| [ Index ] |
PHP Cross Reference of MyBB 1.6.5 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.6 4 * Copyright 2010 MyBB Group, All Rights Reserved 5 * 6 * Website: http://mybb.com 7 * License: http://mybb.com/about/license 8 * 9 * $Id: users.php 5646 2011-10-31 10:32:20Z PirataNervo $ 10 */ 11 12 // Disallow direct access to this file for security reasons 13 if(!defined("IN_MYBB")) 14 { 15 die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined."); 16 } 17 18 // should also have a 'view coppa awaiting activation' view 19 require_once MYBB_ROOT."inc/functions_upload.php"; 20 21 22 $page->add_breadcrumb_item($lang->users, "index.php?module=user-users"); 23 24 if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action']) 25 { 26 $sub_tabs['browse_users'] = array( 27 'title' => $lang->browse_users, 28 'link' => "index.php?module=user-users", 29 'description' => $lang->browse_users_desc 30 ); 31 32 $sub_tabs['find_users'] = array( 33 'title' => $lang->find_users, 34 'link' => "index.php?module=user-users&action=search", 35 'description' => $lang->find_users_desc 36 ); 37 38 $sub_tabs['create_user'] = array( 39 'title' => $lang->create_user, 40 'link' => "index.php?module=user-users&action=add", 41 'description' => $lang->create_user_desc 42 ); 43 44 $sub_tabs['merge_users'] = array( 45 'title' => $lang->merge_users, 46 'link' => "index.php?module=user-users&action=merge", 47 'description' => $lang->merge_users_desc 48 ); 49 } 50 51 $user_view_fields = array( 52 "avatar" => array( 53 "title" => $lang->avatar, 54 "width" => "24", 55 "align" => "" 56 ), 57 58 "username" => array( 59 "title" => $lang->username, 60 "width" => "", 61 "align" => "" 62 ), 63 64 "email" => array( 65 "title" => $lang->email, 66 "width" => "", 67 "align" => "center" 68 ), 69 70 "usergroup" => array( 71 "title" => $lang->primary_group, 72 "width" => "", 73 "align" => "center" 74 ), 75 76 "additionalgroups" => array( 77 "title" => $lang->additional_groups, 78 "width" => "", 79 "align" => "center" 80 ), 81 82 "regdate" => array( 83 "title" => $lang->registered, 84 "width" => "", 85 "align" => "center" 86 ), 87 88 "lastactive" => array( 89 "title" => $lang->last_active, 90 "width" => "", 91 "align" => "center" 92 ), 93 94 "postnum" => array( 95 "title" => $lang->post_count, 96 "width" => "", 97 "align" => "center" 98 ), 99 100 "reputation" => array( 101 "title" => $lang->reputation, 102 "width" => "", 103 "align" => "center" 104 ), 105 106 "warninglevel" => array( 107 "title" => $lang->warning_level, 108 "width" => "", 109 "align" => "center" 110 ), 111 112 "regip" => array( 113 "title" => $lang->registration_ip, 114 "width" => "", 115 "align" => "center" 116 ), 117 118 "lastip" => array( 119 "title" => $lang->last_known_ip, 120 "width" => "", 121 "align" => "center" 122 ), 123 124 "controls" => array( 125 "title" => $lang->controls, 126 "width" => "", 127 "align" => "center" 128 ) 129 ); 130 131 $sort_options = array( 132 "username" => $lang->username, 133 "regdate" => $lang->registration_date, 134 "lastactive" => $lang->last_active, 135 "numposts" => $lang->post_count, 136 "reputation" => $lang->reputation, 137 "warninglevel" => $lang->warning_level 138 ); 139 140 $plugins->run_hooks("admin_user_users_begin"); 141 142 // Initialise the views manager for user based views 143 require MYBB_ADMIN_DIR."inc/functions_view_manager.php"; 144 if($mybb->input['action'] == "views") 145 { 146 view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions"); 147 } 148 149 if($mybb->input['action'] == "avatar_gallery") 150 { 151 $plugins->run_hooks("admin_user_users_avatar_gallery"); 152 153 $user = get_user($mybb->input['uid']); 154 if(!$user['uid']) 155 { 156 exit; 157 } 158 159 // We've selected a new avatar for this user! 160 if($mybb->input['avatar']) 161 { 162 $mybb->input['avatar'] = str_replace(array("./", ".."), "", $mybb->input['avatar']); 163 164 if(file_exists("../".$mybb->settings['avatardir']."/".$mybb->input['avatar'])) 165 { 166 $dimensions = @getimagesize("../".$mybb->settings['avatardir']."/".$mybb->input['avatar']); 167 $updated_avatar = array( 168 "avatar" => $db->escape_string($mybb->settings['avatardir']."/".$mybb->input['avatar'].'?dateline='.TIME_NOW), 169 "avatardimensions" => "{$dimensions[0]}|{$dimensions[1]}", 170 "avatartype" => "gallery" 171 ); 172 173 $db->update_query("users", $updated_avatar, "uid='".$user['uid']."'"); 174 175 $plugins->run_hooks("admin_user_users_avatar_gallery_commit"); 176 177 // Log admin action 178 log_admin_action($user['uid'], $user['username']); 179 } 180 remove_avatars($user['uid']); 181 // Now a tad of javascript to submit the parent window form 182 echo "<script type=\"text/javascript\">window.parent.submitUserForm();</script>"; 183 exit; 184 } 185 186 echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"; 187 echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"; 188 echo "<head profile=\"http://gmpg.org/xfn/1\">\n"; 189 echo " <title>{$lang->avatar_gallery}</title>\n"; 190 echo " <link rel=\"stylesheet\" href=\"styles/".$page->style."/main.css\" type=\"text/css\" />\n"; 191 echo " <link rel=\"stylesheet\" href=\"styles/".$page->style."/avatar_gallery.css\" type=\"text/css\" />\n"; 192 echo " <script type=\"text/javascript\" src=\"../jscripts/prototype.js\"></script>\n"; 193 echo " <script type=\"text/javascript\" src=\"../jscripts/general.js\"></script>\n"; 194 echo "</head>\n"; 195 echo "<body id=\"avatar_gallery\">\n"; 196 197 // Sanitize incoming path if we have one 198 $gallery = str_replace(array("..", "\x0"), "", $mybb->input['gallery']); 199 200 $breadcrumb = "<a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}\">Default Gallery</a>"; 201 202 $mybb->settings['avatardir'] = "../".$mybb->settings['avatardir']; 203 204 if(!is_dir($mybb->settings['avatardir']) && is_dir(MYBB_ROOT."/images/avatars/")) 205 { 206 $mybb->settings['avatardir'] = "../images/avatars/"; 207 } 208 209 // Within a gallery 210 if(!empty($gallery)) 211 { 212 $path = $gallery."/"; 213 $real_path = $mybb->settings['avatardir']."/".$path; 214 if(is_dir($real_path)) 215 { 216 // Build friendly gallery breadcrumb 217 $gallery_path = explode("/", $gallery); 218 foreach($gallery_path as $key => $url_bit) 219 { 220 if($breadcrumb_url) $breadcrumb_url .= "/"; 221 $breadcrumb_url .= $url_bit; 222 $gallery_name = str_replace(array("_", "%20"), " ", $url_bit); 223 $gallery_name = ucwords($gallery_name); 224 225 if($gallery_path[$key+1]) 226 { 227 $breadcrumb .= " » <a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&gallery={$breadcrumb_url}\">{$gallery_name}</a>"; 228 } 229 else 230 { 231 $breadcrumb .= " » {$gallery_name}"; 232 } 233 } 234 } 235 else 236 { 237 exit; 238 } 239 } 240 else 241 { 242 $path = ""; 243 $real_path = $mybb->settings['avatardir']; 244 } 245 246 // Get a listing of avatars/directories within this gallery 247 $sub_galleries = $avatars = array(); 248 $files = @scandir($real_path); 249 250 if(is_array($files)) 251 { 252 foreach($files as $file) 253 { 254 if($file == "." || $file == ".." || $file == ".svn") 255 { 256 continue; 257 } 258 259 // Build friendly name 260 $friendly_name = str_replace(array("_", "%20"), " ", $file); 261 $friendly_name = ucwords($friendly_name); 262 if(is_dir($real_path."/".$file)) 263 { 264 // Only add this gallery if there are avatars or galleries inside it (no empty directories!) 265 $has = 0; 266 $dh = @opendir($real_path."/".$file); 267 while(false !== ($sub_file = readdir($dh))) 268 { 269 if(preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $sub_file) || is_dir($real_path."/".$file."/".$sub_file)) 270 { 271 $has = 1; 272 break; 273 } 274 } 275 @closedir($dh); 276 if($has == 1) 277 { 278 $sub_galleries[] = array( 279 "path" => $path.$file, 280 "friendly_name" => $friendly_name 281 ); 282 } 283 } 284 else if(preg_match("#\.(jpg|jpeg|gif|bmp|png)$#i", $file)) 285 { 286 $friendly_name = preg_replace("#\.(jpg|jpeg|gif|bmp|png)$#i", "", $friendly_name); 287 288 // Fetch dimensions 289 $dimensions = @getimagesize($real_path."/".$file); 290 291 $avatars[] = array( 292 "path" => $path.$file, 293 "friendly_name" => $friendly_name, 294 "width" => $dimensions[0], 295 "height" => $dimensions[1] 296 ); 297 } 298 } 299 } 300 301 require_once MYBB_ROOT."inc/functions_image.php"; 302 303 // Now we're done, we can simply show our gallery page 304 echo "<div id=\"gallery_breadcrumb\">{$breadcrumb}</div>\n"; 305 echo "<div id=\"gallery\">\n"; 306 echo "<ul id=\"galleries\">\n"; 307 if(is_array($sub_galleries)) 308 { 309 foreach($sub_galleries as $gallery) 310 { 311 if(!$gallery['thumb']) 312 { 313 $gallery['thumb'] = "styles/{$page->style}/images/avatar_gallery.gif"; 314 $gallery['thumb_width'] = 64; 315 $gallery['thumb_height'] = 64; 316 } 317 else 318 { 319 $gallery['thumb'] = "{$mybb->settings['avatardir']}/{$gallery['thumb']}"; 320 } 321 $scaled_dimensions = scale_image($gallery['thumb_width'], $gallery['thumb_height'], 80, 80); 322 $top = ceil((80-$scaled_dimensions['height'])/2); 323 $left = ceil((80-$scaled_dimensions['width'])/2); 324 echo "<li><a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&gallery={$gallery['path']}\"><span class=\"image\"><img src=\"{$gallery['thumb']}\" alt=\"\" style=\"margin-top: {$top}px;\" height=\"{$scaled_dimensions['height']}\" width=\"{$scaled_dimensions['width']}\"></span><span class=\"title\">{$gallery['friendly_name']}</span></a></li>\n"; 325 } 326 } 327 echo "</ul>\n"; 328 // Build the list of any actual avatars we have 329 echo "<ul id=\"avatars\">\n"; 330 if(is_array($avatars)) 331 { 332 foreach($avatars as $avatar) 333 { 334 $scaled_dimensions = scale_image($avatar['width'], $avatar['height'], 80, 80); 335 $top = ceil((80-$scaled_dimensions['height'])/2); 336 $left = ceil((80-$scaled_dimensions['width'])/2); 337 echo "<li><a href=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}&avatar={$avatar['path']}\"><span class=\"image\"><img src=\"{$mybb->settings['avatardir']}/{$avatar['path']}\" alt=\"\" style=\"margin-top: {$top}px;\" height=\"{$scaled_dimensions['height']}\" width=\"{$scaled_dimensions['width']}\" /></span><span class=\"title\">{$avatar['friendly_name']}</span></a></li>\n"; 338 } 339 } 340 echo "</ul>\n"; 341 echo "</div>"; 342 echo "</body>"; 343 echo "</html>"; 344 exit; 345 } 346 347 if($mybb->input['action'] == "activate_user") 348 { 349 $plugins->run_hooks("admin_user_users_coppa_activate"); 350 351 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 352 $user = $db->fetch_array($query); 353 354 // Does the user not exist? 355 if(!$user['uid'] || $user['usergroup'] != 5) 356 { 357 flash_message($lang->error_invalid_user, 'error'); 358 admin_redirect("index.php?module=user-users"); 359 } 360 361 $updated_user['usergroup'] = $user['usergroup']; 362 363 // Update 364 if($user['coppauser']) 365 { 366 $updated_user = array( 367 "coppauser" => 0 368 ); 369 } 370 else 371 { 372 $db->delete_query("awaitingactivation", "uid='{$user['uid']}'"); 373 } 374 375 // Move out of awaiting activation if they're in it. 376 if($user['usergroup'] == 5) 377 { 378 $updated_user['usergroup'] = 2; 379 } 380 381 $db->update_query("users", $updated_user, "uid='{$user['uid']}'"); 382 383 $plugins->run_hooks("admin_user_users_coppa_activate_commit"); 384 385 // Log admin action 386 log_admin_action($user['uid'], $user['username']); 387 388 if($mybb->input['from'] == "home") 389 { 390 if($user['coppauser']) 391 { 392 $message = $lang->success_coppa_activated; 393 } 394 else 395 { 396 $message = $lang->success_activated; 397 } 398 399 update_admin_session('flash_message2', array('message' => $message, 'type' => 'success')); 400 } 401 else 402 { 403 if($user['coppauser']) 404 { 405 flash_message($lang->success_coppa_activated, 'success'); 406 } 407 else 408 { 409 flash_message($lang->success_activated, 'success'); 410 } 411 } 412 413 if($admin_session['data']['last_users_url']) 414 { 415 $url = $admin_session['data']['last_users_url']; 416 update_admin_session('last_users_url', ''); 417 418 if($mybb->input['from'] == "home") 419 { 420 update_admin_session('from', 'home'); 421 } 422 } 423 else 424 { 425 $url = "index.php?module=user-users&action=edit&uid={$user['uid']}"; 426 } 427 428 admin_redirect($url); 429 } 430 431 if($mybb->input['action'] == "add") 432 { 433 $plugins->run_hooks("admin_user_users_add"); 434 435 if($mybb->request_method == "post") 436 { 437 // Determine the usergroup stuff 438 if(is_array($mybb->input['additionalgroups'])) 439 { 440 foreach($mybb->input['additionalgroups'] as $key => $gid) 441 { 442 if($gid == $mybb->input['usergroup']) 443 { 444 unset($mybb->input['additionalgroups'][$key]); 445 } 446 } 447 $additionalgroups = implode(",", $mybb->input['additionalgroups']); 448 } 449 else 450 { 451 $additionalgroups = ''; 452 } 453 454 // Set up user handler. 455 require_once MYBB_ROOT."inc/datahandlers/user.php"; 456 $userhandler = new UserDataHandler('insert'); 457 458 // Set the data for the new user. 459 $new_user = array( 460 "uid" => $mybb->input['uid'], 461 "username" => $mybb->input['username'], 462 "password" => $mybb->input['password'], 463 "password2" => $mybb->input['confirm_password'], 464 "email" => $mybb->input['email'], 465 "email2" => $mybb->input['email'], 466 "usergroup" => $mybb->input['usergroup'], 467 "additionalgroups" => $additionalgroups, 468 "displaygroup" => $mybb->input['displaygroup'], 469 "profile_fields" => $mybb->input['profile_fields'], 470 "profile_fields_editable" => true, 471 ); 472 473 // Set the data of the user in the datahandler. 474 $userhandler->set_data($new_user); 475 $errors = ''; 476 477 // Validate the user and get any errors that might have occurred. 478 if(!$userhandler->validate_user()) 479 { 480 $errors = $userhandler->get_friendly_errors(); 481 } 482 else 483 { 484 $user_info = $userhandler->insert_user(); 485 486 $plugins->run_hooks("admin_user_users_add_commit"); 487 488 // Log admin action 489 log_admin_action($user_info['uid'], $user_info['username']); 490 491 flash_message($lang->success_user_created, 'success'); 492 admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}"); 493 } 494 } 495 496 // Fetch custom profile fields - only need required profile fields here 497 $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder')); 498 while($profile_field = $db->fetch_array($query)) 499 { 500 $profile_fields['required'][] = $profile_field; 501 } 502 503 $page->add_breadcrumb_item($lang->create_user); 504 $page->output_header($lang->create_user); 505 506 $form = new Form("index.php?module=user-users&action=add", "post"); 507 508 $page->output_nav_tabs($sub_tabs, 'create_user'); 509 510 // If we have any error messages, show them 511 if($errors) 512 { 513 $page->output_inline_error($errors); 514 } 515 else 516 { 517 $mybb->input = array( 518 "usergroup" => 2 519 ); 520 } 521 522 $form_container = new FormContainer($lang->required_profile_info); 523 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 524 $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->input['password'], array('id' => 'password', 'autocomplete' => 'off')), 'password'); 525 $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->input['confirm_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 526 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 527 528 $display_group_options[0] = $lang->use_primary_user_group; 529 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 530 while($usergroup = $db->fetch_array($query)) 531 { 532 $options[$usergroup['gid']] = $usergroup['title']; 533 $display_group_options[$usergroup['gid']] = $usergroup['title']; 534 } 535 536 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 537 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 538 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 539 540 // Output custom profile fields - required 541 output_custom_profile_fields($profile_fields['required'], $mybb->input['profile_fields'], $form_container, $form); 542 543 $form_container->end(); 544 $buttons[] = $form->generate_submit_button($lang->save_user); 545 $form->output_submit_wrapper($buttons); 546 547 $form->end(); 548 $page->output_footer(); 549 } 550 551 if($mybb->input['action'] == "edit") 552 { 553 $plugins->run_hooks("admin_user_users_edit"); 554 555 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 556 $user = $db->fetch_array($query); 557 558 // Does the user not exist? 