, $cp_error);
|
---|
1366 | }
|
---|
1367 | if (!check_form_key($form_name))
|
---|
1368 | {
|
---|
1369 | $error[] = 'FORM_INVALID';
|
---|
1370 | }
|
---|
1371 |
|
---|
1372 | if (!sizeof($error))
|
---|
1373 | {
|
---|
1374 | $sql_ary = array(
|
---|
1375 | 'user_icq' => $data['icq'],
|
---|
1376 | 'user_aim' => $data['aim'],
|
---|
1377 | 'user_msnm' => $data['msn'],
|
---|
1378 | 'user_yim' => $data['yim'],
|
---|
1379 | 'user_jabber' => $data['jabber'],
|
---|
1380 | 'user_website' => $data['website'],
|
---|
1381 | 'user_from' => $data['location'],
|
---|
1382 | 'user_occ' => $data['occupation'],
|
---|
1383 | 'user_interests'=> $data['interests'],
|
---|
1384 | 'user_birthday' => $data['user_birthday'],
|
---|
1385 | );
|
---|
1386 |
|
---|
1387 | $sql = 'UPDATE ' . USERS_TABLE . '
|
---|
1388 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
---|
1389 | WHERE user_id = $user_id";
|
---|
1390 | $db->sql_query($sql);
|
---|
1391 |
|
---|
1392 | // Update Custom Fields
|
---|
1393 | $cp->update_profile_field_data($user_id, $cp_data);
|
---|
1394 |
|
---|
1395 | trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1396 | }
|
---|
1397 |
|
---|
1398 | // Replace "error" strings with their real, localised form
|
---|
1399 | $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
---|
1400 | }
|
---|
1401 |
|
---|
1402 | $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
|
---|
1403 | for ($i = 1; $i < 32; $i++)
|
---|
1404 | {
|
---|
1405 | $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
|
---|
1406 | $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
|
---|
1407 | }
|
---|
1408 |
|
---|
1409 | $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
|
---|
1410 | for ($i = 1; $i < 13; $i++)
|
---|
1411 | {
|
---|
1412 | $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
|
---|
1413 | $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
|
---|
1414 | }
|
---|
1415 | $s_birthday_year_options = '';
|
---|
1416 |
|
---|
1417 | $now = getdate();
|
---|
1418 | $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
|
---|
1419 | for ($i = $now['year'] - 100; $i <= $now['year']; $i++)
|
---|
1420 | {
|
---|
1421 | $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
|
---|
1422 | $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
|
---|
1423 | }
|
---|
1424 | unset($now);
|
---|
1425 |
|
---|
1426 | $template->assign_vars(array(
|
---|
1427 | 'ICQ' => $data['icq'],
|
---|
1428 | 'YIM' => $data['yim'],
|
---|
1429 | 'AIM' => $data['aim'],
|
---|
1430 | 'MSN' => $data['msn'],
|
---|
1431 | 'JABBER' => $data['jabber'],
|
---|
1432 | 'WEBSITE' => $data['website'],
|
---|
1433 | 'LOCATION' => $data['location'],
|
---|
1434 | 'OCCUPATION' => $data['occupation'],
|
---|
1435 | 'INTERESTS' => $data['interests'],
|
---|
1436 |
|
---|
1437 | 'S_BIRTHDAY_DAY_OPTIONS' => $s_birthday_day_options,
|
---|
1438 | 'S_BIRTHDAY_MONTH_OPTIONS' => $s_birthday_month_options,
|
---|
1439 | 'S_BIRTHDAY_YEAR_OPTIONS' => $s_birthday_year_options,
|
---|
1440 |
|
---|
1441 | 'S_PROFILE' => true)
|
---|
1442 | );
|
---|
1443 |
|
---|
1444 | // Get additional profile fields and assign them to the template block var 'profile_fields'
|
---|
1445 | $user->get_profile_fields($user_id);
|
---|
1446 |
|
---|
1447 | $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
|
---|
1448 |
|
---|
1449 | break;
|
---|
1450 |
|
---|
1451 | case 'prefs':
|
---|
1452 |
|
---|
1453 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
1454 |
|
---|
1455 | $data = array(
|
---|
1456 | 'dateformat' => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
|
---|
1457 | 'lang' => basename(request_var('lang', $user_row['user_lang'])),
|
---|
1458 | 'tz' => request_var('tz', (float) $user_row['user_timezone']),
|
---|
1459 | 'style' => request_var('style', $user_row['user_style']),
|
---|
1460 | 'dst' => request_var('dst', $user_row['user_dst']),
|
---|
1461 | 'viewemail' => request_var('viewemail', $user_row['user_allow_viewemail']),
|
---|
1462 | 'massemail' => request_var('massemail', $user_row['user_allow_massemail']),
|
---|
1463 | 'hideonline' => request_var('hideonline', !$user_row['user_allow_viewonline']),
|
---|
1464 | 'notifymethod' => request_var('notifymethod', $user_row['user_notify_type']),
|
---|
1465 | 'notifypm' => request_var('notifypm', $user_row['user_notify_pm']),
|
---|
1466 | 'popuppm' => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
|
---|
1467 | 'allowpm' => request_var('allowpm', $user_row['user_allow_pm']),
|
---|
1468 |
|
---|
1469 | 'topic_sk' => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
|
---|
1470 | 'topic_sd' => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
|
---|
1471 | 'topic_st' => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
|
---|
1472 |
|
---|
1473 | 'post_sk' => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
|
---|
1474 | 'post_sd' => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
|
---|
1475 | 'post_st' => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
|
---|
1476 |
|
---|
1477 | 'view_images' => request_var('view_images', $this->optionget($user_row, 'viewimg')),
|
---|
1478 | 'view_flash' => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
