[ Index ]

PHP Cross Reference of MyBB 1.8.39

title

Body

[close]

/admin/modules/user/ -> users.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  // Disallow direct access to this file for security reasons
  12  if(!defined("IN_MYBB"))
  13  {
  14      die("Direct initialization of this file is not allowed.<br /><br />Please make sure IN_MYBB is defined.");
  15  }
  16  
  17  require_once  MYBB_ROOT."inc/functions_upload.php";
  18  
  19  $page->add_breadcrumb_item($lang->users, "index.php?module=user-users");
  20  
  21  if($mybb->input['action'] == "add" || $mybb->input['action'] == "merge" || $mybb->input['action'] == "search" || !$mybb->input['action'])
  22  {
  23      $sub_tabs['browse_users'] = array(
  24          'title' => $lang->browse_users,
  25          'link' => "index.php?module=user-users",
  26          'description' => $lang->browse_users_desc
  27      );
  28  
  29      $sub_tabs['find_users'] = array(
  30          'title' => $lang->find_users,
  31          'link' => "index.php?module=user-users&amp;action=search",
  32          'description' => $lang->find_users_desc
  33      );
  34  
  35      $sub_tabs['create_user'] = array(
  36          'title' => $lang->create_user,
  37          'link' => "index.php?module=user-users&amp;action=add",
  38          'description' => $lang->create_user_desc
  39      );
  40  
  41      $sub_tabs['merge_users'] = array(
  42          'title' => $lang->merge_users,
  43          'link' => "index.php?module=user-users&amp;action=merge",
  44          'description' => $lang->merge_users_desc
  45      );
  46  }
  47  
  48  $user_view_fields = array(
  49      "avatar" => array(
  50          "title" => $lang->avatar,
  51          "width" => "24",
  52          "align" => ""
  53      ),
  54  
  55      "username" => array(
  56          "title" => $lang->username,
  57          "width" => "",
  58          "align" => ""
  59      ),
  60  
  61      "email" => array(
  62          "title" => $lang->email,
  63          "width" => "",
  64          "align" => "center"
  65      ),
  66  
  67      "usergroup" => array(
  68          "title" => $lang->primary_group,
  69          "width" => "",
  70          "align" => "center"
  71      ),
  72  
  73      "additionalgroups" => array(
  74          "title" => $lang->additional_groups,
  75          "width" => "",
  76          "align" => "center"
  77      ),
  78  
  79      "regdate" => array(
  80          "title" => $lang->registered,
  81          "width" => "",
  82          "align" => "center"
  83      ),
  84  
  85      "lastactive" => array(
  86          "title" => $lang->last_active,
  87          "width" => "",
  88          "align" => "center"
  89      ),
  90  
  91      "postnum" => array(
  92          "title" => $lang->post_count,
  93          "width" => "",
  94          "align" => "center"
  95      ),
  96  
  97      "threadnum" => array(
  98          "title" => $lang->thread_count,
  99          "width" => "",
 100          "align" => "center"
 101      ),
 102  
 103      "reputation" => array(
 104          "title" => $lang->reputation,
 105          "width" => "",
 106          "align" => "center"
 107      ),
 108  
 109      "warninglevel" => array(
 110          "title" => $lang->warning_level,
 111          "width" => "",
 112          "align" => "center"
 113      ),
 114  
 115      "regip" => array(
 116          "title" => $lang->registration_ip,
 117          "width" => "",
 118          "align" => "center"
 119      ),
 120  
 121      "lastip" => array(
 122          "title" => $lang->last_known_ip,
 123          "width" => "",
 124          "align" => "center"
 125      ),
 126  
 127      "controls" => array(
 128          "title" => $lang->controls,
 129          "width" => "",
 130          "align" => "center"
 131      )
 132  );
 133  
 134  $sort_options = array(
 135      "username" => $lang->username,
 136      "regdate" => $lang->registration_date,
 137      "lastactive" => $lang->last_active,
 138      "numposts" => $lang->post_count,
 139      "reputation" => $lang->reputation,
 140      "warninglevel" => $lang->warning_level
 141  );
 142  
 143  $plugins->run_hooks("admin_user_users_begin");
 144  
 145  // Initialise the views manager for user based views
 146  require MYBB_ADMIN_DIR."inc/functions_view_manager.php";
 147  if($mybb->input['action'] == "views")
 148  {
 149      view_manager("index.php?module=user-users", "user", $user_view_fields, $sort_options, "user_search_conditions");
 150  }
 151  
 152  if($mybb->input['action'] == 'iplookup')
 153  {
 154      $mybb->input['ipaddress'] = $mybb->get_input('ipaddress');
 155      $lang->ipaddress_misc_info = $lang->sprintf($lang->ipaddress_misc_info, htmlspecialchars_uni($mybb->input['ipaddress']));
 156      $ipaddress_location = $lang->na;
 157      $ipaddress_host_name = $lang->na;
 158      $modcp_ipsearch_misc_info = '';
 159      if(!strstr($mybb->input['ipaddress'], "*"))
 160      {
 161          // Return GeoIP information if it is available to us
 162          if(function_exists('geoip_record_by_name'))
 163          {
 164              $ip_record = @geoip_record_by_name($mybb->input['ipaddress']);
 165              if($ip_record)
 166              {
 167                  $ipaddress_location = htmlspecialchars_uni(utf8_encode($ip_record['country_name']));
 168                  if($ip_record['city'])
 169                  {
 170                      $ipaddress_location .= $lang->comma.htmlspecialchars_uni(utf8_encode($ip_record['city']));
 171                  }
 172              }
 173          }
 174  
 175          if(filter_var($mybb->input['ipaddress'], FILTER_VALIDATE_IP))
 176          {
 177              $ipaddress_host_name = htmlspecialchars_uni(@gethostbyaddr($mybb->input['ipaddress']));
 178  
 179              // gethostbyaddr returns the same ip on failure
 180              if($ipaddress_host_name == $mybb->input['ipaddress'])
 181              {
 182                  $ipaddress_host_name = $lang->na;
 183              }
 184          }
 185      }
 186  
 187      ?>
 188      <div class="modal">
 189          <div style="overflow-y: auto; max-height: 400px;">
 190  
 191              <?php
 192  
 193              $table = new Table();
 194  
 195              $table->construct_cell($lang->ipaddress_host_name.":");
 196              $table->construct_cell($ipaddress_host_name);
 197              $table->construct_row();
 198  
 199              $table->construct_cell($lang->ipaddress_location.":");
 200              $table->construct_cell($ipaddress_location);
 201              $table->construct_row();
 202  
 203              $table->output($lang->ipaddress_misc_info);
 204  
 205              ?>
 206          </div>
 207      </div>
 208  <?php
 209  }
 210  
 211  if($mybb->input['action'] == "activate_user")
 212  {
 213      if(!verify_post_check($mybb->get_input('my_post_key')))
 214      {
 215          flash_message($lang->invalid_post_verify_key2, 'error');
 216          admin_redirect("index.php?module=user-users");
 217      }
 218  
 219      $user = get_user($mybb->input['uid']);
 220  
 221      // Does the user not exist?
 222      if(!$user || $user['usergroup'] != 5)
 223      {
 224          flash_message($lang->error_invalid_user, 'error');
 225          admin_redirect("index.php?module=user-users");
 226      }
 227  
 228      $plugins->run_hooks("admin_user_users_coppa_activate");
 229  
 230      $updated_user['usergroup'] = $user['usergroup'];
 231  
 232      // Update
 233      if($user['coppauser'])
 234      {
 235          $updated_user = array(
 236              "coppauser" => 0
 237          );
 238      }
 239      else
 240      {
 241          $db->delete_query("awaitingactivation", "uid='{$user['uid']}'");
 242      }
 243  
 244      // Move out of awaiting activation if they're in it.
 245      if($user['usergroup'] == 5)
 246      {
 247          $updated_user['usergroup'] = 2;
 248      }
 249  
 250      $plugins->run_hooks("admin_user_users_coppa_activate_commit");
 251  
 252      $db->update_query("users", $updated_user, "uid='{$user['uid']}'");
 253  
 254      $cache->update_awaitingactivation();
 255  
 256      $message = $lang->sprintf($lang->email_adminactivateaccount, $user['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
 257      my_mail($user['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
 258  
 259      // Log admin action
 260      log_admin_action($user['uid'], $user['username']);
 261  
 262      if($mybb->input['from'] == "home")
 263      {
 264          if($user['coppauser'])
 265          {
 266              $message = $lang->success_coppa_activated;
 267          }
 268          else
 269          {
 270              $message = $lang->success_activated;
 271          }
 272  
 273          update_admin_session('flash_message2', array('message' => $message, 'type' => 'success'));
 274      }
 275      else
 276      {
 277          if($user['coppauser'])
 278          {
 279              flash_message($lang->success_coppa_activated, 'success');
 280          }
 281          else
 282          {
 283              flash_message($lang->success_activated, 'success');
 284          }
 285      }
 286  
 287      if($admin_session['data']['last_users_url'])
 288      {
 289          $url = $admin_session['data']['last_users_url'];
 290          update_admin_session('last_users_url', '');
 291  
 292          if($mybb->input['from'] == "home")
 293          {
 294              update_admin_session('from', 'home');
 295          }
 296      }
 297      else
 298      {
 299          $url = "index.php?module=user-users&action=edit&uid={$user['uid']}";
 300      }
 301  
 302      $plugins->run_hooks("admin_user_users_coppa_end");
 303  
 304      admin_redirect($url);
 305  }
 306  
 307  if($mybb->input['action'] == "add")
 308  {
 309      $plugins->run_hooks("admin_user_users_add");
 310  
 311      if($mybb->request_method == "post")
 312      {
 313          // Determine the usergroup stuff
 314          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 315          {
 316              foreach($mybb->input['additionalgroups'] as $key => $gid)
 317              {
 318                  if($gid == $mybb->input['usergroup'])
 319                  {
 320                      unset($mybb->input['additionalgroups'][$key]);
 321                  }
 322              }
 323              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 324          }
 325          else
 326          {
 327              $additionalgroups = '';
 328          }
 329  
 330          // Set up user handler.
 331          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 332          $userhandler = new UserDataHandler('insert');
 333  
 334          // Set the data for the new user.
 335          $new_user = array(
 336              "uid" => $mybb->get_input('uid'),
 337              "username" => $mybb->get_input('username'),
 338              "password" => $mybb->get_input('password'),
 339              "password2" => $mybb->get_input('confirm_password'),
 340              "email" => $mybb->get_input('email'),
 341              "email2" => $mybb->get_input('email'),
 342              "usergroup" => $mybb->get_input('usergroup'),
 343              "additionalgroups" => $additionalgroups,
 344              "displaygroup" => $mybb->get_input('displaygroup'),
 345              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 346              "profile_fields_editable" => true,
 347          );
 348  
 349          // Set the data of the user in the datahandler.
 350          $userhandler->set_data($new_user);
 351          $errors = '';
 352  
 353          // Validate the user and get any errors that might have occurred.
 354          if(!$userhandler->validate_user())
 355          {
 356              $errors = $userhandler->get_friendly_errors();
 357          }
 358          else
 359          {
 360              $user_info = $userhandler->insert_user();
 361  
 362              $plugins->run_hooks("admin_user_users_add_commit");
 363  
 364              // Log admin action
 365              log_admin_action($user_info['uid'], $user_info['username']);
 366  
 367              flash_message($lang->success_user_created, 'success');
 368              admin_redirect("index.php?module=user-users&action=edit&uid={$user_info['uid']}");
 369          }
 370      }
 371  
 372      // Fetch custom profile fields - only need required profile fields here
 373      $query = $db->simple_select("profilefields", "*", "required=1", array('order_by' => 'disporder'));
 374  
 375      $profile_fields = array(
 376          'required' => array(),
 377          'optional' => array(),
 378      );
 379      while($profile_field = $db->fetch_array($query))
 380      {
 381          $profile_fields['required'][] = $profile_field;
 382      }
 383  
 384      $page->add_breadcrumb_item($lang->create_user);
 385      $page->output_header($lang->create_user);
 386  
 387      $form = new Form("index.php?module=user-users&amp;action=add", "post");
 388  
 389      $page->output_nav_tabs($sub_tabs, 'create_user');
 390  
 391      // If we have any error messages, show them
 392      if($errors)
 393      {
 394          $page->output_inline_error($errors);
 395      }
 396      else
 397      {
 398          $mybb->input = array_merge($mybb->input, array('usergroup' => 2));
 399      }
 400  
 401      $mybb->input['profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
 402  
 403      $form_container = new FormContainer($lang->required_profile_info);
 404      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', htmlspecialchars_uni($mybb->get_input('username')), array('id' => 'username')), 'username');
 405      $form_container->output_row($lang->password." <em>*</em>", "", $form->generate_password_box('password', $mybb->get_input('password'), array('id' => 'password', 'autocomplete' => 'off')), 'password');
 406      $form_container->output_row($lang->confirm_password." <em>*</em>", "", $form->generate_password_box('confirm_password', $mybb->get_input('confirm_password'), array('id' => 'confirm_new_password')), 'confirm_new_password');
 407      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->get_input('email'), array('id' => 'email')), 'email');
 408  
 409      $display_group_options[0] = $lang->use_primary_user_group;
 410      $options = array();
 411      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
 412      while($usergroup = $db->fetch_array($query))
 413      {
 414          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 415          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
 416      }
 417  
 418      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
 419      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
 420      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
 421  
 422      // Output custom profile fields - required
 423      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
 424  
 425      $form_container->end();
 426      $buttons[] = $form->generate_submit_button($lang->save_user);
 427      $form->output_submit_wrapper($buttons);
 428  
 429      $form->end();
 430      $page->output_footer();
 431  }
 432  
 433  if($mybb->input['action'] == "edit")
 434  {
 435      $user = get_user($mybb->input['uid']);
 436  
 437      // Does the user not exist?
 438      if(!$user)
 439      {
 440          flash_message($lang->error_invalid_user, 'error');
 441          admin_redirect("index.php?module=user-users");
 442      }
 443  
 444      $plugins->run_hooks("admin_user_users_edit");
 445  
 446      if($mybb->request_method == "post")
 447      {
 448          $plugins->run_hooks("admin_user_users_edit_start");
 449          if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
 450          {
 451              flash_message($lang->error_no_perms_super_admin, 'error');
 452              admin_redirect("index.php?module=user-users");
 453          }
 454  
 455          // Determine the usergroup stuff
 456          if(!empty($mybb->input['additionalgroups']) && is_array($mybb->input['additionalgroups']))
 457          {
 458              foreach($mybb->input['additionalgroups'] as $key => $gid)
 459              {
 460                  if($gid == $mybb->input['usergroup'])
 461                  {
 462                      unset($mybb->input['additionalgroups'][$key]);
 463                  }
 464              }
 465              $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
 466          }
 467          else
 468          {
 469              $additionalgroups = '';
 470          }
 471  
 472          $returndate = "";
 473          if(!empty($mybb->input['away_day']))
 474          {
 475              $awaydate = TIME_NOW;
 476              // If the user has indicated that they will return on a specific day, but not month or year, assume it is current month and year
 477              if(!$mybb->input['away_month'])
 478              {
 479                  $mybb->input['away_month'] = my_date('n', $awaydate);
 480              }
 481              if(!$mybb->input['away_year'])
 482              {
 483                  $mybb->input['away_year'] = my_date('Y', $awaydate);
 484              }
 485  
 486              $return_month = (int)substr($mybb->input['away_month'], 0, 2);
 487              $return_day = (int)substr($mybb->input['away_day'], 0, 2);
 488              $return_year = min($mybb->get_input('away_year', MyBB::INPUT_INT), 9999);
 489  
 490              // Check if return date is after the away date.
 491              $returntimestamp = gmmktime(0, 0, 0, $return_month, $return_day, $return_year);
 492              $awaytimestamp = gmmktime(0, 0, 0, my_date('n', $awaydate), my_date('j', $awaydate), my_date('Y', $awaydate));
 493              if($return_year < my_date('Y', $awaydate) || ($returntimestamp < $awaytimestamp && $return_year == my_date('Y', $awaydate)))
 494              {
 495                  $away_in_past = true;
 496              }
 497  
 498              $returndate = "{$return_day}-{$return_month}-{$return_year}";
 499          }
 500  
 501          // Set up user handler.
 502          require_once  MYBB_ROOT."inc/datahandlers/user.php";
 503          $userhandler = new UserDataHandler('update');
 504  
 505          // Set the data for the new user.
 506          $updated_user = array(
 507              "uid" => $mybb->get_input('uid'),
 508              "username" => $mybb->get_input('username'),
 509              "email" => $mybb->get_input('email'),
 510              "email2" => $mybb->get_input('email'),
 511              "usergroup" => $mybb->get_input('usergroup'),
 512              "additionalgroups" => $additionalgroups,
 513              "displaygroup" => $mybb->get_input('displaygroup'),
 514              "postnum" => $mybb->get_input('postnum'),
 515              "threadnum" => $mybb->get_input('threadnum'),
 516              "usertitle" => $mybb->get_input('usertitle'),
 517              "timezone" => $mybb->get_input('timezone'),
 518              "language" => $mybb->get_input('language'),
 519              "profile_fields" => $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY),
 520              "profile_fields_editable" => true,
 521              "website" => $mybb->get_input('website'),
 522              "skype" => $mybb->get_input('skype'),
 523              "google" => $mybb->get_input('google'),
 524              "birthday" => array(
 525                  "day" => $mybb->get_input('bday1'),
 526                  "month" => $mybb->get_input('bday2'),
 527                  "year" => $mybb->get_input('bday3')
 528              ),
 529              "style" => $mybb->get_input('style'),
 530              "signature" => $mybb->get_input('signature'),
 531              "dateformat" => $mybb->get_input('dateformat', MyBB::INPUT_INT),
 532              "timeformat" => $mybb->get_input('timeformat', MyBB::INPUT_INT),
 533              "usernotes" => $mybb->get_input('usernotes'),
 534              "away" => array(
 535                  "away" => $mybb->get_input('away'),
 536                  "date" => TIME_NOW,
 537                  "returndate" => $returndate,
 538                  "awayreason" => $mybb->get_input('awayreason')
 539              )
 540          );
 541  
 542          if($user['usergroup'] == 5 && $mybb->get_input('usergroup') != 5)
 543          {
 544              if($user['coppauser'] == 1)
 545              {
 546                  $updated_user['coppa_user'] = 0;
 547              }
 548          }
 549          if($mybb->get_input('new_password'))
 550          {
 551              $updated_user['password'] = $mybb->get_input('new_password');
 552              $updated_user['password2'] = $mybb->get_input('confirm_new_password');
 553          }
 554  
 555          $updated_user['options'] = array(
 556              "allownotices" => $mybb->get_input('allownotices'),
 557              "hideemail" => $mybb->get_input('hideemail'),
 558              "subscriptionmethod" => $mybb->get_input('subscriptionmethod'),
 559              "invisible" => $mybb->get_input('invisible'),
 560              "dstcorrection" => $mybb->get_input('dstcorrection'),
 561              "threadmode" => $mybb->get_input('threadmode'),
 562              "classicpostbit" => $mybb->get_input('classicpostbit'),
 563              "showimages" => $mybb->get_input('showimages'),
 564              "showvideos" => $mybb->get_input('showvideos'),
 565              "showsigs" => $mybb->get_input('showsigs'),
 566              "showavatars" => $mybb->get_input('showavatars'),
 567              "showquickreply" => $mybb->get_input('showquickreply'),
 568              "receivepms" => $mybb->get_input('receivepms'),
 569              "receivefrombuddy" => $mybb->get_input('receivefrombuddy'),
 570              "pmnotice" => $mybb->get_input('pmnotice'),
 571              "daysprune" => $mybb->get_input('daysprune'),
 572              "showcodebuttons" => $mybb->get_input('showcodebuttons'),
 573              "sourceeditor" => $mybb->get_input('sourceeditor'),
 574              "pmnotify" => $mybb->get_input('pmnotify'),
 575              "buddyrequestspm" => $mybb->get_input('buddyrequestspm'),
 576              "buddyrequestsauto" => $mybb->get_input('buddyrequestsauto'),
 577              "showredirect" => $mybb->get_input('showredirect')
 578          );
 579  
 580          if($mybb->settings['usertppoptions'])
 581          {
 582              $updated_user['options']['tpp'] = $mybb->get_input('tpp', MyBB::INPUT_INT);
 583          }
 584  
 585          if($mybb->settings['userpppoptions'])
 586          {
 587              $updated_user['options']['ppp'] = $mybb->get_input('ppp', MyBB::INPUT_INT);
 588          }
 589  
 590          // Set the data of the user in the datahandler.
 591          $userhandler->set_data($updated_user);
 592          $errors = array();
 593  
 594          // Validate the user and get any errors that might have occurred.
 595          if(!$userhandler->validate_user())
 596          {
 597              $errors = $userhandler->get_friendly_errors();
 598          }
 599          else
 600          {
 601              // Are we removing an avatar from this user?
 602              if($mybb->get_input('remove_avatar'))
 603              {
 604                  $extra_user_updates = array(
 605                      "avatar" => "",
 606                      "avatardimensions" => "",
 607                      "avatartype" => ""
 608                  );
 609                  remove_avatars($user['uid']);
 610              }
 611  
 612              // Are we uploading a new avatar?
