Changeset 702 for trunk/forum/includes/functions_user.php
- Timestamp:
- Mar 31, 2010, 6:32:40 PM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/forum/includes/functions_user.php
r400 r702 3 3 * 4 4 * @package phpBB3 5 * @version $Id : functions_user.php 8949 2008-09-26 21:29:05Z toonarmy$5 * @version $Id$ 6 6 * @copyright (c) 2005 phpBB Group 7 7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License … … 172 172 'user_pass_convert' => 0, 173 173 'user_email' => strtolower($user_row['user_email']), 174 'user_email_hash' => crc32(strtolower($user_row['user_email'])) . strlen($user_row['user_email']),174 'user_email_hash' => phpbb_email_hash($user_row['user_email']), 175 175 'group_id' => $user_row['group_id'], 176 176 'user_type' => $user_row['user_type'], … … 188 188 'user_regdate' => time(), 189 189 'user_passchg' => time(), 190 'user_options' => 895, 190 'user_options' => 230271, 191 // We do not set the new flag here - registration scripts need to specify it 192 'user_new' => 0, 191 193 192 194 'user_inactive_reason' => 0, … … 276 278 group_set_user_default($user_row['group_id'], array($user_id), false); 277 279 280 // Add to newly registered users group if user_new is 1 281 if ($config['new_member_post_limit'] && $sql_ary['user_new']) 282 { 283 $sql = 'SELECT group_id 284 FROM ' . GROUPS_TABLE . " 285 WHERE group_name = 'NEWLY_REGISTERED' 286 AND group_type = " . GROUP_SPECIAL; 287 $result = $db->sql_query($sql); 288 $add_group_id = (int) $db->sql_fetchfield('group_id'); 289 $db->sql_freeresult($result); 290 291 if ($add_group_id) 292 { 293 // Because these actions only fill the log unneccessarily we skip the add_log() entry with a little hack. :/ 294 $GLOBALS['skip_add_log'] = true; 295 296 // Add user to "newly registered users" group and set to default group if admin specified so. 297 if ($config['new_member_group_default']) 298 { 299 group_user_add($add_group_id, $user_id, false, false, true); 300 } 301 else 302 { 303 group_user_add($add_group_id, $user_id); 304 } 305 306 unset($GLOBALS['skip_add_log']); 307 } 308 } 309 278 310 // set the newest user and adjust the user count if the user is a normal user and no activation mail is sent 279 if ($user_row['user_type'] == USER_NORMAL )311 if ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_FOUNDER) 280 312 { 281 313 set_config('newest_user_id', $user_id, true); 282 314 set_config('newest_username', $user_row['username'], true); 283 set_config ('num_users', $config['num_users'] +1, true);315 set_config_count('num_users', 1, true); 284 316 285 317 $sql = 'SELECT group_colour … … 420 452 SET topic_last_poster_id = ' . ANONYMOUS . ", topic_last_poster_name = '" . $db->sql_escape($post_username) . "', topic_last_poster_colour = '' 421 453 WHERE topic_last_poster_id = $user_id"; 454 $db->sql_query($sql); 455 456 $sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 457 SET poster_id = ' . ANONYMOUS . " 458 WHERE poster_id = $user_id"; 422 459 $db->sql_query($sql); 423 460 … … 491 528 $db->sql_transaction('begin'); 492 529 493 $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE );530 $table_ary = array(USERS_TABLE, USER_GROUP_TABLE, TOPICS_WATCH_TABLE, FORUMS_WATCH_TABLE, ACL_USERS_TABLE, TOPICS_TRACK_TABLE, TOPICS_POSTED_TABLE, FORUMS_TRACK_TABLE, PROFILE_FIELDS_DATA_TABLE, MODERATOR_CACHE_TABLE, DRAFTS_TABLE, BOOKMARKS_TABLE, SESSIONS_KEYS_TABLE); 