|
---|
1479 | 'view_smilies' => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
|
---|
1480 | 'view_sigs' => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
|
---|
1481 | 'view_avatars' => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
|
---|
1482 | 'view_wordcensor' => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
|
---|
1483 |
|
---|
1484 | 'bbcode' => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
|
---|
1485 | 'smilies' => request_var('smilies', $this->optionget($user_row, 'smilies')),
|
---|
1486 | 'sig' => request_var('sig', $this->optionget($user_row, 'attachsig')),
|
---|
1487 | 'notify' => request_var('notify', $user_row['user_notify']),
|
---|
1488 | );
|
---|
1489 |
|
---|
1490 | if ($submit)
|
---|
1491 | {
|
---|
1492 | $error = validate_data($data, array(
|
---|
1493 | 'dateformat' => array('string', false, 1, 30),
|
---|
1494 | 'lang' => array('match', false, '#^[a-z_\-]{2,}$#i'),
|
---|
1495 | 'tz' => array('num', false, -14, 14),
|
---|
1496 |
|
---|
1497 | 'topic_sk' => array('string', false, 1, 1),
|
---|
1498 | 'topic_sd' => array('string', false, 1, 1),
|
---|
1499 | 'post_sk' => array('string', false, 1, 1),
|
---|
1500 | 'post_sd' => array('string', false, 1, 1),
|
---|
1501 | ));
|
---|
1502 |
|
---|
1503 | if (!check_form_key($form_name))
|
---|
1504 | {
|
---|
1505 | $error[] = 'FORM_INVALID';
|
---|
1506 | }
|
---|
1507 |
|
---|
1508 | if (!sizeof($error))
|
---|
1509 | {
|
---|
1510 | $this->optionset($user_row, 'popuppm', $data['popuppm']);
|
---|
1511 | $this->optionset($user_row, 'viewimg', $data['view_images']);
|
---|
1512 | $this->optionset($user_row, 'viewflash', $data['view_flash']);
|
---|
1513 | $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
|
---|
1514 | $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
|
---|
1515 | $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
|
---|
1516 | $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
|
---|
1517 | $this->optionset($user_row, 'bbcode', $data['bbcode']);
|
---|
1518 | $this->optionset($user_row, 'smilies', $data['smilies']);
|
---|
1519 | $this->optionset($user_row, 'attachsig', $data['sig']);
|
---|
1520 |
|
---|
1521 | $sql_ary = array(
|
---|
1522 | 'user_options' => $user_row['user_options'],
|
---|
1523 |
|
---|
1524 | 'user_allow_pm' => $data['allowpm'],
|
---|
1525 | 'user_allow_viewemail' => $data['viewemail'],
|
---|
1526 | 'user_allow_massemail' => $data['massemail'],
|
---|
1527 | 'user_allow_viewonline' => !$data['hideonline'],
|
---|
1528 | 'user_notify_type' => $data['notifymethod'],
|
---|
1529 | 'user_notify_pm' => $data['notifypm'],
|
---|
1530 |
|
---|
1531 | 'user_dst' => $data['dst'],
|
---|
1532 | 'user_dateformat' => $data['dateformat'],
|
---|
1533 | 'user_lang' => $data['lang'],
|
---|
1534 | 'user_timezone' => $data['tz'],
|
---|
1535 | 'user_style' => $data['style'],
|
---|
1536 |
|
---|
1537 | 'user_topic_sortby_type' => $data['topic_sk'],
|
---|
1538 | 'user_post_sortby_type' => $data['post_sk'],
|
---|
1539 | 'user_topic_sortby_dir' => $data['topic_sd'],
|
---|
1540 | 'user_post_sortby_dir' => $data['post_sd'],
|
---|
1541 |
|
---|
1542 | 'user_topic_show_days' => $data['topic_st'],
|
---|
1543 | 'user_post_show_days' => $data['post_st'],
|
---|
1544 |
|
---|
1545 | 'user_notify' => $data['notify'],
|
---|
1546 | );
|
---|
1547 |
|
---|
1548 | $sql = 'UPDATE ' . USERS_TABLE . '
|
---|
1549 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
|
---|
1550 | WHERE user_id = $user_id";
|
---|
1551 | $db->sql_query($sql);
|
---|
1552 |
|
---|
1553 | trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1554 | }
|
---|
1555 |
|
---|
1556 | // Replace "error" strings with their real, localised form
|
---|
1557 | $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
---|
1558 | }
|
---|
1559 |
|
---|
1560 | $dateformat_options = '';
|
---|
1561 | foreach ($user->lang['dateformats'] as $format => $null)
|
---|
1562 | {
|
---|
1563 | $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
|
---|
1564 | $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
|
---|
1565 | $dateformat_options .= '</option>';
|
---|
1566 | }
|
---|
1567 |
|
---|
1568 | $s_custom = false;
|
---|
1569 |
|
---|
1570 | $dateformat_options .= '<option value="custom"';
|
---|
1571 | if (!isset($user->lang['dateformats'][$data['dateformat']]))
|
---|
1572 | {
|
---|
1573 | $dateformat_options .= ' selected="selected"';
|
---|
1574 | $s_custom = true;
|
---|
1575 | }
|
---|
1576 | $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
|
---|
1577 |
|
---|
1578 | $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
|
---|
1579 |
|
---|
1580 | // Topic ordering options
|
---|
1581 | $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
---|
1582 | $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
|
---|
1583 |
|
---|
1584 | // Post ordering options
|
---|
1585 | $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
|
---|
1586 | $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
|
---|
1587 |
|
---|
1588 | $_options = array('topic', 'post');
|
---|
1589 | foreach ($_options as $sort_option)
|
---|
1590 | {
|
---|
