~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to www/php/phpBB3/includes/acp/acp_users.php

  • Committer: dcoles
  • Date: 2008-02-13 04:10:55 UTC
  • Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:443
Added Forum application along with unmodifed version of phpBB3 "Olympus" 3.0.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
<?php
 
2
/**
 
3
*
 
4
* @package acp
 
5
* @version $Id: acp_users.php,v 1.142 2007/11/15 19:54:37 kellanved Exp $
 
6
* @copyright (c) 2005 phpBB Group
 
7
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 
8
*
 
9
*/
 
10
 
 
11
/**
 
12
* @ignore
 
13
*/
 
14
if (!defined('IN_PHPBB'))
 
15
{
 
16
        exit;
 
17
}
 
18
 
 
19
/**
 
20
* @package acp
 
21
*/
 
22
class acp_users
 
23
{
 
24
        var $u_action;
 
25
        var $p_master;
 
26
 
 
27
        function acp_users(&$p_master)
 
28
        {
 
29
                $this->p_master = &$p_master;
 
30
        }
 
31
 
 
32
        function main($id, $mode)
 
33
        {
 
34
                global $config, $db, $user, $auth, $template, $cache;
 
35
                global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix, $file_uploads;
 
36
 
 
37
                $user->add_lang(array('posting', 'ucp', 'acp/users'));
 
38
                $this->tpl_name = 'acp_users';
 
39
                $this->page_title = 'ACP_USER_' . strtoupper($mode);
 
40
 
 
41
                $error          = array();
 
42
                $username       = utf8_normalize_nfc(request_var('username', '', true));
 
43
                $user_id        = request_var('u', 0);
 
44
                $action         = request_var('action', '');
 
45
 
 
46
                $submit         = (isset($_POST['update']) && !isset($_POST['cancel'])) ? true : false;
 
47
 
 
48
                $form_name = 'acp_users';
 
49
                add_form_key($form_name);
 
50
 
 
51
                // Whois (special case)
 
52
                if ($action == 'whois')
 
53
                {
 
54
                        include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
55
 
 
56
                        $this->page_title = 'WHOIS';
 
57
                        $this->tpl_name = 'simple_body';
 
58
 
 
59
                        $user_ip = request_var('user_ip', '');
 
60
                        $domain = gethostbyaddr($user_ip);
 
61
                        $ipwhois = user_ipwhois($user_ip);
 
62
 
 
63
                        $template->assign_vars(array(
 
64
                                'MESSAGE_TITLE'         => sprintf($user->lang['IP_WHOIS_FOR'], $domain),
 
65
                                'MESSAGE_TEXT'          => nl2br($ipwhois))
 
66
                        );
 
67
 
 
68
                        return;
 
69
                }
 
70
 
 
71
                // Show user selection mask
 
72
                if (!$username && !$user_id)
 
73
                {
 
74
                        $this->page_title = 'SELECT_USER';
 
75
 
 
76
                        $template->assign_vars(array(
 
77
                                'U_ACTION'                      => $this->u_action,
 
78
                                'ANONYMOUS_USER_ID'     => ANONYMOUS,
 
79
 
 
80
                                'S_SELECT_USER'         => true,
 
81
                                'U_FIND_USERNAME'       => append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=select_user&amp;field=username&amp;select_single=true'),
 
82
                        ));
 
83
 
 
84
                        return;
 
85
                }
 
86
 
 
87
                if (!$user_id)
 
88
                {
 
89
                        $sql = 'SELECT user_id
 
90
                                FROM ' . USERS_TABLE . "
 
91
                                WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
 
92
                        $result = $db->sql_query($sql);
 
93
                        $user_id = (int) $db->sql_fetchfield('user_id');
 
94
                        $db->sql_freeresult($result);
 
95
 
 
96
                        if (!$user_id)
 
97
                        {
 
98
                                trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
 
99
                        }
 
100
                }
 
101
 
 
102
                // Generate content for all modes
 
103
                $sql = 'SELECT u.*, s.*
 
104
                        FROM ' . USERS_TABLE . ' u
 
105
                                LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
 
106
                        WHERE u.user_id = ' . $user_id . '
 
107
                        ORDER BY s.session_time DESC';
 
108
                $result = $db->sql_query($sql);
 
109
                $user_row = $db->sql_fetchrow($result);
 
110
                $db->sql_freeresult($result);
 
111
 
 
112
                if (!$user_row)
 
113
                {
 
114
                        trigger_error($user->lang['NO_USER'] . adm_back_link($this->u_action), E_USER_WARNING);
 
115
                }
 
116
 
 
117
                // Generate overall "header" for user admin
 
118
                $s_form_options = '';
 
119
 
 
120
                // Build modes dropdown list
 
121
                $sql = 'SELECT module_mode, module_auth
 
122
                        FROM ' . MODULES_TABLE . "
 
123
                        WHERE module_basename = 'users'
 
124
                                AND module_enabled = 1
 
125
                                AND module_class = 'acp'
 
126
                        ORDER BY left_id, module_mode";
 
127
                $result = $db->sql_query($sql);
 
128
 
 
129
                $dropdown_modes = array();
 
130
                while ($row = $db->sql_fetchrow($result))
 
131
                {
 
132
                        if (!$this->p_master->module_auth($row['module_auth']))
 
133
                        {
 
134
                                continue;
 
135
                        }
 
136
 
 
137
                        $dropdown_modes[$row['module_mode']] = true;
 
138
                }
 
139
                $db->sql_freeresult($result);
 
140
 
 
141
                foreach ($dropdown_modes as $module_mode => $null)
 
142
                {
 
143
                        $selected = ($mode == $module_mode) ? ' selected="selected"' : '';
 
144
                        $s_form_options .= '<option value="' . $module_mode . '"' . $selected . '>' . $user->lang['ACP_USER_' . strtoupper($module_mode)] . '</option>';
 
145
                }
 
146
 
 
147
                $template->assign_vars(array(
 
148
                        'U_BACK'                        => $this->u_action,
 
149
                        'U_MODE_SELECT'         => append_sid("{$phpbb_admin_path}index.$phpEx", "i=$id&amp;u=$user_id"),
 
150
                        'U_ACTION'                      => $this->u_action . '&amp;u=' . $user_id,
 
151
                        'S_FORM_OPTIONS'        => $s_form_options,
 
152
                        'MANAGED_USERNAME'      => $user_row['username'])
 
153
                );
 
154
 
 
155
                // Prevent normal users/admins change/view founders if they are not a founder by themselves
 
156
                if ($user->data['user_type'] != USER_FOUNDER && $user_row['user_type'] == USER_FOUNDER)
 
157
                {
 
158
                        trigger_error($user->lang['NOT_MANAGE_FOUNDER'] . adm_back_link($this->u_action), E_USER_WARNING);
 
159
                }
 
160
 
 
161
                switch ($mode)
 
162
                {
 
163
                        case 'overview':
 
164
 
 
165
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
166
 
 
167
                                $user->add_lang('acp/ban');
 
168
 
 
169
                                $delete                 = request_var('delete', 0);
 
170
                                $delete_type    = request_var('delete_type', '');
 
171
                                $ip                             = request_var('ip', 'ip');
 
172
 
 
173
                                if ($submit)
 
174
                                {
 
175
                                        // You can't delete the founder
 
176
                                        if ($delete && $user_row['user_type'] != USER_FOUNDER)
 
177
                                        {
 
178
                                                if (!$auth->acl_get('a_userdel'))
 
179
                                                {
 
180
                                                        trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
181
                                                }
 
182
 
 
183
                                                // Check if the user wants to remove himself or the guest user account
 
184
                                                if ($user_id == ANONYMOUS)
 
185
                                                {
 
186
                                                        trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
187
                                                }
 
188
 
 
189
                                                if ($user_id == $user->data['user_id'])
 
190
                                                {
 
191
                                                        trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
192
                                                }
 
193
 
 
194
                                                if (confirm_box(true))
 
195
                                                {
 
196
                                                        user_delete($delete_type, $user_id, $user_row['username']);
 
197
 
 
198
                                                        add_log('admin', 'LOG_USER_DELETED', $user_row['username']);
 
199
                                                        trigger_error($user->lang['USER_DELETED'] . adm_back_link($this->u_action));
 
200
                                                }
 
201
                                                else
 
202
                                                {
 
203
                                                        confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 
204
                                                                'u'                             => $user_id,
 
205
                                                                'i'                             => $id,
 
206
                                                                'mode'                  => $mode,
 
207
                                                                'action'                => $action,
 
208
                                                                'update'                => true,
 
209
                                                                'delete'                => 1,
 
210
                                                                'delete_type'   => $delete_type))
 
211
                                                        );
 
212
                                                }
 
213
                                        }
 
214
 
 
215
                                        // Handle quicktool actions
 
216
                                        switch ($action)
 
217
                                        {
 
218
                                                case 'banuser':
 
219
                                                case 'banemail':
 
220
                                                case 'banip':
 
221
 
 
222
                                                        if ($user_id == $user->data['user_id'])
 
223
                                                        {
 
224
                                                                trigger_error($user->lang['CANNOT_BAN_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
225
                                                        }
 
226
 
 
227
                                                        if ($user_row['user_type'] == USER_FOUNDER)
 
228
                                                        {
 
229
                                                                trigger_error($user->lang['CANNOT_BAN_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
230
                                                        }
 
231
 
 
232
                                                        if (!check_form_key($form_name))
 
233
                                                        {
 
234
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
235
                                                        }
 
236
 
 
237
                                                        $ban = array();
 
238
 
 
239
                                                        switch ($action)
 
240
                                                        {
 
241
                                                                case 'banuser':
 
242
                                                                        $ban[] = $user_row['username'];
 
243
                                                                        $reason = 'USER_ADMIN_BAN_NAME_REASON';
 
244
                                                                        $log = 'LOG_USER_BAN_USER';
 
245
                                                                break;
 
246
 
 
247
                                                                case 'banemail':
 
248
                                                                        $ban[] = $user_row['user_email'];
 
249
                                                                        $reason = 'USER_ADMIN_BAN_EMAIL_REASON';
 
250
                                                                        $log = 'LOG_USER_BAN_EMAIL';
 
251
                                                                break;
 
252
 
 
253
                                                                case 'banip':
 
254
                                                                        $ban[] = $user_row['user_ip'];
 
255
 
 
256
                                                                        $sql = 'SELECT DISTINCT poster_ip
 
257
                                                                                FROM ' . POSTS_TABLE . "
 
258
                                                                                WHERE poster_id = $user_id";
 
259
                                                                        $result = $db->sql_query($sql);
 
260
 
 
261
                                                                        while ($row = $db->sql_fetchrow($result))
 
262
                                                                        {
 
263
                                                                                $ban[] = $row['poster_ip'];
 
264
                                                                        }
 
265
                                                                        $db->sql_freeresult($result);
 
266
 
 
267
                                                                        $reason = 'USER_ADMIN_BAN_IP_REASON';
 
268
                                                                        $log = 'LOG_USER_BAN_IP';
 
269
                                                                break;
 
270
                                                        }
 
271
 
 
272
                                                        $ban_reason = utf8_normalize_nfc(request_var('ban_reason', $user->lang[$reason], true));
 
273
                                                        $ban_give_reason = utf8_normalize_nfc(request_var('ban_give_reason', '', true));
 
274
 
 
275
                                                        // Log not used at the moment, we simply utilize the ban function.
 