559 if(!$user['uid']) 560 { 561 flash_message($lang->error_invalid_user, 'error'); 562 admin_redirect("index.php?module=user-users"); 563 } 564 565 if($mybb->request_method == "post") 566 { 567 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 568 { 569 flash_message($lang->error_no_perms_super_admin, 'error'); 570 admin_redirect("index.php?module=user-users"); 571 } 572 573 // Determine the usergroup stuff 574 if(is_array($mybb->input['additionalgroups'])) 575 { 576 foreach($mybb->input['additionalgroups'] as $key => $gid) 577 { 578 if($gid == $mybb->input['usergroup']) 579 { 580 unset($mybb->input['additionalgroups'][$key]); 581 } 582 } 583 $additionalgroups = implode(",", $mybb->input['additionalgroups']); 584 } 585 else 586 { 587 $additionalgroups = ''; 588 } 589 590 // Set up user handler. 591 require_once MYBB_ROOT."inc/datahandlers/user.php"; 592 $userhandler = new UserDataHandler('update'); 593 594 // Set the data for the new user. 595 $updated_user = array( 596 "uid" => $mybb->input['uid'], 597 "username" => $mybb->input['username'], 598 "email" => $mybb->input['email'], 599 "email2" => $mybb->input['email'], 600 "usergroup" => $mybb->input['usergroup'], 601 "additionalgroups" => $additionalgroups, 602 "displaygroup" => $mybb->input['displaygroup'], 603 "postnum" => $mybb->input['postnum'], 604 "usertitle" => $mybb->input['usertitle'], 605 "timezone" => $mybb->input['timezone'], 606 "language" => $mybb->input['language'], 607 "profile_fields" => $mybb->input['profile_fields'], 608 "profile_fields_editable" => true, 609 "website" => $mybb->input['website'], 610 "icq" => $mybb->input['icq'], 611 "aim" => $mybb->input['aim'], 612 "yahoo" => $mybb->input['yahoo'], 613 "msn" => $mybb->input['msn'], 614 "style" => $mybb->input['style'], 615 "signature" => $mybb->input['signature'], 616 "dateformat" => intval($mybb->input['dateformat']), 617 "timeformat" => intval($mybb->input['timeformat']), 618 "language" => $mybb->input['language'], 619 "usernotes" => $mybb->input['usernotes'] 620 ); 621 622 if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5) 623 { 624 if($user['coppauser'] == 1) 625 { 626 $updated_user['coppa_user'] = 0; 627 } 628 } 629 if($mybb->input['new_password']) 630 { 631 $updated_user['password'] = $mybb->input['new_password']; 632 $updated_user['password2'] = $mybb->input['confirm_new_password']; 633 } 634 635 $updated_user['options'] = array( 636 "allownotices" => $mybb->input['allownotices'], 637 "hideemail" => $mybb->input['hideemail'], 638 "subscriptionmethod" => $mybb->input['subscriptionmethod'], 639 "invisible" => $mybb->input['invisible'], 640 "dstcorrection" => $mybb->input['dstcorrection'], 641 "threadmode" => $mybb->input['threadmode'], 642 "showsigs" => $mybb->input['showsigs'], 643 "showavatars" => $mybb->input['showavatars'], 644 "showquickreply" => $mybb->input['showquickreply'], 645 "receivepms" => $mybb->input['receivepms'], 646 "receivefrombuddy" => $mybb->input['receivefrombuddy'], 647 "pmnotice" => $mybb->input['pmnotice'], 648 "daysprune" => $mybb->input['daysprune'], 649 "showcodebuttons" => intval($mybb->input['showcodebuttons']), 650 "pmnotify" => $mybb->input['pmnotify'], 651 "showredirect" => $mybb->input['showredirect'] 652 ); 653 654 if($mybb->settings['usertppoptions']) 655 { 656 $updated_user['options']['tpp'] = intval($mybb->input['tpp']); 657 } 658 659 if($mybb->settings['userpppoptions']) 660 { 661 $updated_user['options']['ppp'] = intval($mybb->input['ppp']); 662 } 663 664 // Set the data of the user in the datahandler. 665 $userhandler->set_data($updated_user); 666 $errors = ''; 667 668 // Validate the user and get any errors that might have occurred. 669 if(!$userhandler->validate_user()) 670 { 671 $errors = $userhandler->get_friendly_errors(); 672 } 673 else 674 { 675 // Are we removing an avatar from this user? 676 if($mybb->input['remove_avatar']) 677 { 678 $extra_user_updates = array( 679 "avatar" => "", 680 "avatardimensions" => "", 681 "avatartype" => "" 682 ); 683 remove_avatars($user['uid']); 684 } 685 686 // Are we uploading a new avatar? 687 if($_FILES['avatar_upload']['name']) 688 { 689 $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']); 690 if($avatar['error']) 691 { 692 $errors = array($avatar['error']); 693 } 694 else 695 { 696 if($avatar['width'] > 0 && $avatar['height'] > 0) 697 { 698 $avatar_dimensions = $avatar['width']."|".$avatar['height']; 699 } 700 $extra_user_updates = array( 701 "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW, 702 "avatardimensions" => $avatar_dimensions, 703 "avatartype" => "upload" 704 ); 705 } 706 } 707 // Are we setting a new avatar from a URL? 708 else if($mybb->input['avatar_url'] && $mybb->input['avatar_url'] != $user['avatar']) 709 { 710 $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']); 711 $mybb->input['avatar_url'] = htmlspecialchars($mybb->input['avatar_url']); 712 $ext = get_extension($mybb->input['avatar_url']); 713 714 // Copy the avatar to the local server (work around remote URL access disabled for getimagesize) 715 $file = fetch_remote_file($mybb->input['avatar_url']); 716 if(!$file) 717 { 718 $avatar_error = $lang->error_invalidavatarurl; 719 } 720 else 721 { 722 $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str()); 723 $fp = @fopen($tmp_name, "wb"); 724 if(!$fp) 725 { 726 $avatar_error = $lang->error_invalidavatarurl; 727 } 728 else 729 { 730 fwrite($fp, $file); 731 fclose($fp); 732 list($width, $height, $type) = @getimagesize($tmp_name); 733 @unlink($tmp_name); 734 echo $type; 735 if(!$type) 736 { 737 $avatar_error = $lang->error_invalidavatarurl; 738 } 739 } 740 } 741 742 if(empty($avatar_error)) 743 { 744 if($width && $height && $mybb->settings['maxavatardims'] != "") 745 { 746 list($maxwidth, $maxheight) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 747 if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight)) 748 { 749 $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight); 750 $avatar_error = $lang->error_avatartoobig; 751 } 752 } 753 } 754 755 if(empty($avatar_error)) 756 { 757 if($width > 0 && $height > 0) 758 { 759 $avatar_dimensions = intval($width)."|".intval($height); 760 } 761 $extra_user_updates = array( 762 "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW), 763 "avatardimensions" => $avatar_dimensions, 764 "avatartype" => "remote" 765 ); 766 remove_avatars($user['uid']); 767 } 768 else 769 { 770 $errors = array($avatar_error); 771 } 772 } 773 774 // Moderator "Options" (suspend signature, suspend/moderate posting) 775 $moderator_options = array( 776 1 => array( 777 "action" => "suspendsignature", // The moderator action we're performing 778 "period" => "action_period", // The time period we've selected from the dropdown box 779 "time" => "action_time", // The time we've entered 780 "update_field" => "suspendsignature", // The field in the database to update if true 781 "update_length" => "suspendsigtime" // The length of suspension field in the database 782 ), 783 2 => array( 784 "action" => "moderateposting", 785 "period" => "modpost_period", 786 "time" => "modpost_time", 787 "update_field" => "moderateposts", 788 "update_length" => "moderationtime" 789 ), 790 3 => array( 791 "action" => "suspendposting", 792 "period" => "suspost_period", 793 "time" => "suspost_time", 794 "update_field" => "suspendposting", 795 "update_length" => "suspensiontime" 796 ) 797 ); 798 799 require_once MYBB_ROOT."inc/functions_warnings.php"; 800 foreach($moderator_options as $option) 801 { 802 if(!$mybb->input[$option['action']]) 803 { 804 if($user[$option['update_field']] == 1) 805 { 806 // We're revoking the suspension 807 $extra_user_updates[$option['update_field']] = 0; 808 $extra_user_updates[$option['update_length']] = 0; 809 } 810 811 // Skip this option if we haven't selected it 812 continue; 813 } 814 815 if($mybb->input[$option['action']]) 816 { 817 if(intval($mybb->input[$option['time']]) == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1) 818 { 819 // User has selected a type of ban, but not entered a valid time frame 820 $string = $option['action']."_error"; 821 $errors[] = $lang->$string; 822 } 823 824 if(!is_array($errors)) 825 { 826 $suspend_length = fetch_time_length(intval($mybb->input[$option['time']]), $mybb->input[$option['period']]); 827 828 if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never")) 829 { 830 // We already have a suspension, but entered a new time 831 if($suspend_length == "-1") 832 { 833 // Permanent ban on action 834 $extra_user_updates[$option['update_length']] = 0; 835 } 836 elseif($suspend_length && $suspend_length != "-1") 837 { 838 // Temporary ban on action 839 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 840 } 841 } 842 elseif(!$user[$option['update_field']]) 843 { 844 // New suspension for this user... bad user! 845 $extra_user_updates[$option['update_field']] = 1; 846 if($suspend_length == "-1") 847 { 848 $extra_user_updates[$option['update_length']] = 0; 849 } 850 else 851 { 852 $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length; 853 } 854 } 855 } 856 } 857 } 858 859 if($extra_user_updates['moderateposts'] && $extra_user_updates['suspendposting']) 860 { 861 $errors[] = $lang->suspendmoderate_error; 862 } 863 864 if(!$errors) 865 { 866 $user_info = $userhandler->update_user(); 867 $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'"); 868 869 // if we're updating the user's signature preferences, do so now 870 if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable') 871 { 872 $update_signature = array( 873 'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0) 874 ); 875 $db->update_query("posts", $update_signature, "uid='{$user['uid']}'"); 876 } 877 878 $plugins->run_hooks("admin_user_users_edit_commit"); 879 880 // Log admin action 881 log_admin_action($user['uid'], $mybb->input['username']); 882 883 flash_message($lang->success_user_updated, 'success'); 884 admin_redirect("index.php?module=user-users"); 885 } 886 } 887 } 888 889 if(!$errors) 890 { 891 $user['usertitle'] = htmlspecialchars_decode($user['usertitle']); 892 $mybb->input = $user; 893 894 // We need to fetch this users profile field values 895 $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'"); 896 $mybb->input['profile_fields'] = $db->fetch_array($query); 897 } 898 899 // Fetch custom profile fields 900 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 901 while($profile_field = $db->fetch_array($query)) 902 { 903 if($profile_field['required'] == 1) 904 { 905 $profile_fields['required'][] = $profile_field; 906 } 907 else 908 { 909 $profile_fields['optional'][] = $profile_field; 910 } 911 } 912 913 $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username'])); 914 $page->output_header($lang->edit_user); 915 916 $sub_tabs['edit_user'] = array( 917 'title' => $lang->edit_user, 918 'description' => $lang->edit_user_desc 919 ); 920 921 $form = new Form("index.php?module=user-users&action=edit&uid={$user['uid']}", "post", "", 1); 922 echo "<script type=\"text/javascript\">\n function submitUserForm() { $('tab_overview').up('FORM').submit(); }</script>\n"; 923 924 $page->output_nav_tabs($sub_tabs, 'edit_user'); 925 926 // If we have any error messages, show them 927 if($errors) 928 { 929 $page->output_inline_error($errors); 930 } 931 932 // Is this user a COPPA user? We show a warning & activate link 933 if($user['coppauser']) 934 { 935 echo $lang->sprintf($lang->warning_coppa_user, $user['uid']); 936 } 937 938 $tabs = array( 939 "overview" => $lang->overview, 940 "profile" => $lang->profile, 941 "settings" => $lang->account_settings, 942 "signature" => $lang->signature, 943 "avatar" => $lang->avatar, 944 "modoptions" => $lang->mod_options 945 ); 946 $page->output_tab_control($tabs); 947 948 // 949 // OVERVIEW 950 // 951 echo "<div id=\"tab_overview\">\n"; 952 $table = new Table; 953 $table->construct_header($lang->avatar, array('class' => 'align_center')); 954 $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center')); 955 956 // Avatar 957 $avatar_dimensions = explode("|", $user['avatardimensions']); 958 if($user['avatar']) 959 { 960 if($user['avatardimensions']) 961 { 962 require_once MYBB_ROOT."inc/functions_image.php"; 963 list($width, $height) = explode("|", $user['avatardimensions']); 964 $scaled_dimensions = scale_image($width, $height, 120, 120); 965 } 966 else 967 { 968 $scaled_dimensions = array( 969 "width" => 120, 970 "height" => 120 971 ); 972 } 973 if (!stristr($user['avatar'], 'http://')) 974 { 975 $user['avatar'] = "../{$user['avatar']}\n"; 976 } 977 } 978 else 979 { 980 $user['avatar'] = "styles/{$page->style}/images/default_avatar.gif"; 981 $scaled_dimensions = array( 982 "width" => 120, 983 "height" => 120 984 ); 985 } 986 $avatar_top = ceil((126-$scaled_dimensions['height'])/2); 987 if($user['lastactive']) 988 { 989 $last_active = my_date($mybb->settings['dateformat'], $user['lastactive']).", ".my_date($mybb->settings['timeformat'], $user['lastactive']); 990 } 991 else 992 { 993 $last_active = $lang->never; 994 } 995 $reg_date = my_date($mybb->settings['dateformat'], $user['regdate']).", ".my_date($mybb->settings['timeformat'], $user['regdate']); 996 if($user['dst'] == 1) 997 { 998 $timezone = $user['timezone']+1; 999 } 1000 else 1001 { 1002 $timezone = $user['timezone']; 1003 } 1004 $local_time = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600)).", ".gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600)); 1005 $days_registered = (TIME_NOW - $user['regdate']) / (24*3600); 1006 $posts_per_day = 0; 1007 if($days_registered > 0) 1008 { 1009 $posts_per_day = round($user['postnum'] / $days_registered, 2); 1010 if($posts_per_day > $user['postnum']) 1011 { 1012 $posts_per_day = $user['postnum']; 1013 } 1014 } 1015 $stats = $cache->read("stats"); 1016 $posts = $stats['numposts']; 1017 if($posts == 0) 1018 { 1019 $percent_posts = "0"; 1020 } 1021 else 1022 { 1023 $percent_posts = round($user['postnum']*100/$posts, 2); 1024 } 1025 1026 $user_permissions = user_permissions($user['uid']); 1027 1028 // Fetch the reputation for this user 1029 if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 1030 { 1031 $reputation = get_reputation($user['reputation']); 1032 } 1033 else 1034 { 1035 $reputation = "-"; 1036 } 1037 1038 if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0) 1039 { 1040 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 1041 if($warning_level > 100) 1042 { 1043 $warning_level = 100; 1044 } 1045 $warning_level = get_colored_warning_level($warning_level); 1046 } 1047 1048 1049 if($user['birthday']) 1050 { 1051 $age = get_age($user['birthday']); 1052 } 1053 1054 else 1055 { 1056 $age = ''; 1057 } 1058 1059 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1)); 1060 $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"); 1061 $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}"); 