1591 | ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
|
---|
1592 | foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
|
---|
1593 | {
|
---|
1594 | $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
|
---|
1595 | ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
|
---|
1596 | }
|
---|
1597 | ${'s_limit_' . $sort_option . '_days'} .= '</select>';
|
---|
1598 |
|
---|
1599 | ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
|
---|
1600 | foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
|
---|
1601 | {
|
---|
1602 | $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
|
---|
1603 | ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
|
---|
1604 | }
|
---|
1605 | ${'s_sort_' . $sort_option . '_key'} .= '</select>';
|
---|
1606 |
|
---|
1607 | ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
|
---|
1608 | foreach ($sort_dir_text as $key => $value)
|
---|
1609 | {
|
---|
1610 | $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
|
---|
1611 | ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
|
---|
1612 | }
|
---|
1613 | ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
|
---|
1614 | }
|
---|
1615 |
|
---|
1616 | $template->assign_vars(array(
|
---|
1617 | 'S_PREFS' => true,
|
---|
1618 | 'S_JABBER_DISABLED' => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
|
---|
1619 |
|
---|
1620 | 'VIEW_EMAIL' => $data['viewemail'],
|
---|
1621 | 'MASS_EMAIL' => $data['massemail'],
|
---|
1622 | 'ALLOW_PM' => $data['allowpm'],
|
---|
1623 | 'HIDE_ONLINE' => $data['hideonline'],
|
---|
1624 | 'NOTIFY_EMAIL' => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
|
---|
1625 | 'NOTIFY_IM' => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
|
---|
1626 | 'NOTIFY_BOTH' => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
|
---|
1627 | 'NOTIFY_PM' => $data['notifypm'],
|
---|
1628 | 'POPUP_PM' => $data['popuppm'],
|
---|
1629 | 'DST' => $data['dst'],
|
---|
1630 | 'BBCODE' => $data['bbcode'],
|
---|
1631 | 'SMILIES' => $data['smilies'],
|
---|
1632 | 'ATTACH_SIG' => $data['sig'],
|
---|
1633 | 'NOTIFY' => $data['notify'],
|
---|
1634 | 'VIEW_IMAGES' => $data['view_images'],
|
---|
1635 | 'VIEW_FLASH' => $data['view_flash'],
|
---|
1636 | 'VIEW_SMILIES' => $data['view_smilies'],
|
---|
1637 | 'VIEW_SIGS' => $data['view_sigs'],
|
---|
1638 | 'VIEW_AVATARS' => $data['view_avatars'],
|
---|
1639 | 'VIEW_WORDCENSOR' => $data['view_wordcensor'],
|
---|
1640 |
|
---|
1641 | 'S_TOPIC_SORT_DAYS' => $s_limit_topic_days,
|
---|
1642 | 'S_TOPIC_SORT_KEY' => $s_sort_topic_key,
|
---|
1643 | 'S_TOPIC_SORT_DIR' => $s_sort_topic_dir,
|
---|
1644 | 'S_POST_SORT_DAYS' => $s_limit_post_days,
|
---|
1645 | 'S_POST_SORT_KEY' => $s_sort_post_key,
|
---|
1646 | 'S_POST_SORT_DIR' => $s_sort_post_dir,
|
---|
1647 |
|
---|
1648 | 'DATE_FORMAT' => $data['dateformat'],
|
---|
1649 | 'S_DATEFORMAT_OPTIONS' => $dateformat_options,
|
---|
1650 | 'S_CUSTOM_DATEFORMAT' => $s_custom,
|
---|
1651 | 'DEFAULT_DATEFORMAT' => $config['default_dateformat'],
|
---|
1652 | 'A_DEFAULT_DATEFORMAT' => addslashes($config['default_dateformat']),
|
---|
1653 |
|
---|
1654 | 'S_LANG_OPTIONS' => language_select($data['lang']),
|
---|
1655 | 'S_STYLE_OPTIONS' => style_select($data['style']),
|
---|
1656 | 'S_TZ_OPTIONS' => tz_select($data['tz'], true),
|
---|
1657 | )
|
---|
1658 | );
|
---|
1659 |
|
---|
1660 | break;
|
---|
1661 |
|
---|
1662 | case 'avatar':
|
---|
1663 |
|
---|
1664 | include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
|
---|
1665 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
1666 |
|
---|
1667 | $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
|
---|
1668 |
|
---|
1669 | if ($submit)
|
---|
1670 | {
|
---|
1671 |
|
---|
1672 | if (!check_form_key($form_name))
|
---|
1673 | {
|
---|
1674 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
1675 | }
|
---|
1676 |
|
---|
1677 | if (avatar_process_user($error, $user_row))
|
---|
1678 | {
|
---|
1679 | trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_row['user_id']));
|
---|
1680 | }
|
---|
1681 |
|
---|
1682 | // Replace "error" strings with their real, localised form
|
---|
1683 | $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
---|
1684 | }
|
---|
1685 |
|
---|
1686 | if (!$config['allow_avatar'] && $user_row['user_avatar_type'])
|
---|
1687 | {
|
---|
1688 | $error[] = $user->lang['USER_AVATAR_NOT_ALLOWED'];
|
---|
1689 | }
|
---|
1690 | else if ((($user_row['user_avatar_type'] == AVATAR_UPLOAD) && !$config['allow_avatar_upload']) ||
|
---|
1691 | (($user_row['user_avatar_type'] == AVATAR_REMOTE) && !$config['allow_avatar_remote']) ||
|
---|
1692 | (($user_row['user_avatar_type'] == AVATAR_GALLERY) && !$config['allow_avatar_local']))
|
---|
1693 | {
|
---|
1694 | $error[] = $user->lang['USER_AVATAR_TYPE_NOT_ALLOWED'];
|
---|
1695 | }
|
---|
1696 |
|
---|
1697 | // Generate users avatar
|
---|
1698 | $avatar_img = ($user_row['user_avatar']) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height'], 'USER_AVATAR', true) : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
|
---|
1699 |
|
---|
1700 | $display_gallery = (isset($_POST['display_gallery'])) ? true : false;
|
---|