276
                                                        $result = user_ban(substr($action, 3), $ban, 0, 0, 0, $ban_reason, $ban_give_reason);
 
277
 
 
278
                                                        trigger_error((($result === false) ? $user->lang['BAN_ALREADY_ENTERED'] : $user->lang['BAN_SUCCESSFUL']) . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
279
 
 
280
                                                break;
 
281
 
 
282
                                                case 'reactivate':
 
283
 
 
284
                                                        if ($user_id == $user->data['user_id'])
 
285
                                                        {
 
286
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
287
                                                        }
 
288
 
 
289
                                                        if (!check_form_key($form_name))
 
290
                                                        {
 
291
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
292
                                                        }
 
293
 
 
294
                                                        if ($user_row['user_type'] == USER_FOUNDER)
 
295
                                                        {
 
296
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
297
                                                        }
 
298
 
 
299
                                                        if ($user_row['user_type'] == USER_IGNORE)
 
300
                                                        {
 
301
                                                                trigger_error($user->lang['CANNOT_FORCE_REACT_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
302
                                                        }
 
303
 
 
304
                                                        if ($config['email_enable'])
 
305
                                                        {
 
306
                                                                include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 
307
 
 
308
                                                                $server_url = generate_board_url();
 
309
 
 
310
                                                                $user_actkey = gen_rand_string(10);
 
311
                                                                $key_len = 54 - (strlen($server_url));
 
312
                                                                $key_len = ($key_len > 6) ? $key_len : 6;
 
313
                                                                $user_actkey = substr($user_actkey, 0, $key_len);
 
314
                                                                $email_template = ($user_row['user_type'] == USER_NORMAL) ? 'user_reactivate_account' : 'user_resend_inactive';
 
315
 
 
316
                                                                if ($user_row['user_type'] == USER_NORMAL)
 
317
                                                                {
 
318
                                                                        user_active_flip('deactivate', $user_id, INACTIVE_REMIND);
 
319
 
 
320
                                                                        $sql = 'UPDATE ' . USERS_TABLE . "
 
321
                                                                                SET user_actkey = '" . $db->sql_escape($user_actkey) . "'
 
322
                                                                                WHERE user_id = $user_id";
 
323
                                                                        $db->sql_query($sql);
 
324
                                                                }
 
325
                                                                else
 
326
                                                                {
 
327
                                                                        // Grabbing the last confirm key - we only send a reminder
 
328
                                                                        $sql = 'SELECT user_actkey
 
329
                                                                                FROM ' . USERS_TABLE . '
 
330
                                                                                WHERE user_id = ' . $user_id;
 
331
                                                                        $result = $db->sql_query($sql);
 
332
                                                                        $user_actkey = (string) $db->sql_fetchfield('user_actkey');
 
333
                                                                        $db->sql_freeresult($result);
 
334
                                                                }
 
335
 
 
336
                                                                $messenger = new messenger(false);
 
337
 
 
338
                                                                $messenger->template($email_template, $user_row['user_lang']);
 
339
 
 
340
                                                                $messenger->to($user_row['user_email'], $user_row['username']);
 
341
 
 
342
                                                                $messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
 
343
                                                                $messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
 
344
                                                                $messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
 
345
                                                                $messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
 
346
 
 
347
                                                                $messenger->assign_vars(array(
 
348
                                                                        'WELCOME_MSG'   => htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename'])),
 
349
                                                                        'USERNAME'              => htmlspecialchars_decode($user_row['username']),
 
350
                                                                        'U_ACTIVATE'    => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
 
351
                                                                );
 
352
 
 
353
                                                                $messenger->send(NOTIFY_EMAIL);
 
354
 
 
355
                                                                add_log('admin', 'LOG_USER_REACTIVATE', $user_row['username']);
 
356
                                                                add_log('user', $user_id, 'LOG_USER_REACTIVATE_USER');
 
357
 
 
358
                                                                trigger_error($user->lang['FORCE_REACTIVATION_SUCCESS'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
359
                                                        }
 
360
 
 
361
                                                break;
 
362
 
 
363
                                                case 'active':
 
364
 
 
365
                                                        if ($user_id == $user->data['user_id'])
 
366
                                                        {
 
367
                                                                // It is only deactivation since the user is already activated (else he would not have reached this page)
 
368
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_YOURSELF'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
369
                                                        }
 
370
 
 
371
                                                        if (!check_form_key($form_name))
 
372
                                                        {
 
373
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
374
                                                        }
 
375
 
 
376
                                                        if ($user_row['user_type'] == USER_FOUNDER)
 
377
                                                        {
 
378
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
379
                                                        }
 
380
 
 
381
                                                        if ($user_row['user_type'] == USER_IGNORE)
 
382
                                                        {
 
383
                                                                trigger_error($user->lang['CANNOT_DEACTIVATE_BOT'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
384
                                                        }
 
385
 
 
386
                                                        user_active_flip('flip', $user_id);
 
387
 
 
388
                                                        $message = ($user_row['user_type'] == USER_INACTIVE) ? 'USER_ADMIN_ACTIVATED' : 'USER_ADMIN_DEACTIVED';
 
389
                                                        $log = ($user_row['user_type'] == USER_INACTIVE) ? 'LOG_USER_ACTIVE' : 'LOG_USER_INACTIVE';
 
390
 
 
391
                                                        add_log('admin', $log, $user_row['username']);
 
392
                                                        add_log('user', $user_id, $log . '_USER');
 
393
 
 
394
                                                        trigger_error($user->lang[$message] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
395
 
 
396
                                                break;
 
397
 
 
398
                                                case 'delsig':
 
399
 
 
400
                                                        if (!check_form_key($form_name))
 
401
                                                        {
 
402
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
403
                                                        }
 
404
 
 
405
                                                        $sql_ary = array(
 
406
                                                                'user_sig'                                      => '',
 
407
                                                                'user_sig_bbcode_uid'           => '',
 
408
                                                                'user_sig_bbcode_bitfield'      => ''
 
409
                                                        );
 
410
 
 
411
                                                        $sql = 'UPDATE ' . USERS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 
412
                                                                WHERE user_id = $user_id";
 
413
                                                        $db->sql_query($sql);
 
414
                                                
 
415
                                                        add_log('admin', 'LOG_USER_DEL_SIG', $user_row['username']);
 
416
                                                        add_log('user', $user_id, 'LOG_USER_DEL_SIG_USER');
 
417
 
 
418
                                                        trigger_error($user->lang['USER_ADMIN_SIG_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
419
 
 
420
                                                break;
 
421
 
 
422
                                                case 'delavatar':
 
423
 
 
424
                                                        if (!check_form_key($form_name))
 
425
                                                        {
 
426
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
427
                                                        }
 
428
 
 
429
                                                        $sql_ary = array(
 
430
                                                                'user_avatar'                   => '',
 
431
                                                                'user_avatar_type'              => 0,
 
432
                                                                'user_avatar_width'             => 0,
 
433
                                                                'user_avatar_height'    => 0,
 
434
                                                        );
 
435
 
 
436
                                                        $sql = 'UPDATE ' . USERS_TABLE . '
 
437
                                                                SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 
438
                                                                WHERE user_id = $user_id";
 
439
                                                        $db->sql_query($sql);
 
440
 
 
441
                                                        // Delete old avatar if present
 
442
                                                        if ($user_row['user_avatar'] && $user_row['user_avatar_type'] != AVATAR_GALLERY)
 
443
                                                        {
 
444
                                                                avatar_delete('user', $user_row);
 
445
                                                        }
 
446
 
 
447
                                                        add_log('admin', 'LOG_USER_DEL_AVATAR', $user_row['username']);
 
448
                                                        add_log('user', $user_id, 'LOG_USER_DEL_AVATAR_USER');
 
449
 
 
450
                                                        trigger_error($user->lang['USER_ADMIN_AVATAR_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
451
                                                break;
 
452
 
 
453
                                                case 'delposts':
 
454
 
 
455
                                                        if (confirm_box(true))
 
456
                                                        {
 
457
                                                                // Delete posts, attachments, etc.
 
458
                                                                delete_posts('poster_id', $user_id);
 
459
 
 
460
                                                                add_log('admin', 'LOG_USER_DEL_POSTS', $user_row['username']);
 
461
                                                                trigger_error($user->lang['USER_POSTS_DELETED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
462
                                                        }
 
463
                                                        else
 
464
                                                        {
 
465
                                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 
466
                                                                        'u'                             => $user_id,
 
467
                                                                        'i'                             => $id,
 
468
                                                                        'mode'                  => $mode,
 
469
                                                                        'action'                => $action,
 
470
                                                                        'update'                => true))
 
471
                                                                );
 
472
                                                        }
 
473
 
 
474
                                                break;
 
475
 
 
476
                                                case 'delattach':
 
477
 
 
478
                                                        if (confirm_box(true))
 
479
                                                        {
 
480
                                                                delete_attachments('user', $user_id);
 
481
 
 
482
                                                                add_log('admin', 'LOG_USER_DEL_ATTACH', $user_row['username']);
 
483
                                                                trigger_error($user->lang['USER_ATTACHMENTS_REMOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
484
                                                        }
 
485
                                                        else
 
486
                                                        {
 
487
                                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 
488
                                                                        'u'                             => $user_id,
 
489
                                                                        'i'                             => $id,
 
490
                                                                        'mode'                  => $mode,
 
491
                                                                        'action'                => $action,
 
492
                                                                        'update'                => true))
 
493
                                                                );
 
494
                                                        }
 
495
                                                
 
496
                                                break;
 
497
                                                
 
498
                                                case 'moveposts':
 
499
 
 
500
                                                        if (!check_form_key($form_name))
 
501
                                                        {
 
502
                                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
503
                                                        }
 
504
 
 
505
                                                        $user->add_lang('acp/forums');
 
506
 
 
507
                                                        $new_forum_id = request_var('new_f', 0);
 
508
 
 
509
                                                        if (!$new_forum_id)
 
510
                                                        {
 
511
                                                                $this->page_title = 'USER_ADMIN_MOVE_POSTS';
 
512
 
 
513
                                                                $template->assign_vars(array(
 
514
                                                                        'S_SELECT_FORUM'                => true,
 
515
                                                                        'U_ACTION'                              => $this->u_action . "&amp;action=$action&amp;u=$user_id",
 
516
                                                                        'U_BACK'                                => $this->u_action . "&amp;u=$user_id",
 
517
                                                                        'S_FORUM_OPTIONS'               => make_forum_select(false, false, false, true))
 
518
                                                                );
 
519
 
 
520
                                                                return;
 
521
                                                        }
 
522
 
 
523
                                                        // Is the new forum postable to?
 
524
                                                        $sql = 'SELECT forum_name, forum_type
 
525
                                                                FROM ' . FORUMS_TABLE . "
 
526
                                                                WHERE forum_id = $new_forum_id";
 
527
                                                        $result = $db->sql_query($sql);
 
528
                                                        $forum_info = $db->sql_fetchrow($result);
 
529
                                                        $db->sql_freeresult($result);
 
530
 
 
531
                                                        if (!$forum_info)
 
532
                                                        {
 
533
                                                                trigger_error($user->lang['NO_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
534
                                                        }
 
535
 
 
536
                                                        if ($forum_info['forum_type'] != FORUM_POST)
 
537
                                                        {
 
538
                                                                trigger_error($user->lang['MOVE_POSTS_NO_POSTABLE_FORUM'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
539
                                                        }
 
540
 
 
541
                                                        // Two stage?
 
542
                                                        // Move topics comprising only posts from this user
 
543
                                                        $topic_id_ary = $move_topic_ary = $move_post_ary = $new_topic_id_ary = array();
 
544
                                                        $forum_id_ary = array($new_forum_id);
 
545
 
 
546
                                                        $sql = 'SELECT topic_id, COUNT(post_id) AS total_posts
 
547
                                                                FROM ' . POSTS_TABLE . "
 
548
                                                                WHERE poster_id = $user_id
 
549
                                                                        AND forum_id <> $new_forum_id
 
550
                                                                GROUP BY topic_id";
 
551
                                                        $result = $db->sql_query($sql);
 
552
 
 
553
                                                        while ($row = $db->sql_fetchrow($result))
 
554
                                                        {
 
555
                                                                $topic_id_ary[$row['topic_id']] = $row['total_posts'];
 
556
                                                        }
 
557
                                                        $db->sql_freeresult($result);
 
558
 
 
559
                                                        if (sizeof($topic_id_ary))
 
560
                                                        {
 
561
                                                                $sql = 'SELECT topic_id, forum_id, topic_title, topic_replies, topic_replies_real, topic_attachment
 
562
                                                                        FROM ' . TOPICS_TABLE . '
 
563
                                                                        WHERE ' . $db->sql_in_set('topic_id', array_keys($topic_id_ary));
 
564
                                                                $result = $db->sql_query($sql);
 
565
 
 
566
                                                                while ($row = $db->sql_fetchrow($result))
 
567
                                                                {
 
568
                                                                        if (max($row['topic_replies'], $row['topic_replies_real']) + 1 == $topic_id_ary[$row['topic_id']])
 
569
                                                                        {
 
570
                                                                                $move_topic_ary[] = $row['topic_id'];
 
571
                                                                        }
 
572
                                                                        else
 
573
                                                                        {
 
574
                                                                                $move_post_ary[$row['topic_id']]['title'] = $row['topic_title'];
 
575
                                                                                $move_post_ary[$row['topic_id']]['attach'] = ($row['topic_attachment']) ? 1 : 0;
 
576
                                                                        }
 
577
 
 
578
                                                                        $forum_id_ary[] = $row['forum_id'];
 
579
                                                                }
 
580
                                                                $db->sql_freeresult($result);
 
581
                                                        }
 
582
 
 
583
                                                        // Entire topic comprises posts by this user, move these topics
 
584
                                                        if (sizeof($move_topic_ary))
 
585
                                                        {
 
586
                                                                move_topics($move_topic_ary, $new_forum_id, false);
 
587
                                                        }
 
588
 
 
589
                                                        if (sizeof($move_post_ary))
 
590
                                                        {
 
591
                                                                // Create new topic
 
592
                                                                // Update post_ids, report_ids, attachment_ids
 
593
                                                                foreach ($move_post_ary as $topic_id => $post_ary)
 
594
                                                                {
 
595
                                                                        // Create new topic
 
596
                                                                        $sql = 'INSERT INTO ' . TOPICS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 
597
                                                                                'topic_poster'                          => $user_id,
 
598
                                                                                'topic_time'                            => time(),
 
599
                                                                                'forum_id'                                      => $new_forum_id,
 
600
                                                                                'icon_id'                                       => 0,
 
601
                                                                                'topic_approved'                        => 1,
 
602
                                                                                'topic_title'                           => $post_ary['title'],
 
603
                                                                                'topic_first_poster_name'       => $user_row['username'],
 
604
                                                                                'topic_type'                            => POST_NORMAL,
 
605
                                                                                'topic_time_limit'                      => 0,
 
606
                                                                                'topic_attachment'                      => $post_ary['attach'])
 
607
                                                                        );
 
608
                                                                        $db->sql_query($sql);
 
