← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/php/phpBB3/includes/acp/acp_users.php

  • Committer: William Grant
  • Date: 2009-02-23 23:47:02 UTC
  • mfrom: (1099.1.211 new-dispatch)
  • Revision ID: grantw@unimelb.edu.au-20090223234702-db4b1llly46ignwo
Merge from lp:~ivle-dev/ivle/new-dispatch.

Pretty much everything changes. Reread the setup docs. Backup your databases.
Every file is now in a different installed location, the configuration system
is rewritten, the dispatch system is rewritten, URLs are different, the
database is different, worksheets and exercises are no longer on the
filesystem, we use a templating engine, jail service protocols are rewritten,
we don't repeat ourselves, we have authorization rewritten, phpBB is gone,
and probably lots of other things that I cannot remember.

This is certainly the biggest commit I have ever made, and hopefully
the largest I ever will.

Show diffs side-by-side

added added

removed removed

Lines of Context:
www/php/phpBB3/includes/acp/acp_users.php
1
 
<?php
2
 
/**
3
 
*
4
 
* @package acp
5
 
* @version $Id: acp_users.php,v 1.142 2007/11/15 19:54:37 kellanved Exp $
6
 
* @copyright (c) 2005 phpBB Group
7
 
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8
 
*
9
 
*/
10
 
 
11
 
/**
12
 
* @ignore
13
 
*/
14
 
if (!defined('IN_PHPBB'))
15
 
{
16
 
        exit;
17
 
}
18
 
 
19
 
/**
20
 
* @package acp
21
 
*/
22
 
class acp_users
23
 
{
24
 
        var $u_action;
25
 
        var $p_master;
26
 
 
27
 
        function acp_users(&$p_master)
28
 
        {
29
 
                $this->p_master = &$p_master;
30
 
        }
31
 
 
32
 
        function main($id, $mode)
33
 
        {
34
 
                global $config, $db, $user, $auth, $template, $cache;
35
 
                global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
36
 
 
37
 
                $user->add_lang(array('posting', 'ucp', 'acp/users'));
38
 
                $this->tpl_name = 'acp_users';
39
 
                $this->page_title = 'ACP_USER_' . strtoupper($mode);
40
 
 
41
 
                $error          = array();
42
 
                $username       = utf8_normalize_nfc(request_var('username', '', true));
43
 
                $user_id        = request_var('u', 0);
44
 
                $action         = request_var('action', '');
45
 
 
46
 
                $submit         = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
47
 
 
48
 
                $form_name = 'acp_users';
49
 
                add_form_key($form_name);
50
 
 
51
 
                // Whois (special case)
52
 
                if ($action == 'whois')
53
 
                {
54
 
                        include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
55
 
 
56
 
                        $this->page_title = 'WHOIS';
57
 
                        $this->tpl_name = 'simple_body';
58
 
 
59
 
                        $user_ip = request_var('user_ip', '');
60
 
                        $domain = gethostbyaddr($user_ip);
61
 
                        $ipwhois = user_ipwhois($user_ip);
62
 
 
63
 
                        $template->assign_vars(array(
64
 
                                'MESSAGE_TITLE'         => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
65
 
                                'MESSAGE_TEXT'          => nl2br($ipwhois))
66
 
                        );
67
 
 
68
 
                        return;
69
 
                }
70
 
 
71
 
                // Show user selection mask
72
 
                if (!$username && !$user_id)
73
 
                {
74
 
                        $this->page_title = 'SELECT_USER';
75
 
 
76
 
                        $template->assign_vars(array(
77
 
                                'U_ACTION'                      => $this->u_action,
78
 
                                'ANONYMOUS_USER_ID'     => ANONYMOUS,
79
 
 
80
 
                                'S_SELECT_USER'         => true,
81
 
                                'U_FIND_USERNAME'       => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=select_user&amp;field=username&amp;select_single=true'),
82
 
                        ));
83
 
 
84
 
                        return;
85
 
                }
86
 
 
87
 
                if (!$user_id)
88
 
                {
89
 
                        $sql = 'SELECT user_id
90
 
                                FROM ' . USERS_TABLE . "
91
 
                                WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
92
 
                        $result = $db->sql_query($sql);
93
 
                        $user_id = (int) $db->sql_fetchfield('user_id');
94
 
                        $db->sql_freeresult($result);
95
 
 
96
 
                        if (!$user_id)
97
 
                        {
98
 
                                trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
99
 
                        }
100
 
                }
101
 
 
102
 
                // Generate content for all modes
103
 
                $sql = 'SELECT u.*, s.*
104
 
                        FROM ' . USERS_TABLE . ' u
105
 
                                LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
106
 
                        WHERE u.user_id = ' . $user_id . '
107
 
                        ORDER BY s.session_time DESC';
108
 
                $result = $db->sql_query($sql);
109
 
                $user_row = $db->sql_fetchrow($result);
110
 
                $db->sql_freeresult($result);
111
 
 
112
 
                if (!$user_row)
113
 
                {
114
 
                        trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
115
 
                }
116
 
 
117
 
                // Generate overall "header" for user admin
118
 
                $s_form_options = '';
119
 
 
120
 
                // Build modes dropdown list
121
 
                $sql = 'SELECT module_mode, module_auth
122
 
                        FROM ' . MODULES_TABLE . "
123
 
                        WHERE module_basename = 'users'
124
 
                                AND module_enabled = 1
125
 
                                AND module_class = 'acp'
126
 
                        ORDER BY left_id, module_mode";
127
 
                $result = $db->sql_query($sql);
128
 
 
129
 
                $dropdown_modes = array();
130
 
                while ($row = $db->sql_fetchrow($result))
131
 
                {
132
 
                        if (!$this->p_master->module_auth($row['module_auth']))
133
 
                        {
134
 
                                continue;
135
 
                        }
136
 
 
137
 
                        $dropdown_modes[$row['module_mode']] = true;
138
 
                }
139
 
                $db->sql_freeresult($result);
140
 
 
141
 
                foreach ($dropdown_modes as $module_mode => $null)
142
 
                {
143
 
                        $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
144
 
                        $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
145
 
                }
146
 
 
147
 
                $template->assign_vars(array(
148
 
                        'U_BACK'                        => $this->u_action,
149
 
                        'U_MODE_SELECT'         => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;u=$user_id"),
150
 
                        'U_ACTION'                      => $this->u_action . '&amp;u=' . $user_id,
151
 
                        'S_FORM_OPTIONS'        => $s_form_options,
152
 
                        'MANAGED_USERNAME'      => $user_row['username'])
153
 
                );
154
 
 
155
 
                // Prevent normal users/admins change/view founders if they are not a founder by themselves
156
 
                if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
157
 
                {
158
 
                        trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
159
 
                }
160
 
 
161
 
                switch ($mode)
162
 
                {
163
 
                        case 'overview':
164
 
 
165
 
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
166
 
 
167
 
                                $user->add_lang('acp/ban');
168
 
 
169
 
                                $delete                 = request_var('delete', 0);
170
 
                                $delete_type    = request_var('delete_type', '');
171
 
                                $ip                             = request_var('ip', 'ip');
172
 
 
173
 
                                if ($submit)
174
 
                                {
175
 
                                        // You can't delete the founder
176
 
                                        if ($delete && $user_row['user_type'] != USER_FOUNDER)
177
 
                                        {
178
 
                                                if (!$auth->acl_get('a_userdel'))
179
 
                                                {
180
 
                                                        trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
181
 
                                                }
182
 
 
183
 
                                                // Check if the user wants to remove himself or the guest user account
184
 
                                                if ($user_id == ANONYMOUS)
185
 
                                                {
186
 
                                                        trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
187
 
                                                }
188
 
 
189
 
                                                if ($user_id == $user->data['user_id'])
190
 
                                                {
191
 
                                                        trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
192
 
                                                }
193
 
 
194
 
                                                if (confirm_box(true))
195
 
                                                {
196
 
                                                        user_delete($delete_type, $user_id, $user_row['username']);
197
 
 
198
 
                                                        add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
199
 
                                                        trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
200
 
                                                }
201
 
                                                else
202
 
                                                {
203
 
                                                        confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
204
 
                                                                'u'                             => $user_id,
205
 
                                                                'i'                             => $id,
206
 
                                                                'mode'                  => $mode,
207
 
                                                                'action'                => $action,
208
 
                                                                'update'                => true,
209
 
                                                                'delete'                => 1,
210
 
                                                                'delete_type'   => $delete_type))
211
 
                                                        );
212
 
                                                }
213
 
                                        }
214
 
 
215
 
                                        // Handle quicktool actions
216
 
                                        switch ($action)
217
 
                                        {
218
 
                                                case 'banuser':
219
 
                                                case 'banemail':
220
 
                                                case 'banip':
221
 
 
222
 
                                                        if ($user_id == $user->data['user_id'])
223
 
                                                        {
224
 
                                                                trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
225
 
                                                        }
226
 
 
227
 
                                                        if ($user_row['user_type'] == USER_FOUNDER)
228
 
                                                        {
229
 
                                                                trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
230
 
                                                        }
231
 
 
232
 
                                                        if (!check_form_key($form_name))
233
 
                                                        {
234
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
235
 
                                                        }
236
 
 
237
 
                                                        $ban = array();
238
 
 
239
 
                                                        switch ($action)
240
 
                                                        {
241
 
                                                                case 'banuser':
242
 
                                                                        $ban[] = $user_row['username'];
243
 
                                                                        $reason = 'USER_ADMIN_BAN_NAME_REASON';
244
 
                                                                        $log = 'LOG_USER_BAN_USER';
245
 
                                                                break;
246
 
 
247
 
                                                                case 'banemail':
248
 
                                                                        $ban[] = $user_row['user_email'];
249
 
                                                                        $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
250
 
                                                                        $log = 'LOG_USER_BAN_EMAIL';
251
 
                                                                break;
252
 
 
253
 
                                                                case 'banip':
254
 
                                                                        $ban[] = $user_row['user_ip'];
255
 
 
256
 
                                                                        $sql = 'SELECT DISTINCT poster_ip
257
 
                                                                                FROM ' . POSTS_TABLE . "
258
 
                                                                                WHERE poster_id = $user_id";
259
 
                                                                        $result = $db->sql_query($sql);
260
 
 
261
 
                                                                        while ($row = $db->sql_fetchrow($result))
262
 
                                                                        {
263
 
                                                                                $ban[] = $row['poster_ip'];
264
 
                                                                        }
265
 
                                                                        $db->sql_freeresult($result);
266
 
 
267
 
                                                                        $reason = 'USER_ADMIN_BAN_IP_REASON';
268
 
                                                                        $log = 'LOG_USER_BAN_IP';
269
 
                                                                break;
270
 
                                                        }
271
 
 
272
 
                                                        $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
273
 
                                                        $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
274
 
 
275
 
                                                        // Log not used at the moment, we simply utilize the ban function.
276
 
                                                        $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
277
 
 
278
 
                                                        trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&amp;u=' . $user_id));
279
 