1701 | $avatar_select = basename(request_var('avatar_select', ''));
|
---|
1702 | $category = basename(request_var('category', ''));
|
---|
1703 |
|
---|
1704 | if ($config['allow_avatar_local'] && $display_gallery)
|
---|
1705 | {
|
---|
1706 | avatar_gallery($category, $avatar_select, 4);
|
---|
1707 | }
|
---|
1708 |
|
---|
1709 | $template->assign_vars(array(
|
---|
1710 | 'S_AVATAR' => true,
|
---|
1711 | 'S_CAN_UPLOAD' => $can_upload,
|
---|
1712 | 'S_UPLOAD_FILE' => ($config['allow_avatar'] && $can_upload && $config['allow_avatar_upload']) ? true : false,
|
---|
1713 | 'S_REMOTE_UPLOAD' => ($config['allow_avatar'] && $can_upload && $config['allow_avatar_remote_upload']) ? true : false,
|
---|
1714 | 'S_ALLOW_REMOTE' => ($config['allow_avatar'] && $config['allow_avatar_remote']) ? true : false,
|
---|
1715 | 'S_DISPLAY_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && !$display_gallery) ? true : false,
|
---|
1716 | 'S_IN_GALLERY' => ($config['allow_avatar'] && $config['allow_avatar_local'] && $display_gallery) ? true : false,
|
---|
1717 |
|
---|
1718 | 'AVATAR_IMAGE' => $avatar_img,
|
---|
1719 | 'AVATAR_MAX_FILESIZE' => $config['avatar_filesize'],
|
---|
1720 | 'USER_AVATAR_WIDTH' => $user_row['user_avatar_width'],
|
---|
1721 | 'USER_AVATAR_HEIGHT' => $user_row['user_avatar_height'],
|
---|
1722 |
|
---|
1723 | 'L_AVATAR_EXPLAIN' => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
|
---|
1724 | );
|
---|
1725 |
|
---|
1726 | break;
|
---|
1727 |
|
---|
1728 | case 'rank':
|
---|
1729 |
|
---|
1730 | if ($submit)
|
---|
1731 | {
|
---|
1732 | if (!check_form_key($form_name))
|
---|
1733 | {
|
---|
1734 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
1735 | }
|
---|
1736 |
|
---|
1737 | $rank_id = request_var('user_rank', 0);
|
---|
1738 |
|
---|
1739 | $sql = 'UPDATE ' . USERS_TABLE . "
|
---|
1740 | SET user_rank = $rank_id
|
---|
1741 | WHERE user_id = $user_id";
|
---|
1742 | $db->sql_query($sql);
|
---|
1743 |
|
---|
1744 | trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1745 | }
|
---|
1746 |
|
---|
1747 | $sql = 'SELECT *
|
---|
1748 | FROM ' . RANKS_TABLE . '
|
---|
1749 | WHERE rank_special = 1
|
---|
1750 | ORDER BY rank_title';
|
---|
1751 | $result = $db->sql_query($sql);
|
---|
1752 |
|
---|
1753 | $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
|
---|
1754 |
|
---|
1755 | while ($row = $db->sql_fetchrow($result))
|
---|
1756 | {
|
---|
1757 | $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
|
---|
1758 | $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
|
---|
1759 | }
|
---|
1760 | $db->sql_freeresult($result);
|
---|
1761 |
|
---|
1762 | $template->assign_vars(array(
|
---|
1763 | 'S_RANK' => true,
|
---|
1764 | 'S_RANK_OPTIONS' => $s_rank_options)
|
---|
1765 | );
|
---|
1766 |
|
---|
1767 | break;
|
---|
1768 |
|
---|
1769 | case 'sig':
|
---|
1770 |
|
---|
1771 | include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
|
---|
1772 | include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
|
---|
1773 |
|
---|
1774 | $enable_bbcode = ($config['allow_sig_bbcode']) ? (bool) $this->optionget($user_row, 'sig_bbcode') : false;
|
---|
1775 | $enable_smilies = ($config['allow_sig_smilies']) ? (bool) $this->optionget($user_row, 'sig_smilies') : false;
|
---|
1776 | $enable_urls = ($config['allow_sig_links']) ? (bool) $this->optionget($user_row, 'sig_links') : false;
|
---|
1777 | $signature = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
|
---|
1778 |
|
---|
1779 | $preview = (isset($_POST['preview'])) ? true : false;
|
---|
1780 |
|
---|
1781 | if ($submit || $preview)
|
---|
1782 | {
|
---|
1783 | include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
|
---|
1784 |
|
---|
1785 | $enable_bbcode = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', false)) ? false : true) : false;
|
---|
1786 | $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', false)) ? false : true) : false;
|
---|
1787 | $enable_urls = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
|
---|
1788 |
|
---|
1789 | $message_parser = new parse_message($signature);
|
---|
1790 |
|
---|
1791 | // Allowing Quote BBCode
|
---|
1792 | $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
|
---|
1793 |
|
---|
1794 | if (sizeof($message_parser->warn_msg))
|
---|
1795 | {
|
---|
1796 | $error[] = implode('<br />', $message_parser->warn_msg);
|
---|
1797 | }
|
---|
1798 |
|
---|
1799 | if (!check_form_key($form_name))
|
---|
1800 | {
|
---|
1801 | $error = 'FORM_INVALID';
|
---|
1802 | }
|
---|
1803 |
|
---|
1804 | if (!sizeof($error) && $submit)
|
---|
1805 | {
|
---|
1806 | $this->optionset($user_row, 'sig_bbcode', $enable_bbcode);
|
---|
1807 | $this->optionset($user_row, 'sig_smilies', $enable_smilies);
|
---|
1808 | $this->optionset($user_row, 'sig_links', $enable_urls);
|
---|
1809 |
|
---|
1810 | $sql_ary = array(
|
---|
1811 | 'user_sig' => (string) $message_parser->message,
|
---|
1812 | 'user_options' => $user_row['user_options'],
|
---|
1813 | 'user_sig_bbcode_uid' => (string) $message_parser->bbcode_uid,
|
---|
1814 | 'user_sig_bbcode_bitfield' => (string) $message_parser->bbcode_bitfield
|
---|
1815 | );
|
---|
1816 |
|
---|