609
 
 
610
                                                                        $new_topic_id = $db->sql_nextid();
 
611
 
 
612
                                                                        // Move posts
 
613
                                                                        $sql = 'UPDATE ' . POSTS_TABLE . "
 
614
                                                                                SET forum_id = $new_forum_id, topic_id = $new_topic_id
 
615
                                                                                WHERE topic_id = $topic_id
 
616
                                                                                        AND poster_id = $user_id";
 
617
                                                                        $db->sql_query($sql);
 
618
 
 
619
                                                                        if ($post_ary['attach'])
 
620
                                                                        {
 
621
                                                                                $sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
 
622
                                                                                        SET topic_id = $new_topic_id
 
623
                                                                                        WHERE topic_id = $topic_id
 
624
                                                                                                AND poster_id = $user_id";
 
625
                                                                                $db->sql_query($sql);
 
626
                                                                        }
 
627
 
 
628
                                                                        $new_topic_id_ary[] = $new_topic_id;
 
629
                                                                }
 
630
                                                        }
 
631
 
 
632
                                                        $forum_id_ary = array_unique($forum_id_ary);
 
633
                                                        $topic_id_ary = array_unique(array_merge($topic_id_ary, $new_topic_id_ary));
 
634
 
 
635
                                                        if (sizeof($topic_id_ary))
 
636
                                                        {
 
637
                                                                sync('reported', 'topic_id', $topic_id_ary);
 
638
                                                                sync('topic', 'topic_id', $topic_id_ary);
 
639
                                                        }
 
640
 
 
641
                                                        if (sizeof($forum_id_ary))
 
642
                                                        {
 
643
                                                                sync('forum', 'forum_id', $forum_id_ary, false, true);
 
644
                                                        }
 
645
 
 
646
 
 
647
                                                        add_log('admin', 'LOG_USER_MOVE_POSTS', $user_row['username'], $forum_info['forum_name']);
 
648
                                                        add_log('user', $user_id, 'LOG_USER_MOVE_POSTS_USER', $forum_info['forum_name']);
 
649
 
 
650
                                                        trigger_error($user->lang['USER_POSTS_MOVED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
651
 
 
652
                                                break;
 
653
                                        }
 
654
 
 
655
                                        // Handle registration info updates
 
656
                                        $data = array(
 
657
                                                'username'                      => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
 
658
                                                'user_founder'          => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
 
659
                                                'email'                         => strtolower(request_var('user_email', $user_row['user_email'])),
 
660
                                                'email_confirm'         => strtolower(request_var('email_confirm', '')),
 
661
                                                'new_password'          => request_var('new_password', '', true),
 
662
                                                'password_confirm'      => request_var('password_confirm', '', true),
 
663
                                        );
 
664
 
 
665
                                        // Validation data - we do not check the password complexity setting here
 
666
                                        $check_ary = array(
 
667
                                                'new_password'          => array(
 
668
                                                        array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
 
669
                                                        array('password')),
 
670
                                                'password_confirm'      => array('string', true, $config['min_pass_chars'], $config['max_pass_chars']),
 
671
                                        );
 
672
 
 
673
                                        // Check username if altered
 
674
                                        if ($data['username'] != $user_row['username'])
 
675
                                        {
 
676
                                                $check_ary += array(
 
677
                                                        'username'                      => array(
 
678
                                                                array('string', false, $config['min_name_chars'], $config['max_name_chars']),
 
679
                                                                array('username', $user_row['username'])
 
680
                                                        ),
 
681
                                                );
 
682
                                        }
 
683
 
 
684
                                        // Check email if altered
 
685
                                        if ($data['email'] != $user_row['user_email'])
 
686
                                        {
 
687
                                                $check_ary += array(
 
688
                                                        'email'                         => array(
 
689
                                                                array('string', false, 6, 60),
 
690
                                                                array('email', $user_row['user_email'])
 
691
                                                        ),
 
692
                                                        'email_confirm'         => array('string', true, 6, 60)
 
693
                                                );
 
694
                                        }
 
695
 
 
696
                                        $error = validate_data($data, $check_ary);
 
697
 
 
698
                                        if ($data['new_password'] && $data['password_confirm'] != $data['new_password'])
 
699
                                        {
 
700
                                                $error[] = 'NEW_PASSWORD_ERROR';
 
701
                                        }
 
702
 
 
703
                                        if ($data['email'] != $user_row['user_email'] && $data['email_confirm'] != $data['email'])
 
704
                                        {
 
705
                                                $error[] = 'NEW_EMAIL_ERROR';
 
706
                                        }
 
707
 
 
708
                                        if (!check_form_key($form_name))
 
709
                                        {
 
710
                                                $error[] = 'FORM_INVALID';
 
711
                                        }
 
712
 
 
713
                                        // Which updates do we need to do?
 
714
                                        $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false;
 
715
                                        $update_password = ($data['new_password'] && !phpbb_check_hash($user_row['user_password'], $data['new_password'])) ? true : false;
 
716
                                        $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false;
 
717
 
 
718
                                        if (!sizeof($error))
 
719
                                        {
 
720
                                                $sql_ary = array();
 
721
 
 
722
                                                if ($user_row['user_type'] != USER_FOUNDER || $user->data['user_type'] == USER_FOUNDER)
 
723
                                                {
 
724
                                                        // Only allow founders updating the founder status...
 
725
                                                        if ($user->data['user_type'] == USER_FOUNDER)
 
726
                                                        {
 
727
                                                                // Setting a normal member to be a founder
 
728
                                                                if ($data['user_founder'] && $user_row['user_type'] != USER_FOUNDER)
 
729
                                                                {
 
730
                                                                        // Make sure the user is not setting an Inactive or ignored user to be a founder
 
731
                                                                        if ($user_row['user_type'] == USER_IGNORE)
 
732
                                                                        {
 
733
                                                                                trigger_error($user->lang['CANNOT_SET_FOUNDER_IGNORED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
734
                                                                        }
 
735
 
 
736
                                                                        if ($user_row['user_type'] == USER_INACTIVE)
 
737
                                                                        {
 
738
                                                                                trigger_error($user->lang['CANNOT_SET_FOUNDER_INACTIVE'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
739
                                                                        }
 
740
 
 
741
                                                                        $sql_ary['user_type'] = USER_FOUNDER;
 
742
                                                                }
 
743
                                                                else if (!$data['user_founder'] && $user_row['user_type'] == USER_FOUNDER)
 
744
                                                                {
 
745
                                                                        // Check if at least one founder is present
 
746
                                                                        $sql = 'SELECT user_id
 
747
                                                                                FROM ' . USERS_TABLE . '
 
748
                                                                                WHERE user_type = ' . USER_FOUNDER . '
 
749
                                                                                        AND user_id <> ' . $user_id;
 
750
                                                                        $result = $db->sql_query_limit($sql, 1);
 
751
                                                                        $row = $db->sql_fetchrow($result);
 
752
                                                                        $db->sql_freeresult($result);
 
753
 
 
754
                                                                        if ($row)
 
755
                                                                        {
 
756
                                                                                $sql_ary['user_type'] = USER_NORMAL;
 
757
                                                                        }
 
758
                                                                        else
 
759
                                                                        {
 
760
                                                                                trigger_error($user->lang['AT_LEAST_ONE_FOUNDER'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
761
                                                                        }
 
762
                                                                }
 
763
                                                        }
 
764
                                                }
 
765
 
 
766
                                                if ($update_username !== false)
 
767
                                                {
 
768
                                                        $sql_ary['username'] = $update_username;
 
769
                                                        $sql_ary['username_clean'] = utf8_clean_string($update_username);
 
770
 
 
771
                                                        add_log('user', $user_id, 'LOG_USER_UPDATE_NAME', $user_row['username'], $update_username);
 
772
                                                }
 
773
 
 
774
                                                if ($update_email !== false)
 
775
                                                {
 
776
                                                        $sql_ary += array(
 
777
                                                                'user_email'            => $update_email,
 
778
                                                                'user_email_hash'       => crc32($update_email) . strlen($update_email)
 
779
                                                        );
 
780
 
 
781
                                                        add_log('user', $user_id, 'LOG_USER_UPDATE_EMAIL', $user_row['username'], $user_row['user_email'], $update_email);
 
782
                                                }
 
783
 
 
784
                                                if ($update_password)
 
785
                                                {
 
786
                                                        $sql_ary += array(
 
787
                                                                'user_password'         => phpbb_hash($data['new_password']),
 
788
                                                                'user_passchg'          => time(),
 
789
                                                                'user_pass_convert'     => 0,
 
790
                                                        );
 
791
 
 
792
                                                        $user->reset_login_keys($user_id);
 
793
                                                        add_log('user', $user_id, 'LOG_USER_NEW_PASSWORD', $user_row['username']);
 
794
                                                }
 
795
 
 
796
                                                if (sizeof($sql_ary))
 
797
                                                {
 
798
                                                        $sql = 'UPDATE ' . USERS_TABLE . '
 
799
                                                                SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
 
800
                                                                WHERE user_id = ' . $user_id;
 
801
                                                        $db->sql_query($sql);
 
802
                                                }
 
803
 
 
804
                                                if ($update_username)
 
805
                                                {
 
806
                                                        user_update_name($user_row['username'], $update_username);
 
807
                                                }
 
808
 
 
809
                                                // Let the users permissions being updated
 
810
                                                $auth->acl_clear_prefetch($user_id);
 
811
 
 
812
                                                add_log('admin', 'LOG_USER_USER_UPDATE', $data['username']);
 
813
 
 
814
                                                trigger_error($user->lang['USER_OVERVIEW_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
815
                                        }
 
816
 
 
817
                                        // Replace "error" strings with their real, localised form
 
818
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 
819
                                }
 
820
 
 
821
                                if ($user_id == $user->data['user_id'])
 
822
                                {
 
823
                                        $quick_tool_ary = array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
 
824
                                }
 
825
                                else
 
826
                                {
 
827
                                        $quick_tool_ary = array();
 
828
 
 
829
                                        if ($user_row['user_type'] != USER_FOUNDER)
 
830
                                        {
 
831
                                                $quick_tool_ary += array('banuser' => 'BAN_USER', 'banemail' => 'BAN_EMAIL', 'banip' => 'BAN_IP');
 
832
                                        }
 
833
 
 
834
                                        if ($user_row['user_type'] != USER_FOUNDER && $user_row['user_type'] != USER_IGNORE)
 
835
                                        {
 
836
                                                $quick_tool_ary += array('active' => (($user_row['user_type'] == USER_INACTIVE) ? 'ACTIVATE' : 'DEACTIVATE'));
 
837
                                        }
 
838
                                        
 
839
                                        $quick_tool_ary += array('delsig' => 'DEL_SIG', 'delavatar' => 'DEL_AVATAR', 'moveposts' => 'MOVE_POSTS', 'delposts' => 'DEL_POSTS', 'delattach' => 'DEL_ATTACH');
 
840
                                        
 
841
                                        if ($config['email_enable'] && ($user_row['user_type'] == USER_NORMAL || $user_row['user_type'] == USER_INACTIVE))
 
842
                                        {
 
843
                                                $quick_tool_ary['reactivate'] = 'FORCE';
 
844
                                        }
 
845
                                }
 
846
 
 
847
                                $s_action_options = '<option class="sep" value="">' . $user->lang['SELECT_OPTION'] . '</option>';
 
848
                                foreach ($quick_tool_ary as $value => $lang)
 
849
                                {
 
850
                                        $s_action_options .= '<option value="' . $value . '">' . $user->lang['USER_ADMIN_' . $lang] . '</option>';
 
851
                                }
 
852
 
 
853
                                if ($config['load_onlinetrack'])
 
854
                                {
 
855
                                        $sql = 'SELECT MAX(session_time) AS session_time, MIN(session_viewonline) AS session_viewonline
 
856
                                                FROM ' . SESSIONS_TABLE . "
 
857
                                                WHERE session_user_id = $user_id";
 
858
                                        $result = $db->sql_query($sql);
 
859
                                        $row = $db->sql_fetchrow($result);
 
860
                                        $db->sql_freeresult($result);
 
861
 
 
862
                                        $user_row['session_time'] = (isset($row['session_time'])) ? $row['session_time'] : 0;
 
863
                                        $user_row['session_viewonline'] = (isset($row['session_viewonline'])) ? $row['session_viewonline'] : 0;
 
864
                                        unset($row);
 
865
                                }
 
866
 
 
867
                                $last_visit = (!empty($user_row['session_time'])) ? $user_row['session_time'] : $user_row['user_lastvisit'];
 
868
 
 
869
                                $inactive_reason = '';
 
870
                                if ($user_row['user_type'] == USER_INACTIVE)
 
871
                                {
 
872
                                        $inactive_reason = $user->lang['INACTIVE_REASON_UNKNOWN'];
 
873
 
 
874
                                        switch ($user_row['user_inactive_reason'])
 
875
                                        {
 
876
                                                case INACTIVE_REGISTER:
 
877
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_REGISTER'];
 
878
                                                break;
 
879
 
 
880
                                                case INACTIVE_PROFILE:
 
881
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_PROFILE'];
 
882
                                                break;
 
883
 
 
884
                                                case INACTIVE_MANUAL:
 
885
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_MANUAL'];
 