 
280
 
                                                break;
281
 
 
282
 
                                                case 'reactivate':
283
 
 
284
 
                                                        if ($user_id == $user->data['user_id'])
285
 
                                                        {
286
 
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
287
 
                                                        }
288
 
 
289
 
                                                        if (!check_form_key($form_name))
290
 
                                                        {
291
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
292
 
                                                        }
293
 
 
294
 
                                                        if ($user_row['user_type'] == USER_FOUNDER)
295
 
                                                        {
296
 
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
297
 
                                                        }
298
 
 
299
 
                                                        if ($user_row['user_type'] == USER_IGNORE)
300
 
                                                        {
301
 
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
302
 
                                                        }
303
 
 
304
 
                                                        if ($config['email_enable'])
305
 
                                                        {
306
 
                                                                include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
307
 
 
308
 
                                                                $server_url = generate_board_url();
309
 
 
310
 
                                                                $user_actkey = gen_rand_string(10);
311
 
                                                                $key_len = 54 - (strlen($server_url));
312
 
                                                                $key_len = ($key_len > 6) ? $key_len : 6;
313
 
                                                                $user_actkey = substr($user_actkey, 0, $key_len);
314
 
                                                                $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
315
 
 
316
 
                                                                if ($user_row['user_type'] == USER_NORMAL)
317
 
                                                                {
318
 
                                                                        user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
319
 
 
320
 
                                                                        $sql = 'UPDATE ' . USERS_TABLE . "
321
 
                                                                                SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
322
 
                                                                                WHERE user_id = $user_id";
323
 
                                                                        $db->sql_query($sql);
324
 
                                                                }
325
 
                                                                else
326
 
                                                                {
327
 
                                                                        // Grabbing the last confirm key - we only send a reminder
328
 
                                                                        $sql = 'SELECT user_actkey
329
 
                                                                                FROM ' . USERS_TABLE . '
330
 
                                                                                WHERE user_id = ' . $user_id;
331
 
                                                                        $result = $db->sql_query($sql);
332
 
                                                                        $user_actkey = (string) $db->sql_fetchfield('user_actkey');
333
 
                                                                        $db->sql_freeresult($result);
334
 
                                                                }
335
 
 
336
 
                                                                $messenger = new messenger(false);
337
 
 
338
 
                                                                $messenger->template($email_template, $user_row['user_lang']);
339
 
 
340
 
                                                                $messenger->to($user_row['user_email'], $user_row['username']);
341
 
 
342
 
                                                                $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
343
 
                                                                $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
344
 
                                                                $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
345
 
                                                                $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
346
 
 
347
 
                                                                $messenger->assign_vars(array(
348
 
                                                                        'WELCOME_MSG'   => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
349
 
                                                                        'USERNAME'              => htmlspecialchars_decode($user_row['username']),
350
 
                                                                        'U_ACTIVATE'    => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
351
 
                                                                );
352
 
 
353
 
                                                                $messenger->send(NOTIFY_EMAIL);
354
 
 
355
 
                                                                add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
356
 
                                                                add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
357
 
 
358
 
                                                                trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
359
 
                                                        }
360
 
 
361
 
                                                break;
362
 
 
363
 
                                                case 'active':
364
 
 
365
 
                                                        if ($user_id == $user->data['user_id'])
366
 
                                                        {
367
 
                                                                // It is only deactivation since the user is already activated (else he would not have reached this page)
368
 
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
369
 
                                                        }
370
 
 
371
 
                                                        if (!check_form_key($form_name))
372
 
                                                        {
373
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
374
 
                                                        }
375
 
 
376
 
                                                        if ($user_row['user_type'] == USER_FOUNDER)
377
 
                                                        {
378
 
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
379
 
                                                        }
380
 
 
381
 
                                                        if ($user_row['user_type'] == USER_IGNORE)
382
 
                                                        {
383
 
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
384
 
                                                        }
385
 
 
386
 
                                                        user_active_flip('flip', $user_id);
387
 
 
388
 
                                                        $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
389
 
                                                        $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
390
 
 
391
 
                                                        add_log('admin', $log, $user_row['username']);
392
 
                                                        add_log('user', $user_id, $log . '_USER');
393
 
 
394
 
                                                        trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
395
 
 
396
 
                                                break;
397
 
 
398
 
                                                case 'delsig':
399
 
 
400
 
                                                        if (!check_form_key($form_name))
401
 
                                                        {
402
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
403
 
                                                        }
404
 
 
405
 
                                                        $sql_ary = array(
406
 
                                                                'user_sig'                                      => '',
407
 
                                                                'user_sig_bbcode_uid'           => '',
408
 
                                                                'user_sig_bbcode_bitfield'      => ''
409
 
                                                        );
410
 
 
411
 
                                                        $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
412
 
                                                                WHERE user_id = $user_id";
413
 
                                                        $db->sql_query($sql);
414
 
                                                
415
 
                                                        add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
416
 
                                                        add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
417
 
 
418
 
                                                        trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
419
 
 
420
 
                                                break;
421
 
 
422
 
                                                case 'delavatar':
423
 
 
424
 
                                                        if (!check_form_key($form_name))
425
 
                                                        {
426
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
427
 
                                                        }
428
 
 
429
 
                                                        $sql_ary = array(
430
 
                                                                'user_avatar'                   => '',
431
 
                                                                'user_avatar_type'              => 0,
432
 
                                                                'user_avatar_width'             => 0,
433
 
                                                                'user_avatar_height'    => 0,
434
 
                                                        );
435
 
 
436
 
                                                        $sql = 'UPDATE ' . USERS_TABLE . '
437
 
                                                                SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
438
 
                                                                WHERE user_id = $user_id";
439
 
                                                        $db->sql_query($sql);
440
 
 
441
 
                                                        // Delete old avatar if present
442
 
                                                        if ($user_row['user_avatar'] && $user_row['user_avatar_type'] != AVATAR_GALLERY)
443
 
                                                        {
444
 
                                                                avatar_delete('user', $user_row);
445
 
                                                        }
446
 
 
447
 
                                                        add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
448
 
                                                        add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
449
 
 
450
 
                                                        trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
451
 
                                                break;
452
 
 
453
 
                                                case 'delposts':
454
 
 
455
 
                                                        if (confirm_box(true))
456
 
                                                        {
457
 
                                                                // Delete posts, attachments, etc.
458
 
                                                                delete_posts('poster_id', $user_id);
459
 
 
460
 
                                                                add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
461
 
                                                                trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
462
 
                                                        }
463
 
                                                        else
464
 
                                                        {
465
 
                                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
466
 
                                                                        'u'                             => $user_id,
467
 
                                                                        'i'                             => $id,
468
 
                                                                        'mode'                  => $mode,
469
 
                                                                        'action'                => $action,
470
 
                                                                        'update'                => true))
471
 
                                                                );
472
 
                                                        }
473
 
 
474
 
                                                break;
475
 
 
476
 
                                                case 'delattach':
477
 
 
478
 
                                                        if (confirm_box(true))
479
 
                                                        {
480
 
                                                                delete_attachments('user', $user_id);
481
 
 
482
 
                                                                add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
483
 
                                                                trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
484
 
                                                        }
485
 
                                                        else
486
 
                                                        {
487
 
                                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
488
 
                                                                        'u'                             => $user_id,
489
 
                                                                        'i'                             => $id,
490
 
                                                                        'mode'                  => $mode,
491
 
                                                                        'action'                => $action,
492
 
                                                                        'update'                => true))
493
 
                                                                );
494
 
                                                        }
495
 
                                                
496
 
                                                break;
497
 
                                                
498
 
                                                case 'moveposts':
499
 
 
500
 
                                                        if (!check_form_key($form_name))
501
 
                                                        {
502
 
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
503
 
                                                        }
504
 
 
505
 
                                                        $user->add_lang('acp/forums');
506
 
 
507
 
                                                        $new_forum_id = request_var('new_f', 0);
508
 
 
509
 
                                                        if (!$new_forum_id)
510
 
                                                        {
511
 
                                                                $this->page_title = 'USER_ADMIN_MOVE_POSTS';
512
 
 
513
 
                                                                $template->assign_vars(array(
514
 
                                                                        'S_SELECT_FORUM'                => true,
515
 
                                                                        'U_ACTION'                              => $this->u_action . "&amp;action=$action&amp;u=$user_id",
516
 
                                                                        'U_BACK'                                => $this->u_action . "&amp;u=$user_id",
517
 
                                                                        'S_FORUM_OPTIONS'               => make_forum_select(false, false, false, true))
518
 
                                                                );
519
 
 
520
 
                                                                return;
521
 
                                                        }
522
 
 
523
 
                                                        // Is the new forum postable to?
524
 
                                                        $sql = 'SELECT forum_name, forum_type
525
 
                                                                FROM ' . FORUMS_TABLE . "
526
 
                                                                WHERE forum_id = $new_forum_id";
527
 
                                                        $result = $db->sql_query($sql);
528
 
                                                        $forum_info = $db->sql_fetchrow($result);
529
 
                                                        $db->sql_freeresult($result);
530
 
 
531
 
                                                        if (!$forum_info)
532
 
                                                        {
533
 
                                                                trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
534
 
                                                        }
535
 
 
536
 
                                                        if ($forum_info['forum_type'] != FORUM_POST)
537
 
                                                        {
538
 
                                                                trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
539
 
                                                        }
540
 
 
541
 
                                                        // Two stage?
542
 
                                                        // Move topics comprising only posts from this user
543
 
                                                        $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
544
 
                                                        $forum_id_ary = array($new_forum_id);
545
 
 
546
 
                                                        $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts
547
 
                                                                FROM ' . POSTS_TABLE . "
548
 
                                                                WHERE poster_id = $user_id
549
 
                                                                        AND forum_id <> $new_forum_id
550
 
                                                                GROUP BY topic_id";
551
 
                                                        $result = $db->sql_query($sql);
552
 
 
553
 
                                                        while ($row = $db->sql_fetchrow($result))
554
 
                                                        {
555
 
                                                                $topic_id_ary[$row['topic_id']] = $row['total_posts'];
556
 
                                                        }
557
 
                                                        $db->sql_freeresult($result);
558
 
 
559
 
                                                        if (sizeof($topic_id_ary))
560
 
                                                        {
561
 
                                                                $sql = 'SELECT topic_id, forum_id, topic_title, topic_replies, topic_replies_real, topic_attachment
562
 