1817 | $sql = 'UPDATE ' . USERS_TABLE . '
|
---|
1818 | SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
|
---|
1819 | WHERE user_id = ' . $user_id;
|
---|
1820 | $db->sql_query($sql);
|
---|
1821 |
|
---|
1822 | trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1823 | }
|
---|
1824 |
|
---|
1825 | // Replace "error" strings with their real, localised form
|
---|
1826 | $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
|
---|
1827 | }
|
---|
1828 |
|
---|
1829 | $signature_preview = '';
|
---|
1830 |
|
---|
1831 | if ($preview)
|
---|
1832 | {
|
---|
1833 | // Now parse it for displaying
|
---|
1834 | $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
|
---|
1835 | unset($message_parser);
|
---|
1836 | }
|
---|
1837 |
|
---|
1838 | decode_message($signature, $user_row['user_sig_bbcode_uid']);
|
---|
1839 |
|
---|
1840 | $template->assign_vars(array(
|
---|
1841 | 'S_SIGNATURE' => true,
|
---|
1842 |
|
---|
1843 | 'SIGNATURE' => $signature,
|
---|
1844 | 'SIGNATURE_PREVIEW' => $signature_preview,
|
---|
1845 |
|
---|
1846 | 'S_BBCODE_CHECKED' => (!$enable_bbcode) ? ' checked="checked"' : '',
|
---|
1847 | 'S_SMILIES_CHECKED' => (!$enable_smilies) ? ' checked="checked"' : '',
|
---|
1848 | 'S_MAGIC_URL_CHECKED' => (!$enable_urls) ? ' checked="checked"' : '',
|
---|
1849 |
|
---|
1850 | 'BBCODE_STATUS' => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
|
---|
1851 | 'SMILIES_STATUS' => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
|
---|
1852 | 'IMG_STATUS' => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
|
---|
1853 | 'FLASH_STATUS' => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
|
---|
1854 | 'URL_STATUS' => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
|
---|
1855 |
|
---|
1856 | 'L_SIGNATURE_EXPLAIN' => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
|
---|
1857 |
|
---|
1858 | 'S_BBCODE_ALLOWED' => $config['allow_sig_bbcode'],
|
---|
1859 | 'S_SMILIES_ALLOWED' => $config['allow_sig_smilies'],
|
---|
1860 | 'S_BBCODE_IMG' => ($config['allow_sig_img']) ? true : false,
|
---|
1861 | 'S_BBCODE_FLASH' => ($config['allow_sig_flash']) ? true : false,
|
---|
1862 | 'S_LINKS_ALLOWED' => ($config['allow_sig_links']) ? true : false)
|
---|
1863 | );
|
---|
1864 |
|
---|
1865 | // Assigning custom bbcodes
|
---|
1866 | display_custom_bbcodes();
|
---|
1867 |
|
---|
1868 | break;
|
---|
1869 |
|
---|
1870 | case 'attach':
|
---|
1871 |
|
---|
1872 | $start = request_var('start', 0);
|
---|
1873 | $deletemark = (isset($_POST['delmarked'])) ? true : false;
|
---|
1874 | $marked = request_var('mark', array(0));
|
---|
1875 |
|
---|
1876 | // Sort keys
|
---|
1877 | $sort_key = request_var('sk', 'a');
|
---|
1878 | $sort_dir = request_var('sd', 'd');
|
---|
1879 |
|
---|
1880 | if ($deletemark && sizeof($marked))
|
---|
1881 | {
|
---|
1882 | $sql = 'SELECT attach_id
|
---|
1883 | FROM ' . ATTACHMENTS_TABLE . '
|
---|
1884 | WHERE poster_id = ' . $user_id . '
|
---|
1885 | AND is_orphan = 0
|
---|
1886 | AND ' . $db->sql_in_set('attach_id', $marked);
|
---|
1887 | $result = $db->sql_query($sql);
|
---|
1888 |
|
---|
1889 | $marked = array();
|
---|
1890 | while ($row = $db->sql_fetchrow($result))
|
---|
1891 | {
|
---|
1892 | $marked[] = $row['attach_id'];
|
---|
1893 | }
|
---|
1894 | $db->sql_freeresult($result);
|
---|
1895 | }
|
---|
1896 |
|
---|
1897 | if ($deletemark && sizeof($marked))
|
---|
1898 | {
|
---|
1899 | if (confirm_box(true))
|
---|
1900 | {
|
---|
1901 | $sql = 'SELECT real_filename
|
---|
1902 | FROM ' . ATTACHMENTS_TABLE . '
|
---|
1903 | WHERE ' . $db->sql_in_set('attach_id', $marked);
|
---|
1904 | $result = $db->sql_query($sql);
|
---|
1905 |
|
---|
1906 | $log_attachments = array();
|
---|
1907 | while ($row = $db->sql_fetchrow($result))
|
---|
1908 | {
|
---|
1909 | $log_attachments[] = $row['real_filename'];
|
---|
1910 | }
|
---|
1911 | $db->sql_freeresult($result);
|
---|
1912 |
|
---|
1913 | delete_attachments('attach', $marked);
|
---|
1914 |
|
---|
1915 | $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
|
---|
1916 |
|
---|
1917 | add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
|
---|
1918 | trigger_error($message . adm_back_link($this->u_action . '&u=' . $user_id));
|
---|
1919 | }
|
---|
1920 | else
|
---|
1921 | {
|
---|
1922 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
1923 | 'u' => $user_id,
|
---|
1924 | 'i' => $id,
|
---|
1925 | 'mode' => $mode,
|
---|
1926 | 'action' => $action,
|
---|
1927 | 'delmarked' => true,
|
---|
1928 | 'mark' => $marked))
|
---|
1929 | );
|
---|
1930 | }
|
---|
1931 | }
|
---|
1932 |
|
---|
1933 | $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
|
---|
1934 | $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
|
---|
1935 |
|
---|
1936 | $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
|
---|
1937 |
|
---|
1938 | $s_sort_key = '';
|
---|
1939 | foreach ($sk_text as $key => $value)
|
---|
1940 | {
|
---|
1941 | $selected = ($sort_key == $key) ? ' selected="selected"' : '';
|
---|
1942 | $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
|
---|
1943 | }
|
---|
1944 |
|
---|
1945 | $s_sort_dir = '';
|
---|
1946 | foreach ($sd_text as $key => $value)