1062 $table->construct_row(); 1063 $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}"); 1064 $table->construct_cell("<strong>{$lang->local_time}:</strong> {$local_time}"); 1065 $table->construct_row(); 1066 $table->construct_cell("<strong>{$lang->posts}:</strong> {$user['postnum']}"); 1067 $table->construct_cell("<strong>{$lang->age}:</strong> {$age}"); 1068 $table->construct_row(); 1069 $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}"); 1070 $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}"); 1071 $table->construct_row(); 1072 $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}"); 1073 $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}"); 1074 $table->construct_row(); 1075 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> {$user['regip']}"); 1076 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> {$user['lastip']}"); 1077 $table->construct_row(); 1078 1079 $table->output("{$lang->user_overview}: {$user['username']}"); 1080 echo "</div>\n"; 1081 1082 // 1083 // PROFILE 1084 // 1085 echo "<div id=\"tab_profile\">\n"; 1086 1087 $form_container = new FormContainer($lang->required_profile_info.": {$user['username']}"); 1088 $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username'); 1089 $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password'); 1090 $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password'); 1091 $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email'); 1092 1093 $display_group_options[0] = $lang->use_primary_user_group; 1094 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 1095 while($usergroup = $db->fetch_array($query)) 1096 { 1097 $options[$usergroup['gid']] = $usergroup['title']; 1098 $display_group_options[$usergroup['gid']] = $usergroup['title']; 1099 } 1100 1101 if(!is_array($mybb->input['additionalgroups'])) 1102 { 1103 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 1104 } 1105 1106 $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 1107 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 1108 $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 1109 $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_text_box('postnum', $mybb->input['postnum'], array('id' => 'postnum')), 'postnum'); 1110 1111 // Output custom profile fields - required 1112 output_custom_profile_fields($profile_fields['required'], $mybb->input['profile_fields'], $form_container, $form); 1113 1114 $form_container->end(); 1115 1116 $form_container = new FormContainer($lang->optional_profile_info.": {$user['username']}"); 1117 $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->input['usertitle'], array('id' => 'usertitle')), 'usertitle'); 1118 $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->input['website'], array('id' => 'website')), 'website'); 1119 $form_container->output_row($lang->icq_number, "", $form->generate_text_box('icq', $mybb->input['icq'], array('id' => 'icq')), 'icq'); 1120 $form_container->output_row($lang->aim_handle, "", $form->generate_text_box('aim', $mybb->input['aim'], array('id' => 'aim')), 'aim'); 1121 $form_container->output_row($lang->yahoo_messanger_handle, "", $form->generate_text_box('yahoo', $mybb->input['yahoo'], array('id' => 'yahoo')), 'yahoo'); 1122 $form_container->output_row($lang->msn_messanger_handle, "", $form->generate_text_box('msn', $mybb->input['msn'], array('id' => 'msn')), 'msn'); 1123 // Birthday 1124 1125 // Output custom profile fields - optional 1126 output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form); 1127 1128 $form_container->end(); 1129 echo "</div>\n"; 1130 1131 // 1132 // ACCOUNT SETTINGS 1133 // 1134 1135 // Plugin hook note - we should add hooks in above each output_row for the below so users can add their own options to each group :> 1136 1137 echo "<div id=\"tab_settings\">\n"; 1138 $form_container = new FormContainer($lang->account_settings.": {$user['username']}"); 1139 $login_options = array( 1140 $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->input['invisible'])), 1141 ); 1142 $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>"); 1143 1144 if($mybb->input['pmnotice'] > 1) 1145 { 1146 $mybb->input['pmnotice'] = 1; 1147 } 1148 1149 $messaging_options = array( 1150 $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->input['allownotices'])), 1151 $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->input['hideemail'])), 1152 $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->input['receivepms'])), 1153 $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->input['receivefrombuddy'])), 1154 $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->input['pmnotice'])), 1155 $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->input['pmnotify'])), 1156 "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_email_notification, $lang->instant_email_notification), $mybb->input['subscriptionmethod'], array('id' => 'subscriptionmethod')) 1157 ); 1158 $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>"); 1159 1160 $date_format_options = array($lang->use_default); 1161 foreach($date_formats as $key => $format) 1162 { 1163 $date_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1164 } 1165 1166 $time_format_options = array($lang->use_default); 1167 foreach($time_formats as $key => $format) 1168 { 1169 $time_format_options[$key] = my_date($format, TIME_NOW, "", 0); 1170 } 1171 1172 $date_options = array( 1173 "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->input['dateformat'], array('id' => 'dateformat')), 1174 "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->input['timeformat'], array('id' => 'timeformat')), 1175 "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->input['timezone']), 1176 "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->input['dstcorrection'], array('id' => 'dstcorrection')) 1177 ); 1178 $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>"); 1179 1180 1181 $tpp_options = array($lang->use_default); 1182 if($mybb->settings['usertppoptions']) 1183 { 1184 $explodedtpp = explode(",", $mybb->settings['usertppoptions']); 1185 if(is_array($explodedtpp)) 1186 { 1187 foreach($explodedtpp as $tpp) 1188 { 1189 if($tpp <= 0) continue; 1190 $tpp_options[$tpp] = $tpp; 1191 } 1192 } 1193 } 1194 1195 $thread_age_options = array( 1196 0 => $lang->use_default, 1197 1 => $lang->show_threads_last_day, 1198 5 => $lang->show_threads_last_5_days, 1199 10 => $lang->show_threads_last_10_days, 1200 20 => $lang->show_threads_last_20_days, 1201 50 => $lang->show_threads_last_50_days, 1202 75 => $lang->show_threads_last_75_days, 1203 100 => $lang->show_threads_last_100_days, 1204 365 => $lang->show_threads_last_year, 1205 9999 => $lang->show_all_threads 1206 ); 1207 1208 $forum_options = array( 1209 "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->input['tpp'], array('id' => 'tpp')), 1210 "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->input['daysprune'], array('id' => 'daysprune')) 1211 ); 1212 $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>"); 1213 1214 $ppp_options = array($lang->use_default); 1215 if($mybb->settings['userpppoptions']) 1216 { 1217 $explodedppp = explode(",", $mybb->settings['userpppoptions']); 1218 if(is_array($explodedppp)) 1219 { 1220 foreach($explodedppp as $ppp) 1221 { 1222 if($ppp <= 0) continue; 1223 $ppp_options[$ppp] = $ppp; 1224 } 1225 } 1226 } 1227 1228 $thread_options = array( 1229 $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->input['showsigs'])), 1230 $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->input['showavatars'])), 1231 $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->input['showquickreply'])), 1232 "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->input['ppp'], array('id' => 'ppp')), 1233 "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode')) 1234 ); 1235 $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>"); 1236 1237 $languages = array_merge(array('' => $lang->use_default), $lang->get_languages()); 1238 1239 $other_options = array( 1240 $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->input['showredirect'])), 1241 $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->input['showcodebuttons'])), 1242 "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->input['style'], 0, "", true), 1243 "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->input['language'], array('id' => 'language')) 1244 ); 1245 $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>"); 1246 1247 $form_container->end(); 1248 echo "</div>\n"; 1249 1250 // 1251 // SIGNATURE EDITOR 1252 // 1253 $signature_editor = $form->generate_text_area("signature", $mybb->input['signature'], array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'width: 95%')); 1254 $sig_smilies = $lang->off; 1255 if($mybb->settings['sigsmilies'] == 1) 1256 { 1257 $sig_smilies = $lang->on; 1258 } 1259 $sig_mycode = $lang->off; 1260 if($mybb->settings['sigmycode'] == 1) 1261 { 1262 $sig_mycode = $lang->on; 1263 $signature_editor .= build_mycode_inserter("signature"); 1264 } 1265 $sig_html = $lang->off; 1266 if($mybb->settings['sightml'] == 1) 1267 { 1268 $sig_html = $lang->on; 1269 } 1270 $sig_imgcode = $lang->off; 1271 if($mybb->settings['sigimgcode'] == 1) 1272 { 1273 $sig_imgcode = $lang->on; 1274 } 1275 echo "<div id=\"tab_signature\">\n"; 1276 $form_container = new FormContainer("{$lang->signature}: {$user['username']}"); 1277 $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature'); 1278 1279 $periods = array( 1280 "hours" => $lang->expire_hours, 1281 "days" => $lang->expire_days, 1282 "weeks" => $lang->expire_weeks, 1283 "months" => $lang->expire_months, 1284 "never" => $lang->expire_permanent 1285 ); 1286 1287 // Are we already suspending the signature? 1288 if($mybb->input['suspendsignature']) 1289 { 1290 $sig_checked = 1; 1291 1292 // Display how much time is left on the ban for the user to extend it 1293 if($user['suspendsigtime'] == "0") 1294 { 1295 // Permanent 1296 $lang->suspend_expire_info = $lang->suspend_sig_perm; 1297 } 1298 else 1299 { 1300 // There's a limit to the suspension! 1301 $expired = my_date($mybb->settings['dateformat'], $user['suspendsigtime'])." @ ".my_date($mybb->settings['timeformat'], $user['suspendsigtime']); 1302 $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired); 1303 } 1304 $user_suspend_info = ' 1305 <tr> 1306 <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td> 1307 </tr>'; 1308 } 1309 else 1310 { 1311 $sig_checked = 0; 1312 } 1313 1314 $actions = ' 1315 <script type="text/javascript"> 1316 <!-- 1317 var sig_checked = "'.$sig_checked.'"; 1318 1319 function toggleAction() 1320 { 1321 if($("suspend_action").visible() == true) 1322 { 1323 $("suspend_action").hide(); 1324 } 1325 else 1326 { 1327 $("suspend_action").show(); 1328 } 1329 } 1330 // --> 1331 </script> 1332 1333 <dl style="margin-top: 0; margin-bottom: 0; width: 100%;"> 1334 <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt> 1335 <dd style="margin-top: 4px;" id="suspend_action" class="actions"> 1336 <table cellpadding="4">'.$user_suspend_info.' 1337 <tr> 1338 <td width="30%"><small>'.$lang->expire_length.'</small></td> 1339 <td>'.$form->generate_text_box('action_time', $mybb->input['action_time'], array('style' => 'width: 2em;')).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td> 1340 </tr> 1341 </table> 1342 </dd> 1343 </dl> 1344 1345 <script type="text/javascript"> 1346 <!-- 1347 if(sig_checked == 0) 1348 { 1349 $("suspend_action").hide(); 1350 } 1351 // --> 1352 </script>'; 1353 1354 $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions); 1355 1356 $signature_options = array( 1357 $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)), 1358 $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)), 1359 $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1)) 1360 ); 1361 1362 $form_container->output_row($lang->singature_preferences, "", implode("<br />", $signature_options)); 1363 1364 $form_container->end(); 1365 echo "</div>\n"; 1366 1367 // 1368 // AVATAR MANAGER 1369 // 1370 echo "<div id=\"tab_avatar\">\n"; 1371 $table = new Table; 1372 $table->construct_header($lang->current_avatar, array('colspan' => 2)); 1373 1374 $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1)); 1375 1376 if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath'])) 1377 { 1378 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>"; 1379 } 1380 else if($user['avatartype'] == "gallery" || stristr($user['avatar'], $mybb->settings['avatardir'])) 1381 { 1382 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_gallery_avatar}</strong>"; 1383 } 1384 elseif($user['avatartype'] == "remote" || my_strpos(my_strtolower($user['avatar']), "http://") !== false) 1385 { 1386 $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>"; 1387 $avatar_url = $user['avatar']; 1388 } 1389 1390 if($errors) 1391 { 1392 $avatar_url = $mybb->input['avatar_url']; 1393 } 1394 1395 if($mybb->settings['maxavatardims'] != "") 1396 { 1397 list($max_width, $max_height) = explode("x", my_strtolower($mybb->settings['maxavatardims'])); 1398 $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}"; 1399 } 1400 1401 if($mybb->settings['avatarsize']) 1402 { 1403 $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024); 1404 $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}"; 1405 } 1406 1407 if($user['avatar']) 1408 { 1409 $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>"); 1410 } 1411 1412 $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>"); 1413 $table->construct_row(); 1414 1415 $table->output($lang->avatar.": {$user['username']}"); 1416 1417 // Custom avatar 1418 if($mybb->settings['avatarresizing'] == "auto") 1419 { 1420 $auto_resize = $lang->avatar_auto_resize; 1421 } 1422 else if($mybb->settings['avatarresizing'] == "user") 1423 { 1424 $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>"; 1425 } 1426 $form_container = new FormContainer($lang->specify_custom_avatar); 1427 $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload'); 1428 $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url'); 1429 $form_container->end(); 1430 1431 // Select an image from the gallery 1432 echo "<div class=\"border_wrapper\">"; 1433 echo "<div class=\"title\">.. {$lang->or_select_avatar_gallery}</div>"; 1434 echo "<iframe src=\"index.php?module=user-users&action=avatar_gallery&uid={$user['uid']}\" width=\"100%\" height=\"350\" frameborder=\"0\"></iframe>"; 1435 echo "</div>"; 1436 echo "</div>"; 1437 1438 // 1439 // MODERATOR OPTIONS 1440 // 1441 $periods = array( 1442 "hours" => $lang->expire_hours, 1443 "days" => $lang->expire_days, 1444 "weeks" => $lang->expire_weeks, 1445 "months" => $lang->expire_months, 1446 "never" => $lang->expire_permanent 1447 ); 1448 1449 echo "<div id=\"tab_modoptions\">\n"; 1450 $form_container = new FormContainer($lang->mod_options); 1451 $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes'); 1452 1453 // Mod posts 1454 // Generate check box 1455 $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period')); 1456 1457 // Do we have any existing suspensions here? 1458 if($user['moderateposts'] || ($mybb->input['moderateposting'] && !empty($errors))) 1459 { 1460 $mybb->input['moderateposting'] = 1; 1461 if($user['moderationtime'] != 0) 1462 { 1463 $expired = my_date($mybb->settings['dateformat'], $user['moderationtime']).", ".my_date($mybb->settings['timeformat'], $user['moderationtime']); 1464 $existing_info = $lang->sprintf($lang->moderate_length, $expired); 1465 } 1466 else 1467 { 1468 $existing_info = $lang->moderated_perm; 1469 } 1470 } 1471 1472 $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_text_box("modpost_time", $mybb->input['modpost_time'], array('style' => 'width: 2em;')).' '.