 613              if($_FILES['avatar_upload']['name'])
 614              {
 615                  $avatar = upload_avatar($_FILES['avatar_upload'], $user['uid']);
 616                  if($avatar['error'])
 617                  {
 618                      $errors = array($avatar['error']);
 619                  }
 620                  else
 621                  {
 622                      if($avatar['width'] > 0 && $avatar['height'] > 0)
 623                      {
 624                          $avatar_dimensions = $avatar['width']."|".$avatar['height'];
 625                      }
 626                      $extra_user_updates = array(
 627                          "avatar" => $avatar['avatar'].'?dateline='.TIME_NOW,
 628                          "avatardimensions" => $avatar_dimensions,
 629                          "avatartype" => "upload"
 630                      );
 631                  }
 632              }
 633              // Are we setting a new avatar from a URL?
 634              else if(!empty($mybb->input['avatar_url']) && $mybb->input['avatar_url'] != $user['avatar'])
 635              {
 636                  if(!$mybb->settings['allowremoteavatars'])
 637                  {
 638                      $errors = array($lang->error_remote_avatar_not_allowed);
 639                  }
 640                  else
 641                  {
 642                      if(filter_var($mybb->input['avatar_url'], FILTER_VALIDATE_EMAIL) !== false)
 643                      {
 644                          // Gravatar
 645                          $email = md5(strtolower(trim($mybb->input['avatar_url'])));
 646  
 647                          $s = '';
 648                          if(!$mybb->settings['maxavatardims'])
 649                          {
 650                              $mybb->settings['maxavatardims'] = '100x100'; // Hard limit of 100 if there are no limits
 651                          }
 652  
 653                          // Because Gravatars are square, hijack the width
 654                          list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 655  
 656                          $s = "?s={$maxwidth}";
 657                          $maxheight = (int)$maxwidth;
 658  
 659                          $extra_user_updates = array(
 660                              "avatar" => "https://www.gravatar.com/avatar/{$email}{$s}",
 661                              "avatardimensions" => "{$maxheight}|{$maxheight}",
 662                              "avatartype" => "gravatar"
 663                          );
 664                      }
 665                      else
 666                      {
 667                          $mybb->input['avatar_url'] = preg_replace("#script:#i", "", $mybb->input['avatar_url']);
 668                          $ext = get_extension($mybb->input['avatar_url']);
 669  
 670                          // Copy the avatar to the local server (work around remote URL access disabled for getimagesize)
 671                          $file = fetch_remote_file($mybb->input['avatar_url']);
 672                          if(!$file)
 673                          {
 674                              $avatar_error = $lang->error_invalidavatarurl;
 675                          }
 676                          else
 677                          {
 678                              $tmp_name = "../".$mybb->settings['avataruploadpath']."/remote_".md5(random_str());
 679                              $fp = @fopen($tmp_name, "wb");
 680                              if(!$fp)
 681                              {
 682                                  $avatar_error = $lang->error_invalidavatarurl;
 683                              }
 684                              else
 685                              {
 686                                  fwrite($fp, $file);
 687                                  fclose($fp);
 688                                  list($width, $height, $type) = @getimagesize($tmp_name);
 689                                  @unlink($tmp_name);
 690                                  echo $type;
 691                                  if(!$type)
 692                                  {
 693                                      $avatar_error = $lang->error_invalidavatarurl;
 694                                  }
 695                              }
 696                          }
 697  
 698                          if(empty($avatar_error))
 699                          {
 700                              if($width && $height && $mybb->settings['maxavatardims'] != "")
 701                              {
 702                                  list($maxwidth, $maxheight) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
 703                                  if(($maxwidth && $width > $maxwidth) || ($maxheight && $height > $maxheight))
 704                                  {
 705                                      $lang->error_avatartoobig = $lang->sprintf($lang->error_avatartoobig, $maxwidth, $maxheight);
 706                                      $avatar_error = $lang->error_avatartoobig;
 707                                  }
 708                              }
 709                          }
 710  
 711                          if(empty($avatar_error))
 712                          {
 713                              if($width > 0 && $height > 0)
 714                              {
 715                                  $avatar_dimensions = (int)$width."|".(int)$height;
 716                              }
 717                              $extra_user_updates = array(
 718                                  "avatar" => $db->escape_string($mybb->input['avatar_url'].'?dateline='.TIME_NOW),
 719                                  "avatardimensions" => $avatar_dimensions,
 720                                  "avatartype" => "remote"
 721                              );
 722                              remove_avatars($user['uid']);
 723                          }
 724                          else
 725                          {
 726                              $errors = array($avatar_error);
 727                          }
 728                      }
 729                  }
 730              }
 731  
 732              // Moderator "Options" (suspend signature, suspend/moderate posting)
 733              $moderator_options = array(
 734                  1 => array(
 735                      "action" => "suspendsignature", // The moderator action we're performing
 736                      "period" => "action_period", // The time period we've selected from the dropdown box
 737                      "time" => "action_time", // The time we've entered
 738                      "update_field" => "suspendsignature", // The field in the database to update if true
 739                      "update_length" => "suspendsigtime" // The length of suspension field in the database
 740                  ),
 741                  2 => array(
 742                      "action" => "moderateposting",
 743                      "period" => "modpost_period",
 744                      "time" => "modpost_time",
 745                      "update_field" => "moderateposts",
 746                      "update_length" => "moderationtime"
 747                  ),
 748                  3 => array(
 749                      "action" => "suspendposting",
 750                      "period" => "suspost_period",
 751                      "time" => "suspost_time",
 752                      "update_field" => "suspendposting",
 753                      "update_length" => "suspensiontime"
 754                  )
 755              );
 756  
 757              require_once  MYBB_ROOT."inc/functions_warnings.php";
 758              foreach($moderator_options as $option)
 759              {
 760                  if(empty($mybb->input[$option['action']]))
 761                  {
 762                      if($user[$option['update_field']] == 1)
 763                      {
 764                          // We're revoking the suspension
 765                          $extra_user_updates[$option['update_field']] = 0;
 766                          $extra_user_updates[$option['update_length']] = 0;
 767                      }
 768  
 769                      // Skip this option if we haven't selected it
 770                      continue;
 771                  }
 772                  else
 773                  {
 774                      if((int)$mybb->input[$option['time']] == 0 && $mybb->input[$option['period']] != "never" && $user[$option['update_field']] != 1)
 775                      {
 776                          // User has selected a type of ban, but not entered a valid time frame
 777                          $string = $option['action']."_error";
 778                          $errors[] = $lang->$string;
 779                      }
 780  
 781                      if(!is_array($errors))
 782                      {
 783                          $suspend_length = fetch_time_length((int)$mybb->input[$option['time']], $mybb->input[$option['period']]);
 784  
 785                          if($user[$option['update_field']] == 1 && ($mybb->input[$option['time']] || $mybb->input[$option['period']] == "never"))
 786                          {
 787                              // We already have a suspension, but entered a new time
 788                              if($suspend_length == "-1")
 789                              {
 790                                  // Permanent ban on action
 791                                  $extra_user_updates[$option['update_length']] = 0;
 792                              }
 793                              elseif($suspend_length && $suspend_length != "-1")
 794                              {
 795                                  // Temporary ban on action
 796                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 797                              }
 798                          }
 799                          elseif(!$user[$option['update_field']])
 800                          {
 801                              // New suspension for this user... bad user!
 802                              $extra_user_updates[$option['update_field']] = 1;
 803                              if($suspend_length == "-1")
 804                              {
 805                                  $extra_user_updates[$option['update_length']] = 0;
 806                              }
 807                              else
 808                              {
 809                                  $extra_user_updates[$option['update_length']] = TIME_NOW + $suspend_length;
 810                              }
 811                          }
 812                      }
 813                  }
 814              }
 815  
 816              if(!empty($extra_user_updates['moderateposts']) && !empty($extra_user_updates['suspendposting']))
 817              {
 818                  $errors[] = $lang->suspendmoderate_error;
 819              }
 820  
 821              if(isset($away_in_past))
 822              {
 823                  $errors[] = $lang->error_acp_return_date_past;
 824              }
 825  
 826              if(!$errors)
 827              {
 828                  $user_info = $userhandler->update_user();
 829  
 830                  $plugins->run_hooks("admin_user_users_edit_commit_start");
 831  
 832                  if(!empty($extra_user_updates))
 833                  {
 834                      $db->update_query("users", $extra_user_updates, "uid='{$user['uid']}'");
 835                  }
 836  
 837                  // if we're updating the user's signature preferences, do so now
 838                  if($mybb->input['update_posts'] == 'enable' || $mybb->input['update_posts'] == 'disable')
 839                  {
 840                      $update_signature = array(
 841                          'includesig' => ($mybb->input['update_posts'] == 'enable' ? 1 : 0)
 842                      );
 843                      $db->update_query("posts", $update_signature, "uid='{$user['uid']}'");
 844                  }
 845  
 846                  $plugins->run_hooks("admin_user_users_edit_commit");
 847  
 848                  if($user['usergroup'] == 5 && $mybb->input['usergroup'] != 5)
 849                  {
 850                      $cache->update_awaitingactivation();
 851                  }
 852  
 853                  // Log admin action
 854                  log_admin_action($user['uid'], $mybb->input['username']);
 855  
 856                  flash_message($lang->success_user_updated, 'success');
 857                  admin_redirect("index.php?module=user-users");
 858              }
 859              $plugins->run_hooks("admin_user_users_edit_end");
 860          }
 861      }
 862  
 863      if(!$errors)
 864      {
 865          $user['usertitle'] = htmlspecialchars_decode($user['usertitle']);
 866          $mybb->input = array_merge($mybb->input, $user);
 867  
 868          $options = array(
 869              'bday1', 'bday2', 'bday3',
 870              'new_password', 'confirm_new_password',
 871              'action_time', 'action_period',
 872              'modpost_period', 'moderateposting', 'modpost_time', 'suspost_period', 'suspost_time'
 873          );
 874  
 875          foreach($options as $option)
 876          {
 877              if(!isset($input_user[$option]))
 878              {
 879                  $mybb->input[$option] = '';
 880              }
 881          }
 882  
 883          // We need to fetch this users profile field values
 884          $query = $db->simple_select("userfields", "*", "ufid='{$user['uid']}'");
 885          $mybb->input['profile_fields'] = $db->fetch_array($query);
 886      }
 887  
 888      if($mybb->input['bday1'] || $mybb->input['bday2'] || $mybb->input['bday3'])
 889      {
 890          $mybb->input['bday'][0] = $mybb->input['bday1'];
 891          $mybb->input['bday'][1] = $mybb->input['bday2'];
 892          $mybb->input['bday'][2] = $mybb->get_input('bday3', MyBB::INPUT_INT);
 893      }
 894      else
 895      {
 896          $mybb->input['bday'] = array(0, 0, '');
 897  
 898          if($user['birthday'])
 899          {
 900              $mybb->input['bday'] = explode('-', $user['birthday']);
 901          }
 902      }
 903  
 904      if($mybb->get_input('away_day') || $mybb->get_input('away_month') || $mybb->get_input('away_year'))
 905      {
 906          $mybb->input['away_year'] = $mybb->get_input('away_year', MyBB::INPUT_INT);
 907      }
 908      else
 909      {
 910          $mybb->input['away_day'] = 0;
 911          $mybb->input['away_month'] = 0;
 912          $mybb->input['away_year'] = '';
 913  
 914          if($user['returndate'])
 915          {
 916              list($mybb->input['away_day'], $mybb->input['away_month'], $mybb->input['away_year']) = explode('-', $user['returndate']);
 917          }
 918      }
 919  
 920      // Fetch custom profile fields
 921      $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
 922  
 923      $profile_fields = array(
 924          'required' => array(),
 925          'optional' => array(),
 926      );
 927      while($profile_field = $db->fetch_array($query))
 928      {
 929          if($profile_field['required'] == 1)
 930          {
 931              $profile_fields['required'][] = $profile_field;
 932          }
 933          else
 934          {
 935              $profile_fields['optional'][] = $profile_field;
 936          }
 937      }
 938  
 939      $page->add_breadcrumb_item($lang->edit_user.": ".htmlspecialchars_uni($user['username']));
 940  
 941      $page->extra_header .= <<<EOF
 942  
 943      <link rel="stylesheet" href="../jscripts/sceditor/themes/mybb.css" type="text/css" media="all" />
 944      <script type="text/javascript" src="../jscripts/sceditor/jquery.sceditor.bbcode.min.js?ver=1832"></script>
 945      <script type="text/javascript" src="../jscripts/bbcodes_sceditor.js?ver=1837"></script>
 946      <script type="text/javascript" src="../jscripts/sceditor/plugins/undo.js?ver=1832"></script>
 947  EOF;
 948      $page->output_header($lang->edit_user);
 949  
 950      $sub_tabs['edit_user'] = array(
 951          'title' => $lang->edit_user,
 952          'description' => $lang->edit_user_desc
 953      );
 954  
 955      $form = new Form("index.php?module=user-users&amp;action=edit&amp;uid={$user['uid']}", "post", "", 1);
 956  
 957      $page->output_nav_tabs($sub_tabs, 'edit_user');
 958  
 959      // If we have any error messages, show them
 960      if($errors)
 961      {
 962          $page->output_inline_error($errors);
 963      }
 964  
 965      // Is this user a COPPA user? We show a warning & activate link
 966      if($user['coppauser'])
 967      {
 968          echo $lang->sprintf($lang->warning_coppa_user, $user['uid'], $mybb->post_code);
 969      }
 970  
 971      $tabs = array(
 972          "overview" => $lang->overview,
 973          "profile" => $lang->profile,
 974          "settings" => $lang->account_settings,
 975          "signature" => $lang->signature,
 976          "avatar" => $lang->avatar,
 977          "modoptions" => $lang->mod_options
 978      );
 979      $tabs = $plugins->run_hooks("admin_user_users_edit_graph_tabs", $tabs);
 980      $page->output_tab_control($tabs);
 981  
 982      //
 983      // OVERVIEW
 984      //
 985      echo "<div id=\"tab_overview\">\n";
 986      $table = new Table;
 987      $table->construct_header($lang->avatar, array('class' => 'align_center'));
 988      $table->construct_header($lang->general_account_stats, array('colspan' => '2', 'class' => 'align_center'));
 989  
 990      // Avatar
 991      $avatar_dimensions = preg_split('/[|x]/', $user['avatardimensions']);
 992      if($user['avatardimensions'])
 993      {
 994          require_once  MYBB_ROOT."inc/functions_image.php";
 995          list($width, $height) = preg_split('/[|x]/', $user['avatardimensions']);
 996          $scaled_dimensions = scale_image($width, $height, 120, 120);
 997      }
 998      else
 999      {
1000          $scaled_dimensions = array(
1001              "width" => 120,
1002              "height" => 120
1003          );
1004      }
1005      if($user['avatar'] && (my_strpos($user['avatar'], '://') === false || $mybb->settings['allowremoteavatars']))
1006      {
1007          if(!my_validate_url($user['avatar']))
1008          {
1009              $avatar = format_avatar($user['avatar'], $user['avatardimensions']);
1010              $user['avatar'] = $avatar['image'];
1011          }
1012      }
1013      else
1014      {
1015          if(my_validate_url($mybb->settings['useravatar']))
1016          {
1017              $user['avatar'] = str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1018          }
1019          else
1020          {
1021              $user['avatar'] = "../".str_replace('{theme}', 'images', $mybb->settings['useravatar']);
1022          }
1023      }
1024      $avatar_top = ceil((126-$scaled_dimensions['height'])/2);
1025      $last_seen = max(array($user['lastactive'], $user['lastvisit']));
1026      if(!empty($last_seen))
1027      {
1028          $last_active = my_date('relative', $last_seen);
1029      }
1030      else
1031      {
1032          $last_active = $lang->never;
1033      }
1034      $reg_date = my_date('relative', $user['regdate']);
1035      if($user['dst'] == 1)
1036      {
1037          $timezone = (float)$user['timezone']+1;
1038      }
1039      else
1040      {
1041          $timezone = (float)$user['timezone'];
1042      }
1043      $local_date = gmdate($mybb->settings['dateformat'], TIME_NOW + ($timezone * 3600));
1044      $local_time = gmdate($mybb->settings['timeformat'], TIME_NOW + ($timezone * 3600));
1045  
1046      $localtime = $lang->sprintf($lang->local_time_format, $local_date, $local_time);
1047      $days_registered = (TIME_NOW - $user['regdate']) / (24*3600);
1048      $posts_per_day = 0;
1049      if($days_registered > 0)
1050      {
1051          $posts_per_day = round($user['postnum'] / $days_registered, 2);
1052          if($posts_per_day > $user['postnum'])
1053          {
1054              $posts_per_day = $user['postnum'];
1055          }
1056      }
1057      $posts_per_day = my_number_format($posts_per_day);
1058  
1059      $stats = $cache->read("stats");
1060      $posts = $stats['numposts'];
1061      if($posts == 0)
1062      {
1063          $percent_posts = "0";
1064      }
1065      else
1066      {
1067          $percent_posts = round($user['postnum']*100/$posts, 2);
1068      }
1069  
1070      $user_permissions = user_permissions($user['uid']);
1071  
1072      // Fetch the reputation for this user
1073      if($user_permissions['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
1074      {
1075          $reputation = get_reputation($user['reputation']);
1076      }
1077      else
1078      {
1079          $reputation = "-";
1080      }
1081  
1082      if($mybb->settings['enablewarningsystem'] != 0 && $user_permissions['canreceivewarnings'] != 0)
1083      {
1084          if($mybb->settings['maxwarningpoints'] < 1)
1085          {
1086              $mybb->settings['maxwarningpoints'] = 10;
1087          }
1088  
1089          $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
1090          if($warning_level > 100)
1091          {
1092              $warning_level = 100;
1093          }
1094          $warning_level = get_colored_warning_level($warning_level);
1095      }
1096      else
1097      {
1098          $warning_level = "-";
1099      }
1100  
1101      $age = $lang->na;
1102      if($user['birthday'])
1103      {
1104          $age = get_age($user['birthday']);
1105      }
1106  
1107      $postnum = my_number_format($user['postnum']);
1108  
1109      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" style=\"margin-top: {$avatar_top}px\" width=\"{$scaled_dimensions['width']}\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('rowspan' => 6, 'width' => 1));
1110      $table->construct_cell("<strong>{$lang->email_address}:</strong> <a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>");
1111      $table->construct_cell("<strong>{$lang->last_active}:</strong> {$last_active}");
1112      $table->construct_row();
1113      $table->construct_cell("<strong>{$lang->registration_date}:</strong> {$reg_date}");
1114      $table->construct_cell("<strong>{$lang->local_time}:</strong> {$localtime}");
1115      $table->construct_row();
1116      $table->construct_cell("<strong>{$lang->posts}:</strong> {$postnum}");
1117      $table->construct_cell("<strong>{$lang->age}:</strong> {$age}");
1118      $table->construct_row();
1119      $table->construct_cell("<strong>{$lang->posts_per_day}:</strong> {$posts_per_day}");
1120      $table->construct_cell("<strong>{$lang->reputation}:</strong> {$reputation}");
1121      $table->construct_row();
1122      $table->construct_cell("<strong>{$lang->percent_of_total_posts}:</strong> {$percent_posts}");
1123      $table->construct_cell("<strong>{$lang->warning_level}:</strong> {$warning_level}");
1124      $table->construct_row();
1125      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['regip'])));
1126      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".my_inet_ntop($db->unescape_binary($user['lastip'])));
1127      $table->construct_row();
1128  
1129      $username = htmlspecialchars_uni($user['username']);
1130      $table->output("{$lang->user_overview}: {$username}");
1131      $plugins->run_hooks("admin_user_users_edit_overview");
1132      echo "</div>\n";
1133  
1134      //
1135      // PROFILE
1136      //
1137      echo "<div id=\"tab_profile\">\n";
1138  
1139      $form_container = new FormContainer($lang->required_profile_info.": ".htmlspecialchars_uni($user['username']));
1140      $form_container->output_row($lang->username." <em>*</em>", "", $form->generate_text_box('username', $mybb->input['username'], array('id' => 'username')), 'username');
1141      $form_container->output_row($lang->new_password, $lang->new_password_desc, $form->generate_password_box('new_password', $mybb->input['new_password'], array('id' => 'new_password', 'autocomplete' => 'off')), 'new_password');
1142      $form_container->output_row($lang->confirm_new_password, $lang->new_password_desc, $form->generate_password_box('confirm_new_password', $mybb->input['confirm_new_password'], array('id' => 'confirm_new_password')), 'confirm_new_password');
1143      $form_container->output_row($lang->email_address." <em>*</em>", "", $form->generate_text_box('email', $mybb->input['email'], array('id' => 'email')), 'email');
1144  
1145      $display_group_options[0] = $lang->use_primary_user_group;
1146      $options = array();
1147      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
1148      while($usergroup = $db->fetch_array($query))
1149      {