|
---|
1947 | {
|
---|
1948 | $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
|
---|
1949 | $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
|
---|
1950 | }
|
---|
1951 |
|
---|
1952 | if (!isset($sk_sql[$sort_key]))
|
---|
1953 | {
|
---|
1954 | $sort_key = 'a';
|
---|
1955 | }
|
---|
1956 |
|
---|
1957 | $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
|
---|
1958 |
|
---|
1959 | $sql = 'SELECT COUNT(attach_id) as num_attachments
|
---|
1960 | FROM ' . ATTACHMENTS_TABLE . "
|
---|
1961 | WHERE poster_id = $user_id
|
---|
1962 | AND is_orphan = 0";
|
---|
1963 | $result = $db->sql_query_limit($sql, 1);
|
---|
1964 | $num_attachments = (int) $db->sql_fetchfield('num_attachments');
|
---|
1965 | $db->sql_freeresult($result);
|
---|
1966 |
|
---|
1967 | $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
|
---|
1968 | FROM ' . ATTACHMENTS_TABLE . ' a
|
---|
1969 | LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
|
---|
1970 | AND a.in_message = 0)
|
---|
1971 | LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
|
---|
1972 | AND a.in_message = 1)
|
---|
1973 | WHERE a.poster_id = ' . $user_id . "
|
---|
1974 | AND a.is_orphan = 0
|
---|
1975 | ORDER BY $order_by";
|
---|
1976 | $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
|
---|
1977 |
|
---|
1978 | while ($row = $db->sql_fetchrow($result))
|
---|
1979 | {
|
---|
1980 | if ($row['in_message'])
|
---|
1981 | {
|
---|
1982 | $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&p={$row['post_msg_id']}");
|
---|
1983 | }
|
---|
1984 | else
|
---|
1985 | {
|
---|
1986 | $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
|
---|
1987 | }
|
---|
1988 |
|
---|
1989 | $template->assign_block_vars('attach', array(
|
---|
1990 | 'REAL_FILENAME' => $row['real_filename'],
|
---|
1991 | 'COMMENT' => nl2br($row['attach_comment']),
|
---|
1992 | 'EXTENSION' => $row['extension'],
|
---|
1993 | 'SIZE' => get_formatted_filesize($row['filesize']),
|
---|
1994 | 'DOWNLOAD_COUNT' => $row['download_count'],
|
---|
1995 | 'POST_TIME' => $user->format_date($row['filetime']),
|
---|
1996 | 'TOPIC_TITLE' => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
|
---|
1997 |
|
---|
1998 | 'ATTACH_ID' => $row['attach_id'],
|
---|
1999 | 'POST_ID' => $row['post_msg_id'],
|
---|
2000 | 'TOPIC_ID' => $row['topic_id'],
|
---|
2001 |
|
---|
2002 | 'S_IN_MESSAGE' => $row['in_message'],
|
---|
2003 |
|
---|
2004 | 'U_DOWNLOAD' => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&id=' . $row['attach_id']),
|
---|
2005 | 'U_VIEW_TOPIC' => $view_topic)
|
---|
2006 | );
|
---|
2007 | }
|
---|
2008 | $db->sql_freeresult($result);
|
---|
2009 |
|
---|
2010 | $template->assign_vars(array(
|
---|
2011 | 'S_ATTACHMENTS' => true,
|
---|
2012 | 'S_ON_PAGE' => on_page($num_attachments, $config['topics_per_page'], $start),
|
---|
2013 | 'S_SORT_KEY' => $s_sort_key,
|
---|
2014 | 'S_SORT_DIR' => $s_sort_dir,
|
---|
2015 |
|
---|
2016 | 'PAGINATION' => generate_pagination($this->u_action . "&u=$user_id&sk=$sort_key&sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start, true))
|
---|
2017 | );
|
---|
2018 |
|
---|
2019 | break;
|
---|
2020 |
|
---|
2021 | case 'groups':
|
---|
2022 |
|
---|
2023 | include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
|
---|
2024 |
|
---|
2025 | $user->add_lang(array('groups', 'acp/groups'));
|
---|
2026 | $group_id = request_var('g', 0);
|
---|
2027 |
|
---|
2028 | if ($group_id)
|
---|
2029 | {
|
---|
2030 | // Check the founder only entry for this group to make sure everything is well
|
---|
2031 | $sql = 'SELECT group_founder_manage
|
---|
2032 | FROM ' . GROUPS_TABLE . '
|
---|
2033 | WHERE group_id = ' . $group_id;
|
---|
2034 | $result = $db->sql_query($sql);
|
---|
2035 | $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
|
---|
2036 | $db->sql_freeresult($result);
|
---|
2037 |
|
---|
2038 | if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
|
---|
2039 | {
|
---|
2040 | trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2041 | }
|
---|
2042 | }
|
---|
2043 | else
|
---|
2044 | {
|
---|
2045 | $founder_manage = 0;
|
---|
2046 | }
|
---|
2047 |
|
---|
2048 | switch ($action)
|
---|
2049 | {
|
---|
2050 | case 'demote':
|
---|
2051 | case 'promote':
|
---|
2052 | case 'default':
|
---|
2053 | if (!$group_id)
|
---|
2054 | {
|
---|
2055 | trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2056 | }
|
---|
2057 | group_user_attributes($action, $group_id, $user_id);
|
---|
2058 |
|
---|
2059 | if ($action == 'default')
|
---|
2060 | {
|
---|
2061 | $user_row['group_id'] = $group_id;
|
---|
2062 | }
|
---|
2063 | break;
|
---|
2064 |
|
---|
2065 | case 'delete':
|
---|
2066 |
|
---|
2067 | if (confirm_box(true))
|
---|
2068 | {
|
---|
2069 | if (!$group_id)
|
---|
2070 | {
|
---|
2071 | trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2072 | }
|
---|
2073 |
|
---|
2074 | if ($error = group_user_del($group_id, $user_id))
|
---|
2075 | {
|
---|
2076 | trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2077 | }
|
---|
2078 |
|
---|
2079 | $error = array();
|
---|
2080 |
|
---|
2081 | // The delete action was successful - therefore update the user row...