886
                                                break;
 
887
 
 
888
                                                case INACTIVE_REMIND:
 
889
                                                        $inactive_reason = $user->lang['INACTIVE_REASON_REMIND'];
 
890
                                                break;
 
891
                                        }
 
892
                                }
 
893
 
 
894
                                $template->assign_vars(array(
 
895
                                        'L_NAME_CHARS_EXPLAIN'          => sprintf($user->lang[$config['allow_name_chars'] . '_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
 
896
                                        'L_CHANGE_PASSWORD_EXPLAIN'     => sprintf($user->lang[$config['pass_complex'] . '_EXPLAIN'], $config['min_pass_chars'], $config['max_pass_chars']),
 
897
                                        'S_FOUNDER'                                     => ($user->data['user_type'] == USER_FOUNDER) ? true : false,
 
898
 
 
899
                                        'S_OVERVIEW'            => true,
 
900
                                        'S_USER_IP'                     => ($user_row['user_ip']) ? true : false,
 
901
                                        'S_USER_FOUNDER'        => ($user_row['user_type'] == USER_FOUNDER) ? true : false,
 
902
                                        'S_ACTION_OPTIONS'      => $s_action_options,
 
903
                                        'S_OWN_ACCOUNT'         => ($user_id == $user->data['user_id']) ? true : false,
 
904
                                        'S_USER_INACTIVE'       => ($user_row['user_type'] == USER_INACTIVE) ? true : false,
 
905
 
 
906
                                        'U_SHOW_IP'             => $this->u_action . "&amp;u=$user_id&amp;ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
 
907
                                        'U_WHOIS'               => $this->u_action . "&amp;action=whois&amp;user_ip={$user_row['user_ip']}",
 
908
 
 
909
                                        'U_SWITCH_PERMISSIONS'  => ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&amp;u={$user_row['user_id']}") : '',
 
910
 
 
911
                                        'USER'                          => $user_row['username'],
 
912
                                        'USER_REGISTERED'       => $user->format_date($user_row['user_regdate']),
 
913
                                        'REGISTERED_IP'         => ($ip == 'hostname') ? gethostbyaddr($user_row['user_ip']) : $user_row['user_ip'],
 
914
                                        'USER_LASTACTIVE'       => ($last_visit) ? $user->format_date($last_visit) : ' - ',
 
915
                                        'USER_EMAIL'            => $user_row['user_email'],
 
916
                                        'USER_WARNINGS'         => $user_row['user_warnings'],
 
917
                                        'USER_POSTS'            => $user_row['user_posts'],
 
918
                                        'USER_INACTIVE_REASON'  => $inactive_reason,
 
919
                                ));
 
920
 
 
921
                        break;
 
922
 
 
923
                        case 'feedback':
 
924
 
 
925
                                $user->add_lang('mcp');
 
926
                                
 
927
                                // Set up general vars
 
928
                                $start          = request_var('start', 0);
 
929
                                $deletemark = (isset($_POST['delmarked'])) ? true : false;
 
930
                                $deleteall      = (isset($_POST['delall'])) ? true : false;
 
931
                                $marked         = request_var('mark', array(0));
 
932
                                $message        = utf8_normalize_nfc(request_var('message', '', true));
 
933
 
 
934
                                // Sort keys
 
935
                                $sort_days      = request_var('st', 0);
 
936
                                $sort_key       = request_var('sk', 't');
 
937
                                $sort_dir       = request_var('sd', 'd');
 
938
 
 
939
                                // Delete entries if requested and able
 
940
                                if (($deletemark || $deleteall) && $auth->acl_get('a_clearlogs'))
 
941
                                {
 
942
                                        if (!check_form_key($form_name))
 
943
                                        {
 
944
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
945
                                        }
 
946
 
 
947
                                        $where_sql = '';
 
948
                                        if ($deletemark && $marked)
 
949
                                        {
 
950
                                                $sql_in = array();
 
951
                                                foreach ($marked as $mark)
 
952
                                                {
 
953
                                                        $sql_in[] = $mark;
 
954
                                                }
 
955
                                                $where_sql = ' AND ' . $db->sql_in_set('log_id', $sql_in);
 
956
                                                unset($sql_in);
 
957
                                        }
 
958
 
 
959
                                        if ($where_sql || $deleteall)
 
960
                                        {
 
961
                                                $sql = 'DELETE FROM ' . LOG_TABLE . '
 
962
                                                        WHERE log_type = ' . LOG_USERS . "
 
963
                                                        $where_sql";
 
964
                                                $db->sql_query($sql);
 
965
 
 
966
                                                add_log('admin', 'LOG_CLEAR_USER', $user_row['username']);
 
967
                                        }
 
968
                                }
 
969
 
 
970
                                if ($submit && $message)
 
971
                                {
 
972
                                        if (!check_form_key($form_name))
 
973
                                        {
 
974
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
975
                                        }
 
976
 
 
977
                                        add_log('admin', 'LOG_USER_FEEDBACK', $user_row['username']);
 
978
                                        add_log('mod', 0, 0, 'LOG_USER_FEEDBACK', $user_row['username']);
 
979
                                        add_log('user', $user_id, 'LOG_USER_GENERAL', $message);
 
980
 
 
981
                                        trigger_error($user->lang['USER_FEEDBACK_ADDED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
982
                                }
 
983
                                
 
984
                                // Sorting
 
985
                                $limit_days = array(0 => $user->lang['ALL_ENTRIES'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
 
986
                                $sort_by_text = array('u' => $user->lang['SORT_USERNAME'], 't' => $user->lang['SORT_DATE'], 'i' => $user->lang['SORT_IP'], 'o' => $user->lang['SORT_ACTION']);
 
987
                                $sort_by_sql = array('u' => 'u.username_clean', 't' => 'l.log_time', 'i' => 'l.log_ip', 'o' => 'l.log_operation');
 
988
 
 
989
                                $s_limit_days = $s_sort_key = $s_sort_dir = $u_sort_param = '';
 
990
                                gen_sort_selects($limit_days, $sort_by_text, $sort_days, $sort_key, $sort_dir, $s_limit_days, $s_sort_key, $s_sort_dir, $u_sort_param);
 
991
 
 
992
                                // Define where and sort sql for use in displaying logs
 
993
                                $sql_where = ($sort_days) ? (time() - ($sort_days * 86400)) : 0;
 
994
                                $sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
 
995
 
 
996
                                // Grab log data
 
997
                                $log_data = array();
 
998
                                $log_count = 0;
 
999
                                view_log('user', $log_data, $log_count, $config['topics_per_page'], $start, 0, 0, $user_id, $sql_where, $sql_sort);
 
1000
 
 
1001
                                $template->assign_vars(array(
 
1002
                                        'S_FEEDBACK'    => true,
 
1003
                                        'S_ON_PAGE'             => on_page($log_count, $config['topics_per_page'], $start),
 
1004
                                        'PAGINATION'    => generate_pagination($this->u_action . "&amp;u=$user_id&amp;$u_sort_param", $log_count, $config['topics_per_page'], $start, true),
 
1005
 
 
1006
                                        'S_LIMIT_DAYS'  => $s_limit_days,
 
1007
                                        'S_SORT_KEY'    => $s_sort_key,
 
1008
                                        'S_SORT_DIR'    => $s_sort_dir,
 
1009
                                        'S_CLEARLOGS'   => $auth->acl_get('a_clearlogs'))
 
1010
                                );
 
1011
 
 
1012
                                foreach ($log_data as $row)
 
1013
                                {
 
1014
                                        $template->assign_block_vars('log', array(
 
1015
                                                'USERNAME'              => $row['username_full'],
 
1016
                                                'IP'                    => $row['ip'],
 
1017
                                                'DATE'                  => $user->format_date($row['time']),
 
1018
                                                'ACTION'                => nl2br($row['action']),
 
1019
                                                'ID'                    => $row['id'])
 
1020
                                        );
 
1021
                                }
 
1022
 
 
1023
                        break;
 
1024
 
 
1025
                        case 'profile':
 
1026
 
 
1027
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
1028
                                include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
 
1029
 
 
1030
                                $cp = new custom_profile();
 
1031
 
 
1032
                                $cp_data = $cp_error = array();
 
1033
 
 
1034
                                $sql = 'SELECT lang_id
 
1035
                                        FROM ' . LANG_TABLE . "
 
1036
                                        WHERE lang_iso = '" . $db->sql_escape($user->data['user_lang']) . "'";
 
1037
                                $result = $db->sql_query($sql);
 
1038
                                $row = $db->sql_fetchrow($result);
 
1039
                                $db->sql_freeresult($result);
 
1040
 
 
1041
                                $user_row['iso_lang_id'] = $row['lang_id'];
 
1042
 
 
1043
                                $data = array(
 
1044
                                        'icq'                   => request_var('icq', $user_row['user_icq']),
 
1045
                                        'aim'                   => request_var('aim', $user_row['user_aim']),
 
1046
                                        'msn'                   => request_var('msn', $user_row['user_msnm']),
 
1047
                                        'yim'                   => request_var('yim', $user_row['user_yim']),
 
1048
                                        'jabber'                => utf8_normalize_nfc(request_var('jabber', $user_row['user_jabber'], true)),
 
1049
                                        'website'               => request_var('website', $user_row['user_website']),
 
1050
                                        'location'              => utf8_normalize_nfc(request_var('location', $user_row['user_from'], true)),
 
1051
                                        'occupation'    => utf8_normalize_nfc(request_var('occupation', $user_row['user_occ'], true)),
 
1052
                                        'interests'             => utf8_normalize_nfc(request_var('interests', $user_row['user_interests'], true)),
 
1053
                                        'bday_day'              => 0,
 
1054
                                        'bday_month'    => 0,
 
1055
                                        'bday_year'             => 0,
 
1056
                                );
 
1057
 
 
1058
                                if ($user_row['user_birthday'])
 
1059
                                {
 
1060
                                        list($data['bday_day'], $data['bday_month'], $data['bday_year']) = explode('-', $user_row['user_birthday']);
 
1061
                                }
 
1062
 
 
1063
                                $data['bday_day'] = request_var('bday_day', $data['bday_day']);
 
1064
                                $data['bday_month'] = request_var('bday_month', $data['bday_month']);
 
1065
                                $data['bday_year'] = request_var('bday_year', $data['bday_year']);
 
1066
 
 
1067
                                if ($submit)
 
1068
                                {
 
1069
                                        $error = validate_data($data, array(
 
1070
                                                'icq'                   => array(
 
1071
                                                        array('string', true, 3, 15),
 
1072
                                                        array('match', true, '#^[0-9]+$#i')),
 
1073
                                                'aim'                   => array('string', true, 3, 255),
 
1074
                                                'msn'                   => array('string', true, 5, 255),
 
1075
                                                'jabber'                => array(
 
1076
                                                        array('string', true, 5, 255),
 
1077
                                                        array('jabber')),
 
1078
                                                'yim'                   => array('string', true, 5, 255),
 
1079
                                                'website'               => array(
 
1080
                                                        array('string', true, 12, 255),
 
1081
                                                        array('match', true, '#^http[s]?://(.*?\.)*?[a-z0-9\-]+\.[a-z]{2,4}#i')),
 
1082
                                                'location'              => array('string', true, 2, 255),
 
1083
                                                'occupation'    => array('string', true, 2, 500),
 
1084
                                                'interests'             => array('string', true, 2, 500),
 
1085
                                                'bday_day'              => array('num', true, 1, 31),
 
1086
                                                'bday_month'    => array('num', true, 1, 12),
 
1087
                                                'bday_year'             => array('num', true, 1901, gmdate('Y', time())),
 
1088
                                        ));
 
1089
 
 
1090
                                        // validate custom profile fields
 
1091
                                        $cp->submit_cp_field('profile', $user_row['iso_lang_id'], $cp_data, $cp_error);
 
1092
 
 
1093
                                        if (sizeof($cp_error))
 
1094
                                        {
 
1095
                                                $error = array_merge($error, $cp_error);
 
1096
                                        }
 
1097
                                        if (!check_form_key($form_name))
 
1098
                                        {
 
1099
                                                $error[] = 'FORM_INVALID';
 
1100
                                        }
 
1101
 
 
1102
                                        if (!sizeof($error))
 
1103
                                        {
 
1104
                                                $sql_ary = array(
 
1105
                                                        'user_icq'              => $data['icq'],
 
1106
                                                        'user_aim'              => $data['aim'],
 
1107
                                                        'user_msnm'             => $data['msn'],
 
1108
                                                        'user_yim'              => $data['yim'],
 
1109
                                                        'user_jabber'   => $data['jabber'],
 
1110
                                                        'user_website'  => $data['website'],
 
1111
                                                        'user_from'             => $data['location'],
 
1112
                                                        'user_occ'              => $data['occupation'],
 
1113
                                                        'user_interests'=> $data['interests'],
 
1114
                                                        'user_birthday' => sprintf('%2d-%2d-%4d', $data['bday_day'], $data['bday_month'], $data['bday_year']),
 
1115
                                                );
 
1116
 
 
1117
                                                $sql = 'UPDATE ' . USERS_TABLE . '
 
1118
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 
1119
                                                        WHERE user_id = $user_id";
 
1120
                                                $db->sql_query($sql);
 