                                                                        FROM ' . TOPICS_TABLE . '
563
 
                                                                        WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
564
 
                                                                $result = $db->sql_query($sql);
565
 
 
566
 
                                                                while ($row = $db->sql_fetchrow($result))
567
 
                                                                {
568
 
                                                                        if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']])
569
 
                                                                        {
570
 
                                                                                $move_topic_ary[] = $row['topic_id'];
571
 
                                                                        }
572
 
                                                                        else
573
 
                                                                        {
574
 
                                                                                $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
575
 
                                                                                $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
576
 
                                                                        }
577
 
 
578
 
                                                                        $forum_id_ary[] = $row['forum_id'];
579
 
                                                                }
580
 
                                                                $db->sql_freeresult($result);
581
 
                                                        }
582
 
 
583
 
                                                        // Entire topic comprises posts by this user, move these topics
584
 
                                                        if (sizeof($move_topic_ary))
585
 
                                                        {
586
 
                                                                move_topics($move_topic_ary, $new_forum_id, false);
587
 
                                                        }
588
 
 
589
 
                                                        if (sizeof($move_post_ary))
590
 
                                                        {
591
 
                                                                // Create new topic
592
 
                                                                // Update post_ids, report_ids, attachment_ids
593
 
                                                                foreach ($move_post_ary as $topic_id => $post_ary)
594
 
                                                                {
595
 
                                                                        // Create new topic
596
 
                                                                        $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
597
 
                                                                                'topic_poster'                          => $user_id,
598
 
                                                                                'topic_time'                            => time(),
599
 
                                                                                'forum_id'                                      => $new_forum_id,
600
 
                                                                                'icon_id'                                       => 0,
601
 
                                                                                'topic_approved'                        => 1,
602
 
                                                                                'topic_title'                           => $post_ary['title'],
603
 
                                                                                'topic_first_poster_name'       => $user_row['username'],
604
 
                                                                                'topic_type'                            => POST_NORMAL,
605
 
                                                                                'topic_time_limit'                      => 0,
606
 
                                                                                'topic_attachment'                      => $post_ary['attach'])
607
 
                                                                        );
608
 
                                                                        $db->sql_query($sql);
609
 
 
610
 
                                                                        $new_topic_id = $db->sql_nextid();
611
 
 
612
 
                                                                        // Move posts
613
 
                                                                        $sql = 'UPDATE ' . POSTS_TABLE . "
614
 
                                                                                SET forum_id = $new_forum_id, topic_id = $new_topic_id
615
 
                                                                                WHERE topic_id = $topic_id
616
 
                                                                                        AND poster_id = $user_id";
617
 
                                                                        $db->sql_query($sql);
618
 
 
619
 
                                                                        if ($post_ary['attach'])
620
 
                                                                        {
621
 
                                                                                $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
622
 
                                                                                        SET topic_id = $new_topic_id
623
 
                                                                                        WHERE topic_id = $topic_id
624
 
                                                                                                AND poster_id = $user_id";
625
 
                                                                                $db->sql_query($sql);
626
 
                                                                        }
627
 
 
628
 
                                                                        $new_topic_id_ary[] = $new_topic_id;
629
 
                                                                }
630
 
                                                        }
631
 
 
632
 
                                                        $forum_id_ary = array_unique($forum_id_ary);
633
 
                                                        $topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary));
634
 
 
635
 
                                                        if (sizeof($topic_id_ary))
636
 
                                                        {
637
 
                                                                sync('reported', 'topic_id', $topic_id_ary);
638
 
                                                                sync('topic', 'topic_id', $topic_id_ary);
639
 
                                                        }
640
 
 
641
 
                                                        if (sizeof($forum_id_ary))
642
 
                                                        {
643
 
                                                                sync('forum', 'forum_id', $forum_id_ary, false, true);
644
 
                                                        }
645
 
 
646
 
 
647
 
                                                        add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
648
 
                                                        add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
649
 
 
650
 
                                                        trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
651
 
 
652
 
                                                break;
653
 
                                        }
654
 
 
655
 
                                        // Handle registration info updates
656
 
                                        $data = array(
657
 
                                                'username'                      => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
658
 
                                                'user_founder'          => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
659
 
                                                'email'                         => strtolower(request_var('user_email', $user_row['user_email'])),
660
 
                                                'email_confirm'         => strtolower(request_var('email_confirm', '')),
661
 
                                                'new_password'          => request_var('new_password', '', true),
662
 
                                                'password_confirm'      => request_var('password_confirm', '', true),
663
 
                                        );
664
 
 
665
 
                                        // Validation data - we do not check the password complexity setting here
666
 
                                        $check_ary = array(
667
 
                                                'new_password'          => array(
668
 
                                                        array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
669
 
                                                        array('password')),
670
 
                                                'password_confirm'      => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
671
 
                                        );
672
 
 
673
 
                                        // Check username if altered
674
 
                                        if ($data['username'] != $user_row['username'])
675
 
                                        {
676
 
                                                $check_ary += array(
677
 
                                                        'username'                      => array(
678
 
                                                                array('string', false, $config['min_name_chars'], $config['max_name_chars']),
679
 
                                                                array('username', $user_row['username'])
680
 
                                                        ),
681
 
                                                );
682
 
                                        }
683
 
 
684
 
                                        // Check email if altered
685
 
                                        if ($data['email'] != $user_row['user_email'])
686
 
                                        {
687
 
                                                $check_ary += array(
688
 
                                                        'email'                         => array(
689
 
                                                                array('string', false, 6, 60),
690
 
                                                                array('email', $user_row['user_email'])
691
 
                                                        ),
692
 
                                                        'email_confirm'         => array('string', true, 6, 60)
693
 
                                                );
694
 
                                        }
695
 
 
696
 
                                        $error = validate_data($data, $check_ary);
697
 
 
698
 
                                        if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
699
 
                                        {
700
 
                                                $error[] = 'NEW_PASSWORD_ERROR';
701
 
                                        }
702
 
 
703
 
                                        if ($data['email'] != $user_row['user_email'] && $data['email_confirm'] != $data['email'])
704
 
                                        {
705
 
                                                $error[] = 'NEW_EMAIL_ERROR';
706
 
                                        }
707
 
 
708
 
                                        if (!check_form_key($form_name))
709
 
                                        {
710
 
                                                $error[] = 'FORM_INVALID';
711
 
                                        }
712
 
 
713
 
                                        // Which updates do we need to do?
714
 
                                        $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
715
 
                                        $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
716
 
                                        $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
717
 
 
718
 
                                        if (!sizeof($error))
719
 
                                        {
720
 
                                                $sql_ary = array();
721
 
 
722
 
                                                if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
723
 
                                                {
724
 
                                                        // Only allow founders updating the founder status...
725
 
                                                        if ($user->data['user_type'] == USER_FOUNDER)
726
 
                                                        {
727
 
                                                                // Setting a normal member to be a founder
728
 
                                                                if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
729
 
                                                                {
730
 
                                                                        // Make sure the user is not setting an Inactive or ignored user to be a founder
731
 