|
---|
2082 | $sql = 'SELECT u.*, s.*
|
---|
2083 | FROM ' . USERS_TABLE . ' u
|
---|
2084 | LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
|
---|
2085 | WHERE u.user_id = ' . $user_id . '
|
---|
2086 | ORDER BY s.session_time DESC';
|
---|
2087 | $result = $db->sql_query($sql);
|
---|
2088 | $user_row = $db->sql_fetchrow($result);
|
---|
2089 | $db->sql_freeresult($result);
|
---|
2090 | }
|
---|
2091 | else
|
---|
2092 | {
|
---|
2093 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
2094 | 'u' => $user_id,
|
---|
2095 | 'i' => $id,
|
---|
2096 | 'mode' => $mode,
|
---|
2097 | 'action' => $action,
|
---|
2098 | 'g' => $group_id))
|
---|
2099 | );
|
---|
2100 | }
|
---|
2101 |
|
---|
2102 | break;
|
---|
2103 |
|
---|
2104 | case 'approve':
|
---|
2105 |
|
---|
2106 | if (confirm_box(true))
|
---|
2107 | {
|
---|
2108 | if (!$group_id)
|
---|
2109 | {
|
---|
2110 | trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2111 | }
|
---|
2112 | group_user_attributes($action, $group_id, $user_id);
|
---|
2113 | }
|
---|
2114 | else
|
---|
2115 | {
|
---|
2116 | confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
|
---|
2117 | 'u' => $user_id,
|
---|
2118 | 'i' => $id,
|
---|
2119 | 'mode' => $mode,
|
---|
2120 | 'action' => $action,
|
---|
2121 | 'g' => $group_id))
|
---|
2122 | );
|
---|
2123 | }
|
---|
2124 |
|
---|
2125 | break;
|
---|
2126 | }
|
---|
2127 |
|
---|
2128 | // Add user to group?
|
---|
2129 | if ($submit)
|
---|
2130 | {
|
---|
2131 |
|
---|
2132 | if (!check_form_key($form_name))
|
---|
2133 | {
|
---|
2134 | trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2135 | }
|
---|
2136 |
|
---|
2137 | if (!$group_id)
|
---|
2138 | {
|
---|
2139 | trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2140 | }
|
---|
2141 |
|
---|
2142 | // Add user/s to group
|
---|
2143 | if ($error = group_user_add($group_id, $user_id))
|
---|
2144 | {
|
---|
2145 | trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
|
---|
2146 | }
|
---|
2147 |
|
---|
2148 | $error = array();
|
---|
2149 | }
|
---|
2150 |
|
---|
2151 |
|
---|
2152 | $sql = 'SELECT ug.*, g.*
|
---|
2153 | FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
|
---|
2154 | WHERE ug.user_id = $user_id
|
---|
2155 | AND g.group_id = ug.group_id
|
---|
2156 | ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
|
---|
2157 | $result = $db->sql_query($sql);
|
---|
2158 |
|
---|
2159 | $i = 0;
|
---|
2160 | $group_data = $id_ary = array();
|
---|
2161 | while ($row = $db->sql_fetchrow($result))
|
---|
2162 | {
|
---|
2163 | $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
|
---|
2164 |
|
---|
2165 | $group_data[$type][$i]['group_id'] = $row['group_id'];
|
---|
2166 | $group_data[$type][$i]['group_name'] = $row['group_name'];
|
---|
2167 | $group_data[$type][$i]['group_leader'] = ($row['group_leader']) ? 1 : 0;
|
---|
2168 |
|
---|
2169 | $id_ary[] = $row['group_id'];
|
---|
2170 |
|
---|
2171 | $i++;
|
---|
2172 | }
|
---|
2173 | $db->sql_freeresult($result);
|
---|
2174 |
|
---|
2175 | // Select box for other groups
|
---|
2176 | $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
|
---|
2177 | FROM ' . GROUPS_TABLE . '
|
---|
2178 | ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
|
---|
2179 | ORDER BY group_type DESC, group_name ASC';
|
---|
2180 | $result = $db->sql_query($sql);
|
---|
2181 |
|
---|
2182 | $s_group_options = '';
|
---|
2183 | while ($row = $db->sql_fetchrow($result))
|
---|
2184 | {
|
---|
2185 | if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
|
---|
2186 | {
|
---|
2187 | continue;
|
---|
2188 | }
|
---|
2189 |
|
---|
2190 | // Do not display those groups not allowed to be managed
|
---|
2191 | if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
|
---|
2192 | {
|
---|
2193 | continue;
|
---|
2194 | }
|
---|
2195 |
|
---|
2196 | $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
|
---|
2197 | }
|
---|
2198 | $db->sql_freeresult($result);
|
---|
2199 |
|
---|
2200 | $current_type = '';
|
---|
2201 | foreach ($group_data as $group_type => $data_ary)
|
---|
2202 | {
|
---|
2203 | if ($current_type != $group_type)
|
---|
2204 | {
|
---|
2205 | $template->assign_block_vars('group', array(
|
---|
2206 | 'S_NEW_GROUP_TYPE' => true,
|
---|
2207 | 'GROUP_TYPE' => $user->lang['USER_GROUP_' . strtoupper($group_type)])
|
---|
2208 | );
|
---|
2209 | }
|
---|
2210 |
|
---|
2211 | foreach ($data_ary as $data)
|
---|
2212 | {
|
---|
2213 | $template->assign_block_vars('group', array(
|
---|
2214 | 'U_EDIT_GROUP' => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&mode=manage&action=edit&u=$user_id&g={$data['group_id']}&back_link=acp_users_groups"),
|
---|
2215 | 'U_DEFAULT' => $this->u_action . "&action=default&u=$user_id&g=" . $data['group_id'],
|
---|
2216 | 'U_DEMOTE_PROMOTE' => $this->u_action . '&action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&u=$user_id&g=" . $data['group_id'],
|
---|
2217 | 'U_DELETE' => $this->u_action . "&action=delete&u=$user_id&g=" . $data['group_id'],
|
---|
2218 | 'U_APPROVE' => ($group_type == 'pending') ? $this->u_action . "&action=approve&u=$user_id&g=" . $data['group_id'] : '',