1121
 
 
1122
                                                // Update Custom Fields
 
1123
                                                if (sizeof($cp_data))
 
1124
                                                {
 
1125
                                                        switch ($db->sql_layer)
 
1126
                                                        {
 
1127
                                                                case 'oracle':
 
1128
                                                                case 'firebird':
 
1129
                                                                case 'postgres':
 
1130
                                                                        $right_delim = $left_delim = '"';
 
1131
                                                                break;
 
1132
 
 
1133
                                                                case 'sqlite':
 
1134
                                                                case 'mssql':
 
1135
                                                                case 'mssql_odbc':
 
1136
                                                                        $right_delim = ']';
 
1137
                                                                        $left_delim = '[';
 
1138
                                                                break;
 
1139
 
 
1140
                                                                case 'mysql':
 
1141
                                                                case 'mysql4':
 
1142
                                                                case 'mysqli':
 
1143
                                                                        $right_delim = $left_delim = '`';
 
1144
                                                                break;
 
1145
                                                        }
 
1146
 
 
1147
                                                        foreach ($cp_data as $key => $value)
 
1148
                                                        {
 
1149
                                                                $cp_data[$left_delim . $key . $right_delim] = $value;
 
1150
                                                                unset($cp_data[$key]);
 
1151
                                                        }
 
1152
 
 
1153
                                                        $sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . '
 
1154
                                                                SET ' . $db->sql_build_array('UPDATE', $cp_data) . "
 
1155
                                                                WHERE user_id = $user_id";
 
1156
                                                        $db->sql_query($sql);
 
1157
 
 
1158
                                                        if (!$db->sql_affectedrows())
 
1159
                                                        {
 
1160
                                                                $cp_data['user_id'] = (int) $user_id;
 
1161
 
 
1162
                                                                $db->sql_return_on_error(true);
 
1163
 
 
1164
                                                                $sql = 'INSERT INTO ' . PROFILE_FIELDS_DATA_TABLE . ' ' . $db->sql_build_array('INSERT', $cp_data);
 
1165
                                                                $db->sql_query($sql);
 
1166
 
 
1167
                                                                $db->sql_return_on_error(false);
 
1168
                                                        }
 
1169
                                                }
 
1170
 
 
1171
                                                trigger_error($user->lang['USER_PROFILE_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
1172
                                        }
 
1173
 
 
1174
                                        // Replace "error" strings with their real, localised form
 
1175
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 
1176
                                }
 
1177
 
 
1178
                                $s_birthday_day_options = '<option value="0"' . ((!$data['bday_day']) ? ' selected="selected"' : '') . '>--</option>';
 
1179
                                for ($i = 1; $i < 32; $i++)
 
1180
                                {
 
1181
                                        $selected = ($i == $data['bday_day']) ? ' selected="selected"' : '';
 
1182
                                        $s_birthday_day_options .= "<option value=\"$i\"$selected>$i</option>";
 
1183
                                }
 
1184
 
 
1185
                                $s_birthday_month_options = '<option value="0"' . ((!$data['bday_month']) ? ' selected="selected"' : '') . '>--</option>';
 
1186
                                for ($i = 1; $i < 13; $i++)
 
1187
                                {
 
1188
                                        $selected = ($i == $data['bday_month']) ? ' selected="selected"' : '';
 
1189
                                        $s_birthday_month_options .= "<option value=\"$i\"$selected>$i</option>";
 
1190
                                }
 
1191
                                $s_birthday_year_options = '';
 
1192
 
 
1193
                                $now = getdate();
 
1194
                                $s_birthday_year_options = '<option value="0"' . ((!$data['bday_year']) ? ' selected="selected"' : '') . '>--</option>';
 
1195
                                for ($i = $now['year'] - 100; $i < $now['year']; $i++)
 
1196
                                {
 
1197
                                        $selected = ($i == $data['bday_year']) ? ' selected="selected"' : '';
 
1198
                                        $s_birthday_year_options .= "<option value=\"$i\"$selected>$i</option>";
 
1199
                                }
 
1200
                                unset($now);
 
1201
 
 
1202
                                $template->assign_vars(array(
 
1203
                                        'ICQ'                   => $data['icq'],
 
1204
                                        'YIM'                   => $data['yim'],
 
1205
                                        'AIM'                   => $data['aim'],
 
1206
                                        'MSN'                   => $data['msn'],
 
1207
                                        'JABBER'                => $data['jabber'],
 
1208
                                        'WEBSITE'               => $data['website'],
 
1209
                                        'LOCATION'              => $data['location'],
 
1210
                                        'OCCUPATION'    => $data['occupation'],
 
1211
                                        'INTERESTS'             => $data['interests'],
 
1212
 
 
1213
                                        'S_BIRTHDAY_DAY_OPTIONS'        => $s_birthday_day_options,
 
1214
                                        'S_BIRTHDAY_MONTH_OPTIONS'      => $s_birthday_month_options,
 
1215
                                        'S_BIRTHDAY_YEAR_OPTIONS'       => $s_birthday_year_options,
 
1216
                                                
 
1217
                                        'S_PROFILE'             => true)
 
1218
                                );
 
1219
 
 
1220
                                // Get additional profile fields and assign them to the template block var 'profile_fields'
 
1221
                                $user->get_profile_fields($user_id);
 
1222
 
 
1223
                                $cp->generate_profile_fields('profile', $user_row['iso_lang_id']);
 
1224
 
 
1225
                        break;
 
1226
 
 
1227
                        case 'prefs':
 
1228
 
 
1229
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
1230
 
 
1231
                                $data = array(
 
1232
                                        'dateformat'            => utf8_normalize_nfc(request_var('dateformat', $user_row['user_dateformat'], true)),
 
1233
                                        'lang'                          => basename(request_var('lang', $user_row['user_lang'])),
 
1234
                                        'tz'                            => request_var('tz', (float) $user_row['user_timezone']),
 
1235
                                        'style'                         => request_var('style', $user_row['user_style']),
 
1236
                                        'dst'                           => request_var('dst', $user_row['user_dst']),
 
1237
                                        'viewemail'                     => request_var('viewemail', $user_row['user_allow_viewemail']),
 
1238
                                        'massemail'                     => request_var('massemail', $user_row['user_allow_massemail']),
 
1239
                                        'hideonline'            => request_var('hideonline', !$user_row['user_allow_viewonline']),
 
1240
                                        'notifymethod'          => request_var('notifymethod', $user_row['user_notify_type']),
 
1241
                                        'notifypm'                      => request_var('notifypm', $user_row['user_notify_pm']),
 
1242
                                        'popuppm'                       => request_var('popuppm', $this->optionget($user_row, 'popuppm')),
 
1243
                                        'allowpm'                       => request_var('allowpm', $user_row['user_allow_pm']),
 
1244
 
 
1245
                                        'topic_sk'                      => request_var('topic_sk', ($user_row['user_topic_sortby_type']) ? $user_row['user_topic_sortby_type'] : 't'),
 
1246
                                        'topic_sd'                      => request_var('topic_sd', ($user_row['user_topic_sortby_dir']) ? $user_row['user_topic_sortby_dir'] : 'd'),
 
1247
                                        'topic_st'                      => request_var('topic_st', ($user_row['user_topic_show_days']) ? $user_row['user_topic_show_days'] : 0),
 
1248
 
 
1249
                                        'post_sk'                       => request_var('post_sk', ($user_row['user_post_sortby_type']) ? $user_row['user_post_sortby_type'] : 't'),
 
1250
                                        'post_sd'                       => request_var('post_sd', ($user_row['user_post_sortby_dir']) ? $user_row['user_post_sortby_dir'] : 'a'),
 
1251
                                        'post_st'                       => request_var('post_st', ($user_row['user_post_show_days']) ? $user_row['user_post_show_days'] : 0),
 
1252
 
 
1253
                                        'view_images'           => request_var('view_images', $this->optionget($user_row, 'viewimg')),
 
1254
                                        'view_flash'            => request_var('view_flash', $this->optionget($user_row, 'viewflash')),
 
1255
                                        'view_smilies'          => request_var('view_smilies', $this->optionget($user_row, 'viewsmilies')),
 
1256
                                        'view_sigs'                     => request_var('view_sigs', $this->optionget($user_row, 'viewsigs')),
 
1257
                                        'view_avatars'          => request_var('view_avatars', $this->optionget($user_row, 'viewavatars')),
 
1258
                                        'view_wordcensor'       => request_var('view_wordcensor', $this->optionget($user_row, 'viewcensors')),
 
1259
 
 
1260
                                        'bbcode'        => request_var('bbcode', $this->optionget($user_row, 'bbcode')),
 
1261
                                        'smilies'       => request_var('smilies', $this->optionget($user_row, 'smilies')),
 
1262
                                        'sig'           => request_var('sig', $this->optionget($user_row, 'attachsig')),
 
1263
                                        'notify'        => request_var('notify', $user_row['user_notify']),
 
1264
                                );
 
1265
 
 
1266
                                if ($submit)
 
1267
                                {
 
1268
                                        $error = validate_data($data, array(
 
1269
                                                'dateformat'    => array('string', false, 1, 30),
 
1270
                                                'lang'                  => array('match', false, '#^[a-z_\-]{2,}$#i'),
 
1271
                                                'tz'                    => array('num', false, -14, 14),
 
1272
 
 
1273
                                                'topic_sk'              => array('string', false, 1, 1),
 
1274
                                                'topic_sd'              => array('string', false, 1, 1),
 
1275
                                                'post_sk'               => array('string', false, 1, 1),
 
1276
                                                'post_sd'               => array('string', false, 1, 1),
 
1277
                                        ));
 
1278
 
 
1279
                                        if (!check_form_key($form_name))
 
1280
                                        {
 
1281
                                                $error[] = 'FORM_INVALID';
 
1282
                                        }
 
1283
 
 
1284
                                        if (!sizeof($error))
 
1285
                                        {
 
1286
                                                $this->optionset($user_row, 'popuppm', $data['popuppm']);
 
1287
                                                $this->optionset($user_row, 'viewimg', $data['view_images']);
 
1288
                                                $this->optionset($user_row, 'viewflash', $data['view_flash']);
 
1289
                                                $this->optionset($user_row, 'viewsmilies', $data['view_smilies']);
 
1290
                                                $this->optionset($user_row, 'viewsigs', $data['view_sigs']);
 
1291
                                                $this->optionset($user_row, 'viewavatars', $data['view_avatars']);
 
1292
                                                $this->optionset($user_row, 'viewcensors', $data['view_wordcensor']);
 
1293
                                                $this->optionset($user_row, 'bbcode', $data['bbcode']);
 
1294
                                                $this->optionset($user_row, 'smilies', $data['smilies']);
 
1295
                                                $this->optionset($user_row, 'attachsig', $data['sig']);
 
1296
 
 
1297
                                                $sql_ary = array(
 
1298
                                                        'user_options'                  => $user_row['user_options'],
 
1299
 
 
1300
                                                        'user_allow_pm'                 => $data['allowpm'],
 
1301
                                                        'user_allow_viewemail'  => $data['viewemail'],
 
1302
                                                        'user_allow_massemail'  => $data['massemail'],
 
1303
                                                        'user_allow_viewonline' => !$data['hideonline'],
 
1304
                                                        'user_notify_type'              => $data['notifymethod'],
 
1305
                                                        'user_notify_pm'                => $data['notifypm'],
 
1306
 
 
1307
                                                        'user_dst'                              => $data['dst'],
 
1308
                                                        'user_dateformat'               => $data['dateformat'],
 
1309
                                                        'user_lang'                             => $data['lang'],
 
1310
                                                        'user_timezone'                 => $data['tz'],
 
1311
                                                        'user_style'                    => $data['style'],
 
1312
 
 
1313
                                                        'user_topic_sortby_type'        => $data['topic_sk'],
 
1314
                                                        'user_post_sortby_type'         => $data['post_sk'],
 
1315
                                                        'user_topic_sortby_dir'         => $data['topic_sd'],
 
1316
                                                        'user_post_sortby_dir'          => $data['post_sd'],
 
1317
 
 
1318
                                                        'user_topic_show_days'  => $data['topic_st'],
 
1319
                                                        'user_post_show_days'   => $data['post_st'],
 
1320
 
 
1321
                                                        'user_notify'   => $data['notify'],
 
1322
                                                );
 
1323
 
 
1324
                                                $sql = 'UPDATE ' . USERS_TABLE . '
 
1325
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
 
1326
                                                        WHERE user_id = $user_id";
 
1327
                                                $db->sql_query($sql);
 
1328
 
 
1329
                                                trigger_error($user->lang['USER_PREFS_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
1330
                                        }
 
1331
 
 
1332
                                        // Replace "error" strings with their real, localised form
 
1333
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 
1334
                                }
 
1335
 
 
1336
                                $dateformat_options = '';
 
1337
                                foreach ($user->lang['dateformats'] as $format => $null)
 
1338
                                {
 
1339
                                        $dateformat_options .= '<option value="' . $format . '"' . (($format == $data['dateformat']) ? ' selected="selected"' : '') . '>';
 
1340
                                        $dateformat_options .= $user->format_date(time(), $format, false) . ((strpos($format, '|') !== false) ? $user->lang['VARIANT_DATE_SEPARATOR'] . $user->format_date(time(), $format, true) : '');
 