                                                                        if ($user_row['user_type'] == USER_IGNORE)
732
 
                                                                        {
733
 
                                                                                trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
734
 
                                                                        }
735
 
 
736
 
                                                                        if ($user_row['user_type'] == USER_INACTIVE)
737
 
                                                                        {
738
 
                                                                                trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
739
 
                                                                        }
740
 
 
741
 
                                                                        $sql_ary['user_type'] = USER_FOUNDER;
742
 
                                                                }
743
 
                                                                else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
744
 
                                                                {
745
 
                                                                        // Check if at least one founder is present
746
 
                                                                        $sql = 'SELECT user_id
747
 
                                                                                FROM ' . USERS_TABLE . '
748
 
                                                                                WHERE user_type = ' . USER_FOUNDER . '
749
 
                                                                                        AND user_id <> ' . $user_id;
750
 
                                                                        $result = $db->sql_query_limit($sql, 1);
751
 
                                                                        $row = $db->sql_fetchrow($result);
752
 
                                                                        $db->sql_freeresult($result);
753
 
 
754
 
                                                                        if ($row)
755
 
                                                                        {
756
 
                                                                                $sql_ary['user_type'] = USER_NORMAL;
757
 
                                                                        }
758
 
                                                                        else
759
 
                                                                        {
760
 
                                                                                trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
761
 
                                                                        }
762
 
                                                                }
763
 
                                                        }
764
 
                                                }
765
 
 
766
 
                                                if ($update_username !== false)
767
 
                                                {
768
 
                                                        $sql_ary['username'] = $update_username;
769
 
                                                        $sql_ary['username_clean'] = utf8_clean_string($update_username);
770
 
 
771
 
                                                        add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
772
 
                                                }
773
 
 
774
 
                                                if ($update_email !== false)
775
 
                                                {
776
 
                                                        $sql_ary += array(
777
 
                                                                'user_email'            => $update_email,
778
 
                                                                'user_email_hash'       => crc32($update_email) . strlen($update_email)
779
 
                                                        );
780
 
 
781
 
                                                        add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
782
 
                                                }
783
 
 
784
 
                                                if ($update_password)
785
 
                                                {
786
 
                                                        $sql_ary += array(
787
 
                                                                'user_password'         => phpbb_hash($data['new_password']),
788
 
                                                                'user_passchg'          => time(),
789
 
                                                                'user_pass_convert'     => 0,
790
 
                                                        );
791
 
 
792
 
                                                        $user->reset_login_keys($user_id);
793
 
                                                        add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
794
 
                                                }
795
 
 
796
 
                                                if (sizeof($sql_ary))
797
 
                                                {
798
 
                                                        $sql = 'UPDATE ' . USERS_TABLE . '
799
 
                                                                SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
800
 
                                                                WHERE user_id = ' . $user_id;
801
 
                                                        $db->sql_query($sql);
802
 
                                                }
803
 
 
804
 
                                                if ($update_username)
805
 
                                                {
806
 
                                                        user_update_name($user_row['username'], $update_username);
807
 
                                                }
808
 
 
809
 
                                                // Let the users permissions being updated
810
 
                                                $auth->acl_clear_prefetch($user_id);
811
 
 
812
 
                                                add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
813
 
 
814
 
                                                trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
815
 
                                        }
816
 
 
817
 
                                        // Replace "error" strings with their real, localised form
818
 
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
819
 
                                }
820
 
 
821
 
                                if ($user_id == $user->data['user_id'])
822
 
                                {
823
 
                                        $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
824
 
                                }
825
 
                                else
826
 
                                {
827
 
                                        $quick_tool_ary = array();
828
 
 
829
 
                                        if ($user_row['user_type'] != USER_FOUNDER)
830
 
                                        {
831
 
                                                $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
832
 
                                        }
833
 
 
834
 
                                        if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
835
 
                                        {
836
 
                                                $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
837
 
                                        }
838
 
                                        
839
 
                                        $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
840
 
                                        
841
 
                                        if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
842
 
                                        {
843
 
                                                $quick_tool_ary['reactivate'] = 'FORCE';
844
 
                                        }
845
 
                                }
846
 
 
847
 
                                $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
848
 
                                foreach ($quick_tool_ary as $value => $lang)
849
 
                                {
850
 
                                        $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
851
 
                                }
852
 
 
853
 
                                if ($config['load_onlinetrack'])
854
 
                                {
855
 
                                        $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
856
 
                                                FROM ' . SESSIONS_TABLE . "
857
 
                                                WHERE session_user_id = $user_id";
858
 
                                        $result = $db->sql_query($sql);
859
 
                                        $row = $db->sql_fetchrow($result);
860
 
                                        $db->sql_freeresult($result);
861
 
 
862
 
                                        $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
863
 
                                        $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
864
 
                                        unset($row);
865
 
                                }
866
 
 
867
 
                                $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
868
 
 
869
 
                                $inactive_reason = '';
870
 
                                if ($user_row['user_type'] == USER_INACTIVE)
871
 
                                {
872
 
                                        $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
873
 
 
874
 
                                        switch ($user_row['user_inactive_reason'])
875
 
                                        {
876
 
                                                case INACTIVE_REGISTER:
877
 
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
878
 
                                                break;
879
 
 
880
 
                                                case INACTIVE_PROFILE:
881
 
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
882
 
                                                break;
883
 
 
884
 
                                                case INACTIVE_MANUAL:
885
 
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
886
 
                                                break;
887
 
 
888
 
                                                case INACTIVE_REMIND:
889
 
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
890
 
                                                break;
891
 
                                        }
892
 
                                }
893
 
 
894
 
                                $template->assign_vars(array(
895
 
                                        'L_NAME_CHARS_EXPLAIN'          => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
896
 
                                        'L_CHANGE_PASSWORD_EXPLAIN'     => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
897
 
                                        'S_FOUNDER'                                     => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
898
 
 
899
 
                                        'S_OVERVIEW'            => true,
900
 
                                        'S_USER_IP'                     => ($user_row['user_ip']) ? true : false,
901
 
                                        'S_USER_FOUNDER'        => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
902
 
                                        'S_ACTION_OPTIONS'      => $s_action_options,
903
 
                                        'S_OWN_ACCOUNT'         => ($user_id == $user->data['user_id']) ? true : false,
904
 
                                        'S_USER_INACTIVE'       => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
905
 
 
906
 
                                        'U_SHOW_IP'             => $this->u_action . "&amp;u=$user_id&amp;ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
907
 
                                        'U_WHOIS'               => $this->u_action . "&amp;action=whois&amp;user_ip={$user_row['user_ip']}",
908
 
 
909
 
                                        'U_SWITCH_PERMISSIONS'  => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_row['user_id']}") : '',
910
 
 
911
 
                                        'USER'                          => $user_row['username'],
912
 
                                        'USER_REGISTERED'       => $user->format_date($user_row['user_regdate']),
913
 
                                        'REGISTERED_IP'         => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
914
 
                                        'USER_LASTACTIVE'       => ($last_visit) ? $user->format_date($last_visit) : ' - ',
915
 
                                        'USER_EMAIL'            => $user_row['user_email'],
916
 
                                        'USER_WARNINGS'         => $user_row['user_warnings'],
917
 
                                        'USER_POSTS'            => $user_row['user_posts'],
918
 
                                        'USER_INACTIVE_REASON'  => $inactive_reason,
919
 
                                ));
920
 
 
921
 
                        break;
922
 
 
923
 
                        case 'feedback':
924
 
 
925
 
                                $user->add_lang('mcp');
926
 
                                
927
 
                                // Set up general vars
928
 
                                $start          = request_var('start', 0);
929
 
                                $deletemark = (isset($_POST['delmarked'])) ? true : false;
930
 
                                $deleteall      = (isset($_POST['delall'])) ? true : false;
931
 
                                $marked         = request_var('mark', array(0));
932
 
                                $message        = utf8_normalize_nfc(request_var('message', '', true));
933
 
 
934
 
                                // Sort keys
935
 
                                $sort_days      = request_var('st', 0);
936
 
                                $sort_key       = request_var('sk', 't');
937
 
                                $sort_dir       = request_var('sd', 'd');
938
 
 
939
 
                                // Delete entries if requested and able
940
 
                                if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
941
 
                                {
942
 
                                        if (!check_form_key($form_name))
943
 
                                        {
944
 
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
945
 
                                        }
946
 
 
947
 
                                        $where_sql = '';
948
 
                                        if ($deletemark && $marked)
949
 
                                        {
950
 
                                                $sql_in = array();
951
 
                                                foreach ($marked as $mark)
952
 
                                                {
953
 
                                                        $sql_in[] = $mark;
954
 
                                                }
955
 
                                                $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
956
 
                                                unset($sql_in);
957
 
                                        }
958
 
 
959
 
                                        if ($where_sql || $deleteall)
960
 
                                        {
961
 
                                                $sql = 'DELETE FROM ' . LOG_TABLE . '
962
 
                                                        WHERE log_type = ' . LOG_USERS . "
963
 
                                                        $where_sql";
964
 
                                                $db->sql_query($sql);
965
 
 
966
 
                                                add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
967
 
                                        }
968
 
                                }
969
 
 
970
 
                                if ($submit && $message)
971
 
                                {
972
 
                                        if (!check_form_key($form_name))
973
 
                                        {
974
 
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
975
 
                                        }
976
 
 
977
 
                                        add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
978
 
                                        add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
979
 
                                        add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
980
 
 
981
 
                                        trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
982
 
                                }
983
 
                                
984
 
                                // Sorting
985
 
                                $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
986
 
                                $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
987
 
                                $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
988
 
 
989
 
                                $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
990
 
                                gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
991
 
 
992
 
                                // Define where and sort sql for use in displaying logs
993
 
                                $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
994
 
                                $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
995
 
 
996
 
                                // Grab log data
997
 
                                $log_data = array();
998
 
                                $log_count = 0;
999
 
                                view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
1000
 
 
1001
 
                                $template->assign_vars(array(
1002
 
                                        'S_FEEDBACK'    => true,
1003
 
                                        'S_ON_PAGE'             => on_page($log_count, $config['topics_per_page'], $start),
1004
 
                                        'PAGINATION'    => generate_pagination($this->u_action . "&amp;u=$user_id&amp;$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
1005
 
 
1006
 
                                        'S_LIMIT_DAYS'  => $s_limit_days,
1007
 
                                        'S_SORT_KEY'    => $s_sort_key,
1008
 
                                        'S_SORT_DIR'    => $s_sort_dir,
1009
 
                                        'S_CLEARLOGS'   => $auth->acl_get('a_clearlogs'))
1010
 
                                );
1011
 
 
1012
 
                                foreach ($log_data as $row)
1013
 
                                {
1014
 
                                        $template->assign_block_vars('log', array(
1015
 
                                                'USERNAME'              => $row['username_full'],
1016
 
                                                'IP'                    => $row['ip'],
1017
 
                                                'DATE'                  => $user->format_date($row['time']),
1018
 
                                                'ACTION'                => nl2br($row['action']),
1019
 
                                                'ID'                    => $row['id'])
1020
 
                                        );
1021
 
                                }
1022
 
 
1023
 
                        break;
1024
 
 
1025
 
                        case 'profile':
1026
 
 
1027
 
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1028
 
                                include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
1029
 
 
1030
 
                                $cp = new custom_profile();
1031
 
 
1032
 
                                $cp_data = $cp_error = array();
1033
 
 
1034
 
                                $sql = 'SELECT lang_id
1035
 
                                        FROM ' . LANG_TABLE . "
1036
 
                                        WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
1037
 
                                $result = $db->sql_query($sql);
1038
 
                                $row = $db->sql_fetchrow($result);
1039
 
                                $db->sql_freeresult($result);
1040
 
 
1041
 
                                $user_row['iso_lang_id'] = $row['lang_id'];
1042
 
 
1043
 
                                $data = array(
1044
 
                                        'icq'                   => request_var('icq', $user_row['user_icq']),
1045
 
                                        'aim'                   => request_var('aim', $user_row['user_aim']),
1046
 
                                        'msn'                   => request_var('msn', $user_row['user_msnm']),
1047
 
                                        'yim'                   => request_var('yim', $user_row['user_yim']),
1048
 
                                        'jabber'                => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
1049
 
                                        'website'               => request_var('website', $user_row['user_website']),
1050
 
                                        'location'              => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
1051
 
                                        'occupation'    => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
1052
 
                                        'interests'             => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
1053
 