1150          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1151          $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
1152      }
1153  
1154      if(isset($mybb->input['additionalgroups']) && !is_array($mybb->input['additionalgroups']))
1155      {
1156          $mybb->input['additionalgroups'] = explode(',', $mybb->input['additionalgroups']);
1157      }
1158  
1159      $form_container->output_row($lang->primary_user_group." <em>*</em>", "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
1160      $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->get_input('additionalgroups', MyBB::INPUT_ARRAY), array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
1161      $form_container->output_row($lang->display_user_group." <em>*</em>", "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->get_input('displaygroup'), array('id' => 'displaygroup')), 'displaygroup');
1162      $form_container->output_row($lang->post_count." <em>*</em>", "", $form->generate_numeric_field('postnum', $mybb->get_input('postnum'), array('id' => 'postnum', 'min' => 0)), 'postnum');
1163      $form_container->output_row($lang->thread_count." <em>*</em>", "", $form->generate_numeric_field('threadnum', $mybb->get_input('threadnum'), array('id' => 'threadnum', 'min' => 0)), 'threadnum');
1164  
1165      // Output custom profile fields - required
1166      if(!isset($profile_fields['required']))
1167      {
1168          $profile_fields['required'] = array();
1169      }
1170      output_custom_profile_fields($profile_fields['required'], $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY), $form_container, $form);
1171  
1172      $form_container->end();
1173  
1174      $form_container = new FormContainer($lang->optional_profile_info.': '.htmlspecialchars_uni($user['username']));
1175      $form_container->output_row($lang->custom_user_title, $lang->custom_user_title_desc, $form->generate_text_box('usertitle', $mybb->get_input('usertitle'), array('id' => 'usertitle')), 'usertitle');
1176      $form_container->output_row($lang->website, "", $form->generate_text_box('website', $mybb->get_input('website'), array('id' => 'website')), 'website');
1177      $form_container->output_row($lang->skype_handle, "", $form->generate_text_box('skype', $mybb->get_input('skype'), array('id' => 'skype')), 'skype');
1178      $form_container->output_row($lang->google_handle, "", $form->generate_text_box('google', $mybb->get_input('google'), array('id' => 'google')), 'google');
1179  
1180      // Birthday
1181      $birthday_days = array(0 => '');
1182      for($i = 1; $i <= 31; $i++)
1183      {
1184          $birthday_days[$i] = $i;
1185      }
1186  
1187      $birthday_months = array(
1188          0 => '',
1189          1 => $lang->january,
1190          2 => $lang->february,
1191          3 => $lang->march,
1192          4 => $lang->april,
1193          5 => $lang->may,
1194          6 => $lang->june,
1195          7 => $lang->july,
1196          8 => $lang->august,
1197          9 => $lang->september,
1198          10 => $lang->october,
1199          11 => $lang->november,
1200          12 => $lang->december
1201      );
1202  
1203      $birthday_row = $form->generate_select_box('bday1', $birthday_days, $mybb->input['bday'][0], array('id' => 'bday_day'));
1204      $birthday_row .= ' '.$form->generate_select_box('bday2', $birthday_months, $mybb->input['bday'][1], array('id' => 'bday_month'));
1205      $birthday_row .= ' '.$form->generate_numeric_field('bday3', $mybb->input['bday'][2], array('id' => 'bday_year', 'style' => 'width: 4em;', 'min' => 0));
1206  
1207      $form_container->output_row($lang->birthday, "", $birthday_row, 'birthday');
1208  
1209      // Output custom profile fields - optional
1210      output_custom_profile_fields($profile_fields['optional'], $mybb->input['profile_fields'], $form_container, $form);
1211  
1212      $form_container->end();
1213  
1214  
1215      if($mybb->settings['allowaway'] != 0)
1216      {
1217          $form_container = new FormContainer($lang->away_information.': '.htmlspecialchars_uni($user['username']));
1218          $awaycheck = array(false, true);
1219          if($mybb->input['away'] == 1)
1220          {
1221              $awaycheck = array(true, false);
1222          }
1223          $form_container->output_row($lang->away_status, $lang->away_status_desc, $form->generate_radio_button('away', 1, $lang->im_away, array('id' => 'away', "checked" => $awaycheck[0]))." ".$form->generate_radio_button('away', 0, $lang->im_here, array('id' => 'away2', "checked" => $awaycheck[1])), 'away');
1224          $form_container->output_row($lang->away_reason, $lang->away_reason_desc, $form->generate_text_box('awayreason', $mybb->input['awayreason'], array('id' => 'awayreason')), 'awayreason');
1225  
1226          //Return date (we can use the arrays from birthday)
1227          $return_row = $form->generate_select_box('away_day', $birthday_days, $mybb->input['away_day'], array('id' => 'away_day'));
1228          $return_row .= ' '.$form->generate_select_box('away_month', $birthday_months, $mybb->input['away_month'], array('id' => 'away_month'));
1229          $return_row .= ' '.$form->generate_numeric_field('away_year', $mybb->input['away_year'], array('id' => 'away_year', 'style' => 'width: 4em;', 'min' => 0));
1230  
1231          $form_container->output_row($lang->return_date, $lang->return_date_desc, $return_row, 'away_date');
1232  
1233          $form_container->end();
1234      }
1235  
1236      $plugins->run_hooks("admin_user_users_edit_profile");
1237      echo "</div>\n";
1238  
1239      //
1240      // ACCOUNT SETTINGS
1241      //
1242  
1243      echo "<div id=\"tab_settings\">\n";
1244      $form_container = new FormContainer($lang->account_settings.': '.htmlspecialchars_uni($user['username']));
1245      $login_options = array(
1246          $form->generate_check_box("invisible", 1, $lang->hide_from_whos_online, array("checked" => $mybb->get_input('invisible'))),
1247      );
1248      $form_container->output_row($lang->login_cookies_privacy, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $login_options)."</div>");
1249  
1250      if($mybb->get_input('pmnotice') > 1)
1251      {
1252          $mybb->input['pmnotice'] = 1;
1253      }
1254  
1255      $messaging_options = array(
1256          $form->generate_check_box("allownotices", 1, $lang->recieve_admin_emails, array("checked" => $mybb->get_input('allownotices'))),
1257          $form->generate_check_box("hideemail", 1, $lang->hide_email_from_others, array("checked" => $mybb->get_input('hideemail'))),
1258          $form->generate_check_box("receivepms", 1, $lang->recieve_pms_from_others, array("checked" => $mybb->get_input('receivepms'))),
1259          $form->generate_check_box("receivefrombuddy", 1, $lang->recieve_pms_from_buddy, array("checked" => $mybb->get_input('receivefrombuddy'))),
1260          $form->generate_check_box("pmnotice", 1, $lang->alert_new_pms, array("checked" => $mybb->get_input('pmnotice'))),
1261          $form->generate_check_box("pmnotify", 1, $lang->email_notify_new_pms, array("checked" => $mybb->get_input('pmnotify'))),
1262          $form->generate_check_box("buddyrequestspm", 1, $lang->buddy_requests_pm, array("checked" => $mybb->get_input('buddyrequestspm'))),
1263          $form->generate_check_box("buddyrequestsauto", 1, $lang->buddy_requests_auto, array("checked" => $mybb->get_input('buddyrequestsauto'))),
1264          "<label for=\"subscriptionmethod\">{$lang->default_thread_subscription_mode}:</label><br />".$form->generate_select_box("subscriptionmethod", array($lang->do_not_subscribe, $lang->no_notification, $lang->instant_email_notification, $lang->instant_pm_notification), $mybb->get_input('subscriptionmethod'), array('id' => 'subscriptionmethod'))
1265      );
1266  
1267      // Allow plugins to add messaging options
1268      $messaging_options = $plugins->run_hooks('admin_user_users_edit_messaging_options', $messaging_options);
1269  
1270      // Output messaging options
1271      $form_container->output_row($lang->messaging_and_notification, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $messaging_options)."</div>");
1272  
1273      $date_format_options = array($lang->use_default);
1274      foreach($date_formats as $key => $format)
1275      {
1276          $date_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1277      }
1278  
1279      $time_format_options = array($lang->use_default);
1280      foreach($time_formats as $key => $format)
1281      {
1282          $time_format_options[$key] = my_date($format, TIME_NOW, "", 0);
1283      }
1284  
1285      $date_options = array(
1286          "<label for=\"dateformat\">{$lang->date_format}:</label><br />".$form->generate_select_box("dateformat", $date_format_options, $mybb->get_input('dateformat'), array('id' => 'dateformat')),
1287          "<label for=\"dateformat\">{$lang->time_format}:</label><br />".$form->generate_select_box("timeformat", $time_format_options, $mybb->get_input('timeformat'), array('id' => 'timeformat')),
1288          "<label for=\"timezone\">{$lang->time_zone}:</label><br />".build_timezone_select("timezone", $mybb->get_input('timezone')),
1289          "<label for=\"dstcorrection\">{$lang->daylight_savings_time_correction}:</label><br />".$form->generate_select_box("dstcorrection", array(2 => $lang->automatically_detect, 1 => $lang->always_use_dst_correction, 0 => $lang->never_use_dst_correction), $mybb->get_input('dstcorrection'), array('id' => 'dstcorrection'))
1290      );
1291  
1292      // Allow plugins to add date options
1293      $date_options = $plugins->run_hooks('admin_user_users_edit_date_options', $date_options);
1294  
1295      // Output date options
1296      $form_container->output_row($lang->date_and_time_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $date_options)."</div>");
1297  
1298  
1299      $tpp_options = array($lang->use_default);
1300      if($mybb->settings['usertppoptions'])
1301      {
1302          $explodedtpp = explode(",", $mybb->settings['usertppoptions']);
1303          if(is_array($explodedtpp))
1304          {
1305              foreach($explodedtpp as $tpp)
1306              {
1307                  if($tpp <= 0) continue;
1308                  $tpp_options[$tpp] = $tpp;
1309              }
1310          }
1311      }
1312  
1313      $thread_age_options = array(
1314          0 => $lang->use_default,
1315          1 => $lang->show_threads_last_day,
1316          5 => $lang->show_threads_last_5_days,
1317          10 => $lang->show_threads_last_10_days,
1318          20 => $lang->show_threads_last_20_days,
1319          50 => $lang->show_threads_last_50_days,
1320          75 => $lang->show_threads_last_75_days,
1321          100 => $lang->show_threads_last_100_days,
1322          365 => $lang->show_threads_last_year,
1323          9999 => $lang->show_all_threads
1324      );
1325  
1326      $forum_options = array(
1327          "<label for=\"tpp\">{$lang->threads_per_page}:</label><br />".$form->generate_select_box("tpp", $tpp_options, $mybb->get_input('tpp'), array('id' => 'tpp')),
1328          "<label for=\"daysprune\">{$lang->default_thread_age_view}:</label><br />".$form->generate_select_box("daysprune", $thread_age_options, $mybb->get_input('daysprune'), array('id' => 'daysprune'))
1329      );
1330  
1331      // Allow plugins to add forum options
1332      $forum_options = $plugins->run_hooks('admin_user_users_edit_forum_options', $forum_options);
1333  
1334      // Output forum options
1335      $form_container->output_row($lang->forum_display_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $forum_options)."</div>");
1336  
1337      $ppp_options = array($lang->use_default);
1338      if($mybb->settings['userpppoptions'])
1339      {
1340          $explodedppp = explode(",", $mybb->settings['userpppoptions']);
1341          if(is_array($explodedppp))
1342          {
1343              foreach($explodedppp as $ppp)
1344              {
1345                  if($ppp <= 0) continue;
1346                  $ppp_options[$ppp] = $ppp;
1347              }
1348          }
1349      }
1350  
1351      $thread_options = array(
1352          $form->generate_check_box("classicpostbit", 1, $lang->show_classic_postbit, array("checked" => $mybb->get_input('classicpostbit'))),
1353          $form->generate_check_box("showimages", 1, $lang->display_images, array("checked" => $mybb->get_input('showimages'))),
1354          $form->generate_check_box("showvideos", 1, $lang->display_videos, array("checked" => $mybb->get_input('showvideos'))),
1355          $form->generate_check_box("showsigs", 1, $lang->display_users_sigs, array("checked" => $mybb->get_input('showsigs'))),
1356          $form->generate_check_box("showavatars", 1, $lang->display_users_avatars, array("checked" => $mybb->get_input('showavatars'))),
1357          $form->generate_check_box("showquickreply", 1, $lang->show_quick_reply, array("checked" => $mybb->get_input('showquickreply'))),
1358          "<label for=\"ppp\">{$lang->posts_per_page}:</label><br />".$form->generate_select_box("ppp", $ppp_options, $mybb->get_input('ppp'), array('id' => 'ppp')),
1359          "<label for=\"threadmode\">{$lang->default_thread_view_mode}:</label><br />".$form->generate_select_box("threadmode", array("" => $lang->use_default, "linear" => $lang->linear_mode, "threaded" => $lang->threaded_mode), $mybb->input['threadmode'], array('id' => 'threadmode'))
1360      );
1361  
1362      // Allow plugins to add thread options
1363      $thread_options = $plugins->run_hooks('admin_user_users_edit_thread_options', $thread_options);
1364  
1365      // Output thread options
1366      $form_container->output_row($lang->thread_view_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $thread_options)."</div>");
1367  
1368      $languages = array_merge(array('' => $lang->use_default), $lang->get_languages());
1369  
1370      $other_options = array(
1371          $form->generate_check_box("showredirect", 1, $lang->show_redirect, array("checked" => $mybb->get_input('showredirect'))),
1372          $form->generate_check_box("showcodebuttons", "1", $lang->show_code_buttons, array("checked" => $mybb->get_input('showcodebuttons'))),
1373          $form->generate_check_box("sourceeditor", "1", $lang->source_editor, array("checked" => $mybb->get_input('sourceeditor'))),
1374          "<label for=\"style\">{$lang->theme}:</label><br />".build_theme_select("style", $mybb->get_input('style'), 0, "", true, false, true),
1375          "<label for=\"language\">{$lang->board_language}:</label><br />".$form->generate_select_box("language", $languages, $mybb->get_input('language'), array('id' => 'language'))
1376      );
1377  
1378      // Allow plugins to add other options
1379      $other_options = $plugins->run_hooks('admin_user_users_edit_other_options', $other_options);
1380  
1381      // Output other options
1382      $form_container->output_row($lang->other_options, "", "<div class=\"user_settings_bit\">".implode("</div><div class=\"user_settings_bit\">", $other_options)."</div>");
1383  
1384      $form_container->end();
1385      $plugins->run_hooks("admin_user_users_edit_settings");
1386      echo "</div>\n";
1387  
1388      //
1389      // SIGNATURE EDITOR
1390      //
1391      $signature_editor = $form->generate_text_area("signature", $mybb->get_input('signature'), array('id' => 'signature', 'rows' => 15, 'cols' => '70', 'style' => 'height: 250px; width: 95%'));
1392      $sig_smilies = $lang->off;
1393      if($mybb->settings['sigsmilies'] == 1)
1394      {
1395          $sig_smilies = $lang->on;
1396      }
1397      $sig_mycode = $lang->off;
1398      if($mybb->settings['sigmycode'] == 1)
1399      {
1400          $sig_mycode = $lang->on;
1401          $signature_editor .= build_mycode_inserter("signature");
1402      }
1403      $sig_html = $lang->off;
1404      if($mybb->settings['sightml'] == 1)
1405      {
1406          $sig_html = $lang->on;
1407      }
1408      $sig_imgcode = $lang->off;
1409      if($mybb->settings['sigimgcode'] == 1)
1410      {
1411          $sig_imgcode = $lang->on;
1412      }
1413      echo "<div id=\"tab_signature\">\n";
1414      $form_container = new FormContainer($lang->signature.': '.htmlspecialchars_uni($user['username']));
1415      $form_container->output_row($lang->signature, $lang->sprintf($lang->signature_desc, $sig_mycode, $sig_smilies, $sig_imgcode, $sig_html), $signature_editor, 'signature');
1416  
1417      $periods = array(
1418          "hours" => $lang->expire_hours,
1419          "days" => $lang->expire_days,
1420          "weeks" => $lang->expire_weeks,
1421          "months" => $lang->expire_months,
1422          "never" => $lang->expire_permanent
1423      );
1424  
1425      // Are we already suspending the signature?
1426      if($mybb->get_input('suspendsignature'))
1427      {
1428          $sig_checked = 1;
1429  
1430          // Display how much time is left on the ban for the user to extend it
1431          if($user['suspendsigtime'] == "0")
1432          {
1433              // Permanent
1434              $lang->suspend_expire_info = $lang->suspend_sig_perm;
1435          }
1436          else
1437          {
1438              // There's a limit to the suspension!
1439              $remaining = $user['suspendsigtime']-TIME_NOW;
1440              $expired = nice_time($remaining, array('seconds' => false));
1441  
1442              $color = 'inherit';
1443              if($remaining < 3600)
1444              {
1445                  $color = 'red';
1446              }
1447              elseif($remaining < 86400)
1448              {
1449                  $color = 'maroon';
1450              }
1451              elseif($remaining < 604800)
1452              {
1453                  $color = 'green';
1454              }
1455  
1456              $lang->suspend_expire_info = $lang->sprintf($lang->suspend_expire_info, $expired, $color);
1457          }
1458          $user_suspend_info = '
1459                  <tr>
1460                      <td colspan="2">'.$lang->suspend_expire_info.'<br />'.$lang->suspend_sig_extend.'</td>
1461                  </tr>';
1462      }
1463      else
1464      {
1465          $sig_checked = 0;
1466          $user_suspend_info = '';
1467      }
1468  
1469      $actions = '
1470      <script type="text/javascript">
1471      <!--
1472          var sig_checked = "'.$sig_checked.'";
1473  
1474  		function toggleAction()
1475          {
1476              if($("#suspend_action").is(\':visible\'))
1477              {
1478                  $("#suspend_action").hide();
1479              }
1480              else
1481              {
1482                  $("#suspend_action").show();
1483              }
1484          }
1485      // -->
1486      </script>
1487  
1488      <dl style="margin-top: 0; margin-bottom: 0; width: 100%;">
1489          <dt>'.$form->generate_check_box("suspendsignature", 1, $lang->suspend_sig_box, array('checked' => $sig_checked, 'onclick' => 'toggleAction();')).'</dt>
1490          <dd style="margin-top: 4px;" id="suspend_action" class="actions">
1491              <table cellpadding="4">'.$user_suspend_info.'
1492                  <tr>
1493                      <td width="30%"><small>'.$lang->expire_length.'</small></td>
1494                      <td>'.$form->generate_numeric_field('action_time', $mybb->input['action_time'], array('style' => 'width: 3em;', 'min' => 0)).' '.$form->generate_select_box('action_period', $periods, $mybb->input['action_period']).'</td>
1495                  </tr>
1496              </table>
1497          </dd>
1498      </dl>
1499  
1500      <script type="text/javascript">
1501      <!--
1502          if(sig_checked == 0)
1503          {
1504              $("#suspend_action").hide();
1505          }
1506      // -->
1507      </script>';
1508  
1509      $form_container->output_row($lang->suspend_sig, $lang->suspend_sig_info, $actions);
1510  
1511      $signature_options = array(
1512          $form->generate_radio_button("update_posts", "enable", $lang->enable_sig_in_all_posts, array("checked" => 0)),
1513          $form->generate_radio_button("update_posts", "disable", $lang->disable_sig_in_all_posts, array("checked" => 0)),
1514          $form->generate_radio_button("update_posts", "no", $lang->do_nothing, array("checked" => 1))
1515      );
1516  
1517      $form_container->output_row($lang->signature_preferences, "", implode("<br />", $signature_options));
1518  
1519      $form_container->end();
1520      $plugins->run_hooks("admin_user_users_edit_signatur");
1521      echo "</div>\n";
1522  
1523      //
1524      // AVATAR MANAGER
1525      //
1526      echo "<div id=\"tab_avatar\">\n";
1527      $table = new Table;
1528      $table->construct_header($lang->current_avatar, array('colspan' => 2));
1529  
1530      $table->construct_cell("<div style=\"width: 126px; height: 126px;\" class=\"user_avatar\"><img src=\"".htmlspecialchars_uni($user['avatar'])."\" width=\"{$scaled_dimensions['width']}\" style=\"margin-top: {$avatar_top}px\" height=\"{$scaled_dimensions['height']}\" alt=\"\" /></div>", array('width' => 1));
1531  
1532      $avatar_url = '';
1533      if($user['avatartype'] == "upload" || stristr($user['avatar'], $mybb->settings['avataruploadpath']))
1534      {
1535          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_uploaded_avatar}</strong>";
1536      }
1537      elseif($user['avatartype'] == "remote" || my_validate_url($user['avatar']))
1538      {
1539          $current_avatar_msg = "<br /><strong>{$lang->user_current_using_remote_avatar}</strong>";
1540          $avatar_url = $user['avatar'];
1541      }
1542  
1543      if($errors)
1544      {
1545          if(isset($mybb->input['avatar_url']))
1546          {
1547              $avatar_url = htmlspecialchars_uni($mybb->input['avatar_url']);
1548          }
1549      }
1550  
1551      if($mybb->settings['maxavatardims'] != "")
1552      {
1553          list($max_width, $max_height) = preg_split('/[|x]/', my_strtolower($mybb->settings['maxavatardims']));
1554          $max_size = "<br />{$lang->max_dimensions_are} {$max_width}x{$max_height}";
1555      }
1556  
1557      if($mybb->settings['avatarsize'])
1558      {
1559          $maximum_size = get_friendly_size($mybb->settings['avatarsize']*1024);
1560          $max_size .= "<br />{$lang->avatar_max_size} {$maximum_size}";
1561      }
1562  
1563      if($user['avatar'])
1564      {
1565          $remove_avatar = "<br /><br />".$form->generate_check_box("remove_avatar", 1, "<strong>{$lang->remove_avatar}</strong>");
1566      }
1567  
1568      $table->construct_cell($lang->avatar_desc."{$remove_avatar}<br /><small>{$max_size}</small>");
1569      $table->construct_row();
1570  
1571      $table->output($lang->avatar.': '.htmlspecialchars_uni($user['username']));
1572  
1573      // Custom avatar
1574      if($mybb->settings['avatarresizing'] == "auto")
1575      {
1576          $auto_resize = $lang->avatar_auto_resize;
1577      }
1578      else if($mybb->settings['avatarresizing'] == "user")
1579      {
1580          $auto_resize = "<input type=\"checkbox\" name=\"auto_resize\" value=\"1\" checked=\"checked\" id=\"auto_resize\" /> <label for=\"auto_resize\">{$lang->attempt_to_auto_resize}</label></span>";
1581      }
1582      $form_container = new FormContainer($lang->specify_custom_avatar);
1583      $form_container->output_row($lang->upload_avatar, $auto_resize, $form->generate_file_upload_box('avatar_upload', array('id' => 'avatar_upload')), 'avatar_upload');
1584      if($mybb->settings['allowremoteavatars'])
1585      {
1586          $form_container->output_row($lang->or_specify_avatar_url, "", $form->generate_text_box('avatar_url', $avatar_url, array('id' => 'avatar_url')), 'avatar_url');
1587      }
1588      $form_container->end();
1589      $plugins->run_hooks("admin_user_users_edit_avatar");
1590      echo "</div>\n";
1591  
1592      //
1593      // MODERATOR OPTIONS
1594      //
1595      $periods = array(
1596          "hours" => $lang->expire_hours,
1597          "days" => $lang->expire_days,
1598          "weeks" => $lang->expire_weeks,
1599          "months" => $lang->expire_months,
1600          "never" => $lang->expire_permanent
1601      );
1602  
1603      echo "<div id=\"tab_modoptions\">\n";
1604      $form_container = new FormContainer($lang->mod_options.': '.htmlspecialchars_uni($user['username']));
1605      $form_container->output_row($lang->user_notes, '', $form->generate_text_area('usernotes', $mybb->input['usernotes'], array('id' => 'usernotes')), 'usernotes');
1606  
1607      // Mod posts
1608      // Generate check box
1609      $modpost_options = $form->generate_select_box('modpost_period', $periods, $mybb->input['modpost_period'], array('id' => 'modpost_period'));
1610  
1611      // Do we have any existing suspensions here?