1341
                                        $dateformat_options .= '</option>';
 
1342
                                }
 
1343
 
 
1344
                                $s_custom = false;
 
1345
 
 
1346
                                $dateformat_options .= '<option value="custom"';
 
1347
                                if (!in_array($data['dateformat'], array_keys($user->lang['dateformats'])))
 
1348
                                {
 
1349
                                        $dateformat_options .= ' selected="selected"';
 
1350
                                        $s_custom = true;
 
1351
                                }
 
1352
                                $dateformat_options .= '>' . $user->lang['CUSTOM_DATEFORMAT'] . '</option>';
 
1353
 
 
1354
                                $sort_dir_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
 
1355
 
 
1356
                                // Topic ordering options
 
1357
                                $limit_topic_days = array(0 => $user->lang['ALL_TOPICS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
 
1358
                                $sort_by_topic_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 'r' => $user->lang['REPLIES'], 's' => $user->lang['SUBJECT'], 'v' => $user->lang['VIEWS']);
 
1359
 
 
1360
                                // Post ordering options
 
1361
                                $limit_post_days = array(0 => $user->lang['ALL_POSTS'], 1 => $user->lang['1_DAY'], 7 => $user->lang['7_DAYS'], 14 => $user->lang['2_WEEKS'], 30 => $user->lang['1_MONTH'], 90 => $user->lang['3_MONTHS'], 180 => $user->lang['6_MONTHS'], 365 => $user->lang['1_YEAR']);
 
1362
                                $sort_by_post_text = array('a' => $user->lang['AUTHOR'], 't' => $user->lang['POST_TIME'], 's' => $user->lang['SUBJECT']);
 
1363
 
 
1364
                                $_options = array('topic', 'post');
 
1365
                                foreach ($_options as $sort_option)
 
1366
                                {
 
1367
                                        ${'s_limit_' . $sort_option . '_days'} = '<select name="' . $sort_option . '_st">';
 
1368
                                        foreach (${'limit_' . $sort_option . '_days'} as $day => $text)
 
1369
                                        {
 
1370
                                                $selected = ($data[$sort_option . '_st'] == $day) ? ' selected="selected"' : '';
 
1371
                                                ${'s_limit_' . $sort_option . '_days'} .= '<option value="' . $day . '"' . $selected . '>' . $text . '</option>';
 
1372
                                        }
 
1373
                                        ${'s_limit_' . $sort_option . '_days'} .= '</select>';
 
1374
 
 
1375
                                        ${'s_sort_' . $sort_option . '_key'} = '<select name="' . $sort_option . '_sk">';
 
1376
                                        foreach (${'sort_by_' . $sort_option . '_text'} as $key => $text)
 
1377
                                        {
 
1378
                                                $selected = ($data[$sort_option . '_sk'] == $key) ? ' selected="selected"' : '';
 
1379
                                                ${'s_sort_' . $sort_option . '_key'} .= '<option value="' . $key . '"' . $selected . '>' . $text . '</option>';
 
1380
                                        }
 
1381
                                        ${'s_sort_' . $sort_option . '_key'} .= '</select>';
 
1382
 
 
1383
                                        ${'s_sort_' . $sort_option . '_dir'} = '<select name="' . $sort_option . '_sd">';
 
1384
                                        foreach ($sort_dir_text as $key => $value)
 
1385
                                        {
 
1386
                                                $selected = ($data[$sort_option . '_sd'] == $key) ? ' selected="selected"' : '';
 
1387
                                                ${'s_sort_' . $sort_option . '_dir'} .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 
1388
                                        }
 
1389
                                        ${'s_sort_' . $sort_option . '_dir'} .= '</select>';
 
1390
                                }
 
1391
 
 
1392
                                $template->assign_vars(array(
 
1393
                                        'S_PREFS'                       => true,
 
1394
                                        'S_JABBER_DISABLED'     => ($config['jab_enable'] && $user_row['user_jabber'] && @extension_loaded('xml')) ? false : true,
 
1395
                                        
 
1396
                                        'VIEW_EMAIL'            => $data['viewemail'],
 
1397
                                        'MASS_EMAIL'            => $data['massemail'],
 
1398
                                        'ALLOW_PM'                      => $data['allowpm'],
 
1399
                                        'HIDE_ONLINE'           => $data['hideonline'],
 
1400
                                        'NOTIFY_EMAIL'          => ($data['notifymethod'] == NOTIFY_EMAIL) ? true : false,
 
1401
                                        'NOTIFY_IM'                     => ($data['notifymethod'] == NOTIFY_IM) ? true : false,
 
1402
                                        'NOTIFY_BOTH'           => ($data['notifymethod'] == NOTIFY_BOTH) ? true : false,
 
1403
                                        'NOTIFY_PM'                     => $data['notifypm'],
 
1404
                                        'POPUP_PM'                      => $data['popuppm'],
 
1405
                                        'DST'                           => $data['dst'],
 
1406
                                        'BBCODE'                        => $data['bbcode'],
 
1407
                                        'SMILIES'                       => $data['smilies'],
 
1408
                                        'ATTACH_SIG'            => $data['sig'],
 
1409
                                        'NOTIFY'                        => $data['notify'],
 
1410
                                        'VIEW_IMAGES'           => $data['view_images'],
 
1411
                                        'VIEW_FLASH'            => $data['view_flash'],
 
1412
                                        'VIEW_SMILIES'          => $data['view_smilies'],
 
1413
                                        'VIEW_SIGS'                     => $data['view_sigs'],
 
1414
                                        'VIEW_AVATARS'          => $data['view_avatars'],
 
1415
                                        'VIEW_WORDCENSOR'       => $data['view_wordcensor'],
 
1416
                                        
 
1417
                                        'S_TOPIC_SORT_DAYS'             => $s_limit_topic_days,
 
1418
                                        'S_TOPIC_SORT_KEY'              => $s_sort_topic_key,
 
1419
                                        'S_TOPIC_SORT_DIR'              => $s_sort_topic_dir,
 
1420
                                        'S_POST_SORT_DAYS'              => $s_limit_post_days,
 
1421
                                        'S_POST_SORT_KEY'               => $s_sort_post_key,
 
1422
                                        'S_POST_SORT_DIR'               => $s_sort_post_dir,
 
1423
 
 
1424
                                        'DATE_FORMAT'                   => $data['dateformat'],
 
1425
                                        'S_DATEFORMAT_OPTIONS'  => $dateformat_options,
 
1426
                                        'S_CUSTOM_DATEFORMAT'   => $s_custom,
 
1427
                                        'DEFAULT_DATEFORMAT'    => $config['default_dateformat'],
 
1428
                                        'A_DEFAULT_DATEFORMAT'  => addslashes($config['default_dateformat']),
 
1429
 
 
1430
                                        'S_LANG_OPTIONS'        => language_select($data['lang']),
 
1431
                                        'S_STYLE_OPTIONS'       => style_select($data['style']),
 
1432
                                        'S_TZ_OPTIONS'          => tz_select($data['tz'], true),
 
1433
                                        )
 
1434
                                );
 
1435
 
 
1436
                        break;
 
1437
 
 
1438
                        case 'avatar':
 
1439
 
 
1440
                                include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
 
1441
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
1442
 
 
1443
                                $can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
 
1444
 
 
1445
                                if ($submit)
 
1446
                                {
 
1447
 
 
1448
                                        if (!check_form_key($form_name))
 
1449
                                        {
 
1450
                                                        trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1451
                                        }
 
1452
 
 
1453
                                        if (avatar_process_user($error, $user_row))
 
1454
                                        {
 
1455
                                                trigger_error($user->lang['USER_AVATAR_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_row['user_id']));
 
1456
                                        }
 
1457
 
 
1458
                                        // Replace "error" strings with their real, localised form
 
1459
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 
1460
                                }
 
1461
 
 
1462
                                // Generate users avatar
 
1463
                                $avatar_img = ($user_row['user_avatar']) ? get_user_avatar($user_row['user_avatar'], $user_row['user_avatar_type'], $user_row['user_avatar_width'], $user_row['user_avatar_height']) : '<img src="' . $phpbb_admin_path . 'images/no_avatar.gif" alt="" />';
 
1464
 
 
1465
                                $display_gallery = (isset($_POST['display_gallery'])) ? true : false;
 
1466
                                $avatar_select = basename(request_var('avatar_select', ''));
 
1467
                                $category = basename(request_var('category', ''));
 
1468
 
 
1469
                                if ($config['allow_avatar_local'] && $display_gallery)
 
1470
                                {
 
1471
                                        avatar_gallery($category, $avatar_select, 4);
 
1472
                                }
 
1473
 
 
1474
                                $template->assign_vars(array(
 
1475
                                        'S_AVATAR'                      => true,
 
1476
                                        'S_CAN_UPLOAD'          => ($can_upload && $config['allow_avatar_upload']) ? true : false,
 
1477
                                        'S_ALLOW_REMOTE'        => ($config['allow_avatar_remote']) ? true : false,
 
1478
                                        'S_DISPLAY_GALLERY'     => ($config['allow_avatar_local'] && !$display_gallery) ? true : false,
 
1479
                                        'S_IN_GALLERY'          => ($config['allow_avatar_local'] && $display_gallery) ? true : false,
 
1480
 
 
1481
                                        'AVATAR_IMAGE'                  => $avatar_img,
 
1482
                                        'AVATAR_MAX_FILESIZE'   => $config['avatar_filesize'],
 
1483
                                        'USER_AVATAR_WIDTH'             => $user_row['user_avatar_width'],
 
1484
                                        'USER_AVATAR_HEIGHT'    => $user_row['user_avatar_height'],
 
1485
 
 
1486
                                        'L_AVATAR_EXPLAIN'      => sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)))
 
1487
                                );
 
1488
 
 
1489
                        break;
 
1490
 
 
1491
                        case 'rank':
 
1492
 
 
1493
                                if ($submit)
 
1494
                                {
 
1495
                                        if (!check_form_key($form_name))
 
1496
                                        {
 
1497
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1498
                                        }
 
1499
 
 
1500
                                        $rank_id = request_var('user_rank', 0);
 
1501
 
 
1502
                                        $sql = 'UPDATE ' . USERS_TABLE . "
 
1503
                                                SET user_rank = $rank_id
 
1504
                                                WHERE user_id = $user_id";
 
1505
                                        $db->sql_query($sql);
 
1506
 
 
1507
                                        trigger_error($user->lang['USER_RANK_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
1508
                                }
 
1509
                                
 
1510
                                $sql = 'SELECT *
 
1511
                                        FROM ' . RANKS_TABLE . '
 
1512
                                        WHERE rank_special = 1
 
1513
                                        ORDER BY rank_title';
 
1514
                                $result = $db->sql_query($sql);
 
1515
 
 
1516
                                $s_rank_options = '<option value="0"' . ((!$user_row['user_rank']) ? ' selected="selected"' : '') . '>' . $user->lang['NO_SPECIAL_RANK'] . '</option>';
 
1517
 
 
1518
                                while ($row = $db->sql_fetchrow($result))
 
1519
                                {
 
1520
                                        $selected = ($user_row['user_rank'] && $row['rank_id'] == $user_row['user_rank']) ? ' selected="selected"' : '';
 
1521
                                        $s_rank_options .= '<option value="' . $row['rank_id'] . '"' . $selected . '>' . $row['rank_title'] . '</option>';
 
1522
                                }
 
1523
                                $db->sql_freeresult($result);
 
1524
 
 
1525
                                $template->assign_vars(array(
 
1526
                                        'S_RANK'                        => true,
 
1527
                                        'S_RANK_OPTIONS'        => $s_rank_options)
 
1528
                                );
 
1529
 
 
1530
                        break;
 
1531
                        
 
1532
                        case 'sig':
 
1533
                        
 
1534
                                include_once($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
 
1535
                                include_once($phpbb_root_path . 'includes/functions_display.' . $phpEx);
 
1536
 
 
1537
                                $enable_bbcode  = ($config['allow_sig_bbcode']) ? ((request_var('disable_bbcode', !$user->optionget('bbcode'))) ? false : true) : false;
 
1538
                                $enable_smilies = ($config['allow_sig_smilies']) ? ((request_var('disable_smilies', !$user->optionget('smilies'))) ? false : true) : false;
 
1539
                                $enable_urls    = ($config['allow_sig_links']) ? ((request_var('disable_magic_url', false)) ? false : true) : false;
 
1540
                                $signature              = utf8_normalize_nfc(request_var('signature', (string) $user_row['user_sig'], true));
 
1541
 
 
1542
                                $preview                = (isset($_POST['preview'])) ? true : false;
 
1543
 
 
1544
                                if ($submit || $preview)
 
1545
                                {
 
1546
                                        include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
 
1547
 
 
1548
                                        $message_parser = new parse_message($signature);
 
1549
 
 
1550
                                        // Allowing Quote BBCode
 
1551
                                        $message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
 
1552
                                                
 
1553
                                        if (sizeof($message_parser->warn_msg))
 
1554
                                        {
 
1555
                                                $error[] = implode('<br />', $message_parser->warn_msg);
 
1556
                                        }
 
1557
 
 
1558
                                        if (!check_form_key($form_name))
 
1559
                                        {
 
1560
                                                $error = 'FORM_INVALID';
 