                                        'bday_day'              => 0,
1054
 
                                        'bday_month'    => 0,
1055
 
                                        'bday_year'             => 0,
1056
 
                                );
1057
 
 
1058
 
                                if ($user_row['user_birthday'])
1059
 
                                {
1060
 
                                        list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
1061
 
                                }
1062
 
 
1063
 
                                $data['bday_day'] = request_var('bday_day', $data['bday_day']);
1064
 
                                $data['bday_month'] = request_var('bday_month', $data['bday_month']);
1065
 
                                $data['bday_year'] = request_var('bday_year', $data['bday_year']);
1066
 
 
1067
 
                                if ($submit)
1068
 
                                {
1069
 
                                        $error = validate_data($data, array(
1070
 
                                                'icq'                   => array(
1071
 
                                                        array('string', true, 3, 15),
1072
 
                                                        array('match', true, '#^[0-9]+$#i')),
1073
 
                                                'aim'                   => array('string', true, 3, 255),
1074
 
                                                'msn'                   => array('string', true, 5, 255),
1075
 
                                                'jabber'                => array(
1076
 
                                                        array('string', true, 5, 255),
1077
 
                                                        array('jabber')),
1078
 
                                                'yim'                   => array('string', true, 5, 255),
1079
 
                                                'website'               => array(
1080
 
                                                        array('string', true, 12, 255),
1081
 
                                                        array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
1082
 
                                                'location'              => array('string', true, 2, 255),
1083
 
                                                'occupation'    => array('string', true, 2, 500),
1084
 
                                                'interests'             => array('string', true, 2, 500),
1085
 
                                                'bday_day'              => array('num', true, 1, 31),
1086
 
                                                'bday_month'    => array('num', true, 1, 12),
1087
 
                                                'bday_year'             => array('num', true, 1901, gmdate('Y', time())),
1088
 
                                        ));
1089
 
 
1090
 
                                        // validate custom profile fields
1091
 
                                        $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
1092
 
 
1093
 
                                        if (sizeof($cp_error))
1094
 
                                        {
1095
 
                                                $error = array_merge($error, $cp_error);
1096
 
                                        }
1097
 
                                        if (!check_form_key($form_name))
1098
 
                                        {
1099
 
                                                $error[] = 'FORM_INVALID';
1100
 
                                        }
1101
 
 
1102
 
                                        if (!sizeof($error))
1103
 
                                        {
1104
 
                                                $sql_ary = array(
1105
 
                                                        'user_icq'              => $data['icq'],
1106
 
                                                        'user_aim'              => $data['aim'],
1107
 
                                                        'user_msnm'             => $data['msn'],
1108
 
                                                        'user_yim'              => $data['yim'],
1109
 
                                                        'user_jabber'   => $data['jabber'],
1110
 
                                                        'user_website'  => $data['website'],
1111
 
                                                        'user_from'             => $data['location'],
1112
 
                                                        'user_occ'              => $data['occupation'],
1113
 
                                                        'user_interests'=> $data['interests'],
1114
 
                                                        'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
1115
 
                                                );
1116
 
 
1117
 
                                                $sql = 'UPDATE ' . USERS_TABLE . '
1118
 
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1119
 
                                                        WHERE user_id = $user_id";
1120
 
                                                $db->sql_query($sql);
1121
 
 
1122
 
                                                // Update Custom Fields
1123
 
                                                if (sizeof($cp_data))
1124
 
                                                {
1125
 
                                                        switch ($db->sql_layer)
1126
 
                                                        {
1127
 
                                                                case 'oracle':
1128
 
                                                                case 'firebird':
1129
 
                                                                case 'postgres':
1130
 
                                                                        $right_delim = $left_delim = '"';
1131
 
                                                                break;
1132
 
 
1133
 
                                                                case 'sqlite':
1134
 
                                                                case 'mssql':
1135
 
                                                                case 'mssql_odbc':
1136
 
                                                                        $right_delim = ']';
1137
 
                                                                        $left_delim = '[';
1138
 
                                                                break;
1139
 
 
1140
 
                                                                case 'mysql':
1141
 
                                                                case 'mysql4':
1142
 
                                                                case 'mysqli':
1143
 
                                                                        $right_delim = $left_delim = '`';
1144
 
                                                                break;
1145
 
                                                        }
1146
 
 
1147
 
                                                        foreach ($cp_data as $key => $value)
1148
 
                                                        {
1149
 
                                                                $cp_data[$left_delim . $key . $right_delim] = $value;
1150
 
                                                                unset($cp_data[$key]);
1151
 
                                                        }
1152
 
 
1153
 
                                                        $sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . '
1154
 
                                                                SET ' . $db->sql_build_array('UPDATE', $cp_data) . "
1155
 
                                                                WHERE user_id = $user_id";
1156
 
                                                        $db->sql_query($sql);
1157
 
 
1158
 
                                                        if (!$db->sql_affectedrows())
1159
 
                                                        {
1160
 
                                                                $cp_data['user_id'] = (int) $user_id;
1161
 
 
1162
 
                                                                $db->sql_return_on_error(true);
1163
 
 
1164
 
                                                                $sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $cp_data);
1165
 
                                                                $db->sql_query($sql);
1166
 
 
1167
 
                                                                $db->sql_return_on_error(false);
1168
 
                                                        }
1169
 
                                                }
1170
 
 
1171
 
                                                trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1172
 
                                        }
1173
 
 
1174
 
                                        // Replace "error" strings with their real, localised form
1175
 
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1176
 
                                }
1177
 
 
1178
 
                                $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
1179
 
                                for ($i = 1; $i < 32; $i++)
1180
 
                                {
1181
 
                                        $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
1182
 
                                        $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
1183
 
                                }
1184
 
 
1185
 
                                $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
1186
 
                                for ($i = 1; $i < 13; $i++)
1187
 
                                {
1188
 
                                        $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
1189
 
                                        $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
1190
 
                                }
1191
 
                                $s_birthday_year_options = '';
1192
 
 
1193
 
                                $now = getdate();
1194
 
                                $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
1195
 
                                for ($i = $now['year'] - 100; $i < $now['year']; $i++)
1196
 
                                {
1197
 
                                        $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
1198
 
                                        $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
1199
 
                                }
1200
 
                                unset($now);
1201
 
 
1202
 
                                $template->assign_vars(array(
1203
 
                                        'ICQ'                   => $data['icq'],
1204
 
                                        'YIM'                   => $data['yim'],
1205
 
                                        'AIM'                   => $data['aim'],
1206
 
                                        'MSN'                   => $data['msn'],
1207
 
                                        'JABBER'                => $data['jabber'],
1208
 
                                        'WEBSITE'               => $data['website'],
1209
 
                                        'LOCATION'              => $data['location'],
1210
 
                                        'OCCUPATION'    => $data['occupation'],
1211
 
                                        'INTERESTS'             => $data['interests'],
1212
 
 
1213
 
                                        'S_BIRTHDAY_DAY_OPTIONS'        => $s_birthday_day_options,
1214
 
                                        'S_BIRTHDAY_MONTH_OPTIONS'      => $s_birthday_month_options,
1215
 
                                        'S_BIRTHDAY_YEAR_OPTIONS'       => $s_birthday_year_options,
1216
 
                                                
1217
 
                                        'S_PROFILE'             => true)
1218
 
                                );
1219
 
 
1220
 
                                // Get additional profile fields and assign them to the template block var 'profile_fields'
1221
 
                                $user->get_profile_fields($user_id);
1222
 
 
1223
 
                                $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
1224
 
 
1225
 
                        break;
1226
 
 
1227
 
                        case 'prefs':
1228
 
 
1229
 
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1230
 
 
1231
 
                                $data = array(
1232
 
                                        'dateformat'            => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
1233
 
                                        'lang'                          => basename(request_var('lang', $user_row['user_lang'])),
1234
 
                                        'tz'                            => request_var('tz', (float) $user_row['user_timezone']),
1235
 
                                        'style'                         => request_var('style', $user_row['user_style']),
1236
 
                                        'dst'                           => request_var('dst', $user_row['user_dst']),
1237
 
                                        'viewemail'                     => request_var('viewemail', $user_row['user_allow_viewemail']),
1238
 
                                        'massemail'                     => request_var('massemail', $user_row['user_allow_massemail']),
1239
 
                                        'hideonline'            => request_var('hideonline', !$user_row['user_allow_viewonline']),
1240
 
                                        'notifymethod'          => request_var('notifymethod', $user_row['user_notify_type']),
1241
 
                                        'notifypm'                      => request_var('notifypm', $user_row['user_notify_pm']),
1242
 
                                        'popuppm'                       => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
1243
 
                                        'allowpm'                       => request_var('allowpm', $user_row['user_allow_pm']),
1244
 
 
1245
 
                                        'topic_sk'                      => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
1246
 
                                        'topic_sd'                      => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
1247
 
                                        'topic_st'                      => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
1248
 
 
1249
 
                                        'post_sk'                       => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
1250
 
                                        'post_sd'                       => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
1251
 
                                        'post_st'                       => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
1252
 
 
1253
 
                                        'view_images'           => request_var('view_images', $this->optionget($user_row, 'viewimg')),
1254
 
                                        'view_flash'            => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
1255
 
                                        'view_smilies'          => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
1256
 
                                        'view_sigs'                     => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
1257
 
                                        'view_avatars'          => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
1258
 
                                        'view_wordcensor'       => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
1259
 
 
1260
 
                                        'bbcode'        => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
1261
 
                                        'smilies'       => request_var('smilies', $this->optionget($user_row, 'smilies')),
1262
 
                                        'sig'           => request_var('sig', $this->optionget($user_row, 'attachsig')),
1263
 