494 531 495 532 foreach ($table_ary as $table) … … 501 538 502 539 $cache->destroy('sql', MODERATOR_CACHE_TABLE); 540 541 // Delete user log entries about this user 542 $sql = 'DELETE FROM ' . LOG_TABLE . ' 543 WHERE reportee_id = ' . $user_id; 544 $db->sql_query($sql); 545 546 // Change user_id to anonymous for this users triggered events 547 $sql = 'UPDATE ' . LOG_TABLE . ' 548 SET user_id = ' . ANONYMOUS . ' 549 WHERE user_id = ' . $user_id; 550 $db->sql_query($sql); 551 552 // Delete the user_id from the zebra table 553 $sql = 'DELETE FROM ' . ZEBRA_TABLE . ' 554 WHERE user_id = ' . $user_id . ' 555 OR zebra_id = ' . $user_id; 556 $db->sql_query($sql); 557 558 // Delete the user_id from the banlist 559 $sql = 'DELETE FROM ' . BANLIST_TABLE . ' 560 WHERE ban_userid = ' . $user_id; 561 $db->sql_query($sql); 562 563 // Delete the user_id from the session table 564 $sql = 'DELETE FROM ' . SESSIONS_TABLE . ' 565 WHERE session_user_id = ' . $user_id; 566 $db->sql_query($sql); 503 567 504 568 // Remove any undelivered mails... … … 570 634 if ($user_row['user_type'] != USER_INACTIVE && $user_row['user_type'] != USER_IGNORE) 571 635 { 572 set_config ('num_users', $config['num_users'] -1, true);636 set_config_count('num_users', -1, true); 573 637 } 574 638 … … 651 715 if ($deactivated) 652 716 { 653 set_config ('num_users', $config['num_users'] - $deactivated, true);717 set_config_count('num_users', $deactivated * (-1), true); 654 718 } 655 719 656 720 if ($activated) 657 721 { 658 set_config ('num_users', $config['num_users'] +$activated, true);722 set_config_count('num_users', $activated, true); 659 723 } 660 724 … … 895 959 } 896 960 } 897 else 961 962 if (empty($banlist_ary)) 898 963 { 899 964 trigger_error('NO_IPS_DEFINED'); … … 968 1033 while ($row = $db->sql_fetchrow($result)); 969 1034 970 $banlist_ary = array_unique(array_diff($banlist_ary, $banlist_ary_tmp)); 1035 $banlist_ary_tmp = array_intersect($banlist_ary, $banlist_ary_tmp); 1036 1037 if (sizeof($banlist_ary_tmp)) 1038 { 1039 // One or more entities are already banned/excluded, delete the existing bans, so they can be re-inserted with the given new length 1040 $sql = 'DELETE FROM ' . BANLIST_TABLE . ' 1041 WHERE ' . $db->sql_in_set($type, $banlist_ary_tmp) . ' 1042 AND ban_exclude = ' . (int) $ban_exclude; 1043 $db->sql_query($sql); 1044 } 1045 971 1046 unset($banlist_ary_tmp); 972 1047 } … … 1051 1126 $log_entry = ($ban_exclude) ? 'LOG_BAN_EXCLUDE_' : 'LOG_BAN_'; 1052 1127 1053 // Add to moderator and admin log1128 // Add to moderator log, admin log and user notes 1054 1129 add_log('admin', $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); 1055 1130 add_log('mod', 0, 0, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); 1131 if ($mode == 'user') 1132 { 1133 foreach ($banlist_ary as $user_id) 1134 { 1135 add_log('user', $user_id, $log_entry . strtoupper($mode), $ban_reason, $ban_list_log); 1136 } 1137 } 1056 1138 1057 1139 $cache->destroy('sql', BANLIST_TABLE); … … 1092 1174 { 1093 1175 case 'user': 1094 $sql = 'SELECT u.username AS unban_info 1176 $sql = 'SELECT u.username AS unban_info, u.user_id 1095 1177 FROM ' . USERS_TABLE . ' u, ' . BANLIST_TABLE . ' b 1096 1178 WHERE ' . $db->sql_in_set('b.ban_id', $unban_sql) . ' … … 1113 1195 1114 1196 $l_unban_list = ''; 1197 $user_ids_ary = array(); 1115 1198 while ($row = $db->sql_fetchrow($result)) 1116 1199 { 1117 1200 $l_unban_list .