$modpost_options.'</div>'; 1473 $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, $user['username']); 1474 $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->input['moderateposting'])), $lang->moderate_posts_info, $modpost_div); 1475 1476 // Suspend posts 1477 // Generate check box 1478 $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->input['suspost_period'], array('id' => 'suspost_period')); 1479 1480 // Do we have any existing suspensions here? 1481 if($user['suspendposting'] || ($mybb->input['suspendposting'] && !empty($errors))) 1482 { 1483 $mybb->input['suspendposting'] = 1; 1484 1485 if($user['suspensiontime'] == 0 || $mybb->input['suspost_period'] == "never") 1486 { 1487 $existing_info = $lang->suspended_perm; 1488 } 1489 else 1490 { 1491 $suspost_date = my_date($mybb->settings['dateformat'], $user['suspensiontime'])." ".my_date($mybb->settings['timeformat'], $user['suspensiontime']); 1492 $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date); 1493 } 1494 } 1495 1496 $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_text_box("suspost_time", $mybb->input['suspost_time'], array('style' => 'width: 2em;')).' '.$suspost_options.'</div>'; 1497 $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, $user['username']); 1498 $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->input['suspendposting'])), $lang->suspend_posts_info, $suspost_div); 1499 1500 1501 $form_container->end(); 1502 echo "</div>\n"; 1503 1504 $buttons[] = $form->generate_submit_button($lang->save_user); 1505 $form->output_submit_wrapper($buttons); 1506 1507 $form->end(); 1508 1509 echo '<script type="text/javascript"> 1510 <!-- 1511 1512 function toggleBox(action) 1513 { 1514 if(action == "modpost") 1515 { 1516 $("suspendposting").checked = false; 1517 $("suspost").hide(); 1518 1519 if($("moderateposting").checked == true) 1520 { 1521 $("modpost").show(); 1522 } 1523 else if($("moderateposting").checked == false) 1524 { 1525 $("modpost").hide(); 1526 } 1527 } 1528 else if(action == "suspost") 1529 { 1530 $("moderateposting").checked = false; 1531 $("modpost").hide(); 1532 1533 if($("suspendposting").checked == true) 1534 { 1535 $("suspost").show(); 1536 } 1537 else if($("suspendposting").checked == false) 1538 { 1539 $("suspost").hide(); 1540 } 1541 } 1542 } 1543 1544 if($("moderateposting").checked == false) 1545 { 1546 $("modpost").hide(); 1547 } 1548 else 1549 { 1550 $("modpost").show(); 1551 } 1552 1553 if($("suspendposting").checked == false) 1554 { 1555 $("suspost").hide(); 1556 } 1557 else 1558 { 1559 $("suspost").show(); 1560 } 1561 1562 // --> 1563 </script>'; 1564 1565 $page->output_footer(); 1566 } 1567 1568 if($mybb->input['action'] == "delete") 1569 { 1570 $plugins->run_hooks("admin_user_users_delete"); 1571 1572 $query = $db->simple_select("users", "*", "uid='".intval($mybb->input['uid'])."'"); 1573 $user = $db->fetch_array($query); 1574 1575 // Does the user not exist? 1576 if(!$user['uid']) 1577 { 1578 flash_message($lang->error_invalid_user, 'error'); 1579 admin_redirect("index.php?module=user-users"); 1580 } 1581 1582 if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid'])) 1583 { 1584 flash_message($lang->error_no_perms_super_admin, 'error'); 1585 admin_redirect("index.php?module=user-users"); 1586 } 1587 1588 // User clicked no 1589 if($mybb->input['no']) 1590 { 1591 admin_redirect("index.php?module=user-users"); 1592 } 1593 1594 if($mybb->request_method == "post") 1595 { 1596 // Delete the user 1597 $db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'"); 1598 $db->delete_query("userfields", "ufid='{$user['uid']}'"); 1599 $db->delete_query("privatemessages", "uid='{$user['uid']}'"); 1600 $db->delete_query("events", "uid='{$user['uid']}'"); 1601 $db->delete_query("forumsubscriptions", "uid='{$user['uid']}'"); 1602 $db->delete_query("threadsubscriptions", "uid='{$user['uid']}'"); 1603 $db->delete_query("sessions", "uid='{$user['uid']}'"); 1604 $db->delete_query("banned", "uid='{$user['uid']}'"); 1605 $db->delete_query("threadratings", "uid='{$user['uid']}'"); 1606 $db->delete_query("users", "uid='{$user['uid']}'"); 1607 $db->delete_query("joinrequests", "uid='{$user['uid']}'"); 1608 $db->delete_query("warnings", "uid='{$user['uid']}'"); 1609 $db->delete_query("reputation", "uid='{$user['uid']}' OR adduid='{$user['uid']}'"); 1610 $db->delete_query("awaitingactivation", "uid='{$uid}'"); 1611 1612 // Update forum stats 1613 update_stats(array('numusers' => '-1')); 1614 1615 // Did this user have an uploaded avatar? 1616 if($user['avatartype'] == "upload") 1617 { 1618 // Removes the ./ at the beginning the timestamp on the end... 1619 @unlink("../".substr($user['avatar'], 2, -20)); 1620 } 1621 1622 // Was this user a moderator? 1623 if(is_moderator($user['uid'])) 1624 { 1625 $db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'"); 1626 $cache->update_moderators(); 1627 } 1628 1629 $plugins->run_hooks("admin_user_users_delete_commit"); 1630 1631 // Log admin action 1632 log_admin_action($user['uid'], $user['username']); 1633 1634 flash_message($lang->success_user_deleted, 'success'); 1635 admin_redirect("index.php?module=user-users"); 1636 } 1637 else 1638 { 1639 $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation); 1640 } 1641 } 1642 1643 if($mybb->input['action'] == "referrers") 1644 { 1645 $plugins->run_hooks("admin_user_users_referrers"); 1646 1647 $page->add_breadcrumb_item($lang->show_referrers); 1648 $page->output_header($lang->show_referrers); 1649 1650 $sub_tabs['referrers'] = array( 1651 'title' => $lang->show_referrers, 1652 'link' => "index.php?module=user-users&action=referrers&uid={$mybb->input['uid']}", 1653 'description' => $lang->show_referrers_desc 1654 ); 1655 1656 $page->output_nav_tabs($sub_tabs, 'referrers'); 1657 1658 // Fetch default admin view 1659 $default_view = fetch_default_view("user"); 1660 if(!$default_view) 1661 { 1662 $default_view = "0"; 1663 } 1664 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 1665 $admin_view = $db->fetch_array($query); 1666 1667 if($mybb->input['type']) 1668 { 1669 $admin_view['view_type'] = $mybb->input['type']; 1670 } 1671 1672 $admin_view['conditions'] = unserialize($admin_view['conditions']); 1673 $admin_view['conditions']['referrer'] = $mybb->input['uid']; 1674 1675 echo build_users_view($admin_view); 1676 1677 $page->output_footer(); 1678 } 1679 1680 if($mybb->input['action'] == "ipaddresses") 1681 { 1682 $plugins->run_hooks("admin_user_users_ipaddresses"); 1683 1684 $page->add_breadcrumb_item($lang->ip_addresses); 1685 $page->output_header($lang->ip_addresses); 1686 1687 $sub_tabs['ipaddresses'] = array( 1688 'title' => $lang->show_ip_addresses, 1689 'link' => "index.php?module=user-users&action=ipaddresses&uid={$mybb->input['uid']}", 1690 'description' => $lang->show_ip_addresses_desc 1691 ); 1692 1693 $page->output_nav_tabs($sub_tabs, 'ipaddresses'); 1694 1695 $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1)); 1696 $user = $db->fetch_array($query); 1697 1698 // Log admin action 1699 log_admin_action($user['uid'], $user['username']); 1700 1701 $table = new Table; 1702 1703 $table->construct_header($lang->ip_address); 1704 $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center")); 1705 1706 if(empty($user['lastip'])) 1707 { 1708 $user['lastip'] = $lang->unknown; 1709 $controls = ''; 1710 } 1711 else 1712 { 1713 $popup = new PopupMenu("user_last", $lang->options); 1714 $popup->add_item($lang->show_users_regged_with_ip, 1715 "index.php?module=user-users&action=search&results=1&conditions=".urlencode(serialize(array("regip" => $user['lastip'])))); 1716 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $user['lastip'])))); 1717 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['lastip']}', 'iplookup', 500, 250); return false;"); 1718 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['lastip']}"); 1719 $controls = $popup->fetch(); 1720 } 1721 $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> {$user['lastip']}"); 1722 $table->construct_cell($controls, array('class' => "align_center")); 1723 $table->construct_row(); 1724 1725 if(empty($user['regip'])) 1726 { 1727 $user['regip'] = $lang->unknown; 1728 $controls = ''; 1729 } 1730 else 1731 { 1732 $popup = new PopupMenu("user_reg", $lang->options); 1733 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("regip" => $user['regip'])))); 1734 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $user['regip'])))); 1735 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$user['regip']}', 'iplookup', 500, 250); return false;"); 1736 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$user['regip']}"); 1737 $controls = $popup->fetch(); 1738 } 1739 $table->construct_cell("<strong>{$lang->registration_ip}:</strong> {$user['regip']}"); 1740 $table->construct_cell($controls, array('class' => "align_center")); 1741 $table->construct_row(); 1742 1743 $counter = 0; 1744 1745 $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'"); 1746 while($ip = $db->fetch_array($query)) 1747 { 1748 ++$counter; 1749 $popup = new PopupMenu("id_{$counter}", $lang->options); 1750 $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("regip" => $ip['ipaddress'])))); 1751 $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&results=1&action=search&conditions=".urlencode(serialize(array("postip" => $ip['ipaddress'])))); 1752 $popup->add_item($lang->info_on_ip, "{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('{$mybb->settings['bburl']}/modcp.php?action=iplookup&ipaddress={$ip['ipaddress']}', 'iplookup', 500, 250); return false;"); 1753 $popup->add_item($lang->ban_ip, "index.php?module=config-banning&filter={$ip['ipaddress']}"); 1754 $controls = $popup->fetch(); 1755 1756 $table->construct_cell($ip['ipaddress']); 1757 $table->construct_cell($controls, array('class' => "align_center")); 1758 $table->construct_row(); 1759 } 1760 1761 $table->output($lang->ip_address_for." {$user['username']}"); 1762 1763 $page->output_footer(); 1764 } 1765 1766 if($mybb->input['action'] == "merge") 1767 { 1768 $plugins->run_hooks("admin_user_users_merge"); 1769 1770 if($mybb->request_method == "post") 1771 { 1772 $query = $db->simple_select("users", "*", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['source_username']))."'"); 1773 $source_user = $db->fetch_array($query); 1774 if(!$source_user['uid']) 1775 { 1776 $errors[] = $lang->error_invalid_user_source; 1777 } 1778 1779 $query = $db->simple_select("users", "*", "LOWER(username)='".$db->escape_string(my_strtolower($mybb->input['destination_username']))."'"); 1780 $destination_user = $db->fetch_array($query); 1781 if(!$destination_user['uid']) 1782 { 1783 $errors[] = $lang->error_invalid_user_destination; 1784 } 1785 1786 // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action 1787 if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid']))) 1788 { 1789 flash_message($lang->error_no_perms_super_admin, 'error'); 1790 admin_redirect("index.php?module=user-users"); 1791 } 1792 1793 if($source_user['uid'] == $destination_user['uid']) 1794 { 1795 $errors[] = $lang->error_cannot_merge_same_account; 1796 } 1797 1798 if(empty($errors)) 1799 { 1800 // Begin to merge the accounts 1801 $uid_update = array( 1802 "uid" => $destination_user['uid'] 1803 ); 1804 $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'"); 1805 $existing_admin_options = $db->fetch_field($query, "uid"); 1806 1807 // Only carry over admin options/permissions if we don't already have them 1808 if(!$existing_admin_options) 1809 { 1810 $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'"); 1811 } 1812 1813 $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'"); 1814 $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'"); 1815 $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'"); 1816 $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1817 $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'"); 1818 $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'"); 1819 $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'"); 1820 $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'"); 1821 $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'"); 1822 $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'"); 1823 $db->update_query("reportedposts", $uid_update, "uid='{$source_user['uid']}'"); 1824 $db->update_query("threadratings", $uid_update, "uid='{$source_user['uid']}'"); 1825 $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'"); 1826 $db->delete_query("sessions", "uid='{$source_user['uid']}'"); 1827 1828 // Is the source user a moderator? 1829 if($groupscache[$source_user['usergroup']]['canmodcp']) 1830 { 1831 $db->delete_query("moderators", "id='{$source_user['uid']}' AND isgroup = '0'"); 1832 1833 // Update the moderator cache... 1834 $cache->update_moderators(); 1835 } 1836 1837 // Merging Reputation 1838 // First, let's change all the details over to our new user... 1839 $rep_update = array( 1840 "adduid" => $destination_user['uid'], 1841 "uid" => $destination_user['uid'] 1842 ); 1843 $db->update_query("reputation", $rep_update, "adduid = '".$source_user['uid']."' OR uid = '".$source_user['uid']."'"); 1844 1845 // Now that all the repuation is merged, figure out what to do with this user's comments... 1846 $options = array( 1847 "order_by" => "uid", 1848 "order_dir" => "ASC" 1849 ); 1850 1851 $to_remove = array(); 1852 $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'"); 1853 while($rep = $db->fetch_array($query)) 1854 { 1855 if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid']) 1856 { 1857 // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment 1858 $to_remove[] = $rep['rid']; 1859 } 1860 1861 // Remove comments or posts liked by "me" 1862 if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid']) 1863 { 1864 if(!in_array($rep['rid'], $to_remove)) 1865 { 1866 $to_remove[] = $rep['rid']; 1867 continue; 1868 } 1869 } 1870 1871 $last_result = array( 1872 "rid" => $rep['rid'], 1873 "uid" => $rep['uid'] 1874 ); 1875 } 1876 1877 // Remove any reputations we've selected to remove... 1878 if(!empty($to_remove)) 1879 { 1880 $imp = implode(",", $to_remove); 1881 $db->delete_query("reputation", "rid IN (".$imp.")"); 1882 } 1883 1884 // Calculate the new reputation for this user... 1885 $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'"); 1886 $total_reputation = $db->fetch_field($query, "total_rep"); 1887 1888 $db->update_query("users", array('reputation' => intval($total_reputation)), "uid='{$destination_user['uid']}'"); 1889 1890 // Additional updates for non-uid fields 1891 $last_poster = array( 1892 "lastposteruid" => $destination_user['uid'], 1893 "lastposter" => $db->escape_string($destination_user['username']) 1894 ); 1895 $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'"); 1896 $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'"); 1897 $edit_uid = array( 1898 "edituid" => $destination_user['uid'] 1899 ); 1900 $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'"); 1901 1902 $from_uid = array( 1903 "fromid" => $destination_user['uid'] 1904 ); 1905 $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'"); 1906 $to_uid = array( 1907 "toid" => $destination_user['uid'] 1908 ); 1909 $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'"); 1910 1911 // Delete the old user 1912 $db->delete_query("users", "uid='{$source_user['uid']}'"); 1913 $db->delete_query("banned", "uid='{$source_user['uid']}'"); 1914 1915 // Get a list of forums where post count doesn't apply 1916 $fids = array(); 1917 $query = $db->simple_select("forums", "fid", "usepostcounts=0"); 1918 while($fid = $db->fetch_field($query, "fid")) 1919 { 1920 $fids[] = $fid; 1921 } 1922 1923 $fids_not_in = ''; 1924 if(!empty($fids)) 1925 { 1926 $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")"; 1927 } 1928 1929 // Update user post count 1930 $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}"); 1931 $num = $db->fetch_array($query); 1932 $updated_count = array( 1933 "postnum" => $num['postnum'] 1934 ); 1935 $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'"); 1936 1937 // Use the earliest registration date 1938 if($destination_user['regdate'] > $source_user['regdate']) 1939 { 1940 $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'"); 1941 } 1942 1943 update_stats(array('numusers' => '-1')); 1944 1945 $plugins->run_hooks("admin_user_users_merge_commit"); 1946 1947 // Log admin action 1948 log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']); 1949 1950 // Redirect! 