                                        'notify'        => request_var('notify', $user_row['user_notify']),
1264
 
                                );
1265
 
 
1266
 
                                if ($submit)
1267
 
                                {
1268
 
                                        $error = validate_data($data, array(
1269
 
                                                'dateformat'    => array('string', false, 1, 30),
1270
 
                                                'lang'                  => array('match', false, '#^[a-z_\-]{2,}$#i'),
1271
 
                                                'tz'                    => array('num', false, -14, 14),
1272
 
 
1273
 
                                                'topic_sk'              => array('string', false, 1, 1),
1274
 
                                                'topic_sd'              => array('string', false, 1, 1),
1275
 
                                                'post_sk'               => array('string', false, 1, 1),
1276
 
                                                'post_sd'               => array('string', false, 1, 1),
1277
 
                                        ));
1278
 
 
1279
 
                                        if (!check_form_key($form_name))
1280
 
                                        {
1281
 
                                                $error[] = 'FORM_INVALID';
1282
 
                                        }
1283
 
 
1284
 
                                        if (!sizeof($error))
1285
 
                                        {
1286
 
                                                $this->optionset($user_row, 'popuppm', $data['popuppm']);
1287
 
                                                $this->optionset($user_row, 'viewimg', $data['view_images']);
1288
 
                                                $this->optionset($user_row, 'viewflash', $data['view_flash']);
1289
 
                                                $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
1290
 
                                                $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
1291
 
                                                $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
1292
 
                                                $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
1293
 
                                                $this->optionset($user_row, 'bbcode', $data['bbcode']);
1294
 
                                                $this->optionset($user_row, 'smilies', $data['smilies']);
1295
 
                                                $this->optionset($user_row, 'attachsig', $data['sig']);
1296
 
 
1297
 
                                                $sql_ary = array(
1298
 
                                                        'user_options'                  => $user_row['user_options'],
1299
 
 
1300
 
                                                        'user_allow_pm'                 => $data['allowpm'],
1301
 
                                                        'user_allow_viewemail'  => $data['viewemail'],
1302
 
                                                        'user_allow_massemail'  => $data['massemail'],
1303
 
                                                        'user_allow_viewonline' => !$data['hideonline'],
1304
 
                                                        'user_notify_type'              => $data['notifymethod'],
1305
 
                                                        'user_notify_pm'                => $data['notifypm'],
1306
 
 
1307
 
                                                        'user_dst'                              => $data['dst'],
1308
 
                                                        'user_dateformat'               => $data['dateformat'],
1309
 
                                                        'user_lang'                             => $data['lang'],
1310
 
                                                        'user_timezone'                 => $data['tz'],
1311
 
                                                        'user_style'                    => $data['style'],
1312
 
 
1313
 
                                                        'user_topic_sortby_type'        => $data['topic_sk'],
1314
 
                                                        'user_post_sortby_type'         => $data['post_sk'],
1315
 
                                                        'user_topic_sortby_dir'         => $data['topic_sd'],
1316
 
                                                        'user_post_sortby_dir'          => $data['post_sd'],
1317
 
 
1318
 
                                                        'user_topic_show_days'  => $data['topic_st'],
1319
 
                                                        'user_post_show_days'   => $data['post_st'],
1320
 
 
1321
 
                                                        'user_notify'   => $data['notify'],
1322
 
                                                );
1323
 
 
1324
 
                                                $sql = 'UPDATE ' . USERS_TABLE . '
1325
 
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
1326
 
                                                        WHERE user_id = $user_id";
1327
 
                                                $db->sql_query($sql);
1328
 
 
1329
 
                                                trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1330
 
                                        }
1331
 
 
1332
 
                                        // Replace "error" strings with their real, localised form
1333
 
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1334
 
                                }
1335
 
 
1336
 
                                $dateformat_options = '';
1337
 
                                foreach ($user->lang['dateformats'] as $format => $null)
1338
 
                                {
1339
 
                                        $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
1340
 
                                        $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
1341
 
                                        $dateformat_options .= '</option>';
1342
 
                                }
1343
 
 
1344
 
                                $s_custom = false;
1345
 
 
1346
 
                                $dateformat_options .= '<option value="custom"';
1347
 
                                if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
1348
 
                                {
1349
 
                                        $dateformat_options .= ' selected="selected"';
1350
 
                                        $s_custom = true;
1351
 
                                }
1352
 
                                $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
1353
 
 
1354
 
                                $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1355
 
 
1356
 
                                // Topic ordering options
1357
 
                                $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1358
 
                                $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
1359
 
 
1360
 
                                // Post ordering options
1361
 
                                $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
1362
 
                                $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
1363
 
 
1364
 
                                $_options = array('topic', 'post');
1365
 
                                foreach ($_options as $sort_option)
1366
 
                                {
1367
 
                                        ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
1368
 
                                        foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
1369
 
                                        {
1370
 
                                                $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
1371
 
                                                ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
1372
 
                                        }
1373
 
                                        ${'s_limit_' . $sort_option . '_days'} .= '</select>';
1374
 
 
1375
 
                                        ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
1376
 
                                        foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
1377
 
                                        {
1378
 
                                                $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
1379
 
                                                ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
1380
 
                                        }
1381
 
                                        ${'s_sort_' . $sort_option . '_key'} .= '</select>';
1382
 
 
1383
 
                                        ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
1384
 
                                        foreach ($sort_dir_text as $key => $value)
1385
 
                                        {
1386
 
                                                $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
1387
 
                                                ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1388
 
                                        }
1389
 
                                        ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
1390
 
                                }
1391
 
 
1392
 
                                $template->assign_vars(array(
1393
 
                                        'S_PREFS'                       => true,
1394
 
                                        'S_JABBER_DISABLED'     => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
1395
 
                                        
1396
 
                                        'VIEW_EMAIL'            => $data['viewemail'],
1397
 
                                        'MASS_EMAIL'            => $data['massemail'],
1398
 
                                        'ALLOW_PM'                      => $data['allowpm'],
1399
 
                                        'HIDE_ONLINE'           => $data['hideonline'],
1400
 
                                        'NOTIFY_EMAIL'          => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
1401
 
                                        'NOTIFY_IM'                     => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
1402
 
                                        'NOTIFY_BOTH'           => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
1403
 
                                        'NOTIFY_PM'                     => $data['notifypm'],
1404
 
                                        'POPUP_PM'                      => $data['popuppm'],
1405
 
                                        'DST'                           => $data['dst'],
1406
 
                                        'BBCODE'                        => $data['bbcode'],
1407
 
                                        'SMILIES'                       => $data['smilies'],
1408
 
                                        'ATTACH_SIG'            => $data['sig'],
1409
 
                                        'NOTIFY'                        => $data['notify'],
1410
 
                                        'VIEW_IMAGES'           => $data['view_images'],
1411
 
                                        'VIEW_FLASH'            => $data['view_flash'],
1412
 
                                        'VIEW_SMILIES'          => $data['view_smilies'],
1413
 
                                        'VIEW_SIGS'                     => $data['view_sigs'],
1414
 
                                        'VIEW_AVATARS'          => $data['view_avatars'],
1415
 
                                        'VIEW_WORDCENSOR'       => $data['view_wordcensor'],
1416
 
                                        
1417
 
                                        'S_TOPIC_SORT_DAYS'             => $s_limit_topic_days,
1418
 
                                        'S_TOPIC_SORT_KEY'              => $s_sort_topic_key,
1419
 
                                        'S_TOPIC_SORT_DIR'              => $s_sort_topic_dir,
1420
 
                                        'S_POST_SORT_DAYS'              => $s_limit_post_days,
1421
 
                                        'S_POST_SORT_KEY'               => $s_sort_post_key,
1422
 
                                        'S_POST_SORT_DIR'               => $s_sort_post_dir,
1423
 
 
1424
 
                                        'DATE_FORMAT'                   => $data['dateformat'],
1425
 
                                        'S_DATEFORMAT_OPTIONS'  => $dateformat_options,
1426
 
                                        'S_CUSTOM_DATEFORMAT'   => $s_custom,
1427
 
                                        'DEFAULT_DATEFORMAT'    => $config['default_dateformat'],
1428
 
                                        'A_DEFAULT_DATEFORMAT'  => addslashes($config['default_dateformat']),
1429
 
 
1430
 
                                        'S_LANG_OPTIONS'        => language_select($data['lang']),
1431
 
                                        'S_STYLE_OPTIONS'       => style_select($data['style']),
1432
 
                                        'S_TZ_OPTIONS'          => tz_select($data['tz'], true),
1433
 
                                        )
1434
 
                                );
1435
 
 
1436
 
                        break;
1437
 
 
1438
 
                        case 'avatar':
1439
 
 
1440
 
                                include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1441
 
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1442
 
 
1443
 
                                $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
1444
 
 
1445
 
                                if ($submit)
1446
 
                                {
1447
 
 
1448
 
                                        if (!check_form_key($form_name))
1449
 
                                        {
1450
 
                                                        trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1451
 
                                        }
1452
 
 
1453
 
                                        if (avatar_process_user($error, $user_row))
1454
 
                                        {
1455
 
                                                trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_row['user_id']));
1456
 
                                        }
1457
 
 
1458
 
                                        // Replace "error" strings with their real, localised form
1459
 
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1460
 
                                }
1461
 
 
1462
 
                                // Generate users avatar
1463
 
                                $avatar_img = ($user_row['user_avatar']) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
1464
 
 
1465
 
                                $display_gallery = (isset($_POST['display_gallery'])) ? true : false;
1466
 
                                $avatar_select = basename(request_var('avatar_select', ''));
1467
 
                                $category = basename(request_var('category', ''));
1468
 
 
1469
 
                                if ($config['allow_avatar_local'] && $display_gallery)
1470
 
                                {
1471
 
                                        avatar_gallery($category, $avatar_select, 4);
1472
 
                                }
1473
 
 
1474
 
                                $template->assign_vars(array(
1475
 
                                        'S_AVATAR'                      => true,
1476
 
                                        'S_CAN_UPLOAD'          => ($can_upload && $config['allow_avatar_upload']) ? true : false,
1477
 
                                        'S_ALLOW_REMOTE'        => ($config['allow_avatar_remote']) ? true : false,
1478
 
                                        'S_DISPLAY_GALLERY'     => ($config['allow_avatar_local'] && !$display_gallery) ? true : false,
1479
 
                                        'S_IN_GALLERY'          => ($config['allow_avatar_local'] && $display_gallery) ? true : false,
1480
 
 
1481
 
                                        'AVATAR_IMAGE'                  => $avatar_img,
1482
 
                                        'AVATAR_MAX_FILESIZE'   => $config['avatar_filesize'],
1483
 
                                        'USER_AVATAR_WIDTH'             => $user_row['user_avatar_width'],
1484
 
                                        'USER_AVATAR_HEIGHT'    => $user_row['user_avatar_height'],
1485
 
 
1486
 
                                        'L_AVATAR_EXPLAIN'      => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
1487
 
                                );
1488
 
 
1489
 
                        break;
1490
 
 
1491
 
                        case 'rank':
1492
 
 
1493
 
                                if ($submit)
1494
 
                                {
1495
 
                                        if (!check_form_key($form_name))
1496
 
                                        {
1497
 
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1498
 
                                        }
1499
 
 
1500
 
                                        $rank_id = request_var('user_rank', 0);
1501
 
 
1502
 
                                        $sql = 'UPDATE ' . USERS_TABLE . "
1503
 
                                                SET user_rank = $rank_id
1504
 
                                                WHERE user_id = $user_id";
1505
 
                                        $db->sql_query($sql);
1506
 
 
1507
 
                                        trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1508
 
                                }
1509
 
                                
1510
 
                                $sql = 'SELECT *
1511
 
                                        FROM ' . RANKS_TABLE . '
1512
 
                                        WHERE rank_special = 1
1513
 
                                        ORDER BY rank_title';
1514
 
                                $result = $db->sql_query($sql);
1515
 
 
1516
 
                                $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
1517
 
 
1518
 
                                while ($row = $db->sql_fetchrow($result))
1519
 
                                {
1520
 
                                        $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
1521
 
                                        $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
1522
 
                                }
1523
 
                                $db->sql_freeresult($result);
1524
 
 
1525
 
                                $template->assign_vars(array(
1526
 
                                        'S_RANK'                        => true,
1527
 
                                        'S_RANK_OPTIONS'        => $s_rank_options)
1528
 
                                );
1529
 
 
1530
 
                        break;
1531
 
                        
1532
 
                        case 'sig':
1533
 
                        
1534
 
                                include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
1535
 
                                include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
1536
 
 
1537
 
                                $enable_bbcode  = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', !$user->optionget('bbcode'))) ? false : true) : false;
1538
 
                                $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', !$user->optionget('smilies'))) ? false : true) : false;
1539
 
                                $enable_urls    = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
1540
 
                                $signature              = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
1541
 
 
1542
 
                                $preview                = (isset($_POST['preview'])) ? true : false;
1543
 
 
1544
 
                                if ($submit || $preview)
1545
 
                                {
1546
 
                                        include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
1547
 
 
1548
 
                                        $message_parser = new parse_message($signature);
1549
 
 
1550
 
                                        // Allowing Quote BBCode
1551
 
                                        $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
1552
 
                                                
1553
 
                                        if (sizeof($message_parser->warn_msg))
1554
 
                                        {
1555
 
                                                $error[] = implode('<br />', $message_parser->warn_msg);
1556
 
                                        }
1557
 
 
1558
 
                                        if (!check_form_key($form_name))
1559
 
                                        {
1560
 
                                                $error = 'FORM_INVALID';
1561
 
                                        }
1562
 
 
1563
 
                                        if (!sizeof($error) && $submit)
1564
 
                                        {
1565
 
                                                $sql_ary = array(
1566
 
                                                        'user_sig'                                      => (string) $message_parser->message,
1567
 