1612      $existing_info = '';
1613      if($user['moderateposts'] || ($mybb->get_input('moderateposting') && !empty($errors)))
1614      {
1615          $mybb->input['moderateposting'] = 1;
1616          if($user['moderationtime'] != 0)
1617          {
1618              $remaining = $user['moderationtime']-TIME_NOW;
1619              $expired = nice_time($remaining, array('seconds' => false));
1620  
1621              $color = 'inherit';
1622              if($remaining < 3600)
1623              {
1624                  $color = 'red';
1625              }
1626              elseif($remaining < 86400)
1627              {
1628                  $color = 'maroon';
1629              }
1630              elseif($remaining < 604800)
1631              {
1632                  $color = 'green';
1633              }
1634  
1635              $existing_info = $lang->sprintf($lang->moderate_length, $expired, $color);
1636          }
1637          else
1638          {
1639              $existing_info = $lang->moderated_perm;
1640          }
1641      }
1642  
1643      $modpost_div = '<div id="modpost">'.$existing_info.''.$lang->moderate_for.' '.$form->generate_numeric_field("modpost_time", $mybb->get_input('modpost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$modpost_options.'</div>';
1644      $lang->moderate_posts_info = $lang->sprintf($lang->moderate_posts_info, htmlspecialchars_uni($user['username']));
1645      $form_container->output_row($form->generate_check_box("moderateposting", 1, $lang->moderate_posts, array("id" => "moderateposting", "onclick" => "toggleBox('modpost');", "checked" => $mybb->get_input('moderateposting'))), $lang->moderate_posts_info, $modpost_div);
1646  
1647      // Suspend posts
1648      // Generate check box
1649      $suspost_options = $form->generate_select_box('suspost_period', $periods, $mybb->get_input('suspost_period'), array('id' => 'suspost_period'));
1650  
1651      // Do we have any existing suspensions here?
1652      if($user['suspendposting'] || ($mybb->get_input('suspendposting') && !empty($errors)))
1653      {
1654          $mybb->input['suspendposting'] = 1;
1655  
1656          if($user['suspensiontime'] == 0 || $mybb->get_input('suspost_period') == "never")
1657          {
1658              $existing_info = $lang->suspended_perm;
1659          }
1660          else
1661          {
1662              $remaining = $user['suspensiontime']-TIME_NOW;
1663              $suspost_date = nice_time($remaining, array('seconds' => false));
1664  
1665              $color = 'inherit';
1666              if($remaining < 3600)
1667              {
1668                  $color = 'red';
1669              }
1670              elseif($remaining < 86400)
1671              {
1672                  $color = 'maroon';
1673              }
1674              elseif($remaining < 604800)
1675              {
1676                  $color = 'green';
1677              }
1678  
1679              $existing_info = $lang->sprintf($lang->suspend_length, $suspost_date, $color);
1680          }
1681      }
1682  
1683      $suspost_div = '<div id="suspost">'.$existing_info.''.$lang->suspend_for.' '.$form->generate_numeric_field("suspost_time", $mybb->get_input('suspost_time'), array('style' => 'width: 3em;', 'min' => 0)).' '.$suspost_options.'</div>';
1684      $lang->suspend_posts_info = $lang->sprintf($lang->suspend_posts_info, htmlspecialchars_uni($user['username']));
1685      $form_container->output_row($form->generate_check_box("suspendposting", 1, $lang->suspend_posts, array("id" => "suspendposting", "onclick" => "toggleBox('suspost');", "checked" => $mybb->get_input('suspendposting'))), $lang->suspend_posts_info, $suspost_div);
1686  
1687  
1688      $form_container->end();
1689      $plugins->run_hooks("admin_user_users_edit_moderator_options");
1690      echo "</div>\n";
1691  
1692      $plugins->run_hooks("admin_user_users_edit_graph");
1693  
1694      $buttons[] = $form->generate_submit_button($lang->save_user);
1695      $form->output_submit_wrapper($buttons);
1696  
1697      $form->end();
1698  
1699      echo '<script type="text/javascript">
1700  <!--
1701  
1702  function toggleBox(action)
1703  {
1704      if(action == "modpost")
1705      {
1706          $("#suspendposting").attr("checked", false);
1707          $("#suspost").hide();
1708  
1709          if($("#moderateposting").is(":checked") == true)
1710          {
1711              $("#modpost").show();
1712          }
1713          else if($("#moderateposting").is(":checked") == false)
1714          {
1715              $("#modpost").hide();
1716          }
1717      }
1718      else if(action == "suspost")
1719      {
1720          $("#moderateposting").attr("checked", false);
1721          $("#modpost").hide();
1722  
1723          if($("#suspendposting").is(":checked") == true)
1724          {
1725              $("#suspost").show();
1726          }
1727          else if($("#suspendposting").is(":checked") == false)
1728          {
1729              $("#suspost").hide();
1730          }
1731      }
1732  }
1733  
1734  if($("#moderateposting").is(":checked") == false)
1735  {
1736      $("#modpost").hide();
1737  }
1738  else
1739  {
1740      $("#modpost").show();
1741  }
1742  
1743  if($("#suspendposting").is(":checked") == false)
1744  {
1745      $("#suspost").hide();
1746  }
1747  else
1748  {
1749      $("#suspost").show();
1750  }
1751  
1752  // -->
1753  </script>';
1754  
1755      $page->output_footer();
1756  }
1757  
1758  if($mybb->input['action'] == "delete")
1759  {
1760      $user = get_user($mybb->input['uid']);
1761  
1762      // Does the user not exist?
1763      if(!$user)
1764      {
1765          flash_message($lang->error_invalid_user, 'error');
1766          admin_redirect("index.php?module=user-users");
1767      }
1768  
1769      if(is_super_admin($mybb->input['uid']) && $mybb->user['uid'] != $mybb->input['uid'] && !is_super_admin($mybb->user['uid']))
1770      {
1771          flash_message($lang->error_no_perms_super_admin, 'error');
1772          admin_redirect("index.php?module=user-users");
1773      }
1774  
1775      // User clicked no
1776      if($mybb->get_input('no'))
1777      {
1778          admin_redirect("index.php?module=user-users");
1779      }
1780  
1781      $plugins->run_hooks("admin_user_users_delete");
1782  
1783      if($mybb->request_method == "post")
1784      {
1785          $plugins->run_hooks("admin_user_users_delete_commit");
1786  
1787          // Set up user handler.
1788          require_once  MYBB_ROOT.'inc/datahandlers/user.php';
1789          $userhandler = new UserDataHandler('delete');
1790  
1791          // Delete the user
1792          if(!$userhandler->delete_user($user['uid']))
1793          {
1794              flash_message($lang->error_cannot_delete_user, 'error');
1795              admin_redirect("index.php?module=user-users");
1796          }
1797  
1798          $cache->update_awaitingactivation();
1799  
1800          $plugins->run_hooks("admin_user_users_delete_commit_end");
1801  
1802          log_admin_action($user['uid'], $user['username']);
1803  
1804          flash_message($lang->success_user_deleted, 'success');
1805          admin_redirect("index.php?module=user-users");
1806      }
1807      else
1808      {
1809          $page->output_confirm_action("index.php?module=user-users&action=delete&uid={$user['uid']}", $lang->user_deletion_confirmation);
1810      }
1811  }
1812  
1813  if($mybb->input['action'] == "referrers")
1814  {
1815      $page->add_breadcrumb_item($lang->show_referrers);
1816      $page->output_header($lang->show_referrers);
1817  
1818      $sub_tabs['referrers'] = array(
1819          'title' => $lang->show_referrers,
1820          'link' => "index.php?module=user-users&amp;action=referrers&amp;uid={$mybb->input['uid']}",
1821          'description' => $lang->show_referrers_desc
1822      );
1823  
1824      $plugins->run_hooks("admin_user_users_referrers");
1825  
1826      $page->output_nav_tabs($sub_tabs, 'referrers');
1827  
1828      // Fetch default admin view
1829      $default_view = fetch_default_view("user");
1830      if(!$default_view)
1831      {
1832          $default_view = "0";
1833      }
1834      $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
1835      $admin_view = $db->fetch_array($query);
1836  
1837      if(!empty($mybb->input['type']))
1838      {
1839          $admin_view['view_type'] = $mybb->input['type'];
1840      }
1841  
1842      $admin_view['conditions'] = my_unserialize($admin_view['conditions']);
1843      $admin_view['conditions']['referrer'] = $mybb->input['uid'];
1844  
1845      $view = build_users_view($admin_view);
1846  
1847      // No referred users
1848      if(!$view)
1849      {
1850          $table = new Table;
1851          $table->construct_cell($lang->error_no_referred_users);
1852          $table->construct_row();
1853          $table->output($lang->show_referrers);
1854      }
1855      else
1856      {
1857          echo $view;
1858      }
1859  
1860      $page->output_footer();
1861  }
1862  
1863  if($mybb->input['action'] == "ipaddresses")
1864  {
1865      $page->add_breadcrumb_item($lang->ip_addresses);
1866      $page->output_header($lang->ip_addresses);
1867  
1868      $sub_tabs['ipaddresses'] = array(
1869          'title' => $lang->show_ip_addresses,
1870          'link' => "index.php?module=user-users&amp;action=ipaddresses&amp;uid={$mybb->input['uid']}",
1871          'description' => $lang->show_ip_addresses_desc
1872      );
1873  
1874      $plugins->run_hooks("admin_user_users_ipaddresses");
1875  
1876      $page->output_nav_tabs($sub_tabs, 'ipaddresses');
1877  
1878      $query = $db->simple_select("users", "uid, regip, username, lastip", "uid='{$mybb->input['uid']}'", array('limit' => 1));
1879      $user = $db->fetch_array($query);
1880  
1881      // Log admin action
1882      log_admin_action($user['uid'], $user['username']);
1883  
1884      $table = new Table;
1885  
1886      $table->construct_header($lang->ip_address);
1887      $table->construct_header($lang->controls, array('width' => 200, 'class' => "align_center"));
1888  
1889      if(empty($user['lastip']))
1890      {
1891          $user['lastip'] = $lang->unknown;
1892          $controls = '';
1893      }
1894      else
1895      {
1896          $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip']));
1897          $popup = new PopupMenu("user_last", $lang->options);
1898          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;action=search&amp;results=1&amp;conditions[regip]=".$user['lastip']);
1899          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['lastip']);
1900          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['lastip']}', null, true); return false;");
1901          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['lastip']}");
1902          $controls = $popup->fetch();
1903      }
1904      $table->construct_cell("<strong>{$lang->last_known_ip}:</strong> ".$user['lastip']);
1905      $table->construct_cell($controls, array('class' => "align_center"));
1906      $table->construct_row();
1907  
1908      if(empty($user['regip']))
1909      {
1910          $user['regip'] = $lang->unknown;
1911          $controls = '';
1912      }
1913      else
1914      {
1915          $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip']));
1916          $popup = new PopupMenu("user_reg", $lang->options);
1917          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$user['regip']);
1918          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$user['regip']);
1919          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$user['regip']}', null, true); return false;");
1920          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$user['regip']}");
1921          $controls = $popup->fetch();
1922      }
1923      $table->construct_cell("<strong>{$lang->registration_ip}:</strong> ".$user['regip']);
1924      $table->construct_cell($controls, array('class' => "align_center"));
1925      $table->construct_row();
1926  
1927      $counter = 0;
1928  
1929      $query = $db->simple_select("posts", "DISTINCT ipaddress", "uid='{$mybb->input['uid']}'");
1930      while($ip = $db->fetch_array($query))
1931      {
1932          ++$counter;
1933          $ip['ipaddress'] = my_inet_ntop($db->unescape_binary($ip['ipaddress']));
1934          $popup = new PopupMenu("id_{$counter}", $lang->options);
1935          $popup->add_item($lang->show_users_regged_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[regip]=".$ip['ipaddress']);
1936          $popup->add_item($lang->show_users_posted_with_ip, "index.php?module=user-users&amp;results=1&amp;action=search&amp;conditions[postip]=".$ip['ipaddress']);
1937          $popup->add_item($lang->info_on_ip, "index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}", "MyBB.popupWindow('index.php?module=user-users&amp;action=iplookup&ipaddress={$ip['ipaddress']}', null, true); return false;");
1938          $popup->add_item($lang->ban_ip, "index.php?module=config-banning&amp;filter={$ip['ipaddress']}");
1939          $controls = $popup->fetch();
1940  
1941          $table->construct_cell($ip['ipaddress']);
1942          $table->construct_cell($controls, array('class' => "align_center"));
1943          $table->construct_row();
1944      }
1945  
1946      $table->output($lang->ip_address_for.' '.htmlspecialchars_uni($user['username']));
1947  
1948      $page->output_footer();
1949  }
1950  
1951  if($mybb->input['action'] == "merge")
1952  {
1953      $plugins->run_hooks("admin_user_users_merge");
1954  
1955      if($mybb->request_method == "post")
1956      {
1957          foreach(array('source', 'destination') as $target)
1958          {
1959              ${$target.'_user'} = get_user_by_username($mybb->input[$target.'_username'], array('fields' => '*'));
1960              if(empty(${$target.'_user'}['uid']))
1961              {
1962                  $errors[] = $lang->{'error_invalid_user_'.$target};
1963              }
1964          }
1965  
1966          // If we're not a super admin and we're merging a source super admin or a destination super admin then dissallow this action
1967          if(!is_super_admin($mybb->user['uid']) && (is_super_admin($source_user['uid']) || is_super_admin($destination_user['uid'])))
1968          {
1969              flash_message($lang->error_no_perms_super_admin, 'error');
1970              admin_redirect("index.php?module=user-users");
1971          }
1972  
1973          if((!empty($source_user)) && !empty($destination_user) && $source_user['uid'] == $destination_user['uid'] && !empty($source_user['uid']))
1974          {
1975              $errors[] = $lang->error_cannot_merge_same_account;
1976          }
1977  
1978          if(empty($errors))
1979          {
1980              // Begin to merge the accounts
1981              $uid_update = array(
1982                  "uid" => $destination_user['uid']
1983              );
1984              $query = $db->simple_select("adminoptions", "uid", "uid='{$destination_user['uid']}'");
1985              $existing_admin_options = $db->fetch_field($query, "uid");
1986  
1987              // Only carry over admin options/permissions if we don't already have them
1988              if(!$existing_admin_options)
1989              {
1990                  $db->update_query("adminoptions", $uid_update, "uid='{$source_user['uid']}'");
1991              }
1992  
1993              $db->update_query("adminlog", $uid_update, "uid='{$source_user['uid']}'");
1994              $db->update_query("announcements", $uid_update, "uid='{$source_user['uid']}'");
1995              $db->update_query("events", $uid_update, "uid='{$source_user['uid']}'");
1996              $db->update_query("threadsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
1997              $db->update_query("forumsubscriptions", $uid_update, "uid='{$source_user['uid']}'");
1998              $db->update_query("joinrequests", $uid_update, "uid='{$source_user['uid']}'");
1999              $db->update_query("moderatorlog", $uid_update, "uid='{$source_user['uid']}'");
2000              $db->update_query("pollvotes", $uid_update, "uid='{$source_user['uid']}'");
2001              $db->update_query("posts", $uid_update, "uid='{$source_user['uid']}'");
2002              $db->update_query("privatemessages", $uid_update, "uid='{$source_user['uid']}'");
2003              $db->update_query("reportedcontent", $uid_update, "uid='{$source_user['uid']}'");
2004              $db->update_query("threads", $uid_update, "uid='{$source_user['uid']}'");
2005              $db->update_query("warnings", $uid_update, "uid='{$source_user['uid']}'");
2006              $db->update_query("warnings", array("revokedby" => $destination_user['uid']), "revokedby='{$source_user['uid']}'");
2007              $db->update_query("warnings", array("issuedby" => $destination_user['uid']), "issuedby='{$source_user['uid']}'");
2008  
2009              // Thread ratings
2010              merge_thread_ratings($source_user['uid'], $destination_user['uid']);
2011  
2012              // Banning
2013              switch($db->type)
2014              {
2015                  case 'mysql':
2016                  case 'mysqli':
2017                      $where = "`admin` = '{$source_user['uid']}'";
2018                      break;
2019                  default:
2020                      $where = "admin = '{$source_user['uid']}'";
2021                      break;
2022              }
2023              $db->update_query("banned", array('admin' => $destination_user['uid']), $where);
2024  
2025              // Carry over referrals
2026              $db->update_query("users", array("referrer" => $destination_user['uid']), "referrer='{$source_user['uid']}' AND uid!='{$destination_user['uid']}'");
2027              // If destination user has no referrer but source does and source user was not referred by destination user
2028              // or destination user was referred by the source user
2029              if(($destination_user['referrer'] == 0 && $source_user['referrer'] > 0 && $source_user['referrer'] != $destination_user['uid']) || $destination_user['referrer'] == $source_user['uid'])
2030              {
2031                  $db->update_query("users", array("referrer" => $source_user['referrer']), "uid='{$destination_user['uid']}'");
2032              }
2033              $query = $db->simple_select("users", "COUNT(uid) as total_referrals", "referrer='{$destination_user['uid']}' AND uid!='{$source_user['uid']}'");
2034              $new_referrals = $db->fetch_field($query, "total_referrals");
2035              $db->update_query("users", array("referrals" => (int)$new_referrals), "uid='{$destination_user['uid']}'");
2036  
2037              // Merging Reputation
2038              // First, let's change all the details over to our new user...
2039              $db->update_query("reputation", array("adduid" => $destination_user['uid']), "adduid = '".$source_user['uid']."'");
2040              $db->update_query("reputation", array("uid" => $destination_user['uid']), "uid = '".$source_user['uid']."'");
2041  
2042              // Now that all the repuation is merged, figure out what to do with this user's comments...
2043              $options = array(
2044                  "order_by" => "uid",
2045                  "order_dir" => "ASC"
2046              );
2047  
2048              $to_remove = array();
2049              $query = $db->simple_select("reputation", "*", "adduid = '".$destination_user['uid']."'", $options);
2050              while($rep = $db->fetch_array($query))
2051              {
2052                  if($rep['pid'] == 0 && $mybb->settings['multirep'] == 0 && $last_result['uid'] == $rep['uid'])
2053                  {
2054                      // Multiple reputation is disallowed, and this isn't a post, so let's remove this comment
2055                      $to_remove[] = $rep['rid'];
2056                  }
2057  
2058                  // Remove comments or posts liked by "me"
2059                  if($last_result['uid'] == $destination_user['uid'] || $rep['uid'] == $destination_user['uid'])
2060                  {
2061                      if(!in_array($rep['rid'], $to_remove))
2062                      {
2063                          $to_remove[] = $rep['rid'];
2064                          continue;
2065                      }
2066                  }
2067  
2068                  $last_result = array(
2069                      "rid" => $rep['rid'],
2070                      "uid" => $rep['uid']
2071                  );
2072              }
2073  
2074              // Remove any reputations we've selected to remove...
2075              if(!empty($to_remove))
2076              {
2077                  $imp = implode(",", $to_remove);
2078                  $db->delete_query("reputation", "rid IN (".$imp.")");
2079              }
2080  
2081              // Calculate the new reputation for this user...