1561
                                        }
 
1562
 
 
1563
                                        if (!sizeof($error) && $submit)
 
1564
                                        {
 
1565
                                                $sql_ary = array(
 
1566
                                                        'user_sig'                                      => (string) $message_parser->message,
 
1567
                                                        'user_sig_bbcode_uid'           => (string) $message_parser->bbcode_uid,
 
1568
                                                        'user_sig_bbcode_bitfield'      => (string) $message_parser->bbcode_bitfield
 
1569
                                                );
 
1570
 
 
1571
                                                $sql = 'UPDATE ' . USERS_TABLE . '
 
1572
                                                        SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
 
1573
                                                        WHERE user_id = ' . $user_id;
 
1574
                                                $db->sql_query($sql);
 
1575
 
 
1576
                                                trigger_error($user->lang['USER_SIG_UPDATED'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
1577
                                        }
 
1578
        
 
1579
                                        // Replace "error" strings with their real, localised form
 
1580
                                        $error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 
1581
                                }
 
1582
                                
 
1583
                                $signature_preview = '';
 
1584
                                
 
1585
                                if ($preview)
 
1586
                                {
 
1587
                                        // Now parse it for displaying
 
1588
                                        $signature_preview = $message_parser->format_display($enable_bbcode, $enable_urls, $enable_smilies, false);
 
1589
                                        unset($message_parser);
 
1590
                                }
 
1591
 
 
1592
                                decode_message($signature, $user_row['user_sig_bbcode_uid']);
 
1593
 
 
1594
                                $template->assign_vars(array(
 
1595
                                        'S_SIGNATURE'           => true,
 
1596
 
 
1597
                                        'SIGNATURE'                     => $signature,
 
1598
                                        'SIGNATURE_PREVIEW'     => $signature_preview,
 
1599
 
 
1600
                                        'S_BBCODE_CHECKED'              => (!$enable_bbcode) ? ' checked="checked"' : '',
 
1601
                                        'S_SMILIES_CHECKED'             => (!$enable_smilies) ? ' checked="checked"' : '',
 
1602
                                        'S_MAGIC_URL_CHECKED'   => (!$enable_urls) ? ' checked="checked"' : '',
 
1603
 
 
1604
                                        'BBCODE_STATUS'                 => ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
 
1605
                                        'SMILIES_STATUS'                => ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
 
1606
                                        'IMG_STATUS'                    => ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
 
1607
                                        'FLASH_STATUS'                  => ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
 
1608
                                        'URL_STATUS'                    => ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
 
1609
 
 
1610
                                        'L_SIGNATURE_EXPLAIN'   => sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
 
1611
 
 
1612
                                        'S_BBCODE_ALLOWED'              => $config['allow_sig_bbcode'],
 
1613
                                        'S_SMILIES_ALLOWED'             => $config['allow_sig_smilies'],
 
1614
                                        'S_BBCODE_IMG'                  => ($config['allow_sig_img']) ? true : false,
 
1615
                                        'S_BBCODE_FLASH'                => ($config['allow_sig_flash']) ? true : false,
 
1616
                                        'S_LINKS_ALLOWED'               => ($config['allow_sig_links']) ? true : false)
 
1617
                                );
 
1618
 
 
1619
                                // Assigning custom bbcodes
 
1620
                                display_custom_bbcodes();
 
1621
 
 
1622
                        break;
 
1623
 
 
1624
                        case 'attach':
 
1625
 
 
1626
                                $start          = request_var('start', 0);
 
1627
                                $deletemark = (isset($_POST['delmarked'])) ? true : false;
 
1628
                                $marked         = request_var('mark', array(0));
 
1629
 
 
1630
                                // Sort keys
 
1631
                                $sort_key       = request_var('sk', 'a');
 
1632
                                $sort_dir       = request_var('sd', 'd');
 
1633
 
 
1634
                                if ($deletemark && sizeof($marked))
 
1635
                                {
 
1636
                                        $sql = 'SELECT attach_id
 
1637
                                                FROM ' . ATTACHMENTS_TABLE . '
 
1638
                                                WHERE poster_id = ' . $user_id . '
 
1639
                                                        AND is_orphan = 0
 
1640
                                                        AND ' . $db->sql_in_set('attach_id', $marked);
 
1641
                                        $result = $db->sql_query($sql);
 
1642
 
 
1643
                                        $marked = array();
 
1644
                                        while ($row = $db->sql_fetchrow($result))
 
1645
                                        {
 
1646
                                                $marked[] = $row['attach_id'];
 
1647
                                        }
 
1648
                                        $db->sql_freeresult($result);
 
1649
                                }
 
1650
 
 
1651
                                if ($deletemark && sizeof($marked))
 
1652
                                {
 
1653
                                        if (confirm_box(true))
 
1654
                                        {
 
1655
                                                $sql = 'SELECT real_filename
 
1656
                                                        FROM ' . ATTACHMENTS_TABLE . '
 
1657
                                                        WHERE ' . $db->sql_in_set('attach_id', $marked);
 
1658
                                                $result = $db->sql_query($sql);
 
1659
 
 
1660
                                                $log_attachments = array();
 
1661
                                                while ($row = $db->sql_fetchrow($result))
 
1662
                                                {
 
1663
                                                        $log_attachments[] = $row['real_filename'];
 
1664
                                                }
 
1665
                                                $db->sql_freeresult($result);
 
1666
 
 
1667
                                                delete_attachments('attach', $marked);
 
1668
 
 
1669
                                                $message = (sizeof($log_attachments) == 1) ? $user->lang['ATTACHMENT_DELETED'] : $user->lang['ATTACHMENTS_DELETED'];
 
1670
 
 
1671
                                                add_log('admin', 'LOG_ATTACHMENTS_DELETED', implode(', ', $log_attachments));
 
1672
                                                trigger_error($message . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
1673
                                        }
 
1674
                                        else
 
1675
                                        {
 
1676
                                                confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 
1677
                                                        'u'                             => $user_id,
 
1678
                                                        'i'                             => $id,
 
1679
                                                        'mode'                  => $mode,
 
1680
                                                        'action'                => $action,
 
1681
                                                        'delmarked'             => true,
 
1682
                                                        'mark'                  => $marked))
 
1683
                                                );
 
1684
                                        }
 
1685
                                }
 
1686
 
 
1687
                                $sk_text = array('a' => $user->lang['SORT_FILENAME'], 'c' => $user->lang['SORT_EXTENSION'], 'd' => $user->lang['SORT_SIZE'], 'e' => $user->lang['SORT_DOWNLOADS'], 'f' => $user->lang['SORT_POST_TIME'], 'g' => $user->lang['SORT_TOPIC_TITLE']);
 
1688
                                $sk_sql = array('a' => 'a.real_filename', 'c' => 'a.extension', 'd' => 'a.filesize', 'e' => 'a.download_count', 'f' => 'a.filetime', 'g' => 't.topic_title');
 
1689
 
 
1690
                                $sd_text = array('a' => $user->lang['ASCENDING'], 'd' => $user->lang['DESCENDING']);
 
1691
 
 
1692
                                $s_sort_key = '';
 
1693
                                foreach ($sk_text as $key => $value)
 
1694
                                {
 
1695
                                        $selected = ($sort_key == $key) ? ' selected="selected"' : '';
 
1696
                                        $s_sort_key .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 
1697
                                }
 
1698
 
 
1699
                                $s_sort_dir = '';
 
1700
                                foreach ($sd_text as $key => $value)
 
1701
                                {
 
1702
                                        $selected = ($sort_dir == $key) ? ' selected="selected"' : '';
 
1703
                                        $s_sort_dir .= '<option value="' . $key . '"' . $selected . '>' . $value . '</option>';
 
1704
                                }
 
1705
 
 
1706
                                if (!isset($sk_sql[$sort_key]))
 
1707
                                {
 
1708
                                        $sort_key = 'a';
 
1709
                                }
 
1710
 
 
1711
                                $order_by = $sk_sql[$sort_key] . ' ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
 
1712
 
 
1713
                                $sql = 'SELECT COUNT(attach_id) as num_attachments
 
1714
                                        FROM ' . ATTACHMENTS_TABLE . "
 
1715
                                        WHERE poster_id = $user_id
 
1716
                                                AND is_orphan = 0";
 
1717
                                $result = $db->sql_query_limit($sql, 1);
 
1718
                                $num_attachments = (int) $db->sql_fetchfield('num_attachments');
 
1719
                                $db->sql_freeresult($result);
 
1720
 
 
1721
                                $sql = 'SELECT a.*, t.topic_title, p.message_subject as message_title
 
1722
                                        FROM ' . ATTACHMENTS_TABLE . ' a
 
1723
                                                LEFT JOIN ' . TOPICS_TABLE . ' t ON (a.topic_id = t.topic_id
 
1724
                                                        AND a.in_message = 0)
 
1725
                                                LEFT JOIN ' . PRIVMSGS_TABLE . ' p ON (a.post_msg_id = p.msg_id
 
1726
                                                        AND a.in_message = 1)
 
1727
                                        WHERE a.poster_id = ' . $user_id . "
 
1728
                                                AND a.is_orphan = 0
 
1729
                                        ORDER BY $order_by";
 
1730
                                $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
 
1731
 
 
1732
                                while ($row = $db->sql_fetchrow($result))
 
1733
                                {
 
1734
                                        if ($row['in_message'])
 
1735
                                        {
 
1736
                                                $view_topic = append_sid("{$phpbb_root_path}ucp.$phpEx", "i=pm&amp;p={$row['post_msg_id']}");
 
1737
                                        }
 
1738
                                        else
 
1739
                                        {
 
1740
                                                $view_topic = append_sid("{$phpbb_root_path}viewtopic.$phpEx", "t={$row['topic_id']}&amp;p={$row['post_msg_id']}") . '#p' . $row['post_msg_id'];
 
1741
                                        }
 
1742
 
 
1743
                                        $template->assign_block_vars('attach', array(
 
1744
                                                'REAL_FILENAME'         => $row['real_filename'],
 
1745
                                                'COMMENT'                       => nl2br($row['attach_comment']),
 
1746
                                                'EXTENSION'                     => $row['extension'],
 
1747
                                                'SIZE'                          => ($row['filesize'] >= 1048576) ? ($row['filesize'] >> 20) . ' ' . $user->lang['MB'] : (($row['filesize'] >= 1024) ? ($row['filesize'] >> 10) . ' ' . $user->lang['KB'] : $row['filesize'] . ' ' . $user->lang['BYTES']),
 
1748
                                                'DOWNLOAD_COUNT'        => $row['download_count'],
 
1749
                                                'POST_TIME'                     => $user->format_date($row['filetime']),
 
1750
                                                'TOPIC_TITLE'           => ($row['in_message']) ? $row['message_title'] : $row['topic_title'],
 
1751
 
 
1752
                                                'ATTACH_ID'                     => $row['attach_id'],
 
1753
                                                'POST_ID'                       => $row['post_msg_id'],
 
1754
                                                'TOPIC_ID'                      => $row['topic_id'],
 
1755
                                
 
1756
                                                'S_IN_MESSAGE'          => $row['in_message'],
 
1757
 
 
1758
                                                'U_DOWNLOAD'            => append_sid("{$phpbb_root_path}download/file.$phpEx", 'mode=view&amp;id=' . $row['attach_id']),
 
1759
                                                'U_VIEW_TOPIC'          => $view_topic)
 
1760
                                        );
 
1761
                                }
 
1762
                                $db->sql_freeresult($result);
 
1763
                
 
1764
                                $template->assign_vars(array(
 
1765
                                        'S_ATTACHMENTS'         => true,
 
1766
                                        'S_ON_PAGE'                     => on_page($num_attachments, $config['topics_per_page'], $start),
 
1767
                                        'S_SORT_KEY'            => $s_sort_key,
 
1768
                                        'S_SORT_DIR'            => $s_sort_dir,
 
1769
 
 
1770
                                        'PAGINATION'            => generate_pagination($this->u_action . "&amp;u=$user_id&amp;sk=$sort_key&amp;sd=$sort_dir", $num_attachments, $config['topics_per_page'], $start, true))
 
1771
                                );
 
1772
 
 
1773
                        break;
 
1774
                
 
1775
                        case 'groups':
 
1776
 
 
1777
                                include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
1778
 
 
1779
                                $user->add_lang(array('groups', 'acp/groups'));
 
1780
                                $group_id = request_var('g', 0);
 
1781
                                
 
1782
                                if ($group_id)
 
1783
                                {
 
1784
                                        // Check the founder only entry for this group to make sure everything is well
 
1785
                                        $sql = 'SELECT group_founder_manage
 
1786
                                                FROM ' . GROUPS_TABLE . '
 
1787
                                                WHERE group_id = ' . $group_id;
 
1788
                                        $result = $db->sql_query($sql);
 
1789
                                        $founder_manage = (int) $db->sql_fetchfield('group_founder_manage');
 
1790
                                        $db->sql_freeresult($result);
 
1791
                                        
 
1792
                                        if ($user->data['user_type'] != USER_FOUNDER && $founder_manage)
 
1793
                                        {
 
1794
                                                trigger_error($user->lang['NOT_ALLOWED_MANAGE_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1795
                                        }
 
1796
                                }
 
1797
                                else
 
1798
                                {
 
1799
                                        $founder_manage = 0;
 
1800
                                }
 
1801
                                
 
1802
                                switch ($action)
 
1803
                                {
 
1804
                                        case 'demote':
 
1805
                                        case 'promote':
 
1806
                                        case 'default':
 
1807
                                                if (!$group_id)
 
1808
                                                {
 
1809
                                                        trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1810
                                                }
 
1811
                                                group_user_attributes($action, $group_id, $user_id);
 
1812
 
 
1813
                                                if ($action == 'default')
 
1814
                                                {
 
1815
                                                        $user_row['group_id'] = $group_id;
 
1816
                                                }
 
1817
                                        break;
 
1818
 
 
1819
                                        case 'delete':
 
1820
 
 
1821
                                                if (confirm_box(true))
 
1822
                                                {
 
1823
                                                        if (!$group_id)
 
1824
                                                        {
 
1825
                                                                trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1826
                                                        }
 
1827
 
 
1828
                                                        if ($error = group_user_del($group_id, $user_id))
 
1829
                                                        {
 
1830
                                                                trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1831
                                                        }
 
1832
                                                
 
1833
                                                        $error = array();
 
1834
                                                }
 
1835
                                                else
 
1836
                                                {
 
1837
                                                        confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 
1838
                                                                'u'                             => $user_id,
 
1839
                                                                'i'                             => $id,
 
1840
                                                                'mode'                  => $mode,
 
1841
                                                                'action'                => $action,
 
1842
                                                                'g'                             => $group_id))
 
1843
                                                        );
 
1844
                                                }
 
1845
        
 
1846
                                        break;
 
1847
                                }
 
1848
 
 
1849
                                // Add user to group?
 