1951 flash_message("<strong>{$source_user['username']}</strong> {$lang->success_merged} {$destination_user['username']}", "success"); 1952 admin_redirect("index.php?module=user-users"); 1953 exit; 1954 } 1955 } 1956 1957 $page->add_breadcrumb_item($lang->merge_users); 1958 $page->output_header($lang->merge_users); 1959 1960 $page->output_nav_tabs($sub_tabs, 'merge_users'); 1961 1962 // If we have any error messages, show them 1963 if($errors) 1964 { 1965 $page->output_inline_error($errors); 1966 } 1967 1968 $form = new Form("index.php?module=user-users&action=merge", "post"); 1969 1970 $form_container = new FormContainer($lang->merge_users); 1971 $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->input['source_username'], array('id' => 'source_username')), 'source_username'); 1972 $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->input['destination_username'], array('id' => 'destination_username')), 'destination_username'); 1973 $form_container->end(); 1974 1975 // Autocompletion for usernames 1976 echo ' 1977 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 1978 <script type="text/javascript"> 1979 <!-- 1980 new autoComplete("source_username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 1981 new autoComplete("destination_username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 1982 // --> 1983 </script>'; 1984 1985 $buttons[] = $form->generate_submit_button($lang->merge_user_accounts); 1986 $form->output_submit_wrapper($buttons); 1987 $form->end(); 1988 1989 $page->output_footer(); 1990 } 1991 1992 if($mybb->input['action'] == "search") 1993 { 1994 $plugins->run_hooks("admin_user_users_search"); 1995 1996 if($mybb->request_method == "post" || $mybb->input['results'] == 1) 1997 { 1998 // Build view options from incoming search options 1999 if($mybb->input['vid']) 2000 { 2001 $query = $db->simple_select("adminviews", "*", "vid='".intval($mybb->input['vid'])."'"); 2002 $admin_view = $db->fetch_array($query); 2003 // View does not exist or this view is private and does not belong to the current user 2004 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2005 { 2006 unset($admin_view); 2007 } 2008 } 2009 2010 if($mybb->input['search_id'] && $admin_session['data']['user_views'][$mybb->input['search_id']]) 2011 { 2012 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 2013 unset($admin_view['extra_sql']); 2014 } 2015 else 2016 { 2017 // Don't have a view? Fetch the default 2018 if(!$admin_view['vid']) 2019 { 2020 $default_view = fetch_default_view("user"); 2021 if(!$default_view) 2022 { 2023 $default_view = "0"; 2024 } 2025 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2026 $admin_view = $db->fetch_array($query); 2027 } 2028 } 2029 2030 // Override specific parts of the view 2031 unset($admin_view['vid']); 2032 2033 if($mybb->input['type']) 2034 { 2035 $admin_view['view_type'] = $mybb->input['type']; 2036 } 2037 2038 if($mybb->input['conditions']) 2039 { 2040 $admin_view['conditions'] = $mybb->input['conditions']; 2041 } 2042 2043 if($mybb->input['sortby']) 2044 { 2045 $admin_view['sortby'] = $mybb->input['sortby']; 2046 } 2047 2048 if($mybb->input['perpage']) 2049 { 2050 $admin_view['perpage'] = $mybb->input['perpage']; 2051 } 2052 2053 if($mybb->input['order']) 2054 { 2055 $admin_view['sortorder'] = $mybb->input['order']; 2056 } 2057 2058 if($mybb->input['displayas']) 2059 { 2060 $admin_view['view_type'] = $mybb->input['displayas']; 2061 } 2062 2063 if($mybb->input['profile_fields']) 2064 { 2065 $admin_view['custom_profile_fields'] = $mybb->input['profile_fields']; 2066 } 2067 2068 $results = build_users_view($admin_view); 2069 2070 if($results) 2071 { 2072 $page->output_header($lang->find_users); 2073 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2074 $page->output_nav_tabs($sub_tabs, 'find_users'); 2075 echo $results; 2076 $page->output_footer(); 2077 } 2078 else 2079 { 2080 if($mybb->input['from'] == "home") 2081 { 2082 flash_message($lang->error_no_users_found, 'error'); 2083 admin_redirect("index.php"); 2084 exit; 2085 } 2086 else 2087 { 2088 $errors[] = $lang->error_no_users_found; 2089 } 2090 } 2091 } 2092 2093 $page->add_breadcrumb_item($lang->find_users); 2094 $page->output_header($lang->find_users); 2095 2096 $page->output_nav_tabs($sub_tabs, 'find_users'); 2097 2098 // If we have any error messages, show them 2099 if($errors) 2100 { 2101 $page->output_inline_error($errors); 2102 } 2103 2104 if(!$mybb->input['displayas']) 2105 { 2106 $mybb->input['displayas'] = "card"; 2107 } 2108 2109 $form = new Form("index.php?module=user-users&action=search", "post"); 2110 2111 user_search_conditions($mybb->input, $form); 2112 2113 $form_container = new FormContainer($lang->display_options); 2114 $sort_directions = array( 2115 "asc" => $lang->ascending, 2116 "desc" => $lang->descending 2117 ); 2118 $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->input['order'], array('id' => 'order')), 'sortby'); 2119 $form_container->output_row($lang->results_per_page, "", $form->generate_text_box('perpage', $mybb->input['perpage'], array('id' => 'perpage')), 'perpage'); 2120 $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->input['displayas'] != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->input['displayas'] == "card" ? true : false)))); 2121 $form_container->end(); 2122 2123 $buttons[] = $form->generate_submit_button($lang->find_users); 2124 $form->output_submit_wrapper($buttons); 2125 $form->end(); 2126 2127 $page->output_footer(); 2128 } 2129 2130 if($mybb->input['action'] == "inline_edit") 2131 { 2132 $plugins->run_hooks("admin_user_users_inline"); 2133 2134 if($mybb->input['vid'] || $mybb->cookies['acp_view']) 2135 { 2136 // We have a custom view 2137 if(!$mybb->cookies['acp_view']) 2138 { 2139 // Set a cookie 2140 my_setcookie("acp_view", $mybb->input['vid'], 60); 2141 } 2142 elseif($mybb->cookies['acp_view']) 2143 { 2144 // We already have a cookie, so let's use it... 2145 $mybb->input['vid'] = $mybb->cookies['acp_view']; 2146 } 2147 2148 $vid_url = "&vid=".$mybb->input['vid']; 2149 } 2150 2151 // First, collect the user IDs that we're performing the moderation on 2152 $ids = explode("|", $mybb->cookies['inlinemod_useracp']); 2153 foreach($ids as $id) 2154 { 2155 if($id != '') 2156 { 2157 $selected[] = intval($id); 2158 } 2159 } 2160 2161 // If there isn't anything to select, then output an error 2162 if(!is_array($selected)) 2163 { 2164 if($mybb->input['inline_action'] != "multilift" && $mybb->request_method != "post") 2165 { 2166 $errors[] = $lang->error_inline_no_users_selected; 2167 } 2168 } 2169 2170 if($errors) 2171 { 2172 // Don't show views, but show the user list if there's errors 2173 $inline = true; 2174 $mybb->input['action'] = ''; 2175 } 2176 else 2177 { 2178 // Let's continue! 2179 // Verify incoming POST request 2180 if(!verify_post_check($mybb->input['my_post_key'])) 2181 { 2182 flash_message($lang->invalid_post_verify_key2, 'error'); 2183 admin_redirect("index.php?module=user-user"); 2184 } 2185 $sub_tabs['manage_users'] = array( 2186 "title" => $lang->manage_users, 2187 "link" => "./", 2188 "description" => $lang->manage_users_desc 2189 ); 2190 $page->add_breadcrumb_item($lang->manage_users); 2191 2192 if(!is_array($selected)) 2193 { 2194 // Not selected any users, show error 2195 flash_message($lang->error_inline_no_users_selected, 'error'); 2196 admin_redirect("index.php?module=user-users".$vid_url); 2197 } 2198 2199 switch($mybb->input['inline_action']) 2200 { 2201 case 'multiactivate': 2202 // Run through the activating users, so that users already registered (but have been selected) aren't affected 2203 if(is_array($selected)) 2204 { 2205 $sql_array = implode(",", $selected); 2206 $query = $db->simple_select("users", "uid", "usergroup = '5' AND uid IN (".$sql_array.")"); 2207 while($user = $db->fetch_array($query)) 2208 { 2209 $to_update[] = $user['uid']; 2210 } 2211 } 2212 2213 if(is_array($to_update)) 2214 { 2215 $sql_array = implode(",", $to_update); 2216 $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")"); 2217 2218 // Action complete, grab stats and show success message - redirect user 2219 $to_update_count = count($to_update); 2220 $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count)); 2221 2222 if($to_update_count != count($selected)) 2223 { 2224 // The update count is different to how many we selected! 2225 $not_updated_count = count($selected) - $to_update_count; 2226 $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count)); 2227 $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message 2228 } 2229 2230 $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog 2231 log_admin_action($to_update_count); // Add to adminlog 2232 my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected 2233 2234 flash_message($lang->inline_activated, 'success'); 2235 admin_redirect("index.php?module=user-users".$vid_url); 2236 } 2237 else 2238 { 2239 // Nothing was updated, show an error 2240 flash_message($lang->inline_activated_failed, 'error'); 2241 admin_redirect("index.php?module=user-users".$vid_url); 2242 } 2243 break; 2244 case 'multilift': 2245 // Get the users that are banned, and check that they have been selected 2246 if($mybb->input['no']) 2247 { 2248 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No' 2249 } 2250 2251 if($mybb->request_method == "post") 2252 { 2253 $sql_array = implode(",", $selected); 2254 $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")"); 2255 $to_be_unbanned = $db->num_rows($query); 2256 while($ban = $db->fetch_array($query)) 2257 { 2258 $updated_group = array( 2259 "usergroup" => $ban['oldgroup'], 2260 "additionalgroups" => $ban['oldadditionalgroups'], 2261 "displaygroup" => $ban['olddisplaygroup'] 2262 ); 2263 $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'"); 2264 $db->delete_query("banned", "uid = '".$ban['uid']."'"); 2265 } 2266 2267 $cache->update_banned(); 2268 $cache->update_moderators(); 2269 2270 $mybb->input['action'] = "inline_lift"; 2271 log_admin_action($to_be_unbanned); 2272 my_unsetcookie("inlinemod_useracp"); 2273 2274 $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned)); 2275 flash_message($lang->success_ban_lifted, 'success'); 2276 admin_redirect("index.php?module=user-users".$vid_url); 2277 } 2278 else 2279 { 2280 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multilift", $lang->confirm_multilift); 2281 } 2282 2283 break; 2284 case 'multiban': 2285 if($mybb->input['processed'] == 1) 2286 { 2287 // We've posted ban information! 2288 // Build an array of users to ban, =D 2289 $sql_array = implode(",", $selected); 2290 // Build a cache array for this users that have been banned already 2291 $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")"); 2292 while($user = $db->fetch_array($query)) 2293 { 2294 $bannedcache[] = "u_".$user['uid']; 2295 } 2296 2297 // Collect the users 2298 $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")"); 2299 2300 if($mybb->input['bantime'] == '---') 2301 { 2302 $lifted = 0; 2303 } 2304 else 2305 { 2306 $lifted = ban_date2timestamp($mybb->input['bantime']); 2307 } 2308 2309 $banned_count = 0; 2310 while($user = $db->fetch_array($query)) 2311 { 2312 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2313 { 2314 // We remove ourselves and Super Admins from the mix 2315 continue; 2316 } 2317 2318 if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache)) 2319 { 2320 // User already has a ban, update it! 2321 $update_array = array( 2322 "admin" => intval($mybb->user['uid']), 2323 "dateline" => TIME_NOW, 2324 "bantime" => $db->escape_string($mybb->input['bantime']), 2325 "lifted" => $db->escape_string($lifted), 2326 "reason" => $db->escape_string($mybb->input['reason']) 2327 ); 2328 $db->update_query("banned", $update_array, "uid = '".$user['uid']."'"); 2329 } 2330 else 2331 { 2332 // Not currently banned - insert the ban 2333 $insert_array = array( 2334 'uid' => $user['uid'], 2335 'gid' => intval($mybb->input['usergroup']), 2336 'oldgroup' => $user['usergroup'], 2337 'oldadditionalgroups' => $user['additionalgroups'], 2338 'olddisplaygroup' => $user['displaygroup'], 2339 'admin' => intval($mybb->user['uid']), 2340 'dateline' => TIME_NOW, 2341 'bantime' => $db->escape_string($mybb->input['bantime']), 2342 'lifted' => $db->escape_string($lifted), 2343 'reason' => $db->escape_string($mybb->input['reason']) 2344 ); 2345 $db->insert_query('banned', $insert_array); 2346 } 2347 2348 // Moved the user to the 'Banned' Group 2349 $update_array = array( 2350 'usergroup' => 7, 2351 'displaygroup' => 0, 2352 'additionalgroups' => '', 2353 ); 2354 $db->update_query('users', $update_array, "uid = '{$user['uid']}'"); 2355 2356 $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'"); 2357 $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'"); 2358 2359 $cache->update_banned(); 2360 ++$banned_count; 2361 } 2362 $mybb->input['action'] = "inline_banned"; 2363 log_admin_action($banned_count, $lifted); 2364 my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them 2365 2366 $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count); 2367 flash_message($lang->users_banned, 'success'); 2368 admin_redirect("index.php?module=user-users".