2082              $query = $db->simple_select("reputation", "SUM(reputation) as total_rep", "uid='{$destination_user['uid']}'");
2083              $total_reputation = $db->fetch_field($query, "total_rep");
2084  
2085              $db->update_query("users", array('reputation' => (int)$total_reputation), "uid='{$destination_user['uid']}'");
2086  
2087              // Calculate warning points
2088              $query = $db->query("
2089                  SELECT SUM(points) as warn_lev
2090                  FROM ".TABLE_PREFIX."warnings
2091                  WHERE uid='{$source_user['uid']}' AND expired='0'
2092              ");
2093              $original_warn_level = $db->fetch_field($query, "warn_lev");
2094  
2095              $query = $db->query("
2096                  SELECT SUM(points) as warn_lev
2097                  FROM ".TABLE_PREFIX."warnings
2098                  WHERE uid='{$destination_user['uid']}' AND expired='0'
2099              ");
2100              $new_warn_level = $db->fetch_field($query, "warn_lev");
2101              $db->update_query("users", array("warningpoints" => (int)$original_warn_level + $new_warn_level), "uid='{$destination_user['uid']}'");
2102  
2103              // Additional updates for non-uid fields
2104              $last_poster = array(
2105                  "lastposteruid" => $destination_user['uid'],
2106                  "lastposter" => $db->escape_string($destination_user['username'])
2107              );
2108              $db->update_query("forums", $last_poster, "lastposteruid='{$source_user['uid']}'");
2109              $db->update_query("threads", $last_poster, "lastposteruid='{$source_user['uid']}'");
2110              $edit_uid = array(
2111                  "edituid" => $destination_user['uid']
2112              );
2113              $db->update_query("posts", $edit_uid, "edituid='{$source_user['uid']}'");
2114  
2115              $from_uid = array(
2116                  "fromid" => $destination_user['uid']
2117              );
2118              $db->update_query("privatemessages", $from_uid, "fromid='{$source_user['uid']}'");
2119              $to_uid = array(
2120                  "toid" => $destination_user['uid']
2121              );
2122              $db->update_query("privatemessages", $to_uid, "toid='{$source_user['uid']}'");
2123  
2124              // Buddy/ignore lists
2125              $destination_buddies = explode(',', $destination_user['buddylist']);
2126              $source_buddies = explode(',', $source_user['buddylist']);
2127              $buddies = array_unique(array_merge($source_buddies, $destination_buddies));
2128              // Make sure the new buddy list doesn't contain either users
2129              $buddies_array = array_diff($buddies, array($destination_user['uid'], $source_user['uid']));
2130  
2131              $destination_ignored = explode(',', $destination_user['ignorelist']);
2132              $source_ignored = explode(',', $destination_user['ignorelist']);
2133              $ignored = array_unique(array_merge($source_ignored, $destination_ignored));
2134              // ... and the same for the new ignore list
2135              $ignored_array = array_diff($ignored, array($destination_user['uid'], $source_user['uid']));
2136  
2137              // Remove any ignored users from the buddy list
2138              $buddies = array_diff($buddies_array, $ignored_array);
2139              // implode the arrays so we get a nice neat list for each
2140              $buddies = trim(implode(',', $buddies), ',');
2141              $ignored = trim(implode(',', $ignored_array), ',');
2142  
2143              $lists = array(
2144                  "buddylist" => $buddies,
2145                  "ignorelist" => $ignored
2146              );
2147              $db->update_query("users", $lists, "uid='{$destination_user['uid']}'");
2148  
2149              // Get a list of forums where post count doesn't apply
2150              $fids = array();
2151              $query = $db->simple_select("forums", "fid", "usepostcounts=0");
2152              while($fid = $db->fetch_field($query, "fid"))
2153              {
2154                  $fids[] = $fid;
2155              }
2156  
2157              $fids_not_in = '';
2158              if(!empty($fids))
2159              {
2160                  $fids_not_in = "AND fid NOT IN(".implode(',', $fids).")";
2161              }
2162  
2163              // Update user post count
2164              $query = $db->simple_select("posts", "COUNT(*) AS postnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2165              $num = $db->fetch_array($query);
2166              $updated_count = array(
2167                  "postnum" => $num['postnum']
2168              );
2169              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2170  
2171              // Update user thread count
2172              $query = $db->simple_select("threads", "COUNT(*) AS threadnum", "uid='".$destination_user['uid']."' {$fids_not_in}");
2173              $num = $db->fetch_array($query);
2174              $updated_count = array(
2175                  "threadnum" => $num['threadnum']
2176              );
2177              $db->update_query("users", $updated_count, "uid='{$destination_user['uid']}'");
2178  
2179              // Use the earliest registration date
2180              if($destination_user['regdate'] > $source_user['regdate'])
2181              {
2182                  $db->update_query("users", array('regdate' => $source_user['regdate']), "uid='{$destination_user['uid']}'");
2183              }
2184  
2185              $plugins->run_hooks("admin_user_users_merge_commit");
2186  
2187              // Set up user handler.
2188              require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2189              $userhandler = new UserDataHandler('delete');
2190  
2191              // Delete the old user
2192              $userhandler->delete_user($source_user['uid']);
2193  
2194              $cache->update_awaitingactivation();
2195  
2196              // Log admin action
2197              log_admin_action($source_user['uid'], $source_user['username'], $destination_user['uid'], $destination_user['username']);
2198  
2199              // Redirect!
2200              $username = htmlspecialchars_uni($source_user['username']);
2201              $destination_username = htmlspecialchars_uni($destination_user['username']);
2202              flash_message("<strong>{$username}</strong> {$lang->success_merged} {$destination_username}", "success");
2203              admin_redirect("index.php?module=user-users");
2204              exit;
2205          }
2206      }
2207  
2208      $page->add_breadcrumb_item($lang->merge_users);
2209      $page->output_header($lang->merge_users);
2210  
2211      $page->output_nav_tabs($sub_tabs, 'merge_users');
2212  
2213      // If we have any error messages, show them
2214      if($errors)
2215      {
2216          $page->output_inline_error($errors);
2217      }
2218  
2219      $form = new Form("index.php?module=user-users&amp;action=merge", "post");
2220  
2221      $form_container = new FormContainer($lang->merge_users);
2222      $form_container->output_row($lang->source_account." <em>*</em>", $lang->source_account_desc, $form->generate_text_box('source_username', $mybb->get_input('source_username'), array('id' => 'source_username')), 'source_username');
2223      $form_container->output_row($lang->destination_account." <em>*</em>", $lang->destination_account_desc, $form->generate_text_box('destination_username', $mybb->get_input('destination_username'), array('id' => 'destination_username')), 'destination_username');
2224      $form_container->end();
2225  
2226      // Autocompletion for usernames
2227      echo '
2228      <link rel="stylesheet" href="../jscripts/select2/select2.css">
2229      <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script>
2230      <script type="text/javascript">
2231      <!--
2232      $("#source_username").select2({
2233          placeholder: "'.$lang->search_for_a_user.'",
2234          minimumInputLength: 2,
2235          multiple: false,
2236          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2237              url: "../xmlhttp.php?action=get_users",
2238              dataType: \'json\',
2239              data: function (term, page) {
2240                  return {
2241                      query: term // search term
2242                  };
2243              },
2244              results: function (data, page) { // parse the results into the format expected by Select2.
2245                  // since we are using custom formatting functions we do not need to alter remote JSON data
2246                  return {results: data};
2247              }
2248          },
2249          initSelection: function(element, callback) {
2250              var query = $(element).val();
2251              if (query !== "") {
2252                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2253                      data: {
2254                          query: query
2255                      },
2256                      dataType: "json"
2257                  }).done(function(data) { callback(data); });
2258              }
2259          }
2260      });
2261      $("#destination_username").select2({
2262          placeholder: "'.$lang->search_for_a_user.'",
2263          minimumInputLength: 2,
2264          multiple: false,
2265          ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
2266              url: "../xmlhttp.php?action=get_users",
2267              dataType: \'json\',
2268              data: function (term, page) {
2269                  return {
2270                      query: term // search term
2271                  };
2272              },
2273              results: function (data, page) { // parse the results into the format expected by Select2.
2274                  // since we are using custom formatting functions we do not need to alter remote JSON data
2275                  return {results: data};
2276              }
2277          },
2278          initSelection: function(element, callback) {
2279              var query = $(element).val();
2280              if (query !== "") {
2281                  $.ajax("../xmlhttp.php?action=get_users&getone=1", {
2282                      data: {
2283                          query: query
2284                      },
2285                      dataType: "json"
2286                  }).done(function(data) { callback(data); });
2287              }
2288          }
2289      });
2290      // -->
2291      </script>';
2292  
2293      $buttons[] = $form->generate_submit_button($lang->merge_user_accounts);
2294      $form->output_submit_wrapper($buttons);
2295      $form->end();
2296  
2297      $page->output_footer();
2298  }
2299  
2300  if($mybb->input['action'] == "search")
2301  {
2302      $plugins->run_hooks("admin_user_users_search");
2303  
2304      if($mybb->request_method == "post" || $mybb->get_input('results') == 1)
2305      {
2306          // Build view options from incoming search options
2307          if($mybb->get_input('vid'))
2308          {
2309              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
2310              $admin_view = $db->fetch_array($query);
2311              // View does not exist or this view is private and does not belong to the current user
2312              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
2313              {
2314                  unset($admin_view);
2315              }
2316          }
2317  
2318          if($mybb->get_input('search_id') && $admin_session['data']['user_views'][$mybb->get_input('search_id')])
2319          {
2320              $admin_view = $admin_session['data']['user_views'][$mybb->get_input('search_id')];
2321              unset($admin_view['extra_sql']);
2322          }
2323  
2324          // Don't have a view? Fetch the default
2325          if(!isset($admin_view) || !$admin_view['vid'])
2326          {
2327              $default_view = fetch_default_view("user");
2328              if(!$default_view)
2329              {
2330                  $default_view = "0";
2331              }
2332              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
2333              $admin_view = $db->fetch_array($query);
2334          }
2335  
2336          // Override specific parts of the view
2337          unset($admin_view['vid']);
2338  
2339          if($mybb->get_input('type'))
2340          {
2341              $admin_view['view_type'] = $mybb->get_input('type');
2342          }
2343  
2344          if(!empty($mybb->input['conditions']))
2345          {
2346              $admin_view['conditions'] = $mybb->get_input('conditions', MyBB::INPUT_ARRAY);
2347          }
2348  
2349          if($mybb->get_input('sortby'))
2350          {
2351              $admin_view['sortby'] = $mybb->get_input('sortby');
2352          }
2353  
2354          if($mybb->get_input('perpage', MyBB::INPUT_INT))
2355          {
2356              $admin_view['perpage'] = $mybb->get_input('perpage');
2357          }
2358  
2359          if($mybb->get_input('order'))
2360          {
2361              $admin_view['sortorder'] = $mybb->get_input('order');
2362          }
2363  
2364          if($mybb->get_input('displayas'))
2365          {
2366              $admin_view['view_type'] = $mybb->get_input('displayas');
2367          }
2368  
2369          if(!empty($mybb->input['profile_fields']))
2370          {
2371              $admin_view['custom_profile_fields'] = $mybb->get_input('profile_fields', MyBB::INPUT_ARRAY);
2372          }
2373  
2374          $plugins->run_hooks("admin_user_users_search_commit");
2375  
2376          $results = build_users_view($admin_view);
2377  
2378          if($results)
2379          {
2380              $page->output_header($lang->find_users);
2381              echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
2382              $page->output_nav_tabs($sub_tabs, 'find_users');
2383              echo $results;
2384              $page->output_footer();
2385          }
2386          else
2387          {
2388              if($mybb->get_input('from') == "home")
2389              {
2390                  flash_message($lang->error_no_users_found, 'error');
2391                  admin_redirect("index.php");
2392                  exit;
2393              }
2394              else
2395              {
2396                  $errors[] = $lang->error_no_users_found;
2397              }
2398          }
2399      }
2400  
2401      $page->add_breadcrumb_item($lang->find_users);
2402      $page->output_header($lang->find_users);
2403  
2404      $page->output_nav_tabs($sub_tabs, 'find_users');
2405  
2406      // If we have any error messages, show them
2407      if($errors)
2408      {
2409          $page->output_inline_error($errors);
2410      }
2411  
2412      if(!$mybb->get_input('displayas'))
2413      {
2414          $mybb->input['displayas'] = "card";
2415      }
2416  
2417      $form = new Form("index.php?module=user-users&amp;action=search", "post");
2418  
2419      user_search_conditions($mybb->input, $form);
2420  
2421      $form_container = new FormContainer($lang->display_options);
2422      $sort_directions = array(
2423          "asc" => $lang->ascending,
2424          "desc" => $lang->descending
2425      );
2426      $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->get_input('sortby'), array('id' => 'sortby'))." {$lang->in} ".$form->generate_select_box('order', $sort_directions, $mybb->get_input('order'), array('id' => 'order')), 'sortby');
2427      $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->get_input('perpage'), array('id' => 'perpage', 'min' => 1)), 'perpage');
2428      $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('displayas', 'table', $lang->table, array('checked' => ($mybb->get_input('displayas') != "card" ? true : false)))."<br />".$form->generate_radio_button('displayas', 'card', $lang->business_card, array('checked' => ($mybb->get_input('displayas') == "card" ? true : false))));
2429      $form_container->end();
2430  
2431      $buttons[] = $form->generate_submit_button($lang->find_users);
2432      $form->output_submit_wrapper($buttons);
2433      $form->end();
2434  
2435      $page->output_footer();
2436  }
2437  
2438  if($mybb->input['action'] == "inline_edit")
2439  {
2440      $plugins->run_hooks("admin_user_users_inline");
2441  
2442      if(!empty($mybb->input['vid']) || !empty($mybb->cookies['acp_view']))
2443      {
2444          // We have a custom view
2445          if(empty($mybb->cookies['acp_view']))
2446          {
2447              // Set a cookie
2448              my_setcookie("acp_view", $mybb->input['vid'], 60);
2449          }
2450          else
2451          {
2452              // We already have a cookie, so let's use it...
2453              $mybb->input['vid'] = $mybb->cookies['acp_view'];
2454          }
2455  
2456          $vid_url = "&amp;vid=".$mybb->get_input('vid');
2457      }
2458      else
2459      {
2460          $vid_url = null;
2461      }
2462  
2463      // First, collect the user IDs that we're performing the moderation on
2464      $selected = array();
2465      if(isset($mybb->cookies['inlinemod_useracp']))
2466      {
2467          $ids = explode("|", $mybb->cookies['inlinemod_useracp']);
2468          foreach($ids as $id)
2469          {
2470              if($id != '')
2471              {
2472                  $selected[] = (int)$id;
2473              }
2474          }
2475      }
2476  
2477      // Verify incoming POST request
2478      if(!verify_post_check($mybb->get_input('my_post_key')))
2479      {
2480          flash_message($lang->invalid_post_verify_key2, 'error');
2481          admin_redirect("index.php?module=user-user");
2482      }
2483      $sub_tabs['manage_users'] = array(
2484          "title" => $lang->manage_users,
2485          "link" => "./",
2486          "description" => $lang->manage_users_desc
2487      );
2488      $page->add_breadcrumb_item($lang->manage_users);
2489  
2490      if(empty($selected))
2491      {
2492          // Not selected any users, show error
2493          flash_message($lang->error_inline_no_users_selected, 'error');
2494          admin_redirect("index.php?module=user-users".$vid_url);
2495      }
2496  
2497      switch($mybb->input['inline_action'])
2498      {
2499          case 'multiactivate':
2500              // Run through the activating users, so that users already registered (but have been selected) aren't affected
2501              if(is_array($selected))
2502              {
2503                  $sql_array = implode(",", $selected);
2504                  $query = $db->simple_select("users", "uid, username, email", "usergroup = '5' AND uid IN (".$sql_array.")");
2505                  $user_mail_data = array();
2506                  while($user = $db->fetch_array($query))
2507                  {
2508                      $to_update[] = $user['uid'];
2509                      $user_mail_data[] = array('username' => $user['username'], 'email' => $user['email']);
2510                  }
2511              }
2512  
2513              $plugins->run_hooks("admin_user_multiactivate", $to_update);
2514  
2515              if(isset($to_update) && is_array($to_update))
2516              {
2517                  $sql_array = implode(",", $to_update);
2518                  $db->write_query("UPDATE ".TABLE_PREFIX."users SET usergroup = '2' WHERE uid IN (".$sql_array.")");
2519  
2520                  $cache->update_awaitingactivation();
2521  
2522                  // send activation mail
2523                  foreach($user_mail_data as $mail_data)
2524                  {
2525                      $message = $lang->sprintf($lang->email_adminactivateaccount, $mail_data['username'], $mybb->settings['bbname'], $mybb->settings['bburl']);
2526                      my_mail($mail_data['email'], $lang->sprintf($lang->emailsubject_activateaccount, $mybb->settings['bbname']), $message);
2527                  }
2528  
2529                  // Action complete, grab stats and show success message - redirect user
2530                  $to_update_count = count($to_update);
2531                  $lang->inline_activated = $lang->sprintf($lang->inline_activated, my_number_format($to_update_count));
2532  
2533                  if(is_array($selected) && $to_update_count != count($selected))
2534                  {
2535                      // The update count is different to how many we selected!
2536                      $not_updated_count = count($selected) - $to_update_count;
2537                      $lang->inline_activated_more = $lang->sprintf($lang->inline_activated_more, my_number_format($not_updated_count));
2538                      $lang->inline_activated = $lang->inline_activated."<br />".$lang->inline_activated_more; // Add these stats to the message
2539                  }
2540  
2541                  $mybb->input['action'] = "inline_activated"; // Force a change to the action so we can add it to the adminlog
2542                  log_admin_action($to_update_count); // Add to adminlog
2543                  my_unsetcookie("inlinemod_useracp"); // Unset the cookie, so that the users aren't still selected when we're redirected
2544  
2545                  flash_message($lang->inline_activated, 'success');
2546                  admin_redirect("index.php?module=user-users".$vid_url);
2547              }
2548              else
2549              {
2550                  // Nothing was updated, show an error
2551                  flash_message($lang->inline_activated_failed, 'error');
2552                  admin_redirect("index.php?module=user-users".$vid_url);
2553              }
2554              break;
2555          case 'multilift':
2556              // Get the users that are banned, and check that they have been selected
2557              if($mybb->get_input('no'))
2558              {
2559                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No'
2560              }
2561  
2562              if($mybb->request_method == "post")
2563              {
2564                  $sql_array = implode(",", $selected);
2565                  $query = $db->simple_select("banned", "*", "uid IN (".$sql_array.")");
2566                  $to_be_unbanned = $db->num_rows($query);
2567                  while($ban = $db->fetch_array($query))
2568                  {
2569                      $updated_group = array(
2570                          "usergroup" => $ban['oldgroup'],
2571                          "additionalgroups" => $db->escape_string($ban['oldadditionalgroups']),
2572                          "displaygroup" => $ban['olddisplaygroup']
2573                      );
2574                      $db->update_query("users", $updated_group, "uid = '".$ban['uid']."'");
2575                      $db->delete_query("banned", "uid = '".$ban['uid']."'");
2576                  }
2577  
2578                  $cache->update_moderators();
2579  
2580                  $mybb->input['action'] = "inline_lift";
2581                  log_admin_action($to_be_unbanned);
2582                  my_unsetcookie("inlinemod_useracp");
2583  
2584                  $lang->success_ban_lifted = $lang->sprintf($lang->success_ban_lifted, my_number_format($to_be_unbanned));
2585                  flash_message($lang->success_ban_lifted, 'success');
2586                  admin_redirect("index.php?module=user-users".$vid_url);
2587              }
2588              else
2589              {
2590                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift", $lang->confirm_multilift);
2591              }
2592  
2593              break;
2594          case 'multiban':
2595              if($mybb->input['processed'] == 1)
2596              {
2597                  // We've posted ban information!
2598                  // Build an array of users to ban, =D
2599                  $sql_array = implode(",", $selected);
2600                  // Build a cache array for this users that have been banned already
2601                  $query = $db->simple_select("banned", "uid", "uid IN (".$sql_array.")");
2602                  while($user = $db->fetch_array($query))
2603                  {
2604                      $bannedcache[] = "u_".$user['uid'];
2605                  }
2606  
2607                  // Collect the users
2608                  $query = $db->simple_select("users", "uid, username, usergroup, additionalgroups, displaygroup", "uid IN (".$sql_array.")");
2609  
2610                  if($mybb->input['bantime'] == '---')
2611                  {
2612                      $lifted = 0;
2613                  }
2614                  else
2615                  {
2616                      $lifted = ban_date2timestamp($mybb->input['bantime']);
2617                  }
2618  
2619                  $reason = my_substr($mybb->input['reason'], 0, 255);
2620  
2621                  $banned_count = 0;
2622                  while($user = $db->fetch_array($query))
2623                  {
2624                      if($user['uid'] == $mybb->user['uid'] || is_super_admin($user['uid']))
2625                      {
2626                          // We remove ourselves and Super Admins from the mix
2627                          continue;
2628                      }
2629  
2630                      if(is_array($bannedcache) && in_array("u_".$user['uid'], $bannedcache))
2631                      {
2632                          // User already has a ban, update it!