= (($l_unban_list != '') ? ', ' : '') . $row['unban_info']; 1201 if ($mode == 'user') 1202 { 1203 $user_ids_ary[] = $row['user_id']; 1204 } 1118 1205 } 1119 1206 $db->sql_freeresult($result); … … 1123 1210 $db->sql_query($sql); 1124 1211 1125 // Add to moderator and admin log1212 // Add to moderator log, admin log and user notes 1126 1213 add_log('admin', 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); 1127 1214 add_log('mod', 0, 0, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); 1215 if ($mode == 'user') 1216 { 1217 foreach ($user_ids_ary as $user_id) 1218 { 1219 add_log('user', $user_id, 'LOG_UNBAN_' . strtoupper($mode), $l_unban_list); 1220 } 1221 } 1128 1222 } 1129 1223 … … 1135 1229 /** 1136 1230 * Whois facility 1231 * 1232 * @link http://tools.ietf.org/html/rfc3912 RFC3912: WHOIS Protocol Specification 1137 1233 */ 1138 1234 function user_ipwhois($ip) … … 1147 1243 } 1148 1244 1149 $match = array(1150 '#RIPE\.NET#is' => 'whois.ripe.net',1151 '#whois\.apnic\.net#is' => 'whois.apnic.net',1152 '#nic\.ad\.jp#is' => 'whois.nic.ad.jp',1153 '#whois\.registro\.br#is' => 'whois.registro.br'1154 );1155 1156 1245 if (($fsk = @fsockopen('whois.arin.net', 43))) 1157 1246 { 1158 fputs($fsk, "$ip\n"); 1247 // CRLF as per RFC3912 1248 fputs($fsk, "$ip\r\n"); 1159 1249 while (!feof($fsk)) 1160 1250 { … … 1164 1254 } 1165 1255 1166 foreach (array_keys($match) as $server) 1167 { 1168 if (preg_match($server, $ipwhois)) 1169 { 1170 $ipwhois = ''; 1171 if (($fsk = @fsockopen($match[$server], 43))) 1172 { 1173 fputs($fsk, "$ip\n"); 1174 while (!feof($fsk)) 1175 { 1176 $ipwhois .= fgets($fsk, 1024); 1177 } 1178 @fclose($fsk); 1179 } 1180 break; 1181 } 1256 $match = array(); 1257 1258 // Test for referrals from ARIN to other whois databases, roll on rwhois 1259 if (preg_match('#ReferralServer: whois://(.+)#im', $ipwhois, $match)) 1260 { 1261 if (strpos($match[1], ':') !== false) 1262 { 1263 $pos = strrpos($match[1], ':'); 1264 $server = substr($match[1], 0, $pos); 1265 $port = (int) substr($match[1], $pos + 1); 1266 unset($pos); 1267 } 1268 else 1269 { 1270 $server = $match[1]; 1271 $port = 43; 1272 } 1273 1274 $buffer = ''; 1275 1276 if (($fsk = @fsockopen($server, $port))) 1277 { 1278 fputs($fsk, "$ip\r\n"); 1279 while (!feof($fsk)) 1280 { 1281 $buffer .= fgets($fsk, 1024); 1282 } 1283 @fclose($fsk); 1284 } 1285 1286 // Use the result from ARIN if we don't get any result here 1287 $ipwhois = (empty($buffer)) ? $ipwhois : $buffer; 1182 1288 } 1183 1289 … … 1415 1521 else if ($mbstring) 1416 1522 { 1417 $regex = '[-\]_+ [[:upper:][:lower:][:digit:]]+';1523 $regex = '[-\]_+ \[[:upper:][:lower:][:digit:]]+'; 1418 1524 } 1419 1525 else … … 1440 1546 else if ($mbstring) 1441 1547 { 1442 $matches = array(); 1443 mb_ereg_search_init('^' . $username . '$', $regex, $matches); 1548 mb_ereg_search_init($username, '^' . $regex . '$'); 1444 1549 if (!mb_ereg_search()) 1445 1550 { … … 1623 1728 $sql = 'SELECT user_email_hash 1624 1729 FROM ' . USERS_TABLE . " 1625 WHERE user_email_hash = " . (crc32($email) . strlen($email));1730 WHERE user_email_hash = " . $db->sql_escape(phpbb_email_hash($email)); 1626 1731 $result = $db->sql_query($sql); 1627 1732 $row = $db->sql_fetchrow($result); … … 2057 2162 { 2058 2163 $avatar_list[$file][$avatar_row_count][$avatar_col_count] = array( 2059 'file' => "$file/$sub_file",2060 'filename' => $sub_file,2164 'file' => rawurlencode($file) . '/' . rawurlencode($sub_file), 2165 'filename' => rawurlencode($sub_file), 2061 2166 'name' => ucfirst(str_replace('_', ' ', preg_replace('#^(.*)\..*$#', '\1', $sub_file))), 2062 2167 ); … … 2345 2450 2346 2451 $error = array(); 2347 $attribute_ary = array( 2348 'group_colour' => 'string', 2349 'group_rank' => 'int', 2350 'group_avatar' => 'string', 2351 'group_avatar_type' => 'int', 2352 'group_avatar_width' => 'int', 2353 'group_avatar_height' => 'int', 2354 2355 'group_receive_pm' => 'int', 2356 'group_legend' => 'int', 2357 'group_message_limit' => 'int', 2358 'group_max_recipients' => 'int', 2359 2360 'group_founder_manage' => 'int', 2361 ); 2362 2363 // Those are group-only attributes 2364 $group_only_ary = array('group_receive_pm', 'group_legend', 'group_message_limit', 'group_max_recipients', 'group_founder_manage'); 2452 2453 // Attributes which also affect the users table 2454 $user_attribute_ary = array('group_colour', 'group_rank', 'group_avatar', 'group_avatar_type', 'group_avatar_width', 'group_avatar_height'); 2365 2455 2366 2456 // Check data. Limit group name length. … … 2400 2490 if (sizeof($group_attributes)) 2401 2491 { 2402 foreach ($attribute_ary as $attribute => $_type) 2403 { 2404 if (isset($group_attributes[$attribute])) 2405 { 2406 settype($group_attributes[$attribute], $_type); 2407 $sql_ary[$attribute] = $group_attributes[$attribute]; 2408 } 2409 } 2492 // Merge them with $sql_ary to properly update the group 2493 $sql_ary = array_merge($sql_ary, $group_attributes); 2410 2494 } 2411 2495 … … 2432 2516 remove_default_avatar($group_id, $user_ary); 2433 2517 } 2518 2434 2519 if (isset($sql_ary['group_rank']) && !$sql_ary['group_rank']) 2435 2520 { … … 2447 2532 WHERE group_id = $group_id"; 2448 2533 $db->sql_query($sql); 2534 2535 // One special case is the group skip auth setting. If this was changed we need to purge permissions for this group 2536 if (isset($group_attributes['group_skip_auth'])) 2537 { 2538 // Get users within this group... 2539 $sql = 'SELECT user_id 2540 FROM ' . USER_GROUP_TABLE . ' 2541 WHERE group_id = ' . $group_id . ' 2542 AND user_pending = 0'; 2543 $result = $db->sql_query($sql); 2544 2545 $user_id_ary = array(); 2546 while ($row = $db->sql_fetchrow($result)) 2547 { 2548 $user_id_ary[] = $row['user_id']; 2549 } 2550 $db->sql_freeresult($result); 2551 2552 if (!empty($user_id_ary)) 2553 { 2554 global $auth; 2555 2556 // Clear permissions cache of relevant users 2557 $auth->acl_clear_prefetch($user_id_ary); 2558 } 2559 } 2449 2560 } 2450 2561 else … … 2457 2568 { 2458 2569 $group_id = $db->sql_nextid(); 2570 2459 2571 if (isset($sql_ary['group_avatar_type']) && $sql_ary['group_avatar_type'] == AVATAR_UPLOAD) 2460 2572 { … … 2467 2579 if (sizeof($group_attributes)) 2468 2580 { 2469 foreach ($attribute_ary as $attribute => $_type) 2470 { 2471 if (isset($group_attributes[$attribute]) && !in_array($attribute, $group_only_ary)) 2581 // Go through the user attributes array, check if a group attribute matches it and then set it. ;) 2582 foreach ($user_attribute_ary as $attribute) 2583 { 2584 if (!isset($group_attributes[$attribute])) 2472 2585 { 2473 // If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set... 2474 if (strpos($attribute, 'group_avatar') === 0 && !