$vid_url); 2369 } 2370 2371 $page->output_header($lang->manage_users); 2372 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2373 2374 // Provide the user with a warning of what they're about to do 2375 $table = new Table; 2376 $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected)); 2377 $table->construct_cell($lang->mass_ban_info); 2378 $table->construct_row(); 2379 $table->output($lang->important); 2380 2381 // If there's any errors, display inline 2382 if($errors) 2383 { 2384 $page->output_inline_error($errors); 2385 } 2386 2387 $form = new Form("index.php?module=user-users", "post"); 2388 echo $form->generate_hidden_field('action', 'inline_edit'); 2389 echo $form->generate_hidden_field('inline_action', 'multiban'); 2390 echo $form->generate_hidden_field('processed', '1'); 2391 2392 $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&action=inline_edit&inline_action=multilift&my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban); 2393 $form_container->output_row($lang->ban_reason, "", $form->generate_text_box('reason', $mybb->input['reason'], array('id' => 'reason')), 'reason'); 2394 $ban_times = fetch_ban_times(); 2395 foreach($ban_times as $time => $period) 2396 { 2397 if($time != '---') 2398 { 2399 $friendly_time = my_date("D, jS M Y @ g:ia", ban_date2timestamp($time)); 2400 $period = "{$period} ({$friendly_time})"; 2401 } 2402 $length_list[$time] = $period; 2403 } 2404 $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime'); 2405 $form_container->end(); 2406 2407 $buttons[] = $form->generate_submit_button($lang->ban_users); 2408 $form->output_submit_wrapper($buttons); 2409 $form->end(); 2410 $page->output_footer(); 2411 break; 2412 case 'multidelete': 2413 if($mybb->input['no']) 2414 { 2415 admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No 2416 } 2417 else 2418 { 2419 if($mybb->input['processed'] == 1) 2420 { 2421 // Admin wants these users, gone! 2422 $sql_array = implode(",", $selected); 2423 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2424 $to_be_deleted = $db->num_rows($query); 2425 while($user = $db->fetch_array($query)) 2426 { 2427 if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid'])) 2428 { 2429 // Remove me and super admins 2430 continue; 2431 } 2432 else 2433 { 2434 // Run delete queries 2435 $db->update_query("posts", array('uid' => 0), "uid='{$user['uid']}'"); 2436 $db->delete_query("userfields", "ufid='{$user['uid']}'"); 2437 $db->delete_query("privatemessages", "uid='{$user['uid']}'"); 2438 $db->delete_query("events", "uid='{$user['uid']}'"); 2439 $db->delete_query("moderators", "id='{$user['uid']}' AND isgroup = '0'"); 2440 $db->delete_query("forumsubscriptions", "uid='{$user['uid']}'"); 2441 $db->delete_query("threadsubscriptions", "uid='{$user['uid']}'"); 2442 $db->delete_query("sessions", "uid='{$user['uid']}'"); 2443 $db->delete_query("banned", "uid='{$user['uid']}'"); 2444 $db->delete_query("threadratings", "uid='{$user['uid']}'"); 2445 $db->delete_query("users", "uid='{$user['uid']}'"); 2446 $db->delete_query("joinrequests", "uid='{$user['uid']}'"); 2447 $db->delete_query("warnings", "uid='{$user['uid']}'"); 2448 } 2449 } 2450 // Update forum stats, remove the cookie and redirect the user 2451 update_stats(array('numusers' => '-'.$to_be_deleted.'')); 2452 my_unsetcookie("inlinemod_useracp"); 2453 $mybb->input['action'] = "inline_delete"; 2454 log_admin_action($to_be_deleted); 2455 2456 $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted); 2457 flash_message($lang->users_deleted, 'success'); 2458 admin_redirect("index.php?module=user-users".$vid_url); 2459 } 2460 2461 $to_be_deleted = count($selected); 2462 $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted)); 2463 $page->output_confirm_action("index.php?module=user-users&action=inline_edit&inline_action=multidelete&my_post_key={$mybb->post_code}&processed=1", $lang->confirm_multidelete); 2464 } 2465 break; 2466 case 'multiprune': 2467 if($mybb->input['processed'] == 1) 2468 { 2469 if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set']) 2470 { 2471 $errors[] = $lang->multi_selected_dates; 2472 } 2473 2474 $day = intval($mybb->input['day']); 2475 $month = intval($mybb->input['month']); 2476 $year = intval($mybb->input['year']); 2477 2478 // Selected a date - check if the date the user entered is valid 2479 if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) 2480 { 2481 // Is the date sort of valid? 2482 if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29)) 2483 { 2484 $errors[] = $lang->incorrect_date; 2485 } 2486 2487 // Check the month 2488 $months = get_bdays($year); 2489 if($day > $months[$month]-1) 2490 { 2491 $errors[] = $lang->incorrect_date; 2492 } 2493 2494 // Check the year 2495 if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y")) 2496 { 2497 $errors[] = $lang->incorrect_date; 2498 } 2499 2500 if(!$errors) 2501 { 2502 // No errors, so let's continue and set the date to delete from 2503 $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp 2504 } 2505 } 2506 elseif($mybb->input['set'] > 0) 2507 { 2508 // Set options 2509 // For this purpose, 1 month = 31 days 2510 $base_time = 24 * 60 * 60; 2511 2512 switch($mybb->input['set']) 2513 { 2514 case '1': 2515 $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms 2516 break; 2517 case '2': 2518 $threshold = $base_time * 93; // 3 months = 31 days * 3 2519 break; 2520 case '3': 2521 $threshold = $base_time * 183; // 6 months = 365 days / 2 2522 break; 2523 case '4': 2524 $threshold = $base_time * 365; // 1 year = 365 days 2525 break; 2526 case '5': 2527 $threshold = $base_time * 548; // 18 months = 365 + 183 2528 break; 2529 case '6': 2530 $threshold = $base_time * 730; // 2 years = 365 * 2 2531 break; 2532 } 2533 2534 if(!$threshold) 2535 { 2536 // An option was entered that isn't in the dropdown box 2537 $errors[] = $lang->no_set_option; 2538 } 2539 else 2540 { 2541 $date = TIME_NOW - $threshold; 2542 } 2543 } 2544 else 2545 { 2546 $errors[] = $lang->no_prune_option; 2547 } 2548 2549 if(!$errors) 2550 { 2551 $sql_array = implode(",", $selected); 2552 $prune_array = array(); 2553 $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")"); 2554 while($user = $db->fetch_array($query)) 2555 { 2556 // Protect Super Admins 2557 if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid'])) 2558 { 2559 continue; 2560 } 2561 2562 $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete 2563 if($return_array && is_array($return_array)) 2564 { 2565 $prune_array = array_merge_recursive($prune_array, $return_array); 2566 } 2567 } 2568 2569 // No posts were found for the user, return error 2570 if(!is_array($prune_array) || count($prune_array) == 0) 2571 { 2572 flash_message($lang->prune_fail, 'error'); 2573 admin_redirect("index.php?module=user-users".$vid_url); 2574 } 2575 2576 // Require the rebuild functions 2577 require_once (MYBB_ROOT.'/inc/functions.php'); 2578 require_once (MYBB_ROOT.'/inc/functions_rebuild.php'); 2579 2580 // We've finished deleting user's posts, so let's delete the threads 2581 if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0) 2582 { 2583 foreach($prune_array['to_delete'] as $tid) 2584 { 2585 $db->delete_query("threads", "tid='$tid'"); 2586 $db->delete_query("threads", "closed='moved|$tid'"); 2587 $db->delete_query("threadsubscriptions", "tid='$tid'"); 2588 $db->delete_query("polls", "tid='$tid'");; 2589 $db->delete_query("threadsread", "tid='$tid'"); 2590 } 2591 } 2592 2593 // After deleting threads, rebuild the thread counters for the affected threads 2594 if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0) 2595 { 2596 $sql_array = implode(",", $prune_array['thread_update']); 2597 $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc')); 2598 while($thread = $db->fetch_array($query)) 2599 { 2600 rebuild_thread_counters($thread['tid']); 2601 } 2602 } 2603 2604 // After updating thread counters, update the affected forum counters 2605 if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0) 2606 { 2607 $sql_array = implode(",", $prune_array['forum_update']); 2608 $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc')); 2609 while($forum = $db->fetch_array($query)) 2610 { 2611 // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update 2612 if($looped_forum == $forum['fid']) 2613 { 2614 continue; 2615 } 2616 $looped_forum = $forum['fid']; 2617 rebuild_forum_counters($forum['fid']); 2618 } 2619 } 2620 2621 //log_admin_action(); 2622 my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie 2623 flash_message($lang->prune_complete, 'success'); 2624 admin_redirect("index.php?module=user-users".$vid_url); 2625 } 2626 } 2627 2628 $page->output_header($lang->manage_users); 2629 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2630 2631 // Display a table warning 2632 $table = new Table; 2633 $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected)); 2634 $table->construct_cell($lang->mass_prune_info); 2635 $table->construct_row(); 2636 $table->output($lang->important); 2637 2638 if($errors) 2639 { 2640 $page->output_inline_error($errors); 2641 } 2642 2643 // Display the prune options 2644 $form = new Form("index.php?module=user-users", "post"); 2645 echo $form->generate_hidden_field('action', 'inline_edit'); 2646 echo $form->generate_hidden_field('inline_action', 'multiprune'); 2647 echo $form->generate_hidden_field('processed', '1'); 2648 2649 $form_container = new FormContainer($lang->mass_prune_posts); 2650 2651 // Generate a list of days (1 - 31) 2652 $day_options = array(); 2653 $day_options[] = " "; 2654 for($i = 1; $i <= 31; ++$i) 2655 { 2656 $day_options[] = $i; 2657 } 2658 2659 // Generate a list of months (1 - 12) 2660 $month_options = array(); 2661 $month_options[] = " "; 2662 for($i = 1; $i <= 12; ++$i) 2663 { 2664 $string = "month_{$i}"; 2665 $month_options[] = $lang->$string; 2666 } 2667 $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']); 2668 $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']); 2669 $year_box = $form->generate_text_box('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;')); 2670 2671 $prune_select = $date_box.$month_box.$year_box; 2672 $form_container->output_row($lang->manual_date, "", $prune_select, 'date'); 2673 2674 // Generate the set date box 2675 $set_options = array(); 2676 $set_options[] = $lang->set_an_option; 2677 for($i = 1; $i <= 6; ++$i) 2678 { 2679 $string = "option_{$i}"; 2680 $set_options[] = $lang->$string; 2681 } 2682 2683 $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set'); 2684 $form_container->end(); 2685 2686 $buttons[] = $form->generate_submit_button($lang->prune_posts); 2687 $form->output_submit_wrapper($buttons); 2688 $form->end(); 2689 $page->output_footer(); 2690 break; 2691 case 'multiusergroup': 2692 if($mybb->input['processed'] == 1) 2693 { 2694 // Determine additional usergroups 2695 if(is_array($mybb->input['additionalgroups'])) 2696 { 2697 foreach($mybb->input['additionalgroups'] as $key => $gid) 2698 { 2699 if($gid == $mybb->input['usergroup']) 2700 { 2701 unset($mybb->input['additionalgroups'][$key]); 2702 } 2703 } 2704 $additionalgroups = implode(",", $mybb->input['additionalgroups']); 2705 } 2706 else 2707 { 2708 $additionalgroups = ''; 2709 } 2710 2711 // Create an update array 2712 $update_array = array( 2713 "usergroup" => $mybb->input['usergroup'], 2714 "additionalgroups" => $additionalgroups, 2715 "displaygroup" => $mybb->input['displaygroup'] 2716 ); 2717 2718 // Do the usergroup update for all those selected 2719 // If the a selected user is a super admin, don't update that user 2720 foreach($selected as $user) 2721 { 2722 if(!is_super_admin($user)) 2723 { 2724 $users_to_update[] = $user; 2725 } 2726 } 2727 2728 $to_update_count = count($users_to_update); 2729 if($to_update_count > 0 && is_array($users_to_update)) 2730 { 2731 // Update the users in the database 2732 $sql = implode(",", $users_to_update); 2733 $db->update_query("users", $update_array, "uid IN (".$sql.")"); 2734 2735 // Redirect the admin... 2736 $mybb->input['action'] = "inline_usergroup"; 2737 log_admin_action($to_update_count); 2738 my_unsetcookie("inlinemod_useracp"); 2739 flash_message($lang->success_mass_usergroups, 'success'); 2740 admin_redirect("index.php?module=user-users".$vid_url); 2741 } 2742 else 2743 { 2744 // They tried to edit super admins! Uh-oh! 2745 $errors[] = $lang->no_usergroup_changed; 2746 } 2747 } 2748 2749 $page->output_header($lang->manage_users); 2750 $page->output_nav_tabs($sub_tabs, 'manage_users'); 2751 2752 // Display a table warning 2753 $table = new Table; 2754 $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected)); 2755 $table->construct_cell($lang->usergroup_info); 2756 $table->construct_row(); 2757 $table->output($lang->important); 2758 2759 if($errors) 2760 { 2761 $page->output_inline_error($errors); 2762 } 2763 2764 // Display the usergroup options 2765 $form = new Form("index.php?module=user-users", "post"); 2766 echo $form->generate_hidden_field('action', 'inline_edit'); 2767 echo $form->generate_hidden_field('inline_action', 'multiusergroup'); 2768 echo $form->generate_hidden_field('processed', '1'); 2769 2770 $form_container = new FormContainer($lang->mass_usergroups); 2771 2772 // Usergroups 2773 $display_group_options[0] = $lang->use_primary_user_group; 2774 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 2775 while($usergroup = $db->fetch_array($query)) 2776 { 2777 $options[$usergroup['gid']] = $usergroup['title']; 2778 $display_group_options[$usergroup['gid']] = $usergroup['title']; 2779 } 2780 2781 if(!is_array($mybb->input['additionalgroups'])) 2782 { 2783 $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']); 2784 } 2785 2786 $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->input['usergroup'], array('id' => 'usergroup')), 'usergroup'); 2787 $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups'); 2788 $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup'); 2789 2790 $form_container->end(); 2791 2792 $buttons[] = $form->generate_submit_button($lang->alter_usergroups); 2793 $form->output_submit_wrapper($buttons); 2794 $form->end(); 2795 $page->output_footer(); 2796 break; 2797 } 2798 } 2799 } 2800 2801 if(!$mybb->input['action']) 2802 { 2803 $plugins->run_hooks("admin_user_users_start"); 2804 2805 $page->output_header($lang->browse_users); 2806 echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>"; 2807 2808 $page->output_nav_tabs($sub_tabs, 'browse_users'); 2809 2810 if($mybb->input['search_id'] && $admin_session['data']['user_views'][$mybb->input['search_id']]) 2811 { 2812 $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']]; 2813 unset($admin_view['extra_sql']); 2814 } 2815 else 2816 { 2817 // Showing a specific view 2818 if($mybb->input['vid']) 2819 { 2820 $query = $db->simple_select("adminviews", "*", "vid='".intval($mybb->input['vid'])."'"); 2821 $admin_view = $db->fetch_array($query); 2822 // View does not exist or this view is private and does not belong to the current user 2823 if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid'])) 2824 { 2825 unset($admin_view); 2826 } 2827 } 2828 2829 // Don't have a view? Fetch the default 2830 if(!$admin_view) 2831 { 2832 $default_view = fetch_default_view("user"); 2833 if(!$default_view) 2834 { 2835 $default_view = "0"; 2836 } 2837 $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc")); 2838 $admin_view = $db->fetch_array($query); 2839 } 2840 } 2841 2842 // Fetch a list of all of the views for this user 2843 $popup = new PopupMenu("views", $lang->views); 2844 2845 $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title")); 2846 while($view = $db->fetch_array($query)) 2847 { 2848 $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}"); 2849 } 2850 $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views"); 2851 $admin_view['popup'] = $popup->fetch(); 2852 2853 if($mybb->input['type']) 2854 { 2855 $admin_view['view_type'] = $mybb->input['type']; 2856 } 2857 2858 $results = build_users_view($admin_view); 2859 2860 if(!$results) 2861 { 2862 // If we came from the home page and clicked on the "Activate Users" link, send them back to here 2863 if($admin_session['data']['from'] == "home") 2864 { 2865 flash_message($admin_session['data']['flash_message2']['message'], $admin_session['data']['flash_message2']['type']); 2866 update_admin_session('flash_message2', ''); 2867 update_admin_session('from', ''); 2868 admin_redirect("index.php"); 2869 exit; 2870 } 2871 else 2872 { 2873 $errors[] = $lang->error_no_users_found; 2874 } 2875 } 2876 2877 // If we have any error messages, show them 2878 if($errors) 2879 { 2880 if($inline != true) 2881 { 2882 echo "<div style=\"display: inline; float: right;\">{$admin_view['popup']}</div><br />\n"; 2883 } 2884 $page->output_inline_error($errors); 2885 } 2886 2887 echo $results; 2888 2889 $page->output_footer(); 2890 } 2891 2892 function build_users_view($view) 2893 { 2894 global $mybb, $db, $cache, $lang, $user_view_fields, $page; 2895 2896 if($view['title']) 2897 { 2898 $title_string = "view_title_{$view['vid']}"; 2899 2900 if($lang->$title_string) 2901 { 2902 $view['title'] = $lang->$title_string; 2903 } 2904 2905 $view_title .