2633                          $update_array = array(
2634                              "admin" => (int)$mybb->user['uid'],
2635                              "dateline" => TIME_NOW,
2636                              "bantime" => $db->escape_string($mybb->input['bantime']),
2637                              "lifted" => $db->escape_string($lifted),
2638                              "reason" => $db->escape_string($reason)
2639                          );
2640                          $db->update_query("banned", $update_array, "uid = '".$user['uid']."'");
2641                      }
2642                      else
2643                      {
2644                          // Not currently banned - insert the ban
2645                          $insert_array = array(
2646                              'uid' => $user['uid'],
2647                              'gid' => $mybb->get_input('usergroup', MyBB::INPUT_INT),
2648                              'oldgroup' => $user['usergroup'],
2649                              'oldadditionalgroups' => $db->escape_string($user['additionalgroups']),
2650                              'olddisplaygroup' => $user['displaygroup'],
2651                              'admin' => (int)$mybb->user['uid'],
2652                              'dateline' => TIME_NOW,
2653                              'bantime' => $db->escape_string($mybb->input['bantime']),
2654                              'lifted' => $db->escape_string($lifted),
2655                              'reason' => $db->escape_string($reason)
2656                          );
2657                          $db->insert_query('banned', $insert_array);
2658                      }
2659  
2660                      // Moved the user to the 'Banned' Group
2661                      $update_array = array(
2662                          'usergroup' => 7,
2663                          'displaygroup' => 0,
2664                          'additionalgroups' => '',
2665                      );
2666                      $db->update_query('users', $update_array, "uid = '{$user['uid']}'");
2667  
2668                      $db->delete_query("forumsubscriptions", "uid = '{$user['uid']}'");
2669                      $db->delete_query("threadsubscriptions", "uid = '{$user['uid']}'");
2670  
2671                      ++$banned_count;
2672                  }
2673                  $mybb->input['action'] = "inline_banned";
2674                  log_admin_action($banned_count, $lifted);
2675                  my_unsetcookie("inlinemod_useracp"); // Remove the cookie of selected users as we've finished with them
2676  
2677                  $lang->users_banned = $lang->sprintf($lang->users_banned, $banned_count);
2678                  flash_message($lang->users_banned, 'success');
2679                  admin_redirect("index.php?module=user-users".$vid_url);
2680              }
2681  
2682              $page->output_header($lang->manage_users);
2683              $page->output_nav_tabs($sub_tabs, 'manage_users');
2684  
2685              // Provide the user with a warning of what they're about to do
2686              $table = new Table;
2687              $lang->mass_ban_info = $lang->sprintf($lang->mass_ban_info, count($selected));
2688              $table->construct_cell($lang->mass_ban_info);
2689              $table->construct_row();
2690              $table->output($lang->important);
2691  
2692              // If there's any errors, display inline
2693              if($errors)
2694              {
2695                  $page->output_inline_error($errors);
2696              }
2697  
2698              $form = new Form("index.php?module=user-users", "post");
2699              echo $form->generate_hidden_field('action', 'inline_edit');
2700              echo $form->generate_hidden_field('inline_action', 'multiban');
2701              echo $form->generate_hidden_field('processed', '1');
2702  
2703              $form_container = new FormContainer('<div class="float_right"><a href="index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multilift&amp;my_post_key='.$mybb->post_code.'">'.$lang->lift_bans.'</a></div>'.$lang->mass_ban);
2704              $form_container->output_row($lang->ban_reason, "", $form->generate_text_area('reason', $mybb->input['reason'], array('id' => 'reason', 'maxlength' => '255')), 'reason');
2705              $ban_times = fetch_ban_times();
2706              foreach($ban_times as $time => $period)
2707              {
2708                  if($time != '---')
2709                  {
2710                      $friendly_time = my_date("D, jS M Y @ {$mybb->settings['timeformat']}", ban_date2timestamp($time));
2711                      $period = "{$period} ({$friendly_time})";
2712                  }
2713                  $length_list[$time] = $period;
2714              }
2715              $form_container->output_row($lang->ban_time, "", $form->generate_select_box('bantime', $length_list, $mybb->input['bantime'], array('id' => 'bantime')), 'bantime');
2716              $form_container->end();
2717  
2718              $buttons[] = $form->generate_submit_button($lang->ban_users);
2719              $form->output_submit_wrapper($buttons);
2720              $form->end();
2721              $page->output_footer();
2722              break;
2723          case 'multidelete':
2724              if($mybb->get_input('no'))
2725              {
2726                  admin_redirect("index.php?module=user-users".$vid_url); // User clicked on 'No
2727              }
2728              else
2729              {
2730                  if(isset($mybb->input['processed']))
2731                  {
2732                      // Set up user handler.
2733                      require_once  MYBB_ROOT.'inc/datahandlers/user.php';
2734                      $userhandler = new UserDataHandler('delete');
2735  
2736                      // Delete users
2737                      $deleted = $userhandler->delete_user($selected);
2738                      $to_be_deleted = $deleted['deleted_users']; // Get the correct number of deleted users
2739  
2740                      // Update forum stats, remove the cookie and redirect the user
2741                      my_unsetcookie("inlinemod_useracp");
2742                      $mybb->input['action'] = "inline_delete";
2743                      log_admin_action($to_be_deleted);
2744  
2745                      $lang->users_deleted = $lang->sprintf($lang->users_deleted, $to_be_deleted);
2746  
2747                      $cache->update_awaitingactivation();
2748  
2749                      flash_message($lang->users_deleted, 'success');
2750                      admin_redirect("index.php?module=user-users".$vid_url);
2751                  }
2752  
2753                  $to_be_deleted = count($selected);
2754                  $lang->confirm_multidelete = $lang->sprintf($lang->confirm_multidelete, my_number_format($to_be_deleted));
2755                  $page->output_confirm_action("index.php?module=user-users&amp;action=inline_edit&amp;inline_action=multidelete&amp;my_post_key={$mybb->post_code}&amp;processed=1", $lang->confirm_multidelete);
2756              }
2757              break;
2758          case 'multiprune':
2759              if($mybb->input['processed'] == 1)
2760              {
2761                  if(($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year']) && $mybb->input['set'])
2762                  {
2763                      $errors[] = $lang->multi_selected_dates;
2764                  }
2765  
2766                  $day = $mybb->get_input('day', MyBB::INPUT_INT);
2767                  $month = $mybb->get_input('month', MyBB::INPUT_INT);
2768                  $year = $mybb->get_input('year', MyBB::INPUT_INT);
2769  
2770                  // Selected a date - check if the date the user entered is valid
2771                  if($mybb->input['day'] || $mybb->input['month'] || $mybb->input['year'])
2772                  {
2773                      // Is the date sort of valid?
2774                      if($day < 1 || $day > 31 || $month < 1 || $month > 12 || ($month == 2 && $day > 29))
2775                      {
2776                          $errors[] = $lang->incorrect_date;
2777                      }
2778  
2779                      // Check the month
2780                      $months = get_bdays($year);
2781                      if($day > $months[$month-1])
2782                      {
2783                          $errors[] = $lang->incorrect_date;
2784                      }
2785  
2786                      // Check the year
2787                      if($year != 0 && ($year < (date("Y")-100)) || $year > date("Y"))
2788                      {
2789                          $errors[] = $lang->incorrect_date;
2790                      }
2791  
2792                      if(!$errors)
2793                      {
2794                          // No errors, so let's continue and set the date to delete from
2795                          $date = mktime(date('H'), date('i'), date('s'), $month, $day, $year); // Generate a unix time stamp
2796                      }
2797                  }
2798                  elseif($mybb->input['set'] > 0)
2799                  {
2800                      // Set options
2801                      // For this purpose, 1 month = 31 days
2802                      $base_time = 24 * 60 * 60;
2803  
2804                      switch($mybb->input['set'])
2805                      {
2806                          case '1':
2807                              $threshold = $base_time * 31; // 1 month = 31 days, in the standard terms
2808                              break;
2809                          case '2':
2810                              $threshold = $base_time * 93; // 3 months = 31 days * 3
2811                              break;
2812                          case '3':
2813                              $threshold = $base_time * 183; // 6 months = 365 days / 2
2814                              break;
2815                          case '4':
2816                              $threshold = $base_time * 365; // 1 year = 365 days
2817                              break;
2818                          case '5':
2819                              $threshold = $base_time * 548; // 18 months = 365 + 183
2820                              break;
2821                          case '6':
2822                              $threshold = $base_time * 730; // 2 years = 365 * 2
2823                              break;
2824                      }
2825  
2826                      if(!$threshold)
2827                      {
2828                          // An option was entered that isn't in the dropdown box
2829                          $errors[] = $lang->no_set_option;
2830                      }
2831                      else
2832                      {
2833                          $date = TIME_NOW - $threshold;
2834                      }
2835                  }
2836                  else
2837                  {
2838                      $errors[] = $lang->no_prune_option;
2839                  }
2840  
2841                  if(!$errors)
2842                  {
2843                      $sql_array = implode(",", $selected);
2844                      $prune_array = array();
2845                      $query = $db->simple_select("users", "uid", "uid IN (".$sql_array.")");
2846                      while($user = $db->fetch_array($query))
2847                      {
2848                          // Protect Super Admins
2849                          if(is_super_admin($user['uid']) && !is_super_admin($mybb->user['uid']))
2850                          {
2851                              continue;
2852                          }
2853  
2854                          $return_array = delete_user_posts($user['uid'], $date); // Delete user posts, and grab a list of threads to delete
2855                          if($return_array && is_array($return_array))
2856                          {
2857                              $prune_array = array_merge_recursive($prune_array, $return_array);
2858                          }
2859                      }
2860  
2861                      $plugins->run_hooks("admin_user_multiprune_threads", $prune_array);
2862  
2863                      // No posts were found for the user, return error
2864                      if(!is_array($prune_array) || count($prune_array) == 0)
2865                      {
2866                          flash_message($lang->prune_fail, 'error');
2867                          admin_redirect("index.php?module=user-users".$vid_url);
2868                      }
2869  
2870                      // Require the rebuild functions
2871                      require_once  MYBB_ROOT.'/inc/functions.php';
2872                      require_once  MYBB_ROOT.'/inc/functions_rebuild.php';
2873  
2874                      // We've finished deleting user's posts, so let's delete the threads
2875                      if(is_array($prune_array['to_delete']) && count($prune_array['to_delete']) > 0)
2876                      {
2877                          foreach($prune_array['to_delete'] as $tid)
2878                          {
2879                              $db->delete_query("threads", "tid='$tid'");
2880                              $db->delete_query("threads", "closed='moved|$tid'");
2881                              $db->delete_query("threadsubscriptions", "tid='$tid'");
2882                              $db->delete_query("polls", "tid='$tid'");
2883                              $db->delete_query("threadsread", "tid='$tid'");
2884                              $db->delete_query("threadratings", "tid='$tid'");
2885                          }
2886                      }
2887  
2888                      // After deleting threads, rebuild the thread counters for the affected threads
2889                      if(is_array($prune_array['thread_update']) && count($prune_array['thread_update']) > 0)
2890                      {
2891                          $sql_array = implode(",", $prune_array['thread_update']);
2892                          $query = $db->simple_select("threads", "tid", "tid IN (".$sql_array.")", array('order_by' => 'tid', 'order_dir' => 'asc'));
2893                          while($thread = $db->fetch_array($query))
2894                          {
2895                              rebuild_thread_counters($thread['tid']);
2896                          }
2897                      }
2898  
2899                      // After updating thread counters, update the affected forum counters
2900                      if(is_array($prune_array['forum_update']) && count($prune_array['forum_update']) > 0)
2901                      {
2902                          $sql_array = implode(",", $prune_array['forum_update']);
2903                          $query = $db->simple_select("forums", "fid", "fid IN (".$sql_array.")", array('order_by' => 'fid', 'order_dir' => 'asc'));
2904                          while($forum = $db->fetch_array($query))
2905                          {
2906                              // Because we have a recursive array merge, check to see if there isn't a duplicated forum to update
2907                              if($looped_forum == $forum['fid'])
2908                              {
2909                                  continue;
2910                              }
2911                              $looped_forum = $forum['fid'];
2912                              rebuild_forum_counters($forum['fid']);
2913                          }
2914                      }
2915  
2916                      //log_admin_action();
2917                      my_unsetcookie("inlinemod_useracp"); // We've got our users, remove the cookie
2918                      flash_message($lang->prune_complete, 'success');
2919                      admin_redirect("index.php?module=user-users".$vid_url);
2920                  }
2921              }
2922  
2923              $page->output_header($lang->manage_users);
2924              $page->output_nav_tabs($sub_tabs, 'manage_users');
2925  
2926              // Display a table warning
2927              $table = new Table;
2928              $lang->mass_prune_info = $lang->sprintf($lang->mass_prune_info, count($selected));
2929              $table->construct_cell($lang->mass_prune_info);
2930              $table->construct_row();
2931              $table->output($lang->important);
2932  
2933              if($errors)
2934              {
2935                  $page->output_inline_error($errors);
2936              }
2937  
2938              // Display the prune options
2939              $form = new Form("index.php?module=user-users", "post");
2940              echo $form->generate_hidden_field('action', 'inline_edit');
2941              echo $form->generate_hidden_field('inline_action', 'multiprune');
2942              echo $form->generate_hidden_field('processed', '1');
2943  
2944              $form_container = new FormContainer($lang->mass_prune_posts);
2945  
2946              // Generate a list of days (1 - 31)
2947              $day_options = array();
2948              $day_options[] = "&nbsp;";
2949              for($i = 1; $i <= 31; ++$i)
2950              {
2951                  $day_options[] = $i;
2952              }
2953  
2954              // Generate a list of months (1 - 12)
2955              $month_options = array();
2956              $month_options[] = "&nbsp;";
2957              for($i = 1; $i <= 12; ++$i)
2958              {
2959                  $string = "month_{$i}";
2960                  $month_options[] = $lang->$string;
2961              }
2962              $date_box = $form->generate_select_box('day', $day_options, $mybb->input['day']);
2963              $month_box = $form->generate_select_box('month', $month_options, $mybb->input['month']);
2964              $year_box = $form->generate_numeric_field('year', $mybb->input['year'], array('id' => 'year', 'style' => 'width: 50px;', 'min' => 0));
2965  
2966              $prune_select = $date_box.$month_box.$year_box;
2967              $form_container->output_row($lang->manual_date, "", $prune_select, 'date');
2968  
2969              // Generate the set date box
2970              $set_options = array();
2971              $set_options[] = $lang->set_an_option;
2972              for($i = 1; $i <= 6; ++$i)
2973              {
2974                  $string = "option_{$i}";
2975                  $set_options[] = $lang->$string;
2976              }
2977  
2978              $form_container->output_row($lang->relative_date, "", $lang->delete_posts." ".$form->generate_select_box('set', $set_options, $mybb->input['set']), 'set');
2979              $form_container->end();
2980  
2981              $buttons[] = $form->generate_submit_button($lang->prune_posts);
2982              $form->output_submit_wrapper($buttons);
2983              $form->end();
2984              $page->output_footer();
2985              break;
2986          case 'multiusergroup':
2987              if($mybb->get_input('processed', \MyBB::INPUT_INT) === 1)
2988              {
2989                  // Determine additional usergroups
2990                  if(is_array($mybb->input['additionalgroups']))
2991                  {
2992                      foreach($mybb->input['additionalgroups'] as $key => $gid)
2993                      {
2994                          if($gid == $mybb->input['usergroup'])
2995                          {
2996                              unset($mybb->input['additionalgroups'][$key]);
2997                          }
2998                      }
2999  
3000                      $additionalgroups = implode(",", array_map('intval', $mybb->input['additionalgroups']));
3001                  }
3002                  else
3003                  {
3004                      $additionalgroups = '';
3005                  }
3006  
3007                  // Create an update array
3008                  $update_array = array(
3009                      "usergroup" => $mybb->get_input('usergroup', MyBB::INPUT_INT),
3010                      "additionalgroups" => $additionalgroups,
3011                      "displaygroup" => $mybb->get_input('displaygroup', MyBB::INPUT_INT)
3012                  );
3013  
3014                  // Create an admin_user_multiusergroup hook array
3015                  $hook_params = array(
3016                      "selected" => &$selected,
3017                      "update_array" => &$update_array
3018                  );
3019  
3020                  $hook_params = $plugins->run_hooks("admin_user_multiusergroup", $hook_params);
3021  
3022                  // Do the usergroup update for all those selected
3023                  // If the a selected user is a super admin, don't update that user
3024                  $users_to_update = array();
3025                  foreach($selected as $user)
3026                  {
3027                      if(!is_super_admin($user))
3028                      {
3029                          $users_to_update[] = $user;
3030                      }
3031                  }
3032  
3033                  $to_update_count = count($users_to_update);
3034                  if($to_update_count > 0)
3035                  {
3036                      // Update the users in the database
3037                      $sql = implode(",", $users_to_update);
3038                      $db->update_query("users", $update_array, "uid IN (".$sql.")");
3039  
3040                      // Redirect the admin...
3041                      $mybb->input['action'] = "inline_usergroup";
3042                      log_admin_action($to_update_count);
3043                      my_unsetcookie("inlinemod_useracp");
3044                      flash_message($lang->success_mass_usergroups, 'success');
3045                      admin_redirect("index.php?module=user-users".$vid_url);
3046                  }
3047                  else
3048                  {
3049                      // They tried to edit super admins! Uh-oh!
3050                      $errors[] = $lang->no_usergroup_changed;
3051                  }
3052              }
3053  
3054              $page->output_header($lang->manage_users);
3055              $page->output_nav_tabs($sub_tabs, 'manage_users');
3056  
3057              // Display a table warning
3058              $table = new Table;
3059              $lang->usergroup_info = $lang->sprintf($lang->usergroup_info, count($selected));
3060              $table->construct_cell($lang->usergroup_info);
3061              $table->construct_row();
3062              $table->output($lang->important);
3063  
3064              if($errors)
3065              {
3066                  $page->output_inline_error($errors);
3067              }
3068  
3069              // Display the usergroup options
3070              $form = new Form("index.php?module=user-users", "post");
3071              echo $form->generate_hidden_field('action', 'inline_edit');
3072              echo $form->generate_hidden_field('inline_action', 'multiusergroup');
3073              echo $form->generate_hidden_field('processed', '1');
3074  
3075              $form_container = new FormContainer($lang->mass_usergroups);
3076  
3077              // Usergroups
3078              $display_group_options[0] = $lang->use_primary_user_group;
3079              $options = array();
3080              $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
3081              while($usergroup = $db->fetch_array($query))
3082              {
3083                  $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3084                  $display_group_options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
3085              }
3086  
3087              if(!$mybb->get_input('additionalgroups', \MyBB::INPUT_ARRAY))
3088              {
3089                  $mybb->input['additionalgroups'] = explode(',', $mybb->get_input('additionalgroups'));
3090              }
3091  
3092              $form_container->output_row($lang->primary_user_group, "", $form->generate_select_box('usergroup', $options, $mybb->get_input('usergroup'), array('id' => 'usergroup')), 'usergroup');
3093              $form_container->output_row($lang->additional_user_groups, $lang->additional_user_groups_desc, $form->generate_select_box('additionalgroups[]', $options, $mybb->input['additionalgroups'], array('id' => 'additionalgroups', 'multiple' => true, 'size' => 5)), 'additionalgroups');
3094              $form_container->output_row($lang->display_user_group, "", $form->generate_select_box('displaygroup', $display_group_options, $mybb->input['displaygroup'], array('id' => 'displaygroup')), 'displaygroup');
3095  
3096              $form_container->end();
3097  
3098              $buttons[] = $form->generate_submit_button($lang->alter_usergroups);
3099              $form->output_submit_wrapper($buttons);
3100              $form->end();
3101              $page->output_footer();
3102              break;
3103      }
3104  }
3105  
3106  if(!$mybb->input['action'])
3107  {
3108      $plugins->run_hooks("admin_user_users_start");
3109  
3110      $page->output_header($lang->browse_users);
3111      echo "<script type=\"text/javascript\" src=\"jscripts/users.js\"></script>";
3112  
3113      $page->output_nav_tabs($sub_tabs, 'browse_users');
3114  
3115      if(isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']])
3116      {
3117          $admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']];
3118          unset($admin_view['extra_sql']);
3119      }
3120      else
3121      {
3122          // Showing a specific view
3123          if(isset($mybb->input['vid']))
3124          {
3125              $query = $db->simple_select("adminviews", "*", "vid='".$mybb->get_input('vid', MyBB::INPUT_INT)."'");
3126              $admin_view = $db->fetch_array($query);
3127              // View does not exist or this view is private and does not belong to the current user
3128              if(!$admin_view['vid'] || ($admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']))
3129              {
3130                  unset($admin_view);
3131              }
3132          }
3133  
3134          // Don't have a view? Fetch the default
3135          if(!isset($admin_view))
3136          {
3137              $default_view = fetch_default_view("user");
3138              if(!$default_view)
3139              {
3140                  $default_view = "0";
3141              }
3142              $query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
3143              $admin_view = $db->fetch_array($query);
3144          }
3145      }
3146  
3147      // Fetch a list of all of the views for this user
3148      $popup = new PopupMenu("views", $lang->views);
3149  
3150      $query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title"));
3151      while($view = $db->fetch_array($query))
3152      {
3153          $popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&amp;vid={$view['vid']}");
3154      }
3155      $popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&amp;action=views");
3156      $admin_view['popup'] = $popup->fetch();
3157  
3158      if(isset($mybb->input['type']))
3159      {
3160          $admin_view['view_type'] = $mybb->input['type'];
3161      }
3162  
3163      $results = build_users_view($admin_view);
3164  
3165      if(!$results)
3166      {
3167          // If we came from the home page and clicked on the "Activate Users" link, send them back to here
3168          if($admin_session['data']['from'] == "home")
3169          {
3170              flash_message($admin_session['data']['flash_message2']['message'], $admin_session['data']['flash_message2']['type']);
3171              update_admin_session('flash_message2', '');
3172              update_admin_session('from', '');
3173              admin_redirect("index.php");
3174              exit;
3175          }
3176          else
3177          {
3178              $errors[] = $lang->error_no_users_found;
3179          }
3180      }
3181  
3182      // If we have any error messages, show them
3183      if($errors)
3184      {
3185          if($inline != true)
3186          {
3187              echo "<div style=\"display: inline; float: right;\">{$admin_view['popup']}</div><br />\n";
3188          }
3189          $page->output_inline_error($errors);
3190      }
3191  
3192      echo $results;
3193  
3194      $page->output_footer();
3195  }
3196  
3197  /**
3198   * @param array $view
3199   *
3200   * @return string
3201   */
3202  function build_users_view($view)
3203  {
3204      global $mybb, $db, $cache, $lang, $user_view_fields, $page;
3205  
3206      if($view['view_type'] != 'card')
3207      {
3208          $view['view_type'] = 'table';
3209      }
3210  
3211      $view_title = '';
3212      if($view['title'])
3213      {
3214          if(isset($view['vid']))
3215          {
3216              $title_string = "view_title_{$view['vid']}";
3217  
3218              if(isset($lang->$title_string))
3219              {
3220                  $view['title'] = $lang->$title_string;
3221              }
3222          }
3223  
3224          $view_title .= " (".htmlspecialchars_uni($view['title']).")";
3225      }
3226  
3227      // Build the URL to this view
3228      if(!isset($view['url']))
3229      {
3230          $view['url'] = "index.php?module=user-users";
3231      }
3232      if(!is_array($view['conditions']))
3233      {
3234          $view['conditions'] = my_unserialize($view['conditions']);
3235      }
3236      if(!is_array($view['fields']))
3237      {
3238          $view['fields'] = my_unserialize($view['fields']);
3239      }
3240      if(!is_array($view['custom_profile_fields']))
3241      {
3242          $view['custom_profile_fields'] = my_unserialize($view['custom_profile_fields']);
3243      }
3244      if(isset($mybb->input['username']))
3245      {
3246          $view['conditions']['username'] = $mybb->input['username'];
3247          $view['url'] .= "&amp;username=".urlencode(htmlspecialchars_uni($mybb->input['username']));
3248      }
3249      if(!empty($view['vid']))
3250      {
3251          $view['url'] .= "&amp;vid={$view['vid']}";
3252      }
3253      else
3254      {
3255          // If this is a custom view we need to save everything ready to pass it on from page to page
3256          global $admin_session;
3257          if(empty($mybb->input['search_id']))
3258          {
3259              $search_id = md5(random_str());
3260              $admin_session['data']['user_views'][$search_id] = $view;
3261              update_admin_session('user_views', $admin_session['data']['user_views']);
3262              $mybb->input['search_id'] = $search_id;
3263          }
3264          $view['url'] .= "&amp;search_id=".htmlspecialchars_uni($mybb->input['search_id']);
3265      }
3266  
3267      if(!isset($admin_session['data']['last_users_view']) || $admin_session['data']['last_users_view'] != str_replace("&amp;", "&", $view['url']))
3268      {
3269          update_admin_session('last_users_url', str_replace("&amp;", "&", $view['url']));
3270      }
3271  
3272      if(isset($view['conditions']['referrer'])){
3273          $view['url'] .= "&amp;action=referrers&amp;uid=".htmlspecialchars_uni($view['conditions']['referrer']);
3274      }
3275  
3276      // Do we not have any views?