                                                        'user_sig_bbcode_uid'           => (string) $message_parser->bbcode_uid,
1568
 
                                                        'user_sig_bbcode_bitfield'      => (string) $message_parser->bbcode_bitfield
1569
 
                                                );
1570
 
 
1571
 
                                                $sql = 'UPDATE ' . USERS_TABLE . '
1572
 
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
1573
 
                                                        WHERE user_id = ' . $user_id;
1574
 
                                                $db->sql_query($sql);
1575
 
 
1576
 
                                                trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1577
 
                                        }
1578
 
        
1579
 
                                        // Replace "error" strings with their real, localised form
1580
 
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
1581
 
                                }
1582
 
                                
1583
 
                                $signature_preview = '';
1584
 
                                
1585
 
                                if ($preview)
1586
 
                                {
1587
 
                                        // Now parse it for displaying
1588
 
                                        $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
1589
 
                                        unset($message_parser);
1590
 
                                }
1591
 
 
1592
 
                                decode_message($signature, $user_row['user_sig_bbcode_uid']);
1593
 
 
1594
 
                                $template->assign_vars(array(
1595
 
                                        'S_SIGNATURE'           => true,
1596
 
 
1597
 
                                        'SIGNATURE'                     => $signature,
1598
 
                                        'SIGNATURE_PREVIEW'     => $signature_preview,
1599
 
 
1600
 
                                        'S_BBCODE_CHECKED'              => (!$enable_bbcode) ? ' checked="checked"' : '',
1601
 
                                        'S_SMILIES_CHECKED'             => (!$enable_smilies) ? ' checked="checked"' : '',
1602
 
                                        'S_MAGIC_URL_CHECKED'   => (!$enable_urls) ? ' checked="checked"' : '',
1603
 
 
1604
 
                                        'BBCODE_STATUS'                 => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
1605
 
                                        'SMILIES_STATUS'                => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
1606
 
                                        'IMG_STATUS'                    => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
1607
 
                                        'FLASH_STATUS'                  => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
1608
 
                                        'URL_STATUS'                    => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
1609
 
 
1610
 
                                        'L_SIGNATURE_EXPLAIN'   => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
1611
 
 
1612
 
                                        'S_BBCODE_ALLOWED'              => $config['allow_sig_bbcode'],
1613
 
                                        'S_SMILIES_ALLOWED'             => $config['allow_sig_smilies'],
1614
 
                                        'S_BBCODE_IMG'                  => ($config['allow_sig_img']) ? true : false,
1615
 
                                        'S_BBCODE_FLASH'                => ($config['allow_sig_flash']) ? true : false,
1616
 
                                        'S_LINKS_ALLOWED'               => ($config['allow_sig_links']) ? true : false)
1617
 
                                );
1618
 
 
1619
 
                                // Assigning custom bbcodes
1620
 
                                display_custom_bbcodes();
1621
 
 
1622
 
                        break;
1623
 
 
1624
 
                        case 'attach':
1625
 
 
1626
 
                                $start          = request_var('start', 0);
1627
 
                                $deletemark = (isset($_POST['delmarked'])) ? true : false;
1628
 
                                $marked         = request_var('mark', array(0));
1629
 
 
1630
 
                                // Sort keys
1631
 
                                $sort_key       = request_var('sk', 'a');
1632
 
                                $sort_dir       = request_var('sd', 'd');
1633
 
 
1634
 
                                if ($deletemark && sizeof($marked))
1635
 
                                {
1636
 
                                        $sql = 'SELECT attach_id
1637
 
                                                FROM ' . ATTACHMENTS_TABLE . '
1638
 
                                                WHERE poster_id = ' . $user_id . '
1639
 
                                                        AND is_orphan = 0
1640
 
                                                        AND ' . $db->sql_in_set('attach_id', $marked);
1641
 
                                        $result = $db->sql_query($sql);
1642
 
 
1643
 
                                        $marked = array();
1644
 
                                        while ($row = $db->sql_fetchrow($result))
1645
 
                                        {
1646
 
                                                $marked[] = $row['attach_id'];
1647
 
                                        }
1648
 
                                        $db->sql_freeresult($result);
1649
 
                                }
1650
 
 
1651
 
                                if ($deletemark && sizeof($marked))
1652
 
                                {
1653
 
                                        if (confirm_box(true))
1654
 
                                        {
1655
 
                                                $sql = 'SELECT real_filename
1656
 
                                                        FROM ' . ATTACHMENTS_TABLE . '
1657
 
                                                        WHERE ' . $db->sql_in_set('attach_id', $marked);
1658
 
                                                $result = $db->sql_query($sql);
1659
 
 
1660
 
                                                $log_attachments = array();
1661
 
                                                while ($row = $db->sql_fetchrow($result))
1662
 
                                                {
1663
 
                                                        $log_attachments[] = $row['real_filename'];
1664
 
                                                }
1665
 
                                                $db->sql_freeresult($result);
1666
 
 
1667
 
                                                delete_attachments('attach', $marked);
1668
 
 
1669
 
                                                $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
1670
 
 
1671
 
                                                add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
1672
 
                                                trigger_error($message . adm_back_link($this->u_action . '&amp;u=' . $user_id));
1673
 
                                        }
1674
 
                                        else
1675
 
                                        {
1676
 
                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1677
 
                                                        'u'                             => $user_id,
1678
 
                                                        'i'                             => $id,
1679
 
                                                        'mode'                  => $mode,
1680
 
                                                        'action'                => $action,
1681
 
                                                        'delmarked'             => true,
1682
 
                                                        'mark'                  => $marked))
1683
 
                                                );
1684
 
                                        }
1685
 
                                }
1686
 
 
1687
 
                                $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
1688
 
                                $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
1689
 
 
1690
 
                                $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
1691
 
 
1692
 
                                $s_sort_key = '';
1693
 
                                foreach ($sk_text as $key => $value)
1694
 
                                {
1695
 
                                        $selected = ($sort_key == $key) ? ' selected="selected"' : '';
1696
 
                                        $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1697
 
                                }
1698
 
 
1699
 
                                $s_sort_dir = '';
1700
 
                                foreach ($sd_text as $key => $value)
1701
 
                                {
1702
 
                                        $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
1703
 
                                        $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
1704
 
                                }
1705
 
 
1706
 
                                if (!isset($sk_sql[$sort_key]))
1707
 
                                {
1708
 
                                        $sort_key = 'a';
1709
 
                                }
1710
 
 
1711
 
                                $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
1712
 
 
1713
 
                                $sql = 'SELECT COUNT(attach_id) as num_attachments
1714
 
                                        FROM ' . ATTACHMENTS_TABLE . "
1715
 
                                        WHERE poster_id = $user_id
1716
 
                                                AND is_orphan = 0";
1717
 
                                $result = $db->sql_query_limit($sql, 1);
1718
 
                                $num_attachments = (int) $db->sql_fetchfield('num_attachments');
1719
 
                                $db->sql_freeresult($result);
1720
 
 
1721
 
                                $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
1722
 
                                        FROM ' . ATTACHMENTS_TABLE . ' a
1723
 
                                                LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
1724
 
                                                        AND a.in_message = 0)
1725
 
                                                LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
1726
 
                                                        AND a.in_message = 1)
1727
 
                                        WHERE a.poster_id = ' . $user_id . "
1728
 
                                                AND a.is_orphan = 0
1729
 
                                        ORDER BY $order_by";
1730
 
                                $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
1731
 
 
1732
 
                                while ($row = $db->sql_fetchrow($result))
1733
 
                                {
1734
 
                                        if ($row['in_message'])
1735
 
                                        {
1736
 
                                                $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&amp;p={$row['post_msg_id']}");
1737
 
                                        }
1738
 
                                        else
1739
 
                                        {
1740
 
                                                $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&amp;p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
1741
 
                                        }
1742
 
 
1743
 
                                        $template->assign_block_vars('attach', array(
1744
 
                                                'REAL_FILENAME'         => $row['real_filename'],
1745
 
                                                'COMMENT'                       => nl2br($row['attach_comment']),
1746
 
                                                'EXTENSION'                     => $row['extension'],
1747
 
                                                'SIZE'                          => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
1748
 
                                                'DOWNLOAD_COUNT'        => $row['download_count'],
1749
 
                                                'POST_TIME'                     => $user->format_date($row['filetime']),
1750
 
                                                'TOPIC_TITLE'           => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
1751
 
 
1752
 
                                                'ATTACH_ID'                     => $row['attach_id'],
1753
 
                                                'POST_ID'                       => $row['post_msg_id'],
1754
 
                                                'TOPIC_ID'                      => $row['topic_id'],
1755
 
                                
1756
 
                                                'S_IN_MESSAGE'          => $row['in_message'],
1757
 
 
1758
 
                                                'U_DOWNLOAD'            => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&amp;id=' . $row['attach_id']),
1759
 
                                                'U_VIEW_TOPIC'          => $view_topic)
1760
 
                                        );
1761
 
                                }
1762
 
                                $db->sql_freeresult($result);
1763
 
                
1764
 
                                $template->assign_vars(array(
1765
 
                                        'S_ATTACHMENTS'         => true,
1766
 
                                        'S_ON_PAGE'                     => on_page($num_attachments, $config['topics_per_page'], $start),
1767
 
                                        'S_SORT_KEY'            => $s_sort_key,
1768
 
                                        'S_SORT_DIR'            => $s_sort_dir,
1769
 
 
1770
 
                                        'PAGINATION'            => generate_pagination($this->u_action . "&amp;u=$user_id&amp;sk=$sort_key&amp;sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start, true))
1771
 
                                );
1772
 
 
1773
 
                        break;
1774
 
                
1775
 
                        case 'groups':
1776
 
 
1777
 
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
1778
 
 
1779
 
                                $user->add_lang(array('groups', 'acp/groups'));
1780
 
                                $group_id = request_var('g', 0);
1781
 
                                
1782
 
                                if ($group_id)
1783
 
                                {
1784
 
                                        // Check the founder only entry for this group to make sure everything is well
1785
 