= " (".htmlspecialchars_uni($view['title']).")"; 2906 } 2907 2908 // Build the URL to this view 2909 if(!$view['url']) 2910 { 2911 $view['url'] = "index.php?module=user-users"; 2912 } 2913 if(!is_array($view['conditions'])) 2914 { 2915 $view['conditions'] = unserialize($view['conditions']); 2916 } 2917 if(!is_array($view['fields'])) 2918 { 2919 $view['fields'] = unserialize($view['fields']); 2920 } 2921 if(!is_array($view['custom_profile_fields'])) 2922 { 2923 $view['custom_profile_fields'] = unserialize($view['custom_profile_fields']); 2924 } 2925 if($mybb->input['username']) 2926 { 2927 $view['conditions']['username'] = $mybb->input['username']; 2928 } 2929 if($view['vid']) 2930 { 2931 $view['url'] .= "&vid={$view['vid']}"; 2932 } 2933 else 2934 { 2935 // If this is a custom view we need to save everything ready to pass it on from page to page 2936 global $admin_session; 2937 if(!$_REQUEST['search_id']) 2938 { 2939 $search_id = md5(random_str()); 2940 $admin_session['data']['user_views'][$search_id] = $view; 2941 update_admin_session('user_views', $admin_session['data']['user_views']); 2942 $_REQUEST['search_id'] = $search_id; 2943 } 2944 $view['url'] .= "&search_id=".htmlspecialchars($_REQUEST['search_id']); 2945 } 2946 2947 if($mybb->input['username']) 2948 { 2949 $view['url'] .= "&username=".urlencode(htmlspecialchars_uni($mybb->input['username'])); 2950 } 2951 2952 if(!isset($admin_session['data']['last_users_view']) || $admin_session['data']['last_users_view'] != str_replace("&", "&", $view['url'])) 2953 { 2954 update_admin_session('last_users_url', str_replace("&", "&", $view['url'])); 2955 } 2956 2957 if(isset($view['conditions']['referrer'])){ 2958 $view['url'] .= "&action=referrers&uid=".htmlspecialchars($view['conditions']['referrer']); 2959 } 2960 2961 // Do we not have any views? 2962 if(empty($view)) 2963 { 2964 return false; 2965 } 2966 2967 $table = new Table; 2968 2969 // Build header for table based view 2970 if($view['view_type'] != "card") 2971 { 2972 foreach($view['fields'] as $field) 2973 { 2974 if(!$user_view_fields[$field]) 2975 { 2976 continue; 2977 } 2978 $view_field = $user_view_fields[$field]; 2979 $field_options = array(); 2980 if($view_field['width']) 2981 { 2982 $field_options['width'] = $view_field['width']; 2983 } 2984 if($view_field['align']) 2985 { 2986 $field_options['class'] = "align_".$view_field['align']; 2987 } 2988 $table->construct_header($view_field['title'], $field_options); 2989 } 2990 $table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />"); // Create a header for the "select" boxes 2991 } 2992 2993 $search_sql = '1=1'; 2994 2995 // Build the search SQL for users 2996 2997 // List of valid LIKE search fields 2998 $user_like_fields = array("username", "email", "website", "icq", "aim", "yahoo", "msn", "signature", "usertitle"); 2999 foreach($user_like_fields as $search_field) 3000 { 3001 if($view['conditions'][$search_field] && !$view['conditions'][$search_field.'_blank']) 3002 { 3003 $search_sql .= " AND u.{$search_field} LIKE '%".$db->escape_string_like($view['conditions'][$search_field])."%'"; 3004 } 3005 else if(isset($view['conditions'][$search_field.'_blank'])) 3006 { 3007 $search_sql .= " AND u.{$search_field} != ''"; 3008 } 3009 } 3010 3011 // EXACT matching fields 3012 $user_exact_fields = array("referrer"); 3013 foreach($user_exact_fields as $search_field) 3014 { 3015 if($view['conditions'][$search_field]) 3016 { 3017 $search_sql .= " AND u.{$search_field}='".$db->escape_string($view['conditions'][$search_field])."'"; 3018 } 3019 } 3020 3021 // LESS THAN or GREATER THAN 3022 $direction_fields = array("postnum"); 3023 foreach($direction_fields as $search_field) 3024 { 3025 $direction_field = $search_field."_dir"; 3026 if(($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field]) 3027 { 3028 switch($view['conditions'][$direction_field]) 3029 { 3030 case "greater_than": 3031 $direction = ">"; 3032 break; 3033 case "less_than": 3034 $direction = "<"; 3035 break; 3036 default: 3037 $direction = "="; 3038 } 3039 $search_sql .= " AND u.{$search_field}{$direction}'".$db->escape_string($view['conditions'][$search_field])."'"; 3040 } 3041 } 3042 3043 // Registration searching 3044 $reg_fields = array("regdate"); 3045 foreach($reg_fields as $search_field) 3046 { 3047 if(intval($view['conditions'][$search_field])) 3048 { 3049 $threshold = TIME_NOW - (intval($view['conditions'][$search_field]) * 24 * 60 * 60); 3050 3051 $search_sql .= " AND u.{$search_field} >= '{$threshold}'"; 3052 } 3053 } 3054 3055 // IP searching 3056 $ip_fields = array("regip", "lastip"); 3057 foreach($ip_fields as $search_field) 3058 { 3059 if($view['conditions'][$search_field]) 3060 { 3061 // IPv6 IP 3062 if(strpos($view['conditions'][$search_field], ":") !== false) 3063 { 3064 $view['conditions'][$search_field] = str_replace("*", "%", $view['conditions'][$search_field]); 3065 $ip_sql = "{$search_field} LIKE '".$db->escape_string($view['conditions'][$search_field])."'"; 3066 } 3067 else 3068 { 3069 $ip_range = fetch_longipv4_range($view['conditions'][$search_field]); 3070 if(!is_array($ip_range)) 3071 { 3072 $ip_sql = "long{$search_field}='{$ip_range}'"; 3073 } 3074 else 3075 { 3076 $ip_sql = "long{$search_field} > '{$ip_range[0]}' AND long{$search_field} < '{$ip_range[1]}'"; 3077 } 3078 } 3079 $search_sql .= " AND {$ip_sql}"; 3080 } 3081 } 3082 3083 // Post IP searching 3084 if($view['conditions']['postip']) 3085 { 3086 // IPv6 IP 3087 if(strpos($view['conditions']['postip'], ":") !== false) 3088 { 3089 $view['conditions']['postip'] = str_replace("*", "%", $view['conditions']['postip']); 3090 $ip_sql = "ipaddress LIKE '".$db->escape_string($view['conditions']['postip'])."'"; 3091 } 3092 else 3093 { 3094 $ip_range = fetch_longipv4_range($view['conditions']['postip']); 3095 if(!is_array($ip_range)) 3096 { 3097 $ip_sql = "longipaddress='{$ip_range}'"; 3098 } 3099 else 3100 { 3101 $ip_sql = "longipaddress > '{$ip_range[0]}' AND longipaddress < '{$ip_range[1]}'"; 3102 } 3103 } 3104 $ip_uids = array(0); 3105 $query = $db->simple_select("posts", "uid", $ip_sql); 3106 while($uid = $db->fetch_field($query, "uid")) 3107 { 3108 $ip_uids[] = $uid; 3109 } 3110 $search_sql .= " AND u.uid IN(".implode(',', $ip_uids).")"; 3111 unset($ip_uids); 3112 } 3113 3114 // Custom Profile Field searching 3115 if($view['custom_profile_fields']) 3116 { 3117 $userfield_sql = '1=1'; 3118 foreach($view['custom_profile_fields'] as $column => $input) 3119 { 3120 if(is_array($input)) 3121 { 3122 foreach($input as $value => $text) 3123 { 3124 if($value == $column) 3125 { 3126 $value = $text; 3127 } 3128 3129 if($value == $lang->na) 3130 { 3131 continue; 3132 } 3133 3134 if(strpos($column, '_blank') !== false) 3135 { 3136 $column = str_replace('_blank', '', $column); 3137 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3138 } 3139 else 3140 { 3141 $userfield_sql .= ' AND '.$db->escape_string($column)."='".$db->escape_string($value)."'"; 3142 } 3143 } 3144 } 3145 else if(!empty($input)) 3146 { 3147 if($input == $lang->na) 3148 { 3149 continue; 3150 } 3151 3152 if(strpos($column, '_blank') !== false) 3153 { 3154 $column = str_replace('_blank', '', $column); 3155 $userfield_sql .= ' AND '.$db->escape_string($column)." != ''"; 3156 } 3157 else 3158 { 3159 $userfield_sql .= ' AND '.$db->escape_string($column)." LIKE '%".$db->escape_string($input)."%'"; 3160 } 3161 } 3162 } 3163 3164 if($userfield_sql != '1=1') 3165 { 3166 $userfield_uids = array(0); 3167 $query = $db->simple_select("userfields", "ufid", $userfield_sql); 3168 while($userfield = $db->fetch_array($query)) 3169 { 3170 $userfield_uids[] = $userfield['ufid']; 3171 } 3172 $search_sql .= " AND u.uid IN(".implode(',', $userfield_uids).")"; 3173 unset($userfield_uids); 3174 } 3175 } 3176 3177 // Usergroup based searching 3178 if($view['conditions']['usergroup']) 3179 { 3180 if(!is_array($view['conditions']['usergroup'])) 3181 { 3182 $view['conditions']['usergroup'] = array($view['conditions']['usergroup']); 3183 } 3184 3185 foreach($view['conditions']['usergroup'] as $usergroup) 3186 { 3187 switch($db->type) 3188 { 3189 case "pgsql": 3190 case "sqlite": 3191 $additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'"; 3192 break; 3193 default: 3194 $additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'"; 3195 } 3196 } 3197 $search_sql .= " AND (u.usergroup IN (".implode(",", $view['conditions']['usergroup']).") {$additional_sql})"; 3198 } 3199 3200 // COPPA users only? 3201 if($view['conditions']['coppa']) 3202 { 3203 $search_sql .= " AND u.coppauser=1 AND u.usergroup=5"; 3204 } 3205 3206 // Extra SQL? 3207 if($view['extra_sql']) 3208 { 3209 $search_sql .= $view['extra_sql']; 3210 } 3211 3212 // Lets fetch out how many results we have 3213 $query = $db->query(" 3214 SELECT COUNT(u.uid) AS num_results 3215 FROM ".TABLE_PREFIX."users u 3216 WHERE {$search_sql} 3217 "); 3218 $num_results = $db->fetch_field($query, "num_results"); 3219 3220 // No matching results then return false 3221 if(!$num_results) 3222 { 3223 return false; 3224 } 3225 // Generate the list of results 3226 else 3227 { 3228 if(!$view['perpage']) 3229 { 3230 $view['perpage'] = 20; 3231 } 3232 $view['perpage'] = intval($view['perpage']); 3233 3234 // Establish which page we're viewing and the starting index for querying 3235 $mybb->input['page'] = intval($mybb->input['page']); 3236 if($mybb->input['page']) 3237 { 3238 $start = ($mybb->input['page'] - 1) * $view['perpage']; 3239 } 3240 else 3241 { 3242 $start = 0; 3243 $mybb->input['page'] = 1; 3244 } 3245 3246 $from_bit = ""; 3247 if($mybb->input['from'] == "home") 3248 { 3249 $from_bit = "&from=home"; 3250 } 3251 3252 switch($view['sortby']) 3253 { 3254 case "regdate": 3255 case "lastactive": 3256 case "postnum": 3257 case "reputation": 3258 $view['sortby'] = $db->escape_string($view['sortby']); 3259 break; 3260 case "numposts": 3261 $view['sortby'] = "postnum"; 3262 break; 3263 case "warninglevel": 3264 $view['sortby'] = "warningpoints"; 3265 break; 3266 default: 3267 $view['sortby'] = "username"; 3268 } 3269 3270 if($view['sortorder'] != "desc") 3271 { 3272 $view['sortorder'] = "asc"; 3273 } 3274 3275 $usergroups = $cache->read("usergroups"); 3276 3277 // Fetch matching users 3278 $query = $db->query(" 3279 SELECT u.* 3280 FROM ".TABLE_PREFIX."users u 3281 WHERE {$search_sql} 3282 ORDER BY {$view['sortby']} {$view['sortorder']} 3283 LIMIT {$start}, {$view['perpage']} 3284 "); 3285 while($user = $db->fetch_array($query)) 3286 { 3287 $user['view']['username'] = "<a href=\"index.php?module=user-users&action=edit&uid={$user['uid']}\">".format_name($user['username'], $user['usergroup'], $user['displaygroup'])."</a>"; 3288 $user['view']['usergroup'] = $usergroups[$user['usergroup']]['title']; 3289 $additional_groups = explode(",", $user['additionalgroups']); 3290 $comma = $groups_list = ''; 3291 foreach($additional_groups as $group) 3292 { 3293 $groups_list .= "{$comma}{$usergroups[$group]['title']}"; 3294 $comma = $lang->comma; 3295 } 3296 if(!$groups_list) 3297 { 3298 $groups_list = $lang->none; 3299 } 3300 $user['view']['additionalgroups'] = "<small>{$groups_list}</small>"; 3301 $user['view']['email'] = "<a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>"; 3302 $user['view']['regdate'] = my_date($mybb->settings['dateformat'], $user['regdate']).", ".my_date($mybb->settings['timeformat'], $user['regdate']); 3303 $user['view']['lastactive'] = my_date($mybb->settings['dateformat'], $user['lastactive']).", ".my_date($mybb->settings['timeformat'], $user['lastactive']); 3304 3305 // Build popup menu 3306 $popup = new PopupMenu("user_{$user['uid']}", $lang->options); 3307 $popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&action=edit&uid={$user['uid']}"); 3308 $popup->add_item($lang->ban_user, "index.php?module=user-banning&uid={$user['uid']}#username"); 3309 3310 if($user['usergroup'] == 5) 3311 { 3312 if($user['coppauser']) 3313 { 3314 $popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}{$from_bit}"); 3315 } 3316 else 3317 { 3318 $popup->add_item($lang->approve_user, "index.php?module=user-users&action=activate_user&uid={$user['uid']}{$from_bit}"); 3319 } 3320 } 3321 3322 $popup->add_item($lang->delete_user, "index.php?module=user-users&action=delete&uid={$user['uid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')"); 3323 $popup->add_item($lang->show_referred_users, "index.php?module=user-users&action=referrers&uid={$user['uid']}"); 3324 $popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&action=ipaddresses&uid={$user['uid']}"); 3325 $popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&results=1&username=".urlencode(htmlspecialchars_uni($user['username']))); 3326 $user['view']['controls'] = $popup->fetch(); 3327 3328 // Fetch the reputation for this user 3329 if($usergroups[$user['usergroup']]['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1) 3330 { 3331 $user['view']['reputation'] = get_reputation($user['reputation']); 3332 } 3333 else 3334 { 3335 $reputation = "-"; 3336 } 3337 3338 if($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0) 3339 { 3340 $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100); 3341 if($warning_level > 100) 3342 { 3343 $warning_level = 100; 3344 } 3345 $user['view']['warninglevel'] = get_colored_warning_level($warning_level); 3346 } 3347 3348 if($user['avatar'] && !stristr($user['avatar'], 'http://')) 3349 { 3350 $user['avatar'] = "../{$user['avatar']}"; 3351 } 3352 if($view['view_type'] == "card") 3353 { 3354 $scaled_avatar = fetch_scaled_avatar($user, 80, 80); 3355 } 3356 else 3357 { 3358 $scaled_avatar = fetch_scaled_avatar($user, 34, 34); 3359 } 3360 if(!$user['avatar']) 3361 { 3362 $user['avatar'] = "styles/{$page->style}/images/default_avatar.gif"; 3363 } 3364 $user['view']['avatar'] = "<img src=\"".htmlspecialchars_uni($user['avatar'])."\" alt=\"\" width=\"{$scaled_avatar['width']}\" height=\"{$scaled_avatar['height']}\" />"; 3365 3366 if($view['view_type'] == "card") 3367 { 3368 $users .= build_user_view_card($user, $view, $i); 3369 } 3370 else 3371 { 3372 build_user_view_table($user, $view, $table); 3373 } 3374 } 3375 3376 // If card view, we need to output the results 3377 if($view['view_type'] == "card") 3378 { 3379 $table->construct_cell($users); 3380 $table->construct_row(); 3381 } 3382 } 3383 3384 if(!$view['table_id']) 3385 { 3386 $view['table_id'] = "users_list"; 3387 } 3388 3389 $switch_view = "<div class=\"float_right\">"; 3390 $switch_url = $view['url']; 3391 if($mybb->input['page'] > 0) 3392 { 3393 $switch_url .= "&page=".intval($mybb->input['page']); 3394 } 3395 if($view['view_type'] != "card") 3396 { 3397 $switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>"; 3398 } 3399 else 3400 { 3401 $switch_view .= "<a href=\"{$switch_url}&type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>"; 3402 } 3403 $switch_view .= "</div>"; 3404 3405 // Do we need to construct the pagination? 3406 if($num_results > $view['perpage']) 3407 { 3408 $pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url']."&type={$view['view_type']}"); 3409 $search_class = "float_right"; 3410 $search_style = ""; 3411 } 3412 else 3413 { 3414 $search_class = ''; 3415 $search_style = "text-align: right;"; 3416 } 3417 3418 $search_action = $view['url']; 3419 // stop &username= in the query string 3420 if($view_upos = strpos($search_action, '&username=')) 3421 { 3422 $search_action = substr($search_action, 0, $view_upos); 3423 } 3424 $search_action = str_replace("&", "&", $search_action); 3425 $search = new Form(htmlspecialchars_uni($search_action), 'post', 'search_form', 0, '', true); 3426 $built_view = $search->construct_return; 3427 $built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">"; 3428 $built_view .