1850
                                if ($submit)
 
1851
                                {
 
1852
 
 
1853
                                        if (!check_form_key($form_name))
 
1854
                                        {
 
1855
                                                trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1856
                                        }
 
1857
 
 
1858
                                        if (!$group_id)
 
1859
                                        {
 
1860
                                                trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1861
                                        }
 
1862
 
 
1863
                                        // Add user/s to group
 
1864
                                        if ($error = group_user_add($group_id, $user_id))
 
1865
                                        {
 
1866
                                                trigger_error($user->lang[$error] . adm_back_link($this->u_action . '&amp;u=' . $user_id), E_USER_WARNING);
 
1867
                                        }
 
1868
 
 
1869
                                        $error = array();
 
1870
                                }
 
1871
 
 
1872
 
 
1873
                                $sql = 'SELECT ug.*, g.*
 
1874
                                        FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug
 
1875
                                        WHERE ug.user_id = $user_id
 
1876
                                                AND g.group_id = ug.group_id
 
1877
                                        ORDER BY g.group_type DESC, ug.user_pending ASC, g.group_name";
 
1878
                                $result = $db->sql_query($sql);
 
1879
 
 
1880
                                $i = 0;
 
1881
                                $group_data = $id_ary = array();
 
1882
                                while ($row = $db->sql_fetchrow($result))
 
1883
                                {
 
1884
                                        $type = ($row['group_type'] == GROUP_SPECIAL) ? 'special' : (($row['user_pending']) ? 'pending' : 'normal');
 
1885
 
 
1886
                                        $group_data[$type][$i]['group_id']              = $row['group_id'];
 
1887
                                        $group_data[$type][$i]['group_name']    = $row['group_name'];
 
1888
                                        $group_data[$type][$i]['group_leader']  = ($row['group_leader']) ? 1 : 0;
 
1889
 
 
1890
                                        $id_ary[] = $row['group_id'];
 
1891
 
 
1892
                                        $i++;
 
1893
                                }
 
1894
                                $db->sql_freeresult($result);
 
1895
 
 
1896
                                // Select box for other groups
 
1897
                                $sql = 'SELECT group_id, group_name, group_type, group_founder_manage
 
1898
                                        FROM ' . GROUPS_TABLE . '
 
1899
                                        ' . ((sizeof($id_ary)) ? 'WHERE ' . $db->sql_in_set('group_id', $id_ary, true) : '') . '
 
1900
                                        ORDER BY group_type DESC, group_name ASC';
 
1901
                                $result = $db->sql_query($sql);
 
1902
 
 
1903
                                $s_group_options = '';
 
1904
                                while ($row = $db->sql_fetchrow($result))
 
1905
                                {
 
1906
                                        if (!$config['coppa_enable'] && $row['group_name'] == 'REGISTERED_COPPA')
 
1907
                                        {
 
1908
                                                continue;
 
1909
                                        }
 
1910
 
 
1911
                                        // Do not display those groups not allowed to be managed
 
1912
                                        if ($user->data['user_type'] != USER_FOUNDER && $row['group_founder_manage'])
 
1913
                                        {
 
1914
                                                continue;
 
1915
                                        }
 
1916
 
 
1917
                                        $s_group_options .= '<option' . (($row['group_type'] == GROUP_SPECIAL) ? ' class="sep"' : '') . ' value="' . $row['group_id'] . '">' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
 
1918
                                }
 
1919
                                $db->sql_freeresult($result);
 
1920
 
 
1921
                                $current_type = '';
 
1922
                                foreach ($group_data as $group_type => $data_ary)
 
1923
                                {
 
1924
                                        if ($current_type != $group_type)
 
1925
                                        {
 
1926
                                                $template->assign_block_vars('group', array(
 
1927
                                                        'S_NEW_GROUP_TYPE'              => true,
 
1928
                                                        'GROUP_TYPE'                    => $user->lang['USER_GROUP_' . strtoupper($group_type)])
 
1929
                                                );
 
1930
                                        }
 
1931
 
 
1932
                                        foreach ($data_ary as $data)
 
1933
                                        {
 
1934
                                                $template->assign_block_vars('group', array(
 
1935
                                                        'U_EDIT_GROUP'          => append_sid("{$phpbb_admin_path}index.$phpEx", "i=groups&amp;mode=manage&amp;action=edit&amp;u=$user_id&amp;g={$data['group_id']}&amp;back_link=acp_users_groups"),
 
1936
                                                        'U_DEFAULT'                     => $this->u_action . "&amp;action=default&amp;u=$user_id&amp;g=" . $data['group_id'],
 
1937
                                                        'U_DEMOTE_PROMOTE'      => $this->u_action . '&amp;action=' . (($data['group_leader']) ? 'demote' : 'promote') . "&amp;u=$user_id&amp;g=" . $data['group_id'],
 
1938
                                                        'U_DELETE'                      => $this->u_action . "&amp;action=delete&amp;u=$user_id&amp;g=" . $data['group_id'],
 
1939
 
 
1940
                                                        'GROUP_NAME'            => ($group_type == 'special') ? $user->lang['G_' . $data['group_name']] : $data['group_name'],
 
1941
                                                        'L_DEMOTE_PROMOTE'      => ($data['group_leader']) ? $user->lang['GROUP_DEMOTE'] : $user->lang['GROUP_PROMOTE'],
 
1942
 
 
1943
                                                        'S_NO_DEFAULT'          => ($user_row['group_id'] != $data['group_id']) ? true : false,
 
1944
                                                        'S_SPECIAL_GROUP'       => ($group_type == 'special') ? true : false,
 
1945
                                                        )
 
1946
                                                );
 
1947
                                        }
 
1948
                                }
 
1949
 
 
1950
                                $template->assign_vars(array(
 
1951
                                        'S_GROUPS'                      => true,
 
1952
                                        'S_GROUP_OPTIONS'       => $s_group_options)
 
1953
                                );
 
1954
 
 
1955
                        break;
 
1956
 
 
1957
                        case 'perm':
 
1958
 
 
1959
                                include_once($phpbb_root_path . 'includes/acp/auth.' . $phpEx);
 
1960
 
 
1961
                                $auth_admin = new auth_admin();
 
1962
 
 
1963
                                $user->add_lang('acp/permissions');
 
1964
                                add_permission_language();
 
1965
 
 
1966
                                $forum_id = request_var('f', 0);
 
1967
 
 
1968
                                // Global Permissions
 
1969
                                if (!$forum_id)
 
1970
                                {
 
1971
                                        // Select auth options
 
1972
                                        $sql = 'SELECT auth_option, is_local, is_global
 
1973
                                                FROM ' . ACL_OPTIONS_TABLE . '
 
1974
                                                WHERE auth_option ' . $db->sql_like_expression($db->any_char . '_') . '
 
1975
                                                        AND is_global = 1
 
1976
                                                ORDER BY auth_option';
 
1977
                                        $result = $db->sql_query($sql);
 
1978
 
 
1979
                                        $hold_ary = array();
 
1980
                                        
 
1981
                                        while ($row = $db->sql_fetchrow($result))
 
1982
                                        {
 
1983
                                                $hold_ary = $auth_admin->get_mask('view', $user_id, false, false, $row['auth_option'], 'global', ACL_NEVER);
 
1984
                                                $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', false, false);
 
1985
                                        }
 
1986
                                        $db->sql_freeresult($result);
 
1987
 
 
1988
                                        unset($hold_ary);
 
1989
                                }
 
1990
                                else
 
1991
                                {
 
1992
                                        $sql = 'SELECT auth_option, is_local, is_global
 
1993
                                                FROM ' . ACL_OPTIONS_TABLE . "
 
1994
                                                WHERE auth_option " . $db->sql_like_expression($db->any_char . '_') . "
 
1995
                                                        AND is_local = 1
 
1996
                                                ORDER BY is_global DESC, auth_option";
 
1997
                                        $result = $db->sql_query($sql);
 
1998
 
 
1999
                                        while ($row = $db->sql_fetchrow($result))
 
2000
                                        {
 
2001
                                                $hold_ary = $auth_admin->get_mask('view', $user_id, false, $forum_id, $row['auth_option'], 'local', ACL_NEVER);
 
2002
                                                $auth_admin->display_mask('view', $row['auth_option'], $hold_ary, 'user', true, false);
 
2003
                                        }
 
2004
                                        $db->sql_freeresult($result);
 
2005
                                }
 
2006
 
 
2007
                                $s_forum_options = '<option value="0"' . ((!$forum_id) ? ' selected="selected"' : '') . '>' . $user->lang['VIEW_GLOBAL_PERMS'] . '</option>';
 
2008
                                $s_forum_options .= make_forum_select($forum_id, false, true, false, false, false);
 
2009
 
 
2010
                                $template->assign_vars(array(
 
2011
                                        'S_PERMISSIONS'                         => true,
 
2012
 
 
2013
                                        'S_GLOBAL'                                      => (!$forum_id) ? true : false,
 
2014
                                        'S_FORUM_OPTIONS'                       => $s_forum_options,
 
2015
 
 
2016
                                        'U_ACTION'                                      => $this->u_action . '&amp;u=' . $user_id,
 
2017
                                        'U_USER_PERMISSIONS'            => append_sid("{$phpbb_admin_path}index.$phpEx" ,'i=permissions&amp;mode=setting_user_global&amp;user_id[]=' . $user_id),
 
2018
                                        'U_USER_FORUM_PERMISSIONS'      => append_sid("{$phpbb_admin_path}index.$phpEx", 'i=permissions&amp;mode=setting_user_local&amp;user_id[]=' . $user_id))
 
2019
                                );
 
2020
                        
 
2021
                        break;
 
2022
 
 
2023
                }
 
2024
 
 
2025
                // Assign general variables
 
2026
                $template->assign_vars(array(
 
2027
                        'S_ERROR'                       => (sizeof($error)) ? true : false,
 
2028
                        'ERROR_MSG'                     => (sizeof($error)) ? implode('<br />', $error) : '')
 
2029
                );
 
2030
        }
 
2031
 
 
2032
        /**
 
2033
        * Optionset replacement for this module based on $user->optionset
 
2034
        */
 
2035
        function optionset(&$user_row, $key, $value, $data = false)
 
2036
        {
 
2037
                global $user;
 
2038
 
 
2039
                $var = ($data) ? $data : $user_row['user_options'];
 
2040
 
 
2041
                if ($value && !($var & 1 << $user->keyoptions[$key]))
 
2042
                {
 
2043
                        $var += 1 << $user->keyoptions[$key];
 
2044
                }
 
2045
                else if (!$value && ($var & 1 << $user->keyoptions[$key]))
 
2046
                {
 
2047
                        $var -= 1 << $user->keyoptions[$key];
 
2048
                }
 
2049
                else
 
2050
                {
 
2051
                        return ($data) ? $var : false;
 
2052
                }
 
2053
 
 
2054
                if (!$data)
 
2055
                {
 
2056
                        $user_row['user_options'] = $var;
 
2057
                        return true;
 
2058
                }
 
2059
                else
 
2060
                {
 
2061
                        return $var;
 
2062
                }
 
2063
        }
 
2064
 
 
2065
        /**
 
2066
        * Optionget replacement for this module based on $user->optionget
 
2067
        */
 
2068
        function optionget(&$user_row, $key, $data = false)
 
2069
        {
 
2070
                global $user;
 
2071
 
 
2072
                $var = ($data) ? $data : $user_row['user_options'];
 
2073
                return ($var & 1 << $user->keyoptions[$key]) ? true : false;
 
2074
        }
 
2075
}
 
2076
 
 
2077
?>
 
 
b'\\ No newline at end of file'