                                        $sql = 'SELECT group_founder_manage
1786
 
                                                FROM ' . GROUPS_TABLE . '
1787
 
                                                WHERE group_id = ' . $group_id;
1788
 
                                        $result = $db->sql_query($sql);
1789
 
                                        $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
1790
 
                                        $db->sql_freeresult($result);
1791
 
                                        
1792
 
                                        if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
1793
 
                                        {
1794
 
                                                trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1795
 
                                        }
1796
 
                                }
1797
 
                                else
1798
 
                                {
1799
 
                                        $founder_manage = 0;
1800
 
                                }
1801
 
                                
1802
 
                                switch ($action)
1803
 
                                {
1804
 
                                        case 'demote':
1805
 
                                        case 'promote':
1806
 
                                        case 'default':
1807
 
                                                if (!$group_id)
1808
 
                                                {
1809
 
                                                        trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1810
 
                                                }
1811
 
                                                group_user_attributes($action, $group_id, $user_id);
1812
 
 
1813
 
                                                if ($action == 'default')
1814
 
                                                {
1815
 
                                                        $user_row['group_id'] = $group_id;
1816
 
                                                }
1817
 
                                        break;
1818
 
 
1819
 
                                        case 'delete':
1820
 
 
1821
 
                                                if (confirm_box(true))
1822
 
                                                {
1823
 
                                                        if (!$group_id)
1824
 
                                                        {
1825
 
                                                                trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1826
 
                                                        }
1827
 
 
1828
 
                                                        if ($error = group_user_del($group_id, $user_id))
1829
 
                                                        {
1830
 
                                                                trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1831
 
                                                        }
1832
 
                                                
1833
 
                                                        $error = array();
1834
 
                                                }
1835
 
                                                else
1836
 
                                                {
1837
 
                                                        confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
1838
 
                                                                'u'                             => $user_id,
1839
 
                                                                'i'                             => $id,
1840
 
                                                                'mode'                  => $mode,
1841
 
                                                                'action'                => $action,
1842
 
                                                                'g'                             => $group_id))
1843
 
                                                        );
1844
 
                                                }
1845
 
        
1846
 
                                        break;
1847
 
                                }
1848
 
 
1849
 
                                // Add user to group?
1850
 
                                if ($submit)
1851
 
                                {
1852
 
 
1853
 
                                        if (!check_form_key($form_name))
1854
 
                                        {
1855
 
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1856
 
                                        }
1857
 
 
1858
 
                                        if (!$group_id)
1859
 
                                        {
1860
 
                                                trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1861
 
                                        }
1862
 
 
1863
 
                                        // Add user/s to group
1864
 
                                        if ($error = group_user_add($group_id, $user_id))
1865
 
                                        {
1866
 
                                                trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
1867
 
                                        }
1868
 
 
1869
 
                                        $error = array();
1870
 
                                }
1871
 
 
1872
 
 
1873
 
                                $sql = 'SELECT ug.*, g.*
1874
 
                                        FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
1875
 
                                        WHERE ug.user_id = $user_id
1876
 
                                                AND g.group_id = ug.group_id
1877
 
                                        ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
1878
 
                                $result = $db->sql_query($sql);
1879
 
 
1880
 
                                $i = 0;
1881
 
                                $group_data = $id_ary = array();
1882
 
                                while ($row = $db->sql_fetchrow($result))
1883
 
                                {
1884
 
                                        $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
1885
 
 
1886
 
                                        $group_data[$type][$i]['group_id']              = $row['group_id'];
1887
 
                                        $group_data[$type][$i]['group_name']    = $row['group_name'];
1888
 
                                        $group_data[$type][$i]['group_leader']  = ($row['group_leader']) ? 1 : 0;
1889
 
 
1890
 
                                        $id_ary[] = $row['group_id'];
1891
 
 
1892
 
                                        $i++;
1893
 
                                }
1894
 
                                $db->sql_freeresult($result);
1895
 
 
1896
 
                                // Select box for other groups
1897
 
                                $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
1898
 
                                        FROM ' . GROUPS_TABLE . '
1899
 
                                        ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
1900
 
                                        ORDER BY group_type DESC, group_name ASC';
1901
 
                                $result = $db->sql_query($sql);
1902
 
 
1903
 
                                $s_group_options = '';
1904
 
                                while ($row = $db->sql_fetchrow($result))
1905
 
                                {
1906
 
                                        if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
1907
 
                                        {
1908
 
                                                continue;
1909
 
                                        }
1910
 
 
1911
 
                                        // Do not display those groups not allowed to be managed
1912
 
                                        if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
1913
 
                                        {
1914
 
                                                continue;
1915
 
                                        }
1916
 
 
1917
 
                                        $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
1918
 
                                }
1919
 
                                $db->sql_freeresult($result);
1920
 
 
1921
 
                                $current_type = '';
1922
 
                                foreach ($group_data as $group_type => $data_ary)
1923
 
                                {
1924
 
                                        if ($current_type != $group_type)
1925
 
                                        {
1926
 
                                                $template->assign_block_vars('group', array(
1927
 
                                                        'S_NEW_GROUP_TYPE'              => true,
1928
 
                                                        'GROUP_TYPE'                    => $user->lang['USER_GROUP_' . strtoupper($group_type)])
1929
 
                                                );
1930
 
                                        }
1931
 
 
1932
 
                                        foreach ($data_ary as $data)
1933
 
                                        {
1934
 
                                                $template->assign_block_vars('group', array(
1935
 
                                                        'U_EDIT_GROUP'          => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&amp;mode=manage&amp;action=edit&amp;u=$user_id&amp;g={$data['group_id']}&amp;back_link=acp_users_groups"),
1936
 
                                                        'U_DEFAULT'                     => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'],
1937
 
                                                        'U_DEMOTE_PROMOTE'      => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'],
1938
 
                                                        'U_DELETE'                      => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'],
1939
 
 
1940
 
                                                        'GROUP_NAME'            => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
1941
 
                                                        'L_DEMOTE_PROMOTE'      => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
1942
 
 
1943
 
                                                        'S_NO_DEFAULT'          => ($user_row['group_id'] != $data['group_id']) ? true : false,
1944
 
                                                        'S_SPECIAL_GROUP'       => ($group_type == 'special') ? true : false,
1945
 
                                                        )
1946
 
                                                );
1947
 
                                        }
1948
 
                                }
1949
 
 
1950
 
                                $template->assign_vars(array(
1951
 
                                        'S_GROUPS'                      => true,
1952
 
                                        'S_GROUP_OPTIONS'       => $s_group_options)
1953
 
                                );
1954
 
 
1955
 
                        break;
1956
 
 
1957
 
                        case 'perm':
1958
 
 
1959
 
                                include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
1960
 
 
1961
 
                                $auth_admin = new auth_admin();
1962
 
 
1963
 
                                $user->add_lang('acp/permissions');
1964
 
                                add_permission_language();
1965
 
 
1966
 
                                $forum_id = request_var('f', 0);
1967
 
 
1968
 
                                // Global Permissions
1969
 
                                if (!$forum_id)
1970
 
                                {
1971
 
                                        // Select auth options
1972
 
                                        $sql = 'SELECT auth_option, is_local, is_global
1973
 
                                                FROM ' . ACL_OPTIONS_TABLE . '
1974
 
                                                WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
1975
 
                                                        AND is_global = 1
1976
 
                                                ORDER BY auth_option';
1977
 
                                        $result = $db->sql_query($sql);
1978
 
 
1979
 
                                        $hold_ary = array();
1980
 
                                        
1981
 
                                        while ($row = $db->sql_fetchrow($result))
1982
 
                                        {
1983
 
                                                $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
1984
 
                                                $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
1985
 
                                        }
1986
 
                                        $db->sql_freeresult($result);
1987
 
 
1988
 
                                        unset($hold_ary);
1989
 
                                }
1990
 
                                else
1991
 
                                {
1992
 
                                        $sql = 'SELECT auth_option, is_local, is_global
1993
 
                                                FROM ' . ACL_OPTIONS_TABLE . "
1994
 
                                                WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
1995
 
                                                        AND is_local = 1
1996
 
                                                ORDER BY is_global DESC, auth_option";
1997
 
                                        $result = $db->sql_query($sql);
1998
 
 
1999
 
                                        while ($row = $db->sql_fetchrow($result))
2000
 
                                        {
2001
 
                                                $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
2002
 
                                                $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
2003
 
                                        }
2004
 
                                        $db->sql_freeresult($result);
2005
 
                                }
2006
 
 
2007
 
                                $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
2008
 
                                $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
2009
 
 
2010
 
                                $template->assign_vars(array(
2011
 
                                        'S_PERMISSIONS'                         => true,
2012
 
 
2013
 
                                        'S_GLOBAL'                                      => (!$forum_id) ? true : false,
2014
 
                                        'S_FORUM_OPTIONS'                       => $s_forum_options,
2015
 
 
2016
 
                                        'U_ACTION'                                      => $this->u_action . '&amp;u=' . $user_id,
2017
 
                                        'U_USER_PERMISSIONS'            => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&amp;mode=setting_user_global&amp;user_id[]=' . $user_id),
2018
 
                                        'U_USER_FORUM_PERMISSIONS'      => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&amp;mode=setting_user_local&amp;user_id[]=' . $user_id))
2019
 
                                );
2020
 
                        
2021
 
                        break;
2022
 
 
2023
 
                }
2024
 
 
2025
 
                // Assign general variables
2026
 
                $template->assign_vars(array(
2027
 
                        'S_ERROR'                       => (sizeof($error)) ? true : false,
2028
 
                        'ERROR_MSG'                     => (sizeof($error)) ? implode('<br />', $error) : '')
2029
 
                );
2030
 
        }
2031
 
 
2032
 
        /**
2033
 
        * Optionset replacement for this module based on $user->optionset
2034
 
        */
2035
 
        function optionset(&$user_row, $key, $value, $data = false)
2036
 
        {
2037
 
                global $user;
2038
 
 
2039
 
                $var = ($data) ? $data : $user_row['user_options'];
2040
 
 
2041
 
                if ($value && !($var & 1 << $user->keyoptions[$key]))
2042
 
                {
2043
 
                        $var += 1 << $user->keyoptions[$key];
2044
 
                }
2045
 
                else if (!$value && ($var & 1 << $user->keyoptions[$key]))
2046
 
                {
2047
 
                        $var -= 1 << $user->keyoptions[$key];
2048
 
                }
2049
 
                else
2050
 
                {
2051
 
                        return ($data) ? $var : false;
2052
 
                }
2053
 
 
2054
 
                if (!$data)
2055
 
                {
2056
 
                        $user_row['user_options'] = $var;
2057
 
                        return true;
2058
 
                }
2059
 
                else
2060
 
                {
2061
 
                        return $var;
2062
 
                }
2063
 
        }
2064
 
 
2065
 
        /**
2066
 
        * Optionget replacement for this module based on $user->optionget
2067
 
        */
2068
 
        function optionget(&$user_row, $key, $data = false)
2069
 
        {
2070
 
                global $user;
2071
 
 
2072
 
                $var = ($data) ? $data : $user_row['user_options'];
2073
 
                return ($var & 1 << $user->keyoptions[$key]) ? true : false;
2074
 
        }
2075
 
}
2076
 
 
2077
 
?>
 
 
b'\\ No newline at end of file'