= $search->generate_hidden_field('action', 'search')."\n"; 3429 if($view['conditions']['username']) 3430 { 3431 $default_class = ''; 3432 $value = $view['conditions']['username']; 3433 } 3434 else 3435 { 3436 $default_class = "search_default"; 3437 $value = $lang->search_for_user; 3438 } 3439 $built_view .= $search->generate_text_box('username', $value, array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small"))."\n"; 3440 $built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n"; 3441 if($view['popup']) 3442 { 3443 $built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n"; 3444 } 3445 $built_view .= "<script type='text/javascript'> 3446 var form = document.getElementById('search_form'); 3447 form.onsubmit = function() { 3448 var search = document.getElementById('search_keywords'); 3449 if(search.value == '' || search.value == '{$lang->search_for_user}') 3450 { 3451 search.focus(); 3452 return false; 3453 } 3454 } 3455 3456 var search = document.getElementById('search_keywords'); 3457 search.onfocus = function() 3458 { 3459 if(this.value == '{$lang->search_for_user}') 3460 { 3461 $(this).removeClassName('search_default'); 3462 this.value = ''; 3463 } 3464 } 3465 search.onblur = function() 3466 { 3467 if(this.value == '') 3468 { 3469 $(this).addClassName('search_default'); 3470 this.value = '{$lang->search_for_user}'; 3471 } 3472 } 3473 // fix the styling used if we have a different default value 3474 if(search.value != '{$lang->search_for_user}') 3475 { 3476 $(search).removeClassName('search_default'); 3477 } 3478 </script>\n"; 3479 $built_view .= "</div>\n"; 3480 3481 // Autocompletion for usernames 3482 $built_view .= ' 3483 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 3484 <script type="text/javascript"> 3485 <!-- 3486 new autoComplete("search_keywords", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 3487 // --> 3488 </script>'; 3489 3490 $built_view .= $search->end(); 3491 3492 $built_view .= $pagination; 3493 if($view['view_type'] != "card") 3494 { 3495 $checkbox = ''; 3496 } 3497 else 3498 { 3499 $checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> "; 3500 } 3501 $built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']); 3502 $built_view .= $pagination; 3503 3504 $built_view .= ' 3505 <script type="text/javascript" src="'.$mybb->settings['bburl'].'/jscripts/inline_moderation.js?ver=1400"></script> 3506 <form action="index.php?module=user-users" method="post"> 3507 <input type="hidden" name="my_post_key" value="'.$mybb->post_code.'" /> 3508 <input type="hidden" name="action" value="inline_edit" /> 3509 <div class="float_right"><span class="smalltext"><strong>'.$lang->inline_edit.'</strong></span> 3510 <select name="inline_action" class="inline_select"> 3511 <option value="multiactivate">'.$lang->inline_activate.'</option> 3512 <option value="multiban">'.$lang->inline_ban.'</option> 3513 <option value="multiusergroup">'.$lang->inline_usergroup.'</option> 3514 <option value="multidelete">'.$lang->inline_delete.'</option> 3515 <option value="multiprune">'.$lang->inline_prune.'</option> 3516 </select> 3517 <input type="submit" class="button" name="go" value="'.$lang->go.' (0)" id="inline_go" /> 3518 <input type="button" onclick="javascript:inlineModeration.clearChecked();" value="'.$lang->clear.'" class="button" /> 3519 </div> 3520 </form> 3521 <br style="clear: both;" /> 3522 <script type="text/javascript"> 3523 <!-- 3524 var go_text = "'.$lang->go.'"; 3525 var all_text = "1"; 3526 var inlineType = "user"; 3527 var inlineId = "acp"; 3528 // --> 3529 </script>'; 3530 3531 return $built_view; 3532 } 3533 3534 function build_user_view_card($user, $view, &$i) 3535 { 3536 global $user_view_fields; 3537 3538 ++$i; 3539 if($i == 3) 3540 { 3541 $i = 1; 3542 } 3543 3544 // Loop through fields user wants to show 3545 foreach($view['fields'] as $field) 3546 { 3547 if(!$user_view_fields[$field]) 3548 { 3549 continue; 3550 } 3551 3552 $view_field = $user_view_fields[$field]; 3553 3554 // Special conditions for avatar 3555 if($field == "avatar") 3556 { 3557 $avatar = $user['view']['avatar']; 3558 } 3559 else if($field == "controls") 3560 { 3561 $controls = $user['view']['controls']; 3562 } 3563 // Otherwise, just user data 3564 else if($field != "username") 3565 { 3566 if($user['view'][$field]) 3567 { 3568 $value = $user['view'][$field]; 3569 } 3570 else 3571 { 3572 $value = $user[$field]; 3573 } 3574 3575 if($field == "postnum") 3576 { 3577 $value = my_number_format($value); 3578 } 3579 3580 $user_details[] = "<strong>{$view_field['title']}:</strong> {$value}"; 3581 } 3582 3583 } 3584 // Floated to the left or right? 3585 if($i == 1) 3586 { 3587 $float = "left"; 3588 } 3589 else 3590 { 3591 $float = "right"; 3592 } 3593 3594 // And build the final card 3595 $card = "<fieldset id=\"uid_{$user['uid']}\" style=\"width: 47%; float: {$float};\">\n"; 3596 $card .= "<legend><input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('uid_{$user['uid']}').toggleClassName('inline_selected');\" /> {$user['view']['username']}</legend>\n"; 3597 if($avatar) 3598 { 3599 $card .= "<div class=\"user_avatar\">{$avatar}</div>\n"; 3600 } 3601 if($user_details) 3602 { 3603 $card .= "<div class=\"user_details\">".implode("<br />", $user_details)."</div>\n"; 3604 } 3605 if($controls) 3606 { 3607 $card .= "<div class=\"float_right\" style=\"padding: 4px;\">{$controls}</div>\n"; 3608 } 3609 $card .= "</fieldset>"; 3610 return $card; 3611 3612 } 3613 3614 function build_user_view_table($user, $view, &$table) 3615 { 3616 global $user_view_fields; 3617 3618 foreach($view['fields'] as $field) 3619 { 3620 if(!$user_view_fields[$field]) 3621 { 3622 continue; 3623 } 3624 $view_field = $user_view_fields[$field]; 3625 $field_options = array(); 3626 if($view_field['align']) 3627 { 3628 $field_options['class'] = "align_".$view_field['align']; 3629 } 3630 if($user['view'][$field]) 3631 { 3632 $value = $user['view'][$field]; 3633 } 3634 else 3635 { 3636 $value = $user[$field]; 3637 } 3638 $table->construct_cell($value, $field_options); 3639 } 3640 3641 $table->construct_cell("<input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('uid_{$user['uid']}').toggleClassName('inline_selected');\" />"); 3642 3643 $table->construct_row(); 3644 } 3645 3646 function fetch_scaled_avatar($user, $max_width=80, $max_height=80) 3647 { 3648 $scaled_dimensions = array( 3649 "width" => $max_width, 3650 "height" => $max_height, 3651 ); 3652 3653 if($user['avatar']) 3654 { 3655 if($user['avatardimensions']) 3656 { 3657 require_once MYBB_ROOT."inc/functions_image.php"; 3658 list($width, $height) = explode("|", $user['avatardimensions']); 3659 $scaled_dimensions = scale_image($width, $height, $max_width, $max_height); 3660 } 3661 } 3662 3663 return array("width" => $scaled_dimensions['width'], "height" => $scaled_dimensions['height']); 3664 } 3665 3666 function output_custom_profile_fields($fields, $values, &$form_container, &$form, $search=false) 3667 { 3668 global $lang; 3669 3670 if(!is_array($fields)) 3671 { 3672 return; 3673 } 3674 foreach($fields as $profile_field) 3675 { 3676 $profile_field['type'] = htmlspecialchars_uni($profile_field['type']); 3677 list($type, $options) = explode("\n", $profile_field['type'], 2); 3678 $type = trim($type); 3679 $field_name = "fid{$profile_field['fid']}"; 3680 3681 switch($type) 3682 { 3683 case "multiselect": 3684 if(!is_array($values[$field_name])) 3685 { 3686 $user_options = explode("\n", $values[$field_name]); 3687 } 3688 else 3689 { 3690 $user_options = $values[$field_name]; 3691 } 3692 3693 foreach($user_options as $val) 3694 { 3695 $selected_options[$val] = $val; 3696 } 3697 3698 $select_options = explode("\n", $options); 3699 $options = array(); 3700 if($search == true) 3701 { 3702 $select_options[''] = $lang->na; 3703 } 3704 3705 foreach($select_options as $val) 3706 { 3707 $val = trim($val); 3708 $options[$val] = $val; 3709 } 3710 if(!$profile_field['length']) 3711 { 3712 $profile_field['length'] = 3; 3713 } 3714 $code = $form->generate_select_box("profile_fields[{$field_name}][]", $options, $selected_options, array('id' => "profile_field_{$field_name}", 'multiple' => true, 'size' => $profile_field['length'])); 3715 break; 3716 case "select": 3717 $select_options = array(); 3718 if($search == true) 3719 { 3720 $select_options[''] = $lang->na; 3721 } 3722 $select_options += explode("\n", $options); 3723 $options = array(); 3724 foreach($select_options as $val) 3725 { 3726 $val = trim($val); 3727 $options[$val] = $val; 3728 } 3729 if(!$profile_field['length']) 3730 { 3731 $profile_field['length'] = 1; 3732 } 3733 if($search == true) 3734 { 3735 $code = $form->generate_select_box("profile_fields[{$field_name}][{$field_name}]", $options, $values[$field_name], array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 3736 } 3737 else 3738 { 3739 $code = $form->generate_select_box("profile_fields[{$field_name}]", $options, $values[$field_name], array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length'])); 3740 } 3741 break; 3742 case "radio": 3743 $radio_options = array(); 3744 if($search == true) 3745 { 3746 $radio_options[''] = $lang->na; 3747 } 3748 $radio_options += explode("\n", $options); 3749 foreach($radio_options as $val) 3750 { 3751 $val = trim($val); 3752 $code .= $form->generate_radio_button("profile_fields[{$field_name}]", $val, $val, array('id' => "profile_field_{$field_name}", 'checked' => ($val == $values[$field_name] ? true : false)))."<br />"; 3753 } 3754 break; 3755 case "checkbox": 3756 if(!is_array($values[$field_name])) 3757 { 3758 $user_options = explode("\n", $values[$field_name]); 3759 } 3760 else 3761 { 3762 $user_options = $values[$field_name]; 3763 } 3764 foreach($user_options as $val) 3765 { 3766 $selected_options[$val] = $val; 3767 } 3768 $select_options = array(); 3769 if($search == true) 3770 { 3771 $select_options[''] = $lang->na; 3772 } 3773 $select_options += explode("\n", $options); 3774 foreach($select_options as $val) 3775 { 3776 $val = trim($val); 3777 $code .= $form->generate_check_box("profile_fields[{$field_name}][]", $val, $val, array('id' => "profile_field_{$field_name}", 'checked' => ($val == $selected_options[$val] ? true : false)))."<br />"; 3778 } 3779 break; 3780 case "textarea": 3781 $extra = ''; 3782 if($mybb->input['action'] == "search") 3783 { 3784 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 3785 } 3786 3787 $code = $form->generate_text_area("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'rows' => 6, 'cols' => 50)).$extra; 3788 break; 3789 default: 3790 $extra = ''; 3791 if($mybb->input['action'] == "search") 3792 { 3793 $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank'])); 3794 } 3795 3796 $code = $form->generate_text_box("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'maxlength' => $profile_field['maxlength'], 'length' => $profile_field['length'])).$extra; 3797 break; 3798 } 3799 3800 $form_container->output_row($profile_field['name'], $profile_field['description'], $code, "", array('id' => "profile_field_{$field_name}")); 3801 $code = $user_options = $selected_options = $radio_options = $val = $options = ''; 3802 } 3803 } 3804 3805 function user_search_conditions($input=array(), &$form) 3806 { 3807 global $mybb, $db, $lang; 3808 3809 if(!$input) 3810 { 3811 $input = $mybb->input; 3812 } 3813 3814 if(!is_array($input['conditions'])) 3815 { 3816 $input['conditions'] = unserialize($input['conditions']); 3817 } 3818 3819 if(!is_array($input['profile_fields'])) 3820 { 3821 $input['profile_fields'] = unserialize($input['profile_fields']); 3822 } 3823 3824 if(!is_array($input['fields'])) 3825 { 3826 $input['fields'] = unserialize($input['fields']); 3827 } 3828 3829 $form_container = new FormContainer($lang->find_users_where); 3830 $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username'); 3831 $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email'); 3832 3833 $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title')); 3834 while($usergroup = $db->fetch_array($query)) 3835 { 3836 $options[$usergroup['gid']] = $usergroup['title']; 3837 } 3838 3839 $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups'); 3840 3841 $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website'))." {$lang->or} ".$form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website'); 3842 $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq'))." {$lang->or} ".$form->generate_check_box('conditions[icq_blank]', 1, $lang->is_not_blank, array('id' => 'icq_blank', 'checked' => $input['conditions']['icq_blank'])), 'icq'); 3843 $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim'))." {$lang->or} ".$form->generate_check_box('conditions[aim_blank]', 1, $lang->is_not_blank, array('id' => 'aim_blank', 'checked' => $input['conditions']['aim_blank'])), 'aim'); 3844 $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo'))." {$lang->or} ".$form->generate_check_box('conditions[yahoo_blank]', 1, $lang->is_not_blank, array('id' => 'yahoo_blank', 'checked' => $input['conditions']['yahoo_blank'])), 'yahoo'); 3845 $form_container->output_row($lang->msn_contains, "", $form->generate_text_box('conditions[msn]', $input['conditions']['msn'], array('id' => 'msn'))." {$lang->or} ".$form->generate_check_box('conditions[msn_blank]', 1, $lang->is_not_blank, array('id' => 'msn_blank', 'checked' => $input['conditions']['msn_blank'])), 'msn'); 3846 $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature'))." {$lang->or} ".$form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature'); 3847 $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle'))." {$lang->or} ".$form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle'); 3848 $greater_options = array( 3849 "greater_than" => $lang->greater_than, 3850 "is_exactly" => $lang->is_exactly, 3851 "less_than" => $lang->less_than 3852 ); 3853 $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir'))." ".$form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts'); 3854 3855 $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')).' '.$lang->days, 'regdate'); 3856 $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip'); 3857 $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip'); 3858 $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip'); 3859 3860 $form_container->end(); 3861 3862 // Custom profile fields go here 3863 $form_container = new FormContainer($lang->custom_profile_fields_match); 3864 3865 // Fetch custom profile fields 3866 $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder')); 3867 while($profile_field = $db->fetch_array($query)) 3868 { 3869 if($profile_field['required'] == 1) 3870 { 3871 $profile_fields['required'][] = $profile_field; 3872 } 3873 else 3874 { 3875 $profile_fields['optional'][] = $profile_field; 3876 } 3877 } 3878 3879 output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true); 3880 output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true); 3881 3882 $form_container->end(); 3883 3884 // Autocompletion for usernames 3885 echo ' 3886 <script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script> 3887 <script type="text/javascript"> 3888 <!-- 3889 new autoComplete("username", "../xmlhttp.php?action=get_users", {valueSpan: "username"}); 3890 // --> 3891 </script>'; 3892 } 3893 3894 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Dec 11 14:16:27 2011 | Cross-referenced by PHPXref 0.7.1 |