3277      if(empty($view))
3278      {
3279          return false;
3280      }
3281  
3282      $table = new Table;
3283  
3284      // Build header for table based view
3285      if($view['view_type'] != "card")
3286      {
3287          foreach($view['fields'] as $field)
3288          {
3289              if(!$user_view_fields[$field])
3290              {
3291                  continue;
3292              }
3293              $view_field = $user_view_fields[$field];
3294              $field_options = array();
3295              if($view_field['width'])
3296              {
3297                  $field_options['width'] = $view_field['width'];
3298              }
3299              if($view_field['align'])
3300              {
3301                  $field_options['class'] = "align_".$view_field['align'];
3302              }
3303              $table->construct_header($view_field['title'], $field_options);
3304          }
3305          $table->construct_header("<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this);\" />"); // Create a header for the "select" boxes
3306      }
3307  
3308      $search_sql = '1=1';
3309  
3310      // Build the search SQL for users
3311  
3312      // List of valid LIKE search fields
3313      $user_like_fields = array("username", "email", "website", "skype", "google", "signature", "usertitle");
3314      foreach($user_like_fields as $search_field)
3315      {
3316          if(!empty($view['conditions'][$search_field]) && empty($view['conditions'][$search_field.'_blank']))
3317          {
3318              $search_sql .= " AND u.{$search_field} LIKE '%".$db->escape_string_like($view['conditions'][$search_field])."%'";
3319          }
3320          else if(!empty($view['conditions'][$search_field.'_blank']))
3321          {
3322              $search_sql .= " AND u.{$search_field} != ''";
3323          }
3324      }
3325  
3326      // EXACT matching fields
3327      $user_exact_fields = array("referrer");
3328      foreach($user_exact_fields as $search_field)
3329      {
3330          if(!empty($view['conditions'][$search_field]))
3331          {
3332              $search_sql .= " AND u.{$search_field}='".$db->escape_string($view['conditions'][$search_field])."'";
3333          }
3334      }
3335  
3336      // LESS THAN or GREATER THAN
3337      $direction_fields = array("postnum", "threadnum");
3338      foreach($direction_fields as $search_field)
3339      {
3340          $direction_field = $search_field."_dir";
3341          if(isset($view['conditions'][$search_field]) && ($view['conditions'][$search_field] || $view['conditions'][$search_field] === '0') && $view['conditions'][$direction_field])
3342          {
3343              switch($view['conditions'][$direction_field])
3344              {
3345                  case "greater_than":
3346                      $direction = ">";
3347                      break;
3348                  case "less_than":
3349                      $direction = "<";
3350                      break;
3351                  default:
3352                      $direction = "=";
3353              }
3354              $search_sql .= " AND u.{$search_field}{$direction}'".$db->escape_string($view['conditions'][$search_field])."'";
3355          }
3356      }
3357  
3358      // Registration searching
3359      $reg_fields = array("regdate");
3360      foreach($reg_fields as $search_field)
3361      {
3362          if(!empty($view['conditions'][$search_field]) && (int)$view['conditions'][$search_field])
3363          {
3364              $threshold = TIME_NOW - ((int)$view['conditions'][$search_field] * 24 * 60 * 60);
3365  
3366              $search_sql .= " AND u.{$search_field} >= '{$threshold}'";
3367          }
3368      }
3369  
3370      // IP searching
3371      $ip_fields = array("regip", "lastip");
3372      foreach($ip_fields as $search_field)
3373      {
3374          if(!empty($view['conditions'][$search_field]))
3375          {
3376              $ip_range = fetch_ip_range($view['conditions'][$search_field]);
3377              if(!is_array($ip_range))
3378              {
3379                  $ip_sql = "{$search_field}=".$db->escape_binary($ip_range);
3380              }
3381              else
3382              {
3383                  $ip_sql = "{$search_field} BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]);
3384              }
3385              $search_sql .= " AND {$ip_sql}";
3386          }
3387      }
3388  
3389      // Post IP searching
3390      if(!empty($view['conditions']['postip']))
3391      {
3392          $ip_range = fetch_ip_range($view['conditions']['postip']);
3393          if(!is_array($ip_range))
3394          {
3395              $ip_sql = "ipaddress=".$db->escape_binary($ip_range);
3396          }
3397          else
3398          {
3399              $ip_sql = "ipaddress BETWEEN ".$db->escape_binary($ip_range[0])." AND ".$db->escape_binary($ip_range[1]);
3400          }
3401          $ip_uids = array(0);
3402          $query = $db->simple_select("posts", "uid", $ip_sql);
3403          while($uid = $db->fetch_field($query, "uid"))
3404          {
3405              $ip_uids[] = $uid;
3406          }
3407          $search_sql .= " AND u.uid IN(".implode(',', $ip_uids).")";
3408          unset($ip_uids);
3409      }
3410  
3411      // Custom Profile Field searching
3412      if($view['custom_profile_fields'])
3413      {
3414          $userfield_sql = '1=1';
3415          foreach($view['custom_profile_fields'] as $column => $input)
3416          {
3417              if(!preg_match('/^fid[0-9]+(_blank)?$/', $column))
3418              {
3419                  continue;
3420              }
3421  
3422              if(is_array($input))
3423              {
3424                  foreach($input as $value => $text)
3425                  {
3426                      if($value == $column)
3427                      {
3428                          $value = $text;
3429                      }
3430  
3431                      if($value == $lang->na)
3432                      {
3433                          continue;
3434                      }
3435  
3436                      if(strpos($column, '_blank') !== false)
3437                      {
3438                          $column = str_replace('_blank', '', $column);
3439                          $userfield_sql .= ' AND '.$db->escape_string($column)." != ''";
3440                      }
3441                      else
3442                      {
3443                          $userfield_sql .= ' AND '.$db->escape_string($column)."='".$db->escape_string($value)."'";
3444                      }
3445                  }
3446              }
3447              else if(!empty($input))
3448              {
3449                  if($input == $lang->na)
3450                  {
3451                      continue;
3452                  }
3453  
3454                  if(strpos($column, '_blank') !== false)
3455                  {
3456                      $column = str_replace('_blank', '', $column);
3457                      $userfield_sql .= ' AND '.$db->escape_string($column)." != ''";
3458                  }
3459                  else
3460                  {
3461                      $userfield_sql .= ' AND '.$db->escape_string($column)." LIKE '%".$db->escape_string_like($input)."%'";
3462                  }
3463              }
3464          }
3465  
3466          if($userfield_sql != '1=1')
3467          {
3468              $userfield_uids = array(0);
3469              $query = $db->simple_select("userfields", "ufid", $userfield_sql);
3470              while($userfield = $db->fetch_array($query))
3471              {
3472                  $userfield_uids[] = $userfield['ufid'];
3473              }
3474              $search_sql .= " AND u.uid IN(".implode(',', $userfield_uids).")";
3475              unset($userfield_uids);
3476          }
3477      }
3478  
3479      // Usergroup based searching
3480      if(isset($view['conditions']['usergroup']))
3481      {
3482          if(!is_array($view['conditions']['usergroup']))
3483          {
3484              $view['conditions']['usergroup'] = array($view['conditions']['usergroup']);
3485          }
3486  
3487          foreach($view['conditions']['usergroup'] as $usergroup)
3488          {
3489              $usergroup = (int)$usergroup;
3490  
3491              if(!$usergroup)
3492              {
3493                  continue;
3494              }
3495  
3496              $additional_sql = '';
3497  
3498              switch($db->type)
3499              {
3500                  case "pgsql":
3501                  case "sqlite":
3502                      $additional_sql .= " OR ','||additionalgroups||',' LIKE '%,{$usergroup},%'";
3503                      break;
3504                  default:
3505                      $additional_sql .= "OR CONCAT(',',additionalgroups,',') LIKE '%,{$usergroup},%'";
3506              }
3507          }
3508  
3509          $search_sql .= " AND (u.usergroup IN (".implode(",", array_map('intval', $view['conditions']['usergroup'])).") {$additional_sql})";
3510      }
3511  
3512      // COPPA users only?
3513      if(isset($view['conditions']['coppa']))
3514      {
3515          $search_sql .= " AND u.coppauser=1 AND u.usergroup=5";
3516      }
3517  
3518      // Extra SQL?
3519      if(isset($view['extra_sql']))
3520      {
3521          $search_sql .= $view['extra_sql'];
3522      }
3523  
3524      // Lets fetch out how many results we have
3525      $query = $db->query("
3526          SELECT COUNT(u.uid) AS num_results
3527          FROM ".TABLE_PREFIX."users u
3528          WHERE {$search_sql}
3529      ");
3530      $num_results = $db->fetch_field($query, "num_results");
3531  
3532      // No matching results then return false
3533      if(!$num_results)
3534      {
3535          return false;
3536      }
3537      // Generate the list of results
3538      else
3539      {
3540          if(!$view['perpage'])
3541          {
3542              $view['perpage'] = 20;
3543          }
3544          $view['perpage'] = (int)$view['perpage'];
3545  
3546          // Establish which page we're viewing and the starting index for querying
3547          if(!isset($mybb->input['page']))
3548          {
3549              $mybb->input['page'] = 1;
3550          }
3551          else
3552          {
3553              $mybb->input['page'] = $mybb->get_input('page', MyBB::INPUT_INT);
3554          }
3555  
3556          if($mybb->input['page'])
3557          {
3558              $start = ($mybb->input['page'] - 1) * $view['perpage'];
3559              $pages = ceil($num_results / $view['perpage']);
3560              if($mybb->input['page'] > $pages)
3561              {
3562                  $start = 0;
3563                  $mybb->input['page'] = 1;
3564              }
3565          }
3566          else
3567          {
3568              $start = 0;
3569              $mybb->input['page'] = 1;
3570          }
3571  
3572          $from_bit = "";
3573          if(isset($mybb->input['from']) && $mybb->input['from'] == "home")
3574          {
3575              $from_bit = "&amp;from=home";
3576          }
3577  
3578          switch($view['sortby'])
3579          {
3580              case "regdate":
3581              case "lastactive":
3582              case "postnum":
3583              case "reputation":
3584                  $view['sortby'] = $db->escape_string($view['sortby']);
3585                  break;
3586              case "numposts":
3587                  $view['sortby'] = "postnum";
3588                  break;
3589              case "numthreads":
3590                  $view['sortby'] = "threadnum";
3591                  break;
3592              case "warninglevel":
3593                  $view['sortby'] = "warningpoints";
3594                  break;
3595              default:
3596                  $view['sortby'] = "username";
3597          }
3598  
3599          if($view['sortorder'] != "desc")
3600          {
3601              $view['sortorder'] = "asc";
3602          }
3603  
3604          $usergroups = $cache->read("usergroups");
3605  
3606          // Fetch matching users
3607          $query = $db->query("
3608              SELECT u.*
3609              FROM ".TABLE_PREFIX."users u
3610              WHERE {$search_sql}
3611              ORDER BY {$view['sortby']} {$view['sortorder']}
3612              LIMIT {$start}, {$view['perpage']}
3613          ");
3614          $users = '';
3615          while($user = $db->fetch_array($query))
3616          {
3617              $comma = $groups_list = '';
3618              $user['username'] = htmlspecialchars_uni($user['username']);
3619              $user['view']['username'] = "<a href=\"index.php?module=user-users&amp;action=edit&amp;uid={$user['uid']}\">".format_name($user['username'], $user['usergroup'], $user['displaygroup'])."</a>";
3620              $user['view']['usergroup'] = htmlspecialchars_uni($usergroups[$user['usergroup']]['title']);
3621              if($user['additionalgroups'])
3622              {
3623                  $additional_groups = explode(",", $user['additionalgroups']);
3624  
3625                  foreach($additional_groups as $group)
3626                  {
3627                      $groups_list .= $comma.htmlspecialchars_uni($usergroups[$group]['title']);
3628                      $comma = $lang->comma;
3629                  }
3630              }
3631              if(!$groups_list)
3632              {
3633                  $groups_list = $lang->none;
3634              }
3635              $user['view']['additionalgroups'] = "<small>{$groups_list}</small>";
3636              $user['view']['email'] = "<a href=\"mailto:".htmlspecialchars_uni($user['email'])."\">".htmlspecialchars_uni($user['email'])."</a>";
3637              $user['view']['regdate'] = my_date('relative', $user['regdate']);
3638              $last_seen = max(array($user['lastactive'], $user['lastvisit']));
3639              if(!empty($last_seen))
3640              {
3641                  $user['view']['lastactive'] = my_date('relative', $last_seen);
3642              }
3643              else
3644              {
3645                  $user['view']['lastactive'] = $lang->never;
3646              }
3647  
3648              // Build popup menu
3649              $popup = new PopupMenu("user_{$user['uid']}", $lang->options);
3650              $popup->add_item($lang->view_profile, $mybb->settings['bburl'].'/'.get_profile_link($user['uid']));
3651              $popup->add_item($lang->edit_profile_and_settings, "index.php?module=user-users&amp;action=edit&amp;uid={$user['uid']}");
3652  
3653              // Banning options... is this user banned?
3654              if($usergroups[$user['usergroup']]['isbannedgroup'] == 1)
3655              {
3656                  // Yes, so do we want to edit the ban or pardon his crime?
3657                  $popup->add_item($lang->edit_ban, "index.php?module=user-banning&amp;uid={$user['uid']}#username");
3658                  $popup->add_item($lang->lift_ban, "index.php?module=user-banning&action=lift&uid={$user['uid']}&my_post_key={$mybb->post_code}");
3659              }
3660              else
3661              {
3662                  // Not banned... but soon maybe!
3663                  $popup->add_item($lang->ban_user, "index.php?module=user-banning&amp;uid={$user['uid']}#username");
3664              }
3665  
3666              if($user['usergroup'] == 5)
3667              {
3668                  if($user['coppauser'])
3669                  {
3670                      $popup->add_item($lang->approve_coppa_user, "index.php?module=user-users&amp;action=activate_user&amp;uid={$user['uid']}&amp;my_post_key={$mybb->post_code}{$from_bit}");
3671                  }
3672                  else
3673                  {
3674                      $popup->add_item($lang->approve_user, "index.php?module=user-users&amp;action=activate_user&amp;uid={$user['uid']}&amp;my_post_key={$mybb->post_code}{$from_bit}");
3675                  }
3676              }
3677  
3678              $popup->add_item($lang->delete_user, "index.php?module=user-users&amp;action=delete&amp;uid={$user['uid']}&amp;my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->user_deletion_confirmation}')");
3679              $popup->add_item($lang->show_referred_users, "index.php?module=user-users&amp;action=referrers&amp;uid={$user['uid']}");
3680              $popup->add_item($lang->show_ip_addresses, "index.php?module=user-users&amp;action=ipaddresses&amp;uid={$user['uid']}");
3681              $popup->add_item($lang->show_attachments, "index.php?module=forum-attachments&amp;results=1&amp;username=".urlencode($user['username']));
3682              $user['view']['controls'] = $popup->fetch();
3683  
3684              // Fetch the reputation for this user
3685              if($usergroups[$user['usergroup']]['usereputationsystem'] == 1 && $mybb->settings['enablereputation'] == 1)
3686              {
3687                  $user['view']['reputation'] = get_reputation($user['reputation']);
3688              }
3689              else
3690              {
3691                  $reputation = "-";
3692              }
3693  
3694              if($mybb->settings['enablewarningsystem'] != 0 && $usergroups[$user['usergroup']]['canreceivewarnings'] != 0)
3695              {
3696                  if($mybb->settings['maxwarningpoints'] < 1)
3697                  {
3698                      $mybb->settings['maxwarningpoints'] = 10;
3699                  }
3700  
3701                  $warning_level = round($user['warningpoints']/$mybb->settings['maxwarningpoints']*100);
3702                  if($warning_level > 100)
3703                  {
3704                      $warning_level = 100;
3705                  }
3706                  $user['view']['warninglevel'] = get_colored_warning_level($warning_level);
3707              }
3708  
3709              if($view['view_type'] == "card")
3710              {
3711                  $max_dimensions = '80x80';
3712              }
3713              else
3714              {
3715                  $max_dimensions = '34x34';
3716              }
3717  
3718              $avatar = format_avatar($user['avatar'], $user['avatardimensions'], $max_dimensions);
3719  
3720              $user['view']['avatar'] = "<img src=\"".$avatar['image']."\" alt=\"\" {$avatar['width_height']} />";
3721  
3722              // Convert IP's to readable
3723              $user['regip'] = my_inet_ntop($db->unescape_binary($user['regip']));
3724              $user['lastip'] = my_inet_ntop($db->unescape_binary($user['lastip']));
3725  
3726              if($view['view_type'] == "card")
3727              {
3728                  $users .= build_user_view_card($user, $view, $i);
3729              }
3730              else
3731              {
3732                  build_user_view_table($user, $view, $table);
3733              }
3734          }
3735  
3736          // If card view, we need to output the results
3737          if($view['view_type'] == "card")
3738          {
3739              $table->construct_cell($users);
3740              $table->construct_row();
3741          }
3742      }
3743  
3744      if(!isset($view['table_id']))
3745      {
3746          $view['table_id'] = "users_list";
3747      }
3748  
3749      $switch_view = "<div class=\"float_right\">";
3750      $switch_url = $view['url'];
3751      if($mybb->input['page'] > 0)
3752      {
3753          $switch_url .= "&amp;page=".$mybb->get_input('page', MyBB::INPUT_INT);
3754      }
3755      if($view['view_type'] != "card")
3756      {
3757          $switch_view .= "<strong>{$lang->table_view}</strong> | <a href=\"{$switch_url}&amp;type=card\" style=\"font-weight: normal;\">{$lang->card_view}</a>";
3758      }
3759      else
3760      {
3761          $switch_view .= "<a href=\"{$switch_url}&amp;type=table\" style=\"font-weight: normal;\">{$lang->table_view}</a> | <strong>{$lang->card_view}</strong>";
3762      }
3763      $switch_view .= "</div>";
3764  
3765      // Do we need to construct the pagination?
3766      if($num_results > $view['perpage'])
3767      {
3768          $view_type = htmlspecialchars_uni($view['view_type']);
3769          $pagination = draw_admin_pagination($mybb->input['page'], $view['perpage'], $num_results, $view['url']."&amp;type={$view_type}");
3770          $search_class = "float_right";
3771          $search_style = "";
3772      }
3773      else
3774      {
3775          $search_class = '';
3776          $search_style = "text-align: right;";
3777      }
3778  
3779      $search_action = $view['url'];
3780      // stop &username= in the query string
3781      if($view_upos = strpos($search_action, '&amp;username='))
3782      {
3783          $search_action = substr($search_action, 0, $view_upos);
3784      }
3785      $search_action = str_replace("&amp;", "&", $search_action);
3786      $search = new Form(htmlspecialchars_uni($search_action), 'post', 'search_form', 0, '', true);
3787      $built_view = $search->construct_return;
3788      $built_view .= "<div class=\"{$search_class}\" style=\"padding-bottom: 3px; margin-top: -9px; {$search_style}\">";
3789      $built_view .= $search->generate_hidden_field('action', 'search')."\n";
3790      if(isset($view['conditions']['username']))
3791      {
3792          $default_class = '';
3793          $value = $view['conditions']['username'];
3794      }
3795      else
3796      {
3797          $default_class = "search_default";
3798          $value = $lang->search_for_user;
3799      }
3800      $built_view .= $search->generate_text_box('username', htmlspecialchars_uni($value), array('id' => 'search_keywords', 'class' => "{$default_class} field150 field_small"))."\n";
3801      $built_view .= "<input type=\"submit\" class=\"search_button\" value=\"{$lang->search}\" />\n";
3802      if(!empty($view['popup']))
3803      {
3804          $built_view .= " <div style=\"display: inline\">{$view['popup']}</div>\n";
3805      }
3806      $built_view .= "<script type=\"text/javascript\">
3807          var form = $(\"#search_form\");
3808          form.on('submit', function() {
3809              var search = $('#search_keywords');
3810              if(search.val() == '' || search.val() == '".addcslashes($lang->search_for_user, "'")."')