|
---|
2219 |
|
---|
2220 | 'GROUP_NAME' => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
|
---|
2221 | 'L_DEMOTE_PROMOTE' => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
|
---|
2222 |
|
---|
2223 | 'S_IS_MEMBER' => ($group_type != 'pending') ? true : false,
|
---|
2224 | 'S_NO_DEFAULT' => ($user_row['group_id'] != $data['group_id']) ? true : false,
|
---|
2225 | 'S_SPECIAL_GROUP' => ($group_type == 'special') ? true : false,
|
---|
2226 | )
|
---|
2227 | );
|
---|
2228 | }
|
---|
2229 | }
|
---|
2230 |
|
---|
2231 | $template->assign_vars(array(
|
---|
2232 | 'S_GROUPS' => true,
|
---|
2233 | 'S_GROUP_OPTIONS' => $s_group_options)
|
---|
2234 | );
|
---|
2235 |
|
---|
2236 | break;
|
---|
2237 |
|
---|
2238 | case 'perm':
|
---|
2239 |
|
---|
2240 | include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
|
---|
2241 |
|
---|
2242 | $auth_admin = new auth_admin();
|
---|
2243 |
|
---|
2244 | $user->add_lang('acp/permissions');
|
---|
2245 | add_permission_language();
|
---|
2246 |
|
---|
2247 | $forum_id = request_var('f', 0);
|
---|
2248 |
|
---|
2249 | // Global Permissions
|
---|
2250 | if (!$forum_id)
|
---|
2251 | {
|
---|
2252 | // Select auth options
|
---|
2253 | $sql = 'SELECT auth_option, is_local, is_global
|
---|
2254 | FROM ' . ACL_OPTIONS_TABLE . '
|
---|
2255 | WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
|
---|
2256 | AND is_global = 1
|
---|
2257 | ORDER BY auth_option';
|
---|
2258 | $result = $db->sql_query($sql);
|
---|
2259 |
|
---|
2260 | $hold_ary = array();
|
---|
2261 |
|
---|
2262 | while ($row = $db->sql_fetchrow($result))
|
---|
2263 | {
|
---|
2264 | $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
|
---|
2265 | $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
|
---|
2266 | }
|
---|
2267 | $db->sql_freeresult($result);
|
---|
2268 |
|
---|
2269 | unset($hold_ary);
|
---|
2270 | }
|
---|
2271 | else
|
---|
2272 | {
|
---|
2273 | $sql = 'SELECT auth_option, is_local, is_global
|
---|
2274 | FROM ' . ACL_OPTIONS_TABLE . "
|
---|
2275 | WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
|
---|
2276 | AND is_local = 1
|
---|
2277 | ORDER BY is_global DESC, auth_option";
|
---|
2278 | $result = $db->sql_query($sql);
|
---|
2279 |
|
---|
2280 | while ($row = $db->sql_fetchrow($result))
|
---|
2281 | {
|
---|
2282 | $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
|
---|
2283 | $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
|
---|
2284 | }
|
---|
2285 | $db->sql_freeresult($result);
|
---|
2286 | }
|
---|
2287 |
|
---|
2288 | $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
|
---|
2289 | $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
|
---|
2290 |
|
---|
2291 | $template->assign_vars(array(
|
---|
2292 | 'S_PERMISSIONS' => true,
|
---|
2293 |
|
---|
2294 | 'S_GLOBAL' => (!$forum_id) ? true : false,
|
---|
2295 | 'S_FORUM_OPTIONS' => $s_forum_options,
|
---|
2296 |
|
---|
2297 | 'U_ACTION' => $this->u_action . '&u=' . $user_id,
|
---|
2298 | 'U_USER_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&mode=setting_user_global&user_id[]=' . $user_id),
|
---|
2299 | 'U_USER_FORUM_PERMISSIONS' => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&mode=setting_user_local&user_id[]=' . $user_id))
|
---|
2300 | );
|
---|
2301 |
|
---|
2302 | break;
|
---|
2303 |
|
---|
2304 | }
|
---|
2305 |
|
---|
2306 | // Assign general variables
|
---|
2307 | $template->assign_vars(array(
|
---|
2308 | 'S_ERROR' => (sizeof($error)) ? true : false,
|
---|
2309 | 'ERROR_MSG' => (sizeof($error)) ? implode('<br />', $error) : '')
|
---|
2310 | );
|
---|
2311 | }
|
---|
2312 |
|
---|
2313 | /**
|
---|
2314 | * Optionset replacement for this module based on $user->optionset
|
---|
2315 | */
|
---|
2316 | function optionset(&$user_row, $key, $value, $data = false)
|
---|
2317 | {
|
---|
2318 | global $user;
|
---|
2319 |
|
---|
2320 | $var = ($data) ? $data : $user_row['user_options'];
|
---|
2321 |
|
---|
2322 | if ($value && !($var & 1 << $user->keyoptions[$key]))
|
---|
2323 | {
|
---|
2324 | $var += 1 << $user->keyoptions[$key];
|
---|
2325 | }
|
---|
2326 | else if (!$value && ($var & 1 << $user->keyoptions[$key]))
|
---|
2327 | {
|
---|
2328 | $var -= 1 << $user->keyoptions[$key];
|
---|
2329 | }
|
---|
2330 | else
|
---|
2331 | {
|
---|
2332 | return ($data) ? $var : false;
|
---|
2333 | }
|
---|
2334 |
|
---|
2335 | if (!$data)
|
---|
2336 | {
|
---|
2337 | $user_row['user_options'] = $var;
|
---|
2338 | return true;
|
---|
2339 | }
|
---|
2340 | else
|
---|
2341 | {
|
---|
2342 | return $var;
|
---|
2343 | }
|
---|
2344 | }
|
---|
2345 |
|
---|
2346 | /**
|
---|
2347 | * Optionget replacement for this module based on $user->optionget
|
---|
2348 | */
|
---|
2349 | function optionget(&$user_row, $key, $data = false)
|
---|
2350 | {
|
---|
2351 | global $user;
|
---|
2352 |
|
---|
2353 | $var = ($data) ? $data : $user_row['user_options'];
|
---|
2354 | return ($var & 1 << $user->keyoptions[$key]) ? true : false;
|
---|
2355 | }
|
---|
2356 | }
|
---|
2357 |
|
---|
2358 | ?>
|
---|