$group_attributes[$attribute]) 2475 { 2476 continue; 2477 } 2478 2479 $sql_ary[$attribute] = $group_attributes[$attribute]; 2586 continue; 2480 2587 } 2588 2589 // If we are about to set an avatar, we will not overwrite user avatars if no group avatar is set... 2590 if (strpos($attribute, 'group_avatar') === 0 && !$group_attributes[$attribute]) 2591 { 2592 continue; 2593 } 2594 2595 $sql_ary[$attribute] = $group_attributes[$attribute]; 2481 2596 } 2482 2597 } … … 2682 2797 if ($default) 2683 2798 { 2684 group_ set_user_default($group_id, $user_id_ary, $group_attributes);2799 group_user_attributes('default', $group_id, $user_id_ary, false, $group_name, $group_attributes); 2685 2800 } 2686 2801 … … 2695 2810 } 2696 2811 2697 $log = ($leader) ? 'LOG_MODS_ADDED' : 'LOG_USERS_ADDED';2812 $log = ($leader) ? 'LOG_MODS_ADDED' : (($pending) ? 'LOG_USERS_PENDING' : 'LOG_USERS_ADDED'); 2698 2813 2699 2814 add_log('admin', $log, $group_name, implode(', ', $username_ary)); … … 2714 2829 function group_user_del($group_id, $user_id_ary = false, $username_ary = false, $group_name = false) 2715 2830 { 2716 global $db, $auth; 2717 2718 $group_order = array('ADMINISTRATORS', 'GLOBAL_MODERATORS', 'REGISTERED_COPPA', 'REGISTERED', 'BOTS', 'GUESTS'); 2831 global $db, $auth, $config; 2832 2833 if ($config['coppa_enable']) 2834 { 2835 $group_order = array('ADMINISTRATORS', 'GLOBAL_MODERATORS', 'NEWLY_REGISTERED', 'REGISTERED_COPPA', 'REGISTERED', 'BOTS', 'GUESTS'); 2836 } 2837 else 2838 { 2839 $group_order = array('ADMINISTRATORS', 'GLOBAL_MODERATORS', 'NEWLY_REGISTERED', 'REGISTERED', 'BOTS', 'GUESTS'); 2840 } 2719 2841 2720 2842 // We need both username and user_id info … … 2780 2902 while ($row = $db->sql_fetchrow($result)) 2781 2903 { 2782 if ($default_groups[$row['user_id']] == $group_id && (!isset($temp_ary[$row['user_id']]) || array_search($row['group_name'], $group_order)< $temp_ary[$row['user_id']]))2904 if ($default_groups[$row['user_id']] == $group_id && (!isset($temp_ary[$row['user_id']]) || $group_order_id[$row['group_name']] < $temp_ary[$row['user_id']])) 2783 2905 { 2784 2906 $temp_ary[$row['user_id']] = $row['group_id']; … … 2787 2909 $db->sql_freeresult($result); 2788 2910 2911 // sql_where_ary holds the new default groups and their users 2789 2912 $sql_where_ary = array(); 2790 2913 foreach ($temp_ary as $uid => $gid) … … 2820 2943 $log = 'LOG_GROUP_REMOVE'; 2821 2944 2822 add_log('admin', $log, $group_name, implode(', ', $username_ary)); 2945 if ($group_name) 2946 { 2947 add_log('admin', $log, $group_name, implode(', ', $username_ary)); 2948 } 2823 2949 2824 2950 group_update_listings($group_id); … … 3010 3136 3011 3137 case 'default': 3138 // We only set default group for approved members of the group 3139 $sql = 'SELECT user_id 3140 FROM ' . USER_GROUP_TABLE . " 3141 WHERE group_id = $group_id 3142 AND user_pending = 0 3143 AND " . $db->sql_in_set('user_id', $user_id_ary); 3144 $result = $db->sql_query($sql); 3145 3146 $user_id_ary = $username_ary = array(); 3147 while ($row = $db->sql_fetchrow($result)) 3148 { 3149 $user_id_ary[] = $row['user_id']; 3150 } 3151 $db->sql_freeresult($result); 3152 3153 $result = user_get_id_name($user_id_ary, $username_ary); 3154 if (!sizeof($user_id_ary) || $result !== false) 3155 { 3156 return 'NO_USERS'; 3157 } 3158 3012 3159 $sql = 'SELECT user_id, group_id FROM ' . USERS_TABLE . ' 3013 3160 WHERE ' . $db->sql_in_set('user_id', $user_id_ary, false, true); … … 3098 3245 function group_set_user_default($group_id, $user_id_ary, $group_attributes = false, $update_listing = false) 3099 3246 { 3100 global $ db;3247 global $cache, $db; 3101 3248 3102 3249 if (empty($user_id_ary)) … … 3198 3345 group_update_listings($group_id); 3199 3346 } 3347 3348 // Because some tables/caches use usercolour-specific data we need to purge this here. 3349 $cache->destroy('sql', MODERATOR_CACHE_TABLE); 3200 3350 } 3201 3351 … … 3214 3364 $db->sql_freeresult($result); 3215 3365 3216 if (!$row )3366 if (!$row || ($row['group_type'] == GROUP_SPECIAL && empty($user->lang))) 3217 3367 { 3218 3368 return ''; … … 3357 3507 } 3358 3508 3509 3510 3511 /** 3512 * Funtion to make a user leave the NEWLY_REGISTERED system group. 3513 * @access public 3514 * @param $user_id The id of the user to remove from the group 3515 */ 3516 function remove_newly_registered($user_id, $user_data = false) 3517 { 3518 global $db; 3519 3520 if ($user_data === false) 3521 { 3522 $sql = 'SELECT * 3523 FROM ' . USERS_TABLE . ' 3524 WHERE user_id = ' . $user_id; 3525 $result = $db->sql_query($sql); 3526 $user_row = $db->sql_fetchrow($result); 3527 $db->sql_freeresult($result); 3528 3529 if (!$user_row) 3530 { 3531 return false; 3532 } 3533 else 3534 { 3535 $user_data = $user_row; 3536 } 3537 } 3538 3539 if (empty($user_data['user_new'])) 3540 { 3541 return false; 3542 } 3543 3544 $sql = 'SELECT group_id 3545 FROM ' . GROUPS_TABLE . " 3546 WHERE group_name = 'NEWLY_REGISTERED' 3547 AND group_type = " . GROUP_SPECIAL; 3548 $result = $db->sql_query($sql); 3549 $group_id = (int) $db->sql_fetchfield('group_id'); 3550 $db->sql_freeresult($result); 3551 3552 if (!$group_id) 3553 { 3554 return false; 3555 } 3556 3557 // We need to call group_user_del here, because this function makes sure everything is correctly changed. 3558 // A downside for a call within the session handler is that the language is not set up yet - so no log entry 3559 group_user_del($group_id, $user_id); 3560 3561 // Set user_new to 0 to let this not be triggered again 3562 $sql = 'UPDATE ' . USERS_TABLE . ' 3563 SET user_new = 0 3564 WHERE user_id = ' . $user_id; 3565 $db->sql_query($sql); 3566 3567 // The new users group was the users default group? 3568 if ($user_data['group_id'] == $group_id) 3569 { 3570 // Which group is now the users default one? 3571 $sql = 'SELECT group_id 3572 FROM ' . USERS_TABLE . ' 3573 WHERE user_id = ' . $user_id; 3574 $result = $db->sql_query($sql); 3575 $user_data['group_id'] = $db->sql_fetchfield('group_id'); 3576 $db->sql_freeresult($result); 3577 } 3578 3579 return $user_data['group_id']; 3580 } 3581 3359 3582 ?>
Note:
See TracChangeset
for help on using the changeset viewer.