3811              {
3812                  search.trigger('focus');
3813                  return false;
3814              }
3815          });
3816  
3817          var search = $(\"#search_keywords\");
3818          search.on('focus', function()
3819          {
3820              var searched_focus = $(this);
3821              if(searched_focus.val() == '".addcslashes($lang->search_for_user, "'")."')
3822              {
3823                  searched_focus.removeClass(\"search_default\");
3824                  searched_focus.val(\"\");
3825              }
3826          }).on('blur', function()
3827          {
3828              var searched_blur = $(this);
3829              if(searched_blur.val() == \"\")
3830              {
3831                  searched_blur.addClass('search_default');
3832                  searched_blur.val('".addcslashes($lang->search_for_user, "'")."');
3833              }
3834          });
3835  
3836          // fix the styling used if we have a different default value
3837          if(search.val() != '".addcslashes($lang->search_for_user, "'")."')
3838          {
3839              $(search).removeClass('search_default');
3840          }
3841          </script>\n";
3842      $built_view .= "</div>\n";
3843  
3844      // Autocompletion for usernames
3845      // TODO Select2
3846  
3847      $built_view .= $search->end();
3848  
3849      if(isset($pagination))
3850      {
3851          $built_view .= $pagination;
3852      }
3853      if($view['view_type'] != "card")
3854      {
3855          $checkbox = '';
3856      }
3857      else
3858      {
3859          $checkbox = "<input type=\"checkbox\" name=\"allbox\" onclick=\"inlineModeration.checkAll(this)\" /> ";
3860      }
3861      $built_view .= $table->construct_html("{$switch_view}<div>{$checkbox}{$lang->users}{$view_title}</div>", 1, "", $view['table_id']);
3862      if(isset($pagination))
3863      {
3864          $built_view .= $pagination;
3865      }
3866  
3867      $built_view .= '
3868  <script type="text/javascript" src="'.$mybb->settings['bburl'].'/jscripts/inline_moderation.js?ver=1838"></script>
3869  <form action="index.php?module=user-users" method="post">
3870  <input type="hidden" name="my_post_key" value="'.$mybb->post_code.'" />
3871  <input type="hidden" name="action" value="inline_edit" />
3872  <div class="float_right"><span class="smalltext"><strong>'.$lang->inline_edit.'</strong></span>
3873  <select name="inline_action">
3874      <option value="multiactivate">'.$lang->inline_activate.'</option>
3875      <option value="multiban">'.$lang->inline_ban.'</option>
3876      <option value="multiusergroup">'.$lang->inline_usergroup.'</option>
3877      <option value="multidelete">'.$lang->inline_delete.'</option>
3878      <option value="multiprune">'.$lang->inline_prune.'</option>
3879  </select>
3880  <input type="submit" class="submit_button inline_element" name="go" value="'.$lang->go.' (0)" id="inline_go" />&nbsp;
3881  <input type="button" onclick="javascript:inlineModeration.clearChecked();" value="'.$lang->clear.'" class="submit_button inline_element" />
3882  </div>
3883  </form>
3884  <br style="clear: both;" />
3885  <script type="text/javascript">
3886  <!--
3887      var go_text = "'.$lang->go.'";
3888      var all_text = "1";
3889      var inlineType = "user";
3890      var inlineId = "acp";
3891  // -->
3892  </script>';
3893  
3894      return $built_view;
3895  }
3896  
3897  /**
3898   * @param array $user
3899   * @param array $view
3900   * @param int $i
3901   *
3902   * @return string
3903   */
3904  function build_user_view_card($user, $view, &$i)
3905  {
3906      global $user_view_fields;
3907  
3908      ++$i;
3909      if($i == 3)
3910      {
3911          $i = 1;
3912      }
3913  
3914      // Loop through fields user wants to show
3915      foreach($view['fields'] as $field)
3916      {
3917          if(!$user_view_fields[$field])
3918          {
3919              continue;
3920          }
3921  
3922          $view_field = $user_view_fields[$field];
3923  
3924          // Special conditions for avatar
3925          if($field == "avatar")
3926          {
3927              $avatar = $user['view']['avatar'];
3928          }
3929          else if($field == "controls")
3930          {
3931              $controls = $user['view']['controls'];
3932          }
3933          // Otherwise, just user data
3934          else if($field != "username")
3935          {
3936              if(isset($user['view'][$field]))
3937              {
3938                  $value = $user['view'][$field];
3939              }
3940              else
3941              {
3942                  $value = $user[$field];
3943              }
3944  
3945              if($field == "postnum")
3946              {
3947                  $value = my_number_format($value);
3948              }
3949  
3950              $user_details[] = "<strong>{$view_field['title']}:</strong> {$value}";
3951          }
3952  
3953      }
3954      // Floated to the left or right?
3955      if($i == 1)
3956      {
3957          $float = "left";
3958      }
3959      else
3960      {
3961          $float = "right";
3962      }
3963  
3964      // And build the final card
3965      $uname = "";
3966      if(in_array('username', $view['fields']))
3967      {
3968          $uname = $user['view']['username'];
3969      }
3970      $card = "<fieldset id=\"uid_{$user['uid']}\" style=\"width: 47%; float: {$float};\">\n";
3971      $card .= "<legend><input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" /> {$uname}</legend>\n";
3972      if(!empty($avatar))
3973      {
3974          $card .= "<div class=\"user_avatar\">{$avatar}</div>\n";
3975      }
3976      if(!empty($user_details))
3977      {
3978          $card .= "<div class=\"user_details\">".implode("<br />", $user_details)."</div>\n";
3979      }
3980      if(!empty($controls))
3981      {
3982          $card .= "<div class=\"float_right\" style=\"padding: 4px;\">{$controls}</div>\n";
3983      }
3984      $card .= "</fieldset>";
3985      return $card;
3986  
3987  }
3988  
3989  /**
3990   * @param array $user
3991   * @param array $view
3992   * @param DefaultTable $table
3993   */
3994  function build_user_view_table($user, $view, &$table)
3995  {
3996      global $user_view_fields;
3997  
3998      foreach($view['fields'] as $field)
3999      {
4000          if(!$user_view_fields[$field])
4001          {
4002              continue;
4003          }
4004          $view_field = $user_view_fields[$field];
4005          $field_options = array();
4006          if(($view_field['align']))
4007          {
4008              $field_options['class'] = "align_".$view_field['align'];
4009          }
4010          if(!empty($user['view'][$field]))
4011          {
4012              $value = $user['view'][$field];
4013          }
4014          else
4015          {
4016              $value = $user[$field];
4017          }
4018  
4019          if($field == "postnum")
4020          {
4021              $value = my_number_format($user[$field]);
4022          }
4023          $table->construct_cell($value, $field_options);
4024      }
4025  
4026      $table->construct_cell("<input type=\"checkbox\" class=\"checkbox\" name=\"inlinemod_{$user['uid']}\" id=\"inlinemod_{$user['uid']}\" value=\"1\" onclick=\"$('#uid_{$user['uid']}').toggleClass('inline_selected');\" />");
4027  
4028      $table->construct_row();
4029  }
4030  
4031  /**
4032   * @param array $fields
4033   * @param array $values
4034   * @param DefaultFormContainer $form_container
4035   * @param DefaultForm $form
4036   * @param bool $search
4037   */
4038  function output_custom_profile_fields($fields, $values, &$form_container, &$form, $search=false)
4039  {
4040      global $lang, $mybb;
4041  
4042      if(!is_array($fields))
4043      {
4044          return;
4045      }
4046      foreach($fields as $profile_field)
4047      {
4048          $profile_field['name'] = htmlspecialchars_uni($profile_field['name']);
4049          $profile_field['description'] = htmlspecialchars_uni($profile_field['description']);
4050  
4051          $type_data = explode("\n", $profile_field['type'], 2);
4052          $type = $type_data[0];
4053          $options = !empty($type_data[1]) ? $type_data[1] : null;
4054  
4055          $type = trim($type);
4056          $field_name = "fid{$profile_field['fid']}";
4057  
4058          if(!isset($values[$field_name]))
4059          {
4060              $values[$field_name] = '';
4061          }
4062          if(!isset($values[$field_name.'_blank']))
4063          {
4064              $values[$field_name.'_blank'] = '';
4065          }
4066  
4067          switch($type)
4068          {
4069              case "multiselect":
4070                  $selected_options = array();
4071                  if(!is_array($values[$field_name]))
4072                  {
4073                      $user_options = explode("\n", $values[$field_name]);
4074                  }
4075                  else
4076                  {
4077                      $user_options = $values[$field_name];
4078                  }
4079  
4080  
4081                  foreach($user_options as $val)
4082                  {
4083                      $selected_options[$val] = htmlspecialchars_uni($val);
4084                  }
4085  
4086                  $select_options = explode("\n", $options);
4087                  $options = array();
4088                  if($search == true)
4089                  {
4090                      $select_options[''] = $lang->na;
4091                  }
4092  
4093                  foreach($select_options as $val)
4094                  {
4095                      $val = htmlspecialchars_uni(trim($val));
4096                      $options[$val] = $val;
4097                  }
4098                  if(!$profile_field['length'])
4099                  {
4100                      $profile_field['length'] = 3;
4101                  }
4102                  $code = $form->generate_select_box("profile_fields[{$field_name}][]", $options, $selected_options, array('id' => "profile_field_{$field_name}", 'multiple' => true, 'size' => $profile_field['length']));
4103                  break;
4104              case "select":
4105                  $select_options = array();
4106                  if($search == true)
4107                  {
4108                      $select_options[''] = $lang->na;
4109                  }
4110                  $select_options += explode("\n", $options);
4111                  $options = array();
4112                  foreach($select_options as $val)
4113                  {
4114                      $val = htmlspecialchars_uni(trim($val));
4115                      $options[$val] = $val;
4116                  }
4117                  if(!$profile_field['length'])
4118                  {
4119                      $profile_field['length'] = 1;
4120                  }
4121                  if($search == true)
4122                  {
4123                      $code = $form->generate_select_box("profile_fields[{$field_name}][{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length']));
4124                  }
4125                  else
4126                  {
4127                      $code = $form->generate_select_box("profile_fields[{$field_name}]", $options, htmlspecialchars_uni($values[$field_name]), array('id' => "profile_field_{$field_name}", 'size' => $profile_field['length']));
4128                  }
4129                  break;
4130              case "radio":
4131                  $radio_options = array();
4132                  if($search == true)
4133                  {
4134                      $radio_options[''] = $lang->na;
4135                  }
4136                  $radio_options += explode("\n", $options);
4137                  $code = '';
4138                  foreach($radio_options as $val)
4139                  {
4140                      $val = trim($val);
4141                      $code .= $form->generate_radio_button("profile_fields[{$field_name}]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => ($val == $values[$field_name] ? true : false)))."<br />";
4142                  }
4143                  break;
4144              case "checkbox":
4145                  $select_options = array();
4146                  if(!is_array($values[$field_name]))
4147                  {
4148                      $user_options = explode("\n", $values[$field_name]);
4149                  }
4150                  else
4151                  {
4152                      $user_options = $values[$field_name];
4153                  }
4154  
4155                  $selected_options = array();
4156                  foreach($user_options as $val)
4157                  {
4158                      $selected_options[$val] = $val;
4159                  }
4160  
4161                  if($search == true)
4162                  {
4163                      $select_options[''] = $lang->na;
4164                  }
4165                  $select_options += explode("\n", $options);
4166                  $code = '';
4167                  foreach($select_options as $val)
4168                  {
4169                      $val = trim($val);
4170                      $code .= $form->generate_check_box("profile_fields[{$field_name}][]", $val, htmlspecialchars_uni($val), array('id' => "profile_field_{$field_name}", 'checked' => (isset($selected_options[$val]) && $val == $selected_options[$val] ? true : false)))."<br />";
4171                  }
4172                  break;
4173              case "textarea":
4174                  $extra = '';
4175                  if(isset($mybb->input['action']) && $mybb->input['action'] == "search")
4176                  {
4177                      $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank']));
4178                  }
4179  
4180                  $code = $form->generate_text_area("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'rows' => 6, 'cols' => 50)).$extra;
4181                  break;
4182              default:
4183                  $extra = '';
4184                  if(isset($mybb->input['action']) && $mybb->input['action'] == "search")
4185                  {
4186                      $extra = " {$lang->or} ".$form->generate_check_box("profile_fields[{$field_name}_blank]", 1, $lang->is_not_blank, array('id' => "{$field_name}_blank", 'checked' => $values[$field_name.'_blank']));
4187                  }
4188  
4189                  $code = $form->generate_text_box("profile_fields[{$field_name}]", $values[$field_name], array('id' => "profile_field_{$field_name}", 'maxlength' => $profile_field['maxlength'], 'length' => $profile_field['length'])).$extra;
4190                  break;
4191          }
4192  
4193          $form_container->output_row($profile_field['name'], $profile_field['description'], $code, "", array('id' => "profile_field_{$field_name}"));
4194          $code = $user_options = $selected_options = $radio_options = $val = $options = '';
4195      }
4196  }
4197  
4198  /**
4199   * @param array $input
4200   * @param DefaultForm $form
4201   */
4202  function user_search_conditions($input, &$form)
4203  {
4204      global $mybb, $db, $lang;
4205  
4206      if(!$input)
4207      {
4208          $input = $mybb->input;
4209      }
4210  
4211      if(empty($input['conditions']))
4212      {
4213          $input['conditions'] = array();
4214      }
4215  
4216      if(!is_array($input['conditions']))
4217      {
4218          $input['conditions'] = (array)my_unserialize($input['conditions']);
4219      }
4220  
4221      $array = array('username', 'email', 'usergroup', 'website', 'website_blank', 'skype', 'skype_blank', 'google', 'google_blank', 'signature', 'signature_blank', 'usertitle', 'usertitle_blank', 'postnum_dir', 'postnum', 'threadnum_dir', 'threadnum', 'regdate', 'regip', 'lastip', 'postip');
4222      foreach($array as $condition)
4223      {
4224          if(!isset($input['conditions'][$condition]))
4225          {
4226              $input['conditions'][$condition] = '';
4227          }
4228      }
4229  
4230      if(empty($input['profile_fields']))
4231      {
4232          $input['profile_fields'] = array();
4233      }
4234  
4235      if(!is_array($input['profile_fields']))
4236      {
4237          $input['profile_fields'] = (array)my_unserialize($input['profile_fields']);
4238      }
4239  
4240      if(empty($input['fields']))
4241      {
4242          $input['fields'] = array();
4243      }
4244  
4245      if(!is_array($input['fields']))
4246      {
4247          $input['fields'] = (array)my_unserialize($input['fields']);
4248      }
4249  
4250      $form_container = new FormContainer($lang->find_users_where);
4251      $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', htmlspecialchars_uni($input['conditions']['username']), array('id' => 'username')), 'username');
4252      $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email');
4253  
4254      $options = array();
4255      $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
4256      while($usergroup = $db->fetch_array($query))
4257      {
4258          $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
4259      }
4260  
4261      $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups');
4262  
4263      $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website'))." {$lang->or} ".$form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website');
4264      $form_container->output_row($lang->skype_contains, "", $form->generate_text_box('conditions[skype]', $input['conditions']['skype'], array('id' => 'skype'))." {$lang->or} ".$form->generate_check_box('conditions[skype_blank]', 1, $lang->is_not_blank, array('id' => 'skype_blank', 'checked' => $input['conditions']['skype_blank'])), 'skype');
4265      $form_container->output_row($lang->google_contains, "", $form->generate_text_box('conditions[google]', $input['conditions']['google'], array('id' => 'google'))." {$lang->or} ".$form->generate_check_box('conditions[google_blank]', 1, $lang->is_not_blank, array('id' => 'google_blank', 'checked' => $input['conditions']['google_blank'])), 'google');
4266      $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature'))." {$lang->or} ".$form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature');
4267      $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle'))." {$lang->or} ".$form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle');
4268      $greater_options = array(
4269          "greater_than" => $lang->greater_than,
4270          "is_exactly" => $lang->is_exactly,
4271          "less_than" => $lang->less_than
4272      );
4273      $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir'))." ".$form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts');
4274      $form_container->output_row($lang->thread_count_is, "", $form->generate_select_box('conditions[threadnum_dir]', $greater_options, $input['conditions']['threadnum_dir'], array('id' => 'numthreads_dir'))." ".$form->generate_text_box('conditions[threadnum]', $input['conditions']['threadnum'], array('id' => 'numthreads')), 'numthreads');
4275  
4276      $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')).' '.$lang->days, 'regdate');
4277      $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip');
4278      $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip');
4279      $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip');
4280  
4281      $form_container->end();
4282  
4283      // Custom profile fields go here
4284      $form_container = new FormContainer($lang->custom_profile_fields_match);
4285  
4286      // Fetch custom profile fields
4287      $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
4288  
4289      $profile_fields = array(
4290          'required' => array(),
4291          'optional' => array(),
4292      );
4293      while($profile_field = $db->fetch_array($query))
4294      {
4295          if($profile_field['required'] == 1)
4296          {
4297              $profile_fields['required'][] = $profile_field;
4298          }
4299          else
4300          {
4301              $profile_fields['optional'][] = $profile_field;
4302          }
4303      }
4304  
4305      output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true);
4306      output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true);
4307  
4308      $form_container->end();
4309  
4310      // Autocompletion for usernames
4311      echo '
4312  <link rel="stylesheet" href="../jscripts/select2/select2.css">
4313  <script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script>
4314  <script type="text/javascript">
4315  <!--
4316  $("#username").select2({
4317      placeholder: "'.$lang->search_for_a_user.'",
4318      minimumInputLength: 2,
4319      multiple: false,
4320      ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
4321          url: "../xmlhttp.php?action=get_users",
4322          dataType: \'json\',
4323          data: function (term, page) {
4324              return {
4325                  query: term // search term
4326              };
4327          },
4328          results: function (data, page) { // parse the results into the format expected by Select2.
4329              // since we are using custom formatting functions we do not need to alter remote JSON data
4330              return {results: data};
4331          }
4332      },
4333      initSelection: function(element, callback) {
4334          var query = $(element).val();
4335          if (query !== "") {
4336              $.ajax("../xmlhttp.php?action=get_users&getone=1", {
4337                  data: {
4338                      query: query
4339                  },
4340                  dataType: "json"
4341              }).done(function(data) { callback(data); });
4342          }
4343      }
4344  });
4345  // -->
4346  </script>';
4347  }
4348  
4349  /**
4350   * @param int $source_uid
4351   * @param int $destination_uid
4352   */
4353  function merge_thread_ratings($source_uid, $destination_uid)
4354  {
4355      global $db;
4356  
4357      $source_ratings = $dest_threads = $delete_list = $decrement_list = array();
4358  
4359      // Get all thread ratings from both accounts
4360      $query = $db->simple_select('threadratings', 'tid, uid, rid, rating', "uid IN ({$destination_uid}, {$source_uid})");
4361      while($rating = $db->fetch_array($query))
4362      {
4363          if($rating['uid'] == $destination_uid)
4364          {
4365              $dest_threads[] = $rating['tid'];
4366          }
4367          else
4368          {
4369              $source_ratings[] = $rating;
4370          }
4371      }
4372  
4373      // If there are duplicates, mark them for deletion
4374      foreach($source_ratings as $rating)
4375      {
4376          if(in_array($rating['tid'], $dest_threads))
4377          {
4378              $delete_list[] = $rating['rid'];
4379              $decrement_list[$rating['tid']][] = (int) $rating['rating'];
4380          }
4381      }
4382  
4383      // Attribute all of the source user's ratings to the destination user
4384      $db->update_query("threadratings", array("uid" => $destination_uid), "uid='{$source_uid}'");
4385  
4386      // Remove ratings previously given to recently acquired threads
4387      $query = $db->query("
4388          SELECT tr.rid, tr.rating, t.tid
4389          FROM {$db->table_prefix}threadratings tr
4390          LEFT JOIN {$db->table_prefix}threads t ON (t.tid=tr.tid)
4391          WHERE tr.uid='{$destination_uid}' AND tr.uid=t.uid
4392      ");
4393      while($rating = $db->fetch_array($query))
4394      {
4395          $delete_list[] = $rating['rid'];
4396          $decrement_list[$rating['tid']][] = (int) $rating['rating'];
4397      }
4398  
4399      // Delete the duplicate/disallowed ratings
4400      if(!empty($delete_list))
4401      {
4402          $imp = implode(',', $delete_list);
4403          $db->delete_query('threadratings', "rid IN ({$imp})");
4404      }
4405  
4406      // Correct the thread rating counters
4407      if(!empty($decrement_list))
4408      {
4409          foreach($decrement_list as $tid => $ratings)
4410          {
4411              if(is_array($ratings))
4412              {
4413                  $db->update_query('threads', array('numratings' => 'numratings-'.count($ratings), 'totalratings' => 'totalratings-'.array_sum($ratings)), "tid='{$tid}'", 1, true);
4414              }
4415          }
4416      }
4417  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref